Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
9921f865
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
大约 1 年 前同步成功
通知
9
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
9921f865
编写于
1月 27, 2010
作者:
R
Richard Levitte
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Apparently, test/testtsa.com was only half done
上级
c8c07be8
变更
1
隐藏空白更改
内联
并排
Showing
1 changed file
with
26 addition
and
45 deletion
+26
-45
test/testtsa.com
test/testtsa.com
+26
-45
未找到文件。
test/testtsa.com
浏览文件 @
9921f865
...
...
@@ -46,21 +46,10 @@ $ create_ca:
$ subroutine
$
$ write sys$output "Creating a new CA for the TSA tests..."
$ @[--.util]deltree [.demoCA]*.*
$
$ open/write file VMStsa-response.create_ca
$ write file ""
$ write file "HU"
$ write file "Budapest"
$ write file "Budapest"
$ write file "Gov-CA Ltd."
$ write file "ca1"
$ close file
$ open/read sys$ca_input VMStsa-response.create_ca
$ @[--.apps]CA.com -input sys$ca_input -newca
$ save_severity = $severity
$ close sys$ca_input
$ if save_severity .ne. 1 then call error
$ TSDNSECT = "ts_ca_dn"
$ openssl req -new -x509 -nodes -
-out tsaca.pem -keyout tsacakey.pem
$ if $severity .ne. 1 then call error
$ endsubroutine
$
$ create_tsa_cert:
...
...
@@ -68,25 +57,17 @@ $ subroutine
$
$ INDEX=p1
$ EXT=p2
$ open/write file VMStsa-response1.create_tsa_cert
$ write file "HU"
$ write file "Budapest"
$ write file "Buda"
$ write file "Hun-TSA Ltd."
$ write file "tsa",INDEX
$ close file
$ define/user sys$input VMStsa-response.create_tsa_cert
$ TSDNSECT = "ts_cert_dn"
$
$ openssl req -new -
-out tsa_req'INDEX'.pem -keyout tsa_key'INDEX'.pem
$ if $severity .ne. 1 then call error
$
$ open/write file VMStsa-response2.create_tsa_cert
$ write file "y"
$ write file "y"
$ close file
$ define/user sys$input VMStsa-response.create_tsa_cert
$ openssl ca -in tsa_req'INDEX'.pem -out tsa_cert'INDEX'.pem -
-extensions "''EXT'"
$ write sys$output "Using extension ''EXT'"
$ openssl x509 -req -
-in tsa_req'INDEX'.pem -out tsa_cert'INDEX'.pem -
"-CA" tsaca.pem "-CAkey" tsacakey.pem "-CAcreateserial" -
-extfile 'OPENSSL_CONF' -extensions "''EXT'"
$ if $severity .ne. 1 then call error
$ endsubroutine
$
...
...
@@ -153,24 +134,24 @@ $ verify_time_stamp_response:
$ subroutine
$
$ openssl ts -verify -queryfile 'p1' -in 'p2' -
-CAfile [.demoCA]cacert
.pem -untrusted tsa_cert1.pem
"-CAfile" tsaca
.pem -untrusted tsa_cert1.pem
$ if $severity .ne. 1 then call error
$ openssl ts -verify -data 'p3' -in 'p2' -
-CAfile [.demoCA]cacert
.pem -untrusted tsa_cert1.pem
"-CAfile" tsaca
.pem -untrusted tsa_cert1.pem
$ if $severity .ne. 1 then call error
$ endsubroutine
$
$ verify_time_stamp_token:
$ subroutine
$
$
#
create the token from the response first
$
!
create the token from the response first
$ openssl ts -reply -in 'p2' -out 'p2'.token -token_out
$ if $severity .ne. 1 then call error
$ openssl ts -verify -queryfile 'p1' -in 'p2'.token -token_in
\
-CAfile [.demoCA]cacert
.pem -untrusted tsa_cert1.pem
$ openssl ts -verify -queryfile 'p1' -in 'p2'.token -token_in
-
"-CAfile" tsaca
.pem -untrusted tsa_cert1.pem
$ if $severity .ne. 1 then call error
$ openssl ts -verify -data 'p3' -in 'p2'.token -token_in
\
-CAfile [.demoCA]cacert
.pem -untrusted tsa_cert1.pem
$ openssl ts -verify -data 'p3' -in 'p2'.token -token_in
-
"-CAfile" tsaca
.pem -untrusted tsa_cert1.pem
$ if $severity .ne. 1 then call error
$ endsubroutine
$
...
...
@@ -178,9 +159,9 @@ $ verify_time_stamp_response_fail:
$ subroutine
$
$ openssl ts -verify -queryfile 'p1' -in 'p2' -
-CAfile [.demoCA]cacert
.pem -untrusted tsa_cert1.pem
$
#
Checks if the verification failed, as it should have.
$ if $severity .
ne
. 1 then call error
"-CAfile" tsaca
.pem -untrusted tsa_cert1.pem
$
!
Checks if the verification failed, as it should have.
$ if $severity .
eq
. 1 then call error
$ write sys$output "Ok"
$ endsubroutine
$
...
...
@@ -193,10 +174,10 @@ $ write sys$output "Creating CA for TSA tests..."
$ call create_ca
$
$ write sys$output "Creating tsa_cert1.pem TSA server cert..."
$ call create_tsa_cert 1
tsa_cert
$ call create_tsa_cert 1
"tsa_cert"
$
$ write sys$output "Creating tsa_cert2.pem non-TSA server cert..."
$ call create_tsa_cert 2
non_tsa_cert
$ call create_tsa_cert 2
"non_tsa_cert"
$
$ write sys$output "Creating req1.req time stamp request for file testtsa..."
$ call create_time_stamp_request1
...
...
@@ -211,10 +192,10 @@ $ write sys$output "Printing response..."
$ call print_response resp1.tsr
$
$ write sys$output "Verifying valid response..."
$ call verify_time_stamp_response req1.tsq resp1.tsr
../testtsa
$ call verify_time_stamp_response req1.tsq resp1.tsr
[-]testtsa.com
$
$ write sys$output "Verifying valid token..."
$ call verify_time_stamp_token req1.tsq resp1.tsr
../testtsa
$ call verify_time_stamp_token req1.tsq resp1.tsr
[-]testtsa.com
$
$ ! The tests below are commented out, because invalid signer certificates
$ ! can no longer be specified in the config file.
...
...
@@ -244,7 +225,7 @@ $ write sys$output "Printing response..."
$ call print_response resp2.tsr
$
$ write sys$output "Verifying valid response..."
$ call verify_time_stamp_response req2.tsq resp2.tsr
../testtsa
$ call verify_time_stamp_response req2.tsq resp2.tsr
[-]testtsa.com
$
$ write sys$output "Verifying response against wrong request, it should fail..."
$ call verify_time_stamp_response_fail req1.tsq resp2.tsr
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录