3
# This Source Code Form is subject to the terms of the Mozilla Public
4
# License, v. 2.0. If a copy of the MPL was not distributed with this
5
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
7
########################################################################
9
# mozilla/security/nss/tests/smime/smime.sh
11
# Script to test NSS smime
13
# needs to work on all Unix and Windows platforms
17
# FIXME ... known problems, search for this string
18
# NOTE .... unexpected behavior
20
########################################################################
22
############################## smime_init ##############################
23
# local shell function to initialize this script
24
########################################################################
27
SCRIPTNAME=smime.sh # sourced - $0 would point to all.sh
29
if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for
30
CLEANUP="${SCRIPTNAME}" # cleaning this script will do it
33
if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
37
if [ ! -r $CERT_LOG_FILE ]; then # we need certificates here
43
if [ -n "$NSS_ENABLE_ECC" ] ; then
44
html_head "S/MIME Tests with ECC"
46
html_head "S/MIME Tests"
49
grep "SUCCESS: SMIME passed" $CERT_LOG_FILE >/dev/null || {
50
Exit 11 "Fatal - S/MIME of cert.sh needs to pass first"
53
SMIMEDIR=${HOSTDIR}/smime
57
cp ${QADIR}/smime/alice.txt ${SMIMEDIR}
65
echo "$SCRIPTNAME: Signing Detached Message {$HASH} ------------------"
66
echo "cmsutil -S -T -N Alice ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.d${SIG}"
67
${PROFTOOL} ${BINDIR}/cmsutil -S -T -N Alice ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.d${SIG}
68
html_msg $? 0 "Create Detached Signature Alice (${HASH})" "."
70
echo "cmsutil -D -i alice.d${SIG} -c alice.txt -d ${P_R_BOBDIR} "
71
${PROFTOOL} ${BINDIR}/cmsutil -D -i alice.d${SIG} -c alice.txt -d ${P_R_BOBDIR}
72
html_msg $? 0 "Verifying Alice's Detached Signature (${HASH})" "."
74
echo "$SCRIPTNAME: Signing Attached Message (${HASH}) ------------------"
75
echo "cmsutil -S -N Alice ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.${SIG}"
76
${PROFTOOL} ${BINDIR}/cmsutil -S -N Alice ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.${SIG}
77
html_msg $? 0 "Create Attached Signature Alice (${HASH})" "."
79
echo "cmsutil -D -i alice.${SIG} -d ${P_R_BOBDIR} -o alice.data.${HASH}"
80
${PROFTOOL} ${BINDIR}/cmsutil -D -i alice.${SIG} -d ${P_R_BOBDIR} -o alice.data.${HASH}
81
html_msg $? 0 "Decode Alice's Attached Signature (${HASH})" "."
83
echo "diff alice.txt alice.data.${HASH}"
84
diff alice.txt alice.data.${HASH}
85
html_msg $? 0 "Compare Attached Signed Data and Original (${HASH})" "."
87
# Test ECDSA signing for all hash algorithms.
88
if [ -n "$NSS_ENABLE_ECC" ] ; then
89
echo "$SCRIPTNAME: Signing Detached Message ECDSA w/ {$HASH} ------------------"
90
echo "cmsutil -S -T -N Alice-ec ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice-ec.d${SIG}"
91
${PROFTOOL} ${BINDIR}/cmsutil -S -T -N Alice-ec ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice-ec.d${SIG}
92
html_msg $? 0 "Create Detached Signature Alice (ECDSA w/ ${HASH})" "."
94
echo "cmsutil -D -i alice-ec.d${SIG} -c alice.txt -d ${P_R_BOBDIR} "
95
${PROFTOOL} ${BINDIR}/cmsutil -D -i alice-ec.d${SIG} -c alice.txt -d ${P_R_BOBDIR}
96
html_msg $? 0 "Verifying Alice's Detached Signature (ECDSA w/ ${HASH})" "."
98
echo "$SCRIPTNAME: Signing Attached Message (ECDSA w/ ${HASH}) ------------------"
99
echo "cmsutil -S -N Alice-ec ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice-ec.${SIG}"
100
${PROFTOOL} ${BINDIR}/cmsutil -S -N Alice-ec ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice-ec.${SIG}
101
html_msg $? 0 "Create Attached Signature Alice (ECDSA w/ ${HASH})" "."
103
echo "cmsutil -D -i alice-ec.${SIG} -d ${P_R_BOBDIR} -o alice-ec.data.${HASH}"
104
${PROFTOOL} ${BINDIR}/cmsutil -D -i alice-ec.${SIG} -d ${P_R_BOBDIR} -o alice-ec.data.${HASH}
105
html_msg $? 0 "Decode Alice's Attached Signature (ECDSA w/ ${HASH})" "."
107
echo "diff alice.txt alice-ec.data.${HASH}"
108
diff alice.txt alice-ec.data.${HASH}
109
html_msg $? 0 "Compare Attached Signed Data and Original (ECDSA w/ ${HASH})" "."
118
echo "$SCRIPTNAME: p7 util Data Tests ------------------------------"
119
echo "p7env -d ${P_R_ALICEDIR} -r Alice -i alice.txt -o alice_p7.env"
120
${PROFTOOL} ${BINDIR}/p7env -d ${P_R_ALICEDIR} -r Alice -i alice.txt -o alice.env
121
html_msg $? 0 "Creating envelope for user Alice" "."
123
echo "p7content -d ${P_R_ALICEDIR} -i alice.env -o alice_p7.data"
124
${PROFTOOL} ${BINDIR}/p7content -d ${P_R_ALICEDIR} -i alice.env -o alice_p7.data -p nss
125
html_msg $? 0 "Verifying file delivered to user Alice" "."
127
sed -e '3,8p' -n alice_p7.data > alice_p7.data.sed
129
echo "diff alice.txt alice_p7.data.sed"
130
diff alice.txt alice_p7.data.sed
131
html_msg $? 0 "Compare Decoded Enveloped Data and Original" "."
133
echo "p7sign -d ${P_R_ALICEDIR} -k Alice -i alice.txt -o alice.sig -p nss -e"
134
${PROFTOOL} ${BINDIR}/p7sign -d ${P_R_ALICEDIR} -k Alice -i alice.txt -o alice.sig -p nss -e
135
html_msg $? 0 "Signing file for user Alice" "."
137
echo "p7verify -d ${P_R_ALICEDIR} -c alice.txt -s alice.sig"
138
${PROFTOOL} ${BINDIR}/p7verify -d ${P_R_ALICEDIR} -c alice.txt -s alice.sig
139
html_msg $? 0 "Verifying file delivered to user Alice" "."
142
############################## smime_main ##############################
143
# local shell function to test basic signed and enveloped messages
145
########################################################################
158
echo "$SCRIPTNAME: Enveloped Data Tests ------------------------------"
159
echo "cmsutil -E -r bob@bogus.com -i alice.txt -d ${P_R_ALICEDIR} -p nss \\"
161
${PROFTOOL} ${BINDIR}/cmsutil -E -r bob@bogus.com -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.env
162
html_msg $? 0 "Create Enveloped Data Alice" "."
164
echo "cmsutil -D -i alice.env -d ${P_R_BOBDIR} -p nss -o alice.data1"
165
${PROFTOOL} ${BINDIR}/cmsutil -D -i alice.env -d ${P_R_BOBDIR} -p nss -o alice.data1
166
html_msg $? 0 "Decode Enveloped Data Alice" "."
168
echo "diff alice.txt alice.data1"
169
diff alice.txt alice.data1
170
html_msg $? 0 "Compare Decoded Enveloped Data and Original" "."
173
echo "$SCRIPTNAME: Testing multiple recipients ------------------------------"
174
echo "cmsutil -E -i alice.txt -d ${P_R_ALICEDIR} -o alicecc.env \\"
175
echo " -r bob@bogus.com,dave@bogus.com"
176
${PROFTOOL} ${BINDIR}/cmsutil -E -i alice.txt -d ${P_R_ALICEDIR} -o alicecc.env \
177
-r bob@bogus.com,dave@bogus.com
179
html_msg $ret 0 "Create Multiple Recipients Enveloped Data Alice" "."
180
if [ $ret != 0 ] ; then
181
echo "certutil -L -d ${P_R_ALICEDIR}"
182
${BINDIR}/certutil -L -d ${P_R_ALICEDIR}
183
echo "certutil -L -d ${P_R_ALICEDIR} -n dave@bogus.com"
184
${BINDIR}/certutil -L -d ${P_R_ALICEDIR} -n dave@bogus.com
187
echo "$SCRIPTNAME: Testing multiple email addrs ------------------------------"
188
echo "cmsutil -E -i alice.txt -d ${P_R_ALICEDIR} -o aliceve.env \\"
189
echo " -r eve@bogus.net"
190
${PROFTOOL} ${BINDIR}/cmsutil -E -i alice.txt -d ${P_R_ALICEDIR} -o aliceve.env \
193
html_msg $ret 0 "Encrypt to a Multiple Email cert" "."
195
echo "cmsutil -D -i alicecc.env -d ${P_R_BOBDIR} -p nss -o alice.data2"
196
${PROFTOOL} ${BINDIR}/cmsutil -D -i alicecc.env -d ${P_R_BOBDIR} -p nss -o alice.data2
197
html_msg $? 0 "Decode Multiple Recipients Enveloped Data Alice by Bob" "."
199
echo "cmsutil -D -i alicecc.env -d ${P_R_DAVEDIR} -p nss -o alice.data3"
200
${PROFTOOL} ${BINDIR}/cmsutil -D -i alicecc.env -d ${P_R_DAVEDIR} -p nss -o alice.data3
201
html_msg $? 0 "Decode Multiple Recipients Enveloped Data Alice by Dave" "."
203
echo "cmsutil -D -i aliceve.env -d ${P_R_EVEDIR} -p nss -o alice.data4"
204
${PROFTOOL} ${BINDIR}/cmsutil -D -i aliceve.env -d ${P_R_EVEDIR} -p nss -o alice.data4
205
html_msg $? 0 "Decrypt with a Multiple Email cert" "."
207
diff alice.txt alice.data2
208
html_msg $? 0 "Compare Decoded Mult. Recipients Enveloped Data Alice/Bob" "."
210
diff alice.txt alice.data3
211
html_msg $? 0 "Compare Decoded Mult. Recipients Enveloped Data Alice/Dave" "."
213
diff alice.txt alice.data4
214
html_msg $? 0 "Compare Decoded with Multiple Email cert" "."
216
echo "$SCRIPTNAME: Sending CERTS-ONLY Message ------------------------------"
217
echo "cmsutil -O -r \"Alice,bob@bogus.com,dave@bogus.com\" \\"
218
echo " -d ${P_R_ALICEDIR} > co.der"
219
${PROFTOOL} ${BINDIR}/cmsutil -O -r "Alice,bob@bogus.com,dave@bogus.com" -d ${P_R_ALICEDIR} > co.der
220
html_msg $? 0 "Create Certs-Only Alice" "."
222
echo "cmsutil -D -i co.der -d ${P_R_BOBDIR}"
223
${PROFTOOL} ${BINDIR}/cmsutil -D -i co.der -d ${P_R_BOBDIR}
224
html_msg $? 0 "Verify Certs-Only by CA" "."
226
echo "$SCRIPTNAME: Encrypted-Data Message ---------------------------------"
227
echo "cmsutil -C -i alice.txt -e alicehello.env -d ${P_R_ALICEDIR} \\"
228
echo " -r \"bob@bogus.com\" > alice.enc"
229
${PROFTOOL} ${BINDIR}/cmsutil -C -i alice.txt -e alicehello.env -d ${P_R_ALICEDIR} \
230
-r "bob@bogus.com" > alice.enc
231
html_msg $? 0 "Create Encrypted-Data" "."
233
echo "cmsutil -D -i alice.enc -d ${P_R_BOBDIR} -e alicehello.env -p nss \\"
234
echo " -o alice.data2"
235
${PROFTOOL} ${BINDIR}/cmsutil -D -i alice.enc -d ${P_R_BOBDIR} -e alicehello.env -p nss -o alice.data2
236
html_msg $? 0 "Decode Encrypted-Data" "."
238
diff alice.txt alice.data2
239
html_msg $? 0 "Compare Decoded and Original Data" "."
242
############################## smime_cleanup ###########################
243
# local shell function to finish this script (no exit since it might be
245
########################################################################
253
################## main #################################################