From e4194174f2b4b235ed13fc057ce89b19894321e6 Mon Sep 17 00:00:00 2001 From: Daniel McCarney Date: Thu, 2 Nov 2023 10:57:46 -0400 Subject: [PATCH] tests: generalize update_valid_1_cert.bash 1. Rename to `update_valid_ee_certs.bash` 2. Don't hardcode location of `bash` for shebang. 3. Remove echo's about potential future extensions. 4. Add a helper function for fetching EE certs. 5. Use helper to update all three valid realworld testcase EE certs instead of just `1password_com_valid_1.crt` --- .../update_valid_1_cert.bash | 10 --------- .../update_valid_ee_certs.bash | 21 +++++++++++++++++++ 2 files changed, 21 insertions(+), 10 deletions(-) delete mode 100755 src/tests/verification_real_world/update_valid_1_cert.bash create mode 100755 src/tests/verification_real_world/update_valid_ee_certs.bash diff --git a/src/tests/verification_real_world/update_valid_1_cert.bash b/src/tests/verification_real_world/update_valid_1_cert.bash deleted file mode 100755 index 6b413feb..00000000 --- a/src/tests/verification_real_world/update_valid_1_cert.bash +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash -set -euo pipefail - -echo 'This script only updates 1password_com_valid_1.crt' -echo 'It can likely be extended to download the whole chain.' - -DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" - -echo -n | openssl s_client -connect my.1password.com:443 -servername my.1password.com \ - | openssl x509 -outform DER > "$DIR/1password_com_valid_1.crt" diff --git a/src/tests/verification_real_world/update_valid_ee_certs.bash b/src/tests/verification_real_world/update_valid_ee_certs.bash new file mode 100755 index 00000000..0eb95beb --- /dev/null +++ b/src/tests/verification_real_world/update_valid_ee_certs.bash @@ -0,0 +1,21 @@ +#!/usr/bin/env bash + +set -euo pipefail + +DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" + +fetch_ee_cert() { + local domain="$1" + local out_file="$2" + + echo -n | + openssl s_client \ + -connect "$domain:443" \ + -servername "$domain" | + openssl x509 \ + -outform DER > "$DIR/$out_file" +} + +fetch_ee_cert "my.1password.com" "1password_com_valid_1.crt" +fetch_ee_cert "agilebits.com" "agilebits_com_valid_1.crt" +fetch_ee_cert "lencr.org" "letsencrypt_org_valid_1.crt"