Update cert

Now with a 10 year expriation
2016-05-15 22:11:10 -07:00 · 2016-05-15 22:11:10 -07:00 · 62c29b54c1
parent e9e9e13da6
commit 62c29b54c1
4 changed files with 59 additions and 65 deletions
--- a/openssl/src/ssl/tests/mod.rs
+++ b/openssl/src/ssl/tests/mod.rs
@ -196,7 +196,7 @@ macro_rules! run_test(
            use ssl::SslMethod;
            use ssl::{SslContext, Ssl, SslStream, VerifyCallback};
            use ssl::SSL_VERIFY_PEER;
-            use crypto::hash::Type::SHA256;
+            use crypto::hash::Type::SHA1;
            use x509::X509StoreContext;
            use serialize::hex::FromHex;
            use super::Server;
@ -359,7 +359,7 @@ run_test!(verify_callback_data, |method, stream| {
        match cert {
            None => false,
            Some(cert) => {
-                let fingerprint = cert.fingerprint(SHA256).unwrap();
+                let fingerprint = cert.fingerprint(SHA1).unwrap();
                &fingerprint == node_id
            }
        }
@ -370,7 +370,7 @@ run_test!(verify_callback_data, |method, stream| {
    // in DER format.
    // Command: openssl x509 -in test/cert.pem  -outform DER | openssl dgst -sha256
    // Please update if "test/cert.pem" will ever change
-    let node_hash_str = "db400bb62f1b1f29c3b8f323b8f7d9dea724fdcd67104ef549c772ae3749655b";
+    let node_hash_str = "E19427DAC79FBE758394945276A6E4F15F0BEBE6";
    let node_id = node_hash_str.from_hex().unwrap();
    ctx.set_verify_with_data(SSL_VERIFY_PEER, callback, node_id);
    ctx.set_verify_depth(1);
@ -390,14 +390,14 @@ run_test!(ssl_verify_callback, |method, stream| {
    let ctx = SslContext::new(method).unwrap();
    let mut ssl = ctx.into_ssl().unwrap();

-    let node_hash_str = "db400bb62f1b1f29c3b8f323b8f7d9dea724fdcd67104ef549c772ae3749655b";
+    let node_hash_str = "E19427DAC79FBE758394945276A6E4F15F0BEBE6";
    let node_id = node_hash_str.from_hex().unwrap();
    ssl.set_verify_callback(SSL_VERIFY_PEER, move |_, x509| {
        CHECKED.store(1, Ordering::SeqCst);
        match x509.get_current_cert() {
            None => false,
            Some(cert) => {
-                let fingerprint = cert.fingerprint(SHA256).unwrap();
+                let fingerprint = cert.fingerprint(SHA1).unwrap();
                fingerprint == node_id
            }
        }
@ -502,8 +502,8 @@ run_test!(get_peer_certificate, |method, stream| {
    let stream = SslStream::connect_generic(&SslContext::new(method).unwrap(),
                                            stream).unwrap();
    let cert = stream.ssl().peer_certificate().unwrap();
-    let fingerprint = cert.fingerprint(SHA256).unwrap();
-    let node_hash_str = "db400bb62f1b1f29c3b8f323b8f7d9dea724fdcd67104ef549c772ae3749655b";
+    let fingerprint = cert.fingerprint(SHA1).unwrap();
+    let node_hash_str = "E19427DAC79FBE758394945276A6E4F15F0BEBE6";
    let node_id = node_hash_str.from_hex().unwrap();
    assert_eq!(node_id, fingerprint)
 });
--- a/openssl/src/x509/tests.rs
+++ b/openssl/src/x509/tests.rs
@ -3,7 +3,7 @@ use std::io;
 use std::path::Path;
 use std::fs::File;

-use crypto::hash::Type::SHA256;
+use crypto::hash::Type::SHA1;
 use crypto::pkey::PKey;
 use x509::{X509, X509Generator};
 use x509::extension::Extension::{KeyUsage, ExtKeyUsage, SubjectAltName, OtherNid, OtherStr};
@ -17,7 +17,7 @@ fn get_generator() -> X509Generator {
        .set_bitlength(2048)
        .set_valid_period(365 * 2)
        .add_name("CN".to_string(), "test_me".to_string())
-        .set_sign_hash(SHA256)
+        .set_sign_hash(SHA1)
        .add_extension(KeyUsage(vec![DigitalSignature, KeyEncipherment]))
        .add_extension(ExtKeyUsage(vec![ClientAuth,
                                        ServerAuth,
@ -83,13 +83,9 @@ fn test_cert_loading() {
                       .expect("Failed to open `test/cert.pem`");

    let cert = X509::from_pem(&mut file).ok().expect("Failed to load PEM");
-    let fingerprint = cert.fingerprint(SHA256).unwrap();
+    let fingerprint = cert.fingerprint(SHA1).unwrap();

-    // Hash was generated as SHA256 hash of certificate "test/cert.pem"
-    // in DER format.
-    // Command: openssl x509 -in test/cert.pem  -outform DER | openssl dgst -sha256
-    // Please update if "test/cert.pem" will ever change
-    let hash_str = "db400bb62f1b1f29c3b8f323b8f7d9dea724fdcd67104ef549c772ae3749655b";
+    let hash_str = "E19427DAC79FBE758394945276A6E4F15F0BEBE6";
    let hash_vec = hash_str.from_hex().unwrap();

    assert_eq!(fingerprint, hash_vec);
@ -109,7 +105,7 @@ fn test_subject_read_cn() {
        None => panic!("Failed to read CN from cert"),
    };

-    assert_eq!(&cn as &str, "test_cert")
+    assert_eq!(&cn as &str, "foobar.com")
 }

 #[test]
--- a/openssl/test/cert.pem
+++ b/openssl/test/cert.pem
@ -1,24 +1,21 @@
 -----BEGIN CERTIFICATE-----
-MIID9DCCAtygAwIBAgIJALuA8gDKi5EzMA0GCSqGSIb3DQEBCwUAMFkxCzAJBgNV
-BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
-aWRnaXRzIFB0eSBMdGQxEjAQBgNVBAMUCXRlc3RfY2VydDAeFw0xNTA1MTExNzI0
-MThaFw0xNjA1MTAxNzI0MThaMFkxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21l
-LVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxEjAQBgNV
-BAMUCXRlc3RfY2VydDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANYg
-8apqh+nHYBL/KS9SLtDmhTR2s+H3mk7avXACahMEt/Eapsft5YOJ8JAkPbkoyd91
-QtxbrDF1M3rtTfWwHrf4jCeZ6kt2CSvYyJCPP/7JbWPdMDsYFBtoBOEVMdjOLr4R
-8tAar2t1Gu63Mu7LWeYvyFKqJpDkP30/k+OED79l7rOQg6eVN+Qjr1wx3VSBhovs
-UShGnSRw5YWiKnvvUnHwq2eXkwXFOdkhRNsTpWgV+EZsOdunczGbEG4qa+iwJjod
-/b8O9R1rIr12mwgT2U3GHNpJU0I+Qu2063nONndhMfES3md6QCIlKMVYDSU/Wli5
-sLxTxykXWv548Ib8Yv8CAwEAAaOBvjCBuzAdBgNVHQ4EFgQUGec/TF+Ok3BoEAqX
-yvEi9+Emy9QwgYsGA1UdIwSBgzCBgIAUGec/TF+Ok3BoEAqXyvEi9+Emy9ShXaRb
-MFkxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJ
-bnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxEjAQBgNVBAMUCXRlc3RfY2VydIIJALuA
-8gDKi5EzMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBALwDb82BBTfz
-X+7rENv+f76X+DkHjt6QzCr9f1PYpbIle5/XaxCp+Rkz1BGZTmPRPURpAzweznlG
-kY5KydZ1+XdxPHh2zReBS00KxMElmlMKWp7nOnIKohzcQxTFp4VZ7smb9ymXYdYQ
-nRqaLIM1AKsj+0ulqsSbKggIuUZBvfrAdC3J6//3CXSdvQLJGzYPtTLUddQLN9pv
-GXrdNmvK3BjP+kokAjTt+DMMbIIZZitUVjKXqB7WS/Mqss1P2mdagJmOaD2mL3pY
-HDCCpquJ1SKN3g33hOA0pMRxGskyJI8x71mnej0StbUV9GdX0wN5ziSb/ccF2GYi
-Q+MS7OxsTEY=
+MIIDhzCCAm+gAwIBAgIJAKyxk8nkmAtWMA0GCSqGSIb3DQEBCwUAMFoxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQxEzARBgNVBAMMCmZvb2Jhci5jb20wHhcNMTYwNTE2MDUw
+NTAwWhcNMjYwNTE0MDUwNTAwWjBaMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29t
+ZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRMwEQYD
+VQQDDApmb29iYXIuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+qPQljESzF6NQhf4jkYfQeDYbSRf/LUfT5RvebDb8lrkEP/I33r/vMxK6ZcXy5LdK
+SanKImRvIPTVNJFOqOU/v9UIGXJQgKGWktCasZqKNmJP9ULI9eqZzAXNdLkg5Olf
+WiUl9bysDjVTUsIhwNTIV/ou1n+/ytJ4qvpO4TpIZXhZFoGbVKuNYF4dVXzroJGu
+1JLWJ5PZqwWwDI5mpaGTZ9qTDAEMVYOE4Yi5t877lqr1wEls1GXOyAHdRmzeALQ7
+obNudnqhPROIkx5OxdeMAEtSVqr+uuoUXhh65mSRsdMUEzPbzw9RzebdlNyk34Tv
+5k5QFFlcoPbQrTs26CoLNQIDAQABo1AwTjAdBgNVHQ4EFgQUtnMvYaVLoe9ILBWx
+n/PcNC+8rDAwHwYDVR0jBBgwFoAUtnMvYaVLoe9ILBWxn/PcNC+8rDAwDAYDVR0T
+BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAALVDDD2f25h5ytSkoUqQilybeRDg
+bPhTEEC83NWg2snV1yGtwO3zZ+hvX+J/RqOn33ER/RnQCZTB9FGPj566IbLwLSAE
+y83GDsbsFEWCL8yN4Q3dQVub7D3HZ5PBtGpBxC7brvJD7OnR3n75QOFC+OaGKUCo
+16XulVsB3IQsXdzL4GwoUqWGWaUyf5MkzFruBma16QetK5J10R42skeXssjvqupv
+qUQZxzGOzIGuLTBvJrtFxtoTCu+oZV942wGmuyvLwqRfzIODLNcGLS6lGJudXJPT
+Vapaj6maldL3qe1X4bxvtglnpdlrOJ65E3YEC1gcD1KUvfO5vItKrP1FbA==
 -----END CERTIFICATE-----
--- a/openssl/test/key.pem
+++ b/openssl/test/key.pem
@ -1,27 +1,28 @@
-----BEGIN RSA PRIVATE KEY-----
-MIIEpQIBAAKCAQEA1iDxqmqH6cdgEv8pL1Iu0OaFNHaz4feaTtq9cAJqEwS38Rqm
-x+3lg4nwkCQ9uSjJ33VC3FusMXUzeu1N9bAet/iMJ5nqS3YJK9jIkI8//sltY90w
-OxgUG2gE4RUx2M4uvhHy0Bqva3Ua7rcy7stZ5i/IUqomkOQ/fT+T44QPv2Xus5CD
-p5U35COvXDHdVIGGi+xRKEadJHDlhaIqe+9ScfCrZ5eTBcU52SFE2xOlaBX4Rmw5
-26dzMZsQbipr6LAmOh39vw71HWsivXabCBPZTcYc2klTQj5C7bTrec42d2Ex8RLe
-Z3pAIiUoxVgNJT9aWLmwvFPHKRda/njwhvxi/wIDAQABAoIBAQC918dqx7hoVBOh
-xAfHpJ1NKJPAx90D4no0n0qFHB7fbbeHU5G6f/iUfp+BrB/tIXSZYWU96SjpUHer
-7OjJgrQ5d2sLUTKgZK4M6c4oHFkok30gpOI2AksRYU+yHxBqn6JhcZhNWNtd8h1G
-t7W4cSHrK0H3yFMY8sQ3Tz7W4Cb2ENIN4wBKeQnmk4k9icG5yz0xLI/vPxqujKij
-JWMbk2jNllaUvDgsTAg/MFCzlJH98lzRrX/dhG+q6Rt4S18xac71PMGyUaWduyeC
-BHGhHW34361zGQYyeG6eWroTQhvwMHjNxvzA/RiTgHBXV5oRvd9BPPoUS53HYQJO
-mzNnfZvBAoGBAPF3VVw+RqG/+OyEkuqE20H35/oSB8tPC6QL/WjWUFwIcSfnkX7H
-WmdHBfqCAZlAOqOYgO3iWcgbcOhnggP9J6ssooErt6M7s7hPG/WXwSf0DoCUgtQF
-9OrcGNBvwtBMqm82hb8u4IpXUApMYF48MkjbaKSmHU3HQe0sIDese+wlAoGBAOME
-YJgtl6t3rcaJ2jzHfEsCTCtCBs2vS9ido73xF3QHTafll/sKMp5bA0mgNhSsphhs
-mJCfOl2Cr+0oN90zkumFe4bNIbWQOL/q+HeFwebK5/oWlg/NyvFmMm7LmniFPpBD
-NJHqV/ehn8Xuw4LheSG1Bg/aRH5NtoKDcG8+4ZdTAoGAFkTHHoavxOMLdeSUGATA
-o8jVH/7hsSJNFIf2iuCY8KPmq6Nzi5mfAL9QEdZDh3qg7c12tnmVhhrhws0o9G04
-Z1Tqd7csbGVpIapKDdA9BA5B+CG6HwudlrtNnotwD/3CChehJgyQsLF0tD5u9MHg
-cU+qyuR292FU9yaGohvKIfECgYEAjX7c9fz029rsZSLm85sizV3RO+UbeHgaPhmD
-RZBPnfIvZMalw8LHagwwMGO7UYeKvw5wyTN1nXMnVBoNN8I9f2/DXnHc4N3TgUtj
-MpwcD03I6QfK4G7UX0HjjUs6LIRgSmqZCZmW2rHSc/wtwBXo+ilqbdcNeevWJeLm
-4W/ADCECgYEA7RGbA6qzHtjVS4Nc9rE1tcv4a7p0EvnMXZhIkDZtJqPpkpyOZllm
-cTuMCGisw0SEIcSoH1pWRDschbIlOlsn1Mhnb/IczqfHZjb4hmX7Cnlc8WP6TBqI
-vma9anlEWW7eIOn5jkY3liQpQ7GJPkCjWuRzne26iV/LIsYj48602Z8=
-----END RSA PRIVATE KEY-----
+-----BEGIN PRIVATE KEY-----
+MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCo9CWMRLMXo1CF
+/iORh9B4NhtJF/8tR9PlG95sNvyWuQQ/8jfev+8zErplxfLkt0pJqcoiZG8g9NU0
+kU6o5T+/1QgZclCAoZaS0Jqxmoo2Yk/1Qsj16pnMBc10uSDk6V9aJSX1vKwONVNS
+wiHA1MhX+i7Wf7/K0niq+k7hOkhleFkWgZtUq41gXh1VfOugka7UktYnk9mrBbAM
+jmaloZNn2pMMAQxVg4ThiLm3zvuWqvXASWzUZc7IAd1GbN4AtDuhs252eqE9E4iT
+Hk7F14wAS1JWqv666hReGHrmZJGx0xQTM9vPD1HN5t2U3KTfhO/mTlAUWVyg9tCt
+OzboKgs1AgMBAAECggEBAKLj6IOJBKXolczpzb8UkyAjAkGBektcseV07gelJ/fk
+3z0LuWPv5p12E/HlXB24vU2x/ikUbbP3eMsawRzDEahQqmNmPEkYAYUAy/Qpi9GN
+DYvn3LqDec4jVgeQKS+p9H2DzUpTogp8zR2//yzbuWBg2+F//xh7vU0S0RQCziPM
+x7RSBgbhxSfChfEJbS2sDnzfh0jRQmoY95iFv7puet1FJtzdZ4fgCd1RqmC2lFM5
+H0eZtN/Cz19lieVs0b996DErdEBqClVZO00eYbRozCDaBzRU3ybB/dMrGJxhkkXm
+wb3kWMtziH9qOYsostuHIFu8eKFLloKxFnq2R4DGxOECgYEA2KUIZISOeGJSBcLJ
+JAUK2gvgXPNo4HHWIwOA9xeN3ZJlsnPlffXQNnm6t1st1V2gfMm9I2n0m/F0y2B/
+n/XGSa8bghfPA9l0c2h58lkL3JQJR/paa8ycTz+YZPrznEyN7Qa0RrJXUvZv9lQL
+Hc3+FHcSHgMqDV2f2bHAEu9YGi0CgYEAx6VEIPNvrHFgjo/jk1RTuk+m0xEWQsZL
+Cs+izQMr2TaeJn8LG+93AvFuYn0J0nT3WuStLPrUg8i4IhSS6lf1tId5ivIZPm4r
+YwMyblBJXhnHbk7Uqodjfw/3s6V2HAu++B7hTdyVr9DFuST9uv4m8bkPV8rfX1jE
+I2rAPVWvgikCgYB+wNAQP547wQrMZBLbCDg5KwmyWJfb+b6X7czexOEz6humNTjo
+YZHYzY/5B1fhpk3ntQD8X1nGg5caBvOk21+QbOtjShrM3cXMYCw5JvBRtitX+Zo9
+yBEMLOE0877ki8XeEDYZxu5gk98d+D4oygUGZEQtWxyXhVepPt5qNa8OYQKBgQDH
+RVgZI6KFlqzv3wMh3PutbS9wYQ+9GrtwUQuIYe/0YSW9+vSVr5E0qNKrD28sV39F
+hBauXLady0yvB6YUrjMbPFW+sCMuQzyfGWPO4+g3OrfqjFiM1ZIkE0YEU9Tt7XNx
+qTDtTI1D7bhNMnTnniI1B6ge0und+3XafAThs5L48QKBgQCTTpfqMt8kU3tcI9sf
+0MK03y7kA76d5uw0pZbWFy7KI4qnzWutCzb+FMPWWsoFtLJLPZy//u/ZCUVFVa4d
+0Y/ASNQIESVPXFLAltlLo4MSmsg1vCBsbviEEaPeEjvMrgki93pYtd/aOSgkYC1T
+mEq154s5rmqh+h+XRIf7Au0SLw==
+-----END PRIVATE KEY-----