]>
git.ipfire.org Git - thirdparty/openssl.git/blob - test/recipes/25-test_req.t
2 # Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
4 # Licensed under the Apache License 2.0 (the "License"). You may not use
5 # this file except in compliance with the License. You can obtain a copy
6 # in the file LICENSE in the source distribution or at
7 # https://www.openssl.org/source/license.html
13 use OpenSSL
::Test
::Utils
;
14 use OpenSSL
::Test qw
/:DEFAULT srctop_file/;
20 require_ok
(srctop_file
('test','recipes','tconversion.pl'));
22 open RND
, ">>", ".rnd";
23 print RND
"string to make the random number generator think it has randomness";
26 # What type of key to generate?
28 if (disabled
("rsa")) {
29 @req_new = ("-newkey", "dsa:".srctop_file
("apps", "dsa512.pem"));
32 note
("There should be a 2 sequences of .'s and some +'s.");
33 note
("There should not be more that at most 80 per line");
36 # Check for duplicate -addext parameters, and one "working" case.
37 my @addext_args = ( "openssl", "req", "-new", "-out", "testreq.pem",
38 "-config", srctop_file
("test", "test.cnf"), @req_new );
39 my $val = "subjectAltName=DNS:example.com";
40 my $val2 = " " . $val;
43 ok
( run
(app
([@addext_args, "-addext", $val])));
44 ok
(!run
(app
([@addext_args, "-addext", $val, "-addext", $val])));
45 ok
(!run
(app
([@addext_args, "-addext", $val, "-addext", $val2])));
46 ok
(!run
(app
([@addext_args, "-addext", $val, "-addext", $val3])));
47 ok
(!run
(app
([@addext_args, "-addext", $val2, "-addext", $val3])));
49 subtest
"generating certificate requests" => sub {
52 ok
(run
(app
(["openssl", "req", "-config", srctop_file
("test", "test.cnf"),
53 @req_new, "-out", "testreq.pem"])),
54 "Generating request");
56 ok
(run
(app
(["openssl", "req", "-config", srctop_file
("test", "test.cnf"),
57 "-verify", "-in", "testreq.pem", "-noout"])),
58 "Verifying signature on request");
61 subtest
"generating SM2 certificate requests" => sub {
65 skip
"SM2 is not supported by this OpenSSL build", 4
67 ok
(run
(app
(["openssl", "req", "-config", srctop_file
("test", "test.cnf"),
68 "-new", "-key", srctop_file
("test", "certs", "sm2.key"),
69 "-sigopt", "sm2_id:1234567812345678",
70 "-out", "testreq.pem", "-sm3"])),
71 "Generating SM2 certificate request");
73 ok
(run
(app
(["openssl", "req", "-config", srctop_file
("test", "test.cnf"),
74 "-verify", "-in", "testreq.pem", "-noout",
75 "-sm2-id", "1234567812345678", "-sm3"])),
76 "Verifying signature on SM2 certificate request");
78 ok
(run
(app
(["openssl", "req", "-config", srctop_file
("test", "test.cnf"),
79 "-new", "-key", srctop_file
("test", "certs", "sm2.key"),
80 "-sigopt", "sm2_hex_id:DEADBEEF",
81 "-out", "testreq.pem", "-sm3"])),
82 "Generating SM2 certificate request with hex id");
84 ok
(run
(app
(["openssl", "req", "-config", srctop_file
("test", "test.cnf"),
85 "-verify", "-in", "testreq.pem", "-noout",
86 "-sm2-hex-id", "DEADBEEF", "-sm3"])),
87 "Verifying signature on SM2 certificate request");
91 my @openssl_args = ("req", "-config", srctop_file
("apps", "openssl.cnf"));
93 run_conversion
('req conversions',
95 run_conversion
('req conversions -- testreq2',
96 srctop_file
("test", "testreq2.pem"));
98 unlink "testkey.pem", "testreq.pem";
104 subtest
$title => sub {
105 run
(app
(["openssl", @openssl_args,
106 "-in", $reqfile, "-inform", "p",
108 stderr
=> "req-check.err", stdout
=> undef));
109 open DATA
, "req-check.err";
111 plan skip_all
=> "skipping req conversion test for $reqfile"
112 if grep /Unknown Public Key/, map { s/\R//; } <DATA
>;
114 tconversion
("req", $reqfile, @openssl_args);
117 unlink "req-check.err";