From be1a5051890b7ad9339b0208424b94aa32c64776 Mon Sep 17 00:00:00 2001 From: moparisthebest Date: Mon, 24 Nov 2014 19:30:09 +0100 Subject: SSL: Add PEM format support for public key pinning --- tests/certs/Makefile.am | 8 +++++++- tests/certs/Server-localhost-sv.pub.pem | 6 ++++++ tests/certs/Server-localhost.nn-sv.pub.pem | 6 ++++++ tests/certs/Server-localhost0h-sv.pub.pem | 6 ++++++ tests/certs/scripts/genserv.sh | 3 +++ 5 files changed, 28 insertions(+), 1 deletion(-) create mode 100644 tests/certs/Server-localhost-sv.pub.pem create mode 100644 tests/certs/Server-localhost.nn-sv.pub.pem create mode 100644 tests/certs/Server-localhost0h-sv.pub.pem (limited to 'tests/certs') diff --git a/tests/certs/Makefile.am b/tests/certs/Makefile.am index cd35bdff2..ddb5c9fb1 100644 --- a/tests/certs/Makefile.am +++ b/tests/certs/Makefile.am @@ -40,6 +40,8 @@ CERTFILES = \ Server-localhost-sv.p12 \ Server-localhost-sv.pem \ Server-localhost-sv.prm \ + Server-localhost-sv.pub.der \ + Server-localhost-sv.pub.pem \ Server-localhost.nn-sv.crl \ Server-localhost.nn-sv.crt \ Server-localhost.nn-sv.csr \ @@ -48,6 +50,8 @@ CERTFILES = \ Server-localhost.nn-sv.key \ Server-localhost.nn-sv.pem \ Server-localhost.nn-sv.prm \ + Server-localhost.nn-sv.pub.der \ + Server-localhost.nn-sv.pub.pem \ Server-localhost0h-sv.crl \ Server-localhost0h-sv.crt \ Server-localhost0h-sv.csr \ @@ -56,7 +60,9 @@ CERTFILES = \ Server-localhost0h-sv.key \ Server-localhost0h-sv.p12 \ Server-localhost0h-sv.pem \ - Server-localhost0h-sv.prm + Server-localhost0h-sv.prm \ + Server-localhost0h-sv.pub.der \ + Server-localhost0h-sv.pub.pem SRPFILES = \ srp-verifier-conf \ diff --git a/tests/certs/Server-localhost-sv.pub.pem b/tests/certs/Server-localhost-sv.pub.pem new file mode 100644 index 000000000..2384643d6 --- /dev/null +++ b/tests/certs/Server-localhost-sv.pub.pem @@ -0,0 +1,6 @@ +-----BEGIN PUBLIC KEY----- +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCwJ3kmLLnk0YEKCdJ2/prhBWgB +s3J3lzjkYBxxnZn3JnshtW2qnxR2B2ykKi197vZviljEk97+oSUP/1dJwNmU2Qd5 +v4xt+vEYgmegP9cxA4LsuTlpB+zskxdbGnKRk7JrmGZj/mEp562GDgS6v4tVV2Gl +SvbK58bRuGVCq2dkFwIDAQAB +-----END PUBLIC KEY----- diff --git a/tests/certs/Server-localhost.nn-sv.pub.pem b/tests/certs/Server-localhost.nn-sv.pub.pem new file mode 100644 index 000000000..3131e9539 --- /dev/null +++ b/tests/certs/Server-localhost.nn-sv.pub.pem @@ -0,0 +1,6 @@ +-----BEGIN PUBLIC KEY----- +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDT1E7bY1w/OjpeOAmU5k1wnQ2v +SeaCXQe39c2g369x8c+/1Zq9r3x4XVU/FL27LA5zndaCmtXm9iFdCJKicV+AX1zO +8MI3N3kPTT3U8oBtRzZF0dKLei4ScUtHhvWMma/nDs+1yU16dfeydAxB46u7LJ1v +VAgTWjrvfCf3PwsLcQIDAQAB +-----END PUBLIC KEY----- diff --git a/tests/certs/Server-localhost0h-sv.pub.pem b/tests/certs/Server-localhost0h-sv.pub.pem new file mode 100644 index 000000000..c403ac575 --- /dev/null +++ b/tests/certs/Server-localhost0h-sv.pub.pem @@ -0,0 +1,6 @@ +-----BEGIN PUBLIC KEY----- +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMqZErIuiQK+VM3K5t2kzzMsyl +aGdaO7mGo5WIPuhjw+0AYBkDK11bVoraIV5xXNHj3lEYwRcUsTOQAFya5XMLqIic +0AtUvOo6Od32ZYFLKZlMcdP3aX+A6OhtYUGDh+usLL0P6xv9ojeXbTFWuktR3bEB +64n4Jd5bo+WyP0x3UwIDAQAB +-----END PUBLIC KEY----- diff --git a/tests/certs/scripts/genserv.sh b/tests/certs/scripts/genserv.sh index 463952c57..80876ec51 100755 --- a/tests/certs/scripts/genserv.sh +++ b/tests/certs/scripts/genserv.sh @@ -78,6 +78,9 @@ echo pseudo secrets generated echo "openssl rsa -in $PREFIX-sv.key -pubout -outform DER -out $PREFIX-sv.pub.der" $OPENSSL rsa -in $PREFIX-sv.key -pubout -outform DER -out $PREFIX-sv.pub.der +echo "openssl rsa -in $PREFIX-sv.key -pubout -outform PEM -out $PREFIX-sv.pub.pem" +$OPENSSL rsa -in $PREFIX-sv.key -pubout -outform PEM -out $PREFIX-sv.pub.pem + echo "openssl x509 -set_serial $SERIAL -extfile $PREFIX-sv.prm -days $DURATION -CA $CAPREFIX-ca.cacert -CAkey $CAPREFIX-ca.key -in $PREFIX-sv.csr -req -out $PREFIX-sv.crt -text -nameopt multiline -sha1" $OPENSSL x509 -set_serial $SERIAL -extfile $PREFIX-sv.prm -days $DURATION -CA $CAPREFIX-ca.cacert -CAkey $CAPREFIX-ca.key -in $PREFIX-sv.csr -req -out $PREFIX-sv.crt -text -nameopt multiline -sha1 -- cgit v1.2.3