155682Smarkm#!/bin/sh
278527Sassar#
355682Smarkm# Copyright (c) 2005 - 2008 Kungliga Tekniska H��gskolan
455682Smarkm# (Royal Institute of Technology, Stockholm, Sweden). 
555682Smarkm# All rights reserved. 
655682Smarkm#
755682Smarkm# Redistribution and use in source and binary forms, with or without 
855682Smarkm# modification, are permitted provided that the following conditions 
955682Smarkm# are met: 
1055682Smarkm#
1155682Smarkm# 1. Redistributions of source code must retain the above copyright 
1255682Smarkm#    notice, this list of conditions and the following disclaimer. 
1355682Smarkm#
1455682Smarkm# 2. Redistributions in binary form must reproduce the above copyright 
1555682Smarkm#    notice, this list of conditions and the following disclaimer in the 
1655682Smarkm#    documentation and/or other materials provided with the distribution. 
1755682Smarkm#
1855682Smarkm# 3. Neither the name of the Institute nor the names of its contributors 
1955682Smarkm#    may be used to endorse or promote products derived from this software 
2055682Smarkm#    without specific prior written permission. 
2155682Smarkm#
2255682Smarkm# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
2355682Smarkm# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
2455682Smarkm# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
2555682Smarkm# ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
2655682Smarkm# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
2755682Smarkm# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
2855682Smarkm# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
2955682Smarkm# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
3055682Smarkm# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
3155682Smarkm# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
3255682Smarkm# SUCH DAMAGE. 
3355682Smarkm#
3455682Smarkm# $Id$
3555682Smarkm#
36178825Sdfr
3755682Smarkmsrcdir="@srcdir@"
3855682Smarkmobjdir="@objdir@"
3955682Smarkm
4055682Smarkmstat="--statistic-file=${objdir}/statfile"
4155682Smarkm
4278527Sassarhxtool="${TESTS_ENVIRONMENT} ./hxtool ${stat}"
4378527Sassar
4478527Sassarecho "try printing"
4578527Sassar${hxtool} print \
4678527Sassar	--pass=PASS:foobar \
4778527Sassar        --info --content \
4878527Sassar	PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null || exit 1
4978527Sassar
5078527Sassarecho "try printing"
5178527Sassar${hxtool} print \
5278527Sassar	--pass=PASS:foobar \
53178825Sdfr        --info --content \
54178825Sdfr	FILE:$srcdir/data/kdc.crt  >/dev/null 2>/dev/null || exit 1
55178825Sdfr
56178825Sdfr${hxtool} print \
57178825Sdfr	--pass=PASS:foobar \
58178825Sdfr	--info \
5955682Smarkm	PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null || exit 1
60178825Sdfr
61178825Sdfrecho "make sure entry is found (friendlyname)"
6255682Smarkm${hxtool} query \
6355682Smarkm	--pass=PASS:foobar \
6455682Smarkm	--friendlyname=friendlyname-test  \
6578527Sassar	PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null || exit 1
6655682Smarkm
67178825Sdfrecho "make sure entry is not found  (friendlyname)"
6855682Smarkm${hxtool} query \
6978527Sassar	--pass=PASS:foobar \
7078527Sassar	--friendlyname=friendlyname-test-not  \
7178527Sassar	PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null && exit 1
7278527Sassar
7378527Sassarecho "make sure entry is found (eku)"
7478527Sassar${hxtool} query \
7578527Sassar	--eku=1.3.6.1.5.2.3.5  \
7678527Sassar	FILE:$srcdir/data/kdc.crt  >/dev/null 2>/dev/null || exit 1
7778527Sassar
7855682Smarkmecho "make sure entry is not found  (eku)"
7978527Sassar${hxtool} query \
8078527Sassar	--eku=1.3.6.1.5.2.3.6  \
8178527Sassar	FILE:$srcdir/data/kdc.crt >/dev/null 2>/dev/null && exit 1
8278527Sassar
8378527Sassarecho "make sure entry is found (friendlyname, no-pw)"
8478527Sassar${hxtool} query \
8578527Sassar	--friendlyname=friendlyname-cert  \
8678527Sassar	PKCS12:$srcdir/data/test-nopw.p12 >/dev/null 2>/dev/null || exit 1
8778527Sassar
8878527Sassarecho "check for ca cert (friendlyname)"
8978527Sassar${hxtool} query \
9078527Sassar	--pass=PASS:foobar \
9178527Sassar	--friendlyname=ca  \
9255682Smarkm	PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null || exit 1
9355682Smarkm
9455682Smarkmecho "make sure entry is not found (friendlyname)"
9555682Smarkm${hxtool} query \
96178825Sdfr	--pass=PASS:foobar \
97178825Sdfr	--friendlyname=friendlyname-test \
98178825Sdfr	PKCS12:$srcdir/data/sub-cert.p12 >/dev/null 2>/dev/null && exit 1
99178825Sdfr
100178825Sdfrecho "make sure entry is found (friendlyname|private key)"
101178825Sdfr${hxtool} query \
102178825Sdfr	--pass=PASS:foobar \
103178825Sdfr	--friendlyname=friendlyname-test  \
104178825Sdfr	--private-key \
105178825Sdfr	PKCS12:$srcdir/data/test.p12 > /dev/null || exit 1
106178825Sdfr
107178825Sdfrecho "make sure entry is not found (friendlyname|private key)"
108178825Sdfr${hxtool} query \
109178825Sdfr	--pass=PASS:foobar \
110178825Sdfr	--friendlyname=ca  \
111178825Sdfr	--private-key \
112178825Sdfr	PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null && exit 1
113178825Sdfr
114178825Sdfrecho "make sure entry is found (cert ds)"
115178825Sdfr${hxtool} query \
116	--digitalSignature \
117	FILE:$srcdir/data/test.crt >/dev/null 2>/dev/null || exit 1
118
119echo "make sure entry is found (cert ke)"
120${hxtool} query \
121	--keyEncipherment \
122	FILE:$srcdir/data/test.crt >/dev/null 2>/dev/null || exit 1
123
124echo "make sure entry is found (cert ke + ds)"
125${hxtool} query \
126	--digitalSignature \
127	--keyEncipherment \
128	FILE:$srcdir/data/test.crt >/dev/null 2>/dev/null || exit 1
129
130echo "make sure entry is found (cert-ds ds)"
131${hxtool} query \
132	--digitalSignature \
133	FILE:$srcdir/data/test-ds-only.crt >/dev/null 2>/dev/null || exit 1
134
135echo "make sure entry is not found (cert-ds ke)"
136${hxtool} query \
137	--keyEncipherment \
138	FILE:$srcdir/data/test-ds-only.crt >/dev/null 2>/dev/null && exit 1
139
140echo "make sure entry is not found (cert-ds ke + ds)"
141${hxtool} query \
142	--digitalSignature \
143	--keyEncipherment \
144	FILE:$srcdir/data/test-ds-only.crt >/dev/null 2>/dev/null && exit 1
145
146echo "make sure entry is not found (cert-ke ds)"
147${hxtool} query \
148	--digitalSignature \
149	FILE:$srcdir/data/test-ke-only.crt >/dev/null 2>/dev/null && exit 1
150
151echo "make sure entry is found (cert-ke ke)"
152${hxtool} query \
153	--keyEncipherment \
154	FILE:$srcdir/data/test-ke-only.crt >/dev/null 2>/dev/null || exit 1
155
156echo "make sure entry is not found (cert-ke ke + ds)"
157${hxtool} query \
158	--digitalSignature \
159	--keyEncipherment \
160	FILE:$srcdir/data/test-ke-only.crt >/dev/null 2>/dev/null && exit 1
161
162echo "make sure entry is found (eku) in query language"
163${hxtool} query \
164	--expr='"1.3.6.1.5.2.3.5" IN %{certificate.eku}'  \
165	FILE:$srcdir/data/kdc.crt > /dev/null || exit 1
166
167echo "make sure entry is not found (eku) in query language"
168${hxtool} query \
169	--expr='"1.3.6.1.5.2.3.6" IN %{certificate.eku}'  \
170	FILE:$srcdir/data/kdc.crt > /dev/null && exit 1
171
172echo "make sure entry is found (subject) in query language"
173${hxtool} query \
174	--expr='%{certificate.subject} == "CN=kdc,C=SE"'  \
175	FILE:$srcdir/data/kdc.crt > /dev/null || exit 1
176
177echo "make sure entry is found using TAILMATCH (subject) in query language"
178${hxtool} query \
179	--expr='%{certificate.subject} TAILMATCH "C=SE"'  \
180	FILE:$srcdir/data/kdc.crt > /dev/null || exit 1
181
182echo "make sure entry is not found using TAILMATCH (subject) in query language"
183${hxtool} query \
184	--expr='%{certificate.subject} TAILMATCH "C=FI"'  \
185	FILE:$srcdir/data/kdc.crt > /dev/null && exit 1
186
187echo "make sure entry is found (issuer) in query language"
188${hxtool} query \
189	--expr='%{certificate.issuer} == "C=SE,CN=hx509 Test Root CA"'  \
190	FILE:$srcdir/data/kdc.crt > /dev/null || exit 1
191
192echo "make sure entry match with EKU and TAILMATCH in query language"
193${hxtool} query \
194	--expr='"1.3.6.1.5.2.3.5" IN %{certificate.eku} AND %{certificate.subject} TAILMATCH "C=SE"'  \
195	FILE:$srcdir/data/kdc.crt > /dev/null || exit 1
196
197echo "make sure entry match with hash.sha1"
198${hxtool} query \
199	--expr='"%{certificate.hash.sha1}EQ "412120212A2CBFD777DE5499ECB4724345F33F16"' \
200	FILE:$srcdir/data/kdc.crt > /dev/null || exit 1
201
202
203exit 0
204