Add openssl test

The test seems serious but it doesn't
even verify the validity dates of
the certificate.

Anyway, this fixes #1.

Cargo.toml

@@ -22,3 +22,6 @@ ring = "0.14.0-alpha4"
 untrusted = "0.6"
 pem = "0.5"
 chrono = "0.4.6"
+
+[dev-dependencies]
+openssl = { version = "0.10" }

tests/openssl.rs

@@ -0,0 +1,46 @@
+extern crate openssl;
+extern crate rcgen;
+extern crate chrono;
+
+use chrono::NaiveDate;
+use rcgen::{Certificate, CertificateParams,
+	DistinguishedName, DnType,
+	PKCS_WITH_SHA256_WITH_ECDSA_ENCRYPTION};
+
+use openssl::x509::{X509, X509StoreContext};
+use openssl::x509::store::{X509StoreBuilder, X509Store};
+use openssl::stack::Stack;
+
+#[test]
+fn test_openssl() {
+	let not_before = NaiveDate::from_ymd(1900, 01, 01).and_hms_milli(0, 0, 0, 0);
+	let not_after = NaiveDate::from_ymd(1901, 01, 01).and_hms_milli(0, 0, 0, 0);
+	let mut distinguished_name = DistinguishedName::new();
+	distinguished_name.push(DnType::OrganizationName, "Crab widgits SE");
+	distinguished_name.push(DnType::CommonName, "Master CA");
+	let params = CertificateParams {
+		alg : PKCS_WITH_SHA256_WITH_ECDSA_ENCRYPTION,
+		not_before,
+		not_after,
+		serial_number : None,
+		subject_alt_names : vec!["crabs.crabs".to_string(), "localhost".to_string()],
+		distinguished_name,
+	};
+	let cert = Certificate::from_params(params);
+
+	println!("{}", cert.serialize_pem());
+
+	// Now verify the certificate.
+	let x509 = X509::from_pem(&cert.serialize_pem().as_bytes()).unwrap();
+	let mut builder = X509StoreBuilder::new().unwrap();
+	builder.add_cert(x509.clone()).unwrap();
+
+	let store :X509Store = builder.build();
+	let mut ctx = X509StoreContext::new().unwrap();
+	let mut stack = Stack::new().unwrap();
+	stack.push(x509.clone()).unwrap();
+	ctx.init(&store, &x509, &stack.as_ref(), |ctx| {
+		ctx.verify_cert().unwrap();
+		Ok(())
+	}).unwrap();
+}