1berry/nodejs
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

test: move foafssl certs to fixtures/keys/

Browse Source 
PR-URL: https://github.com/nodejs/node/pull/27962
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
This commit is contained in:
Alex Aubuchon 2019-05-29 15:47:10 -07:00 committed by Rich Trott
parent 23d2d17607
commit 0ee02c7a1c
8 changed files with 73 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
test/fixtures/foafssl.crt vendored
View File

@ -1,25 +0,0 @@
Bag Attributes
friendlyName: Me's Not a Certification Authority ID
localKeyID: 98 CC 02 91 83 8D 14 4A 60 40 B7 11 E8 EF A9 01 4B D7 16 8A
subject=/O=FOAF+SSL/OU=The Community Of Self Signers/UID=http://example.com/#me/CN=Me
issuer=/O=FOAF+SSL/OU=The Community of Self Signers/CN=Not a Certification Authority
-----BEGIN CERTIFICATE-----
MIIDVDCCAr2gAwIBAgIQRLIhwZ2N3ciEdpWb6kPmPzANBgkqhkiG9w0BAQUFADBj
MREwDwYDVQQKDAhGT0FGK1NTTDEmMCQGA1UECwwdVGhlIENvbW11bml0eSBvZiBT
ZWxmIFNpZ25lcnMxJjAkBgNVBAMMHU5vdCBhIENlcnRpZmljYXRpb24gQXV0aG9y
aXR5MB4XDTExMDgzMDE3MzIwNFoXDTEyMDgyMDE5MzIwNFowcDERMA8GA1UECgwI
Rk9BRitTU0wxJjAkBgNVBAsMHVRoZSBDb21tdW5pdHkgT2YgU2VsZiBTaWduZXJz
MSYwJAYKCZImiZPyLGQBAQwWaHR0cDovL2V4YW1wbGUuY29tLyNtZTELMAkGA1UE
AwwCTWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCm9EqcJXkUMSFP
XIevngQBd6i7iayAP34Ju8OlUZ80nNm5xAvkNtCqgjqUFH4myJJIraK+PdTTTowo
lkaUsgR9IXtPEpk3Hqk6g8iauUQHJBMeZfKwFh3pVgzenBNFVVKy9Jzw+wDY13Uy
MkkT9vgP8p0KEx0p2wav+L4ZG3kg3C2uHCbqgqR4R6EDke879qq7PMQP+CEAsDpP
D/GAknjk3f2n3pVO1W3HrZpH7rw313GjZvxgpby3I3O+wYBkmz76DpCScHIQtBuQ
Ayuxi8kfIEbr2vEZH0pOJtcYecTHhnti/NUI6M5m6C0SinHpFYCfz0To3ndAZ/He
XXC5wDaHAgMBAAGjeDB2MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgLsMBEG
CWCGSAGG+EIBAQQEAwIFoDAdBgNVHQ4EFgQU3gJIUFpe8rKklsjEdsxlaT6rZhow
JAYDVR0RAQH/BBowGIYWaHR0cDovL2V4YW1wbGUuY29tLyNtZTANBgkqhkiG9w0B
AQUFAAOBgQBLhwWbYMdeSkVZ4biVUle+XHP4Gv8V9WSfldvgn1PntS1lpVR46Exl
AkLO1SrnN5WHeAjv6VNb3KmTF+QhLt/4a1l9CEEeZSg5ml5aeXE+veobgypDoam+
NKYAeIW9Wx+HcgBL4leIX3WiCKu/eal+a5ro18LQ8hkZqryHeVESIw==
-----END CERTIFICATE-----

32
test/fixtures/foafssl.key vendored
View File

@ -1,32 +0,0 @@
Bag Attributes
friendlyName: Me's Not a Certification Authority ID
localKeyID: 98 CC 02 91 83 8D 14 4A 60 40 B7 11 E8 EF A9 01 4B D7 16 8A
Key Attributes: <No Attributes>
-----BEGIN PRIVATE KEY-----
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCm9EqcJXkUMSFP
XIevngQBd6i7iayAP34Ju8OlUZ80nNm5xAvkNtCqgjqUFH4myJJIraK+PdTTTowo
lkaUsgR9IXtPEpk3Hqk6g8iauUQHJBMeZfKwFh3pVgzenBNFVVKy9Jzw+wDY13Uy
MkkT9vgP8p0KEx0p2wav+L4ZG3kg3C2uHCbqgqR4R6EDke879qq7PMQP+CEAsDpP
D/GAknjk3f2n3pVO1W3HrZpH7rw313GjZvxgpby3I3O+wYBkmz76DpCScHIQtBuQ
Ayuxi8kfIEbr2vEZH0pOJtcYecTHhnti/NUI6M5m6C0SinHpFYCfz0To3ndAZ/He
XXC5wDaHAgMBAAECggEAEhwrv7Zc5PDTYS1zVnx4iMQ3HGi5uouom1uvxE4PTAC7
qWf3tkCv798Cha+XY5OcMqALKEHCxU0e7QQoEdchn4UzQAePcSg1STCkYQw5seCa
5lA+vBUaF4aLDNa3TG0N9HWOVKGVnO/6OYC05qKClBBIMqCSKEkm942u6UBOql6q
71Sj1Nd/4eP9AcvgO5cgyUszM2I25LzXIZW7JLgdqXiJRj8CuY3X5FVURvadENgk
ctw5EjdT7LNdc67Ot9Bs6qcVr2ld/U+4ZSC2+cqtPyn7mnA4hrYXlpA1Ilv3oRwZ
aUJfG5HVV4jjNVHxDqddBh3UhOxJYZ1DNEMndTBx8QKBgQDcsrLfkE6utaj8w/of
Hk/aq1JRNLgSvhoP2wVmK7USvYFj7DIvL4CqyghY5TLgNk272v8mT0Q7R6AtsOUk
Gf50uZFAtIoPvTsvBu6cbRsPTeGJ0i1+LLme/AJu3MexXLF6mlzoGmlx8V7CoFqI
9hvqBA5rZ6ecoSjmU2q2xWKXKQKBgQDBqNqicSp2jnHiTXYbG/tsnxhFwALdEjvb
EgZprmoBzo1eQFOY/DNBdDiEZBstu9mJBX3XWTU1F4c6tYRocNCMDwLBZAB6NnVM
JjoddJApa5Qg3uoXmk53saZhcVkOzh+P/Dxg9c9O3q4DDUegnkM95ZSbCPtIBq6K
bPA3OS+GLwKBgQCY0022LjGuHbFlRzg+sDjPzW71OLJ2mBln/VyhwYZj8cJVtUuT
DSvmGHzrQduXE0OE4ENq/dzbx9+NhD9IXo+ruIxy6BHqkDkZeY1l2M+yK1YQn/BM
vR/UjeIJbu0BTpS/t4C6YP+/nUrnLy9CRFpUFHb/vQl+FsNBq2XsJob88QKBgQCD
6B5bbNduf2HEsdxTZMDhYJAo2jtZFxVcBzAFBb7A0k7qNsh6OLY0zBO+4Wy9vujR
8sKfTuz157u9WmwAs27pJ0RKM3I7zCIjJxqIe5/CBruTlCJAx2LRFljsoEb31aAb
88Owi12ULAq8m2wBVCsa2uhYnUqC6cIzGTaZdsMPEwKBgQDJXI+J2d36IWzFrByH
yskssFldbLxm/7EexzAYuoSpHuQIxGJYHTHn6CZhqrX8UbxVnS909ES+17kdLZVP
egvaxn1mtfZInnH64PiQDQrsNnbP4Zg8yvLvIcEVIPqnSQ5QrhdR29tjYuDwUIKM
4BMR2yfkFp6URRX7ZD1UQsduww==
-----END PRIVATE KEY-----

14
test/fixtures/keys/Makefile vendored
View File

@ -50,6 +50,9 @@ all: \
rsa_private_b.pem \
I_AM_THE_WALRUS_sha256_signature_signedby_rsa_private_b.sha256 \
rsa_public_b.pem \
rsa_cert_foafssl_b.crt \
rsa_cert_foafssl_b.modulus \
rsa_cert_foafssl_b.exponent \
rsa_spkac.spkac \
rsa_spkac_invalid.spkac \
rsa_private_1024.pem \
@ -648,6 +651,17 @@ I_AM_THE_WALRUS_sha256_signature_signedby_rsa_private_b.sha256: rsa_private_b.pe
rsa_public_b.pem: rsa_private_b.pem
openssl rsa -in rsa_private_b.pem -pubout -out rsa_public_b.pem
rsa_cert_foafssl_b.crt: rsa_private_b.pem
openssl req -new -x509 -config rsa_cert_foafssl_b.cnf -key rsa_private_b.pem -out rsa_cert_foafssl_b.crt
# The 'modulus=' in the output must be stripped out
rsa_cert_foafssl_b.modulus: rsa_cert_foafssl_b.crt
openssl x509 -modulus -in rsa_cert_foafssl_b.crt -noout | cut -c 9- > rsa_cert_foafssl_b.modulus
# Have to parse out the hex exponent
rsa_cert_foafssl_b.exponent: rsa_cert_foafssl_b.crt
openssl x509 -in rsa_cert_foafssl_b.crt -text | grep -o 'Exponent:.*' | sed 's/\(.*(\|).*\)//g' > rsa_cert_foafssl_b.exponent
# openssl outputs `SPKAC=[SPKAC]`. That prefix needs to be removed to work with node
rsa_spkac.spkac: rsa_private.pem
openssl spkac -key rsa_private.pem -challenge this-is-a-challenge | cut -c 7- > rsa_spkac.spkac

24
test/fixtures/keys/rsa_cert_foafssl_b.cnf vendored Normal file
View File

@ -0,0 +1,24 @@
[ req ]
days = 99999
distinguished_name = req_distinguished_name
attributes = req_attributes
prompt = no
x509_extensions = v3_ca
[ req_distinguished_name ]
C = UK
ST = "FOAF+SSL Auth Certificate"
L = Rhys Jones
O = node.js
OU = Test TLS Certificate
CN = localhost
emailAddress = alex@aub.dev
[ req_attributes ]
[ v3_ca ]
basicConstraints = CA:FALSE
subjectAltName = @alt_names
[ alt_names ]
URI = http://example.com/\#me

24
test/fixtures/keys/rsa_cert_foafssl_b.crt vendored Normal file
View File

@ -0,0 +1,24 @@
-----BEGIN CERTIFICATE-----
MIIEEDCCAvigAwIBAgIUAhzZrkGH3j4aXirSjA6n87moF9kwDQYJKoZIhvcNAQEL
BQAwgagxCzAJBgNVBAYTAlVLMSIwIAYDVQQIDBlGT0FGK1NTTCBBdXRoIENlcnRp
ZmljYXRlMRMwEQYDVQQHDApSaHlzIEpvbmVzMRAwDgYDVQQKDAdub2RlLmpzMR0w
GwYDVQQLDBRUZXN0IFRMUyBDZXJ0aWZpY2F0ZTESMBAGA1UEAwwJbG9jYWxob3N0
MRswGQYJKoZIhvcNAQkBFgxhbGV4QGF1Yi5kZXYwHhcNMTkwNTI5MjIzMjM1WhcN
MTkwNjI4MjIzMjM1WjCBqDELMAkGA1UEBhMCVUsxIjAgBgNVBAgMGUZPQUYrU1NM
IEF1dGggQ2VydGlmaWNhdGUxEzARBgNVBAcMClJoeXMgSm9uZXMxEDAOBgNVBAoM
B25vZGUuanMxHTAbBgNVBAsMFFRlc3QgVExTIENlcnRpZmljYXRlMRIwEAYDVQQD
DAlsb2NhbGhvc3QxGzAZBgkqhkiG9w0BCQEWDGFsZXhAYXViLmRldjCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMm9YK6zftvX8XnhG02khI2ukyg06U/1
l56qxQkvoeyGHJw6AFcHLD1ORWXlD7yyjM4vTR0id+C0Arq6h4B/F/nMNGE94HWE
v+6qEIl7Psyr+teTXLbQ98ZUC3HmPjcM56D18smcDnmaslOR4qm66ruoXa+oEGKI
DDS59jcQVtqRnoHevmRjAl9/vwbTD/+rV5rbWI2PsoTdkqxs+XCoVqXB4gul/ge7
giqCmcvrdo1MWFSlMFq9WbjPJKUp7lQnL9TqDBhIphBwO7/3mhf8vs/1XUOGPPBo
U51TeCm7YGfqPT6IY8SxVOtlXkwC4sVOZj0CkoEiAin43r9BVFLqxesCAwEAAaMw
MC4wCQYDVR0TBAIwADAhBgNVHREEGjAYhhZodHRwOi8vZXhhbXBsZS5jb20vI21l
MA0GCSqGSIb3DQEBCwUAA4IBAQBMRbs4ERIJmZz6GAaI85vbwR166S+g5rkNK8iZ
jMAeSD9O2/ZT3JhGfh+f/m7cy1+RiARVSZOgd0nN/L6U6JlPbjtK92CpIx+gDw67
lYV3QQCGU0tNQ1EFNzj6A7Mi/zSZ5wBbTi886xYztLPSjWEHt+8pShHga/Qi3alN
3haN/UvyamKgmWna8s3zWrCEZwW7D+XQqWoA2EISlnIdX46agHgmU30+TalGDAzf
OFwGvEfkyHTrrl6TxwdLU8fWsEcBOF6Ukg7kEc1aCBgd3cD9LI8g2N8DQdkWGGEQ
innpMWv59H2v3gVMj/0/BPGthQMTHMrhKWZZ1QGjkId7tHro
-----END CERTIFICATE-----

1
test/fixtures/keys/rsa_cert_foafssl_b.exponent vendored Normal file
View File

@ -0,0 +1 @@
0x10001

1
test/fixtures/keys/rsa_cert_foafssl_b.modulus vendored Normal file
View File

@ -0,0 +1 @@
C9BD60AEB37EDBD7F179E11B4DA4848DAE932834E94FF5979EAAC5092FA1EC861C9C3A0057072C3D4E4565E50FBCB28CCE2F4D1D2277E0B402BABA87807F17F9CC34613DE07584BFEEAA10897B3ECCABFAD7935CB6D0F7C6540B71E63E370CE7A0F5F2C99C0E799AB25391E2A9BAEABBA85DAFA81062880C34B9F6371056DA919E81DEBE6463025F7FBF06D30FFFAB579ADB588D8FB284DD92AC6CF970A856A5C1E20BA5FE07BB822A8299CBEB768D4C5854A5305ABD59B8CF24A529EE54272FD4EA0C1848A610703BBFF79A17FCBECFF55D43863CF068539D537829BB6067EA3D3E8863C4B154EB655E4C02E2C54E663D029281220229F8DEBF415452EAC5EB

24
test/parallel/test-https-foafssl.js
View File

@ -33,21 +33,15 @@ const https = require('https');
const spawn = require('child_process').spawn;
const options = {
key: fixtures.readSync('agent.key'),
cert: fixtures.readSync('agent.crt'),
key: fixtures.readKey('rsa_private.pem'),
cert: fixtures.readKey('rsa_cert.crt'),
requestCert: true,
rejectUnauthorized: false
};
const modulus = 'A6F44A9C25791431214F5C87AF9E040177A8BB89AC803F7E09BBC3A5519F' +
'349CD9B9C40BE436D0AA823A94147E26C89248ADA2BE3DD4D34E8C289646' +
'94B2047D217B4F1299371EA93A83C89AB9440724131E65F2B0161DE9560C' +
'DE9C13455552B2F49CF0FB00D8D77532324913F6F80FF29D0A131D29DB06' +
'AFF8BE191B7920DC2DAE1C26EA82A47847A10391EF3BF6AABB3CC40FF821' +
'00B03A4F0FF1809278E4DDFDA7DE954ED56DC7AD9A47EEBC37D771A366FC' +
'60A5BCB72373BEC180649B3EFA0E9092707210B41B90032BB18BC91F2046' +
'EBDAF1191F4A4E26D71879C4C7867B62FCD508E8CE66E82D128A71E91580' +
'9FCF44E8DE774067F1DE5D70B9C03687';
const webIdUrl = 'URI:http://example.com/#me';
const modulus = fixtures.readKey('rsa_cert_foafssl_b.modulus', 'ascii').replace(/\n/g, '');
const exponent = fixtures.readKey('rsa_cert_foafssl_b.exponent', 'ascii').replace(/\n/g, '');
const CRLF = '\r\n';
const body = 'hello world\n';
@ -58,8 +52,8 @@ const server = https.createServer(options, common.mustCall(function(req, res) {
cert = req.connection.getPeerCertificate();
assert.strictEqual(cert.subjectaltname, 'URI:http://example.com/#me');
assert.strictEqual(cert.exponent, '0x10001');
assert.strictEqual(cert.subjectaltname, webIdUrl);
assert.strictEqual(cert.exponent, exponent);
assert.strictEqual(cert.modulus, modulus);
res.writeHead(200, { 'content-type': 'text/plain' });
res.end(body);
@ -69,8 +63,8 @@ server.listen(0, function() {
const args = ['s_client',
'-quiet',
'-connect', `127.0.0.1:${this.address().port}`,
'-cert', fixtures.path('foafssl.crt'),
'-key', fixtures.path('foafssl.key')];
'-cert', fixtures.path('keys/rsa_cert_foafssl_b.crt'),
'-key', fixtures.path('keys/rsa_private_b.pem')];
const client = spawn(common.opensslCli, args);