]> git.saurik.com Git - apple/security.git/blob - SecurityTests/clxutils/anchorTest/anchorSourceTest
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-57031.1.35.tar.gz
[apple/security.git] / SecurityTests / clxutils / anchorTest / anchorSourceTest
1 #! /bin/csh -f
2 #
3 # verify "root-ness" of all of the certs in specified directory.
4 #
5 if ( $#argv < 1 ) then
6 echo Usage: anchorSourceTest directory
7 echo A good directory would be ../../../security_certificates/roots/
8 exit(1)
9 endif
10 #
11 set BUILD_DIR=$LOCAL_BUILD_DIR
12 set CERTS_DIR=$argv[1]
13
14 set QUIET=0
15 shift
16 while ( $#argv > 0 )
17 switch ( "$argv[1]" )
18 case q:
19 set QUIET = 1
20 shift
21 breaksw
22 default:
23 echo Usage: anchorSourceTest directory
24 exit(1)
25 endsw
26 end
27
28 #
29 # binaries we need
30 #
31 set CERTCRL=$BUILD_DIR/certcrl
32 set CERTS_FROM_DB=$BUILD_DIR/certsFromDb
33 foreach targ ($CERTCRL $CERTS_FROM_DB)
34 if(! -e $targ) then
35 echo === $targ is missing. Try building clxutil.
36 exit(1)
37 endif
38 end
39
40 echo starting anchorSourceTest
41 #
42 # certcrl args:
43 #
44 # -c cert to eval
45 # -C use this as an anchor
46 # -a allow certs unverified by CRLs
47 # -f leaf cert is a CA
48 # -L silent
49 #
50 set TEST_FAILED=0
51
52 cd $CERTS_DIR
53 foreach certFile (*)
54 if ( ( -f "$certFile" ) && ( "$certFile" != X509Anchors) ) then
55 if($QUIET == 0) then
56 echo testing $certFile....
57 endif
58 # $CERTCRL -c "$certFile" -C "$certFile" -a -f -L -T 20071217154316
59 $CERTCRL -c "$certFile" -C "$certFile" -a -f -L
60 if($status != 0) then
61 echo "++++++++ Verification error on $certFile"
62 $CERTCRL -c "$certFile" -C "$certFile" -a -f -v
63 set TEST_FAILED=1
64 endif
65 endif
66 end
67
68 if($TEST_FAILED == 1) then
69 echo "anchorSourceTest FAILED"
70 exit(1)
71 endif
72
73 if($QUIET == 0) then
74 echo "...anchorSourceTest complete"
75 endif
mirror of Security