diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile index 388b0ce41..a87e0cc06 100644 --- a/tests/data_files/Makefile +++ b/tests/data_files/Makefile @@ -93,6 +93,15 @@ cert_example_multi.csr: rsa_pkcs1_1024_clear.pem cert_example_multi.crt: cert_example_multi.csr $(OPENSSL) x509 -req -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) -extfile $(test_ca_config_file) -extensions dns_alt_names -passin "pass:$(test_ca_pwd_rsa)" -set_serial 17 -days 3653 -sha256 -in $< > $@ +test_csr_v3_keyUsage.csr: rsa_pkcs1_1024_clear.pem + $(OPENSSL) req -new -subj '/CN=etcd' -config $(test_ca_config_file) -key rsa_pkcs1_1024_clear.pem -out $@ -reqexts csr_ext_v3_keyUsage +test_csr_v3_subjectAltName.csr: rsa_pkcs1_1024_clear.pem + $(OPENSSL) req -new -subj '/CN=etcd' -config $(test_ca_config_file) -key rsa_pkcs1_1024_clear.pem -out $@ -reqexts csr_ext_v3_subjectAltName +test_csr_v3_nsCertType.csr: rsa_pkcs1_1024_clear.pem + $(OPENSSL) req -new -subj '/CN=etcd' -config $(test_ca_config_file) -key rsa_pkcs1_1024_clear.pem -out $@ -reqexts csr_ext_v3_nsCertType +test_csr_v3_all.csr: rsa_pkcs1_1024_clear.pem + $(OPENSSL) req -new -subj '/CN=etcd' -config $(test_ca_config_file) -key rsa_pkcs1_1024_clear.pem -out $@ -reqexts csr_ext_v3_all + $(test_ca_key_file_rsa_alt):test-ca.opensslconf $(OPENSSL) genrsa -out $@ 2048 test-ca-alt.csr: $(test_ca_key_file_rsa_alt) $(test_ca_config_file) diff --git a/tests/data_files/test-ca.opensslconf b/tests/data_files/test-ca.opensslconf index b2c2fa1bc..bd127609e 100644 --- a/tests/data_files/test-ca.opensslconf +++ b/tests/data_files/test-ca.opensslconf @@ -82,3 +82,17 @@ fullname=URI:http://pki.example.com/ # these IPs are the ascii values for 'abcd' and 'abcd.example.com' [tricky_ip_san] subjectAltName=IP:97.98.99.100,IP:6162:6364:2e65:7861:6d70:6c65:2e63:6f6d + +[csr_ext_v3_keyUsage] +keyUsage = digitalSignature, keyEncipherment + +[csr_ext_v3_subjectAltName] +subjectAltName=DNS:example.com, DNS:example.net, DNS:*.example.org + +[csr_ext_v3_nsCertType] +nsCertType=server + +[csr_ext_v3_all] +keyUsage = cRLSign +subjectAltName=otherName:1.3.6.1.5.5.7.8.4;SEQ:nonprintable_hw_module_name +nsCertType=client diff --git a/tests/data_files/test_csr_v3_all.csr b/tests/data_files/test_csr_v3_all.csr new file mode 100644 index 000000000..fecca328a --- /dev/null +++ b/tests/data_files/test_csr_v3_all.csr @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBsTCCARoCAQAwDzENMAsGA1UEAwwEZXRjZDCBnzANBgkqhkiG9w0BAQEFAAOB +jQAwgYkCgYEAxziSxcP0cBAIa/gTNezzARyKJQ+VgjYeqh6WElUarPh7dTMLcFcz +nNmV8U1MRDfIvsSgP+RkPNPzyQJDPcN8W455qgmEroITNwq/hWm9KjVibLH+5Kzg +QrJBfHvknScUmywHa45DPT9sdjpGmhxwDSWdvAjHQPzYAjdi/33r/C0CAwEAAaBi +MGAGCSqGSIb3DQEJDjFTMFEwCwYDVR0PBAQDAgECMC8GA1UdEQQoMCagJAYIKwYB +BQUHCASgGDAWBgcrBgEEAREDBAsxMjOAgQCBgDMyMTARBglghkgBhvhCAQEEBAMC +B4AwDQYJKoZIhvcNAQELBQADgYEAk9a+49SVlwdJJKBhvfDQ0I6pqB+Uglsg7jvo +AIgIQwY5wRy4Y2wT4CPu3zGyRxQlgqPH/JL3ZmiL9NoYXMrMbJ4Sy82y2iyW31Qq +8taoZ6jJfmusmURU7uQPOK1g/Io2ryumuGRlsIK1aa/aqeYG1xs34+F0UX3pGxf+ +nIeQXuM= +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/test_csr_v3_keyUsage.csr b/tests/data_files/test_csr_v3_keyUsage.csr new file mode 100644 index 000000000..c22b392c9 --- /dev/null +++ b/tests/data_files/test_csr_v3_keyUsage.csr @@ -0,0 +1,10 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBbDCB1gIBADAPMQ0wCwYDVQQDDARldGNkMIGfMA0GCSqGSIb3DQEBAQUAA4GN +ADCBiQKBgQDHOJLFw/RwEAhr+BM17PMBHIolD5WCNh6qHpYSVRqs+Ht1MwtwVzOc +2ZXxTUxEN8i+xKA/5GQ80/PJAkM9w3xbjnmqCYSughM3Cr+Fab0qNWJssf7krOBC +skF8e+SdJxSbLAdrjkM9P2x2OkaaHHANJZ28CMdA/NgCN2L/fev8LQIDAQABoB4w +HAYJKoZIhvcNAQkOMQ8wDTALBgNVHQ8EBAMCBaAwDQYJKoZIhvcNAQELBQADgYEA +rKFX2WcYZNns9j0YL+SlR/EnR53r5xFeiMa8lqj7DbjvxXly97JjkTM8qgiYDbsd +r3EsRCtf6sGoxpCWIT370zToUYQndKJFthlnM9w6san7t3QcryDpYXvSTft0O3/X +nypfGe7QuEYl0R/XKxlot1HzGCqaZB0QonfxxAFE3Tw= +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/test_csr_v3_nsCertType.csr b/tests/data_files/test_csr_v3_nsCertType.csr new file mode 100644 index 000000000..039874330 --- /dev/null +++ b/tests/data_files/test_csr_v3_nsCertType.csr @@ -0,0 +1,10 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBcjCB3AIBADAPMQ0wCwYDVQQDDARldGNkMIGfMA0GCSqGSIb3DQEBAQUAA4GN +ADCBiQKBgQDHOJLFw/RwEAhr+BM17PMBHIolD5WCNh6qHpYSVRqs+Ht1MwtwVzOc +2ZXxTUxEN8i+xKA/5GQ80/PJAkM9w3xbjnmqCYSughM3Cr+Fab0qNWJssf7krOBC +skF8e+SdJxSbLAdrjkM9P2x2OkaaHHANJZ28CMdA/NgCN2L/fev8LQIDAQABoCQw +IgYJKoZIhvcNAQkOMRUwEzARBglghkgBhvhCAQEEBAMCBkAwDQYJKoZIhvcNAQEL +BQADgYEAYDqW7nG8/adwpHZXhmMSgdJmzovjOfMCRRe1FshTLSMmcB64wkZNuCc6 +5rLdubZpZtvA0pCp8pHqhdi6Mhl5dP7ZHxJgcW2jG1ZvxuoC65r1w+SH05RdLS0G +IX2MEfp0J9hR4hVXJt4FbFtGmzkHi114oTMFMRWq84KiMrUugnM= +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/test_csr_v3_subjectAltName.csr b/tests/data_files/test_csr_v3_subjectAltName.csr new file mode 100644 index 000000000..65808c58e --- /dev/null +++ b/tests/data_files/test_csr_v3_subjectAltName.csr @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBkzCB/QIBADAPMQ0wCwYDVQQDDARldGNkMIGfMA0GCSqGSIb3DQEBAQUAA4GN +ADCBiQKBgQDHOJLFw/RwEAhr+BM17PMBHIolD5WCNh6qHpYSVRqs+Ht1MwtwVzOc +2ZXxTUxEN8i+xKA/5GQ80/PJAkM9w3xbjnmqCYSughM3Cr+Fab0qNWJssf7krOBC +skF8e+SdJxSbLAdrjkM9P2x2OkaaHHANJZ28CMdA/NgCN2L/fev8LQIDAQABoEUw +QwYJKoZIhvcNAQkOMTYwNDAyBgNVHREEKzApggtleGFtcGxlLmNvbYILZXhhbXBs +ZS5uZXSCDSouZXhhbXBsZS5vcmcwDQYJKoZIhvcNAQELBQADgYEAUyi46hqfD91x +TVRf+IeI3rDf1gSu0IMZuoR5xr2jf/+Oq747gmH+ET2Yfgo96LWQpMVkuOaa68Hj +0r4wvLgV3Re2dO4obHF9AVftZYTcLQ/GK/X3fvT1si7ynv9cfBRdHp4TBlSxeG+a +c9kTX4hTnt3G106vea9FHgCpfG+AkV4= +-----END CERTIFICATE REQUEST-----