1#! /bin/sh 2# 3# This Source Code Form is subject to the terms of the Mozilla Public 4# License, v. 2.0. If a copy of the MPL was not distributed with this 5# file, You can obtain one at http://mozilla.org/MPL/2.0/. 6 7######################################################################## 8# 9# mozilla/security/nss/tests/smime/smime.sh 10# 11# Script to test NSS smime 12# 13# needs to work on all Unix and Windows platforms 14# 15# special strings 16# --------------- 17# FIXME ... known problems, search for this string 18# NOTE .... unexpected behavior 19# 20######################################################################## 21 22# parameter: MIME part boundary 23make_multipart() 24{ 25 mp_start="Content-Type: multipart/signed; protocol=\"application/pkcs7-signature\"; micalg=sha-HASHHASH; boundary=\"$1\" 26 27This is a cryptographically signed message in MIME format. 28 29--$1" 30 31 mp_middle=" 32--$1 33Content-Type: application/pkcs7-signature; name=smime.p7s 34Content-Transfer-Encoding: base64 35Content-Disposition: attachment; filename=smime.p7s 36Content-Description: S/MIME Cryptographic Signature 37" 38 39 mp_end="--$1-- 40" 41} 42 43############################## smime_init ############################## 44# local shell function to initialize this script 45######################################################################## 46smime_init() 47{ 48 SCRIPTNAME=smime.sh # sourced - $0 would point to all.sh 49 50 if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for 51 CLEANUP="${SCRIPTNAME}" # cleaning this script will do it 52 fi 53 54 if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then 55 cd ../common 56 . ./init.sh 57 fi 58 if [ ! -r $CERT_LOG_FILE ]; then # we need certificates here 59 cd ../cert 60 . ./cert.sh 61 fi 62 SCRIPTNAME=smime.sh 63 64 html_head "S/MIME Tests" 65 66 grep "SUCCESS: SMIME passed" $CERT_LOG_FILE >/dev/null || { 67 Exit 11 "Fatal - S/MIME of cert.sh needs to pass first" 68 } 69 70 SMIMEDIR=${HOSTDIR}/smime 71 R_SMIMEDIR=../smime 72 mkdir -p ${SMIMEDIR} 73 cd ${SMIMEDIR} 74 cp ${QADIR}/smime/alice.txt ${SMIMEDIR} 75 76 mkdir tb 77 78 make_multipart "------------ms030903020902020502030404" 79 multipart_start="$mp_start" 80 multipart_middle="$mp_middle" 81 multipart_end="$mp_end" 82 83 make_multipart "------------ms010205070902020502030809" 84 multipart_start_b2="$mp_start" 85 multipart_middle_b2="$mp_middle" 86 multipart_end_b2="$mp_end" 87} 88 89cms_sign() 90{ 91 HASH_CMD="-H SHA${HASH}" 92 SIG=sig.SHA${HASH} 93 94 echo "$SCRIPTNAME: Signing Detached Message {$HASH} ------------------" 95 echo "cmsutil -S -T -N Alice ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.d${SIG}" 96 ${PROFTOOL} ${BINDIR}/cmsutil -S -T -N Alice ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.d${SIG} 97 html_msg $? 0 "Create Detached Signature Alice (${HASH})" "." 98 99 echo "cmsutil -D -i alice.d${SIG} -c alice.txt -d ${P_R_BOBDIR} " 100 ${PROFTOOL} ${BINDIR}/cmsutil -D -i alice.d${SIG} -c alice.txt -d ${P_R_BOBDIR} 101 html_msg $? 0 "Verifying Alice's Detached Signature (${HASH})" "." 102 103 echo "$SCRIPTNAME: Signing Attached Message (${HASH}) ------------------" 104 echo "cmsutil -S -N Alice ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.${SIG}" 105 ${PROFTOOL} ${BINDIR}/cmsutil -S -N Alice ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.${SIG} 106 html_msg $? 0 "Create Attached Signature Alice (${HASH})" "." 107 108 echo "cmsutil -D -i alice.${SIG} -d ${P_R_BOBDIR} -o alice.data.${HASH}" 109 ${PROFTOOL} ${BINDIR}/cmsutil -D -i alice.${SIG} -d ${P_R_BOBDIR} -o alice.data.${HASH} 110 html_msg $? 0 "Decode Alice's Attached Signature (${HASH})" "." 111 112 echo "diff alice.txt alice.data.${HASH}" 113 diff alice.txt alice.data.${HASH} 114 html_msg $? 0 "Compare Attached Signed Data and Original (${HASH})" "." 115 116# Test ECDSA signing for all hash algorithms. 117 echo "$SCRIPTNAME: Signing Detached Message ECDSA w/ {$HASH} ------------------" 118 echo "cmsutil -S -T -N Alice-ec ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice-ec.d${SIG}" 119 ${PROFTOOL} ${BINDIR}/cmsutil -S -T -N Alice-ec ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice-ec.d${SIG} 120 html_msg $? 0 "Create Detached Signature Alice (ECDSA w/ ${HASH})" "." 121 122 echo "cmsutil -D -i alice-ec.d${SIG} -c alice.txt -d ${P_R_BOBDIR} " 123 ${PROFTOOL} ${BINDIR}/cmsutil -D -i alice-ec.d${SIG} -c alice.txt -d ${P_R_BOBDIR} 124 html_msg $? 0 "Verifying Alice's Detached Signature (ECDSA w/ ${HASH})" "." 125 126 echo "$SCRIPTNAME: Signing Attached Message (ECDSA w/ ${HASH}) ------------------" 127 echo "cmsutil -S -N Alice-ec ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice-ec.${SIG}" 128 ${PROFTOOL} ${BINDIR}/cmsutil -S -N Alice-ec ${HASH_CMD} -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice-ec.${SIG} 129 html_msg $? 0 "Create Attached Signature Alice (ECDSA w/ ${HASH})" "." 130 131 echo "cmsutil -D -i alice-ec.${SIG} -d ${P_R_BOBDIR} -o alice-ec.data.${HASH}" 132 ${PROFTOOL} ${BINDIR}/cmsutil -D -i alice-ec.${SIG} -d ${P_R_BOBDIR} -o alice-ec.data.${HASH} 133 html_msg $? 0 "Decode Alice's Attached Signature (ECDSA w/ ${HASH})" "." 134 135 echo "diff alice.txt alice-ec.data.${HASH}" 136 diff alice.txt alice-ec.data.${HASH} 137 html_msg $? 0 "Compare Attached Signed Data and Original (ECDSA w/ ${HASH})" "." 138} 139 140header_mime_from_to_subject="MIME-Version: 1.0 141From: Alice@example.com 142To: Bob@example.com 143Subject: " 144 145header_dave_mime_from_to_subject="MIME-Version: 1.0 146From: Dave@example.com 147To: Bob@example.com 148Subject: " 149 150header_opaque_signed="Content-Type: application/pkcs7-mime; name=smime.p7m; 151 smime-type=signed-data 152Content-Transfer-Encoding: base64 153Content-Disposition: attachment; filename=smime.p7m 154Content-Description: S/MIME Cryptographic Signature 155" 156 157header_enveloped="Content-Type: application/pkcs7-mime; name=smime.p7m; 158 smime-type=enveloped-data 159Content-Transfer-Encoding: base64 160Content-Disposition: attachment; filename=smime.p7m 161Content-Description: S/MIME Encrypted Message 162" 163 164header_clearsigned="Content-Type: text/plain; charset=utf-8; format=flowed 165Content-Transfer-Encoding: quoted-printable 166Content-Language: en-US 167" 168 169header_plaintext="Content-Type: text/plain 170" 171 172CR=$(printf '\r') 173 174mime_init() 175{ 176 OUT="tb/alice.mime" 177 echo "${header_clearsigned}" >>${OUT} 178 cat alice.txt >>${OUT} 179 sed -i"" "s/\$/${CR}/" ${OUT} 180 181 OUT="tb/alice.textplain" 182 echo "${header_plaintext}" >>${OUT} 183 cat alice.txt >>${OUT} 184 sed -i"" "s/\$/${CR}/" ${OUT} 185} 186 187smime_enveloped() 188{ 189 ${PROFTOOL} ${BINDIR}/cmsutil -E -r bob@example.com -i tb/alice.mime -d ${P_R_ALICEDIR} -p nss -o tb/alice.mime.env 190 191 OUT="tb/alice.env" 192 echo "${header_enveloped}" >>${OUT} 193 cat "tb/alice.mime.env" | ${BINDIR}/btoa | sed 's/\r$//' >>${OUT} 194 echo >>${OUT} 195 196 OUT="tb/alice.env.eml" 197 echo -n "${header_mime_from_to_subject}" >>${OUT} 198 echo "enveloped ${SIG}" >>${OUT} 199 cat "tb/alice.env" >>${OUT} 200 sed -i"" "s/\$/${CR}/" ${OUT} 201} 202 203smime_signed_enveloped() 204{ 205 SIG=sig.SHA${HASH} 206 207 ${PROFTOOL} ${BINDIR}/cmsutil -S -T -N Alice ${HASH_CMD} -i tb/alice.mime -d ${P_R_ALICEDIR} -p nss -o tb/alice.mime.d${SIG} 208 209 OUT="tb/alice.d${SIG}.multipart" 210 echo "${multipart_start}" | sed "s/HASHHASH/${HASH}/" >>${OUT} 211 cat tb/alice.mime | sed 's/\r$//' >>${OUT} 212 echo "${multipart_middle}" >>${OUT} 213 cat tb/alice.mime.d${SIG} | ${BINDIR}/btoa | sed 's/\r$//' >>${OUT} 214 echo "${multipart_end}" >>${OUT} 215 216 ${PROFTOOL} ${BINDIR}/cmsutil -E -r bob@example.com -i ${OUT} -d ${P_R_ALICEDIR} -p nss -o ${OUT}.env 217 218 OUT="tb/alice.d${SIG}.multipart.eml" 219 echo -n "${header_mime_from_to_subject}" >>${OUT} 220 echo "clear-signed ${SIG}" >>${OUT} 221 cat "tb/alice.d${SIG}.multipart" >>${OUT} 222 sed -i"" "s/\$/$CR/" ${OUT} 223 224 OUT="tb/alice.d${SIG}.multipart.env.eml" 225 echo -n "${header_mime_from_to_subject}" >>${OUT} 226 echo "clear-signed then enveloped $SIG" >>${OUT} 227 echo "$header_enveloped" >>${OUT} 228 cat "tb/alice.d${SIG}.multipart.env" | ${BINDIR}/btoa | sed 's/\r$//' >>${OUT} 229 echo >>${OUT} 230 sed -i"" "s/\$/$CR/" ${OUT} 231 232 ${PROFTOOL} ${BINDIR}/cmsutil -S -N Alice ${HASH_CMD} -i tb/alice.textplain -d ${P_R_ALICEDIR} -p nss -o tb/alice.textplain.${SIG} 233 234 OUT="tb/alice.${SIG}.opaque" 235 echo "$header_opaque_signed" >>${OUT} 236 cat tb/alice.textplain.${SIG} | ${BINDIR}/btoa | sed 's/\r$//' >>${OUT} 237 238 ${PROFTOOL} ${BINDIR}/cmsutil -E -r bob@example.com -i ${OUT} -d ${P_R_ALICEDIR} -p nss -o ${OUT}.env 239 240 OUT="tb/alice.${SIG}.opaque.eml" 241 echo -n "${header_mime_from_to_subject}" >>${OUT} 242 echo "opaque-signed $SIG" >>${OUT} 243 cat "tb/alice.${SIG}.opaque" >>${OUT} 244 echo >>${OUT} 245 sed -i"" "s/\$/$CR/" ${OUT} 246 247 OUT="tb/alice.${SIG}.opaque.env.eml" 248 echo -n "${header_mime_from_to_subject}" >>${OUT} 249 echo "opaque-signed then enveloped $SIG" >>${OUT} 250 echo "$header_enveloped" >>$OUT 251 cat "tb/alice.${SIG}.opaque.env" | ${BINDIR}/btoa | sed 's/\r$//' >>${OUT} 252 echo >>${OUT} 253 sed -i"" "s/\$/$CR/" ${OUT} 254 255 # bad messages below 256 257 OUT="tb/alice.d${SIG}.multipart.bad.eml" 258 echo -n "${header_mime_from_to_subject}" >>${OUT} 259 echo "BAD clear-signed $SIG" >>${OUT} 260 cat "tb/alice.d${SIG}.multipart" | sed 's/test message from Alice/FAKE message NOT from Alice/' >>${OUT} 261 sed -i"" "s/\$/$CR/" ${OUT} 262 263 OUT="tb/alice.d${SIG}.multipart.mismatch-econtent" 264 echo "${multipart_start}" | sed "s/HASHHASH/$HASH/" >>${OUT} 265 cat tb/alice.mime | sed 's/test message from Alice/FAKE message NOT from Alice/' | sed 's/\r$//' >>${OUT} 266 echo "${multipart_middle}" >>${OUT} 267 cat tb/alice.textplain.${SIG} | ${BINDIR}/btoa | sed 's/\r$//' >>${OUT} 268 echo "${multipart_end}" >>${OUT} 269 270 OUT="tb/alice.d${SIG}.multipart.mismatch-econtent.eml" 271 echo -n "${header_mime_from_to_subject}" >>${OUT} 272 echo "BAD mismatch-econtent $SIG" >>${OUT} 273 cat "tb/alice.d${SIG}.multipart.mismatch-econtent" >>${OUT} 274 sed -i"" "s/\$/$CR/" ${OUT} 275} 276 277smime_plain_signed() 278{ 279 SIG=sig.SHA${HASH} 280 281 ${PROFTOOL} ${BINDIR}/cmsutil -S -T -N Alice ${HASH_CMD} -i tb/alice.textplain -d ${P_R_ALICEDIR} -p nss -o tb/alice.plain.d${SIG} 282 283 OUT="tb/alice.plain.d${SIG}.multipart" 284 echo "${multipart_start}" | sed "s/HASHHASH/${HASH}/" >>${OUT} 285 cat tb/alice.textplain | sed 's/\r$//' >>${OUT} 286 echo "${multipart_middle}" >>${OUT} 287 cat tb/alice.plain.d${SIG} | ${BINDIR}/btoa | sed 's/\r$//' >>${OUT} 288 echo "${multipart_end}" >>${OUT} 289 290 ${PROFTOOL} ${BINDIR}/cmsutil -S -N Alice ${HASH_CMD} -i tb/alice.textplain -d ${P_R_ALICEDIR} -p nss -o tb/alice.plain.${SIG} 291 292 OUT="tb/alice.plain.${SIG}.opaque" 293 echo "$header_opaque_signed" >>${OUT} 294 cat tb/alice.plain.${SIG} | ${BINDIR}/btoa | sed 's/\r$//' >>${OUT} 295 296 # Second outer, opaque signature layer. 297 298 INPUT="tb/alice.plain.d${SIG}.multipart" 299 OUT_SIG="${INPUT}.dave.${SIG}" 300 ${PROFTOOL} ${BINDIR}/cmsutil -S -N Dave ${HASH_CMD} -i "$INPUT" -d ${P_R_DAVEDIR} -p nss -o "$OUT_SIG" 301 302 OUT_MIME="${OUT_SIG}.opaque" 303 echo "$header_opaque_signed" >>${OUT_MIME} 304 cat "$OUT_SIG" | ${BINDIR}/btoa | sed 's/\r$//' >>${OUT_MIME} 305 306 OUT_EML="${OUT_MIME}.eml" 307 echo -n "${header_dave_mime_from_to_subject}" >>${OUT_EML} 308 echo "clear-signed $SIG then opaque signed by dave" >>${OUT_EML} 309 cat "${OUT_MIME}" >>${OUT_EML} 310 echo >>${OUT_EML} 311 sed -i"" "s/\$/$CR/" ${OUT_EML} 312 313 INPUT="tb/alice.plain.${SIG}.opaque" 314 OUT_SIG="${INPUT}.dave.${SIG}" 315 ${PROFTOOL} ${BINDIR}/cmsutil -S -N Dave ${HASH_CMD} -i "$INPUT" -d ${P_R_DAVEDIR} -p nss -o "$OUT_SIG" 316 317 OUT_MIME="${OUT_SIG}.opaque" 318 echo "$header_opaque_signed" >>${OUT_MIME} 319 cat "$OUT_SIG" | ${BINDIR}/btoa | sed 's/\r$//' >>${OUT_MIME} 320 321 OUT_EML="${OUT_MIME}.eml" 322 echo -n "${header_dave_mime_from_to_subject}" >>${OUT_EML} 323 echo "opaque-signed $SIG then opaque signed by dave" >>${OUT_EML} 324 cat "${OUT_MIME}" >>${OUT_EML} 325 echo >>${OUT_EML} 326 sed -i"" "s/\$/$CR/" ${OUT_EML} 327 328 # Alternatively, second outer, multipart signature layer. 329 330 INPUT="tb/alice.plain.d${SIG}.multipart" 331 OUT_SIG="${INPUT}.dave.d${SIG}" 332 cat "$INPUT" | sed "s/\$/$CR/" > "${INPUT}.cr" 333 ${PROFTOOL} ${BINDIR}/cmsutil -S -T -N Dave ${HASH_CMD} -i "${INPUT}.cr" -d ${P_R_DAVEDIR} -p nss -o "$OUT_SIG" 334 335 OUT_MIME="${OUT_SIG}.multipart" 336 echo "${multipart_start_b2}" | sed "s/HASHHASH/${HASH}/" >>${OUT_MIME} 337 cat "${INPUT}.cr" | sed 's/\r$//' >>${OUT_MIME} 338 rm "${INPUT}.cr" 339 echo "${multipart_middle_b2}" >>${OUT_MIME} 340 echo >>${OUT_MIME} 341 cat "$OUT_SIG" | ${BINDIR}/btoa | sed 's/\r$//' >>${OUT_MIME} 342 echo "${multipart_end_b2}" >>${OUT_MIME} 343 344 OUT_EML="${OUT_MIME}.eml" 345 echo -n "${header_dave_mime_from_to_subject}" >>${OUT_EML} 346 echo "clear-signed $SIG then clear-signed signed by dave" >>${OUT_EML} 347 cat "${OUT_MIME}" >>${OUT_EML} 348 echo >>${OUT_EML} 349 sed -i"" "s/\$/$CR/" ${OUT_EML} 350 351 INPUT="tb/alice.plain.${SIG}.opaque" 352 OUT_SIG="${INPUT}.dave.d${SIG}" 353 cat "$INPUT" | sed "s/\$/$CR/" > "${INPUT}.cr" 354 ${PROFTOOL} ${BINDIR}/cmsutil -S -T -N Dave ${HASH_CMD} -i "${INPUT}.cr" -d ${P_R_DAVEDIR} -p nss -o "$OUT_SIG" 355 356 OUT_MIME="${OUT_SIG}.multipart" 357 echo "${multipart_start_b2}" | sed "s/HASHHASH/${HASH}/" >>${OUT_MIME} 358 cat "${INPUT}.cr" | sed 's/\r$//' >>${OUT_MIME} 359 rm "${INPUT}.cr" 360 echo "${multipart_middle_b2}" >>${OUT_MIME} 361 echo >>${OUT_MIME} 362 cat "$OUT_SIG" | ${BINDIR}/btoa | sed 's/\r$//' >>${OUT_MIME} 363 echo "${multipart_end_b2}" >>${OUT_MIME} 364 365 OUT_EML="${OUT_MIME}.eml" 366 echo -n "${header_dave_mime_from_to_subject}" >>${OUT_EML} 367 echo "opaque-signed $SIG then clear-signed signed by dave" >>${OUT_EML} 368 cat "${OUT_MIME}" >>${OUT_EML} 369 echo >>${OUT_EML} 370 sed -i"" "s/\$/$CR/" ${OUT_EML} 371} 372 373smime_enveloped_signed() 374{ 375 SIG=sig.SHA${HASH} 376 377 ${PROFTOOL} ${BINDIR}/cmsutil -S -T -N Alice ${HASH_CMD} -i tb/alice.env -d ${P_R_ALICEDIR} -p nss -o tb/alice.env.d${SIG} 378 379 OUT="tb/alice.env.d${SIG}.multipart" 380 echo "${multipart_start}" | sed "s/HASHHASH/${HASH}/" >>${OUT} 381 cat tb/alice.env | sed 's/\r$//' >>${OUT} 382 echo "${multipart_middle}" >>${OUT} 383 cat tb/alice.env.d${SIG} | ${BINDIR}/btoa | sed 's/\r$//' >>${OUT} 384 echo "${multipart_end}" >>${OUT} 385 386 OUT="tb/alice.env.d${SIG}.multipart.eml" 387 echo -n "${header_mime_from_to_subject}" >>${OUT} 388 echo "enveloped then clear-signed ${SIG}" >>${OUT} 389 cat "tb/alice.env.d${SIG}.multipart" >>${OUT} 390 sed -i"" "s/\$/$CR/" ${OUT} 391 392 ${PROFTOOL} ${BINDIR}/cmsutil -S -N Alice ${HASH_CMD} -i tb/alice.env -d ${P_R_ALICEDIR} -p nss -o tb/alice.env.${SIG} 393 394 OUT="tb/alice.env.${SIG}.opaque" 395 echo "$header_opaque_signed" >>${OUT} 396 cat tb/alice.env.${SIG} | ${BINDIR}/btoa | sed 's/\r$//' >>${OUT} 397 398 OUT="tb/alice.env.${SIG}.opaque.eml" 399 echo -n "${header_mime_from_to_subject}" >>${OUT} 400 echo "enveloped then opaque-signed $SIG" >>${OUT} 401 cat "tb/alice.env.${SIG}.opaque" >>${OUT} 402 echo >>${OUT} 403 sed -i"" "s/\$/$CR/" ${OUT} 404 405 # Second outer, opaque signature layer. 406 407 INPUT="tb/alice.env.d${SIG}.multipart" 408 OUT_SIG="${INPUT}.dave.${SIG}" 409 ${PROFTOOL} ${BINDIR}/cmsutil -S -N Dave ${HASH_CMD} -i "$INPUT" -d ${P_R_DAVEDIR} -p nss -o "$OUT_SIG" 410 411 OUT_MIME="${OUT_SIG}.opaque" 412 echo "$header_opaque_signed" >>${OUT_MIME} 413 cat "$OUT_SIG" | ${BINDIR}/btoa | sed 's/\r$//' >>${OUT_MIME} 414 415 OUT_EML="${OUT_MIME}.eml" 416 echo -n "${header_dave_mime_from_to_subject}" >>${OUT_EML} 417 echo "enveloped then clear-signed $SIG then opaque signed by dave" >>${OUT_EML} 418 cat "${OUT_MIME}" >>${OUT_EML} 419 echo >>${OUT_EML} 420 sed -i"" "s/\$/$CR/" ${OUT_EML} 421 422 INPUT="tb/alice.env.${SIG}.opaque" 423 OUT_SIG="${INPUT}.dave.${SIG}" 424 ${PROFTOOL} ${BINDIR}/cmsutil -S -N Dave ${HASH_CMD} -i "$INPUT" -d ${P_R_DAVEDIR} -p nss -o "$OUT_SIG" 425 426 OUT_MIME="${OUT_SIG}.opaque" 427 echo "$header_opaque_signed" >>${OUT_MIME} 428 cat "$OUT_SIG" | ${BINDIR}/btoa | sed 's/\r$//' >>${OUT_MIME} 429 430 OUT_EML="${OUT_MIME}.eml" 431 echo -n "${header_dave_mime_from_to_subject}" >>${OUT_EML} 432 echo "enveloped then opaque-signed $SIG then opaque signed by dave" >>${OUT_EML} 433 cat "${OUT_MIME}" >>${OUT_EML} 434 echo >>${OUT_EML} 435 sed -i"" "s/\$/$CR/" ${OUT_EML} 436} 437 438smime_p7() 439{ 440 echo "$SCRIPTNAME: p7 util Data Tests ------------------------------" 441 echo "p7env -d ${P_R_ALICEDIR} -r Alice -i alice.txt -o alice_p7.env" 442 ${PROFTOOL} ${BINDIR}/p7env -d ${P_R_ALICEDIR} -r Alice -i alice.txt -o alice_p7.env 443 html_msg $? 0 "Creating envelope for user Alice" "." 444 445 echo "p7content -d ${P_R_ALICEDIR} -i alice_p7.env -o alice_p7.data" 446 ${PROFTOOL} ${BINDIR}/p7content -d ${P_R_ALICEDIR} -i alice_p7.env -o alice_p7.data -p nss 447 html_msg $? 0 "Verifying file delivered to user Alice" "." 448 449 sed -e '3,3p' -n alice_p7.data > alice_p7.data.sed 450 451 echo "diff alice.txt alice_p7.data.sed" 452 diff alice.txt alice_p7.data.sed 453 html_msg $? 0 "Compare Decoded Enveloped Data and Original" "." 454 455 echo "p7sign -d ${P_R_ALICEDIR} -k Alice -i alice.txt -o alice.sig -p nss -e" 456 ${PROFTOOL} ${BINDIR}/p7sign -d ${P_R_ALICEDIR} -k Alice -i alice.txt -o alice.sig -p nss -e 457 html_msg $? 0 "Signing file for user Alice" "." 458 459 echo "p7verify -d ${P_R_ALICEDIR} -c alice.txt -s alice.sig" 460 ${PROFTOOL} ${BINDIR}/p7verify -d ${P_R_ALICEDIR} -c alice.txt -s alice.sig 461 html_msg $? 0 "Verifying file delivered to user Alice" "." 462} 463 464############################## smime_main ############################## 465# local shell function to test basic signed and enveloped messages 466# from 1 --> 2" 467######################################################################## 468smime_main() 469{ 470 mime_init 471 smime_enveloped 472 473 HASH="1" 474 cms_sign 475 smime_signed_enveloped 476 smime_plain_signed 477 smime_enveloped_signed 478 HASH="256" 479 cms_sign 480 smime_signed_enveloped 481 smime_plain_signed 482 smime_enveloped_signed 483 HASH="384" 484 cms_sign 485 smime_signed_enveloped 486 smime_plain_signed 487 smime_enveloped_signed 488 HASH="512" 489 cms_sign 490 smime_signed_enveloped 491 smime_plain_signed 492 smime_enveloped_signed 493 494 echo "$SCRIPTNAME: Enveloped Data Tests ------------------------------" 495 echo "cmsutil -E -r bob@example.com -i alice.txt -d ${P_R_ALICEDIR} -p nss \\" 496 echo " -o alice.env" 497 ${PROFTOOL} ${BINDIR}/cmsutil -E -r bob@example.com -i alice.txt -d ${P_R_ALICEDIR} -p nss -o alice.env 498 html_msg $? 0 "Create Enveloped Data Alice" "." 499 500 echo "cmsutil -D -i alice.env -d ${P_R_BOBDIR} -p nss -o alice.data1" 501 ${PROFTOOL} ${BINDIR}/cmsutil -D -i alice.env -d ${P_R_BOBDIR} -p nss -o alice.data1 502 html_msg $? 0 "Decode Enveloped Data Alice" "." 503 504 echo "diff alice.txt alice.data1" 505 diff alice.txt alice.data1 506 html_msg $? 0 "Compare Decoded Enveloped Data and Original" "." 507 508 # multiple recip 509 echo "$SCRIPTNAME: Testing multiple recipients ------------------------------" 510 echo "cmsutil -E -i alice.txt -d ${P_R_ALICEDIR} -o alicecc.env \\" 511 echo " -r bob@example.com,dave@example.com" 512 ${PROFTOOL} ${BINDIR}/cmsutil -E -i alice.txt -d ${P_R_ALICEDIR} -o alicecc.env \ 513 -r bob@example.com,dave@example.com 514 ret=$? 515 html_msg $ret 0 "Create Multiple Recipients Enveloped Data Alice" "." 516 if [ $ret != 0 ] ; then 517 echo "certutil -L -d ${P_R_ALICEDIR}" 518 ${BINDIR}/certutil -L -d ${P_R_ALICEDIR} 519 echo "certutil -L -d ${P_R_ALICEDIR} -n dave@example.com" 520 ${BINDIR}/certutil -L -d ${P_R_ALICEDIR} -n dave@example.com 521 fi 522 523 echo "$SCRIPTNAME: Testing multiple email addrs ------------------------------" 524 echo "cmsutil -E -i alice.txt -d ${P_R_ALICEDIR} -o aliceve.env \\" 525 echo " -r eve@example.net" 526 ${PROFTOOL} ${BINDIR}/cmsutil -E -i alice.txt -d ${P_R_ALICEDIR} -o aliceve.env \ 527 -r eve@example.net 528 ret=$? 529 html_msg $ret 0 "Encrypt to a Multiple Email cert" "." 530 531 echo "cmsutil -D -i alicecc.env -d ${P_R_BOBDIR} -p nss -o alice.data2" 532 ${PROFTOOL} ${BINDIR}/cmsutil -D -i alicecc.env -d ${P_R_BOBDIR} -p nss -o alice.data2 533 html_msg $? 0 "Decode Multiple Recipients Enveloped Data Alice by Bob" "." 534 535 echo "cmsutil -D -i alicecc.env -d ${P_R_DAVEDIR} -p nss -o alice.data3" 536 ${PROFTOOL} ${BINDIR}/cmsutil -D -i alicecc.env -d ${P_R_DAVEDIR} -p nss -o alice.data3 537 html_msg $? 0 "Decode Multiple Recipients Enveloped Data Alice by Dave" "." 538 539 echo "cmsutil -D -i aliceve.env -d ${P_R_EVEDIR} -p nss -o alice.data4" 540 ${PROFTOOL} ${BINDIR}/cmsutil -D -i aliceve.env -d ${P_R_EVEDIR} -p nss -o alice.data4 541 html_msg $? 0 "Decrypt with a Multiple Email cert" "." 542 543 diff alice.txt alice.data2 544 html_msg $? 0 "Compare Decoded Mult. Recipients Enveloped Data Alice/Bob" "." 545 546 diff alice.txt alice.data3 547 html_msg $? 0 "Compare Decoded Mult. Recipients Enveloped Data Alice/Dave" "." 548 549 diff alice.txt alice.data4 550 html_msg $? 0 "Compare Decoded with Multiple Email cert" "." 551 552 echo "$SCRIPTNAME: Sending CERTS-ONLY Message ------------------------------" 553 echo "cmsutil -O -r \"Alice,bob@example.com,dave@example.com\" \\" 554 echo " -d ${P_R_ALICEDIR} > co.der" 555 ${PROFTOOL} ${BINDIR}/cmsutil -O -r "Alice,bob@example.com,dave@example.com" -d ${P_R_ALICEDIR} > co.der 556 html_msg $? 0 "Create Certs-Only Alice" "." 557 558 echo "cmsutil -D -i co.der -d ${P_R_BOBDIR}" 559 ${PROFTOOL} ${BINDIR}/cmsutil -D -i co.der -d ${P_R_BOBDIR} 560 html_msg $? 0 "Verify Certs-Only by CA" "." 561 562 echo "$SCRIPTNAME: Encrypted-Data Message ---------------------------------" 563 echo "cmsutil -C -i alice.txt -e alicehello.env -d ${P_R_ALICEDIR} \\" 564 echo " -r \"bob@example.com\" > alice.enc" 565 ${PROFTOOL} ${BINDIR}/cmsutil -C -i alice.txt -e alicehello.env -d ${P_R_ALICEDIR} \ 566 -r "bob@example.com" > alice.enc 567 html_msg $? 0 "Create Encrypted-Data" "." 568 569 echo "cmsutil -D -i alice.enc -d ${P_R_BOBDIR} -e alicehello.env -p nss \\" 570 echo " -o alice.data2" 571 ${PROFTOOL} ${BINDIR}/cmsutil -D -i alice.enc -d ${P_R_BOBDIR} -e alicehello.env -p nss -o alice.data2 572 html_msg $? 0 "Decode Encrypted-Data" "." 573 574 diff alice.txt alice.data2 575 html_msg $? 0 "Compare Decoded and Original Data" "." 576} 577 578smime_data_tb() 579{ 580 ${BINDIR}/pk12util -d ${P_R_ALICEDIR} -o tb/Alice.p12 -n Alice -K nss -W "" 581 ${BINDIR}/pk12util -d ${P_R_BOBDIR} -o tb/Bob.p12 -n Bob -K nss -W "" 582 ${BINDIR}/pk12util -d ${P_R_DAVEDIR} -o tb/Dave.p12 -n Dave -K nss -W "" 583 ${BINDIR}/pk12util -d ${P_R_EVEDIR} -o tb/Eve.p12 -n Eve -K nss -W "" 584 CAOUT=tb/TestCA.pem 585 cat ${P_R_CADIR}/TestCA.ca.cert | sed 's/\r$//' | ${BINDIR}/btoa -w c >> ${CAOUT} 586} 587 588############################## smime_cleanup ########################### 589# local shell function to finish this script (no exit since it might be 590# sourced) 591######################################################################## 592smime_cleanup() 593{ 594 html "</TABLE><BR>" 595 cd ${QADIR} 596 . common/cleanup.sh 597} 598 599################## main ################################################# 600 601smime_init 602smime_main 603smime_data_tb 604smime_p7 605smime_cleanup 606 607