vacp2p/nim-libp2p
1
0
Fork 0
mirror of https://github.com/vacp2p/nim-libp2p.git synced 2026-01-09 02:28:14 -05:00
Code Issues Packages Projects Releases 14 Wiki Activity

chore(certificate): update test vectors (#1294)

Browse Source
This commit is contained in:
vladopajic
2025-04-01 17:15:26 +02:00
committed by GitHub
parent 7586f17b15
commit 5584809fca
1 changed files with 12 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
tests/transports/tls/testcertificate.nim
View File

@@ -45,53 +45,51 @@ suite "Certificate roundtrip tests":
cert = parse(certX509.certificate)
check not cert.verify()
## Test vectors are equivalents to https://github.com/libp2p/specs/blob/master/tls/tls.md#test-vectors.
## Since certificates in those don't have Issuer and Subject, they are empty,
## they are not successfully parsed by parse(...) because those rules are enforced by Mbed TLS.
## Test vectors from https://github.com/libp2p/specs/blob/master/tls/tls.md#test-vectors.
suite "Test vectors":
test "ECDSA Peer ID":
let certBytesHex =
"3082021d308201c3a0030201020210030a3d9ec63fa9699d9786225333e2e6300a06082a8648ce3d040302301431123010060355040a13096c69627032702e696f301e170d3235303331393131353433315a170d3335303331373131353433315a301431123010060355040a13096c69627032702e696f3059301306072a8648ce3d020106082a8648ce3d0301070342000443cb7e0ad4550054ce8aef3871ff1183280a801f359a62449e742616d4859acbf90e4c3549e91d30343d934d6c7ed5177fda747b05450109ac0c2bed4b774961a381f63081f3300e0603551d0f0101ff0404030205a030130603551d25040c300a06082b06010505070301300c0603551d130101ff040230003081bd060a2b0601040183a25a01010481ae3081ab045f0803125b3059301306072a8648ce3d020106082a8648ce3d03010703420004e4314d7937c72ffe3e32c86bf01ce5dbbba97f51b3ba1b92988dc055134e67192cc7c4a72957efc81ca1d6842568424661f51d645cf188b49dcb378ab2f3ad8804483046022100b7a863233201ee58c55303e3a295debb4494215fadf9fdae8d673ec77fdc9248022100c622e11fc3f22d7ab6b3fbdb2b4fcdc20ded5cf63903c4a203b28418ea8eee41300a06082a8648ce3d0403020348003045022100ca7a345bdb1c9729e741d34871ef68150f8cd4727d3328a9c45401e201bbc0350220712fc0a3ec3fca0e50d001049a0a4114d957ae111f4c911c3e54360d80aa7119"
"308201f63082019da0030201020204499602d2300a06082a8648ce3d040302302031123010060355040a13096c69627032702e696f310a300806035504051301313020170d3735303130313133303030305a180f34303936303130313133303030305a302031123010060355040a13096c69627032702e696f310a300806035504051301313059301306072a8648ce3d020106082a8648ce3d030107034200040c901d423c831ca85e27c73c263ba132721bb9d7a84c4f0380b2a6756fd601331c8870234dec878504c174144fa4b14b66a651691606d8173e55bd37e381569ea381c23081bf3081bc060a2b0601040183a25a01010481ad3081aa045f0803125b3059301306072a8648ce3d020106082a8648ce3d03010703420004bf30511f909414ebdd3242178fd290f093a551cf75c973155de0bb5a96fedf6cb5d52da7563e794b512f66e60c7f55ba8a3acf3dd72a801980d205e8a1ad29f2044730450220064ea8124774caf8f50e57f436aa62350ce652418c019df5d98a3ac666c9386a022100aa59d704a931b5f72fb9222cb6cc51f954d04a4e2e5450f8805fe8918f71eaae300a06082a8648ce3d04030203470030440220799395b0b6c1e940a7e4484705f610ab51ed376f19ff9d7c16757cfbf61b8d4302206205c03fbb0f95205c779be86581d3e31c01871ad5d1f3435bcf375cb0e5088a"
let cert = parse(fromHex(certBytesHex))
check $cert.peerId() == "QmPt7GAt6b4cJE8qYWYUvBkSPxmhsVoqkSnbtkoKw8rsKr"
check $cert.peerId() == "QmfXbAwNjJLXfesgztEHe8HwgVDCMMpZ9Eax1HYq6hn9uE"
check cert.publicKey().scheme == PKScheme.ECDSA
check cert.verify()
test "RSA Peer ID":
let certBytesHex =
"308203ab30820351a003020102021100c45fe6bdaa7f858ae9010f034eebf23a300a06082a8648ce3d040302301431123010060355040a13096c69627032702e696f301e170d3235303331393131353433315a170d3335303331373131353433315a301431123010060355040a13096c69627032702e696f3059301306072a8648ce3d020106082a8648ce3d030107034200048b835a7e40731d2a19bb78ccce4bb856148f35f9d94c2ca76fd802e42a6f4967bc5ab759747febef5257105fefdb5c3bd831471ff09679147629f7b98e955ef8a38202823082027e300e0603551d0f0101ff0404030205a030130603551d25040c300a06082b06010505070301300c0603551d130101ff0402300030820247060a2b0601040183a25a010104820237308202330482012b080012a60230820122300d06092a864886f70d01010105000382010f003082010a0282010100be68dbf6581a77d78c27a8d3f743e8e0c63bd120b5afa97e66acecd3e6c34309ffeab0df899e0557b927ce52e6c9759561139d56c7ee09dc61bad52719fadc61266fabcd2ea8d7958f7a8f4cb978d9f843ae8200127fdc2392534f5932e3cd03f62c777b23fe7b382708eea6cc01f5f618e47f347ba26b3f798d93cacda7f1c08acdfea93b616957c9318bad1fbee5bcb082b4c9bf52c03c02ed6825243f2aeb5ecdf421d18fa09f7dc9954ab5294a002927d1dd282c51c676c6107dcaa2c46f94fa8829ced7dd8a08d650a60559b5c09c3f01ce333e08dcbc82953a3930ed5da566c8dee5f8a4da32a1136f1e72ea7b8c285ed847917d4098aa7b7f69e6f97302030100010482010015f51f63fdb649a4ee756195fc21d3498e76d7c3f4e4001637990c6bcd38acfc7c0d2eefa2dce24f38993c18cc17e7cf4902a2ac5b7c124b3f562cc3965502312f1a23d93f9dc10b5bd0f589ef922ca540249389cc52e148a4e0a1cf993ca3c9a347e1f0c119cbd5fa99df67e5cb33a1f44c06c39c17d1cc8b213156b6bc3bd9c787f52cfecb37e2a87df4b65d84c8961b16ce502df2b324290539c347fbc8a6011b309fc7901bbdeafa8bd21c4b2026930cd953d1d9d71320b49e3a4bee67b7ff457435808231c18d80469dacb1b51ebfb9dc9fa276f843fd820b6c76d6e9babd113f58bec25498269393c1c94fe6252e0efe8dc14560db1d207a6fad9df013300a06082a8648ce3d0403020348003045022027d5507d7663f7cba18abb2c7b1ab48ea2cdaaf57bbd0df692042c87e42d285a022100b049a8f7510eeff76e87a239e4a2d8e63f69d0efde003a969515195efe306759"
"308203863082032ba0030201020204499602d2300a06082a8648ce3d040302302031123010060355040a13096c69627032702e696f310a300806035504051301313020170d3735303130313133303030305a180f34303936303130313133303030305a302031123010060355040a13096c69627032702e696f310a300806035504051301313059301306072a8648ce3d020106082a8648ce3d030107034200040c901d423c831ca85e27c73c263ba132721bb9d7a84c4f0380b2a6756fd601331c8870234dec878504c174144fa4b14b66a651691606d8173e55bd37e381569ea382024f3082024b30820247060a2b0601040183a25a010104820237308202330482012b080012a60230820122300d06092a864886f70d01010105000382010f003082010a0282010100c6423f0fa8757d15b9e9332126339f32395b3f5d16e639b9d030e0507e60e68c973607dad6a2994a5b5f80456de271f21faee9051807e846ade5b396c661eef046e1f8f2279182df845f8962040cf08f6cfadcfde9c4592a0d11b92edab459e9099535db595834c8db762136a164f159bb01a5545a24e0f453df420e6633a9cbc123454b68c11966bc9851993608875e804cfe65604ac60f357b226ba57de0c191039935f7c0c85f1d3de7c2aeb7e6a1520f7201542b949784feb85d53d99f034a55218e6c4fae870cddf7dbb43583cd9eb1bc9e5111c0e7cf62aafef1188711ba205b87c8c95a4ccf154881a49e8b155c795fc1c7621b3b95b01ce4af48a6a7020301000104820100ab0ed7f294e3ec740cb5842ec3d0fc5a0458e00b60bb6c9ee0da8626d0cc1a50cbeb4cc1d61e9a487b327627600b7474e29f5d6c2f66c24966b3524c87e9edc42a3461fb183ce92127b160cf1be599f04a68a22cb463c266181b87e265d418ebff1bcf255bd5e5c1db783ff5909db37c183af5532563c847f104b540855727af53c0412d181f0893e150d5a28e0e9562ff301ff1278264a724152abf0e79537d52cddc205a0f5205490f18218b28ec8051b887033572ace045c24bfe3c0c72d18171148fac43f8b3a494a4ba90d27e554f64c17dc8513597078409e813791d79ee225bf6a2d8dc0893304f74b949230dad4ee4e1cfa62fa1c9ff0439bcda79c3300a06082a8648ce3d0403020349003046022100b3f1961bb314db110f9aae02e1ca0db9cbfda089635a6b99f257661db41a913d022100c04cad46601322e10cf092360a5a290148dfca40fdf7050c977863c57b407144"
let cert = parse(fromHex(certBytesHex))
check $cert.peerId() == "QmSRYjW2NDJnZZU8C75vUNWSWane11Vjj1y4RUasymvD5w"
check $cert.peerId() == "QmXsmtNnfvVdbDaPK415Zw3sjcS49aNfE33PtrQPtoyUfa"
check cert.publicKey().scheme == PKScheme.RSA
check cert.verify()
test "Ed25519 Peer ID":
let certBytesHex =
"308201d83082017ea003020102021100a488d437a726243f2f3933fb76ac1260300a06082a8648ce3d040302301431123010060355040a13096c69627032702e696f301e170d3235303331393131353433315a170d3335303331373131353433315a301431123010060355040a13096c69627032702e696f3059301306072a8648ce3d020106082a8648ce3d0301070342000408cb1e75b43c328b0c68b732cce1264aeaba43691a02b49af3cdb255b2832b10882aeb0cc2579ebc8750a15ae93c96be04c8a3ed11811ba90edc4cd2186a7b5ba381b03081ad300e0603551d0f0101ff0404030205a030130603551d25040c300a06082b06010505070301300c0603551d130101ff040230003078060a2b0601040183a25a0101046a3068042408011220964412b781912b2cac807b9731d30201c0c17fccaf15363bf03458b4ed37b9120440fa19f2c89aed436e07ef860dc37a16e538b2714d4fbc95f2470d680bf04319de942108a7c61a23b8112715dd6a5db7846e0d8e2dfc0a11069f6691f0d4fa2c0c300a06082a8648ce3d040302034800304502210097c3c6887c2f4f4747f51a969e104ee3b66d4518bb42adeba13657954bc482b10220613a0a8726ef3c5453e1fe19a2e6fbb8cf6674c9d9480d210655b5416b57a939"
"308201ae30820156a0030201020204499602d2300a06082a8648ce3d040302302031123010060355040a13096c69627032702e696f310a300806035504051301313020170d3735303130313133303030305a180f34303936303130313133303030305a302031123010060355040a13096c69627032702e696f310a300806035504051301313059301306072a8648ce3d020106082a8648ce3d030107034200040c901d423c831ca85e27c73c263ba132721bb9d7a84c4f0380b2a6756fd601331c8870234dec878504c174144fa4b14b66a651691606d8173e55bd37e381569ea37c307a3078060a2b0601040183a25a0101046a3068042408011220a77f1d92fedb59dddaea5a1c4abd1ac2fbde7d7b879ed364501809923d7c11b90440d90d2769db992d5e6195dbb08e706b6651e024fda6cfb8846694a435519941cac215a8207792e42849cccc6cd8136c6e4bde92a58c5e08cfd4206eb5fe0bf909300a06082a8648ce3d0403020346003043021f50f6b6c52711a881778718238f650c9fb48943ae6ee6d28427dc6071ae55e702203625f116a7a454db9c56986c82a25682f7248ea1cb764d322ea983ed36a31b77"
let cert = parse(fromHex(certBytesHex))
check $cert.peerId() == "12D3KooWKvwXZNS7Rabb9xZgscwidxjkCh6GgJCxvaYc2UekmKGu"
check $cert.peerId() == "12D3KooWM6CgA9iBFZmcYAHA6A2qvbAxqfkmrYiRQuz3XEsk4Ksv"
check cert.publicKey().scheme == PKScheme.Ed25519
check cert.verify()
test "Secp256k1 Peer ID":
let certBytesHex =
"308201dd30820184a00302010202102c9f34881912e91d916c813673fc268a300a06082a8648ce3d040302301431123010060355040a13096c69627032702e696f301e170d3235303331393131353433315a170d3335303331373131353433315a301431123010060355040a13096c69627032702e696f3059301306072a8648ce3d020106082a8648ce3d03010703420004accc9a0f5852fd73b02ec880c4cb2076cd37440ae24aee1eb4b3116311215f9ba0a3d86a4b12dbf04f0a08e8f4dd2cc0f515bcb86e4653e991e2f0efc0365886a381b73081b4300e0603551d0f0101ff0404030205a030130603551d25040c300a06082b06010505070301300c0603551d130101ff04023000307f060a2b0601040183a25a01010471306f0425080212210378067cceac4ac01ce5b03758ce4de591cec37080e434c3dd5e1cc62cd6da2831044630440220544b670a9d92b262714317f7f20f6afbd910d1573584fb672b0714bc2b8b195e02203d832f7f308e03a5a4d33fc4866af2044e9c69c459478ffb32b55ba7e7fad2a9300a06082a8648ce3d0403020347003044022048f1495b10b0ffcd8590600663bd63f7585b40c5f25ea65256e83410f3b12c6002202a37ba56922f953444e1128839a6c64681edcab6107b6fdc8e8a36172a95f842"
"308201ba3082015fa0030201020204499602d2300a06082a8648ce3d040302302031123010060355040a13096c69627032702e696f310a300806035504051301313020170d3735303130313133303030305a180f34303936303130313133303030305a302031123010060355040a13096c69627032702e696f310a300806035504051301313059301306072a8648ce3d020106082a8648ce3d030107034200040c901d423c831ca85e27c73c263ba132721bb9d7a84c4f0380b2a6756fd601331c8870234dec878504c174144fa4b14b66a651691606d8173e55bd37e381569ea38184308181307f060a2b0601040183a25a01010471306f0425080212210206dc6968726765b820f050263ececf7f71e4955892776c0970542efd689d2382044630440220145e15a991961f0d08cd15425bb95ec93f6ffa03c5a385eedc34ecf464c7a8ab022026b3109b8a3f40ef833169777eb2aa337cfb6282f188de0666d1bcec2a4690dd300a06082a8648ce3d0403020349003046022100e1a217eeef9ec9204b3f774a08b70849646b6a1e6b8b27f93dc00ed58545d9fe022100b00dafa549d0f03547878338c7b15e7502888f6d45db387e5ae6b5d46899cef0"
let cert = parse(fromHex(certBytesHex))
check $cert.peerId() == "16Uiu2HAmLjX1eVhPDcu5UX7iMprQGHdn3iVqebE9Qe4R5LScDCPz"
check $cert.peerId() == "16Uiu2HAkutTMoTzDw1tCvSRtu6YoixJwS46S1ZFxW8hSx9fWHiPs"
check cert.publicKey().scheme == PKScheme.Secp256k1
check cert.verify()
test "Invalid certificate signature":
let certBytesHex =
"3082021d308201c3a00302010202107f3d6f4349b6e7eb3b1bb66fff5046b8300a06082a8648ce3d040302301431123010060355040a13096c69627032702e696f301e170d3235303331393134333631355a170d3335303331373134333631355a301431123010060355040a13096c69627032702e696f3059301306072a8648ce3d020106082a8648ce3d03010703420004df3a5d51c593489f59301eb4363618ba87c47f8bbbaec04af98d5fb94f3e15fff2abc41cc14a85b765df1b83d56feae524abfd9ad85e1e2805f06fc2f9794e72a381f63081f3300e0603551d0f0101ff0404030205a030130603551d25040c300a06082b06010505070301300c0603551d130101ff040230003081bd060a2b0601040183a25a01010481ae3081ab045f0803125b3059301306072a8648ce3d020106082a8648ce3d03010703420004534e5755014446ff4077c66addc4ac71be602d146d5d709a8c476a94a680b7e3355a17b95eda49c19740b90dcfb929e1e537ec8146acfcaa731b1b84c1ffdd83044830460221009f599024ebec5e4002c63878e6ba84f98fc968f2d635539524b7161b4ad31752022100bf5dd3b475e84c2192bee0a94ba41751f846b2715fa2f2ec51443dd89bed37f1300a06082a8648ce3d040302034800304502202362f3821760ed19d8ecb6c2c98e272e36728e2f9b74c80dfb44f4b6a4bca7ac022100dfbf9c66a75fdb91aa4215c5dbb6a560b81dcc3ebf7e4ef414cfbe04a8f3e5ee"
"308201f73082019da0030201020204499602d2300a06082a8648ce3d040302302031123010060355040a13096c69627032702e696f310a300806035504051301313020170d3735303130313133303030305a180f34303936303130313133303030305a302031123010060355040a13096c69627032702e696f310a300806035504051301313059301306072a8648ce3d020106082a8648ce3d030107034200040c901d423c831ca85e27c73c263ba132721bb9d7a84c4f0380b2a6756fd601331c8870234dec878504c174144fa4b14b66a651691606d8173e55bd37e381569ea381c23081bf3081bc060a2b0601040183a25a01010481ad3081aa045f0803125b3059301306072a8648ce3d020106082a8648ce3d03010703420004bf30511f909414ebdd3242178fd290f093a551cf75c973155de0bb5a96fedf6cb5d52da7563e794b512f66e60c7f55ba8a3acf3dd72a801980d205e8a1ad29f204473045022100bb6e03577b7cc7a3cd1558df0da2b117dfdcc0399bc2504ebe7de6f65cade72802206de96e2a5be9b6202adba24ee0362e490641ac45c240db71fe955f2c5cf8df6e300a06082a8648ce3d0403020348003045022100e847f267f43717358f850355bdcabbefb2cfbf8a3c043b203a14788a092fe8db022027c1d04a2d41fd6b57a7e8b3989e470325de4406e52e084e34a3fd56eef0d0df"
let cert = parse(fromHex(certBytesHex)) # should parse correctly
# should have valid key
check $cert.peerId() == "QmPQwJ5aQa22kq97MbMcZGrDaBa7LxhHBuxD2SYBgy5Yrv"
# should have key
check $cert.peerId() == "QmfXbAwNjJLXfesgztEHe8HwgVDCMMpZ9Eax1HYq6hn9uE"
check cert.publicKey().scheme == PKScheme.ECDSA
# should not verify