Author: mcalmer Date: Fri Oct 12 17:53:17 2007 New Revision: 2350 URL: http://svn.opensuse.org/viewcvs/limal?rev=2350&view=rev Log: - improve error reporting from openssl commands - add Exception tests Modified: limal-head/limal-ca-mgm/package/limal-ca-mgm.changes limal-head/limal-ca-mgm/src/OpenSSLUtils.cpp limal-head/limal-ca-mgm/src/Utils.cpp limal-head/limal-ca-mgm/src/Utils.hpp limal-head/limal-ca-mgm/testsuite/ConvertTest.cc limal-head/limal-ca-mgm/testsuite/perl-CertificateExceptionTest.single limal-head/limal-ca-mgm/testsuite/single.out/ConvertTest.err limal-head/limal-ca-mgm/testsuite/single.out/ConvertTest.out limal-head/limal-ca-mgm/testsuite/single.out/perl-CertificateExceptionTest.out Modified: limal-head/limal-ca-mgm/package/limal-ca-mgm.changes URL: http://svn.opensuse.org/viewcvs/limal/limal-head/limal-ca-mgm/package/limal-ca-mgm.changes?rev=2350&r1=2349&r2=2350&view=diff ============================================================================== --- limal-head/limal-ca-mgm/package/limal-ca-mgm.changes (original) +++ limal-head/limal-ca-mgm/package/limal-ca-mgm.changes Fri Oct 12 17:53:17 2007 @@ -1,4 +1,10 @@ ------------------------------------------------------------------- +Fri Oct 12 17:52:14 CEST 2007 - mc@suse.de + +- improve error reporting from openssl commands +- add Exception tests + +------------------------------------------------------------------- Fri Sep 28 16:18:14 CEST 2007 - mc@suse.de - version 1.4.0 Modified: limal-head/limal-ca-mgm/src/OpenSSLUtils.cpp URL: http://svn.opensuse.org/viewcvs/limal/limal-head/limal-ca-mgm/src/OpenSSLUtils.cpp?rev=2350&r1=2349&r2=2350&view=diff ============================================================================== --- limal-head/limal-ca-mgm/src/OpenSSLUtils.cpp (original) +++ limal-head/limal-ca-mgm/src/OpenSSLUtils.cpp Fri Oct 12 17:53:17 2007 @@ -85,78 +85,83 @@ } } - void - OpenSSLUtils::createRSAKey(const String &outFile, - const String &password, - UInt32 bits, - const String &cryptAlgorithm) - { - blocxx::String debugCmd; +void +OpenSSLUtils::createRSAKey(const String &outFile, + const String &password, + UInt32 bits, + const String &cryptAlgorithm) +{ + blocxx::String debugCmd; - debugCmd += m_cmd + " "; - debugCmd += "genrsa "; - debugCmd += "-out "; - debugCmd += outFile + " "; + debugCmd += m_cmd + " "; + debugCmd += "genrsa "; + debugCmd += "-out "; + debugCmd += outFile + " "; - if(!cryptAlgorithm.empty()) - { - debugCmd += "-passout env:pass "; - debugCmd += "-" + cryptAlgorithm + " "; - } + if(!cryptAlgorithm.empty()) + { + debugCmd += "-passout env:pass "; + debugCmd += "-" + cryptAlgorithm + " "; + } - debugCmd += String(bits); + debugCmd += String(bits); - StringArray cmd = PerlRegEx("\\s").split(debugCmd); + StringArray cmd = PerlRegEx("\\s").split(debugCmd); - LOGIT_DEBUG("Command: " << debugCmd); + LOGIT_DEBUG("Command: " << debugCmd); - blocxx::EnvVars env; - env.addVar("PATH", "/usr/bin/"); - env.addVar("RANDFILE", m_rand); + blocxx::EnvVars env; + env.addVar("PATH", "/usr/bin/"); + env.addVar("RANDFILE", m_rand); - env.addVar("pass", password); + env.addVar("pass", password); - blocxx::String stdOutput; - blocxx::String errOutput; - int status = -1; + blocxx::String stdOutput; + blocxx::String errOutput; + int status = -1; - try - { - status = wrapExecuteProcessAndGatherOutput(cmd, stdOutput, - errOutput, env); - } - catch(blocxx::Exception& e) - { - LOGIT_ERROR( "openssl exception:" << e); - } - if(status != 0) - { - LOGIT_ERROR("openssl status:" << blocxx::String(status)); - LOGIT_ERROR("openssl stderr:" << errOutput); - LOGIT_DEBUG("openssl stdout:" << stdOutput); - BLOCXX_THROW(limal::RuntimeException, - Format(__("Command returned '%1' : %2"), - status, errOutput).c_str()); - } + try + { + status = wrapExecuteProcessAndGatherOutput(cmd, stdOutput, + errOutput, env); + } + catch(blocxx::Exception& e) + { + LOGIT_ERROR( "openssl exception:" << e); + BLOCXX_THROW_SUBEX(limal::RuntimeException, + __("Executing openssl command failed."), e); + } + if(status != 0) + { + LOGIT_ERROR("openssl status:" << blocxx::String(status)); + LOGIT_ERROR("openssl stderr:" << errOutput); + LOGIT_DEBUG("openssl stdout:" << stdOutput); - if(!errOutput.empty()) - { - LOGIT_DEBUG("openssl stderr:" << errOutput); - } - if(!stdOutput.empty()) - { - LOGIT_DEBUG("openssl stdout:" << stdOutput); - } + StringArray sa = errOutput.tokenize("\n\r"); + String msg = (sa.empty()? "" : sa[0]); + BLOCXX_THROW(limal::RuntimeException, + Format(__("openssl command failed: %1"), msg).c_str()); } -void OpenSSLUtils::createRequest(const DNObject &dn, - const String &outFile, - const String &keyFile, - const String &password, - const String &extension, - FormatType outForm, - const String &challengePassword, - const String &unstructuredName) + if(!errOutput.empty()) + { + LOGIT_DEBUG("openssl stderr:" << errOutput); + } + if(!stdOutput.empty()) + { + LOGIT_DEBUG("openssl stdout:" << stdOutput); + } +} + +void +OpenSSLUtils::createRequest(const DNObject &dn, + const String &outFile, + const String &keyFile, + const String &password, + const String &extension, + FormatType outForm, + const String &challengePassword, + const String &unstructuredName) { blocxx::String debugCmd; @@ -168,7 +173,7 @@ { LOGIT_ERROR("No valid keyfile specified"); BLOCXX_THROW(limal::ValueException, - __("No valid key file specified.")); + __("No valid key file specified.")); } debugCmd += "-config "; @@ -225,20 +230,25 @@ try { status = wrapExecuteProcessAndGatherOutput(cmd, stdOutput, - errOutput, env, - -1, -1, stdInput); + errOutput, env, + -1, -1, stdInput); } catch(blocxx::Exception& e) { LOGIT_ERROR( "openssl exception:" << e); + BLOCXX_THROW_SUBEX(limal::RuntimeException, + __("Executing openssl command failed."), e); } if(status != 0) { LOGIT_ERROR("openssl status:" << blocxx::String(status)); LOGIT_ERROR("openssl stderr:" << errOutput); LOGIT_DEBUG("openssl stdout:" << stdOutput); + + StringArray sa = errOutput.tokenize("\n\r"); + String msg = (sa.empty()? "" : sa[0]); BLOCXX_THROW(limal::RuntimeException, - Format(__("Command returned '%1' : %2"), status, errOutput).c_str()); + Format(__("openssl command failed: %1"), msg).c_str()); } if(!errOutput.empty()) @@ -253,19 +263,19 @@ void OpenSSLUtils::createSelfSignedCertificate(const String &outFile, - const String &keyFile, - const String &requestFile, - const String &password, - const String &extension, - UInt32 days, - bool noEmailDN) + const String &keyFile, + const String &requestFile, + const String &password, + const String &extension, + UInt32 days, + bool noEmailDN) { path::PathInfo pi(keyFile); if(!pi.exists() || !pi.isFile()) { LOGIT_ERROR("No valid keyfile specified"); BLOCXX_THROW(limal::ValueException, - __("No valid key file specified.")); + __("No valid key file specified.")); } pi.stat(requestFile); @@ -273,7 +283,7 @@ { LOGIT_ERROR("No valid request file specified"); BLOCXX_THROW(limal::ValueException, - __("No valid request file specified.")); + __("No valid request file specified.")); } blocxx::String debugCmd; @@ -319,19 +329,24 @@ try { status = wrapExecuteProcessAndGatherOutput(cmd, stdOutput, - errOutput, env); + errOutput, env); } catch(blocxx::Exception& e) { LOGIT_ERROR( "openssl exception:" << e); + BLOCXX_THROW_SUBEX(limal::RuntimeException, + __("Executing openssl command failed."), e); } if(status != 0) { LOGIT_ERROR("openssl status:" << blocxx::String(status)); LOGIT_ERROR("openssl stderr:" << errOutput); LOGIT_DEBUG("openssl stdout:" << stdOutput); + + StringArray sa = errOutput.tokenize("\n\r"); + String msg = (sa.empty()? "" : sa[0]); BLOCXX_THROW(limal::RuntimeException, - Format(__("Command returned '%1' : %2"), status, errOutput).c_str()); + Format(__("openssl command failed: %1"), msg).c_str()); } if(!errOutput.empty()) @@ -346,24 +361,24 @@ void OpenSSLUtils::signRequest(const String &requestFile, - const String &outFile, - const String &caKeyFile, - const String &caPassword, - const String &extension, - const String &startDate, - const String &endDate, - const String &caSection, - const String &outDir, - bool noEmailDN, - bool noUniqueDN, - bool noText) + const String &outFile, + const String &caKeyFile, + const String &caPassword, + const String &extension, + const String &startDate, + const String &endDate, + const String &caSection, + const String &outDir, + bool noEmailDN, + bool noUniqueDN, + bool noText) { path::PathInfo pi(caKeyFile); if(!pi.exists() || !pi.isFile()) { LOGIT_ERROR("No valid keyfile specified"); BLOCXX_THROW(limal::ValueException, - __("No valid key file specified.")); + __("No valid key file specified.")); } pi.stat(requestFile); @@ -371,7 +386,7 @@ { LOGIT_ERROR("No valid request file specified"); BLOCXX_THROW(limal::ValueException, - __("No valid request file specified.")); + __("No valid request file specified.")); } blocxx::String debugCmd; @@ -438,19 +453,24 @@ try { status = wrapExecuteProcessAndGatherOutput(cmd, stdOutput, - errOutput, env); + errOutput, env); } catch(blocxx::Exception& e) { LOGIT_ERROR( "openssl exception:" << e); + BLOCXX_THROW_SUBEX(limal::RuntimeException, + __("Executing openssl command failed."), e); } if(status != 0) { LOGIT_ERROR("openssl status:" << blocxx::String(status)); LOGIT_ERROR("openssl stderr:" << errOutput); LOGIT_DEBUG("openssl stdout:" << stdOutput); + + StringArray sa = errOutput.tokenize("\n\r"); + String msg = (sa.empty()? "" : sa[0]); BLOCXX_THROW(limal::RuntimeException, - Format(__("Command returned '%1' : %2"), status, errOutput).c_str()); + Format(__("openssl command failed: %1"), msg).c_str()); } if(!errOutput.empty()) @@ -465,18 +485,18 @@ void OpenSSLUtils::revokeCertificate(const blocxx::String &caCertFile, - const blocxx::String &caKeyFile, - const blocxx::String &caPassword, - const blocxx::String &certFile, - const CRLReason &reason, - bool noUniqueDN) + const blocxx::String &caKeyFile, + const blocxx::String &caPassword, + const blocxx::String &certFile, + const CRLReason &reason, + bool noUniqueDN) { path::PathInfo pi(caKeyFile); if(!pi.exists() || !pi.isFile()) { LOGIT_ERROR("No valid keyfile specified"); BLOCXX_THROW(limal::ValueException, - __("No valid key file specified.")); + __("No valid key file specified.")); } pi.stat(caCertFile); @@ -484,7 +504,7 @@ { LOGIT_ERROR("No valid CA certificate file specified"); BLOCXX_THROW(limal::ValueException, - __("No valid CA certificate file specified.")); + __("No valid CA certificate file specified.")); } pi.stat(certFile); @@ -492,7 +512,7 @@ { LOGIT_ERROR("No valid certificate file specified"); BLOCXX_THROW(limal::ValueException, - __("No valid certificate file specified.")); + __("No valid certificate file specified.")); } blocxx::String debugCmd; @@ -571,19 +591,24 @@ try { status = wrapExecuteProcessAndGatherOutput(cmd, stdOutput, - errOutput, env); + errOutput, env); } catch(blocxx::Exception& e) { LOGIT_ERROR( "openssl exception:" << e); + BLOCXX_THROW_SUBEX(limal::RuntimeException, + __("Executing openssl command failed."), e); } if(status != 0) { LOGIT_ERROR("openssl status:" << blocxx::String(status)); LOGIT_ERROR("openssl stderr:" << errOutput); LOGIT_DEBUG("openssl stdout:" << stdOutput); + + StringArray sa = errOutput.tokenize("\n\r"); + String msg = (sa.empty()? "" : sa[0]); BLOCXX_THROW(limal::RuntimeException, - Format(__("Command returned '%1' : %2"), status, errOutput).c_str()); + Format(__("openssl command failed: %1"), msg).c_str()); } if(!errOutput.empty()) @@ -598,19 +623,19 @@ void OpenSSLUtils::issueCRL(const blocxx::String &caCertFile, - const blocxx::String &caKeyFile, - const blocxx::String &caPassword, - blocxx::UInt32 hours, - const blocxx::String &outfile, - const blocxx::String &extension, - bool noUniqueDN) + const blocxx::String &caKeyFile, + const blocxx::String &caPassword, + blocxx::UInt32 hours, + const blocxx::String &outfile, + const blocxx::String &extension, + bool noUniqueDN) { path::PathInfo pi(caKeyFile); if(!pi.exists() || !pi.isFile()) { LOGIT_ERROR("No valid keyfile specified"); BLOCXX_THROW(limal::ValueException, - __("No valid key file specified.")); + __("No valid key file specified.")); } pi.stat(caCertFile); @@ -618,7 +643,7 @@ { LOGIT_ERROR("No valid CA certificate file specified"); BLOCXX_THROW(limal::ValueException, - __("No valid CA certificate file specified.")); + __("No valid CA certificate file specified.")); } blocxx::String debugCmd; @@ -666,19 +691,24 @@ try { status = wrapExecuteProcessAndGatherOutput(cmd, stdOutput, - errOutput, env); + errOutput, env); } catch(blocxx::Exception& e) { LOGIT_ERROR( "openssl exception:" << e); + BLOCXX_THROW_SUBEX(limal::RuntimeException, + __("Executing openssl command failed."), e); } if(status != 0) { LOGIT_ERROR("openssl status:" << blocxx::String(status)); LOGIT_ERROR("openssl stderr:" << errOutput); LOGIT_DEBUG("openssl stdout:" << stdOutput); + + StringArray sa = errOutput.tokenize("\n\r"); + String msg = (sa.empty()? "" : sa[0]); BLOCXX_THROW(limal::RuntimeException, - Format(__("Command returned '%1' : %2"), status, errOutput).c_str()); + Format(__("openssl command failed: %1"), msg).c_str()); } if(!errOutput.empty()) @@ -693,15 +723,15 @@ void OpenSSLUtils::updateDB(const blocxx::String &caCertFile, - const blocxx::String &caKeyFile, - const blocxx::String &caPassword) + const blocxx::String &caKeyFile, + const blocxx::String &caPassword) { path::PathInfo pi(caKeyFile); if(!pi.exists() || !pi.isFile()) { LOGIT_ERROR("No valid keyfile specified"); BLOCXX_THROW(limal::ValueException, - __("No valid key file specified.")); + __("No valid key file specified.")); } pi.stat(caCertFile); @@ -709,7 +739,7 @@ { LOGIT_ERROR("No valid CA certificate file specified"); BLOCXX_THROW(limal::ValueException, - __("No valid CA certificate file specified.")); + __("No valid CA certificate file specified.")); } blocxx::String debugCmd; @@ -743,11 +773,13 @@ try { status = wrapExecuteProcessAndGatherOutput(cmd, stdOutput, - errOutput, env); + errOutput, env); } catch(blocxx::Exception& e) { LOGIT_ERROR( "openssl exception:" << e); + BLOCXX_THROW_SUBEX(limal::RuntimeException, + __("Executing openssl command failed."), e); } PerlRegEx r("error"); @@ -757,8 +789,11 @@ LOGIT_ERROR("openssl status:" << blocxx::String(status)); LOGIT_ERROR("openssl stderr:" << errOutput); LOGIT_DEBUG("openssl stdout:" << stdOutput); + + StringArray sa = errOutput.tokenize("\n\r"); + String msg = (sa.empty()? "" : sa[0]); BLOCXX_THROW(limal::RuntimeException, - Format(__("Command returned '%1' : %2"), status, errOutput).c_str()); + Format(__("openssl command failed: %1"), msg).c_str()); } if(!errOutput.empty()) @@ -773,16 +808,16 @@ blocxx::String OpenSSLUtils::verify(const blocxx::String &certFile, - const blocxx::String &caPath, - bool crlCheck, - const blocxx::String &purpose) + const blocxx::String &caPath, + bool crlCheck, + const blocxx::String &purpose) { path::PathInfo pi(certFile); if(!pi.exists() || !pi.isFile()) { LOGIT_ERROR("No valid certificate file specified"); BLOCXX_THROW(limal::ValueException, - __("No valid certificate file specified.")); + __("No valid certificate file specified.")); } pi.stat(caPath); @@ -790,7 +825,7 @@ { LOGIT_ERROR("No valid CA directory specified"); BLOCXX_THROW(limal::ValueException, - __("No valid CA directory specified.")); + __("No valid CA directory specified.")); } blocxx::String debugCmd; @@ -827,11 +862,13 @@ try { status = wrapExecuteProcessAndGatherOutput(cmd, stdOutput, - errOutput, env); + errOutput, env); } catch(blocxx::Exception& e) { LOGIT_ERROR( "openssl exception:" << e); + BLOCXX_THROW_SUBEX(limal::RuntimeException, + __("Executing openssl command failed."), e); } StringArray lines = PerlRegEx("\n").split(stdOutput); @@ -906,11 +943,13 @@ try { status = wrapExecuteProcessAndGatherOutput(cmd, stdOutput, - errOutput, env); + errOutput, env); } catch(blocxx::Exception& e) { LOGIT_ERROR( "openssl exception:" << e); + BLOCXX_THROW_SUBEX(limal::RuntimeException, + __("Executing openssl command failed."), e); } StringArray lines = PerlRegEx("\n").split(errOutput); @@ -934,21 +973,21 @@ } } LOGIT_ERROR(Format("Show certificate status with serial '%1' failed.(%2)", - serial, status).toString()); + serial, status).toString()); if(!errOutput.empty()) { LOGIT_ERROR("openssl stderr:" << errOutput); } BLOCXX_THROW(limal::RuntimeException, - Format(__("Showing certificate status with serial %1 failed (%2)."), - serial, status).c_str()); + Format(__("Showing certificate status with serial %1 failed (%2)."), + serial, status).c_str()); } bool OpenSSLUtils::checkKey(const blocxx::String &caName, - const blocxx::String &password, - const blocxx::String &certificateName, - const blocxx::String &repository) + const blocxx::String &password, + const blocxx::String &certificateName, + const blocxx::String &repository) { String keyFile; @@ -965,7 +1004,7 @@ { LOGIT_ERROR("Can not parse certificate name"); BLOCXX_THROW(limal::RuntimeException, - __("Cannot parse the certificate name.")); + __("Cannot parse the certificate name.")); } keyFile = repository + "/" + caName + "/keys/" + sa[1] + ".key"; @@ -976,7 +1015,7 @@ { LOGIT_ERROR("Keyfile does not exist"); BLOCXX_THROW(limal::SystemException, - __("The key file does not exist.")); + __("The key file does not exist.")); } blocxx::String debugCmd; @@ -1003,11 +1042,13 @@ try { status = wrapExecuteProcessAndGatherOutput(cmd, stdOutput, - errOutput, env); + errOutput, env); } catch(blocxx::Exception& e) { LOGIT_ERROR( "openssl exception:" << e); + BLOCXX_THROW_SUBEX(limal::RuntimeException, + __("Executing openssl command failed."), e); } if(status == 0) { @@ -1026,18 +1067,19 @@ limal::ByteBuffer OpenSSLUtils::x509Convert(const ByteBuffer &certificate, - FormatType inform, - FormatType outform ) + FormatType inform, + FormatType outform ) { // FIXME: use tmp file blocxx::String inFileName(::tempnam("/tmp/", "x509I")); blocxx::String outFileName(::tempnam("/tmp/", "x509O")); LocalManagement::writeFile(certificate, inFileName, - false, 0600); + false, 0600); blocxx::String debugCmd; - + bool foundError = false; + debugCmd += limal::ca_mgm::OPENSSL_COMMAND + " "; debugCmd += "x509 "; debugCmd += "-nameopt "; @@ -1084,41 +1126,57 @@ try { status = wrapExecuteProcessAndGatherOutput(cmd, stdOutput, - errOutput, env); + errOutput, env); } catch(blocxx::Exception& e) { LOGIT_ERROR( "openssl exception:" << e); + path::removeFile(inFileName); + path::removeFile(outFileName); + BLOCXX_THROW_SUBEX(limal::RuntimeException, + __("Executing openssl command failed."), e); } if(status != 0) { LOGIT_INFO( "openssl status:" << blocxx::String(status)); + foundError = true; } if(!errOutput.empty()) { LOGIT_ERROR("openssl stderr:" << errOutput); + foundError = true; } if(!stdOutput.empty()) { LOGIT_DEBUG("openssl stdout:" << stdOutput); } - + + if(foundError) + { + path::removeFile(inFileName); + path::removeFile(outFileName); + + StringArray sa = errOutput.tokenize("\n\r"); + String msg = (sa.empty()? "" : sa[0]); + BLOCXX_THROW(limal::RuntimeException, + Format(__("openssl command failed: %1"), msg).c_str()); + } + ByteBuffer out = LocalManagement::readFile(outFileName); path::removeFile(inFileName); path::removeFile(outFileName); - + return out; } - limal::ByteBuffer OpenSSLUtils::rsaConvert(const ByteBuffer &key, - FormatType inform, - FormatType outform, - const String &inPassword, - const String &outPassword, - const String &algorithm) + FormatType inform, + FormatType outform, + const String &inPassword, + const String &outPassword, + const String &algorithm) { // FIXME: use tmp file blocxx::String inFileName(::tempnam("/tmp/", "keyIn")); @@ -1126,9 +1184,10 @@ bool isInPassSet = false; bool isOutPassSet = false; - + bool foundError = false; + LocalManagement::writeFile(key, inFileName, - false, 0600); + false, 0600); blocxx::String debugCmd; @@ -1201,15 +1260,20 @@ try { status = wrapExecuteProcessAndGatherOutput(cmd, stdOutput, - errOutput, env); + errOutput, env); } catch(blocxx::Exception& e) { LOGIT_ERROR( "openssl exception:" << e); + path::removeFile(inFileName); + path::removeFile(outFileName); + BLOCXX_THROW_SUBEX(limal::RuntimeException, + __("Executing openssl command failed."), e); } if(status != 0) { LOGIT_INFO( "openssl status:" << blocxx::String(status)); + foundError = true; } if(!errOutput.empty()) { @@ -1217,6 +1281,7 @@ if(!PerlRegEx("^writing RSA key$").match(errOutput)) { LOGIT_ERROR("openssl stderr:" << errOutput); + foundError = true; } else { @@ -1228,28 +1293,40 @@ LOGIT_DEBUG("openssl stdout:" << stdOutput); } - ByteBuffer out = LocalManagement::readFile(outFileName); + if(foundError) + { + path::removeFile(inFileName); + path::removeFile(outFileName); + + StringArray sa = errOutput.tokenize("\n\r"); + String msg = (sa.empty()? "" : sa[0]); + BLOCXX_THROW(limal::RuntimeException, + Format(__("openssl command failed: %1"),msg).c_str()); + } + ByteBuffer out = LocalManagement::readFile(outFileName); + path::removeFile(inFileName); path::removeFile(outFileName); - + return out; } limal::ByteBuffer OpenSSLUtils::crlConvert(const ByteBuffer &crl, - FormatType inform, - FormatType outform ) + FormatType inform, + FormatType outform ) { // FIXME: use tmp file blocxx::String inFileName(::tempnam("/tmp/", "crlIn")); blocxx::String outFileName(::tempnam("/tmp/", "crlOt")); LocalManagement::writeFile(crl, inFileName, - false, 0600); + false, 0600); blocxx::String debugCmd; - + bool foundError = false; + debugCmd += limal::ca_mgm::OPENSSL_COMMAND + " "; debugCmd += "crl "; debugCmd += "-in "; @@ -1294,47 +1371,65 @@ try { status = wrapExecuteProcessAndGatherOutput(cmd, stdOutput, - errOutput, env); + errOutput, env); } catch(blocxx::Exception& e) { LOGIT_ERROR( "openssl exception:" << e); + path::removeFile(inFileName); + path::removeFile(outFileName); + BLOCXX_THROW_SUBEX(limal::RuntimeException, + __("Executing openssl command failed."), e); } if(status != 0) { LOGIT_INFO( "openssl status:" << blocxx::String(status)); + foundError = true; } if(!errOutput.empty()) { LOGIT_ERROR("openssl stderr:" << errOutput); + foundError = true; } if(!stdOutput.empty()) { LOGIT_DEBUG("openssl stdout:" << stdOutput); } + if(foundError) + { + path::removeFile(inFileName); + path::removeFile(outFileName); + + StringArray sa = errOutput.tokenize("\n\r"); + String msg = (sa.empty()? "" : sa[0]); + BLOCXX_THROW(limal::RuntimeException, + Format(__("openssl command failed: %1"), msg).c_str()); + } + ByteBuffer out = LocalManagement::readFile(outFileName); path::removeFile(inFileName); path::removeFile(outFileName); - + return out; } limal::ByteBuffer OpenSSLUtils::reqConvert(const ByteBuffer &req, - FormatType inform, - FormatType outform ) + FormatType inform, + FormatType outform ) { // FIXME: use tmp file blocxx::String inFileName(::tempnam("/tmp/", "reqIn")); blocxx::String outFileName(::tempnam("/tmp/", "reqOt")); LocalManagement::writeFile(req, inFileName, - false, 0600); + false, 0600); blocxx::String debugCmd; - + bool foundError = false; + debugCmd += limal::ca_mgm::OPENSSL_COMMAND + " "; debugCmd += "req "; debugCmd += "-in "; @@ -1379,41 +1474,58 @@ try { status = wrapExecuteProcessAndGatherOutput(cmd, stdOutput, - errOutput, env); + errOutput, env); } catch(blocxx::Exception& e) { LOGIT_ERROR( "openssl exception:" << e); + path::removeFile(inFileName); + path::removeFile(outFileName); + BLOCXX_THROW_SUBEX(limal::RuntimeException, + __("Executing openssl command failed."), e); } if(status != 0) { LOGIT_INFO( "openssl status:" << blocxx::String(status)); + foundError = true; } if(!errOutput.empty()) { LOGIT_ERROR("openssl stderr:" << errOutput); + foundError = true; } if(!stdOutput.empty()) { LOGIT_DEBUG("openssl stdout:" << stdOutput); } + if(foundError) + { + path::removeFile(inFileName); + path::removeFile(outFileName); + + StringArray sa = errOutput.tokenize("\n\r"); + String msg = (sa.empty()? "" : sa[0]); + BLOCXX_THROW(limal::RuntimeException, + Format(__("openssl command failed: %1"), msg).c_str()); + } + ByteBuffer out = LocalManagement::readFile(outFileName); path::removeFile(inFileName); path::removeFile(outFileName); - + return out; } limal::ByteBuffer OpenSSLUtils::createPKCS12(const ByteBuffer &certificate, - const ByteBuffer &key, - const String &inPassword, - const String &outPassword, - const ByteBuffer &caCert, - const String &caPath, - bool withChain ) + const ByteBuffer &key, + const String &inPassword, + const String &outPassword, + const ByteBuffer &caCert, + const String &caPath, + bool withChain ) { // FIXME: use tmp file blocxx::String inFileName1(::tempnam("/tmp/", "crtIn")); @@ -1423,15 +1535,16 @@ bool isInPassSet = false; bool isOutPassSet = false; - + bool foundError = false; + LocalManagement::writeFile(certificate, inFileName1, - false, 0600); + false, 0600); LocalManagement::writeFile(key, inFileName2, - false, 0600); + false, 0600); if(!caCert.empty()) { LocalManagement::writeFile(caCert, inFileName3, - false, 0600); + false, 0600); } blocxx::String debugCmd; @@ -1471,7 +1584,7 @@ { LOGIT_ERROR("Out password is required"); BLOCXX_THROW(limal::ValueException, - __("The password for encrypting the output is required.")); + __("The password for encrypting the output is required.")); } debugCmd += "-inkey "; @@ -1508,25 +1621,52 @@ try { status = wrapExecuteProcessAndGatherOutput(cmd, stdOutput, - errOutput, env); + errOutput, env); } catch(blocxx::Exception& e) { LOGIT_ERROR( "openssl exception:" << e); + path::removeFile(inFileName1); + path::removeFile(inFileName2); + if(!caCert.empty()) + { + path::removeFile(inFileName3); + } + path::removeFile(outFileName); + BLOCXX_THROW_SUBEX(limal::RuntimeException, + __("Executing openssl command failed."), e); } if(status != 0) { LOGIT_INFO( "openssl status:" << blocxx::String(status)); + foundError = true; } if(!errOutput.empty()) { LOGIT_ERROR("openssl stderr:" << errOutput); + foundError = true; } if(!stdOutput.empty()) { LOGIT_DEBUG("openssl stdout:" << stdOutput); } + if(foundError) + { + path::removeFile(inFileName1); + path::removeFile(inFileName2); + if(!caCert.empty()) + { + path::removeFile(inFileName3); + } + path::removeFile(outFileName); + + StringArray sa = errOutput.tokenize("\n\r"); + String msg = (sa.empty()? "" : sa[0]); + BLOCXX_THROW(limal::RuntimeException, + Format(__("openssl command failed: %1"), msg).c_str()); + } + ByteBuffer out = LocalManagement::readFile(outFileName); path::removeFile(inFileName1); @@ -1542,9 +1682,9 @@ limal::ByteBuffer OpenSSLUtils::pkcs12ToPEM(const ByteBuffer &pkcs12, - const String &inPassword, - const String &outPassword, - const String &algorithm) + const String &inPassword, + const String &outPassword, + const String &algorithm) { // FIXME: use tmp file blocxx::String inFileName(::tempnam("/tmp/", "p12In")); @@ -1552,9 +1692,10 @@ bool isInPassSet = false; bool isOutPassSet = false; - + bool foundError = false; + LocalManagement::writeFile(pkcs12, inFileName, - false, 0600); + false, 0600); blocxx::String debugCmd; @@ -1565,7 +1706,7 @@ debugCmd += "-out "; debugCmd += outFileName + " "; - // -nokeys? + // -nokeys? if(!inPassword.empty()) { @@ -1576,7 +1717,7 @@ { LOGIT_ERROR("PKCS12 password is required"); BLOCXX_THROW(limal::ValueException, - __("The PKCS12 password is required.")); + __("The PKCS12 password is required.")); } if(!outPassword.empty()) @@ -1614,15 +1755,20 @@ try { status = wrapExecuteProcessAndGatherOutput(cmd, stdOutput, - errOutput, env); + errOutput, env); } catch(blocxx::Exception& e) { LOGIT_ERROR( "openssl exception:" << e); + path::removeFile(inFileName); + path::removeFile(outFileName); + BLOCXX_THROW_SUBEX(limal::RuntimeException, + __("Executing openssl command failed."), e); } if(status != 0) { LOGIT_INFO( "openssl status:" << blocxx::String(status)); + foundError = true; } if(!errOutput.empty()) { @@ -1630,6 +1776,7 @@ if(!PerlRegEx("^MAC verified OK$").match(errOutput)) { LOGIT_ERROR("openssl stderr:" << errOutput); + foundError = true; } else { @@ -1641,11 +1788,22 @@ LOGIT_DEBUG("openssl stdout:" << stdOutput); } + if(foundError) + { + path::removeFile(inFileName); + path::removeFile(outFileName); + + StringArray sa = errOutput.tokenize("\n\r"); + String msg = (sa.empty()? "" : sa[0]); + BLOCXX_THROW(limal::RuntimeException, + Format(__("openssl command failed: %1"), msg).c_str()); + } + ByteBuffer out = LocalManagement::readFile(outFileName); path::removeFile(inFileName); path::removeFile(outFileName); - + return out; } @@ -1660,10 +1818,10 @@ if(r != 0) { LOGIT_ERROR("Cannot read directory: " << repository << - "(" << System::errorMsg(r) << ") [" << r << "]"); + "(" << System::errorMsg(r) << ") [" << r << "]"); BLOCXX_THROW(limal::SystemException, - Format(__("Cannot read directory: %1 (%2) [%3]."), - repository, System::errorMsg(r), r).c_str()); + Format(__("Cannot read directory: %1 (%2) [%3]."), + repository, System::errorMsg(r), r).c_str()); } tmpList.sort(); @@ -1712,16 +1870,16 @@ { LOGIT_ERROR("No serial number found in " << serialFile); BLOCXX_THROW(limal::RuntimeException, - Format(__("No serial number found in %1."), - serialFile).c_str()); + Format(__("No serial number found in %1."), + serialFile).c_str()); } } void OpenSSLUtils::addCAM(const String &caName, - const String &md5, - const String &dnString, - const String &repository) + const String &md5, + const String &dnString, + const String &repository) { Array db = OpenSSLUtils::parseCAMDB(caName, repository); Array::const_iterator it; @@ -1732,7 +1890,7 @@ { LOGIT_ERROR("Request already exist."); BLOCXX_THROW(limal::RuntimeException, - __("The request already exists.")); + __("The request already exists.")); } } @@ -1742,14 +1900,14 @@ cam += md5 + " " + dnString + "\n"; LocalManagement::writeFile(ByteBuffer(cam.c_str(), cam.length()), - repository + "/" + caName + "/cam.txt"); + repository + "/" + caName + "/cam.txt"); } void OpenSSLUtils::delCAM(const String &caName, - const String &md5, - const String &repository) + const String &md5, + const String &repository) { ByteBuffer b = LocalManagement::readFile(repository + "/" + caName + "/cam.txt"); @@ -1770,13 +1928,13 @@ } } LocalManagement::writeFile(ByteBuffer(camNew.c_str(), camNew.length()), - repository + "/" + caName + "/cam.txt"); + repository + "/" + caName + "/cam.txt"); } blocxx::Arrayblocxx::String > OpenSSLUtils::parseCAMDB(const String &caName, - const String &repository) + const String &repository) { Array ret; @@ -1810,7 +1968,7 @@ blocxx::Arrayblocxx::String > OpenSSLUtils::parseIndexTXT(const String &caName, - const String &repository) + const String &repository) { Array ret; @@ -1848,7 +2006,7 @@ blocxx::Array > OpenSSLUtils::listRequests(const String &caName, - const String &repository) + const String &repository) { Array > ret; List<String> tmpList; @@ -1860,10 +2018,10 @@ if(r != 0) { LOGIT_ERROR("Cannot read directory: " << reqDir << - "(" << System::errorMsg(r) << ") [" << r << "]"); + "(" << System::errorMsg(r) << ") [" << r << "]"); BLOCXX_THROW(limal::SystemException, - Format(__("Cannot read directory: %1 (%2) [%3]."), - reqDir, System::errorMsg(r), r).c_str()); + Format(__("Cannot read directory: %1 (%2) [%3]."), + reqDir, System::errorMsg(r), r).c_str()); } tmpList.sort(); @@ -1923,7 +2081,7 @@ { LOGIT_ERROR("Can not find request subject."); BLOCXX_THROW(limal::RuntimeException, - __("Cannot find the request subject.")); + __("Cannot find the request subject.")); } sa.clear(); @@ -2000,7 +2158,7 @@ blocxx::Array > OpenSSLUtils::listCertificates(const String &caName, - const String &repository) + const String &repository) { Array > ret; List<String> tmpList; @@ -2012,10 +2170,10 @@ if(r != 0) { LOGIT_ERROR("Cannot read directory: " << certDir << - "(" << System::errorMsg(r) << ") [" << r << "]"); + "(" << System::errorMsg(r) << ") [" << r << "]"); BLOCXX_THROW(limal::SystemException, - Format(__("Cannot read directory: %1 (%2) [%3]."), - certDir, System::errorMsg(r), r).c_str()); + Format(__("Cannot read directory: %1 (%2) [%3]."), + certDir, System::errorMsg(r), r).c_str()); } tmpList.sort(); @@ -2084,7 +2242,7 @@ { LOGIT_ERROR("Can not find certificate subject."); BLOCXX_THROW(limal::RuntimeException, - __("Cannot find the certificate subject.")); + __("Cannot find the certificate subject.")); } sa.clear(); @@ -2177,13 +2335,13 @@ void OpenSSLUtils::createCaInfrastructure(const String &caName, - const String &repository) + const String &repository) { if(caName.empty() || !PerlRegEx("\\w+").match(caName)) { LOGIT_ERROR("Invalid caName: " << caName); BLOCXX_THROW(limal::ValueException, - Format(__("Invalid caName: %1."), caName).c_str()); + Format(__("Invalid caName: %1."), caName).c_str()); } path::PathInfo pi(repository); @@ -2192,8 +2350,8 @@ { LOGIT_ERROR(repository << " does not exist"); BLOCXX_THROW_ERR(limal::SystemException, - Format(__("'%1' does not exist."), repository).c_str(), - E_FILE_NOT_FOUND); + Format(__("'%1' does not exist."), repository).c_str(), + E_FILE_NOT_FOUND); } pi.stat(repository + "/" + caName); @@ -2202,8 +2360,8 @@ { LOGIT_ERROR(pi.toString() << " still exist"); BLOCXX_THROW_ERR(limal::SystemException, - Format(__("%1 still exists."), pi.toString()).c_str(), - E_FILE_EXISTS); + Format(__("%1 still exists."), pi.toString()).c_str(), + E_FILE_EXISTS); } int r = path::createDir(pi.toString(), 0700); @@ -2211,10 +2369,10 @@ if( r != 0 ) { LOGIT_ERROR(Format("Can not create directory: %1 (%2 [%3])", - pi.toString(), System::errorMsg(r), r)); + pi.toString(), System::errorMsg(r), r)); BLOCXX_THROW(limal::SystemException, - Format(__("Cannot create directory: %1 (%2 [%3])."), - pi.toString(), System::errorMsg(r), r).c_str()); + Format(__("Cannot create directory: %1 (%2 [%3])."), + pi.toString(), System::errorMsg(r), r).c_str()); } ByteBuffer tmpl; @@ -2241,14 +2399,14 @@ } LocalManagement::writeFile(ByteBuffer(newConf.c_str(), newConf.length()), - pi.toString() + "/openssl.cnf.tmpl"); + pi.toString() + "/openssl.cnf.tmpl"); } catch(blocxx::Exception &e) { path::removeDirRecursive(repository + "/" + caName); BLOCXX_THROW_SUBEX(limal::SystemException, - __("Cannot copy the configuration template."), e); + __("Cannot copy the configuration template."), e); } String dir = pi.toString() + "/certs"; @@ -2259,10 +2417,10 @@ path::removeDirRecursive(repository + "/" + caName); LOGIT_ERROR(Format("Can not create directory: %1 (%2 [%3])", - dir, System::errorMsg(r), r)); + dir, System::errorMsg(r), r)); BLOCXX_THROW(limal::SystemException, - Format(__("Cannot create directory: %1 (%2 [%3])."), - dir, System::errorMsg(r), r).c_str()); + Format(__("Cannot create directory: %1 (%2 [%3])."), + dir, System::errorMsg(r), r).c_str()); } dir = pi.toString() + "/crl"; @@ -2273,10 +2431,10 @@ path::removeDirRecursive(repository + "/" + caName); LOGIT_ERROR(Format("Can not create directory: %1 (%2 [%3])", - dir, System::errorMsg(r), r)); + dir, System::errorMsg(r), r)); BLOCXX_THROW(limal::SystemException, - Format(__("Cannot create directory: %1 (%2 [%3])."), - dir, System::errorMsg(r), r).c_str()); + Format(__("Cannot create directory: %1 (%2 [%3])."), + dir, System::errorMsg(r), r).c_str()); } dir = pi.toString() + "/newcerts"; @@ -2287,10 +2445,10 @@ path::removeDirRecursive(repository + "/" + caName); LOGIT_ERROR(Format("Can not create directory: %1 (%2 [%3])", - dir, System::errorMsg(r), r)); + dir, System::errorMsg(r), r)); BLOCXX_THROW(limal::SystemException, - Format(__("Cannot create directory: %1 (%2 [%3])."), - dir, System::errorMsg(r), r).c_str()); + Format(__("Cannot create directory: %1 (%2 [%3])."), + dir, System::errorMsg(r), r).c_str()); } dir = pi.toString() + "/req"; @@ -2301,10 +2459,10 @@ path::removeDirRecursive(repository + "/" + caName); LOGIT_ERROR(Format("Can not create directory: %1 (%2 [%3])", - dir, System::errorMsg(r), r)); + dir, System::errorMsg(r), r)); BLOCXX_THROW(limal::SystemException, - Format(__("Cannot create directory: %1 (%2 [%3])."), - dir, System::errorMsg(r), r).c_str()); + Format(__("Cannot create directory: %1 (%2 [%3])."), + dir, System::errorMsg(r), r).c_str()); } dir = pi.toString() + "/keys"; @@ -2315,27 +2473,27 @@ path::removeDirRecursive(repository + "/" + caName); LOGIT_ERROR(Format("Can not create directory: %1 (%2 [%3])", - dir, System::errorMsg(r), r)); + dir, System::errorMsg(r), r)); BLOCXX_THROW(limal::SystemException, - Format(__("Cannot create directory: %1 (%2 [%3])."), - dir, System::errorMsg(r), r).c_str()); + Format(__("Cannot create directory: %1 (%2 [%3])."), + dir, System::errorMsg(r), r).c_str()); } try { LocalManagement::writeFile(ByteBuffer("01"), - pi.toString() + "/serial"); + pi.toString() + "/serial"); LocalManagement::writeFile(ByteBuffer(), - pi.toString() + "/index.txt"); + pi.toString() + "/index.txt"); LocalManagement::writeFile(ByteBuffer(), - pi.toString() + "/cam.txt"); + pi.toString() + "/cam.txt"); } catch(blocxx::Exception &e) { path::removeDirRecursive(repository + "/" + caName); BLOCXX_THROW_SUBEX(limal::SystemException, - __("Cannot create the file."), e); + __("Cannot create the file."), e); } } Modified: limal-head/limal-ca-mgm/src/Utils.cpp URL: http://svn.opensuse.org/viewcvs/limal/limal-head/limal-ca-mgm/src/Utils.cpp?rev=2350&r1=2349&r2=2350&view=diff ============================================================================== --- limal-head/limal-ca-mgm/src/Utils.cpp (original) +++ limal-head/limal-ca-mgm/src/Utils.cpp Fri Oct 12 17:53:17 2007 @@ -149,85 +149,6 @@ return exitStatus; } -// LiteralValue -// gn2lv(GENERAL_NAME *gen) -// { -// char oline[256]; -// char *s = NULL; -// unsigned char *p = NULL; -// LiteralValue lv; - -// switch (gen->type) -// { -// case GEN_EMAIL: -// s = new char[gen->d.ia5->length +1]; -// memcpy(s, gen->d.ia5->data, gen->d.ia5->length); -// s[gen->d.ia5->length] = '\0'; -// lv.setLiteral("email", s); -// delete [] s; -// break; - -// case GEN_DNS: -// s = new char[gen->d.ia5->length +1]; -// memcpy(s, gen->d.ia5->data, gen->d.ia5->length); -// s[gen->d.ia5->length] = '\0'; -// lv.setLiteral("DNS", s); -// delete [] s; -// break; - -// case GEN_URI: -// s = new char[gen->d.ia5->length +1]; -// memcpy(s, gen->d.ia5->data, gen->d.ia5->length); -// s[gen->d.ia5->length] = '\0'; -// lv.setLiteral("URI", s); -// delete [] s; -// break; - -// case GEN_DIRNAME: -// X509_NAME_oneline(gen->d.dirn, oline, 256); -// lv.setLiteral("DirName", oline); -// break; - -// case GEN_IPADD: -// p = gen->d.ip->data; -// /* BUG: doesn't support IPV6 */ -// if(gen->d.ip->length != 4) { -// LOGIT_ERROR("Invalid IP Address: maybe IPv6"); -// BLOCXX_THROW(limal::SyntaxException, "Invalid IP Address: maybe IPv6"); -// break; -// } -// BIO_snprintf(oline, sizeof oline, -// "%d.%d.%d.%d", p[0], p[1], p[2], p[3]); -// lv.setLiteral("IP", oline); -// break; -// case GEN_RID: -// i2t_ASN1_OBJECT(oline, 256, gen->d.rid); -// lv.setLiteral("RID", oline); -// break; -// case GEN_OTHERNAME: -// // krb5PrincipalName || Microsoft Universal Principal Name -// if(OBJ_obj2nid(gen->d.otherName->type_id) == NID_ms_upn) -// { -// lv.setLiteral("othername", -// (char*)ASN1_STRING_data(gen->d.otherName->value->value.sequence)); -// } -// else -// { -// lv.setLiteral("othername", -// String("unsupported(") + String(OBJ_obj2nid(gen->d.otherName->type_id)) + ")"); -// } -// break; -// case GEN_X400: -// lv.setLiteral("X400Name", "unsupported"); -// break; -// case GEN_EDIPARTY: -// lv.setLiteral("EdiPartyName", "unsupported"); -// break; -// } -// return lv; -// } - - // ------------------------------------------------------------------- } // End of CA_MGM_NAMESPACE } // End of LIMAL_NAMESPACE Modified: limal-head/limal-ca-mgm/src/Utils.hpp URL: http://svn.opensuse.org/viewcvs/limal/limal-head/limal-ca-mgm/src/Utils.hpp?rev=2350&r1=2349&r2=2350&view=diff ============================================================================== --- limal-head/limal-ca-mgm/src/Utils.hpp (original) +++ limal-head/limal-ca-mgm/src/Utils.hpp Fri Oct 12 17:53:17 2007 @@ -277,8 +277,6 @@ return status; } -LiteralValue gn2lv(GENERAL_NAME *gen); - } } Modified: limal-head/limal-ca-mgm/testsuite/ConvertTest.cc URL: http://svn.opensuse.org/viewcvs/limal/limal-head/limal-ca-mgm/testsuite/ConvertTest.cc?rev=2350&r1=2349&r2=2350&view=diff ============================================================================== --- limal-head/limal-ca-mgm/testsuite/ConvertTest.cc (original) +++ limal-head/limal-ca-mgm/testsuite/ConvertTest.cc Fri Oct 12 17:53:17 2007 @@ -31,7 +31,8 @@ blocxx::StringArray cat; cat.push_back("FATAL"); - cat.push_back("ERROR"); + // do not log errors because the openssl errors include a pid which changes everytime + //cat.push_back("ERROR"); cat.push_back("INFO"); //cat.push_back("DEBUG"); @@ -185,14 +186,92 @@ //cout << pem.data() << endl; } } - - cout << "DONE" << endl; } catch(Exception& e) { cerr << e << endl; } - + + + cout << "===================== Test rsaConvert Exception =====================" << endl; + + try + { + ByteBuffer pem = LocalManagement::readFile("./TestRepos3/SUSERootCA/cacert.key"); + + ByteBuffer der = LocalManagement::rsaConvert(pem, E_PEM, E_DER, "wrong password", ""); + + if(der.size() > 0) + { + cout << "Got DER Key" << endl; + } + } + catch(Exception& e) + { + cout << "Got expected Exception." << endl; + cerr << "Exception:" << endl << e.getFile() << ": " << e.type() << ": "; + blocxx::String msg = blocxx::String(e.getMessage()); + + cerr << msg.tokenize("\n\r")[0] << endl << "END" << endl; + } + + + cout << "===================== Test pkcs12Convert Exception =====================" << endl; + + ByteBuffer crt = LocalManagement::readFile("./TestRepos3/SUSERootCA/certs/01.pem"); + ByteBuffer key = LocalManagement::readFile("./TestRepos3/SUSERootCA/keys/a64a6c95f2a3dc22975e13691ad8e2bb-1111160526.key"); + ByteBuffer ca = LocalManagement::readFile("./TestRepos3/SUSERootCA/cacert.pem"); + + ByteBuffer p12; + + try + { + p12 = LocalManagement::createPKCS12(crt, key, "wrong password", "tralla", + ca, "./TestRepos3/.cas/", false); + + if(p12.size() > 0) + { + cout << "Got PKCS12 data" << endl; + } + } + catch(Exception &e) + { + cout << "Got expected Exception." << endl; + cerr << "Exception:" << endl << e << endl << "END" << endl; + } + + p12 = LocalManagement::createPKCS12(crt, key, "system", "tralla", + ca, "./TestRepos3/.cas/", false); + + try + { + ByteBuffer pem = LocalManagement::pkcs12ToPEM(p12, "wrong password", "system", "aes256"); + + if(pem.size() > 0) + { + cout << "Got PEM " << endl; + + PerlRegEx p("DEK-Info: AES-256-CBC"); + if(p.match(pem.data())) + { + cout << "correct encryption" << endl; + } + else + { + cout << "!!!WRONG encryption" << endl; + } + + //cout << pem.data() << endl; + } + } + catch(Exception &e) + { + cout << "Got expected Exception." << endl; + cerr << "Exception:" << endl << e << endl << "END" << endl; + } + + cout << "DONE" << endl; + return 0; } Modified: limal-head/limal-ca-mgm/testsuite/perl-CertificateExceptionTest.single URL: http://svn.opensuse.org/viewcvs/limal/limal-head/limal-ca-mgm/testsuite/perl-CertificateExceptionTest.single?rev=2350&r1=2349&r2=2350&view=diff ============================================================================== --- limal-head/limal-ca-mgm/testsuite/perl-CertificateExceptionTest.single (original) +++ limal-head/limal-ca-mgm/testsuite/perl-CertificateExceptionTest.single Fri Oct 12 17:53:17 2007 @@ -85,33 +85,12 @@ print "2:".Data::Dumper->Dump([$@]); print $@->{type}.":".$@->{code}.":".$@->{message}."\n"; - exit 0; + #exit 0; } -print "RETURN Certificate \n"; +#--------------------------------------------------------------------------------- -if( -e "./TestRepos/Test_CA1/newcerts/$c.pem") -{ - print "Certificate exists: true\n"; -} -my $cd = $ca->getCertificate($c); - -my $ret = $cd->getExtensions()->dump(); - -for(my $it = $ret->begin(); - !$ret->iterator_equal($it, $ret->end()); - $ret->iterator_incr($it)) -{ - if($ret->iterator_value($it) =~ /^KeyID/) - { - print "found KeyID\n"; - } - else - { - print $ret->iterator_value($it)."\n"; - } -} print "DONE\n"; Modified: limal-head/limal-ca-mgm/testsuite/single.out/ConvertTest.err URL: http://svn.opensuse.org/viewcvs/limal/limal-head/limal-ca-mgm/testsuite/single.out/ConvertTest.err?rev=2350&r1=2349&r2=2350&view=diff ============================================================================== --- limal-head/limal-ca-mgm/testsuite/single.out/ConvertTest.err (original) +++ limal-head/limal-ca-mgm/testsuite/single.out/ConvertTest.err Fri Oct 12 17:53:17 2007 @@ -0,0 +1,12 @@ +INFO ca-mgm - openssl status:1 +Exception: +OpenSSLUtils.cpp: RuntimeException: openssl command failed: unable to load Private Key +END +INFO ca-mgm - openssl status:1 +Exception: +OpenSSLUtils.cpp: 1667 RuntimeException: openssl command failed: unable to load private key +END +INFO ca-mgm - openssl status:1 +Exception: +OpenSSLUtils.cpp: 1799 RuntimeException: openssl command failed: Mac verify error: invalid password? +END Modified: limal-head/limal-ca-mgm/testsuite/single.out/ConvertTest.out URL: http://svn.opensuse.org/viewcvs/limal/limal-head/limal-ca-mgm/testsuite/single.out/ConvertTest.out?rev=2350&r1=2349&r2=2350&view=diff ============================================================================== --- limal-head/limal-ca-mgm/testsuite/single.out/ConvertTest.out (original) +++ limal-head/limal-ca-mgm/testsuite/single.out/ConvertTest.out Fri Oct 12 17:53:17 2007 @@ -19,4 +19,9 @@ Got PKCS12 data Got PEM correct encryption +===================== Test rsaConvert Exception ===================== +Got expected Exception. +===================== Test pkcs12Convert Exception ===================== +Got expected Exception. +Got expected Exception. DONE Modified: limal-head/limal-ca-mgm/testsuite/single.out/perl-CertificateExceptionTest.out URL: http://svn.opensuse.org/viewcvs/limal/limal-head/limal-ca-mgm/testsuite/single.out/perl-CertificateExceptionTest.out?rev=2350&r1=2349&r2=2350&view=diff ============================================================================== --- limal-head/limal-ca-mgm/testsuite/single.out/perl-CertificateExceptionTest.out (original) +++ limal-head/limal-ca-mgm/testsuite/single.out/perl-CertificateExceptionTest.out Fri Oct 12 17:53:17 2007 @@ -21,3 +21,4 @@ 'code' => -1 }; RuntimeException:-1:Issuing the certificate failed. +DONE -- To unsubscribe, e-mail: limal-commit+unsubscribe@opensuse.org For additional commands, e-mail: limal-commit+help@opensuse.org