diff options
author | Mathieu Tortuyaux <mathieu.tortuyaux@gmail.com> | 2023-09-22 22:09:33 +0200 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-10-02 12:46:24 +0200 |
commit | fd27a7e4f829e6a9b0d240efcabc39a971b8f511 (patch) | |
tree | 6e610453f27549f4a75c397c590a7e84785eada7 /test/certs | |
parent | de4aa81faaaddcacf0608166406d07bcd641e92b (diff) |
test: add verify test for EC cert signed with SHA3
Signed-off-by: Mathieu Tortuyaux <mathieu.tortuyaux@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22147)
Diffstat (limited to 'test/certs')
-rw-r--r-- | test/certs/ee-cert-ec-sha3-224.pem | 10 | ||||
-rw-r--r-- | test/certs/ee-cert-ec-sha3-256.pem | 10 | ||||
-rw-r--r-- | test/certs/ee-cert-ec-sha3-384.pem | 10 | ||||
-rw-r--r-- | test/certs/ee-cert-ec-sha3-512.pem | 10 | ||||
-rwxr-xr-x | test/certs/setup.sh | 6 |
5 files changed, 46 insertions, 0 deletions
diff --git a/test/certs/ee-cert-ec-sha3-224.pem b/test/certs/ee-cert-ec-sha3-224.pem new file mode 100644 index 0000000000..047517d025 --- /dev/null +++ b/test/certs/ee-cert-ec-sha3-224.pem @@ -0,0 +1,10 @@ +-----BEGIN CERTIFICATE----- +MIIBezCCASCgAwIBAgIBAjALBglghkgBZQMEAwkwDTELMAkGA1UEAwwCQ0EwIBcN +MjMwOTI4MDk1NjI1WhgPMjEyMzA5MjkwOTU2MjVaMBkxFzAVBgNVBAMMDnNlcnZl +ci5leGFtcGxlMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEtGFOe/kRUVsa/365 +y/rzmJGN4fa6Cp78QhtO8CubXrxGLUnSs9CrB7wwQ2rcNa9yTb/ptqeeP9wKhTwG +d+W9D6NiMGAwHQYDVR0OBBYEFMqcqbma1JdARJm7oXyaaN0BTSL1MB8GA1UdIwQY +MBaAFGOKBTlETPwvB/WIPqYAtWGwchqeMAkGA1UdEwQCMAAwEwYDVR0lBAwwCgYI +KwYBBQUHAwEwCwYJYIZIAWUDBAMJA0gAMEUCIG/6DFqC+WzrYaZzZ4RbsZNNtb1Z +MwN3GXj+S8LM4c83AiEA3V5/mXHWaDi2JfjycScqnDC++awvc26rMa9vk9ZwVYM= +-----END CERTIFICATE----- diff --git a/test/certs/ee-cert-ec-sha3-256.pem b/test/certs/ee-cert-ec-sha3-256.pem new file mode 100644 index 0000000000..2112ba15ce --- /dev/null +++ b/test/certs/ee-cert-ec-sha3-256.pem @@ -0,0 +1,10 @@ +-----BEGIN CERTIFICATE----- +MIIBejCCASCgAwIBAgIBAjALBglghkgBZQMEAwowDTELMAkGA1UEAwwCQ0EwIBcN +MjMwOTI4MDk1NjI1WhgPMjEyMzA5MjkwOTU2MjVaMBkxFzAVBgNVBAMMDnNlcnZl +ci5leGFtcGxlMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEtGFOe/kRUVsa/365 +y/rzmJGN4fa6Cp78QhtO8CubXrxGLUnSs9CrB7wwQ2rcNa9yTb/ptqeeP9wKhTwG +d+W9D6NiMGAwHQYDVR0OBBYEFMqcqbma1JdARJm7oXyaaN0BTSL1MB8GA1UdIwQY +MBaAFGOKBTlETPwvB/WIPqYAtWGwchqeMAkGA1UdEwQCMAAwEwYDVR0lBAwwCgYI +KwYBBQUHAwEwCwYJYIZIAWUDBAMKA0cAMEQCIFToMNgLf3+sW1oHDhDrCQWpIzLE +PgAdgDdtbBO7OerTAiB3vkCvu/Vs8v/6Ys/OQOsHbX0tT5NUMWZfP3X8CYUfmA== +-----END CERTIFICATE----- diff --git a/test/certs/ee-cert-ec-sha3-384.pem b/test/certs/ee-cert-ec-sha3-384.pem new file mode 100644 index 0000000000..0397280f29 --- /dev/null +++ b/test/certs/ee-cert-ec-sha3-384.pem @@ -0,0 +1,10 @@ +-----BEGIN CERTIFICATE----- +MIIBezCCASCgAwIBAgIBAjALBglghkgBZQMEAwswDTELMAkGA1UEAwwCQ0EwIBcN +MjMwOTI1MTU0NTIxWhgPMjEyMzA5MjYxNTQ1MjFaMBkxFzAVBgNVBAMMDnNlcnZl +ci5leGFtcGxlMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEtGFOe/kRUVsa/365 +y/rzmJGN4fa6Cp78QhtO8CubXrxGLUnSs9CrB7wwQ2rcNa9yTb/ptqeeP9wKhTwG +d+W9D6NiMGAwHQYDVR0OBBYEFMqcqbma1JdARJm7oXyaaN0BTSL1MB8GA1UdIwQY +MBaAFGOKBTlETPwvB/WIPqYAtWGwchqeMAkGA1UdEwQCMAAwEwYDVR0lBAwwCgYI +KwYBBQUHAwEwCwYJYIZIAWUDBAMLA0gAMEUCIGq8RYriO3scZLij8fglpZOZdZRZ +DfzsopaAvzQrwcS9AiEA0JDYvat1hiygjXUxZmWPD2cDrxogvCSsoi3QW7YtP/o= +-----END CERTIFICATE----- diff --git a/test/certs/ee-cert-ec-sha3-512.pem b/test/certs/ee-cert-ec-sha3-512.pem new file mode 100644 index 0000000000..f528f8fd95 --- /dev/null +++ b/test/certs/ee-cert-ec-sha3-512.pem @@ -0,0 +1,10 @@ +-----BEGIN CERTIFICATE----- +MIIBezCCASCgAwIBAgIBAjALBglghkgBZQMEAwwwDTELMAkGA1UEAwwCQ0EwIBcN +MjMwOTI4MDk1NjQyWhgPMjEyMzA5MjkwOTU2NDJaMBkxFzAVBgNVBAMMDnNlcnZl +ci5leGFtcGxlMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEtGFOe/kRUVsa/365 +y/rzmJGN4fa6Cp78QhtO8CubXrxGLUnSs9CrB7wwQ2rcNa9yTb/ptqeeP9wKhTwG +d+W9D6NiMGAwHQYDVR0OBBYEFMqcqbma1JdARJm7oXyaaN0BTSL1MB8GA1UdIwQY +MBaAFGOKBTlETPwvB/WIPqYAtWGwchqeMAkGA1UdEwQCMAAwEwYDVR0lBAwwCgYI +KwYBBQUHAwEwCwYJYIZIAWUDBAMMA0gAMEUCIQCXnpYI3xKBcJkb5M/3vo4/xf2a +Cdurg8zR8WyPRXdS8QIgT0DMnX5W3ZbVK4p2nd+uyZ/o29TKBLpEtsyuiiZCsS0= +-----END CERTIFICATE----- diff --git a/test/certs/setup.sh b/test/certs/setup.sh index bd8d49337d..d517384301 100755 --- a/test/certs/setup.sh +++ b/test/certs/setup.sh @@ -471,3 +471,9 @@ OPENSSL_SIGALG=ED448 OPENSSL_KEYALG=ed448 ./mkcert.sh genee ed448 \ ./mkcert.sh geneeextra server.example ee-key ee-cert-policies ca-key ca-cert "certificatePolicies=1.3.6.1.4.1.16604.998855.1" # We can create a cert with a duplicate policy oid - but its actually invalid! ./mkcert.sh geneeextra server.example ee-key ee-cert-policies-bad ca-key ca-cert "certificatePolicies=1.3.6.1.4.1.16604.998855.1,1.3.6.1.4.1.16604.998855.1" + +# EC cert signed by curve ca with SHA3-224, SHA3-256, SHA3-384, SHA3-512 +OPENSSL_SIGALG="sha3-224" ./mkcert.sh genee server.example ee-key-ec-named-named ee-cert-ec-sha3-224 ca-key-ec-named ca-cert-ec-named +OPENSSL_SIGALG="sha3-256" ./mkcert.sh genee server.example ee-key-ec-named-named ee-cert-ec-sha3-256 ca-key-ec-named ca-cert-ec-named +OPENSSL_SIGALG="sha3-384" ./mkcert.sh genee server.example ee-key-ec-named-named ee-cert-ec-sha3-384 ca-key-ec-named ca-cert-ec-named +OPENSSL_SIGALG="sha3-512" ./mkcert.sh genee server.example ee-key-ec-named-named ee-cert-ec-sha3-512 ca-key-ec-named ca-cert-ec-named |