blob: 05f82c797b1d2ef46d9e85753ac1a8875cda643f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
|
#!/bin/sh
# Copyright (C) 2014 Nikos Mavrogiannopoulos
#
# This file is part of GnuTLS.
#
# GnuTLS is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by the
# Free Software Foundation; either version 3 of the License, or (at
# your option) any later version.
#
# GnuTLS is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with GnuTLS; if not, write to the Free Software Foundation,
# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
srcdir=${srcdir:-.}
CERTTOOL=${CERTTOOL:-../../src/certtool$EXEEXT}
GREP=${GREP:-grep}
# check keys with password
$CERTTOOL --to-p8 --load-privkey $srcdir/key-ca.pem --password "1234" \
--outfile tmp-key-ca.p8 2>/dev/null
$GREP "BEGIN ENCRYPTED PRIVATE KEY" tmp-key-ca.p8 >/dev/null 2>&1
rc=$?
# We're done.
if test "$rc" != "0"; then
echo "Error in converting key to PKCS #8 with password"
exit $rc
fi
$CERTTOOL -k --pkcs8 --infile $srcdir/key-ca.pem --password "1234" >/dev/null 2>&1
rc=$?
# We're done.
if test "$rc" != "0"; then
echo "Error in reading PKCS #8 key with password"
exit $rc
fi
$CERTTOOL -k --pkcs8 --infile $srcdir/key-ca-1234.p8 --password "1234" >/dev/null 2>&1
rc=$?
# We're done.
if test "$rc" != "0"; then
echo "Error in reading saved PKCS #8 key with password"
exit $rc
fi
#keys encrypted with empty password
$CERTTOOL --to-p8 --load-privkey $srcdir/key-ca.pem --password "" \
--outfile tmp-key-ca.p8 2>/dev/null
$GREP "BEGIN PRIVATE KEY" tmp-key-ca.p8 >/dev/null 2>&1
rc=$?
# We're done.
if test "$rc" != "0"; then
echo "Error in converting key to PKCS #8 with empty password"
exit $rc
fi
$CERTTOOL -k --pkcs8 --infile $srcdir/key-ca.pem --password "" >/dev/null 2>&1
rc=$?
# We're done.
if test "$rc" != "0"; then
echo "Error in reading PKCS #8 key with empty password"
exit $rc
fi
$CERTTOOL -k --pkcs8 --infile $srcdir/key-ca-empty.p8 --password "" >/dev/null 2>&1
rc=$?
# We're done.
if test "$rc" != "0"; then
echo "Error in reading saved PKCS #8 key with empty password"
exit $rc
fi
#keys encrypted with null password
$CERTTOOL --to-p8 --load-privkey $srcdir/key-ca.pem --null-password \
--outfile tmp-key-ca.p8 2>/dev/null
$GREP "BEGIN ENCRYPTED PRIVATE KEY" tmp-key-ca.p8 >/dev/null 2>&1
rc=$?
# We're done.
if test "$rc" != "0"; then
echo "Error in converting key to PKCS #8 with null password"
exit $rc
fi
$CERTTOOL -k --pkcs8 --infile $srcdir/key-ca.pem --null-password >/dev/null 2>&1
rc=$?
# We're done.
if test "$rc" != "0"; then
echo "Error in reading PKCS #8 key with null password"
exit $rc
fi
$CERTTOOL -k --pkcs8 --infile $srcdir/key-ca-null.p8 --null-password >/dev/null 2>&1
rc=$?
# We're done.
if test "$rc" != "0"; then
echo "Error in reading saved PKCS #8 key with null password"
exit $rc
fi
rm -f tmp-key-ca.p8
exit 0
|
