diff options
author | Dmitry Baryshkov <dbaryshkov@gmail.com> | 2020-05-17 01:22:01 +0300 |
---|---|---|
committer | Dmitry Baryshkov <dmitry.baryshkov@linaro.org> | 2022-09-11 17:54:58 +0300 |
commit | e03f293fa88f71062f039106d72aec6f4e67fe25 (patch) | |
tree | 52e566686a53d6fd9013c570a86bb9f23b0d051e /tests/cert-tests/cmstool.sh | |
parent | 7d745de8e1e1e80514bbcc973eec35a1c483d22e (diff) | |
download | gnutls-e03f293fa88f71062f039106d72aec6f4e67fe25.tar.gz |
pkcs7: add support for DigestedData CMS files
Add support for creating and verifying DigestedData CMS files.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
Diffstat (limited to 'tests/cert-tests/cmstool.sh')
-rwxr-xr-x | tests/cert-tests/cmstool.sh | 34 |
1 files changed, 32 insertions, 2 deletions
diff --git a/tests/cert-tests/cmstool.sh b/tests/cert-tests/cmstool.sh index 5463d9a374..eeaf38d7d0 100755 --- a/tests/cert-tests/cmstool.sh +++ b/tests/cert-tests/cmstool.sh @@ -42,12 +42,12 @@ skip_if_no_datefudge if test "${ENABLE_GOST}" = "1" && test "${GNUTLS_FORCE_FIPS_MODE}" != "1" then - GOST_P7B="rfc4490.p7b" + GOST_P7B="rfc4490.p7b pkcs7-streebog256.der" else GOST_P7B="" fi -for FILE in single-ca.p7b full.p7b openssl.p7b openssl-keyid.p7b rfc4134-3.1.der rfc4134-3.2.der $GOST_P7B; do +for FILE in single-ca.p7b full.p7b openssl.p7b openssl-keyid.p7b rfc4134-3.1.der rfc4134-3.2.der pkcs7-sha1.der $GOST_P7B; do ${VALGRIND} "${CMSTOOL}" --inder --info --infile "${srcdir}/data/${FILE}"|grep -v "Signing time" >"${OUTFILE}" rc=$? @@ -336,6 +336,36 @@ then fi fi +# Test digest +FILE="digest" +${VALGRIND} "${CMSTOOL}" --digest --infile "${srcdir}/data/pkcs7-detached.txt" --hash sha512 >"${OUTFILE}" +rc=$? + +if test "${rc}" != "0"; then + echo "${FILE}: PKCS7 struct digest failed" + exit ${rc} +fi + +FILE="digest-verify" +${VALGRIND} "${CMSTOOL}" --verify-digest <"${OUTFILE}" +rc=$? + +if test "${rc}" != "0"; then + echo "${FILE}: PKCS7 struct digest failed verification" + exit ${rc} +fi + +#check extraction of embedded data in digest +FILE="digest-verify-data" +${VALGRIND} "${CMSTOOL}" --verify-digest --show-data --outfile "${OUTFILE2}" <"${OUTFILE}" +rc=$? + +if test "${rc}" != "0"; then + echo "${FILE}: PKCS7 struct signing failed verification with data" + exit ${rc} +fi + + rm -f "${OUTFILE}" rm -f "${OUTFILE2}" rm -f "${TMPFILE}" |