1 #include <boost/test/unit_test.hpp>
3 #include <openssl/err.h>
7 #include "crypto/X509.h"
9 BOOST_AUTO_TEST_SUITE( TestX509Req )
11 BOOST_AUTO_TEST_CASE( CSR ) {
12 // Testing a valid CSR
13 std::shared_ptr<X509Req> req( X509Req::parseCSR( readFile( "testdata/test.csr" ) ) );
15 BOOST_CHECK( req->verify() == 1 );
16 BOOST_REQUIRE( ERR_peek_error() == 0 );
18 // Testing a CSR, where the signature content has been tampered with
19 req = std::shared_ptr<X509Req>( X509Req::parseCSR( readFile( "testdata/test_false_sig.csr" ) ) );
21 BOOST_CHECK( req->verify() == 0 );
22 BOOST_REQUIRE( ERR_get_error() != 0 ); // RSA_padding_check_PKCS1_type_1:block type is not 01
23 BOOST_REQUIRE( ERR_get_error() != 0 ); // RSA_EAY_PUBLIC_DECRYPT:padding check failed
24 BOOST_REQUIRE( ERR_get_error() != 0 ); // ASN1_item_verify:EVP lib
25 BOOST_REQUIRE( ERR_get_error() == 0 );
27 // Testing a CSR, where the signature OID is something strange
28 req = std::shared_ptr<X509Req>( X509Req::parseCSR( readFile( "testdata/test_invalid_sig.csr" ) ) );
30 BOOST_CHECK( req->verify() < 0 );
31 BOOST_REQUIRE( ERR_get_error() != 0 ); // ASN1_item_verify:unknown signature algorithm
32 BOOST_REQUIRE( ERR_get_error() == 0 );
35 BOOST_AUTO_TEST_CASE( SPKAC ) {
36 // Testing a valid SPKAC
37 std::shared_ptr<X509Req> req( X509Req::parseSPKAC( readFile( "testdata/test.spkac" ) ) );
39 BOOST_CHECK( req->verify() == 1 );
41 // Testing a SPKAC, where the signature content has been tampered with
42 req = std::shared_ptr<X509Req>( X509Req::parseSPKAC( readFile( "testdata/test_false_sig.spkac" ) ) );
44 BOOST_CHECK( req->verify() == 0 );
46 // Testing a SPKAC, where the signature OID is something strange
47 req = std::shared_ptr<X509Req>( X509Req::parseSPKAC( readFile( "testdata/test_invalid_sig.spkac" ) ) );
49 BOOST_CHECK( req->verify() < 0 );
52 BOOST_AUTO_TEST_SUITE_END()