From 6aafee1771ae266c8f2a6d25d92f7cc3dd417b3b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Caleb=20=E3=83=84=20Everett?= <calebev@amazon.com>
Date: Fri, 28 Jun 2019 11:11:39 -0700
Subject: [PATCH] test: generate des rsa_cert.pfx

My node distribution uses a shared openssl library with some ciphers
disabled, including RC2.

These tests (which use `rsa_cert.pfx`) fail with `unknown cipher`:
 - parallel/test-crypto-binary-default
 - parallel/test-https-pfx
 - parallel/test-crypto

The other fixture .pfx's use the `-descert` option, I don't know if
rsa_cert.pfx was generated without `-descert` intentionally or not but
none of the tests reference RC2, and the tests pass with a des cert.

I'm not an ssl/crypto expert, so I would appreciate any insight.

Old key:
```
openssl pkcs12 -info -in test/fixtures/keys/rsa_cert.pfx -noout -passin
pass:sample
MAC Iteration 2048
MAC verified OK
PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration 2048
Certificate bag
PKCS7 Data
Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048
```

New
```
openssl pkcs12 -info -in test/fixtures/keys/rsa_cert.pfx -noout -passin
pass:sample
MAC Iteration 2048
MAC verified OK
PKCS7 Encrypted data: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048
Certificate bag
PKCS7 Data
Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048
```

PR-URL: https://github.com/nodejs/node/pull/28471
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Rich Trott <rtrott@gmail.com>
---
 test/fixtures/keys/Makefile     |   2 +-
 test/fixtures/keys/rsa_cert.pfx | Bin 2629 -> 2629 bytes
 2 files changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/fixtures/keys/Makefile b/test/fixtures/keys/Makefile
index 226dc67346e..824704c7241 100644
--- a/test/fixtures/keys/Makefile
+++ b/test/fixtures/keys/Makefile
@@ -631,7 +631,7 @@ rsa_cert.crt: rsa_private.pem
 	openssl req -new -x509 -days 99999 -key rsa_private.pem -config rsa_cert.cnf -out rsa_cert.crt
 
 rsa_cert.pfx: rsa_cert.crt
-	openssl pkcs12 -export -passout 'pass:sample' -inkey rsa_private.pem -in rsa_cert.crt -out rsa_cert.pfx
+	openssl pkcs12 -export -descert -passout 'pass:sample' -inkey rsa_private.pem -in rsa_cert.crt -out rsa_cert.pfx
 
 rsa_ca.crt: rsa_cert.crt
 	cp rsa_cert.crt rsa_ca.crt
diff --git a/test/fixtures/keys/rsa_cert.pfx b/test/fixtures/keys/rsa_cert.pfx
index 66cbb14842d7f52ef27cfe140604df3146b8e2cf..aef85e2e28055d26b05023460cdaca2eaad6355d 100644
GIT binary patch
delta 2451
zcmV;E32gSo6vY&fSbqaB4g?5!Y33VWq*r?a0tf(rf&^f6RsJ${ilc7D0m@D?@583e
zZYt%_#(L?yXNS3Wdo3VT^juHR<m5@^2qnJO#OwF+ijZX>`9h*9{@aNJnY_c@0{Qy%
zK@=s@NoTbc(w*kW#wc-x3Z?>iVz6T9j>%92fGd)5^A>trQh(Mm1`z;UB_kU}%yG)t
zhbesRtf0AR`jjbioH`y>$UN$~#ty|@KFdLo+LFWYBDI46>Qg_6kP-D+D3?k)JP~O{
zi%&(tQtfZ={A1m1&_NCO=2U#?kWCVmxeXIIm~S(qfzBt@&&xYv6@+mPh9p70%D|SR
zq;PLu$9fAgT7Mr?aT;JV_fQ3ydOg(+9G#^ap%}9(=NMdX+WHhi8qwb2Zj`VMdNR)f
zKI3-{<OoWP+*hV#i2tQp{uHBZka@$|Cz8McW*n`$;DU6Rf*N4!%Mju=LV)?KgHbb3
zB$L)c(#`cg=yFfFO<3)$RIeX#NA>J10O{W9k~~9pe}4?3^TFY^z{UCHJ~aI);;Ek1
z9KfXQ!R8{U>vha?;F<wd&x*JiDjqmcZ0*4|zas)TVzmtk8_!WhKO?YY_9hc<>s{-a
zWZ~km{~*ScCBLpnHrf;WL_|4P(7X7_H!D_p!F@)1-^{BW&-<En9NgKINNc$e9RXkM
z8;s@_AAiNcUlT~hEcU{#Lyl0J`=OtK4~X{03h*15(YSZ*Svo%^*S{GYCR=a)GDYSr
zg!PSxYG57R@j5l~(EA*x`!AAfijTD=t&$IqpWpuzl}G%n>BbR-N}6)AebT&NK!4zm
zX`_c=m|xCOH<r1v;+EC;z+Tb9J!y1(ntRH-f`1vJ$&t1#;Ze*2^6`gyI~5DLfZA?(
z+aCGu6?jmQha7Si?tX)_z3p-4dTb>S<0C^snDO_I`OBD^HQFyT>(~zIPJl|?w6}E+
zO<i3txl)K@3h36GedfuK9%t{9a#mXp0?n^UdF<)`^ehhB+5R$&=iOvEzpfTd)guoL
zOMhD=z=vLjT=3@m>RtL{zQEM~qWs$J4fbn+#bwOyO#fZbldJ@9R^j$`<!msfY2ika
z_edA{(Z1S~C)uSrsc6Mfmxj)%XdgEPLvi~J<l8AI?|?nFe7zCTMwswEJPUt&HMwvw
z;N4}a>dS}QzXV}&q9tS-m#@f@p0F@iV}IyEd!}SMF`y7>)l4Np_b?`j+DBsIV+@m1
ze=2m-tE1&dRT1{pOLiDB^wZ7`9s*j<DQPS|HfyL+4CG^&n6Fp<^=?gHrqF<vE3`pD
z>yLg4@TZY701sJWP7mNmf&*8J&|J00`Cf%ilAs7zgZh5TBhrt<KD(^^JEeS(=YQ{r
z`5hZ70xL+t#4(*XgU%WTqTl+Ut^a;%krkwKSpWX;hK8?c=d39b7@o$6e%>YG{Y}5%
zN?zKUnr5?H6|H+bMA<*5diXfdTiITWHvZL0TFJjw2;@1^%j|SolgAjr_xY@s-p{@x
z)^4oIQOD=DhhYA)yinjuvqy<Af|Jh#M1KJd3`HMK?vw%o2ml0v1jw_#@?=OOV+J%c
z<dK`kg$YH(LRwWR-<Ovk0toD`Y)Y4xNsZ{$DLw0ah}&dVH<;|xGj#fCV^Vs?bMM&K
z&a(08zf#o&u%AO2o8T6sKN|oT1W4)4BCc@4<HKIsa@7hS)aD3pejfs#F}{8<ihpQr
zt0`4qup%VgSPje$T>v5$*$+oNDj#jvoiSGif>w^C+%Yx+=}2ccYl&@DZM+$JN>2kj
zU5^bEk7ja;Av&a#4ir?t-b*GoTXWHkuOm~ZQS5-9=-%m&C(?7tV7a7k^=r+(fuAH#
zD~+IWNt8J&!T|G0FC4dsFRh=CK7U9kmK7;}{v%tf*E$l9kz^rKX3V|at;C7sL*s$b
z{FAL=OJxix00)>q$a>lrG|-xk>N{ToQi-r`k(wSrs+~)yoan0~MfEF*ji1;U41sp&
zc36Z*Y7t9EM9QR9$HrPs+m0qnB%sb!ng{G~N_2-?`7^vm38}<cDIvS@oqr**3<6Dp
zWY+K?EUK}fz!k}5C^uT)(Q^Xv6{*ibOhE7|eSE>h*1jlIipIUNQ3BP3c6AJ5R4y68
zG4sIrCpP^%v40!4SdJCL!qN}M3=7Tx@xUpPqIY;Q$+IiLTr*RQ>W7`;1U!(YjBd4K
z9Tp4ojLmqO#|hBlpq>M`kbir`Lii+vJS~O9(C0ZFHi=4{BqP^$Ue2ony?Z2Id+2SH
z5&<>ZSiW~u4B(^6w2*s?khO$jlX{5E8-agoZ>wbpBBQ5~4t*$!k03BdTm`+0Qe^vE
zTyU4CPCy)v+OiwmodbR06Qk^kK+D`*E<epY{sNW!m8NC%70b7zw10wP;%oSV8x7wi
zyV5hJ{(Ra_+-BePK%C$b^N1|)HlE0_=zmwnM6>-8`6%GN_i$mWo3y$eO#Ay%T}P(c
z8qLES7Y(r|v4WvOpmeVlhEl(iLT!@d9-mFIg(_mmFYp@cKGQo#dop-zt{vlNE~EPg
zS)>;;vX=CCO9K_#+<%07t72=&BwS%zWRE%g(x6n>WfQjA`En*w>_>&MnUNo)&1Hp{
za#?>Pxu|-pG#6?1J3>{{kQ6gAGcwRh$61&*Mb!>nff~cO!+Qn%k2kwaagU>+JwJ3v
z7@4EMI^=OeL&Mz<NaL|MW(gF_Q45oz&~9p)Kv?jPRq)r=9e<~i{&ce3+wpm@?G#%X
z*S>}u%D=LT!O1SO<mELLf#YJO`&74FQj@^JJ-Qbt!{(H$$gLiGr%%)4q#28XbsJ}h
z1T`_8t`3$)b?9l+wlU-K!Ce<RfK%Jm#3hB;J3>3Xj>$I6RO(u-1cvn8<2=Gt>s?@1
zq~DJ<sb*O68GrlJ@DWRZ7rJP;5;PE<Qkro6bk^BEssKOl+A&N6+kIAd_dB+e1*X~5
zM1<ZS-N(;9T|9QVGH3bil%~OIDuvECRL@$W_z}*au~4miim-DKd{@(s@%!Z6R&7%)
zu<WD9{n&jEOSoTLKz%o{k0ZNk`m2GV0wauX+|clPlVN?VZ6Db|S^pIqVvL~+@3Y#9
z^Ryoh)#4#5W274l^q?uiMPz7CyZy(B?`S^JQlR@X+=KM=%pk{v=2DS5+}C;4Q8SN3
zQg=8h+=v%y{D(%<8h-PHZ%+sg>gh*havtN8>j^j_zO_VrYD{f^akO~(o`BjEO?KGe
R1PBXfoy*v!%jg0E2mtvq%<KRF

delta 2451
zcmV;E32gSo6vY&fSbqjE4g?4)7$_U&<S%mq0tf(rf&^gO7d^B;TsSF}4%dHdkml3J
z4lFc*Z@hiHi8Z=s3caXY#>u@Os<&U7AcPRy#K?`|jxJ)BCLd0O&;fKyviU}=;aC!{
zkua*NLYy&#e3&bRyhh6k1TAN#-n;$Ga^mTh!=m{5et~s`qJKg7g(1!!Kc%HDZn!(i
ze3(zd&VBqA=&Vwl(~DwgXcX+m4i8NR`Cx@Ub_I--7a{BIs<?*|%`BhL0MJEKP15Z}
zCoDiPZ-Y~i_g1t2a;NBD&e&a?G-!NBQb)|x3f@l}!C=$(e2`5ko!Wk<I%#+Ov=6or
zfLrl@jd3#UwtwhANgg!THZ`A=Ff{sV&i;u(z|054)WbKz7z{GqfM-KYk0!qe!86W;
zPQKUO`YcXks)7+KB<c=hq7C2%;A`SFJQN`eG{fNWEjSG5yqS>o10-G`;R#6xG+x8v
z>sLOs&ys%%HtDx(<iWSM>$Qm-S~ORG7@MAi)@kQta(^T0&U)7hY6^bGg%K%32~sV1
z!~=_nH`3;>f)!g~IEfVS9GKQ2BUp!P;MyC~3zl3fkYTt6*)Q7q@VWGK+x_RMn0l7_
zKifsd<9Qc=oc{G&iHojh4$E#-*0>V(0nFl#K!o9xZIxOtfgo$B(tL;8SMPXIi~2b;
zkn7w-<9~anZW~!bRg2rWF#>HoxbD8BbyV2P^-h&F0v)rK1DdgS9b%9PJ3qu*aK(sH
z=1@xMM&C;HErI^g3lqX(LI^>x-v8p1*CT<FJ>wwiZPC#g47a!Lp63vN6&{7jri=+J
zcZfVTJEaG!g;y**DMA5AHm>^1-1mayY)O2=!GB7QBH(dHa2LD{<Qs>PHLS-3sRvz)
z3eKj6acdFzXK5TK^-G2OBDx~WL39eNZrMP?!XT@Bebj-2YI|DLZx6l2Nr3gJH5=$*
z<bR8_dGd7*f^(q_dZ9DeOH%SmuSd61A_Wqr$Pz~XJ5lp7%-$y=Vt9?rq0}PkqZ~14
z8GlgL*tc#u(*ckx=tcQ`QtO2!=Lz)_jrG0w3OyU<_DT|J{!hi@kVwEw{3}Q&_F)@S
z#-rLy{-_MmUZgoR0#q7!iteSqp6hc7w=Lqbh#s~t3tLe3@JFOF0gph8lsiH<(Qebm
z9p(||M`x?7ihuymy(16CDwJ6M`pXCOWPfaMPRB$SgXrin7T<iImSaM0WdBVAlTX>x
zC|#D{VD!k^AqE}qU{T5r6HF|-OiR2@<cGkV@85TcU8O2|-!4YkLi0<<E{A3kY32XK
z;E3}mqdM(du-bFM>Gy7~j3Ag?`f6$a9D&6zZtAd68ZVau)q21Ba+(`%hgm!#iGS5g
zj+MVtbKWF;&CpeBuf-e{ag2Qo-gWng3W_M{WQt#3BqJ5`68AM~>80GD&gcNafv^{D
z13%vd3rzQPJ8h2heq1=`SsAF6VIW)<{)f&aC@}6{auFD}Act+b=OY__pF%bKN8{9&
zX~Zg;42DZVpaeWnUD>&o+0FAXf|Jh#M1Q2CzuRz;t^EQ52ml0v1jvXr#}TNjg!w&x
z(zwJtj2+{a=Pc7OvO2^WS%f?GC$Jq<Sg-51ql%6xeFf0R#YU);6E8||7EeF+I~g`X
z@OuVz0a~7;68{^}N%v?hUF3fcmlvqPi5o4iPYf(g=%lHJz+DIpsB*bmS?4ubAb;jJ
zA@JVF$u2*&nl9noe;HzQiC1&ge)w2pSFsBtbn3W}*F(x~b6%_(E_{y@6YJ7ZFqAJ@
zP7Nrz;<m@<-f~!LgDk(s+%}NbbB2&N=s0H;OojA^-3Eat4`n?ig{O7*JK%lwC_Fuc
z68E3iymfnG*gza)W|-5fHp+5lD}RhdtIg;~asNH0M2=sgn(_)m__`F#gQ(6=XIm`f
zf_WM}&oM|9$3+7L?Hq>{bvlxZh0AO7%9T=?wCq;<WX8fv-<l_c9F!B!1WsbAq0gK9
z$7Z)|&m@c^hN%AEI;rWhN_-wPez!53=p4`~Y$td3vcf}HtmD8@|I{ADaew)N>IU8U
z5J$*|OVO#aaJT;cr0CgYqjNWL+zOOEQBy8_EO6`$aSmrCUIQY_?1HuyHeH&lY6N9^
zGCT@VhNHq!hTuVotDmlEice?}0usS)dA&=bQge<KV+nWEP|FrlwtL^;=$$5{qui@V
zzRtbD1Rn-t1WY80tTGNye1B?AEk2Tu$$xn*i@?u%HUR!AoelF3b<b*<V1WwFGlFPC
z;U=u_5qUsl2sg3NCi#2JkynO5bXLsd+DV^*%tc`&bN`F6Uzf(&J4w3y@liicg~(8Z
z7g8`1uz|HzRlf*?jHFo*5`{e_l6MGX>DBrCUrPbm<maMPM0XOcfPYSP(gzHeHbL~W
z`lf}My#y<7SJ8{GO-Mg4FRX`Sye;O8Ih}{2vNA)5ZdAk|K$8IxAMo-q<&&%l*@zW(
zX5oEDN9KyM2i5Q2lY2}n3OBpfy+1vrX=$L`aDvbA#xm#-!ksA*E&*YVYvlgot8kkK
ziIRG-vB0wRd%S^?;D02=6isY(!c1rc|HduUW~o)rHA8wfkG6E{Hxr6SM^t^?BBB8r
z)R2xt$6C0v2F&?-yfy=c<NLnIQVc&$@{;AMpp|#)LcNPLZ?c1L0>q}6f|KFKo91pA
zhdlIJ4MOasNBf}*6|#(f2aQ2vM~-xPo+=NnedQ*QK>-q^F@NvN!bV0hNt;fCaS^^G
z7~g%2ncfLEEbX)B`gb!dVh})m_GJLr1(GXtxWUd^|Ii+HDvd>xJ!G%#k7Dlvv$6Wb
z?qRJGY0gGf8lmNShA&=;B~K(;0W)`^L3*-ti>d0#xUl!~NN!9p4`VcZucgM&mi_df
zhRui?T+%FK(tqL5g>Jyj`sHa33Iv{7fEYtjKfIFrJlfjBv-MmAK%>Vh9WnZe@AxVt
z%uZ#x6ZZ1Zl|9nd&qy1Zje%S4*wL{^htb4zO(;bJ$pInN89RjC1}vas`hl3RDv$O(
zER2u?$rNVu3-Q8M8{UQ^Qu+3Oj}|V0eB%rw>`eH<^<icWsKc+w?z2N#EwBVgPJdb<
zoQe`oGesRu1%hj!dwYu9Gcc|;XwP&|oOFLW^>w516a!`i-#>KTMOU*7L47$L&U*aw
z52aAsQI;gXDLc4eLfqN^>kGzbw3)$_vHVYy>j^j_s=#pG_tlD(J6sp%8&C=<YQ0z%
R1PIEV*s^2jHdO)w2mmy_t%?8u