Remove more test keys (#7488)
Part of https://github.com/letsencrypt/boulder/issues/7476
This commit is contained in:
Aaron Gable
GitHub
parent
6ae6aa8e90
commit
eb607e5b10
|
|
@ -5,9 +5,12 @@ import (
|
|||
"crypto/elliptic"
|
||||
"crypto/rand"
|
||||
"crypto/x509"
|
||||
"encoding/pem"
|
||||
"fmt"
|
||||
"io/fs"
|
||||
"math/big"
|
||||
"os"
|
||||
"path"
|
||||
"strings"
|
||||
"testing"
|
||||
"time"
|
||||
|
|
@ -18,18 +21,25 @@ import (
|
|||
)
|
||||
|
||||
func TestLoadPubKey(t *testing.T) {
|
||||
_, _, err := loadPubKey("../../test/test-ca.pubkey.pem")
|
||||
test.AssertNotError(t, err, "should not have errored")
|
||||
tmp := t.TempDir()
|
||||
key, _ := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
|
||||
|
||||
_, _, err = loadPubKey("../../test/hierarchy/int-e1.key.pem")
|
||||
test.AssertError(t, err, "should have failed trying to parse a private key")
|
||||
|
||||
_, _, err = loadPubKey("/path/that/will/not/ever/exist/ever")
|
||||
test.AssertError(t, err, "should have failed opening public key at non-existent path")
|
||||
_, _, err := loadPubKey(path.Join(tmp, "does", "not", "exist"))
|
||||
test.AssertError(t, err, "should fail on non-existent file")
|
||||
test.AssertErrorIs(t, err, fs.ErrNotExist)
|
||||
|
||||
_, _, err = loadPubKey("../../test/hierarchy/int-e1.cert.pem")
|
||||
test.AssertError(t, err, "should have failed when trying to parse a certificate")
|
||||
_, _, err = loadPubKey("../../test/hierarchy/README.md")
|
||||
test.AssertError(t, err, "should fail on non-PEM file")
|
||||
|
||||
priv, _ := x509.MarshalPKCS8PrivateKey(key)
|
||||
_ = os.WriteFile(path.Join(tmp, "priv.pem"), pem.EncodeToMemory(&pem.Block{Type: "PRIVATE KEY", Bytes: priv}), 0644)
|
||||
_, _, err = loadPubKey(path.Join(tmp, "priv.pem"))
|
||||
test.AssertError(t, err, "should fail on non-pubkey PEM")
|
||||
|
||||
pub, _ := x509.MarshalPKIXPublicKey(key.Public())
|
||||
_ = os.WriteFile(path.Join(tmp, "pub.pem"), pem.EncodeToMemory(&pem.Block{Type: "PUBLIC KEY", Bytes: pub}), 0644)
|
||||
_, _, err = loadPubKey(path.Join(tmp, "pub.pem"))
|
||||
test.AssertNotError(t, err, "should not have errored")
|
||||
}
|
||||
|
||||
func TestCheckOutputFileSucceeds(t *testing.T) {
|
||||
|
|
|
|||
|
|
@ -272,16 +272,16 @@ func TestLoadCert(t *testing.T) {
|
|||
test.AssertError(t, err, "Loading nonexistent path did not error")
|
||||
test.AssertErrorWraps(t, err, &osPathErr)
|
||||
|
||||
_, err = LoadCert("../test/test-ca.der")
|
||||
_, err = LoadCert("../test/hierarchy/README.md")
|
||||
test.AssertError(t, err, "Loading non-PEM file did not error")
|
||||
test.AssertEquals(t, err.Error(), "no data in cert PEM file \"../test/test-ca.der\"")
|
||||
test.AssertContains(t, err.Error(), "no data in cert PEM file")
|
||||
|
||||
_, err = LoadCert("../test/hierarchy/int-e1.key.pem")
|
||||
test.AssertError(t, err, "Loading non-cert file did not error")
|
||||
test.AssertEquals(t, err.Error(), "x509: malformed tbs certificate")
|
||||
test.AssertError(t, err, "Loading non-cert PEM file did not error")
|
||||
test.AssertContains(t, err.Error(), "x509: malformed tbs certificate")
|
||||
|
||||
cert, err := LoadCert("../test/hierarchy/int-r3.cert.pem")
|
||||
test.AssertNotError(t, err, "Failed to load cert file")
|
||||
test.AssertNotError(t, err, "Failed to load cert PEM file")
|
||||
test.AssertEquals(t, cert.Subject.CommonName, "(TEST) Radical Rhino R3")
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -4,7 +4,6 @@ import (
|
|||
"bytes"
|
||||
"context"
|
||||
"crypto/x509"
|
||||
"encoding/pem"
|
||||
"errors"
|
||||
"fmt"
|
||||
"io"
|
||||
|
|
@ -224,26 +223,7 @@ func (sa *StorageAuthorityReadOnly) GetSerialMetadata(ctx context.Context, req *
|
|||
|
||||
// GetCertificate is a mock
|
||||
func (sa *StorageAuthorityReadOnly) GetCertificate(_ context.Context, req *sapb.Serial, _ ...grpc.CallOption) (*corepb.Certificate, error) {
|
||||
issuedTime := sa.clk.Now().Add(-1 * time.Hour)
|
||||
|
||||
// Serial ee == 238.crt
|
||||
if req.Serial == "0000000000000000000000000000000000ee" {
|
||||
certPemBytes, _ := os.ReadFile("test/238.crt")
|
||||
certBlock, _ := pem.Decode(certPemBytes)
|
||||
return &corepb.Certificate{
|
||||
RegistrationID: 1,
|
||||
Der: certBlock.Bytes,
|
||||
Issued: timestamppb.New(issuedTime),
|
||||
}, nil
|
||||
} else if req.Serial == "0000000000000000000000000000000000b2" {
|
||||
certPemBytes, _ := os.ReadFile("test/178.crt")
|
||||
certBlock, _ := pem.Decode(certPemBytes)
|
||||
return &corepb.Certificate{
|
||||
RegistrationID: 1,
|
||||
Der: certBlock.Bytes,
|
||||
Issued: timestamppb.New(issuedTime),
|
||||
}, nil
|
||||
} else if req.Serial == "000000000000000000000000000000626164" {
|
||||
if req.Serial == "000000000000000000000000000000626164" {
|
||||
return nil, errors.New("bad")
|
||||
} else {
|
||||
return nil, berrors.NotFoundError("No cert")
|
||||
|
|
@ -257,18 +237,7 @@ func (sa *StorageAuthorityReadOnly) GetLintPrecertificate(_ context.Context, req
|
|||
|
||||
// GetCertificateStatus is a mock
|
||||
func (sa *StorageAuthorityReadOnly) GetCertificateStatus(_ context.Context, req *sapb.Serial, _ ...grpc.CallOption) (*corepb.CertificateStatus, error) {
|
||||
// Serial ee == 238.crt
|
||||
if req.Serial == "0000000000000000000000000000000000ee" {
|
||||
return &corepb.CertificateStatus{
|
||||
Status: string(core.OCSPStatusGood),
|
||||
}, nil
|
||||
} else if req.Serial == "0000000000000000000000000000000000b2" {
|
||||
return &corepb.CertificateStatus{
|
||||
Status: string(core.OCSPStatusRevoked),
|
||||
}, nil
|
||||
} else {
|
||||
return nil, errors.New("no cert status")
|
||||
}
|
||||
return nil, errors.New("no cert status")
|
||||
}
|
||||
|
||||
func (sa *StorageAuthorityReadOnly) SetCertificateStatusReady(ctx context.Context, req *sapb.Serial, _ ...grpc.CallOption) (*emptypb.Empty, error) {
|
||||
|
|
|
|||
|
|
@ -66,6 +66,3 @@ TODO-list of PKIs to remove and clean up:
|
|||
- unit tests: the //test/hierarchy/ directory holds a variety of certificates
|
||||
used by unit tests. These should be replaced by certs which the unit tests
|
||||
dynamically generate in-memory, rather than loading from disk.
|
||||
- misc: the top-level //test/ directory contains a variety of keys and
|
||||
certificates which are used largely at random throughout the tests. These
|
||||
should be removed and replaced with one of the existing PKIs.
|
||||
|
|
|
|||
|
|
@ -10,10 +10,6 @@
|
|||
# large scale blocks are required.
|
||||
#
|
||||
blocked:
|
||||
# test/test-ca2.pem
|
||||
- F4j7m0doxdWXdKOzeYjL6onsVYLLU2jb7xr994zlFFg=
|
||||
# test/test-ca.pem
|
||||
- F4j7m0doxdWXdKOzeYjL6onsVYLLU2jb7xr994zlFFg=
|
||||
# test/block-a-key/test/test.ecdsa.cert.pem
|
||||
- cuwGhNNI6nfob5aqY90e7BleU6l7rfxku4X3UTJ3Z7M=
|
||||
# test/block-a-key/test/test.rsa.cert.pem
|
||||
|
|
|
|||
|
|
@ -1,26 +0,0 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIEVDCCAzygAwIBAgIRAK9XypXw7OdaRChSGGj75eQwDQYJKoZIhvcNAQELBQAw
|
||||
KzEpMCcGA1UEAxMgYzJja2xpbmcgY3J5cHRvZ3IycGhlciBmMmtlIFJPT1QwHhcN
|
||||
MjAwMzIwMDUxMjQ4WhcNMjUwMzIwMDUxMjQ4WjAfMR0wGwYDVQQDExRoYXBweSBo
|
||||
YWNrZXIgZmFrZSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMIK
|
||||
R3maBcUSsncXYzQT13D5Nr+Z3mLxMMh3TUdt6sACmqbJ0btRlgXfMtNLM2OU1I6a
|
||||
3Ju+tIZSdn2v21JBwvxUzpZQ4zy2cimIiMQDZCQHJwzC9GZn8HaW091iz9H0Go3A
|
||||
7WDXwYNmsdLNRi00o14UjoaVqaPsYrZWvRKaIRqaU0hHmS0AWwQSvN/93iMIXuyi
|
||||
wywmkwKbWnnxCQ/gsctKFUtcNrwEx9Wgj6KlhwDTyI1QWSBbxVYNyUgPFzKxrSmw
|
||||
MO0yNff7ho+QT9x5+Y/7XE59S4Mc4ZXxcXKew/gSlN9U5mvT+D2BhDtkCupdfsZN
|
||||
CQWp27A+b/DmrFI9NqsCAwEAAaOCAX0wggF5MA4GA1UdDwEB/wQEAwIBFjASBgNV
|
||||
HRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBT7eE8S+WAVgyyfF380GbMuNupBiTAf
|
||||
BgNVHSMEGDAWgBSka4yqAyzx5RbFiuihqe1p9iJF/jB/BggrBgEFBQcBAQRzMHEw
|
||||
MgYIKwYBBQUHMAGGJmh0dHA6Ly9pc3JnLnRydXN0aWQub2NzcC5pZGVudHJ1c3Qu
|
||||
Y29tMDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1c3QuY29tL3Jvb3Rz
|
||||
L2RzdHJvb3RjYXgzLnA3YzA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vY3JsLmlk
|
||||
ZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwuY3JsMFQGA1UdIARNMEswCAYGZ4EM
|
||||
AQIBMD8GCysGAQQBgt8TAQEBMDAwLgYIKwYBBQUHAgEWImh0dHA6Ly9jcHMucm9v
|
||||
dC14MS5sZXRzZW5jcnlwdC5vcmcwDQYJKoZIhvcNAQELBQADggEBALlR3Ro7EiBw
|
||||
PvpcgONIadIswDaFN+kCjBgPCM2YlCbDsMyskAsEKpgRIQJ/Ks4DZ91e+80NX69s
|
||||
BxoWk1eWqoqJkX6y5rrkFHDTluO3OO20d67/Uz2Q1iqqziu5sxzlkVVafZLTPklk
|
||||
gkA717QLbofQzNFuI8UC4Imt8RNnZKwMAZgd38wAZ2jibC/WVz1fvzBg3hYvhxuV
|
||||
6ZVlbV2uaEgfwSimnXIRc8W8cEpNko0nAnSl+RLPzfxfgJH/xCcgPYzPIVWuAbjN
|
||||
e3r4u0e6U8Snjfvmmx4IVwKnK3ENxnB83ayU2pNgm4cc3bC1PwrNW8QKC5yswaNs
|
||||
nM3gKNkO+XA=
|
||||
-----END CERTIFICATE-----
|
||||
BIN
test/test-ca.der
BIN
test/test-ca.der
Binary file not shown.
Binary file not shown.
|
|
@ -1,9 +0,0 @@
|
|||
-----BEGIN PUBLIC KEY-----
|
||||
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgpHeZoFxRKydxdjNBPX
|
||||
cPk2v5neYvEwyHdNR23qwAKapsnRu1GWBd8y00szY5TUjprcm760hlJ2fa/bUkHC
|
||||
/FTOllDjPLZyKYiIxANkJAcnDML0ZmfwdpbT3WLP0fQajcDtYNfBg2ax0s1GLTSj
|
||||
XhSOhpWpo+xitla9EpohGppTSEeZLQBbBBK83/3eIwhe7KLDLCaTAptaefEJD+Cx
|
||||
y0oVS1w2vATH1aCPoqWHANPIjVBZIFvFVg3JSA8XMrGtKbAw7TI19/uGj5BP3Hn5
|
||||
j/tcTn1LgxzhlfFxcp7D+BKU31Tma9P4PYGEO2QK6l1+xk0JBanbsD5v8OasUj02
|
||||
qwIDAQAB
|
||||
-----END PUBLIC KEY-----
|
||||
|
|
@ -1,26 +0,0 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIEUzCCAzugAwIBAgIQH6R1jpezUu8ZJ4iIZxonEjANBgkqhkiG9w0BAQsFADAr
|
||||
MSkwJwYDVQQDEyBjMmNrbGluZyBjcnlwdG9ncjJwaGVyIGYya2UgUk9PVDAeFw0y
|
||||
MDAzMjAwNTEyNDhaFw0yNTAzMjAwNTEyNDhaMB8xHTAbBgNVBAMTFGgycHB5IGgy
|
||||
Y2tlciBmYWtlIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgpH
|
||||
eZoFxRKydxdjNBPXcPk2v5neYvEwyHdNR23qwAKapsnRu1GWBd8y00szY5TUjprc
|
||||
m760hlJ2fa/bUkHC/FTOllDjPLZyKYiIxANkJAcnDML0ZmfwdpbT3WLP0fQajcDt
|
||||
YNfBg2ax0s1GLTSjXhSOhpWpo+xitla9EpohGppTSEeZLQBbBBK83/3eIwhe7KLD
|
||||
LCaTAptaefEJD+Cxy0oVS1w2vATH1aCPoqWHANPIjVBZIFvFVg3JSA8XMrGtKbAw
|
||||
7TI19/uGj5BP3Hn5j/tcTn1LgxzhlfFxcp7D+BKU31Tma9P4PYGEO2QK6l1+xk0J
|
||||
BanbsD5v8OasUj02qwIDAQABo4IBfTCCAXkwDgYDVR0PAQH/BAQDAgEWMBIGA1Ud
|
||||
EwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFPt4TxL5YBWDLJ8XfzQZsy426kGJMB8G
|
||||
A1UdIwQYMBaAFKRrjKoDLPHlFsWK6KGp7Wn2IkX+MH8GCCsGAQUFBwEBBHMwcTAy
|
||||
BggrBgEFBQcwAYYmaHR0cDovL2lzcmcudHJ1c3RpZC5vY3NwLmlkZW50cnVzdC5j
|
||||
b20wOwYIKwYBBQUHMAKGL2h0dHA6Ly9hcHBzLmlkZW50cnVzdC5jb20vcm9vdHMv
|
||||
ZHN0cm9vdGNheDMucDdjMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRl
|
||||
bnRydXN0LmNvbS9EU1RST09UQ0FYM0NSTC5jcmwwVAYDVR0gBE0wSzAIBgZngQwB
|
||||
AgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcCARYiaHR0cDovL2Nwcy5yb290
|
||||
LXgxLmxldHNlbmNyeXB0Lm9yZzANBgkqhkiG9w0BAQsFAAOCAQEAO9BiY2477mlp
|
||||
zj31skR9XENj8BQdEhs9bem2QfuEMpgI14qI5QnfhguRDTwsmIfheVfoxY1D+5t8
|
||||
FazMip81aRZMxbNAYmdgrkwHfsC7ahO+H8xEHmqzH4BqcsKiY7TfgtW/y9P4hmCb
|
||||
JvkAl7GmTx4IIEa7HzBzpMUDOZhPsMovsw5GAZRLw06WsfnER1zzXO9SW7WP3AZP
|
||||
zBH+/Mf+bJBD5pmp/lLQr2pWh38KcFfmHCsaibXVztdqJFZpOjUNTSHQDzdXTgLd
|
||||
3WmMSW+mQHoluDbuOAHkekzCv0EqQjBcLmrxwVg2vxfE7n8BzgKj/rHsJPRLnLet
|
||||
lbjy2P6pFw==
|
||||
-----END CERTIFICATE-----
|
||||
|
|
@ -1,19 +0,0 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIDETCCAfmgAwIBAgICALIwDQYJKoZIhvcNAQELBQAwDjEMMAoGA1UEAxMDMTc4
|
||||
MB4XDTE3MDIwMzAzNDcyNloXDTE4MDIwMzAzNDcyNlowDjEMMAoGA1UEAxMDMTc4
|
||||
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXUn5n4NBLK6CqJXBR+t
|
||||
dM4SVY911FKAwxI13k3aQvtBjaIPe6/CDiG7ZxGDsEB96pI6yYauhDQg6ELXcPN0
|
||||
dmRX4qxVMQ/ngS7bSc7FmlN1qkq9p1AxNmesCmsWg9/4yJNCmlTdGu2Mo60Iosxx
|
||||
CnQP3faG7ZPrGwzYvX9rwNedD3GlrFarQuU8VzD91fSQIzbDBtlP/+bY4FUbDtzw
|
||||
WGpuAorrSOeDxC0Y3Tmd6IJLczof+vFP3EYjX+fwjnSWe75zz3z2DhVYu0tiid3k
|
||||
UFDLaI5pY9JYYG3/D59lVKxg48PQP5q4qqWzmFnuUW/GOFHJABFnmOoD9j4t2YLk
|
||||
GwIDAQABo3kwdzAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEw
|
||||
DAYDVR0TAQH/BAIwADBCBggrBgEFBQcBAQQ2MDQwMgYIKwYBBQUHMAKGJmh0dHA6
|
||||
Ly9sb2NhbGhvc3Q6NDAwMC9hY21lL2lzc3Vlci1jZXJ0MA0GCSqGSIb3DQEBCwUA
|
||||
A4IBAQBCeU7UGIDKqVJ3fG0GOGlz1JHDh51UIQ2w/KK3NRlqdtlQ3tcqBHYspVMz
|
||||
YjliJuiVXi/hLEd9IyaTEfxqPnpla7rYo0PgChQ/Eg+IPMJm5t3HwnuNTsvJucX+
|
||||
gCA/vGKsqSZU58JeilBVo4jl6btUc1LYMCWQ1QRfBpei/9sV0EF3f3HosqYA5I0L
|
||||
VYzmsLBd8uyttFazgQKfM7Y/h1FcWGGJkH0rsZI7h4OOl0dn2aM9SCHiergJj4Sz
|
||||
S6hUp2+RR70GSuZejYc7NGqk7/g624c6jJETEqJEBPy6tvxSq+DlVT1K3gWmM+Mc
|
||||
yJjiZCq2Lifrn0KxkKuxsqWEW2tO
|
||||
-----END CERTIFICATE-----
|
||||
|
|
@ -1,27 +0,0 @@
|
|||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpQIBAAKCAQEAuXUn5n4NBLK6CqJXBR+tdM4SVY911FKAwxI13k3aQvtBjaIP
|
||||
e6/CDiG7ZxGDsEB96pI6yYauhDQg6ELXcPN0dmRX4qxVMQ/ngS7bSc7FmlN1qkq9
|
||||
p1AxNmesCmsWg9/4yJNCmlTdGu2Mo60IosxxCnQP3faG7ZPrGwzYvX9rwNedD3Gl
|
||||
rFarQuU8VzD91fSQIzbDBtlP/+bY4FUbDtzwWGpuAorrSOeDxC0Y3Tmd6IJLczof
|
||||
+vFP3EYjX+fwjnSWe75zz3z2DhVYu0tiid3kUFDLaI5pY9JYYG3/D59lVKxg48PQ
|
||||
P5q4qqWzmFnuUW/GOFHJABFnmOoD9j4t2YLkGwIDAQABAoIBAQCZ5kfbNUU2Xd6X
|
||||
DoqqHNSDdrKuP+Om82QY/RaoyPBT309R6mdw27Rsp79tU5J1g786FmkkbViLKvsX
|
||||
4sgH2nAOA00PNLVphmo1wJ2HTUibvaCKVYW2v4xnOncBGkbP3uAECngdvEjTnMe1
|
||||
19SvzHoOE6xLJNZpdvOGOg3uizvvBVJbLg2osrJXacoulOjjpd5YCVJQT9vDKhUa
|
||||
aq7CmInYfOM2flcAo7nLHWP7Jr4FX4me50lrYuzBOaJWLHcQH/mZriTgI8cXCoJx
|
||||
fk0Lav38z6BgYumREa0OOGDVkNuxde5KSdcFUUEEfvtPSnruVwdNHja3z3d4Y1Bx
|
||||
ca1khx4JAoGBAMMFbbFRQwtxTED75dr8qXZE8kJNmIvPC1og3zRjsN0aVaUltRFl
|
||||
pj+/HZXOAxU+uc4ac7vzD/5ysSHhp2rrzVglBveSlM7U88KcEYI+Yu2KzM12UMkT
|
||||
lIWQDtfIpnvXPwnMsde9JzQvXeeyEhy6IBDwtRg3UaNdday/+V9bKUznAoGBAPNy
|
||||
NPsFtdQuT0FU8W3ehPw7dkBZl8YGy3YQxMh8IcThx4NRJHkK0yTV3/zg8owW6WvN
|
||||
EPhEIWQ4u9szf4zPoCHbckEScLeDYlc/hyf2hmQdlYQTyZXE+nou1VYawlv9mJJ1
|
||||
88Sct0ygmVcCcdCsi68abOijs+TJrGsI+cjKzTStAoGAd45vZeIMeQpXFguXKT31
|
||||
4aR44/7QAv3F1tYKIALxnUqUsK7CJ00qsy/Fwl3OdArFO73pr5Jd/r5vKvc8fIbc
|
||||
lynz8HhzM61HVsn4zeDTIw8RaPAcrHiNd6gOAWln7snRQn+zky/Jxes35V+8TNIp
|
||||
8FiwnIzlRoJ4LpRuG3A2jIcCgYEAqRroGoa4647Plv4+RqePkPZtCf4yI2iM5JJ5
|
||||
Xxp7CpwbTuiKgVo3mRrH4I0RbqZrtmpYI1yQJWITfAylyVZgUaRyFSmOCqvFH/4N
|
||||
EIF6kQjL11c3bEXMCBuILaug3u2lkfdFQYnq+duFKJ+WF/IDhbrBdEhiqcY9coxl
|
||||
lkjpinECgYEAkZO0XS0Z7KfFgSMQ2uFK8MO7naQM5kg+8H26HPuNWRmlkRDR7tOI
|
||||
gQcwSbx7vqT5JJM/bSWI49b2Q19QncFJ0A8/P3/3dncFQ8QMsfMVzmhHvcn2SthU
|
||||
Eh0aoOwi7rPYNiCTd/3y04x42a/hmo8rmcXOodZvnewOFbDu/s/m7ig=
|
||||
-----END RSA PRIVATE KEY-----
|
||||
|
|
@ -1,19 +0,0 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIDBzCCAe+gAwIBAgICAO4wDQYJKoZIhvcNAQELBQAwDjEMMAoGA1UEAwwDMjM4
|
||||
MB4XDTE1MDYxMzAwMTU1NVoXDTE2MDYxMjAwMTU1NVowDjEMMAoGA1UEAwwDMjM4
|
||||
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvP9z1YFDa1WD9hVI9W3K
|
||||
lWQmUGfLW35x6xkgDm8o3OTWR2QoxjXratacKhm2VevV22QjCBvHXeHx3fxSp5w/
|
||||
p4CH+Ul76wCq3+WAPidO42YCP7SZdqYUR4GHKQ/oOyistRAKEamg4aPAbIs7l1Kn
|
||||
T5YHFdSzCWpe6F2+ceoluvKEn6vFVloXKghaeEyTDKnnJKs3/04TdtZjVM5OObvQ
|
||||
CGFlQlysDJxWahtVM93gylB8WYgyiekDAx1I3lCd3Vv0hF+x04xT3fwVRzmaKNzT
|
||||
wN+znae643Qfg2oSSLV066K2WYepgzqKwv3IUdrLbes331AMs+FbdxHanMrOU1i+
|
||||
OQIDAQABo28wbTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSOiDuzx4mEC9Io
|
||||
y+7rEdnE+eeOyDAfBgNVHSMEGDAWgBSOiDuzx4mEC9Ioy+7rEdnE+eeOyDAaBgNV
|
||||
HREEEzARgg9iYWQuZXhhbXBsZS5jb20wDQYJKoZIhvcNAQELBQADggEBAJQA/7+n
|
||||
S9AiB9YduVEs2TB7+62N59yACxd1y5qnmSLEeI9yXZnqQGugNxw7cl3CgFDWLNxB
|
||||
8Q3hH5B0fYh2Ydqf8lrEYNH3ilsmqCQB3mHUlYtLLnVarzSPrFgxaBrRaGsAAaVd
|
||||
neC5QCaxLFzzQI9gmyp6n7T2CATOk94vrrZJmfzpCMMRPHY7XgM15HDefXeH1+/Z
|
||||
GESSM/YAD6rdojZVLwxTuzVVRm5+6NfnFG938SYir0aqYvFd0bxrdgTl1XR3sAip
|
||||
iwuI3ku943Thbmyp/fEBUE2unvf+wbX+3Vzq52NadPcUrsNwJAR/kGdmTzcsiCIA
|
||||
UL+BLF470rQo29w=
|
||||
-----END CERTIFICATE-----
|
||||
|
|
@ -1,28 +0,0 @@
|
|||
-----BEGIN PRIVATE KEY-----
|
||||
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8/3PVgUNrVYP2
|
||||
FUj1bcqVZCZQZ8tbfnHrGSAObyjc5NZHZCjGNetq1pwqGbZV69XbZCMIG8dd4fHd
|
||||
/FKnnD+ngIf5SXvrAKrf5YA+J07jZgI/tJl2phRHgYcpD+g7KKy1EAoRqaDho8Bs
|
||||
izuXUqdPlgcV1LMJal7oXb5x6iW68oSfq8VWWhcqCFp4TJMMqeckqzf/ThN21mNU
|
||||
zk45u9AIYWVCXKwMnFZqG1Uz3eDKUHxZiDKJ6QMDHUjeUJ3dW/SEX7HTjFPd/BVH
|
||||
OZoo3NPA37Odp7rjdB+DahJItXTrorZZh6mDOorC/chR2stt6zffUAyz4Vt3Edqc
|
||||
ys5TWL45AgMBAAECggEAc1PSJCt/r2R8ZNJyNclsQCLfulrL3aXX7+TiCczM+5Xs
|
||||
J543v1Oxtv0ESDBuchm54ulE8zK4QlKYm6PX8A1JTnYBAx5TLoC2xG8wBT1JRzu9
|
||||
DZCvwJXxc/zXNDhPtqHIWahS7Jo84NNinRmNIHbAP7FF241yPsGY7mQdzTdbFKrR
|
||||
JH0l7VPCY4OG+CjxUJqoNuwkfrNh0hRh02IHU/rFlgR2Q7JP0XBwuufW1M6j7fYM
|
||||
7PGZRA+6Ry72UcaCEVuOtGlz3wLrFq6CGTGWlUehQqch+nrTri0jMSH4Bd83mLz2
|
||||
8+X0y/EONQlirbHbJxXq+mLASHrp3KCtdpCiLKcX8QKBgQDr+TNqLa7PIOhlw29A
|
||||
RftunKwEdsi9uAg3jFSpHC/jLxR4/fUiz2XZrAfHNxn7mOK72V/9pj9zshLnxeSm
|
||||
jEelEB2bABX8RhD38SUxoHoiWmqpPVOtBSXvMSQEO0F/1hGlxndHwe9mE2Zyq3eV
|
||||
9MoJVeExkCP3Bxk9tjZfj4WC9QKBgQDNCab2WjLy7T9Bfmh2RmWXckzUMphYCLpX
|
||||
CGG2O5nH2zOPAOxUpyLFDq3/WkzPnCdWOveI/LlZmkcjdslWp3tizk5kE1zgaFbO
|
||||
s+7o/cYVrU5J3+kIq563ba7/xZ7wpfkg58milUWStpjQrB0H5tSlUEoC7fJ/GjHd
|
||||
5j1raKQrtQKBgF9elSgJlIgD/cj7JqBsaET5LxCSzWjX0wJYRfMfAD+qTHTl9sf9
|
||||
2GUUAQTDwU2NKb3QCdqi8SwaQUfJFDM3qNEOZVi6vSf7TWpX3Ldk61etAUSrE4Fu
|
||||
/jjgvHS1WjCHXRSJ1LV8rPutRY98u1Uw3OLPAbedUNvK06m8VddjUwttAoGAAmca
|
||||
jciA0Ff3Zc0VbE1m419zhwkQv/daN6rhekE4jB8Fe6eHHXbX8Xc6ksN8IvKxg1Et
|
||||
lW1gvqwQKVo7Acj0qTPBt2qCrB6M5d817YULzTU6taLqGC/qrDuc0WJ/elJ3mOse
|
||||
cclOB2ocYFWkAXOzCjzmoSIotVSZQQBxt9CCHAECgYEA01w8tKVCG2ucbC1GoCl0
|
||||
t2MRmLqiRqRrn53fJ6j56fDbdLmnRAaaD1slZ0jpLk7JoDKGmNG2Rl9UXuydPaNZ
|
||||
8h1Lu+CnhG50uOF3A/OIXsBiRsAgI2ez4/Jb+lNe3l3UcPV5gyGejAiymqRigbkn
|
||||
bcixOm4jdOWV5Bpfv65AivQ=
|
||||
-----END PRIVATE KEY-----
|
||||
|
|
@ -1,29 +0,0 @@
|
|||
Produced by:
|
||||
js test.js --agree --email jsha@newview.org --domains not-an-example.com --certFile cert.der --certKey ../../wfe/test/178.key
|
||||
openssl x509 -text -inform der -in cert.der -outform pem -out ../../wfe/test/not-an-example.com.crt
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIEYzCCA0ugAwIBAgIRAP8AAAAAAAAOS09n2G6BjEYwDQYJKoZIhvcNAQELBQAw
|
||||
HzEdMBsGA1UEAwwUaGFwcHkgaGFja2VyIGZha2UgQ0EwHhcNMTUwOTA5MjI1NjAw
|
||||
WhcNMTUxMjA4MjI1NjAwWjAdMRswGQYDVQQDExJub3QtYW4tZXhhbXBsZS5jb20w
|
||||
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaqzue57mgXEoGTZZoVkkC
|
||||
ZraebWgXI8irX2BgQB1A3iZa9onxGPMcWQMxhSuUisbEJi4UkMcVST12HX01rUwh
|
||||
j41UuBxJvI1w4wvdstssTAaa9c9tsQ5+UED2bFRL1MsyBdbmCF/+pu3i+ZIYqWgi
|
||||
KbjVBe3nlAVbo77zizwp3Y4Tp1/TBOwTAuFkHePmkNT63uPm9My/hNzsSm1o+Q51
|
||||
9Cf7ry+JQmOVgz/jIgFVGFYJ17EV3KUIpUuDShuyCFATBQspgJSN2DoXRUlQjXXk
|
||||
NTj23OxxdT/cVLcLJjytyG6e5izME2R2aCkDBWIc1a4/sRJ0R396auPXG6KhJ7o/
|
||||
AgMBAAGjggGaMIIBljAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH
|
||||
AwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFBGkJtghSl97/bTR
|
||||
dyy0TaneZhnDMB8GA1UdIwQYMBaAFPt4TxL5YBWDLJ8XfzQZsy426kGJMGoGCCsG
|
||||
AQUFBwEBBF4wXDAmBggrBgEFBQcwAYYaaHR0cDovL2xvY2FsaG9zdDo0MDAyL29j
|
||||
c3AwMgYIKwYBBQUHMAKGJmh0dHA6Ly9sb2NhbGhvc3Q6NDAwMC9hY21lL2lzc3Vl
|
||||
ci1jZXJ0MB0GA1UdEQQWMBSCEm5vdC1hbi1leGFtcGxlLmNvbTAnBgNVHR8EIDAe
|
||||
MBygGqAYhhZodHRwOi8vZXhhbXBsZS5jb20vY3JsMGMGA1UdIARcMFowCgYGZ4EM
|
||||
AQIBMAAwTAYDKgMEMEUwIgYIKwYBBQUHAgEWFmh0dHA6Ly9leGFtcGxlLmNvbS9j
|
||||
cHMwHwYIKwYBBQUHAgIwEwwRRG8gV2hhdCBUaG91IFdpbHQwDQYJKoZIhvcNAQEL
|
||||
BQADggEBAJTSscrGO1ymwZ+rMF+mfVeHfplfyMzZ/6SZyvaYgO9DLr42KIETdHBg
|
||||
Y9AZ6aOKboN/hY98kb9mQ0BpOCsSaCkgTsqCjw3szsRd/FMgUSVn36vFpbX2f5oD
|
||||
gF40N/51EN5Efbe7aN4Oxmcgijh4IY2sczcskJixAd9T/hjVtv160LJ0xcHRrfji
|
||||
u/Tc2E0q+E5k4V91D2HajwU6qcGbap02JI+pX/Oq4S36yfggIUyowmXQw4nm1cb0
|
||||
cFXwrMzg+XtDHj+Ex+yBlauq+MP1rjXiHrNIO2hIiyRU9jdxfITAE4DmqEzEBZKY
|
||||
NORfB6suv4wLnAlsLbPJEdsraq4/IiU=
|
||||
-----END CERTIFICATE-----
|
||||
|
|
@ -2659,10 +2659,9 @@ func TestFinalizeOrder(t *testing.T) {
|
|||
targetPath := "1/1"
|
||||
signedURL := fmt.Sprintf("http://%s/%s", targetHost, targetPath)
|
||||
|
||||
// openssl req -outform der -new -nodes -key wfe/test/178.key -subj /CN=not-an-example.com | b64url
|
||||
// a valid CSR
|
||||
// This example is a well-formed CSR for the name "example.com".
|
||||
goodCertCSRPayload := `{
|
||||
"csr": "MIICYjCCAUoCAQAwHTEbMBkGA1UEAwwSbm90LWFuLWV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqs7nue5oFxKBk2WaFZJAma2nm1oFyPIq19gYEAdQN4mWvaJ8RjzHFkDMYUrlIrGxCYuFJDHFUk9dh19Na1MIY-NVLgcSbyNcOML3bLbLEwGmvXPbbEOflBA9mxUS9TLMgXW5ghf_qbt4vmSGKloIim41QXt55QFW6O-84s8Kd2OE6df0wTsEwLhZB3j5pDU-t7j5vTMv4Tc7EptaPkOdfQn-68viUJjlYM_4yIBVRhWCdexFdylCKVLg0obsghQEwULKYCUjdg6F0VJUI115DU49tzscXU_3FS3CyY8rchunuYszBNkdmgpAwViHNWuP7ESdEd_emrj1xuioSe6PwIDAQABoAAwDQYJKoZIhvcNAQELBQADggEBAE_T1nWU38XVYL28hNVSXU0rW5IBUKtbvr0qAkD4kda4HmQRTYkt-LNSuvxoZCC9lxijjgtJi-OJe_DCTdZZpYzewlVvcKToWSYHYQ6Wm1-fxxD_XzphvZOujpmBySchdiz7QSVWJmVZu34XD5RJbIcrmj_cjRt42J1hiTFjNMzQu9U6_HwIMmliDL-soFY2RTvvZf-dAFvOUQ-Wbxt97eM1PbbmxJNWRhbAmgEpe9PWDPTpqV5AK56VAa991cQ1P8ZVmPss5hvwGWhOtpnpTZVHN3toGNYFKqxWPboirqushQlfKiFqT9rpRgM3-mFjOHidGqsKEkTdmfSVlVEk3oo="
|
||||
"csr": "MIHRMHgCAQAwFjEUMBIGA1UEAxMLZXhhbXBsZS5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ2hlvArQl5k0L1eF1vF5dwr7ASm2iKqibmauund-z3QJpuudnNEjlyOXi-IY1rxyhehRrtbm_bbcNCtZLgbkPvoAAwCgYIKoZIzj0EAwIDSQAwRgIhAJ8z2EDll2BvoNRotAknEfrqeP6K5CN1NeVMB4QOu0G1AiEAqAVpiGwNyV7SEZ67vV5vyuGsKPAGnqrisZh5Vg5JKHE="
|
||||
}`
|
||||
|
||||
egUrl := mustParseURL("1/1")
|
||||
|
|
@ -3367,11 +3366,9 @@ func TestFinalizeSCTError(t *testing.T) {
|
|||
// Create a response writer to capture the WFE response
|
||||
responseWriter := httptest.NewRecorder()
|
||||
|
||||
// Example CSR payload taken from `TestFinalizeOrder`
|
||||
// openssl req -outform der -new -nodes -key wfe/test/178.key -subj /CN=not-an-example.com | b64url
|
||||
// a valid CSR
|
||||
// This example is a well-formed CSR for the name "example.com".
|
||||
goodCertCSRPayload := `{
|
||||
"csr": "MIICYjCCAUoCAQAwHTEbMBkGA1UEAwwSbm90LWFuLWV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqs7nue5oFxKBk2WaFZJAma2nm1oFyPIq19gYEAdQN4mWvaJ8RjzHFkDMYUrlIrGxCYuFJDHFUk9dh19Na1MIY-NVLgcSbyNcOML3bLbLEwGmvXPbbEOflBA9mxUS9TLMgXW5ghf_qbt4vmSGKloIim41QXt55QFW6O-84s8Kd2OE6df0wTsEwLhZB3j5pDU-t7j5vTMv4Tc7EptaPkOdfQn-68viUJjlYM_4yIBVRhWCdexFdylCKVLg0obsghQEwULKYCUjdg6F0VJUI115DU49tzscXU_3FS3CyY8rchunuYszBNkdmgpAwViHNWuP7ESdEd_emrj1xuioSe6PwIDAQABoAAwDQYJKoZIhvcNAQELBQADggEBAE_T1nWU38XVYL28hNVSXU0rW5IBUKtbvr0qAkD4kda4HmQRTYkt-LNSuvxoZCC9lxijjgtJi-OJe_DCTdZZpYzewlVvcKToWSYHYQ6Wm1-fxxD_XzphvZOujpmBySchdiz7QSVWJmVZu34XD5RJbIcrmj_cjRt42J1hiTFjNMzQu9U6_HwIMmliDL-soFY2RTvvZf-dAFvOUQ-Wbxt97eM1PbbmxJNWRhbAmgEpe9PWDPTpqV5AK56VAa991cQ1P8ZVmPss5hvwGWhOtpnpTZVHN3toGNYFKqxWPboirqushQlfKiFqT9rpRgM3-mFjOHidGqsKEkTdmfSVlVEk3oo="
|
||||
"csr": "MIHRMHgCAQAwFjEUMBIGA1UEAxMLZXhhbXBsZS5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ2hlvArQl5k0L1eF1vF5dwr7ASm2iKqibmauund-z3QJpuudnNEjlyOXi-IY1rxyhehRrtbm_bbcNCtZLgbkPvoAAwCgYIKoZIzj0EAwIDSQAwRgIhAJ8z2EDll2BvoNRotAknEfrqeP6K5CN1NeVMB4QOu0G1AiEAqAVpiGwNyV7SEZ67vV5vyuGsKPAGnqrisZh5Vg5JKHE="
|
||||
}`
|
||||
|
||||
// Create a finalization request with the above payload
|
||||
|
|
|
|||
Loading…
Reference in New Issue