Branch: refs/heads/master
Home: https://github.openssl.org/openssl/openssl
Commit: 386ab7f1fefdd77521e670d9593e9894e2774be0
https://github.openssl.org/openssl/openssl/commit/386ab7f1fefdd77521e670d9593e9894e2774be0
Author: Lutz Jaenicke <[email protected]>
Date: 2022-06-22 (Wed, 22 Jun 2022)
Changed paths:
A test/certs/ee-timestampsign-CABforum-anyextkeyusage.pem
A test/certs/ee-timestampsign-CABforum-crlsign.pem
A test/certs/ee-timestampsign-CABforum-keycertsign.pem
A test/certs/ee-timestampsign-CABforum-noncritxku.pem
A test/certs/ee-timestampsign-CABforum-serverauth.pem
A test/certs/ee-timestampsign-CABforum.pem
A test/certs/ee-timestampsign-rfc3161-digsig.pem
A test/certs/ee-timestampsign-rfc3161-noncritxku.pem
A test/certs/ee-timestampsign-rfc3161.pem
M test/certs/setup.sh
M test/recipes/25-test_verify.t
Log Message:
-----------
Add test cases for verification of time stamping certificates
Test makes sure, that both time stamping certificate according to rfc3161 (no
requirements for keyUsage extension) and according to CAB forum (keyUsage
extension must be digitalSignature and be set critical) are accepted. Misuse
cases as stated in CAB forum are rejected, only exeption is a missing
"critial" flag on keyUsage.
Reviewed-by: Tomas Mraz <[email protected]>
Reviewed-by: Paul Dale <[email protected]>
(Merged from https://github.com/openssl/openssl/pull/18597)
