Add certification authority support
git-svn-id: https://svn.fournier38.fr/svn/ProgSVN/trunk@5107 bf3deb0d-5f1a-0410-827f-c0cc1f45334c
This commit is contained in:
113
Tests/certificationauthorityTest.php
Normal file
113
Tests/certificationauthorityTest.php
Normal file
@@ -0,0 +1,113 @@
|
||||
<?php
|
||||
|
||||
/** Test the certification Authority
|
||||
*/
|
||||
class test_certificationauthority extends PHPUnit_Framework_TestCase
|
||||
{
|
||||
public function test_createCA_1 ()
|
||||
{
|
||||
$certificationauthority = new certificationauthority ();
|
||||
$certificationauthority->createCA ("FR", "FOURNIER38", "CATEST");
|
||||
$caCert = explode ("\n", $certificationauthority->caCert ());
|
||||
$caKey = explode ("\n", $certificationauthority->caKey ());
|
||||
$res = $caCert[0] . $caKey[0];
|
||||
$this->assertSame ($res,
|
||||
"-----BEGIN CERTIFICATE----------BEGIN PRIVATE KEY-----");
|
||||
}
|
||||
|
||||
public function test_createPK_1 ()
|
||||
{
|
||||
$certificationauthority = new certificationauthority ();
|
||||
$privateKey = $certificationauthority->createPrivateKey () -> privateKey ();
|
||||
$privateKey = explode ("\n", $privateKey);
|
||||
$this->assertSame ($privateKey[0], "-----BEGIN PRIVATE KEY-----");
|
||||
}
|
||||
|
||||
public function test_createCSR_1 ()
|
||||
{
|
||||
$certificationauthority = new certificationauthority ();
|
||||
$csr = $certificationauthority->createCSR ("FR", "FOURNIER38", "CSR");
|
||||
$csr = explode ("\n", $csr);
|
||||
$this->assertSame ($csr[0], "-----BEGIN CERTIFICATE REQUEST-----");
|
||||
}
|
||||
|
||||
public function test_signCSR_1 ()
|
||||
{
|
||||
$certificationauthority = new certificationauthority ();
|
||||
$certificationauthority->createCA ("FR", "FOURNIER38", "CATEST");
|
||||
$caCert = $certificationauthority->caCert ();
|
||||
$caKey = $certificationauthority->caKey ();
|
||||
$csr = $certificationauthority->createCSR ("FR", "FOURNIER38", "CSR");
|
||||
$cert = $certificationauthority->signCSR ($csr, $caCert, $caKey);
|
||||
$cert = explode ("\n", $cert);
|
||||
$this->assertSame ($cert[0], "-----BEGIN CERTIFICATE-----");
|
||||
}
|
||||
|
||||
public function test_signCSR_2 ()
|
||||
{
|
||||
$certificationauthority = new certificationauthority ();
|
||||
$certificationauthority->createCA ("FR", "FOURNIER38", "CATEST");
|
||||
$caCert = $certificationauthority->caCert ();
|
||||
$caKey = $certificationauthority->caKey ();
|
||||
$csr = $certificationauthority->createCSR ("FR", "FOURNIER38", "CSR");
|
||||
$cert = $certificationauthority->signCSR ($csr, $caCert, $caKey);
|
||||
file_put_contents ("/tmp/test_signCSR_2", $cert);
|
||||
exec ("openssl x509 -in - -text -noout < /tmp/test_signCSR_2", $output);
|
||||
$res = preg_match ("#Subject: C = FR, .+ CN = CSR#",
|
||||
implode ("\n", $output));
|
||||
unlink ("/tmp/test_signCSR_2");
|
||||
$this->assertSame ($res, 1);
|
||||
}
|
||||
|
||||
public function test_signCSR_3 ()
|
||||
{
|
||||
// Check if generated cert X509v3 Extended Key Usage are valid
|
||||
$certificationauthority = new certificationauthority ();
|
||||
$certificationauthority->createCA ("FR", "FOURNIER38", "CATEST");
|
||||
$caCert = $certificationauthority->caCert ();
|
||||
$caKey = $certificationauthority->caKey ();
|
||||
$csr = $certificationauthority->createCSR ("FR", "FOURNIER38", "CSR");
|
||||
$cert = $certificationauthority->signCSR ($csr, $caCert, $caKey);
|
||||
file_put_contents ("/tmp/test_signCSR_3", $cert);
|
||||
exec ("openssl x509 -in - -text -noout < /tmp/test_signCSR_3", $output);
|
||||
$res = preg_match (
|
||||
"#TLS Web Server Authentication, TLS Web Client Authentication#",
|
||||
implode ("\n", $output));
|
||||
unlink ("/tmp/test_signCSR_3");
|
||||
$this->assertSame ($res, 1);
|
||||
}
|
||||
|
||||
public function test_signCSR_4 ()
|
||||
{
|
||||
// Check if generated cert issuer name is valid
|
||||
$certificationauthority = new certificationauthority ();
|
||||
$certificationauthority->createCA ("FR", "FOURNIER38", "CATEST");
|
||||
$caCert = $certificationauthority->caCert ();
|
||||
$caKey = $certificationauthority->caKey ();
|
||||
$csr = $certificationauthority->createCSR ("FR", "FOURNIER38", "CSR");
|
||||
$cert = $certificationauthority->signCSR ($csr, $caCert, $caKey);
|
||||
file_put_contents ("/tmp/test_signCSR_4", $cert);
|
||||
exec ("openssl x509 -in - -text -noout < /tmp/test_signCSR_4", $output);
|
||||
$res = preg_match ("#Issuer: C = FR, O = FOURNIER38, CN = CATEST#",
|
||||
implode ("\n", $output));
|
||||
unlink ("/tmp/test_signCSR_4");
|
||||
$this->assertSame ($res, 1);
|
||||
}
|
||||
|
||||
public function test_signCSR_5 ()
|
||||
{
|
||||
// Check if generated cert is not tagged CA
|
||||
$certificationauthority = new certificationauthority ();
|
||||
$certificationauthority->createCA ("FR", "FOURNIER38", "CATEST");
|
||||
$caCert = $certificationauthority->caCert ();
|
||||
$caKey = $certificationauthority->caKey ();
|
||||
$csr = $certificationauthority->createCSR ("FR", "FOURNIER38", "CSR");
|
||||
$cert = $certificationauthority->signCSR ($csr, $caCert, $caKey);
|
||||
file_put_contents ("/tmp/test_signCSR_5", $cert);
|
||||
exec ("openssl x509 -in - -text -noout < /tmp/test_signCSR_5", $output);
|
||||
$res = preg_match ("# CA:FALSE#",
|
||||
implode ("\n", $output));
|
||||
unlink ("/tmp/test_signCSR_5");
|
||||
$this->assertSame ($res, 1);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user