File 0193-add-testcase-for-EdDSA-pkix_crl_verify.patch of Package erlang
From 581b6140b60266973be002ad796a59d9c96d3ffa Mon Sep 17 00:00:00 2001
From: Stefan Grundmann <sg2342@googlemail.com>
Date: Fri, 19 Dec 2025 18:21:04 +0000
Subject: [PATCH 3/4] add testcase for EdDSA pkix_crl_verify
---
lib/public_key/test/public_key_SUITE.erl | 27 +++++++++-
.../test/public_key_SUITE_data/eddsa_crl.pem | 43 ++++++++++++++++
.../eddsa_crl_signer.pem | 49 +++++++++++++++++++
3 files changed, 118 insertions(+), 1 deletion(-)
create mode 100644 lib/public_key/test/public_key_SUITE_data/eddsa_crl.pem
create mode 100644 lib/public_key/test/public_key_SUITE_data/eddsa_crl_signer.pem
diff --git a/lib/public_key/test/public_key_SUITE.erl b/lib/public_key/test/public_key_SUITE.erl
index 6524fa2ec7..200217184a 100644
--- a/lib/public_key/test/public_key_SUITE.erl
+++ b/lib/public_key/test/public_key_SUITE.erl
@@ -147,6 +147,8 @@
pkix_dsa_sha2_oid/1,
pkix_crl/0,
pkix_crl/1,
+ pkix_crl_verify_eddsa/0,
+ pkix_crl_verify_eddsa/1,
pkix_pss_params_in_signalg/0,
pkix_pss_params_in_signalg/1,
general_name/0,
@@ -217,6 +219,7 @@ all() ->
pkix_rsa_md2_oid,
pkix_dsa_sha2_oid,
pkix_crl,
+ pkix_crl_verify_eddsa,
pkix_pss_params_in_signalg,
pkix_hash_type,
general_name,
@@ -310,7 +313,8 @@ init_per_testcase(rsa_pss_sign_verify, Config) ->
{skip, not_supported_by_crypto}
end;
-init_per_testcase(eddsa_sign_verify_24_compat, Config) ->
+init_per_testcase(TestCase, Config) when TestCase == eddsa_sign_verify_24_compat;
+ TestCase == pkix_crl_verify_eddsa ->
case lists:member(eddsa, crypto:supports(public_keys)) of
true ->
Config;
@@ -1743,6 +1747,27 @@ pkix_crl(Config) when is_list(Config) ->
reasons = asn1_NOVALUE,
distributionPoint = Point} = public_key:pkix_dist_point(OTPIDPCert).
+%%--------------------------------------------------------------------
+
+pkix_crl_verify_eddsa() ->
+ [{doc, "test pkix_crl_verify with EdDSA certificate"}].
+
+pkix_crl_verify_eddsa(Config) when is_list(Config) ->
+ Datadir = proplists:get_value(data_dir, Config),
+ {ok, PemCRL} = file:read_file(filename:join(Datadir, "eddsa_crl.pem")),
+ [{_, CRL, _}] = public_key:pem_decode(PemCRL),
+
+ {ok, SignPemCert} = file:read_file(filename:join(Datadir, "eddsa_crl_signer.pem")),
+ [{_, SignCert, _}] = public_key:pem_decode(SignPemCert),
+
+ OTPSignCert = public_key:pkix_decode_cert(SignCert, otp),
+ ERLCRL = public_key:der_decode('CertificateList',CRL),
+
+ true = public_key:pkix_crl_verify(CRL, SignCert),
+ true = public_key:pkix_crl_verify(ERLCRL, OTPSignCert).
+
+%%--------------------------------------------------------------------
+
general_name() ->
[{doc, "Test that decoding of general name filed may have other values"
" than {rdnSequence, Seq}"}].
diff --git a/lib/public_key/test/public_key_SUITE_data/eddsa_crl.pem b/lib/public_key/test/public_key_SUITE_data/eddsa_crl.pem
new file mode 100644
index 0000000000..167a8703a5
--- /dev/null
+++ b/lib/public_key/test/public_key_SUITE_data/eddsa_crl.pem
@@ -0,0 +1,43 @@
+// %CopyrightBegin%
+//
+// SPDX-License-Identifier: BSD-3-Clause
+//
+// Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved.
+// Copyright Ericsson AB 2025. All Rights Reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice,
+// this list of conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice,
+// this list of conditions and the following disclaimer in the documentation
+// and/or other materials provided with the distribution.
+//
+// 3. Neither the name of the copyright holder nor the names of its contributors
+// may be used to endorse or promote products derived from this software
+// without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS “AS IS”
+// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+// POSSIBILITY OF SUCH DAMAGE.
+//
+// %CopyrightEnd%
+
+-----BEGIN X509 CRL-----
+MIH7MIGuMAUGAytlcDCBhjERMA8GA1UEAwwIZXJsYW5nQ0ExEzARBgNVBAsMCkVy
+bGFuZyBPVFAxFDASBgNVBAoMC0VyaWNzc29uIEFCMRIwEAYDVQQHDAlTdG9ja2hv
+bG0xCzAJBgNVBAYTAlNFMSUwIwYJKoZIhvcNAQkBFhZwZXRlckBlcml4LmVyaWNz
+c29uLnNlFw0yNTEyMTkxNzU5MzZaFw0zMjA0MDYxNzU5MzZaMAUGAytlcANBAP/T
+YVYmKDeOj3X2FBjNT5rDn+ErE60cKR32x/UQxD9uSJJnzbUMmOoF0PK57I2GOo1v
+ys5Dc0FY+DF7+MFtpgI=
+-----END X509 CRL-----
diff --git a/lib/public_key/test/public_key_SUITE_data/eddsa_crl_signer.pem b/lib/public_key/test/public_key_SUITE_data/eddsa_crl_signer.pem
new file mode 100644
index 0000000000..2f716930fb
--- /dev/null
+++ b/lib/public_key/test/public_key_SUITE_data/eddsa_crl_signer.pem
@@ -0,0 +1,49 @@
+// %CopyrightBegin%
+//
+// SPDX-License-Identifier: BSD-3-Clause
+//
+// Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved.
+// Copyright Ericsson AB 2025. All Rights Reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice,
+// this list of conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice,
+// this list of conditions and the following disclaimer in the documentation
+// and/or other materials provided with the distribution.
+//
+// 3. Neither the name of the copyright holder nor the names of its contributors
+// may be used to endorse or promote products derived from this software
+// without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS “AS IS”
+// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+// POSSIBILITY OF SUCH DAMAGE.
+//
+// %CopyrightEnd%
+
+-----BEGIN CERTIFICATE-----
+MIICJTCCAdegAwIBAgIUSzfCc4FaF5CDufn1Tj1tqMJYJmcwBQYDK2VwMIGGMREw
+DwYDVQQDDAhlcmxhbmdDQTETMBEGA1UECwwKRXJsYW5nIE9UUDEUMBIGA1UECgwL
+RXJpY3Nzb24gQUIxEjAQBgNVBAcMCVN0b2NraG9sbTELMAkGA1UEBhMCU0UxJTAj
+BgkqhkiG9w0BCQEWFnBldGVyQGVyaXguZXJpY3Nzb24uc2UwIBcNMjUxMjE5MTc1
+NzMyWhgPMzAyNTEyMjcxNzU3MzJaMIGGMREwDwYDVQQDDAhlcmxhbmdDQTETMBEG
+A1UECwwKRXJsYW5nIE9UUDEUMBIGA1UECgwLRXJpY3Nzb24gQUIxEjAQBgNVBAcM
+CVN0b2NraG9sbTELMAkGA1UEBhMCU0UxJTAjBgkqhkiG9w0BCQEWFnBldGVyQGVy
+aXguZXJpY3Nzb24uc2UwKjAFBgMrZXADIQCNzHti/t3W5+tIjdgCN9HHkwOa7jxT
+FxLGEtoln2KAiqNTMFEwHQYDVR0OBBYEFL/Ja0StEJi280fSYPKu17Vx0Bs2MB8G
+A1UdIwQYMBaAFL/Ja0StEJi280fSYPKu17Vx0Bs2MA8GA1UdEwEB/wQFMAMBAf8w
+BQYDK2VwA0EA45rlWsmCHh8ULr5/p0JNh2Jiw2OWtGNooihp9peqQCF6zBBUiuGe
+AqY2qCje+PhdK4YqNuFEnFIQJW8pFTdLCA==
+-----END CERTIFICATE-----
--
2.51.0
