App-CamelPKI
view release on metacpan or search on metacpan
lib/App/CamelPKI/CADB.pm view on Meta::CPAN
my $certificate = $cert;
eval "package Synopsis; $code"; fail($@) if $@;
cmp_ok($Synopsis::serial, ">=", 2);
ok($Synopsis::cadb->isa("App::CamelPKI::CADB"));
ok($Synopsis::cursor->isa("App::CamelPKI::CADB::Cursor"));
is($Synopsis::cert->serialize(), $certificate->serialize());
is($Synopsis::infos{foo}->[0], "bar");
is_deeply([sort @{$Synopsis::infos{baz}}], [qw(bloggs quux)]);
like($Synopsis::revocation_time, qr/^\d{4}\d{2}\d{2}\d{2}\d{2}\d{2}Z$/,
"revocation time looks ok");
is($Synopsis::revocation_reason, "keyCompromise");
is($Synopsis::compromise_time, "20070313104800Z");
};
=end internals
=cut
t/acceptance-get-CA.t view on Meta::CPAN
And now for the CRL.
=cut
my $crlpem = plaintextcall_remote
("https://localhost:$port/ca/current_crl");
like($crlpem, qr/BEGIN X509 CRL/, "got the CRL");
run_thru_openssl($crlpem, "crl", -CAfile => $cabundle);
is($?, 0, "CRL looks valid");
t/lib/App/CamelPKI/Test.pm view on Meta::CPAN
use URI::URL;
use HTTP::Request::Common;
use HTTP::Request::Form;
use HTML::TreeBuilder 3.0;
use base 'Exporter';
BEGIN {
our @EXPORT =
qw(openssl_path run_thru_openssl run_dumpasn1
run_perl run_perl_ok
certificate_looks_ok
certificate_chain_ok certificate_chain_invalid_ok
x509_schema x509_decoder
run_php run_php_script
http_request_prepare http_request_execute
plaintextcall_remote
call_remote formcall_remote formreq_remote
jsoncall_local jsonreq_remote jsoncall_remote
is_php_cli_present);
our @EXPORT_OK = (@EXPORT,
qw(test_simple_utf8 test_bmp_utf8
t/lib/App/CamelPKI/Test.pm view on Meta::CPAN
my ($code, $outref, $testname) = @_;
local $Test::Builder::Level = $Test::Builder::Level + 1;
$testname ||= "run_perl_ok";
my $out = run_perl($code);
$$outref = $out if ref($outref) eq "SCALAR";
my $retval = is($?, 0, $testname);
diag($out) if ! $retval;
return $retval;
}
=item I<certificate_looks_ok($pem_certificate)>
=item I<certificate_looks_ok($pem_certificate, $test_name)>
Checks that a certificate passed as a PEM string looks OK to OpenSSL,
meaning that the signature validates OK and OpenSSL is able to parse
it.
=cut
sub certificate_looks_ok {
my ($pem_certificate, $test_name) = @_;
$test_name ||= "certificate_looks_ok";
test $test_name => sub {
my ($out, $err);
($out, $err) =
run_thru_openssl($pem_certificate, qw(x509 -noout -text));
unless (is($?, 0, "openssl execution failed with code $?")) {
diag $err;
return;
}
unlike($out, qr/error/,
"openssl seemed to dislike the certificate");
t/lib/App/CamelPKI/Test.pm view on Meta::CPAN
like($out, qr/not ok 2/m);
unlike($out, qr/Crypt.*CA/,
"errors are reported at the proper stack depth");
# Errors must be propagated:
like($out, qr/argl/m);
# But not successes:
unlike($out, qr/yipee/m);
};
test "certificate_looks_ok" => sub {
my $ok_cert = <<'OK_CERT';
-----BEGIN CERTIFICATE-----
MIICsDCCAhmgAwIBAgIJAPV18QziY9UvMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
aWRnaXRzIFB0eSBMdGQwHhcNMDcwMTI5MDgyODI0WhcNMDcwMjI4MDgyODI0WjBF
MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
gQDfGYmlOYbpGkBD/agTUnixLcdh6H1XM13w17RbzaoA7byZD6L+Dn8MZd69PuXc
ZAQEUG4Oe6QyAcafsvDb7SHjyJHLoPTOsAZ0ex/0zIJVpw+XyppA8fZx6bnuHKUa
bqfj83OLk/ACfQSBX7bcL7Y8hwYcZJcqyjMzt9BT7oCldwIDAQABo4GnMIGkMB0G
A1UdDgQWBBTu+qGX79xcvFE8pG5zx2FcqAuV5TB1BgNVHSMEbjBsgBTu+qGX79xc
vFE8pG5zx2FcqAuV5aFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUt
U3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAPV18Qzi
Y9UvMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAFRkTlHJwSgOFQtxG
h0HHr4UES2xR+wD9xZOeFGZk066ZEdiOuUvNLYMFEe+Vo9OxAL/SdPt4oOcWremD
lTRumdcVP9vA8K4asPpXKqhpE/2EwDRmYE9g73n50yy2yazifourQmRVqSixs/ew
RSQ7/6JIpIihvyCUDUzM2bvexk8=
-----END CERTIFICATE-----
OK_CERT
certificate_looks_ok($ok_cert);
certificate_looks_ok($ok_cert . "\n"); # Robustness
my $out = run_perl(<<"SCRIPT");
use strict;
use warnings;
use Test::More qw(no_plan);
use App::CamelPKI::Test qw(certificate_looks_ok);
my \$certificate = <<'OK_CERT';
$ok_cert
OK_CERT
certificate_looks_ok(\$certificate, "OK certificate"); # expecting OK
\$certificate =~ s/CQYDVQQGE/CQYDVQQGF/;
certificate_looks_ok(\$certificate, "botched certificate"); # expecting not OK
\$certificate = <<'DUD_CERT'; # Generated with an early version of
# Crypt::OpenSSL::CA; a public key is missing
-----BEGIN CERTIFICATE-----
MIHaMEWgAwIBAgIBATANBgkqhkiG9w0BAQUFADAAMB4XDTcwMDEwMTAwMDAwMFoX
DTcwMDEwMTAwMDAwMFowADAIMAMGAQADAQAwDQYJKoZIhvcNAQEFBQADgYEAsURd
sgu7sYyODuo5bCzkYBLrYb8653jjVt8hecoQj1Ete0X6uHk6t+nJ8qCwURc4FayF
kzapy9zWAGMy+6A/9CQz5862Phf3MkFM4OwkjJARBF7I73WfVEVX4e1PIgl4qjjJ
lgiG5TCUNWQrbRGa6LVDx7DErReEJE5vRwNxvjo=
-----END CERTIFICATE-----
DUD_CERT
certificate_looks_ok(\$certificate, "REGRESSION: dud cert");
# expecting not OK, lest REGRESSION
certificate_looks_ok({}, "Should have thrown (bad input)"); # Should throw
SCRIPT
like($out, qr/^ok 1/m);
like($out, qr/^not ok 2/m);
like($out, qr/^not ok 3/m);
unlike($out, qr/^ok 4/m); # Should have died in run_thru_openssl()
unlike($out, qr/source for input redirection/,
"REGRESSION: passing undef to certificate_looks_ok() caused a strange error");
};
use App::CamelPKI::Test qw(test_CRL %test_rootca_certs);
use File::Spec::Functions qw(catfile);
test "test_CRL" => sub {
my $cafile = catfile(App::CamelPKI::Test->tempdir, "cafile");
write_file($cafile, $test_rootca_certs{"rsa1024"});
my $crl = test_CRL("rsa1024");
my $crldump = run_thru_openssl($crl, "crl", "-text",
-CAfile => $cafile);
t/lib/App/CamelPKI/Test.pm view on Meta::CPAN
like($crldump, qr/42/);
};
my $cert_pem = $App::CamelPKI::Test::test_self_signed_certs{"rsa1024"};
# REFACTORME into App::CamelPKI::Test::pem2der or something
my $cert_der = do {
use MIME::Base64 ();
local $_ = $cert_pem;
is(scalar(s/^-+(BEGIN|END) CERTIFICATE-+$//gm), 2,
"test PEM certificate looks good") or warn $cert_pem;
MIME::Base64::decode_base64($_);
};
test "x509_decoder" => sub {
use MIME::Base64;
my $decoder = App::CamelPKI::Test::x509_decoder('Certificate');
ok($decoder->can("decode"));
my $tree = $decoder->decode($cert_der);
is($tree->{tbsCertificate}->{subjectPublicKeyInfo}
->{algorithm}->{algorithm},
t/maintainer/dependencies.t view on Meta::CPAN
#!perl -w
use strict;
use warnings;
=head1 NAME
dependencies.t - Checks that B<Build.PL> lists all required CPAN modules.
=head1 DESCRIPTION
This test looks at the dependencies listed in the C<requires> keys in
B<Build.PL>, and matches them against the actual run-time dependencies
of the distribution's codebase. It then combines the dependencies
listed in the C<requires> and C<build_requires> keys, and matches them
against the actual compile-time dependencies. If any module is listed
in C<Build.PL> and not an actual dependency or vice versa (barring a
well-known list of false positives and "pervasive" modules), the test
fails.
This tests uses L<Module::ScanDeps>, whose guts it rearranges in a
creative fashion so as to eliminate most false positives and be able
t/maintainer/pod-source.t view on Meta::CPAN
plan( tests => 3 * scalar (@files) );
my $out = catfile(qw(t pod-out.tmp));
foreach my $file ( @files ) {
pod_file_ok( $file, $file );
=pod
We also check that the internal and test suite documentations are
B<not> visible in the POD (coz this just looks funny on CPAN)
=cut
my $parser = Pod::Text->new (sentence => 0, width => 78);
$parser->parse_from_file($file, $out);
my $result = read_file($out);
unlike($result, qr/^TEST SUITE/m,
"Test suite documentation is podded out");
unlike($result, qr/^INTERNAL/,
"Internal documentation is podded out");
( run in 0.630 second using v1.01-cache-2.11-cpan-64827b87656 )