5 printf "Initializing tests ...\n"
7 OPENSSL_PEM
="$(mktemp)"
8 OPENSSL_DER
="$(mktemp)"
10 NONCE
=$
(dd if=/dev
/urandom bs
=1 count
=4 2>/dev
/null |
hexdump -e '1/1 "%02x"')
11 SUBJECT
=/C
="ZZ"/ST
="Somewhere"/L
="None"/O
="OpenWrt'$NONCE'"/CN
="OpenWrt"
13 openssl req
-x509 -nodes -days 1 -keyout /dev
/null
2>/dev
/null \
14 -out "$OPENSSL_PEM" -subj "$SUBJECT" \
15 ||
( printf "error: generating PEM certificate with openssl"; return 1)
16 openssl req
-x509 -nodes -days 1 -keyout /dev
/null
2>/dev
/null \
17 -out "$OPENSSL_DER" -outform der
-subj "$SUBJECT" \
18 ||
( printf "error: generating DER certificate with openssl"; return 1)
25 [ "${PRINT_PASSED}" -gt 0 ] \
26 && printf "%-72s%-1s\n" "$1" ">/dev/null (-> $2?) passed."
28 printf "%-72s%-1s\n" "$1" ">/dev/null (-> $2?) failed!!!"
29 [ "${PRINT_PASSED}" -gt 1 ] && exit 1
34 [ "$PRINT_PASSED" -gt 0 ] && printf "\nTesting openssl itself ...\n"
36 [ "$PRINT_PASSED" -gt 1 ] && printf " * right PEM:\n"
37 test 'cat "$OPENSSL_PEM" | openssl x509 -checkend 0 ' 0
38 test 'cat "$OPENSSL_PEM" | openssl x509 -checkend 86300 ' 0
39 test 'cat "$OPENSSL_PEM" | openssl x509 -checkend 86400 ' 1
41 [ "$PRINT_PASSED" -gt 1 ] && printf " * right DER:\n"
42 test 'cat "$OPENSSL_DER" | openssl x509 -checkend 0 -inform der ' 0
43 test 'cat "$OPENSSL_DER" | openssl x509 -checkend 86300 -inform der ' 0
44 test 'cat "$OPENSSL_DER" | openssl x509 -checkend 86400 -inform der ' 1
46 [ "$PRINT_PASSED" -gt 1 ] && printf " * wrong:\n"
47 test 'cat "$OPENSSL_PEM" | openssl x509 -checkend 0 -inform der 2>/dev/null' 1
48 test 'cat "$OPENSSL_DER" | openssl x509 -checkend 0 2>/dev/null' 1
51 [ "$PRINT_PASSED" -gt 0 ] && printf "\nTesting px5g checkend ...\n"
53 [ "$PRINT_PASSED" -gt 1 ] && printf " * right PEM:\n"
54 test 'cat "$OPENSSL_PEM" | ./px5g checkend 0 ' 0
55 test 'cat "$OPENSSL_PEM" | ./px5g checkend 86300 ' 0
56 test 'cat "$OPENSSL_PEM" | ./px5g checkend 86400 ' 1
58 [ "$PRINT_PASSED" -gt 1 ] && printf " * right DER:\n"
59 test 'cat "$OPENSSL_DER" | ./px5g checkend -der 0 ' 0
60 test 'cat "$OPENSSL_DER" | ./px5g checkend -der 86300 ' 0
61 test 'cat "$OPENSSL_DER" | ./px5g checkend -der 86400 ' 1
63 [ "$PRINT_PASSED" -gt 1 ] && printf " * in option:\n"
64 test 'cat "$OPENSSL_DER" | ./px5g checkend -in /proc/self/fd/0 -der 0 ' 0
65 test 'cat "$OPENSSL_DER" | ./px5g checkend -der -in /proc/self/fd/0 99 ' 0
67 [ "$PRINT_PASSED" -gt 1 ] && printf " * wrong:\n"
68 test 'cat "$OPENSSL_PEM" | ./px5g checkend -der 0 2>/dev/null' 1
69 test 'cat "$OPENSSL_DER" | ./px5g checkend 0 2>/dev/null' 1
72 [ "$PRINT_PASSED" -gt 0 ] && printf "\nTesting px5g eckey ...\n"
74 [ "$PRINT_PASSED" -gt 1 ] && printf " * standard curves:\n"
75 test './px5g eckey P-256 | openssl ec -check 2>/dev/null' 0
76 test './px5g eckey P-384 | openssl ec -check 2>/dev/null' 0
77 test './px5g eckey secp384r1 | openssl ec -check 2>/dev/null' 0
78 test './px5g eckey secp256r1 | openssl ec -check 2>/dev/null' 0
79 test './px5g eckey secp256k1 | openssl ec -check 2>/dev/null' 0
81 [ "$PRINT_PASSED" -gt 1 ] && printf " * more curves:\n"
82 test './px5g eckey P-521 | openssl ec -check 2>/dev/null' 0
83 test './px5g eckey secp521r1 | openssl ec -check 2>/dev/null' 0
84 test './px5g eckey secp224r1 | openssl ec -check 2>/dev/null' 0
85 test './px5g eckey secp224k1 | openssl ec -check 2>/dev/null' 0
86 test './px5g eckey secp192r1 | openssl ec -check 2>/dev/null' 0
87 test './px5g eckey secp192k1 | openssl ec -check 2>/dev/null' 0
88 test './px5g eckey brainpoolP512r1 | openssl ec -check 2>/dev/null' 0
89 test './px5g eckey brainpoolP384r1 | openssl ec -check 2>/dev/null' 0
90 test './px5g eckey brainpoolP256r1 | openssl ec -check 2>/dev/null' 0
92 [ "$PRINT_PASSED" -gt 1 ] && printf " * other options:\n"
93 test './px5g eckey -out /proc/self/fd/1 | openssl ec -check 2>/dev/null' 0
94 test './px5g eckey -der | openssl ec -check -inform der 2>/dev/null' 0
97 [ "$PRINT_PASSED" -gt 0 ] && printf "\nTesting px5g rsakey ...\n"
99 [ "$PRINT_PASSED" -gt 1 ] && printf " * standard exponent:\n"
100 test './px5g rsakey | openssl rsa -check 2>/dev/null' 0
101 test './px5g rsakey 512 | openssl rsa -check 2>/dev/null' 0
102 test './px5g rsakey 1024 | openssl rsa -check 2>/dev/null' 0
103 test './px5g rsakey 2048 | openssl rsa -check 2>/dev/null' 0
104 test './px5g rsakey 4096 | openssl rsa -check 2>/dev/null' 0
105 test './px5g rsakey 1111 | openssl rsa -check 2>/dev/null' 0
106 test './px5g rsakey 0 2>/dev/null' 1
108 [ "$PRINT_PASSED" -gt 1 ] && printf " * small exponent:\n"
109 test './px5g rsakey -3 | openssl rsa -check 2>/dev/null' 0
110 test './px5g rsakey -3 512 | openssl rsa -check 2>/dev/null' 0
111 test './px5g rsakey -3 1024 | openssl rsa -check 2>/dev/null' 0
112 test './px5g rsakey -3 2048 | openssl rsa -check 2>/dev/null' 0
113 test './px5g rsakey -3 4096 | openssl rsa -check 2>/dev/null' 0
114 test './px5g rsakey -3 1111 | openssl rsa -check 2>/dev/null' 0
115 test './px5g rsakey -3 0 2>/dev/null' 1
117 [ "$PRINT_PASSED" -gt 1 ] && printf " * other options:\n"
118 test './px5g rsakey -out /proc/self/fd/1 | openssl rsa -check 2>/dev/null' 0
119 test './px5g rsakey -der | openssl rsa -check -inform der 2>/dev/null' 0
122 [ "$PRINT_PASSED" -gt 0 ] && printf "\nTesting px5g selfsigned ...\n"
124 test './px5g selfsigned -der | openssl x509 -checkend 0 -inform der ' 0
125 test './px5g selfsigned -days 1 | openssl x509 -checkend 0 ' 0
126 test './px5g selfsigned -days 1 | openssl x509 -checkend 86300' 0
127 test './px5g selfsigned -days 1 | openssl x509 -checkend 86400' 1
128 test './px5g selfsigned -out /proc/self/fd/1 | openssl x509 -checkend 0 ' 0
129 test './px5g selfsigned -newkey rsa:666 | openssl x509 -checkend 0 ' 0
130 test './px5g selfsigned -newkey ec | openssl x509 -checkend 0 ' 0
131 test './px5g selfsigned -newkey ec -pkeyopt ec_paramgen_curve:secp384r1 \
132 | openssl x509 -checkend 0 ' 0
133 test './px5g selfsigned -subj $SUBJECT | openssl x509 -noout \
134 -subject -nameopt compat | grep -q subject=$SUBJECT 2>/dev/null' 0
135 test './px5g selfsigned -out /dev/null -keyout /proc/self/fd/1 \
136 | openssl rsa -check 2>/dev/null ' 0
139 rm "$OPENSSL_PEM" "$OPENSSL_DER"