source: heimdal/trunk/lib/hx509/test_crypto.in

Last change on this file was 1, checked in by Paul Smedley, 10 years ago

Initial commit of Heimdal 1.5.3
File size: 6.5 KB
Line 
1#!/bin/sh
2#
3# Copyright (c) 2006 Kungliga Tekniska Högskolan
4# (Royal Institute of Technology, Stockholm, Sweden).
5# All rights reserved.
6#
7# Redistribution and use in source and binary forms, with or without
8# modification, are permitted provided that the following conditions
9# are met:
10#
11# 1. Redistributions of source code must retain the above copyright
12# notice, this list of conditions and the following disclaimer.
13#
14# 2. Redistributions in binary form must reproduce the above copyright
15# notice, this list of conditions and the following disclaimer in the
16# documentation and/or other materials provided with the distribution.
17#
18# 3. Neither the name of the Institute nor the names of its contributors
19# may be used to endorse or promote products derived from this software
20# without specific prior written permission.
21#
22# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
23# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
26# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32# SUCH DAMAGE.
33#
34# $Id$
35#
36
37srcdir="@srcdir@"
38objdir="@objdir@"
39
40stat="--statistic-file=${objdir}/statfile"
41
42hxtool="${TESTS_ENVIRONMENT} ./hxtool ${stat}"
43
44if ${hxtool} info | grep 'rsa: hcrypto null RSA' > /dev/null ; then
45 exit 77
46fi
47if ${hxtool} info | grep 'rand: not available' > /dev/null ; then
48 exit 77
49fi
50
51
52echo "Bleichenbacher good cert (from eay)"
53${hxtool} verify --missing-revoke \
54 --time=2006-09-25 \
55 cert:FILE:$srcdir/data/bleichenbacher-good.pem \
56 anchor:FILE:$srcdir/data/bleichenbacher-good.pem > /dev/null || exit 1
57
58echo "Bleichenbacher bad cert (from eay)"
59${hxtool} verify --missing-revoke \
60 --time=2006-09-25 \
61 cert:FILE:$srcdir/data/bleichenbacher-bad.pem \
62 anchor:FILE:$srcdir/data/bleichenbacher-bad.pem > /dev/null && exit 1
63
64echo "Bleichenbacher good cert (from yutaka)"
65${hxtool} verify --missing-revoke \
66 --time=2006-09-25 \
67 cert:FILE:$srcdir/data/yutaka-pad-ok-cert.pem \
68 anchor:FILE:$srcdir/data/yutaka-pad-ok-ca.pem > /dev/null || exit 1
69
70echo "Bleichenbacher bad cert (from yutaka)"
71${hxtool} verify --missing-revoke \
72 --time=2006-09-25 \
73 cert:FILE:$srcdir/data/yutaka-pad-broken-cert.pem \
74 anchor:FILE:$srcdir/data/yutaka-pad-broken-ca.pem > /dev/null && exit 1
75
76# Ralf-Philipp Weinmann <weinmann@cdc.informatik.tu-darmstadt.de>
77# Andrew Pyshkin <pychkine@cdc.informatik.tu-darmstadt.de>
78echo "Bleichenbacher bad cert (sf pad correct)"
79${hxtool} verify --missing-revoke \
80 --time=2006-09-25 \
81 cert:FILE:$srcdir/data/bleichenbacher-sf-pad-correct.pem \
82 anchor:FILE:$srcdir/data/sf-class2-root.pem > /dev/null && exit 1
83
84echo Read 50 kilobyte random data
85${hxtool} random-data 50kilobyte > random-data || exit 1
86
87echo "crypto select1"
88${hxtool} crypto-select > test || { echo "select1"; exit 1; }
89cmp test ${srcdir}/tst-crypto-select1 > /dev/null || \
90 { echo "select1 failure"; exit 1; }
91
92echo "crypto select1"
93${hxtool} crypto-select --type=digest > test || { echo "select1"; exit 1; }
94cmp test ${srcdir}/tst-crypto-select1 > /dev/null || \
95 { echo "select1 failure"; exit 1; }
96
97echo "crypto select2"
98${hxtool} crypto-select --type=public-sig > test || { echo "select2"; exit 1; }
99cmp test ${srcdir}/tst-crypto-select2 > /dev/null || \
100 { echo "select2 failure"; exit 1; }
101
102echo "crypto select3"
103${hxtool} crypto-select \
104 --type=public-sig \
105 --peer-cmstype=1.2.840.113549.1.1.4 \
106 > test || { echo "select3"; exit 1; }
107cmp test ${srcdir}/tst-crypto-select3 > /dev/null || \
108 { echo "select3 failure"; exit 1; }
109
110echo "crypto select4"
111${hxtool} crypto-select \
112 --type=public-sig \
113 --peer-cmstype=1.2.840.113549.1.1.5 \
114 --peer-cmstype=1.2.840.113549.1.1.4 \
115 > test || { echo "select4"; exit 1; }
116cmp test ${srcdir}/tst-crypto-select4 > /dev/null || \
117 { echo "select4 failure"; exit 1; }
118
119echo "crypto select5"
120${hxtool} crypto-select \
121 --type=public-sig \
122 --peer-cmstype=1.2.840.113549.1.1.11 \
123 --peer-cmstype=1.2.840.113549.1.1.5 \
124 > test || { echo "select5"; exit 1; }
125cmp test ${srcdir}/tst-crypto-select5 > /dev/null || \
126 { echo "select5 failure"; exit 1; }
127
128echo "crypto select6"
129${hxtool} crypto-select \
130 --type=public-sig \
131 --peer-cmstype=1.2.840.113549.2.5 \
132 --peer-cmstype=1.2.840.113549.1.1.5 \
133 > test || { echo "select6"; exit 1; }
134cmp test ${srcdir}/tst-crypto-select6 > /dev/null || \
135 { echo "select6 failure"; exit 1; }
136
137echo "crypto select7"
138${hxtool} crypto-select \
139 --type=secret \
140 --peer-cmstype=2.16.840.1.101.3.4.1.42 \
141 --peer-cmstype=1.2.840.113549.3.7 \
142 --peer-cmstype=1.2.840.113549.1.1.5 \
143 > test || { echo "select7"; exit 1; }
144cmp test ${srcdir}/tst-crypto-select7 > /dev/null || \
145 { echo "select7 failure"; exit 1; }
146
147#echo "crypto available1"
148#${hxtool} crypto-available \
149# --type=all \
150# > test || { echo "available1"; exit 1; }
151#cmp test ${srcdir}/tst-crypto-available1 > /dev/null || \
152# { echo "available1 failure"; exit 1; }
153
154echo "crypto available2"
155${hxtool} crypto-available \
156 --type=digest \
157 > test || { echo "available2"; exit 1; }
158cmp test ${srcdir}/tst-crypto-available2 > /dev/null || \
159 { echo "available2 failure"; exit 1; }
160
161#echo "crypto available3"
162#${hxtool} crypto-available \
163# --type=public-sig \
164# > test || { echo "available3"; exit 1; }
165#cmp test ${srcdir}/tst-crypto-available3 > /dev/null || \
166# { echo "available3 failure"; exit 1; }
167
168echo "copy keystore FILE existing -> FILE"
169${hxtool} certificate-copy \
170 FILE:${srcdir}/data/test.crt,${srcdir}/data/test.key \
171 FILE:out.pem || exit 1
172
173echo "copy keystore FILE -> FILE"
174${hxtool} certificate-copy \
175 FILE:out.pem \
176 FILE:out2.pem || exit 1
177
178echo "copy keystore FILE -> PKCS12"
179${hxtool} certificate-copy \
180 FILE:out.pem \
181 PKCS12:out2.pem || exit 1
182
183echo "print certificate with utf8"
184${hxtool} print \
185 FILE:$srcdir/data/j.pem >/dev/null 2>/dev/null || exit 1
186
187echo "Make sure that we can parse EC private keys"
188${hxtool} print --content \
189 FILE:$srcdir/data/pkinit-ec.crt,$srcdir/data/pkinit-ec.key \
190 > /dev/null || exit 1
191
192exit 0
Note: See TracBrowser for help on using the repository browser.