diff options
author | lloyd <[email protected]> | 2010-10-07 15:32:51 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2010-10-07 15:32:51 +0000 |
commit | 232b855507e28ff92476d60adb08cd05564a20a6 (patch) | |
tree | eddf0e2b3abf8be44f229853e5f558852ac59564 /checks | |
parent | a89498427ca32822fe1a273c8eb83b48da01ee1b (diff) |
Forward port CRL fixes from rev 7bb2001cd554a1acc3d345914ea710ff0e1d3a6b
Diffstat (limited to 'checks')
-rw-r--r-- | checks/x509.cpp | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/checks/x509.cpp b/checks/x509.cpp index 6041d975d..24d67dc1c 100644 --- a/checks/x509.cpp +++ b/checks/x509.cpp @@ -206,6 +206,7 @@ void do_x509_tests(RandomNumberGenerator& rng) std::cout << "\nFAILED: CRL #1 did not validate" << std::endl; std::vector<CRL_Entry> revoked; + revoked.push_back(CRL_Entry(user1_cert, CESSATION_OF_OPERATION)); revoked.push_back(user2_cert); X509_CRL crl2 = ca.update_crl(crl1, revoked, rng); @@ -213,9 +214,24 @@ void do_x509_tests(RandomNumberGenerator& rng) if(store.add_crl(crl2) != VERIFIED) std::cout << "\nFAILED: CRL #2 did not validate" << std::endl; + if(store.validate_cert(user1_cert) != CERT_IS_REVOKED) + std::cout << "\nFAILED: User cert #1 was not revoked" << std::endl; + if(store.validate_cert(user2_cert) != CERT_IS_REVOKED) std::cout << "\nFAILED: User cert #2 was not revoked" << std::endl; +#if 0 + revoked.clear(); + revoked.push_back(CRL_Entry(user1_cert, REMOVE_FROM_CRL)); + X509_CRL crl3 = ca.update_crl(crl2, revoked, rng); + + if(store.add_crl(crl3) != VERIFIED) + std::cout << "\nFAILED: CRL #3 did not validate" << std::endl; + + if(store.validate_cert(user1_cert) != VERIFIED) + std::cout << "\nFAILED: User cert #1 was not un-revoked" << std::endl; +#endif + check_against_copy(ca_key, rng); check_against_copy(user1_key, rng); check_against_copy(user2_key, rng); |