From 894fda1a4defecb5eae95a1f9a99bac5e1ad7a6c Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Mon, 25 Aug 2025 11:48:08 +0200 Subject: [PATCH] ci: Update testing certificates that expired after 10 years Signed-off-by: Joas Schilling --- tests/data/certificates/Readme.md | 35 ++++++++++++++++ tests/data/certificates/badCertificate.crt | 41 ++++++++++--------- tests/data/certificates/goodCertificate.crt | 44 ++++++++++----------- tests/lib/Security/CertificateTest.php | 16 ++++---- 4 files changed, 84 insertions(+), 52 deletions(-) create mode 100644 tests/data/certificates/Readme.md diff --git a/tests/data/certificates/Readme.md b/tests/data/certificates/Readme.md new file mode 100644 index 00000000000..e4bf800ce6c --- /dev/null +++ b/tests/data/certificates/Readme.md @@ -0,0 +1,35 @@ + + +# Recreating certificates + +Regenerate a new certificate key together with the good (Nextcloud Security) and bad (default Org name) certificates + +## Good Certificate +``` +openssl req \ + -newkey rsa:2048 \ + -nodes \ + -keyout security.nextcloud.com.key \ + -x509 \ + -days 3650 \ + -out goodCertificate.crt +``` +- Country Name: `DE` +- State or Province Name:`Berlin` +- Organization Name:`Nextcloud Security` +- Common Name: `security.nextcloud.com` + +## Bad Certificate +``` +openssl req \ + -key security.nextcloud.com.key \ + -new \ + -x509 \ + -days 3650 \ + -out badCertificate.crt +``` +- Country Name: `DE` +- State or Province Name:`Berlin` diff --git a/tests/data/certificates/badCertificate.crt b/tests/data/certificates/badCertificate.crt index c61c1e6aec6..ec3904eecdc 100644 --- a/tests/data/certificates/badCertificate.crt +++ b/tests/data/certificates/badCertificate.crt @@ -1,22 +1,21 @@ -----BEGIN CERTIFICATE----- -MIIDtTCCAp2gAwIBAgIJAJ9c5xX3Bf7cMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV -BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX -aWRnaXRzIFB0eSBMdGQwHhcNMTUwODI3MjAxOTEzWhcNMjUwODI0MjAxOTEzWjBF -MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50 -ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB -CgKCAQEApYxB04E1rGUCopazf8PsW+3EYrX8J1Ze4g3jRJEmzqHLB4+T4h45LwLl -D7OLJCLdYA8sfEruInokNV1oUBGDwBWdZA1w7d4o7Wgwiz7WE0FQwkA7YpvtKK2K -Xvv5wltdUzI+WpbfhHzlg8XIDCPA0ayWx2CDyqsHMXYNOvov1vPbIASF0nBGnRSK -5Eu7KUKK5UkO8+G6RqBwxQkd/tB2GV68npls++QzA0nf3IIHcc+yNQqaMnb5CVxg -z2i98VuvCPzYY/EWHkIGdSSKRqRG4sqRegb6d/qf46NfjVYLziLfsFGFH4fLVy6n -IxkP0gdnoTGu8K8H6wm57GViGLLsPwIDAQABo4GnMIGkMB0GA1UdDgQWBBRrMYy8 -SOqiMiVdo/dfyN6yftK+jzB1BgNVHSMEbjBsgBRrMYy8SOqiMiVdo/dfyN6yftK+ -j6FJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV -BAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJ9c5xX3Bf7cMAwGA1UdEwQF -MAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAHargAErj8TAhMfozjgqRihCSOIO5DX7 -W/7mBImP6B76ctP+PWzEaGrOPO81WR5apZP72cwnXD6WABKd1YhMSyr2NI++y5jP -c3KF/3MpGu4ZYV39JUVpfeq5Fzu9d9C49tj384vljixsxeaCUKuZYqyPuHeGr14u -7UytsqYORRy/rG4xm0mhk/srOzKJlRenSc9QiWH2Mxst55+cj7zXXFG54N7rI3UU -9e4Lc2NHQLv3Xv6FunC9mB/AUuEcI6XS6CqNyzAtPAvbO6MZGwUft/S/2TAyqJB0 -VsXK3j3X8DJCwruNLGA3Q/TAYHqrElYg8N4b6w4LD91WbrRyWvkCXmM= ------END CERTIFICATE----- \ No newline at end of file +MIIDYzCCAkugAwIBAgIURRAxXDBFFR1X0WuUOj7oKFDCooMwDQYJKoZIhvcNAQEL +BQAwQTELMAkGA1UEBhMCREUxDzANBgNVBAgMBkJlcmxpbjEhMB8GA1UECgwYSW50 +ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMB4XDTI1MDgyNTEwMDAxNVoXDTM1MDgyMzEw +MDAxNVowQTELMAkGA1UEBhMCREUxDzANBgNVBAgMBkJlcmxpbjEhMB8GA1UECgwY +SW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEAvPH9evINYYNhBg5YaZh3OUVl4SUCUbAc+xmZmiuAxoXN10avmfa/ +rpoeHua2fbPa48BOIyDPxXoofEwfqB+Q8P4CsSjEaRegsj3Djdkoyz+edPb9vTWE +pkSCfj/K3zS2kkY2nPw6qVRVen3siP97kNv3NviU5wbvv5RW5Qjz8W6UMuX2Th4j +7mQ5b1YdLHMFd2H6Vs3vAfiX8hY1DUc6U4Uf4XBO372k8sUyQtsSGlHxBKwPN7Gh +KZJqkTUCXWC4JzOkShXTe179SlxFLQtOqU2azrJqlb6/0cxGtsZLcv/CI+x+Fpca +hAQ4Qzii7iRRBlk8aDfAtXJafqhKJo1N/wIDAQABo1MwUTAdBgNVHQ4EFgQU8LRp +H0E1ASvIgy5FCsVdX2nyYSkwHwYDVR0jBBgwFoAU8LRpH0E1ASvIgy5FCsVdX2ny +YSkwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAZuFOU5L22cPI +E1bMaIc6UjQn5l2QB9qhTVJuGmdo8ARLNVv3FyEHDaSCNhV1V0MEmnOwwKGKXggo +Uxe8Ki29fOt3ftkWG2F22Fh3PsU4xIAqwQv5s+urR/9E6ylfIbqPdj6XiY/D9jID +wnPDsNG+7ar90YFxsxisemQIVAOLzWGS2a3fglRz0hJfaoAxJdXbz///MflWzdUL +7t9ngBsbf9M/dicltLrCcYYG+BMC+fAoZO3aRSfS/+hxBjc3hNYQ5zLzWqzLzF0y +N+rxo/2G0fvqipowkMTgYcCIBA9DZY1YPCwgTfHGyrH3XI7yImdoHYs5Ld39Sq0J ++fXdrZSPlQ== +-----END CERTIFICATE----- diff --git a/tests/data/certificates/goodCertificate.crt b/tests/data/certificates/goodCertificate.crt index 4072c8db2dc..7010ba475c9 100644 --- a/tests/data/certificates/goodCertificate.crt +++ b/tests/data/certificates/goodCertificate.crt @@ -1,24 +1,22 @@ -----BEGIN CERTIFICATE----- -MIIEADCCAuigAwIBAgIJAN0NPgU09qt9MA0GCSqGSIb3DQEBBQUAMF0xCzAJBgNV -BAYTAkNIMRIwEAYDVQQIEwlTdC5HYWxsZW4xGjAYBgNVBAoTEW93bkNsb3VkIFNl -Y3VyaXR5MR4wHAYDVQQDExVzZWN1cml0eS5vd25jbG91ZC5jb20wHhcNMTUwODI3 -MjAwMzQyWhcNMjUwODI0MjAwMzQyWjBdMQswCQYDVQQGEwJDSDESMBAGA1UECBMJ -U3QuR2FsbGVuMRowGAYDVQQKExFvd25DbG91ZCBTZWN1cml0eTEeMBwGA1UEAxMV -c2VjdXJpdHkub3duY2xvdWQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB -CgKCAQEAlxdUFrwhvT+Exp78Nk0A8Zpfi9/XoLyQkKWH162HX++mxtGXrFKAl5PT -fKRAv0VqY8hincT+6AlzQkdtiOi5OSVFJpeubtSKrShJQyDKmGLlDntanfLc69GT -EhkznHmA8AeQMK/NApQpOSC+nmdxpu1aKk7QkSYfpmZ41HF8zKWJTyXzFPZGKw+l -YxfzIxmUMIIZvfeWE3hq3qlJcS+KO8NcCHEpoiVvZp7PpfDTnyOQVjSkWg55c4j6 -cqNgJ93WTOTOE+3D1XF43Oo+0VQivJn7/tQmIOAg+YyL3Sjmzjb8sP0ksx17vpLO -Z73UShJw5AGtoaS4oQkSd/+qYBwQMwIDAQABo4HCMIG/MB0GA1UdDgQWBBSG7JAe -KoR82sQ60QhMNWdU4qY6YzCBjwYDVR0jBIGHMIGEgBSG7JAeKoR82sQ60QhMNWdU -4qY6Y6FhpF8wXTELMAkGA1UEBhMCQ0gxEjAQBgNVBAgTCVN0LkdhbGxlbjEaMBgG -A1UEChMRb3duQ2xvdWQgU2VjdXJpdHkxHjAcBgNVBAMTFXNlY3VyaXR5Lm93bmNs -b3VkLmNvbYIJAN0NPgU09qt9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD -ggEBAJL9LKzWSJCTG0r+pNXw6Xy2DW9xbi3YsUeelkMKMqurmiH59P90juOJQgIC -B1Jcn/U0rzpJpolI3jJNjHzs/kI4MDkzcKGV84Pqwj+PSdMFK3OCWH/J81lUhrCj -H3yguZ/JpAisInVeBqg6lRf0X+S8jJIp4ZP2XZJsX70XgkRsEaC9TrlxtFsm839t -WhroMb25Njm9eAdSYrx5PFDwN8TtJlb5Ve3uZL8D0uBv+p0kWjkt1TrDk2x78F6b -5ExmE9+APc0gcLtSVwIGX6FDXOcOA8ndkp7p4K0CDnMZfFAU0oKxvnDxehrVKQEL -os/cq7EKmmsY/rM0uJ6L0ka4WUk= ------END CERTIFICATE----- \ No newline at end of file +MIIDuzCCAqOgAwIBAgIUGyAVECfPaXxvfEOrxo58ANU0MYEwDQYJKoZIhvcNAQEL +BQAwbTELMAkGA1UEBhMCREUxDzANBgNVBAgMBkJlcmxpbjEPMA0GA1UEBwwGQmVy +bGluMRswGQYDVQQKDBJOZXh0Y2xvdWQgU2VjdXJpdHkxHzAdBgNVBAMMFnNlY3Vy +aXR5Lm5leHRjbG91ZC5jb20wHhcNMjUwODI1MDk1MzE0WhcNMzUwODIzMDk1MzE0 +WjBtMQswCQYDVQQGEwJERTEPMA0GA1UECAwGQmVybGluMQ8wDQYDVQQHDAZCZXJs +aW4xGzAZBgNVBAoMEk5leHRjbG91ZCBTZWN1cml0eTEfMB0GA1UEAwwWc2VjdXJp +dHkubmV4dGNsb3VkLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB +ALzx/XryDWGDYQYOWGmYdzlFZeElAlGwHPsZmZorgMaFzddGr5n2v66aHh7mtn2z +2uPATiMgz8V6KHxMH6gfkPD+ArEoxGkXoLI9w43ZKMs/nnT2/b01hKZEgn4/yt80 +tpJGNpz8OqlUVXp97Ij/e5Db9zb4lOcG77+UVuUI8/FulDLl9k4eI+5kOW9WHSxz +BXdh+lbN7wH4l/IWNQ1HOlOFH+FwTt+9pPLFMkLbEhpR8QSsDzexoSmSapE1Al1g +uCczpEoV03te/UpcRS0LTqlNms6yapW+v9HMRrbGS3L/wiPsfhaXGoQEOEM4ou4k +UQZZPGg3wLVyWn6oSiaNTf8CAwEAAaNTMFEwHQYDVR0OBBYEFPC0aR9BNQEryIMu +RQrFXV9p8mEpMB8GA1UdIwQYMBaAFPC0aR9BNQEryIMuRQrFXV9p8mEpMA8GA1Ud +EwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAKuoLKvlt7W63t9xDIYbYI3e +3BeSt769lA2aBaIktSg7hVIFvX929sMMROD0sNSx81IMl7Cxm9u6C3BuKzUZDOwv +hy7gj+CaA5e5moUmpfrFtTR4aAoacZpjDXd3H/OqMELFkx5QHhw5z2nnubrNaera +pMQj/GOe/7+d1vjma+kNcKT6JBd5BPQqfk9+AVv5TombaLf3xc7dFR6bUQZKkZ2L +9zCZamUai/qf66KQzdELLpUsX1O2ByCl95wVL5c0CcDObxLuVDn8AzsAnsa5EhM8 +68s38Xb/gUYDIny2F43+rEk8qQjd5OITFfd2K6ur5EcvIQrFHE7IUbKlIu9RqPs= +-----END CERTIFICATE----- diff --git a/tests/lib/Security/CertificateTest.php b/tests/lib/Security/CertificateTest.php index 732b431d73e..b7a1a818406 100644 --- a/tests/lib/Security/CertificateTest.php +++ b/tests/lib/Security/CertificateTest.php @@ -59,26 +59,26 @@ class CertificateTest extends \Test\TestCase { } public function testGetCommonName(): void { - $this->assertSame('security.owncloud.com', $this->goodCertificate->getCommonName()); + $this->assertSame('security.nextcloud.com', $this->goodCertificate->getCommonName()); $this->assertSame(null, $this->invalidCertificate->getCommonName()); } public function testGetOrganization(): void { - $this->assertSame('ownCloud Security', $this->goodCertificate->getOrganization()); + $this->assertSame('Nextcloud Security', $this->goodCertificate->getOrganization()); $this->assertSame('Internet Widgits Pty Ltd', $this->invalidCertificate->getOrganization()); } public function testGetIssueDate(): void { - $expected = new \DateTime('2015-08-27 20:03:42 GMT'); + $expected = new \DateTime('2025-08-25 09:53:14 GMT'); $this->assertEquals($expected->getTimestamp(), $this->goodCertificate->getIssueDate()->getTimestamp()); - $expected = new \DateTime('2015-08-27 20:19:13 GMT'); + $expected = new \DateTime('2025-08-25 10:00:15 GMT'); $this->assertEquals($expected->getTimestamp(), $this->invalidCertificate->getIssueDate()->getTimestamp()); } public function testGetExpireDate(): void { - $expected = new \DateTime('2025-08-24 20:03:42 GMT'); + $expected = new \DateTime('2035-08-23 09:53:14 GMT'); $this->assertEquals($expected->getTimestamp(), $this->goodCertificate->getExpireDate()->getTimestamp()); - $expected = new \DateTime('2025-08-24 20:19:13 GMT'); + $expected = new \DateTime('2035-08-23 10:00:15 GMT'); $this->assertEquals($expected->getTimestamp(), $this->invalidCertificate->getExpireDate()->getTimestamp()); $expected = new \DateTime('2014-08-28 09:12:43 GMT'); $this->assertEquals($expected->getTimestamp(), $this->expiredCertificate->getExpireDate()->getTimestamp()); @@ -91,13 +91,13 @@ class CertificateTest extends \Test\TestCase { } public function testGetIssuerName(): void { - $this->assertSame('security.owncloud.com', $this->goodCertificate->getIssuerName()); + $this->assertSame('security.nextcloud.com', $this->goodCertificate->getIssuerName()); $this->assertSame(null, $this->invalidCertificate->getIssuerName()); $this->assertSame(null, $this->expiredCertificate->getIssuerName()); } public function testGetIssuerOrganization(): void { - $this->assertSame('ownCloud Security', $this->goodCertificate->getIssuerOrganization()); + $this->assertSame('Nextcloud Security', $this->goodCertificate->getIssuerOrganization()); $this->assertSame('Internet Widgits Pty Ltd', $this->invalidCertificate->getIssuerOrganization()); $this->assertSame('Internet Widgits Pty Ltd', $this->expiredCertificate->getIssuerOrganization()); }