]>
Commit | Line | Data |
---|---|---|
bb0f7eca RL |
1 | #! /usr/bin/env perl |
2 | # Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. | |
3 | # | |
909f1a2e | 4 | # Licensed under the Apache License 2.0 (the "License"). You may not use |
bb0f7eca RL |
5 | # this file except in compliance with the License. You can obtain a copy |
6 | # in the file LICENSE in the source distribution or at | |
7 | # https://www.openssl.org/source/license.html | |
8 | ||
9 | ||
10 | use strict; | |
11 | use warnings; | |
12 | ||
13 | use File::Copy; | |
14 | use File::Spec::Functions qw/:DEFAULT canonpath/; | |
15 | use OpenSSL::Test qw/:DEFAULT srctop_file/; | |
16 | ||
17 | setup("test_x509_store"); | |
18 | ||
73540f47 RL |
19 | #If "openssl rehash -help" fails it's most likely because we're on a platform |
20 | #that doesn't support the rehash command (e.g. Windows) | |
21 | plan skip_all => "test_rehash is not available on this platform" | |
22 | unless run(app(["openssl", "rehash", "-help"])); | |
23 | ||
bb0f7eca RL |
24 | # We use 'openssl verify' for these tests, as it contains everything |
25 | # we need to conduct these tests. The tests here are a subset of the | |
26 | # ones found in 25-test_verify.t | |
27 | ||
28 | sub verify { | |
29 | my ($cert, $purpose, $trustedpath, $untrusted, @opts) = @_; | |
30 | my @args = qw(openssl verify -auth_level 1 -purpose); | |
31 | my @path = qw(test certs); | |
32 | push(@args, "$purpose", @opts); | |
33 | push(@args, "-CApath", $trustedpath); | |
34 | for (@$untrusted) { push(@args, "-untrusted", srctop_file(@path, "$_.pem")) } | |
35 | push(@args, srctop_file(@path, "$cert.pem")); | |
36 | run(app([@args])); | |
37 | } | |
38 | ||
39 | plan tests => 3; | |
40 | ||
41 | indir "60-test_x509_store" => sub { | |
42 | for (("root-cert")) { | |
43 | copy(srctop_file("test", "certs", "$_.pem"), curdir()); | |
44 | } | |
45 | ok(run(app([qw(openssl rehash), curdir()])), "Rehashing"); | |
46 | ||
47 | # Canonical success | |
48 | ok(verify("ee-cert", "sslserver", curdir(), ["ca-cert"], "-show_chain"), | |
49 | "verify ee-cert"); | |
50 | ||
51 | # Failure because root cert not present in CApath | |
52 | ok(!verify("ca-root2", "any", curdir(), [], "-show_chain")); | |
53 | }, create => 1, cleanup => 1; |