summaryrefslogtreecommitdiff
path: root/tests/testDSig.sh
diff options
context:
space:
mode:
Diffstat (limited to 'tests/testDSig.sh')
-rwxr-xr-xtests/testDSig.sh841
1 files changed, 327 insertions, 514 deletions
diff --git a/tests/testDSig.sh b/tests/testDSig.sh
index 2ef9bc73..1f86f8e1 100755
--- a/tests/testDSig.sh
+++ b/tests/testDSig.sh
@@ -1,23 +1,136 @@
-#!/bin/sh
-#
-# This script needs to be called from testrun.sh script
-#
-
-##########################################################################
-##########################################################################
-##########################################################################
-echo "--- testDSig started for xmlsec-$crypto library ($timestamp)"
+#!/bin/sh
+
+OS_ARCH=`uname -o`
+
+if [ "z$OS_ARCH" = "zCygwin" ] ; then
+ topfolder=`cygpath -wa $2`
+ xmlsec_app=`cygpath -a $3`
+else
+ topfolder=$2
+ xmlsec_app=$3
+fi
+crypto=$1
+file_format=$4
+
+pub_key_format=$file_format
+cert_format=$file_format
+priv_key_option="--pkcs12"
+priv_key_format="p12"
+
+if [ "z$TMPFOLDER" = "z" ] ; then
+ TMPFOLDER=/tmp
+fi
+timestamp=`date +%Y%m%d_%H%M%S`
+if [ "z$OS_ARCH" = "zCygwin" ] ; then
+ tmpfile=`cygpath -wa $TMPFOLDER/testDSig.$timestamp-$$.tmp`
+ logfile=`cygpath -wa $TMPFOLDER/testDSig.$timestamp-$$.log`
+else
+ tmpfile=$TMPFOLDER/testDSig.$timestamp-$$.tmp
+ logfile=$TMPFOLDER/testDSig.$timestamp-$$.log
+fi
+
+script="$0"
+
+# prepate crypto config folder
+crypto_config=$TMPFOLDER/xmlsec-crypto-config
+keysfile=$crypto_config/keys.xml
+
+valgrind_suppression="--suppressions=$topfolder/openssl.supp --suppressions=$topfolder/nss.supp"
+valgrind_options="--leak-check=yes --show-reachable=yes --num-callers=32 -v"
+
+if [ "z$crypto" != "z" -a "z$crypto" != "zdefault" ] ; then
+ xmlsec_params="$xmlsec_params --crypto $crypto"
+fi
+xmlsec_params="$xmlsec_params --crypto-config $crypto_config"
+
+if [ -n "$DEBUG_MEMORY" ] ; then
+ export VALGRIND="valgrind $valgrind_options"
+ export REPEAT=3
+ xmlsec_params="$xmlsec_params --repeat $REPEAT"
+fi
+
+if [ -n "$PERF_TEST" ] ; then
+ xmlsec_params="$xmlsec_params --repeat $PERF_TEST"
+fi
+
+printRes() {
+ if [ $1 = 0 ]; then
+ echo " OK"
+ else
+ echo " Fail"
+ fi
+ if [ -f .memdump ] ; then
+ cat .memdump >> $logfile
+ fi
+}
+
+execDSigTest() {
+ folder=$1
+ file=$2
+ req_transforms=$3
+ params1=$4
+ params2=$5
+ params3=$6
+ old_pwd=`pwd`
+ rm -f $tmpfile
+
+ if [ -n "$folder" ] ; then
+ cd $topfolder/$folder
+ full_file=$file
+ echo $folder/$file
+ echo "Test: $folder/$file in folder " `pwd` >> $logfile
+ else
+ full_file=$topfolder/$file
+ echo $file
+ echo "Test: $folder/$file" >> $logfile
+ fi
+
+ if [ -n "$req_transforms" ] ; then
+ printf " Checking required transforms "
+ echo "$xmlsec_app check-transforms $req_transforms" >> $logfile
+ $xmlsec_app check-transforms $req_transforms >> $logfile 2>> $logfile
+ res=$?
+ if [ $res = 0 ]; then
+ echo " OK"
+ else
+ echo " Skip"
+ cd $old_pwd
+ return
+ fi
+ fi
+
+
+ printf " Verify existing signature "
+ echo "$xmlsec_app verify $xmlsec_params $params1 $full_file.xml" >> $logfile
+ $VALGRIND $xmlsec_app verify $xmlsec_params $params1 $full_file.xml >> $logfile 2>> $logfile
+ printRes $?
+
+ if [ -n "$params2" -a -z "$PERF_TEST" ] ; then
+ printf " Create new signature "
+ echo "$xmlsec_app sign $xmlsec_params $params2 --output $tmpfile $full_file.tmpl" >> $logfile
+ $VALGRIND $xmlsec_app sign $xmlsec_params $params2 --output $tmpfile $full_file.tmpl >> $logfile 2>> $logfile
+ printRes $?
+
+ if [ -n "$params3" ] ; then
+ if [ -z "$VALGRIND" ] ; then
+ printf " Verify new signature "
+ echo "$xmlsec_app verify $xmlsec_params $params3 $tmpfile" >> $logfile
+ $VALGRIND $xmlsec_app verify $xmlsec_params $params3 $tmpfile >> $logfile 2>> $logfile
+ printRes $?
+ fi
+ fi
+ fi
+
+ cd $old_pwd
+}
+
+echo "--- testDSig started for xmlsec-$crypto library ($timestamp)"
echo "--- LD_LIBRARY_PATH=$LD_LIBRARY_PATH"
echo "--- log file is $logfile"
echo "--- testDSig started for xmlsec-$crypto library ($timestamp)" >> $logfile
echo "--- LD_LIBRARY_PATH=$LD_LIBRARY_PATH" >> $logfile
##########################################################################
-##########################################################################
-##########################################################################
-echo "--------- Positive Testing ----------"
-
-##########################################################################
#
# xmldsig2ed-tests
#
@@ -25,77 +138,50 @@ echo "--------- Positive Testing ----------"
#
##########################################################################
-execDSigTest $res_success \
- "xmldsig2ed-tests" \
- "defCan-1" \
+execDSigTest "xmldsig2ed-tests" "defCan-1" \
"c14n11 sha1 hmac-sha1" \
- "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest $res_success \
- "xmldsig2ed-tests" \
- "defCan-2" \
+execDSigTest "xmldsig2ed-tests" "defCan-2" \
"c14n11 xslt xpath sha1 hmac-sha1" \
- "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
#
# differences in XSLT transform output, tbd
-#
-# execDSigTest $res_success \
-# "xmldsig2ed-tests" \
-# "defCan-3" \
-# "c14n11 xslt xpath sha1 hmac-sha1" \
-# "hmac" \
-# "--hmackey $topfolder/keys/hmackey.bin" \
-# "--hmackey $topfolder/keys/hmackey.bin" \
-# "--hmackey $topfolder/keys/hmackey.bin"
-#
+#
+# execDSigTest "xmldsig2ed-tests" "defCan-3" \
+# "c14n11 xslt xpath sha1 hmac-sha1" \
+# "--hmackey $topfolder/keys/hmackey.bin" \
+# "--hmackey $topfolder/keys/hmackey.bin" \
+# "--hmackey $topfolder/keys/hmackey.bin"
+#
+
+execDSigTest "xmldsig2ed-tests" "xpointer-1-SUN" \
+ "c14n11 xpointer sha1 hmac-sha1" \
+ "--hmackey $topfolder/keys/hmackey.bin"
+
+execDSigTest "xmldsig2ed-tests" "xpointer-2-SUN" \
+ "c14n11 xpointer sha1 hmac-sha1" \
+ "--hmackey $topfolder/keys/hmackey.bin"
+
+execDSigTest "xmldsig2ed-tests" "xpointer-3-SUN" \
+ "c14n11 xpointer sha1 hmac-sha1" \
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest $res_success \
- "xmldsig2ed-tests" \
- "xpointer-1-SUN" \
- "c14n11 xpointer sha1 hmac-sha1" \
- "hmac" \
- "--hmackey $topfolder/keys/hmackey.bin"
-
-execDSigTest $res_success \
- "xmldsig2ed-tests" \
- "xpointer-2-SUN" \
- "c14n11 xpointer sha1 hmac-sha1" \
- "hmac" \
- "--hmackey $topfolder/keys/hmackey.bin"
-
-execDSigTest $res_success \
- "xmldsig2ed-tests" \
- "xpointer-3-SUN" \
- "c14n11 xpointer sha1 hmac-sha1" \
- "hmac" \
- "--hmackey $topfolder/keys/hmackey.bin"
-
-execDSigTest $res_success \
- "xmldsig2ed-tests" \
- "xpointer-4-SUN" \
- "c14n11 xpointer sha1 hmac-sha1" \
- "hmac" \
- "--hmackey $topfolder/keys/hmackey.bin"
-
-execDSigTest $res_success \
- "xmldsig2ed-tests" \
- "xpointer-5-SUN" \
+execDSigTest "xmldsig2ed-tests" "xpointer-4-SUN" \
"c14n11 xpointer sha1 hmac-sha1" \
- "hmac" \
"--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest $res_success \
- "xmldsig2ed-tests" \
- "xpointer-6-SUN" \
+execDSigTest "xmldsig2ed-tests" "xpointer-5-SUN" \
+ "c14n11 xpointer sha1 hmac-sha1" \
+ "--hmackey $topfolder/keys/hmackey.bin"
+
+execDSigTest "xmldsig2ed-tests" "xpointer-6-SUN" \
"c14n11 xpointer sha1 hmac-sha1" \
- "hmac" \
"--hmackey $topfolder/keys/hmackey.bin"
##########################################################################
@@ -104,259 +190,175 @@ execDSigTest $res_success \
#
##########################################################################
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/enveloping-dsa-x509chain" \
+execDSigTest "" "aleksey-xmldsig-01/enveloping-dsa-x509chain" \
"sha1 dsa-sha1" \
- "dsa x509" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/enveloping-rsa-x509chain" \
+execDSigTest "" "aleksey-xmldsig-01/enveloping-rsa-x509chain" \
"sha1 rsa-sha1" \
- "rsa x509" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
"$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/enveloping-md5-hmac-md5" \
+execDSigTest "" "aleksey-xmldsig-01/enveloping-md5-hmac-md5" \
"md5 hmac-md5" \
- "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/enveloping-md5-hmac-md5-64" \
+execDSigTest "" "aleksey-xmldsig-01/enveloping-md5-hmac-md5-64" \
"md5 hmac-md5" \
- "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160" \
+execDSigTest "" "aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160" \
"ripemd160 hmac-ripemd160" \
- "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64" \
+execDSigTest "" "aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64" \
"ripemd160 hmac-ripemd160" \
- "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/xpointer-hmac" \
+execDSigTest "" "aleksey-xmldsig-01/xpointer-hmac" \
"xpointer sha1 hmac-sha1" \
- "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/enveloping-sha1-hmac-sha1" \
+execDSigTest "" "aleksey-xmldsig-01/enveloping-sha1-hmac-sha1" \
"sha1 hmac-sha1" \
- "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64" \
+execDSigTest "" "aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64" \
"sha1 hmac-sha1" \
- "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/enveloping-sha224-hmac-sha224" \
+execDSigTest "" "aleksey-xmldsig-01/enveloping-sha224-hmac-sha224" \
"sha224 hmac-sha224" \
- "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64" \
+execDSigTest "" "aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64" \
"sha224 hmac-sha224" \
- "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/enveloping-sha256-hmac-sha256" \
+execDSigTest "" "aleksey-xmldsig-01/enveloping-sha256-hmac-sha256" \
"sha256 hmac-sha256" \
- "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64" \
+execDSigTest "" "aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64" \
"sha256 hmac-sha256" \
- "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/enveloping-sha384-hmac-sha384" \
+execDSigTest "" "aleksey-xmldsig-01/enveloping-sha384-hmac-sha384" \
"sha384 hmac-sha384" \
- "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64" \
+execDSigTest "" "aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64" \
"sha384 hmac-sha384" \
- "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/enveloping-sha512-hmac-sha512" \
+execDSigTest "" "aleksey-xmldsig-01/enveloping-sha512-hmac-sha512" \
"sha512 hmac-sha512" \
- "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64" \
+execDSigTest "" "aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64" \
"sha512 hmac-sha512" \
- "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/enveloping-md5-rsa-md5" \
+execDSigTest "" "aleksey-xmldsig-01/enveloping-md5-rsa-md5" \
"md5 rsa-md5" \
- "rsa x509" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
"$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/enveloping-ripemd160-rsa-ripemd160" \
+execDSigTest "" "aleksey-xmldsig-01/enveloping-ripemd160-rsa-ripemd160" \
"ripemd160 rsa-ripemd160" \
- "rsa x509" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
"$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/enveloping-sha1-rsa-sha1" \
+execDSigTest "" "aleksey-xmldsig-01/enveloping-sha1-rsa-sha1" \
"sha1 rsa-sha1" \
- "rsa x509" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
"$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/enveloping-sha224-rsa-sha224" \
+execDSigTest "" "aleksey-xmldsig-01/enveloping-sha224-rsa-sha224" \
"sha224 rsa-sha224" \
- "rsa x509" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
- "$priv_key_option $topfolder/keys/rsakey$priv_key_suffix.$priv_key_format --pwd secret" \
+ "$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/enveloping-sha256-rsa-sha256" \
+execDSigTest "" "aleksey-xmldsig-01/enveloping-sha256-rsa-sha256" \
"sha256 rsa-sha256" \
- "rsa x509" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
- "$priv_key_option $topfolder/keys/rsakey$priv_key_suffix.$priv_key_format --pwd secret" \
+ "$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/enveloping-sha384-rsa-sha384" \
+execDSigTest "" "aleksey-xmldsig-01/enveloping-sha384-rsa-sha384" \
"sha384 rsa-sha384" \
- "rsa x509" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
- "$priv_key_option $topfolder/keys/largersakey$priv_key_suffix.$priv_key_format --pwd secret" \
+ "$priv_key_option $topfolder/keys/largersakey.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/enveloping-sha512-rsa-sha512" \
+execDSigTest "" "aleksey-xmldsig-01/enveloping-sha512-rsa-sha512" \
"sha512 rsa-sha512" \
- "rsa x509" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
- "$priv_key_option $topfolder/keys/largersakey$priv_key_suffix.$priv_key_format --pwd secret" \
+ "$priv_key_option $topfolder/keys/largersakey.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
#
# To generate expired cert run the following command
# > xmlsec1 sign --pkcs12 tests/keys/expiredkey.p12 --pwd secret --output out.xml ./tests/aleksey-xmldsig-01/enveloping-expired-cert.tmpl
#
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/enveloping-expired-cert" \
+execDSigTest "" "aleksey-xmldsig-01/enveloping-expired-cert" \
"sha1 rsa-sha1" \
- "rsa x509" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509 --verification-time 2005-07-10+10:00:00"
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/dtd-hmac-91" \
+execDSigTest "" "aleksey-xmldsig-01/dtd-hmac-91" \
"sha1 hmac-sha1" \
- "hmac" \
"--hmackey $topfolder/keys/hmackey.bin --dtd-file $topfolder/aleksey-xmldsig-01/dtd-hmac-91.dtd" \
"--hmackey $topfolder/keys/hmackey.bin --dtd-file $topfolder/aleksey-xmldsig-01/dtd-hmac-91.dtd" \
"--hmackey $topfolder/keys/hmackey.bin --dtd-file $topfolder/aleksey-xmldsig-01/dtd-hmac-91.dtd"
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/x509data-test" \
+execDSigTest "" "aleksey-xmldsig-01/x509data-test" \
"xpath2 sha1 rsa-sha1" \
- "rsa x509" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format" \
- "$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
+ "$priv_key_option tests/keys/rsakey.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format"
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/x509data-sn-test" \
+execDSigTest "" "aleksey-xmldsig-01/x509data-sn-test" \
"xpath2 sha1 rsa-sha1" \
- "rsa x509" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --untrusted-$cert_format $topfolder/keys/ca2cert.$cert_format --untrusted-$cert_format $topfolder/keys/rsacert.$cert_format --enabled-key-data x509" \
- "$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
+ "$priv_key_option tests/keys/rsakey.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --untrusted-$cert_format $topfolder/keys/ca2cert.$cert_format --untrusted-$cert_format $topfolder/keys/rsacert.$cert_format --enabled-key-data x509"
##########################################################################
@@ -364,216 +366,138 @@ execDSigTest $res_success \
# merlin-xmldsig-twenty-three
#
##########################################################################
-execDSigTest $res_success \
- "" \
- "merlin-xmldsig-twenty-three/signature-enveloped-dsa" \
+
+execDSigTest "" "merlin-xmldsig-twenty-three/signature-enveloped-dsa" \
"enveloped-signature sha1 dsa-sha1" \
- "dsa" \
" " \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
- " "
-
-execDSigTest $res_success \
- "" \
- "merlin-xmldsig-twenty-three/signature-enveloping-dsa" \
+ " "
+
+execDSigTest "" "merlin-xmldsig-twenty-three/signature-enveloping-dsa" \
"sha1 dsa-sha1" \
- "dsa" \
" " \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
- " "
-
-execDSigTest $res_success \
- "" \
- "merlin-xmldsig-twenty-three/signature-enveloping-b64-dsa" \
+ " "
+
+execDSigTest "" "merlin-xmldsig-twenty-three/signature-enveloping-b64-dsa" \
"base64 sha1 dsa-sha1" \
- "dsa" \
" " \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
- " "
-
-execDSigTest $res_success \
- "" \
- "merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40" \
+ " "
+
+execDSigTest "" "merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40" \
"sha1 hmac-sha1" \
- "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin"
-
-execDSigTest $res_success \
- "" \
- "merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1" \
+
+execDSigTest "" "merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1" \
"sha1 hmac-sha1" \
- "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest $res_success \
- "" \
- "merlin-xmldsig-twenty-three/signature-enveloping-rsa" \
+execDSigTest "" "merlin-xmldsig-twenty-three/signature-enveloping-rsa" \
"sha1 rsa-sha1" \
- "rsa" \
" " \
"$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
- " "
-
-execDSigTest $res_success \
- "" \
- "merlin-xmldsig-twenty-three/signature-external-b64-dsa" \
+ " "
+
+execDSigTest "" "merlin-xmldsig-twenty-three/signature-external-b64-dsa" \
"base64 sha1 dsa-sha1" \
- "dsa" \
" " \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
- " "
-
-execDSigTest $res_success \
- "" \
- "merlin-xmldsig-twenty-three/signature-external-dsa" \
+ " "
+
+execDSigTest "" "merlin-xmldsig-twenty-three/signature-external-dsa" \
"sha1 dsa-sha1" \
- "dsa" \
- "" \
+ " " \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
- " "
+ " "
-execDSigTest $res_success \
- "" \
- "merlin-xmldsig-twenty-three/signature-keyname" \
+execDSigTest "" "merlin-xmldsig-twenty-three/signature-keyname" \
"sha1 dsa-sha1" \
- "dsa x509" \
- "" \
+ "--pubkey-cert-$cert_format:Lugh $topfolder/merlin-xmldsig-twenty-three/certs/lugh-cert.$cert_format" \
"$priv_key_option:test-dsa $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
"$priv_key_option:test-dsa $topfolder/keys/dsakey.$priv_key_format --pwd secret"
-execDSigTest $res_success \
- "" \
- "merlin-xmldsig-twenty-three/signature-x509-crt" \
+execDSigTest "" "merlin-xmldsig-twenty-three/signature-x509-crt" \
"sha1 dsa-sha1" \
- "dsa x509" \
- "" \
+ "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format" \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret"\
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format"
-execDSigTest $res_success \
- "" \
- "merlin-xmldsig-twenty-three/signature-x509-sn" \
+execDSigTest "" "merlin-xmldsig-twenty-three/signature-x509-sn" \
"sha1 dsa-sha1" \
- "dsa x509" \
- "" \
+ "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format --untrusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/badb.$cert_format" \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret"\
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format"
-execDSigTest $res_success \
- "" \
- "merlin-xmldsig-twenty-three/signature-x509-is" \
+execDSigTest "" "merlin-xmldsig-twenty-three/signature-x509-is" \
"sha1 dsa-sha1" \
- "dsa x509" \
- "" \
+ "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format --untrusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/macha.$cert_format" \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret"\
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format"
-execDSigTest $res_success \
- "" \
- "merlin-xmldsig-twenty-three/signature-x509-ski" \
+execDSigTest "" "merlin-xmldsig-twenty-three/signature-x509-ski" \
"sha1 dsa-sha1" \
- "dsa x509" \
- "" \
+ "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format --untrusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/nemain.$cert_format" \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret"\
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format"
-execDSigTest $res_success \
- "" \
- "merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt" \
+execDSigTest "" "merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt" \
"sha1 dsa-sha1" \
- "dsa x509" \
- "" \
+ "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format --untrusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/nemain.$cert_format" \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret"\
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --trusted-$cert_format $topfolder/keys/ca2cert.$cert_format"
-
-execDSigTest $res_success \
- "" \
- "merlin-xmldsig-twenty-three/signature" \
+
+execDSigTest "" "merlin-xmldsig-twenty-three/signature" \
"base64 xpath enveloped-signature c14n-with-comments sha1 dsa-sha1" \
- "dsa x509" \
- "" \
+ "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/merlin.$cert_format" \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --untrusted-$cert_format $topfolder/keys/ca2cert.$cert_format"
-
##########################################################################
#
# merlin-xmlenc-five
#
-# While the main operation is signature (and this is why we have these
-# tests here instead of testEnc.sh), these tests check the encryption
-# key transport/wrapper algorightms
-#
##########################################################################
-execDSigTest $res_success \
- "" \
- "merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes" \
+
+execDSigTest "" "merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes" \
"ripemd160 hmac-ripemd160 kw-tripledes" \
- "hmac des" \
- "" \
+ "--keys-file $topfolder/merlin-xmlenc-five/keys.xml" \
"--session-key hmac-192 --keys-file $topfolder/merlin-xmlenc-five/keys.xml" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
-execDSigTest $res_success \
- "" \
- "merlin-xmlenc-five/encsig-sha256-hmac-sha256-kw-aes128" \
+execDSigTest "" "merlin-xmlenc-five/encsig-sha256-hmac-sha256-kw-aes128" \
"sha256 hmac-sha256 kw-aes128" \
- "hmac aes" \
- ""
+ "--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
-execDSigTest $res_success \
- "" \
- "merlin-xmlenc-five/encsig-sha384-hmac-sha384-kw-aes192" \
+execDSigTest "" "merlin-xmlenc-five/encsig-sha384-hmac-sha384-kw-aes192" \
"sha384 hmac-sha384 kw-aes192" \
- "hmac aes" \
- ""
+ "--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
-execDSigTest $res_success \
- "" \
- "merlin-xmlenc-five/encsig-sha512-hmac-sha512-kw-aes256" \
+execDSigTest "" "merlin-xmlenc-five/encsig-sha512-hmac-sha512-kw-aes256" \
"sha512 hmac-sha512 kw-aes256" \
- "hmac aes" \
- ""
-
-execDSigTest $res_success \
- "" \
- "merlin-xmlenc-five/encsig-hmac-sha256-rsa-1_5" \
- "sha1 hmac-sha256 rsa-1_5" \
- "hmac rsa" \
- ""
-
-execDSigTest $res_success \
- "" \
- "merlin-xmlenc-five/encsig-hmac-sha256-rsa-oaep-mgf1p" \
- "sha1 hmac-sha256 rsa-oaep-mgf1p" \
- "hmac rsa" \
- ""
-
+ "--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
+#merlin-xmlenc-five/encsig-hmac-sha256-rsa-1_5.xml
+#merlin-xmlenc-five/encsig-hmac-sha256-rsa-oaep-mgf1p.xml
##########################################################################
#
# merlin-exc-c14n-one
#
##########################################################################
-execDSigTest $res_success \
- "" \
- "merlin-exc-c14n-one/exc-signature" \
+
+execDSigTest "" "merlin-exc-c14n-one/exc-signature" \
"exc-c14n sha1 dsa-sha1" \
- "dsa" \
" " \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
- " "
-
-execDSigTest $res_success \
- "" \
- "merlin-exc-c14n-one/exc-signature" \
+ " "
+
+execDSigTest "" "merlin-exc-c14n-one/exc-signature" \
"exc-c14n sha1 dsa-sha1" \
- "dsa" \
" "
##########################################################################
@@ -581,206 +505,125 @@ execDSigTest $res_success \
# merlin-c14n-three
#
##########################################################################
-
-execDSigTest $res_success \
- "" \
- "merlin-c14n-three/signature" \
+
+execDSigTest "" "merlin-c14n-three/signature" \
"c14n c14n-with-comments exc-c14n exc-c14n-with-comments xpath sha1 dsa-sha1" \
- "dsa" \
" "
-
+
##########################################################################
#
# merlin-xpath-filter2-three
#
##########################################################################
-execDSigTest $res_success \
- "" \
- "merlin-xpath-filter2-three/sign-xfdl" \
+execDSigTest "" "merlin-xpath-filter2-three/sign-xfdl" \
"enveloped-signature xpath2 sha1 dsa-sha1" \
- "dsa" \
- " "
+ ""
-execDSigTest $res_success \
- "" \
- "merlin-xpath-filter2-three/sign-spec" \
+execDSigTest "" "merlin-xpath-filter2-three/sign-spec" \
"enveloped-signature xpath2 sha1 dsa-sha1" \
- "dsa" \
- " "
+ ""
##########################################################################
#
# phaos-xmldsig-three
#
##########################################################################
-execDSigTest $res_success \
- "phaos-xmldsig-three" \
- "signature-big" \
+execDSigTest "phaos-xmldsig-three" "signature-big" \
"base64 xslt xpath sha1 rsa-sha1" \
- "rsa x509" \
"--pubkey-cert-$cert_format certs/rsa-cert.$cert_format"
-execDSigTest $res_success \
- "phaos-xmldsig-three" \
- "signature-dsa-detached" \
+execDSigTest "phaos-xmldsig-three" "signature-dsa-detached" \
"sha1 dsa-sha1" \
- "dsa x509" \
- "--trusted-$cert_format certs/dsa-ca-cert.$cert_format --verification-time 2009-01-01+10:00:00"
+ "--trusted-$cert_format certs/dsa-ca-cert.$cert_format"
-execDSigTest $res_success \
- "phaos-xmldsig-three" \
- "signature-dsa-enveloped" \
+execDSigTest "phaos-xmldsig-three" "signature-dsa-enveloped" \
"enveloped-signature sha1 dsa-sha1" \
- "dsa x509" \
- "--trusted-$cert_format certs/dsa-ca-cert.$cert_format --verification-time 2009-01-01+10:00:00"
-
-execDSigTest $res_success \
- "phaos-xmldsig-three" \
- "signature-dsa-enveloping" \
+ "--trusted-$cert_format certs/dsa-ca-cert.$cert_format"
+
+execDSigTest "phaos-xmldsig-three" "signature-dsa-enveloping" \
"sha1 dsa-sha1" \
- "dsa x509" \
- "--trusted-$cert_format certs/dsa-ca-cert.$cert_format --verification-time 2009-01-01+10:00:00"
+ "--trusted-$cert_format certs/dsa-ca-cert.$cert_format"
-execDSigTest $res_success \
- "phaos-xmldsig-three" \
- "signature-dsa-manifest" \
+execDSigTest "phaos-xmldsig-three" "signature-dsa-manifest" \
"sha1 dsa-sha1" \
- "dsa x509" \
- "--trusted-$cert_format certs/dsa-ca-cert.$cert_format --verification-time 2009-01-01+10:00:00"
+ "--trusted-$cert_format certs/dsa-ca-cert.$cert_format"
-execDSigTest $res_success \
- "phaos-xmldsig-three" \
- "signature-hmac-md5-c14n-enveloping" \
+execDSigTest "phaos-xmldsig-three" "signature-hmac-md5-c14n-enveloping" \
"md5 hmac-md5" \
- "hmac" \
"--hmackey certs/hmackey.bin"
-
-execDSigTest $res_success \
- "phaos-xmldsig-three" \
- "signature-hmac-sha1-40-c14n-comments-detached" \
+
+execDSigTest "phaos-xmldsig-three" "signature-hmac-sha1-40-c14n-comments-detached" \
"c14n-with-comments sha1 hmac-sha1" \
- "hmac" \
"--hmackey certs/hmackey.bin"
-
-execDSigTest $res_success \
- "phaos-xmldsig-three" \
- "signature-hmac-sha1-40-exclusive-c14n-comments-detached" \
+
+execDSigTest "phaos-xmldsig-three" "signature-hmac-sha1-40-exclusive-c14n-comments-detached" \
"exc-c14n-with-comments sha1 hmac-sha1" \
- "hmac" \
"--hmackey certs/hmackey.bin"
-
-execDSigTest $res_success \
- "phaos-xmldsig-three" \
- "signature-hmac-sha1-exclusive-c14n-comments-detached" \
+
+execDSigTest "phaos-xmldsig-three" "signature-hmac-sha1-exclusive-c14n-comments-detached" \
"exc-c14n-with-comments sha1 hmac-sha1" \
- "hmac" \
"--hmackey certs/hmackey.bin"
-
-execDSigTest $res_success \
- "phaos-xmldsig-three" \
- "signature-hmac-sha1-exclusive-c14n-enveloped" \
+
+execDSigTest "phaos-xmldsig-three" "signature-hmac-sha1-exclusive-c14n-enveloped" \
"enveloped-signature exc-c14n sha1 hmac-sha1" \
- "hmac" \
"--hmackey certs/hmackey.bin"
-execDSigTest $res_success \
- "phaos-xmldsig-three" \
- "signature-rsa-detached-b64-transform" \
+execDSigTest "phaos-xmldsig-three" "signature-rsa-detached-b64-transform" \
"base64 sha1 rsa-sha1" \
- "rsa x509" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest $res_success \
- "phaos-xmldsig-three" \
- "signature-rsa-detached" \
+execDSigTest "phaos-xmldsig-three" "signature-rsa-detached" \
"sha1 rsa-sha1" \
- "rsa x509" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest $res_success \
- "phaos-xmldsig-three" \
- "signature-rsa-detached-xpath-transform" \
+execDSigTest "phaos-xmldsig-three" "signature-rsa-detached-xpath-transform" \
"xpath sha1 rsa-sha1" \
- "rsa x509" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest $res_success \
- "phaos-xmldsig-three" \
- "signature-rsa-detached-xslt-transform-retrieval-method" \
+execDSigTest "phaos-xmldsig-three" "signature-rsa-detached-xslt-transform-retrieval-method" \
"xslt sha1 rsa-sha1" \
- "rsa x509" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest $res_success \
- "phaos-xmldsig-three" \
- "signature-rsa-detached-xslt-transform" \
+execDSigTest "phaos-xmldsig-three" "signature-rsa-detached-xslt-transform" \
"xslt sha1 rsa-sha1" \
- "rsa x509" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest $res_success \
- "phaos-xmldsig-three" \
- "signature-rsa-enveloped" \
+execDSigTest "phaos-xmldsig-three" "signature-rsa-enveloped" \
"enveloped-signature sha1 rsa-sha1" \
- "rsa x509" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest $res_success \
- "phaos-xmldsig-three" \
- "signature-rsa-enveloping" \
+execDSigTest "phaos-xmldsig-three" "signature-rsa-enveloping" \
"sha1 rsa-sha1" \
- "rsa x509" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest $res_success \
- "phaos-xmldsig-three" \
- "signature-rsa-manifest-x509-data-cert-chain" \
+execDSigTest "phaos-xmldsig-three" "signature-rsa-manifest-x509-data-cert-chain" \
"sha1 rsa-sha1" \
- "rsa x509" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest $res_success \
- "phaos-xmldsig-three" \
- "signature-rsa-manifest-x509-data-cert" \
+execDSigTest "phaos-xmldsig-three" "signature-rsa-manifest-x509-data-cert" \
"sha1 rsa-sha1" \
- "rsa x509" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest $res_success \
- "phaos-xmldsig-three" \
- "signature-rsa-manifest-x509-data-issuer-serial" \
+execDSigTest "phaos-xmldsig-three" "signature-rsa-manifest-x509-data-issuer-serial" \
"sha1 rsa-sha1" \
- "rsa x509" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format"
-execDSigTest $res_success \
- "phaos-xmldsig-three" \
- "signature-rsa-manifest-x509-data-ski" \
+execDSigTest "phaos-xmldsig-three" "signature-rsa-manifest-x509-data-ski" \
"sha1 rsa-sha1" \
- "rsa x509" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format"
-execDSigTest $res_success \
- "phaos-xmldsig-three" \
- "signature-rsa-manifest-x509-data-subject-name" \
+execDSigTest "phaos-xmldsig-three" "signature-rsa-manifest-x509-data-subject-name" \
"sha1 rsa-sha1" \
- "rsa x509" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format"
-execDSigTest $res_success \
- "phaos-xmldsig-three" \
- "signature-rsa-manifest" \
+execDSigTest "phaos-xmldsig-three" "signature-rsa-manifest" \
"sha1 rsa-sha1" \
- "rsa x509" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest $res_success \
- "phaos-xmldsig-three" \
- "signature-rsa-xpath-transform-enveloped" \
+execDSigTest "phaos-xmldsig-three" "signature-rsa-xpath-transform-enveloped" \
"enveloped-signature xpath sha1 rsa-sha1" \
- "rsa x509" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
##########################################################################
@@ -788,88 +631,58 @@ execDSigTest $res_success \
# test dynamic signature
#
##########################################################################
+
echo "Dynamic signature template"
printf " Create new signature "
echo "$xmlsec_app sign-tmpl $xmlsec_params --keys-file $keysfile --output $tmpfile" >> $logfile
$VALGRIND $xmlsec_app sign-tmpl $xmlsec_params --keys-file $keysfile --output $tmpfile >> $logfile 2>> $logfile
-printRes $res_success $?
+printRes $?
printf " Verify new signature "
echo "$xmlsec_app verify --keys-file $keysfile $tmpfile" >> $logfile
$VALGRIND $xmlsec_app verify $xmlsec_params --keys-file $keysfile $tmpfile >> $logfile 2>> $logfile
-printRes $res_success $?
+printRes $?
-##########################################################################
-##########################################################################
-##########################################################################
echo "--------- These tests CAN FAIL (extra OS config required) ----------"
-execDSigTest $res_success \
- "" \
- "aleksey-xmldsig-01/enveloped-gost" \
+execDSigTest "" "aleksey-xmldsig-01/enveloped-gost" \
"enveloped-signature gostr34102001-gostr3411 gostr3411" \
- "gost" \
"--trusted-$cert_format $topfolder/keys/gost2001ca.$cert_format --untrusted-$cert_format $topfolder/keys/ca2cert.$cert_format --enabled-key-data x509" \
"" \
""
-##########################################################################
-##########################################################################
-##########################################################################
-echo "--------- Negative Testing ----------"
-execDSigTest $res_fail \
- "" \
- "merlin-xmldsig-twenty-three/signature-x509-crt-crl" \
+echo "--------- Negative Testing: next test MUST FAIL ----------"
+execDSigTest "" "merlin-xmldsig-twenty-three/signature-x509-crt-crl" \
"sha1 rsa-sha1" \
- "rsa x509" \
"--X509-skip-strict-checks --trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format"
-execDSigTest $res_fail \
- "" \
- "aleksey-xmldsig-01/enveloping-expired-cert" \
+execDSigTest "" "aleksey-xmldsig-01/enveloping-expired-cert" \
"sha1 dsa-sha1" \
- "dsa x509" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
-execDSigTest $res_fail \
- "" \
- "aleksey-xmldsig-01/dtd-hmac-91" \
+execDSigTest "" "aleksey-xmldsig-01/dtd-hmac-91" \
"sha1 hmac-sha1" \
- "hmac" \
"--enabled-reference-uris empty --hmackey $topfolder/keys/hmackey.bin --dtd-file $topfolder/aleksey-xmldsig-01/dtd-hmac-91.dtd"
-execDSigTest $res_fail \
- "phaos-xmldsig-three" \
- "signature-rsa-detached-xslt-transform-bad-retrieval-method" \
+execDSigTest "phaos-xmldsig-three" "signature-rsa-detached-xslt-transform-bad-retrieval-method" \
"xslt sha1 rsa-sha1" \
- "rsa x509" \
"--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest $res_fail \
- "phaos-xmldsig-three" \
- "signature-rsa-enveloped-bad-digest-val" \
+execDSigTest "phaos-xmldsig-three" "signature-rsa-enveloped-bad-digest-val" \
"enveloped-signature sha1 rsa-sha1" \
- "rsa x509" \
"--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest $res_fail \
- "phaos-xmldsig-three" \
- "signature-rsa-enveloped-bad-sig" \
+execDSigTest "phaos-xmldsig-three" "signature-rsa-enveloped-bad-sig" \
"enveloped-signature sha1 rsa-sha1" \
- "rsa x509" \
"--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest $res_fail \
- "phaos-xmldsig-three" \
- "signature-rsa-manifest-x509-data-crl" \
+execDSigTest "phaos-xmldsig-three" "signature-rsa-manifest-x509-data-crl" \
"sha1 rsa-sha1" \
- "rsa x509" \
"--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-##########################################################################
-##########################################################################
-##########################################################################
+rm -rf $tmpfile
+
echo "--- testDSig finished" >> $logfile
echo "--- testDSig finished"
-echo "--- detailed log is written to $logfile"
+echo "--- detailed log is written to $logfile"