Test that X.509 verification rejects SHA-256 by default

commit: 2dc81a0cbcc0f162596f9c223c164baffd0c8259 [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Fri May 05 19:00:39 2017 +0200
committer: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Tue Jun 06 18:44:13 2017 +0200
tree: 24658ea10b389bb16721ed522327044eb8dde393
parent: ef86ab238fcbc186f324640bc264fd6f5f2123d1 [diff]
diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data
index ce543b5..e6e6d69 100644
--- a/tests/suites/test_suite_x509parse.data
+++ b/tests/suites/test_suite_x509parse.data

@@ -431,6 +431,10 @@
 depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 x509_verify:"data_files/cert_sha1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL"
 
+X509 Certificate verification #14 (Valid Cert SHA1 Digest forbidden in default profile)
+depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+x509_verify:"data_files/cert_sha1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCRL_BAD_MD | MBEDTLS_X509_BADCERT_BAD_MD:"default":"NULL"
+
 X509 Certificate verification #15 (Valid Cert SHA224 Digest)
 depends_on:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 x509_verify:"data_files/cert_sha224.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL"
commit	2dc81a0cbcc0f162596f9c223c164baffd0c8259	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Fri May 05 19:00:39 2017 +0200
committer	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Tue Jun 06 18:44:13 2017 +0200
tree	24658ea10b389bb16721ed522327044eb8dde393
parent	ef86ab238fcbc186f324640bc264fd6f5f2123d1 [diff]