#!/usr/bin/env bash # This script runs all the test required to verify the functionality of the simple CA implementation. set -e # Load the certificate functions source "$(dirname "$BASH_SOURCE[0]")/cert-functions.sh" function clean_up_test_dir() { local TEST_DIR="$1" if [[ -d "$TEST_DIR" ]]; then echo "Cleaning up test directory $TEST_DIR..." rm -rf "$TEST_DIR"/* fi echo "Creating test directory $TEST_DIR and ca subdirectory..." mkdir -p "$TEST_DIR/ca" } function display_certificate() { local CERT_DIR="$1" local CERT_FILE="$2" echo -e "\nDisplaying generated certificate for verification ($CERT_FILE):" # Display the certificate details for verification openssl x509 -in "$CERT_DIR/$CERT_FILE" -noout -subject -issuer -serial -hash -fingerprint echo } # Create a temporary directory for the test certificates TEMP_CERT_DIR="$(dirname "$BASH_SOURCE[0]")/tests" # Clean up any existing files in the temporary directory clean_up_test_dir "$TEMP_CERT_DIR" echo echo "Running tests for standalone CA..." echo "----------------------------------" echo # Create a standalone CA for testing purposes if ! make_ca "$TEMP_CERT_DIR" "Test CA"; then echo "ERROR: Failed to create CA." >&2 exit 1 fi # List the generated certificates and keys for verification display_certificate "$TEMP_CERT_DIR" "ca_cert.pem" # Make a server certificate signed by the CA if ! make_server_cert "$TEMP_CERT_DIR" "test" "test.example.com" "127.0.0.1"; then echo "ERROR: Failed to create server certificate." >&2 exit 1 fi # List the generated server certificate and key for verification display_certificate "$TEMP_CERT_DIR" "test_cert.pem" # Remove all files from the directory clean_up_test_dir "$TEMP_CERT_DIR" echo echo "Running tests for two-level CA..." echo "---------------------------------" echo # Create a new CA with pathlen 1 if ! make_ca --path-len 1 "$TEMP_CERT_DIR" "Test Two Level CA"; then echo "ERROR: Failed to create CA." >&2 exit 1 fi # List the generated certificates and keys for verification display_certificate "$TEMP_CERT_DIR" "ca_cert.pem" # Create an issuing CA signed by the first CA if ! make_ca --issuing-ca "issuing_ca" "$TEMP_CERT_DIR" "Issuing CA"; then echo "ERROR: Failed to create issuing CA." >&2 exit 1 fi # List the generated certificates and keys for verification display_certificate "$TEMP_CERT_DIR" "issuing_ca_cert.pem" # Make a server certificate signed by the CA if ! make_server_cert --issuing-ca "issuing_ca" "$TEMP_CERT_DIR" "test" "test.example.com" "127.0.0.1"; then echo "ERROR: Failed to create server certificate." >&2 exit 1 fi # List the generated server certificate and key for verification display_certificate "$TEMP_CERT_DIR" "test_cert.pem"