315 lines
7.5 KiB
Diff
315 lines
7.5 KiB
Diff
|
From 920572235f82eb3a88a3b8dd274f809baee31c67 Mon Sep 17 00:00:00 2001
|
||
|
From: Rob Crittenden <rcritten@redhat.com>
|
||
|
Date: Tue, 9 Jan 2018 22:54:06 -0500
|
||
|
Subject: [PATCH 5/6] Run key generation tests against both dbm and sqlite
|
||
|
databases
|
||
|
|
||
|
Related: https://pagure.io/certmonger/issue/88
|
||
|
---
|
||
|
tests/002-keygen-dbm/expected.out | 99 +++++++++++++++++++++++++++++++++++++++
|
||
|
tests/002-keygen-dbm/run.sh | 2 +
|
||
|
tests/002-keygen-sql/expected.out | 99 +++++++++++++++++++++++++++++++++++++++
|
||
|
tests/002-keygen-sql/run.sh | 2 +
|
||
|
tests/002-keygen/expected.out | 4 +-
|
||
|
tests/002-keygen/run.sh | 12 +++--
|
||
|
6 files changed, 211 insertions(+), 7 deletions(-)
|
||
|
create mode 100644 tests/002-keygen-dbm/expected.out
|
||
|
create mode 100755 tests/002-keygen-dbm/run.sh
|
||
|
create mode 100644 tests/002-keygen-sql/expected.out
|
||
|
create mode 100755 tests/002-keygen-sql/run.sh
|
||
|
|
||
|
diff --git a/tests/002-keygen-dbm/expected.out b/tests/002-keygen-dbm/expected.out
|
||
|
new file mode 100644
|
||
|
index 00000000..dcd1af06
|
||
|
--- /dev/null
|
||
|
+++ b/tests/002-keygen-dbm/expected.out
|
||
|
@@ -0,0 +1,99 @@
|
||
|
+[nss:1024]
|
||
|
+OK.
|
||
|
+OK (RSA:1024).
|
||
|
+OK.
|
||
|
+OK (RSA:1024 after RSA:1024).
|
||
|
+OK.
|
||
|
+OK (RSA:1024 after RSA:1024).
|
||
|
+keyi1024
|
||
|
+keyi1024 (candidate (next))
|
||
|
+[nss:1536]
|
||
|
+OK.
|
||
|
+OK (RSA:1536).
|
||
|
+OK.
|
||
|
+OK (RSA:1536 after RSA:1536).
|
||
|
+OK.
|
||
|
+OK (RSA:1536 after RSA:1536).
|
||
|
+keyi1536
|
||
|
+keyi1536 (candidate (next))
|
||
|
+[nss:2048]
|
||
|
+OK.
|
||
|
+OK (RSA:2048).
|
||
|
+OK.
|
||
|
+OK (RSA:2048 after RSA:2048).
|
||
|
+OK.
|
||
|
+OK (RSA:2048 after RSA:2048).
|
||
|
+keyi2048
|
||
|
+keyi2048 (candidate (next))
|
||
|
+[nss:3072]
|
||
|
+OK.
|
||
|
+OK (RSA:3072).
|
||
|
+OK.
|
||
|
+OK (RSA:3072 after RSA:3072).
|
||
|
+OK.
|
||
|
+OK (RSA:3072 after RSA:3072).
|
||
|
+keyi3072
|
||
|
+keyi3072 (candidate (next))
|
||
|
+[nss:4096]
|
||
|
+OK.
|
||
|
+OK (RSA:4096).
|
||
|
+OK.
|
||
|
+OK (RSA:4096 after RSA:4096).
|
||
|
+OK.
|
||
|
+OK (RSA:4096 after RSA:4096).
|
||
|
+keyi4096
|
||
|
+keyi4096 (candidate (next))
|
||
|
+[nss:rosubdir]
|
||
|
+Failed to save NSS:dbm:${tmpdir}/rosubdir: need fs permissions.
|
||
|
+[nss:rwsubdir]
|
||
|
+Failed to save NSS:dbm:${tmpdir}/rwsubdir: need fs permissions.
|
||
|
+[openssl:1024]
|
||
|
+OK.
|
||
|
+OK (RSA:1024).
|
||
|
+OK.
|
||
|
+OK (RSA:1024 after RSA:1024).
|
||
|
+OK.
|
||
|
+OK (RSA:1024 after RSA:1024).
|
||
|
+${tmpdir}/sample.1024
|
||
|
+${tmpdir}/sample.1024.(next).key
|
||
|
+[openssl:1536]
|
||
|
+OK.
|
||
|
+OK (RSA:1536).
|
||
|
+OK.
|
||
|
+OK (RSA:1536 after RSA:1536).
|
||
|
+OK.
|
||
|
+OK (RSA:1536 after RSA:1536).
|
||
|
+${tmpdir}/sample.1536
|
||
|
+${tmpdir}/sample.1536.(next).key
|
||
|
+[openssl:2048]
|
||
|
+OK.
|
||
|
+OK (RSA:2048).
|
||
|
+OK.
|
||
|
+OK (RSA:2048 after RSA:2048).
|
||
|
+OK.
|
||
|
+OK (RSA:2048 after RSA:2048).
|
||
|
+${tmpdir}/sample.2048
|
||
|
+${tmpdir}/sample.2048.(next).key
|
||
|
+[openssl:3072]
|
||
|
+OK.
|
||
|
+OK (RSA:3072).
|
||
|
+OK.
|
||
|
+OK (RSA:3072 after RSA:3072).
|
||
|
+OK.
|
||
|
+OK (RSA:3072 after RSA:3072).
|
||
|
+${tmpdir}/sample.3072
|
||
|
+${tmpdir}/sample.3072.(next).key
|
||
|
+[openssl:4096]
|
||
|
+OK.
|
||
|
+OK (RSA:4096).
|
||
|
+OK.
|
||
|
+OK (RSA:4096 after RSA:4096).
|
||
|
+OK.
|
||
|
+OK (RSA:4096 after RSA:4096).
|
||
|
+${tmpdir}/sample.4096
|
||
|
+${tmpdir}/sample.4096.(next).key
|
||
|
+[openssl:rosubdir]
|
||
|
+Failed to save FILE:${tmpdir}/rosubdir/sample.4096: need fs permissions.
|
||
|
+[openssl:rwsubdir]
|
||
|
+Failed to save FILE:${tmpdir}/rwsubdir/sample.4096: need fs permissions.
|
||
|
+Test complete.
|
||
|
diff --git a/tests/002-keygen-dbm/run.sh b/tests/002-keygen-dbm/run.sh
|
||
|
new file mode 100755
|
||
|
index 00000000..36323947
|
||
|
--- /dev/null
|
||
|
+++ b/tests/002-keygen-dbm/run.sh
|
||
|
@@ -0,0 +1,2 @@
|
||
|
+#!/bin/bash -e
|
||
|
+exec env scheme=dbm: ../002-keygen/run.sh
|
||
|
diff --git a/tests/002-keygen-sql/expected.out b/tests/002-keygen-sql/expected.out
|
||
|
new file mode 100644
|
||
|
index 00000000..178f1b3a
|
||
|
--- /dev/null
|
||
|
+++ b/tests/002-keygen-sql/expected.out
|
||
|
@@ -0,0 +1,99 @@
|
||
|
+[nss:1024]
|
||
|
+OK.
|
||
|
+OK (RSA:1024).
|
||
|
+OK.
|
||
|
+OK (RSA:1024 after RSA:1024).
|
||
|
+OK.
|
||
|
+OK (RSA:1024 after RSA:1024).
|
||
|
+keyi1024
|
||
|
+keyi1024 (candidate (next))
|
||
|
+[nss:1536]
|
||
|
+OK.
|
||
|
+OK (RSA:1536).
|
||
|
+OK.
|
||
|
+OK (RSA:1536 after RSA:1536).
|
||
|
+OK.
|
||
|
+OK (RSA:1536 after RSA:1536).
|
||
|
+keyi1536
|
||
|
+keyi1536 (candidate (next))
|
||
|
+[nss:2048]
|
||
|
+OK.
|
||
|
+OK (RSA:2048).
|
||
|
+OK.
|
||
|
+OK (RSA:2048 after RSA:2048).
|
||
|
+OK.
|
||
|
+OK (RSA:2048 after RSA:2048).
|
||
|
+keyi2048
|
||
|
+keyi2048 (candidate (next))
|
||
|
+[nss:3072]
|
||
|
+OK.
|
||
|
+OK (RSA:3072).
|
||
|
+OK.
|
||
|
+OK (RSA:3072 after RSA:3072).
|
||
|
+OK.
|
||
|
+OK (RSA:3072 after RSA:3072).
|
||
|
+keyi3072
|
||
|
+keyi3072 (candidate (next))
|
||
|
+[nss:4096]
|
||
|
+OK.
|
||
|
+OK (RSA:4096).
|
||
|
+OK.
|
||
|
+OK (RSA:4096 after RSA:4096).
|
||
|
+OK.
|
||
|
+OK (RSA:4096 after RSA:4096).
|
||
|
+keyi4096
|
||
|
+keyi4096 (candidate (next))
|
||
|
+[nss:rosubdir]
|
||
|
+Failed to save NSS:sql:${tmpdir}/rosubdir: need fs permissions.
|
||
|
+[nss:rwsubdir]
|
||
|
+Failed to save NSS:sql:${tmpdir}/rwsubdir: need fs permissions.
|
||
|
+[openssl:1024]
|
||
|
+OK.
|
||
|
+OK (RSA:1024).
|
||
|
+OK.
|
||
|
+OK (RSA:1024 after RSA:1024).
|
||
|
+OK.
|
||
|
+OK (RSA:1024 after RSA:1024).
|
||
|
+${tmpdir}/sample.1024
|
||
|
+${tmpdir}/sample.1024.(next).key
|
||
|
+[openssl:1536]
|
||
|
+OK.
|
||
|
+OK (RSA:1536).
|
||
|
+OK.
|
||
|
+OK (RSA:1536 after RSA:1536).
|
||
|
+OK.
|
||
|
+OK (RSA:1536 after RSA:1536).
|
||
|
+${tmpdir}/sample.1536
|
||
|
+${tmpdir}/sample.1536.(next).key
|
||
|
+[openssl:2048]
|
||
|
+OK.
|
||
|
+OK (RSA:2048).
|
||
|
+OK.
|
||
|
+OK (RSA:2048 after RSA:2048).
|
||
|
+OK.
|
||
|
+OK (RSA:2048 after RSA:2048).
|
||
|
+${tmpdir}/sample.2048
|
||
|
+${tmpdir}/sample.2048.(next).key
|
||
|
+[openssl:3072]
|
||
|
+OK.
|
||
|
+OK (RSA:3072).
|
||
|
+OK.
|
||
|
+OK (RSA:3072 after RSA:3072).
|
||
|
+OK.
|
||
|
+OK (RSA:3072 after RSA:3072).
|
||
|
+${tmpdir}/sample.3072
|
||
|
+${tmpdir}/sample.3072.(next).key
|
||
|
+[openssl:4096]
|
||
|
+OK.
|
||
|
+OK (RSA:4096).
|
||
|
+OK.
|
||
|
+OK (RSA:4096 after RSA:4096).
|
||
|
+OK.
|
||
|
+OK (RSA:4096 after RSA:4096).
|
||
|
+${tmpdir}/sample.4096
|
||
|
+${tmpdir}/sample.4096.(next).key
|
||
|
+[openssl:rosubdir]
|
||
|
+Failed to save FILE:${tmpdir}/rosubdir/sample.4096: need fs permissions.
|
||
|
+[openssl:rwsubdir]
|
||
|
+Failed to save FILE:${tmpdir}/rwsubdir/sample.4096: need fs permissions.
|
||
|
+Test complete.
|
||
|
diff --git a/tests/002-keygen-sql/run.sh b/tests/002-keygen-sql/run.sh
|
||
|
new file mode 100755
|
||
|
index 00000000..cd5bc978
|
||
|
--- /dev/null
|
||
|
+++ b/tests/002-keygen-sql/run.sh
|
||
|
@@ -0,0 +1,2 @@
|
||
|
+#!/bin/bash -e
|
||
|
+exec env scheme=sql: ../002-keygen/run.sh
|
||
|
diff --git a/tests/002-keygen/expected.out b/tests/002-keygen/expected.out
|
||
|
index ff56372a..dcd1af06 100644
|
||
|
--- a/tests/002-keygen/expected.out
|
||
|
+++ b/tests/002-keygen/expected.out
|
||
|
@@ -44,9 +44,9 @@ OK (RSA:4096 after RSA:4096).
|
||
|
keyi4096
|
||
|
keyi4096 (candidate (next))
|
||
|
[nss:rosubdir]
|
||
|
-Failed to save NSS:${tmpdir}/rosubdir: need fs permissions.
|
||
|
+Failed to save NSS:dbm:${tmpdir}/rosubdir: need fs permissions.
|
||
|
[nss:rwsubdir]
|
||
|
-Failed to save NSS:${tmpdir}/rwsubdir: need fs permissions.
|
||
|
+Failed to save NSS:dbm:${tmpdir}/rwsubdir: need fs permissions.
|
||
|
[openssl:1024]
|
||
|
OK.
|
||
|
OK (RSA:1024).
|
||
|
diff --git a/tests/002-keygen/run.sh b/tests/002-keygen/run.sh
|
||
|
index f550feeb..08af1523 100755
|
||
|
--- a/tests/002-keygen/run.sh
|
||
|
+++ b/tests/002-keygen/run.sh
|
||
|
@@ -2,15 +2,17 @@
|
||
|
|
||
|
cd "$tmpdir"
|
||
|
|
||
|
+scheme="${scheme:-dbm:}"
|
||
|
+
|
||
|
source "$srcdir"/functions
|
||
|
-initnssdb "$tmpdir"
|
||
|
+initnssdb "$scheme$tmpdir"
|
||
|
|
||
|
for size in 1024 1536 2048 3072 4096 ; do
|
||
|
echo "[nss:$size]"
|
||
|
# Generate a key.
|
||
|
cat > entry.$size <<- EOF
|
||
|
key_storage_type=NSSDB
|
||
|
- key_storage_location=$tmpdir
|
||
|
+ key_storage_location=$scheme$tmpdir
|
||
|
key_nickname=keyi$size
|
||
|
key_gen_size=$size
|
||
|
EOF
|
||
|
@@ -28,13 +30,13 @@ for size in 1024 1536 2048 3072 4096 ; do
|
||
|
# Extract the marker.
|
||
|
marker=`grep ^key_next_marker= entry.$size | cut -f2- -d=`
|
||
|
# Make sure we're clean.
|
||
|
- run_certutil -K -d "$tmpdir" | grep keyi$size | sed -e 's,.*keyi,keyi,' -e s,"${marker:-////////}","(next)",g | env LANG=C sort
|
||
|
+ run_certutil -K -d "$scheme$tmpdir" | grep keyi$size | sed -e 's,.*keyi,keyi,' -e s,"${marker:-////////}","(next)",g | env LANG=C sort
|
||
|
done
|
||
|
|
||
|
echo "[nss:rosubdir]"
|
||
|
cat > entry.$size <<- EOF
|
||
|
key_storage_type=NSSDB
|
||
|
-key_storage_location=$tmpdir/rosubdir
|
||
|
+key_storage_location=$scheme$tmpdir/rosubdir
|
||
|
key_nickname=keyi$size
|
||
|
key_gen_size=$size
|
||
|
EOF
|
||
|
@@ -43,7 +45,7 @@ $toolsdir/keygen entry.$size || true
|
||
|
echo "[nss:rwsubdir]"
|
||
|
cat > entry.$size <<- EOF
|
||
|
key_storage_type=NSSDB
|
||
|
-key_storage_location=$tmpdir/rwsubdir
|
||
|
+key_storage_location=$scheme$tmpdir/rwsubdir
|
||
|
key_nickname=keyi$size
|
||
|
key_gen_size=$size
|
||
|
EOF
|
||
|
--
|
||
|
2.15.1
|
||
|
|