The Tor Browser / annotate

security/nss/tests/smime/smime.sh@6474c204b198 (annotated)

security/nss/tests/smime/smime.sh

Wed, 31 Dec 2014 06:09:35 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Wed, 31 Dec 2014 06:09:35 +0100
changeset 0
6474c204b198
permissions
-rwxr-xr-x

Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.

michael@0 1 #! /bin/sh
michael@0 2 #
michael@0 3 # This Source Code Form is subject to the terms of the Mozilla Public
michael@0 4 # License, v. 2.0. If a copy of the MPL was not distributed with this
michael@0 5 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
michael@0 6
michael@0 7 ########################################################################
michael@0 8 #
michael@0 9 # mozilla/security/nss/tests/smime/smime.sh
michael@0 10 #
michael@0 11 # Script to test NSS smime
michael@0 12 #
michael@0 13 # needs to work on all Unix and Windows platforms
michael@0 14 #
michael@0 15 # special strings
michael@0 16 # ---------------
michael@0 17 # FIXME ... known problems, search for this string
michael@0 18 # NOTE .... unexpected behavior
michael@0 19 #
michael@0 20 ########################################################################
michael@0 21
michael@0 22 ############################## smime_init ##############################
michael@0 23 # local shell function to initialize this script
michael@0 24 ########################################################################
michael@0 25 smime_init()
michael@0 26 {
michael@0 27 SCRIPTNAME=smime.sh # sourced - $0 would point to all.sh
michael@0 28
michael@0 29 if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for
michael@0 30 CLEANUP="${SCRIPTNAME}" # cleaning this script will do it
michael@0 31 fi
michael@0 32
michael@0 33 if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
michael@0 34 cd ../common
michael@0 35 . ./init.sh
michael@0 36 fi
michael@0 37 if [ ! -r $CERT_LOG_FILE ]; then # we need certificates here
michael@0 38 cd ../cert
michael@0 39 . ./cert.sh
michael@0 40 fi
michael@0 41 SCRIPTNAME=smime.sh
michael@0 42
michael@0 43 if [ -z "$NSS_DISABLE_ECC" ] ; then
michael@0 44 html_head "S/MIME Tests with ECC"
michael@0 45 else
michael@0 46 html_head "S/MIME Tests"
michael@0 47 fi
michael@0 48
michael@0 49 grep "SUCCESS: SMIME passed" $CERT_LOG_FILE >/dev/null || {
michael@0 50 Exit 11 "Fatal - S/MIME of cert.sh needs to pass first"
michael@0 51 }
michael@0 52
michael@0 53 SMIMEDIR=${HOSTDIR}/smime
michael@0 54 R_SMIMEDIR=../smime
michael@0 55 mkdir -p ${SMIMEDIR}
michael@0 56 cd ${SMIMEDIR}
michael@0 57 cp ${QADIR}/smime/alice.txt ${SMIMEDIR}
michael@0 58 }
michael@0 59
michael@0 60 smime_sign()
michael@0 61 {
michael@0 62 HASH_CMD="-H ${HASH}"
michael@0 63 SIG=sig.${HASH}
michael@0 64
michael@0 65 echo "$SCRIPTNAME: Signing Detached Message {$HASH} ------------------"
michael@0 66 echo "cmsutil -S -T -N Alice ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.d${SIG}"
michael@0 67 ${PROFTOOL} ${BINDIR}/cmsutil -S -T -N Alice ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.d${SIG}
michael@0 68 html_msg $? 0 "Create Detached Signature Alice (${HASH})" "."
michael@0 69
michael@0 70 echo "cmsutil -D -i alice.d${SIG} -c alice.txt -d ${P_R_BOBDIR} "
michael@0 71 ${PROFTOOL} ${BINDIR}/cmsutil -D -i alice.d${SIG} -c alice.txt -d ${P_R_BOBDIR}
michael@0 72 html_msg $? 0 "Verifying Alice's Detached Signature (${HASH})" "."
michael@0 73
michael@0 74 echo "$SCRIPTNAME: Signing Attached Message (${HASH}) ------------------"
michael@0 75 echo "cmsutil -S -N Alice ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.${SIG}"
michael@0 76 ${PROFTOOL} ${BINDIR}/cmsutil -S -N Alice ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.${SIG}
michael@0 77 html_msg $? 0 "Create Attached Signature Alice (${HASH})" "."
michael@0 78
michael@0 79 echo "cmsutil -D -i alice.${SIG} -d ${P_R_BOBDIR} -o alice.data.${HASH}"
michael@0 80 ${PROFTOOL} ${BINDIR}/cmsutil -D -i alice.${SIG} -d ${P_R_BOBDIR} -o alice.data.${HASH}
michael@0 81 html_msg $? 0 "Decode Alice's Attached Signature (${HASH})" "."
michael@0 82
michael@0 83 echo "diff alice.txt alice.data.${HASH}"
michael@0 84 diff alice.txt alice.data.${HASH}
michael@0 85 html_msg $? 0 "Compare Attached Signed Data and Original (${HASH})" "."
michael@0 86
michael@0 87 # Test ECDSA signing for all hash algorithms.
michael@0 88 if [ -z "$NSS_DISABLE_ECC" ] ; then
michael@0 89 echo "$SCRIPTNAME: Signing Detached Message ECDSA w/ {$HASH} ------------------"
michael@0 90 echo "cmsutil -S -T -N Alice-ec ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice-ec.d${SIG}"
michael@0 91 ${PROFTOOL} ${BINDIR}/cmsutil -S -T -N Alice-ec ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice-ec.d${SIG}
michael@0 92 html_msg $? 0 "Create Detached Signature Alice (ECDSA w/ ${HASH})" "."
michael@0 93
michael@0 94 echo "cmsutil -D -i alice-ec.d${SIG} -c alice.txt -d ${P_R_BOBDIR} "
michael@0 95 ${PROFTOOL} ${BINDIR}/cmsutil -D -i alice-ec.d${SIG} -c alice.txt -d ${P_R_BOBDIR}
michael@0 96 html_msg $? 0 "Verifying Alice's Detached Signature (ECDSA w/ ${HASH})" "."
michael@0 97
michael@0 98 echo "$SCRIPTNAME: Signing Attached Message (ECDSA w/ ${HASH}) ------------------"
michael@0 99 echo "cmsutil -S -N Alice-ec ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice-ec.${SIG}"
michael@0 100 ${PROFTOOL} ${BINDIR}/cmsutil -S -N Alice-ec ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice-ec.${SIG}
michael@0 101 html_msg $? 0 "Create Attached Signature Alice (ECDSA w/ ${HASH})" "."
michael@0 102
michael@0 103 echo "cmsutil -D -i alice-ec.${SIG} -d ${P_R_BOBDIR} -o alice-ec.data.${HASH}"
michael@0 104 ${PROFTOOL} ${BINDIR}/cmsutil -D -i alice-ec.${SIG} -d ${P_R_BOBDIR} -o alice-ec.data.${HASH}
michael@0 105 html_msg $? 0 "Decode Alice's Attached Signature (ECDSA w/ ${HASH})" "."
michael@0 106
michael@0 107 echo "diff alice.txt alice-ec.data.${HASH}"
michael@0 108 diff alice.txt alice-ec.data.${HASH}
michael@0 109 html_msg $? 0 "Compare Attached Signed Data and Original (ECDSA w/ ${HASH})" "."
michael@0 110 fi
michael@0 111
michael@0 112 }
michael@0 113
michael@0 114
michael@0 115
michael@0 116 smime_p7()
michael@0 117 {
michael@0 118 echo "$SCRIPTNAME: p7 util Data Tests ------------------------------"
michael@0 119 echo "p7env -d ${P_R_ALICEDIR} -r Alice -i alice.txt -o alice_p7.env"
michael@0 120 ${PROFTOOL} ${BINDIR}/p7env -d ${P_R_ALICEDIR} -r Alice -i alice.txt -o alice.env
michael@0 121 html_msg $? 0 "Creating envelope for user Alice" "."
michael@0 122
michael@0 123 echo "p7content -d ${P_R_ALICEDIR} -i alice.env -o alice_p7.data"
michael@0 124 ${PROFTOOL} ${BINDIR}/p7content -d ${P_R_ALICEDIR} -i alice.env -o alice_p7.data -p nss
michael@0 125 html_msg $? 0 "Verifying file delivered to user Alice" "."
michael@0 126
michael@0 127 sed -e '3,8p' -n alice_p7.data > alice_p7.data.sed
michael@0 128
michael@0 129 echo "diff alice.txt alice_p7.data.sed"
michael@0 130 diff alice.txt alice_p7.data.sed
michael@0 131 html_msg $? 0 "Compare Decoded Enveloped Data and Original" "."
michael@0 132
michael@0 133 echo "p7sign -d ${P_R_ALICEDIR} -k Alice -i alice.txt -o alice.sig -p nss -e"
michael@0 134 ${PROFTOOL} ${BINDIR}/p7sign -d ${P_R_ALICEDIR} -k Alice -i alice.txt -o alice.sig -p nss -e
michael@0 135 html_msg $? 0 "Signing file for user Alice" "."
michael@0 136
michael@0 137 echo "p7verify -d ${P_R_ALICEDIR} -c alice.txt -s alice.sig"
michael@0 138 ${PROFTOOL} ${BINDIR}/p7verify -d ${P_R_ALICEDIR} -c alice.txt -s alice.sig
michael@0 139 html_msg $? 0 "Verifying file delivered to user Alice" "."
michael@0 140 }
michael@0 141
michael@0 142 ############################## smime_main ##############################
michael@0 143 # local shell function to test basic signed and enveloped messages
michael@0 144 # from 1 --> 2"
michael@0 145 ########################################################################
michael@0 146 smime_main()
michael@0 147 {
michael@0 148
michael@0 149 HASH=SHA1
michael@0 150 smime_sign
michael@0 151 HASH=SHA256
michael@0 152 smime_sign
michael@0 153 HASH=SHA384
michael@0 154 smime_sign
michael@0 155 HASH=SHA512
michael@0 156 smime_sign
michael@0 157
michael@0 158 echo "$SCRIPTNAME: Enveloped Data Tests ------------------------------"
michael@0 159 echo "cmsutil -E -r bob@bogus.com -i alice.txt -d ${P_R_ALICEDIR} -p nss \\"
michael@0 160 echo " -o alice.env"
michael@0 161 ${PROFTOOL} ${BINDIR}/cmsutil -E -r bob@bogus.com -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.env
michael@0 162 html_msg $? 0 "Create Enveloped Data Alice" "."
michael@0 163
michael@0 164 echo "cmsutil -D -i alice.env -d ${P_R_BOBDIR} -p nss -o alice.data1"
michael@0 165 ${PROFTOOL} ${BINDIR}/cmsutil -D -i alice.env -d ${P_R_BOBDIR} -p nss -o alice.data1
michael@0 166 html_msg $? 0 "Decode Enveloped Data Alice" "."
michael@0 167
michael@0 168 echo "diff alice.txt alice.data1"
michael@0 169 diff alice.txt alice.data1
michael@0 170 html_msg $? 0 "Compare Decoded Enveloped Data and Original" "."
michael@0 171
michael@0 172 # multiple recip
michael@0 173 echo "$SCRIPTNAME: Testing multiple recipients ------------------------------"
michael@0 174 echo "cmsutil -E -i alice.txt -d ${P_R_ALICEDIR} -o alicecc.env \\"
michael@0 175 echo " -r bob@bogus.com,dave@bogus.com"
michael@0 176 ${PROFTOOL} ${BINDIR}/cmsutil -E -i alice.txt -d ${P_R_ALICEDIR} -o alicecc.env \
michael@0 177 -r bob@bogus.com,dave@bogus.com
michael@0 178 ret=$?
michael@0 179 html_msg $ret 0 "Create Multiple Recipients Enveloped Data Alice" "."
michael@0 180 if [ $ret != 0 ] ; then
michael@0 181 echo "certutil -L -d ${P_R_ALICEDIR}"
michael@0 182 ${BINDIR}/certutil -L -d ${P_R_ALICEDIR}
michael@0 183 echo "certutil -L -d ${P_R_ALICEDIR} -n dave@bogus.com"
michael@0 184 ${BINDIR}/certutil -L -d ${P_R_ALICEDIR} -n dave@bogus.com
michael@0 185 fi
michael@0 186
michael@0 187 echo "$SCRIPTNAME: Testing multiple email addrs ------------------------------"
michael@0 188 echo "cmsutil -E -i alice.txt -d ${P_R_ALICEDIR} -o aliceve.env \\"
michael@0 189 echo " -r eve@bogus.net"
michael@0 190 ${PROFTOOL} ${BINDIR}/cmsutil -E -i alice.txt -d ${P_R_ALICEDIR} -o aliceve.env \
michael@0 191 -r eve@bogus.net
michael@0 192 ret=$?
michael@0 193 html_msg $ret 0 "Encrypt to a Multiple Email cert" "."
michael@0 194
michael@0 195 echo "cmsutil -D -i alicecc.env -d ${P_R_BOBDIR} -p nss -o alice.data2"
michael@0 196 ${PROFTOOL} ${BINDIR}/cmsutil -D -i alicecc.env -d ${P_R_BOBDIR} -p nss -o alice.data2
michael@0 197 html_msg $? 0 "Decode Multiple Recipients Enveloped Data Alice by Bob" "."
michael@0 198
michael@0 199 echo "cmsutil -D -i alicecc.env -d ${P_R_DAVEDIR} -p nss -o alice.data3"
michael@0 200 ${PROFTOOL} ${BINDIR}/cmsutil -D -i alicecc.env -d ${P_R_DAVEDIR} -p nss -o alice.data3
michael@0 201 html_msg $? 0 "Decode Multiple Recipients Enveloped Data Alice by Dave" "."
michael@0 202
michael@0 203 echo "cmsutil -D -i aliceve.env -d ${P_R_EVEDIR} -p nss -o alice.data4"
michael@0 204 ${PROFTOOL} ${BINDIR}/cmsutil -D -i aliceve.env -d ${P_R_EVEDIR} -p nss -o alice.data4
michael@0 205 html_msg $? 0 "Decrypt with a Multiple Email cert" "."
michael@0 206
michael@0 207 diff alice.txt alice.data2
michael@0 208 html_msg $? 0 "Compare Decoded Mult. Recipients Enveloped Data Alice/Bob" "."
michael@0 209
michael@0 210 diff alice.txt alice.data3
michael@0 211 html_msg $? 0 "Compare Decoded Mult. Recipients Enveloped Data Alice/Dave" "."
michael@0 212
michael@0 213 diff alice.txt alice.data4
michael@0 214 html_msg $? 0 "Compare Decoded with Multiple Email cert" "."
michael@0 215
michael@0 216 echo "$SCRIPTNAME: Sending CERTS-ONLY Message ------------------------------"
michael@0 217 echo "cmsutil -O -r \"Alice,bob@bogus.com,dave@bogus.com\" \\"
michael@0 218 echo " -d ${P_R_ALICEDIR} > co.der"
michael@0 219 ${PROFTOOL} ${BINDIR}/cmsutil -O -r "Alice,bob@bogus.com,dave@bogus.com" -d ${P_R_ALICEDIR} > co.der
michael@0 220 html_msg $? 0 "Create Certs-Only Alice" "."
michael@0 221
michael@0 222 echo "cmsutil -D -i co.der -d ${P_R_BOBDIR}"
michael@0 223 ${PROFTOOL} ${BINDIR}/cmsutil -D -i co.der -d ${P_R_BOBDIR}
michael@0 224 html_msg $? 0 "Verify Certs-Only by CA" "."
michael@0 225
michael@0 226 echo "$SCRIPTNAME: Encrypted-Data Message ---------------------------------"
michael@0 227 echo "cmsutil -C -i alice.txt -e alicehello.env -d ${P_R_ALICEDIR} \\"
michael@0 228 echo " -r \"bob@bogus.com\" > alice.enc"
michael@0 229 ${PROFTOOL} ${BINDIR}/cmsutil -C -i alice.txt -e alicehello.env -d ${P_R_ALICEDIR} \
michael@0 230 -r "bob@bogus.com" > alice.enc
michael@0 231 html_msg $? 0 "Create Encrypted-Data" "."
michael@0 232
michael@0 233 echo "cmsutil -D -i alice.enc -d ${P_R_BOBDIR} -e alicehello.env -p nss \\"
michael@0 234 echo " -o alice.data2"
michael@0 235 ${PROFTOOL} ${BINDIR}/cmsutil -D -i alice.enc -d ${P_R_BOBDIR} -e alicehello.env -p nss -o alice.data2
michael@0 236 html_msg $? 0 "Decode Encrypted-Data" "."
michael@0 237
michael@0 238 diff alice.txt alice.data2
michael@0 239 html_msg $? 0 "Compare Decoded and Original Data" "."
michael@0 240 }
michael@0 241
michael@0 242 ############################## smime_cleanup ###########################
michael@0 243 # local shell function to finish this script (no exit since it might be
michael@0 244 # sourced)
michael@0 245 ########################################################################
michael@0 246 smime_cleanup()
michael@0 247 {
michael@0 248 html "</TABLE><BR>"
michael@0 249 cd ${QADIR}
michael@0 250 . common/cleanup.sh
michael@0 251 }
michael@0 252
michael@0 253 ################## main #################################################
michael@0 254
michael@0 255 smime_init
michael@0 256 smime_main
michael@0 257 smime_p7
michael@0 258 smime_cleanup
michael@0 259

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial