From 7931c0ace43d74317506e25b06a4c0ef14a5af6e Mon Sep 17 00:00:00 2001 From: "wtchang%redhat.com" Date: Thu, 4 Aug 2005 16:27:07 +0000 Subject: [PATCH] Removed noeccert.sh and noectools.sh from CVS. These two files are automatically created by the fixtests.sh script by copying the non-ECC (default) test scripts to these names. r=vipul.gupta. Removed Files: cert/noeccert.sh tools/noectools.sh --- security/nss/tests/cert/noeccert.sh | 658 -------------------------- security/nss/tests/tools/noectools.sh | 193 -------- 2 files changed, 851 deletions(-) delete mode 100755 security/nss/tests/cert/noeccert.sh delete mode 100644 security/nss/tests/tools/noectools.sh diff --git a/security/nss/tests/cert/noeccert.sh b/security/nss/tests/cert/noeccert.sh deleted file mode 100755 index 21ff388d7ff2..000000000000 --- a/security/nss/tests/cert/noeccert.sh +++ /dev/null @@ -1,658 +0,0 @@ -#! /bin/sh -# -# ***** BEGIN LICENSE BLOCK ***** -# Version: MPL 1.1/GPL 2.0/LGPL 2.1 -# -# The contents of this file are subject to the Mozilla Public License Version -# 1.1 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS IS" basis, -# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -# for the specific language governing rights and limitations under the -# License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is -# Netscape Communications Corporation. -# Portions created by the Initial Developer are Copyright (C) 1994-2000 -# the Initial Developer. All Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the terms of -# either the GNU General Public License Version 2 or later (the "GPL"), or -# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -# in which case the provisions of the GPL or the LGPL are applicable instead -# of those above. If you wish to allow use of your version of this file only -# under the terms of either the GPL or the LGPL, and not to allow others to -# use your version of this file under the terms of the MPL, indicate your -# decision by deleting the provisions above and replace them with the notice -# and other provisions required by the GPL or the LGPL. If you do not delete -# the provisions above, a recipient may use your version of this file under -# the terms of any one of the MPL, the GPL or the LGPL. -# -# ***** END LICENSE BLOCK ***** - -######################################################################## -# -# mozilla/security/nss/tests/cert/rcert.sh -# -# Certificate generating and handeling for NSS QA, can be included -# multiple times from all.sh and the individual scripts -# -# needs to work on all Unix and Windows platforms -# -# included from (don't expect this to be up to date) -# -------------------------------------------------- -# all.sh -# ssl.sh -# smime.sh -# tools.sh -# -# special strings -# --------------- -# FIXME ... known problems, search for this string -# NOTE .... unexpected behavior -# -# FIXME - Netscape - NSS -######################################################################## - -############################## cert_init ############################### -# local shell function to initialize this script -######################################################################## -cert_init() -{ - SCRIPTNAME="cert.sh" - if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for - CLEANUP="${SCRIPTNAME}" # cleaning this script will do it - fi - if [ -z "${INIT_SOURCED}" ] ; then - cd ../common - . ./init.sh - fi - SCRIPTNAME="cert.sh" - html_head "Certutil Tests" - - ################## Generate noise for our CA cert. ###################### - # NOTE: these keys are only suitable for testing, as this whole thing - # bypasses the entropy gathering. Don't use this method to generate - # keys and certs for product use or deployment. - # - ps -efl > ${NOISE_FILE} 2>&1 - ps aux >> ${NOISE_FILE} 2>&1 - noise - -} - -cert_log() ###################### write the cert_status file -{ - echo "$SCRIPTNAME $*" - echo $* >>${CERT_LOG_FILE} -} - -################################ noise ################################## -# Generate noise for our certs -# -# NOTE: these keys are only suitable for testing, as this whole thing bypasses -# the entropy gathering. Don't use this method to generate keys and certs for -# product use or deployment. -######################################################################### -noise() -{ - #netstat >> ${NOISE_FILE} 2>&1 - date >> ${NOISE_FILE} 2>&1 -} - -################################ certu ################################# -# local shell function to call certutil, also: writes action and options to -# stdout, sets variable RET and writes results to the html file results -######################################################################## -certu() -{ - echo "$SCRIPTNAME: ${CU_ACTION} --------------------------" - - if [ -n "${CU_SUBJECT}" ]; then - #the subject of the cert contains blanks, and the shell - #will strip the quotes off the string, if called otherwise... - echo "certutil -s \"${CU_SUBJECT}\" $*" - certutil -s "${CU_SUBJECT}" $* - RET=$? - CU_SUBJECT="" - else - echo "certutil $*" - certutil $* - RET=$? - fi - if [ "$RET" -ne 0 ]; then - CERTFAILED=$RET - html_failed "${CU_ACTION} ($RET) " - cert_log "ERROR: ${CU_ACTION} failed $RET" - else - html_passed "${CU_ACTION}" - fi - - # echo "Contine?" - # cat > /dev/null - return $RET -} - -############################# cert_init_cert ########################## -# local shell function to initialize creation of client and server certs -######################################################################## -cert_init_cert() -{ - CERTDIR="$1" - CERTNAME="$2" - CERTSERIAL="$3" - DOMAIN="$4" - - if [ ! -d "${CERTDIR}" ]; then - mkdir -p "${CERTDIR}" - else - echo "$SCRIPTNAME: WARNING - ${CERTDIR} exists" - fi - cd "${CERTDIR}" - CERTDIR="." - - PROFILEDIR=${CERTDIR} - if [ -n "${MULTIACCESS_DBM}" ]; then - PROFILEDIR="multiaccess:${DOMAIN}" - fi - - noise -} - -############################# hw_acc ################################# -# local shell function to add hw accelerator modules to the db -######################################################################## -hw_acc() -{ - HW_ACC_RET=0 - HW_ACC_ERR="" - if [ -n "$O_HWACC" -a "$O_HWACC" = ON -a -z "$USE_64" ] ; then - echo "creating $CERTNAME s cert with hwaccelerator..." - #case $ACCELERATOR in - #rainbow) - - - echo "modutil -add rainbow -libfile /usr/lib/libcryptoki22.so " - echo " -dbdir ${PROFILEDIR} 2>&1 " - echo | modutil -add rainbow -libfile /usr/lib/libcryptoki22.so \ - -dbdir ${PROFILEDIR} 2>&1 - if [ "$?" -ne 0 ]; then - echo "modutil -add rainbow failed in `pwd`" - HW_ACC_RET=1 - HW_ACC_ERR="modutil -add rainbow" - fi - - echo "modutil -add ncipher " - echo " -libfile /opt/nfast/toolkits/pkcs11/libcknfast.so " - echo " -dbdir ${PROFILEDIR} 2>&1 " - echo | modutil -add ncipher \ - -libfile /opt/nfast/toolkits/pkcs11/libcknfast.so \ - -dbdir ${PROFILEDIR} 2>&1 - if [ "$?" -ne 0 ]; then - echo "modutil -add ncipher failed in `pwd`" - HW_ACC_RET=`expr $HW_ACC_RET + 2` - HW_ACC_ERR="$HW_ACC_ERR,modutil -add ncipher" - fi - if [ "$HW_ACC_RET" -ne 0 ]; then - html_failed "Adding HW accelerators to certDB for ${CERTNAME} ($HW_ACC_RET) " - else - html_passed "Adding HW accelerators to certDB for ${CERTNAME}" - fi - - fi - return $HW_ACC_RET -} - -############################# cert_create_cert ######################### -# local shell function to create client certs -# initialize DB, import -# root cert -# add cert to DB -######################################################################## -cert_create_cert() -{ - cert_init_cert "$1" "$2" "$3" "$4" - - CU_ACTION="Initializing ${CERTNAME}'s Cert DB" - certu -N -d "${PROFILEDIR}" -f "${R_PWFILE}" 2>&1 - if [ "$RET" -ne 0 ]; then - return $RET - fi - hw_acc - CU_ACTION="Import Root CA for $CERTNAME" - certu -A -n "TestCA" -t "TC,TC,TC" -f "${R_PWFILE}" -d "${PROFILEDIR}" \ - -i "${R_CADIR}/root.cert" 2>&1 - if [ "$RET" -ne 0 ]; then - return $RET - fi - cert_add_cert "$5" - return $? -} - -############################# cert_add_cert ############################ -# local shell function to add client certs to an existing CERT DB -# generate request -# sign request -# import Cert -# -######################################################################## -cert_add_cert() -{ - - CU_ACTION="Generate Cert Request for $CERTNAME" - CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US" - certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" -o req 2>&1 - if [ "$RET" -ne 0 ]; then - return $RET - fi - - CU_ACTION="Sign ${CERTNAME}'s Request" - certu -C -c "TestCA" -m "$CERTSERIAL" -v 60 -d "${P_R_CADIR}" \ - -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" "$1" 2>&1 - if [ "$RET" -ne 0 ]; then - return $RET - fi - - CU_ACTION="Import $CERTNAME's Cert" - certu -A -n "$CERTNAME" -t "u,u,u" -d "${PROFILEDIR}" -f "${R_PWFILE}" \ - -i "${CERTNAME}.cert" 2>&1 - if [ "$RET" -ne 0 ]; then - return $RET - fi - - cert_log "SUCCESS: $CERTNAME's Cert Created" - return 0 -} - -################################# cert_all_CA ################################ -# local shell function to build the additional Temp. Certificate Authority (CA) -# used for the "real life" ssl test with 2 different CA's in the -# client and in teh server's dir -########################################################################## -cert_all_CA() -{ - echo nss > ${PWFILE} - - ALL_CU_SUBJECT="CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US" - cert_CA $CADIR TestCA -x "CTu,CTu,CTu" ${D_CA} "1" - - ALL_CU_SUBJECT="CN=NSS Server Test CA, O=BOGUS NSS, L=Santa Clara, ST=California, C=US" - cert_CA $SERVER_CADIR serverCA -x "Cu,Cu,Cu" ${D_SERVER_CA} "2" - ALL_CU_SUBJECT="CN=NSS Chain1 Server Test CA, O=BOGUS NSS, L=Santa Clara, ST=California, C=US" - cert_CA $SERVER_CADIR chain-1-serverCA "-c serverCA" "u,u,u" ${D_SERVER_CA} "3" - ALL_CU_SUBJECT="CN=NSS Chain2 Server Test CA, O=BOGUS NSS, L=Santa Clara, ST=California, C=US" - cert_CA $SERVER_CADIR chain-2-serverCA "-c chain-1-serverCA" "u,u,u" ${D_SERVER_CA} "4" - - - - ALL_CU_SUBJECT="CN=NSS Client Test CA, O=BOGUS NSS, L=Santa Clara, ST=California, C=US" - cert_CA $CLIENT_CADIR clientCA -x "Tu,Cu,Cu" ${D_CLIENT_CA} "5" - ALL_CU_SUBJECT="CN=NSS Chain1 Client Test CA, O=BOGUS NSS, L=Santa Clara, ST=California, C=US" - cert_CA $CLIENT_CADIR chain-1-clientCA "-c clientCA" "u,u,u" ${D_CLIENT_CA} "6" - ALL_CU_SUBJECT="CN=NSS Chain2 Client Test CA, O=BOGUS NSS, L=Santa Clara, ST=California, C=US" - cert_CA $CLIENT_CADIR chain-2-clientCA "-c chain-1-clientCA" "u,u,u" ${D_CLIENT_CA} "7" - - rm $CLIENT_CADIR/root.cert $SERVER_CADIR/root.cert - # root.cert in $CLIENT_CADIR and in $SERVER_CADIR is the one of the last - # in the chain -} - -################################# cert_CA ################################ -# local shell function to build the Temp. Certificate Authority (CA) -# used for testing purposes, creating a CA Certificate and a root cert -########################################################################## -cert_CA() -{ - CUR_CADIR=$1 - NICKNAME=$2 - SIGNER=$3 - TRUSTARG=$4 - DOMAIN=$5 - CERTSERIAL=$6 - - echo "$SCRIPTNAME: Creating a CA Certificate $NICKNAME ==========================" - - if [ ! -d "${CUR_CADIR}" ]; then - mkdir -p "${CUR_CADIR}" - fi - cd ${CUR_CADIR} - pwd - - LPROFILE=. - if [ -n "${MULTIACCESS_DBM}" ]; then - LPROFILE="multiaccess:${DOMAIN}" - fi - - if [ "$SIGNER" = "-x" ] ; then # self signed -> create DB - CU_ACTION="Creating CA Cert DB" - certu -N -d ${LPROFILE} -f ${R_PWFILE} 2>&1 - if [ "$RET" -ne 0 ]; then - Exit 5 "Fatal - failed to create CA $NICKNAME " - fi - echo "$SCRIPTNAME: Certificate initialized ----------" - fi - - - ################# Creating CA Cert ###################################### - # - CU_ACTION="Creating CA Cert $NICKNAME " - CU_SUBJECT=$ALL_CU_SUBJECT - certu -S -n $NICKNAME -t $TRUSTARG -v 600 $SIGNER -d ${LPROFILE} -1 -2 -5 \ - -f ${R_PWFILE} -z ${R_NOISE_FILE} -m $CERTSERIAL 2>&1 <&1 - - #CU_ACTION="Export Dave's Cert" - #cd ${DAVEDIR} - #certu -L -n "Dave" -r -d ${P_R_DAVE} -o Dave.cert - - ################# Importing Certificates for S/MIME tests ############### - # - echo "$SCRIPTNAME: Importing Certificates ==============================" - CU_ACTION="Import Alices's cert into Bob's db" - certu -E -t "p,p,p" -d ${P_R_BOBDIR} -f ${R_PWFILE} \ - -i ${R_ALICEDIR}/Alice.cert 2>&1 - - CU_ACTION="Import Bob's cert into Alice's db" - certu -E -t "p,p,p" -d ${P_R_ALICEDIR} -f ${R_PWFILE} \ - -i ${R_BOBDIR}/Bob.cert 2>&1 - - CU_ACTION="Import Dave's cert into Alice's DB" - certu -E -t "p,p,p" -d ${P_R_ALICEDIR} -f ${R_PWFILE} \ - -i ${R_DAVEDIR}/Dave.cert 2>&1 - - CU_ACTION="Import Dave's cert into Bob's DB" - certu -E -t "p,p,p" -d ${P_R_BOBDIR} -f ${R_PWFILE} \ - -i ${R_DAVEDIR}/Dave.cert 2>&1 - - CU_ACTION="Import Eve's cert into Alice's DB" - certu -E -t "p,p,p" -d ${P_R_ALICEDIR} -f ${R_PWFILE} \ - -i ${R_EVEDIR}/Eve.cert 2>&1 - - CU_ACTION="Import Eve's cert into Bob's DB" - certu -E -t "p,p,p" -d ${P_R_BOBDIR} -f ${R_PWFILE} \ - -i ${R_EVEDIR}/Eve.cert 2>&1 - - if [ "$CERTFAILED" != 0 ] ; then - cert_log "ERROR: SMIME failed $RET" - else - cert_log "SUCCESS: SMIME passed" - fi -} - -############################## cert_ssl ################################ -# local shell function to create client + server certs for extended SSL test -######################################################################## -cert_extended_ssl() -{ - ################# Creating Certs for extended SSL test #################### - # - CERTFAILED=0 - echo "$SCRIPTNAME: Creating Certificates, issued by the last ===============" - echo " of a chain of CA's which are not in the same database============" - - echo "Server Cert" - cert_init_cert ${EXT_SERVERDIR} "${HOSTADDR}" 1 ${D_EXT_SERVER} - - CU_ACTION="Initializing ${CERTNAME}'s Cert DB (ext.)" - certu -N -d "${PROFILEDIR}" -f "${R_PWFILE}" 2>&1 - - CU_ACTION="Generate Cert Request for $CERTNAME (ext)" - CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US" - certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" -o req 2>&1 - - CU_ACTION="Sign ${CERTNAME}'s Request (ext)" - cp ${CERTDIR}/req ${SERVER_CADIR} - certu -C -c "chain-2-serverCA" -m 200 -v 60 -d "${P_SERVER_CADIR}" \ - -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" 2>&1 - - CU_ACTION="Import $CERTNAME's Cert -t u,u,u (ext)" - certu -A -n "$CERTNAME" -t "u,u,u" -d "${PROFILEDIR}" -f "${R_PWFILE}" \ - -i "${CERTNAME}.cert" 2>&1 - - CU_ACTION="Import Client Root CA -t T,, for $CERTNAME (ext.)" - certu -A -n "clientCA" -t "T,," -f "${R_PWFILE}" -d "${PROFILEDIR}" \ - -i "${CLIENT_CADIR}/clientCA.ca.cert" 2>&1 - echo "Importing all the server's own CA chain into the servers DB" - for CA in `find ${SERVER_CADIR} -name "?*.ca.cert"` ; - do - N=`basename $CA | sed -e "s/.ca.cert//"` - if [ $N = "serverCA" ] ; then - T="-t C,C,C" - else - T="-t u,u,u" - fi - CU_ACTION="Import $N CA $T for $CERTNAME (ext.) " - certu -A -n $N $T -f "${R_PWFILE}" -d "${PROFILEDIR}" \ - -i "${CA}" 2>&1 - done -#============ - echo "Client Cert" - cert_init_cert ${EXT_CLIENTDIR} ExtendedSSLUser 1 ${D_EXT_CLIENT} - - CU_ACTION="Initializing ${CERTNAME}'s Cert DB (ext.)" - certu -N -d "${PROFILEDIR}" -f "${R_PWFILE}" 2>&1 - - CU_ACTION="Generate Cert Request for $CERTNAME (ext)" - CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US" - certu -R -d "${PROFILEDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" -o req 2>&1 - - CU_ACTION="Sign ${CERTNAME}'s Request (ext)" - cp ${CERTDIR}/req ${CLIENT_CADIR} - certu -C -c "chain-2-clientCA" -m 300 -v 60 -d "${P_CLIENT_CADIR}" \ - -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" 2>&1 - - CU_ACTION="Import $CERTNAME's Cert -t u,u,u (ext)" - certu -A -n "$CERTNAME" -t "u,u,u" -d "${PROFILEDIR}" -f "${R_PWFILE}" \ - -i "${CERTNAME}.cert" 2>&1 - CU_ACTION="Import Server Root CA -t C,C,C for $CERTNAME (ext.)" - certu -A -n "serverCA" -t "C,C,C" -f "${R_PWFILE}" -d "${PROFILEDIR}" \ - -i "${SERVER_CADIR}/serverCA.ca.cert" 2>&1 - echo "Importing all the client's own CA chain into the servers DB" - for CA in `find ${CLIENT_CADIR} -name "?*.ca.cert"` ; - do - N=`basename $CA | sed -e "s/.ca.cert//"` - if [ $N = "clientCA" ] ; then - T="-t T,C,C" - else - T="-t u,u,u" - fi - CU_ACTION="Import $N CA $T for $CERTNAME (ext.)" - certu -A -n $N $T -f "${R_PWFILE}" -d "${PROFILEDIR}" \ - -i "${CA}" 2>&1 - done - if [ "$CERTFAILED" != 0 ] ; then - cert_log "ERROR: EXT failed $RET" - else - cert_log "SUCCESS: EXT passed" - fi -} - -############################## cert_ssl ################################ -# local shell function to create client + server certs for SSL test -######################################################################## -cert_ssl() -{ - ################# Creating Certs for SSL test ########################### - # - CERTFAILED=0 - echo "$SCRIPTNAME: Creating Client CA Issued Certificates ===============" - cert_create_cert ${CLIENTDIR} "TestUser" 70 ${D_CLIENT} - - echo "$SCRIPTNAME: Creating Server CA Issued Certificate for \\" - echo " ${HOSTADDR} ------------------------------------" - cert_create_cert ${SERVERDIR} "${HOSTADDR}" 100 ${D_SERVER} - certu -M -n "TestCA" -t "TC,TC,TC" -d ${PROFILEDIR} -# cert_init_cert ${SERVERDIR} "${HOSTADDR}" 1 ${D_SERVER} -# echo "************* Copying CA files to ${SERVERDIR}" -# cp ${CADIR}/*.db . -# hw_acc -# CU_ACTION="Creating ${CERTNAME}'s Server Cert" -# CU_SUBJECT="CN=${CERTNAME}, O=BOGUS Netscape, L=Mountain View, ST=California, C=US" -# certu -S -n "${CERTNAME}" -c "TestCA" -t "Pu,Pu,Pu" -d ${PROFILEDIR} \ -# -f "${R_PWFILE}" -z "${R_NOISE_FILE}" -v 60 2>&1 - - if [ "$CERTFAILED" != 0 ] ; then - cert_log "ERROR: SSL failed $RET" - else - cert_log "SUCCESS: SSL passed" - fi -} -############################## cert_stresscerts ################################ -# local shell function to create client certs for SSL stresstest -######################################################################## -cert_stresscerts() -{ - - ############### Creating Certs for SSL stress test ####################### - # - CERTDIR="$CLIENTDIR" - cd "${CERTDIR}" - - PROFILEDIR=${CERTDIR} - if [ -n "${MULTIACCESS_DBM}" ]; then - PROFILEDIR="multiaccess:${D_CLIENT}" - fi - CERTFAILED=0 - echo "$SCRIPTNAME: Creating Client CA Issued Certificates ===============" - - CONTINUE=$GLOB_MAX_CERT - CERTSERIAL=10 - - while [ $CONTINUE -ge $GLOB_MIN_CERT ] - do - CERTNAME="TestUser$CONTINUE" -# cert_add_cert ${CLIENTDIR} "TestUser$CONTINUE" $CERTSERIAL - cert_add_cert - CERTSERIAL=`expr $CERTSERIAL + 1 ` - CONTINUE=`expr $CONTINUE - 1 ` - done - if [ "$CERTFAILED" != 0 ] ; then - cert_log "ERROR: StressCert failed $RET" - else - cert_log "SUCCESS: StressCert passed" - fi -} - -############################## cert_fips ##################################### -# local shell function to create certificates for FIPS tests -############################################################################## -cert_fips() -{ - CERTFAILED=0 - echo "$SCRIPTNAME: Creating FIPS 140-1 DSA Certificates ==============" - cert_init_cert "${FIPSDIR}" "FIPS PUB 140-1 Test Certificate" 1000 "${D_FIPS}" - - CU_ACTION="Initializing ${CERTNAME}'s Cert DB" - certu -N -d "${PROFILEDIR}" -f "${R_FIPSPWFILE}" 2>&1 - - echo "$SCRIPTNAME: Enable FIPS mode on database -----------------------" - CU_ACTION="Enable FIPS mode on database for ${CERTNAME}" - echo "modutil -dbdir ${PROFILEDIR} -fips true " - modutil -dbdir ${PROFILEDIR} -fips true 2>&1 <${CU_ACTION} ($RET) " - cert_log "ERROR: ${CU_ACTION} failed $RET" - else - html_passed "${CU_ACTION}" - fi - - CU_ACTION="Generate Certificate for ${CERTNAME}" - CU_SUBJECT="CN=${CERTNAME}, E=fips@bogus.com, O=BOGUS NSS, OU=FIPS PUB 140-1, L=Mountain View, ST=California, C=US" - certu -S -n ${FIPSCERTNICK} -x -t "Cu,Cu,Cu" -d "${PROFILEDIR}" -f "${R_FIPSPWFILE}" -k dsa -v 600 -m 500 -z "${R_NOISE_FILE}" 2>&1 - if [ "$RET" -eq 0 ]; then - cert_log "SUCCESS: FIPS passed" - fi -} - -############################## cert_cleanup ############################ -# local shell function to finish this script (no exit since it might be -# sourced) -######################################################################## -cert_cleanup() -{ - cert_log "$SCRIPTNAME: finished $SCRIPTNAME" - html "
" - cd ${QADIR} - . common/cleanup.sh -} - -################## main ################################################# - -cert_init -cert_all_CA -cert_extended_ssl -cert_ssl -cert_smime_client -cert_fips -if [ -n "$DO_DIST_ST" -a "$DO_DIST_ST" = "TRUE" ] ; then - cert_stresscerts - #following lines to be used when databases are to be reused - #cp -r /u/sonmi/tmp/stress/kentuckyderby.13/* $HOSTDIR - #cp -r $HOSTDIR/../${HOST}.2/* $HOSTDIR - -fi -cert_cleanup diff --git a/security/nss/tests/tools/noectools.sh b/security/nss/tests/tools/noectools.sh deleted file mode 100644 index 3a2c8dbda4ad..000000000000 --- a/security/nss/tests/tools/noectools.sh +++ /dev/null @@ -1,193 +0,0 @@ -#! /bin/sh -# -# ***** BEGIN LICENSE BLOCK ***** -# Version: MPL 1.1/GPL 2.0/LGPL 2.1 -# -# The contents of this file are subject to the Mozilla Public License Version -# 1.1 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS IS" basis, -# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -# for the specific language governing rights and limitations under the -# License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is -# Netscape Communications Corporation. -# Portions created by the Initial Developer are Copyright (C) 1994-2000 -# the Initial Developer. All Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the terms of -# either the GNU General Public License Version 2 or later (the "GPL"), or -# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -# in which case the provisions of the GPL or the LGPL are applicable instead -# of those above. If you wish to allow use of your version of this file only -# under the terms of either the GPL or the LGPL, and not to allow others to -# use your version of this file under the terms of the MPL, indicate your -# decision by deleting the provisions above and replace them with the notice -# and other provisions required by the GPL or the LGPL. If you do not delete -# the provisions above, a recipient may use your version of this file under -# the terms of any one of the MPL, the GPL or the LGPL. -# -# ***** END LICENSE BLOCK ***** - -######################################################################## -# -# mozilla/security/nss/tests/tools/noectools.sh -# -# Script to test basic functionallity of NSS tools -# -# needs to work on all Unix and Windows platforms -# -# tests implemented: -# pk12util -# signtool -# -# special strings -# --------------- -# FIXME ... known problems, search for this string -# NOTE .... unexpected behavior -# -######################################################################## - -############################## tools_init ############################## -# local shell function to initialize this script -######################################################################## -tools_init() -{ - SCRIPTNAME=tools.sh # sourced - $0 would point to all.sh - - if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for - CLEANUP="${SCRIPTNAME}" # cleaning this script will do it - fi - - if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then - cd ../common - . ./init.sh - fi - if [ ! -r $CERT_LOG_FILE ]; then # we need certificates here - cd ../cert - . ./cert.sh - fi - SCRIPTNAME=tools.sh - html_head "Tools Tests" - - grep "SUCCESS: SMIME passed" $CERT_LOG_FILE >/dev/null || { - Exit 15 "Fatal - S/MIME of cert.sh needs to pass first" - } - - TOOLSDIR=${HOSTDIR}/tools - COPYDIR=${TOOLSDIR}/copydir - - R_TOOLSDIR=../tools - R_COPYDIR=../tools/copydir - P_R_COPYDIR=${R_COPYDIR} - if [ -n "${MULTIACCESS_DBM}" ]; then - P_R_COPYDIR="multiaccess:Tools.$version" - fi - - mkdir -p ${TOOLSDIR} - mkdir -p ${COPYDIR} - mkdir -p ${TOOLSDIR}/html - cp ${QADIR}/tools/sign*.html ${TOOLSDIR}/html - - cd ${TOOLSDIR} -} - -############################## tools_p12 ############################### -# local shell function to test basic functionality of pk12util -######################################################################## -tools_p12() -{ - echo "$SCRIPTNAME: Exporting Alice's email cert & key------------------" - echo "pk12util -o Alice.p12 -n \"Alice\" -d ${P_R_ALICEDIR} -k ${R_PWFILE} \\" - echo " -w ${R_PWFILE}" - pk12util -o Alice.p12 -n "Alice" -d ${P_R_ALICEDIR} -k ${R_PWFILE} \ - -w ${R_PWFILE} 2>&1 - ret=$? - html_msg $ret 0 "Exporting Alice's email cert & key (pk12util -o)" - check_tmpfile - - echo "$SCRIPTNAME: Importing Alice's email cert & key -----------------" - echo "pk12util -i Alice.p12 -d ${P_R_COPYDIR} -k ${R_PWFILE} -w ${R_PWFILE}" - pk12util -i Alice.p12 -d ${P_R_COPYDIR} -k ${R_PWFILE} -w ${R_PWFILE} 2>&1 - ret=$? - html_msg $ret 0 "Importing Alice's email cert & key (pk12util -i)" - check_tmpfile -} - -############################## tools_sign ############################## -# local shell function pk12util uses a hardcoded tmp file, if this exists -# and is owned by another user we don't get reasonable errormessages -######################################################################## -check_tmpfile() -{ - if [ $ret != "0" -a -f /tmp/Pk12uTemp ] ; then - echo "Error: pk12util temp file exists. Please remove this file and" - echo " rerun the test (/tmp/Pk12uTemp) " - fi -} - -############################## tools_sign ############################## -# local shell function to test basic functionality of signtool -######################################################################## -tools_sign() -{ - echo "$SCRIPTNAME: Create objsign cert -------------------------------" - echo "signtool -G \"objectsigner\" -d ${P_R_ALICEDIR} -p \"nss\"" - signtool -G "objsigner" -d ${P_R_ALICEDIR} -p "nss" 2>&1 <
" - cd ${QADIR} - . common/cleanup.sh -} - -################## main ################################################# - -tools_init - -tools_p12 - -tools_sign -tools_cleanup - -