Commit Graph

11 Commits

Author SHA1 Message Date
djm@openbsd.org
86936ec245 upstream commit
regression test for 'wildcard CA' serial/key ID revocations
2015-01-30 12:19:29 +11:00
djm@openbsd.org
d3716ca19e upstream commit
this test was broken in at least two ways, such that it
 wasn't checking that a KRL was not excluding valid keys
2015-01-20 09:45:56 +11:00
djm@openbsd.org
51b64e4412 upstream commit
fix KRL generation when multiple CAs are in use

We would generate an invalid KRL when revoking certs by serial
number for multiple CA keys due to a section being written out
twice.

Also extend the regress test to catch this case by having it
produce a multi-CA KRL.

Reported by peter AT pean.org
2014-11-19 09:20:14 +11:00
Damien Miller
c1dc24b71f - djm@cvs.openbsd.org 2014/06/24 01:04:43
[regress/krl.sh]
     regress test for broken consecutive revoked serial number ranges
2014-07-02 17:02:03 +10:00
Damien Miller
36aba25b04 - djm@cvs.openbsd.org 2013/11/21 03:15:46
[regress/krl.sh]
     add some reminders for additional tests that I'd like to implement
2013-11-21 14:24:42 +11:00
Darren Tucker
5f1a89a3b6 - (dtucker) [regress/integrity.sh regress/krl.sh regress/test-exec.sh]
Move the jot helper function to portable-specific part of test-exec.sh.
2013-05-17 19:17:58 +10:00
Tim Rice
21f591b6d9 - (tim) [regress/krl.sh] keep old solaris awk from hanging. 2013-02-26 22:48:31 -08:00
Damien Miller
6d77d6ea2b - (djm) [regress/krl.sh] typo; found by Iain Morgan 2013-02-14 10:31:03 +11:00
Damien Miller
2653f5c0a6 - (djm) [regress/krl.sh] Don't use ecdsa keys in environment that lack ECC. 2013-02-14 10:14:51 +11:00
Damien Miller
dc75d1fc04 - (djm) [regress/krl.sh] replacement for jot; most platforms lack it 2013-01-20 22:58:51 +11:00
Damien Miller
ebafebda85 - djm@cvs.openbsd.org 2013/01/18 00:45:29
[regress/Makefile regress/cert-userkey.sh regress/krl.sh]
     Tests for Key Revocation Lists (KRLs)
2013-01-18 11:51:56 +11:00