summaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
Diffstat (limited to 'tests')
-rw-r--r--tests/keys/README20
-rw-r--r--tests/keys/largersakey-win.p12bin0 -> 6656 bytes
-rw-r--r--tests/keys/largersakey-winxp.p12bin0 -> 6683 bytes
-rw-r--r--tests/keys/rsakey-win.p12bin0 -> 4166 bytes
-rw-r--r--tests/keys/rsakey-winxp.p12bin0 -> 4193 bytes
-rwxr-xr-xtests/testDSig.sh845
-rwxr-xr-xtests/testEnc.sh350
-rwxr-xr-xtests/testKeys.sh170
-rwxr-xr-xtests/testXKMS.sh197
-rwxr-xr-xtests/testrun.sh443
10 files changed, 1294 insertions, 731 deletions
diff --git a/tests/keys/README b/tests/keys/README
index 555fe512..14515024 100644
--- a/tests/keys/README
+++ b/tests/keys/README
@@ -181,3 +181,23 @@ README
# (used in above step)
> pk12util -d <nss_config_dir> -i keycert.p12
+6. On Windows, one needs to specify Crypto Service Provider (CSP) in the
+pkcs12 file to ensure it is loaded correctly to be used with SHA2 algorithms.
+Worse, the CSP is different for XP and older versions
+
+
+ Input: DSA/RSA private key in PEM or DER format
+ Output: A PKCS12 file containing the private key, and a self-signed
+ certificate with the corresponding public key. Plus the CSP
+ name to be used for this key/cert.
+
+
+ > cat rsakey.pem rsacert.pem ca2cert.pem cacert.pem > allrsa.pem
+ > openssl pkcs12 -export -in allrsa.pem -name TestRsaKey -out rsakey-winxp.p12 -CSP "Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)"
+ > openssl pkcs12 -export -in allrsa.pem -name TestRsaKey -out rsakey-win.p12 -CSP "Microsoft Enhanced RSA and AES Cryptographic Provider"
+
+
+ > cat largersakey.pem largersacert.pem ca2cert.pem cacert.pem > alllargersa.pem
+ > openssl pkcs12 -export -in alllargersa.pem -name TestLargeRsaKey -out largersakey-winxp.p12 -CSP "Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)"
+ > openssl pkcs12 -export -in alllargersa.pem -name TestLargeRsaKey -out largersakey-win.p12 -CSP "Microsoft Enhanced RSA and AES Cryptographic Provider"
+
diff --git a/tests/keys/largersakey-win.p12 b/tests/keys/largersakey-win.p12
new file mode 100644
index 00000000..af04b9e4
--- /dev/null
+++ b/tests/keys/largersakey-win.p12
Binary files differ
diff --git a/tests/keys/largersakey-winxp.p12 b/tests/keys/largersakey-winxp.p12
new file mode 100644
index 00000000..75746297
--- /dev/null
+++ b/tests/keys/largersakey-winxp.p12
Binary files differ
diff --git a/tests/keys/rsakey-win.p12 b/tests/keys/rsakey-win.p12
new file mode 100644
index 00000000..e0281f7d
--- /dev/null
+++ b/tests/keys/rsakey-win.p12
Binary files differ
diff --git a/tests/keys/rsakey-winxp.p12 b/tests/keys/rsakey-winxp.p12
new file mode 100644
index 00000000..3817a7e1
--- /dev/null
+++ b/tests/keys/rsakey-winxp.p12
Binary files differ
diff --git a/tests/testDSig.sh b/tests/testDSig.sh
index 1f86f8e1..b8d85aa8 100755
--- a/tests/testDSig.sh
+++ b/tests/testDSig.sh
@@ -1,136 +1,23 @@
-#!/bin/sh
-
-OS_ARCH=`uname -o`
-
-if [ "z$OS_ARCH" = "zCygwin" ] ; then
- topfolder=`cygpath -wa $2`
- xmlsec_app=`cygpath -a $3`
-else
- topfolder=$2
- xmlsec_app=$3
-fi
-crypto=$1
-file_format=$4
-
-pub_key_format=$file_format
-cert_format=$file_format
-priv_key_option="--pkcs12"
-priv_key_format="p12"
-
-if [ "z$TMPFOLDER" = "z" ] ; then
- TMPFOLDER=/tmp
-fi
-timestamp=`date +%Y%m%d_%H%M%S`
-if [ "z$OS_ARCH" = "zCygwin" ] ; then
- tmpfile=`cygpath -wa $TMPFOLDER/testDSig.$timestamp-$$.tmp`
- logfile=`cygpath -wa $TMPFOLDER/testDSig.$timestamp-$$.log`
-else
- tmpfile=$TMPFOLDER/testDSig.$timestamp-$$.tmp
- logfile=$TMPFOLDER/testDSig.$timestamp-$$.log
-fi
-
-script="$0"
-
-# prepate crypto config folder
-crypto_config=$TMPFOLDER/xmlsec-crypto-config
-keysfile=$crypto_config/keys.xml
-
-valgrind_suppression="--suppressions=$topfolder/openssl.supp --suppressions=$topfolder/nss.supp"
-valgrind_options="--leak-check=yes --show-reachable=yes --num-callers=32 -v"
-
-if [ "z$crypto" != "z" -a "z$crypto" != "zdefault" ] ; then
- xmlsec_params="$xmlsec_params --crypto $crypto"
-fi
-xmlsec_params="$xmlsec_params --crypto-config $crypto_config"
-
-if [ -n "$DEBUG_MEMORY" ] ; then
- export VALGRIND="valgrind $valgrind_options"
- export REPEAT=3
- xmlsec_params="$xmlsec_params --repeat $REPEAT"
-fi
-
-if [ -n "$PERF_TEST" ] ; then
- xmlsec_params="$xmlsec_params --repeat $PERF_TEST"
-fi
-
-printRes() {
- if [ $1 = 0 ]; then
- echo " OK"
- else
- echo " Fail"
- fi
- if [ -f .memdump ] ; then
- cat .memdump >> $logfile
- fi
-}
-
-execDSigTest() {
- folder=$1
- file=$2
- req_transforms=$3
- params1=$4
- params2=$5
- params3=$6
- old_pwd=`pwd`
- rm -f $tmpfile
-
- if [ -n "$folder" ] ; then
- cd $topfolder/$folder
- full_file=$file
- echo $folder/$file
- echo "Test: $folder/$file in folder " `pwd` >> $logfile
- else
- full_file=$topfolder/$file
- echo $file
- echo "Test: $folder/$file" >> $logfile
- fi
-
- if [ -n "$req_transforms" ] ; then
- printf " Checking required transforms "
- echo "$xmlsec_app check-transforms $req_transforms" >> $logfile
- $xmlsec_app check-transforms $req_transforms >> $logfile 2>> $logfile
- res=$?
- if [ $res = 0 ]; then
- echo " OK"
- else
- echo " Skip"
- cd $old_pwd
- return
- fi
- fi
-
-
- printf " Verify existing signature "
- echo "$xmlsec_app verify $xmlsec_params $params1 $full_file.xml" >> $logfile
- $VALGRIND $xmlsec_app verify $xmlsec_params $params1 $full_file.xml >> $logfile 2>> $logfile
- printRes $?
-
- if [ -n "$params2" -a -z "$PERF_TEST" ] ; then
- printf " Create new signature "
- echo "$xmlsec_app sign $xmlsec_params $params2 --output $tmpfile $full_file.tmpl" >> $logfile
- $VALGRIND $xmlsec_app sign $xmlsec_params $params2 --output $tmpfile $full_file.tmpl >> $logfile 2>> $logfile
- printRes $?
-
- if [ -n "$params3" ] ; then
- if [ -z "$VALGRIND" ] ; then
- printf " Verify new signature "
- echo "$xmlsec_app verify $xmlsec_params $params3 $tmpfile" >> $logfile
- $VALGRIND $xmlsec_app verify $xmlsec_params $params3 $tmpfile >> $logfile 2>> $logfile
- printRes $?
- fi
- fi
- fi
-
- cd $old_pwd
-}
-
-echo "--- testDSig started for xmlsec-$crypto library ($timestamp)"
+#!/bin/sh
+#
+# This script needs to be called from testrun.sh script
+#
+
+##########################################################################
+##########################################################################
+##########################################################################
+echo "--- testDSig started for xmlsec-$crypto library ($timestamp)"
echo "--- LD_LIBRARY_PATH=$LD_LIBRARY_PATH"
echo "--- log file is $logfile"
echo "--- testDSig started for xmlsec-$crypto library ($timestamp)" >> $logfile
echo "--- LD_LIBRARY_PATH=$LD_LIBRARY_PATH" >> $logfile
##########################################################################
+##########################################################################
+##########################################################################
+echo "--------- Positive Testing ----------"
+
+##########################################################################
#
# xmldsig2ed-tests
#
@@ -138,50 +25,77 @@ echo "--- LD_LIBRARY_PATH=$LD_LIBRARY_PATH" >> $logfile
#
##########################################################################
-execDSigTest "xmldsig2ed-tests" "defCan-1" \
+execDSigTest $res_success \
+ "xmldsig2ed-tests" \
+ "defCan-1" \
"c14n11 sha1 hmac-sha1" \
+ "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "xmldsig2ed-tests" "defCan-2" \
+execDSigTest $res_success \
+ "xmldsig2ed-tests" \
+ "defCan-2" \
"c14n11 xslt xpath sha1 hmac-sha1" \
+ "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
#
# differences in XSLT transform output, tbd
-#
-# execDSigTest "xmldsig2ed-tests" "defCan-3" \
-# "c14n11 xslt xpath sha1 hmac-sha1" \
-# "--hmackey $topfolder/keys/hmackey.bin" \
-# "--hmackey $topfolder/keys/hmackey.bin" \
-# "--hmackey $topfolder/keys/hmackey.bin"
-#
-
-execDSigTest "xmldsig2ed-tests" "xpointer-1-SUN" \
- "c14n11 xpointer sha1 hmac-sha1" \
- "--hmackey $topfolder/keys/hmackey.bin"
-
-execDSigTest "xmldsig2ed-tests" "xpointer-2-SUN" \
- "c14n11 xpointer sha1 hmac-sha1" \
- "--hmackey $topfolder/keys/hmackey.bin"
-
-execDSigTest "xmldsig2ed-tests" "xpointer-3-SUN" \
- "c14n11 xpointer sha1 hmac-sha1" \
- "--hmackey $topfolder/keys/hmackey.bin"
-
-execDSigTest "xmldsig2ed-tests" "xpointer-4-SUN" \
- "c14n11 xpointer sha1 hmac-sha1" \
- "--hmackey $topfolder/keys/hmackey.bin"
+#
+# execDSigTest $res_success \
+# "xmldsig2ed-tests" \
+# "defCan-3" \
+# "c14n11 xslt xpath sha1 hmac-sha1" \
+# "hmac" \
+# "--hmackey $topfolder/keys/hmackey.bin" \
+# "--hmackey $topfolder/keys/hmackey.bin" \
+# "--hmackey $topfolder/keys/hmackey.bin"
+#
-execDSigTest "xmldsig2ed-tests" "xpointer-5-SUN" \
+execDSigTest $res_success \
+ "xmldsig2ed-tests" \
+ "xpointer-1-SUN" \
+ "c14n11 xpointer sha1 hmac-sha1" \
+ "hmac" \
+ "--hmackey $topfolder/keys/hmackey.bin"
+
+execDSigTest $res_success \
+ "xmldsig2ed-tests" \
+ "xpointer-2-SUN" \
+ "c14n11 xpointer sha1 hmac-sha1" \
+ "hmac" \
+ "--hmackey $topfolder/keys/hmackey.bin"
+
+execDSigTest $res_success \
+ "xmldsig2ed-tests" \
+ "xpointer-3-SUN" \
+ "c14n11 xpointer sha1 hmac-sha1" \
+ "hmac" \
+ "--hmackey $topfolder/keys/hmackey.bin"
+
+execDSigTest $res_success \
+ "xmldsig2ed-tests" \
+ "xpointer-4-SUN" \
+ "c14n11 xpointer sha1 hmac-sha1" \
+ "hmac" \
+ "--hmackey $topfolder/keys/hmackey.bin"
+
+execDSigTest $res_success \
+ "xmldsig2ed-tests" \
+ "xpointer-5-SUN" \
"c14n11 xpointer sha1 hmac-sha1" \
+ "hmac" \
"--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "xmldsig2ed-tests" "xpointer-6-SUN" \
+execDSigTest $res_success \
+ "xmldsig2ed-tests" \
+ "xpointer-6-SUN" \
"c14n11 xpointer sha1 hmac-sha1" \
+ "hmac" \
"--hmackey $topfolder/keys/hmackey.bin"
##########################################################################
@@ -190,175 +104,259 @@ execDSigTest "xmldsig2ed-tests" "xpointer-6-SUN" \
#
##########################################################################
-execDSigTest "" "aleksey-xmldsig-01/enveloping-dsa-x509chain" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-dsa-x509chain" \
"sha1 dsa-sha1" \
+ "dsa x509" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-rsa-x509chain" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-rsa-x509chain" \
"sha1 rsa-sha1" \
+ "rsa x509" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
"$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-md5-hmac-md5" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-md5-hmac-md5" \
"md5 hmac-md5" \
+ "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-md5-hmac-md5-64" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-md5-hmac-md5-64" \
"md5 hmac-md5" \
+ "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160" \
"ripemd160 hmac-ripemd160" \
+ "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64" \
"ripemd160 hmac-ripemd160" \
+ "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/xpointer-hmac" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/xpointer-hmac" \
"xpointer sha1 hmac-sha1" \
+ "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha1-hmac-sha1" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha1-hmac-sha1" \
"sha1 hmac-sha1" \
+ "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64" \
"sha1 hmac-sha1" \
+ "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha224-hmac-sha224" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha224-hmac-sha224" \
"sha224 hmac-sha224" \
+ "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64" \
"sha224 hmac-sha224" \
+ "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha256-hmac-sha256" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha256-hmac-sha256" \
"sha256 hmac-sha256" \
+ "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64" \
"sha256 hmac-sha256" \
+ "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha384-hmac-sha384" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha384-hmac-sha384" \
"sha384 hmac-sha384" \
+ "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64" \
"sha384 hmac-sha384" \
+ "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha512-hmac-sha512" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha512-hmac-sha512" \
"sha512 hmac-sha512" \
+ "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64" \
"sha512 hmac-sha512" \
+ "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
- "--hmackey $topfolder/keys/hmackey.bin"
+ "--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-md5-rsa-md5" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-md5-rsa-md5" \
"md5 rsa-md5" \
+ "rsa x509" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
"$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-ripemd160-rsa-ripemd160" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-ripemd160-rsa-ripemd160" \
"ripemd160 rsa-ripemd160" \
+ "rsa x509" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
"$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha1-rsa-sha1" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha1-rsa-sha1" \
"sha1 rsa-sha1" \
+ "rsa x509" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
"$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha224-rsa-sha224" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha224-rsa-sha224" \
"sha224 rsa-sha224" \
+ "rsa x509" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
- "$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
+ "$priv_key_option $topfolder/keys/rsakey$priv_key_suffix.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha256-rsa-sha256" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha256-rsa-sha256" \
"sha256 rsa-sha256" \
+ "rsa x509" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
- "$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
+ "$priv_key_option $topfolder/keys/rsakey$priv_key_suffix.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha384-rsa-sha384" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha384-rsa-sha384" \
"sha384 rsa-sha384" \
+ "rsa x509" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
- "$priv_key_option $topfolder/keys/largersakey.$priv_key_format --pwd secret" \
+ "$priv_key_option $topfolder/keys/largersakey$priv_key_suffix.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha512-rsa-sha512" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-sha512-rsa-sha512" \
"sha512 rsa-sha512" \
+ "rsa x509" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
- "$priv_key_option $topfolder/keys/largersakey.$priv_key_format --pwd secret" \
+ "$priv_key_option $topfolder/keys/largersakey$priv_key_suffix.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
#
# To generate expired cert run the following command
# > xmlsec1 sign --pkcs12 tests/keys/expiredkey.p12 --pwd secret --output out.xml ./tests/aleksey-xmldsig-01/enveloping-expired-cert.tmpl
#
-execDSigTest "" "aleksey-xmldsig-01/enveloping-expired-cert" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloping-expired-cert" \
"sha1 rsa-sha1" \
+ "rsa x509" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509 --verification-time 2005-07-10+10:00:00"
-execDSigTest "" "aleksey-xmldsig-01/dtd-hmac-91" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/dtd-hmac-91" \
"sha1 hmac-sha1" \
+ "hmac" \
"--hmackey $topfolder/keys/hmackey.bin --dtd-file $topfolder/aleksey-xmldsig-01/dtd-hmac-91.dtd" \
"--hmackey $topfolder/keys/hmackey.bin --dtd-file $topfolder/aleksey-xmldsig-01/dtd-hmac-91.dtd" \
"--hmackey $topfolder/keys/hmackey.bin --dtd-file $topfolder/aleksey-xmldsig-01/dtd-hmac-91.dtd"
-execDSigTest "" "aleksey-xmldsig-01/x509data-test" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/x509data-test" \
"xpath2 sha1 rsa-sha1" \
+ "rsa x509" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format" \
- "$priv_key_option tests/keys/rsakey.$priv_key_format --pwd secret" \
+ "$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format"
-execDSigTest "" "aleksey-xmldsig-01/x509data-sn-test" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/x509data-sn-test" \
"xpath2 sha1 rsa-sha1" \
+ "rsa x509" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --untrusted-$cert_format $topfolder/keys/ca2cert.$cert_format --untrusted-$cert_format $topfolder/keys/rsacert.$cert_format --enabled-key-data x509" \
- "$priv_key_option tests/keys/rsakey.$priv_key_format --pwd secret" \
+ "$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --untrusted-$cert_format $topfolder/keys/ca2cert.$cert_format --untrusted-$cert_format $topfolder/keys/rsacert.$cert_format --enabled-key-data x509"
##########################################################################
@@ -366,138 +364,216 @@ execDSigTest "" "aleksey-xmldsig-01/x509data-sn-test" \
# merlin-xmldsig-twenty-three
#
##########################################################################
-
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-enveloped-dsa" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-enveloped-dsa" \
"enveloped-signature sha1 dsa-sha1" \
+ "dsa" \
" " \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
- " "
-
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-enveloping-dsa" \
+ " "
+
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-enveloping-dsa" \
"sha1 dsa-sha1" \
+ "dsa" \
" " \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
- " "
-
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-enveloping-b64-dsa" \
+ " "
+
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-enveloping-b64-dsa" \
"base64 sha1 dsa-sha1" \
+ "dsa" \
" " \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
- " "
-
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40" \
+ " "
+
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40" \
"sha1 hmac-sha1" \
+ "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin"
-
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1" \
+
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1" \
"sha1 hmac-sha1" \
+ "hmac" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin" \
"--hmackey $topfolder/keys/hmackey.bin"
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-enveloping-rsa" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-enveloping-rsa" \
"sha1 rsa-sha1" \
+ "rsa" \
" " \
"$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
- " "
-
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-external-b64-dsa" \
+ " "
+
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-external-b64-dsa" \
"base64 sha1 dsa-sha1" \
+ "dsa" \
" " \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
- " "
-
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-external-dsa" \
+ " "
+
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-external-dsa" \
"sha1 dsa-sha1" \
- " " \
+ "dsa" \
+ "" \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
- " "
+ " "
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-keyname" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-keyname" \
"sha1 dsa-sha1" \
- "--pubkey-cert-$cert_format:Lugh $topfolder/merlin-xmldsig-twenty-three/certs/lugh-cert.$cert_format" \
+ "dsa x509" \
+ "" \
"$priv_key_option:test-dsa $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
"$priv_key_option:test-dsa $topfolder/keys/dsakey.$priv_key_format --pwd secret"
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-x509-crt" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-x509-crt" \
"sha1 dsa-sha1" \
- "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format" \
+ "dsa x509" \
+ "" \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret"\
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format"
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-x509-sn" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-x509-sn" \
"sha1 dsa-sha1" \
- "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format --untrusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/badb.$cert_format" \
+ "dsa x509" \
+ "" \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret"\
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format"
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-x509-is" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-x509-is" \
"sha1 dsa-sha1" \
- "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format --untrusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/macha.$cert_format" \
+ "dsa x509" \
+ "" \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret"\
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format"
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-x509-ski" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-x509-ski" \
"sha1 dsa-sha1" \
- "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format --untrusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/nemain.$cert_format" \
+ "dsa x509" \
+ "" \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret"\
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format"
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt" \
"sha1 dsa-sha1" \
- "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format --untrusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/nemain.$cert_format" \
+ "dsa x509" \
+ "" \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret"\
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --trusted-$cert_format $topfolder/keys/ca2cert.$cert_format"
-
-execDSigTest "" "merlin-xmldsig-twenty-three/signature" \
+
+execDSigTest $res_success \
+ "" \
+ "merlin-xmldsig-twenty-three/signature" \
"base64 xpath enveloped-signature c14n-with-comments sha1 dsa-sha1" \
- "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/merlin.$cert_format" \
+ "dsa x509" \
+ "" \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --untrusted-$cert_format $topfolder/keys/ca2cert.$cert_format"
+
##########################################################################
#
# merlin-xmlenc-five
#
+# While the main operation is signature (and this is why we have these
+# tests here instead of testEnc.sh), these tests check the encryption
+# key transport/wrapper algorightms
+#
##########################################################################
-
-execDSigTest "" "merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes" \
"ripemd160 hmac-ripemd160 kw-tripledes" \
- "--keys-file $topfolder/merlin-xmlenc-five/keys.xml" \
+ "hmac des" \
+ "" \
"--session-key hmac-192 --keys-file $topfolder/merlin-xmlenc-five/keys.xml" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
-execDSigTest "" "merlin-xmlenc-five/encsig-sha256-hmac-sha256-kw-aes128" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmlenc-five/encsig-sha256-hmac-sha256-kw-aes128" \
"sha256 hmac-sha256 kw-aes128" \
- "--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
+ "hmac aes" \
+ ""
-execDSigTest "" "merlin-xmlenc-five/encsig-sha384-hmac-sha384-kw-aes192" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmlenc-five/encsig-sha384-hmac-sha384-kw-aes192" \
"sha384 hmac-sha384 kw-aes192" \
- "--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
+ "hmac aes" \
+ ""
-execDSigTest "" "merlin-xmlenc-five/encsig-sha512-hmac-sha512-kw-aes256" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xmlenc-five/encsig-sha512-hmac-sha512-kw-aes256" \
"sha512 hmac-sha512 kw-aes256" \
- "--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
+ "hmac aes" \
+ ""
+
+execDSigTest $res_success \
+ "" \
+ "merlin-xmlenc-five/encsig-hmac-sha256-rsa-1_5" \
+ "sha1 hmac-sha256 rsa-1_5" \
+ "hmac rsa" \
+ ""
+
+execDSigTest $res_success \
+ "" \
+ "merlin-xmlenc-five/encsig-hmac-sha256-rsa-oaep-mgf1p" \
+ "sha1 hmac-sha256 rsa-oaep-mgf1p" \
+ "hmac rsa" \
+ ""
+
-#merlin-xmlenc-five/encsig-hmac-sha256-rsa-1_5.xml
-#merlin-xmlenc-five/encsig-hmac-sha256-rsa-oaep-mgf1p.xml
##########################################################################
#
# merlin-exc-c14n-one
#
##########################################################################
-
-execDSigTest "" "merlin-exc-c14n-one/exc-signature" \
+execDSigTest $res_success \
+ "" \
+ "merlin-exc-c14n-one/exc-signature" \
"exc-c14n sha1 dsa-sha1" \
+ "dsa" \
" " \
"$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
- " "
-
-execDSigTest "" "merlin-exc-c14n-one/exc-signature" \
+ " "
+
+execDSigTest $res_success \
+ "" \
+ "merlin-exc-c14n-one/exc-signature" \
"exc-c14n sha1 dsa-sha1" \
+ "dsa" \
" "
##########################################################################
@@ -505,125 +581,206 @@ execDSigTest "" "merlin-exc-c14n-one/exc-signature" \
# merlin-c14n-three
#
##########################################################################
-
-execDSigTest "" "merlin-c14n-three/signature" \
+
+execDSigTest $res_success \
+ "" \
+ "merlin-c14n-three/signature" \
"c14n c14n-with-comments exc-c14n exc-c14n-with-comments xpath sha1 dsa-sha1" \
+ "dsa" \
" "
-
+
##########################################################################
#
# merlin-xpath-filter2-three
#
##########################################################################
-execDSigTest "" "merlin-xpath-filter2-three/sign-xfdl" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xpath-filter2-three/sign-xfdl" \
"enveloped-signature xpath2 sha1 dsa-sha1" \
- ""
+ "dsa" \
+ " "
-execDSigTest "" "merlin-xpath-filter2-three/sign-spec" \
+execDSigTest $res_success \
+ "" \
+ "merlin-xpath-filter2-three/sign-spec" \
"enveloped-signature xpath2 sha1 dsa-sha1" \
- ""
+ "dsa" \
+ " "
##########################################################################
#
# phaos-xmldsig-three
#
##########################################################################
-execDSigTest "phaos-xmldsig-three" "signature-big" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-big" \
"base64 xslt xpath sha1 rsa-sha1" \
+ "rsa x509" \
"--pubkey-cert-$cert_format certs/rsa-cert.$cert_format"
-execDSigTest "phaos-xmldsig-three" "signature-dsa-detached" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-dsa-detached" \
"sha1 dsa-sha1" \
- "--trusted-$cert_format certs/dsa-ca-cert.$cert_format"
+ "dsa x509" \
+ "--trusted-$cert_format certs/dsa-ca-cert.$cert_format --verification-time 2009-01-01+10:00:00"
-execDSigTest "phaos-xmldsig-three" "signature-dsa-enveloped" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-dsa-enveloped" \
"enveloped-signature sha1 dsa-sha1" \
- "--trusted-$cert_format certs/dsa-ca-cert.$cert_format"
-
-execDSigTest "phaos-xmldsig-three" "signature-dsa-enveloping" \
+ "dsa x509" \
+ "--trusted-$cert_format certs/dsa-ca-cert.$cert_format --verification-time 2009-01-01+10:00:00"
+
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-dsa-enveloping" \
"sha1 dsa-sha1" \
- "--trusted-$cert_format certs/dsa-ca-cert.$cert_format"
+ "dsa x509" \
+ "--trusted-$cert_format certs/dsa-ca-cert.$cert_format --verification-time 2009-01-01+10:00:00"
-execDSigTest "phaos-xmldsig-three" "signature-dsa-manifest" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-dsa-manifest" \
"sha1 dsa-sha1" \
- "--trusted-$cert_format certs/dsa-ca-cert.$cert_format"
+ "dsa x509" \
+ "--trusted-$cert_format certs/dsa-ca-cert.$cert_format --verification-time 2009-01-01+10:00:00"
-execDSigTest "phaos-xmldsig-three" "signature-hmac-md5-c14n-enveloping" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-hmac-md5-c14n-enveloping" \
"md5 hmac-md5" \
+ "hmac" \
"--hmackey certs/hmackey.bin"
-
-execDSigTest "phaos-xmldsig-three" "signature-hmac-sha1-40-c14n-comments-detached" \
+
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-hmac-sha1-40-c14n-comments-detached" \
"c14n-with-comments sha1 hmac-sha1" \
+ "hmac" \
"--hmackey certs/hmackey.bin"
-
-execDSigTest "phaos-xmldsig-three" "signature-hmac-sha1-40-exclusive-c14n-comments-detached" \
+
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-hmac-sha1-40-exclusive-c14n-comments-detached" \
"exc-c14n-with-comments sha1 hmac-sha1" \
+ "hmac" \
"--hmackey certs/hmackey.bin"
-
-execDSigTest "phaos-xmldsig-three" "signature-hmac-sha1-exclusive-c14n-comments-detached" \
+
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-hmac-sha1-exclusive-c14n-comments-detached" \
"exc-c14n-with-comments sha1 hmac-sha1" \
+ "hmac" \
"--hmackey certs/hmackey.bin"
-
-execDSigTest "phaos-xmldsig-three" "signature-hmac-sha1-exclusive-c14n-enveloped" \
+
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-hmac-sha1-exclusive-c14n-enveloped" \
"enveloped-signature exc-c14n sha1 hmac-sha1" \
+ "hmac" \
"--hmackey certs/hmackey.bin"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-detached-b64-transform" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-rsa-detached-b64-transform" \
"base64 sha1 rsa-sha1" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
+ "rsa x509" \
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-detached" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-rsa-detached" \
"sha1 rsa-sha1" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
+ "rsa x509" \
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-detached-xpath-transform" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-rsa-detached-xpath-transform" \
"xpath sha1 rsa-sha1" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
+ "rsa x509" \
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-detached-xslt-transform-retrieval-method" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-rsa-detached-xslt-transform-retrieval-method" \
"xslt sha1 rsa-sha1" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
+ "rsa x509" \
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-detached-xslt-transform" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-rsa-detached-xslt-transform" \
"xslt sha1 rsa-sha1" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
+ "rsa x509" \
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-enveloped" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-rsa-enveloped" \
"enveloped-signature sha1 rsa-sha1" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
+ "rsa x509" \
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-enveloping" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-rsa-enveloping" \
"sha1 rsa-sha1" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
+ "rsa x509" \
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-manifest-x509-data-cert-chain" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-rsa-manifest-x509-data-cert-chain" \
"sha1 rsa-sha1" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
+ "rsa x509" \
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-manifest-x509-data-cert" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-rsa-manifest-x509-data-cert" \
"sha1 rsa-sha1" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
+ "rsa x509" \
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-manifest-x509-data-issuer-serial" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-rsa-manifest-x509-data-issuer-serial" \
"sha1 rsa-sha1" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format"
+ "rsa x509" \
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-manifest-x509-data-ski" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-rsa-manifest-x509-data-ski" \
"sha1 rsa-sha1" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format"
+ "rsa x509" \
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-manifest-x509-data-subject-name" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-rsa-manifest-x509-data-subject-name" \
"sha1 rsa-sha1" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format"
+ "rsa x509" \
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-manifest" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-rsa-manifest" \
"sha1 rsa-sha1" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
+ "rsa x509" \
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-xpath-transform-enveloped" \
+execDSigTest $res_success \
+ "phaos-xmldsig-three" \
+ "signature-rsa-xpath-transform-enveloped" \
"enveloped-signature xpath sha1 rsa-sha1" \
- "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
+ "rsa x509" \
+ "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
##########################################################################
@@ -631,58 +788,88 @@ execDSigTest "phaos-xmldsig-three" "signature-rsa-xpath-transform-enveloped" \
# test dynamic signature
#
##########################################################################
-
echo "Dynamic signature template"
printf " Create new signature "
echo "$xmlsec_app sign-tmpl $xmlsec_params --keys-file $keysfile --output $tmpfile" >> $logfile
$VALGRIND $xmlsec_app sign-tmpl $xmlsec_params --keys-file $keysfile --output $tmpfile >> $logfile 2>> $logfile
-printRes $?
+printRes $res_success $?
printf " Verify new signature "
echo "$xmlsec_app verify --keys-file $keysfile $tmpfile" >> $logfile
$VALGRIND $xmlsec_app verify $xmlsec_params --keys-file $keysfile $tmpfile >> $logfile 2>> $logfile
-printRes $?
+printRes $res_success $?
+##########################################################################
+##########################################################################
+##########################################################################
echo "--------- These tests CAN FAIL (extra OS config required) ----------"
-execDSigTest "" "aleksey-xmldsig-01/enveloped-gost" \
- "enveloped-signature gostr34102001-gostr3411 gostr3411" \
- "--trusted-$cert_format $topfolder/keys/gost2001ca.$cert_format --untrusted-$cert_format $topfolder/keys/ca2cert.$cert_format --enabled-key-data x509" \
+execDSigTest $res_success \
+ "" \
+ "aleksey-xmldsig-01/enveloped-gost" \
+ "enveloped-signature gostr3411" \
+ "gost2001" \
+ "--trusted-$cert_format $topfolder/keys/gost2001ca.$cert_format --untrusted-$cert_format $topfolder/keys/ca2cert.$cert_format --enabled-key-data x509 --verification-time 2007-01-01+10:00:00" \
"" \
""
-echo "--------- Negative Testing: next test MUST FAIL ----------"
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-x509-crt-crl" \
+##########################################################################
+##########################################################################
+##########################################################################
+echo "--------- Negative Testing ----------"
+execDSigTest $res_fail \
+ "" \
+ "merlin-xmldsig-twenty-three/signature-x509-crt-crl" \
"sha1 rsa-sha1" \
+ "rsa x509" \
"--X509-skip-strict-checks --trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format"
-execDSigTest "" "aleksey-xmldsig-01/enveloping-expired-cert" \
+execDSigTest $res_fail \
+ "" \
+ "aleksey-xmldsig-01/enveloping-expired-cert" \
"sha1 dsa-sha1" \
+ "dsa x509" \
"--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
-execDSigTest "" "aleksey-xmldsig-01/dtd-hmac-91" \
+execDSigTest $res_fail \
+ "" \
+ "aleksey-xmldsig-01/dtd-hmac-91" \
"sha1 hmac-sha1" \
+ "hmac" \
"--enabled-reference-uris empty --hmackey $topfolder/keys/hmackey.bin --dtd-file $topfolder/aleksey-xmldsig-01/dtd-hmac-91.dtd"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-detached-xslt-transform-bad-retrieval-method" \
+execDSigTest $res_fail \
+ "phaos-xmldsig-three" \
+ "signature-rsa-detached-xslt-transform-bad-retrieval-method" \
"xslt sha1 rsa-sha1" \
+ "rsa x509" \
"--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-enveloped-bad-digest-val" \
+execDSigTest $res_fail \
+ "phaos-xmldsig-three" \
+ "signature-rsa-enveloped-bad-digest-val" \
"enveloped-signature sha1 rsa-sha1" \
+ "rsa x509" \
"--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-enveloped-bad-sig" \
+execDSigTest $res_fail \
+ "phaos-xmldsig-three" \
+ "signature-rsa-enveloped-bad-sig" \
"enveloped-signature sha1 rsa-sha1" \
+ "rsa x509" \
"--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-execDSigTest "phaos-xmldsig-three" "signature-rsa-manifest-x509-data-crl" \
+execDSigTest $res_fail \
+ "phaos-xmldsig-three" \
+ "signature-rsa-manifest-x509-data-crl" \
"sha1 rsa-sha1" \
+ "rsa x509" \
"--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
-rm -rf $tmpfile
-
+##########################################################################
+##########################################################################
+##########################################################################
echo "--- testDSig finished" >> $logfile
echo "--- testDSig finished"
-echo "--- detailed log is written to $logfile"
+echo "--- detailed log is written to $logfile"
diff --git a/tests/testEnc.sh b/tests/testEnc.sh
index bf2de36a..54d1ca81 100755
--- a/tests/testEnc.sh
+++ b/tests/testEnc.sh
@@ -1,368 +1,353 @@
-#!/bin/sh
-
-OS_ARCH=`uname -o`
-
-crypto=$1
-topfolder=$2
-xmlsec_app=$3
-file_format=$4
-
-pub_key_format=$file_format
-cert_format=$file_format
-priv_key_option="--pkcs12"
-priv_key_format="p12"
-
-if [ "z$TMPFOLDER" = "z" ] ; then
- TMPFOLDER=/tmp
-fi
-
-timestamp=`date +%Y%m%d_%H%M%S`
-tmpfile=$TMPFOLDER/testEnc.$timestamp-$$.tmp
-logfile=$TMPFOLDER/testEnc.$timestamp-$$.log
-script="$0"
-
-# prepate crypto config folder
-crypto_config=$TMPFOLDER/xmlsec-crypto-config
-keysfile=$crypto_config/keys.xml
-
-valgrind_suppression="--suppressions=$topfolder/openssl.supp --suppressions=$topfolder/nss.supp"
-valgrind_options="--leak-check=yes --show-reachable=yes --num-callers=32 -v"
-
-
-if [ "z$crypto" != "z" -a "z$crypto" != "zdefault" ] ; then
- xmlsec_params="$xmlsec_params --crypto $crypto"
-fi
-xmlsec_params="$xmlsec_params --crypto-config $crypto_config"
-
-if [ -n "$DEBUG_MEMORY" ] ; then
- export VALGRIND="valgrind $valgrind_options"
- export REPEAT=3
- xmlsec_params="$xmlsec_params --repeat $REPEAT"
-fi
-
-if [ -n "$PERF_TEST" ] ; then
- export xmlsec_params="$xmlsec_params --repeat $PERF_TEST"
-fi
-
-printRes() {
- if [ $1 = 0 ]; then
- echo " OK"
- else
- echo " Fail"
- fi
- if [ -f .memdump ] ; then
- cat .memdump >> $logfile
- fi
-}
-
-execEncTest() {
- filename=$1
- req_transforms=$2
- params1=$3
- params2=$4
- params3=$5
-
- echo $filename
- echo $filename >> $logfile
- file=$topfolder/$filename
-
- if [ -n "$req_transforms" ] ; then
- printf " Checking required transforms "
- echo "$xmlsec_app check-transforms $req_transforms" >> $logfile
- $xmlsec_app check-transforms $req_transforms >> $logfile 2>> $logfile
- res=$?
- if [ $res = 0 ]; then
- echo " OK"
- else
- echo " Skip"
- return
- fi
- fi
-
- printf " Decrypt existing document "
- rm -f $tmpfile
-
- if [ "z$OS_ARCH" = "zCygwin" ] ; then
- diff_param=-uw
- else
- diff_param=-u
- fi
-
- echo "$xmlsec_app decrypt $xmlsec_params $params1 $file.xml" >> $logfile
- $VALGRIND $xmlsec_app decrypt $xmlsec_params $params1 $file.xml > $tmpfile 2>> $logfile
- if [ $? = 0 ]; then
- diff $diff_param $file.data $tmpfile >> $logfile 2>> $logfile
- printRes $?
- else
- echo " Error"
- fi
-
- if [ -n "$params2" -a -z "$PERF_TEST" ] ; then
- printf " Encrypt document "
- rm -f $tmpfile
- echo "$xmlsec_app encrypt $xmlsec_params $params2 --output $tmpfile $file.tmpl" >> $logfile
- $VALGRIND $xmlsec_app encrypt $xmlsec_params $params2 --output $tmpfile $file.tmpl >> $logfile 2>> $logfile
- printRes $?
-
- if [ -n "$params4" ] ; then
- if [ -z "$VALGRIND" ] ; then
- printf " Decrypt new document "
- echo "$xmlsec_app decrypt $xmlsec_params $params4 --output $tmpfile.2 $tmpfile" >> $logfile
- $VALGRIND $xmlsec_app decrypt $xmlsec_params $params4 --output $tmpfile.2 $tmpfile >> $logfile 2>> $logfile
- if [ $? = 0 ]; then
- diff $diff_param $file.data $tmpfile.2 >> $logfile 2>> $logfile
- printRes $?
- else
- echo " Error"
- fi
- fi
- fi
- fi
- rm -f $tmpfile $tmpfile.2
-}
-
+#!/bin/sh
+#
+# This script needs to be called from testrun.sh script
+#
+
+##########################################################################
+##########################################################################
+##########################################################################
echo "--- testEnc started for xmlsec-$crypto library ($timestamp)"
echo "--- LD_LIBRARY_PATH=$LD_LIBRARY_PATH"
echo "--- log file is $logfile"
echo "--- testEnc started for xmlsec-$crypto library ($timestamp)" >> $logfile
echo "--- LD_LIBRARY_PATH=$LD_LIBRARY_PATH" >> $logfile
+##########################################################################
+##########################################################################
+##########################################################################
+echo "--------- Positive Testing ----------"
+
+##########################################################################
+#
+# aleksey-xmlenc-01
+#
+##########################################################################
-execEncTest "aleksey-xmlenc-01/enc-des3cbc-keyname" \
+execEncTest $res_success \
+ "" \
+ "aleksey-xmlenc-01/enc-des3cbc-keyname" \
"tripledes-cbc" \
"--keys-file $topfolder/keys/keys.xml" \
"--keys-file $keysfile --binary-data $topfolder/aleksey-xmlenc-01/enc-des3cbc-keyname.data" \
"--keys-file $keysfile"
-execEncTest "aleksey-xmlenc-01/enc-des3cbc-keyname2" \
+execEncTest $res_success \
+ "" \
+ "aleksey-xmlenc-01/enc-des3cbc-keyname2" \
"tripledes-cbc" \
"--keys-file $topfolder/keys/keys.xml" \
"--keys-file $keysfile --binary-data $topfolder/aleksey-xmlenc-01/enc-des3cbc-keyname2.data" \
"--keys-file $keysfile"
-execEncTest "aleksey-xmlenc-01/enc-aes128cbc-keyname" \
+execEncTest $res_success \
+ "" \
+ "aleksey-xmlenc-01/enc-aes128cbc-keyname" \
"aes128-cbc" \
"--keys-file $topfolder/keys/keys.xml" \
"--keys-file $keysfile --binary-data $topfolder/aleksey-xmlenc-01/enc-aes128cbc-keyname.data" \
"--keys-file $keysfile"
-execEncTest "aleksey-xmlenc-01/enc-aes192cbc-keyname" \
+execEncTest $res_success \
+ "" \
+ "aleksey-xmlenc-01/enc-aes192cbc-keyname" \
"aes192-cbc" \
"--keys-file $topfolder/keys/keys.xml" \
"--keys-file $keysfile --binary-data $topfolder/aleksey-xmlenc-01/enc-aes192cbc-keyname.data" \
"--keys-file $keysfile"
-execEncTest "aleksey-xmlenc-01/enc-aes192cbc-keyname-ref" \
+execEncTest $res_success \
+ "" \
+ "aleksey-xmlenc-01/enc-aes192cbc-keyname-ref" \
"aes192-cbc" \
"--keys-file $topfolder/keys/keys.xml"
-execEncTest "aleksey-xmlenc-01/enc-aes256cbc-keyname" \
+execEncTest $res_success \
+ "" \
+ "aleksey-xmlenc-01/enc-aes256cbc-keyname" \
"aes256-cbc" \
"--keys-file $topfolder/keys/keys.xml" \
"--keys-file $keysfile --binary-data $topfolder/aleksey-xmlenc-01/enc-aes256cbc-keyname.data" \
"--keys-file $keysfile"
-execEncTest "aleksey-xmlenc-01/enc-des3cbc-keyname-content" \
+execEncTest $res_success \
+ "" \
+ "aleksey-xmlenc-01/enc-des3cbc-keyname-content" \
"tripledes-cbc" \
"--keys-file $topfolder/keys/keys.xml" \
"--keys-file $keysfile --xml-data $topfolder/aleksey-xmlenc-01/enc-des3cbc-keyname-content.data --node-id Test" \
"--keys-file $keysfile"
-execEncTest "aleksey-xmlenc-01/enc-des3cbc-keyname-element" \
+execEncTest $res_success \
+ "" \
+ "aleksey-xmlenc-01/enc-des3cbc-keyname-element" \
"tripledes-cbc" \
"--keys-file $topfolder/keys/keys.xml" \
"--keys-file $keysfile --xml-data $topfolder/aleksey-xmlenc-01/enc-des3cbc-keyname-element.data --node-id Test" \
"--keys-file $keysfile"
-execEncTest "aleksey-xmlenc-01/enc-des3cbc-keyname-element-root" \
+execEncTest $res_success \
+ "" \
+ "aleksey-xmlenc-01/enc-des3cbc-keyname-element-root" \
"tripledes-cbc" \
"--keys-file $topfolder/keys/keys.xml" \
"--keys-file $keysfile --xml-data $topfolder/aleksey-xmlenc-01/enc-des3cbc-keyname-element-root.data --node-id Test" \
"--keys-file $keysfile"
-execEncTest "aleksey-xmlenc-01/enc-des3cbc-aes192-keyname" \
+execEncTest $res_success \
+ "" \
+ "aleksey-xmlenc-01/enc-des3cbc-aes192-keyname" \
"tripledes-cbc kw-aes192" \
"--keys-file $topfolder/keys/keys.xml --enabled-key-data key-name,enc-key" \
"--keys-file $keysfile --session-key des-192 --binary-data $topfolder/aleksey-xmlenc-01/enc-des3cbc-aes192-keyname.data" \
"--keys-file $keysfile"
-# Merlin's tests
-execEncTest "merlin-xmlenc-five/encrypt-data-aes128-cbc" \
+##########################################################################
+#
+# merlin-xmlenc-five
+#
+##########################################################################
+
+execEncTest $res_success \
+ "" \
+ "merlin-xmlenc-five/encrypt-data-aes128-cbc" \
"aes128-cbc" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml --binary-data $topfolder/merlin-xmlenc-five/encrypt-data-aes128-cbc.data" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
-execEncTest "merlin-xmlenc-five/encrypt-content-tripledes-cbc" \
+execEncTest $res_success \
+ "" \
+ "merlin-xmlenc-five/encrypt-content-tripledes-cbc" \
"tripledes-cbc" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml --enabled-key-data key-name --xml-data $topfolder/merlin-xmlenc-five/encrypt-content-tripledes-cbc.data --node-id Payment" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
-execEncTest "merlin-xmlenc-five/encrypt-content-aes256-cbc-prop" \
+execEncTest $res_success \
+ "" \
+ "merlin-xmlenc-five/encrypt-content-aes256-cbc-prop" \
"aes256-cbc" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml --enabled-key-data key-name --xml-data $topfolder/merlin-xmlenc-five/encrypt-content-aes256-cbc-prop.data --node-id Payment" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
-execEncTest "merlin-xmlenc-five/encrypt-element-aes192-cbc-ref" \
+execEncTest $res_success \
+ "" \
+ "merlin-xmlenc-five/encrypt-element-aes192-cbc-ref" \
"aes192-cbc" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
-execEncTest "merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5" \
+execEncTest $res_success \
+ "" \
+ "merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5" \
"aes128-cbc rsa-1_5" \
"$priv_key_option $topfolder/merlin-xmlenc-five/rsapriv.$priv_key_format --pwd secret" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml --session-key aes-128 $priv_key_option $topfolder/merlin-xmlenc-five/rsapriv.$priv_key_format --xml-data $topfolder/merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5.data --node-id Purchase --pwd secret" \
"$priv_key_option $topfolder/merlin-xmlenc-five/rsapriv.$priv_key_format --pwd secret"
-execEncTest "merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p" \
+execEncTest $res_success \
+ "" \
+ "merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p" \
"tripledes-cbc rsa-oaep-mgf1p" \
"$priv_key_option $topfolder/merlin-xmlenc-five/rsapriv.$priv_key_format --pwd secret" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml --session-key des-192 $priv_key_option $topfolder/merlin-xmlenc-five/rsapriv.$priv_key_format --binary-data $topfolder/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p.data --pwd secret" \
"$priv_key_option $topfolder/merlin-xmlenc-five/rsapriv.$priv_key_format --pwd secret"
-execEncTest "merlin-xmlenc-five/encrypt-data-aes256-cbc-kw-tripledes" \
+execEncTest $res_success \
+ "" \
+ "merlin-xmlenc-five/encrypt-data-aes256-cbc-kw-tripledes" \
"aes256-cbc kw-tripledes" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml --session-key aes-256 --binary-data $topfolder/merlin-xmlenc-five/encrypt-data-aes256-cbc-kw-tripledes.data" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
-execEncTest "merlin-xmlenc-five/encrypt-content-aes128-cbc-kw-aes192" \
+execEncTest $res_success \
+ "" \
+ "merlin-xmlenc-five/encrypt-content-aes128-cbc-kw-aes192" \
"aes128-cbc kw-aes192" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml --session-key aes-128 --node-name urn:example:po:PaymentInfo --xml-data $topfolder/merlin-xmlenc-five/encrypt-content-aes128-cbc-kw-aes192.data" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
-execEncTest "merlin-xmlenc-five/encrypt-data-aes192-cbc-kw-aes256" \
+execEncTest $res_success \
+ "" \
+ "merlin-xmlenc-five/encrypt-data-aes192-cbc-kw-aes256" \
"aes192-cbc kw-aes256" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml --session-key aes-192 --binary-data $topfolder/merlin-xmlenc-five/encrypt-data-aes192-cbc-kw-aes256.data" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
-execEncTest "merlin-xmlenc-five/encrypt-element-tripledes-cbc-kw-aes128" \
+execEncTest $res_success \
+ "" \
+ "merlin-xmlenc-five/encrypt-element-tripledes-cbc-kw-aes128" \
"tripledes-cbc kw-aes128" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml --session-key des-192 --node-name urn:example:po:PaymentInfo --xml-data $topfolder/merlin-xmlenc-five/encrypt-element-tripledes-cbc-kw-aes128.data" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
-
-execEncTest "merlin-xmlenc-five/encrypt-element-aes256-cbc-retrieved-kw-aes256" \
+
+execEncTest $res_success \
+ "" \
+ "merlin-xmlenc-five/encrypt-element-aes256-cbc-retrieved-kw-aes256" \
"aes256-cbc kw-aes256" \
"--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
+#merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p-sha256.xml
+
#merlin-xmlenc-five/encrypt-element-aes256-cbc-carried-kw-aes256.xml
#merlin-xmlenc-five/decryption-transform-except.xml
#merlin-xmlenc-five/decryption-transform.xml
#merlin-xmlenc-five/encrypt-element-aes256-cbc-kw-aes256-dh-ripemd160.xml
#merlin-xmlenc-five/encrypt-content-aes192-cbc-dh-sha512.xml
-#merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p-sha256.xml
#merlin-xmlenc-five/encsig-hmac-sha256-dh.xml
#merlin-xmlenc-five/encsig-hmac-sha256-kw-tripledes-dh.xml
-execEncTest "01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5" \
+##########################################################################
+#
+# 01-phaos-xmlenc-3
+#
+##########################################################################
+
+execEncTest $res_success \
+ "" \
+ "01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5" \
"tripledes-cbc rsa-1_5" \
"$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret" \
"--session-key des-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5.data --node-name http://example.org/paymentv2:CreditCard" \
"$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret"
-execEncTest "01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1" \
+execEncTest $res_success \
+ "" \
+ "01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1" \
"tripledes-cbc rsa-oaep-mgf1p" \
"$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret" \
"--session-key des-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1.data --node-name http://example.org/paymentv2:CreditCard" \
"$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret"
-execEncTest "01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5" \
+execEncTest $res_success \
+ "" \
+ "01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5" \
"aes128-cbc rsa-1_5" \
"$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret" \
"--session-key aes-128 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5.data --node-name http://example.org/paymentv2:CreditCard" \
"$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret"
-execEncTest "01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1" \
+execEncTest $res_success \
+ "" \
+ "01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1" \
"aes128-cbc rsa-oaep-mgf1p" \
"$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret" \
"--session-key aes-128 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1.data --node-name http://example.org/paymentv2:CreditCard" \
"$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret"
-execEncTest "01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1" \
+execEncTest $res_success \
+ "" \
+ "01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1" \
"aes192-cbc rsa-oaep-mgf1p" \
"$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret" \
"--session-key aes-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1.data --node-name http://example.org/paymentv2:CreditCard" \
"$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret"
-execEncTest "01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5" \
+execEncTest $res_success \
+ "" \
+ "01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5" \
"aes192-cbc rsa-1_5" \
"$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret" \
"--session-key aes-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5.data --node-name http://example.org/paymentv2:CreditCard" \
"$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret"
-execEncTest "01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5" \
+execEncTest $res_success \
+ "" \
+ "01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5" \
"aes256-cbc rsa-1_5" \
"$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret" \
"--session-key aes-256 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5.data --node-name http://example.org/paymentv2:CreditCard" \
"$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret"
-execEncTest "01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1" \
+execEncTest $res_success \
+ "" \
+ "01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1" \
"aes256-cbc rsa-oaep-mgf1p" \
"$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret" \
"--session-key aes-256 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1.data --node-name http://example.org/paymentv2:CreditCard" \
"$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret"
-execEncTest "01-phaos-xmlenc-3/enc-element-3des-kw-3des" \
+execEncTest $res_success \
+ "" \
+ "01-phaos-xmlenc-3/enc-element-3des-kw-3des" \
"tripledes-cbc kw-tripledes" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
"--session-key des-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-3des-kw-3des.data --node-name http://example.org/paymentv2:CreditCard" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
-execEncTest "01-phaos-xmlenc-3/enc-content-aes128-kw-3des" \
+execEncTest $res_success \
+ "" \
+ "01-phaos-xmlenc-3/enc-content-aes128-kw-3des" \
"aes128-cbc kw-tripledes" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
"--session-key aes-128 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-content-aes128-kw-3des.data --node-name http://example.org/paymentv2:CreditCard" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
-execEncTest "01-phaos-xmlenc-3/enc-element-aes128-kw-aes128" \
+execEncTest $res_success \
+ "" \
+ "01-phaos-xmlenc-3/enc-element-aes128-kw-aes128" \
"aes128-cbc kw-aes128" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
"--session-key aes-128 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes128-kw-aes128.data --node-name http://example.org/paymentv2:CreditCard" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
-execEncTest "01-phaos-xmlenc-3/enc-element-aes128-kw-aes256" \
+execEncTest $res_success \
+ "" \
+ "01-phaos-xmlenc-3/enc-element-aes128-kw-aes256" \
"aes128-cbc kw-aes256" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
"--session-key aes-128 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes128-kw-aes256.data --node-name http://example.org/paymentv2:CreditCard" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
-execEncTest "01-phaos-xmlenc-3/enc-content-3des-kw-aes192" \
+execEncTest $res_success \
+ "" \
+ "01-phaos-xmlenc-3/enc-content-3des-kw-aes192" \
"tripledes-cbc kw-aes192" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
"--session-key des-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-content-3des-kw-aes192.data --node-name http://example.org/paymentv2:CreditCard" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
-execEncTest "01-phaos-xmlenc-3/enc-content-aes192-kw-aes256" \
+execEncTest $res_success \
+ "" \
+ "01-phaos-xmlenc-3/enc-content-aes192-kw-aes256" \
"aes192-cbc kw-aes256" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
"--session-key aes-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-content-aes192-kw-aes256.data --node-name http://example.org/paymentv2:CreditCard" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
-execEncTest "01-phaos-xmlenc-3/enc-element-aes192-kw-aes192" \
+execEncTest $res_success \
+ "" \
+ "01-phaos-xmlenc-3/enc-element-aes192-kw-aes192" \
"aes192-cbc kw-aes192" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
"--session-key aes-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes192-kw-aes192.data --node-name http://example.org/paymentv2:CreditCard" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
-execEncTest "01-phaos-xmlenc-3/enc-element-aes256-kw-aes256" \
+execEncTest $res_success \
+ "" \
+ "01-phaos-xmlenc-3/enc-element-aes256-kw-aes256" \
"aes256-cbc kw-aes256" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
"--session-key aes-256 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes256-kw-aes256.data --node-name http://example.org/paymentv2:CreditCard" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
-execEncTest "01-phaos-xmlenc-3/enc-text-3des-kw-aes256" \
+execEncTest $res_success \
+ "" \
+ "01-phaos-xmlenc-3/enc-text-3des-kw-aes256" \
"tripledes-cbc kw-aes256" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
"--session-key des-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-text-3des-kw-aes256.data --node-name http://example.org/paymentv2:CreditCard" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
-execEncTest "01-phaos-xmlenc-3/enc-text-aes128-kw-aes192" \
+execEncTest $res_success \
+ "" \
+ "01-phaos-xmlenc-3/enc-text-aes128-kw-aes192" \
"aes128-cbc kw-aes192" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
"--session-key aes-128 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-text-aes128-kw-aes192.data --node-name http://example.org/paymentv2:CreditCard" \
@@ -376,38 +361,51 @@ execEncTest "01-phaos-xmlenc-3/enc-text-aes128-kw-aes192" \
#01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha256.xml
#01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha512.xml
-# test dynamic encryption
+##########################################################################
+#
+# test dynamicencryption
+#
+##########################################################################
echo "Dynamic encryption template"
printf " Encrypt template "
echo "$xmlsec_app encrypt-tmpl $xmlsec_params --keys-file $keysfile --output $tmpfile" >> $logfile
$VALGRIND $xmlsec_app encrypt-tmpl $xmlsec_params --keys-file $keysfile --output $tmpfile >> $logfile 2>> $logfile
-printRes $?
+printRes $res_success $?
printf " Decrypt document "
echo "$xmlsec_app decrypt $xmlsec_params $keysfile $tmpfile" >> $logfile
$VALGRIND $xmlsec_app decrypt $xmlsec_params --keys-file $keysfile $tmpfile >> $logfile 2>> $logfile
-printRes $?
-
+printRes $res_success $?
+##########################################################################
+##########################################################################
+##########################################################################
echo "--------- Negative Testing: Following tests MUST FAIL ----------"
echo "--- detailed log is written to $logfile"
-execEncTest "01-phaos-xmlenc-3/bad-alg-enc-element-aes128-kw-3des" \
+execEncTest $res_fail \
+ "" \
+ "01-phaos-xmlenc-3/bad-alg-enc-element-aes128-kw-3des" \
"" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
-execEncTest "aleksey-xmlenc-01/enc-aes192cbc-keyname-ref" \
+execEncTest $res_fail \
+ "" \
+ "aleksey-xmlenc-01/enc-aes192cbc-keyname-ref" \
"" \
"--keys-file $topfolder/keys/keys.xml --enabled-cipher-reference-uris empty"
-execEncTest "01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5" \
+execEncTest $res_fail \
+ "" \
+ "01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5" \
"" \
"--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-retrieval-method-uris empty"
-
+
rm -rf $tmpfile
+##########################################################################
+##########################################################################
+##########################################################################
echo "--- testEnc finished" >> $logfile
echo "--- testEnc finished"
-echo "--- detailed log is written to $logfile"
-
-#more $logfile
+echo "--- detailed log is written to $logfile"
diff --git a/tests/testKeys.sh b/tests/testKeys.sh
index 385caf37..1bf7dc23 100755
--- a/tests/testKeys.sh
+++ b/tests/testKeys.sh
@@ -1,133 +1,69 @@
#!/bin/sh
+#
+# This script needs to be called from testrun.sh script
+#
-crypto=$1
-topfolder=$2
-xmlsec_app=$3
-file_format=$4
-
-pub_key_format=$file_format
-cert_format=$file_format
-priv_key_option="--pkcs12"
-priv_key_format="p12"
-
-if [ "z$TMPFOLDER" = "z" ] ; then
- TMPFOLDER=/tmp
-fi
-
-timestamp=`date +%Y%m%d_%H%M%S`
-tmpfile=$TMPFOLDER/testKeys.$timestamp-$$.tmp
-logfile=$TMPFOLDER/testKeys.$timestamp-$$.log
-script="$0"
-nssdbfolder=$topfolder/nssdb
-
-# prepate crypto config folder
-crypto_config=$TMPFOLDER/xmlsec-crypto-config
-keysfile=$crypto_config/keys.xml
-mkdir -p $crypto_config
-rm -rf $crypto_config/*
-
-valgrind_suppression="--suppressions=$topfolder/openssl.supp --suppressions=$topfolder/nss.supp"
-valgrind_options="--leak-check=yes --show-reachable=yes --num-callers=32 -v"
-
-
-if [ "z$crypto" != "z" -a "z$crypto" != "zdefault" ] ; then
- xmlsec_params="$xmlsec_params --crypto $crypto"
-fi
-xmlsec_params="$xmlsec_params --crypto-config $crypto_config"
-
-if [ -n "$DEBUG_MEMORY" ] ; then
- export VALGRIND="valgrind $valgrind_options"
- export REPEAT=3
- xmlsec_params="$xmlsec_params --repeat $REPEAT"
-fi
-
-if [ -n "$PERF_TEST" ] ; then
- export xmlsec_params="$xmlsec_params --repeat $PERF_TEST"
-fi
-
-printRes() {
- if [ $1 = 0 ]; then
- echo " OK"
- else
- echo " Fail"
- fi
- if [ -f .memdump ] ; then
- cat .memdump >> $logfile
- fi
-}
-
-execKeysTest() {
- req_key_data=$1
- key_name=$2
- alg_name=$3
-
- if [ -n "$req_key_data" ] ; then
- printf " Checking $req_key_data key data presense "
- echo "$xmlsec_app check-key-data $req_key_data" >> $logfile
- $xmlsec_app check-key-data $req_key_data >> $logfile 2>> $logfile
- res=$?
- if [ $res = 0 ]; then
- echo " OK"
- else
- echo " Skip"
- return
- fi
- fi
-
- printf " Creating new key: $alg_name "
-
- params="--gen-key:$key_name $alg_name"
- if [ -f $keysfile ] ; then
- params="$params --keys-file $keysfile"
- fi
-
- echo "$xmlsec_app keys $params $xmlsec_params $keysfile" >> $logfile
- $VALGRIND $xmlsec_app keys $params $xmlsec_params $keysfile >> $logfile 2>> $logfile
- printRes $?
-}
-
+##########################################################################
+##########################################################################
+##########################################################################
echo "--- testKeys started for xmlsec-$crypto library ($timestamp) ---"
echo "--- LD_LIBRARY_PATH=$LD_LIBRARY_PATH"
echo "--- log file is $logfile"
echo "--- testKeys started for xmlsec-$crypto library ($timestamp) ---" >> $logfile
echo "--- LD_LIBRARY_PATH=$LD_LIBRARY_PATH" >> $logfile
+# cleanup crypto config folder
+mkdir -p $crypto_config
+rm -rf $crypto_config/*
+
# remove old keys file and copy NSS DB files if needed
rm -rf $keysfile
if [ "z$crypto" = "znss" ] ; then
cp -f $nssdbfolder/*.db $crypto_config
fi
-execKeysTest \
- "hmac" \
- "test-hmac-sha1" \
- "hmac-192"
-execKeysTest \
- "rsa " \
- "test-rsa " \
- "rsa-1024"
-execKeysTest \
- "dsa " \
- "test-dsa " \
- "dsa-1024"
-execKeysTest \
- "des " \
- "test-des " \
- "des-192 "
-execKeysTest \
- "aes " \
- "test-aes128 " \
- "aes-128 "
-execKeysTest \
- "aes " \
- "test-aes192 " \
- "aes-192 "
-execKeysTest \
- "aes " \
- "test-aes256 " \
- "aes-256 "
-
+##########################################################################
+##########################################################################
+##########################################################################
+echo "--------- Positive Testing ----------"
+execKeysTest $res_success \
+ "hmac" \
+ "test-hmac-sha1" \
+ "hmac-192"
+
+execKeysTest $res_success \
+ "rsa " \
+ "test-rsa " \
+ "rsa-1024"
+
+execKeysTest $res_success \
+ "dsa " \
+ "test-dsa " \
+ "dsa-1024"
+
+execKeysTest $res_success \
+ "des " \
+ "test-des " \
+ "des-192 "
+
+execKeysTest $res_success \
+ "aes " \
+ "test-aes128 " \
+ "aes-128 "
+
+execKeysTest $res_success \
+ "aes " \
+ "test-aes192 " \
+ "aes-192 "
+
+execKeysTest $res_success \
+ "aes " \
+ "test-aes256 " \
+ "aes-256 "
+
+##########################################################################
+##########################################################################
+##########################################################################
echo "--- testKeys finished ---" >> $logfile
echo "--- testKeys finished ---"
-echo "--- detailed log is written to $logfile ---"
-
+echo "--- detailed log is written to $logfile ---"
diff --git a/tests/testXKMS.sh b/tests/testXKMS.sh
index 6c46c814..be972dd1 100755
--- a/tests/testXKMS.sh
+++ b/tests/testXKMS.sh
@@ -1,149 +1,128 @@
#!/bin/sh
+#
+# This script needs to be called from testrun.sh script
+#
-crypto=$1
-topfolder=$2
-xmlsec_app=$3
-file_format=$4
-
-pub_key_format=$file_format
-cert_format=$file_format
-priv_key_option="--pkcs12"
-priv_key_format="p12"
-
-if [ "z$TMPFOLDER" = "z" ] ; then
- TMPFOLDER=/tmp
-fi
-
-timestamp=`date +%Y%m%d_%H%M%S`
-tmpfile=$TMPFOLDER/testXKMS.$timestamp-$$.tmp
-tmpfile2=$TMPFOLDER/testXKMS.$timestamp-$$-2.tmp
-tmpfile3=$TMPFOLDER/testXKMS.$timestamp-$$-3.tmp
-logfile=$TMPFOLDER/testXKMS.$timestamp-$$.log
-script="$0"
-
-# prepate crypto config folder
-crypto_config=$TMPFOLDER/xmlsec-crypto-config
-keysfile=$crypto_config/keys.xml
-
-valgrind_suppression="--suppressions=$topfolder/openssl.supp --suppressions=$topfolder/nss.supp"
-valgrind_options="--leak-check=yes --show-reachable=yes --num-callers=32 -v"
-
-if [ "z$crypto" != "z" -a "z$crypto" != "zdefault" ] ; then
- xmlsec_params="$xmlsec_params --crypto $crypto"
-fi
-xmlsec_params="$xmlsec_params --crypto-config $crypto_config"
-
-if [ -n "$DEBUG_MEMORY" ] ; then
- export VALGRIND="valgrind $valgrind_options"
- export REPEAT=3
- xmlsec_params="$xmlsec_params --repeat $REPEAT"
-fi
-
-if [ -n "$PERF_TEST" ] ; then
- xmlsec_params="$xmlsec_params --repeat $PERF_TEST"
-fi
-
-# debug
-# xmlsec_params="$xmlsec_params --xkms-stop-on-unknown-response-mechanism --xkms-stop-on-unknown-respond-with --xkms-stop-on-unknown-key-usage"
-
-
-printRes() {
- if [ $1 = 0 ]; then
- echo " OK"
- else
- echo " Fail"
- fi
- if [ -f .memdump ] ; then
- cat .memdump >> $logfile
- fi
-}
-
-execXkmsServerRequestTest() {
- src_file=$topfolder/$1.xml
- res_file=$topfolder/$1-$2.xml
- echo "$1 ($2)"
-
- rm -f $tmpfile $tmpfile2 $tmpfile3
-
- printf " Processing xkms request "
- echo "$xmlsec_app --xkms-server-request --output $tmpfile $xmlsec_params $3 $src_file" >> $logfile
- $VALGRIND $xmlsec_app --xkms-server-request --output $tmpfile $xmlsec_params $3 $src_file >> $logfile 2>> $logfile
- if [ $? = 0 ]; then
- # cleanup Id attribute because it is generated every time
- sed 's/ Id="[^\"]*"/ Id=""/g' $res_file > $tmpfile2
- sed 's/ Id="[^\"]*"/ Id=""/g' $tmpfile > $tmpfile3
- diff $tmpfile2 $tmpfile3 >> $logfile 2>> $logfile
- printRes $?
- else
- echo " Error"
- fi
-}
-
+##########################################################################
+##########################################################################
+##########################################################################
echo "--- testXKMS started for xmlsec-$crypto library ($timestamp)"
echo "--- LD_LIBRARY_PATH=$LD_LIBRARY_PATH"
echo "--- log file is $logfile"
echo "--- testXKMS started for xmlsec-$crypto library ($timestamp)" >> $logfile
echo "--- LD_LIBRARY_PATH=$LD_LIBRARY_PATH" >> $logfile
-execXkmsServerRequestTest \
- "aleksey-xkms-01/locate-example-1" "no-match" \
+##########################################################################
+##########################################################################
+##########################################################################
+echo "--------- Positive Testing ----------"
+
+execXkmsServerRequestTest $res_success \
+ "" \
+ "aleksey-xkms-01/locate-example-1" \
+ "" \
+ "no-match" \
"--xkms-service http://www.example.com/xkms"
-execXkmsServerRequestTest \
- "aleksey-xkms-01/locate-example-1" "bad-service" \
+execXkmsServerRequestTest $res_success \
+ "" \
+ "aleksey-xkms-01/locate-example-1" \
+ "" \
+ "bad-service" \
"--xkms-service http://www.example.com/xkms-bad-service"
-execXkmsServerRequestTest \
- "aleksey-xkms-01/locate-example-2" "no-match" \
+execXkmsServerRequestTest $res_success \
+ "" \
+ "aleksey-xkms-01/locate-example-2" \
+ "" \
+ "no-match" \
"--xkms-service http://www.example.com/xkms"
-execXkmsServerRequestTest \
- "aleksey-xkms-01/validate-example-1" "no-match" \
+execXkmsServerRequestTest $res_success \
+ "" \
+ "aleksey-xkms-01/validate-example-1" \
+ "" \
+ "no-match" \
"--xkms-service http://www.example.com/xkms"
-execXkmsServerRequestTest \
- "aleksey-xkms-01/locate-opaque-client-data" "no-match" \
+execXkmsServerRequestTest $res_success \
+ "" \
+ "aleksey-xkms-01/locate-opaque-client-data" \
+ "" \
+ "no-match" \
"--xkms-service http://www.example.com/xkms"
-execXkmsServerRequestTest \
- "aleksey-xkms-01/compound-example-1" "no-match" \
+execXkmsServerRequestTest $res_success \
+ "" \
+ "aleksey-xkms-01/compound-example-1" \
+ "" \
+ "no-match" \
"--xkms-service http://www.example.com/xkms"
-execXkmsServerRequestTest \
- "aleksey-xkms-01/status-request" "success" \
+execXkmsServerRequestTest $res_success \
+ "" \
+ "aleksey-xkms-01/status-request" \
+ "" \
+ "success" \
"--xkms-service http://www.example.com/xkms"
-execXkmsServerRequestTest \
- "aleksey-xkms-01/bad-request-name" "not-supported" \
+execXkmsServerRequestTest $res_success \
+ "" \
+ "aleksey-xkms-01/bad-request-name" \
+ "" \
+ "not-supported" \
"--xkms-service http://www.example.com/xkms"
-execXkmsServerRequestTest \
- "aleksey-xkms-01/soap12-locate-example-1" "no-match" \
+execXkmsServerRequestTest $res_success \
+ "" \
+ "aleksey-xkms-01/soap12-locate-example-1" \
+ "" \
+ "no-match" \
"--xkms-service http://www.example.com/xkms --xkms-format soap-1.2"
-execXkmsServerRequestTest \
- "aleksey-xkms-01/soap11-locate-example-1" "unsupported" \
+execXkmsServerRequestTest $res_success \
+ "" \
+ "aleksey-xkms-01/soap11-locate-example-1" \
+ "" \
+ "unsupported" \
"--xkms-service http://www.example.com/xkms --xkms-format soap-1.2"
-execXkmsServerRequestTest \
- "aleksey-xkms-01/soap12-bad-request-name" "msg-invalid" \
+execXkmsServerRequestTest $res_success \
+ "" \
+ "aleksey-xkms-01/soap12-bad-request-name" \
+ "" \
+ "msg-invalid" \
"--xkms-service http://www.example.com/xkms --xkms-format soap-1.2"
-execXkmsServerRequestTest \
- "aleksey-xkms-01/soap11-locate-example-1" "no-match" \
+execXkmsServerRequestTest $res_success \
+ "" \
+ "aleksey-xkms-01/soap11-locate-example-1" \
+ "" \
+ "no-match" \
"--xkms-service http://www.example.com/xkms --xkms-format soap-1.1"
-execXkmsServerRequestTest \
- "aleksey-xkms-01/soap12-locate-example-1" "unsupported" \
+execXkmsServerRequestTest $res_success \
+ "" \
+ "aleksey-xkms-01/soap12-locate-example-1" \
+ "" \
+ "unsupported" \
"--xkms-service http://www.example.com/xkms --xkms-format soap-1.1"
-execXkmsServerRequestTest \
- "aleksey-xkms-01/soap11-bad-request-name" "msg-invalid" \
+execXkmsServerRequestTest $res_success \
+ "" \
+ "aleksey-xkms-01/soap11-bad-request-name" \
+ "" \
+ "msg-invalid" \
"--xkms-service http://www.example.com/xkms --xkms-format soap-1.1"
+##########################################################################
+##########################################################################
+##########################################################################
+echo "--------- Negative Testing ----------"
-rm -f $tmpfile $tmpfile2 $tmpfile3
-
+##########################################################################
+##########################################################################
+##########################################################################
echo "--- testXKMS finished" >> $logfile
echo "--- testXKMS finished"
echo "--- detailed log is written to $logfile"
diff --git a/tests/testrun.sh b/tests/testrun.sh
new file mode 100755
index 00000000..c1f629b8
--- /dev/null
+++ b/tests/testrun.sh
@@ -0,0 +1,443 @@
+#!/bin/sh
+
+OS_ARCH=`uname -o`
+OS_KERNEL=`uname -s`
+
+#
+# Get command line params
+#
+testfile="$1"
+crypto="$2"
+topfolder="$3"
+xmlsec_app="$4"
+file_format="$5"
+timestamp=`date +%Y%m%d_%H%M%S`
+
+if [ "z$OS_ARCH" = "zCygwin" ] ; then
+ topfolder=`cygpath -wa "$topfolder"`
+ xmlsec_app=`cygpath -a "$xmlsec_app"`
+fi
+
+#
+# Prepare folders
+#
+if [ "z$TMPFOLDER" = "z" ] ; then
+ TMPFOLDER=/tmp
+fi
+testname=`basename $testfile`
+if [ "z$OS_ARCH" = "zCygwin" ] ; then
+ tmpfile=`cygpath -wa $TMPFOLDER/$testname.$timestamp-$$.tmp`
+ logfile=`cygpath -wa $TMPFOLDER/$testname.$timestamp-$$.log`
+else
+ tmpfile=$TMPFOLDER/$testname.$timestamp-$$.tmp
+ logfile=$TMPFOLDER/$testname.$timestamp-$$.log
+fi
+nssdbfolder=$topfolder/nssdb
+
+#
+# Valgrind
+#
+valgrind_suppression="--suppressions=$topfolder/openssl.supp --suppressions=$topfolder/nss.supp"
+valgrind_options="--leak-check=yes --show-reachable=yes --num-callers=32 -v"
+if [ -n "$DEBUG_MEMORY" ] ; then
+ export VALGRIND="valgrind $valgrind_options"
+ export REPEAT=3
+ xmlsec_params="$xmlsec_params --repeat $REPEAT"
+fi
+
+#
+# Setup crypto engine
+#
+crypto_config=$TMPFOLDER/xmlsec-crypto-config
+keysfile=$crypto_config/keys.xml
+if [ "z$XMLSEC_DEFAULT_CRYPTO" != "z" ] ; then
+ xmlsec_params="$xmlsec_params --crypto $XMLSEC_DEFAULT_CRYPTO"
+elif [ "z$crypto" != "z" ] ; then
+ xmlsec_params="$xmlsec_params --crypto $crypto"
+fi
+xmlsec_params="$xmlsec_params --crypto-config $crypto_config"
+
+#
+# Setup keys config
+#
+pub_key_format=$file_format
+cert_format=$file_format
+
+#
+# GCrypt/GnuTLS only supports DER format for now, others are good to go with PKCS12
+#
+if [ "z$crypto" != "zgcrypt" ] ; then
+ priv_key_option="--pkcs12"
+ priv_key_format="p12"
+else
+ priv_key_option="--privkey-der"
+ priv_key_format="der"
+ pub_key_format="der"
+fi
+
+# On Windows, one needs to specify Crypto Service Provider (CSP)
+# in the pkcs12 file to ensure it is loaded correctly to be used
+# with SHA2 algorithms. Worse, the CSP is different for XP and older
+# versions
+if test "z$OS_ARCH" = "zCygwin" || test "z$OS_ARCH" = "zMsys" ; then
+ # Samples:
+ # Cygwin : CYGWIN_NT-5.1
+ # Msys : MINGW32_NT-5.1
+ if expr "$OS_KERNEL" : '.*_NT-5\.1' > /dev/null; then
+ priv_key_suffix="-winxp"
+ else
+ priv_key_suffix="-win"
+ fi
+else
+ priv_key_suffix=""
+fi
+
+
+#
+# Misc
+#
+if [ -n "$PERF_TEST" ] ; then
+ xmlsec_params="$xmlsec_params --repeat $PERF_TEST"
+fi
+
+if test "z$OS_ARCH" = "zCygwin" || test "z$OS_ARCH" = "zMsys" ; then
+ diff_param=-uw
+else
+ diff_param=-u
+fi
+
+#
+# Check the command result and print it to stdout
+#
+res_success="success"
+res_fail="fail"
+printRes() {
+ expected_res="$1"
+ actual_res="$2"
+
+ # convert status to string
+ if [ $actual_res = 0 ]; then
+ actual_res=$res_success
+ else
+ actual_res=$res_fail
+ fi
+
+ # check
+ if [ "z$expected_res" = "z$actual_res" ] ; then
+ echo " OK"
+ else
+ echo " Fail"
+ fi
+
+ # memlog
+ if [ -f .memdump ] ; then
+ cat .memdump >> $logfile
+ fi
+}
+
+#
+# Keys Manager test function
+#
+execKeysTest() {
+ expected_res="$1"
+ req_key_data="$2"
+ key_name="$3"
+ alg_name="$4"
+
+ # prepare
+ rm -f $tmpfile
+ old_pwd=`pwd`
+
+ # check params
+ if [ "z$expected_res" != "z$res_success" -a "z$expected_res" != "z$res_fail" ] ; then
+ echo " Bad parameter: expected_res=$expected_res"
+ cd $old_pwd
+ return
+ fi
+ echo "Test: $alg_name ($expected_res)"
+
+ # check key data
+ if [ -n "$req_key_data" ] ; then
+ printf " Checking required key data "
+ echo "$xmlsec_app check-key-data $xmlsec_params $req_key_data" >> $logfile
+ $xmlsec_app check-key-data $xmlsec_params $req_key_data >> $logfile 2>> $logfile
+ res=$?
+ if [ $res = 0 ]; then
+ echo " OK"
+ else
+ echo " Skip"
+ return
+ fi
+ fi
+
+ # run tests
+ printf " Creating new key "
+ params="--gen-key:$key_name $alg_name"
+ if [ -f $keysfile ] ; then
+ params="$params --keys-file $keysfile"
+ fi
+ echo "$xmlsec_app keys $params $xmlsec_params $keysfile" >> $logfile
+ $VALGRIND $xmlsec_app keys $params $xmlsec_params $keysfile >> $logfile 2>> $logfile
+ printRes $expected_res $?
+
+ # cleanup
+ cd $old_pwd
+ rm -f $tmpfile
+}
+
+#
+# DSig test function
+#
+execDSigTest() {
+ expected_res="$1"
+ folder="$2"
+ filename="$3"
+ req_transforms="$4"
+ req_key_data="$5"
+ params1="$6"
+ params2="$7"
+ params3="$8"
+
+ # prepare
+ rm -f $tmpfile
+ old_pwd=`pwd`
+
+ # check params
+ if [ "z$expected_res" != "z$res_success" -a "z$expected_res" != "z$res_fail" ] ; then
+ echo " Bad parameter: expected_res=$expected_res"
+ cd $old_pwd
+ return
+ fi
+ if [ -n "$folder" ] ; then
+ cd $topfolder/$folder
+ full_file=$filename
+ echo $folder/$filename
+ echo "Test: $folder/$filename in folder " `pwd` " ($expected_res)" >> $logfile
+ else
+ full_file=$topfolder/$filename
+ echo $filename
+ echo "Test: $folder/$filename ($expected_res)" >> $logfile
+ fi
+
+ # check transforms
+ if [ -n "$req_transforms" ] ; then
+ printf " Checking required transforms "
+ echo "$xmlsec_app check-transforms $xmlsec_params $req_transforms" >> $logfile
+ $xmlsec_app check-transforms $xmlsec_params $req_transforms >> $logfile 2>> $logfile
+ res=$?
+ if [ $res = 0 ]; then
+ echo " OK"
+ else
+ echo " Skip"
+ cd $old_pwd
+ return
+ fi
+ fi
+
+ # check key data
+ if [ -n "$req_key_data" ] ; then
+ printf " Checking required key data "
+ echo "$xmlsec_app check-key-data $xmlsec_params $req_key_data" >> $logfile
+ $xmlsec_app check-key-data $xmlsec_params $req_key_data >> $logfile 2>> $logfile
+ res=$?
+ if [ $res = 0 ]; then
+ echo " OK"
+ else
+ echo "Skip"
+ return
+ fi
+ fi
+
+ # run tests
+ if [ -n "$params1" ] ; then
+ printf " Verify existing signature "
+ echo "$xmlsec_app verify $xmlsec_params $params1 $full_file.xml" >> $logfile
+ $VALGRIND $xmlsec_app verify $xmlsec_params $params1 $full_file.xml >> $logfile 2>> $logfile
+ printRes $expected_res $?
+ fi
+
+ if [ -n "$params2" -a -z "$PERF_TEST" ] ; then
+ printf " Create new signature "
+ echo "$xmlsec_app sign $xmlsec_params $params2 --output $tmpfile $full_file.tmpl" >> $logfile
+ $VALGRIND $xmlsec_app sign $xmlsec_params $params2 --output $tmpfile $full_file.tmpl >> $logfile 2>> $logfile
+ printRes $expected_res $?
+ fi
+
+ if [ -n "$params3" -a -z "$PERF_TEST" ] ; then
+ printf " Verify new signature "
+ echo "$xmlsec_app verify $xmlsec_params $params3 $tmpfile" >> $logfile
+ $VALGRIND $xmlsec_app verify $xmlsec_params $params3 $tmpfile >> $logfile 2>> $logfile
+ printRes $expected_res $?
+ fi
+
+ # cleanup
+ cd $old_pwd
+ rm -f $tmpfile
+}
+
+#
+# Enc test function
+#
+execEncTest() {
+ expected_res="$1"
+ folder="$2"
+ filename="$3"
+ req_transforms="$4"
+ params1="$5"
+ params2="$6"
+ params3="$7"
+
+ # prepare
+ rm -f $tmpfile $tmpfile.2
+ old_pwd=`pwd`
+
+ # check params
+ if [ "z$expected_res" != "z$res_success" -a "z$expected_res" != "z$res_fail" ] ; then
+ echo " Bad parameter: expected_res=$expected_res"
+ cd $old_pwd
+ return
+ fi
+ if [ -n "$folder" ] ; then
+ cd $topfolder/$folder
+ full_file=$filename
+ echo $folder/$filename
+ echo "Test: $folder/$filename in folder " `pwd` " ($expected_res)" >> $logfile
+ else
+ full_file=$topfolder/$filename
+ echo $filename
+ echo "Test: $folder/$filename ($expected_res)" >> $logfile
+ fi
+
+ # check transforms
+ if [ -n "$req_transforms" ] ; then
+ printf " Checking required transforms "
+ echo "$xmlsec_app check-transforms $xmlsec_params $req_transforms" >> $logfile
+ $xmlsec_app check-transforms $xmlsec_params $req_transforms >> $logfile 2>> $logfile
+ res=$?
+ if [ $res = 0 ]; then
+ echo " OK"
+ else
+ echo " Skip"
+ return
+ fi
+ fi
+
+ # run tests
+ if [ -n "$params1" ] ; then
+ rm -f $tmpfile
+ printf " Decrypt existing document "
+ echo "$xmlsec_app decrypt $xmlsec_params $params1 $full_file.xml" >> $logfile
+ $VALGRIND $xmlsec_app decrypt $xmlsec_params $params1 $full_file.xml > $tmpfile 2>> $logfile
+ res=$?
+ if [ $res = 0 ]; then
+ diff $diff_param $full_file.data $tmpfile >> $logfile 2>> $logfile
+ printRes $expected_res $?
+ else
+ printRes $expected_res $res
+ fi
+ fi
+
+ if [ -n "$params2" -a -z "$PERF_TEST" ] ; then
+ rm -f $tmpfile
+ printf " Encrypt document "
+ echo "$xmlsec_app encrypt $xmlsec_params $params2 --output $tmpfile $full_file.tmpl" >> $logfile
+ $VALGRIND $xmlsec_app encrypt $xmlsec_params $params2 --output $tmpfile $full_file.tmpl >> $logfile 2>> $logfile
+ printRes $expected_res $?
+ fi
+
+ if [ -n "$params3" -a -z "$PERF_TEST" ] ; then
+ rm -f $tmpfile.2
+ printf " Decrypt new document "
+ echo "$xmlsec_app decrypt $xmlsec_params $params3 --output $tmpfile.2 $tmpfile" >> $logfile
+ $VALGRIND $xmlsec_app decrypt $xmlsec_params $params3 --output $tmpfile.2 $tmpfile >> $logfile 2>> $logfile
+ res=$?
+ if [ $res = 0 ]; then
+ diff $diff_param $full_file.data $tmpfile.2 >> $logfile 2>> $logfile
+ printRes $expected_res $?
+ else
+ printRes $expected_res $res
+ fi
+ fi
+
+ # cleanup
+ cd $old_pwd
+ rm -f $tmpfile $tmpfile.2
+}
+
+execXkmsServerRequestTest() {
+ expected_res="$1"
+ folder="$2"
+ filename="$3"
+ req_transforms="$4"
+ response="$5"
+ params1="$6"
+
+ # prepare
+ rm -f $tmpfile $tmpfile.2 tmpfile.3
+ old_pwd=`pwd`
+
+ # check params
+ if [ "z$expected_res" != "z$res_success" -a "z$expected_res" != "z$res_fail" ] ; then
+ echo " Bad parameter: expected_res=$expected_res"
+ cd $old_pwd
+ return
+ fi
+ if [ -n "$folder" ] ; then
+ cd $topfolder/$folder
+ full_file=$filename
+ full_resfile=$filename-$response
+ echo "$folder/$filename ($response)"
+ echo "Test: $folder/$filename in folder " `pwd` " $response ($expected_res)" >> $logfile
+ else
+ full_file=$topfolder/$filename
+ full_resfile=$topfolder/$filename-$response
+ echo "$filename ($response)"
+ echo "Test: $folder/$filename $response ($expected_res)" >> $logfile
+ fi
+
+ # check transforms
+ if [ -n "$req_transforms" ] ; then
+ printf " Checking required transforms "
+ echo "$xmlsec_app check-transforms $xmlsec_params $req_transforms" >> $logfile
+ $xmlsec_app check-transforms $xmlsec_params $req_transforms >> $logfile 2>> $logfile
+ res=$?
+ if [ $res = 0 ]; then
+ echo " OK"
+ else
+ echo " Skip"
+ return
+ fi
+ fi
+
+ # run tests
+ if [ -n "$params1" ] ; then
+ printf " Processing xkms request "
+ echo "$xmlsec_app --xkms-server-request --output $tmpfile $xmlsec_params $params1 $full_file.xml" >> $logfile
+ $VALGRIND $xmlsec_app --xkms-server-request --output $tmpfile $xmlsec_params $params1 $full_file.xml >> $logfile 2>> $logfile
+ res=$?
+ if [ $res = 0 ]; then
+ # cleanup Id attribute because it is generated every time
+ sed 's/ Id="[^\"]*"/ Id=""/g' $full_resfile > $tmpfile.2
+ sed 's/ Id="[^\"]*"/ Id=""/g' $tmpfile > $tmpfile.3
+ diff $tmpfile.2 $tmpfile.3 >> $logfile 2>> $logfile
+ printRes $expected_res $?
+ else
+ printRes $expected_res $res
+ fi
+ fi
+
+ # cleanup
+ cd $old_pwd
+ rm -f $tmpfile $tmpfile.2 tmpfile.3
+}
+
+
+# prepare
+rm -rf $tmpfile $tmpfile.2 tmpfile.3
+
+# run tests
+source "$testfile"
+
+# cleanup
+rm -rf $tmpfile $tmpfile.2 tmpfile.3
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-28 13:05:04 +0000