diff options
| author | wtchang%redhat.com <devnull@localhost> | 2007-03-13 01:27:12 +0000 |
|---|---|---|
| committer | wtchang%redhat.com <devnull@localhost> | 2007-03-13 01:27:12 +0000 |
| commit | 00ff216f30602607c42c7fcadc02b406bd0b10ce (patch) | |
| tree | 795c2c54ebd2e839ae74fe191fa21ddbc2ba9897 /security/nss/tests | |
| parent | af27a48fa0cbc9f4c09fef0a2d1876b78d175515 (diff) | |
| download | nss-hg-00ff216f30602607c42c7fcadc02b406bd0b10ce.tar.gz | |
Bugzilla bug 358785: landed libpkix test scripts and data on the trunk.
Diffstat (limited to 'security/nss/tests')
168 files changed, 2606 insertions, 0 deletions
diff --git a/security/nss/tests/libpkix/certs/CertificatePoliciesCritical.crt b/security/nss/tests/libpkix/certs/CertificatePoliciesCritical.crt Binary files differnew file mode 100755 index 000000000..efc2f2cd5 --- /dev/null +++ b/security/nss/tests/libpkix/certs/CertificatePoliciesCritical.crt diff --git a/security/nss/tests/libpkix/certs/anchor2dsa b/security/nss/tests/libpkix/certs/anchor2dsa Binary files differnew file mode 100755 index 000000000..a1f9e05f6 --- /dev/null +++ b/security/nss/tests/libpkix/certs/anchor2dsa diff --git a/security/nss/tests/libpkix/certs/crldiff.crl b/security/nss/tests/libpkix/certs/crldiff.crl Binary files differnew file mode 100755 index 000000000..d076ef89f --- /dev/null +++ b/security/nss/tests/libpkix/certs/crldiff.crl diff --git a/security/nss/tests/libpkix/certs/crlgood.crl b/security/nss/tests/libpkix/certs/crlgood.crl Binary files differnew file mode 100755 index 000000000..1ad019ed1 --- /dev/null +++ b/security/nss/tests/libpkix/certs/crlgood.crl diff --git a/security/nss/tests/libpkix/certs/extKeyUsage/codeSigningEKUCert b/security/nss/tests/libpkix/certs/extKeyUsage/codeSigningEKUCert Binary files differnew file mode 100755 index 000000000..a1afd6a2d --- /dev/null +++ b/security/nss/tests/libpkix/certs/extKeyUsage/codeSigningEKUCert diff --git a/security/nss/tests/libpkix/certs/extKeyUsage/multiEKUCert b/security/nss/tests/libpkix/certs/extKeyUsage/multiEKUCert Binary files differnew file mode 100755 index 000000000..55568917c --- /dev/null +++ b/security/nss/tests/libpkix/certs/extKeyUsage/multiEKUCert diff --git a/security/nss/tests/libpkix/certs/extKeyUsage/noEKUCert b/security/nss/tests/libpkix/certs/extKeyUsage/noEKUCert Binary files differnew file mode 100755 index 000000000..f9c83dc95 --- /dev/null +++ b/security/nss/tests/libpkix/certs/extKeyUsage/noEKUCert diff --git a/security/nss/tests/libpkix/certs/generalName/altNameDnCert b/security/nss/tests/libpkix/certs/generalName/altNameDnCert Binary files differnew file mode 100755 index 000000000..43dac7341 --- /dev/null +++ b/security/nss/tests/libpkix/certs/generalName/altNameDnCert diff --git a/security/nss/tests/libpkix/certs/generalName/altNameDnCert_diff b/security/nss/tests/libpkix/certs/generalName/altNameDnCert_diff Binary files differnew file mode 100755 index 000000000..04d133f74 --- /dev/null +++ b/security/nss/tests/libpkix/certs/generalName/altNameDnCert_diff diff --git a/security/nss/tests/libpkix/certs/generalName/altNameDnsCert b/security/nss/tests/libpkix/certs/generalName/altNameDnsCert Binary files differnew file mode 100755 index 000000000..63754141a --- /dev/null +++ b/security/nss/tests/libpkix/certs/generalName/altNameDnsCert diff --git a/security/nss/tests/libpkix/certs/generalName/altNameDnsCert_diff b/security/nss/tests/libpkix/certs/generalName/altNameDnsCert_diff Binary files differnew file mode 100755 index 000000000..4fe947e73 --- /dev/null +++ b/security/nss/tests/libpkix/certs/generalName/altNameDnsCert_diff diff --git a/security/nss/tests/libpkix/certs/generalName/altNameEdiCert b/security/nss/tests/libpkix/certs/generalName/altNameEdiCert Binary files differnew file mode 100755 index 000000000..95ec20423 --- /dev/null +++ b/security/nss/tests/libpkix/certs/generalName/altNameEdiCert diff --git a/security/nss/tests/libpkix/certs/generalName/altNameEdiCert_diff b/security/nss/tests/libpkix/certs/generalName/altNameEdiCert_diff Binary files differnew file mode 100755 index 000000000..50e5440d9 --- /dev/null +++ b/security/nss/tests/libpkix/certs/generalName/altNameEdiCert_diff diff --git a/security/nss/tests/libpkix/certs/generalName/altNameIpCert b/security/nss/tests/libpkix/certs/generalName/altNameIpCert Binary files differnew file mode 100755 index 000000000..5f0e528a1 --- /dev/null +++ b/security/nss/tests/libpkix/certs/generalName/altNameIpCert diff --git a/security/nss/tests/libpkix/certs/generalName/altNameIpCert_diff b/security/nss/tests/libpkix/certs/generalName/altNameIpCert_diff Binary files differnew file mode 100755 index 000000000..2407be54f --- /dev/null +++ b/security/nss/tests/libpkix/certs/generalName/altNameIpCert_diff diff --git a/security/nss/tests/libpkix/certs/generalName/altNameNoneCert b/security/nss/tests/libpkix/certs/generalName/altNameNoneCert Binary files differnew file mode 100755 index 000000000..f9c83dc95 --- /dev/null +++ b/security/nss/tests/libpkix/certs/generalName/altNameNoneCert diff --git a/security/nss/tests/libpkix/certs/generalName/altNameOidCert b/security/nss/tests/libpkix/certs/generalName/altNameOidCert Binary files differnew file mode 100755 index 000000000..fa92c9ecd --- /dev/null +++ b/security/nss/tests/libpkix/certs/generalName/altNameOidCert diff --git a/security/nss/tests/libpkix/certs/generalName/altNameOidCert_diff b/security/nss/tests/libpkix/certs/generalName/altNameOidCert_diff Binary files differnew file mode 100755 index 000000000..635e4d143 --- /dev/null +++ b/security/nss/tests/libpkix/certs/generalName/altNameOidCert_diff diff --git a/security/nss/tests/libpkix/certs/generalName/altNameOtherCert b/security/nss/tests/libpkix/certs/generalName/altNameOtherCert Binary files differnew file mode 100755 index 000000000..bdfc7cb6a --- /dev/null +++ b/security/nss/tests/libpkix/certs/generalName/altNameOtherCert diff --git a/security/nss/tests/libpkix/certs/generalName/altNameOtherCert_diff b/security/nss/tests/libpkix/certs/generalName/altNameOtherCert_diff Binary files differnew file mode 100755 index 000000000..bfc8a7973 --- /dev/null +++ b/security/nss/tests/libpkix/certs/generalName/altNameOtherCert_diff diff --git a/security/nss/tests/libpkix/certs/generalName/altNameRfc822Cert b/security/nss/tests/libpkix/certs/generalName/altNameRfc822Cert Binary files differnew file mode 100755 index 000000000..9ad3271ab --- /dev/null +++ b/security/nss/tests/libpkix/certs/generalName/altNameRfc822Cert diff --git a/security/nss/tests/libpkix/certs/generalName/altNameRfc822Cert_diff b/security/nss/tests/libpkix/certs/generalName/altNameRfc822Cert_diff Binary files differnew file mode 100755 index 000000000..b8e5b2e70 --- /dev/null +++ b/security/nss/tests/libpkix/certs/generalName/altNameRfc822Cert_diff diff --git a/security/nss/tests/libpkix/certs/generalName/altNameRfc822DnsCert b/security/nss/tests/libpkix/certs/generalName/altNameRfc822DnsCert Binary files differnew file mode 100755 index 000000000..89be1811d --- /dev/null +++ b/security/nss/tests/libpkix/certs/generalName/altNameRfc822DnsCert diff --git a/security/nss/tests/libpkix/certs/generalName/altNameUriCert b/security/nss/tests/libpkix/certs/generalName/altNameUriCert Binary files differnew file mode 100755 index 000000000..1f46e79f0 --- /dev/null +++ b/security/nss/tests/libpkix/certs/generalName/altNameUriCert diff --git a/security/nss/tests/libpkix/certs/generalName/altNameUriCert_diff b/security/nss/tests/libpkix/certs/generalName/altNameUriCert_diff Binary files differnew file mode 100755 index 000000000..864e86fb5 --- /dev/null +++ b/security/nss/tests/libpkix/certs/generalName/altNameUriCert_diff diff --git a/security/nss/tests/libpkix/certs/generalName/altNameX400Cert b/security/nss/tests/libpkix/certs/generalName/altNameX400Cert Binary files differnew file mode 100755 index 000000000..b0d10cf32 --- /dev/null +++ b/security/nss/tests/libpkix/certs/generalName/altNameX400Cert diff --git a/security/nss/tests/libpkix/certs/generalName/altNameX400Cert_diff b/security/nss/tests/libpkix/certs/generalName/altNameX400Cert_diff Binary files differnew file mode 100755 index 000000000..652388847 --- /dev/null +++ b/security/nss/tests/libpkix/certs/generalName/altNameX400Cert_diff diff --git a/security/nss/tests/libpkix/certs/hanfeiyu2hanfeiyu b/security/nss/tests/libpkix/certs/hanfeiyu2hanfeiyu Binary files differnew file mode 100755 index 000000000..3f3452683 --- /dev/null +++ b/security/nss/tests/libpkix/certs/hanfeiyu2hanfeiyu diff --git a/security/nss/tests/libpkix/certs/hy2hc-bc b/security/nss/tests/libpkix/certs/hy2hc-bc Binary files differnew file mode 100755 index 000000000..691b8d982 --- /dev/null +++ b/security/nss/tests/libpkix/certs/hy2hc-bc diff --git a/security/nss/tests/libpkix/certs/hy2hy-bc0 b/security/nss/tests/libpkix/certs/hy2hy-bc0 Binary files differnew file mode 100755 index 000000000..18b5fe4a8 --- /dev/null +++ b/security/nss/tests/libpkix/certs/hy2hy-bc0 diff --git a/security/nss/tests/libpkix/certs/issuer-hanfei.crl b/security/nss/tests/libpkix/certs/issuer-hanfei.crl Binary files differnew file mode 100755 index 000000000..6c9f0dbaa --- /dev/null +++ b/security/nss/tests/libpkix/certs/issuer-hanfei.crl diff --git a/security/nss/tests/libpkix/certs/issuer-none.crl b/security/nss/tests/libpkix/certs/issuer-none.crl Binary files differnew file mode 100755 index 000000000..c1c83ba2c --- /dev/null +++ b/security/nss/tests/libpkix/certs/issuer-none.crl diff --git a/security/nss/tests/libpkix/certs/keyIdentifier/authKeyIDCert b/security/nss/tests/libpkix/certs/keyIdentifier/authKeyIDCert Binary files differnew file mode 100755 index 000000000..7eae4863e --- /dev/null +++ b/security/nss/tests/libpkix/certs/keyIdentifier/authKeyIDCert diff --git a/security/nss/tests/libpkix/certs/keyIdentifier/subjKeyIDCert b/security/nss/tests/libpkix/certs/keyIdentifier/subjKeyIDCert Binary files differnew file mode 100755 index 000000000..a1f9e05f6 --- /dev/null +++ b/security/nss/tests/libpkix/certs/keyIdentifier/subjKeyIDCert diff --git a/security/nss/tests/libpkix/certs/keyUsage/decipherOnlyCert b/security/nss/tests/libpkix/certs/keyUsage/decipherOnlyCert Binary files differnew file mode 100755 index 000000000..11a132d10 --- /dev/null +++ b/security/nss/tests/libpkix/certs/keyUsage/decipherOnlyCert diff --git a/security/nss/tests/libpkix/certs/keyUsage/encipherOnlyCert b/security/nss/tests/libpkix/certs/keyUsage/encipherOnlyCert Binary files differnew file mode 100755 index 000000000..9b9377119 --- /dev/null +++ b/security/nss/tests/libpkix/certs/keyUsage/encipherOnlyCert diff --git a/security/nss/tests/libpkix/certs/keyUsage/multiKeyUsagesCert b/security/nss/tests/libpkix/certs/keyUsage/multiKeyUsagesCert Binary files differnew file mode 100755 index 000000000..f9c83dc95 --- /dev/null +++ b/security/nss/tests/libpkix/certs/keyUsage/multiKeyUsagesCert diff --git a/security/nss/tests/libpkix/certs/keyUsage/noKeyUsagesCert b/security/nss/tests/libpkix/certs/keyUsage/noKeyUsagesCert Binary files differnew file mode 100755 index 000000000..c58d9a2aa --- /dev/null +++ b/security/nss/tests/libpkix/certs/keyUsage/noKeyUsagesCert diff --git a/security/nss/tests/libpkix/certs/noExtensionsCert b/security/nss/tests/libpkix/certs/noExtensionsCert Binary files differnew file mode 100755 index 000000000..f3dc1c973 --- /dev/null +++ b/security/nss/tests/libpkix/certs/noExtensionsCert diff --git a/security/nss/tests/libpkix/certs/nss2alice b/security/nss/tests/libpkix/certs/nss2alice Binary files differnew file mode 100755 index 000000000..48172a5ed --- /dev/null +++ b/security/nss/tests/libpkix/certs/nss2alice diff --git a/security/nss/tests/libpkix/certs/publicKey/dsaWithParams b/security/nss/tests/libpkix/certs/publicKey/dsaWithParams Binary files differnew file mode 100755 index 000000000..a1f9e05f6 --- /dev/null +++ b/security/nss/tests/libpkix/certs/publicKey/dsaWithParams diff --git a/security/nss/tests/libpkix/certs/publicKey/dsaWithoutParams b/security/nss/tests/libpkix/certs/publicKey/dsaWithoutParams Binary files differnew file mode 100755 index 000000000..7eae4863e --- /dev/null +++ b/security/nss/tests/libpkix/certs/publicKey/dsaWithoutParams diff --git a/security/nss/tests/libpkix/certs/publicKey/labs2yassir b/security/nss/tests/libpkix/certs/publicKey/labs2yassir Binary files differnew file mode 100755 index 000000000..f5fe26115 --- /dev/null +++ b/security/nss/tests/libpkix/certs/publicKey/labs2yassir diff --git a/security/nss/tests/libpkix/certs/publicKey/yassir2labs b/security/nss/tests/libpkix/certs/publicKey/yassir2labs Binary files differnew file mode 100755 index 000000000..f94385403 --- /dev/null +++ b/security/nss/tests/libpkix/certs/publicKey/yassir2labs diff --git a/security/nss/tests/libpkix/certs/sun2sun b/security/nss/tests/libpkix/certs/sun2sun Binary files differnew file mode 100755 index 000000000..c75192be1 --- /dev/null +++ b/security/nss/tests/libpkix/certs/sun2sun diff --git a/security/nss/tests/libpkix/certs/yassir2bcn b/security/nss/tests/libpkix/certs/yassir2bcn Binary files differnew file mode 100755 index 000000000..f9c83dc95 --- /dev/null +++ b/security/nss/tests/libpkix/certs/yassir2bcn diff --git a/security/nss/tests/libpkix/certs/yassir2yassir b/security/nss/tests/libpkix/certs/yassir2yassir Binary files differnew file mode 100755 index 000000000..8444af5a3 --- /dev/null +++ b/security/nss/tests/libpkix/certs/yassir2yassir diff --git a/security/nss/tests/libpkix/common/libpkix_init.sh b/security/nss/tests/libpkix/common/libpkix_init.sh new file mode 100644 index 000000000..80ac8f955 --- /dev/null +++ b/security/nss/tests/libpkix/common/libpkix_init.sh @@ -0,0 +1,356 @@ +#!/bin/sh +# +# ***** BEGIN LICENSE BLOCK ***** +# Version: MPL 1.1/GPL 2.0/LGPL 2.1 +# +# The contents of this file are subject to the Mozilla Public License Version +# 1.1 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License +# for the specific language governing rights and limitations under the +# License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1994-2000 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the terms of +# either the GNU General Public License Version 2 or later (the "GPL"), or +# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), +# in which case the provisions of the GPL or the LGPL are applicable instead +# of those above. If you wish to allow use of your version of this file only +# under the terms of either the GPL or the LGPL, and not to allow others to +# use your version of this file under the terms of the MPL, indicate your +# decision by deleting the provisions above and replace them with the notice +# and other provisions required by the GPL or the LGPL. If you do not delete +# the provisions above, a recipient may use your version of this file under +# the terms of any one of the MPL, the GPL or the LGPL. +# +# ***** END LICENSE BLOCK ***** +# +# libpkix_init.sh +# + +### when the script is exiting, handle it in the Cleanup routine...the result +### value will get set to 0 if all the tests completed successfully, so we can +### use that value in the handler + +trap 'Cleanup' EXIT + +result=1 +checkmem=0 +arenas=0 +quiet=0 + +doNIST=1 +doNIST_PDTest=0 +doPD=0 +doTop=0 +doModule=0 +doPki=0 +doOCSP=0 +doOCSPTest=0 + +combinedErrors=0 +totalErrors=0 +prematureTermination=0 +errors=0 + +if [ -z "${INIT_SOURCED}" ] ; then + libpkixCommondir=`pwd` + cd ../../common + . ./init.sh > /dev/null + cd ${libpkixCommondir} +fi + +DIST_BIN=${DIST}/${OBJDIR}/bin + +### setup some defaults +WD=`pwd` +prog=`basename $0` +testOut=${HOSTDIR}/${prog}.$$ +testOutMem=${HOSTDIR}/${prog}_mem.$$ + +#################### +# cleanup from tests +#################### +Cleanup() +{ + if [ ${testOut} != "" ]; then + rm -f ${testOut} + fi + + if [ ${testOutMem} != "" ]; then + rm -f ${testOutMem} + fi + + if [ -d ../../nist_pkits/certs ]; then + rm -f ../../nist_pkits/certs + fi + + if [ ${doTop} -eq 1 ]; then + for i in ${linkMStoreNistFiles}; do + if [ -f ${HOSTDIR}/rev_data/multiple_certstores/$i ]; then + rm -f ${HOSTDIR}/rev_data/multiple_certstores/$i + fi + done + if [ -d ${HOSTDIR}/rev_data/multiple_certstores ]; then + rm -fr ${HOSTDIR}/rev_data/multiple_certstores + fi + fi + + if [ ${doModule} -eq 1 ]; then + for i in ${linkModuleNistFiles}; do + if [ -f ${HOSTDIR}/rev_data/local/$i ]; then + rm -f ${HOSTDIR}/rev_data/local/$i + fi + done + for i in ${localCRLFiles}; do + if [ -f ${HOSTDIR}/rev_data/local/$i ]; then + rm -f ${HOSTDIR}/rev_data/local/$i + fi + done + fi + + if [ ${doPki} -eq 1 ]; then + for i in ${linkPkiNistFiles}; do + if [ -f ${HOSTDIR}/rev_data/local/$i ]; then + rm -f ${HOSTDIR}/rev_data/local/$i + fi + done + fi + + return ${result} +} + +### ParseArgs +ParseArgs() # args +{ + while [ $# -gt 0 ]; do + if [ $1 = "-checkmem" ]; then + checkmem=1 + elif [ $1 = "-quiet" ]; then + quiet=1 + elif [ $1 = "-arenas" ]; then + arenas=1 + fi + shift + done +} + +Display() # string +{ + if [ ${quiet} -eq 0 ]; then + echo "$1" + fi +} + +testHeadingEcho() +{ + echo "*******************************************************************************" + echo "START OF TESTS FOR ${testunit}${memText}" + echo "*******************************************************************************" + echo "" +} + +testEndingEcho() +{ + if [ ${totalErrors} -eq 0 ]; then + echo "" + echo "************************************************************" + echo "END OF TESTS FOR ${testunit}: ALL TESTS COMPLETED SUCCESSFULLY" + echo "************************************************************" + echo "" + return 0 + fi + + if [ ${totalErrors} -eq 1 ]; then + plural="" + else + plural="S" + fi + + echo "" + echo "************************************************************" + echo "END OF TESTS FOR ${testunit}: ${totalErrors} TEST${plural} FAILED" + echo "************************************************************" + echo "" + return ${totalErrors} +} + +########### +# RunTests +########### +RunTests() +{ + errors=0 + memErrors=0 + prematureErrors=0 + + failedpgms="" + failedmempgms="" + failedprematurepgms="" + memText="" + arenaCmd="" + + if [ ${checkmem} -eq 1 ]; then + memText=" (Memory Checking Enabled)" + fi + + if [ ${arenas} -eq 1 ]; then + arenaCmd="-arenas" + fi + + # + # Announce start of tests + # + Display "*******************************************************************************" + Display "START OF TESTS FOR PKIX ${testunit} ${memText}" + Display "*******************************************************************************" + Display "" + + # run each test specified by the input redirection below + + while read testPgm args; do + + shortTestPurpose=`echo $args | awk '{print $1 " " $2 " "}'` + fullTestPurpose=${args} + if [ ${doTop} -eq 1 -o ${doModule} -eq 1 -o ${doPki} -eq 1 ]; then + testPurpose=${shortTestPurpose} + else + testPurpose=${fullTestPurpose} + fi + + # If we want shorter command printout for NIST tests, delete next line + testPurpose=${fullTestPurpose} + + # Skip OCSP tests if OCSP is not defined in the environment + if [ ${doOCSPTest} -eq 0 ]; then + hasOCSP=`echo ${args} | grep OCSP-Test` + if [ ! -z "${hasOCSP}" ]; then + Display "SKIPPING ${testPgm} ${testPurpose}" + continue + fi + fi + + if [ ${doNIST} -eq 0 ]; then + hasNIST=`echo ${args} | grep NIST-Test` + if [ ! -z "${hasNIST}" ]; then + Display "SKIPPING ${testPgm} ${testPurpose}" + continue + fi + fi + + # This "if" is not reached when doNIST is not set. The assumption + # is that NIST tests are basic, NIST Path Discovery tests are + # additional + if [ ${doNIST_PDTest} -eq 0 ]; then + hasNIST=`echo ${args} | grep NIST-PDTest` + if [ ! -z "${hasNIST}" ]; then + Display "SKIPPING ${testPgm} ${testPurpose}" + continue + fi + fi + + Display "RUNNING ${testPgm} ${arenaCmd} ${testPurpose}" + + numtests=`expr ${numtests} + 1` + + if [ ${checkmem} -eq 1 ]; then + dbx -C -c "runargs ${arenaCmd} ${args};check -all;run;exit" ${DIST_BIN}/${testPgm} > ${testOut} 2>&1 + else + ${DIST_BIN}/${testPgm} ${arenaCmd} ${args} > ${testOut} 2>&1 + fi + + # Examine output file to see if test failed and keep track of number + # of failures and names of failed tests. This assumes that the test + # uses our utility library for displaying information + + cat ${testOut} | tail -2 | grep "COMPLETED SUCCESSFULLY" >/dev/null 2>&1 + + if [ $? -ne 0 ]; then + testFail=1 + errors=`expr ${errors} + 1` + failedpgms="${failedpgms}\n${testPgm} ${testPurpose} " +# cat ${testOut} + else + testFail=0 + passed=`expr ${passed} + 1` + fi + cat ${testOut} + html_msg ${testFail} 0 "${testPgm} ${arenaCmd} ${shortTestPurpose}" + + if [ ${checkmem} -eq 1 ]; then + grep "(actual leaks:" ${testOut} > ${testOutMem} 2>&1 + if [ $? -ne 0 ]; then + prematureErrors=`expr ${prematureErrors} + 1` + failedprematurepgms="${failedprematurepgms}${testPgm} " + Display "...program terminated prematurely (unable to check for memory leak errors) ..." + else + #grep "(actual leaks: 0" ${testOut} > /dev/null 2>&1 + # special consideration for memory leak in NSS_NoDB_Init + grep "(actual leaks: 1 total size: 4 bytes)" ${testOut} > /dev/null 2>&1 + if [ $? -ne 0 ]; then + memErrors=`expr ${memErrors} + 1` + failedmempgms="${failedmempgms}${testPgm} " + cat ${testOutMem} + fi + fi + fi + + done + + if [ ${errors} -eq 0 ]; then + if [ ${memErrors} -eq 0 ]; then + Display "" + Display "************************************************************" + Display "END OF TESTS FOR PKIX ${testunit}: ALL TESTS COMPLETED SUCCESSFULLY" + Display "************************************************************" + Display "" + return 0 + fi + fi + + if [ ${errors} -eq 1 ]; then + plural="" + else + plural="S" + fi + + Display "" + Display "*******************************************************************************" + Display "END OF TESTS FOR PKIX ${testunit}: ${errors} UNIT TEST${plural} FAILED: ${failedpgms}" + Display "" + if [ ${checkmem} -eq 1 ]; then + if [ ${memErrors} -eq 1 ]; then + memPlural="" + else + memPlural="S" + fi + Display " ${memErrors} MEMORY LEAK TEST${memPlural} FAILED: ${failedmempgms}" + + if [ ${prematureErrors} -ne 0 ]; then + if [ ${prematureErrors} -eq 1 ]; then + prematurePlural="" + else + prematurePlural="S" + fi + Display " ${prematureErrors} MEMORY LEAK TEST${prematurePlural} INDETERMINATE: ${failedprematurepgms}" + fi + + fi + Display "*******************************************************************************" + Display "" + combinedErrors=`expr ${errors} + ${memErrors} + ${prematureErrors}` + + return ${combinedErrors} + +} diff --git a/security/nss/tests/libpkix/common/libpkix_init_nist.sh b/security/nss/tests/libpkix/common/libpkix_init_nist.sh new file mode 100644 index 000000000..71f7d0970 --- /dev/null +++ b/security/nss/tests/libpkix/common/libpkix_init_nist.sh @@ -0,0 +1,102 @@ +#!/bin/sh +# +# ***** BEGIN LICENSE BLOCK ***** +# Version: MPL 1.1/GPL 2.0/LGPL 2.1 +# +# The contents of this file are subject to the Mozilla Public License Version +# 1.1 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License +# for the specific language governing rights and limitations under the +# License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1994-2000 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the terms of +# either the GNU General Public License Version 2 or later (the "GPL"), or +# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), +# in which case the provisions of the GPL or the LGPL are applicable instead +# of those above. If you wish to allow use of your version of this file only +# under the terms of either the GPL or the LGPL, and not to allow others to +# use your version of this file under the terms of the MPL, indicate your +# decision by deleting the provisions above and replace them with the notice +# and other provisions required by the GPL or the LGPL. If you do not delete +# the provisions above, a recipient may use your version of this file under +# the terms of any one of the MPL, the GPL or the LGPL. +# +# ***** END LICENSE BLOCK ***** +# +# libpkix_init_nist.sh +# + +# +# Any test that uses NIST files should have a tag of either NIST-Test or +# NIST-Test-Files-Used at the command option so if there are no NIST files +# installed in the system, the test can be skipped +# + +if [ -z "${NIST_FILES_DIR}" ] ; then + Display "" + Display "*******************************************************************************" + Display "The environment variable NIST_FILES_DIR is not defined. Therefore" + Display "tests depending on it will be skipped. To enable these tests set" + Display "NIST_FILES_DIR to the directory where NIST Certificates and CRLs" + Display "are located." + Display "*******************************************************************************" + Display "" + doNIST=0 +else + + NIST=${NIST_FILES_DIR} + doNIST=1 +fi + +# +# Any tests that use NIST Path Discovery files should have a tag of NIST-PDTest +# at the command option so if there are no NIST Path Discovery files +# installed in the system, the test can be skipped +# +if [ ${doPD} -eq 1 -a -z "${PDVAL}" ] ; then + + Display "" + Display "*******************************************************************************" + Display "The environment variable PDVAL is not defined. Therefore tests" + Display "depending on it will be skipped. To enable these tests set PDVAL to" + Display "the directory where NIST Path Discovery Certificates are located." + Display "*******************************************************************************" + Display "" + doNIST_PDTest=0 +else + + NIST_PDTEST=${PDVAL} + doNIST_PDTest=1 +fi + +# +# Any tests that use an OCSP Server should have a tag of OCSP-Test at the +# command option so if there is no OCSP Server installed in the system, the +# test can be skipped +# +if [ ${doOCSP} -eq 1 -a -z "${OCSP}" ] ; then + + Display "" + Display "*******************************************************************************" + Display "The environment variable OCSP is not defined. Therefore tests" + Display "depending on it will be skipped. To enable these tests set OCSP" + Display "non-NULL (the actual URI used is taken from the AIA extension)." + Display "*******************************************************************************" + Display "" + doOCSPTest=0 +else + doOCSPTest=1 +fi diff --git a/security/nss/tests/libpkix/libpkix.sh b/security/nss/tests/libpkix/libpkix.sh new file mode 100755 index 000000000..de026a1b5 --- /dev/null +++ b/security/nss/tests/libpkix/libpkix.sh @@ -0,0 +1,186 @@ +#! /bin/sh +# +# ***** BEGIN LICENSE BLOCK ***** +# Version: MPL 1.1/GPL 2.0/LGPL 2.1 +# +# The contents of this file are subject to the Mozilla Public License Version +# 1.1 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License +# for the specific language governing rights and limitations under the +# License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1994-2000 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the terms of +# either the GNU General Public License Version 2 or later (the "GPL"), or +# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), +# in which case the provisions of the GPL or the LGPL are applicable instead +# of those above. If you wish to allow use of your version of this file only +# under the terms of either the GPL or the LGPL, and not to allow others to +# use your version of this file under the terms of the MPL, indicate your +# decision by deleting the provisions above and replace them with the notice +# and other provisions required by the GPL or the LGPL. If you do not delete +# the provisions above, a recipient may use your version of this file under +# the terms of any one of the MPL, the GPL or the LGPL. +# +# ***** END LICENSE BLOCK ***** +# +# runTests.sh +# + +totalErrors=0 +pkixErrors=0 +pkixplErrors=0 +checkMemArg="" +arenasArg="" +quietArg="" +memText="" + +############################## libpkix_init ############################### +# local shell function to initialize this script +######################################################################## +libpkix_init() +{ + SCRIPTNAME="libpkixs.sh" + if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for + CLEANUP="${SCRIPTNAME}" # cleaning this script will do it + fi + + LIBPKIX_CURDIR=`pwd` + if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ] ; then + cd ../common + . ./init.sh + fi + cd ${LIBPKIX_CURDIR} + + # test at libpkix is written in ksh and hence cannot be sourced "." + # by this sh script. While we want to provide each libpkix test script the + # ability to be executed alone, we will need to use common/init.sh + # to set up bin etc. Since variable values can not be passed to sub-directory + # script for checking ($INIT_SOURCED), log is recreated and old data lost. + # The cludge way provided here is not ideal, but works (for now) : + # We save the log up to this point then concatenate it with libpkix log + # as the final one. + LOGFILE_ALL=${LOGFILE} + if [ ! -z ${LOGFILE_ALL} ] ; then + mv ${LOGFILE_ALL} ${LOGFILE_ALL}.tmp + touch ${LOGFILE_ALL} + fi + + SCRIPTNAME="libpkixs.sh" + LIBPKIX_LOG=${HOSTDIR}/libpkix.log #we don't want all the errormessages + # in the output.log, otherwise we can't tell what's a real error + + html_head "LIBPKIX Tests" + +} + +############################## libpkix_cleanup ############################ +# local shell function to finish this script (no exit since it might be +# sourced) +######################################################################## +libpkix_cleanup() +{ + if [ ! -z ${LOGFILE_ALL} ] ; then + rm ${LOGFILE_ALL} + cat ${LOGFILE_ALL}.tmp ${LIBPKIX_LOG} > ${LOGFILE_ALL} + rm ${LOGFILE_ALL}.tmp + fi + + html "</TABLE><BR>" + cd ${QADIR} + . common/cleanup.sh +} + +ParseArgs () +{ + while [ $# -gt 0 ]; do + if [ $1 == "-checkmem" ]; then + checkMemArg=$1 + memText=" (Memory Checking Enabled)" + elif [ $1 == "-quiet" ]; then + quietArg=$1 + elif [ $1 == "-arenas" ]; then + arenasArg=$1 + fi + shift + done +} + +libpkix_main() +{ + +ParseArgs + +echo "*******************************************************************************" +echo "START OF ALL TESTS${memText}" +echo "*******************************************************************************" +echo "" + +echo "RUNNING tests in pkix_pl_test"; +html_msg 0 0 "Running tests in pkix_pl_test:" +cd pkix_pl_tests; +runPLTests.sh ${arenasArg} ${checkMemArg} ${quietArg} +pkixplErrors=$? +html_msg $? 0 "Results of tests in pkix_pl_test" + +echo "RUNNING tests in pkix_test"; +html_msg 0 0 "Running tests in pkix_test:" +cd ../pkix_tests; +runTests.sh ${arenasArg} ${checkMemArg} ${quietArg} +pkixErrors=$? +html_msg $? 0 "Results of tests in pkix_test" + +echo "RUNNING performance tests in sample_apps"; +html_msg 0 0 "Running performance tests in sample_apps:" +cd ../sample_apps; +runPerf.sh ${arenasArg} ${checkMemArg} ${quietArg} +pkixPerfErrors=$? +html_msg $? 0 "Results of performance tests in sample_apps" + +totalErrors=`expr ${pkixErrors} + ${pkixplErrors} + ${pkixPerfErrors}` + +if [ ${totalErrors} -eq 0 ]; then + echo "" + echo "************************************************************" + echo "END OF ALL TESTS: ALL TESTS COMPLETED SUCCESSFULLY" + echo "************************************************************" + html_msg ${totalErrors} 0 "ALL LIBPKIX TESTS COMPLETED SUCCESSFULLY" + + return 0 +fi + +if [ ${totalErrors} -eq 1 ]; then + plural="" +else + plural="S" +fi + +if [ ${totalErrors} -ne 0 ]; then + echo "" + echo "************************************************************" + echo "END OF ALL TESTS: ${totalErrors} TEST${plural} FAILED" + echo "************************************************************" + html_msg 1 0 "${totalErrors} LIBPKIX TEST${plural} FAILED" +return 1 +fi +} + +################## main ################################################# + +libpkix_init +libpkix_main | tee ${LIBPKIX_LOG} +libpkix_cleanup + + diff --git a/security/nss/tests/libpkix/pkix_pl_tests/module/cert8.db b/security/nss/tests/libpkix/pkix_pl_tests/module/cert8.db Binary files differnew file mode 100755 index 000000000..f09bebbcf --- /dev/null +++ b/security/nss/tests/libpkix/pkix_pl_tests/module/cert8.db diff --git a/security/nss/tests/libpkix/pkix_pl_tests/module/key3.db b/security/nss/tests/libpkix/pkix_pl_tests/module/key3.db Binary files differnew file mode 100755 index 000000000..5c3b3ebbb --- /dev/null +++ b/security/nss/tests/libpkix/pkix_pl_tests/module/key3.db diff --git a/security/nss/tests/libpkix/pkix_pl_tests/module/rev_data/local/crldiff.crl b/security/nss/tests/libpkix/pkix_pl_tests/module/rev_data/local/crldiff.crl Binary files differnew file mode 100755 index 000000000..d076ef89f --- /dev/null +++ b/security/nss/tests/libpkix/pkix_pl_tests/module/rev_data/local/crldiff.crl diff --git a/security/nss/tests/libpkix/pkix_pl_tests/module/rev_data/local/crlgood.crl b/security/nss/tests/libpkix/pkix_pl_tests/module/rev_data/local/crlgood.crl Binary files differnew file mode 100755 index 000000000..1ad019ed1 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_pl_tests/module/rev_data/local/crlgood.crl diff --git a/security/nss/tests/libpkix/pkix_pl_tests/module/rev_data/local/issuer-hanfei.crl b/security/nss/tests/libpkix/pkix_pl_tests/module/rev_data/local/issuer-hanfei.crl Binary files differnew file mode 100755 index 000000000..6c9f0dbaa --- /dev/null +++ b/security/nss/tests/libpkix/pkix_pl_tests/module/rev_data/local/issuer-hanfei.crl diff --git a/security/nss/tests/libpkix/pkix_pl_tests/module/rev_data/local/issuer-none.crl b/security/nss/tests/libpkix/pkix_pl_tests/module/rev_data/local/issuer-none.crl Binary files differnew file mode 100755 index 000000000..c1c83ba2c --- /dev/null +++ b/security/nss/tests/libpkix/pkix_pl_tests/module/rev_data/local/issuer-none.crl diff --git a/security/nss/tests/libpkix/pkix_pl_tests/module/rev_data/test_eku_all.crt b/security/nss/tests/libpkix/pkix_pl_tests/module/rev_data/test_eku_all.crt Binary files differnew file mode 100755 index 000000000..89b59d17d --- /dev/null +++ b/security/nss/tests/libpkix/pkix_pl_tests/module/rev_data/test_eku_all.crt diff --git a/security/nss/tests/libpkix/pkix_pl_tests/module/rev_data/test_eku_allbutcodesigningEE.crt b/security/nss/tests/libpkix/pkix_pl_tests/module/rev_data/test_eku_allbutcodesigningEE.crt Binary files differnew file mode 100755 index 000000000..a80c10cd3 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_pl_tests/module/rev_data/test_eku_allbutcodesigningEE.crt diff --git a/security/nss/tests/libpkix/pkix_pl_tests/module/rev_data/test_eku_clientauth.crt b/security/nss/tests/libpkix/pkix_pl_tests/module/rev_data/test_eku_clientauth.crt Binary files differnew file mode 100755 index 000000000..3cd7bc9bc --- /dev/null +++ b/security/nss/tests/libpkix/pkix_pl_tests/module/rev_data/test_eku_clientauth.crt diff --git a/security/nss/tests/libpkix/pkix_pl_tests/module/rev_data/test_eku_clientauthEE.crt b/security/nss/tests/libpkix/pkix_pl_tests/module/rev_data/test_eku_clientauthEE.crt Binary files differnew file mode 100755 index 000000000..b0119ed26 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_pl_tests/module/rev_data/test_eku_clientauthEE.crt diff --git a/security/nss/tests/libpkix/pkix_pl_tests/module/rev_data/test_eku_codesigning_clientauth.crt b/security/nss/tests/libpkix/pkix_pl_tests/module/rev_data/test_eku_codesigning_clientauth.crt Binary files differnew file mode 100755 index 000000000..f90df0dac --- /dev/null +++ b/security/nss/tests/libpkix/pkix_pl_tests/module/rev_data/test_eku_codesigning_clientauth.crt diff --git a/security/nss/tests/libpkix/pkix_pl_tests/module/runPLTests.sh b/security/nss/tests/libpkix/pkix_pl_tests/module/runPLTests.sh new file mode 100755 index 000000000..a5c4cf9f3 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_pl_tests/module/runPLTests.sh @@ -0,0 +1,133 @@ +#!/bin/sh +# +# ***** BEGIN LICENSE BLOCK ***** +# Version: MPL 1.1/GPL 2.0/LGPL 2.1 +# +# The contents of this file are subject to the Mozilla Public License Version +# 1.1 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License +# for the specific language governing rights and limitations under the +# License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1994-2000 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the terms of +# either the GNU General Public License Version 2 or later (the "GPL"), or +# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), +# in which case the provisions of the GPL or the LGPL are applicable instead +# of those above. If you wish to allow use of your version of this file only +# under the terms of either the GPL or the LGPL, and not to allow others to +# use your version of this file under the terms of the MPL, indicate your +# decision by deleting the provisions above and replace them with the notice +# and other provisions required by the GPL or the LGPL. If you do not delete +# the provisions above, a recipient may use your version of this file under +# the terms of any one of the MPL, the GPL or the LGPL. +# +# ***** END LICENSE BLOCK ***** +# +# runPLTests.sh +# + +curdir=`pwd` +cd ../../common +. ./libpkix_init.sh > /dev/null +. ./libpkix_init_nist.sh +cd ${curdir} + +numtests=0 +passed=0 +testunit=MODULE +doModule=1 + +### setup NIST files need to link in +linkModuleNistFiles="InvalidDNnameConstraintsTest3EE.crt + InvalidonlySomeReasonsTest21EE.crt + indirectCRLCA3cRLIssuerCRL.crl + nameConstraintsDN3subCA2Cert.crt + nameConstraintsDN4CACert.crt + nameConstraintsDN5CACert.crt + onlyContainsAttributeCertsCACRL.crl + onlyContainsCACertsCACRL.crl + onlyContainsUserCertsCACRL.crl + onlySomeReasonsCA3compromiseCRL.crl + requireExplicitPolicy2CACert.crt + inhibitPolicyMapping5CACert.crt + inhibitAnyPolicy5CACert.crt + inhibitAnyPolicy0CACert.crt + P1Mapping1to234CACert.crt + UserNoticeQualifierTest15EE.crt + UserNoticeQualifierTest16EE.crt + UserNoticeQualifierTest17EE.crt + UserNoticeQualifierTest18EE.crt + CPSPointerQualifierTest20EE.crt" + +if [ -n "${NIST_FILES_DIR}" ]; then + if [ ! -d ${HOSTDIR}/rev_data/local ]; then + mkdir -p ${HOSTDIR}/rev_data/local + fi + + for i in ${linkModuleNistFiles}; do + if [ -f ${HOSTDIR}/rev_data/local/$i ]; then + rm ${HOSTDIR}/rev_data/local/$i + fi + cp ${NIST_FILES_DIR}/$i ${HOSTDIR}/rev_data/local/$i + done + + localCRLFiles="crlgood.crl + crldiff.crl + issuer-hanfei.crl + issuer-none.crl" + + for i in ${localCRLFiles}; do + cp ${curdir}/rev_data/local/$i ${HOSTDIR}/rev_data/local/$i + done +fi + +########## +# main +########## + +ParseArgs $* + +SOCKETTRACE=0 +export SOCKETTRACE + +RunTests <<EOF +test_colcertstore NIST-Test-Files-Used rev_data/local ${HOSTDIR} +test_pk11certstore ../../pkix_pl_tests/module ../../pkix_tests/top/rev_data/crlchecker +test_ekuchecker "Test-EKU-without-OID" ENE "" rev_data test_eku_codesigning_clientauth.crt test_eku_clientauth.crt test_eku_clientauthEE.crt +test_ekuchecker "Test-EKU-with-good-OID" ENE "1.3.6.1.5.5.7.3.3" rev_data test_eku_codesigning_clientauth.crt test_eku_clientauth.crt test_eku_clientauthEE.crt +test_ekuchecker "Test-EKU-with-bad-OID" EE "1.3.6.1.5.5.7.3.4" rev_data test_eku_codesigning_clientauth.crt test_eku_clientauth.crt test_eku_clientauthEE.crt +test_ekuchecker "Test-EKU-with-good-and-bad-OID" EE "1.3.6.1.5.5.7.3.3,1.3.6.1.5.5.7.3.4" rev_data test_eku_codesigning_clientauth.crt test_eku_clientauth.crt test_eku_clientauthEE.crt +test_ekuchecker "Test-EKU-only-EE-with-good-OID" ENE "E1.3.6.1.5.5.7.3.3" rev_data test_eku_codesigning_clientauth.crt test_eku_clientauth.crt test_eku_clientauthEE.crt +test_ekuchecker "Test-EKU-only-EE-with-bad-OID" EE "E1.3.6.1.5.5.7.3.4" rev_data test_eku_codesigning_clientauth.crt test_eku_clientauth.crt test_eku_clientauthEE.crt +test_ekuchecker "Test-EKU-serverAuth" ENE "1.3.6.1.5.5.7.3.1" rev_data test_eku_all.crt test_eku_allbutcodesigningEE.crt +test_ekuchecker "Test-EKU-clientAuth" ENE "1.3.6.1.5.5.7.3.2" rev_data test_eku_all.crt test_eku_allbutcodesigningEE.crt +test_ekuchecker "Test-EKU-codesigning-without-OID" EE "1.3.6.1.5.5.7.3.3" rev_data test_eku_all.crt test_eku_allbutcodesigningEE.crt +test_ekuchecker "Test-EKU-emailProtection" ENE "1.3.6.1.5.5.7.3.4" rev_data test_eku_all.crt test_eku_allbutcodesigningEE.crt +test_ekuchecker "Test-EKU-timestamping" ENE "1.3.6.1.5.5.7.3.8" rev_data test_eku_all.crt test_eku_allbutcodesigningEE.crt +test_ekuchecker "Test-EKU-OCSPSigning" ENE "1.3.6.1.5.5.7.3.9" rev_data test_eku_all.crt test_eku_allbutcodesigningEE.crt +test_ekuchecker "Test-EKU-only-EE-serverAuth" ENE "E1.3.6.1.5.5.7.3.1" rev_data test_eku_all.crt test_eku_allbutcodesigningEE.crt +test_ekuchecker "Test-EKU-only-EE-clientAuth" ENE "E1.3.6.1.5.5.7.3.2" rev_data test_eku_all.crt test_eku_allbutcodesigningEE.crt +test_ekuchecker "Test-EKU-only-EE-codesigning-without-OID" EE "E1.3.6.1.5.5.7.3.3" rev_data test_eku_all.crt test_eku_allbutcodesigningEE.crt +test_ekuchecker "Test-EKU-only-EE-emailProtection" ENE "E1.3.6.1.5.5.7.3.4" rev_data test_eku_all.crt test_eku_allbutcodesigningEE.crt +test_ekuchecker "Test-EKU-only-EE-timestamping" ENE "E1.3.6.1.5.5.7.3.8" rev_data test_eku_all.crt test_eku_allbutcodesigningEE.crt +test_ekuchecker "Test-EKU-only-EE-ocspSigning" ENE "E1.3.6.1.5.5.7.3.9" rev_data test_eku_all.crt test_eku_allbutcodesigningEE.crt +test_socket ${HOSTADDR}:2000 +EOF + +totalErrors=$? +html_msg ${totalErrors} 0 " ${testunit}: passed ${passed} of ${numtests} tests" +exit ${totalErrors} + diff --git a/security/nss/tests/libpkix/pkix_pl_tests/module/secmod.db b/security/nss/tests/libpkix/pkix_pl_tests/module/secmod.db Binary files differnew file mode 100755 index 000000000..772583d58 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_pl_tests/module/secmod.db diff --git a/security/nss/tests/libpkix/pkix_pl_tests/pki/rev_data/local/README b/security/nss/tests/libpkix/pkix_pl_tests/pki/rev_data/local/README new file mode 100755 index 000000000..50e1b98ec --- /dev/null +++ b/security/nss/tests/libpkix/pkix_pl_tests/pki/rev_data/local/README @@ -0,0 +1,3 @@ +If the total number of CRL files is changed in this directory, +the define PKIX_TEST_COLLECTIONCERTSTORE_NUM_CRLS under the +test directory also need to be changed.
\ No newline at end of file diff --git a/security/nss/tests/libpkix/pkix_pl_tests/pki/rev_data/local/crldiff.crl b/security/nss/tests/libpkix/pkix_pl_tests/pki/rev_data/local/crldiff.crl Binary files differnew file mode 100755 index 000000000..d076ef89f --- /dev/null +++ b/security/nss/tests/libpkix/pkix_pl_tests/pki/rev_data/local/crldiff.crl diff --git a/security/nss/tests/libpkix/pkix_pl_tests/pki/rev_data/local/crlgood.crl b/security/nss/tests/libpkix/pkix_pl_tests/pki/rev_data/local/crlgood.crl Binary files differnew file mode 100755 index 000000000..1ad019ed1 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_pl_tests/pki/rev_data/local/crlgood.crl diff --git a/security/nss/tests/libpkix/pkix_pl_tests/pki/rev_data/local/issuer-hanfei.crl b/security/nss/tests/libpkix/pkix_pl_tests/pki/rev_data/local/issuer-hanfei.crl Binary files differnew file mode 100755 index 000000000..6c9f0dbaa --- /dev/null +++ b/security/nss/tests/libpkix/pkix_pl_tests/pki/rev_data/local/issuer-hanfei.crl diff --git a/security/nss/tests/libpkix/pkix_pl_tests/pki/rev_data/local/issuer-none.crl b/security/nss/tests/libpkix/pkix_pl_tests/pki/rev_data/local/issuer-none.crl Binary files differnew file mode 100755 index 000000000..c1c83ba2c --- /dev/null +++ b/security/nss/tests/libpkix/pkix_pl_tests/pki/rev_data/local/issuer-none.crl diff --git a/security/nss/tests/libpkix/pkix_pl_tests/pki/runPLTests.sh b/security/nss/tests/libpkix/pkix_pl_tests/pki/runPLTests.sh new file mode 100755 index 000000000..86c79f57c --- /dev/null +++ b/security/nss/tests/libpkix/pkix_pl_tests/pki/runPLTests.sh @@ -0,0 +1,113 @@ +#!/bin/sh +# +# ***** BEGIN LICENSE BLOCK ***** +# Version: MPL 1.1/GPL 2.0/LGPL 2.1 +# +# The contents of this file are subject to the Mozilla Public License Version +# 1.1 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License +# for the specific language governing rights and limitations under the +# License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1994-2000 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the terms of +# either the GNU General Public License Version 2 or later (the "GPL"), or +# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), +# in which case the provisions of the GPL or the LGPL are applicable instead +# of those above. If you wish to allow use of your version of this file only +# under the terms of either the GPL or the LGPL, and not to allow others to +# use your version of this file under the terms of the MPL, indicate your +# decision by deleting the provisions above and replace them with the notice +# and other provisions required by the GPL or the LGPL. If you do not delete +# the provisions above, a recipient may use your version of this file under +# the terms of any one of the MPL, the GPL or the LGPL. +# +# ***** END LICENSE BLOCK ***** +# +# runPLTests.sh +# + +curdir=`pwd` +cd ../../common +. ./libpkix_init.sh > /dev/null +doPD=1 +. ./libpkix_init_nist.sh +cd ${curdir} + +numtests=0 +passed=0 +testunit=PKI +doPki=1 + +### setup NIST files need to link in +linkPkiNistFiles="InvalidDNnameConstraintsTest3EE.crt + InvalidonlySomeReasonsTest21EE.crt + indirectCRLCA3cRLIssuerCRL.crl + nameConstraintsDN3subCA2Cert.crt + nameConstraintsDN4CACert.crt + nameConstraintsDN5CACert.crt + onlyContainsAttributeCertsCACRL.crl + onlyContainsCACertsCACRL.crl + onlyContainsUserCertsCACRL.crl + onlySomeReasonsCA3compromiseCRL.crl + requireExplicitPolicy2CACert.crt + inhibitPolicyMapping5CACert.crt + inhibitAnyPolicy5CACert.crt + inhibitAnyPolicy0CACert.crt + P1Mapping1to234CACert.crt + UserNoticeQualifierTest15EE.crt + UserNoticeQualifierTest16EE.crt + UserNoticeQualifierTest17EE.crt + UserNoticeQualifierTest18EE.crt + CPSPointerQualifierTest20EE.crt" + +if [ -n "${NIST_FILES_DIR}" ]; then + if [ ! -d ${HOSTDIR}/rev_data/local ]; then + mkdir -p ${HOSTDIR}/rev_data/local + fi + + for i in ${linkPkiNistFiles}; do + if [ -f ${HOSTDIR}/rev_data/local/$i ]; then + rm ${HOSTDIR}/rev_data/local/$i + fi + cp ${NIST_FILES_DIR}/$i ${HOSTDIR}/rev_data/local/$i + done +fi + +########## +# main +######### + +TZ=US/Eastern + +ParseArgs $* + +RunTests <<EOF +test_cert NIST-Test-Files-Used ../../certs ${HOSTDIR}/rev_data/local +test_crl NIST-Test-Files-Used ../../certs +test_x500name +test_generalname +test_date NIST-Test-Files-Used +test_crlentry ../../certs +test_nameconstraints NIST-Test-Files-Used rev_data/local ${HOSTDIR} +test_authorityinfoaccess NIST-PDTest ${NIST_PDTEST} certs/BasicLDAPURIPathDiscoveryOU1EE1.crt certs/BasicHTTPURITrustAnchorRootCert.crt +test_subjectinfoaccess NIST-PDTest ${NIST_PDTEST} certs/BasicHTTPURITrustAnchorRootCert.crt certs/BasicLDAPURIPathDiscoveryOU1EE1.crt +EOF + +totalErrors=$? +html_msg ${totalErrors} 0 " ${testunit}: passed ${passed} of ${numtests} tests" +exit ${totalErrors} + + diff --git a/security/nss/tests/libpkix/pkix_pl_tests/runPLTests.sh b/security/nss/tests/libpkix/pkix_pl_tests/runPLTests.sh new file mode 100755 index 000000000..0fd5dbaa9 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_pl_tests/runPLTests.sh @@ -0,0 +1,99 @@ +#!/bin/sh +# +# ***** BEGIN LICENSE BLOCK ***** +# Version: MPL 1.1/GPL 2.0/LGPL 2.1 +# +# The contents of this file are subject to the Mozilla Public License Version +# 1.1 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License +# for the specific language governing rights and limitations under the +# License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1994-2000 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the terms of +# either the GNU General Public License Version 2 or later (the "GPL"), or +# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), +# in which case the provisions of the GPL or the LGPL are applicable instead +# of those above. If you wish to allow use of your version of this file only +# under the terms of either the GPL or the LGPL, and not to allow others to +# use your version of this file under the terms of the MPL, indicate your +# decision by deleting the provisions above and replace them with the notice +# and other provisions required by the GPL or the LGPL. If you do not delete +# the provisions above, a recipient may use your version of this file under +# the terms of any one of the MPL, the GPL or the LGPL. +# +# ***** END LICENSE BLOCK ***** +# +# runPLTests.sh +# + +curdir=`pwd` +cd ../common +. ./libpkix_init.sh > /dev/null +cd ${curdir} + +testunit="PKIX_PL" + +totalErrors=0 +moduleErrors=0 +systemErrors=0 +pkiErrors=0 +quiet=0 + +checkMemArg="" +arenasArg="" +quietArg="" + +### ParseArgs +myParseArgs() # args +{ + while [ $# -gt 0 ]; do + if [ $1 = "-checkmem" ]; then + checkMemArg=$1 + elif [ $1 = "-quiet" ]; then + quietArg=$1 + quiet=1 + elif [ $1 = "-arenas" ]; then + arenasArg=$1 + fi + shift + done +} + +myParseArgs $* + +testHeadingEcho + +echo "RUNNING tests in pki"; +cd pki; +runPLTests.sh ${arenasArg} ${checkMemArg} ${quietArg} +pkiErrors=$? + +echo "RUNNING tests in system"; +cd ../system; +runPLTests.sh ${arenasArg} ${checkMemArg} ${quietArg} +systemErrors=$? + +echo "RUNNING tests in module"; +cd ../module; +runPLTests.sh ${arenasArg} ${checkMemArg} ${quietArg} +moduleErrors=$? + +totalErrors=`expr $moduleErrors + $systemErrors + $pkiErrors` + +testEndingEcho + +exit ${totalErrors} + diff --git a/security/nss/tests/libpkix/pkix_pl_tests/system/runPLTests.sh b/security/nss/tests/libpkix/pkix_pl_tests/system/runPLTests.sh new file mode 100755 index 000000000..9da733941 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_pl_tests/system/runPLTests.sh @@ -0,0 +1,78 @@ +#!/bin/sh +# +# ***** BEGIN LICENSE BLOCK ***** +# Version: MPL 1.1/GPL 2.0/LGPL 2.1 +# +# The contents of this file are subject to the Mozilla Public License Version +# 1.1 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License +# for the specific language governing rights and limitations under the +# License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1994-2000 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the terms of +# either the GNU General Public License Version 2 or later (the "GPL"), or +# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), +# in which case the provisions of the GPL or the LGPL are applicable instead +# of those above. If you wish to allow use of your version of this file only +# under the terms of either the GPL or the LGPL, and not to allow others to +# use your version of this file under the terms of the MPL, indicate your +# decision by deleting the provisions above and replace them with the notice +# and other provisions required by the GPL or the LGPL. If you do not delete +# the provisions above, a recipient may use your version of this file under +# the terms of any one of the MPL, the GPL or the LGPL. +# +# ***** END LICENSE BLOCK ***** +# +# runPLTests.sh +# + +curdir=`pwd` +cd ../../common +. ./libpkix_init.sh > /dev/null +cd ${curdir} + +numtests=0 +passed=0 +testunit=SYSTEM + + +########## +# main +########## + +ParseArgs $* + +RunTests <<EOF +test_mem +test_object +test_string +test_bigint +test_bytearray +test_mutex +test_mutex2 +test_mutex3 +test_monitorlock +test_oid +test_hashtable +EOF + +totalErrors=$? +html_msg ${totalErrors} 0 " ${testunit}: passed ${passed} of ${numtests} tests" +exit ${totalErrors} + + + + diff --git a/security/nss/tests/libpkix/pkix_tests/certsel/keyUsage b/security/nss/tests/libpkix/pkix_tests/certsel/keyUsage new file mode 100755 index 000000000..e69de29bb --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/certsel/keyUsage diff --git a/security/nss/tests/libpkix/pkix_tests/certsel/runTests.sh b/security/nss/tests/libpkix/pkix_tests/certsel/runTests.sh new file mode 100755 index 000000000..0b4275096 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/certsel/runTests.sh @@ -0,0 +1,65 @@ +#!/bin/sh +# +# ***** BEGIN LICENSE BLOCK ***** +# Version: MPL 1.1/GPL 2.0/LGPL 2.1 +# +# The contents of this file are subject to the Mozilla Public License Version +# 1.1 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License +# for the specific language governing rights and limitations under the +# License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1994-2000 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the terms of +# either the GNU General Public License Version 2 or later (the "GPL"), or +# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), +# in which case the provisions of the GPL or the LGPL are applicable instead +# of those above. If you wish to allow use of your version of this file only +# under the terms of either the GPL or the LGPL, and not to allow others to +# use your version of this file under the terms of the MPL, indicate your +# decision by deleting the provisions above and replace them with the notice +# and other provisions required by the GPL or the LGPL. If you do not delete +# the provisions above, a recipient may use your version of this file under +# the terms of any one of the MPL, the GPL or the LGPL. +# +# ***** END LICENSE BLOCK ***** +# +# runTests.sh +# + +curdir=`pwd` +cd ../../common +. ./libpkix_init.sh > /dev/null +. ./libpkix_init_nist.sh +cd ${curdir} + +numtests=0 +passed=0 +testunit=CERTSEL + +########## +# main +########## + +ParseArgs $* + +RunTests <<EOF +test_comcertselparams ${NIST} NIST-Test-Files-Used +test_certselector ${NIST} NIST-Test-Files-Used ../../pkix_pl_tests/module/rev_data +EOF + +totalErrors=$? +html_msg ${totalErrors} 0 " ${testunit}: passed ${passed} of ${numtests} tests" +exit ${totalErrors} diff --git a/security/nss/tests/libpkix/pkix_tests/checker/runTests.sh b/security/nss/tests/libpkix/pkix_tests/checker/runTests.sh new file mode 100755 index 000000000..d79c4ea59 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/checker/runTests.sh @@ -0,0 +1,63 @@ +#!/bin/sh +# +# ***** BEGIN LICENSE BLOCK ***** +# Version: MPL 1.1/GPL 2.0/LGPL 2.1 +# +# The contents of this file are subject to the Mozilla Public License Version +# 1.1 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License +# for the specific language governing rights and limitations under the +# License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1994-2000 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the terms of +# either the GNU General Public License Version 2 or later (the "GPL"), or +# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), +# in which case the provisions of the GPL or the LGPL are applicable instead +# of those above. If you wish to allow use of your version of this file only +# under the terms of either the GPL or the LGPL, and not to allow others to +# use your version of this file under the terms of the MPL, indicate your +# decision by deleting the provisions above and replace them with the notice +# and other provisions required by the GPL or the LGPL. If you do not delete +# the provisions above, a recipient may use your version of this file under +# the terms of any one of the MPL, the GPL or the LGPL. +# +# ***** END LICENSE BLOCK ***** +# +# runTests.sh +# + +curdir=`pwd` +cd ../../common +. ./libpkix_init.sh > /dev/null +cd ${curdir} + +numtests=0 +passed=0 +testunit=CHECKER + +########## +# main +########## + +ParseArgs $* + +RunTests <<EOF +test_certchainchecker +EOF + +totalErrors=$? +html_msg ${totalErrors} 0 " ${testunit}: passed ${passed} of ${numtests} tests" +exit ${totalErrors} diff --git a/security/nss/tests/libpkix/pkix_tests/crlsel/runTests.sh b/security/nss/tests/libpkix/pkix_tests/crlsel/runTests.sh new file mode 100755 index 000000000..a5702f412 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/crlsel/runTests.sh @@ -0,0 +1,65 @@ +#!/bin/sh +# +# ***** BEGIN LICENSE BLOCK ***** +# Version: MPL 1.1/GPL 2.0/LGPL 2.1 +# +# The contents of this file are subject to the Mozilla Public License Version +# 1.1 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License +# for the specific language governing rights and limitations under the +# License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1994-2000 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the terms of +# either the GNU General Public License Version 2 or later (the "GPL"), or +# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), +# in which case the provisions of the GPL or the LGPL are applicable instead +# of those above. If you wish to allow use of your version of this file only +# under the terms of either the GPL or the LGPL, and not to allow others to +# use your version of this file under the terms of the MPL, indicate your +# decision by deleting the provisions above and replace them with the notice +# and other provisions required by the GPL or the LGPL. If you do not delete +# the provisions above, a recipient may use your version of this file under +# the terms of any one of the MPL, the GPL or the LGPL. +# +# ***** END LICENSE BLOCK ***** +# +# runTests.sh +# + +curdir=`pwd` +cd ../../common +. ./libpkix_init.sh > /dev/null +cd ${curdir} + +numtests=0 +passed=0 +testunit=CRLSEL + + +########## +# main +########## + +ParseArgs $* + +RunTests <<EOF +test_comcrlselparams ../../certs +test_crlselector +EOF + +totalErrors=$? +html_msg ${totalErrors} 0 " ${testunit}: passed ${passed} of ${numtests} tests" +exit ${totalErrors} diff --git a/security/nss/tests/libpkix/pkix_tests/params/runTests.sh b/security/nss/tests/libpkix/pkix_tests/params/runTests.sh new file mode 100755 index 000000000..c0cb29bf8 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/params/runTests.sh @@ -0,0 +1,68 @@ +#!/bin/sh +# +# ***** BEGIN LICENSE BLOCK ***** +# Version: MPL 1.1/GPL 2.0/LGPL 2.1 +# +# The contents of this file are subject to the Mozilla Public License Version +# 1.1 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License +# for the specific language governing rights and limitations under the +# License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1994-2000 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the terms of +# either the GNU General Public License Version 2 or later (the "GPL"), or +# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), +# in which case the provisions of the GPL or the LGPL are applicable instead +# of those above. If you wish to allow use of your version of this file only +# under the terms of either the GPL or the LGPL, and not to allow others to +# use your version of this file under the terms of the MPL, indicate your +# decision by deleting the provisions above and replace them with the notice +# and other provisions required by the GPL or the LGPL. If you do not delete +# the provisions above, a recipient may use your version of this file under +# the terms of any one of the MPL, the GPL or the LGPL. +# +# ***** END LICENSE BLOCK ***** +# +# runTests.sh +# + +curdir=`pwd` +cd ../../common +. ./libpkix_init.sh > /dev/null +. ./libpkix_init_nist.sh +cd ${curdir} + +numtests=0 +passed=0 +testunit=PARAMS + + +########## +# main +########## + +ParseArgs $* + +RunTests <<EOF +test_valparams ../../certs +test_procparams ../../certs +test_trustanchor ${NIST} ../../certs NIST-Test-Files-Used +test_resourcelimits +EOF + +totalErrors=$? +html_msg ${totalErrors} 0 " ${testunit}: passed ${passed} of ${numtests} tests" +exit ${totalErrors} diff --git a/security/nss/tests/libpkix/pkix_tests/results/runTests.sh b/security/nss/tests/libpkix/pkix_tests/results/runTests.sh new file mode 100755 index 000000000..d8111e20c --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/results/runTests.sh @@ -0,0 +1,68 @@ +#!/bin/sh +# +# ***** BEGIN LICENSE BLOCK ***** +# Version: MPL 1.1/GPL 2.0/LGPL 2.1 +# +# The contents of this file are subject to the Mozilla Public License Version +# 1.1 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License +# for the specific language governing rights and limitations under the +# License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1994-2000 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the terms of +# either the GNU General Public License Version 2 or later (the "GPL"), or +# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), +# in which case the provisions of the GPL or the LGPL are applicable instead +# of those above. If you wish to allow use of your version of this file only +# under the terms of either the GPL or the LGPL, and not to allow others to +# use your version of this file under the terms of the MPL, indicate your +# decision by deleting the provisions above and replace them with the notice +# and other provisions required by the GPL or the LGPL. If you do not delete +# the provisions above, a recipient may use your version of this file under +# the terms of any one of the MPL, the GPL or the LGPL. +# +# ***** END LICENSE BLOCK ***** +# +# runTests.sh +# + +curdir=`pwd` +cd ../../common +. ./libpkix_init.sh > /dev/null +. ./libpkix_init_nist.sh +cd ${curdir} + +numtests=0 +passed=0 +testunit=RESULTS + + +########## +# main +########## + +ParseArgs $* + +RunTests <<EOF +test_policynode ${NIST} NIST-Test-Files-Used +test_valresult ../../certs +test_buildresult ../../certs +test_verifynode ${NIST} TrustAnchorRootCertificate.crt GoodCACert.crt ValidCertificatePathTest1EE.crt +EOF + +totalErrors=$? +html_msg ${totalErrors} 0 " ${testunit}: passed ${passed} of ${numtests} tests" +exit ${totalErrors} diff --git a/security/nss/tests/libpkix/pkix_tests/runTests.sh b/security/nss/tests/libpkix/pkix_tests/runTests.sh new file mode 100755 index 000000000..bbfcbb136 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/runTests.sh @@ -0,0 +1,130 @@ +#!/bin/sh +# +# ***** BEGIN LICENSE BLOCK ***** +# Version: MPL 1.1/GPL 2.0/LGPL 2.1 +# +# The contents of this file are subject to the Mozilla Public License Version +# 1.1 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License +# for the specific language governing rights and limitations under the +# License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1994-2000 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the terms of +# either the GNU General Public License Version 2 or later (the "GPL"), or +# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), +# in which case the provisions of the GPL or the LGPL are applicable instead +# of those above. If you wish to allow use of your version of this file only +# under the terms of either the GPL or the LGPL, and not to allow others to +# use your version of this file under the terms of the MPL, indicate your +# decision by deleting the provisions above and replace them with the notice +# and other provisions required by the GPL or the LGPL. If you do not delete +# the provisions above, a recipient may use your version of this file under +# the terms of any one of the MPL, the GPL or the LGPL. +# +# ***** END LICENSE BLOCK ***** +# +# runTests.sh +# + +curdir=`pwd` +cd ../common +. ./libpkix_init.sh > /dev/null +cd ${curdir} + +testunit="PKIX" + +totalErrors=0 +utilErrors=0 +crlselErrors=0 +paramsErrors=0 +resultsErrors=0 +topErrors=0 +checkerErrors=0 +certselErrors=0 +quiet=0 + +checkMemArg="" +arenasArg="" +quietArg="" +memText="" + +### ParseArgs +ParseArgs() # args +{ + while [ $# -gt 0 ]; do + if [ $1 = "-checkmem" ]; then + checkMemArg=$1 + memText=" (Memory Checking Enabled)" + elif [ $1 = "-quiet" ]; then + quietArg=$1 + quiet=1 + elif [ $1 = "-arenas" ]; then + arenasArg=$1 + fi + shift + done +} + +ParseArgs $* + +testHeadingEcho + +echo "RUNNING tests in certsel"; +cd certsel; +runTests.sh ${arenasArg} ${checkMemArg} ${quietArg} +certselErrors=$? + +echo "RUNNING tests in checker"; +cd ../checker; +runTests.sh ${arenasArg} ${checkMemArg} ${quietArg} +checkerErrors=$? + +echo "RUNNING tests in results"; +cd ../results; +runTests.sh ${arenasArg} ${checkMemArg} ${quietArg} +resultsErrors=$? + +echo "RUNNING tests in params"; +cd ../params; +runTests.sh ${arenasArg} ${checkMemArg} ${quietArg} +paramsErrors=$? + +echo "RUNNING tests in crlsel"; +cd ../crlsel; +runTests.sh ${arenasArg} ${checkMemArg} ${quietArg} +crlselErrors=$? + +echo "RUNNING tests in store"; +cd ../store; +runTests.sh ${arenasArg} ${checkMemArg} ${quietArg} +storeErrors=$? + +echo "RUNNING tests in util"; +cd ../util; +runTests.sh ${arenasArg} ${checkMemArg} ${quietArg} +utilErrors=$? + +echo "RUNNING tests in top"; +cd ../top; +runTests.sh ${arenasArg} ${checkMemArg} ${quietArg} +topErrors=$? + +totalErrors=`expr ${certselErrors} + ${checkerErrors} + ${resultsErrors} + ${paramsErrors} + ${crlselErrors} + ${storeErrors} + ${utilErrors} + ${topErrors}` + +testEndingEcho + +exit ${totalErrors} + diff --git a/security/nss/tests/libpkix/pkix_tests/store/runTests.sh b/security/nss/tests/libpkix/pkix_tests/store/runTests.sh new file mode 100755 index 000000000..c60deb25a --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/store/runTests.sh @@ -0,0 +1,64 @@ +#!/bin/sh +# +# ***** BEGIN LICENSE BLOCK ***** +# Version: MPL 1.1/GPL 2.0/LGPL 2.1 +# +# The contents of this file are subject to the Mozilla Public License Version +# 1.1 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License +# for the specific language governing rights and limitations under the +# License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1994-2000 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the terms of +# either the GNU General Public License Version 2 or later (the "GPL"), or +# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), +# in which case the provisions of the GPL or the LGPL are applicable instead +# of those above. If you wish to allow use of your version of this file only +# under the terms of either the GPL or the LGPL, and not to allow others to +# use your version of this file under the terms of the MPL, indicate your +# decision by deleting the provisions above and replace them with the notice +# and other provisions required by the GPL or the LGPL. If you do not delete +# the provisions above, a recipient may use your version of this file under +# the terms of any one of the MPL, the GPL or the LGPL. +# +# ***** END LICENSE BLOCK ***** +# +# runTests.sh +# + +curdir=`pwd` +cd ../../common +. ./libpkix_init.sh > /dev/null +cd ${curdir} + +numtests=0 +passed=0 +testunit=STORE + + +########## +# main +########## + +ParseArgs $* + +RunTests <<EOF +test_store genericCertStore rev_data/crlchecker ${HOSTDIR} +EOF + +totalErrors=$? +html_msg ${totalErrors} 0 " ${testunit}: passed ${passed} of ${numtests} tests" +exit ${totalErrors} diff --git a/security/nss/tests/libpkix/pkix_tests/top/anchorcert.crt b/security/nss/tests/libpkix/pkix_tests/top/anchorcert.crt Binary files differnew file mode 100644 index 000000000..1e2f7c7a1 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/anchorcert.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/greg.crl b/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/greg.crl Binary files differnew file mode 100755 index 000000000..148b47815 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/greg.crl diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/greg2yassir_badsig.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/greg2yassir_badsig.crt Binary files differnew file mode 100755 index 000000000..66563db40 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/greg2yassir_badsig.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/jes.crl b/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/jes.crl Binary files differnew file mode 100755 index 000000000..6cd8d2577 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/jes.crl diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/jes2greg.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/jes2greg.crt Binary files differnew file mode 100755 index 000000000..44419aa4c --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/jes2greg.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/jes2jes.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/jes2jes.crt Binary files differnew file mode 100755 index 000000000..07f7e58d1 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/jes2jes.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/jes2labs.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/jes2labs.crt Binary files differnew file mode 100755 index 000000000..36591b8bf --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/jes2labs.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/labs.crl b/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/labs.crl Binary files differnew file mode 100755 index 000000000..8c96b41dc --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/labs.crl diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/labs2yassir.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/labs2yassir.crt Binary files differnew file mode 100755 index 000000000..119368ca5 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/labs2yassir.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/yassir.crl b/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/yassir.crl Binary files differnew file mode 100755 index 000000000..eca3a5e84 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/yassir.crl diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/yassir2hanfei.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/yassir2hanfei.crt Binary files differnew file mode 100755 index 000000000..460d19307 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/backtracking/signature/yassir2hanfei.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/greg.crl b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/greg.crl Binary files differnew file mode 100755 index 000000000..148b47815 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/greg.crl diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/greg2yassir.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/greg2yassir.crt Binary files differnew file mode 100755 index 000000000..182472b21 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/greg2yassir.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/jes.crl b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/jes.crl Binary files differnew file mode 100755 index 000000000..e037e5047 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/jes.crl diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/jes2greg.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/jes2greg.crt Binary files differnew file mode 100755 index 000000000..44419aa4c --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/jes2greg.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/jes2jes.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/jes2jes.crt Binary files differnew file mode 100755 index 000000000..07f7e58d1 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/jes2jes.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/jes2labs.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/jes2labs.crt Binary files differnew file mode 100755 index 000000000..36591b8bf --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/jes2labs.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/labs.crl b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/labs.crl Binary files differnew file mode 100755 index 000000000..8c96b41dc --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/labs.crl diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/labs2yassir.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/labs2yassir.crt Binary files differnew file mode 100755 index 000000000..f5fe26115 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/labs2yassir.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/yassir.crl b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/yassir.crl Binary files differnew file mode 100755 index 000000000..eca3a5e84 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/yassir.crl diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/yassir2hanfei.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/yassir2hanfei.crt Binary files differnew file mode 100755 index 000000000..460d19307 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/fail/yassir2hanfei.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/greg.crl b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/greg.crl Binary files differnew file mode 100755 index 000000000..148b47815 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/greg.crl diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/greg2yassir.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/greg2yassir.crt Binary files differnew file mode 100755 index 000000000..182472b21 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/greg2yassir.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/jes.crl b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/jes.crl Binary files differnew file mode 100755 index 000000000..e037e5047 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/jes.crl diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/jes2greg.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/jes2greg.crt Binary files differnew file mode 100755 index 000000000..44419aa4c --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/jes2greg.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/jes2jes.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/jes2jes.crt Binary files differnew file mode 100755 index 000000000..07f7e58d1 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/jes2jes.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/jes2labs.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/jes2labs.crt Binary files differnew file mode 100755 index 000000000..36591b8bf --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/jes2labs.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/labs.crl b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/labs.crl Binary files differnew file mode 100755 index 000000000..8c96b41dc --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/labs.crl diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/labs2yassir.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/labs2yassir.crt Binary files differnew file mode 100755 index 000000000..f5fe26115 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/labs2yassir.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/yassir.crl b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/yassir.crl Binary files differnew file mode 100755 index 000000000..eca3a5e84 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/yassir.crl diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/yassir2hanfei.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/yassir2hanfei.crt Binary files differnew file mode 100755 index 000000000..460d19307 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/multi_path/signature/pass/yassir2hanfei.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/fail/greg.crl b/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/fail/greg.crl Binary files differnew file mode 100755 index 000000000..148b47815 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/fail/greg.crl diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/fail/greg2yassir_badsig.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/fail/greg2yassir_badsig.crt Binary files differnew file mode 100755 index 000000000..66563db40 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/fail/greg2yassir_badsig.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/fail/jes.crl b/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/fail/jes.crl Binary files differnew file mode 100755 index 000000000..e037e5047 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/fail/jes.crl diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/fail/jes2greg.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/fail/jes2greg.crt Binary files differnew file mode 100755 index 000000000..44419aa4c --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/fail/jes2greg.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/fail/jes2jes.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/fail/jes2jes.crt Binary files differnew file mode 100755 index 000000000..07f7e58d1 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/fail/jes2jes.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/fail/yassir.crl b/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/fail/yassir.crl Binary files differnew file mode 100755 index 000000000..eca3a5e84 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/fail/yassir.crl diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/fail/yassir2hanfei.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/fail/yassir2hanfei.crt Binary files differnew file mode 100755 index 000000000..460d19307 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/fail/yassir2hanfei.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/pass/greg.crl b/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/pass/greg.crl Binary files differnew file mode 100755 index 000000000..148b47815 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/pass/greg.crl diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/pass/greg2yassir.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/pass/greg2yassir.crt Binary files differnew file mode 100755 index 000000000..182472b21 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/pass/greg2yassir.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/pass/jes.crl b/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/pass/jes.crl Binary files differnew file mode 100755 index 000000000..e037e5047 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/pass/jes.crl diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/pass/jes2greg.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/pass/jes2greg.crt Binary files differnew file mode 100755 index 000000000..44419aa4c --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/pass/jes2greg.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/pass/jes2jes.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/pass/jes2jes.crt Binary files differnew file mode 100755 index 000000000..07f7e58d1 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/pass/jes2jes.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/pass/yassir.crl b/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/pass/yassir.crl Binary files differnew file mode 100755 index 000000000..eca3a5e84 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/pass/yassir.crl diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/pass/yassir2hanfei.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/pass/yassir2hanfei.crt Binary files differnew file mode 100755 index 000000000..460d19307 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/single_path/signature/pass/yassir2hanfei.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/test1/greg2yassir.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/test1/greg2yassir.crt Binary files differnew file mode 100755 index 000000000..182472b21 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/test1/greg2yassir.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/test1/jes2greg.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/test1/jes2greg.crt Binary files differnew file mode 100755 index 000000000..44419aa4c --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/test1/jes2greg.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/test1/jes2jes.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/test1/jes2jes.crt Binary files differnew file mode 100755 index 000000000..07f7e58d1 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/test1/jes2jes.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/test1/jes2labs.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/test1/jes2labs.crt Binary files differnew file mode 100755 index 000000000..36591b8bf --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/test1/jes2labs.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/test1/labs2yassir.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/test1/labs2yassir.crt Binary files differnew file mode 100755 index 000000000..f5fe26115 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/test1/labs2yassir.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/test1/yassir2hanfei.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/test1/yassir2hanfei.crt Binary files differnew file mode 100755 index 000000000..460d19307 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/test1/yassir2hanfei.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/test1/yassir2richard.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/test1/yassir2richard.crt Binary files differnew file mode 100755 index 000000000..b11826f97 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/test1/yassir2richard.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/test2/jes2greg.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/test2/jes2greg.crt Binary files differnew file mode 100755 index 000000000..44419aa4c --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/test2/jes2greg.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/test2/jes2jes.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/test2/jes2jes.crt Binary files differnew file mode 100755 index 000000000..07f7e58d1 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/test2/jes2jes.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/test2/jes2labs.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/test2/jes2labs.crt Binary files differnew file mode 100755 index 000000000..36591b8bf --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/test2/jes2labs.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/test2/labs2yassir.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/test2/labs2yassir.crt Binary files differnew file mode 100755 index 000000000..2b4387d6c --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/test2/labs2yassir.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/test2/nelson2yassir.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/test2/nelson2yassir.crt Binary files differnew file mode 100755 index 000000000..f5fe26115 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/test2/nelson2yassir.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/test2/yassir2hanfei.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/test2/yassir2hanfei.crt Binary files differnew file mode 100755 index 000000000..460d19307 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/test2/yassir2hanfei.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/test2/yassir2richard.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/test2/yassir2richard.crt Binary files differnew file mode 100755 index 000000000..b11826f97 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/test2/yassir2richard.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/test3/jes2greg.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/test3/jes2greg.crt Binary files differnew file mode 100755 index 000000000..44419aa4c --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/test3/jes2greg.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/test3/jes2jes.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/test3/jes2jes.crt Binary files differnew file mode 100755 index 000000000..07f7e58d1 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/test3/jes2jes.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/test3/jes2labs.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/test3/jes2labs.crt Binary files differnew file mode 100755 index 000000000..36591b8bf --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/test3/jes2labs.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/test3/labs2yassir.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/test3/labs2yassir.crt Binary files differnew file mode 100755 index 000000000..2b4387d6c --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/test3/labs2yassir.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/test3/nelson2yassir.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/test3/nelson2yassir.crt Binary files differnew file mode 100755 index 000000000..f5fe26115 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/test3/nelson2yassir.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/build_data/test3/yassir2hanfei.crt b/security/nss/tests/libpkix/pkix_tests/top/build_data/test3/yassir2hanfei.crt Binary files differnew file mode 100755 index 000000000..460d19307 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/build_data/test3/yassir2hanfei.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/cert8.db b/security/nss/tests/libpkix/pkix_tests/top/cert8.db Binary files differnew file mode 100644 index 000000000..a2bb46756 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/cert8.db diff --git a/security/nss/tests/libpkix/pkix_tests/top/goodcert.crt b/security/nss/tests/libpkix/pkix_tests/top/goodcert.crt Binary files differnew file mode 100644 index 000000000..c9904f4e0 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/goodcert.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/key3.db b/security/nss/tests/libpkix/pkix_tests/top/key3.db Binary files differnew file mode 100644 index 000000000..fd1bee826 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/key3.db diff --git a/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/chem.crl b/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/chem.crl Binary files differnew file mode 100755 index 000000000..9619c22cf --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/chem.crl diff --git a/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/chem2prof.crt b/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/chem2prof.crt Binary files differnew file mode 100755 index 000000000..0022f3cbf --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/chem2prof.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/phy2prof.crt b/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/phy2prof.crt Binary files differnew file mode 100755 index 000000000..50be7df1f --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/phy2prof.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/phys.crl b/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/phys.crl Binary files differnew file mode 100755 index 000000000..2deed93ed --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/phys.crl diff --git a/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/prof.crl b/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/prof.crl Binary files differnew file mode 100755 index 000000000..fa9b2dc69 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/prof.crl diff --git a/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/prof2test.crt b/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/prof2test.crt Binary files differnew file mode 100755 index 000000000..04bc5f16a --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/prof2test.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/sci.crl b/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/sci.crl Binary files differnew file mode 100755 index 000000000..675e9a53f --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/sci.crl diff --git a/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/sci2chem.crt b/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/sci2chem.crt Binary files differnew file mode 100755 index 000000000..e12232b8a --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/sci2chem.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/sci2phy.crt b/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/sci2phy.crt Binary files differnew file mode 100755 index 000000000..f5a165baa --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/sci2phy.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/sci2sci.crt b/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/sci2sci.crt Binary files differnew file mode 100755 index 000000000..ca09c166e --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/sci2sci.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/test.crl b/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/test.crl Binary files differnew file mode 100755 index 000000000..e37aa9c24 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/rev_data/crlchecker/test.crl diff --git a/security/nss/tests/libpkix/pkix_tests/top/revokedcert.crt b/security/nss/tests/libpkix/pkix_tests/top/revokedcert.crt Binary files differnew file mode 100644 index 000000000..0715ceb7b --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/revokedcert.crt diff --git a/security/nss/tests/libpkix/pkix_tests/top/runTests.sh b/security/nss/tests/libpkix/pkix_tests/top/runTests.sh new file mode 100755 index 000000000..bf6eae209 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/runTests.sh @@ -0,0 +1,544 @@ +#!/bin/sh +# +# ***** BEGIN LICENSE BLOCK ***** +# Version: MPL 1.1/GPL 2.0/LGPL 2.1 +# +# The contents of this file are subject to the Mozilla Public License Version +# 1.1 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License +# for the specific language governing rights and limitations under the +# License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1994-2000 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the terms of +# either the GNU General Public License Version 2 or later (the "GPL"), or +# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), +# in which case the provisions of the GPL or the LGPL are applicable instead +# of those above. If you wish to allow use of your version of this file only +# under the terms of either the GPL or the LGPL, and not to allow others to +# use your version of this file under the terms of the MPL, indicate your +# decision by deleting the provisions above and replace them with the notice +# and other provisions required by the GPL or the LGPL. If you do not delete +# the provisions above, a recipient may use your version of this file under +# the terms of any one of the MPL, the GPL or the LGPL. +# +# ***** END LICENSE BLOCK ***** +# +# runTests.sh +# + + +LDAP='nss.red.iplanet.com:1389' +export LDAP +curdir=`pwd` +cd ../../common +. ./libpkix_init.sh > /dev/null +doPD=1 +doOCSP=1 +. ./libpkix_init_nist.sh +cd ${curdir} + +numtests=0 +passed=0 +testunit=TOP +doTop=1 +linkMStoreNistFiles="store1/TrustAnchorRootCRL.crl + store1/TwoCRLsCABadCRL.crl + store2/TwoCRLsCAGoodCRL.crl" + +if [ ! -z "${NIST_FILES_DIR}" ] ; then + if [ -d ${HOSTDIR}/rev_data/multiple_certstores ]; then + rm -fr ${HOSTDIR}/rev_data/multiple_certstores + fi + mkdir -p ${HOSTDIR}/rev_data/multiple_certstores + mkdir -p ${HOSTDIR}/rev_data/multiple_certstores/store1 + mkdir -p ${HOSTDIR}/rev_data/multiple_certstores/store2 + for i in ${linkMStoreNistFiles}; do + if [ -f ${HOSTDIR}/rev_data/multiple_certstores/$i ]; then + rm ${HOSTDIR}/rev_data/multiple_certstores/$i + fi + fname=`basename $i` + cp ${NIST_FILES_DIR}/${fname} ${HOSTDIR}/rev_data/multiple_certstores/$i + done +fi + +ocspFiles="goodcert.crt revokedcert.crt anchorcert.crt + secmod.db key3.db cert8.db" + +if [ ! -z ${doOCSPTest} ] ; then + if [ -d ${HOSTDIR}/ocsp ]; then + rm -fr ${HOSTDIR}/ocsp + fi + mkdir -p ${HOSTDIR}/ocsp + for i in ${ocspFiles}; do + cp $i ${HOSTDIR}/ocsp/$i + + done +fi + +########## +# main +########## + +ParseArgs $* + +Display "" +Display "# ENE = expect no error (validation should succeed)" +Display "# EE = expect error (validation should fail)" +Display "" + +LOGGING=1 +SOCKETTRACE=1 +export LOGGING SOCKETTRACE + +RunTests <<EOF +test_validatechain_NB NIST-Test.4.1.1 ENE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt ValidCertificatePathTest1EE.crt +test_validatechain_NB NIST-Test.4.1.2 EE $NIST TrustAnchorRootCertificate.crt BadSignedCACert.crt InvalidCASignatureTest2EE.crt +test_validatechain_NB NIST-Test.4.1.3 EE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt InvalidEESignatureTest3EE.crt +test_validatechain_NB NIST-Test.4.1.4 ENE $NIST TrustAnchorRootCertificate.crt DSACACert.crt ValidDSASignaturesTest4EE.crt +test_validatechain_NB NIST-Test.4.1.5 ENE $NIST TrustAnchorRootCertificate.crt DSACACert.crt DSAParametersInheritedCACert.crt ValidDSAParameterInheritanceTest5EE.crt +EOF + +tracedErrors=$? + +LOGGING=0 +SOCKETTRACE=0 + +RunTests <<EOF +test_basicchecker ../../certs +test_basicconstraintschecker "Two-Certificates-Chain" ENE ../../certs hy2hy-bc0 hy2hc-bc +test_basicconstraintschecker "Three-Certificates-Chain" ENE ../../certs hy2hy-bc0 hy2hy-bc0 hy2hc-bc +test_basicconstraintschecker "Four-Certificates-Chain-with-error" EE ../../certs hy2hy-bc0 hy2hy-bc0 hy2hc-bc hy2hc-bc +test_validatechain_bc ../../certs/hy2hy-bc0 ../../certs/hy2hc-bc +test_policychecker NIST-Test-Files-Used ENE $NIST ../../certs +test_defaultcrlchecker2stores NIST-Test.4.4.7-with-multiple-CRL-stores ENE $NIST ${HOSTDIR}/rev_data/multiple_certstores/store1 ${HOSTDIR}/rev_data/multiple_certstores/store2 TrustAnchorRootCertificate.crt TwoCRLsCACert.crt ValidTwoCRLsTest7EE.crt +test_buildchain_resourcelimits ${LDAP} NIST-Test.4.5.1 ENE $NIST ValidBasicSelfIssuedOldWithNewTest1EE.crt BasicSelfIssuedNewKeyOldWithNewCACert.crt BasicSelfIssuedNewKeyCACert.crt TrustAnchorRootCertificate.crt +test_customcrlchecker "CRL-test-without-revocation" ENE rev_data/crlchecker sci2sci.crt sci2phy.crt phy2prof.crt prof2test.crt +test_customcrlchecker "CRL-test-with-revocation-reasoncode" EE rev_data/crlchecker sci2sci.crt sci2chem.crt chem2prof.crt prof2test.crt +test_subjaltnamechecker "NIST-Test-Files-Used" "0R:testcertificates.gov+R:Test23EE@testcertificates.gov" ENE $NIST TrustAnchorRootCertificate.crt nameConstraintsRFC822CA2Cert.crt ValidRFC822nameConstraintsTest23EE.crt +test_subjaltnamechecker "NIST-Test-Files-Used" "0R:TEST.gov" EE $NIST TrustAnchorRootCertificate.crt nameConstraintsRFC822CA2Cert.crt ValidRFC822nameConstraintsTest23EE.crt +test_subjaltnamechecker "NIST-Test-Files-Used" "0N:testcertificates.gov+N:testserver.testcertificates.gov" ENE $NIST TrustAnchorRootCertificate.crt nameConstraintsDNS1CACert.crt ValidDNSnameConstraintsTest30EE.crt +test_subjaltnamechecker "NIST-Test-Files-Used" "0N:notestcertificates.gov" EE $NIST TrustAnchorRootCertificate.crt nameConstraintsDNS1CACert.crt ValidDNSnameConstraintsTest30EE.crt +test_subjaltnamechecker "NIST-Test-Files-Used" "0U:.gov+U:http://testserver.testcertificates.gov/index.html" ENE $NIST TrustAnchorRootCertificate.crt nameConstraintsURI1CACert.crt ValidURInameConstraintsTest34EE.crt +test_subjaltnamechecker "NIST-Test-Files-Used" "0U:test.testcertificates.gov" EE $NIST TrustAnchorRootCertificate.crt nameConstraintsURI1CACert.crt ValidURInameConstraintsTest34EE.crt +test_subjaltnamechecker "NIST-Test-Files-Used" "1D:C=US+D:CN=Certificates,C=US" EE $NIST TrustAnchorRootCertificate.crt nameConstraintsDN2CACert.crt ValidDNnameConstraintsTest5EE.crt +test_subjaltnamechecker "NIST-Test-Files-Used" "0D:O=TestCertificates,C=CN" EE $NIST TrustAnchorRootCertificate.crt nameConstraintsDN2CACert.crt ValidDNnameConstraintsTest5EE.crt +test_validatechain "CRL-test-without-key-usage-cRLsign-bit-NIST-Test-Files-Used" EE $NIST TrustAnchorRootCertificate.crt SeparateCertificateandCRLKeysCertificateSigningCACert.crt SeparateCertificateandCRLKeysCRLSigningCert.crt InvalidSeparateCertificateandCRLKeysTest20EE.crt +test_validatechain NIST-Test.4.1.1 ENE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt ValidCertificatePathTest1EE.crt +test_validatechain NIST-Test.4.1.2 EE $NIST TrustAnchorRootCertificate.crt BadSignedCACert.crt InvalidCASignatureTest2EE.crt +test_validatechain NIST-Test.4.1.3 EE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt InvalidEESignatureTest3EE.crt +test_validatechain NIST-Test.4.1.4 ENE $NIST TrustAnchorRootCertificate.crt DSACACert.crt ValidDSASignaturesTest4EE.crt +test_validatechain NIST-Test.4.1.5 ENE $NIST TrustAnchorRootCertificate.crt DSACACert.crt DSAParametersInheritedCACert.crt ValidDSAParameterInheritanceTest5EE.crt +test_validatechain NIST-Test.4.1.6 EE $NIST TrustAnchorRootCertificate.crt DSACACert.crt InvalidDSASignatureTest6EE.crt +test_validatechain NIST-Test.4.2.1 EE $NIST TrustAnchorRootCertificate.crt BadnotBeforeDateCACert.crt InvalidCAnotBeforeDateTest1EE.crt +test_validatechain NIST-Test.4.2.2 EE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt InvalidEEnotBeforeDateTest2EE.crt +test_validatechain NIST-Test.4.2.3 ENE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt Validpre2000UTCnotBeforeDateTest3EE.crt +test_validatechain NIST-Test.4.2.4 ENE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt ValidGeneralizedTimenotBeforeDateTest4EE.crt +test_validatechain NIST-Test.4.2.5 EE $NIST TrustAnchorRootCertificate.crt BadnotAfterDateCACert.crt InvalidCAnotAfterDateTest5EE.crt +test_validatechain NIST-Test.4.2.6 EE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt InvalidEEnotAfterDateTest6EE.crt +test_validatechain NIST-Test.4.2.7 EE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt Invalidpre2000UTCEEnotAfterDateTest7EE.crt +test_validatechain NIST-Test.4.2.8 ENE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt ValidGeneralizedTimenotAfterDateTest8EE.crt +test_validatechain NIST-Test.4.3.1 EE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt InvalidNameChainingTest1EE.crt +test_validatechain NIST-Test.4.3.2 EE $NIST TrustAnchorRootCertificate.crt NameOrderingCACert.crt InvalidNameChainingOrderTest2EE.crt +test_validatechain NIST-Test.4.3.3 ENE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt ValidNameChainingWhitespaceTest3EE.crt +test_validatechain NIST-Test.4.3.4 ENE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt ValidNameChainingWhitespaceTest4EE.crt +test_validatechain NIST-Test.4.3.5 ENE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt ValidNameChainingCapitalizationTest5EE.crt +test_validatechain NIST-Test.4.3.6 ENE $NIST TrustAnchorRootCertificate.crt UIDCACert.crt ValidNameUIDsTest6EE.crt +test_validatechain NIST-Test.4.3.9 ENE $NIST TrustAnchorRootCertificate.crt UTF8StringEncodedNamesCACert.crt ValidUTF8StringEncodedNamesTest9EE.crt +test_validatechain NIST-Test.4.3.10 ENE $NIST TrustAnchorRootCertificate.crt RolloverfromPrintableStringtoUTF8StringCACert.crt ValidRolloverfromPrintableStringtoUTF8StringTest10EE.crt +test_validatechain NIST-Test.4.3.11 ENE $NIST TrustAnchorRootCertificate.crt UTF8StringCaseInsensitiveMatchCACert.crt ValidUTF8StringCaseInsensitiveMatchTest11EE.crt +test_validatechain NIST-Test.4.4.1 EE $NIST TrustAnchorRootCertificate.crt NoCRLCACert.crt InvalidMissingCRLTest1EE.crt +test_validatechain NIST-Test.4.4.2 EE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt RevokedsubCACert.crt InvalidRevokedCATest2EE.crt +test_validatechain NIST-Test.4.4.3 EE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt InvalidRevokedEETest3EE.crt +test_validatechain NIST-Test.4.4.4 EE $NIST TrustAnchorRootCertificate.crt BadCRLSignatureCACert.crt InvalidBadCRLSignatureTest4EE.crt +test_validatechain NIST-Test.4.4.5 EE $NIST TrustAnchorRootCertificate.crt BadCRLIssuerNameCACert.crt InvalidBadCRLIssuerNameTest5EE.crt +test_validatechain NIST-Test.4.4.6 EE $NIST TrustAnchorRootCertificate.crt WrongCRLCACert.crt InvalidWrongCRLTest6EE.crt +test_validatechain NIST-Test.4.4.7 ENE $NIST TrustAnchorRootCertificate.crt TwoCRLsCACert.crt ValidTwoCRLsTest7EE.crt +test_validatechain NIST-Test.4.4.8 EE $NIST TrustAnchorRootCertificate.crt UnknownCRLEntryExtensionCACert.crt InvalidUnknownCRLEntryExtensionTest8EE.crt +test_validatechain NIST-Test.4.4.9 EE $NIST TrustAnchorRootCertificate.crt UnknownCRLExtensionCACert.crt InvalidUnknownCRLExtensionTest9EE.crt +test_validatechain NIST-Test.4.4.10 EE $NIST TrustAnchorRootCertificate.crt UnknownCRLExtensionCACert.crt InvalidUnknownCRLExtensionTest10EE.crt +test_validatechain NIST-Test.4.4.11 EE $NIST TrustAnchorRootCertificate.crt OldCRLnextUpdateCACert.crt InvalidOldCRLnextUpdateTest11EE.crt +test_validatechain NIST-Test.4.4.12 EE $NIST TrustAnchorRootCertificate.crt pre2000CRLnextUpdateCACert.crt Invalidpre2000CRLnextUpdateTest12EE.crt +test_validatechain NIST-Test.4.4.13 ENE $NIST TrustAnchorRootCertificate.crt GeneralizedTimeCRLnextUpdateCACert.crt ValidGeneralizedTimeCRLnextUpdateTest13EE.crt +test_validatechain NIST-Test.4.4.14 ENE $NIST TrustAnchorRootCertificate.crt NegativeSerialNumberCACert.crt ValidNegativeSerialNumberTest14EE.crt +test_validatechain NIST-Test.4.4.15 EE $NIST TrustAnchorRootCertificate.crt NegativeSerialNumberCACert.crt InvalidNegativeSerialNumberTest15EE.crt +test_validatechain NIST-Test.4.4.16 ENE $NIST TrustAnchorRootCertificate.crt LongSerialNumberCACert.crt ValidLongSerialNumberTest16EE.crt +test_validatechain NIST-Test.4.4.17 ENE $NIST TrustAnchorRootCertificate.crt LongSerialNumberCACert.crt ValidLongSerialNumberTest17EE.crt +test_validatechain NIST-Test.4.4.18 EE $NIST TrustAnchorRootCertificate.crt LongSerialNumberCACert.crt InvalidLongSerialNumberTest18EE.crt +test_validatechain NIST-Test.4.4.20 EE $NIST TrustAnchorRootCertificate.crt SeparateCertificateandCRLKeysCertificateSigningCACert.crt SeparateCertificateandCRLKeysCRLSigningCert.crt InvalidSeparateCertificateandCRLKeysTest20EE.crt +test_validatechain NIST-Test.4.5.1 ENE $NIST TrustAnchorRootCertificate.crt BasicSelfIssuedNewKeyCACert.crt BasicSelfIssuedNewKeyOldWithNewCACert.crt ValidBasicSelfIssuedOldWithNewTest1EE.crt +test_validatechain NIST-Test.4.5.2 EE $NIST TrustAnchorRootCertificate.crt BasicSelfIssuedNewKeyCACert.crt BasicSelfIssuedNewKeyOldWithNewCACert.crt InvalidBasicSelfIssuedOldWithNewTest2EE.crt +test_validatechain NIST-Test.4.5.5 EE $NIST TrustAnchorRootCertificate.crt BasicSelfIssuedOldKeyCACert.crt BasicSelfIssuedOldKeyNewWithOldCACert.crt InvalidBasicSelfIssuedNewWithOldTest5EE.crt +test_validatechain NIST-Test.4.5.7 EE $NIST TrustAnchorRootCertificate.crt BasicSelfIssuedCRLSigningKeyCACert.crt BasicSelfIssuedCRLSigningKeyCRLCert.crt InvalidBasicSelfIssuedCRLSigningKeyTest7EE.crt +test_validatechain NIST-Test.4.5.8 EE $NIST TrustAnchorRootCertificate.crt BasicSelfIssuedCRLSigningKeyCACert.crt BasicSelfIssuedCRLSigningKeyCRLCert.crt InvalidBasicSelfIssuedCRLSigningKeyTest8EE.crt +test_validatechain_NB "CRL-test-without-key-usage-cRLsign-bit-NIST-Test-Files-Used" EE $NIST TrustAnchorRootCertificate.crt SeparateCertificateandCRLKeysCertificateSigningCACert.crt SeparateCertificateandCRLKeysCRLSigningCert.crt InvalidSeparateCertificateandCRLKeysTest20EE.crt +test_validatechain_NB NIST-Test.4.1.1 ENE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt ValidCertificatePathTest1EE.crt +test_validatechain_NB NIST-Test.4.1.2 EE $NIST TrustAnchorRootCertificate.crt BadSignedCACert.crt InvalidCASignatureTest2EE.crt +test_validatechain_NB NIST-Test.4.1.3 EE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt InvalidEESignatureTest3EE.crt +test_validatechain_NB NIST-Test.4.1.4 ENE $NIST TrustAnchorRootCertificate.crt DSACACert.crt ValidDSASignaturesTest4EE.crt +test_validatechain_NB NIST-Test.4.1.5 ENE $NIST TrustAnchorRootCertificate.crt DSACACert.crt DSAParametersInheritedCACert.crt ValidDSAParameterInheritanceTest5EE.crt +test_validatechain_NB NIST-Test.4.1.6 EE $NIST TrustAnchorRootCertificate.crt DSACACert.crt InvalidDSASignatureTest6EE.crt +test_validatechain_NB NIST-Test.4.2.1 EE $NIST TrustAnchorRootCertificate.crt BadnotBeforeDateCACert.crt InvalidCAnotBeforeDateTest1EE.crt +test_validatechain_NB NIST-Test.4.2.2 EE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt InvalidEEnotBeforeDateTest2EE.crt +test_validatechain_NB NIST-Test.4.2.3 ENE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt Validpre2000UTCnotBeforeDateTest3EE.crt +test_validatechain_NB NIST-Test.4.2.4 ENE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt ValidGeneralizedTimenotBeforeDateTest4EE.crt +test_validatechain_NB NIST-Test.4.2.5 EE $NIST TrustAnchorRootCertificate.crt BadnotAfterDateCACert.crt InvalidCAnotAfterDateTest5EE.crt +test_validatechain_NB NIST-Test.4.2.6 EE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt InvalidEEnotAfterDateTest6EE.crt +test_validatechain_NB NIST-Test.4.2.7 EE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt Invalidpre2000UTCEEnotAfterDateTest7EE.crt +test_validatechain_NB NIST-Test.4.2.8 ENE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt ValidGeneralizedTimenotAfterDateTest8EE.crt +test_validatechain_NB NIST-Test.4.3.1 EE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt InvalidNameChainingTest1EE.crt +test_validatechain_NB NIST-Test.4.3.2 EE $NIST TrustAnchorRootCertificate.crt NameOrderingCACert.crt InvalidNameChainingOrderTest2EE.crt +test_validatechain_NB NIST-Test.4.3.3 ENE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt ValidNameChainingWhitespaceTest3EE.crt +test_validatechain_NB NIST-Test.4.3.4 ENE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt ValidNameChainingWhitespaceTest4EE.crt +test_validatechain_NB NIST-Test.4.3.5 ENE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt ValidNameChainingCapitalizationTest5EE.crt +test_validatechain_NB NIST-Test.4.3.6 ENE $NIST TrustAnchorRootCertificate.crt UIDCACert.crt ValidNameUIDsTest6EE.crt +test_validatechain_NB NIST-Test.4.3.9 ENE $NIST TrustAnchorRootCertificate.crt UTF8StringEncodedNamesCACert.crt ValidUTF8StringEncodedNamesTest9EE.crt +test_validatechain_NB NIST-Test.4.3.10 ENE $NIST TrustAnchorRootCertificate.crt RolloverfromPrintableStringtoUTF8StringCACert.crt ValidRolloverfromPrintableStringtoUTF8StringTest10EE.crt +test_validatechain_NB NIST-Test.4.3.11 ENE $NIST TrustAnchorRootCertificate.crt UTF8StringCaseInsensitiveMatchCACert.crt ValidUTF8StringCaseInsensitiveMatchTest11EE.crt +test_validatechain_NB NIST-Test.4.4.1 EE $NIST TrustAnchorRootCertificate.crt NoCRLCACert.crt InvalidMissingCRLTest1EE.crt +test_validatechain_NB NIST-Test.4.4.2 EE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt RevokedsubCACert.crt InvalidRevokedCATest2EE.crt +test_validatechain_NB NIST-Test.4.4.3 EE $NIST TrustAnchorRootCertificate.crt GoodCACert.crt InvalidRevokedEETest3EE.crt +test_validatechain_NB NIST-Test.4.4.4 EE $NIST TrustAnchorRootCertificate.crt BadCRLSignatureCACert.crt InvalidBadCRLSignatureTest4EE.crt +test_validatechain_NB NIST-Test.4.4.5 EE $NIST TrustAnchorRootCertificate.crt BadCRLIssuerNameCACert.crt InvalidBadCRLIssuerNameTest5EE.crt +test_validatechain_NB NIST-Test.4.4.6 EE $NIST TrustAnchorRootCertificate.crt WrongCRLCACert.crt InvalidWrongCRLTest6EE.crt +test_validatechain_NB NIST-Test.4.4.7 ENE $NIST TrustAnchorRootCertificate.crt TwoCRLsCACert.crt ValidTwoCRLsTest7EE.crt +test_validatechain_NB NIST-Test.4.4.8 EE $NIST TrustAnchorRootCertificate.crt UnknownCRLEntryExtensionCACert.crt InvalidUnknownCRLEntryExtensionTest8EE.crt +test_validatechain_NB NIST-Test.4.4.9 EE $NIST TrustAnchorRootCertificate.crt UnknownCRLExtensionCACert.crt InvalidUnknownCRLExtensionTest9EE.crt +test_validatechain_NB NIST-Test.4.4.10 EE $NIST TrustAnchorRootCertificate.crt UnknownCRLExtensionCACert.crt InvalidUnknownCRLExtensionTest10EE.crt +test_validatechain_NB NIST-Test.4.4.11 EE $NIST TrustAnchorRootCertificate.crt OldCRLnextUpdateCACert.crt InvalidOldCRLnextUpdateTest11EE.crt +test_validatechain_NB NIST-Test.4.4.12 EE $NIST TrustAnchorRootCertificate.crt pre2000CRLnextUpdateCACert.crt Invalidpre2000CRLnextUpdateTest12EE.crt +test_validatechain_NB NIST-Test.4.4.13 ENE $NIST TrustAnchorRootCertificate.crt GeneralizedTimeCRLnextUpdateCACert.crt ValidGeneralizedTimeCRLnextUpdateTest13EE.crt +test_validatechain_NB NIST-Test.4.4.14 ENE $NIST TrustAnchorRootCertificate.crt NegativeSerialNumberCACert.crt ValidNegativeSerialNumberTest14EE.crt +test_validatechain_NB NIST-Test.4.4.15 EE $NIST TrustAnchorRootCertificate.crt NegativeSerialNumberCACert.crt InvalidNegativeSerialNumberTest15EE.crt +test_validatechain_NB NIST-Test.4.4.16 ENE $NIST TrustAnchorRootCertificate.crt LongSerialNumberCACert.crt ValidLongSerialNumberTest16EE.crt +test_validatechain_NB NIST-Test.4.4.17 ENE $NIST TrustAnchorRootCertificate.crt LongSerialNumberCACert.crt ValidLongSerialNumberTest17EE.crt +test_validatechain_NB NIST-Test.4.4.18 EE $NIST TrustAnchorRootCertificate.crt LongSerialNumberCACert.crt InvalidLongSerialNumberTest18EE.crt +test_validatechain_NB NIST-Test.4.4.20 EE $NIST TrustAnchorRootCertificate.crt SeparateCertificateandCRLKeysCertificateSigningCACert.crt SeparateCertificateandCRLKeysCRLSigningCert.crt InvalidSeparateCertificateandCRLKeysTest20EE.crt +test_validatechain_NB NIST-Test.4.5.1 ENE $NIST TrustAnchorRootCertificate.crt BasicSelfIssuedNewKeyCACert.crt BasicSelfIssuedNewKeyOldWithNewCACert.crt ValidBasicSelfIssuedOldWithNewTest1EE.crt +test_validatechain_NB NIST-Test.4.5.2 EE $NIST TrustAnchorRootCertificate.crt BasicSelfIssuedNewKeyCACert.crt BasicSelfIssuedNewKeyOldWithNewCACert.crt InvalidBasicSelfIssuedOldWithNewTest2EE.crt +test_validatechain_NB NIST-Test.4.5.5 EE $NIST TrustAnchorRootCertificate.crt BasicSelfIssuedOldKeyCACert.crt BasicSelfIssuedOldKeyNewWithOldCACert.crt InvalidBasicSelfIssuedNewWithOldTest5EE.crt +test_validatechain_NB NIST-Test.4.5.7 EE $NIST TrustAnchorRootCertificate.crt BasicSelfIssuedCRLSigningKeyCACert.crt BasicSelfIssuedCRLSigningKeyCRLCert.crt InvalidBasicSelfIssuedCRLSigningKeyTest7EE.crt +test_validatechain_NB NIST-Test.4.5.8 EE $NIST TrustAnchorRootCertificate.crt BasicSelfIssuedCRLSigningKeyCACert.crt BasicSelfIssuedCRLSigningKeyCRLCert.crt InvalidBasicSelfIssuedCRLSigningKeyTest8EE.crt +test_basicconstraintschecker NIST-Test.4.6.1 EE $NIST TrustAnchorRootCertificate.crt MissingbasicConstraintsCACert.crt InvalidMissingbasicConstraintsTest1EE.crt +test_basicconstraintschecker NIST-Test.4.6.2 EE $NIST TrustAnchorRootCertificate.crt basicConstraintsCriticalcAFalseCACert.crt InvalidcAFalseTest2EE.crt +test_basicconstraintschecker NIST-Test.4.6.3 EE $NIST TrustAnchorRootCertificate.crt basicConstraintsNotCriticalcAFalseCACert.crt InvalidcAFalseTest3EE.crt +test_basicconstraintschecker NIST-Test.4.6.4 ENE $NIST TrustAnchorRootCertificate.crt basicConstraintsNotCriticalCACert.crt ValidbasicConstraintsNotCriticalTest4EE.crt +test_basicconstraintschecker NIST-Test.4.6.5 EE $NIST TrustAnchorRootCertificate.crt pathLenConstraint0CACert.crt pathLenConstraint0subCACert.crt InvalidpathLenConstraintTest5EE.crt +test_basicconstraintschecker NIST-Test.4.6.6 EE $NIST TrustAnchorRootCertificate.crt pathLenConstraint0CACert.crt pathLenConstraint0subCACert.crt InvalidpathLenConstraintTest6EE.crt +test_basicconstraintschecker NIST-Test.4.6.7 ENE $NIST TrustAnchorRootCertificate.crt pathLenConstraint0CACert.crt ValidpathLenConstraintTest7EE.crt +test_basicconstraintschecker NIST-Test.4.6.8 ENE $NIST TrustAnchorRootCertificate.crt pathLenConstraint0CACert.crt ValidpathLenConstraintTest8EE.crt +test_basicconstraintschecker NIST-Test.4.6.9 EE $NIST TrustAnchorRootCertificate.crt pathLenConstraint6CACert.crt pathLenConstraint6subCA0Cert.crt pathLenConstraint6subsubCA00Cert.crt InvalidpathLenConstraintTest9EE.crt +test_basicconstraintschecker NIST-Test.4.6.10 EE $NIST TrustAnchorRootCertificate.crt pathLenConstraint6CACert.crt pathLenConstraint6subCA0Cert.crt pathLenConstraint6subsubCA00Cert.crt InvalidpathLenConstraintTest10EE.crt +test_basicconstraintschecker NIST-Test.4.6.11 EE $NIST TrustAnchorRootCertificate.crt pathLenConstraint6CACert.crt pathLenConstraint6subCA1Cert.crt pathLenConstraint6subsubCA11Cert.crt pathLenConstraint6subsubsubCA11XCert.crt InvalidpathLenConstraintTest11EE.crt +test_basicconstraintschecker NIST-Test.4.6.12 EE $NIST TrustAnchorRootCertificate.crt pathLenConstraint6CACert.crt pathLenConstraint6subCA1Cert.crt pathLenConstraint6subsubCA11Cert.crt pathLenConstraint6subsubsubCA11XCert.crt InvalidpathLenConstraintTest12EE.crt +test_basicconstraintschecker NIST-Test.4.6.13 ENE $NIST TrustAnchorRootCertificate.crt pathLenConstraint6CACert.crt pathLenConstraint6subCA4Cert.crt pathLenConstraint6subsubCA41Cert.crt pathLenConstraint6subsubsubCA41XCert.crt ValidpathLenConstraintTest13EE.crt +test_basicconstraintschecker NIST-Test.4.6.14 ENE $NIST TrustAnchorRootCertificate.crt pathLenConstraint6CACert.crt pathLenConstraint6subCA4Cert.crt pathLenConstraint6subsubCA41Cert.crt pathLenConstraint6subsubsubCA41XCert.crt ValidpathLenConstraintTest14EE.crt +test_basicconstraintschecker NIST-Test.4.6.15 ENE $NIST TrustAnchorRootCertificate.crt pathLenConstraint0CACert.crt pathLenConstraint0SelfIssuedCACert.crt ValidSelfIssuedpathLenConstraintTest15EE.crt +test_basicconstraintschecker NIST-Test.4.6.16 EE $NIST TrustAnchorRootCertificate.crt pathLenConstraint0CACert.crt pathLenConstraint0SelfIssuedCACert.crt pathLenConstraint0subCA2Cert.crt InvalidSelfIssuedpathLenConstraintTest16EE.crt +test_basicconstraintschecker NIST-Test.4.6.17 ENE $NIST TrustAnchorRootCertificate.crt pathLenConstraint1CACert.crt pathLenConstraint1SelfIssuedCACert.crt pathLenConstraint1subCACert.crt pathLenConstraint1SelfIssuedsubCACert.crt ValidSelfIssuedpathLenConstraintTest17EE.crt +test_validatechain "NIST-Test.4.7.1" EE $NIST TrustAnchorRootCertificate.crt keyUsageCriticalkeyCertSignFalseCACert.crt InvalidkeyUsageCriticalkeyCertSignFalseTest1EE.crt +test_validatechain "NIST-Test.4.7.2" EE $NIST TrustAnchorRootCertificate.crt keyUsageNotCriticalkeyCertSignFalseCACert.crt InvalidkeyUsageNotCriticalkeyCertSignFalseTest2EE.crt +test_validatechain "NIST-Test.4.7.3" ENE $NIST TrustAnchorRootCertificate.crt keyUsageNotCriticalCACert.crt ValidkeyUsageNotCriticalTest3EE.crt +test_validatechain "NIST-Test.4.7.4" EE $NIST TrustAnchorRootCertificate.crt keyUsageCriticalcRLSignFalseCACert.crt InvalidkeyUsageCriticalcRLSignFalseTest4EE.crt +test_validatechain "NIST-Test.4.7.5" EE $NIST TrustAnchorRootCertificate.crt keyUsageNotCriticalcRLSignFalseCACert.crt InvalidkeyUsageNotCriticalcRLSignFalseTest5EE.crt +test_policychecker NIST-Test.4.8.1.1-1 ENE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt GoodCACert.crt ValidCertificatePathTest1EE.crt +test_policychecker NIST-Test.4.8.1.1-2 ENE $NIST ../../certs "{2.5.29.32.0}" E TrustAnchorRootCertificate.crt GoodCACert.crt ValidCertificatePathTest1EE.crt +test_policychecker NIST-Test.4.8.1.2 ENE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.1}" E TrustAnchorRootCertificate.crt GoodCACert.crt ValidCertificatePathTest1EE.crt +test_policychecker NIST-Test.4.8.1.3 EE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.2}" E TrustAnchorRootCertificate.crt GoodCACert.crt ValidCertificatePathTest1EE.crt +test_policychecker NIST-Test.4.8.1.4 ENE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.1:2.16.840.1.101.3.2.1.48.2}" E TrustAnchorRootCertificate.crt GoodCACert.crt ValidCertificatePathTest1EE.crt +test_policychecker NIST-Test.4.8.2.1 ENE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt NoPoliciesCACert.crt AllCertificatesNoPoliciesTest2EE.crt +test_policychecker NIST-Test.4.8.2.2 EE $NIST ../../certs "{2.5.29.32.0}" E TrustAnchorRootCertificate.crt NoPoliciesCACert.crt AllCertificatesNoPoliciesTest2EE.crt +test_policychecker NIST-Test.4.8.3.1 ENE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt GoodCACert.crt PoliciesP2subCACert.crt DifferentPoliciesTest3EE.crt +test_policychecker NIST-Test.4.8.3.2 EE $NIST ../../certs "{2.5.29.32.0}" E TrustAnchorRootCertificate.crt GoodCACert.crt PoliciesP2subCACert.crt DifferentPoliciesTest3EE.crt +test_policychecker NIST-Test.4.8.3.3 EE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.1:2.16.840.1.101.3.2.1.48.2}" E TrustAnchorRootCertificate.crt GoodCACert.crt PoliciesP2subCACert.crt DifferentPoliciesTest3EE.crt +test_policychecker NIST-Test.4.8.4 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt GoodCACert.crt GoodsubCACert.crt DifferentPoliciesTest4EE.crt +test_policychecker NIST-Test.4.8.5 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt GoodCACert.crt PoliciesP2subCA2Cert.crt DifferentPoliciesTest5EE.crt +test_policychecker NIST-Test.4.8.6.1 ENE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt PoliciesP1234CACert.crt PoliciesP1234subCAP123Cert.crt PoliciesP1234subsubCAP123P12Cert.crt OverlappingPoliciesTest6EE.crt +test_policychecker NIST-Test.4.8.6.2 ENE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.1}" TrustAnchorRootCertificate.crt PoliciesP1234CACert.crt PoliciesP1234subCAP123Cert.crt PoliciesP1234subsubCAP123P12Cert.crt OverlappingPoliciesTest6EE.crt +test_policychecker NIST-Test.4.8.6.3 EE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.2}" TrustAnchorRootCertificate.crt PoliciesP1234CACert.crt PoliciesP1234subCAP123Cert.crt PoliciesP1234subsubCAP123P12Cert.crt OverlappingPoliciesTest6EE.crt +test_policychecker NIST-Test.4.8.7 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt PoliciesP123CACert.crt PoliciesP123subCAP12Cert.crt PoliciesP123subsubCAP12P1Cert.crt DifferentPoliciesTest7EE.crt +test_policychecker NIST-Test.4.8.8 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt PoliciesP12CACert.crt PoliciesP12subCAP1Cert.crt PoliciesP12subsubCAP1P2Cert.crt DifferentPoliciesTest8EE.crt +test_policychecker NIST-Test.4.8.9 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt PoliciesP123CACert.crt PoliciesP123subCAP12Cert.crt PoliciesP123subsubCAP12P2Cert.crt PoliciesP123subsubsubCAP12P2P1Cert.crt +test_policychecker NIST-Test.4.8.10.1 ENE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt PoliciesP12CACert.crt AllCertificatesSamePoliciesTest10EE.crt +test_policychecker NIST-Test.4.8.10.2 ENE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.1}" TrustAnchorRootCertificate.crt PoliciesP12CACert.crt AllCertificatesSamePoliciesTest10EE.crt +test_policychecker NIST-Test.4.8.10.3 ENE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.2}" TrustAnchorRootCertificate.crt PoliciesP12CACert.crt AllCertificatesSamePoliciesTest10EE.crt +test_policychecker NIST-Test.4.8.11.1 ENE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt anyPolicyCACert.crt AllCertificatesanyPolicyTest11EE.crt +test_policychecker NIST-Test.4.8.11.2 ENE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.1}" TrustAnchorRootCertificate.crt anyPolicyCACert.crt AllCertificatesanyPolicyTest11EE.crt +test_policychecker NIST-Test.4.8.12 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt PoliciesP3CACert.crt DifferentPoliciesTest12EE.crt +test_policychecker NIST-Test.4.8.13.1 ENE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.1}" TrustAnchorRootCertificate.crt PoliciesP123CACert.crt AllCertificatesSamePoliciesTest13EE.crt +test_policychecker NIST-Test.4.8.13.2 ENE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.2}" TrustAnchorRootCertificate.crt PoliciesP123CACert.crt AllCertificatesSamePoliciesTest13EE.crt +test_policychecker NIST-Test.4.8.13.3 ENE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.3}" TrustAnchorRootCertificate.crt PoliciesP123CACert.crt AllCertificatesSamePoliciesTest13EE.crt +test_policychecker NIST-Test.4.8.14.1 ENE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.1}" TrustAnchorRootCertificate.crt anyPolicyCACert.crt AnyPolicyTest14EE.crt +test_policychecker NIST-Test.4.8.14.2 EE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.2}" E TrustAnchorRootCertificate.crt anyPolicyCACert.crt AnyPolicyTest14EE.crt +test_policychecker NIST-Test.4.8.15.1 ENE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.1}" E TrustAnchorRootCertificate.crt UserNoticeQualifierTest15EE.crt +test_policychecker NIST-Test.4.8.15.2 EE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.2}" E TrustAnchorRootCertificate.crt UserNoticeQualifierTest15EE.crt +test_policychecker NIST-Test.4.8.16.1 ENE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.1}" E TrustAnchorRootCertificate.crt GoodCACert.crt UserNoticeQualifierTest16EE.crt +test_policychecker NIST-Test.4.8.16.2 EE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.2}" E TrustAnchorRootCertificate.crt GoodCACert.crt UserNoticeQualifierTest16EE.crt +test_policychecker NIST-Test.4.8.17 ENE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt GoodCACert.crt UserNoticeQualifierTest17EE.crt +test_policychecker NIST-Test.4.8.18.1 ENE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.1}" TrustAnchorRootCertificate.crt PoliciesP12CACert.crt UserNoticeQualifierTest18EE.crt +test_policychecker NIST-Test.4.8.18.2 ENE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.2}" TrustAnchorRootCertificate.crt PoliciesP12CACert.crt UserNoticeQualifierTest18EE.crt +test_policychecker NIST-Test.4.8.19 ENE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt UserNoticeQualifierTest19EE.crt +test_policychecker NIST-Test.4.8.20 ENE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt GoodCACert.crt CPSPointerQualifierTest20EE.crt +test_policychecker NIST-Test.4.9.1 ENE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt requireExplicitPolicy10CACert.crt requireExplicitPolicy10subCACert.crt requireExplicitPolicy10subsubCACert.crt requireExplicitPolicy10subsubsubCACert.crt ValidrequireExplicitPolicyTest1EE.crt +test_policychecker NIST-Test.4.9.2 ENE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt requireExplicitPolicy5CACert.crt requireExplicitPolicy5subCACert.crt requireExplicitPolicy5subsubCACert.crt requireExplicitPolicy5subsubsubCACert.crt ValidrequireExplicitPolicyTest2EE.crt +test_policychecker NIST-Test.4.9.3 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt requireExplicitPolicy4CACert.crt requireExplicitPolicy4subCACert.crt requireExplicitPolicy4subsubCACert.crt requireExplicitPolicy4subsubsubCACert.crt InvalidrequireExplicitPolicyTest3EE.crt +test_policychecker NIST-Test.4.9.4 ENE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt requireExplicitPolicy0CACert.crt requireExplicitPolicy0subCACert.crt requireExplicitPolicy0subsubCACert.crt requireExplicitPolicy0subsubsubCACert.crt ValidrequireExplicitPolicyTest4EE.crt +test_policychecker NIST-Test.4.9.5 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt requireExplicitPolicy7CACert.crt requireExplicitPolicy7subCARE2Cert.crt requireExplicitPolicy7subsubCARE2RE4Cert.crt requireExplicitPolicy7subsubsubCARE2RE4Cert.crt InvalidrequireExplicitPolicyTest5EE.crt +test_policychecker NIST-Test.4.9.6 ENE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt requireExplicitPolicy2CACert.crt requireExplicitPolicy2SelfIssuedCACert.crt ValidSelfIssuedrequireExplicitPolicyTest6EE.crt +test_policychecker NIST-Test.4.9.7 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt requireExplicitPolicy2CACert.crt requireExplicitPolicy2SelfIssuedCACert.crt requireExplicitPolicy2subCACert.crt InvalidSelfIssuedrequireExplicitPolicyTest7EE.crt +test_policychecker NIST-Test.4.9.8 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt requireExplicitPolicy2CACert.crt requireExplicitPolicy2SelfIssuedCACert.crt requireExplicitPolicy2subCACert.crt requireExplicitPolicy2SelfIssuedsubCACert.crt InvalidSelfIssuedrequireExplicitPolicyTest8EE.crt +test_policychecker NIST-Test.4.10.1.1 ENE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.1}" TrustAnchorRootCertificate.crt Mapping1to2CACert.crt ValidPolicyMappingTest1EE.crt +test_policychecker NIST-Test.4.10.1.2 EE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.2}" TrustAnchorRootCertificate.crt Mapping1to2CACert.crt ValidPolicyMappingTest1EE.crt +test_policychecker NIST-Test.4.10.1.3 EE $NIST ../../certs "{2.5.29.32.0}" P TrustAnchorRootCertificate.crt Mapping1to2CACert.crt ValidPolicyMappingTest1EE.crt +test_policychecker NIST-Test.4.10.2.1 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt Mapping1to2CACert.crt InvalidPolicyMappingTest2EE.crt +test_policychecker NIST-Test.4.10.2.2 EE $NIST ../../certs "{2.5.29.32.0}" P TrustAnchorRootCertificate.crt Mapping1to2CACert.crt InvalidPolicyMappingTest2EE.crt +test_policychecker NIST-Test.4.10.3.1 EE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.1}" TrustAnchorRootCertificate.crt P12Mapping1to3CACert.crt P12Mapping1to3subCACert.crt P12Mapping1to3subsubCACert.crt ValidPolicyMappingTest3EE.crt +test_policychecker NIST-Test.4.10.3.2 ENE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.2}" TrustAnchorRootCertificate.crt P12Mapping1to3CACert.crt P12Mapping1to3subCACert.crt P12Mapping1to3subsubCACert.crt ValidPolicyMappingTest3EE.crt +test_policychecker NIST-Test.4.10.4 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt P12Mapping1to3CACert.crt P12Mapping1to3subCACert.crt P12Mapping1to3subsubCACert.crt InvalidPolicyMappingTest4EE.crt +test_policychecker NIST-Test.4.10.5.1 ENE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.1}" TrustAnchorRootCertificate.crt P1Mapping1to234CACert.crt P1Mapping1to234subCACert.crt ValidPolicyMappingTest5EE.crt +test_policychecker NIST-Test.4.10.5.2 EE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.6}" TrustAnchorRootCertificate.crt P1Mapping1to234CACert.crt P1Mapping1to234subCACert.crt ValidPolicyMappingTest5EE.crt +test_policychecker NIST-Test.4.10.6.1 ENE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.1}" TrustAnchorRootCertificate.crt P1Mapping1to234CACert.crt P1Mapping1to234subCACert.crt ValidPolicyMappingTest6EE.crt +test_policychecker NIST-Test.4.10.6.2 EE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.6}" TrustAnchorRootCertificate.crt P1Mapping1to234CACert.crt P1Mapping1to234subCACert.crt ValidPolicyMappingTest6EE.crt TrustAnchorRootCertificate.crt +test_policychecker NIST-Test.4.10.7.1 ENE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt MappingFromanyPolicyCACert.crt +test_policychecker NIST-Test.4.10.7.2 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt MappingFromanyPolicyCACert.crt InvalidMappingFromanyPolicyTest7EE.crt +test_policychecker NIST-Test.4.10.8.1 ENE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt MappingToanyPolicyCACert.crt +test_policychecker NIST-Test.4.10.8.2 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt MappingToanyPolicyCACert.crt InvalidMappingToanyPolicyTest8EE.crt +test_policychecker NIST-Test.4.10.9 ENE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt PanyPolicyMapping1to2CACert.crt ValidPolicyMappingTest9EE.crt +test_policychecker NIST-Test.4.10.10 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt GoodCACert.crt GoodsubCAPanyPolicyMapping1to2CACert.crt InvalidPolicyMappingTest10EE.crt +test_policychecker NIST-Test.4.10.11 ENE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt GoodCACert.crt GoodsubCAPanyPolicyMapping1to2CACert.crt ValidPolicyMappingTest11EE.crt +test_policychecker NIST-Test.4.10.12.1 ENE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.1}" TrustAnchorRootCertificate.crt P12Mapping1to3CACert.crt ValidPolicyMappingTest12EE.crt +test_policychecker NIST-Test.4.10.12.2 ENE $NIST ../../certs "{2.16.840.1.101.3.2.1.48.2}" TrustAnchorRootCertificate.crt P12Mapping1to3CACert.crt ValidPolicyMappingTest12EE.crt +test_policychecker NIST-Test.4.10.13 ENE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt P1anyPolicyMapping1to2CACert.crt ValidPolicyMappingTest13EE.crt +test_policychecker NIST-Test.4.10.14 ENE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt P1anyPolicyMapping1to2CACert.crt ValidPolicyMappingTest14EE.crt +test_policychecker NIST-Test.4.11.1.1 ENE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt inhibitPolicyMapping0CACert.crt inhibitPolicyMapping0subCACert.crt +test_policychecker NIST-Test.4.11.1.2 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt inhibitPolicyMapping0CACert.crt inhibitPolicyMapping0subCACert.crt InvalidinhibitPolicyMappingTest1EE.crt +test_policychecker NIST-Test.4.11.2 ENE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt inhibitPolicyMapping1P12CACert.crt inhibitPolicyMapping1P12subCACert.crt ValidinhibitPolicyMappingTest2EE.crt +test_policychecker NIST-Test.4.11.3 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt inhibitPolicyMapping1P12CACert.crt inhibitPolicyMapping1P12subCACert.crt inhibitPolicyMapping1P12subsubCACert.crt InvalidinhibitPolicyMappingTest3EE.crt +test_policychecker NIST-Test.4.11.4 ENE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt inhibitPolicyMapping1P12CACert.crt inhibitPolicyMapping1P12subCACert.crt inhibitPolicyMapping1P12subsubCACert.crt ValidinhibitPolicyMappingTest4EE.crt +test_policychecker NIST-Test.4.11.5 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt inhibitPolicyMapping5CACert.crt inhibitPolicyMapping5subCACert.crt inhibitPolicyMapping5subsubCACert.crt inhibitPolicyMapping5subsubsubCACert.crt InvalidinhibitPolicyMappingTest5EE.crt +test_policychecker NIST-Test.4.11.6 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt inhibitPolicyMapping1P12CACert.crt inhibitPolicyMapping1P12subCAIPM5Cert.crt inhibitPolicyMapping1P12subsubCAIPM5Cert.crt InvalidinhibitPolicyMappingTest6EE.crt +test_policychecker NIST-Test.4.11.7 ENE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt inhibitPolicyMapping1P1CACert.crt inhibitPolicyMapping1P1SelfIssuedCACert.crt inhibitPolicyMapping1P1subCACert.crt ValidSelfIssuedinhibitPolicyMappingTest7EE.crt +test_policychecker NIST-Test.4.11.8 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt inhibitPolicyMapping1P1CACert.crt inhibitPolicyMapping1P1SelfIssuedCACert.crt inhibitPolicyMapping1P1subCACert.crt inhibitPolicyMapping1P1subsubCACert.crt InvalidSelfIssuedinhibitPolicyMappingTest8EE.crt +test_policychecker NIST-Test.4.11.9 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt inhibitPolicyMapping1P1CACert.crt inhibitPolicyMapping1P1SelfIssuedCACert.crt inhibitPolicyMapping1P1subCACert.crt inhibitPolicyMapping1P1subsubCACert.crt InvalidSelfIssuedinhibitPolicyMappingTest9EE.crt +test_policychecker NIST-Test.4.11.10 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt inhibitPolicyMapping1P1CACert.crt inhibitPolicyMapping1P1SelfIssuedCACert.crt inhibitPolicyMapping1P1subCACert.crt inhibitPolicyMapping1P1SelfIssuedsubCACert.crt InvalidSelfIssuedinhibitPolicyMappingTest10EE.crt +test_policychecker NIST-Test.4.11.11 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt inhibitPolicyMapping1P1CACert.crt inhibitPolicyMapping1P1SelfIssuedCACert.crt inhibitPolicyMapping1P1subCACert.crt inhibitPolicyMapping1P1SelfIssuedsubCACert.crt InvalidSelfIssuedinhibitPolicyMappingTest11EE.crt +test_policychecker NIST-Test.4.12.1 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt inhibitAnyPolicy0CACert.crt InvalidinhibitAnyPolicyTest1EE.crt +test_policychecker NIST-Test.4.12.2 ENE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt inhibitAnyPolicy0CACert.crt ValidinhibitAnyPolicyTest2EE.crt +test_policychecker NIST-Test.4.12.3.1 ENE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt inhibitAnyPolicy1CACert.crt inhibitAnyPolicy1subCA1Cert.crt inhibitAnyPolicyTest3EE.crt +test_policychecker NIST-Test.4.12.3.2 EE $NIST ../../certs "{2.5.29.32.0}" A TrustAnchorRootCertificate.crt inhibitAnyPolicy1CACert.crt inhibitAnyPolicy1subCA1Cert.crt inhibitAnyPolicyTest3EE.crt +test_policychecker NIST-Test.4.12.4 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt inhibitAnyPolicy1CACert.crt inhibitAnyPolicy1subCA1Cert.crt InvalidinhibitAnyPolicyTest4EE.crt +test_policychecker NIST-Test.4.12.5 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt inhibitAnyPolicy5CACert.crt inhibitAnyPolicy5subCACert.crt inhibitAnyPolicy5subsubCACert.crt InvalidinhibitAnyPolicyTest5EE.crt +test_policychecker NIST-Test.4.12.6 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt inhibitAnyPolicy1CACert.crt inhibitAnyPolicy1subCAIAP5Cert.crt InvalidinhibitAnyPolicyTest6EE.crt +test_policychecker NIST-Test.4.12.7 ENE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt inhibitAnyPolicy1CACert.crt inhibitAnyPolicy1SelfIssuedCACert.crt inhibitAnyPolicy1subCA2Cert.crt ValidSelfIssuedinhibitAnyPolicyTest7EE.crt +test_policychecker NIST-Test.4.12.8 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt inhibitAnyPolicy1CACert.crt inhibitAnyPolicy1SelfIssuedCACert.crt inhibitAnyPolicy1subCA2Cert.crt inhibitAnyPolicy1subsubCA2Cert.crt InvalidSelfIssuedinhibitAnyPolicyTest8EE.crt +test_policychecker NIST-Test.4.12.9 ENE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt inhibitAnyPolicy1CACert.crt inhibitAnyPolicy1SelfIssuedCACert.crt inhibitAnyPolicy1subCA2Cert.crt inhibitAnyPolicy1SelfIssuedsubCA2Cert.crt ValidSelfIssuedinhibitAnyPolicyTest9EE.crt +test_policychecker NIST-Test.4.12.10 EE $NIST ../../certs "{2.5.29.32.0}" TrustAnchorRootCertificate.crt inhibitAnyPolicy1CACert.crt inhibitAnyPolicy1SelfIssuedCACert.crt inhibitAnyPolicy1subCA2Cert.crt InvalidSelfIssuedinhibitAnyPolicyTest10EE.crt +test_basicconstraintschecker NIST-Test.4.13.1 ENE $NIST TrustAnchorRootCertificate.crt nameConstraintsDN1CACert.crt ValidDNnameConstraintsTest1EE.crt +test_basicconstraintschecker NIST-Test.4.13.2 EE $NIST TrustAnchorRootCertificate.crt nameConstraintsDN1CACert.crt InvalidDNnameConstraintsTest2EE.crt +test_basicconstraintschecker NIST-Test.4.13.3 EE $NIST TrustAnchorRootCertificate.crt nameConstraintsDN1CACert.crt InvalidDNnameConstraintsTest3EE.crt +test_basicconstraintschecker NIST-Test.4.13.4 ENE $NIST TrustAnchorRootCertificate.crt nameConstraintsDN1CACert.crt ValidDNnameConstraintsTest4EE.crt +test_basicconstraintschecker NIST-Test.4.13.5 ENE $NIST TrustAnchorRootCertificate.crt nameConstraintsDN2CACert.crt ValidDNnameConstraintsTest5EE.crt +test_basicconstraintschecker NIST-Test.4.13.6 ENE $NIST TrustAnchorRootCertificate.crt nameConstraintsDN3CACert.crt ValidDNnameConstraintsTest6EE.crt +test_basicconstraintschecker NIST-Test.4.13.7 EE $NIST TrustAnchorRootCertificate.crt nameConstraintsDN3CACert.crt InvalidDNnameConstraintsTest7EE.crt +test_basicconstraintschecker NIST-Test.4.13.8 EE $NIST TrustAnchorRootCertificate.crt nameConstraintsDN4CACert.crt InvalidDNnameConstraintsTest8EE.crt +test_basicconstraintschecker NIST-Test.4.13.9 EE $NIST TrustAnchorRootCertificate.crt nameConstraintsDN4CACert.crt InvalidDNnameConstraintsTest9EE.crt +test_basicconstraintschecker NIST-Test.4.13.10 EE $NIST TrustAnchorRootCertificate.crt nameConstraintsDN5CACert.crt InvalidDNnameConstraintsTest10EE.crt +test_basicconstraintschecker NIST-Test.4.13.11 ENE $NIST TrustAnchorRootCertificate.crt nameConstraintsDN5CACert.crt ValidDNnameConstraintsTest11EE.crt +test_basicconstraintschecker NIST-Test.4.13.12 EE $NIST TrustAnchorRootCertificate.crt nameConstraintsDN1CACert.crt nameConstraintsDN1subCA1Cert.crt InvalidDNnameConstraintsTest12EE.crt +test_basicconstraintschecker NIST-Test.4.13.13 EE $NIST TrustAnchorRootCertificate.crt nameConstraintsDN1CACert.crt nameConstraintsDN1subCA2Cert.crt InvalidDNnameConstraintsTest13EE.crt +test_basicconstraintschecker NIST-Test.4.13.14 ENE $NIST TrustAnchorRootCertificate.crt nameConstraintsDN1CACert.crt nameConstraintsDN1subCA2Cert.crt ValidDNnameConstraintsTest14EE.crt +test_basicconstraintschecker NIST-Test.4.13.15 EE $NIST TrustAnchorRootCertificate.crt nameConstraintsDN3CACert.crt nameConstraintsDN3subCA1Cert.crt InvalidDNnameConstraintsTest15EE.crt +test_basicconstraintschecker NIST-Test.4.13.16 EE $NIST TrustAnchorRootCertificate.crt nameConstraintsDN3CACert.crt nameConstraintsDN3subCA1Cert.crt InvalidDNnameConstraintsTest16EE.crt +test_basicconstraintschecker NIST-Test.4.13.17 EE $NIST TrustAnchorRootCertificate.crt nameConstraintsDN3CACert.crt nameConstraintsDN3subCA2Cert.crt InvalidDNnameConstraintsTest17EE.crt +test_basicconstraintschecker NIST-Test.4.13.18 ENE $NIST TrustAnchorRootCertificate.crt nameConstraintsDN3CACert.crt nameConstraintsDN3subCA2Cert.crt ValidDNnameConstraintsTest18EE.crt +test_basicconstraintschecker NIST-Test.4.13.19 ENE $NIST TrustAnchorRootCertificate.crt nameConstraintsDN1CACert.crt nameConstraintsDN1SelfIssuedCACert.crt ValidDNnameConstraintsTest19EE.crt +test_basicconstraintschecker NIST-Test.4.13.20 EE $NIST TrustAnchorRootCertificate.crt nameConstraintsDN1CACert.crt InvalidDNnameConstraintsTest20EE.crt +test_basicconstraintschecker NIST-Test.4.13.21 ENE $NIST TrustAnchorRootCertificate.crt nameConstraintsRFC822CA1Cert.crt ValidRFC822nameConstraintsTest21EE.crt +test_basicconstraintschecker NIST-Test.4.13.22 EE $NIST TrustAnchorRootCertificate.crt nameConstraintsRFC822CA1Cert.crt InvalidRFC822nameConstraintsTest22EE.crt +test_basicconstraintschecker NIST-Test.4.13.23 ENE $NIST TrustAnchorRootCertificate.crt nameConstraintsRFC822CA2Cert.crt ValidRFC822nameConstraintsTest23EE.crt +test_basicconstraintschecker NIST-Test.4.13.24 EE $NIST TrustAnchorRootCertificate.crt nameConstraintsRFC822CA2Cert.crt InvalidRFC822nameConstraintsTest24EE.crt +test_basicconstraintschecker NIST-Test.4.13.25 ENE $NIST TrustAnchorRootCertificate.crt nameConstraintsRFC822CA3Cert.crt ValidRFC822nameConstraintsTest25EE.crt +test_basicconstraintschecker NIST-Test.4.13.26 EE $NIST TrustAnchorRootCertificate.crt nameConstraintsRFC822CA3Cert.crt InvalidRFC822nameConstraintsTest26EE.crt +test_basicconstraintschecker NIST-Test.4.13.27 ENE $NIST TrustAnchorRootCertificate.crt nameConstraintsDN1CACert.crt nameConstraintsDN1subCA3Cert.crt ValidDNandRFC822nameConstraintsTest27EE.crt +test_basicconstraintschecker NIST-Test.4.13.28 EE $NIST TrustAnchorRootCertificate.crt nameConstraintsDN1CACert.crt nameConstraintsDN1subCA3Cert.crt InvalidDNandRFC822nameConstraintsTest28EE.crt +test_basicconstraintschecker NIST-Test.4.13.29 EE $NIST TrustAnchorRootCertificate.crt nameConstraintsDN1CACert.crt nameConstraintsDN1subCA3Cert.crt InvalidDNandRFC822nameConstraintsTest29EE.crt +test_basicconstraintschecker NIST-Test.4.13.30 ENE $NIST TrustAnchorRootCertificate.crt nameConstraintsDNS1CACert.crt ValidDNSnameConstraintsTest30EE.crt +test_basicconstraintschecker NIST-Test.4.13.31 EE $NIST TrustAnchorRootCertificate.crt nameConstraintsDNS1CACert.crt InvalidDNSnameConstraintsTest31EE.crt +test_basicconstraintschecker NIST-Test.4.13.32 ENE $NIST TrustAnchorRootCertificate.crt nameConstraintsDNS2CACert.crt ValidDNSnameConstraintsTest32EE.crt +test_basicconstraintschecker NIST-Test.4.13.33 EE $NIST TrustAnchorRootCertificate.crt nameConstraintsDNS2CACert.crt InvalidDNSnameConstraintsTest33EE.crt +test_basicconstraintschecker NIST-Test.4.13.34 ENE $NIST TrustAnchorRootCertificate.crt nameConstraintsURI1CACert.crt ValidURInameConstraintsTest34EE.crt +test_basicconstraintschecker NIST-Test.4.13.35 EE $NIST TrustAnchorRootCertificate.crt nameConstraintsURI1CACert.crt InvalidURInameConstraintsTest35EE.crt +test_basicconstraintschecker NIST-Test.4.13.36 ENE $NIST TrustAnchorRootCertificate.crt nameConstraintsURI2CACert.crt ValidURInameConstraintsTest36EE.crt +test_basicconstraintschecker NIST-Test.4.13.37 EE $NIST TrustAnchorRootCertificate.crt nameConstraintsURI2CACert.crt InvalidURInameConstraintsTest37EE.crt +test_basicconstraintschecker NIST-Test.4.13.38 EE $NIST TrustAnchorRootCertificate.crt nameConstraintsDNS1CACert.crt InvalidDNSnameConstraintsTest38EE.crt +test_basicconstraintschecker NIST-Test.4.16.1 ENE $NIST TrustAnchorRootCertificate.crt ValidUnknownNotCriticalCertificateExtensionTest1EE.crt +test_basicconstraintschecker NIST-Test.4.16.2 EE $NIST TrustAnchorRootCertificate.crt InvalidUnknownCriticalCertificateExtensionTest2EE.crt +test_buildchain_uchecker NIST-Test.4.1.1-without-OID ENE - $NIST ValidCertificatePathTest1EE.crt GoodCACert.crt TrustAnchorRootCertificate.crt +test_buildchain_uchecker NIST-Test.4.1.1-with-OID-without-forwardSupport ENE 2.5.29.19 $NIST ValidCertificatePathTest1EE.crt GoodCACert.crt TrustAnchorRootCertificate.crt +test_buildchain_uchecker NIST-Test.4.1.1-with-OID-forwardSupport ENE F2.5.29.19 $NIST ValidCertificatePathTest1EE.crt GoodCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.1.1 ENE $NIST ValidCertificatePathTest1EE.crt GoodCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.1.2 EE $NIST InvalidCASignatureTest2EE.crt BadSignedCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.1.3 EE $NIST InvalidEESignatureTest3EE.crt GoodCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.1.4 ENE $NIST ValidDSASignaturesTest4EE.crt DSACACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.1.5 ENE $NIST ValidDSAParameterInheritanceTest5EE.crt DSAParametersInheritedCACert.crt DSACACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.1.6 EE $NIST InvalidDSASignatureTest6EE.crt DSACACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.2.1 EE $NIST InvalidCAnotBeforeDateTest1EE.crt BadnotBeforeDateCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.2.2 EE $NIST InvalidEEnotBeforeDateTest2EE.crt GoodCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.2.3 ENE $NIST Validpre2000UTCnotBeforeDateTest3EE.crt GoodCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.2.4 ENE $NIST ValidGeneralizedTimenotBeforeDateTest4EE.crt GoodCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.2.5 EE $NIST InvalidCAnotAfterDateTest5EE.crt BadnotAfterDateCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.2.6 EE $NIST InvalidEEnotAfterDateTest6EE.crt GoodCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.2.7 EE $NIST Invalidpre2000UTCEEnotAfterDateTest7EE.crt GoodCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.2.8 ENE $NIST ValidGeneralizedTimenotAfterDateTest8EE.crt GoodCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.3.1 EE $NIST InvalidNameChainingTest1EE.crt GoodCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.3.2 EE $NIST InvalidNameChainingOrderTest2EE.crt NameOrderingCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.3.3 ENE $NIST ValidNameChainingWhitespaceTest3EE.crt GoodCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.3.4 ENE $NIST ValidNameChainingWhitespaceTest4EE.crt GoodCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.3.5 ENE $NIST ValidNameChainingCapitalizationTest5EE.crt GoodCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.3.6 ENE $NIST ValidNameUIDsTest6EE.crt UIDCACert.crt TrustAnchorRootCertificate.crt +test_buildchain - NIST-Test.4.3.7 ENE $NIST ValidRFC3280MandatoryAttributeTypesTest7EE.crt RFC3280MandatoryAttributeTypesCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.3.9 ENE $NIST ValidUTF8StringEncodedNamesTest9EE.crt UTF8StringEncodedNamesCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.3.10 ENE $NIST ValidRolloverfromPrintableStringtoUTF8StringTest10EE.crt RolloverfromPrintableStringtoUTF8StringCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.3.11 ENE $NIST ValidUTF8StringCaseInsensitiveMatchTest11EE.crt UTF8StringCaseInsensitiveMatchCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.4.1 EE $NIST InvalidMissingCRLTest1EE.crt NoCRLCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.4.2 EE $NIST InvalidRevokedCATest2EE.crt RevokedsubCACert.crt GoodCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.4.3 EE $NIST InvalidRevokedEETest3EE.crt GoodCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.4.4 EE $NIST InvalidBadCRLSignatureTest4EE.crt BadCRLSignatureCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.4.5 EE $NIST InvalidBadCRLIssuerNameTest5EE.crt BadCRLIssuerNameCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.4.6 EE $NIST InvalidWrongCRLTest6EE.crt WrongCRLCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.4.7 ENE $NIST ValidTwoCRLsTest7EE.crt TwoCRLsCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.4.8 EE $NIST InvalidUnknownCRLEntryExtensionTest8EE.crt UnknownCRLEntryExtensionCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.4.9 EE $NIST InvalidUnknownCRLExtensionTest9EE.crt UnknownCRLExtensionCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.4.10 EE $NIST InvalidUnknownCRLExtensionTest10EE.crt UnknownCRLExtensionCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.4.11 EE $NIST InvalidOldCRLnextUpdateTest11EE.crt OldCRLnextUpdateCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.4.12 EE $NIST Invalidpre2000CRLnextUpdateTest12EE.crt pre2000CRLnextUpdateCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.4.13 ENE $NIST ValidGeneralizedTimeCRLnextUpdateTest13EE.crt GeneralizedTimeCRLnextUpdateCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.4.14 ENE $NIST ValidNegativeSerialNumberTest14EE.crt NegativeSerialNumberCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.4.15 EE $NIST InvalidNegativeSerialNumberTest15EE.crt NegativeSerialNumberCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.4.16 ENE $NIST ValidLongSerialNumberTest16EE.crt LongSerialNumberCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.4.17 ENE $NIST ValidLongSerialNumberTest17EE.crt LongSerialNumberCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.4.18 EE $NIST InvalidLongSerialNumberTest18EE.crt LongSerialNumberCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.4.20 EE $NIST InvalidSeparateCertificateandCRLKeysTest20EE.crt SeparateCertificateandCRLKeysCRLSigningCert.crt TrustAnchorRootCertificate.crt SeparateCertificateandCRLKeysCertificateSigningCACert.crt +test_buildchain ${LDAP} NIST-Test.4.5.1 ENE $NIST ValidBasicSelfIssuedOldWithNewTest1EE.crt BasicSelfIssuedNewKeyOldWithNewCACert.crt BasicSelfIssuedNewKeyCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.5.2 EE $NIST InvalidBasicSelfIssuedOldWithNewTest2EE.crt BasicSelfIssuedNewKeyOldWithNewCACert.crt BasicSelfIssuedNewKeyCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.6.1 EE $NIST InvalidMissingbasicConstraintsTest1EE.crt MissingbasicConstraintsCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.6.2 EE $NIST InvalidcAFalseTest2EE.crt basicConstraintsCriticalcAFalseCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.6.3 EE $NIST InvalidcAFalseTest3EE.crt basicConstraintsNotCriticalcAFalseCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.6.4 ENE $NIST ValidbasicConstraintsNotCriticalTest4EE.crt basicConstraintsNotCriticalCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.6.5 EE $NIST InvalidpathLenConstraintTest5EE.crt pathLenConstraint0subCACert.crt pathLenConstraint0CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.6.6 EE $NIST InvalidpathLenConstraintTest6EE.crt pathLenConstraint0subCACert.crt pathLenConstraint0CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.6.7 ENE $NIST ValidpathLenConstraintTest7EE.crt pathLenConstraint0CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.6.8 ENE $NIST ValidpathLenConstraintTest8EE.crt pathLenConstraint0CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.6.9 EE $NIST InvalidpathLenConstraintTest9EE.crt pathLenConstraint6subCA0Cert.crt pathLenConstraint6subsubCA00Cert.crt pathLenConstraint6CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.6.10 EE $NIST InvalidpathLenConstraintTest10EE.crt pathLenConstraint6subsubCA00Cert.crt pathLenConstraint6subCA0Cert.crt pathLenConstraint6CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.6.11 EE $NIST InvalidpathLenConstraintTest11EE.crt pathLenConstraint6subsubsubCA11XCert.crt pathLenConstraint6subsubCA11Cert.crt pathLenConstraint6subCA1Cert.crt pathLenConstraint6CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.6.12 EE $NIST InvalidpathLenConstraintTest12EE.crt pathLenConstraint6subsubsubCA11XCert.crt pathLenConstraint6subsubCA11Cert.crt pathLenConstraint6subCA1Cert.crt pathLenConstraint6CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.6.13 ENE $NIST ValidpathLenConstraintTest13EE.crt pathLenConstraint6subsubsubCA41XCert.crt pathLenConstraint6subsubCA41Cert.crt pathLenConstraint6subCA4Cert.crt pathLenConstraint6CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.6.14 ENE $NIST ValidpathLenConstraintTest14EE.crt pathLenConstraint6subsubsubCA41XCert.crt pathLenConstraint6subsubCA41Cert.crt pathLenConstraint6subCA4Cert.crt pathLenConstraint6CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.6.15 ENE $NIST ValidSelfIssuedpathLenConstraintTest15EE.crt pathLenConstraint0SelfIssuedCACert.crt pathLenConstraint0CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.6.16 EE $NIST InvalidSelfIssuedpathLenConstraintTest16EE.crt pathLenConstraint0subCA2Cert.crt pathLenConstraint0SelfIssuedCACert.crt pathLenConstraint0CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.6.17 ENE $NIST ValidSelfIssuedpathLenConstraintTest17EE.crt pathLenConstraint1SelfIssuedsubCACert.crt pathLenConstraint1subCACert.crt pathLenConstraint1SelfIssuedCACert.crt pathLenConstraint1CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.7.1 EE $NIST InvalidkeyUsageCriticalkeyCertSignFalseTest1EE.crt keyUsageCriticalkeyCertSignFalseCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.7.2 EE $NIST InvalidkeyUsageNotCriticalkeyCertSignFalseTest2EE.crt keyUsageNotCriticalkeyCertSignFalseCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.7.3 ENE $NIST ValidkeyUsageNotCriticalTest3EE.crt keyUsageNotCriticalCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.7.4 EE $NIST InvalidkeyUsageCriticalcRLSignFalseTest4EE.crt keyUsageCriticalcRLSignFalseCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.7.5 EE $NIST InvalidkeyUsageNotCriticalcRLSignFalseTest5EE.crt keyUsageNotCriticalcRLSignFalseCACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.1 ENE $NIST ValidDNnameConstraintsTest1EE.crt nameConstraintsDN1CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.2 EE $NIST InvalidDNnameConstraintsTest2EE.crt nameConstraintsDN1CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.3 EE $NIST InvalidDNnameConstraintsTest3EE.crt nameConstraintsDN1CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.4 ENE $NIST ValidDNnameConstraintsTest4EE.crt nameConstraintsDN1CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.5 ENE $NIST ValidDNnameConstraintsTest5EE.crt nameConstraintsDN2CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.6 ENE $NIST ValidDNnameConstraintsTest6EE.crt nameConstraintsDN3CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.7 EE $NIST InvalidDNnameConstraintsTest7EE.crt nameConstraintsDN3CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.8 EE $NIST InvalidDNnameConstraintsTest8EE.crt nameConstraintsDN4CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.9 EE $NIST InvalidDNnameConstraintsTest9EE.crt nameConstraintsDN4CACert.crt nameConstraintsDN4CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.10 EE $NIST InvalidDNnameConstraintsTest10EE.crt nameConstraintsDN5CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.11 ENE $NIST ValidDNnameConstraintsTest11EE.crt nameConstraintsDN5CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.12 EE $NIST InvalidDNnameConstraintsTest12EE.crt nameConstraintsDN1subCA1Cert.crt nameConstraintsDN1CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.13 EE $NIST InvalidDNnameConstraintsTest13EE.crt nameConstraintsDN1subCA2Cert.crt nameConstraintsDN1subCA2Cert.crt nameConstraintsDN1CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.14 ENE $NIST ValidDNnameConstraintsTest14EE.crt nameConstraintsDN1subCA2Cert.crt nameConstraintsDN1CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.15 EE $NIST InvalidDNnameConstraintsTest15EE.crt nameConstraintsDN3subCA1Cert.crt nameConstraintsDN3CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.16 EE $NIST InvalidDNnameConstraintsTest16EE.crt nameConstraintsDN3subCA1Cert.crt nameConstraintsDN3CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.17 EE $NIST InvalidDNnameConstraintsTest17EE.crt nameConstraintsDN3subCA2Cert.crt nameConstraintsDN3CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.18 ENE $NIST ValidDNnameConstraintsTest18EE.crt nameConstraintsDN3subCA2Cert.crt nameConstraintsDN3CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.19 ENE $NIST ValidDNnameConstraintsTest19EE.crt nameConstraintsDN1SelfIssuedCACert.crt nameConstraintsDN1CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.20 EE $NIST InvalidDNnameConstraintsTest20EE.crt nameConstraintsDN1CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.21 ENE $NIST ValidRFC822nameConstraintsTest21EE.crt nameConstraintsRFC822CA1Cert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.22 EE $NIST InvalidRFC822nameConstraintsTest22EE.crt nameConstraintsRFC822CA1Cert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.23 ENE $NIST ValidRFC822nameConstraintsTest23EE.crt nameConstraintsRFC822CA2Cert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.24 EE $NIST InvalidRFC822nameConstraintsTest24EE.crt nameConstraintsRFC822CA2Cert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.25 ENE $NIST ValidRFC822nameConstraintsTest25EE.crt nameConstraintsRFC822CA3Cert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.26 EE $NIST InvalidRFC822nameConstraintsTest26EE.crt nameConstraintsRFC822CA3Cert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.27 ENE $NIST ValidDNandRFC822nameConstraintsTest27EE.crt nameConstraintsDN1subCA3Cert.crt nameConstraintsDN1CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.28 EE $NIST InvalidDNandRFC822nameConstraintsTest28EE.crt nameConstraintsDN1subCA3Cert.crt nameConstraintsDN1CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.29 EE $NIST InvalidDNandRFC822nameConstraintsTest29EE.crt nameConstraintsDN1subCA3Cert.crt nameConstraintsDN1CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.30 ENE $NIST ValidDNSnameConstraintsTest30EE.crt nameConstraintsDNS1CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.31 EE $NIST InvalidDNSnameConstraintsTest31EE.crt nameConstraintsDNS1CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.32 ENE $NIST ValidDNSnameConstraintsTest32EE.crt nameConstraintsDNS2CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.33 EE $NIST InvalidDNSnameConstraintsTest33EE.crt nameConstraintsDNS2CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.34 ENE $NIST ValidURInameConstraintsTest34EE.crt nameConstraintsURI1CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.35 EE $NIST InvalidURInameConstraintsTest35EE.crt nameConstraintsURI1CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.36 ENE $NIST ValidURInameConstraintsTest36EE.crt nameConstraintsURI2CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.37 EE $NIST InvalidURInameConstraintsTest37EE.crt nameConstraintsURI2CACert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-Test.4.13.38 EE $NIST InvalidDNSnameConstraintsTest38EE.crt nameConstraintsDNS1CACert.crt TrustAnchorRootCertificate.crt +test_buildchain_partialchain ${LDAP} NIST-Test.4.6.14 ENE $NIST ValidpathLenConstraintTest14EE.crt pathLenConstraint6subsubsubCA41XCert.crt pathLenConstraint6subsubCA41Cert.crt pathLenConstraint6subCA4Cert.crt pathLenConstraint6CACert.crt TrustAnchorRootCertificate.crt +test_buildchain_partialchain ${LDAP} NIST-Test.4.6.14 ENE $NIST ValidpathLenConstraintTest14EE.crt pathLenConstraint6subsubsubCA41XCert.crt pathLenConstraint6subsubCA41Cert.crt TrustAnchorRootCertificate.crt pathLenConstraint6subCA4Cert.crt pathLenConstraint6CACert.crt TrustAnchorRootCertificate.crt +test_buildchain_partialchain ${LDAP} NIST-Test.4.13.13 EE $NIST InvalidDNnameConstraintsTest13EE.crt nameConstraintsDN1subCA2Cert.crt nameConstraintsDN1subCA2Cert.crt nameConstraintsDN1CACert.crt TrustAnchorRootCertificate.crt +test_buildchain_partialchain ${LDAP} NIST-Test.4.13.27 ENE $NIST ValidDNandRFC822nameConstraintsTest27EE.crt nameConstraintsDN1subCA3Cert.crt nameConstraintsDN1subCA2Cert.crt TrustAnchorRootCertificate.crt +test_buildchain ${LDAP} NIST-PDTest ENE ${NIST_PDTEST} certs/BasicHTTPURIPathDiscoveryTest2EE.crt certs/BasicHTTPURITrustAnchorRootCert.crt +test_ocsp OCSP-Test ENE ${HOSTDIR}/ocsp anchorcert.crt goodcert.crt +test_ocsp OCSP-Test EE ${HOSTDIR}/ocsp anchorcert.crt revokedcert.crt +EOF + +totalErrors=$? +totalErrors=`expr ${totalErrors} + ${tracedErrors}` + +html_msg ${totalErrors} 0 " ${testunit}: passed ${passed} of ${numtests} tests" +exit ${totalErrors} + +########################################################## +# +# Document NIST tests that are not currently running for builder... +# 4.3.8 4.4.19 4.4.21 +# +# Others +# 4.5.4 4.5.5, 4.5.6, 4.5.7, 4.5.8 +# 4.14.* Distribution Point - functionality not yet implemented +# 4.15.* Delta CRL - not supported +########################################################## +# Following tests are not run because of bugs beyond libpkix: +#test_validatechain NIST-Test.4.3.7 ENE $NIST TrustAnchorRootCertificate.crt RFC3280MandatoryAttributeTypesCACert.crt ValidRFC3280MandatoryAttributeTypesTest7EE.crt +# test_buildchain NIST-Test.4.3.8 ENE $NIST ValidRFC3280OptionalAttributeTypesTest8EE.crt RFC3280OptionalAttributeTypesCACert.crt TrustAnchorRootCertificate.crt + +# Following tests are not supported by libpkix : separate certificate +# NIST test 4.4.19 and 4.4.21 + +# Following tests are not supported by libpkix : cert dp, cert chain definition +# NIST tests 4.5.4, 4.5.5 +#test_buildchain NIST-Test.4.5.7 EE $NIST InvalidBasicSelfIssuedCRLSigningKeyTest7EE.crt BasicSelfIssuedCRLSigningKeyCRLCert.crt TrustAnchorRootCertificate.crt BasicSelfIssuedCRLSigningKeyCACert.crt +#test_buildchain NIST-Test.4.5.8 EE $NIST InvalidBasicSelfIssuedCRLSigningKeyTest8EE.crt BasicSelfIssuedCRLSigningKeyCRLCert.crt BasicSelfIssuedCRLSigningKeyCACert.crt TrustAnchorRootCertificate.crt + + +# Following tests are not supported by libpkix : self-issued, multiple keys, one for cert, one for CRL +#test_validatechain NIST-Test.4.5.3 ENE $NIST TrustAnchorRootCertificate.crt BasicSelfIssuedOldKeyCACert.crt BasicSelfIssuedOldKeyNewWithOldCACert.crt ValidBasicSelfIssuedNewWithOldTest3EE.crt +#test_defaultcrlchecker NIST-Test.4.5.4 ENE $NIST/../crls $NIST/TrustAnchorRootCertificate.crt $NIST/BasicSelfIssuedOldKeyCACert.crt $NIST/BasicSelfIssuedOldKeyNewWithOldCACert.crt $NIST/ValidBasicSelfIssuedNewWithOldTest4EE.crt +#test_defaultcrlchecker NIST-Test.4.5.6 ENE $NIST/../crls $NIST/TrustAnchorRootCertificate.crt $NIST/BasicSelfIssuedCRLSigningKeyCACert.crt $NIST/BasicSelfIssuedCRLSigningKeyCRLCert.crt $NIST/ValidBasicSelfIssuedCRLSigningKeyTest6EE.crt + +# Need to recreate certs with BC extension and Key Usage +#test_buildchain single_sig ENE build_data/single_path/signature/pass yassir2hanfei.crt greg2yassir.crt jes2greg.crt jes2jes.crt +#test_buildchain single-sig EE build_data/single_path/signature/fail yassir2hanfei.crt jes2jes.crt +#test_buildchain multi-sig ENE build_data/multi_path/signature/pass yassir2hanfei.crt greg2yassir.crt jes2greg.crt jes2jes.crt +#test_buildchain multi-sig EE build_data/multi_path/signature/fail yassir2hanfei.crt greg2yassir.crt yassir2hanfei.crt +#test_buildchain backtrack-sig ENE build_data/backtracking/signature yassir2hanfei.crt labs2yassir.crt jes2labs.crt jes2jes.crtn diff --git a/security/nss/tests/libpkix/pkix_tests/top/secmod.db b/security/nss/tests/libpkix/pkix_tests/top/secmod.db Binary files differnew file mode 100644 index 000000000..772583d58 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/top/secmod.db diff --git a/security/nss/tests/libpkix/pkix_tests/util/runTests.sh b/security/nss/tests/libpkix/pkix_tests/util/runTests.sh new file mode 100755 index 000000000..eb7591da0 --- /dev/null +++ b/security/nss/tests/libpkix/pkix_tests/util/runTests.sh @@ -0,0 +1,65 @@ +#!/bin/sh +# +# ***** BEGIN LICENSE BLOCK ***** +# Version: MPL 1.1/GPL 2.0/LGPL 2.1 +# +# The contents of this file are subject to the Mozilla Public License Version +# 1.1 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License +# for the specific language governing rights and limitations under the +# License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1994-2000 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the terms of +# either the GNU General Public License Version 2 or later (the "GPL"), or +# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), +# in which case the provisions of the GPL or the LGPL are applicable instead +# of those above. If you wish to allow use of your version of this file only +# under the terms of either the GPL or the LGPL, and not to allow others to +# use your version of this file under the terms of the MPL, indicate your +# decision by deleting the provisions above and replace them with the notice +# and other provisions required by the GPL or the LGPL. If you do not delete +# the provisions above, a recipient may use your version of this file under +# the terms of any one of the MPL, the GPL or the LGPL. +# +# ***** END LICENSE BLOCK ***** +# +# runTests.sh +# + +curdir=`pwd` +cd ../../common +. ./libpkix_init.sh > /dev/null +cd ${curdir} + +numtests=0 +passed=0 +testunit=UTIL + +########## +# main +########## + +ParseArgs $* + +RunTests <<EOF +test_error +test_list +test_list2 +EOF + +totalErrors=$? +html_msg ${totalErrors} 0 " ${testunit}: passed ${passed} of ${numtests} tests" +exit ${totalErrors} diff --git a/security/nss/tests/libpkix/runTests.sh b/security/nss/tests/libpkix/runTests.sh new file mode 100755 index 000000000..3fb9842dc --- /dev/null +++ b/security/nss/tests/libpkix/runTests.sh @@ -0,0 +1,119 @@ +#! /bin/sh +# +# ***** BEGIN LICENSE BLOCK ***** +# Version: MPL 1.1/GPL 2.0/LGPL 2.1 +# +# The contents of this file are subject to the Mozilla Public License Version +# 1.1 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License +# for the specific language governing rights and limitations under the +# License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1994-2000 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the terms of +# either the GNU General Public License Version 2 or later (the "GPL"), or +# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), +# in which case the provisions of the GPL or the LGPL are applicable instead +# of those above. If you wish to allow use of your version of this file only +# under the terms of either the GPL or the LGPL, and not to allow others to +# use your version of this file under the terms of the MPL, indicate your +# decision by deleting the provisions above and replace them with the notice +# and other provisions required by the GPL or the LGPL. If you do not delete +# the provisions above, a recipient may use your version of this file under +# the terms of any one of the MPL, the GPL or the LGPL. +# +# ***** END LICENSE BLOCK ***** +# +# runTests.sh# +# +# This script enables all tests to be run together. It simply cd's into +# the pkix_tests and pkix_pl_tests directories and runs test scripts +# +# This test is the original of libpkix.sh. While libpkix.sh is invoked by +# all.sh as a /bin/sh script, runTests.sh is a /bin/ksh and provides the +# options of checking memory and using different memory allcation schemes. +# + +errors=0 +pkixErrors=0 +pkixplErrors=0 +checkMemArg="" +arenasArg="" +quietArg="" +memText="" + +### ParseArgs +ParseArgs() # args +{ + while [ $# -gt 0 ]; do + if [ $1 = "-checkmem" ]; then + checkMemArg=$1 + memText=" (Memory Checking Enabled)" + elif [ $1 = "-quiet" ]; then + quietArg=$1 + elif [ $1 = "-arenas" ]; then + arenasArg=$1 + fi + shift + done +} + +ParseArgs $* + +echo "*******************************************************************************" +echo "START OF ALL TESTS${memText}" +echo "*******************************************************************************" +echo "" + +echo "RUNNING tests in pkix_pl_test"; +cd pkix_pl_tests; +runPLTests.sh ${arenasArg} ${checkMemArg} ${quietArg} +pkixplErrors=$? + +echo "RUNNING tests in pkix_test"; +cd ../pkix_tests; +runTests.sh ${arenasArg} ${checkMemArg} ${quietArg} +pkixErrors=$? + +echo "RUNNING tests in sample_apps (performance)"; +cd ../sample_apps; +runPerf.sh ${arenasArg} ${checkMemArg} ${quietArg} +pkixPerfErrors=$? + +errors=`expr ${pkixplErrors} + ${pkixErrors} + ${pkixPerfErrors}` + +if [ ${errors} -eq 0 ]; then + echo "" + echo "************************************************************" + echo "END OF ALL TESTS: ALL TESTS COMPLETED SUCCESSFULLY" + echo "************************************************************" + exit 0 +fi + +if [ ${errors} -eq 1 ]; then + plural="" +else + plural="S" +fi + +echo "" +echo "************************************************************" +echo "END OF ALL TESTS: ${errors} TEST${plural} FAILED" +echo "************************************************************" +exit 1 + + + + diff --git a/security/nss/tests/libpkix/sample_apps/README b/security/nss/tests/libpkix/sample_apps/README new file mode 100755 index 000000000..9cfe23c9a --- /dev/null +++ b/security/nss/tests/libpkix/sample_apps/README @@ -0,0 +1,109 @@ +# ***** BEGIN LICENSE BLOCK ***** +# Version: MPL 1.1/GPL 2.0/LGPL 2.1 +# +# The contents of this file are subject to the Mozilla Public License Version +# 1.1 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License +# for the specific language governing rights and limitations under the +# License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1994-2000 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the terms of +# either the GNU General Public License Version 2 or later (the "GPL"), or +# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), +# in which case the provisions of the GPL or the LGPL are applicable instead +# of those above. If you wish to allow use of your version of this file only +# under the terms of either the GPL or the LGPL, and not to allow others to +# use your version of this file under the terms of the MPL, indicate your +# decision by deleting the provisions above and replace them with the notice +# and other provisions required by the GPL or the LGPL. If you do not delete +# the provisions above, a recipient may use your version of this file under +# the terms of any one of the MPL, the GPL or the LGPL. +# +# ***** END LICENSE BLOCK ***** + +This directory contains both sample applications and performance evaluation +applications. + +SAMPLE APPLICATIONS + +Currently, there are two performance applications: libpkix_buildThreads and +nss_threads. And three sample applications: dumpcert, dumpcrl and +validateChain.. + +============================================================================ + +USAGE: dumpcert <certFile> + Parses a certificate located at <certFile> and displays it. + +Source: <root>/tests/sample_apps/dumpcert.c +Binary: <root>/bin/sample_apps/dumpcert + +============================================================================ + +USAGE: dumpcrl <crlFile> + Parses a CRL located at <crlFile> and displays it. + +Source: <root>/tests/sample_apps/dumpcrl.c +Binary: <root>/bin/sample_apps/dumpcrl + +============================================================================ + +USAGE: validateChain <trustedCert> <cert_1> <cert_2> ... <cert_n> + Validates a chain of n certificates using the given trust anchor. + +Source: <root>/tests/sample_apps/validateChain.c +Binary: <root>/bin/sample_apps/validateChain + +============================================================================ + +PERFORMANCE EVALUATION APPLICATIONS + +============================================================================ + +USAGE: libpkix_buildthreads <duration> <threads> <eecertNickname> + + Sets up and runs a PKIX_BuildChain call for the number of seconds + specified by <duration> using the number of threads specified by + <threads>. This application assumes that the NSS certutil application + has already been run to create the NSS databases and that the + various nicknames on the command line have been associated with + certificates in the NSS databases. The NSS databases MUST reside + in the directory where this file is located and MUST be named + "cert8.db", "key3.db", and "secmod.db". There must exist a nickname + in the databases which has been marked as trusted. + +Source: <root>/perf/libpkix_buildthreads/libpkix_buildthreads.c +Binary: <root>/perf/libpkix_buildthreads/*.OBJ/libpkix_buildthreads + +============================================================================ + +USAGE: nssThreads <duration> <threads> <eecertNickname> + + Sets up and runs a CERT_VerifyCertificate call for the number of + seconds specified by <duration> using the number of threads specified + by <threads>. This application assumes that the NSS certutil + application has already been run to create the NSS databases and that + the various nicknames on the command line have been associated with + certificates in the NSS databases. The NSS databases MUST reside + in the directory where this file is located and MUST be named + "cert8.db", "key3.db", and "secmod.db". There must exist a nickname in + the databases which has been marked as trusted. + +Source: <root>/perf/nss_threads/nss_threads.c +Binary: <root>/perf/nss_threads/*.OBJ/nss_threads + +============================================================================ + diff --git a/security/nss/tests/libpkix/sample_apps/cert8.db b/security/nss/tests/libpkix/sample_apps/cert8.db Binary files differnew file mode 100755 index 000000000..b39de42f1 --- /dev/null +++ b/security/nss/tests/libpkix/sample_apps/cert8.db diff --git a/security/nss/tests/libpkix/sample_apps/key3.db b/security/nss/tests/libpkix/sample_apps/key3.db Binary files differnew file mode 100755 index 000000000..9c03916ee --- /dev/null +++ b/security/nss/tests/libpkix/sample_apps/key3.db diff --git a/security/nss/tests/libpkix/sample_apps/runPerf.sh b/security/nss/tests/libpkix/sample_apps/runPerf.sh new file mode 100755 index 000000000..579601ce8 --- /dev/null +++ b/security/nss/tests/libpkix/sample_apps/runPerf.sh @@ -0,0 +1,176 @@ +#!/bin/sh +# +# ***** BEGIN LICENSE BLOCK ***** +# Version: MPL 1.1/GPL 2.0/LGPL 2.1 +# +# The contents of this file are subject to the Mozilla Public License Version +# 1.1 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License +# for the specific language governing rights and limitations under the +# License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1994-2000 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the terms of +# either the GNU General Public License Version 2 or later (the "GPL"), or +# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), +# in which case the provisions of the GPL or the LGPL are applicable instead +# of those above. If you wish to allow use of your version of this file only +# under the terms of either the GPL or the LGPL, and not to allow others to +# use your version of this file under the terms of the MPL, indicate your +# decision by deleting the provisions above and replace them with the notice +# and other provisions required by the GPL or the LGPL. If you do not delete +# the provisions above, a recipient may use your version of this file under +# the terms of any one of the MPL, the GPL or the LGPL. +# +# ***** END LICENSE BLOCK ***** +# +# runPerf.sh +# + +curdir=`pwd` +cd ../common +. ./libpkix_init.sh > /dev/null +cd ${curdir} + +numtests=0 +passed=0 +testunit=PERFORMANCE + +totalErrors=0 +loopErrors=0 + +ParseArgs $* + +testHeadingEcho + +Display "\nRunning executables at ${DIST_BIN}" +Display "Using libraries at ${LD_LIBRARY_PATH}" + + +# Check the performance data ... +perfTest() +{ + + Display "" + Display "*******************************************************************************" + Display "START OF PKIX PERFORMANCE SCENARIOS ${memText}" +Display "*******************************************************************************" + Display "" + + while read perfPgm args; do + numtests=`expr ${numtests} + 1` + Display "Running ${perfPgm} ${args}" + if [ ${checkmem} -eq 1 ]; then + dbx -C -c "runargs $args; check -all ;run;exit" ${DIST_BIN}/${perfPgm} > ${testOut} 2>&1 + else + ${DIST_BIN}/${perfPgm} ${args} > ${testOut} 2>&1 + fi + + # Examine output file to see if test failed and keep track of number + # of failures and names of failed tests. This assumes that the test + # uses our utility library for displaying information + + outputCount=`cat ${testOut} | grep "per second"` + + if [ $? -ne 0 ]; then + errors=`expr ${errors} + 1` + failedpgms="${failedpgms}${perfPgm} ${args}\n" + cat ${testOut} + else + Display ${outputCount} + passed=`expr ${passed} + 1` + fi + + if [ ${checkmem} -eq 1 ]; then + grep "(actual leaks:" ${testOut} > ${testOutMem} 2>&1 + if [ $? -ne 0 ]; then + prematureErrors=`expr ${prematureErrors} + 1` + failedprematurepgms="${failedprematurepgms}${perfPgm} " + Display "...program terminated prematurely (unable to check for memory leak errors) ..." + else + grep "(actual leaks: 1 total size: 4 bytes)" ${testOut} > /dev/null 2>&1 + if [ $? -ne 0 ]; then + memErrors=`expr ${memErrors} + 1` + failedmempgms="${failedmempgms}${perfPgm} " + Display ${testOutMem} + fi + fi + fi + done + return ${errors} +} + + +# If there is race condition bug, may this test catch it... +loopTest() +{ + totalLoop=10 + + Display "" + Display "*******************************************************************************" + Display "START OF TESTS FOR PKIX PERFORMANCE SANITY LOOP (${totalLoop} times)" +Display "*******************************************************************************" + Display "" + + errors=0 + iLoop=0 + perfPgm="${DIST_BIN}/libpkix_buildthreads 5 8 ValidCertificatePathTest1EE" + + while [ $iLoop -lt $totalLoop ] + do + iLoop=`expr $iLoop + 1` + numtests=`expr ${numtests} + 1` + + Display "Running ${perfPgm}" + ${perfPgm} > ${testOut} 2>&1 + Display `cat ${testOut} | grep "per second"` + + outputCount=`cat ${testOut} | grep "per second"` + + if [ $? -ne 0 ]; then + errors=`expr ${errors} + 1` + failedpgms="${failedpgms} ${perfPgm}\n" + cat ${testOut} + else + passed=`expr ${passed} + 1` + fi + done + + return ${errors} + +} + +#main + +perfTest <<EOF +libpkix_buildthreads 5 1 ValidCertificatePathTest1EE +libpkix_buildthreads 5 8 ValidCertificatePathTest1EE +nss_threads 5 1 ValidCertificatePathTest1EE +nss_threads 5 8 ValidCertificatePathTest1EE +EOF + +totalErrors=$? +html_msg ${totalErrors} 0 " performance test: passed ${passed} of ${numtests} tests" + +numtests=0 +passed=0 +loopTest +loopErrors=$? +totalErrors=`expr ${totalErrors} + ${loopErrors}` +html_msg ${totalErrors} 0 " loop test: passed ${passed} of ${numtests} tests" + +testEndingEcho + +exit ${totalErrors} diff --git a/security/nss/tests/libpkix/sample_apps/secmod.db b/security/nss/tests/libpkix/sample_apps/secmod.db Binary files differnew file mode 100755 index 000000000..772583d58 --- /dev/null +++ b/security/nss/tests/libpkix/sample_apps/secmod.db |