25-test_req.t - OpenGrok cross reference for /freebsd/crypto/openssl/test/recipes/25-test

Lines Matching refs:cert
390     my $cert = shift @_;
391     my $ss = $cert =~ m/self-signed/;
392     my $is_ca = $cert =~ m/CA/;
397                "-subj", "/CN=$cn", @_, "-out", $cert);
400     ok(run(app([@cmd])), "generate $cert");
403     my $cert = shift @_;
405     cert_contains($cert, "Subject Key Identifier", $expect);
408     my $cert = shift @_;
410     cert_contains($cert, "Authority Key Identifier", $expect);
413     my $cert = shift @_;
415     cert_contains($cert, "Key Usage", $expect);
418     my $cert = shift @_;
421     $trusted = $cert unless $trusted;
423                 "-partial_chain", $cert])) == $expect,
424        "strict verify allow $cert");
430 my $cert = "self-signed_v1_CA_no_KIDs.pem";
431 generate_cert($cert);
432 cert_ext_has_n_different_lines($cert, 0, $SKID_AKID); # no SKID and no AKID
433 #TODO strict_verify($cert, 1); # self-signed v1 root cert should be accepted as CA
441 $cert = "self-signed_v3_CA_no_SKID.pem";
442 generate_cert($cert, @v3_ca, "-addext", "subjectKeyIdentifier = none");
443 cert_ext_has_n_different_lines($cert, 0, $SKID_AKID); # no SKID and no AKID
444 #TODO strict_verify($cert, 0);
446 $cert = "self-signed_v3_CA_both_KIDs.pem";
447 generate_cert($cert, @v3_ca, "-addext", "subjectKeyIdentifier = hash",
449 cert_ext_has_n_different_lines($cert, 3, $SKID_AKID); # SKID == AKID
450 strict_verify($cert, 1);
452 $cert = "self-signed_v3_EE_wrong_keyUsage.pem";
453 generate_cert($cert, "-addext", "keyUsage = keyCertSign");
454 #TODO strict_verify($cert, 1); # should be accepted because RFC 5280 does not apply
456 $cert = "v3_EE_default_KIDs.pem";
457 generate_cert($cert, "-addext", "keyUsage = dataEncipherment",
459 cert_ext_has_n_different_lines($cert, 4, $SKID_AKID); # SKID != AKID
460 strict_verify($cert, 1, $ca_cert);
462 $cert = "v3_EE_no_AKID.pem";
463 generate_cert($cert, "-addext", "authorityKeyIdentifier = none",
465 has_SKID($cert, 1);
466 has_AKID($cert, 0);
467 strict_verify($cert, 0, $ca_cert);
469 $cert = "self-issued_v3_EE_default_KIDs.pem";
470 generate_cert($cert, "-addext", "keyUsage = dataEncipherment",
472 cert_ext_has_n_different_lines($cert, 4, $SKID_AKID); # SKID != AKID
473 strict_verify($cert, 1);
475 my $cert = "self-signed_CA_no_keyUsage.pem";
476 generate_cert($cert, "-in", srctop_file(@certs, "ext-check.csr"));
477 has_keyUsage($cert, 0);
478 my $cert = "self-signed_CA_with_keyUsages.pem";
479 generate_cert($cert, "-in", srctop_file(@certs, "ext-check.csr"),
481 has_keyUsage($cert, 1);
483 # Generate cert using req with '-modulus'
487             "-out", "testreq-cert.pem",
488             "-modulus"])), "cert req creation - with -modulus");
490 # Verify cert
491 ok(run(app(["openssl", "x509", "-in", "testreq-cert.pem",
492             "-noout", "-text"])), "cert verification");