OPENSSL="`pwd`/../util/opensslwrap.sh"
export OPENSSL
-setup_dir () {
- rm -rf tsa 2>/dev/null
- mkdir tsa
- cd ./tsa
-}
-
-clean_up_dir () {
- cd ..
- rm -rf tsa
-}
-
-create_ca () {
- echo creating a new CA for the TSA tests
- TSDNSECT=ts_ca_dn
- export TSDNSECT
- ../../util/shlib_wrap.sh ../../apps/openssl req -new -x509 -nodes \
- -out tsaca.pem -keyout tsacakey.pem || exit 1
+RUN () {
+ ../../util/shlib_wrap.sh ../../apps/openssl ts $*
}
create_tsa_cert () {
-
INDEX=$1
export INDEX
EXT=$2
TSDNSECT=ts_cert_dn
- export TSDNSECT
+ export TSDNSECT
../../util/shlib_wrap.sh ../../apps/openssl req -new \
-out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem || exit 1
-extfile $OPENSSL_CONF -extensions $EXT || exit 1
}
-print_request () {
-
- ../../util/shlib_wrap.sh ../../apps/openssl ts -query -in $1 -text
-}
-
-create_time_stamp_request1 () {
-
- ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy1 -cert -out req1.tsq || exit 1
-}
-
-create_time_stamp_request2 () {
-
- ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy2 -no_nonce \
- -out req2.tsq || exit 1
-}
-
-create_time_stamp_request3 () {
-
- ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../CAtsa.cnf -no_nonce -out req3.tsq || exit 1
-}
-
-print_response () {
-
- ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $1 -text || exit 1
-}
-
create_time_stamp_response () {
-
- ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -section $3 -queryfile $1 -out $2 || exit 1
-}
-
-time_stamp_response_token_test () {
-
- RESPONSE2=$2.copy.tsr
- TOKEN_DER=$2.token.der
- ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $TOKEN_DER -token_out || exit 1
- ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -out $RESPONSE2 || exit 1
- cmp $RESPONSE2 $2 || exit 1
- ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -text -token_out || exit 1
- ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -text -token_out || exit 1
- ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -queryfile $1 -text -token_out || exit 1
+ RUN -reply -section $3 -queryfile $1 -out $2 || exit 1
}
verify_time_stamp_response () {
-
- ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \
+ RUN -verify -queryfile $1 -in $2 -CAfile tsaca.pem \
-untrusted tsa_cert1.pem || exit 1
- ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2 -CAfile tsaca.pem \
+ RUN -verify -data $3 -in $2 -CAfile tsaca.pem \
-untrusted tsa_cert1.pem || exit 1
}
-verify_time_stamp_token () {
-
- # create the token from the response first
- ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $2.token -token_out || exit 1
- ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2.token -token_in \
- -CAfile tsaca.pem -untrusted tsa_cert1.pem || exit 1
- ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2.token -token_in \
- -CAfile tsaca.pem -untrusted tsa_cert1.pem || exit 1
-}
-
verify_time_stamp_response_fail () {
-
- ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \
+ RUN -verify -queryfile $1 -in $2 -CAfile tsaca.pem \
-untrusted tsa_cert1.pem && exit 1
echo ok
}
# main functions
echo setting up TSA test directory
-setup_dir
-
-echo creating CA for TSA tests
-create_ca
+rm -rf tsa 2>/dev/null
+mkdir tsa
+cd ./tsa
+
+echo creating a new CA for the TSA tests
+TSDNSECT=ts_ca_dn
+export TSDNSECT
+../../util/shlib_wrap.sh ../../apps/openssl req -new -x509 -nodes \
+ -out tsaca.pem -keyout tsacakey.pem || exit 1
echo creating tsa_cert1.pem TSA server cert
create_tsa_cert 1 tsa_cert
create_tsa_cert 2 non_tsa_cert
echo creating req1.req time stamp request for file testtsa
-create_time_stamp_request1
+RUN -query -data ../testtsa -policy tsa_policy1 -cert -out req1.tsq || exit 1
echo printing req1.req
-print_request req1.tsq
+RUN -query -in req1.tsq -text
echo generating valid response for req1.req
create_time_stamp_response req1.tsq resp1.tsr tsa_config1
echo printing response
-print_response resp1.tsr
+RUN -reply -in resp1.tsr -text || exit 1
echo verifying valid response
verify_time_stamp_response req1.tsq resp1.tsr ../testtsa
echo verifying valid token
-verify_time_stamp_token req1.tsq resp1.tsr ../testtsa
+RUN -reply -in resp1.tsr -out resp1.tsr.token -token_out || exit 1
+RUN -verify -queryfile req1.tsq -in resp1.tsr.token -token_in \
+ -CAfile tsaca.pem -untrusted tsa_cert1.pem || exit 1
+RUN -verify -data ../testtsa -in resp1.tsr.token -token_in \
+ -CAfile tsaca.pem -untrusted tsa_cert1.pem || exit 1
echo creating req2.req time stamp request for file testtsa
-create_time_stamp_request2
+RUN -query -data ../testtsa -policy tsa_policy2 -no_nonce \
+ -out req2.tsq || exit 1
echo printing req2.req
-print_request req2.tsq
+RUN -query -in req2.tsq -text
echo generating valid response for req2.req
create_time_stamp_response req2.tsq resp2.tsr tsa_config1
echo checking -token_in and -token_out options with -reply
-time_stamp_response_token_test req2.tsq resp2.tsr
+RESPONSE2=resp2.tsr.copy.tsr
+TOKEN_DER=resp2.tsr.token.der
+RUN -reply -in resp2.tsr -out $TOKEN_DER -token_out || exit 1
+RUN -reply -in $TOKEN_DER -token_in -out $RESPONSE2 || exit 1
+cmp $RESPONSE2 resp2.tsr || exit 1
+RUN -reply -in resp2.tsr -text -token_out || exit 1
+RUN -reply -in $TOKEN_DER -token_in -text -token_out || exit 1
+RUN -reply -queryfile req2.tsq -text -token_out || exit 1
echo printing response
-print_response resp2.tsr
+RUN -reply -in resp2.tsr -text || exit 1
echo verifying valid response
verify_time_stamp_response req2.tsq resp2.tsr ../testtsa
verify_time_stamp_response_fail req2.tsq resp1.tsr
echo creating req3.req time stamp request for file CAtsa.cnf
-create_time_stamp_request3
+RUN -query -data ../CAtsa.cnf -no_nonce -out req3.tsq || exit 1
echo printing req3.req
-print_request req3.tsq
+RUN -query -in req3.tsq -text
echo verifying response against wrong request, it should fail
verify_time_stamp_response_fail req3.tsq resp1.tsr
echo cleaning up
-clean_up_dir
+cd ..
+rm -rf tsa
exit 0
projects / oweals / openssl.git / commitdiff