1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
#!/usr/bin/python
import sys, os, botan
from os.path import join;
def validate(ca_certs, certs, crls, ee_certs):
store = botan.X509_Store()
for cert in certs:
if cert not in ee_certs:
store.add_cert(botan.X509_Certificate(cert), cert in ca_certs)
for crl in crls:
r = store.add_crl(botan.X509_CRL(crl))
if r != botan.verify_result.verified:
return r
for ee in ee_certs:
r = store.validate(botan.X509_Certificate(ee))
if r != botan.verify_result.verified:
return r
return botan.verify_result.verified
def run_test(files, rootdir, testname, expected):
crls = [join(rootdir,x) for x in files if x.endswith(".crl")]
certs = [join(rootdir,x) for x in files if x.endswith(".crt")]
end_entity = [x for x in certs if x.find("end.crt") != -1]
ca_certs = [x for x in certs if x.find("root.crt") != -1]
print "%s..." % testname,
result = validate(ca_certs, certs, crls, end_entity)
result = repr(result).replace('botan._botan.verify_result.', '')
if result != expected:
print "FAILED: got %s, expected %s" % (result, expected)
else:
print "passed"
def main():
def load_results(file):
results = {}
for line in open(file, 'r'):
line = line[0:line.find('#')].strip()
if line:
test,result = line.split(' ')
results[test] = result
return results
results = load_results('results.vec')
for root, dirs, files in os.walk('../../checks/nist_tests/tests'):
if files:
thistest = root[root.rfind('/')+1:]
if thistest in results:
run_test(files, root, thistest, results[thistest])
else:
print "%s... skipping - no expected result set" % thistest
if __name__ == "__main__":
sys.exit(main())
|