📄 smime_keys_test.pl
字号:
#! /usr/bin/perl -W# by Mike Schiraldi <raldi@research.netsol.com>use strict;use Expect;sub run ($;$ );umask 077; # probably not necc. but can't hurtmy $tmpdir = "/tmp/smime_keys_test-$$-" . time;mkdir $tmpdir or die;chdir $tmpdir or die;open TMP, '>muttrc' or die;print TMP <<EOF;set smime_ca_location="$tmpdir/ca-bundle.crt"set smime_certificates="$tmpdir/certificates"set smime_keys="$tmpdir/keys"EOFclose TMP;$ENV{MUTT_CMDLINE} = "mutt -F $tmpdir/muttrc";# make a user keyrun 'smime_keys init';run 'openssl genrsa -out user.key 1024';# make a request for this key to be signedrun 'openssl req -new -key user.key -out newreq.pem', "\n\nx\n\nx\nx\nuser\@smime.mutt\n\nx\n";mkdir 'demoCA' or die;mkdir 'demoCA/certs' or die;mkdir 'demoCA/crl' or die;mkdir 'demoCA/newcerts' or die;mkdir 'demoCA/private' or die;open OUT, '>demoCA/serial' or die;print OUT "01\n";close OUT;open OUT, '>demoCA/index.txt' or die;close OUT;# make the CA run 'openssl req -new -x509 -keyout demoCA/private/cakey.pem -out demoCA/cacert.pem -days 7300 -nodes', "\n\nx\n\nx\nx\n\n";# trust itrun 'smime_keys add_root demoCA/cacert.pem', "root_CA\n";# have the CA process the requestrun 'openssl ca -batch -startdate 000101000000Z -enddate 200101000000Z -days 7300 ' . '-policy policy_anything -out newcert.pem -infiles newreq.pem';unlink 'newreq.pem' or die;# put it all in a .p12 bundlerun 'openssl pkcs12 -export -inkey user.key -in newcert.pem -out cert.p12 -CAfile demoCA/cacert.pem -chain', "pass1\n" x 2;unlink 'newcert.pem' or die;unlink 'demoCA/cacert.pem' or die;unlink 'demoCA/index.txt' or die;unlink 'demoCA/index.txt.old' or die;unlink 'demoCA/serial' or die;unlink 'demoCA/serial.old' or die;unlink 'demoCA/newcerts/01.pem' or die;unlink 'demoCA/private/cakey.pem' or die;rmdir 'demoCA/certs' or die;rmdir 'demoCA/crl' or die;rmdir 'demoCA/private' or die;rmdir 'demoCA/newcerts' or die;rmdir 'demoCA' or die;# have smime_keys process itrun 'smime_keys add_p12 cert.p12', "pass1\n" . "pass2\n" x 2 . "old_label\n";unlink 'cert.p12' or die;# make sure it showed uprun 'smime_keys list > list';open IN, 'list' or die;<IN> eq "\n" or die;<IN> =~ /^(.*)\: Issued for\: user\@smime\.mutt \"old_label\" \(Unverified\)\n/ or die;close IN;my $keyid = $1;# see if we can rename itrun "smime_keys label $keyid", "new_label\n";# make sure it workedrun 'smime_keys list > list';open IN, 'list' or die;<IN> eq "\n" or die;<IN> =~ /^$keyid\: Issued for\: user\@smime\.mutt \"new_label\" \(Unverified\)\n/ or die;close IN;unlink 'list' or die;# try signing somethingrun "openssl smime -sign -signer certificates/$keyid -inkey user.key -in /etc/passwd -certfile certificates/37adefc3.0 > signed";unlink 'user.key' or die;# verify it run 'openssl smime -verify -out /dev/null -in signed -CAfile ca-bundle.crt';unlink 'signed' or die;# clean upunlink 'ca-bundle.crt' or die;unlink 'muttrc' or die;unlink 'keys/.index' or die;unlink 'certificates/.index' or die;unlink <keys/*> or die;unlink <certificates/*> or die;rmdir 'keys' or die;rmdir 'certificates' or die;chdir '/' or die;rmdir $tmpdir or die;sub run ($;$) { my $cmd = shift or die; my $input = shift; print "\n\nRunning [$cmd]\n"; my $exp = Expect->spawn ($cmd); if (defined $input) { print $exp $input; } $exp->soft_close; $? and die "$cmd returned $?";}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -