Commit 451a0c3d authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

Add PSS certificate signature tests 



Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3301)
parent 9bf45ba4

test/recipes/25-test_verify.t

+13 −1
Original line number Diff line number Diff line
@@ -26,7 +26,7 @@ sub verify { 
    run(app([@args]));

}



plan tests => 121;

plan tests => 125;



# Canonical success

ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"]),
@@ -328,3 +328,15 @@ ok(!verify("badalt9-cert", "sslserver", ["root-cert"], ["ncca1-cert", "ncca3-cer 


ok(!verify("badalt10-cert", "sslserver", ["root-cert"], ["ncca1-cert", "ncca3-cert"], ),

   "Name constaints nested DNS name excluded");



ok(verify("ee-pss-sha1-cert", "sslserver", ["root-cert"], ["ca-cert"], ),

    "Certificate PSS signature using SHA1");



ok(verify("ee-pss-sha256-cert", "sslserver", ["root-cert"], ["ca-cert"], ),

    "CA with PSS signature using SHA256");



ok(!verify("ee-pss-sha1-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "2"),

    "Reject PSS signature using SHA1 and auth level 2");



ok(verify("ee-pss-sha256-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "2"),

    "PSS signature using SHA256 and auth level 2");