Added test case for pathlen constrains in intermediate certificates
diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data
index 69fb9b1..5bcbaad 100644
--- a/tests/suites/test_suite_x509parse.data
+++ b/tests/suites/test_suite_x509parse.data
@@ -358,6 +358,10 @@
depends_on:POLARSSL_PEM_C:POLARSSL_FS_IO
x509_verify:"data_files/cert_example_multi_nocn.crt":"data_files/test-ca.crt":"data_files/crl.pem":"www.example.net":POLARSSL_ERR_X509_CERT_VERIFY_FAILED:BADCERT_CN_MISMATCH + BADCERT_NOT_TRUSTED:NULL
+X509 CRT verify path (4 certs)
+depends_on:POLARSSL_PEM_C:POLARSSL_FS_IO:POLARSSL_SHA2_C
+x509_crt_verify_chain:"data_files/dir4/cert14.crt data_files/dir4/cert13.crt data_files/dir4/cert12.crt":"data_files/dir4/cert11.crt":8
+
X509 Parse Selftest
depends_on:POLARSSL_MD5_C:POLARSSL_PEM_C:POLARSSL_SELF_TEST
x509_selftest:
diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function
index 637d13c..0acedfd 100644
--- a/tests/suites/test_suite_x509parse.function
+++ b/tests/suites/test_suite_x509parse.function
@@ -275,6 +275,33 @@
END_CASE
BEGIN_CASE
+x509_crt_verify_chain:chain_paths_str:trusted_ca:ret
+{
+ char *act;
+ int flags;
+ int res;
+ x509_cert trusted, chain;
+ char *chain_paths;
+
+ memset( &chain, 0, sizeof( x509_cert ) );
+ memset( &trusted, 0, sizeof( x509_cert ) );
+ chain_paths = strdup( {chain_paths_str} );
+ TEST_ASSERT( chain_paths != NULL );
+
+ while( ( act = strsep( &chain_paths, " " ) ) != NULL )
+ TEST_ASSERT( x509parse_crtfile( &chain, act ) == 0 );
+ TEST_ASSERT( x509parse_crtfile( &trusted, {trusted_ca} ) == 0 );
+
+ res = x509parse_verify( &chain, &trusted, NULL, NULL, &flags, NULL, NULL );
+
+ x509_free( &trusted );
+ x509_free( &chain );
+
+ TEST_ASSERT( ( {ret} ) == res );
+}
+END_CASE
+
+BEGIN_CASE
x509_selftest:
{
TEST_ASSERT( x509_self_test( 0 ) == 0 );