test_crypto.in revision 178825 
155714Skris#!/bin/sh
255714Skris#
355714Skris# Copyright (c) 2006 Kungliga Tekniska H�gskolan
455714Skris# (Royal Institute of Technology, Stockholm, Sweden). 
555714Skris# All rights reserved. 
655714Skris#
755714Skris# Redistribution and use in source and binary forms, with or without 
855714Skris# modification, are permitted provided that the following conditions 
955714Skris# are met: 
1055714Skris#
1155714Skris# 1. Redistributions of source code must retain the above copyright 
1255714Skris#    notice, this list of conditions and the following disclaimer. 
1355714Skris#
1455714Skris# 2. Redistributions in binary form must reproduce the above copyright 
1555714Skris#    notice, this list of conditions and the following disclaimer in the 
1655714Skris#    documentation and/or other materials provided with the distribution. 
1755714Skris#
1855714Skris# 3. Neither the name of the Institute nor the names of its contributors 
1955714Skris#    may be used to endorse or promote products derived from this software 
2055714Skris#    without specific prior written permission. 
21109998Smarkm#
2255714Skris# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
2355714Skris# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
24109998Smarkm# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
2555714Skris# ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
2655714Skris# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
2755714Skris# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
2855714Skris# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
2955714Skris# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
3055714Skris# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
3155714Skris# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
3255714Skris# SUCH DAMAGE. 
3355714Skris#
3455714Skris# $Id: test_crypto.in 20898 2007-06-04 23:07:46Z lha $
3555714Skris#
3655714Skris
3755714Skrissrcdir="@srcdir@"
3855714Skrisobjdir="@objdir@"
3955714Skris
4055714Skrisstat="--statistic-file=${objdir}/statfile"
4155714Skris
4255714Skrishxtool="${TESTS_ENVIRONMENT} ./hxtool ${stat}"
4355714Skris
4455714Skrisif ${hxtool} info | grep 'rsa: hcrypto null RSA' > /dev/null ; then
4555714Skris    exit 77
4655714Skrisfi
4755714Skrisif ${hxtool} info | grep 'rand: not available' > /dev/null ; then
4855714Skris    exit 77
4955714Skrisfi
5055714Skris
5176866Skris
5255714Skrisecho "Bleichenbacher good cert (from eay)"
5368651Skris${hxtool} verify --missing-revoke \
5476866Skris    --time=2006-09-25 \
5576866Skris    cert:FILE:$srcdir/data/bleichenbacher-good.pem \
5676866Skris    anchor:FILE:$srcdir/data/bleichenbacher-good.pem > /dev/null || exit 1
57109998Smarkm
58109998Smarkmecho "Bleichenbacher bad cert (from eay)"
59109998Smarkm${hxtool} verify --missing-revoke \
60109998Smarkm    --time=2006-09-25 \
61109998Smarkm    cert:FILE:$srcdir/data/bleichenbacher-bad.pem \
62109998Smarkm    anchor:FILE:$srcdir/data/bleichenbacher-bad.pem > /dev/null && exit 1
63109998Smarkm
64109998Smarkmecho "Bleichenbacher good cert (from yutaka)"
65109998Smarkm${hxtool} verify --missing-revoke \
66109998Smarkm    --time=2006-09-25 \
6776866Skris    cert:FILE:$srcdir/data/yutaka-pad-ok-cert.pem \
6868651Skris    anchor:FILE:$srcdir/data/yutaka-pad-ok-ca.pem > /dev/null || exit 1
6955714Skris
70echo "Bleichenbacher bad cert (from yutaka)"
71${hxtool} verify --missing-revoke \
72    --time=2006-09-25 \
73    cert:FILE:$srcdir/data/yutaka-pad-broken-cert.pem \
74    anchor:FILE:$srcdir/data/yutaka-pad-broken-ca.pem > /dev/null && exit 1
75
76# Ralf-Philipp Weinmann <weinmann@cdc.informatik.tu-darmstadt.de>
77# Andrew Pyshkin <pychkine@cdc.informatik.tu-darmstadt.de>
78echo "Bleichenbacher bad cert (sf pad correct)"
79${hxtool} verify --missing-revoke \
80    --time=2006-09-25 \
81    cert:FILE:$srcdir/data/bleichenbacher-sf-pad-correct.pem \
82    anchor:FILE:$srcdir/data/sf-class2-root.pem > /dev/null && exit 1
83
84echo Read 50 kilobyte random data
85${hxtool} random-data 50kilobyte > random-data || exit 1
86
87echo "crypto select1"
88${hxtool} crypto-select > test || { echo "select1"; exit 1; }
89cmp test ${srcdir}/tst-crypto-select1 > /dev/null || \
90	{ echo "select1 failure"; exit 1; }
91
92echo "crypto select1"
93${hxtool} crypto-select --type=digest > test || { echo "select1"; exit 1; }
94cmp test ${srcdir}/tst-crypto-select1 > /dev/null || \
95	{ echo "select1 failure"; exit 1; }
96
97echo "crypto select2"
98${hxtool} crypto-select --type=public-sig > test || { echo "select2"; exit 1; }
99cmp test ${srcdir}/tst-crypto-select2 > /dev/null || \
100	{ echo "select2 failure"; exit 1; }
101
102echo "crypto select3"
103${hxtool} crypto-select \
104	--type=public-sig \
105	--peer-cmstype=1.2.840.113549.1.1.4 \
106	 > test || { echo "select3"; exit 1; }
107cmp test ${srcdir}/tst-crypto-select3 > /dev/null || \
108	{ echo "select3 failure"; exit 1; }
109
110echo "crypto select4"
111${hxtool} crypto-select \
112	--type=public-sig \
113	--peer-cmstype=1.2.840.113549.1.1.5 \
114	--peer-cmstype=1.2.840.113549.1.1.4 \
115	 > test || { echo "select4"; exit 1; }
116cmp test ${srcdir}/tst-crypto-select4 > /dev/null || \
117	{ echo "select4 failure"; exit 1; }
118
119echo "crypto select5"
120${hxtool} crypto-select \
121	--type=public-sig \
122	--peer-cmstype=1.2.840.113549.1.1.11 \
123	--peer-cmstype=1.2.840.113549.1.1.5 \
124	 > test || { echo "select5"; exit 1; }
125cmp test ${srcdir}/tst-crypto-select5 > /dev/null || \
126	{ echo "select5 failure"; exit 1; }
127
128echo "crypto select6"
129${hxtool} crypto-select \
130	--type=public-sig \
131	--peer-cmstype=1.2.840.113549.2.5 \
132	--peer-cmstype=1.2.840.113549.1.1.5 \
133	 > test || { echo "select6"; exit 1; }
134cmp test ${srcdir}/tst-crypto-select6 > /dev/null || \
135	{ echo "select6 failure"; exit 1; }
136
137echo "crypto select7"
138${hxtool} crypto-select \
139	--type=secret \
140	--peer-cmstype=2.16.840.1.101.3.4.1.42 \
141	--peer-cmstype=1.2.840.113549.3.7 \
142	--peer-cmstype=1.2.840.113549.1.1.5 \
143	 > test || { echo "select7"; exit 1; }
144cmp test ${srcdir}/tst-crypto-select7 > /dev/null || \
145	{ echo "select7 failure"; exit 1; }
146
147echo "crypto available1"
148${hxtool} crypto-available \
149	--type=all \
150	> test || { echo "available1"; exit 1; }
151cmp test ${srcdir}/tst-crypto-available1 > /dev/null || \
152	{ echo "available1 failure"; exit 1; }
153
154echo "crypto available2"
155${hxtool} crypto-available \
156	--type=digest \
157	> test || { echo "available2"; exit 1; }
158cmp test ${srcdir}/tst-crypto-available2 > /dev/null || \
159	{ echo "available2 failure"; exit 1; }
160
161echo "crypto available3"
162${hxtool} crypto-available \
163	--type=public-sig \
164	> test || { echo "available3"; exit 1; }
165cmp test ${srcdir}/tst-crypto-available3 > /dev/null || \
166	{ echo "available3 failure"; exit 1; }
167
168echo "copy keystore FILE existing -> FILE"
169${hxtool} certificate-copy \
170    FILE:${srcdir}/data/test.crt,${srcdir}/data/test.key \
171    FILE:out.pem || exit 1
172
173echo "copy keystore FILE -> FILE"
174${hxtool} certificate-copy \
175    FILE:out.pem \
176    FILE:out2.pem || exit 1
177
178echo "copy keystore FILE -> PKCS12"
179${hxtool} certificate-copy \
180    FILE:out.pem \
181    PKCS12:out2.pem || exit 1
182
183echo "print certificate with utf8"
184${hxtool} print \
185	FILE:$srcdir/data/j.pem >/dev/null 2>/dev/null || exit 1
186
187exit 0
188