external/subpack/net/nginx-util/src/test-px5g.sh - T108 - Gitiles

 #!/bin/sh

 PRINT_PASSED=2

 printf "Initializing tests ...\n"

 OPENSSL_PEM="$(mktemp)"
 OPENSSL_DER="$(mktemp)"

 NONCE=$(dd if=/dev/urandom bs=1 count=4 2>/dev/null | hexdump -e '1/1 "%02x"')
 SUBJECT="/C=ZZ/ST=Somewhere/L=None/O=OpenWrt'$NONCE'/CN=OpenWrt"

 openssl req -x509 -nodes -days 1 -keyout /dev/null 2>/dev/null \
     -out "$OPENSSL_PEM" -subj "$SUBJECT" \
 || ( printf "error: generating PEM certificate with openssl"; return 1)
 openssl req -x509 -nodes -days 1 -keyout /dev/null 2>/dev/null \
     -out "$OPENSSL_DER" -outform der -subj "$SUBJECT" \
 || ( printf "error: generating DER certificate with openssl"; return 1)


 test() {
     eval "$1 >/dev/null "
     if [ $? -eq "$2" ]
     then
         [ "${PRINT_PASSED}" -gt 0 ] \
         && printf "%-72s%-1s\n" "$1" ">/dev/null (-> $2?) passed."
     else
         printf "%-72s%-1s\n" "$1" ">/dev/null (-> $2?) failed!!!"
         [ "${PRINT_PASSED}" -gt 1 ] && exit 1
     fi
 }


 [ "$PRINT_PASSED" -gt 0 ] && printf "\nTesting openssl itself ...\n"

 [ "$PRINT_PASSED" -gt 1 ] && printf "  * right PEM:\n"
 test 'cat "$OPENSSL_PEM" | openssl x509 -checkend 0                         ' 0
 test 'cat "$OPENSSL_PEM" | openssl x509 -checkend 86300                     ' 0
 test 'cat "$OPENSSL_PEM" | openssl x509 -checkend 86400                     ' 1

 [ "$PRINT_PASSED" -gt 1 ] && printf "  * right DER:\n"
 test 'cat "$OPENSSL_DER" | openssl x509 -checkend 0    -inform der          ' 0
 test 'cat "$OPENSSL_DER" | openssl x509 -checkend 86300 -inform der         ' 0
 test 'cat "$OPENSSL_DER" | openssl x509 -checkend 86400 -inform der         ' 1

 [ "$PRINT_PASSED" -gt 1 ] && printf "  * wrong:\n"
 test 'cat "$OPENSSL_PEM" | openssl x509 -checkend 0 -inform der  2>/dev/null' 1
 test 'cat "$OPENSSL_DER" | openssl x509 -checkend 0              2>/dev/null' 1


 [ "$PRINT_PASSED" -gt 0 ] && printf "\nTesting px5g checkend ...\n"

 [ "$PRINT_PASSED" -gt 1 ] && printf "  * right PEM:\n"
 test 'cat "$OPENSSL_PEM" | ./px5g checkend 0                                ' 0
 test 'cat "$OPENSSL_PEM" | ./px5g checkend 86300                            ' 0
 test 'cat "$OPENSSL_PEM" | ./px5g checkend 86400                            ' 1

 [ "$PRINT_PASSED" -gt 1 ] && printf "  * right DER:\n"
 test 'cat "$OPENSSL_DER" | ./px5g checkend -der 0                           ' 0
 test 'cat "$OPENSSL_DER" | ./px5g checkend -der 86300                       ' 0
 test 'cat "$OPENSSL_DER" | ./px5g checkend -der 86400                       ' 1

 [ "$PRINT_PASSED" -gt 1 ] && printf "  * in option:\n"
 test 'cat "$OPENSSL_DER" | ./px5g checkend -in /proc/self/fd/0 -der 0       ' 0
 test 'cat "$OPENSSL_DER" | ./px5g checkend -der -in /proc/self/fd/0 99      ' 0

 [ "$PRINT_PASSED" -gt 1 ] && printf "  * wrong:\n"
 test 'cat "$OPENSSL_PEM" | ./px5g checkend -der 0                2>/dev/null' 1
 test 'cat "$OPENSSL_DER" | ./px5g checkend 0                     2>/dev/null' 1


 [ "$PRINT_PASSED" -gt 0 ] && printf "\nTesting px5g eckey ...\n"

 [ "$PRINT_PASSED" -gt 1 ] && printf "  * standard curves:\n"
 test './px5g eckey P-256        | openssl ec -check              2>/dev/null' 0
 test './px5g eckey P-384        | openssl ec -check              2>/dev/null' 0
 test './px5g eckey secp384r1    | openssl ec -check              2>/dev/null' 0
 test './px5g eckey secp256r1    | openssl ec -check              2>/dev/null' 0
 test './px5g eckey secp256k1    | openssl ec -check              2>/dev/null' 0

 [ "$PRINT_PASSED" -gt 1 ] && printf "  * more curves:\n"
 test './px5g eckey P-521        | openssl ec -check              2>/dev/null' 0
 test './px5g eckey secp521r1    | openssl ec -check              2>/dev/null' 0
 test './px5g eckey secp224r1    | openssl ec -check              2>/dev/null' 0
 test './px5g eckey secp224k1    | openssl ec -check              2>/dev/null' 0
 test './px5g eckey secp192r1    | openssl ec -check              2>/dev/null' 0
 test './px5g eckey secp192k1    | openssl ec -check              2>/dev/null' 0
 test './px5g eckey brainpoolP512r1        | openssl ec -check    2>/dev/null' 0
 test './px5g eckey brainpoolP384r1        | openssl ec -check    2>/dev/null' 0
 test './px5g eckey brainpoolP256r1        | openssl ec -check    2>/dev/null' 0

 [ "$PRINT_PASSED" -gt 1 ] && printf "  * other options:\n"
 test './px5g eckey -out /proc/self/fd/1   | openssl ec -check    2>/dev/null' 0
 test './px5g eckey -der         | openssl ec -check -inform der  2>/dev/null' 0


 [ "$PRINT_PASSED" -gt 0 ] && printf "\nTesting px5g rsakey ...\n"

 [ "$PRINT_PASSED" -gt 1 ] && printf "  * standard exponent:\n"
 test './px5g rsakey             | openssl rsa -check             2>/dev/null' 0
 test './px5g rsakey 512         | openssl rsa -check             2>/dev/null' 0
 test './px5g rsakey 1024        | openssl rsa -check             2>/dev/null' 0
 test './px5g rsakey 2048        | openssl rsa -check             2>/dev/null' 0
 test './px5g rsakey 4096        | openssl rsa -check             2>/dev/null' 0
 test './px5g rsakey 1111        | openssl rsa -check             2>/dev/null' 0
 test './px5g rsakey 0                                            2>/dev/null' 1

 [ "$PRINT_PASSED" -gt 1 ] && printf "  * small exponent:\n"
 test './px5g rsakey -3          | openssl rsa -check             2>/dev/null' 0
 test './px5g rsakey -3 512      | openssl rsa -check             2>/dev/null' 0
 test './px5g rsakey -3 1024     | openssl rsa -check             2>/dev/null' 0
 test './px5g rsakey -3 2048     | openssl rsa -check             2>/dev/null' 0
 test './px5g rsakey -3 4096     | openssl rsa -check             2>/dev/null' 0
 test './px5g rsakey -3 1111     | openssl rsa -check             2>/dev/null' 0
 test './px5g rsakey -3 0                                         2>/dev/null' 1

 [ "$PRINT_PASSED" -gt 1 ] && printf "  * other options:\n"
 test './px5g rsakey -out /proc/self/fd/1  | openssl rsa -check   2>/dev/null' 0
 test './px5g rsakey -der        | openssl rsa -check -inform der 2>/dev/null' 0


 [ "$PRINT_PASSED" -gt 0 ] && printf "\nTesting px5g selfsigned ...\n"

 test './px5g selfsigned -der | openssl x509 -checkend 0 -inform der         ' 0
 test './px5g selfsigned -days 1               | openssl x509 -checkend 0    ' 0
 test './px5g selfsigned -days 1               | openssl x509 -checkend 86300' 0
 test './px5g selfsigned -days 1               | openssl x509 -checkend 86400' 1
 test './px5g selfsigned -out /proc/self/fd/1  | openssl x509 -checkend 0    ' 0
 test './px5g selfsigned -newkey rsa:666       | openssl x509 -checkend 0    ' 0
 test './px5g selfsigned -newkey ec            | openssl x509 -checkend 0    ' 0
 test './px5g selfsigned -newkey ec -pkeyopt ec_paramgen_curve:secp384r1 \
       | openssl x509 -checkend 0                                        ' 0
 test './px5g selfsigned -subj "$SUBJECT" | openssl x509 -noout \
       -subject -nameopt compat | grep -q subject="$SUBJECT" 2>/dev/null' 0
 test './px5g selfsigned -out /dev/null -keyout /proc/self/fd/1 \
       | openssl rsa -check 2>/dev/null                                  ' 0


 rm "$OPENSSL_PEM" "$OPENSSL_DER"
	#!/bin/sh

	PRINT_PASSED=2

	printf "Initializing tests ...\n"

	OPENSSL_PEM="$(mktemp)"
	OPENSSL_DER="$(mktemp)"

	NONCE=$(dd if=/dev/urandom bs=1 count=4 2>/dev/null \| hexdump -e '1/1 "%02x"')
	SUBJECT="/C=ZZ/ST=Somewhere/L=None/O=OpenWrt'$NONCE'/CN=OpenWrt"

	openssl req -x509 -nodes -days 1 -keyout /dev/null 2>/dev/null \
	-out "$OPENSSL_PEM" -subj "$SUBJECT" \
	\|\| ( printf "error: generating PEM certificate with openssl"; return 1)
	openssl req -x509 -nodes -days 1 -keyout /dev/null 2>/dev/null \
	-out "$OPENSSL_DER" -outform der -subj "$SUBJECT" \
	\|\| ( printf "error: generating DER certificate with openssl"; return 1)


	test() {
	eval "$1 >/dev/null "
	if [ $? -eq "$2" ]
	then
	[ "${PRINT_PASSED}" -gt 0 ] \
	&& printf "%-72s%-1s\n" "$1" ">/dev/null (-> $2?) passed."
	else
	printf "%-72s%-1s\n" "$1" ">/dev/null (-> $2?) failed!!!"
	[ "${PRINT_PASSED}" -gt 1 ] && exit 1
	fi
	}


	[ "$PRINT_PASSED" -gt 0 ] && printf "\nTesting openssl itself ...\n"

	[ "$PRINT_PASSED" -gt 1 ] && printf " * right PEM:\n"
	test 'cat "$OPENSSL_PEM" \| openssl x509 -checkend 0 ' 0
	test 'cat "$OPENSSL_PEM" \| openssl x509 -checkend 86300 ' 0
	test 'cat "$OPENSSL_PEM" \| openssl x509 -checkend 86400 ' 1

	[ "$PRINT_PASSED" -gt 1 ] && printf " * right DER:\n"
	test 'cat "$OPENSSL_DER" \| openssl x509 -checkend 0 -inform der ' 0
	test 'cat "$OPENSSL_DER" \| openssl x509 -checkend 86300 -inform der ' 0
	test 'cat "$OPENSSL_DER" \| openssl x509 -checkend 86400 -inform der ' 1

	[ "$PRINT_PASSED" -gt 1 ] && printf " * wrong:\n"
	test 'cat "$OPENSSL_PEM" \| openssl x509 -checkend 0 -inform der 2>/dev/null' 1
	test 'cat "$OPENSSL_DER" \| openssl x509 -checkend 0 2>/dev/null' 1


	[ "$PRINT_PASSED" -gt 0 ] && printf "\nTesting px5g checkend ...\n"

	[ "$PRINT_PASSED" -gt 1 ] && printf " * right PEM:\n"
	test 'cat "$OPENSSL_PEM" \| ./px5g checkend 0 ' 0
	test 'cat "$OPENSSL_PEM" \| ./px5g checkend 86300 ' 0
	test 'cat "$OPENSSL_PEM" \| ./px5g checkend 86400 ' 1

	[ "$PRINT_PASSED" -gt 1 ] && printf " * right DER:\n"
	test 'cat "$OPENSSL_DER" \| ./px5g checkend -der 0 ' 0
	test 'cat "$OPENSSL_DER" \| ./px5g checkend -der 86300 ' 0
	test 'cat "$OPENSSL_DER" \| ./px5g checkend -der 86400 ' 1

	[ "$PRINT_PASSED" -gt 1 ] && printf " * in option:\n"
	test 'cat "$OPENSSL_DER" \| ./px5g checkend -in /proc/self/fd/0 -der 0 ' 0
	test 'cat "$OPENSSL_DER" \| ./px5g checkend -der -in /proc/self/fd/0 99 ' 0

	[ "$PRINT_PASSED" -gt 1 ] && printf " * wrong:\n"
	test 'cat "$OPENSSL_PEM" \| ./px5g checkend -der 0 2>/dev/null' 1
	test 'cat "$OPENSSL_DER" \| ./px5g checkend 0 2>/dev/null' 1


	[ "$PRINT_PASSED" -gt 0 ] && printf "\nTesting px5g eckey ...\n"

	[ "$PRINT_PASSED" -gt 1 ] && printf " * standard curves:\n"
	test './px5g eckey P-256 \| openssl ec -check 2>/dev/null' 0
	test './px5g eckey P-384 \| openssl ec -check 2>/dev/null' 0
	test './px5g eckey secp384r1 \| openssl ec -check 2>/dev/null' 0
	test './px5g eckey secp256r1 \| openssl ec -check 2>/dev/null' 0
	test './px5g eckey secp256k1 \| openssl ec -check 2>/dev/null' 0

	[ "$PRINT_PASSED" -gt 1 ] && printf " * more curves:\n"
	test './px5g eckey P-521 \| openssl ec -check 2>/dev/null' 0
	test './px5g eckey secp521r1 \| openssl ec -check 2>/dev/null' 0
	test './px5g eckey secp224r1 \| openssl ec -check 2>/dev/null' 0
	test './px5g eckey secp224k1 \| openssl ec -check 2>/dev/null' 0
	test './px5g eckey secp192r1 \| openssl ec -check 2>/dev/null' 0
	test './px5g eckey secp192k1 \| openssl ec -check 2>/dev/null' 0
	test './px5g eckey brainpoolP512r1 \| openssl ec -check 2>/dev/null' 0
	test './px5g eckey brainpoolP384r1 \| openssl ec -check 2>/dev/null' 0
	test './px5g eckey brainpoolP256r1 \| openssl ec -check 2>/dev/null' 0

	[ "$PRINT_PASSED" -gt 1 ] && printf " * other options:\n"
	test './px5g eckey -out /proc/self/fd/1 \| openssl ec -check 2>/dev/null' 0
	test './px5g eckey -der \| openssl ec -check -inform der 2>/dev/null' 0


	[ "$PRINT_PASSED" -gt 0 ] && printf "\nTesting px5g rsakey ...\n"

	[ "$PRINT_PASSED" -gt 1 ] && printf " * standard exponent:\n"
	test './px5g rsakey \| openssl rsa -check 2>/dev/null' 0
	test './px5g rsakey 512 \| openssl rsa -check 2>/dev/null' 0
	test './px5g rsakey 1024 \| openssl rsa -check 2>/dev/null' 0
	test './px5g rsakey 2048 \| openssl rsa -check 2>/dev/null' 0
	test './px5g rsakey 4096 \| openssl rsa -check 2>/dev/null' 0
	test './px5g rsakey 1111 \| openssl rsa -check 2>/dev/null' 0
	test './px5g rsakey 0 2>/dev/null' 1

	[ "$PRINT_PASSED" -gt 1 ] && printf " * small exponent:\n"
	test './px5g rsakey -3 \| openssl rsa -check 2>/dev/null' 0
	test './px5g rsakey -3 512 \| openssl rsa -check 2>/dev/null' 0
	test './px5g rsakey -3 1024 \| openssl rsa -check 2>/dev/null' 0
	test './px5g rsakey -3 2048 \| openssl rsa -check 2>/dev/null' 0
	test './px5g rsakey -3 4096 \| openssl rsa -check 2>/dev/null' 0
	test './px5g rsakey -3 1111 \| openssl rsa -check 2>/dev/null' 0
	test './px5g rsakey -3 0 2>/dev/null' 1

	[ "$PRINT_PASSED" -gt 1 ] && printf " * other options:\n"
	test './px5g rsakey -out /proc/self/fd/1 \| openssl rsa -check 2>/dev/null' 0
	test './px5g rsakey -der \| openssl rsa -check -inform der 2>/dev/null' 0


	[ "$PRINT_PASSED" -gt 0 ] && printf "\nTesting px5g selfsigned ...\n"

	test './px5g selfsigned -der \| openssl x509 -checkend 0 -inform der ' 0
	test './px5g selfsigned -days 1 \| openssl x509 -checkend 0 ' 0
	test './px5g selfsigned -days 1 \| openssl x509 -checkend 86300' 0
	test './px5g selfsigned -days 1 \| openssl x509 -checkend 86400' 1
	test './px5g selfsigned -out /proc/self/fd/1 \| openssl x509 -checkend 0 ' 0
	test './px5g selfsigned -newkey rsa:666 \| openssl x509 -checkend 0 ' 0
	test './px5g selfsigned -newkey ec \| openssl x509 -checkend 0 ' 0
	test './px5g selfsigned -newkey ec -pkeyopt ec_paramgen_curve:secp384r1 \
	\| openssl x509 -checkend 0 ' 0
	test './px5g selfsigned -subj "$SUBJECT" \| openssl x509 -noout \
	-subject -nameopt compat \| grep -q subject="$SUBJECT" 2>/dev/null' 0
	test './px5g selfsigned -out /dev/null -keyout /proc/self/fd/1 \
	\| openssl rsa -check 2>/dev/null ' 0


	rm "$OPENSSL_PEM" "$OPENSSL_DER"