X-Git-Url: http://wagner.pp.ru/gitweb/?a=blobdiff_plain;f=tcl_tests%2Fca.try;h=dd2d8df014cafa78d33d6b483ad3b5df04ed4bed;hb=194fd485db2627afe07bb92e0e12dc3363675d64;hp=6d76283a22888c99198f78bdecd55f2d7c20e246;hpb=b0f5bce10dcc05198e2e58ee08e1cc3dcd3d1aea;p=openssl-gost%2Fengine.git diff --git a/tcl_tests/ca.try b/tcl_tests/ca.try index 6d76283..dd2d8df 100644 --- a/tcl_tests/ca.try +++ b/tcl_tests/ca.try @@ -11,14 +11,22 @@ if {[info exists env(ALG_LIST)]} { } else { switch -exact [engine_name] { "ccore" {set alg_pair_list {gost2001:A {gost2001:B} gost2012_256:A {gost2012_256:C} gost2012_512:B {gost2012_256:B gost2012_512:A}}} - "open" {set alg_pair_list {gost2001:A {gost2001:B} gost2012_256:A {gost2012_256:C} gost2012_512:B {gost2012_256:B gost2012_512:A}}} + "open" { + set alg_pair_list { + gost2001:A {gost2001:B} + gost2012_256:A {gost2012_256:B gost2012_512:B} + gost2012_256:TCA {gost2012_256:A gost2012_512:A} + gost2012_512:A {gost2012_256:A gost2012_256:TCA gost2012_512:A gost2012_512:C} + gost2012_512:C {gost2012_256:B gost2012_256:TCB gost2012_512:B gost2012_512:C} + } + } } } foreach {ca_alg alg_list} $alg_pair_list { set ca_alg_fn [string map {":" "_"} $ca_alg] -test "Creating CA" { +test "Creating CA ($ca_alg)" { makeCA ${testname}CA-$ca_alg_fn $ca_alg } 0 1 @@ -29,7 +37,7 @@ foreach alg $alg_list { set userdir U_ca_${alg_fn}_for_${ca_alg_fn} #Depends on previous -test "Creating user request" { +test "Creating user request ($alg)" { makeUser $userdir $alg } 0 1 @@ -84,13 +92,9 @@ test -skip {![file exists test.crl]} "Verifying corrupted CRL" { " test "Verifying CA certificate" { - grep "(cacert.pem|error|OK)" [openssl "verify $::test::ca/cacert.pem"] -} 1 "error $::test::ca/cacert.pem: verification failed -STDERR CONTENTS: -C = RU, L = Moscow, CN = Test CA $ca_alg, O = Cryptocom, OU = OpenSSL CA, emailAddress = openssl@cryptocom.ru -error 18 at 0 depth lookup: self signed certificate" - - + grep "(cacert.pem|error|OK)" [openssl "verify -CAfile $::test::ca/cacert.pem $::test::ca/cacert.pem"] +} 0 "$::test::ca/cacert.pem: OK +" test "Verifying certificate" { grep "cert.pem" [openssl "verify -CAfile $::test::ca/cacert.pem $userdir/cert.pem"] @@ -110,12 +114,12 @@ test "Verifying revoked certificate" { test "Create a PKCS#7 structure from a certificate and CRL" { openssl "crl2pkcs7 -in test.crl -certfile $userdir/cert.pem -out $userdir/p7.pem" extract_oids $userdir/p7.pem PEM -} 0 [mkObjList [hash_with_sign_long_name $ca_alg] [alg_long_name $alg] [pubkey_long_name $alg] [param_hash_long_name [param_hash $alg]] [hash_with_sign_long_name $ca_alg] [hash_with_sign_long_name $ca_alg] [hash_with_sign_long_name $ca_alg]] +} 0 [mkObjList [hash_with_sign_long_name $ca_alg] [alg_long_name $alg] [pubkey_long_name $alg] [param_hash_long_name [param_hash $alg] $alg] [hash_with_sign_long_name $ca_alg] [hash_with_sign_long_name $ca_alg] [hash_with_sign_long_name $ca_alg]] test "Creates a PKCS#7 structure without CRL" { openssl "crl2pkcs7 -nocrl -certfile $userdir/cert.pem -certfile $::test::ca/cacert.pem -out $userdir/p7_nocrl.pem" extract_oids $userdir/p7_nocrl.pem PEM -} 0 [mkObjList [hash_with_sign_long_name $ca_alg] [alg_long_name $alg] [pubkey_long_name $alg] [param_hash_long_name [param_hash $alg]] [hash_with_sign_long_name $ca_alg] [hash_with_sign_long_name $ca_alg] [alg_long_name $ca_alg] [pubkey_long_name $ca_alg] [param_hash_long_name [param_hash $ca_alg]] [hash_with_sign_long_name $ca_alg]] +} 0 [mkObjList [hash_with_sign_long_name $ca_alg] [alg_long_name $alg] [pubkey_long_name $alg] [param_hash_long_name [param_hash $alg] $alg] [hash_with_sign_long_name $ca_alg] [hash_with_sign_long_name $ca_alg] [alg_long_name $ca_alg] [pubkey_long_name $ca_alg] [param_hash_long_name [param_hash $ca_alg] $ca_alg] [hash_with_sign_long_name $ca_alg]] }