From 1e307e65ba8f7fda0c1f58c23f25de5ca8d7f195 Mon Sep 17 00:00:00 2001 From: "Jonathan M. Wilbur" Date: Thu, 12 Dec 2024 02:14:41 +0000 Subject: [PATCH] test: the attributeMappings X.509v3 extension Reviewed-by: Tomas Mraz Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/26157) --- test/certs/ext-attributeMappings.pem | 12 ++++++++++++ test/recipes/25-test_x509.t | 12 +++++++++++- 2 files changed, 23 insertions(+), 1 deletion(-) create mode 100644 test/certs/ext-attributeMappings.pem diff --git a/test/certs/ext-attributeMappings.pem b/test/certs/ext-attributeMappings.pem new file mode 100644 index 0000000000..4067c18ca2 --- /dev/null +++ b/test/certs/ext-attributeMappings.pem @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIB1TCCAb+gAwIBAgIEDCI4TjANBgkqhkiG9w0BAQUFADARMQ8wDQYDVQQDDAZI +aSBtb20wIhgPMjAyMjEyMTIxOTM3MDhaGA8yMDIyMTIxMjE5MzcwOFowETEPMA0G +A1UEAwwGSGkgbW9tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnjL +m1ts1hC4fNNt3UnQD9y73bDXgioTyWYSI3ca/KNfuTydjFTEYAmqnuGrBOUfgbmH +3PRQ0AmpqljgWTb3d3K8H4UFvDWQTPSS21IMjm8oqd19nE5GxWirGu0oDRzhWLHe +1RZ7ZrohCPg/1Ocsy47QZuK2laFB0rEmrRWBmEYbDl3/wxf5XfqIqpOynJB02thX +rTCcTM7Rz1FqCFt/ZVZB5hKY2S+CTdE9OIVKlr4WHMfuvUYeOj06GkwLFJHNv2tU ++tovI3mYRxUuY4UupkS3MC+Otey7XKm1P+INjWWoegm6iCAt3VuspVz+6pU2xgl3 +nrAVMQHB4fReQPH0pQIDAQABozMwMTAvBgNVHUQEKDEmoAqAA1UEA4EDVQQHoRig +CwYDVQQDDARhc2RmoQkGA1UEBwICAz4wDQYJKoZIhvcNAQEFBQADAQA= +-----END CERTIFICATE----- diff --git a/test/recipes/25-test_x509.t b/test/recipes/25-test_x509.t index d07abbad1d..0687c81ca9 100644 --- a/test/recipes/25-test_x509.t +++ b/test/recipes/25-test_x509.t @@ -16,7 +16,7 @@ use OpenSSL::Test qw/:DEFAULT srctop_file/; setup("test_x509"); -plan tests => 122; +plan tests => 124; # Prevent MSys2 filename munging for arguments that look like file paths but # aren't @@ -391,6 +391,16 @@ cert_contains($time_spec_per_cert, "Years: 2023, 2024", 1, 'X.509 Time Specification (Periodic)'); +my $attr_map_cert = srctop_file(@certs, "ext-attributeMappings.pem"); +cert_contains($attr_map_cert, + "commonName == localityName", + 1, 'X.509 Attribute Mappings'); +# localityName has an INTEGER value here, which was intentional to test the +# display of non-string values. +cert_contains($attr_map_cert, + "commonName:asdf == localityName:03:3E", + 1, 'X.509 Attribute Mappings'); + sub test_errors { # actually tests diagnostics of OSSL_STORE my ($expected, $cert, @opts) = @_; my $infile = srctop_file(@certs, $cert);