File: Crypt-X509.t

package info (click to toggle)
libcrypt-x509-perl 0.40-1
  • links: PTS
  • area: main
  • in suites: squeeze
  • size: 140 kB
  • ctags: 57
  • sloc: perl: 856; makefile: 2
file content (161 lines) | stat: -rw-r--r-- 6,283 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
 
# Before `make install' is performed this script should be runnable with
# `make test'. After `make install' it should work as `perl Convert-ASN1-X509.t'
use Test::More tests => 59;
BEGIN { use_ok('Crypt::X509') }
$cert = loadcert('t/verisign.der');
is( length $cert, 774, 'certificate file loaded' );
$decoded = Crypt::X509->new( cert => $cert );
ok( defined $decoded,             'new() returned something' );
ok( $decoded->isa('Crypt::X509'), 'and it\'s the right class' );
is( $decoded->error,     undef,      'decode successful' );
is( $decoded->not_after, 1848787199, 'not_after got parsed' );
is(
	join( ',', @{ $decoded->Issuer } ),
	join( ',', @{ $decoded->Subject } ),
	'Root CA: Subject equals Issuer'
);
$cert = loadcert('t/aj.cer');
$decoded2 = Crypt::X509->new( cert => $cert );
is( $decoded2->error, undef, 'decode successful' );
is(
	join( ':', @{ $decoded2->KeyUsage } ),
	"critical:digitalSignature:keyEncipherment:dataEncipherment",
	'Keyusagecheck'
);
is( join( ':', @{ $decoded2->ExtKeyUsage } ),
	"clientAuth:emailProtection", 'Extkeyusagecheck' );

# this has also to work twice
is(
	join( ':', @{ $decoded2->KeyUsage } ),
	"critical:digitalSignature:keyEncipherment:dataEncipherment",
	'Keyusagecheck again'
);
is( join( ':', @{ $decoded2->ExtKeyUsage } ),
	"clientAuth:emailProtection", 'Extkeyusagecheck again' );
is(
	join( ',', @{ $decoded2->Subject } ),
	"E=alexander.jung\@allianz.de,C=DE,O=Allianz Group,CN=Alexander Jung",
	'Subject parsed'
);
is( $decoded2->subject_country, "DE",            "Subject_country" );
is( $decoded2->subject_state,   undef,           "Subject_state" );
is( $decoded2->subject_org,     "Allianz Group", "Subject_org" );
is( $decoded2->subject_ou,      undef,           "Subject_ou" );
is( $decoded2->subject_email, "alexander.jung\@allianz.de", "Subject_email" );
is(
	join( ',', @{ $decoded2->Issuer } ),
	"C=DE,O=Allianz Group,CN=Allianz Dresdner CA",
	"Issuer Parsed"
);
is( $decoded2->issuer_cn,        "Allianz Dresdner CA",  "Issuer_cn" );
is( $decoded2->issuer_country,   "DE",                   "Isssuer_country" );
is( $decoded2->issuer_state,     undef,                  "Issuer_state" );
is( $decoded2->issuer_locality,  undef,                  "Issuer_locality" );
is( $decoded2->issuer_org,       "Allianz Group",        "Issuer_org" );
is( $decoded2->issuer_email,     undef,                  "Issuer_email" );
is( $decoded2->pubkey_algorithm, "1.2.840.113549.1.1.1", "pubkey_algorithm" );
is( $decoded2->sig_algorithm,    "1.2.840.113549.1.1.5", "sig_algorithm" );
is( length( $decoded2->pubkey ), 140,                    "Pubkey length" );
is( length( $decoded2->signature ), 256, "Signature Length" );
is(
	join( ',', @{ $decoded2->SubjectAltName } ),
	"rfc822Name=alexander.jung\@allianz.de",
	'SubjectAltName parsed'
);
$cert = loadcert('t/aj2.cer');
$decoded3 = Crypt::X509->new( cert => $cert );
is( $decoded3->error, undef, 'decode successful' );
is(
	join( ':', @{ $decoded3->KeyUsage } ),
	"critical:digitalSignature:keyAgreement",
	'KeyUsage Check AuthCert'
);
$cert = loadcert('t/allianz_root.cer');
$decoded = Crypt::X509->new( cert => $cert );
is( $decoded->error, undef, 'decode successful' );
is(
	join( ',', @{ $decoded->authorityCertIssuer } ),
	"C=DE,O=Allianz Group,CN=Allianz Group Root CA",
	"authorityCertIssuer"
);
is(
	$decoded->CRLDistributionPoints->[0],
	"http://rootca.allianz.com/rootca.crl",
	"CRLDistributionPoints"
);
is( $decoded->authority_cn,      "Allianz Group Root CA", "authority_cn" );
is( $decoded->authority_country, "DE",                    "authority_country" );
is( $decoded->authority_state,   undef,                   "authority_state" );
is( $decoded->authority_locality, undef,           "authority_locality" );
is( $decoded->authority_org,      "Allianz Group", "authority_org" );
is( $decoded->authority_email,    undef,           "authority_email" );

#version 0.3 tests
$cert = loadcert('t/new_root_ca.cer');
$decoded = Crypt::X509->new( cert => $cert );
is( $decoded->error, undef, 'decode of new_root_ca.cer successful' );
is(
	join( ', ', @{ $decoded->BasicConstraints } ),
	'critical, cA = 1',
	'Basic Constraints'
);
is( $decoded->EntrustVersion, 'V7.1:4.0', 'Entrust Version' );
is( $decoded->version_string, 'v3',       'certificate version string' );
%SIA = $decoded->SubjectInfoAccess;
is(
	$SIA{'1.3.6.1.5.5.7.48.5'}[0],
	'uniformResourceIdentifier = http://pki.treas.gov/root_sia.p7c',
	'Subject Info Access'
);
$cert = loadcert('t/subca_2.cer');
$decoded = Crypt::X509->new( cert => $cert );
is( $decoded->error, undef, 'decode of subca_2.cer successful' );
%CDPs = $decoded->CRLDistributionPoints2;
is(
	$CDPs{'1'}[0],
'Directory Address: CN=CRL1,OU=US Treasury Root CA,OU=Certification Authorities,OU=Department of the Treasury,O=U.S. Government,C=US',
	'CRL Distribution Points'
);
is(
	unpack( "H*", $decoded->subject_keyidentifier ),
	'86595f93caf32da620a4f9595a4a935370e792c9',
	'subject key identifier'
);
$cert = loadcert('t/telesec_799972029.crt');
$decoded = Crypt::X509->new( cert => $cert );
( $sec, $min, $hour, $mday, $mon, $year,, ) = gmtime( $decoded->not_after );
is( $decoded->not_after, 1111826160, 'not_after got parsed' );
is( $sec,                0,          "generalTime Seconds" );
is( $min,                36,         "generalTime Minutess" );
is( $hour,               8,          "generalTime hours" );
is( $mday,               26,         "generalTime day" );
is( $mon + 1,            3,          "generalTime month" );
is( $year + 1900,        2005,       "generalTime year" );
is(
	join( ',', @{ $decoded->Issuer } ),
	'C=DE,O=Deutsche Telekom AG,nameDistinguisher=1,CN=NKS CA 6:PN',
	'Issuer for telesec'
);
is(
	join( ',', @{ $decoded->Subject } ),
	'C=DE,nameDistinguisher=2,CN=Schefe, Jan',
	'Subject for telesec'
);
$cert = loadcert('t/dsacert.der');
$decoded = Crypt::X509->new( cert => $cert );
is( $decoded->error, undef, 'decode of dsacert.der successful' );

exit();

sub loadcert {
	my $file = shift;
	open FILE, $file || die "cannot load test certificate" . $file . "\n";
	binmode FILE;    # HELLO Windows, dont fuss with this
	my $holdTerminator = $/;
	undef $/;    # using slurp mode to read the DER-encoded binary certificate
	my $cert = <FILE>;
	$/ = $holdTerminator;
	close FILE;
	return $cert;
}