# We can't really check the values here as the certs change periodically
# but we can test the digest length, and for smoke...
#
-&Tmp-Octets-0 := %cipher_rsa.certificate('fingerprint','sha1')
+octets test_octets
+&test_octets := %cipher_rsa.certificate('fingerprint','sha1')
-if (%length(%{Tmp-Octets-0}) != 20) {
+if (%length(%{test_octets}) != 20) {
test_fail
-} else {
- test_pass
}
-&Tmp-Octets-0 := %cipher_rsa.certificate('fingerprint','sha256')
+&test_octets := %cipher_rsa.certificate('fingerprint','sha256')
-if (%length(%{Tmp-Octets-0}) != 32) {
+if (%length(%{test_octets}) != 32) {
test_fail
} else {
test_pass
-&Tmp-String-0 := "Hello world!"
-&Tmp-Octets-0 := %cipher_rsa.encrypt(%{Tmp-String-0})
+string test_string1
+string test_string2
+octets test_octets1
+octets test_octets2
-if (!&Tmp-Octets-0) {
+&test_string1 := "Hello world!"
+&test_octets1 := %cipher_rsa.encrypt(%{test_string1})
+
+if (!&test_octets1) {
test_fail
}
-else {
- test_pass
-}
-if ((octets)&Tmp-String-0[0] == &Tmp-Octets-0[0]) {
+if ((octets)&test_string1 == &test_octets1) {
test_fail
}
-else {
- test_pass
-}
-&Tmp-String-1 := %cipher_rsa.decrypt(%{Tmp-Octets-0})
+&test_string2 := %cipher_rsa.decrypt(%{test_octets1})
-if (&Tmp-String-0 != &Tmp-String-1) {
+if (&test_string1 != &test_string2) {
test_fail
}
-else {
- test_pass
-}
#
# Padding scheme should ensure ciphertext is not consistent
#
-&Tmp-Octets-1 := %cipher_rsa.encrypt(%{Tmp-String-0})
+&test_octets2 := %cipher_rsa.encrypt(%{test_string1})
-if (&Tmp-Octets-0 == &Tmp-Octets-1) {
+if (&test_octets1 == &test_octets2) {
test_fail
}
-else {
- test_pass
-}
#
# Repeat tests to ensure there are no issues with EVP_PKEY_CTX reuse
#
-&Tmp-String-0 := "Goodbye world!"
-&Tmp-Octets-0 := %cipher_rsa.encrypt(%{Tmp-String-0})
+&test_string1 := "Goodbye world!"
+&test_octets1 := %cipher_rsa.encrypt(%{test_string1})
-if (!&Tmp-Octets-0) {
+if (!&test_octets1) {
test_fail
}
-else {
- test_pass
-}
-if ((octets)&Tmp-String-0[0] == &Tmp-Octets-0[0]) {
+if ((octets)&test_string1 == &test_octets1) {
test_fail
}
-else {
- test_pass
-}
-&Tmp-String-1 := %cipher_rsa.decrypt(%{Tmp-Octets-0})
+&test_string2 := %cipher_rsa.decrypt(%{test_octets1})
-if (&Tmp-String-0 != &Tmp-String-1) {
+if (&test_string1 != &test_string2) {
test_fail
}
else {
-&Tmp-String-0 := "Hello world!"
-&Tmp-Octets-0 := %cipher_rsa.sign(%{Tmp-String-0})
+string test_string
+octets test_octets
-if (!&Tmp-Octets-0) {
+&test_string := "Hello world!"
+&test_octets := %cipher_rsa.sign(%{test_string})
+
+if (!&test_octets) {
test_fail
}
-if ((octets)&Tmp-String-0[0] == &Tmp-Octets-0[0]) {
+if ((octets)&test_string[0] == &test_octets[0]) {
test_fail
}
#
# Pass the signature and the original message to the verification function
#
-&Tmp-String-0 := %cipher_rsa.verify(%{Tmp-Octets-0}, %{Tmp-String-0})
+&test_string := %cipher_rsa.verify(%{test_octets}, %{test_string})
-if (&Tmp-String-0 != 'yes') {
+if (&test_string != 'yes') {
test_fail
}
#
# Verification should now fail
#
-&Tmp-String-0 := "Goodbye world!"
-&Tmp-String-0 := %cipher_rsa.verify(%{Tmp-Octets-0}, %{Tmp-String-0})
+&test_string := "Goodbye world!"
+&test_string := %cipher_rsa.verify(%{test_octets}, %{test_string})
-if (&Tmp-String-0 != 'no') {
+if (&test_string != 'no') {
test_fail
}
#
# Repeat tests to ensure there are no issues with EVP_PKEY_CTX reuse
#
-&Tmp-String-0 := "Hello nurse!"
-&Tmp-Octets-0 := %cipher_rsa.sign(%{Tmp-String-0})
+&test_string := "Hello nurse!"
+&test_octets := %cipher_rsa.sign(%{test_string})
-if (!&Tmp-Octets-0) {
+if (!&test_octets) {
test_fail
}
-if ((octets)&Tmp-String-0[0] == &Tmp-Octets-0[0]) {
+if ((octets)&test_string[0] == &test_octets[0]) {
test_fail
}
#
# Pass the signature and the original message to the verification function
#
-&Tmp-String-0 := %cipher_rsa.verify(%{Tmp-Octets-0}, %{Tmp-String-0})
+&test_string := %cipher_rsa.verify(%{test_octets}, %{test_string})
-if (&Tmp-String-0 != 'yes') {
+if (&test_string != 'yes') {
test_fail
}
#
# Verification should now fail
#
-&Tmp-String-0 := "Goodbye nurse!"
-&Tmp-String-0 := %cipher_rsa.verify(%{Tmp-Octets-0}, %{Tmp-String-0})
+&test_string := "Goodbye nurse!"
+&test_string := %cipher_rsa.verify(%{test_octets}, %{test_string})
-if (&Tmp-String-0 != 'no') {
+if (&test_string != 'no') {
test_fail
}
-&Tmp-Octets-0 := %cipher_rsa.certificate('serial')
+octets test_octets
-if (%length(%{Tmp-Octets-0}) != 1) {
+&test_octets := %cipher_rsa.certificate('serial')
+
+if (%length(%{test_octets}) != 1) {
test_fail
} else {
test_pass
-&Tmp-Date-0 := "%cipher_rsa.certificate(notBefore)"
-&Tmp-Date-1 := "%cipher_rsa.certificate(notAfter)"
+date test_date1
+date test_date2
+
+&test_date1 := "%cipher_rsa.certificate(notBefore)"
+&test_date2 := "%cipher_rsa.certificate(notAfter)"
# Check the cert validity period is 30 days
-if !((&Tmp-Date-1 - &Tmp-Date-0) == ((time_delta) (86400 * 60))) {
+if !((&test_date2 - &test_date1) == ((time_delta) (86400 * 60))) {
test_fail
} else {
test_pass
projects / thirdparty / freeradius-server.git / commitdiff
