diff options
40 files changed, 1339 insertions, 6 deletions
@@ -7,6 +7,13 @@ Changelog Daniel Stenberg (11 Aug 2009) +- Peter Sylvester made the HTTPS test server use specific certificates for + each test, so that the test suite can now be used to actually test the + verification of cert names etc. This made an error show up in the OpenSSL- + specific code where it would attempt to match the CN field even if a + subjectAltName exists that doesn't match. This is now fixed and verified + in test 311. + - Benbuck Nason posted the bug report #2835196 (http://curl.haxx.se/bug/view.cgi?id=2835196), fixing a few compiler warnings when mixing ints and bools. diff --git a/RELEASE-NOTES b/RELEASE-NOTES index ceb84d9c7..0ecd1fe45 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -42,6 +42,8 @@ This release includes the following bugfixes: o rand seeding on libcurl on windows built with OpenSSL was not thread-safe o fixed the zero byte inserted in cert name flaw in libcurl+OpenSSL o don't try SNI with SSLv2 or SSLv3 (OpenSSL and GnuTLS builds) + o libcurl+OpenSSL would wrongly acknowledge a cert if CN matched but + subjectAltName didn't This release includes the following known bugs: diff --git a/lib/ssluse.c b/lib/ssluse.c index 07824b411..bc1934cfc 100644 --- a/lib/ssluse.c +++ b/lib/ssluse.c @@ -1137,6 +1137,12 @@ static CURLcode verifyhost(struct connectdata *conn, if(matched) /* an alternative name matched the server hostname */ infof(data, "\t subjectAltName: %s matched\n", conn->host.dispname); + else if(altnames) { + /* an alternative name field existed, but didn't match and then + we MUST fail */ + infof(data, "\t subjectAltName does not match %s\n", conn->host.dispname); + res = CURLE_PEER_FAILED_VERIFICATION; + } else { /* we have to look to the last occurence of a commonName in the distinguished one to get the most significant one. */ diff --git a/tests/Makefile.am b/tests/Makefile.am index 96a93ea1f..32f27b520 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -27,7 +27,7 @@ PDFPAGES = testcurl.pdf runtests.pdf EXTRA_DIST = ftpserver.pl httpserver.pl httpsserver.pl runtests.pl getpart.pm \ FILEFORMAT README stunnel.pem memanalyze.pl testcurl.pl valgrind.pm ftp.pm \ sshserver.pl sshhelp.pm testcurl.1 runtests.1 $(HTMLPAGES) $(PDFPAGES) \ - CMakeLists.txt + CMakeLists.txt certs/scripts/*.sh certs/Server* certs/EdelCurlRoot* SUBDIRS = data server libtest diff --git a/tests/certs/EdelCurlRoot-ca.cacert b/tests/certs/EdelCurlRoot-ca.cacert new file mode 100644 index 000000000..c5154a4de --- /dev/null +++ b/tests/certs/EdelCurlRoot-ca.cacert @@ -0,0 +1,85 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 0b:5c:fb:79:f2:09 + Signature Algorithm: sha1WithRSAEncryption + Issuer: + countryName = NN + organizationName = Edel Curl Arctic Illudium Research Cloud + commonName = Nothern Nowhere Trust Anchor + Validity + Not Before: Aug 4 15:06:44 2009 GMT + Not After : Jan 7 15:06:44 2026 GMT + Subject: + countryName = NN + organizationName = Edel Curl Arctic Illudium Research Cloud + commonName = Nothern Nowhere Trust Anchor + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:bd:b7:e7:70:4c:17:0d:0f:e6:a4:ed:81:0b:26: + a9:d2:16:f6:2a:9c:87:6d:8e:7e:e2:71:98:89:41: + 97:d7:62:0b:c7:92:35:e5:09:0a:b4:67:06:59:c5: + 3b:2f:ae:6c:ff:68:6c:af:46:a3:1f:7e:32:5a:08: + c4:6e:65:5c:c2:9f:99:11:4e:28:dc:37:98:d0:ab: + 66:13:35:c6:bd:3c:6f:65:e2:5d:c2:59:21:80:68: + c0:85:eb:7e:a2:58:99:04:45:c3:f7:4c:39:83:fa: + 5c:6e:6a:a0:ff:45:b7:2f:7a:bb:bb:7f:3d:2b:cb: + 57:5f:09:24:c5:77:96:5d:1b:56:56:9a:48:51:0a: + f5:67:0f:67:8d:0d:82:c7:84:bf:b5:c5:f8:cd:71: + 2f:92:cb:e8:94:96:28:04:3a:c2:2c:38:e4:9e:3c: + 1b:89:9f:70:b6:02:b6:97:5e:2e:c1:5a:a7:af:86: + c2:b7:65:dc:83:8d:e7:85:72:a7:d1:f0:ba:ea:11: + dc:bd:7c:b5:68:89:82:15:2b:b5:91:f0:70:f5:fa: + e4:8c:21:fe:e7:8f:a3:16:5d:ee:a8:ff:a8:0e:22: + 1f:3e:27:25:f5:f1:a0:55:16:f7:c2:02:79:fb:c9: + ac:fd:d1:ca:6e:65:3e:97:cf:f0:df:c9:b9:c4:0a: + 87:c1 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + X509v3 Subject Key Identifier: + 12:6B:24:D2:4A:68:B7:A1:B0:1C:CD:BF:D6:4C:CC:40:5B:7F:E0:40 + Signature Algorithm: sha1WithRSAEncryption + 66:1e:56:86:7d:87:99:f9:9a:d9:fb:fe:9c:bf:9e:d9:90:07: + da:9a:33:0f:72:6b:44:00:df:85:f0:ff:ed:c5:06:1c:1c:ff: + 4e:94:7d:6f:6c:7e:82:1a:82:bc:fe:ac:02:c5:1d:d0:1f:a8: + e3:2d:a2:8d:43:8e:73:8a:b0:a4:da:0b:1d:7e:1c:e9:35:93: + 29:6d:05:9f:6d:6c:0e:09:ee:9c:1a:15:fe:8a:5e:19:d8:da: + a0:6b:2a:d5:1d:fa:0c:af:63:55:41:42:ec:dd:3c:b0:6e:1f: + 66:67:c5:28:fd:23:1b:a6:42:98:49:f5:33:58:7b:5a:91:c7: + 9c:66:1f:53:cc:8b:79:11:a9:fa:a3:b8:5e:e1:d1:12:97:ec: + 5e:4d:c9:77:4c:03:0c:e8:80:33:57:da:d4:ce:af:c5:1b:f5: + 96:47:d4:68:da:83:3c:45:ee:84:b4:82:94:cd:65:2c:41:f1: + 45:3d:19:9b:da:7a:54:04:e4:39:b1:b5:2a:15:29:b8:99:6d: + 30:73:12:bc:7d:e3:79:f2:12:aa:e1:d7:d1:83:c4:bb:0c:bb: + a1:36:37:84:38:de:7c:3a:d7:c8:4f:6b:d9:cb:80:2b:29:27: + bd:c3:de:a5:2a:11:6d:b6:09:59:e6:d7:49:ae:52:89:28:3b: + af:f0:bd:86 +-----BEGIN CERTIFICATE----- +MIIDkDCCAnigAwIBAgIGC1z7efIJMA0GCSqGSIb3DQEBBQUAMGcxCzAJBgNVBAYT +Ak5OMTEwLwYDVQQKDChFZGVsIEN1cmwgQXJjdGljIElsbHVkaXVtIFJlc2VhcmNo +IENsb3VkMSUwIwYDVQQDDBxOb3RoZXJuIE5vd2hlcmUgVHJ1c3QgQW5jaG9yMB4X +DTA5MDgwNDE1MDY0NFoXDTI2MDEwNzE1MDY0NFowZzELMAkGA1UEBhMCTk4xMTAv +BgNVBAoMKEVkZWwgQ3VybCBBcmN0aWMgSWxsdWRpdW0gUmVzZWFyY2ggQ2xvdWQx +JTAjBgNVBAMMHE5vdGhlcm4gTm93aGVyZSBUcnVzdCBBbmNob3IwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9t+dwTBcND+ak7YELJqnSFvYqnIdtjn7i +cZiJQZfXYgvHkjXlCQq0ZwZZxTsvrmz/aGyvRqMffjJaCMRuZVzCn5kRTijcN5jQ +q2YTNca9PG9l4l3CWSGAaMCF636iWJkERcP3TDmD+lxuaqD/Rbcveru7fz0ry1df +CSTFd5ZdG1ZWmkhRCvVnD2eNDYLHhL+1xfjNcS+Sy+iUligEOsIsOOSePBuJn3C2 +AraXXi7BWqevhsK3ZdyDjeeFcqfR8LrqEdy9fLVoiYIVK7WR8HD1+uSMIf7nj6MW +Xe6o/6gOIh8+JyX18aBVFvfCAnn7yaz90cpuZT6Xz/DfybnECofBAgMBAAGjQjBA +MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBQSayTS +Smi3obAczb/WTMxAW3/gQDANBgkqhkiG9w0BAQUFAAOCAQEAZh5Whn2Hmfma2fv+ +nL+e2ZAH2pozD3JrRADfhfD/7cUGHBz/TpR9b2x+ghqCvP6sAsUd0B+o4y2ijUOO +c4qwpNoLHX4c6TWTKW0Fn21sDgnunBoV/opeGdjaoGsq1R36DK9jVUFC7N08sG4f +ZmfFKP0jG6ZCmEn1M1h7WpHHnGYfU8yLeRGp+qO4XuHREpfsXk3Jd0wDDOiAM1fa +1M6vxRv1lkfUaNqDPEXuhLSClM1lLEHxRT0Zm9p6VATkObG1KhUpuJltMHMSvH3j +efISquHX0YPEuwy7oTY3hDjefDrXyE9r2cuAKyknvcPepSoRbbYJWebXSa5SiSg7 +r/C9hg== +-----END CERTIFICATE----- diff --git a/tests/certs/EdelCurlRoot-ca.crt b/tests/certs/EdelCurlRoot-ca.crt new file mode 100644 index 000000000..c5154a4de --- /dev/null +++ b/tests/certs/EdelCurlRoot-ca.crt @@ -0,0 +1,85 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 0b:5c:fb:79:f2:09 + Signature Algorithm: sha1WithRSAEncryption + Issuer: + countryName = NN + organizationName = Edel Curl Arctic Illudium Research Cloud + commonName = Nothern Nowhere Trust Anchor + Validity + Not Before: Aug 4 15:06:44 2009 GMT + Not After : Jan 7 15:06:44 2026 GMT + Subject: + countryName = NN + organizationName = Edel Curl Arctic Illudium Research Cloud + commonName = Nothern Nowhere Trust Anchor + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:bd:b7:e7:70:4c:17:0d:0f:e6:a4:ed:81:0b:26: + a9:d2:16:f6:2a:9c:87:6d:8e:7e:e2:71:98:89:41: + 97:d7:62:0b:c7:92:35:e5:09:0a:b4:67:06:59:c5: + 3b:2f:ae:6c:ff:68:6c:af:46:a3:1f:7e:32:5a:08: + c4:6e:65:5c:c2:9f:99:11:4e:28:dc:37:98:d0:ab: + 66:13:35:c6:bd:3c:6f:65:e2:5d:c2:59:21:80:68: + c0:85:eb:7e:a2:58:99:04:45:c3:f7:4c:39:83:fa: + 5c:6e:6a:a0:ff:45:b7:2f:7a:bb:bb:7f:3d:2b:cb: + 57:5f:09:24:c5:77:96:5d:1b:56:56:9a:48:51:0a: + f5:67:0f:67:8d:0d:82:c7:84:bf:b5:c5:f8:cd:71: + 2f:92:cb:e8:94:96:28:04:3a:c2:2c:38:e4:9e:3c: + 1b:89:9f:70:b6:02:b6:97:5e:2e:c1:5a:a7:af:86: + c2:b7:65:dc:83:8d:e7:85:72:a7:d1:f0:ba:ea:11: + dc:bd:7c:b5:68:89:82:15:2b:b5:91:f0:70:f5:fa: + e4:8c:21:fe:e7:8f:a3:16:5d:ee:a8:ff:a8:0e:22: + 1f:3e:27:25:f5:f1:a0:55:16:f7:c2:02:79:fb:c9: + ac:fd:d1:ca:6e:65:3e:97:cf:f0:df:c9:b9:c4:0a: + 87:c1 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + X509v3 Subject Key Identifier: + 12:6B:24:D2:4A:68:B7:A1:B0:1C:CD:BF:D6:4C:CC:40:5B:7F:E0:40 + Signature Algorithm: sha1WithRSAEncryption + 66:1e:56:86:7d:87:99:f9:9a:d9:fb:fe:9c:bf:9e:d9:90:07: + da:9a:33:0f:72:6b:44:00:df:85:f0:ff:ed:c5:06:1c:1c:ff: + 4e:94:7d:6f:6c:7e:82:1a:82:bc:fe:ac:02:c5:1d:d0:1f:a8: + e3:2d:a2:8d:43:8e:73:8a:b0:a4:da:0b:1d:7e:1c:e9:35:93: + 29:6d:05:9f:6d:6c:0e:09:ee:9c:1a:15:fe:8a:5e:19:d8:da: + a0:6b:2a:d5:1d:fa:0c:af:63:55:41:42:ec:dd:3c:b0:6e:1f: + 66:67:c5:28:fd:23:1b:a6:42:98:49:f5:33:58:7b:5a:91:c7: + 9c:66:1f:53:cc:8b:79:11:a9:fa:a3:b8:5e:e1:d1:12:97:ec: + 5e:4d:c9:77:4c:03:0c:e8:80:33:57:da:d4:ce:af:c5:1b:f5: + 96:47:d4:68:da:83:3c:45:ee:84:b4:82:94:cd:65:2c:41:f1: + 45:3d:19:9b:da:7a:54:04:e4:39:b1:b5:2a:15:29:b8:99:6d: + 30:73:12:bc:7d:e3:79:f2:12:aa:e1:d7:d1:83:c4:bb:0c:bb: + a1:36:37:84:38:de:7c:3a:d7:c8:4f:6b:d9:cb:80:2b:29:27: + bd:c3:de:a5:2a:11:6d:b6:09:59:e6:d7:49:ae:52:89:28:3b: + af:f0:bd:86 +-----BEGIN CERTIFICATE----- +MIIDkDCCAnigAwIBAgIGC1z7efIJMA0GCSqGSIb3DQEBBQUAMGcxCzAJBgNVBAYT +Ak5OMTEwLwYDVQQKDChFZGVsIEN1cmwgQXJjdGljIElsbHVkaXVtIFJlc2VhcmNo +IENsb3VkMSUwIwYDVQQDDBxOb3RoZXJuIE5vd2hlcmUgVHJ1c3QgQW5jaG9yMB4X +DTA5MDgwNDE1MDY0NFoXDTI2MDEwNzE1MDY0NFowZzELMAkGA1UEBhMCTk4xMTAv +BgNVBAoMKEVkZWwgQ3VybCBBcmN0aWMgSWxsdWRpdW0gUmVzZWFyY2ggQ2xvdWQx +JTAjBgNVBAMMHE5vdGhlcm4gTm93aGVyZSBUcnVzdCBBbmNob3IwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9t+dwTBcND+ak7YELJqnSFvYqnIdtjn7i +cZiJQZfXYgvHkjXlCQq0ZwZZxTsvrmz/aGyvRqMffjJaCMRuZVzCn5kRTijcN5jQ +q2YTNca9PG9l4l3CWSGAaMCF636iWJkERcP3TDmD+lxuaqD/Rbcveru7fz0ry1df +CSTFd5ZdG1ZWmkhRCvVnD2eNDYLHhL+1xfjNcS+Sy+iUligEOsIsOOSePBuJn3C2 +AraXXi7BWqevhsK3ZdyDjeeFcqfR8LrqEdy9fLVoiYIVK7WR8HD1+uSMIf7nj6MW +Xe6o/6gOIh8+JyX18aBVFvfCAnn7yaz90cpuZT6Xz/DfybnECofBAgMBAAGjQjBA +MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBQSayTS +Smi3obAczb/WTMxAW3/gQDANBgkqhkiG9w0BAQUFAAOCAQEAZh5Whn2Hmfma2fv+ +nL+e2ZAH2pozD3JrRADfhfD/7cUGHBz/TpR9b2x+ghqCvP6sAsUd0B+o4y2ijUOO +c4qwpNoLHX4c6TWTKW0Fn21sDgnunBoV/opeGdjaoGsq1R36DK9jVUFC7N08sG4f +ZmfFKP0jG6ZCmEn1M1h7WpHHnGYfU8yLeRGp+qO4XuHREpfsXk3Jd0wDDOiAM1fa +1M6vxRv1lkfUaNqDPEXuhLSClM1lLEHxRT0Zm9p6VATkObG1KhUpuJltMHMSvH3j +efISquHX0YPEuwy7oTY3hDjefDrXyE9r2cuAKyknvcPepSoRbbYJWebXSa5SiSg7 +r/C9hg== +-----END CERTIFICATE----- diff --git a/tests/certs/EdelCurlRoot-ca.csr b/tests/certs/EdelCurlRoot-ca.csr new file mode 100644 index 000000000..3a25911a3 --- /dev/null +++ b/tests/certs/EdelCurlRoot-ca.csr @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICrDCCAZQCAQAwZzELMAkGA1UEBhMCTk4xMTAvBgNVBAoMKEVkZWwgQ3VybCBB +cmN0aWMgSWxsdWRpdW0gUmVzZWFyY2ggQ2xvdWQxJTAjBgNVBAMMHE5vdGhlcm4g +Tm93aGVyZSBUcnVzdCBBbmNob3IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQC9t+dwTBcND+ak7YELJqnSFvYqnIdtjn7icZiJQZfXYgvHkjXlCQq0ZwZZ +xTsvrmz/aGyvRqMffjJaCMRuZVzCn5kRTijcN5jQq2YTNca9PG9l4l3CWSGAaMCF +636iWJkERcP3TDmD+lxuaqD/Rbcveru7fz0ry1dfCSTFd5ZdG1ZWmkhRCvVnD2eN +DYLHhL+1xfjNcS+Sy+iUligEOsIsOOSePBuJn3C2AraXXi7BWqevhsK3ZdyDjeeF +cqfR8LrqEdy9fLVoiYIVK7WR8HD1+uSMIf7nj6MWXe6o/6gOIh8+JyX18aBVFvfC +Ann7yaz90cpuZT6Xz/DfybnECofBAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEA +IFe5QoGVnUvCDOvZPMFmnclBgPVpTYB/twQEK3VoKnTbWj78LL6IGJLoqS7l+wnW +5PLYGjNwR7atIw1pnq6i+GglV5USXRMCNfB0NYLEZdfIUKwIQia2sidmv1gHDXbW +oCh33kwizd8K0pCivtS60p7PfrjyKuj0qcdwFLuW6sa9ks4mswsykPJFFWseln6U +YlFNOX2OWSNnoadLVgTxhIuSr7rXHVza01sNvH/tXKO0J4gfK7TctZpNsl4tnWx8 +6wjXe55aQqokjdfe92mPKClMuiXJTLPkM4tPN1Wau3qYw+BAb038z+j8FL8n7CEU +n3WlmMJ7tmkd3NShPejqZQ== +-----END CERTIFICATE REQUEST----- diff --git a/tests/certs/EdelCurlRoot-ca.der b/tests/certs/EdelCurlRoot-ca.der Binary files differnew file mode 100644 index 000000000..5d0e2d5d8 --- /dev/null +++ b/tests/certs/EdelCurlRoot-ca.der diff --git a/tests/certs/EdelCurlRoot-ca.key b/tests/certs/EdelCurlRoot-ca.key new file mode 100644 index 000000000..244aea1c6 --- /dev/null +++ b/tests/certs/EdelCurlRoot-ca.key @@ -0,0 +1,30 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIUbvkhX/UejoCAggA +MBQGCCqGSIb3DQMHBAhyTjz68mGb9gSCBMjeTO0EBH03MKmIHaDTPzJyJO4jyqQS +WJw6j+nYXHLQ3/PDh431GIQatN6Hpp14e+y/PZEl68jB8cxVCpiGO+JLT7ov4zlU +nLsCwSn7lmFeylrlZYOnP//3JVfEwcO3E22y6Ay3RKm5UYKTYoCXwkIC7xockF4+ +E3xq2bRYD4OGrb77srqU2puPie0otfm3dpkZk5FKY/9knygufqO0HoC6y1swPT0q +ykOst064UGFG36IiISVImoYeOQ2kY0fo3bBtC7QGhCiid0cOXZOUZD7I+Vz7UPJo +XUtM0s9V1uer/DrDREFrCG/GfwNDhrhqXM4AsJQwPi8FV4KK+rHOFCg0FOPAlGff +UMArHp81ZmM9T6SWmWFGdmJPNz0jp7HPmzYt3rXQc88qk0iig+A42SMqj6otMPuJ +st/0Sm+GzRHjbgV0Jh2zPpTwzznLj8NjHCtmSWijFZZbylEvr3klzLdnva5c75pw +Qhqbe3ZkNaRkJvxWlIvd8qrE4rix34M5ZN1gm4+y5kE8gYjMF8KdBwxfsSkobL48 +i2NpaROvFhewE9IaoJ8bAVJA9KpHZBftWaZFJ7S7h0Vdhw0KRVFZYQiz6xqma4Xp +yp4EopNdffuEXxQOQiAsHyhnBsPGoMTUpCQAfL1v90+SIs0FG6faClk3L6EyATXW +pLQURbocUJYr6hyxY62Y1pc3TVlspIv/kukKtwq7iuvD5mFgmGumSI/pq2jfKo02 +aFSPTNVEidFvJJVr0HVIwPVmuMRs0Lr0t8Txih4NIzTITR4tPwaIwhi0Qi3VanNG +TY9oevkclxiNbP9OQfIP6CMHNnAzLhOm+vbwlkCAqcFo0KjzGJb4NhyAxYpUZ7U3 +NGoNVQ7haF/Frz5PxAGl5l57qLI4pHsknrZsKxiTKpSy5l3melj3Zk0R2jXN9uJX +Z3FYG6R7Zbnt8gbXw1dqteLo07ObS7OwULqAJlboqporOtvWKhqPTPeNFP7HCdHJ +uFBVQJwWGD8QBcZ1k591JcFY7vPWHdQF7ku+EEs7dEeNBUS28Baw5qoiXRBWsD7B +Y3D4QaAZF64rqvtIlhDZBzmrUZ1KqJDX1B9I2pf7D6bbxL0wYiVTRQeoDV7eGZXF +0+tMbHgZ/CmAsOx0sdcR0BkigQMGh9HHtDs4gRJsf/RjzkKJQD28FfJxqvRYDYFd +8PSL7/DPipTUxvALuKWX/cRR/kVDEvt3AXJqAJsb3Xf/NloicieQ5QCy2LXwU4rQ +pBur7YFHw2VfT/HU8Jdd3yoXJPRBy9bAGFXojtBT6cuCcyBrUwrFo/nfiirK1WAd +krIL1/kUNKy34b/Yp2/BNuo+QrDP7tJNWVO7pVs1eNFs45en0GNR1tsaIxN95MwX +vw4g4vMNMkpEPdLCPkjCYuW6mqkxT7ED3LAEsOBljcjkaId4QVS2TZv9V+izeHx8 +OGYmyJB5d2N/v1gwBSq7h+xx7bG/hByJ+7hGR3J9+3HEN/TYFPqjIofA8sBZ6Emt +oICblaS4xlmWwb8iSdo38yDWVaemmuW3zpCLfCR3RFT8aV9u1eahYWuU0/kgn2QB +GvaavsdlahZl+f0uqf67TDWxTDkeQuiiRwy3UCnooxDLclq3YM9yWP4wbq9xNn4d +G+0= +-----END ENCRYPTED PRIVATE KEY----- diff --git a/tests/certs/EdelCurlRoot-ca.prm b/tests/certs/EdelCurlRoot-ca.prm new file mode 100644 index 000000000..4c53ef515 --- /dev/null +++ b/tests/certs/EdelCurlRoot-ca.prm @@ -0,0 +1,18 @@ +extensions = x509v3 +[ req ] +default_bits = 2048 +distinguished_name = req_DN +default_md = sha256 +string_mask = utf8only +[ req_DN ] +countryName = "Country Name" +countryName_value = NN +organizationName = "Organization Name" +organizationName_value = Edel Curl Arctic Illudium Research Cloud +commonName = "Common Name" +commonName_value = Nothern Nowhere Trust Anchor +[ x509v3 ] +basicConstraints = critical,CA:true +keyUsage = critical,keyCertSign,cRLSign +subjectKeyIdentifier = hash + diff --git a/tests/certs/Server-localhost-sv.crt b/tests/certs/Server-localhost-sv.crt new file mode 100644 index 000000000..f78e3c038 --- /dev/null +++ b/tests/certs/Server-localhost-sv.crt @@ -0,0 +1,81 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 0b:5d:0a:89:a5:41 + Signature Algorithm: sha1WithRSAEncryption + Issuer: + countryName = NN + organizationName = Edel Curl Arctic Illudium Research Cloud + commonName = Nothern Nowhere Trust Anchor + Validity + Not Before: Aug 4 22:07:52 2009 GMT + Not After : Oct 21 22:07:52 2017 GMT + Subject: + countryName = NN + organizationName = Edel Curl Arctic Illudium Research Cloud + commonName = localhost + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (1024 bit) + Modulus: + 00:d3:6f:53:ed:32:a1:69:20:22:6e:5c:69:34:3d: + 8f:14:65:61:c8:f7:99:15:ec:a9:51:43:87:7a:b0: + 4b:65:c5:c2:7c:e4:4a:f0:c7:25:42:19:ec:ec:84: + 5a:62:a0:4e:de:f9:2d:86:aa:e5:b2:b9:f7:e8:1f: + 5d:c6:8d:07:b1:83:54:92:a8:65:5d:2c:e6:3b:e0: + f3:0e:ae:b2:72:05:4c:dd:85:90:16:bc:1f:03:59: + 23:76:be:e0:38:ee:21:05:37:d0:01:31:7d:1f:3c: + f5:fd:78:56:cd:cb:86:bb:d1:e8:07:73:a6:90:f9: + 3b:7e:9d:85:bc:3c:2a:78:49 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Alternative Name: + DNS:localhost + X509v3 Key Usage: + Key Encipherment + X509v3 Extended Key Usage: + TLS Web Server Authentication + X509v3 Subject Key Identifier: + 53:59:CB:8D:67:CD:E7:63:E2:E5:DD:F0:F8:E1:82:ED:A8:10:38:A3 + X509v3 Authority Key Identifier: + keyid:12:6B:24:D2:4A:68:B7:A1:B0:1C:CD:BF:D6:4C:CC:40:5B:7F:E0:40 + + X509v3 Basic Constraints: critical + CA:FALSE + Signature Algorithm: sha1WithRSAEncryption + 06:3f:b8:df:8e:20:9d:cd:cd:bc:a9:88:eb:2d:f8:e6:f0:15: + fa:14:9c:5f:55:bc:8f:68:40:aa:d2:51:03:ab:09:ee:ee:a6: + d7:8f:32:9a:75:0b:41:35:71:bf:d9:35:03:dd:fd:e5:7d:45: + db:e5:9a:16:14:14:c7:98:a5:c5:b9:4d:81:3a:0c:f9:e0:97: + 71:d0:f3:a0:5d:84:ba:83:a8:d8:a0:98:bf:12:48:42:f0:1b: + 8a:58:80:16:62:69:bb:96:5a:ce:ac:02:fa:cb:cd:20:30:d0: + fb:23:3a:d3:7b:75:03:c8:c1:20:9e:24:90:d2:61:00:85:63: + e2:f9:a7:52:50:e2:0d:3b:61:f9:b1:d5:5f:64:dd:cb:38:7b: + 05:8d:b7:f9:08:8e:bf:d3:02:13:e7:34:fa:3d:bb:af:d7:aa: + de:79:28:f4:ae:87:f5:49:85:42:c7:af:8b:a0:94:ed:21:de: + 36:e6:38:a3:0f:75:cf:68:10:48:1d:7d:9b:a2:88:86:bd:b5: + fe:95:4a:c8:fe:77:6b:0a:47:79:ab:d6:35:ea:53:4f:8f:3a: + ba:e1:4c:00:57:b8:99:f9:21:5d:d2:ad:d9:c7:fa:bf:71:73: + 49:5d:0b:2c:fd:02:37:94:3c:3e:d7:ef:72:c5:e3:f3:14:9f: + 58:27:2a:aa +-----BEGIN CERTIFICATE----- +MIIDQTCCAimgAwIBAgIGC10KiaVBMA0GCSqGSIb3DQEBBQUAMGcxCzAJBgNVBAYT +Ak5OMTEwLwYDVQQKDChFZGVsIEN1cmwgQXJjdGljIElsbHVkaXVtIFJlc2VhcmNo +IENsb3VkMSUwIwYDVQQDDBxOb3RoZXJuIE5vd2hlcmUgVHJ1c3QgQW5jaG9yMB4X +DTA5MDgwNDIyMDc1MloXDTE3MTAyMTIyMDc1MlowVDELMAkGA1UEBhMCTk4xMTAv +BgNVBAoMKEVkZWwgQ3VybCBBcmN0aWMgSWxsdWRpdW0gUmVzZWFyY2ggQ2xvdWQx +EjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA +029T7TKhaSAiblxpND2PFGVhyPeZFeypUUOHerBLZcXCfORK8MclQhns7IRaYqBO +3vkthqrlsrn36B9dxo0HsYNUkqhlXSzmO+DzDq6ycgVM3YWQFrwfA1kjdr7gOO4h +BTfQATF9Hzz1/XhWzcuGu9HoB3OmkPk7fp2FvDwqeEkCAwEAAaOBiTCBhjAUBgNV +HREEDTALgglsb2NhbGhvc3QwCwYDVR0PBAQDAgUgMBMGA1UdJQQMMAoGCCsGAQUF +BwMBMB0GA1UdDgQWBBRTWcuNZ83nY+Ll3fD44YLtqBA4ozAfBgNVHSMEGDAWgBQS +ayTSSmi3obAczb/WTMxAW3/gQDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBBQUA +A4IBAQAGP7jfjiCdzc28qYjrLfjm8BX6FJxfVbyPaECq0lEDqwnu7qbXjzKadQtB +NXG/2TUD3f3lfUXb5ZoWFBTHmKXFuU2BOgz54Jdx0POgXYS6g6jYoJi/EkhC8BuK +WIAWYmm7llrOrAL6y80gMND7IzrTe3UDyMEgniSQ0mEAhWPi+adSUOINO2H5sdVf +ZN3LOHsFjbf5CI6/0wIT5zT6Pbuv16reeSj0rof1SYVCx6+LoJTtId425jijD3XP +aBBIHX2booiGvbX+lUrI/ndrCkd5q9Y16lNPjzq64UwAV7iZ+SFd0q3Zx/q/cXNJ +XQss/QI3lDw+1+9yxePzFJ9YJyqq +-----END CERTIFICATE----- diff --git a/tests/certs/Server-localhost-sv.csr b/tests/certs/Server-localhost-sv.csr new file mode 100644 index 000000000..4a1ccaf5a --- /dev/null +++ b/tests/certs/Server-localhost-sv.csr @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBkzCB/QIBADBUMQswCQYDVQQGEwJOTjExMC8GA1UECgwoRWRlbCBDdXJsIEFy +Y3RpYyBJbGx1ZGl1bSBSZXNlYXJjaCBDbG91ZDESMBAGA1UEAwwJbG9jYWxob3N0 +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDTb1PtMqFpICJuXGk0PY8UZWHI +95kV7KlRQ4d6sEtlxcJ85ErwxyVCGezshFpioE7e+S2GquWyuffoH13GjQexg1SS +qGVdLOY74PMOrrJyBUzdhZAWvB8DWSN2vuA47iEFN9ABMX0fPPX9eFbNy4a70egH +c6aQ+Tt+nYW8PCp4SQIDAQABoAAwDQYJKoZIhvcNAQELBQADgYEAxfegbegW/e09 +TV4TVuyt7S7wwCJFepfi7hNDoPf/CiuW3KeSySP68iD9QUNhy2wADFP6eHPaooUZ +h5PIvZ8IKpBzIbtG2mcOV4tKEBIshoBv/VFOTUqGKJf4r9dK0AjbovyPNpt9lCcO +xcnrH3WuQUVdmXVvlUXHz/mhzs2TFx4= +-----END CERTIFICATE REQUEST----- diff --git a/tests/certs/Server-localhost-sv.der b/tests/certs/Server-localhost-sv.der Binary files differnew file mode 100644 index 000000000..aefd60284 --- /dev/null +++ b/tests/certs/Server-localhost-sv.der diff --git a/tests/certs/Server-localhost-sv.dhp b/tests/certs/Server-localhost-sv.dhp new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/tests/certs/Server-localhost-sv.dhp diff --git a/tests/certs/Server-localhost-sv.key b/tests/certs/Server-localhost-sv.key new file mode 100644 index 000000000..832bbba5c --- /dev/null +++ b/tests/certs/Server-localhost-sv.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXQIBAAKBgQDTb1PtMqFpICJuXGk0PY8UZWHI95kV7KlRQ4d6sEtlxcJ85Erw +xyVCGezshFpioE7e+S2GquWyuffoH13GjQexg1SSqGVdLOY74PMOrrJyBUzdhZAW +vB8DWSN2vuA47iEFN9ABMX0fPPX9eFbNy4a70egHc6aQ+Tt+nYW8PCp4SQIDAQAB +AoGBAMhtVySaAzJxONJfHYdc934BIPHt7BtBbbvQBOSDq+V80wGrM3MNhL8lbldC +m5+0kS+DC+oFpJqI+Xz8BtwJooilPuQO3syo5YZuFRee81M8Z5Ss78TG6FLdjt6Z +hKQHju+Ghxm08pd2cTaYGDzS3LYsvSXz4TnsdWAVATCwKTSFAkEA8HnPcZdAXiLJ +eA2cRAuyEUPjs7B6eR5dLraLrIOtcKs/xJH/W+63hhMjqe9CASuSzVJEr8QxijYN +Cdlq3V3XhwJBAOEVk48TZF+gc87sWsBIy+mn3MdovKbmnYM/rzVXYiu2mBQ+nKhp +mevRc/UJdkaW8H340wRm1qGMYPCeekRdha8CQCuHcSR3o4Amvd9MX2f10gLMDjCd +ll3MQEPPaVMN9tw5M27KmrWybWgImOEO3RzHHWirJqHGWs1Q4WVSBMUTUosCQQDf +sz/6HL3PRHqUltcC79apnEmSbgfAoMa/INYTX4uUAl9XD3tG7d0qP/rM9+By+6R8 +roWahFKgMBJQUlEWDRTFAkAiLYKd8pxw3x3kuk5ItmTiq3JNluMyIA/i3RVW1aVO +U5tX8sw6r4wVcsvXVboS/Trjeev2qkqC06ARV7vb6Wq5 +-----END RSA PRIVATE KEY----- diff --git a/tests/certs/Server-localhost-sv.p12 b/tests/certs/Server-localhost-sv.p12 Binary files differnew file mode 100644 index 000000000..d7b8441a4 --- /dev/null +++ b/tests/certs/Server-localhost-sv.p12 diff --git a/tests/certs/Server-localhost-sv.pem b/tests/certs/Server-localhost-sv.pem new file mode 100644 index 000000000..13eeb3164 --- /dev/null +++ b/tests/certs/Server-localhost-sv.pem @@ -0,0 +1,121 @@ +extensions = x509v3 +[ x509v3 ] +subjectAltName = DNS:localhost +keyUsage = keyEncipherment +extendedKeyUsage = serverAuth +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid +basicConstraints = critical,CA:false +[ req ] +default_bits = 1024 +distinguished_name = req_DN +default_md = sha256 +string_mask = utf8only +[ req_DN ] +countryName = "Country Name is Northern Nowhere" +countryName_value = NN +organizationName = "Organization Name" +organizationName_value = Edel Curl Arctic Illudium Research Cloud +commonName = "Common Name" +commonName_value = localhost + +[something] +# The key +# the certficate +# some dhparam +-----BEGIN RSA PRIVATE KEY----- +MIICXQIBAAKBgQDTb1PtMqFpICJuXGk0PY8UZWHI95kV7KlRQ4d6sEtlxcJ85Erw +xyVCGezshFpioE7e+S2GquWyuffoH13GjQexg1SSqGVdLOY74PMOrrJyBUzdhZAW +vB8DWSN2vuA47iEFN9ABMX0fPPX9eFbNy4a70egHc6aQ+Tt+nYW8PCp4SQIDAQAB +AoGBAMhtVySaAzJxONJfHYdc934BIPHt7BtBbbvQBOSDq+V80wGrM3MNhL8lbldC +m5+0kS+DC+oFpJqI+Xz8BtwJooilPuQO3syo5YZuFRee81M8Z5Ss78TG6FLdjt6Z +hKQHju+Ghxm08pd2cTaYGDzS3LYsvSXz4TnsdWAVATCwKTSFAkEA8HnPcZdAXiLJ +eA2cRAuyEUPjs7B6eR5dLraLrIOtcKs/xJH/W+63hhMjqe9CASuSzVJEr8QxijYN +Cdlq3V3XhwJBAOEVk48TZF+gc87sWsBIy+mn3MdovKbmnYM/rzVXYiu2mBQ+nKhp +mevRc/UJdkaW8H340wRm1qGMYPCeekRdha8CQCuHcSR3o4Amvd9MX2f10gLMDjCd +ll3MQEPPaVMN9tw5M27KmrWybWgImOEO3RzHHWirJqHGWs1Q4WVSBMUTUosCQQDf +sz/6HL3PRHqUltcC79apnEmSbgfAoMa/INYTX4uUAl9XD3tG7d0qP/rM9+By+6R8 +roWahFKgMBJQUlEWDRTFAkAiLYKd8pxw3x3kuk5ItmTiq3JNluMyIA/i3RVW1aVO +U5tX8sw6r4wVcsvXVboS/Trjeev2qkqC06ARV7vb6Wq5 +-----END RSA PRIVATE KEY----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 0b:5d:0a:89:a5:41 + Signature Algorithm: sha1WithRSAEncryption + Issuer: + countryName = NN + organizationName = Edel Curl Arctic Illudium Research Cloud + commonName = Nothern Nowhere Trust Anchor + Validity + Not Before: Aug 4 22:07:52 2009 GMT + Not After : Oct 21 22:07:52 2017 GMT + Subject: + countryName = NN + organizationName = Edel Curl Arctic Illudium Research Cloud + commonName = localhost + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (1024 bit) + Modulus: + 00:d3:6f:53:ed:32:a1:69:20:22:6e:5c:69:34:3d: + 8f:14:65:61:c8:f7:99:15:ec:a9:51:43:87:7a:b0: + 4b:65:c5:c2:7c:e4:4a:f0:c7:25:42:19:ec:ec:84: + 5a:62:a0:4e:de:f9:2d:86:aa:e5:b2:b9:f7:e8:1f: + 5d:c6:8d:07:b1:83:54:92:a8:65:5d:2c:e6:3b:e0: + f3:0e:ae:b2:72:05:4c:dd:85:90:16:bc:1f:03:59: + 23:76:be:e0:38:ee:21:05:37:d0:01:31:7d:1f:3c: + f5:fd:78:56:cd:cb:86:bb:d1:e8:07:73:a6:90:f9: + 3b:7e:9d:85:bc:3c:2a:78:49 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Alternative Name: + DNS:localhost + X509v3 Key Usage: + Key Encipherment + X509v3 Extended Key Usage: + TLS Web Server Authentication + X509v3 Subject Key Identifier: + 53:59:CB:8D:67:CD:E7:63:E2:E5:DD:F0:F8:E1:82:ED:A8:10:38:A3 + X509v3 Authority Key Identifier: + keyid:12:6B:24:D2:4A:68:B7:A1:B0:1C:CD:BF:D6:4C:CC:40:5B:7F:E0:40 + + X509v3 Basic Constraints: critical + CA:FALSE + Signature Algorithm: sha1WithRSAEncryption + 06:3f:b8:df:8e:20:9d:cd:cd:bc:a9:88:eb:2d:f8:e6:f0:15: + fa:14:9c:5f:55:bc:8f:68:40:aa:d2:51:03:ab:09:ee:ee:a6: + d7:8f:32:9a:75:0b:41:35:71:bf:d9:35:03:dd:fd:e5:7d:45: + db:e5:9a:16:14:14:c7:98:a5:c5:b9:4d:81:3a:0c:f9:e0:97: + 71:d0:f3:a0:5d:84:ba:83:a8:d8:a0:98:bf:12:48:42:f0:1b: + 8a:58:80:16:62:69:bb:96:5a:ce:ac:02:fa:cb:cd:20:30:d0: + fb:23:3a:d3:7b:75:03:c8:c1:20:9e:24:90:d2:61:00:85:63: + e2:f9:a7:52:50:e2:0d:3b:61:f9:b1:d5:5f:64:dd:cb:38:7b: + 05:8d:b7:f9:08:8e:bf:d3:02:13:e7:34:fa:3d:bb:af:d7:aa: + de:79:28:f4:ae:87:f5:49:85:42:c7:af:8b:a0:94:ed:21:de: + 36:e6:38:a3:0f:75:cf:68:10:48:1d:7d:9b:a2:88:86:bd:b5: + fe:95:4a:c8:fe:77:6b:0a:47:79:ab:d6:35:ea:53:4f:8f:3a: + ba:e1:4c:00:57:b8:99:f9:21:5d:d2:ad:d9:c7:fa:bf:71:73: + 49:5d:0b:2c:fd:02:37:94:3c:3e:d7:ef:72:c5:e3:f3:14:9f: + 58:27:2a:aa +-----BEGIN CERTIFICATE----- +MIIDQTCCAimgAwIBAgIGC10KiaVBMA0GCSqGSIb3DQEBBQUAMGcxCzAJBgNVBAYT +Ak5OMTEwLwYDVQQKDChFZGVsIEN1cmwgQXJjdGljIElsbHVkaXVtIFJlc2VhcmNo +IENsb3VkMSUwIwYDVQQDDBxOb3RoZXJuIE5vd2hlcmUgVHJ1c3QgQW5jaG9yMB4X +DTA5MDgwNDIyMDc1MloXDTE3MTAyMTIyMDc1MlowVDELMAkGA1UEBhMCTk4xMTAv +BgNVBAoMKEVkZWwgQ3VybCBBcmN0aWMgSWxsdWRpdW0gUmVzZWFyY2ggQ2xvdWQx +EjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA +029T7TKhaSAiblxpND2PFGVhyPeZFeypUUOHerBLZcXCfORK8MclQhns7IRaYqBO +3vkthqrlsrn36B9dxo0HsYNUkqhlXSzmO+DzDq6ycgVM3YWQFrwfA1kjdr7gOO4h +BTfQATF9Hzz1/XhWzcuGu9HoB3OmkPk7fp2FvDwqeEkCAwEAAaOBiTCBhjAUBgNV +HREEDTALgglsb2NhbGhvc3QwCwYDVR0PBAQDAgUgMBMGA1UdJQQMMAoGCCsGAQUF +BwMBMB0GA1UdDgQWBBRTWcuNZ83nY+Ll3fD44YLtqBA4ozAfBgNVHSMEGDAWgBQS +ayTSSmi3obAczb/WTMxAW3/gQDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBBQUA +A4IBAQAGP7jfjiCdzc28qYjrLfjm8BX6FJxfVbyPaECq0lEDqwnu7qbXjzKadQtB +NXG/2TUD3f3lfUXb5ZoWFBTHmKXFuU2BOgz54Jdx0POgXYS6g6jYoJi/EkhC8BuK +WIAWYmm7llrOrAL6y80gMND7IzrTe3UDyMEgniSQ0mEAhWPi+adSUOINO2H5sdVf +ZN3LOHsFjbf5CI6/0wIT5zT6Pbuv16reeSj0rof1SYVCx6+LoJTtId425jijD3XP +aBBIHX2booiGvbX+lUrI/ndrCkd5q9Y16lNPjzq64UwAV7iZ+SFd0q3Zx/q/cXNJ +XQss/QI3lDw+1+9yxePzFJ9YJyqq +-----END CERTIFICATE----- diff --git a/tests/certs/Server-localhost-sv.prm b/tests/certs/Server-localhost-sv.prm new file mode 100644 index 000000000..6351025dd --- /dev/null +++ b/tests/certs/Server-localhost-sv.prm @@ -0,0 +1,25 @@ +extensions = x509v3 +[ x509v3 ] +subjectAltName = DNS:localhost +keyUsage = keyEncipherment +extendedKeyUsage = serverAuth +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid +basicConstraints = critical,CA:false +[ req ] +default_bits = 1024 +distinguished_name = req_DN +default_md = sha256 +string_mask = utf8only +[ req_DN ] +countryName = "Country Name is Northern Nowhere" +countryName_value = NN +organizationName = "Organization Name" +organizationName_value = Edel Curl Arctic Illudium Research Cloud +commonName = "Common Name" +commonName_value = localhost + +[something] +# The key +# the certficate +# some dhparam diff --git a/tests/certs/Server-localhost.nn-sv.crt b/tests/certs/Server-localhost.nn-sv.crt new file mode 100644 index 000000000..e64fddc78 --- /dev/null +++ b/tests/certs/Server-localhost.nn-sv.crt @@ -0,0 +1,81 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 0b:5d:0b:23:cb:9d + Signature Algorithm: sha1WithRSAEncryption + Issuer: + countryName = NN + organizationName = Edel Curl Arctic Illudium Research Cloud + commonName = Nothern Nowhere Trust Anchor + Validity + Not Before: Aug 4 22:24:45 2009 GMT + Not After : Oct 21 22:24:45 2017 GMT + Subject: + countryName = NN + organizationName = Edel Curl Arctic Illudium Research Cloud + commonName = localhost.nn + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (1024 bit) + Modulus: + 00:c9:dc:c2:58:a5:8b:69:e1:d0:00:c5:e9:57:b7: + 47:80:8d:4b:d5:d5:43:71:0c:cc:e4:f1:01:72:71: + 11:48:8f:f5:25:ec:33:cb:9e:f2:78:17:90:5c:f2: + af:ec:9f:34:9c:05:ba:f3:1e:01:48:f0:c7:3e:46: + 9b:93:97:a8:af:c6:71:c6:c2:06:77:1a:e1:91:a2: + da:87:0e:f4:30:4d:4f:54:39:8b:e6:2f:ec:5c:91: + 89:66:4e:00:87:57:f1:2a:57:28:84:5c:63:a5:7e: + d8:7e:ff:82:52:c9:d4:a4:8a:b2:6e:34:e7:b2:67: + 2e:5b:0e:6a:a0:58:f4:1c:0d + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Alternative Name: + DNS:localhost.nn + X509v3 Key Usage: + Key Encipherment + X509v3 Extended Key Usage: + TLS Web Server Authentication + X509v3 Subject Key Identifier: + 68:20:D3:B2:EC:E8:1A:2A:3E:28:64:28:28:8F:A0:A1:20:9E:DC:D3 + X509v3 Authority Key Identifier: + keyid:12:6B:24:D2:4A:68:B7:A1:B0:1C:CD:BF:D6:4C:CC:40:5B:7F:E0:40 + + X509v3 Basic Constraints: critical + CA:FALSE + Signature Algorithm: sha1WithRSAEncryption + 5f:72:3f:e0:5c:44:b1:3b:c2:d6:10:fe:0a:bc:82:d5:60:c5: + 71:91:ef:86:2c:b3:71:5d:93:5a:b9:cb:f6:bf:c4:24:33:cc: + d7:24:2e:08:40:b9:1a:4d:cd:7b:12:c2:1e:16:d0:10:fb:72: + 42:d4:95:21:38:31:a6:73:5c:4d:b3:db:58:0c:0e:3f:a8:f9: + c0:14:a1:a9:ee:20:7e:3f:7a:30:ab:24:0e:ca:36:19:b0:dd: + 01:ce:aa:67:69:4a:8d:e3:5d:20:34:74:d6:7f:14:06:96:58: + 5e:68:78:6e:00:02:1d:3e:56:eb:5f:2c:35:02:10:05:9d:0b: + de:66:bb:ac:26:bd:eb:aa:d1:1d:b6:fe:b5:65:15:f8:06:b6: + 1c:17:cd:bf:f2:28:6c:b0:f4:73:0d:e4:6e:59:1d:a8:54:36: + be:68:c2:c1:15:87:c4:20:08:5f:68:93:13:8a:c6:50:f2:1a: + 9d:91:b4:71:93:e8:c3:c6:c1:f0:89:0f:ea:a0:f3:03:b3:e4: + d8:c1:27:ee:f9:41:93:7a:f6:25:2d:07:6f:3f:76:16:02:71: + 61:70:de:7a:20:6f:dd:ab:35:a2:03:8a:a5:d4:dc:89:47:0f: + cc:7c:88:e1:22:ff:6a:e5:83:2e:7a:b4:75:b7:e1:d4:e5:d6: + 75:8b:bd:5c +-----BEGIN CERTIFICATE----- +MIIDRzCCAi+gAwIBAgIGC10LI8udMA0GCSqGSIb3DQEBBQUAMGcxCzAJBgNVBAYT +Ak5OMTEwLwYDVQQKDChFZGVsIEN1cmwgQXJjdGljIElsbHVkaXVtIFJlc2VhcmNo +IENsb3VkMSUwIwYDVQQDDBxOb3RoZXJuIE5vd2hlcmUgVHJ1c3QgQW5jaG9yMB4X +DTA5MDgwNDIyMjQ0NVoXDTE3MTAyMTIyMjQ0NVowVzELMAkGA1UEBhMCTk4xMTAv +BgNVBAoMKEVkZWwgQ3VybCBBcmN0aWMgSWxsdWRpdW0gUmVzZWFyY2ggQ2xvdWQx +FTATBgNVBAMMDGxvY2FsaG9zdC5ubjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC +gYEAydzCWKWLaeHQAMXpV7dHgI1L1dVDcQzM5PEBcnERSI/1Jewzy57yeBeQXPKv +7J80nAW68x4BSPDHPkabk5eor8ZxxsIGdxrhkaLahw70ME1PVDmL5i/sXJGJZk4A +h1fxKlcohFxjpX7Yfv+CUsnUpIqybjTnsmcuWw5qoFj0HA0CAwEAAaOBjDCBiTAX +BgNVHREEEDAOggxsb2NhbGhvc3Qubm4wCwYDVR0PBAQDAgUgMBMGA1UdJQQMMAoG +CCsGAQUFBwMBMB0GA1UdDgQWBBRoINOy7OgaKj4oZCgoj6ChIJ7c0zAfBgNVHSME +GDAWgBQSayTSSmi3obAczb/WTMxAW3/gQDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3 +DQEBBQUAA4IBAQBfcj/gXESxO8LWEP4KvILVYMVxke+GLLNxXZNaucv2v8QkM8zX +JC4IQLkaTc17EsIeFtAQ+3JC1JUhODGmc1xNs9tYDA4/qPnAFKGp7iB+P3owqyQO +yjYZsN0BzqpnaUqN410gNHTWfxQGllheaHhuAAIdPlbrXyw1AhAFnQveZrusJr3r +qtEdtv61ZRX4BrYcF82/8ihssPRzDeRuWR2oVDa+aMLBFYfEIAhfaJMTisZQ8hqd +kbRxk+jDxsHwiQ/qoPMDs+TYwSfu+UGTevYlLQdvP3YWAnFhcN56IG/dqzWiA4ql +1NyJRw/MfIjhIv9q5YMuerR1t+HU5dZ1i71c +-----END CERTIFICATE----- diff --git a/tests/certs/Server-localhost.nn-sv.csr b/tests/certs/Server-localhost.nn-sv.csr new file mode 100644 index 000000000..4084d6979 --- /dev/null +++ b/tests/certs/Server-localhost.nn-sv.csr @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBlzCCAQACAQAwVzELMAkGA1UEBhMCTk4xMTAvBgNVBAoMKEVkZWwgQ3VybCBB +cmN0aWMgSWxsdWRpdW0gUmVzZWFyY2ggQ2xvdWQxFTATBgNVBAMMDGxvY2FsaG9z +dC5ubjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAydzCWKWLaeHQAMXpV7dH +gI1L1dVDcQzM5PEBcnERSI/1Jewzy57yeBeQXPKv7J80nAW68x4BSPDHPkabk5eo +r8ZxxsIGdxrhkaLahw70ME1PVDmL5i/sXJGJZk4Ah1fxKlcohFxjpX7Yfv+CUsnU +pIqybjTnsmcuWw5qoFj0HA0CAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4GBAJTKRcBm +GzP0ySB4Oi8nedAruEXou/74ihSeIaydMyMLvqiAiSRhA16CIweRhMqDKqaSHT5B +aisl0FSMKFODu6TrZQL+1DYTrXOKQ1e8JjSOCbR4c+p/QsiznfabEQNgtzsiDxTy +Tc4vgvzEKxQ1AxP7G4iW+sVLc0EaA6fA6l/L +-----END CERTIFICATE REQUEST----- diff --git a/tests/certs/Server-localhost.nn-sv.der b/tests/certs/Server-localhost.nn-sv.der Binary files differnew file mode 100644 index 000000000..cfeb41259 --- /dev/null +++ b/tests/certs/Server-localhost.nn-sv.der diff --git a/tests/certs/Server-localhost.nn-sv.dhp b/tests/certs/Server-localhost.nn-sv.dhp new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/tests/certs/Server-localhost.nn-sv.dhp diff --git a/tests/certs/Server-localhost.nn-sv.key b/tests/certs/Server-localhost.nn-sv.key new file mode 100644 index 000000000..ce0a00789 --- /dev/null +++ b/tests/certs/Server-localhost.nn-sv.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXAIBAAKBgQDJ3MJYpYtp4dAAxelXt0eAjUvV1UNxDMzk8QFycRFIj/Ul7DPL +nvJ4F5Bc8q/snzScBbrzHgFI8Mc+RpuTl6ivxnHGwgZ3GuGRotqHDvQwTU9UOYvm +L+xckYlmTgCHV/EqVyiEXGOlfth+/4JSydSkirJuNOeyZy5bDmqgWPQcDQIDAQAB +AoGAFJ8Xv4SR3Gw0GpAdSVew10IX+C1EKX1cRRsVwcIpONdz/L7Hf8qqDHijx8sH +C84ryrCPK5zqFrB6OjNuW0KH+dZ5PRkr6DZwLAIgf+zjTb+qd8aDYlzsnvajTxxY +RdPbsR94Oort1Gp0BZ9SOi2mUvRZqXsCMQmFxAXQgQ3jqgUCQQDsnRfGoESAIs+3 +W4jl67nD6K+pAcleLQ+yeNYwldRnH0CRWkt9wyjQFSKufz93pD+3NVC446cPlJap +1beijhHDAkEA2mbEYRxYrQIJ1UyEb375k+hxNl6QlzTO8gUjuZBlAff/maC4FGmt +9cDfThLPan0m0T9Ucb4RZQeQe4EH0qDt7wJASWncbKZhWphydmOSMDRZaO2TQw7o +2a2Fh0xyuJRkWLKbp/2qGpUo3pcQMbANkyOFGWUTbKpFtVHXBU7oMSl/XQJANuqG +UKDPD1mm3VJrLpnv6agV54TpuIuXybVPIVbUfyU7yQZnowJbsqK3w6rpKq6jdxQE +iMExIIVBaDyumeDLUwJBAMapDN9JlFNq2AW0ifjrXJLaoR2jhF98cUFpjM/AJrAX +WIbIGxlsCe9HKtvbKFMLuaSZrU87TnR3K0w3zOSbHXk= +-----END RSA PRIVATE KEY----- diff --git a/tests/certs/Server-localhost.nn-sv.pem b/tests/certs/Server-localhost.nn-sv.pem new file mode 100644 index 000000000..f08547c0d --- /dev/null +++ b/tests/certs/Server-localhost.nn-sv.pem @@ -0,0 +1,121 @@ +extensions = x509v3 +[ x509v3 ] +subjectAltName = DNS:localhost.nn +keyUsage = keyEncipherment +extendedKeyUsage = serverAuth +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid +basicConstraints = critical,CA:false +[ req ] +default_bits = 1024 +distinguished_name = req_DN +default_md = sha256 +string_mask = utf8only +[ req_DN ] +countryName = "Country Name is Northern Nowhere" +countryName_value = NN +organizationName = "Organization Name" +organizationName_value = Edel Curl Arctic Illudium Research Cloud +commonName = "Common Name" +commonName_value = localhost.nn + +[something] +# The key +# the certficate +# some dhparam +-----BEGIN RSA PRIVATE KEY----- +MIICXAIBAAKBgQDJ3MJYpYtp4dAAxelXt0eAjUvV1UNxDMzk8QFycRFIj/Ul7DPL +nvJ4F5Bc8q/snzScBbrzHgFI8Mc+RpuTl6ivxnHGwgZ3GuGRotqHDvQwTU9UOYvm +L+xckYlmTgCHV/EqVyiEXGOlfth+/4JSydSkirJuNOeyZy5bDmqgWPQcDQIDAQAB +AoGAFJ8Xv4SR3Gw0GpAdSVew10IX+C1EKX1cRRsVwcIpONdz/L7Hf8qqDHijx8sH +C84ryrCPK5zqFrB6OjNuW0KH+dZ5PRkr6DZwLAIgf+zjTb+qd8aDYlzsnvajTxxY +RdPbsR94Oort1Gp0BZ9SOi2mUvRZqXsCMQmFxAXQgQ3jqgUCQQDsnRfGoESAIs+3 +W4jl67nD6K+pAcleLQ+yeNYwldRnH0CRWkt9wyjQFSKufz93pD+3NVC446cPlJap +1beijhHDAkEA2mbEYRxYrQIJ1UyEb375k+hxNl6QlzTO8gUjuZBlAff/maC4FGmt +9cDfThLPan0m0T9Ucb4RZQeQe4EH0qDt7wJASWncbKZhWphydmOSMDRZaO2TQw7o +2a2Fh0xyuJRkWLKbp/2qGpUo3pcQMbANkyOFGWUTbKpFtVHXBU7oMSl/XQJANuqG +UKDPD1mm3VJrLpnv6agV54TpuIuXybVPIVbUfyU7yQZnowJbsqK3w6rpKq6jdxQE +iMExIIVBaDyumeDLUwJBAMapDN9JlFNq2AW0ifjrXJLaoR2jhF98cUFpjM/AJrAX +WIbIGxlsCe9HKtvbKFMLuaSZrU87TnR3K0w3zOSbHXk= +-----END RSA PRIVATE KEY----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 0b:5d:0b:23:cb:9d + Signature Algorithm: sha1WithRSAEncryption + Issuer: + countryName = NN + organizationName = Edel Curl Arctic Illudium Research Cloud + commonName = Nothern Nowhere Trust Anchor + Validity + Not Before: Aug 4 22:24:45 2009 GMT + Not After : Oct 21 22:24:45 2017 GMT + Subject: + countryName = NN + organizationName = Edel Curl Arctic Illudium Research Cloud + commonName = localhost.nn + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (1024 bit) + Modulus: + 00:c9:dc:c2:58:a5:8b:69:e1:d0:00:c5:e9:57:b7: + 47:80:8d:4b:d5:d5:43:71:0c:cc:e4:f1:01:72:71: + 11:48:8f:f5:25:ec:33:cb:9e:f2:78:17:90:5c:f2: + af:ec:9f:34:9c:05:ba:f3:1e:01:48:f0:c7:3e:46: + 9b:93:97:a8:af:c6:71:c6:c2:06:77:1a:e1:91:a2: + da:87:0e:f4:30:4d:4f:54:39:8b:e6:2f:ec:5c:91: + 89:66:4e:00:87:57:f1:2a:57:28:84:5c:63:a5:7e: + d8:7e:ff:82:52:c9:d4:a4:8a:b2:6e:34:e7:b2:67: + 2e:5b:0e:6a:a0:58:f4:1c:0d + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Alternative Name: + DNS:localhost.nn + X509v3 Key Usage: + Key Encipherment + X509v3 Extended Key Usage: + TLS Web Server Authentication + X509v3 Subject Key Identifier: + 68:20:D3:B2:EC:E8:1A:2A:3E:28:64:28:28:8F:A0:A1:20:9E:DC:D3 + X509v3 Authority Key Identifier: + keyid:12:6B:24:D2:4A:68:B7:A1:B0:1C:CD:BF:D6:4C:CC:40:5B:7F:E0:40 + + X509v3 Basic Constraints: critical + CA:FALSE + Signature Algorithm: sha1WithRSAEncryption + 5f:72:3f:e0:5c:44:b1:3b:c2:d6:10:fe:0a:bc:82:d5:60:c5: + 71:91:ef:86:2c:b3:71:5d:93:5a:b9:cb:f6:bf:c4:24:33:cc: + d7:24:2e:08:40:b9:1a:4d:cd:7b:12:c2:1e:16:d0:10:fb:72: + 42:d4:95:21:38:31:a6:73:5c:4d:b3:db:58:0c:0e:3f:a8:f9: + c0:14:a1:a9:ee:20:7e:3f:7a:30:ab:24:0e:ca:36:19:b0:dd: + 01:ce:aa:67:69:4a:8d:e3:5d:20:34:74:d6:7f:14:06:96:58: + 5e:68:78:6e:00:02:1d:3e:56:eb:5f:2c:35:02:10:05:9d:0b: + de:66:bb:ac:26:bd:eb:aa:d1:1d:b6:fe:b5:65:15:f8:06:b6: + 1c:17:cd:bf:f2:28:6c:b0:f4:73:0d:e4:6e:59:1d:a8:54:36: + be:68:c2:c1:15:87:c4:20:08:5f:68:93:13:8a:c6:50:f2:1a: + 9d:91:b4:71:93:e8:c3:c6:c1:f0:89:0f:ea:a0:f3:03:b3:e4: + d8:c1:27:ee:f9:41:93:7a:f6:25:2d:07:6f:3f:76:16:02:71: + 61:70:de:7a:20:6f:dd:ab:35:a2:03:8a:a5:d4:dc:89:47:0f: + cc:7c:88:e1:22:ff:6a:e5:83:2e:7a:b4:75:b7:e1:d4:e5:d6: + 75:8b:bd:5c +-----BEGIN CERTIFICATE----- +MIIDRzCCAi+gAwIBAgIGC10LI8udMA0GCSqGSIb3DQEBBQUAMGcxCzAJBgNVBAYT +Ak5OMTEwLwYDVQQKDChFZGVsIEN1cmwgQXJjdGljIElsbHVkaXVtIFJlc2VhcmNo +IENsb3VkMSUwIwYDVQQDDBxOb3RoZXJuIE5vd2hlcmUgVHJ1c3QgQW5jaG9yMB4X +DTA5MDgwNDIyMjQ0NVoXDTE3MTAyMTIyMjQ0NVowVzELMAkGA1UEBhMCTk4xMTAv +BgNVBAoMKEVkZWwgQ3VybCBBcmN0aWMgSWxsdWRpdW0gUmVzZWFyY2ggQ2xvdWQx +FTATBgNVBAMMDGxvY2FsaG9zdC5ubjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC +gYEAydzCWKWLaeHQAMXpV7dHgI1L1dVDcQzM5PEBcnERSI/1Jewzy57yeBeQXPKv +7J80nAW68x4BSPDHPkabk5eor8ZxxsIGdxrhkaLahw70ME1PVDmL5i/sXJGJZk4A +h1fxKlcohFxjpX7Yfv+CUsnUpIqybjTnsmcuWw5qoFj0HA0CAwEAAaOBjDCBiTAX +BgNVHREEEDAOggxsb2NhbGhvc3Qubm4wCwYDVR0PBAQDAgUgMBMGA1UdJQQMMAoG +CCsGAQUFBwMBMB0GA1UdDgQWBBRoINOy7OgaKj4oZCgoj6ChIJ7c0zAfBgNVHSME +GDAWgBQSayTSSmi3obAczb/WTMxAW3/gQDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3 +DQEBBQUAA4IBAQBfcj/gXESxO8LWEP4KvILVYMVxke+GLLNxXZNaucv2v8QkM8zX +JC4IQLkaTc17EsIeFtAQ+3JC1JUhODGmc1xNs9tYDA4/qPnAFKGp7iB+P3owqyQO +yjYZsN0BzqpnaUqN410gNHTWfxQGllheaHhuAAIdPlbrXyw1AhAFnQveZrusJr3r +qtEdtv61ZRX4BrYcF82/8ihssPRzDeRuWR2oVDa+aMLBFYfEIAhfaJMTisZQ8hqd +kbRxk+jDxsHwiQ/qoPMDs+TYwSfu+UGTevYlLQdvP3YWAnFhcN56IG/dqzWiA4ql +1NyJRw/MfIjhIv9q5YMuerR1t+HU5dZ1i71c +-----END CERTIFICATE----- diff --git a/tests/certs/Server-localhost.nn-sv.prm b/tests/certs/Server-localhost.nn-sv.prm new file mode 100644 index 000000000..e515ea15b --- /dev/null +++ b/tests/certs/Server-localhost.nn-sv.prm @@ -0,0 +1,25 @@ +extensions = x509v3 +[ x509v3 ] +subjectAltName = DNS:localhost.nn +keyUsage = keyEncipherment +extendedKeyUsage = serverAuth +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid +basicConstraints = critical,CA:false +[ req ] +default_bits = 1024 +distinguished_name = req_DN +default_md = sha256 +string_mask = utf8only +[ req_DN ] +countryName = "Country Name is Northern Nowhere" +countryName_value = NN +organizationName = "Organization Name" +organizationName_value = Edel Curl Arctic Illudium Research Cloud +commonName = "Common Name" +commonName_value = localhost.nn + +[something] +# The key +# the certficate +# some dhparam diff --git a/tests/certs/Server-localhost0h-sv.crt b/tests/certs/Server-localhost0h-sv.crt new file mode 100644 index 000000000..20759e735 --- /dev/null +++ b/tests/certs/Server-localhost0h-sv.crt @@ -0,0 +1,81 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 0b:5d:0a:87:0d:09 + Signature Algorithm: sha1WithRSAEncryption + Issuer: + countryName = NN + organizationName = Edel Curl Arctic Illudium Research Cloud + commonName = Nothern Nowhere Trust Anchor + Validity + Not Before: Aug 4 22:07:33 2009 GMT + Not After : Oct 21 22:07:33 2017 GMT + Subject: + countryName = NN + organizationName = Edel Curl Arctic Illudium Research Cloud + commonName = localhost + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (1024 bit) + Modulus: + 00:be:67:3b:b4:ea:c0:85:b4:c3:56:c1:a4:96:23: + 36:f5:c6:77:aa:ad:e5:c1:dd:ce:c1:9a:97:07:dd: + 16:90:eb:f0:38:b5:95:6b:a6:0f:b9:73:4e:7d:82: + 57:ab:5f:b5:ba:5c:a0:48:8c:82:77:fd:67:d8:53: + 44:61:86:a5:06:19:bf:73:51:68:2e:1a:0a:c5:05: + 39:ca:3d:ca:83:ed:07:fe:ae:b7:73:1d:60:dd:ab: + 9e:0e:7e:02:f3:68:42:93:27:c8:5f:c5:fa:cb:a9: + 84:06:2f:f3:66:bd:de:7d:29:82:57:47:e4:a9:df: + bf:8b:bc:c0:46:33:5a:7b:87 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Alternative Name: + DNS:localhost + X509v3 Key Usage: + Key Encipherment + X509v3 Extended Key Usage: + TLS Web Server Authentication + X509v3 Subject Key Identifier: + 0C:37:A3:DB:0F:73:B3:38:8A:69:D3:6E:B3:A7:D6:D8:77:4E:DA:67 + X509v3 Authority Key Identifier: + keyid:12:6B:24:D2:4A:68:B7:A1:B0:1C:CD:BF:D6:4C:CC:40:5B:7F:E0:40 + + X509v3 Basic Constraints: critical + CA:FALSE + Signature Algorithm: sha1WithRSAEncryption + 88:a0:17:77:77:bf:c1:8a:18:4e:a3:94:6e:45:18:31:fa:2f: + 7b:1f:ee:95:20:d1:cd:40:df:ee:f0:45:2e:e9:e6:cf:c8:77: + bd:85:16:d7:9f:18:52:78:3f:ea:9c:86:62:6e:db:90:b0:cd: + f1:c1:6f:2d:87:4a:a0:be:b3:dc:6d:e4:6b:d1:da:b9:10:25: + 7e:35:1f:1b:aa:a7:09:2f:84:77:27:b0:48:a8:6d:54:57:38: + 35:22:34:03:0f:d4:5d:ab:1c:72:15:b1:d9:89:56:10:12:fb: + 7d:0d:18:12:a9:0a:38:dc:93:cf:69:ff:75:86:9e:e3:6b:eb: + 92:6c:55:16:d5:65:8b:d7:9c:5e:4b:82:c8:92:6c:8b:e6:18: + a2:f8:8c:65:aa:b6:eb:23:ed:cb:99:db:fc:8b:8e:1d:7a:39: + c9:f5:7b:7f:58:7b:ed:01:6c:3c:40:ec:e3:a9:5f:c4:3d:cb: + 81:17:03:6d:2d:d7:bd:00:5f:c4:79:f2:fb:ab:c6:0e:a2:01: + 8b:a1:42:73:de:96:29:3e:bf:d7:d9:51:a7:d4:98:07:7f:f0: + f4:cd:00:a1:e1:ac:6c:05:ac:ab:93:1b:b0:5c:2c:13:ad:ff: + 27:dc:80:99:34:66:bd:e3:31:54:d5:b6:3f:ce:d4:08:a3:52: + 28:61:5e:bd +-----BEGIN CERTIFICATE----- +MIIDQzCCAiugAwIBAgIGC10Khw0JMA0GCSqGSIb3DQEBBQUAMGcxCzAJBgNVBAYT +Ak5OMTEwLwYDVQQKDChFZGVsIEN1cmwgQXJjdGljIElsbHVkaXVtIFJlc2VhcmNo +IENsb3VkMSUwIwYDVQQDDBxOb3RoZXJuIE5vd2hlcmUgVHJ1c3QgQW5jaG9yMB4X +DTA5MDgwNDIyMDczM1oXDTE3MTAyMTIyMDczM1owVDELMAkGA1UEBhMCTk4xMTAv +BgNVBAoMKEVkZWwgQ3VybCBBcmN0aWMgSWxsdWRpdW0gUmVzZWFyY2ggQ2xvdWQx +EjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA +vmc7tOrAhbTDVsGkliM29cZ3qq3lwd3OwZqXB90WkOvwOLWVa6YPuXNOfYJXq1+1 +ulygSIyCd/1n2FNEYYalBhm/c1FoLhoKxQU5yj3Kg+0H/q63cx1g3aueDn4C82hC +kyfIX8X6y6mEBi/zZr3efSmCV0fkqd+/i7zARjNae4cCAwEAAaOBizCBiDAWBgNV +HREEDzANggtsb2NhbGhvc3QAaDALBgNVHQ8EBAMCBSAwEwYDVR0lBAwwCgYIKwYB +BQUHAwEwHQYDVR0OBBYEFAw3o9sPc7M4imnTbrOn1th3TtpnMB8GA1UdIwQYMBaA +FBJrJNJKaLehsBzNv9ZMzEBbf+BAMAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQEF +BQADggEBAIigF3d3v8GKGE6jlG5FGDH6L3sf7pUg0c1A3+7wRS7p5s/Id72FFtef +GFJ4P+qchmJu25CwzfHBby2HSqC+s9xt5GvR2rkQJX41HxuqpwkvhHcnsEiobVRX +ODUiNAMP1F2rHHIVsdmJVhAS+30NGBKpCjjck89p/3WGnuNr65JsVRbVZYvXnF5L +gsiSbIvmGKL4jGWqtusj7cuZ2/yLjh16Ocn1e39Ye+0BbDxA7OOpX8Q9y4EXA20t +170AX8R58vurxg6iAYuhQnPelik+v9fZUafUmAd/8PTNAKHhrGwFrKuTG7BcLBOt +/yfcgJk0Zr3jMVTVtj/O1AijUihhXr0= +-----END CERTIFICATE----- diff --git a/tests/certs/Server-localhost0h-sv.csr b/tests/certs/Server-localhost0h-sv.csr new file mode 100644 index 000000000..a4fe98fa7 --- /dev/null +++ b/tests/certs/Server-localhost0h-sv.csr @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBkzCB/QIBADBUMQswCQYDVQQGEwJOTjExMC8GA1UECgwoRWRlbCBDdXJsIEFy +Y3RpYyBJbGx1ZGl1bSBSZXNlYXJjaCBDbG91ZDESMBAGA1UEAwwJbG9jYWxob3N0 +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+Zzu06sCFtMNWwaSWIzb1xneq +reXB3c7BmpcH3RaQ6/A4tZVrpg+5c059glerX7W6XKBIjIJ3/WfYU0RhhqUGGb9z +UWguGgrFBTnKPcqD7Qf+rrdzHWDdq54OfgLzaEKTJ8hfxfrLqYQGL/Nmvd59KYJX +R+Sp37+LvMBGM1p7hwIDAQABoAAwDQYJKoZIhvcNAQELBQADgYEAbQKEjIglh6El +8gIh/qRbb5Z89LWPGFRrAIItgG33WVJd61pn4YjO/ugJOtYQYHwxRxUQVjfaGb17 +fTLXzgTu5WJowa7m2DPXgPbw4okUhu5m3Zdum6j5QMu2mfAbTnuS7U4UwLR9C8mV +rKu+oBCYIgWWybVOoqssJAnjj4r/R/c= +-----END CERTIFICATE REQUEST----- diff --git a/tests/certs/Server-localhost0h-sv.der b/tests/certs/Server-localhost0h-sv.der Binary files differnew file mode 100644 index 000000000..b8e6f5955 --- /dev/null +++ b/tests/certs/Server-localhost0h-sv.der diff --git a/tests/certs/Server-localhost0h-sv.dhp b/tests/certs/Server-localhost0h-sv.dhp new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/tests/certs/Server-localhost0h-sv.dhp diff --git a/tests/certs/Server-localhost0h-sv.key b/tests/certs/Server-localhost0h-sv.key new file mode 100644 index 000000000..ca5cd3b39 --- /dev/null +++ b/tests/certs/Server-localhost0h-sv.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXAIBAAKBgQC+Zzu06sCFtMNWwaSWIzb1xneqreXB3c7BmpcH3RaQ6/A4tZVr +pg+5c059glerX7W6XKBIjIJ3/WfYU0RhhqUGGb9zUWguGgrFBTnKPcqD7Qf+rrdz +HWDdq54OfgLzaEKTJ8hfxfrLqYQGL/Nmvd59KYJXR+Sp37+LvMBGM1p7hwIDAQAB +AoGAdpisqvrR4jZ+uaoyD0Zt9FajsQ9SHhg/sX3N9xrx9GDRpzELmhq8jqHQ0QKA +AwHBmwwY1jeXCJAxv5/V5v1MCdamVSQbjkKBmmBrE/J70sZMqxkFbu0h9Bx8p4UB +SWpKgZTF9R3ZKKZoGS6hlzvhJeAy1atApzVz9xVTSwAL/2kCQQDhPMREu8AtfxFI +5BedSk2yIyW0EcO2WW5V5+bmekBgiAFc9iB7ulCuwBK7UQDIvYLfklxWc2CzuP50 +nLo32UNVAkEA2GiFdKJuP+32FfE3jK3CL3vTgZbd0ArbhJdBidHlJYr/EU6etxAr +aYli1dP/qeiehNuhefqWHRlOUPkE6mv7awJAdpRuZB1QbONz7yMeh5Gh3AIDDI05 +s1vb6eBAQODl2axgw1dU/K63YXj/o5xexFB5gUjl0iHGLHhdhnko1NROTQJAMfQu +mjXEbU1ouLftsrOJV5ylvgwtN5DKC1k+76lb08a6Ciyzxl4dJ0dnYSSGp5nivZhV +Ner6K81jnp1c3R//8QJBAKe0fNhTAoOoE/YTeE4K4lpXvow2jMyhdBwyaZtHmcQ2 +z8UpojKrNQ87WISUDRqlIy2ze3RZCgCy0LBnxr66Whg= +-----END RSA PRIVATE KEY----- diff --git a/tests/certs/Server-localhost0h-sv.p12 b/tests/certs/Server-localhost0h-sv.p12 Binary files differnew file mode 100644 index 000000000..82e03c785 --- /dev/null +++ b/tests/certs/Server-localhost0h-sv.p12 diff --git a/tests/certs/Server-localhost0h-sv.pem b/tests/certs/Server-localhost0h-sv.pem new file mode 100644 index 000000000..e74193ccb --- /dev/null +++ b/tests/certs/Server-localhost0h-sv.pem @@ -0,0 +1,122 @@ +extensions = x509v3 +[ x509v3 ] +#subjectAltName = DNS:localhost\0h +subjectAltName = DER:30:0d:82:0b:6c:6f:63:61:6c:68:6f:73:74:00:68 +keyUsage = keyEncipherment +extendedKeyUsage = serverAuth +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid +basicConstraints = critical,CA:false +[ req ] +default_bits = 1024 +distinguished_name = req_DN +default_md = sha256 +string_mask = utf8only +[ req_DN ] +countryName = "Country Name is Northern Nowhere" +countryName_value = NN +organizationName = "Organization Name" +organizationName_value = Edel Curl Arctic Illudium Research Cloud +commonName = "Common Name" +commonName_value = localhost + +[something] +# The key +# the certificate +# some dhparam +-----BEGIN RSA PRIVATE KEY----- +MIICXAIBAAKBgQC+Zzu06sCFtMNWwaSWIzb1xneqreXB3c7BmpcH3RaQ6/A4tZVr +pg+5c059glerX7W6XKBIjIJ3/WfYU0RhhqUGGb9zUWguGgrFBTnKPcqD7Qf+rrdz +HWDdq54OfgLzaEKTJ8hfxfrLqYQGL/Nmvd59KYJXR+Sp37+LvMBGM1p7hwIDAQAB +AoGAdpisqvrR4jZ+uaoyD0Zt9FajsQ9SHhg/sX3N9xrx9GDRpzELmhq8jqHQ0QKA +AwHBmwwY1jeXCJAxv5/V5v1MCdamVSQbjkKBmmBrE/J70sZMqxkFbu0h9Bx8p4UB +SWpKgZTF9R3ZKKZoGS6hlzvhJeAy1atApzVz9xVTSwAL/2kCQQDhPMREu8AtfxFI +5BedSk2yIyW0EcO2WW5V5+bmekBgiAFc9iB7ulCuwBK7UQDIvYLfklxWc2CzuP50 +nLo32UNVAkEA2GiFdKJuP+32FfE3jK3CL3vTgZbd0ArbhJdBidHlJYr/EU6etxAr +aYli1dP/qeiehNuhefqWHRlOUPkE6mv7awJAdpRuZB1QbONz7yMeh5Gh3AIDDI05 +s1vb6eBAQODl2axgw1dU/K63YXj/o5xexFB5gUjl0iHGLHhdhnko1NROTQJAMfQu +mjXEbU1ouLftsrOJV5ylvgwtN5DKC1k+76lb08a6Ciyzxl4dJ0dnYSSGp5nivZhV +Ner6K81jnp1c3R//8QJBAKe0fNhTAoOoE/YTeE4K4lpXvow2jMyhdBwyaZtHmcQ2 +z8UpojKrNQ87WISUDRqlIy2ze3RZCgCy0LBnxr66Whg= +-----END RSA PRIVATE KEY----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 0b:5d:0a:87:0d:09 + Signature Algorithm: sha1WithRSAEncryption + Issuer: + countryName = NN + organizationName = Edel Curl Arctic Illudium Research Cloud + commonName = Nothern Nowhere Trust Anchor + Validity + Not Before: Aug 4 22:07:33 2009 GMT + Not After : Oct 21 22:07:33 2017 GMT + Subject: + countryName = NN + organizationName = Edel Curl Arctic Illudium Research Cloud + commonName = localhost + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (1024 bit) + Modulus: + 00:be:67:3b:b4:ea:c0:85:b4:c3:56:c1:a4:96:23: + 36:f5:c6:77:aa:ad:e5:c1:dd:ce:c1:9a:97:07:dd: + 16:90:eb:f0:38:b5:95:6b:a6:0f:b9:73:4e:7d:82: + 57:ab:5f:b5:ba:5c:a0:48:8c:82:77:fd:67:d8:53: + 44:61:86:a5:06:19:bf:73:51:68:2e:1a:0a:c5:05: + 39:ca:3d:ca:83:ed:07:fe:ae:b7:73:1d:60:dd:ab: + 9e:0e:7e:02:f3:68:42:93:27:c8:5f:c5:fa:cb:a9: + 84:06:2f:f3:66:bd:de:7d:29:82:57:47:e4:a9:df: + bf:8b:bc:c0:46:33:5a:7b:87 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Alternative Name: + DNS:localhost + X509v3 Key Usage: + Key Encipherment + X509v3 Extended Key Usage: + TLS Web Server Authentication + X509v3 Subject Key Identifier: + 0C:37:A3:DB:0F:73:B3:38:8A:69:D3:6E:B3:A7:D6:D8:77:4E:DA:67 + X509v3 Authority Key Identifier: + keyid:12:6B:24:D2:4A:68:B7:A1:B0:1C:CD:BF:D6:4C:CC:40:5B:7F:E0:40 + + X509v3 Basic Constraints: critical + CA:FALSE + Signature Algorithm: sha1WithRSAEncryption + 88:a0:17:77:77:bf:c1:8a:18:4e:a3:94:6e:45:18:31:fa:2f: + 7b:1f:ee:95:20:d1:cd:40:df:ee:f0:45:2e:e9:e6:cf:c8:77: + bd:85:16:d7:9f:18:52:78:3f:ea:9c:86:62:6e:db:90:b0:cd: + f1:c1:6f:2d:87:4a:a0:be:b3:dc:6d:e4:6b:d1:da:b9:10:25: + 7e:35:1f:1b:aa:a7:09:2f:84:77:27:b0:48:a8:6d:54:57:38: + 35:22:34:03:0f:d4:5d:ab:1c:72:15:b1:d9:89:56:10:12:fb: + 7d:0d:18:12:a9:0a:38:dc:93:cf:69:ff:75:86:9e:e3:6b:eb: + 92:6c:55:16:d5:65:8b:d7:9c:5e:4b:82:c8:92:6c:8b:e6:18: + a2:f8:8c:65:aa:b6:eb:23:ed:cb:99:db:fc:8b:8e:1d:7a:39: + c9:f5:7b:7f:58:7b:ed:01:6c:3c:40:ec:e3:a9:5f:c4:3d:cb: + 81:17:03:6d:2d:d7:bd:00:5f:c4:79:f2:fb:ab:c6:0e:a2:01: + 8b:a1:42:73:de:96:29:3e:bf:d7:d9:51:a7:d4:98:07:7f:f0: + f4:cd:00:a1:e1:ac:6c:05:ac:ab:93:1b:b0:5c:2c:13:ad:ff: + 27:dc:80:99:34:66:bd:e3:31:54:d5:b6:3f:ce:d4:08:a3:52: + 28:61:5e:bd +-----BEGIN CERTIFICATE----- +MIIDQzCCAiugAwIBAgIGC10Khw0JMA0GCSqGSIb3DQEBBQUAMGcxCzAJBgNVBAYT +Ak5OMTEwLwYDVQQKDChFZGVsIEN1cmwgQXJjdGljIElsbHVkaXVtIFJlc2VhcmNo +IENsb3VkMSUwIwYDVQQDDBxOb3RoZXJuIE5vd2hlcmUgVHJ1c3QgQW5jaG9yMB4X +DTA5MDgwNDIyMDczM1oXDTE3MTAyMTIyMDczM1owVDELMAkGA1UEBhMCTk4xMTAv +BgNVBAoMKEVkZWwgQ3VybCBBcmN0aWMgSWxsdWRpdW0gUmVzZWFyY2ggQ2xvdWQx +EjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA +vmc7tOrAhbTDVsGkliM29cZ3qq3lwd3OwZqXB90WkOvwOLWVa6YPuXNOfYJXq1+1 +ulygSIyCd/1n2FNEYYalBhm/c1FoLhoKxQU5yj3Kg+0H/q63cx1g3aueDn4C82hC +kyfIX8X6y6mEBi/zZr3efSmCV0fkqd+/i7zARjNae4cCAwEAAaOBizCBiDAWBgNV +HREEDzANggtsb2NhbGhvc3QAaDALBgNVHQ8EBAMCBSAwEwYDVR0lBAwwCgYIKwYB +BQUHAwEwHQYDVR0OBBYEFAw3o9sPc7M4imnTbrOn1th3TtpnMB8GA1UdIwQYMBaA +FBJrJNJKaLehsBzNv9ZMzEBbf+BAMAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQEF +BQADggEBAIigF3d3v8GKGE6jlG5FGDH6L3sf7pUg0c1A3+7wRS7p5s/Id72FFtef +GFJ4P+qchmJu25CwzfHBby2HSqC+s9xt5GvR2rkQJX41HxuqpwkvhHcnsEiobVRX +ODUiNAMP1F2rHHIVsdmJVhAS+30NGBKpCjjck89p/3WGnuNr65JsVRbVZYvXnF5L +gsiSbIvmGKL4jGWqtusj7cuZ2/yLjh16Ocn1e39Ye+0BbDxA7OOpX8Q9y4EXA20t +170AX8R58vurxg6iAYuhQnPelik+v9fZUafUmAd/8PTNAKHhrGwFrKuTG7BcLBOt +/yfcgJk0Zr3jMVTVtj/O1AijUihhXr0= +-----END CERTIFICATE----- diff --git a/tests/certs/Server-localhost0h-sv.prm b/tests/certs/Server-localhost0h-sv.prm new file mode 100644 index 000000000..5e8944b31 --- /dev/null +++ b/tests/certs/Server-localhost0h-sv.prm @@ -0,0 +1,26 @@ +extensions = x509v3 +[ x509v3 ] +#subjectAltName = DNS:localhost\0h +subjectAltName = DER:30:0d:82:0b:6c:6f:63:61:6c:68:6f:73:74:00:68 +keyUsage = keyEncipherment +extendedKeyUsage = serverAuth +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid +basicConstraints = critical,CA:false +[ req ] +default_bits = 1024 +distinguished_name = req_DN +default_md = sha256 +string_mask = utf8only +[ req_DN ] +countryName = "Country Name is Northern Nowhere" +countryName_value = NN +organizationName = "Organization Name" +organizationName_value = Edel Curl Arctic Illudium Research Cloud +commonName = "Common Name" +commonName_value = localhost + +[something] +# The key +# the certificate +# some dhparam diff --git a/tests/certs/scripts/genroot.sh b/tests/certs/scripts/genroot.sh new file mode 100755 index 000000000..85425a8c5 --- /dev/null +++ b/tests/certs/scripts/genroot.sh @@ -0,0 +1,63 @@ +#!/bin/bash + +# (c) CopyRight EdelWeb for EdelKey and OpenEvidence, 2000-2004, 2009 +# Author: Peter Sylvester + +# "libre" for integration with curl + +OPENSSL=openssl +if [ -f /usr/local/ssl/bin/openssl ] ; then +OPENSSL=/usr/local/ssl/bin/openssl +fi + +USAGE="echo Usage is genroot.sh \<name\>" + +HOME=`pwd` +cd $HOME + +KEYSIZE=2048 +DURATION=6000 + +PREFIX=$1 +if [ ".$PREFIX" = . ] ; then + echo No configuration prefix + NOTOK=1 +else + if [ ! -f $PREFIX-ca.prm ] ; then + echo No configuration file $PREFIX-ca.prm + NOTOK=1 + fi +fi + +if [ ".$NOTOK" != . ] ; then + echo "Sorry, I can't do that for you." + $USAGE + exit +fi + +GETSERIAL="\$t = time ;\$d = \$t . substr(\$t+$$ ,-4,4)-1;print \$d" +SERIAL=`/usr/bin/env perl -e "$GETSERIAL"` + +echo SERIAL=$SERIAL PREFIX=$PREFIX DURATION=$DURATION KEYSIZE=$KEYSIZE + +echo "openssl req -config $PREFIX-ca.prm -newkey rsa:$KEYSIZE -keyout $PREFIX-ca.key -out $PREFIX-ca.csr" +$OPENSSL req -config $PREFIX-ca.prm -newkey rsa:$KEYSIZE -keyout $PREFIX-ca.key -out $PREFIX-ca.csr + +echo "openssl x509 -set_serial $SERIAL -extfile $PREFIX-ca.prm -days $DURATION -req -signkey $PREFIX-ca.key -in $PREFIX-ca.csr -out $PREFIX-$SERIAL.ca-cacert -sha1 " + +$OPENSSL x509 -set_serial $SERIAL -extfile $PREFIX-ca.prm -days $DURATION -req -signkey $PREFIX-ca.key -in $PREFIX-ca.csr -out $PREFIX-$SERIAL-ca.cacert -sha1 + +echo "openssl x509 -text -hash -out $PREFIX-ca.cacert -in $PREFIX-$SERIAL-ca.cacert -nameopt multiline" +$OPENSSL x509 -text -hash -out $PREFIX-ca.cacert -in $PREFIX-$SERIAL-ca.cacert -nameopt multiline + +echo "openssl x509 -in $PREFIX-ca.cacert -outform der -out $PREFIX-ca.der " +$OPENSSL x509 -in $PREFIX-ca.cacert -outform der -out $PREFIX-ca.der + +echo "openssl x509 -in $PREFIX-ca.cacert -text -out $PREFIX-ca.crt -nameopt multiline" + +$OPENSSL x509 -in $PREFIX-ca.cacert -text -out $PREFIX-ca.crt -nameopt multiline + +echo "openssl x509 -noout -text -in $PREFIX-ca.cacert -nameopt multiline" +$OPENSSL x509 -noout -text -in $PREFIX-ca.cacert -nameopt multiline + +#$OPENSSL rsa -in ../keys/$PREFIX-ca.key -text -noout -pubout diff --git a/tests/certs/scripts/genserv.sh b/tests/certs/scripts/genserv.sh new file mode 100755 index 000000000..13caf1a6a --- /dev/null +++ b/tests/certs/scripts/genserv.sh @@ -0,0 +1,106 @@ +#!/bin/bash + +# (c) CopyRight EdelWeb for EdelKey and OpenEvidence, 2000-2004, 2009 +# Author: Peter Sylvester + +# "libre" for integration with curl + +OPENSSL=openssl +if [ -f /usr/local/ssl/bin/openssl ] ; then + OPENSSL=/usr/local/ssl/bin/openssl +fi + +USAGE="echo Usage is genserv.sh <prefix> <caprefix>" + +HOME=`pwd` +cd $HOME + +KEYSIZE=1024 +DURATION=3000 + +REQ=YES +P12=NO +DHP=NO + +PREFIX=$1 +if [ ".$PREFIX" = . ] ; then + echo No configuration prefix + NOTOK=1 +else + if [ ! -f $PREFIX-sv.prm ] ; then + echo No configuration file $PREFIX-sv.prm + NOTOK=1 + fi +fi + +CAPREFIX=$2 +if [ ".$CAPREFIX" = . ] ; then + echo No CA prefix + NOTOK=1 +else + if [ ! -f $CAPREFIX-ca.cacert ] ; then + echo No CA certficate file $PREFIX-ca.caert + NOTOK=1 + fi + if [ ! -f $CAPREFIX-ca.key ] ; then + echo No $CAPREFIX key + NOTOK=1 + fi +fi + +if [ ".$NOTOK" != . ] ; then + echo "Sorry, I can't do that for you." + $USAGE + exit +fi + +if [ ".$SERIAL" = . ] ; then + GETSERIAL="\$t = time ;\$d = \$t . substr(\$t+$$ ,-4,4)-1;print \$d" + SERIAL=`/usr/bin/env perl -e "$GETSERIAL"` +fi + +echo SERIAL=$SERIAL PREFIX=$PREFIX CAPREFIX=$CAPREFIX DURATION=$DURATION KEYSIZE=$KEYSIZE + +if [ "$DHP." = YES. ] ; then + echo "openssl dhparam -2 -out $PREFIX-sv.dhp $KEYSIZE" + $OPENSSL dhparam -2 -out $PREFIX-sv.dhp $KEYSIZE +fi + +if [ "$REQ." = YES. ] ; then + echo "openssl req -config $PREFIX-sv.prm -newkey rsa:$KEYSIZE -keyout $PREFIX-sv.key -out $PREFIX-sv.csr -passout XXX" + $OPENSSL req -config $PREFIX-sv.prm -newkey rsa:$KEYSIZE -keyout $PREFIX-sv.key -out $PREFIX-sv.csr -passout pass:secret +fi + +echo "openssl rsa -in $PREFIX-sv.key -out $PREFIX-sv.key" +$OPENSSL rsa -in $PREFIX-sv.key -out $PREFIX-sv.key -passin pass:secret +echo pseudo secrets generated +read + +echo "openssl x509 -set_serial $SERIAL -extfile $PREFIX-sv.prm -days $DURATION -CA $CAPREFIX-ca.cacert -CAkey $CAPREFIX-ca.key -in $PREFIX-sv.csr -req -out $PREFIX-sv.crt -text -nameopt multiline -sha1" + +$OPENSSL x509 -set_serial $SERIAL -extfile $PREFIX-sv.prm -days $DURATION -CA $CAPREFIX-ca.cacert -CAkey $CAPREFIX-ca.key -in $PREFIX-sv.csr -req -out $PREFIX-sv.crt -text -nameopt multiline -sha1 + +if [ "$P12." = YES. ] ; then + + echo "$OPENSSL pkcs12 -export -des3 -out $PREFIX-sv.p12 -caname $CAPREFIX -name $PREFIX -inkey $PREFIX-sv.key -in $PREFIX-sv.crt -certfile $CAPREFIX-ca.crt " + + $OPENSSL pkcs12 -export -des3 -out $PREFIX-sv.p12 -caname $CAPREFIX -name $PREFIX -inkey $PREFIX-sv.key -in $PREFIX-sv.crt -certfile $CAPREFIX-ca.crt + + read +fi + +echo "openssl x509 -noout -text -hash -in $PREFIX-sv.selfcert -nameopt multiline" +$OPENSSL x509 -noout -text -hash -in $PREFIX-sv.crt -nameopt multiline + +echo "openssl x509 -in $PREFIX-sv.crt -outform der -out $PREFIX-sv.der " +$OPENSSL x509 -in $PREFIX-sv.crt -outform der -out $PREFIX-sv.der +read + +# all together now +touch $PREFIX-sv.dhp +cat $PREFIX-sv.prm $PREFIX-sv.key $PREFIX-sv.crt $PREFIX-sv.dhp >$PREFIX-sv.pem +chmod o-r $PREFIX-sv.prm + +echo "$PREFIX-sv.pem done" + + diff --git a/tests/data/test310 b/tests/data/test310 new file mode 100644 index 000000000..005f71310 --- /dev/null +++ b/tests/data/test310 @@ -0,0 +1,52 @@ +<testcase> +<info> +<keywords> +HTTPS +HTTP GET +</keywords> +</info> + +# +# Server-side +<reply> +<data> +HTTP/1.1 200 OK +Date: Thu, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 7 + +MooMoo +</data> +</reply> + +# +# Client-side +<client> +<features> +SSL +</features> +<server> +https Server-localhost-sv.pem +</server> + <name> +simple HTTPS GET + </name> + <command> +--cacert certs/EdelCurlRoot-ca.crt https://localhost:%HTTPSPORT/310 +</command> +</client> + +# +# Verify data after the test has been "shot" +<verify> +<strip> +^User-Agent:.* +</strip> +<protocol> +GET /310 HTTP/1.1
+Host: localhost:%HTTPSPORT
+Accept: */*
+
+</protocol> +</verify> +</testcase> diff --git a/tests/data/test311 b/tests/data/test311 new file mode 100644 index 000000000..cd51fff74 --- /dev/null +++ b/tests/data/test311 @@ -0,0 +1,38 @@ +<testcase> +<info> +<keywords> +HTTPS +HTTP GET +</keywords> +</info> + +# +# Server-side +<reply> +</reply> + +# +# Client-side +<client> +<features> +SSL +</features> +<server> +https Server-localhost0h-sv.pem +</server> + <name> +HTTPS wrong subjectAltName but right CN + </name> + <command> +--cacert certs/EdelCurlRoot-ca.crt https://localhost:%HTTPSPORT/311 +</command> +</client> + +# +# Verify data after the test has been "shot" +<verify> +<errorcode> +51 +</errorcode> +</verify> +</testcase> diff --git a/tests/data/test312 b/tests/data/test312 new file mode 100644 index 000000000..5adb1e352 --- /dev/null +++ b/tests/data/test312 @@ -0,0 +1,38 @@ +<testcase> +<info> +<keywords> +HTTPS +HTTP GET +</keywords> +</info> + +# +# Server-side +<reply> +</reply> + +# +# Client-side +<client> +<features> +SSL +</features> +<server> +https Server-localhost.nn-sv.pem +</server> + <name> +HTTPS GET to localhost and null-prefixed CN cert + </name> + <command> +--cacert certs/EdelCurlRoot-ca.crt https://localhost:%HTTPSPORT/312 +</command> +</client> + +# +# Verify data after the test has been "shot" +<verify> +<errorcode> +51 +</errorcode> +</verify> +</testcase> diff --git a/tests/httpsserver.pl b/tests/httpsserver.pl index fa9fde5db..e20819c69 100644 --- a/tests/httpsserver.pl +++ b/tests/httpsserver.pl @@ -28,6 +28,8 @@ my $srcdir=$path; my $proto='https'; +my $stuncert; + while(@ARGV) { if($ARGV[0] eq "-v") { $verbose=1; @@ -51,6 +53,10 @@ while(@ARGV) { $srcdir=$ARGV[1]; shift @ARGV; } + elsif($ARGV[0] eq "-c") { + $stuncert=$ARGV[1]; + shift @ARGV; + } elsif($ARGV[0] =~ /^(\d+)$/) { $port = $1; } @@ -58,7 +64,9 @@ while(@ARGV) { }; my $conffile="$path/stunnel.conf"; # stunnel configuration data -my $certfile="$srcdir/stunnel.pem"; # stunnel server certificate +my $certfile="$srcdir/" + . ($stuncert?"certs/$stuncert":"stunnel.pem"); # stunnel server certificate + my $pidfile="$path/.$proto.pid"; # stunnel process pid file # find out version info for the given stunnel binary @@ -107,6 +115,19 @@ else { if($verbose) { print uc($proto)." server: $cmd\n"; + + print " + CApath = $path + cert = $certfile + pid = $pidfile + debug = 0 + output = /dev/null + foreground = yes + + [curltest] + accept = $port + connect = $target_port + "; } my $rc = system($cmd); diff --git a/tests/runtests.pl b/tests/runtests.pl index 2b6dda8fa..be20a63ab 100755 --- a/tests/runtests.pl +++ b/tests/runtests.pl @@ -878,7 +878,7 @@ sub runhttpserver { # start the https server (or rather, tunnel) # sub runhttpsserver { - my ($verbose, $ipv6) = @_; + my ($verbose, $ipv6, $parm) = @_; my $STATUS; my $RUNNING; my $ip = $HOSTIP; @@ -906,6 +906,7 @@ sub runhttpsserver { unlink($pidfile); my $flag=$debugprotocol?"-v ":""; + $flag .= " -c $parm" if ($parm); my $cmd="$perl $srcdir/httpsserver.pl $flag -p https -s \"$stunnel\" -d $srcdir -r $HTTPPORT $HTTPSPORT"; my ($httpspid, $pid2) = startnew($cmd, $pidfile, 15, 0); @@ -2541,8 +2542,10 @@ sub startservers { my @what = @_; my ($pid, $pid2); for(@what) { - my $what = lc($_); + my (@whatlist) = split(/\s+/,$_); + my $what = lc($whatlist[0]); $what =~ s/[^a-z0-9-]//g; + if($what eq "ftp") { if(!$run{'ftp'}) { ($pid, $pid2) = runftpserver("", $verbose); @@ -2644,8 +2647,8 @@ sub startservers { printf ("* pid http => %d %d\n", $pid, $pid2) if($verbose); $run{'http'}="$pid $pid2"; } - if(!$run{'https'}) { - ($pid, $pid2) = runhttpsserver($verbose); + if(1 || !$run{'https'}) { # QD to restart always conf file may change + ($pid, $pid2) = runhttpsserver($verbose,"",$whatlist[1]); if($pid <= 0) { return "failed starting HTTPS server (stunnel)"; } @@ -2743,6 +2746,7 @@ sub serverfortest { for (@what) { my $proto = lc($_); chomp $proto; + $proto =~ s/\s.*//g; # take first word if (! grep /^$proto$/, @protocols) { if (substr($proto,0,5) ne "socks") { return "curl lacks $proto support"; |