[xmlsec] cleanup test scripts
- From: Aleksey Sanin <aleksey src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [xmlsec] cleanup test scripts
- Date: Fri, 30 Apr 2010 21:48:55 +0000 (UTC)
commit 2883fbcd1c49d7308724380e225cb3d2729ce1f3
Author: Aleksey Sanin <aleksey aleksey com>
Date: Fri Apr 30 12:01:05 2010 -0700
cleanup test scripts
tests/testDSig.sh | 524 ++++++++++++++++++++++++++++++++++++++---------------
tests/testKeys.sh | 2 +-
2 files changed, 376 insertions(+), 150 deletions(-)
---
diff --git a/tests/testDSig.sh b/tests/testDSig.sh
index 46804b2..c39dcb1 100755
--- a/tests/testDSig.sh
+++ b/tests/testDSig.sh
@@ -1,8 +1,9 @@
-#!/bin/sh
+#!/bin/sh -x
OS_ARCH=`uname -o`
OS_KERNEL=`uname -s`
+crypto=$1
if [ "z$OS_ARCH" = "zCygwin" ] ; then
topfolder=`cygpath -wa $2`
xmlsec_app=`cygpath -a $3`
@@ -10,7 +11,6 @@ else
topfolder=$2
xmlsec_app=$3
fi
-crypto=$1
file_format=$4
pub_key_format=$file_format
@@ -68,45 +68,69 @@ if [ -n "$PERF_TEST" ] ; then
xmlsec_params="$xmlsec_params --repeat $PERF_TEST"
fi
+res_success="success"
+res_fail="fail"
printRes() {
- if [ $1 = 0 ]; then
- echo " OK"
- else
+ expected_res=$1
+ actual_res=$2
+
+ # convert status to string
+ if [ $actual_res = 0 ]; then
+ actual_res=$res_success
+ else
+ actual_res=$res_fail
+ fi
+
+ # check
+ if [ "z$expected_res" = "z$actual_res" ] ; then
+ echo " OK"
+ elif [ "z$expected_res" = "z$res_fail" ] ; then
echo " Fail"
fi
+
+ # memlog
if [ -f .memdump ] ; then
- cat .memdump >> $logfile
+ cat .memdump >> $logfile
fi
}
-execDSigTest() {
- folder=$1
- file=$2
- req_transforms=$3
- params1=$4
- params2=$5
- params3=$6
- old_pwd=`pwd`
+execDSigTest() {
+ expected_res=$1
+ folder=$2
+ file=$3
+ req_transforms=$4
+ params1=$5
+ params2=$6
+ params3=$7
+ old_pwd=`pwd`
rm -f $tmpfile
- if [ -n "$folder" ] ; then
- cd $topfolder/$folder
+ # check params
+ if [ -n "$folder" ] ; then
+ cd $topfolder/$folder
full_file=$file
echo $folder/$file
- echo "Test: $folder/$file in folder " `pwd` >> $logfile
+ echo "Test: $folder/$file in folder " `pwd` " ($expected_res)" >> $logfile
else
- full_file=$topfolder/$file
+ full_file=$topfolder/$file
echo $file
- echo "Test: $folder/$file" >> $logfile
+ echo "Test: $folder/$file ($expected_res)" >> $logfile
fi
+ if [ "z$expected_res" != "z$res_success" -a "z$expected_res" != "z$res_fail" ] ; then
+ echo " Bad parameter: expected_res=$expected_res"
+ cd $old_pwd
+ return
+ fi
+
+ # check transforms
if [ -n "$req_transforms" ] ; then
printf " Checking required transforms "
echo "$xmlsec_app check-transforms $xmlsec_params $req_transforms" >> $logfile
$xmlsec_app check-transforms $xmlsec_params $req_transforms >> $logfile 2>> $logfile
res=$?
if [ $res = 0 ]; then
- echo " OK"
+ echo " OK"
else
echo " Skip"
cd $old_pwd
@@ -114,28 +138,29 @@ execDSigTest() {
fi
fi
-
- printf " Verify existing signature "
- echo "$xmlsec_app verify $xmlsec_params $params1 $full_file.xml" >> $logfile
- $VALGRIND $xmlsec_app verify $xmlsec_params $params1 $full_file.xml >> $logfile 2>> $logfile
- printRes $?
+ # run tests
+ if [ -n "$params1" ] ; then
+ printf " Verify existing signature "
+ echo "$xmlsec_app verify $xmlsec_params $params1 $full_file.xml" >> $logfile
+ $VALGRIND $xmlsec_app verify $xmlsec_params $params1 $full_file.xml >> $logfile 2>> $logfile
+ printRes $expected_res $?
+ fi
- if [ -n "$params2" -a -z "$PERF_TEST" ] ; then
+ if [ -n "$params2" -a -z "$PERF_TEST" ] ; then
printf " Create new signature "
echo "$xmlsec_app sign $xmlsec_params $params2 --output $tmpfile $full_file.tmpl" >> $logfile
$VALGRIND $xmlsec_app sign $xmlsec_params $params2 --output $tmpfile $full_file.tmpl >> $logfile 2>> $logfile
- printRes $?
-
- if [ -n "$params3" ] ; then
- if [ -z "$VALGRIND" ] ; then
- printf " Verify new signature "
- echo "$xmlsec_app verify $xmlsec_params $params3 $tmpfile" >> $logfile
- $VALGRIND $xmlsec_app verify $xmlsec_params $params3 $tmpfile >> $logfile 2>> $logfile
- printRes $?
- fi
- fi
+ printRes $expected_res $?
fi
+ if [ -n "$params3" -a -z "$PERF_TEST" ] ; then
+ printf " Verify new signature "
+ echo "$xmlsec_app verify $xmlsec_params $params3 $tmpfile" >> $logfile
+ $VALGRIND $xmlsec_app verify $xmlsec_params $params3 $tmpfile >> $logfile 2>> $logfile
+ printRes $expected_res $?
+ fi
+
+ # done
cd $old_pwd
}
@@ -145,6 +170,12 @@ echo "--- log file is $logfile"
echo "--- testDSig started for xmlsec-$crypto library ($timestamp)" >> $logfile
echo "--- LD_LIBRARY_PATH=$LD_LIBRARY_PATH" >> $logfile
+
+##########################################################################
+##########################################################################
+##########################################################################
+echo "--------- Positive Testing ----------"
+
##########################################################################
#
# xmldsig2ed-tests
@@ -153,13 +184,17 @@ echo "--- LD_LIBRARY_PATH=$LD_LIBRARY_PATH" >> $logfile
#
##########################################################################
-execDSigTest "xmldsig2ed-tests" "defCan-1" \
+execDSigTest $res_success \
+ "xmldsig2ed-tests" \
+ "defCan-1" \
"c14n11 sha1 hmac-sha1" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "xmldsig2ed-tests" "defCan-2" \
+execDSigTest $res_success \
+ "xmldsig2ed-tests" \
+ "defCan-2" \
"c14n11 xslt xpath sha1 hmac-sha1" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
@@ -167,35 +202,49 @@ execDSigTest "xmldsig2ed-tests" "defCan-2" \
#
# differences in XSLT transform output, tbd
-#
-# execDSigTest "xmldsig2ed-tests" "defCan-3" \
+#
+# execDSigTest $res_success \
+# "xmldsig2ed-tests" \
+# "defCan-3" \
# "c14n11 xslt xpath sha1 hmac-sha1" \
# "--hmackey $topfolder/keys/hmackey.bin" \
# "--hmackey $topfolder/keys/hmackey.bin" \
# "--hmackey $topfolder/keys/hmackey.bin"
#
-execDSigTest "xmldsig2ed-tests" "xpointer-1-SUN" \
+execDSigTest $res_success \
+ "xmldsig2ed-tests" \
+ "xpointer-1-SUN" \
"c14n11 xpointer sha1 hmac-sha1" \
"--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "xmldsig2ed-tests" "xpointer-2-SUN" \
+execDSigTest $res_success \
+ "xmldsig2ed-tests" \
+ "xpointer-2-SUN" \
"c14n11 xpointer sha1 hmac-sha1" \
"--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "xmldsig2ed-tests" "xpointer-3-SUN" \
+execDSigTest $res_success \
+ "xmldsig2ed-tests" \
+ "xpointer-3-SUN" \
"c14n11 xpointer sha1 hmac-sha1" \
"--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "xmldsig2ed-tests" "xpointer-4-SUN" \
+execDSigTest $res_success \
+ "xmldsig2ed-tests" \
+ "xpointer-4-SUN" \
"c14n11 xpointer sha1 hmac-sha1" \
"--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "xmldsig2ed-tests" "xpointer-5-SUN" \
+execDSigTest $res_success \
+ "xmldsig2ed-tests" \
+ "xpointer-5-SUN" \
"c14n11 xpointer sha1 hmac-sha1" \
"--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "xmldsig2ed-tests" "xpointer-6-SUN" \
+execDSigTest $res_success \
+ "xmldsig2ed-tests" \
+ "xpointer-6-SUN" \
"c14n11 xpointer sha1 hmac-sha1" \
"--hmackey $topfolder/keys/hmackey.bin"
@@ -205,145 +254,193 @@ execDSigTest "xmldsig2ed-tests" "xpointer-6-SUN" \
#
##########################################################################
-execDSigTest "" "aleksey-xmldsig-01/enveloping-dsa-x509chain" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-dsa-x509chain" \
"sha1 dsa-sha1" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-rsa-x509chain" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-rsa-x509chain" \
"sha1 rsa-sha1" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
"$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-md5-hmac-md5" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-md5-hmac-md5" \
"md5 hmac-md5" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-md5-hmac-md5-64" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-md5-hmac-md5-64" \
"md5 hmac-md5" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160" \
"ripemd160 hmac-ripemd160" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64" \
"ripemd160 hmac-ripemd160" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/xpointer-hmac" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/xpointer-hmac" \
"xpointer sha1 hmac-sha1" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha1-hmac-sha1" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha1-hmac-sha1" \
"sha1 hmac-sha1" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64" \
"sha1 hmac-sha1" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha224-hmac-sha224" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha224-hmac-sha224" \
"sha224 hmac-sha224" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64" \
"sha224 hmac-sha224" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha256-hmac-sha256" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha256-hmac-sha256" \
"sha256 hmac-sha256" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64" \
"sha256 hmac-sha256" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha384-hmac-sha384" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha384-hmac-sha384" \
"sha384 hmac-sha384" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64" \
"sha384 hmac-sha384" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha512-hmac-sha512" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha512-hmac-sha512" \
"sha512 hmac-sha512" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64" \
"sha512 hmac-sha512" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-md5-rsa-md5" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-md5-rsa-md5" \
"md5 rsa-md5" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
"$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-ripemd160-rsa-ripemd160" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-ripemd160-rsa-ripemd160" \
"ripemd160 rsa-ripemd160" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
"$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha1-rsa-sha1" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha1-rsa-sha1" \
"sha1 rsa-sha1" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
"$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha224-rsa-sha224" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha224-rsa-sha224" \
"sha224 rsa-sha224" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
"$priv_key_option $topfolder/keys/rsakey$priv_key_suffix.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha256-rsa-sha256" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha256-rsa-sha256" \
"sha256 rsa-sha256" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
"$priv_key_option $topfolder/keys/rsakey$priv_key_suffix.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha384-rsa-sha384" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha384-rsa-sha384" \
"sha384 rsa-sha384" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
"$priv_key_option $topfolder/keys/largersakey$priv_key_suffix.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha512-rsa-sha512" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha512-rsa-sha512" \
"sha512 rsa-sha512" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
"$priv_key_option $topfolder/keys/largersakey$priv_key_suffix.$priv_key_format --pwd secret" \
@@ -353,24 +450,32 @@ execDSigTest "" "aleksey-xmldsig-01/enveloping-sha512-rsa-sha512" \
# To generate expired cert run the following command
# > xmlsec1 sign --pkcs12 tests/keys/expiredkey.p12 --pwd secret --output out.xml ./tests/aleksey-xmldsig-01/enveloping-expired-cert.tmpl
#
-execDSigTest "" "aleksey-xmldsig-01/enveloping-expired-cert" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-expired-cert" \
"sha1 rsa-sha1" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509 --verification-time 2005-07-10+10:00:00"
-execDSigTest "" "aleksey-xmldsig-01/dtd-hmac-91" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/dtd-hmac-91" \
"sha1 hmac-sha1" \
"--hmackey $topfolder/keys/hmackey.bin --dtd-file $topfolder/aleksey-xmldsig-01/dtd-hmac-91.dtd" \
"--hmackey $topfolder/keys/hmackey.bin --dtd-file $topfolder/aleksey-xmldsig-01/dtd-hmac-91.dtd" \
"--hmackey $topfolder/keys/hmackey.bin --dtd-file $topfolder/aleksey-xmldsig-01/dtd-hmac-91.dtd"
-execDSigTest "" "aleksey-xmldsig-01/x509data-test" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/x509data-test" \
"xpath2 sha1 rsa-sha1" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format" \
"$priv_key_option tests/keys/rsakey.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format"
-execDSigTest "" "aleksey-xmldsig-01/x509data-sn-test" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/x509data-sn-test" \
"xpath2 sha1 rsa-sha1" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --untrusted-$cert_format $topfolder/keys/ca2cert.$cert_format --untrusted-$cert_format $topfolder/keys/rsacert.$cert_format --enabled-key-data x509" \
"$priv_key_option tests/keys/rsakey.$priv_key_format --pwd secret" \
@@ -382,91 +487,121 @@ execDSigTest "" "aleksey-xmldsig-01/x509data-sn-test" \
#
##########################################################################
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-enveloped-dsa" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-enveloped-dsa" \
"enveloped-signature sha1 dsa-sha1" \
" " \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
" "
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-enveloping-dsa" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-enveloping-dsa" \
"sha1 dsa-sha1" \
" " \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
" "
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-enveloping-b64-dsa" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-enveloping-b64-dsa" \
"base64 sha1 dsa-sha1" \
" " \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
" "
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40" \
"sha1 hmac-sha1" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1" \
"sha1 hmac-sha1" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-enveloping-rsa" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-enveloping-rsa" \
"sha1 rsa-sha1" \
" " \
"$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
- " "
-
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-external-b64-dsa" \
+ " "
+
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-external-b64-dsa" \
"base64 sha1 dsa-sha1" \
" " \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
- " "
-
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-external-dsa" \
+ " "
+
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-external-dsa" \
"sha1 dsa-sha1" \
" " \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
" "
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-keyname" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-keyname" \
"sha1 dsa-sha1" \
"--pubkey-cert-$cert_format:Lugh $topfolder/merlin-xmldsig-twenty-three/certs/lugh-cert.$cert_format" \
"$priv_key_option:test-dsa $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
"$priv_key_option:test-dsa $topfolder/keys/dsakey.$priv_key_format --pwd secret"
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-x509-crt" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-x509-crt" \
"sha1 dsa-sha1" \
"--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format" \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret"\
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format"
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-x509-sn" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-x509-sn" \
"sha1 dsa-sha1" \
"--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format --untrusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/badb.$cert_format" \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret"\
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format"
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-x509-is" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-x509-is" \
"sha1 dsa-sha1" \
"--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format --untrusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/macha.$cert_format" \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret"\
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format"
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-x509-ski" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-x509-ski" \
"sha1 dsa-sha1" \
"--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format --untrusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/nemain.$cert_format" \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret"\
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format"
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt" \
"sha1 dsa-sha1" \
"--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format --untrusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/nemain.$cert_format" \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret"\
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --trusted-$cert_format $topfolder/keys/ca2cert.$cert_format"
-
-execDSigTest "" "merlin-xmldsig-twenty-three/signature" \
+
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature" \
"base64 xpath enveloped-signature c14n-with-comments sha1 dsa-sha1" \
"--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/merlin.$cert_format" \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
@@ -482,29 +617,41 @@ execDSigTest "" "merlin-xmldsig-twenty-three/signature" \
# key transport/wrapper algorightms
#
##########################################################################
-execDSigTest "" "merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes" \
"ripemd160 hmac-ripemd160 kw-tripledes" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml" \
"--session-key hmac-192 --keys-file $topfolder/merlin-xmlenc-five/keys.xml" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
-execDSigTest "" "merlin-xmlenc-five/encsig-sha256-hmac-sha256-kw-aes128" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmlenc-five/encsig-sha256-hmac-sha256-kw-aes128" \
"sha256 hmac-sha256 kw-aes128" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
-execDSigTest "" "merlin-xmlenc-five/encsig-sha384-hmac-sha384-kw-aes192" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmlenc-five/encsig-sha384-hmac-sha384-kw-aes192" \
"sha384 hmac-sha384 kw-aes192" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
-execDSigTest "" "merlin-xmlenc-five/encsig-sha512-hmac-sha512-kw-aes256" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmlenc-five/encsig-sha512-hmac-sha512-kw-aes256" \
"sha512 hmac-sha512 kw-aes256" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
-execDSigTest "" "merlin-xmlenc-five/encsig-hmac-sha256-rsa-1_5" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmlenc-five/encsig-hmac-sha256-rsa-1_5" \
"sha1 hmac-sha256 rsa-1_5" \
"$priv_key_option $topfolder/merlin-xmlenc-five/rsapriv.$priv_key_format --pwd secret"
-execDSigTest "" "merlin-xmlenc-five/encsig-hmac-sha256-rsa-oaep-mgf1p" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmlenc-five/encsig-hmac-sha256-rsa-oaep-mgf1p" \
"sha1 hmac-sha256 rsa-oaep-mgf1p" \
"$priv_key_option $topfolder/merlin-xmlenc-five/rsapriv.$priv_key_format --pwd secret"
@@ -515,14 +662,17 @@ execDSigTest "" "merlin-xmlenc-five/encsig-hmac-sha256-rsa-oaep-mgf1p" \
# merlin-exc-c14n-one
#
##########################################################################
-
-execDSigTest "" "merlin-exc-c14n-one/exc-signature" \
+execDSigTest $res_success \
+ "" \
+ "merlin-exc-c14n-one/exc-signature" \
"exc-c14n sha1 dsa-sha1" \
" " \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
" "
-
-execDSigTest "" "merlin-exc-c14n-one/exc-signature" \
+
+execDSigTest $res_success \
+ "" \
+ "merlin-exc-c14n-one/exc-signature" \
"exc-c14n sha1 dsa-sha1" \
" "
@@ -531,22 +681,28 @@ execDSigTest "" "merlin-exc-c14n-one/exc-signature" \
# merlin-c14n-three
#
##########################################################################
-
-execDSigTest "" "merlin-c14n-three/signature" \
+
+execDSigTest $res_success \
+ "" \
+ "merlin-c14n-three/signature" \
"c14n c14n-with-comments exc-c14n exc-c14n-with-comments xpath sha1 dsa-sha1" \
" "
-
+
##########################################################################
#
# merlin-xpath-filter2-three
#
##########################################################################
-execDSigTest "" "merlin-xpath-filter2-three/sign-xfdl" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xpath-filter2-three/sign-xfdl" \
"enveloped-signature xpath2 sha1 dsa-sha1" \
""
-execDSigTest "" "merlin-xpath-filter2-three/sign-spec" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xpath-filter2-three/sign-spec" \
"enveloped-signature xpath2 sha1 dsa-sha1" \
""
##########################################################################
@@ -555,99 +711,147 @@ execDSigTest "" "merlin-xpath-filter2-three/sign-spec" \
#
##########################################################################
-execDSigTest "phaos-xmldsig-three" "signature-big" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-big" \
"base64 xslt xpath sha1 rsa-sha1" \
"--pubkey-cert-$cert_format certs/rsa-cert.$cert_format"
-execDSigTest "phaos-xmldsig-three" "signature-dsa-detached" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-dsa-detached" \
"sha1 dsa-sha1" \
"--trusted-$cert_format certs/dsa-ca-cert.$cert_format"
-execDSigTest "phaos-xmldsig-three" "signature-dsa-enveloped" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-dsa-enveloped" \
"enveloped-signature sha1 dsa-sha1" \
"--trusted-$cert_format certs/dsa-ca-cert.$cert_format"
-
-execDSigTest "phaos-xmldsig-three" "signature-dsa-enveloping" \
+
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-dsa-enveloping" \
"sha1 dsa-sha1" \
"--trusted-$cert_format certs/dsa-ca-cert.$cert_format"
-execDSigTest "phaos-xmldsig-three" "signature-dsa-manifest" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-dsa-manifest" \
"sha1 dsa-sha1" \
"--trusted-$cert_format certs/dsa-ca-cert.$cert_format"
-execDSigTest "phaos-xmldsig-three" "signature-hmac-md5-c14n-enveloping" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-hmac-md5-c14n-enveloping" \
"md5 hmac-md5" \
"--hmackey certs/hmackey.bin"
-
-execDSigTest "phaos-xmldsig-three" "signature-hmac-sha1-40-c14n-comments-detached" \
+
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-hmac-sha1-40-c14n-comments-detached" \
"c14n-with-comments sha1 hmac-sha1" \
"--hmackey certs/hmackey.bin"
-
-execDSigTest "phaos-xmldsig-three" "signature-hmac-sha1-40-exclusive-c14n-comments-detached" \
+
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-hmac-sha1-40-exclusive-c14n-comments-detached" \
"exc-c14n-with-comments sha1 hmac-sha1" \
"--hmackey certs/hmackey.bin"
-
-execDSigTest "phaos-xmldsig-three" "signature-hmac-sha1-exclusive-c14n-comments-detached" \
+
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-hmac-sha1-exclusive-c14n-comments-detached" \
"exc-c14n-with-comments sha1 hmac-sha1" \
"--hmackey certs/hmackey.bin"
-
-execDSigTest "phaos-xmldsig-three" "signature-hmac-sha1-exclusive-c14n-enveloped" \
+
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-hmac-sha1-exclusive-c14n-enveloped" \
"enveloped-signature exc-c14n sha1 hmac-sha1" \
"--hmackey certs/hmackey.bin"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-detached-b64-transform" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-rsa-detached-b64-transform" \
"base64 sha1 rsa-sha1" \
"--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-detached" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-rsa-detached" \
"sha1 rsa-sha1" \
"--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-detached-xpath-transform" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-rsa-detached-xpath-transform" \
"xpath sha1 rsa-sha1" \
"--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-detached-xslt-transform-retrieval-method" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-rsa-detached-xslt-transform-retrieval-method" \
"xslt sha1 rsa-sha1" \
"--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-detached-xslt-transform" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-rsa-detached-xslt-transform" \
"xslt sha1 rsa-sha1" \
"--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-enveloped" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-rsa-enveloped" \
"enveloped-signature sha1 rsa-sha1" \
"--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-enveloping" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-rsa-enveloping" \
"sha1 rsa-sha1" \
"--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-manifest-x509-data-cert-chain" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-rsa-manifest-x509-data-cert-chain" \
"sha1 rsa-sha1" \
"--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-manifest-x509-data-cert" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-rsa-manifest-x509-data-cert" \
"sha1 rsa-sha1" \
"--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-manifest-x509-data-issuer-serial" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-rsa-manifest-x509-data-issuer-serial" \
"sha1 rsa-sha1" \
"--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-manifest-x509-data-ski" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-rsa-manifest-x509-data-ski" \
"sha1 rsa-sha1" \
"--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-manifest-x509-data-subject-name" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-rsa-manifest-x509-data-subject-name" \
"sha1 rsa-sha1" \
"--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-manifest" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-rsa-manifest" \
"sha1 rsa-sha1" \
"--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-xpath-transform-enveloped" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-rsa-xpath-transform-enveloped" \
"enveloped-signature xpath sha1 rsa-sha1" \
"--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
@@ -662,47 +866,69 @@ echo "Dynamic signature template"
printf " Create new signature "
echo "$xmlsec_app sign-tmpl $xmlsec_params --keys-file $keysfile --output $tmpfile" >> $logfile
$VALGRIND $xmlsec_app sign-tmpl $xmlsec_params --keys-file $keysfile --output $tmpfile >> $logfile 2>> $logfile
-printRes $?
+printRes $res_success $?
printf " Verify new signature "
echo "$xmlsec_app verify --keys-file $keysfile $tmpfile" >> $logfile
$VALGRIND $xmlsec_app verify $xmlsec_params --keys-file $keysfile $tmpfile >> $logfile 2>> $logfile
-printRes $?
+printRes $res_success $?
+##########################################################################
+##########################################################################
+##########################################################################
echo "--------- These tests CAN FAIL (extra OS config required) ----------"
-execDSigTest "" "aleksey-xmldsig-01/enveloped-gost" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloped-gost" \
"enveloped-signature gostr34102001-gostr3411 gostr3411" \
"--trusted-$cert_format $topfolder/keys/gost2001ca.$cert_format --untrusted-$cert_format $topfolder/keys/ca2cert.$cert_format --enabled-key-data x509" \
"" \
""
-echo "--------- Negative Testing: next test MUST FAIL ----------"
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-x509-crt-crl" \
+##########################################################################
+##########################################################################
+##########################################################################
+echo "--------- Negative Testing ----------"
+execDSigTest $res_fail \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-x509-crt-crl" \
"sha1 rsa-sha1" \
"--X509-skip-strict-checks --trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-expired-cert" \
+execDSigTest $res_fail \
+ "" \
+ "aleksey-xmldsig-01/enveloping-expired-cert" \
"sha1 dsa-sha1" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
-execDSigTest "" "aleksey-xmldsig-01/dtd-hmac-91" \
+execDSigTest $res_fail \
+ "" \
+ "aleksey-xmldsig-01/dtd-hmac-91" \
"sha1 hmac-sha1" \
"--enabled-reference-uris empty --hmackey $topfolder/keys/hmackey.bin --dtd-file $topfolder/aleksey-xmldsig-01/dtd-hmac-91.dtd"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-detached-xslt-transform-bad-retrieval-method" \
+execDSigTest $res_fail \
+ "phaos-xmldsig-three" \
+ "signature-rsa-detached-xslt-transform-bad-retrieval-method" \
"xslt sha1 rsa-sha1" \
"--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-enveloped-bad-digest-val" \
+execDSigTest $res_fail \
+ "phaos-xmldsig-three" \
+ "signature-rsa-enveloped-bad-digest-val" \
"enveloped-signature sha1 rsa-sha1" \
"--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-enveloped-bad-sig" \
+execDSigTest $res_fail \
+ "phaos-xmldsig-three" \
+ "signature-rsa-enveloped-bad-sig" \
"enveloped-signature sha1 rsa-sha1" \
"--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-manifest-x509-data-crl" \
+execDSigTest $res_fail \
+ "phaos-xmldsig-three" \
+ "signature-rsa-manifest-x509-data-crl" \
"sha1 rsa-sha1" \
"--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
diff --git a/tests/testKeys.sh b/tests/testKeys.sh
index 5303aac..1b882f3 100755
--- a/tests/testKeys.sh
+++ b/tests/testKeys.sh
@@ -56,7 +56,7 @@ printRes() {
fi
}
-execKeysTest() {
+execKeysTest() {
req_key_data=$1
key_name=$2
alg_name=$3
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
