diff --git a/src/tests/regression/README b/src/tests/regression/README new file mode 100644 index 00000000..18bcc277 --- /dev/null +++ b/src/tests/regression/README @@ -0,0 +1,7 @@ + + +This directory contains regression test scripts. Note this is still +work in progress, hopefully we will add more scripts by and by. + +Run the test scripts from this directory. You need to have +OpenSC fully built in order for them to do anything useful. diff --git a/src/tests/regression/crypt0001 b/src/tests/regression/crypt0001 new file mode 100755 index 00000000..1104bd77 --- /dev/null +++ b/src/tests/regression/crypt0001 @@ -0,0 +1,46 @@ +#!/bin/bash +# +# This test checks various aspects of RSA signature generation +# +# It needs a card with a private key+certificate pair at ID 45 +# +# Run this from the regression test directory. + +. functions + +msg < $p + +# Set up message file +echo lalla > $m + +msg "Signing and verifying using MD5" +run_check_status openssl dgst -md5 -binary -out $d < $m +run_check_status $p15crypt -s --md5 --pkcs1 -i $d -o $s +run_check_output "Verified OK" \ + openssl dgst -verify $p -md5 -signature $s < $m +success + +msg "Signing and verifying using SHA1" +run_check_status openssl dgst -sha1 -binary -out $d < $m +run_check_status $p15crypt -s --sha-1 --pkcs1 -i $d -o $s +run_check_output "Verified OK" \ + openssl dgst -verify $p -sha1 -signature $s < $m +success diff --git a/src/tests/regression/crypt0002 b/src/tests/regression/crypt0002 new file mode 100755 index 00000000..793cb1cf --- /dev/null +++ b/src/tests/regression/crypt0002 @@ -0,0 +1,36 @@ +#!/bin/bash +# +# This test checks various aspects of RSA decryption +# +# It needs a card with a private key+certificate pair at ID 45 +# +# Run this from the regression test directory. + +. functions + +msg < $p + +msg "Encrypting message (pkcs1 padding)" +echo lalla > $o +run_check_status openssl rsautl -pubin -inkey $p -encrypt -in $o -out $e +run_check_status $p15crypt -c --pkcs1 -i $e -o $d +cmp $o $d || fail "Decrypted file does not match plain text file" +success diff --git a/src/tests/regression/functions b/src/tests/regression/functions new file mode 100755 index 00000000..7dac0790 --- /dev/null +++ b/src/tests/regression/functions @@ -0,0 +1,79 @@ +#!/bin/bash +# +# Functions for the regression test scripts +# + +if [ -z "$__p15init__" ]; then + __p15init__=1 + + p15base=${P15_BASE:-../..} + p15temp=${P15_TEMP:-./test-data} + + p15crypt=$p15base/tools/pkcs15-crypt + p15tool=$p15base/tools/pkcs15-tool + p15log=$p15temp/test.log + + for bin in $p15tool $p15crypt; do + test -x $bin && continue + echo "*** Missing binary $bin" >&2 + exit 1 + done + + mkdir -p $p15temp + trap "rm -rf $p15temp" 0 1 2 13 15 + + # Redirect output to log file, but keep copies of + # stdout/stderr descriptors on fd 3 and 4 + exec 3>&1 4>&2 >$p15log 2>&1 +fi + +# Clobber log file +cp /dev/null $p15log + + +function msg { + + if [ $# -eq 0 ]; then + # This is a here script + cat >&3 + else + echo "::: $*" >&3 + fi +} + +function fail { + ( + echo "*** $*" + echo "---" + cat $p15log + ) >&4 + exit 1 +} + +function success { + + msg "SUCCESS" +} + +function run_check_status { + + echo ":::::: run_check_status $*" + eval "$@" || fail "Command failed (status code $?): $*" +} + +function run_check_output { + + msg=$1 + shift + + echo ":::::: run_check_output \"$1\" $*" + out=`eval "$@" 2>&1` + + # Make sure output makes it to log file + echo $out + + case $out in + "$msg") return 0;; + *) fail "Command failed (expected $msg): $*";; + esac +}