1c19800e8SDoug Rabson#!/bin/sh 2c19800e8SDoug Rabson# 3*ae771770SStanislav Sedov# Copyright (c) 2006 Kungliga Tekniska Högskolan 4c19800e8SDoug Rabson# (Royal Institute of Technology, Stockholm, Sweden). 5c19800e8SDoug Rabson# All rights reserved. 6c19800e8SDoug Rabson# 7c19800e8SDoug Rabson# Redistribution and use in source and binary forms, with or without 8c19800e8SDoug Rabson# modification, are permitted provided that the following conditions 9c19800e8SDoug Rabson# are met: 10c19800e8SDoug Rabson# 11c19800e8SDoug Rabson# 1. Redistributions of source code must retain the above copyright 12c19800e8SDoug Rabson# notice, this list of conditions and the following disclaimer. 13c19800e8SDoug Rabson# 14c19800e8SDoug Rabson# 2. Redistributions in binary form must reproduce the above copyright 15c19800e8SDoug Rabson# notice, this list of conditions and the following disclaimer in the 16c19800e8SDoug Rabson# documentation and/or other materials provided with the distribution. 17c19800e8SDoug Rabson# 18c19800e8SDoug Rabson# 3. Neither the name of the Institute nor the names of its contributors 19c19800e8SDoug Rabson# may be used to endorse or promote products derived from this software 20c19800e8SDoug Rabson# without specific prior written permission. 21c19800e8SDoug Rabson# 22c19800e8SDoug Rabson# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 23c19800e8SDoug Rabson# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24c19800e8SDoug Rabson# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25c19800e8SDoug Rabson# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 26c19800e8SDoug Rabson# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27c19800e8SDoug Rabson# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28c19800e8SDoug Rabson# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29c19800e8SDoug Rabson# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30c19800e8SDoug Rabson# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31c19800e8SDoug Rabson# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32c19800e8SDoug Rabson# SUCH DAMAGE. 33c19800e8SDoug Rabson# 34*ae771770SStanislav Sedov# $Id$ 35c19800e8SDoug Rabson# 36c19800e8SDoug Rabson 37c19800e8SDoug Rabsonsrcdir="@srcdir@" 38c19800e8SDoug Rabsonobjdir="@objdir@" 39c19800e8SDoug Rabson 40c19800e8SDoug Rabsonstat="--statistic-file=${objdir}/statfile" 41c19800e8SDoug Rabson 42c19800e8SDoug Rabsonhxtool="${TESTS_ENVIRONMENT} ./hxtool ${stat}" 43c19800e8SDoug Rabson 44c19800e8SDoug Rabsonif ${hxtool} info | grep 'rsa: hcrypto null RSA' > /dev/null ; then 45c19800e8SDoug Rabson exit 77 46c19800e8SDoug Rabsonfi 47c19800e8SDoug Rabsonif ${hxtool} info | grep 'rand: not available' > /dev/null ; then 48c19800e8SDoug Rabson exit 77 49c19800e8SDoug Rabsonfi 50c19800e8SDoug Rabson 51c19800e8SDoug Rabson 52c19800e8SDoug Rabsonecho "Bleichenbacher good cert (from eay)" 53c19800e8SDoug Rabson${hxtool} verify --missing-revoke \ 54c19800e8SDoug Rabson --time=2006-09-25 \ 55c19800e8SDoug Rabson cert:FILE:$srcdir/data/bleichenbacher-good.pem \ 56c19800e8SDoug Rabson anchor:FILE:$srcdir/data/bleichenbacher-good.pem > /dev/null || exit 1 57c19800e8SDoug Rabson 58c19800e8SDoug Rabsonecho "Bleichenbacher bad cert (from eay)" 59c19800e8SDoug Rabson${hxtool} verify --missing-revoke \ 60c19800e8SDoug Rabson --time=2006-09-25 \ 61c19800e8SDoug Rabson cert:FILE:$srcdir/data/bleichenbacher-bad.pem \ 62c19800e8SDoug Rabson anchor:FILE:$srcdir/data/bleichenbacher-bad.pem > /dev/null && exit 1 63c19800e8SDoug Rabson 64c19800e8SDoug Rabsonecho "Bleichenbacher good cert (from yutaka)" 65c19800e8SDoug Rabson${hxtool} verify --missing-revoke \ 66c19800e8SDoug Rabson --time=2006-09-25 \ 67c19800e8SDoug Rabson cert:FILE:$srcdir/data/yutaka-pad-ok-cert.pem \ 68c19800e8SDoug Rabson anchor:FILE:$srcdir/data/yutaka-pad-ok-ca.pem > /dev/null || exit 1 69c19800e8SDoug Rabson 70c19800e8SDoug Rabsonecho "Bleichenbacher bad cert (from yutaka)" 71c19800e8SDoug Rabson${hxtool} verify --missing-revoke \ 72c19800e8SDoug Rabson --time=2006-09-25 \ 73c19800e8SDoug Rabson cert:FILE:$srcdir/data/yutaka-pad-broken-cert.pem \ 74c19800e8SDoug Rabson anchor:FILE:$srcdir/data/yutaka-pad-broken-ca.pem > /dev/null && exit 1 75c19800e8SDoug Rabson 76c19800e8SDoug Rabson# Ralf-Philipp Weinmann <weinmann@cdc.informatik.tu-darmstadt.de> 77c19800e8SDoug Rabson# Andrew Pyshkin <pychkine@cdc.informatik.tu-darmstadt.de> 78c19800e8SDoug Rabsonecho "Bleichenbacher bad cert (sf pad correct)" 79c19800e8SDoug Rabson${hxtool} verify --missing-revoke \ 80c19800e8SDoug Rabson --time=2006-09-25 \ 81c19800e8SDoug Rabson cert:FILE:$srcdir/data/bleichenbacher-sf-pad-correct.pem \ 82c19800e8SDoug Rabson anchor:FILE:$srcdir/data/sf-class2-root.pem > /dev/null && exit 1 83c19800e8SDoug Rabson 84c19800e8SDoug Rabsonecho Read 50 kilobyte random data 85c19800e8SDoug Rabson${hxtool} random-data 50kilobyte > random-data || exit 1 86c19800e8SDoug Rabson 87c19800e8SDoug Rabsonecho "crypto select1" 88c19800e8SDoug Rabson${hxtool} crypto-select > test || { echo "select1"; exit 1; } 89c19800e8SDoug Rabsoncmp test ${srcdir}/tst-crypto-select1 > /dev/null || \ 90c19800e8SDoug Rabson { echo "select1 failure"; exit 1; } 91c19800e8SDoug Rabson 92c19800e8SDoug Rabsonecho "crypto select1" 93c19800e8SDoug Rabson${hxtool} crypto-select --type=digest > test || { echo "select1"; exit 1; } 94c19800e8SDoug Rabsoncmp test ${srcdir}/tst-crypto-select1 > /dev/null || \ 95c19800e8SDoug Rabson { echo "select1 failure"; exit 1; } 96c19800e8SDoug Rabson 97c19800e8SDoug Rabsonecho "crypto select2" 98c19800e8SDoug Rabson${hxtool} crypto-select --type=public-sig > test || { echo "select2"; exit 1; } 99c19800e8SDoug Rabsoncmp test ${srcdir}/tst-crypto-select2 > /dev/null || \ 100c19800e8SDoug Rabson { echo "select2 failure"; exit 1; } 101c19800e8SDoug Rabson 102c19800e8SDoug Rabsonecho "crypto select3" 103c19800e8SDoug Rabson${hxtool} crypto-select \ 104c19800e8SDoug Rabson --type=public-sig \ 105c19800e8SDoug Rabson --peer-cmstype=1.2.840.113549.1.1.4 \ 106c19800e8SDoug Rabson > test || { echo "select3"; exit 1; } 107c19800e8SDoug Rabsoncmp test ${srcdir}/tst-crypto-select3 > /dev/null || \ 108c19800e8SDoug Rabson { echo "select3 failure"; exit 1; } 109c19800e8SDoug Rabson 110c19800e8SDoug Rabsonecho "crypto select4" 111c19800e8SDoug Rabson${hxtool} crypto-select \ 112c19800e8SDoug Rabson --type=public-sig \ 113c19800e8SDoug Rabson --peer-cmstype=1.2.840.113549.1.1.5 \ 114c19800e8SDoug Rabson --peer-cmstype=1.2.840.113549.1.1.4 \ 115c19800e8SDoug Rabson > test || { echo "select4"; exit 1; } 116c19800e8SDoug Rabsoncmp test ${srcdir}/tst-crypto-select4 > /dev/null || \ 117c19800e8SDoug Rabson { echo "select4 failure"; exit 1; } 118c19800e8SDoug Rabson 119c19800e8SDoug Rabsonecho "crypto select5" 120c19800e8SDoug Rabson${hxtool} crypto-select \ 121c19800e8SDoug Rabson --type=public-sig \ 122c19800e8SDoug Rabson --peer-cmstype=1.2.840.113549.1.1.11 \ 123c19800e8SDoug Rabson --peer-cmstype=1.2.840.113549.1.1.5 \ 124c19800e8SDoug Rabson > test || { echo "select5"; exit 1; } 125c19800e8SDoug Rabsoncmp test ${srcdir}/tst-crypto-select5 > /dev/null || \ 126c19800e8SDoug Rabson { echo "select5 failure"; exit 1; } 127c19800e8SDoug Rabson 128c19800e8SDoug Rabsonecho "crypto select6" 129c19800e8SDoug Rabson${hxtool} crypto-select \ 130c19800e8SDoug Rabson --type=public-sig \ 131c19800e8SDoug Rabson --peer-cmstype=1.2.840.113549.2.5 \ 132c19800e8SDoug Rabson --peer-cmstype=1.2.840.113549.1.1.5 \ 133c19800e8SDoug Rabson > test || { echo "select6"; exit 1; } 134c19800e8SDoug Rabsoncmp test ${srcdir}/tst-crypto-select6 > /dev/null || \ 135c19800e8SDoug Rabson { echo "select6 failure"; exit 1; } 136c19800e8SDoug Rabson 137c19800e8SDoug Rabsonecho "crypto select7" 138c19800e8SDoug Rabson${hxtool} crypto-select \ 139c19800e8SDoug Rabson --type=secret \ 140c19800e8SDoug Rabson --peer-cmstype=2.16.840.1.101.3.4.1.42 \ 141c19800e8SDoug Rabson --peer-cmstype=1.2.840.113549.3.7 \ 142c19800e8SDoug Rabson --peer-cmstype=1.2.840.113549.1.1.5 \ 143c19800e8SDoug Rabson > test || { echo "select7"; exit 1; } 144c19800e8SDoug Rabsoncmp test ${srcdir}/tst-crypto-select7 > /dev/null || \ 145c19800e8SDoug Rabson { echo "select7 failure"; exit 1; } 146c19800e8SDoug Rabson 147*ae771770SStanislav Sedov#echo "crypto available1" 148*ae771770SStanislav Sedov#${hxtool} crypto-available \ 149*ae771770SStanislav Sedov# --type=all \ 150*ae771770SStanislav Sedov# > test || { echo "available1"; exit 1; } 151*ae771770SStanislav Sedov#cmp test ${srcdir}/tst-crypto-available1 > /dev/null || \ 152*ae771770SStanislav Sedov# { echo "available1 failure"; exit 1; } 153c19800e8SDoug Rabson 154c19800e8SDoug Rabsonecho "crypto available2" 155c19800e8SDoug Rabson${hxtool} crypto-available \ 156c19800e8SDoug Rabson --type=digest \ 157c19800e8SDoug Rabson > test || { echo "available2"; exit 1; } 158c19800e8SDoug Rabsoncmp test ${srcdir}/tst-crypto-available2 > /dev/null || \ 159c19800e8SDoug Rabson { echo "available2 failure"; exit 1; } 160c19800e8SDoug Rabson 161*ae771770SStanislav Sedov#echo "crypto available3" 162*ae771770SStanislav Sedov#${hxtool} crypto-available \ 163*ae771770SStanislav Sedov# --type=public-sig \ 164*ae771770SStanislav Sedov# > test || { echo "available3"; exit 1; } 165*ae771770SStanislav Sedov#cmp test ${srcdir}/tst-crypto-available3 > /dev/null || \ 166*ae771770SStanislav Sedov# { echo "available3 failure"; exit 1; } 167c19800e8SDoug Rabson 168c19800e8SDoug Rabsonecho "copy keystore FILE existing -> FILE" 169c19800e8SDoug Rabson${hxtool} certificate-copy \ 170c19800e8SDoug Rabson FILE:${srcdir}/data/test.crt,${srcdir}/data/test.key \ 171c19800e8SDoug Rabson FILE:out.pem || exit 1 172c19800e8SDoug Rabson 173c19800e8SDoug Rabsonecho "copy keystore FILE -> FILE" 174c19800e8SDoug Rabson${hxtool} certificate-copy \ 175c19800e8SDoug Rabson FILE:out.pem \ 176c19800e8SDoug Rabson FILE:out2.pem || exit 1 177c19800e8SDoug Rabson 178c19800e8SDoug Rabsonecho "copy keystore FILE -> PKCS12" 179c19800e8SDoug Rabson${hxtool} certificate-copy \ 180c19800e8SDoug Rabson FILE:out.pem \ 181c19800e8SDoug Rabson PKCS12:out2.pem || exit 1 182c19800e8SDoug Rabson 183c19800e8SDoug Rabsonecho "print certificate with utf8" 184c19800e8SDoug Rabson${hxtool} print \ 185c19800e8SDoug Rabson FILE:$srcdir/data/j.pem >/dev/null 2>/dev/null || exit 1 186c19800e8SDoug Rabson 187*ae771770SStanislav Sedovecho "Make sure that we can parse EC private keys" 188*ae771770SStanislav Sedov${hxtool} print --content \ 189*ae771770SStanislav Sedov FILE:$srcdir/data/pkinit-ec.crt,$srcdir/data/pkinit-ec.key \ 190*ae771770SStanislav Sedov > /dev/null || exit 1 191*ae771770SStanislav Sedov 192c19800e8SDoug Rabsonexit 0 193