open-dsi
/
nextcloud-server
mirror of https://github.com/nextcloud/server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #54608 from nextcloud/bugfix/noid/fix-failing-certificate-tests

Browse Source 
tests: Update testing certificates that expired after 10 years
feat/package-node-npm-engines-update
Richard Steinmetz 1 month ago committed by GitHub
parent 32f5f6e08e 894fda1a4d
commit 1091e59b90
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 84 additions and 52 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 35
      tests/data/certificates/Readme.md
  2. 41
      tests/data/certificates/badCertificate.crt
  3. 44
      tests/data/certificates/goodCertificate.crt
  4. 16
      tests/lib/Security/CertificateTest.php

35
tests/data/certificates/Readme.md
Unescape View File

@ -0,0 +1,35 @@
<!--
- SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors
- SPDX-License-Identifier: AGPL-3.0-or-later
-->
# Recreating certificates
Regenerate a new certificate key together with the good (Nextcloud Security) and bad (default Org name) certificates
## Good Certificate
```
openssl req \
-newkey rsa:2048 \
-nodes \
-keyout security.nextcloud.com.key \
-x509 \
-days 3650 \
-out goodCertificate.crt
```
- Country Name: `DE`
- State or Province Name:`Berlin`
- Organization Name:`Nextcloud Security`
- Common Name: `security.nextcloud.com`
## Bad Certificate
```
openssl req \
-key security.nextcloud.com.key \
-new \
-x509 \
-days 3650 \
-out badCertificate.crt
```
- Country Name: `DE`
- State or Province Name:`Berlin`

41
tests/data/certificates/badCertificate.crt
Unescape View File

@ -1,22 +1,21 @@
-----BEGIN CERTIFICATE-----
MIIDtTCCAp2gAwIBAgIJAJ9c5xX3Bf7cMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
aWRnaXRzIFB0eSBMdGQwHhcNMTUwODI3MjAxOTEzWhcNMjUwODI0MjAxOTEzWjBF
MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApYxB04E1rGUCopazf8PsW+3EYrX8J1Ze4g3jRJEmzqHLB4+T4h45LwLl
D7OLJCLdYA8sfEruInokNV1oUBGDwBWdZA1w7d4o7Wgwiz7WE0FQwkA7YpvtKK2K
Xvv5wltdUzI+WpbfhHzlg8XIDCPA0ayWx2CDyqsHMXYNOvov1vPbIASF0nBGnRSK
5Eu7KUKK5UkO8+G6RqBwxQkd/tB2GV68npls++QzA0nf3IIHcc+yNQqaMnb5CVxg
z2i98VuvCPzYY/EWHkIGdSSKRqRG4sqRegb6d/qf46NfjVYLziLfsFGFH4fLVy6n
IxkP0gdnoTGu8K8H6wm57GViGLLsPwIDAQABo4GnMIGkMB0GA1UdDgQWBBRrMYy8
SOqiMiVdo/dfyN6yftK+jzB1BgNVHSMEbjBsgBRrMYy8SOqiMiVdo/dfyN6yftK+
j6FJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV
BAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJ9c5xX3Bf7cMAwGA1UdEwQF
MAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAHargAErj8TAhMfozjgqRihCSOIO5DX7
W/7mBImP6B76ctP+PWzEaGrOPO81WR5apZP72cwnXD6WABKd1YhMSyr2NI++y5jP
c3KF/3MpGu4ZYV39JUVpfeq5Fzu9d9C49tj384vljixsxeaCUKuZYqyPuHeGr14u
7UytsqYORRy/rG4xm0mhk/srOzKJlRenSc9QiWH2Mxst55+cj7zXXFG54N7rI3UU
9e4Lc2NHQLv3Xv6FunC9mB/AUuEcI6XS6CqNyzAtPAvbO6MZGwUft/S/2TAyqJB0
VsXK3j3X8DJCwruNLGA3Q/TAYHqrElYg8N4b6w4LD91WbrRyWvkCXmM=
-----END CERTIFICATE-----
MIIDYzCCAkugAwIBAgIURRAxXDBFFR1X0WuUOj7oKFDCooMwDQYJKoZIhvcNAQEL
BQAwQTELMAkGA1UEBhMCREUxDzANBgNVBAgMBkJlcmxpbjEhMB8GA1UECgwYSW50
ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMB4XDTI1MDgyNTEwMDAxNVoXDTM1MDgyMzEw
MDAxNVowQTELMAkGA1UEBhMCREUxDzANBgNVBAgMBkJlcmxpbjEhMB8GA1UECgwY
SW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAvPH9evINYYNhBg5YaZh3OUVl4SUCUbAc+xmZmiuAxoXN10avmfa/
rpoeHua2fbPa48BOIyDPxXoofEwfqB+Q8P4CsSjEaRegsj3Djdkoyz+edPb9vTWE
pkSCfj/K3zS2kkY2nPw6qVRVen3siP97kNv3NviU5wbvv5RW5Qjz8W6UMuX2Th4j
7mQ5b1YdLHMFd2H6Vs3vAfiX8hY1DUc6U4Uf4XBO372k8sUyQtsSGlHxBKwPN7Gh
KZJqkTUCXWC4JzOkShXTe179SlxFLQtOqU2azrJqlb6/0cxGtsZLcv/CI+x+Fpca
hAQ4Qzii7iRRBlk8aDfAtXJafqhKJo1N/wIDAQABo1MwUTAdBgNVHQ4EFgQU8LRp
H0E1ASvIgy5FCsVdX2nyYSkwHwYDVR0jBBgwFoAU8LRpH0E1ASvIgy5FCsVdX2ny
YSkwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAZuFOU5L22cPI
E1bMaIc6UjQn5l2QB9qhTVJuGmdo8ARLNVv3FyEHDaSCNhV1V0MEmnOwwKGKXggo
Uxe8Ki29fOt3ftkWG2F22Fh3PsU4xIAqwQv5s+urR/9E6ylfIbqPdj6XiY/D9jID
wnPDsNG+7ar90YFxsxisemQIVAOLzWGS2a3fglRz0hJfaoAxJdXbz///MflWzdUL
7t9ngBsbf9M/dicltLrCcYYG+BMC+fAoZO3aRSfS/+hxBjc3hNYQ5zLzWqzLzF0y
N+rxo/2G0fvqipowkMTgYcCIBA9DZY1YPCwgTfHGyrH3XI7yImdoHYs5Ld39Sq0J
+fXdrZSPlQ==
-----END CERTIFICATE-----

44
tests/data/certificates/goodCertificate.crt
Unescape View File

@ -1,24 +1,22 @@
-----BEGIN CERTIFICATE-----
MIIEADCCAuigAwIBAgIJAN0NPgU09qt9MA0GCSqGSIb3DQEBBQUAMF0xCzAJBgNV
BAYTAkNIMRIwEAYDVQQIEwlTdC5HYWxsZW4xGjAYBgNVBAoTEW93bkNsb3VkIFNl
Y3VyaXR5MR4wHAYDVQQDExVzZWN1cml0eS5vd25jbG91ZC5jb20wHhcNMTUwODI3
MjAwMzQyWhcNMjUwODI0MjAwMzQyWjBdMQswCQYDVQQGEwJDSDESMBAGA1UECBMJ
U3QuR2FsbGVuMRowGAYDVQQKExFvd25DbG91ZCBTZWN1cml0eTEeMBwGA1UEAxMV
c2VjdXJpdHkub3duY2xvdWQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlxdUFrwhvT+Exp78Nk0A8Zpfi9/XoLyQkKWH162HX++mxtGXrFKAl5PT
fKRAv0VqY8hincT+6AlzQkdtiOi5OSVFJpeubtSKrShJQyDKmGLlDntanfLc69GT
EhkznHmA8AeQMK/NApQpOSC+nmdxpu1aKk7QkSYfpmZ41HF8zKWJTyXzFPZGKw+l
YxfzIxmUMIIZvfeWE3hq3qlJcS+KO8NcCHEpoiVvZp7PpfDTnyOQVjSkWg55c4j6
cqNgJ93WTOTOE+3D1XF43Oo+0VQivJn7/tQmIOAg+YyL3Sjmzjb8sP0ksx17vpLO
Z73UShJw5AGtoaS4oQkSd/+qYBwQMwIDAQABo4HCMIG/MB0GA1UdDgQWBBSG7JAe
KoR82sQ60QhMNWdU4qY6YzCBjwYDVR0jBIGHMIGEgBSG7JAeKoR82sQ60QhMNWdU
4qY6Y6FhpF8wXTELMAkGA1UEBhMCQ0gxEjAQBgNVBAgTCVN0LkdhbGxlbjEaMBgG
A1UEChMRb3duQ2xvdWQgU2VjdXJpdHkxHjAcBgNVBAMTFXNlY3VyaXR5Lm93bmNs
b3VkLmNvbYIJAN0NPgU09qt9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD
ggEBAJL9LKzWSJCTG0r+pNXw6Xy2DW9xbi3YsUeelkMKMqurmiH59P90juOJQgIC
B1Jcn/U0rzpJpolI3jJNjHzs/kI4MDkzcKGV84Pqwj+PSdMFK3OCWH/J81lUhrCj
H3yguZ/JpAisInVeBqg6lRf0X+S8jJIp4ZP2XZJsX70XgkRsEaC9TrlxtFsm839t
WhroMb25Njm9eAdSYrx5PFDwN8TtJlb5Ve3uZL8D0uBv+p0kWjkt1TrDk2x78F6b
5ExmE9+APc0gcLtSVwIGX6FDXOcOA8ndkp7p4K0CDnMZfFAU0oKxvnDxehrVKQEL
os/cq7EKmmsY/rM0uJ6L0ka4WUk=
-----END CERTIFICATE-----
MIIDuzCCAqOgAwIBAgIUGyAVECfPaXxvfEOrxo58ANU0MYEwDQYJKoZIhvcNAQEL
BQAwbTELMAkGA1UEBhMCREUxDzANBgNVBAgMBkJlcmxpbjEPMA0GA1UEBwwGQmVy
bGluMRswGQYDVQQKDBJOZXh0Y2xvdWQgU2VjdXJpdHkxHzAdBgNVBAMMFnNlY3Vy
aXR5Lm5leHRjbG91ZC5jb20wHhcNMjUwODI1MDk1MzE0WhcNMzUwODIzMDk1MzE0
WjBtMQswCQYDVQQGEwJERTEPMA0GA1UECAwGQmVybGluMQ8wDQYDVQQHDAZCZXJs
aW4xGzAZBgNVBAoMEk5leHRjbG91ZCBTZWN1cml0eTEfMB0GA1UEAwwWc2VjdXJp
dHkubmV4dGNsb3VkLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALzx/XryDWGDYQYOWGmYdzlFZeElAlGwHPsZmZorgMaFzddGr5n2v66aHh7mtn2z
2uPATiMgz8V6KHxMH6gfkPD+ArEoxGkXoLI9w43ZKMs/nnT2/b01hKZEgn4/yt80
tpJGNpz8OqlUVXp97Ij/e5Db9zb4lOcG77+UVuUI8/FulDLl9k4eI+5kOW9WHSxz
BXdh+lbN7wH4l/IWNQ1HOlOFH+FwTt+9pPLFMkLbEhpR8QSsDzexoSmSapE1Al1g
uCczpEoV03te/UpcRS0LTqlNms6yapW+v9HMRrbGS3L/wiPsfhaXGoQEOEM4ou4k
UQZZPGg3wLVyWn6oSiaNTf8CAwEAAaNTMFEwHQYDVR0OBBYEFPC0aR9BNQEryIMu
RQrFXV9p8mEpMB8GA1UdIwQYMBaAFPC0aR9BNQEryIMuRQrFXV9p8mEpMA8GA1Ud
EwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAKuoLKvlt7W63t9xDIYbYI3e
3BeSt769lA2aBaIktSg7hVIFvX929sMMROD0sNSx81IMl7Cxm9u6C3BuKzUZDOwv
hy7gj+CaA5e5moUmpfrFtTR4aAoacZpjDXd3H/OqMELFkx5QHhw5z2nnubrNaera
pMQj/GOe/7+d1vjma+kNcKT6JBd5BPQqfk9+AVv5TombaLf3xc7dFR6bUQZKkZ2L
9zCZamUai/qf66KQzdELLpUsX1O2ByCl95wVL5c0CcDObxLuVDn8AzsAnsa5EhM8
68s38Xb/gUYDIny2F43+rEk8qQjd5OITFfd2K6ur5EcvIQrFHE7IUbKlIu9RqPs=
-----END CERTIFICATE-----

16
tests/lib/Security/CertificateTest.php
Unescape View File

@ -59,26 +59,26 @@ class CertificateTest extends \Test\TestCase {
}
public function testGetCommonName(): void {
$this->assertSame('security.owncloud.com', $this->goodCertificate->getCommonName());
$this->assertSame('security.nextcloud.com', $this->goodCertificate->getCommonName());
$this->assertSame(null, $this->invalidCertificate->getCommonName());
}
public function testGetOrganization(): void {
$this->assertSame('ownCloud Security', $this->goodCertificate->getOrganization());
$this->assertSame('Nextcloud Security', $this->goodCertificate->getOrganization());
$this->assertSame('Internet Widgits Pty Ltd', $this->invalidCertificate->getOrganization());
}
public function testGetIssueDate(): void {
$expected = new \DateTime('2015-08-27 20:03:42 GMT');
$expected = new \DateTime('2025-08-25 09:53:14 GMT');
$this->assertEquals($expected->getTimestamp(), $this->goodCertificate->getIssueDate()->getTimestamp());
$expected = new \DateTime('2015-08-27 20:19:13 GMT');
$expected = new \DateTime('2025-08-25 10:00:15 GMT');
$this->assertEquals($expected->getTimestamp(), $this->invalidCertificate->getIssueDate()->getTimestamp());
}
public function testGetExpireDate(): void {
$expected = new \DateTime('2025-08-24 20:03:42 GMT');
$expected = new \DateTime('2035-08-23 09:53:14 GMT');
$this->assertEquals($expected->getTimestamp(), $this->goodCertificate->getExpireDate()->getTimestamp());
$expected = new \DateTime('2025-08-24 20:19:13 GMT');
$expected = new \DateTime('2035-08-23 10:00:15 GMT');
$this->assertEquals($expected->getTimestamp(), $this->invalidCertificate->getExpireDate()->getTimestamp());
$expected = new \DateTime('2014-08-28 09:12:43 GMT');
$this->assertEquals($expected->getTimestamp(), $this->expiredCertificate->getExpireDate()->getTimestamp());
@ -91,13 +91,13 @@ class CertificateTest extends \Test\TestCase {
}
public function testGetIssuerName(): void {
$this->assertSame('security.owncloud.com', $this->goodCertificate->getIssuerName());
$this->assertSame('security.nextcloud.com', $this->goodCertificate->getIssuerName());
$this->assertSame(null, $this->invalidCertificate->getIssuerName());
$this->assertSame(null, $this->expiredCertificate->getIssuerName());
}
public function testGetIssuerOrganization(): void {
$this->assertSame('ownCloud Security', $this->goodCertificate->getIssuerOrganization());
$this->assertSame('Nextcloud Security', $this->goodCertificate->getIssuerOrganization());
$this->assertSame('Internet Widgits Pty Ltd', $this->invalidCertificate->getIssuerOrganization());
$this->assertSame('Internet Widgits Pty Ltd', $this->expiredCertificate->getIssuerOrganization());
}

Write Preview
Loading…
Cancel
Save