From 5b16a7209b79b6207c987efed8207282d112f657 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Wed, 18 Jan 2006 21:07:26 +0000
Subject: [PATCH] change syntax to make match better with crl checks

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16601 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 lib/hx509/data/nist-data | 12 ++++++------
 lib/hx509/test_nist.in   | 22 +++++++++++-----------
 2 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/lib/hx509/data/nist-data b/lib/hx509/data/nist-data
index 33b6a7e3f..37946ddc4 100644
--- a/lib/hx509/data/nist-data
+++ b/lib/hx509/data/nist-data
@@ -1,12 +1,12 @@
 # $Id$
-# validate verify cert chain1 chain2
+# validate verify cert hxtool-verify-arguments...
 # s(kip) p(ass) f(ail)
 p s TrustAnchorRootCertificate.crt
-p p AllCertificatesNoPoliciesTest2EE.crt NoPoliciesCACert.crt
-p p AllCertificatesSamePoliciesTest10EE.crt PoliciesP12CACert.crt
-p p AllCertificatesSamePoliciesTest13EE.crt PoliciesP123CACert.crt
-p p AllCertificatesanyPolicyTest11EE.crt anyPolicyCACert.crt
-p p AnyPolicyTest14EE.crt anyPolicyCACert.crt
+p p AllCertificatesNoPoliciesTest2EE.crt chain:FILE:basedir/certs/NoPoliciesCACert.crt
+p p AllCertificatesSamePoliciesTest10EE.crt chain:FILE:basedir/certs/PoliciesP12CACert.crt
+p p AllCertificatesSamePoliciesTest13EE.crt chain:FILE:basedir/certs/PoliciesP123CACert.crt
+p p AllCertificatesanyPolicyTest11EE.crt chain:FILE:basedir/certs/anyPolicyCACert.crt
+p p AnyPolicyTest14EE.crt chain:FILE:basedir/certs/anyPolicyCACert.crt
 p s BadCRLIssuerNameCACert.crt
 p s BadCRLSignatureCACert.crt
 p f BadSignedCACert.crt
diff --git a/lib/hx509/test_nist.in b/lib/hx509/test_nist.in
index 6a65b6a93..6a5ca98c4 100644
--- a/lib/hx509/test_nist.in
+++ b/lib/hx509/test_nist.in
@@ -35,19 +35,19 @@
 #
 
 srcdir="@srcdir@"
-nistdir=/sources/pki/nist/PKITS_data/certs
+nistdir=/sources/pki/nist/PKITS_data
 
 echo "nist tests"
 
 test -d "$nistdir" || exit 77
 
-while read validate verify cert chain1 chain2 ; do
+while read validate verify cert arg1 arg2 arg3 arg4 arg5 ; do
     expr "$validate" : "#" > /dev/null && continue
     
     test "$validate" = "end" && break
     echo -n .
 
-    if ./hxtool validate $nistdir/$cert > /dev/null; then
+    if ./hxtool validate $nistdir/certs/$cert > /dev/null; then
 	if test "$validate" = "f"; then
 	    echo "validate passed on fail: $cert"
 	    exit 1
@@ -63,15 +63,15 @@ while read validate verify cert chain1 chain2 ; do
 	continue
     fi
 
-    args="anchor:FILE:$nistdir/TrustAnchorRootCertificate.crt"
-    if test "X$chain1" != "X"; then
-	args="chain:FILE:$nistdir/$chain1 $args"
-    fi
-    if test "X$chain2" != "X"; then
-	args="chain:FILE:$nistdir/$chain2 $args"
-    fi
+    args="anchor:FILE:$nistdir/certs/TrustAnchorRootCertificate.crt"
 
-    if ./hxtool verify cert:FILE:$nistdir/$cert $args > /dev/null ; then
+    a=$(echo $arg1 | sed "s@basedir@$nistdir@") ; args="$args $a"
+    a=$(echo $arg2 | sed "s@basedir@$nistdir@") ; args="$args $a"
+    a=$(echo $arg3 | sed "s@basedir@$nistdir@") ; args="$args $a"
+    a=$(echo $arg4 | sed "s@basedir@$nistdir@") ; args="$args $a"
+    a=$(echo $arg5 | sed "s@basedir@$nistdir@") ; args="$args $a"
+
+    if ./hxtool verify cert:FILE:$nistdir/certs/$cert $args > /dev/null ; then
 	if test "$verify" = "f"; then
 	    echo "validate passed on fail: $cert"
 	    exit 1