test: move test_[key|ca|cert] to fixtures/keys/

Lots of changes, but mostly just search/replace of fixtures.readSync(...) to fixtures.readKey([new key]...) Benchmarks modified to use fixtures.readKey(...): benchmark/tls/throughput.js benchmark/tls/tls-connect.js benchmark/tls/secure-pair.js Also be sure to review the change to L16 of test/parallel/test-crypto-sign-verify.js PR-URL: nodejs#27962 Reviewed-By: Sam Roberts <[email protected]> Reviewed-By: Ujjwal Sharma <[email protected]> Reviewed-By: Rich Trott <[email protected]>
sam-github · Jun 5, 2019 · 5d08697 · 5d08697
1 parent b250085
commit 5d08697
Show file tree

Hide file tree

Showing 46 changed files with 172 additions and 150 deletions.
diff --git a/benchmark/tls/secure-pair.js b/benchmark/tls/secure-pair.js
@@ -6,21 +6,19 @@ const bench = common.createBenchmark(main, {
   size: [2, 1024, 1024 * 1024]
 });
 
-const fs = require('fs');
+const fixtures = require('../../test/common/fixtures');
 const tls = require('tls');
 const net = require('net');
-const path = require('path');
 
-const cert_dir = path.resolve(__dirname, '../../test/fixtures');
 const REDIRECT_PORT = 28347;
 
 function main({ dur, size, securing }) {
   const chunk = Buffer.alloc(size, 'b');
 
   const options = {
-    key: fs.readFileSync(`${cert_dir}/test_key.pem`),
-    cert: fs.readFileSync(`${cert_dir}/test_cert.pem`),
-    ca: [ fs.readFileSync(`${cert_dir}/test_ca.pem`) ],
+    key: fixtures.readKey('rsa_private.pem'),
+    cert: fixtures.readKey('rsa_cert.crt'),
+    ca: fixtures.readKey('rsa_ca.crt'),
     ciphers: 'AES256-GCM-SHA384',
     isServer: true,
     requestCert: true,

diff --git a/benchmark/tls/throughput.js b/benchmark/tls/throughput.js
@@ -6,9 +6,7 @@ const bench = common.createBenchmark(main, {
   size: [2, 1024, 1024 * 1024]
 });
 
-const path = require('path');
-const fs = require('fs');
-const cert_dir = path.resolve(__dirname, '../../test/fixtures');
+const fixtures = require('../../test/common/fixtures');
 var options;
 const tls = require('tls');
 
@@ -32,9 +30,9 @@ function main({ dur, type, size }) {
   }
 
   options = {
-    key: fs.readFileSync(`${cert_dir}/test_key.pem`),
-    cert: fs.readFileSync(`${cert_dir}/test_cert.pem`),
-    ca: [ fs.readFileSync(`${cert_dir}/test_ca.pem`) ],
+    key: fixtures.readKey('rsa_private.pem'),
+    cert: fixtures.readKey('rsa_cert.crt'),
+    ca: fixtures.readKey('rsa_ca.crt'),
     ciphers: 'AES256-GCM-SHA384'
   };
 

diff --git a/benchmark/tls/tls-connect.js b/benchmark/tls/tls-connect.js
@@ -1,6 +1,5 @@
 'use strict';
-const fs = require('fs');
-const path = require('path');
+const fixtures = require('../../test/common/fixtures');
 const tls = require('tls');
 
 const common = require('../common.js');
@@ -18,11 +17,10 @@ var running = true;
 function main(conf) {
   dur = conf.dur;
   concurrency = conf.concurrency;
-  const cert_dir = path.resolve(__dirname, '../../test/fixtures');
   const options = {
-    key: fs.readFileSync(`${cert_dir}/test_key.pem`),
-    cert: fs.readFileSync(`${cert_dir}/test_cert.pem`),
-    ca: [ fs.readFileSync(`${cert_dir}/test_ca.pem`) ],
+    key: fixtures.readKey('rsa_private.pem'),
+    cert: fixtures.readKey('rsa_cert.crt'),
+    ca: fixtures.readKey('rsa_ca.crt'),
     ciphers: 'AES256-GCM-SHA384'
   };
 

diff --git a/test/async-hooks/test-graph.tls-write.js b/test/async-hooks/test-graph.tls-write.js
@@ -20,8 +20,8 @@ hooks.enable();
 //
 const server = tls
   .createServer({
-    cert: fixtures.readSync('test_cert.pem'),
-    key: fixtures.readSync('test_key.pem')
+    cert: fixtures.readKey('rsa_cert.crt'),
+    key: fixtures.readKey('rsa_private.pem')
   })
   .on('listening', common.mustCall(onlistening))
   .on('secureConnection', common.mustCall(onsecureConnection))

diff --git a/test/async-hooks/test-tlswrap.js b/test/async-hooks/test-tlswrap.js
@@ -24,8 +24,8 @@ tls.DEFAULT_MAX_VERSION = 'TLSv1.2';
 //
 const server = tls
   .createServer({
-    cert: fixtures.readSync('test_cert.pem'),
-    key: fixtures.readSync('test_key.pem')
+    cert: fixtures.readKey('rsa_cert.crt'),
+    key: fixtures.readKey('rsa_private.pem')
   })
   .on('listening', common.mustCall(onlistening))
   .on('secureConnection', common.mustCall(onsecureConnection))

diff --git a/test/fixtures/keys/Makefile b/test/fixtures/keys/Makefile
@@ -41,6 +41,9 @@ all: \
 	rsa_private_pkcs8.pem \
 	rsa_private_pkcs8_bad.pem \
 	rsa_public.pem \
+	rsa_ca.crt \
+	rsa_cert.crt \
+	rsa_cert.pfx \
 	rsa_public_sha1_signature_signedby_rsa_private.sha1 \
 	rsa_public_sha1_signature_signedby_rsa_private_pkcs8.sha1 \
 	rsa_private_b.pem \
@@ -617,6 +620,15 @@ rsa_private_pkcs8_bad.pem: rsa_private_pkcs8.pem
 rsa_public.pem: rsa_private.pem
 	openssl rsa -in rsa_private.pem -pubout -out rsa_public.pem
 
+rsa_cert.crt: rsa_private.pem
+	openssl req -new -x509 -key rsa_private.pem -config rsa_cert.cnf -out rsa_cert.crt
+
+rsa_cert.pfx: rsa_cert.crt
+	openssl pkcs12 -export -passout 'pass:sample' -inkey rsa_private.pem -in rsa_cert.crt -out rsa_cert.pfx
+
+rsa_ca.crt: rsa_cert.crt
+	cp rsa_cert.crt rsa_ca.crt
+
 rsa_public_sha1_signature_signedby_rsa_private.sha1: rsa_public.pem rsa_private.pem
 	openssl dgst -sha1 -sign rsa_private.pem -out rsa_public_sha1_signature_signedby_rsa_private.sha1 rsa_public.pem
 

diff --git a/test/fixtures/keys/rsa_ca.crt b/test/fixtures/keys/rsa_ca.crt
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIEADCCAuigAwIBAgIUOLbA0Gyeqh/vqRSR98jmSKzv3aswDQYJKoZIhvcNAQEL
+BQAwgbAxCzAJBgNVBAYTAlVLMRQwEgYDVQQIDAtBY2tuYWNrIEx0ZDETMBEGA1UE
+BwwKUmh5cyBKb25lczEQMA4GA1UECgwHbm9kZS5qczEdMBsGA1UECwwUVGVzdCBU
+TFMgQ2VydGlmaWNhdGUxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRIwEAYDVQQDDAls
+b2NhbGhvc3QxGzAZBgkqhkiG9w0BCQEWDGFsZXhAYXViLmRldjAeFw0xOTA1Mjky
+MDI5NTBaFw0xOTA2MjgyMDI5NTBaMIGwMQswCQYDVQQGEwJVSzEUMBIGA1UECAwL
+QWNrbmFjayBMdGQxEzARBgNVBAcMClJoeXMgSm9uZXMxEDAOBgNVBAoMB25vZGUu
+anMxHTAbBgNVBAsMFFRlc3QgVExTIENlcnRpZmljYXRlMRQwEgYDVQQLDAtFbmdp
+bmVlcmluZzESMBAGA1UEAwwJbG9jYWxob3N0MRswGQYJKoZIhvcNAQkBFgxhbGV4
+QGF1Yi5kZXYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC33FiIiiex
+wLe/P8DZx5HsqFlmUO7/lvJ7necJVNwqdZ3ax5jpQB0p6uxfqeOvzcN3k5V7UFb/
+Am+nkSNZMAZhsWzCU2Z4Pjh50QYz3f0Hour7/yIGStOLyYY3hgLK2K8TbhgjQPhd
+kw9+QtKlpvbL8fLgONAoGrVOFnRQGcr70iFffsm79mgZhKVMgYiHPJqJgGHvCtkG
+g9zMgS7p63+Q3ZWedtFS2RhMX3uCBy/mH6EOlRCNBbRmA4xxNzyf5GQaki3T+Iz9
+tOMjdPP+CwV2LqEdylmBuik8vrfTb3qIHLKKBAI8lXN26wWtA3kN4L7NP+cbKlCR
+lqctvhmylLH1AgMBAAGjEDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQAD
+ggEBAFeDkFYcL1pcVA3q1LNWmpDi9MQAOajSyk3bNj0+ckyuOlqaXH2gVAdQh+XB
+LOFDXNwAAqMe7FEoyvIaQSFcatRhQnKFxQ9i0o1T8+6Aebjj5oo8lY5CGyOacQV8
+C6LMl4gd/duIoaWkjykiGjTH8SR6VXYhPTm03wQSMMX664E/8onsw6cLuz4COB9q
+dhWhkBXiVj3fF9kLOYMiBWc7Mb2Glfs3NLpu7TTltOwNNMWNfzE9XByR7Tg4WtIu
+8x45ibQKqUhHCh/jpWns2g/YZXXBrcvYREgakkvJZLV2Z+xeoV5oY071554BfMms
+YxLnHtl1YKNg++DSmxeUNK+NLZA=
+-----END CERTIFICATE-----
diff --git a/test/fixtures/keys/rsa_cert.cnf b/test/fixtures/keys/rsa_cert.cnf
@@ -0,0 +1,23 @@
+[ req ]
+days                   = 99999
+distinguished_name     = req_distinguished_name
+attributes             = req_attributes
+prompt                 = no
+x509_extensions        = v3_ca
+
+[ req_distinguished_name ]
+C                      = UK
+ST                     = Acknack Ltd
+L                      = Rhys Jones
+O                      = node.js
+0.OU                   = Test TLS Certificate
+1.OU                   = Engineering
+CN                     = localhost
+emailAddress           = [email protected]
+
+[ req_attributes ]
+
+[ v3_ca ]
+basicConstraints = CA:TRUE
+
+[ x509_extensions ]
diff --git a/test/fixtures/keys/rsa_cert.crt b/test/fixtures/keys/rsa_cert.crt
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIEADCCAuigAwIBAgIUOLbA0Gyeqh/vqRSR98jmSKzv3aswDQYJKoZIhvcNAQEL
+BQAwgbAxCzAJBgNVBAYTAlVLMRQwEgYDVQQIDAtBY2tuYWNrIEx0ZDETMBEGA1UE
+BwwKUmh5cyBKb25lczEQMA4GA1UECgwHbm9kZS5qczEdMBsGA1UECwwUVGVzdCBU
+TFMgQ2VydGlmaWNhdGUxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRIwEAYDVQQDDAls
+b2NhbGhvc3QxGzAZBgkqhkiG9w0BCQEWDGFsZXhAYXViLmRldjAeFw0xOTA1Mjky
+MDI5NTBaFw0xOTA2MjgyMDI5NTBaMIGwMQswCQYDVQQGEwJVSzEUMBIGA1UECAwL
+QWNrbmFjayBMdGQxEzARBgNVBAcMClJoeXMgSm9uZXMxEDAOBgNVBAoMB25vZGUu
+anMxHTAbBgNVBAsMFFRlc3QgVExTIENlcnRpZmljYXRlMRQwEgYDVQQLDAtFbmdp
+bmVlcmluZzESMBAGA1UEAwwJbG9jYWxob3N0MRswGQYJKoZIhvcNAQkBFgxhbGV4
+QGF1Yi5kZXYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC33FiIiiex
+wLe/P8DZx5HsqFlmUO7/lvJ7necJVNwqdZ3ax5jpQB0p6uxfqeOvzcN3k5V7UFb/
+Am+nkSNZMAZhsWzCU2Z4Pjh50QYz3f0Hour7/yIGStOLyYY3hgLK2K8TbhgjQPhd
+kw9+QtKlpvbL8fLgONAoGrVOFnRQGcr70iFffsm79mgZhKVMgYiHPJqJgGHvCtkG
+g9zMgS7p63+Q3ZWedtFS2RhMX3uCBy/mH6EOlRCNBbRmA4xxNzyf5GQaki3T+Iz9
+tOMjdPP+CwV2LqEdylmBuik8vrfTb3qIHLKKBAI8lXN26wWtA3kN4L7NP+cbKlCR
+lqctvhmylLH1AgMBAAGjEDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQAD
+ggEBAFeDkFYcL1pcVA3q1LNWmpDi9MQAOajSyk3bNj0+ckyuOlqaXH2gVAdQh+XB
+LOFDXNwAAqMe7FEoyvIaQSFcatRhQnKFxQ9i0o1T8+6Aebjj5oo8lY5CGyOacQV8
+C6LMl4gd/duIoaWkjykiGjTH8SR6VXYhPTm03wQSMMX664E/8onsw6cLuz4COB9q
+dhWhkBXiVj3fF9kLOYMiBWc7Mb2Glfs3NLpu7TTltOwNNMWNfzE9XByR7Tg4WtIu
+8x45ibQKqUhHCh/jpWns2g/YZXXBrcvYREgakkvJZLV2Z+xeoV5oY071554BfMms
+YxLnHtl1YKNg++DSmxeUNK+NLZA=
+-----END CERTIFICATE-----
diff --git a/test/fixtures/keys/rsa_cert.pfx b/test/fixtures/keys/rsa_cert.pfx
diff --git a/test/fixtures/test_ca.pem b/test/fixtures/test_ca.pem
diff --git a/test/fixtures/test_cert.pem b/test/fixtures/test_cert.pem
diff --git a/test/fixtures/test_cert.pfx b/test/fixtures/test_cert.pfx
diff --git a/test/fixtures/test_key.pem b/test/fixtures/test_key.pem
diff --git a/test/parallel/test-crypto-binary-default.js b/test/parallel/test-crypto-binary-default.js
@@ -41,9 +41,9 @@ const DH_NOT_SUITABLE_GENERATOR = crypto.constants.DH_NOT_SUITABLE_GENERATOR;
 require('internal/crypto/util').setDefaultEncoding('latin1');
 
 // Test Certificates
-const certPem = fixtures.readSync('test_cert.pem', 'ascii');
-const certPfx = fixtures.readSync('test_cert.pfx');
-const keyPem = fixtures.readSync('test_key.pem', 'ascii');
+const certPem = fixtures.readKey('rsa_cert.crt');
+const certPfx = fixtures.readKey('rsa_cert.pfx');
+const keyPem = fixtures.readKey('rsa_private.pem');
 const rsaPubPem = fixtures.readKey('rsa_public.pem', 'ascii');
 const rsaKeyPem = fixtures.readKey('rsa_private.pem', 'ascii');
 

diff --git a/test/parallel/test-crypto-rsa-dsa.js b/test/parallel/test-crypto-rsa-dsa.js
@@ -11,8 +11,8 @@ const constants = crypto.constants;
 const fixtures = require('../common/fixtures');
 
 // Test certificates
-const certPem = fixtures.readSync('test_cert.pem', 'ascii');
-const keyPem = fixtures.readSync('test_key.pem', 'ascii');
+const certPem = fixtures.readKey('rsa_cert.crt');
+const keyPem = fixtures.readKey('rsa_private.pem');
 const rsaKeySize = 2048;
 const rsaPubPem = fixtures.readKey('rsa_public.pem', 'ascii');
 const rsaKeyPem = fixtures.readKey('rsa_private.pem', 'ascii');

diff --git a/test/parallel/test-crypto-sign-verify.js b/test/parallel/test-crypto-sign-verify.js
@@ -11,9 +11,9 @@ const crypto = require('crypto');
 const fixtures = require('../common/fixtures');
 
 // Test certificates
-const certPem = fixtures.readSync('test_cert.pem', 'ascii');
-const keyPem = fixtures.readSync('test_key.pem', 'ascii');
-const modSize = 1024;
+const certPem = fixtures.readKey('rsa_cert.crt');
+const keyPem = fixtures.readKey('rsa_private.pem');
+const keySize = 2048;
 
 {
   const Sign = crypto.Sign;
@@ -152,7 +152,7 @@ common.expectsError(
 {
   function testPSS(algo, hLen) {
     // Maximum permissible salt length
-    const max = modSize / 8 - hLen - 2;
+    const max = keySize / 8 - hLen - 2;
 
     function getEffectiveSaltLength(saltLength) {
       switch (saltLength) {

diff --git a/test/parallel/test-crypto-verify-failure.js b/test/parallel/test-crypto-verify-failure.js
@@ -29,7 +29,7 @@ const crypto = require('crypto');
 const tls = require('tls');
 const fixtures = require('../common/fixtures');
 
-const certPem = fixtures.readSync('test_cert.pem', 'ascii');
+const certPem = fixtures.readKey('rsa_cert.crt');
 
 const options = {
   key: fixtures.readKey('agent1-key.pem'),

diff --git a/test/parallel/test-crypto.js b/test/parallel/test-crypto.js
@@ -37,7 +37,7 @@ const tls = require('tls');
 const fixtures = require('../common/fixtures');
 
 // Test Certificates
-const certPfx = fixtures.readSync('test_cert.pfx');
+const certPfx = fixtures.readKey('rsa_cert.pfx');
 
 // 'this' safety
 // https://github.com/joyent/node/issues/6690

diff --git a/test/parallel/test-https-client-reject.js b/test/parallel/test-https-client-reject.js
@@ -30,8 +30,8 @@ const assert = require('assert');
 const https = require('https');
 
 const options = {
-  key: fixtures.readSync('test_key.pem'),
-  cert: fixtures.readSync('test_cert.pem')
+  key: fixtures.readKey('rsa_private.pem'),
+  cert: fixtures.readKey('rsa_cert.crt')
 };
 
 const server = https.createServer(options, common.mustCall(function(req, res) {
@@ -72,7 +72,7 @@ function rejectUnauthorized() {
 function authorized() {
   const options = {
     port: server.address().port,
-    ca: [fixtures.readSync('test_cert.pem')]
+    ca: [fixtures.readKey('rsa_cert.crt')]
   };
   options.agent = new https.Agent(options);
   const req = https.request(options, function(res) {

diff --git a/test/parallel/test-https-client-renegotiation-limit.js b/test/parallel/test-https-client-renegotiation-limit.js
@@ -50,8 +50,8 @@ const LIMITS = [0, 1, 2, 3, 5, 10, 16];
 
 function test(next) {
   const options = {
-    cert: fixtures.readSync('test_cert.pem'),
-    key: fixtures.readSync('test_key.pem'),
+    cert: fixtures.readKey('rsa_cert.crt'),
+    key: fixtures.readKey('rsa_private.pem'),
   };
 
   const server = https.createServer(options, (req, res) => {

diff --git a/test/parallel/test-https-drain.js b/test/parallel/test-https-drain.js
@@ -29,8 +29,8 @@ const assert = require('assert');
 const https = require('https');
 
 const options = {
-  key: fixtures.readSync('test_key.pem'),
-  cert: fixtures.readSync('test_cert.pem')
+  key: fixtures.readKey('rsa_private.pem'),
+  cert: fixtures.readKey('rsa_cert.crt')
 };
 
 const bufSize = 1024 * 1024;

diff --git a/test/parallel/test-https-pfx.js b/test/parallel/test-https-pfx.js
@@ -30,7 +30,7 @@ const fixtures = require('../common/fixtures');
 const assert = require('assert');
 const https = require('https');
 
-const pfx = fixtures.readSync('test_cert.pfx');
+const pfx = fixtures.readKey('rsa_cert.pfx');
 
 const options = {
   host: '127.0.0.1',

diff --git a/test/parallel/test-https-unix-socket-self-signed.js b/test/parallel/test-https-unix-socket-self-signed.js
@@ -10,8 +10,8 @@ tmpdir.refresh();
 const fixtures = require('../common/fixtures');
 const https = require('https');
 const options = {
-  cert: fixtures.readSync('test_cert.pem'),
-  key: fixtures.readSync('test_key.pem')
+  cert: fixtures.readKey('rsa_cert.crt'),
+  key: fixtures.readKey('rsa_private.pem')
 };
 
 const server = https.createServer(options, common.mustCall((req, res) => {

diff --git a/test/parallel/test-tls-async-cb-after-socket-end.js b/test/parallel/test-tls-async-cb-after-socket-end.js
@@ -15,8 +15,8 @@ const tls = require('tls');
 
 const options = {
   secureOptions: SSL_OP_NO_TICKET,
-  key: fixtures.readSync('test_key.pem'),
-  cert: fixtures.readSync('test_cert.pem')
+  key: fixtures.readKey('rsa_private.pem'),
+  cert: fixtures.readKey('rsa_cert.crt')
 };
 
 const server = tls.createServer(options, common.mustCall());