1#!/usr/bin/perl 2 3use strict; 4use warnings; 5 6use FindBin qw( $Bin ); 7use lib "$Bin/../../lib"; 8 9use Carp; 10use English; 11use Data::Dumper; 12use Config::Std; 13use File::Basename; 14use OpenXPKI::Serialization::Simple; 15use Log::Log4perl qw(:easy); 16Log::Log4perl->easy_init($WARN); 17 18use OpenXPKI::Test::QA::More; 19use TestCfg; 20 21my $dirname = dirname($0); 22 23our @cfgpath = ( $dirname ); 24our %cfg = (); 25 26my $test = OpenXPKI::Test::QA::More->new({ 27 socketfile => '/var/openxpki/openxpki.socket', 28 realm => '', 29}) or die "Error creating new test instance: $@"; 30 31$test->set_verbose(0); 32 33$test->plan( tests => 42 ); 34 35# Login to use socket 36$test->connect_ok( 37 user => 'raop', 38 password => 'openxpki', 39) or die "Error - connect failed: $@"; 40 41my $pkcs10 = `openssl req -new -nodes -keyout /dev/null -config openssl.conf -reqexts req_san 2>/dev/null`; 42 43# Test without profile 44 45my %wfparam = ( 46 cert_profile => 'acme', 47 cert_subject_style => 'none', 48 pkcs10 => $pkcs10, 49); 50 51$test->create_ok( 'test_pkcs10' , \%wfparam, 'Create Parser Workflow') 52 or die "Workflow Create failed: $@"; 53 54$test->state_is('SUCCESS'); 55 56my $context = $test->get_msg()->{PARAMS}->{WORKFLOW}->{CONTEXT}; 57$test->is(ref $context, 'HASH'); 58 59$test->is($context->{'csr_key_alg'}, 'rsa'); 60$test->is($context->{'csr_key_params'}->{'key_length'}, '2048'); 61 62$test->is($context->{csr_subject}, 'DC=com,DC=Company,OU=IT,OU=Test,CN=test.me'); 63 64my $ser = OpenXPKI::Serialization::Simple->new(); 65 66my $subject = $ser->deserialize( $context->{cert_subject_parts} ); 67 68$test->is($subject->{SAN_URI}->[0], 'http://test.me/'); 69$test->is($subject->{SAN_IP}->[0], '127.0.0.1'); 70$test->is($subject->{SAN_DNS}->[0], 'test.me'); 71$test->is($subject->{SAN_DNS}->[1], 'also.test.me'); 72$test->is($subject->{SAN_EMAIL}->[0], 'me@test.me'); 73$test->is($subject->{CN}->[0], 'test.me'); 74$test->is($subject->{OU}->[0], 'IT'); 75$test->is($subject->{OU}->[1], 'Test'); 76$test->is($subject->{DC}->[0], 'com'); 77$test->is($subject->{DC}->[1], 'Company'); 78 79my $san = $ser->deserialize( $context->{cert_subject_alt_name} ); 80 81$test->is(scalar @{$san}, 5); 82 83# order of keys in SAN hash is not defined, so we use map to check the array 84$test->ok(map { ($_->[0] eq 'IP' && $_->[1] eq '127.0.0.1') ? 1 : (); } @{$san}); 85$test->ok(map { ($_->[0] eq 'email' && $_->[1] eq 'me@test.me') ? 1 : (); } @{$san}); 86$test->ok(map { ($_->[0] eq 'DNS' && $_->[1] eq 'also.test.me') ? 1 : (); } @{$san}); 87 88$test->ok($context->{req_attributes}->{challengePassword}, 'SecretChallenge'); 89 90# Test with profile 91%wfparam = ( 92 cert_profile => 'tls_server', 93 cert_subject_style => '00_basic_style', 94 pkcs10 => $pkcs10, 95); 96 97$test->create_ok( 'test_pkcs10' , \%wfparam, 'Create Parser Workflow') 98 or die "Workflow Create failed: $@"; 99 100$test->state_is('SUCCESS'); 101 102$context = $test->get_msg()->{PARAMS}->{WORKFLOW}->{CONTEXT}; 103$test->is(ref $context, 'HASH'); 104 105$subject = $ser->deserialize( $context->{cert_subject_parts} ); 106 107$test->is($subject->{hostname}, 'test.me'); 108$test->is($subject->{hostname2}->[0], 'test.me'); 109$test->is($subject->{hostname2}->[1], 'also.test.me'); 110$test->is(scalar @{$subject->{hostname2}}, 2); 111 112$san = $ser->deserialize( $context->{cert_san_parts} ); 113$test->is($san->{dns}->[1], 'also.test.me'); 114$test->is($san->{ip}->[0], '127.0.0.1'); 115$test->is($san->{email}, undef); 116 117$pkcs10 = `openssl req -new -nodes -keyout /dev/null -config openssl.conf -reqexts req_template_v1 2>/dev/null`; 118 119%wfparam = ( 120 cert_profile => 'tls_server', 121 cert_subject_style => '00_basic_style', 122 pkcs10 => $pkcs10, 123); 124 125$test->create_ok( 'test_pkcs10' , \%wfparam, 'Create Parser Workflow') 126 or die "Workflow Create failed: $@"; 127 128$test->state_is('SUCCESS'); 129 130$context = $test->get_msg()->{PARAMS}->{WORKFLOW}->{CONTEXT}; 131$test->is(ref $context, 'HASH'); 132 133$test->is($context->{req_extensions}->{certificateTemplateName}, 'Machine'); 134$test->is($context->{req_extensions}->{certificateTemplate}, undef); 135 136 137$pkcs10 = `openssl req -new -nodes -keyout /dev/null -config openssl.conf -reqexts req_template_v2 2>/dev/null`; 138 139%wfparam = ( 140 cert_profile => 'tls_server', 141 cert_subject_style => '00_basic_style', 142 pkcs10 => $pkcs10, 143); 144 145$test->create_ok( 'test_pkcs10' , \%wfparam, 'Create Parser Workflow') 146 or die "Workflow Create failed: $@"; 147 148$test->state_is('SUCCESS'); 149 150$context = $test->get_msg()->{PARAMS}->{WORKFLOW}->{CONTEXT}; 151$test->is(ref $context, 'HASH'); 152 153$test->is($context->{req_extensions}->{certificateTemplateName}, undef); 154$test->is($context->{req_extensions}->{certificateTemplate}->{templateID}, '1.3.6.1.4.1.311.21.8.15138236.9849362.7818410.4518060.12563386.22.5003942.7882920'); 155 156