From 10973a79b7847445770a03953a5401e9ce782ae5 Mon Sep 17 00:00:00 2001 From: Nalin Dahyabhai Date: Feb 17 2015 22:33:22 +0000 Subject: Check for handling of binary helper output Now that we're willing to do some serious post-processing of what a helper tells us when it outputs the result of a successful enrollment, check that we can even handle a binary certificate. --- diff --git a/tests/010-iterate/expected.out b/tests/010-iterate/expected.out index c1c9a92..b3b5e33 100644 --- a/tests/010-iterate/expected.out +++ b/tests/010-iterate/expected.out @@ -295,6 +295,35 @@ SAVING_CERT SAVED_CERT -STOP- +[Enroll, helper produces binary certificate output.] +HAVE_KEY_PAIR +-START- +NEED_KEYINFO +READING_KEYINFO +HAVE_KEYINFO +NEED_CSR +-STOP- +NEED_CSR +-(RESET)- +HAVE_KEYINFO +-START- +NEED_CSR +GENERATING_CSR +HAVE_CSR +-STOP- +HAVE_CSR +-START- +NEED_TO_SUBMIT +SUBMITTING +NEED_TO_SAVE_CERT +-STOP- +NEED_TO_SAVE_CERT +-START- +START_SAVING_CERT +SAVING_CERT +SAVED_CERT +-STOP- + [Enroll until we notice we have no specified CA.] HAVE_KEY_PAIR -START- diff --git a/tests/010-iterate/run.sh b/tests/010-iterate/run.sh index e78595e..83f6b3c 100755 --- a/tests/010-iterate/run.sh +++ b/tests/010-iterate/run.sh @@ -69,6 +69,12 @@ echo iLoveCookiesSome exit 1 EOF chmod u+x ca-ask-again +cat > ca-issued-binary-x509 << EOF +#!/bin/sh +echo "$cert" | openssl x509 -outform der +exit 0 +EOF +chmod u+x ca-issued-binary-x509 cat > ca-reject << EOF #!/bin/sh echo CA rejected us, must have been having a bad day. @@ -400,6 +406,29 @@ $toolsdir/iterate ca3 entry3 NEED_TO_SUBMIT,SUBMITTING $toolsdir/iterate ca3 entry3 NEED_TO_SAVE_CERT,SAVING_CERT,START_SAVING_CERT echo +echo '[Enroll, helper produces binary certificate output.]' +cat > entry3 << EOF +id=Test +ca_name=Friendly +state=HAVE_KEY_PAIR +key_storage_type=FILE +key_storage_location=$tmpdir/keyfile +cert_storage_type=FILE +cert_storage_location=$tmpdir/certfile4 +notification_method=STDOUT +EOF +cat > ca3 << EOF +id=Friendly +ca_type=EXTERNAL +ca_external_helper=$tmpdir/ca-issued-binary-x509 +EOF +: > $tmpdir/certfile4 +$toolsdir/iterate ca3 entry3 NEED_KEYINFO,READING_KEYINFO,HAVE_KEYINFO +$toolsdir/iterate ca3 entry3 NEED_CSR,GENERATING_CSR +$toolsdir/iterate ca3 entry3 NEED_TO_SUBMIT,SUBMITTING +$toolsdir/iterate ca3 entry3 NEED_TO_SAVE_CERT,SAVING_CERT,START_SAVING_CERT + +echo echo '[Enroll until we notice we have no specified CA.]' cat > entry3 << EOF id=Test