Skip to content

Commit

Permalink
fix tests
Browse files Browse the repository at this point in the history
  • Loading branch information
@u3s
u3s committed Sep 27, 2023
1 parent 30e7203 commit 03b422b
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 9 deletions.
15 changes: 10 additions & 5 deletions lib/public_key/test/pubkey_ocsp_SUITE.erl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,8 @@
<<2,39,149,225,217,60,119,245,177,96,137,169,49,169,0,163,164,218,40,228,230,193,142,138,206,47,0,176,80,99,16,226,79,124,237,230,91,57,148,49,250,208,42,193,106,53,86,163,205,254,245,90,45,240,172,107,162,160,59,7,246,245,41,106,44,239,47,78,197,79,123,55,217,87,181,221,73,88,47,122,30,195,225,6,28,237,49,250,105,85,214,69,86,243,73,81,101,192,31,250,31,55,111,63,11,1,147,63,144,241,132,32,161,92,168,152,19,29,233,88,234,4,134,144,26,70,162,219,31,125,205,202,94,45,111,3,17,
66,62,208,17,188,179,94,222,238,248,79,102,80,138,217,80,233,100,152,240,11,81,36,130,175,152,182,221,2,26,24,33,180,242,63,33,223,18,131,11,52,51,1,193,24,222,91,47,100,131,173,32,69,159,13,94,246,193,182,127,242,164,131,112,92,179,65,79,235,174,161,194,201,255,119,2,251,215,203,135,16,154,55,69,82,33,69,60,223,118,35,56,22,228,106,80,57,180,62,124,121,244,121,197,123,242,190,55,26,32,214,176,53,28,117,171,162,76,160>>}
).
-define(RESPONDER_CERT, ?ISSUER_CERT).
-define(RESPONDER_CERT, #cert{otp = ?ISSUER_CERT}).
-define(DEFAULT_IS_TRUSTED_CERT, fun(_Cert) -> false end).
-define(A_SERVER_CERT,
{'OTPCertificate',{'OTPTBSCertificate',v3,9,
{'SignatureAlgorithm',{1,2,840,113549,1,1,11},'NULL'},
Expand Down Expand Up @@ -149,7 +150,8 @@ ocsp_test(Config) when is_list(Config) ->
pubkey_ocsp:verify_response(OcspResponse,
[?RESPONDER_CERT],
?NONCE,
?ISSUER_CERT),
?ISSUER_CERT,
?DEFAULT_IS_TRUSTED_CERT),
{'SingleResponse',
{'CertID',
{'AlgorithmIdentifier',
Expand Down Expand Up @@ -181,13 +183,15 @@ ocsp_test(Config) when is_list(Config) ->
pubkey_ocsp:verify_response(OcspResponseWrongSignature,
[?RESPONDER_CERT],
?NONCE,
?ISSUER_CERT),
?ISSUER_CERT,
?DEFAULT_IS_TRUSTED_CERT),

{error, nonce_mismatch} =
pubkey_ocsp:verify_response(OcspResponse,
[?RESPONDER_CERT],
<<"rubbish_nonce">>,
?ISSUER_CERT),
?ISSUER_CERT,
?DEFAULT_IS_TRUSTED_CERT),

OcspResponseProducedAt22ndCentury = % Year AD 2123
OcspResponse#'BasicOCSPResponse'{
Expand All @@ -196,5 +200,6 @@ ocsp_test(Config) when is_list(Config) ->
pubkey_ocsp:verify_response(OcspResponseProducedAt22ndCentury,
[?RESPONDER_CERT],
?NONCE,
?ISSUER_CERT),
?ISSUER_CERT,
?DEFAULT_IS_TRUSTED_CERT),
ok.
2 changes: 1 addition & 1 deletion lib/public_key/test/public_key_SUITE.erl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1458,7 +1458,7 @@ pkix_ocsp_validate(_Config) ->
248,195,82,131,220,31,104,44,239,147,61,71,35,245>>,
NonceExt = <<4,8,244,183,192,191,230,8,236,82>>,
ok =
public_key:pkix_ocsp_validate(Cert, IssuerCert, OcspRespDer, NonceExt).
public_key:pkix_ocsp_validate(Cert, IssuerCert, OcspRespDer, NonceExt, []).

%%--------------------------------------------------------------------
cacerts_load() ->
Expand Down
6 changes: 3 additions & 3 deletions lib/ssl/src/ssl_trace.erl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -435,11 +435,11 @@ trace_profiles() ->
{handle_server_hello_extensions, 9},
{handle_client_hello_extensions, 10},
{cert_status_check, 5}]},
{public_key, [{ocsp_extensions, 1}, {pkix_ocsp_validate, 4},
{public_key, [{ocsp_extensions, 1}, {pkix_ocsp_validate, 5},
{otp_cert, 1}]},
{pubkey_ocsp, [{do_verify_signature, 4},
{verify_response, 4}, {verify_nonce, 2},
{verify_signature, 6},
{verify_response, 5}, {verify_nonce, 2},
{verify_signature, 7},
{is_responder_cert, 2}, {find_single_response, 3},
{status, 1}, {match_single_response, 4},
{designated_for_ocsp_signing, 1}]},
Expand Down

0 comments on commit 03b422b

Please sign in to comment.