$! A few very basic tests for the 'ts' time stamping authority command.
$!
$
-$ __arch := VAX
+$ __arch = "VAX"
$ if f$getsyi("cpu") .ge. 128 then -
__arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
-$ if __arch .eqs. "" then __arch := UNK
-$ exe_dir := sys$disk:[-.'__arch'.exe.apps]
+$ if __arch .eqs. "" then __arch = "UNK"
+$!
+$ if (p4 .eqs. "64") then __arch = __arch+ "_64"
+$!
+$ exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
$
-$ openssl := mcr 'f$parse(exe_dir+"openssl.exe")'
-$ OPENSSL_CONF := [-]CAtsa.cnf
+$ openssl = "mcr ''f$parse(exe_dir+"openssl.exe")'"
+$ OPENSSL_CONF = "[-]CAtsa.cnf"
$ ! Because that's what ../apps/CA.sh really looks at
$ SSLEAY_CONFIG = "-config " + OPENSSL_CONF
$
$ time_stamp_response_token_test:
$ subroutine
$
-$ RESPONSE2:='p2'.copy_tsr
-$ TOKEN_DER:='p2'.token_der
+$ RESPONSE2 = p2+ "-copy_tsr"
+$ TOKEN_DER = p2+ "-token_der"
$ openssl ts -reply -in 'p2' -out 'TOKEN_DER' -token_out
$ if $severity .ne. 1 then call error
$ openssl ts -reply -in 'TOKEN_DER' -token_in -out 'RESPONSE2'
$ subroutine
$
$ ! create the token from the response first
-$ openssl ts -reply -in 'p2' -out 'p2'.token -token_out
+$ openssl ts -reply -in "''p2'" -out "''p2'-token" -token_out
$ if $severity .ne. 1 then call error
-$ openssl ts -verify -queryfile 'p1' -in 'p2'.token -token_in -
- "-CAfile" tsaca.pem -untrusted tsa_cert1.pem
+$ openssl ts -verify -queryfile "''p1'" -in "''p2'-token" -
+ -token_in "-CAfile" tsaca.pem -untrusted tsa_cert1.pem
$ if $severity .ne. 1 then call error
-$ openssl ts -verify -data 'p3' -in 'p2'.token -token_in -
- "-CAfile" tsaca.pem -untrusted tsa_cert1.pem
+$ openssl ts -verify -data "''p3'" -in "''p2'-token" -
+ -token_in "-CAfile" tsaca.pem -untrusted tsa_cert1.pem
$ if $severity .ne. 1 then call error
$ endsubroutine
$
$
$ ! Main body ----------------------------------------------------------
$
+$ set noon
+$
$ write sys$output "Setting up TSA test directory..."
$ call setup_dir
$
$ call create_time_stamp_request1
$
$ write sys$output "Printing req1.req..."
-$ call print_request req1.tsq
+$ call print_request "req1.tsq"
$
$ write sys$output "Generating valid response for req1.req..."
-$ call create_time_stamp_response req1.tsq resp1.tsr tsa_config1
+$ call create_time_stamp_response "req1.tsq" "resp1.tsr" "tsa_config1"
$
$ write sys$output "Printing response..."
-$ call print_response resp1.tsr
+$ call print_response "resp1.tsr"
$
$ write sys$output "Verifying valid response..."
-$ call verify_time_stamp_response req1.tsq resp1.tsr [-]testtsa.com
+$ call verify_time_stamp_response "req1.tsq" "resp1.tsr" "[-]testtsa.com"
$
$ write sys$output "Verifying valid token..."
-$ call verify_time_stamp_token req1.tsq resp1.tsr [-]testtsa.com
+$ call verify_time_stamp_token "req1.tsq" "resp1.tsr" "[-]testtsa.com"
$
$ ! The tests below are commented out, because invalid signer certificates
$ ! can no longer be specified in the config file.
$
$ ! write sys$output "Generating _invalid_ response for req1.req..."
-$ ! call create_time_stamp_response req1.tsq resp1_bad.tsr tsa_config2
+$ ! call create_time_stamp_response "req1.tsq" "resp1_bad.tsr" "tsa_config2"
$
$ ! write sys$output "Printing response..."
-$ ! call print_response resp1_bad.tsr
+$ ! call print_response "resp1_bad.tsr"
$
$ ! write sys$output "Verifying invalid response, it should fail..."
-$ ! call verify_time_stamp_response_fail req1.tsq resp1_bad.tsr
+$ ! call verify_time_stamp_response_fail "req1.tsq" "resp1_bad.tsr"
$
$ write sys$output "Creating req2.req time stamp request for file testtsa..."
$ call create_time_stamp_request2
$
$ write sys$output "Printing req2.req..."
-$ call print_request req2.tsq
+$ call print_request "req2.tsq"
$
$ write sys$output "Generating valid response for req2.req..."
-$ call create_time_stamp_response req2.tsq resp2.tsr tsa_config1
+$ call create_time_stamp_response "req2.tsq" "resp2.tsr" "tsa_config1"
$
$ write sys$output "Checking '-token_in' and '-token_out' options with '-reply'..."
-$ call time_stamp_response_token_test req2.tsq resp2.tsr
+$ call time_stamp_response_token_test "req2.tsq" "resp2.tsr"
$
$ write sys$output "Printing response..."
-$ call print_response resp2.tsr
+$ call print_response "resp2.tsr"
$
$ write sys$output "Verifying valid response..."
-$ call verify_time_stamp_response req2.tsq resp2.tsr [-]testtsa.com
+$ call verify_time_stamp_response "req2.tsq" "resp2.tsr" "[-]testtsa.com"
$
$ write sys$output "Verifying response against wrong request, it should fail..."
-$ call verify_time_stamp_response_fail req1.tsq resp2.tsr
+$ call verify_time_stamp_response_fail "req1.tsq" "resp2.tsr"
$
$ write sys$output "Verifying response against wrong request, it should fail..."
-$ call verify_time_stamp_response_fail req2.tsq resp1.tsr
+$ call verify_time_stamp_response_fail "req2.tsq" "resp1.tsr"
$
$ write sys$output "Creating req3.req time stamp request for file CAtsa.cnf..."
$ call create_time_stamp_request3
$
$ write sys$output "Printing req3.req..."
-$ call print_request req3.tsq
+$ call print_request "req3.tsq"
$
$ write sys$output "Verifying response against wrong request, it should fail..."
-$ call verify_time_stamp_response_fail req3.tsq resp1.tsr
+$ call verify_time_stamp_response_fail "req3.tsq" "resp1.tsr"
$
$ write sys$output "Cleaning up..."
$ call clean_up_dir
$
+$ set on
+$
$ exit
projects / openssl.git / blobdiff