[461541a] | 1 | #!/bin/sh |
---|
[3c30b59] | 2 | #creddy --verify --cert <issuer> [ --attrcert <cert> ] |
---|
| 3 | #verify.sh |
---|
| 4 | |
---|
| 5 | . ${TESTDIR}/test_util.sh |
---|
| 6 | |
---|
| 7 | runXTest "creddy_tests/verify.sh" "test1" \ |
---|
| 8 | "$eloc/creddy --verify --cert Coyote_ID.pem --attrcert Acme_buy_rockets__Acme_preferred_customer_attr.xml" \ |
---|
| 9 | 0 "have mismatched principals" "ID and attr are still valid but differ in principals" |
---|
| 10 | |
---|
| 11 | runTest "creddy_tests/verify.sh" "test2" \ |
---|
| 12 | "$eloc/creddy --verify --cert Acme_ID.pem --attrcert Acme_buy_rockets__Acme_preferred_customer_attr.xml" \ |
---|
| 13 | 0 "matching principal and attribute" |
---|
| 14 | |
---|
| 15 | runTest "creddy_tests/verify.sh" "test3" \ |
---|
| 16 | "$eloc/creddy --verify --cert Acme_private.pem" \ |
---|
| 17 | 1 "verify with just a privkey" |
---|
| 18 | |
---|
| 19 | ## this should really fail with a specific error code, |
---|
| 20 | runTest "creddy_tests/verify.sh" "test4" \ |
---|
| 21 | "$eloc/creddy --verify --cert Acme_ID.pem --attrcert bad_attr.xml" \ |
---|
| 22 | 0 "verify with non existing attribute, but still pass because issuer is okay" |
---|
| 23 | |
---|
| 24 | runTest "creddy_tests/verify.sh" "test5" \ |
---|
| 25 | "$eloc/creddy --verify --cert Acme_buy_rockets__Acme_preferred_customer_attr.xml " \ |
---|
| 26 | 1 "verify with just an attribute" |
---|
| 27 | |
---|
| 28 | runTest "creddy_tests/verify.sh" "test6" \ |
---|
| 29 | "$eloc/creddy --verify --cert bad_attr.xml" \ |
---|
| 30 | 1 "verify with just a none existing attribute" |
---|
| 31 | |
---|
| 32 | runTest "creddy_tests/verify.sh" "test7" \ |
---|
| 33 | "$eloc/creddy --verify --cert Coyote_ID.pem" \ |
---|
| 34 | 0 "verify just an issuer" |
---|
| 35 | |
---|
| 36 | runTest "creddy_tests/verify.sh" "test8" \ |
---|
| 37 | "$eloc/creddy --verify --cert not_ss.pem" \ |
---|
| 38 | 0 "verify just a none self signed principal pem" |
---|
| 39 | |
---|
| 40 | runTest "creddy_tests/verify.sh" "test9" \ |
---|
| 41 | "$eloc/creddy --verify --attrcert not_ss.xml" \ |
---|
| 42 | 1 "verify just a none self signed attribute" |
---|
| 43 | |
---|
| 44 | runTest "creddy_tests/verify.sh" "test10" \ |
---|
| 45 | "$eloc/creddy --verify --cert not_ss.xml" \ |
---|
| 46 | 1 "incorrectly trying to verify a none self signed attribute as an issuer cert" |
---|
| 47 | |
---|
| 48 | runTest "creddy_tests/verify.sh" "test11" \ |
---|
| 49 | "$eloc/creddy --verify --cert priv.xml" \ |
---|
| 50 | 1 "trying to verify GENI privilege attribute as an issuer cert" |
---|
| 51 | |
---|
| 52 | runTest "creddy_tests/verify.sh" "test12" \ |
---|
| 53 | "$eloc/creddy --verify --cert PGissuer.pem" \ |
---|
| 54 | 0 "verify a GENI's issuer pem" |
---|
| 55 | |
---|
| 56 | runTest "creddy_tests/verify.sh" "test13" \ |
---|
| 57 | "$eloc/creddy --verify --cert ProtoGENI.xml" \ |
---|
| 58 | 1 "incorrectly trying to verify a GENI issued attribute as issuer cert" |
---|
| 59 | |
---|
| 60 | |
---|