source: heimdal/trunk/lib/hx509/test_query.in

Last change on this file was 1, checked in by Paul Smedley, 10 years ago

Initial commit of Heimdal 1.5.3
File size: 6.7 KB
Line 
1#!/bin/sh
2#
3# Copyright (c) 2005 - 2008 Kungliga Tekniska Högskolan
4# (Royal Institute of Technology, Stockholm, Sweden).
5# All rights reserved.
6#
7# Redistribution and use in source and binary forms, with or without
8# modification, are permitted provided that the following conditions
9# are met:
10#
11# 1. Redistributions of source code must retain the above copyright
12# notice, this list of conditions and the following disclaimer.
13#
14# 2. Redistributions in binary form must reproduce the above copyright
15# notice, this list of conditions and the following disclaimer in the
16# documentation and/or other materials provided with the distribution.
17#
18# 3. Neither the name of the Institute nor the names of its contributors
19# may be used to endorse or promote products derived from this software
20# without specific prior written permission.
21#
22# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
23# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
26# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32# SUCH DAMAGE.
33#
34# $Id$
35#
36
37srcdir="@srcdir@"
38objdir="@objdir@"
39
40stat="--statistic-file=${objdir}/statfile"
41
42hxtool="${TESTS_ENVIRONMENT} ./hxtool ${stat}"
43
44echo "try printing"
45${hxtool} print \
46 --pass=PASS:foobar \
47 --info --content \
48 PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null || exit 1
49
50echo "try printing"
51${hxtool} print \
52 --pass=PASS:foobar \
53 --info --content \
54 FILE:$srcdir/data/kdc.crt >/dev/null 2>/dev/null || exit 1
55
56${hxtool} print \
57 --pass=PASS:foobar \
58 --info \
59 PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null || exit 1
60
61echo "make sure entry is found (friendlyname)"
62${hxtool} query \
63 --pass=PASS:foobar \
64 --friendlyname=friendlyname-test \
65 PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null || exit 1
66
67echo "make sure entry is not found (friendlyname)"
68${hxtool} query \
69 --pass=PASS:foobar \
70 --friendlyname=friendlyname-test-not \
71 PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null && exit 1
72
73echo "make sure entry is found (eku)"
74${hxtool} query \
75 --eku=1.3.6.1.5.2.3.5 \
76 FILE:$srcdir/data/kdc.crt >/dev/null 2>/dev/null || exit 1
77
78echo "make sure entry is not found (eku)"
79${hxtool} query \
80 --eku=1.3.6.1.5.2.3.6 \
81 FILE:$srcdir/data/kdc.crt >/dev/null 2>/dev/null && exit 1
82
83echo "make sure entry is found (friendlyname, no-pw)"
84${hxtool} query \
85 --friendlyname=friendlyname-cert \
86 PKCS12:$srcdir/data/test-nopw.p12 >/dev/null 2>/dev/null || exit 1
87
88echo "check for ca cert (friendlyname)"
89${hxtool} query \
90 --pass=PASS:foobar \
91 --friendlyname=ca \
92 PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null || exit 1
93
94echo "make sure entry is not found (friendlyname)"
95${hxtool} query \
96 --pass=PASS:foobar \
97 --friendlyname=friendlyname-test \
98 PKCS12:$srcdir/data/sub-cert.p12 >/dev/null 2>/dev/null && exit 1
99
100echo "make sure entry is found (friendlyname|private key)"
101${hxtool} query \
102 --pass=PASS:foobar \
103 --friendlyname=friendlyname-test \
104 --private-key \
105 PKCS12:$srcdir/data/test.p12 > /dev/null || exit 1
106
107echo "make sure entry is not found (friendlyname|private key)"
108${hxtool} query \
109 --pass=PASS:foobar \
110 --friendlyname=ca \
111 --private-key \
112 PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null && exit 1
113
114echo "make sure entry is found (cert ds)"
115${hxtool} query \
116 --digitalSignature \
117 FILE:$srcdir/data/test.crt >/dev/null 2>/dev/null || exit 1
118
119echo "make sure entry is found (cert ke)"
120${hxtool} query \
121 --keyEncipherment \
122 FILE:$srcdir/data/test.crt >/dev/null 2>/dev/null || exit 1
123
124echo "make sure entry is found (cert ke + ds)"
125${hxtool} query \
126 --digitalSignature \
127 --keyEncipherment \
128 FILE:$srcdir/data/test.crt >/dev/null 2>/dev/null || exit 1
129
130echo "make sure entry is found (cert-ds ds)"
131${hxtool} query \
132 --digitalSignature \
133 FILE:$srcdir/data/test-ds-only.crt >/dev/null 2>/dev/null || exit 1
134
135echo "make sure entry is not found (cert-ds ke)"
136${hxtool} query \
137 --keyEncipherment \
138 FILE:$srcdir/data/test-ds-only.crt >/dev/null 2>/dev/null && exit 1
139
140echo "make sure entry is not found (cert-ds ke + ds)"
141${hxtool} query \
142 --digitalSignature \
143 --keyEncipherment \
144 FILE:$srcdir/data/test-ds-only.crt >/dev/null 2>/dev/null && exit 1
145
146echo "make sure entry is not found (cert-ke ds)"
147${hxtool} query \
148 --digitalSignature \
149 FILE:$srcdir/data/test-ke-only.crt >/dev/null 2>/dev/null && exit 1
150
151echo "make sure entry is found (cert-ke ke)"
152${hxtool} query \
153 --keyEncipherment \
154 FILE:$srcdir/data/test-ke-only.crt >/dev/null 2>/dev/null || exit 1
155
156echo "make sure entry is not found (cert-ke ke + ds)"
157${hxtool} query \
158 --digitalSignature \
159 --keyEncipherment \
160 FILE:$srcdir/data/test-ke-only.crt >/dev/null 2>/dev/null && exit 1
161
162echo "make sure entry is found (eku) in query language"
163${hxtool} query \
164 --expr='"1.3.6.1.5.2.3.5" IN %{certificate.eku}' \
165 FILE:$srcdir/data/kdc.crt > /dev/null || exit 1
166
167echo "make sure entry is not found (eku) in query language"
168${hxtool} query \
169 --expr='"1.3.6.1.5.2.3.6" IN %{certificate.eku}' \
170 FILE:$srcdir/data/kdc.crt > /dev/null && exit 1
171
172echo "make sure entry is found (subject) in query language"
173${hxtool} query \
174 --expr='%{certificate.subject} == "CN=kdc,C=SE"' \
175 FILE:$srcdir/data/kdc.crt > /dev/null || exit 1
176
177echo "make sure entry is found using TAILMATCH (subject) in query language"
178${hxtool} query \
179 --expr='%{certificate.subject} TAILMATCH "C=SE"' \
180 FILE:$srcdir/data/kdc.crt > /dev/null || exit 1
181
182echo "make sure entry is not found using TAILMATCH (subject) in query language"
183${hxtool} query \
184 --expr='%{certificate.subject} TAILMATCH "C=FI"' \
185 FILE:$srcdir/data/kdc.crt > /dev/null && exit 1
186
187echo "make sure entry is found (issuer) in query language"
188${hxtool} query \
189 --expr='%{certificate.issuer} == "C=SE,CN=hx509 Test Root CA"' \
190 FILE:$srcdir/data/kdc.crt > /dev/null || exit 1
191
192echo "make sure entry match with EKU and TAILMATCH in query language"
193${hxtool} query \
194 --expr='"1.3.6.1.5.2.3.5" IN %{certificate.eku} AND %{certificate.subject} TAILMATCH "C=SE"' \
195 FILE:$srcdir/data/kdc.crt > /dev/null || exit 1
196
197echo "make sure entry match with hash.sha1"
198${hxtool} query \
199 --expr='"%{certificate.hash.sha1}EQ "412120212A2CBFD777DE5499ECB4724345F33F16"' \
200 FILE:$srcdir/data/kdc.crt > /dev/null || exit 1
201
202
203exit 0
Note: See TracBrowser for help on using the repository browser.