From 5a3127d3cceaaf03c3f74a1e3db91ac9d273ceba Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Sun, 3 Jun 2007 17:59:53 +0000
Subject: [PATCH] More crl checks.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20849 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 lib/hx509/test_ca.in | 29 +++++++++++++++++++++++++++--
 1 file changed, 27 insertions(+), 2 deletions(-)

diff --git a/lib/hx509/test_ca.in b/lib/hx509/test_ca.in
index 60d24115f..aa207d15d 100644
--- a/lib/hx509/test_ca.in
+++ b/lib/hx509/test_ca.in
@@ -66,10 +66,10 @@ ${hxtool} verify --missing-revoke \
 	cert:FILE:cert-ee.pem \
 	anchor:FILE:$srcdir/data/ca.crt > /dev/null || exit 1
 
-echo "issue crl"
+echo "issue crl (no cert)"
 ${hxtool} crl-sign \
 	--crl-file=crl.crl \
-	--signer=FILE:$srcdir/data/ca.crt,$srcdir/data/ca.key
+	--signer=FILE:$srcdir/data/ca.crt,$srcdir/data/ca.key || exit 1
 
 echo "verify certificate (with CRL)"
 ${hxtool} verify \
@@ -77,6 +77,31 @@ ${hxtool} verify \
 	crl:FILE:crl.crl \
 	anchor:FILE:$srcdir/data/ca.crt > /dev/null || exit 1
 
+echo "issue crl (with cert)"
+${hxtool} crl-sign \
+	--crl-file=crl.crl \
+	--signer=FILE:$srcdir/data/ca.crt,$srcdir/data/ca.key \
+	FILE:cert-ee.pem || exit 1
+
+echo "verify certificate (included in CRL)"
+${hxtool} verify \
+	cert:FILE:cert-ee.pem \
+	crl:FILE:crl.crl \
+	anchor:FILE:$srcdir/data/ca.crt > /dev/null && exit 1
+
+echo "issue crl (with cert)"
+${hxtool} crl-sign \
+	--crl-file=crl.crl \
+	--lifetime='1 month' \
+	--signer=FILE:$srcdir/data/ca.crt,$srcdir/data/ca.key \
+	FILE:cert-ee.pem || exit 1
+
+echo "verify certificate (included in CRL, and lifetime 1 month)"
+${hxtool} verify \
+	cert:FILE:cert-ee.pem \
+	crl:FILE:crl.crl \
+	anchor:FILE:$srcdir/data/ca.crt > /dev/null && exit 1
+
 echo "issue certificate (10years 1 month)"
 ${hxtool} issue-certificate \
 	  --ca-certificate=FILE:$srcdir/data/ca.crt,$srcdir/data/ca.key \