Halaman utama Jelajahi Bantuan
Masuk
SoftwareDesign
/
csu3_am335x
8
0
Fork 0
Berkas Masalah 0 Permintaan Tarik 0 Wiki
Cabang: master
Ranting Tag
csu3_am335x
/
EVSE
/
GPL
/
openssl-1.1.1n
/
test
/
recipes
/
25-test_req.t

25-test_req.t 7.4 KB
Permalink Riwayat Mentahan

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214 
  1. #! /usr/bin/env perl
    2. 

  2. # Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
    3. 

  3. #
    4. 

  4. # Licensed under the OpenSSL license (the "License").  You may not use
    5. 

  5. # this file except in compliance with the License.  You can obtain a copy
    6. 

  6. # in the file LICENSE in the source distribution or at
    7. 

  7. # https://www.openssl.org/source/license.html
    8. 

  8. 

  9. 

  10. use strict;
    11. 

  11. use warnings;
    12. 

  12. 

  13. use OpenSSL::Test::Utils;
    14. 

  14. use OpenSSL::Test qw/:DEFAULT srctop_file/;
    15. 

  15. 

  16. setup("test_req");
    17. 

  17. 

  18. plan tests => 14;
    19. 

  19. 

  20. require_ok(srctop_file('test','recipes','tconversion.pl'));
    21. 

  21. 

  22. open RND, ">>", ".rnd";
    23. 

  23. print RND "string to make the random number generator think it has randomness";
    24. 

  24. close RND;
    25. 

  25. 

  26. # What type of key to generate?
    27. 

  27. my @req_new;
    28. 

  28. if (disabled("rsa")) {
    29. 

  29.     @req_new = ("-newkey", "dsa:".srctop_file("apps", "dsa512.pem"));
    30. 

  30. } else {
    31. 

  31.     @req_new = ("-new");
    32. 

  32.     note("There should be a 2 sequences of .'s and some +'s.");
    33. 

  33.     note("There should not be more that at most 80 per line");
    34. 

  34. }
    35. 

  35. 

  36. # Check for duplicate -addext parameters, and one "working" case.
    37. 

  37. my @addext_args = ( "openssl", "req", "-new", "-out", "testreq.pem",
    38. 

  38.     "-config", srctop_file("test", "test.cnf"), @req_new );
    39. 

  39. my $val = "subjectAltName=DNS:example.com";
    40. 

  40. my $val2 = " " . $val;
    41. 

  41. my $val3 = $val;
    42. 

  42. $val3 =~ s/=/    =/;
    43. 

  43. ok( run(app([@addext_args, "-addext", $val])));
    44. 

  44. ok(!run(app([@addext_args, "-addext", $val, "-addext", $val])));
    45. 

  45. ok(!run(app([@addext_args, "-addext", $val, "-addext", $val2])));
    46. 

  46. ok(!run(app([@addext_args, "-addext", $val, "-addext", $val3])));
    47. 

  47. ok(!run(app([@addext_args, "-addext", $val2, "-addext", $val3])));
    48. 

  48. 

  49. subtest "generating certificate requests with RSA" => sub {
    50. 

  50.     plan tests => 6;
    51. 

  51. 

  52.     SKIP: {
    53. 

  53.         skip "RSA is not supported by this OpenSSL build", 2
    54. 

  54.             if disabled("rsa");
    55. 

  55. 

  56.         ok(run(app(["openssl", "req",
    57. 

  57.                     "-config", srctop_file("test", "test.cnf"),
    58. 

  58.                     "-new", "-out", "testreq.pem", "-utf8",
    59. 

  59.                     "-key", srctop_file("test", "testrsa.pem")])),
    60. 

  60.            "Generating request");
    61. 

  61. 

  62.         ok(run(app(["openssl", "req",
    63. 

  63.                     "-config", srctop_file("test", "test.cnf"),
    64. 

  64.                     "-verify", "-in", "testreq.pem", "-noout"])),
    65. 

  65.            "Verifying signature on request");
    66. 

  66. 

  67.         ok(run(app(["openssl", "req",
    68. 

  68.                     "-config", srctop_file("test", "test.cnf"),
    69. 

  69.                     "-new", "-out", "testreq_withattrs_pem.pem", "-utf8",
    70. 

  70.                     "-key", srctop_file("test", "testrsa_withattrs.pem")])),
    71. 

  71.            "Generating request from a key with extra attributes - PEM");
    72. 

  72. 

  73.         ok(run(app(["openssl", "req",
    74. 

  74.                     "-config", srctop_file("test", "test.cnf"),
    75. 

  75.                     "-verify", "-in", "testreq_withattrs_pem.pem", "-noout"])),
    76. 

  76.            "Verifying signature on request from a key with extra attributes - PEM");
    77. 

  77. 

  78.         ok(run(app(["openssl", "req",
    79. 

  79.                     "-config", srctop_file("test", "test.cnf"),
    80. 

  80.                     "-new", "-out", "testreq_withattrs_der.pem", "-utf8",
    81. 

  81.                     "-key", srctop_file("test", "testrsa_withattrs.der"),
    82. 

  82. 	            "-keyform", "DER"])),
    83. 

  83.            "Generating request from a key with extra attributes - PEM");
    84. 

  84. 

  85.         ok(run(app(["openssl", "req",
    86. 

  86.                     "-config", srctop_file("test", "test.cnf"),
    87. 

  87.                     "-verify", "-in", "testreq_withattrs_der.pem", "-noout"])),
    88. 

  88.            "Verifying signature on request from a key with extra attributes - PEM");
    89. 

  89.     }
    90. 

  90. };
    91. 

  91. 

  92. subtest "generating certificate requests with DSA" => sub {
    93. 

  93.     plan tests => 2;
    94. 

  94. 

  95.     SKIP: {
    96. 

  96.         skip "DSA is not supported by this OpenSSL build", 2
    97. 

  97.             if disabled("dsa");
    98. 

  98. 

  99.         ok(run(app(["openssl", "req",
    100. 

  100.                     "-config", srctop_file("test", "test.cnf"),
    101. 

  101.                     "-new", "-out", "testreq.pem", "-utf8",
    102. 

  102.                     "-key", srctop_file("test", "testdsa.pem")])),
    103. 

  103.            "Generating request");
    104. 

  104. 

  105.         ok(run(app(["openssl", "req",
    106. 

  106.                     "-config", srctop_file("test", "test.cnf"),
    107. 

  107.                     "-verify", "-in", "testreq.pem", "-noout"])),
    108. 

  108.            "Verifying signature on request");
    109. 

  109.     }
    110. 

  110. };
    111. 

  111. 

  112. subtest "generating certificate requests with ECDSA" => sub {
    113. 

  113.     plan tests => 2;
    114. 

  114. 

  115.     SKIP: {
    116. 

  116.         skip "ECDSA is not supported by this OpenSSL build", 2
    117. 

  117.             if disabled("ec");
    118. 

  118. 

  119.         ok(run(app(["openssl", "req",
    120. 

  120.                     "-config", srctop_file("test", "test.cnf"),
    121. 

  121.                     "-new", "-out", "testreq.pem", "-utf8",
    122. 

  122.                     "-key", srctop_file("test", "testec-p256.pem")])),
    123. 

  123.            "Generating request");
    124. 

  124. 

  125.         ok(run(app(["openssl", "req",
    126. 

  126.                     "-config", srctop_file("test", "test.cnf"),
    127. 

  127.                     "-verify", "-in", "testreq.pem", "-noout"])),
    128. 

  128.            "Verifying signature on request");
    129. 

  129.     }
    130. 

  130. };
    131. 

  131. 

  132. subtest "generating certificate requests with Ed25519" => sub {
    133. 

  133.     plan tests => 2;
    134. 

  134. 

  135.     SKIP: {
    136. 

  136.         skip "Ed25519 is not supported by this OpenSSL build", 2
    137. 

  137.             if disabled("ec");
    138. 

  138. 

  139.         ok(run(app(["openssl", "req",
    140. 

  140.                     "-config", srctop_file("test", "test.cnf"),
    141. 

  141.                     "-new", "-out", "testreq.pem", "-utf8",
    142. 

  142.                     "-key", srctop_file("test", "tested25519.pem")])),
    143. 

  143.            "Generating request");
    144. 

  144. 

  145.         ok(run(app(["openssl", "req",
    146. 

  146.                     "-config", srctop_file("test", "test.cnf"),
    147. 

  147.                     "-verify", "-in", "testreq.pem", "-noout"])),
    148. 

  148.            "Verifying signature on request");
    149. 

  149.     }
    150. 

  150. };
    151. 

  151. 

  152. subtest "generating certificate requests with Ed448" => sub {
    153. 

  153.     plan tests => 2;
    154. 

  154. 

  155.     SKIP: {
    156. 

  156.         skip "Ed448 is not supported by this OpenSSL build", 2
    157. 

  157.             if disabled("ec");
    158. 

  158. 

  159.         ok(run(app(["openssl", "req",
    160. 

  160.                     "-config", srctop_file("test", "test.cnf"),
    161. 

  161.                     "-new", "-out", "testreq.pem", "-utf8",
    162. 

  162.                     "-key", srctop_file("test", "tested448.pem")])),
    163. 

  163.            "Generating request");
    164. 

  164. 

  165.         ok(run(app(["openssl", "req",
    166. 

  166.                     "-config", srctop_file("test", "test.cnf"),
    167. 

  167.                     "-verify", "-in", "testreq.pem", "-noout"])),
    168. 

  168.            "Verifying signature on request");
    169. 

  169.     }
    170. 

  170. };
    171. 

  171. 

  172. subtest "generating certificate requests" => sub {
    173. 

  173.     plan tests => 2;
    174. 

  174. 

  175.     ok(run(app(["openssl", "req", "-config", srctop_file("test", "test.cnf"),
    176. 

  176.                 @req_new, "-out", "testreq.pem"])),
    177. 

  177.        "Generating request");
    178. 

  178. 

  179.     ok(run(app(["openssl", "req", "-config", srctop_file("test", "test.cnf"),
    180. 

  180.                 "-verify", "-in", "testreq.pem", "-noout"])),
    181. 

  181.        "Verifying signature on request");
    182. 

  182. };
    183. 

  183. 

  184. my @openssl_args = ("req", "-config", srctop_file("apps", "openssl.cnf"));
    185. 

  185. 

  186. run_conversion('req conversions',
    187. 

  187.                "testreq.pem");
    188. 

  188. run_conversion('req conversions -- testreq2',
    189. 

  189.                srctop_file("test", "testreq2.pem"));
    190. 

  190. 

  191. unlink "testkey.pem", "testreq.pem", "testreq_withattrs_pem.pem", "testreq_withattrs_der.pem";
    192. 

  192. 

  193. sub run_conversion {
    194. 

  194.     my $title = shift;
    195. 

  195.     my $reqfile = shift;
    196. 

  196. 

  197.     subtest $title => sub {
    198. 

  198.         run(app(["openssl", @openssl_args,
    199. 

  199.                  "-in", $reqfile, "-inform", "p",
    200. 

  200.                  "-noout", "-text"],
    201. 

  201.                 stderr => "req-check.err", stdout => undef));
    202. 

  202.         open DATA, "req-check.err";
    203. 

  203.         SKIP: {
    204. 

  204.             plan skip_all => "skipping req conversion test for $reqfile"
    205. 

  205.                 if grep /Unknown Public Key/, map { s/\R//; } <DATA>;
    206. 

  206. 

  207.             tconversion("req", $reqfile, @openssl_args);
    208. 

  208.         }
    209. 

  209.         close DATA;
    210. 

  210.         unlink "req-check.err";
    211. 

  211. 

  212.         done_testing();
    213. 

  213.     };
    214. 

  214. }
    215.