From fda23e2d93761736b880cdfd7eb393cc623d9b7a Mon Sep 17 00:00:00 2001 From: Rich Salz Date: Wed, 10 Jun 2015 18:53:31 -0400 Subject: [PATCH] Cleanup testtsa script Add RUN function; remove single-use functions and use their body inline. Reviewed-by: Tim Hudson --- test/testtsa | 127 ++++++++++++++++----------------------------------- 1 file changed, 39 insertions(+), 88 deletions(-) diff --git a/test/testtsa b/test/testtsa index df9abedff9..fc68ff906c 100644 --- a/test/testtsa +++ b/test/testtsa @@ -21,32 +21,16 @@ export SSLEAY_CONFIG OPENSSL="`pwd`/../util/opensslwrap.sh" export OPENSSL -setup_dir () { - rm -rf tsa 2>/dev/null - mkdir tsa - cd ./tsa -} - -clean_up_dir () { - cd .. - rm -rf tsa -} - -create_ca () { - echo creating a new CA for the TSA tests - TSDNSECT=ts_ca_dn - export TSDNSECT - ../../util/shlib_wrap.sh ../../apps/openssl req -new -x509 -nodes \ - -out tsaca.pem -keyout tsacakey.pem || exit 1 +RUN () { + ../../util/shlib_wrap.sh ../../apps/openssl ts $* } create_tsa_cert () { - INDEX=$1 export INDEX EXT=$2 TSDNSECT=ts_cert_dn - export TSDNSECT + export TSDNSECT ../../util/shlib_wrap.sh ../../apps/openssl req -new \ -out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem || exit 1 @@ -57,70 +41,19 @@ create_tsa_cert () { -extfile $OPENSSL_CONF -extensions $EXT || exit 1 } -print_request () { - - ../../util/shlib_wrap.sh ../../apps/openssl ts -query -in $1 -text -} - -create_time_stamp_request1 () { - - ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy1 -cert -out req1.tsq || exit 1 -} - -create_time_stamp_request2 () { - - ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy2 -no_nonce \ - -out req2.tsq || exit 1 -} - -create_time_stamp_request3 () { - - ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../CAtsa.cnf -no_nonce -out req3.tsq || exit 1 -} - -print_response () { - - ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $1 -text || exit 1 -} - create_time_stamp_response () { - - ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -section $3 -queryfile $1 -out $2 || exit 1 -} - -time_stamp_response_token_test () { - - RESPONSE2=$2.copy.tsr - TOKEN_DER=$2.token.der - ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $TOKEN_DER -token_out || exit 1 - ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -out $RESPONSE2 || exit 1 - cmp $RESPONSE2 $2 || exit 1 - ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -text -token_out || exit 1 - ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -text -token_out || exit 1 - ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -queryfile $1 -text -token_out || exit 1 + RUN -reply -section $3 -queryfile $1 -out $2 || exit 1 } verify_time_stamp_response () { - - ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \ + RUN -verify -queryfile $1 -in $2 -CAfile tsaca.pem \ -untrusted tsa_cert1.pem || exit 1 - ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2 -CAfile tsaca.pem \ + RUN -verify -data $3 -in $2 -CAfile tsaca.pem \ -untrusted tsa_cert1.pem || exit 1 } -verify_time_stamp_token () { - - # create the token from the response first - ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $2.token -token_out || exit 1 - ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2.token -token_in \ - -CAfile tsaca.pem -untrusted tsa_cert1.pem || exit 1 - ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2.token -token_in \ - -CAfile tsaca.pem -untrusted tsa_cert1.pem || exit 1 -} - verify_time_stamp_response_fail () { - - ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \ + RUN -verify -queryfile $1 -in $2 -CAfile tsaca.pem \ -untrusted tsa_cert1.pem && exit 1 echo ok } @@ -128,10 +61,15 @@ verify_time_stamp_response_fail () { # main functions echo setting up TSA test directory -setup_dir +rm -rf tsa 2>/dev/null +mkdir tsa +cd ./tsa -echo creating CA for TSA tests -create_ca +echo creating a new CA for the TSA tests +TSDNSECT=ts_ca_dn +export TSDNSECT +../../util/shlib_wrap.sh ../../apps/openssl req -new -x509 -nodes \ + -out tsaca.pem -keyout tsacakey.pem || exit 1 echo creating tsa_cert1.pem TSA server cert create_tsa_cert 1 tsa_cert @@ -140,37 +78,49 @@ echo creating tsa_cert2.pem non-TSA server cert create_tsa_cert 2 non_tsa_cert echo creating req1.req time stamp request for file testtsa -create_time_stamp_request1 +RUN -query -data ../testtsa -policy tsa_policy1 -cert -out req1.tsq || exit 1 echo printing req1.req -print_request req1.tsq +RUN -query -in req1.tsq -text echo generating valid response for req1.req create_time_stamp_response req1.tsq resp1.tsr tsa_config1 echo printing response -print_response resp1.tsr +RUN -reply -in resp1.tsr -text || exit 1 echo verifying valid response verify_time_stamp_response req1.tsq resp1.tsr ../testtsa echo verifying valid token -verify_time_stamp_token req1.tsq resp1.tsr ../testtsa +RUN -reply -in resp1.tsr -out resp1.tsr.token -token_out || exit 1 +RUN -verify -queryfile req1.tsq -in resp1.tsr.token -token_in \ + -CAfile tsaca.pem -untrusted tsa_cert1.pem || exit 1 +RUN -verify -data ../testtsa -in resp1.tsr.token -token_in \ + -CAfile tsaca.pem -untrusted tsa_cert1.pem || exit 1 echo creating req2.req time stamp request for file testtsa -create_time_stamp_request2 +RUN -query -data ../testtsa -policy tsa_policy2 -no_nonce \ + -out req2.tsq || exit 1 echo printing req2.req -print_request req2.tsq +RUN -query -in req2.tsq -text echo generating valid response for req2.req create_time_stamp_response req2.tsq resp2.tsr tsa_config1 echo checking -token_in and -token_out options with -reply -time_stamp_response_token_test req2.tsq resp2.tsr +RESPONSE2=resp2.tsr.copy.tsr +TOKEN_DER=resp2.tsr.token.der +RUN -reply -in resp2.tsr -out $TOKEN_DER -token_out || exit 1 +RUN -reply -in $TOKEN_DER -token_in -out $RESPONSE2 || exit 1 +cmp $RESPONSE2 resp2.tsr || exit 1 +RUN -reply -in resp2.tsr -text -token_out || exit 1 +RUN -reply -in $TOKEN_DER -token_in -text -token_out || exit 1 +RUN -reply -queryfile req2.tsq -text -token_out || exit 1 echo printing response -print_response resp2.tsr +RUN -reply -in resp2.tsr -text || exit 1 echo verifying valid response verify_time_stamp_response req2.tsq resp2.tsr ../testtsa @@ -182,15 +132,16 @@ echo verifying response against wrong request, it should fail verify_time_stamp_response_fail req2.tsq resp1.tsr echo creating req3.req time stamp request for file CAtsa.cnf -create_time_stamp_request3 +RUN -query -data ../CAtsa.cnf -no_nonce -out req3.tsq || exit 1 echo printing req3.req -print_request req3.tsq +RUN -query -in req3.tsq -text echo verifying response against wrong request, it should fail verify_time_stamp_response_fail req3.tsq resp1.tsr echo cleaning up -clean_up_dir +cd .. +rm -rf tsa exit 0