oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Add language to support querying certificates to find a match. Support constructs like "1.3.6.1.5.2.3.5" IN %{certificate.eku} AND %{certificate.subject} TAILMATCH "C=SE"".

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22677 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2008-03-13 17:35:49 +00:00
parent 08cb59513f
commit 7776ed30a9
16 changed files with 1006 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
lib/hx509/test_query.in
View File

@@ -1,6 +1,6 @@
#!/bin/sh
#
# Copyright (c) 2005 - 2007 Kungliga Tekniska H<>gskolan
# Copyright (c) 2005 - 2008 Kungliga Tekniska H<>gskolan
# (Royal Institute of Technology, Stockholm, Sweden).
# All rights reserved.
#
@@ -51,7 +51,7 @@ echo "try printing"
${hxtool} print \
--pass=PASS:foobar \
--info --content \
FILE:$srcdir/data/kdc.crt || exit 1
FILE:$srcdir/data/kdc.crt >/dev/null 2>/dev/null || exit 1
${hxtool} print \
--pass=PASS:foobar \
@@ -159,5 +159,39 @@ ${hxtool} query \
--keyEncipherment \
FILE:$srcdir/data/test-ke-only.crt >/dev/null 2>/dev/null && exit 1
exit 0
echo "make sure entry is found (eku) in query language"
${hxtool} query \
--expr='"1.3.6.1.5.2.3.5" IN %{certificate.eku}' \
FILE:$srcdir/data/kdc.crt > /dev/null || exit 1
echo "make sure entry is not found (eku) in query language"
${hxtool} query \
--expr='"1.3.6.1.5.2.3.6" IN %{certificate.eku}' \
FILE:$srcdir/data/kdc.crt > /dev/null && exit 1
echo "make sure entry is found (subject) in query language"
${hxtool} query \
--expr='%{certificate.subject} == "CN=kdc,C=SE"' \
FILE:$srcdir/data/kdc.crt > /dev/null || exit 1
echo "make sure entry is found using TAILMATCH (subject) in query language"
${hxtool} query \
--expr='%{certificate.subject} TAILMATCH "C=SE"' \
FILE:$srcdir/data/kdc.crt > /dev/null || exit 1
echo "make sure entry is not found using TAILMATCH (subject) in query language"
${hxtool} query \
--expr='%{certificate.subject} TAILMATCH "C=FI"' \
FILE:$srcdir/data/kdc.crt > /dev/null && exit 1
echo "make sure entry is found (issuer) in query language"
${hxtool} query \
--expr='%{certificate.issuer} == "C=SE,CN=hx509 Test Root CA"' \
FILE:$srcdir/data/kdc.crt > /dev/null || exit 1
echo "make sure entry match with EKU and TAILMATCH in query language"
${hxtool} query \
--expr='"1.3.6.1.5.2.3.5" IN %{certificate.eku} AND %{certificate.subject} TAILMATCH "C=SE"' \
FILE:$srcdir/data/kdc.crt > /dev/null || exit 1
exit 0