- From: Henry Story <henry.story@bblfish.net>
- Date: Wed, 4 May 2011 17:43:01 +0200
- To: WebID XG <public-xg-webid@w3.org>
- Message-Id: <61C76FEE-474F-4F06-B282-5724C96A93BF@bblfish.net>
I spent some time putting together a suite of tests described using the EARL ontology for ISSUE-9: Develop WebID Test Suite The Earl test description is attached here. It just needs to be placed on the WebID Incubator CVS so that it can be dereferenced programmatically.
Then I implemented it in Clerezza, which now can return test descriptions in simple html, but also in application/rdf+xml, text/rdf+n3 or application/rdf+json There may currently be more tests than are really needed, and other tests that are still needed. For example there are not cache validity tests, and the representation is not described very carefully yet. But this should be enough to at least get some feedback on, and for someone to build a client test suite, that could then build a report for how compliant Clerezza is to the WebID protocol. I expect there would be bugs in my code and changes needed to the EARL ontology. But this is a start. The code is here, and if you look at it with UTF-8 enabled in your browser and your OS has the right fonts you'll see some nice scala DSL I put together http://svn.apache.org/repos/asf/incubator/clerezza/trunk/parent/platform.security.foafssl/test/src/main/scala/org/apache/clerezza/foafssl/test/WebIDTester.scala So you can try it out by going to https://bblfish.net:8443/test/WebId with your web browser after having installed a header modification plugin such as Firefox's http://www.garethhunt.com/modifyheaders/ plugin. Set the Accept header to one of the mime types above. You can also test this on the command line using curl by copying one of your certificates with private and public key to a local file. 1. In the Apple keychain and on Firefox you can extract the pkcs12 file quite eassily and call it cert.p12 2. convert it to PEM $ openssl pkcs12 -clcerts -in cert.p12 -out cert.pem 3. use openssl to get the file. Here for example $ curl -E cert.pem -H "Accept: text/rdf+n3" https://bblfish.net:8443/test/WebId Enter PEM pass phrase: [] a <http://www.w3.org/ns/earl#Assertion> ; <http://www.w3.org/ns/earl#result> [ a <http://www.w3.org/ns/earl#TestResult> ; <http://purl.org/dc/elements/1.1/description> "claim for WebID <http://bblfish.net/people/henry/card#me> failed" ; <http://www.w3.org/ns/earl#info> "org.apache.clerezza.foafssl.auth.WebIDVerificationError: No matching keys found in WebID Profile" ; <http://www.w3.org/ns/earl#outcome> <http://www.w3.org/ns/earl#failed> ; <http://www.w3.org/ns/earl#pointer> <http://bblfish.net/people/henry/card#me> ] ; <http://www.w3.org/ns/earl#subject> <http://bblfish.net/people/henry/card#me> , _:b1 ; <http://www.w3.org/ns/earl#test> <http://www.w3.org/2005/Incubator/webid/test/webidClaim> . _:b2 = """[] a <http://www.w3.org/ns/auth/rsa#RSAPublicKey> ; <http://www.w3.org/ns/auth/cert#identity> <http://bblfish.net/people/henry/card#me> ; <http://www.w3.org/ns/auth/rsa#modulus> \"\"\" E7 E9 2E B9 E0 86 92 CB 8E B9 07 22 22 B7 FB 86 34 91 89 A8 41 F1 CD E1 77 C8 4F 8D 31 FF EA 4F 8D 04 A3 7E 1F 43 11 1C F8 92 54 25 70 BE F8 6C B4 5D B3 98 4E 8C B3 43 70 CD 20 D6 1E E4 8E AA 31 30 BB AF 82 28 4F 2D BC BD 18 D0 E1 E4 6E 48 55 0E 17 A7 2C F4 1A 80 A2 16 8D 77 B4 93 80 83 21 C8 B3 C8 D8 F5 2F CC D1 C2 C3 74 4D AC 6B 61 96 4F 95 A4 F1 DB F5 69 30 8D C0 A5 A5 4A C9 BF F8 FA 62 78 51 90 C1 A2 5F 53 32 44 DF C8 16 CF AB 78 88 48 CC FA AE DD EF B0 D8 24 B1 76 AB D0 30 9F B4 66 A0 D9 5D 84 D4 BF ED F0 7B EE 0D ED 14 6A A2 9A 8E C2 25 56 DB BF 89 43 12 60 AB B8 D5 D6 49 09 50 98 9B F0 EB A9 C5 F4 9B 56 94 C0 70 18 58 AB 52 6A 9F 59 E6 9E CF 9C 95 68 C2 AA 76 FF 78 E7 B1 FE E1 E9 69 54 37 DC 90 B6 6F C5 78 47 8C A7 ED CC C7 B0 E8 90 06 18 4C 49 53 69 \"\"\"^^<http://www.w3.org/ns/auth/cert#hex> ; <http://www.w3.org/ns/auth/rsa#public_exponent> \"65537\"^^<http://www.w3.org/ns/auth/cert#decimal> . """^^<http://example.com/turtle> . [] a <http://www.w3.org/ns/earl#Assertion> ; <http://www.w3.org/ns/earl#result> [ a <http://www.w3.org/ns/earl#TestResult> ; <http://purl.org/dc/elements/1.1/description> "Certificate contains RSA key which is recognised" ; <http://www.w3.org/ns/earl#outcome> <http://www.w3.org/ns/earl#passed> ; <http://www.w3.org/ns/earl#pointer> _:b3 ] ; <http://www.w3.org/ns/earl#subject> _:b1 ; <http://www.w3.org/ns/earl#test> <http://www.w3.org/2005/Incubator/webid/test/certificatePubkeyRecognised> . [] a <http://www.w3.org/ns/earl#Assertion> ; <http://www.w3.org/ns/earl#result> [ a <http://www.w3.org/ns/earl#TestResult> ; <http://purl.org/dc/elements/1.1/description> "Found one Modulus" ; <http://www.w3.org/ns/earl#outcome> <http://www.w3.org/ns/earl#passed> ] ; <http://www.w3.org/ns/earl#subject> _:b2 ; <http://www.w3.org/ns/earl#test> <http://www.w3.org/2005/Incubator/webid/test/pubkeyRSAExponentFunctional> . _:b1 a <http://www.w3.org/ns/auth/cert#Certificate> ; <http://www.w3.org/ns/auth/cert#base64der> "MIICzzCCAjigAwIBAgIGASX2Ykm+MA0GCSqGSIb3DQEBBQUAMFQxCzAJBgNVBAYTAlVTMRcwFQYDVQQKDA5GT0FGIENlcnRzIEluYzEWMBQGA1UECwwNMTI2MjU1OTA1NDIwODEUMBIGA1UEAwwLSGVucnkgU3RvcnkwHhcNMTAwMTAzMjI1MDU0WhcNMTAxMjI1MjI1MDU0WjBUMQswCQYDVQQGEwJVUzEXMBUGA1UECgwORk9BRiBDZXJ0cyBJbmMxFjAUBgNVBAsMDTEyNjI1NTkwNTQyMDgxFDASBgNVBAMMC0hlbnJ5IFN0b3J5MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6ERNG91Vaxa1DeMc84Pkh/E9N1p3OoAMLbSlOb4sTPOKYEuHL/YvM60PH2Hpgg6nx/bZ6Jn/jKsf/RkO3mI0fY77pJGQ/szxeFoWbm2BrAkK8aekQacbpP0xKLMP7Eoh7cZDGdfzvJPEKBWafDnUNf8mSLpWLedjz4TCCESMlnwIDAQABo4GrMIGoMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgLsMBEGCWCGSAGG+EIBAQQEAwIFoDAdBgNVHQ4EFgQUaoLsIvS+zlB5UVt8aC9EN4O6mvwwHwYDVR0jBBgwFoAUaoLsIvS+zlB5UVt8aC9EN4O6mvwwMgYDVR0RBCswKYYnaHR0cDovL2JibGZpc2gubmV0L3Blb3BsZS9oZW5yeS9jYXJkI21lMA0GCSqGSIb3DQEBBQUAA4GBAHg5aY9KZURf6xJJ+alMawq+FcrghA3LkssdgZEycKBwgGqukm2C2pmUD2ByE+D33U8VpdtD4a67ZLIsnPFxjFcSLmRe+H7E4Fvo2nJH/xRNLdEDI2uVcn/pFB6MWYlg4n+s+fNSsSfLOdINsMfzMnw4awLsMtW45Vq8yuYmOZwg" ; <http://www.w3.org/ns/auth/cert#principal_key> _:b3 . [] a <http://www.w3.org/ns/earl#Assertion> ; <http://www.w3.org/ns/earl#result> [ a <http://www.w3.org/ns/earl#TestResult> ; <http://purl.org/dc/elements/1.1/description> "Found one Modulus" ; <http://www.w3.org/ns/earl#outcome> <http://www.w3.org/ns/earl#passed> ] ; <http://www.w3.org/ns/earl#subject> _:b2 ; <http://www.w3.org/ns/earl#test> <http://www.w3.org/2005/Incubator/webid/test/pubkeyRSAModulusFunctional> . [] a <http://www.w3.org/ns/earl#Assertion> ; <http://www.w3.org/ns/earl#result> [ a <http://www.w3.org/ns/earl#TestResult> ; <http://purl.org/dc/elements/1.1/description> "found 0 valid principals" ; <http://www.w3.org/ns/earl#outcome> <http://www.w3.org/ns/earl#failed> ] ; <http://www.w3.org/ns/earl#subject> _:b1 ; <http://www.w3.org/ns/earl#test> <http://www.w3.org/2005/Incubator/webid/test/webidAuthentication> . [] a <http://www.w3.org/ns/earl#Assertion> ; <http://www.w3.org/ns/earl#result> [ a <http://www.w3.org/ns/earl#TestResult> ; <http://purl.org/dc/elements/1.1/description> "Exponent is of type cert:hex. It will always parse to a positive number." ; <http://www.w3.org/ns/earl#outcome> <http://www.w3.org/ns/earl#passed> ; <http://www.w3.org/ns/earl#pointer> """ E7 E9 2E B9 E0 86 92 CB 8E B9 07 22 22 B7 FB 86 34 91 89 A8 41 F1 CD E1 77 C8 4F 8D 31 FF EA 4F 8D 04 A3 7E 1F 43 11 1C F8 92 54 25 70 BE F8 6C B4 5D B3 98 4E 8C B3 43 70 CD 20 D6 1E E4 8E AA 31 30 BB AF 82 28 4F 2D BC BD 18 D0 E1 E4 6E 48 55 0E 17 A7 2C F4 1A 80 A2 16 8D 77 B4 93 80 83 21 C8 B3 C8 D8 F5 2F CC D1 C2 C3 74 4D AC 6B 61 96 4F 95 A4 F1 DB F5 69 30 8D C0 A5 A5 4A C9 BF F8 FA 62 78 51 90 C1 A2 5F 53 32 44 DF C8 16 CF AB 78 88 48 CC FA AE DD EF B0 D8 24 B1 76 AB D0 30 9F B4 66 A0 D9 5D 84 D4 BF ED F0 7B EE 0D ED 14 6A A2 9A 8E C2 25 56 DB BF 89 43 12 60 AB B8 D5 D6 49 09 50 98 9B F0 EB A9 C5 F4 9B 56 94 C0 70 18 58 AB 52 6A 9F 59 E6 9E CF 9C 95 68 C2 AA 76 FF 78 E7 B1 FE E1 E9 69 54 37 DC 90 B6 6F C5 78 47 8C A7 ED CC C7 B0 E8 90 06 18 4C 49 53 69 """^^<http://www.w3.org/ns/auth/cert#hex> ] ; <http://www.w3.org/ns/earl#subject> _:b2 ; <http://www.w3.org/ns/earl#test> <http://www.w3.org/2005/Incubator/webid/test/pubkeyRSAExponentLiteral> . _:b3 a <http://www.w3.org/ns/auth/rsa#RSAPublicKey> ; <http://www.w3.org/ns/auth/rsa#modulus> "ba111346f7555ac5ad4378c73ce0f921fc4f4dd69dcea0030b6d294e6f8b133ce29812e1cbfd8bcceb43c7d87a6083a9f1fdb67a267fe32ac7ff4643b7988d1f63bee924643fb33c5e16859b9b606b0242bc69e91069c6e93f4c4a2cc3fb12887b7190c675fcef24f10a05669f0e750d7fc9922e958b79d8f3e130821123259f"^^<http://www.w3.org/ns/auth/cert#hex> ; <http://www.w3.org/ns/auth/rsa#public_exponent> "65537"^^<http://www.w3.org/ns/auth/cert#int> . [] a <http://www.w3.org/ns/earl#Assertion> ; <http://www.w3.org/ns/earl#result> [ a <http://www.w3.org/ns/earl#TestResult> ; <http://purl.org/dc/elements/1.1/description> "Modulus and Exponent of key good" ; <http://www.w3.org/ns/earl#outcome> <http://www.w3.org/ns/earl#passed> ] ; <http://www.w3.org/ns/earl#subject> _:b2 ; <http://www.w3.org/ns/earl#test> <http://www.w3.org/2005/Incubator/webid/test/profileWellFormedKey> . [] a <http://www.w3.org/ns/earl#Assertion> ; <http://www.w3.org/ns/earl#result> [ a <http://www.w3.org/ns/earl#TestResult> ; <http://purl.org/dc/elements/1.1/description> "Modulus is of type cert:hex. It will always parse to a positive number." ; <http://www.w3.org/ns/earl#outcome> <http://www.w3.org/ns/earl#passed> ; <http://www.w3.org/ns/earl#pointer> """ E7 E9 2E B9 E0 86 92 CB 8E B9 07 22 22 B7 FB 86 34 91 89 A8 41 F1 CD E1 77 C8 4F 8D 31 FF EA 4F 8D 04 A3 7E 1F 43 11 1C F8 92 54 25 70 BE F8 6C B4 5D B3 98 4E 8C B3 43 70 CD 20 D6 1E E4 8E AA 31 30 BB AF 82 28 4F 2D BC BD 18 D0 E1 E4 6E 48 55 0E 17 A7 2C F4 1A 80 A2 16 8D 77 B4 93 80 83 21 C8 B3 C8 D8 F5 2F CC D1 C2 C3 74 4D AC 6B 61 96 4F 95 A4 F1 DB F5 69 30 8D C0 A5 A5 4A C9 BF F8 FA 62 78 51 90 C1 A2 5F 53 32 44 DF C8 16 CF AB 78 88 48 CC FA AE DD EF B0 D8 24 B1 76 AB D0 30 9F B4 66 A0 D9 5D 84 D4 BF ED F0 7B EE 0D ED 14 6A A2 9A 8E C2 25 56 DB BF 89 43 12 60 AB B8 D5 D6 49 09 50 98 9B F0 EB A9 C5 F4 9B 56 94 C0 70 18 58 AB 52 6A 9F 59 E6 9E CF 9C 95 68 C2 AA 76 FF 78 E7 B1 FE E1 E9 69 54 37 DC 90 B6 6F C5 78 47 8C A7 ED CC C7 B0 E8 90 06 18 4C 49 53 69 """^^<http://www.w3.org/ns/auth/cert#hex> ] ; <http://www.w3.org/ns/earl#subject> _:b2 ; <http://www.w3.org/ns/earl#test> <http://www.w3.org/2005/Incubator/webid/test/pubkeyRSAModulusLiteral> . [] a <http://www.w3.org/ns/earl#Assertion> ; <http://www.w3.org/ns/earl#result> [ a <http://www.w3.org/ns/earl#TestResult> ; <http://purl.org/dc/elements/1.1/description> "Certificate available" ; <http://www.w3.org/ns/earl#outcome> <http://www.w3.org/ns/earl#passed> ] ; <http://www.w3.org/ns/earl#subject> _:b1 ; <http://www.w3.org/ns/earl#test> <http://www.w3.org/2005/Incubator/webid/test/certificateProvided> . [] a <http://www.w3.org/ns/earl#Assertion> ; <http://www.w3.org/ns/earl#result> [ a <http://www.w3.org/ns/earl#TestResult> ; <http://purl.org/dc/elements/1.1/description> "Certificate validity time has expired. " ; <http://www.w3.org/ns/earl#outcome> <http://www.w3.org/ns/earl#failed> ; <http://www.w3.org/ns/earl#pointer> [ a <http://xmlns.com/foaf/0.1/Document> ; <http://purl.org/dc/terms/created> "2011-05-04T15:32:29.779Z"^^<http://www.w3.org/2001/XMLSchema#dateTime> ] ] ; <http://www.w3.org/ns/earl#subject> _:b1 ; <http://www.w3.org/ns/earl#test> <http://www.w3.org/2005/Incubator/webid/test/certificateDateOk> . [] a <http://www.w3.org/ns/earl#Assertion> ; <http://www.w3.org/ns/earl#result> [ a <http://www.w3.org/ns/earl#TestResult> ; <http://purl.org/dc/elements/1.1/description> "Profile was fetched. The information about this is not yet very detailed in Clerezza. Later will be able to give more details." ; <http://www.w3.org/ns/earl#outcome> <http://www.w3.org/ns/earl#passed> ] ; <http://www.w3.org/ns/earl#subject> <http://bblfish.net/people/henry/card#me> ; <http://www.w3.org/ns/earl#test> <http://www.w3.org/2005/Incubator/webid/test/profileGet> . Social Web Architect http://bblfish.net/
Attachments
- application/octet-stream attachment: test.n3
Received on Wednesday, 4 May 2011 15:43:34 UTC