Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
1c73c3bc
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
1 年多 前同步成功
通知
9
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
1c73c3bc
编写于
9月 06, 2015
作者:
R
Richard Levitte
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Change the 80-test_tsa recipe as per changes in testtsa
Reviewed-by:
N
Rich Salz
<
rsalz@openssl.org
>
上级
ca5d7dff
变更
1
隐藏空白更改
内联
并排
Showing
1 changed file
with
136 addition
and
164 deletion
+136
-164
test/recipes/80-test_tsa.t
test/recipes/80-test_tsa.t
+136
-164
未找到文件。
test/recipes/80-test_tsa.t
浏览文件 @
1c73c3bc
...
...
@@ -14,61 +14,24 @@ setup("test_tsa");
# here, however, to be available in all subroutines.
my
$testtsa
;
my
$CAtsa
;
sub
create_ca
{
$ENV
{
TSDNSECT
}
=
"
ts_ca_dn
";
return
ok
(
run
(
app
(["
openssl
",
"
req
",
"
-new
",
"
-x509
",
"
-nodes
",
"
-out
",
"
tsaca.pem
",
"
-keyout
",
"
tsacakey.pem
"])),
'
creating a new CA for the TSA tests
');
}
my
@RUN
=
("
openssl
",
"
ts
");
sub
create_tsa_cert
{
my
$INDEX
=
shift
;
my
$EXT
=
shift
;
my
$r
=
1
;
$ENV
{
TSDNSECT
}
=
"
ts_c
a
_dn
";
$ENV
{
TSDNSECT
}
=
"
ts_c
ert
_dn
";
$r
*=
ok
(
run
(
app
(["
openssl
",
"
req
",
"
-new
",
"
-out
",
"
tsa_req
${INDEX}
.pem
",
"
-keyout
",
"
tsa_key
${INDEX}
.pem
"])));
ok
(
run
(
app
(["
openssl
",
"
req
",
"
-new
",
"
-out
",
"
tsa_req
${INDEX}
.pem
",
"
-keyout
",
"
tsa_key
${INDEX}
.pem
"])));
note
"
using extension
$EXT
";
$r
*=
ok
(
run
(
app
(["
openssl
",
"
x509
",
"
-req
",
"
-in
",
"
tsa_req
${INDEX}
.pem
",
"
-out
",
"
tsa_cert
${INDEX}
.pem
",
"
-CA
",
"
tsaca.pem
",
"
-CAkey
",
"
tsacakey.pem
",
"
-CAcreateserial
",
"
-extfile
",
$ENV
{
OPENSSL_CONF
},
"
-extensions
",
$EXT
])));
return
$r
;
}
sub
print_request
{
my
$input
=
shift
;
return
ok
(
run
(
app
(["
openssl
",
"
ts
",
"
-query
",
"
-in
",
$input
,
"
-text
"])));
}
sub
create_time_stamp_request1
{
return
ok
(
run
(
app
(["
openssl
",
"
ts
",
"
-query
",
"
-data
",
$testtsa
,
"
-policy
",
"
tsa_policy1
",
"
-cert
",
"
-out
",
"
req1.tsq
"])));
}
sub
create_time_stamp_request2
{
return
ok
(
run
(
app
(["
openssl
",
"
ts
",
"
-query
",
"
-data
",
$testtsa
,
"
-policy
",
"
tsa_policy2
",
"
-no_nonce
",
"
-out
",
"
req2.tsq
"])));
}
sub
create_time_stamp_request3
{
return
ok
(
run
(
app
(["
openssl
",
"
ts
",
"
-query
",
"
-data
",
$CAtsa
,
"
-no_nonce
",
"
-out
",
"
req3.tsq
"])))
}
sub
print_response
{
my
$inputfile
=
shift
;
return
ok
(
run
(
app
(["
openssl
",
"
ts
",
"
-reply
",
"
-in
",
"
$inputfile
",
"
-text
"])));
ok
(
run
(
app
(["
openssl
",
"
x509
",
"
-req
",
"
-in
",
"
tsa_req
${INDEX}
.pem
",
"
-out
",
"
tsa_cert
${INDEX}
.pem
",
"
-CA
",
"
tsaca.pem
",
"
-CAkey
",
"
tsacakey.pem
",
"
-CAcreateserial
",
"
-extfile
",
$ENV
{
OPENSSL_CONF
},
"
-extensions
",
$EXT
])));
}
sub
create_time_stamp_response
{
...
...
@@ -76,22 +39,8 @@ sub create_time_stamp_response {
my
$outputfile
=
shift
;
my
$datafile
=
shift
;
return
ok
(
run
(
app
(["
openssl
",
"
ts
",
"
-reply
",
"
-section
",
"
$datafile
",
"
-queryfile
",
"
$queryfile
",
"
-out
",
"
$outputfile
"])));
}
sub
time_stamp_response_token_test
{
my
$queryfile
=
shift
;
my
$inputfile
=
shift
;
my
$RESPONSE2
=
"
$inputfile
.copy.tsr
";
my
$TOKEN_DER
=
"
$inputfile
.token.der
";
ok
(
run
(
app
(["
openssl
",
"
ts
",
"
-reply
",
"
-in
",
"
$inputfile
",
"
-out
",
"
$TOKEN_DER
",
"
-token_out
"])));
ok
(
run
(
app
(["
openssl
",
"
ts
",
"
-reply
",
"
-in
",
"
$TOKEN_DER
",
"
-token_in
",
"
-out
",
"
$RESPONSE2
"])));
is
(
compare
(
$RESPONSE2
,
$inputfile
),
0
);
ok
(
run
(
app
(["
openssl
",
"
ts
",
"
-reply
",
"
-in
",
"
$inputfile
",
"
-text
",
"
-token_out
"])));
ok
(
run
(
app
(["
openssl
",
"
ts
",
"
-reply
",
"
-in
",
"
$TOKEN_DER
",
"
-token_in
",
"
-text
",
"
-token_out
"])));
ok
(
run
(
app
(["
openssl
",
"
ts
",
"
-reply
",
"
-queryfile
",
"
$queryfile
",
"
-text
",
"
-token_out
"])));
ok
(
run
(
app
([
@RUN
,
"
-reply
",
"
-section
",
"
$datafile
",
"
-queryfile
",
"
$queryfile
",
"
-out
",
"
$outputfile
"])));
}
sub
verify_time_stamp_response
{
...
...
@@ -99,32 +48,30 @@ sub verify_time_stamp_response {
my
$inputfile
=
shift
;
my
$datafile
=
shift
;
ok
(
run
(
app
(["
openssl
",
"
ts
",
"
-verify
",
"
-queryfile
",
"
$queryfile
",
"
-in
",
"
$inputfile
",
"
-CAfile
",
"
tsaca.pem
",
"
-untrusted
",
"
tsa_cert1.pem
"])));
ok
(
run
(
app
(["
openssl
",
"
ts
",
"
-verify
",
"
-data
",
"
$datafile
",
"
-in
",
"
$inputfile
",
"
-CAfile
",
"
tsaca.pem
",
"
-untrusted
",
"
tsa_cert1.pem
"])));
}
sub
verify_time_stamp_token
{
my
$queryfile
=
shift
;
my
$inputfile
=
shift
;
my
$datafile
=
shift
;
# create the token from the response first
ok
(
run
(
app
(["
openssl
",
"
ts
",
"
-reply
",
"
-in
",
"
$inputfile
",
"
-out
",
"
$inputfile
.token
",
"
-token_out
"])));
ok
(
run
(
app
(["
openssl
",
"
ts
",
"
-verify
",
"
-queryfile
",
"
$queryfile
",
"
-in
",
"
$inputfile
.token
",
"
-token_in
",
"
-CAfile
",
"
tsaca.pem
",
"
-untrusted
",
"
tsa_cert1.pem
"])));
ok
(
run
(
app
(["
openssl
",
"
ts
",
"
-verify
",
"
-data
",
"
$datafile
",
"
-in
",
"
$inputfile
.token
",
"
-token_in
",
"
-CAfile
",
"
tsaca.pem
",
"
-untrusted
",
"
tsa_cert1.pem
"])));
ok
(
run
(
app
([
@RUN
,
"
-verify
",
"
-queryfile
",
"
$queryfile
",
"
-in
",
"
$inputfile
",
"
-CAfile
",
"
tsaca.pem
",
"
-untrusted
",
"
tsa_cert1.pem
"])));
ok
(
run
(
app
([
@RUN
,
"
-verify
",
"
-data
",
"
$datafile
",
"
-in
",
"
$inputfile
",
"
-CAfile
",
"
tsaca.pem
",
"
-untrusted
",
"
tsa_cert1.pem
"])));
}
sub
verify_time_stamp_response_fail
{
my
$queryfile
=
shift
;
my
$inputfile
=
shift
;
ok
(
!
run
(
app
(["
openssl
",
"
ts
",
"
-verify
",
"
-queryfile
",
"
$queryfile
",
"
-in
",
"
$inputfile
",
"
-CAfile
",
"
tsaca.pem
",
"
-untrusted
",
"
tsa_cert1.pem
"])));
ok
(
!
run
(
app
([
@RUN
,
"
-verify
",
"
-queryfile
",
"
$queryfile
",
"
-in
",
"
$inputfile
",
"
-CAfile
",
"
tsaca.pem
",
"
-untrusted
",
"
tsa_cert1.pem
"])));
}
# main functions
indir
"
tsa
"
=>
sub
{
plan
tests
=>
20
;
note
"
setting up TSA test directory
";
indir
"
tsa
"
=>
sub
{
$ENV
{
OPENSSL_CONF
}
=
top_file
("
test
",
"
CAtsa.cnf
");
# Because that's what ../apps/CA.pl really looks at
$ENV
{
SSLEAY_CONFIG
}
=
"
-config
"
.
$ENV
{
OPENSSL_CONF
};
...
...
@@ -132,89 +79,114 @@ indir "tsa" => sub {
$testtsa
=
top_file
("
test
",
"
recipes
",
"
80-test_tsa.t
");
$CAtsa
=
top_file
("
test
",
"
CAtsa.cnf
");
plan
tests
=>
20
;
SKIP:
{
skip
"
failed
",
19
if
!
subtest
'
creating CA for TSA tests
'
=>
sub
{
create_ca
};
skip
"
failed
",
18
if
!
subtest
'
creating tsa_cert1.pem TSA server cert
'
=>
sub
{
create_tsa_cert
("
1
",
"
tsa_cert
")
};
skip
"
failed
",
17
if
!
subtest
'
creating tsa_cert2.pem non-TSA server cert
'
=>
sub
{
create_tsa_cert
("
2
",
"
non_tsa_cert
")
};
skip
"
failed
",
16
if
!
subtest
'
creating req1.req time stamp request for file testtsa
'
=>
sub
{
create_time_stamp_request1
()
};
subtest
'
printing req1.req
'
=>
sub
{
print_request
("
req1.tsq
")
};
subtest
'
generating valid response for req1.req
'
=>
sub
{
create_time_stamp_response
("
req1.tsq
",
"
resp1.tsr
",
"
tsa_config1
")
};
subtest
'
printing response
'
=>
sub
{
print_response
("
resp1.tsr
")
};
subtest
'
verifying valid response
'
=>
sub
{
verify_time_stamp_response
("
req1.tsq
",
"
resp1.tsr
",
$testtsa
)
};
subtest
'
verifying valid token
'
=>
sub
{
verify_time_stamp_token
("
req1.tsq
",
"
resp1.tsr
",
$testtsa
)
};
subtest
'
creating req2.req time stamp request for file testtsa
'
=>
sub
{
create_time_stamp_request2
()
};
subtest
'
printing req2.req
'
=>
sub
{
print_request
("
req2.tsq
")
};
subtest
'
generating valid response for req2.req
'
=>
sub
{
create_time_stamp_response
("
req2.tsq
",
"
resp2.tsr
",
"
tsa_config1
")
};
subtest
'
checking -token_in and -token_out options with -reply
'
=>
sub
{
time_stamp_response_token_test
("
req2.tsq
",
"
resp2.tsr
")
};
subtest
'
printing response
'
=>
sub
{
print_response
("
resp2.tsr
")
};
subtest
'
verifying valid response
'
=>
sub
{
verify_time_stamp_response
("
req2.tsq
",
"
resp2.tsr
",
$testtsa
)
};
subtest
'
verifying response against wrong request, it should fail
'
=>
sub
{
verify_time_stamp_response_fail
("
req1.tsq
",
"
resp2.tsr
")
};
subtest
'
verifying response against wrong request, it should fail
'
=>
sub
{
verify_time_stamp_response_fail
("
req2.tsq
",
"
resp1.tsr
")
};
subtest
'
creating req3.req time stamp request for file CAtsa.cnf
'
=>
sub
{
create_time_stamp_request3
()
};
subtest
'
printing req3.req
'
=>
sub
{
print_request
("
req3.tsq
")
};
subtest
'
verifying response against wrong request, it should fail
'
=>
sub
{
verify_time_stamp_response_fail
("
req3.tsq
",
"
resp1.tsr
")
};
SKIP:
{
$ENV
{
TSDNSECT
}
=
"
ts_ca_dn
";
skip
"
failed
",
19
unless
ok
(
run
(
app
(["
openssl
",
"
req
",
"
-new
",
"
-x509
",
"
-nodes
",
"
-out
",
"
tsaca.pem
",
"
-keyout
",
"
tsacakey.pem
"])),
'
creating a new CA for the TSA tests
');
skip
"
failed
",
18
unless
subtest
'
creating tsa_cert1.pem TSA server cert
'
=>
sub
{
create_tsa_cert
("
1
",
"
tsa_cert
")
};
skip
"
failed
",
17
unless
subtest
'
creating tsa_cert2.pem non-TSA server cert
'
=>
sub
{
create_tsa_cert
("
2
",
"
non_tsa_cert
")
};
skip
"
failed
",
16
unless
ok
(
run
(
app
([
@RUN
,
"
-query
",
"
-data
",
$testtsa
,
"
-policy
",
"
tsa_policy1
",
"
-cert
",
"
-out
",
"
req1.tsq
"])),
'
creating req1.req time stamp request for file testtsa
');
ok
(
run
(
app
([
@RUN
,
"
-query
",
"
-in
",
"
req1.tsq
",
"
-text
"])),
'
printing req1.req
');
subtest
'
generating valid response for req1.req
'
=>
sub
{
create_time_stamp_response
("
req1.tsq
",
"
resp1.tsr
",
"
tsa_config1
")
};
ok
(
run
(
app
([
@RUN
,
"
-reply
",
"
-in
",
"
resp1.tsr
",
"
-text
"])),
'
printing response
');
subtest
'
verifying valid response
'
=>
sub
{
verify_time_stamp_response
("
req1.tsq
",
"
resp1.tsr
",
$testtsa
)
};
skip
"
failed
",
11
unless
subtest
'
verifying valid token
'
=>
sub
{
ok
(
run
(
app
([
@RUN
,
"
-reply
",
"
-in
",
"
resp1.tsr
",
"
-out
",
"
resp1.tsr.token
",
"
-token_out
"])));
ok
(
run
(
app
([
@RUN
,
"
-verify
",
"
-queryfile
",
"
req1.tsq
",
"
-in
",
"
resp1.tsr.token
",
"
-token_in
",
"
-CAfile
",
"
tsaca.pem
",
"
-untrusted
",
"
tsa_cert1.pem
"])));
ok
(
run
(
app
([
@RUN
,
"
-verify
",
"
-data
",
$testtsa
,
"
-in
",
"
resp1.tsr.token
",
"
-token_in
",
"
-CAfile
",
"
tsaca.pem
",
"
-untrusted
",
"
tsa_cert1.pem
"])));
};
skip
"
failed
",
10
unless
ok
(
run
(
app
([
@RUN
,
"
-query
",
"
-data
",
$testtsa
,
"
-policy
",
"
tsa_policy2
",
"
-no_nonce
",
"
-out
",
"
req2.tsq
"])),
'
creating req2.req time stamp request for file testtsa
');
ok
(
run
(
app
([
@RUN
,
"
-query
",
"
-in
",
"
req2.tsq
",
"
-text
"])),
'
printing req2.req
');
skip
"
failed
",
8
unless
subtest
'
generating valid response for req2.req
'
=>
sub
{
create_time_stamp_response
("
req2.tsq
",
"
resp2.tsr
",
"
tsa_config1
")
};
skip
"
failed
",
7
unless
subtest
'
checking -token_in and -token_out options with -reply
'
=>
sub
{
my
$RESPONSE2
=
"
resp2.tsr.copy.tsr
";
my
$TOKEN_DER
=
"
resp2.tsr.token.der
";
ok
(
run
(
app
([
@RUN
,
"
-reply
",
"
-in
",
"
resp2.tsr
",
"
-out
",
"
$TOKEN_DER
",
"
-token_out
"])));
ok
(
run
(
app
([
@RUN
,
"
-reply
",
"
-in
",
"
$TOKEN_DER
",
"
-token_in
",
"
-out
",
"
$RESPONSE2
"])));
is
(
compare
(
$RESPONSE2
,
"
resp2.tsr
"),
0
);
ok
(
run
(
app
([
@RUN
,
"
-reply
",
"
-in
",
"
resp2.tsr
",
"
-text
",
"
-token_out
"])));
ok
(
run
(
app
([
@RUN
,
"
-reply
",
"
-in
",
"
$TOKEN_DER
",
"
-token_in
",
"
-text
",
"
-token_out
"])));
ok
(
run
(
app
([
@RUN
,
"
-reply
",
"
-queryfile
",
"
req2.tsq
",
"
-text
",
"
-token_out
"])));
};
ok
(
run
(
app
([
@RUN
,
"
-reply
",
"
-in
",
"
resp2.tsr
",
"
-text
"])),
'
printing response
');
subtest
'
verifying valid response
'
=>
sub
{
verify_time_stamp_response
("
req2.tsq
",
"
resp2.tsr
",
$testtsa
)
};
subtest
'
verifying response against wrong request, it should fail
'
=>
sub
{
verify_time_stamp_response_fail
("
req1.tsq
",
"
resp2.tsr
")
};
subtest
'
verifying response against wrong request, it should fail
'
=>
sub
{
verify_time_stamp_response_fail
("
req2.tsq
",
"
resp1.tsr
")
};
skip
"
failure
",
2
unless
ok
(
run
(
app
([
@RUN
,
"
-query
",
"
-data
",
$CAtsa
,
"
-no_nonce
",
"
-out
",
"
req3.tsq
"])),
"
creating req3.req time stamp request for file CAtsa.cnf
");
ok
(
run
(
app
([
@RUN
,
"
-query
",
"
-in
",
"
req3.tsq
",
"
-text
"])),
'
printing req3.req
');
subtest
'
verifying response against wrong request, it should fail
'
=>
sub
{
verify_time_stamp_response_fail
("
req3.tsq
",
"
resp1.tsr
")
};
}
},
c
leanup
=>
1
,
create
=>
1
;
},
c
reate
=>
1
,
cleanup
=>
1
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录