Line data Source code
1 : // Copyright (c) 2012-2024 Made to Order Software Corp. All Rights Reserved
2 : //
3 : // https://snapwebsites.org/project/eventdispatcher
4 : // contact@m2osw.com
5 : //
6 : // This program is free software; you can redistribute it and/or modify
7 : // it under the terms of the GNU General Public License as published by
8 : // the Free Software Foundation; either version 2 of the License, or
9 : // (at your option) any later version.
10 : //
11 : // This program is distributed in the hope that it will be useful,
12 : // but WITHOUT ANY WARRANTY; without even the implied warranty of
13 : // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 : // GNU General Public License for more details.
15 : //
16 : // You should have received a copy of the GNU General Public License along
17 : // with this program; if not, write to the Free Software Foundation, Inc.,
18 : // 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
19 :
20 : // self
21 : //
22 : #include "catch_main.h"
23 :
24 :
25 : // eventdispatcher
26 : //
27 : #include <eventdispatcher/certificate.h>
28 :
29 :
30 : // snaplogger
31 : //
32 : #include <snaplogger/message.h>
33 :
34 :
35 : // C
36 : //
37 : //#include <unistd.h>
38 :
39 :
40 :
41 2 : CATCH_TEST_CASE("certificate", "[certificate]")
42 : {
43 2 : CATCH_START_SECTION("certificate: Load PEM file")
44 : {
45 1 : std::string const dir(SNAP_CATCH2_NAMESPACE::g_source_dir());
46 1 : std::string const cert_dir(dir + "/tests/certificate");
47 1 : std::string const cert_filename(cert_dir + "/snakeoil.pem");
48 1 : ed::certificate cert;
49 1 : CATCH_REQUIRE(cert.empty());
50 1 : CATCH_REQUIRE(cert.load_from_file(cert_filename));
51 1 : CATCH_REQUIRE_FALSE(cert.empty());
52 1 : snapdev::timespec_ex date(cert.get_not_before());
53 : //SNAP_LOG_WARNING << "--- BEFORE " << date << " [" << date.to_string("%Y/%m/%d %H:%M:%S.%N") << "]" << SNAP_LOG_SEND;
54 1 : CATCH_REQUIRE(date.tv_sec == 1738371918);
55 3 : CATCH_REQUIRE(date.to_string("%Y/%m/%d %H:%M:%S.%N") == "2025/02/01 01:05:18.000000000");
56 1 : date = cert.get_not_after();
57 : //SNAP_LOG_WARNING << "--- AFTER " << date << " [" << date.to_string("%Y/%m/%d %H:%M:%S.%N") << "]" << SNAP_LOG_SEND;
58 1 : CATCH_REQUIRE(date.tv_sec == 1769907918);
59 3 : CATCH_REQUIRE(date.to_string("%Y/%m/%d %H:%M:%S.%N") == "2026/02/01 01:05:18.000000000");
60 1 : CATCH_REQUIRE(cert.get_issuer_common_name() == "example.net");
61 1 : CATCH_REQUIRE(cert.get_issuer_country_name() == "US");
62 1 : CATCH_REQUIRE(cert.get_issuer_locality_name() == "Los Angeles");
63 1 : CATCH_REQUIRE(cert.get_issuer_state_or_province_name() == "California");
64 1 : CATCH_REQUIRE(cert.get_issuer_organization_name() == "Made to Order Software Corporation");
65 1 : CATCH_REQUIRE(cert.get_issuer_organizational_unit() == "Software Development");
66 1 : CATCH_REQUIRE(cert.get_issuer_email_address() == "contact@example.net");
67 1 : CATCH_REQUIRE(cert.get_subject_common_name() == "example.net");
68 1 : CATCH_REQUIRE(cert.get_subject_country_name() == "US");
69 1 : CATCH_REQUIRE(cert.get_subject_locality_name() == "Los Angeles");
70 1 : CATCH_REQUIRE(cert.get_subject_state_or_province_name() == "California");
71 1 : CATCH_REQUIRE(cert.get_subject_organization_name() == "Made to Order Software Corporation");
72 1 : CATCH_REQUIRE(cert.get_subject_organizational_unit() == "Software Development");
73 1 : CATCH_REQUIRE(cert.get_subject_email_address() == "contact@example.net");
74 :
75 1 : CATCH_REQUIRE(cert.get_cert_param_size(ed::CERT_PARAM_SUBJECT_COMMON_NAME) == 1);
76 1 : CATCH_REQUIRE(cert.get_cert_param(ed::CERT_PARAM_SUBJECT_COMMON_NAME, 0) == "example.net");
77 :
78 1 : CATCH_REQUIRE(cert.get_cert_param_size(ed::CERT_PARAM_ISSUER_COMMON_NAME) == 1);
79 1 : CATCH_REQUIRE(cert.get_cert_param(ed::CERT_PARAM_ISSUER_COMMON_NAME, 0) == "example.net");
80 1 : }
81 2 : CATCH_END_SECTION()
82 :
83 2 : CATCH_START_SECTION("certificate: Load PEM from domain")
84 : {
85 1 : ed::certificate cert;
86 1 : CATCH_REQUIRE(cert.empty());
87 3 : CATCH_REQUIRE(cert.load_from_domain("www.m2osw.com"));
88 1 : CATCH_REQUIRE_FALSE(cert.empty());
89 :
90 : // the dates change all the time so we do not verify them here
91 : // I kept the code so one can look at said dates
92 : //
93 : //snapdev::timespec_ex date(cert.get_not_before());
94 : //SNAP_LOG_WARNING << "--- BEFORE " << date << " [" << date.to_string("%Y/%m/%d %H:%M:%S.%N") << "]" << SNAP_LOG_SEND;
95 : //date = cert.get_not_after();
96 : //SNAP_LOG_WARNING << "--- AFTER " << date << " [" << date.to_string("%Y/%m/%d %H:%M:%S.%N") << "]" << SNAP_LOG_SEND;
97 :
98 : //SNAP_LOG_WARNING
99 : // << "issuer: CN:" << cert.get_issuer_common_name()
100 : // << "/C:" << cert.get_issuer_country_name()
101 : // << "/L:" << cert.get_issuer_locality_name()
102 : // << "/S:" << cert.get_issuer_state_or_province_name()
103 : // << "/O:" << cert.get_issuer_organization_name()
104 : // << "/U:" << cert.get_issuer_organizational_unit()
105 : // << "/E:" << cert.get_issuer_email_address()
106 : // << SNAP_LOG_SEND;
107 : //
108 : //SNAP_LOG_WARNING
109 : // << "subject: CN:" << cert.get_subject_common_name()
110 : // << "/C:" << cert.get_subject_country_name()
111 : // << "/L:" << cert.get_subject_locality_name()
112 : // << "/S:" << cert.get_subject_state_or_province_name()
113 : // << "/O:" << cert.get_subject_organization_name()
114 : // << "/U:" << cert.get_subject_organizational_unit()
115 : // << "/E:" << cert.get_subject_email_address()
116 : // << SNAP_LOG_SEND;
117 :
118 1 : CATCH_REQUIRE(cert.get_issuer_common_name() == "R11");
119 1 : CATCH_REQUIRE(cert.get_issuer_country_name() == "US");
120 1 : CATCH_REQUIRE(cert.get_issuer_locality_name() == "");
121 1 : CATCH_REQUIRE(cert.get_issuer_state_or_province_name() == "");
122 1 : CATCH_REQUIRE(cert.get_issuer_organization_name() == "Let's Encrypt");
123 1 : CATCH_REQUIRE(cert.get_issuer_organizational_unit() == "");
124 1 : CATCH_REQUIRE(cert.get_issuer_email_address() == "");
125 :
126 1 : CATCH_REQUIRE(cert.get_cert_param_size(ed::CERT_PARAM_ISSUER_COMMON_NAME) == 1);
127 :
128 1 : CATCH_REQUIRE(cert.get_subject_common_name() == "*.m20sw.com");
129 1 : CATCH_REQUIRE(cert.get_subject_country_name() == "");
130 1 : CATCH_REQUIRE(cert.get_subject_locality_name() == "");
131 1 : CATCH_REQUIRE(cert.get_subject_state_or_province_name() == "");
132 1 : CATCH_REQUIRE(cert.get_subject_organization_name() == "");
133 1 : CATCH_REQUIRE(cert.get_subject_organizational_unit() == "");
134 1 : CATCH_REQUIRE(cert.get_subject_email_address() == "");
135 :
136 : // at the moment, we have multiple names in our certificate
137 : // so we can test that too
138 : //
139 1 : std::size_t max(cert.get_cert_param_size(ed::CERT_PARAM_SUBJECT_COMMON_NAME));
140 1 : CATCH_REQUIRE(max == 8);
141 1 : CATCH_REQUIRE(cert.get_cert_param(ed::CERT_PARAM_SUBJECT_COMMON_NAME, 0) == "*.m20sw.com");
142 1 : CATCH_REQUIRE(cert.get_cert_param(ed::CERT_PARAM_SUBJECT_COMMON_NAME, 1) == "*.m2o.software");
143 1 : CATCH_REQUIRE(cert.get_cert_param(ed::CERT_PARAM_SUBJECT_COMMON_NAME, 2) == "*.m2osw.com");
144 1 : CATCH_REQUIRE(cert.get_cert_param(ed::CERT_PARAM_SUBJECT_COMMON_NAME, 3) == "*.madetoorder.software");
145 1 : CATCH_REQUIRE(cert.get_cert_param(ed::CERT_PARAM_SUBJECT_COMMON_NAME, 4) == "m20sw.com");
146 1 : CATCH_REQUIRE(cert.get_cert_param(ed::CERT_PARAM_SUBJECT_COMMON_NAME, 5) == "m2o.software");
147 1 : CATCH_REQUIRE(cert.get_cert_param(ed::CERT_PARAM_SUBJECT_COMMON_NAME, 6) == "m2osw.com");
148 1 : CATCH_REQUIRE(cert.get_cert_param(ed::CERT_PARAM_SUBJECT_COMMON_NAME, 7) == "madetoorder.software");
149 1 : CATCH_REQUIRE(cert.get_cert_param(ed::CERT_PARAM_SUBJECT_COMMON_NAME, 8) == std::string());
150 1 : }
151 2 : CATCH_END_SECTION()
152 2 : }
153 :
154 :
155 1 : CATCH_TEST_CASE("certificate_error", "[certificate][error]")
156 : {
157 1 : CATCH_START_SECTION("certificate_error: Try loading invalid file")
158 : {
159 3 : std::string const dir(SNAP_CATCH2_NAMESPACE::get_tmp_dir("certificates"));
160 1 : std::string const filename(dir + "/invalid.pem");
161 : {
162 1 : std::ofstream cert(filename);
163 1 : cert << "This is not a certificate." << std::endl;
164 1 : }
165 1 : ed::certificate cert;
166 1 : CATCH_REQUIRE(cert.empty());
167 1 : CATCH_REQUIRE_FALSE(cert.load_from_file(filename));
168 1 : CATCH_REQUIRE(cert.empty());
169 1 : }
170 1 : CATCH_END_SECTION()
171 1 : }
172 :
173 :
174 :
175 : // vim: ts=4 sw=4 et
|
