1 #![cfg(feature = "verify")]
2
3 use x509_parser::parse_x509_certificate;
4
5 static CA_DER: &[u8] = include_bytes!("../assets/IGC_A.der");
6 static CA_LETSENCRYPT_X3: &[u8] = include_bytes!("../assets/lets-encrypt-x3-cross-signed.der");
7 static CERT_DER: &[u8] = include_bytes!("../assets/certificate.der");
8
9 #[test]
test_signature_verification()10 fn test_signature_verification() {
11 // for a root CA, verify self-signature
12 let (_, x509_ca) = parse_x509_certificate(CA_DER).expect("could not parse certificate");
13 let res = x509_ca.verify_signature(None);
14 eprintln!("Verification: {:?}", res);
15 assert!(res.is_ok());
16
17 // for a standard certificate, first load the authority, then the certificate, and verify it
18 let (_, x509_ca) =
19 parse_x509_certificate(CA_LETSENCRYPT_X3).expect("could not parse certificate");
20 let (_, x509_cert) = parse_x509_certificate(CERT_DER).expect("could not parse certificate");
21 let res = x509_cert.verify_signature(Some(&x509_ca.tbs_certificate.subject_pki));
22 eprintln!("Verification: {:?}", res);
23 assert!(res.is_ok());
24 }
25
26 static ED25519_DER: &[u8] = include_bytes!("../assets/ed25519.der");
27
28 #[test]
test_signature_verification_ed25519()29 fn test_signature_verification_ed25519() {
30 // this certificate is self-signed
31 let (_, x509_ca) = parse_x509_certificate(ED25519_DER).expect("could not parse certificate");
32 let res = x509_ca.verify_signature(None);
33 eprintln!("Verification: {:?}", res);
34 assert!(res.is_ok());
35 }
36