slawek/simple-ca
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
04d8dab9bc818a858e8476ccf165448f04e09ae7
simple-ca/run-tests.sh
T
slawek 04d8dab9bc
/ test-shell (push) Successful in 17s
Details
/ test-python (push) Successful in 23s
Details
feat: Add integration tests for simple-ca functionality and implement shell script for CA operations
2026-05-24 21:04:00 +02:00

95 lines
3.5 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
# MIT License
# Copyright (c) 2026 Sławomir Koszewski
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in all
# copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.
# Integration tests for simple-ca.sh.
# Usage: run-tests.sh
set -e
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
source "$SCRIPT_DIR/simple-ca.sh"
# Temporary test directory — cleaned up on exit.
TEST_DIR="$(mktemp -d)"
trap 'rm -rf "$TEST_DIR"' EXIT
CA_DIR="$TEST_DIR/ca"
CERT_DIR="$TEST_DIR/certs"
reset_dirs() {
rm -rf "$CA_DIR" "$CERT_DIR"
mkdir -p "$CA_DIR" "$CERT_DIR"
SIMPLE_CA_DIR=""
}
verify_cert() {
local CERT_PATH="$1"
if ! openssl verify -CAfile "$CA_DIR/ca_bundle.pem" "$CERT_PATH" 2>/dev/null; then
echo "ERROR: Certificate verification failed: $CERT_PATH" >&2
exit 1
fi
echo "Verified: $CERT_PATH"
}
# ---------------------------------------------------------------------------
# Standalone CA
# ---------------------------------------------------------------------------
echo
echo "--- [shell] Standalone CA ---"
reset_dirs
make_ca --ca-dir "$CA_DIR" "Test CA" 2>/dev/null
[[ -f "$CA_DIR/ca_cert.pem" ]] || { echo "ERROR: ca_cert.pem not created" >&2; exit 1; }
[[ -f "$CA_DIR/ca_bundle.pem" ]] || { echo "ERROR: ca_bundle.pem not created" >&2; exit 1; }
verify_cert "$CA_DIR/ca_cert.pem"
make_cert --cert-dir "$CERT_DIR" "test" "test.example.com" "127.0.0.1" 2>/dev/null
[[ -f "$CERT_DIR/test_cert.pem" ]] || { echo "ERROR: test_cert.pem not created" >&2; exit 1; }
verify_cert "$CERT_DIR/test_cert.pem"
# ---------------------------------------------------------------------------
# Two-level CA
# ---------------------------------------------------------------------------
echo
echo "--- [shell] Two-level CA ---"
reset_dirs
make_ca --ca-dir "$CA_DIR" "Test Root CA" 2>/dev/null
verify_cert "$CA_DIR/ca_cert.pem"
make_ca --issuing-ca "issuing_ca" "Issuing CA" 2>/dev/null
[[ -f "$CA_DIR/issuing_ca/ca_cert.pem" ]] || { echo "ERROR: issuing_ca/ca_cert.pem not created" >&2; exit 1; }
verify_cert "$CA_DIR/issuing_ca/ca_cert.pem"
make_cert --cert-dir "$CERT_DIR" --issuing-ca "issuing_ca" "test" "test.example.com" "127.0.0.1" 2>/dev/null
verify_cert "$CERT_DIR/test_cert.pem"
make_pfx --issuing-ca "issuing_ca" --password "s3cr3t" "$CERT_DIR/test_cert.pem" 2>/dev/null
[[ -f "$CERT_DIR/test.pfx" ]] || { echo "ERROR: test.pfx not created" >&2; exit 1; }
openssl pkcs12 -in "$CERT_DIR/test.pfx" -noout -info -password pass:"s3cr3t" 2>/dev/null \
|| { echo "ERROR: PFX verification failed" >&2; exit 1; }
echo "PFX: OK"
echo
echo "All shell tests passed."
Reference in New Issue View Git Blame Copy Permalink