From 40c55b5aa41f907acb17b2825bd6c8cdae5e2123 Mon Sep 17 00:00:00 2001 From: "Jonathan M. Wilbur" Date: Fri, 13 Dec 2024 07:00:58 +0000 Subject: [PATCH] test: allowedAttributeAssignments X.509v3 extension Reviewed-by: Neil Horman Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/26163) --- test/certs/ext-allowedAttributeAssignments.pem | 12 ++++++++++++ test/recipes/25-test_x509.t | 9 ++++++++- 2 files changed, 20 insertions(+), 1 deletion(-) create mode 100644 test/certs/ext-allowedAttributeAssignments.pem diff --git a/test/certs/ext-allowedAttributeAssignments.pem b/test/certs/ext-allowedAttributeAssignments.pem new file mode 100644 index 0000000000..e5d95d1130 --- /dev/null +++ b/test/certs/ext-allowedAttributeAssignments.pem @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIBtzCCAaOgAwIBAgIDAQIDMAsGCSqGSIb3DQEBBTAAMCIYDzIwMjEwODMxMDIz +NDU4WhgPMjAyMTA4MzEwMjM0NThaMAAwggEgMAsGCSqGSIb3DQEBAQOCAQ8AMIIB +CgKCAQEAtnjLm1ts1hC4fNNt3UnQD9y73bDXgioTyWYSI3ca/KNfuTydjFTEYAmq +nuGrBOUfgbmH3PRQ0AmpqljgWTb3d3K8H4UFvDWQTPSS21IMjm8oqd19nE5GxWir +Gu0oDRzhWLHe1RZ7ZrohCPg/1Ocsy47QZuK2laFB0rEmrRWBmEYbDl3/wxf5XfqI +qpOynJB02thXrTCcTM7Rz1FqCFt/ZVZB5hKY2S+CTdE9OIVKlr4WHMfuvUYeOj06 +GkwLFJHNv2tU+tovI3mYRxUuY4UupkS3MC+Otey7XKm1P+INjWWoegm6iCAt3Vus +pVz+6pU2xgl3nrAVMQHB4fReQPH0pQIDAQABoz4wPDA6BgNVHUMEMzExMC+gBYAD +VQQDoSaBJGpvbmF0aGFuLndpbGJ1ckB3aWxkYm9hcnNvZnR3YXJlLmNvbTALBgkq +hkiG9w0BAQUDAQA= +-----END CERTIFICATE----- diff --git a/test/recipes/25-test_x509.t b/test/recipes/25-test_x509.t index 0687c81ca9..7117e3381e 100644 --- a/test/recipes/25-test_x509.t +++ b/test/recipes/25-test_x509.t @@ -16,7 +16,7 @@ use OpenSSL::Test qw/:DEFAULT srctop_file/; setup("test_x509"); -plan tests => 124; +plan tests => 126; # Prevent MSys2 filename munging for arguments that look like file paths but # aren't @@ -400,6 +400,13 @@ cert_contains($attr_map_cert, cert_contains($attr_map_cert, "commonName:asdf == localityName:03:3E", 1, 'X.509 Attribute Mappings'); +my $aaa_cert = srctop_file(@certs, "ext-allowedAttributeAssignments.pem"); +cert_contains($aaa_cert, + "Attribute Type: commonName", + 1, 'X.509 Allowed Attribute Assignments'); +cert_contains($aaa_cert, + "Holder Domain: email:jonathan.wilbur", + 1, 'X.509 Allowed Attribute Assignments'); sub test_errors { # actually tests diagnostics of OSSL_STORE my ($expected, $cert, @opts) = @_;