The Tor Browser / file comparison
comparison: security/nss/tests/smime/smime.sh
security/nss/tests/smime/smime.sh
- changeset 0
- 6474c204b198
equal
deleted
inserted
replaced
| -1:000000000000 | 0:73f7938e68b9 |
|---|---|
| 1 #! /bin/sh | |
| 2 # | |
| 3 # This Source Code Form is subject to the terms of the Mozilla Public | |
| 4 # License, v. 2.0. If a copy of the MPL was not distributed with this | |
| 5 # file, You can obtain one at http://mozilla.org/MPL/2.0/. | |
| 6 | |
| 7 ######################################################################## | |
| 8 # | |
| 9 # mozilla/security/nss/tests/smime/smime.sh | |
| 10 # | |
| 11 # Script to test NSS smime | |
| 12 # | |
| 13 # needs to work on all Unix and Windows platforms | |
| 14 # | |
| 15 # special strings | |
| 16 # --------------- | |
| 17 # FIXME ... known problems, search for this string | |
| 18 # NOTE .... unexpected behavior | |
| 19 # | |
| 20 ######################################################################## | |
| 21 | |
| 22 ############################## smime_init ############################## | |
| 23 # local shell function to initialize this script | |
| 24 ######################################################################## | |
| 25 smime_init() | |
| 26 { | |
| 27 SCRIPTNAME=smime.sh # sourced - $0 would point to all.sh | |
| 28 | |
| 29 if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for | |
| 30 CLEANUP="${SCRIPTNAME}" # cleaning this script will do it | |
| 31 fi | |
| 32 | |
| 33 if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then | |
| 34 cd ../common | |
| 35 . ./init.sh | |
| 36 fi | |
| 37 if [ ! -r $CERT_LOG_FILE ]; then # we need certificates here | |
| 38 cd ../cert | |
| 39 . ./cert.sh | |
| 40 fi | |
| 41 SCRIPTNAME=smime.sh | |
| 42 | |
| 43 if [ -z "$NSS_DISABLE_ECC" ] ; then | |
| 44 html_head "S/MIME Tests with ECC" | |
| 45 else | |
| 46 html_head "S/MIME Tests" | |
| 47 fi | |
| 48 | |
| 49 grep "SUCCESS: SMIME passed" $CERT_LOG_FILE >/dev/null || { | |
| 50 Exit 11 "Fatal - S/MIME of cert.sh needs to pass first" | |
| 51 } | |
| 52 | |
| 53 SMIMEDIR=${HOSTDIR}/smime | |
| 54 R_SMIMEDIR=../smime | |
| 55 mkdir -p ${SMIMEDIR} | |
| 56 cd ${SMIMEDIR} | |
| 57 cp ${QADIR}/smime/alice.txt ${SMIMEDIR} | |
| 58 } | |
| 59 | |
| 60 smime_sign() | |
| 61 { | |
| 62 HASH_CMD="-H ${HASH}" | |
| 63 SIG=sig.${HASH} | |
| 64 | |
| 65 echo "$SCRIPTNAME: Signing Detached Message {$HASH} ------------------" | |
| 66 echo "cmsutil -S -T -N Alice ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.d${SIG}" | |
| 67 ${PROFTOOL} ${BINDIR}/cmsutil -S -T -N Alice ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.d${SIG} | |
| 68 html_msg $? 0 "Create Detached Signature Alice (${HASH})" "." | |
| 69 | |
| 70 echo "cmsutil -D -i alice.d${SIG} -c alice.txt -d ${P_R_BOBDIR} " | |
| 71 ${PROFTOOL} ${BINDIR}/cmsutil -D -i alice.d${SIG} -c alice.txt -d ${P_R_BOBDIR} | |
| 72 html_msg $? 0 "Verifying Alice's Detached Signature (${HASH})" "." | |
| 73 | |
| 74 echo "$SCRIPTNAME: Signing Attached Message (${HASH}) ------------------" | |
| 75 echo "cmsutil -S -N Alice ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.${SIG}" | |
| 76 ${PROFTOOL} ${BINDIR}/cmsutil -S -N Alice ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.${SIG} | |
| 77 html_msg $? 0 "Create Attached Signature Alice (${HASH})" "." | |
| 78 | |
| 79 echo "cmsutil -D -i alice.${SIG} -d ${P_R_BOBDIR} -o alice.data.${HASH}" | |
| 80 ${PROFTOOL} ${BINDIR}/cmsutil -D -i alice.${SIG} -d ${P_R_BOBDIR} -o alice.data.${HASH} | |
| 81 html_msg $? 0 "Decode Alice's Attached Signature (${HASH})" "." | |
| 82 | |
| 83 echo "diff alice.txt alice.data.${HASH}" | |
| 84 diff alice.txt alice.data.${HASH} | |
| 85 html_msg $? 0 "Compare Attached Signed Data and Original (${HASH})" "." | |
| 86 | |
| 87 # Test ECDSA signing for all hash algorithms. | |
| 88 if [ -z "$NSS_DISABLE_ECC" ] ; then | |
| 89 echo "$SCRIPTNAME: Signing Detached Message ECDSA w/ {$HASH} ------------------" | |
| 90 echo "cmsutil -S -T -N Alice-ec ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice-ec.d${SIG}" | |
| 91 ${PROFTOOL} ${BINDIR}/cmsutil -S -T -N Alice-ec ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice-ec.d${SIG} | |
| 92 html_msg $? 0 "Create Detached Signature Alice (ECDSA w/ ${HASH})" "." | |
| 93 | |
| 94 echo "cmsutil -D -i alice-ec.d${SIG} -c alice.txt -d ${P_R_BOBDIR} " | |
| 95 ${PROFTOOL} ${BINDIR}/cmsutil -D -i alice-ec.d${SIG} -c alice.txt -d ${P_R_BOBDIR} | |
| 96 html_msg $? 0 "Verifying Alice's Detached Signature (ECDSA w/ ${HASH})" "." | |
| 97 | |
| 98 echo "$SCRIPTNAME: Signing Attached Message (ECDSA w/ ${HASH}) ------------------" | |
| 99 echo "cmsutil -S -N Alice-ec ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice-ec.${SIG}" | |
| 100 ${PROFTOOL} ${BINDIR}/cmsutil -S -N Alice-ec ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice-ec.${SIG} | |
| 101 html_msg $? 0 "Create Attached Signature Alice (ECDSA w/ ${HASH})" "." | |
| 102 | |
| 103 echo "cmsutil -D -i alice-ec.${SIG} -d ${P_R_BOBDIR} -o alice-ec.data.${HASH}" | |
| 104 ${PROFTOOL} ${BINDIR}/cmsutil -D -i alice-ec.${SIG} -d ${P_R_BOBDIR} -o alice-ec.data.${HASH} | |
| 105 html_msg $? 0 "Decode Alice's Attached Signature (ECDSA w/ ${HASH})" "." | |
| 106 | |
| 107 echo "diff alice.txt alice-ec.data.${HASH}" | |
| 108 diff alice.txt alice-ec.data.${HASH} | |
| 109 html_msg $? 0 "Compare Attached Signed Data and Original (ECDSA w/ ${HASH})" "." | |
| 110 fi | |
| 111 | |
| 112 } | |
| 113 | |
| 114 | |
| 115 | |
| 116 smime_p7() | |
| 117 { | |
| 118 echo "$SCRIPTNAME: p7 util Data Tests ------------------------------" | |
| 119 echo "p7env -d ${P_R_ALICEDIR} -r Alice -i alice.txt -o alice_p7.env" | |
| 120 ${PROFTOOL} ${BINDIR}/p7env -d ${P_R_ALICEDIR} -r Alice -i alice.txt -o alice.env | |
| 121 html_msg $? 0 "Creating envelope for user Alice" "." | |
| 122 | |
| 123 echo "p7content -d ${P_R_ALICEDIR} -i alice.env -o alice_p7.data" | |
| 124 ${PROFTOOL} ${BINDIR}/p7content -d ${P_R_ALICEDIR} -i alice.env -o alice_p7.data -p nss | |
| 125 html_msg $? 0 "Verifying file delivered to user Alice" "." | |
| 126 | |
| 127 sed -e '3,8p' -n alice_p7.data > alice_p7.data.sed | |
| 128 | |
| 129 echo "diff alice.txt alice_p7.data.sed" | |
| 130 diff alice.txt alice_p7.data.sed | |
| 131 html_msg $? 0 "Compare Decoded Enveloped Data and Original" "." | |
| 132 | |
| 133 echo "p7sign -d ${P_R_ALICEDIR} -k Alice -i alice.txt -o alice.sig -p nss -e" | |
| 134 ${PROFTOOL} ${BINDIR}/p7sign -d ${P_R_ALICEDIR} -k Alice -i alice.txt -o alice.sig -p nss -e | |
| 135 html_msg $? 0 "Signing file for user Alice" "." | |
| 136 | |
| 137 echo "p7verify -d ${P_R_ALICEDIR} -c alice.txt -s alice.sig" | |
| 138 ${PROFTOOL} ${BINDIR}/p7verify -d ${P_R_ALICEDIR} -c alice.txt -s alice.sig | |
| 139 html_msg $? 0 "Verifying file delivered to user Alice" "." | |
| 140 } | |
| 141 | |
| 142 ############################## smime_main ############################## | |
| 143 # local shell function to test basic signed and enveloped messages | |
| 144 # from 1 --> 2" | |
| 145 ######################################################################## | |
| 146 smime_main() | |
| 147 { | |
| 148 | |
| 149 HASH=SHA1 | |
| 150 smime_sign | |
| 151 HASH=SHA256 | |
| 152 smime_sign | |
| 153 HASH=SHA384 | |
| 154 smime_sign | |
| 155 HASH=SHA512 | |
| 156 smime_sign | |
| 157 | |
| 158 echo "$SCRIPTNAME: Enveloped Data Tests ------------------------------" | |
| 159 echo "cmsutil -E -r bob@bogus.com -i alice.txt -d ${P_R_ALICEDIR} -p nss \\" | |
| 160 echo " -o alice.env" | |
| 161 ${PROFTOOL} ${BINDIR}/cmsutil -E -r bob@bogus.com -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.env | |
| 162 html_msg $? 0 "Create Enveloped Data Alice" "." | |
| 163 | |
| 164 echo "cmsutil -D -i alice.env -d ${P_R_BOBDIR} -p nss -o alice.data1" | |
| 165 ${PROFTOOL} ${BINDIR}/cmsutil -D -i alice.env -d ${P_R_BOBDIR} -p nss -o alice.data1 | |
| 166 html_msg $? 0 "Decode Enveloped Data Alice" "." | |
| 167 | |
| 168 echo "diff alice.txt alice.data1" | |
| 169 diff alice.txt alice.data1 | |
| 170 html_msg $? 0 "Compare Decoded Enveloped Data and Original" "." | |
| 171 | |
| 172 # multiple recip | |
| 173 echo "$SCRIPTNAME: Testing multiple recipients ------------------------------" | |
| 174 echo "cmsutil -E -i alice.txt -d ${P_R_ALICEDIR} -o alicecc.env \\" | |
| 175 echo " -r bob@bogus.com,dave@bogus.com" | |
| 176 ${PROFTOOL} ${BINDIR}/cmsutil -E -i alice.txt -d ${P_R_ALICEDIR} -o alicecc.env \ | |
| 177 -r bob@bogus.com,dave@bogus.com | |
| 178 ret=$? | |
| 179 html_msg $ret 0 "Create Multiple Recipients Enveloped Data Alice" "." | |
| 180 if [ $ret != 0 ] ; then | |
| 181 echo "certutil -L -d ${P_R_ALICEDIR}" | |
| 182 ${BINDIR}/certutil -L -d ${P_R_ALICEDIR} | |
| 183 echo "certutil -L -d ${P_R_ALICEDIR} -n dave@bogus.com" | |
| 184 ${BINDIR}/certutil -L -d ${P_R_ALICEDIR} -n dave@bogus.com | |
| 185 fi | |
| 186 | |
| 187 echo "$SCRIPTNAME: Testing multiple email addrs ------------------------------" | |
| 188 echo "cmsutil -E -i alice.txt -d ${P_R_ALICEDIR} -o aliceve.env \\" | |
| 189 echo " -r eve@bogus.net" | |
| 190 ${PROFTOOL} ${BINDIR}/cmsutil -E -i alice.txt -d ${P_R_ALICEDIR} -o aliceve.env \ | |
| 191 -r eve@bogus.net | |
| 192 ret=$? | |
| 193 html_msg $ret 0 "Encrypt to a Multiple Email cert" "." | |
| 194 | |
| 195 echo "cmsutil -D -i alicecc.env -d ${P_R_BOBDIR} -p nss -o alice.data2" | |
| 196 ${PROFTOOL} ${BINDIR}/cmsutil -D -i alicecc.env -d ${P_R_BOBDIR} -p nss -o alice.data2 | |
| 197 html_msg $? 0 "Decode Multiple Recipients Enveloped Data Alice by Bob" "." | |
| 198 | |
| 199 echo "cmsutil -D -i alicecc.env -d ${P_R_DAVEDIR} -p nss -o alice.data3" | |
| 200 ${PROFTOOL} ${BINDIR}/cmsutil -D -i alicecc.env -d ${P_R_DAVEDIR} -p nss -o alice.data3 | |
| 201 html_msg $? 0 "Decode Multiple Recipients Enveloped Data Alice by Dave" "." | |
| 202 | |
| 203 echo "cmsutil -D -i aliceve.env -d ${P_R_EVEDIR} -p nss -o alice.data4" | |
| 204 ${PROFTOOL} ${BINDIR}/cmsutil -D -i aliceve.env -d ${P_R_EVEDIR} -p nss -o alice.data4 | |
| 205 html_msg $? 0 "Decrypt with a Multiple Email cert" "." | |
| 206 | |
| 207 diff alice.txt alice.data2 | |
| 208 html_msg $? 0 "Compare Decoded Mult. Recipients Enveloped Data Alice/Bob" "." | |
| 209 | |
| 210 diff alice.txt alice.data3 | |
| 211 html_msg $? 0 "Compare Decoded Mult. Recipients Enveloped Data Alice/Dave" "." | |
| 212 | |
| 213 diff alice.txt alice.data4 | |
| 214 html_msg $? 0 "Compare Decoded with Multiple Email cert" "." | |
| 215 | |
| 216 echo "$SCRIPTNAME: Sending CERTS-ONLY Message ------------------------------" | |
| 217 echo "cmsutil -O -r \"Alice,bob@bogus.com,dave@bogus.com\" \\" | |
| 218 echo " -d ${P_R_ALICEDIR} > co.der" | |
| 219 ${PROFTOOL} ${BINDIR}/cmsutil -O -r "Alice,bob@bogus.com,dave@bogus.com" -d ${P_R_ALICEDIR} > co.der | |
| 220 html_msg $? 0 "Create Certs-Only Alice" "." | |
| 221 | |
| 222 echo "cmsutil -D -i co.der -d ${P_R_BOBDIR}" | |
| 223 ${PROFTOOL} ${BINDIR}/cmsutil -D -i co.der -d ${P_R_BOBDIR} | |
| 224 html_msg $? 0 "Verify Certs-Only by CA" "." | |
| 225 | |
| 226 echo "$SCRIPTNAME: Encrypted-Data Message ---------------------------------" | |
| 227 echo "cmsutil -C -i alice.txt -e alicehello.env -d ${P_R_ALICEDIR} \\" | |
| 228 echo " -r \"bob@bogus.com\" > alice.enc" | |
| 229 ${PROFTOOL} ${BINDIR}/cmsutil -C -i alice.txt -e alicehello.env -d ${P_R_ALICEDIR} \ | |
| 230 -r "bob@bogus.com" > alice.enc | |
| 231 html_msg $? 0 "Create Encrypted-Data" "." | |
| 232 | |
| 233 echo "cmsutil -D -i alice.enc -d ${P_R_BOBDIR} -e alicehello.env -p nss \\" | |
| 234 echo " -o alice.data2" | |
| 235 ${PROFTOOL} ${BINDIR}/cmsutil -D -i alice.enc -d ${P_R_BOBDIR} -e alicehello.env -p nss -o alice.data2 | |
| 236 html_msg $? 0 "Decode Encrypted-Data" "." | |
| 237 | |
| 238 diff alice.txt alice.data2 | |
| 239 html_msg $? 0 "Compare Decoded and Original Data" "." | |
| 240 } | |
| 241 | |
| 242 ############################## smime_cleanup ########################### | |
| 243 # local shell function to finish this script (no exit since it might be | |
| 244 # sourced) | |
| 245 ######################################################################## | |
| 246 smime_cleanup() | |
| 247 { | |
| 248 html "</TABLE><BR>" | |
| 249 cd ${QADIR} | |
| 250 . common/cleanup.sh | |
| 251 } | |
| 252 | |
| 253 ################## main ################################################# | |
| 254 | |
| 255 smime_init | |
| 256 smime_main | |
| 257 smime_p7 | |
| 258 smime_cleanup | |
| 259 |
