Add test for mbedtls_x509write_crt_set_ext_key_usage, and fix reversed order
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index 9cb3dd4..3242232 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -238,6 +238,7 @@
char *issuer_pwd, char *issuer_name,
char *serial_str, char *not_before, char *not_after,
int md_type, int key_usage, int set_key_usage,
+ char *ext_key_usage,
int cert_type, int set_cert_type, int auth_ident,
int ver, char *cert_check_file, int pk_wrap, int is_ca,
char *cert_verify_file )
@@ -346,6 +347,24 @@
TEST_ASSERT( mbedtls_x509write_crt_set_key_usage( &crt, key_usage ) == 0 );
if( set_cert_type != 0 )
TEST_ASSERT( mbedtls_x509write_crt_set_ns_cert_type( &crt, cert_type ) == 0 );
+ if( strcmp( ext_key_usage, "NULL" ) != 0 )
+ {
+ mbedtls_asn1_sequence exts[2] = { };
+#define SET_OID(x, oid) \
+ do { x.len = MBEDTLS_OID_SIZE(oid); x.p = (unsigned char*)oid; \
+ x.tag = MBEDTLS_ASN1_OID; } while( 0 )
+ if( strcmp( ext_key_usage, "serverAuth" ) == 0 )
+ {
+ SET_OID( exts[0].buf, MBEDTLS_OID_SERVER_AUTH );
+ }
+ else if( strcmp( ext_key_usage, "codeSigning,timeStamping" ) == 0 )
+ {
+ SET_OID( exts[0].buf, MBEDTLS_OID_CODE_SIGNING );
+ exts[0].next = &exts[1];
+ SET_OID( exts[1].buf, MBEDTLS_OID_TIME_STAMPING );
+ }
+ TEST_ASSERT( mbedtls_x509write_crt_set_ext_key_usage( &crt, exts ) == 0 );
+ }
}
ret = mbedtls_x509write_crt_pem( &crt, buf, sizeof( buf ),