#! /usr/bin/env perl
-# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
#
-# Licensed under the OpenSSL license (the "License"). You may not use
+# Licensed under the Apache License 2.0 (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
-use File::Spec;
+use File::Spec::Functions;
+use File::Copy;
use MIME::Base64;
use OpenSSL::Test qw(:DEFAULT srctop_file srctop_dir bldtop_file data_file);
+use OpenSSL::Test::Utils;
my $test_name = "test_store";
setup($test_name);
+my $mingw = config('target') =~ m|^mingw|;
+
my @noexist_files =
( "test/blahdiblah.pem",
"test/blahdibleh.der" );
"ec-key-pkcs8-pbes2-sha1.pem", "ec-key-pkcs8-pbes2-sha1.der",
"ec-key-aes256-cbc-sha256.p12",
);
+my %generated_file_files =
+ $^O eq 'linux'
+ ? ( "test/testx509.pem" => "file:testx509.pem",
+ "test/testrsa.pem" => "file:testrsa.pem",
+ "test/testrsapub.pem" => "file:testrsapub.pem",
+ "test/testcrl.pem" => "file:testcrl.pem",
+ "apps/server.pem" => "file:server.pem" )
+ : ();
+my @noexist_file_files =
+ ( "file:blahdiblah.pem",
+ "file:test/blahdibleh.der" );
-my $n = (2 * scalar @noexist_files)
- + (5 * scalar @src_files)
- + (3 * scalar @generated_files)
- + 2;
+my $n = (3 * scalar @noexist_files)
+ + (6 * scalar @src_files)
+ + (4 * scalar @generated_files)
+ + (scalar keys %generated_file_files)
+ + (scalar @noexist_file_files)
+ + 3
+ + 11;
plan tests => $n;
{
skip "failed initialisation", $n unless init();
+ my $rehash = init_rehash();
+
foreach (@noexist_files) {
my $file = srctop_file($_);
- ok(!run(app(["openssl", "storeutl", $file])));
- ok(!run(app(["openssl", "storeutl", to_file_uri($file)])));
+
+ ok(!run(app(["openssl", "storeutl", "-noout", $file])));
+ ok(!run(app(["openssl", "storeutl", "-noout",
+ to_abs_file($file)])));
+ {
+ local $ENV{MSYS2_ARG_CONV_EXCL} = "file:";
+
+ ok(!run(app(["openssl", "storeutl", "-noout",
+ to_abs_file_uri($file)])));
+ }
}
foreach (@src_files) {
my $file = srctop_file($_);
- ok(run(app(["openssl", "storeutl", $file])));
- ok(run(app(["openssl", "storeutl", to_file_uri($file)])));
- ok(run(app(["openssl", "storeutl", to_file_uri($file, 0,
- "")])));
- ok(run(app(["openssl", "storeutl", to_file_uri($file, 0,
- "localhost")])));
- ok(!run(app(["openssl", "storeutl", to_file_uri($file, 0,
- "dummy")])));
+
+ ok(run(app(["openssl", "storeutl", "-noout", $file])));
+ ok(run(app(["openssl", "storeutl", "-noout", to_abs_file($file)])));
+ SKIP:
+ {
+ skip "file: tests disabled on MingW", 4 if $mingw;
+
+ ok(run(app(["openssl", "storeutl", "-noout",
+ to_abs_file_uri($file)])));
+ ok(run(app(["openssl", "storeutl", "-noout",
+ to_abs_file_uri($file, 0, "")])));
+ ok(run(app(["openssl", "storeutl", "-noout",
+ to_abs_file_uri($file, 0, "localhost")])));
+ ok(!run(app(["openssl", "storeutl", "-noout",
+ to_abs_file_uri($file, 0, "dummy")])));
+ }
}
foreach (@generated_files) {
- ok(run(app(["openssl", "storeutl", "-passin", "pass:password",
- $_])));
- ok(run(app(["openssl", "storeutl", "-passin", "pass:password",
- to_file_uri($_)])));
- ok(!run(app(["openssl", "storeutl", "-passin", "pass:password",
- to_rel_file_uri($_)])));
+ ok(run(app(["openssl", "storeutl", "-noout", "-passin",
+ "pass:password", $_])));
+ ok(run(app(["openssl", "storeutl", "-noout", "-passin",
+ "pass:password", to_abs_file($_)])));
+
+ SKIP:
+ {
+ skip "file: tests disabled on MingW", 2 if $mingw;
+
+ ok(run(app(["openssl", "storeutl", "-noout", "-passin",
+ "pass:password", to_abs_file_uri($_)])));
+ ok(!run(app(["openssl", "storeutl", "-noout", "-passin",
+ "pass:password", to_file_uri($_)])));
+ }
+ }
+ foreach (values %generated_file_files) {
+ SKIP:
+ {
+ skip "file: tests disabled on MingW", 1 if $mingw;
+
+ ok(run(app(["openssl", "storeutl", "-noout", $_])));
+ }
+ }
+ foreach (@noexist_file_files) {
+ SKIP:
+ {
+ skip "file: tests disabled on MingW", 1 if $mingw;
+
+ ok(!run(app(["openssl", "storeutl", "-noout", $_])));
+ }
}
{
my $dir = srctop_dir("test", "certs");
- ok(run(app(["openssl", "storeutl", $dir])));
- ok(run(app(["openssl", "storeutl", to_file_uri($dir, 1)])));
+
+ ok(run(app(["openssl", "storeutl", "-noout", $dir])));
+ ok(run(app(["openssl", "storeutl", "-noout",
+ to_abs_file($dir, 1)])));
+ SKIP:
+ {
+ skip "file: tests disabled on MingW", 1 if $mingw;
+
+ ok(run(app(["openssl", "storeutl", "-noout",
+ to_abs_file_uri($dir, 1)])));
+ }
+ }
+
+ ok(!run(app(['openssl', 'storeutl', '-noout',
+ '-subject', '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert',
+ srctop_file('test', 'testx509.pem')])),
+ "Checking that -subject can't be used with a single file");
+
+ ok(run(app(['openssl', 'storeutl', '-certs', '-noout',
+ srctop_file('test', 'testx509.pem')])),
+ "Checking that -certs returns 1 object on a certificate file");
+ ok(run(app(['openssl', 'storeutl', '-certs', '-noout',
+ srctop_file('test', 'testcrl.pem')])),
+ "Checking that -certs returns 0 objects on a CRL file");
+
+ ok(run(app(['openssl', 'storeutl', '-crls', '-noout',
+ srctop_file('test', 'testx509.pem')])),
+ "Checking that -crls returns 0 objects on a certificate file");
+ ok(run(app(['openssl', 'storeutl', '-crls', '-noout',
+ srctop_file('test', 'testcrl.pem')])),
+ "Checking that -crls returns 1 object on a CRL file");
+
+ SKIP: {
+ skip "failed rehash initialisation", 6 unless $rehash;
+
+ # subject from testx509.pem:
+ # '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert'
+ # issuer from testcrl.pem:
+ # '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority'
+ ok(run(app(['openssl', 'storeutl', '-noout',
+ '-subject', '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert',
+ catdir(curdir(), 'rehash')])));
+ ok(run(app(['openssl', 'storeutl', '-noout',
+ '-subject',
+ '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority',
+ catdir(curdir(), 'rehash')])));
+ ok(run(app(['openssl', 'storeutl', '-noout', '-certs',
+ '-subject', '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert',
+ catdir(curdir(), 'rehash')])));
+ ok(run(app(['openssl', 'storeutl', '-noout', '-crls',
+ '-subject', '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert',
+ catdir(curdir(), 'rehash')])));
+ ok(run(app(['openssl', 'storeutl', '-noout', '-certs',
+ '-subject',
+ '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority',
+ catdir(curdir(), 'rehash')])));
+ ok(run(app(['openssl', 'storeutl', '-noout', '-crls',
+ '-subject',
+ '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority',
+ catdir(curdir(), 'rehash')])));
}
}
}, create => 1, cleanup => 1;
close $outfh;
return 1;
}, grep(/\.der$/, @generated_files))
+ && runall(sub {
+ my $srcfile = shift;
+ my $dstfile = $generated_file_files{$srcfile};
+
+ unless (copy srctop_file($srcfile), $dstfile) {
+ warn "$!\n";
+ return 0;
+ }
+ return 1;
+ }, keys %generated_file_files)
+ );
+}
+
+sub init_rehash {
+ return (
+ mkdir(catdir(curdir(), 'rehash'))
+ && copy(srctop_file('test', 'testx509.pem'),
+ catdir(curdir(), 'rehash'))
+ && copy(srctop_file('test', 'testcrl.pem'),
+ catdir(curdir(), 'rehash'))
+ && run(app(['openssl', 'rehash', catdir(curdir(), 'rehash')]))
);
}
# According to RFC8089, a relative file: path is invalid. We still produce
# them for testing purposes.
-sub to_rel_file_uri {
+sub to_file_uri {
my ($file, $isdir, $authority) = @_;
my $vol;
my $dir;
- die "to_rel_file_uri: No file given\n" if !defined($file) || $file eq '';
+ die "to_file_uri: No file given\n" if !defined($file) || $file eq '';
($vol, $dir, $file) = File::Spec->splitpath($file, $isdir // 0);
return "file:$file";
}
-sub to_file_uri {
+sub to_abs_file {
+ my ($file) = @_;
+
+ return File::Spec->rel2abs($file);
+}
+
+sub to_abs_file_uri {
my ($file, $isdir, $authority) = @_;
- die "to_file_uri: No file given\n" if !defined($file) || $file eq '';
- return to_rel_file_uri(File::Spec->rel2abs($file), $isdir, $authority);
+ die "to_abs_file_uri: No file given\n" if !defined($file) || $file eq '';
+ return to_file_uri(to_abs_file($file), $isdir, $authority);
}