From b252baecc5d9748562c67a4fcb19da07c9cf78f4 Mon Sep 17 00:00:00 2001 From: Diamond Lewis Date: Fri, 12 May 2023 18:00:48 -0500 Subject: [PATCH 1/7] initial testing --- tests/Parse/Helper.php | 8 +++ tests/Parse/ParseClientTest.php | 19 ++++++ tests/gencerts.sh | 74 ++++++++++++++++++++++ tests/keys/client-copy.pem | 30 +++++++++ tests/keys/client.crt | 30 +++++++++ tests/keys/client.der | Bin 0 -> 1317 bytes tests/keys/client.fp | 1 + tests/keys/client.key | 51 ++++++++++++++++ tests/keys/client.pem | 30 +++++++++ tests/keys/localhost.crt | 30 +++++++++ tests/keys/localhost.fp | 1 + tests/keys/localhost.key | 51 ++++++++++++++++ tests/keys/localhost.pem | 30 +++++++++ tests/keys/parseca.crt | 30 +++++++++ tests/keys/parseca.fp | 1 + tests/keys/parseca.key | 51 ++++++++++++++++ tests/keys/parseca.pem | 30 +++++++++ tests/keys/parseca.srl | 1 + tests/server.js | 105 ++++++++++++++++++++++++++++++-- 19 files changed, 568 insertions(+), 5 deletions(-) create mode 100755 tests/gencerts.sh create mode 100644 tests/keys/client-copy.pem create mode 100644 tests/keys/client.crt create mode 100644 tests/keys/client.der create mode 100644 tests/keys/client.fp create mode 100644 tests/keys/client.key create mode 100644 tests/keys/client.pem create mode 100644 tests/keys/localhost.crt create mode 100644 tests/keys/localhost.fp create mode 100644 tests/keys/localhost.key create mode 100644 tests/keys/localhost.pem create mode 100644 tests/keys/parseca.crt create mode 100644 tests/keys/parseca.fp create mode 100644 tests/keys/parseca.key create mode 100644 tests/keys/parseca.pem create mode 100644 tests/keys/parseca.srl diff --git a/tests/Parse/Helper.php b/tests/Parse/Helper.php index 6294789e..b8f1d017 100644 --- a/tests/Parse/Helper.php +++ b/tests/Parse/Helper.php @@ -63,6 +63,8 @@ public static function setHttpClient() // default client set if (function_exists('curl_init')) { // cURL client + Helper::print("diamon lewis"); + ParseClient::setHttpClient(new ParseCurlHttpClient()); } else { // stream client @@ -105,4 +107,10 @@ public static function print($text) { fwrite(STDOUT, $text . "\n"); } + + public static function printArray($array) + { + var_dump($array); + ob_end_flush(); + } } diff --git a/tests/Parse/ParseClientTest.php b/tests/Parse/ParseClientTest.php index 2c697752..efdc31ed 100644 --- a/tests/Parse/ParseClientTest.php +++ b/tests/Parse/ParseClientTest.php @@ -667,4 +667,23 @@ public function testCheckBadServer() $this->assertTrue(isset($health['error_message'])); } } + + /** + * @group test-http-options + */ + public function testHttpOptions() + { + if (function_exists('curl_init')) { + // set a curl client + ParseClient::setHttpClient(new ParseCurlHttpClient()); + echo dirname(__DIR__).'/keys/client.crt'; + ParseClient::setCAFile(dirname(__DIR__).'/keys/client.crt'); + ParseClient::setServerURL('https://localhost:1338', 'parse'); + $health = ParseClient::getServerHealth(); + Helper::printArray($health); + $this->assertNotNull($health); + $this->assertEquals($health['status'], 200); + $this->assertEquals($health['response']['status'], 'ok'); + } + } } diff --git a/tests/gencerts.sh b/tests/gencerts.sh new file mode 100755 index 00000000..a02fa704 --- /dev/null +++ b/tests/gencerts.sh @@ -0,0 +1,74 @@ +#!/bin/bash +# https://gist.github.com/ryankurte/bc0d8cff6e73a6bb1950 +# ./gencerts.sh parseca localhost parsephp keys/ +# ./gencerts.sh parseca client parsephp keys/ + +set -e + +if [ "$#" -ne 3 ] && [ "$#" -ne 4 ]; then + echo "Usage: $0 CA NAME ORG" + echo "CA - name of fake CA" + echo "NAME - name of fake client" + echo "ORG - organisation for both" + echo "[DIR] - directory for cert output" + exit +fi + +CA=$1 +NAME=$2 +ORG=$3 + +if [ -z "$4" ]; then + DIR=./ +else + DIR=$4 +fi + +if [ ! -d "$DIR" ]; then + mkdir -p $DIR +fi + +LENGTH=4096 +DAYS=1000 + +SUBJECT=/C=NZ/ST=AKL/L=Auckland/O=$ORG + +if [ ! -f "$DIR/$CA.key" ]; then + + echo Generating CA + openssl genrsa -out $DIR/$CA.key $LENGTH + + echo Signing CA + openssl req -x509 -new -nodes -key $DIR/$CA.key -sha256 -days 1024 -out $DIR/$CA.crt -subj $SUBJECT/CN=$CA + + openssl x509 -in $DIR/$CA.crt -out $DIR/$CA.pem -text + openssl x509 -sha1 -noout -in $DIR/$CA.pem -fingerprint | sed 's/SHA1 Fingerprint=//g' >> $DIR/$CA.fp + +else + echo Located existing CA +fi + +if [ ! -f "$DIR/$NAME.key" ]; then + +echo Generating keys +openssl genrsa -out $DIR/$NAME.key $LENGTH + +echo Generating CSR +openssl req -new -out $DIR/$NAME.csr -key $DIR/$NAME.key -subj $SUBJECT/CN=$NAME + +echo Signing cert +openssl x509 -req -days $DAYS -in $DIR/$NAME.csr -out $DIR/$NAME.crt -CA $DIR/$CA.crt -CAkey $DIR/$CA.key -CAcreateserial + +echo Generating PEM +openssl x509 -in $DIR/$NAME.crt -out $DIR/$NAME.pem -text + +openssl x509 -sha1 -noout -in $DIR/$NAME.pem -fingerprint | sed 's/SHA1 Fingerprint=//g' > $DIR/$NAME.fp + +echo Cleaning Up +rm $DIR/*.csr + +else + echo Located existing client certificate +fi + +echo Done diff --git a/tests/keys/client-copy.pem b/tests/keys/client-copy.pem new file mode 100644 index 00000000..761f775e --- /dev/null +++ b/tests/keys/client-copy.pem @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFITCCAwkCCQDEwoQengRnzDANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJO +WjEMMAoGA1UECAwDQUtMMREwDwYDVQQHDAhBdWNrbGFuZDERMA8GA1UECgwIcGFy +c2VwaHAxEDAOBgNVBAMMB3BhcnNlY2EwHhcNMjMwNTEyMjA0MzAzWhcNMjYwMjA1 +MjA0MzAzWjBSMQswCQYDVQQGEwJOWjEMMAoGA1UECAwDQUtMMREwDwYDVQQHDAhB +dWNrbGFuZDERMA8GA1UECgwIcGFyc2VwaHAxDzANBgNVBAMMBmNsaWVudDCCAiIw +DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMlKDLogZSNxm5S4h97XM8A1+MsP +RaK15g8ebVEP7OGrwX1bvLVis0U/ixwHs0mqjQ9tbuefMZyiRgdds+8tpRCCuqGo +dwSk8YMmOlrF5xIpBT2cXJLhGvDyY0F0RLFZYBoioTYFth4i91DkzhmBaL6vjyB7 +dXduR1JQbzTpQHkhofPziQsNtinf8qBqLbH1dFaqwUUEgtsKJyaPlxJR21TF3Fv+ +2K/fmoyzP6Er7eUSCvJRRH1hCwzHxl7GqTKyQeaS1RLdrHYqZmSeiJpxwl8uSdBs +x4y8wG4lhRdantCCANlTwLd7zPiuIu+RBP276o2+02K8my9N2STZUgHXefSoNx4M +alYujKBUV+2qmhR9H2HlUB/C/h5Sb8PSlfWyD/bo3+agyw/1+9rfMUYCmiEtdik7 +amoBaahoqAHL8S3K19L0ytWkgFejSMzn+i4VDifnwupXHifDL7CPDX0vevFNDvC7 +HMLkBWmkNaTduDL5P3ximtIXE7akhK+ufiNoO3KLItenCENxCzUdNdDHguei2U5E +vhTyaTmIIrkUGxQ+aVDXRF2njAeQNMdTjsCAiiSN1corYX8RXvNo8QZQUEaHG42u +O6Yolsw8EZotbpExo1jbiDlI2pVIuwJdtaDCucPN/X6uZ8odGQ0LUeyTBYda/1OG +VIQzPZnxSHzqPzuZAgMBAAEwDQYJKoZIhvcNAQELBQADggIBAHOLgs6FLIv+Vvpx +fNtwabgOI2JxkFwaAujwWJS10tmczJp9qZilOlVBBhDFRBwBKqAaanHKCYkEfP6u +dgC8RMOOYOb0gk6Tj3+zhvM4Qz+n8Cn2fA2+EtFXTKyMfJHuG/zddTLep2Phh9c9 +t5s/8aHAuqM9RGiA66V7mJiR9G5E8cNpyHniCh8Z11kABPMzAy92LyEGUlRwCrWx +fCwItnzY2/7J8IW20rPIpb0EWmYHhxkUUzu7APQgvJpAUTdhmVKb9GLCUyY+oICE +1WrnV9OQiqYVGFQkry9FXyKbsLVM6b6ar8DIXpYTYnd11sqFdiUUo4oItYYrO/1O +0Bt0PX6hWYjR4r7ZT23KWAHZdlU4EFfrLJeZ6HDeYttJF68x9s8RZGgVU9Xlb/7X +KGRVyCWI7aWzvI1lBVAnc7b7B9LrIkdHnYDt/ettmRvI/zZRBh73T7EPOQB7bEzP +M8BXfAr/+qa2ToBWNd9AJrw7rg+OWGD801iXqsREyLr15nRIR12mGdKuyMkfghk1 +9J1Sd0fkfB2ci7Rn3afRdKksGuADQ2fvYihw0lALOPzSq/FYRqZBzwv9Qmw43CKd +euEPcCfT7VYY47lmfFfKBcVv8d7NiJZRGkIUYUxS/UAsrLiBCgRkaUACcbLok7sJ +jrdaTDx4EZu93dmJbEozNO6dRiLb +-----END CERTIFICATE----- diff --git a/tests/keys/client.crt b/tests/keys/client.crt new file mode 100644 index 00000000..761f775e --- /dev/null +++ b/tests/keys/client.crt @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFITCCAwkCCQDEwoQengRnzDANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJO +WjEMMAoGA1UECAwDQUtMMREwDwYDVQQHDAhBdWNrbGFuZDERMA8GA1UECgwIcGFy +c2VwaHAxEDAOBgNVBAMMB3BhcnNlY2EwHhcNMjMwNTEyMjA0MzAzWhcNMjYwMjA1 +MjA0MzAzWjBSMQswCQYDVQQGEwJOWjEMMAoGA1UECAwDQUtMMREwDwYDVQQHDAhB +dWNrbGFuZDERMA8GA1UECgwIcGFyc2VwaHAxDzANBgNVBAMMBmNsaWVudDCCAiIw +DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMlKDLogZSNxm5S4h97XM8A1+MsP +RaK15g8ebVEP7OGrwX1bvLVis0U/ixwHs0mqjQ9tbuefMZyiRgdds+8tpRCCuqGo +dwSk8YMmOlrF5xIpBT2cXJLhGvDyY0F0RLFZYBoioTYFth4i91DkzhmBaL6vjyB7 +dXduR1JQbzTpQHkhofPziQsNtinf8qBqLbH1dFaqwUUEgtsKJyaPlxJR21TF3Fv+ +2K/fmoyzP6Er7eUSCvJRRH1hCwzHxl7GqTKyQeaS1RLdrHYqZmSeiJpxwl8uSdBs +x4y8wG4lhRdantCCANlTwLd7zPiuIu+RBP276o2+02K8my9N2STZUgHXefSoNx4M +alYujKBUV+2qmhR9H2HlUB/C/h5Sb8PSlfWyD/bo3+agyw/1+9rfMUYCmiEtdik7 +amoBaahoqAHL8S3K19L0ytWkgFejSMzn+i4VDifnwupXHifDL7CPDX0vevFNDvC7 +HMLkBWmkNaTduDL5P3ximtIXE7akhK+ufiNoO3KLItenCENxCzUdNdDHguei2U5E +vhTyaTmIIrkUGxQ+aVDXRF2njAeQNMdTjsCAiiSN1corYX8RXvNo8QZQUEaHG42u +O6Yolsw8EZotbpExo1jbiDlI2pVIuwJdtaDCucPN/X6uZ8odGQ0LUeyTBYda/1OG +VIQzPZnxSHzqPzuZAgMBAAEwDQYJKoZIhvcNAQELBQADggIBAHOLgs6FLIv+Vvpx +fNtwabgOI2JxkFwaAujwWJS10tmczJp9qZilOlVBBhDFRBwBKqAaanHKCYkEfP6u +dgC8RMOOYOb0gk6Tj3+zhvM4Qz+n8Cn2fA2+EtFXTKyMfJHuG/zddTLep2Phh9c9 +t5s/8aHAuqM9RGiA66V7mJiR9G5E8cNpyHniCh8Z11kABPMzAy92LyEGUlRwCrWx +fCwItnzY2/7J8IW20rPIpb0EWmYHhxkUUzu7APQgvJpAUTdhmVKb9GLCUyY+oICE +1WrnV9OQiqYVGFQkry9FXyKbsLVM6b6ar8DIXpYTYnd11sqFdiUUo4oItYYrO/1O +0Bt0PX6hWYjR4r7ZT23KWAHZdlU4EFfrLJeZ6HDeYttJF68x9s8RZGgVU9Xlb/7X +KGRVyCWI7aWzvI1lBVAnc7b7B9LrIkdHnYDt/ettmRvI/zZRBh73T7EPOQB7bEzP +M8BXfAr/+qa2ToBWNd9AJrw7rg+OWGD801iXqsREyLr15nRIR12mGdKuyMkfghk1 +9J1Sd0fkfB2ci7Rn3afRdKksGuADQ2fvYihw0lALOPzSq/FYRqZBzwv9Qmw43CKd +euEPcCfT7VYY47lmfFfKBcVv8d7NiJZRGkIUYUxS/UAsrLiBCgRkaUACcbLok7sJ +jrdaTDx4EZu93dmJbEozNO6dRiLb +-----END CERTIFICATE----- diff --git a/tests/keys/client.der b/tests/keys/client.der new file mode 100644 index 0000000000000000000000000000000000000000..e5aed7bbfe029263c936b82adadf9109b1a85f90 GIT binary patch literal 1317 zcmXqLVpTL~V&-JxWH@rDMQ$ET`WXXWHcqWJkGAi;jEvl@3T--~*{*=3xg5 zB_|rliSrs68<-jz85x)u8yH6cxn>4N2BuK1K@jDZ@&i2rwv;V7Co?s##Gr{u3E6Lq ztPIReO#BQ$aW1ANCPs#nUOc-LQk4s5PubCa@4E2;(;uh#T^DVA#xIu}$p7Zy>Vvh> zd$uNRcD3)8Vc+bzs+T`E@A-VgIg8xbV>iFoT`JJDYvGD=mL(sX)vTh9J{QttwVe|) z>7mqzPsxrYE*m2gq?8t#v2K%7`X2D)oMdChzV-bI)urWm?m+?hCNCW-6&HT~+{w+m zP4oVz1zEZqzm|lpI_S#Mbel_Et$(^u;O&s3ccTB@Sbu+3&u06D+Hao^YF9+A1D3??My9&ENyutIzyc zr}Taz%irCvdiPyU+A~|<_om9tAja#JUsjmQ@nnVR^(+Vpf4gdyNUeP0(*XHH|Kx)5 z4_})4brb)$7x$knIL-g{_pSSeZcMWjb;~rZv$7a7S7fYUJpEDk)b&eWPF-En5Wd*s z%=2G*qI~Ml54{SPQ$MV~p`W)_zv`ne--q2Yhn}!zE-_tlcZbnW`JBy(oPX+5xdNQ>n^d&d)OzK91re0 z(9osQd-ardV!dG8=ZueR0Re99(!J}fmuXBpVfC|J#I zK|{;ctmomECv+_nl?YK;ukRYKG<(BVpO^b)tv_%gZkljXdFi!Nt!1hri@P|swrN}c z^}8TlVq3Q`vg6{TeK-AcPem}^EDN;|2!E|JedddTdr7xF#n&5tJ1>}$AsT%3Y5u?K z8Y!VCR6E`--Mptal{G-Uc-wFGORtsO-RCyE{rft1ru2#bW`S&S-~Bi8TQXGV_?$OB z5MIOe|JSl@ehp!!_Z`&sSg+&ni%9r$Ib!;%BQ7U)eSKEq;U2q8^3u8!C*_+YO~1?y zDtCWUBRi*iOZwgA7fV*^NIhV7PJf@IQE(}M+v3lq)gL3=mN}m1{_B)uaYt!x)kFRQ z^~-O=Bp&Zfs|i2FdNlvzy|W$D0;QZp5`BXHI_Rv~(a6P;lIg%yxaq~@-JE^fqkL>C U1ZVHPd$Tjg%h=@ITsNiL0CkEkp8x;= literal 0 HcmV?d00001 diff --git a/tests/keys/client.fp b/tests/keys/client.fp new file mode 100644 index 00000000..61543623 --- /dev/null +++ b/tests/keys/client.fp @@ -0,0 +1 @@ +D7:10:BE:24:E6:85:A2:F8:79:F8:36:EF:42:A0:EC:B3:EC:93:C2:FB diff --git a/tests/keys/client.key b/tests/keys/client.key new file mode 100644 index 00000000..458e1994 --- /dev/null +++ b/tests/keys/client.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJJwIBAAKCAgEAyUoMuiBlI3GblLiH3tczwDX4yw9ForXmDx5tUQ/s4avBfVu8 +tWKzRT+LHAezSaqND21u558xnKJGB12z7y2lEIK6oah3BKTxgyY6WsXnEikFPZxc +kuEa8PJjQXREsVlgGiKhNgW2HiL3UOTOGYFovq+PIHt1d25HUlBvNOlAeSGh8/OJ +Cw22Kd/yoGotsfV0VqrBRQSC2wonJo+XElHbVMXcW/7Yr9+ajLM/oSvt5RIK8lFE +fWELDMfGXsapMrJB5pLVEt2sdipmZJ6ImnHCXy5J0GzHjLzAbiWFF1qe0IIA2VPA +t3vM+K4i75EE/bvqjb7TYrybL03ZJNlSAdd59Kg3HgxqVi6MoFRX7aqaFH0fYeVQ +H8L+HlJvw9KV9bIP9ujf5qDLD/X72t8xRgKaIS12KTtqagFpqGioAcvxLcrX0vTK +1aSAV6NIzOf6LhUOJ+fC6lceJ8MvsI8NfS968U0O8LscwuQFaaQ1pN24Mvk/fGKa +0hcTtqSEr65+I2g7cosi16cIQ3ELNR010MeC56LZTkS+FPJpOYgiuRQbFD5pUNdE +XaeMB5A0x1OOwICKJI3VyithfxFe82jxBlBQRocbja47piiWzDwRmi1ukTGjWNuI +OUjalUi7Al21oMK5w839fq5nyh0ZDQtR7JMFh1r/U4ZUhDM9mfFIfOo/O5kCAwEA +AQKCAgB9ZG3NPQUEMW+UE+hAP5tzb6vPA3KDzADHBlNfHiaY5qAgcZd6/0NiLhWA +nqNnjqFVLPzbuWX0h3pMeGjw5GRhhq6wqfuKnx38b0IG7iXmQDuNh+x7a1OXKcf/ +LGjmeiDN5yi6OJCc8XdTo1Vouh8AOulUeNRSVBaGBqlgMrYBP5xeFiYXBrGmIGZK +3BofNCMHIlRHpGnH/ekpsmWP+gJCKwf9HyLpXMgwQjGvO2h1POoozct2t49kpMbE +n8kjVbyL4IhvujwHWJ50q/W5EIjfNjyxZDJjT+ooM6NXSxKIHZRdzjjNlIe5mvEU +gCi1z+xr5KZWadvaegp9VAwsLYlAbrFjpUY1gh5jEWmereVdAQI6io0m6lSkAIPC +e7OjV08Hv8rsLbnc8OroJ1YYsDiRnYjASGTgUlYXgZ/GOzrx16NP9Xx/fLXDcry5 +/FayKwQ6rNE56+UzwBZisUHFQTaj854ljqT14my0pSkBUJqWu/J8sMoWtCCu31gp +via9/3Cb/+0Pvc3ShDgGEt+ulf962tcVR48mbG/rWLvMgTzbpr4+qrHDEPe0fL3/ +p5awpvMQOTr1y/inhf4aOkZgQH83e2072mCvgNDZ6eW5AmCtVEVVP8erWQ9MI2ky +HZY8/i0vs0icbqqmA9M4vnJWuQsgOmB/XIwajmnuP9/OnjfrIQKCAQEA7b/wm0+q +LveojHoKvL3vByb+MmY6UZV8kPx2R8r2wYjFXaXN3+PIjUTpeaPM5Os+yPfBlzs2 +T17ySnc7WQsj/RIgTx0fOdARjnopMR8av6RUpgShF69Kb3U7VXiLcEoApJGbg9QV +CSae4f40DzN3ou8kIR+LCRrYSSv1bkrFwRVSgTP/gqLbVWn4/HJN93+Sem8tHmqd +o85/zFEKiVMQqR46amLNh1+ntvLSNi5noETj5y3T/8MYjuPs7GAMrywg77cR06YS +MvT4MFaXfpo7Yg9/lN9jRfTASTiNo1jQd8lSt29HSId/rvZ9F25BQuF8QlEQZj7J +Io94D5frKlUDfQKCAQEA2L2eS1tKdvkgKgIt+kmvws0p0TCLECSut0GL39uk0FU8 +aWmAgFrAppsFGNzYWbv3NcN7YuN2UX+YQnBIqyZ3paI7/dOa/pbwnGy9XdXUh6zi +T+CueNBSty2HjLNqcrQ/90v6AAZfE3oOR8fcMq8svgh0oM0PjyYI+81z3lo9+SA1 +lLfHW1qIFli+80qebg38t27OeaiRzw9bwniexYPSpozoF8Zmj2UWnml/Ma2ZME8j +2t6YrwiJzwIdrC5JVbKc8Le/iksSjUA98zpFacFjNhVwLNtbUWAf5rUmV3Y312XJ +9qL8cnXmo2bLYv79Hz6I2TGH4Zim8jPT/ZFtR7sbTQKCAQBCPCD6A92zrAdm63Em +V/vJkFFtFRHWPMExW0RQh/jqvgHOLy0F3N24jaRF4R5qACfDsVJboYFl51u05za/ +fd0O2gfqQoC6iH77pIjpSHMZRNzYS53djVY9avmWvDiMlfFL58zdky4xGHNXHoy+ +V2ZTHDCCkdkYNkRfTkHX8jjZq+kKWcQrTtewGg/ltKqH8yCJv4NgX+9+/T6ZW1KG +I4AWvXckwFXmCv4cd9Wchp0UB10+wIO5U076MAGHcNLX0oFyhxwOTMvxKlIilV0r +RiiZDxxKC1oK2T7gp0K+aTXayVmkBPpk+GrYAY+kAXFpAoytpQvekEtUt4eJQJeh +eYG5AoIBAFpayjfOCgAJIVCB8hrqRxxlnS45F3AWasO4zo/3KAE112Z2dfyMWM3b +yEcyIftesdM2+CQkgTm+gIIJ/zFiavSg6nOJmI7T6+C6MEODFgOtnfcAyptQ9Xqp +v113mkPRQu1cPg9umIotEvD3r6NthbB/I+e5NOhPSeV3I/upETbfJ5ck+jXqSttO +CeSw0dU9fYIW7nqnPInedDlhQYdDyjhme4cVzcGvubs2bbEPFtKd22ut6mbln1Wu +IyKZdTcFrAlqAK6tV0GNa4YPX8qTtUFhtI7ur2YANaxfDmndva/NHmH0Vlt9LTYn +b1iIxosU7cXlsSjqE4ba9mA6FR2XMe0CggEAFCrg/EhBXX8sagXGGXt7Hp1ozpBJ +EqY4xj1KSDPGNh1x1sOJP7MYIg+Sa8AxVRH+T6VBcXBuyxy3FtNH4iRpKzE5Kept +Jdxglsfo5EGqCNsIh45xa1owHiHr3/p2VpASiPy0OsvM4zDWCNffyz0i3wM4NvRb +sVYi/eQtbML2+Ro8e3eW8f3SRbrKahQX+vMg+d3+BddX6GuPd+RE5qdIkQQhvugj +4oOR1Gx1ktv//ex4T2LkEGm0c2TLrlmFdOGPURbFIVeqLT26KJ6PdeMaVHvCkwAX +4krazNZR4HTOLAL5iWx74xr7uGz8Z3My34laVpTaS6YONX9mW7cfT8U2ww== +-----END RSA PRIVATE KEY----- diff --git a/tests/keys/client.pem b/tests/keys/client.pem new file mode 100644 index 00000000..761f775e --- /dev/null +++ b/tests/keys/client.pem @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFITCCAwkCCQDEwoQengRnzDANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJO +WjEMMAoGA1UECAwDQUtMMREwDwYDVQQHDAhBdWNrbGFuZDERMA8GA1UECgwIcGFy +c2VwaHAxEDAOBgNVBAMMB3BhcnNlY2EwHhcNMjMwNTEyMjA0MzAzWhcNMjYwMjA1 +MjA0MzAzWjBSMQswCQYDVQQGEwJOWjEMMAoGA1UECAwDQUtMMREwDwYDVQQHDAhB +dWNrbGFuZDERMA8GA1UECgwIcGFyc2VwaHAxDzANBgNVBAMMBmNsaWVudDCCAiIw +DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMlKDLogZSNxm5S4h97XM8A1+MsP +RaK15g8ebVEP7OGrwX1bvLVis0U/ixwHs0mqjQ9tbuefMZyiRgdds+8tpRCCuqGo +dwSk8YMmOlrF5xIpBT2cXJLhGvDyY0F0RLFZYBoioTYFth4i91DkzhmBaL6vjyB7 +dXduR1JQbzTpQHkhofPziQsNtinf8qBqLbH1dFaqwUUEgtsKJyaPlxJR21TF3Fv+ +2K/fmoyzP6Er7eUSCvJRRH1hCwzHxl7GqTKyQeaS1RLdrHYqZmSeiJpxwl8uSdBs +x4y8wG4lhRdantCCANlTwLd7zPiuIu+RBP276o2+02K8my9N2STZUgHXefSoNx4M +alYujKBUV+2qmhR9H2HlUB/C/h5Sb8PSlfWyD/bo3+agyw/1+9rfMUYCmiEtdik7 +amoBaahoqAHL8S3K19L0ytWkgFejSMzn+i4VDifnwupXHifDL7CPDX0vevFNDvC7 +HMLkBWmkNaTduDL5P3ximtIXE7akhK+ufiNoO3KLItenCENxCzUdNdDHguei2U5E +vhTyaTmIIrkUGxQ+aVDXRF2njAeQNMdTjsCAiiSN1corYX8RXvNo8QZQUEaHG42u +O6Yolsw8EZotbpExo1jbiDlI2pVIuwJdtaDCucPN/X6uZ8odGQ0LUeyTBYda/1OG +VIQzPZnxSHzqPzuZAgMBAAEwDQYJKoZIhvcNAQELBQADggIBAHOLgs6FLIv+Vvpx +fNtwabgOI2JxkFwaAujwWJS10tmczJp9qZilOlVBBhDFRBwBKqAaanHKCYkEfP6u +dgC8RMOOYOb0gk6Tj3+zhvM4Qz+n8Cn2fA2+EtFXTKyMfJHuG/zddTLep2Phh9c9 +t5s/8aHAuqM9RGiA66V7mJiR9G5E8cNpyHniCh8Z11kABPMzAy92LyEGUlRwCrWx +fCwItnzY2/7J8IW20rPIpb0EWmYHhxkUUzu7APQgvJpAUTdhmVKb9GLCUyY+oICE +1WrnV9OQiqYVGFQkry9FXyKbsLVM6b6ar8DIXpYTYnd11sqFdiUUo4oItYYrO/1O +0Bt0PX6hWYjR4r7ZT23KWAHZdlU4EFfrLJeZ6HDeYttJF68x9s8RZGgVU9Xlb/7X +KGRVyCWI7aWzvI1lBVAnc7b7B9LrIkdHnYDt/ettmRvI/zZRBh73T7EPOQB7bEzP +M8BXfAr/+qa2ToBWNd9AJrw7rg+OWGD801iXqsREyLr15nRIR12mGdKuyMkfghk1 +9J1Sd0fkfB2ci7Rn3afRdKksGuADQ2fvYihw0lALOPzSq/FYRqZBzwv9Qmw43CKd +euEPcCfT7VYY47lmfFfKBcVv8d7NiJZRGkIUYUxS/UAsrLiBCgRkaUACcbLok7sJ +jrdaTDx4EZu93dmJbEozNO6dRiLb +-----END CERTIFICATE----- diff --git a/tests/keys/localhost.crt b/tests/keys/localhost.crt new file mode 100644 index 00000000..86af6e0e --- /dev/null +++ b/tests/keys/localhost.crt @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFJDCCAwwCCQDEwoQengRnyzANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJO +WjEMMAoGA1UECAwDQUtMMREwDwYDVQQHDAhBdWNrbGFuZDERMA8GA1UECgwIcGFy +c2VwaHAxEDAOBgNVBAMMB3BhcnNlY2EwHhcNMjMwNTEyMjA0MjQ0WhcNMjYwMjA1 +MjA0MjQ0WjBVMQswCQYDVQQGEwJOWjEMMAoGA1UECAwDQUtMMREwDwYDVQQHDAhB +dWNrbGFuZDERMA8GA1UECgwIcGFyc2VwaHAxEjAQBgNVBAMMCWxvY2FsaG9zdDCC +AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANhB+NiGfXAgK4yJKdJEU9gC +kBUVwTmEVYIbHjK/HuWxbDIeVAHMSM1CWFZm72zfcGiLQ2vzqSNQ2mCGpefRlKGG +E5ch/HPDqeEKb/Qm+UnQTyMjKOMWckNEzqhilOiMHGR0hb6h5givz8aQ7kjp3ELm +RWaBWJ1rBizooB3fEDAdGtEEIDiq/i2/sSRcFmOeVYJ8ynIJ2/SmqF3KttQAZnuv +tFRGD+7C+loyxz+vCbAIkl1Smwj3ZsTKfGYGoSQA7Z7QVLzee7QgGmHCWiRmvKxX +ZfaW27SE7xokw68Dx84FeFYeUTXZugCLFtcHQ/M7enZsfUNjfGqFE88piKXTDgXa +qqCGKTqUhWYjnvH8AmiSbzUWYCJ+YtAY7wO7IdjrVzPh8pnCRXKefM2xJEJhDbSg +5lWkla7rJQfvKXuRlyiKonyI5hIYFwzgwPPoz+TKPLRltyzmPdmNshBN8USXOd3Q +5vG9JWSM2pP/l5UUusRRA2SrDEsud004mnQeCh1IHbF+srudSHQKPyxYOdc/WzUV +yy+RN53N1VG9JkH60t3Dg0rYiC+wilqS2G56MbgrSN4HTldmcGebzJMIdFpNSKLJ +uI886kgefd90OdsPqSI8rjPrEVAyL06w7P19/baWyyRlDQL3Do5uvMRk2YGHK2Ej +malB6uq4MatqOWXoroYrAgMBAAEwDQYJKoZIhvcNAQELBQADggIBAJnoVzVRxyQF +qUchsTRZZFfPXZI3n6Xn1wI/U5YIUyOODbTLn35c99G/sCbECFmciBZKXLvmiBn0 +tGYphpFFLT+qHtrYn4a29LFCsYDMlmfSJPQ0+V6FNpfqo2xPMDZ8sW+SVwx/PyNx +D/NyQ1+dZs5jKvVqyddU3e/jNG6hKIJF8rTfM5X2wp8RC55VGUeocWuPLCD9Ozmf +Xhv6J8Jv9LhkOl9BjudgpQ43so8mfa3InC/1SU/2kjSjc6hpWfyjErVz32Yf1QF0 +ceVgZJ4EoMVecZMFbo6b1cdlg3AoRvBEr0LpMwFWsEWicCPQjWg/wyJLRqhDIvoC +CWPGZrYsFilhHy9Cx7fOK7ZqLJK+dNbY5It7//TIZ364cTzUpYqfiv7lQ5Xp0c0h +9FiMCrFX4C3Su0UZfJjZ3KQTJfL0LnkwcvoT98RcNVPFT4Jgbe7thZPFHHZAAmag +5+2P9Xzz8OsNYUbGhDjd9Pq7gSiM4ZpJ2tc425qCZ2E84YqDYRtwZo3UIca7ktm0 +xckuoVQzxiIE/BhyL5+wL3NLTkgVjWh11XeiKn/h6BaOMj9QKTKc3RzLtqC57oVD +iMowJq80nQUUsU8I1GibfuLM+0ahcK8an5Lzdl0dS+43eKQLJWhpfBZNgFMfXDEe +o7eD8auY/MfkFWiUBpWGx7Grb/2a/z1q +-----END CERTIFICATE----- diff --git a/tests/keys/localhost.fp b/tests/keys/localhost.fp new file mode 100644 index 00000000..6de3a5bd --- /dev/null +++ b/tests/keys/localhost.fp @@ -0,0 +1 @@ +29:F3:66:76:EF:A0:CA:18:B5:B5:71:C6:14:45:80:04:4C:B2:89:C2 diff --git a/tests/keys/localhost.key b/tests/keys/localhost.key new file mode 100644 index 00000000..24f84196 --- /dev/null +++ b/tests/keys/localhost.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKQIBAAKCAgEA2EH42IZ9cCArjIkp0kRT2AKQFRXBOYRVghseMr8e5bFsMh5U +AcxIzUJYVmbvbN9waItDa/OpI1DaYIal59GUoYYTlyH8c8Op4Qpv9Cb5SdBPIyMo +4xZyQ0TOqGKU6IwcZHSFvqHmCK/PxpDuSOncQuZFZoFYnWsGLOigHd8QMB0a0QQg +OKr+Lb+xJFwWY55VgnzKcgnb9KaoXcq21ABme6+0VEYP7sL6WjLHP68JsAiSXVKb +CPdmxMp8ZgahJADtntBUvN57tCAaYcJaJGa8rFdl9pbbtITvGiTDrwPHzgV4Vh5R +Ndm6AIsW1wdD8zt6dmx9Q2N8aoUTzymIpdMOBdqqoIYpOpSFZiOe8fwCaJJvNRZg +In5i0BjvA7sh2OtXM+HymcJFcp58zbEkQmENtKDmVaSVruslB+8pe5GXKIqifIjm +EhgXDODA8+jP5Mo8tGW3LOY92Y2yEE3xRJc53dDm8b0lZIzak/+XlRS6xFEDZKsM +Sy53TTiadB4KHUgdsX6yu51IdAo/LFg51z9bNRXLL5E3nc3VUb0mQfrS3cODStiI +L7CKWpLYbnoxuCtI3gdOV2ZwZ5vMkwh0Wk1Iosm4jzzqSB5933Q52w+pIjyuM+sR +UDIvTrDs/X39tpbLJGUNAvcOjm68xGTZgYcrYSOZqUHq6rgxq2o5ZeiuhisCAwEA +AQKCAgEAqupZFigU8405XfT6DKjb6xj7bu6mrCKewhlUoJ7UeIzlCidWFaWy1Cbf +UkpAaDefy8BlJOiKgNLiBO/mJ3VIlvA0g3nk4El/9dAd80TqOSBdq1OaeP/AhtHW +0tY3AiPaPLqrCaNC/xKUkEbzTMUnw+fiacVImAGB+/ROt80YKi6WhyNPo/ngsZ+T +DT2KpGj7BApEpiSMpqsg3h/cp2k5lf+j8gb9iKKo4qjHONnKOkpMA13KEigWHOo7 +rxcGPEJPivj0P+FGu3Gz6BeGzsYzz7GzcFSCiAWYQ31S+vtt6rIADXAglwLhMpS7 +FG81kQMtInNT/PKf3kAXC9+zk/teVGYsqYvzQrtrxIMQlmrFK/GwlfMn7PqFLPPz +3Ex2JN6DX/2JPn3KX6kP8C3gnmPB/f4VrbbGbkVlClGHpsSz0lyBf7eWhDeXJsuQ +5r07NEVRhoL8UV/mwneEzrWLtegUbCBKO6dlhcUQ9VAzmCFTCGg2fdhKkDeXmjZJ +pJdIKnUm1lYXv9Ek7YJcDixSMWPRb1HSP8PBruIYTmjozR7bqrb7k9c+8cBuUZAE +En1LwauHm3YiYLdRRJQScGLW/NxczSJP165mvtKW87lgjo0vh0m9We/FQxvQYtYx +Hi3vnAjwVQqptzlelO8PqPzfl0kaBCMHfuX1hVG5fVa5dNUxTgECggEBAO6YBm0P +CiU1mulEuAklFYDuzvMsIGSwVPiFH/piHwuNLBkahv0SWj5gwTY8V2/1IAZLjTWA +gsbMlAnRWYIiIdDS8eTWqjWqIFzZuZ1ZD8X5yVqF1XEbYRE16HeR3aiQGP3/eIN6 +KxeaaG4LLJmom/h70yjiDnK/XeMk35C9cjPLH+7dgv4u41juejgWCtkSNpBQRF4D +Jzc2w2kr9O6HRIIpqVHjaqma9apsZFyfq+p5k/kY8WO9ToJhkrAQVXdBN/5ygpqn +emQcT+RbhXJirRj2PFPYIQWsijtCmfVZR9ngYK55tIic6jd6qyeXksBSe0Qi4bV3 +YltxJPalt46RUOsCggEBAOgIzCb/HGoZkMEjUXA/QEDJ2Ib472fgWYMj7ECbvQOr +l5sXKKkLA7f9FT+7FA+tmNqkDlaCD0dhkWtavb8PX86mGlKoFuWNX8y3lzjuIsTZ +vkg/dJ31cWW7w5ewss9gLzO0oC8Bz4m9EH90XcfceU6hW58vZQiLiunQJs4KxEeK +NBrnUijkZBNYpAIMXNkYNNpI/fOjPZK6jC/XomVvCcrCVoZfc5kc+T/bJ08QKjpR +oxITC0xLAp1EoDK2YbLFZe9eWz9cLp0SyUTC6fqE97GGU50ohhi+UihES53s9V43 +svQLy1yaQdU3bDDmBZZ2xiMZOA0/+fa0tRt38jV4T8ECggEAfJxBnuvf7JcWlQYi +6APKO1B+HVrKgEvn1PQSQ37DoBDXGzVTkxDmuPVnc6AIOpzXYPJMicjYhGOMXaRN +Dz4sUxgY5d+HfgegZ13/J0LAjjFrDDAhzbTy+T4ib3BrSAIaS24FzwUbRHSMXgzP ++mCpNRnWqt+FlECGFH/Jk5qd7pcD0ok2RPLQIj5K7sf0WnK8tJp3WnJjJN8hJ+ih +P4K+MQz5NZ+EsZgQ/jUmJYnvC8L7mXmBeQoB2u6C4hllyabyS54awBMARRDUWPvD +sn3+0a6oy1FxzbjTaSfbqNw8PnqFhBpkQ4VQfjE++qqbJn7tiiR9pXz4jbGGEJt0 +Rq12iQKCAQEAwR35VAeFjaTDfou3jxWFk6aq6QMstibaOTRfwBIeiXx6DKGEvNSm +/q3LzqQUeUwBaQ+bw1IyBzXkQxZd0DOqiKJkTCEMFXfJoOe4G7DPDUkwfo8ZrxIF +lCdnDcwJtmEWSBFwNE9sfPX3Uiz2lI4iBFh1mhJnI2qIbjtI4LnDTMtwvGeEUPZt +eFCRCAdkC2eDLZ4Mhod5irJqVLNCvOtimfeO7f1ph6i+pe/vUnVgv/MMJtHk2FWh +0mS4dBypSZHTWhsNFLnTLfXhv7H97PxX7s+erbF5kgRs+oiE6ua5/PWcolNiqSrV +2fBrwnLfebBXDgVCSnzRvQv/o+H7m5cLwQKCAQBSFkNRxHtBWyyeD34yXSCk99f3 +gZ7UKJGnfIytbVQdeGo6WfS+IJP8vzr8nVTD5RsLbc/FQ0ybdIjlyKfKd7YFrpZ5 +MsYcpzSTfWb8OjHW29t8BjECw7DGkatx9hXJEUAz7C7/G9dgWV7qEYfFNIsRmJNt +CKOMGy79bbwKu2/ylCHwTqUH+qsKzTbLUmzqOBj+4s5R211HFuHIvDjXkDtNe/Tc +dG6HVace5xHsXaB6J1zIh2t3lA4JHBnrlWaGzkjlSVNaGtvPX0tYX2NarIgcq7uw +WqfklFQxK9dL96Dl08G4wKixmveqUMdvFPKpDLcGSXqwEAG82XtH3wppCLJN +-----END RSA PRIVATE KEY----- diff --git a/tests/keys/localhost.pem b/tests/keys/localhost.pem new file mode 100644 index 00000000..86af6e0e --- /dev/null +++ b/tests/keys/localhost.pem @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFJDCCAwwCCQDEwoQengRnyzANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJO +WjEMMAoGA1UECAwDQUtMMREwDwYDVQQHDAhBdWNrbGFuZDERMA8GA1UECgwIcGFy +c2VwaHAxEDAOBgNVBAMMB3BhcnNlY2EwHhcNMjMwNTEyMjA0MjQ0WhcNMjYwMjA1 +MjA0MjQ0WjBVMQswCQYDVQQGEwJOWjEMMAoGA1UECAwDQUtMMREwDwYDVQQHDAhB +dWNrbGFuZDERMA8GA1UECgwIcGFyc2VwaHAxEjAQBgNVBAMMCWxvY2FsaG9zdDCC +AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANhB+NiGfXAgK4yJKdJEU9gC +kBUVwTmEVYIbHjK/HuWxbDIeVAHMSM1CWFZm72zfcGiLQ2vzqSNQ2mCGpefRlKGG +E5ch/HPDqeEKb/Qm+UnQTyMjKOMWckNEzqhilOiMHGR0hb6h5givz8aQ7kjp3ELm +RWaBWJ1rBizooB3fEDAdGtEEIDiq/i2/sSRcFmOeVYJ8ynIJ2/SmqF3KttQAZnuv +tFRGD+7C+loyxz+vCbAIkl1Smwj3ZsTKfGYGoSQA7Z7QVLzee7QgGmHCWiRmvKxX +ZfaW27SE7xokw68Dx84FeFYeUTXZugCLFtcHQ/M7enZsfUNjfGqFE88piKXTDgXa +qqCGKTqUhWYjnvH8AmiSbzUWYCJ+YtAY7wO7IdjrVzPh8pnCRXKefM2xJEJhDbSg +5lWkla7rJQfvKXuRlyiKonyI5hIYFwzgwPPoz+TKPLRltyzmPdmNshBN8USXOd3Q +5vG9JWSM2pP/l5UUusRRA2SrDEsud004mnQeCh1IHbF+srudSHQKPyxYOdc/WzUV +yy+RN53N1VG9JkH60t3Dg0rYiC+wilqS2G56MbgrSN4HTldmcGebzJMIdFpNSKLJ +uI886kgefd90OdsPqSI8rjPrEVAyL06w7P19/baWyyRlDQL3Do5uvMRk2YGHK2Ej +malB6uq4MatqOWXoroYrAgMBAAEwDQYJKoZIhvcNAQELBQADggIBAJnoVzVRxyQF +qUchsTRZZFfPXZI3n6Xn1wI/U5YIUyOODbTLn35c99G/sCbECFmciBZKXLvmiBn0 +tGYphpFFLT+qHtrYn4a29LFCsYDMlmfSJPQ0+V6FNpfqo2xPMDZ8sW+SVwx/PyNx +D/NyQ1+dZs5jKvVqyddU3e/jNG6hKIJF8rTfM5X2wp8RC55VGUeocWuPLCD9Ozmf +Xhv6J8Jv9LhkOl9BjudgpQ43so8mfa3InC/1SU/2kjSjc6hpWfyjErVz32Yf1QF0 +ceVgZJ4EoMVecZMFbo6b1cdlg3AoRvBEr0LpMwFWsEWicCPQjWg/wyJLRqhDIvoC +CWPGZrYsFilhHy9Cx7fOK7ZqLJK+dNbY5It7//TIZ364cTzUpYqfiv7lQ5Xp0c0h +9FiMCrFX4C3Su0UZfJjZ3KQTJfL0LnkwcvoT98RcNVPFT4Jgbe7thZPFHHZAAmag +5+2P9Xzz8OsNYUbGhDjd9Pq7gSiM4ZpJ2tc425qCZ2E84YqDYRtwZo3UIca7ktm0 +xckuoVQzxiIE/BhyL5+wL3NLTkgVjWh11XeiKn/h6BaOMj9QKTKc3RzLtqC57oVD +iMowJq80nQUUsU8I1GibfuLM+0ahcK8an5Lzdl0dS+43eKQLJWhpfBZNgFMfXDEe +o7eD8auY/MfkFWiUBpWGx7Grb/2a/z1q +-----END CERTIFICATE----- diff --git a/tests/keys/parseca.crt b/tests/keys/parseca.crt new file mode 100644 index 00000000..ba017aa8 --- /dev/null +++ b/tests/keys/parseca.crt @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFIjCCAwoCCQDSW4/JivGcBDANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJO +WjEMMAoGA1UECAwDQUtMMREwDwYDVQQHDAhBdWNrbGFuZDERMA8GA1UECgwIcGFy +c2VwaHAxEDAOBgNVBAMMB3BhcnNlY2EwHhcNMjMwNTEyMjA0MjQzWhcNMjYwMzAx +MjA0MjQzWjBTMQswCQYDVQQGEwJOWjEMMAoGA1UECAwDQUtMMREwDwYDVQQHDAhB +dWNrbGFuZDERMA8GA1UECgwIcGFyc2VwaHAxEDAOBgNVBAMMB3BhcnNlY2EwggIi +MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDWBtWQ37CZfah2JMbiW2m8CuW8 +BSVJhVZzHY70kmBzGdIOK2uv89/Edf0YLkY3I3OL/19KBl8vNcg7g9wEwAx6u02b +7foX/OukoPYrT6iNIKwpa9OVzYe8+RwVlSkoX0bQ6IGqFCRbDFmrXRItElyvaX9/ +fql1RRVjlA4AeCy8MFPW+OUtRsgCUaDTWUr2kTvn82YPcKtgCKaVlkxZ7aYYsYwj +xV6AHBb5/HPTadi1hEsSMe3DAm51cNCpcSMWakzFRddOc9na13D3RskBuGm8GAec +zSx38t7OLnTCKtI6PPxp0GWYrQSNtamvZM3i6fHMWHIyV6/siWWiJJipFmswjxWe +Hp9mmc1UFrmcJG/mVmvOsJPqjHkRwm6Vxi1b86RizbQ6mw6e+cQGn35WmcwzEf/V +uM3P382UXAaEjOB21ib9VsBPoJnwTollqDVOr6wLMn92sPTsNpLRPC9+mSDxemfj +z7JC5U0w2OgS3dOs82UkNNuDmnE1VuCcG0bdFpk1vOEk1weo47UJ4QnopxILAbER +c1eeoXZUhv1pAs3LbOR229DkCzijhWQgd+BoDUF3p/2M/528/a3W/vIcZMc9dx5B +qzG5VLhRSPkxs9K5YGYN7G+7OcdhyKNY9LklbOfUitGhdufXAO62b6XRtrE0dfNh +O1Z6yZHKGib5P+0TNQIDAQABMA0GCSqGSIb3DQEBCwUAA4ICAQBBeMaiptQT8teD +Q63CW7eYc6skvq8qOfB51sqr2NPcxMdLr/6yjtc5Ln2y23YWTB6JpWST0CeRpew3 +TRAjf264xd6EHDiiYqYhsrvQEnyHOtY43UEXeyE6tEP+8djgqvydAx9G+ok9L+IE +WlzeS5hegUaHcSQCRs5RdSKL9OvN/u7LNqDlcxTrz/cicNyjA5pQCAlbD/3cs/8+ +tmKMYN+iriAm/xKxzVfJsH6qvZZny/mi/8CG+DWqosQAX/GhWHp32l/C30HvAcDf +FF6r20h58PEfCHK2mQwPRzh2iNlKnCVYYcl5clYx7qPtpwKJyo7X/qeRkNOtnhtL +KahXHhBfeixYNiNMBK2lUgZ1QD3/0ARJZIYsjo/bLu9uECXrqxXC/HC/YzqgJj+H +AtPMCFTVxMDlPyMh6tFxgB6CV9SJ+/PKeXjvIaHKeHoSQtpKrgWk5ooh/Xxl2k1Y +4xGmvZQo1Rp0iIQSZ43sT8QQPw/BJSktxamhhn8ctk5sfOR9ctPk17Tru2tEMV2T +xAtmduoluSlxDodnAoUi6zCB4nxYhHhCuD3lDuUnmIbYxGwQCbPiiLWGDl3/6XKP +Fn76bLcFV3yqzwDtSwmIv7yxgF8WdA3F47BOXPqm7SxMtLYNEje65RgnwVHjq6ax +jTTWuHUVY9pjF76qCHv3PcjIyAdgvQ== +-----END CERTIFICATE----- diff --git a/tests/keys/parseca.fp b/tests/keys/parseca.fp new file mode 100644 index 00000000..f1678962 --- /dev/null +++ b/tests/keys/parseca.fp @@ -0,0 +1 @@ +AF:05:D0:A9:7C:97:BA:64:A0:E2:88:05:D8:9B:07:9C:4C:55:DD:60 diff --git a/tests/keys/parseca.key b/tests/keys/parseca.key new file mode 100644 index 00000000..df14941d --- /dev/null +++ b/tests/keys/parseca.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKQIBAAKCAgEA1gbVkN+wmX2odiTG4ltpvArlvAUlSYVWcx2O9JJgcxnSDitr +r/PfxHX9GC5GNyNzi/9fSgZfLzXIO4PcBMAMertNm+36F/zrpKD2K0+ojSCsKWvT +lc2HvPkcFZUpKF9G0OiBqhQkWwxZq10SLRJcr2l/f36pdUUVY5QOAHgsvDBT1vjl +LUbIAlGg01lK9pE75/NmD3CrYAimlZZMWe2mGLGMI8VegBwW+fxz02nYtYRLEjHt +wwJudXDQqXEjFmpMxUXXTnPZ2tdw90bJAbhpvBgHnM0sd/Lezi50wirSOjz8adBl +mK0EjbWpr2TN4unxzFhyMlev7IlloiSYqRZrMI8Vnh6fZpnNVBa5nCRv5lZrzrCT +6ox5EcJulcYtW/OkYs20OpsOnvnEBp9+VpnMMxH/1bjNz9/NlFwGhIzgdtYm/VbA +T6CZ8E6JZag1Tq+sCzJ/drD07DaS0Twvfpkg8Xpn48+yQuVNMNjoEt3TrPNlJDTb +g5pxNVbgnBtG3RaZNbzhJNcHqOO1CeEJ6KcSCwGxEXNXnqF2VIb9aQLNy2zkdtvQ +5As4o4VkIHfgaA1Bd6f9jP+dvP2t1v7yHGTHPXceQasxuVS4UUj5MbPSuWBmDexv +uznHYcijWPS5JWzn1IrRoXbn1wDutm+l0baxNHXzYTtWesmRyhom+T/tEzUCAwEA +AQKCAgEArIM7t5emSEIx/HCuYpveQTTjckcPhBBW21jy9o3Z8kzYtJUpKt0++6ND +Cy+ZZy5LH4gK7abvKCWIrPge6zFFndPFva73TEiQQ9V+NvDxYjf4rTZ9iJzvEVIV +4gul7iXF9fPDOC0eFMmCqY7ObMgFL1qw6zpUKvMxR196XcSAAnxNx9Q9Hd6UrtHO ++SxbMR1llRPqqv1dFX5DkAViq4XTwMmztM2M22RI3N0xGzKQ+9aTkCnwhKQ8FquF +dV59Mr8h/EzMPC9DZZMMOjSzJpDXoUYZNLloY5K/Jp/peux7IXgw2LWiforPRc4s +5PQyw/lf7h9IhO2LHvSsmCI5bulkIXmE0WxAObJt9hgC/cLtc5KMx5WDHoSbgwBX +PbmeUgRkpOALC6D1EwaVyf0pnFikEVXDzW740IKD21xQDHO+p6TQVdYlZjIX36u6 +oPg6lupxrKgENagVROEBoj12M+aIMbJMZ3HQciSl+rDlsmHehPAFBq80vZbArhCO +1Rx2V94djn4M9943MOJazCL6iDlVDYpNb5Et4GeldRJt1e3qWwokCwvAlXL0CEdh +dW3sTCbATLXainpGBySRMzSZYKtthqzDl5sM726q7Q5/B6Hbsi6gA5j2c1qTxeM3 +UjmLXObmIIAYPmqonM0Rn4bhMuHKQDjPUWqL2/z+wPqEsgYhh00CggEBAOyR1jg0 +m3f4g2yJmTfpmyM3F7JkoRnnclg8R1Cc0FCMv8fcmxO6DYrm9tDVYXt361qyzD8l +QOaM8WbHDD7mIMRjXO4t/zdcD8A1bP8rF1GJZd11KBjYjUCKBtduUM+KOca1FjY9 +qd4UyKx8N/eLQW5bkrpWBfRRJX9PcR56n7RDRge4MqTOSeZojlzjTSazerp4nN9L +qP/6LeJLsDaLmghYmLhur7fcGysOc+1dq5ZJKXjjPwOIxRMShRe33W/qlMPEZSIJ +d6mw1+ySWmW0YaoPI5RGOSPcZ6Yooa1k1IwKvBqbQRtGXKFQDBNPGziDZXZJF5lJ +IO9CPrFvx/8DVe8CggEBAOebAQvHNKtX9wq6ZADRxBGf/UuQtbBCvQLf4xK8bfIj +4v08X0hdf+zosxNdymXpCLigzC/B9vimWBpZL1nesk3+IueEL5DqyRj06PChRXXU +kYDJl7KSRiqoGSTJn781LpsOGgwKEG2dahfcpNoiS8PLtAfjOhEAdzITM9cNsNoh +pxggaY6VH5z4+vFqJJiR5l+3180TFJ/fMaPQCvEn9LTT9DL2CBeDdgDRLhjl3pdj +hm7X7fpLypZOOlPWZ0XcN60kSjYtm/WZwzNGyuUEgeRWroSt07W5qPYHcnkbSKcy +3cJ0GFHdlUV7cz4XEueqUlq49Lk8KGIxvZmHKzsILRsCggEAG1F7+2GX0nLQOmhp +WRuQ3rAt/FvCfstLWQUc9yIkrCiUvO+suMpzZebl+ZeqeieO9hpPm7shk34TIls5 +/sl0XzlaMeb94davuvJwc8b2GmRTbw9oYfYf2aQWxinnCxBbO6cNuZXFV+/ufHyb +uepK1AOfHgVxCpWUTu9NkMd4Sci6/Yk3z/BCeGj6h593+VAgjAgBlYeXLHgndEpp +PuNAFlakzCd8Ay9Xs9EncfGvLtuj/mG/lRjmKR2qYOLKn3HnW/QB+bw+JUpWpOsB +pVz/KjQ1V5oEXy/EiFuI0A0kvkc/EZN8ITou2DH2MwSfkBccUFyAbSMUuoxb0QGn +hrtL4QKCAQAsUcgQde1JQIsAnYxXb8yiRshUtnteIFdE/ozYYAB2DpH4PZ5KHcJG +Fn12HkOF3uMRWYvZM7fL+yDu4dQi0W+zZwdM4Emt5I/Y27zblzDQjH3PdEQ4Iq+U +qBgvpvmPwGCLwVYQqbhdEXtk148gQuHWtNtdiwjoiftFNNF9vJv0Ee6EumcYpsam +5io3GkWogHriJC8Cij0vHqnEHCKL5UZ5d/nJ6rS/syNYoq68ivheZegqu91JQUmi +G5QjyOp4PtzUoBYnafDnPaZR4KEg1Az7Ie9BanYR11ZSxjgMnsD3Zc9zz3175PgU +lLwHzKiMdlZOEAicjbt4luYeQ/Rs1nKzAoIBAQDoivPy96Zlci8WhdfX5GYVi4iq ++xmQKbVetIWza58zEd1dIMhliugk1WNH3ROwVAtZm7KdTtJiBdhzbXXtXlpJjP3e +avre816C6VtSEhp7tlHyKvitWLRIo4aLiWpoFnNgNcNz+q84KWeyPUFW7+So990G +n9Bl6Zp6smcCkSYAuRJMjZJin7j5n6dNS2HIvTwVizRmMK7HGLQtbYwSpL57H/7t +pTozvA9KzpLEvNPcFDG5p3l9wijLxUS3C4vY/FWhqDlHW9vvoSNFwOTdY6QlFfcf +WEU8P0UZM09d/ZfE0nGwuRK0gl41dmhLrt90SDgV62BuAoJ2S1m3ggSmrqyn +-----END RSA PRIVATE KEY----- diff --git a/tests/keys/parseca.pem b/tests/keys/parseca.pem new file mode 100644 index 00000000..ba017aa8 --- /dev/null +++ b/tests/keys/parseca.pem @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFIjCCAwoCCQDSW4/JivGcBDANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJO +WjEMMAoGA1UECAwDQUtMMREwDwYDVQQHDAhBdWNrbGFuZDERMA8GA1UECgwIcGFy +c2VwaHAxEDAOBgNVBAMMB3BhcnNlY2EwHhcNMjMwNTEyMjA0MjQzWhcNMjYwMzAx +MjA0MjQzWjBTMQswCQYDVQQGEwJOWjEMMAoGA1UECAwDQUtMMREwDwYDVQQHDAhB +dWNrbGFuZDERMA8GA1UECgwIcGFyc2VwaHAxEDAOBgNVBAMMB3BhcnNlY2EwggIi +MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDWBtWQ37CZfah2JMbiW2m8CuW8 +BSVJhVZzHY70kmBzGdIOK2uv89/Edf0YLkY3I3OL/19KBl8vNcg7g9wEwAx6u02b +7foX/OukoPYrT6iNIKwpa9OVzYe8+RwVlSkoX0bQ6IGqFCRbDFmrXRItElyvaX9/ +fql1RRVjlA4AeCy8MFPW+OUtRsgCUaDTWUr2kTvn82YPcKtgCKaVlkxZ7aYYsYwj +xV6AHBb5/HPTadi1hEsSMe3DAm51cNCpcSMWakzFRddOc9na13D3RskBuGm8GAec +zSx38t7OLnTCKtI6PPxp0GWYrQSNtamvZM3i6fHMWHIyV6/siWWiJJipFmswjxWe +Hp9mmc1UFrmcJG/mVmvOsJPqjHkRwm6Vxi1b86RizbQ6mw6e+cQGn35WmcwzEf/V +uM3P382UXAaEjOB21ib9VsBPoJnwTollqDVOr6wLMn92sPTsNpLRPC9+mSDxemfj +z7JC5U0w2OgS3dOs82UkNNuDmnE1VuCcG0bdFpk1vOEk1weo47UJ4QnopxILAbER +c1eeoXZUhv1pAs3LbOR229DkCzijhWQgd+BoDUF3p/2M/528/a3W/vIcZMc9dx5B +qzG5VLhRSPkxs9K5YGYN7G+7OcdhyKNY9LklbOfUitGhdufXAO62b6XRtrE0dfNh +O1Z6yZHKGib5P+0TNQIDAQABMA0GCSqGSIb3DQEBCwUAA4ICAQBBeMaiptQT8teD +Q63CW7eYc6skvq8qOfB51sqr2NPcxMdLr/6yjtc5Ln2y23YWTB6JpWST0CeRpew3 +TRAjf264xd6EHDiiYqYhsrvQEnyHOtY43UEXeyE6tEP+8djgqvydAx9G+ok9L+IE +WlzeS5hegUaHcSQCRs5RdSKL9OvN/u7LNqDlcxTrz/cicNyjA5pQCAlbD/3cs/8+ +tmKMYN+iriAm/xKxzVfJsH6qvZZny/mi/8CG+DWqosQAX/GhWHp32l/C30HvAcDf +FF6r20h58PEfCHK2mQwPRzh2iNlKnCVYYcl5clYx7qPtpwKJyo7X/qeRkNOtnhtL +KahXHhBfeixYNiNMBK2lUgZ1QD3/0ARJZIYsjo/bLu9uECXrqxXC/HC/YzqgJj+H +AtPMCFTVxMDlPyMh6tFxgB6CV9SJ+/PKeXjvIaHKeHoSQtpKrgWk5ooh/Xxl2k1Y +4xGmvZQo1Rp0iIQSZ43sT8QQPw/BJSktxamhhn8ctk5sfOR9ctPk17Tru2tEMV2T +xAtmduoluSlxDodnAoUi6zCB4nxYhHhCuD3lDuUnmIbYxGwQCbPiiLWGDl3/6XKP +Fn76bLcFV3yqzwDtSwmIv7yxgF8WdA3F47BOXPqm7SxMtLYNEje65RgnwVHjq6ax +jTTWuHUVY9pjF76qCHv3PcjIyAdgvQ== +-----END CERTIFICATE----- diff --git a/tests/keys/parseca.srl b/tests/keys/parseca.srl new file mode 100644 index 00000000..521cec7f --- /dev/null +++ b/tests/keys/parseca.srl @@ -0,0 +1 @@ +C4C2841E9E0467CC diff --git a/tests/server.js b/tests/server.js index 456b4d44..82f4101e 100644 --- a/tests/server.js +++ b/tests/server.js @@ -1,18 +1,21 @@ import express from 'express'; import { ParseServer } from 'parse-server'; import path from 'path'; +import fs from 'fs'; +import https from 'https'; +import http from 'http'; import emailAdapter from './MockEmailAdapter.js'; const app = express(); const __dirname = path.resolve(); -const server = new ParseServer({ +const parseServer = new ParseServer({ appName: "MyTestApp", appId: "app-id-here", masterKey: "master-key-here", restKey: "rest-api-key-here", databaseURI: "mongodb://localhost/test", cloud: __dirname + "/tests/cloud-code.js", - publicServerURL: "http://localhost:1337/parse", + publicServerURL: "https://localhost:1337/parse", logsFolder: path.resolve(process.cwd(), 'logs'), verbose: true, silent: true, @@ -46,12 +49,104 @@ const server = new ParseServer({ }, }); -await server.start(); +await parseServer.start(); // Serve the Parse API on the /parse URL prefix -app.use('/parse', server.app); +app.use('/parse', parseServer.app); const port = 1337; app.listen(port, function() { - console.error('[ parse-server-test running on port ' + port + ' ]'); + console.error('[ Parse Test Http Server running on port ' + port + ' ]'); +}); + +const options = { + port: process.env.PORT || 1338, + server_key: process.env.SERVER_KEY || __dirname + '/tests/keys/localhost.key', + server_crt: process.env.SERVER_CRT || __dirname + '/tests/keys/localhost.crt', + server_fp: process.env.SERVER_FP || __dirname + '/tests/keys/localhost.fp', + client_key: process.env.CLIENT_KEY || __dirname + '/tests/keys/client.key', + client_crt: process.env.CLIENT_CRT || __dirname + '/tests/keys/client.crt', + client_fp: process.env.CLIENT_FP || __dirname + '/tests/keys/client.fp', + ca: process.env.TLS_CA || __dirname + '/tests/keys/parseca.crt' +} + +// Load fingerprints +const clientFingerprints = [fs.readFileSync(options.server_fp).toString().replace('\n', '')]; + +// Configure server +const serverOptions = { + key: fs.readFileSync(options.server_key), + cert: fs.readFileSync(options.server_crt), + ca: fs.readFileSync(options.ca), + requestCert: true, + rejectUnauthorized: true +} + +function onRequest(req) { + console.log(new Date()+' '+ + req.connection.remoteAddress+' '+ + req.socket.getPeerCertificate().subject.CN+' '+ + req.method+' '+req.baseUrl); +} + +// Create TLS enabled server +const server = https.createServer(serverOptions, app); +// const server = http.createServer(app); +server.on('request', onRequest); + +// Start Server +server.listen(options.port, function() { + console.error('[ Parse Test Https Server running on port ' + options.port + ' ]'); +}); + +// Create TLS request +var requestOptions = { + hostname: 'localhost', + port: options.port, + path: '/parse/health', + method: 'GET', + key: fs.readFileSync(options.client_key), + cert: fs.readFileSync(options.client_crt), + ca: fs.readFileSync(options.ca), + requestCert: true, + rejectUnauthorized: true, + maxCachedSessions: 0, + headers: { + 'Content-Type': 'application/json', + 'X-Parse-Application-Id': 'app-id-here', + 'X-Parse-Master-Key': 'master-key-here', + 'X-Parse-REST-API-Key': 'rest-api-key-here', + } +}; + +// Create agent (required for custom trust list) +requestOptions.agent = new https.Agent(requestOptions); + +var req = https.request(requestOptions, (res) => { + console.log('statusCode:', res.statusCode); +}); +req.end(); + +// Pin server certs +req.on('socket', socket => { + socket.on('secureConnect', () => { + var fingerprint = socket.getPeerCertificate().fingerprint; + + // Check if certificate is valid + if(socket.authorized === false){ + req.emit('error', new Error(socket.authorizationError)); + return req.destroy(); + } + + // Check if fingerprint matches + if(clientFingerprints.indexOf(fingerprint) === -1){ + req.emit('error', new Error('Fingerprint does not match')); + return req.destroy(); + } + }); +}); + +req.on('error', (e) => { + console.error(e); + process.exit(0); }); From b43a5eb1221c6719385fe9f89607375f6f43f3e4 Mon Sep 17 00:00:00 2001 From: Diamond Lewis Date: Fri, 12 May 2023 19:16:51 -0500 Subject: [PATCH 2/7] fix curl tests --- src/Parse/HttpClients/ParseCurlHttpClient.php | 12 ++++++ src/Parse/HttpClients/ParseHttpable.php | 7 ++++ .../HttpClients/ParseStreamHttpClient.php | 24 +++++++++++ src/Parse/ParseClient.php | 26 ++++++++++++ tests/Parse/Helper.php | 4 +- tests/Parse/ParseClientTest.php | 38 +++++++++++++++--- tests/gencerts.sh | 1 + tests/keys/client-copy.pem | 30 -------------- tests/keys/localhost.pubkey.der | Bin 0 -> 550 bytes tests/keys/localhost.pubkey.pem | 14 +++++++ tests/server.js | 1 - 11 files changed, 118 insertions(+), 39 deletions(-) delete mode 100644 tests/keys/client-copy.pem create mode 100644 tests/keys/localhost.pubkey.der create mode 100644 tests/keys/localhost.pubkey.pem diff --git a/src/Parse/HttpClients/ParseCurlHttpClient.php b/src/Parse/HttpClients/ParseCurlHttpClient.php index 0d53d06c..e9337dad 100644 --- a/src/Parse/HttpClients/ParseCurlHttpClient.php +++ b/src/Parse/HttpClients/ParseCurlHttpClient.php @@ -306,6 +306,18 @@ public function setCAFile($caFile) $this->parseCurl->setOption(CURLOPT_CAINFO, $caFile); } + /** + * Sets multiple curl options + * https://www.php.net/manual/en/function.curl-setopt.php + * + * @param array $options Array of options to set + * @throws ParseException + */ + public function setHttpOptions($options) + { + $this->parseCurl->setOptionsArray($options); + } + /** * Gets the error code * diff --git a/src/Parse/HttpClients/ParseHttpable.php b/src/Parse/HttpClients/ParseHttpable.php index 8fe938d5..7025cf45 100644 --- a/src/Parse/HttpClients/ParseHttpable.php +++ b/src/Parse/HttpClients/ParseHttpable.php @@ -63,6 +63,13 @@ public function setTimeout($timeout); */ public function setCAFile($caFile); + /** + * Sets http options to pass to the http client + * + * @param string $httpOptions Options to set + */ + public function setHttpOptions($httpOptions); + /** * Gets the error code * diff --git a/src/Parse/HttpClients/ParseStreamHttpClient.php b/src/Parse/HttpClients/ParseStreamHttpClient.php index 11657fb7..b57ce67f 100644 --- a/src/Parse/HttpClients/ParseStreamHttpClient.php +++ b/src/Parse/HttpClients/ParseStreamHttpClient.php @@ -78,6 +78,13 @@ class ParseStreamHttpClient implements ParseHttpable */ private $caFile; + /** + * Options to pass to the stream context. + * + * @var array + */ + private static $httpOptions; + /** * Optional timeout for this request * @@ -195,6 +202,12 @@ public function send($url, $method = 'GET', $data = array()) $this->options['ssl']['cafile'] = $this->caFile; } + if (isset($this->httpOptions)) { + foreach ($data as $key => $value) { + $this->options[$key] = $value; + } + } + // add additional options for this request $this->options['http'] = array( 'method' => $method, @@ -348,6 +361,17 @@ public function setCAFile($caFile) $this->caFile = $caFile; } + /** + * Sets http options to pass to the stream context + * https://www.php.net/manual/en/context.php + * + * @param array $httpOptions options to set + */ + public function setHttpOptions($httpOptions) + { + $this->$httpOptions = $httpOptions; + } + /** * Sets the request timeout * diff --git a/src/Parse/ParseClient.php b/src/Parse/ParseClient.php index 5ac2819a..0e02a57b 100755 --- a/src/Parse/ParseClient.php +++ b/src/Parse/ParseClient.php @@ -103,6 +103,13 @@ final class ParseClient */ private static $caFile; + /** + * Options to pass to the http client. + * + * @var array + */ + private static $httpOptions; + /** * Constant for version string to include with requests. * @@ -230,6 +237,7 @@ public static function getServerHealth() // try to get a response from the server $url = self::createRequestUrl('health'); + $response = $httpClient->send($url); $errorCode = $httpClient->getErrorCode(); @@ -301,6 +309,21 @@ public static function setCAFile($caFile) self::$caFile = $caFile; } + /** + * Sets http options to pass to the http client + * For curl + * https://www.php.net/manual/en/function.curl-setopt.php + * + * For stream context + * https://www.php.net/manual/en/context.php + * + * @param array $httpOptions options to set + */ + public static function setHttpOptions($httpOptions) + { + self::$httpOptions = $httpOptions; + } + /** * ParseClient::_encode, internal method for encoding object values. * @@ -452,6 +475,9 @@ private static function getPreparedHttpClient() // set CA file $httpClient->setCAFile(self::$caFile); } + if (isset(self::$httpOptions)) { + $httpClient->setHttpOptions(self::$httpOptions); + } return $httpClient; } diff --git a/tests/Parse/Helper.php b/tests/Parse/Helper.php index b8f1d017..95380113 100644 --- a/tests/Parse/Helper.php +++ b/tests/Parse/Helper.php @@ -63,8 +63,6 @@ public static function setHttpClient() // default client set if (function_exists('curl_init')) { // cURL client - Helper::print("diamon lewis"); - ParseClient::setHttpClient(new ParseCurlHttpClient()); } else { // stream client @@ -110,7 +108,7 @@ public static function print($text) public static function printArray($array) { - var_dump($array); + print_r($array); ob_end_flush(); } } diff --git a/tests/Parse/ParseClientTest.php b/tests/Parse/ParseClientTest.php index efdc31ed..cd627725 100644 --- a/tests/Parse/ParseClientTest.php +++ b/tests/Parse/ParseClientTest.php @@ -16,6 +16,8 @@ use PHPUnit\Framework\TestCase; +defined('CURLOPT_PINNEDPUBLICKEY') || define('CURLOPT_PINNEDPUBLICKEY', 10230); + class ParseClientTest extends TestCase { public static function setUpBeforeClass() : void @@ -671,19 +673,45 @@ public function testCheckBadServer() /** * @group test-http-options */ - public function testHttpOptions() + public function testCurlHttpOptions() { if (function_exists('curl_init')) { - // set a curl client ParseClient::setHttpClient(new ParseCurlHttpClient()); - echo dirname(__DIR__).'/keys/client.crt'; - ParseClient::setCAFile(dirname(__DIR__).'/keys/client.crt'); ParseClient::setServerURL('https://localhost:1338', 'parse'); + ParseClient::setHttpOptions([ + CURLOPT_SSL_VERIFYPEER => false, + CURLOPT_PINNEDPUBLICKEY => 'sha256//Oz+R70/uIv0irdBWc7RNPyCGeZNbN+CBiPLjJxXWigg=', + CURLOPT_SSLCERT => dirname(__DIR__).'/keys/client.crt', + CURLOPT_SSLKEY => dirname(__DIR__).'/keys/client.key', + ]); $health = ParseClient::getServerHealth(); - Helper::printArray($health); + $this->assertNotNull($health); $this->assertEquals($health['status'], 200); $this->assertEquals($health['response']['status'], 'ok'); + Helper::setServerURL(); } } + + /** + * @group test-http-options + */ + public function testStreamHttpOptions() + { + ParseClient::setHttpClient(new ParseStreamHttpClient()); + ParseClient::setServerURL('https://localhost:1338', 'parse'); + // ParseClient::setHttpOptions([ + // CURLOPT_SSL_VERIFYPEER => false, + // CURLOPT_PINNEDPUBLICKEY => 'sha256//Oz+R70/uIv0irdBWc7RNPyCGeZNbN+CBiPLjJxXWigg=', + // CURLOPT_SSLCERT => dirname(__DIR__).'/keys/client.crt', + // CURLOPT_SSLKEY => dirname(__DIR__).'/keys/client.key', + // ]); + $health = ParseClient::getServerHealth(); + + Helper::printArray($health); + $this->assertNotNull($health); + $this->assertEquals($health['status'], 200); + $this->assertEquals($health['response']['status'], 'ok'); + Helper::setServerURL(); + } } diff --git a/tests/gencerts.sh b/tests/gencerts.sh index a02fa704..cf31ceb5 100755 --- a/tests/gencerts.sh +++ b/tests/gencerts.sh @@ -1,5 +1,6 @@ #!/bin/bash # https://gist.github.com/ryankurte/bc0d8cff6e73a6bb1950 +# https://curl.se/libcurl/c/CURLOPT_PINNEDPUBLICKEY.html # ./gencerts.sh parseca localhost parsephp keys/ # ./gencerts.sh parseca client parsephp keys/ diff --git a/tests/keys/client-copy.pem b/tests/keys/client-copy.pem deleted file mode 100644 index 761f775e..00000000 --- a/tests/keys/client-copy.pem +++ /dev/null @@ -1,30 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFITCCAwkCCQDEwoQengRnzDANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJO -WjEMMAoGA1UECAwDQUtMMREwDwYDVQQHDAhBdWNrbGFuZDERMA8GA1UECgwIcGFy -c2VwaHAxEDAOBgNVBAMMB3BhcnNlY2EwHhcNMjMwNTEyMjA0MzAzWhcNMjYwMjA1 -MjA0MzAzWjBSMQswCQYDVQQGEwJOWjEMMAoGA1UECAwDQUtMMREwDwYDVQQHDAhB -dWNrbGFuZDERMA8GA1UECgwIcGFyc2VwaHAxDzANBgNVBAMMBmNsaWVudDCCAiIw -DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMlKDLogZSNxm5S4h97XM8A1+MsP -RaK15g8ebVEP7OGrwX1bvLVis0U/ixwHs0mqjQ9tbuefMZyiRgdds+8tpRCCuqGo -dwSk8YMmOlrF5xIpBT2cXJLhGvDyY0F0RLFZYBoioTYFth4i91DkzhmBaL6vjyB7 -dXduR1JQbzTpQHkhofPziQsNtinf8qBqLbH1dFaqwUUEgtsKJyaPlxJR21TF3Fv+ -2K/fmoyzP6Er7eUSCvJRRH1hCwzHxl7GqTKyQeaS1RLdrHYqZmSeiJpxwl8uSdBs -x4y8wG4lhRdantCCANlTwLd7zPiuIu+RBP276o2+02K8my9N2STZUgHXefSoNx4M -alYujKBUV+2qmhR9H2HlUB/C/h5Sb8PSlfWyD/bo3+agyw/1+9rfMUYCmiEtdik7 -amoBaahoqAHL8S3K19L0ytWkgFejSMzn+i4VDifnwupXHifDL7CPDX0vevFNDvC7 -HMLkBWmkNaTduDL5P3ximtIXE7akhK+ufiNoO3KLItenCENxCzUdNdDHguei2U5E -vhTyaTmIIrkUGxQ+aVDXRF2njAeQNMdTjsCAiiSN1corYX8RXvNo8QZQUEaHG42u -O6Yolsw8EZotbpExo1jbiDlI2pVIuwJdtaDCucPN/X6uZ8odGQ0LUeyTBYda/1OG -VIQzPZnxSHzqPzuZAgMBAAEwDQYJKoZIhvcNAQELBQADggIBAHOLgs6FLIv+Vvpx -fNtwabgOI2JxkFwaAujwWJS10tmczJp9qZilOlVBBhDFRBwBKqAaanHKCYkEfP6u -dgC8RMOOYOb0gk6Tj3+zhvM4Qz+n8Cn2fA2+EtFXTKyMfJHuG/zddTLep2Phh9c9 -t5s/8aHAuqM9RGiA66V7mJiR9G5E8cNpyHniCh8Z11kABPMzAy92LyEGUlRwCrWx -fCwItnzY2/7J8IW20rPIpb0EWmYHhxkUUzu7APQgvJpAUTdhmVKb9GLCUyY+oICE -1WrnV9OQiqYVGFQkry9FXyKbsLVM6b6ar8DIXpYTYnd11sqFdiUUo4oItYYrO/1O -0Bt0PX6hWYjR4r7ZT23KWAHZdlU4EFfrLJeZ6HDeYttJF68x9s8RZGgVU9Xlb/7X -KGRVyCWI7aWzvI1lBVAnc7b7B9LrIkdHnYDt/ettmRvI/zZRBh73T7EPOQB7bEzP -M8BXfAr/+qa2ToBWNd9AJrw7rg+OWGD801iXqsREyLr15nRIR12mGdKuyMkfghk1 -9J1Sd0fkfB2ci7Rn3afRdKksGuADQ2fvYihw0lALOPzSq/FYRqZBzwv9Qmw43CKd -euEPcCfT7VYY47lmfFfKBcVv8d7NiJZRGkIUYUxS/UAsrLiBCgRkaUACcbLok7sJ -jrdaTDx4EZu93dmJbEozNO6dRiLb ------END CERTIFICATE----- diff --git a/tests/keys/localhost.pubkey.der b/tests/keys/localhost.pubkey.der new file mode 100644 index 0000000000000000000000000000000000000000..6b1e66c54d45e9f2e78cf497177daa01c806105d GIT binary patch literal 550 zcmV+>0@?jAf&wBi4F(A+hDe6@4FLfG1potr0uKN%f&vNxf&u{m*g^Q%hJA1#D~yRL z(nM3(0+1CI!8wFgf*T$(zaHhWY%(5H0nA9vLReO2?`+?2Xp2K@^Qj|H+F*vI=h2j* zh7*?|{By&p;Rs$&&H7MNa@@{=0#?K zSeIC1i}+lmC~M6uQJw17xcVOD=a! zIGS`G3LQutv3|0PQ}a-*h?K52+$Nt~2WqP%gu>Lt7 Date: Fri, 12 May 2023 19:34:18 -0500 Subject: [PATCH 3/7] fix stream tests --- src/Parse/HttpClients/ParseStreamHttpClient.php | 7 ++++--- tests/Parse/ParseClientTest.php | 17 ++++++++++------- tests/server.js | 6 +++--- 3 files changed, 17 insertions(+), 13 deletions(-) diff --git a/src/Parse/HttpClients/ParseStreamHttpClient.php b/src/Parse/HttpClients/ParseStreamHttpClient.php index b57ce67f..62259904 100644 --- a/src/Parse/HttpClients/ParseStreamHttpClient.php +++ b/src/Parse/HttpClients/ParseStreamHttpClient.php @@ -83,7 +83,7 @@ class ParseStreamHttpClient implements ParseHttpable * * @var array */ - private static $httpOptions; + private $httpOptions; /** * Optional timeout for this request @@ -203,7 +203,7 @@ public function send($url, $method = 'GET', $data = array()) } if (isset($this->httpOptions)) { - foreach ($data as $key => $value) { + foreach ($this->httpOptions as $key => $value) { $this->options[$key] = $value; } } @@ -277,6 +277,7 @@ public function send($url, $method = 'GET', $data = array()) // clear options $this->options = array(); + $this->httpOptions = array(); // flush our existing headers $this->headers = array(); @@ -369,7 +370,7 @@ public function setCAFile($caFile) */ public function setHttpOptions($httpOptions) { - $this->$httpOptions = $httpOptions; + $this->httpOptions = $httpOptions; } /** diff --git a/tests/Parse/ParseClientTest.php b/tests/Parse/ParseClientTest.php index cd627725..5a8c0f3a 100644 --- a/tests/Parse/ParseClientTest.php +++ b/tests/Parse/ParseClientTest.php @@ -700,15 +700,18 @@ public function testStreamHttpOptions() { ParseClient::setHttpClient(new ParseStreamHttpClient()); ParseClient::setServerURL('https://localhost:1338', 'parse'); - // ParseClient::setHttpOptions([ - // CURLOPT_SSL_VERIFYPEER => false, - // CURLOPT_PINNEDPUBLICKEY => 'sha256//Oz+R70/uIv0irdBWc7RNPyCGeZNbN+CBiPLjJxXWigg=', - // CURLOPT_SSLCERT => dirname(__DIR__).'/keys/client.crt', - // CURLOPT_SSLKEY => dirname(__DIR__).'/keys/client.key', - // ]); + ParseClient::setHttpOptions([ + 'ssl' => [ + 'verify_peer' => false, + 'verify_peer_name' => false, + 'allow_self_signed' => true, + 'local_cert' => dirname(__DIR__).'/keys/client.crt', + 'local_pk' => dirname(__DIR__).'/keys/client.key', + 'peer_fingerprint' => '29F36676EFA0CA18B5B571C6144580044CB289C2', + ] + ]); $health = ParseClient::getServerHealth(); - Helper::printArray($health); $this->assertNotNull($health); $this->assertEquals($health['status'], 200); $this->assertEquals($health['response']['status'], 'ok'); diff --git a/tests/server.js b/tests/server.js index 2f2193d7..70b56c96 100644 --- a/tests/server.js +++ b/tests/server.js @@ -121,7 +121,7 @@ var requestOptions = { // Create agent (required for custom trust list) requestOptions.agent = new https.Agent(requestOptions); -var req = https.request(requestOptions, (res) => { +const req = https.request(requestOptions, (res) => { console.log('statusCode:', res.statusCode); }); req.end(); @@ -129,8 +129,8 @@ req.end(); // Pin server certs req.on('socket', socket => { socket.on('secureConnect', () => { - var fingerprint = socket.getPeerCertificate().fingerprint; - + const fingerprint = socket.getPeerCertificate().fingerprint; + // Check if certificate is valid if(socket.authorized === false){ req.emit('error', new Error(socket.authorizationError)); From 06c0742137b513bca560e59ce32a309c2084225c Mon Sep 17 00:00:00 2001 From: Diamond Lewis Date: Fri, 12 May 2023 19:36:21 -0500 Subject: [PATCH 4/7] lint --- src/Parse/ParseClient.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Parse/ParseClient.php b/src/Parse/ParseClient.php index 0e02a57b..88765dca 100755 --- a/src/Parse/ParseClient.php +++ b/src/Parse/ParseClient.php @@ -316,7 +316,7 @@ public static function setCAFile($caFile) * * For stream context * https://www.php.net/manual/en/context.php - * + * * @param array $httpOptions options to set */ public static function setHttpOptions($httpOptions) From 7b068ab112e06dde0da9f0926dc690f27e4865e5 Mon Sep 17 00:00:00 2001 From: Diamond Lewis Date: Fri, 12 May 2023 19:43:21 -0500 Subject: [PATCH 5/7] clean up --- src/Parse/ParseClient.php | 1 - tests/Parse/ParseClientTest.php | 3 +++ tests/server.js | 13 ++++++++----- 3 files changed, 11 insertions(+), 6 deletions(-) diff --git a/src/Parse/ParseClient.php b/src/Parse/ParseClient.php index 88765dca..6c0c88ee 100755 --- a/src/Parse/ParseClient.php +++ b/src/Parse/ParseClient.php @@ -237,7 +237,6 @@ public static function getServerHealth() // try to get a response from the server $url = self::createRequestUrl('health'); - $response = $httpClient->send($url); $errorCode = $httpClient->getErrorCode(); diff --git a/tests/Parse/ParseClientTest.php b/tests/Parse/ParseClientTest.php index 5a8c0f3a..ba08e891 100644 --- a/tests/Parse/ParseClientTest.php +++ b/tests/Parse/ParseClientTest.php @@ -37,6 +37,9 @@ public function tearDown() : void // unset CA file ParseClient::setCAFile(null); + + // unset http options + ParseClient::setHttpOptions(null); } /** diff --git a/tests/server.js b/tests/server.js index 70b56c96..b0c23f9f 100644 --- a/tests/server.js +++ b/tests/server.js @@ -15,7 +15,7 @@ const parseServer = new ParseServer({ restKey: "rest-api-key-here", databaseURI: "mongodb://localhost/test", cloud: __dirname + "/tests/cloud-code.js", - publicServerURL: "https://localhost:1337/parse", + publicServerURL: "http://localhost:1337/parse", logsFolder: path.resolve(process.cwd(), 'logs'), verbose: true, silent: true, @@ -83,10 +83,13 @@ const serverOptions = { } function onRequest(req) { - console.log(new Date()+' '+ - req.connection.remoteAddress+' '+ - req.socket.getPeerCertificate().subject.CN+' '+ - req.method+' '+req.baseUrl); + console.log( + new Date(), + req.connection.remoteAddress, + req.socket.getPeerCertificate().subject.CN, + req.method, + req.baseUrl, + ); } // Create TLS enabled server From 20b77a3e608961169970b761fc3a65d13504ce22 Mon Sep 17 00:00:00 2001 From: Diamond Lewis Date: Fri, 12 May 2023 19:45:39 -0500 Subject: [PATCH 6/7] lint --- tests/server.js | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tests/server.js b/tests/server.js index b0c23f9f..533edc1f 100644 --- a/tests/server.js +++ b/tests/server.js @@ -3,7 +3,6 @@ import { ParseServer } from 'parse-server'; import path from 'path'; import fs from 'fs'; import https from 'https'; -import http from 'http'; import emailAdapter from './MockEmailAdapter.js'; const app = express(); const __dirname = path.resolve(); @@ -102,7 +101,7 @@ server.listen(options.port, function() { }); // Create TLS request -var requestOptions = { +const requestOptions = { hostname: 'localhost', port: options.port, path: '/parse/health', From 5fac4c5150505a9ef7a2295df01a6703c7c91ff2 Mon Sep 17 00:00:00 2001 From: Diamond Lewis Date: Fri, 12 May 2023 19:58:55 -0500 Subject: [PATCH 7/7] clean up --- tests/server.js | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/tests/server.js b/tests/server.js index 533edc1f..a1e75205 100644 --- a/tests/server.js +++ b/tests/server.js @@ -7,7 +7,7 @@ import emailAdapter from './MockEmailAdapter.js'; const app = express(); const __dirname = path.resolve(); -const parseServer = new ParseServer({ +const server = new ParseServer({ appName: "MyTestApp", appId: "app-id-here", masterKey: "master-key-here", @@ -48,10 +48,10 @@ const parseServer = new ParseServer({ }, }); -await parseServer.start(); +await server.start(); // Serve the Parse API on the /parse URL prefix -app.use('/parse', parseServer.app); +app.use('/parse', server.app); const port = 1337; app.listen(port, function() { @@ -92,11 +92,11 @@ function onRequest(req) { } // Create TLS enabled server -const server = https.createServer(serverOptions, app); -server.on('request', onRequest); +const httpsServer = https.createServer(serverOptions, app); +httpsServer.on('request', onRequest); // Start Server -server.listen(options.port, function() { +httpsServer.listen(options.port, function() { console.error('[ Parse Test Https Server running on port ' + options.port + ' ]'); }); @@ -134,13 +134,13 @@ req.on('socket', socket => { const fingerprint = socket.getPeerCertificate().fingerprint; // Check if certificate is valid - if(socket.authorized === false){ + if (socket.authorized === false) { req.emit('error', new Error(socket.authorizationError)); return req.destroy(); } // Check if fingerprint matches - if(clientFingerprints.indexOf(fingerprint) === -1){ + if (clientFingerprints.indexOf(fingerprint) === -1) { req.emit('error', new Error('Fingerprint does not match')); return req.destroy(); }