X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=test%2Frecipes%2F90-test_store.t;h=0905232e35cf5021d3b56683b76965e13a4d23ed;hp=12ad951881f2bc7791ecf478cb00b8b88eadc318;hb=4ca015555b97f00101c5f7274e99302ffe2db500;hpb=0443b1171da43696a2cd67cfcb0624be1e3ee25b diff --git a/test/recipes/90-test_store.t b/test/recipes/90-test_store.t index 12ad951881..0905232e35 100644 --- a/test/recipes/90-test_store.t +++ b/test/recipes/90-test_store.t @@ -1,19 +1,23 @@ #! /usr/bin/env perl -# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. # -# Licensed under the OpenSSL license (the "License"). You may not use +# Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy # in the file LICENSE in the source distribution or at # https://www.openssl.org/source/license.html -use File::Spec; +use File::Spec::Functions; use File::Copy; use MIME::Base64; use OpenSSL::Test qw(:DEFAULT srctop_file srctop_dir bldtop_file data_file); +use OpenSSL::Test::Utils; my $test_name = "test_store"; setup($test_name); +my $mingw = config('target') =~ m|^mingw|; +my $cnf = srctop_file("test", "ca-and-certs.cnf"); + my @noexist_files = ( "test/blahdiblah.pem", "test/blahdibleh.der" ); @@ -68,13 +72,13 @@ my @noexist_file_files = ( "file:blahdiblah.pem", "file:test/blahdibleh.der" ); - my $n = (3 * scalar @noexist_files) + (6 * scalar @src_files) + (4 * scalar @generated_files) + (scalar keys %generated_file_files) + (scalar @noexist_file_files) - + 4; + + 3 + + 11; plan tests => $n; @@ -83,49 +87,134 @@ indir "store_$$" => sub { { skip "failed initialisation", $n unless init(); - # test PEM_read_bio_PrivateKey - ok(run(app(["openssl", "rsa", "-in", "rsa-key-pkcs8-pbes2-sha256.pem", - "-passin", "pass:password"]))); + my $rehash = init_rehash(); foreach (@noexist_files) { my $file = srctop_file($_); - ok(!run(app(["openssl", "storeutl", $file]))); - ok(!run(app(["openssl", "storeutl", to_abs_file($file)]))); - ok(!run(app(["openssl", "storeutl", to_abs_file_uri($file)]))); + + ok(!run(app(["openssl", "storeutl", "-noout", $file]))); + ok(!run(app(["openssl", "storeutl", "-noout", + to_abs_file($file)]))); + { + local $ENV{MSYS2_ARG_CONV_EXCL} = "file:"; + + ok(!run(app(["openssl", "storeutl", "-noout", + to_abs_file_uri($file)]))); + } } foreach (@src_files) { my $file = srctop_file($_); - ok(run(app(["openssl", "storeutl", $file]))); - ok(run(app(["openssl", "storeutl", to_abs_file($file)]))); - ok(run(app(["openssl", "storeutl", to_abs_file_uri($file)]))); - ok(run(app(["openssl", "storeutl", to_abs_file_uri($file, 0, - "")]))); - ok(run(app(["openssl", "storeutl", to_abs_file_uri($file, 0, - "localhost")]))); - ok(!run(app(["openssl", "storeutl", to_abs_file_uri($file, 0, - "dummy")]))); + + ok(run(app(["openssl", "storeutl", "-noout", $file]))); + ok(run(app(["openssl", "storeutl", "-noout", to_abs_file($file)]))); + SKIP: + { + skip "file: tests disabled on MingW", 4 if $mingw; + + ok(run(app(["openssl", "storeutl", "-noout", + to_abs_file_uri($file)]))); + ok(run(app(["openssl", "storeutl", "-noout", + to_abs_file_uri($file, 0, "")]))); + ok(run(app(["openssl", "storeutl", "-noout", + to_abs_file_uri($file, 0, "localhost")]))); + ok(!run(app(["openssl", "storeutl", "-noout", + to_abs_file_uri($file, 0, "dummy")]))); + } } foreach (@generated_files) { - ok(run(app(["openssl", "storeutl", "-passin", "pass:password", - $_]))); - ok(run(app(["openssl", "storeutl", "-passin", "pass:password", - to_abs_file($_)]))); - ok(run(app(["openssl", "storeutl", "-passin", "pass:password", - to_abs_file_uri($_)]))); - ok(!run(app(["openssl", "storeutl", "-passin", "pass:password", - to_file_uri($_)]))); + ok(run(app(["openssl", "storeutl", "-noout", "-passin", + "pass:password", $_]))); + ok(run(app(["openssl", "storeutl", "-noout", "-passin", + "pass:password", to_abs_file($_)]))); + + SKIP: + { + skip "file: tests disabled on MingW", 2 if $mingw; + + ok(run(app(["openssl", "storeutl", "-noout", "-passin", + "pass:password", to_abs_file_uri($_)]))); + ok(!run(app(["openssl", "storeutl", "-noout", "-passin", + "pass:password", to_file_uri($_)]))); + } } foreach (values %generated_file_files) { - ok(run(app(["openssl", "storeutl", $_]))); + SKIP: + { + skip "file: tests disabled on MingW", 1 if $mingw; + + ok(run(app(["openssl", "storeutl", "-noout", $_]))); + } } foreach (@noexist_file_files) { - ok(!run(app(["openssl", "storeutl", $_]))); + SKIP: + { + skip "file: tests disabled on MingW", 1 if $mingw; + + ok(!run(app(["openssl", "storeutl", "-noout", $_]))); + } } { my $dir = srctop_dir("test", "certs"); - ok(run(app(["openssl", "storeutl", $dir]))); - ok(run(app(["openssl", "storeutl", to_abs_file($dir, 1)]))); - ok(run(app(["openssl", "storeutl", to_abs_file_uri($dir, 1)]))); + + ok(run(app(["openssl", "storeutl", "-noout", $dir]))); + ok(run(app(["openssl", "storeutl", "-noout", + to_abs_file($dir, 1)]))); + SKIP: + { + skip "file: tests disabled on MingW", 1 if $mingw; + + ok(run(app(["openssl", "storeutl", "-noout", + to_abs_file_uri($dir, 1)]))); + } + } + + ok(!run(app(['openssl', 'storeutl', '-noout', + '-subject', '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert', + srctop_file('test', 'testx509.pem')])), + "Checking that -subject can't be used with a single file"); + + ok(run(app(['openssl', 'storeutl', '-certs', '-noout', + srctop_file('test', 'testx509.pem')])), + "Checking that -certs returns 1 object on a certificate file"); + ok(run(app(['openssl', 'storeutl', '-certs', '-noout', + srctop_file('test', 'testcrl.pem')])), + "Checking that -certs returns 0 objects on a CRL file"); + + ok(run(app(['openssl', 'storeutl', '-crls', '-noout', + srctop_file('test', 'testx509.pem')])), + "Checking that -crls returns 0 objects on a certificate file"); + ok(run(app(['openssl', 'storeutl', '-crls', '-noout', + srctop_file('test', 'testcrl.pem')])), + "Checking that -crls returns 1 object on a CRL file"); + + SKIP: { + skip "failed rehash initialisation", 6 unless $rehash; + + # subject from testx509.pem: + # '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' + # issuer from testcrl.pem: + # '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' + ok(run(app(['openssl', 'storeutl', '-noout', + '-subject', '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert', + catdir(curdir(), 'rehash')]))); + ok(run(app(['openssl', 'storeutl', '-noout', + '-subject', + '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority', + catdir(curdir(), 'rehash')]))); + ok(run(app(['openssl', 'storeutl', '-noout', '-certs', + '-subject', '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert', + catdir(curdir(), 'rehash')]))); + ok(run(app(['openssl', 'storeutl', '-noout', '-crls', + '-subject', '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert', + catdir(curdir(), 'rehash')]))); + ok(run(app(['openssl', 'storeutl', '-noout', '-certs', + '-subject', + '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority', + catdir(curdir(), 'rehash')]))); + ok(run(app(['openssl', 'storeutl', '-noout', '-crls', + '-subject', + '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority', + catdir(curdir(), 'rehash')]))); } } }, create => 1, cleanup => 1; @@ -207,7 +296,7 @@ sub init { }, grep(/-key-pkcs8-pbes2-sha256\.pem$/, @generated_files)) # *-cert.pem (intermediary for the .p12 inits) && run(app(["openssl", "req", "-x509", - "-config", data_file("ca.cnf"), "-nodes", + "-config", $cnf, "-nodes", "-out", "cacert.pem", "-keyout", "cakey.pem"])) && runall(sub { my $srckey = shift; @@ -215,7 +304,7 @@ sub init { (my $csr = $dstfile) =~ s|\.pem|.csr|; (run(app(["openssl", "req", "-new", - "-config", data_file("user.cnf"), + "-config", $cnf, "-key", $srckey, "-out", $csr])) && run(app(["openssl", "x509", "-days", "3650", @@ -272,6 +361,7 @@ sub init { } run(app(["openssl", "pkcs12", "-inkey", $srckey, "-in", $srccert, "-passout", "pass:password", + "-chain", "-CAfile", "cacert.pem", "-export", "-macalg", $macalg, "-certpbe", $certpbe, "-keypbe", $keypbe, "-out", $dstfile])); @@ -325,6 +415,17 @@ sub init { ); } +sub init_rehash { + return ( + mkdir(catdir(curdir(), 'rehash')) + && copy(srctop_file('test', 'testx509.pem'), + catdir(curdir(), 'rehash')) + && copy(srctop_file('test', 'testcrl.pem'), + catdir(curdir(), 'rehash')) + && run(app(['openssl', 'rehash', catdir(curdir(), 'rehash')])) + ); +} + sub runall { my ($function, @items) = @_;