diff options
author | Rich Salz <rsalz@openssl.org> | 2015-04-10 10:06:17 -0400 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2015-04-10 10:06:17 -0400 |
commit | 30f54ad295d58ff8c6d28c1fd612d23c2c343d19 (patch) | |
tree | f740e39be9698b13d0f0a088903b236988aeb075 /test/testtsa | |
parent | 2cfdfe0918f03f8323c9523a2beb2b363ae86ca7 (diff) |
test script cleanup
Removed commented-out tests
Standardize on doing
cmd ... || exit 1
instead of
cmd ...
if [ $? != 0] ; then
exit 1
fi
where that if statement has ben one, three, or four lines, variously.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'test/testtsa')
-rw-r--r-- | test/testtsa | 132 |
1 files changed, 45 insertions, 87 deletions
diff --git a/test/testtsa b/test/testtsa index a0588e39a6..df9abedff9 100644 --- a/test/testtsa +++ b/test/testtsa @@ -21,33 +21,23 @@ export SSLEAY_CONFIG OPENSSL="`pwd`/../util/opensslwrap.sh" export OPENSSL -error () { - - echo "TSA test failed!" >&2 - exit 1 -} - setup_dir () { - rm -rf tsa 2>/dev/null mkdir tsa cd ./tsa } clean_up_dir () { - cd .. rm -rf tsa } create_ca () { - - echo "Creating a new CA for the TSA tests..." + echo creating a new CA for the TSA tests TSDNSECT=ts_ca_dn export TSDNSECT ../../util/shlib_wrap.sh ../../apps/openssl req -new -x509 -nodes \ - -out tsaca.pem -keyout tsacakey.pem - test $? != 0 && error + -out tsaca.pem -keyout tsacakey.pem || exit 1 } create_tsa_cert () { @@ -59,14 +49,12 @@ create_tsa_cert () { export TSDNSECT ../../util/shlib_wrap.sh ../../apps/openssl req -new \ - -out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem - test $? != 0 && error -echo Using extension $EXT + -out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem || exit 1 + echo using extension $EXT ../../util/shlib_wrap.sh ../../apps/openssl x509 -req \ -in tsa_req${INDEX}.pem -out tsa_cert${INDEX}.pem \ -CA tsaca.pem -CAkey tsacakey.pem -CAcreateserial \ - -extfile $OPENSSL_CONF -extensions $EXT - test $? != 0 && error + -extfile $OPENSSL_CONF -extensions $EXT || exit 1 } print_request () { @@ -76,163 +64,133 @@ print_request () { create_time_stamp_request1 () { - ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy1 -cert -out req1.tsq - test $? != 0 && error + ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy1 -cert -out req1.tsq || exit 1 } create_time_stamp_request2 () { ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy2 -no_nonce \ - -out req2.tsq - test $? != 0 && error + -out req2.tsq || exit 1 } create_time_stamp_request3 () { - ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../CAtsa.cnf -no_nonce -out req3.tsq - test $? != 0 && error + ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../CAtsa.cnf -no_nonce -out req3.tsq || exit 1 } print_response () { - ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $1 -text - test $? != 0 && error + ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $1 -text || exit 1 } create_time_stamp_response () { - ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -section $3 -queryfile $1 -out $2 - test $? != 0 && error + ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -section $3 -queryfile $1 -out $2 || exit 1 } time_stamp_response_token_test () { RESPONSE2=$2.copy.tsr TOKEN_DER=$2.token.der - ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $TOKEN_DER -token_out - test $? != 0 && error - ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -out $RESPONSE2 - test $? != 0 && error - cmp $RESPONSE2 $2 - test $? != 0 && error - ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -text -token_out - test $? != 0 && error - ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -text -token_out - test $? != 0 && error - ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -queryfile $1 -text -token_out - test $? != 0 && error + ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $TOKEN_DER -token_out || exit 1 + ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -out $RESPONSE2 || exit 1 + cmp $RESPONSE2 $2 || exit 1 + ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -text -token_out || exit 1 + ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -text -token_out || exit 1 + ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -queryfile $1 -text -token_out || exit 1 } verify_time_stamp_response () { ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \ - -untrusted tsa_cert1.pem - test $? != 0 && error + -untrusted tsa_cert1.pem || exit 1 ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2 -CAfile tsaca.pem \ - -untrusted tsa_cert1.pem - test $? != 0 && error + -untrusted tsa_cert1.pem || exit 1 } verify_time_stamp_token () { # create the token from the response first - ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $2.token -token_out - test $? != 0 && error + ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $2.token -token_out || exit 1 ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2.token -token_in \ - -CAfile tsaca.pem -untrusted tsa_cert1.pem - test $? != 0 && error + -CAfile tsaca.pem -untrusted tsa_cert1.pem || exit 1 ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2.token -token_in \ - -CAfile tsaca.pem -untrusted tsa_cert1.pem - test $? != 0 && error + -CAfile tsaca.pem -untrusted tsa_cert1.pem || exit 1 } verify_time_stamp_response_fail () { ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \ - -untrusted tsa_cert1.pem - # Checks if the verification failed, as it should have. - test $? = 0 && error - echo Ok + -untrusted tsa_cert1.pem && exit 1 + echo ok } # main functions -echo "Setting up TSA test directory..." +echo setting up TSA test directory setup_dir -echo "Creating CA for TSA tests..." +echo creating CA for TSA tests create_ca -echo "Creating tsa_cert1.pem TSA server cert..." +echo creating tsa_cert1.pem TSA server cert create_tsa_cert 1 tsa_cert -echo "Creating tsa_cert2.pem non-TSA server cert..." +echo creating tsa_cert2.pem non-TSA server cert create_tsa_cert 2 non_tsa_cert -echo "Creating req1.req time stamp request for file testtsa..." +echo creating req1.req time stamp request for file testtsa create_time_stamp_request1 -echo "Printing req1.req..." +echo printing req1.req print_request req1.tsq -echo "Generating valid response for req1.req..." +echo generating valid response for req1.req create_time_stamp_response req1.tsq resp1.tsr tsa_config1 -echo "Printing response..." +echo printing response print_response resp1.tsr -echo "Verifying valid response..." +echo verifying valid response verify_time_stamp_response req1.tsq resp1.tsr ../testtsa -echo "Verifying valid token..." +echo verifying valid token verify_time_stamp_token req1.tsq resp1.tsr ../testtsa -# The tests below are commented out, because invalid signer certificates -# can no longer be specified in the config file. - -# echo "Generating _invalid_ response for req1.req..." -# create_time_stamp_response req1.tsq resp1_bad.tsr tsa_config2 - -# echo "Printing response..." -# print_response resp1_bad.tsr - -# echo "Verifying invalid response, it should fail..." -# verify_time_stamp_response_fail req1.tsq resp1_bad.tsr - -echo "Creating req2.req time stamp request for file testtsa..." +echo creating req2.req time stamp request for file testtsa create_time_stamp_request2 -echo "Printing req2.req..." +echo printing req2.req print_request req2.tsq -echo "Generating valid response for req2.req..." +echo generating valid response for req2.req create_time_stamp_response req2.tsq resp2.tsr tsa_config1 -echo "Checking '-token_in' and '-token_out' options with '-reply'..." +echo checking -token_in and -token_out options with -reply time_stamp_response_token_test req2.tsq resp2.tsr -echo "Printing response..." +echo printing response print_response resp2.tsr -echo "Verifying valid response..." +echo verifying valid response verify_time_stamp_response req2.tsq resp2.tsr ../testtsa -echo "Verifying response against wrong request, it should fail..." +echo verifying response against wrong request, it should fail verify_time_stamp_response_fail req1.tsq resp2.tsr -echo "Verifying response against wrong request, it should fail..." +echo verifying response against wrong request, it should fail verify_time_stamp_response_fail req2.tsq resp1.tsr -echo "Creating req3.req time stamp request for file CAtsa.cnf..." +echo creating req3.req time stamp request for file CAtsa.cnf create_time_stamp_request3 -echo "Printing req3.req..." +echo printing req3.req print_request req3.tsq -echo "Verifying response against wrong request, it should fail..." +echo verifying response against wrong request, it should fail verify_time_stamp_response_fail req3.tsq resp1.tsr -echo "Cleaning up..." +echo cleaning up clean_up_dir exit 0 |