[openssl/openssl] 386ab7: Add test cases for verification of time stamping c...

[pauli]

  Branch: refs/heads/master
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 386ab7f1fefdd77521e670d9593e9894e2774be0
      https://github.openssl.org/openssl/openssl/commit/386ab7f1fefdd77521e670d9593e9894e2774be0
  Author: Lutz Jaenicke <ljaenicke at phoenixcontact.com>
  Date:   2022-06-22 (Wed, 22 Jun 2022)

  Changed paths:
    A test/certs/ee-timestampsign-CABforum-anyextkeyusage.pem
    A test/certs/ee-timestampsign-CABforum-crlsign.pem
    A test/certs/ee-timestampsign-CABforum-keycertsign.pem
    A test/certs/ee-timestampsign-CABforum-noncritxku.pem
    A test/certs/ee-timestampsign-CABforum-serverauth.pem
    A test/certs/ee-timestampsign-CABforum.pem
    A test/certs/ee-timestampsign-rfc3161-digsig.pem
    A test/certs/ee-timestampsign-rfc3161-noncritxku.pem
    A test/certs/ee-timestampsign-rfc3161.pem
    M test/certs/setup.sh
    M test/recipes/25-test_verify.t

  Log Message:
  -----------
  Add test cases for verification of time stamping certificates

Test makes sure, that both time stamping certificate according to rfc3161 (no
requirements for keyUsage extension) and according to CAB forum (keyUsage
extension must be digitalSignature and be set critical) are accepted. Misuse
cases as stated in CAB forum are rejected, only exeption is a missing
"critial" flag on keyUsage.

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18597)