node_modules/node-firefox-find-ports/node_modules/adbkit/node_modules/node-forge/tests/nodejs-tls.js - cordova-firefoxos - Git at Google

 var forge = require('../js/forge');

 // function to create certificate
 var createCert = function(cn, data) {
   console.log(
     'Generating 512-bit key-pair and certificate for \"' + cn + '\".');
   var keys = forge.pki.rsa.generateKeyPair(512);
   console.log('key-pair created.');

   var cert = forge.pki.createCertificate();
   cert.serialNumber = '01';
   cert.validity.notBefore = new Date();
   cert.validity.notAfter = new Date();
   cert.validity.notAfter.setFullYear(
     cert.validity.notBefore.getFullYear() + 1);
   var attrs = [{
     name: 'commonName',
     value: cn
   }, {
     name: 'countryName',
     value: 'US'
   }, {
     shortName: 'ST',
     value: 'Virginia'
   }, {
     name: 'localityName',
     value: 'Blacksburg'
   }, {
     name: 'organizationName',
     value: 'Test'
   }, {
     shortName: 'OU',
     value: 'Test'
   }];
   cert.setSubject(attrs);
   cert.setIssuer(attrs);
   cert.setExtensions([{
     name: 'basicConstraints',
     cA: true
   }, {
     name: 'keyUsage',
     keyCertSign: true,
     digitalSignature: true,
     nonRepudiation: true,
     keyEncipherment: true,
     dataEncipherment: true
   }, {
     name: 'subjectAltName',
     altNames: [{
       type: 6, // URI
       value: 'http://myuri.com/webid#me'
     }]
   }]);
   // FIXME: add subjectKeyIdentifier extension
   // FIXME: add authorityKeyIdentifier extension
   cert.publicKey = keys.publicKey;

   // self-sign certificate
   cert.sign(keys.privateKey);

   // save data
   data[cn] = {
     cert: forge.pki.certificateToPem(cert),
     privateKey: forge.pki.privateKeyToPem(keys.privateKey)
   };

   console.log('certificate created for \"' + cn + '\": \n' + data[cn].cert);
 };

 var end = {};
 var data = {};

 // create certificate for server and client
 createCert('server', data);
 createCert('client', data);

 var success = false;

 // create TLS client
 end.client = forge.tls.createConnection({
   server: false,
   caStore: [data.server.cert],
   sessionCache: {},
   // supported cipher suites in order of preference
   cipherSuites: [
     forge.tls.CipherSuites.TLS_RSA_WITH_AES_128_CBC_SHA,
     forge.tls.CipherSuites.TLS_RSA_WITH_AES_256_CBC_SHA],
   virtualHost: 'server',
   verify: function(c, verified, depth, certs) {
     console.log(
       'TLS Client verifying certificate w/CN: \"' +
       certs[0].subject.getField('CN').value +
       '\", verified: ' + verified + '...');
     return verified;
   },
   connected: function(c) {
     console.log('Client connected...');

     // send message to server
     setTimeout(function() {
       c.prepareHeartbeatRequest('heartbeat');
       c.prepare('Hello Server');
     }, 1);
   },
   getCertificate: function(c, hint) {
     console.log('Client getting certificate ...');
     return data.client.cert;
   },
   getPrivateKey: function(c, cert) {
     return data.client.privateKey;
   },
   tlsDataReady: function(c) {
     // send TLS data to server
     end.server.process(c.tlsData.getBytes());
   },
   dataReady: function(c) {
     var response = c.data.getBytes();
     console.log('Client received \"' + response + '\"');
     success = (response === 'Hello Client');
     c.close();
   },
   heartbeatReceived: function(c, payload) {
     console.log('Client received heartbeat: ' + payload.getBytes());
   },
   closed: function(c) {
     console.log('Client disconnected.');
     if(success) {
       console.log('PASS');
     } else {
       console.log('FAIL');
     }
   },
   error: function(c, error) {
     console.log('Client error: ' + error.message);
   }
 });

 // create TLS server
 end.server = forge.tls.createConnection({
   server: true,
   caStore: [data.client.cert],
   sessionCache: {},
   // supported cipher suites in order of preference
   cipherSuites: [
     forge.tls.CipherSuites.TLS_RSA_WITH_AES_128_CBC_SHA,
     forge.tls.CipherSuites.TLS_RSA_WITH_AES_256_CBC_SHA],
   connected: function(c) {
     console.log('Server connected');
     c.prepareHeartbeatRequest('heartbeat');
   },
   verifyClient: true,
   verify: function(c, verified, depth, certs) {
     console.log(
       'Server verifying certificate w/CN: \"' +
       certs[0].subject.getField('CN').value +
       '\", verified: ' + verified + '...');
     return verified;
   },
   getCertificate: function(c, hint) {
     console.log('Server getting certificate for \"' + hint[0] + '\"...');
     return data.server.cert;
   },
   getPrivateKey: function(c, cert) {
     return data.server.privateKey;
   },
   tlsDataReady: function(c) {
     // send TLS data to client
     end.client.process(c.tlsData.getBytes());
   },
   dataReady: function(c) {
     console.log('Server received \"' + c.data.getBytes() + '\"');

     // send response
     c.prepare('Hello Client');
     c.close();
   },
   heartbeatReceived: function(c, payload) {
     console.log('Server received heartbeat: ' + payload.getBytes());
   },
   closed: function(c) {
     console.log('Server disconnected.');
   },
   error: function(c, error) {
     console.log('Server error: ' + error.message);
   }
 });

 console.log('created TLS client and server, doing handshake...');
 end.client.handshake();
	var forge = require('../js/forge');

	// function to create certificate
	var createCert = function(cn, data) {
	console.log(
	'Generating 512-bit key-pair and certificate for \"' + cn + '\".');
	var keys = forge.pki.rsa.generateKeyPair(512);
	console.log('key-pair created.');

	var cert = forge.pki.createCertificate();
	cert.serialNumber = '01';
	cert.validity.notBefore = new Date();
	cert.validity.notAfter = new Date();
	cert.validity.notAfter.setFullYear(
	cert.validity.notBefore.getFullYear() + 1);
	var attrs = [{
	name: 'commonName',
	value: cn
	}, {
	name: 'countryName',
	value: 'US'
	}, {
	shortName: 'ST',
	value: 'Virginia'
	}, {
	name: 'localityName',
	value: 'Blacksburg'
	}, {
	name: 'organizationName',
	value: 'Test'
	}, {
	shortName: 'OU',
	value: 'Test'
	}];
	cert.setSubject(attrs);
	cert.setIssuer(attrs);
	cert.setExtensions([{
	name: 'basicConstraints',
	cA: true
	}, {
	name: 'keyUsage',
	keyCertSign: true,
	digitalSignature: true,
	nonRepudiation: true,
	keyEncipherment: true,
	dataEncipherment: true
	}, {
	name: 'subjectAltName',
	altNames: [{
	type: 6, // URI
	value: 'http://myuri.com/webid#me'
	}]
	}]);
	// FIXME: add subjectKeyIdentifier extension
	// FIXME: add authorityKeyIdentifier extension
	cert.publicKey = keys.publicKey;

	// self-sign certificate
	cert.sign(keys.privateKey);

	// save data
	data[cn] = {
	cert: forge.pki.certificateToPem(cert),
	privateKey: forge.pki.privateKeyToPem(keys.privateKey)
	};

	console.log('certificate created for \"' + cn + '\": \n' + data[cn].cert);
	};

	var end = {};
	var data = {};

	// create certificate for server and client
	createCert('server', data);
	createCert('client', data);

	var success = false;

	// create TLS client
	end.client = forge.tls.createConnection({
	server: false,
	caStore: [data.server.cert],
	sessionCache: {},
	// supported cipher suites in order of preference
	cipherSuites: [
	forge.tls.CipherSuites.TLS_RSA_WITH_AES_128_CBC_SHA,
	forge.tls.CipherSuites.TLS_RSA_WITH_AES_256_CBC_SHA],
	virtualHost: 'server',
	verify: function(c, verified, depth, certs) {
	console.log(
	'TLS Client verifying certificate w/CN: \"' +
	certs[0].subject.getField('CN').value +
	'\", verified: ' + verified + '...');
	return verified;
	},
	connected: function(c) {
	console.log('Client connected...');

	// send message to server
	setTimeout(function() {
	c.prepareHeartbeatRequest('heartbeat');
	c.prepare('Hello Server');
	}, 1);
	},
	getCertificate: function(c, hint) {
	console.log('Client getting certificate ...');
	return data.client.cert;
	},
	getPrivateKey: function(c, cert) {
	return data.client.privateKey;
	},
	tlsDataReady: function(c) {
	// send TLS data to server
	end.server.process(c.tlsData.getBytes());
	},
	dataReady: function(c) {
	var response = c.data.getBytes();
	console.log('Client received \"' + response + '\"');
	success = (response === 'Hello Client');
	c.close();
	},
	heartbeatReceived: function(c, payload) {
	console.log('Client received heartbeat: ' + payload.getBytes());
	},
	closed: function(c) {
	console.log('Client disconnected.');
	if(success) {
	console.log('PASS');
	} else {
	console.log('FAIL');
	}
	},
	error: function(c, error) {
	console.log('Client error: ' + error.message);
	}
	});

	// create TLS server
	end.server = forge.tls.createConnection({
	server: true,
	caStore: [data.client.cert],
	sessionCache: {},
	// supported cipher suites in order of preference
	cipherSuites: [
	forge.tls.CipherSuites.TLS_RSA_WITH_AES_128_CBC_SHA,
	forge.tls.CipherSuites.TLS_RSA_WITH_AES_256_CBC_SHA],
	connected: function(c) {
	console.log('Server connected');
	c.prepareHeartbeatRequest('heartbeat');
	},
	verifyClient: true,
	verify: function(c, verified, depth, certs) {
	console.log(
	'Server verifying certificate w/CN: \"' +
	certs[0].subject.getField('CN').value +
	'\", verified: ' + verified + '...');
	return verified;
	},
	getCertificate: function(c, hint) {
	console.log('Server getting certificate for \"' + hint[0] + '\"...');
	return data.server.cert;
	},
	getPrivateKey: function(c, cert) {
	return data.server.privateKey;
	},
	tlsDataReady: function(c) {
	// send TLS data to client
	end.client.process(c.tlsData.getBytes());
	},
	dataReady: function(c) {
	console.log('Server received \"' + c.data.getBytes() + '\"');

	// send response
	c.prepare('Hello Client');
	c.close();
	},
	heartbeatReceived: function(c, payload) {
	console.log('Server received heartbeat: ' + payload.getBytes());
	},
	closed: function(c) {
	console.log('Server disconnected.');
	},
	error: function(c, error) {
	console.log('Server error: ' + error.message);
	}
	});

	console.log('created TLS client and server, doing handshake...');
	end.client.handshake();