summaryrefslogtreecommitdiff
path: root/school/node_modules/node-forge/tests/nodejs-tls.js
diff options
context:
space:
mode:
Diffstat (limited to 'school/node_modules/node-forge/tests/nodejs-tls.js')
-rw-r--r--school/node_modules/node-forge/tests/nodejs-tls.js189
1 files changed, 189 insertions, 0 deletions
diff --git a/school/node_modules/node-forge/tests/nodejs-tls.js b/school/node_modules/node-forge/tests/nodejs-tls.js
new file mode 100644
index 0000000..5be6acd
--- /dev/null
+++ b/school/node_modules/node-forge/tests/nodejs-tls.js
@@ -0,0 +1,189 @@
+var forge = require('../js/forge');
+
+// function to create certificate
+var createCert = function(cn, data) {
+ console.log(
+ 'Generating 512-bit key-pair and certificate for \"' + cn + '\".');
+ var keys = forge.pki.rsa.generateKeyPair(512);
+ console.log('key-pair created.');
+
+ var cert = forge.pki.createCertificate();
+ cert.serialNumber = '01';
+ cert.validity.notBefore = new Date();
+ cert.validity.notAfter = new Date();
+ cert.validity.notAfter.setFullYear(
+ cert.validity.notBefore.getFullYear() + 1);
+ var attrs = [{
+ name: 'commonName',
+ value: cn
+ }, {
+ name: 'countryName',
+ value: 'US'
+ }, {
+ shortName: 'ST',
+ value: 'Virginia'
+ }, {
+ name: 'localityName',
+ value: 'Blacksburg'
+ }, {
+ name: 'organizationName',
+ value: 'Test'
+ }, {
+ shortName: 'OU',
+ value: 'Test'
+ }];
+ cert.setSubject(attrs);
+ cert.setIssuer(attrs);
+ cert.setExtensions([{
+ name: 'basicConstraints',
+ cA: true
+ }, {
+ name: 'keyUsage',
+ keyCertSign: true,
+ digitalSignature: true,
+ nonRepudiation: true,
+ keyEncipherment: true,
+ dataEncipherment: true
+ }, {
+ name: 'subjectAltName',
+ altNames: [{
+ type: 6, // URI
+ value: 'http://myuri.com/webid#me'
+ }]
+ }]);
+ // FIXME: add subjectKeyIdentifier extension
+ // FIXME: add authorityKeyIdentifier extension
+ cert.publicKey = keys.publicKey;
+
+ // self-sign certificate
+ cert.sign(keys.privateKey);
+
+ // save data
+ data[cn] = {
+ cert: forge.pki.certificateToPem(cert),
+ privateKey: forge.pki.privateKeyToPem(keys.privateKey)
+ };
+
+ console.log('certificate created for \"' + cn + '\": \n' + data[cn].cert);
+};
+
+var end = {};
+var data = {};
+
+// create certificate for server and client
+createCert('server', data);
+createCert('client', data);
+
+var success = false;
+
+// create TLS client
+end.client = forge.tls.createConnection({
+ server: false,
+ caStore: [data.server.cert],
+ sessionCache: {},
+ // supported cipher suites in order of preference
+ cipherSuites: [
+ forge.tls.CipherSuites.TLS_RSA_WITH_AES_128_CBC_SHA,
+ forge.tls.CipherSuites.TLS_RSA_WITH_AES_256_CBC_SHA],
+ virtualHost: 'server',
+ verify: function(c, verified, depth, certs) {
+ console.log(
+ 'TLS Client verifying certificate w/CN: \"' +
+ certs[0].subject.getField('CN').value +
+ '\", verified: ' + verified + '...');
+ return verified;
+ },
+ connected: function(c) {
+ console.log('Client connected...');
+
+ // send message to server
+ setTimeout(function() {
+ c.prepareHeartbeatRequest('heartbeat');
+ c.prepare('Hello Server');
+ }, 1);
+ },
+ getCertificate: function(c, hint) {
+ console.log('Client getting certificate ...');
+ return data.client.cert;
+ },
+ getPrivateKey: function(c, cert) {
+ return data.client.privateKey;
+ },
+ tlsDataReady: function(c) {
+ // send TLS data to server
+ end.server.process(c.tlsData.getBytes());
+ },
+ dataReady: function(c) {
+ var response = c.data.getBytes();
+ console.log('Client received \"' + response + '\"');
+ success = (response === 'Hello Client');
+ c.close();
+ },
+ heartbeatReceived: function(c, payload) {
+ console.log('Client received heartbeat: ' + payload.getBytes());
+ },
+ closed: function(c) {
+ console.log('Client disconnected.');
+ if(success) {
+ console.log('PASS');
+ } else {
+ console.log('FAIL');
+ }
+ },
+ error: function(c, error) {
+ console.log('Client error: ' + error.message);
+ }
+});
+
+// create TLS server
+end.server = forge.tls.createConnection({
+ server: true,
+ caStore: [data.client.cert],
+ sessionCache: {},
+ // supported cipher suites in order of preference
+ cipherSuites: [
+ forge.tls.CipherSuites.TLS_RSA_WITH_AES_128_CBC_SHA,
+ forge.tls.CipherSuites.TLS_RSA_WITH_AES_256_CBC_SHA],
+ connected: function(c) {
+ console.log('Server connected');
+ c.prepareHeartbeatRequest('heartbeat');
+ },
+ verifyClient: true,
+ verify: function(c, verified, depth, certs) {
+ console.log(
+ 'Server verifying certificate w/CN: \"' +
+ certs[0].subject.getField('CN').value +
+ '\", verified: ' + verified + '...');
+ return verified;
+ },
+ getCertificate: function(c, hint) {
+ console.log('Server getting certificate for \"' + hint[0] + '\"...');
+ return data.server.cert;
+ },
+ getPrivateKey: function(c, cert) {
+ return data.server.privateKey;
+ },
+ tlsDataReady: function(c) {
+ // send TLS data to client
+ end.client.process(c.tlsData.getBytes());
+ },
+ dataReady: function(c) {
+ console.log('Server received \"' + c.data.getBytes() + '\"');
+
+ // send response
+ c.prepare('Hello Client');
+ c.close();
+ },
+ heartbeatReceived: function(c, payload) {
+ console.log('Server received heartbeat: ' + payload.getBytes());
+ },
+ closed: function(c) {
+ console.log('Server disconnected.');
+ },
+ error: function(c, error) {
+ console.log('Server error: ' + error.message);
+ }
+});
+
+console.log('created TLS client and server, doing handshake...');
+end.client.handshake();
© Floofi Systems, Some rights reserved. Powered by cgit.