22
17
["subjectKeyIdentifier","hash",false],
23
18
["authorityKeyIdentifier","keyid:always",false],
25
@ca_cert = issue_cert(ca, @rsa2048, 1, Time.now, Time.now+3600, ca_exts,
20
@ca_cert = issue_cert(ca, @rsa2048, 1, now, now+3600, ca_exts,
26
21
nil, nil, OpenSSL::Digest::SHA1.new)
28
23
["keyUsage","Non Repudiation, Digital Signature, Key Encipherment",true],
29
24
["authorityKeyIdentifier","keyid:always",false],
30
25
["extendedKeyUsage","clientAuth, emailProtection, codeSigning",false],
32
@ee1_cert = issue_cert(ee1, @rsa1024, 2, Time.now, Time.now+1800, ee_exts,
27
@ee1_cert = issue_cert(ee1, @rsa1024, 2, now, now+1800, ee_exts,
33
28
@ca_cert, @rsa2048, OpenSSL::Digest::SHA1.new)
34
@ee2_cert = issue_cert(ee2, @rsa1024, 3, Time.now, Time.now+1800, ee_exts,
29
@ee2_cert = issue_cert(ee2, @rsa1024, 3, now, now+1800, ee_exts,
35
30
@ca_cert, @rsa2048, OpenSSL::Digest::SHA1.new)
109
104
flag = OpenSSL::PKCS7::BINARY|OpenSSL::PKCS7::DETACHED
110
105
tmp = OpenSSL::PKCS7.sign(@ee1_cert, @rsa1024, data, ca_certs, flag)
111
106
p7 = OpenSSL::PKCS7.new(tmp.to_der)
112
a1 = OpenSSL::ASN1.decode(p7)
107
assert_nothing_raised do
108
OpenSSL::ASN1.decode(p7)
114
111
certs = p7.certificates
115
112
signers = p7.signers