Fixes

- Fix challengePw copy in ReqCertFromX509 - Proper header length in wolfSSL_PEM_X509_X509_CRL_X509_PKEY_read_bio - Special case for extended key usage in wolfSSL_OBJ_cmp - Numerical input in wolfSSL_OBJ_txt2obj can just be encoded with EncodePolicyOID. Searching for the sum can return wrong values since they are not unique.
2020-09-10 14:38:26 +02:00
parent b808124a47
commit 6a635b339c
2 changed files with 79 additions and 14 deletions
--- a/tests/api.c
+++ b/tests/api.c
@@ -37890,6 +37890,13 @@ static void test_wolfSSL_d2i_X509_REQ(void)
 {
    const char* csrFile = "./certs/csr.signed.der";
    const char* csrPopFile = "./certs/csr.attr.der";
+    /* ./certs/csr.dsa.pem is generated using
+     * openssl req -newkey dsa:certs/dsaparams.pem \
+     *     -keyout certs/csr.dsa.key.pem -keyform PEM -out certs/csr.dsa.pem \
+     *     -outform PEM
+     * with the passphrase "wolfSSL"
+     */
+    const char* csrDsaFile = "./certs/csr.dsa.pem";
    BIO* bio = NULL;
    X509* req = NULL;
    EVP_PKEY *pub_key = NULL;
@@ -37930,6 +37937,23 @@ static void test_wolfSSL_d2i_X509_REQ(void)
         */
        AssertIntGE(X509_REQ_get_attr_by_NID(req, NID_pkcs9_challengePassword, -1), 0);

+        X509_free(req);
+        BIO_free(bio);
+    }
+    {
+        AssertNotNull(bio = BIO_new_file(csrDsaFile, "rb"));
+        AssertNotNull(PEM_read_bio_X509_REQ(bio, &req, NULL, NULL));
+
+        /*
+         * Extract the public key from the CSR
+         */
+        AssertNotNull(pub_key = X509_REQ_get_pubkey(req));
+
+        /*
+         * Verify the signature in the CSR
+         */
+        AssertIntEQ(X509_REQ_verify(req, pub_key), 1);
+
        X509_free(req);
        BIO_free(bio);
    }