/usr/src/suites/security/kmf/tests/kmfcfg/kmfcfg_create_003.ksh

#! /usr/bin/ksh -p
#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License (the "License").
# You may not use this file except in compliance with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# or http://www.opensolaris.org/os/licensing.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#

#
# Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
# Use is subject to license terms.
#
# ident	"%Z%%M%	%I%	%E% SMI"
#

#########################################################################
#
# start __stf_assertion__
#
# ASSERTION: kmfcfg_create_003
#
# DESCRIPTION:
#	
#	Verify:
#	"kmfcfg create" with appropriate options can create policies with
#	CRL verification method.  
#
# STRATEGY:
#
#	1) Backup test.xml to test.xml.bak
#	2) Run "kmfcfg create dbfile=test.xml policy=testpolicy" with crl 
#	   options and save the output to a temp variable
#	3) Check the return value of command
#	4) Verify the new policy with "kmfcfg list dbfile=test.xml policy=testpolicy"
#	5) Restore the test.xml to the original one
#	6) Repeat 2),3),4),5) for create subcommand with different crl options 
#
# INTERFACE: kmfcfg
#
# end __stf_assertion__
#
#########################################################################

. ${STF_TOOLS}/include/stf.kshlib

. ${STF_TOOLS}/contrib/include/jnl.kshlib

description() {
	cat <<-EOF
	Verify: 
	"kmfcfg create" with appropriate options can create policies with
	CRL verification method.
	EOF
}

jnl_assertion "$( description )" "kmfcfg create"

test_db="/var/tmp/test.xml"
cmd="/usr/bin/kmfcfg"
common_options="create dbfile=$test_db policy=testpolicy ignore-trust-anchor=true"
list_options="list dbfile=$test_db policy=testpolicy"
set -A cmd_args \
	"crl-get-crl-uri=true crl-proxy=webcache.sfbay:8080" \
	"crl-basefilename=testcrl.pem crl-directory=/var/tmp" \
	"crl-basefilename=testcrl.pem crl-ignore-crl-sign=true" \
	"crl-basefilename=testcrl.pem crl-ignore-crl-date=true" \


# Back up test.xml
jnl_progress "Backup the original dbfile test.xml"
cp $test_db test.xml.bak
e=$?
if [[ $e -ne 0 ]]; then
	jnl_diagnostic "Backup test dbfile" "0" $e "STF_UNRESOLVED"
	rm -f test.xml.bak
	exit $STF_UNRESOLVED
fi

output=""

##########################Create cmd_args[0] BEGIN#########################################
jnl_progress "$cmd $common_options ${cmd_args[0]}"

output=$($cmd $common_options ${cmd_args[0]})
e=$?
if [[ $e -ne 0 ]]; then
	jnl_diagnostic "$cmd $common_options ${cmd_args[0]} $output" 0 $e "STF_FAIL"
	jnl_result $STF_FAIL
	cp test.xml.bak $test_db
	rm -f test.xml.bak
	exit $STF_FAIL
fi

jnl_progress "$cmd $list_options"

$cmd $list_options > result.$$
e=$?
if [[ $e -ne 0 ]]; then
	jnl_diagnostic "$cmd $list_options" 0 $e "STF_UNRESOLVED"
	jnl_result $STF_UNRESOLVED
	cp test.xml.bak $test_db
	rm -f test.xml.bak
	rm -f result.$$
	exit $STF_UNRESOLVED
fi

grep 'Download and cache CRL: true' result.$$ && \
	grep 'Proxy: webcache.sfbay:8080' result.$$
e=$?
if [[ $e -ne 0 ]]; then
	jnl_error "Can't find policy from test.xml"
	jnl_result $STF_FAIL
	cp test.xml.bak $test_db
	rm -f test.xml.bak
	rm -f result.$$
	exit $STF_FAIL
fi

# Restore test dbfile
cp test.xml.bak $test_db
e=$?
if [[ $e -ne 0 ]]; then
	jnl_diagnostic "Restore test dbfile" "0" $e "STF_UNRESOLVED"
	rm -f test.xml.bak
	rm -f result.$$
	exit $STF_UNRESOLVED
fi

##########################Create cmd_args[0] END###########################################

##########################Create cmd_args[1] BEGIN#########################################
jnl_progress "$cmd $common_options ${cmd_args[1]}"

output=$($cmd $common_options ${cmd_args[1]})
e=$?
if [[ $e -ne 0 ]]; then
	jnl_diagnostic "$cmd $common_options ${cmd_args[1]} $output" 0 $e "STF_FAIL"
	jnl_result $STF_FAIL
	cp test.xml.bak $test_db
	rm -f test.xml.bak
	exit $STF_FAIL
fi

jnl_progress "$cmd $list_options"

$cmd $list_options > result.$$
e=$?
if [[ $e -ne 0 ]]; then
	jnl_diagnostic "$cmd $list_options" 0 $e "STF_UNRESOLVED"
	jnl_result $STF_UNRESOLVED
	cp test.xml.bak $test_db
	rm -f test.xml.bak
	rm -f result.$$
	exit $STF_UNRESOLVED
fi

grep 'Base filename: testcrl.pem' result.$$ && \
	grep 'Directory: /var/tmp' result.$$
e=$?
if [[ $e -ne 0 ]]; then
	jnl_error "Can't find policy from test.xml"
	jnl_result $STF_FAIL
	cp test.xml.bak $test_db
	rm -f test.xml.bak
	rm -f result.$$
	exit $STF_FAIL
fi

# Restore test dbfile
cp test.xml.bak $test_db
e=$?
if [[ $e -ne 0 ]]; then
	jnl_diagnostic "Restore test dbfile" "0" $e "STF_UNRESOLVED"
	rm -f test.xml.bak
	rm -f result.$$
	exit $STF_UNRESOLVED
fi

##########################Create cmd_args[1] END###########################################

##########################Create cmd_args[2] BEGIN#########################################
jnl_progress "$cmd $common_options ${cmd_args[2]}"

output=$($cmd $common_options ${cmd_args[2]})
e=$?
if [[ $e -ne 0 ]]; then
	jnl_diagnostic "$cmd $common_options ${cmd_args[2]} $output" 0 $e "STF_FAIL"
	jnl_result $STF_FAIL
	cp test.xml.bak $test_db
	rm -f test.xml.bak
	rm -f result.$$
	exit $STF_FAIL
fi

jnl_progress "$cmd $list_options"

$cmd $list_options > result.$$
e=$?
if [[ $e -ne 0 ]]; then
	jnl_diagnostic "$cmd $list_options" 0 $e "STF_UNRESOLVED"
	jnl_result $STF_UNRESOLVED
	cp test.xml.bak $test_db
	rm -f test.xml.bak
	rm -f result.$$
	exit $STF_UNRESOLVED
fi

grep 'Base filename: testcrl.pem' result.$$ && \
	grep 'Ignore CRL signature: true' result.$$
e=$?
if [[ $e -ne 0 ]]; then
	jnl_error "Can't find policy from test.xml"
	jnl_result $STF_FAIL
	cp test.xml.bak $test_db
	rm -f test.xml.bak
	rm -f result.$$
	exit $STF_FAIL
fi

# Restore test dbfile
cp test.xml.bak $test_db
e=$?
if [[ $e -ne 0 ]]; then
	jnl_diagnostic "Restore test dbfile" "0" $e "STF_UNRESOLVED"
	rm -f test.xml.bak
	rm -f result.$$
	exit $STF_UNRESOLVED
fi

##########################Create cmd_args[2] END###########################################

##########################Create cmd_args[3] BEGIN#########################################
jnl_progress "$cmd $common_options ${cmd_args[3]}"

output=$($cmd $common_options ${cmd_args[3]})
e=$?
if [[ $e -ne 0 ]]; then
	jnl_diagnostic "$cmd $common_options ${cmd_args[3]} $output" 0 $e "STF_FAIL"
	jnl_result $STF_FAIL
	cp test.xml.bak $test_db
	rm -f test.xml.bak
	rm -f result.$$
	exit $STF_FAIL
fi

jnl_progress "$cmd $list_options"

$cmd $list_options > result.$$
e=$?
if [[ $e -ne 0 ]]; then
	jnl_diagnostic "$cmd $list_options" 0 $e "STF_UNRESOLVED"
	jnl_result $STF_UNRESOLVED
	cp test.xml.bak $test_db
	rm -f test.xml.bak
	rm -f result.$$
	exit $STF_UNRESOLVED
fi

grep 'Base filename: testcrl.pem' result.$$ && \
	grep 'Ignore CRL validity date: true' result.$$
e=$?
if [[ $e -ne 0 ]]; then
	jnl_error "Can't find policy from test.xml"
	jnl_result $STF_FAIL
	cp test.xml.bak $test_db
	rm -f test.xml.bak
	rm -f result.$$
	exit $STF_FAIL
fi

# Restore test dbfile
cp test.xml.bak $test_db
e=$?
if [[ $e -ne 0 ]]; then
	jnl_diagnostic "Restore test dbfile" "0" $e "STF_UNRESOLVED"
	rm -f test.xml.bak
	rm -f result.$$
	exit $STF_UNRESOLVED
fi

##########################Create cmd_args[3] END###########################################

rm -f result.$$
rm -f test.xml.bak
jnl_result $STF_PASS
exit $STF_PASS