155682Smarkm#!/bin/sh 278527Sassar# 355682Smarkm# Copyright (c) 2005 - 2008 Kungliga Tekniska H��gskolan 455682Smarkm# (Royal Institute of Technology, Stockholm, Sweden). 555682Smarkm# All rights reserved. 655682Smarkm# 755682Smarkm# Redistribution and use in source and binary forms, with or without 855682Smarkm# modification, are permitted provided that the following conditions 955682Smarkm# are met: 1055682Smarkm# 1155682Smarkm# 1. Redistributions of source code must retain the above copyright 1255682Smarkm# notice, this list of conditions and the following disclaimer. 1355682Smarkm# 1455682Smarkm# 2. Redistributions in binary form must reproduce the above copyright 1555682Smarkm# notice, this list of conditions and the following disclaimer in the 1655682Smarkm# documentation and/or other materials provided with the distribution. 1755682Smarkm# 1855682Smarkm# 3. Neither the name of the Institute nor the names of its contributors 1955682Smarkm# may be used to endorse or promote products derived from this software 2055682Smarkm# without specific prior written permission. 2155682Smarkm# 2255682Smarkm# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 2355682Smarkm# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 2455682Smarkm# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 2555682Smarkm# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 2655682Smarkm# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 2755682Smarkm# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2855682Smarkm# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2955682Smarkm# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 3055682Smarkm# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 3155682Smarkm# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 3255682Smarkm# SUCH DAMAGE. 3355682Smarkm# 3455682Smarkm# $Id$ 3555682Smarkm# 36178825Sdfr 3755682Smarkmsrcdir="@srcdir@" 3855682Smarkmobjdir="@objdir@" 3955682Smarkm 4055682Smarkmstat="--statistic-file=${objdir}/statfile" 4155682Smarkm 4278527Sassarhxtool="${TESTS_ENVIRONMENT} ./hxtool ${stat}" 4378527Sassar 4478527Sassarecho "try printing" 4578527Sassar${hxtool} print \ 4678527Sassar --pass=PASS:foobar \ 4778527Sassar --info --content \ 4878527Sassar PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null || exit 1 4978527Sassar 5078527Sassarecho "try printing" 5178527Sassar${hxtool} print \ 5278527Sassar --pass=PASS:foobar \ 53178825Sdfr --info --content \ 54178825Sdfr FILE:$srcdir/data/kdc.crt >/dev/null 2>/dev/null || exit 1 55178825Sdfr 56178825Sdfr${hxtool} print \ 57178825Sdfr --pass=PASS:foobar \ 58178825Sdfr --info \ 5955682Smarkm PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null || exit 1 60178825Sdfr 61178825Sdfrecho "make sure entry is found (friendlyname)" 6255682Smarkm${hxtool} query \ 6355682Smarkm --pass=PASS:foobar \ 6455682Smarkm --friendlyname=friendlyname-test \ 6578527Sassar PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null || exit 1 6655682Smarkm 67178825Sdfrecho "make sure entry is not found (friendlyname)" 6855682Smarkm${hxtool} query \ 6978527Sassar --pass=PASS:foobar \ 7078527Sassar --friendlyname=friendlyname-test-not \ 7178527Sassar PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null && exit 1 7278527Sassar 7378527Sassarecho "make sure entry is found (eku)" 7478527Sassar${hxtool} query \ 7578527Sassar --eku=1.3.6.1.5.2.3.5 \ 7678527Sassar FILE:$srcdir/data/kdc.crt >/dev/null 2>/dev/null || exit 1 7778527Sassar 7855682Smarkmecho "make sure entry is not found (eku)" 7978527Sassar${hxtool} query \ 8078527Sassar --eku=1.3.6.1.5.2.3.6 \ 8178527Sassar FILE:$srcdir/data/kdc.crt >/dev/null 2>/dev/null && exit 1 8278527Sassar 8378527Sassarecho "make sure entry is found (friendlyname, no-pw)" 8478527Sassar${hxtool} query \ 8578527Sassar --friendlyname=friendlyname-cert \ 8678527Sassar PKCS12:$srcdir/data/test-nopw.p12 >/dev/null 2>/dev/null || exit 1 8778527Sassar 8878527Sassarecho "check for ca cert (friendlyname)" 8978527Sassar${hxtool} query \ 9078527Sassar --pass=PASS:foobar \ 9178527Sassar --friendlyname=ca \ 9255682Smarkm PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null || exit 1 9355682Smarkm 9455682Smarkmecho "make sure entry is not found (friendlyname)" 9555682Smarkm${hxtool} query \ 96178825Sdfr --pass=PASS:foobar \ 97178825Sdfr --friendlyname=friendlyname-test \ 98178825Sdfr PKCS12:$srcdir/data/sub-cert.p12 >/dev/null 2>/dev/null && exit 1 99178825Sdfr 100178825Sdfrecho "make sure entry is found (friendlyname|private key)" 101178825Sdfr${hxtool} query \ 102178825Sdfr --pass=PASS:foobar \ 103178825Sdfr --friendlyname=friendlyname-test \ 104178825Sdfr --private-key \ 105178825Sdfr PKCS12:$srcdir/data/test.p12 > /dev/null || exit 1 106178825Sdfr 107178825Sdfrecho "make sure entry is not found (friendlyname|private key)" 108178825Sdfr${hxtool} query \ 109178825Sdfr --pass=PASS:foobar \ 110178825Sdfr --friendlyname=ca \ 111178825Sdfr --private-key \ 112178825Sdfr PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null && exit 1 113178825Sdfr 114178825Sdfrecho "make sure entry is found (cert ds)" 115178825Sdfr${hxtool} query \ 116 --digitalSignature \ 117 FILE:$srcdir/data/test.crt >/dev/null 2>/dev/null || exit 1 118 119echo "make sure entry is found (cert ke)" 120${hxtool} query \ 121 --keyEncipherment \ 122 FILE:$srcdir/data/test.crt >/dev/null 2>/dev/null || exit 1 123 124echo "make sure entry is found (cert ke + ds)" 125${hxtool} query \ 126 --digitalSignature \ 127 --keyEncipherment \ 128 FILE:$srcdir/data/test.crt >/dev/null 2>/dev/null || exit 1 129 130echo "make sure entry is found (cert-ds ds)" 131${hxtool} query \ 132 --digitalSignature \ 133 FILE:$srcdir/data/test-ds-only.crt >/dev/null 2>/dev/null || exit 1 134 135echo "make sure entry is not found (cert-ds ke)" 136${hxtool} query \ 137 --keyEncipherment \ 138 FILE:$srcdir/data/test-ds-only.crt >/dev/null 2>/dev/null && exit 1 139 140echo "make sure entry is not found (cert-ds ke + ds)" 141${hxtool} query \ 142 --digitalSignature \ 143 --keyEncipherment \ 144 FILE:$srcdir/data/test-ds-only.crt >/dev/null 2>/dev/null && exit 1 145 146echo "make sure entry is not found (cert-ke ds)" 147${hxtool} query \ 148 --digitalSignature \ 149 FILE:$srcdir/data/test-ke-only.crt >/dev/null 2>/dev/null && exit 1 150 151echo "make sure entry is found (cert-ke ke)" 152${hxtool} query \ 153 --keyEncipherment \ 154 FILE:$srcdir/data/test-ke-only.crt >/dev/null 2>/dev/null || exit 1 155 156echo "make sure entry is not found (cert-ke ke + ds)" 157${hxtool} query \ 158 --digitalSignature \ 159 --keyEncipherment \ 160 FILE:$srcdir/data/test-ke-only.crt >/dev/null 2>/dev/null && exit 1 161 162echo "make sure entry is found (eku) in query language" 163${hxtool} query \ 164 --expr='"1.3.6.1.5.2.3.5" IN %{certificate.eku}' \ 165 FILE:$srcdir/data/kdc.crt > /dev/null || exit 1 166 167echo "make sure entry is not found (eku) in query language" 168${hxtool} query \ 169 --expr='"1.3.6.1.5.2.3.6" IN %{certificate.eku}' \ 170 FILE:$srcdir/data/kdc.crt > /dev/null && exit 1 171 172echo "make sure entry is found (subject) in query language" 173${hxtool} query \ 174 --expr='%{certificate.subject} == "CN=kdc,C=SE"' \ 175 FILE:$srcdir/data/kdc.crt > /dev/null || exit 1 176 177echo "make sure entry is found using TAILMATCH (subject) in query language" 178${hxtool} query \ 179 --expr='%{certificate.subject} TAILMATCH "C=SE"' \ 180 FILE:$srcdir/data/kdc.crt > /dev/null || exit 1 181 182echo "make sure entry is not found using TAILMATCH (subject) in query language" 183${hxtool} query \ 184 --expr='%{certificate.subject} TAILMATCH "C=FI"' \ 185 FILE:$srcdir/data/kdc.crt > /dev/null && exit 1 186 187echo "make sure entry is found (issuer) in query language" 188${hxtool} query \ 189 --expr='%{certificate.issuer} == "C=SE,CN=hx509 Test Root CA"' \ 190 FILE:$srcdir/data/kdc.crt > /dev/null || exit 1 191 192echo "make sure entry match with EKU and TAILMATCH in query language" 193${hxtool} query \ 194 --expr='"1.3.6.1.5.2.3.5" IN %{certificate.eku} AND %{certificate.subject} TAILMATCH "C=SE"' \ 195 FILE:$srcdir/data/kdc.crt > /dev/null || exit 1 196 197echo "make sure entry match with hash.sha1" 198${hxtool} query \ 199 --expr='"%{certificate.hash.sha1}EQ "412120212A2CBFD777DE5499ECB4724345F33F16"' \ 200 FILE:$srcdir/data/kdc.crt > /dev/null || exit 1 201 202 203exit 0 204