SSL: Add PEM format support for public key pinning

5 files changed, 28 insertions, 1 deletions

diff --git a/tests/certs/Makefile.am b/tests/certs/Makefile.am
index cd35bdff2..ddb5c9fb1 100644
--- a/tests/certs/Makefile.am
+++ b/tests/certs/Makefile.am
@@ -40,6 +40,8 @@ CERTFILES = \
   Server-localhost-sv.p12 \
   Server-localhost-sv.pem \
   Server-localhost-sv.prm \
+  Server-localhost-sv.pub.der \
+  Server-localhost-sv.pub.pem \
   Server-localhost.nn-sv.crl \
   Server-localhost.nn-sv.crt \
   Server-localhost.nn-sv.csr \
@@ -48,6 +50,8 @@ CERTFILES = \
   Server-localhost.nn-sv.key \
   Server-localhost.nn-sv.pem \
   Server-localhost.nn-sv.prm \
+  Server-localhost.nn-sv.pub.der \
+  Server-localhost.nn-sv.pub.pem \
   Server-localhost0h-sv.crl \
   Server-localhost0h-sv.crt \
   Server-localhost0h-sv.csr \
@@ -56,7 +60,9 @@ CERTFILES = \
   Server-localhost0h-sv.key \
   Server-localhost0h-sv.p12 \
   Server-localhost0h-sv.pem \
-  Server-localhost0h-sv.prm
+  Server-localhost0h-sv.prm \
+  Server-localhost0h-sv.pub.der \
+  Server-localhost0h-sv.pub.pem
 
 SRPFILES = \
   srp-verifier-conf \
diff --git a/tests/certs/Server-localhost-sv.pub.pem b/tests/certs/Server-localhost-sv.pub.pem
new file mode 100644
index 000000000..2384643d6
--- /dev/null
+++ b/tests/certs/Server-localhost-sv.pub.pem
@@ -0,0 +1,6 @@
+-----BEGIN PUBLIC KEY-----
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCwJ3kmLLnk0YEKCdJ2/prhBWgB
+s3J3lzjkYBxxnZn3JnshtW2qnxR2B2ykKi197vZviljEk97+oSUP/1dJwNmU2Qd5
+v4xt+vEYgmegP9cxA4LsuTlpB+zskxdbGnKRk7JrmGZj/mEp562GDgS6v4tVV2Gl
+SvbK58bRuGVCq2dkFwIDAQAB
+-----END PUBLIC KEY-----
diff --git a/tests/certs/Server-localhost.nn-sv.pub.pem b/tests/certs/Server-localhost.nn-sv.pub.pem
new file mode 100644
index 000000000..3131e9539
--- /dev/null
+++ b/tests/certs/Server-localhost.nn-sv.pub.pem
@@ -0,0 +1,6 @@
+-----BEGIN PUBLIC KEY-----
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDT1E7bY1w/OjpeOAmU5k1wnQ2v
+SeaCXQe39c2g369x8c+/1Zq9r3x4XVU/FL27LA5zndaCmtXm9iFdCJKicV+AX1zO
+8MI3N3kPTT3U8oBtRzZF0dKLei4ScUtHhvWMma/nDs+1yU16dfeydAxB46u7LJ1v
+VAgTWjrvfCf3PwsLcQIDAQAB
+-----END PUBLIC KEY-----
diff --git a/tests/certs/Server-localhost0h-sv.pub.pem b/tests/certs/Server-localhost0h-sv.pub.pem
new file mode 100644
index 000000000..c403ac575
--- /dev/null
+++ b/tests/certs/Server-localhost0h-sv.pub.pem
@@ -0,0 +1,6 @@
+-----BEGIN PUBLIC KEY-----
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMqZErIuiQK+VM3K5t2kzzMsyl
+aGdaO7mGo5WIPuhjw+0AYBkDK11bVoraIV5xXNHj3lEYwRcUsTOQAFya5XMLqIic
+0AtUvOo6Od32ZYFLKZlMcdP3aX+A6OhtYUGDh+usLL0P6xv9ojeXbTFWuktR3bEB
+64n4Jd5bo+WyP0x3UwIDAQAB
+-----END PUBLIC KEY-----
diff --git a/tests/certs/scripts/genserv.sh b/tests/certs/scripts/genserv.sh
index 463952c57..80876ec51 100755
--- a/tests/certs/scripts/genserv.sh
+++ b/tests/certs/scripts/genserv.sh
@@ -78,6 +78,9 @@ echo pseudo secrets generated
 echo "openssl rsa -in $PREFIX-sv.key -pubout -outform DER -out $PREFIX-sv.pub.der"
 $OPENSSL rsa -in $PREFIX-sv.key -pubout -outform DER -out $PREFIX-sv.pub.der
 
+echo "openssl rsa -in $PREFIX-sv.key -pubout -outform PEM -out $PREFIX-sv.pub.pem"
+$OPENSSL rsa -in $PREFIX-sv.key -pubout -outform PEM -out $PREFIX-sv.pub.pem
+
 echo "openssl x509 -set_serial $SERIAL -extfile $PREFIX-sv.prm -days $DURATION  -CA $CAPREFIX-ca.cacert -CAkey $CAPREFIX-ca.key -in $PREFIX-sv.csr -req -out $PREFIX-sv.crt -text -nameopt multiline -sha1"
 
 $OPENSSL x509 -set_serial $SERIAL -extfile $PREFIX-sv.prm -days $DURATION  -CA $CAPREFIX-ca.cacert -CAkey $CAPREFIX-ca.key -in $PREFIX-sv.csr -req -out $PREFIX-sv.crt -text -nameopt multiline -sha1