File: D:/HostingSpaces/RImmers2/portal.photomenu.nl/wwwroot/node_modules/node-forge/nodejs/test/tls.js
(function() {
function Tests(ASSERT, forge) {
describe('tls', function() {
it('should test TLS 1.0 PRF', function() {
// Note: This test vector is originally from:
// http://www.imc.org/ietf-tls/mail-archive/msg01589.html
// But that link is now dead.
var secret = forge.util.createBuffer().fillWithByte(0xAB, 48).getBytes();
var seed = forge.util.createBuffer().fillWithByte(0xCD, 64).getBytes();
var bytes = forge.tls.prf_tls1(secret, 'PRF Testvector', seed, 104);
var expect =
'd3d4d1e349b5d515044666d51de32bab258cb521' +
'b6b053463e354832fd976754443bcf9a296519bc' +
'289abcbc1187e4ebd31e602353776c408aafb74c' +
'bc85eff69255f9788faa184cbb957a9819d84a5d' +
'7eb006eb459d3ae8de9810454b8b2d8f1afbc655' +
'a8c9a013';
ASSERT.equal(bytes.toHex(), expect);
});
it('should establish a TLS connection and transfer data', function(done) {
var end = {};
var data = {};
createCertificate('server', data);
createCertificate('client', data);
data.client.connection = {};
data.server.connection = {};
end.client = forge.tls.createConnection({
server: false,
caStore: [data.server.cert],
sessionCache: {},
cipherSuites: [
forge.tls.CipherSuites.TLS_RSA_WITH_AES_128_CBC_SHA,
forge.tls.CipherSuites.TLS_RSA_WITH_AES_256_CBC_SHA],
virtualHost: 'server',
verify: function(c, verified, depth, certs) {
data.client.connection.commonName =
certs[0].subject.getField('CN').value;
data.client.connection.certVerified = verified;
return true;
},
connected: function(c) {
c.prepare('Hello Server');
},
getCertificate: function(c, hint) {
return data.client.cert;
},
getPrivateKey: function(c, cert) {
return data.client.privateKey;
},
tlsDataReady: function(c) {
end.server.process(c.tlsData.getBytes());
},
dataReady: function(c) {
data.client.connection.data = c.data.getBytes();
c.close();
},
closed: function(c) {
ASSERT.equal(data.client.connection.commonName, 'server');
ASSERT.equal(data.client.connection.certVerified, true);
ASSERT.equal(data.client.connection.data, 'Hello Client');
done();
},
error: function(c, error) {
ASSERT.equal(error.message, undefined);
}
});
end.server = forge.tls.createConnection({
server: true,
caStore: [data.client.cert],
sessionCache: {},
cipherSuites: [
forge.tls.CipherSuites.TLS_RSA_WITH_AES_128_CBC_SHA,
forge.tls.CipherSuites.TLS_RSA_WITH_AES_256_CBC_SHA],
connected: function(c) {
},
verifyClient: true,
verify: function(c, verified, depth, certs) {
data.server.connection.commonName =
certs[0].subject.getField('CN').value;
data.server.connection.certVerified = verified;
return true;
},
getCertificate: function(c, hint) {
data.server.connection.certHint = hint[0];
return data.server.cert;
},
getPrivateKey: function(c, cert) {
return data.server.privateKey;
},
tlsDataReady: function(c) {
end.client.process(c.tlsData.getBytes());
},
dataReady: function(c) {
data.server.connection.data = c.data.getBytes();
c.prepare('Hello Client');
c.close();
},
closed: function(c) {
ASSERT.equal(data.server.connection.certHint, 'server');
ASSERT.equal(data.server.connection.commonName, 'client');
ASSERT.equal(data.server.connection.certVerified, true);
ASSERT.equal(data.server.connection.data, 'Hello Server');
},
error: function(c, error) {
ASSERT.equal(error.message, undefined);
}
});
end.client.handshake();
function createCertificate(cn, data) {
var keys = forge.pki.rsa.generateKeyPair(512);
var cert = forge.pki.createCertificate();
cert.publicKey = keys.publicKey;
cert.serialNumber = '01';
cert.validity.notBefore = new Date();
cert.validity.notAfter = new Date();
cert.validity.notAfter.setFullYear(
cert.validity.notBefore.getFullYear() + 1);
var attrs = [{
name: 'commonName',
value: cn
}, {
name: 'countryName',
value: 'US'
}, {
shortName: 'ST',
value: 'Virginia'
}, {
name: 'localityName',
value: 'Blacksburg'
}, {
name: 'organizationName',
value: 'Test'
}, {
shortName: 'OU',
value: 'Test'
}];
cert.setSubject(attrs);
cert.setIssuer(attrs);
cert.setExtensions([{
name: 'basicConstraints',
cA: true
}, {
name: 'keyUsage',
keyCertSign: true,
digitalSignature: true,
nonRepudiation: true,
keyEncipherment: true,
dataEncipherment: true
}, {
name: 'subjectAltName',
altNames: [{
type: 6, // URI
value: 'https://myuri.com/webid#me'
}]
}]);
cert.sign(keys.privateKey);
data[cn] = {
cert: forge.pki.certificateToPem(cert),
privateKey: forge.pki.privateKeyToPem(keys.privateKey)
};
}
});
});
}
// check for AMD
if(typeof define === 'function') {
define([
'forge/forge'
], function(forge) {
Tests(
// Global provided by test harness
ASSERT,
forge
);
});
} else if(typeof module === 'object' && module.exports) {
// assume NodeJS
Tests(
require('assert'),
require('../../js/forge'));
}
})();