1#!/bin/sh 2# 3# Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC") 4# 5# Permission to use, copy, modify, and/or distribute this software for any 6# purpose with or without fee is hereby granted, provided that the above 7# copyright notice and this permission notice appear in all copies. 8# 9# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH 10# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 11# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, 12# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM 13# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE 14# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 15# PERFORMANCE OF THIS SOFTWARE. 16 17# Id: tests.sh,v 1.3 2010/06/08 23:50:24 tbox Exp 18 19SYSTEMTESTTOP=.. 20. $SYSTEMTESTTOP/conf.sh 21 22DIGOPTS="+tcp +noadd +nosea +nostat +nocmd +dnssec -p 5300" 23 24status=0 25ret=0 26 27alg=rsa 28zonefile=ns1/rsa.example.db 29echo "I:testing PKCS#11 key generation (rsa)" 30count=`$PK11LIST | grep robie-rsa-ksk | wc -l` 31if [ $count != 2 ]; then echo "I:failed"; status=1; fi 32 33echo "I:testing offline signing with PKCS#11 keys (rsa)" 34 35count=`grep RRSIG $zonefile.signed | wc -l` 36if [ $count != 12 ]; then echo "I:failed"; status=1; fi 37 38echo "I:testing inline signing with PKCS#11 keys (rsa)" 39 40$NSUPDATE > /dev/null <<END || status=1 41server 10.53.0.1 5300 42ttl 300 43zone rsa.example. 44update add `grep -v ';' ns1/${alg}.key` 45send 46END 47 48echo "I:waiting 20 seconds for key changes to take effect" 49sleep 20 50 51$DIG $DIGOPTS ns.rsa.example. @10.53.0.1 a > dig.out || ret=1 52if [ $ret != 0 ]; then echo "I:failed"; fi 53status=`expr $status + $ret` 54count=`grep RRSIG dig.out | wc -l` 55if [ $count != 4 ]; then echo "I:failed"; status=1; fi 56 57echo "I:testing PKCS#11 key destroy (rsa)" 58ret=0 59$PK11DEL -l robie-rsa-ksk -w0 > /dev/null 2>&1 || ret=1 60$PK11DEL -l robie-rsa-zsk1 -w0 > /dev/null 2>&1 || ret=1 61$PK11DEL -i $id -w0 > /dev/null 2>&1 || ret=1 62if [ $ret != 0 ]; then echo "I:failed"; fi 63status=`expr $status + $ret` 64count=`$PK11LIST | grep robie-rsa | wc -l` 65if [ $count != 0 ]; then echo "I:failed"; fi 66status=`expr $status + $count` 67 68echo "I:exit status: $status" 69exit $status 70