From: Matt Caswell Date: Tue, 6 Jul 2021 10:31:28 +0000 (+0100) Subject: Add a PKCS12 test to check with one input cert we get one output cert X-Git-Tag: openssl-3.0.0-beta2~94 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=35258435ddc9a1afe7da0a1de78607bd3cbf837a;p=thirdparty%2Fopenssl.git Add a PKCS12 test to check with one input cert we get one output cert Following on from the regression in issue #15983, add a test that with one input cert, we get one cert in the pkcs12 file, and that it has the expected friendlyName. Reviewed-by: David von Oheimb Reviewed-by: Tim Hudson Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/16001) --- diff --git a/test/recipes/80-test_pkcs12.t b/test/recipes/80-test_pkcs12.t index 52c70cb0f77..1f0cb4d5014 100644 --- a/test/recipes/80-test_pkcs12.t +++ b/test/recipes/80-test_pkcs12.t @@ -54,7 +54,7 @@ if (eval { require Win32::API; 1; }) { } $ENV{OPENSSL_WIN32_UTF8}=1; -plan tests => 10; +plan tests => 13; # Test different PKCS#12 formats ok(run(test(["pkcs12_format_test"])), "test pkcs12 formats"); @@ -79,6 +79,7 @@ my $outfile1 = "out1.p12"; my $outfile2 = "out2.p12"; my $outfile3 = "out3.p12"; my $outfile4 = "out4.p12"; +my $outfile5 = "out5.p12"; # Test the -chain option with -untrusted ok(run(app(["openssl", "pkcs12", "-export", "-chain", @@ -133,5 +134,18 @@ ok(run(app(["openssl", "pkcs12", "-nomacver", "-nodes"])), "test_import_pkcs12_cert_key_cert"); +ok(run(app(["openssl", "pkcs12", "-export", "-out", $outfile5, + "-in", srctop_file(@path, "ee-cert.pem"), "-caname", "testname", + "-nokeys", "-passout", "pass:", "-certpbe", "NONE"])), + "test nokeys single cert"); + +my @pkcs12info = run(app(["openssl", "pkcs12", "-info", "-in", $outfile5, + "-passin", "pass:"]), capture => 1); + +# Test that with one input certificate, we get one output certificate +ok(grep(/subject=CN = server.example/, @pkcs12info) == 1, + "test one cert in output"); +# Test that the expected friendly name is present in the output +ok(grep(/testname/, @pkcs12info) == 1, "test friendly name in output"); SetConsoleOutputCP($savedcp) if (defined($savedcp));