Etusivu Tutki Apua
Kirjaudu sisään
SoftwareDesign
/
csu3_am335x
8
0
Fork 0
Tiedostot Ongelmat 0 Pull-pyynnöt 0 Wiki
Puu: 52bd49a6d4
Haarat Tagit
csu3_am335x
/
EVSE
/
GPL
/
tpm2-tools-5.1
/
test
/
integration
/
tests
/
X509certutil.sh

X509certutil.sh 1.9 KB
Historia Raaka

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465 
  1. # SPDX-License-Identifier: BSD-3-Clause
    2. 

  2. 

  3. source helpers.sh
    4. 

  4. 

  5. # We don't need a TPM for this test, so unset the EXIT handler.
    6. 

  6. trap - EXIT
    7. 

  7. 

  8. outfile="test.cert"
    9. 

  9. daysvalid=10
    10. 

  10. fail=0
    11. 

  11. 

  12. # Generate a new cert and parse it with openssl
    13. 

  13. tpm2 certifyX509certutil -o $outfile -d $daysvalid
    14. 

  14. openssl asn1parse -in $outfile -inform DER
    15. 

  15. if [ $? -ne 0 ]; then
    16. 

  16.     rm $outfile
    17. 

  17. 	exit 1
    18. 

  18. fi
    19. 

  19. rm $outfile
    20. 

  20. 

  21. # Use valid issuer and subjec options
    22. 

  22. tpm2 certifyX509certutil -o $outfile -d $daysvalid -i "C=US;CN=cname;O=My Org;OU=Org Unit" -s "C=US;CN=cname;O=Sub Org;OU=Org Unit"
    23. 

  23. openssl asn1parse -in $outfile -inform DER | grep "cname"
    24. 

  24. if [ $? -ne 0 ]; then
    25. 

  25.     rm $outfile
    26. 

  26. 	exit 1
    27. 

  27. fi
    28. 

  28. rm $outfile
    29. 

  29. 

  30. # Use invalid issuer and subjec options - defaults should be used
    31. 

  31. tpm2 certifyX509certutil -o $outfile -i "C=USA;CN=12345678901234567890;O=12345678901234567890;OU=12345678901234567890" -s "C=USA;CN=12345678901234567890;O=1234567890;OU=1234567890"
    32. 

  32. openssl asn1parse -in $outfile -inform DER | grep "CA Org"
    33. 

  33. if [ $? -ne 0 ]; then
    34. 

  34.     rm $outfile
    35. 

  35. 	exit 1
    36. 

  36. fi
    37. 

  37. rm $outfile
    38. 

  38. 

  39. # Use unsupported fields for issuer and subjec options - defaults should be used
    40. 

  40. tpm2 certifyX509certutil -o $outfile -i "B=USA;CN=12345678901234567890;X=12345678901234567890;YXZ=12345678901234567890;O=XXXXXXXX;CN=1234567890;" -s "ABC=USA;CNN=12345678901234567890;CCCCCC=1234567890;@#$=1234567890;O=XXXXXXXX;CN=1234567890;"
    41. 

  41. openssl asn1parse -in $outfile -inform DER | grep "default"
    42. 

  42. if [ $? -ne 0 ]; then
    43. 

  43.    # rm $outfile
    44. 

  44. 	exit 1
    45. 

  45. fi
    46. 

  46. rm $outfile
    47. 

  47. 

  48. # Negative tests
    49. 

  49. # generate cert in non-existing path
    50. 

  50. if tpm2 certifyX509certutil -o /non/existing/path/$outfile &>/dev/null; then
    51. 

  51.     echo "Expected \"$cmd\" to fail."
    52. 

  52.     exit 1
    53. 

  53. else
    54. 

  54.     true
    55. 

  55. fi
    56. 

  56. 

  57. # Use only invalid fields for issuer - should fail
    58. 

  58. if tpm2 certifyX509certutil -i "B=USA;Y=12345678901234567890;X=12345678901234567890;YXZ=12345678901234567890" &> /dev/null; then
    59. 

  59.     echo "Expected \"$cmd\" to fail."
    60. 

  60.     exit 1
    61. 

  61. else
    62. 

  62.     true
    63. 

  63. fi
    64. 

  64. 

  65. exit "$fail"
    66.