diff options
| author | Rob Austein <sra@hactrn.net> | 2008-03-24 19:54:05 +0000 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2008-03-24 19:54:05 +0000 |
| commit | 295269dd4e66d592ca112a96e28ab7d87a6af0c1 (patch) | |
| tree | 019df15092c4830097a9c035c0c7a846e5627c5b /rpkid/test-pow-cms.py | |
| parent | 738be12e5fdf4a89e25f7e4d65b8dd07cf693e05 (diff) | |
Support verification of CMS without bundled EE cert.
svn path=/pow/POW-0.7/POW.c; revision=1562
Diffstat (limited to 'rpkid/test-pow-cms.py')
| -rw-r--r-- | rpkid/test-pow-cms.py | 62 |
1 files changed, 62 insertions, 0 deletions
diff --git a/rpkid/test-pow-cms.py b/rpkid/test-pow-cms.py new file mode 100644 index 00000000..fc2ef7a3 --- /dev/null +++ b/rpkid/test-pow-cms.py @@ -0,0 +1,62 @@ +# $Id$ + +# Copyright (C) 2008 American Registry for Internet Numbers ("ARIN") +# +# Permission to use, copy, modify, and distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +import POW, rpki.x509, os + +key = rpki.x509.RSA(Auto_file = "biz-certs/Alice-EE.key").get_POW() +ee = rpki.x509.X509(Auto_file = "biz-certs/Alice-EE.cer").get_POW() + +ca = rpki.x509.X509(Auto_file = "biz-certs/Alice-CA.cer").get_POW() +ta = rpki.x509.X509(Auto_file = "biz-certs/Alice-Root.cer").get_POW() + +plaintext = "Wombats Are Us" + +p7 = POW.PKCS7() + +#p7.sign(ee, key, [ca], plaintext) +#p7.sign(ee, key, [], plaintext) +#p7.sign(ee, key, [], plaintext, False) +p7.sign(ee, key, [], plaintext, True) + +#print p7.pemWrite() + +if False: + f = open("test-pow-cms.der", "w") + f.write(p7.derWrite()) + f.close() + if False: + f = os.popen("dumpasn1 2>&1 -a test-pow-cms.der") + print "\n".join(x for x in f.read().splitlines() if x.startswith(" ")) + f.close() + +store = POW.X509Store() +store.addTrust(ta) + +if store.verify(ca): + print "Verified CA" + store.addTrust(ca) +else: + print "Couldn't verify CA" + +if store.verify(ee): + print "Verified EE" + store.addTrust(ee) +else: + print "Couldn't verify EE" + +result = p7.verify(store, [ee]) +print result + |