tests: added check for KRB5Principal output

Resolves #67

3 files changed, 113 insertions, 1 deletions

diff --git a/tests/cert-tests/Makefile.am b/tests/cert-tests/Makefile.am
index 497138e6f1..52ff212065 100644
--- a/tests/cert-tests/Makefile.am
+++ b/tests/cert-tests/Makefile.am
@@ -37,7 +37,7 @@ EXTRA_DIST = ca-no-pathlen.pem no-ca-or-pathlen.pem aki-cert.pem \
 	provable3072.pem provable2048.pem provable-dsa2048.pem provable-dsa2048-fips.pem \
 	template-unique.tmpl template-unique.pem template-othername.tmpl template-othername.pem \
 	template-othername-xmpp.tmpl template-othername-xmpp.pem template-krb5name.tmpl \
-	template-krb5name.pem
+	template-krb5name.pem template-krb5name-full.pem
 
 dist_check_SCRIPTS = pathlen aki certtool invalid-sig email \
 	pkcs7 privkey-import name-constraints certtool-long-cn crl provable-privkey
diff --git a/tests/cert-tests/pem-decoding b/tests/cert-tests/pem-decoding
index e85a60c026..1087b8b8ef 100755
--- a/tests/cert-tests/pem-decoding
+++ b/tests/cert-tests/pem-decoding
@@ -95,6 +95,24 @@ if test "${rc}" != "0"; then
 	exit ${rc}
 fi
 
+${VALGRIND} "${CERTTOOL}" --certificate-info --infile "${srcdir}/template-krb5name.pem" >tmp-pem.pem
+rc=$?
+
+if test "${rc}" != "0"; then
+	echo "XMPP cert decoding failed 1"
+	exit ${rc}
+fi
+
+cat tmp-pem.pem |grep "KRB5Principal:" >tmp1
+cat "${srcdir}/template-krb5name-full.pem" |grep "KRB5Principal:" >tmp2
+${DIFF} -u tmp1 tmp2 || ${DIFF} -u --strip-trailing-cr tmp1 tmp2
+rc=$?
+
+if test "${rc}" != "0"; then
+	echo "KRB5 principalname cert decoding failed 1"
+	exit ${rc}
+fi
+
 rm -f tmp-pem.pem tmp1 tmp2
 
 exit 0
diff --git a/tests/cert-tests/template-krb5name-full.pem b/tests/cert-tests/template-krb5name-full.pem
new file mode 100644
index 0000000000..1d4c0368d5
--- /dev/null
+++ b/tests/cert-tests/template-krb5name-full.pem
@@ -0,0 +1,94 @@
+X.509 Certificate Information:
+	Version: 3
+	Serial Number (hex): 07
+	Issuer: CN=Nik,ST=Attiki,C=GR,surName=Mavrogiannopoulos,street=Arkadias
+	Validity:
+		Not Before: Sun Apr 22 00:00:00 UTC 2007
+		Not After: Sun May 25 00:00:00 UTC 2014
+	Subject: CN=Nik,ST=Attiki,C=GR,surName=Mavrogiannopoulos,street=Arkadias
+	Subject Public Key Algorithm: RSA
+	Algorithm Security Level: Legacy (1024 bits)
+		Modulus (bits 1024):
+			00:a5:c6:ce:75:43:84:bf:64:9e:02:27:13:f1:03:59
+			f7:79:2d:92:ed:7c:2f:50:a4:03:f1:2d:79:b9:86:8b
+			05:7e:3a:bb:44:aa:af:84:cf:13:98:1e:1c:4a:38:f7
+			33:2d:7a:9f:72:d4:6b:6d:26:b0:31:37:70:10:fb:42
+			e9:d8:9d:18:65:7e:19:49:fc:05:96:04:68:83:1e:77
+			86:bf:ed:f5:e5:12:3b:13:fe:33:18:9c:1a:7a:1d:69
+			af:47:02:60:7a:1f:b9:e8:cf:db:c8:34:30:51:96:3d
+			8c:96:5c:00:bc:61:de:08:0f:b1:36:21:7f:a9:00:e3
+			05
+		Exponent (bits 24):
+			01:00:01
+	Extensions:
+		Basic Constraints (critical):
+			Certificate Authority (CA): TRUE
+		Subject Alternative Name (not critical):
+			DNSname: www.evenmorethanone.org
+			IPAddress: 192.168.1.1
+			KRB5Principal: user@email.domain@KERBEROS.REALM
+			KRB5Principal: user@REALM.COM
+			KRB5Principal: HTTP/user@REALM.COM
+			KRB5Principal: comp1/comp2/user@REALM.COM
+			RFC822Name: none@none.org
+			RFC822Name: where@none.org
+		Key Purpose (not critical):
+			OCSP signing.
+		Key Usage (critical):
+		Subject Key Identifier (not critical):
+			5d40adf0ce9440958b7e99941d925422ca72365f
+		CRL Distribution points (not critical):
+			URI: http://www.getcrl.crl/getcrl/
+	Signature Algorithm: RSA-SHA256
+	Signature:
+		60:4b:8f:6f:70:c9:1f:c0:e0:f7:44:aa:c8:57:ae:72
+		7f:fb:69:f0:ef:40:62:66:5a:0b:88:91:ac:9b:13:20
+		77:1b:41:dd:ca:0e:6e:f6:16:9b:56:6f:f7:58:57:10
+		42:04:72:98:78:03:da:48:c3:0f:9b:fe:9b:3c:54:9c
+		5c:f9:1f:78:32:90:23:04:0f:fd:a0:4d:9e:ff:a2:87
+		58:5c:a0:d5:80:70:e7:d6:a2:ff:21:03:3e:77:57:68
+		ea:a6:21:f7:67:8e:9a:df:63:12:f1:7e:78:7d:ac:6d
+		eb:53:9f:ce:fe:18:61:18:8a:2b:65:35:28:6f:d5:7b
+Other Information:
+	SHA1 fingerprint:
+		113d3560fb087fd7724055192695f0c472e1eec4
+	SHA256 fingerprint:
+		7b2285b7a542e9ca05eae2538196080caf503d47f8a3869454ab1990d8075be8
+	Public Key ID:
+		5d40adf0ce9440958b7e99941d925422ca72365f
+	Public key's random art:
+		+--[ RSA 1024]----+
+		|       .o+*=.    |
+		|     . .o.+oo    |
+		|    . *  =EB..   |
+		|     + o.oO..    |
+		|       .S=.o     |
+		|        . *      |
+		|         .       |
+		|                 |
+		|                 |
+		+-----------------+
+
+-----BEGIN CERTIFICATE-----
+MIID5DCCA02gAwIBAgIBBzANBgkqhkiG9w0BAQsFADBbMQwwCgYDVQQDEwNOaWsx
+DzANBgNVBAgTBkF0dGlraTELMAkGA1UEBhMCR1IxGjAYBgNVBAQTEU1hdnJvZ2lh
+bm5vcG91bG9zMREwDwYDVQQJEwhBcmthZGlhczAeFw0wNzA0MjIwMDAwMDBaFw0x
+NDA1MjUwMDAwMDBaMFsxDDAKBgNVBAMTA05pazEPMA0GA1UECBMGQXR0aWtpMQsw
+CQYDVQQGEwJHUjEaMBgGA1UEBBMRTWF2cm9naWFubm9wb3Vsb3MxETAPBgNVBAkT
+CEFya2FkaWFzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClxs51Q4S/ZJ4C
+JxPxA1n3eS2S7XwvUKQD8S15uYaLBX46u0Sqr4TPE5geHEo49zMtep9y1GttJrAx
+N3AQ+0Lp2J0YZX4ZSfwFlgRogx53hr/t9eUSOxP+MxicGnodaa9HAmB6H7noz9vI
+NDBRlj2MllwAvGHeCA+xNiF/qQDjBQIDAQABo4IBtjCCAbIwDwYDVR0TAQH/BAUw
+AwEB/zCCASkGA1UdEQSCASAwggEcghd3d3cuZXZlbm1vcmV0aGFub25lLm9yZ4cE
+wKgBAaA+BgYrBgEFAgKgNDAyoBAbDktFUkJFUk9TLlJFQUxNoR4wHKADAgEKoRUw
+ExsRdXNlckBlbWFpbC5kb21haW6gLAYGKwYBBQICoCIwIKALGwlSRUFMTS5DT02h
+ETAPoAMCAQGhCDAGGwR1c2VyoDIGBisGAQUCAqAoMCagCxsJUkVBTE0uQ09NoRcw
+FaADAgEBoQ4wDBsESFRUUBsEdXNlcqA6BgYrBgEFAgKgMDAuoAsbCVJFQUxNLkNP
+TaEfMB2gAwIBAaEWMBQbBWNvbXAxGwVjb21wMhsEdXNlcoENbm9uZUBub25lLm9y
+Z4EOd2hlcmVAbm9uZS5vcmcwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDgYDVR0PAQH/
+BAQDAgYAMB0GA1UdDgQWBBRdQK3wzpRAlYt+mZQdklQiynI2XzAuBgNVHR8EJzAl
+MCOgIaAfhh1odHRwOi8vd3d3LmdldGNybC5jcmwvZ2V0Y3JsLzANBgkqhkiG9w0B
+AQsFAAOBgQBgS49vcMkfwOD3RKrIV65yf/tp8O9AYmZaC4iRrJsTIHcbQd3KDm72
+FptWb/dYVxBCBHKYeAPaSMMPm/6bPFScXPkfeDKQIwQP/aBNnv+ih1hcoNWAcOfW
+ov8hAz53V2jqpiH3Z46a32MS8X54faxt61Ofzv4YYRiKK2U1KG/Vew==
+-----END CERTIFICATE-----