3 # Run cmstest, handsoff, any user, any environment, ECDSA version.
4 # This uses a keychain we have right here for this purpose. It's insecure - we
5 # know its passphrase and use it here in the clear to unlock - and its private
6 # keys have wide-open ACLs to avoid UI. We use the root used to generate the
7 # certs in that keychain in the -A option to newCmsTool.
9 # To get identities with no ACLs, create them in the usual way (I do it with
10 # the Cert app), export them in p12 form, delete from the keychain, and import
13 # % kcImport user3.p12 -z password -f pkcs12 -n -k ecdsaCmsKeychain.keychain
15 # We copy the test's keychain to ${BUILD_DIR}/ecdsaCmsKeychain.keychain just to keep the UI spew to
20 # safely look for this required env var
22 setenv
| /usr
/bin
/grep LOCAL_BUILD_DIR
> /dev
/null
24 echo Please
set env var LOCAL_BUILD_DIR.
27 set BUILD_DIR
=$LOCAL_BUILD_DIR
30 set CMS_KEYCHAIN_SRC
=ecdsaCmsKeychain.keychain
31 set CMS_KEYCHAIN_DST
=${BUILD_DIR}/ecdsaCmsKeychain.keychain
32 set CMS_KEYCHAIN_PASSWORD
=password
33 set CMS_KEYCHAIN_ROOT
=cmsEcdsaRoot.cer
34 set USER1
=user3@debug.apple.com
35 set USER2
=user4@debug.apple.com
47 echo "Usage: cmstestHandsoff [-q(uiet)]"
52 echo Starting cmsEcdsaHandsoff
54 set cmd
="cp $CMS_KEYCHAIN_SRC $CMS_KEYCHAIN_DST"
55 if($OUR_QUIET == NO
) then
58 # ignore errors here...we'll soon fail if this does
61 set cmd
="/usr/bin/security unlock -p $CMS_KEYCHAIN_PASSWORD $CMS_KEYCHAIN_DST"
62 if($OUR_QUIET == NO
) then
67 set cmd
="./cmstest -s $USER1 -S $USER2 -k $CMS_KEYCHAIN_DST -a $CMS_KEYCHAIN_ROOT $QUIET"
68 if($OUR_QUIET == NO
) then
74 set cmd
="rm $CMS_KEYCHAIN_DST"
75 if($OUR_QUIET == NO
) then
80 if($OUR_QUIET == NO
) then
81 echo === cmsEcdsaHandsoff Succeeded
===
projects / apple / security.git / blob