oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

change syntax to make match better with crl checks

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16601 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2006-01-18 21:07:26 +00:00
parent 327096d34e
commit 5b16a7209b
2 changed files with 17 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
lib/hx509/data/nist-data
View File

@@ -1,12 +1,12 @@
# $Id$
# validate verify cert chain1 chain2
# validate verify cert hxtool-verify-arguments...
# s(kip) p(ass) f(ail)
p s TrustAnchorRootCertificate.crt
p p AllCertificatesNoPoliciesTest2EE.crt NoPoliciesCACert.crt
p p AllCertificatesSamePoliciesTest10EE.crt PoliciesP12CACert.crt
p p AllCertificatesSamePoliciesTest13EE.crt PoliciesP123CACert.crt
p p AllCertificatesanyPolicyTest11EE.crt anyPolicyCACert.crt
p p AnyPolicyTest14EE.crt anyPolicyCACert.crt
p p AllCertificatesNoPoliciesTest2EE.crt chain:FILE:basedir/certs/NoPoliciesCACert.crt
p p AllCertificatesSamePoliciesTest10EE.crt chain:FILE:basedir/certs/PoliciesP12CACert.crt
p p AllCertificatesSamePoliciesTest13EE.crt chain:FILE:basedir/certs/PoliciesP123CACert.crt
p p AllCertificatesanyPolicyTest11EE.crt chain:FILE:basedir/certs/anyPolicyCACert.crt
p p AnyPolicyTest14EE.crt chain:FILE:basedir/certs/anyPolicyCACert.crt
p s BadCRLIssuerNameCACert.crt
p s BadCRLSignatureCACert.crt
p f BadSignedCACert.crt

22
lib/hx509/test_nist.in
View File

@@ -35,19 +35,19 @@
#
srcdir="@srcdir@"
nistdir=/sources/pki/nist/PKITS_data/certs
nistdir=/sources/pki/nist/PKITS_data
echo "nist tests"
test -d "$nistdir" || exit 77
while read validate verify cert chain1 chain2 ; do
while read validate verify cert arg1 arg2 arg3 arg4 arg5 ; do
expr "$validate" : "#" > /dev/null && continue
test "$validate" = "end" && break
echo -n .
if ./hxtool validate $nistdir/$cert > /dev/null; then
if ./hxtool validate $nistdir/certs/$cert > /dev/null; then
if test "$validate" = "f"; then
echo "validate passed on fail: $cert"
exit 1
@@ -63,15 +63,15 @@ while read validate verify cert chain1 chain2 ; do
continue
fi
args="anchor:FILE:$nistdir/TrustAnchorRootCertificate.crt"
if test "X$chain1" != "X"; then
args="chain:FILE:$nistdir/$chain1 $args"
fi
if test "X$chain2" != "X"; then
args="chain:FILE:$nistdir/$chain2 $args"
fi
args="anchor:FILE:$nistdir/certs/TrustAnchorRootCertificate.crt"
if ./hxtool verify cert:FILE:$nistdir/$cert $args > /dev/null ; then
a=$(echo $arg1 | sed "s@basedir@$nistdir@") ; args="$args $a"
a=$(echo $arg2 | sed "s@basedir@$nistdir@") ; args="$args $a"
a=$(echo $arg3 | sed "s@basedir@$nistdir@") ; args="$args $a"
a=$(echo $arg4 | sed "s@basedir@$nistdir@") ; args="$args $a"
a=$(echo $arg5 | sed "s@basedir@$nistdir@") ; args="$args $a"
if ./hxtool verify cert:FILE:$nistdir/certs/$cert $args > /dev/null ; then
if test "$verify" = "f"; then
echo "validate passed on fail: $cert"
exit 1