diff --git a/README.md b/README.md index 3b00aa7..b48f3af 100644 --- a/README.md +++ b/README.md @@ -16,7 +16,7 @@ a simple abstraction around grpc.Server * **server(an optional {})** - **address** string with the format `url:port` - - **creedentials** can use `credentials.createInsecure` or with certificates through an object { key, server } + - **credentials** can use `credentials.createInsecure` or with certificates through an object { key, server }, passed as a Buffer - **metadata** set metadata that can be used in all calls, an array with { key: value } **methods** diff --git a/index.js b/index.js index 3c66c41..e75ef27 100644 --- a/index.js +++ b/index.js @@ -14,8 +14,9 @@ class GrpcServer { constructor (config = {}) { const address = config.address || '0.0.0.0:50051' - const creedentials = setAuthentication(config.creedentials) || - ServerCredentials.createInsecure() + const creedentials = isObject(config.credentials) + ? setAuthentication(config.credentials) + : ServerCredentials.createInsecure() this._server = new Server() this._server.bind(address, creedentials) @@ -68,12 +69,12 @@ module.exports = function factory (config) { function setAuthentication (certs) { - return isObject(certs) && ServerCredentials.createSsl( + return ServerCredentials.createSsl( null, [ { - 'cert_chain': Buffer.from(certs.server), - 'private_key': Buffer.from(certs.key) + 'cert_chain': certs.server, + 'private_key': certs.key } ] ) diff --git a/package.json b/package.json index ad6bbb6..fccf0ba 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "grpc.server", - "version": "2.0.0", + "version": "3.0.0", "description": "a simple abstraction around grpc.Server", "main": "index.js", "files": [ @@ -32,7 +32,7 @@ "devDependencies": { "chai": "^4.0.2", "coveralls": "^2.13.1", - "grpc.client": "^2.0.2", + "grpc.client": "^3.2.1", "mocha": "^3.4.2", "node-forge": "^0.7.1", "nyc": "^11.0.2", @@ -41,7 +41,7 @@ }, "dependencies": { "get-property-value": "^2.0.0", - "grpc": "^1.3.7", + "grpc": "^1.3.8", "is.object": "^1.0.0" }, "nyc": { diff --git a/test/create-certificates.js b/test/create-certificates.js deleted file mode 100644 index b296bd7..0000000 --- a/test/create-certificates.js +++ /dev/null @@ -1,113 +0,0 @@ -'use strict' - -const { pki } = require('node-forge') - -const attrs = [ - { - name: 'commonName', - value: 'example.org' - }, - { - name: 'countryName', - value: 'GB' - }, - { - shortName: 'ST', - value: 'ElDorado' - }, - { - name: 'localityName', - value: 'Benfica' - }, - { - name: 'organizationName', - value: 'Test' - }, - { - shortName: 'OU', - value: 'Test' - } -] - -const exts = [ - { - name: 'basicConstraints', - cA: true - }, - { - name: 'keyUsage', - keyCertSign: true, - digitalSignature: true, - nonRepudiation: true, - keyEncipherment: true, - dataEncipherment: true - }, - { - name: 'extKeyUsage', - serverAuth: true, - clientAuth: true, - codeSigning: true, - emailProtection: true, - timeStamping: true - }, - { - name: 'nsCertType', - client: true, - server: true, - email: true, - objsign: true, - sslCA: true, - emailCA: true, - objCA: true - }, - { - name: 'subjectAltName', - altNames: [ - { - type: 6, // URI - value: 'http://example.org/webid#me' - }, - { - type: 7, // IP - ip: '127.0.0.1' - } - ] - }, - { - name: 'subjectKeyIdentifier' - } -] - -module.exports = createCertificate - -function createCertificate (cb) { - pki.rsa.generateKeyPair({ bits: 1024 }, generateKeyPair) - - function generateKeyPair (err, keyPair) { - if (err) { - return cb(err) - } - - const cert = pki.createCertificate() - - cert.publicKey = keyPair.publicKey - cert.serialNumber = '01' - cert.validity.notBefore = new Date() - cert.validity.notAfter = new Date() - cert.validity.notAfter - .setFullYear(cert.validity.notBefore.getFullYear() + 1) - cert.setSubject(attrs) - cert.setIssuer(attrs) - cert.setExtensions(exts) - - cert.sign(keyPair.privateKey) - - const pem = { - privateKey: pki.privateKeyToPem(keyPair.privateKey), - publicKey: pki.publicKeyToPem(keyPair.publicKey), - certificate: pki.certificateToPem(cert) - } - - cb(null, pem) - } -} diff --git a/test/fixtures/certs/01.pem b/test/fixtures/certs/01.pem new file mode 100644 index 0000000..6ebed1e --- /dev/null +++ b/test/fixtures/certs/01.pem @@ -0,0 +1,81 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 1 (0x1) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=GB, ST=London, L=London, O=?Test PLC, OU=TEST, CN=Test Node Dev Root Cert + Validity + Not Before: Jun 18 14:26:56 2017 GMT + Not After : Jun 18 14:26:56 2018 GMT + Subject: C=GB, ST=London, L=London, O=Test , OU=TEST, CN=localhost + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:a1:31:b4:86:41:f1:a6:1c:99:e9:52:f2:72:4f: + 50:06:82:51:18:e5:0b:a4:97:3e:2d:3e:c6:2a:59: + 18:10:8b:fc:1b:27:58:67:5d:c9:6e:79:fc:70:fc: + 4b:06:8c:17:be:85:20:d6:2c:d2:91:4b:ac:4a:53: + 45:7a:8c:01:7a:08:0e:6b:42:cf:ea:f0:54:95:e1: + ff:f4:83:6a:e7:aa:89:53:6c:ae:c3:45:82:ce:0f: + f1:07:0b:4d:bd:00:b1:d1:96:cb:77:6a:33:e7:68: + e1:62:70:a3:cf:93:ae:bf:f5:12:a3:4d:f2:b9:df: + b1:fc:43:cd:a7:f5:d4:91:3f:b4:74:df:27:f2:7f: + af:ac:11:41:ab:4b:5c:20:35:f1:81:73:ad:6a:32: + 5a:39:32:1e:87:e2:bc:a5:1a:00:e8:4b:6c:d2:59: + 96:1c:2f:c7:31:7b:07:53:81:71:eb:2e:06:5c:cc: + 87:3d:22:2d:f3:1f:15:58:f2:8c:0f:e3:03:46:d0: + 95:64:b1:6b:cc:8d:3e:8b:7a:a3:17:2b:99:16:5a: + 3e:b5:e3:17:5a:ca:aa:a7:24:53:8c:51:cf:66:70: + 92:03:cf:44:52:d8:9e:66:84:6e:6d:ea:83:64:2e: + 3b:d1:81:49:0b:ff:3f:72:0a:d7:4f:2f:64:b0:d4: + 09:3d + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + F2:21:73:69:C0:A8:E4:F4:CC:91:3A:3A:16:35:19:9B:A8:A7:C1:7B + X509v3 Authority Key Identifier: + keyid:C8:56:A6:E9:D4:2A:DF:19:49:80:E9:AD:60:6B:15:31:D0:B0:F4:BC + + X509v3 Basic Constraints: + CA:FALSE + X509v3 Key Usage: + Digital Signature, Key Encipherment + Signature Algorithm: sha256WithRSAEncryption + ab:b7:10:ff:f8:a3:f5:61:75:a2:37:e8:b5:9d:24:c7:f5:10: + 3e:3d:d9:4a:87:ec:b2:63:5c:77:db:64:ec:3d:5a:eb:d2:77: + 9b:c3:fa:4e:3e:66:6e:70:68:22:25:db:e6:21:c0:f2:d6:41: + f0:4b:65:8e:92:d4:24:68:66:9f:e0:a3:b8:3e:df:02:33:24: + e6:e0:5c:08:9c:93:46:ed:e6:c4:58:0f:57:ce:e2:dc:ea:dc: + 2e:a3:1f:94:05:ca:c0:2b:08:0e:b9:a2:5f:6f:db:ff:68:6c: + 11:3d:a4:ee:21:1d:1e:47:c6:13:fe:05:16:d7:18:0b:37:95: + dd:e9:53:50:12:09:39:f2:70:66:88:3e:33:16:d1:e6:6b:b1: + e9:f1:ba:77:27:4c:a5:b4:31:6e:17:a4:b2:1e:ee:27:a2:6e: + bb:d4:cd:ec:ba:55:18:a2:68:7a:59:4c:8d:39:8e:c2:6e:3a: + 48:fd:30:16:ab:91:de:ea:88:63:62:73:19:76:be:b9:01:70: + 70:c3:3c:97:07:e0:38:a3:ac:59:d7:37:d8:1e:9e:18:33:57: + 70:c1:a6:92:75:68:06:50:87:87:0f:7d:4e:62:46:48:ee:18: + 4e:8b:06:91:e1:b2:c8:37:9f:28:92:ce:ef:09:be:4a:82:92: + ef:d9:65:76 +-----BEGIN CERTIFICATE----- +MIIDqzCCApOgAwIBAgIBATANBgkqhkiG9w0BAQsFADB0MQswCQYDVQQGEwJHQjEP +MA0GA1UECAwGTG9uZG9uMQ8wDQYDVQQHDAZMb25kb24xEjAQBgNVBAoMCT9UZXN0 +IFBMQzENMAsGA1UECwwEVEVTVDEgMB4GA1UEAwwXVGVzdCBOb2RlIERldiBSb290 +IENlcnQwHhcNMTcwNjE4MTQyNjU2WhcNMTgwNjE4MTQyNjU2WjBiMQswCQYDVQQG +EwJHQjEPMA0GA1UECAwGTG9uZG9uMQ8wDQYDVQQHDAZMb25kb24xDjAMBgNVBAoM +BVRlc3QgMQ0wCwYDVQQLDARURVNUMRIwEAYDVQQDDAlsb2NhbGhvc3QwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChMbSGQfGmHJnpUvJyT1AGglEY5Quk +lz4tPsYqWRgQi/wbJ1hnXcluefxw/EsGjBe+hSDWLNKRS6xKU0V6jAF6CA5rQs/q +8FSV4f/0g2rnqolTbK7DRYLOD/EHC029ALHRlst3ajPnaOFicKPPk66/9RKjTfK5 +37H8Q82n9dSRP7R03yfyf6+sEUGrS1wgNfGBc61qMlo5Mh6H4rylGgDoS2zSWZYc +L8cxewdTgXHrLgZczIc9Ii3zHxVY8owP4wNG0JVksWvMjT6LeqMXK5kWWj614xda +yqqnJFOMUc9mcJIDz0RS2J5mhG5t6oNkLjvRgUkL/z9yCtdPL2Sw1Ak9AgMBAAGj +WjBYMB0GA1UdDgQWBBTyIXNpwKjk9MyROjoWNRmbqKfBezAfBgNVHSMEGDAWgBTI +Vqbp1CrfGUmA6a1gaxUx0LD0vDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIFoDANBgkq +hkiG9w0BAQsFAAOCAQEAq7cQ//ij9WF1ojfotZ0kx/UQPj3ZSofssmNcd9tk7D1a +69J3m8P6Tj5mbnBoIiXb5iHA8tZB8EtljpLUJGhmn+CjuD7fAjMk5uBcCJyTRu3m +xFgPV87i3OrcLqMflAXKwCsIDrmiX2/b/2hsET2k7iEdHkfGE/4FFtcYCzeV3elT +UBIJOfJwZog+MxbR5mux6fG6dydMpbQxbheksh7uJ6Juu9TN7LpVGKJoellMjTmO +wm46SP0wFquR3uqIY2JzGXa+uQFwcMM8lwfgOKOsWdc32B6eGDNXcMGmknVoBlCH +hw99TmJGSO4YTosGkeGyyDefKJLO7wm+SoKS79lldg== +-----END CERTIFICATE----- diff --git a/test/fixtures/certs/ca.cfg b/test/fixtures/certs/ca.cfg new file mode 100644 index 0000000..d2d90e9 --- /dev/null +++ b/test/fixtures/certs/ca.cfg @@ -0,0 +1,86 @@ +[ ca ] +default_ca = CA_default + +[ CA_default ] +base_dir = "./" +# how long to certify for +default_days = 365 +# how long before next CRL +default_crl_days = 365 +# use public key default MD +default_md = sha256 +# keep passed DN ordering +preserve = no + +# The extensions to add to the cert +x509_extensions = ca_extensions + +# Don't concat the email in the DN +email_in_dn = no +# Required to copy SANs from CSR to cert +copy_extensions = copy + +# The CA certifcate +certificate = $base_dir/ca.crt +# The CA private key +private_key = $base_dir/ca_private.key +# Location for new certs after signing +new_certs_dir = $base_dir +# Database index file +database = $base_dir/index.txt +# The current serial number +serial = $base_dir/serial.txt + +unique_subject = no # Set to 'no' to allow creation of + # several certificates with same subject. + +[ req ] +default_bits = 2048 +default_keyfile = ./ca_private.key +distinguished_name = ca_distinguished_name +x509_extensions = ca_extensions +string_mask = utf8only + +[ ca_distinguished_name ] +countryName = Country Name (2 letter code) +countryName_default = GB + +stateOrProvinceName = State or Province Name (full name) +stateOrProvinceName_default = London + +localityName = Locality Name (eg, city) +localityName_default = London + +organizationName = Organization Name (eg, company) +organizationName_default = Test + +organizationalUnitName = Organizational Unit (eg, division) +organizationalUnitName_default = TEST + +commonName = Common Name (e.g. server FQDN or YOUR name) +commonName_default = Test Node Dev Root Cert + +emailAddress = Email Address +emailAddress_default = admin + +[ ca_extensions ] + +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid:always, issuer +basicConstraints = critical, CA:true +keyUsage = keyCertSign, cRLSign + +[ signing_policy ] +countryName = optional +stateOrProvinceName = optional +localityName = optional +organizationName = optional +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +[ signing_req ] +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid,issuer +basicConstraints = CA:FALSE +keyUsage = digitalSignature, keyEncipherment diff --git a/test/fixtures/certs/ca.crt b/test/fixtures/certs/ca.crt new file mode 100644 index 0000000..74a14c2 --- /dev/null +++ b/test/fixtures/certs/ca.crt @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIIDyzCCArOgAwIBAgIJALfONEf3eW4AMA0GCSqGSIb3DQEBCwUAMHQxCzAJBgNV +BAYTAkdCMQ8wDQYDVQQIDAZMb25kb24xDzANBgNVBAcMBkxvbmRvbjESMBAGA1UE +CgwJP1Rlc3QgUExDMQ0wCwYDVQQLDARURVNUMSAwHgYDVQQDDBdUZXN0IE5vZGUg +RGV2IFJvb3QgQ2VydDAeFw0xNzA2MTgxNDI1MzNaFw0xNzA3MTgxNDI1MzNaMHQx +CzAJBgNVBAYTAkdCMQ8wDQYDVQQIDAZMb25kb24xDzANBgNVBAcMBkxvbmRvbjES +MBAGA1UECgwJP1Rlc3QgUExDMQ0wCwYDVQQLDARURVNUMSAwHgYDVQQDDBdUZXN0 +IE5vZGUgRGV2IFJvb3QgQ2VydDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAOpHSxiiTQgDol6QpwnQ7P3DQBD1tj8XBSpC+HSg7+YEgBs0x5EP0V5X/MGJ +5BkO/74YPBYp46LRZltgPQlfPVwHc4+RnOVzA/n/LqFllScVYj+9pneJ6lNInmYR +IvbIczzQkgKHrkLGIfVB3JzEAc/7+GhVgQ3umE1eUVtjaQC2i8os5RDDQbZRPXYS +z4a7szqIHrPO5oYJ5XzJcFjECgAfD4OZDH+GiNsUdCloX4Qr2q4rtS9sqhrvLl4H +xXzh9mnG+e7LnUytqdOPNTFsQmapUiuTwOjDb0Z+1C6e55vHBRo9IbgQTA9QH9g/ +7kIQV323wWhE3PFY/NHkrcW/oYMCAwEAAaNgMF4wHQYDVR0OBBYEFMhWpunUKt8Z +SYDprWBrFTHQsPS8MB8GA1UdIwQYMBaAFMhWpunUKt8ZSYDprWBrFTHQsPS8MA8G +A1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQAF +aU3MSEL5KQ9TjSEfQh2uU6ksyv8o9tOySJLf22x6Hqmfhk35UI71FczNq9fXZ5tw +liuMoWiaYOCvh+Ke1FJyxC/Fo2p530j4cBquVbMK5Jl15MGzwX0mTcZRJsxxRz9r +S12UdIKAch1O6t1TuOUPXX7jt1mtD3wtgImTGA1CxL/OJnrj1af73FSQ0+otCt8Y +z2m9C1Wa1p8aE4eD5gfZECJJ/0/IHwWUPjByx57+thl+zplgdpXwVvFgxUOzsilX +hMppY/bSzF411HFEA7eDvdZzpooPyF7BxnU77fprAYfg8FlZKU1wLvUybFkMBN/6 +qYfd3qlsQE8u0dqbytIv +-----END CERTIFICATE----- diff --git a/test/fixtures/certs/ca_private.key b/test/fixtures/certs/ca_private.key new file mode 100644 index 0000000..f6eb35d --- /dev/null +++ b/test/fixtures/certs/ca_private.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDqR0sYok0IA6Je +kKcJ0Oz9w0AQ9bY/FwUqQvh0oO/mBIAbNMeRD9FeV/zBieQZDv++GDwWKeOi0WZb +YD0JXz1cB3OPkZzlcwP5/y6hZZUnFWI/vaZ3iepTSJ5mESL2yHM80JICh65CxiH1 +QdycxAHP+/hoVYEN7phNXlFbY2kAtovKLOUQw0G2UT12Es+Gu7M6iB6zzuaGCeV8 +yXBYxAoAHw+DmQx/hojbFHQpaF+EK9quK7UvbKoa7y5eB8V84fZpxvnuy51MranT +jzUxbEJmqVIrk8Dow29GftQunuebxwUaPSG4EEwPUB/YP+5CEFd9t8FoRNzxWPzR +5K3Fv6GDAgMBAAECggEBAIYDjEimJuxrr8jqdDLgSYEL3K0W8U57q5+2OYv1t+Vb +M7Dca0BmzPxr1pEbgNh4xQCHum9vPOEZabThg2jGC0KGnKtGv3pdZavvNkxq4Hw/ +9jjCEuSUhu9nPfzi1p5Wodzq7mr2FE/sKOaz6y/dy6+e0kVUjANdNdAkIOPnJNyb +d3dCFHGmXcLhiQtLfKPK6UQDDvKfYNqIqkG9j42S8BiwMu1dm5MW5dpgh72QRdQG +72ifTQ1Pp0J+gbFKtUBHRxbyrUCupobVjxQdkmwuLkoV6ZsUSEVwvQ2YaGQi5s2V +1+2MYOWVXzCbCz4Z3HJOglbXfD7/CTpjpiyEeyeXuokCgYEA+V0vL68e27oyM6Sz +LVjN9o/nRrpoX8geQ6cvABAHgM6Hxt/+/dVsnB8hyDfq3WqHz3rHyhNeJcPT6DfV +VQ2cJQ+RDJlXG0zop1JCyvknlMScEUdttyxNnbmT7L8d8V98EpXCsK6tI00nkSrE +f30jbsPD54Ntb8uQaDrz4rm06f8CgYEA8INWajvXB7hfOnWq8MaGcjUMz+CqMfir +t511jhHinyTDwvGKYsn16uU3waooa5j/QhX18eSjIdlu7If3mYQad4UKqoUH9vUO +B4NA/mPUwM5ck9GRi9S/7v5Ps77ikj8vBznmeZKgy9yCOAOXSjiW+QKm2bhL0cre +EQAAhZXWoH0CgYEAgvouCbbK15DCQ5vzvRLTA/nr+Zt5rS2Yr+JFbpv8xOw2JwCK +l9sdNBeqD9dHFsuY0CLmg76OifmE+YkyFX2TkWfOwTZdqWpJHXG4wZIC90IZ032Y +JEkx73GFQCnWWWzU55If89ub91nUOYykL26USN6srJK8zaa3j/e/GEyAuRMCgYA7 +hKTr4ScTWALo2pmUv+whcxNalgRIHXuRErw2jiKAs35mTZOrYsMif9rOaCdciR4R +4pFcbPIZvE8A5ZzWNqS+EwRSsl0INhhkr4xz54yMsgSi5+eWrO1aXUCoAILdIhmn +NiLczvZPvJ/U8L6NtXdW49saYcsRfZx6pH98j1nvmQKBgQCRZoZUQFWh38BclfBf +X2ZwQTL8HdAr2PdgUM2iDC/pCBBzxRq4pGkCjm0gwWPjljT4N9yCMF95DhSvjD+G +n1gS9VSpFbkH69AwggMdyF16lIqOhmK/LKyZbzrlSHNbrrFK3r6ipft/M061v/4s +pKzfU3EGJKCJeu1yAHNvFvPcpw== +-----END PRIVATE KEY----- diff --git a/test/fixtures/certs/generate-ca-certificate.sh b/test/fixtures/certs/generate-ca-certificate.sh new file mode 100644 index 0000000..9cf61f2 --- /dev/null +++ b/test/fixtures/certs/generate-ca-certificate.sh @@ -0,0 +1,34 @@ +#!/bin/sh +set -e + +echo "---> Generate the ROOT Private Key" +openssl genrsa 4096 \ + -out ./ca_private.key + +echo "---> Generate the ROOT CA CRT" +openssl req \ + -x509 \ + -config ./ca.cfg \ + -newkey rsa:2048 \ + -sha256 \ + -nodes \ + -out ./ca.crt \ + -outform PEM \ + -subj "/C=GB/ST=London/L=London/O=?Test PLC/OU=TEST/CN=Test Node Dev Root Cert" + +openssl x509 \ + -in ./ca.crt \ + -text -noout + +openssl x509 \ + -purpose \ + -in ./ca.crt \ + -inform PEM + +touch ./index.txt +echo "01" > ./serial.txt + +echo +echo "**********************" +echo "***** Successful *****" +echo "**********************" diff --git a/test/fixtures/certs/generate-server-certificate.sh b/test/fixtures/certs/generate-server-certificate.sh new file mode 100644 index 0000000..59722e5 --- /dev/null +++ b/test/fixtures/certs/generate-server-certificate.sh @@ -0,0 +1,40 @@ +#!/bin/sh +set -e + +ls ca_private.key ca.crt || echo "Run generate_ca_certificate.sh first" + +echo "---> Generate the SERVER key" +openssl genrsa 4096 \ + -out ./server_private.key \ + +echo "---> Generate the SERVER CSR" +openssl req \ + -config ./server.cfg \ + -newkey rsa:2048 \ + -sha256 \ + -nodes \ + -out ./server.csr \ + -outform PEM \ + -subj "/C=GB/ST=London/L=London/O=Test /OU=TEST/CN=localhost" + +openssl req \ + -text \ + -noout \ + -verify \ + -in ./server.csr + +echo "---> Generate the SERVER Certificate attached to ROOT CA" +openssl ca \ + -config ./ca.cfg \ + -policy signing_policy \ + -extensions signing_req \ + -out ./server.crt \ + -infiles ./server.csr + +echo "---> Remove server.csr" +rm ./server.csr + +echo +echo "**********************" +echo "***** Successful *****" +echo "**********************" diff --git a/test/fixtures/certs/index.txt b/test/fixtures/certs/index.txt new file mode 100644 index 0000000..4f93ba9 --- /dev/null +++ b/test/fixtures/certs/index.txt @@ -0,0 +1 @@ +V 180618142656Z 01 unknown /C=GB/ST=London/L=London/O=Test /OU=TEST/CN=localhost diff --git a/test/fixtures/certs/index.txt.attr b/test/fixtures/certs/index.txt.attr new file mode 100644 index 0000000..3a7e39e --- /dev/null +++ b/test/fixtures/certs/index.txt.attr @@ -0,0 +1 @@ +unique_subject = no diff --git a/test/fixtures/certs/serial.txt b/test/fixtures/certs/serial.txt new file mode 100644 index 0000000..9e22bcb --- /dev/null +++ b/test/fixtures/certs/serial.txt @@ -0,0 +1 @@ +02 diff --git a/test/fixtures/certs/server.cfg b/test/fixtures/certs/server.cfg new file mode 100644 index 0000000..a1679c0 --- /dev/null +++ b/test/fixtures/certs/server.cfg @@ -0,0 +1,28 @@ +[ req ] +default_bits = 2048 +default_keyfile = ./server_private.key +distinguished_name = server_distinguished_name +req_extensions = server_req_extensions +string_mask = utf8only + +[ server_distinguished_name ] +countryName = Country Name (2 letter code) +countryName_default = W + +stateOrProvinceName = State or Province Name (full name) +stateOrProvinceName_default = World + +localityName = Locality Name (eg, city) +localityName_default = World + +rganizationName = Organization Name (eg, company) +organizationName_default = Test + +commonName = Common Name (e.g. server FQDN or YOUR name) +commonName_default = TEST + +[ server_req_extensions ] + +subjectKeyIdentifier = hash +basicConstraints = CA:FALSE +keyUsage = digitalSignature, keyEncipherment diff --git a/test/fixtures/certs/server.crt b/test/fixtures/certs/server.crt new file mode 100644 index 0000000..6ebed1e --- /dev/null +++ b/test/fixtures/certs/server.crt @@ -0,0 +1,81 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 1 (0x1) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=GB, ST=London, L=London, O=?Test PLC, OU=TEST, CN=Test Node Dev Root Cert + Validity + Not Before: Jun 18 14:26:56 2017 GMT + Not After : Jun 18 14:26:56 2018 GMT + Subject: C=GB, ST=London, L=London, O=Test , OU=TEST, CN=localhost + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:a1:31:b4:86:41:f1:a6:1c:99:e9:52:f2:72:4f: + 50:06:82:51:18:e5:0b:a4:97:3e:2d:3e:c6:2a:59: + 18:10:8b:fc:1b:27:58:67:5d:c9:6e:79:fc:70:fc: + 4b:06:8c:17:be:85:20:d6:2c:d2:91:4b:ac:4a:53: + 45:7a:8c:01:7a:08:0e:6b:42:cf:ea:f0:54:95:e1: + ff:f4:83:6a:e7:aa:89:53:6c:ae:c3:45:82:ce:0f: + f1:07:0b:4d:bd:00:b1:d1:96:cb:77:6a:33:e7:68: + e1:62:70:a3:cf:93:ae:bf:f5:12:a3:4d:f2:b9:df: + b1:fc:43:cd:a7:f5:d4:91:3f:b4:74:df:27:f2:7f: + af:ac:11:41:ab:4b:5c:20:35:f1:81:73:ad:6a:32: + 5a:39:32:1e:87:e2:bc:a5:1a:00:e8:4b:6c:d2:59: + 96:1c:2f:c7:31:7b:07:53:81:71:eb:2e:06:5c:cc: + 87:3d:22:2d:f3:1f:15:58:f2:8c:0f:e3:03:46:d0: + 95:64:b1:6b:cc:8d:3e:8b:7a:a3:17:2b:99:16:5a: + 3e:b5:e3:17:5a:ca:aa:a7:24:53:8c:51:cf:66:70: + 92:03:cf:44:52:d8:9e:66:84:6e:6d:ea:83:64:2e: + 3b:d1:81:49:0b:ff:3f:72:0a:d7:4f:2f:64:b0:d4: + 09:3d + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + F2:21:73:69:C0:A8:E4:F4:CC:91:3A:3A:16:35:19:9B:A8:A7:C1:7B + X509v3 Authority Key Identifier: + keyid:C8:56:A6:E9:D4:2A:DF:19:49:80:E9:AD:60:6B:15:31:D0:B0:F4:BC + + X509v3 Basic Constraints: + CA:FALSE + X509v3 Key Usage: + Digital Signature, Key Encipherment + Signature Algorithm: sha256WithRSAEncryption + ab:b7:10:ff:f8:a3:f5:61:75:a2:37:e8:b5:9d:24:c7:f5:10: + 3e:3d:d9:4a:87:ec:b2:63:5c:77:db:64:ec:3d:5a:eb:d2:77: + 9b:c3:fa:4e:3e:66:6e:70:68:22:25:db:e6:21:c0:f2:d6:41: + f0:4b:65:8e:92:d4:24:68:66:9f:e0:a3:b8:3e:df:02:33:24: + e6:e0:5c:08:9c:93:46:ed:e6:c4:58:0f:57:ce:e2:dc:ea:dc: + 2e:a3:1f:94:05:ca:c0:2b:08:0e:b9:a2:5f:6f:db:ff:68:6c: + 11:3d:a4:ee:21:1d:1e:47:c6:13:fe:05:16:d7:18:0b:37:95: + dd:e9:53:50:12:09:39:f2:70:66:88:3e:33:16:d1:e6:6b:b1: + e9:f1:ba:77:27:4c:a5:b4:31:6e:17:a4:b2:1e:ee:27:a2:6e: + bb:d4:cd:ec:ba:55:18:a2:68:7a:59:4c:8d:39:8e:c2:6e:3a: + 48:fd:30:16:ab:91:de:ea:88:63:62:73:19:76:be:b9:01:70: + 70:c3:3c:97:07:e0:38:a3:ac:59:d7:37:d8:1e:9e:18:33:57: + 70:c1:a6:92:75:68:06:50:87:87:0f:7d:4e:62:46:48:ee:18: + 4e:8b:06:91:e1:b2:c8:37:9f:28:92:ce:ef:09:be:4a:82:92: + ef:d9:65:76 +-----BEGIN CERTIFICATE----- +MIIDqzCCApOgAwIBAgIBATANBgkqhkiG9w0BAQsFADB0MQswCQYDVQQGEwJHQjEP +MA0GA1UECAwGTG9uZG9uMQ8wDQYDVQQHDAZMb25kb24xEjAQBgNVBAoMCT9UZXN0 +IFBMQzENMAsGA1UECwwEVEVTVDEgMB4GA1UEAwwXVGVzdCBOb2RlIERldiBSb290 +IENlcnQwHhcNMTcwNjE4MTQyNjU2WhcNMTgwNjE4MTQyNjU2WjBiMQswCQYDVQQG +EwJHQjEPMA0GA1UECAwGTG9uZG9uMQ8wDQYDVQQHDAZMb25kb24xDjAMBgNVBAoM +BVRlc3QgMQ0wCwYDVQQLDARURVNUMRIwEAYDVQQDDAlsb2NhbGhvc3QwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChMbSGQfGmHJnpUvJyT1AGglEY5Quk +lz4tPsYqWRgQi/wbJ1hnXcluefxw/EsGjBe+hSDWLNKRS6xKU0V6jAF6CA5rQs/q +8FSV4f/0g2rnqolTbK7DRYLOD/EHC029ALHRlst3ajPnaOFicKPPk66/9RKjTfK5 +37H8Q82n9dSRP7R03yfyf6+sEUGrS1wgNfGBc61qMlo5Mh6H4rylGgDoS2zSWZYc +L8cxewdTgXHrLgZczIc9Ii3zHxVY8owP4wNG0JVksWvMjT6LeqMXK5kWWj614xda +yqqnJFOMUc9mcJIDz0RS2J5mhG5t6oNkLjvRgUkL/z9yCtdPL2Sw1Ak9AgMBAAGj +WjBYMB0GA1UdDgQWBBTyIXNpwKjk9MyROjoWNRmbqKfBezAfBgNVHSMEGDAWgBTI +Vqbp1CrfGUmA6a1gaxUx0LD0vDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIFoDANBgkq +hkiG9w0BAQsFAAOCAQEAq7cQ//ij9WF1ojfotZ0kx/UQPj3ZSofssmNcd9tk7D1a +69J3m8P6Tj5mbnBoIiXb5iHA8tZB8EtljpLUJGhmn+CjuD7fAjMk5uBcCJyTRu3m +xFgPV87i3OrcLqMflAXKwCsIDrmiX2/b/2hsET2k7iEdHkfGE/4FFtcYCzeV3elT +UBIJOfJwZog+MxbR5mux6fG6dydMpbQxbheksh7uJ6Juu9TN7LpVGKJoellMjTmO +wm46SP0wFquR3uqIY2JzGXa+uQFwcMM8lwfgOKOsWdc32B6eGDNXcMGmknVoBlCH +hw99TmJGSO4YTosGkeGyyDefKJLO7wm+SoKS79lldg== +-----END CERTIFICATE----- diff --git a/test/fixtures/certs/server_private.key b/test/fixtures/certs/server_private.key new file mode 100644 index 0000000..070f812 --- /dev/null +++ b/test/fixtures/certs/server_private.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQChMbSGQfGmHJnp +UvJyT1AGglEY5Quklz4tPsYqWRgQi/wbJ1hnXcluefxw/EsGjBe+hSDWLNKRS6xK +U0V6jAF6CA5rQs/q8FSV4f/0g2rnqolTbK7DRYLOD/EHC029ALHRlst3ajPnaOFi +cKPPk66/9RKjTfK537H8Q82n9dSRP7R03yfyf6+sEUGrS1wgNfGBc61qMlo5Mh6H +4rylGgDoS2zSWZYcL8cxewdTgXHrLgZczIc9Ii3zHxVY8owP4wNG0JVksWvMjT6L +eqMXK5kWWj614xdayqqnJFOMUc9mcJIDz0RS2J5mhG5t6oNkLjvRgUkL/z9yCtdP +L2Sw1Ak9AgMBAAECggEAWXDHBifY+Z6tF/XaaOrxMGtmrDWK/EyfR2OpeR3uaGAE +Bt0SBGjZt98f32FeD8fz9NbRnYVJYS1n7+W8i37b4uZNed6cl3O6u1+nMfkpfFn3 +0L5hSiBrsALQbmQrQk/8WpsdUqkvG5vqU0DE5AzBzekh6lL594DTtXG5zxRsWhrp +POKMEptxdbJOs2FlvXVmtpyinq4n6Q8EhdOosl3pfUWpLLmihGuzV0RFtP8/48Lu +/IyUl8iTQh277JjW565Qv0WwI9oALN9tcXnzz44cVLWbctG6XXu3wfzhE7Fek0tO +cCrnIOtiBYfYL8ZP3bm771yUVfami4JHG3EwATrRUQKBgQDWCShzmLzXTJgSy9ZD +3COxo7FceWn2/AbDfgiZSqd66LBrKvqv1h4ogg4jYqz7TpWHeR/hRpU8EUqIUItA +PPtVSIYfHfWtAnc8S3vj0ENDauVHGZ+fGyJ5AAONmShdTAVuGD1qsdd72Q/UQqgx +2ZVZz2A3VRIXzV5GSlvN50O2uwKBgQDAzFTJUk1cxZw9OPLDg2FgiAuiqjWEODFQ +eP9KiZGACMqirrNbGApMzdcvvN5XVU22Vugys+qcXsvOmbPID5SiNh1MR4G8bpHW +w9fZe6pT52xn0unNA9TDFfXO31kwSg0v8rZ9qRjEt8toE1V4O4qmhvus21DdZida +Q6YWOKJMZwKBgQCIy2WdK/tVp1BygvC4glQVzscmkTrWbhFslHqubnZIKbvHYrrB +8xlnTmf22bQxEfKjmRh1BIWQ1IRMRx4YumDwCuAdtyoznyXR1XSjD5JN3l4XaRsJ +t2/64bVjpIWVy2aVDM0EChHsx7hEMy4IXkYEFnQqKSbdK5abWh7+pFY0zQKBgQCA +EbtomEFHlQT6LjAk68rtorGH9mTiVal8eUOsMcHzOOPSORZvNoLxDfMZhO51OPcM +XqKTu6vm/5mGvdcM2Dy1nBjOKNnnX9OExEdH8rvsTFhYh2RDiX31sUq9huPqDebA +qQvMYV1Qn36AvgcSfQrXH+dipbULvOX7MeDL9gbplQKBgQCKvgzMrRmrp78hM27G +WPjo/X8cnHBalOQdLwrl7+qRyAfxltOqJI95yCGGrJ8KIe3izbvp5vbHjqVOQleJ +fs0T82lnjkwvyEMTndPU0VASvJqUtPJEfhY4BKOmRMaH6ikmhrJ5BeXcO8Hr51tF +YjtAnh98J8rALVB2DngA+pTCzg== +-----END PRIVATE KEY----- diff --git a/test/index.js b/test/index.js index 20dfc50..eb26323 100644 --- a/test/index.js +++ b/test/index.js @@ -7,13 +7,12 @@ max-len: ["error", 80] 'use strict' const { describe, it, before } = require('mocha') -const { expect } = require('chai') -const client = require('grpc.client') +const { expect } = require('chai') +const client = require('grpc.client') +const { readFileSync } = require('fs') const server = require('../') -const certificates = require('./create-certificates') - var serverCerts = {} var clientCerts = {} @@ -37,22 +36,22 @@ describe('gRPC server', () => { before((done) => { - certificates((_, pem) => { - serverCerts = { - key: pem.privateKey, - server: pem.certificate - } + const key = readFileSync('test/fixtures/certs/server_private.key') + const crt = readFileSync('test/fixtures/certs/server.crt') + const ca = readFileSync('test/fixtures/certs/ca.crt') - certificates((__, _pem) => { - clientCerts = { - ca: pem.certificate, - key: _pem.privateKey, - client: _pem.certificate - } + serverCerts = { + key: key, + server: crt + } - done() - }) - }) + clientCerts = { + ca: ca, + key: key, + client: crt + } + + done() }) it('should throw an error when not passing any service', (done) => { @@ -68,7 +67,7 @@ describe('gRPC server', () => { (done) => { let serverA = server( { - creedentials: serverCerts, + credentials: serverCerts, address: '127.0.0.1:50052' } ) @@ -105,18 +104,28 @@ describe('gRPC server', () => { it('should do a rpc call between server / client for an authenticated' + ' server / client', - (done) => { + function (done) { + this.timeout(120000) let serverA = server( { - creedentials: serverCerts, - address: '127.0.0.1:50052' + credentials: serverCerts, + address: 'localhost:50052' } ) + const service = [ + { + proto: protos.helloWorld, + package: 'helloWorld', + name: 'Greeter', + methods: { sayHello: sayHello } + } + ] + serverA - .addServices(services) + .addServices(service) .start(() => { - client({ address: '127.0.0.1:50052', creedentials: clientCerts }) + client({ address: 'localhost:50052', credentials: clientCerts }) .service('Greeter', protos.helloWorld) .sayHello({ name: 'Scaramouche' }) .end((err, res) => {