#! /bin/csh -f
set QUIET=NO
set QUIET_ARG=
while ( $ switch ( "$argv[1]" )
case -q:
set QUIET=YES
set QUIET_ARG=-q
shift
breaksw
default:
Echo "Usage: secToolVerify [-q]"
exit(1)
endsw
end
set VFY_CMD="security verify-cert $QUIET_ARG"
set VFY_CMD_NQ="security verify-cert"
set ERRFILE=/tmp/secToolVerifyError
set cmd = "$VFY_CMD -c amazon_v3.100.cer -p ssl -s www.amazon.com"
if($QUIET == NO) then
echo $cmd
endif
$cmd || exit(1)
set cmd = "$VFY_CMD -c amazon_v3.100.cer"
if($QUIET == NO) then
echo $cmd
endif
$cmd || exit(1)
set cmd = "$VFY_CMD -c amazon_v3.100.cer -p basic"
if($QUIET == NO) then
echo $cmd
endif
$cmd || exit(1)
set cmd = "$VFY_CMD -c dmitchThawte2007.cer -p smime -e dmitch@apple.com"
if($QUIET == NO) then
echo $cmd
endif
$cmd || exit(1)
set cmd = "$VFY_CMD -c AppleQuickTime.pem -c AppleSWUPDATE.pem -p swUpdate"
if($QUIET == NO) then
echo $cmd
endif
$cmd || exit(1)
set cmd = "$VFY_CMD -c vpn-gateway.vpntrial.com.cer -r VPNTrialCA.cer -p IPSec"
if($QUIET == NO) then
echo $cmd
endif
$cmd || exit(1)
set cmd = "$VFY_CMD -r serverbasic.crt"
if($QUIET == NO) then
echo $cmd
endif
$cmd || exit(1)
set cmd = "$VFY_CMD -c applestore_v3.100.cer -c applestore_v3.101.cer -p ssl -s store.apple.com"
if($QUIET == NO) then
echo $cmd
endif
$cmd || exit(1)
set cmd = "$VFY_CMD_NQ -r iproj_v3.102.cer"
if($QUIET == NO) then
echo $cmd
endif
rm -f $ERRFILE
$cmd >& $ERRFILE
if($status == 0) then
echo "Expected error when evaluating expired iproj_v3.102.cer"
exit(1)
endif
grep CSSMERR_TP_CERT_EXPIRED $ERRFILE > /dev/null
if($status != 0) then
echo Expected CSSMERR_TP_CERT_EXPIRED, got `cat $ERRFILE`
exit(1)
endif
set cmd = "$VFY_CMD_NQ -c dmitchThawte2005.cer -p smime -e dmitch@apple.com"
if($QUIET == NO) then
echo $cmd
endif
rm -f $ERRFILE
$cmd >& $ERRFILE
if($status == 0) then
echo "Expected error when evaluating expired dmitchThawte2005.cer"
exit(1)
endif
grep CSSMERR_TP_CERT_EXPIRED $ERRFILE > /dev/null
if($status != 0) then
echo Expected CSSMERR_TP_CERT_EXPIRED, got `cat $ERRFILE`
exit(1)
endif
set cmd = "$VFY_CMD_NQ -c dmitchThawte2007.cer -p smime -e dmitch@apple.com -n"
if($QUIET == NO) then
echo $cmd
endif
rm -f $ERRFILE
$cmd >& $ERRFILE
if($status == 0) then
echo "Expected error when evaluating expired dmitchThawte2007.cer"
exit(1)
endif
grep CSSMERR_TP_NOT_TRUSTED $ERRFILE > /dev/null
if($status != 0) then
echo Expected CSSMERR_TP_NOT_TRUSTED, got `cat $ERRFILE`
exit(1)
endif
set cmd = "$VFY_CMD_NQ -c dmitchThawte2007.cer -p smime -e dmitch@apple.com -k confabulate"
if($QUIET == NO) then
echo $cmd
endif
rm -f $ERRFILE
$cmd >& $ERRFILE
if($status == 0) then
echo "Expected error when evaluating expired dmitchThawte2007.cer"
exit(1)
endif
grep CSSMERR_TP_NOT_TRUSTED $ERRFILE > /dev/null
if($status != 0) then
echo Expected CSSMERR_TP_NOT_TRUSTED, got `cat $ERRFILE`
exit(1)
endif
echo ...secToolVerify succeeded.