diff --git a/src/Parse/HttpClients/ParseCurlHttpClient.php b/src/Parse/HttpClients/ParseCurlHttpClient.php index 0d53d06c..e9337dad 100644 --- a/src/Parse/HttpClients/ParseCurlHttpClient.php +++ b/src/Parse/HttpClients/ParseCurlHttpClient.php @@ -306,6 +306,18 @@ public function setCAFile($caFile) $this->parseCurl->setOption(CURLOPT_CAINFO, $caFile); } + /** + * Sets multiple curl options + * https://www.php.net/manual/en/function.curl-setopt.php + * + * @param array $options Array of options to set + * @throws ParseException + */ + public function setHttpOptions($options) + { + $this->parseCurl->setOptionsArray($options); + } + /** * Gets the error code * diff --git a/src/Parse/HttpClients/ParseHttpable.php b/src/Parse/HttpClients/ParseHttpable.php index 8fe938d5..7025cf45 100644 --- a/src/Parse/HttpClients/ParseHttpable.php +++ b/src/Parse/HttpClients/ParseHttpable.php @@ -63,6 +63,13 @@ public function setTimeout($timeout); */ public function setCAFile($caFile); + /** + * Sets http options to pass to the http client + * + * @param string $httpOptions Options to set + */ + public function setHttpOptions($httpOptions); + /** * Gets the error code * diff --git a/src/Parse/HttpClients/ParseStreamHttpClient.php b/src/Parse/HttpClients/ParseStreamHttpClient.php index 11657fb7..62259904 100644 --- a/src/Parse/HttpClients/ParseStreamHttpClient.php +++ b/src/Parse/HttpClients/ParseStreamHttpClient.php @@ -78,6 +78,13 @@ class ParseStreamHttpClient implements ParseHttpable */ private $caFile; + /** + * Options to pass to the stream context. + * + * @var array + */ + private $httpOptions; + /** * Optional timeout for this request * @@ -195,6 +202,12 @@ public function send($url, $method = 'GET', $data = array()) $this->options['ssl']['cafile'] = $this->caFile; } + if (isset($this->httpOptions)) { + foreach ($this->httpOptions as $key => $value) { + $this->options[$key] = $value; + } + } + // add additional options for this request $this->options['http'] = array( 'method' => $method, @@ -264,6 +277,7 @@ public function send($url, $method = 'GET', $data = array()) // clear options $this->options = array(); + $this->httpOptions = array(); // flush our existing headers $this->headers = array(); @@ -348,6 +362,17 @@ public function setCAFile($caFile) $this->caFile = $caFile; } + /** + * Sets http options to pass to the stream context + * https://www.php.net/manual/en/context.php + * + * @param array $httpOptions options to set + */ + public function setHttpOptions($httpOptions) + { + $this->httpOptions = $httpOptions; + } + /** * Sets the request timeout * diff --git a/src/Parse/ParseClient.php b/src/Parse/ParseClient.php index 5ac2819a..6c0c88ee 100755 --- a/src/Parse/ParseClient.php +++ b/src/Parse/ParseClient.php @@ -103,6 +103,13 @@ final class ParseClient */ private static $caFile; + /** + * Options to pass to the http client. + * + * @var array + */ + private static $httpOptions; + /** * Constant for version string to include with requests. * @@ -301,6 +308,21 @@ public static function setCAFile($caFile) self::$caFile = $caFile; } + /** + * Sets http options to pass to the http client + * For curl + * https://www.php.net/manual/en/function.curl-setopt.php + * + * For stream context + * https://www.php.net/manual/en/context.php + * + * @param array $httpOptions options to set + */ + public static function setHttpOptions($httpOptions) + { + self::$httpOptions = $httpOptions; + } + /** * ParseClient::_encode, internal method for encoding object values. * @@ -452,6 +474,9 @@ private static function getPreparedHttpClient() // set CA file $httpClient->setCAFile(self::$caFile); } + if (isset(self::$httpOptions)) { + $httpClient->setHttpOptions(self::$httpOptions); + } return $httpClient; } diff --git a/tests/Parse/Helper.php b/tests/Parse/Helper.php index 6294789e..95380113 100644 --- a/tests/Parse/Helper.php +++ b/tests/Parse/Helper.php @@ -105,4 +105,10 @@ public static function print($text) { fwrite(STDOUT, $text . "\n"); } + + public static function printArray($array) + { + print_r($array); + ob_end_flush(); + } } diff --git a/tests/Parse/ParseClientTest.php b/tests/Parse/ParseClientTest.php index 2c697752..ba08e891 100644 --- a/tests/Parse/ParseClientTest.php +++ b/tests/Parse/ParseClientTest.php @@ -16,6 +16,8 @@ use PHPUnit\Framework\TestCase; +defined('CURLOPT_PINNEDPUBLICKEY') || define('CURLOPT_PINNEDPUBLICKEY', 10230); + class ParseClientTest extends TestCase { public static function setUpBeforeClass() : void @@ -35,6 +37,9 @@ public function tearDown() : void // unset CA file ParseClient::setCAFile(null); + + // unset http options + ParseClient::setHttpOptions(null); } /** @@ -667,4 +672,52 @@ public function testCheckBadServer() $this->assertTrue(isset($health['error_message'])); } } + + /** + * @group test-http-options + */ + public function testCurlHttpOptions() + { + if (function_exists('curl_init')) { + ParseClient::setHttpClient(new ParseCurlHttpClient()); + ParseClient::setServerURL('https://localhost:1338', 'parse'); + ParseClient::setHttpOptions([ + CURLOPT_SSL_VERIFYPEER => false, + CURLOPT_PINNEDPUBLICKEY => 'sha256//Oz+R70/uIv0irdBWc7RNPyCGeZNbN+CBiPLjJxXWigg=', + CURLOPT_SSLCERT => dirname(__DIR__).'/keys/client.crt', + CURLOPT_SSLKEY => dirname(__DIR__).'/keys/client.key', + ]); + $health = ParseClient::getServerHealth(); + + $this->assertNotNull($health); + $this->assertEquals($health['status'], 200); + $this->assertEquals($health['response']['status'], 'ok'); + Helper::setServerURL(); + } + } + + /** + * @group test-http-options + */ + public function testStreamHttpOptions() + { + ParseClient::setHttpClient(new ParseStreamHttpClient()); + ParseClient::setServerURL('https://localhost:1338', 'parse'); + ParseClient::setHttpOptions([ + 'ssl' => [ + 'verify_peer' => false, + 'verify_peer_name' => false, + 'allow_self_signed' => true, + 'local_cert' => dirname(__DIR__).'/keys/client.crt', + 'local_pk' => dirname(__DIR__).'/keys/client.key', + 'peer_fingerprint' => '29F36676EFA0CA18B5B571C6144580044CB289C2', + ] + ]); + $health = ParseClient::getServerHealth(); + + $this->assertNotNull($health); + $this->assertEquals($health['status'], 200); + $this->assertEquals($health['response']['status'], 'ok'); + Helper::setServerURL(); + } } diff --git a/tests/gencerts.sh b/tests/gencerts.sh new file mode 100755 index 00000000..cf31ceb5 --- /dev/null +++ b/tests/gencerts.sh @@ -0,0 +1,75 @@ +#!/bin/bash +# https://gist.github.com/ryankurte/bc0d8cff6e73a6bb1950 +# https://curl.se/libcurl/c/CURLOPT_PINNEDPUBLICKEY.html +# ./gencerts.sh parseca localhost parsephp keys/ +# ./gencerts.sh parseca client parsephp keys/ + +set -e + +if [ "$#" -ne 3 ] && [ "$#" -ne 4 ]; then + echo "Usage: $0 CA NAME ORG" + echo "CA - name of fake CA" + echo "NAME - name of fake client" + echo "ORG - organisation for both" + echo "[DIR] - directory for cert output" + exit +fi + +CA=$1 +NAME=$2 +ORG=$3 + +if [ -z "$4" ]; then + DIR=./ +else + DIR=$4 +fi + +if [ ! -d "$DIR" ]; then + mkdir -p $DIR +fi + +LENGTH=4096 +DAYS=1000 + +SUBJECT=/C=NZ/ST=AKL/L=Auckland/O=$ORG + +if [ ! -f "$DIR/$CA.key" ]; then + + echo Generating CA + openssl genrsa -out $DIR/$CA.key $LENGTH + + echo Signing CA + openssl req -x509 -new -nodes -key $DIR/$CA.key -sha256 -days 1024 -out $DIR/$CA.crt -subj $SUBJECT/CN=$CA + + openssl x509 -in $DIR/$CA.crt -out $DIR/$CA.pem -text + openssl x509 -sha1 -noout -in $DIR/$CA.pem -fingerprint | sed 's/SHA1 Fingerprint=//g' >> $DIR/$CA.fp + +else + echo Located existing CA +fi + +if [ ! -f "$DIR/$NAME.key" ]; then + +echo Generating keys +openssl genrsa -out $DIR/$NAME.key $LENGTH + +echo Generating CSR +openssl req -new -out $DIR/$NAME.csr -key $DIR/$NAME.key -subj $SUBJECT/CN=$NAME + +echo Signing cert +openssl x509 -req -days $DAYS -in $DIR/$NAME.csr -out $DIR/$NAME.crt -CA $DIR/$CA.crt -CAkey $DIR/$CA.key -CAcreateserial + +echo Generating PEM +openssl x509 -in $DIR/$NAME.crt -out $DIR/$NAME.pem -text + +openssl x509 -sha1 -noout -in $DIR/$NAME.pem -fingerprint | sed 's/SHA1 Fingerprint=//g' > $DIR/$NAME.fp + +echo Cleaning Up +rm $DIR/*.csr + +else + echo Located existing client certificate +fi + +echo Done diff --git a/tests/keys/client.crt b/tests/keys/client.crt new file mode 100644 index 00000000..761f775e --- /dev/null +++ b/tests/keys/client.crt @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFITCCAwkCCQDEwoQengRnzDANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJO +WjEMMAoGA1UECAwDQUtMMREwDwYDVQQHDAhBdWNrbGFuZDERMA8GA1UECgwIcGFy +c2VwaHAxEDAOBgNVBAMMB3BhcnNlY2EwHhcNMjMwNTEyMjA0MzAzWhcNMjYwMjA1 +MjA0MzAzWjBSMQswCQYDVQQGEwJOWjEMMAoGA1UECAwDQUtMMREwDwYDVQQHDAhB +dWNrbGFuZDERMA8GA1UECgwIcGFyc2VwaHAxDzANBgNVBAMMBmNsaWVudDCCAiIw +DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMlKDLogZSNxm5S4h97XM8A1+MsP +RaK15g8ebVEP7OGrwX1bvLVis0U/ixwHs0mqjQ9tbuefMZyiRgdds+8tpRCCuqGo +dwSk8YMmOlrF5xIpBT2cXJLhGvDyY0F0RLFZYBoioTYFth4i91DkzhmBaL6vjyB7 +dXduR1JQbzTpQHkhofPziQsNtinf8qBqLbH1dFaqwUUEgtsKJyaPlxJR21TF3Fv+ +2K/fmoyzP6Er7eUSCvJRRH1hCwzHxl7GqTKyQeaS1RLdrHYqZmSeiJpxwl8uSdBs +x4y8wG4lhRdantCCANlTwLd7zPiuIu+RBP276o2+02K8my9N2STZUgHXefSoNx4M +alYujKBUV+2qmhR9H2HlUB/C/h5Sb8PSlfWyD/bo3+agyw/1+9rfMUYCmiEtdik7 +amoBaahoqAHL8S3K19L0ytWkgFejSMzn+i4VDifnwupXHifDL7CPDX0vevFNDvC7 +HMLkBWmkNaTduDL5P3ximtIXE7akhK+ufiNoO3KLItenCENxCzUdNdDHguei2U5E +vhTyaTmIIrkUGxQ+aVDXRF2njAeQNMdTjsCAiiSN1corYX8RXvNo8QZQUEaHG42u +O6Yolsw8EZotbpExo1jbiDlI2pVIuwJdtaDCucPN/X6uZ8odGQ0LUeyTBYda/1OG +VIQzPZnxSHzqPzuZAgMBAAEwDQYJKoZIhvcNAQELBQADggIBAHOLgs6FLIv+Vvpx +fNtwabgOI2JxkFwaAujwWJS10tmczJp9qZilOlVBBhDFRBwBKqAaanHKCYkEfP6u +dgC8RMOOYOb0gk6Tj3+zhvM4Qz+n8Cn2fA2+EtFXTKyMfJHuG/zddTLep2Phh9c9 +t5s/8aHAuqM9RGiA66V7mJiR9G5E8cNpyHniCh8Z11kABPMzAy92LyEGUlRwCrWx +fCwItnzY2/7J8IW20rPIpb0EWmYHhxkUUzu7APQgvJpAUTdhmVKb9GLCUyY+oICE +1WrnV9OQiqYVGFQkry9FXyKbsLVM6b6ar8DIXpYTYnd11sqFdiUUo4oItYYrO/1O +0Bt0PX6hWYjR4r7ZT23KWAHZdlU4EFfrLJeZ6HDeYttJF68x9s8RZGgVU9Xlb/7X +KGRVyCWI7aWzvI1lBVAnc7b7B9LrIkdHnYDt/ettmRvI/zZRBh73T7EPOQB7bEzP +M8BXfAr/+qa2ToBWNd9AJrw7rg+OWGD801iXqsREyLr15nRIR12mGdKuyMkfghk1 +9J1Sd0fkfB2ci7Rn3afRdKksGuADQ2fvYihw0lALOPzSq/FYRqZBzwv9Qmw43CKd +euEPcCfT7VYY47lmfFfKBcVv8d7NiJZRGkIUYUxS/UAsrLiBCgRkaUACcbLok7sJ +jrdaTDx4EZu93dmJbEozNO6dRiLb +-----END CERTIFICATE----- diff --git a/tests/keys/client.der b/tests/keys/client.der new file mode 100644 index 00000000..e5aed7bb Binary files /dev/null and b/tests/keys/client.der differ diff --git a/tests/keys/client.fp b/tests/keys/client.fp new file mode 100644 index 00000000..61543623 --- /dev/null +++ b/tests/keys/client.fp @@ -0,0 +1 @@ +D7:10:BE:24:E6:85:A2:F8:79:F8:36:EF:42:A0:EC:B3:EC:93:C2:FB diff --git a/tests/keys/client.key b/tests/keys/client.key new file mode 100644 index 00000000..458e1994 --- /dev/null +++ b/tests/keys/client.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJJwIBAAKCAgEAyUoMuiBlI3GblLiH3tczwDX4yw9ForXmDx5tUQ/s4avBfVu8 +tWKzRT+LHAezSaqND21u558xnKJGB12z7y2lEIK6oah3BKTxgyY6WsXnEikFPZxc +kuEa8PJjQXREsVlgGiKhNgW2HiL3UOTOGYFovq+PIHt1d25HUlBvNOlAeSGh8/OJ +Cw22Kd/yoGotsfV0VqrBRQSC2wonJo+XElHbVMXcW/7Yr9+ajLM/oSvt5RIK8lFE +fWELDMfGXsapMrJB5pLVEt2sdipmZJ6ImnHCXy5J0GzHjLzAbiWFF1qe0IIA2VPA +t3vM+K4i75EE/bvqjb7TYrybL03ZJNlSAdd59Kg3HgxqVi6MoFRX7aqaFH0fYeVQ +H8L+HlJvw9KV9bIP9ujf5qDLD/X72t8xRgKaIS12KTtqagFpqGioAcvxLcrX0vTK +1aSAV6NIzOf6LhUOJ+fC6lceJ8MvsI8NfS968U0O8LscwuQFaaQ1pN24Mvk/fGKa +0hcTtqSEr65+I2g7cosi16cIQ3ELNR010MeC56LZTkS+FPJpOYgiuRQbFD5pUNdE +XaeMB5A0x1OOwICKJI3VyithfxFe82jxBlBQRocbja47piiWzDwRmi1ukTGjWNuI +OUjalUi7Al21oMK5w839fq5nyh0ZDQtR7JMFh1r/U4ZUhDM9mfFIfOo/O5kCAwEA +AQKCAgB9ZG3NPQUEMW+UE+hAP5tzb6vPA3KDzADHBlNfHiaY5qAgcZd6/0NiLhWA +nqNnjqFVLPzbuWX0h3pMeGjw5GRhhq6wqfuKnx38b0IG7iXmQDuNh+x7a1OXKcf/ +LGjmeiDN5yi6OJCc8XdTo1Vouh8AOulUeNRSVBaGBqlgMrYBP5xeFiYXBrGmIGZK +3BofNCMHIlRHpGnH/ekpsmWP+gJCKwf9HyLpXMgwQjGvO2h1POoozct2t49kpMbE +n8kjVbyL4IhvujwHWJ50q/W5EIjfNjyxZDJjT+ooM6NXSxKIHZRdzjjNlIe5mvEU +gCi1z+xr5KZWadvaegp9VAwsLYlAbrFjpUY1gh5jEWmereVdAQI6io0m6lSkAIPC +e7OjV08Hv8rsLbnc8OroJ1YYsDiRnYjASGTgUlYXgZ/GOzrx16NP9Xx/fLXDcry5 +/FayKwQ6rNE56+UzwBZisUHFQTaj854ljqT14my0pSkBUJqWu/J8sMoWtCCu31gp +via9/3Cb/+0Pvc3ShDgGEt+ulf962tcVR48mbG/rWLvMgTzbpr4+qrHDEPe0fL3/ +p5awpvMQOTr1y/inhf4aOkZgQH83e2072mCvgNDZ6eW5AmCtVEVVP8erWQ9MI2ky +HZY8/i0vs0icbqqmA9M4vnJWuQsgOmB/XIwajmnuP9/OnjfrIQKCAQEA7b/wm0+q +LveojHoKvL3vByb+MmY6UZV8kPx2R8r2wYjFXaXN3+PIjUTpeaPM5Os+yPfBlzs2 +T17ySnc7WQsj/RIgTx0fOdARjnopMR8av6RUpgShF69Kb3U7VXiLcEoApJGbg9QV +CSae4f40DzN3ou8kIR+LCRrYSSv1bkrFwRVSgTP/gqLbVWn4/HJN93+Sem8tHmqd +o85/zFEKiVMQqR46amLNh1+ntvLSNi5noETj5y3T/8MYjuPs7GAMrywg77cR06YS +MvT4MFaXfpo7Yg9/lN9jRfTASTiNo1jQd8lSt29HSId/rvZ9F25BQuF8QlEQZj7J +Io94D5frKlUDfQKCAQEA2L2eS1tKdvkgKgIt+kmvws0p0TCLECSut0GL39uk0FU8 +aWmAgFrAppsFGNzYWbv3NcN7YuN2UX+YQnBIqyZ3paI7/dOa/pbwnGy9XdXUh6zi +T+CueNBSty2HjLNqcrQ/90v6AAZfE3oOR8fcMq8svgh0oM0PjyYI+81z3lo9+SA1 +lLfHW1qIFli+80qebg38t27OeaiRzw9bwniexYPSpozoF8Zmj2UWnml/Ma2ZME8j +2t6YrwiJzwIdrC5JVbKc8Le/iksSjUA98zpFacFjNhVwLNtbUWAf5rUmV3Y312XJ +9qL8cnXmo2bLYv79Hz6I2TGH4Zim8jPT/ZFtR7sbTQKCAQBCPCD6A92zrAdm63Em +V/vJkFFtFRHWPMExW0RQh/jqvgHOLy0F3N24jaRF4R5qACfDsVJboYFl51u05za/ +fd0O2gfqQoC6iH77pIjpSHMZRNzYS53djVY9avmWvDiMlfFL58zdky4xGHNXHoy+ +V2ZTHDCCkdkYNkRfTkHX8jjZq+kKWcQrTtewGg/ltKqH8yCJv4NgX+9+/T6ZW1KG +I4AWvXckwFXmCv4cd9Wchp0UB10+wIO5U076MAGHcNLX0oFyhxwOTMvxKlIilV0r +RiiZDxxKC1oK2T7gp0K+aTXayVmkBPpk+GrYAY+kAXFpAoytpQvekEtUt4eJQJeh +eYG5AoIBAFpayjfOCgAJIVCB8hrqRxxlnS45F3AWasO4zo/3KAE112Z2dfyMWM3b +yEcyIftesdM2+CQkgTm+gIIJ/zFiavSg6nOJmI7T6+C6MEODFgOtnfcAyptQ9Xqp +v113mkPRQu1cPg9umIotEvD3r6NthbB/I+e5NOhPSeV3I/upETbfJ5ck+jXqSttO +CeSw0dU9fYIW7nqnPInedDlhQYdDyjhme4cVzcGvubs2bbEPFtKd22ut6mbln1Wu +IyKZdTcFrAlqAK6tV0GNa4YPX8qTtUFhtI7ur2YANaxfDmndva/NHmH0Vlt9LTYn +b1iIxosU7cXlsSjqE4ba9mA6FR2XMe0CggEAFCrg/EhBXX8sagXGGXt7Hp1ozpBJ +EqY4xj1KSDPGNh1x1sOJP7MYIg+Sa8AxVRH+T6VBcXBuyxy3FtNH4iRpKzE5Kept +Jdxglsfo5EGqCNsIh45xa1owHiHr3/p2VpASiPy0OsvM4zDWCNffyz0i3wM4NvRb +sVYi/eQtbML2+Ro8e3eW8f3SRbrKahQX+vMg+d3+BddX6GuPd+RE5qdIkQQhvugj +4oOR1Gx1ktv//ex4T2LkEGm0c2TLrlmFdOGPURbFIVeqLT26KJ6PdeMaVHvCkwAX +4krazNZR4HTOLAL5iWx74xr7uGz8Z3My34laVpTaS6YONX9mW7cfT8U2ww== +-----END RSA PRIVATE KEY----- diff --git a/tests/keys/client.pem b/tests/keys/client.pem new file mode 100644 index 00000000..761f775e --- /dev/null +++ b/tests/keys/client.pem @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFITCCAwkCCQDEwoQengRnzDANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJO +WjEMMAoGA1UECAwDQUtMMREwDwYDVQQHDAhBdWNrbGFuZDERMA8GA1UECgwIcGFy +c2VwaHAxEDAOBgNVBAMMB3BhcnNlY2EwHhcNMjMwNTEyMjA0MzAzWhcNMjYwMjA1 +MjA0MzAzWjBSMQswCQYDVQQGEwJOWjEMMAoGA1UECAwDQUtMMREwDwYDVQQHDAhB +dWNrbGFuZDERMA8GA1UECgwIcGFyc2VwaHAxDzANBgNVBAMMBmNsaWVudDCCAiIw +DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMlKDLogZSNxm5S4h97XM8A1+MsP +RaK15g8ebVEP7OGrwX1bvLVis0U/ixwHs0mqjQ9tbuefMZyiRgdds+8tpRCCuqGo +dwSk8YMmOlrF5xIpBT2cXJLhGvDyY0F0RLFZYBoioTYFth4i91DkzhmBaL6vjyB7 +dXduR1JQbzTpQHkhofPziQsNtinf8qBqLbH1dFaqwUUEgtsKJyaPlxJR21TF3Fv+ +2K/fmoyzP6Er7eUSCvJRRH1hCwzHxl7GqTKyQeaS1RLdrHYqZmSeiJpxwl8uSdBs +x4y8wG4lhRdantCCANlTwLd7zPiuIu+RBP276o2+02K8my9N2STZUgHXefSoNx4M +alYujKBUV+2qmhR9H2HlUB/C/h5Sb8PSlfWyD/bo3+agyw/1+9rfMUYCmiEtdik7 +amoBaahoqAHL8S3K19L0ytWkgFejSMzn+i4VDifnwupXHifDL7CPDX0vevFNDvC7 +HMLkBWmkNaTduDL5P3ximtIXE7akhK+ufiNoO3KLItenCENxCzUdNdDHguei2U5E +vhTyaTmIIrkUGxQ+aVDXRF2njAeQNMdTjsCAiiSN1corYX8RXvNo8QZQUEaHG42u +O6Yolsw8EZotbpExo1jbiDlI2pVIuwJdtaDCucPN/X6uZ8odGQ0LUeyTBYda/1OG +VIQzPZnxSHzqPzuZAgMBAAEwDQYJKoZIhvcNAQELBQADggIBAHOLgs6FLIv+Vvpx +fNtwabgOI2JxkFwaAujwWJS10tmczJp9qZilOlVBBhDFRBwBKqAaanHKCYkEfP6u +dgC8RMOOYOb0gk6Tj3+zhvM4Qz+n8Cn2fA2+EtFXTKyMfJHuG/zddTLep2Phh9c9 +t5s/8aHAuqM9RGiA66V7mJiR9G5E8cNpyHniCh8Z11kABPMzAy92LyEGUlRwCrWx +fCwItnzY2/7J8IW20rPIpb0EWmYHhxkUUzu7APQgvJpAUTdhmVKb9GLCUyY+oICE +1WrnV9OQiqYVGFQkry9FXyKbsLVM6b6ar8DIXpYTYnd11sqFdiUUo4oItYYrO/1O +0Bt0PX6hWYjR4r7ZT23KWAHZdlU4EFfrLJeZ6HDeYttJF68x9s8RZGgVU9Xlb/7X +KGRVyCWI7aWzvI1lBVAnc7b7B9LrIkdHnYDt/ettmRvI/zZRBh73T7EPOQB7bEzP +M8BXfAr/+qa2ToBWNd9AJrw7rg+OWGD801iXqsREyLr15nRIR12mGdKuyMkfghk1 +9J1Sd0fkfB2ci7Rn3afRdKksGuADQ2fvYihw0lALOPzSq/FYRqZBzwv9Qmw43CKd +euEPcCfT7VYY47lmfFfKBcVv8d7NiJZRGkIUYUxS/UAsrLiBCgRkaUACcbLok7sJ +jrdaTDx4EZu93dmJbEozNO6dRiLb +-----END CERTIFICATE----- diff --git a/tests/keys/localhost.crt b/tests/keys/localhost.crt new file mode 100644 index 00000000..86af6e0e --- /dev/null +++ b/tests/keys/localhost.crt @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFJDCCAwwCCQDEwoQengRnyzANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJO +WjEMMAoGA1UECAwDQUtMMREwDwYDVQQHDAhBdWNrbGFuZDERMA8GA1UECgwIcGFy +c2VwaHAxEDAOBgNVBAMMB3BhcnNlY2EwHhcNMjMwNTEyMjA0MjQ0WhcNMjYwMjA1 +MjA0MjQ0WjBVMQswCQYDVQQGEwJOWjEMMAoGA1UECAwDQUtMMREwDwYDVQQHDAhB +dWNrbGFuZDERMA8GA1UECgwIcGFyc2VwaHAxEjAQBgNVBAMMCWxvY2FsaG9zdDCC +AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANhB+NiGfXAgK4yJKdJEU9gC +kBUVwTmEVYIbHjK/HuWxbDIeVAHMSM1CWFZm72zfcGiLQ2vzqSNQ2mCGpefRlKGG +E5ch/HPDqeEKb/Qm+UnQTyMjKOMWckNEzqhilOiMHGR0hb6h5givz8aQ7kjp3ELm +RWaBWJ1rBizooB3fEDAdGtEEIDiq/i2/sSRcFmOeVYJ8ynIJ2/SmqF3KttQAZnuv +tFRGD+7C+loyxz+vCbAIkl1Smwj3ZsTKfGYGoSQA7Z7QVLzee7QgGmHCWiRmvKxX +ZfaW27SE7xokw68Dx84FeFYeUTXZugCLFtcHQ/M7enZsfUNjfGqFE88piKXTDgXa +qqCGKTqUhWYjnvH8AmiSbzUWYCJ+YtAY7wO7IdjrVzPh8pnCRXKefM2xJEJhDbSg +5lWkla7rJQfvKXuRlyiKonyI5hIYFwzgwPPoz+TKPLRltyzmPdmNshBN8USXOd3Q +5vG9JWSM2pP/l5UUusRRA2SrDEsud004mnQeCh1IHbF+srudSHQKPyxYOdc/WzUV +yy+RN53N1VG9JkH60t3Dg0rYiC+wilqS2G56MbgrSN4HTldmcGebzJMIdFpNSKLJ +uI886kgefd90OdsPqSI8rjPrEVAyL06w7P19/baWyyRlDQL3Do5uvMRk2YGHK2Ej +malB6uq4MatqOWXoroYrAgMBAAEwDQYJKoZIhvcNAQELBQADggIBAJnoVzVRxyQF +qUchsTRZZFfPXZI3n6Xn1wI/U5YIUyOODbTLn35c99G/sCbECFmciBZKXLvmiBn0 +tGYphpFFLT+qHtrYn4a29LFCsYDMlmfSJPQ0+V6FNpfqo2xPMDZ8sW+SVwx/PyNx +D/NyQ1+dZs5jKvVqyddU3e/jNG6hKIJF8rTfM5X2wp8RC55VGUeocWuPLCD9Ozmf +Xhv6J8Jv9LhkOl9BjudgpQ43so8mfa3InC/1SU/2kjSjc6hpWfyjErVz32Yf1QF0 +ceVgZJ4EoMVecZMFbo6b1cdlg3AoRvBEr0LpMwFWsEWicCPQjWg/wyJLRqhDIvoC +CWPGZrYsFilhHy9Cx7fOK7ZqLJK+dNbY5It7//TIZ364cTzUpYqfiv7lQ5Xp0c0h +9FiMCrFX4C3Su0UZfJjZ3KQTJfL0LnkwcvoT98RcNVPFT4Jgbe7thZPFHHZAAmag +5+2P9Xzz8OsNYUbGhDjd9Pq7gSiM4ZpJ2tc425qCZ2E84YqDYRtwZo3UIca7ktm0 +xckuoVQzxiIE/BhyL5+wL3NLTkgVjWh11XeiKn/h6BaOMj9QKTKc3RzLtqC57oVD +iMowJq80nQUUsU8I1GibfuLM+0ahcK8an5Lzdl0dS+43eKQLJWhpfBZNgFMfXDEe +o7eD8auY/MfkFWiUBpWGx7Grb/2a/z1q +-----END CERTIFICATE----- diff --git a/tests/keys/localhost.fp b/tests/keys/localhost.fp new file mode 100644 index 00000000..6de3a5bd --- /dev/null +++ b/tests/keys/localhost.fp @@ -0,0 +1 @@ +29:F3:66:76:EF:A0:CA:18:B5:B5:71:C6:14:45:80:04:4C:B2:89:C2 diff --git a/tests/keys/localhost.key b/tests/keys/localhost.key new file mode 100644 index 00000000..24f84196 --- /dev/null +++ b/tests/keys/localhost.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKQIBAAKCAgEA2EH42IZ9cCArjIkp0kRT2AKQFRXBOYRVghseMr8e5bFsMh5U +AcxIzUJYVmbvbN9waItDa/OpI1DaYIal59GUoYYTlyH8c8Op4Qpv9Cb5SdBPIyMo +4xZyQ0TOqGKU6IwcZHSFvqHmCK/PxpDuSOncQuZFZoFYnWsGLOigHd8QMB0a0QQg +OKr+Lb+xJFwWY55VgnzKcgnb9KaoXcq21ABme6+0VEYP7sL6WjLHP68JsAiSXVKb +CPdmxMp8ZgahJADtntBUvN57tCAaYcJaJGa8rFdl9pbbtITvGiTDrwPHzgV4Vh5R +Ndm6AIsW1wdD8zt6dmx9Q2N8aoUTzymIpdMOBdqqoIYpOpSFZiOe8fwCaJJvNRZg +In5i0BjvA7sh2OtXM+HymcJFcp58zbEkQmENtKDmVaSVruslB+8pe5GXKIqifIjm +EhgXDODA8+jP5Mo8tGW3LOY92Y2yEE3xRJc53dDm8b0lZIzak/+XlRS6xFEDZKsM +Sy53TTiadB4KHUgdsX6yu51IdAo/LFg51z9bNRXLL5E3nc3VUb0mQfrS3cODStiI +L7CKWpLYbnoxuCtI3gdOV2ZwZ5vMkwh0Wk1Iosm4jzzqSB5933Q52w+pIjyuM+sR +UDIvTrDs/X39tpbLJGUNAvcOjm68xGTZgYcrYSOZqUHq6rgxq2o5ZeiuhisCAwEA +AQKCAgEAqupZFigU8405XfT6DKjb6xj7bu6mrCKewhlUoJ7UeIzlCidWFaWy1Cbf +UkpAaDefy8BlJOiKgNLiBO/mJ3VIlvA0g3nk4El/9dAd80TqOSBdq1OaeP/AhtHW +0tY3AiPaPLqrCaNC/xKUkEbzTMUnw+fiacVImAGB+/ROt80YKi6WhyNPo/ngsZ+T +DT2KpGj7BApEpiSMpqsg3h/cp2k5lf+j8gb9iKKo4qjHONnKOkpMA13KEigWHOo7 +rxcGPEJPivj0P+FGu3Gz6BeGzsYzz7GzcFSCiAWYQ31S+vtt6rIADXAglwLhMpS7 +FG81kQMtInNT/PKf3kAXC9+zk/teVGYsqYvzQrtrxIMQlmrFK/GwlfMn7PqFLPPz +3Ex2JN6DX/2JPn3KX6kP8C3gnmPB/f4VrbbGbkVlClGHpsSz0lyBf7eWhDeXJsuQ +5r07NEVRhoL8UV/mwneEzrWLtegUbCBKO6dlhcUQ9VAzmCFTCGg2fdhKkDeXmjZJ +pJdIKnUm1lYXv9Ek7YJcDixSMWPRb1HSP8PBruIYTmjozR7bqrb7k9c+8cBuUZAE +En1LwauHm3YiYLdRRJQScGLW/NxczSJP165mvtKW87lgjo0vh0m9We/FQxvQYtYx +Hi3vnAjwVQqptzlelO8PqPzfl0kaBCMHfuX1hVG5fVa5dNUxTgECggEBAO6YBm0P +CiU1mulEuAklFYDuzvMsIGSwVPiFH/piHwuNLBkahv0SWj5gwTY8V2/1IAZLjTWA +gsbMlAnRWYIiIdDS8eTWqjWqIFzZuZ1ZD8X5yVqF1XEbYRE16HeR3aiQGP3/eIN6 +KxeaaG4LLJmom/h70yjiDnK/XeMk35C9cjPLH+7dgv4u41juejgWCtkSNpBQRF4D +Jzc2w2kr9O6HRIIpqVHjaqma9apsZFyfq+p5k/kY8WO9ToJhkrAQVXdBN/5ygpqn +emQcT+RbhXJirRj2PFPYIQWsijtCmfVZR9ngYK55tIic6jd6qyeXksBSe0Qi4bV3 +YltxJPalt46RUOsCggEBAOgIzCb/HGoZkMEjUXA/QEDJ2Ib472fgWYMj7ECbvQOr +l5sXKKkLA7f9FT+7FA+tmNqkDlaCD0dhkWtavb8PX86mGlKoFuWNX8y3lzjuIsTZ +vkg/dJ31cWW7w5ewss9gLzO0oC8Bz4m9EH90XcfceU6hW58vZQiLiunQJs4KxEeK +NBrnUijkZBNYpAIMXNkYNNpI/fOjPZK6jC/XomVvCcrCVoZfc5kc+T/bJ08QKjpR +oxITC0xLAp1EoDK2YbLFZe9eWz9cLp0SyUTC6fqE97GGU50ohhi+UihES53s9V43 +svQLy1yaQdU3bDDmBZZ2xiMZOA0/+fa0tRt38jV4T8ECggEAfJxBnuvf7JcWlQYi +6APKO1B+HVrKgEvn1PQSQ37DoBDXGzVTkxDmuPVnc6AIOpzXYPJMicjYhGOMXaRN +Dz4sUxgY5d+HfgegZ13/J0LAjjFrDDAhzbTy+T4ib3BrSAIaS24FzwUbRHSMXgzP ++mCpNRnWqt+FlECGFH/Jk5qd7pcD0ok2RPLQIj5K7sf0WnK8tJp3WnJjJN8hJ+ih +P4K+MQz5NZ+EsZgQ/jUmJYnvC8L7mXmBeQoB2u6C4hllyabyS54awBMARRDUWPvD +sn3+0a6oy1FxzbjTaSfbqNw8PnqFhBpkQ4VQfjE++qqbJn7tiiR9pXz4jbGGEJt0 +Rq12iQKCAQEAwR35VAeFjaTDfou3jxWFk6aq6QMstibaOTRfwBIeiXx6DKGEvNSm +/q3LzqQUeUwBaQ+bw1IyBzXkQxZd0DOqiKJkTCEMFXfJoOe4G7DPDUkwfo8ZrxIF +lCdnDcwJtmEWSBFwNE9sfPX3Uiz2lI4iBFh1mhJnI2qIbjtI4LnDTMtwvGeEUPZt +eFCRCAdkC2eDLZ4Mhod5irJqVLNCvOtimfeO7f1ph6i+pe/vUnVgv/MMJtHk2FWh +0mS4dBypSZHTWhsNFLnTLfXhv7H97PxX7s+erbF5kgRs+oiE6ua5/PWcolNiqSrV +2fBrwnLfebBXDgVCSnzRvQv/o+H7m5cLwQKCAQBSFkNRxHtBWyyeD34yXSCk99f3 +gZ7UKJGnfIytbVQdeGo6WfS+IJP8vzr8nVTD5RsLbc/FQ0ybdIjlyKfKd7YFrpZ5 +MsYcpzSTfWb8OjHW29t8BjECw7DGkatx9hXJEUAz7C7/G9dgWV7qEYfFNIsRmJNt +CKOMGy79bbwKu2/ylCHwTqUH+qsKzTbLUmzqOBj+4s5R211HFuHIvDjXkDtNe/Tc +dG6HVace5xHsXaB6J1zIh2t3lA4JHBnrlWaGzkjlSVNaGtvPX0tYX2NarIgcq7uw +WqfklFQxK9dL96Dl08G4wKixmveqUMdvFPKpDLcGSXqwEAG82XtH3wppCLJN +-----END RSA PRIVATE KEY----- diff --git a/tests/keys/localhost.pem b/tests/keys/localhost.pem new file mode 100644 index 00000000..86af6e0e --- /dev/null +++ b/tests/keys/localhost.pem @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFJDCCAwwCCQDEwoQengRnyzANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJO +WjEMMAoGA1UECAwDQUtMMREwDwYDVQQHDAhBdWNrbGFuZDERMA8GA1UECgwIcGFy +c2VwaHAxEDAOBgNVBAMMB3BhcnNlY2EwHhcNMjMwNTEyMjA0MjQ0WhcNMjYwMjA1 +MjA0MjQ0WjBVMQswCQYDVQQGEwJOWjEMMAoGA1UECAwDQUtMMREwDwYDVQQHDAhB +dWNrbGFuZDERMA8GA1UECgwIcGFyc2VwaHAxEjAQBgNVBAMMCWxvY2FsaG9zdDCC +AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANhB+NiGfXAgK4yJKdJEU9gC +kBUVwTmEVYIbHjK/HuWxbDIeVAHMSM1CWFZm72zfcGiLQ2vzqSNQ2mCGpefRlKGG +E5ch/HPDqeEKb/Qm+UnQTyMjKOMWckNEzqhilOiMHGR0hb6h5givz8aQ7kjp3ELm +RWaBWJ1rBizooB3fEDAdGtEEIDiq/i2/sSRcFmOeVYJ8ynIJ2/SmqF3KttQAZnuv +tFRGD+7C+loyxz+vCbAIkl1Smwj3ZsTKfGYGoSQA7Z7QVLzee7QgGmHCWiRmvKxX +ZfaW27SE7xokw68Dx84FeFYeUTXZugCLFtcHQ/M7enZsfUNjfGqFE88piKXTDgXa +qqCGKTqUhWYjnvH8AmiSbzUWYCJ+YtAY7wO7IdjrVzPh8pnCRXKefM2xJEJhDbSg +5lWkla7rJQfvKXuRlyiKonyI5hIYFwzgwPPoz+TKPLRltyzmPdmNshBN8USXOd3Q +5vG9JWSM2pP/l5UUusRRA2SrDEsud004mnQeCh1IHbF+srudSHQKPyxYOdc/WzUV +yy+RN53N1VG9JkH60t3Dg0rYiC+wilqS2G56MbgrSN4HTldmcGebzJMIdFpNSKLJ +uI886kgefd90OdsPqSI8rjPrEVAyL06w7P19/baWyyRlDQL3Do5uvMRk2YGHK2Ej +malB6uq4MatqOWXoroYrAgMBAAEwDQYJKoZIhvcNAQELBQADggIBAJnoVzVRxyQF +qUchsTRZZFfPXZI3n6Xn1wI/U5YIUyOODbTLn35c99G/sCbECFmciBZKXLvmiBn0 +tGYphpFFLT+qHtrYn4a29LFCsYDMlmfSJPQ0+V6FNpfqo2xPMDZ8sW+SVwx/PyNx +D/NyQ1+dZs5jKvVqyddU3e/jNG6hKIJF8rTfM5X2wp8RC55VGUeocWuPLCD9Ozmf +Xhv6J8Jv9LhkOl9BjudgpQ43so8mfa3InC/1SU/2kjSjc6hpWfyjErVz32Yf1QF0 +ceVgZJ4EoMVecZMFbo6b1cdlg3AoRvBEr0LpMwFWsEWicCPQjWg/wyJLRqhDIvoC +CWPGZrYsFilhHy9Cx7fOK7ZqLJK+dNbY5It7//TIZ364cTzUpYqfiv7lQ5Xp0c0h +9FiMCrFX4C3Su0UZfJjZ3KQTJfL0LnkwcvoT98RcNVPFT4Jgbe7thZPFHHZAAmag +5+2P9Xzz8OsNYUbGhDjd9Pq7gSiM4ZpJ2tc425qCZ2E84YqDYRtwZo3UIca7ktm0 +xckuoVQzxiIE/BhyL5+wL3NLTkgVjWh11XeiKn/h6BaOMj9QKTKc3RzLtqC57oVD +iMowJq80nQUUsU8I1GibfuLM+0ahcK8an5Lzdl0dS+43eKQLJWhpfBZNgFMfXDEe +o7eD8auY/MfkFWiUBpWGx7Grb/2a/z1q +-----END CERTIFICATE----- diff --git a/tests/keys/localhost.pubkey.der b/tests/keys/localhost.pubkey.der new file mode 100644 index 00000000..6b1e66c5 Binary files /dev/null and b/tests/keys/localhost.pubkey.der differ diff --git a/tests/keys/localhost.pubkey.pem b/tests/keys/localhost.pubkey.pem new file mode 100644 index 00000000..ceed701b --- /dev/null +++ b/tests/keys/localhost.pubkey.pem @@ -0,0 +1,14 @@ +-----BEGIN PUBLIC KEY----- +MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2EH42IZ9cCArjIkp0kRT +2AKQFRXBOYRVghseMr8e5bFsMh5UAcxIzUJYVmbvbN9waItDa/OpI1DaYIal59GU +oYYTlyH8c8Op4Qpv9Cb5SdBPIyMo4xZyQ0TOqGKU6IwcZHSFvqHmCK/PxpDuSOnc +QuZFZoFYnWsGLOigHd8QMB0a0QQgOKr+Lb+xJFwWY55VgnzKcgnb9KaoXcq21ABm +e6+0VEYP7sL6WjLHP68JsAiSXVKbCPdmxMp8ZgahJADtntBUvN57tCAaYcJaJGa8 +rFdl9pbbtITvGiTDrwPHzgV4Vh5RNdm6AIsW1wdD8zt6dmx9Q2N8aoUTzymIpdMO +BdqqoIYpOpSFZiOe8fwCaJJvNRZgIn5i0BjvA7sh2OtXM+HymcJFcp58zbEkQmEN +tKDmVaSVruslB+8pe5GXKIqifIjmEhgXDODA8+jP5Mo8tGW3LOY92Y2yEE3xRJc5 +3dDm8b0lZIzak/+XlRS6xFEDZKsMSy53TTiadB4KHUgdsX6yu51IdAo/LFg51z9b +NRXLL5E3nc3VUb0mQfrS3cODStiIL7CKWpLYbnoxuCtI3gdOV2ZwZ5vMkwh0Wk1I +osm4jzzqSB5933Q52w+pIjyuM+sRUDIvTrDs/X39tpbLJGUNAvcOjm68xGTZgYcr +YSOZqUHq6rgxq2o5ZeiuhisCAwEAAQ== +-----END PUBLIC KEY----- diff --git a/tests/keys/parseca.crt b/tests/keys/parseca.crt new file mode 100644 index 00000000..ba017aa8 --- /dev/null +++ b/tests/keys/parseca.crt @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFIjCCAwoCCQDSW4/JivGcBDANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJO +WjEMMAoGA1UECAwDQUtMMREwDwYDVQQHDAhBdWNrbGFuZDERMA8GA1UECgwIcGFy +c2VwaHAxEDAOBgNVBAMMB3BhcnNlY2EwHhcNMjMwNTEyMjA0MjQzWhcNMjYwMzAx +MjA0MjQzWjBTMQswCQYDVQQGEwJOWjEMMAoGA1UECAwDQUtMMREwDwYDVQQHDAhB +dWNrbGFuZDERMA8GA1UECgwIcGFyc2VwaHAxEDAOBgNVBAMMB3BhcnNlY2EwggIi +MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDWBtWQ37CZfah2JMbiW2m8CuW8 +BSVJhVZzHY70kmBzGdIOK2uv89/Edf0YLkY3I3OL/19KBl8vNcg7g9wEwAx6u02b +7foX/OukoPYrT6iNIKwpa9OVzYe8+RwVlSkoX0bQ6IGqFCRbDFmrXRItElyvaX9/ +fql1RRVjlA4AeCy8MFPW+OUtRsgCUaDTWUr2kTvn82YPcKtgCKaVlkxZ7aYYsYwj +xV6AHBb5/HPTadi1hEsSMe3DAm51cNCpcSMWakzFRddOc9na13D3RskBuGm8GAec +zSx38t7OLnTCKtI6PPxp0GWYrQSNtamvZM3i6fHMWHIyV6/siWWiJJipFmswjxWe +Hp9mmc1UFrmcJG/mVmvOsJPqjHkRwm6Vxi1b86RizbQ6mw6e+cQGn35WmcwzEf/V +uM3P382UXAaEjOB21ib9VsBPoJnwTollqDVOr6wLMn92sPTsNpLRPC9+mSDxemfj +z7JC5U0w2OgS3dOs82UkNNuDmnE1VuCcG0bdFpk1vOEk1weo47UJ4QnopxILAbER +c1eeoXZUhv1pAs3LbOR229DkCzijhWQgd+BoDUF3p/2M/528/a3W/vIcZMc9dx5B +qzG5VLhRSPkxs9K5YGYN7G+7OcdhyKNY9LklbOfUitGhdufXAO62b6XRtrE0dfNh +O1Z6yZHKGib5P+0TNQIDAQABMA0GCSqGSIb3DQEBCwUAA4ICAQBBeMaiptQT8teD +Q63CW7eYc6skvq8qOfB51sqr2NPcxMdLr/6yjtc5Ln2y23YWTB6JpWST0CeRpew3 +TRAjf264xd6EHDiiYqYhsrvQEnyHOtY43UEXeyE6tEP+8djgqvydAx9G+ok9L+IE +WlzeS5hegUaHcSQCRs5RdSKL9OvN/u7LNqDlcxTrz/cicNyjA5pQCAlbD/3cs/8+ +tmKMYN+iriAm/xKxzVfJsH6qvZZny/mi/8CG+DWqosQAX/GhWHp32l/C30HvAcDf +FF6r20h58PEfCHK2mQwPRzh2iNlKnCVYYcl5clYx7qPtpwKJyo7X/qeRkNOtnhtL +KahXHhBfeixYNiNMBK2lUgZ1QD3/0ARJZIYsjo/bLu9uECXrqxXC/HC/YzqgJj+H +AtPMCFTVxMDlPyMh6tFxgB6CV9SJ+/PKeXjvIaHKeHoSQtpKrgWk5ooh/Xxl2k1Y +4xGmvZQo1Rp0iIQSZ43sT8QQPw/BJSktxamhhn8ctk5sfOR9ctPk17Tru2tEMV2T +xAtmduoluSlxDodnAoUi6zCB4nxYhHhCuD3lDuUnmIbYxGwQCbPiiLWGDl3/6XKP +Fn76bLcFV3yqzwDtSwmIv7yxgF8WdA3F47BOXPqm7SxMtLYNEje65RgnwVHjq6ax +jTTWuHUVY9pjF76qCHv3PcjIyAdgvQ== +-----END CERTIFICATE----- diff --git a/tests/keys/parseca.fp b/tests/keys/parseca.fp new file mode 100644 index 00000000..f1678962 --- /dev/null +++ b/tests/keys/parseca.fp @@ -0,0 +1 @@ +AF:05:D0:A9:7C:97:BA:64:A0:E2:88:05:D8:9B:07:9C:4C:55:DD:60 diff --git a/tests/keys/parseca.key b/tests/keys/parseca.key new file mode 100644 index 00000000..df14941d --- /dev/null +++ b/tests/keys/parseca.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKQIBAAKCAgEA1gbVkN+wmX2odiTG4ltpvArlvAUlSYVWcx2O9JJgcxnSDitr +r/PfxHX9GC5GNyNzi/9fSgZfLzXIO4PcBMAMertNm+36F/zrpKD2K0+ojSCsKWvT +lc2HvPkcFZUpKF9G0OiBqhQkWwxZq10SLRJcr2l/f36pdUUVY5QOAHgsvDBT1vjl +LUbIAlGg01lK9pE75/NmD3CrYAimlZZMWe2mGLGMI8VegBwW+fxz02nYtYRLEjHt +wwJudXDQqXEjFmpMxUXXTnPZ2tdw90bJAbhpvBgHnM0sd/Lezi50wirSOjz8adBl +mK0EjbWpr2TN4unxzFhyMlev7IlloiSYqRZrMI8Vnh6fZpnNVBa5nCRv5lZrzrCT +6ox5EcJulcYtW/OkYs20OpsOnvnEBp9+VpnMMxH/1bjNz9/NlFwGhIzgdtYm/VbA +T6CZ8E6JZag1Tq+sCzJ/drD07DaS0Twvfpkg8Xpn48+yQuVNMNjoEt3TrPNlJDTb +g5pxNVbgnBtG3RaZNbzhJNcHqOO1CeEJ6KcSCwGxEXNXnqF2VIb9aQLNy2zkdtvQ +5As4o4VkIHfgaA1Bd6f9jP+dvP2t1v7yHGTHPXceQasxuVS4UUj5MbPSuWBmDexv +uznHYcijWPS5JWzn1IrRoXbn1wDutm+l0baxNHXzYTtWesmRyhom+T/tEzUCAwEA +AQKCAgEArIM7t5emSEIx/HCuYpveQTTjckcPhBBW21jy9o3Z8kzYtJUpKt0++6ND +Cy+ZZy5LH4gK7abvKCWIrPge6zFFndPFva73TEiQQ9V+NvDxYjf4rTZ9iJzvEVIV +4gul7iXF9fPDOC0eFMmCqY7ObMgFL1qw6zpUKvMxR196XcSAAnxNx9Q9Hd6UrtHO ++SxbMR1llRPqqv1dFX5DkAViq4XTwMmztM2M22RI3N0xGzKQ+9aTkCnwhKQ8FquF +dV59Mr8h/EzMPC9DZZMMOjSzJpDXoUYZNLloY5K/Jp/peux7IXgw2LWiforPRc4s +5PQyw/lf7h9IhO2LHvSsmCI5bulkIXmE0WxAObJt9hgC/cLtc5KMx5WDHoSbgwBX +PbmeUgRkpOALC6D1EwaVyf0pnFikEVXDzW740IKD21xQDHO+p6TQVdYlZjIX36u6 +oPg6lupxrKgENagVROEBoj12M+aIMbJMZ3HQciSl+rDlsmHehPAFBq80vZbArhCO +1Rx2V94djn4M9943MOJazCL6iDlVDYpNb5Et4GeldRJt1e3qWwokCwvAlXL0CEdh +dW3sTCbATLXainpGBySRMzSZYKtthqzDl5sM726q7Q5/B6Hbsi6gA5j2c1qTxeM3 +UjmLXObmIIAYPmqonM0Rn4bhMuHKQDjPUWqL2/z+wPqEsgYhh00CggEBAOyR1jg0 +m3f4g2yJmTfpmyM3F7JkoRnnclg8R1Cc0FCMv8fcmxO6DYrm9tDVYXt361qyzD8l +QOaM8WbHDD7mIMRjXO4t/zdcD8A1bP8rF1GJZd11KBjYjUCKBtduUM+KOca1FjY9 +qd4UyKx8N/eLQW5bkrpWBfRRJX9PcR56n7RDRge4MqTOSeZojlzjTSazerp4nN9L +qP/6LeJLsDaLmghYmLhur7fcGysOc+1dq5ZJKXjjPwOIxRMShRe33W/qlMPEZSIJ +d6mw1+ySWmW0YaoPI5RGOSPcZ6Yooa1k1IwKvBqbQRtGXKFQDBNPGziDZXZJF5lJ +IO9CPrFvx/8DVe8CggEBAOebAQvHNKtX9wq6ZADRxBGf/UuQtbBCvQLf4xK8bfIj +4v08X0hdf+zosxNdymXpCLigzC/B9vimWBpZL1nesk3+IueEL5DqyRj06PChRXXU +kYDJl7KSRiqoGSTJn781LpsOGgwKEG2dahfcpNoiS8PLtAfjOhEAdzITM9cNsNoh +pxggaY6VH5z4+vFqJJiR5l+3180TFJ/fMaPQCvEn9LTT9DL2CBeDdgDRLhjl3pdj +hm7X7fpLypZOOlPWZ0XcN60kSjYtm/WZwzNGyuUEgeRWroSt07W5qPYHcnkbSKcy +3cJ0GFHdlUV7cz4XEueqUlq49Lk8KGIxvZmHKzsILRsCggEAG1F7+2GX0nLQOmhp +WRuQ3rAt/FvCfstLWQUc9yIkrCiUvO+suMpzZebl+ZeqeieO9hpPm7shk34TIls5 +/sl0XzlaMeb94davuvJwc8b2GmRTbw9oYfYf2aQWxinnCxBbO6cNuZXFV+/ufHyb +uepK1AOfHgVxCpWUTu9NkMd4Sci6/Yk3z/BCeGj6h593+VAgjAgBlYeXLHgndEpp +PuNAFlakzCd8Ay9Xs9EncfGvLtuj/mG/lRjmKR2qYOLKn3HnW/QB+bw+JUpWpOsB +pVz/KjQ1V5oEXy/EiFuI0A0kvkc/EZN8ITou2DH2MwSfkBccUFyAbSMUuoxb0QGn +hrtL4QKCAQAsUcgQde1JQIsAnYxXb8yiRshUtnteIFdE/ozYYAB2DpH4PZ5KHcJG +Fn12HkOF3uMRWYvZM7fL+yDu4dQi0W+zZwdM4Emt5I/Y27zblzDQjH3PdEQ4Iq+U +qBgvpvmPwGCLwVYQqbhdEXtk148gQuHWtNtdiwjoiftFNNF9vJv0Ee6EumcYpsam +5io3GkWogHriJC8Cij0vHqnEHCKL5UZ5d/nJ6rS/syNYoq68ivheZegqu91JQUmi +G5QjyOp4PtzUoBYnafDnPaZR4KEg1Az7Ie9BanYR11ZSxjgMnsD3Zc9zz3175PgU +lLwHzKiMdlZOEAicjbt4luYeQ/Rs1nKzAoIBAQDoivPy96Zlci8WhdfX5GYVi4iq ++xmQKbVetIWza58zEd1dIMhliugk1WNH3ROwVAtZm7KdTtJiBdhzbXXtXlpJjP3e +avre816C6VtSEhp7tlHyKvitWLRIo4aLiWpoFnNgNcNz+q84KWeyPUFW7+So990G +n9Bl6Zp6smcCkSYAuRJMjZJin7j5n6dNS2HIvTwVizRmMK7HGLQtbYwSpL57H/7t +pTozvA9KzpLEvNPcFDG5p3l9wijLxUS3C4vY/FWhqDlHW9vvoSNFwOTdY6QlFfcf +WEU8P0UZM09d/ZfE0nGwuRK0gl41dmhLrt90SDgV62BuAoJ2S1m3ggSmrqyn +-----END RSA PRIVATE KEY----- diff --git a/tests/keys/parseca.pem b/tests/keys/parseca.pem new file mode 100644 index 00000000..ba017aa8 --- /dev/null +++ b/tests/keys/parseca.pem @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFIjCCAwoCCQDSW4/JivGcBDANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJO +WjEMMAoGA1UECAwDQUtMMREwDwYDVQQHDAhBdWNrbGFuZDERMA8GA1UECgwIcGFy +c2VwaHAxEDAOBgNVBAMMB3BhcnNlY2EwHhcNMjMwNTEyMjA0MjQzWhcNMjYwMzAx +MjA0MjQzWjBTMQswCQYDVQQGEwJOWjEMMAoGA1UECAwDQUtMMREwDwYDVQQHDAhB +dWNrbGFuZDERMA8GA1UECgwIcGFyc2VwaHAxEDAOBgNVBAMMB3BhcnNlY2EwggIi +MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDWBtWQ37CZfah2JMbiW2m8CuW8 +BSVJhVZzHY70kmBzGdIOK2uv89/Edf0YLkY3I3OL/19KBl8vNcg7g9wEwAx6u02b +7foX/OukoPYrT6iNIKwpa9OVzYe8+RwVlSkoX0bQ6IGqFCRbDFmrXRItElyvaX9/ +fql1RRVjlA4AeCy8MFPW+OUtRsgCUaDTWUr2kTvn82YPcKtgCKaVlkxZ7aYYsYwj +xV6AHBb5/HPTadi1hEsSMe3DAm51cNCpcSMWakzFRddOc9na13D3RskBuGm8GAec +zSx38t7OLnTCKtI6PPxp0GWYrQSNtamvZM3i6fHMWHIyV6/siWWiJJipFmswjxWe +Hp9mmc1UFrmcJG/mVmvOsJPqjHkRwm6Vxi1b86RizbQ6mw6e+cQGn35WmcwzEf/V +uM3P382UXAaEjOB21ib9VsBPoJnwTollqDVOr6wLMn92sPTsNpLRPC9+mSDxemfj +z7JC5U0w2OgS3dOs82UkNNuDmnE1VuCcG0bdFpk1vOEk1weo47UJ4QnopxILAbER +c1eeoXZUhv1pAs3LbOR229DkCzijhWQgd+BoDUF3p/2M/528/a3W/vIcZMc9dx5B +qzG5VLhRSPkxs9K5YGYN7G+7OcdhyKNY9LklbOfUitGhdufXAO62b6XRtrE0dfNh +O1Z6yZHKGib5P+0TNQIDAQABMA0GCSqGSIb3DQEBCwUAA4ICAQBBeMaiptQT8teD +Q63CW7eYc6skvq8qOfB51sqr2NPcxMdLr/6yjtc5Ln2y23YWTB6JpWST0CeRpew3 +TRAjf264xd6EHDiiYqYhsrvQEnyHOtY43UEXeyE6tEP+8djgqvydAx9G+ok9L+IE +WlzeS5hegUaHcSQCRs5RdSKL9OvN/u7LNqDlcxTrz/cicNyjA5pQCAlbD/3cs/8+ +tmKMYN+iriAm/xKxzVfJsH6qvZZny/mi/8CG+DWqosQAX/GhWHp32l/C30HvAcDf +FF6r20h58PEfCHK2mQwPRzh2iNlKnCVYYcl5clYx7qPtpwKJyo7X/qeRkNOtnhtL +KahXHhBfeixYNiNMBK2lUgZ1QD3/0ARJZIYsjo/bLu9uECXrqxXC/HC/YzqgJj+H +AtPMCFTVxMDlPyMh6tFxgB6CV9SJ+/PKeXjvIaHKeHoSQtpKrgWk5ooh/Xxl2k1Y +4xGmvZQo1Rp0iIQSZ43sT8QQPw/BJSktxamhhn8ctk5sfOR9ctPk17Tru2tEMV2T +xAtmduoluSlxDodnAoUi6zCB4nxYhHhCuD3lDuUnmIbYxGwQCbPiiLWGDl3/6XKP +Fn76bLcFV3yqzwDtSwmIv7yxgF8WdA3F47BOXPqm7SxMtLYNEje65RgnwVHjq6ax +jTTWuHUVY9pjF76qCHv3PcjIyAdgvQ== +-----END CERTIFICATE----- diff --git a/tests/keys/parseca.srl b/tests/keys/parseca.srl new file mode 100644 index 00000000..521cec7f --- /dev/null +++ b/tests/keys/parseca.srl @@ -0,0 +1 @@ +C4C2841E9E0467CC diff --git a/tests/server.js b/tests/server.js index 456b4d44..a1e75205 100644 --- a/tests/server.js +++ b/tests/server.js @@ -1,6 +1,8 @@ import express from 'express'; import { ParseServer } from 'parse-server'; import path from 'path'; +import fs from 'fs'; +import https from 'https'; import emailAdapter from './MockEmailAdapter.js'; const app = express(); const __dirname = path.resolve(); @@ -53,5 +55,99 @@ app.use('/parse', server.app); const port = 1337; app.listen(port, function() { - console.error('[ parse-server-test running on port ' + port + ' ]'); + console.error('[ Parse Test Http Server running on port ' + port + ' ]'); +}); + +const options = { + port: process.env.PORT || 1338, + server_key: process.env.SERVER_KEY || __dirname + '/tests/keys/localhost.key', + server_crt: process.env.SERVER_CRT || __dirname + '/tests/keys/localhost.crt', + server_fp: process.env.SERVER_FP || __dirname + '/tests/keys/localhost.fp', + client_key: process.env.CLIENT_KEY || __dirname + '/tests/keys/client.key', + client_crt: process.env.CLIENT_CRT || __dirname + '/tests/keys/client.crt', + client_fp: process.env.CLIENT_FP || __dirname + '/tests/keys/client.fp', + ca: process.env.TLS_CA || __dirname + '/tests/keys/parseca.crt' +} + +// Load fingerprints +const clientFingerprints = [fs.readFileSync(options.server_fp).toString().replace('\n', '')]; + +// Configure server +const serverOptions = { + key: fs.readFileSync(options.server_key), + cert: fs.readFileSync(options.server_crt), + ca: fs.readFileSync(options.ca), + requestCert: true, + rejectUnauthorized: true +} + +function onRequest(req) { + console.log( + new Date(), + req.connection.remoteAddress, + req.socket.getPeerCertificate().subject.CN, + req.method, + req.baseUrl, + ); +} + +// Create TLS enabled server +const httpsServer = https.createServer(serverOptions, app); +httpsServer.on('request', onRequest); + +// Start Server +httpsServer.listen(options.port, function() { + console.error('[ Parse Test Https Server running on port ' + options.port + ' ]'); +}); + +// Create TLS request +const requestOptions = { + hostname: 'localhost', + port: options.port, + path: '/parse/health', + method: 'GET', + key: fs.readFileSync(options.client_key), + cert: fs.readFileSync(options.client_crt), + ca: fs.readFileSync(options.ca), + requestCert: true, + rejectUnauthorized: true, + maxCachedSessions: 0, + headers: { + 'Content-Type': 'application/json', + 'X-Parse-Application-Id': 'app-id-here', + 'X-Parse-Master-Key': 'master-key-here', + 'X-Parse-REST-API-Key': 'rest-api-key-here', + } +}; + +// Create agent (required for custom trust list) +requestOptions.agent = new https.Agent(requestOptions); + +const req = https.request(requestOptions, (res) => { + console.log('statusCode:', res.statusCode); +}); +req.end(); + +// Pin server certs +req.on('socket', socket => { + socket.on('secureConnect', () => { + const fingerprint = socket.getPeerCertificate().fingerprint; + + // Check if certificate is valid + if (socket.authorized === false) { + req.emit('error', new Error(socket.authorizationError)); + return req.destroy(); + } + + // Check if fingerprint matches + if (clientFingerprints.indexOf(fingerprint) === -1) { + req.emit('error', new Error('Fingerprint does not match')); + return req.destroy(); + } + }); +}); + +req.on('error', (e) => { + console.error(e); + process.exit(0); });