aboutsummaryrefslogtreecommitdiffstats
path: root/checks
diff options
context:
space:
mode:
authorlloyd <[email protected]>2010-10-07 15:32:51 +0000
committerlloyd <[email protected]>2010-10-07 15:32:51 +0000
commit232b855507e28ff92476d60adb08cd05564a20a6 (patch)
treeeddf0e2b3abf8be44f229853e5f558852ac59564 /checks
parenta89498427ca32822fe1a273c8eb83b48da01ee1b (diff)
Forward port CRL fixes from rev 7bb2001cd554a1acc3d345914ea710ff0e1d3a6b
Diffstat (limited to 'checks')
-rw-r--r--checks/x509.cpp16
1 files changed, 16 insertions, 0 deletions
diff --git a/checks/x509.cpp b/checks/x509.cpp
index 6041d975d..24d67dc1c 100644
--- a/checks/x509.cpp
+++ b/checks/x509.cpp
@@ -206,6 +206,7 @@ void do_x509_tests(RandomNumberGenerator& rng)
std::cout << "\nFAILED: CRL #1 did not validate" << std::endl;
std::vector<CRL_Entry> revoked;
+ revoked.push_back(CRL_Entry(user1_cert, CESSATION_OF_OPERATION));
revoked.push_back(user2_cert);
X509_CRL crl2 = ca.update_crl(crl1, revoked, rng);
@@ -213,9 +214,24 @@ void do_x509_tests(RandomNumberGenerator& rng)
if(store.add_crl(crl2) != VERIFIED)
std::cout << "\nFAILED: CRL #2 did not validate" << std::endl;
+ if(store.validate_cert(user1_cert) != CERT_IS_REVOKED)
+ std::cout << "\nFAILED: User cert #1 was not revoked" << std::endl;
+
if(store.validate_cert(user2_cert) != CERT_IS_REVOKED)
std::cout << "\nFAILED: User cert #2 was not revoked" << std::endl;
+#if 0
+ revoked.clear();
+ revoked.push_back(CRL_Entry(user1_cert, REMOVE_FROM_CRL));
+ X509_CRL crl3 = ca.update_crl(crl2, revoked, rng);
+
+ if(store.add_crl(crl3) != VERIFIED)
+ std::cout << "\nFAILED: CRL #3 did not validate" << std::endl;
+
+ if(store.validate_cert(user1_cert) != VERIFIED)
+ std::cout << "\nFAILED: User cert #1 was not un-revoked" << std::endl;
+#endif
+
check_against_copy(ca_key, rng);
check_against_copy(user1_key, rng);
check_against_copy(user2_key, rng);