diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2006-11-07 16:21:16 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2006-11-07 16:21:16 +0000 |
| commit | cf32ad7fe3410316568ae74c5275574cd5222179 (patch) | |
| tree | e160d838844408dc28999171b7fd9757b4aa6b03 /test | |
| parent | ad0e439604abf22dcf9e9b7ffd0618c7f3489e02 (diff) | |
Make TSA tests use the noprompt mode of utilities rather than piping
the result into interative utilities.
Diffstat (limited to 'test')
| -rw-r--r-- | test/CAtsa.cnf | 42 | ||||
| -rw-r--r-- | test/testtsa | 47 |
2 files changed, 38 insertions, 51 deletions
diff --git a/test/CAtsa.cnf b/test/CAtsa.cnf index 732e9996d6..4ce8c144df 100644 --- a/test/CAtsa.cnf +++ b/test/CAtsa.cnf @@ -11,6 +11,9 @@ RANDFILE = $ENV::HOME/.rnd # Extra OBJECT IDENTIFIER info: oid_section = new_oids +TSDNSECT = ts_cert_dn +INDEX = 1 + [ new_oids ] # Policies used by the TSA tests. @@ -53,36 +56,27 @@ emailAddress = optional [ req ] default_bits = 1024 default_md = sha1 -distinguished_name = req_distinguished_name +distinguished_name = $ENV::TSDNSECT encrypt_rsa_key = no +prompt = no # attributes = req_attributes x509_extensions = v3_ca # The extentions to add to the self signed cert string_mask = nombstr -[ req_distinguished_name ] -countryName = Country Name (2 letter code) -countryName_default = HU -countryName_min = 2 -countryName_max = 2 - -stateOrProvinceName = State or Province Name (full name) -stateOrProvinceName_default = - -localityName = Locality Name (eg, city) - -0.organizationName = Organization Name (eg, company) -0.organizationName_default = +[ ts_ca_dn ] +countryName = HU +stateOrProvinceName = Budapest +localityName = Budapest +organizationName = Gov-CA Ltd. +commonName = ca1 -commonName = Common Name (eg, YOUR name) -commonName_max = 64 - -[ req_attributes ] -challengePassword = A challenge password -challengePassword_min = 4 -challengePassword_max = 20 - -unstructuredName = An optional company name +[ ts_cert_dn ] +countryName = HU +stateOrProvinceName = Budapest +localityName = Buda +organizationName = Hun-TSA Ltd. +commonName = tsa$ENV::INDEX [ tsa_cert ] @@ -138,7 +132,7 @@ dir = . # TSA root directory serial = $dir/tsa_serial # The current serial number (mandatory) signer_cert = $dir/tsa_cert1.pem # The TSA signing certificate # (optional) -certs = $dir/demoCA/cacert.pem# Certificate chain to include in reply +certs = $dir/tsaca.pem # Certificate chain to include in reply # (optional) signer_key = $dir/tsa_key1.pem # The TSA private key (optional) diff --git a/test/testtsa b/test/testtsa index b7113949f2..e403d9ee31 100644 --- a/test/testtsa +++ b/test/testtsa @@ -39,36 +39,29 @@ clean_up_dir () { create_ca () { echo "Creating a new CA for the TSA tests..." - /bin/rm -fr demoCA - $SH ../../apps/CA.sh -newca <<EOF - -HU -Budapest -Budapest -Gov-CA Ltd. -ca1 -EOF + TSDNSECT=ts_ca_dn + export TSDNSECT + ../../util/shlib_wrap.sh ../../apps/openssl req -new -x509 -nodes \ + -out tsaca.pem -keyout tsacakey.pem test $? != 0 && error } create_tsa_cert () { INDEX=$1 + export INDEX EXT=$2 - ../../util/shlib_wrap.sh ../../apps/openssl req -new -out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem <<EOF -HU -Budapest -Buda -Hun-TSA Ltd. -tsa${INDEX} -EOF - test $? != 0 && error + TSDNSECT=ts_cert_dn + export TSDNSECT - ../../util/shlib_wrap.sh ../../apps/openssl ca -in tsa_req${INDEX}.pem -out tsa_cert${INDEX}.pem \ - -extensions $EXT <<EOF -y -y -EOF + ../../util/shlib_wrap.sh ../../apps/openssl req -new \ + -out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem + test $? != 0 && error +echo Using extension $EXT + ../../util/shlib_wrap.sh ../../apps/openssl x509 -req \ + -in tsa_req${INDEX}.pem -out tsa_cert${INDEX}.pem \ + -CA tsaca.pem -CAkey tsacakey.pem -CAcreateserial \ + -extfile $OPENSSL_CONF -extensions $EXT test $? != 0 && error } @@ -128,10 +121,10 @@ time_stamp_response_token_test () { verify_time_stamp_response () { - ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile demoCA/cacert.pem \ + ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \ -untrusted tsa_cert1.pem test $? != 0 && error - ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2 -CAfile demoCA/cacert.pem \ + ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2 -CAfile tsaca.pem \ -untrusted tsa_cert1.pem test $? != 0 && error } @@ -142,16 +135,16 @@ verify_time_stamp_token () { ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $2.token -token_out test $? != 0 && error ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2.token -token_in \ - -CAfile demoCA/cacert.pem -untrusted tsa_cert1.pem + -CAfile tsaca.pem -untrusted tsa_cert1.pem test $? != 0 && error ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2.token -token_in \ - -CAfile demoCA/cacert.pem -untrusted tsa_cert1.pem + -CAfile tsaca.pem -untrusted tsa_cert1.pem test $? != 0 && error } verify_time_stamp_response_fail () { - ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile demoCA/cacert.pem \ + ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \ -untrusted tsa_cert1.pem # Checks if the verification failed, as it should have. test $? = 0 && error |