Add test cases for SM2 cert verification

This follows #8321 which added the SM2 certificate verification feature.
This commit adds some test cases for #8321.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8465)
This commit is contained in:
Paul Yang 2019-03-13 16:54:11 +08:00
parent 3a8269b319
commit 317ba78fe1
4 changed files with 30 additions and 4 deletions

View file

@ -0,0 +1,14 @@
-----BEGIN CERTIFICATE-----
MIICJDCCAcqgAwIBAgIJAOlkpDpSrmVbMAoGCCqBHM9VAYN1MGgxCzAJBgNVBAYT
AkNOMQswCQYDVQQIDAJMTjERMA8GA1UEBwwIU2hlbnlhbmcxETAPBgNVBAoMCFRl
c3QgT3JnMRAwDgYDVQQLDAdUZXN0IE9VMRQwEgYDVQQDDAtUZXN0IFNNMiBDQTAe
Fw0xOTAyMTkwNzA1NDhaFw0yMzAzMzAwNzA1NDhaMGgxCzAJBgNVBAYTAkNOMQsw
CQYDVQQIDAJMTjERMA8GA1UEBwwIU2hlbnlhbmcxETAPBgNVBAoMCFRlc3QgT3Jn
MRAwDgYDVQQLDAdUZXN0IE9VMRQwEgYDVQQDDAtUZXN0IFNNMiBDQTBZMBMGByqG
SM49AgEGCCqBHM9VAYItA0IABHRYnqErofBdXPptvvO7+BSVJxcpHuTGnZ+UPrbU
5kVEUMaUnNOeMJZl/vRGimZCm/AkReJmRfnb15ESHR+ssp6jXTBbMB0GA1UdDgQW
BBTFjcWu/zJgSZ5SKUlU5Vx4/0W5dDAfBgNVHSMEGDAWgBTFjcWu/zJgSZ5SKUlU
5Vx4/0W5dDAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqgRzPVQGDdQNI
ADBFAiEAs6byi1nSQtFELOw/2tQIv5AEsZFR5MJ/oB2ztXzs2LYCIEfIw4xlUH6X
YFhs4RnIa0K9Ng1ebsGPrifYkudwBIk3
-----END CERTIFICATE-----

View file

@ -25,14 +25,14 @@ SKIP: {
# SM2
ok(run(app(([ 'openssl', 'pkeyutl', '-sign',
'-in', srctop_file('test', 'certs', 'sm2.crt'),
'-in', srctop_file('test', 'certs', 'sm2.pem'),
'-inkey', srctop_file('test', 'certs', 'sm2.key'),
'-out', 'signature.dat', '-rawin',
'-digest', 'sm3', '-pkeyopt', 'sm2_id:someid']))),
"Sign a piece of data using SM2");
ok(run(app(([ 'openssl', 'pkeyutl', '-verify', '-certin',
'-in', srctop_file('test', 'certs', 'sm2.crt'),
'-inkey', srctop_file('test', 'certs', 'sm2.crt'),
'-in', srctop_file('test', 'certs', 'sm2.pem'),
'-inkey', srctop_file('test', 'certs', 'sm2.pem'),
'-sigfile', 'signature.dat', '-rawin',
'-digest', 'sm3', '-pkeyopt', 'sm2_id:someid']))),
"Verify an SM2 signature against a piece of data");

View file

@ -27,7 +27,7 @@ sub verify {
run(app([@args]));
}
plan tests => 135;
plan tests => 137;
# Canonical success
ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"]),
@ -373,3 +373,15 @@ SKIP: {
"ED25519 signature");
}
SKIP: {
skip "SM2 is not supported by this OpenSSL build", 1
if disabled("sm2");
# Test '-sm2-id' and '-sm2-hex-id' option
ok(verify("sm2", "any", ["sm2-ca-cert"], [], "-sm2-id", "1234567812345678"),
"SM2 ID test");
ok(verify("sm2", "any", ["sm2-ca-cert"], [], "-sm2-hex-id",
"31323334353637383132333435363738"),
"SM2 hex ID test");
}