diff options
Diffstat (limited to 'test/Attic/testtsa')
| -rw-r--r-- | test/Attic/testtsa | 147 |
1 files changed, 0 insertions, 147 deletions
diff --git a/test/Attic/testtsa b/test/Attic/testtsa deleted file mode 100644 index fc68ff906c..0000000000 --- a/test/Attic/testtsa +++ /dev/null @@ -1,147 +0,0 @@ -#!/bin/sh - -# -# A few very basic tests for the 'ts' time stamping authority command. -# - -SH="/bin/sh" -if test "$OSTYPE" = msdosdjgpp; then - PATH="../apps\;$PATH" -else - PATH="../apps:$PATH" -fi -export SH PATH - -OPENSSL_CONF="../CAtsa.cnf" -export OPENSSL_CONF -# Because that's what ../apps/CA.pl really looks at -SSLEAY_CONFIG="-config $OPENSSL_CONF" -export SSLEAY_CONFIG - -OPENSSL="`pwd`/../util/opensslwrap.sh" -export OPENSSL - -RUN () { - ../../util/shlib_wrap.sh ../../apps/openssl ts $* -} - -create_tsa_cert () { - INDEX=$1 - export INDEX - EXT=$2 - TSDNSECT=ts_cert_dn - export TSDNSECT - - ../../util/shlib_wrap.sh ../../apps/openssl req -new \ - -out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem || exit 1 - echo using extension $EXT - ../../util/shlib_wrap.sh ../../apps/openssl x509 -req \ - -in tsa_req${INDEX}.pem -out tsa_cert${INDEX}.pem \ - -CA tsaca.pem -CAkey tsacakey.pem -CAcreateserial \ - -extfile $OPENSSL_CONF -extensions $EXT || exit 1 -} - -create_time_stamp_response () { - RUN -reply -section $3 -queryfile $1 -out $2 || exit 1 -} - -verify_time_stamp_response () { - RUN -verify -queryfile $1 -in $2 -CAfile tsaca.pem \ - -untrusted tsa_cert1.pem || exit 1 - RUN -verify -data $3 -in $2 -CAfile tsaca.pem \ - -untrusted tsa_cert1.pem || exit 1 -} - -verify_time_stamp_response_fail () { - RUN -verify -queryfile $1 -in $2 -CAfile tsaca.pem \ - -untrusted tsa_cert1.pem && exit 1 - echo ok -} - -# main functions - -echo setting up TSA test directory -rm -rf tsa 2>/dev/null -mkdir tsa -cd ./tsa - -echo creating a new CA for the TSA tests -TSDNSECT=ts_ca_dn -export TSDNSECT -../../util/shlib_wrap.sh ../../apps/openssl req -new -x509 -nodes \ - -out tsaca.pem -keyout tsacakey.pem || exit 1 - -echo creating tsa_cert1.pem TSA server cert -create_tsa_cert 1 tsa_cert - -echo creating tsa_cert2.pem non-TSA server cert -create_tsa_cert 2 non_tsa_cert - -echo creating req1.req time stamp request for file testtsa -RUN -query -data ../testtsa -policy tsa_policy1 -cert -out req1.tsq || exit 1 - -echo printing req1.req -RUN -query -in req1.tsq -text - -echo generating valid response for req1.req -create_time_stamp_response req1.tsq resp1.tsr tsa_config1 - -echo printing response -RUN -reply -in resp1.tsr -text || exit 1 - -echo verifying valid response -verify_time_stamp_response req1.tsq resp1.tsr ../testtsa - -echo verifying valid token -RUN -reply -in resp1.tsr -out resp1.tsr.token -token_out || exit 1 -RUN -verify -queryfile req1.tsq -in resp1.tsr.token -token_in \ - -CAfile tsaca.pem -untrusted tsa_cert1.pem || exit 1 -RUN -verify -data ../testtsa -in resp1.tsr.token -token_in \ - -CAfile tsaca.pem -untrusted tsa_cert1.pem || exit 1 - -echo creating req2.req time stamp request for file testtsa -RUN -query -data ../testtsa -policy tsa_policy2 -no_nonce \ - -out req2.tsq || exit 1 - -echo printing req2.req -RUN -query -in req2.tsq -text - -echo generating valid response for req2.req -create_time_stamp_response req2.tsq resp2.tsr tsa_config1 - -echo checking -token_in and -token_out options with -reply -RESPONSE2=resp2.tsr.copy.tsr -TOKEN_DER=resp2.tsr.token.der -RUN -reply -in resp2.tsr -out $TOKEN_DER -token_out || exit 1 -RUN -reply -in $TOKEN_DER -token_in -out $RESPONSE2 || exit 1 -cmp $RESPONSE2 resp2.tsr || exit 1 -RUN -reply -in resp2.tsr -text -token_out || exit 1 -RUN -reply -in $TOKEN_DER -token_in -text -token_out || exit 1 -RUN -reply -queryfile req2.tsq -text -token_out || exit 1 - -echo printing response -RUN -reply -in resp2.tsr -text || exit 1 - -echo verifying valid response -verify_time_stamp_response req2.tsq resp2.tsr ../testtsa - -echo verifying response against wrong request, it should fail -verify_time_stamp_response_fail req1.tsq resp2.tsr - -echo verifying response against wrong request, it should fail -verify_time_stamp_response_fail req2.tsq resp1.tsr - -echo creating req3.req time stamp request for file CAtsa.cnf -RUN -query -data ../CAtsa.cnf -no_nonce -out req3.tsq || exit 1 - -echo printing req3.req -RUN -query -in req3.tsq -text - -echo verifying response against wrong request, it should fail -verify_time_stamp_response_fail req3.tsq resp1.tsr - -echo cleaning up -cd .. -rm -rf tsa - -exit 0 |