1178825Sdfr#!/bin/sh
2178825Sdfr#
3233294Sstas# Copyright (c) 2006 Kungliga Tekniska H��gskolan
4178825Sdfr# (Royal Institute of Technology, Stockholm, Sweden). 
5178825Sdfr# All rights reserved. 
6178825Sdfr#
7178825Sdfr# Redistribution and use in source and binary forms, with or without 
8178825Sdfr# modification, are permitted provided that the following conditions 
9178825Sdfr# are met: 
10178825Sdfr#
11178825Sdfr# 1. Redistributions of source code must retain the above copyright 
12178825Sdfr#    notice, this list of conditions and the following disclaimer. 
13178825Sdfr#
14178825Sdfr# 2. Redistributions in binary form must reproduce the above copyright 
15178825Sdfr#    notice, this list of conditions and the following disclaimer in the 
16178825Sdfr#    documentation and/or other materials provided with the distribution. 
17178825Sdfr#
18178825Sdfr# 3. Neither the name of the Institute nor the names of its contributors 
19178825Sdfr#    may be used to endorse or promote products derived from this software 
20178825Sdfr#    without specific prior written permission. 
21178825Sdfr#
22178825Sdfr# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
23178825Sdfr# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
24178825Sdfr# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
25178825Sdfr# ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
26178825Sdfr# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
27178825Sdfr# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
28178825Sdfr# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
29178825Sdfr# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
30178825Sdfr# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
31178825Sdfr# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
32178825Sdfr# SUCH DAMAGE. 
33178825Sdfr#
34233294Sstas# $Id$
35178825Sdfr#
36178825Sdfr
37178825Sdfrsrcdir="@srcdir@"
38178825Sdfrobjdir="@objdir@"
39178825Sdfr
40178825Sdfrstat="--statistic-file=${objdir}/statfile"
41178825Sdfr
42178825Sdfrhxtool="${TESTS_ENVIRONMENT} ./hxtool ${stat}"
43178825Sdfr
44178825Sdfrif ${hxtool} info | grep 'rsa: hcrypto null RSA' > /dev/null ; then
45178825Sdfr    exit 77
46178825Sdfrfi
47178825Sdfrif ${hxtool} info | grep 'rand: not available' > /dev/null ; then
48178825Sdfr    exit 77
49178825Sdfrfi
50178825Sdfr
51178825Sdfr
52178825Sdfrecho "Bleichenbacher good cert (from eay)"
53178825Sdfr${hxtool} verify --missing-revoke \
54178825Sdfr    --time=2006-09-25 \
55178825Sdfr    cert:FILE:$srcdir/data/bleichenbacher-good.pem \
56178825Sdfr    anchor:FILE:$srcdir/data/bleichenbacher-good.pem > /dev/null || exit 1
57178825Sdfr
58178825Sdfrecho "Bleichenbacher bad cert (from eay)"
59178825Sdfr${hxtool} verify --missing-revoke \
60178825Sdfr    --time=2006-09-25 \
61178825Sdfr    cert:FILE:$srcdir/data/bleichenbacher-bad.pem \
62178825Sdfr    anchor:FILE:$srcdir/data/bleichenbacher-bad.pem > /dev/null && exit 1
63178825Sdfr
64178825Sdfrecho "Bleichenbacher good cert (from yutaka)"
65178825Sdfr${hxtool} verify --missing-revoke \
66178825Sdfr    --time=2006-09-25 \
67178825Sdfr    cert:FILE:$srcdir/data/yutaka-pad-ok-cert.pem \
68178825Sdfr    anchor:FILE:$srcdir/data/yutaka-pad-ok-ca.pem > /dev/null || exit 1
69178825Sdfr
70178825Sdfrecho "Bleichenbacher bad cert (from yutaka)"
71178825Sdfr${hxtool} verify --missing-revoke \
72178825Sdfr    --time=2006-09-25 \
73178825Sdfr    cert:FILE:$srcdir/data/yutaka-pad-broken-cert.pem \
74178825Sdfr    anchor:FILE:$srcdir/data/yutaka-pad-broken-ca.pem > /dev/null && exit 1
75178825Sdfr
76178825Sdfr# Ralf-Philipp Weinmann <weinmann@cdc.informatik.tu-darmstadt.de>
77178825Sdfr# Andrew Pyshkin <pychkine@cdc.informatik.tu-darmstadt.de>
78178825Sdfrecho "Bleichenbacher bad cert (sf pad correct)"
79178825Sdfr${hxtool} verify --missing-revoke \
80178825Sdfr    --time=2006-09-25 \
81178825Sdfr    cert:FILE:$srcdir/data/bleichenbacher-sf-pad-correct.pem \
82178825Sdfr    anchor:FILE:$srcdir/data/sf-class2-root.pem > /dev/null && exit 1
83178825Sdfr
84178825Sdfrecho Read 50 kilobyte random data
85178825Sdfr${hxtool} random-data 50kilobyte > random-data || exit 1
86178825Sdfr
87178825Sdfrecho "crypto select1"
88178825Sdfr${hxtool} crypto-select > test || { echo "select1"; exit 1; }
89178825Sdfrcmp test ${srcdir}/tst-crypto-select1 > /dev/null || \
90178825Sdfr	{ echo "select1 failure"; exit 1; }
91178825Sdfr
92178825Sdfrecho "crypto select1"
93178825Sdfr${hxtool} crypto-select --type=digest > test || { echo "select1"; exit 1; }
94178825Sdfrcmp test ${srcdir}/tst-crypto-select1 > /dev/null || \
95178825Sdfr	{ echo "select1 failure"; exit 1; }
96178825Sdfr
97178825Sdfrecho "crypto select2"
98178825Sdfr${hxtool} crypto-select --type=public-sig > test || { echo "select2"; exit 1; }
99178825Sdfrcmp test ${srcdir}/tst-crypto-select2 > /dev/null || \
100178825Sdfr	{ echo "select2 failure"; exit 1; }
101178825Sdfr
102178825Sdfrecho "crypto select3"
103178825Sdfr${hxtool} crypto-select \
104178825Sdfr	--type=public-sig \
105178825Sdfr	--peer-cmstype=1.2.840.113549.1.1.4 \
106178825Sdfr	 > test || { echo "select3"; exit 1; }
107178825Sdfrcmp test ${srcdir}/tst-crypto-select3 > /dev/null || \
108178825Sdfr	{ echo "select3 failure"; exit 1; }
109178825Sdfr
110178825Sdfrecho "crypto select4"
111178825Sdfr${hxtool} crypto-select \
112178825Sdfr	--type=public-sig \
113178825Sdfr	--peer-cmstype=1.2.840.113549.1.1.5 \
114178825Sdfr	--peer-cmstype=1.2.840.113549.1.1.4 \
115178825Sdfr	 > test || { echo "select4"; exit 1; }
116178825Sdfrcmp test ${srcdir}/tst-crypto-select4 > /dev/null || \
117178825Sdfr	{ echo "select4 failure"; exit 1; }
118178825Sdfr
119178825Sdfrecho "crypto select5"
120178825Sdfr${hxtool} crypto-select \
121178825Sdfr	--type=public-sig \
122178825Sdfr	--peer-cmstype=1.2.840.113549.1.1.11 \
123178825Sdfr	--peer-cmstype=1.2.840.113549.1.1.5 \
124178825Sdfr	 > test || { echo "select5"; exit 1; }
125178825Sdfrcmp test ${srcdir}/tst-crypto-select5 > /dev/null || \
126178825Sdfr	{ echo "select5 failure"; exit 1; }
127178825Sdfr
128178825Sdfrecho "crypto select6"
129178825Sdfr${hxtool} crypto-select \
130178825Sdfr	--type=public-sig \
131178825Sdfr	--peer-cmstype=1.2.840.113549.2.5 \
132178825Sdfr	--peer-cmstype=1.2.840.113549.1.1.5 \
133178825Sdfr	 > test || { echo "select6"; exit 1; }
134178825Sdfrcmp test ${srcdir}/tst-crypto-select6 > /dev/null || \
135178825Sdfr	{ echo "select6 failure"; exit 1; }
136178825Sdfr
137178825Sdfrecho "crypto select7"
138178825Sdfr${hxtool} crypto-select \
139178825Sdfr	--type=secret \
140178825Sdfr	--peer-cmstype=2.16.840.1.101.3.4.1.42 \
141178825Sdfr	--peer-cmstype=1.2.840.113549.3.7 \
142178825Sdfr	--peer-cmstype=1.2.840.113549.1.1.5 \
143178825Sdfr	 > test || { echo "select7"; exit 1; }
144178825Sdfrcmp test ${srcdir}/tst-crypto-select7 > /dev/null || \
145178825Sdfr	{ echo "select7 failure"; exit 1; }
146178825Sdfr
147233294Sstas#echo "crypto available1"
148233294Sstas#${hxtool} crypto-available \
149233294Sstas#	--type=all \
150233294Sstas#	> test || { echo "available1"; exit 1; }
151233294Sstas#cmp test ${srcdir}/tst-crypto-available1 > /dev/null || \
152233294Sstas#	{ echo "available1 failure"; exit 1; }
153178825Sdfr
154178825Sdfrecho "crypto available2"
155178825Sdfr${hxtool} crypto-available \
156178825Sdfr	--type=digest \
157178825Sdfr	> test || { echo "available2"; exit 1; }
158178825Sdfrcmp test ${srcdir}/tst-crypto-available2 > /dev/null || \
159178825Sdfr	{ echo "available2 failure"; exit 1; }
160178825Sdfr
161233294Sstas#echo "crypto available3"
162233294Sstas#${hxtool} crypto-available \
163233294Sstas#	--type=public-sig \
164233294Sstas#	> test || { echo "available3"; exit 1; }
165233294Sstas#cmp test ${srcdir}/tst-crypto-available3 > /dev/null || \
166233294Sstas#	{ echo "available3 failure"; exit 1; }
167178825Sdfr
168178825Sdfrecho "copy keystore FILE existing -> FILE"
169178825Sdfr${hxtool} certificate-copy \
170178825Sdfr    FILE:${srcdir}/data/test.crt,${srcdir}/data/test.key \
171178825Sdfr    FILE:out.pem || exit 1
172178825Sdfr
173178825Sdfrecho "copy keystore FILE -> FILE"
174178825Sdfr${hxtool} certificate-copy \
175178825Sdfr    FILE:out.pem \
176178825Sdfr    FILE:out2.pem || exit 1
177178825Sdfr
178178825Sdfrecho "copy keystore FILE -> PKCS12"
179178825Sdfr${hxtool} certificate-copy \
180178825Sdfr    FILE:out.pem \
181178825Sdfr    PKCS12:out2.pem || exit 1
182178825Sdfr
183178825Sdfrecho "print certificate with utf8"
184178825Sdfr${hxtool} print \
185178825Sdfr	FILE:$srcdir/data/j.pem >/dev/null 2>/dev/null || exit 1
186178825Sdfr
187233294Sstasecho "Make sure that we can parse EC private keys"
188233294Sstas${hxtool} print --content \
189233294Sstas    FILE:$srcdir/data/pkinit-ec.crt,$srcdir/data/pkinit-ec.key \
190233294Sstas    > /dev/null || exit 1
191233294Sstas
192178825Sdfrexit 0
193