[openssl-commits] [openssl] master update

Rich Salz rsalz at openssl.org
Sat Sep 5 22:05:24 UTC 2015


The branch master has been updated
       via  fda23e2d93761736b880cdfd7eb393cc623d9b7a (commit)
      from  ca4a494cb7437a7af155361b0084de8329c0bf25 (commit)


- Log -----------------------------------------------------------------
commit fda23e2d93761736b880cdfd7eb393cc623d9b7a
Author: Rich Salz <rsalz at akamai.com>
Date:   Wed Jun 10 18:53:31 2015 -0400

    Cleanup testtsa script
    
    Add RUN function; remove single-use functions and use their body inline.
    
    Reviewed-by: Tim Hudson <tjh at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 test/testtsa | 129 ++++++++++++++++++-----------------------------------------
 1 file changed, 40 insertions(+), 89 deletions(-)

diff --git a/test/testtsa b/test/testtsa
index df9abed..fc68ff9 100644
--- a/test/testtsa
+++ b/test/testtsa
@@ -21,32 +21,16 @@ export SSLEAY_CONFIG
 OPENSSL="`pwd`/../util/opensslwrap.sh"
 export OPENSSL
 
-setup_dir () {
-    rm -rf tsa 2>/dev/null
-    mkdir tsa
-    cd ./tsa
-}
-
-clean_up_dir () {
-    cd ..
-    rm -rf tsa
-}
-
-create_ca () {
-    echo creating a new CA for the TSA tests
-    TSDNSECT=ts_ca_dn
-    export TSDNSECT   
-    ../../util/shlib_wrap.sh ../../apps/openssl req -new -x509 -nodes \
-	-out tsaca.pem -keyout tsacakey.pem || exit 1
+RUN () {
+    ../../util/shlib_wrap.sh ../../apps/openssl ts $*
 }
 
 create_tsa_cert () {
-
     INDEX=$1
     export INDEX
     EXT=$2
     TSDNSECT=ts_cert_dn
-    export TSDNSECT   
+    export TSDNSECT
 
     ../../util/shlib_wrap.sh ../../apps/openssl req -new \
 	-out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem || exit 1
@@ -57,70 +41,19 @@ create_tsa_cert () {
 	-extfile $OPENSSL_CONF -extensions $EXT || exit 1
 }
 
-print_request () {
-
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -query -in $1 -text
-}
-
-create_time_stamp_request1 () {
-
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy1 -cert -out req1.tsq || exit 1
-}
-
-create_time_stamp_request2 () {
-
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy2 -no_nonce \
-	-out req2.tsq || exit 1
-}
-
-create_time_stamp_request3 () {
-
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../CAtsa.cnf -no_nonce -out req3.tsq || exit 1
-}
-
-print_response () {
-
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $1 -text || exit 1
-}
-
 create_time_stamp_response () {
-
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -section $3 -queryfile $1 -out $2 || exit 1
-}
-
-time_stamp_response_token_test () {
-
-    RESPONSE2=$2.copy.tsr
-    TOKEN_DER=$2.token.der
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $TOKEN_DER -token_out || exit 1
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -out $RESPONSE2 || exit 1
-    cmp $RESPONSE2 $2 || exit 1
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -text -token_out || exit 1
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -text -token_out || exit 1
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -queryfile $1 -text -token_out || exit 1
+    RUN -reply -section $3 -queryfile $1 -out $2 || exit 1
 }
 
 verify_time_stamp_response () {
-
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \
+    RUN -verify -queryfile $1 -in $2 -CAfile tsaca.pem \
 	-untrusted tsa_cert1.pem || exit 1
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2 -CAfile tsaca.pem \
+    RUN -verify -data $3 -in $2 -CAfile tsaca.pem \
 	-untrusted tsa_cert1.pem || exit 1
 }
 
-verify_time_stamp_token () {
-
-    # create the token from the response first
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $2.token -token_out || exit 1
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2.token -token_in \
-	-CAfile tsaca.pem -untrusted tsa_cert1.pem || exit 1
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2.token -token_in \
-	-CAfile tsaca.pem -untrusted tsa_cert1.pem || exit 1
-}
-
 verify_time_stamp_response_fail () {
-
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \
+    RUN -verify -queryfile $1 -in $2 -CAfile tsaca.pem \
 	-untrusted tsa_cert1.pem && exit 1
     echo ok
 }
@@ -128,10 +61,15 @@ verify_time_stamp_response_fail () {
 # main functions
 
 echo setting up TSA test directory
-setup_dir
-
-echo creating CA for TSA tests
-create_ca
+rm -rf tsa 2>/dev/null
+mkdir tsa
+cd ./tsa
+
+echo creating a new CA for the TSA tests
+TSDNSECT=ts_ca_dn
+export TSDNSECT
+../../util/shlib_wrap.sh ../../apps/openssl req -new -x509 -nodes \
+	-out tsaca.pem -keyout tsacakey.pem || exit 1
 
 echo creating tsa_cert1.pem TSA server cert
 create_tsa_cert 1 tsa_cert
@@ -140,37 +78,49 @@ echo creating tsa_cert2.pem non-TSA server cert
 create_tsa_cert 2 non_tsa_cert
 
 echo creating req1.req time stamp request for file testtsa
-create_time_stamp_request1
+RUN -query -data ../testtsa -policy tsa_policy1 -cert -out req1.tsq || exit 1
 
 echo printing req1.req
-print_request req1.tsq
+RUN -query -in req1.tsq -text
 
 echo generating valid response for req1.req
 create_time_stamp_response req1.tsq resp1.tsr tsa_config1
 
 echo printing response
-print_response resp1.tsr
+RUN -reply -in resp1.tsr -text || exit 1
 
 echo verifying valid response
 verify_time_stamp_response req1.tsq resp1.tsr ../testtsa
 
 echo verifying valid token
-verify_time_stamp_token req1.tsq resp1.tsr ../testtsa
+RUN -reply -in resp1.tsr -out resp1.tsr.token -token_out || exit 1
+RUN -verify -queryfile req1.tsq -in resp1.tsr.token -token_in \
+    -CAfile tsaca.pem -untrusted tsa_cert1.pem || exit 1
+RUN -verify -data ../testtsa -in resp1.tsr.token -token_in \
+    -CAfile tsaca.pem -untrusted tsa_cert1.pem || exit 1
 
 echo creating req2.req time stamp request for file testtsa
-create_time_stamp_request2
+RUN -query -data ../testtsa -policy tsa_policy2 -no_nonce \
+    -out req2.tsq || exit 1
 
 echo printing req2.req
-print_request req2.tsq
+RUN -query -in req2.tsq -text
 
 echo generating valid response for req2.req
 create_time_stamp_response req2.tsq resp2.tsr tsa_config1
 
 echo checking -token_in and -token_out options with -reply
-time_stamp_response_token_test req2.tsq resp2.tsr
+RESPONSE2=resp2.tsr.copy.tsr
+TOKEN_DER=resp2.tsr.token.der
+RUN -reply -in resp2.tsr -out $TOKEN_DER -token_out || exit 1
+RUN -reply -in $TOKEN_DER -token_in -out $RESPONSE2 || exit 1
+cmp $RESPONSE2 resp2.tsr || exit 1
+RUN -reply -in resp2.tsr -text -token_out || exit 1
+RUN -reply -in $TOKEN_DER -token_in -text -token_out || exit 1
+RUN -reply -queryfile req2.tsq -text -token_out || exit 1
 
 echo printing response
-print_response resp2.tsr
+RUN -reply -in resp2.tsr -text || exit 1
 
 echo verifying valid response
 verify_time_stamp_response req2.tsq resp2.tsr ../testtsa
@@ -182,15 +132,16 @@ echo verifying response against wrong request, it should fail
 verify_time_stamp_response_fail req2.tsq resp1.tsr
 
 echo creating req3.req time stamp request for file CAtsa.cnf
-create_time_stamp_request3
+RUN -query -data ../CAtsa.cnf -no_nonce -out req3.tsq || exit 1
 
 echo printing req3.req
-print_request req3.tsq
+RUN -query -in req3.tsq -text
 
 echo verifying response against wrong request, it should fail
 verify_time_stamp_response_fail req3.tsq resp1.tsr
 
 echo cleaning up
-clean_up_dir
+cd ..
+rm -rf tsa
 
 exit 0


More information about the openssl-commits mailing list