summaryrefslogtreecommitdiff
path: root/school/node_modules/node-forge/nodejs/test/tls.js
diff options
context:
space:
mode:
Diffstat (limited to 'school/node_modules/node-forge/nodejs/test/tls.js')
-rw-r--r--school/node_modules/node-forge/nodejs/test/tls.js191
1 files changed, 191 insertions, 0 deletions
diff --git a/school/node_modules/node-forge/nodejs/test/tls.js b/school/node_modules/node-forge/nodejs/test/tls.js
new file mode 100644
index 0000000..d9ce944
--- /dev/null
+++ b/school/node_modules/node-forge/nodejs/test/tls.js
@@ -0,0 +1,191 @@
+(function() {
+
+function Tests(ASSERT, forge) {
+ describe('tls', function() {
+ it('should test TLS 1.0 PRF', function() {
+ // Note: This test vector is originally from:
+ // http://www.imc.org/ietf-tls/mail-archive/msg01589.html
+ // But that link is now dead.
+ var secret = forge.util.createBuffer().fillWithByte(0xAB, 48).getBytes();
+ var seed = forge.util.createBuffer().fillWithByte(0xCD, 64).getBytes();
+ var bytes = forge.tls.prf_tls1(secret, 'PRF Testvector', seed, 104);
+ var expect =
+ 'd3d4d1e349b5d515044666d51de32bab258cb521' +
+ 'b6b053463e354832fd976754443bcf9a296519bc' +
+ '289abcbc1187e4ebd31e602353776c408aafb74c' +
+ 'bc85eff69255f9788faa184cbb957a9819d84a5d' +
+ '7eb006eb459d3ae8de9810454b8b2d8f1afbc655' +
+ 'a8c9a013';
+ ASSERT.equal(bytes.toHex(), expect);
+ });
+
+ it('should establish a TLS connection and transfer data', function(done) {
+ var end = {};
+ var data = {};
+
+ createCertificate('server', data);
+ createCertificate('client', data);
+ data.client.connection = {};
+ data.server.connection = {};
+
+ end.client = forge.tls.createConnection({
+ server: false,
+ caStore: [data.server.cert],
+ sessionCache: {},
+ cipherSuites: [
+ forge.tls.CipherSuites.TLS_RSA_WITH_AES_128_CBC_SHA,
+ forge.tls.CipherSuites.TLS_RSA_WITH_AES_256_CBC_SHA],
+ virtualHost: 'server',
+ verify: function(c, verified, depth, certs) {
+ data.client.connection.commonName =
+ certs[0].subject.getField('CN').value;
+ data.client.connection.certVerified = verified;
+ return true;
+ },
+ connected: function(c) {
+ c.prepare('Hello Server');
+ },
+ getCertificate: function(c, hint) {
+ return data.client.cert;
+ },
+ getPrivateKey: function(c, cert) {
+ return data.client.privateKey;
+ },
+ tlsDataReady: function(c) {
+ end.server.process(c.tlsData.getBytes());
+ },
+ dataReady: function(c) {
+ data.client.connection.data = c.data.getBytes();
+ c.close();
+ },
+ closed: function(c) {
+ ASSERT.equal(data.client.connection.commonName, 'server');
+ ASSERT.equal(data.client.connection.certVerified, true);
+ ASSERT.equal(data.client.connection.data, 'Hello Client');
+ done();
+ },
+ error: function(c, error) {
+ ASSERT.equal(error.message, undefined);
+ }
+ });
+
+ end.server = forge.tls.createConnection({
+ server: true,
+ caStore: [data.client.cert],
+ sessionCache: {},
+ cipherSuites: [
+ forge.tls.CipherSuites.TLS_RSA_WITH_AES_128_CBC_SHA,
+ forge.tls.CipherSuites.TLS_RSA_WITH_AES_256_CBC_SHA],
+ connected: function(c) {
+ },
+ verifyClient: true,
+ verify: function(c, verified, depth, certs) {
+ data.server.connection.commonName =
+ certs[0].subject.getField('CN').value;
+ data.server.connection.certVerified = verified;
+ return true;
+ },
+ getCertificate: function(c, hint) {
+ data.server.connection.certHint = hint[0];
+ return data.server.cert;
+ },
+ getPrivateKey: function(c, cert) {
+ return data.server.privateKey;
+ },
+ tlsDataReady: function(c) {
+ end.client.process(c.tlsData.getBytes());
+ },
+ dataReady: function(c) {
+ data.server.connection.data = c.data.getBytes();
+ c.prepare('Hello Client');
+ c.close();
+ },
+ closed: function(c) {
+ ASSERT.equal(data.server.connection.certHint, 'server');
+ ASSERT.equal(data.server.connection.commonName, 'client');
+ ASSERT.equal(data.server.connection.certVerified, true);
+ ASSERT.equal(data.server.connection.data, 'Hello Server');
+ },
+ error: function(c, error) {
+ ASSERT.equal(error.message, undefined);
+ }
+ });
+
+ end.client.handshake();
+
+ function createCertificate(cn, data) {
+ var keys = forge.pki.rsa.generateKeyPair(512);
+ var cert = forge.pki.createCertificate();
+ cert.publicKey = keys.publicKey;
+ cert.serialNumber = '01';
+ cert.validity.notBefore = new Date();
+ cert.validity.notAfter = new Date();
+ cert.validity.notAfter.setFullYear(
+ cert.validity.notBefore.getFullYear() + 1);
+ var attrs = [{
+ name: 'commonName',
+ value: cn
+ }, {
+ name: 'countryName',
+ value: 'US'
+ }, {
+ shortName: 'ST',
+ value: 'Virginia'
+ }, {
+ name: 'localityName',
+ value: 'Blacksburg'
+ }, {
+ name: 'organizationName',
+ value: 'Test'
+ }, {
+ shortName: 'OU',
+ value: 'Test'
+ }];
+ cert.setSubject(attrs);
+ cert.setIssuer(attrs);
+ cert.setExtensions([{
+ name: 'basicConstraints',
+ cA: true
+ }, {
+ name: 'keyUsage',
+ keyCertSign: true,
+ digitalSignature: true,
+ nonRepudiation: true,
+ keyEncipherment: true,
+ dataEncipherment: true
+ }, {
+ name: 'subjectAltName',
+ altNames: [{
+ type: 6, // URI
+ value: 'https://myuri.com/webid#me'
+ }]
+ }]);
+ cert.sign(keys.privateKey);
+ data[cn] = {
+ cert: forge.pki.certificateToPem(cert),
+ privateKey: forge.pki.privateKeyToPem(keys.privateKey)
+ };
+ }
+ });
+ });
+}
+
+// check for AMD
+if(typeof define === 'function') {
+ define([
+ 'forge/forge'
+ ], function(forge) {
+ Tests(
+ // Global provided by test harness
+ ASSERT,
+ forge
+ );
+ });
+} else if(typeof module === 'object' && module.exports) {
+ // assume NodeJS
+ Tests(
+ require('assert'),
+ require('../../js/forge'));
+}
+
+})();