diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-06-23 16:54:03 +0000 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-06-23 16:54:03 +0000 |
commit | 6c4eac569e9b6b332e192e7f37a778e77494496b (patch) | |
tree | db820eec9a645fccdcd2ddfbdecdb9e82a31edfc /tests/cert-tests/pkcs7 | |
parent | 21df83a28d323768ddd9659a47509f04b64ce7fa (diff) | |
parent | f75559023250c5beabaa49e51cd7b49cadfc5559 (diff) | |
download | gnutls-6c4eac569e9b6b332e192e7f37a778e77494496b.tar.gz |
Merge branch 'gost-no-tls' into 'master'
GOST certificates/PKCS#7/PKCS#12 support
See merge request gnutls/gnutls!654
Diffstat (limited to 'tests/cert-tests/pkcs7')
-rwxr-xr-x | tests/cert-tests/pkcs7 | 30 |
1 files changed, 29 insertions, 1 deletions
diff --git a/tests/cert-tests/pkcs7 b/tests/cert-tests/pkcs7 index 9f6d59b0c1..c9ce1e4d27 100755 --- a/tests/cert-tests/pkcs7 +++ b/tests/cert-tests/pkcs7 @@ -39,7 +39,14 @@ OUTFILE2=out2-pkcs7.$$.tmp check_for_datefudge -for FILE in single-ca.p7b full.p7b openssl.p7b openssl-keyid.p7b; do +if test "${ENABLE_GOST}" = "1" && test "${GNUTLS_FORCE_FIPS_MODE}" != "1" +then + GOST_P7B="rfc4490.p7b" +else + GOST_P7B="" +fi + +for FILE in single-ca.p7b full.p7b openssl.p7b openssl-keyid.p7b $GOST_P7B; do ${VALGRIND} "${CERTTOOL}" --inder --p7-info --infile "${srcdir}/data/${FILE}"|grep -v "Signing time" >"${OUTFILE}" rc=$? @@ -283,6 +290,27 @@ if test "${rc}" != "0"; then exit ${rc} fi +if test "x$ENABLE_GOST" = "x1" && test "x${GNUTLS_FORCE_FIPS_MODE}" != "x1" +then + FILE="gost01-signing" + ${VALGRIND} "${CERTTOOL}" --p7-sign --load-privkey "${srcdir}/../../doc/credentials/x509/key-gost01.pem" --load-certificate "${srcdir}/../../doc/credentials/x509/cert-gost01.pem" --infile "${srcdir}/data/pkcs7-detached.txt" >"${OUTFILE}" + rc=$? + + if test "${rc}" != "0"; then + echo "${FILE}: PKCS7 struct signing failed" + exit ${rc} + fi + + FILE="gost01-signing-verify" + ${VALGRIND} "${CERTTOOL}" --p7-verify --load-certificate "${srcdir}/../../doc/credentials/x509/cert-gost01.pem" <"${OUTFILE}" + rc=$? + + if test "${rc}" != "0"; then + echo "${FILE}: PKCS7 struct signing failed verification" + exit ${rc} + fi +fi + rm -f "${OUTFILE}" rm -f "${OUTFILE2}" |