|
@@ -1403,6 +1403,48 @@ static int test_wolfSSL_CertManagerCheckOCSPResponse(void)
|
|
|
return 0;
|
|
|
}
|
|
|
|
|
|
+static void test_wolfSSL_CheckOCSPResponse(void)
|
|
|
+{
|
|
|
+#if defined(HAVE_OCSP) && !defined(NO_RSA) && defined(OPENSSL_ALL)
|
|
|
+ const char* responseFile = "./certs/ocsp/test-response.der";
|
|
|
+ const char* caFile = "./certs/ocsp/root-ca-cert.pem";
|
|
|
+ OcspResponse* res = NULL;
|
|
|
+ byte data[4096];
|
|
|
+ const unsigned char* pt;
|
|
|
+ int dataSz;
|
|
|
+ XFILE f;
|
|
|
+ WOLFSSL_OCSP_BASICRESP* bs;
|
|
|
+ WOLFSSL_X509_STORE* st;
|
|
|
+ WOLFSSL_X509* issuer;
|
|
|
+
|
|
|
+
|
|
|
+ printf(testingFmt, "wolfSSL_CheckOCSPResponse()");
|
|
|
+
|
|
|
+ f = XFOPEN(responseFile, "rb");
|
|
|
+ AssertTrue(f != XBADFILE);
|
|
|
+ dataSz = (word32)XFREAD(data, 1, sizeof(data), f);
|
|
|
+ AssertIntGT(dataSz, 0);
|
|
|
+ XFCLOSE(f);
|
|
|
+
|
|
|
+ pt = data;
|
|
|
+ res = wolfSSL_d2i_OCSP_RESPONSE(NULL, &pt, dataSz);
|
|
|
+ AssertNotNull(res);
|
|
|
+ issuer = wolfSSL_X509_load_certificate_file(caFile, SSL_FILETYPE_PEM);
|
|
|
+ AssertNotNull(issuer);
|
|
|
+ st = wolfSSL_X509_STORE_new();
|
|
|
+ AssertNotNull(st);
|
|
|
+ AssertIntEQ(wolfSSL_X509_STORE_add_cert(st, issuer), WOLFSSL_SUCCESS);
|
|
|
+ bs = wolfSSL_OCSP_response_get1_basic(res);
|
|
|
+ AssertNotNull(bs);
|
|
|
+ AssertIntEQ(wolfSSL_OCSP_basic_verify(bs, NULL, st, 0), WOLFSSL_SUCCESS);
|
|
|
+ wolfSSL_OCSP_RESPONSE_free(res);
|
|
|
+ wolfSSL_X509_STORE_free(st);
|
|
|
+ wolfSSL_X509_free(issuer);
|
|
|
+
|
|
|
+ printf(resultFmt, passed);
|
|
|
+#endif /* HAVE_OCSP */
|
|
|
+}
|
|
|
+
|
|
|
static int test_wolfSSL_CertManagerLoadCABuffer(void)
|
|
|
{
|
|
|
int ret;
|
|
@@ -57441,6 +57483,7 @@ TEST_CASE testCases[] = {
|
|
|
TEST_DECL(test_wolfSSL_CTX_use_PrivateKey_file),
|
|
|
TEST_DECL(test_wolfSSL_CTX_load_verify_locations),
|
|
|
TEST_DECL(test_wolfSSL_CertManagerCheckOCSPResponse),
|
|
|
+ TEST_DECL(test_wolfSSL_CheckOCSPResponse),
|
|
|
TEST_DECL(test_wolfSSL_CertManagerLoadCABuffer),
|
|
|
TEST_DECL(test_wolfSSL_CertManagerGetCerts),
|
|
|
TEST_DECL(test_wolfSSL_CertManagerSetVerify),
|