Re-enable testing of ciphersuites

[openssl.git] / test / recipes / 25-test_verify_store.t
diff --git a/test/recipes/25-test_verify_store.t b/test/recipes/25-test_verify_store.t

index c8c57a7b2b35fa9f2cb995bb7df0cdbcfc4f3ceb..920b608a37de350e05d92f100e232c553cbb1756 100644 (file)
--- a/test/recipes/25-test_verify_store.t
+++ b/test/recipes/25-test_verify_store.t
@@ -1,5 +1,5 @@
  #! /usr/bin/env perl
-# Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
  #
  # Licensed under the Apache License 2.0 (the "License").  You may not use
  # this file except in compliance with the License.  You can obtain a copy
@@ -18,34 +18,31 @@ plan tests => 10;
  
  my $dummycnf = srctop_file("apps", "openssl.cnf");
  
+my $cnf = srctop_file("test", "ca-and-certs.cnf");
  my $CAkey = "keyCA.ss";
  my $CAcert="certCA.ss";
  my $CAserial="certCA.srl";
  my $CAreq="reqCA.ss";
-my $CAconf=srctop_file("test","CAss.cnf");
  my $CAreq2="req2CA.ss";        # temp
-
-my $Uconf=srctop_file("test","Uss.cnf");
  my $Ukey="keyU.ss";
  my $Ureq="reqU.ss";
  my $Ucert="certU.ss";
  
  SKIP: {
      req( 'make cert request',
-         qw(-new),
-         -config       => $CAconf,
+         qw(-new -section userreq),
+         -config       => $cnf,
           -out          => $CAreq,
           -keyout       => $CAkey );
  
      skip 'failure', 8 unless
          x509( 'convert request into self-signed cert',
-              qw(-req -CAcreateserial),
+              qw(-req -CAcreateserial -days 30),
+              qw(-extensions v3_ca),
                -in       => $CAreq,
                -out      => $CAcert,
                -signkey  => $CAkey,
-              -days     => 30,
-              -extfile  => $CAconf,
-              -extensions => 'v3_ca' );
+              -extfile  => $cnf );
  
      skip 'failure', 7 unless
          x509( 'convert cert into a cert request',
@@ -56,13 +53,13 @@ SKIP: {
  
      skip 'failure', 6 unless
          req( 'verify request 1',
-             qw(-verify -noout),
+             qw(-verify -noout -section userreq),
               -config    => $dummycnf,
               -in        => $CAreq );
  
      skip 'failure', 5 unless
          req( 'verify request 2',
-             qw(-verify -noout),
+             qw(-verify -noout -section userreq),
               -config    => $dummycnf,
               -in        => $CAreq2 );
  
@@ -73,29 +70,27 @@ SKIP: {
  
      skip 'failure', 3 unless
          req( 'make a user cert request',
-             qw(-new),
-             -config  => $Uconf,
+             qw(-new -section userreq),
+             -config  => $cnf,
               -out     => $Ureq,
               -keyout  => $Ukey );
  
      skip 'failure', 2 unless
          x509( 'sign user cert request',
-              qw(-req -CAcreateserial),
+              qw(-req -CAcreateserial -days 30 -extensions v3_ee),
                -in     => $Ureq,
                -out    => $Ucert,
                -CA     => $CAcert,
                -CAkey  => $CAkey,
                -CAserial => $CAserial,
-              -days   => 30,
-              -extfile => $Uconf,
-              -extensions => 'v3_ee' )
+              -extfile => $cnf )
          && verify( undef,
                     -CAstore => $CAcert,
                     $Ucert );
  
      skip 'failure', 0 unless
          x509( 'Certificate details',
-              qw( -subject -issuer -startdate -enddate -noout),
+              qw(-subject -issuer -startdate -enddate -noout),
                -in     => $Ucert );
  }