X-Git-Url: https://pwan.org/git/?p=certmaster.git;a=blobdiff_plain;f=tests%2Ftest-certmaster.sh;h=11e75654f82d44855bd840b6e9c11f4edc792e43;hp=b9c6be13b6ba6316a89d446c120036bea5134c99;hb=67e8a55e10f81105cb76e7c1ff9d0615cf97dff5;hpb=88c38a52cf4da57c8b0a910762ca69cc8dbec61f

diff --git a/tests/test-certmaster.sh b/tests/test-certmaster.sh
index b9c6be1..11e7565 100755
--- a/tests/test-certmaster.sh
+++ b/tests/test-certmaster.sh
@@ -178,6 +178,9 @@ test_TestCA_Autosigning()
     subject=`openssl x509 -in /etc/pki/certmaster-test/testcert.pwan.co.cert -subject -noout`
     [[ $subject == *"CN=testcert.pwan.co"* ]]
 
+    openssl x509 -in /etc/pki/certmaster-test/testcert.pwan.co.cert  -text | grep Signature | grep sha256
+    assertTrue "testcert.pwan.co.cert has a sha256 hash" $?
+
     openssl rsa -in /etc/pki/certmaster-test/testcert.pwan.co.pem -check > /dev/null 2>&1
     assertTrue "test.pwan.co.pem OK" $?
     openssl req -text -noout -verify -in /etc/pki/certmaster-test/testcert.pwan.co.csr > /dev/null 2>&1
@@ -199,6 +202,31 @@ test_TestCA_Autosigning()
 
 }
 
+test_MD5CA_Attempy() {
+
+    # TODO:  Verify attempts to create MD5 certs fail
+    assertTrue "TODO" false
+}
+
+test_Sha1CA_Autosigning() {
+
+    # TODO:  Verify a deprecation warning was issued ?
+
+    certmaster-request --hostname testcert.pwan.co --ca sha1
+    openssl x509 -in /etc/pki/certmaster-sha1/testcert.pwan.co.cert  -text | grep Signature | grep sha1
+    assertTrue "testcert.pwan.co.cert has a sha1 hash" $?
+
+}
+
+test_Sha224CA_Autosigning() {
+
+    # TODO:  Verify /etc/pki/certmaster-test/testcert.pwan.co.cert is using sha224
+    certmaster-request --hostname testcert.pwan.co --ca sha224
+    openssl x509 -in /etc/pki/certmaster-sha224/testcert.pwan.co.cert  -text | grep Signature | grep sha224
+    assertTrue "testcert.pwan.co.cert has a sha224 hash" $?
+
+}
+
 test_DefaultCA_NonAutosigning() {
 
     # Turn on job control, so 'fg' is available