[openssl-commits] [openssl] master update
Rich Salz
rsalz at openssl.org
Fri Apr 10 14:14:09 UTC 2015
The branch master has been updated
via 30f54ad295d58ff8c6d28c1fd612d23c2c343d19 (commit)
from 2cfdfe0918f03f8323c9523a2beb2b363ae86ca7 (commit)
- Log -----------------------------------------------------------------
commit 30f54ad295d58ff8c6d28c1fd612d23c2c343d19
Author: Rich Salz <rsalz at openssl.org>
Date: Fri Apr 10 10:06:17 2015 -0400
test script cleanup
Removed commented-out tests
Standardize on doing
cmd ... || exit 1
instead of
cmd ...
if [ $? != 0] ; then
exit 1
fi
where that if statement has ben one, three, or four lines, variously.
Reviewed-by: Richard Levitte <levitte at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
test/tcrl | 63 +++++-----------------------
test/testca | 25 ++++-------
test/testenc | 37 ++++-------------
test/testgen | 18 +++-----
test/testss | 126 +++++++++++++++-----------------------------------------
test/testtsa | 132 ++++++++++++++++++++---------------------------------------
test/tkey | 76 +++++++++++-----------------------
test/tpkcs7 | 36 ++++++----------
test/tpkcs7d | 24 ++++-------
test/treq | 39 ++++++------------
test/tsid | 64 +++++------------------------
test/tx509 | 71 +++++++++++---------------------
12 files changed, 204 insertions(+), 507 deletions(-)
diff --git a/test/tcrl b/test/tcrl
index 216bb8a..f01eff8 100644
--- a/test/tcrl
+++ b/test/tcrl
@@ -13,67 +13,26 @@ echo testing crl conversions
cp $t crl-fff.p
echo "p -> d"
-$cmd -in crl-fff.p -inform p -outform d >crl-f.d
-if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in crl-fff.p -inform p -outform t >crl-f.t
-#if [ $? != 0 ]; then exit 1; fi
+$cmd -in crl-fff.p -inform p -outform d >crl-f.d || exit 1
echo "p -> p"
-$cmd -in crl-fff.p -inform p -outform p >crl-f.p
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in crl-fff.p -inform p -outform p >crl-f.p || exit 1
echo "d -> d"
-$cmd -in crl-f.d -inform d -outform d >crl-ff.d1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> d"
-#$cmd -in crl-f.t -inform t -outform d >crl-ff.d2
-#if [ $? != 0 ]; then exit 1; fi
+$cmd -in crl-f.d -inform d -outform d >crl-ff.d1 || exit 1
echo "p -> d"
-$cmd -in crl-f.p -inform p -outform d >crl-ff.d3
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in crl-f.p -inform p -outform d >crl-ff.d3 || exit 1
-#echo "d -> t"
-#$cmd -in crl-f.d -inform d -outform t >crl-ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#echo "t -> t"
-#$cmd -in crl-f.t -inform t -outform t >crl-ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in crl-f.p -inform p -outform t >crl-ff.t3
-#if [ $? != 0 ]; then exit 1; fi
echo "d -> p"
-$cmd -in crl-f.d -inform d -outform p >crl-ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> p"
-#$cmd -in crl-f.t -inform t -outform p >crl-ff.p2
-#if [ $? != 0 ]; then exit 1; fi
+$cmd -in crl-f.d -inform d -outform p >crl-ff.p1 || exit 1
echo "p -> p"
-$cmd -in crl-f.p -inform p -outform p >crl-ff.p3
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in crl-f.p -inform p -outform p >crl-ff.p3 || exit 1
-cmp crl-fff.p crl-f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp crl-fff.p crl-ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp crl-fff.p crl-ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp crl-fff.p crl-ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-#cmp crl-f.t crl-ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#cmp crl-f.t crl-ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#cmp crl-f.t crl-ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-cmp crl-f.p crl-ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp crl-f.p crl-ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp crl-f.p crl-ff.p3
-if [ $? != 0 ]; then exit 1; fi
+cmp crl-fff.p crl-f.p || exit 1
+cmp crl-fff.p crl-ff.p1 || exit 1
+cmp crl-fff.p crl-ff.p3 || exit 1
+cmp crl-f.p crl-ff.p1 || exit 1
+cmp crl-f.p crl-ff.p3 || exit 1
/bin/rm -f crl-f.* crl-ff.* crl-fff.*
exit 0
diff --git a/test/testca b/test/testca
index 0e2d05c..8961cf8 100644
--- a/test/testca
+++ b/test/testca
@@ -16,35 +16,28 @@ OPENSSL="`pwd`/../util/opensslwrap.sh"
export OPENSSL
/bin/rm -fr demoCA
+
+# Could do '...CA.pl -newca || exot 1 << EOF
+# EOF' but that seems too obscure to me. :)
OPENSSL_CONFIG=/dev/null $PERL ../apps/CA.pl -newca <<EOF
EOF
-
-if [ $? != 0 ]; then
- exit 1;
-fi
+[ $? == 0 ] || exit 1
SSLEAY_CONFIG="-config Uss.cnf"
export SSLEAY_CONFIG
-$PERL ../apps/CA.pl -newreq
-if [ $? != 0 ]; then
- exit 1;
-fi
-
+$PERL ../apps/CA.pl -newreq || exit 1
SSLEAY_CONFIG="-config ../apps/openssl.cnf"
export SSLEAY_CONFIG
+
+# Same comment here.
$PERL ../apps/CA.pl -sign <<EOF
y
y
EOF
-if [ $? != 0 ]; then
- exit 1;
-fi
+[ $? == 0 ] || exit 1
-$PERL ../apps/CA.pl -verify newcert.pem
-if [ $? != 0 ]; then
- exit 1;
-fi
+$PERL ../apps/CA.pl -verify newcert.pem || exit 1
/bin/rm -fr demoCA newcert.pem newreq.pem
diff --git a/test/testenc b/test/testenc
index 6ca9cad..3a07398 100644
--- a/test/testenc
+++ b/test/testenc
@@ -11,46 +11,27 @@ cat $testsrc >$test;
echo cat
$cmd enc < $test > $test.cipher
$cmd enc < $test.cipher >$test.clear
-cmp $test $test.clear
-if [ $? != 0 ]
-then
- exit 1
-else
- /bin/rm $test.cipher $test.clear
-fi
+cmp $test $test.clear || exit 1
+/bin/rm $test.cipher $test.clear
+
echo base64
$cmd enc -a -e < $test > $test.cipher
$cmd enc -a -d < $test.cipher >$test.clear
-cmp $test $test.clear
-if [ $? != 0 ]
-then
- exit 1
-else
- /bin/rm $test.cipher $test.clear
-fi
+cmp $test $test.clear || exit 1
+/bin/rm $test.cipher $test.clear
for i in `$cmd list-cipher-commands`
do
echo $i
$cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher
$cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear
- cmp $test $test.$i.clear
- if [ $? != 0 ]
- then
- exit 1
- else
- /bin/rm $test.$i.cipher $test.$i.clear
- fi
+ cmp $test $test.$i.clear || exit 1
+ /bin/rm $test.$i.cipher $test.$i.clear
echo $i base64
$cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher
$cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear
- cmp $test $test.$i.clear
- if [ $? != 0 ]
- then
- exit 1
- else
- /bin/rm $test.$i.cipher $test.$i.clear
- fi
+ cmp $test $test.$i.clear || exit 1
+ /bin/rm $test.$i.cipher $test.$i.clear
done
rm -f $test
diff --git a/test/testgen b/test/testgen
index ed53b4a..f4eb112 100644
--- a/test/testgen
+++ b/test/testgen
@@ -18,7 +18,7 @@ echo "generating certificate request"
echo "string to make the random number generator think it has entropy" >> ./.rnd
-if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
+if ../util/shlib_wrap.sh ../apps/openssl no-rsa >/dev/null; then
req_new='-newkey dsa:../apps/dsa512.pem'
else
req_new='-new'
@@ -26,20 +26,12 @@ else
echo "There should not be more that at most 80 per line"
fi
-echo "This could take some time."
-
rm -f testkey.pem testreq.pem
-../util/shlib_wrap.sh ../apps/openssl req -config test.cnf $req_new -out testreq.pem
-if [ $? != 0 ]; then
-echo problems creating request
-exit 1
-fi
+echo Generating request
+../util/shlib_wrap.sh ../apps/openssl req -config test.cnf $req_new -out testreq.pem || exit 1
-../util/shlib_wrap.sh ../apps/openssl req -config test.cnf -verify -in testreq.pem -noout
-if [ $? != 0 ]; then
-echo signature on req is wrong
-exit 1
-fi
+echo Verifying signature on request
+../util/shlib_wrap.sh ../apps/openssl req -config test.cnf -verify -in testreq.pem -noout || exit 1
exit 0
diff --git a/test/testss b/test/testss
index c846b77..3afeb11 100644
--- a/test/testss
+++ b/test/testss
@@ -30,131 +30,71 @@ P2req="reqP2.ss"
P2cert="certP2.ss"
P2intermediate="tmp_intP2.ss"
-echo
-echo "make a certificate request using 'req'"
-echo "string to make the random number generator think it has entropy" >> ./.rnd
+echo string to make the random number generator think it has entropy >> ./.rnd
-if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
+if ../util/shlib_wrap.sh ../apps/openssl no-rsa >/dev/null; then
req_new='-newkey dsa:../apps/dsa512.pem'
else
req_new='-new'
fi
-$reqcmd -config $CAconf -out $CAreq -keyout $CAkey $req_new
-if [ $? != 0 ]; then
- echo "error using 'req' to generate a certificate request"
- exit 1
-fi
-echo
-echo "convert the certificate request into a self signed certificate using 'x509'"
-$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey -extfile $CAconf -extensions v3_ca >err.ss
-if [ $? != 0 ]; then
- echo "error using 'x509' to self sign a certificate request"
- exit 1
-fi
+echo make cert request
+$reqcmd -config $CAconf -out $CAreq -keyout $CAkey $req_new || exit 1
-echo
-echo "convert a certificate into a certificate request using 'x509'"
-$x509cmd -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 >err.ss
-if [ $? != 0 ]; then
- echo "error using 'x509' convert a certificate to a certificate request"
- exit 1
-fi
+echo convert request into self-signed cert
+$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey -extfile $CAconf -extensions v3_ca >err.ss || exit 1
-$reqcmd -config $dummycnf -verify -in $CAreq -noout
-if [ $? != 0 ]; then
- echo first generated request is invalid
- exit 1
-fi
+echo convert cert into a cert request
+$x509cmd -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 >err.ss || exit 1
-$reqcmd -config $dummycnf -verify -in $CAreq2 -noout
-if [ $? != 0 ]; then
- echo second generated request is invalid
- exit 1
-fi
+echo verify request 1
+$reqcmd -config $dummycnf -verify -in $CAreq -noout || exit 1
-$verifycmd -CAfile $CAcert $CAcert
-if [ $? != 0 ]; then
- echo first generated cert is invalid
- exit 1
-fi
+echo verify request 1
+$reqcmd -config $dummycnf -verify -in $CAreq2 -noout || exit 1
-echo
-echo "make a user certificate request using 'req'"
-$reqcmd -config $Uconf -out $Ureq -keyout $Ukey $req_new >err.ss
-if [ $? != 0 ]; then
- echo "error using 'req' to generate a user certificate request"
- exit 1
-fi
+echo verify signature
+$verifycmd -CAfile $CAcert $CAcert || exit 1
-echo
-echo "sign user certificate request with the just created CA via 'x509'"
-$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -extfile $Uconf -extensions v3_ee >err.ss
-if [ $? != 0 ]; then
- echo "error using 'x509' to sign a user certificate request"
- exit 1
-fi
+echo make a user cert request
+$reqcmd -config $Uconf -out $Ureq -keyout $Ukey $req_new >err.ss || exit 1
-$verifycmd -CAfile $CAcert $Ucert
-echo
-echo "Certificate details"
-$x509cmd -subject -issuer -startdate -enddate -noout -in $Ucert
-
-echo
-echo "make a proxy certificate request using 'req'"
-$reqcmd -config $P1conf -out $P1req -keyout $P1key $req_new >err.ss
-if [ $? != 0 ]; then
- echo "error using 'req' to generate a proxy certificate request"
- exit 1
-fi
+echo sign user cert request
+$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -extfile $Uconf -extensions v3_ee >err.ss || exit 1
+$verifycmd -CAfile $CAcert $Ucert || exit 1
-echo
-echo "sign proxy certificate request with the just created user certificate via 'x509'"
-$x509cmd -CAcreateserial -in $P1req -days 30 -req -out $P1cert -CA $Ucert -CAkey $Ukey -extfile $P1conf -extensions v3_proxy >err.ss
-if [ $? != 0 ]; then
- echo "error using 'x509' to sign a proxy certificate request"
- exit 1
-fi
+echo Certificate details
+$x509cmd -subject -issuer -startdate -enddate -noout -in $Ucert || exit 1
+
+echo make a proxy cert request
+$reqcmd -config $P1conf -out $P1req -keyout $P1key $req_new >err.ss || exit 1
+
+echo sign proxy with user cert
+$x509cmd -CAcreateserial -in $P1req -days 30 -req -out $P1cert -CA $Ucert -CAkey $Ukey -extfile $P1conf -extensions v3_proxy >err.ss || exit 1
cat $Ucert > $P1intermediate
$verifycmd -CAfile $CAcert -untrusted $P1intermediate $P1cert
-echo
-echo "Certificate details"
+echo Certificate details
$x509cmd -subject -issuer -startdate -enddate -noout -in $P1cert
-echo
-echo "make another proxy certificate request using 'req'"
-$reqcmd -config $P2conf -out $P2req -keyout $P2key $req_new >err.ss
-if [ $? != 0 ]; then
- echo "error using 'req' to generate another proxy certificate request"
- exit 1
-fi
+echo make another proxy cert request
+$reqcmd -config $P2conf -out $P2req -keyout $P2key $req_new >err.ss || exit 1
-echo
-echo "sign second proxy certificate request with the first proxy certificate via 'x509'"
-$x509cmd -CAcreateserial -in $P2req -days 30 -req -out $P2cert -CA $P1cert -CAkey $P1key -extfile $P2conf -extensions v3_proxy >err.ss
-if [ $? != 0 ]; then
- echo "error using 'x509' to sign a second proxy certificate request"
- exit 1
-fi
+echo sign second proxy cert request with the first proxy cert
+$x509cmd -CAcreateserial -in $P2req -days 30 -req -out $P2cert -CA $P1cert -CAkey $P1key -extfile $P2conf -extensions v3_proxy >err.ss || exit 1
+echo Certificate details
cat $Ucert $P1cert > $P2intermediate
$verifycmd -CAfile $CAcert -untrusted $P2intermediate $P2cert
-echo
-echo "Certificate details"
$x509cmd -subject -issuer -startdate -enddate -noout -in $P2cert
-echo
echo The generated CA certificate is $CAcert
echo The generated CA private key is $CAkey
-
echo The generated user certificate is $Ucert
echo The generated user private key is $Ukey
-
echo The first generated proxy certificate is $P1cert
echo The first generated proxy private key is $P1key
-
echo The second generated proxy certificate is $P2cert
echo The second generated proxy private key is $P2key
diff --git a/test/testtsa b/test/testtsa
index a0588e3..df9abed 100644
--- a/test/testtsa
+++ b/test/testtsa
@@ -21,33 +21,23 @@ export SSLEAY_CONFIG
OPENSSL="`pwd`/../util/opensslwrap.sh"
export OPENSSL
-error () {
-
- echo "TSA test failed!" >&2
- exit 1
-}
-
setup_dir () {
-
rm -rf tsa 2>/dev/null
mkdir tsa
cd ./tsa
}
clean_up_dir () {
-
cd ..
rm -rf tsa
}
create_ca () {
-
- echo "Creating a new CA for the TSA tests..."
+ echo creating a new CA for the TSA tests
TSDNSECT=ts_ca_dn
export TSDNSECT
../../util/shlib_wrap.sh ../../apps/openssl req -new -x509 -nodes \
- -out tsaca.pem -keyout tsacakey.pem
- test $? != 0 && error
+ -out tsaca.pem -keyout tsacakey.pem || exit 1
}
create_tsa_cert () {
@@ -59,14 +49,12 @@ create_tsa_cert () {
export TSDNSECT
../../util/shlib_wrap.sh ../../apps/openssl req -new \
- -out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem
- test $? != 0 && error
-echo Using extension $EXT
+ -out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem || exit 1
+ echo using extension $EXT
../../util/shlib_wrap.sh ../../apps/openssl x509 -req \
-in tsa_req${INDEX}.pem -out tsa_cert${INDEX}.pem \
-CA tsaca.pem -CAkey tsacakey.pem -CAcreateserial \
- -extfile $OPENSSL_CONF -extensions $EXT
- test $? != 0 && error
+ -extfile $OPENSSL_CONF -extensions $EXT || exit 1
}
print_request () {
@@ -76,163 +64,133 @@ print_request () {
create_time_stamp_request1 () {
- ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy1 -cert -out req1.tsq
- test $? != 0 && error
+ ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy1 -cert -out req1.tsq || exit 1
}
create_time_stamp_request2 () {
../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy2 -no_nonce \
- -out req2.tsq
- test $? != 0 && error
+ -out req2.tsq || exit 1
}
create_time_stamp_request3 () {
- ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../CAtsa.cnf -no_nonce -out req3.tsq
- test $? != 0 && error
+ ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../CAtsa.cnf -no_nonce -out req3.tsq || exit 1
}
print_response () {
- ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $1 -text
- test $? != 0 && error
+ ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $1 -text || exit 1
}
create_time_stamp_response () {
- ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -section $3 -queryfile $1 -out $2
- test $? != 0 && error
+ ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -section $3 -queryfile $1 -out $2 || exit 1
}
time_stamp_response_token_test () {
RESPONSE2=$2.copy.tsr
TOKEN_DER=$2.token.der
- ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $TOKEN_DER -token_out
- test $? != 0 && error
- ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -out $RESPONSE2
- test $? != 0 && error
- cmp $RESPONSE2 $2
- test $? != 0 && error
- ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -text -token_out
- test $? != 0 && error
- ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -text -token_out
- test $? != 0 && error
- ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -queryfile $1 -text -token_out
- test $? != 0 && error
+ ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $TOKEN_DER -token_out || exit 1
+ ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -out $RESPONSE2 || exit 1
+ cmp $RESPONSE2 $2 || exit 1
+ ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -text -token_out || exit 1
+ ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -text -token_out || exit 1
+ ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -queryfile $1 -text -token_out || exit 1
}
verify_time_stamp_response () {
../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \
- -untrusted tsa_cert1.pem
- test $? != 0 && error
+ -untrusted tsa_cert1.pem || exit 1
../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2 -CAfile tsaca.pem \
- -untrusted tsa_cert1.pem
- test $? != 0 && error
+ -untrusted tsa_cert1.pem || exit 1
}
verify_time_stamp_token () {
# create the token from the response first
- ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $2.token -token_out
- test $? != 0 && error
+ ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $2.token -token_out || exit 1
../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2.token -token_in \
- -CAfile tsaca.pem -untrusted tsa_cert1.pem
- test $? != 0 && error
+ -CAfile tsaca.pem -untrusted tsa_cert1.pem || exit 1
../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2.token -token_in \
- -CAfile tsaca.pem -untrusted tsa_cert1.pem
- test $? != 0 && error
+ -CAfile tsaca.pem -untrusted tsa_cert1.pem || exit 1
}
verify_time_stamp_response_fail () {
../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \
- -untrusted tsa_cert1.pem
- # Checks if the verification failed, as it should have.
- test $? = 0 && error
- echo Ok
+ -untrusted tsa_cert1.pem && exit 1
+ echo ok
}
# main functions
-echo "Setting up TSA test directory..."
+echo setting up TSA test directory
setup_dir
-echo "Creating CA for TSA tests..."
+echo creating CA for TSA tests
create_ca
-echo "Creating tsa_cert1.pem TSA server cert..."
+echo creating tsa_cert1.pem TSA server cert
create_tsa_cert 1 tsa_cert
-echo "Creating tsa_cert2.pem non-TSA server cert..."
+echo creating tsa_cert2.pem non-TSA server cert
create_tsa_cert 2 non_tsa_cert
-echo "Creating req1.req time stamp request for file testtsa..."
+echo creating req1.req time stamp request for file testtsa
create_time_stamp_request1
-echo "Printing req1.req..."
+echo printing req1.req
print_request req1.tsq
-echo "Generating valid response for req1.req..."
+echo generating valid response for req1.req
create_time_stamp_response req1.tsq resp1.tsr tsa_config1
-echo "Printing response..."
+echo printing response
print_response resp1.tsr
-echo "Verifying valid response..."
+echo verifying valid response
verify_time_stamp_response req1.tsq resp1.tsr ../testtsa
-echo "Verifying valid token..."
+echo verifying valid token
verify_time_stamp_token req1.tsq resp1.tsr ../testtsa
-# The tests below are commented out, because invalid signer certificates
-# can no longer be specified in the config file.
-
-# echo "Generating _invalid_ response for req1.req..."
-# create_time_stamp_response req1.tsq resp1_bad.tsr tsa_config2
-
-# echo "Printing response..."
-# print_response resp1_bad.tsr
-
-# echo "Verifying invalid response, it should fail..."
-# verify_time_stamp_response_fail req1.tsq resp1_bad.tsr
-
-echo "Creating req2.req time stamp request for file testtsa..."
+echo creating req2.req time stamp request for file testtsa
create_time_stamp_request2
-echo "Printing req2.req..."
+echo printing req2.req
print_request req2.tsq
-echo "Generating valid response for req2.req..."
+echo generating valid response for req2.req
create_time_stamp_response req2.tsq resp2.tsr tsa_config1
-echo "Checking '-token_in' and '-token_out' options with '-reply'..."
+echo checking -token_in and -token_out options with -reply
time_stamp_response_token_test req2.tsq resp2.tsr
-echo "Printing response..."
+echo printing response
print_response resp2.tsr
-echo "Verifying valid response..."
+echo verifying valid response
verify_time_stamp_response req2.tsq resp2.tsr ../testtsa
-echo "Verifying response against wrong request, it should fail..."
+echo verifying response against wrong request, it should fail
verify_time_stamp_response_fail req1.tsq resp2.tsr
-echo "Verifying response against wrong request, it should fail..."
+echo verifying response against wrong request, it should fail
verify_time_stamp_response_fail req2.tsq resp1.tsr
-echo "Creating req3.req time stamp request for file CAtsa.cnf..."
+echo creating req3.req time stamp request for file CAtsa.cnf
create_time_stamp_request3
-echo "Printing req3.req..."
+echo printing req3.req
print_request req3.tsq
-echo "Verifying response against wrong request, it should fail..."
+echo verifying response against wrong request, it should fail
verify_time_stamp_response_fail req3.tsq resp1.tsr
-echo "Cleaning up..."
+echo cleaning up
clean_up_dir
exit 0
diff --git a/test/tkey b/test/tkey
index b7097e6..c6abd2f 100644
--- a/test/tkey
+++ b/test/tkey
@@ -20,81 +20,55 @@ echo testing $ktype $ptype conversions
cp $t $ktype-fff.p
echo "p -> d"
-$cmd -in $ktype-fff.p -inform p -outform d >$ktype-f.d
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in $ktype-fff.p -inform p -outform d >$ktype-f.d || exit 1
echo "p -> p"
-$cmd -in $ktype-fff.p -inform p -outform p >$ktype-f.p
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in $ktype-fff.p -inform p -outform p >$ktype-f.p || exit 1
echo "d -> d"
-$cmd -in $ktype-f.d -inform d -outform d >$ktype-ff.d1
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in $ktype-f.d -inform d -outform d >$ktype-ff.d1 || exit 1
echo "p -> d"
-$cmd -in $ktype-f.p -inform p -outform d >$ktype-ff.d3
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in $ktype-f.p -inform p -outform d >$ktype-ff.d3 || exit 1
echo "d -> p"
-$cmd -in $ktype-f.d -inform d -outform p >$ktype-ff.p1
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in $ktype-f.d -inform d -outform p >$ktype-ff.p1 || exit 1
echo "p -> p"
-$cmd -in $ktype-f.p -inform p -outform p >$ktype-ff.p3
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in $ktype-f.p -inform p -outform p >$ktype-ff.p3 || exit 1
-cmp $ktype-fff.p $ktype-f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp $ktype-fff.p $ktype-ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp $ktype-fff.p $ktype-ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp $ktype-f.p $ktype-ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp $ktype-f.p $ktype-ff.p3
-if [ $? != 0 ]; then exit 1; fi
+cmp $ktype-fff.p $ktype-f.p || exit 1
+cmp $ktype-fff.p $ktype-ff.p1 || exit 1
+cmp $ktype-fff.p $ktype-ff.p3 || exit 1
+cmp $ktype-f.p $ktype-ff.p1 || exit 1
+cmp $ktype-f.p $ktype-ff.p3 || exit 1
/bin/rm -f $ktype-f.* $ktype-ff.* $ktype-fff.*
-if [ $ptype = "public" ]; then
- exit 0
-fi
+[ $ptype = "public" ] && exit 0
-cmd="../util/shlib_wrap.sh ../apps/openssl pkey"
echo testing $ktype PKCS#8 conversions
+cmd="../util/shlib_wrap.sh ../apps/openssl pkey"
$cmd -in $t -out $ktype-fff.p
echo "p -> d"
-$cmd -in $ktype-fff.p -inform p -outform d >$ktype-f.d
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in $ktype-fff.p -inform p -outform d >$ktype-f.d || exit 1
echo "p -> p"
-$cmd -in $ktype-fff.p -inform p -outform p >$ktype-f.p
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in $ktype-fff.p -inform p -outform p >$ktype-f.p || exit 1
echo "d -> d"
-$cmd -in $ktype-f.d -inform d -outform d >$ktype-ff.d1
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in $ktype-f.d -inform d -outform d >$ktype-ff.d1 || exit 1
echo "p -> d"
-$cmd -in $ktype-f.p -inform p -outform d >$ktype-ff.d3
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in $ktype-f.p -inform p -outform d >$ktype-ff.d3 || exit 1
echo "d -> p"
-$cmd -in $ktype-f.d -inform d -outform p >$ktype-ff.p1
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in $ktype-f.d -inform d -outform p >$ktype-ff.p1 || exit 1
echo "p -> p"
-$cmd -in $ktype-f.p -inform p -outform p >$ktype-ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp $ktype-fff.p $ktype-f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp $ktype-fff.p $ktype-ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp $ktype-fff.p $ktype-ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp $ktype-f.p $ktype-ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp $ktype-f.p $ktype-ff.p3
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in $ktype-f.p -inform p -outform p >$ktype-ff.p3 || exit 1
+
+cmp $ktype-fff.p $ktype-f.p || exit 1
+cmp $ktype-fff.p $ktype-ff.p1 || exit 1
+cmp $ktype-fff.p $ktype-ff.p3 || exit 1
+cmp $ktype-f.p $ktype-ff.p1 || exit 1
+cmp $ktype-f.p $ktype-ff.p3 || exit 1
/bin/rm -f $ktype-f.* $ktype-ff.* $ktype-fff.*
diff --git a/test/tpkcs7 b/test/tpkcs7
index 27bd343..a1e8c0a 100644
--- a/test/tpkcs7
+++ b/test/tpkcs7
@@ -13,37 +13,25 @@ echo testing pkcs7 conversions
cp $t p7-fff.p
echo "p -> d"
-$cmd -in p7-fff.p -inform p -outform d >p7-f.d
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in p7-fff.p -inform p -outform d >p7-f.d || exit 1
echo "p -> p"
-$cmd -in p7-fff.p -inform p -outform p >p7-f.p
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in p7-fff.p -inform p -outform p >p7-f.p || exit 1
echo "d -> d"
-$cmd -in p7-f.d -inform d -outform d >p7-ff.d1
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in p7-f.d -inform d -outform d >p7-ff.d1 || exit 1
echo "p -> d"
-$cmd -in p7-f.p -inform p -outform d >p7-ff.d3
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in p7-f.p -inform p -outform d >p7-ff.d3 || exit 1
echo "d -> p"
-$cmd -in p7-f.d -inform d -outform p >p7-ff.p1
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in p7-f.d -inform d -outform p >p7-ff.p1 || exit 1
echo "p -> p"
-$cmd -in p7-f.p -inform p -outform p >p7-ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp p7-fff.p p7-f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp p7-fff.p p7-ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp p7-fff.p p7-ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp p7-f.p p7-ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp p7-f.p p7-ff.p3
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in p7-f.p -inform p -outform p >p7-ff.p3 || exit 1
+
+cmp p7-fff.p p7-f.p || exit 1
+cmp p7-fff.p p7-ff.p1 || exit 1
+cmp p7-fff.p p7-ff.p3 || exit 1
+cmp p7-f.p p7-ff.p1 || exit 1
+cmp p7-f.p p7-ff.p3 || exit 1
/bin/rm -f p7-f.* p7-ff.* p7-fff.*
exit 0
diff --git a/test/tpkcs7d b/test/tpkcs7d
index 4354d59..9dc2932 100644
--- a/test/tpkcs7d
+++ b/test/tpkcs7d
@@ -13,30 +13,22 @@ echo "testing pkcs7 conversions (2)"
cp $t p7d-fff.p
echo "p -> d"
-$cmd -in p7d-fff.p -inform p -outform d >p7d-f.d
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in p7d-fff.p -inform p -outform d >p7d-f.d || exit 1
echo "p -> p"
-$cmd -in p7d-fff.p -inform p -outform p >p7d-f.p
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in p7d-fff.p -inform p -outform p >p7d-f.p || exit 1
echo "d -> d"
-$cmd -in p7d-f.d -inform d -outform d >p7d-ff.d1
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in p7d-f.d -inform d -outform d >p7d-ff.d1 || exit 1
echo "p -> d"
-$cmd -in p7d-f.p -inform p -outform d >p7d-ff.d3
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in p7d-f.p -inform p -outform d >p7d-ff.d3 || exit 1
echo "d -> p"
-$cmd -in p7d-f.d -inform d -outform p >p7d-ff.p1
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in p7d-f.d -inform d -outform p >p7d-ff.p1 || exit 1
echo "p -> p"
-$cmd -in p7d-f.p -inform p -outform p >p7d-ff.p3
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in p7d-f.p -inform p -outform p >p7d-ff.p3 || exit 1
-cmp p7d-f.p p7d-ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp p7d-f.p p7d-ff.p3
-if [ $? != 0 ]; then exit 1; fi
+cmp p7d-f.p p7d-ff.p1 || exit 1
+cmp p7d-f.p p7d-ff.p3 || exit 1
/bin/rm -f p7d-f.* p7d-ff.* p7d-fff.*
exit 0
diff --git a/test/treq b/test/treq
index 82decce..89f088c 100644
--- a/test/treq
+++ b/test/treq
@@ -18,40 +18,25 @@ echo testing req conversions
cp $t req-fff.p
echo "p -> d"
-$cmd -in req-fff.p -inform p -outform d >req-f.d
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in req-fff.p -inform p -outform d >req-f.d || exit 1
echo "p -> p"
-$cmd -in req-fff.p -inform p -outform p >req-f.p
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in req-fff.p -inform p -outform p >req-f.p || exit 1
echo "d -> d"
-$cmd -verify -in req-f.d -inform d -outform d >req-ff.d1
-if [ $? != 0 ]; then exit 1; fi
+$cmd -verify -in req-f.d -inform d -outform d >req-ff.d1 || exit 1
echo "p -> d"
-$cmd -verify -in req-f.p -inform p -outform d >req-ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
+$cmd -verify -in req-f.p -inform p -outform d >req-ff.d3 || exit 1
echo "d -> p"
-$cmd -in req-f.d -inform d -outform p >req-ff.p1
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in req-f.d -inform d -outform p >req-ff.p1 || exit 1
echo "p -> p"
-$cmd -in req-f.p -inform p -outform p >req-ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp req-fff.p req-f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp req-fff.p req-ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp req-fff.p req-ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp req-fff.p req-ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp req-f.p req-ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp req-f.p req-ff.p3
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in req-f.p -inform p -outform p >req-ff.p3 || exit 1
+
+cmp req-fff.p req-f.p || exit 1
+cmp req-fff.p req-ff.p1 || exit 1
+cmp req-fff.p req-ff.p3 || exit 1
+cmp req-f.p req-ff.p1 || exit 1
+cmp req-f.p req-ff.p3 || exit 1
/bin/rm -f req-f.* req-ff.* req-fff.*
exit 0
diff --git a/test/tsid b/test/tsid
index c804383..a5c1c73 100644
--- a/test/tsid
+++ b/test/tsid
@@ -13,67 +13,25 @@ echo testing session-id conversions
cp $t sid-fff.p
echo "p -> d"
-$cmd -in sid-fff.p -inform p -outform d >sid-f.d
-if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in sid-fff.p -inform p -outform t >sid-f.t
-#if [ $? != 0 ]; then exit 1; fi
+$cmd -in sid-fff.p -inform p -outform d >sid-f.d || exit 1
echo "p -> p"
-$cmd -in sid-fff.p -inform p -outform p >sid-f.p
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in sid-fff.p -inform p -outform p >sid-f.p || exit 1
echo "d -> d"
-$cmd -in sid-f.d -inform d -outform d >sid-ff.d1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> d"
-#$cmd -in sid-f.t -inform t -outform d >sid-ff.d2
-#if [ $? != 0 ]; then exit 1; fi
+$cmd -in sid-f.d -inform d -outform d >sid-ff.d1 || exit 1
echo "p -> d"
-$cmd -in sid-f.p -inform p -outform d >sid-ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-#echo "d -> t"
-#$cmd -in sid-f.d -inform d -outform t >sid-ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#echo "t -> t"
-#$cmd -in sid-f.t -inform t -outform t >sid-ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in sid-f.p -inform p -outform t >sid-ff.t3
-#if [ $? != 0 ]; then exit 1; fi
+$cmd -in sid-f.p -inform p -outform d >sid-ff.d3 || exit 1
echo "d -> p"
-$cmd -in sid-f.d -inform d -outform p >sid-ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> p"
-#$cmd -in sid-f.t -inform t -outform p >sid-ff.p2
-#if [ $? != 0 ]; then exit 1; fi
+$cmd -in sid-f.d -inform d -outform p >sid-ff.p1 || exit 1
echo "p -> p"
-$cmd -in sid-f.p -inform p -outform p >sid-ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp sid-fff.p sid-f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp sid-fff.p sid-ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp sid-fff.p sid-ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp sid-fff.p sid-ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-#cmp sid-f.t sid-ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#cmp sid-f.t sid-ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#cmp sid-f.t sid-ff.t3
-#if [ $? != 0 ]; then exit 1; fi
+$cmd -in sid-f.p -inform p -outform p >sid-ff.p3 || exit 1
-cmp sid-f.p sid-ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp sid-f.p sid-ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp sid-f.p sid-ff.p3
-if [ $? != 0 ]; then exit 1; fi
+cmp sid-fff.p sid-f.p || exit 1
+cmp sid-fff.p sid-ff.p1 || exit 1
+cmp sid-fff.p sid-ff.p3 || exit 1
+cmp sid-f.p sid-ff.p1 || exit 1
+cmp sid-f.p sid-ff.p3 || exit 1
/bin/rm -f sid-f.* sid-ff.* sid-fff.*
exit 0
diff --git a/test/tx509 b/test/tx509
index 4e9c0a5..f4774c0 100644
--- a/test/tx509
+++ b/test/tx509
@@ -13,67 +13,44 @@ echo testing X509 conversions
cp $t x509-fff.p
echo "p -> d"
-$cmd -in x509-fff.p -inform p -outform d >x509-f.d
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in x509-fff.p -inform p -outform d >x509-f.d || exit 1
echo "p -> n"
-$cmd -in x509-fff.p -inform p -outform n >x509-f.n
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in x509-fff.p -inform p -outform n >x509-f.n || exit 1
echo "p -> p"
-$cmd -in x509-fff.p -inform p -outform p >x509-f.p
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in x509-fff.p -inform p -outform p >x509-f.p || exit 1
echo "d -> d"
-$cmd -in x509-f.d -inform d -outform d >x509-ff.d1
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in x509-f.d -inform d -outform d >x509-ff.d1 || exit 1
echo "n -> d"
-$cmd -in x509-f.n -inform n -outform d >x509-ff.d2
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in x509-f.n -inform n -outform d >x509-ff.d2 || exit 1
echo "p -> d"
-$cmd -in x509-f.p -inform p -outform d >x509-ff.d3
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in x509-f.p -inform p -outform d >x509-ff.d3 || exit 1
echo "d -> n"
-$cmd -in x509-f.d -inform d -outform n >x509-ff.n1
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in x509-f.d -inform d -outform n >x509-ff.n1 || exit 1
echo "n -> n"
-$cmd -in x509-f.n -inform n -outform n >x509-ff.n2
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in x509-f.n -inform n -outform n >x509-ff.n2 || exit 1
echo "p -> n"
-$cmd -in x509-f.p -inform p -outform n >x509-ff.n3
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in x509-f.p -inform p -outform n >x509-ff.n3 || exit 1
echo "d -> p"
-$cmd -in x509-f.d -inform d -outform p >x509-ff.p1
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in x509-f.d -inform d -outform p >x509-ff.p1 || exit 1
echo "n -> p"
-$cmd -in x509-f.n -inform n -outform p >x509-ff.p2
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in x509-f.n -inform n -outform p >x509-ff.p2 || exit 1
echo "p -> p"
-$cmd -in x509-f.p -inform p -outform p >x509-ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp x509-fff.p x509-f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp x509-fff.p x509-ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp x509-fff.p x509-ff.p2
-if [ $? != 0 ]; then exit 1; fi
-cmp x509-fff.p x509-ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp x509-f.n x509-ff.n1
-if [ $? != 0 ]; then exit 1; fi
-cmp x509-f.n x509-ff.n2
-if [ $? != 0 ]; then exit 1; fi
-cmp x509-f.n x509-ff.n3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp x509-f.p x509-ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp x509-f.p x509-ff.p2
-if [ $? != 0 ]; then exit 1; fi
-cmp x509-f.p x509-ff.p3
-if [ $? != 0 ]; then exit 1; fi
+$cmd -in x509-f.p -inform p -outform p >x509-ff.p3 || exit 1
+
+cmp x509-fff.p x509-f.p || exit 1
+cmp x509-fff.p x509-ff.p1 || exit 1
+cmp x509-fff.p x509-ff.p2 || exit 1
+cmp x509-fff.p x509-ff.p3 || exit 1
+
+cmp x509-f.n x509-ff.n1 || exit 1
+cmp x509-f.n x509-ff.n2 || exit 1
+cmp x509-f.n x509-ff.n3 || exit 1
+cmp x509-f.p x509-ff.p1 || exit 1
+cmp x509-f.p x509-ff.p2 || exit 1
+cmp x509-f.p x509-ff.p3 || exit 1
/bin/rm -f x509-f.* x509-ff.* x509-fff.*
exit 0
More information about the openssl-commits
mailing list