25-test_verify.t: Add test case: accept trusted self-signed EE cert with key usage keyCertSign also when strict
Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15656)
This commit is contained in:
Dr. David von Oheimb
Dr. David von Oheimb
parent
80070e478a
commit
320fc032b9
19
test/certs/ee-ss-with-keyCertSign.pem
Normal file
19
test/certs/ee-ss-with-keyCertSign.pem
Normal file
@ -0,0 +1,19 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDEzCCAfugAwIBAgIBATANBgkqhkiG9w0BAQsFADAeMRwwGgYDVQQDDBNFRSB3
|
||||
aXRoIGtleUNlcnRTaWduMCAXDTIxMDYwODA5MzYyMFoYDzIxMjEwNjA5MDkzNjIw
|
||||
WjAeMRwwGgYDVQQDDBNFRSB3aXRoIGtleUNlcnRTaWduMIIBIjANBgkqhkiG9w0B
|
||||
AQEFAAOCAQ8AMIIBCgKCAQEAqP+JWGGFrt7bLA/Vc/vit6gbenVgK9R9PHN2ta7e
|
||||
ky9/JJBtyRz0ijjNn6KAFlbLtCy7k+UXH/8NxkP+MTT4KNh16aO7iILvo3LiU2IF
|
||||
RU3gMZfvqp0Q0lgNngaeMrsbCFZdZQ8/Zo7CNqAR/8BZNf1JHN0cQjMGeK4EOCPl
|
||||
53Vn05StWqlAH6xZEPUMwWStSsTGNVOzlmqCGxWL0Zmr5J5vlKrSluVX+4yRZIo8
|
||||
JBbG0hm+gmATO2Kw7T4ds8r5a98xuXqeS0dopynHP0riIie075Bj1+/Qckk+W625
|
||||
G9Qrb4Zo3dVzErhDydxBD6KjRk+LZ4iED2H+eTQfSokftwIDAQABo1owWDAJBgNV
|
||||
HRMEAjAAMAsGA1UdDwQEAwIChDAdBgNVHQ4EFgQU55viKq2KbDrLdlHljgeYIpfh
|
||||
c6IwHwYDVR0jBBgwFoAU55viKq2KbDrLdlHljgeYIpfhc6IwDQYJKoZIhvcNAQEL
|
||||
BQADggEBAJGmRJpl4aa34SRZPb02TMTYCU/ieL6wqNJ2qXHinJQtHRuvEIVVaW4c
|
||||
k3u/hNftu0ZtI2Y/dxQ2tybA4qP1ICkGU6VWAMJLSH83Fvz+6WsQB69zWNAwvVtz
|
||||
8BVggIEv13RdZbpn10h3lNeLejBGAzYbwLMWpsjYHSNsYC5aqpg+y7mgPyuRDjRR
|
||||
N26FdQjJEe9Px92h32dK6xxTS2LCiqHlimQCq+gRP/97rZLXNoyHLC6cfGCJpsEV
|
||||
fFAH44emO2ouODBrQqZRvn+SV7ubWTTeJwY/aK+Wdvu/w3mEwNNDCDqCfE6c6p9h
|
||||
zAk0no0/4w1o15ua7N+j/9q4iGJxx3k=
|
||||
-----END CERTIFICATE-----
|
||||
@ -28,7 +28,7 @@ sub verify {
|
||||
run(app([@args]));
|
||||
}
|
||||
|
||||
plan tests => 156;
|
||||
plan tests => 157;
|
||||
|
||||
# Canonical success
|
||||
ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"]),
|
||||
@ -412,6 +412,8 @@ ok(verify("root-cert-rsa2", "", ["root-cert-rsa2"], [], "-check_ss_sig"),
|
||||
|
||||
ok(verify("ee-self-signed", "", ["ee-self-signed"], [], "-attime", "1593565200"),
|
||||
"accept trusted self-signed EE cert excluding key usage keyCertSign");
|
||||
ok(verify("ee-ss-with-keyCertSign", "", ["ee-ss-with-keyCertSign"], []),
|
||||
"accept trusted self-signed EE cert with key usage keyCertSign also when strict");
|
||||
|
||||
SKIP: {
|
||||
skip "Ed25519 is not supported by this OpenSSL build", 6
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user