- From: Henry Story <henry.story@bblfish.net>
- Date: Wed, 4 May 2011 17:43:01 +0200
- To: WebID XG <public-xg-webid@w3.org>
- Message-Id: <61C76FEE-474F-4F06-B282-5724C96A93BF@bblfish.net>
I spent some time putting together a suite of tests described using the EARL ontology for ISSUE-9: Develop WebID Test Suite The Earl test description is attached here. It just needs to be placed on the WebID Incubator CVS so that it can be dereferenced programmatically.
Then I implemented it in Clerezza, which now can return test descriptions in simple html,
but also in application/rdf+xml, text/rdf+n3 or application/rdf+json
There may currently be more tests than are really needed, and other tests that are still
needed. For example there are not cache validity tests, and the representation is not
described very carefully yet. But this should be enough to at least get some feedback
on, and for someone to build a client test suite, that could then build a report for how
compliant Clerezza is to the WebID protocol. I expect there would be bugs in my code and
changes needed to the EARL ontology. But this is a start.
The code is here, and if you look at it with UTF-8 enabled in your browser and your OS has the
right fonts you'll see some nice scala DSL I put together
http://svn.apache.org/repos/asf/incubator/clerezza/trunk/parent/platform.security.foafssl/test/src/main/scala/org/apache/clerezza/foafssl/test/WebIDTester.scala
So you can try it out by going to
https://bblfish.net:8443/test/WebId
with your web browser after having installed a header modification plugin such as Firefox's
http://www.garethhunt.com/modifyheaders/ plugin. Set the Accept header to one of the mime
types above.
You can also test this on the command line using curl by copying one of your certificates with
private and public key to a local file.
1. In the Apple keychain and on Firefox you can extract
the pkcs12 file quite eassily and call it cert.p12
2. convert it to PEM
$ openssl pkcs12 -clcerts -in cert.p12 -out cert.pem
3. use openssl to get the file. Here for example
$ curl -E cert.pem -H "Accept: text/rdf+n3" https://bblfish.net:8443/test/WebId
Enter PEM pass phrase:
[] a <http://www.w3.org/ns/earl#Assertion> ;
<http://www.w3.org/ns/earl#result>
[ a <http://www.w3.org/ns/earl#TestResult> ;
<http://purl.org/dc/elements/1.1/description>
"claim for WebID <http://bblfish.net/people/henry/card#me> failed" ;
<http://www.w3.org/ns/earl#info>
"org.apache.clerezza.foafssl.auth.WebIDVerificationError: No matching keys found in WebID Profile" ;
<http://www.w3.org/ns/earl#outcome>
<http://www.w3.org/ns/earl#failed> ;
<http://www.w3.org/ns/earl#pointer>
<http://bblfish.net/people/henry/card#me>
] ;
<http://www.w3.org/ns/earl#subject>
<http://bblfish.net/people/henry/card#me> , _:b1 ;
<http://www.w3.org/ns/earl#test>
<http://www.w3.org/2005/Incubator/webid/test/webidClaim> .
_:b2 = """[] a <http://www.w3.org/ns/auth/rsa#RSAPublicKey> ;
<http://www.w3.org/ns/auth/cert#identity>
<http://bblfish.net/people/henry/card#me> ;
<http://www.w3.org/ns/auth/rsa#modulus>
\"\"\"
E7 E9 2E B9 E0 86 92 CB 8E B9 07 22 22 B7 FB 86 34 91 89 A8 41 F1 CD E1 77 C8 4F 8D 31 FF EA 4F 8D 04 A3 7E 1F 43 11 1C F8 92 54 25 70 BE F8 6C B4 5D B3 98 4E 8C B3 43 70 CD 20 D6 1E E4 8E AA 31 30 BB AF 82 28 4F 2D BC BD 18 D0 E1 E4 6E 48 55 0E 17 A7 2C F4 1A 80 A2 16 8D 77 B4 93 80 83 21 C8 B3 C8 D8 F5 2F CC D1 C2 C3 74 4D AC 6B 61 96 4F 95 A4 F1 DB F5 69 30 8D C0 A5 A5 4A C9 BF F8 FA 62 78 51 90 C1 A2 5F 53 32 44 DF C8 16 CF AB 78 88 48 CC FA AE DD EF B0 D8 24 B1 76 AB D0 30 9F B4 66 A0 D9 5D 84 D4 BF ED F0 7B EE 0D ED 14 6A A2 9A 8E C2 25 56 DB BF 89 43 12 60 AB B8 D5 D6 49 09 50 98 9B F0 EB A9 C5 F4 9B 56 94 C0 70 18 58 AB 52 6A 9F 59 E6 9E CF 9C 95 68 C2 AA 76 FF 78 E7 B1 FE E1 E9 69 54 37 DC 90 B6 6F C5 78 47 8C A7 ED CC C7 B0 E8 90 06 18 4C 49 53 69 \"\"\"^^<http://www.w3.org/ns/auth/cert#hex> ;
<http://www.w3.org/ns/auth/rsa#public_exponent>
\"65537\"^^<http://www.w3.org/ns/auth/cert#decimal> .
"""^^<http://example.com/turtle> .
[] a <http://www.w3.org/ns/earl#Assertion> ;
<http://www.w3.org/ns/earl#result>
[ a <http://www.w3.org/ns/earl#TestResult> ;
<http://purl.org/dc/elements/1.1/description>
"Certificate contains RSA key which is recognised" ;
<http://www.w3.org/ns/earl#outcome>
<http://www.w3.org/ns/earl#passed> ;
<http://www.w3.org/ns/earl#pointer>
_:b3
] ;
<http://www.w3.org/ns/earl#subject>
_:b1 ;
<http://www.w3.org/ns/earl#test>
<http://www.w3.org/2005/Incubator/webid/test/certificatePubkeyRecognised> .
[] a <http://www.w3.org/ns/earl#Assertion> ;
<http://www.w3.org/ns/earl#result>
[ a <http://www.w3.org/ns/earl#TestResult> ;
<http://purl.org/dc/elements/1.1/description>
"Found one Modulus" ;
<http://www.w3.org/ns/earl#outcome>
<http://www.w3.org/ns/earl#passed>
] ;
<http://www.w3.org/ns/earl#subject>
_:b2 ;
<http://www.w3.org/ns/earl#test>
<http://www.w3.org/2005/Incubator/webid/test/pubkeyRSAExponentFunctional> .
_:b1 a <http://www.w3.org/ns/auth/cert#Certificate> ;
<http://www.w3.org/ns/auth/cert#base64der>
"MIICzzCCAjigAwIBAgIGASX2Ykm+MA0GCSqGSIb3DQEBBQUAMFQxCzAJBgNVBAYTAlVTMRcwFQYDVQQKDA5GT0FGIENlcnRzIEluYzEWMBQGA1UECwwNMTI2MjU1OTA1NDIwODEUMBIGA1UEAwwLSGVucnkgU3RvcnkwHhcNMTAwMTAzMjI1MDU0WhcNMTAxMjI1MjI1MDU0WjBUMQswCQYDVQQGEwJVUzEXMBUGA1UECgwORk9BRiBDZXJ0cyBJbmMxFjAUBgNVBAsMDTEyNjI1NTkwNTQyMDgxFDASBgNVBAMMC0hlbnJ5IFN0b3J5MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6ERNG91Vaxa1DeMc84Pkh/E9N1p3OoAMLbSlOb4sTPOKYEuHL/YvM60PH2Hpgg6nx/bZ6Jn/jKsf/RkO3mI0fY77pJGQ/szxeFoWbm2BrAkK8aekQacbpP0xKLMP7Eoh7cZDGdfzvJPEKBWafDnUNf8mSLpWLedjz4TCCESMlnwIDAQABo4GrMIGoMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgLsMBEGCWCGSAGG+EIBAQQEAwIFoDAdBgNVHQ4EFgQUaoLsIvS+zlB5UVt8aC9EN4O6mvwwHwYDVR0jBBgwFoAUaoLsIvS+zlB5UVt8aC9EN4O6mvwwMgYDVR0RBCswKYYnaHR0cDovL2JibGZpc2gubmV0L3Blb3BsZS9oZW5yeS9jYXJkI21lMA0GCSqGSIb3DQEBBQUAA4GBAHg5aY9KZURf6xJJ+alMawq+FcrghA3LkssdgZEycKBwgGqukm2C2pmUD2ByE+D33U8VpdtD4a67ZLIsnPFxjFcSLmRe+H7E4Fvo2nJH/xRNLdEDI2uVcn/pFB6MWYlg4n+s+fNSsSfLOdINsMfzMnw4awLsMtW45Vq8yuYmOZwg" ;
<http://www.w3.org/ns/auth/cert#principal_key>
_:b3 .
[] a <http://www.w3.org/ns/earl#Assertion> ;
<http://www.w3.org/ns/earl#result>
[ a <http://www.w3.org/ns/earl#TestResult> ;
<http://purl.org/dc/elements/1.1/description>
"Found one Modulus" ;
<http://www.w3.org/ns/earl#outcome>
<http://www.w3.org/ns/earl#passed>
] ;
<http://www.w3.org/ns/earl#subject>
_:b2 ;
<http://www.w3.org/ns/earl#test>
<http://www.w3.org/2005/Incubator/webid/test/pubkeyRSAModulusFunctional> .
[] a <http://www.w3.org/ns/earl#Assertion> ;
<http://www.w3.org/ns/earl#result>
[ a <http://www.w3.org/ns/earl#TestResult> ;
<http://purl.org/dc/elements/1.1/description>
"found 0 valid principals" ;
<http://www.w3.org/ns/earl#outcome>
<http://www.w3.org/ns/earl#failed>
] ;
<http://www.w3.org/ns/earl#subject>
_:b1 ;
<http://www.w3.org/ns/earl#test>
<http://www.w3.org/2005/Incubator/webid/test/webidAuthentication> .
[] a <http://www.w3.org/ns/earl#Assertion> ;
<http://www.w3.org/ns/earl#result>
[ a <http://www.w3.org/ns/earl#TestResult> ;
<http://purl.org/dc/elements/1.1/description>
"Exponent is of type cert:hex. It will always parse to a positive number." ;
<http://www.w3.org/ns/earl#outcome>
<http://www.w3.org/ns/earl#passed> ;
<http://www.w3.org/ns/earl#pointer>
"""
E7 E9 2E B9 E0 86 92 CB 8E B9 07 22 22 B7 FB 86 34 91 89 A8 41 F1 CD E1 77 C8 4F 8D 31 FF EA 4F 8D 04 A3 7E 1F 43 11 1C F8 92 54 25 70 BE F8 6C B4 5D B3 98 4E 8C B3 43 70 CD 20 D6 1E E4 8E AA 31 30 BB AF 82 28 4F 2D BC BD 18 D0 E1 E4 6E 48 55 0E 17 A7 2C F4 1A 80 A2 16 8D 77 B4 93 80 83 21 C8 B3 C8 D8 F5 2F CC D1 C2 C3 74 4D AC 6B 61 96 4F 95 A4 F1 DB F5 69 30 8D C0 A5 A5 4A C9 BF F8 FA 62 78 51 90 C1 A2 5F 53 32 44 DF C8 16 CF AB 78 88 48 CC FA AE DD EF B0 D8 24 B1 76 AB D0 30 9F B4 66 A0 D9 5D 84 D4 BF ED F0 7B EE 0D ED 14 6A A2 9A 8E C2 25 56 DB BF 89 43 12 60 AB B8 D5 D6 49 09 50 98 9B F0 EB A9 C5 F4 9B 56 94 C0 70 18 58 AB 52 6A 9F 59 E6 9E CF 9C 95 68 C2 AA 76 FF 78 E7 B1 FE E1 E9 69 54 37 DC 90 B6 6F C5 78 47 8C A7 ED CC C7 B0 E8 90 06 18 4C 49 53 69 """^^<http://www.w3.org/ns/auth/cert#hex>
] ;
<http://www.w3.org/ns/earl#subject>
_:b2 ;
<http://www.w3.org/ns/earl#test>
<http://www.w3.org/2005/Incubator/webid/test/pubkeyRSAExponentLiteral> .
_:b3 a <http://www.w3.org/ns/auth/rsa#RSAPublicKey> ;
<http://www.w3.org/ns/auth/rsa#modulus>
"ba111346f7555ac5ad4378c73ce0f921fc4f4dd69dcea0030b6d294e6f8b133ce29812e1cbfd8bcceb43c7d87a6083a9f1fdb67a267fe32ac7ff4643b7988d1f63bee924643fb33c5e16859b9b606b0242bc69e91069c6e93f4c4a2cc3fb12887b7190c675fcef24f10a05669f0e750d7fc9922e958b79d8f3e130821123259f"^^<http://www.w3.org/ns/auth/cert#hex> ;
<http://www.w3.org/ns/auth/rsa#public_exponent>
"65537"^^<http://www.w3.org/ns/auth/cert#int> .
[] a <http://www.w3.org/ns/earl#Assertion> ;
<http://www.w3.org/ns/earl#result>
[ a <http://www.w3.org/ns/earl#TestResult> ;
<http://purl.org/dc/elements/1.1/description>
"Modulus and Exponent of key good" ;
<http://www.w3.org/ns/earl#outcome>
<http://www.w3.org/ns/earl#passed>
] ;
<http://www.w3.org/ns/earl#subject>
_:b2 ;
<http://www.w3.org/ns/earl#test>
<http://www.w3.org/2005/Incubator/webid/test/profileWellFormedKey> .
[] a <http://www.w3.org/ns/earl#Assertion> ;
<http://www.w3.org/ns/earl#result>
[ a <http://www.w3.org/ns/earl#TestResult> ;
<http://purl.org/dc/elements/1.1/description>
"Modulus is of type cert:hex. It will always parse to a positive number." ;
<http://www.w3.org/ns/earl#outcome>
<http://www.w3.org/ns/earl#passed> ;
<http://www.w3.org/ns/earl#pointer>
"""
E7 E9 2E B9 E0 86 92 CB 8E B9 07 22 22 B7 FB 86 34 91 89 A8 41 F1 CD E1 77 C8 4F 8D 31 FF EA 4F 8D 04 A3 7E 1F 43 11 1C F8 92 54 25 70 BE F8 6C B4 5D B3 98 4E 8C B3 43 70 CD 20 D6 1E E4 8E AA 31 30 BB AF 82 28 4F 2D BC BD 18 D0 E1 E4 6E 48 55 0E 17 A7 2C F4 1A 80 A2 16 8D 77 B4 93 80 83 21 C8 B3 C8 D8 F5 2F CC D1 C2 C3 74 4D AC 6B 61 96 4F 95 A4 F1 DB F5 69 30 8D C0 A5 A5 4A C9 BF F8 FA 62 78 51 90 C1 A2 5F 53 32 44 DF C8 16 CF AB 78 88 48 CC FA AE DD EF B0 D8 24 B1 76 AB D0 30 9F B4 66 A0 D9 5D 84 D4 BF ED F0 7B EE 0D ED 14 6A A2 9A 8E C2 25 56 DB BF 89 43 12 60 AB B8 D5 D6 49 09 50 98 9B F0 EB A9 C5 F4 9B 56 94 C0 70 18 58 AB 52 6A 9F 59 E6 9E CF 9C 95 68 C2 AA 76 FF 78 E7 B1 FE E1 E9 69 54 37 DC 90 B6 6F C5 78 47 8C A7 ED CC C7 B0 E8 90 06 18 4C 49 53 69 """^^<http://www.w3.org/ns/auth/cert#hex>
] ;
<http://www.w3.org/ns/earl#subject>
_:b2 ;
<http://www.w3.org/ns/earl#test>
<http://www.w3.org/2005/Incubator/webid/test/pubkeyRSAModulusLiteral> .
[] a <http://www.w3.org/ns/earl#Assertion> ;
<http://www.w3.org/ns/earl#result>
[ a <http://www.w3.org/ns/earl#TestResult> ;
<http://purl.org/dc/elements/1.1/description>
"Certificate available" ;
<http://www.w3.org/ns/earl#outcome>
<http://www.w3.org/ns/earl#passed>
] ;
<http://www.w3.org/ns/earl#subject>
_:b1 ;
<http://www.w3.org/ns/earl#test>
<http://www.w3.org/2005/Incubator/webid/test/certificateProvided> .
[] a <http://www.w3.org/ns/earl#Assertion> ;
<http://www.w3.org/ns/earl#result>
[ a <http://www.w3.org/ns/earl#TestResult> ;
<http://purl.org/dc/elements/1.1/description>
"Certificate validity time has expired. " ;
<http://www.w3.org/ns/earl#outcome>
<http://www.w3.org/ns/earl#failed> ;
<http://www.w3.org/ns/earl#pointer>
[ a <http://xmlns.com/foaf/0.1/Document> ;
<http://purl.org/dc/terms/created>
"2011-05-04T15:32:29.779Z"^^<http://www.w3.org/2001/XMLSchema#dateTime>
]
] ;
<http://www.w3.org/ns/earl#subject>
_:b1 ;
<http://www.w3.org/ns/earl#test>
<http://www.w3.org/2005/Incubator/webid/test/certificateDateOk> .
[] a <http://www.w3.org/ns/earl#Assertion> ;
<http://www.w3.org/ns/earl#result>
[ a <http://www.w3.org/ns/earl#TestResult> ;
<http://purl.org/dc/elements/1.1/description>
"Profile was fetched. The information about this is not yet very detailed in Clerezza. Later will be able to give more details." ;
<http://www.w3.org/ns/earl#outcome>
<http://www.w3.org/ns/earl#passed>
] ;
<http://www.w3.org/ns/earl#subject>
<http://bblfish.net/people/henry/card#me> ;
<http://www.w3.org/ns/earl#test>
<http://www.w3.org/2005/Incubator/webid/test/profileGet> .
Social Web Architect
http://bblfish.net/
Attachments
- application/octet-stream attachment: test.n3
Received on Wednesday, 4 May 2011 15:43:34 UTC