зеркало из https://github.com/mozilla/gecko-dev.git
157 строки
5.0 KiB
Bash
Executable File
157 строки
5.0 KiB
Bash
Executable File
#! /bin/bash
|
|
#
|
|
# This Source Code Form is subject to the terms of the Mozilla Public
|
|
# License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
|
|
########################################################################
|
|
#
|
|
# mozilla/security/nss/tests/cipher/cipher.sh
|
|
#
|
|
# Script to test NSS ciphers
|
|
#
|
|
# needs to work on all Unix and Windows platforms
|
|
#
|
|
# special strings
|
|
# ---------------
|
|
# FIXME ... known problems, search for this string
|
|
# NOTE .... unexpected behavior
|
|
#
|
|
########################################################################
|
|
|
|
############################## cipher_init #############################
|
|
# local shell function to initialize this script
|
|
########################################################################
|
|
cipher_init()
|
|
{
|
|
SCRIPTNAME="cipher.sh"
|
|
if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for
|
|
CLEANUP="${SCRIPTNAME}" # cleaning this script will do it
|
|
fi
|
|
if [ -z "${INIT_SOURCED}" ] ; then
|
|
cd ../common
|
|
. ./init.sh
|
|
fi
|
|
SCRIPTNAME="cipher.sh"
|
|
html_head "Cipher Tests"
|
|
|
|
CIPHERDIR=${HOSTDIR}/cipher
|
|
CIPHERTESTDIR=${QADIR}/../cmd/bltest
|
|
GCMTESTDIR=${QADIR}/../cmd/pk11gcmtest
|
|
D_CIPHER="Cipher.$version"
|
|
|
|
CIPHER_TXT=${QADIR}/cipher/cipher.txt
|
|
GCM_TXT=${QADIR}/cipher/gcm.txt
|
|
|
|
mkdir -p ${CIPHERDIR}
|
|
|
|
cd ${CIPHERDIR}
|
|
P_CIPHER=.
|
|
if [ -n "${MULTIACCESS_DBM}" ]; then
|
|
P_CIPHER="multiaccess:${D_CIPHER}"
|
|
fi
|
|
}
|
|
|
|
############################## cipher_main #############################
|
|
# local shell function to test NSS ciphers
|
|
########################################################################
|
|
cipher_main()
|
|
{
|
|
while read EXP_RET PARAM TESTNAME
|
|
do
|
|
if [ -n "$EXP_RET" -a "$EXP_RET" != "#" ] ; then
|
|
PARAM=`echo $PARAM | sed -e "s/_-/ -/g"`
|
|
TESTNAME=`echo $TESTNAME | sed -e "s/_/ /g"`
|
|
echo "$SCRIPTNAME: $TESTNAME --------------------------------"
|
|
failedStr=""
|
|
inOff=0
|
|
res=0
|
|
while [ $inOff -lt 8 ]
|
|
do
|
|
outOff=0
|
|
while [ $outOff -lt 8 ]
|
|
do
|
|
echo "bltest -T -m $PARAM -d $CIPHERTESTDIR -1 $inOff -2 $outOff"
|
|
${PROFTOOL} ${BINDIR}/bltest${PROG_SUFFIX} -T -m $PARAM -d $CIPHERTESTDIR -1 $inOff -2 $outOff
|
|
if [ $? -ne 0 ]; then
|
|
failedStr="$failedStr[$inOff:$outOff]"
|
|
fi
|
|
outOff=`expr $outOff + 1`
|
|
done
|
|
inOff=`expr $inOff + 1`
|
|
done
|
|
if [ -n "$failedStr" ]; then
|
|
html_msg 1 $EXP_RET "$TESTNAME (Failed in/out offset pairs:" \
|
|
" $failedStr)"
|
|
else
|
|
html_msg $res $EXP_RET "$TESTNAME"
|
|
fi
|
|
fi
|
|
done < ${CIPHER_TXT}
|
|
}
|
|
|
|
############################## cipher_gcm #############################
|
|
# local shell function to test NSS AES GCM
|
|
########################################################################
|
|
cipher_gcm()
|
|
{
|
|
while read EXP_RET INPUT_FILE TESTNAME
|
|
do
|
|
if [ -n "$EXP_RET" -a "$EXP_RET" != "#" ] ; then
|
|
TESTNAME=`echo $TESTNAME | sed -e "s/_/ /g"`
|
|
echo "$SCRIPTNAME: $TESTNAME --------------------------------"
|
|
echo "pk11gcmtest aes kat gcm $GCMTESTDIR/tests/$INPUT_FILE"
|
|
${PROFTOOL} ${BINDIR}/pk11gcmtest aes kat gcm $GCMTESTDIR/tests/$INPUT_FILE
|
|
html_msg $? $EXP_RET "$TESTNAME"
|
|
fi
|
|
done < ${GCM_TXT}
|
|
}
|
|
|
|
###################### cipher_rsa_populate ############################
|
|
# Test the ability to reconstruct rsa private key reconstruction
|
|
# also test the PK11GenericObject interface
|
|
###################################################################
|
|
cipher_rsa_populate()
|
|
{
|
|
TESTNAME="RSA Reconstruct Private Keys Test"
|
|
echo "$SCRIPTNAME: $TESTNAME --------------------------------"
|
|
echo "rsapoptst -t all -r 10"
|
|
# skip e_d_q. It isn't reliable, and can return incorrect data. e_d_q should
|
|
# be turned off.
|
|
${PROFTOOL} ${BINDIR}/rsapoptst -t e_n_p,d_n_q,d_p_q,e_d_n -r 10
|
|
html_msg $? 0 "$TESTNAME"
|
|
}
|
|
|
|
############################## cipher_cleanup ############################
|
|
# local shell function to finish this script (no exit since it might be
|
|
# sourced)
|
|
########################################################################
|
|
cipher_cleanup()
|
|
{
|
|
html "</TABLE><BR>"
|
|
cd ${QADIR}
|
|
. common/cleanup.sh
|
|
}
|
|
|
|
################## main #################################################
|
|
|
|
# When building without softoken, bltest isn't built. It was already
|
|
# built and the cipher suite run as part of an nss-softoken build.
|
|
if [ ! -x ${DIST}/${OBJDIR}/bin/bltest${PROG_SUFFIX} ]; then
|
|
echo "bltest not built, skipping this test." >> ${LOGFILE}
|
|
res=0
|
|
html_msg $res $EXP_RET "$TESTNAME"
|
|
return 0
|
|
fi
|
|
cipher_init
|
|
# Skip cipher_main if this an NSS without softoken build.
|
|
if [ "${NSS_BUILD_WITHOUT_SOFTOKEN}" != "1" ]; then
|
|
cipher_main
|
|
fi
|
|
# Skip cipher_gcm if this is a softoken only build.
|
|
if [ "${NSS_BUILD_SOFTOKEN_ONLY}" != "1" ]; then
|
|
cipher_gcm
|
|
cipher_rsa_populate
|
|
fi
|
|
cipher_cleanup
|