]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 80070e4)
25-test_verify.t: Add test case: accept trusted self-signed EE cert with key usage...
authorDr. David von Oheimb <David.von.Oheimb@siemens.com>
Tue, 8 Jun 2021 09:54:20 +0000 (11:54 +0200)
committerDr. David von Oheimb <dev@ddvo.net>
Wed, 9 Jun 2021 14:06:10 +0000 (16:06 +0200)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15656)

test/certs/ee-ss-with-keyCertSign.pem [new file with mode: 0644] patch | blob
test/recipes/25-test_verify.t patch | blob | blame | history

diff --git a/test/certs/ee-ss-with-keyCertSign.pem b/test/certs/ee-ss-with-keyCertSign.pem
new file mode 100644 (file)
index 0000000..a2f3bbe
--- /dev/null
+++ b/test/certs/ee-ss-with-keyCertSign.pem
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDEzCCAfugAwIBAgIBATANBgkqhkiG9w0BAQsFADAeMRwwGgYDVQQDDBNFRSB3
+aXRoIGtleUNlcnRTaWduMCAXDTIxMDYwODA5MzYyMFoYDzIxMjEwNjA5MDkzNjIw
+WjAeMRwwGgYDVQQDDBNFRSB3aXRoIGtleUNlcnRTaWduMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAqP+JWGGFrt7bLA/Vc/vit6gbenVgK9R9PHN2ta7e
+ky9/JJBtyRz0ijjNn6KAFlbLtCy7k+UXH/8NxkP+MTT4KNh16aO7iILvo3LiU2IF
+RU3gMZfvqp0Q0lgNngaeMrsbCFZdZQ8/Zo7CNqAR/8BZNf1JHN0cQjMGeK4EOCPl
+53Vn05StWqlAH6xZEPUMwWStSsTGNVOzlmqCGxWL0Zmr5J5vlKrSluVX+4yRZIo8
+JBbG0hm+gmATO2Kw7T4ds8r5a98xuXqeS0dopynHP0riIie075Bj1+/Qckk+W625
+G9Qrb4Zo3dVzErhDydxBD6KjRk+LZ4iED2H+eTQfSokftwIDAQABo1owWDAJBgNV
+HRMEAjAAMAsGA1UdDwQEAwIChDAdBgNVHQ4EFgQU55viKq2KbDrLdlHljgeYIpfh
+c6IwHwYDVR0jBBgwFoAU55viKq2KbDrLdlHljgeYIpfhc6IwDQYJKoZIhvcNAQEL
+BQADggEBAJGmRJpl4aa34SRZPb02TMTYCU/ieL6wqNJ2qXHinJQtHRuvEIVVaW4c
+k3u/hNftu0ZtI2Y/dxQ2tybA4qP1ICkGU6VWAMJLSH83Fvz+6WsQB69zWNAwvVtz
+8BVggIEv13RdZbpn10h3lNeLejBGAzYbwLMWpsjYHSNsYC5aqpg+y7mgPyuRDjRR
+N26FdQjJEe9Px92h32dK6xxTS2LCiqHlimQCq+gRP/97rZLXNoyHLC6cfGCJpsEV
+fFAH44emO2ouODBrQqZRvn+SV7ubWTTeJwY/aK+Wdvu/w3mEwNNDCDqCfE6c6p9h
+zAk0no0/4w1o15ua7N+j/9q4iGJxx3k=
+-----END CERTIFICATE-----
diff --git a/test/recipes/25-test_verify.t b/test/recipes/25-test_verify.t
index d42e685259ab8b785771316d9d82ad38c9f84376..269b2ba4aa19c8e0c0d6af9b9dfa5ba6339a7014 100644 (file)
--- a/test/recipes/25-test_verify.t
+++ b/test/recipes/25-test_verify.t
@@ -28,7 +28,7 @@ sub verify {
     run(app([@args]));
 }
 
-plan tests => 156;
+plan tests => 157;
 
 # Canonical success
 ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"]),
@@ -412,6 +412,8 @@ ok(verify("root-cert-rsa2", "", ["root-cert-rsa2"], [], "-check_ss_sig"),
 
 ok(verify("ee-self-signed", "", ["ee-self-signed"], [], "-attime", "1593565200"),
    "accept trusted self-signed EE cert excluding key usage keyCertSign");
+ok(verify("ee-ss-with-keyCertSign", "", ["ee-ss-with-keyCertSign"], []),
+   "accept trusted self-signed EE cert with key usage keyCertSign also when strict");
 
 SKIP: {
     skip "Ed25519 is not supported by this OpenSSL build", 6
Mirror of https://github.com/openssl/openssl.git