diff options
| author | Shane Lontis <shane.lontis@oracle.com> | 2020-08-29 12:25:54 +1000 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2020-09-18 14:20:37 +0100 |
| commit | 3f699197ac0ccf7e3dda6ff3cddaa33803285299 (patch) | |
| tree | eba8d61a8759fa683eafbb41b2e01504d96c88f4 /test/recipes/80-test_cms.t | |
| parent | 282de1cc2d71a95482ce431b9ed620f85eb6acbd (diff) | |
Add fips checks for rsa signatures.
In fips mode SHA1 should not be allowed for signing, but may be present for verifying.
Add keysize check.
Add missing 'ossl_unused' to gettable and settable methods.
Update fips related tests that have these restrictions.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12745)
Diffstat (limited to 'test/recipes/80-test_cms.t')
| -rw-r--r-- | test/recipes/80-test_cms.t | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/test/recipes/80-test_cms.t b/test/recipes/80-test_cms.t index 65a8e14574..0d086344e7 100644 --- a/test/recipes/80-test_cms.t +++ b/test/recipes/80-test_cms.t @@ -161,7 +161,7 @@ my @smime_pkcs7_tests = ( ], [ "signed content S/MIME format, RSA key SHA1", - [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-md", "sha1", + [ "{cmd1}", @defaultprov, "-sign", "-in", $smcont, "-md", "sha1", "-certfile", catfile($smdir, "smroot.pem"), "-signer", catfile($smdir, "smrsa1.pem"), "-out", "{output}.cms" ], [ "{cmd2}", @prov, "-verify", "-in", "{output}.cms", |