This commit was manufactured by cvs2git to create tag 'OPENBSD_5_8_BASE'.OPENBSD_5_8_BASE

author: cvs2svn <admin@example.com> 2015-08-02 21:54:22 +0000
committer: cvs2svn <admin@example.com> 2015-08-02 21:54:22 +0000
commit: 92262c9818409ff436c41f1e51c2cea5b227f152 (patch)
tree: 5609c82060f75c53af0a7641d9b33a88574876cd /src/lib/libssl/test/testtsa
parent: ed40f444ba01bcae1d8540f9c26d79537ab5baf2 (diff)
download: openbsd-OPENBSD_5_8_BASE.tar.gz
openbsd-OPENBSD_5_8_BASE.tar.bz2
openbsd-OPENBSD_5_8_BASE.zip
1 files changed, 0 insertions, 238 deletions
diff --git a/src/lib/libssl/test/testtsa b/src/lib/libssl/test/testtsa
deleted file mode 100644
index bb653b5f73..0000000000
--- a/src/lib/libssl/test/testtsa
+++ /dev/null
@@ -1,238 +0,0 @@
-#!/bin/sh
-#
-# A few very basic tests for the 'ts' time stamping authority command.
-#
-SH="/bin/sh"
-if test "$OSTYPE" = msdosdjgpp; then
-    PATH="../apps\;$PATH"
-else
-    PATH="../apps:$PATH"
-fi
-export SH PATH
-OPENSSL_CONF="../CAtsa.cnf"
-export OPENSSL_CONF
-# Because that's what ../apps/CA.sh really looks at
-SSLEAY_CONFIG="-config $OPENSSL_CONF"
-export SSLEAY_CONFIG
-OPENSSL="`pwd`/../util/opensslwrap.sh"
-export OPENSSL
-error () {
-    echo "TSA test failed!" >&2
-    exit 1
-}
-setup_dir () {
-    rm -rf tsa 2>/dev/null
-    mkdir tsa
-    cd ./tsa
-}
-clean_up_dir () {
-    cd ..
-    rm -rf tsa
-}
-create_ca () {
-    echo "Creating a new CA for the TSA tests..."
-    TSDNSECT=ts_ca_dn
-    export TSDNSECT   
-    ../../util/shlib_wrap.sh ../../apps/openssl req -new -x509 -nodes \
-        -out tsaca.pem -keyout tsacakey.pem
-    test $? != 0 && error
-}
-create_tsa_cert () {
-    INDEX=$1
-    export INDEX
-    EXT=$2
-    TSDNSECT=ts_cert_dn
-    export TSDNSECT   
-    ../../util/shlib_wrap.sh ../../apps/openssl req -new \
-        -out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem
-    test $? != 0 && error
-echo Using extension $EXT
-    ../../util/shlib_wrap.sh ../../apps/openssl x509 -req \
-        -in tsa_req${INDEX}.pem -out tsa_cert${INDEX}.pem \
-        -CA tsaca.pem -CAkey tsacakey.pem -CAcreateserial \
-        -extfile $OPENSSL_CONF -extensions $EXT
-    test $? != 0 && error
-}
-print_request () {
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -query -in $1 -text
-}
-create_time_stamp_request1 () {
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy1 -cert -out req1.tsq
-    test $? != 0 && error
-}
-create_time_stamp_request2 () {
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy2 -no_nonce \
-        -out req2.tsq
-    test $? != 0 && error
-}
-create_time_stamp_request3 () {
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../CAtsa.cnf -no_nonce -out req3.tsq
-    test $? != 0 && error
-}
-print_response () {
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $1 -text
-    test $? != 0 && error
-}
-create_time_stamp_response () {
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -section $3 -queryfile $1 -out $2
-    test $? != 0 && error
-}
-time_stamp_response_token_test () {
-    RESPONSE2=$2.copy.tsr
-    TOKEN_DER=$2.token.der
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $TOKEN_DER -token_out
-    test $? != 0 && error
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -out $RESPONSE2
-    test $? != 0 && error
-    cmp $RESPONSE2 $2
-    test $? != 0 && error
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -text -token_out
-    test $? != 0 && error
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -text -token_out
-    test $? != 0 && error
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -queryfile $1 -text -token_out
-    test $? != 0 && error
-}
-verify_time_stamp_response () {
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \
-        -untrusted tsa_cert1.pem
-    test $? != 0 && error
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2 -CAfile tsaca.pem \
-        -untrusted tsa_cert1.pem
-    test $? != 0 && error
-}
-verify_time_stamp_token () {
-    # create the token from the response first
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $2.token -token_out
-    test $? != 0 && error
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2.token -token_in \
-        -CAfile tsaca.pem -untrusted tsa_cert1.pem
-    test $? != 0 && error
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2.token -token_in \
-        -CAfile tsaca.pem -untrusted tsa_cert1.pem
-    test $? != 0 && error
-}
-verify_time_stamp_response_fail () {
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \
-        -untrusted tsa_cert1.pem
-    # Checks if the verification failed, as it should have.
-    test $? = 0 && error
-    echo Ok
-}
-# main functions
-echo "Setting up TSA test directory..."
-setup_dir
-echo "Creating CA for TSA tests..."
-create_ca
-echo "Creating tsa_cert1.pem TSA server cert..."
-create_tsa_cert 1 tsa_cert
-echo "Creating tsa_cert2.pem non-TSA server cert..."
-create_tsa_cert 2 non_tsa_cert
-echo "Creating req1.req time stamp request for file testtsa..."
-create_time_stamp_request1
-echo "Printing req1.req..."
-print_request req1.tsq
-echo "Generating valid response for req1.req..."
-create_time_stamp_response req1.tsq resp1.tsr tsa_config1
-echo "Printing response..."
-print_response resp1.tsr
-echo "Verifying valid response..."
-verify_time_stamp_response req1.tsq resp1.tsr ../testtsa
-echo "Verifying valid token..."
-verify_time_stamp_token req1.tsq resp1.tsr ../testtsa
-# The tests below are commented out, because invalid signer certificates
-# can no longer be specified in the config file.
-# echo "Generating _invalid_ response for req1.req..."
-# create_time_stamp_response req1.tsq resp1_bad.tsr tsa_config2
-# echo "Printing response..."
-# print_response resp1_bad.tsr
-# echo "Verifying invalid response, it should fail..."
-# verify_time_stamp_response_fail req1.tsq resp1_bad.tsr
-echo "Creating req2.req time stamp request for file testtsa..."
-create_time_stamp_request2
-echo "Printing req2.req..."
-print_request req2.tsq
-echo "Generating valid response for req2.req..."
-create_time_stamp_response req2.tsq resp2.tsr tsa_config1
-echo "Checking '-token_in' and '-token_out' options with '-reply'..."
-time_stamp_response_token_test req2.tsq resp2.tsr
-echo "Printing response..."
-print_response resp2.tsr
-echo "Verifying valid response..."
-verify_time_stamp_response req2.tsq resp2.tsr ../testtsa
-echo "Verifying response against wrong request, it should fail..."
-verify_time_stamp_response_fail req1.tsq resp2.tsr
-echo "Verifying response against wrong request, it should fail..."
-verify_time_stamp_response_fail req2.tsq resp1.tsr
-echo "Creating req3.req time stamp request for file CAtsa.cnf..."
-create_time_stamp_request3
-echo "Printing req3.req..."
-print_request req3.tsq
-echo "Verifying response against wrong request, it should fail..."
-verify_time_stamp_response_fail req3.tsq resp1.tsr
-echo "Cleaning up..."
-clean_up_dir
-exit 0
author	cvs2svn <admin@example.com>	2015-08-02 21:54:22 +0000
committer	cvs2svn <admin@example.com>	2015-08-02 21:54:22 +0000
commit	92262c9818409ff436c41f1e51c2cea5b227f152 (patch)
tree	5609c82060f75c53af0a7641d9b33a88574876cd /src/lib/libssl/test/testtsa
parent	ed40f444ba01bcae1d8540f9c26d79537ab5baf2 (diff)
download	openbsd-OPENBSD_5_8_BASE.tar.gz openbsd-OPENBSD_5_8_BASE.tar.bz2 openbsd-OPENBSD_5_8_BASE.zip

diff --git a/src/lib/libssl/test/testtsa b/src/lib/libssl/test/testtsa deleted file mode 100644 index bb653b5f73..0000000000 --- a/src/lib/libssl/test/testtsa +++ /dev/null
@@ -1,238 +0,0 @@
1	#!/bin/sh
2
3	#
4	# A few very basic tests for the 'ts' time stamping authority command.
5	#
6
7	SH="/bin/sh"
8	if test "$OSTYPE" = msdosdjgpp; then
9	PATH="../apps\;$PATH"
10	else
11	PATH="../apps:$PATH"
12	fi
13	export SH PATH
14
15	OPENSSL_CONF="../CAtsa.cnf"
16	export OPENSSL_CONF
17	# Because that's what ../apps/CA.sh really looks at
18	SSLEAY_CONFIG="-config $OPENSSL_CONF"
19	export SSLEAY_CONFIG
20
21	OPENSSL="`pwd`/../util/opensslwrap.sh"
22	export OPENSSL
23
24	error () {
25
26	echo "TSA test failed!" >&2
27	exit 1
28	}
29
30	setup_dir () {
31
32	rm -rf tsa 2>/dev/null
33	mkdir tsa
34	cd ./tsa
35	}
36
37	clean_up_dir () {
38
39	cd ..
40	rm -rf tsa
41	}
42
43	create_ca () {
44
45	echo "Creating a new CA for the TSA tests..."
46	TSDNSECT=ts_ca_dn
47	export TSDNSECT
48	../../util/shlib_wrap.sh ../../apps/openssl req -new -x509 -nodes \
49	-out tsaca.pem -keyout tsacakey.pem
50	test $? != 0 && error
51	}
52
53	create_tsa_cert () {
54
55	INDEX=$1
56	export INDEX
57	EXT=$2
58	TSDNSECT=ts_cert_dn
59	export TSDNSECT
60
61	../../util/shlib_wrap.sh ../../apps/openssl req -new \
62	-out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem
63	test $? != 0 && error
64	echo Using extension $EXT
65	../../util/shlib_wrap.sh ../../apps/openssl x509 -req \
66	-in tsa_req${INDEX}.pem -out tsa_cert${INDEX}.pem \
67	-CA tsaca.pem -CAkey tsacakey.pem -CAcreateserial \
68	-extfile $OPENSSL_CONF -extensions $EXT
69	test $? != 0 && error
70	}
71
72	print_request () {
73
74	../../util/shlib_wrap.sh ../../apps/openssl ts -query -in $1 -text
75	}
76
77	create_time_stamp_request1 () {
78
79	../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy1 -cert -out req1.tsq
80	test $? != 0 && error
81	}
82
83	create_time_stamp_request2 () {
84
85	../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy2 -no_nonce \
86	-out req2.tsq
87	test $? != 0 && error
88	}
89
90	create_time_stamp_request3 () {
91
92	../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../CAtsa.cnf -no_nonce -out req3.tsq
93	test $? != 0 && error
94	}
95
96	print_response () {
97
98	../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $1 -text
99	test $? != 0 && error
100	}
101
102	create_time_stamp_response () {
103
104	../../util/shlib_wrap.sh ../../apps/openssl ts -reply -section $3 -queryfile $1 -out $2
105	test $? != 0 && error
106	}
107
108	time_stamp_response_token_test () {
109
110	RESPONSE2=$2.copy.tsr
111	TOKEN_DER=$2.token.der
112	../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $TOKEN_DER -token_out
113	test $? != 0 && error
114	../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -out $RESPONSE2
115	test $? != 0 && error
116	cmp $RESPONSE2 $2
117	test $? != 0 && error
118	../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -text -token_out
119	test $? != 0 && error
120	../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -text -token_out
121	test $? != 0 && error
122	../../util/shlib_wrap.sh ../../apps/openssl ts -reply -queryfile $1 -text -token_out
123	test $? != 0 && error
124	}
125
126	verify_time_stamp_response () {
127
128	../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \
129	-untrusted tsa_cert1.pem
130	test $? != 0 && error
131	../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2 -CAfile tsaca.pem \
132	-untrusted tsa_cert1.pem
133	test $? != 0 && error
134	}
135
136	verify_time_stamp_token () {
137
138	# create the token from the response first
139	../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $2.token -token_out
140	test $? != 0 && error
141	../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2.token -token_in \
142	-CAfile tsaca.pem -untrusted tsa_cert1.pem
143	test $? != 0 && error
144	../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2.token -token_in \
145	-CAfile tsaca.pem -untrusted tsa_cert1.pem
146	test $? != 0 && error
147	}
148
149	verify_time_stamp_response_fail () {
150
151	../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \
152	-untrusted tsa_cert1.pem
153	# Checks if the verification failed, as it should have.
154	test $? = 0 && error
155	echo Ok
156	}
157
158	# main functions
159
160	echo "Setting up TSA test directory..."
161	setup_dir
162
163	echo "Creating CA for TSA tests..."
164	create_ca
165
166	echo "Creating tsa_cert1.pem TSA server cert..."
167	create_tsa_cert 1 tsa_cert
168
169	echo "Creating tsa_cert2.pem non-TSA server cert..."
170	create_tsa_cert 2 non_tsa_cert
171
172	echo "Creating req1.req time stamp request for file testtsa..."
173	create_time_stamp_request1
174
175	echo "Printing req1.req..."
176	print_request req1.tsq
177
178	echo "Generating valid response for req1.req..."
179	create_time_stamp_response req1.tsq resp1.tsr tsa_config1
180
181	echo "Printing response..."
182	print_response resp1.tsr
183
184	echo "Verifying valid response..."
185	verify_time_stamp_response req1.tsq resp1.tsr ../testtsa
186
187	echo "Verifying valid token..."
188	verify_time_stamp_token req1.tsq resp1.tsr ../testtsa
189
190	# The tests below are commented out, because invalid signer certificates
191	# can no longer be specified in the config file.
192
193	# echo "Generating _invalid_ response for req1.req..."
194	# create_time_stamp_response req1.tsq resp1_bad.tsr tsa_config2
195
196	# echo "Printing response..."
197	# print_response resp1_bad.tsr
198
199	# echo "Verifying invalid response, it should fail..."
200	# verify_time_stamp_response_fail req1.tsq resp1_bad.tsr
201
202	echo "Creating req2.req time stamp request for file testtsa..."
203	create_time_stamp_request2
204
205	echo "Printing req2.req..."
206	print_request req2.tsq
207
208	echo "Generating valid response for req2.req..."
209	create_time_stamp_response req2.tsq resp2.tsr tsa_config1
210
211	echo "Checking '-token_in' and '-token_out' options with '-reply'..."
212	time_stamp_response_token_test req2.tsq resp2.tsr
213
214	echo "Printing response..."
215	print_response resp2.tsr
216
217	echo "Verifying valid response..."
218	verify_time_stamp_response req2.tsq resp2.tsr ../testtsa
219
220	echo "Verifying response against wrong request, it should fail..."
221	verify_time_stamp_response_fail req1.tsq resp2.tsr
222
223	echo "Verifying response against wrong request, it should fail..."
224	verify_time_stamp_response_fail req2.tsq resp1.tsr
225
226	echo "Creating req3.req time stamp request for file CAtsa.cnf..."
227	create_time_stamp_request3
228
229	echo "Printing req3.req..."
230	print_request req3.tsq
231
232	echo "Verifying response against wrong request, it should fail..."
233	verify_time_stamp_response_fail req3.tsq resp1.tsr
234
235	echo "Cleaning up..."
236	clean_up_dir
237
238	exit 0