#!/bin/sh
#
-# $OpenBSD: appstest.sh,v 1.11 2018/09/08 03:39:51 inoguchi Exp $
+# $OpenBSD: appstest.sh,v 1.12 2018/09/08 09:34:12 inoguchi Exp $
#
# Copyright (c) 2016 Kinichiro Inoguchi <inoguchi@openbsd.org>
#
# output : all files generated by this script go under $ssldir
#
-openssl_bin=${OPENSSL:-/usr/bin/openssl}
-
-uname_s=`uname -s | grep 'MINGW'`
-if [ "$uname_s" = "" ] ; then
- mingw=0
-else
- mingw=1
-fi
-
function section_message {
echo ""
echo "#---------#---------#---------#---------#---------#---------#---------#--------"
echo "usage: appstest.sh [-q]"
}
-no_long_tests=0
-
-while [ "$1" != "" ]; do
- case $1 in
- -q | --quick ) shift
- no_long_tests=1
- ;;
- * ) usage
- exit 1
- esac
-done
-
#---------#---------#---------#---------#---------#---------#---------#---------
-
-#
-# create ssldir, and all files generated by this script goes under this dir.
-#
-ssldir="appstest_dir"
-
-if [ -d $ssldir ] ; then
- echo "directory [ $ssldir ] exists, this script deletes this directory ..."
- /bin/rm -rf $ssldir
-fi
-
-mkdir -p $ssldir
-
-export OPENSSL_CONF=$ssldir/openssl.cnf
-touch $OPENSSL_CONF
-
-user1_dir=$ssldir/user1
-mkdir -p $user1_dir
-
-key_dir=$ssldir/key
-mkdir -p $key_dir
-
-#---------#---------#---------#---------#---------#---------#---------#---------
-
+function test_usage_lists_others {
# === COMMAND USAGE ===
section_message "COMMAND USAGE"
$openssl_bin rand -hex 100
check_exit_status $?
+}
#---------#---------#---------#---------#---------#---------#---------#---------
-
+function test_md {
# === MESSAGE DIGEST COMMANDS ===
section_message "MESSAGE DIGEST COMMANDS"
-out $dgstdat.$d.cmac $dgstdat
check_exit_status $?
done
+}
#---------#---------#---------#---------#---------#---------#---------#---------
-
+function test_encoding_cipher {
# === ENCODING AND CIPHER COMMANDS ===
section_message "ENCODING AND CIPHER COMMANDS"
cmp $encfile $encfile-$c.dec
check_exit_status $?
done
+}
#---------#---------#---------#---------#---------#---------#---------#---------
-
+function test_key {
# === various KEY operations ===
section_message "various KEY operations"
$openssl_bin pkeyutl -verifyrecover -in $pkeyutlsig -inkey $genpkey_rsa
check_exit_status $?
+}
#---------#---------#---------#---------#---------#---------#---------#---------
-
+function test_pki {
section_message "setup local CA"
#
# prepare test openssl.cnf
#
-ca_dir=$ssldir/testCA
-tsa_dir=$ssldir/testTSA
-ocsp_dir=$ssldir/testOCSP
-server_dir=$ssldir/server
-
cat << __EOF__ > $ssldir/openssl.cnf
oid_section = new_oids
[ new_oids ]
$openssl_bin ca -batch -cert $ca_cert -keyfile $ca_key -key $ca_pass \
-in $user1_csr -out $user1_cert
check_exit_status $?
+}
#---------#---------#---------#---------#---------#---------#---------#---------
-
+function test_tsa {
# --- TSA operations ---
section_message "TSA operations"
$openssl_bin ts -verify -queryfile $tsa_tsq -in $tsa_tsr -CAfile $ca_cert -untrusted $tsa_cert
check_exit_status $?
+}
#---------#---------#---------#---------#---------#---------#---------#---------
-
+function test_smime {
# --- S/MIME operations ---
section_message "S/MIME operations"
$openssl_bin smime -verify -in $smime_msg -signer $user1_cert -CAfile $ca_cert -out $smime_ver
check_exit_status $?
+}
#---------#---------#---------#---------#---------#---------#---------#---------
-
+function test_ocsp {
# --- OCSP operations ---
section_message "OCSP operations"
$openssl_bin ocsp -issuer $ca_cert -cert $server_cert -cert $revoke_cert \
-CAfile $ca_cert -url http://localhost:$ocsp_port -resp_text -respout $ocsp_qry > $ocsp_qry.out 2>&1
check_exit_status $?
+}
#---------#---------#---------#---------#---------#---------#---------#---------
-
+function test_pkcs {
# --- PKCS operations ---
section_message "PKCS operations"
$openssl_bin pkcs12 -in $server_cert.p12 -passin pass:$pkcs_pass \
-passout pass:$pkcs_pass -out $server_cert.p12.pem
check_exit_status $?
+}
#---------#---------#---------#---------#---------#---------#---------#---------
-
+function test_server_client {
# --- client/server operations (TLS) ---
section_message "client/server operations (TLS)"
check_exit_status $?
stop_s_server
+}
#---------#---------#---------#---------#---------#---------#---------#---------
-
+function test_speed {
# === PERFORMANCE ===
section_message "PERFORMANCE"
else
start_message "SKIPPNG speed (quick mode)"
fi
+}
#---------#---------#---------#---------#---------#---------#---------#---------
-
+function test_version {
# --- VERSION INFORMATION ---
section_message "VERSION INFORMATION"
start_message "version"
$openssl_bin version -a
check_exit_status $?
+}
#---------#---------#---------#---------#---------#---------#---------#---------
+openssl_bin=${OPENSSL:-/usr/bin/openssl}
+
+no_long_tests=0
+
+while [ "$1" != "" ]; do
+ case $1 in
+ -q | --quick ) shift
+ no_long_tests=1
+ ;;
+ * ) usage
+ exit 1
+ esac
+done
+
+#
+# create ssldir, and all files generated by this script goes under this dir.
+#
+ssldir="appstest_dir"
+
+if [ -d $ssldir ] ; then
+ echo "directory [ $ssldir ] exists, this script deletes this directory ..."
+ /bin/rm -rf $ssldir
+fi
+
+mkdir -p $ssldir
+
+ca_dir=$ssldir/testCA
+tsa_dir=$ssldir/testTSA
+ocsp_dir=$ssldir/testOCSP
+server_dir=$ssldir/server
+user1_dir=$ssldir/user1
+mkdir -p $user1_dir
+key_dir=$ssldir/key
+mkdir -p $key_dir
+
+export OPENSSL_CONF=$ssldir/openssl.cnf
+touch $OPENSSL_CONF
+
+uname_s=`uname -s | grep 'MINGW'`
+if [ "$uname_s" = "" ] ; then
+ mingw=0
+else
+ mingw=1
+fi
+
+#
+# process tests
+#
+test_usage_lists_others
+test_md
+test_encoding_cipher
+test_key
+test_pki
+test_tsa
+test_smime
+test_ocsp
+test_pkcs
+test_server_client
+test_speed
+test_version
+
section_message "END"
exit 0
projects / openbsd / commitdiff