summaryrefslogtreecommitdiff
path: root/regress
diff options
context:
space:
mode:
authorWilliam Ahern <william@25thandclement.com>2016-10-29 15:06:45 -0700
committerWilliam Ahern <william@25thandclement.com>2016-10-29 15:06:45 -0700
commit20afc608216ab2a09c91626f099e40928bd7fc58 (patch)
tree42fae3ff516ed5e1acade2e4bfd6e7c990f28ddb /regress
parentd554b2ffccd22b5c345e8efe881811acfa644d27 (diff)
downloadluaossl-20afc608216ab2a09c91626f099e40928bd7fc58.tar.gz
luaossl-20afc608216ab2a09c91626f099e40928bd7fc58.tar.bz2
luaossl-20afc608216ab2a09c91626f099e40928bd7fc58.zip
add regression test for store:verify
Diffstat (limited to 'regress')
-rwxr-xr-xregress/00-store-verify.lua19
-rw-r--r--regress/regress.lua161
2 files changed, 180 insertions, 0 deletions
diff --git a/regress/00-store-verify.lua b/regress/00-store-verify.lua
new file mode 100755
index 0000000..f45ad7e
--- /dev/null
+++ b/regress/00-store-verify.lua
@@ -0,0 +1,19 @@
1#!/usr/bin/env lua
2
3require"regress".export".*"
4
5local st = store.new()
6
7local ca_key, ca_crt = genkey()
8st:add(ca_crt)
9
10local key, crt = genkey("RSA", ca_key, ca_crt)
11
12local ok, proof_or_reason = st:verify(crt)
13check(ok, "%s", proof_or_reason)
14
15--for _,crt in pairs(proof_or_reason) do
16-- print(crt:text())
17--end
18
19say"OK"
diff --git a/regress/regress.lua b/regress/regress.lua
new file mode 100644
index 0000000..8d955ea
--- /dev/null
+++ b/regress/regress.lua
@@ -0,0 +1,161 @@
1local regress = {
2 openssl = require"openssl",
3 pkey = require"openssl.pkey",
4 x509 = require"openssl.x509",
5 name = require"openssl.x509.name",
6 altname = require"openssl.x509.altname",
7 store = require"openssl.x509.store",
8 pack = table.pack or function (...)
9 local t = { ... }
10 t.n = select("#", ...)
11 return t
12 end,
13 unpack = table.unpack or unpack,
14}
15
16local emit_progname = os.getenv"REGRESS_PROGNAME" or "regress"
17local emit_verbose = tonumber(os.getenv"REGRESS_VERBOSE" or 1)
18local emit_info = {}
19local emit_ll = 0
20
21local function emit(fmt, ...)
22 local msg = string.format(fmt, ...)
23
24 for txt, nl in msg:gmatch("([^\n]*)(\n?)") do
25 if emit_ll == 0 and #txt > 0 then
26 io.stderr:write(emit_progname, ": ")
27 emit_ll = #emit_progname + 2
28 end
29
30 io.stderr:write(txt, nl)
31
32 if nl == "\n" then
33 emit_ll = 0
34 else
35 emit_ll = emit_ll + #txt
36 end
37 end
38end -- emit
39
40local function emitln(fmt, ...)
41 if emit_ll > 0 then
42 emit"\n"
43 end
44
45 emit(fmt .. "\n", ...)
46end -- emitln
47
48local function emitinfo()
49 for _, txt in ipairs(emit_info) do
50 emitln("%s", txt)
51 end
52end -- emitinfo
53
54function regress.say(...)
55 emitln(...)
56end -- say
57
58function regress.panic(...)
59 emitinfo()
60 emitln(...)
61 os.exit(1)
62end -- panic
63
64function regress.info(...)
65 if emit_verbose > 1 then
66 emitln(...)
67 else
68 emit_info[#emit_info + 1] = string.format(...)
69
70 if emit_verbose > 0 then
71 if emit_ll > 78 then
72 emit"\n."
73 else
74 emit"."
75 end
76 end
77 end
78end -- info
79
80function regress.check(v, ...)
81 if v then
82 return v, ...
83 else
84 regress.panic(...)
85 end
86end -- check
87
88function regress.export(...)
89 for _, pat in ipairs{ ... } do
90 for k, v in pairs(regress) do
91 if string.match(k, pat) then
92 _G[k] = v
93 end
94 end
95 end
96
97 return regress
98end -- export
99
100local counter = 0
101function regress.genkey(type, ca_key, ca_crt)
102 local pkey = require"openssl.pkey"
103 local x509 = require"openssl.x509"
104 local name = require"openssl.x509.name"
105 local altname = require"openssl.x509.altname"
106 local key
107
108 type = string.upper(type or "RSA")
109
110 if type == "EC" then
111 key = regress.check(pkey.new{ type = "EC", curve = "prime192v1" })
112 else
113 key = regress.check(pkey.new{ type = type, bits = 1024 })
114 end
115
116 local dn = name.new()
117 dn:add("C", "US")
118 dn:add("ST", "California")
119 dn:add("L", "San Francisco")
120 dn:add("O", "Acme, Inc.")
121 dn:add("CN", string.format("acme%d.inc", counter))
122 counter = counter + 1
123
124 local alt = altname.new()
125 alt:add("DNS", "acme.inc")
126 alt:add("DNS", "localhost")
127
128 local crt = x509.new()
129 crt:setVersion(3)
130 crt:setSerial(47)
131 crt:setSubject(dn)
132 crt:setIssuer((ca_crt or crt):getSubject())
133 crt:setSubjectAlt(alt)
134
135 local issued, expires = crt:getLifetime()
136 crt:setLifetime(issued, expires + 60)
137
138 crt:setBasicConstraints{ CA = true, pathLen = 2 }
139 crt:setBasicConstraintsCritical(true)
140
141 crt:setPublicKey(key)
142 crt:sign(ca_key or key)
143
144 return key, crt
145end -- regress.genkey
146
147local function getsubtable(t, name, ...)
148 name = name or false -- cannot be nil
149
150 if not t[name] then
151 t[name] = {}
152 end
153
154 if select('#', ...) > 0 then
155 return getsubtable(t[name], ...)
156 else
157 return t[name]
158 end
159end -- getsubtable
160
161return regress