ADDFLAGS=-DNO_DAEMON
endif
-CFLAGS=-O3 -g -flto -Wall -Werror -Wextra -pedantic -std=c++11 ${ADDFLAGS}
+CFLAGS=-O3 -g -flto -Wall -Werror -Wextra -pedantic -std=c++11 -I../src ${ADDFLAGS}
CXXFLAGS=$(CFLAGS)
LDFLAGS=-O3 -g -flto -lmysqlclient -lssl -lcrypto -ldl -lboost_unit_test_framework
SRC_DIR=src
OBJ_DIR=obj
DEP_DIR=dep
+TESTDATA_DIR=testdata
FS_SRC=$(wildcard ${SRC_DIR}/*.cpp)
FS_BIN=$(wildcard ${SRC_DIR}/app/*.cpp)
-rm -rf *.so
-rm -rf ${OBJ_DIR}
-rm -rf ${DEP_DIR}
+ -rm -rf ${TESTDATA_DIR}
-build: cassiopeia-test
+.PHONY: testdata
+testdata:
+ ./genTestData.sh
+
+build: cassiopeia-test testdata
${BIN}
.PHONY: install
cassiopeia-test: bin/cassiopeia-test
bin/cassiopeia-test: libs ${FS_OBJ}
- ${MKDIR} $(shell dirname $@) && ${LT_LD} ${LDFLAGS} -o $@ ${FS_OBJ}
+ ${MKDIR} $(shell dirname $@) && ${LT_LD} ${LDFLAGS} -o $@ ${FS_OBJ} $(filter-out %/main.o,$(wildcard ../obj/*.o))
${DEP_DIR}/%.d: ${SRC_DIR}/%.cpp
${MKDIR} $(shell dirname $@) && $(CXX_DEP) $(CXXFLAGS) -M -MF $@ $<
--- /dev/null
+#!/bin/sh
+
+fake_sigalg (){
+ cat $1 | sed "s/IhvcNAQE/IhvcAAQE/" > $2
+}
+
+fake_sig (){
+ cat $1 | sed "s/[^a]=\$/c=/" | sed "s/a=/b=/" |sed "s/c=/a=/" > $2
+}
+
+mkdir -p testdata
+openssl req -new -newkey rsa:2048 -nodes -keyout testdata/tmppriv.key -out testdata/test.csr -subj "/CN=bla" 2>/dev/null
+openssl spkac -challenge a -key testdata/tmppriv.key -out testdata/test.spkac
+
+for alg in csr spkac; do
+ fake_sigalg testdata/test.$alg testdata/test_invalid_sig.$alg
+ fake_sig testdata/test.$alg testdata/test_false_sig.$alg
+done
--- /dev/null
+#include <iostream>
+
+#include <boost/test/unit_test.hpp>
+
+#include "X509.h"
+#include "util.h"
+
+BOOST_AUTO_TEST_SUITE( TestX509Req )
+
+BOOST_AUTO_TEST_CASE( CSR ) {
+ // Testing a valid CSR
+ std::shared_ptr<X509Req> req( X509Req::parse( readFile( "testdata/test.csr" ) ) );
+ BOOST_REQUIRE( req );
+ BOOST_CHECK( req->verify() == 1 );
+
+ // Testing a CSR, where the signature content has been tampered with
+ req = std::shared_ptr<X509Req>( X509Req::parse( readFile( "testdata/test_false_sig.csr" ) ) );
+ BOOST_REQUIRE( req );
+ BOOST_CHECK( req->verify() == 0 );
+
+ // Testing a CSR, where the signature OID is something strange
+ req = std::shared_ptr<X509Req>( X509Req::parse( readFile( "testdata/test_invalid_sig.csr" ) ) );
+ BOOST_REQUIRE( req );
+ BOOST_CHECK( req->verify() < 0 );
+}
+
+BOOST_AUTO_TEST_CASE( SPKAC ) {
+ // Testing a valid SPKAC
+ std::shared_ptr<X509Req> req( X509Req::parseSPKAC( readFile( "testdata/test.spkac" ) ) );
+ BOOST_REQUIRE( req );
+ BOOST_CHECK( req->verify() == 1 );
+
+ // Testing a SPKAC, where the signature content has been tampered with
+ req = std::shared_ptr<X509Req>( X509Req::parseSPKAC( readFile( "testdata/test_false_sig.spkac" ) ) );
+ BOOST_REQUIRE( req );
+ BOOST_CHECK( req->verify() == 0 );
+
+ // Testing a SPKAC, where the signature OID is something strange
+ req = std::shared_ptr<X509Req>( X509Req::parseSPKAC( readFile( "testdata/test_invalid_sig.spkac" ) ) );
+ BOOST_REQUIRE( req );
+ BOOST_CHECK( req->verify() < 0 );
+}
+
+BOOST_AUTO_TEST_SUITE_END()