diff options
author | cvs2hg <devnull@localhost> | 2007-03-09 22:54:51 +0000 |
---|---|---|
committer | cvs2hg <devnull@localhost> | 2007-03-09 22:54:51 +0000 |
commit | 2e894b7c5e3cbc49267a650022f3766e81b83441 (patch) | |
tree | 129186c165914d02c1073d4f5c39731d3f0aa5a5 | |
parent | 2df9a7a375d0b64ba2fbb06db68691d76523974e (diff) | |
download | nss-hg-2e894b7c5e3cbc49267a650022f3766e81b83441.tar.gz |
fixup commit for branch 'NSS_3_11_6_BYPASS_BRANCH'
-rw-r--r-- | security/nss/lib/freebl/ecl/ecl-curve.h | 634 | ||||
-rw-r--r-- | security/nss/tests/iopr/cert_iopr.sh | 420 | ||||
-rw-r--r-- | security/nss/tests/iopr/ocsp_iopr.sh | 218 | ||||
-rw-r--r-- | security/nss/tests/iopr/ssl_iopr.sh | 666 | ||||
-rw-r--r-- | security/nss/tests/ocsp/ocsp.sh | 82 |
5 files changed, 571 insertions, 1449 deletions
diff --git a/security/nss/lib/freebl/ecl/ecl-curve.h b/security/nss/lib/freebl/ecl/ecl-curve.h index 3a01dc835..36bc993b6 100644 --- a/security/nss/lib/freebl/ecl/ecl-curve.h +++ b/security/nss/lib/freebl/ecl/ecl-curve.h @@ -42,10 +42,29 @@ #ifndef __ecl_curve_h_ #define __ecl_curve_h_ -#ifdef NSS_ECC_MORE_THAN_SUITE_B -#error This source file is for Basic ECC only . +#ifndef NSS_ECC_MORE_THAN_SUITE_B +#error This source file is for Extended ECC only . #endif +/* NIST prime curves */ +static const ECCurveParams ecCurve_NIST_P192 = { + "NIST-P192", ECField_GFp, 192, + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC", + "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1", + "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012", + "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811", + "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831", 1 +}; +static const ECCurveParams ecCurve_NIST_P224 = { + "NIST-P224", ECField_GFp, 224, + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE", + "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4", + "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21", + "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D", 1 +}; static const ECCurveParams ecCurve_NIST_P256 = { "NIST-P256", ECField_GFp, 256, "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF", @@ -55,7 +74,6 @@ static const ECCurveParams ecCurve_NIST_P256 = { "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5", "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551", 1 }; - static const ECCurveParams ecCurve_NIST_P384 = { "NIST-P384", ECField_GFp, 384, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF", @@ -66,7 +84,6 @@ static const ECCurveParams ecCurve_NIST_P384 = { "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973", 1 }; - static const ECCurveParams ecCurve_NIST_P521 = { "NIST-P521", ECField_GFp, 521, "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", @@ -78,67 +95,558 @@ static const ECCurveParams ecCurve_NIST_P521 = { 1 }; +/* NIST binary curves */ +static const ECCurveParams ecCurve_NIST_K163 = { + "NIST-K163", ECField_GF2m, 163, + "0800000000000000000000000000000000000000C9", + "000000000000000000000000000000000000000001", + "000000000000000000000000000000000000000001", + "02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8", + "0289070FB05D38FF58321F2E800536D538CCDAA3D9", + "04000000000000000000020108A2E0CC0D99F8A5EF", 2 +}; +static const ECCurveParams ecCurve_NIST_B163 = { + "NIST-B163", ECField_GF2m, 163, + "0800000000000000000000000000000000000000C9", + "000000000000000000000000000000000000000001", + "020A601907B8C953CA1481EB10512F78744A3205FD", + "03F0EBA16286A2D57EA0991168D4994637E8343E36", + "00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1", + "040000000000000000000292FE77E70C12A4234C33", 2 +}; +static const ECCurveParams ecCurve_NIST_K233 = { + "NIST-K233", ECField_GF2m, 233, + "020000000000000000000000000000000000000004000000000000000001", + "000000000000000000000000000000000000000000000000000000000000", + "000000000000000000000000000000000000000000000000000000000001", + "017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126", + "01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3", + "008000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF", 4 +}; +static const ECCurveParams ecCurve_NIST_B233 = { + "NIST-B233", ECField_GF2m, 233, + "020000000000000000000000000000000000000004000000000000000001", + "000000000000000000000000000000000000000000000000000000000001", + "0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD", + "00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B", + "01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052", + "01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7", 2 +}; +static const ECCurveParams ecCurve_NIST_K283 = { + "NIST-K283", ECField_GF2m, 283, + "0800000000000000000000000000000000000000000000000000000000000000000010A1", + "000000000000000000000000000000000000000000000000000000000000000000000000", + "000000000000000000000000000000000000000000000000000000000000000000000001", + "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836", + "01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259", + "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61", + 4 +}; +static const ECCurveParams ecCurve_NIST_B283 = { + "NIST-B283", ECField_GF2m, 283, + "0800000000000000000000000000000000000000000000000000000000000000000010A1", + "000000000000000000000000000000000000000000000000000000000000000000000001", + "027B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5", + "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053", + "03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4", + "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307", + 2 +}; +static const ECCurveParams ecCurve_NIST_K409 = { + "NIST-K409", ECField_GF2m, 409, + "02000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001", + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001", + "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746", + "01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B", + "007FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF", + 4 +}; +static const ECCurveParams ecCurve_NIST_B409 = { + "NIST-B409", ECField_GF2m, 409, + "02000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001", + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001", + "0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F", + "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7", + "0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706", + "010000000000000000000000000000000000000000000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173", + 2 +}; +static const ECCurveParams ecCurve_NIST_K571 = { + "NIST-K571", ECField_GF2m, 571, + "080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425", + "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001", + "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972", + "0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3", + "020000000000000000000000000000000000000000000000000000000000000000000000131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001", + 4 +}; +static const ECCurveParams ecCurve_NIST_B571 = { + "NIST-B571", ECField_GF2m, 571, + "080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425", + "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001", + "02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFABBD8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F2955727A", + "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19", + "037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B", + "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47", + 2 +}; + +/* ANSI X9.62 prime curves */ +static const ECCurveParams ecCurve_X9_62_PRIME_192V2 = { + "X9.62 P-192V2", ECField_GFp, 192, + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC", + "CC22D6DFB95C6B25E49C0D6364A4E5980C393AA21668D953", + "EEA2BAE7E1497842F2DE7769CFE9C989C072AD696F48034A", + "6574D11D69B6EC7A672BB82A083DF2F2B0847DE970B2DE15", + "FFFFFFFFFFFFFFFFFFFFFFFE5FB1A724DC80418648D8DD31", 1 +}; +static const ECCurveParams ecCurve_X9_62_PRIME_192V3 = { + "X9.62 P-192V3", ECField_GFp, 192, + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC", + "22123DC2395A05CAA7423DAECCC94760A7D462256BD56916", + "7D29778100C65A1DA1783716588DCE2B8B4AEE8E228F1896", + "38A90F22637337334B49DCB66A6DC8F9978ACA7648A943B0", + "FFFFFFFFFFFFFFFFFFFFFFFF7A62D031C83F4294F640EC13", 1 +}; +static const ECCurveParams ecCurve_X9_62_PRIME_239V1 = { + "X9.62 P-239V1", ECField_GFp, 239, + "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF", + "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC", + "6B016C3BDCF18941D0D654921475CA71A9DB2FB27D1D37796185C2942C0A", + "0FFA963CDCA8816CCC33B8642BEDF905C3D358573D3F27FBBD3B3CB9AAAF", + "7DEBE8E4E90A5DAE6E4054CA530BA04654B36818CE226B39FCCB7B02F1AE", + "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF9E5E9A9F5D9071FBD1522688909D0B", 1 +}; +static const ECCurveParams ecCurve_X9_62_PRIME_239V2 = { + "X9.62 P-239V2", ECField_GFp, 239, + "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF", + "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC", + "617FAB6832576CBBFED50D99F0249C3FEE58B94BA0038C7AE84C8C832F2C", + "38AF09D98727705120C921BB5E9E26296A3CDCF2F35757A0EAFD87B830E7", + "5B0125E4DBEA0EC7206DA0FC01D9B081329FB555DE6EF460237DFF8BE4BA", + "7FFFFFFFFFFFFFFFFFFFFFFF800000CFA7E8594377D414C03821BC582063", 1 +}; +static const ECCurveParams ecCurve_X9_62_PRIME_239V3 = { + "X9.62 P-239V3", ECField_GFp, 239, + "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF", + "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC", + "255705FA2A306654B1F4CB03D6A750A30C250102D4988717D9BA15AB6D3E", + "6768AE8E18BB92CFCF005C949AA2C6D94853D0E660BBF854B1C9505FE95A", + "1607E6898F390C06BC1D552BAD226F3B6FCFE48B6E818499AF18E3ED6CF3", + "7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF975DEB41B3A6057C3C432146526551", 1 +}; + +/* ANSI X9.62 binary curves */ +static const ECCurveParams ecCurve_X9_62_CHAR2_PNB163V1 = { + "X9.62 C2-PNB163V1", ECField_GF2m, 163, + "080000000000000000000000000000000000000107", + "072546B5435234A422E0789675F432C89435DE5242", + "00C9517D06D5240D3CFF38C74B20B6CD4D6F9DD4D9", + "07AF69989546103D79329FCC3D74880F33BBE803CB", + "01EC23211B5966ADEA1D3F87F7EA5848AEF0B7CA9F", + "0400000000000000000001E60FC8821CC74DAEAFC1", 2 +}; +static const ECCurveParams ecCurve_X9_62_CHAR2_PNB163V2 = { + "X9.62 C2-PNB163V2", ECField_GF2m, 163, + "080000000000000000000000000000000000000107", + "0108B39E77C4B108BED981ED0E890E117C511CF072", + "0667ACEB38AF4E488C407433FFAE4F1C811638DF20", + "0024266E4EB5106D0A964D92C4860E2671DB9B6CC5", + "079F684DDF6684C5CD258B3890021B2386DFD19FC5", + "03FFFFFFFFFFFFFFFFFFFDF64DE1151ADBB78F10A7", 2 +}; +static const ECCurveParams ecCurve_X9_62_CHAR2_PNB163V3 = { + "X9.62 C2-PNB163V3", ECField_GF2m, 163, + "080000000000000000000000000000000000000107", + "07A526C63D3E25A256A007699F5447E32AE456B50E", + "03F7061798EB99E238FD6F1BF95B48FEEB4854252B", + "02F9F87B7C574D0BDECF8A22E6524775F98CDEBDCB", + "05B935590C155E17EA48EB3FF3718B893DF59A05D0", + "03FFFFFFFFFFFFFFFFFFFE1AEE140F110AFF961309", 2 +}; +static const ECCurveParams ecCurve_X9_62_CHAR2_PNB176V1 = { + "X9.62 C2-PNB176V1", ECField_GF2m, 176, + "0100000000000000000000000000000000080000000007", + "E4E6DB2995065C407D9D39B8D0967B96704BA8E9C90B", + "5DDA470ABE6414DE8EC133AE28E9BBD7FCEC0AE0FFF2", + "8D16C2866798B600F9F08BB4A8E860F3298CE04A5798", + "6FA4539C2DADDDD6BAB5167D61B436E1D92BB16A562C", + "00010092537397ECA4F6145799D62B0A19CE06FE26AD", 0xFF6E +}; +static const ECCurveParams ecCurve_X9_62_CHAR2_TNB191V1 = { + "X9.62 C2-TNB191V1", ECField_GF2m, 191, + "800000000000000000000000000000000000000000000201", + "2866537B676752636A68F56554E12640276B649EF7526267", + "2E45EF571F00786F67B0081B9495A3D95462F5DE0AA185EC", + "36B3DAF8A23206F9C4F299D7B21A9C369137F2C84AE1AA0D", + "765BE73433B3F95E332932E70EA245CA2418EA0EF98018FB", + "40000000000000000000000004A20E90C39067C893BBB9A5", 2 +}; +static const ECCurveParams ecCurve_X9_62_CHAR2_TNB191V2 = { + "X9.62 C2-TNB191V2", ECField_GF2m, 191, + "800000000000000000000000000000000000000000000201", + "401028774D7777C7B7666D1366EA432071274F89FF01E718", + "0620048D28BCBD03B6249C99182B7C8CD19700C362C46A01", + "3809B2B7CC1B28CC5A87926AAD83FD28789E81E2C9E3BF10", + "17434386626D14F3DBF01760D9213A3E1CF37AEC437D668A", + "20000000000000000000000050508CB89F652824E06B8173", 4 +}; +static const ECCurveParams ecCurve_X9_62_CHAR2_TNB191V3 = { + "X9.62 C2-TNB191V3", ECField_GF2m, 191, + "800000000000000000000000000000000000000000000201", + "6C01074756099122221056911C77D77E77A777E7E7E77FCB", + "71FE1AF926CF847989EFEF8DB459F66394D90F32AD3F15E8", + "375D4CE24FDE434489DE8746E71786015009E66E38A926DD", + "545A39176196575D985999366E6AD34CE0A77CD7127B06BE", + "155555555555555555555555610C0B196812BFB6288A3EA3", 6 +}; +static const ECCurveParams ecCurve_X9_62_CHAR2_PNB208W1 = { + "X9.62 C2-PNB208W1", ECField_GF2m, 208, + "010000000000000000000000000000000800000000000000000007", + "0000000000000000000000000000000000000000000000000000", + "C8619ED45A62E6212E1160349E2BFA844439FAFC2A3FD1638F9E", + "89FDFBE4ABE193DF9559ECF07AC0CE78554E2784EB8C1ED1A57A", + "0F55B51A06E78E9AC38A035FF520D8B01781BEB1A6BB08617DE3", + "000101BAF95C9723C57B6C21DA2EFF2D5ED588BDD5717E212F9D", 0xFE48 +}; +static const ECCurveParams ecCurve_X9_62_CHAR2_TNB239V1 = { + "X9.62 C2-TNB239V1", ECField_GF2m, 239, + "800000000000000000000000000000000000000000000000001000000001", + "32010857077C5431123A46B808906756F543423E8D27877578125778AC76", + "790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16", + "57927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D", + "61D8EE5077C33FECF6F1A16B268DE469C3C7744EA9A971649FC7A9616305", + "2000000000000000000000000000000F4D42FFE1492A4993F1CAD666E447", 4 +}; +static const ECCurveParams ecCurve_X9_62_CHAR2_TNB239V2 = { + "X9.62 C2-TNB239V2", ECField_GF2m, 239, + "800000000000000000000000000000000000000000000000001000000001", + "4230017757A767FAE42398569B746325D45313AF0766266479B75654E65F", + "5037EA654196CFF0CD82B2C14A2FCF2E3FF8775285B545722F03EACDB74B", + "28F9D04E900069C8DC47A08534FE76D2B900B7D7EF31F5709F200C4CA205", + "5667334C45AFF3B5A03BAD9DD75E2C71A99362567D5453F7FA6E227EC833", + "1555555555555555555555555555553C6F2885259C31E3FCDF154624522D", 6 +}; +static const ECCurveParams ecCurve_X9_62_CHAR2_TNB239V3 = { + "X9.62 C2-TNB239V3", ECField_GF2m, 239, + "800000000000000000000000000000000000000000000000001000000001", + "01238774666A67766D6676F778E676B66999176666E687666D8766C66A9F", + "6A941977BA9F6A435199ACFC51067ED587F519C5ECB541B8E44111DE1D40", + "70F6E9D04D289C4E89913CE3530BFDE903977D42B146D539BF1BDE4E9C92", + "2E5A0EAF6E5E1305B9004DCE5C0ED7FE59A35608F33837C816D80B79F461", + "0CCCCCCCCCCCCCCCCCCCCCCCCCCCCCAC4912D2D9DF903EF9888B8A0E4CFF", 0xA +}; +static const ECCurveParams ecCurve_X9_62_CHAR2_PNB272W1 = { + "X9.62 C2-PNB272W1", ECField_GF2m, 272, + "010000000000000000000000000000000000000000000000000000010000000000000B", + "91A091F03B5FBA4AB2CCF49C4EDD220FB028712D42BE752B2C40094DBACDB586FB20", + "7167EFC92BB2E3CE7C8AAAFF34E12A9C557003D7C73A6FAF003F99F6CC8482E540F7", + "6108BABB2CEEBCF787058A056CBE0CFE622D7723A289E08A07AE13EF0D10D171DD8D", + "10C7695716851EEF6BA7F6872E6142FBD241B830FF5EFCACECCAB05E02005DDE9D23", + "000100FAF51354E0E39E4892DF6E319C72C8161603FA45AA7B998A167B8F1E629521", + 0xFF06 +}; +static const ECCurveParams ecCurve_X9_62_CHAR2_PNB304W1 = { + "X9.62 C2-PNB304W1", ECField_GF2m, 304, + "010000000000000000000000000000000000000000000000000000000000000000000000000807", + "FD0D693149A118F651E6DCE6802085377E5F882D1B510B44160074C1288078365A0396C8E681", + "BDDB97E555A50A908E43B01C798EA5DAA6788F1EA2794EFCF57166B8C14039601E55827340BE", + "197B07845E9BE2D96ADB0F5F3C7F2CFFBD7A3EB8B6FEC35C7FD67F26DDF6285A644F740A2614", + "E19FBEB76E0DA171517ECF401B50289BF014103288527A9B416A105E80260B549FDC1B92C03B", + "000101D556572AABAC800101D556572AABAC8001022D5C91DD173F8FB561DA6899164443051D", + 0xFE2E +}; +static const ECCurveParams ecCurve_X9_62_CHAR2_TNB359V1 = { + "X9.62 C2-TNB359V1", ECField_GF2m, 359, + "800000000000000000000000000000000000000000000000000000000000000000000000100000000000000001", + "5667676A654B20754F356EA92017D946567C46675556F19556A04616B567D223A5E05656FB549016A96656A557", + "2472E2D0197C49363F1FE7F5B6DB075D52B6947D135D8CA445805D39BC345626089687742B6329E70680231988", + "3C258EF3047767E7EDE0F1FDAA79DAEE3841366A132E163ACED4ED2401DF9C6BDCDE98E8E707C07A2239B1B097", + "53D7E08529547048121E9C95F3791DD804963948F34FAE7BF44EA82365DC7868FE57E4AE2DE211305A407104BD", + "01AF286BCA1AF286BCA1AF286BCA1AF286BCA1AF286BC9FB8F6B85C556892C20A7EB964FE7719E74F490758D3B", + 0x4C +}; +static const ECCurveParams ecCurve_X9_62_CHAR2_PNB368W1 = { + "X9.62 C2-PNB368W1", ECField_GF2m, 368, + "0100000000000000000000000000000000000000000000000000000000000000000000002000000000000000000007", + "E0D2EE25095206F5E2A4F9ED229F1F256E79A0E2B455970D8D0D865BD94778C576D62F0AB7519CCD2A1A906AE30D", + "FC1217D4320A90452C760A58EDCD30C8DD069B3C34453837A34ED50CB54917E1C2112D84D164F444F8F74786046A", + "1085E2755381DCCCE3C1557AFA10C2F0C0C2825646C5B34A394CBCFA8BC16B22E7E789E927BE216F02E1FB136A5F", + "7B3EB1BDDCBA62D5D8B2059B525797FC73822C59059C623A45FF3843CEE8F87CD1855ADAA81E2A0750B80FDA2310", + "00010090512DA9AF72B08349D98A5DD4C7B0532ECA51CE03E2D10F3B7AC579BD87E909AE40A6F131E9CFCE5BD967", + 0xFF70 +}; +static const ECCurveParams ecCurve_X9_62_CHAR2_TNB431R1 = { + "X9.62 C2-TNB431R1", ECField_GF2m, 431, + "800000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000001", + "1A827EF00DD6FC0E234CAF046C6A5D8A85395B236CC4AD2CF32A0CADBDC9DDF620B0EB9906D0957F6C6FEACD615468DF104DE296CD8F", + "10D9B4A3D9047D8B154359ABFB1B7F5485B04CEB868237DDC9DEDA982A679A5A919B626D4E50A8DD731B107A9962381FB5D807BF2618", + "120FC05D3C67A99DE161D2F4092622FECA701BE4F50F4758714E8A87BBF2A658EF8C21E7C5EFE965361F6C2999C0C247B0DBD70CE6B7", + "20D0AF8903A96F8D5FA2C255745D3C451B302C9346D9B7E485E7BCE41F6B591F3E8F6ADDCBB0BC4C2F947A7DE1A89B625D6A598B3760", + "0340340340340340340340340340340340340340340340340340340323C313FAB50589703B5EC68D3587FEC60D161CC149C1AD4A91", + 0x2760 +}; + +/* SEC2 prime curves */ +static const ECCurveParams ecCurve_SECG_PRIME_112R1 = { + "SECP-112R1", ECField_GFp, 112, + "DB7C2ABF62E35E668076BEAD208B", + "DB7C2ABF62E35E668076BEAD2088", + "659EF8BA043916EEDE8911702B22", + "09487239995A5EE76B55F9C2F098", + "A89CE5AF8724C0A23E0E0FF77500", + "DB7C2ABF62E35E7628DFAC6561C5", 1 +}; +static const ECCurveParams ecCurve_SECG_PRIME_112R2 = { + "SECP-112R2", ECField_GFp, 112, + "DB7C2ABF62E35E668076BEAD208B", + "6127C24C05F38A0AAAF65C0EF02C", + "51DEF1815DB5ED74FCC34C85D709", + "4BA30AB5E892B4E1649DD0928643", + "adcd46f5882e3747def36e956e97", + "36DF0AAFD8B8D7597CA10520D04B", 4 +}; +static const ECCurveParams ecCurve_SECG_PRIME_128R1 = { + "SECP-128R1", ECField_GFp, 128, + "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFC", + "E87579C11079F43DD824993C2CEE5ED3", + "161FF7528B899B2D0C28607CA52C5B86", + "CF5AC8395BAFEB13C02DA292DDED7A83", + "FFFFFFFE0000000075A30D1B9038A115", 1 +}; +static const ECCurveParams ecCurve_SECG_PRIME_128R2 = { + "SECP-128R2", ECField_GFp, 128, + "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF", + "D6031998D1B3BBFEBF59CC9BBFF9AEE1", + "5EEEFCA380D02919DC2C6558BB6D8A5D", + "7B6AA5D85E572983E6FB32A7CDEBC140", + "27B6916A894D3AEE7106FE805FC34B44", + "3FFFFFFF7FFFFFFFBE0024720613B5A3", 4 +}; +static const ECCurveParams ecCurve_SECG_PRIME_160K1 = { + "SECP-160K1", ECField_GFp, 160, + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73", + "0000000000000000000000000000000000000000", + "0000000000000000000000000000000000000007", + "3B4C382CE37AA192A4019E763036F4F5DD4D7EBB", + "938CF935318FDCED6BC28286531733C3F03C4FEE", + "0100000000000000000001B8FA16DFAB9ACA16B6B3", 1 +}; +static const ECCurveParams ecCurve_SECG_PRIME_160R1 = { + "SECP-160R1", ECField_GFp, 160, + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC", + "1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45", + "4A96B5688EF573284664698968C38BB913CBFC82", + "23A628553168947D59DCC912042351377AC5FB32", + "0100000000000000000001F4C8F927AED3CA752257", 1 +}; +static const ECCurveParams ecCurve_SECG_PRIME_160R2 = { + "SECP-160R2", ECField_GFp, 160, + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC70", + "B4E134D3FB59EB8BAB57274904664D5AF50388BA", + "52DCB034293A117E1F4FF11B30F7199D3144CE6D", + "FEAFFEF2E331F296E071FA0DF9982CFEA7D43F2E", + "0100000000000000000000351EE786A818F3A1A16B", 1 +}; +static const ECCurveParams ecCurve_SECG_PRIME_192K1 = { + "SECP-192K1", ECField_GFp, 192, + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37", + "000000000000000000000000000000000000000000000000", + "000000000000000000000000000000000000000000000003", + "DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D", + "9B2F2F6D9C5628A7844163D015BE86344082AA88D95E2F9D", + "FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D", 1 +}; +static const ECCurveParams ecCurve_SECG_PRIME_224K1 = { + "SECP-224K1", ECField_GFp, 224, + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFE56D", + "00000000000000000000000000000000000000000000000000000000", + "00000000000000000000000000000000000000000000000000000005", + "A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C", + "7E089FED7FBA344282CAFBD6F7E319F7C0B0BD59E2CA4BDB556D61A5", + "010000000000000000000000000001DCE8D2EC6184CAF0A971769FB1F7", 1 +}; +static const ECCurveParams ecCurve_SECG_PRIME_256K1 = { + "SECP-256K1", ECField_GFp, 256, + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F", + "0000000000000000000000000000000000000000000000000000000000000000", + "0000000000000000000000000000000000000000000000000000000000000007", + "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798", + "483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141", 1 +}; + +/* SEC2 binary curves */ +static const ECCurveParams ecCurve_SECG_CHAR2_113R1 = { + "SECT-113R1", ECField_GF2m, 113, + "020000000000000000000000000201", + "003088250CA6E7C7FE649CE85820F7", + "00E8BEE4D3E2260744188BE0E9C723", + "009D73616F35F4AB1407D73562C10F", + "00A52830277958EE84D1315ED31886", + "0100000000000000D9CCEC8A39E56F", 2 +}; +static const ECCurveParams ecCurve_SECG_CHAR2_113R2 = { + "SECT-113R2", ECField_GF2m, 113, + "020000000000000000000000000201", + "00689918DBEC7E5A0DD6DFC0AA55C7", + "0095E9A9EC9B297BD4BF36E059184F", + "01A57A6A7B26CA5EF52FCDB8164797", + "00B3ADC94ED1FE674C06E695BABA1D", + "010000000000000108789B2496AF93", 2 +}; +static const ECCurveParams ecCurve_SECG_CHAR2_131R1 = { + "SECT-131R1", ECField_GF2m, 131, + "080000000000000000000000000000010D", + "07A11B09A76B562144418FF3FF8C2570B8", + "0217C05610884B63B9C6C7291678F9D341", + "0081BAF91FDF9833C40F9C181343638399", + "078C6E7EA38C001F73C8134B1B4EF9E150", + "0400000000000000023123953A9464B54D", 2 +}; +static const ECCurveParams ecCurve_SECG_CHAR2_131R2 = { + "SECT-131R2", ECField_GF2m, 131, + "080000000000000000000000000000010D", + "03E5A88919D7CAFCBF415F07C2176573B2", + "04B8266A46C55657AC734CE38F018F2192", + "0356DCD8F2F95031AD652D23951BB366A8", + "0648F06D867940A5366D9E265DE9EB240F", + "0400000000000000016954A233049BA98F", 2 +}; +static const ECCurveParams ecCurve_SECG_CHAR2_163R1 = { + "SECT-163R1", ECField_GF2m, 163, + "0800000000000000000000000000000000000000C9", + "07B6882CAAEFA84F9554FF8428BD88E246D2782AE2", + "0713612DCDDCB40AAB946BDA29CA91F73AF958AFD9", + "0369979697AB43897789566789567F787A7876A654", + "00435EDB42EFAFB2989D51FEFCE3C80988F41FF883", + "03FFFFFFFFFFFFFFFFFFFF48AAB689C29CA710279B", 2 +}; +static const ECCurveParams ecCurve_SECG_CHAR2_193R1 = { + "SECT-193R1", ECField_GF2m, 193, + "02000000000000000000000000000000000000000000008001", + "0017858FEB7A98975169E171F77B4087DE098AC8A911DF7B01", + "00FDFB49BFE6C3A89FACADAA7A1E5BBC7CC1C2E5D831478814", + "01F481BC5F0FF84A74AD6CDF6FDEF4BF6179625372D8C0C5E1", + "0025E399F2903712CCF3EA9E3A1AD17FB0B3201B6AF7CE1B05", + "01000000000000000000000000C7F34A778F443ACC920EBA49", 2 +}; +static const ECCurveParams ecCurve_SECG_CHAR2_193R2 = { + "SECT-193R2", ECField_GF2m, 193, + "02000000000000000000000000000000000000000000008001", + "0163F35A5137C2CE3EA6ED8667190B0BC43ECD69977702709B", + "00C9BB9E8927D4D64C377E2AB2856A5B16E3EFB7F61D4316AE", + "00D9B67D192E0367C803F39E1A7E82CA14A651350AAE617E8F", + "01CE94335607C304AC29E7DEFBD9CA01F596F927224CDECF6C", + "010000000000000000000000015AAB561B005413CCD4EE99D5", 2 +}; +static const ECCurveParams ecCurve_SECG_CHAR2_239K1 = { + "SECT-239K1", ECField_GF2m, 239, + "800000000000000000004000000000000000000000000000000000000001", + "000000000000000000000000000000000000000000000000000000000000", + "000000000000000000000000000000000000000000000000000000000001", + "29A0B6A887A983E9730988A68727A8B2D126C44CC2CC7B2A6555193035DC", + "76310804F12E549BDB011C103089E73510ACB275FC312A5DC6B76553F0CA", + "2000000000000000000000000000005A79FEC67CB6E91F1C1DA800E478A5", 4 +}; + +/* WTLS curves */ +static const ECCurveParams ecCurve_WTLS_1 = { + "WTLS-1", ECField_GF2m, 113, + "020000000000000000000000000201", + "000000000000000000000000000001", + "000000000000000000000000000001", + "01667979A40BA497E5D5C270780617", + "00F44B4AF1ECC2630E08785CEBCC15", + "00FFFFFFFFFFFFFFFDBF91AF6DEA73", 2 +}; +static const ECCurveParams ecCurve_WTLS_8 = { + "WTLS-8", ECField_GFp, 112, + "FFFFFFFFFFFFFFFFFFFFFFFFFDE7", + "0000000000000000000000000000", + "0000000000000000000000000003", + "0000000000000000000000000001", + "0000000000000000000000000002", + "0100000000000001ECEA551AD837E9", 1 +}; +static const ECCurveParams ecCurve_WTLS_9 = { + "WTLS-9", ECField_GFp, 160, + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC808F", + "0000000000000000000000000000000000000000", + "0000000000000000000000000000000000000003", + "0000000000000000000000000000000000000001", + "0000000000000000000000000000000000000002", + "0100000000000000000001CDC98AE0E2DE574ABF33", 1 +}; + /* mapping between ECCurveName enum and pointers to ECCurveParams */ static const ECCurveParams *ecCurve_map[] = { - NULL, /* ECCurve_noName */ - NULL, /* ECCurve_NIST_P192 */ - NULL, /* ECCurve_NIST_P224 */ - &ecCurve_NIST_P256, /* ECCurve_NIST_P256 */ - &ecCurve_NIST_P384, /* ECCurve_NIST_P384 */ - &ecCurve_NIST_P521, /* ECCurve_NIST_P521 */ - NULL, /* ECCurve_NIST_K163 */ - NULL, /* ECCurve_NIST_B163 */ - NULL, /* ECCurve_NIST_K233 */ - NULL, /* ECCurve_NIST_B233 */ - NULL, /* ECCurve_NIST_K283 */ - NULL, /* ECCurve_NIST_B283 */ - NULL, /* ECCurve_NIST_K409 */ - NULL, /* ECCurve_NIST_B409 */ - NULL, /* ECCurve_NIST_K571 */ - NULL, /* ECCurve_NIST_B571 */ - NULL, /* ECCurve_X9_62_PRIME_192V2 */ - NULL, /* ECCurve_X9_62_PRIME_192V3 */ - NULL, /* ECCurve_X9_62_PRIME_239V1 */ - NULL, /* ECCurve_X9_62_PRIME_239V2 */ - NULL, /* ECCurve_X9_62_PRIME_239V3 */ - NULL, /* ECCurve_X9_62_CHAR2_PNB163V1 */ - NULL, /* ECCurve_X9_62_CHAR2_PNB163V2 */ - NULL, /* ECCurve_X9_62_CHAR2_PNB163V3 */ - NULL, /* ECCurve_X9_62_CHAR2_PNB176V1 */ - NULL, /* ECCurve_X9_62_CHAR2_TNB191V1 */ - NULL, /* ECCurve_X9_62_CHAR2_TNB191V2 */ - NULL, /* ECCurve_X9_62_CHAR2_TNB191V3 */ - NULL, /* ECCurve_X9_62_CHAR2_PNB208W1 */ - NULL, /* ECCurve_X9_62_CHAR2_TNB239V1 */ - NULL, /* ECCurve_X9_62_CHAR2_TNB239V2 */ - NULL, /* ECCurve_X9_62_CHAR2_TNB239V3 */ - NULL, /* ECCurve_X9_62_CHAR2_PNB272W1 */ - NULL, /* ECCurve_X9_62_CHAR2_PNB304W1 */ - NULL, /* ECCurve_X9_62_CHAR2_TNB359V1 */ - NULL, /* ECCurve_X9_62_CHAR2_PNB368W1 */ - NULL, /* ECCurve_X9_62_CHAR2_TNB431R1 */ - NULL, /* ECCurve_SECG_PRIME_112R1 */ - NULL, /* ECCurve_SECG_PRIME_112R2 */ - NULL, /* ECCurve_SECG_PRIME_128R1 */ - NULL, /* ECCurve_SECG_PRIME_128R2 */ - NULL, /* ECCurve_SECG_PRIME_160K1 */ - NULL, /* ECCurve_SECG_PRIME_160R1 */ - NULL, /* ECCurve_SECG_PRIME_160R2 */ - NULL, /* ECCurve_SECG_PRIME_192K1 */ - NULL, /* ECCurve_SECG_PRIME_224K1 */ - NULL, /* ECCurve_SECG_PRIME_256K1 */ - NULL, /* ECCurve_SECG_CHAR2_113R1 */ - NULL, /* ECCurve_SECG_CHAR2_113R2 */ - NULL, /* ECCurve_SECG_CHAR2_131R1 */ - NULL, /* ECCurve_SECG_CHAR2_131R2 */ - NULL, /* ECCurve_SECG_CHAR2_163R1 */ - NULL, /* ECCurve_SECG_CHAR2_193R1 */ - NULL, /* ECCurve_SECG_CHAR2_193R2 */ - NULL, /* ECCurve_SECG_CHAR2_239K1 */ - NULL, /* ECCurve_WTLS_1 */ - NULL, /* ECCurve_WTLS_8 */ - NULL, /* ECCurve_WTLS_9 */ - NULL /* ECCurve_pastLastCurve */ + NULL, /* ECCurve_noName */ + &ecCurve_NIST_P192, /* ECCurve_NIST_P192 */ + &ecCurve_NIST_P224, /* ECCurve_NIST_P224 */ + &ecCurve_NIST_P256, /* ECCurve_NIST_P256 */ + &ecCurve_NIST_P384, /* ECCurve_NIST_P384 */ + &ecCurve_NIST_P521, /* ECCurve_NIST_P521 */ + &ecCurve_NIST_K163, /* ECCurve_NIST_K163 */ + &ecCurve_NIST_B163, /* ECCurve_NIST_B163 */ + &ecCurve_NIST_K233, /* ECCurve_NIST_K233 */ + &ecCurve_NIST_B233, /* ECCurve_NIST_B233 */ + &ecCurve_NIST_K283, /* ECCurve_NIST_K283 */ + &ecCurve_NIST_B283, /* ECCurve_NIST_B283 */ + &ecCurve_NIST_K409, /* ECCurve_NIST_K409 */ + &ecCurve_NIST_B409, /* ECCurve_NIST_B409 */ + &ecCurve_NIST_K571, /* ECCurve_NIST_K571 */ + &ecCurve_NIST_B571, /* ECCurve_NIST_B571 */ + &ecCurve_X9_62_PRIME_192V2, /* ECCurve_X9_62_PRIME_192V2 */ + &ecCurve_X9_62_PRIME_192V3, /* ECCurve_X9_62_PRIME_192V3 */ + &ecCurve_X9_62_PRIME_239V1, /* ECCurve_X9_62_PRIME_239V1 */ + &ecCurve_X9_62_PRIME_239V2, /* ECCurve_X9_62_PRIME_239V2 */ + &ecCurve_X9_62_PRIME_239V3, /* ECCurve_X9_62_PRIME_239V3 */ + &ecCurve_X9_62_CHAR2_PNB163V1, /* ECCurve_X9_62_CHAR2_PNB163V1 */ + &ecCurve_X9_62_CHAR2_PNB163V2, /* ECCurve_X9_62_CHAR2_PNB163V2 */ + &ecCurve_X9_62_CHAR2_PNB163V3, /* ECCurve_X9_62_CHAR2_PNB163V3 */ + &ecCurve_X9_62_CHAR2_PNB176V1, /* ECCurve_X9_62_CHAR2_PNB176V1 */ + &ecCurve_X9_62_CHAR2_TNB191V1, /* ECCurve_X9_62_CHAR2_TNB191V1 */ + &ecCurve_X9_62_CHAR2_TNB191V2, /* ECCurve_X9_62_CHAR2_TNB191V2 */ + &ecCurve_X9_62_CHAR2_TNB191V3, /* ECCurve_X9_62_CHAR2_TNB191V3 */ + &ecCurve_X9_62_CHAR2_PNB208W1, /* ECCurve_X9_62_CHAR2_PNB208W1 */ + &ecCurve_X9_62_CHAR2_TNB239V1, /* ECCurve_X9_62_CHAR2_TNB239V1 */ + &ecCurve_X9_62_CHAR2_TNB239V2, /* ECCurve_X9_62_CHAR2_TNB239V2 */ + &ecCurve_X9_62_CHAR2_TNB239V3, /* ECCurve_X9_62_CHAR2_TNB239V3 */ + &ecCurve_X9_62_CHAR2_PNB272W1, /* ECCurve_X9_62_CHAR2_PNB272W1 */ + &ecCurve_X9_62_CHAR2_PNB304W1, /* ECCurve_X9_62_CHAR2_PNB304W1 */ + &ecCurve_X9_62_CHAR2_TNB359V1, /* ECCurve_X9_62_CHAR2_TNB359V1 */ + &ecCurve_X9_62_CHAR2_PNB368W1, /* ECCurve_X9_62_CHAR2_PNB368W1 */ + &ecCurve_X9_62_CHAR2_TNB431R1, /* ECCurve_X9_62_CHAR2_TNB431R1 */ + &ecCurve_SECG_PRIME_112R1, /* ECCurve_SECG_PRIME_112R1 */ + &ecCurve_SECG_PRIME_112R2, /* ECCurve_SECG_PRIME_112R2 */ + &ecCurve_SECG_PRIME_128R1, /* ECCurve_SECG_PRIME_128R1 */ + &ecCurve_SECG_PRIME_128R2, /* ECCurve_SECG_PRIME_128R2 */ + &ecCurve_SECG_PRIME_160K1, /* ECCurve_SECG_PRIME_160K1 */ + &ecCurve_SECG_PRIME_160R1, /* ECCurve_SECG_PRIME_160R1 */ + &ecCurve_SECG_PRIME_160R2, /* ECCurve_SECG_PRIME_160R2 */ + &ecCurve_SECG_PRIME_192K1, /* ECCurve_SECG_PRIME_192K1 */ + &ecCurve_SECG_PRIME_224K1, /* ECCurve_SECG_PRIME_224K1 */ + &ecCurve_SECG_PRIME_256K1, /* ECCurve_SECG_PRIME_256K1 */ + &ecCurve_SECG_CHAR2_113R1, /* ECCurve_SECG_CHAR2_113R1 */ + &ecCurve_SECG_CHAR2_113R2, /* ECCurve_SECG_CHAR2_113R2 */ + &ecCurve_SECG_CHAR2_131R1, /* ECCurve_SECG_CHAR2_131R1 */ + &ecCurve_SECG_CHAR2_131R2, /* ECCurve_SECG_CHAR2_131R2 */ + &ecCurve_SECG_CHAR2_163R1, /* ECCurve_SECG_CHAR2_163R1 */ + &ecCurve_SECG_CHAR2_193R1, /* ECCurve_SECG_CHAR2_193R1 */ + &ecCurve_SECG_CHAR2_193R2, /* ECCurve_SECG_CHAR2_193R2 */ + &ecCurve_SECG_CHAR2_239K1, /* ECCurve_SECG_CHAR2_239K1 */ + &ecCurve_WTLS_1, /* ECCurve_WTLS_1 */ + &ecCurve_WTLS_8, /* ECCurve_WTLS_8 */ + &ecCurve_WTLS_9, /* ECCurve_WTLS_9 */ + NULL /* ECCurve_pastLastCurve */ }; #endif diff --git a/security/nss/tests/iopr/cert_iopr.sh b/security/nss/tests/iopr/cert_iopr.sh deleted file mode 100644 index f3e4f6b48..000000000 --- a/security/nss/tests/iopr/cert_iopr.sh +++ /dev/null @@ -1,420 +0,0 @@ -#! /bin/sh -# -# ***** BEGIN LICENSE BLOCK ***** -# Version: MPL 1.1/GPL 2.0/LGPL 2.1 -# -# The contents of this file are subject to the Mozilla Public License Version -# 1.1 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS IS" basis, -# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -# for the specific language governing rights and limitations under the -# License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is -# Netscape Communications Corporation. -# Portions created by the Initial Developer are Copyright (C) 1994-2000 -# the Initial Developer. All Rights Reserved. -# -# Alternatively, the contents of this file may be used under the terms of -# either the GNU General Public License Version 2 or later (the "GPL"), or -# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -# in which case the provisions of the GPL or the LGPL are applicable instead -# of those above. If you wish to allow use of your version of this file only -# under the terms of either the GPL or the LGPL, and not to allow others to -# use your version of this file under the terms of the MPL, indicate your -# decision by deleting the provisions above and replace them with the notice -# and other provisions required by the GPL or the LGPL. If you do not delete -# the provisions above, a recipient may use your version of this file under -# the terms of any one of the MPL, the GPL or the LGPL. -# -# ***** END LICENSE BLOCK ***** - -######################################################################## -# -# mozilla/security/nss/tests/iopr/cert_iopr.sh -# -# Certificate generating and handeling for NSS interoperability QA. This file -# is included from cert.sh -# -# needs to work on all Unix and Windows platforms -# -# special strings -# --------------- -# FIXME ... known problems, search for this string -# NOTE .... unexpected behavior -# -# FIXME - Netscape - NSS -######################################################################## - -IOPR_CERT_SOURCED=1 - -######################################################################## -# function wraps calls to pk12util, also: writes action and options -# to stdout. -# Params are the same as to pk12util. -# Returns pk12util status -# -pk12u() -{ - echo "${CU_ACTION} --------------------------" - - echo "pk12util $@" - pk12util $@ - RET=$? - - return $RET -} - -######################################################################## -# Initializes nss db directory and files if they don't exists -# Params: -# $1 - directory location -# -createDBDir() { - trgDir=$1 - - if [ -z "`ls $trgDir | grep db`" ]; then - CU_ACTION="Initializing DB at $dir" - certu -N -d "${trgDir}" -f "${R_PWFILE}" 2>&1 - if [ "$RET" -ne 0 ]; then - return $RET - fi - fi -} -######################################################################## -# takes care of downloading config, cert and crl files from remote -# location. -# Params: -# $1 - name of the host file will be downloaded from -# $2 - path to the file as it appeared in url -# $3 - target directory the file will be saved at. -# Returns tstclnt status. -# -download_file() { - host=$1 - filePath=$2 - trgDir=$3 - - file=$trgDir/`basename $filePath` - - createDBDir $trgDir || return $RET - -# echo wget -O $file http://${host}${filePath} -# wget -O $file http://${host}${filePath} -# ret=$? - - req=$file.$$ - echo "GET $filePath HTTP/1.0" > $req - echo >> $req - - tstclnt -d $trgDir -S -h $host -p $IOPR_DOWNLOAD_PORT \ - -w ${R_PWFILE} -o < $req > $file - ret=$? - rm -f $_tmp; - return $ret -} - -######################################################################## -# Uses pk12util, certutil of cerlutil to import files to an nss db located -# at <dir>(the value of $1 parameter). Chooses a utility to use based on -# a file extension. Initializing a db if it does not exists. -# Params: -# $1 - db location directory -# $2 - file name to import -# $3 - nick name an object in the file will be associated with -# $4 - trust arguments -# Returns status of import -# -importFile() { - dir=$1\ - file=$2 - certName=$3 - certTrust=$4 - - [ ! -d $dir ] && mkdir -p $dir; - - createDBDir $dir || return $RET - - case `basename $file | sed 's/^.*\.//'` in - p12) - CU_ACTION="Importing p12 $file to DB at $dir" - pk12u -d $dir -i $file -k ${R_PWFILE} -W iopr - [ $? -ne 0 ] && return 1 - CU_ACTION="Modifying trust for cert $certName at $dir" - certu -M -n "$certName" -t "$certTrust" -f "${R_PWFILE}" -d "${dir}" - return $? - ;; - - crl) - CU_ACTION="Importing crl $file to DB at $dir" - crlu -d ${dir} -I -n TestCA -i $file - return $? - ;; - - crt | cert) - CU_ACTION="Importing cert $certName with trust $certTrust to $dir" - certu -A -n "$certName" -t "$certTrust" -f "${R_PWFILE}" -d "${dir}" \ - -i "$file" - return $? - ;; - - *) - echo "Unknown file extension: $file:" - return 1 - ;; - esac -} - - -######################################################################### -# Downloads and installs test certs and crl from a remote webserver. -# Generates server cert for reverse testing if reverse test run is turned on. -# Params: -# $1 - host name to download files from. -# $2 - directory at which CA cert will be installed and used for -# signing a server cert. -# $3 - path to a config file in webserver context. -# $4 - ssl server db location -# $5 - ssl client db location -# $5 - ocsp client db location -# -# Returns 0 upon success, otherwise, failed command error code. -# -download_install_certs() { - host=$1 - caDir=$2 - confPath=$3 - sslServerDir=$4 - sslClientDir=$5 - ocspClientDir=$6 - - [ ! -d "$caDir" ] && mkdir -p $caDir; - - #======================================================= - # Getting config file - # - download_file $host "$confPath/iopr_server.cfg" $caDir - RET=$? - if [ $RET -ne 0 -o ! -f $caDir/iopr_server.cfg ]; then - html_failed "<TR><TD>Fail to download website config file(ws: $host)" - return 1 - fi - - . $caDir/iopr_server.cfg - RET=$? - if [ $RET -ne 0 ]; then - html_failed "<TR><TD>Fail to source config file(ws: $host)" - return $RET - fi - - #======================================================= - # Getting CA file - # - - #----------------- !!!WARNING!!! ----------------------- - # Do NOT copy this scenario. CA should never accompany its - # cert with the private key when deliver cert to a customer. - #----------------- !!!WARNING!!! ----------------------- - - download_file $host $certDir/$caCertName.p12 $caDir - RET=$? - if [ $RET -ne 0 -o ! -f $caDir/$caCertName.p12 ]; then - html_failed "<TR><TD>Fail to download $caCertName cert(ws: $host)" - return 1 - fi - tmpFiles="$caDir/$caCertName.p12" - - importFile $caDir $caDir/$caCertName.p12 $caCertName "TC,C,C" - RET=$? - if [ $RET -ne 0 ]; then - html_failed "<TR><TD>Fail to import $caCertName cert to CA DB(ws: $host)" - return $RET - fi - - CU_ACTION="Exporting Root CA cert(ws: $host)" - certu -L -n $caCertName -r -d ${caDir} -o $caDir/$caCertName.cert - if [ "$RET" -ne 0 ]; then - Exit 7 "Fatal - failed to export $caCertName cert" - fi - - #======================================================= - # Check what tests we want to run - # - doSslTests=0; doOcspTests=0 - # XXX remove "_new" from variables below - [ -n "`echo ${supportedTests_new} | grep -i ssl`" ] && doSslTests=1 - [ -n "`echo ${supportedTests_new} | grep -i ocsp`" ] && doOcspTests=1 - - if [ $doSslTests -eq 1 ]; then - if [ "$reverseRunCGIScript" ]; then - [ ! -d "$sslServerDir" ] && mkdir -p $sslServerDir; - #======================================================= - # Import CA cert to server DB - # - importFile $sslServerDir $caDir/$caCertName.cert server-client-CA \ - "TC,C,C" - RET=$? - if [ $RET -ne 0 ]; then - html_failed "<TR><TD>Fail to import server-client-CA cert to \ - server DB(ws: $host)" - return $RET - fi - - #======================================================= - # Creating server cert - # - CERTNAME=$HOSTADDR - - CU_ACTION="Generate Cert Request for $CERTNAME (ws: $host)" - CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, \ - L=Mountain View, ST=California, C=US" - certu -R -d "${sslServerDir}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}"\ - -o $sslServerDir/req 2>&1 - tmpFiles="$tmpFiles $sslServerDir/req" - - - CU_ACTION="Sign ${CERTNAME}'s Request (ws: $host)" - certu -C -c "$caCertName" -m `date +"%s"` -v 60 -d "${caDir}" \ - -i ${sslServerDir}/req -o $caDir/${CERTNAME}.cert \ - -f "${R_PWFILE}" 2>&1 - - importFile $sslServerDir $caDir/$CERTNAME.cert $CERTNAME ",," - RET=$? - if [ $RET -ne 0 ]; then - html_failed "<TR><TD>Fail to import $CERTNAME cert to server\ - DB(ws: $host)" - return $RET - fi - tmpFiles="$tmpFiles $caDir/$CERTNAME.cert" - - #======================================================= - # Download and import CA crl to server DB - # - download_file $host "$certDir/$caCrlName.crl" $sslServerDir - RET=$? - if [ $? -ne 0 ]; then - html_failed "<TR><TD>Fail to download $caCertName crl\ - (ws: $host)" - return $RET - fi - tmpFiles="$tmpFiles $sslServerDir/$caCrlName.crl" - - importFile $sslServerDir $sslServerDir/TestCA.crl - RET=$? - if [ $RET -ne 0 ]; then - html_failed "<TR><TD>Fail to import TestCA crt to server\ - DB(ws: $host)" - return $RET - fi - fi # if [ "$reverseRunCGIScript" ] - - [ ! -d "$sslClientDir" ] && mkdir -p $sslClientDir; - #======================================================= - # Import CA cert to ssl client DB - # - importFile $sslClientDir $caDir/$caCertName.cert server-client-CA \ - "TC,C,C" - RET=$? - if [ $RET -ne 0 ]; then - html_failed "<TR><TD>Fail to import server-client-CA cert to \ - server DB(ws: $host)" - return $RET - fi - fi - - if [ $doOcspTests -eq 1 ]; then - [ ! -d "$ocspClientDir" ] && mkdir -p $ocspClientDir; - #======================================================= - # Import CA cert to ocsp client DB - # - importFile $ocspClientDir $caDir/$caCertName.cert server-client-CA \ - "TC,C,C" - RET=$? - if [ $RET -ne 0 ]; then - html_failed "<TR><TD>Fail to import server-client-CA cert to \ - server DB(ws: $host)" - return $RET - fi - fi - - #======================================================= - # Import client certs to client DB - # - for fileName in $downloadFiles; do - certName=`echo $fileName | sed 's/\..*//'` - - if [ -n "`echo $certName | grep ocsp`" -a $doOcspTests -eq 1 ]; then - clientDir=$ocspClientDir - elif [ $doSslTests -eq 1 ]; then - clientDir=$sslClientDir - else - continue - fi - - download_file $host "$certDir/$fileName" $clientDir - RET=$? - if [ $RET -ne 0 -o ! -f $clientDir/$fileName ]; then - html_failed "<TR><TD>Fail to download $certName cert(ws: $host)" - return $RET - fi - tmpFiles="$tmpFiles $clientDir/$fileName" - - importFile $clientDir $clientDir/$fileName $certName ",," - RET=$? - if [ $RET -ne 0 ]; then - html_failed "<TR><TD>Fail to import $certName cert to client DB\ - (ws: $host)" - return $RET - fi - done - - rm -f $tmpFiles - - return 0 -} - - -######################################################################### -# Initial point for downloading config, cert, crl files for multiple hosts -# involved in interoperability testing. Called from nss/tests/cert/cert.sh -# It will only proceed with downloading if environment variable -# IOPR_HOSTADDR_LIST is set and has a value of host names separated by space. -# -# Returns 1 if interoperability testing is off, 0 otherwise. -# -cert_iopr_setup() { - - if [ "$IOPR" -ne 1 ]; then - return 1 - fi - num=1 - IOPR_HOST_PARAM=`echo "${IOPR_HOSTADDR_LIST} " | cut -f 1 -d' '` - while [ "$IOPR_HOST_PARAM" ]; do - IOPR_HOSTADDR=`echo $IOPR_HOST_PARAM | cut -f 1 -d':'` - IOPR_DOWNLOAD_PORT=`echo "$IOPR_HOST_PARAM:" | cut -f 2 -d':'` - [ -z "$IOPR_DOWNLOAD_PORT" ] && IOPR_DOWNLOAD_PORT=443 - IOPR_CONF_PATH=`echo "$IOPR_HOST_PARAM:" | cut -f 3 -d':'` - [ -z "$IOPR_CONF_PATH" ] && IOPR_CONF_PATH="/iopr" - - echo "Installing certs for $IOPR_HOSTADDR:$IOPR_DOWNLOAD_PORT:\ - $IOPR_CONF_PATH" - - download_install_certs ${IOPR_HOSTADDR} ${IOPR_CADIR}_${IOPR_HOSTADDR} \ - ${IOPR_CONF_PATH} ${IOPR_SSL_SERVERDIR}_${IOPR_HOSTADDR} \ - ${IOPR_SSL_CLIENTDIR}_${IOPR_HOSTADDR} \ - ${IOPR_OCSP_CLIENTDIR}_${IOPR_HOSTADDR} - if [ $? -ne 0 ]; then - echo "wsFlags=\"NOIOPR $wsParam\"" >> \ - ${IOPR_CADIR}_${IOPR_HOSTADDR}/iopr_server.cfg - fi - num=`expr $num + 1` - IOPR_HOST_PARAM=`echo "${IOPR_HOSTADDR_LIST} " | cut -f $num -d' '` - done - - return 0 -} diff --git a/security/nss/tests/iopr/ocsp_iopr.sh b/security/nss/tests/iopr/ocsp_iopr.sh deleted file mode 100644 index 2aadb06e4..000000000 --- a/security/nss/tests/iopr/ocsp_iopr.sh +++ /dev/null @@ -1,218 +0,0 @@ -#! /bin/sh -# -# ***** BEGIN LICENSE BLOCK ***** -# Version: MPL 1.1/GPL 2.0/LGPL 2.1 -# -# The contents of this file are subject to the Mozilla Public License Version -# 1.1 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS IS" basis, -# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -# for the specific language governing rights and limitations under the -# License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is -# Netscape Communications Corporation. -# Portions created by the Initial Developer are Copyright (C) 1994-2000 -# the Initial Developer. All Rights Reserved. -# -# Alternatively, the contents of this file may be used under the terms of -# either the GNU General Public License Version 2 or later (the "GPL"), or -# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -# in which case the provisions of the GPL or the LGPL are applicable instead -# of those above. If you wish to allow use of your version of this file only -# under the terms of either the GPL or the LGPL, and not to allow others to -# use your version of this file under the terms of the MPL, indicate your -# decision by deleting the provisions above and replace them with the notice -# and other provisions required by the GPL or the LGPL. If you do not delete -# the provisions above, a recipient may use your version of this file under -# the terms of any one of the MPL, the GPL or the LGPL. -# -# ***** END LICENSE BLOCK ***** - -######################################################################## -# -# mozilla/security/nss/tests/iopr/ocsp_iopr.sh -# -# NSS SSL interoperability QA. This file is included from ssl.sh -# -# needs to work on all Unix and Windows platforms -# -# special strings -# --------------- -# FIXME ... known problems, search for this string -# NOTE .... unexpected behavior -# -# FIXME - Netscape - NSS -######################################################################## -IOPR_OCSP_SOURCED=1 - -######################################################################## -# The funtion works with variables defined in interoperability -# configuration file that gets downloaded from a webserver. -# The function sets test parameters defind for a particular type -# of testing. -# -# No return value -# -setTestParam() { - type=$1 - testParam=`eval 'echo $'${type}Param` - testDescription=`eval 'echo $'${type}Descr` - testProto=`eval 'echo $'${type}Proto` - testPort=`eval 'echo $'${type}Port` - testResponder=`eval 'echo $'${type}ResponderCert` - testValidCertNames=`eval 'echo $'${type}ValidCertNames` - testRevokedCertNames=`eval 'echo $'${type}RevokedCertNames` - testStatUnknownCertNames=`eval 'echo $'${type}StatUnknownCertNames` -} - -######################################################################## -# The funtion checks status of a cert using ocspclnt. -# Params: -# dbDir - nss cert db location -# cert - cert in question -# respUrl - responder url is available -# defRespCert - trusted responder cert -# -# Return values: -# 0 - test passed, 1 - otherwise. -# -ocsp_get_cert_status() { - dbDir=$1 - cert=$2 - respUrl=$3 - defRespCert=$4 - - if [ -n "$respUrl" -o -n "$defRespCert" ]; then - if [ -z "$respUrl" -o -z "$defRespCert" ]; then - html_failed "<TR><TD>Incorrect test params" - return 1 - fi - clntParam="-l $respUrl -t $defRespCert" - fi - - outFile=$dbDir/ocsptest.out.$$ - echo "ocspclnt -d $dbDir -S $cert $clntParam" - ocspclnt -d $dbDir -S $cert $clntParam >$outFile 2>&1 - ret=$? - echo "ocspclnt output:" - cat $outFile - [ -z "`grep succeeded $outFile`" ] && ret=1 - - rm -f $outFile - return $ret -} - -######################################################################## -# The funtion checks status of a cert using ocspclnt. -# Params: -# testType - type of the test based on type of used responder -# servName - FQDM of the responder server -# dbDir - nss cert db location -# -# No return value -# -ocsp_iopr() { - testType=$1 - servName=$2 - dbDir=$3 - - setTestParam $testType - if [ "`echo $testParam | grep NOCOV`" != "" ]; then - echo "SSL Cipher Coverage of WebServ($IOPR_HOSTADDR) excluded from " \ - "run by server configuration" - return 0 - fi - - html_head "OCSP testing with responder at $IOPR_HOSTADDR. <br>" \ - "Test Type: $testDescription" - - if [ -n "$testResponder" ]; then - responderUrl="$testProto://$servName:$testPort" - else - responderUrl="" - fi - - for certName in $testValidCertNames; do - ocsp_get_cert_status $dbDir $certName "$responderUrl" "$testResponder" - html_msg $? 0 "Getting status of a valid cert ($certName)" \ - "produced a returncode of $ret, expected is 0." - done - - for certName in $testRevokedCertNames; do - ocsp_get_cert_status $dbDir $certName "$responderUrl" "$testResponder" - html_msg $? 1 "Getting status of a unvalid cert ($certName)" \ - "produced a returncode of $ret, expected is 1." - done - - for certName in $testStatUnknownCertNames; do - ocsp_get_cert_status $dbDir $certName "$responderUrl" "$testResponder" - html_msg $? 1 "Getting status of a cert with unknown status " \ - "($certName) produced a returncode of $ret, expected is 1." - done -} - - -##################################################################### -# Initial point for running ocsp test againt multiple hosts involved in -# interoperability testing. Called from nss/tests/ocsp/ocsp.sh -# It will only proceed with test run for a specific host if environment variable -# IOPR_HOSTADDR_LIST was set, had the host name in the list -# and all needed file were successfully downloaded and installed for the host. -# -# Returns 1 if interoperability testing is off, 0 otherwise. -# -ocsp_iopr_run() { - NO_ECC_CERTS=1 # disable ECC for interoperability tests - - if [ "$IOPR" -ne 1 ]; then - return 1 - fi - cd ${CLIENTDIR} - - num=1 - IOPR_HOST_PARAM=`echo "${IOPR_HOSTADDR_LIST} " | cut -f $num -d' '` - while [ "$IOPR_HOST_PARAM" ]; do - IOPR_HOSTADDR=`echo $IOPR_HOST_PARAM | cut -f 1 -d':'` - IOPR_OPEN_PORT=`echo "$IOPR_HOST_PARAM:" | cut -f 2 -d':'` - [ -z "$IOPR_OPEN_PORT" ] && IOPR_OPEN_PORT=443 - - . ${IOPR_CADIR}_${IOPR_HOSTADDR}/iopr_server.cfg - RES=$? - - num=`expr $num + 1` - IOPR_HOST_PARAM=`echo "${IOPR_HOSTADDR_LIST} " | cut -f $num -d' '` - - if [ $RES -ne 0 -o X`echo "$wsFlags" | grep NOIOPR` != X ]; then - continue - fi - - #======================================================= - # Check what server is configured to run ssl tests - # - [ -z "`echo ${supportedTests_new} | grep -i ocsp`" ] && continue; - - # Testing directories defined by webserver. - echo "Testing ocsp interoperability. - Client: local(tstclnt). - Responder: remote($IOPR_HOSTADDR)" - - for ocspTestType in ${supportedTests_new}; do - if [ -z "`echo $ocspTestType | grep -i ocsp`" ]; then - continue - fi - ocsp_iopr $ocspTestType ${IOPR_HOSTADDR} \ - ${IOPR_OCSP_CLIENTDIR}_${IOPR_HOSTADDR} - done - echo "================================================" - echo "Done testing ocsp interoperability with $IOPR_HOSTADDR" - done - NO_ECC_CERTS=0 - return 0 -} - diff --git a/security/nss/tests/iopr/ssl_iopr.sh b/security/nss/tests/iopr/ssl_iopr.sh deleted file mode 100644 index f8c97185c..000000000 --- a/security/nss/tests/iopr/ssl_iopr.sh +++ /dev/null @@ -1,666 +0,0 @@ -#! /bin/sh -# -# ***** BEGIN LICENSE BLOCK ***** -# Version: MPL 1.1/GPL 2.0/LGPL 2.1 -# -# The contents of this file are subject to the Mozilla Public License Version -# 1.1 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS IS" basis, -# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -# for the specific language governing rights and limitations under the -# License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is -# Netscape Communications Corporation. -# Portions created by the Initial Developer are Copyright (C) 1994-2000 -# the Initial Developer. All Rights Reserved. -# -# Alternatively, the contents of this file may be used under the terms of -# either the GNU General Public License Version 2 or later (the "GPL"), or -# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -# in which case the provisions of the GPL or the LGPL are applicable instead -# of those above. If you wish to allow use of your version of this file only -# under the terms of either the GPL or the LGPL, and not to allow others to -# use your version of this file under the terms of the MPL, indicate your -# decision by deleting the provisions above and replace them with the notice -# and other provisions required by the GPL or the LGPL. If you do not delete -# the provisions above, a recipient may use your version of this file under -# the terms of any one of the MPL, the GPL or the LGPL. -# -# ***** END LICENSE BLOCK ***** - -######################################################################## -# -# mozilla/security/nss/tests/iopr/ssl_iopr.sh -# -# NSS SSL interoperability QA. This file is included from ssl.sh -# -# needs to work on all Unix and Windows platforms -# -# special strings -# --------------- -# FIXME ... known problems, search for this string -# NOTE .... unexpected behavior -# -# FIXME - Netscape - NSS -######################################################################## -IOPR_SSL_SOURCED=1 - -######################################################################## -# The functions works with variables defined in interoperability -# configuration file that was downloaded from a webserver. -# It tries to find unrevoked cert based on value of variable -# "SslClntValidCertName" defined in the configuration file. -# Params NONE. -# Returns 0 if found, 1 otherwise. -# -setValidCert() { - testUser=$SslClntValidCertName - [ -z "$testUser" ] && return 1 - return 0 -} - -######################################################################## -# The funtions works with variables defined in interoperability -# configuration file that was downloaded from a webserver. -# The function sets port, url, param and description test parameters -# that was defind for a particular type of testing. -# Params: -# $1 - supported types of testing. Currently have maximum -# of two: forward and reverse. But more can be defined. -# No return value -# -setTestParam() { - type=$1 - sslPort=`eval 'echo $'${type}Port` - sslUrl=`eval 'echo $'${type}Url` - testParam=`eval 'echo $'${type}Param` - testDescription=`eval 'echo $'${type}Descr` - [ -z "$sslPort" ] && sslPort=443 - [ -z "$sslUrl" ] && sslUrl="/iopr_test/test_pg.html" - [ "$sslUrl" = "/" ] && sslUrl="/test_pg.html" -} - - -####################################################################### -# local shell function to perform SSL Cipher Suite Coverage tests -# in interoperability mode. Tests run against web server by using nss -# test client -# Params: -# $1 - supported type of testing. -# $2 - testing host -# $3 - nss db location -# No return value -# -ssl_iopr_cov_ext_server() -{ - testType=$1 - host=$2 - dbDir=$3 - - setTestParam $testType - if [ "`echo $testParam | grep NOCOV`" != "" ]; then - echo "SSL Cipher Coverage of WebServ($IOPR_HOSTADDR) excluded from " \ - "run by server configuration" - return 0 - fi - - html_head "SSL Cipher Coverage of WebServ($IOPR_HOSTADDR" \ - "$BYPASS_STRING $NORM_EXT): $testDescription" - - setValidCert; ret=$? - if [ $ret -ne 0 ]; then - html_failed "<TR><TD>Fail to find valid test cert(ws: $host)" - return $ret - fi - - SSL_REQ_FILE=${TMP}/sslreq.dat.$$ - echo "GET $sslUrl HTTP/1.0" > $SSL_REQ_FILE - echo >> $SSL_REQ_FILE - - while read ecc tls param testname therest; do - [ -z "$ecc" -o "$ecc" = "#" -o "`echo $testname | grep FIPS`" -o \ - "$ecc" = "ECC" ] && continue; - - echo "$SCRIPTNAME: running $testname ----------------------------" - TLS_FLAG=-T - if [ "$tls" = "TLS" ]; then - TLS_FLAG="" - fi - - resFile=${TMP}/$HOST.tmpRes.$$ - rm $resFile 2>/dev/null - - echo "tstclnt -p ${sslPort} -h ${host} -c ${param} ${TLS_FLAG} \\" - echo " -n $testUser -w nss ${CLIEN_OPTIONS} -f \\" - echo " -d ${dbDir} < ${SSL_REQ_FILE} > $resFile" - - tstclnt -w nss -p ${sslPort} -h ${host} -c ${param} \ - ${TLS_FLAG} ${CLIEN_OPTIONS} -f -n $testUser -w nss \ - -d ${dbDir} < ${SSL_REQ_FILE} >$resFile 2>&1 - ret=$? - grep "ACCESS=OK" $resFile - test $? -eq 0 -a $ret -eq 0 - ret=$? - [ $ret -ne 0 ] && cat ${TMP}/$HOST.tmp.$$ - rm -f $resFile 2>/dev/null - html_msg $ret 0 "${testname}" - done < ${SSLCOV} - rm -f $SSL_REQ_FILE 2>/dev/null - - html "</TABLE><BR>" -} - -####################################################################### -# local shell function to perform SSL Client Authentication tests -# in interoperability mode. Tests run against web server by using nss -# test client -# Params: -# $1 - supported type of testing. -# $2 - testing host -# $3 - nss db location -# No return value -# -ssl_iopr_auth_ext_server() -{ - testType=$1 - host=$2 - dbDir=$3 - - setTestParam $testType - if [ "`echo $testParam | grep NOAUTH`" != "" ]; then - echo "SSL Client Authentication WebServ($IOPR_HOSTADDR) excluded from " \ - "run by server configuration" - return 0 - fi - - html_head "SSL Client Authentication WebServ($IOPR_HOSTADDR $BYPASS_STRING $NORM_EXT): - $testDescription" - - setValidCert;ret=$? - if [ $ret -ne 0 ]; then - html_failed "<TR><TD>Fail to find valid test cert(ws: $host)" - return $ret - fi - - SSL_REQ_FILE=${TMP}/sslreq.dat.$$ - echo "GET $sslUrl HTTP/1.0" > $SSL_REQ_FILE - echo >> $SSL_REQ_FILE - - SSLAUTH_TMP=${TMP}/authin.tl.tmp - grep -v "^#" ${SSLAUTH} | grep -- "-r_-r_-r_-r" > ${SSLAUTH_TMP} - - while read ecc value sparam cparam testname; do - [ -z "$ecc" -o "$ecc" = "#" -o "$ecc" = "ECC" ] && continue; - - cparam=`echo $cparam | sed -e 's;_; ;g' -e "s/TestUser/$testUser/g" ` - - echo "tstclnt -p ${sslPort} -h ${host} ${CLIEN_OPTIONS} -f ${cparam} \\" - echo " -d ${dbDir} < ${SSL_REQ_FILE}" - - resFile=${TMP}/$HOST.tmp.$$ - rm $rsFile 2>/dev/null - - tstclnt -p ${sslPort} -h ${host} ${CLIEN_OPTIONS} -f ${cparam} \ - -d ${dbDir} < ${SSL_REQ_FILE} >$resFile 2>&1 - ret=$? - grep "ACCESS=OK" $resFile - test $? -eq 0 -a $ret -eq 0 - ret=$? - [ $ret -ne 0 ] && cat $resFile - rm $resFile 2>/dev/null - - html_msg $ret $value "${testname}. Client params: $cparam"\ - "produced a returncode of $ret, expected is $value" - done < ${SSLAUTH_TMP} - rm -f ${SSLAUTH_TMP} ${SSL_REQ_FILE} - - html "</TABLE><BR>" -} - -######################################################################## -# local shell function to perform SSL interoperability test with/out -# revoked certs tests. Tests run against web server by using nss -# test client -# Params: -# $1 - supported type of testing. -# $2 - testing host -# $3 - nss db location -# No return value -# -ssl_iopr_crl_ext_server() -{ - testType=$1 - host=$2 - dbDir=$3 - - setTestParam $testType - if [ "`echo $testParam | grep NOCRL`" != "" ]; then - echo "CRL SSL Client Tests of WebServerv($IOPR_HOSTADDR) excluded from " \ - "run by server configuration" - return 0 - fi - - html_head "CRL SSL Client Tests of WebServer($IOPR_HOSTADDR $BYPASS_STRING $NORM_EXT): $testDescription" - - SSL_REQ_FILE=${TMP}/sslreq.dat.$$ - echo "GET $sslUrl HTTP/1.0" > $SSL_REQ_FILE - echo >> $SSL_REQ_FILE - - SSLAUTH_TMP=${TMP}/authin.tl.tmp - grep -v "^#" ${SSLAUTH} | grep -- "-r_-r_-r_-r" | grep -v bogus | \ - grep -v none > ${SSLAUTH_TMP} - - while read ecc value sparam _cparam testname; do - [ -z "$ecc" -o "$ecc" = "#" -o "$ecc" = "ECC" ] && continue; - - rev_modvalue=254 - for testUser in $SslClntValidCertName $SslClntRevokedCertName; do - cparam=`echo $_cparam | sed -e 's;_; ;g' -e "s/TestUser/$testUser/g" ` - - echo "tstclnt -p ${sslPort} -h ${host} ${CLIEN_OPTIONS} \\" - echo " -f -d ${dbDir} ${cparam} < ${SSL_REQ_FILE}" - resFile=${TMP}/$HOST.tmp.$$ - rm -f $resFile 2>/dev/null - tstclnt -p ${sslPort} -h ${host} ${CLIEN_OPTIONS} -f ${cparam} \ - -d ${dbDir} < ${SSL_REQ_FILE} \ - > $resFile 2>&1 - ret=$? - grep "ACCESS=OK" $resFile - test $? -eq 0 -a $ret -eq 0 - ret=$? - [ $ret -ne 0 ] && ret=$rev_modvalue; - [ $ret -ne 0 ] && cat $resFile - rm -f $resFile 2>/dev/null - - if [ "`echo $SslClntRevokedCertName | grep $testUser`" != "" ]; then - modvalue=$rev_modvalue - testAddMsg="revoked" - else - testAddMsg="not revoked" - modvalue=$value - fi - html_msg $ret $modvalue "${testname} (cert ${testUser} - $testAddMsg)" \ - "produced a returncode of $ret, expected is $modvalue" - done - done < ${SSLAUTH_TMP} - rm -f ${SSLAUTH_TMP} ${SSL_REQ_FILE} - - html "</TABLE><BR>" -} - - -######################################################################## -# local shell function to perform SSL Cipher Coverage tests of nss server -# by invoking remote test client on web server side. -# Invoked only if reverse testing is supported by web server. -# Params: -# $1 - remote web server host -# $2 - open port to connect to invoke CGI script -# $3 - host where selfserv is running(name of the host nss tests -# are running) -# $4 - port where selfserv is running -# $5 - selfserv nss db location -# No return value -# -ssl_iopr_cov_ext_client() -{ - host=$1 - port=$2 - sslHost=$3 - sslPort=$4 - serDbDir=$5 - - html_head "SSL Cipher Coverage of SelfServ $IOPR_HOSTADDR. $BYPASS_STRING $NORM_EXT" - - setValidCert - ret=$? - if [ $res -ne 0 ]; then - html_failed "<TR><TD>Fail to find valid test cert(ws: $host)" - return $ret - fi - - # P_R_SERVERDIR switch require for selfserv to work. - # Will be restored after test - OR_P_R_SERVERDIR=$P_R_SERVERDIR - P_R_SERVERDIR=$serDbDir - OR_P_R_CLIENTDIR=$P_R_CLIENTDIR - P_R_CLIENTDIR=$serDbDir - testname="" - sparam="-vvvc ABCDEFcdefgijklmnvyz" - # Launch the server - start_selfserv - - while read ecc tls param cipher therest; do - [ -z "$ecc" -o "$ecc" = "#" -o "$ecc" = "ECC" ] && continue; - echo "============= Beginning of the test ====================" - echo - - is_selfserv_alive - - TEST_IN=${TMP}/${HOST}_IN.tmp.$$ - TEST_OUT=${TMP}/$HOST.tmp.$$ - rm -f $TEST_IN $TEST_OUT 2>/dev/null - - echo "GET $reverseRunCGIScript?host=$sslHost&port=$sslPort&cert=$testUser&cipher=$cipher HTTP/1.0" > $TEST_IN - echo >> $TEST_IN - - echo "------- Request ----------------------" - cat $TEST_IN - echo "------- Command ----------------------" - echo tstclnt -d $serDbDir -w ${R_PWFILE} -o -p $port \ - -h $host \< $TEST_IN \>\> $TEST_OUT - - tstclnt -d $serDbDir -w ${R_PWFILE} -o -p $port \ - -h $host <$TEST_IN > $TEST_OUT - - echo "------- Server output Begin ----------" - cat $TEST_OUT - echo "------- Server output End ----------" - - echo "Checking for errors in log file..." - grep "SCRIPT=OK" $TEST_OUT 2>&1 >/dev/null - if [ $? -eq 0 ]; then - grep "cipher is not supported" $TEST_OUT 2>&1 >/dev/null - if [ $? -eq 0 ]; then - echo "Skiping test: no support for the cipher $cipher on server side" - continue - fi - - grep -i "SERVER ERROR:" $TEST_OUT - ret=$? - if [ $ret -eq 0 ]; then - echo "Found problems. Reseting exit code to failure." - - ret=1 - else - ret=0 - fi - else - echo "Script was not executed. Reseting exit code to failure." - ret=11 - fi - - html_msg $ret 0 "Test ${cipher}. Server params: $sparam " \ - " produced a returncode of $ret, expected is 0" - rm -f $TEST_OUT $TEST_IN 2>&1 > /dev/null - done < ${SSLCOV} - kill_selfserv - - P_R_SERVERDIR=$OR_P_R_SERVERDIR - - rm -f ${TEST_IN} ${TEST_OUT} - html "</TABLE><BR>" -} - -######################################################################## -# local shell function to perform SSL Authentication tests of nss server -# by invoking remove test client on web server side -# Invoked only if reverse testing is supported by web server. -# Params: -# $1 - remote web server host -# $2 - open port to connect to invoke CGI script -# $3 - host where selfserv is running(name of the host nss tests -# are running) -# $4 - port where selfserv is running -# $5 - selfserv nss db location -# No return value -# -ssl_iopr_auth_ext_client() -{ - host=$1 - port=$2 - sslHost=$3 - sslPort=$4 - serDbDir=$5 - - html_head "SSL Client Authentication with Selfserv from $IOPR_HOSTADDR. $BYPASS_STRING $NORM_EXT" - - setValidCert - ret=$? - if [ $res -ne 0 ]; then - html_failed "<TR><TD>Fail to find valid test cert(ws: $host)" - return $ret - fi - - OR_P_R_SERVERDIR=$P_R_SERVERDIR - P_R_SERVERDIR=${serDbDir} - OR_P_R_CLIENTDIR=$P_R_CLIENTDIR - P_R_CLIENTDIR=$serDbDir - - SSLAUTH_TMP=${TMP}/authin.tl.tmp - - grep -v "^#" $SSLAUTH | grep "\s*0\s*" > ${SSLAUTH_TMP} - - while read ecc value sparam cparam testname; do - [ -z "$ecc" -o "$ecc" = "#" -o "$ecc" = "ECC" ] && continue; - - echo "Server params: $sparam" - sparam=$sparam" -vvvc ABCDEFcdefgijklmnvyz" - start_selfserv - - TEST_IN=${TMP}/$HOST_IN.tmp.$$ - TEST_OUT=${TMP}/$HOST.tmp.$$ - rm -f $TEST_IN $TEST_OUT 2>/dev/null - - echo "GET $reverseRunCGIScript?host=$sslHost&port=$sslPort&cert=$testUser HTTP/1.0" > $TEST_IN - echo >> $TEST_IN - - echo "------- Request ----------------------" - cat $TEST_IN - echo "------- Command ----------------------" - echo tstclnt -d $serDbDir -w ${R_PWFILE} -o -p $port \ - -h $host \< $TEST_IN \>\> $TEST_OUT - - tstclnt -d $serDbDir -w ${R_PWFILE} -o -p $port \ - -h $host <$TEST_IN > $TEST_OUT - - echo "------- Server output Begin ----------" - cat $TEST_OUT - echo "------- Server output End ----------" - - echo "Checking for errors in log file..." - grep "SCRIPT=OK" $TEST_OUT 2>&1 >/dev/null - if [ $? -eq 0 ]; then - echo "Checking for error in log file..." - grep -i "SERVER ERROR:" $TEST_OUT - ret=$? - if [ $ret -eq 0 ]; then - echo "Found problems. Reseting exit code to failure." - ret=1 - else - ret=0 - fi - else - echo "Script was not executed. Reseting exit code to failure." - ret=11 - fi - - html_msg $ret $value "${testname}. Server params: $sparam"\ - "produced a returncode of $ret, expected is $value" - kill_selfserv - rm -f $TEST_OUT $TEST_IN 2>&1 > /dev/null - done < ${SSLAUTH_TMP} - P_R_SERVERDIR=$OR_P_R_SERVERDIR - - rm -f ${SSLAUTH_TMP} ${TEST_IN} ${TEST_OUT} - html "</TABLE><BR>" -} - -######################################################################### -# local shell function to perform SSL CRL testing of nss server -# by invoking remote test client on web server side -# Invoked only if reverse testing is supported by web server. -# Params: -# $1 - remote web server host -# $2 - open port to connect to invoke CGI script -# $3 - host where selfserv is running(name of the host nss tests -# are running) -# $4 - port where selfserv is running -# $5 - selfserv nss db location -# No return value -# -ssl_iopr_crl_ext_client() -{ - host=$1 - port=$2 - sslHost=$3 - sslPort=$4 - serDbDir=$5 - - html_head "CRL SSL Selfserv Tests from $IOPR_HOSTADDR. $BYPASS_STRING $NORM_EXT" - - OR_P_R_SERVERDIR=$P_R_SERVERDIR - P_R_SERVERDIR=${serDbDir} - OR_P_R_CLIENTDIR=$P_R_CLIENTDIR - P_R_CLIENTDIR=$serDbDir - - SSLAUTH_TMP=${TMP}/authin.tl.tmp - grep -v "^#" $SSLAUTH | grep "\s*0\s*" > ${SSLAUTH_TMP} - - while read ecc value sparam _cparam testname; do - [ -z "$ecc" -o "$ecc" = "#" -o "$ecc" = "ECC" ] && continue; - sparam="$sparam -vvvc ABCDEFcdefgijklmnvyz" - start_selfserv - - for testUser in $SslClntValidCertName $SslClntRevokedCertName; do - - is_selfserv_alive - - TEST_IN=${TMP}/${HOST}_IN.tmp.$$ - TEST_OUT=${TMP}/$HOST.tmp.$$ - rm -f $TEST_IN $TEST_OUT 2>/dev/null - - echo "GET $reverseRunCGIScript?host=$sslHost&port=$sslPort&cert=$testUser HTTP/1.0" > $TEST_IN - echo >> $TEST_IN - - echo "------- Request ----------------------" - cat $TEST_IN - echo "------- Command ----------------------" - echo tstclnt -d $serDbDir -w ${R_PWFILE} -o -p $port \ - -h ${host} \< $TEST_IN \>\> $TEST_OUT - - tstclnt -d $serDbDir -w ${R_PWFILE} -o -p $port \ - -h ${host} <$TEST_IN > $TEST_OUT - echo "------- Request ----------------------" - cat $TEST_IN - echo "------- Server output Begin ----------" - cat $TEST_OUT - echo "------- Server output End ----------" - - echo "Checking for errors in log file..." - grep "SCRIPT=OK" $TEST_OUT 2>&1 >/dev/null - if [ $? -eq 0 ]; then - grep -i "SERVER ERROR:" $TEST_OUT - ret=$? - if [ $ret -eq 0 ]; then - echo "Found problems. Reseting exit code to failure." - ret=1 - else - ret=0 - fi - else - echo "Script was not executed. Reseting exit code to failure." - ret=11 - fi - - if [ "`echo $SslClntRevokedCertName | grep $testUser`" != "" ]; then - modvalue=1 - testAddMsg="revoked" - else - testAddMsg="not revoked" - modvalue=0 - fi - - html_msg $ret $modvalue "${testname} (cert ${testUser} - $testAddMsg)" \ - "produced a returncode of $ret, expected is $modvalue(selfserv args: $sparam)" - rm -f $TEST_OUT $TEST_IN 2>&1 > /dev/null - done - kill_selfserv - done < ${SSLAUTH_TMP} - P_R_SERVERDIR=$OR_P_R_SERVERDIR - - rm -f ${SSLAUTH_TMP} - html "</TABLE><BR>" -} - -##################################################################### -# Initial point for running ssl test againt multiple hosts involved in -# interoperability testing. Called from nss/tests/ssl/ssl.sh -# It will only proceed with test run for a specific host if environment variable -# IOPR_HOSTADDR_LIST was set, had the host name in the list -# and all needed file were successfully downloaded and installed for the host. -# -# Returns 1 if interoperability testing is off, 0 otherwise. -# -ssl_iopr_run() { - NO_ECC_CERTS=1 # disable ECC for interoperability tests - - if [ "$IOPR" -ne 1 ]; then - return 1 - fi - cd ${CLIENTDIR} - - num=1 - IOPR_HOST_PARAM=`echo "${IOPR_HOSTADDR_LIST} " | cut -f $num -d' '` - while [ "$IOPR_HOST_PARAM" ]; do - IOPR_HOSTADDR=`echo $IOPR_HOST_PARAM | cut -f 1 -d':'` - IOPR_OPEN_PORT=`echo "$IOPR_HOST_PARAM:" | cut -f 2 -d':'` - [ -z "$IOPR_OPEN_PORT" ] && IOPR_OPEN_PORT=443 - - . ${IOPR_CADIR}_${IOPR_HOSTADDR}/iopr_server.cfg - RES=$? - - if [ $RES -ne 0 -o X`echo "$wsFlags" | grep NOIOPR` != X ]; then - num=`expr $num + 1` - IOPR_HOST_PARAM=`echo "${IOPR_HOSTADDR_LIST} " | cut -f $num -d' '` - continue - fi - - #======================================================= - # Check if server is capable to run ssl tests - # - [ -z "`echo ${supportedTests_new} | grep -i ssl`" ] && continue; - - # Testing directories defined by webserver. - echo "Testing ssl interoperability. - Client: local(tstclnt). - Server: remote($IOPR_HOSTADDR:$IOPR_OPEN_PORT)" - - for sslTestType in ${supportedTests_new}; do - if [ -z "`echo $sslTestType | grep -i ssl`" ]; then - continue - fi - ssl_iopr_cov_ext_server $sslTestType ${IOPR_HOSTADDR} \ - ${IOPR_SSL_CLIENTDIR}_${IOPR_HOSTADDR} - ssl_iopr_auth_ext_server $sslTestType ${IOPR_HOSTADDR} \ - ${IOPR_SSL_CLIENTDIR}_${IOPR_HOSTADDR} - ssl_iopr_crl_ext_server $sslTestType ${IOPR_HOSTADDR} \ - ${IOPR_SSL_CLIENTDIR}_${IOPR_HOSTADDR} - done - - - # Testing selfserv with client located at the webserver. - echo "Testing ssl interoperability. - Client: remote($IOPR_HOSTADDR:$PORT) - Server: local(selfserv)" - ssl_iopr_cov_ext_client ${IOPR_HOSTADDR} ${IOPR_OPEN_PORT} \ - ${HOSTADDR} ${PORT} ${R_IOPR_SSL_SERVERDIR}_${IOPR_HOSTADDR} - ssl_iopr_auth_ext_client ${IOPR_HOSTADDR} ${IOPR_OPEN_PORT} \ - ${HOSTADDR} ${PORT} ${R_IOPR_SSL_SERVERDIR}_${IOPR_HOSTADDR} - ssl_iopr_crl_ext_client ${IOPR_HOSTADDR} ${IOPR_OPEN_PORT} \ - ${HOSTADDR} ${PORT} ${R_IOPR_SSL_SERVERDIR}_${IOPR_HOSTADDR} - echo "================================================" - echo "Done testing interoperability with $IOPR_HOSTADDR" - num=`expr $num + 1` - IOPR_HOST_PARAM=`echo "${IOPR_HOSTADDR_LIST} " | cut -f $num -d' '` - done - NO_ECC_CERTS=0 - return 0 -} - diff --git a/security/nss/tests/ocsp/ocsp.sh b/security/nss/tests/ocsp/ocsp.sh deleted file mode 100644 index 8efe737a7..000000000 --- a/security/nss/tests/ocsp/ocsp.sh +++ /dev/null @@ -1,82 +0,0 @@ -#! /bin/sh -# -# ***** BEGIN LICENSE BLOCK ***** -# Version: MPL 1.1/GPL 2.0/LGPL 2.1 -# -# The contents of this file are subject to the Mozilla Public License Version -# 1.1 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS IS" basis, -# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -# for the specific language governing rights and limitations under the -# License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is -# Netscape Communications Corporation. -# Portions created by the Initial Developer are Copyright (C) 1994-2000 -# the Initial Developer. All Rights Reserved. -# -# Alternatively, the contents of this file may be used under the terms of -# either the GNU General Public License Version 2 or later (the "GPL"), or -# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -# in which case the provisions of the GPL or the LGPL are applicable instead -# of those above. If you wish to allow use of your version of this file only -# under the terms of either the GPL or the LGPL, and not to allow others to -# use your version of this file under the terms of the MPL, indicate your -# decision by deleting the provisions above and replace them with the notice -# and other provisions required by the GPL or the LGPL. If you do not delete -# the provisions above, a recipient may use your version of this file under -# the terms of any one of the MPL, the GPL or the LGPL. -# -# ***** END LICENSE BLOCK ***** - -######################################################################## -# -# mozilla/security/nss/tests/ocsp/ocsp.sh -# -# Script to test NSS OCSP -# -# needs to work on all Unix and Windows platforms -# -# special strings -# --------------- -# FIXME ... known problems, search for this string -# NOTE .... unexpected behavior -# -######################################################################## - -############################## ssl_init ################################ -# local shell function to initialize this script -######################################################################## -ocsp_init() -{ - SCRIPTNAME=ocsp.sh # sourced - $0 would point to all.sh - - if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for - CLEANUP="${SCRIPTNAME}" # cleaning this script will do it - fi - - if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then - cd ../common - . ./init.sh - fi - if [ -z "${IOPR_OCSP_SOURCED}" ]; then - . ../iopr/ocsp_iopr.sh - fi - if [ ! -r $CERT_LOG_FILE ]; then # we need certificates here - cd ../cert - . ./cert.sh - fi - SCRIPTNAME=ocsp.sh - echo "$SCRIPTNAME: OCSP tests ===============================" - - cd ${CLIENTDIR} -} - -################## main ################################################# -ocsp_init -ocsp_iopr_run |