[4f79997] | 1 | #!/usr/bin/env sh |
---|
[3c30b59] | 2 | #creddy --verify --cert <issuer> [ --attrcert <cert> ] |
---|
| 3 | #verify.sh |
---|
| 4 | |
---|
[4f79997] | 5 | if [ -z "${TESTDIR}" ] ; then |
---|
| 6 | TESTDIR=.. |
---|
| 7 | fi |
---|
[3c30b59] | 8 | . ${TESTDIR}/test_util.sh |
---|
| 9 | |
---|
| 10 | runXTest "creddy_tests/verify.sh" "test1" \ |
---|
| 11 | "$eloc/creddy --verify --cert Coyote_ID.pem --attrcert Acme_buy_rockets__Acme_preferred_customer_attr.xml" \ |
---|
| 12 | 0 "have mismatched principals" "ID and attr are still valid but differ in principals" |
---|
| 13 | |
---|
| 14 | runTest "creddy_tests/verify.sh" "test2" \ |
---|
| 15 | "$eloc/creddy --verify --cert Acme_ID.pem --attrcert Acme_buy_rockets__Acme_preferred_customer_attr.xml" \ |
---|
| 16 | 0 "matching principal and attribute" |
---|
| 17 | |
---|
| 18 | runTest "creddy_tests/verify.sh" "test3" \ |
---|
| 19 | "$eloc/creddy --verify --cert Acme_private.pem" \ |
---|
| 20 | 1 "verify with just a privkey" |
---|
| 21 | |
---|
| 22 | ## this should really fail with a specific error code, |
---|
| 23 | runTest "creddy_tests/verify.sh" "test4" \ |
---|
| 24 | "$eloc/creddy --verify --cert Acme_ID.pem --attrcert bad_attr.xml" \ |
---|
| 25 | 0 "verify with non existing attribute, but still pass because issuer is okay" |
---|
| 26 | |
---|
| 27 | runTest "creddy_tests/verify.sh" "test5" \ |
---|
| 28 | "$eloc/creddy --verify --cert Acme_buy_rockets__Acme_preferred_customer_attr.xml " \ |
---|
| 29 | 1 "verify with just an attribute" |
---|
| 30 | |
---|
| 31 | runTest "creddy_tests/verify.sh" "test6" \ |
---|
| 32 | "$eloc/creddy --verify --cert bad_attr.xml" \ |
---|
| 33 | 1 "verify with just a none existing attribute" |
---|
| 34 | |
---|
| 35 | runTest "creddy_tests/verify.sh" "test7" \ |
---|
| 36 | "$eloc/creddy --verify --cert Coyote_ID.pem" \ |
---|
| 37 | 0 "verify just an issuer" |
---|
| 38 | |
---|
| 39 | runTest "creddy_tests/verify.sh" "test8" \ |
---|
| 40 | "$eloc/creddy --verify --cert not_ss.pem" \ |
---|
| 41 | 0 "verify just a none self signed principal pem" |
---|
| 42 | |
---|
| 43 | runTest "creddy_tests/verify.sh" "test9" \ |
---|
| 44 | "$eloc/creddy --verify --attrcert not_ss.xml" \ |
---|
| 45 | 1 "verify just a none self signed attribute" |
---|
| 46 | |
---|
| 47 | runTest "creddy_tests/verify.sh" "test10" \ |
---|
| 48 | "$eloc/creddy --verify --cert not_ss.xml" \ |
---|
| 49 | 1 "incorrectly trying to verify a none self signed attribute as an issuer cert" |
---|
| 50 | |
---|
| 51 | runTest "creddy_tests/verify.sh" "test11" \ |
---|
| 52 | "$eloc/creddy --verify --cert priv.xml" \ |
---|
| 53 | 1 "trying to verify GENI privilege attribute as an issuer cert" |
---|
| 54 | |
---|
| 55 | runTest "creddy_tests/verify.sh" "test12" \ |
---|
| 56 | "$eloc/creddy --verify --cert PGissuer.pem" \ |
---|
| 57 | 0 "verify a GENI's issuer pem" |
---|
| 58 | |
---|
| 59 | runTest "creddy_tests/verify.sh" "test13" \ |
---|
| 60 | "$eloc/creddy --verify --cert ProtoGENI.xml" \ |
---|
| 61 | 1 "incorrectly trying to verify a GENI issued attribute as issuer cert" |
---|
| 62 | |
---|
| 63 | |
---|