view release on metacpan or  search on metacpan

t/example-make-crls.t  view on Meta::CPAN

=cut

{
  my ($crldump, $err) =
    run_thru_openssl($crlv2, qw(crl -noout -text));
  is($?, 0, "``openssl crl'' ran successfully")
    or die $err;

  like($crldump, qr/last update:.*2007/i);
  like($crldump, qr/next update:.*2057/i);
  like_bigint($crldump, $crl_serial);
  like($crldump, qr/CRL Number.*critical/i);
  # Right now OpenSSL cannot parse freshest CRL indicator:
  like($crldump, qr/deltacrl\.crl/);

  my %crlentries = parse_crl_entries($crldump);
  like($crlentries{"10"}, qr/Feb 12/, "revocation dates");
  like($crlentries{"11"}, qr/unspecified/i);
  like($crlentries{"12"}, qr/key.*compromise/i);
  like($crlentries{"12"}, qr/Invalidity Date/i);
  like($crlentries{"42"}, qr/hold/i);
}

=pod

=head2 Delta CRL tests

=cut

{
  my ($crldump, $err) =
    run_thru_openssl($deltacrl, qw(crl -noout -text));
  is($?, 0, "``openssl crl'' ran successfully on delta-CRL")
    or die $err;

  like($crldump, qr/last update:.*2007/i);
  like($crldump, qr/next update:.*2057/i);

  fail "CRL Number not found" unless $crldump =~ qr/CRL Number:.*critical.*\n\s*([0-9a-fx:]+)/i;
  like_bigint($1, $crl_serial + 1);
  fail "delta CRL not found" unless $crldump =~ qr/delta CRL.*critical.*\n\s*([0-9a-fx:]+)/i;
  like_bigint($1, $crl_serial);

  my %crlentries = parse_crl_entries($crldump);

  # As of version 0.9.8c, OpenSSL doesn't know about
  # reason "remove" (which is 8 in RFC3280 section 5.3.1):
  like($crlentries{"42"}, qr/remove|8/i);
  like($crlentries{"DEADBEEFDEAFF00F"}, qr/2007/i);
}

done_testing;

=head1 HELPER FUNCTIONS

=cut

sub parse_crl_entries {
  my ($crldump) = @_;
  my @crlentries = split m/Serial Number: /, $crldump;
  shift(@crlentries); # Leading garbage
  my %crlentries;
  for(@crlentries) {
    if (! m/^([0-9A-F]+)(.*)$/si) {
      fail("Incorrect CRL entry\n$_\n");
      next;
    }
    $crlentries{uc($1)} = $2;
  }
  return %crlentries;
}