From 510a550bc2eae7cf3c50a3a87bda6f97eb1d1b1a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Thu, 19 Jan 2006 18:17:58 +0000
Subject: [PATCH] Parse new format to handle CRL info.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16618 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 lib/hx509/test_nist.in | 23 +++++++++++++----------
 1 file changed, 13 insertions(+), 10 deletions(-)

diff --git a/lib/hx509/test_nist.in b/lib/hx509/test_nist.in
index 6a5ca98c4..cd749c8c9 100644
--- a/lib/hx509/test_nist.in
+++ b/lib/hx509/test_nist.in
@@ -41,20 +41,20 @@ echo "nist tests"
 
 test -d "$nistdir" || exit 77
 
-while read validate verify cert arg1 arg2 arg3 arg4 arg5 ; do
-    expr "$validate" : "#" > /dev/null && continue
+while read id validate verify cert arg1 arg2 arg3 arg4 arg5 ; do
+    expr "$id" : "#" > /dev/null && continue
     
-    test "$validate" = "end" && break
+    test "$id" = "end" && break
     echo -n .
 
     if ./hxtool validate $nistdir/certs/$cert > /dev/null; then
 	if test "$validate" = "f"; then
-	    echo "validate passed on fail: $cert"
+	    echo "validate passed on fail: $id $cert"
 	    exit 1
 	fi
     else
 	if test "$validate" = "p"; then
-	    echo "validate failed on pass: $cert"
+	    echo "validate failed on pass: $id $cert"
 	    exit 1
 	fi
     fi
@@ -63,22 +63,25 @@ while read validate verify cert arg1 arg2 arg3 arg4 arg5 ; do
 	continue
     fi
 
-    args="anchor:FILE:$nistdir/certs/TrustAnchorRootCertificate.crt"
-
+    args=""
     a=$(echo $arg1 | sed "s@basedir@$nistdir@") ; args="$args $a"
     a=$(echo $arg2 | sed "s@basedir@$nistdir@") ; args="$args $a"
     a=$(echo $arg3 | sed "s@basedir@$nistdir@") ; args="$args $a"
     a=$(echo $arg4 | sed "s@basedir@$nistdir@") ; args="$args $a"
     a=$(echo $arg5 | sed "s@basedir@$nistdir@") ; args="$args $a"
 
-    if ./hxtool verify cert:FILE:$nistdir/certs/$cert $args > /dev/null ; then
+    args="$args anchor:FILE:$nistdir/certs/TrustAnchorRootCertificate.crt"
+    args="$args crl:FILE:$nistdir/crls/TrustAnchorRootCRL.crl"
+    args="$args cert:FILE:$nistdir/certs/$cert"
+
+    if ./hxtool verify $args > /dev/null ; then
 	if test "$verify" = "f"; then
-	    echo "validate passed on fail: $cert"
+	    echo "validate passed on fail: $id $cert"
 	    exit 1
 	fi
     else
 	if test "$verify" = "p"; then
-	    echo "validate failed on pass: $cert"
+	    echo "validate failed on pass: $id $cert"
 	    exit 1
 	fi
     fi