mirror of
https://github.com/openssl/openssl.git
synced 2025-01-19 16:33:33 +08:00
TEST: Prefer using precomputed RSA and DH keys for more efficient tests
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13715)
This commit is contained in:
Dr. David von Oheimb
Dr. David von Oheimb
parent
8b893c35da
commit
91f2b15f2e
@ -48,7 +48,6 @@ emailAddress = optional
|
||||
|
||||
#----------------------------------------------------------------------
|
||||
[ req ]
|
||||
default_bits = 2048
|
||||
default_md = sha1
|
||||
distinguished_name = $ENV::TSDNSECT
|
||||
encrypt_rsa_key = no
|
||||
|
||||
@ -3,8 +3,6 @@ CN2 = Brother 2
|
||||
|
||||
####################################################################
|
||||
[ req ]
|
||||
default_bits = 2048
|
||||
default_keyfile = keySS.pem
|
||||
distinguished_name = req_distinguished_name
|
||||
encrypt_rsa_key = no
|
||||
default_md = sha1
|
||||
@ -19,8 +17,6 @@ commonName_value = Dodgy CA
|
||||
|
||||
####################################################################
|
||||
[ userreq ]
|
||||
default_bits = 2048
|
||||
default_keyfile = keySS.pem
|
||||
distinguished_name = user_dn
|
||||
encrypt_rsa_key = no
|
||||
default_md = sha256
|
||||
|
||||
14
test/certs/dhk2048.pem
Normal file
14
test/certs/dhk2048.pem
Normal file
@ -0,0 +1,14 @@
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
MIICKgIBADCCARsGCSqGSIb3DQEDATCCAQwCggEBAP//////////yQ/aoiFowjTE
|
||||
xmKLgNwc0SkCTgiKZ8x0Agu+pjsTmyJRSgh5jjQE3e+VGbPNOkMbMCsKbfJfFDdP
|
||||
4TVtbVHCReSFtXZiXn7G9ExC6aY37WsL/1y29Aa37e44a/taiZ+lrp8kEXxLH+ZJ
|
||||
KGZR7ORbPcIAfLihY78FmNpINhxV05ppFj+o/STPX4NlXSPco62WHGLzViCFUrue
|
||||
1SkHcJaWbWcMNU5KvJgE8XRsCMoYIXwykF5GLjbOO+OedywYDoYDmyeDouwHoo+1
|
||||
xV3wb0xSyd4ry/aVWBcYOZVJfOqVauUV0iYYmPoFEBVyjlqKrKpo//////////8C
|
||||
AQICAgf/BIIBBAKCAQBPXxEkDA2EWknARF2EzUo6gc1eFNdKMVwa7aT3e2ClTIkN
|
||||
B4Y6XsJCS5C4q0vKhHtdH5LswCxUPfTQQAOlKPzcdMcGuOvx8gl90kvaOuxnD0wQ
|
||||
rpRmC64FbN+h503UJuGuNTFO2AvgLVb6EA637soAcWR6qLtRJ3wDpr1OW/ertIUj
|
||||
jhzD1i255j+z6UVQBNLy882AUSHfjr1UzWTYfcyn1zpQbZtbIh+0O5cloIl6Ek4N
|
||||
c3NtCgwAmTROrsKqHGmaW+pw4sOAAtNJByPT0y725s7tq4mAJKJgCc2J8Lbwbx9Z
|
||||
s+tEoCidGYuBRNouVH6I6POwjIhdpU0kIscdv+w8
|
||||
-----END PRIVATE KEY-----
|
||||
@ -88,6 +88,7 @@ static EVP_PKEY *make_template(const char *type, OSSL_PARAM *genparams)
|
||||
}
|
||||
#endif
|
||||
|
||||
#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC)
|
||||
static EVP_PKEY *make_key(const char *type, EVP_PKEY *template,
|
||||
OSSL_PARAM *genparams)
|
||||
{
|
||||
@ -109,6 +110,7 @@ static EVP_PKEY *make_key(const char *type, EVP_PKEY *template,
|
||||
EVP_PKEY_CTX_free(ctx);
|
||||
return pkey;
|
||||
}
|
||||
#endif
|
||||
|
||||
/* Main test driver */
|
||||
|
||||
@ -1182,6 +1184,9 @@ static int create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld)
|
||||
# endif /* OPENSSL_NO_EC2M */
|
||||
#endif /* OPENSSL_NO_EC */
|
||||
|
||||
#define USAGE "rsa-key.pem rsa-pss-key.pem\n"
|
||||
OPT_TEST_DECLARE_USAGE(USAGE)
|
||||
|
||||
int setup_tests(void)
|
||||
{
|
||||
# ifndef OPENSSL_NO_RC4
|
||||
@ -1207,12 +1212,14 @@ int setup_tests(void)
|
||||
};
|
||||
#endif
|
||||
|
||||
/* 7 is the default magic number */
|
||||
static unsigned int rsapss_min_saltlen = 7;
|
||||
OSSL_PARAM RSA_PSS_params[] = {
|
||||
OSSL_PARAM_uint("saltlen", &rsapss_min_saltlen),
|
||||
OSSL_PARAM_END
|
||||
};
|
||||
if (!test_skip_common_options()) {
|
||||
TEST_error("Error parsing test options\n");
|
||||
return 0;
|
||||
}
|
||||
if (test_get_argument_count() != 2) {
|
||||
TEST_error("usage: endecode_test %s", USAGE);
|
||||
return 0;
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_NO_EC
|
||||
if (!TEST_ptr(bnctx = BN_CTX_new_ex(NULL))
|
||||
@ -1237,15 +1244,16 @@ int setup_tests(void)
|
||||
TEST_info("Generating keys...");
|
||||
|
||||
#ifndef OPENSSL_NO_DH
|
||||
TEST_info("Generating DH keys...");
|
||||
MAKE_DOMAIN_KEYS(DH, "DH", NULL);
|
||||
MAKE_DOMAIN_KEYS(DHX, "X9.42 DH", NULL);
|
||||
TEST_info("Generating keys...DH done");
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_DSA
|
||||
TEST_info("Generating DSA keys...");
|
||||
MAKE_DOMAIN_KEYS(DSA, "DSA", DSA_params);
|
||||
TEST_info("Generating keys...DSA done");
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_EC
|
||||
TEST_info("Generating EC keys...");
|
||||
MAKE_DOMAIN_KEYS(EC, "EC", EC_params);
|
||||
MAKE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve, "EC", ec_explicit_prime_params_nc);
|
||||
MAKE_DOMAIN_KEYS(ECExplicitPrime2G, "EC", ec_explicit_prime_params_explicit);
|
||||
@ -1257,12 +1265,12 @@ int setup_tests(void)
|
||||
MAKE_KEYS(ED448, "ED448", NULL);
|
||||
MAKE_KEYS(X25519, "X25519", NULL);
|
||||
MAKE_KEYS(X448, "X448", NULL);
|
||||
TEST_info("Generating keys...EC done");
|
||||
#endif
|
||||
MAKE_KEYS(RSA, "RSA", NULL);
|
||||
TEST_info("Generating keys...RSA done");
|
||||
MAKE_KEYS(RSA_PSS, "RSA-PSS", RSA_PSS_params);
|
||||
TEST_info("Generating keys...RSA_PSS done");
|
||||
TEST_info("Loading RSA key...");
|
||||
ok = ok && TEST_ptr(key_RSA = load_pkey_pem(test_get_argument(0), NULL));
|
||||
TEST_info("Loading RSA_PSS key...");
|
||||
ok = ok && TEST_ptr(key_RSA_PSS = load_pkey_pem(test_get_argument(1), NULL));
|
||||
TEST_info("Generating keys done");
|
||||
|
||||
if (ok) {
|
||||
#ifndef OPENSSL_NO_DH
|
||||
|
||||
@ -674,19 +674,48 @@ static int test_key(int idx)
|
||||
return ok;
|
||||
}
|
||||
|
||||
#define USAGE "rsa-key.pem dh-key.pem\n"
|
||||
OPT_TEST_DECLARE_USAGE(USAGE)
|
||||
|
||||
int setup_tests(void)
|
||||
{
|
||||
size_t i;
|
||||
|
||||
if (!test_skip_common_options()) {
|
||||
TEST_error("Error parsing test options\n");
|
||||
return 0;
|
||||
}
|
||||
if (test_get_argument_count() != 2) {
|
||||
TEST_error("usage: endecoder_legacy_test %s", USAGE);
|
||||
return 0;
|
||||
}
|
||||
|
||||
TEST_info("Generating keys...");
|
||||
|
||||
for (i = 0; i < OSSL_NELEM(keys); i++) {
|
||||
#ifndef OPENSSL_NO_DH
|
||||
if (strcmp(keys[i].keytype, "DH") == 0) {
|
||||
if (!TEST_ptr(keys[i].key =
|
||||
load_pkey_pem(test_get_argument(1), NULL)))
|
||||
return 0;
|
||||
continue;
|
||||
}
|
||||
#endif
|
||||
#ifndef OPENSSL_NO_DEPRECATED_3_0
|
||||
if (strcmp(keys[i].keytype, "RSA") == 0) {
|
||||
if (!TEST_ptr(keys[i].key =
|
||||
load_pkey_pem(test_get_argument(0), NULL)))
|
||||
return 0;
|
||||
continue;
|
||||
}
|
||||
#endif
|
||||
TEST_info("Generating %s key...", keys[i].keytype);
|
||||
if (!TEST_ptr(keys[i].key =
|
||||
make_key(keys[i].keytype, keys[i].template_params)))
|
||||
return 0;
|
||||
}
|
||||
|
||||
TEST_info("Generating key... done");
|
||||
TEST_info("Generating keys done");
|
||||
|
||||
ADD_ALL_TESTS(test_key, OSSL_NELEM(test_stanzas));
|
||||
return 1;
|
||||
|
||||
@ -530,15 +530,16 @@ static int kem_rsa_gen_recover(void)
|
||||
unsigned char ct[256] = { 0, };
|
||||
unsigned char unwrap[256] = { 0, };
|
||||
size_t ctlen = 0, unwraplen = 0, secretlen = 0;
|
||||
int bits = 2048;
|
||||
|
||||
ret = TEST_true(rsa_keygen(2048, &pub, &priv))
|
||||
ret = TEST_true(rsa_keygen(bits, &pub, &priv))
|
||||
&& TEST_ptr(sctx = EVP_PKEY_CTX_new_from_pkey(libctx, pub, NULL))
|
||||
&& TEST_int_eq(EVP_PKEY_encapsulate_init(sctx, NULL), 1)
|
||||
&& TEST_int_eq(EVP_PKEY_CTX_set_kem_op(sctx, "RSASVE"), 1)
|
||||
&& TEST_int_eq(EVP_PKEY_encapsulate(sctx, NULL, &ctlen, NULL,
|
||||
&secretlen), 1)
|
||||
&& TEST_int_eq(ctlen, secretlen)
|
||||
&& TEST_int_eq(ctlen, 2048 / 8)
|
||||
&& TEST_int_eq(ctlen, bits / 8)
|
||||
&& TEST_int_eq(EVP_PKEY_encapsulate(sctx, ct, &ctlen, secret,
|
||||
&secretlen), 1)
|
||||
&& TEST_ptr(rctx = EVP_PKEY_CTX_new_from_pkey(libctx, priv, NULL))
|
||||
|
||||
@ -2,8 +2,6 @@
|
||||
## Config file for proxy certificate testing.
|
||||
|
||||
[ req ]
|
||||
default_bits = 2048
|
||||
default_keyfile = keySS.pem
|
||||
distinguished_name = req_distinguished_name_p1
|
||||
encrypt_rsa_key = no
|
||||
default_md = sha256
|
||||
@ -29,8 +27,6 @@ proxyCertInfo = critical,language:id-ppl-anyLanguage,pathlen:1,policy:text:AB
|
||||
####################################################################
|
||||
|
||||
[ proxy2_req ]
|
||||
default_bits = 2048
|
||||
default_keyfile = keySS.pem
|
||||
distinguished_name = req_distinguished_name_p2
|
||||
encrypt_rsa_key = no
|
||||
default_md = sha256
|
||||
|
||||
@ -20,4 +20,7 @@ plan tests => 1;
|
||||
$ENV{OPENSSL_MODULES} = abs_path(bldtop_dir("providers"));
|
||||
$ENV{OPENSSL_CONF} = abs_path(srctop_file("test", "default-and-legacy.cnf"));
|
||||
|
||||
ok(run(test(["endecode_test"])));
|
||||
my $rsa_key = srctop_file("test", "certs", "ee-key.pem");
|
||||
my $pss_key = srctop_file("test", "certs", "ca-pss-key.pem");
|
||||
|
||||
ok(run(test(["endecode_test", $rsa_key, $pss_key])));
|
||||
|
||||
@ -20,8 +20,10 @@ plan skip_all => "Not available in a no-deprecated build"
|
||||
if disabled("deprecated");
|
||||
plan tests => 1;
|
||||
|
||||
|
||||
$ENV{OPENSSL_MODULES} = abs_path(bldtop_dir("providers"));
|
||||
$ENV{OPENSSL_CONF} = abs_path(srctop_file("test", "default.cnf"));
|
||||
|
||||
ok(run(test(["endecoder_legacy_test"])));
|
||||
my $rsa_key = srctop_file("test", "certs", "ee-key.pem");
|
||||
my $dh_key = srctop_file("test", "certs", "dhk2048.pem");
|
||||
|
||||
ok(run(test(["endecoder_legacy_test", $rsa_key, $dh_key])));
|
||||
|
||||
@ -33,6 +33,7 @@ if (disabled("rsa")) {
|
||||
|
||||
# Check for duplicate -addext parameters, and one "working" case.
|
||||
my @addext_args = ( "openssl", "req", "-new", "-out", "testreq.pem",
|
||||
"-key", srctop_file("test", "certs", "ee-key.pem"),
|
||||
"-config", srctop_file("test", "test.cnf"), @req_new );
|
||||
my $val = "subjectAltName=DNS:example.com";
|
||||
my $val2 = " " . $val;
|
||||
@ -288,6 +289,7 @@ subtest "generating certificate requests" => sub {
|
||||
plan tests => 2;
|
||||
|
||||
ok(run(app(["openssl", "req", "-config", srctop_file("test", "test.cnf"),
|
||||
"-key", srctop_file("test", "certs", "ee-key.pem"),
|
||||
@req_new, "-out", "testreq.pem"])),
|
||||
"Generating request");
|
||||
|
||||
|
||||
@ -17,6 +17,8 @@ setup("test_verify_store");
|
||||
plan tests => 10;
|
||||
|
||||
my $dummycnf = srctop_file("apps", "openssl.cnf");
|
||||
my $cakey = srctop_file("test", "certs", "ca-key.pem");
|
||||
my $ukey = srctop_file("test", "certs", "ee-key.pem");
|
||||
|
||||
my $cnf = srctop_file("test", "ca-and-certs.cnf");
|
||||
my $CAkey = "keyCA.ss";
|
||||
@ -33,6 +35,7 @@ SKIP: {
|
||||
qw(-new -section userreq),
|
||||
-config => $cnf,
|
||||
-out => $CAreq,
|
||||
-key => $cakey,
|
||||
-keyout => $CAkey );
|
||||
|
||||
skip 'failure', 8 unless
|
||||
@ -73,6 +76,7 @@ SKIP: {
|
||||
qw(-new -section userreq),
|
||||
-config => $cnf,
|
||||
-out => $Ureq,
|
||||
-key => $ukey,
|
||||
-keyout => $Ukey );
|
||||
|
||||
skip 'failure', 2 unless
|
||||
|
||||
@ -29,15 +29,18 @@ rmtree("demoCA", { safe => 0 });
|
||||
|
||||
plan tests => 15;
|
||||
SKIP: {
|
||||
my $cakey = srctop_file("test", "certs", "ca-key.pem");
|
||||
$ENV{OPENSSL_CONFIG} = '-config ' . $cnf;
|
||||
skip "failed creating CA structure", 4
|
||||
if !ok(run(perlapp(["CA.pl","-newca"], stdin => undef)),
|
||||
if !ok(run(perlapp(["CA.pl","-newca",
|
||||
"-extra-req", "-key $cakey"], stdin => undef)),
|
||||
'creating CA structure');
|
||||
|
||||
my $eekey = srctop_file("test", "certs", "ee-key.pem");
|
||||
$ENV{OPENSSL_CONFIG} = '-config ' . $cnf;
|
||||
skip "failed creating new certificate request", 3
|
||||
if !ok(run(perlapp(["CA.pl","-newreq",
|
||||
'-extra-req', '-outform DER -section userreq'])),
|
||||
'-extra-req', "-outform DER -section userreq -key $eekey"])),
|
||||
'creating certificate request');
|
||||
$ENV{OPENSSL_CONFIG} = '-rand_serial -inform DER -config '.$std_openssl_cnf;
|
||||
skip "failed to sign certificate request", 2
|
||||
@ -50,8 +53,9 @@ plan tests => 15;
|
||||
skip "CT not configured, can't use -precert", 1
|
||||
if disabled("ct");
|
||||
|
||||
my $eekey2 = srctop_file("test", "certs", "ee-key-3072.pem");
|
||||
$ENV{OPENSSL_CONFIG} = '-config ' . $cnf;
|
||||
ok(run(perlapp(["CA.pl", "-precert", '-extra-req', '-section userreq'], stderr => undef)),
|
||||
ok(run(perlapp(["CA.pl", "-precert", '-extra-req', "-section userreq -key $eekey2"], stderr => undef)),
|
||||
'creating new pre-certificate');
|
||||
}
|
||||
|
||||
|
||||
@ -46,12 +46,12 @@ my @genpkeycmd = ("openssl", "genpkey");
|
||||
my $dummycnf = srctop_file("apps", "openssl.cnf");
|
||||
|
||||
my $cnf = srctop_file("test", "ca-and-certs.cnf");
|
||||
my $CAkey = "keyCA.ss";
|
||||
my $CAkey = srctop_file("test", "certs", "ca-key.pem"); # "keyCA.ss"
|
||||
my $CAcert="certCA.ss";
|
||||
my $CAserial="certCA.srl";
|
||||
my $CAreq="reqCA.ss";
|
||||
my $CAreq2="req2CA.ss"; # temp
|
||||
my $Ukey="keyU.ss";
|
||||
my $Ukey = srctop_file("test", "certs", "ee-key.pem"); # "keyU.ss";
|
||||
my $Ureq="reqU.ss";
|
||||
my $Ucert="certU.ss";
|
||||
my $Dkey="keyD.ss";
|
||||
@ -62,11 +62,11 @@ my $Ereq="reqE.ss";
|
||||
my $Ecert="certE.ss";
|
||||
|
||||
my $proxycnf=srctop_file("test", "proxy.cnf");
|
||||
my $P1key="keyP1.ss";
|
||||
my $P1key= srctop_file("test", "certs", "alt1-key.pem"); # "keyP1.ss";
|
||||
my $P1req="reqP1.ss";
|
||||
my $P1cert="certP1.ss";
|
||||
my $P1intermediate="tmp_intP1.ss";
|
||||
my $P2key="keyP2.ss";
|
||||
my $P2key= srctop_file("test", "certs", "alt2-key.pem"); # "keyP2.ss";
|
||||
my $P2req="reqP2.ss";
|
||||
my $P2cert="certP2.ss";
|
||||
my $P2intermediate="tmp_intP2.ss";
|
||||
@ -125,7 +125,7 @@ sub testss {
|
||||
SKIP: {
|
||||
skip 'failure', 16 unless
|
||||
ok(run(app([@reqcmd, "-config", $cnf,
|
||||
"-out", $CAreq, "-keyout", $CAkey,
|
||||
"-out", $CAreq, "-key", $CAkey,
|
||||
@req_new])),
|
||||
'make cert request');
|
||||
|
||||
@ -159,7 +159,7 @@ sub testss {
|
||||
|
||||
skip 'failure', 10 unless
|
||||
ok(run(app([@reqcmd, "-config", $cnf, "-section", "userreq",
|
||||
"-out", $Ureq, "-keyout", $Ukey, @req_new],
|
||||
"-out", $Ureq, "-key", $Ukey, @req_new],
|
||||
stdout => "err.ss")),
|
||||
'make a user cert request');
|
||||
|
||||
@ -271,7 +271,7 @@ sub testss {
|
||||
|
||||
skip 'failure', 5 unless
|
||||
ok(run(app([@reqcmd, "-config", $proxycnf,
|
||||
"-out", $P1req, "-keyout", $P1key, @req_new],
|
||||
"-out", $P1req, "-key", $P1key, @req_new],
|
||||
stdout => "err.ss")),
|
||||
'make a proxy cert request');
|
||||
|
||||
@ -294,7 +294,7 @@ sub testss {
|
||||
|
||||
skip 'failure', 2 unless
|
||||
ok(run(app([@reqcmd, "-config", $proxycnf, "-section", "proxy2_req",
|
||||
"-out", $P2req, "-keyout", $P2key,
|
||||
"-out", $P2req, "-key", $P2key,
|
||||
@req_new],
|
||||
stdout => "err.ss")),
|
||||
'make another proxy cert request');
|
||||
@ -427,11 +427,11 @@ sub testssl {
|
||||
my $ciphers = '-PSK:-SRP:@SECLEVEL=0';
|
||||
|
||||
if (!$no_dsa) {
|
||||
push @exkeys, "-s_cert", "certD.ss", "-s_key", "keyD.ss";
|
||||
push @exkeys, "-s_cert", "certD.ss", "-s_key", $Dkey;
|
||||
}
|
||||
|
||||
if (!$no_ec) {
|
||||
push @exkeys, "-s_cert", "certE.ss", "-s_key", "keyE.ss";
|
||||
push @exkeys, "-s_cert", "certE.ss", "-s_key", $Ekey;
|
||||
}
|
||||
|
||||
my @protocols = ();
|
||||
|
||||
@ -25,6 +25,7 @@ plan skip_all => "TS is not supported by this OpenSSL build"
|
||||
# here, however, to be available in all subroutines.
|
||||
my $openssl_conf;
|
||||
my $testtsa;
|
||||
my $tsacakey;
|
||||
my $CAtsa;
|
||||
my @QUERY = ("openssl", "ts", "-query");
|
||||
my @REPLY;
|
||||
@ -38,12 +39,13 @@ sub create_tsa_cert {
|
||||
|
||||
ok(run(app(["openssl", "req", "-config", $openssl_conf, "-new",
|
||||
"-out", "tsa_req${INDEX}.pem",
|
||||
"-key", srctop_file("test", "certs", "alt${INDEX}-key.pem"),
|
||||
"-keyout", "tsa_key${INDEX}.pem"])));
|
||||
note "using extension $EXT";
|
||||
ok(run(app(["openssl", "x509", "-req",
|
||||
"-in", "tsa_req${INDEX}.pem",
|
||||
"-out", "tsa_cert${INDEX}.pem",
|
||||
"-CA", "tsaca.pem", "-CAkey", "tsacakey.pem",
|
||||
"-CA", "tsaca.pem", "-CAkey", $tsacakey,
|
||||
"-CAcreateserial",
|
||||
"-extfile", $openssl_conf, "-extensions", $EXT])));
|
||||
}
|
||||
@ -90,6 +92,7 @@ indir "tsa" => sub
|
||||
{
|
||||
$openssl_conf = srctop_file("test", "CAtsa.cnf");
|
||||
$testtsa = srctop_file("test", "recipes", "80-test_tsa.t");
|
||||
$tsacakey = srctop_file("test", "certs", "ca-key.pem");
|
||||
$CAtsa = srctop_file("test", "CAtsa.cnf");
|
||||
@REPLY = ("openssl", "ts", "-config", $openssl_conf, "-reply");
|
||||
|
||||
@ -102,7 +105,7 @@ indir "tsa" => sub
|
||||
skip "failed", 19
|
||||
unless ok(run(app(["openssl", "req", "-config", $openssl_conf,
|
||||
"-new", "-x509", "-noenc",
|
||||
"-out", "tsaca.pem", "-keyout", "tsacakey.pem"])),
|
||||
"-out", "tsaca.pem", "-key", $tsacakey])),
|
||||
'creating a new CA for the TSA tests');
|
||||
|
||||
skip "failed", 18
|
||||
|
||||
@ -49,15 +49,11 @@ emailAddress = optional
|
||||
|
||||
####################################################################
|
||||
[ req ]
|
||||
default_bits = 2048
|
||||
default_keyfile = testkey.pem
|
||||
distinguished_name = req_distinguished_name
|
||||
encrypt_rsa_key = no
|
||||
|
||||
# Make altreq be identical to req
|
||||
[ altreq ]
|
||||
default_bits = 2048
|
||||
default_keyfile = testkey.pem
|
||||
distinguished_name = req_distinguished_name
|
||||
encrypt_rsa_key = no
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user