1#!/usr/bin/perl
2
3use strict;
4use warnings;
5
6use FindBin qw( $Bin );
7use lib "$Bin/../../lib";
8
9use Carp;
10use English;
11use Data::Dumper;
12use Config::Std;
13use File::Basename;
14use OpenXPKI::Serialization::Simple;
15use Log::Log4perl qw(:easy);
16Log::Log4perl->easy_init($WARN);
17
18use OpenXPKI::Test::QA::More;
19use TestCfg;
20
21my $dirname = dirname($0);
22
23our @cfgpath = ( $dirname );
24our %cfg = ();
25
26my $test = OpenXPKI::Test::QA::More->new({
27    socketfile => '/var/openxpki/openxpki.socket',
28    realm => '',
29}) or die "Error creating new test instance: $@";
30
31$test->set_verbose(0);
32
33$test->plan( tests => 42 );
34
35# Login to use socket
36$test->connect_ok(
37    user => 'raop',
38    password => 'openxpki',
39) or die "Error - connect failed: $@";
40
41my $pkcs10 = `openssl req -new -nodes -keyout /dev/null -config openssl.conf -reqexts req_san 2>/dev/null`;
42
43# Test without profile
44
45my %wfparam = (
46    cert_profile => 'acme',
47    cert_subject_style => 'none',
48    pkcs10 => $pkcs10,
49);
50
51$test->create_ok( 'test_pkcs10' , \%wfparam, 'Create Parser Workflow')
52 or die "Workflow Create failed: $@";
53
54$test->state_is('SUCCESS');
55
56my $context = $test->get_msg()->{PARAMS}->{WORKFLOW}->{CONTEXT};
57$test->is(ref $context, 'HASH');
58
59$test->is($context->{'csr_key_alg'}, 'rsa');
60$test->is($context->{'csr_key_params'}->{'key_length'}, '2048');
61
62$test->is($context->{csr_subject}, 'DC=com,DC=Company,OU=IT,OU=Test,CN=test.me');
63
64my $ser = OpenXPKI::Serialization::Simple->new();
65
66my $subject = $ser->deserialize( $context->{cert_subject_parts} );
67
68$test->is($subject->{SAN_URI}->[0], 'http://test.me/');
69$test->is($subject->{SAN_IP}->[0], '127.0.0.1');
70$test->is($subject->{SAN_DNS}->[0], 'test.me');
71$test->is($subject->{SAN_DNS}->[1], 'also.test.me');
72$test->is($subject->{SAN_EMAIL}->[0], 'me@test.me');
73$test->is($subject->{CN}->[0], 'test.me');
74$test->is($subject->{OU}->[0], 'IT');
75$test->is($subject->{OU}->[1], 'Test');
76$test->is($subject->{DC}->[0], 'com');
77$test->is($subject->{DC}->[1], 'Company');
78
79my $san = $ser->deserialize( $context->{cert_subject_alt_name} );
80
81$test->is(scalar @{$san}, 5);
82
83# order of keys in SAN hash is not defined, so we use map to check the array
84$test->ok(map { ($_->[0] eq 'IP' &&  $_->[1] eq '127.0.0.1') ? 1 : ();  } @{$san});
85$test->ok(map { ($_->[0] eq 'email' &&  $_->[1] eq 'me@test.me') ? 1 : ();  } @{$san});
86$test->ok(map { ($_->[0] eq 'DNS' &&  $_->[1] eq 'also.test.me') ? 1 : ();  } @{$san});
87
88$test->ok($context->{req_attributes}->{challengePassword}, 'SecretChallenge');
89
90# Test with profile
91%wfparam = (
92    cert_profile => 'tls_server',
93    cert_subject_style => '00_basic_style',
94    pkcs10 => $pkcs10,
95);
96
97$test->create_ok( 'test_pkcs10' , \%wfparam, 'Create Parser Workflow')
98 or die "Workflow Create failed: $@";
99
100$test->state_is('SUCCESS');
101
102$context = $test->get_msg()->{PARAMS}->{WORKFLOW}->{CONTEXT};
103$test->is(ref $context, 'HASH');
104
105$subject = $ser->deserialize( $context->{cert_subject_parts} );
106
107$test->is($subject->{hostname}, 'test.me');
108$test->is($subject->{hostname2}->[0], 'test.me');
109$test->is($subject->{hostname2}->[1], 'also.test.me');
110$test->is(scalar @{$subject->{hostname2}}, 2);
111
112$san = $ser->deserialize( $context->{cert_san_parts} );
113$test->is($san->{dns}->[1], 'also.test.me');
114$test->is($san->{ip}->[0], '127.0.0.1');
115$test->is($san->{email}, undef);
116
117$pkcs10 = `openssl req -new -nodes -keyout /dev/null -config openssl.conf -reqexts req_template_v1  2>/dev/null`;
118
119%wfparam = (
120    cert_profile => 'tls_server',
121    cert_subject_style => '00_basic_style',
122    pkcs10 => $pkcs10,
123);
124
125$test->create_ok( 'test_pkcs10' , \%wfparam, 'Create Parser Workflow')
126 or die "Workflow Create failed: $@";
127
128$test->state_is('SUCCESS');
129
130$context = $test->get_msg()->{PARAMS}->{WORKFLOW}->{CONTEXT};
131$test->is(ref $context, 'HASH');
132
133$test->is($context->{req_extensions}->{certificateTemplateName}, 'Machine');
134$test->is($context->{req_extensions}->{certificateTemplate}, undef);
135
136
137$pkcs10 = `openssl req -new -nodes -keyout /dev/null -config openssl.conf -reqexts req_template_v2  2>/dev/null`;
138
139%wfparam = (
140    cert_profile => 'tls_server',
141    cert_subject_style => '00_basic_style',
142    pkcs10 => $pkcs10,
143);
144
145$test->create_ok( 'test_pkcs10' , \%wfparam, 'Create Parser Workflow')
146 or die "Workflow Create failed: $@";
147
148$test->state_is('SUCCESS');
149
150$context = $test->get_msg()->{PARAMS}->{WORKFLOW}->{CONTEXT};
151$test->is(ref $context, 'HASH');
152
153$test->is($context->{req_extensions}->{certificateTemplateName}, undef);
154$test->is($context->{req_extensions}->{certificateTemplate}->{templateID}, '1.3.6.1.4.1.311.21.8.15138236.9849362.7818410.4518060.12563386.22.5003942.7882920');
155
156