#!/bin/bash # Script de test pour la fonctionnalité d'export de certificats API_URL="http://localhost:8080/api/v1" EXPORT_DIR="/tmp/pki_exports" echo "=== PKI Certificate Export Test ===" echo "" # Créer le répertoire d'export mkdir -p "$EXPORT_DIR" echo "[*] Répertoire d'export: $EXPORT_DIR" # 1. Obtenir un token echo "[1] Obtention du token..." TOKEN_RESP=$(curl -s -X POST "$API_URL/login" \ -H "Content-Type: application/json" \ -d '{"username":"admin","password":"admin"}') TOKEN=$(echo $TOKEN_RESP | jq -r '.token') if [ "$TOKEN" = "null" ] || [ -z "$TOKEN" ]; then echo "❌ Erreur: impossible d'obtenir le token" exit 1 fi echo "✓ Token reçu: ${TOKEN:0:50}..." echo "" # 2. Créer un certificat echo "[2] Création d'un certificat..." CERT_RESP=$(curl -s -X POST "$API_URL/certificates" \ -H "Authorization: Bearer $TOKEN" \ -H "Content-Type: application/json" \ -d '{ "subject":"CN=test.example.com,O=Test,C=FR", "validity_days":365 }') CERT_ID=$(echo $CERT_RESP | jq -r '.certificate.id') if [ "$CERT_ID" = "null" ] || [ -z "$CERT_ID" ]; then echo "❌ Erreur: impossible de créer le certificat" echo "Réponse: $CERT_RESP" exit 1 fi echo "✓ Certificat créé: $CERT_ID" echo "" # 3. Exporter en PEM echo "[3] Export PEM..." curl -s -H "Authorization: Bearer $TOKEN" \ "$API_URL/certificates/$CERT_ID/export/pem" \ -o "$EXPORT_DIR/cert.pem" if [ -f "$EXPORT_DIR/cert.pem" ] && [ -s "$EXPORT_DIR/cert.pem" ]; then echo "✓ Export PEM réussi: $(stat -f%z "$EXPORT_DIR/cert.pem" 2>/dev/null || stat -c%s "$EXPORT_DIR/cert.pem") bytes" head -2 "$EXPORT_DIR/cert.pem" else echo "❌ Erreur: export PEM échoué" fi echo "" # 4. Exporter en DER echo "[4] Export DER..." curl -s -H "Authorization: Bearer $TOKEN" \ "$API_URL/certificates/$CERT_ID/export/der" \ -o "$EXPORT_DIR/cert.der" if [ -f "$EXPORT_DIR/cert.der" ] && [ -s "$EXPORT_DIR/cert.der" ]; then echo "✓ Export DER réussi: $(stat -f%z "$EXPORT_DIR/cert.der" 2>/dev/null || stat -c%s "$EXPORT_DIR/cert.der") bytes" else echo "❌ Erreur: export DER échoué" fi echo "" # 5. Exporter avec clé privée echo "[5] Export PEM avec clé privée..." curl -s -H "Authorization: Bearer $TOKEN" \ "$API_URL/certificates/$CERT_ID/export/pem-with-key" \ -o "$EXPORT_DIR/cert_with_key.pem" if [ -f "$EXPORT_DIR/cert_with_key.pem" ] && [ -s "$EXPORT_DIR/cert_with_key.pem" ]; then FILE_SIZE=$(stat -c%s "$EXPORT_DIR/cert_with_key.pem" 2>/dev/null) echo "✓ Export PEM+clé réussi: $FILE_SIZE bytes" CERT_COUNT=$(grep -c "BEGIN CERTIFICATE" "$EXPORT_DIR/cert_with_key.pem") KEY_COUNT=$(grep -c "BEGIN PRIVATE KEY" "$EXPORT_DIR/cert_with_key.pem") echo " - Certificats trouvés: $CERT_COUNT" echo " - Clés privées trouvées: $KEY_COUNT" else echo "❌ Erreur: export PEM+clé échoué" fi echo "" # 6. Créer une CA et exporter la chaîne echo "[6] Création d'une CA et chaîne de certificats..." CA_RESP=$(curl -s -X POST "$API_URL/ca" \ -H "Authorization: Bearer $TOKEN" \ -H "Content-Type: application/json" \ -d '{ "subject":"CN=Test Root CA,O=Test,C=FR", "validity_days":3650 }') CA_ID=$(echo $CA_RESP | jq -r '.ca.id') if [ "$CA_ID" != "null" ] && [ -n "$CA_ID" ]; then echo "✓ CA créée: $CA_ID" # Créer un certificat signé par la CA SIGNED_RESP=$(curl -s -X POST "$API_URL/certificates/sign" \ -H "Authorization: Bearer $TOKEN" \ -H "Content-Type: application/json" \ -d "{ \"ca_id\":\"$CA_ID\", \"subject\":\"CN=signed.example.com,O=Test,C=FR\", \"validity_days\":365 }") SIGNED_ID=$(echo $SIGNED_RESP | jq -r '.certificate.id') if [ "$SIGNED_ID" != "null" ] && [ -n "$SIGNED_ID" ]; then echo "✓ Certificat signé créé: $SIGNED_ID" # Exporter la chaîne echo "[7] Export chaîne de certificats..." curl -s -H "Authorization: Bearer $TOKEN" \ "$API_URL/certificates/$SIGNED_ID/export/chain" \ -o "$EXPORT_DIR/cert_chain.pem" if [ -f "$EXPORT_DIR/cert_chain.pem" ] && [ -s "$EXPORT_DIR/cert_chain.pem" ]; then CHAIN_COUNT=$(grep -c "BEGIN CERTIFICATE" "$EXPORT_DIR/cert_chain.pem") echo "✓ Export chaîne réussi: $(stat -f%z "$EXPORT_DIR/cert_chain.pem" 2>/dev/null || stat -c%s "$EXPORT_DIR/cert_chain.pem") bytes ($CHAIN_COUNT certificats)" else echo "❌ Erreur: export chaîne échoué" fi fi fi echo "" # Résumé des fichiers echo "=== Résumé des exports ===" ls -lh "$EXPORT_DIR" | tail -n +2 echo "" echo "✓ Test d'export complété. Fichiers disponibles dans: $EXPORT_DIR"