[caffeine-hx] r753 committed - Crypto test files
2 views
Skip to first unread message
caffe...@googlecode.com
Aug 19, 2012, 12:44:43 AM8/19/12
to caffein...@googlegroups.com
Revision: 753
Author: damon...@gmail.com
Date: Sat Aug 18 21:44:13 2012
Log: Crypto test files
http://code.google.com/p/caffeine-hx/source/detail?r=753
Added:
/trunk/ext3/Tests/crypt/certs/demoCA
/trunk/ext3/Tests/crypt/certs/demoCA/CA.pl
/trunk/ext3/Tests/crypt/certs/demoCA/README
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/cacert.pem
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/careq.pem
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/certs
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/crl
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/crlnumber
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/index.txt
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/index.txt.attr
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/index.txt.attr.old
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/index.txt.old
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/newcerts
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/newcerts/8213D63F58CD790A.pem
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/newcerts/8213D63F58CD790B.pem
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/private
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/private/cakey.pem
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/serial
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/serial.old
/trunk/ext3/Tests/crypt/certs/demoCA/newcert.pem
/trunk/ext3/Tests/crypt/certs/demoCA/newdecrypted.pem
/trunk/ext3/Tests/crypt/certs/demoCA/newkey.pem
/trunk/ext3/Tests/crypt/certs/expired
/trunk/ext3/Tests/crypt/certs/expired/README
/trunk/ext3/Tests/crypt/certs/expired/client.pem
/trunk/ext3/Tests/crypt/certs/expired/root.pem
/trunk/ext3/Tests/crypt/certs/expired/server.pem
/trunk/ext3/Tests/crypt/certs/mail.google.com.pem
/trunk/ext3/Tests/crypt/certs/thawte2.pem
Modified:
/trunk/ext3/Tests/crypt/Makefile
/trunk/ext3/Tests/crypt/src/IVModeTest.hx
/trunk/ext3/Tests/crypt/src/RsaTest.hx
/trunk/ext3/Tests/crypt/src/X509.hx
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/CA.pl Sat Aug 18 21:44:13 2012
@@ -0,0 +1,189 @@
+#!/usr/bin/perl
+#
+# CA - wrapper around ca to make it easier to use ... basically ca requires
+# some setup stuff to be done before you can use it and this makes
+# things easier between now and when Eric is convinced to fix it :-)
+#
+# CA -newca ... will setup the right stuff
+# CA -newreq[-nodes] ... will generate a certificate request
+# CA -sign ... will sign the generated request and output
+#
+# At the end of that grab newreq.pem and newcert.pem (one has the key
+# and the other the certificate) and cat them together and that is what
+# you want/need ... I'll make even this a little cleaner later.
+#
+#
+# 12-Jan-96 tjh Added more things ... including CA -signcert which
+# converts a certificate to a request and then signs it.
+# 10-Jan-96 eay Fixed a few more bugs and added the SSLEAY_CONFIG
+# environment variable so this can be driven from
+# a script.
+# 25-Jul-96 eay Cleaned up filenames some more.
+# 11-Jun-96 eay Fixed a few filename missmatches.
+# 03-May-96 eay Modified to use 'ssleay cmd' instead of 'cmd'.
+# 18-Apr-96 tjh Original hacking
+#
+# Tim Hudson
+# t...@cryptsoft.com
+#
+
+# 27-Apr-98 snh Translation into perl, fix existing CA bug.
+#
+#
+# Steve Henson
+# she...@bigfoot.com
+
+# default openssl.cnf file has setup as per the following
+# demoCA ... where everything is stored
+
+my $openssl;
+if(defined $ENV{OPENSSL}) {
+ $openssl = $ENV{OPENSSL};
+} else {
+ $openssl = "openssl";
+ $ENV{OPENSSL} = $openssl;
+}
+
+$SSLEAY_CONFIG=$ENV{"SSLEAY_CONFIG"};
+$DAYS="-days 365"; # 1 year
+$CADAYS="-days 3650"; # 10 years
+$REQ="$openssl req $SSLEAY_CONFIG";
+$CA="$openssl ca $SSLEAY_CONFIG";
+$VERIFY="$openssl verify";
+$X509="$openssl x509";
+$PKCS12="$openssl pkcs12";
+
+$CATOP="./demoCA";
+$CAKEY="cakey.pem";
+$CAREQ="careq.pem";
+$CACERT="cacert.pem";
+
+$DIRMODE = 0777;
+
+$RET = 0;
+
+foreach (@ARGV) {
+ if ( /^(-\?|-h|-help)$/ ) {
+ print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|
-verify\n";
+ exit 0;
+ } elsif (/^-newcert$/) {
+ # create a certificate
+ system ("$REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS");
+ $RET=$?;
+ print "Certificate is in newcert.pem, private key is in newkey.pem\n"
+ } elsif (/^-newreq$/) {
+ # create a certificate request
+ system ("$REQ -new -keyout newkey.pem -out newreq.pem $DAYS");
+ $RET=$?;
+ print "Request is in newreq.pem, private key is in newkey.pem\n";
+ } elsif (/^-newreq-nodes$/) {
+ # create a certificate request
+ system ("$REQ -new -nodes -keyout newkey.pem -out newreq.pem $DAYS");
+ $RET=$?;
+ print "Request is in newreq.pem, private key is in newkey.pem\n";
+ } elsif (/^-newca$/) {
+ # if explicitly asked for or it doesn't exist then setup the
+ # directory structure that Eric likes to manage things
+ $NEW="1";
+ if ( "$NEW" || ! -f "${CATOP}/serial" ) {
+ # create the directory hierarchy
+ mkdir $CATOP, $DIRMODE;
+ mkdir "${CATOP}/certs", $DIRMODE;
+ mkdir "${CATOP}/crl", $DIRMODE ;
+ mkdir "${CATOP}/newcerts", $DIRMODE;
+ mkdir "${CATOP}/private", $DIRMODE;
+ open OUT, ">${CATOP}/index.txt";
+ close OUT;
+ open OUT, ">${CATOP}/crlnumber";
+ print OUT "01\n";
+ close OUT;
+ }
+ if ( ! -f "${CATOP}/private/$CAKEY" ) {
+ print "CA certificate filename (or enter to create)\n";
+ $FILE = <STDIN>;
+
+ chop $FILE;
+
+ # ask user for existing CA certificate
+ if ($FILE) {
+ cp_pem($FILE,"${CATOP}/private/$CAKEY", "PRIVATE");
+ cp_pem($FILE,"${CATOP}/$CACERT", "CERTIFICATE");
+ $RET=$?;
+ } else {
+ print "Making CA certificate ...\n";
+ system ("$REQ -new -keyout " .
+ "${CATOP}/private/$CAKEY -out ${CATOP}/$CAREQ");
+ system ("$CA -create_serial " .
+ "-out ${CATOP}/$CACERT $CADAYS -batch " .
+ "-keyfile ${CATOP}/private/$CAKEY -selfsign " .
+ "-extensions v3_ca " .
+ "-infiles ${CATOP}/$CAREQ ");
+ $RET=$?;
+ }
+ }
+ } elsif (/^-pkcs12$/) {
+ my $cname = $ARGV[1];
+ $cname = "My Certificate" unless defined $cname;
+ system ("$PKCS12 -in newcert.pem -inkey newkey.pem " .
+ "-certfile ${CATOP}/$CACERT -out newcert.p12 " .
+ "-export -name \"$cname\"");
+ $RET=$?;
+ print "PKCS #12 file is in newcert.p12\n";
+ exit $RET;
+ } elsif (/^-xsign$/) {
+ system ("$CA -policy policy_anything -infiles newreq.pem");
+ $RET=$?;
+ } elsif (/^(-sign|-signreq)$/) {
+ system ("$CA -policy policy_anything -out newcert.pem " .
+ "-infiles newreq.pem");
+ $RET=$?;
+ print "Signed certificate is in newcert.pem\n";
+ } elsif (/^(-signCA)$/) {
+ system ("$CA -policy policy_anything -out newcert.pem " .
+ "-extensions v3_ca -infiles newreq.pem");
+ $RET=$?;
+ print "Signed CA certificate is in newcert.pem\n";
+ } elsif (/^-signcert$/) {
+ system ("$X509 -x509toreq -in newreq.pem -signkey newreq.pem " .
+ "-out tmp.pem");
+ system ("$CA -policy policy_anything -out newcert.pem " .
+ "-infiles tmp.pem");
+ $RET = $?;
+ print "Signed certificate is in newcert.pem\n";
+ } elsif (/^-verify$/) {
+ if (shift) {
+ foreach $j (@ARGV) {
+ system ("$VERIFY -CAfile $CATOP/$CACERT $j");
+ $RET=$? if ($? != 0);
+ }
+ exit $RET;
+ } else {
+ system ("$VERIFY -CAfile $CATOP/$CACERT newcert.pem");
+ $RET=$?;
+ exit 0;
+ }
+ } else {
+ print STDERR "Unknown arg $_\n";
+ print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|
-verify\n";
+ exit 1;
+ }
+}
+
+exit $RET;
+
+sub cp_pem {
+my ($infile, $outfile, $bound) = @_;
+open IN, $infile;
+open OUT, ">$outfile";
+my $flag = 0;
+while (<IN>) {
+ $flag = 1 if (/^-----BEGIN.*$bound/) ;
+ print OUT $_ if ($flag);
+ if (/^-----END.*$bound/) {
+ close IN;
+ close OUT;
+ return;
+ }
+}
+}
+
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/README Sat Aug 18 21:44:13 2012
@@ -0,0 +1,5 @@
+Passwords are all qwerty
+
+http://sandbox.rulemaker.net/ngps/m2/howto.ca.html
+http://www.freebsdmadeeasy.com/tutorials/freebsd/create-a-ca-with-openssl.php
+
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/demoCA/cacert.pem Sat Aug 18
21:44:13 2012
@@ -0,0 +1,59 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 82:13:d6:3f:58:cd:79:0a
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=CA, ST=Ontario, O=Demo Root Authority Corp, CN=Demo CA
Guys/emailAddress=de...@demoroot.dom
+ Validity
+ Not Before: Feb 4 04:00:41 2012 GMT
+ Not After : Feb 1 04:00:41 2022 GMT
+ Subject: C=CA, ST=Ontario, O=Demo Root Authority Corp, CN=Demo CA
Guys/emailAddress=de...@demoroot.dom
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:e7:d4:5b:e7:e0:31:9f:a1:a9:5e:7c:61:98:98:
+ 72:fc:c6:dd:5d:2f:80:7e:88:ba:86:46:16:01:26:
+ 33:31:c0:4e:46:1c:05:25:d1:49:7a:0c:b2:03:0f:
+ f5:6c:49:66:ab:3c:37:29:1b:4f:18:d0:80:a5:5b:
+ 9a:8f:03:c3:f8:8c:9e:99:fa:1a:58:2e:f7:52:03:
+ c7:70:9b:15:57:e7:64:21:b4:cc:5c:47:db:38:08:
+ 4b:2c:5b:a2:30:5e:9b:84:85:45:a8:a8:1e:8e:7a:
+ 4b:9c:a0:51:28:d9:1a:4e:a3:d7:5d:cd:21:b1:aa:
+ 32:41:57:e7:85:c7:2f:2d:e5
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 59:E1:8D:8E:B1:D0:7D:9A:39:24:6D:7C:0D:8E:DB:E9:37:AE:D1:5D
+ X509v3 Authority Key Identifier:
+
keyid:59:E1:8D:8E:B1:D0:7D:9A:39:24:6D:7C:0D:8E:DB:E9:37:AE:D1:5D
+
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: sha1WithRSAEncryption
+ 6c:f1:c6:fd:50:2c:31:33:9e:6b:bf:d9:9b:99:06:be:b9:07:
+ 6a:19:51:83:74:b6:d4:21:db:3b:10:95:b6:5e:39:b0:88:4a:
+ 04:7a:0d:01:be:af:ed:0e:ff:d4:37:71:13:2a:82:b8:e7:6a:
+ 21:db:47:15:2c:5e:35:38:9e:b9:64:10:c0:81:d0:d2:85:17:
+ d2:73:da:ec:e0:b5:19:c8:3d:c8:b5:7b:64:7c:9a:32:76:3e:
+ 22:03:3c:2f:44:c5:cf:00:05:36:d8:b4:07:eb:38:19:a4:39:
+ 0d:8b:7d:bc:23:95:7d:99:92:09:b3:79:27:31:0d:a1:c2:69:
+ 5a:f9
+-----BEGIN CERTIFICATE-----
+MIICxDCCAi2gAwIBAgIJAIIT1j9YzXkKMA0GCSqGSIb3DQEBBQUAMHsxCzAJBgNV
+BAYTAkNBMRAwDgYDVQQIDAdPbnRhcmlvMSEwHwYDVQQKDBhEZW1vIFJvb3QgQXV0
+aG9yaXR5IENvcnAxFTATBgNVBAMMDERlbW8gQ0EgR3V5czEgMB4GCSqGSIb3DQEJ
+ARYRZGVtb0BkZW1vcm9vdC5kb20wHhcNMTIwMjA0MDQwMDQxWhcNMjIwMjAxMDQw
+MDQxWjB7MQswCQYDVQQGEwJDQTEQMA4GA1UECAwHT250YXJpbzEhMB8GA1UECgwY
+RGVtbyBSb290IEF1dGhvcml0eSBDb3JwMRUwEwYDVQQDDAxEZW1vIENBIEd1eXMx
+IDAeBgkqhkiG9w0BCQEWEWRlbW9AZGVtb3Jvb3QuZG9tMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQDn1Fvn4DGfoalefGGYmHL8xt1dL4B+iLqGRhYBJjMxwE5G
+HAUl0Ul6DLIDD/VsSWarPDcpG08Y0IClW5qPA8P4jJ6Z+hpYLvdSA8dwmxVX52Qh
+tMxcR9s4CEssW6IwXpuEhUWoqB6OekucoFEo2RpOo9ddzSGxqjJBV+eFxy8t5QID
+AQABo1AwTjAdBgNVHQ4EFgQUWeGNjrHQfZo5JG18DY7b6Teu0V0wHwYDVR0jBBgw
+FoAUWeGNjrHQfZo5JG18DY7b6Teu0V0wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0B
+AQUFAAOBgQBs8cb9UCwxM55rv9mbmQa+uQdqGVGDdLbUIds7EJW2XjmwiEoEeg0B
+vq/tDv/UN3ETKoK452oh20cVLF41OJ65ZBDAgdDShRfSc9rs4LUZyD3ItXtkfJoy
+dj4iAzwvRMXPAAU22LQH6zgZpDkNi328I5V9mZIJs3knMQ2hwmla+Q==
+-----END CERTIFICATE-----
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/demoCA/careq.pem Sat Aug 18
21:44:13 2012
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBzjCCATcCAQAwgY0xCzAJBgNVBAYTAkNBMRAwDgYDVQQIDAdPbnRhcmlvMRAw
+DgYDVQQHDAdUb3JvbnRvMSEwHwYDVQQKDBhEZW1vIFJvb3QgQXV0aG9yaXR5IENv
+cnAxFTATBgNVBAMMDERlbW8gQ0EgR3V5czEgMB4GCSqGSIb3DQEJARYRZGVtb0Bk
+ZW1vcm9vdC5kb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOfUW+fgMZ+h
+qV58YZiYcvzG3V0vgH6IuoZGFgEmMzHATkYcBSXRSXoMsgMP9WxJZqs8NykbTxjQ
+gKVbmo8Dw/iMnpn6Glgu91IDx3CbFVfnZCG0zFxH2zgISyxbojBem4SFRaioHo56
+S5ygUSjZGk6j113NIbGqMkFX54XHLy3lAgMBAAGgADANBgkqhkiG9w0BAQUFAAOB
+gQBDDltdDKBv/2OBvVwnWuXfnxLzKkjJJ+h8b7re8fJAaW12/bKS63tVEIewxSCX
+vN96SaWJlmpFcwVbKHYtcEAHjy/38y2cz0o7+YL4r8mNJXo3mkIZihNMO7ZEBnll
+T/c5F2CarK//+PqGlOofz9E2U0dZCCx0biyELTmc3xhaAA==
+-----END CERTIFICATE REQUEST-----
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/demoCA/crlnumber Sat Aug 18
21:44:13 2012
@@ -0,0 +1,1 @@
+01
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/demoCA/index.txt Sat Aug 18
21:44:13 2012
@@ -0,0 +1,2 @@
+V 220201040041Z 8213D63F58CD790A unknown /C=CA/ST=Ontario/O=Demo Root
Authority Corp/CN=Demo CA Guys/emailAddress=de...@demoroot.dom
+V 130203040550Z 8213D63F58CD790B unknown
/C=CA/ST=Quebec/L=Montreal/O=Crypt
Client/CN=localhost/emailAddress=ad...@server.sample.dom
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/demoCA/index.txt.attr Sat Aug 18
21:44:13 2012
@@ -0,0 +1,1 @@
+unique_subject = yes
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/demoCA/index.txt.attr.old Sat Aug
18 21:44:13 2012
@@ -0,0 +1,1 @@
+unique_subject = yes
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/demoCA/index.txt.old Sat Aug 18
21:44:13 2012
@@ -0,0 +1,1 @@
+V 220201040041Z 8213D63F58CD790A unknown /C=CA/ST=Ontario/O=Demo Root
Authority Corp/CN=Demo CA Guys/emailAddress=de...@demoroot.dom
=======================================
--- /dev/null
+++
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/newcerts/8213D63F58CD790A.pem
Sat Aug 18 21:44:13 2012
@@ -0,0 +1,59 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 82:13:d6:3f:58:cd:79:0a
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=CA, ST=Ontario, O=Demo Root Authority Corp, CN=Demo CA
Guys/emailAddress=de...@demoroot.dom
+ Validity
+ Not Before: Feb 4 04:00:41 2012 GMT
+ Not After : Feb 1 04:00:41 2022 GMT
+ Subject: C=CA, ST=Ontario, O=Demo Root Authority Corp, CN=Demo CA
Guys/emailAddress=de...@demoroot.dom
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:e7:d4:5b:e7:e0:31:9f:a1:a9:5e:7c:61:98:98:
+ 72:fc:c6:dd:5d:2f:80:7e:88:ba:86:46:16:01:26:
+ 33:31:c0:4e:46:1c:05:25:d1:49:7a:0c:b2:03:0f:
+ f5:6c:49:66:ab:3c:37:29:1b:4f:18:d0:80:a5:5b:
+ 9a:8f:03:c3:f8:8c:9e:99:fa:1a:58:2e:f7:52:03:
+ c7:70:9b:15:57:e7:64:21:b4:cc:5c:47:db:38:08:
+ 4b:2c:5b:a2:30:5e:9b:84:85:45:a8:a8:1e:8e:7a:
+ 4b:9c:a0:51:28:d9:1a:4e:a3:d7:5d:cd:21:b1:aa:
+ 32:41:57:e7:85:c7:2f:2d:e5
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 59:E1:8D:8E:B1:D0:7D:9A:39:24:6D:7C:0D:8E:DB:E9:37:AE:D1:5D
+ X509v3 Authority Key Identifier:
+
keyid:59:E1:8D:8E:B1:D0:7D:9A:39:24:6D:7C:0D:8E:DB:E9:37:AE:D1:5D
+
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: sha1WithRSAEncryption
+ 6c:f1:c6:fd:50:2c:31:33:9e:6b:bf:d9:9b:99:06:be:b9:07:
+ 6a:19:51:83:74:b6:d4:21:db:3b:10:95:b6:5e:39:b0:88:4a:
+ 04:7a:0d:01:be:af:ed:0e:ff:d4:37:71:13:2a:82:b8:e7:6a:
+ 21:db:47:15:2c:5e:35:38:9e:b9:64:10:c0:81:d0:d2:85:17:
+ d2:73:da:ec:e0:b5:19:c8:3d:c8:b5:7b:64:7c:9a:32:76:3e:
+ 22:03:3c:2f:44:c5:cf:00:05:36:d8:b4:07:eb:38:19:a4:39:
+ 0d:8b:7d:bc:23:95:7d:99:92:09:b3:79:27:31:0d:a1:c2:69:
+ 5a:f9
+-----BEGIN CERTIFICATE-----
+MIICxDCCAi2gAwIBAgIJAIIT1j9YzXkKMA0GCSqGSIb3DQEBBQUAMHsxCzAJBgNV
+BAYTAkNBMRAwDgYDVQQIDAdPbnRhcmlvMSEwHwYDVQQKDBhEZW1vIFJvb3QgQXV0
+aG9yaXR5IENvcnAxFTATBgNVBAMMDERlbW8gQ0EgR3V5czEgMB4GCSqGSIb3DQEJ
+ARYRZGVtb0BkZW1vcm9vdC5kb20wHhcNMTIwMjA0MDQwMDQxWhcNMjIwMjAxMDQw
+MDQxWjB7MQswCQYDVQQGEwJDQTEQMA4GA1UECAwHT250YXJpbzEhMB8GA1UECgwY
+RGVtbyBSb290IEF1dGhvcml0eSBDb3JwMRUwEwYDVQQDDAxEZW1vIENBIEd1eXMx
+IDAeBgkqhkiG9w0BCQEWEWRlbW9AZGVtb3Jvb3QuZG9tMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQDn1Fvn4DGfoalefGGYmHL8xt1dL4B+iLqGRhYBJjMxwE5G
+HAUl0Ul6DLIDD/VsSWarPDcpG08Y0IClW5qPA8P4jJ6Z+hpYLvdSA8dwmxVX52Qh
+tMxcR9s4CEssW6IwXpuEhUWoqB6OekucoFEo2RpOo9ddzSGxqjJBV+eFxy8t5QID
+AQABo1AwTjAdBgNVHQ4EFgQUWeGNjrHQfZo5JG18DY7b6Teu0V0wHwYDVR0jBBgw
+FoAUWeGNjrHQfZo5JG18DY7b6Teu0V0wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0B
+AQUFAAOBgQBs8cb9UCwxM55rv9mbmQa+uQdqGVGDdLbUIds7EJW2XjmwiEoEeg0B
+vq/tDv/UN3ETKoK452oh20cVLF41OJ65ZBDAgdDShRfSc9rs4LUZyD3ItXtkfJoy
+dj4iAzwvRMXPAAU22LQH6zgZpDkNi328I5V9mZIJs3knMQ2hwmla+Q==
+-----END CERTIFICATE-----
=======================================
--- /dev/null
+++
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/newcerts/8213D63F58CD790B.pem
Sat Aug 18 21:44:13 2012
@@ -0,0 +1,62 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 82:13:d6:3f:58:cd:79:0b
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=CA, ST=Ontario, O=Demo Root Authority Corp, CN=Demo CA
Guys/emailAddress=de...@demoroot.dom
+ Validity
+ Not Before: Feb 4 04:05:50 2012 GMT
+ Not After : Feb 3 04:05:50 2013 GMT
+ Subject: C=CA, ST=Quebec, L=Montreal, O=Crypt Client,
CN=localhost/emailAddress=ad...@server.sample.dom
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:f1:4a:64:89:8a:d2:da:f5:73:35:f2:ca:b6:15:
+ f0:a0:14:80:99:f3:a0:be:73:67:61:5a:1c:c9:65:
+ bf:55:78:2c:87:d1:35:95:f6:97:a1:4e:d0:c5:1f:
+ e0:be:9d:12:20:19:96:ba:10:e8:cd:e0:56:77:1b:
+ ff:b7:90:21:cb:eb:83:8a:f4:d8:e0:07:2b:f2:a9:
+ a8:de:d4:b3:eb:e6:e0:05:e4:2e:52:78:6c:81:fd:
+ 15:5b:f5:ef:07:4a:67:cf:62:93:c2:c5:62:b7:69:
+ b7:58:96:54:ff:fe:01:67:07:10:3c:b2:65:3b:8b:
+ ce:96:d7:2f:18:82:17:10:f7
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ Netscape Comment:
+ OpenSSL Generated Certificate
+ X509v3 Subject Key Identifier:
+ BE:D5:10:E0:83:1A:F5:5A:7B:D3:35:B7:3B:A6:6D:5A:13:D6:4C:69
+ X509v3 Authority Key Identifier:
+
keyid:59:E1:8D:8E:B1:D0:7D:9A:39:24:6D:7C:0D:8E:DB:E9:37:AE:D1:5D
+
+ Signature Algorithm: sha1WithRSAEncryption
+ 90:e9:95:3d:62:6e:86:6c:f7:c4:b9:6a:00:08:b6:32:f7:a9:
+ e8:be:c1:4e:06:02:12:34:62:6a:e5:79:f2:8d:93:ea:ba:7e:
+ 28:20:eb:40:37:42:40:5f:8b:e7:32:ce:63:60:60:b3:88:8f:
+ 33:40:aa:8c:e1:84:5b:ec:e6:0b:55:2c:0d:6e:e9:fd:d0:2d:
+ 20:5a:9d:79:e8:5d:b1:12:b6:4e:89:0e:49:d7:64:e9:08:a8:
+ a5:8c:26:95:bb:57:bd:4a:f1:ae:d0:1d:4e:f0:7c:58:a5:64:
+ bd:cd:5e:53:cd:0b:51:13:2a:43:6d:7c:bf:77:8b:ee:b2:b0:
+ 46:9c
+-----BEGIN CERTIFICATE-----
+MIIC+TCCAmKgAwIBAgIJAIIT1j9YzXkLMA0GCSqGSIb3DQEBBQUAMHsxCzAJBgNV
+BAYTAkNBMRAwDgYDVQQIDAdPbnRhcmlvMSEwHwYDVQQKDBhEZW1vIFJvb3QgQXV0
+aG9yaXR5IENvcnAxFTATBgNVBAMMDERlbW8gQ0EgR3V5czEgMB4GCSqGSIb3DQEJ
+ARYRZGVtb0BkZW1vcm9vdC5kb20wHhcNMTIwMjA0MDQwNTUwWhcNMTMwMjAzMDQw
+NTUwWjCBhDELMAkGA1UEBhMCQ0ExDzANBgNVBAgMBlF1ZWJlYzERMA8GA1UEBwwI
+TW9udHJlYWwxFTATBgNVBAoMDENyeXB0IENsaWVudDESMBAGA1UEAwwJbG9jYWxo
+b3N0MSYwJAYJKoZIhvcNAQkBFhdhZG1pbkBzZXJ2ZXIuc2FtcGxlLmRvbTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA8UpkiYrS2vVzNfLKthXwoBSAmfOgvnNn
+YVocyWW/VXgsh9E1lfaXoU7QxR/gvp0SIBmWuhDozeBWdxv/t5Ahy+uDivTY4Acr
+8qmo3tSz6+bgBeQuUnhsgf0VW/XvB0pnz2KTwsVit2m3WJZU//4BZwcQPLJlO4vO
+ltcvGIIXEPcCAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3Bl
+blNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFL7VEOCDGvVae9M1
+tzumbVoT1kxpMB8GA1UdIwQYMBaAFFnhjY6x0H2aOSRtfA2O2+k3rtFdMA0GCSqG
+SIb3DQEBBQUAA4GBAJDplT1iboZs98S5agAItjL3qei+wU4GAhI0YmrlefKNk+q6
+figg60A3QkBfi+cyzmNgYLOIjzNAqozhhFvs5gtVLA1u6f3QLSBanXnoXbEStk6J
+DknXZOkIqKWMJpW7V71K8a7QHU7wfFilZL3NXlPNC1ETKkNtfL93i+6ysEac
+-----END CERTIFICATE-----
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/demoCA/private/cakey.pem Sat Aug
18 21:44:13 2012
@@ -0,0 +1,17 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIwBBvVDtgG6ACAggA
+MBQGCCqGSIb3DQMHBAirl+lyTj8IhASCAoDWRXP94Ze1IFvS3OllJJ1ZHZR8OAI3
+a1/Ofu5MqLhmy/c5kSpk7vGxwKRLjBYNOBoipetqiAixtni6nHgajlTobNWBtxNe
+G/gDqMF2//3UbCubeokxdwAf6bb7+5BvkvsfKJOzHaUJ6vo136W20JN3Cx6Eldw+
+xvp/494gWZ7H4VyzAdLQgXf82sG3kfr+oHLrmCC/GqIXaAG0UForprsbbOXimkyi
+XmiaDdNtemveaI/OWcXkb0/n7bDCCsnOca0a3pbKDONFFcZ2X1iTklC32/e2XaLv
+btBkcIjDNWhZRJDmqrPWTq4VtEhEphHHt8QTXpmNA/V3nK7GO2MqI7I2uLZeG82k
+atz1u1yN8ZzMZzZc9DEdpZ0rH56cIcQ/7NK3VpTIhOwngAF6GLuiQLbR8iou8DJG
+faAhRJJCcDb4H8b8VHXOU7XkFP2l7dLZzck37HAPBLl4BRJ4r/oyTtAdHTplS8LG
+7z52+Od4GsOSwyRAI/wfk7dHGJ0twJZFkxgRmgnIqrRHZWtrWOu4m0makby+bji/
+c9K8vLY6Tf+95h0YA34WN/+i9nduv/1848YwsNlr1U21YVycO0W8vuIO/Lw9hmOY
+uAOaylmOhzzyp3H49Myc7JzkN3q6I6XFchl7UErLXKFp3n4dJuX5CPRoGFAGazbG
+Ay58gBNydaTB/57BcK/pe5E1BdeCZ3a8W6x111whUzWd/grfuYdLGZA7n+D4yyOQ
+nO7mSo8oIlQVJLV6h/2azjp4ZEZ+KzDTUyrmekeFROTLzzqHp3Z6hbd96yX7iK7m
+JqX2EfWhvfubu8rhoQwWk5y99OKi6epbnZdU2c4dlCVQ097AIFP38Vtt
+-----END ENCRYPTED PRIVATE KEY-----
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/demoCA/serial Sat Aug 18 21:44:13
2012
@@ -0,0 +1,1 @@
+8213D63F58CD790C
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/demoCA/serial.old Sat Aug 18
21:44:13 2012
@@ -0,0 +1,1 @@
+8213D63F58CD790B
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/newcert.pem Sat Aug 18 21:44:13
2012
@@ -0,0 +1,62 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 82:13:d6:3f:58:cd:79:0b
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=CA, ST=Ontario, O=Demo Root Authority Corp, CN=Demo CA
Guys/emailAddress=de...@demoroot.dom
+ Validity
+ Not Before: Feb 4 04:05:50 2012 GMT
+ Not After : Feb 3 04:05:50 2013 GMT
+ Subject: C=CA, ST=Quebec, L=Montreal, O=Crypt Client,
CN=localhost/emailAddress=ad...@server.sample.dom
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:f1:4a:64:89:8a:d2:da:f5:73:35:f2:ca:b6:15:
+ f0:a0:14:80:99:f3:a0:be:73:67:61:5a:1c:c9:65:
+ bf:55:78:2c:87:d1:35:95:f6:97:a1:4e:d0:c5:1f:
+ e0:be:9d:12:20:19:96:ba:10:e8:cd:e0:56:77:1b:
+ ff:b7:90:21:cb:eb:83:8a:f4:d8:e0:07:2b:f2:a9:
+ a8:de:d4:b3:eb:e6:e0:05:e4:2e:52:78:6c:81:fd:
+ 15:5b:f5:ef:07:4a:67:cf:62:93:c2:c5:62:b7:69:
+ b7:58:96:54:ff:fe:01:67:07:10:3c:b2:65:3b:8b:
+ ce:96:d7:2f:18:82:17:10:f7
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ Netscape Comment:
+ OpenSSL Generated Certificate
+ X509v3 Subject Key Identifier:
+ BE:D5:10:E0:83:1A:F5:5A:7B:D3:35:B7:3B:A6:6D:5A:13:D6:4C:69
+ X509v3 Authority Key Identifier:
+
keyid:59:E1:8D:8E:B1:D0:7D:9A:39:24:6D:7C:0D:8E:DB:E9:37:AE:D1:5D
+
+ Signature Algorithm: sha1WithRSAEncryption
+ 90:e9:95:3d:62:6e:86:6c:f7:c4:b9:6a:00:08:b6:32:f7:a9:
+ e8:be:c1:4e:06:02:12:34:62:6a:e5:79:f2:8d:93:ea:ba:7e:
+ 28:20:eb:40:37:42:40:5f:8b:e7:32:ce:63:60:60:b3:88:8f:
+ 33:40:aa:8c:e1:84:5b:ec:e6:0b:55:2c:0d:6e:e9:fd:d0:2d:
+ 20:5a:9d:79:e8:5d:b1:12:b6:4e:89:0e:49:d7:64:e9:08:a8:
+ a5:8c:26:95:bb:57:bd:4a:f1:ae:d0:1d:4e:f0:7c:58:a5:64:
+ bd:cd:5e:53:cd:0b:51:13:2a:43:6d:7c:bf:77:8b:ee:b2:b0:
+ 46:9c
+-----BEGIN CERTIFICATE-----
+MIIC+TCCAmKgAwIBAgIJAIIT1j9YzXkLMA0GCSqGSIb3DQEBBQUAMHsxCzAJBgNV
+BAYTAkNBMRAwDgYDVQQIDAdPbnRhcmlvMSEwHwYDVQQKDBhEZW1vIFJvb3QgQXV0
+aG9yaXR5IENvcnAxFTATBgNVBAMMDERlbW8gQ0EgR3V5czEgMB4GCSqGSIb3DQEJ
+ARYRZGVtb0BkZW1vcm9vdC5kb20wHhcNMTIwMjA0MDQwNTUwWhcNMTMwMjAzMDQw
+NTUwWjCBhDELMAkGA1UEBhMCQ0ExDzANBgNVBAgMBlF1ZWJlYzERMA8GA1UEBwwI
+TW9udHJlYWwxFTATBgNVBAoMDENyeXB0IENsaWVudDESMBAGA1UEAwwJbG9jYWxo
+b3N0MSYwJAYJKoZIhvcNAQkBFhdhZG1pbkBzZXJ2ZXIuc2FtcGxlLmRvbTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA8UpkiYrS2vVzNfLKthXwoBSAmfOgvnNn
+YVocyWW/VXgsh9E1lfaXoU7QxR/gvp0SIBmWuhDozeBWdxv/t5Ahy+uDivTY4Acr
+8qmo3tSz6+bgBeQuUnhsgf0VW/XvB0pnz2KTwsVit2m3WJZU//4BZwcQPLJlO4vO
+ltcvGIIXEPcCAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3Bl
+blNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFL7VEOCDGvVae9M1
+tzumbVoT1kxpMB8GA1UdIwQYMBaAFFnhjY6x0H2aOSRtfA2O2+k3rtFdMA0GCSqG
+SIb3DQEBBQUAA4GBAJDplT1iboZs98S5agAItjL3qei+wU4GAhI0YmrlefKNk+q6
+figg60A3QkBfi+cyzmNgYLOIjzNAqozhhFvs5gtVLA1u6f3QLSBanXnoXbEStk6J
+DknXZOkIqKWMJpW7V71K8a7QHU7wfFilZL3NXlPNC1ETKkNtfL93i+6ysEac
+-----END CERTIFICATE-----
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/newdecrypted.pem Sat Aug 18
21:44:13 2012
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQDxSmSJitLa9XM18sq2FfCgFICZ86C+c2dhWhzJZb9VeCyH0TWV
+9pehTtDFH+C+nRIgGZa6EOjN4FZ3G/+3kCHL64OK9NjgByvyqaje1LPr5uAF5C5S
+eGyB/RVb9e8HSmfPYpPCxWK3abdYllT//gFnBxA8smU7i86W1y8YghcQ9wIDAQAB
+AoGAW8Vto5p3Q+wi25vyWXrSwC/MEcHFm2oNIcvCMx9NvFYuqaF6fgUB+sodQTw0
+oIrg//B7kV0pDlSKzlaJ1ekt0MI354YanfCr9r2ip1xa4x7ZyGBOFQP3MlJHS+d+
++fUbCPwOFDLoyKcrlbY+kI5ECC9M2Ww6FAUXsqZd5zvlclECQQD8f+rHNjVSRjUK
+F6ZJHQhV+fjQrKXu7MaDsw5ZuQ1Ck42KZRs3pqpwo3sZf/Bfi5Q4Ig8EzUEIwAAE
+7naPJdrNAkEA9KKyQQuG89CcOmO2eHaf7YdDYpq9oGZXSBHIBnWY3ysvWLc1B04z
+9bodBabWA5jch+5GEcv8PvJT4M9qcyai0wJAY3WjrlrNAB6Fj/cm2g/kk7FGcDRB
+nG6J96CVW4RIE9x5WXVgFjjBVGMg/zdlIM2jUcUgs1yCbIbsuwSPkO1xVQJBAMiw
+gBOkZT23sbKlApiomGLASKOn1lC0JH5XOAU0jAjo4JqjEbnAihfYat6sE3439RL+
+gjUvZuws2GrhPa7hz0kCQQCUvtGVFuEIj3JvvSHAyGtnKgYakixoY/MVWRxkqLOc
+ZJTYLNjq0Oet8MofyqGYFlVzHNPh91xCfvvJQoXNM10/
+-----END RSA PRIVATE KEY-----
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/newkey.pem Sat Aug 18 21:44:13 2012
@@ -0,0 +1,17 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIQOhoptscxL8CAggA
+MBQGCCqGSIb3DQMHBAi3Ti+5/E2fgwSCAoDe97Gv1/MYph7n6HP1yD7Ltgj50JcL
+NCHUp3+EOZxMT6XI6K2QCr+iiVE1fQiBkL7/OVZp35VnsvSwqWxu5p1Pwml72FHv
+FuGqG9g9DWUnNKzB9yIUAGta2s5fi1FjPTK9CXCK63Up84DyWwNeLOtQYVcKm4d4
+BlhcULS4AoOqxTkwYy+sgHXiHLvHFfAa7nvEJz4K/DjZqAdicFfPIrMdtDENnMIW
+cE+lE+a5UZvuYCXZZ4u9PlKtG5dufRHir5aL+HuBrZ8Aftex8yI47zf6zggP8sVe
+8fs0xmKk07fbbEFceMmla+c6WNHt6PPb6i0TIDrInMQr38jIuJP7l93T6jGpt4wD
+0Vewgcs3rbKYlauuVNkhtcnyudD7pqmJtHhUUgJeqegygw2ID/CP0Z8F3IicaXyb
+zHrQckPXnwcz/ECK1kvnZbGwWYVOGb3ueJ+wdYcDRYqSIM0IyLj6tSNVYnpfsKLe
+MndZDrqro73E6GBfsp2UB/nfqvHFJX+rC+7ST6Vx7N9AT1VA6xbFPY112bmAMQlY
+z3fqp3Lg9SCkEDZ474l041voLp+1T5NW/06kX9EDH33bn/IL7ik7row7cu8zb2xY
+PAyhwERseJF7G0l0AW4nGImqN0CC7eHRETvth2CrGqbTPcDKh6U2FdlsQbLoDuOW
+rrks7bukRLRtqvRF8LxBR81MvVAPbnHgFGjOaDaxKY0nJT63gKy8f2qLll32eUQx
+uXZ5DxCfTPBE28kHYwQArFw0NVTRiU66XW5sTOZ2Okf1vMDb7KguQspVDzgt3uvY
+7WIm0xSW5dIYoJK+bWJGhlr0OSrUy+dLF9ydBTYkOyGOC+ONVBkvMcKl
+-----END ENCRYPTED PRIVATE KEY-----
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/expired/README Sat Aug 18 21:44:13 2012
@@ -0,0 +1,1 @@
+Some sample certs that are expired
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/expired/client.pem Sat Aug 18 21:44:13
2012
@@ -0,0 +1,32 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,6D3B09E4CA5421FF
+
+SaDJA2MhJ12ZmDxfGkSLhQgjYPEQYqVfs5b4DZTz+9pJqzuNxHrZZU43oArbWBdB
+3DKc1THejbyHF2lY7xgPLk/5iax5r+CXesDKZroSliHyERBIOCUgDN6ecwvVGtYv
+C8IhlwGPEXyxr59lyV37RjkSUVXYBqiRbLlNIcQtp5T6GkFe+yftOnv6/UADCLTS
+Pu8xwkda1rf7dgPwYIKuk2SOTTe1VMDtWacRUGu8NteTJ4aiVaeeo9wdsKId5U2b
+Z7NTJjOjvdXOLRonfkGvDXmrmN4eICks0bV0ZBtkULAfGjKNGs6riY+XNGKNRmjI
+idRRB0za+EGorpiJ/vbe7n7uaFXIJlfqCwhTi4Up3mS8sR4tLHfmdjp85GV9P9B3
+xX3CHIeG5/EYDt0Qn1gRL5ODL/0O7nFGJslhcQUS6bMmcg9nSzhClTE2gREz0j9g
+pwzvRpEkIl3Tw4niZLIX8fW2cEIyKTBMCCG2MDwHHgXRL3SUXkOGeitFefkcXN/z
+/UWRS8XQcX7/lGWCiuEpgn+esoirjf8lFNVsx6OT0UXj3oBxGrz1iB/vpu/PMBVQ
+JsbEPSh/ElHSDUItw2ytjJmkolRtM01b7cFj16ZxbHjinXWTIGZFWUYIlaeA2zHK
+D/NRMFJwjrQYhjRgPqltvbw7M01Co7SNFBwSotARr36FBjsxbOH3F1jY6w+kXvJU
+X5m83C9UONM2K7kkKYXbE2yW+kzJF2LFX0Uu4yDluxNG767/WwqiQSI63aIzNAPp
+rSsaIMBSbVZia8q49gcvGyuvqBZpwm/PcZwr/PHJjvGs8hdU1ACmyQ==
+-----END RSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIICFTCCAX4CAgECMA0GCSqGSIb3DQEBBAUAMFcxCzAJBgNVBAYTAlVTMRMwEQYD
+VQQKEwpSVEZNLCBJbmMuMRkwFwYDVQQLExBXaWRnZXRzIERpdmlzaW9uMRgwFgYD
+VQQDEw9UZXN0IENBMjAwMTA1MTcwHhcNMDEwNTE3MTYxMTM2WhcNMDQwMzA2MTYx
+MTM2WjBOMQswCQYDVQQGEwJVUzETMBEGA1UEChMKUlRGTSwgSW5jLjEZMBcGA1UE
+CxMQV2lkZ2V0cyBEaXZpc2lvbjEPMA0GA1UEAxMGY2xpZW50MIGfMA0GCSqGSIb3
+DQEBAQUAA4GNADCBiQKBgQCHNWSoNh6msUwYGGd7TYQDsdSG0ao6QXaYjk+78ZyM
+QeZUBu2dZFjG4wnzkKwrD4rp/J5PLR9AdxR72lb9AavEOKL2UDHJGsscZkGVw/bz
+ZbxrKF2rvdpZSvKP1OhV1MOds/WTpRm1gcmVSoV5vLOMqVjzjHoxQ/+1zpjzMxWL
+0wIDAQABMA0GCSqGSIb3DQEBBAUAA4GBACTJhRR5tv8A7dc5+zmKR1Q/i8qE3Mrn
+mp/MOXHfX+ifJ/w+twoc/yd4En+7pr+hGsiTofct1JOZDW9Akq/ZGu1+NpVRT7Cw
+53EdMwpi7ArwZAsLIUBsKA7QmLTbdwjU5S7WlZ24eygZHyqZrK4Few+JuzlFkkoI
+FIDCfinyz24m
+-----END CERTIFICATE-----
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/expired/root.pem Sat Aug 18 21:44:13 2012
@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICIjCCAYugAwIBAgIBADANBgkqhkiG9w0BAQQFADBXMQswCQYDVQQGEwJVUzET
+MBEGA1UEChMKUlRGTSwgSW5jLjEZMBcGA1UECxMQV2lkZ2V0cyBEaXZpc2lvbjEY
+MBYGA1UEAxMPVGVzdCBDQTIwMDEwNTE3MB4XDTAxMDUxNzE2MDExNFoXDTA2MTIy
+NTE2MDExNFowVzELMAkGA1UEBhMCVVMxEzARBgNVBAoTClJURk0sIEluYy4xGTAX
+BgNVBAsTEFdpZGdldHMgRGl2aXNpb24xGDAWBgNVBAMTD1Rlc3QgQ0EyMDAxMDUx
+NzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAmkX40warmH0+lnwD9YjsJhRz
+ZX6qXadFry0y2trZ6gMs8Mv33IKPwOu8TE7V+3PESEtjI2wr8juV9OkbIPOm+td5
+M8+6vXyIW+JBo3ch99i0QMTf5/jTgsW+3IjV8yEdiGcZFp2NWKLRvZPq2VRbuF7R
+1pvgcaRuBJ0wGOohwnsCAwEAATANBgkqhkiG9w0BAQQFAAOBgQCUB8zMKIlX5io8
+TalbzH9Qke7BcvFAL+wp/5w1ToVsWkNrINSWKv6bl/jcqOD3aPhK7qhaeOU8ZWKL
+PoPPCnRl9Wo+1JtsOO3qIgJP79Bl9ooLGahixF2v/gea5qNISjQvwYllLSa//APP
+6kXHngO0RIRbiTBYHSkAzm6hDdsvVA==
+-----END CERTIFICATE-----
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/expired/server.pem Sat Aug 18 21:44:13
2012
@@ -0,0 +1,32 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,5772A2A7BE34B611
+
+1yJ+xAn4MudcIfXXy7ElYngJ9EohIh8yvcyVLmE4kVd0xeaL/Bqhvk25BjYCK5d9
+k1K8cjgnKEBjbC++0xtJxFSbUhwoKTLwn+sBoJDcFzMKkmJXXDbSTOaNr1sVwiAR
+SnB4lhUcHguYoV5zlRJn53ft7t1mjB6RwGH+d1Zx6t95OqM1lnKqwekwmotVAWHj
+ncu3N8qhmoPMppmzEv0fOo2/pK2WohcJykSeN5zBrZCUxoO0NBNEZkFUcVjR+KsA
+1ZeI1mU60szqg+AoU/XtFcow8RtG1QZKQbbXzyfbwaG+6LqkHaWYKHQEI1546yWK
+us1HJ734uUkZoyyyazG6PiGCYV2u/aY0i3qdmyDqTvmVIvve7E4glBrtDS9h7D40
+nPShIvOatoPzIK4Y0QSvrI3G1vTsIZT3IOZto4AWuOkLNfYS2ce7prOreF0KjhV0
+3tggw9pHdDmTjHTiIkXqheZxZ7TVu+pddZW+CuB62I8lCBGPW7os1f21e3eOD/oY
+YPCI44aJvgP+zUORuZBWqaSJ0AAIuVW9S83Yzkz/tlSFHViOebyd8Cug4TlxK1VI
+q6hbSafh4C8ma7YzlvqjMzqFifcIolcbx+1A6ot0UiayJTUra4d6Uc4Rbc9RIiG0
+jfDWC6aii9YkAgRl9WqSd31yASge/HDqVXFwR48qdlYQ57rcHviqxyrwRDnfw/lX
+Mf6LPiDKEco4MKej7SR2kK2c2AgxUzpGZeAY6ePyhxbdhA0eY21nDeFd/RbwSc5s
+eTiCCMr41OB4hfBFXKDKqsM3K7klhoz6D5WsgE6u3lDoTdz76xOSTg==
+-----END RSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIICGDCCAYECAgEBMA0GCSqGSIb3DQEBBAUAMFcxCzAJBgNVBAYTAlVTMRMwEQYD
+VQQKEwpSVEZNLCBJbmMuMRkwFwYDVQQLExBXaWRnZXRzIERpdmlzaW9uMRgwFgYD
+VQQDEw9UZXN0IENBMjAwMTA1MTcwHhcNMDEwNTE3MTYxMDU5WhcNMDQwMzA2MTYx
+MDU5WjBRMQswCQYDVQQGEwJVUzETMBEGA1UEChMKUlRGTSwgSW5jLjEZMBcGA1UE
+CxMQV2lkZ2V0cyBEaXZpc2lvbjESMBAGA1UEAxMJbG9jYWxob3N0MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQCiWhMjNOPlPLNW4DJFBiL2fFEIkHuRor0pKw25
+J0ZYHW93lHQ4yxA6afQr99ayRjMY0D26pH41f0qjDgO4OXskBsaYOFzapSZtQMbT
+97OCZ7aHtK8z0ZGNW/cslu+1oOLomgRxJomIFgW1RyUUkQP1n0hemtUdCLOLlO7Q
+CPqZLQIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAIumUwl1OoWuyN2xfoBHYAs+lRLY
+KmFLoI5+iMcGxWIsksmA+b0FLRAN43wmhPnums8eXgYbDCrKLv2xWcvKDP3mps7m
+AMivwtu/eFpYz6J8Mo1fsV4Ys08A/uPXkT23jyKo2hMu8mywkqXCXYF2e+7pEeBr
+dsbmkWK5NgoMl8eM
+-----END CERTIFICATE-----
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/mail.google.com.pem Sat Aug 18 21:44:13
2012
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDIjCCAougAwIBAgIQK59+5colpiUUIEeCdTqbuTANBgkqhkiG9w0BAQUFADBM
+MQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkg
+THRkLjEWMBQGA1UEAxMNVGhhd3RlIFNHQyBDQTAeFw0xMTEwMjYwMDAwMDBaFw0x
+MzA5MzAyMzU5NTlaMGkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh
+MRYwFAYDVQQHFA1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKFApHb29nbGUgSW5jMRgw
+FgYDVQQDFA9tYWlsLmdvb2dsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ
+AoGBAK85FZho5JL+T0/xu/8NLrD+Jaq9aARnJ+psQ0ynbcvIj36B7ocmJRASVDOe
+qj2bj46Ss0sB4/lKKcMP/ay300yXKT9pVc9wgwSvLgRudNYPFwn+niAkJOPHaJys
+Eb2S5LIbCfICMrtVGy0WXzASI+JMSo3C2j/huL/3OrGGvvDFAgMBAAGjgecwgeQw
+DAYDVR0TAQH/BAIwADA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLnRoYXd0
+ZS5jb20vVGhhd3RlU0dDQ0EuY3JsMCgGA1UdJQQhMB8GCCsGAQUFBwMBBggrBgEF
+BQcDAgYJYIZIAYb4QgQBMHIGCCsGAQUFBwEBBGYwZDAiBggrBgEFBQcwAYYWaHR0
+cDovL29jc3AudGhhd3RlLmNvbTA+BggrBgEFBQcwAoYyaHR0cDovL3d3dy50aGF3
+dGUuY29tL3JlcG9zaXRvcnkvVGhhd3RlX1NHQ19DQS5jcnQwDQYJKoZIhvcNAQEF
+BQADgYEANYARzVI+hCn7wSjhIOUCj19xZVgdYnJXPOZeJWHTy60i+NiBpOf0rnzZ
+wW2qkw1iB5/yZ0eZNDNPPQJ09IHWOAgh6OKh+gVBnJzJ+fPIo+4NpddQVF4vfXm3
+fgp8tuIsqK7+lNfNFjBxBKqeecPStiSnJavwSI4vw6e7UN0Pz7A=
+-----END CERTIFICATE-----
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/thawte2.pem Sat Aug 18 21:44:13 2012
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDIzCCAoygAwIBAgIEMAAAAjANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJV
+UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDMgUHVi
+bGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQwNTEzMDAw
+MDAwWhcNMTQwNTEyMjM1OTU5WjBMMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhh
+d3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEWMBQGA1UEAxMNVGhhd3RlIFNHQyBD
+QTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1NNn0I0Vf67NMf59HZGhPwtx
+PKzMyGT7Y/wySweUvW+Aui/hBJPAM/wJMyPpC3QrccQDxtLN4i/1CWPN/0ilAL/g
+5/OIty0y3pg25gqtAHvEZEo7hHUD8nCSfQ5i9SGraTaEMXWQ+L/HbIgbBpV8yeWo
+3nWhLHpo39XKHIdYYBkCAwEAAaOB/jCB+zASBgNVHRMBAf8ECDAGAQH/AgEAMAsG
+A1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwKAYDVR0RBCEwH6QdMBsxGTAX
+BgNVBAMTEFByaXZhdGVMYWJlbDMtMTUwMQYDVR0fBCowKDAmoCSgIoYgaHR0cDov
+L2NybC52ZXJpc2lnbi5jb20vcGNhMy5jcmwwMgYIKwYBBQUHAQEEJjAkMCIGCCsG
+AQUFBzABhhZodHRwOi8vb2NzcC50aGF3dGUuY29tMDQGA1UdJQQtMCsGCCsGAQUF
+BwMBBggrBgEFBQcDAgYJYIZIAYb4QgQBBgpghkgBhvhFAQgBMA0GCSqGSIb3DQEB
+BQUAA4GBAFWsY+reod3SkF+fC852vhNRj5PZBSvIG3dLrWlQoe7e3P3bB+noOZTc
+q3J5Lwa/q4FwxKjt6lM07e8eU9kGx1Yr0Vz00YqOtCuxN5BICEIlxT6Ky3/rbwTR
+bcV0oveifHtgPHfNDs5IAn8BL7abN+AqKjbc1YXWrOU/VG+WHgWv
+-----END CERTIFICATE-----
=======================================
--- /trunk/ext3/Tests/crypt/Makefile Sun Jan 15 15:43:27 2012
+++ /trunk/ext3/Tests/crypt/Makefile Sat Aug 18 21:44:13 2012
@@ -2,7 +2,8 @@
HAXECPP=haxelib run hxcpp
NMML=build.nmml
TARGETS:=$(shell cd src && ls *.hx | sed 's/.hx//g')
-DEBUG=-debug # -D FIREBUG
+#DEBUG=-debug
+#DEBUG=-debug -D CAFFEINE_DEBUG
COMMON=-cp ../../ -cp src $(DEBUG)
all:
@@ -10,11 +11,11 @@
$(TARGETS):
$(HAXE) $(COMMON) $(FLAGS) -neko test.n -main $@
+ $(HAXE) $(COMMON) $(FLAGS) -cpp cpp-native -main $@
+ $(HAXE) $(COMMON) $(FLAGS) -D useOpenSSL -cpp cpp-openssl -main $@
$(HAXE) $(COMMON) $(FLAGS) -swf test8.swf -swf-version 8 -main $@
$(HAXE) $(COMMON) $(FLAGS) -swf test9.swf -swf-version 9 -main $@
$(HAXE) $(COMMON) $(FLAGS) -js test.js -main $@
- $(HAXE) $(COMMON) $(FLAGS) -cpp cpp-native -main $@
-# $(HAXE) $(COMMON) $(FLAGS) -D useOpenSSL -cpp cpp-openssl -main $@
.PHONY clean:
rm -f test.js
=======================================
--- /trunk/ext3/Tests/crypt/src/IVModeTest.hx Sun Feb 26 14:32:06 2012
+++ /trunk/ext3/Tests/crypt/src/IVModeTest.hx Sat Aug 18 21:44:13 2012
@@ -84,6 +84,36 @@
function aescfb(key:Bytes, bits:Int, iv:Bytes, pt:Bytes, ct:Bytes) {
aes_common(key, bits, new CFB(), iv, pt, ct);
}
+
+ public function testStepped() : Void {
+ trace("\n============== STEPPED CBC AES 128 ==========\n");
+ var key:Bytes = Bytes.ofHex("2b7e151628aed2a6abf7158809cf4f3c");
+ var iv:Bytes = Bytes.ofHex("000102030405060708090a0b0c0d0e0f");
+ var pt:Bytes =
Bytes.ofHex("6bc1bee22e409f96e93d7e117393172a"+"ae2d8a571e03ac9c9eb76fac45af8e51");
+ var ct:Bytes =
Bytes.ofHex("7649abac8119b246cee98e9b12e9197d"+"5086cb9b507219ee95db113a917678b2");
+
+ var p = new CipherParams();
+ p.iv = iv;
+ var cipher = new Cipher(new Aes(128,key), new CBC(), new PadNone());
+ cipher.init(ENCRYPT, p);
+ var out = new BytesOutput();
+ var num = cipher.update(pt, 0, 3, out);
+ assertEquals(3, num);
+ num = cipher.update(pt,3,2,out);
+ assertEquals(2, num);
+ num = cipher.update(pt,5, 13,out);
+ assertEquals(13, num);
+ num = cipher.final(pt, 18, pt.length-18, out);
+ assertEquals(14, num);
+ var crypted = out.getBytes();
+ assertEquals(ct.toHex(), crypted.toHex());
+
+ cipher.init(DECRYPT, p);
+ out = new BytesOutput();
+ num = cipher.final(crypted,0,crypted.length,out);
+ var decrypted = out.getBytes();
+ assertEquals(pt.toHex(), decrypted.toHex());
+ }
public function testCBC_AES128():Void {
trace("\n============== CBC AES 128 ==========\n");
=======================================
--- /trunk/ext3/Tests/crypt/src/RsaTest.hx Sun Jan 15 15:43:27 2012
+++ /trunk/ext3/Tests/crypt/src/RsaTest.hx Sat Aug 18 21:44:13 2012
@@ -63,7 +63,11 @@
#end
var r = new haxe.unit.TestRunner();
r.add(new RsaTest());
- r.run();
+ //r.run();
+
+ var r = new RSAEncrypt(RSAK1.modulus, RSAK1.publicExponent);
+ var rsa = new ModeECB( r, new PadPkcs5(r.blockSize) );
+ trace(rsa.encrypt(Bytes.ofString("message")).toHex());
}
function test0() {
=======================================
--- /trunk/ext3/Tests/crypt/src/X509.hx Thu Jan 12 14:30:07 2012
+++ /trunk/ext3/Tests/crypt/src/X509.hx Sat Aug 18 21:44:13 2012
@@ -2,7 +2,65 @@
import chx.crypt.RSA;
import chx.crypt.cert.X509Certificate;
-class Global {
+class X509 extends haxe.unit.TestCase {
+ static var cacert1 : X509Certificate = new
X509Certificate(Certs.CaCertPem);
+ static var verisign: X509Certificate = new
X509Certificate(Certs.Verisign);
+ static var thawte : X509Certificate = new X509Certificate(Certs.Thawte);
+ static function main()
+ {
+#if (FIREBUG && !neko)
+ if(haxe.Firebug.detect()) {
+ haxe.Firebug.redirectTraces();
+ }
+#end
+ //var x = new X509Certificate(Certs.Verisign);
+ //var x = new X509Certificate(Certs.Thawte);
+
+ //trace(cacert1.getCommonName());
+ trace(cacert1.getNotAfter());
+ //trace(cacert1.isSelfSigned());
+ //trace(cacert1.getSubjectPrincipal());
+
+ var r = new haxe.unit.TestRunner();
+ r.add(new X509());
+ r.run();
+ }
+
+ function testFingerprints() {
+
assertEquals("10:d8:62:e0:35:cf:4e:ec:c3:11:67:30:fd:85:fe:5f:ab:b9:e5:69",
+ cacert1.getFingerprint("sha1").toHex(":"));
+ assertEquals("95:08:77:3f:9b:28:03:51:f5:cd:a6:1c:db:92:cb:da",
+ cacert1.getFingerprint("md5").toHex(":"));
+
assertEquals("44:63:c5:31:d7:cc:c1:00:67:94:61:2b:b6:56:d3:bf:82:57:84:6f",
+ verisign.getFingerprint("sha1").toHex(":"));
+ assertEquals("74:7b:82:03:43:f0:00:9e:6b:b3:ec:47:bf:85:a5:93",
+ verisign.getFingerprint("md5").toHex(":"));
+
assertEquals("d2:32:09:ad:23:d3:14:23:21:74:e4:0d:7f:9d:62:13:97:86:63:3a",
+ thawte.getFingerprint("sha1").toHex(":"));
+ assertEquals("67:cb:9d:c0:13:24:8a:82:9b:b2:17:1e:d1:1b:ec:d4",
+ thawte.getFingerprint("md5").toHex(":"));
+ }
+
+ function testSigAlg() {
+ assertEquals("1.2.840.113549.1.1.5",cacert1.getAlgorithmIdentifier());
+ assertEquals("1.2.840.113549.1.1.5",thawte.getAlgorithmIdentifier());
+ assertEquals("1.2.840.113549.1.1.2",verisign.getAlgorithmIdentifier());
+ }
+
+ function testEmails() {
+ var a1 = cacert1.getEmails();
+ assertEquals(1, a1.length);
+ assertEquals("m...@no.domain", a1[0]);
+ assertEquals(0, verisign.getEmails().length);
+ assertEquals(0,thawte.getEmails().length);
+ }
+
+ function testNotAfter() {
+ assertEquals("2013-03-05 09:32:14", cacert1.getNotAfter().toString());
+ }
+}
+
+class Certs {
static public var CaKeyPem : String =
"-----BEGIN RSA PRIVATE KEY-----
MIIBOgIBAAJBAN6RwYF1nImZNwa9Koa7d3liuIeO+HArxmxEN3p4HUg4kbDeob1C
@@ -76,31 +134,3 @@
}
-//class TestPEM extends haxe.unit.TestCase {
-//}
-
-
-class X509 {
- static function main()
- {
-#if (FIREBUG && !neko)
- if(haxe.Firebug.detect()) {
- haxe.Firebug.redirectTraces();
- }
-#end
- //var x = new X509Certificate(Global.Verisign);
- //var x = new X509Certificate(Global.Thawte);
- var x = new X509Certificate(Global.CaCertPem);
- trace(x.isSelfSigned());
- trace(x.getSubjectPrincipal());
- trace(x.getCommonName());
-/*
- var r = new haxe.unit.TestRunner();
- r.add(new TestPEM());
- r.run();
-*/
- }
-
-}
-
-
Author: damon...@gmail.com
Date: Sat Aug 18 21:44:13 2012
Log: Crypto test files
http://code.google.com/p/caffeine-hx/source/detail?r=753
Added:
/trunk/ext3/Tests/crypt/certs/demoCA
/trunk/ext3/Tests/crypt/certs/demoCA/CA.pl
/trunk/ext3/Tests/crypt/certs/demoCA/README
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/cacert.pem
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/careq.pem
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/certs
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/crl
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/crlnumber
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/index.txt
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/index.txt.attr
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/index.txt.attr.old
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/index.txt.old
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/newcerts
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/newcerts/8213D63F58CD790A.pem
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/newcerts/8213D63F58CD790B.pem
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/private
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/private/cakey.pem
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/serial
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/serial.old
/trunk/ext3/Tests/crypt/certs/demoCA/newcert.pem
/trunk/ext3/Tests/crypt/certs/demoCA/newdecrypted.pem
/trunk/ext3/Tests/crypt/certs/demoCA/newkey.pem
/trunk/ext3/Tests/crypt/certs/expired
/trunk/ext3/Tests/crypt/certs/expired/README
/trunk/ext3/Tests/crypt/certs/expired/client.pem
/trunk/ext3/Tests/crypt/certs/expired/root.pem
/trunk/ext3/Tests/crypt/certs/expired/server.pem
/trunk/ext3/Tests/crypt/certs/mail.google.com.pem
/trunk/ext3/Tests/crypt/certs/thawte2.pem
Modified:
/trunk/ext3/Tests/crypt/Makefile
/trunk/ext3/Tests/crypt/src/IVModeTest.hx
/trunk/ext3/Tests/crypt/src/RsaTest.hx
/trunk/ext3/Tests/crypt/src/X509.hx
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/CA.pl Sat Aug 18 21:44:13 2012
@@ -0,0 +1,189 @@
+#!/usr/bin/perl
+#
+# CA - wrapper around ca to make it easier to use ... basically ca requires
+# some setup stuff to be done before you can use it and this makes
+# things easier between now and when Eric is convinced to fix it :-)
+#
+# CA -newca ... will setup the right stuff
+# CA -newreq[-nodes] ... will generate a certificate request
+# CA -sign ... will sign the generated request and output
+#
+# At the end of that grab newreq.pem and newcert.pem (one has the key
+# and the other the certificate) and cat them together and that is what
+# you want/need ... I'll make even this a little cleaner later.
+#
+#
+# 12-Jan-96 tjh Added more things ... including CA -signcert which
+# converts a certificate to a request and then signs it.
+# 10-Jan-96 eay Fixed a few more bugs and added the SSLEAY_CONFIG
+# environment variable so this can be driven from
+# a script.
+# 25-Jul-96 eay Cleaned up filenames some more.
+# 11-Jun-96 eay Fixed a few filename missmatches.
+# 03-May-96 eay Modified to use 'ssleay cmd' instead of 'cmd'.
+# 18-Apr-96 tjh Original hacking
+#
+# Tim Hudson
+# t...@cryptsoft.com
+#
+
+# 27-Apr-98 snh Translation into perl, fix existing CA bug.
+#
+#
+# Steve Henson
+# she...@bigfoot.com
+
+# default openssl.cnf file has setup as per the following
+# demoCA ... where everything is stored
+
+my $openssl;
+if(defined $ENV{OPENSSL}) {
+ $openssl = $ENV{OPENSSL};
+} else {
+ $openssl = "openssl";
+ $ENV{OPENSSL} = $openssl;
+}
+
+$SSLEAY_CONFIG=$ENV{"SSLEAY_CONFIG"};
+$DAYS="-days 365"; # 1 year
+$CADAYS="-days 3650"; # 10 years
+$REQ="$openssl req $SSLEAY_CONFIG";
+$CA="$openssl ca $SSLEAY_CONFIG";
+$VERIFY="$openssl verify";
+$X509="$openssl x509";
+$PKCS12="$openssl pkcs12";
+
+$CATOP="./demoCA";
+$CAKEY="cakey.pem";
+$CAREQ="careq.pem";
+$CACERT="cacert.pem";
+
+$DIRMODE = 0777;
+
+$RET = 0;
+
+foreach (@ARGV) {
+ if ( /^(-\?|-h|-help)$/ ) {
+ print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|
-verify\n";
+ exit 0;
+ } elsif (/^-newcert$/) {
+ # create a certificate
+ system ("$REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS");
+ $RET=$?;
+ print "Certificate is in newcert.pem, private key is in newkey.pem\n"
+ } elsif (/^-newreq$/) {
+ # create a certificate request
+ system ("$REQ -new -keyout newkey.pem -out newreq.pem $DAYS");
+ $RET=$?;
+ print "Request is in newreq.pem, private key is in newkey.pem\n";
+ } elsif (/^-newreq-nodes$/) {
+ # create a certificate request
+ system ("$REQ -new -nodes -keyout newkey.pem -out newreq.pem $DAYS");
+ $RET=$?;
+ print "Request is in newreq.pem, private key is in newkey.pem\n";
+ } elsif (/^-newca$/) {
+ # if explicitly asked for or it doesn't exist then setup the
+ # directory structure that Eric likes to manage things
+ $NEW="1";
+ if ( "$NEW" || ! -f "${CATOP}/serial" ) {
+ # create the directory hierarchy
+ mkdir $CATOP, $DIRMODE;
+ mkdir "${CATOP}/certs", $DIRMODE;
+ mkdir "${CATOP}/crl", $DIRMODE ;
+ mkdir "${CATOP}/newcerts", $DIRMODE;
+ mkdir "${CATOP}/private", $DIRMODE;
+ open OUT, ">${CATOP}/index.txt";
+ close OUT;
+ open OUT, ">${CATOP}/crlnumber";
+ print OUT "01\n";
+ close OUT;
+ }
+ if ( ! -f "${CATOP}/private/$CAKEY" ) {
+ print "CA certificate filename (or enter to create)\n";
+ $FILE = <STDIN>;
+
+ chop $FILE;
+
+ # ask user for existing CA certificate
+ if ($FILE) {
+ cp_pem($FILE,"${CATOP}/private/$CAKEY", "PRIVATE");
+ cp_pem($FILE,"${CATOP}/$CACERT", "CERTIFICATE");
+ $RET=$?;
+ } else {
+ print "Making CA certificate ...\n";
+ system ("$REQ -new -keyout " .
+ "${CATOP}/private/$CAKEY -out ${CATOP}/$CAREQ");
+ system ("$CA -create_serial " .
+ "-out ${CATOP}/$CACERT $CADAYS -batch " .
+ "-keyfile ${CATOP}/private/$CAKEY -selfsign " .
+ "-extensions v3_ca " .
+ "-infiles ${CATOP}/$CAREQ ");
+ $RET=$?;
+ }
+ }
+ } elsif (/^-pkcs12$/) {
+ my $cname = $ARGV[1];
+ $cname = "My Certificate" unless defined $cname;
+ system ("$PKCS12 -in newcert.pem -inkey newkey.pem " .
+ "-certfile ${CATOP}/$CACERT -out newcert.p12 " .
+ "-export -name \"$cname\"");
+ $RET=$?;
+ print "PKCS #12 file is in newcert.p12\n";
+ exit $RET;
+ } elsif (/^-xsign$/) {
+ system ("$CA -policy policy_anything -infiles newreq.pem");
+ $RET=$?;
+ } elsif (/^(-sign|-signreq)$/) {
+ system ("$CA -policy policy_anything -out newcert.pem " .
+ "-infiles newreq.pem");
+ $RET=$?;
+ print "Signed certificate is in newcert.pem\n";
+ } elsif (/^(-signCA)$/) {
+ system ("$CA -policy policy_anything -out newcert.pem " .
+ "-extensions v3_ca -infiles newreq.pem");
+ $RET=$?;
+ print "Signed CA certificate is in newcert.pem\n";
+ } elsif (/^-signcert$/) {
+ system ("$X509 -x509toreq -in newreq.pem -signkey newreq.pem " .
+ "-out tmp.pem");
+ system ("$CA -policy policy_anything -out newcert.pem " .
+ "-infiles tmp.pem");
+ $RET = $?;
+ print "Signed certificate is in newcert.pem\n";
+ } elsif (/^-verify$/) {
+ if (shift) {
+ foreach $j (@ARGV) {
+ system ("$VERIFY -CAfile $CATOP/$CACERT $j");
+ $RET=$? if ($? != 0);
+ }
+ exit $RET;
+ } else {
+ system ("$VERIFY -CAfile $CATOP/$CACERT newcert.pem");
+ $RET=$?;
+ exit 0;
+ }
+ } else {
+ print STDERR "Unknown arg $_\n";
+ print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|
-verify\n";
+ exit 1;
+ }
+}
+
+exit $RET;
+
+sub cp_pem {
+my ($infile, $outfile, $bound) = @_;
+open IN, $infile;
+open OUT, ">$outfile";
+my $flag = 0;
+while (<IN>) {
+ $flag = 1 if (/^-----BEGIN.*$bound/) ;
+ print OUT $_ if ($flag);
+ if (/^-----END.*$bound/) {
+ close IN;
+ close OUT;
+ return;
+ }
+}
+}
+
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/README Sat Aug 18 21:44:13 2012
@@ -0,0 +1,5 @@
+Passwords are all qwerty
+
+http://sandbox.rulemaker.net/ngps/m2/howto.ca.html
+http://www.freebsdmadeeasy.com/tutorials/freebsd/create-a-ca-with-openssl.php
+
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/demoCA/cacert.pem Sat Aug 18
21:44:13 2012
@@ -0,0 +1,59 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 82:13:d6:3f:58:cd:79:0a
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=CA, ST=Ontario, O=Demo Root Authority Corp, CN=Demo CA
Guys/emailAddress=de...@demoroot.dom
+ Validity
+ Not Before: Feb 4 04:00:41 2012 GMT
+ Not After : Feb 1 04:00:41 2022 GMT
+ Subject: C=CA, ST=Ontario, O=Demo Root Authority Corp, CN=Demo CA
Guys/emailAddress=de...@demoroot.dom
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:e7:d4:5b:e7:e0:31:9f:a1:a9:5e:7c:61:98:98:
+ 72:fc:c6:dd:5d:2f:80:7e:88:ba:86:46:16:01:26:
+ 33:31:c0:4e:46:1c:05:25:d1:49:7a:0c:b2:03:0f:
+ f5:6c:49:66:ab:3c:37:29:1b:4f:18:d0:80:a5:5b:
+ 9a:8f:03:c3:f8:8c:9e:99:fa:1a:58:2e:f7:52:03:
+ c7:70:9b:15:57:e7:64:21:b4:cc:5c:47:db:38:08:
+ 4b:2c:5b:a2:30:5e:9b:84:85:45:a8:a8:1e:8e:7a:
+ 4b:9c:a0:51:28:d9:1a:4e:a3:d7:5d:cd:21:b1:aa:
+ 32:41:57:e7:85:c7:2f:2d:e5
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 59:E1:8D:8E:B1:D0:7D:9A:39:24:6D:7C:0D:8E:DB:E9:37:AE:D1:5D
+ X509v3 Authority Key Identifier:
+
keyid:59:E1:8D:8E:B1:D0:7D:9A:39:24:6D:7C:0D:8E:DB:E9:37:AE:D1:5D
+
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: sha1WithRSAEncryption
+ 6c:f1:c6:fd:50:2c:31:33:9e:6b:bf:d9:9b:99:06:be:b9:07:
+ 6a:19:51:83:74:b6:d4:21:db:3b:10:95:b6:5e:39:b0:88:4a:
+ 04:7a:0d:01:be:af:ed:0e:ff:d4:37:71:13:2a:82:b8:e7:6a:
+ 21:db:47:15:2c:5e:35:38:9e:b9:64:10:c0:81:d0:d2:85:17:
+ d2:73:da:ec:e0:b5:19:c8:3d:c8:b5:7b:64:7c:9a:32:76:3e:
+ 22:03:3c:2f:44:c5:cf:00:05:36:d8:b4:07:eb:38:19:a4:39:
+ 0d:8b:7d:bc:23:95:7d:99:92:09:b3:79:27:31:0d:a1:c2:69:
+ 5a:f9
+-----BEGIN CERTIFICATE-----
+MIICxDCCAi2gAwIBAgIJAIIT1j9YzXkKMA0GCSqGSIb3DQEBBQUAMHsxCzAJBgNV
+BAYTAkNBMRAwDgYDVQQIDAdPbnRhcmlvMSEwHwYDVQQKDBhEZW1vIFJvb3QgQXV0
+aG9yaXR5IENvcnAxFTATBgNVBAMMDERlbW8gQ0EgR3V5czEgMB4GCSqGSIb3DQEJ
+ARYRZGVtb0BkZW1vcm9vdC5kb20wHhcNMTIwMjA0MDQwMDQxWhcNMjIwMjAxMDQw
+MDQxWjB7MQswCQYDVQQGEwJDQTEQMA4GA1UECAwHT250YXJpbzEhMB8GA1UECgwY
+RGVtbyBSb290IEF1dGhvcml0eSBDb3JwMRUwEwYDVQQDDAxEZW1vIENBIEd1eXMx
+IDAeBgkqhkiG9w0BCQEWEWRlbW9AZGVtb3Jvb3QuZG9tMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQDn1Fvn4DGfoalefGGYmHL8xt1dL4B+iLqGRhYBJjMxwE5G
+HAUl0Ul6DLIDD/VsSWarPDcpG08Y0IClW5qPA8P4jJ6Z+hpYLvdSA8dwmxVX52Qh
+tMxcR9s4CEssW6IwXpuEhUWoqB6OekucoFEo2RpOo9ddzSGxqjJBV+eFxy8t5QID
+AQABo1AwTjAdBgNVHQ4EFgQUWeGNjrHQfZo5JG18DY7b6Teu0V0wHwYDVR0jBBgw
+FoAUWeGNjrHQfZo5JG18DY7b6Teu0V0wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0B
+AQUFAAOBgQBs8cb9UCwxM55rv9mbmQa+uQdqGVGDdLbUIds7EJW2XjmwiEoEeg0B
+vq/tDv/UN3ETKoK452oh20cVLF41OJ65ZBDAgdDShRfSc9rs4LUZyD3ItXtkfJoy
+dj4iAzwvRMXPAAU22LQH6zgZpDkNi328I5V9mZIJs3knMQ2hwmla+Q==
+-----END CERTIFICATE-----
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/demoCA/careq.pem Sat Aug 18
21:44:13 2012
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBzjCCATcCAQAwgY0xCzAJBgNVBAYTAkNBMRAwDgYDVQQIDAdPbnRhcmlvMRAw
+DgYDVQQHDAdUb3JvbnRvMSEwHwYDVQQKDBhEZW1vIFJvb3QgQXV0aG9yaXR5IENv
+cnAxFTATBgNVBAMMDERlbW8gQ0EgR3V5czEgMB4GCSqGSIb3DQEJARYRZGVtb0Bk
+ZW1vcm9vdC5kb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOfUW+fgMZ+h
+qV58YZiYcvzG3V0vgH6IuoZGFgEmMzHATkYcBSXRSXoMsgMP9WxJZqs8NykbTxjQ
+gKVbmo8Dw/iMnpn6Glgu91IDx3CbFVfnZCG0zFxH2zgISyxbojBem4SFRaioHo56
+S5ygUSjZGk6j113NIbGqMkFX54XHLy3lAgMBAAGgADANBgkqhkiG9w0BAQUFAAOB
+gQBDDltdDKBv/2OBvVwnWuXfnxLzKkjJJ+h8b7re8fJAaW12/bKS63tVEIewxSCX
+vN96SaWJlmpFcwVbKHYtcEAHjy/38y2cz0o7+YL4r8mNJXo3mkIZihNMO7ZEBnll
+T/c5F2CarK//+PqGlOofz9E2U0dZCCx0biyELTmc3xhaAA==
+-----END CERTIFICATE REQUEST-----
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/demoCA/crlnumber Sat Aug 18
21:44:13 2012
@@ -0,0 +1,1 @@
+01
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/demoCA/index.txt Sat Aug 18
21:44:13 2012
@@ -0,0 +1,2 @@
+V 220201040041Z 8213D63F58CD790A unknown /C=CA/ST=Ontario/O=Demo Root
Authority Corp/CN=Demo CA Guys/emailAddress=de...@demoroot.dom
+V 130203040550Z 8213D63F58CD790B unknown
/C=CA/ST=Quebec/L=Montreal/O=Crypt
Client/CN=localhost/emailAddress=ad...@server.sample.dom
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/demoCA/index.txt.attr Sat Aug 18
21:44:13 2012
@@ -0,0 +1,1 @@
+unique_subject = yes
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/demoCA/index.txt.attr.old Sat Aug
18 21:44:13 2012
@@ -0,0 +1,1 @@
+unique_subject = yes
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/demoCA/index.txt.old Sat Aug 18
21:44:13 2012
@@ -0,0 +1,1 @@
+V 220201040041Z 8213D63F58CD790A unknown /C=CA/ST=Ontario/O=Demo Root
Authority Corp/CN=Demo CA Guys/emailAddress=de...@demoroot.dom
=======================================
--- /dev/null
+++
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/newcerts/8213D63F58CD790A.pem
Sat Aug 18 21:44:13 2012
@@ -0,0 +1,59 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 82:13:d6:3f:58:cd:79:0a
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=CA, ST=Ontario, O=Demo Root Authority Corp, CN=Demo CA
Guys/emailAddress=de...@demoroot.dom
+ Validity
+ Not Before: Feb 4 04:00:41 2012 GMT
+ Not After : Feb 1 04:00:41 2022 GMT
+ Subject: C=CA, ST=Ontario, O=Demo Root Authority Corp, CN=Demo CA
Guys/emailAddress=de...@demoroot.dom
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:e7:d4:5b:e7:e0:31:9f:a1:a9:5e:7c:61:98:98:
+ 72:fc:c6:dd:5d:2f:80:7e:88:ba:86:46:16:01:26:
+ 33:31:c0:4e:46:1c:05:25:d1:49:7a:0c:b2:03:0f:
+ f5:6c:49:66:ab:3c:37:29:1b:4f:18:d0:80:a5:5b:
+ 9a:8f:03:c3:f8:8c:9e:99:fa:1a:58:2e:f7:52:03:
+ c7:70:9b:15:57:e7:64:21:b4:cc:5c:47:db:38:08:
+ 4b:2c:5b:a2:30:5e:9b:84:85:45:a8:a8:1e:8e:7a:
+ 4b:9c:a0:51:28:d9:1a:4e:a3:d7:5d:cd:21:b1:aa:
+ 32:41:57:e7:85:c7:2f:2d:e5
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 59:E1:8D:8E:B1:D0:7D:9A:39:24:6D:7C:0D:8E:DB:E9:37:AE:D1:5D
+ X509v3 Authority Key Identifier:
+
keyid:59:E1:8D:8E:B1:D0:7D:9A:39:24:6D:7C:0D:8E:DB:E9:37:AE:D1:5D
+
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: sha1WithRSAEncryption
+ 6c:f1:c6:fd:50:2c:31:33:9e:6b:bf:d9:9b:99:06:be:b9:07:
+ 6a:19:51:83:74:b6:d4:21:db:3b:10:95:b6:5e:39:b0:88:4a:
+ 04:7a:0d:01:be:af:ed:0e:ff:d4:37:71:13:2a:82:b8:e7:6a:
+ 21:db:47:15:2c:5e:35:38:9e:b9:64:10:c0:81:d0:d2:85:17:
+ d2:73:da:ec:e0:b5:19:c8:3d:c8:b5:7b:64:7c:9a:32:76:3e:
+ 22:03:3c:2f:44:c5:cf:00:05:36:d8:b4:07:eb:38:19:a4:39:
+ 0d:8b:7d:bc:23:95:7d:99:92:09:b3:79:27:31:0d:a1:c2:69:
+ 5a:f9
+-----BEGIN CERTIFICATE-----
+MIICxDCCAi2gAwIBAgIJAIIT1j9YzXkKMA0GCSqGSIb3DQEBBQUAMHsxCzAJBgNV
+BAYTAkNBMRAwDgYDVQQIDAdPbnRhcmlvMSEwHwYDVQQKDBhEZW1vIFJvb3QgQXV0
+aG9yaXR5IENvcnAxFTATBgNVBAMMDERlbW8gQ0EgR3V5czEgMB4GCSqGSIb3DQEJ
+ARYRZGVtb0BkZW1vcm9vdC5kb20wHhcNMTIwMjA0MDQwMDQxWhcNMjIwMjAxMDQw
+MDQxWjB7MQswCQYDVQQGEwJDQTEQMA4GA1UECAwHT250YXJpbzEhMB8GA1UECgwY
+RGVtbyBSb290IEF1dGhvcml0eSBDb3JwMRUwEwYDVQQDDAxEZW1vIENBIEd1eXMx
+IDAeBgkqhkiG9w0BCQEWEWRlbW9AZGVtb3Jvb3QuZG9tMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQDn1Fvn4DGfoalefGGYmHL8xt1dL4B+iLqGRhYBJjMxwE5G
+HAUl0Ul6DLIDD/VsSWarPDcpG08Y0IClW5qPA8P4jJ6Z+hpYLvdSA8dwmxVX52Qh
+tMxcR9s4CEssW6IwXpuEhUWoqB6OekucoFEo2RpOo9ddzSGxqjJBV+eFxy8t5QID
+AQABo1AwTjAdBgNVHQ4EFgQUWeGNjrHQfZo5JG18DY7b6Teu0V0wHwYDVR0jBBgw
+FoAUWeGNjrHQfZo5JG18DY7b6Teu0V0wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0B
+AQUFAAOBgQBs8cb9UCwxM55rv9mbmQa+uQdqGVGDdLbUIds7EJW2XjmwiEoEeg0B
+vq/tDv/UN3ETKoK452oh20cVLF41OJ65ZBDAgdDShRfSc9rs4LUZyD3ItXtkfJoy
+dj4iAzwvRMXPAAU22LQH6zgZpDkNi328I5V9mZIJs3knMQ2hwmla+Q==
+-----END CERTIFICATE-----
=======================================
--- /dev/null
+++
/trunk/ext3/Tests/crypt/certs/demoCA/demoCA/newcerts/8213D63F58CD790B.pem
Sat Aug 18 21:44:13 2012
@@ -0,0 +1,62 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 82:13:d6:3f:58:cd:79:0b
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=CA, ST=Ontario, O=Demo Root Authority Corp, CN=Demo CA
Guys/emailAddress=de...@demoroot.dom
+ Validity
+ Not Before: Feb 4 04:05:50 2012 GMT
+ Not After : Feb 3 04:05:50 2013 GMT
+ Subject: C=CA, ST=Quebec, L=Montreal, O=Crypt Client,
CN=localhost/emailAddress=ad...@server.sample.dom
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:f1:4a:64:89:8a:d2:da:f5:73:35:f2:ca:b6:15:
+ f0:a0:14:80:99:f3:a0:be:73:67:61:5a:1c:c9:65:
+ bf:55:78:2c:87:d1:35:95:f6:97:a1:4e:d0:c5:1f:
+ e0:be:9d:12:20:19:96:ba:10:e8:cd:e0:56:77:1b:
+ ff:b7:90:21:cb:eb:83:8a:f4:d8:e0:07:2b:f2:a9:
+ a8:de:d4:b3:eb:e6:e0:05:e4:2e:52:78:6c:81:fd:
+ 15:5b:f5:ef:07:4a:67:cf:62:93:c2:c5:62:b7:69:
+ b7:58:96:54:ff:fe:01:67:07:10:3c:b2:65:3b:8b:
+ ce:96:d7:2f:18:82:17:10:f7
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ Netscape Comment:
+ OpenSSL Generated Certificate
+ X509v3 Subject Key Identifier:
+ BE:D5:10:E0:83:1A:F5:5A:7B:D3:35:B7:3B:A6:6D:5A:13:D6:4C:69
+ X509v3 Authority Key Identifier:
+
keyid:59:E1:8D:8E:B1:D0:7D:9A:39:24:6D:7C:0D:8E:DB:E9:37:AE:D1:5D
+
+ Signature Algorithm: sha1WithRSAEncryption
+ 90:e9:95:3d:62:6e:86:6c:f7:c4:b9:6a:00:08:b6:32:f7:a9:
+ e8:be:c1:4e:06:02:12:34:62:6a:e5:79:f2:8d:93:ea:ba:7e:
+ 28:20:eb:40:37:42:40:5f:8b:e7:32:ce:63:60:60:b3:88:8f:
+ 33:40:aa:8c:e1:84:5b:ec:e6:0b:55:2c:0d:6e:e9:fd:d0:2d:
+ 20:5a:9d:79:e8:5d:b1:12:b6:4e:89:0e:49:d7:64:e9:08:a8:
+ a5:8c:26:95:bb:57:bd:4a:f1:ae:d0:1d:4e:f0:7c:58:a5:64:
+ bd:cd:5e:53:cd:0b:51:13:2a:43:6d:7c:bf:77:8b:ee:b2:b0:
+ 46:9c
+-----BEGIN CERTIFICATE-----
+MIIC+TCCAmKgAwIBAgIJAIIT1j9YzXkLMA0GCSqGSIb3DQEBBQUAMHsxCzAJBgNV
+BAYTAkNBMRAwDgYDVQQIDAdPbnRhcmlvMSEwHwYDVQQKDBhEZW1vIFJvb3QgQXV0
+aG9yaXR5IENvcnAxFTATBgNVBAMMDERlbW8gQ0EgR3V5czEgMB4GCSqGSIb3DQEJ
+ARYRZGVtb0BkZW1vcm9vdC5kb20wHhcNMTIwMjA0MDQwNTUwWhcNMTMwMjAzMDQw
+NTUwWjCBhDELMAkGA1UEBhMCQ0ExDzANBgNVBAgMBlF1ZWJlYzERMA8GA1UEBwwI
+TW9udHJlYWwxFTATBgNVBAoMDENyeXB0IENsaWVudDESMBAGA1UEAwwJbG9jYWxo
+b3N0MSYwJAYJKoZIhvcNAQkBFhdhZG1pbkBzZXJ2ZXIuc2FtcGxlLmRvbTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA8UpkiYrS2vVzNfLKthXwoBSAmfOgvnNn
+YVocyWW/VXgsh9E1lfaXoU7QxR/gvp0SIBmWuhDozeBWdxv/t5Ahy+uDivTY4Acr
+8qmo3tSz6+bgBeQuUnhsgf0VW/XvB0pnz2KTwsVit2m3WJZU//4BZwcQPLJlO4vO
+ltcvGIIXEPcCAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3Bl
+blNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFL7VEOCDGvVae9M1
+tzumbVoT1kxpMB8GA1UdIwQYMBaAFFnhjY6x0H2aOSRtfA2O2+k3rtFdMA0GCSqG
+SIb3DQEBBQUAA4GBAJDplT1iboZs98S5agAItjL3qei+wU4GAhI0YmrlefKNk+q6
+figg60A3QkBfi+cyzmNgYLOIjzNAqozhhFvs5gtVLA1u6f3QLSBanXnoXbEStk6J
+DknXZOkIqKWMJpW7V71K8a7QHU7wfFilZL3NXlPNC1ETKkNtfL93i+6ysEac
+-----END CERTIFICATE-----
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/demoCA/private/cakey.pem Sat Aug
18 21:44:13 2012
@@ -0,0 +1,17 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIwBBvVDtgG6ACAggA
+MBQGCCqGSIb3DQMHBAirl+lyTj8IhASCAoDWRXP94Ze1IFvS3OllJJ1ZHZR8OAI3
+a1/Ofu5MqLhmy/c5kSpk7vGxwKRLjBYNOBoipetqiAixtni6nHgajlTobNWBtxNe
+G/gDqMF2//3UbCubeokxdwAf6bb7+5BvkvsfKJOzHaUJ6vo136W20JN3Cx6Eldw+
+xvp/494gWZ7H4VyzAdLQgXf82sG3kfr+oHLrmCC/GqIXaAG0UForprsbbOXimkyi
+XmiaDdNtemveaI/OWcXkb0/n7bDCCsnOca0a3pbKDONFFcZ2X1iTklC32/e2XaLv
+btBkcIjDNWhZRJDmqrPWTq4VtEhEphHHt8QTXpmNA/V3nK7GO2MqI7I2uLZeG82k
+atz1u1yN8ZzMZzZc9DEdpZ0rH56cIcQ/7NK3VpTIhOwngAF6GLuiQLbR8iou8DJG
+faAhRJJCcDb4H8b8VHXOU7XkFP2l7dLZzck37HAPBLl4BRJ4r/oyTtAdHTplS8LG
+7z52+Od4GsOSwyRAI/wfk7dHGJ0twJZFkxgRmgnIqrRHZWtrWOu4m0makby+bji/
+c9K8vLY6Tf+95h0YA34WN/+i9nduv/1848YwsNlr1U21YVycO0W8vuIO/Lw9hmOY
+uAOaylmOhzzyp3H49Myc7JzkN3q6I6XFchl7UErLXKFp3n4dJuX5CPRoGFAGazbG
+Ay58gBNydaTB/57BcK/pe5E1BdeCZ3a8W6x111whUzWd/grfuYdLGZA7n+D4yyOQ
+nO7mSo8oIlQVJLV6h/2azjp4ZEZ+KzDTUyrmekeFROTLzzqHp3Z6hbd96yX7iK7m
+JqX2EfWhvfubu8rhoQwWk5y99OKi6epbnZdU2c4dlCVQ097AIFP38Vtt
+-----END ENCRYPTED PRIVATE KEY-----
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/demoCA/serial Sat Aug 18 21:44:13
2012
@@ -0,0 +1,1 @@
+8213D63F58CD790C
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/demoCA/serial.old Sat Aug 18
21:44:13 2012
@@ -0,0 +1,1 @@
+8213D63F58CD790B
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/newcert.pem Sat Aug 18 21:44:13
2012
@@ -0,0 +1,62 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 82:13:d6:3f:58:cd:79:0b
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=CA, ST=Ontario, O=Demo Root Authority Corp, CN=Demo CA
Guys/emailAddress=de...@demoroot.dom
+ Validity
+ Not Before: Feb 4 04:05:50 2012 GMT
+ Not After : Feb 3 04:05:50 2013 GMT
+ Subject: C=CA, ST=Quebec, L=Montreal, O=Crypt Client,
CN=localhost/emailAddress=ad...@server.sample.dom
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:f1:4a:64:89:8a:d2:da:f5:73:35:f2:ca:b6:15:
+ f0:a0:14:80:99:f3:a0:be:73:67:61:5a:1c:c9:65:
+ bf:55:78:2c:87:d1:35:95:f6:97:a1:4e:d0:c5:1f:
+ e0:be:9d:12:20:19:96:ba:10:e8:cd:e0:56:77:1b:
+ ff:b7:90:21:cb:eb:83:8a:f4:d8:e0:07:2b:f2:a9:
+ a8:de:d4:b3:eb:e6:e0:05:e4:2e:52:78:6c:81:fd:
+ 15:5b:f5:ef:07:4a:67:cf:62:93:c2:c5:62:b7:69:
+ b7:58:96:54:ff:fe:01:67:07:10:3c:b2:65:3b:8b:
+ ce:96:d7:2f:18:82:17:10:f7
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ Netscape Comment:
+ OpenSSL Generated Certificate
+ X509v3 Subject Key Identifier:
+ BE:D5:10:E0:83:1A:F5:5A:7B:D3:35:B7:3B:A6:6D:5A:13:D6:4C:69
+ X509v3 Authority Key Identifier:
+
keyid:59:E1:8D:8E:B1:D0:7D:9A:39:24:6D:7C:0D:8E:DB:E9:37:AE:D1:5D
+
+ Signature Algorithm: sha1WithRSAEncryption
+ 90:e9:95:3d:62:6e:86:6c:f7:c4:b9:6a:00:08:b6:32:f7:a9:
+ e8:be:c1:4e:06:02:12:34:62:6a:e5:79:f2:8d:93:ea:ba:7e:
+ 28:20:eb:40:37:42:40:5f:8b:e7:32:ce:63:60:60:b3:88:8f:
+ 33:40:aa:8c:e1:84:5b:ec:e6:0b:55:2c:0d:6e:e9:fd:d0:2d:
+ 20:5a:9d:79:e8:5d:b1:12:b6:4e:89:0e:49:d7:64:e9:08:a8:
+ a5:8c:26:95:bb:57:bd:4a:f1:ae:d0:1d:4e:f0:7c:58:a5:64:
+ bd:cd:5e:53:cd:0b:51:13:2a:43:6d:7c:bf:77:8b:ee:b2:b0:
+ 46:9c
+-----BEGIN CERTIFICATE-----
+MIIC+TCCAmKgAwIBAgIJAIIT1j9YzXkLMA0GCSqGSIb3DQEBBQUAMHsxCzAJBgNV
+BAYTAkNBMRAwDgYDVQQIDAdPbnRhcmlvMSEwHwYDVQQKDBhEZW1vIFJvb3QgQXV0
+aG9yaXR5IENvcnAxFTATBgNVBAMMDERlbW8gQ0EgR3V5czEgMB4GCSqGSIb3DQEJ
+ARYRZGVtb0BkZW1vcm9vdC5kb20wHhcNMTIwMjA0MDQwNTUwWhcNMTMwMjAzMDQw
+NTUwWjCBhDELMAkGA1UEBhMCQ0ExDzANBgNVBAgMBlF1ZWJlYzERMA8GA1UEBwwI
+TW9udHJlYWwxFTATBgNVBAoMDENyeXB0IENsaWVudDESMBAGA1UEAwwJbG9jYWxo
+b3N0MSYwJAYJKoZIhvcNAQkBFhdhZG1pbkBzZXJ2ZXIuc2FtcGxlLmRvbTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA8UpkiYrS2vVzNfLKthXwoBSAmfOgvnNn
+YVocyWW/VXgsh9E1lfaXoU7QxR/gvp0SIBmWuhDozeBWdxv/t5Ahy+uDivTY4Acr
+8qmo3tSz6+bgBeQuUnhsgf0VW/XvB0pnz2KTwsVit2m3WJZU//4BZwcQPLJlO4vO
+ltcvGIIXEPcCAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3Bl
+blNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFL7VEOCDGvVae9M1
+tzumbVoT1kxpMB8GA1UdIwQYMBaAFFnhjY6x0H2aOSRtfA2O2+k3rtFdMA0GCSqG
+SIb3DQEBBQUAA4GBAJDplT1iboZs98S5agAItjL3qei+wU4GAhI0YmrlefKNk+q6
+figg60A3QkBfi+cyzmNgYLOIjzNAqozhhFvs5gtVLA1u6f3QLSBanXnoXbEStk6J
+DknXZOkIqKWMJpW7V71K8a7QHU7wfFilZL3NXlPNC1ETKkNtfL93i+6ysEac
+-----END CERTIFICATE-----
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/newdecrypted.pem Sat Aug 18
21:44:13 2012
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQDxSmSJitLa9XM18sq2FfCgFICZ86C+c2dhWhzJZb9VeCyH0TWV
+9pehTtDFH+C+nRIgGZa6EOjN4FZ3G/+3kCHL64OK9NjgByvyqaje1LPr5uAF5C5S
+eGyB/RVb9e8HSmfPYpPCxWK3abdYllT//gFnBxA8smU7i86W1y8YghcQ9wIDAQAB
+AoGAW8Vto5p3Q+wi25vyWXrSwC/MEcHFm2oNIcvCMx9NvFYuqaF6fgUB+sodQTw0
+oIrg//B7kV0pDlSKzlaJ1ekt0MI354YanfCr9r2ip1xa4x7ZyGBOFQP3MlJHS+d+
++fUbCPwOFDLoyKcrlbY+kI5ECC9M2Ww6FAUXsqZd5zvlclECQQD8f+rHNjVSRjUK
+F6ZJHQhV+fjQrKXu7MaDsw5ZuQ1Ck42KZRs3pqpwo3sZf/Bfi5Q4Ig8EzUEIwAAE
+7naPJdrNAkEA9KKyQQuG89CcOmO2eHaf7YdDYpq9oGZXSBHIBnWY3ysvWLc1B04z
+9bodBabWA5jch+5GEcv8PvJT4M9qcyai0wJAY3WjrlrNAB6Fj/cm2g/kk7FGcDRB
+nG6J96CVW4RIE9x5WXVgFjjBVGMg/zdlIM2jUcUgs1yCbIbsuwSPkO1xVQJBAMiw
+gBOkZT23sbKlApiomGLASKOn1lC0JH5XOAU0jAjo4JqjEbnAihfYat6sE3439RL+
+gjUvZuws2GrhPa7hz0kCQQCUvtGVFuEIj3JvvSHAyGtnKgYakixoY/MVWRxkqLOc
+ZJTYLNjq0Oet8MofyqGYFlVzHNPh91xCfvvJQoXNM10/
+-----END RSA PRIVATE KEY-----
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/demoCA/newkey.pem Sat Aug 18 21:44:13 2012
@@ -0,0 +1,17 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIQOhoptscxL8CAggA
+MBQGCCqGSIb3DQMHBAi3Ti+5/E2fgwSCAoDe97Gv1/MYph7n6HP1yD7Ltgj50JcL
+NCHUp3+EOZxMT6XI6K2QCr+iiVE1fQiBkL7/OVZp35VnsvSwqWxu5p1Pwml72FHv
+FuGqG9g9DWUnNKzB9yIUAGta2s5fi1FjPTK9CXCK63Up84DyWwNeLOtQYVcKm4d4
+BlhcULS4AoOqxTkwYy+sgHXiHLvHFfAa7nvEJz4K/DjZqAdicFfPIrMdtDENnMIW
+cE+lE+a5UZvuYCXZZ4u9PlKtG5dufRHir5aL+HuBrZ8Aftex8yI47zf6zggP8sVe
+8fs0xmKk07fbbEFceMmla+c6WNHt6PPb6i0TIDrInMQr38jIuJP7l93T6jGpt4wD
+0Vewgcs3rbKYlauuVNkhtcnyudD7pqmJtHhUUgJeqegygw2ID/CP0Z8F3IicaXyb
+zHrQckPXnwcz/ECK1kvnZbGwWYVOGb3ueJ+wdYcDRYqSIM0IyLj6tSNVYnpfsKLe
+MndZDrqro73E6GBfsp2UB/nfqvHFJX+rC+7ST6Vx7N9AT1VA6xbFPY112bmAMQlY
+z3fqp3Lg9SCkEDZ474l041voLp+1T5NW/06kX9EDH33bn/IL7ik7row7cu8zb2xY
+PAyhwERseJF7G0l0AW4nGImqN0CC7eHRETvth2CrGqbTPcDKh6U2FdlsQbLoDuOW
+rrks7bukRLRtqvRF8LxBR81MvVAPbnHgFGjOaDaxKY0nJT63gKy8f2qLll32eUQx
+uXZ5DxCfTPBE28kHYwQArFw0NVTRiU66XW5sTOZ2Okf1vMDb7KguQspVDzgt3uvY
+7WIm0xSW5dIYoJK+bWJGhlr0OSrUy+dLF9ydBTYkOyGOC+ONVBkvMcKl
+-----END ENCRYPTED PRIVATE KEY-----
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/expired/README Sat Aug 18 21:44:13 2012
@@ -0,0 +1,1 @@
+Some sample certs that are expired
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/expired/client.pem Sat Aug 18 21:44:13
2012
@@ -0,0 +1,32 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,6D3B09E4CA5421FF
+
+SaDJA2MhJ12ZmDxfGkSLhQgjYPEQYqVfs5b4DZTz+9pJqzuNxHrZZU43oArbWBdB
+3DKc1THejbyHF2lY7xgPLk/5iax5r+CXesDKZroSliHyERBIOCUgDN6ecwvVGtYv
+C8IhlwGPEXyxr59lyV37RjkSUVXYBqiRbLlNIcQtp5T6GkFe+yftOnv6/UADCLTS
+Pu8xwkda1rf7dgPwYIKuk2SOTTe1VMDtWacRUGu8NteTJ4aiVaeeo9wdsKId5U2b
+Z7NTJjOjvdXOLRonfkGvDXmrmN4eICks0bV0ZBtkULAfGjKNGs6riY+XNGKNRmjI
+idRRB0za+EGorpiJ/vbe7n7uaFXIJlfqCwhTi4Up3mS8sR4tLHfmdjp85GV9P9B3
+xX3CHIeG5/EYDt0Qn1gRL5ODL/0O7nFGJslhcQUS6bMmcg9nSzhClTE2gREz0j9g
+pwzvRpEkIl3Tw4niZLIX8fW2cEIyKTBMCCG2MDwHHgXRL3SUXkOGeitFefkcXN/z
+/UWRS8XQcX7/lGWCiuEpgn+esoirjf8lFNVsx6OT0UXj3oBxGrz1iB/vpu/PMBVQ
+JsbEPSh/ElHSDUItw2ytjJmkolRtM01b7cFj16ZxbHjinXWTIGZFWUYIlaeA2zHK
+D/NRMFJwjrQYhjRgPqltvbw7M01Co7SNFBwSotARr36FBjsxbOH3F1jY6w+kXvJU
+X5m83C9UONM2K7kkKYXbE2yW+kzJF2LFX0Uu4yDluxNG767/WwqiQSI63aIzNAPp
+rSsaIMBSbVZia8q49gcvGyuvqBZpwm/PcZwr/PHJjvGs8hdU1ACmyQ==
+-----END RSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIICFTCCAX4CAgECMA0GCSqGSIb3DQEBBAUAMFcxCzAJBgNVBAYTAlVTMRMwEQYD
+VQQKEwpSVEZNLCBJbmMuMRkwFwYDVQQLExBXaWRnZXRzIERpdmlzaW9uMRgwFgYD
+VQQDEw9UZXN0IENBMjAwMTA1MTcwHhcNMDEwNTE3MTYxMTM2WhcNMDQwMzA2MTYx
+MTM2WjBOMQswCQYDVQQGEwJVUzETMBEGA1UEChMKUlRGTSwgSW5jLjEZMBcGA1UE
+CxMQV2lkZ2V0cyBEaXZpc2lvbjEPMA0GA1UEAxMGY2xpZW50MIGfMA0GCSqGSIb3
+DQEBAQUAA4GNADCBiQKBgQCHNWSoNh6msUwYGGd7TYQDsdSG0ao6QXaYjk+78ZyM
+QeZUBu2dZFjG4wnzkKwrD4rp/J5PLR9AdxR72lb9AavEOKL2UDHJGsscZkGVw/bz
+ZbxrKF2rvdpZSvKP1OhV1MOds/WTpRm1gcmVSoV5vLOMqVjzjHoxQ/+1zpjzMxWL
+0wIDAQABMA0GCSqGSIb3DQEBBAUAA4GBACTJhRR5tv8A7dc5+zmKR1Q/i8qE3Mrn
+mp/MOXHfX+ifJ/w+twoc/yd4En+7pr+hGsiTofct1JOZDW9Akq/ZGu1+NpVRT7Cw
+53EdMwpi7ArwZAsLIUBsKA7QmLTbdwjU5S7WlZ24eygZHyqZrK4Few+JuzlFkkoI
+FIDCfinyz24m
+-----END CERTIFICATE-----
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/expired/root.pem Sat Aug 18 21:44:13 2012
@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICIjCCAYugAwIBAgIBADANBgkqhkiG9w0BAQQFADBXMQswCQYDVQQGEwJVUzET
+MBEGA1UEChMKUlRGTSwgSW5jLjEZMBcGA1UECxMQV2lkZ2V0cyBEaXZpc2lvbjEY
+MBYGA1UEAxMPVGVzdCBDQTIwMDEwNTE3MB4XDTAxMDUxNzE2MDExNFoXDTA2MTIy
+NTE2MDExNFowVzELMAkGA1UEBhMCVVMxEzARBgNVBAoTClJURk0sIEluYy4xGTAX
+BgNVBAsTEFdpZGdldHMgRGl2aXNpb24xGDAWBgNVBAMTD1Rlc3QgQ0EyMDAxMDUx
+NzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAmkX40warmH0+lnwD9YjsJhRz
+ZX6qXadFry0y2trZ6gMs8Mv33IKPwOu8TE7V+3PESEtjI2wr8juV9OkbIPOm+td5
+M8+6vXyIW+JBo3ch99i0QMTf5/jTgsW+3IjV8yEdiGcZFp2NWKLRvZPq2VRbuF7R
+1pvgcaRuBJ0wGOohwnsCAwEAATANBgkqhkiG9w0BAQQFAAOBgQCUB8zMKIlX5io8
+TalbzH9Qke7BcvFAL+wp/5w1ToVsWkNrINSWKv6bl/jcqOD3aPhK7qhaeOU8ZWKL
+PoPPCnRl9Wo+1JtsOO3qIgJP79Bl9ooLGahixF2v/gea5qNISjQvwYllLSa//APP
+6kXHngO0RIRbiTBYHSkAzm6hDdsvVA==
+-----END CERTIFICATE-----
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/expired/server.pem Sat Aug 18 21:44:13
2012
@@ -0,0 +1,32 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,5772A2A7BE34B611
+
+1yJ+xAn4MudcIfXXy7ElYngJ9EohIh8yvcyVLmE4kVd0xeaL/Bqhvk25BjYCK5d9
+k1K8cjgnKEBjbC++0xtJxFSbUhwoKTLwn+sBoJDcFzMKkmJXXDbSTOaNr1sVwiAR
+SnB4lhUcHguYoV5zlRJn53ft7t1mjB6RwGH+d1Zx6t95OqM1lnKqwekwmotVAWHj
+ncu3N8qhmoPMppmzEv0fOo2/pK2WohcJykSeN5zBrZCUxoO0NBNEZkFUcVjR+KsA
+1ZeI1mU60szqg+AoU/XtFcow8RtG1QZKQbbXzyfbwaG+6LqkHaWYKHQEI1546yWK
+us1HJ734uUkZoyyyazG6PiGCYV2u/aY0i3qdmyDqTvmVIvve7E4glBrtDS9h7D40
+nPShIvOatoPzIK4Y0QSvrI3G1vTsIZT3IOZto4AWuOkLNfYS2ce7prOreF0KjhV0
+3tggw9pHdDmTjHTiIkXqheZxZ7TVu+pddZW+CuB62I8lCBGPW7os1f21e3eOD/oY
+YPCI44aJvgP+zUORuZBWqaSJ0AAIuVW9S83Yzkz/tlSFHViOebyd8Cug4TlxK1VI
+q6hbSafh4C8ma7YzlvqjMzqFifcIolcbx+1A6ot0UiayJTUra4d6Uc4Rbc9RIiG0
+jfDWC6aii9YkAgRl9WqSd31yASge/HDqVXFwR48qdlYQ57rcHviqxyrwRDnfw/lX
+Mf6LPiDKEco4MKej7SR2kK2c2AgxUzpGZeAY6ePyhxbdhA0eY21nDeFd/RbwSc5s
+eTiCCMr41OB4hfBFXKDKqsM3K7klhoz6D5WsgE6u3lDoTdz76xOSTg==
+-----END RSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIICGDCCAYECAgEBMA0GCSqGSIb3DQEBBAUAMFcxCzAJBgNVBAYTAlVTMRMwEQYD
+VQQKEwpSVEZNLCBJbmMuMRkwFwYDVQQLExBXaWRnZXRzIERpdmlzaW9uMRgwFgYD
+VQQDEw9UZXN0IENBMjAwMTA1MTcwHhcNMDEwNTE3MTYxMDU5WhcNMDQwMzA2MTYx
+MDU5WjBRMQswCQYDVQQGEwJVUzETMBEGA1UEChMKUlRGTSwgSW5jLjEZMBcGA1UE
+CxMQV2lkZ2V0cyBEaXZpc2lvbjESMBAGA1UEAxMJbG9jYWxob3N0MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQCiWhMjNOPlPLNW4DJFBiL2fFEIkHuRor0pKw25
+J0ZYHW93lHQ4yxA6afQr99ayRjMY0D26pH41f0qjDgO4OXskBsaYOFzapSZtQMbT
+97OCZ7aHtK8z0ZGNW/cslu+1oOLomgRxJomIFgW1RyUUkQP1n0hemtUdCLOLlO7Q
+CPqZLQIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAIumUwl1OoWuyN2xfoBHYAs+lRLY
+KmFLoI5+iMcGxWIsksmA+b0FLRAN43wmhPnums8eXgYbDCrKLv2xWcvKDP3mps7m
+AMivwtu/eFpYz6J8Mo1fsV4Ys08A/uPXkT23jyKo2hMu8mywkqXCXYF2e+7pEeBr
+dsbmkWK5NgoMl8eM
+-----END CERTIFICATE-----
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/mail.google.com.pem Sat Aug 18 21:44:13
2012
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDIjCCAougAwIBAgIQK59+5colpiUUIEeCdTqbuTANBgkqhkiG9w0BAQUFADBM
+MQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkg
+THRkLjEWMBQGA1UEAxMNVGhhd3RlIFNHQyBDQTAeFw0xMTEwMjYwMDAwMDBaFw0x
+MzA5MzAyMzU5NTlaMGkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh
+MRYwFAYDVQQHFA1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKFApHb29nbGUgSW5jMRgw
+FgYDVQQDFA9tYWlsLmdvb2dsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ
+AoGBAK85FZho5JL+T0/xu/8NLrD+Jaq9aARnJ+psQ0ynbcvIj36B7ocmJRASVDOe
+qj2bj46Ss0sB4/lKKcMP/ay300yXKT9pVc9wgwSvLgRudNYPFwn+niAkJOPHaJys
+Eb2S5LIbCfICMrtVGy0WXzASI+JMSo3C2j/huL/3OrGGvvDFAgMBAAGjgecwgeQw
+DAYDVR0TAQH/BAIwADA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLnRoYXd0
+ZS5jb20vVGhhd3RlU0dDQ0EuY3JsMCgGA1UdJQQhMB8GCCsGAQUFBwMBBggrBgEF
+BQcDAgYJYIZIAYb4QgQBMHIGCCsGAQUFBwEBBGYwZDAiBggrBgEFBQcwAYYWaHR0
+cDovL29jc3AudGhhd3RlLmNvbTA+BggrBgEFBQcwAoYyaHR0cDovL3d3dy50aGF3
+dGUuY29tL3JlcG9zaXRvcnkvVGhhd3RlX1NHQ19DQS5jcnQwDQYJKoZIhvcNAQEF
+BQADgYEANYARzVI+hCn7wSjhIOUCj19xZVgdYnJXPOZeJWHTy60i+NiBpOf0rnzZ
+wW2qkw1iB5/yZ0eZNDNPPQJ09IHWOAgh6OKh+gVBnJzJ+fPIo+4NpddQVF4vfXm3
+fgp8tuIsqK7+lNfNFjBxBKqeecPStiSnJavwSI4vw6e7UN0Pz7A=
+-----END CERTIFICATE-----
=======================================
--- /dev/null
+++ /trunk/ext3/Tests/crypt/certs/thawte2.pem Sat Aug 18 21:44:13 2012
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDIzCCAoygAwIBAgIEMAAAAjANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJV
+UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDMgUHVi
+bGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQwNTEzMDAw
+MDAwWhcNMTQwNTEyMjM1OTU5WjBMMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhh
+d3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEWMBQGA1UEAxMNVGhhd3RlIFNHQyBD
+QTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1NNn0I0Vf67NMf59HZGhPwtx
+PKzMyGT7Y/wySweUvW+Aui/hBJPAM/wJMyPpC3QrccQDxtLN4i/1CWPN/0ilAL/g
+5/OIty0y3pg25gqtAHvEZEo7hHUD8nCSfQ5i9SGraTaEMXWQ+L/HbIgbBpV8yeWo
+3nWhLHpo39XKHIdYYBkCAwEAAaOB/jCB+zASBgNVHRMBAf8ECDAGAQH/AgEAMAsG
+A1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwKAYDVR0RBCEwH6QdMBsxGTAX
+BgNVBAMTEFByaXZhdGVMYWJlbDMtMTUwMQYDVR0fBCowKDAmoCSgIoYgaHR0cDov
+L2NybC52ZXJpc2lnbi5jb20vcGNhMy5jcmwwMgYIKwYBBQUHAQEEJjAkMCIGCCsG
+AQUFBzABhhZodHRwOi8vb2NzcC50aGF3dGUuY29tMDQGA1UdJQQtMCsGCCsGAQUF
+BwMBBggrBgEFBQcDAgYJYIZIAYb4QgQBBgpghkgBhvhFAQgBMA0GCSqGSIb3DQEB
+BQUAA4GBAFWsY+reod3SkF+fC852vhNRj5PZBSvIG3dLrWlQoe7e3P3bB+noOZTc
+q3J5Lwa/q4FwxKjt6lM07e8eU9kGx1Yr0Vz00YqOtCuxN5BICEIlxT6Ky3/rbwTR
+bcV0oveifHtgPHfNDs5IAn8BL7abN+AqKjbc1YXWrOU/VG+WHgWv
+-----END CERTIFICATE-----
=======================================
--- /trunk/ext3/Tests/crypt/Makefile Sun Jan 15 15:43:27 2012
+++ /trunk/ext3/Tests/crypt/Makefile Sat Aug 18 21:44:13 2012
@@ -2,7 +2,8 @@
HAXECPP=haxelib run hxcpp
NMML=build.nmml
TARGETS:=$(shell cd src && ls *.hx | sed 's/.hx//g')
-DEBUG=-debug # -D FIREBUG
+#DEBUG=-debug
+#DEBUG=-debug -D CAFFEINE_DEBUG
COMMON=-cp ../../ -cp src $(DEBUG)
all:
@@ -10,11 +11,11 @@
$(TARGETS):
$(HAXE) $(COMMON) $(FLAGS) -neko test.n -main $@
+ $(HAXE) $(COMMON) $(FLAGS) -cpp cpp-native -main $@
+ $(HAXE) $(COMMON) $(FLAGS) -D useOpenSSL -cpp cpp-openssl -main $@
$(HAXE) $(COMMON) $(FLAGS) -swf test8.swf -swf-version 8 -main $@
$(HAXE) $(COMMON) $(FLAGS) -swf test9.swf -swf-version 9 -main $@
$(HAXE) $(COMMON) $(FLAGS) -js test.js -main $@
- $(HAXE) $(COMMON) $(FLAGS) -cpp cpp-native -main $@
-# $(HAXE) $(COMMON) $(FLAGS) -D useOpenSSL -cpp cpp-openssl -main $@
.PHONY clean:
rm -f test.js
=======================================
--- /trunk/ext3/Tests/crypt/src/IVModeTest.hx Sun Feb 26 14:32:06 2012
+++ /trunk/ext3/Tests/crypt/src/IVModeTest.hx Sat Aug 18 21:44:13 2012
@@ -84,6 +84,36 @@
function aescfb(key:Bytes, bits:Int, iv:Bytes, pt:Bytes, ct:Bytes) {
aes_common(key, bits, new CFB(), iv, pt, ct);
}
+
+ public function testStepped() : Void {
+ trace("\n============== STEPPED CBC AES 128 ==========\n");
+ var key:Bytes = Bytes.ofHex("2b7e151628aed2a6abf7158809cf4f3c");
+ var iv:Bytes = Bytes.ofHex("000102030405060708090a0b0c0d0e0f");
+ var pt:Bytes =
Bytes.ofHex("6bc1bee22e409f96e93d7e117393172a"+"ae2d8a571e03ac9c9eb76fac45af8e51");
+ var ct:Bytes =
Bytes.ofHex("7649abac8119b246cee98e9b12e9197d"+"5086cb9b507219ee95db113a917678b2");
+
+ var p = new CipherParams();
+ p.iv = iv;
+ var cipher = new Cipher(new Aes(128,key), new CBC(), new PadNone());
+ cipher.init(ENCRYPT, p);
+ var out = new BytesOutput();
+ var num = cipher.update(pt, 0, 3, out);
+ assertEquals(3, num);
+ num = cipher.update(pt,3,2,out);
+ assertEquals(2, num);
+ num = cipher.update(pt,5, 13,out);
+ assertEquals(13, num);
+ num = cipher.final(pt, 18, pt.length-18, out);
+ assertEquals(14, num);
+ var crypted = out.getBytes();
+ assertEquals(ct.toHex(), crypted.toHex());
+
+ cipher.init(DECRYPT, p);
+ out = new BytesOutput();
+ num = cipher.final(crypted,0,crypted.length,out);
+ var decrypted = out.getBytes();
+ assertEquals(pt.toHex(), decrypted.toHex());
+ }
public function testCBC_AES128():Void {
trace("\n============== CBC AES 128 ==========\n");
=======================================
--- /trunk/ext3/Tests/crypt/src/RsaTest.hx Sun Jan 15 15:43:27 2012
+++ /trunk/ext3/Tests/crypt/src/RsaTest.hx Sat Aug 18 21:44:13 2012
@@ -63,7 +63,11 @@
#end
var r = new haxe.unit.TestRunner();
r.add(new RsaTest());
- r.run();
+ //r.run();
+
+ var r = new RSAEncrypt(RSAK1.modulus, RSAK1.publicExponent);
+ var rsa = new ModeECB( r, new PadPkcs5(r.blockSize) );
+ trace(rsa.encrypt(Bytes.ofString("message")).toHex());
}
function test0() {
=======================================
--- /trunk/ext3/Tests/crypt/src/X509.hx Thu Jan 12 14:30:07 2012
+++ /trunk/ext3/Tests/crypt/src/X509.hx Sat Aug 18 21:44:13 2012
@@ -2,7 +2,65 @@
import chx.crypt.RSA;
import chx.crypt.cert.X509Certificate;
-class Global {
+class X509 extends haxe.unit.TestCase {
+ static var cacert1 : X509Certificate = new
X509Certificate(Certs.CaCertPem);
+ static var verisign: X509Certificate = new
X509Certificate(Certs.Verisign);
+ static var thawte : X509Certificate = new X509Certificate(Certs.Thawte);
+ static function main()
+ {
+#if (FIREBUG && !neko)
+ if(haxe.Firebug.detect()) {
+ haxe.Firebug.redirectTraces();
+ }
+#end
+ //var x = new X509Certificate(Certs.Verisign);
+ //var x = new X509Certificate(Certs.Thawte);
+
+ //trace(cacert1.getCommonName());
+ trace(cacert1.getNotAfter());
+ //trace(cacert1.isSelfSigned());
+ //trace(cacert1.getSubjectPrincipal());
+
+ var r = new haxe.unit.TestRunner();
+ r.add(new X509());
+ r.run();
+ }
+
+ function testFingerprints() {
+
assertEquals("10:d8:62:e0:35:cf:4e:ec:c3:11:67:30:fd:85:fe:5f:ab:b9:e5:69",
+ cacert1.getFingerprint("sha1").toHex(":"));
+ assertEquals("95:08:77:3f:9b:28:03:51:f5:cd:a6:1c:db:92:cb:da",
+ cacert1.getFingerprint("md5").toHex(":"));
+
assertEquals("44:63:c5:31:d7:cc:c1:00:67:94:61:2b:b6:56:d3:bf:82:57:84:6f",
+ verisign.getFingerprint("sha1").toHex(":"));
+ assertEquals("74:7b:82:03:43:f0:00:9e:6b:b3:ec:47:bf:85:a5:93",
+ verisign.getFingerprint("md5").toHex(":"));
+
assertEquals("d2:32:09:ad:23:d3:14:23:21:74:e4:0d:7f:9d:62:13:97:86:63:3a",
+ thawte.getFingerprint("sha1").toHex(":"));
+ assertEquals("67:cb:9d:c0:13:24:8a:82:9b:b2:17:1e:d1:1b:ec:d4",
+ thawte.getFingerprint("md5").toHex(":"));
+ }
+
+ function testSigAlg() {
+ assertEquals("1.2.840.113549.1.1.5",cacert1.getAlgorithmIdentifier());
+ assertEquals("1.2.840.113549.1.1.5",thawte.getAlgorithmIdentifier());
+ assertEquals("1.2.840.113549.1.1.2",verisign.getAlgorithmIdentifier());
+ }
+
+ function testEmails() {
+ var a1 = cacert1.getEmails();
+ assertEquals(1, a1.length);
+ assertEquals("m...@no.domain", a1[0]);
+ assertEquals(0, verisign.getEmails().length);
+ assertEquals(0,thawte.getEmails().length);
+ }
+
+ function testNotAfter() {
+ assertEquals("2013-03-05 09:32:14", cacert1.getNotAfter().toString());
+ }
+}
+
+class Certs {
static public var CaKeyPem : String =
"-----BEGIN RSA PRIVATE KEY-----
MIIBOgIBAAJBAN6RwYF1nImZNwa9Koa7d3liuIeO+HArxmxEN3p4HUg4kbDeob1C
@@ -76,31 +134,3 @@
}
-//class TestPEM extends haxe.unit.TestCase {
-//}
-
-
-class X509 {
- static function main()
- {
-#if (FIREBUG && !neko)
- if(haxe.Firebug.detect()) {
- haxe.Firebug.redirectTraces();
- }
-#end
- //var x = new X509Certificate(Global.Verisign);
- //var x = new X509Certificate(Global.Thawte);
- var x = new X509Certificate(Global.CaCertPem);
- trace(x.isSelfSigned());
- trace(x.getSubjectPrincipal());
- trace(x.getCommonName());
-/*
- var r = new haxe.unit.TestRunner();
- r.add(new TestPEM());
- r.run();
-*/
- }
-
-}
-
-
Reply all
Reply to author
Forward
0 new messages