Commit 03c94a2a5e for openssl.org
commit 03c94a2a5e840a703092d5194f7b7adcd8e91e6d
Author: Dr. David von Oheimb <David.von.Oheimb@siemens.com>
Date: Sat Nov 26 22:50:19 2022 +0100
25-test_req.t: add test cases for X509 v1 vs. v3
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
MergeDate: Wed Mar 11 11:22:37 2026
(Merged from https://github.com/openssl/openssl/pull/28373)
diff --git a/test/recipes/25-test_req.t b/test/recipes/25-test_req.t
index e37b36104c..869ac4c3b7 100644
--- a/test/recipes/25-test_req.t
+++ b/test/recipes/25-test_req.t
@@ -15,7 +15,7 @@ use OpenSSL::Test qw/:DEFAULT srctop_file/;
setup("test_req");
-plan tests => 125;
+plan tests => 129;
require_ok(srctop_file('test', 'recipes', 'tconversion.pl'));
@@ -587,6 +587,7 @@ has_AKID($cert, 0);
$cert = "self-signed_v3_CA_hash_SKID.pem";
generate_cert($cert, @v3_ca, "-addext", "subjectKeyIdentifier = hash");
+has_version($cert, 3);
has_SKID($cert, 1); # explicit hash SKID
$cert = "self-signed_v3_CA_no_SKID.pem";
@@ -613,6 +614,7 @@ cert_ext_has_n_different_lines($cert, 0, $SKID_AKID); # no SKID and no AKID
$ca_cert = "self-signed_v3_CA_default_SKID.pem"; # will also be used below
generate_cert($ca_cert, @v3_ca);
+has_version($ca_cert, 3);
has_SKID($ca_cert, 1); # default SKID
has_AKID($ca_cert, 0); # no default AKID
strict_verify($ca_cert, 1);
@@ -698,6 +700,7 @@ $cert = "self-issued_v3_CA_no_KIDs.pem";
generate_cert($cert, "-addext", "subjectKeyIdentifier = none",
"-addext", "authorityKeyIdentifier = none",
"-in", srctop_file(@certs, "x509-check.csr"));
+has_version($cert, 3);
has_SKID($cert, 0);
has_AKID($cert, 0);
strict_verify($cert, 1);
@@ -769,6 +772,7 @@ $cert = "self-issued_v3_EE_no_KIDs_signed_by_CA.pem";
generate_cert($cert, "-addext", "subjectKeyIdentifier = none",
"-addext", "authorityKeyIdentifier = none",
"-key", srctop_file(@certs, "ee-key.pem"));
+has_version($cert, 3);
cert_ext_has_n_different_lines($cert, 0, $SKID_AKID); # no SKID and no AKID
verify(0, $cert, 0, $ca_cert); # expecting failure because we won't fix #19095