Add test case for first intermediate max_pathlen=0 !!! This test case is currently failing !!! (See fix in next-next commit.) Test certificates generated with the following script: (using mbed TLS 2.2 as 1.2 does not hove those programs) programs/pkey/gen_key type=rsa filename=cert81.key programs/pkey/gen_key type=rsa filename=cert82.key programs/pkey/gen_key type=rsa filename=cert83.key programs/x509/cert_write serial=81 output_file=cert81.crt is_ca=1 \ issuer_key=cert81.key issuer_name="CN=Root 8,O=mbed TLS,C=UK" \ selfsign=1 programs/x509/cert_write serial=82 output_file=cert82.crt is_ca=1 \ issuer_key=cert81.key issuer_name="CN=Root 8,O=mbed TLS,C=UK" \ subject_key=cert82.key subject_name="CN=Int 82,O=mbed TLS,C=UK" \ max_pathlen=0 programs/x509/cert_write serial=83 output_file=cert83.crt \ issuer_key=cert82.key issuer_name="CN=Int 82,O=mbed TLS,C=UK" \ subject_key=cert83.key subject_name="CN=EE 83,O=mbed TLS,C=UK"

commit: cec3289659fc75b00d828e303a236eda73331a35 [log] [tgz]
author: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Wed Dec 02 10:22:14 2015 +0100
committer: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Wed Dec 02 12:04:49 2015 +0100
tree: c3f08ce2119a24185573fb0d7399d38577e3286e
parent: 0d1cf0fec1e315e44b069b659e3c7d500bcd4826 [diff]
diff --git a/tests/data_files/dir4/Readme b/tests/data_files/dir4/Readme
index 5732a64..7217b75 100644
--- a/tests/data_files/dir4/Readme
+++ b/tests/data_files/dir4/Readme

@@ -36,3 +36,7 @@
 cert71.crt (max_pathlen=1) -> cert72.crt -> cert73.crt (self signed) -> cert74.crt -> cert74.crt
 ```
 
+8. zero pathlen constraint on first intermediate CA (valid)
+```
+cert81.crt -> cert82.crt (max_pathlen=0) -> cert83.crt
+```

diff --git a/tests/data_files/dir4/cert81.crt b/tests/data_files/dir4/cert81.crt
new file mode 100644
index 0000000..872ee5f
--- /dev/null
+++ b/tests/data_files/dir4/cert81.crt

@@ -0,0 +1,30 @@
+-----BEGIN CERTIFICATE-----
+MIIFLTCCAxWgAwIBAgIBUTANBgkqhkiG9w0BAQsFADAxMQ8wDQYDVQQDEwZSb290
+IDgxETAPBgNVBAoTCG1iZWQgVExTMQswCQYDVQQGEwJVSzAeFw0wMTAxMDEwMDAw
+MDBaFw0zMDEyMzEyMzU5NTlaMDExDzANBgNVBAMTBlJvb3QgODERMA8GA1UEChMI
+bWJlZCBUTFMxCzAJBgNVBAYTAlVLMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
+CgKCAgEArKO4Ndobhi6au/7cpFGVvmWCfzefTesdHvScjQDInIctC5xHrmJ5C0rL
+GL/M01+I/lDFZW8yWI63+W3mlJihredjaDQ5VeQH0xbWD9FMxFWFpS5Y2W56ZhF9
+Xk/YPDBsW2stXD8+VrPXc3tYm0lM/BvzdpiUAmNC7WhR5YSKu4EebRIFO/0qas/Y
+auhEusZwM6qWK3rEWN8eZrzb2LcOrXtCpgDcCOKnTM/rlLK/cKpLJvGAgvBXJfFH
+nXFKo12qNqPOipeS+lfO9SRZmLROAbeU2wjDoWpMGwxf6znMxVIAdMOS1btgIxrx
+8pI5ZAtOFOU/nRsbPxRreKFiIY8dDPozyBAHgJB2qDYCa7+G4WlzEScXUjgn+mzr
+dfORJzuh4UJvO3naaY73265+//cTOPOB7OpSLgV/vcQwqmUrxrOk9I1Eal6lJ9xI
+2QmEB0zbVQkf8TkBOk5VtCZJTU++E17ScbslqPsjIJ4V926d1BcT22g7kTjGk3/y
+yOIf2WF83lMZL/IzT7JuwtrzU7ijUsXOswPZiiOLc3Ca/zx8WTfmEIlXtRpbzFm4
+jNrNfMHzBDO8Q76o+pJJxjT8u0wcR/F549tq8C01K3c80KOyVtQmjo+Bvtq3vzDH
+pQtn5nChRs/cWsxUOak2YtePCyz2iKiB2RyE4wP4mUvNI4Jm+osCAwEAAaNQME4w
+DAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUYRnWQkCijfeUVCCX3Tg1Ffu67gMwHwYD
+VR0jBBgwFoAUYRnWQkCijfeUVCCX3Tg1Ffu67gMwDQYJKoZIhvcNAQELBQADggIB
+AICQv0m4wRhjaiVr/o8KS/H7SZBPTD8H601YhcHeCwAxnzmiMRKFNq1u4IM4vPoO
+HfZzwlI4T3clIS5OA9p2qa1YKK1+tTiCEHK3pNKLH+Z5Gts6S6mnwC3ead5ky1Po
+8li1wi0BTA+hAVJQbQ4Qr4FdxS8zeEAdqzNSjyAY+BBgwpUs8LSRQ4PRqFz9xg3V
+QltpW6ddZ2Pf5xRhor4SfmKA6e8GbJea7bTCf+r/PWH6z1Zg0OxqaiWdlhzX9dBz
+0UqEqGMYpEHYZsq1hy7Sqf34IdSbe2L55QCezhpmXTilE3OBXd9JmQuJSWi0aMeY
+N0Q7ahGLIgeV4fFCbk1zmYrWeqkFMk2TWo3QY+0sjzeUKhZ6UszkS5jWglGfh6Dp
+4qqJCxhDORXrnVw4cu9LsiTzixjy/LXLCYhl74fo5NTBmUGkDGTqezDVb/72mJ/z
+ojrTJQTJxQzSG8MWeKzyOzj91L76syYnV4uYxYLakCjtSQf59R2Og6x6fP3CqkHL
+zeF4PUhsJLZhqIQaDKjYJYA1KkKdp2ELFQfhDnYEHt3JpjqaVMSdFtvoINsoIRBr
+ZxLIwi1YLTbIOrkzX3gfA84wo7RTyyLuR1PKTD1CnfbL3FYT/cPlbBN05Qi3CDWE
+YHCwwv5IYVr/H8GHdzE9GBDfsc4ysdTNA/5hVScjaUKV
+-----END CERTIFICATE-----

diff --git a/tests/data_files/dir4/cert82.crt b/tests/data_files/dir4/cert82.crt
new file mode 100644
index 0000000..6404a81
--- /dev/null
+++ b/tests/data_files/dir4/cert82.crt

@@ -0,0 +1,30 @@
+-----BEGIN CERTIFICATE-----
+MIIFMDCCAxigAwIBAgIBUjANBgkqhkiG9w0BAQsFADAxMQ8wDQYDVQQDEwZSb290
+IDgxETAPBgNVBAoTCG1iZWQgVExTMQswCQYDVQQGEwJVSzAeFw0wMTAxMDEwMDAw
+MDBaFw0zMDEyMzEyMzU5NTlaMDExDzANBgNVBAMTBkludCA4MjERMA8GA1UEChMI
+bWJlZCBUTFMxCzAJBgNVBAYTAlVLMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
+CgKCAgEAmN5BP/pOVSUVdL3Jbk7+lRd0Y26Jy4LKrAAHij9uXezh9Akis1Tlm727
+dNQzADmasawiC8uvpNnfxkGg0RTL+EQEJfRj9euy81A6wO0i5GrvCMHp2hadTyIg
+uKZDU7ai7uIJFj861qnRZfQ5peIa/PohpwZsusnibEwCGdyWNiHvK3hGpX2rcYpq
+FvROCCbxu2TCTJWNQM6tYN3rxsXcLRickhmchzx6Wozs4kgWHNNOD+MdWTaTp3xw
+dtN6CXVzLMEmX78ew7iXEUlx7R7HjjLzoGhoJt7EGyO1pN34wHYe96sqHXTyNpdF
+qz+NoQ9om7vlc7MPvmHZ+h9rsFGDEUOh9cQuE7UO/duYu3M2BsD6mY1l/IGqW1sy
+tK7dVkDp8tCsswOJk3eOFDlpG9FcdSpj85UgAKKjHC5Lgo1mYB39TrObipC5ZMha
+Thye43MwWCYgKZwusfht7yelbOldYNdHvKjN+Fq400keL9rJW7/owL8rFLXTTDPf
+J/m1B5JTHI1jiSoRQXYW8pekp7QNIGs3nd/DP253iY8mpjOa4YlkDEW5mnsvbQ+/
+kI0s8yEAE2B6HPDUxq4Ba2cOdACAw7mmS5nFfhXOeLLTBMKFY8LRnUFCoGqFOjAa
+pUWqG2SSUIiO6+0FyhzHKekfgMxalnvq7NCmLcgVnsTggjM+PBUCAwEAAaNTMFEw
+DwYDVR0TBAgwBgEB/wIBADAdBgNVHQ4EFgQUtJce2q6EIHiXZsj8FI+08sd4nVYw
+HwYDVR0jBBgwFoAUYRnWQkCijfeUVCCX3Tg1Ffu67gMwDQYJKoZIhvcNAQELBQAD
+ggIBAFhANetbhFgAZut3DRwfQ0zCV506nW5Moi+JUF5is7j88PYt2FboNpUyuG4s
+GqVtYnf3V0YFxLJ9qOi3bj1Ubpawbpz2Om4A+InioFvzTv6v2mqPq/sNtBDUmVyG
+kCcCeFO20XzRFHHEH7jZG3fOuTc+L1fKSAa2k5muTq7dImFQmLqpwrfAjEfGQIPa
+L1o2RTmKQuW6kIjzStkrqpAyBLcVTqg138L777VYD+vvT8uP2CQXu66jtyZCkqQ4
+BXFt7GoLy+RFbm3TAV77dQQ/VQYS9a2EpKNcKu/gFXaJJQm1PjNugOFdejU9u7zE
+tGf12IO/qdN7J+c/foS8c0KWHTQ9BUR3ma8gv8pioJUqHgKl1RexxNt92wi8t1Z3
+oVPvUV0GQXLZTWcHTS/D/r+jgV3K2hfLmJ3iS53X3lUfcBbnFF+BarkjFQKseblk
+SAMyzwdLFLRHkdFwAoATmPmakdMYRE4BBZszIO4UVI4VarKicTvJobRxECJPJoOy
+XHz/Dlr5r2GQm2EFVKDoU4WCJZwtHScyJEm63q/63vByB0fprzyKXgPFVWd+YpiZ
+RmngoEuvgm3VoV6hzVe7AIJm4FpErbPh7mDzVoFXaS7NoeasxF6BJKu9UBhb3Gqa
+hFy1SV7PVCj2OqleYahCeolG2md2UG/zFUuy8WB7gM9z9y3M
+-----END CERTIFICATE-----

diff --git a/tests/data_files/dir4/cert83.crt b/tests/data_files/dir4/cert83.crt
new file mode 100644
index 0000000..d847e5b
--- /dev/null
+++ b/tests/data_files/dir4/cert83.crt

@@ -0,0 +1,30 @@
+-----BEGIN CERTIFICATE-----
+MIIFKTCCAxGgAwIBAgIBUzANBgkqhkiG9w0BAQsFADAxMQ8wDQYDVQQDEwZJbnQg
+ODIxETAPBgNVBAoTCG1iZWQgVExTMQswCQYDVQQGEwJVSzAeFw0wMTAxMDEwMDAw
+MDBaFw0zMDEyMzEyMzU5NTlaMDAxDjAMBgNVBAMTBUVFIDgzMREwDwYDVQQKEwht
+YmVkIFRMUzELMAkGA1UEBhMCVUswggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
+AoICAQC+qbmHo5HKBMZWIwmdc8Ogpc2BiiWN8Coyhysoas6M0bYfj/vxawJ2pGt8
+A+23rU+wnj1vwiWjfembEdlpnucfOdARzWE+sbno68Jmm3AXwLdwmnia90Oyc/+f
+4T7SApLFB3rsgVOszhaPBtP9SrLlIrYPz/0b2ISjaL4NLWS+7/nVvSbrqnykveAx
+tDgi6EjZ2OvVsQVdXQT++lEU5XfaISrKrexkvyEm9OZ1+bkEOmN72wcTP/zjoiUf
+y5Xa2rIftHytUjHYSNDov2RJlSEE4HyFCLFZcMQUAODuowgTeKZo69WAZuBqWUTz
+JW2VNdnbS4FvrlS1hKpsaOe9SUMs29WRf/hJdYFZHkcMNPkatk3TiHjyeWXIjhHu
+VotnxM8N9CmZupWAAiHblUKZSLhLlE2l66sktzEgaG/pWNbSSSKfxQ+5icd0Fw32
+38SR5r5igosRrqkqEnT8t5IowSaA/Vq3ptTiUZQpOw8A8l0Ucmz/PaYpX20QXnzu
+5oc7rkg8tVJh4dQJ0xpx62I+NYc+bmbZ/C8m24vfWxef8moAvYVdC+84Pw89dyQg
+rlityVaeF25c4sNBn1NuFN4i1c6Y63k/eHFv6U1njolt5vlsBeQVJiKIakfmWqJc
+stNO0+Yu9HjRMNnIncpN4bKfQd2/SKNhtzuhNKsmL7a/MDbQzQIDAQABo00wSzAJ
+BgNVHRMEAjAAMB0GA1UdDgQWBBT/aycha/auJRZb6S6NQxIBiLOrPDAfBgNVHSME
+GDAWgBS0lx7aroQgeJdmyPwUj7Tyx3idVjANBgkqhkiG9w0BAQsFAAOCAgEAh17e
+4M8Ouj+Jz0abqrpFqQ+RMOP5QbtA0XdO+EsAJVM9esDHtAft4gXoWBFAHuwm1UQt
+TNoEF29HfXYHLrbPhZhlua1xPP14RkIZWDzjxjU1six4+3GWX8/SQvBrlzg9nmnI
++MQpdfuEne/bRHcYW/F3pNngkHxgPLkibDGHyaW50WyjglZzQsEj1T+hIBDHxtMx
+5FhyKlfUMZV7zHrNUVlJVhMxuTUhaTtEUAsOcG3HhnK7pYenh8BV2KH4ZEwhoSJa
+KkJlU/490HpyTMDls2sfbINXYGJdg4Qn1a6drfgW5GGxuRrZu61V7MRX61RXE/vE
+1Q5o/AhJsedcY7eC2knlZWVypcWNY2MDmunpTOlnmCLoj9wPLjHqb/WtPi7lQmdx
+eMhh7dbAF0k6T/71OdRLRQxLQBoU8z5Ae7csvrnyyZnbDlyVFYFVx21BPhwh09AP
+DhX46t1wtXi3hZQxOUeve8KR2cO7fBSoLdakgbv7JJaSN9TJ50SQmGawQTLROIKk
+GDK+maY+K4jtCYjLw4UvFZZLm7VHoLRtFUMmGUWnqO8dDQQRi4Ftu2pUS8HBhEMw
+CRATi5ww7V+lidHhtKgti/wkUGWNia2aYYgt8yKlF/eoaDRVRMlOhoCoMbeUlMFt
+M8Wytap8IX3+XKdVxO8VxwLFt5gxIO6HWkNDRS4=
+-----END CERTIFICATE-----

diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data
index 4e86c4b..9446b5f 100644
--- a/tests/suites/test_suite_x509parse.data
+++ b/tests/suites/test_suite_x509parse.data

@@ -390,6 +390,10 @@
 depends_on:POLARSSL_PEM_C:POLARSSL_FS_IO:POLARSSL_SHA2_C
 x509_crt_verify_chain:"data_files/dir4/cert61.crt data_files/dir4/cert63.crt data_files/dir4/cert62.crt":"data_files/dir4/cert61.crt":0
 
+X509 CRT verify chain #9 (self signed maxpathlen root)
+depends_on:POLARSSL_PEM_C:POLARSSL_FS_IO:POLARSSL_SHA2_C
+x509_crt_verify_chain:"data_files/dir4/cert83.crt data_files/dir4/cert82.crt":"data_files/dir4/cert81.crt":0
+
 X509 Parse Selftest
 depends_on:POLARSSL_MD5_C:POLARSSL_PEM_C:POLARSSL_SELF_TEST
 x509_selftest:
commit	cec3289659fc75b00d828e303a236eda73331a35	[log] [tgz]
author	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Wed Dec 02 10:22:14 2015 +0100
committer	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Wed Dec 02 12:04:49 2015 +0100
tree	c3f08ce2119a24185573fb0d7399d38577e3286e
parent	0d1cf0fec1e315e44b069b659e3c7d500bcd4826 [diff]