test/recipes/80-test_ca.t: Don't force quotes around the config file in $cnf

However, when passing it through the OPENSSL_CONFIG environment
variable, we still need the quotes, just to m

test/recipes/80-test_ca.t: Don't force quotes around the config file in $cnf

However, when passing it through the OPENSSL_CONFIG environment
variable, we still need the quotes, just to make sure.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15823)

show more ...

test: fix indentation

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15824)

test: replace tabs with spaces in test recipes

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/

test: replace tabs with spaces in test recipes

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15824)

show more ...

Update copyright year

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15801)

TEST: Prefer using precomputed RSA and DH keys for more efficient tests

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://gi

TEST: Prefer using precomputed RSA and DH keys for more efficient tests

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13715)

show more ...

Fix test/recipes/80-test_ca.t to skip_all properly in a subtest

It's perfectlt ok to 'plan skip_all' in a subtest, but in that case,
it must really be inside the subtest.

Fixes

Fix test/recipes/80-test_ca.t to skip_all properly in a subtest

It's perfectlt ok to 'plan skip_all' in a subtest, but in that case,
it must really be inside the subtest.

Fixes #13330

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13331)

show more ...

apps/ca: allow CRL lastUpdate/nextUpdate fields to be specified

When generating a CRL using the "ca" utility, allow values for the
lastUpdate and nextUpdate fields to be specified using

apps/ca: allow CRL lastUpdate/nextUpdate fields to be specified

When generating a CRL using the "ca" utility, allow values for the
lastUpdate and nextUpdate fields to be specified using the command line
options -crl_lastupdate and -crl_nextupdate respectively.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12784)

show more ...

Cleanup cert config files for tests

Merge test/P[12]ss.cnf into one config file
Merge CAss.cnf and Uss.cnf into ca-and-certs.cnf
Remove Netscape cert extensions, add keyUsage comment

Cleanup cert config files for tests

Merge test/P[12]ss.cnf into one config file
Merge CAss.cnf and Uss.cnf into ca-and-certs.cnf
Remove Netscape cert extensions, add keyUsage comment from some cnf files

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11347)

show more ...

Add function load_csr(file,format,desc) to apps/lib/apps.c

Make use of new load_csr() in 'ca', 'req', and 'x509' app
Add '-inform' and '-certform' option to 'ca' app
Add 'desc' param

Add function load_csr(file,format,desc) to apps/lib/apps.c

Make use of new load_csr() in 'ca', 'req', and 'x509' app
Add '-inform' and '-certform' option to 'ca' app
Add 'desc' parameter to load_crl() function defined in apps/lib/apps.c
Allow 'desc' parameter to be NULL (gives option to suppress error output)

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/4940)

show more ...

Update copyright year

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11616)

TEST: Adapt all applicable tests to the new distinguishing ID

Fixes #11293

Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
(Merged from https://github.com/openssl/openssl/pull/11

TEST: Adapt all applicable tests to the new distinguishing ID

Fixes #11293

Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
(Merged from https://github.com/openssl/openssl/pull/11302)

show more ...

TEST: Modify test/recipes/80-test_ca.t to leave artifacts behind

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11080)

Support SM2 certificate signing

SM2 certificate signing request can be created and signed by OpenSSL
now, both in library and apps.

Documentation and test cases are added.

Support SM2 certificate signing

SM2 certificate signing request can be created and signed by OpenSSL
now, both in library and apps.

Documentation and test cases are added.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9085)

show more ...

Following the license change, modify the boilerplates in test/

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7767)

Add random serial# support.

Add -rand_serial to CA command and "serial_rand" config option.

Up RAND_BITS to 159, and comment why: now confirms to CABForum
guidelines (Ballot 164

Add random serial# support.

Add -rand_serial to CA command and "serial_rand" config option.

Up RAND_BITS to 159, and comment why: now confirms to CABForum
guidelines (Ballot 164) as well as IETF RFC 5280 (PKIX).

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4185)

show more ...

recipes/80-test_ca.t: make it work with spaces in pathnames.

Reviewed-by: Richard Levitte <levitte@openssl.org>

-precert doesn't work when configured no-ct, don't try to test it then

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2827)

Fix the skip numbers in 80-test_ca.t

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2827)

Change CA.pl flag from --newprecert to --precert

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/

Change CA.pl flag from --newprecert to --precert

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/843)

show more ...

Basic test for "openssl req -precert" via apps/CA.pl

TODO(robpercival): Should actually test that the output certificate
contains the poison extension.

Reviewed-by: Tim Hudson <

Basic test for "openssl req -precert" via apps/CA.pl

TODO(robpercival): Should actually test that the output certificate
contains the poison extension.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/843)

show more ...

Fix copy-paste test labels

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

Have some more test recipes clean up after themselves

Reviewed-by: Rich Salz <rsalz@openssl.org>

make sure to put quotes around -config argument, in case of spaces

RT#4486

Reviewed-by: Matt Caswell <matt@openssl.org>

Unified copyright for test recipes

Reviewed-by: Richard Levitte <levitte@openssl.org>

Adapt some test recipes to the newer cmdstr()

Reviewed-by: Rich Salz <rsalz@openssl.org>