119
108
echo $* >>${CERT_LOG_FILE}
122
################################ noise ##################################
123
# Generate noise for our certs
125
# NOTE: these keys are only suitable for testing, as this whole thing bypasses
126
# the entropy gathering. Don't use this method to generate keys and certs for
127
# product use or deployment.
128
#########################################################################
131
#netstat >> ${NOISE_FILE} 2>&1
132
date >> ${NOISE_FILE} 2>&1
135
111
################################ certu #################################
136
112
# local shell function to call certutil, also: writes action and options to
137
113
# stdout, sets variable RET and writes results to the html file results
1097
1073
fi # if NSS_ENABLE_ECC=1
1076
########################### cert_extensions_test #############################
1077
# local shell function to test cert extensions generation
1078
##############################################################################
1079
cert_extensions_test()
1081
COUNT=`expr ${COUNT} + 1`
1082
CERTNAME=TestExt${COUNT}
1083
CU_SUBJECT="CN=${CERTNAME}, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
1086
echo certutil -d ${CERT_EXTENSIONS_DIR} -S -n ${CERTNAME} \
1087
-t "u,u,u" -o /tmp/cert -s "${CU_SUBJECT}" -x -f ${R_PWFILE} \
1088
-z "${R_NOISE_FILE}" -${OPT} \< ${TARG_FILE}
1089
echo "certutil options:"
1091
${BINDIR}/certutil -d ${CERT_EXTENSIONS_DIR} -S -n ${CERTNAME} \
1092
-t "u,u,u" -o /tmp/cert -s "${CU_SUBJECT}" -x -f ${R_PWFILE} \
1093
-z "${R_NOISE_FILE}" -${OPT} < ${TARG_FILE}
1095
if [ "${RET}" -ne 0 ]; then
1097
html_failed "${TESTNAME} (${COUNT}) - Create and Add Certificate"
1098
cert_log "ERROR: ${TESTNAME} - Create and Add Certificate failed"
1102
echo certutil -d ${CERT_EXTENSIONS_DIR} -L -n ${CERTNAME}
1103
EXTLIST=`${BINDIR}/certutil -d ${CERT_EXTENSIONS_DIR} -L -n ${CERTNAME}`
1106
if [ "${RET}" -ne 0 ]; then
1108
html_failed "${TESTNAME} (${COUNT}) - List Certificate"
1109
cert_log "ERROR: ${TESTNAME} - List Certificate failed"
1113
for FL in `echo ${FILTERLIST} | tr \| ' '`; do
1114
FL="`echo ${FL} | tr _ ' '`"
1116
if [ X`echo "${FL}" | cut -c 1` = 'X!' ]; then
1118
FL=`echo ${FL} | tr -d '!'`
1120
echo "${EXTLIST}" | grep "${FL}" >/dev/null 2>&1
1122
if [ "${RET}" -ne "${EXPSTAT}" ]; then
1124
html_failed "${TESTNAME} (${COUNT}) - Looking for ${FL}" "returned ${RET}, expected is ${EXPSTAT}"
1125
cert_log "ERROR: ${TESTNAME} - Looking for ${FL} failed"
1130
html_passed "${TESTNAME} (${COUNT})"
1099
1134
############################## cert_extensions ###############################
1100
# local shell function to test cert extensions generation.
1135
# local shell function to run cert extensions tests
1101
1136
##############################################################################
1108
[ $res -ne 0 ] && return 1
1110
for fl in `echo $filterList | tr \| ' '`; do
1111
fl="`echo $fl | tr _ ' '`"
1113
if [ X`echo "$fl" | cut -c 1` = 'X!' ]; then
1115
fl=`echo $fl | tr -d '!'`
1117
${BINDIR}/certutil -d ${CERT_EXTENSIONS_DIR} -L -n $CERTNAME | grep "$fl" >/dev/null 2>&1
1118
[ $? -ne $expStat ] && return 1
1124
1137
cert_extensions()
1127
1139
CERTNAME=TestExt
1128
cert_create_cert ${CERT_EXTENSIONS_DIR} $CERTNAME 90 ${D_CERT_EXTENSTIONS}
1140
cert_create_cert ${CERT_EXTENSIONS_DIR} ${CERTNAME} 90 ${D_CERT_EXTENSTIONS}
1129
1141
TARG_FILE=${CERT_EXTENSIONS_DIR}/test.args
1131
CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
1134
while read arg opt filterList; do
1135
if [ X"`echo $arg | cut -c 1`" = "X#" ]; then
1138
if [ X"`echo $arg | cut -c 1`" = "X!" ]; then
1139
testName="$filterList"
1142
if [ X"$arg" = "X=" ]; then
1143
count=`expr $count + 1`
1144
echo "#################################################"
1145
CU_ACTION="Testing $testName"
1146
${BINDIR}/certutil -d ${CERT_EXTENSIONS_DIR} -D -n $CERTNAME
1147
echo certutil -d ${CERT_EXTENSIONS_DIR} -S -n $CERTNAME \
1148
-t "u,u,u" -o /tmp/cert -s "${CU_SUBJECT}" -x -f ${R_PWFILE} \
1149
-z "${R_NOISE_FILE}" -$opt < $TARG_FILE
1150
${BINDIR}/certutil -d ${CERT_EXTENSIONS_DIR} -S -n $CERTNAME -t "u,u,u" \
1151
-o /tmp/cert -s "${CU_SUBJECT}" -x -f ${R_PWFILE} \
1152
-z "${R_NOISE_FILE}" -$opt < $TARG_FILE
1154
echo "certutil options:"
1156
checkRes $ret "$filterList"
1158
if [ "$RET" -ne 0 ]; then
1160
html_failed "${CU_ACTION} ($RET) "
1161
cert_log "ERROR: ${CU_ACTION} failed $RET"
1163
html_passed "${CU_ACTION}"
1144
while read ARG OPT FILTERLIST; do
1145
if [ X"`echo ${ARG} | cut -c 1`" = "X#" ]; then
1148
if [ X"`echo ${ARG} | cut -c 1`" = "X!" ]; then
1149
TESTNAME="${FILTERLIST}"
1152
if [ X"${ARG}" = "X=" ]; then
1153
cert_extensions_test
1167
echo $arg >> $TARG_FILE
1156
echo ${ARG} >> ${TARG_FILE}
1169
1158
done < ${QADIR}/cert/certext.txt
1173
1161
############################## cert_crl_ssl ############################
1174
1162
# local shell function to generate certs and crls for SSL tests
1175
1163
########################################################################