test: move foafssl certs to fixtures/keys/

PR-URL: https://github.com/nodejs/node/pull/27962
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>

8 files changed, 73 insertions, 72 deletions

diff --git a/test/fixtures/foafssl.crt b/test/fixtures/foafssl.crt
deleted file mode 100644
index f4b5905e37..0000000000
--- a/test/fixtures/foafssl.crt
+++ /dev/null
@@ -1,25 +0,0 @@
-Bag Attributes
-    friendlyName: Me's Not a Certification Authority ID
-    localKeyID: 98 CC 02 91 83 8D 14 4A 60 40 B7 11 E8 EF A9 01 4B D7 16 8A 
-subject=/O=FOAF+SSL/OU=The Community Of Self Signers/UID=http://example.com/#me/CN=Me
-issuer=/O=FOAF+SSL/OU=The Community of Self Signers/CN=Not a Certification Authority
------BEGIN CERTIFICATE-----
-MIIDVDCCAr2gAwIBAgIQRLIhwZ2N3ciEdpWb6kPmPzANBgkqhkiG9w0BAQUFADBj
-MREwDwYDVQQKDAhGT0FGK1NTTDEmMCQGA1UECwwdVGhlIENvbW11bml0eSBvZiBT
-ZWxmIFNpZ25lcnMxJjAkBgNVBAMMHU5vdCBhIENlcnRpZmljYXRpb24gQXV0aG9y
-aXR5MB4XDTExMDgzMDE3MzIwNFoXDTEyMDgyMDE5MzIwNFowcDERMA8GA1UECgwI
-Rk9BRitTU0wxJjAkBgNVBAsMHVRoZSBDb21tdW5pdHkgT2YgU2VsZiBTaWduZXJz
-MSYwJAYKCZImiZPyLGQBAQwWaHR0cDovL2V4YW1wbGUuY29tLyNtZTELMAkGA1UE
-AwwCTWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCm9EqcJXkUMSFP
-XIevngQBd6i7iayAP34Ju8OlUZ80nNm5xAvkNtCqgjqUFH4myJJIraK+PdTTTowo
-lkaUsgR9IXtPEpk3Hqk6g8iauUQHJBMeZfKwFh3pVgzenBNFVVKy9Jzw+wDY13Uy
-MkkT9vgP8p0KEx0p2wav+L4ZG3kg3C2uHCbqgqR4R6EDke879qq7PMQP+CEAsDpP
-D/GAknjk3f2n3pVO1W3HrZpH7rw313GjZvxgpby3I3O+wYBkmz76DpCScHIQtBuQ
-Ayuxi8kfIEbr2vEZH0pOJtcYecTHhnti/NUI6M5m6C0SinHpFYCfz0To3ndAZ/He
-XXC5wDaHAgMBAAGjeDB2MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgLsMBEG
-CWCGSAGG+EIBAQQEAwIFoDAdBgNVHQ4EFgQU3gJIUFpe8rKklsjEdsxlaT6rZhow
-JAYDVR0RAQH/BBowGIYWaHR0cDovL2V4YW1wbGUuY29tLyNtZTANBgkqhkiG9w0B
-AQUFAAOBgQBLhwWbYMdeSkVZ4biVUle+XHP4Gv8V9WSfldvgn1PntS1lpVR46Exl
-AkLO1SrnN5WHeAjv6VNb3KmTF+QhLt/4a1l9CEEeZSg5ml5aeXE+veobgypDoam+
-NKYAeIW9Wx+HcgBL4leIX3WiCKu/eal+a5ro18LQ8hkZqryHeVESIw==
------END CERTIFICATE-----
diff --git a/test/fixtures/foafssl.key b/test/fixtures/foafssl.key
deleted file mode 100644
index 62e953a67f..0000000000
--- a/test/fixtures/foafssl.key
+++ /dev/null
@@ -1,32 +0,0 @@
-Bag Attributes
-    friendlyName: Me's Not a Certification Authority ID
-    localKeyID: 98 CC 02 91 83 8D 14 4A 60 40 B7 11 E8 EF A9 01 4B D7 16 8A 
-Key Attributes: <No Attributes>
------BEGIN PRIVATE KEY-----
-MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCm9EqcJXkUMSFP
-XIevngQBd6i7iayAP34Ju8OlUZ80nNm5xAvkNtCqgjqUFH4myJJIraK+PdTTTowo
-lkaUsgR9IXtPEpk3Hqk6g8iauUQHJBMeZfKwFh3pVgzenBNFVVKy9Jzw+wDY13Uy
-MkkT9vgP8p0KEx0p2wav+L4ZG3kg3C2uHCbqgqR4R6EDke879qq7PMQP+CEAsDpP
-D/GAknjk3f2n3pVO1W3HrZpH7rw313GjZvxgpby3I3O+wYBkmz76DpCScHIQtBuQ
-Ayuxi8kfIEbr2vEZH0pOJtcYecTHhnti/NUI6M5m6C0SinHpFYCfz0To3ndAZ/He
-XXC5wDaHAgMBAAECggEAEhwrv7Zc5PDTYS1zVnx4iMQ3HGi5uouom1uvxE4PTAC7
-qWf3tkCv798Cha+XY5OcMqALKEHCxU0e7QQoEdchn4UzQAePcSg1STCkYQw5seCa
-5lA+vBUaF4aLDNa3TG0N9HWOVKGVnO/6OYC05qKClBBIMqCSKEkm942u6UBOql6q
-71Sj1Nd/4eP9AcvgO5cgyUszM2I25LzXIZW7JLgdqXiJRj8CuY3X5FVURvadENgk
-ctw5EjdT7LNdc67Ot9Bs6qcVr2ld/U+4ZSC2+cqtPyn7mnA4hrYXlpA1Ilv3oRwZ
-aUJfG5HVV4jjNVHxDqddBh3UhOxJYZ1DNEMndTBx8QKBgQDcsrLfkE6utaj8w/of
-Hk/aq1JRNLgSvhoP2wVmK7USvYFj7DIvL4CqyghY5TLgNk272v8mT0Q7R6AtsOUk
-Gf50uZFAtIoPvTsvBu6cbRsPTeGJ0i1+LLme/AJu3MexXLF6mlzoGmlx8V7CoFqI
-9hvqBA5rZ6ecoSjmU2q2xWKXKQKBgQDBqNqicSp2jnHiTXYbG/tsnxhFwALdEjvb
-EgZprmoBzo1eQFOY/DNBdDiEZBstu9mJBX3XWTU1F4c6tYRocNCMDwLBZAB6NnVM
-JjoddJApa5Qg3uoXmk53saZhcVkOzh+P/Dxg9c9O3q4DDUegnkM95ZSbCPtIBq6K
-bPA3OS+GLwKBgQCY0022LjGuHbFlRzg+sDjPzW71OLJ2mBln/VyhwYZj8cJVtUuT
-DSvmGHzrQduXE0OE4ENq/dzbx9+NhD9IXo+ruIxy6BHqkDkZeY1l2M+yK1YQn/BM
-vR/UjeIJbu0BTpS/t4C6YP+/nUrnLy9CRFpUFHb/vQl+FsNBq2XsJob88QKBgQCD
-6B5bbNduf2HEsdxTZMDhYJAo2jtZFxVcBzAFBb7A0k7qNsh6OLY0zBO+4Wy9vujR
-8sKfTuz157u9WmwAs27pJ0RKM3I7zCIjJxqIe5/CBruTlCJAx2LRFljsoEb31aAb
-88Owi12ULAq8m2wBVCsa2uhYnUqC6cIzGTaZdsMPEwKBgQDJXI+J2d36IWzFrByH
-yskssFldbLxm/7EexzAYuoSpHuQIxGJYHTHn6CZhqrX8UbxVnS909ES+17kdLZVP
-egvaxn1mtfZInnH64PiQDQrsNnbP4Zg8yvLvIcEVIPqnSQ5QrhdR29tjYuDwUIKM
-4BMR2yfkFp6URRX7ZD1UQsduww==
------END PRIVATE KEY-----
diff --git a/test/fixtures/keys/Makefile b/test/fixtures/keys/Makefile
index 198c8e2bd0..347254f6d9 100644
--- a/test/fixtures/keys/Makefile
+++ b/test/fixtures/keys/Makefile
@@ -50,6 +50,9 @@ all: \
 	rsa_private_b.pem \
 	I_AM_THE_WALRUS_sha256_signature_signedby_rsa_private_b.sha256 \
 	rsa_public_b.pem \
+	rsa_cert_foafssl_b.crt \
+	rsa_cert_foafssl_b.modulus \
+	rsa_cert_foafssl_b.exponent \
 	rsa_spkac.spkac \
 	rsa_spkac_invalid.spkac \
   rsa_private_1024.pem \
@@ -648,6 +651,17 @@ I_AM_THE_WALRUS_sha256_signature_signedby_rsa_private_b.sha256: rsa_private_b.pe
 rsa_public_b.pem: rsa_private_b.pem
 	openssl rsa -in rsa_private_b.pem -pubout -out rsa_public_b.pem
 
+rsa_cert_foafssl_b.crt: rsa_private_b.pem
+	openssl req -new -x509 -config rsa_cert_foafssl_b.cnf -key rsa_private_b.pem -out rsa_cert_foafssl_b.crt
+
+# The 'modulus=' in the output must be stripped out
+rsa_cert_foafssl_b.modulus: rsa_cert_foafssl_b.crt
+	openssl x509 -modulus -in rsa_cert_foafssl_b.crt -noout | cut -c 9- > rsa_cert_foafssl_b.modulus
+
+# Have to parse out the hex exponent
+rsa_cert_foafssl_b.exponent: rsa_cert_foafssl_b.crt
+	openssl x509 -in  rsa_cert_foafssl_b.crt -text | grep -o 'Exponent:.*' | sed 's/\(.*(\|).*\)//g' > rsa_cert_foafssl_b.exponent
+
 # openssl outputs `SPKAC=[SPKAC]`. That prefix needs to be removed to work with node
 rsa_spkac.spkac: rsa_private.pem
 	openssl spkac -key rsa_private.pem -challenge this-is-a-challenge | cut -c 7- > rsa_spkac.spkac
diff --git a/test/fixtures/keys/rsa_cert_foafssl_b.cnf b/test/fixtures/keys/rsa_cert_foafssl_b.cnf
new file mode 100644
index 0000000000..38d6dd36f7
--- /dev/null
+++ b/test/fixtures/keys/rsa_cert_foafssl_b.cnf
@@ -0,0 +1,24 @@
+[ req ]
+days                   = 99999
+distinguished_name     = req_distinguished_name
+attributes             = req_attributes
+prompt                 = no
+x509_extensions        = v3_ca
+
+[ req_distinguished_name ]
+C                      = UK
+ST                     = "FOAF+SSL Auth Certificate"
+L                      = Rhys Jones
+O                      = node.js
+OU                     = Test TLS Certificate
+CN                     = localhost
+emailAddress           = alex@aub.dev
+
+[ req_attributes ]
+
+[ v3_ca ]
+basicConstraints       = CA:FALSE
+subjectAltName         = @alt_names
+
+[ alt_names ]
+URI                    = http://example.com/\#me
diff --git a/test/fixtures/keys/rsa_cert_foafssl_b.crt b/test/fixtures/keys/rsa_cert_foafssl_b.crt
new file mode 100644
index 0000000000..fa4db56c1f
--- /dev/null
+++ b/test/fixtures/keys/rsa_cert_foafssl_b.crt
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIEEDCCAvigAwIBAgIUAhzZrkGH3j4aXirSjA6n87moF9kwDQYJKoZIhvcNAQEL
+BQAwgagxCzAJBgNVBAYTAlVLMSIwIAYDVQQIDBlGT0FGK1NTTCBBdXRoIENlcnRp
+ZmljYXRlMRMwEQYDVQQHDApSaHlzIEpvbmVzMRAwDgYDVQQKDAdub2RlLmpzMR0w
+GwYDVQQLDBRUZXN0IFRMUyBDZXJ0aWZpY2F0ZTESMBAGA1UEAwwJbG9jYWxob3N0
+MRswGQYJKoZIhvcNAQkBFgxhbGV4QGF1Yi5kZXYwHhcNMTkwNTI5MjIzMjM1WhcN
+MTkwNjI4MjIzMjM1WjCBqDELMAkGA1UEBhMCVUsxIjAgBgNVBAgMGUZPQUYrU1NM
+IEF1dGggQ2VydGlmaWNhdGUxEzARBgNVBAcMClJoeXMgSm9uZXMxEDAOBgNVBAoM
+B25vZGUuanMxHTAbBgNVBAsMFFRlc3QgVExTIENlcnRpZmljYXRlMRIwEAYDVQQD
+DAlsb2NhbGhvc3QxGzAZBgkqhkiG9w0BCQEWDGFsZXhAYXViLmRldjCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMm9YK6zftvX8XnhG02khI2ukyg06U/1
+l56qxQkvoeyGHJw6AFcHLD1ORWXlD7yyjM4vTR0id+C0Arq6h4B/F/nMNGE94HWE
+v+6qEIl7Psyr+teTXLbQ98ZUC3HmPjcM56D18smcDnmaslOR4qm66ruoXa+oEGKI
+DDS59jcQVtqRnoHevmRjAl9/vwbTD/+rV5rbWI2PsoTdkqxs+XCoVqXB4gul/ge7
+giqCmcvrdo1MWFSlMFq9WbjPJKUp7lQnL9TqDBhIphBwO7/3mhf8vs/1XUOGPPBo
+U51TeCm7YGfqPT6IY8SxVOtlXkwC4sVOZj0CkoEiAin43r9BVFLqxesCAwEAAaMw
+MC4wCQYDVR0TBAIwADAhBgNVHREEGjAYhhZodHRwOi8vZXhhbXBsZS5jb20vI21l
+MA0GCSqGSIb3DQEBCwUAA4IBAQBMRbs4ERIJmZz6GAaI85vbwR166S+g5rkNK8iZ
+jMAeSD9O2/ZT3JhGfh+f/m7cy1+RiARVSZOgd0nN/L6U6JlPbjtK92CpIx+gDw67
+lYV3QQCGU0tNQ1EFNzj6A7Mi/zSZ5wBbTi886xYztLPSjWEHt+8pShHga/Qi3alN
+3haN/UvyamKgmWna8s3zWrCEZwW7D+XQqWoA2EISlnIdX46agHgmU30+TalGDAzf
+OFwGvEfkyHTrrl6TxwdLU8fWsEcBOF6Ukg7kEc1aCBgd3cD9LI8g2N8DQdkWGGEQ
+innpMWv59H2v3gVMj/0/BPGthQMTHMrhKWZZ1QGjkId7tHro
+-----END CERTIFICATE-----
diff --git a/test/fixtures/keys/rsa_cert_foafssl_b.exponent b/test/fixtures/keys/rsa_cert_foafssl_b.exponent
new file mode 100644
index 0000000000..ac0ecd6975
--- /dev/null
+++ b/test/fixtures/keys/rsa_cert_foafssl_b.exponent
@@ -0,0 +1 @@
+0x10001
diff --git a/test/fixtures/keys/rsa_cert_foafssl_b.modulus b/test/fixtures/keys/rsa_cert_foafssl_b.modulus
new file mode 100644
index 0000000000..7f7f1f02cf
--- /dev/null
+++ b/test/fixtures/keys/rsa_cert_foafssl_b.modulus
@@ -0,0 +1 @@
+C9BD60AEB37EDBD7F179E11B4DA4848DAE932834E94FF5979EAAC5092FA1EC861C9C3A0057072C3D4E4565E50FBCB28CCE2F4D1D2277E0B402BABA87807F17F9CC34613DE07584BFEEAA10897B3ECCABFAD7935CB6D0F7C6540B71E63E370CE7A0F5F2C99C0E799AB25391E2A9BAEABBA85DAFA81062880C34B9F6371056DA919E81DEBE6463025F7FBF06D30FFFAB579ADB588D8FB284DD92AC6CF970A856A5C1E20BA5FE07BB822A8299CBEB768D4C5854A5305ABD59B8CF24A529EE54272FD4EA0C1848A610703BBFF79A17FCBECFF55D43863CF068539D537829BB6067EA3D3E8863C4B154EB655E4C02E2C54E663D029281220229F8DEBF415452EAC5EB
diff --git a/test/parallel/test-https-foafssl.js b/test/parallel/test-https-foafssl.js
index 4e1a8fbc4c..4305781704 100644
--- a/test/parallel/test-https-foafssl.js
+++ b/test/parallel/test-https-foafssl.js
@@ -33,21 +33,15 @@ const https = require('https');
 const spawn = require('child_process').spawn;
 
 const options = {
-  key: fixtures.readSync('agent.key'),
-  cert: fixtures.readSync('agent.crt'),
+  key: fixtures.readKey('rsa_private.pem'),
+  cert: fixtures.readKey('rsa_cert.crt'),
   requestCert: true,
   rejectUnauthorized: false
 };
 
-const modulus = 'A6F44A9C25791431214F5C87AF9E040177A8BB89AC803F7E09BBC3A5519F' +
-                '349CD9B9C40BE436D0AA823A94147E26C89248ADA2BE3DD4D34E8C289646' +
-                '94B2047D217B4F1299371EA93A83C89AB9440724131E65F2B0161DE9560C' +
-                'DE9C13455552B2F49CF0FB00D8D77532324913F6F80FF29D0A131D29DB06' +
-                'AFF8BE191B7920DC2DAE1C26EA82A47847A10391EF3BF6AABB3CC40FF821' +
-                '00B03A4F0FF1809278E4DDFDA7DE954ED56DC7AD9A47EEBC37D771A366FC' +
-                '60A5BCB72373BEC180649B3EFA0E9092707210B41B90032BB18BC91F2046' +
-                'EBDAF1191F4A4E26D71879C4C7867B62FCD508E8CE66E82D128A71E91580' +
-                '9FCF44E8DE774067F1DE5D70B9C03687';
+const webIdUrl = 'URI:http://example.com/#me';
+const modulus = fixtures.readKey('rsa_cert_foafssl_b.modulus', 'ascii').replace(/\n/g, '');
+const exponent = fixtures.readKey('rsa_cert_foafssl_b.exponent', 'ascii').replace(/\n/g, '');
 
 const CRLF = '\r\n';
 const body = 'hello world\n';
@@ -58,8 +52,8 @@ const server = https.createServer(options, common.mustCall(function(req, res) {
 
   cert = req.connection.getPeerCertificate();
 
-  assert.strictEqual(cert.subjectaltname, 'URI:http://example.com/#me');
-  assert.strictEqual(cert.exponent, '0x10001');
+  assert.strictEqual(cert.subjectaltname, webIdUrl);
+  assert.strictEqual(cert.exponent, exponent);
   assert.strictEqual(cert.modulus, modulus);
   res.writeHead(200, { 'content-type': 'text/plain' });
   res.end(body);
@@ -69,8 +63,8 @@ server.listen(0, function() {
   const args = ['s_client',
                 '-quiet',
                 '-connect', `127.0.0.1:${this.address().port}`,
-                '-cert', fixtures.path('foafssl.crt'),
-                '-key', fixtures.path('foafssl.key')];
+                '-cert', fixtures.path('keys/rsa_cert_foafssl_b.crt'),
+                '-key', fixtures.path('keys/rsa_private_b.pem')];
 
   const client = spawn(common.opensslCli, args);