From b28be8a5d9610dc8c83a19d1d531f9ebf21e1492 Mon Sep 17 00:00:00 2001
From: Carl Hetherington <cth@carlh.net>
Date: Wed, 27 Jan 2016 21:06:26 +0000
Subject: Check for trailing data when loading certificates.

---
 test/certificates_test.cc | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

(limited to 'test')

diff --git a/test/certificates_test.cc b/test/certificates_test.cc
index 9592ae2f..9be2e7fa 100644
--- a/test/certificates_test.cc
+++ b/test/certificates_test.cc
@@ -17,12 +17,13 @@
 
 */
 
-#include <boost/test/unit_test.hpp>
 #include "certificate.h"
 #include "certificate_chain.h"
 #include "util.h"
 #include "exceptions.h"
 #include "test.h"
+#include <boost/test/unit_test.hpp>
+#include <iostream>
 
 using std::list;
 using std::string;
@@ -54,6 +55,8 @@ BOOST_AUTO_TEST_CASE (certificates1)
 		"dnQualifier=QFVlym7fuql6bPOnY38aaO1ZPW4=,CN=CS.smpte-430-2.LEAF.NOT_FOR_PRODUCTION,OU=example.org,O=example.org"
 		);
 
+	BOOST_CHECK (!c.leaf().extra_data ());
+
 	++i;
 
 	/* Intermediate */
@@ -67,6 +70,8 @@ BOOST_AUTO_TEST_CASE (certificates1)
 		"dnQualifier=6eat8r33US71avuQEojmH\\+bjk84=,CN=.smpte-430-2.INTERMEDIATE.NOT_FOR_PRODUCTION,OU=example.org,O=example.org"
 		);
 
+	BOOST_CHECK (!i->extra_data ());
+
 	++i;
 
 	/* Root */
@@ -83,6 +88,8 @@ BOOST_AUTO_TEST_CASE (certificates1)
 		"dnQualifier=DCnRdHFbcv4ANVUq2\\+wMVALFSec=,CN=.smpte-430-2.ROOT.NOT_FOR_PRODUCTION,OU=example.org,O=example.org"
 		);
 
+	BOOST_CHECK (!c.root().extra_data ());
+
 	/* Check that reconstruction from a string works */
 	dcp::Certificate test (c.root().certificate (true));
 	BOOST_CHECK_EQUAL (test.certificate(), c.root().certificate());
@@ -94,11 +101,18 @@ BOOST_AUTO_TEST_CASE (certificates2)
 	{
 		dcp::Certificate c (dcp::file_to_string (private_test / "CA.GDC-TECH.COM_SA2100_A14903.crt.crt"));
 		BOOST_CHECK_EQUAL (c.certificate(true), dcp::file_to_string (private_test / "CA.GDC-TECH.COM_SA2100_A14903.crt.crt.reformatted"));
+		BOOST_CHECK (!c.extra_data ());
 	}
 
 	{
 		dcp::Certificate c (dcp::file_to_string (private_test / "usl-cert.pem"));
 		BOOST_CHECK_EQUAL (c.certificate(true), dcp::file_to_string (private_test / "usl-cert.pem.trimmed"));
+		BOOST_CHECK (!c.extra_data ());
+	}
+
+	{
+		dcp::Certificate c (dcp::file_to_string (private_test / "chain.pem"));
+		BOOST_CHECK (c.extra_data ());
 	}
 
 	BOOST_CHECK_THROW (dcp::Certificate (dcp::file_to_string (private_test / "no-begin.pem")), dcp::MiscError);
-- 
cgit v1.2.3