Tests for 4.1.x of PKITS

Fill in the tests for section 4.1 of PKITS.
The tests for 4.1.4-4.1.6 have been omitted as they refer to DSA which
has been deprecated, see
https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5-draft.pdf#%5B%7B%22num%22%3A72%2C%22gen%22%3A0%7D%2C%7B%22name%22%3A%22XYZ%22%7D%2C72%2C721%2Cnull%5D

verifier/src/x509/chain.rs

@@ -14,6 +14,7 @@ use core::time::Duration;
 
 /// An X509 certificate chain. This is a valid path from the trust root to the
 /// leaf certificate.
+#[derive(Debug, PartialEq)]
 pub struct CertificateChain {
     certificates: Vec<UnverifiedCertificate>,
 }
@@ -287,6 +288,14 @@ mod pkits {
     const TRUST_ANCHOR_ROOT_CRL: &[u8] =
         include_bytes!("../../data/tests/pkits/crls/TrustAnchorRootCRL.crl");
     const GOOD_CA_CRL: &[u8] = include_bytes!("../../data/tests/pkits/crls/GoodCACRL.crl");
+    const BAD_SIGNED_CA_CERT: &[u8] =
+        include_bytes!("../../data/tests/pkits/certs/BadSignedCACert.crt");
+    const BAD_SIGNED_CA_CRL: &[u8] =
+        include_bytes!("../../data/tests/pkits/crls/BadSignedCACRL.crl");
+    const INVALID_CA_SIGNATURE_TEST_2EE: &[u8] =
+        include_bytes!("../../data/tests/pkits/certs/InvalidCASignatureTest2EE.crt");
+    const INVALID_EE_SIGNATURE_TEST_3EE: &[u8] =
+        include_bytes!("../../data/tests/pkits/certs/InvalidEESignatureTest3EE.crt");
 
     fn chain_and_leaf_key(certs: &[&[u8]]) -> (CertificateChain, PublicKey) {
         let chain = CertificateChain::try_from(certs).expect("Failed decoding certs");
@@ -312,7 +321,7 @@ mod pkits {
     }
 
     #[test]
-    fn valid_signatures_test_1_4_1_1() {
+    fn valid_signatures_test_4_1_1() {
         let (chain, expected_key) = chain_and_leaf_key(
             [
                 TRUST_ANCHOR_ROOT_CERTIFICATE,
@@ -333,4 +342,45 @@ mod pkits {
 
         assert_eq!(signing_key, expected_key);
     }
+
+    #[test]
+    fn invalid_ca_signature_test_4_1_2() {
+        let certs = [
+            TRUST_ANCHOR_ROOT_CERTIFICATE,
+            BAD_SIGNED_CA_CERT,
+            INVALID_CA_SIGNATURE_TEST_2EE,
+        ];
+
+        // Building the chain parses the signatures of each certificate. The
+        // invalid signature causes a parsing error.
+        assert_eq!(
+            CertificateChain::try_from(certs.as_slice()),
+            Err(Error::SignatureDecoding)
+        );
+    }
+
+    #[test]
+    fn invalid_ee_signature_test_4_1_3() {
+        let (chain, _) = chain_and_leaf_key(
+            [
+                TRUST_ANCHOR_ROOT_CERTIFICATE,
+                GOOD_CA_CERT,
+                INVALID_EE_SIGNATURE_TEST_3EE,
+            ]
+            .as_slice(),
+        );
+        let (crls, unix_time) = crls_and_time([TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL].as_slice());
+
+        let root = chain.certificates[0]
+            .verify_self_signed(unix_time)
+            .expect("Failed verifying root");
+
+        assert_eq!(
+            chain.signing_key(&root, unix_time, crls.as_slice()),
+            Err(Error::SignatureVerification)
+        );
+    }
+
+    // Tests 4.1.4 - 4.1.6 are not implemented because DSA has been deprecated, see
+    // https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5-draft.pdf#%5B%7B%22num%22%3A72%2C%22gen%22%3A0%7D%2C%7B%22name%22%3A%22XYZ%22%7D%2C72%2C721%2Cnull%5D
 }