From: Akos Frohner Date: Thu, 28 Oct 2004 02:52:14 +0000 (+0000) Subject: "ant stage" should work X-Git-Tag: GLITE_RELEASE_1_2~26 X-Git-Url: http://scientific.zcu.cz/git/?a=commitdiff_plain;h=084d6a872ecf1830f9bdcca2768e140de6d90386;p=glite-security-test-utils.git "ant stage" should work --- diff --git a/test/big-ca/big.cert b/test/big-ca/big.cert new file mode 100644 index 0000000..fd6966f --- /dev/null +++ b/test/big-ca/big.cert @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFJjCCAw4CAQAwDQYJKoZIhvcNAQEEBQAwWTELMAkGA1UEBhMCVUcxDzANBgNV +BAcTBlRyb3BpYzEPMA0GA1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxheGF0aW9u +MRMwEQYDVQQDEwp0aGUgYmlnIENBMB4XDTA0MTAyODAyNDkzM1oXDTMyMDMxNTAy +NDkzM1owWTELMAkGA1UEBhMCVUcxDzANBgNVBAcTBlRyb3BpYzEPMA0GA1UEChMG +VXRvcGlhMRMwEQYDVQQLEwpSZWxheGF0aW9uMRMwEQYDVQQDEwp0aGUgYmlnIENB +MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0at2yBttsEeI260DTGQb +89KzAUaCBTlPTqlR586cDb7QwgSrKbf/1h43/c2DJv2YQ15dbnOEhom6ejWKNhBv +GHZArbj5Cq/x6U7VzJ9Pgzd8QbaZn0Q5evx78jzy2z5GpoG4/JMe1AN9aWqMh0hZ +lkrHYF94lauf2hshLz4XHzvn72VZxJAzUntQy+XI8tcEZp1A2j7+J7hhzaBncc7y +wu+vbN+7xhMdiina3IRuMBd5hoJJAnV9z8wh1oCtWcMFPSSHL0yMv6cNlt/Af7f4 +rSEHHvUDAUXhuVsVLFg1rOBoeiEhpECtXtS1jralkefPXdjPg1XP/TgFXeAlcANn +TdHVLLiFNh9Vw1RfU4OHEyvsIBAGltSAD5IEUZc7yr+M8CwX3jGDIGYgAhKZJ9qS +FaQV+S8qbf+mSvzyi9CeEKxFKyc3iS2rZ0UuuzhD6jo/Ql0wJ16abKJuYewhPYNG +/A43u719D9a1l2zNE+yLq+5OJgAOHauZQf57AFq0wImUi3l/tHhpLWZJk0pgthHg +6SpSyMYJ+tI3lk/NTy9BaSndTt334FtWIo9obLk8SNfzOxnkw2ehSixUSH1RpN9C +5VhpaWrxaoT2FUwsGWL94RWXpHQFfDaYEkYOFS+PYAOWsmEPFCdcqoUiGUAVnGNu +MpcZqGUKxTyiX7WjPU5woEkCAwEAATANBgkqhkiG9w0BAQQFAAOCAgEAD94Cf9Pi +HTCY/S+UBcNZCS4KYxhpnjPzSpG2E5HVysCOqJ+iEqQ3gW7avcvsya1tm9jTkBNN +RqpadY0WxIDV0ga+6768y17a34UnX9XGtq+Md5SkGiDA131pljO6dM1yECK/sngb +ilpWGrTFfWIzW8zme3y2zZtQHpXWdKc7qZrr4MTIPygScs87brOYMJT7lmGWnPPC +Pcqxwew3RijmYsIO/i2vzOs9xNMEBEpLbC46IE5F9xcG9IK/m+0MCXawZLVm/weh +G9o0QYcJFKZuCqgDhwncuq1fM1PGDB0Jkrz/uaQuVJMc2PCCdmi96svLtME2nbQZ +Rsal0AQ0EwJ5vj8rJOFeWnwOQ4MhIj+OODFoWA/oUh3po61MJeSyrRtgDCv1LMUR +VgD+uGsbLnWbtOMakSMzTRT4aH+KiV77vu/rYX3WClng7KdJzoygG9IXQWhSBV82 +RMAOjdWv2IYB0jVic8bT1FCIsoozEfsUu6bo9TH82sKOjkxGK3on/L32sRwyiFS9 +K33s76FbeNi54Rky1W935xTQD/PmkcmiKPQ4Sfz8rsd9SfxBPcWbyTbD72Uf7dU3 +VceUhLaE5SYdgHlVHUDWvF85Fe6MNXksLS2HWamcZX0I/nrTT2WFosKXbD7DCx53 +/owoCRg1v6ejCn2amEw3rKBywrOk7QRyTiY= +-----END CERTIFICATE----- diff --git a/test/big-ca/big.p12 b/test/big-ca/big.p12 new file mode 100644 index 0000000..2c62e0c Binary files /dev/null and b/test/big-ca/big.p12 differ diff --git a/test/big-ca/big.priv b/test/big-ca/big.priv new file mode 100644 index 0000000..93e9cbb --- /dev/null +++ b/test/big-ca/big.priv @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKgIBAAKCAgEA0at2yBttsEeI260DTGQb89KzAUaCBTlPTqlR586cDb7QwgSr +Kbf/1h43/c2DJv2YQ15dbnOEhom6ejWKNhBvGHZArbj5Cq/x6U7VzJ9Pgzd8QbaZ +n0Q5evx78jzy2z5GpoG4/JMe1AN9aWqMh0hZlkrHYF94lauf2hshLz4XHzvn72VZ +xJAzUntQy+XI8tcEZp1A2j7+J7hhzaBncc7ywu+vbN+7xhMdiina3IRuMBd5hoJJ +AnV9z8wh1oCtWcMFPSSHL0yMv6cNlt/Af7f4rSEHHvUDAUXhuVsVLFg1rOBoeiEh +pECtXtS1jralkefPXdjPg1XP/TgFXeAlcANnTdHVLLiFNh9Vw1RfU4OHEyvsIBAG +ltSAD5IEUZc7yr+M8CwX3jGDIGYgAhKZJ9qSFaQV+S8qbf+mSvzyi9CeEKxFKyc3 +iS2rZ0UuuzhD6jo/Ql0wJ16abKJuYewhPYNG/A43u719D9a1l2zNE+yLq+5OJgAO +HauZQf57AFq0wImUi3l/tHhpLWZJk0pgthHg6SpSyMYJ+tI3lk/NTy9BaSndTt33 +4FtWIo9obLk8SNfzOxnkw2ehSixUSH1RpN9C5VhpaWrxaoT2FUwsGWL94RWXpHQF +fDaYEkYOFS+PYAOWsmEPFCdcqoUiGUAVnGNuMpcZqGUKxTyiX7WjPU5woEkCAwEA +AQKCAgB7Y5S7nqimnPKFlQPj6OYqT0zY602JFXj+qdZxvL1JuYnRJD42hvogYBhD +XLZaM9NvkhEZ9xF+u37qfKehuXonwy+9DKZDC9gpnSNlEDwS1Ixjf7pYaCYLopqu +q/+f1r5tLtpWiZ4S1xru9q1Mz98o+0jqBkVIj3+7M0wMKVYiI3cTA2oYq2QInlmm +JMxlXPRSDykjRv77ER89i7BU4Z0r6zIpuGEg6A7ySD9sluLhmm8CIZolwE8SAufG +/GMH+CUVHnIP+9S41O7CY1s9zl6iRFWUekwSa7WzB08mkaLE4iuZ8/WAXC+rJzLR +kdtOSkVWzUkR2WZVdqpx3H8rtFUN/gcX/Eb/rWosaKJxZBEWQUbfkG36m3faYMB3 +IsioZUtCgTuz60hx7ko2tRPiNLOJv4uiyP/uNJVrIG5eAMs/tZTK8Vgy8anUXqwu +VwiUGFG0OrnWNz5g4Mqxnz8v1PuI/WjlB87ZZjMqaBbHsGRGVOHhyv7imdcfokHp +Zfg9uwYyuzXzHJfMNVr3avkE0xwNRrJFGEtBPL8iyhKLqsw5CNi64kbAgA81Zjy0 +w9gpqNCrknn+M1Hmd3CtQdOmOjXiVmDGaKTuLsfIbgKWq0NxfrXqVmycEoJxF0so +92UcSaB/w2BbZK2/nxlQiFXyM2qATSm8lGplFLL0Rhk7WLdVIQKCAQEA8cc89d4T +2y4/34QEjK2VYohQpMUHgiezSTIxRWN/qi+UgyInfIsTkKrLRny+OL8SI+SQjZA0 +smxfjtHbOSk3D/RpHb0t654ym1crQVo1aV03saaGWbbZayicxvrBghvt+AskICev +rzNpARx9gc+t9MQUCERNGwuLPhZp2RYyfQx1Y3haTOFpOrgS/GurgsGTlBAHIbF0 +XjFpDvBCEBFgr+IR5cEmOJpsubBtlgd+YnHJOyf/LHFKVZ34ewu6YsVY5/TVFWMB +14/p77QJ3A3BzTwd9x3nEtjBh6xzI2GqBego3l6610aHcbCvQc0stJVpLpnucBo+ +5nFYs0HGmyVzjwKCAQEA3gC6Q+hQznhfzpriK4/78GKVVMHwHX5J9elHbv+sUzP+ +YoG09hhNCpWgJ4ijIvsdf/HiagpuepqDJ3C5MxZTrzCFrGyTKTjC+Ii6KJHNqUjD +D3yPVEwu6eFyPdZBP0YmZo5+i9ZnLumQosz/gmQeTjvqDoLVqFTVOOwGO01/h9vy +mu+gkKsgUcDjgsowqH+1yapiajKnbc8PnW+tnFjy1KqNjpXCbWUsKS33l/FQ53+B +CTv9+EeQehwTdQS1IkwwA+Vwv0IcSx9kFnY5Yoy9FaZkDLWLeylVkHlQd6rzpkyA +4eXvm79yls8ImFbPTxMRJl/oReznaU7B6vrPUCLipwKCAQEAi94/1NiRUhXSW6LK +4vs0VVkYlglpi5Ed9bU0rbiezTxTRP1ILJNkUSeNCwz1GmzmuJ7sRQjsg1+QdFXQ +5aODOBajjNG5M/pDunvWCSt/hKGpq3rzdAkEhCptb+r2cSdpJjqDvppW1xr9nuf1 +b1hOgS/BivrARGoMNnHO8AgYUyEW8+FXE+y+7Ho6eY5sHOuRTXFsPsCi2i7pYPv6 +q8Lx1S4KPojbbJlhVpbK/qT9J0Q+Lpu30eUEJL2LVtt1Ctix0xZfAs1Q7nxR0Bqu +LYBD4k/p4eCJoeyFINDRluFT87DXm7Tfj9Q8XLfi20UvnJRm0c+5EV8NjlB6CNF/ +bJdg3wKCAQEAjM5LVczgi8Q/iAwmjVi6g+ITMvn68Mnr4SP/ocBaLT+aBiKcg0Yw +fxkdxlVcm1BIiqEBaR6KqgqcSwStAmET3NbawdzvjcKprvcRk6++kLNMvOLVCbN0 +QfUy/1OIeLhmnL+eNdVcBp4vlYKOQMZ9jkNkFaYYG7cKshrJbQ2faK0xd+GqpndT +fWbpJkhVilnOFEWUPCU6mmQtVD7ED5k/E3HFbP1Bnx7/XnMASgfNt7bgQdoiIDpL +wZdTI/JDbKiD/8SjuTsWNPOJCNIdXYtEVpn9dS4kdI5n7cV0KyJrfTuitySez9si +s9JGclEFFfNS+lL0QH2c3OcOCZrgqMQnmwKCAQEAuH+JNOzs30ymqUCNG8BdHW8I +sJYglt1SSNQrp3nFtqfBgk4LaoIwA95WwTD2mbs3o16eFCJ3w6wX38oPt8TdP7ZH +pZRBKFNG7eRjuqhUJG904RI7wk5MLKAH4YEkL7tpsGQZIiYbaadI5S9GzDgyrl7O +lrqMJNx+4Y9vgN5BPBxATIQDVgs78pbUANab91xnm8l0JpUlFsx5mrJQfqc0dipn +U5vwBg4jzg5UuP3CemS8F0KfKrjDqbiYuTeazqWhnTemjeXyzqTmUaY6r4QJJvk9 +DGT6qHCkkPQ+V13YXDZKUkq7yVSblVvOnG+W/R2DJsuECpYQaHdiZEjeuf1EZQ== +-----END RSA PRIVATE KEY----- diff --git a/test/big-ca/ca_conf.cnf b/test/big-ca/ca_conf.cnf new file mode 100644 index 0000000..6bafc6c --- /dev/null +++ b/test/big-ca/ca_conf.cnf @@ -0,0 +1,53 @@ +[ca] +default_ca = CA_default + +[CA_default] +dir = $ENV::CA_DIR +database = $dir/index.txt +serial = $dir/serial.txt + +certificate = $dir/$ENV::CATYPE.cert +private_key = $dir/$ENV::CATYPE.priv + +policy = policy_any + +[policy_any] +countryName = supplied +stateOrProvinceName = optional +localityName = optional +organizationName = optional +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +[ ca_cert ] +basicConstraints=CA:TRUE + + +[ ca_server ] +# This is OK for an SSL server. +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" + +# For an object signing certificate this would be used. +# nsCertType = objsign + +[ ca_client ] +# For normal client use this is typical +nsCertType = client, email +nsComment = "OpenSSL Generated Client Certificate" + +[ ca_clientserver ] +# For normal client use this is typical +nsCertType = server, client, email +nsComment = "OpenSSL Generated Client Server Certificate" + +# and for everything including object signing: +# nsCertType = client, email, objsign + +[ ca_client_flags ] +# This is typical in keyUsage for a client certificate. +keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +# This will be displayed in Netscape's comment listbox. +nsComment = "OpenSSL Generated Client Certificate with Flags" diff --git a/test/big-ca/index.txt b/test/big-ca/index.txt new file mode 100644 index 0000000..e69de29 diff --git a/test/big-ca/req_conf.cnf b/test/big-ca/req_conf.cnf new file mode 100644 index 0000000..28ea218 --- /dev/null +++ b/test/big-ca/req_conf.cnf @@ -0,0 +1,31 @@ +[ req ] +default_bits = $ENV::BITS +default_keyfile = keyfile.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +prompt = no +output_password = $ENV::PASSWORD +ca_cert = CA_cert + +[ req_distinguished_name ] +countryName = UG + +#stateOrProvinceName = South area + +localityName = Tropic + +organizationName = Utopia + +organizationalUnitName = Relaxation + +commonName = $ENV::CN + +#emailAddress = Email Address + +[ req_attributes ] +#challengePassword = $ENV::PASSWORD + +[ CA_cert] +basicConstraints = CA:true +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always diff --git a/test/big-ca/req_proxy_conf.cnf b/test/big-ca/req_proxy_conf.cnf new file mode 100644 index 0000000..54d9e4d --- /dev/null +++ b/test/big-ca/req_proxy_conf.cnf @@ -0,0 +1,33 @@ +[ req ] +default_bits = 1024 +default_keyfile = keyfile.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +prompt = no +output_password = $ENV::PASSWORD +ca_cert = CA_cert + +[ req_distinguished_name ] +countryName = UG + +#stateOrProvinceName = South area + +localityName = Tropic + +organizationName = Utopia + +organizationalUnitName = Relaxation + +0.commonName = $ENV::CN + +1.commonName = $ENV::PROXYNAME + +#emailAddress = Email Address + +[ req_attributes ] +#challengePassword = $ENV::PASSWORD + +[ CA_cert] +basicConstraints = CA:true +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always diff --git a/test/big-ca/req_proxy_proxy_conf.cnf b/test/big-ca/req_proxy_proxy_conf.cnf new file mode 100644 index 0000000..5f2fe0a --- /dev/null +++ b/test/big-ca/req_proxy_proxy_conf.cnf @@ -0,0 +1,35 @@ +[ req ] +default_bits = 1024 +default_keyfile = keyfile.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +prompt = no +output_password = $ENV::PASSWORD +ca_cert = CA_cert + +[ req_distinguished_name ] +countryName = UG + +#stateOrProvinceName = South area + +localityName = Tropic + +organizationName = Utopia + +organizationalUnitName = Relaxation + +0.commonName = $ENV::CN + +1.commonName = $ENV::PROXYNAME + +2.commonName = $ENV::PROXYPROXYNAME + +#emailAddress = Email Address + +[ req_attributes ] +#challengePassword = $ENV::PASSWORD + +[ CA_cert] +basicConstraints = CA:true +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always diff --git a/test/big-ca/serial.txt b/test/big-ca/serial.txt new file mode 100644 index 0000000..3dcc795 --- /dev/null +++ b/test/big-ca/serial.txt @@ -0,0 +1 @@ +0176 diff --git a/test/expired-ca/ca_conf.cnf b/test/expired-ca/ca_conf.cnf new file mode 100644 index 0000000..6bafc6c --- /dev/null +++ b/test/expired-ca/ca_conf.cnf @@ -0,0 +1,53 @@ +[ca] +default_ca = CA_default + +[CA_default] +dir = $ENV::CA_DIR +database = $dir/index.txt +serial = $dir/serial.txt + +certificate = $dir/$ENV::CATYPE.cert +private_key = $dir/$ENV::CATYPE.priv + +policy = policy_any + +[policy_any] +countryName = supplied +stateOrProvinceName = optional +localityName = optional +organizationName = optional +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +[ ca_cert ] +basicConstraints=CA:TRUE + + +[ ca_server ] +# This is OK for an SSL server. +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" + +# For an object signing certificate this would be used. +# nsCertType = objsign + +[ ca_client ] +# For normal client use this is typical +nsCertType = client, email +nsComment = "OpenSSL Generated Client Certificate" + +[ ca_clientserver ] +# For normal client use this is typical +nsCertType = server, client, email +nsComment = "OpenSSL Generated Client Server Certificate" + +# and for everything including object signing: +# nsCertType = client, email, objsign + +[ ca_client_flags ] +# This is typical in keyUsage for a client certificate. +keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +# This will be displayed in Netscape's comment listbox. +nsComment = "OpenSSL Generated Client Certificate with Flags" diff --git a/test/expired-ca/expired.cert b/test/expired-ca/expired.cert new file mode 100644 index 0000000..a4c6feb --- /dev/null +++ b/test/expired-ca/expired.cert @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICKTCCAZICAQAwDQYJKoZIhvcNAQEEBQAwXTELMAkGA1UEBhMCVUcxDzANBgNV +BAcTBlRyb3BpYzEPMA0GA1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxheGF0aW9u +MRcwFQYDVQQDEw50aGUgZXhwaXJlZCBDQTAeFw0wNDEwMjgwMjQ5MzNaFw0wNDEw +MjcwMjQ5MzNaMF0xCzAJBgNVBAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNV +BAoTBlV0b3BpYTETMBEGA1UECxMKUmVsYXhhdGlvbjEXMBUGA1UEAxMOdGhlIGV4 +cGlyZWQgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKDalz1sD+Ds5CR1 +AvST5CUKoOUoKBfnaqbYhGivGv9QK34ynYYONoBZcZGjIh/9D7n5l/lxq8NZ+4HV +GU6fDOT7mBALiiM3tyKztpD7rBxLCZ3PxsNeHxP3J5obXz44XaSBxgk3FEfX0DJJ +D4Fv7Res5FTRWUTmK+RZ8jSTflnzAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAOaoU +J+ZWcteYj09ntn58OnjbL4jRW5TYE4+vfrja9cUuKiOdjqWfHdi8fY5C58tUqFnk +iFKPzqEienR4apchZjoqWPVA2coaRAm6wwAvkePrv0hk+cuTNCVAFGo2i3PGbRo/ +BfpZaDcEgwpYn5PzLNwTEB2bK2QRbsNKX1JtR5M= +-----END CERTIFICATE----- diff --git a/test/expired-ca/expired.p12 b/test/expired-ca/expired.p12 new file mode 100644 index 0000000..1b67c40 Binary files /dev/null and b/test/expired-ca/expired.p12 differ diff --git a/test/expired-ca/expired.priv b/test/expired-ca/expired.priv new file mode 100644 index 0000000..8e4ec44 --- /dev/null +++ b/test/expired-ca/expired.priv @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXQIBAAKBgQCg2pc9bA/g7OQkdQL0k+QlCqDlKCgX52qm2IRorxr/UCt+Mp2G +DjaAWXGRoyIf/Q+5+Zf5cavDWfuB1RlOnwzk+5gQC4ojN7cis7aQ+6wcSwmdz8bD +Xh8T9yeaG18+OF2kgcYJNxRH19AySQ+Bb+0XrORU0VlE5ivkWfI0k35Z8wIDAQAB +AoGABANQEJ04jDD8xBgTOczSvUXVm8Hzthz04TK3ovDzaHk0jJJwsZ57J5qTpcF/ +IXMryET80KFQWrBNAQEy/24iYS3uN5n7GBZUxkL+115t/Ol5d0CUXE9EM4rCmW6c +O/K1NaUxvmwQto/zN0iZdzj1qMVUUyvopYAKkexiir5K8bkCQQDVm8fT/RtRiuR/ +sWOoGYrbHEmwLNjY+rvpGJg+v4X9fGAoFAF6a8RWrttvsLKreW+kYieDUtFkU6tg +m6tw+VZ/AkEAwMamcbAXzZy6Px70coS8bERFPeF8+d3qTUryA9HkjL5zurYBMNDP +zyOmuzDNcrz5xGIoQf9XX2McK9bAHldKjQJBAMCHvp8GHV9r7vRhMM/M5ekEIC7Y +3UMFC+XXMzIrclu9hPXawlJTXA49YK/U9dW0iLoDdlXZib4B5BAZf3c+ZYUCQANH +ne9TOqRx5S1LvobwQTBqXO83leO+Zc0Y2FM+T/AhEWD81bpZ4x84EQ8gPm6UTn+L +1/l/eaIS0pjgV3Zsr8UCQQCas5CoE4zmN4qbdpi4QS8nrmNUZC1LdAH1TDqT7tPG +QAnIxtPostO3tFOTcV7k6WDknahhff3CtN1GENRxXeCy +-----END RSA PRIVATE KEY----- diff --git a/test/expired-ca/index.txt b/test/expired-ca/index.txt new file mode 100644 index 0000000..e69de29 diff --git a/test/expired-ca/req_conf.cnf b/test/expired-ca/req_conf.cnf new file mode 100644 index 0000000..28ea218 --- /dev/null +++ b/test/expired-ca/req_conf.cnf @@ -0,0 +1,31 @@ +[ req ] +default_bits = $ENV::BITS +default_keyfile = keyfile.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +prompt = no +output_password = $ENV::PASSWORD +ca_cert = CA_cert + +[ req_distinguished_name ] +countryName = UG + +#stateOrProvinceName = South area + +localityName = Tropic + +organizationName = Utopia + +organizationalUnitName = Relaxation + +commonName = $ENV::CN + +#emailAddress = Email Address + +[ req_attributes ] +#challengePassword = $ENV::PASSWORD + +[ CA_cert] +basicConstraints = CA:true +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always diff --git a/test/expired-ca/req_proxy_conf.cnf b/test/expired-ca/req_proxy_conf.cnf new file mode 100644 index 0000000..54d9e4d --- /dev/null +++ b/test/expired-ca/req_proxy_conf.cnf @@ -0,0 +1,33 @@ +[ req ] +default_bits = 1024 +default_keyfile = keyfile.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +prompt = no +output_password = $ENV::PASSWORD +ca_cert = CA_cert + +[ req_distinguished_name ] +countryName = UG + +#stateOrProvinceName = South area + +localityName = Tropic + +organizationName = Utopia + +organizationalUnitName = Relaxation + +0.commonName = $ENV::CN + +1.commonName = $ENV::PROXYNAME + +#emailAddress = Email Address + +[ req_attributes ] +#challengePassword = $ENV::PASSWORD + +[ CA_cert] +basicConstraints = CA:true +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always diff --git a/test/expired-ca/req_proxy_proxy_conf.cnf b/test/expired-ca/req_proxy_proxy_conf.cnf new file mode 100644 index 0000000..5f2fe0a --- /dev/null +++ b/test/expired-ca/req_proxy_proxy_conf.cnf @@ -0,0 +1,35 @@ +[ req ] +default_bits = 1024 +default_keyfile = keyfile.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +prompt = no +output_password = $ENV::PASSWORD +ca_cert = CA_cert + +[ req_distinguished_name ] +countryName = UG + +#stateOrProvinceName = South area + +localityName = Tropic + +organizationName = Utopia + +organizationalUnitName = Relaxation + +0.commonName = $ENV::CN + +1.commonName = $ENV::PROXYNAME + +2.commonName = $ENV::PROXYPROXYNAME + +#emailAddress = Email Address + +[ req_attributes ] +#challengePassword = $ENV::PASSWORD + +[ CA_cert] +basicConstraints = CA:true +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always diff --git a/test/expired-ca/serial.txt b/test/expired-ca/serial.txt new file mode 100644 index 0000000..3dcc795 --- /dev/null +++ b/test/expired-ca/serial.txt @@ -0,0 +1 @@ +0176 diff --git a/test/fake-ca/ca_conf.cnf b/test/fake-ca/ca_conf.cnf new file mode 100644 index 0000000..6bafc6c --- /dev/null +++ b/test/fake-ca/ca_conf.cnf @@ -0,0 +1,53 @@ +[ca] +default_ca = CA_default + +[CA_default] +dir = $ENV::CA_DIR +database = $dir/index.txt +serial = $dir/serial.txt + +certificate = $dir/$ENV::CATYPE.cert +private_key = $dir/$ENV::CATYPE.priv + +policy = policy_any + +[policy_any] +countryName = supplied +stateOrProvinceName = optional +localityName = optional +organizationName = optional +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +[ ca_cert ] +basicConstraints=CA:TRUE + + +[ ca_server ] +# This is OK for an SSL server. +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" + +# For an object signing certificate this would be used. +# nsCertType = objsign + +[ ca_client ] +# For normal client use this is typical +nsCertType = client, email +nsComment = "OpenSSL Generated Client Certificate" + +[ ca_clientserver ] +# For normal client use this is typical +nsCertType = server, client, email +nsComment = "OpenSSL Generated Client Server Certificate" + +# and for everything including object signing: +# nsCertType = client, email, objsign + +[ ca_client_flags ] +# This is typical in keyUsage for a client certificate. +keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +# This will be displayed in Netscape's comment listbox. +nsComment = "OpenSSL Generated Client Certificate with Flags" diff --git a/test/fake-ca/fake.cert b/test/fake-ca/fake.cert new file mode 100644 index 0000000..b686366 --- /dev/null +++ b/test/fake-ca/fake.cert @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICIzCCAYwCAQAwDQYJKoZIhvcNAQEEBQAwWjELMAkGA1UEBhMCVUcxDzANBgNV +BAcTBlRyb3BpYzEPMA0GA1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxheGF0aW9u +MRQwEgYDVQQDEwt0aGUgZmFrZSBDQTAeFw0wNDEwMjgwMjQ5MjNaFw0zMjAzMTUw +MjQ5MjNaMFoxCzAJBgNVBAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNVBAoT +BlV0b3BpYTETMBEGA1UECxMKUmVsYXhhdGlvbjEUMBIGA1UEAxMLdGhlIGZha2Ug +Q0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN2cPdeBM7VJMfI9Gm6wCK6Z +VTVU2MgLkx+SVAt0Q7j4+m/iO2VAFNa4IAVAX/DG71D/yqCmvjzmQkXrbnZ48VFJ +GHQyIEq9uxGVSKefH1AP03+UOcO53KoyfXoRU9BVxV2Py9hHevVJ9+X352E4TXlm +O5EQCF5dljjU4hH1O3TVAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAr9q34tLFrY4Z +DD5JxlwuEzTnlC6x2Or7FL52Mup2uo8M8gXJXEReZmfjJi326ASQUEdsZD4adcCJ +aUB85qWHaQy94uO1KR0uNPGZkyTWffoYf8Jv91mENSQ+TjQA18JKUFsuWsdOebk5 +CY48OtNkkt5rDVFqutHqphwOGGbC02w= +-----END CERTIFICATE----- diff --git a/test/fake-ca/fake.p12 b/test/fake-ca/fake.p12 new file mode 100644 index 0000000..e4fe823 Binary files /dev/null and b/test/fake-ca/fake.p12 differ diff --git a/test/fake-ca/fake.priv b/test/fake-ca/fake.priv new file mode 100644 index 0000000..fd459d5 --- /dev/null +++ b/test/fake-ca/fake.priv @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXwIBAAKBgQDdnD3XgTO1STHyPRpusAiumVU1VNjIC5MfklQLdEO4+Ppv4jtl +QBTWuCAFQF/wxu9Q/8qgpr485kJF6252ePFRSRh0MiBKvbsRlUinnx9QD9N/lDnD +udyqMn16EVPQVcVdj8vYR3r1Sffl9+dhOE15ZjuREAheXZY41OIR9Tt01QIDAQAB +AoGBAM/1mqLs/9UTRueHJ5LPZpZSFX/iizvOgNWTv4KwLA0cuAbeSdaN+AA28PV8 +n4uXY2SjZUa0srj7ax2p/RL4E5rw0bwDImfZh1Sbf7jTNviU/sKwqW6MGuCAQhHS +j+wA3oCBda7p1v+FMQccbsM5CDTVYrPbhEouUi1Pg8SW23aBAkEA88Y/Ojj7bCf3 +RYAYgRCkhSV4eljrJDOwnzxX7WIuGf6A30UJ1epXWU2NQA3AmLq+X6gAKFqsyP2/ +/6buGgeXSQJBAOi5b5uEXFbsPXtwfmNfsRpkZqS+AAGhy8pKO4NTqR+cTEObb0nc +xS8vdx2gUXOVzZnVpXWBi9+BGKt3oWw19S0CQQCF8roNWQA2FuPVSaStTqLIEqXX +vIJAWzLC3JqH8rnYSLMxe7MC2whyJp3lw2i/w2UWFK85fVGSA3R7mpMctG0ZAkEA +rAI7Oo/nDBwKCU2JLPvSU7Z3ozYHnS0wCfE58YQJUaLdP28IH2i8mXaUrOIMsci8 +MQKXC7XXYzfwuvNt7SQodQJBANQChuUPRyft5ygT0sXDCujl1YtHKWtCysUetn7J +JPRzuTr82WyF29EKK7V0Z0X2pCCq7vXtjbj8b8WeBEBw7rw= +-----END RSA PRIVATE KEY----- diff --git a/test/fake-ca/index.txt b/test/fake-ca/index.txt new file mode 100644 index 0000000..e69de29 diff --git a/test/fake-ca/req_conf.cnf b/test/fake-ca/req_conf.cnf new file mode 100644 index 0000000..28ea218 --- /dev/null +++ b/test/fake-ca/req_conf.cnf @@ -0,0 +1,31 @@ +[ req ] +default_bits = $ENV::BITS +default_keyfile = keyfile.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +prompt = no +output_password = $ENV::PASSWORD +ca_cert = CA_cert + +[ req_distinguished_name ] +countryName = UG + +#stateOrProvinceName = South area + +localityName = Tropic + +organizationName = Utopia + +organizationalUnitName = Relaxation + +commonName = $ENV::CN + +#emailAddress = Email Address + +[ req_attributes ] +#challengePassword = $ENV::PASSWORD + +[ CA_cert] +basicConstraints = CA:true +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always diff --git a/test/fake-ca/req_proxy_conf.cnf b/test/fake-ca/req_proxy_conf.cnf new file mode 100644 index 0000000..54d9e4d --- /dev/null +++ b/test/fake-ca/req_proxy_conf.cnf @@ -0,0 +1,33 @@ +[ req ] +default_bits = 1024 +default_keyfile = keyfile.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +prompt = no +output_password = $ENV::PASSWORD +ca_cert = CA_cert + +[ req_distinguished_name ] +countryName = UG + +#stateOrProvinceName = South area + +localityName = Tropic + +organizationName = Utopia + +organizationalUnitName = Relaxation + +0.commonName = $ENV::CN + +1.commonName = $ENV::PROXYNAME + +#emailAddress = Email Address + +[ req_attributes ] +#challengePassword = $ENV::PASSWORD + +[ CA_cert] +basicConstraints = CA:true +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always diff --git a/test/fake-ca/req_proxy_proxy_conf.cnf b/test/fake-ca/req_proxy_proxy_conf.cnf new file mode 100644 index 0000000..5f2fe0a --- /dev/null +++ b/test/fake-ca/req_proxy_proxy_conf.cnf @@ -0,0 +1,35 @@ +[ req ] +default_bits = 1024 +default_keyfile = keyfile.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +prompt = no +output_password = $ENV::PASSWORD +ca_cert = CA_cert + +[ req_distinguished_name ] +countryName = UG + +#stateOrProvinceName = South area + +localityName = Tropic + +organizationName = Utopia + +organizationalUnitName = Relaxation + +0.commonName = $ENV::CN + +1.commonName = $ENV::PROXYNAME + +2.commonName = $ENV::PROXYPROXYNAME + +#emailAddress = Email Address + +[ req_attributes ] +#challengePassword = $ENV::PASSWORD + +[ CA_cert] +basicConstraints = CA:true +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always diff --git a/test/fake-ca/serial.txt b/test/fake-ca/serial.txt new file mode 100644 index 0000000..3dcc795 --- /dev/null +++ b/test/fake-ca/serial.txt @@ -0,0 +1 @@ +0176 diff --git a/test/trusted-ca/ca_conf.cnf b/test/trusted-ca/ca_conf.cnf new file mode 100644 index 0000000..6bafc6c --- /dev/null +++ b/test/trusted-ca/ca_conf.cnf @@ -0,0 +1,53 @@ +[ca] +default_ca = CA_default + +[CA_default] +dir = $ENV::CA_DIR +database = $dir/index.txt +serial = $dir/serial.txt + +certificate = $dir/$ENV::CATYPE.cert +private_key = $dir/$ENV::CATYPE.priv + +policy = policy_any + +[policy_any] +countryName = supplied +stateOrProvinceName = optional +localityName = optional +organizationName = optional +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +[ ca_cert ] +basicConstraints=CA:TRUE + + +[ ca_server ] +# This is OK for an SSL server. +nsCertType = server +nsComment = "OpenSSL Generated Server Certificate" + +# For an object signing certificate this would be used. +# nsCertType = objsign + +[ ca_client ] +# For normal client use this is typical +nsCertType = client, email +nsComment = "OpenSSL Generated Client Certificate" + +[ ca_clientserver ] +# For normal client use this is typical +nsCertType = server, client, email +nsComment = "OpenSSL Generated Client Server Certificate" + +# and for everything including object signing: +# nsCertType = client, email, objsign + +[ ca_client_flags ] +# This is typical in keyUsage for a client certificate. +keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +# This will be displayed in Netscape's comment listbox. +nsComment = "OpenSSL Generated Client Certificate with Flags" diff --git a/test/trusted-ca/index.txt b/test/trusted-ca/index.txt new file mode 100644 index 0000000..e69de29 diff --git a/test/trusted-ca/req_conf.cnf b/test/trusted-ca/req_conf.cnf new file mode 100644 index 0000000..28ea218 --- /dev/null +++ b/test/trusted-ca/req_conf.cnf @@ -0,0 +1,31 @@ +[ req ] +default_bits = $ENV::BITS +default_keyfile = keyfile.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +prompt = no +output_password = $ENV::PASSWORD +ca_cert = CA_cert + +[ req_distinguished_name ] +countryName = UG + +#stateOrProvinceName = South area + +localityName = Tropic + +organizationName = Utopia + +organizationalUnitName = Relaxation + +commonName = $ENV::CN + +#emailAddress = Email Address + +[ req_attributes ] +#challengePassword = $ENV::PASSWORD + +[ CA_cert] +basicConstraints = CA:true +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always diff --git a/test/trusted-ca/req_proxy_conf.cnf b/test/trusted-ca/req_proxy_conf.cnf new file mode 100644 index 0000000..54d9e4d --- /dev/null +++ b/test/trusted-ca/req_proxy_conf.cnf @@ -0,0 +1,33 @@ +[ req ] +default_bits = 1024 +default_keyfile = keyfile.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +prompt = no +output_password = $ENV::PASSWORD +ca_cert = CA_cert + +[ req_distinguished_name ] +countryName = UG + +#stateOrProvinceName = South area + +localityName = Tropic + +organizationName = Utopia + +organizationalUnitName = Relaxation + +0.commonName = $ENV::CN + +1.commonName = $ENV::PROXYNAME + +#emailAddress = Email Address + +[ req_attributes ] +#challengePassword = $ENV::PASSWORD + +[ CA_cert] +basicConstraints = CA:true +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always diff --git a/test/trusted-ca/req_proxy_proxy_conf.cnf b/test/trusted-ca/req_proxy_proxy_conf.cnf new file mode 100644 index 0000000..5f2fe0a --- /dev/null +++ b/test/trusted-ca/req_proxy_proxy_conf.cnf @@ -0,0 +1,35 @@ +[ req ] +default_bits = 1024 +default_keyfile = keyfile.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +prompt = no +output_password = $ENV::PASSWORD +ca_cert = CA_cert + +[ req_distinguished_name ] +countryName = UG + +#stateOrProvinceName = South area + +localityName = Tropic + +organizationName = Utopia + +organizationalUnitName = Relaxation + +0.commonName = $ENV::CN + +1.commonName = $ENV::PROXYNAME + +2.commonName = $ENV::PROXYPROXYNAME + +#emailAddress = Email Address + +[ req_attributes ] +#challengePassword = $ENV::PASSWORD + +[ CA_cert] +basicConstraints = CA:true +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always diff --git a/test/trusted-ca/serial.txt b/test/trusted-ca/serial.txt new file mode 100644 index 0000000..3dcc795 --- /dev/null +++ b/test/trusted-ca/serial.txt @@ -0,0 +1 @@ +0176 diff --git a/test/trusted-ca/trusted.cert b/test/trusted-ca/trusted.cert new file mode 100644 index 0000000..2c47081 --- /dev/null +++ b/test/trusted-ca/trusted.cert @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICKTCCAZICAQAwDQYJKoZIhvcNAQEEBQAwXTELMAkGA1UEBhMCVUcxDzANBgNV +BAcTBlRyb3BpYzEPMA0GA1UEChMGVXRvcGlhMRMwEQYDVQQLEwpSZWxheGF0aW9u +MRcwFQYDVQQDEw50aGUgdHJ1c3RlZCBDQTAeFw0wNDEwMjgwMjQ5MjJaFw0zMjAz +MTUwMjQ5MjJaMF0xCzAJBgNVBAYTAlVHMQ8wDQYDVQQHEwZUcm9waWMxDzANBgNV +BAoTBlV0b3BpYTETMBEGA1UECxMKUmVsYXhhdGlvbjEXMBUGA1UEAxMOdGhlIHRy +dXN0ZWQgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALgEMG9x0czvTKUS +28+4YZhuSnVTCf8+OyfoD+7rLOdK1YzXlbtt2A8wSwbGsRlYv7J/NvogSTIU9tj3 +EL9pVfcIaiYWL12VgJpeAkQ4gqA7WikXLlnD1tShtR1tGGANpr3ZvpKaq/ge/k9E +dhbdyQqikif36o7+c+Msqz0XfmfNAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAWkKu +hUC4D3SWfg3JBZceMU4TNE7K0Nt6gdFypJA2ikR0lMLy+ai9vtwU+QF1Ch4zDM9a +lWXHw8RmFgUDdvndWQV8JcwhaUSqxrKvNvfzoZAxGZxUOuwETy8MhpNiwD+gBeae +aL4peenUEfIa6mPRbGOoD8kOxjyACwr0r0+DUAY= +-----END CERTIFICATE----- diff --git a/test/trusted-ca/trusted.p12 b/test/trusted-ca/trusted.p12 new file mode 100644 index 0000000..0b068ef Binary files /dev/null and b/test/trusted-ca/trusted.p12 differ diff --git a/test/trusted-ca/trusted.priv b/test/trusted-ca/trusted.priv new file mode 100644 index 0000000..2a1c60d --- /dev/null +++ b/test/trusted-ca/trusted.priv @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXAIBAAKBgQC4BDBvcdHM70ylEtvPuGGYbkp1Uwn/Pjsn6A/u6yznStWM15W7 +bdgPMEsGxrEZWL+yfzb6IEkyFPbY9xC/aVX3CGomFi9dlYCaXgJEOIKgO1opFy5Z +w9bUobUdbRhgDaa92b6Smqv4Hv5PRHYW3ckKopIn9+qO/nPjLKs9F35nzQIDAQAB +AoGAPRb+8XCK4wsqmb66BKrEk7NButN3hSomv2fWKk4e2SZJ4PkNN20PBnPU5In/ +71c8RMjg+obPZfX5wSu8fp88rzZ7u4kPZp5r2c4nlhV7GqmdlJNj7GUFgGtxVLBC ++qBh9H1v5MwEhEj1ae+uQEwJYrA+JAA+AJTRQymFDx0l4u0CQQDuIuZmoOcxK+Nd +QJvOnrJbUwq+/kgRJXObGERUFF9ZsOI9/smZxoykmUkcciWo8noTo3a3kNbUg3PO +gDQp//tPAkEAxdH8Pl17p0+kEiR6/qxg8PrwKXg2BXVdlDYsa31frTAaSHNoPP6w +uqdyOpqfQCM2ug7YziV9oOMIjmVLVZ00IwJBAMy3zAJmSNoItMkyBb+2xfWkihRv +XV0AKUYnsnXlnaLpYVWSd5VvDvFhpWyC5MU8zp2bZS+hoE3JRAE+TZndqhkCQHZU +T1B21tqT9w6rJ69jKXG8iSAlOhs1w04+wX9itXKBTZd9ASNLLifYtal8iDnzVm8h +JmrZXjZ418tlqBSEPoUCQBW/tY26rUVhjbyUk+hhayuOS3PcEU5TrZogAtD1OWbz +7pDJo48aupE/Svc59smwXQjaZjwlNA76X75ioaSSaSI= +-----END RSA PRIVATE KEY-----