diff options
| author | Daiki Ueno <ueno@gnu.org> | 2021-12-21 15:02:45 +0100 |
|---|---|---|
| committer | Daiki Ueno <ueno@gnu.org> | 2022-01-11 16:35:03 +0100 |
| commit | bdd2ade76b189b4d15be548e4337991d8a6de184 (patch) | |
| tree | ad461bd17d8b75af9a50be683bd36ffdd4e67255 | |
| parent | c87f5aa5fd5a807a4444e428063db3f8635d378d (diff) | |
| download | gnutls-bdd2ade76b189b4d15be548e4337991d8a6de184.tar.gz | |
tests: check algorithms for generating PKCS#12 file
Signed-off-by: Daiki Ueno <ueno@gnu.org>
| -rw-r--r-- | .x-sc_space_tab | 1 | ||||
| -rw-r--r-- | tests/cert-tests/Makefile.am | 1 | ||||
| -rwxr-xr-x | tests/cert-tests/pkcs12.sh | 48 |
3 files changed, 47 insertions, 3 deletions
diff --git a/.x-sc_space_tab b/.x-sc_space_tab new file mode 100644 index 0000000000..36b2b507d5 --- /dev/null +++ b/.x-sc_space_tab @@ -0,0 +1 @@ +^tests/cert-tests/pkcs12.sh diff --git a/tests/cert-tests/Makefile.am b/tests/cert-tests/Makefile.am index f1de1bef27..0c78cd9a1d 100644 --- a/tests/cert-tests/Makefile.am +++ b/tests/cert-tests/Makefile.am @@ -160,6 +160,7 @@ TESTS_ENVIRONMENT = EXEEXT=$(EXEEXT) \ ASAN_OPTIONS="detect_leaks=0:exitcode=6" \ GNUTLS_TEST_SUITE_RUN=1 \ GNUTLS_SYSTEM_PRIORITY_FILE=$(abs_top_srcdir)/tests/system.prio \ + PKCS12_ITER_COUNT="$(PKCS12_ITER_COUNT)" \ srcdir="$(srcdir)" if ENABLE_FIPS140 diff --git a/tests/cert-tests/pkcs12.sh b/tests/cert-tests/pkcs12.sh index a04b043c8e..445a82eff4 100755 --- a/tests/cert-tests/pkcs12.sh +++ b/tests/cert-tests/pkcs12.sh @@ -40,8 +40,11 @@ fi : ${DIFF=diff} DEBUG="" -TMPFILE=pkcs12.$$.tmp -TMPFILE_PEM=pkcs12.$$.pem.tmp +. "${srcdir}/../scripts/common.sh" +testdir=`create_testdir pkcs12` + +TMPFILE=$testdir/pkcs12 +TMPFILE_PEM=$testdir/pkcs12.pem DEBUG="1" @@ -101,7 +104,7 @@ if test ${rc} != 0; then exit 1 fi -${VALGRIND} "${CERTTOOL}" --p12-info --inder --password 1234 --infile $TMPFILE >${TMPFILE_PEM} 2>/dev/null +${VALGRIND} "${CERTTOOL}" --p12-info --inder --password 1234 --infile $TMPFILE|tr -d '\r' >${TMPFILE_PEM} 2>/dev/null rc=$? if test ${rc} != 0; then echo "PKCS12 FATAL decrypting/decoding" @@ -122,4 +125,43 @@ if test "${rc}" != "0"; then exit ${rc} fi +INFO_EXP=$testdir/p12-info.exp +INFO_OUT=$testdir/p12-info.out + +cat >$INFO_EXP <<EOF +MAC info: + MAC: SHA256 (2.16.840.1.101.3.4.2.1) + Salt size: 8 + Iteration count: $PKCS12_ITER_COUNT + +BAG #0 + Type: Encrypted + Cipher: AES-128-CBC + Schema: PBES2-AES128-CBC (2.16.840.1.101.3.4.1.2) + Iteration count: $PKCS12_ITER_COUNT + +BAG #1 + Elements: 1 + Type: PKCS #8 Encrypted key + PKCS #8 information: + Cipher: AES-128-CBC + Schema: PBES2-AES128-CBC (2.16.840.1.101.3.4.1.2) + Iteration count: $PKCS12_ITER_COUNT + +EOF + +sed -n '/^\(MAC\|BAG\)/,/^$/p' ${TMPFILE_PEM} | \ +sed -e '/^[ ]*Salt:/d' \ + -e '/^BAG #[0-9]*/,$ { /^[ ]*Salt size:/d }' > ${INFO_OUT} + +diff ${INFO_EXP} ${INFO_OUT} + +rc=$? + +if test "${rc}" != "0"; then + exit ${rc} +fi + +rm -rf "${testdir}" + exit 0 |