首頁 探索 說明
註冊 登入
chengnan
/
s202226701001
1
0
複刻 0
檔案 問題管理 0 合併請求 0 Wiki
目錄樹: d46a2532a3
分支列表 標籤列表
s202226701001
/
sever-test
/
node_modules
/
@parse
/
node-apn
/
test
/
credentials
/
certificate
/
parsePkcs12.js

parsePkcs12.js 4.4 KB
文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125 
  1. const parsePkcs12 = require('../../../lib/credentials/certificate/parsePkcs12');
    2. 

  2. 

  3. const APNKey = require('../../../lib/credentials/certificate/APNKey');
    4. 

  4. const APNCertificate = require('../../../lib/credentials/certificate/APNCertificate');
    5. 

  5. 

  6. const fs = require('fs');
    7. 

  7. 

  8. describe('parsePkcs12', function () {
    9. 

  9.   describe('with PKCS#12 data', function () {
    10. 

  10.     let p12, properties;
    11. 

  11.     describe('return value', function () {
    12. 

  12.       let credentials;
    13. 

  13.       before(function () {
    14. 

  14.         p12 = fs.readFileSync('test/credentials/support/certIssuerKey.p12');
    15. 

  15.         credentials = parsePkcs12(p12);
    16. 

  16.       });
    17. 

  17. 

  18.       it('is an object', function () {
    19. 

  19.         expect(credentials).to.be.an('object');
    20. 

  20.       });
    21. 

  21. 

  22.       it('contains a private key', function () {
    23. 

  23.         expect(credentials).to.include.keys('key');
    24. 

  24.       });
    25. 

  25. 

  26.       describe('private key', function () {
    27. 

  27.         it('is an instance of APNKey', function () {
    28. 

  28.           expect(credentials.key).to.be.an.instanceof(APNKey);
    29. 

  29.         });
    30. 

  30. 

  31.         it('has the correct fingerprint', function () {
    32. 

  32.           expect(credentials.key.fingerprint()).to.equal(
    33. 

  33.             '2d594c9861227dd22ba5ae37cc9354e9117a804d'
    34. 

  34.           );
    35. 

  35.         });
    36. 

  36.       });
    37. 

  37. 

  38.       it('contains a certificate chain', function () {
    39. 

  39.         expect(credentials).to.include.keys('certificates');
    40. 

  40.       });
    41. 

  41. 

  42.       describe('certificate chain', function () {
    43. 

  43.         it('is an array', function () {
    44. 

  44.           expect(credentials.certificates).to.be.an('array');
    45. 

  45.         });
    46. 

  46. 

  47.         it('contains the correct number of certificates', function () {
    48. 

  48.           expect(credentials.certificates.length).to.equal(2);
    49. 

  49.         });
    50. 

  50. 

  51.         it('contains APNCertificate objects', function () {
    52. 

  52.           const certificates = credentials.certificates;
    53. 

  53.           certificates.forEach(function (certificate) {
    54. 

  54.             expect(certificate).to.be.an.instanceof(APNCertificate);
    55. 

  55.           });
    56. 

  56.         });
    57. 

  57. 

  58.         it('contains certificates with the correct fingerprints', function () {
    59. 

  59.           const fingerprints = [
    60. 

  60.             '2d594c9861227dd22ba5ae37cc9354e9117a804d',
    61. 

  61.             'ccff221d67cb3335649f9b4fbb311948af76f4b2',
    62. 

  62.           ];
    63. 

  63.           const certificates = credentials.certificates;
    64. 

  64.           certificates.forEach(function (certificate, index) {
    65. 

  65.             expect(certificate.key().fingerprint()).to.equal(fingerprints[index]);
    66. 

  66.           });
    67. 

  67.         });
    68. 

  68.       });
    69. 

  69.     });
    70. 

  70. 

  71.     // OpenSSL exports keys having no passphrase as a C string with a \0 byte appended
    72. 

  72.     describe('having empty passphrase (OpenSSL-CLI-generated file)', function () {
    73. 

  73.       describe('return value', function () {
    74. 

  74.         it('has the correct key', function () {
    75. 

  75.           p12 = fs.readFileSync('test/credentials/support/certIssuerKeyOpenSSL.p12');
    76. 

  76.           properties = parsePkcs12(p12);
    77. 

  77.           expect(properties.key.fingerprint()).to.equal('2d594c9861227dd22ba5ae37cc9354e9117a804d');
    78. 

  78.         });
    79. 

  79.       });
    80. 

  80.     });
    81. 

  81. 

  82.     describe('with correct passphrase', function () {
    83. 

  83.       describe('return value', function () {
    84. 

  84.         it('has the correct key', function () {
    85. 

  85.           p12 = fs.readFileSync('test/credentials/support/certIssuerKeyPassphrase.p12');
    86. 

  86.           properties = parsePkcs12(p12, 'apntest');
    87. 

  87.           expect(properties.key.fingerprint()).to.equal('2d594c9861227dd22ba5ae37cc9354e9117a804d');
    88. 

  88.         });
    89. 

  89.       });
    90. 

  90.     });
    91. 

  91.     describe('with incorrect passphrase', function () {
    92. 

  92.       it('throws', function () {
    93. 

  93.         p12 = fs.readFileSync('test/credentials/support/certIssuerKeyPassphrase.p12');
    94. 

  94.         expect(function () {
    95. 

  95.           parsePkcs12(p12, 'notthepassphrase');
    96. 

  96.         }).to.throw('unable to parse credentials, incorrect passphrase');
    97. 

  97.       });
    98. 

  98.     });
    99. 

  99. 

  100.     // Unclear whether multiple keys in one PKCS#12 file can be distinguished
    101. 

  101.     // at present if there's more than one just throw a warning. Should also
    102. 

  102.     // do the same thing in apnKeyFromPem
    103. 

  103.     describe('multiple keys', function () {
    104. 

  104.       it('throws', function () {
    105. 

  105.         p12 = fs.readFileSync('test/credentials/support/multipleKeys.p12');
    106. 

  106.         expect(function () {
    107. 

  107.           parsePkcs12(p12);
    108. 

  108.         }).to.throw('multiple keys found in PFX/P12 file');
    109. 

  109.       });
    110. 

  110.     });
    111. 

  111.   });
    112. 

  112. 

  113.   describe('PEM file', function () {
    114. 

  114.     it('throws', function () {
    115. 

  115.       const pem = fs.readFileSync('test/credentials/support/certKey.pem');
    116. 

  116.       expect(function () {
    117. 

  117.         parsePkcs12(pem);
    118. 

  118.       }).to.throw('unable to parse credentials, not a PFX/P12 file');
    119. 

  119.     });
    120. 

  120.   });
    121. 

  121. 

  122.   it('returns undefined for undefined', function () {
    123. 

  123.     expect(parsePkcs12()).to.be.undefined;
    124. 

  124.   });
    125. 

  125. });
    126.