Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
8937a13e
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
1 年多 前同步成功
通知
10
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
8937a13e
编写于
2月 26, 2006
作者:
R
Richard Levitte
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Add a TSA test. testtsa.com is a manual sh to dcl translation of
testtsa.
上级
19017d40
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
279 addition
and
6 deletion
+279
-6
test/tests.com
test/tests.com
+19
-6
test/testtsa.com
test/testtsa.com
+260
-0
未找到文件。
test/tests.com
浏览文件 @
8937a13e
...
@@ -20,12 +20,12 @@ $ tests = p1
...
@@ -20,12 +20,12 @@ $ tests = p1
$ else
$ else
$ tests := -
$ tests := -
test_des,test_idea,test_sha,test_md4,test_md5,test_hmac,-
test_des,test_idea,test_sha,test_md4,test_md5,test_hmac,-
test_md2,test_mdc2,-
test_md2,test_mdc2,
test_wp,
-
test_rmd,test_rc2,test_rc4,test_rc5,test_bf,test_cast,test_
rd
,-
test_rmd,test_rc2,test_rc4,test_rc5,test_bf,test_cast,test_
aes
,-
test_rand,test_bn,test_ec,test_ecdsa,test_ecdh,-
test_rand,test_bn,test_ec,test_ecdsa,test_ecdh,-
test_enc,test_x509,test_rsa,test_crl,test_sid,-
test_enc,test_x509,test_rsa,test_crl,test_sid,-
test_gen,test_req,test_pkcs7,test_verify,test_dh,test_dsa,-
test_gen,test_req,test_pkcs7,test_verify,test_dh,test_dsa,-
test_ss,test_ca,test_engine,test_evp,test_ssl
test_ss,test_ca,test_engine,test_evp,test_ssl
,test_tsa
$ endif
$ endif
$ tests = f$edit(tests,"COLLAPSE")
$ tests = f$edit(tests,"COLLAPSE")
$
$
...
@@ -246,9 +246,22 @@ $ write sys$output "Generate and certify a test certificate via the 'ca' pro
...
@@ -246,9 +246,22 @@ $ write sys$output "Generate and certify a test certificate via the 'ca' pro
$ @testca.com
$ @testca.com
$ endif
$ endif
$ return
$ return
$ test_rd:
$ test_aes:
$ write sys$output "test Rijndael"
$! write sys$output "test AES"
$ !mcr 'texe_dir''rdtest'
$! !mcr 'texe_dir''aestest'
$ return
$ test_tsa:
$ set noon
$ define/user sys$output nla0:
$ mcr 'exe_dir'openssl no-rsa
$ save_severity=$SEVERITY
$ set on
$ if save_severity
$ then
$ write sys$output "skipping testtsa.com test -- requires RSA"
$ else
$ @testtsa.com
$ endif
$ return
$ return
$
$
$
$
...
...
test/testtsa.com
0 → 100644
浏览文件 @
8937a13e
$!
$! A few very basic tests for the 'ts' time stamping authority command.
$!
$
$ __arch := VAX
$ if f$getsyi("cpu") .ge. 128 then __arch := AXP
$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
$
$ openssl := mcr 'exe_dir'openssl
$ OPENSSL_CONF := [-]CAtsa.cnf
$
$ error:
$ subroutine
$ write sys$error "TSA test failed!"
$ exit 3
$ endsubroutine
$
$ setup_dir:
$ subroutine
$
$ @[-.utils]deltree [.tsa]*.*
$ set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) tsa.dir;*
$ delete tsa.dir;*
$
$ create/dir [.tsa]
$ set default [.tsa]
$ endsubroutine
$
$ clean_up_dir:
$ subroutine
$
$ set default [-]
$ @[-.utils]deltree [.tsa]*.*
$ set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) tsa.dir;*
$ delete tsa.dir;*
$ endsubroutine
$
$ create_ca:
$ subroutine
$
$ write sys$output "Creating a new CA for the TSA tests..."
$ @[--.utils]deltree [.demoCA]*.*
$
$ open/write file VMStsa-response.create_ca
$ write file ""
$ write file "HU"
$ write file "Budapest"
$ write file "Budapest"
$ write file "Gov-CA Ltd."
$ write file "ca1"
$ close file
$ open/read sys$ca_input VMStsa-response.create_ca
$ @[--.apps]CA.com -input sys$ca_input -newca
$ save_severity = $severity
$ close sys$ca_input
$ if save_severity .ne. 1 then call error
$ endsubroutine
$
$ create_tsa_cert:
$ subroutine
$
$ INDEX=p1
$ EXT=p2
$ open/write file VMStsa-response1.create_tsa_cert
$ write file "HU"
$ write file "Budapest"
$ write file "Buda"
$ write file "Hun-TSA Ltd."
$ write file "tsa",INDEX
$ close file
$ define/user sys$input VMStsa-response.create_tsa_cert
$ openssl req -new -
-out tsa_req'INDEX'.pem -keyout tsa_key'INDEX'.pem
$ if $severity .ne. 1 then call error
$
$ open/write file VMStsa-response2.create_tsa_cert
$ write file "y"
$ write file "y"
$ close file
$ define/user sys$input VMStsa-response.create_tsa_cert
$ openssl ca -in tsa_req'INDEX'.pem -out tsa_cert'INDEX'.pem -
-extensions "''EXT'"
$ if $severity .ne. 1 then call error
$ endsubroutine
$
$ print_request:
$ subroutine
$
$ openssl ts -query -in 'p1' -text
$ endsubroutine
$
$ create_time_stamp_request1: subroutine
$
$ openssl ts -query -data [-]testtsa.com -policy tsa_policy1 -
-cert -out req1.tsq
$ if $severity .ne. 1 then call error
$ endsubroutine
$
$ create_time_stamp_request2: subroutine
$
$ openssl ts -query -data [-]testtsa.com -policy tsa_policy2 -
-no_nonce -out req2.tsq
$ if $severity .ne. 1 then call error
$ endsubroutine
$
$ create_time_stamp_request3: subroutine
$
$ openssl ts -query -data [-]CAtsa.cnf -no_nonce -out req3.tsq
$ if $severity .ne. 1 then call error
$ endsubroutine
$
$ print_response:
$ subroutine
$
$ openssl ts -reply -in 'p1' -text
$ if $severity .ne. 1 then call error
$ endsubroutine
$
$ create_time_stamp_response:
$ subroutine
$
$ openssl ts -reply -section 'p3' -queryfile 'p1' -out 'p2'
$ if $severity .ne. 1 then call error
$ endsubroutine
$
$ time_stamp_response_token_test:
$ subroutine
$
$ RESPONSE2:='p2'.copy_tsr
$ TOKEN_DER:='p2'.token_der
$ openssl ts -reply -in 'p2' -out 'TOKEN_DER' -token_out
$ if $severity .ne. 1 then call error
$ openssl ts -reply -in 'TOKEN_DER' -token_in -out 'RESPONSE2'
$ if $severity .ne. 1 then call error
$ backup/compare 'RESPONSE2' 'p2'
$ if $severity .ne. 1 then call error
$ openssl ts -reply -in 'p2' -text -token_out
$ if $severity .ne. 1 then call error
$ openssl ts -reply -in 'TOKEN_DER' -token_in -text -token_out
$ if $severity .ne. 1 then call error
$ openssl ts -reply -queryfile 'p1' -text -token_out
$ if $severity .ne. 1 then call error
$ endsubroutine
$
$ verify_time_stamp_response:
$ subroutine
$
$ openssl ts -verify -queryfile 'p1' -in 'p2' -
-CAfile [.demoCA]cacert.pem -untrusted tsa_cert1.pem
$ if $severity .ne. 1 then call error
$ openssl ts -verify -data 'p3' -in 'p2' -
-CAfile [.demoCA]cacert.pem -untrusted tsa_cert1.pem
$ if $severity .ne. 1 then call error
$ endsubroutine
$
$ verify_time_stamp_token:
$ subroutine
$
$ # create the token from the response first
$ openssl ts -reply -in 'p2' -out 'p2'.token -token_out
$ if $severity .ne. 1 then call error
$ openssl ts -verify -queryfile 'p1' -in 'p2'.token -token_in \
-CAfile [.demoCA]cacert.pem -untrusted tsa_cert1.pem
$ if $severity .ne. 1 then call error
$ openssl ts -verify -data 'p3' -in 'p2'.token -token_in \
-CAfile [.demoCA]cacert.pem -untrusted tsa_cert1.pem
$ if $severity .ne. 1 then call error
$ endsubroutine
$
$ verify_time_stamp_response_fail:
$ subroutine
$
$ openssl ts -verify -queryfile 'p1' -in 'p2' -
-CAfile [.demoCA]cacert.pem -untrusted tsa_cert1.pem
$ # Checks if the verification failed, as it should have.
$ if $severity .ne. 1 then call error
$ write sys$output "Ok"
$ endsubroutine
$
$ ! Main body ----------------------------------------------------------
$
$ write sys$output "Setting up TSA test directory..."
$ call setup_dir
$
$ write sys$output "Creating CA for TSA tests..."
$ call create_ca
$
$ write sys$output "Creating tsa_cert1.pem TSA server cert..."
$ call create_tsa_cert 1 tsa_cert
$
$ write sys$output "Creating tsa_cert2.pem non-TSA server cert..."
$ call create_tsa_cert 2 non_tsa_cert
$
$ write sys$output "Creating req1.req time stamp request for file testtsa..."
$ call create_time_stamp_request1
$
$ write sys$output "Printing req1.req..."
$ call print_request req1.tsq
$
$ write sys$output "Generating valid response for req1.req..."
$ call create_time_stamp_response req1.tsq resp1.tsr tsa_config1
$
$ write sys$output "Printing response..."
$ call print_response resp1.tsr
$
$ write sys$output "Verifying valid response..."
$ call verify_time_stamp_response req1.tsq resp1.tsr ../testtsa
$
$ write sys$output "Verifying valid token..."
$ call verify_time_stamp_token req1.tsq resp1.tsr ../testtsa
$
$ ! The tests below are commented out, because invalid signer certificates
$ ! can no longer be specified in the config file.
$
$ ! write sys$output "Generating _invalid_ response for req1.req..."
$ ! call create_time_stamp_response req1.tsq resp1_bad.tsr tsa_config2
$
$ ! write sys$output "Printing response..."
$ ! call print_response resp1_bad.tsr
$
$ ! write sys$output "Verifying invalid response, it should fail..."
$ ! call verify_time_stamp_response_fail req1.tsq resp1_bad.tsr
$
$ write sys$output "Creating req2.req time stamp request for file testtsa..."
$ call create_time_stamp_request2
$
$ write sys$output "Printing req2.req..."
$ call print_request req2.tsq
$
$ write sys$output "Generating valid response for req2.req..."
$ call create_time_stamp_response req2.tsq resp2.tsr tsa_config1
$
$ write sys$output "Checking '-token_in' and '-token_out' options with '-reply'..."
$ call time_stamp_response_token_test req2.tsq resp2.tsr
$
$ write sys$output "Printing response..."
$ call print_response resp2.tsr
$
$ write sys$output "Verifying valid response..."
$ call verify_time_stamp_response req2.tsq resp2.tsr ../testtsa
$
$ write sys$output "Verifying response against wrong request, it should fail..."
$ call verify_time_stamp_response_fail req1.tsq resp2.tsr
$
$ write sys$output "Verifying response against wrong request, it should fail..."
$ call verify_time_stamp_response_fail req2.tsq resp1.tsr
$
$ write sys$output "Creating req3.req time stamp request for file CAtsa.cnf..."
$ call create_time_stamp_request3
$
$ write sys$output "Printing req3.req..."
$ call print_request req3.tsq
$
$ write sys$output "Verifying response against wrong request, it should fail..."
$ call verify_time_stamp_response_fail req3.tsq resp1.tsr
$
$ write sys$output "Cleaning up..."
$ call clean_up_dir
$
$ exit
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录