Dominique.Fournier/DomFramework
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity
Files
2ea8f73868f27a5bfef1657e9c9e662682e24566
DomFramework/Tests/certificationauthorityTest.php
Dominique Fournier 2ea8f73868 certificationauthority : Add alternative names 
git-svn-id: https://svn.fournier38.fr/svn/ProgSVN/trunk@5109 bf3deb0d-5f1a-0410-827f-c0cc1f45334c
2019-03-15 08:43:07 +00:00

147 lines
6.0 KiB
PHP
Raw Blame History

<?php
/** Test the certification Authority
*/
class test_certificationauthority extends PHPUnit_Framework_TestCase
{
public function test_createCA_1 ()
{
$certificationauthority = new certificationauthority ();
$certificationauthority->createCA ("FR", "FOURNIER38", "CATEST");
$caCert = explode ("\n", $certificationauthority->caCert ());
$caKey = explode ("\n", $certificationauthority->caKey ());
$res = $caCert[0] . $caKey[0];
$this->assertSame ($res,
"-----BEGIN CERTIFICATE----------BEGIN PRIVATE KEY-----");
}
public function test_createCA_2 ()
{
$certificationauthority = new certificationauthority ();
$certificationauthority->createCA ("FR", "FOURNIER38", "CATEST");
$caCert = $certificationauthority->caCert ();
file_put_contents ("/tmp/test_createCA_2", $caCert);
exec ("openssl x509 -in - -text -noout < /tmp/test_createCA_2", $output);
$res = preg_match ("# CA:TRUE#",
implode ("\n", $output));
unlink ("/tmp/test_createCA_2");
$this->assertSame ($res, 1);
}
public function test_createPK_1 ()
{
$certificationauthority = new certificationauthority ();
$privateKey = $certificationauthority->createPrivateKey () -> privateKey ();
$privateKey = explode ("\n", $privateKey);
$this->assertSame ($privateKey[0], "-----BEGIN PRIVATE KEY-----");
}
public function test_createCSR_1 ()
{
$certificationauthority = new certificationauthority ();
$csr = $certificationauthority->createCSR ("FR", "FOURNIER38", "CSR");
$csr = explode ("\n", $csr);
$this->assertSame ($csr[0], "-----BEGIN CERTIFICATE REQUEST-----");
}
public function test_signCSR_1 ()
{
$certificationauthority = new certificationauthority ();
$certificationauthority->createCA ("FR", "FOURNIER38", "CATEST");
$caCert = $certificationauthority->caCert ();
$caKey = $certificationauthority->caKey ();
$csr = $certificationauthority->createCSR ("FR", "FOURNIER38", "CSR");
$cert = $certificationauthority->signCSR ($csr, $caCert, $caKey);
$cert = explode ("\n", $cert);
$this->assertSame ($cert[0], "-----BEGIN CERTIFICATE-----");
}
public function test_signCSR_2 ()
{
$certificationauthority = new certificationauthority ();
$certificationauthority->createCA ("FR", "FOURNIER38", "CATEST");
$caCert = $certificationauthority->caCert ();
$caKey = $certificationauthority->caKey ();
$csr = $certificationauthority->createCSR ("FR", "FOURNIER38", "CSR");
$cert = $certificationauthority->signCSR ($csr, $caCert, $caKey);
file_put_contents ("/tmp/test_signCSR_2", $cert);
exec ("openssl x509 -in - -text -noout < /tmp/test_signCSR_2", $output);
$res = preg_match ("#Subject: C = FR, .+ CN = CSR#",
implode ("\n", $output));
unlink ("/tmp/test_signCSR_2");
$this->assertSame ($res, 1);
}
public function test_signCSR_3 ()
{
// Check if generated cert X509v3 Extended Key Usage are valid
$certificationauthority = new certificationauthority ();
$certificationauthority->createCA ("FR", "FOURNIER38", "CATEST");
$caCert = $certificationauthority->caCert ();
$caKey = $certificationauthority->caKey ();
$csr = $certificationauthority->createCSR ("FR", "FOURNIER38", "CSR");
$cert = $certificationauthority->signCSR ($csr, $caCert, $caKey);
file_put_contents ("/tmp/test_signCSR_3", $cert);
exec ("openssl x509 -in - -text -noout < /tmp/test_signCSR_3", $output);
$res = preg_match (
"#TLS Web Server Authentication, TLS Web Client Authentication#",
implode ("\n", $output));
unlink ("/tmp/test_signCSR_3");
$this->assertSame ($res, 1);
}
public function test_signCSR_4 ()
{
// Check if generated cert issuer name is valid
$certificationauthority = new certificationauthority ();
$certificationauthority->createCA ("FR", "FOURNIER38", "CATEST");
$caCert = $certificationauthority->caCert ();
$caKey = $certificationauthority->caKey ();
$csr = $certificationauthority->createCSR ("FR", "FOURNIER38", "CSR");
$cert = $certificationauthority->signCSR ($csr, $caCert, $caKey);
file_put_contents ("/tmp/test_signCSR_4", $cert);
exec ("openssl x509 -in - -text -noout < /tmp/test_signCSR_4", $output);
$res = preg_match ("#Issuer: C = FR, O = FOURNIER38, CN = CATEST#",
implode ("\n", $output));
unlink ("/tmp/test_signCSR_4");
$this->assertSame ($res, 1);
}
public function test_signCSR_5 ()
{
// Check if generated cert is not tagged CA
$certificationauthority = new certificationauthority ();
$certificationauthority->createCA ("FR", "FOURNIER38", "CATEST");
$caCert = $certificationauthority->caCert ();
$caKey = $certificationauthority->caKey ();
$csr = $certificationauthority->createCSR ("FR", "FOURNIER38", "CSR");
$cert = $certificationauthority->signCSR ($csr, $caCert, $caKey);
file_put_contents ("/tmp/test_signCSR_5", $cert);
exec ("openssl x509 -in - -text -noout < /tmp/test_signCSR_5", $output);
$res = preg_match ("# CA:FALSE#",
implode ("\n", $output));
unlink ("/tmp/test_signCSR_5");
$this->assertSame ($res, 1);
}
public function test_signCSR_6 ()
{
// Check if generated cert has Alternative Names
$certificationauthority = new certificationauthority ();
$certificationauthority->createCA ("FR", "FOURNIER38", "CATEST");
$caCert = $certificationauthority->caCert ();
$caKey = $certificationauthority->caKey ();
$csr = $certificationauthority->createCSR ("FR", "FOURNIER38",
"CSR.fournier38.fr");
$cert = $certificationauthority->signCSR ($csr, $caCert, $caKey, null,
["ALT1.example.com","ALT2.example.com"]);
file_put_contents ("/tmp/test_signCSR_6", $cert);
exec ("openssl x509 -in - -text -noout < /tmp/test_signCSR_6", $output);
$res = preg_match ("#DNS:CSR.fournier38.fr, DNS:ALT1.example.com, DNS:ALT#",
implode ("\n", $output));
print_r ($output);
unlink ("/tmp/test_signCSR_6");
$this->assertSame ($res, 1);
}
}
Reference in New Issue View Git Blame Copy Permalink