diff options
| author | Rich Salz <rsalz@akamai.com> | 2020-03-04 14:41:53 -0500 |
|---|---|---|
| committer | Dmitry Belyavskiy <beldmit@gmail.com> | 2020-03-07 12:58:02 +0300 |
| commit | d462b5ff21e9fcdef98447c8f8d8c694b1e79602 (patch) | |
| tree | 8f7758c550167372258e36458adb1f913aca3417 /test | |
| parent | 6bd4e3f231d74578b97821d981d42583fec5c2f3 (diff) | |
| download | openssl-new-d462b5ff21e9fcdef98447c8f8d8c694b1e79602.tar.gz | |
Add -section option to 'req' command
This removes "req" as the hardwired section for the req command.
Doing this will let us merge some test configs.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/11249)
Diffstat (limited to 'test')
| -rw-r--r-- | test/recipes/25-test_req.t | 30 | ||||
| -rw-r--r-- | test/test.cnf | 35 |
2 files changed, 43 insertions, 22 deletions
diff --git a/test/recipes/25-test_req.t b/test/recipes/25-test_req.t index 1a6efa8be2..662109c896 100644 --- a/test/recipes/25-test_req.t +++ b/test/recipes/25-test_req.t @@ -15,7 +15,7 @@ use OpenSSL::Test qw/:DEFAULT srctop_file/; setup("test_req"); -plan tests => 15; +plan tests => 16; require_ok(srctop_file('test','recipes','tconversion.pl')); @@ -42,6 +42,34 @@ ok(!run(app([@addext_args, "-addext", $val, "-addext", $val2]))); ok(!run(app([@addext_args, "-addext", $val, "-addext", $val3]))); ok(!run(app([@addext_args, "-addext", $val2, "-addext", $val3]))); +subtest "generating alt certificate requests with RSA" => sub { + plan tests => 3; + + SKIP: { + skip "RSA is not supported by this OpenSSL build", 2 + if disabled("rsa"); + + ok(run(app(["openssl", "req", + "-config", srctop_file("test", "test.cnf"), + "-section", "altreq", + "-new", "-out", "testreq-rsa.pem", "-utf8", + "-key", srctop_file("test", "testrsa.pem")])), + "Generating request"); + + ok(run(app(["openssl", "req", + "-config", srctop_file("test", "test.cnf"), + "-verify", "-in", "testreq-rsa.pem", "-noout"])), + "Verifying signature on request"); + + ok(run(app(["openssl", "req", + "-config", srctop_file("test", "test.cnf"), + "-section", "altreq", + "-verify", "-in", "testreq-rsa.pem", "-noout"])), + "Verifying signature on request"); + } +}; + + subtest "generating certificate requests with RSA" => sub { plan tests => 2; diff --git a/test/test.cnf b/test/test.cnf index 1e2fa31cce..a686c3d8bd 100644 --- a/test/test.cnf +++ b/test/test.cnf @@ -1,7 +1,3 @@ -# -# SSLeay example configuration file. -# This is mostly being used for generation of certificate requests. -# #################################################################### [ ca ] @@ -58,28 +54,25 @@ default_keyfile = testkey.pem distinguished_name = req_distinguished_name encrypt_rsa_key = no +# Make altreq be identical to req +[ altreq ] +default_bits = 2048 +default_keyfile = testkey.pem +distinguished_name = req_distinguished_name +encrypt_rsa_key = no + [ req_distinguished_name ] -countryName = Country Name (2 letter code) -countryName_default = AU +countryName = C field countryName_value = AU - -stateOrProvinceName = State or Province Name (full name) -stateOrProvinceName_default = Queensland +stateOrProvinceName = SP field stateOrProvinceName_value = - -localityName = Locality Name (eg, city) +localityName = L field localityName_value = Brisbane - -organizationName = Organization Name (eg, company) -organizationName_default = +organizationName = O field organizationName_value = CryptSoft Pty Ltd - -organizationalUnitName = Organizational Unit Name (eg, section) -organizationalUnitName_default = +organizationalUnitName = OU field organizationalUnitName_value = . - -commonName = Common Name (eg, YOUR name) +commonName = CN field commonName_value = Eric Young - -emailAddress = Email Address +emailAddress = email field emailAddress_value = eay@mincom.oz.au |