tests: Add 4.16.1 and 4.16.2 from NIST PKITS

author Jouni Malinen <j@w1.fi>

Fri, 9 May 2014 19:49:49 +0000 (22:49 +0300)

committer Jouni Malinen <j@w1.fi>

Sat, 10 May 2014 10:13:20 +0000 (13:13 +0300)
author Jouni Malinen <j@w1.fi>
Fri, 9 May 2014 19:49:49 +0000 (22:49 +0300)
committer Jouni Malinen <j@w1.fi>
Sat, 10 May 2014 10:13:20 +0000 (13:13 +0300)
diff --git a/tests/test_x509v3_nist2.sh b/tests/test_x509v3_nist2.sh

index 572bd9d..ec34a8b 100755 (executable)
--- a/tests/test_x509v3_nist2.sh
+++ b/tests/test_x509v3_nist2.sh
@@ -56,8 +56,17 @@ function run_test
                     OK=0
                 fi
             else
-               echo "$NUM failed - expected validation failure; other type of error detected"
-               OK=0
+               if [ $RES -eq -1 ]; then
+                   if grep -q "Failed to parse X.509 certificate" $TMPOUT.$NUM; then
+                       OK=1
+                   else
+                       echo "$NUM failed - expected parsing failure; other type of error detected"
+                       OK=0
+                   fi
+               else
+                   echo "$NUM failed - expected validation failure; other type of error detected"
+                   OK=0
+               fi
             fi
         fi
      fi
@@ -153,6 +162,9 @@ run_test 4.8.18 0 UserNoticeQualifierTest18EE.crt PoliciesP12CACert.crt
  run_test 4.8.19 0 UserNoticeQualifierTest19EE.crt TrustAnchorRootCertificate.crt
  run_test 4.8.20 0 CPSPointerQualifierTest20EE.crt GoodCACert.crt
  
+run_test 4.16.1 0 ValidUnknownNotCriticalCertificateExtensionTest1EE.crt
+run_test 4.16.2 -1 InvalidUnknownCriticalCertificateExtensionTest2EE.crt
+
  if false; then
  # DSA tests
  run_test 4.1.4 0 ValidDSASignaturesTest4EE.crt DSACACert.crt
author	Jouni Malinen <j@w1.fi>
	Fri, 9 May 2014 19:49:49 +0000 (22:49 +0300)
committer	Jouni Malinen <j@w1.fi>
	Sat, 10 May 2014 10:13:20 +0000 (13:13 +0300)