propagate from branch 'net.randombit.botan' (head 8efb138f9a7c0b02429372a9c4e4f6614c5a6b87)

to branch 'net.randombit.botan.x509-path-validation' (head af3daa43e17054ae367c02de09f77ab9e5f8136f)
author: lloyd <[email protected]> 2011-04-22 20:57:49 +0000
committer: lloyd <[email protected]> 2011-04-22 20:57:49 +0000
commit: 696489bec89950051aedc53c7d162cdbe9d1125b (patch)
tree: 85a054c7cb51b75e1ba70b6eae1750ce31f62501 /checks
parent: 4ddb5fc878b56c9d54d0e36b4eeba5b5273f503a (diff)
parent: a9cd9687398ca6c7a780dd91a213b514797fa9fc (diff)
3 files changed, 22 insertions, 21 deletions
diff --git a/checks/nist_tests/Makefile b/checks/nist_tests/Makefile
index 6d0ebb78f..96c958dd7 100644
--- a/checks/nist_tests/Makefile
+++ b/checks/nist_tests/Makefile
@@ -4,7 +4,7 @@ BOTAN_CONFIG=botan-config
 CC=g++
 FLAGS=-g -Os -W -Wall -ansi
 LDFLAGS=$(shell $(BOTAN_CONFIG) --libs)
-CFLAGS=$(shell $(BOTAN_CONFIG) --cflags)
+CFLAGS=$(shell $(BOTAN_CONFIG) --cflags) -I../../build/include
 
 x509test: x509test.cpp
 	$(CC) $(FLAGS) $(CFLAGS) x509test.cpp $(LDFLAGS) -o x509test
diff --git a/checks/nist_tests/x509test.cpp b/checks/nist_tests/x509test.cpp
index 7f4fe94ee..d89e7c341 100644
--- a/checks/nist_tests/x509test.cpp
+++ b/checks/nist_tests/x509test.cpp
@@ -4,7 +4,7 @@
   on NIST's web site.
 */
 
-#include <botan/x509stor.h>
+#include <botan/x509path.h>
 #include <botan/init.h>
 using namespace Botan;
 
@@ -110,9 +110,9 @@ void run_one_test(u32bit test_no, X509_Code expected,
 
    X509_Code result = VERIFIED;
 
-   X509_Store store;
+   Certificate_Store_Memory store;
 
-   store.add_cert(X509_Certificate(root_cert), true);
+   store.add_cert(X509_Certificate(root_cert));
 
    X509_Certificate end_user(to_verify);
 
@@ -134,9 +134,7 @@ void run_one_test(u32bit test_no, X509_Code expected,
          std::cout << std::endl;
          }
       */
-      result = store.add_crl(crl);
-      if(result != VERIFIED)
-         break;
+      store.add_crl(crl);
       }
 
    /* if everything has gone well up until now */
diff --git a/checks/x509.cpp b/checks/x509.cpp
index 8c6cd8187..919fa3508 100644
--- a/checks/x509.cpp
+++ b/checks/x509.cpp
@@ -21,7 +21,7 @@
 
 #if defined(BOTAN_HAS_X509_CERTIFICATES)
   #include <botan/x509self.h>
-  #include <botan/x509stor.h>
+  #include <botan/x509path.h>
   #include <botan/x509_ca.h>
   #include <botan/pkcs10.h>
 #endif
@@ -191,19 +191,21 @@ void do_x509_tests(RandomNumberGenerator& rng)
    X509_CRL crl1 = ca.new_crl(rng);
 
    /* Verify the certs */
-   X509_Store store;
+   Certificate_Store_Memory store;
 
-   store.add_cert(ca_cert, true); // second arg == true: trusted CA cert
+   store.add_certificate(ca_cert);
 
    std::cout << '.' << std::flush;
-   if(store.validate_cert(user1_cert) != VERIFIED)
+
+   Path_Validation_Result result_u1 = x509_path_validate(user1_cert, store);
+   if(result_u1.validation_result != VERIFIED)
       std::cout << "\nFAILED: User cert #1 did not validate" << std::endl;
 
-   if(store.validate_cert(user2_cert) != VERIFIED)
+   Path_Validation_Result result_u2 = x509_path_validate(user2_cert, store);
+   if(result_u2.validation_result != VERIFIED)
       std::cout << "\nFAILED: User cert #2 did not validate" << std::endl;
 
-   if(store.add_crl(crl1) != VERIFIED)
-      std::cout << "\nFAILED: CRL #1 did not validate" << std::endl;
+   store.add_crl(crl1);
 
    std::vector<CRL_Entry> revoked;
    revoked.push_back(CRL_Entry(user1_cert, CESSATION_OF_OPERATION));
@@ -211,23 +213,24 @@ void do_x509_tests(RandomNumberGenerator& rng)
 
    X509_CRL crl2 = ca.update_crl(crl1, revoked, rng);
 
-   if(store.add_crl(crl2) != VERIFIED)
-      std::cout << "\nFAILED: CRL #2 did not validate" << std::endl;
+   store.add_crl(crl2);
 
-   if(store.validate_cert(user1_cert) != CERT_IS_REVOKED)
+   result_u1 = x509_path_validate(user1_cert, store);
+   if(result_u1.validation_result != CERT_IS_REVOKED)
       std::cout << "\nFAILED: User cert #1 was not revoked" << std::endl;
 
-   if(store.validate_cert(user2_cert) != CERT_IS_REVOKED)
+   result_u2 = x509_path_validate(user2_cert, store);
+   if(result_u2.validation_result != CERT_IS_REVOKED)
       std::cout << "\nFAILED: User cert #2 was not revoked" << std::endl;
 
    revoked.clear();
    revoked.push_back(CRL_Entry(user1_cert, REMOVE_FROM_CRL));
    X509_CRL crl3 = ca.update_crl(crl2, revoked, rng);
 
-   if(store.add_crl(crl3) != VERIFIED)
-      std::cout << "\nFAILED: CRL #3 did not validate" << std::endl;
+   store.add_crl(crl3);
 
-   if(store.validate_cert(user1_cert) != VERIFIED)
+   result_u1 = x509_path_validate(user1_cert, store);
+   if(result_u1.validation_result != VERIFIED)
       std::cout << "\nFAILED: User cert #1 was not un-revoked" << std::endl;
 
    check_against_copy(ca_key, rng);
author	lloyd <[email protected]>	2011-04-22 20:57:49 +0000
committer	lloyd <[email protected]>	2011-04-22 20:57:49 +0000
commit	696489bec89950051aedc53c7d162cdbe9d1125b (patch)
tree	85a054c7cb51b75e1ba70b6eae1750ce31f62501 /checks
parent	4ddb5fc878b56c9d54d0e36b4eeba5b5273f503a (diff)
parent	a9cd9687398ca6c7a780dd91a213b514797fa9fc (diff)