Dominique.Fournier/DomFramework
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity
Files
273db5f18375f2110bf3946ad44ab538fbc0e993
DomFramework/Tests/CertificationauthorityTest.php

179 lines
6.7 KiB
PHP
Raw Blame History

<?php
/**
* DomFramework - Tests
* @package domframework
* @author Dominique Fournier <dominique@fournier38.fr>
* @license BSD
*/
namespace Domframework\Tests;
use Domframework\Certificationauthority;
/**
* Test the certification Authority
*/
class CertificationauthorityTest extends \PHPUnit_Framework_TestCase
{
public function testCreateCA1()
{
$certificationauthority = new Certificationauthority();
$certificationauthority->createCA("FR", "FOURNIER38", "CATEST");
$caCert = explode("\n", $certificationauthority->caCert());
$caKey = explode("\n", $certificationauthority->caKey());
$res = $caCert[0] . $caKey[0];
$this->assertSame(
$res,
"-----BEGIN CERTIFICATE----------BEGIN PRIVATE KEY-----"
);
}
public function testCreateCA2()
{
$certificationauthority = new Certificationauthority();
$certificationauthority->createCA("FR", "FOURNIER38", "CATEST");
$caCert = $certificationauthority->caCert();
file_put_contents("/tmp/test_createCA_2", $caCert);
exec("openssl x509 -in - -text -noout < /tmp/test_createCA_2", $output);
$res = preg_match(
"# CA:TRUE#",
implode("\n", $output)
);
unlink("/tmp/test_createCA_2");
$this->assertSame($res, 1);
}
public function testCreatePK1()
{
$certificationauthority = new Certificationauthority();
$privateKey = $certificationauthority->createPrivateKey() -> privateKey();
$privateKey = explode("\n", $privateKey);
$this->assertSame($privateKey[0], "-----BEGIN PRIVATE KEY-----");
}
public function testCreateCSR1()
{
$certificationauthority = new Certificationauthority();
$csr = $certificationauthority->createCSR("FR", "FOURNIER38", "CSR");
$csr = explode("\n", $csr);
$this->assertSame($csr[0], "-----BEGIN CERTIFICATE REQUEST-----");
}
public function testSignCSR1()
{
$certificationauthority = new Certificationauthority();
$certificationauthority->createCA("FR", "FOURNIER38", "CATEST");
$caCert = $certificationauthority->caCert();
$caKey = $certificationauthority->caKey();
$csr = $certificationauthority->createCSR("FR", "FOURNIER38", "CSR");
$cert = $certificationauthority->signCSR($csr, $caCert, $caKey);
$cert = explode("\n", $cert);
$this->assertSame($cert[0], "-----BEGIN CERTIFICATE-----");
}
public function testSignCSR2()
{
$certificationauthority = new Certificationauthority();
$certificationauthority->createCA("FR", "FOURNIER38", "CATEST");
$caCert = $certificationauthority->caCert();
$caKey = $certificationauthority->caKey();
$csr = $certificationauthority->createCSR("FR", "FOURNIER38", "CSR");
$cert = $certificationauthority->signCSR($csr, $caCert, $caKey);
file_put_contents("/tmp/test_signCSR_2", $cert);
exec("openssl x509 -in - -text -noout < /tmp/test_signCSR_2", $output);
$res = preg_match(
"#Subject: C = FR, .+ CN = CSR#",
implode("\n", $output)
);
unlink("/tmp/test_signCSR_2");
$this->assertSame($res, 1);
}
public function testSignCSR3()
{
// Check if generated cert X509v3 Extended Key Usage are valid
$certificationauthority = new Certificationauthority();
$certificationauthority->createCA("FR", "FOURNIER38", "CATEST");
$caCert = $certificationauthority->caCert();
$caKey = $certificationauthority->caKey();
$csr = $certificationauthority->createCSR("FR", "FOURNIER38", "CSR");
$cert = $certificationauthority->signCSR($csr, $caCert, $caKey);
file_put_contents("/tmp/test_signCSR_3", $cert);
exec("openssl x509 -in - -text -noout < /tmp/test_signCSR_3", $output);
$res = preg_match(
"#TLS Web Server Authentication, TLS Web Client Authentication#",
implode("\n", $output)
);
unlink("/tmp/test_signCSR_3");
$this->assertSame($res, 1);
}
public function testSignCSR4()
{
// Check if generated cert issuer name is valid
$certificationauthority = new Certificationauthority();
$certificationauthority->createCA("FR", "FOURNIER38", "CATEST");
$caCert = $certificationauthority->caCert();
$caKey = $certificationauthority->caKey();
$csr = $certificationauthority->createCSR("FR", "FOURNIER38", "CSR");
$cert = $certificationauthority->signCSR($csr, $caCert, $caKey);
file_put_contents("/tmp/test_signCSR_4", $cert);
exec("openssl x509 -in - -text -noout < /tmp/test_signCSR_4", $output);
$res = preg_match(
"#Issuer: C = FR, O = FOURNIER38, CN = CATEST#",
implode("\n", $output)
);
unlink("/tmp/test_signCSR_4");
$this->assertSame($res, 1);
}
public function testSignCSR5()
{
// Check if generated cert is not tagged CA
$certificationauthority = new Certificationauthority();
$certificationauthority->createCA("FR", "FOURNIER38", "CATEST");
$caCert = $certificationauthority->caCert();
$caKey = $certificationauthority->caKey();
$csr = $certificationauthority->createCSR("FR", "FOURNIER38", "CSR");
$cert = $certificationauthority->signCSR($csr, $caCert, $caKey);
file_put_contents("/tmp/test_signCSR_5", $cert);
exec("openssl x509 -in - -text -noout < /tmp/test_signCSR_5", $output);
$res = preg_match(
"# CA:FALSE#",
implode("\n", $output)
);
unlink("/tmp/test_signCSR_5");
$this->assertSame($res, 1);
}
public function testSignCSR6()
{
// Check if generated cert has Alternative Names
$certificationauthority = new Certificationauthority();
$certificationauthority->createCA("FR", "FOURNIER38", "CATEST");
$caCert = $certificationauthority->caCert();
$caKey = $certificationauthority->caKey();
$csr = $certificationauthority->createCSR(
"FR",
"FOURNIER38",
"CSR.fournier38.fr"
);
$cert = $certificationauthority->signCSR(
$csr,
$caCert,
$caKey,
null,
["ALT1.example.com","ALT2.example.com"]
);
file_put_contents("/tmp/test_signCSR_6", $cert);
exec("openssl x509 -in - -text -noout < /tmp/test_signCSR_6", $output);
$res = preg_match(
"#DNS:CSR.fournier38.fr, DNS:ALT1.example.com, DNS:ALT#",
implode("\n", $output)
);
unlink("/tmp/test_signCSR_6");
$this->assertSame($res, 1);
}
}
Reference in New Issue View Git Blame Copy Permalink