1178825Sdfr#!/bin/sh 2178825Sdfr# 3233294Sstas# Copyright (c) 2005 - 2008 Kungliga Tekniska H��gskolan 4178825Sdfr# (Royal Institute of Technology, Stockholm, Sweden). 5178825Sdfr# All rights reserved. 6178825Sdfr# 7178825Sdfr# Redistribution and use in source and binary forms, with or without 8178825Sdfr# modification, are permitted provided that the following conditions 9178825Sdfr# are met: 10178825Sdfr# 11178825Sdfr# 1. Redistributions of source code must retain the above copyright 12178825Sdfr# notice, this list of conditions and the following disclaimer. 13178825Sdfr# 14178825Sdfr# 2. Redistributions in binary form must reproduce the above copyright 15178825Sdfr# notice, this list of conditions and the following disclaimer in the 16178825Sdfr# documentation and/or other materials provided with the distribution. 17178825Sdfr# 18178825Sdfr# 3. Neither the name of the Institute nor the names of its contributors 19178825Sdfr# may be used to endorse or promote products derived from this software 20178825Sdfr# without specific prior written permission. 21178825Sdfr# 22178825Sdfr# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 23178825Sdfr# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24178825Sdfr# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25178825Sdfr# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 26178825Sdfr# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27178825Sdfr# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28178825Sdfr# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29178825Sdfr# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30178825Sdfr# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31178825Sdfr# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32178825Sdfr# SUCH DAMAGE. 33178825Sdfr# 34233294Sstas# $Id$ 35178825Sdfr# 36178825Sdfr 37178825Sdfrsrcdir="@srcdir@" 38178825Sdfrobjdir="@objdir@" 39178825Sdfr 40178825Sdfrstat="--statistic-file=${objdir}/statfile" 41178825Sdfr 42178825Sdfrhxtool="${TESTS_ENVIRONMENT} ./hxtool ${stat}" 43178825Sdfr 44178825Sdfrecho "try printing" 45178825Sdfr${hxtool} print \ 46178825Sdfr --pass=PASS:foobar \ 47233294Sstas --info --content \ 48178825Sdfr PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null || exit 1 49178825Sdfr 50233294Sstasecho "try printing" 51178825Sdfr${hxtool} print \ 52178825Sdfr --pass=PASS:foobar \ 53233294Sstas --info --content \ 54233294Sstas FILE:$srcdir/data/kdc.crt >/dev/null 2>/dev/null || exit 1 55233294Sstas 56233294Sstas${hxtool} print \ 57233294Sstas --pass=PASS:foobar \ 58178825Sdfr --info \ 59178825Sdfr PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null || exit 1 60178825Sdfr 61178825Sdfrecho "make sure entry is found (friendlyname)" 62178825Sdfr${hxtool} query \ 63178825Sdfr --pass=PASS:foobar \ 64178825Sdfr --friendlyname=friendlyname-test \ 65178825Sdfr PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null || exit 1 66178825Sdfr 67178825Sdfrecho "make sure entry is not found (friendlyname)" 68178825Sdfr${hxtool} query \ 69178825Sdfr --pass=PASS:foobar \ 70178825Sdfr --friendlyname=friendlyname-test-not \ 71178825Sdfr PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null && exit 1 72178825Sdfr 73233294Sstasecho "make sure entry is found (eku)" 74233294Sstas${hxtool} query \ 75233294Sstas --eku=1.3.6.1.5.2.3.5 \ 76233294Sstas FILE:$srcdir/data/kdc.crt >/dev/null 2>/dev/null || exit 1 77233294Sstas 78233294Sstasecho "make sure entry is not found (eku)" 79233294Sstas${hxtool} query \ 80233294Sstas --eku=1.3.6.1.5.2.3.6 \ 81233294Sstas FILE:$srcdir/data/kdc.crt >/dev/null 2>/dev/null && exit 1 82233294Sstas 83178825Sdfrecho "make sure entry is found (friendlyname, no-pw)" 84178825Sdfr${hxtool} query \ 85178825Sdfr --friendlyname=friendlyname-cert \ 86178825Sdfr PKCS12:$srcdir/data/test-nopw.p12 >/dev/null 2>/dev/null || exit 1 87178825Sdfr 88178825Sdfrecho "check for ca cert (friendlyname)" 89178825Sdfr${hxtool} query \ 90178825Sdfr --pass=PASS:foobar \ 91178825Sdfr --friendlyname=ca \ 92178825Sdfr PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null || exit 1 93178825Sdfr 94178825Sdfrecho "make sure entry is not found (friendlyname)" 95178825Sdfr${hxtool} query \ 96178825Sdfr --pass=PASS:foobar \ 97178825Sdfr --friendlyname=friendlyname-test \ 98178825Sdfr PKCS12:$srcdir/data/sub-cert.p12 >/dev/null 2>/dev/null && exit 1 99178825Sdfr 100178825Sdfrecho "make sure entry is found (friendlyname|private key)" 101178825Sdfr${hxtool} query \ 102178825Sdfr --pass=PASS:foobar \ 103178825Sdfr --friendlyname=friendlyname-test \ 104178825Sdfr --private-key \ 105178825Sdfr PKCS12:$srcdir/data/test.p12 > /dev/null || exit 1 106178825Sdfr 107178825Sdfrecho "make sure entry is not found (friendlyname|private key)" 108178825Sdfr${hxtool} query \ 109178825Sdfr --pass=PASS:foobar \ 110178825Sdfr --friendlyname=ca \ 111178825Sdfr --private-key \ 112178825Sdfr PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null && exit 1 113178825Sdfr 114178825Sdfrecho "make sure entry is found (cert ds)" 115178825Sdfr${hxtool} query \ 116178825Sdfr --digitalSignature \ 117178825Sdfr FILE:$srcdir/data/test.crt >/dev/null 2>/dev/null || exit 1 118178825Sdfr 119178825Sdfrecho "make sure entry is found (cert ke)" 120178825Sdfr${hxtool} query \ 121178825Sdfr --keyEncipherment \ 122178825Sdfr FILE:$srcdir/data/test.crt >/dev/null 2>/dev/null || exit 1 123178825Sdfr 124178825Sdfrecho "make sure entry is found (cert ke + ds)" 125178825Sdfr${hxtool} query \ 126178825Sdfr --digitalSignature \ 127178825Sdfr --keyEncipherment \ 128178825Sdfr FILE:$srcdir/data/test.crt >/dev/null 2>/dev/null || exit 1 129178825Sdfr 130178825Sdfrecho "make sure entry is found (cert-ds ds)" 131178825Sdfr${hxtool} query \ 132178825Sdfr --digitalSignature \ 133178825Sdfr FILE:$srcdir/data/test-ds-only.crt >/dev/null 2>/dev/null || exit 1 134178825Sdfr 135178825Sdfrecho "make sure entry is not found (cert-ds ke)" 136178825Sdfr${hxtool} query \ 137178825Sdfr --keyEncipherment \ 138178825Sdfr FILE:$srcdir/data/test-ds-only.crt >/dev/null 2>/dev/null && exit 1 139178825Sdfr 140178825Sdfrecho "make sure entry is not found (cert-ds ke + ds)" 141178825Sdfr${hxtool} query \ 142178825Sdfr --digitalSignature \ 143178825Sdfr --keyEncipherment \ 144178825Sdfr FILE:$srcdir/data/test-ds-only.crt >/dev/null 2>/dev/null && exit 1 145178825Sdfr 146178825Sdfrecho "make sure entry is not found (cert-ke ds)" 147178825Sdfr${hxtool} query \ 148178825Sdfr --digitalSignature \ 149178825Sdfr FILE:$srcdir/data/test-ke-only.crt >/dev/null 2>/dev/null && exit 1 150178825Sdfr 151178825Sdfrecho "make sure entry is found (cert-ke ke)" 152178825Sdfr${hxtool} query \ 153178825Sdfr --keyEncipherment \ 154178825Sdfr FILE:$srcdir/data/test-ke-only.crt >/dev/null 2>/dev/null || exit 1 155178825Sdfr 156178825Sdfrecho "make sure entry is not found (cert-ke ke + ds)" 157178825Sdfr${hxtool} query \ 158178825Sdfr --digitalSignature \ 159178825Sdfr --keyEncipherment \ 160178825Sdfr FILE:$srcdir/data/test-ke-only.crt >/dev/null 2>/dev/null && exit 1 161178825Sdfr 162233294Sstasecho "make sure entry is found (eku) in query language" 163233294Sstas${hxtool} query \ 164233294Sstas --expr='"1.3.6.1.5.2.3.5" IN %{certificate.eku}' \ 165233294Sstas FILE:$srcdir/data/kdc.crt > /dev/null || exit 1 166233294Sstas 167233294Sstasecho "make sure entry is not found (eku) in query language" 168233294Sstas${hxtool} query \ 169233294Sstas --expr='"1.3.6.1.5.2.3.6" IN %{certificate.eku}' \ 170233294Sstas FILE:$srcdir/data/kdc.crt > /dev/null && exit 1 171233294Sstas 172233294Sstasecho "make sure entry is found (subject) in query language" 173233294Sstas${hxtool} query \ 174233294Sstas --expr='%{certificate.subject} == "CN=kdc,C=SE"' \ 175233294Sstas FILE:$srcdir/data/kdc.crt > /dev/null || exit 1 176233294Sstas 177233294Sstasecho "make sure entry is found using TAILMATCH (subject) in query language" 178233294Sstas${hxtool} query \ 179233294Sstas --expr='%{certificate.subject} TAILMATCH "C=SE"' \ 180233294Sstas FILE:$srcdir/data/kdc.crt > /dev/null || exit 1 181233294Sstas 182233294Sstasecho "make sure entry is not found using TAILMATCH (subject) in query language" 183233294Sstas${hxtool} query \ 184233294Sstas --expr='%{certificate.subject} TAILMATCH "C=FI"' \ 185233294Sstas FILE:$srcdir/data/kdc.crt > /dev/null && exit 1 186233294Sstas 187233294Sstasecho "make sure entry is found (issuer) in query language" 188233294Sstas${hxtool} query \ 189233294Sstas --expr='%{certificate.issuer} == "C=SE,CN=hx509 Test Root CA"' \ 190233294Sstas FILE:$srcdir/data/kdc.crt > /dev/null || exit 1 191233294Sstas 192233294Sstasecho "make sure entry match with EKU and TAILMATCH in query language" 193233294Sstas${hxtool} query \ 194233294Sstas --expr='"1.3.6.1.5.2.3.5" IN %{certificate.eku} AND %{certificate.subject} TAILMATCH "C=SE"' \ 195233294Sstas FILE:$srcdir/data/kdc.crt > /dev/null || exit 1 196233294Sstas 197233294Sstasecho "make sure entry match with hash.sha1" 198233294Sstas${hxtool} query \ 199233294Sstas --expr='"%{certificate.hash.sha1}EQ "412120212A2CBFD777DE5499ECB4724345F33F16"' \ 200233294Sstas FILE:$srcdir/data/kdc.crt > /dev/null || exit 1 201233294Sstas 202233294Sstas 203178825Sdfrexit 0 204