The Tor Browser / annotate

security/nss/tests/tools/tools.sh@b8a032363ba2 (annotated)

security/nss/tests/tools/tools.sh

Thu, 22 Jan 2015 13:21:57 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Thu, 22 Jan 2015 13:21:57 +0100
branch
TOR_BUG_9701
changeset 15
b8a032363ba2
permissions
-rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

michael@0 1 #! /bin/bash
michael@0 2 #
michael@0 3 # This Source Code Form is subject to the terms of the Mozilla Public
michael@0 4 # License, v. 2.0. If a copy of the MPL was not distributed with this
michael@0 5 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
michael@0 6
michael@0 7 ########################################################################
michael@0 8 #
michael@0 9 # mozilla/security/nss/tests/tools/tools.sh
michael@0 10 #
michael@0 11 # Script to test basic functionality of NSS tools
michael@0 12 #
michael@0 13 # needs to work on all Unix and Windows platforms
michael@0 14 #
michael@0 15 # tests implemented:
michael@0 16 # pk12util
michael@0 17 # signtool
michael@0 18 #
michael@0 19 # special strings
michael@0 20 # ---------------
michael@0 21 # FIXME ... known problems, search for this string
michael@0 22 # NOTE .... unexpected behavior
michael@0 23 ########################################################################
michael@0 24
michael@0 25 export pkcs12v2pbeWithSha1And128BitRc4=\
michael@0 26 "PKCS #12 V2 PBE With SHA-1 and 128 Bit RC4"
michael@0 27
michael@0 28 export pkcs12v2pbeWithSha1And40BitRc4=\
michael@0 29 "PKCS #12 V2 PBE With SHA-1 and 40 Bit RC4"
michael@0 30
michael@0 31 export pkcs12v2pbeWithSha1AndTripleDESCBC=\
michael@0 32 "PKCS #12 V2 PBE With SHA-1 and Triple DES-CBC"
michael@0 33
michael@0 34 export pkcs12v2pbeWithSha1And128BitRc2Cbc=\
michael@0 35 "PKCS #12 V2 PBE With SHA-1 and 128 Bit RC2 CBC"
michael@0 36
michael@0 37 export pkcs12v2pbeWithSha1And40BitRc2Cbc=\
michael@0 38 "PKCS #12 V2 PBE With SHA-1 and 40 Bit RC2 CBC"
michael@0 39
michael@0 40 export pkcs12v2pbeWithMd2AndDESCBC=\
michael@0 41 "PKCS #5 Password Based Encryption with MD2 and DES-CBC"
michael@0 42
michael@0 43 export pkcs12v2pbeWithMd5AndDESCBC=\
michael@0 44 "PKCS #5 Password Based Encryption with MD5 and DES-CBC"
michael@0 45
michael@0 46 export pkcs12v2pbeWithSha1AndDESCBC=\
michael@0 47 "PKCS #5 Password Based Encryption with SHA-1 and DES-CBC"
michael@0 48
michael@0 49 export pkcs5pbeWithMD2AndDEScbc=\
michael@0 50 "PKCS #5 Password Based Encryption with MD2 and DES-CBC"
michael@0 51
michael@0 52 export pkcs5pbeWithMD5AndDEScbc=\
michael@0 53 "PKCS #5 Password Based Encryption with MD5 and DES-CBC"
michael@0 54
michael@0 55 export pkcs5pbeWithSha1AndDEScbc=\
michael@0 56 "PKCS #5 Password Based Encryption with SHA-1 and DES-CBC"
michael@0 57
michael@0 58 ############################## tools_init ##############################
michael@0 59 # local shell function to initialize this script
michael@0 60 ########################################################################
michael@0 61 tools_init()
michael@0 62 {
michael@0 63 SCRIPTNAME=tools.sh # sourced - $0 would point to all.sh
michael@0 64
michael@0 65 if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for
michael@0 66 CLEANUP="${SCRIPTNAME}" # cleaning this script will do it
michael@0 67 fi
michael@0 68
michael@0 69 if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
michael@0 70 cd ../common
michael@0 71 . ./init.sh
michael@0 72 fi
michael@0 73 if [ ! -r $CERT_LOG_FILE ]; then # we need certificates here
michael@0 74 cd ../cert
michael@0 75 . ./cert.sh
michael@0 76 fi
michael@0 77 SCRIPTNAME=tools.sh
michael@0 78
michael@0 79 if [ -z "$NSS_DISABLE_ECC" ] ; then
michael@0 80 html_head "Tools Tests with ECC"
michael@0 81 else
michael@0 82 html_head "Tools Tests"
michael@0 83 fi
michael@0 84
michael@0 85 grep "SUCCESS: SMIME passed" $CERT_LOG_FILE >/dev/null || {
michael@0 86 Exit 15 "Fatal - S/MIME of cert.sh needs to pass first"
michael@0 87 }
michael@0 88
michael@0 89 TOOLSDIR=${HOSTDIR}/tools
michael@0 90 COPYDIR=${TOOLSDIR}/copydir
michael@0 91 SIGNDIR=${TOOLSDIR}/signdir
michael@0 92
michael@0 93 R_TOOLSDIR=../tools
michael@0 94 R_COPYDIR=../tools/copydir
michael@0 95 R_SIGNDIR=../tools/signdir
michael@0 96 P_R_COPYDIR=${R_COPYDIR}
michael@0 97 P_R_SIGNDIR=${R_SIGNDIR}
michael@0 98 if [ -n "${MULTIACCESS_DBM}" ]; then
michael@0 99 P_R_COPYDIR="multiaccess:Tools.$version"
michael@0 100 P_R_SIGNDIR="multiaccess:Tools.sign.$version"
michael@0 101 fi
michael@0 102
michael@0 103 mkdir -p ${TOOLSDIR}
michael@0 104 mkdir -p ${COPYDIR}
michael@0 105 mkdir -p ${SIGNDIR}
michael@0 106 cp ${ALICEDIR}/* ${SIGNDIR}/
michael@0 107 mkdir -p ${TOOLSDIR}/html
michael@0 108 cp ${QADIR}/tools/sign*.html ${TOOLSDIR}/html
michael@0 109
michael@0 110 cd ${TOOLSDIR}
michael@0 111 }
michael@0 112
michael@0 113 ########################## list_p12_file ###############################
michael@0 114 # List the key and cert in the specified p12 file
michael@0 115 ########################################################################
michael@0 116 list_p12_file()
michael@0 117 {
michael@0 118 echo "$SCRIPTNAME: Listing Alice's pk12 file"
michael@0 119 echo "pk12util -l ${1} -w ${R_PWFILE}"
michael@0 120
michael@0 121 ${BINDIR}/pk12util -l ${1} -w ${R_PWFILE} 2>&1
michael@0 122 ret=$?
michael@0 123 html_msg $ret 0 "Listing ${1} (pk12util -l)"
michael@0 124 check_tmpfile
michael@0 125 }
michael@0 126
michael@0 127 ########################################################################
michael@0 128 # Import the key and cert from the specified p12 file
michael@0 129 ########################################################################
michael@0 130 import_p12_file()
michael@0 131 {
michael@0 132 echo "$SCRIPTNAME: Importing Alice's pk12 ${1} file"
michael@0 133 echo "pk12util -i ${1} -d ${P_R_COPYDIR} -k ${R_PWFILE} -w ${R_PWFILE}"
michael@0 134
michael@0 135 ${BINDIR}/pk12util -i ${1} -d ${P_R_COPYDIR} -k ${R_PWFILE} -w ${R_PWFILE} 2>&1
michael@0 136 ret=$?
michael@0 137 html_msg $ret 0 "Importing ${1} (pk12util -i)"
michael@0 138 check_tmpfile
michael@0 139 }
michael@0 140
michael@0 141 ########################################################################
michael@0 142 # Export the key and cert to a p12 file using default ciphers
michael@0 143 ########################################################################
michael@0 144 export_with_default_ciphers()
michael@0 145 {
michael@0 146 echo "$SCRIPTNAME: Exporting Alice's key & cert with [default:default] (pk12util -o)"
michael@0 147 echo "pk12util -o Alice.p12 -n \"Alice\" -d ${P_R_ALICEDIR} \\"
michael@0 148 echo " -k ${R_PWFILE} -w ${R_PWFILE}"
michael@0 149 ${BINDIR}/pk12util -o Alice.p12 -n "Alice" -d ${P_R_ALICEDIR} \
michael@0 150 -k ${R_PWFILE} -w ${R_PWFILE} 2>&1
michael@0 151 ret=$?
michael@0 152 html_msg $ret 0 "Exporting Alices's key & cert with [default:default] (pk12util -o)"
michael@0 153 check_tmpfile
michael@0 154 return $ret
michael@0 155 }
michael@0 156
michael@0 157 ########################################################################
michael@0 158 # Exports key/cert to a p12 file, the key encryption cipher is specified
michael@0 159 # and the cert encryption cipher is blank for default.
michael@0 160 ########################################################################
michael@0 161 export_with_key_cipher()
michael@0 162 {
michael@0 163 # $1 key encryption cipher
michael@0 164 echo "$SCRIPTNAME: Exporting with [${1}:default]"
michael@0 165 echo "pk12util -o Alice.p12 -n \"Alice\" -d ${P_R_ALICEDIR} \\"
michael@0 166 echo " -k ${R_PWFILE} -w ${R_PWFILE} -c ${1}"
michael@0 167 ${BINDIR}/pk12util -o Alice.p12 -n "Alice" -d ${P_R_ALICEDIR} \
michael@0 168 -k ${R_PWFILE} -w ${R_PWFILE} -c "${1}" 2>&1
michael@0 169 ret=$?
michael@0 170 html_msg $ret 0 "Exporting with [${1}:default] (pk12util -o)"
michael@0 171 check_tmpfile
michael@0 172 return $ret
michael@0 173 }
michael@0 174
michael@0 175 ########################################################################
michael@0 176 # Exports key/cert to a p12 file, the key encryption cipher is left
michael@0 177 # empty for default and the cert encryption cipher is specified.
michael@0 178 ########################################################################
michael@0 179 export_with_cert_cipher()
michael@0 180 {
michael@0 181 # $1 certificate encryption cipher
michael@0 182 echo "$SCRIPTNAME: Exporting with [default:${1}]"
michael@0 183 echo "pk12util -o Alice.p12 -n \"Alice\" -d ${P_R_ALICEDIR} \\"
michael@0 184 echo " -k ${R_PWFILE} -w ${R_PWFILE} -C ${1}"
michael@0 185 ${BINDIR}/pk12util -o Alice.p12 -n "Alice" -d ${P_R_ALICEDIR} \
michael@0 186 -k ${R_PWFILE} -w ${R_PWFILE} -C "${1}" 2>&1
michael@0 187 ret=$?
michael@0 188 html_msg $ret 0 "Exporting with [default:${1}] (pk12util -o)"
michael@0 189 check_tmpfile
michael@0 190 return $ret
michael@0 191 }
michael@0 192
michael@0 193 ########################################################################
michael@0 194 # Exports key/cert to a p12 file, both the key encryption cipher and
michael@0 195 # the cert encryption cipher are specified.
michael@0 196 ########################################################################
michael@0 197 export_with_both_key_and_cert_cipher()
michael@0 198 {
michael@0 199 # $1 key encryption cipher or ""
michael@0 200 # $2 certificate encryption cipher or ""
michael@0 201
michael@0 202 echo "pk12util -o Alice.p12 -n \"Alice\" -d ${P_R_ALICEDIR} \\"
michael@0 203 echo " -k ${R_PWFILE} -w ${R_PWFILE} -c ${1} -C ${2}"
michael@0 204 ${BINDIR}/pk12util -o Alice.p12 -n Alice -d ${P_R_ALICEDIR} \
michael@0 205 -k ${R_PWFILE} -w ${R_PWFILE} \
michael@0 206 -c "${1}" -C "${2}" 2>&1
michael@0 207 ret=$?
michael@0 208 html_msg $ret 0 "Exporting with [${1}:${2}] (pk12util -o)"
michael@0 209 check_tmpfile
michael@0 210 return $ret
michael@0 211 }
michael@0 212
michael@0 213 ########################################################################
michael@0 214 # Exports key and cert to a p12 file, both the key encryption cipher
michael@0 215 # and the cert encryption cipher are specified. The key and cert are
michael@0 216 # imported and the p12 file is listed
michael@0 217 ########################################################################
michael@0 218 export_list_import()
michael@0 219 {
michael@0 220 # $1 key encryption cipher
michael@0 221 # $2 certificate encryption cipher
michael@0 222
michael@0 223 if [ "${1}" != "DEFAULT" -a "${2}" != "DEFAULT" ]; then
michael@0 224 export_with_both_key_and_cert_cipher "${1}" "${2}"
michael@0 225 elif [ "${1}" != "DEFAULT" -a "${2}" = "DEFAULT" ]; then
michael@0 226 export_with_key_cipher "${1}"
michael@0 227 elif [ "${1}" = "DEFAULT" -a "${2}" != "DEFAULT" ]; then
michael@0 228 export_with_cert_cipher "${2}"
michael@0 229 else
michael@0 230 export_with_default_ciphers
michael@0 231 fi
michael@0 232
michael@0 233 list_p12_file Alice.p12
michael@0 234 import_p12_file Alice.p12
michael@0 235 }
michael@0 236
michael@0 237 ########################################################################
michael@0 238 # Export using the pkcs5pbe ciphers for key and certificate encryption.
michael@0 239 # List the contents of and import from the p12 file.
michael@0 240 ########################################################################
michael@0 241 tools_p12_export_list_import_all_pkcs5pbe_ciphers()
michael@0 242 {
michael@0 243 # specify each on key and cert cipher
michael@0 244 for key_cipher in "${pkcs5pbeWithMD2AndDEScbc}" \
michael@0 245 "${pkcs5pbeWithMD5AndDEScbc}" \
michael@0 246 "${pkcs5pbeWithSha1AndDEScbc}"\
michael@0 247 "DEFAULT"; do
michael@0 248 for cert_cipher in "${pkcs5pbeWithMD2AndDEScbc}" \
michael@0 249 "${pkcs5pbeWithMD5AndDEScbc}" \
michael@0 250 "${pkcs5pbeWithSha1AndDEScbc}" \
michael@0 251 "DEFAULT"\
michael@0 252 "null"; do
michael@0 253 export_list_import "${key_cipher}" "${cert_cipher}"
michael@0 254 done
michael@0 255 done
michael@0 256 }
michael@0 257
michael@0 258 ########################################################################
michael@0 259 # Export using the pkcs5v2 ciphers for key and certificate encryption.
michael@0 260 # List the contents of and import from the p12 file.
michael@0 261 ########################################################################
michael@0 262 tools_p12_export_list_import_all_pkcs5v2_ciphers()
michael@0 263 {
michael@0 264 # These should pass
michael@0 265 for key_cipher in\
michael@0 266 RC2-CBC \
michael@0 267 DES-EDE3-CBC \
michael@0 268 AES-128-CBC \
michael@0 269 AES-192-CBC \
michael@0 270 AES-256-CBC \
michael@0 271 CAMELLIA-128-CBC \
michael@0 272 CAMELLIA-192-CBC \
michael@0 273 CAMELLIA-256-CBC; do
michael@0 274
michael@0 275 #---------------------------------------------------------------
michael@0 276 # Bug 452464 - pk12util -o fails when -C option specifies AES or
michael@0 277 # Camellia ciphers
michael@0 278 # FIXME Restore these to the list
michael@0 279 # AES-128-CBC, \
michael@0 280 # AES-192-CBC, \
michael@0 281 # AES-256-CBC, \
michael@0 282 # CAMELLIA-128-CBC, \
michael@0 283 # CAMELLIA-192-CBC, \
michael@0 284 # CAMELLIA-256-CBC, \
michael@0 285 # when 452464 is fixed
michael@0 286 #---------------------------------------------------------------
michael@0 287 for cert_cipher in \
michael@0 288 RC2-CBC \
michael@0 289 DES-EDE3-CBC \
michael@0 290 null; do
michael@0 291 export_list_import ${key_cipher} ${cert_cipher}
michael@0 292 done
michael@0 293 done
michael@0 294 }
michael@0 295
michael@0 296 ########################################################################
michael@0 297 # Export using the pkcs12v2pbe ciphers for key and certificate encryption.
michael@0 298 # List the contents of and import from the p12 file.
michael@0 299 ########################################################################
michael@0 300 tools_p12_export_list_import_all_pkcs12v2pbe_ciphers()
michael@0 301 {
michael@0 302 #---------------------------------------------------------------
michael@0 303 # Bug 452471 - pk12util -o fails when -c option specifies pkcs12v2 PBE ciphers
michael@0 304 # FIXME - Restore these to the list
michael@0 305 # "${pkcs12v2pbeWithSha1And128BitRc4}" \
michael@0 306 # "${pkcs12v2pbeWithSha1And40BitRc4}" \
michael@0 307 # "${pkcs12v2pbeWithSha1AndTripleDESCBC}" \
michael@0 308 # "${pkcs12v2pbeWithSha1And128BitRc2Cbc}" \
michael@0 309 # "${pkcs12v2pbeWithSha1And40BitRc2Cbc}" \
michael@0 310 # "${pkcs12v2pbeWithMd2AndDESCBC}" \
michael@0 311 # "${pkcs12v2pbeWithMd5AndDESCBC}" \
michael@0 312 # "${pkcs12v2pbeWithSha1AndDESCBC}" \
michael@0 313 # "DEFAULT"; do
michael@0 314 # when 452471 is fixed
michael@0 315 #---------------------------------------------------------------
michael@0 316 # for key_cipher in \
michael@0 317 key_cipher="DEFAULT"
michael@0 318 for cert_cipher in "${pkcs12v2pbeWithSha1And128BitRc4}" \
michael@0 319 "${pkcs12v2pbeWithSha1And40BitRc4}" \
michael@0 320 "${pkcs12v2pbeWithSha1AndTripleDESCBC}" \
michael@0 321 "${pkcs12v2pbeWithSha1And128BitRc2Cbc}" \
michael@0 322 "${pkcs12v2pbeWithSha1And40BitRc2Cbc}" \
michael@0 323 "${pkcs12v2pbeWithMd2AndDESCBC}" \
michael@0 324 "${pkcs12v2pbeWithMd5AndDESCBC}" \
michael@0 325 "${pkcs12v2pbeWithSha1AndDESCBC}" \
michael@0 326 "DEFAULT"\
michael@0 327 "null"; do
michael@0 328 export_list_import "${key_cipher}" "${key_cipher}"
michael@0 329 done
michael@0 330 #done
michael@0 331 }
michael@0 332
michael@0 333 #########################################################################
michael@0 334 # Export with no encryption on key should fail but on cert should pass
michael@0 335 #########################################################################
michael@0 336 tools_p12_export_with_null_ciphers()
michael@0 337 {
michael@0 338 # use null as the key encryption algorithm default for the cert one
michael@0 339 # should fail
michael@0 340
michael@0 341 echo "pk12util -o Alice.p12 -n \"Alice\" -d ${P_R_ALICEDIR} \\"
michael@0 342 echo " -k ${R_PWFILE} -w ${R_PWFILE} -c null"
michael@0 343 ${BINDIR}/pk12util -o Alice.p12 -n Alice -d ${P_R_ALICEDIR} \
michael@0 344 -k ${R_PWFILE} -w ${R_PWFILE} \
michael@0 345 -c null 2>&1
michael@0 346 ret=$?
michael@0 347 html_msg $ret 30 "Exporting with [null:default] (pk12util -o)"
michael@0 348 check_tmpfile
michael@0 349
michael@0 350 # use default as the key encryption algorithm null for the cert one
michael@0 351 # should pass
michael@0 352
michael@0 353 echo "pk12util -o Alice.p12 -n \"Alice\" -d ${P_R_ALICEDIR} \\"
michael@0 354 echo " -k ${R_PWFILE} -w ${R_PWFILE} -C null"
michael@0 355 ${BINDIR}/pk12util -o Alice.p12 -n Alice -d ${P_R_ALICEDIR} \
michael@0 356 -k ${R_PWFILE} -w ${R_PWFILE} \
michael@0 357 -C null 2>&1
michael@0 358 ret=$?
michael@0 359 html_msg $ret 0 "Exporting with [default:null] (pk12util -o)"
michael@0 360 check_tmpfile
michael@0 361
michael@0 362 }
michael@0 363
michael@0 364 #########################################################################
michael@0 365 # Exports using the default key and certificate encryption ciphers.
michael@0 366 # Imports from and lists the contents of the p12 file.
michael@0 367 # Repeats the test with ECC if enabled.
michael@0 368 ########################################################################
michael@0 369 tools_p12_export_list_import_with_default_ciphers()
michael@0 370 {
michael@0 371 echo "$SCRIPTNAME: Exporting Alice's email cert & key - default ciphers"
michael@0 372
michael@0 373 export_list_import "DEFAULT" "DEFAULT"
michael@0 374
michael@0 375 if [ -z "$NSS_DISABLE_ECC" ] ; then
michael@0 376 echo "$SCRIPTNAME: Exporting Alice's email EC cert & key---------------"
michael@0 377 echo "pk12util -o Alice-ec.p12 -n \"Alice-ec\" -d ${P_R_ALICEDIR} -k ${R_PWFILE} \\"
michael@0 378 echo " -w ${R_PWFILE}"
michael@0 379 ${BINDIR}/pk12util -o Alice-ec.p12 -n "Alice-ec" -d ${P_R_ALICEDIR} -k ${R_PWFILE} \
michael@0 380 -w ${R_PWFILE} 2>&1
michael@0 381 ret=$?
michael@0 382 html_msg $ret 0 "Exporting Alice's email EC cert & key (pk12util -o)"
michael@0 383 check_tmpfile
michael@0 384
michael@0 385 echo "$SCRIPTNAME: Importing Alice's email EC cert & key --------------"
michael@0 386 echo "pk12util -i Alice-ec.p12 -d ${P_R_COPYDIR} -k ${R_PWFILE} -w ${R_PWFILE}"
michael@0 387 ${BINDIR}/pk12util -i Alice-ec.p12 -d ${P_R_COPYDIR} -k ${R_PWFILE} -w ${R_PWFILE} 2>&1
michael@0 388 ret=$?
michael@0 389 html_msg $ret 0 "Importing Alice's email EC cert & key (pk12util -i)"
michael@0 390 check_tmpfile
michael@0 391
michael@0 392 echo "$SCRIPTNAME: Listing Alice's pk12 EC file -----------------"
michael@0 393 echo "pk12util -l Alice-ec.p12 -w ${R_PWFILE}"
michael@0 394 ${BINDIR}/pk12util -l Alice-ec.p12 -w ${R_PWFILE} 2>&1
michael@0 395 ret=$?
michael@0 396 html_msg $ret 0 "Listing Alice's pk12 EC file (pk12util -l)"
michael@0 397 check_tmpfile
michael@0 398 fi
michael@0 399 }
michael@0 400
michael@0 401 ############################## tools_p12 ###############################
michael@0 402 # local shell function to test basic functionality of pk12util
michael@0 403 ########################################################################
michael@0 404 tools_p12()
michael@0 405 {
michael@0 406 tools_p12_export_list_import_with_default_ciphers
michael@0 407 tools_p12_export_list_import_all_pkcs5v2_ciphers
michael@0 408 tools_p12_export_list_import_all_pkcs5pbe_ciphers
michael@0 409 tools_p12_export_list_import_all_pkcs12v2pbe_ciphers
michael@0 410 tools_p12_export_with_null_ciphers
michael@0 411 }
michael@0 412
michael@0 413 ############################## tools_sign ##############################
michael@0 414 # local shell function pk12util uses a hardcoded tmp file, if this exists
michael@0 415 # and is owned by another user we don't get reasonable errormessages
michael@0 416 ########################################################################
michael@0 417 check_tmpfile()
michael@0 418 {
michael@0 419 if [ $ret != "0" -a -f /tmp/Pk12uTemp ] ; then
michael@0 420 echo "Error: pk12util temp file exists. Please remove this file and"
michael@0 421 echo " rerun the test (/tmp/Pk12uTemp) "
michael@0 422 fi
michael@0 423 }
michael@0 424
michael@0 425 ############################## tools_sign ##############################
michael@0 426 # local shell function to test basic functionality of signtool
michael@0 427 ########################################################################
michael@0 428 tools_sign()
michael@0 429 {
michael@0 430 echo "$SCRIPTNAME: Create objsign cert -------------------------------"
michael@0 431 echo "signtool -G \"objectsigner\" -d ${P_R_SIGNDIR} -p \"nss\""
michael@0 432 ${BINDIR}/signtool -G "objsigner" -d ${P_R_SIGNDIR} -p "nss" 2>&1 <<SIGNSCRIPT
michael@0 433 y
michael@0 434 TEST
michael@0 435 MOZ
michael@0 436 NSS
michael@0 437 NY
michael@0 438 US
michael@0 439 liz
michael@0 440 liz@moz.org
michael@0 441 SIGNSCRIPT
michael@0 442 html_msg $? 0 "Create objsign cert (signtool -G)"
michael@0 443
michael@0 444 echo "$SCRIPTNAME: Signing a jar of files ----------------------------"
michael@0 445 echo "signtool -Z nojs.jar -d ${P_R_SIGNDIR} -p \"nss\" -k objsigner \\"
michael@0 446 echo " ${R_TOOLSDIR}/html"
michael@0 447 ${BINDIR}/signtool -Z nojs.jar -d ${P_R_SIGNDIR} -p "nss" -k objsigner \
michael@0 448 ${R_TOOLSDIR}/html
michael@0 449 html_msg $? 0 "Signing a jar of files (signtool -Z)"
michael@0 450
michael@0 451 echo "$SCRIPTNAME: Listing signed files in jar ----------------------"
michael@0 452 echo "signtool -v nojs.jar -d ${P_R_SIGNDIR} -p nss -k objsigner"
michael@0 453 ${BINDIR}/signtool -v nojs.jar -d ${P_R_SIGNDIR} -p nss -k objsigner
michael@0 454 html_msg $? 0 "Listing signed files in jar (signtool -v)"
michael@0 455
michael@0 456 echo "$SCRIPTNAME: Show who signed jar ------------------------------"
michael@0 457 echo "signtool -w nojs.jar -d ${P_R_SIGNDIR}"
michael@0 458 ${BINDIR}/signtool -w nojs.jar -d ${P_R_SIGNDIR}
michael@0 459 html_msg $? 0 "Show who signed jar (signtool -w)"
michael@0 460
michael@0 461 echo "$SCRIPTNAME: Signing a xpi of files ----------------------------"
michael@0 462 echo "signtool -Z nojs.xpi -X -d ${P_R_SIGNDIR} -p \"nss\" -k objsigner \\"
michael@0 463 echo " ${R_TOOLSDIR}/html"
michael@0 464 ${BINDIR}/signtool -Z nojs.xpi -X -d ${P_R_SIGNDIR} -p "nss" -k objsigner \
michael@0 465 ${R_TOOLSDIR}/html
michael@0 466 html_msg $? 0 "Signing a xpi of files (signtool -Z -X)"
michael@0 467
michael@0 468 echo "$SCRIPTNAME: Listing signed files in xpi ----------------------"
michael@0 469 echo "signtool -v nojs.xpi -d ${P_R_SIGNDIR} -p nss -k objsigner"
michael@0 470 ${BINDIR}/signtool -v nojs.xpi -d ${P_R_SIGNDIR} -p nss -k objsigner
michael@0 471 html_msg $? 0 "Listing signed files in xpi (signtool -v)"
michael@0 472
michael@0 473 echo "$SCRIPTNAME: Show who signed xpi ------------------------------"
michael@0 474 echo "signtool -w nojs.xpi -d ${P_R_SIGNDIR}"
michael@0 475 ${BINDIR}/signtool -w nojs.xpi -d ${P_R_SIGNDIR}
michael@0 476 html_msg $? 0 "Show who signed xpi (signtool -w)"
michael@0 477
michael@0 478 }
michael@0 479
michael@0 480 ############################## tools_cleanup ###########################
michael@0 481 # local shell function to finish this script (no exit since it might be
michael@0 482 # sourced)
michael@0 483 ########################################################################
michael@0 484 tools_cleanup()
michael@0 485 {
michael@0 486 html "</TABLE><BR>"
michael@0 487 cd ${QADIR}
michael@0 488 . common/cleanup.sh
michael@0 489 }
michael@0 490
michael@0 491 ################## main #################################################
michael@0 492
michael@0 493 tools_init
michael@0 494 tools_p12
michael@0 495 tools_sign
michael@0 496 tools_cleanup
michael@0 497
michael@0 498

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial