diff options
author | DongHun Kwak <dh0128.kwak@samsung.com> | 2021-03-05 10:08:20 +0900 |
---|---|---|
committer | DongHun Kwak <dh0128.kwak@samsung.com> | 2021-03-05 10:08:20 +0900 |
commit | afd456999b076e5e6505dd5ca6942a5e7471c70c (patch) | |
tree | 9ee11bda8c1d6ada1938b0324ed01a2d99e99178 /tests | |
parent | 429760a22c7e2ff8a2de69744b04aa4b2f202119 (diff) | |
download | wget-afd456999b076e5e6505dd5ca6942a5e7471c70c.tar.gz wget-afd456999b076e5e6505dd5ca6942a5e7471c70c.tar.bz2 wget-afd456999b076e5e6505dd5ca6942a5e7471c70c.zip |
Imported Upstream version 1.19.2upstream/1.19.2
Diffstat (limited to 'tests')
47 files changed, 2815 insertions, 42 deletions
diff --git a/tests/FTPServer.pm b/tests/FTPServer.pm index a5185d6..cac8094 100644 --- a/tests/FTPServer.pm +++ b/tests/FTPServer.pm @@ -589,7 +589,7 @@ sub new foreach my $file (keys %{$self->{_input}}) { my $ref = \$self->{_input}{$file}{content}; - $$ref =~ s/{{port}}/$self->sockport/eg; + $$ref =~ s/\Q{{port}}/$self->sockport/eg; } return $self; diff --git a/tests/FTPTest.pm b/tests/FTPTest.pm index 50385ad..0a1c768 100644 --- a/tests/FTPTest.pm +++ b/tests/FTPTest.pm @@ -53,7 +53,7 @@ sub _substitute_port { my $self = shift; my $ret = shift; - $ret =~ s/{{port}}/$self->{_server}->sockport/eg; + $ret =~ s/\Q{{port}}/$self->{_server}->sockport/eg; return $ret; } diff --git a/tests/HTTPServer.pm b/tests/HTTPServer.pm index dd8ec04..78609f6 100644 --- a/tests/HTTPServer.pm +++ b/tests/HTTPServer.pm @@ -310,7 +310,7 @@ sub _substitute_port { my $self = shift; my $ret = shift; - $ret =~ s/{{port}}/$self->sockport/eg; + $ret =~ s/\Q{{port}}/$self->sockport/eg; return $ret; } diff --git a/tests/HTTPTest.pm b/tests/HTTPTest.pm index 00f079f..6225c7f 100644 --- a/tests/HTTPTest.pm +++ b/tests/HTTPTest.pm @@ -47,7 +47,7 @@ sub _substitute_port { my $self = shift; my $ret = shift; - $ret =~ s/{{port}}/$self->{_server}->sockport/eg; + $ret =~ s/\Q{{port}}/$self->{_server}->sockport/eg; return $ret; } diff --git a/tests/Makefile.am b/tests/Makefile.am index c27c4ce..29c113a 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -128,10 +128,19 @@ PX_TESTS = \ Test--start-pos--continue.px \ Test--httpsonly-r.px \ Test-204.px \ - Test-ftp-pasv-not-supported.px + Test-ftp-pasv-not-supported.px \ + Test-https-pfs.px \ + Test-https-tlsv1.px \ + Test-https-tlsv1x.px \ + Test-https-selfsigned.px \ + Test-https-weboftrust.px \ + Test-https-clientcert.px \ + Test-https-crl.px \ + Test-https-badcerts.px EXTRA_DIST = FTPServer.pm FTPTest.pm HTTPServer.pm HTTPTest.pm \ - WgetTests.pm WgetFeature.pm WgetFeature.cfg $(PX_TESTS) \ + SSLTest.pm SSLServer.pm \ + WgetTests.pm WgetFeature.pm $(PX_TESTS) \ certs valgrind-suppressions valgrind-suppressions-ssl check_PROGRAMS = unit-tests diff --git a/tests/Makefile.in b/tests/Makefile.in index d7ef010..3a3cd17 100644 --- a/tests/Makefile.in +++ b/tests/Makefile.in @@ -1,7 +1,7 @@ -# Makefile.in generated by automake 1.15 from Makefile.am. +# Makefile.in generated by automake 1.15.1 from Makefile.am. # @configure_input@ -# Copyright (C) 1994-2014 Free Software Foundation, Inc. +# Copyright (C) 1994-2017 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, @@ -146,13 +146,14 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/00gnulib.m4 \ $(top_srcdir)/m4/ftell.m4 $(top_srcdir)/m4/ftello.m4 \ $(top_srcdir)/m4/futimens.m4 $(top_srcdir)/m4/getaddrinfo.m4 \ $(top_srcdir)/m4/getdelim.m4 $(top_srcdir)/m4/getdtablesize.m4 \ - $(top_srcdir)/m4/getline.m4 $(top_srcdir)/m4/getopt.m4 \ - $(top_srcdir)/m4/getpass.m4 $(top_srcdir)/m4/getprogname.m4 \ - $(top_srcdir)/m4/gettext.m4 $(top_srcdir)/m4/gettime.m4 \ - $(top_srcdir)/m4/gettimeofday.m4 \ + $(top_srcdir)/m4/getgroups.m4 $(top_srcdir)/m4/getline.m4 \ + $(top_srcdir)/m4/getopt.m4 $(top_srcdir)/m4/getpass.m4 \ + $(top_srcdir)/m4/getprogname.m4 $(top_srcdir)/m4/gettext.m4 \ + $(top_srcdir)/m4/gettime.m4 $(top_srcdir)/m4/gettimeofday.m4 \ $(top_srcdir)/m4/gl-openssl.m4 $(top_srcdir)/m4/glibc21.m4 \ $(top_srcdir)/m4/gnulib-common.m4 \ $(top_srcdir)/m4/gnulib-comp.m4 \ + $(top_srcdir)/m4/group-member.m4 \ $(top_srcdir)/m4/hard-locale.m4 $(top_srcdir)/m4/hostent.m4 \ $(top_srcdir)/m4/iconv.m4 $(top_srcdir)/m4/iconv_h.m4 \ $(top_srcdir)/m4/include_next.m4 $(top_srcdir)/m4/inet_ntop.m4 \ @@ -849,6 +850,9 @@ GNULIB_WRITE = @GNULIB_WRITE@ GNULIB__EXIT = @GNULIB__EXIT@ GNUTLS_CFLAGS = @GNUTLS_CFLAGS@ GNUTLS_LIBS = @GNUTLS_LIBS@ +GPGME_CFLAGS = @GPGME_CFLAGS@ +GPGME_CONFIG = @GPGME_CONFIG@ +GPGME_LIBS = @GPGME_LIBS@ GREP = @GREP@ HAVE_ACCEPT4 = @HAVE_ACCEPT4@ HAVE_ARPA_INET_H = @HAVE_ARPA_INET_H@ @@ -1611,10 +1615,19 @@ PX_TESTS = \ Test--start-pos--continue.px \ Test--httpsonly-r.px \ Test-204.px \ - Test-ftp-pasv-not-supported.px + Test-ftp-pasv-not-supported.px \ + Test-https-pfs.px \ + Test-https-tlsv1.px \ + Test-https-tlsv1x.px \ + Test-https-selfsigned.px \ + Test-https-weboftrust.px \ + Test-https-clientcert.px \ + Test-https-crl.px \ + Test-https-badcerts.px EXTRA_DIST = FTPServer.pm FTPTest.pm HTTPServer.pm HTTPTest.pm \ - WgetTests.pm WgetFeature.pm WgetFeature.cfg $(PX_TESTS) \ + SSLTest.pm SSLServer.pm \ + WgetTests.pm WgetFeature.pm $(PX_TESTS) \ certs valgrind-suppressions valgrind-suppressions-ssl unit_tests_SOURCES = diff --git a/tests/SSLServer.pm b/tests/SSLServer.pm new file mode 100644 index 0000000..37a8bfa --- /dev/null +++ b/tests/SSLServer.pm @@ -0,0 +1,236 @@ +package SSLServer; + +# This is only HTTPS server for now. +# But it is named SSLServer to easily distinguish from HTTPServer + +use strict; +use warnings; +use lib '.'; + +use HTTP::Daemon; +use HTTP::Status; +use HTTP::Headers; +use HTTP::Response; + +# Skip this test rather than fail it when the module isn't installed +if (!eval {require IO::Socket::SSL;1;}) { + print STDERR "This test needs the perl module \"IO::Socket::SSL\".\n"; + print STDERR "Install e.g. on Debian with 'apt-get install libio-socket-ssl-perl'\n"; + print STDERR " or if using cpanminus 'cpanm IO::Socket::SSL' could be used to install it.\n"; + exit 77; # skip +} + +#use IO::Socket::SSLX; # 'debug4'; +use HTTPServer; + +our @ISA = qw(IO::Socket::SSL HTTP::Daemon::ClientConn HTTP::Daemon HTTPServer); + +my $VERSION = 0.01; + +my $CRLF = "\015\012"; # "\r\n" is not portable + +# Config options for server +my $log = undef; +my $DEBUG = undef; + +my %ssl_params; + +my $sslsock; +my $plaincon; +my %args; + +#$HTTP::Daemon::DEBUG=5; +#*DEBUG = \$HTTP::Daemon::DEBUG; + +$args{SSL_error_trap} ||= \&ssl_error; + +my $class = 'SSLServer'; +my $self = {}; +$self = bless $self, $class; + +sub init +{ + my $self = shift; + my %sargs = @_; + + %ssl_params = %sargs; + unless (exists($ssl_params{'lhostname'}) && + exists($ssl_params{'sslport'}) && + exists($ssl_params{'ciphers'}) && + exists($ssl_params{'cafile'}) && + exists($ssl_params{'certfile'}) && + exists($ssl_params{'keyfile'})) { + die "Required parameters for SSL tests are missing"; + } +} + +sub ssl_setup_conn +{ + $sslsock = IO::Socket::SSL->new(LocalAddr => $ssl_params{'lhostname'}, + LocalPort => $ssl_params{'sslport'}, + Listen => 10, + Timeout => 30, + ReuseAddr => 1, + SSL_cipher_list => $ssl_params{'ciphers'}, + SSL_verify_mode => 0x00, + SSL_ca_file => $ssl_params{'cafile'}, + SSL_cert_file => $ssl_params{'certfile'}, + SSL_key_file => $ssl_params{'keyfile'}); + + $sslsock || warn $IO::Socket::SSL::ERROR; + return $sslsock; +} + +sub fileno +{ + my $self = shift; + my $fn = ${*$self}{'_SSL_fileno'}; + return defined($fn) ? $fn : $self->SUPER::fileno(); +} + +sub accept +{ + my $self = shift; + my $pkg = shift || "SSLServer"; + my ($sock, $peer) = $sslsock->accept($pkg); + if ($sock) { + ${*$sock}{'httpd_daemon'} = $self; + ${*$self}{'httpd_daemon'} = $sock; + my $fileno = ${*$self}{'_SSL_fileno'} = &fileno($self); + my $f = $sock->fileno; + return wantarray ? ($sock, $peer) : $sock; + } + else { + print STDERR "Failed to get socket from SSL\n" if $DEBUG; + return; + } + +} + +sub _default_port { 443; } +sub _default_scheme { "https"; } + +sub url +{ + my $self = shift; + my $url = $self->SUPER::url; + return $url if ($self->can("HTTP::Daemon::_default_port")); + + # Workaround for old versions of HTTP::Daemon + $url =~ s!^http:!https:!; + $url =~ s!/$!:80/! unless ($url =~ m!:(?:\d+)/$!); + $url =~ s!:443/$!/!; + return $url; +} + +sub _need_more +{ + my $self = shift; + if ($_[1]) { + my($timeout, $fdset) = @_[1,2]; + print STDERR "select(,,,$timeout)\n" if $DEBUG; + my $n = select($fdset,undef,undef,$timeout); + unless ($n) { + $self->reason(defined($n) ? "Timeout" : "select: $!"); + return; + } + } + my $total = 0; + while (1){ + print STDERR sprintf("sysread() already %d\n",$total) if $DEBUG; + my $n = sysread(${*$self}{'httpd_daemon'}, $_[0], 2048, length($_[0])); + print STDERR sprintf("sysread() just \$n=%s\n",(defined $n?$n:'undef')) if $DEBUG; + $total += $n if defined $n; + last if $! =~ 'Resource temporarily unavailable'; + #SSL_Error because of aggressive reading + + $self->reason(defined($n) ? "Client closed" : "sysread: $!") unless $n; + last unless $n; + last unless $n == 2048; + } + $total; +} + +sub daemon +{ + my $self = shift; + ${*$self}{'httpd_daemon'}; +} + +sub conn +{ + my $self = shift; + ${*$self}{'sslcon'}; +} + +sub run +{ + my ($self, $urls, $synch_callback) = @_; + my $initialized = 0; + my $sslsock; + + while (1) + { + if (!$initialized) + { + $sslsock = $self->ssl_setup_conn(); + $sslsock || warn "Failed to get ssl sock"; + + $initialized = 1; + open (LOGFILE, '>', "/tmp/wgetserver.log"); + LOGFILE->autoflush(1); + print LOGFILE "Starting logging"; + $synch_callback->() if $synch_callback; + } + + my $con = $self->accept(); + ${*$self}{'sslcon'} = $con; + + while (my $req = $self->get_request) + { + #my $url_path = $req->url->path; + my $url_path = $req->url->as_string; + if ($url_path =~ m{/$}) + { # append 'index.html' + $url_path .= 'index.html'; + } + + #if ($url_path =~ m{^/}) { # remove trailing '/' + # $url_path = substr ($url_path, 1); + #} + if ($log) + { + print LOGFILE "Method: ", $req->method, "\n"; + print LOGFILE "Path: ", $url_path, "\n"; + print LOGFILE "Available URLs: ", "\n"; + foreach my $key (keys %$urls) + { + print LOGFILE $key, "\n"; + } + } + if (exists($urls->{$url_path})) + { + print LOGFILE "Serving requested URL: ", $url_path, "\n" if $log; + next unless ($req->method eq "HEAD" || $req->method eq "GET"); + + my $url_rec = $urls->{$url_path}; + HTTPServer::send_response($self, $req, $url_rec, $con); + last; + } + else + { + print LOGFILE "Requested wrong URL: ", $url_path, "\n" if $log; + $con->send_error($HTTP::Status::RC_FORBIDDEN); + last; + } + last; + } + print LOGFILE "Closing connection\n" if $log; + close(LOGFILE); + $con->close(); + } +} + +1; + +# vim: et ts=4 sw=4 diff --git a/tests/SSLTest.pm b/tests/SSLTest.pm new file mode 100644 index 0000000..28ff9dc --- /dev/null +++ b/tests/SSLTest.pm @@ -0,0 +1,73 @@ +package SSLTest; + +use strict; +use warnings; + +use SSLServer; +use WgetTests; +use HTTPTest; + +our @ISA = qw(WgetTest HTTPTest); +my $VERSION = 0.01; + +my $srcdir; +if (defined $ENV{srcdir}) { + $srcdir = Cwd::abs_path($ENV{srcdir}); +} else { + $srcdir = "."; +} + +my %ssl_defaults = ( + _certfile => "$srcdir/certs/server.crt", + _keyfile => "$srcdir/certs/server.key", + _cafile => "$srcdir/certs/test-ca-cert.pem", + _ciphers => 'ALL', + _lhostname => 'wgettestingserver', + _sslport => 55443, +); + +{ + my %_attr_data = %ssl_defaults; + + sub _default_for + { + my ($self, $attr) = @_; + return $_attr_data{$attr} if exists $_attr_data{$attr}; + return $self->SUPER::_default_for($attr); + } + + sub _standard_keys + { + my ($self) = @_; + ($self->SUPER::_standard_keys(), keys %_attr_data); + } +} + +sub _setup_server +{ + my $self = shift; + my %ssl_config = %ssl_defaults; + + $self->{_server} = SSLServer->new() + or die "Cannot create SSL server!!!"; + + for my $attrname ($self->_standard_keys()) + { + my ($argname) = ($attrname =~ m/^_(.*)/msx); + $ssl_config{$argname} = $self->{$attrname}; + } +# for my $attrname (keys %ssl_config) +# { +# if ($attrname =~ m/file$/ && !$attrname =~ m/^\//) +# { +# my $cwd = $self->SUPER::_default_for('_workdir'); +# my $cfile = $ssl_config{$attrname}; +# $ssl_config{$attrname} = "$cwd/$cfile"; +# } +# } + $self->{_server}->init(%ssl_config); +} + +1; + +# vim: et ts=4 sw=4 diff --git a/tests/Test-https-badcerts.px b/tests/Test-https-badcerts.px new file mode 100644 index 0000000..68cd142 --- /dev/null +++ b/tests/Test-https-badcerts.px @@ -0,0 +1,139 @@ +#!/usr/bin/env perl + +use strict; +use warnings; +use POSIX; +use Socket; +use WgetFeature qw(https); +use SSLTest; + +############################################################################### + +# code, msg, headers, content +my %urls = ( + '/somefile.txt' => { + code => "200", + msg => "Dontcare", + headers => { + "Content-type" => "text/plain", + }, + content => "blabla", + }, +); + +# Skip the test if openssl is not available +my $ossl = `openssl version`; +unless ($ossl =~ m/OpenSSL 1/) +{ + exit 77; +} + +my $srcdir; +if (@ARGV) { + $srcdir = shift @ARGV; +} elsif (defined $ENV{srcdir}) { + $srcdir = $ENV{srcdir}; +} +$srcdir = Cwd::abs_path("$srcdir"); + +# HOSTALIASES env variable allows us to create hosts file alias. +my $testhostname = "WgetTestingServer"; +$ENV{'HOSTALIASES'} = "$srcdir/certs/wgethosts"; + +my $addr = gethostbyname($testhostname); +unless ($addr) +{ + warn "Failed to resolve $addr, using $srcdir/certs/wgethosts\n"; + exit 77; +} +unless (inet_ntoa($addr) =~ "127.0.0.1") +{ + warn "Failed to resolve $$addr, using $srcdir/certs/wgethosts\n"; + exit 77; +} + +my $caconf = "$srcdir/certs/rootca.conf"; +my $cacrt = "$srcdir/certs/test-ca-cert.pem"; +my $cakey = "$srcdir/certs/test-ca-key.pem"; + +# Use expired server certificate +my $servercrt = "$srcdir/certs/expired.crt"; +my $serverkey = "$srcdir/certs/expired.key"; + +my $servercheck =`(openssl x509 -noout -modulus -in $servercrt | openssl md5 ; + openssl rsa -noout -modulus -in $serverkey | openssl md5) | + uniq | wc -l`; +# Check if certificate and key are made correctly. +unless(-e $servercrt && -e $serverkey && $servercheck == 1) +{ + exit 77; # skip +} + +# Try Wget using SSL with expired cert. Expect Failure. +my $port = 30443; +my $cmdline = $WgetTest::WGETPATH . " --ca-certificate=$cacrt". + " https://$testhostname:$port/somefile.txt"; +my $expected_error_code = 5; +my %existing_files = ( +); + +my %expected_downloaded_files = ( + 'somefile.txt' => { + content => "blabla", + }, +); + +my $sslsock = SSLTest->new(cmdline => $cmdline, + input => \%urls, + errcode => $expected_error_code, + existing => \%existing_files, + output => \%expected_downloaded_files, + certfile => $servercrt, + keyfile => $serverkey, + lhostname => $testhostname, + sslport => $port); +if ($sslsock->run() == 0) +{ + exit -1; +} +print "Test successful.\n"; + +# Use certificate that is not yet valid +$servercrt = "$srcdir/certs/invalid.crt"; +$serverkey = "$srcdir/certs/invalid.key"; + +$servercheck =`(openssl x509 -noout -modulus -in $servercrt | openssl md5 ; + openssl rsa -noout -modulus -in $serverkey | openssl md5) | + uniq | wc -l`; +# Check if certificate and key are made correctly. +unless(-e $servercrt && -e $serverkey && $servercheck == 1) +{ + exit 77; # skip +} + + +# Retry the test with --no-check-certificate. expect success +$port = 20443; +$cmdline = $WgetTest::WGETPATH . " --ca-certificate=$cacrt". + " https://$testhostname:$port/somefile.txt"; + +$expected_error_code = 5; + +my $retryssl = SSLTest->new(cmdline => $cmdline, + input => \%urls, + errcode => $expected_error_code, + existing => \%existing_files, + output => \%expected_downloaded_files, + certfile => $servercrt, + keyfile => $serverkey, + lhostname => $testhostname, + sslport => $port); +if ($retryssl->run() == 0) +{ + exit 0; +} +else +{ + exit -1; +} +# vim: et ts=4 sw=4 diff --git a/tests/Test-https-clientcert.px b/tests/Test-https-clientcert.px new file mode 100755 index 0000000..36365a5 --- /dev/null +++ b/tests/Test-https-clientcert.px @@ -0,0 +1,133 @@ +#!/usr/bin/env perl + +use strict; +use warnings; +use Socket; +use WgetFeature qw(https); +use SSLTest; + +############################################################################### + +# code, msg, headers, content +my %urls = ( + '/somefile.txt' => { + code => "200", + msg => "Dontcare", + headers => { + "Content-type" => "text/plain", + }, + content => "blabla", + }, +); + +# Skip the test if openssl is not available +my $ossl = `openssl version`; +unless ($ossl =~ m/OpenSSL 1/) +{ + exit 77; +} + +my $srcdir; +if (@ARGV) { + $srcdir = shift @ARGV; +} elsif (defined $ENV{srcdir}) { + $srcdir = $ENV{srcdir}; +} +$srcdir = Cwd::abs_path("$srcdir"); + +# HOSTALIASES env variable allows us to create hosts file alias. +my $testhostname = "WgetTestingServer"; +$ENV{'HOSTALIASES'} = "$srcdir/certs/wgethosts"; + +my $addr = gethostbyname($testhostname); +unless ($addr) +{ + warn "Failed to resolve $addr, using $srcdir/certs/wgethosts\n"; + exit 77; +} +unless (inet_ntoa($addr) =~ "127.0.0.1") +{ + warn "Failed to resolve $$addr, using $srcdir/certs/wgethosts\n"; + exit 77; +} + +my $cacrt = "$srcdir/certs/test-ca-cert.pem"; +my $cakey = "$srcdir/certs/test-ca-key.pem"; + +# Prepare server certificate +my $servercrt = "$srcdir/certs/server.crt"; +my $serverkey = "$srcdir/certs/server.key"; + +my $servercheck =`(openssl x509 -noout -modulus -in $servercrt | openssl md5 ; + openssl rsa -noout -modulus -in $serverkey | openssl md5) | + uniq | wc -l`; +# Check if certificate and key are made correctly. +unless(-e $servercrt && -e $serverkey && $servercheck == 1) +{ + exit 77; # skip +} + +# Use client certificate +my $clientcert = "$srcdir/certs/client.crt"; +my $clientkey = "$srcdir/certs/client.key"; + +my $clientcheck=`(openssl x509 -noout -modulus -in $clientcert | openssl md5 ; + openssl rsa -noout -modulus -in $clientkey | openssl md5) | + uniq | wc -l`; + +# Check if client certificate and key are made correctly. +unless(-e $clientcert && -e $clientkey && $clientcheck == 1) +{ + exit 77; # skip +} + +# Try Wget using SSL with mismatched client cert & key . Expect error +my $port = 21443; +my $cmdline = $WgetTest::WGETPATH . " --certificate=$clientcert ". + " --private-key=$serverkey ". + " --ca-certificate=$cacrt". + " https://$testhostname:$port/somefile.txt"; +my $expected_error_code = 5; +my %existing_files = ( +); + +my %expected_downloaded_files = ( + 'somefile.txt' => { + content => "blabla", + }, +); + +my $sslsock = SSLTest->new(cmdline => $cmdline, + input => \%urls, + errcode => $expected_error_code, + existing => \%existing_files, + output => \%expected_downloaded_files, + certfile => $servercrt, + keyfile => $serverkey, + lhostname => $testhostname, + sslport => $port); +if ($sslsock->run() == 0) +{ + exit 0; +} + +# Retry wget using SSL with client certificate. Expect success +$port = 22443; +$cmdline = $WgetTest::WGETPATH . " --certificate=$clientcert". + " --private-key=$clientkey ". + " --ca-certificate=$cacrt". + " https://$testhostname:$port/somefile.txt"; + +$expected_error_code = 0; + +my $retryssl = SSLTest->new(cmdline => $cmdline, + input => \%urls, + errcode => $expected_error_code, + existing => \%existing_files, + output => \%expected_downloaded_files, + certfile => $servercrt, + keyfile => $serverkey, + lhostname => $testhostname, + sslport => $port); +exit $retryssl->run(); +# vim: et ts=4 sw=4 diff --git a/tests/Test-https-crl.px b/tests/Test-https-crl.px new file mode 100755 index 0000000..f5b2f3c --- /dev/null +++ b/tests/Test-https-crl.px @@ -0,0 +1,136 @@ +#!/usr/bin/env perl + +use strict; +use warnings; +use Socket; +use WgetFeature qw(https); +use SSLTest; + +############################################################################### + +# code, msg, headers, content +my %urls = ( + '/somefile.txt' => { + code => "200", + msg => "Dontcare", + headers => { + "Content-type" => "text/plain", + }, + content => "blabla", + }, +); + +# Skip the test if openssl is not available +my $ossl = `openssl version`; +unless ($ossl =~ m/OpenSSL 1/) +{ + exit 77; +} + +my $srcdir; +if (@ARGV) { + $srcdir = shift @ARGV; +} elsif (defined $ENV{srcdir}) { + $srcdir = $ENV{srcdir}; +} +$srcdir = Cwd::abs_path("$srcdir"); + +# HOSTALIASES env variable allows us to create hosts file alias. +my $testhostname = "WgetTestingServer"; +$ENV{'HOSTALIASES'} = "$srcdir/certs/wgethosts"; + +my $addr = gethostbyname($testhostname); +unless ($addr) +{ + warn "Failed to resolve $addr, using $srcdir/certs/wgethosts\n"; + exit 77; +} +unless (inet_ntoa($addr) =~ "127.0.0.1") +{ + warn "Failed to resolve $$addr, using $srcdir/certs/wgethosts\n"; + exit 77; +} + +my $cacrt = "$srcdir/certs/test-ca-cert.pem"; +my $cakey = "$srcdir/certs/test-ca-key.pem"; + +# Use a revoked certificate +my $servercrt = "$srcdir/certs/revoked.crt"; +my $serverkey = "$srcdir/certs/revoked.key"; + +my $servercheck =`(openssl x509 -noout -modulus -in $servercrt | openssl md5 ; + openssl rsa -noout -modulus -in $serverkey | openssl md5) | + uniq | wc -l`; +# Check if certificate and key are correct. +unless(-e $servercrt && -e $serverkey && $servercheck == 1) +{ + exit 77; # skip +} + +# Try Wget using SSL first without --no-check-certificate. Expect Success. +my $port = 32443; +my $cmdline = $WgetTest::WGETPATH . " --ca-certificate=$cacrt". + " https://$testhostname:$port/somefile.txt"; +my $expected_error_code = 0; +my %existing_files = ( +); + +my %expected_downloaded_files = ( + 'somefile.txt' => { + content => "blabla", + }, +); + +my $sslsock = SSLTest->new(cmdline => $cmdline, + input => \%urls, + errcode => $expected_error_code, + existing => \%existing_files, + output => \%expected_downloaded_files, + certfile => $servercrt, + keyfile => $serverkey, + lhostname => $testhostname, + sslport => $port); +if ($sslsock->run() != 0) +{ + exit -1; +} + +# Revoke the certificate +my $crlfile = "$srcdir/certs/revokedcrl.pem"; + +# Check if CRL file is generated. +unless(-e $crlfile) +{ + exit 77; # skip +} + +# To read a CRL file use the following command: +# openssl crl -text -in $srcdir/certs/root.crl.pem + +# Retry the test with CRL. Expect Failure. +$port = 23443; +$cmdline = $WgetTest::WGETPATH . " --crl-file=$crlfile ". + " --ca-certificate=$cacrt". + " https://$testhostname:$port/somefile.txt"; + +$expected_error_code = 5; + +my $retryssl = SSLTest->new(cmdline => $cmdline, + input => \%urls, + errcode => $expected_error_code, + existing => \%existing_files, + output => \%expected_downloaded_files, + certfile => $servercrt, + keyfile => $serverkey, + lhostname => $testhostname, + sslport => $port); +if ($retryssl->run() == 0) +{ + exit -1; +} +else +{ + print "Test successful.\n"; + exit 0; +} +# vim: et ts=4 sw=4 diff --git a/tests/Test-https-pfs.px b/tests/Test-https-pfs.px new file mode 100755 index 0000000..1fb1c0a --- /dev/null +++ b/tests/Test-https-pfs.px @@ -0,0 +1,78 @@ +#!/usr/bin/env perl + +use strict; +use warnings; +use Socket; +use WgetFeature qw(https); +use SSLTest; + +############################################################################### + +# code, msg, headers, content +my %urls = ( + '/somefile.txt' => { + code => "200", + msg => "Dontcare", + headers => { + "Content-type" => "text/plain", + }, + content => "blabla", + }, +); + +# Skip the test if openssl is not available +my $ossl = `openssl version`; +unless ($ossl =~ m/OpenSSL 1/) +{ + exit 77; +} + +my $srcdir; +if (@ARGV) { + $srcdir = shift @ARGV; +} elsif (defined $ENV{srcdir}) { + $srcdir = $ENV{srcdir}; +} +$srcdir = Cwd::abs_path("$srcdir"); + +# HOSTALIASES env variable allows us to create hosts file alias. +my $testhostname = "WgetTestingServer"; +$ENV{'HOSTALIASES'} = "$srcdir/certs/wgethosts"; + +my $addr = gethostbyname($testhostname); +unless ($addr) +{ + warn "Failed to resolve $addr, using $srcdir/certs/wgethosts\n"; + exit 77; +} +unless (inet_ntoa($addr) =~ "127.0.0.1") +{ + warn "Failed to resolve $$addr, using $srcdir/certs/wgethosts\n"; + exit 77; +} + +my $port = 24443; +my $cmdline = $WgetTest::WGETPATH . " --secure-protocol=PFS". + " --ca-certificate=$srcdir/certs/test-ca-cert.pem". + " https://$testhostname:$port/somefile.txt"; + +my $expected_error_code = 0; + +my %existing_files = ( +); + +my %expected_downloaded_files = ( + 'somefile.txt' => { + content => "blabla", + }, +); + +my $sslsock = SSLTest->new(cmdline => $cmdline, + input => \%urls, + errcode => $expected_error_code, + existing => \%existing_files, + output => \%expected_downloaded_files, + sslport => $port); +exit $sslsock->run(); + +# vim: et ts=4 sw=4 diff --git a/tests/Test-https-selfsigned.px b/tests/Test-https-selfsigned.px new file mode 100755 index 0000000..8d17539 --- /dev/null +++ b/tests/Test-https-selfsigned.px @@ -0,0 +1,114 @@ +#!/usr/bin/env perl + +use strict; +use warnings; +use Socket; +use WgetFeature qw(https); +use SSLTest; + +############################################################################### + +# code, msg, headers, content +my %urls = ( + '/somefile.txt' => { + code => "200", + msg => "Dontcare", + headers => { + "Content-type" => "text/plain", + }, + content => "blabla", + }, +); + +# Skip the test if openssl is not available +my $ossl = `openssl version`; +unless ($ossl =~ m/OpenSSL 1/) +{ + exit 77; +} + +my $srcdir; +if (@ARGV) { + $srcdir = shift @ARGV; +} elsif (defined $ENV{srcdir}) { + $srcdir = $ENV{srcdir}; +} +$srcdir = Cwd::abs_path("$srcdir"); + +# HOSTALIASES env variable allows us to create hosts file alias. +my $testhostname = "WgetTestingServer"; +$ENV{'HOSTALIASES'} = "$srcdir/certs/wgethosts"; + +my $addr = gethostbyname($testhostname); +unless ($addr) +{ + warn "Failed to resolve $addr, using $srcdir/certs/wgethosts\n"; + exit 77; +} +unless (inet_ntoa($addr) =~ "127.0.0.1") +{ + warn "Failed to resolve $$addr, using $srcdir/certs/wgethosts\n"; + exit 77; +} + +# Prepare self-signed certificates +my $certfile="$srcdir/certs/selfsigned.crt"; +my $keyfile="$srcdir/certs/selfsigned.key"; + +my $sscheck=`(openssl x509 -noout -modulus -in $certfile | openssl md5 ; + openssl rsa -noout -modulus -in $keyfile | openssl md5) | + uniq|wc -l`; + +# Check if Self signed certificate and key are made correctly. +unless(-e $certfile && -e $keyfile && $sscheck == 1) +{ + exit 77; # skip +} + +# Try Wget using SSL first without --no-check-certificate. expect error +my $port = 26443; +my $cmdline = $WgetTest::WGETPATH . " --ca-certificate=$srcdir/certs/test-ca-cert.pem". + " https://$testhostname:$port/somefile.txt"; +my $expected_error_code = 5; +my %existing_files = ( +); + +my %expected_downloaded_files = ( + 'somefile.txt' => { + content => "blabla", + }, +); + +my $sslsock = SSLTest->new(cmdline => $cmdline, + input => \%urls, + errcode => $expected_error_code, + existing => \%existing_files, + output => \%expected_downloaded_files, + certfile => $certfile, + keyfile => $keyfile, + lhostname => $testhostname, + sslport => $port); +if ($sslsock->run() == 0) +{ + exit 0; +} + +# Retry the test with --no-check-certificate. expect success +$port = 27443; +$cmdline = $WgetTest::WGETPATH . " --no-check-certificate ". + " --ca-certificate=$srcdir/certs/test-ca-cert.pem". + " https://$testhostname:$port/somefile.txt"; + +$expected_error_code = 0; + +my $retryssl = SSLTest->new(cmdline => $cmdline, + input => \%urls, + errcode => $expected_error_code, + existing => \%existing_files, + output => \%expected_downloaded_files, + certfile => $certfile, + keyfile => $keyfile, + lhostname => $testhostname, + sslport => $port); +exit $retryssl->run(); +# vim: et ts=4 sw=4 diff --git a/tests/Test-https-tlsv1.px b/tests/Test-https-tlsv1.px new file mode 100755 index 0000000..32ff63a --- /dev/null +++ b/tests/Test-https-tlsv1.px @@ -0,0 +1,78 @@ +#!/usr/bin/env perl + +use strict; +use warnings; +use Socket; +use WgetFeature qw(https); +use SSLTest; + +############################################################################### + +# code, msg, headers, content +my %urls = ( + '/somefile.txt' => { + code => "200", + msg => "Dontcare", + headers => { + "Content-type" => "text/plain", + }, + content => "blabla", + }, +); + +# Skip the test if openssl is not available +my $ossl = `openssl version`; +unless ($ossl =~ m/OpenSSL 1/) +{ + exit 77; +} + +my $srcdir; +if (@ARGV) { + $srcdir = shift @ARGV; +} elsif (defined $ENV{srcdir}) { + $srcdir = $ENV{srcdir}; +} +$srcdir = Cwd::abs_path("$srcdir"); + +# HOSTALIASES env variable allows us to create hosts file alias. +my $testhostname = "WgetTestingServer"; +$ENV{'HOSTALIASES'} = "$srcdir/certs/wgethosts"; + +my $addr = gethostbyname($testhostname); +unless ($addr) +{ + warn "Failed to resolve $addr, using $srcdir/certs/wgethosts\n"; + exit 77; +} +unless (inet_ntoa($addr) =~ "127.0.0.1") +{ + warn "Failed to resolve $$addr, using $srcdir/certs/wgethosts\n"; + exit 77; +} + +my $port = 28443; +my $cmdline = $WgetTest::WGETPATH . " --secure-protocol=TLSv1". + " --ca-certificate=$srcdir/certs/test-ca-cert.pem". + " https://$testhostname:$port/somefile.txt"; + +my $expected_error_code = 0; + +my %existing_files = ( +); + +my %expected_downloaded_files = ( + 'somefile.txt' => { + content => "blabla", + }, +); + +my $sslsock = SSLTest->new(cmdline => $cmdline, + input => \%urls, + errcode => $expected_error_code, + existing => \%existing_files, + output => \%expected_downloaded_files, + sslport => $port); +exit $sslsock->run(); + +# vim: et ts=4 sw=4 diff --git a/tests/Test-https-tlsv1x.px b/tests/Test-https-tlsv1x.px new file mode 100755 index 0000000..080a9de --- /dev/null +++ b/tests/Test-https-tlsv1x.px @@ -0,0 +1,79 @@ +#!/usr/bin/env perl + +use strict; +use warnings; +use Socket; +use Cwd; +use WgetFeature qw(https); +use SSLTest; + +############################################################################### + +# code, msg, headers, content +my %urls = ( + '/somefile.txt' => { + code => "200", + msg => "Dontcare", + headers => { + "Content-type" => "text/plain", + }, + content => "blabla", + }, +); + +# Skip the test if openssl is not available +my $ossl = `openssl version`; +unless ($ossl =~ m/OpenSSL 1/) +{ + exit 77; +} + +my $srcdir; +if (@ARGV) { + $srcdir = shift @ARGV; +} elsif (defined $ENV{srcdir}) { + $srcdir = $ENV{srcdir}; +} +$srcdir = Cwd::abs_path("$srcdir"); + +# HOSTALIASES env variable allows us to create hosts file alias. +my $testhostname = "WgetTestingServer"; +$ENV{'HOSTALIASES'} = "$srcdir/certs/wgethosts"; + +my $addr = gethostbyname($testhostname); +unless ($addr) +{ + warn "Failed to resolve $addr, using $srcdir/certs/wgethosts\n"; + exit 77; +} +unless (inet_ntoa($addr) =~ "127.0.0.1") +{ + warn "Failed to resolve $$addr, using $srcdir/certs/wgethosts\n"; + exit 77; +} + +my $port = 29443; +my $cmdline = $WgetTest::WGETPATH . " --secure-protocol=TLSv1_1". + " --ca-certificate=$srcdir/certs/test-ca-cert.pem". + " https://$testhostname:$port/somefile.txt"; + +my $expected_error_code = 0; + +my %existing_files = ( +); + +my %expected_downloaded_files = ( + 'somefile.txt' => { + content => "blabla", + }, +); + +my $sslsock = SSLTest->new(cmdline => $cmdline, + input => \%urls, + errcode => $expected_error_code, + existing => \%existing_files, + output => \%expected_downloaded_files, + sslport => $port); +exit $sslsock->run(); + +# vim: et ts=4 sw=4 diff --git a/tests/Test-https-weboftrust.px b/tests/Test-https-weboftrust.px new file mode 100755 index 0000000..55f936f --- /dev/null +++ b/tests/Test-https-weboftrust.px @@ -0,0 +1,125 @@ +#!/usr/bin/env perl + +use strict; +use warnings; +use Socket; +use WgetFeature qw(https); +use SSLTest; + +############################################################################### + +# code, msg, headers, content +my %urls = ( + '/somefile.txt' => { + code => "200", + msg => "Dontcare", + headers => { + "Content-type" => "text/plain", + }, + content => "blabla", + }, +); + +# Skip the test if openssl is not available +my $ossl = `openssl version`; +unless ($ossl =~ m/OpenSSL 1/) +{ + exit 77; +} + +my $srcdir; +if (@ARGV) { + $srcdir = shift @ARGV; +} elsif (defined $ENV{srcdir}) { + $srcdir = $ENV{srcdir}; +} +$srcdir = Cwd::abs_path("$srcdir"); + +# HOSTALIASES env variable allows us to create hosts file alias. +my $testhostname = "WgetTestingServer"; +$ENV{'HOSTALIASES'} = "$srcdir/certs/wgethosts"; + +my $addr = gethostbyname($testhostname); +unless ($addr) +{ + warn "Failed to resolve $addr, using $srcdir/certs/wgethosts\n"; + exit 77; +} +unless (inet_ntoa($addr) =~ "127.0.0.1") +{ + warn "Failed to resolve $$addr, using $srcdir/certs/wgethosts\n"; + exit 77; +} + +# Use Intermediate CA +my $caconf = "$srcdir/certs/rootca.conf"; +my $icrtfile = "$srcdir/certs/interca.crt"; +my $ikeyfile = "$srcdir/certs/interca.key"; + +my $icacheck=`(openssl x509 -noout -modulus -in $icrtfile | openssl md5 ; + openssl rsa -noout -modulus -in $ikeyfile | openssl md5) | + uniq | wc -l`; +# Check if certificate and key are correct. +unless(-e $icrtfile && -e $ikeyfile && $icacheck == 1) +{ + exit 77; # skip +} + +# User certificate using intermediate CA +my $usrcrt = "$srcdir/certs/user.crt"; +my $usrkey = "$srcdir/certs/user.key"; + +my $usrcheck=`(openssl x509 -noout -modulus -in $usrcrt | openssl md5 ; + openssl rsa -noout -modulus -in $usrkey | openssl md5) | + uniq | wc -l`; +# Check if certificate and key are made correctly. +unless(-e $usrcrt && -e $ikeyfile && $usrcheck == 1) +{ + exit 77; # skip +} + +# Try Wget using SSL using certificate signed by intermediate CA. Expect error. +my $port = 30443; +my $cmdline = $WgetTest::WGETPATH . " --ca-certificate=$srcdir/certs/". + "test-ca-cert.pem https://$testhostname:$port/somefile.txt"; +my $expected_error_code = 5; +my %existing_files = ( +); + +my %expected_downloaded_files = ( + 'somefile.txt' => { + content => "blabla", + }, +); + +my $sslsock = SSLTest->new(cmdline => $cmdline, + input => \%urls, + errcode => $expected_error_code, + existing => \%existing_files, + output => \%expected_downloaded_files, + certfile => $usrcrt, + keyfile => $usrkey, + lhostname => $testhostname); +if ($sslsock->run() == 0) +{ + exit 0; +} + +# Retry the test with --no-check-certificate. expect success +$port = 31443; +$cmdline = $WgetTest::WGETPATH . " --ca-certificate=$srcdir/certs/wotca.pem". + " https://$testhostname:$port/somefile.txt"; + +$expected_error_code = 0; + +my $retryssl = SSLTest->new(cmdline => $cmdline, + input => \%urls, + errcode => $expected_error_code, + existing => \%existing_files, + output => \%expected_downloaded_files, + certfile => $usrcrt, + keyfile => $usrkey, + lhostname => $testhostname, + sslport => $port); +exit $retryssl->run(); +# vim: et ts=4 sw=4 diff --git a/tests/Test-idn-meta.px b/tests/Test-idn-meta.px index fd7dcfa..da9045e 100755 --- a/tests/Test-idn-meta.px +++ b/tests/Test-idn-meta.px @@ -27,7 +27,7 @@ my %urls = ( code => "200", msg => "You want fries with that?", headers => { - # HTTP header preceeds http-equiv, simply just omit it here + # HTTP header preceds http-equiv, simply just omit it here #'Content-Type' => 'text/html; charset=UTF-8', }, content => $starter_file, diff --git a/tests/Test-proxied-https-auth-keepalive.px b/tests/Test-proxied-https-auth-keepalive.px index 049bebe..2a18ccf 100755 --- a/tests/Test-proxied-https-auth-keepalive.px +++ b/tests/Test-proxied-https-auth-keepalive.px @@ -153,7 +153,7 @@ my $cmdline = $WgetTest::WGETPATH . " --user=fiddle-dee-dee" . " --password=Dodgson -e https_proxy=localhost:{{port}}" . " --no-check-certificate" . " https://no.such.domain/needs-auth.txt"; -$cmdline =~ s/{{port}}/$SOCKET->sockport()/e; +$cmdline =~ s/\Q{{port}}/$SOCKET->sockport()/e; if (defined $srcdir) { $VALGRIND_SUPP_FILE = $srcdir . '/valgrind-suppressions-ssl'; diff --git a/tests/Test-proxied-https-auth.px b/tests/Test-proxied-https-auth.px index ce4e736..878114e 100755 --- a/tests/Test-proxied-https-auth.px +++ b/tests/Test-proxied-https-auth.px @@ -152,7 +152,7 @@ my $cmdline = $WgetTest::WGETPATH . " --user=fiddle-dee-dee" . " --password=Dodgson -e https_proxy=localhost:{{port}}" . " --no-check-certificate" . " https://no.such.domain/needs-auth.txt"; -$cmdline =~ s/{{port}}/$SOCKET->sockport()/e; +$cmdline =~ s/\Q{{port}}/$SOCKET->sockport()/e; if (defined $srcdir) { $VALGRIND_SUPP_FILE = $srcdir . '/valgrind-suppressions-ssl'; diff --git a/tests/WgetFeature.cfg b/tests/WgetFeature.cfg deleted file mode 100644 index a1176e0..0000000 --- a/tests/WgetFeature.cfg +++ /dev/null @@ -1,6 +0,0 @@ -%skip_messages = ( - https => "Not running test: Wget under test doesn't support HTTPS.", - iri => "Not running test: Wget under test doesn't support IDN/IRI.", -); - -1; diff --git a/tests/WgetFeature.pm b/tests/WgetFeature.pm index 28e0c11..0d59573 100644 --- a/tests/WgetFeature.pm +++ b/tests/WgetFeature.pm @@ -5,26 +5,14 @@ use warnings; our $VERSION = 0.01; -use Carp; use English qw(-no_match_vars); -use FindBin; use WgetTests; -our %SKIP_MESSAGES; -{ - my $cfgfile = "$FindBin::Bin/WgetFeature.cfg"; - open my $fh, '<', $cfgfile - or croak "Cannot open '$cfgfile': $ERRNO"; - my @lines = <$fh>; - close $fh or carp "Cannot close '$cfgfile': $ERRNO"; - my $evalstr = join q{}, @lines; - eval { $evalstr } or carp "Cannot eval '$cfgfile': $ERRNO"; -} - sub import { - my ($class, $feature) = @_; + my ($class, @required_feature) = @_; + # create a list of available features from 'wget --version' output my $output = `$WgetTest::WGETPATH --version`; my ($list) = $output =~ m/^([+-]\S+(?:\s+[+-]\S+)+)/msx; my %have_features; @@ -34,10 +22,19 @@ sub import $feat =~ s/^.//msx; $have_features{$feat} = $f =~ m/^[+]/msx ? 1 : 0; } - if (!$have_features{$feature}) + + foreach (@required_feature) { - print "$SKIP_MESSAGES{$feature}\n"; - exit 77; # skip + if (!$have_features{$_}) + { + print "Skipped test: Wget misses feature '$_'\n"; + print "Features available from 'wget --version' output:\n"; + foreach (keys %have_features) + { + print " $_=$have_features{$_}\n"; + } + exit 77; # skip + } } } diff --git a/tests/WgetTests.pm b/tests/WgetTests.pm index 8b8f7f0..9207b4a 100644 --- a/tests/WgetTests.pm +++ b/tests/WgetTests.pm @@ -13,7 +13,7 @@ use IO::Handle; use POSIX qw(locale_h); use locale; -our $WGETPATH = '../src/wget --no-config'; +our $WGETPATH = '../src/wget -d --no-config'; our $VALGRIND_SUPP_FILE = Cwd::getcwd(); if (defined $ENV{'srcdir'}) { $VALGRIND_SUPP_FILE = $VALGRIND_SUPP_FILE @@ -152,7 +152,7 @@ sub run $errcode >>= 8; # XXX: should handle abnormal error codes. # Shutdown server - # if we didn't explicitely kill the server, we would have to call + # if we didn't explicitly kill the server, we would have to call # waitpid ($pid, 0) here in order to wait for the child process to # terminate kill 'TERM', $pid; diff --git a/tests/certs/client.crt b/tests/certs/client.crt new file mode 100644 index 0000000..a2b58a9 --- /dev/null +++ b/tests/certs/client.crt @@ -0,0 +1,148 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 4386 (0x1122) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=US, ST=CA, L=San Jose, O=Wget Testing Department, OU=Testing, CN=WgetTesting/emailAddress=bugs-wget@gnu.org + Validity + Not Before: May 9 21:08:52 2017 GMT + Not After : May 9 21:08:52 2019 GMT + Subject: CN=., ST=CA, C=US, O=Client + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (4096 bit) + Modulus: + 00:c8:e0:0f:fd:d5:96:99:1d:f5:8e:4a:d7:84:85: + fc:48:8b:e4:cf:78:27:22:ea:1b:b4:4e:f0:a2:05: + 29:78:37:43:42:17:fe:8d:98:4b:4b:8a:f6:b2:92: + 23:2c:f2:af:c8:9d:36:57:03:90:82:00:02:0c:f8: + 33:14:f2:5c:5f:cc:8f:f8:14:b5:df:a8:e3:0d:d1: + bf:5a:f2:8d:24:37:66:1a:31:99:7e:f7:8d:8e:86: + fd:ea:a6:73:60:84:dc:1c:d9:28:87:92:9f:cf:c4: + 8e:9f:2b:ce:c3:8a:20:ce:8d:5b:66:fe:78:f1:bd: + 7b:57:b1:ad:bc:db:8c:0a:a8:92:c1:92:5d:6f:b9: + 5f:7f:c7:62:4d:59:60:48:8e:1f:a3:02:2f:79:26: + 68:6f:ed:0a:95:07:c8:e5:9a:93:ba:cb:af:c7:a9: + 06:a7:99:b4:ce:1f:26:b7:d5:f6:bd:b4:b2:ad:14: + fe:df:8c:41:94:d4:d2:41:18:43:fe:19:0e:43:67: + 10:8a:ac:f1:47:1c:5a:71:ed:d7:76:aa:67:81:67: + 1d:6f:77:db:c1:93:ee:36:ec:34:6f:c8:97:73:57: + 09:dc:9a:b8:54:35:ae:a3:91:2a:5d:f3:e4:70:77: + 7c:bc:0d:d8:f5:a2:f0:2d:b2:ba:3e:b6:ce:8a:30: + 16:ea:6d:20:b8:ac:dd:eb:3c:a5:62:c5:7d:3a:ef: + df:64:83:a7:ab:a1:c3:65:7a:54:fc:a4:26:0f:64: + a5:83:ed:29:8f:05:ef:aa:2f:98:af:87:98:87:34: + a7:31:55:09:75:37:7d:70:c3:44:14:c4:05:b2:f8: + 6b:6b:25:b4:55:d5:fe:29:3f:ab:f0:d1:e6:3f:dc: + e9:c6:83:5d:f5:4a:ca:34:e0:3d:52:a4:dd:86:09: + e5:3e:b3:9e:f3:79:99:af:b1:6b:7e:6e:c8:0d:04: + 28:fa:38:59:94:71:3c:d2:39:84:a5:56:41:ae:8c: + 63:2d:5c:9b:79:ce:f0:a6:69:6c:74:b7:36:e9:87: + 67:ad:5b:61:6f:d2:53:d4:7a:94:e1:26:29:d0:56: + 02:f5:6e:15:dc:a9:0b:e6:37:2a:32:9c:35:f3:72: + 2d:3d:e2:d4:25:48:a9:d0:c9:7b:cb:1a:4d:c1:44: + 5c:57:ab:75:65:ae:06:b2:40:b6:55:a8:2e:fb:fa: + 6e:0b:75:eb:86:02:ea:63:fe:9a:74:9d:02:4b:60: + 95:ef:53:04:13:87:07:6a:52:64:ba:e6:40:09:ab: + a9:50:a3:12:ce:75:51:35:af:37:34:60:6a:e9:d7: + 3c:00:2b:4a:92:75:48:f3:4a:26:13:08:04:d0:47: + 05:a1:07 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + 41:CD:E0:FB:C1:87:D6:77:38:B5:A3:94:8A:D0:5B:5C:87:70:32:E9 + X509v3 Authority Key Identifier: + keyid:17:ED:93:43:8F:A7:A6:00:75:D4:E8:B6:82:0D:88:37:7E:C0:6D:08 + + X509v3 Key Usage: + Digital Signature, Key Encipherment, Certificate Sign, CRL Sign + X509v3 Extended Key Usage: + TLS Web Server Authentication + X509v3 CRL Distribution Points: + + Full Name: + URI:http://test.wgettest.org/Bogus.crl + + Full Name: + URI:http://test.wgettest.org/Bogus.crl + + X509v3 Subject Alternative Name: + DNS:WgetTestingServer + Authority Information Access: + CA Issuers - URI:http://test.wgettest.com/Bogus.crt + CA Issuers - URI:http://test.wgettest.com/Bogus.crt + OCSP - URI:http://test.wgettest.com/ocsp/ + OCSP - URI:http://test.wgettest.com/ocsp/ + + Signature Algorithm: sha1WithRSAEncryption + 46:a4:f3:c2:63:cf:c3:76:84:aa:a3:ba:27:32:25:15:54:e6: + 69:d2:2f:7c:c9:68:88:01:10:8c:0d:4e:f7:3c:cc:e5:7f:e6: + 87:55:e9:80:69:e0:05:cb:40:84:65:cc:4d:35:f3:a0:6a:95: + 28:08:cb:95:16:9c:2b:d2:15:5b:d7:43:81:e1:ff:7e:e0:0f: + d7:25:01:f5:3d:d5:0f:88:15:1b:59:5f:6f:31:75:03:19:2b: + 24:5a:d4:b4:e8:1a:19:81:c9:c6:b9:e2:b2:cb:dc:fd:b3:fc: + 18:ec:76:68:2d:9e:78:41:31:0b:c0:f2:ca:70:93:66:6b:97: + cf:b8:8e:69:3e:86:63:7b:12:40:8f:1b:de:25:2a:a7:97:83: + 4f:a1:7e:0b:07:15:bb:42:e9:a0:a8:80:17:c2:75:a9:35:e6: + 57:bf:09:83:71:b5:51:3b:95:37:79:d6:8b:4e:96:86:22:d3: + 54:53:ac:af:ea:ec:0c:58:4c:18:11:4d:77:35:ae:40:7c:6d: + 5d:c5:36:46:19:fa:d9:83:76:cf:e6:70:69:3a:32:a3:0c:4f: + 6f:28:18:0d:6a:d3:47:b4:e8:e3:77:a8:90:0d:74:08:f1:4e: + 68:45:27:fc:22:57:ad:63:92:7c:fd:bf:44:ad:ec:be:12:42: + 49:b9:e0:23:2c:95:98:f2:d3:07:a3:00:6a:4f:eb:3d:8b:6d: + c6:0a:ef:1e:c8:71:1b:d2:3b:2e:81:86:5b:36:05:6a:f4:3f: + 25:cc:4a:d1:a4:d9:f6:8e:6d:a2:db:54:1e:c5:1b:dd:44:e3: + fc:0b:8b:8c:84:7d:e0:bf:1b:d4:53:3e:ab:31:fd:f4:25:1f: + 29:b9:55:f0:92:0e:fe:ab:46:cc:a1:50:96:10:6a:d9:c0:cd: + 6d:c1:e9:86:77:7e:ef:93:bf:be:03:21:87:d9:dc:36:53:41: + f6:a6:6c:f2:23:ee:be:34:4a:2e:95:29:09:7d:8f:1a:10:d2: + ff:a5:6b:26:93:e1:83:da:be:22:fd:7f:14:f2:1c:03:f5:64: + f8:75:00:f0:da:5e:78:e3:07:90:a0:4a:16:1c:31:70:09:b5: + 46:4d:71:42:64:19:b0:53:ce:27:f7:9a:34:5d:c4:df:7d:06: + bf:af:8e:c2:9a:19:c1:f9:90:36:eb:41:0c:2c:3d:51:22:bb: + 18:eb:ed:0b:5c:92:15:60:79:42:be:c1:f6:f1:46:29:c9:6c: + 0a:ba:f9:4c:46:44:1e:32:7d:83:df:55:b1:31:1f:c2:db:22: + a4:bd:2d:79:d1:ca:a1:80:12:ce:5a:26:68:54:8b:d3:f4:8b: + cf:45:d3:57:92:70:b6:7c +-----BEGIN CERTIFICATE----- +MIIHDjCCBPagAwIBAgICESIwDQYJKoZIhvcNAQEFBQAwgZkxCzAJBgNVBAYTAlVT +MQswCQYDVQQIDAJDQTERMA8GA1UEBwwIU2FuIEpvc2UxIDAeBgNVBAoMF1dnZXQg +VGVzdGluZyBEZXBhcnRtZW50MRAwDgYDVQQLDAdUZXN0aW5nMRQwEgYDVQQDDAtX +Z2V0VGVzdGluZzEgMB4GCSqGSIb3DQEJARYRYnVncy13Z2V0QGdudS5vcmcwHhcN +MTcwNTA5MjEwODUyWhcNMTkwNTA5MjEwODUyWjA3MQowCAYDVQQDDAEuMQswCQYD +VQQIDAJDQTELMAkGA1UEBhMCVVMxDzANBgNVBAoMBkNsaWVudDCCAiIwDQYJKoZI +hvcNAQEBBQADggIPADCCAgoCggIBAMjgD/3Vlpkd9Y5K14SF/EiL5M94JyLqG7RO +8KIFKXg3Q0IX/o2YS0uK9rKSIyzyr8idNlcDkIIAAgz4MxTyXF/Mj/gUtd+o4w3R +v1ryjSQ3ZhoxmX73jY6G/eqmc2CE3BzZKIeSn8/Ejp8rzsOKIM6NW2b+ePG9e1ex +rbzbjAqoksGSXW+5X3/HYk1ZYEiOH6MCL3kmaG/tCpUHyOWak7rLr8epBqeZtM4f +JrfV9r20sq0U/t+MQZTU0kEYQ/4ZDkNnEIqs8UccWnHt13aqZ4FnHW9328GT7jbs +NG/Il3NXCdyauFQ1rqORKl3z5HB3fLwN2PWi8C2yuj62zoowFuptILis3es8pWLF +fTrv32SDp6uhw2V6VPykJg9kpYPtKY8F76ovmK+HmIc0pzFVCXU3fXDDRBTEBbL4 +a2sltFXV/ik/q/DR5j/c6caDXfVKyjTgPVKk3YYJ5T6znvN5ma+xa35uyA0EKPo4 +WZRxPNI5hKVWQa6MYy1cm3nO8KZpbHS3NumHZ61bYW/SU9R6lOEmKdBWAvVuFdyp +C+Y3KjKcNfNyLT3i1CVIqdDJe8saTcFEXFerdWWuBrJAtlWoLvv6bgt164YC6mP+ +mnSdAktgle9TBBOHB2pSZLrmQAmrqVCjEs51UTWvNzRgaunXPAArSpJ1SPNKJhMI +BNBHBaEHAgMBAAGjggG/MIIBuzAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRB +zeD7wYfWdzi1o5SK0Ftch3Ay6TAfBgNVHSMEGDAWgBQX7ZNDj6emAHXU6LaCDYg3 +fsBtCDALBgNVHQ8EBAMCAaYwEwYDVR0lBAwwCgYIKwYBBQUHAwEwXQYDVR0fBFYw +VDAooCagJIYiaHR0cDovL3Rlc3Qud2dldHRlc3Qub3JnL0JvZ3VzLmNybDAooCag +JIYiaHR0cDovL3Rlc3Qud2dldHRlc3Qub3JnL0JvZ3VzLmNybDAcBgNVHREEFTAT +ghFXZ2V0VGVzdGluZ1NlcnZlcjCByAYIKwYBBQUHAQEEgbswgbgwLgYIKwYBBQUH +MAKGImh0dHA6Ly90ZXN0LndnZXR0ZXN0LmNvbS9Cb2d1cy5jcnQwLgYIKwYBBQUH +MAKGImh0dHA6Ly90ZXN0LndnZXR0ZXN0LmNvbS9Cb2d1cy5jcnQwKgYIKwYBBQUH +MAGGHmh0dHA6Ly90ZXN0LndnZXR0ZXN0LmNvbS9vY3NwLzAqBggrBgEFBQcwAYYe +aHR0cDovL3Rlc3Qud2dldHRlc3QuY29tL29jc3AvMA0GCSqGSIb3DQEBBQUAA4IC +AQBGpPPCY8/DdoSqo7onMiUVVOZp0i98yWiIARCMDU73PMzlf+aHVemAaeAFy0CE +ZcxNNfOgapUoCMuVFpwr0hVb10OB4f9+4A/XJQH1PdUPiBUbWV9vMXUDGSskWtS0 +6BoZgcnGueKyy9z9s/wY7HZoLZ54QTELwPLKcJNma5fPuI5pPoZjexJAjxveJSqn +l4NPoX4LBxW7QumgqIAXwnWpNeZXvwmDcbVRO5U3edaLTpaGItNUU6yv6uwMWEwY +EU13Na5AfG1dxTZGGfrZg3bP5nBpOjKjDE9vKBgNatNHtOjjd6iQDXQI8U5oRSf8 +IletY5J8/b9Erey+EkJJueAjLJWY8tMHowBqT+s9i23GCu8eyHEb0jsugYZbNgVq +9D8lzErRpNn2jm2i21QexRvdROP8C4uMhH3gvxvUUz6rMf30JR8puVXwkg7+q0bM +oVCWEGrZwM1twemGd37vk7++AyGH2dw2U0H2pmzyI+6+NEoulSkJfY8aENL/pWsm +k+GD2r4i/X8U8hwD9WT4dQDw2l544weQoEoWHDFwCbVGTXFCZBmwU84n95o0XcTf +fQa/r47CmhnB+ZA260EMLD1RIrsY6+0LXJIVYHlCvsH28UYpyWwKuvlMRkQeMn2D +31WxMR/C2yKkvS150cqhgBLOWiZoVIvT9IvPRdNXknC2fA== +-----END CERTIFICATE----- diff --git a/tests/certs/client.key b/tests/certs/client.key new file mode 100644 index 0000000..31d556b --- /dev/null +++ b/tests/certs/client.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKQIBAAKCAgEAyOAP/dWWmR31jkrXhIX8SIvkz3gnIuobtE7wogUpeDdDQhf+ +jZhLS4r2spIjLPKvyJ02VwOQggACDPgzFPJcX8yP+BS136jjDdG/WvKNJDdmGjGZ +fveNjob96qZzYITcHNkoh5Kfz8SOnyvOw4ogzo1bZv548b17V7GtvNuMCqiSwZJd +b7lff8diTVlgSI4fowIveSZob+0KlQfI5ZqTusuvx6kGp5m0zh8mt9X2vbSyrRT+ +34xBlNTSQRhD/hkOQ2cQiqzxRxxace3XdqpngWcdb3fbwZPuNuw0b8iXc1cJ3Jq4 +VDWuo5EqXfPkcHd8vA3Y9aLwLbK6PrbOijAW6m0guKzd6zylYsV9Ou/fZIOnq6HD +ZXpU/KQmD2Slg+0pjwXvqi+Yr4eYhzSnMVUJdTd9cMNEFMQFsvhrayW0VdX+KT+r +8NHmP9zpxoNd9UrKNOA9UqTdhgnlPrOe83mZr7Frfm7IDQQo+jhZlHE80jmEpVZB +roxjLVybec7wpmlsdLc26YdnrVthb9JT1HqU4SYp0FYC9W4V3KkL5jcqMpw183It +PeLUJUip0Ml7yxpNwURcV6t1Za4GskC2Vagu+/puC3XrhgLqY/6adJ0CS2CV71ME +E4cHalJkuuZACaupUKMSznVRNa83NGBq6dc8ACtKknVI80omEwgE0EcFoQcCAwEA +AQKCAgADk7HVNEt1OIpZ2U1TJ8uhQxR0+U/BGGgb4tf4Gp1tbZZ+A81dmhulIblY +3q9PqpakvN/t1rtpBTUEJBtMwTAR6KObqErAy9IXOeftZ6pJvc7Mopt4HlJf+lll +J0egrVz6CoflOiAsY/SiMvaAluIUq4G4KMngjB45JonQdhxdSDksxz1wst1XeiZu ++Ct1v0oi7fQIdT2g2Ji6pKPYKtN8nQnpRUJAE8WbcgSPe3jkUeZonJoZQvcb/los +HJGBYdLWMmyh+4hkWsXlh3WxwEENldd5V6oLHWY9hiE86FaCEEe1rO+hWD9e3EPj +3mbv9cC73IdDgH5EYg1c9oZhAZA23lvH1u8yFpfPAOdvl0X2T6rSmd0zWrrWpKem +yoghSaW9rpWsM6rwI/B+gZlgwQQHLcRVrNJuXW7kTqRQnD+y9EM8HNddkNjmI6Op +z135xRR4JNX15b1CCgiVWoHO/o/U/ivMRo4zjaoASxUB50TX9C+HTVY75Sr7tSAb +v9/+8TWrCWJVXrCg/SddPF1DfBrpSPR77wa/zoD9IY7MHwnrmgdDt5I59Faa0KDF +F1E0RLsVUUS8byLNcb26KpWUJQRi6ILr8KDQ+iVbk6QE/TqVQ5oxwmaa7dRdAL5s +ao8gKU8XiGezbXFtN22adTEGIUPBAxGBcuEr8CYqlX1Gz0YvmQKCAQEA6wpdT6OZ +s4bYuuMJiXxSwSSmXuqslP6JDSWliqznsJJnfn2Dy4+d945DRAE24IDgzJdrPtWv +MfgRFJOG7Gri+7eVlLR7H+zfKnge/lOsdmVdBCrTiqTNt0XhAKZAEAq9j+4/5GMF +bj9Mt9LUN12YgmVnWIfLgGDfQA0B5sTUjQwaSImAv4s24MLXW+sE8Jzq+k3C5u44 +oWqmU1LEBGqXVamtlM8xIRKghWVofeAVKjkGdUBrPptIEwYMAWub40Q2I9G7w5cF +PGSFn51R8ahLOGICE42n3Aus0N6iDsNvDc2EdlR0NIKT0sbkya/sy9jgDLg1UhkG +LJblXa5OXCDmWwKCAQEA2snBNmRuiczN43VzRgTVS840Ri46Hhx1BGaKRwNmGiTK +4p/TLSnL1MgjdBLs/M678srxTSCzQX1YuV6G3p708ez+Q1IwHAuWiwBc7bmHHgxj +v4gimIrPux+cMtOEmyxUL8s9leqZflGqoc3UILNNq9QcrVITcEkwCNqdpDk9vmii +l54bjwuyad7IyFe7txIzLzNib5bbrK+t/R10RuvHKPaAeLDa1kDvwyOQa5ImRHWt +yg1Kj63lVBwXJv+K6d+Z/NFMgT7fVJk70j6WcKfEcufyYdKzhkj+ai1wJzeQplu4 ++x2YFS9ygonISPge+55LJ3PCLj0g0MIhPK+BI32nxQKCAQEA4HUDa1x3GeT68G6E +2xEpDl3rq9U8fwUc6Ls8/dPlZtBJmZhP1oQOfS0Uu8rVF0y8YWVw+46hQnz+AsJo +JTpmDbDiXiKFOpXBARO5tXM+zco7LBGh91MvSYioOTCLGUbIhL0nsvmFZCV7JElo +dH8jd9NTAE6eXrkkOkyxtineOdyG9SKrG0DdZYNsmtEz5HxWQjckm9h/qFbrA8OU +ggsw/pONuwCqkETzmrCfOyZVz/6pVivwvtcX22L48BpNwpmPgmF2iHCehXAR074v +VTI8s1mVVgr/dLqJjOYvqR2l3m6Xw1EfsE3K0Y0zTBB/eKRiQoNgGEjhho+L9wzQ +tFaO5QKCAQEAmYvCh5PQZ/FOBXYmIlu9/eeHlEFZFEzQavgzz0a5X1u273lPUYDl +xj13dDzcCUhlay22T3TFmQ6JN/75FD/mk+rJPyHtFaGkU4U7srLj+tijIIZAEWJK +C39RtfHwPJ7NroUqgY4VjyttXwT+/LwZpJ/GSHUzozgZ9/zFab2qcXkpstKJcMi6 +u8ZYjxHTcdXaCiQ7zyjGntjkeKE1O5i5OyxUWV91FayZGBBbiMMXDDCyePz++PsH +2RGlxf7N1PjSLzYMRSCEx/CKpTC7j/CN1D6oQrMGvxV3R7j/3uYGJFp25fWNCEE2 +Uhq0b1GDHP+oqtV4z86iux+jB937+ZZ0KQKCAQBetr8pywp3jftYVhGU9+VZxYc/ +2vM5+WEdOqJAoHwXed5AMHReycKUmbDilWbswXyiBDGmIokoMKP09JMXfCbHMTkX +LZCsxFGUpzAGg7sHI1NLTqWGU+fOmtzg7SJ77tZqJj1zzmgLX54oQ9qx53V6StWV +Zw7YxkRbnLQ+LZU0HyYb11v5oh1CnWUoGINMkV6Bhv+jPCzUP/vs4/JgOFqhwjlN +GVX0ewFGykinTK34ia9TI1Updgb3FWt3i9+twwAis1nnnuHt19tdi22BPwAuyFPx +hsf5t4Kcm8xibjeHzQMLqP4v2arW09zsg5kDTQHoQDcUajJ+cdbpY2PeosfN +-----END RSA PRIVATE KEY----- diff --git a/tests/certs/expired.crt b/tests/certs/expired.crt new file mode 100644 index 0000000..b624e77 --- /dev/null +++ b/tests/certs/expired.crt @@ -0,0 +1,149 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 1 (0x1) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=US, ST=CA, L=San Jose, O=Wget Testing Department, OU=Testing, CN=WgetTesting/emailAddress=bugs-wget@gnu.org + Validity + Not Before: May 14 09:05:02 2017 GMT + Not After : May 8 16:03:42 2017 GMT + Subject: CN=WgetTestingServer, ST=CA, C=US/emailAddress=ExpiredTester, O=Dis + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (4096 bit) + Modulus: + 00:d8:ed:cc:9c:e5:35:42:f2:1b:d8:30:36:40:a5: + 01:8e:0f:c2:3c:5b:f0:d1:09:a0:aa:63:07:44:b9: + 2e:20:20:47:5e:43:f3:bc:3b:df:88:f9:26:e6:07: + d9:9c:4c:67:53:46:3a:78:c5:0a:90:0c:f2:e9:a1: + e0:d9:f3:52:bc:51:07:32:ac:9b:d3:ac:f9:25:7d: + 52:8b:2f:fa:06:6e:2d:c4:d4:2e:c7:38:81:f3:30: + 4e:b5:d6:7b:2e:fe:4c:12:84:db:f4:7f:22:91:4d: + 45:37:bb:01:96:61:59:62:af:2e:de:21:70:fa:3e: + 29:97:9d:3c:bf:41:5c:cd:2a:b4:f7:4f:6f:78:a1: + b3:d5:79:53:4e:68:7b:cf:0e:78:87:47:9c:3f:3f: + da:50:27:08:7d:12:c7:e2:da:cc:6f:a4:63:12:ca: + 28:a0:7d:f8:a8:ac:a3:72:77:ab:18:52:83:b1:2e: + 44:49:1a:0c:25:bc:21:bd:40:09:96:6b:60:04:e4: + f2:3f:bc:c4:1e:3c:43:55:1d:fa:40:18:cd:70:91: + 24:03:1a:b8:95:e0:b2:70:3f:1e:05:a8:21:37:b1: + d0:ff:54:36:65:9f:a7:ba:2d:c2:ef:e2:a9:a4:c4: + 72:c5:4c:82:8e:46:3e:b6:d9:aa:62:14:07:1d:53: + 19:08:9b:88:6d:b9:20:88:7c:bc:89:95:02:d5:54: + 96:7b:b0:a8:14:fd:30:ce:5f:41:b7:bf:e2:75:9a: + a3:fa:20:43:2f:c8:80:cd:97:f7:57:37:5d:11:9b: + fe:bf:aa:56:0e:2f:cd:47:7e:0f:db:2d:f7:71:44: + c5:21:7d:c6:b3:50:5d:30:b0:4c:54:8f:7e:05:82: + e6:5e:3b:62:d7:1b:5a:f5:de:57:76:2a:90:b0:d4: + ec:72:8e:ab:64:f1:6f:12:21:80:7c:64:8a:5c:da: + c1:86:12:ff:a9:e9:93:2f:2c:70:59:84:a4:5c:13: + e0:02:d4:9a:72:0e:40:c3:db:99:1b:60:85:c0:94: + 1d:15:24:5b:8b:f6:6f:2c:d1:b5:95:50:e2:53:76: + 4f:cf:57:8e:d5:8b:c1:f5:3f:ad:07:aa:7b:84:32: + dd:32:b5:59:a5:1b:d4:a2:b6:3b:6c:07:cc:4b:e8: + fc:6a:d8:42:e8:08:dc:f1:f1:91:74:cf:9f:5f:57: + 6e:ab:93:5b:5e:af:7d:1c:b7:d3:eb:08:4c:a9:a7: + b5:aa:d6:46:a8:a0:63:68:7b:44:cf:5c:21:42:3c: + 98:ff:42:31:77:94:4f:85:d2:7a:da:56:b1:c4:3c: + b9:2d:e9:d6:88:f3:6c:ff:7b:39:19:83:80:ab:31: + ab:19:6b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + E6:C0:06:2E:89:41:44:32:AE:B6:C5:62:B6:7E:B5:DA:3B:75:D4:04 + X509v3 Authority Key Identifier: + keyid:17:ED:93:43:8F:A7:A6:00:75:D4:E8:B6:82:0D:88:37:7E:C0:6D:08 + + X509v3 Key Usage: + Digital Signature, Key Encipherment, Certificate Sign, CRL Sign + X509v3 Extended Key Usage: + TLS Web Server Authentication + X509v3 CRL Distribution Points: + + Full Name: + URI:http://test.wgettest.org/Bogus.crl + + Full Name: + URI:http://test.wgettest.org/Bogus.crl + + X509v3 Subject Alternative Name: + DNS:WgetTestingServer + Authority Information Access: + CA Issuers - URI:http://test.wgettest.com/Bogus.crt + CA Issuers - URI:http://test.wgettest.com/Bogus.crt + OCSP - URI:http://test.wgettest.com/ocsp/ + OCSP - URI:http://test.wgettest.com/ocsp/ + + Signature Algorithm: sha1WithRSAEncryption + 41:03:d8:91:54:f2:5c:e5:15:80:cd:96:a2:89:94:df:8c:d4: + ce:99:1a:f6:69:03:1d:aa:a8:3d:7f:8a:65:bd:b2:3a:f0:46: + 00:6d:c7:cc:7a:18:44:cb:b4:17:f1:40:83:b1:17:90:64:ba: + 22:2e:18:7e:35:29:20:4c:8f:34:14:86:34:1f:42:6e:a6:e7: + d7:18:a3:11:77:3d:ec:b1:39:59:7b:12:3f:55:b0:86:4a:9f: + 6a:1c:b6:9e:03:3d:39:bf:f6:34:f5:d7:6f:44:bd:9a:54:e5: + f9:d9:14:85:01:d9:3d:0e:18:89:d0:bf:27:df:9a:4f:39:7c: + ec:46:92:e5:3e:9e:e5:10:4a:ed:03:aa:3b:93:02:e9:f3:18: + c1:5f:e8:cb:16:e0:54:9f:8b:0a:c9:65:48:32:93:90:91:2e: + 84:26:14:28:b5:5c:61:38:39:28:3e:8e:74:dd:08:07:67:41: + 9a:82:67:48:ba:3b:c1:66:76:27:7a:9c:c5:95:45:b5:9c:4d: + 94:9b:f5:e2:93:39:2c:d8:15:31:27:82:56:9b:1a:73:e5:f2: + 6a:9a:cd:47:0a:2b:ff:6e:5f:b2:f8:53:4f:fc:c3:1c:b7:25: + 00:30:77:21:87:9b:88:d4:87:f7:30:79:f7:bd:a2:df:42:c4: + 95:c4:e3:3c:94:4a:87:96:94:54:de:fe:80:13:e6:ec:37:dd: + 33:a2:e4:f7:15:e7:a8:08:c6:3d:3b:65:34:96:5f:46:c8:41: + 7f:ce:c5:ca:3a:44:d2:fb:9c:3c:c7:2c:da:12:b3:1f:62:40: + 38:12:cb:36:b7:5c:e7:32:5c:e3:2a:af:b5:36:e8:83:d3:8e: + da:4c:b5:52:5f:f4:d6:54:b7:3b:9d:62:86:5a:26:f1:58:a8: + 2e:f6:46:9c:6f:98:76:e1:bb:9c:27:73:0f:78:11:60:b9:ac: + 13:6e:d9:ec:24:5f:64:e9:59:14:36:02:f1:f0:57:97:ce:31: + 0a:80:1e:d0:c0:c0:77:62:24:c5:d9:61:e9:d9:57:76:64:e1: + 1c:c7:5a:55:e2:58:ab:2f:58:6f:42:91:03:aa:6f:1c:9b:fc: + 0a:c5:ee:14:1d:07:a1:b3:ec:97:6f:ac:2f:85:7f:ea:88:18: + 78:84:ac:af:d8:e9:b7:23:5c:a3:14:ab:8e:ee:95:5b:0d:6c: + e4:25:be:77:04:59:19:57:1e:f7:e0:5a:f2:fc:33:12:57:28: + 11:2e:1f:05:6b:43:62:8f:c0:c3:4a:97:f9:6a:73:1d:dd:c0: + 6f:d4:a2:23:0a:d2:86:68:df:bd:ac:75:61:cf:d8:3f:9a:d1: + 8e:e9:33:59:bd:13:9a:27 +-----BEGIN CERTIFICATE----- +MIIHODCCBSCgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBmTELMAkGA1UEBhMCVVMx +CzAJBgNVBAgMAkNBMREwDwYDVQQHDAhTYW4gSm9zZTEgMB4GA1UECgwXV2dldCBU +ZXN0aW5nIERlcGFydG1lbnQxEDAOBgNVBAsMB1Rlc3RpbmcxFDASBgNVBAMMC1dn +ZXRUZXN0aW5nMSAwHgYJKoZIhvcNAQkBFhFidWdzLXdnZXRAZ251Lm9yZzAeFw0x +NzA1MTQwOTA1MDJaFw0xNzA1MDgxNjAzNDJaMGIxGjAYBgNVBAMMEVdnZXRUZXN0 +aW5nU2VydmVyMQswCQYDVQQIDAJDQTELMAkGA1UEBhMCVVMxHDAaBgkqhkiG9w0B +CQEWDUV4cGlyZWRUZXN0ZXIxDDAKBgNVBAoMA0RpczCCAiIwDQYJKoZIhvcNAQEB +BQADggIPADCCAgoCggIBANjtzJzlNULyG9gwNkClAY4Pwjxb8NEJoKpjB0S5LiAg +R15D87w734j5JuYH2ZxMZ1NGOnjFCpAM8umh4NnzUrxRBzKsm9Os+SV9Uosv+gZu +LcTULsc4gfMwTrXWey7+TBKE2/R/IpFNRTe7AZZhWWKvLt4hcPo+KZedPL9BXM0q +tPdPb3ihs9V5U05oe88OeIdHnD8/2lAnCH0Sx+LazG+kYxLKKKB9+Kiso3J3qxhS +g7EuREkaDCW8Ib1ACZZrYATk8j+8xB48Q1Ud+kAYzXCRJAMauJXgsnA/HgWoITex +0P9UNmWfp7otwu/iqaTEcsVMgo5GPrbZqmIUBx1TGQibiG25IIh8vImVAtVUlnuw +qBT9MM5fQbe/4nWao/ogQy/IgM2X91c3XRGb/r+qVg4vzUd+D9st93FExSF9xrNQ +XTCwTFSPfgWC5l47YtcbWvXeV3YqkLDU7HKOq2TxbxIhgHxkilzawYYS/6npky8s +cFmEpFwT4ALUmnIOQMPbmRtghcCUHRUkW4v2byzRtZVQ4lN2T89XjtWLwfU/rQeq +e4Qy3TK1WaUb1KK2O2wHzEvo/GrYQugI3PHxkXTPn19XbquTW16vfRy30+sITKmn +tarWRqigY2h7RM9cIUI8mP9CMXeUT4XSetpWscQ8uS3p1ojzbP97ORmDgKsxqxlr +AgMBAAGjggG/MIIBuzAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTmwAYuiUFE +Mq62xWK2frXaO3XUBDAfBgNVHSMEGDAWgBQX7ZNDj6emAHXU6LaCDYg3fsBtCDAL +BgNVHQ8EBAMCAaYwEwYDVR0lBAwwCgYIKwYBBQUHAwEwXQYDVR0fBFYwVDAooCag +JIYiaHR0cDovL3Rlc3Qud2dldHRlc3Qub3JnL0JvZ3VzLmNybDAooCagJIYiaHR0 +cDovL3Rlc3Qud2dldHRlc3Qub3JnL0JvZ3VzLmNybDAcBgNVHREEFTATghFXZ2V0 +VGVzdGluZ1NlcnZlcjCByAYIKwYBBQUHAQEEgbswgbgwLgYIKwYBBQUHMAKGImh0 +dHA6Ly90ZXN0LndnZXR0ZXN0LmNvbS9Cb2d1cy5jcnQwLgYIKwYBBQUHMAKGImh0 +dHA6Ly90ZXN0LndnZXR0ZXN0LmNvbS9Cb2d1cy5jcnQwKgYIKwYBBQUHMAGGHmh0 +dHA6Ly90ZXN0LndnZXR0ZXN0LmNvbS9vY3NwLzAqBggrBgEFBQcwAYYeaHR0cDov +L3Rlc3Qud2dldHRlc3QuY29tL29jc3AvMA0GCSqGSIb3DQEBBQUAA4ICAQBBA9iR +VPJc5RWAzZaiiZTfjNTOmRr2aQMdqqg9f4plvbI68EYAbcfMehhEy7QX8UCDsReQ +ZLoiLhh+NSkgTI80FIY0H0JupufXGKMRdz3ssTlZexI/VbCGSp9qHLaeAz05v/Y0 +9ddvRL2aVOX52RSFAdk9DhiJ0L8n35pPOXzsRpLlPp7lEErtA6o7kwLp8xjBX+jL +FuBUn4sKyWVIMpOQkS6EJhQotVxhODkoPo503QgHZ0GagmdIujvBZnYnepzFlUW1 +nE2Um/Xikzks2BUxJ4JWmxpz5fJqms1HCiv/bl+y+FNP/MMctyUAMHchh5uI1If3 +MHn3vaLfQsSVxOM8lEqHlpRU3v6AE+bsN90zouT3FeeoCMY9O2U0ll9GyEF/zsXK +OkTS+5w8xyzaErMfYkA4Ess2t1znMlzjKq+1NuiD047aTLVSX/TWVLc7nWKGWibx +WKgu9kacb5h24bucJ3MPeBFguawTbtnsJF9k6VkUNgLx8FeXzjEKgB7QwMB3YiTF +2WHp2Vd2ZOEcx1pV4lirL1hvQpEDqm8cm/wKxe4UHQehs+yXb6wvhX/qiBh4hKyv +2Om3I1yjFKuO7pVbDWzkJb53BFkZVx734Fry/DMSVygRLh8Fa0Nij8DDSpf5anMd +3cBv1KIjCtKGaN+9rHVhz9g/mtGO6TNZvROaJw== +-----END CERTIFICATE----- diff --git a/tests/certs/expired.key b/tests/certs/expired.key new file mode 100644 index 0000000..72951ce --- /dev/null +++ b/tests/certs/expired.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKAIBAAKCAgEA2O3MnOU1QvIb2DA2QKUBjg/CPFvw0QmgqmMHRLkuICBHXkPz +vDvfiPkm5gfZnExnU0Y6eMUKkAzy6aHg2fNSvFEHMqyb06z5JX1Siy/6Bm4txNQu +xziB8zBOtdZ7Lv5MEoTb9H8ikU1FN7sBlmFZYq8u3iFw+j4pl508v0FczSq0909v +eKGz1XlTTmh7zw54h0ecPz/aUCcIfRLH4trMb6RjEsoooH34qKyjcnerGFKDsS5E +SRoMJbwhvUAJlmtgBOTyP7zEHjxDVR36QBjNcJEkAxq4leCycD8eBaghN7HQ/1Q2 +ZZ+nui3C7+KppMRyxUyCjkY+ttmqYhQHHVMZCJuIbbkgiHy8iZUC1VSWe7CoFP0w +zl9Bt7/idZqj+iBDL8iAzZf3VzddEZv+v6pWDi/NR34P2y33cUTFIX3Gs1BdMLBM +VI9+BYLmXjti1xta9d5XdiqQsNTsco6rZPFvEiGAfGSKXNrBhhL/qemTLyxwWYSk +XBPgAtSacg5Aw9uZG2CFwJQdFSRbi/ZvLNG1lVDiU3ZPz1eO1YvB9T+tB6p7hDLd +MrVZpRvUorY7bAfMS+j8athC6Ajc8fGRdM+fX1duq5NbXq99HLfT6whMqae1qtZG +qKBjaHtEz1whQjyY/0Ixd5RPhdJ62laxxDy5LenWiPNs/3s5GYOAqzGrGWsCAwEA +AQKCAgBPnog5Fc+EsMQThy6Cb42wjIwoBz7OGpCDuTETwjvxwqcvLBWrgvY6mefz +CfKO8WQDJoWTig6kbHxD0AxtMmetgrf3m27eNGCFqAfB2mwULCBUW+SHbnATyCk7 +iGtSBjf5nBX3GSqg1hGPsO2WOkjKda3oDbIfxu0RHr8LG3xqOUCOfPNW/VK6CXvQ +DX1Ts+X9EQWCGXeRb6In9dqzosbiOx256cUbkuDPV/3tp4p+tNptD6Q0iIDo4LIp +efWK5gIqCbX4OtpolonIFeah2/ibVko3cXlKWVxk4mWsgdcfT/57mHcWuZCgPueL +kE/fj9LoI3rPqWyfRCjLMrqhwrwuxZArvsN56CALrbBRpmJql+JL68bPu3fXBgak +X457pXZVGj6GNFdv8JMXRMo/oyn/73jJdWt4g83HiXkXlcxuoLwsbiA8hq72DLMn +dLTVS31Kn3T9RczKSk44xbGSJQUV/s3ErOA378lHJe5wQHk+A0p59fKen7GiT7dj +4ZOzFy1sJW+DS9rklq6gGupdoHJVhcCLe9ryanb28MidMeWsUMa11OGXCpoRk8Np +ZY9ASgfW0+o2XUZukL+NpU7/1ihdybr3E5w0N1IFAAvUa+f7A4iKJW65COdB53wz +jG7zGal2aDqTbC2xLpaUk54Z3sEgpZNW7PqB+O21Yu/ZzC8wkQKCAQEA8MDWS7LF +MkAppvl3M7ATU2tzq0PisoiUS595Sp+Y3LxB3GHKEQKKeMz2P2mHcg4tzYCg4bvP +LE0HXizfFNBKwGMyi40+T2fYz+FC8zAYHKbsZQt0O2uvSGcMriZLCWuAEs45U/b0 +N9UN9BuE4yYizmUGYFjYmUMBUB0Oj/nIU8iikdbV3wBoCzuH1sP5f3kIQzAqNJgt +zci+etMVCPecT8brbLAxKZOEaIX3IAxQu2t2V3geDvukLNECWsVeDAY9DGuL2x3e +BnS+HGrOYDyAPVjxyzzNkjjzBdCV2ciipxwL2QzKsgVPx8L21RdK8mYEDB0dkv7B +kTLw8wH4fxMavwKCAQEA5qq264K+QCRBTYtdayoK2qQksWd3U1QynF3zM0XMb8Ip +J1HnCbzhQ2/ccXKgT9j9KuK+8A4q4Mw+RggwM5QWIfxzD7AjOYPO4G4mCFwwViM7 +H/HbH1WJMHo2LWDEx4/UrphXg2FF2yApX3nCDzNx2cVz39BDyiIKNXs+O8PFoF9N +7emitJ7U+GV7wLWacMgTz4qvTuNu/dQfoCVzsfEvxYay6sAW2cX0nrwr5/+T7js8 +KrfklAOD5Rd36cLRTB7vUDgYQ39MN9Ab1X1e5kwn2HSLbcBJyUMDfRgnc82MnLKn +O8CS2AS4j6tyEvRYrAOwqMmcwWnDBJzrfVicThLIVQKCAQBh7P39YmTFcMXAbh4n +PwpNVxqAYid2mQlAzUgHq20A8+4SFxCa5J6wTiYnWuRF5zCIMza9OqglC9vgWX4P +uD1/jZnEm5npsILG44hY5IoaNWdYHlWTydRNLeVBfL/uv/QjMhCtb3icsSNw1DS0 +NBHaQ8tZKypHBLMnA/qlY2MxeR1vFqR9hWvMjdVN7P6x8+gBdDjmlbOjzXB1AyC+ +OgExjea6mdwVXjRwU3VWasv3v9kt8OTBEWgQ9p7vjvIXD/6K67/CS57An4Goi2UQ +TeuXiHMpSL0RKernxZT+NZa7RDQpgAN+b5yo00uVF1lbyVUCHGGoJclUJxVMstOB +1KJ/AoIBAFCOvmNxvc/Y2ZWjXnTWsgO537a1U88eUK6bgRwe/E7rmEPLLs0P0fwj +TPGx/prkRUZ8+gIMcJ0ht33tzie1SCWGbQjFkwe7KLzouw+gYqEynKuDY+uFi+wK +QnGGojKv4K85NRcFGch1av2VIFj+tnw/oUBBE+u8B6S17f4hWRuxLR4xwkkiT26Q +wq+CvPU2avTIkoESnOi49HKRod47RVvOtx2VCGX15ICrZwoXECrbNSAWKRYoRB/2 +GkLhbwcOprV1YcPw6UV0wMPGjSYQ4rmNukQSK7LGXKmLjfu7hagUHKOZla8rtuk2 +DxjfjThF8aSBBOXncdxikTutfqklliECggEBANGHBID63eBukoc16NOIRenrRNSJ +Oa2W0VhQ/iI9Di9fjZuQutPq2UqR+N0tW5V7qiGm7vb7lRlrnB/jt3pNqGj3qSdC +CEp7IEH0kJ/hp9KwA7MxVzmk5hbDbSrtzxYFYjYNEybKndPmKt+J9AZS3u21WGwU +MaaX2WS2JHLwnSJ0qgp/rg+uoYIXzPLn/1k7H0s8s6lMhY40nZSaxx9dEEe5RWSz +HY9ajmcRUqEbdFNmu+J9yR5q5mku++CLRGU921XomoIf/R3dBvMFFRtiymiVV0qt ++fueaAfibaLDFRSutkfLCyOl2EFyvsSk5TJmutAIe8ba5d1CdCkm4w9SsBI= +-----END RSA PRIVATE KEY----- diff --git a/tests/certs/interca.conf b/tests/certs/interca.conf new file mode 100644 index 0000000..2d522e7 --- /dev/null +++ b/tests/certs/interca.conf @@ -0,0 +1,64 @@ +[ ca ] +default_ca = myca + +[ crl_ext ] +issuerAltName=issuer:copy +authorityKeyIdentifier=keyid:always + + [ myca ] + dir = /usr/oms/src/wget1.x/tests/certs + new_certs_dir = ./ + unique_subject = no + certificate = interca.crt + database = certindex + private_key = interca.key + serial = certserial + default_days = 730 + default_md = sha1 + policy = myca_policy + x509_extensions = myca_extensions + crlnumber = crlnumber + default_crl_days = 730 + + [ myca_policy ] + commonName = supplied + stateOrProvinceName = supplied + countryName = optional + emailAddress = optional + organizationName = supplied + organizationalUnitName = optional + + [ myca_extensions ] + basicConstraints = critical,CA:TRUE + keyUsage = critical,any + subjectKeyIdentifier = hash + authorityKeyIdentifier = keyid:always,issuer + keyUsage = digitalSignature,keyEncipherment + extendedKeyUsage = serverAuth + crlDistributionPoints = @crl_section + subjectAltName = @alt_names + authorityInfoAccess = @ocsp_section + + [ v3_ca ] + basicConstraints = critical,CA:TRUE,pathlen:0 + keyUsage = critical,any + subjectKeyIdentifier = hash + authorityKeyIdentifier = keyid:always,issuer + keyUsage = digitalSignature,keyEncipherment + extendedKeyUsage = serverAuth + crlDistributionPoints = @crl_section + subjectAltName = @alt_names + authorityInfoAccess = @ocsp_section + + [alt_names] + DNS.0 = WgetTestingServer + + [crl_section] + URI.0 = http://intertest.wgettest.org/Bogus.crl + URI.1 = http://intertest.wgettest.org/Bogus.crl + + [ocsp_section] + caIssuers;URI.0 = http://intertest.wgettest.com/Bogus.crt + caIssuers;URI.1 = http://intertest.wgettest.com/Bogus.crt + OCSP;URI.0 = http://intertest.wgettest.com/ocsp/ + OCSP;URI.1 = http://intertest.wgettest.com/ocsp/ diff --git a/tests/certs/interca.conf.in b/tests/certs/interca.conf.in new file mode 100644 index 0000000..5bf28fd --- /dev/null +++ b/tests/certs/interca.conf.in @@ -0,0 +1,64 @@ +[ ca ] +default_ca = myca + +[ crl_ext ] +issuerAltName=issuer:copy +authorityKeyIdentifier=keyid:always + + [ myca ] + dir = @abs_srcdir@ + new_certs_dir = ./ + unique_subject = no + certificate = interca.crt + database = certindex + private_key = interca.key + serial = certserial + default_days = 730 + default_md = sha1 + policy = myca_policy + x509_extensions = myca_extensions + crlnumber = crlnumber + default_crl_days = 730 + + [ myca_policy ] + commonName = supplied + stateOrProvinceName = supplied + countryName = optional + emailAddress = optional + organizationName = supplied + organizationalUnitName = optional + + [ myca_extensions ] + basicConstraints = critical,CA:TRUE + keyUsage = critical,any + subjectKeyIdentifier = hash + authorityKeyIdentifier = keyid:always,issuer + keyUsage = digitalSignature,keyEncipherment + extendedKeyUsage = serverAuth + crlDistributionPoints = @crl_section + subjectAltName = @alt_names + authorityInfoAccess = @ocsp_section + + [ v3_ca ] + basicConstraints = critical,CA:TRUE,pathlen:0 + keyUsage = critical,any + subjectKeyIdentifier = hash + authorityKeyIdentifier = keyid:always,issuer + keyUsage = digitalSignature,keyEncipherment + extendedKeyUsage = serverAuth + crlDistributionPoints = @crl_section + subjectAltName = @alt_names + authorityInfoAccess = @ocsp_section + + [alt_names] + DNS.0 = WgetTestingServer + + [crl_section] + URI.0 = http://intertest.wgettest.org/Bogus.crl + URI.1 = http://intertest.wgettest.org/Bogus.crl + + [ocsp_section] + caIssuers;URI.0 = http://intertest.wgettest.com/Bogus.crt + caIssuers;URI.1 = http://intertest.wgettest.com/Bogus.crt + OCSP;URI.0 = http://intertest.wgettest.com/ocsp/ + OCSP;URI.1 = http://intertest.wgettest.com/ocsp/ diff --git a/tests/certs/interca.crt b/tests/certs/interca.crt new file mode 100644 index 0000000..6cbf0ce --- /dev/null +++ b/tests/certs/interca.crt @@ -0,0 +1,41 @@ +-----BEGIN CERTIFICATE----- +MIIHOTCCBSGgAwIBAgICESMwDQYJKoZIhvcNAQEFBQAwgZkxCzAJBgNVBAYTAlVT +MQswCQYDVQQIDAJDQTERMA8GA1UEBwwIU2FuIEpvc2UxIDAeBgNVBAoMF1dnZXQg +VGVzdGluZyBEZXBhcnRtZW50MRAwDgYDVQQLDAdUZXN0aW5nMRQwEgYDVQQDDAtX +Z2V0VGVzdGluZzEgMB4GCSqGSIb3DQEJARYRYnVncy13Z2V0QGdudS5vcmcwHhcN +MTcwNTA5MjEyNDMwWhcNMTkwNTA5MjEyNDMwWjBiMR4wHAYDVQQDDBVpY2Etd2dl +dFRlc3RpbmdTZXJ2ZXIxCzAJBgNVBAgMAkNBMQswCQYDVQQGEwJVUzEYMBYGCSqG +SIb3DQEJARYJaWNhdGVzdGVyMQwwCgYDVQQKDANJbnQwggIiMA0GCSqGSIb3DQEB +AQUAA4ICDwAwggIKAoICAQCpFc5lZraIIP8PVVbnwSrE11p2kjVgzDPwIJ/bDYGd +60VEMc2ehVOMtj3lFbAUu4nb6j7IbAGB4bUqg4BUVfRodvd2f1WsfAfhf3AUnpI0 +c+ytK8HuXSfv3s44+/iQJftLE0kTADZf9iV/GxdEbhwQXBWku0xU/mxRH4zxDGwZ +6gurQ96Md6DVUgnZsnRgrukQikr9C5e8cbKj7FHLZgq9E+NlGppmKi8qGTUXK17L +cLBEP04glOnMuRQKB6SCIoX+VCiw33hWYfzIiXDKFqcj0liYANyLbM9TiFITGyTj +Jr+Ne1Lac0HlNd8vNeP6IPBjViNZ8Iw3GYly1i8li4THzo8VpXBkJlwOLEYSq9Hr +ZJ0QzUbyzVTLdhlCBhFme17Z9PxQyBr+2A0Lp+r/oKdr+KfMYZN3tzV3YozSw5d6 +4uV2Nz9pVCmLjR8UAV6cJqJILAxCQRVs4Qs7Ko3mGWKWi3T5xxvFy8gQrNHg7+IN +g+0OhsIkfHTGsfW7WGukGhfmispi6sjrbNABRws8Vlr7JcVNFS4uu4H3cVCZ3Rde +9IduNYs0gqss4SYMAxKAz0/M7OCY8Z9obh7zIdsG1A2S07cv9OMsjgPhLiO/i4HF +RriQtYR5sWZKkmZgmS68aJuh/JLijlF/m2HLbI5gSlgwuSAtKUj2C68mTrXZJ3Xl +IwIDAQABo4IBvzCCAbswDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUJNB884gq +c/+HoMtp4GsuFr1O1eYwHwYDVR0jBBgwFoAUF+2TQ4+npgB11Oi2gg2IN37AbQgw +CwYDVR0PBAQDAgGmMBMGA1UdJQQMMAoGCCsGAQUFBwMBMF0GA1UdHwRWMFQwKKAm +oCSGImh0dHA6Ly90ZXN0LndnZXR0ZXN0Lm9yZy9Cb2d1cy5jcmwwKKAmoCSGImh0 +dHA6Ly90ZXN0LndnZXR0ZXN0Lm9yZy9Cb2d1cy5jcmwwHAYDVR0RBBUwE4IRV2dl +dFRlc3RpbmdTZXJ2ZXIwgcgGCCsGAQUFBwEBBIG7MIG4MC4GCCsGAQUFBzAChiJo +dHRwOi8vdGVzdC53Z2V0dGVzdC5jb20vQm9ndXMuY3J0MC4GCCsGAQUFBzAChiJo +dHRwOi8vdGVzdC53Z2V0dGVzdC5jb20vQm9ndXMuY3J0MCoGCCsGAQUFBzABhh5o +dHRwOi8vdGVzdC53Z2V0dGVzdC5jb20vb2NzcC8wKgYIKwYBBQUHMAGGHmh0dHA6 +Ly90ZXN0LndnZXR0ZXN0LmNvbS9vY3NwLzANBgkqhkiG9w0BAQUFAAOCAgEAqUa7 +cQLhjXCAHiMT9V5+hzB/ngriEKC456htspq9RC/FWnYXZ+au89FehFunjy5qzbSz +q7N97rCD2drSwn4B6uBymmIxU6iARmtcsPrfhgXHdvhuVop6yuXspoaU7+g1WMXi +t0RGBx0FahYlggt8a7HnMu3Qz6v8llDeA3U2BCe5ui7mWTauj3bFv/pLW3sigvm0 +Cr3aBHpkIzfHU5D6EC3fKNXQNQruXCCIcBayNiaX+FJcK18sU8tRewiWo/VvffHi +J89/oHvZnXkteT/mEyeAbjkPkNrmNQTmG69t/x4NdxNDe5ZrEpbEPE/6S5z+YP1T +bXG7OeES2/+K3Fprwv/oCoeQdv3bBh4IcRhhE7KpEGnJOLfV1a5aRpVCz/0C30xk +x5GYo0a+AkPAW3zYTaKQXIKDJLpAU6QJ13WaEjVS1EYnUE2o3XEjyZPJVL1y7VSd +1gdk5MEto6RsVH6EmJBBaSiiAj6d1GbkmNku73FiUvRGk39WbGN9qfjrMPvGhAcL +0GrIg5oQLOf0f6sdIU3TJkARNSmgSoLV+RatIEgKI+/i6FxlRdBPoGopPJkrh/gS +stf93A7rFKWmYNKZOMhWXxyv14lwWhBi0bW9QfzavJse047v9X3UvRki06uWXH2t +H51/0uT9gISqZ1CKDpnez4wrjACuKmfI9D2p6J4= +-----END CERTIFICATE----- diff --git a/tests/certs/interca.key b/tests/certs/interca.key new file mode 100644 index 0000000..7a27172 --- /dev/null +++ b/tests/certs/interca.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKAIBAAKCAgEAqRXOZWa2iCD/D1VW58EqxNdadpI1YMwz8CCf2w2BnetFRDHN +noVTjLY95RWwFLuJ2+o+yGwBgeG1KoOAVFX0aHb3dn9VrHwH4X9wFJ6SNHPsrSvB +7l0n797OOPv4kCX7SxNJEwA2X/YlfxsXRG4cEFwVpLtMVP5sUR+M8QxsGeoLq0Pe +jHeg1VIJ2bJ0YK7pEIpK/QuXvHGyo+xRy2YKvRPjZRqaZiovKhk1Fytey3CwRD9O +IJTpzLkUCgekgiKF/lQosN94VmH8yIlwyhanI9JYmADci2zPU4hSExsk4ya/jXtS +2nNB5TXfLzXj+iDwY1YjWfCMNxmJctYvJYuEx86PFaVwZCZcDixGEqvR62SdEM1G +8s1Uy3YZQgYRZnte2fT8UMga/tgNC6fq/6Cna/inzGGTd7c1d2KM0sOXeuLldjc/ +aVQpi40fFAFenCaiSCwMQkEVbOELOyqN5hlilot0+ccbxcvIEKzR4O/iDYPtDobC +JHx0xrH1u1hrpBoX5orKYurI62zQAUcLPFZa+yXFTRUuLruB93FQmd0XXvSHbjWL +NIKrLOEmDAMSgM9PzOzgmPGfaG4e8yHbBtQNktO3L/TjLI4D4S4jv4uBxUa4kLWE +ebFmSpJmYJkuvGibofyS4o5Rf5thy2yOYEpYMLkgLSlI9guvJk612Sd15SMCAwEA +AQKCAgA4Wi4pmWvoPqcDIzwNjVGFvQhHUD89/ZCpzRW52eyDBzBUpAyVcnYABZTn +Tq0am848XvuBrI1sDh9lBeK1ONh2IIAlHBcfn065FtHx7U9o7+HHbTf7C00OIsG0 +ODYFRMNVqB3ImV+F5/FjRVIh2li8ExSbjFjKUukiuFMu2ycEE/7Dm6EGS7BsqCTk +SxeCSYkfnBeV8lEl2vbgrxgro9ycW46D2bPvrMt/SltpV2kGgI4ekMKnFTo+oshM +93MadAsYUlAlcrUWhR3McBIJKDeYNriUIGVgimkmu94uw/MtSXK54oogiB1EGQpD +H8DVUjkLwl+R0BvLGVW30i5wYulja2wJuYbY146+jxPkohpGQv7lChLnXN4HsJio +W5TVqPii5EXKYm1LzuwIQba7EdvVLjA4I+b//qIADtEWA0sQZLiWLSk2/58WMjix +pTbPhAy3xTTebCwz+mxMjZVQ3V2KHVvGUWq0x4rje/yF0mKIFt1CjUgTiUQ8DGSV +MZhiqt6hV4ipo2/GUQLBzxiEr7H89vjsXnUBUb0BQCh6Ykg1P3hfoShxs62kEqtu +b7huQhHL2ch3Cfb2gZ7S9UpO2TjnPpDyhyapJ/MmtTiHIhsts1DYEPLq4+n9FdC2 +FQYkRhR1OCtA+Tw1W4LvTu+57EgMMOdDJK1k+/j6+cV+9vRKEQKCAQEA19kMib0J +lCTagMtVxPDfhWdAueREKTrEGBSyReWJHUqoR4AV34BxsL6fr+8BDpgs6GMTqSWk +YTBz7KgyjSBQh2KgNwMAE89uIez4I8nTq5M92ZfqEZ98bn6ls3A4fwZeZ/wwrVd9 +OVeH54qrINV/wFyLRu9CIkyPXLia39cobotTZXu2d/tQaFG7JXkE4zj2dl6e0zyG +Q5XE+GtAJYWpSPYd5N/J3eFEdoJDWFygM+WSHaYEE+iFbENyiWmDd3O/mHVqovub +rFM/SMsWqfSK5MZVEpFSXPFIlRKLsZ2FiO6Dorei0NAp1VUriDELH0EVzoxErHhu +S+2aN5WlYaFfnQKCAQEAyInb8T364UOHzUyz+IsDaxHOkGu8r1ZKDL5YJUg8wGMl +LEUiyQJGf+RcSiI9tsH47XcptHpAIV745wedFzS2s6NWlAQCkdUKxIrtvA4bB7PV +TJwy2uDCKtzzrSYul1rjpXoyIEt3Q4Ryd8gpa9eeRgWPkq48d6YOTcDw3C+i8VFo +MyMzO8U3bj8vNR3/kE8id67XDWV7qfEtszhxVjYhgL7GyrP2ZeFsFNnrdp09tY0W +aRGkzQw67Yq3tEDNCuNgtF/tNyr0l8DSjiGLqoIkh5wSH/MVz0crM4aPMaNvsTsb +/+JQlrJF6EUVo1mwcqH87I2gGisQTP0rkxmhTsIbvwKCAQBKWRr2fsTD4IXbAy8B +7S4w10X2Qegwg2t0F/zoEo5OJp8cMcRW/fkrNh3vDdZBXq1pRmdJRgv+5h+oDq+K +6OyUFaa2DDSEnliDGwrF2Qkt+kO9pZQcieDkdn9A9ZCgQGNYUge6TX52t+26FYuo +faHJcpcO0e7nvZNMDtJZ89SbbyZEuH47ibdCl5Rs7eh/E+nhD+qJPDnLIdV89ARe +aFHNLelSIrt3z9YzM99aml0cQyE3US3qZZc/mWPkbRG5nYcLTrZyeVQ/4VTVEA84 +b2FAOAipoqDKHtovbvnrLiUG65EwBSzx3CHst6+M88eu9k46nRoyhjEHukn6h3M1 +084JAoIBAB7uBFpE8PjlbYCgn/Fpn3FYIb/sngF9EZa9lOLLLXOO1yDo2OCf1TfM +hN96QIJ7kGUvx+LqKBH9j+4yImx92OAEBUp3A95yOWLu+pPSqSCa//786GsR12C9 +C2hdRzpY7luLaUfJ2+8x8mW/HYRgkSzDls1Myk658eLUK1IKltsZbzTT7Qb+9/mt +DR7oLY6YZfyHnuuWB2jCpgXKYtClMK2mvwpsj0hPaFge9E4rGmVyCU7TRdPKWxxg +FM1cYUOYpkWrte6YVXlCaDc7vUrjH7c6vyDmYSrDE0qzKkrBpmxzbXId+cgEXvvg +C+JR5wEHMvdZMKRYl/8H3Tym61Y2YgkCggEBAI6yQmYwqL9ELqFfWxuqSQfiEoPA +tENwVIhwhbGKje/FgNotgC+EjToQzBfZDVudOlnRyOTjgxfeZ5mtsdH9sJ278L7I +mZmZezmAC1GPE4Ev8GZjpFYqcx0GYGy2pvlNea2Rt8Xnw2B+GDGPTf299djeRgS1 +Xnd0j9ltxTsmiOxF1AMYuMeg57jcUAAG0N81SrOASYc7P7DKpn8PGUim9szNccXy +jcWEJb9WRLuGfrMTwf4gpb7mShod9A4B5TziF9FNxR5u7MMW8NItMRndqI+/2ylP +e3MAV+ZhxtLs/sWOwcJk/rwhvRsbadzKhEiZPDYDDZ10oWWsCdeawp0VZEk= +-----END RSA PRIVATE KEY----- diff --git a/tests/certs/invalid.crt b/tests/certs/invalid.crt new file mode 100644 index 0000000..0ab8ff1 --- /dev/null +++ b/tests/certs/invalid.crt @@ -0,0 +1,149 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 1 (0x1) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=US, ST=CA, L=San Jose, O=Wget Testing Department, OU=Testing, CN=WgetTesting/emailAddress=bugs-wget@gnu.org + Validity + Not Before: May 15 15:28:03 2037 GMT + Not After : May 15 13:28:04 2019 GMT + Subject: CN=WgetTestingServer, ST=CA, C=US/emailAddress=ServerTester, O=Dis + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (4096 bit) + Modulus: + 00:b4:d4:0b:fe:35:25:05:a2:ec:28:c3:6a:d8:13: + f7:57:7f:f6:f2:4b:87:64:59:29:cb:81:93:c0:3d: + f5:2b:30:d4:30:4b:ab:e1:0e:5a:57:e9:ac:d0:ef: + 62:f6:a3:f2:d7:24:f6:8b:e3:54:98:68:75:bc:f8: + 34:4c:2f:96:6c:dc:1d:af:72:f9:c6:5a:6e:0f:03: + 4c:45:ed:0a:17:9b:ba:2e:f3:8d:7d:6e:e9:4b:3d: + 36:d9:7a:18:2e:24:72:5b:98:84:5b:09:6f:a5:f2: + 87:b3:0d:d7:93:92:2e:6f:68:4f:db:5d:78:77:c6: + 63:04:c6:29:67:42:3a:6f:0f:c0:e2:cb:1e:52:f3: + 11:0b:c3:80:4a:3f:b5:5e:1f:43:0c:04:c4:b4:f1: + 95:98:e4:b7:b0:4b:14:fe:1c:99:70:f4:1c:91:1e: + e3:9a:a2:ff:48:54:fa:3d:01:e7:48:6f:0b:3f:4f: + a5:45:b1:1b:98:0d:57:6f:15:a6:75:bb:45:0a:52: + 66:e6:1b:77:29:ba:c5:13:41:91:8b:0b:a0:6a:44: + fa:8e:60:46:8c:c6:43:de:67:46:1d:30:c5:ce:77: + f2:4a:53:c2:27:85:1f:48:69:c8:27:df:b1:71:09: + 42:10:2e:7f:b8:fe:85:fe:bd:39:2c:84:2a:10:a5: + 80:00:79:42:a8:6f:3b:55:08:f2:98:c7:44:e7:a0: + b4:dc:c5:c1:3e:75:30:cb:a9:7a:44:a8:a1:03:8a: + 44:cb:dd:04:74:54:91:91:11:2d:32:ce:67:2b:af: + 23:a9:69:35:39:8c:7e:4a:fe:d9:b4:86:c9:ff:f8: + 09:86:2b:ad:eb:12:74:2c:6a:25:29:8c:ab:13:68: + 9a:26:8f:12:2d:ac:36:23:99:91:7f:5f:22:3e:f3: + 6c:a3:a1:5b:fa:64:da:dd:80:81:8f:8d:36:5b:e7: + 8f:0a:0f:84:c7:6a:fb:f4:6d:4d:3f:ce:ff:f4:1e: + c2:62:d7:95:e7:af:f4:57:c2:b8:e4:ba:d2:18:1f: + 2c:47:ef:6b:b8:7f:e3:92:4d:6d:b2:86:70:fe:fd: + 54:42:0e:88:cf:9c:02:7d:a5:11:72:ef:6e:63:05: + 81:1a:00:fc:cb:b7:91:af:3c:7c:53:da:7a:54:d8: + 3b:98:e7:de:bc:1e:10:7b:fb:60:89:e6:40:13:da: + da:d7:d6:7c:f6:61:b9:82:33:1c:c6:62:06:6e:ae: + 5c:99:ab:1d:44:a7:10:7e:03:51:dd:59:97:0a:da: + ab:c8:85:28:bd:e0:5d:12:5d:aa:02:3c:1d:a6:0e: + 6e:43:18:b6:ac:4e:7f:f3:4a:2f:67:84:dc:7c:0c: + c0:9f:bf + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + EA:FC:B3:3E:7E:5E:68:61:80:61:59:4C:D5:B7:A0:9D:1D:86:E5:97 + X509v3 Authority Key Identifier: + keyid:17:ED:93:43:8F:A7:A6:00:75:D4:E8:B6:82:0D:88:37:7E:C0:6D:08 + + X509v3 Key Usage: + Digital Signature, Key Encipherment, Certificate Sign, CRL Sign + X509v3 Extended Key Usage: + TLS Web Server Authentication + X509v3 CRL Distribution Points: + + Full Name: + URI:http://test.wgettest.org/Bogus.crl + + Full Name: + URI:http://test.wgettest.org/Bogus.crl + + X509v3 Subject Alternative Name: + DNS:WgetTestingServer + Authority Information Access: + CA Issuers - URI:http://test.wgettest.com/Bogus.crt + CA Issuers - URI:http://test.wgettest.com/Bogus.crt + OCSP - URI:http://test.wgettest.com/ocsp/ + OCSP - URI:http://test.wgettest.com/ocsp/ + + Signature Algorithm: sha1WithRSAEncryption + 3d:8d:a9:7a:8c:32:7e:7a:9c:c5:d6:14:d4:05:3e:49:50:d3: + 11:a4:61:df:82:91:c3:87:26:9d:fb:3f:2f:b5:10:86:22:f0: + 4e:c5:54:6d:09:33:17:3c:0d:aa:87:43:2a:89:62:c6:28:b5: + 4e:41:17:7d:57:ad:76:f5:3e:c6:e7:b5:3b:21:16:79:7b:a0: + 42:ee:59:88:16:92:4e:3d:8d:ec:8e:87:07:3b:8a:dd:55:1d: + 0a:f2:ea:aa:e7:20:6b:0e:4e:f5:33:46:34:16:8c:be:61:b1: + 6c:47:52:03:cc:df:8a:3e:cd:01:92:6d:1a:39:5a:d0:75:38: + 71:f2:b2:78:65:26:5c:c9:72:c6:26:dc:09:ee:b6:e8:b5:60: + d6:e8:09:d0:db:ea:c5:80:8a:86:c0:f9:97:1d:44:94:33:c7: + 73:39:d0:5e:62:e7:90:d8:1f:23:09:98:18:c6:da:28:b4:30: + e0:d0:6f:20:a7:a4:06:4e:ee:b4:ef:3e:18:16:0b:f7:46:f0: + c7:d0:6d:41:1e:cf:c7:08:78:f7:22:b6:a7:c5:40:be:09:61: + 5a:65:71:c5:37:33:f5:c1:8c:b0:c3:1a:d8:9e:a2:98:71:10: + a3:39:c5:d2:57:5d:24:62:dc:48:58:2d:1e:f1:29:54:a2:e7: + dd:86:09:1b:a6:b4:27:27:e1:7f:04:98:92:2e:e1:68:48:51: + 38:44:59:9a:3e:3d:e9:d1:69:db:eb:4d:27:d6:9f:a4:d0:4a: + 58:10:ca:b4:60:dc:52:5d:63:a0:73:9c:74:89:aa:92:40:81: + 91:0a:b1:ad:ea:d2:f6:bf:9c:49:ab:ce:d9:47:ae:86:8f:da: + 41:ad:ec:0f:2a:cb:f6:ce:0e:67:09:0b:75:60:16:99:cd:4a: + 2b:d1:b8:be:9b:37:58:4d:78:c5:67:69:5c:c7:48:31:50:83: + dd:10:40:b7:80:fe:d7:a4:a9:59:32:c4:3c:80:ad:6b:7c:9c: + 47:14:e8:74:18:e8:f9:ad:b4:dc:e9:f6:38:21:90:0b:58:60: + 48:a2:95:2b:a1:58:0a:52:5a:ba:5d:8e:4a:96:22:a7:8e:cc: + f1:db:5e:15:cd:e2:77:db:25:1f:83:ad:d6:10:98:1b:0a:b0: + 43:23:8c:14:65:72:8e:c4:b8:81:f8:a2:27:55:69:37:e6:fa: + 4a:74:30:fc:d0:31:e8:9a:67:cf:b0:59:e3:82:92:37:2e:f1: + 77:7f:ec:41:2d:9c:6e:46:11:65:b7:5f:b6:8b:90:fa:a7:2c: + 4e:3e:fd:18:c7:5c:6c:b6:f3:f4:07:13:66:48:43:b4:30:ec: + b6:ca:f1:3d:03:57:c1:38 +-----BEGIN CERTIFICATE----- +MIIHNzCCBR+gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBmTELMAkGA1UEBhMCVVMx +CzAJBgNVBAgMAkNBMREwDwYDVQQHDAhTYW4gSm9zZTEgMB4GA1UECgwXV2dldCBU +ZXN0aW5nIERlcGFydG1lbnQxEDAOBgNVBAsMB1Rlc3RpbmcxFDASBgNVBAMMC1dn +ZXRUZXN0aW5nMSAwHgYJKoZIhvcNAQkBFhFidWdzLXdnZXRAZ251Lm9yZzAeFw0z +NzA1MTUxNTI4MDNaFw0xOTA1MTUxMzI4MDRaMGExGjAYBgNVBAMMEVdnZXRUZXN0 +aW5nU2VydmVyMQswCQYDVQQIDAJDQTELMAkGA1UEBhMCVVMxGzAZBgkqhkiG9w0B +CQEWDFNlcnZlclRlc3RlcjEMMAoGA1UECgwDRGlzMIICIjANBgkqhkiG9w0BAQEF +AAOCAg8AMIICCgKCAgEAtNQL/jUlBaLsKMNq2BP3V3/28kuHZFkpy4GTwD31KzDU +MEur4Q5aV+ms0O9i9qPy1yT2i+NUmGh1vPg0TC+WbNwdr3L5xlpuDwNMRe0KF5u6 +LvONfW7pSz022XoYLiRyW5iEWwlvpfKHsw3Xk5Iub2hP2114d8ZjBMYpZ0I6bw/A +4sseUvMRC8OASj+1Xh9DDATEtPGVmOS3sEsU/hyZcPQckR7jmqL/SFT6PQHnSG8L +P0+lRbEbmA1XbxWmdbtFClJm5ht3KbrFE0GRiwugakT6jmBGjMZD3mdGHTDFznfy +SlPCJ4UfSGnIJ9+xcQlCEC5/uP6F/r05LIQqEKWAAHlCqG87VQjymMdE56C03MXB +PnUwy6l6RKihA4pEy90EdFSRkREtMs5nK68jqWk1OYx+Sv7ZtIbJ//gJhiut6xJ0 +LGolKYyrE2iaJo8SLaw2I5mRf18iPvNso6Fb+mTa3YCBj402W+ePCg+Ex2r79G1N +P87/9B7CYteV56/0V8K45LrSGB8sR+9ruH/jkk1tsoZw/v1UQg6Iz5wCfaURcu9u +YwWBGgD8y7eRrzx8U9p6VNg7mOfevB4Qe/tgieZAE9ra19Z89mG5gjMcxmIGbq5c +masdRKcQfgNR3VmXCtqryIUoveBdEl2qAjwdpg5uQxi2rE5/80ovZ4TcfAzAn78C +AwEAAaOCAb8wggG7MA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFOr8sz5+Xmhh +gGFZTNW3oJ0dhuWXMB8GA1UdIwQYMBaAFBftk0OPp6YAddTotoINiDd+wG0IMAsG +A1UdDwQEAwIBpjATBgNVHSUEDDAKBggrBgEFBQcDATBdBgNVHR8EVjBUMCigJqAk +hiJodHRwOi8vdGVzdC53Z2V0dGVzdC5vcmcvQm9ndXMuY3JsMCigJqAkhiJodHRw +Oi8vdGVzdC53Z2V0dGVzdC5vcmcvQm9ndXMuY3JsMBwGA1UdEQQVMBOCEVdnZXRU +ZXN0aW5nU2VydmVyMIHIBggrBgEFBQcBAQSBuzCBuDAuBggrBgEFBQcwAoYiaHR0 +cDovL3Rlc3Qud2dldHRlc3QuY29tL0JvZ3VzLmNydDAuBggrBgEFBQcwAoYiaHR0 +cDovL3Rlc3Qud2dldHRlc3QuY29tL0JvZ3VzLmNydDAqBggrBgEFBQcwAYYeaHR0 +cDovL3Rlc3Qud2dldHRlc3QuY29tL29jc3AvMCoGCCsGAQUFBzABhh5odHRwOi8v +dGVzdC53Z2V0dGVzdC5jb20vb2NzcC8wDQYJKoZIhvcNAQEFBQADggIBAD2NqXqM +Mn56nMXWFNQFPklQ0xGkYd+CkcOHJp37Py+1EIYi8E7FVG0JMxc8DaqHQyqJYsYo +tU5BF31XrXb1PsbntTshFnl7oELuWYgWkk49jeyOhwc7it1VHQry6qrnIGsOTvUz +RjQWjL5hsWxHUgPM34o+zQGSbRo5WtB1OHHysnhlJlzJcsYm3Anutui1YNboCdDb +6sWAiobA+ZcdRJQzx3M50F5i55DYHyMJmBjG2ii0MODQbyCnpAZO7rTvPhgWC/dG +8MfQbUEez8cIePcitqfFQL4JYVplccU3M/XBjLDDGtieophxEKM5xdJXXSRi3EhY +LR7xKVSi592GCRumtCcn4X8EmJIu4WhIUThEWZo+PenRadvrTSfWn6TQSlgQyrRg +3FJdY6BznHSJqpJAgZEKsa3q0va/nEmrztlHroaP2kGt7A8qy/bODmcJC3VgFpnN +SivRuL6bN1hNeMVnaVzHSDFQg90QQLeA/tekqVkyxDyArWt8nEcU6HQY6PmttNzp +9jghkAtYYEiilSuhWApSWrpdjkqWIqeOzPHbXhXN4nfbJR+DrdYQmBsKsEMjjBRl +co7EuIH4oidVaTfm+kp0MPzQMeiaZ8+wWeOCkjcu8Xd/7EEtnG5GEWW3X7aLkPqn +LE4+/RjHXGy28/QHE2ZIQ7Qw7LbK8T0DV8E4 +-----END CERTIFICATE----- diff --git a/tests/certs/invalid.key b/tests/certs/invalid.key new file mode 100644 index 0000000..426a2ef --- /dev/null +++ b/tests/certs/invalid.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKAIBAAKCAgEAtNQL/jUlBaLsKMNq2BP3V3/28kuHZFkpy4GTwD31KzDUMEur +4Q5aV+ms0O9i9qPy1yT2i+NUmGh1vPg0TC+WbNwdr3L5xlpuDwNMRe0KF5u6LvON +fW7pSz022XoYLiRyW5iEWwlvpfKHsw3Xk5Iub2hP2114d8ZjBMYpZ0I6bw/A4sse +UvMRC8OASj+1Xh9DDATEtPGVmOS3sEsU/hyZcPQckR7jmqL/SFT6PQHnSG8LP0+l +RbEbmA1XbxWmdbtFClJm5ht3KbrFE0GRiwugakT6jmBGjMZD3mdGHTDFznfySlPC +J4UfSGnIJ9+xcQlCEC5/uP6F/r05LIQqEKWAAHlCqG87VQjymMdE56C03MXBPnUw +y6l6RKihA4pEy90EdFSRkREtMs5nK68jqWk1OYx+Sv7ZtIbJ//gJhiut6xJ0LGol +KYyrE2iaJo8SLaw2I5mRf18iPvNso6Fb+mTa3YCBj402W+ePCg+Ex2r79G1NP87/ +9B7CYteV56/0V8K45LrSGB8sR+9ruH/jkk1tsoZw/v1UQg6Iz5wCfaURcu9uYwWB +GgD8y7eRrzx8U9p6VNg7mOfevB4Qe/tgieZAE9ra19Z89mG5gjMcxmIGbq5cmasd +RKcQfgNR3VmXCtqryIUoveBdEl2qAjwdpg5uQxi2rE5/80ovZ4TcfAzAn78CAwEA +AQKCAgAZRMBgR4Di5r9letlFVJTtrz4M4a0LwsHqZDMHXCEUZgBgt1JPYrgRLOAv +WiRUHtjiY5HoPl4l5gL94xk7xDKbB69GQyTQKPbUNjvEUbllTyeXRAVzj7od/3HY +tg0G9aTdU9S6+/iUEe4QgVCsmHLQspzmJIufASP5GM/UVBbiSitEBeo44SpyoGEe +/wQTIP83gLsUJeYntV5NzlAiqlBuzk3noY9gnoJZ0zYcrFVrc8j4keKgeH1IpCSh +qz7VmNOu+5DReukN9cFwTWtPKNLDxtvUZXO2XEZDn97WWWhqz6wV4tpwt1OFxPJp +UAL1rruCk1zZtwd2b26738QZC2d1bUdWwFo/d100cihzgvycMNCERne37ZDl4/NA +izm1nfWraYiFcbAMXLccnt19SWvPo1/UgtHVutOgTuV/dHnLq4iBktUnbiwnHrn6 +aVchQeetKtVYtjDx3ioP1v8vnYtZiKh7TSePVrOZPQah4H3wqCvxawdRFsK4jSXq +KFtCCDaspFcIcbkPnfRnCnojFnXwso0d0o3g0sY6RIRmkIrdzbFTwtYPTgiTP7A+ +F2LMjvAdkEQFHPop2vtji9tlMdNSK/zlG4M74Vc68IKa5/JtsnN+TjCkVlQ2uwfo +/NJnGANZZZm3kpS+an7XrwJMo8WqWt35jS9i3mt0/awzTEVAoQKCAQEA4jvWInF/ +PK34RUzrVA4Xc5QCkVqxbcSu6+V2EKKLhS15eqp+jaBhUSL+d8e2oTIYCIEf2YWK +7lrD424NR/i93TlBVdkg4AjZ6yvjFRqdK6+6NjINvgObkcdDMORrPxE5h2n1LoO0 +efHwRD3Ae1PHOgSPZHNHL75lfH4wzQOmHsBm6Oucu9DBFa8mAhFONrZOSFsD6cbi +6B0Qdpz/Eb0MrNF8pJA0rupe88Jg1d6/DX24TIUMaKEd3rbqb3YENBw9mPlT1Vr7 +VHvR9oxyZgQ69sx9BblBVilyXoxtZclL1ebx/03zvzZ4v1PgP7x4eW1Upz8QyaBh +KFed6yrzrJYc5wKCAQEAzJ7VNzxzTMfKgw/Ps3Y10qHTigyZ48y+6tMFGoc5ecul +8zsElksR35D0wBsJHmoVLs0JFH2vsuWPFqAaS34o3ayaXhMOkD6PuwKN2jJOckxn +3Urh9dQ5S0j2L4ektRt1dTTJrYDTpMShBEAuYBeDEiuEVYH+ccnPLhL7Tz/Kwfkj +cfjo1WwmU3JMo3hSuEKRkdchYdS6F9sHeC04qjYzJSyKkvuularZN8alkiR8xJTx +9iwjst0K9JEgL/pe3KvNx1ukh/jLPB3B6RtUhy5EWlT/IsO2MUyn0GrBRvR+CugF +LdND4zJQEMy1FRdVjch2HZjOBuNCW5YOjvtb+NVzaQKCAQEAy4UC3Vd3HFJxD37k +EWjf5gTXzoVlKpeOuP5jGRHxK6y+JQDt+mC2S3SMsZrDi/3xquzmhxvg4Q5cPOQL +JJz7yOEyCpXbQlAUIsEHdzvK+rsKbKjYvgCm2h0FMB288S6Ar3Y9sEuhdzaUa/+V +ghzbFDF4AejGuIey6qznH/fRYMa7jXwwMrHYkbZQHfoNf6C/ic3/Fjbqd991qQ8R +U5bbqTiHxc9I5bZIF0fdL2lEPFHGE2h5wkJ3CZ1KB12G6I4jR9O8fCpuARGm0AKH +A4l4tf891YFT6rw8fBweajwNce9h8sfgqDrLo2tESHI3ex1E03QjmQ8jeFRh52Zr +ce5VLwKCAQAxUyBmnkXU/lxM16Tjx90VlzjdEEiQZyymgpO6X1p1h6fLSDDE4fe/ +ArxdCqdaE4xjqb1EmT+fSkMB2zo7dH/5X8AeaU2ba9lN5UG4lWPfnZdz+rcZgT0G +buIZdwM3PRVFWaI8Fs/t6hA+bBJBy6km2iKeUiW53EH7A0xdQC1qMNpggPXvbJCY +kPb0eO7HyBQ7Kba8VIE/eucECzKbpVES5vfIkq71GSgfj90dq3oAET96bg108l/P +sKQnrJztaOTD581zkX+8UBgMTzBDHd4QQGj4QmFK5QWW8gUBS7KOgnutHj5BKEGw +qwgDu4o+EVKXs9wGQQYf+b4srV7wTtPxAoIBAGnAVJA9pLhXHG0ClgbAyHDyK/uG +/OSDkfJwLtauYs5ZpLIe0wnNJgDUWs4Sk/1UpedZeg5YuyjGJsBwwOLKmv4Smxgf +2/j7mEU6otSeIdgGwrWdCGbQij4tWE0g6KehNbovOZm0dpUPw5LZqynWbkioSP/L +qFSGfxvqdwYM0Oe+GI6gxXA9OU6kzZcXXYiq08eFaRWHcrksGHL84tp4T3OoL/Xq +EBDHD8byyvCcOTb7aAopAA+XVWZEACeHbAHbyoD8t4aXRVWSddOBix/tM5aSIcvb +G4I/tnbAb23NFmgLNxsUEg5zE0NklQx6ogt+OdEHmjTbDFCAnPFYEZ3Romc= +-----END RSA PRIVATE KEY----- diff --git a/tests/certs/revoked.crt b/tests/certs/revoked.crt new file mode 100644 index 0000000..6884513 --- /dev/null +++ b/tests/certs/revoked.crt @@ -0,0 +1,41 @@ +-----BEGIN CERTIFICATE----- +MIIHOTCCBSGgAwIBAgICESUwDQYJKoZIhvcNAQEFBQAwgZkxCzAJBgNVBAYTAlVT +MQswCQYDVQQIDAJDQTERMA8GA1UEBwwIU2FuIEpvc2UxIDAeBgNVBAoMF1dnZXQg +VGVzdGluZyBEZXBhcnRtZW50MRAwDgYDVQQLDAdUZXN0aW5nMRQwEgYDVQQDDAtX +Z2V0VGVzdGluZzEgMB4GCSqGSIb3DQEJARYRYnVncy13Z2V0QGdudS5vcmcwHhcN +MTcwNTA5MjIzMDE5WhcNMTkwNTA5MjIzMDE5WjBiMRowGAYDVQQDDBFXZ2V0VGVz +dGluZ1NlcnZlcjELMAkGA1UECAwCQ0ExCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcN +AQkBFgxzZXJ2ZXJ0ZXN0ZXIxDTALBgNVBAoMBFNlcnYwggIiMA0GCSqGSIb3DQEB +AQUAA4ICDwAwggIKAoICAQDOQ+DNimL/GtTaZZotU21lLk4tZnbLrgJkBjlIWQvU +N91vhjrQqJDK7pwojk5kKZ4RL+ZBPdd0dYgXMNaDflv9mlwlzTIwy0nveY7/APML +R4p+PtbmKVP3YXe8kLmgkJklWntu6iCVhESO8PJ/It2KUS6bgr/M2zXN6HiPlgns +IyH1Mo+Nxtvs7Hz+Qc+37rctmgtSR25qfQtqK4MmzeAGcMIG3JRlVT6B1cjlOmIJ +23+KCd24tng3+G0+4u1FnIQS0Z25yrPWSvRSZJE678zQDDxzd6gGsuQbG/fniTIt +Csj/9SV+6C12ZIl/j5snzdNJtb72s5BlcTVIiTXXwOxx+1/IKvTRCpGUDF+7jLHF +68jIIzbP7z2lSWJz70MDzZoyT63rgnlakrwwcvWK45cCuyHVrItPDOcPbiVfJYP7 +OSafzC2NqtK+JdY5/RWhEJIgm86nbPvZCIh9xAVpVXg4NXLvPBW+hwN1V5GFY6Pk +9LG2IYEedUabHtojFC8JK8A+cHFsVn1Kur5Gn1aqp/lYotIKZ1hWryFB6gmOfK6J +RI1Vrj/j/hSfFY5yZFRcb1qlP1Z1yi6X6WFlIU10JRB9qr1Pc5ohDDN9fwtL/n5b +gzPP22NsOcIomf5PdPTjmI2JKe2cQRPZkatNoKqFmgPy6gR+jm2auQkKDzXhP18+ +xwIDAQABo4IBvzCCAbswDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUqTa7LrpK +PiP4/zI29dHqqxgv/SkwHwYDVR0jBBgwFoAUF+2TQ4+npgB11Oi2gg2IN37AbQgw +CwYDVR0PBAQDAgGmMBMGA1UdJQQMMAoGCCsGAQUFBwMBMF0GA1UdHwRWMFQwKKAm +oCSGImh0dHA6Ly90ZXN0LndnZXR0ZXN0Lm9yZy9Cb2d1cy5jcmwwKKAmoCSGImh0 +dHA6Ly90ZXN0LndnZXR0ZXN0Lm9yZy9Cb2d1cy5jcmwwHAYDVR0RBBUwE4IRV2dl +dFRlc3RpbmdTZXJ2ZXIwgcgGCCsGAQUFBwEBBIG7MIG4MC4GCCsGAQUFBzAChiJo +dHRwOi8vdGVzdC53Z2V0dGVzdC5jb20vQm9ndXMuY3J0MC4GCCsGAQUFBzAChiJo +dHRwOi8vdGVzdC53Z2V0dGVzdC5jb20vQm9ndXMuY3J0MCoGCCsGAQUFBzABhh5o +dHRwOi8vdGVzdC53Z2V0dGVzdC5jb20vb2NzcC8wKgYIKwYBBQUHMAGGHmh0dHA6 +Ly90ZXN0LndnZXR0ZXN0LmNvbS9vY3NwLzANBgkqhkiG9w0BAQUFAAOCAgEAPUgd +LtrK+WYYhSJkvsa7pB6hUmZFMiqs1/uJqz8b8Q6uX33IXyg5zmFU07d3uOrFYSXi +MFMhpw2A/D+CbPECaPEWGXII8dh9WlomxpjpZABZ/cmeG2SM7BxVwjIjACscXogJ +A/Gm7I0hhvYSZ/G+kFbYbSf/Pj7Rz/4KW6WSwwQK23ab00MXBM6jWEueAeWebzeW +rzWgyyy+GiqgLqQAKQrYtD51uF5Co+S0e2wazORLakvdF/USCBQwX+Pla09Wyf+b +0HBqNjuxQc278/69Xp0mg8k67oUrWt3zgJ8kDhNIGvLnCB+0595G/z+7+mxdEztc +BavKAMEDWTSCClwxO6lBQR7+oiNWdaaqHP1SS8sckjtt2jTbmjmRzWWkU+xSIlt2 +waIXS/BYRbyhLuWfxivvRjS7eQogeSP0rtZj/upBwM4xKVPF0bal/LMyEfrY3qV5 +8YXXFhnoVr7q3t0YaioIZXY35QcA5aR+P4XyLnzCTVuKUi172BS8KJBXMijEXxta +rRQxtHLQeYB5eP/MaC2qMJH/OMR3A9Z7sXYbp/YuE+V/MxcGwAoHWKxMeKtdF420 +HGeKfzMla6uJQk26VEFAt+TYV2KUriPWyL/IPDzAjrSPMF9ZDIMhqELjFYCRGPwc +X6txpIEgZCGdJWK0H3et8ZSe469AED6oqTfn44w= +-----END CERTIFICATE----- diff --git a/tests/certs/revoked.key b/tests/certs/revoked.key new file mode 100644 index 0000000..2f41605 --- /dev/null +++ b/tests/certs/revoked.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJJwIBAAKCAgEAzkPgzYpi/xrU2mWaLVNtZS5OLWZ2y64CZAY5SFkL1Dfdb4Y6 +0KiQyu6cKI5OZCmeES/mQT3XdHWIFzDWg35b/ZpcJc0yMMtJ73mO/wDzC0eKfj7W +5ilT92F3vJC5oJCZJVp7buoglYREjvDyfyLdilEum4K/zNs1zeh4j5YJ7CMh9TKP +jcbb7Ox8/kHPt+63LZoLUkduan0LaiuDJs3gBnDCBtyUZVU+gdXI5TpiCdt/ignd +uLZ4N/htPuLtRZyEEtGducqz1kr0UmSROu/M0Aw8c3eoBrLkGxv354kyLQrI//Ul +fugtdmSJf4+bJ83TSbW+9rOQZXE1SIk118DscftfyCr00QqRlAxfu4yxxevIyCM2 +z+89pUlic+9DA82aMk+t64J5WpK8MHL1iuOXArsh1ayLTwznD24lXyWD+zkmn8wt +jarSviXWOf0VoRCSIJvOp2z72QiIfcQFaVV4ODVy7zwVvocDdVeRhWOj5PSxtiGB +HnVGmx7aIxQvCSvAPnBxbFZ9Srq+Rp9Wqqf5WKLSCmdYVq8hQeoJjnyuiUSNVa4/ +4/4UnxWOcmRUXG9apT9Wdcoul+lhZSFNdCUQfaq9T3OaIQwzfX8LS/5+W4Mzz9tj +bDnCKJn+T3T045iNiSntnEET2ZGrTaCqhZoD8uoEfo5tmrkJCg814T9fPscCAwEA +AQKCAgAEWkxZKg1ywrcxMKmzQSpy0ypVLO9e1vo38CWvUCm+vbsPim6dTqFXlvd2 +p6Ih3Pr38+HRCKQOUhigHKi6N6VrUaGWLqFbhD64LgGFghie6VCT33Gbg83Az66+ +LPOt3r9MmX83VPuBDDyCI7WKV0sDizkHkRfJE+srwDcjGJB3CjrCOOHspQCpHEh6 ++RqQEBqPfMu2XcmHt8HQ6MAoxnluyVxe1rLO/KCIDuHhbHz7JkWnvROPvVIGJFjx +1coaCPaEiyXf8NYgtI45WuPxsXPKBCgWa7UBBy9nHwz5Ntz3NF4PgLXc2rty3yZD +qd0lVuOZj5tLC3kFmwD72eFn/ys+JtIw9a2wwQ1sGbNa764yY4T3GWLJ6HgHHhPk +D94PC7wfBFzoZtUoZrE0T4XP8TrM730SERj0HCNfURnYlYR6mqj+0pVTHZaeXEho +NZdDgdWP0b8v+EZky1L5pgM761GtJ9vKHZMMBj0/hVULIkpVcf5gs5fwGiXzj/o6 +CcSoLP4JvFm8nINH302dBzS0o2bW4fZehvRtiapdu6kXE9k7ZsnpFcvMCxmtHJGd +p3yRyhqO5CEMVJOVJSpNQqRueyd8X6QRbuFsGG+FcBOTe9DxIcdzKkwHRAo1osRw +mPF85QzsgF7tWw/AoYzi5FupLud7HUNg4ucQS6NZdKM+DvEzcQKCAQEA7tPxo01m +z3MAJdHtyG8PE66SNCXBDyoIYhXl1EiYppPn75jjOnaIK0sRSJF9DX6rt+7OX6Jd +InhqEJKFk22pJ7lcACBZl0Obg9RBTd2hNKWkH5oRvPOHwGC8NF34HDxpgY6utw3Z +LiLr8nwLZkd7FXGi6GFL0wB2YQhXqn2cJvPSgnNE8HQINU5OHfEMPRhikat8+OoJ +ZVgm8kQ5N7sy6Up9G2OCF8iV/qkSLYyVATN/5SZmLohSWlSJZIfMJe1tEexSOQEM +8wQxgBaJNqBXeeEOR7XIrbCcc50ZZ6INzR1Hdakyd27Qi8gOJqCKkAOS8bwlGzMb +5Na7xm4/GQn5eQKCAQEA3RiO6x66Pmsuz4Q+2+3sZFipX9D1GRnMRVSsgd/HjtZk +8NkaGXI2NA5GdVXmZrWl/65kAcDsh93+rv1X7hKYkTkpOE+G1Zkj8mLgEN3V0nh9 +WoPcrqthzvRNUUuklJCuxAGA3mgKIUuSW4oBnBgop5EFtz9Y0aai/wP0gdAp4/7S +CR2g910KgvDtbsAp93hTBrzzu/+Engar5mdZKvqCl7uOxWqSmeaPD1tucraDX0e5 +rd3KE/vXd9RSlcWiJmKkqEiNnsQ2XnwjiE0jJdJdH5z+Vo7OqfexXDsydtFKrmke +2ZQ+eajLU7iXipiYpM+wWkwGGdUFdJAi+N7T6KUqPwKCAQAe03Zt+JCbmCFdwFHr +vAH7LV4rou/fUDKSznbCxrgFUDPwphA2PJRo2iCZ+EVm14G8lPNIPsG8sEQobXEW +TWI3AWLRlVta/dv10RC4xzGGhRbBCXbep6RO/W1taO+cXWPU2CDO+dedb956hu5F +vlYxt2AqlFxgGMAu2A/QrrPYB0KVmeE9FAz3LGtCzBkjTaFzYeoYisS5sv4b6Rhl +jCEPIZEyVs602SwbGaGCBZI5/Ha2khVATlIq3Jx7QFfmUVXxqUoXl34fY9wrxzzg +syN3VMguE1WaraAUACQGT1FutyfBFRyxc7kxQZop/DDGU9/Emd9EOn2QNPM5soMs +bTApAoIBAAZnMaxphWdNX1uvLsrbxx7Y2n7l5FNHxfy0CRLx0iu21dGL2A+omR1E +1JGNXVDYLeiLumW6mp8MtNWIjMVeUIDUMPdqhjMlbj8U0fxrEEg6KRc3/moomHqP +5LVYBXov/n+6s2q9hJ2WPLTd+FH2+SZxMsMt2Hqp4sqT6L7hsnTh6l9NNl4zmZxV +MeslMZHzMCRf0Ic/TS3ub4gKsjBmdOXEDsx0264NWVNOiJJV6tQVlbENXU7a2lCk +G4gu4xVNggtFnqRcdl6iJb1KzpvHzd6eg1cqZ53QiJhtNnbudMU8UiJnArAvTUQt +cmYXKUSMp0TWMs8ItlG74udmPKjeL60CggEAdUp2FbZZEB3/G8tR7Z5slF925zXK +N8ku/qOUEk3d76kcqYi9XJLmyJAXu9PhQnsN8DpfThOqJUXCh9xtk+1AiHTdXk8m +BP7RE2oI2aoT9lO0ozwFJBFRRCkd6zTtYJYUbwIk1nayro83xl/AQPF2wRm5unKU +xl5KJ8I2GCUw4Bh5Gjwk21y6XpPsjO8tfbO5jrAIQVTqab3hAcBouwQNsxNpunJm +BaP+XYTBNM+HVamwLwDQgtVxPb8WUX8TSTuFv99jpWBYhlhq/OUcbo8f1D7miIFt +b6UYNl1ofvBtqjlNz3NKJ+S57AN+jcdQfOG8xAiKPWCj1QnVc3aJdr+8bQ== +-----END RSA PRIVATE KEY----- diff --git a/tests/certs/revokedcrl.pem b/tests/certs/revokedcrl.pem new file mode 100644 index 0000000..f863d66 --- /dev/null +++ b/tests/certs/revokedcrl.pem @@ -0,0 +1,19 @@ +-----BEGIN X509 CRL----- +MIIDCjCB8wIBATANBgkqhkiG9w0BAQUFADCBmTELMAkGA1UEBhMCVVMxCzAJBgNV +BAgMAkNBMREwDwYDVQQHDAhTYW4gSm9zZTEgMB4GA1UECgwXV2dldCBUZXN0aW5n +IERlcGFydG1lbnQxEDAOBgNVBAsMB1Rlc3RpbmcxFDASBgNVBAMMC1dnZXRUZXN0 +aW5nMSAwHgYJKoZIhvcNAQkBFhFidWdzLXdnZXRAZ251Lm9yZxcNMTcwNTA5MjIz +MjEyWhcNMTkwNTA5MjIzMjEyWjAVMBMCAhElFw0xNzA1MDkyMjMxMDBaoA4wDDAK +BgNVHRQEAwIBADANBgkqhkiG9w0BAQUFAAOCAgEADReMcnUQbWyXE1xYcPHlSAfh +bBBY2w7e/CUeuCXaalaM9cfdMz0trR+JApdoBg/g+UV/+q8xYXEeQM7wKXOXOax4 +tYpS3+EdCpm1r+e4hhuGBMp01qtoJD8v5y3a77ujXWldgCEJHz05qjtpBkya775V +w1UzLsbh6DVgrwSEOgMJHYfgJHuPwfD4PpCTSbAUSwNrHXIbDG6zPVyoBpl8WRCc +4uDWVeh2+N0fmTucbm3x1dBnOol1JXI7LvnVDr+mtQVcHLD9OknNylmLOiuMrpmc +9PENMdbgRKA4kkHcV9lg37elYubaIBA48Vkssnr90wU6nITLabojWYNEspjqQejG +QOE78ASG0bS8O4vKxCVx4pX/ZQwcO9BeCnuIOsTlV2KUYiCA6yxNPkPoBjpdfOAB +j3hu+Jk3S0aX6At1AHDvmtWErEnH4B0gGopt8VJL1ZBEglb9rUIg5OlbTr+x5vIX +7FVuxhZYSxl1AYGqajmcLIwvucidaIlwtgFGeZR8GZ0y3aFdIoKO8V+wyNEPjI5I +i9tvavJ23nlYFTQJwNgESIR0voipoiiYeSa8cED28rHfkQvnY2iNsCO+ztxZvC70 +4K0CAIbfhYx1eeIakeFFHdIGPSXf+oFGomij0yt3bZC2h4sFhsr7sYUIMb5KlSSW +mZ3uHBLaS0xQ9p1vSRo= +-----END X509 CRL----- diff --git a/tests/certs/rootca.conf b/tests/certs/rootca.conf new file mode 100644 index 0000000..fd63a44 --- /dev/null +++ b/tests/certs/rootca.conf @@ -0,0 +1,64 @@ +[ ca ] +default_ca = myca + +[ crl_ext ] +issuerAltName=issuer:copy +authorityKeyIdentifier=keyid:always + + [ myca ] + dir = /usr/oms/src/wget1.x/tests/certs + new_certs_dir = ./ + unique_subject = no + certificate = $dir/test-ca-cert.pem + database = certindex + private_key = $dir/test-ca-key.pem + serial = certserial + default_days = 730 + default_md = sha1 + policy = myca_policy + x509_extensions = myca_extensions + crlnumber = crlnumber + default_crl_days = 730 + + [ myca_policy ] + commonName = supplied + stateOrProvinceName = supplied + countryName = optional + emailAddress = optional + organizationName = supplied + organizationalUnitName = optional + + [ myca_extensions ] + basicConstraints = critical,CA:TRUE + keyUsage = critical,any + subjectKeyIdentifier = hash + authorityKeyIdentifier = keyid:always,issuer + keyUsage = digitalSignature,keyEncipherment,cRLSign,keyCertSign + extendedKeyUsage = serverAuth + crlDistributionPoints = @crl_section + subjectAltName = @alt_names + authorityInfoAccess = @ocsp_section + + [ v3_ca ] + basicConstraints = critical,CA:TRUE,pathlen:0 + keyUsage = critical,any + subjectKeyIdentifier = hash + authorityKeyIdentifier = keyid:always,issuer + keyUsage = digitalSignature,keyEncipherment,cRLSign,keyCertSign + extendedKeyUsage = serverAuth + crlDistributionPoints = @crl_section + subjectAltName = @alt_names + authorityInfoAccess = @ocsp_section + + [alt_names] + DNS.0 = WgetTestingServer + + [crl_section] + URI.0 = http://test.wgettest.org/Bogus.crl + URI.1 = http://test.wgettest.org/Bogus.crl + + [ocsp_section] + caIssuers;URI.0 = http://test.wgettest.com/Bogus.crt + caIssuers;URI.1 = http://test.wgettest.com/Bogus.crt + OCSP;URI.0 = http://test.wgettest.com/ocsp/ + OCSP;URI.1 = http://test.wgettest.com/ocsp/ diff --git a/tests/certs/rootca.conf.in b/tests/certs/rootca.conf.in new file mode 100644 index 0000000..ab6e8af --- /dev/null +++ b/tests/certs/rootca.conf.in @@ -0,0 +1,64 @@ +[ ca ] +default_ca = myca + +[ crl_ext ] +issuerAltName=issuer:copy +authorityKeyIdentifier=keyid:always + + [ myca ] + dir = @abs_srcdir@ + new_certs_dir = ./ + unique_subject = no + certificate = $dir/test-ca-cert.pem + database = certindex + private_key = $dir/test-ca-key.pem + serial = certserial + default_days = 730 + default_md = sha1 + policy = myca_policy + x509_extensions = myca_extensions + crlnumber = crlnumber + default_crl_days = 730 + + [ myca_policy ] + commonName = supplied + stateOrProvinceName = supplied + countryName = optional + emailAddress = optional + organizationName = supplied + organizationalUnitName = optional + + [ myca_extensions ] + basicConstraints = critical,CA:TRUE + keyUsage = critical,any + subjectKeyIdentifier = hash + authorityKeyIdentifier = keyid:always,issuer + keyUsage = digitalSignature,keyEncipherment,cRLSign,keyCertSign + extendedKeyUsage = serverAuth + crlDistributionPoints = @crl_section + subjectAltName = @alt_names + authorityInfoAccess = @ocsp_section + + [ v3_ca ] + basicConstraints = critical,CA:TRUE,pathlen:0 + keyUsage = critical,any + subjectKeyIdentifier = hash + authorityKeyIdentifier = keyid:always,issuer + keyUsage = digitalSignature,keyEncipherment,cRLSign,keyCertSign + extendedKeyUsage = serverAuth + crlDistributionPoints = @crl_section + subjectAltName = @alt_names + authorityInfoAccess = @ocsp_section + + [alt_names] + DNS.0 = WgetTestingServer + + [crl_section] + URI.0 = http://test.wgettest.org/Bogus.crl + URI.1 = http://test.wgettest.org/Bogus.crl + + [ocsp_section] + caIssuers;URI.0 = http://test.wgettest.com/Bogus.crt + caIssuers;URI.1 = http://test.wgettest.com/Bogus.crt + OCSP;URI.0 = http://test.wgettest.com/ocsp/ + OCSP;URI.1 = http://test.wgettest.com/ocsp/ diff --git a/tests/certs/selfsigned.crt b/tests/certs/selfsigned.crt new file mode 100644 index 0000000..41e24e9 --- /dev/null +++ b/tests/certs/selfsigned.crt @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFtzCCA5+gAwIBAgIJANAKYgHn6Nk9MA0GCSqGSIb3DQEBCwUAMHIxCzAJBgNV +BAYTAlVTMQswCQYDVQQIDAJDQTEVMBMGA1UEBwwMTXlzdGVyeSBTcG90MQwwCgYD +VQQKDANEaXMxGjAYBgNVBAMMEVdnZXRUZXN0aW5nU2VydmVyMRUwEwYJKoZIhvcN +AQkBFgZ0ZXN0ZXIwHhcNMTcwNTA5MjI0OTQ0WhcNMTgwNTA5MjI0OTQ0WjByMQsw +CQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExFTATBgNVBAcMDE15c3RlcnkgU3BvdDEM +MAoGA1UECgwDRGlzMRowGAYDVQQDDBFXZ2V0VGVzdGluZ1NlcnZlcjEVMBMGCSqG +SIb3DQEJARYGdGVzdGVyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA +2Zc7ZtsoPrlnQLTfMTrfuH7ghL6OrNVPAGpHQ4N+ddJwkF52lQXbeo9JO+09HF7s +VFnxTG2+0Ld98kcvY3Ylco1Sxl18Bdjzv13sIJtgh7HyuRJ6Ryq2LZGWLKPBaGq1 +G2bBO4nUmsJLjj/1KqKxjk38iJ3Sf02nh8MhRGr8OHFSTMf9pPKW6hibXbsMUVyQ +2u2RUXbvEtR1rkInWAVhEo97Row0+Z1+ZiqINOcBgpQl0sWh204dZqqi/y3uBbLQ +3MkenioCb/udLdPRsileVhhwnrq6/0M/YhghMyI9Y+ajQ90h6tM10iyrILYzMCLx +FB+3iReEJVX7Sy9qaqLJmTttxD7yqReCAxsrdDp1ZmrkQWLRAqBRdZo8RahkfdTu +wa/fNuwuFFnMC8w/UgCWgDOEH85n4asRNlufYz+GXTsYybiH3klkAe9o09/Cm+zk +pcX+zcHUkw6aZLC4VbKHNfyKDbWqTMzS66C2Ln4g9p8Zk0KJIvcmVG9uz/zjVIwM +BWrbEawjMuejy+HUNcaV9CoaBFquwRJd4hlsE6FEryo3k1hEtDancobXl0XLsylU +SMKMPr6PHjdxt+PdUhL79VNUJT2k35LqLKvtWZAuTOOcfjm0uXSDUC4GvW+onD7L +n0XB/m4Gqm55EPLnDJgFYdEylvozglg+hSuoywab6NkCAwEAAaNQME4wHQYDVR0O +BBYEFJF+Iyz8/pwx50cqFXckWIXoat/AMB8GA1UdIwQYMBaAFJF+Iyz8/pwx50cq +FXckWIXoat/AMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBAGRKLYCQ +W+pdPOF0ojwrufYNbF2qryjJU7OzT7HbdrQOFZ+vcegi5rpZXOsFENTh0gdbI+M3 +FwxDIdyF7CvaRS1uMoTboqaqAzTy+gVVW/6d+UdOdHhJTpduhtQi3gtNvqzdkUpl +01rX+Da6/jy4kPZfJap3mFPQLVvqVmcvJEcgHVOyB5/23RWS6TSEX35O3De9pnha +XLqliFBQ/Sqj/2vZmkHBEXdNRfwfw1dHIcxmg25YTb6tyvrKURpXN6suDJEO+M6h +9IVRv9qCNtvVHpo/xUxwjf7ZBHnGdcGl8AaAoIhRF7JTTGoRX7VAR+DLa5jHMAE2 +BmXzt+HHPMXZiQtzcUUcWc7+a740F8kM03CUMcz8sB4xzovGsZTLJ64afRFP1yaf ++1H7efbrogVjtpGzreWhJ8I5UXO/AoMjwUgyjjHb51KVRn6VrQfDHtw/hrIZVryI +y8wOH0qzMK2JhB2oh1JvmjhtGxkWlqDztttfglYJENuMf8m/DxsmkSPksSnm8GkA +El/GdocnZhl8vl8PcqzJ0nNn6EOTiZe+urGxG0r50ckVD+km/J7b56i+Gow46UH3 +Kkp69X9FHDfh3akaeU5chRfH99A/ehtdalD/W5Dy/hA9giA19foPUo6wKBE5unqz +bfjzK+eNfIkER5JDL6hZQICdjiqa2+IzUnG8 +-----END CERTIFICATE----- diff --git a/tests/certs/selfsigned.key b/tests/certs/selfsigned.key new file mode 100644 index 0000000..d6d4a59 --- /dev/null +++ b/tests/certs/selfsigned.key @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDZlztm2yg+uWdA +tN8xOt+4fuCEvo6s1U8AakdDg3510nCQXnaVBdt6j0k77T0cXuxUWfFMbb7Qt33y +Ry9jdiVyjVLGXXwF2PO/Xewgm2CHsfK5EnpHKrYtkZYso8FoarUbZsE7idSawkuO +P/UqorGOTfyIndJ/TaeHwyFEavw4cVJMx/2k8pbqGJtduwxRXJDa7ZFRdu8S1HWu +QidYBWESj3tGjDT5nX5mKog05wGClCXSxaHbTh1mqqL/Le4FstDcyR6eKgJv+50t +09GyKV5WGHCeurr/Qz9iGCEzIj1j5qND3SHq0zXSLKsgtjMwIvEUH7eJF4QlVftL +L2pqosmZO23EPvKpF4IDGyt0OnVmauRBYtECoFF1mjxFqGR91O7Br9827C4UWcwL +zD9SAJaAM4QfzmfhqxE2W59jP4ZdOxjJuIfeSWQB72jT38Kb7OSlxf7NwdSTDppk +sLhVsoc1/IoNtapMzNLroLYufiD2nxmTQoki9yZUb27P/ONUjAwFatsRrCMy56PL +4dQ1xpX0KhoEWq7BEl3iGWwToUSvKjeTWES0NqdyhteXRcuzKVRIwow+vo8eN3G3 +491SEvv1U1QlPaTfkuosq+1ZkC5M45x+ObS5dINQLga9b6icPsufRcH+bgaqbnkQ +8ucMmAVh0TKW+jOCWD6FK6jLBpvo2QIDAQABAoICABF+ZCs30XuBgnikUhFuL1Bw ++vIRM/1XRPu+j64w4zjry1sADT6b8vJelL+5qiEezJdXh9viMuYq6nhRGtE/TXFx +RUdnerIpqCcpkPNqKo+eUeppPuV73Ju7SbybCdCwS5FBaKW1xh8PIe303GwqGmZb +hMMjFSpg/ugeWw1aIJ8VFU3RAmaBjnqRseQORsY/z/GaCgXnrv7vj+qLrQgZnp1U +Zc/dM+EhtWjXYI4ISInMCWJxuzqbhCed7m7frXRN1Rb7IHgM3pdMPm3RytktFEWN +v3gzgRdGu9DSKdEnnpHqmBO7sp9jjb8xEi0WGPV0ybcZebMO7fPmfsajsEWUguql +8kAwq6DkoQXPm8uMHoYaJhs14X2cJhITLccVWccCF7DO52y/KrL/k6QICnqTLtZq +mdzwdOLCKXews0IeK3Ut/VEEi/+pMpAjdmxnSEv8lPKyLE8moOoxU/xdegUffn+j +BwmtqFamdP817MzypPbfujR/muuM4+XNMTt8t81WvQtL7/7ZID3NUN4m+XgtJy++ +noi8etnANgT2jMATvzNIAAh3utbcP8mA7HGF7FT7tyqYkOd/1VxlY4kYl7d6Au1S +75qmiAd8c+yBOS/y2E34HrrPuIcEdttyOhvhAiHJZuJ7akkAk0uLPJ25RK0qCYzl +sO5rtWaqBfBCS3fts6gRAoIBAQDy0Aw0RrxZxB0XZHb9Xl/whUASFwxlSn2whVSV +4eFL/bhpWhrKXsAwQ9HsI5q1vPOZIlzssVUnjAdN8tTiMiwGmgv33PJNnZBs8opy +upTpbBpk97D847phzkJqCkuAmLaYEpOovVBBDN7xhgzu7ZcT+lLiSDCtQGIwgI+O +TxhDJOLapLYs65ujVPSs4rO0DYh9cC4t4CwJv8JS7D3e1xnrnL2RA5RrrLgfphxU +SQzrRyo3eXgjHC67KkeBBSi978IAE3NFBzyo945us/KxePXhIU0KlWmH0gHDNNcv +0D6x4kod3UgDxep4aJnYZQKEfNI7xZo1zCkrFmwQE4s9HWSNAoIBAQDlaIKysObZ +iYBXjw8fWhA2DImAsgS6C/Y/uBhS2EzDTtxaYV4VTTUNwijiwXY0F2sz/1kkk3WU +LJ5bH2wjoRZEQu5xRvhdCJnullwxxVqvRj6O/W2SKkincbrpOukIzDCC/pvhlg0T +P603bDz9J7xoCgIlfihG6adezS4eDtC8z4U+FnJgBUJcIZWTHx+CdSMMN/twmsc4 +VyGkgMa45EcC4JT53bysSkaKFKWh+2Pri3n+x/M403cBEW+zHh89UWtaAnn+UN6a +S5TOahOj9JukJEZk8HB6R0u9rkfaZZ12uTzyBdP2T+ck8S2AUy5uvkzdAFfuojdv +4nXlU1sJHRB9AoIBAE269G03x8wkz/tRGhZ6Q9RHk/82ia1Tb3E2/aENsoYVLxfq +1HC8bGIHFAi4TSqo1oLLUVwkWNJULXJyrlvLG/TxE6vBe4AFVNrLui6INGuVQ83W +zT3n2R6+XNx9dzYvrSR5rfNyx2JLsIM5GqLSRG8Mz8PIwGx2E/ja7xnrkCTOhiDg +YcF3m1dqNvmxiT22p18grmfZP7/PN3I8VoIj8hRPFRB7SOQ/YqIfFyqUSCJ5obYo +mKEEwKECI+nVsPk866oCkAAlFPIybdJaoPLXej8b3gHpWuM0A4RuQgT4cVmYy4lL +8WXj0e/B7J4tl+S54MNpurhGJ1e30dhDqWtjIXECggEBAKVMNtB2swAQGY/9ntHi +XUf0pKc8njdIIzkqdyxKepVIH3JoMhh7Nz0gp8Er0PYb4bznwt2d+ty3gar66zqI ++bhZ2eF5V8ABUJkfcnLSV1Nv8+eoJ+ln2k38nscrEXqrVlEtEDjtm6JBAZirvw5S +MWltvLozOuZNubGPeiliV3mUtddU6TjS0Uv9Tv9hL50athQ5yk0K2X15Gt6jg4z5 +v0kNdYrNAQPLySP5WJdswkSYjWDNxi0uAdOdMrUHgU73ebizjB95OcxHpYNN37UF +rZgKI0bcEM+qy6JzD4cILPu84XMqS95xGIX/2d9bEFvvdwbPFoz2CafurzB8bV4V +uSkCggEAQRL390lx9uI4csLTTCUSa3Fl4BVPseqKlyadoxyzTMDyxAPxktw0vzht +OyQdLssTVjL/0cHEBMnDawddk5L+1UF7izwhZinVtTGDvn5TC2elk+bJ1aWMQ5qg +yUPdFbeLypmRlDUU8lJxppHcmrMY7/eAmOYAJTXn7Ygk030S6Hv1npSCtpyT1Stv +CMtiE8bDaTv7qN2RJjPcvZ9xMB9GFcIdVpw8pf5jXQeci6kOR1FPW1j9DOSMAdf4 +0xPly00agfZxG/kkmL2rBrTGOJLYI8tgGpjPciJaSJ4NArFzxJbDG1DFw6GNKzBU +qNaPYEH/kYsrfWzp/w1WMUpPdbl5iQ== +-----END PRIVATE KEY----- diff --git a/tests/certs/server.crt b/tests/certs/server.crt new file mode 100644 index 0000000..0d6d155 --- /dev/null +++ b/tests/certs/server.crt @@ -0,0 +1,28 @@ +-----BEGIN CERTIFICATE----- +MIIEsTCCApkCCQCFKV9Q4gGmRjANBgkqhkiG9w0BAQsFADCBmTELMAkGA1UEBhMC +VVMxCzAJBgNVBAgMAkNBMREwDwYDVQQHDAhTYW4gSm9zZTEgMB4GA1UECgwXV2dl +dCBUZXN0aW5nIERlcGFydG1lbnQxEDAOBgNVBAsMB1Rlc3RpbmcxFDASBgNVBAMM +C1dnZXRUZXN0aW5nMSAwHgYJKoZIhvcNAQkBFhFidWdzLXdnZXRAZ251Lm9yZzAe +Fw0xNzA0MDYyMTMxMTNaFw0xODA4MTkyMTMxMTNaMIGaMQswCQYDVQQGEwJVUzEL +MAkGA1UECAwCQ0ExETAPBgNVBAcMCFNhbiBKb3NlMRwwGgYDVQQKDBNXZ2V0IFRl +c3RpbmcgU2VydmVyMQ8wDQYDVQQLDAZTZXJ2ZXIxGjAYBgNVBAMMEVdnZXRUZXN0 +aW5nU2VydmVyMSAwHgYJKoZIhvcNAQkBFhFidWdzLXdnZXRAZ251Lm9yZzCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANXGNSzoaeTX3B34xqiKuVXc2YzL +/QQFexj+dyJ5XwwDF420gEv+zFjy8Y9wiGZ4rgHzF2TviNCoAy7ntlltA9Ab41jk +CikwbZ9R81qsvmxc4HXRNgiKadNIb7BYNh6HljJjOSclkbF/LypJtdF5g7b6Qron +ME/UuDIYLQV765emZh+2h/BJLtTXU+8n985gC+/9dw68WjLnWk9REzHYZPFU4UGK +bCx+h7M/cVE5uIWjDC3Uq93jCweZJ8UFbmAnwlER8fXSEzy2SK5yqlRu+st8ae5w +ZQAgXSeHF0jZ/lUgZBlq2QnqfzVlDd26CXMa/2OLZo9qUIoS/c0y5qLghTUCAwEA +ATANBgkqhkiG9w0BAQsFAAOCAgEACWiOsXM9Mu+mg0+eGAlhuHP4/nOR8nFrZ0A/ +RaBwsW6yBSZ6NAHLQKhApm3TOgxrMFM82hB+L9AW05p6dz6fHm25ajJKmefsbAGi +gqhBdEI9GJJKj6Wm5od7MT9jZ0z5edcPFXqnyapLXYJHps+Sm7ZJ81Mt/sTDjQCb +6I/Y5yQW6KomjtqfMIw6miOqXnabRDFN8CQ6nKzFBMviQVBn04G+pQRCJ5//4bSc +33erZb56C36xTnTXiIXKo6LkVhH+TG28dTxRh8d+xBYbqe8ZR9aCoCVVn7ca3UZZ +iQBOTfVKMRVUthHo2ntRs/jE5qhPYXA1km5rvUE2+sSIUdoqol4JTshK6bzt6VN9 +1bDKkmJa5IqcXEjcXADEJA62Zcr+I/8D1KxVf/CAPvtT1z4EqCWOeKk1uMjURZVR +BbFmjJ76LZ65YFTAJBm0EdVG917Yd9jsC8zCT/Lb+LFLuecXpBBp9tCcdp9z1MX+ +Pw4Co54keMBWXQeOnrtg8haGTXSwTOOp0F5wmWdUKjiwjhxanTgJZMZTjfcMLcNS +1GIhFt7sIEnc/PkX6vBOIeyFBppw9So+YYJE2MOsKaUvi+IX5XJXZf8R73k1+e0d +V8sKjQoYVDwavJSeOx19nJVKQa8fEvv5t5tPES3UlZ1FWAdKVEpDECiEKyQEfkmK +jQ9qZJU= +-----END CERTIFICATE----- diff --git a/tests/certs/server.key b/tests/certs/server.key new file mode 100644 index 0000000..8f75db4 --- /dev/null +++ b/tests/certs/server.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEA1cY1LOhp5NfcHfjGqIq5VdzZjMv9BAV7GP53InlfDAMXjbSA +S/7MWPLxj3CIZniuAfMXZO+I0KgDLue2WW0D0BvjWOQKKTBtn1HzWqy+bFzgddE2 +CIpp00hvsFg2HoeWMmM5JyWRsX8vKkm10XmDtvpCuicwT9S4MhgtBXvrl6ZmH7aH +8Eku1NdT7yf3zmAL7/13DrxaMudaT1ETMdhk8VThQYpsLH6Hsz9xUTm4haMMLdSr +3eMLB5knxQVuYCfCURHx9dITPLZIrnKqVG76y3xp7nBlACBdJ4cXSNn+VSBkGWrZ +Cep/NWUN3boJcxr/Y4tmj2pQihL9zTLmouCFNQIDAQABAoIBAEXCOlP/O58Lua6m +Id2Z90THns5NOrF3QGY1k5bSWGvJDoSVZFBoQzK7hIw0Qq59rvq/4uBzMgg062UB +BAZGhroAf73gHFi4ju0whuMN/83IuQ55SNKcqE/kEV5QSsjHogGrU1ks71AmmrOH +/ibvKkYpgGDSrPdACSN/tCFYANcpQtzbhkFXRqZ5JSIQyVCE+XLrZinxI6D23XVe +5qMpfBH1gnKfBPf86UCI+iVTdNIC9sLp+C5MoSKCWMvYzKlQqbxVgulEdcOq01U7 +Sq7ZU6/f8QuTjd3d+WGTp2ZxFf2H+2XuKNVl9akp2exap+/JEj9Et0jMIN5Z9zHa +6bTDMPkCgYEA8uO+VAAq4R1WJCTFpYy4/gzJPbQtxVxOMGBnxgAW+4G0jv+BiqiU +WrQ6Rtcyfx8LFB/z1tExfDSJSpTw8wd3j19a/sMqACwCgkudmi8dzKbH2Y9U9DCz +IB++zaQVKgJNE1VEsuySpf9HzQKBJGhO4fNMzol6YhlQT4ex7gSrFyMCgYEA4VAl +p0A6798a9rmUGhNSzn5IcO2unpS7IYDTqKv46oIQ1rKKEiawugni+F1gL9StK90g +NvDREiaM0eKo9QlhUzqBBSsNBVh4UVadbOpBOqyM6CUE94I4H199SwfzPuCILYa4 +01syaosJ2SRUr8S101x7U0VQ2SCYq38as27FY8cCgYB67dr5RrBtCNz9JANIW2WR +ZsU/Tn7P4XzNLS24X3lCR44rxZM5q0KSeZ75FZdAEWUZBWby9SN3elt1/NXKGqBf +VuKGCB6swZlvenfEfk41sr95E/rqL++otYhrKb1waoO54jEH4YYDL6WWU8sqswQh +hXL9IUVoeulTpxjdn008QwKBgCxCnELwoSNBxoA1EFzW8utRb1WPuz+3o9L/BZUa +wzj99+TVCb5rD0hcbNOxNBXxR1tYgt2IDOnt3LfWOK55+z5oPbQQMuyb5nbD9wTQ +N6QZBU0NCJ6+W9v93BUDKMtvPBEFaAVM4uh/C542PtSQZc9xWWCQO0OL3bHCtDIP +ToM9AoGADJ+6tYMTBEHhJyZxqD6oZgHTAqfA6HqKP5UUCpQ8G4IEedEq+cpQSFM9 +Wez+ChUdeDCaFSOeh+8o/u4w3x44g7GyFdOL6lGV6YjzGk4WkbRwqJWW/AKV0htl +Fby2y2PzLnbLGKnt7nGTxag9l28NwbGppy7Kex8jVYcQP15djCg= +-----END RSA PRIVATE KEY----- diff --git a/tests/certs/test-ca-cert.pem b/tests/certs/test-ca-cert.pem new file mode 100644 index 0000000..c399954 --- /dev/null +++ b/tests/certs/test-ca-cert.pem @@ -0,0 +1,35 @@ +-----BEGIN CERTIFICATE----- +MIIGBzCCA++gAwIBAgIJAJlGYwAp0+gKMA0GCSqGSIb3DQEBCwUAMIGZMQswCQYD +VQQGEwJVUzELMAkGA1UECAwCQ0ExETAPBgNVBAcMCFNhbiBKb3NlMSAwHgYDVQQK +DBdXZ2V0IFRlc3RpbmcgRGVwYXJ0bWVudDEQMA4GA1UECwwHVGVzdGluZzEUMBIG +A1UEAwwLV2dldFRlc3RpbmcxIDAeBgkqhkiG9w0BCQEWEWJ1Z3Mtd2dldEBnbnUu +b3JnMB4XDTE3MDQwNjIxMDEyOFoXDTE4MDQwNjIxMDEyOFowgZkxCzAJBgNVBAYT +AlVTMQswCQYDVQQIDAJDQTERMA8GA1UEBwwIU2FuIEpvc2UxIDAeBgNVBAoMF1dn +ZXQgVGVzdGluZyBEZXBhcnRtZW50MRAwDgYDVQQLDAdUZXN0aW5nMRQwEgYDVQQD +DAtXZ2V0VGVzdGluZzEgMB4GCSqGSIb3DQEJARYRYnVncy13Z2V0QGdudS5vcmcw +ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCvHmnQlY58T/PcZeR3ntBp +6YYELxmYTjrdiHLpa1HvDDkwYyVCaWxhi8R5mP/cUt7aZ0BrNMCVTy5/cEzl/w9R +VqERKDB68ZU0ku2A4YmDFenlyyUuVZhn5reovUUlhWo8p+Ir+1vwGyDPM/IQKaUJ +6tfDWVD7fgVzfpvDm8XDqKB6BvzLPk3n3K9mndv2KihTUnnJFMZOkSYaFStQ11Rz +YwR7ZvAuISB99WZf2hzaYiovB9G0WMky81vpmvjbKWVYLlpV5Inzq2QiG4tFBEP+ +ebLc1H9PGd7vrgGE2cn78g1XXpR8nPUDYF4UGFs90ftPqNDHcHFENB7DrpB7wRIa +5ZrpKyNbCGIKX+UnVR5Ra32mMM2pPiR95ZDNkqdsygLuHAsyaaj1+wvrmM81H2Jy +V/kVcFqnf3+C1aX2+hu5OL7rIskEYG8HgWwWxE0NW7Q8zTrBR7D932hM/7f8Yojx +SeqJP7vpGULeVzJF0CTksoWh+D1s+Q2b93DpoMW18VMTig2NFetQr3DdJmySed7a +g694qgY5iDv1P/CWBSj75TDBrw3Ji6PJxWES+ox29frxrCWtAjEwVI5zJ5qIZW5n ++BYir/tVloMkYSmeby9eSmTLGENZrepBwuocpvJ1yQRosdzYG42MjfI2JhlTFWvw +wdGCsFqsRcsfPTJqu801QQIDAQABo1AwTjAdBgNVHQ4EFgQUF+2TQ4+npgB11Oi2 +gg2IN37AbQgwHwYDVR0jBBgwFoAUF+2TQ4+npgB11Oi2gg2IN37AbQgwDAYDVR0T +BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAewaQ/hmPbjNI7FFNM63M1qnWHK+t +Zsm5qHWMk5WkcdavsqpexGDc3VxBYFzqqEjlCTseMgsNZ76FENZeNGNFtKScUHuR +J6Fp+pqEZJ9AoQy8WbkDuFjsKs+En3cMvqy4QUqVOFrKg1PKJEWlqvonMs+apzvJ +0bjj5Aj2w906XvpKYTnfR6QHJC5ZP5xTorJWLvAwWl0ZuqxQKT0fXKcPeAlE0c4b +3eJ5jFXPIFkYt0fJcUnZp6QJv608/METl9x+rTYfRsD6kQGC+281C19PxBacTzxH +fAjsesvP7t7pPlh+Chdd7w1QqFg4UUH9NfIkiq06UtIUoQHfCgT1FvXoFoPiRR5f +5m67jGE8Sn04nnGhvHnN03kOuwK/VIniLuHdWw0nwLBWIEpzZPbIQQSezoJd7ViY +2zBJQCtp1ewEDOXecBL+8CNIUXTiFoOxP/YMuLruoYB5dkLpIFbscHp3dZJMScoz +XJQHh68KH0oRm+/FnK3MLxn56nbwoV4uhdIr5FgLglh7PUfUa2wavFjhi3MY50qD +SsvoCmBny/N2KJK2tEBIGWbdYy1XBF/l8xaORdT/M4ILYV52Wf2AYy9NTYJxiB0V +LwVGbG5plMbJiBFDOZcram4pQrG6k21t2Xv2lkVf1AvOlx4qKfUN04TGWXwu5dAP +pnv5yEwOelBLq7Q= +-----END CERTIFICATE----- diff --git a/tests/certs/test-ca-key.pem b/tests/certs/test-ca-key.pem new file mode 100644 index 0000000..bc4afb5 --- /dev/null +++ b/tests/certs/test-ca-key.pem @@ -0,0 +1,58 @@ +!!!!!DO NOT USE THIS KEY FOR ANYTHING !!!!!!! +!!!!THIS FILE IS FOR TESTING WGET ONLY!!!!!! + +-----BEGIN RSA PRIVATE KEY----- +MIIJKgIBAAKCAgEArx5p0JWOfE/z3GXkd57QaemGBC8ZmE463Yhy6WtR7ww5MGMl +QmlsYYvEeZj/3FLe2mdAazTAlU8uf3BM5f8PUVahESgwevGVNJLtgOGJgxXp5csl +LlWYZ+a3qL1FJYVqPKfiK/tb8BsgzzPyECmlCerXw1lQ+34Fc36bw5vFw6igegb8 +yz5N59yvZp3b9iooU1J5yRTGTpEmGhUrUNdUc2MEe2bwLiEgffVmX9oc2mIqLwfR +tFjJMvNb6Zr42yllWC5aVeSJ86tkIhuLRQRD/nmy3NR/Txne764BhNnJ+/INV16U +fJz1A2BeFBhbPdH7T6jQx3BxRDQew66Qe8ESGuWa6SsjWwhiCl/lJ1UeUWt9pjDN +qT4kfeWQzZKnbMoC7hwLMmmo9fsL65jPNR9iclf5FXBap39/gtWl9vobuTi+6yLJ +BGBvB4FsFsRNDVu0PM06wUew/d9oTP+3/GKI8UnqiT+76RlC3lcyRdAk5LKFofg9 +bPkNm/dw6aDFtfFTE4oNjRXrUK9w3SZsknne2oOveKoGOYg79T/wlgUo++Uwwa8N +yYujycVhEvqMdvX68awlrQIxMFSOcyeaiGVuZ/gWIq/7VZaDJGEpnm8vXkpkyxhD +Wa3qQcLqHKbydckEaLHc2BuNjI3yNiYZUxVr8MHRgrBarEXLHz0yarvNNUECAwEA +AQKCAgEApUnNkoU3QfqtMCA0bvvFt9IlHpneTLW6NhNucwdLBJjC+fr61h5vn/qu +bh+NkMXfdsHyOb5G8CcWuk6jJouCR8G+sVT/vWt862yrI/S9OK9cX/tIkt1Txu4r +9+b99xZgWfQUNHNCKfVRGIHtPngwQJYbJVWObHJcbtDX8N984Nqu7b7eqG+cVPcl +z3O8hDLycQLt1G/5ZXr3PbMxeVJlcavKNTfKB6BY7MrN4Dcc+LujGVUGCHWtIpw0 +6t/Nd/8wmvTVazEVTJs/HjplT7VhADaaLnmb2GuQ0yWoZV6zmUy0bvzkpmH3mUJC +SjFbHZSu4ldzCGwHXNrdFtITqdtoW81Tj+b3EsqNlB2u1I8DpOMR8vMGy5f0rYhs +Lf4Vmpvggw4bzLeu9A6XStxiB/wExn1QlQd54X1zfhssoF/pbu2RtCujn+y3zYCd +2c9gqdN5MaGsr1NSYUPilj39E4S4FwtGnZGIYhClglToy0sMB/8lQvGIz0WRRfSG +g+LUuiWuqn95ZrnSJvTSYCvsH0OB64IWpd9sHtu/P8Cjms3B/nIYjbG5gj68m319 +AsK1uFAqVmlGYVJVzgND9B9Egd4cODlTSsncEUQlS8PUZaym50FoBuO4vN+IYrZO +H/yL6+hq3l/va/xlr4ZMEiBdEAiSj7g6XqQGzTgOz47RJn1FAGECggEBAOi8Moix +SGHhxpJZgeHuL2FgBuNT9GVDoTNbUtEoZ7NsJd4BG3MjbZFluFoSfFiawAqJ3e6c +ptUSiZ1KXN1gvMwVkget3MyenEzohYczwYOQeREAeRVr25Wq8cegvLaDFejMclCs +ILC80BaGbVcAmJMdOBzLVqtY/7lps0LWpGd/6KYXTm41erhWJkvx+Vt0uPKVzGqx +Ijjh/DSc5eX5BIdn2bYHLRu/xqfnX2kSH37PSto55ROSu8D8YwjaOdyQ1Hha6+O1 +Q6E4d2HliYqv1WaDHjyAXjmlP/3ob5f3QdXbqpB1smGPimK3hiZB0sYgdUI3yW9c +NkynqGBeoTSPjG0CggEBAMCfyVJnG1fCnFZFCtPawYKK/IoMNyYzgIKomlcBdF/8 +J8Gwr6jcFBbdefT+VypVO0DywPrIFppDzjGEmZarFRgXsspGBenQQrZTPG1eUldY +U89ODTsYNk0AXdctkMvAFSfVbA/4pnXAiXzKeEDk2YOhDYP1Y/T9eZQ3AI+LNeGO +1Oqd9hGgsW0rqVgW+rCbUTezFE5J+2zbzMu2XnJieueG33iaVMpHzqnLLe27SYcI +7VmgttZL4eL6/klPHSKC8x3y1c2T88d+HAuW+mB+bQ2iQWYfM82SyxjTER/7jpTy +Zpj/mibgt2cQxVowWFmMMOLXczhpu/GOgRxxCXVQn6UCggEBAOa30vzxiskGMn1Y +4EpifnPw50MrMkfFEKRB70rL3GnhV3TK8jRlNbSC+4vHcZ/A4YpQ/EMU5sqp0uSs +GH2Z7e//nkGgmRf8UQRpKh5LL5bGfU5egqq6vveTfJajARGJyAl9zAGvccTjmQIL +h49NVvPYbo0VAzlgRDrBz2T+NgMoqTEmP6k/uQXO2a5GFiYVA1fxKrHGIh/z37sk +o0Aladj2Gby7RnuQ1VYUJ+CYh8KFqzXFWRPbTefWDDN1axD+PrOFpv2Y749+09Kn +438qKsqyRyJBO6e360VBzIcBJjHkzyTgmNLgopaUSxfX/yRMfxIDDd0os+ev+Vp3 +1SWu/M0CggEAWSvfZCFNPCRggWN27rpPaOJ0pGehRDMFY/cvc+W9fQ3bTcRAnXg8 +aJVg9vSjX3qTcq6ufaoRJJsNIklTXLeYjU2zPAaMiEAcEhGYYL0Qe1Ttf4OPhnLf ++GeaCZoTdO9YG9emLgKa9NoMC9QjNU98Dn6JJjR8cJbDKMUJomn8qI2ZrX8wwdpV +KMfUnm4M4aMVRybE2LVRCoT6WrfzIxrJ8NK0Mz2m0PnLBzmC6pIQKM4OKrbGzY/V +Y2F0RHW2dBqQ96VKKuA6M3kC/K6I/BCq5WvewKrjLWCuWrCjNd4blIJe0qdJMoRH +AxR1eBn3XIUUwH6i3VO9aMbiqEr/6OpI7QKCAQEAslqWEcRSL8bxXTVs1Jqip4wW +lbJoym+zXhMLiqxCbMukClkkCdaI+lxNVdxs4MpACHYRAhHwVvAujz5JcgiMjSRC +IK/JGu9uVkSriA/YJxmmMPvTYI1bmT1lT99HUqhzM5COuSFJh9D8cfpHJSUC+6rF +1U/YcdcrZAMl3UH30XdsJLc6l3L/0gyseohwWT76dSqqOOathvNM5PsE8jNzPEo7 +VUdfrrDpEw0dPjk4IF8cpC389H1j8lnwxkWQtHHhXZTXHJlC9xYPa3PRsRn18pJy +vxz9r76vJ3YJiQTxv8MKw/AaQrNDZng0Ff5kqQAqc/q/CvHdb2pur8NTsS/09w== +-----END RSA PRIVATE KEY----- +!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +!!!!!DO NOT USE THIS KEY FOR ANYTHING !!!!!!! +!!!!THIS FILE IS FOR TESTING WGET ONLY!!!!!! diff --git a/tests/certs/user.crt b/tests/certs/user.crt new file mode 100644 index 0000000..f1a6d8c --- /dev/null +++ b/tests/certs/user.crt @@ -0,0 +1,148 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 4388 (0x1124) + Signature Algorithm: sha1WithRSAEncryption + Issuer: CN=ica-wgetTestingServer, ST=CA, C=US/emailAddress=icatester, O=Int + Validity + Not Before: May 9 21:30:44 2017 GMT + Not After : May 9 21:30:44 2019 GMT + Subject: CN=WgetTestingServer, ST=CA, C=US/emailAddress=usertester, O=Int + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (4096 bit) + Modulus: + 00:b9:ed:5a:89:c5:8e:20:a2:8d:c6:ee:0c:62:f6: + 9a:65:4d:da:3a:04:27:b8:23:cf:8c:1a:5f:1c:79: + 09:1a:e5:eb:57:82:f3:48:66:b2:74:bb:95:a4:00: + 87:5a:27:88:57:7e:ee:80:87:ec:d2:ca:89:86:53: + 0d:79:f6:9c:66:e0:19:ad:78:61:8b:20:9b:3e:da: + b4:42:3b:bd:b8:62:f1:0e:40:26:73:f2:e5:eb:6e: + 89:de:d7:26:63:11:cf:bc:30:8a:7d:ea:e1:a1:9c: + 9e:bc:e8:5c:8a:50:7f:c8:cf:8c:8c:09:e2:ae:1b: + 3f:18:1d:54:7e:6a:a8:ed:a9:04:9e:fc:fc:48:47: + a7:d5:a3:de:f3:ac:63:4f:40:ee:27:de:02:0d:f8: + 6c:fb:98:dc:73:f1:c6:bc:48:7f:fb:f4:3c:8f:7a: + 57:7d:ac:76:51:d7:8a:c7:7b:81:65:37:ed:cb:99: + f2:c8:6b:8d:88:10:9f:ea:e1:23:58:14:40:0a:bf: + 67:f7:8b:e9:cf:56:dd:f8:5c:2e:35:86:a7:fb:20: + e0:8f:3c:bb:20:f6:c3:c3:e9:9d:91:67:15:65:50: + ba:d9:6a:75:1e:93:a2:cd:66:ed:d0:58:bf:bd:1a: + 7f:ed:de:25:ff:03:fa:82:ab:41:52:34:8c:3d:6b: + ae:9b:6a:3e:05:2b:3f:87:88:0d:8c:a4:04:0a:cc: + b1:f6:0c:02:3b:0c:98:47:6c:1f:a4:0e:d3:ce:ef: + 5f:e8:e0:23:64:84:04:64:ad:d0:18:44:b0:93:7c: + 43:f5:5a:2f:8d:d6:43:ed:fa:a1:e8:da:42:e2:cb: + 56:c5:28:e7:c6:1c:b0:04:3b:23:57:76:7d:20:b4: + 30:b1:9c:69:54:7c:45:db:1b:7f:8e:83:a9:89:7c: + 59:32:30:9b:70:7e:bc:b3:33:96:89:33:c9:6c:fe: + 79:b9:06:ed:6b:e5:70:65:9f:ad:35:e0:13:0c:27: + 17:4b:70:67:e3:95:f3:a0:90:b6:fb:06:4a:33:21: + 4f:7b:c4:ba:a2:b3:47:bd:cb:3d:88:3e:46:31:27: + e3:83:f8:8f:25:54:83:a9:63:a3:1b:33:82:7c:ea: + 78:2d:60:10:fe:54:a8:d5:cf:a1:c4:e6:8b:0e:a5: + 98:5d:f7:1d:6c:36:35:58:72:9a:81:06:a7:ed:7d: + 3a:ae:99:62:4f:af:d2:88:c9:ad:32:b0:55:aa:ce: + ee:0e:5d:70:2a:84:a8:ef:66:a5:a4:3c:c4:f1:96: + e7:e4:05:7c:8d:c1:a5:ac:7f:54:3c:bd:b3:7e:1d: + 31:ad:d5:c2:73:60:db:23:c6:29:9b:d3:f9:4f:d6: + 7d:f7:ed + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + 6F:00:AE:EF:A0:15:4C:5C:1E:A7:B4:6C:8F:5F:1F:DD:EE:C6:6C:11 + X509v3 Authority Key Identifier: + keyid:24:D0:7C:F3:88:2A:73:FF:87:A0:CB:69:E0:6B:2E:16:BD:4E:D5:E6 + + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Extended Key Usage: + TLS Web Server Authentication + X509v3 CRL Distribution Points: + + Full Name: + URI:http://intertest.wgettest.org/Bogus.crl + + Full Name: + URI:http://intertest.wgettest.org/Bogus.crl + + X509v3 Subject Alternative Name: + DNS:WgetTestingServer + Authority Information Access: + CA Issuers - URI:http://intertest.wgettest.com/Bogus.crt + CA Issuers - URI:http://intertest.wgettest.com/Bogus.crt + OCSP - URI:http://intertest.wgettest.com/ocsp/ + OCSP - URI:http://intertest.wgettest.com/ocsp/ + + Signature Algorithm: sha1WithRSAEncryption + 4b:e0:19:75:65:2d:0c:fe:d4:b6:3d:a1:02:8f:3d:89:a6:6b: + 12:c6:ee:e3:79:a0:b4:af:fa:15:97:be:35:f7:06:00:39:ba: + f9:30:e4:55:d9:98:fc:a5:b7:54:22:52:71:3a:35:d4:3b:9e: + 00:1e:5e:bb:8b:4f:21:bd:c7:df:7d:65:4c:cc:32:4e:ab:51: + 95:e2:59:b4:09:c2:78:8d:bf:ac:3b:d9:ca:9e:dc:39:ac:95: + d2:91:f9:28:31:cd:93:54:db:7a:f3:c8:a2:76:df:a0:b3:8a: + e1:00:31:a5:ba:f3:3e:3f:2e:b8:7b:cb:bb:a3:61:83:5f:6a: + ee:37:88:2f:89:a5:b6:79:ef:3c:c1:e7:cd:0b:5f:51:d4:de: + ab:85:97:f5:8c:8d:d6:59:1e:e6:db:a3:ab:1d:1d:5f:fd:ba: + 70:39:97:a1:0f:b4:6d:cc:1d:5d:49:41:9c:12:9e:b3:19:de: + 64:ab:83:2f:f3:bf:6f:26:14:e4:be:1a:50:9a:78:22:99:c0: + 39:35:ff:b1:45:ea:d3:8f:0d:ed:3d:c2:b0:77:71:26:12:4a: + f0:81:83:d7:c9:f2:0c:e8:c2:7b:9b:96:7b:06:ab:e5:ef:ac: + e6:34:58:ed:d3:9b:a3:b9:9e:7e:78:16:6e:ba:21:d3:48:01: + bc:3e:5f:6e:56:63:cc:4a:f4:e0:12:5e:8b:68:73:b7:3a:0e: + 1d:cd:44:15:6e:5c:f4:fd:8e:02:f2:a4:37:ce:08:da:5c:86: + 26:57:65:30:5a:13:29:08:ab:0f:f6:a6:ab:99:de:f0:c5:bf: + 15:a1:30:ea:23:ca:af:0a:8b:a4:58:8d:12:4f:52:27:fc:52: + dc:6d:9a:66:0f:43:c7:28:29:92:92:da:e7:9c:5c:fb:29:e6: + 31:06:81:a9:8c:51:86:d2:a2:08:bd:76:fb:61:4b:8e:49:48: + 9a:ca:a3:04:6c:dd:59:32:e1:41:f3:09:0b:9b:c0:60:64:34: + 87:21:cf:33:bf:17:14:c2:d5:05:0c:4d:21:8a:4d:5e:13:bf: + 32:c7:59:bb:48:de:82:15:8e:24:93:4c:c8:8e:e7:12:86:af: + 69:5c:5c:d8:a0:90:80:64:74:84:bb:ce:2e:e9:11:06:96:ed: + 52:3a:ba:1f:48:a2:13:14:d1:26:e8:a2:13:6d:2e:ec:ad:28: + f5:74:da:d7:7e:5e:eb:eb:4b:8d:3d:73:c1:ac:38:20:52:e6: + c5:72:fa:7e:e0:6c:fa:21:25:42:f8:fe:3a:1d:0a:4b:c1:ee: + 3b:36:61:b9:58:ec:09:4a:4d:4f:51:e5:7c:af:b4:1b:8d:28: + 45:e1:67:d1:2c:72:47:7d +-----BEGIN CERTIFICATE----- +MIIHHDCCBQSgAwIBAgICESQwDQYJKoZIhvcNAQEFBQAwYjEeMBwGA1UEAwwVaWNh +LXdnZXRUZXN0aW5nU2VydmVyMQswCQYDVQQIDAJDQTELMAkGA1UEBhMCVVMxGDAW +BgkqhkiG9w0BCQEWCWljYXRlc3RlcjEMMAoGA1UECgwDSW50MB4XDTE3MDUwOTIx +MzA0NFoXDTE5MDUwOTIxMzA0NFowXzEaMBgGA1UEAwwRV2dldFRlc3RpbmdTZXJ2 +ZXIxCzAJBgNVBAgMAkNBMQswCQYDVQQGEwJVUzEZMBcGCSqGSIb3DQEJARYKdXNl +cnRlc3RlcjEMMAoGA1UECgwDSW50MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC +CgKCAgEAue1aicWOIKKNxu4MYvaaZU3aOgQnuCPPjBpfHHkJGuXrV4LzSGaydLuV +pACHWieIV37ugIfs0sqJhlMNefacZuAZrXhhiyCbPtq0Qju9uGLxDkAmc/Ll626J +3tcmYxHPvDCKferhoZyevOhcilB/yM+MjAnirhs/GB1Ufmqo7akEnvz8SEen1aPe +86xjT0DuJ94CDfhs+5jcc/HGvEh/+/Q8j3pXfax2UdeKx3uBZTfty5nyyGuNiBCf +6uEjWBRACr9n94vpz1bd+FwuNYan+yDgjzy7IPbDw+mdkWcVZVC62Wp1HpOizWbt +0Fi/vRp/7d4l/wP6gqtBUjSMPWuum2o+BSs/h4gNjKQECsyx9gwCOwyYR2wfpA7T +zu9f6OAjZIQEZK3QGESwk3xD9VovjdZD7fqh6NpC4stWxSjnxhywBDsjV3Z9ILQw +sZxpVHxF2xt/joOpiXxZMjCbcH68szOWiTPJbP55uQbta+VwZZ+tNeATDCcXS3Bn +45XzoJC2+wZKMyFPe8S6orNHvcs9iD5GMSfjg/iPJVSDqWOjGzOCfOp4LWAQ/lSo +1c+hxOaLDqWYXfcdbDY1WHKagQan7X06rpliT6/SiMmtMrBVqs7uDl1wKoSo72al +pDzE8Zbn5AV8jcGlrH9UPL2zfh0xrdXCc2DbI8Ypm9P5T9Z99+0CAwEAAaOCAd0w +ggHZMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFG8Aru+gFUxcHqe0bI9fH93u +xmwRMB8GA1UdIwQYMBaAFCTQfPOIKnP/h6DLaeBrLha9TtXmMAsGA1UdDwQEAwIF +oDATBgNVHSUEDDAKBggrBgEFBQcDATBnBgNVHR8EYDBeMC2gK6AphidodHRwOi8v +aW50ZXJ0ZXN0LndnZXR0ZXN0Lm9yZy9Cb2d1cy5jcmwwLaAroCmGJ2h0dHA6Ly9p +bnRlcnRlc3Qud2dldHRlc3Qub3JnL0JvZ3VzLmNybDAcBgNVHREEFTATghFXZ2V0 +VGVzdGluZ1NlcnZlcjCB3AYIKwYBBQUHAQEEgc8wgcwwMwYIKwYBBQUHMAKGJ2h0 +dHA6Ly9pbnRlcnRlc3Qud2dldHRlc3QuY29tL0JvZ3VzLmNydDAzBggrBgEFBQcw +AoYnaHR0cDovL2ludGVydGVzdC53Z2V0dGVzdC5jb20vQm9ndXMuY3J0MC8GCCsG +AQUFBzABhiNodHRwOi8vaW50ZXJ0ZXN0LndnZXR0ZXN0LmNvbS9vY3NwLzAvBggr +BgEFBQcwAYYjaHR0cDovL2ludGVydGVzdC53Z2V0dGVzdC5jb20vb2NzcC8wDQYJ +KoZIhvcNAQEFBQADggIBAEvgGXVlLQz+1LY9oQKPPYmmaxLG7uN5oLSv+hWXvjX3 +BgA5uvkw5FXZmPylt1QiUnE6NdQ7ngAeXruLTyG9x999ZUzMMk6rUZXiWbQJwniN +v6w72cqe3DmsldKR+SgxzZNU23rzyKJ236CziuEAMaW68z4/Lrh7y7ujYYNfau43 +iC+JpbZ57zzB580LX1HU3quFl/WMjdZZHubbo6sdHV/9unA5l6EPtG3MHV1JQZwS +nrMZ3mSrgy/zv28mFOS+GlCaeCKZwDk1/7FF6tOPDe09wrB3cSYSSvCBg9fJ8gzo +wnublnsGq+XvrOY0WO3Tm6O5nn54Fm66IdNIAbw+X25WY8xK9OASXotoc7c6Dh3N +RBVuXPT9jgLypDfOCNpchiZXZTBaEykIqw/2pquZ3vDFvxWhMOojyq8Ki6RYjRJP +Uif8UtxtmmYPQ8coKZKS2uecXPsp5jEGgamMUYbSogi9dvthS45JSJrKowRs3Vky +4UHzCQubwGBkNIchzzO/FxTC1QUMTSGKTV4TvzLHWbtI3oIVjiSTTMiO5xKGr2lc +XNigkIBkdIS7zi7pEQaW7VI6uh9IohMU0SboohNtLuytKPV02td+XuvrS409c8Gs +OCBS5sVy+n7gbPohJUL4/jodCkvB7js2YblY7AlKTU9R5XyvtBuNKEXhZ9Esckd9 +-----END CERTIFICATE----- diff --git a/tests/certs/user.key b/tests/certs/user.key new file mode 100644 index 0000000..5980ffe --- /dev/null +++ b/tests/certs/user.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKAIBAAKCAgEAue1aicWOIKKNxu4MYvaaZU3aOgQnuCPPjBpfHHkJGuXrV4Lz +SGaydLuVpACHWieIV37ugIfs0sqJhlMNefacZuAZrXhhiyCbPtq0Qju9uGLxDkAm +c/Ll626J3tcmYxHPvDCKferhoZyevOhcilB/yM+MjAnirhs/GB1Ufmqo7akEnvz8 +SEen1aPe86xjT0DuJ94CDfhs+5jcc/HGvEh/+/Q8j3pXfax2UdeKx3uBZTfty5ny +yGuNiBCf6uEjWBRACr9n94vpz1bd+FwuNYan+yDgjzy7IPbDw+mdkWcVZVC62Wp1 +HpOizWbt0Fi/vRp/7d4l/wP6gqtBUjSMPWuum2o+BSs/h4gNjKQECsyx9gwCOwyY +R2wfpA7Tzu9f6OAjZIQEZK3QGESwk3xD9VovjdZD7fqh6NpC4stWxSjnxhywBDsj +V3Z9ILQwsZxpVHxF2xt/joOpiXxZMjCbcH68szOWiTPJbP55uQbta+VwZZ+tNeAT +DCcXS3Bn45XzoJC2+wZKMyFPe8S6orNHvcs9iD5GMSfjg/iPJVSDqWOjGzOCfOp4 +LWAQ/lSo1c+hxOaLDqWYXfcdbDY1WHKagQan7X06rpliT6/SiMmtMrBVqs7uDl1w +KoSo72alpDzE8Zbn5AV8jcGlrH9UPL2zfh0xrdXCc2DbI8Ypm9P5T9Z99+0CAwEA +AQKCAgBzBQnwlx1wxP8OZK+W/VXQe9QX9gAYY1b/JkVWmO3wDPKFZcZZMOcPXgiZ +t5YESNaIwkaLjwsL8C4ZwgFhRRXGcraP4Rv+9MH1pVjEbK7Whab4mOjw7AAeoHh8 +Of9OZHNtyV2zvf2te/WbiefNzTTwJq2c6HSqHsLuiR5/Qj6VH+1y6bCsil+iw8im +WCvrmJB8a1Q8DkZlc1BWDelTC0rZtGNOo3HCllFwGfaJp7cJxgq+3NMb96VL2nUD +2hmCYKypuXV4575R/Tw+a9BOXqpGqjUhh4GASAgdh8VpcSsETWf6Hmir7MtXZGiU +boLXWrBvl/FLjMuJ0KYNU+K6EIaoIqb0PDbxfmo+nmQD/a/JSF3sYOUiqMJd34VC +PYWpO+tDXSbtfHxJdP0/YBEKsvIU1kNYO8TE2zT8wl+AZJ2yz71p7VlQGN/24jnJ +qTNY8HJ0TXgBZVBHsrgOlwTVWmuUcqIpVkrVO99iVO9C5EwqZey8CmGsJp+FfBpG +pwVd99N7qi1q/VhBMERbeawDAjdKwU4IWFREB4ryTDw1+tVdCo3vXPYT+kRgPHW/ +mP1sG1kRkxYlrrGspx0o2wIHS/DUouxijJ0hC9UYoKINpvjSC+3Kijkl5cULtrO3 +Py6qeZPgoAK7iMtIVUwkxMZ3KNP7y7NoOIsP5L/dX+L311tG5QKCAQEA2woTdkZE +un8wlGAsvBxSBzqD0l9otKQ297BLrqgnvIOqs02AF4sekaYdB2jIE/eMftZm7bjL +4na4F7SGpKhMumJhaJUPa22fChcLHjWg082PoGHQM0Mf1Syyup+uLa2qFF+YAxHe +aK9UO9Fi+cK5L0JeEY3ft0EkP1IELn+TfTnOCTeoMFy9K3ypaYW4td6aEIdhSMxf +1am+5BB1Zu1NRsNiPWK3TOKeOqnFm0E3IhXLPjmd9RIDRDmvOXcLuRc3a5TC7zEG +MuBD1deYFZSwJHIa/ykReW/fQRiqzYa+zZCpzwLx2Daz1RAqmibUEmCL9ldxh3vJ +Dt8x3B6+UydYQwKCAQEA2Uzq+Y7sh1SNWKxlR94UDvBC6Cbz7vJWy5zcs8vV3YNn +jNi+/tXdAWpmTxGgW8bxa8iwpfGNKQmMVLQDmoSRk9s5KsVomtLkEkTdtIRyrdjh +NKjSmy0ECyfeGU/1KflHBpw+DRwVVxEhoFhum88FcDoihD9CKzPMr2d5RMmsPtCS +WpldQKbhoIAEOWnXyIsEU090m9u9jKKfDU5lUGXD7Gl4bMhe2umPJN0Cj6MrOmhj +kvc3V7bqlC3ikYbOI4r8oFT0sbo9XWl0caRmtqwvpPXQOQ6XLbFkLcNKRubMWSvs +OcznU4o0PJiujO1Ue1sBz4/BwM1Dq4dYkur0qGpEDwKCAQBkuzaGDvyuc62onq4T ++EY08tEKnzvszxRERjwX31ce18JZ4QtGSIFPZAA3lxVkMVTYQ8tkCbcht40jwa6l +7IwUrwey69ICipA4OK6xPuJuZTtm+3SfDoCGLZ8oOiUE9ref1PJ4fvA0XmUzeTC2 +QbmeJTxTgFZg1UFRKWuo4py2Wy4IiSL80rlgVV0nnQp8ARoC/e9cZjiwbvbNtU/4 +fKssHtCAAHThk9pGiirJIm2zbChivmaI/Lap2olduQSYIzgmbmxTSc1a+k3X+uUD +D7UNnbgSnhVeLneSXUC3cf8vVBbzj5we3dFH675b0/11Uhcru70HHIMzJqusWisW +3KI3AoIBAQCJmsDNyekUhcGAXqNAUGyJTTJBSrF8JfA6vhmwraq/vH+tXHAOdiWe +yN8CwRm4JJIq/AqI+x611vsLhHcnuT1q0Q8xe5MTP+r3eq6eqqToXAe4zhOX+niu +C9AEXXLV4qpMkFJnANquqQWPQZDBj+ZUvCuxbVGchA/hH3hWzBMMMA4N20KHN2Z3 +ublzFgh0UTwq+YzRSeSNk0l/Jp7Xu6nHIr8EvBn9LJvd7yq5BM3SDdrIbU6ZeBay +QSBRoXkWXuQ9L69IgLRtW+NGN6JnmUAOiS8Tgp7Pa58Rr7JwlaTf7wWHUK9IYqNT +oCggzAWMnAPYiaNbUWDB1VKMrsbBg5GXAoIBAHzDXgiVAXkvMKIrVk+QOj5/mV5s +bggtYtUCrs5bEBHdBvykPdMWjLiVpNhHniIXCp8jc1Cvc1gJiFTo2oJIVvPHVQvr +9xd0dEtcXYjusLrbzijd5KefelkQeZbo1EX3p4wFVOcYjuR4EHLHQN9xe5fb5Hne +e97CtK/P9SLKOF9Lwy3oqjZkRk1sgY9DWzYMNj/VHhCFbF1rodlQJx9ThBXYat9L +gOmUK1AJrCkQEPTbcL5GERL/pG821OeZ6hd94zBzk/gddU0Fgwp5E1IsIhxe1Wp5 +D+yzH9HJ7Hm0ileMcAi9dvvvGPV8CXIc/7rVtVwxmTKZBHiN3DpFOMgOFrE= +-----END RSA PRIVATE KEY----- diff --git a/tests/certs/wgethosts b/tests/certs/wgethosts new file mode 100644 index 0000000..04b5215 --- /dev/null +++ b/tests/certs/wgethosts @@ -0,0 +1 @@ +WgetTestingServer localhost diff --git a/tests/certs/wotca.pem b/tests/certs/wotca.pem new file mode 100644 index 0000000..a968cd0 --- /dev/null +++ b/tests/certs/wotca.pem @@ -0,0 +1,78 @@ +-----BEGIN CERTIFICATE----- +MIIHOTCCBSGgAwIBAgICESMwDQYJKoZIhvcNAQEFBQAwgZkxCzAJBgNVBAYTAlVT +MQswCQYDVQQIDAJDQTERMA8GA1UEBwwIU2FuIEpvc2UxIDAeBgNVBAoMF1dnZXQg +VGVzdGluZyBEZXBhcnRtZW50MRAwDgYDVQQLDAdUZXN0aW5nMRQwEgYDVQQDDAtX +Z2V0VGVzdGluZzEgMB4GCSqGSIb3DQEJARYRYnVncy13Z2V0QGdudS5vcmcwHhcN +MTcwNTA5MjEyNDMwWhcNMTkwNTA5MjEyNDMwWjBiMR4wHAYDVQQDDBVpY2Etd2dl +dFRlc3RpbmdTZXJ2ZXIxCzAJBgNVBAgMAkNBMQswCQYDVQQGEwJVUzEYMBYGCSqG +SIb3DQEJARYJaWNhdGVzdGVyMQwwCgYDVQQKDANJbnQwggIiMA0GCSqGSIb3DQEB +AQUAA4ICDwAwggIKAoICAQCpFc5lZraIIP8PVVbnwSrE11p2kjVgzDPwIJ/bDYGd +60VEMc2ehVOMtj3lFbAUu4nb6j7IbAGB4bUqg4BUVfRodvd2f1WsfAfhf3AUnpI0 +c+ytK8HuXSfv3s44+/iQJftLE0kTADZf9iV/GxdEbhwQXBWku0xU/mxRH4zxDGwZ +6gurQ96Md6DVUgnZsnRgrukQikr9C5e8cbKj7FHLZgq9E+NlGppmKi8qGTUXK17L +cLBEP04glOnMuRQKB6SCIoX+VCiw33hWYfzIiXDKFqcj0liYANyLbM9TiFITGyTj +Jr+Ne1Lac0HlNd8vNeP6IPBjViNZ8Iw3GYly1i8li4THzo8VpXBkJlwOLEYSq9Hr +ZJ0QzUbyzVTLdhlCBhFme17Z9PxQyBr+2A0Lp+r/oKdr+KfMYZN3tzV3YozSw5d6 +4uV2Nz9pVCmLjR8UAV6cJqJILAxCQRVs4Qs7Ko3mGWKWi3T5xxvFy8gQrNHg7+IN +g+0OhsIkfHTGsfW7WGukGhfmispi6sjrbNABRws8Vlr7JcVNFS4uu4H3cVCZ3Rde +9IduNYs0gqss4SYMAxKAz0/M7OCY8Z9obh7zIdsG1A2S07cv9OMsjgPhLiO/i4HF +RriQtYR5sWZKkmZgmS68aJuh/JLijlF/m2HLbI5gSlgwuSAtKUj2C68mTrXZJ3Xl +IwIDAQABo4IBvzCCAbswDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUJNB884gq +c/+HoMtp4GsuFr1O1eYwHwYDVR0jBBgwFoAUF+2TQ4+npgB11Oi2gg2IN37AbQgw +CwYDVR0PBAQDAgGmMBMGA1UdJQQMMAoGCCsGAQUFBwMBMF0GA1UdHwRWMFQwKKAm +oCSGImh0dHA6Ly90ZXN0LndnZXR0ZXN0Lm9yZy9Cb2d1cy5jcmwwKKAmoCSGImh0 +dHA6Ly90ZXN0LndnZXR0ZXN0Lm9yZy9Cb2d1cy5jcmwwHAYDVR0RBBUwE4IRV2dl +dFRlc3RpbmdTZXJ2ZXIwgcgGCCsGAQUFBwEBBIG7MIG4MC4GCCsGAQUFBzAChiJo +dHRwOi8vdGVzdC53Z2V0dGVzdC5jb20vQm9ndXMuY3J0MC4GCCsGAQUFBzAChiJo +dHRwOi8vdGVzdC53Z2V0dGVzdC5jb20vQm9ndXMuY3J0MCoGCCsGAQUFBzABhh5o +dHRwOi8vdGVzdC53Z2V0dGVzdC5jb20vb2NzcC8wKgYIKwYBBQUHMAGGHmh0dHA6 +Ly90ZXN0LndnZXR0ZXN0LmNvbS9vY3NwLzANBgkqhkiG9w0BAQUFAAOCAgEAqUa7 +cQLhjXCAHiMT9V5+hzB/ngriEKC456htspq9RC/FWnYXZ+au89FehFunjy5qzbSz +q7N97rCD2drSwn4B6uBymmIxU6iARmtcsPrfhgXHdvhuVop6yuXspoaU7+g1WMXi +t0RGBx0FahYlggt8a7HnMu3Qz6v8llDeA3U2BCe5ui7mWTauj3bFv/pLW3sigvm0 +Cr3aBHpkIzfHU5D6EC3fKNXQNQruXCCIcBayNiaX+FJcK18sU8tRewiWo/VvffHi +J89/oHvZnXkteT/mEyeAbjkPkNrmNQTmG69t/x4NdxNDe5ZrEpbEPE/6S5z+YP1T +bXG7OeES2/+K3Fprwv/oCoeQdv3bBh4IcRhhE7KpEGnJOLfV1a5aRpVCz/0C30xk +x5GYo0a+AkPAW3zYTaKQXIKDJLpAU6QJ13WaEjVS1EYnUE2o3XEjyZPJVL1y7VSd +1gdk5MEto6RsVH6EmJBBaSiiAj6d1GbkmNku73FiUvRGk39WbGN9qfjrMPvGhAcL +0GrIg5oQLOf0f6sdIU3TJkARNSmgSoLV+RatIEgKI+/i6FxlRdBPoGopPJkrh/gS +stf93A7rFKWmYNKZOMhWXxyv14lwWhBi0bW9QfzavJse047v9X3UvRki06uWXH2t +H51/0uT9gISqZ1CKDpnez4wrjACuKmfI9D2p6J4= +-----END CERTIFICATE----- + +-----BEGIN CERTIFICATE----- +MIIGBzCCA++gAwIBAgIJAJlGYwAp0+gKMA0GCSqGSIb3DQEBCwUAMIGZMQswCQYD +VQQGEwJVUzELMAkGA1UECAwCQ0ExETAPBgNVBAcMCFNhbiBKb3NlMSAwHgYDVQQK +DBdXZ2V0IFRlc3RpbmcgRGVwYXJ0bWVudDEQMA4GA1UECwwHVGVzdGluZzEUMBIG +A1UEAwwLV2dldFRlc3RpbmcxIDAeBgkqhkiG9w0BCQEWEWJ1Z3Mtd2dldEBnbnUu +b3JnMB4XDTE3MDQwNjIxMDEyOFoXDTE4MDQwNjIxMDEyOFowgZkxCzAJBgNVBAYT +AlVTMQswCQYDVQQIDAJDQTERMA8GA1UEBwwIU2FuIEpvc2UxIDAeBgNVBAoMF1dn +ZXQgVGVzdGluZyBEZXBhcnRtZW50MRAwDgYDVQQLDAdUZXN0aW5nMRQwEgYDVQQD +DAtXZ2V0VGVzdGluZzEgMB4GCSqGSIb3DQEJARYRYnVncy13Z2V0QGdudS5vcmcw +ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCvHmnQlY58T/PcZeR3ntBp +6YYELxmYTjrdiHLpa1HvDDkwYyVCaWxhi8R5mP/cUt7aZ0BrNMCVTy5/cEzl/w9R +VqERKDB68ZU0ku2A4YmDFenlyyUuVZhn5reovUUlhWo8p+Ir+1vwGyDPM/IQKaUJ +6tfDWVD7fgVzfpvDm8XDqKB6BvzLPk3n3K9mndv2KihTUnnJFMZOkSYaFStQ11Rz +YwR7ZvAuISB99WZf2hzaYiovB9G0WMky81vpmvjbKWVYLlpV5Inzq2QiG4tFBEP+ +ebLc1H9PGd7vrgGE2cn78g1XXpR8nPUDYF4UGFs90ftPqNDHcHFENB7DrpB7wRIa +5ZrpKyNbCGIKX+UnVR5Ra32mMM2pPiR95ZDNkqdsygLuHAsyaaj1+wvrmM81H2Jy +V/kVcFqnf3+C1aX2+hu5OL7rIskEYG8HgWwWxE0NW7Q8zTrBR7D932hM/7f8Yojx +SeqJP7vpGULeVzJF0CTksoWh+D1s+Q2b93DpoMW18VMTig2NFetQr3DdJmySed7a +g694qgY5iDv1P/CWBSj75TDBrw3Ji6PJxWES+ox29frxrCWtAjEwVI5zJ5qIZW5n ++BYir/tVloMkYSmeby9eSmTLGENZrepBwuocpvJ1yQRosdzYG42MjfI2JhlTFWvw +wdGCsFqsRcsfPTJqu801QQIDAQABo1AwTjAdBgNVHQ4EFgQUF+2TQ4+npgB11Oi2 +gg2IN37AbQgwHwYDVR0jBBgwFoAUF+2TQ4+npgB11Oi2gg2IN37AbQgwDAYDVR0T +BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAewaQ/hmPbjNI7FFNM63M1qnWHK+t +Zsm5qHWMk5WkcdavsqpexGDc3VxBYFzqqEjlCTseMgsNZ76FENZeNGNFtKScUHuR +J6Fp+pqEZJ9AoQy8WbkDuFjsKs+En3cMvqy4QUqVOFrKg1PKJEWlqvonMs+apzvJ +0bjj5Aj2w906XvpKYTnfR6QHJC5ZP5xTorJWLvAwWl0ZuqxQKT0fXKcPeAlE0c4b +3eJ5jFXPIFkYt0fJcUnZp6QJv608/METl9x+rTYfRsD6kQGC+281C19PxBacTzxH +fAjsesvP7t7pPlh+Chdd7w1QqFg4UUH9NfIkiq06UtIUoQHfCgT1FvXoFoPiRR5f +5m67jGE8Sn04nnGhvHnN03kOuwK/VIniLuHdWw0nwLBWIEpzZPbIQQSezoJd7ViY +2zBJQCtp1ewEDOXecBL+8CNIUXTiFoOxP/YMuLruoYB5dkLpIFbscHp3dZJMScoz +XJQHh68KH0oRm+/FnK3MLxn56nbwoV4uhdIr5FgLglh7PUfUa2wavFjhi3MY50qD +SsvoCmBny/N2KJK2tEBIGWbdYy1XBF/l8xaORdT/M4ILYV52Wf2AYy9NTYJxiB0V +LwVGbG5plMbJiBFDOZcram4pQrG6k21t2Xv2lkVf1AvOlx4qKfUN04TGWXwu5dAP +pnv5yEwOelBLq7Q= +-----END CERTIFICATE----- + |