diff options
author | René Meusel <[email protected]> | 2019-09-23 11:35:32 +0200 |
---|---|---|
committer | René Meusel <[email protected]> | 2019-09-23 11:35:32 +0200 |
commit | 3ac547bd2eabe4c14140d1d47b4bd1211444d938 (patch) | |
tree | 3002c65eb903590d754a46280873da2a0ab47438 /src | |
parent | b31e0b3f2656fda9d46b7693b1f14b1b84b3d9d0 (diff) |
check for Key_Usage::ENCRYPTION for existing tests
Diffstat (limited to 'src')
-rw-r--r-- | src/tests/unit_x509.cpp | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/tests/unit_x509.cpp b/src/tests/unit_x509.cpp index d983fd7db..d180e8ffc 100644 --- a/src/tests/unit_x509.cpp +++ b/src/tests/unit_x509.cpp @@ -990,6 +990,8 @@ Test::Result test_usage(const Botan::Private_Key& ca_key, result.test_eq("key usage cRLSign not allowed", user1_cert.allowed_usage( Key_Constraints(Key_Constraints::DIGITAL_SIGNATURE | Key_Constraints::CRL_SIGN)), false); + result.test_eq("encryption is not allowed", + user1_cert.allowed_usage(Usage_Type::ENCRYPTION), false); // cert only allows digitalSignature, so checking for only that should be ok result.confirm("key usage digitalSignature allowed", user1_cert.allowed_usage(Key_Constraints::DIGITAL_SIGNATURE)); @@ -1014,6 +1016,9 @@ Test::Result test_usage(const Botan::Private_Key& ca_key, result.confirm("key usage multiple cRLSign allowed", mult_usage_cert.allowed_usage(Key_Constraints::CRL_SIGN)); result.confirm("key usage multiple digitalSignature and cRLSign allowed", mult_usage_cert.allowed_usage( Key_Constraints(Key_Constraints::DIGITAL_SIGNATURE | Key_Constraints::CRL_SIGN))); + result.test_eq("encryption is not allowed", + mult_usage_cert.allowed_usage(Usage_Type::ENCRYPTION), false); + opts.constraints = Key_Constraints::NO_CONSTRAINTS; @@ -1027,6 +1032,7 @@ Test::Result test_usage(const Botan::Private_Key& ca_key, // cert allows every usage result.confirm("key usage digitalSignature allowed", no_usage_cert.allowed_usage(Key_Constraints::DIGITAL_SIGNATURE)); result.confirm("key usage cRLSign allowed", no_usage_cert.allowed_usage(Key_Constraints::CRL_SIGN)); + result.confirm("key usage encryption allowed", no_usage_cert.allowed_usage(Usage_Type::ENCRYPTION)); if (sig_algo == "RSA") { |