/usr/src/suites/security/kmf/tests/kmfcfg/kmfcfg_create_003.ksh
Korn Shell | 300 lines | 214 code | 25 blank | 61 comment | 11 complexity | f9ed0ef1647a6953434a893da50118f8 MD5 | raw file
Possible License(s): MPL-2.0-no-copyleft-exception
- #! /usr/bin/ksh -p
- #
- # CDDL HEADER START
- #
- # The contents of this file are subject to the terms of the
- # Common Development and Distribution License (the "License").
- # You may not use this file except in compliance with the License.
- #
- # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
- # or http://www.opensolaris.org/os/licensing.
- # See the License for the specific language governing permissions
- # and limitations under the License.
- #
- # When distributing Covered Code, include this CDDL HEADER in each
- # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
- # If applicable, add the following below this CDDL HEADER, with the
- # fields enclosed by brackets "[]" replaced with your own identifying
- # information: Portions Copyright [yyyy] [name of copyright owner]
- #
- # CDDL HEADER END
- #
- #
- # Copyright 2006 Sun Microsystems, Inc. All rights reserved.
- # Use is subject to license terms.
- #
- # ident "%Z%%M% %I% %E% SMI"
- #
- #########################################################################
- #
- # start __stf_assertion__
- #
- # ASSERTION: kmfcfg_create_003
- #
- # DESCRIPTION:
- #
- # Verify:
- # "kmfcfg create" with appropriate options can create policies with
- # CRL verification method.
- #
- # STRATEGY:
- #
- # 1) Backup test.xml to test.xml.bak
- # 2) Run "kmfcfg create dbfile=test.xml policy=testpolicy" with crl
- # options and save the output to a temp variable
- # 3) Check the return value of command
- # 4) Verify the new policy with "kmfcfg list dbfile=test.xml policy=testpolicy"
- # 5) Restore the test.xml to the original one
- # 6) Repeat 2),3),4),5) for create subcommand with different crl options
- #
- # INTERFACE: kmfcfg
- #
- # end __stf_assertion__
- #
- #########################################################################
- . ${STF_TOOLS}/include/stf.kshlib
- . ${STF_TOOLS}/contrib/include/jnl.kshlib
- description() {
- cat <<-EOF
- Verify:
- "kmfcfg create" with appropriate options can create policies with
- CRL verification method.
- EOF
- }
- jnl_assertion "$( description )" "kmfcfg create"
- test_db="/var/tmp/test.xml"
- cmd="/usr/bin/kmfcfg"
- common_options="create dbfile=$test_db policy=testpolicy ignore-trust-anchor=true"
- list_options="list dbfile=$test_db policy=testpolicy"
- set -A cmd_args \
- "crl-get-crl-uri=true crl-proxy=webcache.sfbay:8080" \
- "crl-basefilename=testcrl.pem crl-directory=/var/tmp" \
- "crl-basefilename=testcrl.pem crl-ignore-crl-sign=true" \
- "crl-basefilename=testcrl.pem crl-ignore-crl-date=true" \
- # Back up test.xml
- jnl_progress "Backup the original dbfile test.xml"
- cp $test_db test.xml.bak
- e=$?
- if [[ $e -ne 0 ]]; then
- jnl_diagnostic "Backup test dbfile" "0" $e "STF_UNRESOLVED"
- rm -f test.xml.bak
- exit $STF_UNRESOLVED
- fi
- output=""
- ##########################Create cmd_args[0] BEGIN#########################################
- jnl_progress "$cmd $common_options ${cmd_args[0]}"
- output=$($cmd $common_options ${cmd_args[0]})
- e=$?
- if [[ $e -ne 0 ]]; then
- jnl_diagnostic "$cmd $common_options ${cmd_args[0]} $output" 0 $e "STF_FAIL"
- jnl_result $STF_FAIL
- cp test.xml.bak $test_db
- rm -f test.xml.bak
- exit $STF_FAIL
- fi
- jnl_progress "$cmd $list_options"
- $cmd $list_options > result.$$
- e=$?
- if [[ $e -ne 0 ]]; then
- jnl_diagnostic "$cmd $list_options" 0 $e "STF_UNRESOLVED"
- jnl_result $STF_UNRESOLVED
- cp test.xml.bak $test_db
- rm -f test.xml.bak
- rm -f result.$$
- exit $STF_UNRESOLVED
- fi
- grep 'Download and cache CRL: true' result.$$ && \
- grep 'Proxy: webcache.sfbay:8080' result.$$
- e=$?
- if [[ $e -ne 0 ]]; then
- jnl_error "Can't find policy from test.xml"
- jnl_result $STF_FAIL
- cp test.xml.bak $test_db
- rm -f test.xml.bak
- rm -f result.$$
- exit $STF_FAIL
- fi
- # Restore test dbfile
- cp test.xml.bak $test_db
- e=$?
- if [[ $e -ne 0 ]]; then
- jnl_diagnostic "Restore test dbfile" "0" $e "STF_UNRESOLVED"
- rm -f test.xml.bak
- rm -f result.$$
- exit $STF_UNRESOLVED
- fi
- ##########################Create cmd_args[0] END###########################################
- ##########################Create cmd_args[1] BEGIN#########################################
- jnl_progress "$cmd $common_options ${cmd_args[1]}"
- output=$($cmd $common_options ${cmd_args[1]})
- e=$?
- if [[ $e -ne 0 ]]; then
- jnl_diagnostic "$cmd $common_options ${cmd_args[1]} $output" 0 $e "STF_FAIL"
- jnl_result $STF_FAIL
- cp test.xml.bak $test_db
- rm -f test.xml.bak
- exit $STF_FAIL
- fi
- jnl_progress "$cmd $list_options"
- $cmd $list_options > result.$$
- e=$?
- if [[ $e -ne 0 ]]; then
- jnl_diagnostic "$cmd $list_options" 0 $e "STF_UNRESOLVED"
- jnl_result $STF_UNRESOLVED
- cp test.xml.bak $test_db
- rm -f test.xml.bak
- rm -f result.$$
- exit $STF_UNRESOLVED
- fi
- grep 'Base filename: testcrl.pem' result.$$ && \
- grep 'Directory: /var/tmp' result.$$
- e=$?
- if [[ $e -ne 0 ]]; then
- jnl_error "Can't find policy from test.xml"
- jnl_result $STF_FAIL
- cp test.xml.bak $test_db
- rm -f test.xml.bak
- rm -f result.$$
- exit $STF_FAIL
- fi
- # Restore test dbfile
- cp test.xml.bak $test_db
- e=$?
- if [[ $e -ne 0 ]]; then
- jnl_diagnostic "Restore test dbfile" "0" $e "STF_UNRESOLVED"
- rm -f test.xml.bak
- rm -f result.$$
- exit $STF_UNRESOLVED
- fi
- ##########################Create cmd_args[1] END###########################################
- ##########################Create cmd_args[2] BEGIN#########################################
- jnl_progress "$cmd $common_options ${cmd_args[2]}"
- output=$($cmd $common_options ${cmd_args[2]})
- e=$?
- if [[ $e -ne 0 ]]; then
- jnl_diagnostic "$cmd $common_options ${cmd_args[2]} $output" 0 $e "STF_FAIL"
- jnl_result $STF_FAIL
- cp test.xml.bak $test_db
- rm -f test.xml.bak
- rm -f result.$$
- exit $STF_FAIL
- fi
- jnl_progress "$cmd $list_options"
- $cmd $list_options > result.$$
- e=$?
- if [[ $e -ne 0 ]]; then
- jnl_diagnostic "$cmd $list_options" 0 $e "STF_UNRESOLVED"
- jnl_result $STF_UNRESOLVED
- cp test.xml.bak $test_db
- rm -f test.xml.bak
- rm -f result.$$
- exit $STF_UNRESOLVED
- fi
- grep 'Base filename: testcrl.pem' result.$$ && \
- grep 'Ignore CRL signature: true' result.$$
- e=$?
- if [[ $e -ne 0 ]]; then
- jnl_error "Can't find policy from test.xml"
- jnl_result $STF_FAIL
- cp test.xml.bak $test_db
- rm -f test.xml.bak
- rm -f result.$$
- exit $STF_FAIL
- fi
- # Restore test dbfile
- cp test.xml.bak $test_db
- e=$?
- if [[ $e -ne 0 ]]; then
- jnl_diagnostic "Restore test dbfile" "0" $e "STF_UNRESOLVED"
- rm -f test.xml.bak
- rm -f result.$$
- exit $STF_UNRESOLVED
- fi
- ##########################Create cmd_args[2] END###########################################
- ##########################Create cmd_args[3] BEGIN#########################################
- jnl_progress "$cmd $common_options ${cmd_args[3]}"
- output=$($cmd $common_options ${cmd_args[3]})
- e=$?
- if [[ $e -ne 0 ]]; then
- jnl_diagnostic "$cmd $common_options ${cmd_args[3]} $output" 0 $e "STF_FAIL"
- jnl_result $STF_FAIL
- cp test.xml.bak $test_db
- rm -f test.xml.bak
- rm -f result.$$
- exit $STF_FAIL
- fi
- jnl_progress "$cmd $list_options"
- $cmd $list_options > result.$$
- e=$?
- if [[ $e -ne 0 ]]; then
- jnl_diagnostic "$cmd $list_options" 0 $e "STF_UNRESOLVED"
- jnl_result $STF_UNRESOLVED
- cp test.xml.bak $test_db
- rm -f test.xml.bak
- rm -f result.$$
- exit $STF_UNRESOLVED
- fi
- grep 'Base filename: testcrl.pem' result.$$ && \
- grep 'Ignore CRL validity date: true' result.$$
- e=$?
- if [[ $e -ne 0 ]]; then
- jnl_error "Can't find policy from test.xml"
- jnl_result $STF_FAIL
- cp test.xml.bak $test_db
- rm -f test.xml.bak
- rm -f result.$$
- exit $STF_FAIL
- fi
- # Restore test dbfile
- cp test.xml.bak $test_db
- e=$?
- if [[ $e -ne 0 ]]; then
- jnl_diagnostic "Restore test dbfile" "0" $e "STF_UNRESOLVED"
- rm -f test.xml.bak
- rm -f result.$$
- exit $STF_UNRESOLVED
- fi
- ##########################Create cmd_args[3] END###########################################
- rm -f result.$$
- rm -f test.xml.bak
- jnl_result $STF_PASS
- exit $STF_PASS