• Home
  • Raw
  • Download

Lines Matching refs:cert

384     my $cert = shift @_;
385     my $ss = $cert =~ m/self-signed/;
386     my $is_ca = $cert =~ m/CA/;
391                "-subj", "/CN=$cn", @_, "-out", $cert);
394     ok(run(app([@cmd])), "generate $cert");
397     my $cert = shift @_;
399     cert_contains($cert, "Subject Key Identifier", $expect);
402     my $cert = shift @_;
404     cert_contains($cert, "Authority Key Identifier", $expect);
407     my $cert = shift @_;
409     cert_contains($cert, "Key Usage", $expect);
412     my $cert = shift @_;
415     $trusted = $cert unless $trusted;
417                 "-partial_chain", $cert])) == $expect,
418        "strict verify allow $cert");
424 my $cert = "self-signed_v1_CA_no_KIDs.pem";
425 generate_cert($cert);
426 cert_ext_has_n_different_lines($cert, 0, $SKID_AKID); # no SKID and no AKID
435 $cert = "self-signed_v3_CA_no_SKID.pem";
436 generate_cert($cert, @v3_ca, "-addext", "subjectKeyIdentifier = none");
437 cert_ext_has_n_different_lines($cert, 0, $SKID_AKID); # no SKID and no AKID
440 $cert = "self-signed_v3_CA_both_KIDs.pem";
441 generate_cert($cert, @v3_ca, "-addext", "subjectKeyIdentifier = hash",
443 cert_ext_has_n_different_lines($cert, 3, $SKID_AKID); # SKID == AKID
444 strict_verify($cert, 1);
446 $cert = "self-signed_v3_EE_wrong_keyUsage.pem";
447 generate_cert($cert, "-addext", "keyUsage = keyCertSign");
450 $cert = "v3_EE_default_KIDs.pem";
451 generate_cert($cert, "-addext", "keyUsage = dataEncipherment",
453 cert_ext_has_n_different_lines($cert, 4, $SKID_AKID); # SKID != AKID
454 strict_verify($cert, 1, $ca_cert);
456 $cert = "v3_EE_no_AKID.pem";
457 generate_cert($cert, "-addext", "authorityKeyIdentifier = none",
459 has_SKID($cert, 1);
460 has_AKID($cert, 0);
461 strict_verify($cert, 0, $ca_cert);
463 $cert = "self-issued_v3_EE_default_KIDs.pem";
464 generate_cert($cert, "-addext", "keyUsage = dataEncipherment",
466 cert_ext_has_n_different_lines($cert, 4, $SKID_AKID); # SKID != AKID
467 strict_verify($cert, 1);
469 my $cert = "self-signed_CA_no_keyUsage.pem";
470 generate_cert($cert, "-in", srctop_file(@certs, "ext-check.csr"));
471 has_keyUsage($cert, 0);
472 my $cert = "self-signed_CA_with_keyUsages.pem";
473 generate_cert($cert, "-in", srctop_file(@certs, "ext-check.csr"),
475 has_keyUsage($cert, 1);