X.509 tests: obey compile-time SHA-1 support option There is now one test case to validate that SHA-1 is rejected in certificates by default, and one test case to validate that SHA-1 is supported if MBEDTLS_TLS_DEFAULT_ALLOW_SHA1 is #defined.

commit: e7375ef3148f41d1e4be9e88d992614a803ae810 [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Thu May 11 16:41:25 2017 +0200
committer: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Tue Jun 06 19:08:23 2017 +0200
tree: 4f1e0f819b39b57aabfde1962be345544cc79e2b
parent: 35db5bae2c0960c68416351b7756539b5a3bef6e [diff]
diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index fe821d1..937dcd4 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h

@@ -642,4 +642,9 @@
 }
 #endif
 
+#ifndef MBEDTLS_TLS_DEFAULT_ALLOW_SHA1
+/* The test infrastructure requires a positive define */
+#define MBEDTLS_X509__DEFAULT_FORBID_SHA1
+#endif
+
 #endif /* mbedtls_x509_crt.h */
commit	e7375ef3148f41d1e4be9e88d992614a803ae810	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Thu May 11 16:41:25 2017 +0200
committer	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Tue Jun 06 19:08:23 2017 +0200
tree	4f1e0f819b39b57aabfde1962be345544cc79e2b
parent	35db5bae2c0960c68416351b7756539b5a3bef6e [diff]