Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

multi level ca for CaBuffer #1050

Merged
merged 6 commits into from
May 15, 2024
Merged
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
update unittest for CaBuffer
xiaoloudongfeng committed May 7, 2024
commit 46087f60e37a0cdb0ca4517627cd52bebac8f55c
2 changes: 2 additions & 0 deletions test/CMakeLists.txt
Original file line number Diff line number Diff line change
@@ -74,6 +74,8 @@ if (ENABLE_SSL_TESTS)
add_custom_command(TARGET ssl_tests POST_BUILD COMMAND ${CMAKE_COMMAND} -E make_directory $<TARGET_FILE_DIR:ssl_tests>/data/certificates $<TARGET_FILE_DIR:ssl_tests>/data/keys)
add_custom_command(TARGET ssl_tests POST_BUILD COMMAND ${CMAKE_COMMAND} -E copy_if_different ${CMAKE_CURRENT_SOURCE_DIR}/data/certificates/client.crt $<TARGET_FILE_DIR:ssl_tests>/data/certificates/client.crt)
add_custom_command(TARGET ssl_tests POST_BUILD COMMAND ${CMAKE_COMMAND} -E copy_if_different ${CMAKE_CURRENT_SOURCE_DIR}/data/certificates/root-ca.crt $<TARGET_FILE_DIR:ssl_tests>/data/certificates/root-ca.crt)
add_custom_command(TARGET ssl_tests POST_BUILD COMMAND ${CMAKE_COMMAND} -E copy_if_different ${CMAKE_CURRENT_SOURCE_DIR}/data/certificates/sub-ca.crt $<TARGET_FILE_DIR:ssl_tests>/data/certificates/sub-ca.crt)
add_custom_command(TARGET ssl_tests POST_BUILD COMMAND ${CMAKE_COMMAND} -E copy_if_different ${CMAKE_CURRENT_SOURCE_DIR}/data/certificates/ca-bundle.crt $<TARGET_FILE_DIR:ssl_tests>/data/certificates/ca-bundle.crt)
add_custom_command(TARGET ssl_tests POST_BUILD COMMAND ${CMAKE_COMMAND} -E copy_if_different ${CMAKE_CURRENT_SOURCE_DIR}/data/certificates/server.crt $<TARGET_FILE_DIR:ssl_tests>/data/certificates/server.crt)
add_custom_command(TARGET ssl_tests POST_BUILD COMMAND ${CMAKE_COMMAND} -E copy_if_different ${CMAKE_CURRENT_SOURCE_DIR}/data/keys/client.key $<TARGET_FILE_DIR:ssl_tests>/data/keys/client.key)
add_custom_command(TARGET ssl_tests POST_BUILD COMMAND ${CMAKE_COMMAND} -E copy_if_different ${CMAKE_CURRENT_SOURCE_DIR}/data/keys/root-ca.key $<TARGET_FILE_DIR:ssl_tests>/data/keys/root-ca.key)
24 changes: 24 additions & 0 deletions test/data/certificates/ca-bundle.crt
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
-----BEGIN CERTIFICATE-----
MIIBrjCCAWCgAwIBAgIRAKy+/CzeW5ALVVSDllVnZdMwBQYDK2VwMDExCzAJBgNV
BAYTAkdCMRAwDgYDVQQKDAdFeGFtcGxlMRAwDgYDVQQDDAdSb290IENBMB4XDTI0
MDUwNzEwMTgyMloXDTM0MDUwNTEwMTgyMlowMDELMAkGA1UEBhMCR0IxEDAOBgNV
BAoMB0V4YW1wbGUxDzANBgNVBAMMBlN1YiBDQTAqMAUGAytlcAMhAL9vKw+Jb0jc
THPJj/0HKRBIusX9D0Xj4qZEvK3kqXX+o4GNMIGKMA8GA1UdEwEB/wQFMAMBAf8w
DgYDVR0PAQH/BAQDAgIEMB0GA1UdDgQWBBSbsZshYdxmKzqt7YTxBbbOmYLB/DBI
BgNVHR4EQTA/oD0wC4IJbG9jYWxob3N0MAqHCH8AAAH/AAAAMCKHIAAAAAAAAAAA
AAAAAAAAAAH/////////////////////MAUGAytlcANBACspVj23xQ46wvlIWimf
ofVcl0Nlj1rW1CoTOoA4butJGfJJQoYMzW8Ui/sVokzPoTw7vdOw9u3Knps26c0T
Ygk=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIBrzCCAWGgAwIBAgIRAKy+/CzeW5ALVVSDllVnZdIwBQYDK2VwMDExCzAJBgNV
BAYTAkdCMRAwDgYDVQQKDAdFeGFtcGxlMRAwDgYDVQQDDAdSb290IENBMB4XDTI0
MDUwNzEwMTgyMloXDTM0MDUwNTEwMTgyMlowMTELMAkGA1UEBhMCR0IxEDAOBgNV
BAoMB0V4YW1wbGUxEDAOBgNVBAMMB1Jvb3QgQ0EwKjAFBgMrZXADIQDI4HsQNDKN
xwtOvL2FI7Q+VIoqWLHmsoLaOe1L+JvbyKOBjTCBijAPBgNVHRMBAf8EBTADAQH/
MA4GA1UdDwEB/wQEAwICBDAdBgNVHQ4EFgQUvMDvOfNgjMd7lZ6iDa/JCJcVLwkw
SAYDVR0eBEEwP6A9MAuCCWxvY2FsaG9zdDAKhwh/AAAB/wAAADAihyAAAAAAAAAA
AAAAAAAAAAAB/////////////////////zAFBgMrZXADQQBCMm6k6vanrNUO3vlc
vsecQTSUVxsnl+bD6ANYhs10cuGafZ/lFRh1z4yBxz50b7EIePDeLP2pZlLmz8bm
sN8M
-----END CERTIFICATE-----
14 changes: 7 additions & 7 deletions test/data/certificates/client.crt
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
-----BEGIN CERTIFICATE-----
MIIBejCCASygAwIBAgIQKMJShx7GKmJqmABrC/KIkDAFBgMrZXAwMTELMAkGA1UE
BhMCR0IxEDAOBgNVBAoMB0V4YW1wbGUxEDAOBgNVBAMMB1Jvb3QgQ0EwHhcNMjIw
NjI5MTEzMzA3WhcNMjcwNjI4MTEzMzA3WjAWMRQwEgYDVQQDDAt0ZXN0LWNsaWVu
dDAqMAUGAytlcAMhAOGArRN1SIicY6uB/2CRB668fBEDTQb1oLcCoTsYQetho3Uw
czAfBgNVHSMEGDAWgBTk8vOFDreFdYR240PRtp0UuOKktzAMBgNVHRMBAf8EAjAA
MIIBejCCASygAwIBAgIRAKy+/CzeW5ALVVSDllVnZdUwBQYDK2VwMDAxCzAJBgNV
BAYTAkdCMRAwDgYDVQQKDAdFeGFtcGxlMQ8wDQYDVQQDDAZTdWIgQ0EwHhcNMjQw
NTA3MTAxODIyWhcNMjkwNTA2MTAxODIyWjAWMRQwEgYDVQQDDAt0ZXN0LWNsaWVu
dDAqMAUGAytlcAMhAPU88C62SwhVGcJhYDp97gf1x5pHjcVD/AZ3PqoQfU68o3Uw
czAfBgNVHSMEGDAWgBSbsZshYdxmKzqt7YTxBbbOmYLB/DAMBgNVHRMBAf8EAjAA
MBMGA1UdJQQMMAoGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIHgDAdBgNVHQ4EFgQU
a5RqAAt7DpJN8iHcLvTjH2TIKtowBQYDK2VwA0EApzcNlIuTMToyqyWZ0FhxikP/
c2TS6u5qkP+YHgcJJkvJ0rRTXs164k4LpvlMG0gNxle4zfoAJQ8mAAMZcQKyAg==
TU53uUDblDe4iFsDIV77hIwigPswBQYDK2VwA0EAX0aM10AEe8HxQNXcL2Qf1ryh
StldRyLog/s1ZuGidfxwdr7xoZes0yjYaZYhkKLDIf+CR3BwEWik2ppNXE1bDw==
-----END CERTIFICATE-----
20 changes: 10 additions & 10 deletions test/data/certificates/root-ca.crt
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIBrjCCAWCgAwIBAgIQKMJShx7GKmJqmABrC/KIjjAFBgMrZXAwMTELMAkGA1UE
BhMCR0IxEDAOBgNVBAoMB0V4YW1wbGUxEDAOBgNVBAMMB1Jvb3QgQ0EwHhcNMjIw
NjI5MTEzMzA3WhcNMzIwNjI2MTEzMzA3WjAxMQswCQYDVQQGEwJHQjEQMA4GA1UE
CgwHRXhhbXBsZTEQMA4GA1UEAwwHUm9vdCBDQTAqMAUGAytlcAMhAJqzaumMKuMm
htBGbS+UCrCmXbGb+lRcuO71mPRey7HXo4GNMIGKMA8GA1UdEwEB/wQFMAMBAf8w
DgYDVR0PAQH/BAQDAgIEMB0GA1UdDgQWBBTk8vOFDreFdYR240PRtp0UuOKktzBI
BgNVHR4EQTA/oD0wC4IJbG9jYWxob3N0MAqHCH8AAAH/AAAAMCKHIAAAAAAAAAAA
AAAAAAAAAAH/////////////////////MAUGAytlcANBAESQBu1/oyaeYouu3q+h
VbIDkQiyZT4sPRYautZZ+xrN4MkNWDtwLeVJ+a9N0YU9vDpOviJpvXN4H/EEBwBF
3AA=
MIIBrzCCAWGgAwIBAgIRAKy+/CzeW5ALVVSDllVnZdIwBQYDK2VwMDExCzAJBgNV
BAYTAkdCMRAwDgYDVQQKDAdFeGFtcGxlMRAwDgYDVQQDDAdSb290IENBMB4XDTI0
MDUwNzEwMTgyMloXDTM0MDUwNTEwMTgyMlowMTELMAkGA1UEBhMCR0IxEDAOBgNV
BAoMB0V4YW1wbGUxEDAOBgNVBAMMB1Jvb3QgQ0EwKjAFBgMrZXADIQDI4HsQNDKN
xwtOvL2FI7Q+VIoqWLHmsoLaOe1L+JvbyKOBjTCBijAPBgNVHRMBAf8EBTADAQH/
MA4GA1UdDwEB/wQEAwICBDAdBgNVHQ4EFgQUvMDvOfNgjMd7lZ6iDa/JCJcVLwkw
SAYDVR0eBEEwP6A9MAuCCWxvY2FsaG9zdDAKhwh/AAAB/wAAADAihyAAAAAAAAAA
AAAAAAAAAAAB/////////////////////zAFBgMrZXADQQBCMm6k6vanrNUO3vlc
vsecQTSUVxsnl+bD6ANYhs10cuGafZ/lFRh1z4yBxz50b7EIePDeLP2pZlLmz8bm
sN8M
-----END CERTIFICATE-----
18 changes: 10 additions & 8 deletions test/data/certificates/server.crt
Original file line number Diff line number Diff line change
@@ -1,10 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIBdTCCASegAwIBAgIQKMJShx7GKmJqmABrC/KIjzAFBgMrZXAwMTELMAkGA1UE
BhMCR0IxEDAOBgNVBAoMB0V4YW1wbGUxEDAOBgNVBAMMB1Jvb3QgQ0EwHhcNMjIw
NjI5MTEzMzA3WhcNMjcwNjI4MTEzMzA3WjAWMRQwEgYDVQQDDAt0ZXN0LXNlcnZl
cjAqMAUGAytlcAMhAI64JU5RjfdEG1KQMxS5DQWkiGlKIQO7ye4mNFq9QleTo3Aw
bjAsBgNVHREEJTAjgglsb2NhbGhvc3SHBH8AAAGHEAAAAAAAAAAAAAAAAAAAAAEw
HQYDVR0OBBYEFDnBgTgB3FU45S9OetBMhHu3J9OvMB8GA1UdIwQYMBaAFOTy84UO
t4V1hHbjQ9G2nRS44qS3MAUGAytlcANBAC4NoQ31kHfp64R9gGNjTYrr2SNXHyEq
7YG0qFi5ABvLXJAbM2v27EIgY1TWYO43FBsclQsz6mcp1MzZfjT9RwQ=
MIIBtDCCAWagAwIBAgIRAKy+/CzeW5ALVVSDllVnZdQwBQYDK2VwMDAxCzAJBgNV
BAYTAkdCMRAwDgYDVQQKDAdFeGFtcGxlMQ8wDQYDVQQDDAZTdWIgQ0EwHhcNMjQw
NTA3MTAxODIyWhcNMjkwNTA2MTAxODIyWjAWMRQwEgYDVQQDDAt0ZXN0LXNlcnZl
cjAqMAUGAytlcAMhACdLUqJFSyspgGKJiXNlnOLU2dO/TLV+b8aIZNAX7EuVo4Gu
MIGrMB8GA1UdIwQYMBaAFJuxmyFh3GYrOq3thPEFts6ZgsH8MAwGA1UdEwEB/wQC
MAAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMA4GA1UdDwEB/wQEAwIF
oDAdBgNVHQ4EFgQUZkdU+CWXVppSVjW0p1JgDOdPMwkwLAYDVR0RBCUwI4IJbG9j
YWxob3N0hwR/AAABhxAAAAAAAAAAAAAAAAAAAAABMAUGAytlcANBAG1j2RGjm8ef
tiMSJ+k04KGjIL7734D+UwidjOSCQnbCVRPofIaDMwuan5IqP97pMnjAsbw/QukX
+Z9sFTWjAQk=
-----END CERTIFICATE-----
12 changes: 12 additions & 0 deletions test/data/certificates/sub-ca.crt
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIBrjCCAWCgAwIBAgIRAKy+/CzeW5ALVVSDllVnZdMwBQYDK2VwMDExCzAJBgNV
BAYTAkdCMRAwDgYDVQQKDAdFeGFtcGxlMRAwDgYDVQQDDAdSb290IENBMB4XDTI0
MDUwNzEwMTgyMloXDTM0MDUwNTEwMTgyMlowMDELMAkGA1UEBhMCR0IxEDAOBgNV
BAoMB0V4YW1wbGUxDzANBgNVBAMMBlN1YiBDQTAqMAUGAytlcAMhAL9vKw+Jb0jc
THPJj/0HKRBIusX9D0Xj4qZEvK3kqXX+o4GNMIGKMA8GA1UdEwEB/wQFMAMBAf8w
DgYDVR0PAQH/BAQDAgIEMB0GA1UdDgQWBBSbsZshYdxmKzqt7YTxBbbOmYLB/DBI
BgNVHR4EQTA/oD0wC4IJbG9jYWxob3N0MAqHCH8AAAH/AAAAMCKHIAAAAAAAAAAA
AAAAAAAAAAH/////////////////////MAUGAytlcANBACspVj23xQ46wvlIWimf
ofVcl0Nlj1rW1CoTOoA4butJGfJJQoYMzW8Ui/sVokzPoTw7vdOw9u3Knps26c0T
Ygk=
-----END CERTIFICATE-----
18 changes: 15 additions & 3 deletions test/data/generate-certificates.sh
Original file line number Diff line number Diff line change
@@ -21,6 +21,7 @@ openssl rand -hex 16 > $CA_PATH/db/serial

# Generate all private keys
openssl genpkey -algorithm ed25519 -out $KEY_PATH/root-ca.key
openssl genpkey -algorithm ed25519 -out $KEY_PATH/sub-ca.key
openssl genpkey -algorithm ed25519 -out $KEY_PATH/server.key
openssl genpkey -algorithm ed25519 -out $KEY_PATH/client.key

@@ -39,6 +40,16 @@ openssl ca -batch \
-extensions ca_ext \
-in root-ca.csr -out $CRT_PATH/root-ca.crt -notext

# Create a Certificate Signing request for the Sub CA
openssl req -new \
-config sub-ca.cnf -out sub-ca.csr \
-key $KEY_PATH/sub-ca.key

# Issue the Sub CA
openssl ca -batch \
-config root-ca.cnf \
-extensions ca_ext \
-in sub-ca.csr -out $CRT_PATH/sub-ca.crt -notext

# Create a Certificate Signing request for the server certificate
openssl req -new \
@@ -49,12 +60,11 @@ openssl req -text -in server.csr -noout
# Issue the server certificate
openssl ca -batch \
-config root-ca.cnf \
-name sub_ca \
-extensions server_ext \
-extfile server.cnf -extensions ext \
-in server.csr -out $CRT_PATH/server.crt -notext \
-days 1825


# Create a Certificate Signing request for the client certificate
openssl req -new \
-config client.cnf -out client.csr \
@@ -63,11 +73,13 @@ openssl req -new \
# Issue the client certificate
openssl ca -batch \
-config root-ca.cnf \
-name sub_ca \
-extensions client_ext \
-in client.csr -out $CRT_PATH/client.crt -notext \
-days 1825


cp $CRT_PATH/sub-ca.crt $CRT_PATH/ca-bundle.crt
cat $CRT_PATH/root-ca.crt >> $CRT_PATH/ca-bundle.crt

# Clean up
# IMPORTANT: If new certificates should be issued, $CA_PATH and its files MUST NOT be deleted!
2 changes: 1 addition & 1 deletion test/data/keys/client.key
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
-----BEGIN PRIVATE KEY-----
MC4CAQAwBQYDK2VwBCIEIPTCPxm8reXOE2aIrafTcibvg4f6Rg1/F2LVk12EILzJ
MC4CAQAwBQYDK2VwBCIEIIK4CYIlr3jGta1aSNICikX8V4CXv/i6IJTmj68CUQOU
-----END PRIVATE KEY-----
2 changes: 1 addition & 1 deletion test/data/keys/root-ca.key
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
-----BEGIN PRIVATE KEY-----
MC4CAQAwBQYDK2VwBCIEIHbCvDGMRz5Ky+7gJvQYZ5t+5sZyHI+UcAKWvS20CoLU
MC4CAQAwBQYDK2VwBCIEICJbx2nPwG8L2S/EKvCHI2q4InmAFAaNVBqdVq13ZpJz
-----END PRIVATE KEY-----
2 changes: 1 addition & 1 deletion test/data/keys/server.key
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
-----BEGIN PRIVATE KEY-----
MC4CAQAwBQYDK2VwBCIEIGVXwKYyi/u52mmDVC56TSorC/GGNqgyiW4+jsDno81i
MC4CAQAwBQYDK2VwBCIEIGqt/stoQYkwb24d3EUC0LpH2QwKuh+0tftML+wk/N1P
-----END PRIVATE KEY-----
2 changes: 1 addition & 1 deletion test/data/keys/server.pub
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
-----BEGIN PUBLIC KEY-----
MCowBQYDK2VwAyEAjrglTlGN90QbUpAzFLkNBaSIaUohA7vJ7iY0Wr1CV5M=
MCowBQYDK2VwAyEAJ0tSokVLKymAYomJc2Wc4tTZ079MtX5vxohk0BfsS5U=
-----END PUBLIC KEY-----
3 changes: 3 additions & 0 deletions test/data/keys/sub-ca.key
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
-----BEGIN PRIVATE KEY-----
MC4CAQAwBQYDK2VwBCIEIASqWiXeb8UOEbwjVVq/2j49JvbBX2aLAiqjUtHQK2qV
-----END PRIVATE KEY-----
18 changes: 17 additions & 1 deletion test/data/root-ca.cnf
Original file line number Diff line number Diff line change
@@ -23,6 +23,22 @@ default_days = 3650
default_md = sha256
policy = policy_cn_supplied

[sub_ca]
name = sub-ca
name_opt = utf8,esc_ctrl,multiline,lname,align
home = ./${ENV::CA_PATH}
database = $home/db/index
serial = $home/db/serial
certificate = ./${ENV::CRT_PATH}/$name.crt
private_key = ./${ENV::KEY_PATH}/$name.key
RANDFILE = $home/private/random
new_certs_dir = $home/certificates
unique_subject = no
copy_extensions = none
default_days = 3650
default_md = sha256
policy = policy_cn_supplied

[policy_cn_supplied]
countryName = optional
stateOrProvinceName = optional
@@ -47,13 +63,13 @@ keyUsage = critical,keyCertSign
subjectKeyIdentifier = hash
nameConstraints = @name_constraints


[server_ext]
authorityKeyIdentifier = keyid:always
basicConstraints = critical,CA:false
extendedKeyUsage = clientAuth,serverAuth
keyUsage = critical,digitalSignature,keyEncipherment
subjectKeyIdentifier = hash
subjectAltName = DNS:localhost,IP:127.0.0.1,IP:::1

[client_ext]
authorityKeyIdentifier = keyid:always
25 changes: 25 additions & 0 deletions test/data/sub-ca.cnf
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
[req]
default_bits = 4096
encrypt_key = yes
default_md = sha256
utf8 = yes
string_mask = utf8only
prompt = no
distinguished_name = sub_ca_dn
req_extensions = sub_ca_ext

[sub_ca_dn]
countryName = "GB"
organizationName = "Example"
commonName = "Sub CA"

[sub_ca_ext]
basicConstraints = critical,CA:true
keyUsage = critical,keyCertSign
subjectKeyIdentifier = hash
nameConstraints = @name_constraints

[name_constraints]
permitted;DNS.0=localhost
permitted;IP.0=127.0.0.1/255.0.0.0
permitted;IP.1=::1/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
45 changes: 25 additions & 20 deletions test/ssl_tests.cpp
Original file line number Diff line number Diff line change
@@ -36,7 +36,7 @@ TEST(SslTests, HelloWorldTestSimpel) {
std::string crtPath{baseDirPath + "certificates/"};
std::string keyPath{baseDirPath + "keys/"};

SslOptions sslOpts = Ssl(ssl::CaPath{crtPath + "root-ca.crt"}, ssl::CertFile{crtPath + "client.crt"}, ssl::KeyFile{keyPath + "client.key"}, ssl::VerifyPeer{false}, ssl::PinnedPublicKey{keyPath + "server.pub"}, ssl::VerifyHost{false}, ssl::VerifyStatus{false});
SslOptions sslOpts = Ssl(ssl::CaInfo{crtPath + "ca-bundle.crt"}, ssl::CertFile{crtPath + "client.crt"}, ssl::KeyFile{keyPath + "client.key"}, ssl::VerifyPeer{true}, ssl::PinnedPublicKey{keyPath + "server.pub"}, ssl::VerifyHost{true}, ssl::VerifyStatus{false});
Response response = cpr::Get(url, sslOpts, Timeout{5000}, Verbose{});
std::string expected_text = "Hello world!";
EXPECT_EQ(expected_text, response.text);
@@ -58,7 +58,7 @@ TEST(SslTests, HelloWorldTestFull) {
#if SUPPORT_NPN
ssl::NPN{false},
#endif // DEBUG
ssl::CaPath{crtPath + "root-ca.crt"}, ssl::CertFile{crtPath + "client.crt"}, ssl::KeyFile{keyPath + "client.key"}, ssl::PinnedPublicKey{keyPath + "server.pub"}, ssl::VerifyPeer{false}, ssl::VerifyHost{false}, ssl::VerifyStatus{false});
ssl::CaInfo{crtPath + "ca-bundle.crt"}, ssl::CertFile{crtPath + "client.crt"}, ssl::KeyFile{keyPath + "client.key"}, ssl::PinnedPublicKey{keyPath + "server.pub"}, ssl::VerifyPeer{true}, ssl::VerifyHost{true}, ssl::VerifyStatus{false});
Response response = cpr::Get(url, sslOpts, Timeout{5000}, Verbose{});
std::string expected_text = "Hello world!";
EXPECT_EQ(expected_text, response.text);
@@ -76,7 +76,7 @@ TEST(SslTests, GetCertInfos) {
std::string crtPath{baseDirPath + "certificates/"};
std::string keyPath{baseDirPath + "keys/"};

SslOptions sslOpts = Ssl(ssl::CaPath{crtPath + "root-ca.crt"}, ssl::CertFile{crtPath + "client.crt"}, ssl::KeyFile{keyPath + "client.key"}, ssl::VerifyPeer{false}, ssl::VerifyHost{false}, ssl::VerifyStatus{false});
SslOptions sslOpts = Ssl(ssl::CaInfo{crtPath + "ca-bundle.crt"}, ssl::CertFile{crtPath + "client.crt"}, ssl::KeyFile{keyPath + "client.key"}, ssl::VerifyPeer{true}, ssl::VerifyHost{true}, ssl::VerifyStatus{false});

Response response = cpr::Get(url, sslOpts, Timeout{5000}, Verbose{});
std::vector<CertInfo> certInfos = response.GetCertInfos();
@@ -85,26 +85,31 @@ TEST(SslTests, GetCertInfos) {
std::vector<CertInfo> expectedCertInfos{
CertInfo{
"Subject:CN = test-server",
"Issuer:C = GB, O = Example, CN = Root CA",
"Issuer:C = GB, O = Example, CN = Sub CA",
"Version:2",
"Serial Number:28c252871ec62a626a98006b0bf2888f",
"Serial Number:acbefc2cde5b900b55548396556765d4",
"Signature Algorithm:ED25519",
"Public Key Algorithm:ED25519",
"X509v3 Authority Key Identifier:9B:B1:9B:21:61:DC:66:2B:3A:AD:ED:84:F1:05:B6:CE:99:82:C1:FC",
"X509v3 Basic Constraints:CA:FALSE",
"X509v3 Extended Key Usage:TLS Web Client Authentication, TLS Web Server Authentication",
"X509v3 Key Usage:Digital Signature, Key Encipherment",
"X509v3 Subject Key Identifier:66:47:54:F8:25:97:56:9A:52:56:35:B4:A7:52:60:0C:E7:4F:33:09",
"X509v3 Subject Alternative Name:DNS:localhost, IP Address:127.0.0.1, IP Address:0:0:0:0:0:0:0:1",
"X509v3 Subject Key Identifier:39:C1:81:38:01:DC:55:38:E5:2F:4E:7A:D0:4C:84:7B:B7:27:D3:AF",
"X509v3 Authority Key Identifier:E4:F2:F3:85:0E:B7:85:75:84:76:E3:43:D1:B6:9D:14:B8:E2:A4:B7",
"Start date:Jun 29 11:33:07 2022 GMT",
"Expire date:Jun 28 11:33:07 2027 GMT",
"Signature:2e:0d:a1:0d:f5:90:77:e9:eb:84:7d:80:63:63:4d:8a:eb:d9:23:57:1f:21:2a:ed:81:b4:a8:58:b9:00:1b:cb:5c:90:1b:33:6b:f6:ec:42:20:63:54:d6:60:ee:37:14:1b:1c:95:0b:33:ea:67:29:d4:cc:d9:7e:34:fd:47:04:",
"Start date:May 7 10:18:22 2024 GMT",
"Expire date:May 6 10:18:22 2029 GMT",
"Signature:6d:63:d9:11:a3:9b:c7:9f:b6:23:12:27:e9:34:e0:a1:a3:20:be:fb:df:80:fe:53:08:9d:8c:e4:82:42:76:c2:55:13:e8:7c:86:83:33:0b:9a:9f:92:2a:3f:de:e9:32:78:c0:b1:bc:3f:42:e9:17:f9:9f:6c:15:35:a3:01:09:",
R"(Cert:-----BEGIN CERTIFICATE-----
MIIBdTCCASegAwIBAgIQKMJShx7GKmJqmABrC/KIjzAFBgMrZXAwMTELMAkGA1UE
BhMCR0IxEDAOBgNVBAoMB0V4YW1wbGUxEDAOBgNVBAMMB1Jvb3QgQ0EwHhcNMjIw
NjI5MTEzMzA3WhcNMjcwNjI4MTEzMzA3WjAWMRQwEgYDVQQDDAt0ZXN0LXNlcnZl
cjAqMAUGAytlcAMhAI64JU5RjfdEG1KQMxS5DQWkiGlKIQO7ye4mNFq9QleTo3Aw
bjAsBgNVHREEJTAjgglsb2NhbGhvc3SHBH8AAAGHEAAAAAAAAAAAAAAAAAAAAAEw
HQYDVR0OBBYEFDnBgTgB3FU45S9OetBMhHu3J9OvMB8GA1UdIwQYMBaAFOTy84UO
t4V1hHbjQ9G2nRS44qS3MAUGAytlcANBAC4NoQ31kHfp64R9gGNjTYrr2SNXHyEq
7YG0qFi5ABvLXJAbM2v27EIgY1TWYO43FBsclQsz6mcp1MzZfjT9RwQ=
MIIBtDCCAWagAwIBAgIRAKy+/CzeW5ALVVSDllVnZdQwBQYDK2VwMDAxCzAJBgNV
BAYTAkdCMRAwDgYDVQQKDAdFeGFtcGxlMQ8wDQYDVQQDDAZTdWIgQ0EwHhcNMjQw
NTA3MTAxODIyWhcNMjkwNTA2MTAxODIyWjAWMRQwEgYDVQQDDAt0ZXN0LXNlcnZl
cjAqMAUGAytlcAMhACdLUqJFSyspgGKJiXNlnOLU2dO/TLV+b8aIZNAX7EuVo4Gu
MIGrMB8GA1UdIwQYMBaAFJuxmyFh3GYrOq3thPEFts6ZgsH8MAwGA1UdEwEB/wQC
MAAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMA4GA1UdDwEB/wQEAwIF
oDAdBgNVHQ4EFgQUZkdU+CWXVppSVjW0p1JgDOdPMwkwLAYDVR0RBCUwI4IJbG9j
YWxob3N0hwR/AAABhxAAAAAAAAAAAAAAAAAAAAABMAUGAytlcANBAG1j2RGjm8ef
tiMSJ+k04KGjIL7734D+UwidjOSCQnbCVRPofIaDMwuan5IqP97pMnjAsbw/QukX
+Z9sFTWjAQk=
-----END CERTIFICATE-----
)",
},
@@ -142,8 +147,8 @@ TEST(SslTests, LoadCertFromBufferTestSimpel) {
std::string baseDirPath{server->getBaseDirPath()};
std::string crtPath{baseDirPath + "certificates/"};
std::string keyPath{baseDirPath + "keys/"};
std::string certBuffer = loadCertificateFromFile(crtPath + "root-ca.crt");
SslOptions sslOpts = Ssl(ssl::CaBuffer{std::move(certBuffer)}, ssl::CertFile{crtPath + "client.crt"}, ssl::KeyFile{keyPath + "client.key"}, ssl::VerifyPeer{false}, ssl::VerifyHost{false}, ssl::VerifyStatus{false});
std::string certBuffer = loadCertificateFromFile(crtPath + "ca-bundle.crt");
SslOptions sslOpts = Ssl(ssl::CaBuffer{std::move(certBuffer)}, ssl::CertFile{crtPath + "client.crt"}, ssl::KeyFile{keyPath + "client.key"}, ssl::VerifyPeer{true}, ssl::VerifyHost{true}, ssl::VerifyStatus{false});
Response response = cpr::Get(url, sslOpts, Timeout{5000}, Verbose{});
std::string expected_text = "Hello world!";
EXPECT_EQ(expected_text, response.text);