|
|
7a8c6d |
From c33a8fe36d340447641d4dc623c98d2bf9a2d650 Mon Sep 17 00:00:00 2001
|
|
|
7a8c6d |
From: Fraser Tweedale <ftweedal@redhat.com>
|
|
|
7a8c6d |
Date: Thu, 24 Aug 2017 13:37:36 +1000
|
|
|
7a8c6d |
Subject: [PATCH] MS cert template: add tests
|
|
|
7a8c6d |
|
|
|
7a8c6d |
Part of: https://pagure.io/certmonger/issue/78
|
|
|
7a8c6d |
---
|
|
|
7a8c6d |
tests/038-ms-v2-template/expected.out | 19 ++++++++++
|
|
|
7a8c6d |
tests/038-ms-v2-template/extract-extdata.py | 29 ++++++++++++++++
|
|
|
7a8c6d |
tests/038-ms-v2-template/run.sh | 54 +++++++++++++++++++++++++++++
|
|
|
7a8c6d |
tests/Makefile.am | 8 +++--
|
|
|
7a8c6d |
4 files changed, 108 insertions(+), 2 deletions(-)
|
|
|
7a8c6d |
create mode 100644 tests/038-ms-v2-template/expected.out
|
|
|
7a8c6d |
create mode 100755 tests/038-ms-v2-template/extract-extdata.py
|
|
|
7a8c6d |
create mode 100755 tests/038-ms-v2-template/run.sh
|
|
|
7a8c6d |
|
|
|
7a8c6d |
diff --git a/tests/038-ms-v2-template/expected.out b/tests/038-ms-v2-template/expected.out
|
|
|
7a8c6d |
new file mode 100644
|
|
|
7a8c6d |
index 0000000..7338a5f
|
|
|
7a8c6d |
--- /dev/null
|
|
|
7a8c6d |
+++ b/tests/038-ms-v2-template/expected.out
|
|
|
7a8c6d |
@@ -0,0 +1,19 @@
|
|
|
7a8c6d |
+[key]
|
|
|
7a8c6d |
+OK.
|
|
|
7a8c6d |
+[csr : bogus oid]
|
|
|
7a8c6d |
+extension not present
|
|
|
7a8c6d |
+[csr : bogus major version]
|
|
|
7a8c6d |
+extension not present
|
|
|
7a8c6d |
+[csr : missing major version]
|
|
|
7a8c6d |
+extension not present
|
|
|
7a8c6d |
+[csr : too many parts]
|
|
|
7a8c6d |
+extension not present
|
|
|
7a8c6d |
+[csr : oid, major version]
|
|
|
7a8c6d |
+ 0:d=0 hl=2 l= 8 cons: SEQUENCE
|
|
|
7a8c6d |
+ 2:d=1 hl=2 l= 3 prim: OBJECT :1.2.3.4
|
|
|
7a8c6d |
+ 7:d=1 hl=2 l= 1 prim: INTEGER :2A
|
|
|
7a8c6d |
+[csr : oid, major version, minor version]
|
|
|
7a8c6d |
+ 0:d=0 hl=2 l= 11 cons: SEQUENCE
|
|
|
7a8c6d |
+ 2:d=1 hl=2 l= 3 prim: OBJECT :1.2.3.4
|
|
|
7a8c6d |
+ 7:d=1 hl=2 l= 1 prim: INTEGER :2A
|
|
|
7a8c6d |
+ 10:d=1 hl=2 l= 1 prim: INTEGER :11
|
|
|
7a8c6d |
diff --git a/tests/038-ms-v2-template/extract-extdata.py b/tests/038-ms-v2-template/extract-extdata.py
|
|
|
7a8c6d |
new file mode 100755
|
|
|
7a8c6d |
index 0000000..cd96f99
|
|
|
7a8c6d |
--- /dev/null
|
|
|
7a8c6d |
+++ b/tests/038-ms-v2-template/extract-extdata.py
|
|
|
7a8c6d |
@@ -0,0 +1,29 @@
|
|
|
7a8c6d |
+#!/bin/python2
|
|
|
7a8c6d |
+
|
|
|
7a8c6d |
+# Given `openssl asn1parse` output of a CSR, look for the V2 Template
|
|
|
7a8c6d |
+# extension and output its data if found. Nonzero exit status if
|
|
|
7a8c6d |
+# not found.
|
|
|
7a8c6d |
+
|
|
|
7a8c6d |
+import binascii
|
|
|
7a8c6d |
+import re
|
|
|
7a8c6d |
+import sys
|
|
|
7a8c6d |
+
|
|
|
7a8c6d |
+STATE_SEARCH, STATE_FOUND, STATE_DONE = range(3)
|
|
|
7a8c6d |
+
|
|
|
7a8c6d |
+state = STATE_SEARCH
|
|
|
7a8c6d |
+
|
|
|
7a8c6d |
+for line in sys.stdin:
|
|
|
7a8c6d |
+ if state == STATE_SEARCH and ':1.3.6.1.4.1.311.21.7' in line:
|
|
|
7a8c6d |
+ state = STATE_FOUND
|
|
|
7a8c6d |
+ continue
|
|
|
7a8c6d |
+
|
|
|
7a8c6d |
+ # look for first OCTET STRING once we're in STATE_FOUND
|
|
|
7a8c6d |
+ #
|
|
|
7a8c6d |
+ if state == STATE_FOUND and 'OCTET STRING' in line:
|
|
|
7a8c6d |
+ result = re.search(r'\[HEX DUMP\]:(\w*)', line)
|
|
|
7a8c6d |
+ sys.stdout.write(binascii.unhexlify(result.group(1)))
|
|
|
7a8c6d |
+ state = STATE_DONE
|
|
|
7a8c6d |
+ break
|
|
|
7a8c6d |
+
|
|
|
7a8c6d |
+if state != STATE_DONE:
|
|
|
7a8c6d |
+ sys.exit(1)
|
|
|
7a8c6d |
diff --git a/tests/038-ms-v2-template/run.sh b/tests/038-ms-v2-template/run.sh
|
|
|
7a8c6d |
new file mode 100755
|
|
|
7a8c6d |
index 0000000..0eeb7f9
|
|
|
7a8c6d |
--- /dev/null
|
|
|
7a8c6d |
+++ b/tests/038-ms-v2-template/run.sh
|
|
|
7a8c6d |
@@ -0,0 +1,54 @@
|
|
|
7a8c6d |
+#!/bin/bash -e
|
|
|
7a8c6d |
+
|
|
|
7a8c6d |
+srcdir=$PWD
|
|
|
7a8c6d |
+cd $tmpdir
|
|
|
7a8c6d |
+
|
|
|
7a8c6d |
+mkconfig() {
|
|
|
7a8c6d |
+ cat > request <<- EOF
|
|
|
7a8c6d |
+ key_storage_type=FILE
|
|
|
7a8c6d |
+ key_storage_location=$tmpdir/key
|
|
|
7a8c6d |
+ cert_storage_type=FILE
|
|
|
7a8c6d |
+ cert_storage_location=$tmpdir/cert
|
|
|
7a8c6d |
+ template_subject=CN=MS V2 Certificate Template test
|
|
|
7a8c6d |
+ EOF
|
|
|
7a8c6d |
+}
|
|
|
7a8c6d |
+
|
|
|
7a8c6d |
+echo "[key]"
|
|
|
7a8c6d |
+mkconfig
|
|
|
7a8c6d |
+$toolsdir/keygen request
|
|
|
7a8c6d |
+
|
|
|
7a8c6d |
+echo "[csr : bogus oid]"
|
|
|
7a8c6d |
+mkconfig
|
|
|
7a8c6d |
+echo "template_certificate_template=NotAnOid:42" >> request
|
|
|
7a8c6d |
+$toolsdir/csrgen request | openssl asn1parse \
|
|
|
7a8c6d |
+ | $srcdir/extract-extdata.py || echo "extension not present"
|
|
|
7a8c6d |
+
|
|
|
7a8c6d |
+echo "[csr : bogus major version]"
|
|
|
7a8c6d |
+mkconfig
|
|
|
7a8c6d |
+echo "template_certificate_template=1.2.3.4:wat" >> request
|
|
|
7a8c6d |
+$toolsdir/csrgen request | openssl asn1parse \
|
|
|
7a8c6d |
+ | $srcdir/extract-extdata.py || echo "extension not present"
|
|
|
7a8c6d |
+
|
|
|
7a8c6d |
+echo "[csr : missing major version]"
|
|
|
7a8c6d |
+mkconfig
|
|
|
7a8c6d |
+echo "template_certificate_template=1.2.3.4" >> request
|
|
|
7a8c6d |
+$toolsdir/csrgen request | openssl asn1parse \
|
|
|
7a8c6d |
+ | $srcdir/extract-extdata.py || echo "extension not present"
|
|
|
7a8c6d |
+
|
|
|
7a8c6d |
+echo "[csr : too many parts]"
|
|
|
7a8c6d |
+mkconfig
|
|
|
7a8c6d |
+echo "template_certificate_template=1.2.3.4:1:1:1" >> request
|
|
|
7a8c6d |
+$toolsdir/csrgen request | openssl asn1parse \
|
|
|
7a8c6d |
+ | $srcdir/extract-extdata.py || echo "extension not present"
|
|
|
7a8c6d |
+
|
|
|
7a8c6d |
+echo "[csr : oid, major version]"
|
|
|
7a8c6d |
+mkconfig
|
|
|
7a8c6d |
+echo "template_certificate_template=1.2.3.4:42" >> request
|
|
|
7a8c6d |
+$toolsdir/csrgen request | openssl asn1parse \
|
|
|
7a8c6d |
+ | $srcdir/extract-extdata.py | openssl asn1parse -inform DER
|
|
|
7a8c6d |
+
|
|
|
7a8c6d |
+echo "[csr : oid, major version, minor version]"
|
|
|
7a8c6d |
+mkconfig
|
|
|
7a8c6d |
+echo "template_certificate_template=1.2.3.4:42:17" >> request
|
|
|
7a8c6d |
+$toolsdir/csrgen request | openssl asn1parse \
|
|
|
7a8c6d |
+ | $srcdir/extract-extdata.py | openssl asn1parse -inform DER
|
|
|
7a8c6d |
diff --git a/tests/Makefile.am b/tests/Makefile.am
|
|
|
7a8c6d |
index bbcd06e..562b027 100644
|
|
|
7a8c6d |
--- a/tests/Makefile.am
|
|
|
7a8c6d |
+++ b/tests/Makefile.am
|
|
|
7a8c6d |
@@ -148,7 +148,10 @@ EXTRA_DIST = \
|
|
|
7a8c6d |
036-getcert/expected.out \
|
|
|
7a8c6d |
036-getcert/run.sh \
|
|
|
7a8c6d |
037-rekey2/expected.out \
|
|
|
7a8c6d |
- 037-rekey2/run.sh
|
|
|
7a8c6d |
+ 037-rekey2/run.sh \
|
|
|
7a8c6d |
+ 038-ms-v2-template/expected.out \
|
|
|
7a8c6d |
+ 038-ms-v2-template/extract-extdata.py \
|
|
|
7a8c6d |
+ 038-ms-v2-template/run.sh
|
|
|
7a8c6d |
|
|
|
7a8c6d |
subdirs = \
|
|
|
7a8c6d |
001-keyiread \
|
|
|
7a8c6d |
@@ -189,7 +192,8 @@ subdirs = \
|
|
|
7a8c6d |
034-perms \
|
|
|
7a8c6d |
035-json \
|
|
|
7a8c6d |
036-getcert \
|
|
|
7a8c6d |
- 037-rekey2
|
|
|
7a8c6d |
+ 037-rekey2 \
|
|
|
7a8c6d |
+ 038-ms-v2-template
|
|
|
7a8c6d |
|
|
|
7a8c6d |
if HAVE_DBM_NSSDB
|
|
|
7a8c6d |
subdirs += \
|
|
|
7a8c6d |
--
|
|
|
7a8c6d |
2.14.4
|
|
|
7a8c6d |
|