#!/bin/bash # Test spécifique pour les exports de certificats # Teste: PEM, DER, PEM with key, chain API_URL="http://localhost:8080/api/v1" EXPORT_DIR="/tmp/pki_export_test" mkdir -p "$EXPORT_DIR" echo "=== PKI Certificate Export Test ===" echo "" # 1. Login TOKEN=$(curl -s -X POST "$API_URL/login" \ -H "Content-Type: application/json" \ -d '{"username":"admin","password":"admin"}' | jq -r '.token') echo "[1] Token obtained" # 2. Create Root CA CA=$(curl -s -X POST "$API_URL/ca" \ -H "Authorization: Bearer $TOKEN" \ -H "Content-Type: application/json" \ -d '{"subject":"CN=Export Test CA,O=Test,C=FR","validity_days":3650}') CA_ID=$(echo $CA | jq -r '.ca.id') echo "[2] Root CA created: $CA_ID" # 3. Create certificate signed by CA CERT=$(curl -s -X POST "$API_URL/certificates/sign" \ -H "Authorization: Bearer $TOKEN" \ -H "Content-Type: application/json" \ -d "{\"ca_id\":\"$CA_ID\",\"subject\":\"CN=test.example.com,O=Test,C=FR\",\"validity_days\":365}") CERT_ID=$(echo $CERT | jq -r '.certificate.id') echo "[3] Certificate created: $CERT_ID" echo "" # Test all export formats echo "Testing export formats:" echo "" # PEM export curl -s -H "Authorization: Bearer $TOKEN" \ "$API_URL/certificates/$CERT_ID/export/pem" \ -o "$EXPORT_DIR/cert.pem" if grep -q "BEGIN CERTIFICATE" "$EXPORT_DIR/cert.pem"; then SIZE=$(stat -c%s "$EXPORT_DIR/cert.pem") echo "✓ PEM export: $SIZE bytes" else echo "❌ PEM export failed" fi # DER export curl -s -H "Authorization: Bearer $TOKEN" \ "$API_URL/certificates/$CERT_ID/export/der" \ -o "$EXPORT_DIR/cert.der" SIZE=$(stat -c%s "$EXPORT_DIR/cert.der") if [ "$SIZE" -gt 0 ]; then echo "✓ DER export: $SIZE bytes" else echo "❌ DER export failed" fi # PEM with private key export curl -s -H "Authorization: Bearer $TOKEN" \ "$API_URL/certificates/$CERT_ID/export/pem-with-key" \ -o "$EXPORT_DIR/cert_with_key.pem" SIZE=$(stat -c%s "$EXPORT_DIR/cert_with_key.pem") KEY_COUNT=$(grep -c "BEGIN PRIVATE KEY" "$EXPORT_DIR/cert_with_key.pem" 2>/dev/null || echo "0") if [ "$KEY_COUNT" -gt 0 ]; then CERT_COUNT=$(grep -c "BEGIN CERTIFICATE" "$EXPORT_DIR/cert_with_key.pem") echo "✓ PEM with key export: $SIZE bytes ($CERT_COUNT certs + $KEY_COUNT keys)" else echo "❌ PEM with key export failed (no private key)" fi # Chain export curl -s -H "Authorization: Bearer $TOKEN" \ "$API_URL/certificates/$CERT_ID/export/chain" \ -o "$EXPORT_DIR/cert_chain.pem" SIZE=$(stat -c%s "$EXPORT_DIR/cert_chain.pem") CERT_COUNT=$(grep -c "BEGIN CERTIFICATE" "$EXPORT_DIR/cert_chain.pem" 2>/dev/null || echo "0") if [ "$CERT_COUNT" -ge 2 ]; then echo "✓ Chain export: $SIZE bytes ($CERT_COUNT certificates)" else echo "❌ Chain export failed (expected 2+ certs, got $CERT_COUNT)" fi echo "" echo "All exports completed. Files saved in: $EXPORT_DIR"