Add a test of DFS certificate path search

[randombit]

The end entity certificates are each signed by one of the level1 7 intermediates, and each level1 intermediate is signed by one of the 7 level2 intermediates. No AKIDs are available to guide the path generation, thus as many as 49 possible paths must be checked before a valid path is found.

[Copilot]

Pull request overview

Adds a new X.509 path validation test case designed to exercise DFS certificate path construction when many alternative intermediate paths are possible (no AKIDs, up to 49 candidate paths).

Changes:

• Add a new x509_path_building test that loads a synthetic hierarchy (root + 2 intermediate layers) and validates multiple end-entity certs against expected outcomes.
• Add the certificate corpus for the new test (root, 7× level2 intermediates, 7× level1 intermediates, 7× end-entity certs) plus an expected.txt results file.

Reviewed changes

Copilot reviewed 24 out of 24 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
src/tests/test_x509_path.cpp	Registers and implements the new DFS-heavy certificate path building test.
src/tests/data/x509/path_building/root.pem	Root CA certificate for the new path-building test corpus.
src/tests/data/x509/path_building/level2_0.pem	Level-2 intermediate CA certificate (test corpus).
src/tests/data/x509/path_building/level2_1.pem	Level-2 intermediate CA certificate (test corpus).
src/tests/data/x509/path_building/level2_2.pem	Level-2 intermediate CA certificate (test corpus).
src/tests/data/x509/path_building/level2_3.pem	Level-2 intermediate CA certificate (test corpus).
src/tests/data/x509/path_building/level2_4.pem	Level-2 intermediate CA certificate (test corpus).
src/tests/data/x509/path_building/level2_5.pem	Level-2 intermediate CA certificate (test corpus).
src/tests/data/x509/path_building/level2_6.pem	Level-2 intermediate CA certificate (test corpus).
src/tests/data/x509/path_building/level1_0.pem	Level-1 intermediate CA certificate (test corpus).
src/tests/data/x509/path_building/level1_1.pem	Level-1 intermediate CA certificate (test corpus).
src/tests/data/x509/path_building/level1_2.pem	Level-1 intermediate CA certificate (test corpus).
src/tests/data/x509/path_building/level1_3.pem	Level-1 intermediate CA certificate (test corpus).
src/tests/data/x509/path_building/level1_4.pem	Level-1 intermediate CA certificate (test corpus).
src/tests/data/x509/path_building/level1_5.pem	Level-1 intermediate CA certificate (test corpus).
src/tests/data/x509/path_building/level1_6.pem	Level-1 intermediate CA certificate (test corpus).
src/tests/data/x509/path_building/end01.pem	End-entity certificate used for DFS path building validation.
src/tests/data/x509/path_building/end02.pem	End-entity certificate used for DFS path building validation.
src/tests/data/x509/path_building/end03.pem	End-entity certificate used for DFS path building validation.
src/tests/data/x509/path_building/end04.pem	End-entity certificate used for DFS path building validation.
src/tests/data/x509/path_building/end05.pem	End-entity certificate used for DFS path building validation.
src/tests/data/x509/path_building/end06.pem	End-entity certificate used for DFS path building validation.
src/tests/data/x509/path_building/end07.pem	End-entity certificate used for DFS path building validation.
src/tests/data/x509/path_building/expected.txt	Expected verification results for the new test cases.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[coveralls]

coverage: 89.499% (+0.006%) from 89.493%
when pulling 77dd869 on jack/x509-path-dfs-test
into 00c63a4 on master.