- added two regression test scripts
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@586 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
7f6453d715
commit
5c7c2750b3
|
@ -0,0 +1,7 @@
|
||||||
|
|
||||||
|
|
||||||
|
This directory contains regression test scripts. Note this is still
|
||||||
|
work in progress, hopefully we will add more scripts by and by.
|
||||||
|
|
||||||
|
Run the test scripts from this directory. You need to have
|
||||||
|
OpenSC fully built in order for them to do anything useful.
|
|
@ -0,0 +1,46 @@
|
||||||
|
#!/bin/bash
|
||||||
|
#
|
||||||
|
# This test checks various aspects of RSA signature generation
|
||||||
|
#
|
||||||
|
# It needs a card with a private key+certificate pair at ID 45
|
||||||
|
#
|
||||||
|
# Run this from the regression test directory.
|
||||||
|
|
||||||
|
. functions
|
||||||
|
|
||||||
|
msg <<EOF
|
||||||
|
:::
|
||||||
|
::: Testing on-card signature facilities
|
||||||
|
:::
|
||||||
|
::: This test needs a card with a private key and certificate at ID 45.
|
||||||
|
:::
|
||||||
|
EOF
|
||||||
|
|
||||||
|
m=$p15temp/message
|
||||||
|
d=$p15temp/digest
|
||||||
|
s=$p15temp/signed
|
||||||
|
x=$p15temp/cert.pem
|
||||||
|
p=$p15temp/key.pem
|
||||||
|
|
||||||
|
msg "Extracting certificate"
|
||||||
|
run_check_status $p15tool -r 45 -o $x
|
||||||
|
|
||||||
|
msg "Extracting public key"
|
||||||
|
run_check_status openssl x509 -in $x -noout -pubkey > $p
|
||||||
|
|
||||||
|
# Set up message file
|
||||||
|
echo lalla > $m
|
||||||
|
|
||||||
|
msg "Signing and verifying using MD5"
|
||||||
|
run_check_status openssl dgst -md5 -binary -out $d < $m
|
||||||
|
run_check_status $p15crypt -s --md5 --pkcs1 -i $d -o $s
|
||||||
|
run_check_output "Verified OK" \
|
||||||
|
openssl dgst -verify $p -md5 -signature $s < $m
|
||||||
|
success
|
||||||
|
|
||||||
|
msg "Signing and verifying using SHA1"
|
||||||
|
run_check_status openssl dgst -sha1 -binary -out $d < $m
|
||||||
|
run_check_status $p15crypt -s --sha-1 --pkcs1 -i $d -o $s
|
||||||
|
run_check_output "Verified OK" \
|
||||||
|
openssl dgst -verify $p -sha1 -signature $s < $m
|
||||||
|
success
|
|
@ -0,0 +1,36 @@
|
||||||
|
#!/bin/bash
|
||||||
|
#
|
||||||
|
# This test checks various aspects of RSA decryption
|
||||||
|
#
|
||||||
|
# It needs a card with a private key+certificate pair at ID 45
|
||||||
|
#
|
||||||
|
# Run this from the regression test directory.
|
||||||
|
|
||||||
|
. functions
|
||||||
|
|
||||||
|
msg <<EOF
|
||||||
|
:::
|
||||||
|
::: Testing on-card decryption facilities
|
||||||
|
:::
|
||||||
|
::: This test needs a card with a private key and certificate at ID 45.
|
||||||
|
:::
|
||||||
|
EOF
|
||||||
|
|
||||||
|
o=$p15temp/plaintext
|
||||||
|
e=$p15temp/encrypted
|
||||||
|
d=$p15temp/decrypted
|
||||||
|
x=$p15temp/cert.pem
|
||||||
|
p=$p15temp/key.pem
|
||||||
|
|
||||||
|
msg "Extracting certificate"
|
||||||
|
run_check_status $p15tool -r 45 -o $x
|
||||||
|
|
||||||
|
msg "Extracting public key"
|
||||||
|
run_check_status openssl x509 -in $x -noout -pubkey > $p
|
||||||
|
|
||||||
|
msg "Encrypting message (pkcs1 padding)"
|
||||||
|
echo lalla > $o
|
||||||
|
run_check_status openssl rsautl -pubin -inkey $p -encrypt -in $o -out $e
|
||||||
|
run_check_status $p15crypt -c --pkcs1 -i $e -o $d
|
||||||
|
cmp $o $d || fail "Decrypted file does not match plain text file"
|
||||||
|
success
|
|
@ -0,0 +1,79 @@
|
||||||
|
#!/bin/bash
|
||||||
|
#
|
||||||
|
# Functions for the regression test scripts
|
||||||
|
#
|
||||||
|
|
||||||
|
if [ -z "$__p15init__" ]; then
|
||||||
|
__p15init__=1
|
||||||
|
|
||||||
|
p15base=${P15_BASE:-../..}
|
||||||
|
p15temp=${P15_TEMP:-./test-data}
|
||||||
|
|
||||||
|
p15crypt=$p15base/tools/pkcs15-crypt
|
||||||
|
p15tool=$p15base/tools/pkcs15-tool
|
||||||
|
p15log=$p15temp/test.log
|
||||||
|
|
||||||
|
for bin in $p15tool $p15crypt; do
|
||||||
|
test -x $bin && continue
|
||||||
|
echo "*** Missing binary $bin" >&2
|
||||||
|
exit 1
|
||||||
|
done
|
||||||
|
|
||||||
|
mkdir -p $p15temp
|
||||||
|
trap "rm -rf $p15temp" 0 1 2 13 15
|
||||||
|
|
||||||
|
# Redirect output to log file, but keep copies of
|
||||||
|
# stdout/stderr descriptors on fd 3 and 4
|
||||||
|
exec 3>&1 4>&2 >$p15log 2>&1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Clobber log file
|
||||||
|
cp /dev/null $p15log
|
||||||
|
|
||||||
|
|
||||||
|
function msg {
|
||||||
|
|
||||||
|
if [ $# -eq 0 ]; then
|
||||||
|
# This is a here script
|
||||||
|
cat >&3
|
||||||
|
else
|
||||||
|
echo "::: $*" >&3
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
function fail {
|
||||||
|
(
|
||||||
|
echo "*** $*"
|
||||||
|
echo "---"
|
||||||
|
cat $p15log
|
||||||
|
) >&4
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
|
||||||
|
function success {
|
||||||
|
|
||||||
|
msg "SUCCESS"
|
||||||
|
}
|
||||||
|
|
||||||
|
function run_check_status {
|
||||||
|
|
||||||
|
echo ":::::: run_check_status $*"
|
||||||
|
eval "$@" || fail "Command failed (status code $?): $*"
|
||||||
|
}
|
||||||
|
|
||||||
|
function run_check_output {
|
||||||
|
|
||||||
|
msg=$1
|
||||||
|
shift
|
||||||
|
|
||||||
|
echo ":::::: run_check_output \"$1\" $*"
|
||||||
|
out=`eval "$@" 2>&1`
|
||||||
|
|
||||||
|
# Make sure output makes it to log file
|
||||||
|
echo $out
|
||||||
|
|
||||||
|
case $out in
|
||||||
|
"$msg") return 0;;
|
||||||
|
*) fail "Command failed (expected $msg): $*";;
|
||||||
|
esac
|
||||||
|
}
|
Loading…
Reference in New Issue