DaPortal
<?php //$Id$
//Copyright (c) 2015-2016 Pierre Pronchery <khorben@defora.org>
//This file is part of DeforaOS Web DaPortal
//
//This program is free software: you can redistribute it and/or modify
//it under the terms of the GNU General Public License as published by
//the Free Software Foundation, version 3 of the License.
//
//This program is distributed in the hope that it will be useful,
//but WITHOUT ANY WARRANTY; without even the implied warranty of
//MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
//GNU General Public License for more details.
//
//You should have received a copy of the GNU General Public License
//along with this program. If not, see <http://www.gnu.org/licenses/>.
require_once('./tests.php');
//pki
function _pki(Engine $engine, Module $module)
{
global $config;
if($config->set('module::pki', 'root', getcwd().'/../tests/pki')
=== FALSE)
return 2;
//authenticate (as administrator)
$user = new User($engine, 1, 'admin');
if(($res = $user->authenticate($engine, 'password')) === FALSE
|| $engine->setCredentials($res) === FALSE)
return 3;
//create a CA
$args = array('title' => 'Test CA', 'country' => 'CO',
'state' => 'State', 'locality' => '', 'organization' => '',
'section' => '', 'email' => 'ca@localhost',
'days' => 3650, 'keysize' => 1024);
$request = new Request('pki', 'submit', FALSE, FALSE, $args);
$request->setIdempotent(FALSE);
$response = $engine->process($request);
$engine->render($response);
if($response->getCode() != 0)
return 4;
//XXX guessing the content ID
if(($ca = CAPKIContent::load($engine, $module, 4, 'Test CA')) === FALSE)
return 5;
//create a child CA
$args = array('title' => 'Test child CA', 'country' => 'CO',
'state' => 'State', 'locality' => '', 'organization' => '',
'section' => '', 'email' => 'childca@localhost',
'days' => 365, 'keysize' => 512,
'sign' => TRUE);
$request = $ca->getRequest('submit', $args);
$request->setIdempotent(FALSE);
$response = $engine->process($request);
$engine->render($response);
if($response->getCode() != 0)
return 6;
//XXX guessing the content ID
if(($childca = CAPKIContent::load($engine, $module, 5, 'Test child CA'))
=== FALSE)
return 7;
//create a server (self-signed CA)
$args = array('title' => 'server.ca', 'country' => 'CO',
'state' => 'State', 'locality' => '', 'organization' => '',
'section' => '', 'email' => 'server@localhost',
'days' => 365, 'keysize' => 512, 'type' => 'caserver');
$request = $ca->getRequest('submit', $args);
$request->setIdempotent(FALSE);
$response = $engine->process($request);
$engine->render($response);
if($response->getCode() != 0)
return 8;
//XXX guessing the content ID
if(($server = CAServerPKIContent::load($engine, $module, 6, 'server.ca'))
=== FALSE)
return 9;
//create a server (child CA)
$args = array('title' => 'server.child.ca', 'country' => 'CO',
'state' => 'State', 'locality' => '', 'organization' => '',
'section' => '', 'email' => 'server@localhost',
'days' => 365, 'keysize' => 512, 'type' => 'caserver');
$request = $childca->getRequest('submit', $args);
$request->setIdempotent(FALSE);
$response = $engine->process($request);
$engine->render($response);
if($response->getCode() != 0)
return 10;
//create a signed server (self-signed CA)
$args = array('title' => 'server2.ca', 'country' => 'CO',
'state' => 'State', 'locality' => '', 'organization' => '',
'section' => '', 'email' => 'server2@localhost',
'days' => 365, 'keysize' => 512, 'type' => 'caserver',
'sign' => TRUE);
$request = $ca->getRequest('submit', $args);
$request->setIdempotent(FALSE);
$response = $engine->process($request);
$engine->render($response);
if($response->getCode() != 0)
return 11;
//create a signed server (child CA)
$args = array('title' => 'server2.child.ca', 'country' => 'CO',
'state' => 'State', 'locality' => '', 'organization' => '',
'section' => '', 'email' => 'server2@localhost',
'days' => 365, 'keysize' => 512, 'type' => 'caserver',
'sign' => TRUE);
$request = $childca->getRequest('submit', $args);
$request->setIdempotent(FALSE);
$response = $engine->process($request);
$engine->render($response);
if($response->getCode() != 0)
return 12;
//create a client (self-signed CA)
$args = array('title' => 'client', 'country' => 'CO',
'state' => 'State', 'locality' => '', 'organization' => '',
'section' => '', 'email' => 'client@server.ca',
'days' => 365, 'keysize' => 512, 'type' => 'caclient');
$request = $ca->getRequest('submit', $args);
$request->setIdempotent(FALSE);
$response = $engine->process($request);
$engine->render($response);
if($response->getCode() != 0)
return 13;
//create a client (child CA)
$args = array('title' => 'client', 'country' => 'CO',
'state' => 'State', 'locality' => '', 'organization' => '',
'section' => '', 'email' => 'client@server.child.ca',
'days' => 365, 'keysize' => 512, 'type' => 'caclient');
$request = $childca->getRequest('submit', $args);
$request->setIdempotent(FALSE);
$response = $engine->process($request);
$engine->render($response);
if($response->getCode() != 0)
return 14;
//renew a server (child CA)
if($server->renew($engine) === FALSE)
return 15;
return 0;
}
function pki_cleanup()
{
$files = array('cacert.csr', 'cacert.pem', 'index.txt',
'index.txt.attr', 'index.txt.attr.old', 'index.txt.old',
'certs/server.ca.pem', 'certs/server2.ca.pem',
'certs/server2.child.ca.pem',
'newcerts/01.pem', 'newcerts/02.pem', 'newcerts/03.pem',
'newcerts/client.pem',
'newcerts/server.ca.pem', 'newcerts/server.child.ca.pem',
'newcerts/server2.ca.pem', 'newcerts/server2.child.ca.pem',
'newreqs/client.csr',
'newreqs/server.ca.csr', 'newreqs/server.child.ca.csr',
'newreqs/server2.ca.csr', 'newreqs/server2.child.ca.csr',
'openssl.cnf',
'private/cakey.pem', 'private/client.key',
'private/server.ca.key', 'private/server.child.ca.key',
'private/server2.ca.key', 'private/server2.child.ca.key',
'serial', 'serial.old');
$directories = array('certs', 'crl', 'newcerts', 'newreqs', 'private');
foreach($files as $f)
{
_cleanupUnlink(getcwd().'/../tests/pki/Test child CA/'.$f);
_cleanupUnlink(getcwd().'/../tests/pki/Test CA/'.$f);
}
foreach($directories as $d)
{
_cleanupRmdir(getcwd().'/../tests/pki/Test child CA/'.$d);
_cleanupRmdir(getcwd().'/../tests/pki/Test CA/'.$d);
}
_cleanupRmdir(getcwd().'/../tests/pki/Test child CA');
_cleanupRmdir(getcwd().'/../tests/pki/Test CA');
_cleanupRmdir(getcwd().'/../tests/pki');
}
function _cleanupRmdir($directory)
{
if(!file_exists($directory))
return TRUE;
return rmdir($directory);
}
function _cleanupUnlink($file)
{
if(!file_exists($file))
return TRUE;
return unlink($file);
}
pki_cleanup();
if(($module = Module::load($engine, 'pki')) === FALSE)
exit(2);
$ret = _pki($engine, $module);
exit($ret);
?>