phpseclib/tests/Unit/File/X509/CRLTest.php

95 lines
3.3 KiB
PHP
Raw Normal View History

2017-08-06 17:35:52 +00:00
<?php
2022-02-17 02:25:59 +00:00
2017-08-06 17:35:52 +00:00
/**
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2017 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
*/
2022-06-04 15:31:21 +00:00
declare(strict_types=1);
namespace phpseclib3\Tests\Unit\File\X509;
use phpseclib3\Crypt\RSA;
use phpseclib3\File\X509;
2022-09-23 20:23:25 +00:00
use phpseclib3\Math\BigInteger;
use phpseclib3\Tests\PhpseclibTestCase;
2017-08-06 17:35:52 +00:00
class CRLTest extends PhpseclibTestCase
2017-08-06 17:35:52 +00:00
{
2022-06-04 15:31:21 +00:00
public function testLoadCRL(): void
2017-08-06 17:35:52 +00:00
{
$test = file_get_contents(__DIR__ . '/crl.bin');
2017-08-06 17:35:52 +00:00
$x509 = new X509();
$x509->loadCRL($test);
$reason = $x509->getRevokedCertificateExtension('9048354325167497831898969642461237543', 'id-ce-cRLReasons');
$this->assertSame('unspecified', $reason);
}
2022-09-23 21:15:43 +00:00
public function testCreateCRL(): void
{
// create private key / x.509 cert for signing
$CAPrivKey = RSA::createKey(1024);
$CAPubKey = $CAPrivKey->getPublicKey();
$CASubject = new X509();
$CASubject->setDNProp('id-at-organizationName', 'phpseclib CA cert');
$CASubject->setPublicKey($CAPubKey);
$CAIssuer = new X509();
$CAIssuer->setPrivateKey($CAPrivKey);
$CAIssuer->setDN($CASubject->getDN());
$x509 = new X509();
$x509->makeCA();
$result = $x509->sign($CAIssuer, $CASubject);
$CA = $x509->saveX509($result);
// create CRL
$x509 = new X509();
$crl = $x509->loadCRL($x509->saveCRL($x509->signCRL($CAIssuer, new X509())));
2022-09-23 21:15:43 +00:00
$x509->revoke('zzz', '+1 year');
$crl = $x509->saveCRL($x509->signCRL($CAIssuer, $x509));
// validate newly created CRL
$x509 = new X509();
$x509->loadCA($CA);
$r = $x509->loadCRL($crl);
$this->assertArrayHasKey('parameters', $r['signatureAlgorithm']);
$this->assertTrue($x509->validateSignature());
}
2022-09-24 03:46:02 +00:00
public function testPSSSigWithPKCS1Cert(): void
{
$x509 = new X509();
$x509->loadCA('-----BEGIN CERTIFICATE-----
MIICADCCAWmgAwIBAgIUH+4+TBK2Iq+xTOuixlxSuMbPXPkwDQYJKoZIhvcNAQEL
BQAwHDEaMBgGA1UECgwRcGhwc2VjbGliIENBIGNlcnQwHhcNMjIwOTIzMjIyNTE3
WhcNMjMwOTIzMjIyNTE3WjAcMRowGAYDVQQKDBFwaHBzZWNsaWIgQ0EgY2VydDCB
nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxugfdcHvQmI+1yXG6gAWZIzNu9DF
DLW425OxnYItztzAadZUBX0hmlv2r08Zc8cz0jvkgqu1fbWbKnPlm6RT2MQyTasF
oNcsqPboVUPS/i2aT4AY0KYbD0lD+xj1+8ZnvMvUUXngOB0t2nOE+P4oksImB3hu
LUeDOHayGYbUtTcCAwEAAaM/MD0wCwYDVR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMB
Af8wHQYDVR0OBBYEFHMLbQFPm/meQfDSApMLorFe6reZMA0GCSqGSIb3DQEBCwUA
A4GBACQPK28znZ0+OgOS3vLoFvulom5nHhjtQFY/eunA55ZeyaaHXP2mw0GD9r0m
Hhx6hB0t2yoX8C2TdgaAgkLhfDbv3clqrSxFDk9PQ4fojvdUdeWn4/X6guhxON+6
Sf6AuHojwnMy6vC++ADABcqhsHwOOqB+nbRvCc+xXg1bmxtY
-----END CERTIFICATE-----');
$x509->loadCRL('-----BEGIN X509 CRL-----
MIIBVDCBiTBCBgkqhkiG9w0BAQowNaANMAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3
DQEBCDALBglghkgBZQMEAgGiAwIBIKMDAgEBMBwxGjAYBgNVBAoMEXBocHNlY2xp
YiBDQSBjZXJ0Fw0yMjA5MjMyMjI1MTdaMBYwFAIDenp6Fw0yMzA5MjMyMjI1MTda
MEIGCSqGSIb3DQEBCjA1oA0wCwYJYIZIAWUDBAIBoRowGAYJKoZIhvcNAQEIMAsG
CWCGSAFlAwQCAaIDAgEgowMCAQEDgYEAZcN+8iKHAZiARPlx3rj1NpRoanrljSsH
F5C4wjjz936D0o3lLgSGwfDLKOBI8wu5BVYQMnBVtpI6be+QcTjrFbsbuB9IonG9
uY1UHwoR+HohPes2wPUOV931ds6TufSxxcGgvwdaMacBfj/AD6M2ylxtqXY4EtVc
xbyT0osik+w=
-----END X509 CRL-----');
$this->assertTrue($x509->validateSignature());
}
2017-08-06 17:35:52 +00:00
}