blob: d4d57b243da53d1193f22688d1de94b111763226 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
check that ucert is producing expected results:
$ [ -n "$TEST_BIN_DIR" ] && export PATH="$TEST_BIN_DIR:$PATH"
$ export TEST_INPUTS="$TESTDIR/inputs"
$ alias ucert='valgrind --quiet --leak-check=full ucert'
$ ucert
Usage: ucert <command> <options>
Commands:
-A:\t\t\tappend signature (needs -c and -x) (esc)
-D:\t\t\tdump (needs -c) (esc)
-I:\t\t\tissue cert and revoker (needs -c and -p and -s) (esc)
-R:\t\t\tprocess revoker certificate (needs -c and -P) (esc)
-V:\t\t\tverify (needs -c and -p|-P, may have -m) (esc)
Options:
-c <file>:\t\tcertificate file (esc)
-m <file>:\t\tmessage file (verify only) (esc)
-p <file>:\t\tpublic key file (esc)
-P <path>:\t\tpublic key directory (verify only) (esc)
-q:\t\t\tquiet (do not print verification result, use return code only) (esc)
-s <file>:\t\tsecret key file (issue only) (esc)
-x <file>:\t\tsignature file (append only) (esc)
[1]
$ ucert -D -c $TEST_INPUTS/key-build.ucert
=== CHAIN ELEMENT 01 ===
signature:
---
untrusted comment: signed by key 84bfc88a17166577
RWSEv8iKFxZld+bQ+NTqCdDlHOuVYNw5Qw7Q8shjfMgFJcTqrzaqO0bysjIQhTadmcwvWiWvHlyMcwAXSix2BYdfghz/zhDjvgU=
---
payload:
---
"ucert": {
\t"certtype": 1, (esc)
\t"validfrom": 1546188410, (esc)
\t"expiresat": 1577724410, (esc)
\t"pubkey": "untrusted comment: Local build key\\nRWSEv8iKFxZld6vicE1icWhYNfEV9PM7C9MKUKl+YNEKB+PdAWGDF5Z9\\n" (esc)
}
---
$ ucert-san -D -c $TEST_INPUTS/key-build.ucert
=== CHAIN ELEMENT 01 ===
signature:
---
untrusted comment: signed by key 84bfc88a17166577
RWSEv8iKFxZld+bQ+NTqCdDlHOuVYNw5Qw7Q8shjfMgFJcTqrzaqO0bysjIQhTadmcwvWiWvHlyMcwAXSix2BYdfghz/zhDjvgU=
---
payload:
---
"ucert": {
\t"certtype": 1, (esc)
\t"validfrom": 1546188410, (esc)
\t"expiresat": 1577724410, (esc)
\t"pubkey": "untrusted comment: Local build key\\nRWSEv8iKFxZld6vicE1icWhYNfEV9PM7C9MKUKl+YNEKB+PdAWGDF5Z9\\n" (esc)
}
---
$ ucert -D -c $TEST_INPUTS/invalid.ucert
cert_dump: cannot parse cert
[1]
$ ucert-san -D -c $TEST_INPUTS/invalid.ucert
cert_dump: cannot parse cert
[1]
|
