xref: /freebsd/crypto/heimdal/lib/hx509/test_nist.in (revision 8ddb146abcdf061be9f2c0db7e391697dafad85c)
1#!/bin/sh
2#
3# Copyright (c) 2004 - 2005 Kungliga Tekniska Högskolan
4# (Royal Institute of Technology, Stockholm, Sweden).
5# All rights reserved.
6#
7# Redistribution and use in source and binary forms, with or without
8# modification, are permitted provided that the following conditions
9# are met:
10#
11# 1. Redistributions of source code must retain the above copyright
12#    notice, this list of conditions and the following disclaimer.
13#
14# 2. Redistributions in binary form must reproduce the above copyright
15#    notice, this list of conditions and the following disclaimer in the
16#    documentation and/or other materials provided with the distribution.
17#
18# 3. Neither the name of the Institute nor the names of its contributors
19#    may be used to endorse or promote products derived from this software
20#    without specific prior written permission.
21#
22# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
23# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25# ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
26# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32# SUCH DAMAGE.
33#
34# $Id$
35#
36
37srcdir="@srcdir@"
38objdir="@objdir@"
39nistdir=${objdir}/PKITS_data
40nistzip=${srcdir}/data/PKITS_data.zip
41
42stat="--statistic-file=${objdir}/statfile"
43
44hxtool="${TESTS_ENVIRONMENT} ./hxtool ${stat}"
45
46# nistzip is not distributed part of the distribution
47test -f "$nistzip" || exit 77
48
49if ${hxtool} info | grep 'rsa: hcrypto null RSA' > /dev/null ; then
50    exit 77
51fi
52if ${hxtool} info | grep 'rand: not available' > /dev/null ; then
53    exit 77
54fi
55
56echo "nist tests"
57
58if [ ! -d "$nistdir" ] ; then
59    ( mkdir "$nistdir" && unzip -d "${nistdir}" "${nistzip}" ) >/dev/null || \
60	{ rm -rf "$nistdir" ; exit 1; }
61fi
62
63while read id verify cert arg1 arg2 arg3 arg4 arg5 ; do
64    expr "$id" : "#" > /dev/null && continue
65
66    test "$id" = "end" && break
67
68    args=""
69    case "$arg1" in
70    *.crt) args="$args chain:FILE:$nistdir/certs/$arg1" ;;
71    *.crl) args="$args crl:FILE:$nistdir/crls/$arg1" ;;
72    *) args="$args $arg1" ;;
73    esac
74    case "$arg2" in
75    *.crt) args="$args chain:FILE:$nistdir/certs/$arg2" ;;
76    *.crl) args="$args crl:FILE:$nistdir/crls/$arg2" ;;
77    *) args="$args $arg2" ;;
78    esac
79    case "$arg3" in
80    *.crt) args="$args chain:FILE:$nistdir/certs/$arg3" ;;
81    *.crl) args="$args crl:FILE:$nistdir/crls/$arg3" ;;
82    *) args="$args $arg3" ;;
83    esac
84    case "$arg4" in
85    *.crt) args="$args chain:FILE:$nistdir/certs/$arg4" ;;
86    *.crl) args="$args crl:FILE:$nistdir/crls/$arg4" ;;
87    *) args="$args $arg4" ;;
88    esac
89    case "$arg5" in
90    *.crt) args="$args chain:FILE:$nistdir/certs/$arg5" ;;
91    *.crl) args="$args crl:FILE:$nistdir/crls/$arg5" ;;
92    *) args="$args $arg5" ;;
93    esac
94
95    args="$args anchor:FILE:$nistdir/certs/TrustAnchorRootCertificate.crt"
96    args="$args crl:FILE:$nistdir/crls/TrustAnchorRootCRL.crl"
97    args="$args cert:FILE:$nistdir/certs/$cert"
98
99    if ${hxtool} verify --time=2008-05-20 $args > /dev/null; then
100	if test "$verify" = "f"; then
101	    echo "verify passed on fail: $id $cert"
102	    exit 1
103	fi
104    else
105	if test "$verify" = "p"; then
106	    echo "verify failed on pass: $id $cert"
107	    exit 1
108	fi
109    fi
110
111done < $srcdir/data/nist-data
112
113
114echo "done!"
115
116exit 0
117