PageRenderTime 55ms CodeModel.GetById 16ms RepoModel.GetById 1ms app.codeStats 0ms

/usr/src/suites/security/kmf/tests/kmfcfg/kmfcfg_create_002.ksh

https://bitbucket.org/illumos/illumos-stc
Korn Shell | 404 lines | 307 code | 33 blank | 64 comment | 14 complexity | c5dc84001dbde86abae6f508ec55beb8 MD5 | raw file
Possible License(s): MPL-2.0-no-copyleft-exception 
    

  1. #! /usr/bin/ksh -p
    2. 

  2. #
    3. 

  3. # CDDL HEADER START
    4. 

  4. #
    5. 

  5. # The contents of this file are subject to the terms of the
    6. 

  6. # Common Development and Distribution License (the "License").
    7. 

  7. # You may not use this file except in compliance with the License.
    8. 

  8. #
    9. 

  9. # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
    10. 

  10. # or http://www.opensolaris.org/os/licensing.
    11. 

  11. # See the License for the specific language governing permissions
    12. 

  12. # and limitations under the License.
    13. 

  13. #
    14. 

  14. # When distributing Covered Code, include this CDDL HEADER in each
    15. 

  15. # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
    16. 

  16. # If applicable, add the following below this CDDL HEADER, with the
    17. 

  17. # fields enclosed by brackets "[]" replaced with your own identifying
    18. 

  18. # information: Portions Copyright [yyyy] [name of copyright owner]
    19. 

  19. #
    20. 

  20. # CDDL HEADER END
    21. 

  21. #
    22. 

  22. 

  23. #
    24. 

  24. # Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
    25. 

  25. # Use is subject to license terms.
    26. 

  26. #
    27. 

  27. # ident	"%Z%%M%	%I%	%E% SMI"
    28. 

  28. #
    29. 

  29. 

  30. #########################################################################
    31. 

  31. #
    32. 

  32. # start __stf_assertion__
    33. 

  33. #
    34. 

  34. # ASSERTION: kmfcfg_create_002
    35. 

  35. #
    36. 

  36. # DESCRIPTION:
    37. 

  37. #	
    38. 

  38. #	Verify:
    39. 

  39. #	"kmfcfg create" with appropriate options can create policies with
    40. 

  40. #	OCSP verification method.  
    41. 

  41. #
    42. 

  42. # STRATEGY:
    43. 

  43. #
    44. 

  44. #	1) Backup test.xml to test.xml.bak
    45. 

  45. #	2) Run "kmfcfg create dbfile=test.xml policy=testpolicy" with ocsp 
    46. 

  46. #	   options and save the output to a temp variable
    47. 

  47. #	3) Check the return value of command
    48. 

  48. #	4) Verify the new policy with "kmfcfg list dbfile=test.xml policy=testpolicy"
    49. 

  49. #	5) Restore the test.xml to the original one
    50. 

  50. #	6) Repeat 2),3),4),5) for create subcommand with different ocsp options 
    51. 

  51. #
    52. 

  52. # INTERFACE: kmfcfg
    53. 

  53. #
    54. 

  54. # end __stf_assertion__
    55. 

  55. #
    56. 

  56. #########################################################################
    57. 

  57. 

  58. . ${STF_TOOLS}/include/stf.kshlib
    59. 

  59. 

  60. . ${STF_TOOLS}/contrib/include/jnl.kshlib
    61. 

  61. 

  62. description() {
    63. 

  63. 	cat <<-EOF
    64. 

  64. 	Verify: 
    65. 

  65. 	"kmfcfg create" with appropriate options can create policies with
    66. 

  66. 	OCSP verification method.
    67. 

  67. 	EOF
    68. 

  68. }
    69. 

  69. 

  70. jnl_assertion "$( description )" "kmfcfg create"
    71. 

  71. 

  72. test_db="/var/tmp/test.xml"
    73. 

  73. cmd="/usr/bin/kmfcfg"
    74. 

  74. common_options="create dbfile=$test_db policy=testpolicy ignore-trust-anchor=true"
    75. 

  75. list_options="list dbfile=$test_db policy=testpolicy"
    76. 

  76. issuer_dn="O=Sun Microsytems Inc., OU=Solaris Qe Ops, L=Beijing, ST=Beijing, \
    77. 

  77. C=PR, CN=Eddie Luo"
    78. 

    79. 

  79. set -A cmd_args \
    80. 

  80. 	"ocsp-use-cert-responder=true" \
    81. 

  81. 	"ocsp-responder=http://ocsp.verisign.com/ocsp/status" \
    82. 

  82. 	"ocsp-responder=http://ocsp.verisign.com/ocsp/status ocsp-proxy=webcache.sfbay:8080" \
    83. 

  83. 	"ocsp-use-cert-responder=true ocsp-ignore-response-sign=true" \
    84. 

  84. 	"ocsp-use-cert-responder=true ocsp-response-lifetime=12-hour" \
    85. 

  85. 	"ocsp-use-cert-responder=true ocsp-responder-cert-name=\"$issuer_dn\" ocsp-responder-cert-serial=0303"
    86. 

  86. 

  87. # Back up test.xml
    88. 

  88. jnl_progress "Backup the original dbfile test.xml"
    89. 

  89. cp $test_db test.xml.bak
    90. 

  90. 

  91. e=$?
    92. 

  92. if [[ $e -ne 0 ]]; then
    93. 

  93. 	jnl_diagnostic "Backup test dbfile" "0" $e "STF_UNRESOLVED"
    94. 

  94. 	rm -f test.xml.bak
    95. 

  95. 	exit $STF_UNRESOLVED
    96. 

  96. fi
    97. 

  97. 

  98. output=""
    99. 

  99. 

  100. ##########################Create cmd_args[0] BEGIN#########################################
    101. 

  101. jnl_progress "$cmd $common_options ${cmd_args[0]}"
    102. 

  102. 

  103. output=$(ksh -c "$cmd $common_options ${cmd_args[0]}")
    104. 

  104. e=$?
    105. 

  105. if [[ $e -ne 0 ]]; then
    106. 

  106. 	jnl_diagnostic "$cmd $common_options ${cmd_args[0]} $output" 0 $e "STF_FAIL"
    107. 

  107. 	jnl_result $STF_FAIL
    108. 

  108. 	cp test.xml.bak $test_db
    109. 

  109. 	rm -f test.xml.bak
    110. 

  110. 	exit $STF_FAIL
    111. 

  111. fi
    112. 

  112. 

  113. jnl_progress "$cmd $list_options"
    114. 

  114. 

  115. $cmd $list_options > result.$$
    116. 

  116. e=$?
    117. 

  117. if [[ $e -ne 0 ]]; then
    118. 

  118. 	jnl_diagnostic "$cmd $list_options" 0 $e "STF_UNRESOLVED"
    119. 

  119. 	jnl_result $STF_UNRESOLVED
    120. 

  120. 	cat result.$$
    121. 

  121. 	cp test.xml.bak $test_db
    122. 

  122. 	rm -f test.xml.bak
    123. 

  123. 	rm -f result.$$
    124. 

  124. 	exit $STF_UNRESOLVED
    125. 

  125. fi
    126. 

  126. 

  127. grep 'Use ResponderURI from Certificate: true' result.$$
    128. 

  128. e=$?
    129. 

  129. if [[ $e -ne 0 ]]; then
    130. 

  130. 	jnl_error "Can't find policy from test.xml"
    131. 

  131. 	jnl_result $STF_FAIL
    132. 

  132. 	cp test.xml.bak $test_db
    133. 

  133. 	rm -f test.xml.bak
    134. 

  134. 	rm -f result.$$
    135. 

  135. 	exit $STF_FAIL
    136. 

  136. fi
    137. 

  137. 

  138. # Restore test dbfile
    139. 

  139. cp test.xml.bak $test_db
    140. 

  140. e=$?
    141. 

  141. if [[ $e -ne 0 ]]; then
    142. 

  142. 	jnl_diagnostic "Restore test dbfile" "0" $e "STF_UNRESOLVED"
    143. 

  143. 	rm -f test.xml.bak
    144. 

  144. 	rm -f result.$$
    145. 

  145. 	exit $STF_UNRESOLVED
    146. 

  146. fi
    147. 

  147. 

  148. ##########################Create cmd_args[0] END###########################################
    149. 

  149. 

  150. ##########################Create cmd_args[1] BEGIN#########################################
    151. 

  151. jnl_progress "$cmd $common_options ${cmd_args[1]}"
    152. 

  152. 

  153. output=$(ksh -c "$cmd $common_options ${cmd_args[1]}")
    154. 

  154. e=$?
    155. 

  155. if [[ $e -ne 0 ]]; then
    156. 

  156. 	jnl_diagnostic "$cmd $common_options ${cmd_args[1]} $output" 0 $e "STF_FAIL"
    157. 

  157. 	jnl_result $STF_FAIL
    158. 

  158. 	cp test.xml.bak $test_db
    159. 

  159. 	rm -f test.xml.bak
    160. 

  160. 	rm -f result.$$
    161. 

  161. 	exit $STF_FAIL
    162. 

  162. fi
    163. 

  163. 

  164. jnl_progress "$cmd $list_options"
    165. 

  165. 

  166. $cmd $list_options > result.$$
    167. 

  167. e=$?
    168. 

  168. if [[ $e -ne 0 ]]; then
    169. 

  169. 	jnl_diagnostic "$cmd $list_options" 0 $e "STF_UNRESOLVED"
    170. 

  170. 	jnl_result $STF_UNRESOLVED
    171. 

  171. 	cp test.xml.bak $test_db
    172. 

  172. 	rm -f test.xml.bak
    173. 

  173. 	rm -f result.$$
    174. 

  174. 	exit $STF_UNRESOLVED
    175. 

  175. fi
    176. 

  176. 

  177. grep 'Responder URI: http://ocsp.verisign.com/ocsp/status' result.$$
    178. 

  178. e=$?
    179. 

  179. if [[ $e -ne 0 ]]; then
    180. 

  180. 	jnl_error "Can't find policy from test.xml"
    181. 

  181. 	jnl_result $STF_FAIL
    182. 

  182. 	cp test.xml.bak $test_db
    183. 

  183. 	rm -f test.xml.bak
    184. 

  184. 	rm -f result.$$
    185. 

  185. 	exit $STF_FAIL
    186. 

  186. fi
    187. 

  187. 

  188. # Restore test dbfile
    189. 

  189. cp test.xml.bak $test_db
    190. 

  190. e=$?
    191. 

  191. if [[ $e -ne 0 ]]; then
    192. 

  192. 	jnl_diagnostic "Restore test dbfile" "0" $e "STF_UNRESOLVED"
    193. 

  193. 	rm -f test.xml.bak
    194. 

  194. 	rm -f result.$$
    195. 

  195. 	exit $STF_UNRESOLVED
    196. 

  196. fi
    197. 

  197. 

  198. ##########################Create cmd_args[1] END###########################################
    199. 

  199. 

  200. ##########################Create cmd_args[2] BEGIN#########################################
    201. 

  201. jnl_progress "$cmd $common_options ${cmd_args[2]}"
    202. 

  202. 

  203. output=$(ksh -c "$cmd $common_options ${cmd_args[2]}")
    204. 

  204. e=$?
    205. 

  205. if [[ $e -ne 0 ]]; then
    206. 

  206. 	jnl_diagnostic "$cmd $common_options ${cmd_args[2]} $output" 0 $e "STF_FAIL"
    207. 

  207. 	jnl_result $STF_FAIL
    208. 

  208. 	cp test.xml.bak $test_db
    209. 

  209. 	rm -f test.xml.bak
    210. 

  210. 	rm -f result.$$
    211. 

  211. 	exit $STF_FAIL
    212. 

  212. fi
    213. 

  213. 

  214. jnl_progress "$cmd $list_options"
    215. 

  215. 

  216. $cmd $list_options > result.$$
    217. 

  217. e=$?
    218. 

  218. if [[ $e -ne 0 ]]; then
    219. 

  219. 	jnl_diagnostic "$cmd $list_options" 0 $e "STF_UNRESOLVED"
    220. 

  220. 	jnl_result $STF_UNRESOLVED
    221. 

  221. 	cp test.xml.bak $test_db
    222. 

  222. 	rm -f test.xml.bak
    223. 

  223. 	rm -f result.$$
    224. 

  224. 	exit $STF_UNRESOLVED
    225. 

  225. fi
    226. 

  226. 

  227. grep 'Responder URI: http://ocsp.verisign.com/ocsp/status' result.$$ && \
    228. 

  228. 	grep 'Proxy: webcache.sfbay:8080' result.$$
    229. 

  229. e=$?
    230. 

  230. if [[ $e -ne 0 ]]; then
    231. 

  231. 	jnl_error "Can't find policy from test.xml"
    232. 

  232. 	jnl_result $STF_FAIL
    233. 

  233. 	cp test.xml.bak $test_db
    234. 

  234. 	rm -f test.xml.bak
    235. 

  235. 	rm -f result.$$
    236. 

  236. 	exit $STF_FAIL
    237. 

  237. fi
    238. 

  238. 

  239. # Restore test dbfile
    240. 

  240. cp test.xml.bak $test_db
    241. 

  241. e=$?
    242. 

  242. if [[ $e -ne 0 ]]; then
    243. 

  243. 	jnl_diagnostic "Restore test dbfile" "0" $e "STF_UNRESOLVED"
    244. 

  244. 	rm -f test.xml.bak
    245. 

  245. 	rm -f result.$$
    246. 

  246. 	exit $STF_UNRESOLVED
    247. 

  247. fi
    248. 

  248. 

  249. ##########################Create cmd_args[2] END###########################################
    250. 

  250. 

  251. ##########################Create cmd_args[3] BEGIN#########################################
    252. 

  252. jnl_progress "$cmd $common_options ${cmd_args[3]}"
    253. 

  253. 

  254. output=$(ksh -c "$cmd $common_options ${cmd_args[3]}")
    255. 

  255. e=$?
    256. 

  256. if [[ $e -ne 0 ]]; then
    257. 

  257. 	jnl_diagnostic "$cmd $common_options ${cmd_args[3]} $output" 0 $e "STF_FAIL"
    258. 

  258. 	jnl_result $STF_FAIL
    259. 

  259. 	cp test.xml.bak $test_db
    260. 

  260. 	rm -f test.xml.bak
    261. 

  261. 	rm -f result.$$
    262. 

  262. 	exit $STF_FAIL
    263. 

  263. fi
    264. 

  264. 

  265. jnl_progress "$cmd $list_options"
    266. 

  266. 

  267. $cmd $list_options > result.$$
    268. 

  268. e=$?
    269. 

  269. if [[ $e -ne 0 ]]; then
    270. 

  270. 	jnl_diagnostic "$cmd $list_options" 0 $e "STF_UNRESOLVED"
    271. 

  271. 	jnl_result $STF_UNRESOLVED
    272. 

  272. 	cp test.xml.bak $test_db
    273. 

  273. 	rm -f test.xml.bak
    274. 

  274. 	rm -f result.$$
    275. 

  275. 	exit $STF_UNRESOLVED
    276. 

  276. fi
    277. 

  277. 

  278. grep 'Ignore Response signature: true' result.$$
    279. 

  279. e=$?
    280. 

  280. if [[ $e -ne 0 ]]; then
    281. 

  281. 	jnl_error "Can't find policy from test.xml"
    282. 

  282. 	jnl_result $STF_FAIL
    283. 

  283. 	cp test.xml.bak $test_db
    284. 

  284. 	rm -f test.xml.bak
    285. 

  285. 	rm -f result.$$
    286. 

  286. 	exit $STF_FAIL
    287. 

  287. fi
    288. 

  288. 

  289. # Restore test dbfile
    290. 

  290. cp test.xml.bak $test_db
    291. 

  291. e=$?
    292. 

  292. if [[ $e -ne 0 ]]; then
    293. 

  293. 	jnl_diagnostic "Restore test dbfile" "0" $e "STF_UNRESOLVED"
    294. 

  294. 	rm -f test.xml.bak
    295. 

  295. 	rm -f result.$$
    296. 

  296. 	exit $STF_UNRESOLVED
    297. 

  297. fi
    298. 

  298. 

  299. ##########################Create cmd_args[3] END###########################################
    300. 

  300. 

  301. ##########################Create cmd_args[4] BEGIN#########################################
    302. 

  302. jnl_progress "$cmd $common_options ${cmd_args[4]}"
    303. 

  303. 

  304. output=$(ksh -c "$cmd $common_options ${cmd_args[4]}")
    305. 

  305. e=$?
    306. 

  306. if [[ $e -ne 0 ]]; then
    307. 

  307. 	jnl_diagnostic "$cmd $common_options ${cmd_args[4]} $output" 0 $e "STF_FAIL"
    308. 

  308. 	jnl_result $STF_FAIL
    309. 

  309. 	cp test.xml.bak $test_db
    310. 

  310. 	rm -f test.xml.bak
    311. 

  311. 	rm -f result.$$
    312. 

  312. 	exit $STF_FAIL
    313. 

  313. fi
    314. 

  314. 

  315. jnl_progress "$cmd $list_options"
    316. 

  316. 

  317. $cmd $list_options > result.$$
    318. 

  318. e=$?
    319. 

  319. if [[ $e -ne 0 ]]; then
    320. 

  320. 	jnl_diagnostic "$cmd $list_options" 0 $e "STF_UNRESOLVED"
    321. 

  321. 	jnl_result $STF_UNRESOLVED
    322. 

  322. 	cp test.xml.bak $test_db
    323. 

  323. 	rm -f test.xml.bak
    324. 

  324. 	rm -f result.$$
    325. 

  325. 	exit $STF_UNRESOLVED
    326. 

  326. fi
    327. 

  327. 

  328. grep 'Response lifetime: 12-hour' result.$$
    329. 

  329. e=$?
    330. 

  330. if [[ $e -ne 0 ]]; then
    331. 

  331. 	jnl_error "Can't find policy from test.xml"
    332. 

  332. 	jnl_result $STF_FAIL
    333. 

  333. 	cp test.xml.bak $test_db
    334. 

  334. 	rm -f test.xml.bak
    335. 

  335. 	rm -f result.$$
    336. 

  336. 	exit $STF_FAIL
    337. 

  337. fi
    338. 

  338. 

  339. # Restore test dbfile
    340. 

  340. cp test.xml.bak $test_db
    341. 

  341. e=$?
    342. 

  342. if [[ $e -ne 0 ]]; then
    343. 

  343. 	jnl_diagnostic "Restore test dbfile" "0" $e "STF_UNRESOLVED"
    344. 

  344. 	rm -f test.xml.bak
    345. 

  345. 	rm -f result.$$
    346. 

  346. 	exit $STF_UNRESOLVED
    347. 

  347. fi
    348. 

  348. 

  349. ##########################Create cmd_args[4] END###########################################
    350. 

  350. 

  351. ##########################Create cmd_args[5] BEGIN#########################################
    352. 

  352. jnl_progress "$cmd $common_options ${cmd_args[5]}"
    353. 

  353. 

  354. output=$(ksh -c "$cmd $common_options ${cmd_args[5]}")
    355. 

  355. e=$?
    356. 

  356. if [[ $e -ne 0 ]]; then
    357. 

  357. 	jnl_diagnostic "$cmd $common_options ${cmd_args[5]} $output" 0 $e "STF_FAIL"
    358. 

  358. 	jnl_result $STF_FAIL
    359. 

  359. 	cp test.xml.bak $test_db
    360. 

  360. 	rm -f test.xml.bak
    361. 

  361. 	rm -f result.$$
    362. 

  362. 	exit $STF_FAIL
    363. 

  363. fi
    364. 

  364. 

  365. jnl_progress "$cmd $list_options"
    366. 

  366. 

  367. $cmd $list_options > result.$$
    368. 

  368. e=$?
    369. 

  369. if [[ $e -ne 0 ]]; then
    370. 

  370. 	jnl_diagnostic "$cmd $list_options" 0 $e "STF_UNRESOLVED"
    371. 

  371. 	jnl_result $STF_UNRESOLVED
    372. 

  372. 	cp test.xml.bak $test_db
    373. 

  373. 	rm -f test.xml.bak
    374. 

  374. 	rm -f result.$$
    375. 

  375. 	exit $STF_UNRESOLVED
    376. 

  376. fi
    377. 

  377. 

  378. grep "$issuer_dn" result.$$ && grep 'Serial: 0303' result.$$
    379. 

  379. e=$?
    380. 

  380. if [[ $e -ne 0 ]]; then
    381. 

  381. 	jnl_error "Can't find policy from test.xml"
    382. 

  382. 	jnl_result $STF_FAIL
    383. 

  383. 	cp test.xml.bak $test_db
    384. 

  384. 	rm -f test.xml.bak
    385. 

  385. 	rm -f result.$$
    386. 

  386. 	exit $STF_FAIL
    387. 

  387. fi
    388. 

  388. 

  389. # Restore test dbfile
    390. 

  390. cp test.xml.bak $test_db
    391. 

  391. e=$?
    392. 

  392. if [[ $e -ne 0 ]]; then
    393. 

  393. 	jnl_diagnostic "Restore test dbfile" "0" $e "STF_UNRESOLVED"
    394. 

  394. 	rm -f test.xml.bak
    395. 

  395. 	rm -f result.$$
    396. 

  396. 	exit $STF_UNRESOLVED
    397. 

  397. fi
    398. 

  398. 

  399. ##########################Create cmd_args[5] END###########################################
    400. 

  400. 

  401. rm -f result.$$
    402. 

  402. rm -f test.xml.bak
    403. 

  403. jnl_result $STF_PASS
    404. 

  404. exit $STF_PASS
    405. 

  405.