1178825Sdfr#!/bin/sh
2178825Sdfr#
3233294Sstas# Copyright (c) 2005 - 2008 Kungliga Tekniska H��gskolan
4178825Sdfr# (Royal Institute of Technology, Stockholm, Sweden). 
5178825Sdfr# All rights reserved. 
6178825Sdfr#
7178825Sdfr# Redistribution and use in source and binary forms, with or without 
8178825Sdfr# modification, are permitted provided that the following conditions 
9178825Sdfr# are met: 
10178825Sdfr#
11178825Sdfr# 1. Redistributions of source code must retain the above copyright 
12178825Sdfr#    notice, this list of conditions and the following disclaimer. 
13178825Sdfr#
14178825Sdfr# 2. Redistributions in binary form must reproduce the above copyright 
15178825Sdfr#    notice, this list of conditions and the following disclaimer in the 
16178825Sdfr#    documentation and/or other materials provided with the distribution. 
17178825Sdfr#
18178825Sdfr# 3. Neither the name of the Institute nor the names of its contributors 
19178825Sdfr#    may be used to endorse or promote products derived from this software 
20178825Sdfr#    without specific prior written permission. 
21178825Sdfr#
22178825Sdfr# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
23178825Sdfr# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
24178825Sdfr# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
25178825Sdfr# ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
26178825Sdfr# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
27178825Sdfr# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
28178825Sdfr# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
29178825Sdfr# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
30178825Sdfr# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
31178825Sdfr# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
32178825Sdfr# SUCH DAMAGE. 
33178825Sdfr#
34233294Sstas# $Id$
35178825Sdfr#
36178825Sdfr
37178825Sdfrsrcdir="@srcdir@"
38178825Sdfrobjdir="@objdir@"
39178825Sdfr
40178825Sdfrstat="--statistic-file=${objdir}/statfile"
41178825Sdfr
42178825Sdfrhxtool="${TESTS_ENVIRONMENT} ./hxtool ${stat}"
43178825Sdfr
44178825Sdfrecho "try printing"
45178825Sdfr${hxtool} print \
46178825Sdfr	--pass=PASS:foobar \
47233294Sstas        --info --content \
48178825Sdfr	PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null || exit 1
49178825Sdfr
50233294Sstasecho "try printing"
51178825Sdfr${hxtool} print \
52178825Sdfr	--pass=PASS:foobar \
53233294Sstas        --info --content \
54233294Sstas	FILE:$srcdir/data/kdc.crt  >/dev/null 2>/dev/null || exit 1
55233294Sstas
56233294Sstas${hxtool} print \
57233294Sstas	--pass=PASS:foobar \
58178825Sdfr	--info \
59178825Sdfr	PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null || exit 1
60178825Sdfr
61178825Sdfrecho "make sure entry is found (friendlyname)"
62178825Sdfr${hxtool} query \
63178825Sdfr	--pass=PASS:foobar \
64178825Sdfr	--friendlyname=friendlyname-test  \
65178825Sdfr	PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null || exit 1
66178825Sdfr
67178825Sdfrecho "make sure entry is not found  (friendlyname)"
68178825Sdfr${hxtool} query \
69178825Sdfr	--pass=PASS:foobar \
70178825Sdfr	--friendlyname=friendlyname-test-not  \
71178825Sdfr	PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null && exit 1
72178825Sdfr
73233294Sstasecho "make sure entry is found (eku)"
74233294Sstas${hxtool} query \
75233294Sstas	--eku=1.3.6.1.5.2.3.5  \
76233294Sstas	FILE:$srcdir/data/kdc.crt  >/dev/null 2>/dev/null || exit 1
77233294Sstas
78233294Sstasecho "make sure entry is not found  (eku)"
79233294Sstas${hxtool} query \
80233294Sstas	--eku=1.3.6.1.5.2.3.6  \
81233294Sstas	FILE:$srcdir/data/kdc.crt >/dev/null 2>/dev/null && exit 1
82233294Sstas
83178825Sdfrecho "make sure entry is found (friendlyname, no-pw)"
84178825Sdfr${hxtool} query \
85178825Sdfr	--friendlyname=friendlyname-cert  \
86178825Sdfr	PKCS12:$srcdir/data/test-nopw.p12 >/dev/null 2>/dev/null || exit 1
87178825Sdfr
88178825Sdfrecho "check for ca cert (friendlyname)"
89178825Sdfr${hxtool} query \
90178825Sdfr	--pass=PASS:foobar \
91178825Sdfr	--friendlyname=ca  \
92178825Sdfr	PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null || exit 1
93178825Sdfr
94178825Sdfrecho "make sure entry is not found (friendlyname)"
95178825Sdfr${hxtool} query \
96178825Sdfr	--pass=PASS:foobar \
97178825Sdfr	--friendlyname=friendlyname-test \
98178825Sdfr	PKCS12:$srcdir/data/sub-cert.p12 >/dev/null 2>/dev/null && exit 1
99178825Sdfr
100178825Sdfrecho "make sure entry is found (friendlyname|private key)"
101178825Sdfr${hxtool} query \
102178825Sdfr	--pass=PASS:foobar \
103178825Sdfr	--friendlyname=friendlyname-test  \
104178825Sdfr	--private-key \
105178825Sdfr	PKCS12:$srcdir/data/test.p12 > /dev/null || exit 1
106178825Sdfr
107178825Sdfrecho "make sure entry is not found (friendlyname|private key)"
108178825Sdfr${hxtool} query \
109178825Sdfr	--pass=PASS:foobar \
110178825Sdfr	--friendlyname=ca  \
111178825Sdfr	--private-key \
112178825Sdfr	PKCS12:$srcdir/data/test.p12 >/dev/null 2>/dev/null && exit 1
113178825Sdfr
114178825Sdfrecho "make sure entry is found (cert ds)"
115178825Sdfr${hxtool} query \
116178825Sdfr	--digitalSignature \
117178825Sdfr	FILE:$srcdir/data/test.crt >/dev/null 2>/dev/null || exit 1
118178825Sdfr
119178825Sdfrecho "make sure entry is found (cert ke)"
120178825Sdfr${hxtool} query \
121178825Sdfr	--keyEncipherment \
122178825Sdfr	FILE:$srcdir/data/test.crt >/dev/null 2>/dev/null || exit 1
123178825Sdfr
124178825Sdfrecho "make sure entry is found (cert ke + ds)"
125178825Sdfr${hxtool} query \
126178825Sdfr	--digitalSignature \
127178825Sdfr	--keyEncipherment \
128178825Sdfr	FILE:$srcdir/data/test.crt >/dev/null 2>/dev/null || exit 1
129178825Sdfr
130178825Sdfrecho "make sure entry is found (cert-ds ds)"
131178825Sdfr${hxtool} query \
132178825Sdfr	--digitalSignature \
133178825Sdfr	FILE:$srcdir/data/test-ds-only.crt >/dev/null 2>/dev/null || exit 1
134178825Sdfr
135178825Sdfrecho "make sure entry is not found (cert-ds ke)"
136178825Sdfr${hxtool} query \
137178825Sdfr	--keyEncipherment \
138178825Sdfr	FILE:$srcdir/data/test-ds-only.crt >/dev/null 2>/dev/null && exit 1
139178825Sdfr
140178825Sdfrecho "make sure entry is not found (cert-ds ke + ds)"
141178825Sdfr${hxtool} query \
142178825Sdfr	--digitalSignature \
143178825Sdfr	--keyEncipherment \
144178825Sdfr	FILE:$srcdir/data/test-ds-only.crt >/dev/null 2>/dev/null && exit 1
145178825Sdfr
146178825Sdfrecho "make sure entry is not found (cert-ke ds)"
147178825Sdfr${hxtool} query \
148178825Sdfr	--digitalSignature \
149178825Sdfr	FILE:$srcdir/data/test-ke-only.crt >/dev/null 2>/dev/null && exit 1
150178825Sdfr
151178825Sdfrecho "make sure entry is found (cert-ke ke)"
152178825Sdfr${hxtool} query \
153178825Sdfr	--keyEncipherment \
154178825Sdfr	FILE:$srcdir/data/test-ke-only.crt >/dev/null 2>/dev/null || exit 1
155178825Sdfr
156178825Sdfrecho "make sure entry is not found (cert-ke ke + ds)"
157178825Sdfr${hxtool} query \
158178825Sdfr	--digitalSignature \
159178825Sdfr	--keyEncipherment \
160178825Sdfr	FILE:$srcdir/data/test-ke-only.crt >/dev/null 2>/dev/null && exit 1
161178825Sdfr
162233294Sstasecho "make sure entry is found (eku) in query language"
163233294Sstas${hxtool} query \
164233294Sstas	--expr='"1.3.6.1.5.2.3.5" IN %{certificate.eku}'  \
165233294Sstas	FILE:$srcdir/data/kdc.crt > /dev/null || exit 1
166233294Sstas
167233294Sstasecho "make sure entry is not found (eku) in query language"
168233294Sstas${hxtool} query \
169233294Sstas	--expr='"1.3.6.1.5.2.3.6" IN %{certificate.eku}'  \
170233294Sstas	FILE:$srcdir/data/kdc.crt > /dev/null && exit 1
171233294Sstas
172233294Sstasecho "make sure entry is found (subject) in query language"
173233294Sstas${hxtool} query \
174233294Sstas	--expr='%{certificate.subject} == "CN=kdc,C=SE"'  \
175233294Sstas	FILE:$srcdir/data/kdc.crt > /dev/null || exit 1
176233294Sstas
177233294Sstasecho "make sure entry is found using TAILMATCH (subject) in query language"
178233294Sstas${hxtool} query \
179233294Sstas	--expr='%{certificate.subject} TAILMATCH "C=SE"'  \
180233294Sstas	FILE:$srcdir/data/kdc.crt > /dev/null || exit 1
181233294Sstas
182233294Sstasecho "make sure entry is not found using TAILMATCH (subject) in query language"
183233294Sstas${hxtool} query \
184233294Sstas	--expr='%{certificate.subject} TAILMATCH "C=FI"'  \
185233294Sstas	FILE:$srcdir/data/kdc.crt > /dev/null && exit 1
186233294Sstas
187233294Sstasecho "make sure entry is found (issuer) in query language"
188233294Sstas${hxtool} query \
189233294Sstas	--expr='%{certificate.issuer} == "C=SE,CN=hx509 Test Root CA"'  \
190233294Sstas	FILE:$srcdir/data/kdc.crt > /dev/null || exit 1
191233294Sstas
192233294Sstasecho "make sure entry match with EKU and TAILMATCH in query language"
193233294Sstas${hxtool} query \
194233294Sstas	--expr='"1.3.6.1.5.2.3.5" IN %{certificate.eku} AND %{certificate.subject} TAILMATCH "C=SE"'  \
195233294Sstas	FILE:$srcdir/data/kdc.crt > /dev/null || exit 1
196233294Sstas
197233294Sstasecho "make sure entry match with hash.sha1"
198233294Sstas${hxtool} query \
199233294Sstas	--expr='"%{certificate.hash.sha1}EQ "412120212A2CBFD777DE5499ECB4724345F33F16"' \
200233294Sstas	FILE:$srcdir/data/kdc.crt > /dev/null || exit 1
201233294Sstas
202233294Sstas
203178825Sdfrexit 0
204