From 00a6e317ebbd3fc6ea703406821b4d7f8b4c4ad5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Fri, 5 Jan 2007 18:37:14 +0000
Subject: [PATCH] test reissueing ca certificate (xxx time validAfter).

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19727 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 lib/hx509/test_ca.in | 24 +++++++++++++++++++++---
 1 file changed, 21 insertions(+), 3 deletions(-)

diff --git a/lib/hx509/test_ca.in b/lib/hx509/test_ca.in
index 2e19d3ca2..b4889f4b2 100644
--- a/lib/hx509/test_ca.in
+++ b/lib/hx509/test_ca.in
@@ -154,16 +154,17 @@ echo "issue ca cert (generate rsa key)"
 ${hxtool} issue-certificate \
 	  --self-signed \
 	  --issue-ca \
+ 	  --serial-number="deadbeaf" \
 	  --generate-key=rsa \
-	  --key="ca2-key.der" \
+	  --out-key="ca2-key.der" \
 	  --subject="cn=ca2-cert" \
 	  --certificate="cert-ca.der" || exit 1
 
-echo "issue ca cert (generate rsa key)"
+echo "issue ee cert (generate rsa key)"
 ${hxtool} issue-certificate \
 	  --ca-certificate=FILE:cert-ca.der,ca2-key.der \
 	  --generate-key=rsa \
-	  --key="ee2-key.der" \
+	  --out-key="ee2-key.der" \
 	  --subject="cn=cert-ee2" \
 	  --certificate="cert-ee.der" || exit 1
 
@@ -185,6 +186,23 @@ ${hxtool} cms-verify-sd \
 	sd.data sd.data.out > /dev/null || exit 1
 cmp "$srcdir/test_name.c" sd.data.out || exit 1
 
+openssl x509 -in cert-ca.der -inform der -text > diff1
+echo "extend ca cert"
+${hxtool} issue-certificate \
+	  --self-signed \
+	  --issue-ca \
+          --lifetime="2years" \
+ 	  --serial-number="deadbeaf" \
+	  --ca-private-key=ca2-key.der \
+	  --subject="cn=ca2-cert" \
+	  --certificate="cert-ca.der" || exit 1
+openssl x509 -in cert-ca.der -inform der -text > diff2
+
+echo "verify certificate generated by previous ca"
+${hxtool} verify --missing-revoke \
+	cert:FILE:cert-ee.der \
+	anchor:FILE:cert-ca.der > /dev/null || exit 1
+
 
 
 exit 0