From 30f54ad295d58ff8c6d28c1fd612d23c2c343d19 Mon Sep 17 00:00:00 2001 From: Rich Salz Date: Fri, 10 Apr 2015 10:06:17 -0400 Subject: [PATCH] test script cleanup Removed commented-out tests Standardize on doing cmd ... || exit 1 instead of cmd ... if [ $? != 0] ; then exit 1 fi where that if statement has ben one, three, or four lines, variously. Reviewed-by: Richard Levitte --- test/tcrl | 63 +++++------------------- test/testca | 25 ++++------ test/testenc | 37 ++++----------- test/testgen | 18 ++----- test/testss | 126 +++++++++++++----------------------------------- test/testtsa | 132 ++++++++++++++++++--------------------------------- test/tkey | 76 ++++++++++------------------- test/tpkcs7 | 36 +++++--------- test/tpkcs7d | 24 ++++------ test/treq | 39 +++++---------- test/tsid | 64 +++++-------------------- test/tx509 | 71 ++++++++++----------------- 12 files changed, 204 insertions(+), 507 deletions(-) diff --git a/test/tcrl b/test/tcrl index 216bb8a050..f01eff870b 100644 --- a/test/tcrl +++ b/test/tcrl @@ -13,67 +13,26 @@ echo testing crl conversions cp $t crl-fff.p echo "p -> d" -$cmd -in crl-fff.p -inform p -outform d >crl-f.d -if [ $? != 0 ]; then exit 1; fi -#echo "p -> t" -#$cmd -in crl-fff.p -inform p -outform t >crl-f.t -#if [ $? != 0 ]; then exit 1; fi +$cmd -in crl-fff.p -inform p -outform d >crl-f.d || exit 1 echo "p -> p" -$cmd -in crl-fff.p -inform p -outform p >crl-f.p -if [ $? != 0 ]; then exit 1; fi +$cmd -in crl-fff.p -inform p -outform p >crl-f.p || exit 1 echo "d -> d" -$cmd -in crl-f.d -inform d -outform d >crl-ff.d1 -if [ $? != 0 ]; then exit 1; fi -#echo "t -> d" -#$cmd -in crl-f.t -inform t -outform d >crl-ff.d2 -#if [ $? != 0 ]; then exit 1; fi +$cmd -in crl-f.d -inform d -outform d >crl-ff.d1 || exit 1 echo "p -> d" -$cmd -in crl-f.p -inform p -outform d >crl-ff.d3 -if [ $? != 0 ]; then exit 1; fi +$cmd -in crl-f.p -inform p -outform d >crl-ff.d3 || exit 1 -#echo "d -> t" -#$cmd -in crl-f.d -inform d -outform t >crl-ff.t1 -#if [ $? != 0 ]; then exit 1; fi -#echo "t -> t" -#$cmd -in crl-f.t -inform t -outform t >crl-ff.t2 -#if [ $? != 0 ]; then exit 1; fi -#echo "p -> t" -#$cmd -in crl-f.p -inform p -outform t >crl-ff.t3 -#if [ $? != 0 ]; then exit 1; fi echo "d -> p" -$cmd -in crl-f.d -inform d -outform p >crl-ff.p1 -if [ $? != 0 ]; then exit 1; fi -#echo "t -> p" -#$cmd -in crl-f.t -inform t -outform p >crl-ff.p2 -#if [ $? != 0 ]; then exit 1; fi +$cmd -in crl-f.d -inform d -outform p >crl-ff.p1 || exit 1 echo "p -> p" -$cmd -in crl-f.p -inform p -outform p >crl-ff.p3 -if [ $? != 0 ]; then exit 1; fi +$cmd -in crl-f.p -inform p -outform p >crl-ff.p3 || exit 1 -cmp crl-fff.p crl-f.p -if [ $? != 0 ]; then exit 1; fi -cmp crl-fff.p crl-ff.p1 -if [ $? != 0 ]; then exit 1; fi -#cmp crl-fff.p crl-ff.p2 -#if [ $? != 0 ]; then exit 1; fi -cmp crl-fff.p crl-ff.p3 -if [ $? != 0 ]; then exit 1; fi - -#cmp crl-f.t crl-ff.t1 -#if [ $? != 0 ]; then exit 1; fi -#cmp crl-f.t crl-ff.t2 -#if [ $? != 0 ]; then exit 1; fi -#cmp crl-f.t crl-ff.t3 -#if [ $? != 0 ]; then exit 1; fi - -cmp crl-f.p crl-ff.p1 -if [ $? != 0 ]; then exit 1; fi -#cmp crl-f.p crl-ff.p2 -#if [ $? != 0 ]; then exit 1; fi -cmp crl-f.p crl-ff.p3 -if [ $? != 0 ]; then exit 1; fi +cmp crl-fff.p crl-f.p || exit 1 +cmp crl-fff.p crl-ff.p1 || exit 1 +cmp crl-fff.p crl-ff.p3 || exit 1 +cmp crl-f.p crl-ff.p1 || exit 1 +cmp crl-f.p crl-ff.p3 || exit 1 /bin/rm -f crl-f.* crl-ff.* crl-fff.* exit 0 diff --git a/test/testca b/test/testca index 0e2d05c572..8961cf8448 100644 --- a/test/testca +++ b/test/testca @@ -16,35 +16,28 @@ OPENSSL="`pwd`/../util/opensslwrap.sh" export OPENSSL /bin/rm -fr demoCA + +# Could do '...CA.pl -newca || exot 1 << EOF +# EOF' but that seems too obscure to me. :) OPENSSL_CONFIG=/dev/null $PERL ../apps/CA.pl -newca <$test; echo cat $cmd enc < $test > $test.cipher $cmd enc < $test.cipher >$test.clear -cmp $test $test.clear -if [ $? != 0 ] -then - exit 1 -else - /bin/rm $test.cipher $test.clear -fi +cmp $test $test.clear || exit 1 +/bin/rm $test.cipher $test.clear + echo base64 $cmd enc -a -e < $test > $test.cipher $cmd enc -a -d < $test.cipher >$test.clear -cmp $test $test.clear -if [ $? != 0 ] -then - exit 1 -else - /bin/rm $test.cipher $test.clear -fi +cmp $test $test.clear || exit 1 +/bin/rm $test.cipher $test.clear for i in `$cmd list-cipher-commands` do echo $i $cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher $cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear - cmp $test $test.$i.clear - if [ $? != 0 ] - then - exit 1 - else - /bin/rm $test.$i.cipher $test.$i.clear - fi + cmp $test $test.$i.clear || exit 1 + /bin/rm $test.$i.cipher $test.$i.clear echo $i base64 $cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher $cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear - cmp $test $test.$i.clear - if [ $? != 0 ] - then - exit 1 - else - /bin/rm $test.$i.cipher $test.$i.clear - fi + cmp $test $test.$i.clear || exit 1 + /bin/rm $test.$i.cipher $test.$i.clear done rm -f $test diff --git a/test/testgen b/test/testgen index ed53b4a5af..f4eb112232 100644 --- a/test/testgen +++ b/test/testgen @@ -18,7 +18,7 @@ echo "generating certificate request" echo "string to make the random number generator think it has entropy" >> ./.rnd -if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then +if ../util/shlib_wrap.sh ../apps/openssl no-rsa >/dev/null; then req_new='-newkey dsa:../apps/dsa512.pem' else req_new='-new' @@ -26,20 +26,12 @@ else echo "There should not be more that at most 80 per line" fi -echo "This could take some time." - rm -f testkey.pem testreq.pem -../util/shlib_wrap.sh ../apps/openssl req -config test.cnf $req_new -out testreq.pem -if [ $? != 0 ]; then -echo problems creating request -exit 1 -fi +echo Generating request +../util/shlib_wrap.sh ../apps/openssl req -config test.cnf $req_new -out testreq.pem || exit 1 -../util/shlib_wrap.sh ../apps/openssl req -config test.cnf -verify -in testreq.pem -noout -if [ $? != 0 ]; then -echo signature on req is wrong -exit 1 -fi +echo Verifying signature on request +../util/shlib_wrap.sh ../apps/openssl req -config test.cnf -verify -in testreq.pem -noout || exit 1 exit 0 diff --git a/test/testss b/test/testss index c846b77251..3afeb1168d 100644 --- a/test/testss +++ b/test/testss @@ -30,131 +30,71 @@ P2req="reqP2.ss" P2cert="certP2.ss" P2intermediate="tmp_intP2.ss" -echo -echo "make a certificate request using 'req'" -echo "string to make the random number generator think it has entropy" >> ./.rnd +echo string to make the random number generator think it has entropy >> ./.rnd -if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then +if ../util/shlib_wrap.sh ../apps/openssl no-rsa >/dev/null; then req_new='-newkey dsa:../apps/dsa512.pem' else req_new='-new' fi -$reqcmd -config $CAconf -out $CAreq -keyout $CAkey $req_new -if [ $? != 0 ]; then - echo "error using 'req' to generate a certificate request" - exit 1 -fi -echo -echo "convert the certificate request into a self signed certificate using 'x509'" -$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey -extfile $CAconf -extensions v3_ca >err.ss -if [ $? != 0 ]; then - echo "error using 'x509' to self sign a certificate request" - exit 1 -fi +echo make cert request +$reqcmd -config $CAconf -out $CAreq -keyout $CAkey $req_new || exit 1 -echo -echo "convert a certificate into a certificate request using 'x509'" -$x509cmd -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 >err.ss -if [ $? != 0 ]; then - echo "error using 'x509' convert a certificate to a certificate request" - exit 1 -fi +echo convert request into self-signed cert +$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey -extfile $CAconf -extensions v3_ca >err.ss || exit 1 -$reqcmd -config $dummycnf -verify -in $CAreq -noout -if [ $? != 0 ]; then - echo first generated request is invalid - exit 1 -fi +echo convert cert into a cert request +$x509cmd -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 >err.ss || exit 1 -$reqcmd -config $dummycnf -verify -in $CAreq2 -noout -if [ $? != 0 ]; then - echo second generated request is invalid - exit 1 -fi +echo verify request 1 +$reqcmd -config $dummycnf -verify -in $CAreq -noout || exit 1 -$verifycmd -CAfile $CAcert $CAcert -if [ $? != 0 ]; then - echo first generated cert is invalid - exit 1 -fi +echo verify request 1 +$reqcmd -config $dummycnf -verify -in $CAreq2 -noout || exit 1 -echo -echo "make a user certificate request using 'req'" -$reqcmd -config $Uconf -out $Ureq -keyout $Ukey $req_new >err.ss -if [ $? != 0 ]; then - echo "error using 'req' to generate a user certificate request" - exit 1 -fi +echo verify signature +$verifycmd -CAfile $CAcert $CAcert || exit 1 -echo -echo "sign user certificate request with the just created CA via 'x509'" -$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -extfile $Uconf -extensions v3_ee >err.ss -if [ $? != 0 ]; then - echo "error using 'x509' to sign a user certificate request" - exit 1 -fi +echo make a user cert request +$reqcmd -config $Uconf -out $Ureq -keyout $Ukey $req_new >err.ss || exit 1 -$verifycmd -CAfile $CAcert $Ucert -echo -echo "Certificate details" -$x509cmd -subject -issuer -startdate -enddate -noout -in $Ucert - -echo -echo "make a proxy certificate request using 'req'" -$reqcmd -config $P1conf -out $P1req -keyout $P1key $req_new >err.ss -if [ $? != 0 ]; then - echo "error using 'req' to generate a proxy certificate request" - exit 1 -fi +echo sign user cert request +$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -extfile $Uconf -extensions v3_ee >err.ss || exit 1 +$verifycmd -CAfile $CAcert $Ucert || exit 1 -echo -echo "sign proxy certificate request with the just created user certificate via 'x509'" -$x509cmd -CAcreateserial -in $P1req -days 30 -req -out $P1cert -CA $Ucert -CAkey $Ukey -extfile $P1conf -extensions v3_proxy >err.ss -if [ $? != 0 ]; then - echo "error using 'x509' to sign a proxy certificate request" - exit 1 -fi +echo Certificate details +$x509cmd -subject -issuer -startdate -enddate -noout -in $Ucert || exit 1 + +echo make a proxy cert request +$reqcmd -config $P1conf -out $P1req -keyout $P1key $req_new >err.ss || exit 1 + +echo sign proxy with user cert +$x509cmd -CAcreateserial -in $P1req -days 30 -req -out $P1cert -CA $Ucert -CAkey $Ukey -extfile $P1conf -extensions v3_proxy >err.ss || exit 1 cat $Ucert > $P1intermediate $verifycmd -CAfile $CAcert -untrusted $P1intermediate $P1cert -echo -echo "Certificate details" +echo Certificate details $x509cmd -subject -issuer -startdate -enddate -noout -in $P1cert -echo -echo "make another proxy certificate request using 'req'" -$reqcmd -config $P2conf -out $P2req -keyout $P2key $req_new >err.ss -if [ $? != 0 ]; then - echo "error using 'req' to generate another proxy certificate request" - exit 1 -fi +echo make another proxy cert request +$reqcmd -config $P2conf -out $P2req -keyout $P2key $req_new >err.ss || exit 1 -echo -echo "sign second proxy certificate request with the first proxy certificate via 'x509'" -$x509cmd -CAcreateserial -in $P2req -days 30 -req -out $P2cert -CA $P1cert -CAkey $P1key -extfile $P2conf -extensions v3_proxy >err.ss -if [ $? != 0 ]; then - echo "error using 'x509' to sign a second proxy certificate request" - exit 1 -fi +echo sign second proxy cert request with the first proxy cert +$x509cmd -CAcreateserial -in $P2req -days 30 -req -out $P2cert -CA $P1cert -CAkey $P1key -extfile $P2conf -extensions v3_proxy >err.ss || exit 1 +echo Certificate details cat $Ucert $P1cert > $P2intermediate $verifycmd -CAfile $CAcert -untrusted $P2intermediate $P2cert -echo -echo "Certificate details" $x509cmd -subject -issuer -startdate -enddate -noout -in $P2cert -echo echo The generated CA certificate is $CAcert echo The generated CA private key is $CAkey - echo The generated user certificate is $Ucert echo The generated user private key is $Ukey - echo The first generated proxy certificate is $P1cert echo The first generated proxy private key is $P1key - echo The second generated proxy certificate is $P2cert echo The second generated proxy private key is $P2key diff --git a/test/testtsa b/test/testtsa index a0588e39a6..df9abedff9 100644 --- a/test/testtsa +++ b/test/testtsa @@ -21,33 +21,23 @@ export SSLEAY_CONFIG OPENSSL="`pwd`/../util/opensslwrap.sh" export OPENSSL -error () { - - echo "TSA test failed!" >&2 - exit 1 -} - setup_dir () { - rm -rf tsa 2>/dev/null mkdir tsa cd ./tsa } clean_up_dir () { - cd .. rm -rf tsa } create_ca () { - - echo "Creating a new CA for the TSA tests..." + echo creating a new CA for the TSA tests TSDNSECT=ts_ca_dn export TSDNSECT ../../util/shlib_wrap.sh ../../apps/openssl req -new -x509 -nodes \ - -out tsaca.pem -keyout tsacakey.pem - test $? != 0 && error + -out tsaca.pem -keyout tsacakey.pem || exit 1 } create_tsa_cert () { @@ -59,14 +49,12 @@ create_tsa_cert () { export TSDNSECT ../../util/shlib_wrap.sh ../../apps/openssl req -new \ - -out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem - test $? != 0 && error -echo Using extension $EXT + -out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem || exit 1 + echo using extension $EXT ../../util/shlib_wrap.sh ../../apps/openssl x509 -req \ -in tsa_req${INDEX}.pem -out tsa_cert${INDEX}.pem \ -CA tsaca.pem -CAkey tsacakey.pem -CAcreateserial \ - -extfile $OPENSSL_CONF -extensions $EXT - test $? != 0 && error + -extfile $OPENSSL_CONF -extensions $EXT || exit 1 } print_request () { @@ -76,163 +64,133 @@ print_request () { create_time_stamp_request1 () { - ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy1 -cert -out req1.tsq - test $? != 0 && error + ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy1 -cert -out req1.tsq || exit 1 } create_time_stamp_request2 () { ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy2 -no_nonce \ - -out req2.tsq - test $? != 0 && error + -out req2.tsq || exit 1 } create_time_stamp_request3 () { - ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../CAtsa.cnf -no_nonce -out req3.tsq - test $? != 0 && error + ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../CAtsa.cnf -no_nonce -out req3.tsq || exit 1 } print_response () { - ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $1 -text - test $? != 0 && error + ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $1 -text || exit 1 } create_time_stamp_response () { - ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -section $3 -queryfile $1 -out $2 - test $? != 0 && error + ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -section $3 -queryfile $1 -out $2 || exit 1 } time_stamp_response_token_test () { RESPONSE2=$2.copy.tsr TOKEN_DER=$2.token.der - ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $TOKEN_DER -token_out - test $? != 0 && error - ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -out $RESPONSE2 - test $? != 0 && error - cmp $RESPONSE2 $2 - test $? != 0 && error - ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -text -token_out - test $? != 0 && error - ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -text -token_out - test $? != 0 && error - ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -queryfile $1 -text -token_out - test $? != 0 && error + ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $TOKEN_DER -token_out || exit 1 + ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -out $RESPONSE2 || exit 1 + cmp $RESPONSE2 $2 || exit 1 + ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -text -token_out || exit 1 + ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -text -token_out || exit 1 + ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -queryfile $1 -text -token_out || exit 1 } verify_time_stamp_response () { ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \ - -untrusted tsa_cert1.pem - test $? != 0 && error + -untrusted tsa_cert1.pem || exit 1 ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2 -CAfile tsaca.pem \ - -untrusted tsa_cert1.pem - test $? != 0 && error + -untrusted tsa_cert1.pem || exit 1 } verify_time_stamp_token () { # create the token from the response first - ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $2.token -token_out - test $? != 0 && error + ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $2.token -token_out || exit 1 ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2.token -token_in \ - -CAfile tsaca.pem -untrusted tsa_cert1.pem - test $? != 0 && error + -CAfile tsaca.pem -untrusted tsa_cert1.pem || exit 1 ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2.token -token_in \ - -CAfile tsaca.pem -untrusted tsa_cert1.pem - test $? != 0 && error + -CAfile tsaca.pem -untrusted tsa_cert1.pem || exit 1 } verify_time_stamp_response_fail () { ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \ - -untrusted tsa_cert1.pem - # Checks if the verification failed, as it should have. - test $? = 0 && error - echo Ok + -untrusted tsa_cert1.pem && exit 1 + echo ok } # main functions -echo "Setting up TSA test directory..." +echo setting up TSA test directory setup_dir -echo "Creating CA for TSA tests..." +echo creating CA for TSA tests create_ca -echo "Creating tsa_cert1.pem TSA server cert..." +echo creating tsa_cert1.pem TSA server cert create_tsa_cert 1 tsa_cert -echo "Creating tsa_cert2.pem non-TSA server cert..." +echo creating tsa_cert2.pem non-TSA server cert create_tsa_cert 2 non_tsa_cert -echo "Creating req1.req time stamp request for file testtsa..." +echo creating req1.req time stamp request for file testtsa create_time_stamp_request1 -echo "Printing req1.req..." +echo printing req1.req print_request req1.tsq -echo "Generating valid response for req1.req..." +echo generating valid response for req1.req create_time_stamp_response req1.tsq resp1.tsr tsa_config1 -echo "Printing response..." +echo printing response print_response resp1.tsr -echo "Verifying valid response..." +echo verifying valid response verify_time_stamp_response req1.tsq resp1.tsr ../testtsa -echo "Verifying valid token..." +echo verifying valid token verify_time_stamp_token req1.tsq resp1.tsr ../testtsa -# The tests below are commented out, because invalid signer certificates -# can no longer be specified in the config file. - -# echo "Generating _invalid_ response for req1.req..." -# create_time_stamp_response req1.tsq resp1_bad.tsr tsa_config2 - -# echo "Printing response..." -# print_response resp1_bad.tsr - -# echo "Verifying invalid response, it should fail..." -# verify_time_stamp_response_fail req1.tsq resp1_bad.tsr - -echo "Creating req2.req time stamp request for file testtsa..." +echo creating req2.req time stamp request for file testtsa create_time_stamp_request2 -echo "Printing req2.req..." +echo printing req2.req print_request req2.tsq -echo "Generating valid response for req2.req..." +echo generating valid response for req2.req create_time_stamp_response req2.tsq resp2.tsr tsa_config1 -echo "Checking '-token_in' and '-token_out' options with '-reply'..." +echo checking -token_in and -token_out options with -reply time_stamp_response_token_test req2.tsq resp2.tsr -echo "Printing response..." +echo printing response print_response resp2.tsr -echo "Verifying valid response..." +echo verifying valid response verify_time_stamp_response req2.tsq resp2.tsr ../testtsa -echo "Verifying response against wrong request, it should fail..." +echo verifying response against wrong request, it should fail verify_time_stamp_response_fail req1.tsq resp2.tsr -echo "Verifying response against wrong request, it should fail..." +echo verifying response against wrong request, it should fail verify_time_stamp_response_fail req2.tsq resp1.tsr -echo "Creating req3.req time stamp request for file CAtsa.cnf..." +echo creating req3.req time stamp request for file CAtsa.cnf create_time_stamp_request3 -echo "Printing req3.req..." +echo printing req3.req print_request req3.tsq -echo "Verifying response against wrong request, it should fail..." +echo verifying response against wrong request, it should fail verify_time_stamp_response_fail req3.tsq resp1.tsr -echo "Cleaning up..." +echo cleaning up clean_up_dir exit 0 diff --git a/test/tkey b/test/tkey index b7097e6f6f..c6abd2f3ea 100644 --- a/test/tkey +++ b/test/tkey @@ -20,81 +20,55 @@ echo testing $ktype $ptype conversions cp $t $ktype-fff.p echo "p -> d" -$cmd -in $ktype-fff.p -inform p -outform d >$ktype-f.d -if [ $? != 0 ]; then exit 1; fi +$cmd -in $ktype-fff.p -inform p -outform d >$ktype-f.d || exit 1 echo "p -> p" -$cmd -in $ktype-fff.p -inform p -outform p >$ktype-f.p -if [ $? != 0 ]; then exit 1; fi +$cmd -in $ktype-fff.p -inform p -outform p >$ktype-f.p || exit 1 echo "d -> d" -$cmd -in $ktype-f.d -inform d -outform d >$ktype-ff.d1 -if [ $? != 0 ]; then exit 1; fi +$cmd -in $ktype-f.d -inform d -outform d >$ktype-ff.d1 || exit 1 echo "p -> d" -$cmd -in $ktype-f.p -inform p -outform d >$ktype-ff.d3 -if [ $? != 0 ]; then exit 1; fi +$cmd -in $ktype-f.p -inform p -outform d >$ktype-ff.d3 || exit 1 echo "d -> p" -$cmd -in $ktype-f.d -inform d -outform p >$ktype-ff.p1 -if [ $? != 0 ]; then exit 1; fi +$cmd -in $ktype-f.d -inform d -outform p >$ktype-ff.p1 || exit 1 echo "p -> p" -$cmd -in $ktype-f.p -inform p -outform p >$ktype-ff.p3 -if [ $? != 0 ]; then exit 1; fi +$cmd -in $ktype-f.p -inform p -outform p >$ktype-ff.p3 || exit 1 -cmp $ktype-fff.p $ktype-f.p -if [ $? != 0 ]; then exit 1; fi -cmp $ktype-fff.p $ktype-ff.p1 -if [ $? != 0 ]; then exit 1; fi -cmp $ktype-fff.p $ktype-ff.p3 -if [ $? != 0 ]; then exit 1; fi - -cmp $ktype-f.p $ktype-ff.p1 -if [ $? != 0 ]; then exit 1; fi -cmp $ktype-f.p $ktype-ff.p3 -if [ $? != 0 ]; then exit 1; fi +cmp $ktype-fff.p $ktype-f.p || exit 1 +cmp $ktype-fff.p $ktype-ff.p1 || exit 1 +cmp $ktype-fff.p $ktype-ff.p3 || exit 1 +cmp $ktype-f.p $ktype-ff.p1 || exit 1 +cmp $ktype-f.p $ktype-ff.p3 || exit 1 /bin/rm -f $ktype-f.* $ktype-ff.* $ktype-fff.* -if [ $ptype = "public" ]; then - exit 0 -fi +[ $ptype = "public" ] && exit 0 -cmd="../util/shlib_wrap.sh ../apps/openssl pkey" echo testing $ktype PKCS#8 conversions +cmd="../util/shlib_wrap.sh ../apps/openssl pkey" $cmd -in $t -out $ktype-fff.p echo "p -> d" -$cmd -in $ktype-fff.p -inform p -outform d >$ktype-f.d -if [ $? != 0 ]; then exit 1; fi +$cmd -in $ktype-fff.p -inform p -outform d >$ktype-f.d || exit 1 echo "p -> p" -$cmd -in $ktype-fff.p -inform p -outform p >$ktype-f.p -if [ $? != 0 ]; then exit 1; fi +$cmd -in $ktype-fff.p -inform p -outform p >$ktype-f.p || exit 1 echo "d -> d" -$cmd -in $ktype-f.d -inform d -outform d >$ktype-ff.d1 -if [ $? != 0 ]; then exit 1; fi +$cmd -in $ktype-f.d -inform d -outform d >$ktype-ff.d1 || exit 1 echo "p -> d" -$cmd -in $ktype-f.p -inform p -outform d >$ktype-ff.d3 -if [ $? != 0 ]; then exit 1; fi +$cmd -in $ktype-f.p -inform p -outform d >$ktype-ff.d3 || exit 1 echo "d -> p" -$cmd -in $ktype-f.d -inform d -outform p >$ktype-ff.p1 -if [ $? != 0 ]; then exit 1; fi +$cmd -in $ktype-f.d -inform d -outform p >$ktype-ff.p1 || exit 1 echo "p -> p" -$cmd -in $ktype-f.p -inform p -outform p >$ktype-ff.p3 -if [ $? != 0 ]; then exit 1; fi - -cmp $ktype-fff.p $ktype-f.p -if [ $? != 0 ]; then exit 1; fi -cmp $ktype-fff.p $ktype-ff.p1 -if [ $? != 0 ]; then exit 1; fi -cmp $ktype-fff.p $ktype-ff.p3 -if [ $? != 0 ]; then exit 1; fi - -cmp $ktype-f.p $ktype-ff.p1 -if [ $? != 0 ]; then exit 1; fi -cmp $ktype-f.p $ktype-ff.p3 -if [ $? != 0 ]; then exit 1; fi +$cmd -in $ktype-f.p -inform p -outform p >$ktype-ff.p3 || exit 1 + +cmp $ktype-fff.p $ktype-f.p || exit 1 +cmp $ktype-fff.p $ktype-ff.p1 || exit 1 +cmp $ktype-fff.p $ktype-ff.p3 || exit 1 +cmp $ktype-f.p $ktype-ff.p1 || exit 1 +cmp $ktype-f.p $ktype-ff.p3 || exit 1 /bin/rm -f $ktype-f.* $ktype-ff.* $ktype-fff.* diff --git a/test/tpkcs7 b/test/tpkcs7 index 27bd34398d..a1e8c0a61b 100644 --- a/test/tpkcs7 +++ b/test/tpkcs7 @@ -13,37 +13,25 @@ echo testing pkcs7 conversions cp $t p7-fff.p echo "p -> d" -$cmd -in p7-fff.p -inform p -outform d >p7-f.d -if [ $? != 0 ]; then exit 1; fi +$cmd -in p7-fff.p -inform p -outform d >p7-f.d || exit 1 echo "p -> p" -$cmd -in p7-fff.p -inform p -outform p >p7-f.p -if [ $? != 0 ]; then exit 1; fi +$cmd -in p7-fff.p -inform p -outform p >p7-f.p || exit 1 echo "d -> d" -$cmd -in p7-f.d -inform d -outform d >p7-ff.d1 -if [ $? != 0 ]; then exit 1; fi +$cmd -in p7-f.d -inform d -outform d >p7-ff.d1 || exit 1 echo "p -> d" -$cmd -in p7-f.p -inform p -outform d >p7-ff.d3 -if [ $? != 0 ]; then exit 1; fi +$cmd -in p7-f.p -inform p -outform d >p7-ff.d3 || exit 1 echo "d -> p" -$cmd -in p7-f.d -inform d -outform p >p7-ff.p1 -if [ $? != 0 ]; then exit 1; fi +$cmd -in p7-f.d -inform d -outform p >p7-ff.p1 || exit 1 echo "p -> p" -$cmd -in p7-f.p -inform p -outform p >p7-ff.p3 -if [ $? != 0 ]; then exit 1; fi - -cmp p7-fff.p p7-f.p -if [ $? != 0 ]; then exit 1; fi -cmp p7-fff.p p7-ff.p1 -if [ $? != 0 ]; then exit 1; fi -cmp p7-fff.p p7-ff.p3 -if [ $? != 0 ]; then exit 1; fi - -cmp p7-f.p p7-ff.p1 -if [ $? != 0 ]; then exit 1; fi -cmp p7-f.p p7-ff.p3 -if [ $? != 0 ]; then exit 1; fi +$cmd -in p7-f.p -inform p -outform p >p7-ff.p3 || exit 1 + +cmp p7-fff.p p7-f.p || exit 1 +cmp p7-fff.p p7-ff.p1 || exit 1 +cmp p7-fff.p p7-ff.p3 || exit 1 +cmp p7-f.p p7-ff.p1 || exit 1 +cmp p7-f.p p7-ff.p3 || exit 1 /bin/rm -f p7-f.* p7-ff.* p7-fff.* exit 0 diff --git a/test/tpkcs7d b/test/tpkcs7d index 4354d59c80..9dc2932a38 100644 --- a/test/tpkcs7d +++ b/test/tpkcs7d @@ -13,30 +13,22 @@ echo "testing pkcs7 conversions (2)" cp $t p7d-fff.p echo "p -> d" -$cmd -in p7d-fff.p -inform p -outform d >p7d-f.d -if [ $? != 0 ]; then exit 1; fi +$cmd -in p7d-fff.p -inform p -outform d >p7d-f.d || exit 1 echo "p -> p" -$cmd -in p7d-fff.p -inform p -outform p >p7d-f.p -if [ $? != 0 ]; then exit 1; fi +$cmd -in p7d-fff.p -inform p -outform p >p7d-f.p || exit 1 echo "d -> d" -$cmd -in p7d-f.d -inform d -outform d >p7d-ff.d1 -if [ $? != 0 ]; then exit 1; fi +$cmd -in p7d-f.d -inform d -outform d >p7d-ff.d1 || exit 1 echo "p -> d" -$cmd -in p7d-f.p -inform p -outform d >p7d-ff.d3 -if [ $? != 0 ]; then exit 1; fi +$cmd -in p7d-f.p -inform p -outform d >p7d-ff.d3 || exit 1 echo "d -> p" -$cmd -in p7d-f.d -inform d -outform p >p7d-ff.p1 -if [ $? != 0 ]; then exit 1; fi +$cmd -in p7d-f.d -inform d -outform p >p7d-ff.p1 || exit 1 echo "p -> p" -$cmd -in p7d-f.p -inform p -outform p >p7d-ff.p3 -if [ $? != 0 ]; then exit 1; fi +$cmd -in p7d-f.p -inform p -outform p >p7d-ff.p3 || exit 1 -cmp p7d-f.p p7d-ff.p1 -if [ $? != 0 ]; then exit 1; fi -cmp p7d-f.p p7d-ff.p3 -if [ $? != 0 ]; then exit 1; fi +cmp p7d-f.p p7d-ff.p1 || exit 1 +cmp p7d-f.p p7d-ff.p3 || exit 1 /bin/rm -f p7d-f.* p7d-ff.* p7d-fff.* exit 0 diff --git a/test/treq b/test/treq index 82decceebe..89f088c757 100644 --- a/test/treq +++ b/test/treq @@ -18,40 +18,25 @@ echo testing req conversions cp $t req-fff.p echo "p -> d" -$cmd -in req-fff.p -inform p -outform d >req-f.d -if [ $? != 0 ]; then exit 1; fi +$cmd -in req-fff.p -inform p -outform d >req-f.d || exit 1 echo "p -> p" -$cmd -in req-fff.p -inform p -outform p >req-f.p -if [ $? != 0 ]; then exit 1; fi +$cmd -in req-fff.p -inform p -outform p >req-f.p || exit 1 echo "d -> d" -$cmd -verify -in req-f.d -inform d -outform d >req-ff.d1 -if [ $? != 0 ]; then exit 1; fi +$cmd -verify -in req-f.d -inform d -outform d >req-ff.d1 || exit 1 echo "p -> d" -$cmd -verify -in req-f.p -inform p -outform d >req-ff.d3 -if [ $? != 0 ]; then exit 1; fi - +$cmd -verify -in req-f.p -inform p -outform d >req-ff.d3 || exit 1 echo "d -> p" -$cmd -in req-f.d -inform d -outform p >req-ff.p1 -if [ $? != 0 ]; then exit 1; fi +$cmd -in req-f.d -inform d -outform p >req-ff.p1 || exit 1 echo "p -> p" -$cmd -in req-f.p -inform p -outform p >req-ff.p3 -if [ $? != 0 ]; then exit 1; fi - -cmp req-fff.p req-f.p -if [ $? != 0 ]; then exit 1; fi -cmp req-fff.p req-ff.p1 -if [ $? != 0 ]; then exit 1; fi -#cmp req-fff.p req-ff.p2 -#if [ $? != 0 ]; then exit 1; fi -cmp req-fff.p req-ff.p3 -if [ $? != 0 ]; then exit 1; fi - -cmp req-f.p req-ff.p1 -if [ $? != 0 ]; then exit 1; fi -cmp req-f.p req-ff.p3 -if [ $? != 0 ]; then exit 1; fi +$cmd -in req-f.p -inform p -outform p >req-ff.p3 || exit 1 + +cmp req-fff.p req-f.p || exit 1 +cmp req-fff.p req-ff.p1 || exit 1 +cmp req-fff.p req-ff.p3 || exit 1 +cmp req-f.p req-ff.p1 || exit 1 +cmp req-f.p req-ff.p3 || exit 1 /bin/rm -f req-f.* req-ff.* req-fff.* exit 0 diff --git a/test/tsid b/test/tsid index c80438343a..a5c1c736da 100644 --- a/test/tsid +++ b/test/tsid @@ -13,67 +13,25 @@ echo testing session-id conversions cp $t sid-fff.p echo "p -> d" -$cmd -in sid-fff.p -inform p -outform d >sid-f.d -if [ $? != 0 ]; then exit 1; fi -#echo "p -> t" -#$cmd -in sid-fff.p -inform p -outform t >sid-f.t -#if [ $? != 0 ]; then exit 1; fi +$cmd -in sid-fff.p -inform p -outform d >sid-f.d || exit 1 echo "p -> p" -$cmd -in sid-fff.p -inform p -outform p >sid-f.p -if [ $? != 0 ]; then exit 1; fi +$cmd -in sid-fff.p -inform p -outform p >sid-f.p || exit 1 echo "d -> d" -$cmd -in sid-f.d -inform d -outform d >sid-ff.d1 -if [ $? != 0 ]; then exit 1; fi -#echo "t -> d" -#$cmd -in sid-f.t -inform t -outform d >sid-ff.d2 -#if [ $? != 0 ]; then exit 1; fi +$cmd -in sid-f.d -inform d -outform d >sid-ff.d1 || exit 1 echo "p -> d" -$cmd -in sid-f.p -inform p -outform d >sid-ff.d3 -if [ $? != 0 ]; then exit 1; fi - -#echo "d -> t" -#$cmd -in sid-f.d -inform d -outform t >sid-ff.t1 -#if [ $? != 0 ]; then exit 1; fi -#echo "t -> t" -#$cmd -in sid-f.t -inform t -outform t >sid-ff.t2 -#if [ $? != 0 ]; then exit 1; fi -#echo "p -> t" -#$cmd -in sid-f.p -inform p -outform t >sid-ff.t3 -#if [ $? != 0 ]; then exit 1; fi +$cmd -in sid-f.p -inform p -outform d >sid-ff.d3 || exit 1 echo "d -> p" -$cmd -in sid-f.d -inform d -outform p >sid-ff.p1 -if [ $? != 0 ]; then exit 1; fi -#echo "t -> p" -#$cmd -in sid-f.t -inform t -outform p >sid-ff.p2 -#if [ $? != 0 ]; then exit 1; fi +$cmd -in sid-f.d -inform d -outform p >sid-ff.p1 || exit 1 echo "p -> p" -$cmd -in sid-f.p -inform p -outform p >sid-ff.p3 -if [ $? != 0 ]; then exit 1; fi - -cmp sid-fff.p sid-f.p -if [ $? != 0 ]; then exit 1; fi -cmp sid-fff.p sid-ff.p1 -if [ $? != 0 ]; then exit 1; fi -#cmp sid-fff.p sid-ff.p2 -#if [ $? != 0 ]; then exit 1; fi -cmp sid-fff.p sid-ff.p3 -if [ $? != 0 ]; then exit 1; fi - -#cmp sid-f.t sid-ff.t1 -#if [ $? != 0 ]; then exit 1; fi -#cmp sid-f.t sid-ff.t2 -#if [ $? != 0 ]; then exit 1; fi -#cmp sid-f.t sid-ff.t3 -#if [ $? != 0 ]; then exit 1; fi +$cmd -in sid-f.p -inform p -outform p >sid-ff.p3 || exit 1 -cmp sid-f.p sid-ff.p1 -if [ $? != 0 ]; then exit 1; fi -#cmp sid-f.p sid-ff.p2 -#if [ $? != 0 ]; then exit 1; fi -cmp sid-f.p sid-ff.p3 -if [ $? != 0 ]; then exit 1; fi +cmp sid-fff.p sid-f.p || exit 1 +cmp sid-fff.p sid-ff.p1 || exit 1 +cmp sid-fff.p sid-ff.p3 || exit 1 +cmp sid-f.p sid-ff.p1 || exit 1 +cmp sid-f.p sid-ff.p3 || exit 1 /bin/rm -f sid-f.* sid-ff.* sid-fff.* exit 0 diff --git a/test/tx509 b/test/tx509 index 4e9c0a54f2..f4774c0c99 100644 --- a/test/tx509 +++ b/test/tx509 @@ -13,67 +13,44 @@ echo testing X509 conversions cp $t x509-fff.p echo "p -> d" -$cmd -in x509-fff.p -inform p -outform d >x509-f.d -if [ $? != 0 ]; then exit 1; fi +$cmd -in x509-fff.p -inform p -outform d >x509-f.d || exit 1 echo "p -> n" -$cmd -in x509-fff.p -inform p -outform n >x509-f.n -if [ $? != 0 ]; then exit 1; fi +$cmd -in x509-fff.p -inform p -outform n >x509-f.n || exit 1 echo "p -> p" -$cmd -in x509-fff.p -inform p -outform p >x509-f.p -if [ $? != 0 ]; then exit 1; fi +$cmd -in x509-fff.p -inform p -outform p >x509-f.p || exit 1 echo "d -> d" -$cmd -in x509-f.d -inform d -outform d >x509-ff.d1 -if [ $? != 0 ]; then exit 1; fi +$cmd -in x509-f.d -inform d -outform d >x509-ff.d1 || exit 1 echo "n -> d" -$cmd -in x509-f.n -inform n -outform d >x509-ff.d2 -if [ $? != 0 ]; then exit 1; fi +$cmd -in x509-f.n -inform n -outform d >x509-ff.d2 || exit 1 echo "p -> d" -$cmd -in x509-f.p -inform p -outform d >x509-ff.d3 -if [ $? != 0 ]; then exit 1; fi +$cmd -in x509-f.p -inform p -outform d >x509-ff.d3 || exit 1 echo "d -> n" -$cmd -in x509-f.d -inform d -outform n >x509-ff.n1 -if [ $? != 0 ]; then exit 1; fi +$cmd -in x509-f.d -inform d -outform n >x509-ff.n1 || exit 1 echo "n -> n" -$cmd -in x509-f.n -inform n -outform n >x509-ff.n2 -if [ $? != 0 ]; then exit 1; fi +$cmd -in x509-f.n -inform n -outform n >x509-ff.n2 || exit 1 echo "p -> n" -$cmd -in x509-f.p -inform p -outform n >x509-ff.n3 -if [ $? != 0 ]; then exit 1; fi +$cmd -in x509-f.p -inform p -outform n >x509-ff.n3 || exit 1 echo "d -> p" -$cmd -in x509-f.d -inform d -outform p >x509-ff.p1 -if [ $? != 0 ]; then exit 1; fi +$cmd -in x509-f.d -inform d -outform p >x509-ff.p1 || exit 1 echo "n -> p" -$cmd -in x509-f.n -inform n -outform p >x509-ff.p2 -if [ $? != 0 ]; then exit 1; fi +$cmd -in x509-f.n -inform n -outform p >x509-ff.p2 || exit 1 echo "p -> p" -$cmd -in x509-f.p -inform p -outform p >x509-ff.p3 -if [ $? != 0 ]; then exit 1; fi - -cmp x509-fff.p x509-f.p -if [ $? != 0 ]; then exit 1; fi -cmp x509-fff.p x509-ff.p1 -if [ $? != 0 ]; then exit 1; fi -cmp x509-fff.p x509-ff.p2 -if [ $? != 0 ]; then exit 1; fi -cmp x509-fff.p x509-ff.p3 -if [ $? != 0 ]; then exit 1; fi - -cmp x509-f.n x509-ff.n1 -if [ $? != 0 ]; then exit 1; fi -cmp x509-f.n x509-ff.n2 -if [ $? != 0 ]; then exit 1; fi -cmp x509-f.n x509-ff.n3 -if [ $? != 0 ]; then exit 1; fi - -cmp x509-f.p x509-ff.p1 -if [ $? != 0 ]; then exit 1; fi -cmp x509-f.p x509-ff.p2 -if [ $? != 0 ]; then exit 1; fi -cmp x509-f.p x509-ff.p3 -if [ $? != 0 ]; then exit 1; fi +$cmd -in x509-f.p -inform p -outform p >x509-ff.p3 || exit 1 + +cmp x509-fff.p x509-f.p || exit 1 +cmp x509-fff.p x509-ff.p1 || exit 1 +cmp x509-fff.p x509-ff.p2 || exit 1 +cmp x509-fff.p x509-ff.p3 || exit 1 + +cmp x509-f.n x509-ff.n1 || exit 1 +cmp x509-f.n x509-ff.n2 || exit 1 +cmp x509-f.n x509-ff.n3 || exit 1 +cmp x509-f.p x509-ff.p1 || exit 1 +cmp x509-f.p x509-ff.p2 || exit 1 +cmp x509-f.p x509-ff.p3 || exit 1 /bin/rm -f x509-f.* x509-ff.* x509-fff.* exit 0 -- 2.25.1