using Mconn; void test_generate () { string key_path = "/tmp/test-key-vala.pem"; string cert_path = "/tmp/test-cert-vala.pem"; FileUtils.remove (key_path); FileUtils.remove (cert_path); assert (FileUtils.test (key_path, FileTest.EXISTS) == false); try { Crypt.generate_key_cert (key_path, cert_path, "foo"); } catch (Error e) { warning ("generate failed: %s", e.message); Test.fail (); } assert (FileUtils.test (key_path, FileTest.EXISTS) == true); assert (FileUtils.test (cert_path, FileTest.EXISTS) == true); } void test_generate_load () { string key_path = "/tmp/test-key-vala.pem"; string cert_path = "/tmp/test-cert-vala.pem"; FileUtils.remove (key_path); FileUtils.remove (cert_path); try { Crypt.generate_key_cert (key_path, cert_path, "bar"); } catch (Error e) { warning ("generate failed: %s", e.message); Test.fail (); } try { var cert = new TlsCertificate.from_files (cert_path, key_path); } catch (Error e) { warning ("load from files failed: %s", e.message); Test.fail (); } } void test_custom_cn () { string key_path = "/tmp/test-key-vala.pem"; string cert_path = "/tmp/test-cert-vala.pem"; FileUtils.remove (key_path); FileUtils.remove (cert_path); try { Crypt.generate_key_cert (key_path, cert_path, "custom-cn"); } catch (Error e) { warning ("generate failed: %s", e.message); Test.fail (); } uint8[] data; try { File.new_for_path (cert_path).load_contents (null, out data, null); } catch (Error e) { warning ("load contents failed: %s", e.message); Test.fail (); } var datum = GnuTLS.Datum () { data = data, size = data.length }; var cert = GnuTLS.X509.Certificate.create (); var res = cert.import (ref datum, GnuTLS.X509.CertificateFormat.PEM); assert (res == GnuTLS.ErrorCode.SUCCESS); // verify DN var dn = new uint8[1024]; size_t sz = dn.length; cert.get_dn (dn, ref sz); debug ("dn: %s\n", (string) dn); var issuer_dn = new uint8[1024]; sz = issuer_dn.length; cert.get_issuer_dn (issuer_dn, ref sz); debug ("dn: %s\n", (string) issuer_dn); var subject = (string) dn; var issuer = (string) issuer_dn; // verify that the certificate is self signed assert (subject == issuer); // assert ("CN=custom-cn" in subject); } void test_fingerprint () { var pem = """-----BEGIN CERTIFICATE----- MIIC8jCCAdoCAQowDQYJKoZIhvcNAQEFBQAwPzERMA8GA1UEChMIbWNvbm5lY3Qx ETAPBgNVBAsTCG1jb25uZWN0MRcwFQYDVQQDDA5tYWNpZWtAY29yc2FpcjAeFw0x NzA5MjQxOTU3NDVaFw0yNzA5MjQxOTU3NDVaMD8xETAPBgNVBAoTCG1jb25uZWN0 MREwDwYDVQQLEwhtY29ubmVjdDEXMBUGA1UEAwwObWFjaWVrQGNvcnNhaXIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBWMM09dCCGXjY1aZ261nCa8+q 3ejDOHf21+Mt6yJnoWjPGvTK21MbRFPkeQe62FJHF3q8iXe3sSEdFk/f56G8ZZ4t Qw/ST//kxtf/CKHPuoZeAFgQpYEKE3GVUX5M3b8+4YSKSRXs3FE4D5awQVdstI31 N53plyOLdJe5IeK1kESsT0UgVo2RTHCOByel9WB2zcalQVTl8UxGKJcgrSuXj2f2 1SBxHupOX0Ej7vTr+gIBNBRbwbVdsafEW/gRngyCWIO30cPKoaUSkoCppXQ+6hYd /aOt+6/bBOISGJdy6uyM74jqoEbEMdhUXHfPFNCelIABxUMez0SNrRmdag2VAgMB AAEwDQYJKoZIhvcNAQEFBQADggEBAEnJ+IsjGvBmlWAg5vlmWUY0OVMJa8Gl9ept HWLIjK16XARAOwIcePNfDPyITWaxT5YV+MZotm1m6HkY5rPCeOjV7nzHrHjTjZqO sCmsSGcb9ZkEQfRNGTmFFthkcnfTU9mKh8oGc/a9r0DDgYcPSCgqERt2fgiBrt85 85PVl16fCSObVwOu5u5TtrfWkHpEHbjBU9AX52+IOYg7RsM7I4OnH+5svhmWqAxW /PXFBB3q2nX2XXqFRhqeN9eOlHBQ5EoZh8GUp7vJyxp5eAS9g2KVtCBwTDElQt4D 4hu+QuzzEmoWY9w1R+hblNu/37mWkzFFrLqYlkNU2vbKkuWMOTg= -----END CERTIFICATE-----"""; var expected = "eb2611a447085322b206fa61d4bc5869b4a55657"; var fingerprint = Crypt.fingerprint_certificate (pem); // SHA1 assert (fingerprint.length == 20); var sb = new StringBuilder.sized (20 * 2); foreach (var b in fingerprint) { sb.append_printf ("%02x", b); } assert (sb.str == expected); } public static void main (string[] args) { Test.init (ref args); Test.add_func ("/mconn-crypt-vala/generated", test_generate); Test.add_func ("/mconn-crypt-vala/load", test_generate_load); Test.add_func ("/mconn-crypt-vala/verify-cn", test_custom_cn); Test.add_func ("/mconn-crypt-vala/fingerprint", test_fingerprint); Test.run (); }