summaryrefslogtreecommitdiffstats
path: root/tests/pkits/validity-periods
diff options
context:
space:
mode:
Diffstat (limited to '')
-rwxr-xr-xtests/pkits/validity-periods218
1 files changed, 218 insertions, 0 deletions
diff --git a/tests/pkits/validity-periods b/tests/pkits/validity-periods
new file mode 100755
index 0000000..90f1764
--- /dev/null
+++ b/tests/pkits/validity-periods
@@ -0,0 +1,218 @@
+#!/bin/sh
+# validity-periods - PKITS Test 4.2 -*- sh -*-
+# Copyright (C) 2008 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, see <http://www.gnu.org/licenses/>.
+
+. ${srcdir:-.}/common.sh || exit 2
+
+section=4.2
+description="Validity Periods"
+info "Running $description tests"
+
+start_test 4.2.1 "Invalid CA notBefore Date Test1"
+# In this test, the intermediate certificate's notBefore date is after
+# the current date.
+clean_homedir
+need_cert TrustAnchorRootCertificate
+need_crl TrustAnchorRootCRL
+need_cert BadnotBeforeDateCACert
+need_crl BadnotBeforeDateCACRL
+need_cert InvalidCAnotBeforeDateTest1EE
+if $GPGSM --faked-system-time $MYTIME \
+ --with-colons --with-validation --list-key 0x459ADD33 >$SCRATCH; then
+ tmp=$($AWK -F: '$1 == "crt" {any=1; print $2};
+ END {if(!any) print "error"}' $SCRATCH)
+ [ "$tmp" = "i" ] || set_status fail
+else
+ set_status fail
+fi
+if [ "$test_status" = "none" ]; then
+ if sed '1,/^.$/d' smime/SignedInvalidCAnotBeforeDateTest1.eml \
+ | $GPGSM --faked-system-time $MYTIME \
+ --verify --assume-base64 --status-fd 1 --logger-fd 1 \
+ | tee $SCRATCH \
+ | grep TRUST_UNDEFINED >/dev/null; then
+ if grep 'intermediate certificate not yet valid' $SCRATCH >/dev/null \
+ && grep 'invalid certification chain: Certificate too young' \
+ $SCRATCH >/dev/null
+ then
+ set_status pass
+ fi
+ fi
+ set_status fail
+fi
+end_test
+
+
+start_test 4.2.2 "Invalid EE notBefore Date Test2"
+# In this test, the end entity certificate's notBefore date is after
+# the current date.
+
+# Procedure: Validate Invalid EE notBefore Date Test2 EE using the
+# default settings or open and verify Signed Test Message 6.2.2.5
+# using the default settings.
+
+# Expected Result: The path should not validate successfully as the
+# notBefore date in the end entity certificate is after the current
+# date.
+
+# Certification Path: The certification path is composed of the
+# following objects: Trust Anchor Root Certificate, Trust Anchor
+# Root CRL Good CA Cert, Good CA CRL Invalid EE notBefore Date
+# Test2 EE
+
+end_test
+
+
+
+start_test 4.2.3 "Valid pre2000 UTC notBefore Date Test3"
+# In this test, the end entity certificate's notBefore date is set to
+# 1950 and is encoded in UTCTime.
+#
+# Procedure: Validate Valid pre2000 UTC notBefore Date Test3 EE
+# using the default settings or open and
+# verify Signed Test Message 6.2.2.6 using
+# the default settings.
+#
+# Expected Result: The path should validate successfully as the
+# notBefore date in the end entity
+# certificate is before the current date.
+#
+# Certification Path: The certification path is composed of the
+# following objects: Trust Anchor Root Certificate,
+# Trust Anchor Root CRL Good CA Cert, Good CA CRL Valid
+# pre2000 UTC notBefore Date Test3 EE
+#
+end_test
+
+
+
+start_test 4.2.4 "Valid GeneralizedTime notBefore Date Test4"
+# In this test, the end entity certificate's notBefore date is
+# specified in GeneralizedTime.
+#
+# Procedure: Validate Valid GeneralizedTime notBefore Date Test4 EE
+# using the default settings or open and
+# verify Signed Test Message 6.2.2.7 using
+# the default settings.
+#
+# Expected Result: The path should validate successfully.
+#
+# Certification Path:
+# The certification path is composed of the following objects:
+# Trust Anchor Root Certificate, Trust Anchor Root CRL
+# Good CA Cert, Good CA CRL
+# Valid GeneralizedTime notBefore Date Test4 EE
+#
+end_test
+
+
+
+start_test 4.2.5 "Invalid CA notAfter Date Test5"
+# In this test, the intermediate certificate's notAfter date is before
+# the current date.
+
+# Procedure: Validate Invalid CA notAfter Date Test5 EE using the
+# default settings or open and verify
+# Signed Test Message 6.2.2.8 using the
+# default settings.
+#
+# Expected Result: The path should not validate successfully as the
+# notAfter date in the intermediate
+# certificate is before the current date.
+#
+# Certification Path: The certification path is composed of the
+# following objects:
+#
+# Trust Anchor Root Certificate, Trust Anchor Root CRL
+# Bad notAfter Date CA Cert, Bad notAfter Date CA CRL
+# Invalid CA notAfter Date Test5 EE
+#
+end_test
+
+
+start_test 4.2.6 "Invalid EE notAfter Date Test6"
+# In this test, the end entity certificate's notAfter date is before
+# the current date.
+
+# Procedure: Validate Invalid EE notAfter Date Test6 EE using the
+# default settings or open and verify
+# Signed Test Message 6.2.2.9 using the
+# default settings.
+#
+# Expected Result: The path should not validate successfully as the
+# notAfter date in the end certificate is
+# before the current date.
+#
+# Certification Path: The certification path is composed of the
+# following objects:
+# Trust Anchor Root Certificate, Trust Anchor Root CRL
+# Good CA Cert, Good CA CRL
+# Invalid EE notAfter Date Test6 EE
+
+end_test
+
+
+start_test 4.2.7 "Invalid pre2000 UTC EE notAfter Date Test7"
+# In this test, the end entity certificate's notAfter date is 1999 and
+# is encoded in UTCTime.
+
+# Procedure: Validate Invalid pre2000 UTC EE notAfter Date Test7 EE
+# using the default settings or open and
+# verify Signed Test Message 6.2.2.10 using
+# the default settings.
+#
+# Expected Result: The path should not validate successfully as the
+# notAfter date in the end certificate is
+# before the current date.
+#
+#
+# Certification Path: The certification path is composed of the
+# following objects:
+#
+# Trust Anchor Root Certificate, Trust Anchor Root CRL
+# Good CA Cert, Good CA CRL
+# Invalid pre2000 UTC EE notAfter Date Test7 EE
+
+end_test
+
+
+
+start_test 4.2.8 "Valid GeneralizedTime notAfter Date Test8"
+# In this test, the end entity certificate's notAfter date is 2050 and
+# is encoded in GeneralizedTime.
+
+# Procedure: Validate Valid GeneralizedTime notAfter Date Test8 EE
+# using the default settings or open and
+# verify Signed Test Message 6.2.2.11 using
+# the default settings.
+#
+# Expected Result: The path should validate successfully as the
+# notAfter date in the end certificate is
+# after the current date.
+#
+#
+# Trust Anchor Root Certificate, Trust Anchor Root CRL
+# Good CA Cert, Good CA CRL
+# Valid GeneralizedTime notAfter Date Test8 EE
+
+end_test
+
+
+
+
+final_result