forgot to actually add regression test

author: William Ahern <william@25thandclement.com> 2016-06-24 21:53:51 -0700
committer: William Ahern <william@25thandclement.com> 2016-06-24 21:53:51 -0700
commit: 81bbb1fa5e14a1911cfd99f4ee791ed1e340602e (patch)
tree: fd7f6c21f630422e1492b4c303897bea002c821d /regress
parent: c429c7d4945d2cddf43d31bd59b45cadea617f82 (diff)
download: luaossl-81bbb1fa5e14a1911cfd99f4ee791ed1e340602e.tar.gz
luaossl-81bbb1fa5e14a1911cfd99f4ee791ed1e340602e.tar.bz2
luaossl-81bbb1fa5e14a1911cfd99f4ee791ed1e340602e.zip
1 files changed, 168 insertions, 0 deletions
diff --git a/regress/53-csr-extensions.lua b/regress/53-csr-extensions.lua
new file mode 100644
index 0000000..38346da
--- /dev/null
+++ b/regress/53-csr-extensions.lua
@@ -0,0 +1,168 @@
+local auxlib = require"openssl.auxlib"
+local pkey = require "openssl.pkey"
+local x509_csr = require"_openssl.x509.csr"
+local x509_altname = require"openssl.x509.altname"
+local x509_name = require"openssl.x509.name"
+local _basename = arg and arg[0] and arg[0]:match"([^/]+)$" or "UNKNOWN"
+local function cluck(fmt, ...)
+        io.stderr:write(_basename, ": ", string.format(fmt, ...), "\n")
+end
+local function croak(fmt, ...)
+        io.stderr:write(_basename, ": ", string.format(fmt, ...), "\n")
+        os.exit(1)
+end
+local function OK()
+        cluck("OK")
+        return true
+end
+local _testno = 0
+local function testnames(altnames, expected)
+        local matched = {}
+        _testno = _testno + 1
+        for type,data in auxlib.pairs(altnames) do
+                local found
+                for i,e in ipairs(expected) do
+                        if not matched[i] and e.type == type and e.data == data then
+                                cluck("expected match #%d.%d found (%s=%s)", _testno, i, type,data)
+                                matched[i] = true
+                                found = true
+                        end
+                end
+                if not found then
+                        return false, string.format("extra name in test #%d (%s=%s)", _testno, type, data)
+                end
+        end
+        for i,e in ipairs(expected) do
+                if not matched[i] then
+                        return false, string.format("expected match #%d.%d not found (%s=%s)", _testno, i, e.type, e.data)
+                end
+        end
+        return true
+end
+local function checknames(altnames, expected)
+        local ok, why = testnames(altnames, expected)
+        if not ok then
+                croak(why or "UNKNOWN")
+        end
+        return true
+end
+key = pkey.new({ bits = 4096 })
+data = [[
+-----BEGIN CERTIFICATE REQUEST-----
+MIIFQjCCAyoCAQAwUzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk1OMRQwEgYDVQQH
+DAtNaW5uZWFwb2xpczEhMB8GA1UECwwYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVk
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4sXzE3GQtpFKiuGe389k
+MB0OaGXQxiI/yl6zm9PyYWe5aMpx1THDVhkWXemDVkduEqtLfa8GSNT0ps3BPdTx
+qxNwZ3J9xiVfNZZYO5ZSxs1g32M1lw20wIezLpbQ1ggyt01o9VTQDY6kA+D0G87B
+4FtIZxVaXM2z5HVaGYyivxAygDukDsO+RU0NC9mYOfAP4rt/u/xp8LsW0b4aIFqx
+gPcBZj92B+Wi2B4sKSe1m5kMfmh+e8v981hbY7V8FUMebB63iRGF6GU4kjXiMMW6
+gSoc+usq9li8VxjxPngql9pyLqFIa/2gW0c9sKKB2X9tB0nmudjAUrjZjHZEDlNr
+yx15JHhEIT31yP9xGQpy5H+jBldp/shqaV4Alsou9Hn9W71ap7VHOWLrIcaZGKTn
+CVSSYPygn4Rm8Cgwbv5mP6G+SqGHAFqirEysAARUFxsjBLlkNaVFOA38l2cufH8n
+1NE/B4iOG/ETvQDR/aKrbyKKo2k/hO941h3J9pwJcCikE0NsRcH6WAm8ifJ0Zd/q
+u8fqI8g9mYPbMWy11+njnfNOVFVhNOmM1/ZM66ac9zgGYncaHu4UzYnvWw75tDbF
+vA+oIJlcxBUtWeTcYRf4xEcRL8IcHEwh1BZq7bgP42Wu+0aBuaa3eYXNBApCNP39
+QmnHlo0iGH2rVeOfcq/wULcCAwEAAaCBqTCBpgYJKoZIhvcNAQkOMYGYMIGVMAkG
+A1UdEwQCMAAwCwYDVR0PBAQDAgXgMHsGA1UdEQR0MHKCE3NlcnZlcjEuZXhhbXBs
+ZS5jb22CEG1haWwuZXhhbXBsZS5jb22CD3d3dy5leGFtcGxlLmNvbYITd3d3LnN1
+Yi5leGFtcGxlLmNvbYIObXguZXhhbXBsZS5jb22CE3N1cHBvcnQuZXhhbXBsZS5j
+b20wDQYJKoZIhvcNAQEFBQADggIBAMiFPtDKVsy4HBhVkHSnbbIl41baaGGFjI/O
+MG8fI7P9jplq5rNZcLxSW2zLzMVuYzCoC+q5roRE5zVVyJlB+5dY0A8e2xKaWVOT
+AB9WvgepPvXDoGNViMBoX/idj3J2BU3e/cX08QWRPjKigwQWQWvUGsZYitGJv+Yv
+/LbIDlxr8Jr+1Txcm1EdXcff6Owlh6Nu59bgCMRdZvABmWfU5ULmUDTJnmc3P9St
+onz07v8ku8/XL7wwOfLJWVSVOk7RONySIJiPfVkgrU3YWiT64JaluDbFEIwnEgJS
+04xL6Pl66bADXCaeG3pZ8ypCs41+4bqFvCnOYma0Sk8fv8hSCWvJfMQI+nQslPJu
+UuGK4C4EEnYvoh/Qs/XEshfrVaNcG0zER3XtsRPAjhZjTPTcRgEjpOI0w3TJAvlN
+LSQV4mXN6E2bcU+cRYvNSgqITwJ7c6wpsONwApIQwFryLsFSCHaIdSLpAZbEPNEW
+UPa3uWXk5lWrBBPPkxyPbt8D3zpzahY4ycYEFKdz8MLdgA7pDalI2XpwgmoUybkw
+AJnsFg7fnFc03R4FsqxCqvbRYj3Bccb8Uhg1zTeXU+7nxjP2yYdT+In16L9SYOsU
+4ozEPqnGY9aI11i6C7hBwrUTvHYD6ZSDlylsUXKw/VZXQvS3+C0h6NuRmjBx8jNU
+RG1EyxL4
+-----END CERTIFICATE REQUEST-----
+]]
+-- baseline
+do
+        local expected = {
+                { type = "DNS", data = "server1.example.com" },
+                { type = "DNS", data = "mail.example.com" },
+                { type = "DNS", data = "www.example.com" },
+                { type = "DNS", data = "www.sub.example.com" },
+                { type = "DNS", data = "mx.example.com" },
+                { type = "DNS", data = "support.example.com" },
+        }
+        checknames((x509_csr.new(data)):getSubjectAlt(), expected)
+end
+-- modifying existing altnames
+do
+        local expected = {
+                { type = "DNS", data = "foo.com" },
+                { type = "DNS", data = "*.foo.com" },
+        }
+        local csr = x509_csr.new(data)
+        local gn = x509_altname.new()
+        gn:add("DNS", "foo.com")
+        gn:add("DNS", "*.foo.com")
+        csr:setSubjectAlt(gn)
+        csr:setPublicKey(key)
+        csr:sign(key)
+        -- check modified object
+        checknames(csr:getSubjectAlt(), expected)
+        -- check after a round-trip through PEM
+        checknames(x509_csr.new(tostring(csr)):getSubjectAlt(), expected)
+end     
+-- adding altnames where none existed 
+do
+        local expected = {
+                name = {
+                        { type = "CN", data = "example.com" },
+                },
+                altname = {
+                        { type = "DNS", data = "foo.com" },
+                        { type = "DNS", data = "*.foo.com" },
+                },
+        }
+        local csr = x509_csr.new()
+        local name = x509_name.new()
+        name:add("CN", "example.com")
+        csr:setSubject(name)
+        local gn = x509_altname.new()
+        gn:add("DNS", "foo.com")
+        gn:add("DNS", "*.foo.com")
+        csr:setSubjectAlt(gn)
+        csr:setPublicKey(key)
+        csr:sign(key)
+  
+        checknames(csr:getSubject(), expected.name)
+        checknames(csr:getSubjectAlt(), expected.altname)
+        local csr1 = x509_csr.new(tostring(csr))
+        checknames(csr1:getSubject(), expected.name)
+        checknames(csr1:getSubjectAlt(), expected.altname)
+end
+return OK()
author	William Ahern <william@25thandclement.com>	2016-06-24 21:53:51 -0700
committer	William Ahern <william@25thandclement.com>	2016-06-24 21:53:51 -0700
commit	81bbb1fa5e14a1911cfd99f4ee791ed1e340602e (patch)
tree	fd7f6c21f630422e1492b4c303897bea002c821d /regress
parent	c429c7d4945d2cddf43d31bd59b45cadea617f82 (diff)
download	luaossl-81bbb1fa5e14a1911cfd99f4ee791ed1e340602e.tar.gz luaossl-81bbb1fa5e14a1911cfd99f4ee791ed1e340602e.tar.bz2 luaossl-81bbb1fa5e14a1911cfd99f4ee791ed1e340602e.zip

diff --git a/regress/53-csr-extensions.lua b/regress/53-csr-extensions.lua new file mode 100644 index 0000000..38346da --- /dev/null +++ b/regress/53-csr-extensions.lua
@@ -0,0 +1,168 @@
	1	local auxlib = require"openssl.auxlib"
	2	local pkey = require "openssl.pkey"
	3	local x509_csr = require"_openssl.x509.csr"
	4	local x509_altname = require"openssl.x509.altname"
	5	local x509_name = require"openssl.x509.name"
	6
	7	local _basename = arg and arg[0] and arg[0]:match"([^/]+)$" or "UNKNOWN"
	8
	9	local function cluck(fmt, ...)
	10	io.stderr:write(_basename, ": ", string.format(fmt, ...), "\n")
	11	end
	12
	13	local function croak(fmt, ...)
	14	io.stderr:write(_basename, ": ", string.format(fmt, ...), "\n")
	15	os.exit(1)
	16	end
	17
	18	local function OK()
	19	cluck("OK")
	20	return true
	21	end
	22
	23	local _testno = 0
	24	local function testnames(altnames, expected)
	25	local matched = {}
	26
	27	_testno = _testno + 1
	28
	29	for type,data in auxlib.pairs(altnames) do
	30	local found
	31
	32	for i,e in ipairs(expected) do
	33	if not matched[i] and e.type == type and e.data == data then
	34	cluck("expected match #%d.%d found (%s=%s)", _testno, i, type,data)
	35
	36	matched[i] = true
	37	found = true
	38	end
	39	end
	40
	41	if not found then
	42	return false, string.format("extra name in test #%d (%s=%s)", _testno, type, data)
	43	end
	44	end
	45
	46	for i,e in ipairs(expected) do
	47	if not matched[i] then
	48	return false, string.format("expected match #%d.%d not found (%s=%s)", _testno, i, e.type, e.data)
	49	end
	50	end
	51
	52	return true
	53	end
	54
	55	local function checknames(altnames, expected)
	56	local ok, why = testnames(altnames, expected)
	57
	58	if not ok then
	59	croak(why or "UNKNOWN")
	60	end
	61
	62	return true
	63	end
	64
	65	key = pkey.new({ bits = 4096 })
	66
	67	data = [[
	68	-----BEGIN CERTIFICATE REQUEST-----
	69	MIIFQjCCAyoCAQAwUzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk1OMRQwEgYDVQQH
	70	DAtNaW5uZWFwb2xpczEhMB8GA1UECwwYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVk
	71	MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4sXzE3GQtpFKiuGe389k
	72	MB0OaGXQxiI/yl6zm9PyYWe5aMpx1THDVhkWXemDVkduEqtLfa8GSNT0ps3BPdTx
	73	qxNwZ3J9xiVfNZZYO5ZSxs1g32M1lw20wIezLpbQ1ggyt01o9VTQDY6kA+D0G87B
	74	4FtIZxVaXM2z5HVaGYyivxAygDukDsO+RU0NC9mYOfAP4rt/u/xp8LsW0b4aIFqx
	75	gPcBZj92B+Wi2B4sKSe1m5kMfmh+e8v981hbY7V8FUMebB63iRGF6GU4kjXiMMW6
	76	gSoc+usq9li8VxjxPngql9pyLqFIa/2gW0c9sKKB2X9tB0nmudjAUrjZjHZEDlNr
	77	yx15JHhEIT31yP9xGQpy5H+jBldp/shqaV4Alsou9Hn9W71ap7VHOWLrIcaZGKTn
	78	CVSSYPygn4Rm8Cgwbv5mP6G+SqGHAFqirEysAARUFxsjBLlkNaVFOA38l2cufH8n
	79	1NE/B4iOG/ETvQDR/aKrbyKKo2k/hO941h3J9pwJcCikE0NsRcH6WAm8ifJ0Zd/q
	80	u8fqI8g9mYPbMWy11+njnfNOVFVhNOmM1/ZM66ac9zgGYncaHu4UzYnvWw75tDbF
	81	vA+oIJlcxBUtWeTcYRf4xEcRL8IcHEwh1BZq7bgP42Wu+0aBuaa3eYXNBApCNP39
	82	QmnHlo0iGH2rVeOfcq/wULcCAwEAAaCBqTCBpgYJKoZIhvcNAQkOMYGYMIGVMAkG
	83	A1UdEwQCMAAwCwYDVR0PBAQDAgXgMHsGA1UdEQR0MHKCE3NlcnZlcjEuZXhhbXBs
	84	ZS5jb22CEG1haWwuZXhhbXBsZS5jb22CD3d3dy5leGFtcGxlLmNvbYITd3d3LnN1
	85	Yi5leGFtcGxlLmNvbYIObXguZXhhbXBsZS5jb22CE3N1cHBvcnQuZXhhbXBsZS5j
	86	b20wDQYJKoZIhvcNAQEFBQADggIBAMiFPtDKVsy4HBhVkHSnbbIl41baaGGFjI/O
	87	MG8fI7P9jplq5rNZcLxSW2zLzMVuYzCoC+q5roRE5zVVyJlB+5dY0A8e2xKaWVOT
	88	AB9WvgepPvXDoGNViMBoX/idj3J2BU3e/cX08QWRPjKigwQWQWvUGsZYitGJv+Yv
	89	/LbIDlxr8Jr+1Txcm1EdXcff6Owlh6Nu59bgCMRdZvABmWfU5ULmUDTJnmc3P9St
	90	onz07v8ku8/XL7wwOfLJWVSVOk7RONySIJiPfVkgrU3YWiT64JaluDbFEIwnEgJS
	91	04xL6Pl66bADXCaeG3pZ8ypCs41+4bqFvCnOYma0Sk8fv8hSCWvJfMQI+nQslPJu
	92	UuGK4C4EEnYvoh/Qs/XEshfrVaNcG0zER3XtsRPAjhZjTPTcRgEjpOI0w3TJAvlN
	93	LSQV4mXN6E2bcU+cRYvNSgqITwJ7c6wpsONwApIQwFryLsFSCHaIdSLpAZbEPNEW
	94	UPa3uWXk5lWrBBPPkxyPbt8D3zpzahY4ycYEFKdz8MLdgA7pDalI2XpwgmoUybkw
	95	AJnsFg7fnFc03R4FsqxCqvbRYj3Bccb8Uhg1zTeXU+7nxjP2yYdT+In16L9SYOsU
	96	4ozEPqnGY9aI11i6C7hBwrUTvHYD6ZSDlylsUXKw/VZXQvS3+C0h6NuRmjBx8jNU
	97	RG1EyxL4
	98	-----END CERTIFICATE REQUEST-----
	99	]]
	100
	101	-- baseline
	102	do
	103	local expected = {
	104	{ type = "DNS", data = "server1.example.com" },
	105	{ type = "DNS", data = "mail.example.com" },
	106	{ type = "DNS", data = "www.example.com" },
	107	{ type = "DNS", data = "www.sub.example.com" },
	108	{ type = "DNS", data = "mx.example.com" },
	109	{ type = "DNS", data = "support.example.com" },
	110	}
	111
	112	checknames((x509_csr.new(data)):getSubjectAlt(), expected)
	113	end
	114
	115	-- modifying existing altnames
	116	do
	117	local expected = {
	118	{ type = "DNS", data = "foo.com" },
	119	{ type = "DNS", data = "*.foo.com" },
	120	}
	121
	122	local csr = x509_csr.new(data)
	123	local gn = x509_altname.new()
	124	gn:add("DNS", "foo.com")
	125	gn:add("DNS", "*.foo.com")
	126	csr:setSubjectAlt(gn)
	127	csr:setPublicKey(key)
	128	csr:sign(key)
	129
	130	-- check modified object
	131	checknames(csr:getSubjectAlt(), expected)
	132	-- check after a round-trip through PEM
	133	checknames(x509_csr.new(tostring(csr)):getSubjectAlt(), expected)
	134	end
	135
	136	-- adding altnames where none existed
	137	do
	138	local expected = {
	139	name = {
	140	{ type = "CN", data = "example.com" },
	141	},
	142	altname = {
	143	{ type = "DNS", data = "foo.com" },
	144	{ type = "DNS", data = "*.foo.com" },
	145	},
	146	}
	147
	148	local csr = x509_csr.new()
	149	local name = x509_name.new()
	150	name:add("CN", "example.com")
	151	csr:setSubject(name)
	152	local gn = x509_altname.new()
	153	gn:add("DNS", "foo.com")
	154	gn:add("DNS", "*.foo.com")
	155	csr:setSubjectAlt(gn)
	156	csr:setPublicKey(key)
	157	csr:sign(key)
	158
	159	checknames(csr:getSubject(), expected.name)
	160	checknames(csr:getSubjectAlt(), expected.altname)
	161
	162	local csr1 = x509_csr.new(tostring(csr))
	163	checknames(csr1:getSubject(), expected.name)
	164	checknames(csr1:getSubjectAlt(), expected.altname)
	165	end
	166
	167	return OK()
	168