From 55b78c5ae94852ffb942ff979e6f25aebfeedb16 Mon Sep 17 00:00:00 2001 From: moparisthebest Date: Tue, 30 Jun 2015 20:23:54 -0400 Subject: SSL: Pinned public key hash support --- tests/data/Makefile.inc | 2 +- tests/data/test2041 | 58 +++++++++++++++++++++++++++++++++++++++++++++++++ tests/data/test2042 | 44 +++++++++++++++++++++++++++++++++++++ 3 files changed, 103 insertions(+), 1 deletion(-) create mode 100644 tests/data/test2041 create mode 100644 tests/data/test2042 (limited to 'tests') diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc index 88dafa4f9..51823fe88 100644 --- a/tests/data/Makefile.inc +++ b/tests/data/Makefile.inc @@ -166,4 +166,4 @@ test2008 test2009 test2010 test2011 test2012 test2013 test2014 test2015 \ test2016 test2017 test2018 test2019 test2020 test2021 test2022 test2023 \ test2024 test2025 test2026 test2027 test2028 test2029 test2030 test2031 \ test2032 test2033 test2034 test2035 test2036 test2037 test2038 test2039 \ -test2040 +test2040 test2041 test2042 diff --git a/tests/data/test2041 b/tests/data/test2041 new file mode 100644 index 000000000..bfafc75b3 --- /dev/null +++ b/tests/data/test2041 @@ -0,0 +1,58 @@ + + + +HTTPS +HTTP GET +PEM certificate + + + +# +# Server-side + + +HTTP/1.1 200 OK +Date: Thu, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Length: 7 + +MooMoo + + + +# +# Client-side + + +SSL +SSLpinning + + +https Server-localhost-sv.pem + + +simple HTTPS GET with base64-sha256 public key pinning + + +--cacert %SRCDIR/certs/EdelCurlRoot-ca.crt --pinnedpubkey sha256//pyh+fICi9M8MFEZvherIT0cs3MN+cXNGoU9Giwyx1so= https://localhost:%HTTPSPORT/2041 + +# Ensure that we're running on localhost because we're checking the host name + +perl -e "print 'Test requires default test server host' if ( '%HOSTIP' ne '127.0.0.1' );" + + + +# +# Verify data after the test has been "shot" + + +^User-Agent:.* + + +GET /2041 HTTP/1.1 +Host: localhost:%HTTPSPORT +Accept: */* + + + + diff --git a/tests/data/test2042 b/tests/data/test2042 new file mode 100644 index 000000000..2181e5322 --- /dev/null +++ b/tests/data/test2042 @@ -0,0 +1,44 @@ + + + +HTTPS +HTTP GET +PEM certificate + + + +# +# Server-side + + + +# +# Client-side + + +SSL +SSLpinning + + +https Server-localhost-sv.pem + + +HTTPS wrong base64-sha256 pinnedpubkey but right CN + + +--cacert %SRCDIR/certs/EdelCurlRoot-ca.crt --pinnedpubkey sha256//bSIggTf+ikMG0CtmDlpMVBd7yi7H1md4URogRPqerso= https://localhost:%HTTPSPORT/2042 + +# Ensure that we're running on localhost because we're checking the host name + +perl -e "print 'Test requires default test server host' if ( '%HOSTIP' ne '127.0.0.1' );" + + + +# +# Verify data after the test has been "shot" + + +90 + + + -- cgit v1.2.3