From 65b7b479956aaa67b679e18e0742b1a19ada1ffd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antonio=20Barc=C3=A9los?= Date: Mon, 26 Feb 2024 18:05:37 +0100 Subject: [PATCH 01/18] Introduce Client Certificate Tests --- driver.py | 4 +- main.py | 49 +++++++++++++--------- neo4j.py | 84 +++++++++++++++++++++++++++++++++---- nutkit/frontend/driver.py | 6 ++- nutkit/protocol/requests.py | 9 +++- runner.py | 22 ++++++++-- tests/neo4j/shared.py | 21 +++++++++- 7 files changed, 158 insertions(+), 37 deletions(-) diff --git a/driver.py b/driver.py index 33dfd940a..38161bd89 100644 --- a/driver.py +++ b/driver.py @@ -73,7 +73,9 @@ def start_container(testkit_path, branch_name, driver_name, driver_path, # Configure volume map for the driver container mount_map = { testkit_path: "/testkit", - driver_path: "/driver" + driver_path: "/driver", + # ADJUST PATH + "/Users/bigmontz/neo4j_mtls_test/client": "/certificates:ro" } if os.environ.get("TEST_BUILD_CACHE_ENABLED") == "true": if driver_name == "java": diff --git a/main.py b/main.py index de8edf077..8c7ee82fd 100644 --- a/main.py +++ b/main.py @@ -42,9 +42,12 @@ def initialise_configurations(settings): - def generate_config(version, enterprise, cluster, scheme, stress_test): - assert (cluster and scheme == "neo4j" - or not cluster and scheme in ("neo4j", "bolt")) + def generate_config(version, enterprise, cluster, scheme, stress_test, + mtls=False): + assert (cluster + and scheme in ("neo4j", "neo4j+s", "neo4j+ssc") + or not cluster + and scheme in ("neo4j", "bolt", "neo4j+s", "neo4j+ssc")) edition = "enterprise" if enterprise else "community" name = "%s-%s%s-%s" % (version, edition, "-cluster" if cluster else "", scheme) @@ -57,7 +60,8 @@ def generate_config(version, enterprise, cluster, scheme, stress_test): cluster=cluster, suite=version, scheme=scheme, - stress_test_duration=stress_test + stress_test_duration=stress_test, + mtls=mtls ) def generate_tc_config( @@ -89,29 +93,34 @@ def generate_tc_config( # neo4j:4.4-enterprise, ...) grouped together. Else, TestKit will download # the same image multiple times if `TEST_DOCKER_RMI` is set to `true`. configurations = [ - generate_config(version_, enterprise_, cluster_, scheme_, stress_test_) - for (version_, enterprise_, cluster_, scheme_, stress_test_) in ( + generate_config(version_, enterprise_, + cluster_, scheme_, stress_test_, mtls_) + for (version_, enterprise_, + cluster_, scheme_, stress_test_, mtls_) + in ( # not officially supported versions - ("4.2", True, False, "neo4j", 0), - ("4.3", True, False, "neo4j", 0), + ("4.2", True, False, "neo4j", 0, False), + ("4.3", True, False, "neo4j", 0, False), # official backwards-compatibility # LTS version - ("4.4", False, False, "bolt", 0), - ("4.4", False, False, "neo4j", 0), - ("4.4", True, False, "bolt", 0), - ("4.4", True, False, "neo4j", 0), - ("4.4", True, True, "neo4j", 90), + ("4.4", False, False, "bolt", 0, False), + ("4.4", False, False, "neo4j", 0, False), + ("4.4", True, False, "bolt", 0, False), + ("4.4", True, False, "neo4j", 0, False), + ("4.4", True, True, "neo4j", 90, False), # Selected 5.x versions # Oldest 5.x version (BOLT 5.0) would be 5.0. # However, that has no tag at dockerhub, so we use 5.1 # https://github.com/neo4j/docker-neo4j/issues/391 - ("5.1", True, True, "neo4j", 0), + ("5.1", True, True, "neo4j", 0, False), # Bolt 5.1 - ("5.5", True, True, "neo4j", 0), + ("5.5", True, True, "neo4j", 0, False), # Bolt 5.2 - ("5.7", True, True, "neo4j", 0), + ("5.7", True, True, "neo4j", 0, False), # Bolt 5.3 - ("5.9", True, True, "neo4j", 0), + ("5.9", True, True, "neo4j", 0, False), + # mtls + ("5.15", True, False, "neo4j+ssc", 0, True), ) ] configurations += [ @@ -417,13 +426,15 @@ def _exit(): server = neo4j.Cluster(neo4j_config.image, server_name, neo4j_artifacts_path, - neo4j_config.version) + neo4j_config.version, + mtls=neo4j_config.mtls) else: print("\n Starting neo4j standalone server (%s)\n" % server_name) server = neo4j.Standalone( neo4j_config.image, server_name, neo4j_artifacts_path, - "neo4jserver", 7687, neo4j_config.version, neo4j_config.edition + "neo4jserver", 7687, neo4j_config.version, + neo4j_config.edition, neo4j_config.mtls ) server.start(networks[0]) addresses = server.addresses() diff --git a/neo4j.py b/neo4j.py index 5e8e2a677..b54d4052f 100644 --- a/neo4j.py +++ b/neo4j.py @@ -20,6 +20,7 @@ class Config: suite: str scheme: str stress_test_duration: int + mtls: bool username = "neo4j" @@ -30,13 +31,14 @@ class Standalone: """Single instance Neo4j server.""" def __init__(self, image, name, artifacts_path, hostname, port, version, - edition): + edition, mtls=False): self.name = name self._image = image self._artifacts_path = join(artifacts_path, name) self._container = None self._hostname = hostname self._port = port + self._mtls = mtls match = re.match(r"(\d+)\.dev", version) if match: self._version = (int(match.group(1)), float("inf")) @@ -50,6 +52,8 @@ def start(self, network): env_map = { "NEO4J_AUTH": f"{username}/{password}", } + logs_path = join(self._artifacts_path, "logs") + mount_map = {logs_path: "/logs"} if self._version < (5, 0): env_map.update({ "NEO4J_dbms_connector_bolt_advertised__address": @@ -69,10 +73,39 @@ def start(self, network): if self._edition != "community": env_map["NEO4J_ACCEPT_LICENSE_AGREEMENT"] = "yes" - logs_path = join(self._artifacts_path, "logs") + + if self._mtls: + # BOLT + env_map["NEO4J_dbms_ssl_policy_bolt_enabled"] = "true" + env_map["NEO4J_dbms_ssl_policy_bolt_base__directory"] = \ + "/certificates/bolt" + env_map["NEO4J_dbms_ssl_policy_bolt_private__key"] = \ + "private.key" + env_map["NEO4J_dbms_ssl_policy_bolt_public__certificate"] = \ + "public.crt" + env_map["NEO4J_dbms_ssl_policy_bolt_client__auth"] = \ + "REQUIRE" + env_map["NEO4J_server_bolt_tls__level"] = "REQUIRED" + + # HTTPS + env_map["NEO4J_server_http_enabled"] = "false" + env_map["NEO4J_server_https_enabled"] = "true" + env_map["NEO4J_dbms_ssl_policy_https_enabled"] = "true" + env_map["NEO4J_dbms_ssl_policy_https_base__directory"] = \ + "/certificates/https" + env_map["NEO4J_dbms_ssl_policy_https_private__key"] = \ + "private.key" + env_map["NEO4J_dbms_ssl_policy_https_public__certificate"] = \ + "public.crt" + + # SHARE CERTIFICATES + # NEED TO GENERATE + mount_map["/Users/bigmontz/neo4j_mtls_test/server"] = \ + "/certificates:ro" + self._container = docker.run( self._image, self._hostname, - mount_map={logs_path: "/logs"}, + mount_map=mount_map, env_map=env_map, network=network ) @@ -88,17 +121,19 @@ def stop(self): class Cluster: """Cluster of Neo4j servers.""" - def __init__(self, image, name, artifacts_path, version, num_cores=3): + def __init__(self, image, name, artifacts_path, version, num_cores=3, + mtls=False): self.name = name self._image = image self._artifacts_path = join(artifacts_path, name) self._version = version self._num_cores = num_cores self._cores = [] + self._mtls = mtls def start(self, network): for i in range(self._num_cores): - core = Core(i, self._artifacts_path, self._version) + core = Core(i, self._artifacts_path, self._version, self._mtls) self._cores.append(core) initial_members = ",".join([c.discover for c in self._cores]) @@ -121,7 +156,7 @@ class Core: TRANSACTION_PORT = 6000 RAFT_PORT = 7000 - def __init__(self, index, artifacts_path, version): + def __init__(self, index, artifacts_path, version, mtls): self.name = "core%d" % index self.discover = "%s:%d" % (self.name, Core.DISCOVERY_PORT + index) self.transaction = "%s:%d" % (self.name, Core.TRANSACTION_PORT + index) @@ -129,6 +164,7 @@ def __init__(self, index, artifacts_path, version): self._index = index self._artifacts_path = join(artifacts_path, self.name) self._container = None + self._mtls = mtls match = re.match(r"(\d+)\.dev", version) if match: self._version = (int(match.group(1)), float("inf")) @@ -142,9 +178,13 @@ def start(self, image, initial_members, network): "NEO4J_ACCEPT_LICENSE_AGREEMENT": "yes", "NEO4J_AUTH": f"{username}/{password}", } + logs_path = join(self._artifacts_path, "logs") + os.makedirs(logs_path, exist_ok=True) + mount_map = {logs_path: "/logs"} if self._version >= (5, 3) and len(password) < 8: env_map["NEO4J_dbms_security_auth__minimum__password__length"] = \ str(len(password)) + if self._version < (5, 0): env_map.update({ "NEO4J_dbms_connector_bolt_advertised__address": @@ -189,12 +229,38 @@ def start(self, image, initial_members, network): "0.0.0.0:%d" % (Core.TRANSACTION_PORT + self._index), }) - logs_path = join(self._artifacts_path, "logs") - os.makedirs(logs_path, exist_ok=True) + if self._mtls: + # BOLT + env_map["NEO4J_dbms_ssl_policy_bolt_enabled"] = "true" + env_map["NEO4J_dbms_ssl_policy_bolt_base__directory"] = \ + "/certificates/bolt" + env_map["NEO4J_dbms_ssl_policy_bolt_private__key"] = \ + "private.key" + env_map["NEO4J_dbms_ssl_policy_bolt_public__certificate"] = \ + "public.crt" + env_map["NEO4J_dbms_ssl_policy_bolt_client__auth"] = \ + "REQUIRE" + env_map["NEO4J_server_bolt_tls__level"] = "REQUIRED" + + # HTTPS + env_map["NEO4J_server_http_enabled"] = "false" + env_map["NEO4J_server_https_enabled"] = "true" + env_map["NEO4J_dbms_ssl_policy_https_enabled"] = "true" + env_map["NEO4J_dbms_ssl_policy_https_base__directory"] = \ + "/certificates/https" + env_map["NEO4J_dbms_ssl_policy_https_private__key"] = \ + "private.key" + env_map["NEO4J_dbms_ssl_policy_https_public__certificate"] = \ + "public.crt" + + # SHARE CERTIFICATES + # NEED TO GENERATE + mount_map["/Users/bigmontz/neo4j_mtls_test/server"] = \ + "/certificates:ro" self._container = docker.run( image, self.name, - env_map=env_map, network=network, mount_map={logs_path: "/logs"}, + env_map=env_map, network=network, mount_map=mount_map, log_path=self._artifacts_path, background=True ) diff --git a/nutkit/frontend/driver.py b/nutkit/frontend/driver.py index a9d3c85b7..530948bc3 100644 --- a/nutkit/frontend/driver.py +++ b/nutkit/frontend/driver.py @@ -18,7 +18,8 @@ def __init__(self, backend, uri, auth_token, user_agent=None, connection_acquisition_timeout_ms=None, notifications_min_severity=None, notifications_disabled_categories=None, - telemetry_disabled=None): + telemetry_disabled=None, + client_certificate=None): self._backend = backend self._resolver_fn = resolver_fn self._domain_name_resolver_fn = domain_name_resolver_fn @@ -50,7 +51,8 @@ def __init__(self, backend, uri, auth_token, user_agent=None, connection_acquisition_timeout_ms=connection_acquisition_timeout_ms, # noqa: E501 notifications_min_severity=notifications_min_severity, notifications_disabled_categories=notifications_disabled_categories, # noqa: E501 - telemetry_disabled=telemetry_disabled + telemetry_disabled=telemetry_disabled, + client_certificate=client_certificate ) res = backend.send_and_receive(req) if not isinstance(res, protocol.Driver): diff --git a/nutkit/protocol/requests.py b/nutkit/protocol/requests.py index adcd5b736..464801a96 100644 --- a/nutkit/protocol/requests.py +++ b/nutkit/protocol/requests.py @@ -75,7 +75,8 @@ def __init__( connection_acquisition_timeout_ms=None, notifications_min_severity=None, notifications_disabled_categories=None, - telemetry_disabled=None + telemetry_disabled=None, + client_certificate=None ): # Neo4j URI to connect to self.uri = uri @@ -112,6 +113,12 @@ def __init__( self.trustedCertificates = None else: self.trustedCertificates = trustedCertificates + if client_certificate is not None: + # missing password and formalization of protocol. + self.clientCertificate = { + "certfile": client_certificate[0], + "keyfile": client_certificate[1] + } class AuthorizationToken: diff --git a/runner.py b/runner.py index 9e3bba029..a66f583c9 100644 --- a/runner.py +++ b/runner.py @@ -78,8 +78,15 @@ def run_neo4j_tests(self, suite, hostname, username, password, "TEST_NEO4J_SCHEME": neo4j_config.scheme, "TEST_NEO4J_VERSION": neo4j_config.version, "TEST_NEO4J_EDITION": neo4j_config.edition, - "TEST_NEO4J_CLUSTER": neo4j_config.cluster + "TEST_NEO4J_CLUSTER": neo4j_config.cluster, + }) + if neo4j_config.mtls: + self._env.update({ + "TEST_NEO4J_SSL_CLIENT_CERT": "/certificates/certificate.pem", + "TEST_NEO4J_SSL_CLIENT_KEY": "/certificates/privatekey.pem" + }) + self._container.exec( ["python3", "-m", "tests.neo4j.suites", suite, neo4j_config.name], env_map=self._env @@ -92,7 +99,9 @@ def run_neo4j_tests_env_config(self): "TEST_NEO4J_SCHEME", "TEST_NEO4J_VERSION", "TEST_NEO4J_EDITION", - "TEST_NEO4J_CLUSTER"): + "TEST_NEO4J_CLUSTER", + "TEST_NEO4J_SSL_CLIENT_CERT", + "TEST_NEO4J_SSL_CLIENT_KEY"): self._env.update({key: os.environ.get(key)}) if self._env.get("TEST_NEO4J_HOST") == "localhost": self._env.update({"TEST_NEO4J_HOST": "host.docker.internal"}) @@ -127,6 +136,11 @@ def run_selected_neo4j_tests(self, test_pattern, hostname, username, "TEST_NEO4J_EDITION": neo4j_config.edition, "TEST_NEO4J_CLUSTER": neo4j_config.cluster }) + if neo4j_config.mtls: + self._env.update({ + "TEST_NEO4J_SSL_CLIENT_CERT": "/certificates/certificate.pem", + "TEST_NEO4J_SSL_CLIENT_KEY": "/certificates/privatekey.pem" + }) self._container.exec( ["python3", "-m", "unittest", "-v", test_pattern], env_map=self._env @@ -139,7 +153,9 @@ def run_selected_neo4j_tests_env_config(self, test_pattern): "TEST_NEO4J_SCHEME", "TEST_NEO4J_VERSION", "TEST_NEO4J_EDITION", - "TEST_NEO4J_CLUSTER"): + "TEST_NEO4J_CLUSTER", + "TEST_NEO4J_SSL_CLIENT_CERT", + "TEST_NEO4J_SSL_CLIENT_KEY"): self._env.update({key: os.environ.get(key)}) if self._env.get("TEST_NEO4J_HOST") == "localhost": self._env.update({"TEST_NEO4J_HOST": "host.docker.internal"}) diff --git a/tests/neo4j/shared.py b/tests/neo4j/shared.py index be4d7a91c..7307920c5 100644 --- a/tests/neo4j/shared.py +++ b/tests/neo4j/shared.py @@ -39,6 +39,8 @@ env_neo4j_version = "TEST_NEO4J_VERSION" env_neo4j_edition = "TEST_NEO4J_EDITION" env_neo4j_cluster = "TEST_NEO4J_CLUSTER" +env_neo4j_client_cert = "TEST_NEO4J_SSL_CLIENT_CERT" +env_neo4j_client_key = "TEST_NEO4J_SSL_CLIENT_KEY" def get_authorization(): @@ -74,7 +76,19 @@ def get_neo4j_scheme(): return scheme -def get_driver(backend, uri=None, auth=None, **kwargs): +def get_client_certificate(): + client_certificate_key = os.environ.get(env_neo4j_client_key) + client_certificate_cert = os.environ.get(env_neo4j_client_cert) + if client_certificate_cert is None or client_certificate_key is None: + if client_certificate_cert is not None or \ + client_certificate_key is not None: + raise Exception("Miss configuration of client certificate.") + return None + return client_certificate_cert, client_certificate_key + + +def get_driver(backend, uri=None, auth=None, + client_certificate=None, **kwargs): """Return default driver for tests that do not test this aspect.""" if uri is None: scheme = get_neo4j_scheme() @@ -82,7 +96,10 @@ def get_driver(backend, uri=None, auth=None, **kwargs): uri = "%s://%s:%d" % (scheme, host, port) if auth is None: auth = get_authorization() - return Driver(backend, uri, auth, **kwargs) + if client_certificate is None: + client_certificate = get_client_certificate() + return Driver(backend, uri, auth, client_certificate=client_certificate, + **kwargs) class ServerInfo: From a10f2d2244d6c3154e0a6e10a207c1d603bb5e03 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antonio=20Barc=C3=A9los?= Date: Tue, 27 Feb 2024 15:58:12 +0100 Subject: [PATCH 02/18] Generate a certificates (driver certificates are wrong) --- certgen/main.go | 17 +++++++++++++++++ driver.py | 5 +++-- neo4j.py | 10 ++++++---- tests/tls/certs/driver/certificate.pem | 10 ++++++++++ tests/tls/certs/driver/privatekey.pem | 5 +++++ tests/tls/certs/server/bolt/private.key | 5 +++++ tests/tls/certs/server/bolt/public.crt | 10 ++++++++++ tests/tls/certs/server/bolt/trusted/public.crt | 10 ++++++++++ tests/tls/certs/server/https/private.key | 5 +++++ tests/tls/certs/server/https/public.crt | 10 ++++++++++ tests/tls/certs/server/https/trusted/public.crt | 10 ++++++++++ 11 files changed, 91 insertions(+), 6 deletions(-) create mode 100644 tests/tls/certs/driver/certificate.pem create mode 100644 tests/tls/certs/driver/privatekey.pem create mode 100644 tests/tls/certs/server/bolt/private.key create mode 100644 tests/tls/certs/server/bolt/public.crt create mode 100644 tests/tls/certs/server/bolt/trusted/public.crt create mode 100644 tests/tls/certs/server/https/private.key create mode 100644 tests/tls/certs/server/https/public.crt create mode 100644 tests/tls/certs/server/https/trusted/public.crt diff --git a/certgen/main.go b/certgen/main.go index 4db9307f2..947de883e 100644 --- a/certgen/main.go +++ b/certgen/main.go @@ -177,4 +177,21 @@ func main() { untrustedRoot_server1Key, untrustedRoot_server1Der := generateServer(untrustedRootCert, untrustedRootKey, anHourAgo, tenYearsFromNow, "untrustedRoot_thehost", "thehost") writeKey(path.Join(basePath, "server", "untrustedRoot_thehost.key"), untrustedRoot_server1Key) writeCert(path.Join(basePath, "server", "untrustedRoot_thehost.pem"), untrustedRoot_server1Der) + + + // Generate Client Certificate + clientCert, clientKey, clientDer := generateRoot(anHourAgo, tenYearsFromNow, "client") + // Write client certificate to server + writeCert(path.Join(basePath, "server", "bolt", "public.crt"), clientDer) + writeCert(path.Join(basePath, "server", "https", "public.crt"), clientDer) + writeCert(path.Join(basePath, "server", "bolt", "trusted", "public.crt"), clientDer) + writeCert(path.Join(basePath, "server", "https", "trusted", "public.crt"), clientDer) + // Write client private key to server + writeKey(path.Join(basePath, "server", "bolt", "private.key"), clientKey) + writeKey(path.Join(basePath, "server", "https", "private.key"), clientKey) + + // Generate certificate.pem + clientKeyPem, clientCertificatePemDer := generateServer(clientCert, customRootKey, tenYearsAgo, anHourAgo, "client_host", "the_client") + writeCert(path.Join(basePath, "driver", "certificate.pem"), clientCertificatePemDer) + writeKey(path.Join(basePath, "driver", "privatekey.pem"), clientKeyPem) } diff --git a/driver.py b/driver.py index 38161bd89..a1f24b86b 100644 --- a/driver.py +++ b/driver.py @@ -70,12 +70,13 @@ def start_container(testkit_path, branch_name, driver_name, driver_path, branch_name, driver_name, artifacts_path_build, build_args=_get_build_args()) container_name = "driver" + certificates_path = os.path.join(testkit_path, + "tests", "tls", "certs", "driver") # Configure volume map for the driver container mount_map = { testkit_path: "/testkit", driver_path: "/driver", - # ADJUST PATH - "/Users/bigmontz/neo4j_mtls_test/client": "/certificates:ro" + certificates_path: "/certificates:ro" } if os.environ.get("TEST_BUILD_CACHE_ENABLED") == "true": if driver_name == "java": diff --git a/neo4j.py b/neo4j.py index b54d4052f..69e8a1a59 100644 --- a/neo4j.py +++ b/neo4j.py @@ -99,8 +99,9 @@ def start(self, network): "public.crt" # SHARE CERTIFICATES - # NEED TO GENERATE - mount_map["/Users/bigmontz/neo4j_mtls_test/server"] = \ + certificates_path = join(os.path.curdir, + "tests", "tls", "certs", "server") + mount_map[certificates_path] = \ "/certificates:ro" self._container = docker.run( @@ -254,8 +255,9 @@ def start(self, image, initial_members, network): "public.crt" # SHARE CERTIFICATES - # NEED TO GENERATE - mount_map["/Users/bigmontz/neo4j_mtls_test/server"] = \ + certificates_path = join(os.path.curdir, + "tests", "tls", "certs", "server") + mount_map[certificates_path] = \ "/certificates:ro" self._container = docker.run( diff --git a/tests/tls/certs/driver/certificate.pem b/tests/tls/certs/driver/certificate.pem new file mode 100644 index 000000000..d6103be63 --- /dev/null +++ b/tests/tls/certs/driver/certificate.pem @@ -0,0 +1,10 @@ +-----BEGIN CERTIFICATE----- +MIIBcTCCARigAwIBAgIRAMdpqeRR2oT2oKeLOvsrpnwwCgYIKoZIzj0EAwIwETEP +MA0GA1UEAxMGY2xpZW50MB4XDTA0MDMwMzE0MTU1NFoXDTI0MDIyNzEzMTU1NFow +FjEUMBIGA1UEAwwLY2xpZW50X2hvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC +AATurq7jn3JpYKqP/dmDbcq8Pfqce4fpyUf7Nv1QiU/IPQ55Ha7CO+B+nS63zJ1k +Sz97o525qOjoPrgZGXqTz0HYo0wwSjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAww +CgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADAVBgNVHREEDjAMggp0aGVfY2xpZW50 +MAoGCCqGSM49BAMCA0cAMEQCID0MXpu3djvDcDs0MFN5lSAGBH8ODxOjtO0AtuYh +fRFWAiAzUn6TJa/bPGI7dvjex/WububEYT8mEhQ9+Ii9ECRT+A== +-----END CERTIFICATE----- diff --git a/tests/tls/certs/driver/privatekey.pem b/tests/tls/certs/driver/privatekey.pem new file mode 100644 index 000000000..e038b9bea --- /dev/null +++ b/tests/tls/certs/driver/privatekey.pem @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEID50ng63xoM4RaE+ZKyi9OW1SXJGjn66Q4DeBXtIBeeaoAoGCCqGSM49 +AwEHoUQDQgAE7q6u459yaWCqj/3Zg23KvD36nHuH6clH+zb9UIlPyD0OeR2uwjvg +fp0ut8ydZEs/e6Oduajo6D64GRl6k89B2A== +-----END EC PRIVATE KEY----- diff --git a/tests/tls/certs/server/bolt/private.key b/tests/tls/certs/server/bolt/private.key new file mode 100644 index 000000000..b2e46bf64 --- /dev/null +++ b/tests/tls/certs/server/bolt/private.key @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIDnILuaWB8AwQampzGGCR4k2sW+cEE5i0VB1ang5UF8ioAoGCCqGSM49 +AwEHoUQDQgAEAZfBPkAuhcS0x6MUQCpGWnjqLkBq4z3RE01vYm9TWD4ZSIKbpfbC +PS1P1Qye/O9rQPEzVNUTfixQ+LPiRl90hg== +-----END EC PRIVATE KEY----- diff --git a/tests/tls/certs/server/bolt/public.crt b/tests/tls/certs/server/bolt/public.crt new file mode 100644 index 000000000..874d33ee6 --- /dev/null +++ b/tests/tls/certs/server/bolt/public.crt @@ -0,0 +1,10 @@ +-----BEGIN CERTIFICATE----- +MIIBeDCCAR6gAwIBAgIRANpL83Xiv9lVWN7Unv2mrkowCgYIKoZIzj0EAwIwETEP +MA0GA1UEAxMGY2xpZW50MB4XDTI0MDIyNzEzMTU1NFoXDTQ0MDIyMjE0MTU1NFow +ETEPMA0GA1UEAxMGY2xpZW50MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAZfB +PkAuhcS0x6MUQCpGWnjqLkBq4z3RE01vYm9TWD4ZSIKbpfbCPS1P1Qye/O9rQPEz +VNUTfixQ+LPiRl90hqNXMFUwDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG +AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFDJ7A7d13ljPYUX/ffkb +Qox7uTPlMAoGCCqGSM49BAMCA0gAMEUCIQCZqb+dpPrMAPuVyuMi13BpesjOmDun +qmFl5uEgxMDUegIgBcjxFjzogS+5vGTdeqtdQ/H+7pEfWupyNulY0rVo8Wc= +-----END CERTIFICATE----- diff --git a/tests/tls/certs/server/bolt/trusted/public.crt b/tests/tls/certs/server/bolt/trusted/public.crt new file mode 100644 index 000000000..874d33ee6 --- /dev/null +++ b/tests/tls/certs/server/bolt/trusted/public.crt @@ -0,0 +1,10 @@ +-----BEGIN CERTIFICATE----- +MIIBeDCCAR6gAwIBAgIRANpL83Xiv9lVWN7Unv2mrkowCgYIKoZIzj0EAwIwETEP +MA0GA1UEAxMGY2xpZW50MB4XDTI0MDIyNzEzMTU1NFoXDTQ0MDIyMjE0MTU1NFow +ETEPMA0GA1UEAxMGY2xpZW50MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAZfB +PkAuhcS0x6MUQCpGWnjqLkBq4z3RE01vYm9TWD4ZSIKbpfbCPS1P1Qye/O9rQPEz +VNUTfixQ+LPiRl90hqNXMFUwDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG +AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFDJ7A7d13ljPYUX/ffkb +Qox7uTPlMAoGCCqGSM49BAMCA0gAMEUCIQCZqb+dpPrMAPuVyuMi13BpesjOmDun +qmFl5uEgxMDUegIgBcjxFjzogS+5vGTdeqtdQ/H+7pEfWupyNulY0rVo8Wc= +-----END CERTIFICATE----- diff --git a/tests/tls/certs/server/https/private.key b/tests/tls/certs/server/https/private.key new file mode 100644 index 000000000..b2e46bf64 --- /dev/null +++ b/tests/tls/certs/server/https/private.key @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIDnILuaWB8AwQampzGGCR4k2sW+cEE5i0VB1ang5UF8ioAoGCCqGSM49 +AwEHoUQDQgAEAZfBPkAuhcS0x6MUQCpGWnjqLkBq4z3RE01vYm9TWD4ZSIKbpfbC +PS1P1Qye/O9rQPEzVNUTfixQ+LPiRl90hg== +-----END EC PRIVATE KEY----- diff --git a/tests/tls/certs/server/https/public.crt b/tests/tls/certs/server/https/public.crt new file mode 100644 index 000000000..874d33ee6 --- /dev/null +++ b/tests/tls/certs/server/https/public.crt @@ -0,0 +1,10 @@ +-----BEGIN CERTIFICATE----- +MIIBeDCCAR6gAwIBAgIRANpL83Xiv9lVWN7Unv2mrkowCgYIKoZIzj0EAwIwETEP +MA0GA1UEAxMGY2xpZW50MB4XDTI0MDIyNzEzMTU1NFoXDTQ0MDIyMjE0MTU1NFow +ETEPMA0GA1UEAxMGY2xpZW50MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAZfB +PkAuhcS0x6MUQCpGWnjqLkBq4z3RE01vYm9TWD4ZSIKbpfbCPS1P1Qye/O9rQPEz +VNUTfixQ+LPiRl90hqNXMFUwDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG +AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFDJ7A7d13ljPYUX/ffkb +Qox7uTPlMAoGCCqGSM49BAMCA0gAMEUCIQCZqb+dpPrMAPuVyuMi13BpesjOmDun +qmFl5uEgxMDUegIgBcjxFjzogS+5vGTdeqtdQ/H+7pEfWupyNulY0rVo8Wc= +-----END CERTIFICATE----- diff --git a/tests/tls/certs/server/https/trusted/public.crt b/tests/tls/certs/server/https/trusted/public.crt new file mode 100644 index 000000000..874d33ee6 --- /dev/null +++ b/tests/tls/certs/server/https/trusted/public.crt @@ -0,0 +1,10 @@ +-----BEGIN CERTIFICATE----- +MIIBeDCCAR6gAwIBAgIRANpL83Xiv9lVWN7Unv2mrkowCgYIKoZIzj0EAwIwETEP +MA0GA1UEAxMGY2xpZW50MB4XDTI0MDIyNzEzMTU1NFoXDTQ0MDIyMjE0MTU1NFow +ETEPMA0GA1UEAxMGY2xpZW50MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAZfB +PkAuhcS0x6MUQCpGWnjqLkBq4z3RE01vYm9TWD4ZSIKbpfbCPS1P1Qye/O9rQPEz +VNUTfixQ+LPiRl90hqNXMFUwDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG +AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFDJ7A7d13ljPYUX/ffkb +Qox7uTPlMAoGCCqGSM49BAMCA0gAMEUCIQCZqb+dpPrMAPuVyuMi13BpesjOmDun +qmFl5uEgxMDUegIgBcjxFjzogS+5vGTdeqtdQ/H+7pEfWupyNulY0rVo8Wc= +-----END CERTIFICATE----- From cd007d05d0032e27e7049150adab341cbc54c289 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antonio=20Barc=C3=A9los?= Date: Tue, 27 Feb 2024 17:12:23 +0100 Subject: [PATCH 03/18] Fix certificates --- certgen/main.go | 59 +++++++++++++++---- tests/tls/certs/driver/certificate.pem | 35 ++++++++--- tests/tls/certs/driver/privatekey.pem | 57 ++++++++++++++++-- tests/tls/certs/server/bolt/private.key | 57 ++++++++++++++++-- tests/tls/certs/server/bolt/public.crt | 35 ++++++++--- .../tls/certs/server/bolt/trusted/client.pem | 29 +++++++++ .../tls/certs/server/bolt/trusted/public.crt | 35 ++++++++--- tests/tls/certs/server/https/private.key | 57 ++++++++++++++++-- tests/tls/certs/server/https/public.crt | 35 ++++++++--- .../tls/certs/server/https/trusted/client.pem | 29 +++++++++ .../tls/certs/server/https/trusted/public.crt | 35 ++++++++--- 11 files changed, 397 insertions(+), 66 deletions(-) create mode 100644 tests/tls/certs/server/bolt/trusted/client.pem create mode 100644 tests/tls/certs/server/https/trusted/client.pem diff --git a/certgen/main.go b/certgen/main.go index 947de883e..ae27a4e21 100644 --- a/certgen/main.go +++ b/certgen/main.go @@ -7,6 +7,7 @@ package main import ( "crypto/ecdsa" + "crypto/rsa" "crypto/elliptic" "crypto/rand" "crypto/x509" @@ -40,6 +41,15 @@ func writeKey(path string, keyx interface{}) { if err != nil { panic(err) } + case *rsa.PrivateKey: + m, err := x509.MarshalPKCS8PrivateKey(key) + if err != nil { + panic(err) + } + err = pem.Encode(file, &pem.Block{Type: "PRIVATE KEY", Bytes: m}) + if err != nil { + panic(err) + } default: panic("Unknown key type") } @@ -113,6 +123,30 @@ func generateServer(parent *x509.Certificate, parentPrivate interface{}, notBefo return key, derBytes } +func generateRsa4096Sha512(notBefore, notAfter time.Time, commonName string)(interface{}, []byte) { + key, err := rsa.GenerateKey(rand.Reader, 4096) + if err != nil { + panic(err) + } + + template := x509.Certificate{ + SerialNumber: newSerialNumber(), + NotBefore: notBefore, + NotAfter: notAfter, + Subject: pkix.Name{CommonName: commonName}, + KeyUsage: x509.KeyUsageCertSign, + ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}, + BasicConstraintsValid: true, + IsCA: true, + } + + derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, &key.PublicKey, key) + if err != nil { + panic(err) + } + return key, derBytes +} + func main() { basePath := path.Join(os.Args[1], "certs") @@ -179,19 +213,22 @@ func main() { writeCert(path.Join(basePath, "server", "untrustedRoot_thehost.pem"), untrustedRoot_server1Der) - // Generate Client Certificate - clientCert, clientKey, clientDer := generateRoot(anHourAgo, tenYearsFromNow, "client") + // Generate Server Certificate + serverKey, serverDer := generateRsa4096Sha512(anHourAgo, tenYearsFromNow, "client") // Write client certificate to server - writeCert(path.Join(basePath, "server", "bolt", "public.crt"), clientDer) - writeCert(path.Join(basePath, "server", "https", "public.crt"), clientDer) - writeCert(path.Join(basePath, "server", "bolt", "trusted", "public.crt"), clientDer) - writeCert(path.Join(basePath, "server", "https", "trusted", "public.crt"), clientDer) + writeCert(path.Join(basePath, "server", "bolt", "public.crt"), serverDer) + writeCert(path.Join(basePath, "server", "https", "public.crt"), serverDer) + writeCert(path.Join(basePath, "server", "bolt", "trusted", "public.crt"), serverDer) + writeCert(path.Join(basePath, "server", "https", "trusted", "public.crt"), serverDer) // Write client private key to server - writeKey(path.Join(basePath, "server", "bolt", "private.key"), clientKey) - writeKey(path.Join(basePath, "server", "https", "private.key"), clientKey) + writeKey(path.Join(basePath, "server", "bolt", "private.key"), serverKey) + writeKey(path.Join(basePath, "server", "https", "private.key"), serverKey) // Generate certificate.pem - clientKeyPem, clientCertificatePemDer := generateServer(clientCert, customRootKey, tenYearsAgo, anHourAgo, "client_host", "the_client") - writeCert(path.Join(basePath, "driver", "certificate.pem"), clientCertificatePemDer) - writeKey(path.Join(basePath, "driver", "privatekey.pem"), clientKeyPem) + clientKey, clientDer := generateRsa4096Sha512(anHourAgo, tenYearsFromNow, "client") + writeCert(path.Join(basePath, "driver", "certificate.pem"), clientDer) + writeKey(path.Join(basePath, "driver", "privatekey.pem"), clientKey) + // Copy to + writeCert(path.Join(basePath, "server", "bolt", "trusted", "client.pem"), clientDer) + writeCert(path.Join(basePath, "server", "https", "trusted", "client.pem"), clientDer) } diff --git a/tests/tls/certs/driver/certificate.pem b/tests/tls/certs/driver/certificate.pem index d6103be63..4fa535f0c 100644 --- a/tests/tls/certs/driver/certificate.pem +++ b/tests/tls/certs/driver/certificate.pem @@ -1,10 +1,29 @@ -----BEGIN CERTIFICATE----- -MIIBcTCCARigAwIBAgIRAMdpqeRR2oT2oKeLOvsrpnwwCgYIKoZIzj0EAwIwETEP -MA0GA1UEAxMGY2xpZW50MB4XDTA0MDMwMzE0MTU1NFoXDTI0MDIyNzEzMTU1NFow -FjEUMBIGA1UEAwwLY2xpZW50X2hvc3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC -AATurq7jn3JpYKqP/dmDbcq8Pfqce4fpyUf7Nv1QiU/IPQ55Ha7CO+B+nS63zJ1k -Sz97o525qOjoPrgZGXqTz0HYo0wwSjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAww -CgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADAVBgNVHREEDjAMggp0aGVfY2xpZW50 -MAoGCCqGSM49BAMCA0cAMEQCID0MXpu3djvDcDs0MFN5lSAGBH8ODxOjtO0AtuYh -fRFWAiAzUn6TJa/bPGI7dvjex/WububEYT8mEhQ9+Ii9ECRT+A== +MIIFAzCCAuugAwIBAgIQI+SZhRo+8CR3WCsmtLSFDjANBgkqhkiG9w0BAQsFADAR +MQ8wDQYDVQQDEwZjbGllbnQwHhcNMjQwMjI3MTUwNDQzWhcNNDQwMjIyMTYwNDQz +WjARMQ8wDQYDVQQDEwZjbGllbnQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK +AoICAQCqYTaHYssFQF6BSxisJ756f2a8BfC2EkYoiGYuLM9vQB+0F6qV0vQP1RrA +o7ZAhK+UFmm8BnFZLg6dlrFki0gGgehK5hpd5v7tnYINyBpO1KDh0fz8xmT4oPya +3IYw/l30N30SOgd2E+H61/lTcOFsrtQUVvG6YcxzXPxtdU7JfgFJag0mR42zIZUD +9LOqoOGj9L0byW0pJmEOkEljt5efBLKAnMX6S4XzzU6VJlkqvwO6WS2AnpMWxOzy +SOl+qQuBQKZ2Nnuk+yc2g5MqtC8C1E6jBHxFNtZcOS+KwawxfwCSvzMtZCMHs0Ky +4eo/0imljFUYJIGanjD6pi7ps3WfA5kP060Xl0v2cYCabpgcorfiYG93e4+Tb5cX +HhsuDvBn34fsFj7AjMy58b+2MVlqrI+k0vAJGOuL4iwO8mrQrNWw3KeF/32pyTBG +r2MEaqUO10m/7LVrld2PzVDlKVxOcw1Yy3hM2JKurQ5DOvQdSOEim7kXWf0fuxCe +xz06suceA9/j5iD5fxR7/0IrlQqVnQQM3/SwpvIjkotB2e7stdyDUtWT2RBPmB3G +DlJSOjmPnXC78Vr16LLUrMCRSdVwdpDa8CyTwT5uY9FLBcLMxrL0M6Uj/v4F71dm +r3u9JTGbcNTIwg+IMeRvu42kBHx+Z5VuTlSy4FkuZJntBbphjwIDAQABo1cwVTAO +BgNVHQ8BAf8EBAMCAgQwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0TAQH/BAUw +AwEB/zAdBgNVHQ4EFgQUyFYPImfvvjeQ9Zj6d0S5R2cKQXMwDQYJKoZIhvcNAQEL +BQADggIBAKZGfCV4jRX/3MdFSworqZEAt1lFUnG4F7XFHo1k8fhnVgQCOpiDTg53 +bvMy8EPjdJo77rsmIxFHfvFm/I0AcVhqcQav35ilRyR26NextBFpcAd+dTh1VkPL +8mSc+aBWXkbiH2ExJW84Hbf6NTPf5cfMZfRnsdYRfa1Jj4bh0gOgc3O1UU1WdEnT +DSge0sKhru8XTfR+/A+QH6b2FPwnPBhB9k5BdKZ2StR1w8TMZQPFjpAm0OSsSOBb +v3q/clqLxcqwBh01RCblYOdjtW/OmnS3ZRTp/hq+dO+izS7nPc2LKzWdbuHS1Ac4 +pekqRFTK7/7XJXXXH5rUl8DkCoerQQuKCz475ogciVDJMKsDLaHVyGESoaZrs0kT +HDwyFKUikXqf3dgTGr41sCXdZ4UyLNHFv+vaPpqjucy8kZ0QiXUyxxRAwR90daHa +XDUH68MpnNFkXRVigGSbdAOelbNbjTwl3fHQ6iRMSwFg5fh42qw07MV4eVJla3OM +2Lfops2/pP+0782rx1oUUQusykeOVDmW/8EXE7LtbVyiz9fq1tvJrCzYOgy2D8zA +lC0IAGiKzTBPHrM+1pBkR88K1xyej8JU7S4TZjFisO3uPmP+IaQx1UClhVmiejWG +XAFlo3YO3LDdWBFw/+AyXXu/S/mpHrJYs0PTWDf3iNsFRQn5Iy1w -----END CERTIFICATE----- diff --git a/tests/tls/certs/driver/privatekey.pem b/tests/tls/certs/driver/privatekey.pem index e038b9bea..7f51e86fc 100644 --- a/tests/tls/certs/driver/privatekey.pem +++ b/tests/tls/certs/driver/privatekey.pem @@ -1,5 +1,52 @@ ------BEGIN EC PRIVATE KEY----- -MHcCAQEEID50ng63xoM4RaE+ZKyi9OW1SXJGjn66Q4DeBXtIBeeaoAoGCCqGSM49 -AwEHoUQDQgAE7q6u459yaWCqj/3Zg23KvD36nHuH6clH+zb9UIlPyD0OeR2uwjvg -fp0ut8ydZEs/e6Oduajo6D64GRl6k89B2A== ------END EC PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQCqYTaHYssFQF6B +SxisJ756f2a8BfC2EkYoiGYuLM9vQB+0F6qV0vQP1RrAo7ZAhK+UFmm8BnFZLg6d +lrFki0gGgehK5hpd5v7tnYINyBpO1KDh0fz8xmT4oPya3IYw/l30N30SOgd2E+H6 +1/lTcOFsrtQUVvG6YcxzXPxtdU7JfgFJag0mR42zIZUD9LOqoOGj9L0byW0pJmEO +kEljt5efBLKAnMX6S4XzzU6VJlkqvwO6WS2AnpMWxOzySOl+qQuBQKZ2Nnuk+yc2 +g5MqtC8C1E6jBHxFNtZcOS+KwawxfwCSvzMtZCMHs0Ky4eo/0imljFUYJIGanjD6 +pi7ps3WfA5kP060Xl0v2cYCabpgcorfiYG93e4+Tb5cXHhsuDvBn34fsFj7AjMy5 +8b+2MVlqrI+k0vAJGOuL4iwO8mrQrNWw3KeF/32pyTBGr2MEaqUO10m/7LVrld2P +zVDlKVxOcw1Yy3hM2JKurQ5DOvQdSOEim7kXWf0fuxCexz06suceA9/j5iD5fxR7 +/0IrlQqVnQQM3/SwpvIjkotB2e7stdyDUtWT2RBPmB3GDlJSOjmPnXC78Vr16LLU +rMCRSdVwdpDa8CyTwT5uY9FLBcLMxrL0M6Uj/v4F71dmr3u9JTGbcNTIwg+IMeRv +u42kBHx+Z5VuTlSy4FkuZJntBbphjwIDAQABAoICAGfNgmNJlVdFuE4dapK4RBxt +sjGrjNPgnk3jjB1lv5uP/cDDCnLtazSaKQpks4zrSe13GkQryLMElHL+dGVFVkRg +sR2wwy+ipH4wECRFXYHZmYr7XJ7EYI/5xOy0ni0LTEKV6+VG5XTS+ELTgluL0ktc +2Gjr76oWG3HNnR0y8yVfV3la21gPEA2q0Bbw5uV1zwMNAIoFVjRT5Z3x2kSefgmr +2vTwjs3HZXz8AHxuOLUKW0MVQduywPqGT7XtJhS8+P1uXfx3hS0mtuVHlEnYLSwU +HTTEbtHcbw0Q6h4nkLk3HypIwu1MrOrsFB7X9NedOzJZJR7oXu3MoxqSVNKdO3L/ +RMHV/WMIUK3rKxhZpfV5tb9Iqai1OP0j6BApqmvwGaisV9cFU5qVZJY+B6Gj3snf +u50Y0FUJ/UfXorm96Tlah+BqmutP/ceprIMKTxPJmAm4fQF2So03PAlROA6cQztM +yVApIuueAfLJ30Gif5GPYYddNRPA3+GZ3AtSbDlf+yDTRVts94rwVdAsI0YLXjSa +JV25v7wqqcNvBYylo3RRYlXYrp5beLsy8zm1obnT7i5scTmONaJFfiP8jqCnQx/f +PvMIKIOJJa7dWczGBPHdnrMGwSiip4dOblFxht8UZeQjoC7qUEVzH/vNuI+1+Hgp +ae2qThlmCK5pqZw2DPJBAoIBAQDTuMw7TJxds4wJPibYxECvSJJpIqqoPlhML+Tb +s5M6PZBAlAp28bpwclmMlrhGLcYhQaitjMxCRvHoGQ5O4jPqwCABy4SpNVXZXwO5 +n0HVxyND4LFqI6akt8BVqgXlOwJhpUltiKdFAgmK7hwd8MHsoUzoZQxarP1S3EFq +Hnc/YVBT2f3hCf+c1z3YUQKy8GcJGIV8Uac1IkqryYlq+EbDi546vv0vD+pUj/Ez +X9DprC9ZWt1OwEPiPOkijx2Lvxf1vJfEhx2kZ4YdpoIAjIX9HYSSiKsMalbLBN51 +SWqsMPRb8ZyZKFKm+pYFfbhKxtxCQ3KHXAuL1O82VCIgQ5XrAoIBAQDOAwh9JUiQ +GgrtdZFAy7WWHQh5hnGihwWBpSGhLSWcmaccdjGNyxnaFrLbP6pKKT8Y8Fhxn+EC +ow0LmYiPM+70pozjtioyx/8ncV2w3ZKELB6o29YeXqjfpiPpgxI5FyThayg6Xuuv +5NyojLdWCt7ukQnfdmcUhlWjDUxLEXRU302sFc634DJOW89MARj9xduIhUC2zEoO +unh3f1McVLSwDhDg3nsbT+g9ql8VJF1frvUZdrjwXl9fjYFLzhDDCdYAF8y+AwvT +BaJyHtIMiSpoBajWLASXlVAcO8JXsAknrB6VPo8jUUh/v4qH0d+hPe3XV67PxPp/ +8qaSMJ9Z8QXtAoIBABIMmASaJF5slwyWqtMh7+3BfxHNbcUIA5kDIDyGk4+Mfgaz +WC0JsH4zkWTF2JHLBzAAm/OnpCYmTCsgL7MT358sn83nXrjaHiZ4ziV96SvjXSNF +PXqx7VvveksTQotnO229nIPk+XWNleitIeJ/iti0a40ISERWqQXuVvlH/Zx+nE15 +sQYFRzBEvTX6ugMtMWt6Fq8heuKxuLHqbXecENRMy8FwVL81WSG6X7KkgXfaQPMa +JvG2vFLGJI3Yq4klUlKVsE6FwkYouSs/7adEU4vff1TKp+JYEmweTySqjJh/V+Wa +tGHuKRWpGS8Ap7xgNZjEjTfy5d0W2wnDpGEhwd8CggEAV/6RrKq1MN/+1OjHz05z +1Je4G/hiJ1LW9kZrc+XNz/MNnymZBwC+nRne8ali+mRd0DAxBu+Mc8zjcJX273v2 +UEennEgeBCzK/rT8mOQ7hfs2aVflQHmcVlMnucFDkmEhXquftjb/ItV1rwTT9ouU +J4CKIAn6A5lRkODIOrRM5UewbJWwA3he5Htwsv0xCIxvtgN83deqtlnNxPT8sfg4 +aY7IhNRi7wqVn2lbTbOHsqwPgv3kBr+4qx7NIGz3WeekocuIp4yzi0I33djuTW51 +T5NDR5/rojejzTt1SnElp+1r7sGW8DXy6qYM7PCnPb8vDTEluRdhDC/AGGduWUOL +DQKCAQBoZcJ3WSdB2uRKFGQqLPg99g3//gy2uUzemFER7l2jIF5ar8YYfXs0Wjpw +Cr2vz6VjVRTtPynYeb+TebUS1UiJ0lmgqepmlSoZytRyD6X/C+aRHOdOqe0BcrYL +Ye8envwUd/9IODBcxZoeS91CuCBo6XPymMeeZ768Y+j5XfkQmbXwnpvuiCO/6Jrh +8bitDUHhZkDrBy1i9BnwX6aGGNyo1zK1ZujxO/ldhJ7zCWZL4eoNNhONE2zIG8HC +Qbbkj4vDvrvS30pbok5Eptjh4tZS7w57TYNQNBTWjR3i/IAfEH5qzuU/BKnjVnlX +d1kSS5R4K32Q2sXynBG1YpU0iFnB +-----END PRIVATE KEY----- diff --git a/tests/tls/certs/server/bolt/private.key b/tests/tls/certs/server/bolt/private.key index b2e46bf64..0d011b532 100644 --- a/tests/tls/certs/server/bolt/private.key +++ b/tests/tls/certs/server/bolt/private.key @@ -1,5 +1,52 @@ ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIDnILuaWB8AwQampzGGCR4k2sW+cEE5i0VB1ang5UF8ioAoGCCqGSM49 -AwEHoUQDQgAEAZfBPkAuhcS0x6MUQCpGWnjqLkBq4z3RE01vYm9TWD4ZSIKbpfbC -PS1P1Qye/O9rQPEzVNUTfixQ+LPiRl90hg== ------END EC PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQCw3YJNDdacpe26 +0hfNRr26prreh3GmtpnqqBFUWH9HebpYtV5z0PZRPUw4A210AHbYBHAiFTFF42aU +10uFMijd58NDzHEDHKpfXeAbQjl4v0iWnoW9d6lwBpoYTYwEq1/cSCOhbe5c+GQd +bHglqfwJq3cQg0O3bDvpLfBIjZjZ9DXujothVjbK1BB7ct3YaVwbHXL2Gi2y3Dyp +sBhztmYIY9HZjAm6DSHgLe7nXfGBZPK6/MYyU61OUrDbE1lmrnOl3JB+VB5KZOYm +c/n7PWD6CFvlZwIYkNWPQL1+srk+lhFOHuCf+7DAad/2MPwfCC0LJOJr50iO/qNN +Jc7PtEWrkkidmHF06hxZjwUTF0kTa6szPI5RJA836C3FBOOW3/liqrTG6/QAmCln +UcYPT7BFM02HMDFKpjWDLN1NDhL1cxh/l0lehtQcPVXAO4pyigSxJ6oYk8Ijh0QH +Bwtxbziea+Pr+gfXeqqt14vthqKXHK2OmHDPAN917XTjMC84/gtRqo6IBCPjibyw +TA4XjoqjRZKG9E1zm3rKIymALF0+rOcs76jxiuP9XF/T3E76GkjnrbHiSi+y5xoc +s/kgVpIUhtDmQY5A69HHMcHT/UmyPAsrjfjFR8NKuujBzDeRjMhaMo8WC3o9Q5+t +yUnEr98CuuSLPh3dahk5f+EWoUaJgQIDAQABAoICAGzWw3q7i1g23AbdhvwyDkuw +ksqiOxRGxo0bBB8NnrXTeRNh+U/4RbxUpnTJ1y9NodTpVkADHqFNgTETFExRQ8ja ++NTeGKW7nDS3xlO/+zINNJRL1S11V/Wyel1+Sy4McB9U3WhYCBl6WdGpkH5NDua8 +d7bXsHJNzsh+FqHvUSK/H/lACxHJRkqnGcV+OHsWyzF8e+Rq07h/w20BCusaUcvT +8a2YedvefPxCCASlURs5jg33w9fwmnPaey81xwxjSpPFGb5D8agCU4dSU4GCkg0L +29FeBHItnt5bDsHLJigXnWqfoceR0YF3JfWQy3YlR+LVveh9Ga+1j7TIEW7MFxqq +MaH2XFHiYaNEzoNo1a7Y17awQqwWTtWOZnUiSGkRDmQ8NFmxhsyrCOCu/aviW+Gw +7So3KUo7HqyzwaI+k5pwOwhS83TcfvQgflrwCwRcaqGgWGpmibfndn4Y+ADAmm+c +/CkyQDLUszFxapMdSnEUNZ05Nti/a3yuziBHfWs5k0lMwVzyOHNui14lR5H7XhX6 +Oyo73ySfwUwhkLXesVDA0kshFErfv9mn3MN/HM//VXyqr6pj+W8iTVppCF1T4e0R +IeCm6uNwKHzbWMHoPQ9QXkS4f3IOc6VLhfykQVp+8g1db/lDXpoehAmQrMUejYKb +c3uhz3sNsw8R/Th6QCfhAoIBAQDSuyFKLrHtfug5qFE2+wGGW/wmz1Bnp7jfT9PA +gAcn7c+qGufPbOkRPUF2y21Wt6vda2PCEVb8SFOFwKtdnv6R1ceD27+ln8LE/hYG +nXalBbhVcAc2q9beNV3UTkQG4YUq+oVMO1MmCw2fFQtt1WjsjJglmEMzukOKm+KH +QfejxDAmzhZKLNWrDS5vi886chS+rtx48SEMAGqE6+rNPQBVBuCTht0MlWufvXD7 +cKkp7eggta9XLmGyaKzvUCfCtvN8toxjLwa5rfmXkkHy+Kqx7/pmdbkpIoz5Zixm +wXQPl+5C3jwgD3OXLk91LU2zxv0132vN7fTJPgi6kBlUWMVFAoIBAQDW2/q5pfK9 +7cfSzj0p/nj9msfF5Z6iKEZRKplzBYGeLPrfB/PrdRa6cVXu5UlSQiRurzkf0tT6 +CmLp3IVAI5JPIPi1JFHBm25beGjZV6WiQCywFshvm9aPwMp9FPEGagNiH7xUy9ZS +1Vavi7z2zm9WAcymimGwgNfhNhCOiQWJ+IDrV0QQb7MRKCifS03VERIZPuqjHQvR +Fm/mkqU01JvRT/qUu3brZIkunBftJI1RDv3ftJQE/tWoPgg5IlkfnDSO3S/HXv8e +PzFtG33Ft8ZqmWbC9uAbFnqNbQ0mM29VX5Hiu7BFRmtKN/XAzlBlO2VZnUTHjIPi +SXGpjMs71kENAoIBAQC67U+sVBt0xnwMmSfhk2pY2sOjUYbLS9YMEO2O9oJigusQ +w2kZcEyWBDZLwEuu/qIveRE2ltcIVsfv/2aDV4QNrQqcBpPLwRmuUI0NNSSHYbmP +4B4l+uxQlBo1N2/Ugrvz0eHoKz+ooWll0e8fcIzwOA7GWnhSLEm5bGnW/UdEN8VW +xryy825dmwWz4Nrjx0prkwTzK0HbOYtDeVoA0Lm4sq8Hbjwq62hafFr6T4dfMDAW +w9NTjEsRTRUJ+5opeMwntm51lMNsdczPDOf/NWGFEZCWzpp+yK0wldeRFs1y/5xU +KHpBHjO0yVmmYZdpf3whC5y/QPNAiAyKIUS2sz/ZAoIBAAEXew2obzRR2fsTOzJU +ba70M2GpCgZO6BSPf9oaxA7WsauicbXXkXb/Dm25UocNePvq/gJQYu6mUNxZV3/8 +7khipYDeH2A5dvUWBopcLKZHZzK52ujeRNfUJfM+wP7EWSINgTp5Eqy3EsqvjhU+ +9UfdmHmcKGTqMq6dRLZEsfeCgL0xY1ImDyXeK16r1khn3sysCissAZxdXdIxGo/L +KMOGgYJx9We6ygunlWOKFQG9bsLNOxdPaCyDrC0GJKfJdmbnbs+3htpTfd/NDPWN +On/eKayB7p+UnKjNTgzMpBst8iLRy1J+yhrFcAU7xyLMi3ZKG0hcSWtD7kTrRzkV +nJ0CggEAbbQXtjMmVW2+h6+Wixg8s4Qwkqz8YSGacXzBkXTFwFJH6MX/VDRpxCBy +JePBAtFWW3a+/TYMtIhUKnQBG2TKQv8EcLSjmzQ4Iti/mpdR6ApOywt7Lg0VvLUP +1XD88IeGyIrlDKFE3gIAoU4JCGD3pU836085v7zGTrutMGJbXixTgcHCm7Fvh1LN +9XpeJEH7yH1PUsjemUSkeEtRgmJBv6FzCQd0Aieo5sr8vriYcfKAjfjib00Y5B8a +iJ9MAOEFyoy/2zBbi7R0Yr5OY3HgzgTCw7SUdLxo4JlXzVPmQz73S9OanhpMr2yn +/KMWCjm5wyl55BgI3EIad+oq+snclw== +-----END PRIVATE KEY----- diff --git a/tests/tls/certs/server/bolt/public.crt b/tests/tls/certs/server/bolt/public.crt index 874d33ee6..c5f669d94 100644 --- a/tests/tls/certs/server/bolt/public.crt +++ b/tests/tls/certs/server/bolt/public.crt @@ -1,10 +1,29 @@ -----BEGIN CERTIFICATE----- -MIIBeDCCAR6gAwIBAgIRANpL83Xiv9lVWN7Unv2mrkowCgYIKoZIzj0EAwIwETEP -MA0GA1UEAxMGY2xpZW50MB4XDTI0MDIyNzEzMTU1NFoXDTQ0MDIyMjE0MTU1NFow -ETEPMA0GA1UEAxMGY2xpZW50MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAZfB -PkAuhcS0x6MUQCpGWnjqLkBq4z3RE01vYm9TWD4ZSIKbpfbCPS1P1Qye/O9rQPEz -VNUTfixQ+LPiRl90hqNXMFUwDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG -AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFDJ7A7d13ljPYUX/ffkb -Qox7uTPlMAoGCCqGSM49BAMCA0gAMEUCIQCZqb+dpPrMAPuVyuMi13BpesjOmDun -qmFl5uEgxMDUegIgBcjxFjzogS+5vGTdeqtdQ/H+7pEfWupyNulY0rVo8Wc= +MIIFBDCCAuygAwIBAgIRANwygrmTFPjKkHMJjFgR7uIwDQYJKoZIhvcNAQELBQAw +ETEPMA0GA1UEAxMGY2xpZW50MB4XDTI0MDIyNzE1MDQ0M1oXDTQ0MDIyMjE2MDQ0 +M1owETEPMA0GA1UEAxMGY2xpZW50MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC +CgKCAgEAsN2CTQ3WnKXtutIXzUa9uqa63odxpraZ6qgRVFh/R3m6WLVec9D2UT1M +OANtdAB22ARwIhUxReNmlNdLhTIo3efDQ8xxAxyqX13gG0I5eL9Ilp6FvXepcAaa +GE2MBKtf3EgjoW3uXPhkHWx4Jan8Cat3EINDt2w76S3wSI2Y2fQ17o6LYVY2ytQQ +e3Ld2GlcGx1y9hotstw8qbAYc7ZmCGPR2YwJug0h4C3u513xgWTyuvzGMlOtTlKw +2xNZZq5zpdyQflQeSmTmJnP5+z1g+ghb5WcCGJDVj0C9frK5PpYRTh7gn/uwwGnf +9jD8HwgtCyTia+dIjv6jTSXOz7RFq5JInZhxdOocWY8FExdJE2urMzyOUSQPN+gt +xQTjlt/5Yqq0xuv0AJgpZ1HGD0+wRTNNhzAxSqY1gyzdTQ4S9XMYf5dJXobUHD1V +wDuKcooEsSeqGJPCI4dEBwcLcW84nmvj6/oH13qqrdeL7YailxytjphwzwDfde10 +4zAvOP4LUaqOiAQj44m8sEwOF46Ko0WShvRNc5t6yiMpgCxdPqznLO+o8Yrj/Vxf +09xO+hpI562x4kovsucaHLP5IFaSFIbQ5kGOQOvRxzHB0/1JsjwLK434xUfDSrro +wcw3kYzIWjKPFgt6PUOfrclJxK/fArrkiz4d3WoZOX/hFqFGiYECAwEAAaNXMFUw +DgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdEwEB/wQF +MAMBAf8wHQYDVR0OBBYEFB5Uvk55eyHlw7ywklhKWgjwknU3MA0GCSqGSIb3DQEB +CwUAA4ICAQBSDO2/OIwRFzu6ob40B70vGXR+9TJKZMWwsEgtZ9+3TW3Ukxo378WG +O4Oq1C34ER2EsAZrAh3U6U7qdgtJWIVZUFtoG79h8hdEzgYNgLb3x2zM//3OAFtb +dNigq4wMA/FLN7Gyo6p+yxsfutvRqy7kjZZo+/3DNjhC8+RHqy62T8FVg9lRS6uH +bc9XLI2RI1boyYHxCn2ovqTHVYYRvF4IfhWqLkt4WTeZ4UA7n3PsFuJhf/ibJOR4 +9R7XR+tWSaEhOFVdTNwvNn5iAgWfEfP+vO3SygMIb1CqrjhAz2DjdmwntAPkACmx +VTe0p/EnpTK36NU1p+HJu+lj5qUrUqGKbHNIWOx9PCZlNUKOSiGcUSfUuCjknRhT +zWZ2XE8k8BhZ43t0bCs2gdvmI6GasL97beqOpX1Aa2LQ6+5kpkqAHz9JC0FS6vSp +76SoLTVtuTpHNOm0pBr+x/7h5ZQCIFk86MMfUQV1a0ecm9RNpd89hoGbANXdso1U +P+jBof3ttC2oeFGMSiKMCn9MmtqPNtRtga/hEyQoMmWY7EzO2KFx4IfeEzFohp0t +8xC+KKw+PWuJop6a9ZRw+i6zzl2mLpAVFyIvVFOTVunaOdshVExog3rQkI6Ny3z7 +/7ZAgmGIlvb+h5dYknJu8ZrCYWOyBevhP1dX5885LBBwUCmy8cxB2w== -----END CERTIFICATE----- diff --git a/tests/tls/certs/server/bolt/trusted/client.pem b/tests/tls/certs/server/bolt/trusted/client.pem new file mode 100644 index 000000000..4fa535f0c --- /dev/null +++ b/tests/tls/certs/server/bolt/trusted/client.pem @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIFAzCCAuugAwIBAgIQI+SZhRo+8CR3WCsmtLSFDjANBgkqhkiG9w0BAQsFADAR +MQ8wDQYDVQQDEwZjbGllbnQwHhcNMjQwMjI3MTUwNDQzWhcNNDQwMjIyMTYwNDQz +WjARMQ8wDQYDVQQDEwZjbGllbnQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK +AoICAQCqYTaHYssFQF6BSxisJ756f2a8BfC2EkYoiGYuLM9vQB+0F6qV0vQP1RrA +o7ZAhK+UFmm8BnFZLg6dlrFki0gGgehK5hpd5v7tnYINyBpO1KDh0fz8xmT4oPya +3IYw/l30N30SOgd2E+H61/lTcOFsrtQUVvG6YcxzXPxtdU7JfgFJag0mR42zIZUD +9LOqoOGj9L0byW0pJmEOkEljt5efBLKAnMX6S4XzzU6VJlkqvwO6WS2AnpMWxOzy +SOl+qQuBQKZ2Nnuk+yc2g5MqtC8C1E6jBHxFNtZcOS+KwawxfwCSvzMtZCMHs0Ky +4eo/0imljFUYJIGanjD6pi7ps3WfA5kP060Xl0v2cYCabpgcorfiYG93e4+Tb5cX +HhsuDvBn34fsFj7AjMy58b+2MVlqrI+k0vAJGOuL4iwO8mrQrNWw3KeF/32pyTBG +r2MEaqUO10m/7LVrld2PzVDlKVxOcw1Yy3hM2JKurQ5DOvQdSOEim7kXWf0fuxCe +xz06suceA9/j5iD5fxR7/0IrlQqVnQQM3/SwpvIjkotB2e7stdyDUtWT2RBPmB3G +DlJSOjmPnXC78Vr16LLUrMCRSdVwdpDa8CyTwT5uY9FLBcLMxrL0M6Uj/v4F71dm +r3u9JTGbcNTIwg+IMeRvu42kBHx+Z5VuTlSy4FkuZJntBbphjwIDAQABo1cwVTAO +BgNVHQ8BAf8EBAMCAgQwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0TAQH/BAUw +AwEB/zAdBgNVHQ4EFgQUyFYPImfvvjeQ9Zj6d0S5R2cKQXMwDQYJKoZIhvcNAQEL +BQADggIBAKZGfCV4jRX/3MdFSworqZEAt1lFUnG4F7XFHo1k8fhnVgQCOpiDTg53 +bvMy8EPjdJo77rsmIxFHfvFm/I0AcVhqcQav35ilRyR26NextBFpcAd+dTh1VkPL +8mSc+aBWXkbiH2ExJW84Hbf6NTPf5cfMZfRnsdYRfa1Jj4bh0gOgc3O1UU1WdEnT +DSge0sKhru8XTfR+/A+QH6b2FPwnPBhB9k5BdKZ2StR1w8TMZQPFjpAm0OSsSOBb +v3q/clqLxcqwBh01RCblYOdjtW/OmnS3ZRTp/hq+dO+izS7nPc2LKzWdbuHS1Ac4 +pekqRFTK7/7XJXXXH5rUl8DkCoerQQuKCz475ogciVDJMKsDLaHVyGESoaZrs0kT +HDwyFKUikXqf3dgTGr41sCXdZ4UyLNHFv+vaPpqjucy8kZ0QiXUyxxRAwR90daHa +XDUH68MpnNFkXRVigGSbdAOelbNbjTwl3fHQ6iRMSwFg5fh42qw07MV4eVJla3OM +2Lfops2/pP+0782rx1oUUQusykeOVDmW/8EXE7LtbVyiz9fq1tvJrCzYOgy2D8zA +lC0IAGiKzTBPHrM+1pBkR88K1xyej8JU7S4TZjFisO3uPmP+IaQx1UClhVmiejWG +XAFlo3YO3LDdWBFw/+AyXXu/S/mpHrJYs0PTWDf3iNsFRQn5Iy1w +-----END CERTIFICATE----- diff --git a/tests/tls/certs/server/bolt/trusted/public.crt b/tests/tls/certs/server/bolt/trusted/public.crt index 874d33ee6..c5f669d94 100644 --- a/tests/tls/certs/server/bolt/trusted/public.crt +++ b/tests/tls/certs/server/bolt/trusted/public.crt @@ -1,10 +1,29 @@ -----BEGIN CERTIFICATE----- -MIIBeDCCAR6gAwIBAgIRANpL83Xiv9lVWN7Unv2mrkowCgYIKoZIzj0EAwIwETEP -MA0GA1UEAxMGY2xpZW50MB4XDTI0MDIyNzEzMTU1NFoXDTQ0MDIyMjE0MTU1NFow -ETEPMA0GA1UEAxMGY2xpZW50MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAZfB -PkAuhcS0x6MUQCpGWnjqLkBq4z3RE01vYm9TWD4ZSIKbpfbCPS1P1Qye/O9rQPEz -VNUTfixQ+LPiRl90hqNXMFUwDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG -AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFDJ7A7d13ljPYUX/ffkb -Qox7uTPlMAoGCCqGSM49BAMCA0gAMEUCIQCZqb+dpPrMAPuVyuMi13BpesjOmDun -qmFl5uEgxMDUegIgBcjxFjzogS+5vGTdeqtdQ/H+7pEfWupyNulY0rVo8Wc= +MIIFBDCCAuygAwIBAgIRANwygrmTFPjKkHMJjFgR7uIwDQYJKoZIhvcNAQELBQAw +ETEPMA0GA1UEAxMGY2xpZW50MB4XDTI0MDIyNzE1MDQ0M1oXDTQ0MDIyMjE2MDQ0 +M1owETEPMA0GA1UEAxMGY2xpZW50MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC +CgKCAgEAsN2CTQ3WnKXtutIXzUa9uqa63odxpraZ6qgRVFh/R3m6WLVec9D2UT1M +OANtdAB22ARwIhUxReNmlNdLhTIo3efDQ8xxAxyqX13gG0I5eL9Ilp6FvXepcAaa +GE2MBKtf3EgjoW3uXPhkHWx4Jan8Cat3EINDt2w76S3wSI2Y2fQ17o6LYVY2ytQQ +e3Ld2GlcGx1y9hotstw8qbAYc7ZmCGPR2YwJug0h4C3u513xgWTyuvzGMlOtTlKw +2xNZZq5zpdyQflQeSmTmJnP5+z1g+ghb5WcCGJDVj0C9frK5PpYRTh7gn/uwwGnf +9jD8HwgtCyTia+dIjv6jTSXOz7RFq5JInZhxdOocWY8FExdJE2urMzyOUSQPN+gt +xQTjlt/5Yqq0xuv0AJgpZ1HGD0+wRTNNhzAxSqY1gyzdTQ4S9XMYf5dJXobUHD1V +wDuKcooEsSeqGJPCI4dEBwcLcW84nmvj6/oH13qqrdeL7YailxytjphwzwDfde10 +4zAvOP4LUaqOiAQj44m8sEwOF46Ko0WShvRNc5t6yiMpgCxdPqznLO+o8Yrj/Vxf +09xO+hpI562x4kovsucaHLP5IFaSFIbQ5kGOQOvRxzHB0/1JsjwLK434xUfDSrro +wcw3kYzIWjKPFgt6PUOfrclJxK/fArrkiz4d3WoZOX/hFqFGiYECAwEAAaNXMFUw +DgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdEwEB/wQF +MAMBAf8wHQYDVR0OBBYEFB5Uvk55eyHlw7ywklhKWgjwknU3MA0GCSqGSIb3DQEB +CwUAA4ICAQBSDO2/OIwRFzu6ob40B70vGXR+9TJKZMWwsEgtZ9+3TW3Ukxo378WG +O4Oq1C34ER2EsAZrAh3U6U7qdgtJWIVZUFtoG79h8hdEzgYNgLb3x2zM//3OAFtb +dNigq4wMA/FLN7Gyo6p+yxsfutvRqy7kjZZo+/3DNjhC8+RHqy62T8FVg9lRS6uH +bc9XLI2RI1boyYHxCn2ovqTHVYYRvF4IfhWqLkt4WTeZ4UA7n3PsFuJhf/ibJOR4 +9R7XR+tWSaEhOFVdTNwvNn5iAgWfEfP+vO3SygMIb1CqrjhAz2DjdmwntAPkACmx +VTe0p/EnpTK36NU1p+HJu+lj5qUrUqGKbHNIWOx9PCZlNUKOSiGcUSfUuCjknRhT +zWZ2XE8k8BhZ43t0bCs2gdvmI6GasL97beqOpX1Aa2LQ6+5kpkqAHz9JC0FS6vSp +76SoLTVtuTpHNOm0pBr+x/7h5ZQCIFk86MMfUQV1a0ecm9RNpd89hoGbANXdso1U +P+jBof3ttC2oeFGMSiKMCn9MmtqPNtRtga/hEyQoMmWY7EzO2KFx4IfeEzFohp0t +8xC+KKw+PWuJop6a9ZRw+i6zzl2mLpAVFyIvVFOTVunaOdshVExog3rQkI6Ny3z7 +/7ZAgmGIlvb+h5dYknJu8ZrCYWOyBevhP1dX5885LBBwUCmy8cxB2w== -----END CERTIFICATE----- diff --git a/tests/tls/certs/server/https/private.key b/tests/tls/certs/server/https/private.key index b2e46bf64..0d011b532 100644 --- a/tests/tls/certs/server/https/private.key +++ b/tests/tls/certs/server/https/private.key @@ -1,5 +1,52 @@ ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIDnILuaWB8AwQampzGGCR4k2sW+cEE5i0VB1ang5UF8ioAoGCCqGSM49 -AwEHoUQDQgAEAZfBPkAuhcS0x6MUQCpGWnjqLkBq4z3RE01vYm9TWD4ZSIKbpfbC -PS1P1Qye/O9rQPEzVNUTfixQ+LPiRl90hg== ------END EC PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQCw3YJNDdacpe26 +0hfNRr26prreh3GmtpnqqBFUWH9HebpYtV5z0PZRPUw4A210AHbYBHAiFTFF42aU +10uFMijd58NDzHEDHKpfXeAbQjl4v0iWnoW9d6lwBpoYTYwEq1/cSCOhbe5c+GQd +bHglqfwJq3cQg0O3bDvpLfBIjZjZ9DXujothVjbK1BB7ct3YaVwbHXL2Gi2y3Dyp +sBhztmYIY9HZjAm6DSHgLe7nXfGBZPK6/MYyU61OUrDbE1lmrnOl3JB+VB5KZOYm +c/n7PWD6CFvlZwIYkNWPQL1+srk+lhFOHuCf+7DAad/2MPwfCC0LJOJr50iO/qNN +Jc7PtEWrkkidmHF06hxZjwUTF0kTa6szPI5RJA836C3FBOOW3/liqrTG6/QAmCln +UcYPT7BFM02HMDFKpjWDLN1NDhL1cxh/l0lehtQcPVXAO4pyigSxJ6oYk8Ijh0QH +Bwtxbziea+Pr+gfXeqqt14vthqKXHK2OmHDPAN917XTjMC84/gtRqo6IBCPjibyw +TA4XjoqjRZKG9E1zm3rKIymALF0+rOcs76jxiuP9XF/T3E76GkjnrbHiSi+y5xoc +s/kgVpIUhtDmQY5A69HHMcHT/UmyPAsrjfjFR8NKuujBzDeRjMhaMo8WC3o9Q5+t +yUnEr98CuuSLPh3dahk5f+EWoUaJgQIDAQABAoICAGzWw3q7i1g23AbdhvwyDkuw +ksqiOxRGxo0bBB8NnrXTeRNh+U/4RbxUpnTJ1y9NodTpVkADHqFNgTETFExRQ8ja ++NTeGKW7nDS3xlO/+zINNJRL1S11V/Wyel1+Sy4McB9U3WhYCBl6WdGpkH5NDua8 +d7bXsHJNzsh+FqHvUSK/H/lACxHJRkqnGcV+OHsWyzF8e+Rq07h/w20BCusaUcvT +8a2YedvefPxCCASlURs5jg33w9fwmnPaey81xwxjSpPFGb5D8agCU4dSU4GCkg0L +29FeBHItnt5bDsHLJigXnWqfoceR0YF3JfWQy3YlR+LVveh9Ga+1j7TIEW7MFxqq +MaH2XFHiYaNEzoNo1a7Y17awQqwWTtWOZnUiSGkRDmQ8NFmxhsyrCOCu/aviW+Gw +7So3KUo7HqyzwaI+k5pwOwhS83TcfvQgflrwCwRcaqGgWGpmibfndn4Y+ADAmm+c +/CkyQDLUszFxapMdSnEUNZ05Nti/a3yuziBHfWs5k0lMwVzyOHNui14lR5H7XhX6 +Oyo73ySfwUwhkLXesVDA0kshFErfv9mn3MN/HM//VXyqr6pj+W8iTVppCF1T4e0R +IeCm6uNwKHzbWMHoPQ9QXkS4f3IOc6VLhfykQVp+8g1db/lDXpoehAmQrMUejYKb +c3uhz3sNsw8R/Th6QCfhAoIBAQDSuyFKLrHtfug5qFE2+wGGW/wmz1Bnp7jfT9PA +gAcn7c+qGufPbOkRPUF2y21Wt6vda2PCEVb8SFOFwKtdnv6R1ceD27+ln8LE/hYG +nXalBbhVcAc2q9beNV3UTkQG4YUq+oVMO1MmCw2fFQtt1WjsjJglmEMzukOKm+KH +QfejxDAmzhZKLNWrDS5vi886chS+rtx48SEMAGqE6+rNPQBVBuCTht0MlWufvXD7 +cKkp7eggta9XLmGyaKzvUCfCtvN8toxjLwa5rfmXkkHy+Kqx7/pmdbkpIoz5Zixm +wXQPl+5C3jwgD3OXLk91LU2zxv0132vN7fTJPgi6kBlUWMVFAoIBAQDW2/q5pfK9 +7cfSzj0p/nj9msfF5Z6iKEZRKplzBYGeLPrfB/PrdRa6cVXu5UlSQiRurzkf0tT6 +CmLp3IVAI5JPIPi1JFHBm25beGjZV6WiQCywFshvm9aPwMp9FPEGagNiH7xUy9ZS +1Vavi7z2zm9WAcymimGwgNfhNhCOiQWJ+IDrV0QQb7MRKCifS03VERIZPuqjHQvR +Fm/mkqU01JvRT/qUu3brZIkunBftJI1RDv3ftJQE/tWoPgg5IlkfnDSO3S/HXv8e +PzFtG33Ft8ZqmWbC9uAbFnqNbQ0mM29VX5Hiu7BFRmtKN/XAzlBlO2VZnUTHjIPi +SXGpjMs71kENAoIBAQC67U+sVBt0xnwMmSfhk2pY2sOjUYbLS9YMEO2O9oJigusQ +w2kZcEyWBDZLwEuu/qIveRE2ltcIVsfv/2aDV4QNrQqcBpPLwRmuUI0NNSSHYbmP +4B4l+uxQlBo1N2/Ugrvz0eHoKz+ooWll0e8fcIzwOA7GWnhSLEm5bGnW/UdEN8VW +xryy825dmwWz4Nrjx0prkwTzK0HbOYtDeVoA0Lm4sq8Hbjwq62hafFr6T4dfMDAW +w9NTjEsRTRUJ+5opeMwntm51lMNsdczPDOf/NWGFEZCWzpp+yK0wldeRFs1y/5xU +KHpBHjO0yVmmYZdpf3whC5y/QPNAiAyKIUS2sz/ZAoIBAAEXew2obzRR2fsTOzJU +ba70M2GpCgZO6BSPf9oaxA7WsauicbXXkXb/Dm25UocNePvq/gJQYu6mUNxZV3/8 +7khipYDeH2A5dvUWBopcLKZHZzK52ujeRNfUJfM+wP7EWSINgTp5Eqy3EsqvjhU+ +9UfdmHmcKGTqMq6dRLZEsfeCgL0xY1ImDyXeK16r1khn3sysCissAZxdXdIxGo/L +KMOGgYJx9We6ygunlWOKFQG9bsLNOxdPaCyDrC0GJKfJdmbnbs+3htpTfd/NDPWN +On/eKayB7p+UnKjNTgzMpBst8iLRy1J+yhrFcAU7xyLMi3ZKG0hcSWtD7kTrRzkV +nJ0CggEAbbQXtjMmVW2+h6+Wixg8s4Qwkqz8YSGacXzBkXTFwFJH6MX/VDRpxCBy +JePBAtFWW3a+/TYMtIhUKnQBG2TKQv8EcLSjmzQ4Iti/mpdR6ApOywt7Lg0VvLUP +1XD88IeGyIrlDKFE3gIAoU4JCGD3pU836085v7zGTrutMGJbXixTgcHCm7Fvh1LN +9XpeJEH7yH1PUsjemUSkeEtRgmJBv6FzCQd0Aieo5sr8vriYcfKAjfjib00Y5B8a +iJ9MAOEFyoy/2zBbi7R0Yr5OY3HgzgTCw7SUdLxo4JlXzVPmQz73S9OanhpMr2yn +/KMWCjm5wyl55BgI3EIad+oq+snclw== +-----END PRIVATE KEY----- diff --git a/tests/tls/certs/server/https/public.crt b/tests/tls/certs/server/https/public.crt index 874d33ee6..c5f669d94 100644 --- a/tests/tls/certs/server/https/public.crt +++ b/tests/tls/certs/server/https/public.crt @@ -1,10 +1,29 @@ -----BEGIN CERTIFICATE----- -MIIBeDCCAR6gAwIBAgIRANpL83Xiv9lVWN7Unv2mrkowCgYIKoZIzj0EAwIwETEP -MA0GA1UEAxMGY2xpZW50MB4XDTI0MDIyNzEzMTU1NFoXDTQ0MDIyMjE0MTU1NFow -ETEPMA0GA1UEAxMGY2xpZW50MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAZfB -PkAuhcS0x6MUQCpGWnjqLkBq4z3RE01vYm9TWD4ZSIKbpfbCPS1P1Qye/O9rQPEz -VNUTfixQ+LPiRl90hqNXMFUwDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG -AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFDJ7A7d13ljPYUX/ffkb -Qox7uTPlMAoGCCqGSM49BAMCA0gAMEUCIQCZqb+dpPrMAPuVyuMi13BpesjOmDun -qmFl5uEgxMDUegIgBcjxFjzogS+5vGTdeqtdQ/H+7pEfWupyNulY0rVo8Wc= +MIIFBDCCAuygAwIBAgIRANwygrmTFPjKkHMJjFgR7uIwDQYJKoZIhvcNAQELBQAw +ETEPMA0GA1UEAxMGY2xpZW50MB4XDTI0MDIyNzE1MDQ0M1oXDTQ0MDIyMjE2MDQ0 +M1owETEPMA0GA1UEAxMGY2xpZW50MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC +CgKCAgEAsN2CTQ3WnKXtutIXzUa9uqa63odxpraZ6qgRVFh/R3m6WLVec9D2UT1M +OANtdAB22ARwIhUxReNmlNdLhTIo3efDQ8xxAxyqX13gG0I5eL9Ilp6FvXepcAaa +GE2MBKtf3EgjoW3uXPhkHWx4Jan8Cat3EINDt2w76S3wSI2Y2fQ17o6LYVY2ytQQ +e3Ld2GlcGx1y9hotstw8qbAYc7ZmCGPR2YwJug0h4C3u513xgWTyuvzGMlOtTlKw +2xNZZq5zpdyQflQeSmTmJnP5+z1g+ghb5WcCGJDVj0C9frK5PpYRTh7gn/uwwGnf +9jD8HwgtCyTia+dIjv6jTSXOz7RFq5JInZhxdOocWY8FExdJE2urMzyOUSQPN+gt +xQTjlt/5Yqq0xuv0AJgpZ1HGD0+wRTNNhzAxSqY1gyzdTQ4S9XMYf5dJXobUHD1V +wDuKcooEsSeqGJPCI4dEBwcLcW84nmvj6/oH13qqrdeL7YailxytjphwzwDfde10 +4zAvOP4LUaqOiAQj44m8sEwOF46Ko0WShvRNc5t6yiMpgCxdPqznLO+o8Yrj/Vxf +09xO+hpI562x4kovsucaHLP5IFaSFIbQ5kGOQOvRxzHB0/1JsjwLK434xUfDSrro +wcw3kYzIWjKPFgt6PUOfrclJxK/fArrkiz4d3WoZOX/hFqFGiYECAwEAAaNXMFUw +DgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdEwEB/wQF +MAMBAf8wHQYDVR0OBBYEFB5Uvk55eyHlw7ywklhKWgjwknU3MA0GCSqGSIb3DQEB +CwUAA4ICAQBSDO2/OIwRFzu6ob40B70vGXR+9TJKZMWwsEgtZ9+3TW3Ukxo378WG +O4Oq1C34ER2EsAZrAh3U6U7qdgtJWIVZUFtoG79h8hdEzgYNgLb3x2zM//3OAFtb +dNigq4wMA/FLN7Gyo6p+yxsfutvRqy7kjZZo+/3DNjhC8+RHqy62T8FVg9lRS6uH +bc9XLI2RI1boyYHxCn2ovqTHVYYRvF4IfhWqLkt4WTeZ4UA7n3PsFuJhf/ibJOR4 +9R7XR+tWSaEhOFVdTNwvNn5iAgWfEfP+vO3SygMIb1CqrjhAz2DjdmwntAPkACmx +VTe0p/EnpTK36NU1p+HJu+lj5qUrUqGKbHNIWOx9PCZlNUKOSiGcUSfUuCjknRhT +zWZ2XE8k8BhZ43t0bCs2gdvmI6GasL97beqOpX1Aa2LQ6+5kpkqAHz9JC0FS6vSp +76SoLTVtuTpHNOm0pBr+x/7h5ZQCIFk86MMfUQV1a0ecm9RNpd89hoGbANXdso1U +P+jBof3ttC2oeFGMSiKMCn9MmtqPNtRtga/hEyQoMmWY7EzO2KFx4IfeEzFohp0t +8xC+KKw+PWuJop6a9ZRw+i6zzl2mLpAVFyIvVFOTVunaOdshVExog3rQkI6Ny3z7 +/7ZAgmGIlvb+h5dYknJu8ZrCYWOyBevhP1dX5885LBBwUCmy8cxB2w== -----END CERTIFICATE----- diff --git a/tests/tls/certs/server/https/trusted/client.pem b/tests/tls/certs/server/https/trusted/client.pem new file mode 100644 index 000000000..4fa535f0c --- /dev/null +++ b/tests/tls/certs/server/https/trusted/client.pem @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIFAzCCAuugAwIBAgIQI+SZhRo+8CR3WCsmtLSFDjANBgkqhkiG9w0BAQsFADAR +MQ8wDQYDVQQDEwZjbGllbnQwHhcNMjQwMjI3MTUwNDQzWhcNNDQwMjIyMTYwNDQz +WjARMQ8wDQYDVQQDEwZjbGllbnQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK +AoICAQCqYTaHYssFQF6BSxisJ756f2a8BfC2EkYoiGYuLM9vQB+0F6qV0vQP1RrA +o7ZAhK+UFmm8BnFZLg6dlrFki0gGgehK5hpd5v7tnYINyBpO1KDh0fz8xmT4oPya +3IYw/l30N30SOgd2E+H61/lTcOFsrtQUVvG6YcxzXPxtdU7JfgFJag0mR42zIZUD +9LOqoOGj9L0byW0pJmEOkEljt5efBLKAnMX6S4XzzU6VJlkqvwO6WS2AnpMWxOzy +SOl+qQuBQKZ2Nnuk+yc2g5MqtC8C1E6jBHxFNtZcOS+KwawxfwCSvzMtZCMHs0Ky +4eo/0imljFUYJIGanjD6pi7ps3WfA5kP060Xl0v2cYCabpgcorfiYG93e4+Tb5cX +HhsuDvBn34fsFj7AjMy58b+2MVlqrI+k0vAJGOuL4iwO8mrQrNWw3KeF/32pyTBG +r2MEaqUO10m/7LVrld2PzVDlKVxOcw1Yy3hM2JKurQ5DOvQdSOEim7kXWf0fuxCe +xz06suceA9/j5iD5fxR7/0IrlQqVnQQM3/SwpvIjkotB2e7stdyDUtWT2RBPmB3G +DlJSOjmPnXC78Vr16LLUrMCRSdVwdpDa8CyTwT5uY9FLBcLMxrL0M6Uj/v4F71dm +r3u9JTGbcNTIwg+IMeRvu42kBHx+Z5VuTlSy4FkuZJntBbphjwIDAQABo1cwVTAO +BgNVHQ8BAf8EBAMCAgQwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0TAQH/BAUw +AwEB/zAdBgNVHQ4EFgQUyFYPImfvvjeQ9Zj6d0S5R2cKQXMwDQYJKoZIhvcNAQEL +BQADggIBAKZGfCV4jRX/3MdFSworqZEAt1lFUnG4F7XFHo1k8fhnVgQCOpiDTg53 +bvMy8EPjdJo77rsmIxFHfvFm/I0AcVhqcQav35ilRyR26NextBFpcAd+dTh1VkPL +8mSc+aBWXkbiH2ExJW84Hbf6NTPf5cfMZfRnsdYRfa1Jj4bh0gOgc3O1UU1WdEnT +DSge0sKhru8XTfR+/A+QH6b2FPwnPBhB9k5BdKZ2StR1w8TMZQPFjpAm0OSsSOBb +v3q/clqLxcqwBh01RCblYOdjtW/OmnS3ZRTp/hq+dO+izS7nPc2LKzWdbuHS1Ac4 +pekqRFTK7/7XJXXXH5rUl8DkCoerQQuKCz475ogciVDJMKsDLaHVyGESoaZrs0kT +HDwyFKUikXqf3dgTGr41sCXdZ4UyLNHFv+vaPpqjucy8kZ0QiXUyxxRAwR90daHa +XDUH68MpnNFkXRVigGSbdAOelbNbjTwl3fHQ6iRMSwFg5fh42qw07MV4eVJla3OM +2Lfops2/pP+0782rx1oUUQusykeOVDmW/8EXE7LtbVyiz9fq1tvJrCzYOgy2D8zA +lC0IAGiKzTBPHrM+1pBkR88K1xyej8JU7S4TZjFisO3uPmP+IaQx1UClhVmiejWG +XAFlo3YO3LDdWBFw/+AyXXu/S/mpHrJYs0PTWDf3iNsFRQn5Iy1w +-----END CERTIFICATE----- diff --git a/tests/tls/certs/server/https/trusted/public.crt b/tests/tls/certs/server/https/trusted/public.crt index 874d33ee6..c5f669d94 100644 --- a/tests/tls/certs/server/https/trusted/public.crt +++ b/tests/tls/certs/server/https/trusted/public.crt @@ -1,10 +1,29 @@ -----BEGIN CERTIFICATE----- -MIIBeDCCAR6gAwIBAgIRANpL83Xiv9lVWN7Unv2mrkowCgYIKoZIzj0EAwIwETEP -MA0GA1UEAxMGY2xpZW50MB4XDTI0MDIyNzEzMTU1NFoXDTQ0MDIyMjE0MTU1NFow -ETEPMA0GA1UEAxMGY2xpZW50MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAZfB -PkAuhcS0x6MUQCpGWnjqLkBq4z3RE01vYm9TWD4ZSIKbpfbCPS1P1Qye/O9rQPEz -VNUTfixQ+LPiRl90hqNXMFUwDgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsG -AQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFDJ7A7d13ljPYUX/ffkb -Qox7uTPlMAoGCCqGSM49BAMCA0gAMEUCIQCZqb+dpPrMAPuVyuMi13BpesjOmDun -qmFl5uEgxMDUegIgBcjxFjzogS+5vGTdeqtdQ/H+7pEfWupyNulY0rVo8Wc= +MIIFBDCCAuygAwIBAgIRANwygrmTFPjKkHMJjFgR7uIwDQYJKoZIhvcNAQELBQAw +ETEPMA0GA1UEAxMGY2xpZW50MB4XDTI0MDIyNzE1MDQ0M1oXDTQ0MDIyMjE2MDQ0 +M1owETEPMA0GA1UEAxMGY2xpZW50MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC +CgKCAgEAsN2CTQ3WnKXtutIXzUa9uqa63odxpraZ6qgRVFh/R3m6WLVec9D2UT1M +OANtdAB22ARwIhUxReNmlNdLhTIo3efDQ8xxAxyqX13gG0I5eL9Ilp6FvXepcAaa +GE2MBKtf3EgjoW3uXPhkHWx4Jan8Cat3EINDt2w76S3wSI2Y2fQ17o6LYVY2ytQQ +e3Ld2GlcGx1y9hotstw8qbAYc7ZmCGPR2YwJug0h4C3u513xgWTyuvzGMlOtTlKw +2xNZZq5zpdyQflQeSmTmJnP5+z1g+ghb5WcCGJDVj0C9frK5PpYRTh7gn/uwwGnf +9jD8HwgtCyTia+dIjv6jTSXOz7RFq5JInZhxdOocWY8FExdJE2urMzyOUSQPN+gt +xQTjlt/5Yqq0xuv0AJgpZ1HGD0+wRTNNhzAxSqY1gyzdTQ4S9XMYf5dJXobUHD1V +wDuKcooEsSeqGJPCI4dEBwcLcW84nmvj6/oH13qqrdeL7YailxytjphwzwDfde10 +4zAvOP4LUaqOiAQj44m8sEwOF46Ko0WShvRNc5t6yiMpgCxdPqznLO+o8Yrj/Vxf +09xO+hpI562x4kovsucaHLP5IFaSFIbQ5kGOQOvRxzHB0/1JsjwLK434xUfDSrro +wcw3kYzIWjKPFgt6PUOfrclJxK/fArrkiz4d3WoZOX/hFqFGiYECAwEAAaNXMFUw +DgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdEwEB/wQF +MAMBAf8wHQYDVR0OBBYEFB5Uvk55eyHlw7ywklhKWgjwknU3MA0GCSqGSIb3DQEB +CwUAA4ICAQBSDO2/OIwRFzu6ob40B70vGXR+9TJKZMWwsEgtZ9+3TW3Ukxo378WG +O4Oq1C34ER2EsAZrAh3U6U7qdgtJWIVZUFtoG79h8hdEzgYNgLb3x2zM//3OAFtb +dNigq4wMA/FLN7Gyo6p+yxsfutvRqy7kjZZo+/3DNjhC8+RHqy62T8FVg9lRS6uH +bc9XLI2RI1boyYHxCn2ovqTHVYYRvF4IfhWqLkt4WTeZ4UA7n3PsFuJhf/ibJOR4 +9R7XR+tWSaEhOFVdTNwvNn5iAgWfEfP+vO3SygMIb1CqrjhAz2DjdmwntAPkACmx +VTe0p/EnpTK36NU1p+HJu+lj5qUrUqGKbHNIWOx9PCZlNUKOSiGcUSfUuCjknRhT +zWZ2XE8k8BhZ43t0bCs2gdvmI6GasL97beqOpX1Aa2LQ6+5kpkqAHz9JC0FS6vSp +76SoLTVtuTpHNOm0pBr+x/7h5ZQCIFk86MMfUQV1a0ecm9RNpd89hoGbANXdso1U +P+jBof3ttC2oeFGMSiKMCn9MmtqPNtRtga/hEyQoMmWY7EzO2KFx4IfeEzFohp0t +8xC+KKw+PWuJop6a9ZRw+i6zzl2mLpAVFyIvVFOTVunaOdshVExog3rQkI6Ny3z7 +/7ZAgmGIlvb+h5dYknJu8ZrCYWOyBevhP1dX5885LBBwUCmy8cxB2w== -----END CERTIFICATE----- From 1ff528ed856d53c805d55af250cff26ac1c74628 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antonio=20Barc=C3=A9los?= Date: Tue, 27 Feb 2024 18:07:16 +0100 Subject: [PATCH 04/18] Exposing client certificate in the tlsserver The configuration is exposed in the command line and in the python wrapper. However, the feature is not implemented yet. --- certgen/main.go | 5 ++--- tests/tls/shared.py | 4 +++- tlsserver/main.go | 5 +++++ 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/certgen/main.go b/certgen/main.go index ae27a4e21..56e0df220 100644 --- a/certgen/main.go +++ b/certgen/main.go @@ -7,9 +7,9 @@ package main import ( "crypto/ecdsa" - "crypto/rsa" "crypto/elliptic" "crypto/rand" + "crypto/rsa" "crypto/x509" "crypto/x509/pkix" "encoding/pem" @@ -123,7 +123,7 @@ func generateServer(parent *x509.Certificate, parentPrivate interface{}, notBefo return key, derBytes } -func generateRsa4096Sha512(notBefore, notAfter time.Time, commonName string)(interface{}, []byte) { +func generateRsa4096Sha512(notBefore, notAfter time.Time, commonName string) (interface{}, []byte) { key, err := rsa.GenerateKey(rand.Reader, 4096) if err != nil { panic(err) @@ -212,7 +212,6 @@ func main() { writeKey(path.Join(basePath, "server", "untrustedRoot_thehost.key"), untrustedRoot_server1Key) writeCert(path.Join(basePath, "server", "untrustedRoot_thehost.pem"), untrustedRoot_server1Der) - // Generate Server Certificate serverKey, serverDer := generateRsa4096Sha512(anHourAgo, tenYearsFromNow, "client") // Write client certificate to server diff --git a/tests/tls/shared.py b/tests/tls/shared.py index 7b900229f..cda09e95f 100644 --- a/tests/tls/shared.py +++ b/tests/tls/shared.py @@ -21,7 +21,7 @@ class TlsServer: def __init__(self, server_cert, min_tls="0", max_tls="2", - disable_tls=False): + disable_tls=False, client_cert=None): # Name of server certificate, corresponds to a .pem and .key file. server_path = os.path.join(THIS_PATH, "..", "..", "tlsserver", "tlsserver") @@ -39,6 +39,8 @@ def __init__(self, server_cert, min_tls="0", max_tls="2", ] if disable_tls: params.append("--disableTls") + if client_cert is not None: + params.append("--clientCert", client_cert) self._process = subprocess.Popen( params, stdout=subprocess.PIPE, diff --git a/tlsserver/main.go b/tlsserver/main.go index 1475a185d..fad8151d4 100644 --- a/tlsserver/main.go +++ b/tlsserver/main.go @@ -24,6 +24,7 @@ func main() { address string certPath string keyPath string + clientCertPath string minTlsMinorVer int maxTlsMinorVer int disableTls bool @@ -34,6 +35,7 @@ func main() { flag.StringVar(&address, "bind", "0.0.0.0:6666", "Address to bind to") flag.StringVar(&certPath, "cert", "", "Path to server certificate") flag.StringVar(&keyPath, "key", "", "Path to server private key") + flag.StringVar(&clientCertPath, "clientCert", "", "Path to the client certificate") flag.IntVar(&minTlsMinorVer, "minTls", 0, "Minimum TLS version, minor part") flag.IntVar(&maxTlsMinorVer, "maxTls", 2, "Maximum TLS version, minor part") flag.Parse() @@ -49,6 +51,9 @@ func main() { // TODO: Set cert.OCSPStaple return &cert, nil }, + GetClientCertificate: func(hello *tls.CertificateRequestInfo) (*tls.Certificate, error) { + return nil, nil + }, MinVersion: 0x0300 | uint16(minTlsMinorVer+1), MaxVersion: 0x0300 | uint16(maxTlsMinorVer+1), } From 84d03d7f428d886c7281d04f4f1ee0297d3bed46 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antonio=20Barc=C3=A9los?= Date: Wed, 28 Feb 2024 13:48:09 +0100 Subject: [PATCH 05/18] maybe first test --- tests/tls/shared.py | 3 +- tests/tls/suites.py | 2 ++ tests/tls/test_client_certificate.py | 50 ++++++++++++++++++++++++++++ tlsserver/main.go | 23 ++++++++++--- 4 files changed, 73 insertions(+), 5 deletions(-) create mode 100644 tests/tls/test_client_certificate.py diff --git a/tests/tls/shared.py b/tests/tls/shared.py index cda09e95f..799299abd 100644 --- a/tests/tls/shared.py +++ b/tests/tls/shared.py @@ -40,7 +40,8 @@ def __init__(self, server_cert, min_tls="0", max_tls="2", if disable_tls: params.append("--disableTls") if client_cert is not None: - params.append("--clientCert", client_cert) + params.append("--clientCert") + params.append(client_cert) self._process = subprocess.Popen( params, stdout=subprocess.PIPE, diff --git a/tests/tls/suites.py b/tests/tls/suites.py index 414753dc6..bf0f8c238 100644 --- a/tests/tls/suites.py +++ b/tests/tls/suites.py @@ -5,6 +5,7 @@ from tests.testenv import get_test_result_class from tests.tls import ( + test_client_certificate, test_secure_scheme, test_self_signed_scheme, test_tls_versions, @@ -18,6 +19,7 @@ tls_suite.addTests(loader.loadTestsFromModule(test_self_signed_scheme)) tls_suite.addTests(loader.loadTestsFromModule(test_tls_versions)) tls_suite.addTests(loader.loadTestsFromModule(test_unsecure_scheme)) +tls_suite.addTests(loader.loadTestsFromModule(test_client_certificate)) if __name__ == "__main__": suite_name = "TLS tests" diff --git a/tests/tls/test_client_certificate.py b/tests/tls/test_client_certificate.py new file mode 100644 index 000000000..aeba7c183 --- /dev/null +++ b/tests/tls/test_client_certificate.py @@ -0,0 +1,50 @@ +import os + +import nutkit.protocol as types +from tests.shared import get_driver_name +from tests.tls.shared import ( + TestkitTlsTestCase, + TlsServer, +) + +THIS_PATH = os.path.dirname(os.path.abspath(__file__)) + + +class TestClientCertificate(TestkitTlsTestCase): + def setUp(self): + super().setUp() + self._server = None + self._driver = get_driver_name() + + def tearDown(self): + if self._server: + # If test raised an exception this will make sure that the stub + # server is killed and it's output is dumped for analysis. + self._server.reset() + self._server = None + super().tearDown() + + client_cert_on_server = os.path.join(THIS_PATH, + "certs", "server", "bolt", "trusted", + "client.pem") + + client_certificate_cert = os.path.join(THIS_PATH, + "certs", "driver", + "certificate.pem") + client_certificate_key = os.path.join(THIS_PATH, + "certs", "driver", + "privatekey.pem") + + required_features = types.Feature.API_SSL_SCHEMES, + extra_driver_configs = { + "client_certificate": (client_certificate_cert, client_certificate_key) + }, + + def test_driver_is_encrypted_with_ssc(self): + schemes = "neo4j+ssc", "bolt+ssc" + self._server = TlsServer("trustedRoot_thehost", + client_cert=self.client_cert_on_server) + for driver_config in self.extra_driver_configs: + for scheme in schemes: + with self.subTest(scheme=scheme, driver_config=driver_config): + self._test_reports_encrypted(True, scheme, **driver_config) diff --git a/tlsserver/main.go b/tlsserver/main.go index fad8151d4..5e936d3a5 100644 --- a/tlsserver/main.go +++ b/tlsserver/main.go @@ -2,16 +2,18 @@ package main import ( "crypto/tls" + "crypto/x509" "errors" "flag" "fmt" "io" + "io/ioutil" "net" "os" "time" ) -func exitWithError(err error) { +func exitWithError(err interface{}) { fmt.Println(err) os.Exit(-1) } @@ -46,14 +48,27 @@ func main() { exitWithError(err) } + rootCAs, _ := x509.SystemCertPool() + if rootCAs == nil { + rootCAs = x509.NewCertPool() + } + + if clientCertPath != "" { + clientCert, err := ioutil.ReadFile(clientCertPath) + if err != nil { + exitWithError(err) + } + if ok := rootCAs.AppendCertsFromPEM(clientCert); !ok { + exitWithError("No certs appended, using system certs only") + } + } + config := tls.Config{ GetCertificate: func(hello *tls.ClientHelloInfo) (*tls.Certificate, error) { // TODO: Set cert.OCSPStaple return &cert, nil }, - GetClientCertificate: func(hello *tls.CertificateRequestInfo) (*tls.Certificate, error) { - return nil, nil - }, + RootCAs: rootCAs, MinVersion: 0x0300 | uint16(minTlsMinorVer+1), MaxVersion: 0x0300 | uint16(maxTlsMinorVer+1), } From 3c5086a6fbaecf01d96ac3fa09408f25fdd6fb31 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antonio=20Barc=C3=A9los?= Date: Wed, 28 Feb 2024 15:25:37 +0100 Subject: [PATCH 06/18] TLS + SSC + ClientCertificates --- tests/tls/test_client_certificate.py | 32 +++++++++++++++++++++++----- tlsserver/main.go | 28 +++++++++++------------- 2 files changed, 40 insertions(+), 20 deletions(-) diff --git a/tests/tls/test_client_certificate.py b/tests/tls/test_client_certificate.py index aeba7c183..604071043 100644 --- a/tests/tls/test_client_certificate.py +++ b/tests/tls/test_client_certificate.py @@ -37,14 +37,36 @@ def tearDown(self): required_features = types.Feature.API_SSL_SCHEMES, extra_driver_configs = { - "client_certificate": (client_certificate_cert, client_certificate_key) }, - def test_driver_is_encrypted_with_ssc(self): + def test_ssc_and_client_certificate_present(self): schemes = "neo4j+ssc", "bolt+ssc" - self._server = TlsServer("trustedRoot_thehost", - client_cert=self.client_cert_on_server) for driver_config in self.extra_driver_configs: for scheme in schemes: with self.subTest(scheme=scheme, driver_config=driver_config): - self._test_reports_encrypted(True, scheme, **driver_config) + self._start_server("trustedRoot_thehost", + client_cert=self.client_cert_on_server) + self.assertTrue(self._try_connect( + self._server, scheme, "thehost", + client_certificate=self._get_client_certificate(), + **driver_config + )) + self._server.reset() + + def test_scc_and_certificate_not_present(self): + schemes = "neo4j+ssc", "bolt+ssc" + for driver_config in self.extra_driver_configs: + for scheme in schemes: + with self.subTest(scheme=scheme, driver_config=driver_config): + self._start_server("trustedRoot_thehost", + client_cert=self.client_cert_on_server) + self.assertFalse(self._try_connect( + self._server, scheme, "thehost", **driver_config + )) + self._server.reset() + + def _start_server(self, cert, **kwargs): + self._server = TlsServer(cert, **kwargs) + + def _get_client_certificate(self): + return (self.client_certificate_cert, self.client_certificate_key) diff --git a/tlsserver/main.go b/tlsserver/main.go index 5e936d3a5..0040af27b 100644 --- a/tlsserver/main.go +++ b/tlsserver/main.go @@ -48,9 +48,13 @@ func main() { exitWithError(err) } - rootCAs, _ := x509.SystemCertPool() - if rootCAs == nil { - rootCAs = x509.NewCertPool() + config := tls.Config{ + GetCertificate: func(hello *tls.ClientHelloInfo) (*tls.Certificate, error) { + // TODO: Set cert.OCSPStaple + return &cert, nil + }, + MinVersion: 0x0300 | uint16(minTlsMinorVer+1), + MaxVersion: 0x0300 | uint16(maxTlsMinorVer+1), } if clientCertPath != "" { @@ -58,20 +62,14 @@ func main() { if err != nil { exitWithError(err) } - if ok := rootCAs.AppendCertsFromPEM(clientCert); !ok { - exitWithError("No certs appended, using system certs only") - } - } - config := tls.Config{ - GetCertificate: func(hello *tls.ClientHelloInfo) (*tls.Certificate, error) { - // TODO: Set cert.OCSPStaple - return &cert, nil - }, - RootCAs: rootCAs, - MinVersion: 0x0300 | uint16(minTlsMinorVer+1), - MaxVersion: 0x0300 | uint16(maxTlsMinorVer+1), + certPool := x509.NewCertPool() + certPool.AppendCertsFromPEM(clientCert) + + config.ClientCAs = certPool + config.ClientAuth = tls.RequireAndVerifyClientCert } + listener, err = tls.Listen("tcp", address, &config) if err != nil { exitWithError(err) From c693f8a266931274b99c46561580af5d37d9bdc8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antonio=20Barc=C3=A9los?= Date: Wed, 28 Feb 2024 16:52:23 +0100 Subject: [PATCH 07/18] Add test for +s --- tests/tls/test_client_certificate.py | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/tests/tls/test_client_certificate.py b/tests/tls/test_client_certificate.py index 604071043..2b1c7d9a3 100644 --- a/tests/tls/test_client_certificate.py +++ b/tests/tls/test_client_certificate.py @@ -39,6 +39,32 @@ def tearDown(self): extra_driver_configs = { }, + def test_s_and_client_certificate_present(self): + schemes = "neo4j+s", "bolt+s" + for driver_config in self.extra_driver_configs: + for scheme in schemes: + with self.subTest(scheme=scheme, driver_config=driver_config): + self._start_server("thehost", + client_cert=self.client_cert_on_server) + self.assertTrue(self._try_connect( + self._server, scheme, "thehost", + client_certificate=self._get_client_certificate(), + **driver_config + )) + self._server.reset() + + def test_s_and_certificate_not_present(self): + schemes = "neo4j+s", "bolt+s" + for driver_config in self.extra_driver_configs: + for scheme in schemes: + with self.subTest(scheme=scheme, driver_config=driver_config): + self._start_server("thehost", + client_cert=self.client_cert_on_server) + self.assertFalse(self._try_connect( + self._server, scheme, "thehost", **driver_config + )) + self._server.reset() + def test_ssc_and_client_certificate_present(self): schemes = "neo4j+ssc", "bolt+ssc" for driver_config in self.extra_driver_configs: From 1a0c0f6aad53aa6f9945a3d3c25fa000f4fd5111 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antonio=20Barc=C3=A9los?= Date: Thu, 29 Feb 2024 14:39:05 +0100 Subject: [PATCH 08/18] Consolidate datatypes --- nutkit/protocol/requests.py | 21 +++++++++++++++------ tests/neo4j/shared.py | 7 +++++-- tests/tls/test_client_certificate.py | 3 ++- 3 files changed, 22 insertions(+), 9 deletions(-) diff --git a/nutkit/protocol/requests.py b/nutkit/protocol/requests.py index 464801a96..ecc530474 100644 --- a/nutkit/protocol/requests.py +++ b/nutkit/protocol/requests.py @@ -94,6 +94,7 @@ def __init__( self.livenessCheckTimeoutMs = liveness_check_timeout_ms self.maxConnectionPoolSize = max_connection_pool_size self.connectionAcquisitionTimeoutMs = connection_acquisition_timeout_ms + self.clientCertificate = client_certificate if notifications_min_severity is not None: self.notificationsMinSeverity = notifications_min_severity if notifications_disabled_categories is not None: @@ -113,12 +114,6 @@ def __init__( self.trustedCertificates = None else: self.trustedCertificates = trustedCertificates - if client_certificate is not None: - # missing password and formalization of protocol. - self.clientCertificate = { - "certfile": client_certificate[0], - "keyfile": client_certificate[1] - } class AuthorizationToken: @@ -266,6 +261,20 @@ def __init__(self, request_id, auth): self.auth = auth +class ClientCertificate: + """ + Not a request but used in `NewDriver`. + + This property is used for configuring client certificates + for mutual TLS configuration. + """ + + def __init__(self, certfile, keyfile, password=None): + self.certfile = certfile + self.keyfile = keyfile + self.password = password + + class VerifyConnectivity: """ Request to verify connectivity on the driver. diff --git a/tests/neo4j/shared.py b/tests/neo4j/shared.py index 7307920c5..d8943d674 100644 --- a/tests/neo4j/shared.py +++ b/tests/neo4j/shared.py @@ -23,7 +23,10 @@ from nutkit import protocol from nutkit.frontend import Driver -from nutkit.protocol import AuthorizationToken +from nutkit.protocol import ( + AuthorizationToken, + ClientCertificate, +) from tests.shared import ( dns_resolve_single, Potential, @@ -84,7 +87,7 @@ def get_client_certificate(): client_certificate_key is not None: raise Exception("Miss configuration of client certificate.") return None - return client_certificate_cert, client_certificate_key + return ClientCertificate(client_certificate_cert, client_certificate_key) def get_driver(backend, uri=None, auth=None, diff --git a/tests/tls/test_client_certificate.py b/tests/tls/test_client_certificate.py index 2b1c7d9a3..9b2e3b7e1 100644 --- a/tests/tls/test_client_certificate.py +++ b/tests/tls/test_client_certificate.py @@ -95,4 +95,5 @@ def _start_server(self, cert, **kwargs): self._server = TlsServer(cert, **kwargs) def _get_client_certificate(self): - return (self.client_certificate_cert, self.client_certificate_key) + return types.ClientCertificate(self.client_certificate_cert, + self.client_certificate_key) From 232769d310cc5db469073b7c9e5e39347b291f2a Mon Sep 17 00:00:00 2001 From: Rouven Bauer Date: Thu, 29 Feb 2024 16:08:35 +0100 Subject: [PATCH 09/18] Fix test cert generation Signed-off-by: Antonio Barcelos --- certgen/main.go | 4 +- tests/tls/certs/driver/certificate.pem | 54 +++++----- tests/tls/certs/driver/privatekey.pem | 100 +++++++++--------- .../tls/certs/server/bolt/trusted/client.pem | 54 +++++----- tests/tls/test_client_certificate.py | 4 +- tlsserver/main.go | 2 +- 6 files changed, 109 insertions(+), 109 deletions(-) diff --git a/certgen/main.go b/certgen/main.go index 56e0df220..1772133ef 100644 --- a/certgen/main.go +++ b/certgen/main.go @@ -134,8 +134,8 @@ func generateRsa4096Sha512(notBefore, notAfter time.Time, commonName string) (in NotBefore: notBefore, NotAfter: notAfter, Subject: pkix.Name{CommonName: commonName}, - KeyUsage: x509.KeyUsageCertSign, - ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}, + KeyUsage: x509.KeyUsageDigitalSignature, + ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth}, BasicConstraintsValid: true, IsCA: true, } diff --git a/tests/tls/certs/driver/certificate.pem b/tests/tls/certs/driver/certificate.pem index 4fa535f0c..e0d16dc23 100644 --- a/tests/tls/certs/driver/certificate.pem +++ b/tests/tls/certs/driver/certificate.pem @@ -1,29 +1,29 @@ -----BEGIN CERTIFICATE----- -MIIFAzCCAuugAwIBAgIQI+SZhRo+8CR3WCsmtLSFDjANBgkqhkiG9w0BAQsFADAR -MQ8wDQYDVQQDEwZjbGllbnQwHhcNMjQwMjI3MTUwNDQzWhcNNDQwMjIyMTYwNDQz -WjARMQ8wDQYDVQQDEwZjbGllbnQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQCqYTaHYssFQF6BSxisJ756f2a8BfC2EkYoiGYuLM9vQB+0F6qV0vQP1RrA -o7ZAhK+UFmm8BnFZLg6dlrFki0gGgehK5hpd5v7tnYINyBpO1KDh0fz8xmT4oPya -3IYw/l30N30SOgd2E+H61/lTcOFsrtQUVvG6YcxzXPxtdU7JfgFJag0mR42zIZUD -9LOqoOGj9L0byW0pJmEOkEljt5efBLKAnMX6S4XzzU6VJlkqvwO6WS2AnpMWxOzy -SOl+qQuBQKZ2Nnuk+yc2g5MqtC8C1E6jBHxFNtZcOS+KwawxfwCSvzMtZCMHs0Ky -4eo/0imljFUYJIGanjD6pi7ps3WfA5kP060Xl0v2cYCabpgcorfiYG93e4+Tb5cX -HhsuDvBn34fsFj7AjMy58b+2MVlqrI+k0vAJGOuL4iwO8mrQrNWw3KeF/32pyTBG -r2MEaqUO10m/7LVrld2PzVDlKVxOcw1Yy3hM2JKurQ5DOvQdSOEim7kXWf0fuxCe -xz06suceA9/j5iD5fxR7/0IrlQqVnQQM3/SwpvIjkotB2e7stdyDUtWT2RBPmB3G -DlJSOjmPnXC78Vr16LLUrMCRSdVwdpDa8CyTwT5uY9FLBcLMxrL0M6Uj/v4F71dm -r3u9JTGbcNTIwg+IMeRvu42kBHx+Z5VuTlSy4FkuZJntBbphjwIDAQABo1cwVTAO -BgNVHQ8BAf8EBAMCAgQwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0TAQH/BAUw -AwEB/zAdBgNVHQ4EFgQUyFYPImfvvjeQ9Zj6d0S5R2cKQXMwDQYJKoZIhvcNAQEL -BQADggIBAKZGfCV4jRX/3MdFSworqZEAt1lFUnG4F7XFHo1k8fhnVgQCOpiDTg53 -bvMy8EPjdJo77rsmIxFHfvFm/I0AcVhqcQav35ilRyR26NextBFpcAd+dTh1VkPL -8mSc+aBWXkbiH2ExJW84Hbf6NTPf5cfMZfRnsdYRfa1Jj4bh0gOgc3O1UU1WdEnT -DSge0sKhru8XTfR+/A+QH6b2FPwnPBhB9k5BdKZ2StR1w8TMZQPFjpAm0OSsSOBb -v3q/clqLxcqwBh01RCblYOdjtW/OmnS3ZRTp/hq+dO+izS7nPc2LKzWdbuHS1Ac4 -pekqRFTK7/7XJXXXH5rUl8DkCoerQQuKCz475ogciVDJMKsDLaHVyGESoaZrs0kT -HDwyFKUikXqf3dgTGr41sCXdZ4UyLNHFv+vaPpqjucy8kZ0QiXUyxxRAwR90daHa -XDUH68MpnNFkXRVigGSbdAOelbNbjTwl3fHQ6iRMSwFg5fh42qw07MV4eVJla3OM -2Lfops2/pP+0782rx1oUUQusykeOVDmW/8EXE7LtbVyiz9fq1tvJrCzYOgy2D8zA -lC0IAGiKzTBPHrM+1pBkR88K1xyej8JU7S4TZjFisO3uPmP+IaQx1UClhVmiejWG -XAFlo3YO3LDdWBFw/+AyXXu/S/mpHrJYs0PTWDf3iNsFRQn5Iy1w +MIIFBDCCAuygAwIBAgIRALttVMpNPme8IgSVUSZ9JLQwDQYJKoZIhvcNAQELBQAw +ETEPMA0GA1UEAxMGY2xpZW50MB4XDTI0MDIyOTE0MDE0MFoXDTQ0MDIyNDE1MDE0 +MFowETEPMA0GA1UEAxMGY2xpZW50MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC +CgKCAgEA4ctwlOv4zq6pbJkDNgXYJSmhZ+UgyCEe9eJfTcId92KgKxSjxS1jeBNX +7n0WUXAT1M3y+k4pNIlb59619lTABFvJKas/8dEHAlDvHBvnZXI6tqz15+358pMs +AyD3ppYCCHmW88XdZA+5mEfdP0qtm6LCRBmPYY8zPRYclK21DDT37IpX6YSIwOs4 +rdRnsStiA18ZNh6CTUgaJ3EtwKm0ug+TN7O81e4YMlfROLM5yJGxozXqNXk4ram9 +WyzICY7tFkZ3YrtCYMtgZkMvpbNsLJ7NEUM5oF9DxwEsEAVY9xbe84tKEE5RBIsW +CE5CRr1dEBoOxZvlNrByV2oobGIQ3Fqjb0IgjDeGJYU2S2CtNpeIqV1KvnbZfo/1 +edZvsxOo3xhm1eSWCKs1nOlaDLgPOA+D1H6hGMseUQN69SLD5sTvG2oPoJWl6HFB +kH8o29lpKIFmFBhRUyaPx5FNGBkUqbIxNTzU5czilsXnlVEEFE0cbU4/Q+UhD5TG +uLptLX0FuR20ahhg5grCy942VZRYKpuv1ZgqBzbNqewNWWC732nKFNR3ei3FCcgK +ff3FI8fxY8L0WULxYjZS2x/IJdhsf2b03JPcSiZM/mTBBXVlC+W/O8tW4ubDm1uo +byoAIUh+A3mSFwrao5x+w0kGs/htXJlTMFG7xaU92gLouSTDbo8CAwEAAaNXMFUw +DgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMCMA8GA1UdEwEB/wQF +MAMBAf8wHQYDVR0OBBYEFDPPCDNf39oOvio9EolwBdZXpWohMA0GCSqGSIb3DQEB +CwUAA4ICAQBCUA7dNtoBTGy/P2Zwz6kdbi/s0t0wu4ZuQfSZkmFpXYxF2ieCjfyb +CQje/+fgGStTksuf/jaDPFHJYdjN+lM/p0HqYTXEzU/R4+o8owQCJ4hzocjx2C4N +uaSL9OyMG9sRpA5jhF0Ks1Hmqfzxv5q2Vm9RleS+EovxBcQzp1BPZiZgh9C5/EUx +btnsml/RNe93pqcSwdfSlXKItVpP+mok63V3oQXggwdFrtwMJgsxVY3cr+TSppy4 +6qZo+Q7L1CtmaQbOhPr6+o/FLgg5P/DxQze0E0YTFSQbgWX4EoUfbwotjej6UstG +44z9wX+MKI15UOAxX8lzP9GRLGdaAPsW15qUT4AcoqZ09+jmPYta6k0KEkw+dy4S +YQnqs8qJVNrXOvR7ISkoszlSeZpgxPaoTTVNpgyCMKaRZ5nmo8as1bXyo4syou6T +pFx0EJHEONK+nZ4qYsP02XsR68duqDoNicXlhbmTgs0Rlh8KWZlYIM1fUcAtCvs5 +ECimE6fSrcgFqM1aLlgH4ukSK83ncuffm39tYH+patp2ZM6SmTXc7vgRIq4JvdAg +w2/rdhsTsTszl9GSgDlK4Yxl6bYXKnfwO1tcfavczySVOT4R57Y+y8q6vY0uK0OL +RIijQiqM/6dMRZUff7kCwTYBSMHoGaSyDUD/DQWV7rziCI6yd+zxFg== -----END CERTIFICATE----- diff --git a/tests/tls/certs/driver/privatekey.pem b/tests/tls/certs/driver/privatekey.pem index 7f51e86fc..11a293d97 100644 --- a/tests/tls/certs/driver/privatekey.pem +++ b/tests/tls/certs/driver/privatekey.pem @@ -1,52 +1,52 @@ -----BEGIN PRIVATE KEY----- -MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQCqYTaHYssFQF6B -SxisJ756f2a8BfC2EkYoiGYuLM9vQB+0F6qV0vQP1RrAo7ZAhK+UFmm8BnFZLg6d -lrFki0gGgehK5hpd5v7tnYINyBpO1KDh0fz8xmT4oPya3IYw/l30N30SOgd2E+H6 -1/lTcOFsrtQUVvG6YcxzXPxtdU7JfgFJag0mR42zIZUD9LOqoOGj9L0byW0pJmEO -kEljt5efBLKAnMX6S4XzzU6VJlkqvwO6WS2AnpMWxOzySOl+qQuBQKZ2Nnuk+yc2 -g5MqtC8C1E6jBHxFNtZcOS+KwawxfwCSvzMtZCMHs0Ky4eo/0imljFUYJIGanjD6 -pi7ps3WfA5kP060Xl0v2cYCabpgcorfiYG93e4+Tb5cXHhsuDvBn34fsFj7AjMy5 -8b+2MVlqrI+k0vAJGOuL4iwO8mrQrNWw3KeF/32pyTBGr2MEaqUO10m/7LVrld2P -zVDlKVxOcw1Yy3hM2JKurQ5DOvQdSOEim7kXWf0fuxCexz06suceA9/j5iD5fxR7 -/0IrlQqVnQQM3/SwpvIjkotB2e7stdyDUtWT2RBPmB3GDlJSOjmPnXC78Vr16LLU -rMCRSdVwdpDa8CyTwT5uY9FLBcLMxrL0M6Uj/v4F71dmr3u9JTGbcNTIwg+IMeRv -u42kBHx+Z5VuTlSy4FkuZJntBbphjwIDAQABAoICAGfNgmNJlVdFuE4dapK4RBxt -sjGrjNPgnk3jjB1lv5uP/cDDCnLtazSaKQpks4zrSe13GkQryLMElHL+dGVFVkRg -sR2wwy+ipH4wECRFXYHZmYr7XJ7EYI/5xOy0ni0LTEKV6+VG5XTS+ELTgluL0ktc -2Gjr76oWG3HNnR0y8yVfV3la21gPEA2q0Bbw5uV1zwMNAIoFVjRT5Z3x2kSefgmr -2vTwjs3HZXz8AHxuOLUKW0MVQduywPqGT7XtJhS8+P1uXfx3hS0mtuVHlEnYLSwU -HTTEbtHcbw0Q6h4nkLk3HypIwu1MrOrsFB7X9NedOzJZJR7oXu3MoxqSVNKdO3L/ -RMHV/WMIUK3rKxhZpfV5tb9Iqai1OP0j6BApqmvwGaisV9cFU5qVZJY+B6Gj3snf -u50Y0FUJ/UfXorm96Tlah+BqmutP/ceprIMKTxPJmAm4fQF2So03PAlROA6cQztM -yVApIuueAfLJ30Gif5GPYYddNRPA3+GZ3AtSbDlf+yDTRVts94rwVdAsI0YLXjSa -JV25v7wqqcNvBYylo3RRYlXYrp5beLsy8zm1obnT7i5scTmONaJFfiP8jqCnQx/f -PvMIKIOJJa7dWczGBPHdnrMGwSiip4dOblFxht8UZeQjoC7qUEVzH/vNuI+1+Hgp -ae2qThlmCK5pqZw2DPJBAoIBAQDTuMw7TJxds4wJPibYxECvSJJpIqqoPlhML+Tb -s5M6PZBAlAp28bpwclmMlrhGLcYhQaitjMxCRvHoGQ5O4jPqwCABy4SpNVXZXwO5 -n0HVxyND4LFqI6akt8BVqgXlOwJhpUltiKdFAgmK7hwd8MHsoUzoZQxarP1S3EFq -Hnc/YVBT2f3hCf+c1z3YUQKy8GcJGIV8Uac1IkqryYlq+EbDi546vv0vD+pUj/Ez -X9DprC9ZWt1OwEPiPOkijx2Lvxf1vJfEhx2kZ4YdpoIAjIX9HYSSiKsMalbLBN51 -SWqsMPRb8ZyZKFKm+pYFfbhKxtxCQ3KHXAuL1O82VCIgQ5XrAoIBAQDOAwh9JUiQ -GgrtdZFAy7WWHQh5hnGihwWBpSGhLSWcmaccdjGNyxnaFrLbP6pKKT8Y8Fhxn+EC -ow0LmYiPM+70pozjtioyx/8ncV2w3ZKELB6o29YeXqjfpiPpgxI5FyThayg6Xuuv -5NyojLdWCt7ukQnfdmcUhlWjDUxLEXRU302sFc634DJOW89MARj9xduIhUC2zEoO -unh3f1McVLSwDhDg3nsbT+g9ql8VJF1frvUZdrjwXl9fjYFLzhDDCdYAF8y+AwvT -BaJyHtIMiSpoBajWLASXlVAcO8JXsAknrB6VPo8jUUh/v4qH0d+hPe3XV67PxPp/ -8qaSMJ9Z8QXtAoIBABIMmASaJF5slwyWqtMh7+3BfxHNbcUIA5kDIDyGk4+Mfgaz -WC0JsH4zkWTF2JHLBzAAm/OnpCYmTCsgL7MT358sn83nXrjaHiZ4ziV96SvjXSNF -PXqx7VvveksTQotnO229nIPk+XWNleitIeJ/iti0a40ISERWqQXuVvlH/Zx+nE15 -sQYFRzBEvTX6ugMtMWt6Fq8heuKxuLHqbXecENRMy8FwVL81WSG6X7KkgXfaQPMa -JvG2vFLGJI3Yq4klUlKVsE6FwkYouSs/7adEU4vff1TKp+JYEmweTySqjJh/V+Wa -tGHuKRWpGS8Ap7xgNZjEjTfy5d0W2wnDpGEhwd8CggEAV/6RrKq1MN/+1OjHz05z -1Je4G/hiJ1LW9kZrc+XNz/MNnymZBwC+nRne8ali+mRd0DAxBu+Mc8zjcJX273v2 -UEennEgeBCzK/rT8mOQ7hfs2aVflQHmcVlMnucFDkmEhXquftjb/ItV1rwTT9ouU -J4CKIAn6A5lRkODIOrRM5UewbJWwA3he5Htwsv0xCIxvtgN83deqtlnNxPT8sfg4 -aY7IhNRi7wqVn2lbTbOHsqwPgv3kBr+4qx7NIGz3WeekocuIp4yzi0I33djuTW51 -T5NDR5/rojejzTt1SnElp+1r7sGW8DXy6qYM7PCnPb8vDTEluRdhDC/AGGduWUOL -DQKCAQBoZcJ3WSdB2uRKFGQqLPg99g3//gy2uUzemFER7l2jIF5ar8YYfXs0Wjpw -Cr2vz6VjVRTtPynYeb+TebUS1UiJ0lmgqepmlSoZytRyD6X/C+aRHOdOqe0BcrYL -Ye8envwUd/9IODBcxZoeS91CuCBo6XPymMeeZ768Y+j5XfkQmbXwnpvuiCO/6Jrh -8bitDUHhZkDrBy1i9BnwX6aGGNyo1zK1ZujxO/ldhJ7zCWZL4eoNNhONE2zIG8HC -Qbbkj4vDvrvS30pbok5Eptjh4tZS7w57TYNQNBTWjR3i/IAfEH5qzuU/BKnjVnlX -d1kSS5R4K32Q2sXynBG1YpU0iFnB +MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDhy3CU6/jOrqls +mQM2BdglKaFn5SDIIR714l9Nwh33YqArFKPFLWN4E1fufRZRcBPUzfL6Tik0iVvn +3rX2VMAEW8kpqz/x0QcCUO8cG+dlcjq2rPXn7fnykywDIPemlgIIeZbzxd1kD7mY +R90/Sq2bosJEGY9hjzM9FhyUrbUMNPfsilfphIjA6zit1GexK2IDXxk2HoJNSBon +cS3AqbS6D5M3s7zV7hgyV9E4sznIkbGjNeo1eTitqb1bLMgJju0WRndiu0Jgy2Bm +Qy+ls2wsns0RQzmgX0PHASwQBVj3Ft7zi0oQTlEEixYITkJGvV0QGg7Fm+U2sHJX +aihsYhDcWqNvQiCMN4YlhTZLYK02l4ipXUq+dtl+j/V51m+zE6jfGGbV5JYIqzWc +6VoMuA84D4PUfqEYyx5RA3r1IsPmxO8bag+glaXocUGQfyjb2WkogWYUGFFTJo/H +kU0YGRSpsjE1PNTlzOKWxeeVUQQUTRxtTj9D5SEPlMa4um0tfQW5HbRqGGDmCsLL +3jZVlFgqm6/VmCoHNs2p7A1ZYLvfacoU1Hd6LcUJyAp9/cUjx/FjwvRZQvFiNlLb +H8gl2Gx/ZvTck9xKJkz+ZMEFdWUL5b87y1bi5sObW6hvKgAhSH4DeZIXCtqjnH7D +SQaz+G1cmVMwUbvFpT3aAui5JMNujwIDAQABAoICAQDU4pjM8Abv52G6EDIk1zHJ +KA0UBcX4qrGkJsCwcZsLSaO1uooGOBsWdTZsludZ9Q/djifOs67J59ANN7/b9l/s +PBXYAawSdH/lQSWQHQb4cNDGtyBKgectPHE8qfKUz84u62TVhfKMiv7zgp4pNGGm +4bfDuU2kL/2hVJ2x2G1givhNvsnQU7MUITKZQjBZrIuGnj0I947nCloOYfk/M0JA +QrsMw5wBH7EUlhOfH+wVHLidJxIhRJ+ZrPXpZrlbubPzUpDxN5kH5fiHskTUN+x/ +zWGPKxDEEc23bXV7zW7p2Fhwyx0TbqOYYwJs5kw6ogOCUO8ohSmBfK7xmBdwyK0X +L7vdaj20AvTI8KqT+d9+CtLWKHE6+/3qgpwizVvLznSrQ/1BZYsPtGf0ZQoexQgM +EqKmIZF5q0q6sDN6tHANrtWu5XyJS4K7YUoXojh/Q/Sp1/7m0uqBxOS/9A3NKdO+ +aqVYzGrnmqUZicYRQY6my42jiX0E1f52mHr7TSAGKBcXsorFhjDnGIc9w7PFL1pQ ++SoORP2mcvd3sfyLPkptfTVI69vh/LvoP98+Ie6j12mxInVA9Rh5Nr+a/CJICGYU +ZmHj/Y3u7zTBbDYqfOpe8AKnb0Q74mjR90PO5MPjmFmMKWG5GtzhEWYl83W5EDZY +F4x8mPPHSCxrQIOxo5Zn4QKCAQEA7MuFDb/XV5WYVlZNGWMr4MefTlVst1hEDsor +Doo3tgUGZ34+xv496W05+6bTFwSEylvYECv0xrZa0GW7GHd8S6lASlcFClpxJeXy +wsUVqirFgZoVIhctGCZNYmjqy08fR+/UUyssg1n9P5EV7cuLhe54fliqeml81Nl5 +zg5ayeCjB9QI2BfqkQBWIHpnNCC3COJoM7LYMpPkP4INPrjGEx6w//iv2STAuRPW +natqQsyPF7EqYBxw6XAxcmDBzrSDZNlPgGVQEoYV+7YxQIzhrJdANJYnMx+50KhZ +DhM1YcM12x3gBecy3Syttn+Pe13226PNGe+DG88mPKmKw7L/WQKCAQEA9BuGYZLv +nuYFL2QFlcC3VmhXKfLglm09hL8AjbeOKnzeoSVr29LzJ3A8Omk0teth5cNlxau1 +QNoNtBSo1Zy1QJtNu5onH7DkkEA+RSS8Q6C8UiqLq1s/uI6pc8RDFM8cMxqX7wI+ +kk7JX6BwUzADwou3trvGdMEmSeR/HZOEfIz4ahHlxGfZ4tFsaDTjbvns82oak5bQ +a2NqXxN7rvokgGDwRFaP0/OD9yjXxzF9gODh1+PSC/ursRgvHCjJ0mzElJSRhyoQ +HzaPlDkYhWYKaUaC3DvCyr9MW++hI8LLFlQrSBJP8Qw3W0CWLtr6vCc4Ap+RmQaa +AWRY0mxqHenIJwKCAQBEDND1/JXUM8eNuEt76kYn2PZtOpt9rT4RygPJr+sGwjbu +8xbzdQkx1hP9wBmV2dSXmwFi1F8J5EoA7dtw0pXD4KX7NzrZmNg/fe/gDWeGebg8 +4J0GKQbqk8dVarVfLCPfNoscQ6INNYVUCUv2BLLaEIhMNwr3Fu2q9bzNfM6WiZoQ +m9zWzTi55xDZUJPsJSK0yOwNP25mSp4jqipIRi2WPRG83ikbDDbeeVcKBMMK42KT ++nQlHsdMLtPm/Ot1jebcyp7QVU1HpYUXy2ooFNSeFvF6q1Qkmw95aYf+RYLnz4Pg +rps81w6FBVv+wHXpjD1vLYm51F0nVsa0VDzutLgxAoIBAQCSyLpVkfVkpwwXIx34 +npmf673+C33g9m83k2LR1L437j4wyD/DP2XXITYWKYz4l0GW15gq9MVY6cWzs3iS +eljDMJ/dXySHeeb2lqrbCOvr/os/HTY/I+99GsvqQOnVaXSbhjI2FjNp5tZQGjlw +zD52jW07BE6hhkNvy2ZkcoAIJPx7S6fOImRyb1uwjZz07nP9KqAwf090Q6OC6ERH +Q0MPrzrK3QI/gP6pcHXP4YKGLLOhDe0QJ5VmOBSb6irxzVWnwm5/yFtJaZWMm4iT +Lni0NSIbLBRFtiJEZiOPTWKxWotsGxbW63Gd/YhRRHvhB/Q2H519VurkS2LdpTNq +KVmhAoIBADcqZwL927PgYKwTc6qc6mXGsLdG2BD+vagg1ZOQNXrJlxOQF5sWYWdH +9qoF30OEfTirONcZU5AMcl4zJuVNkN/TCgwmcujzeHRFJ1Y+3d1LeU0FRVT0I8ba +F+OrEVzBHIrUtsuhwikvXgjAKzeuZ6P4QIJqDuOO1td9Fx55R7Fzsmc1D/if8eG2 +TUTFRCKKbKoZCmH/z0TnXgSgYP+WqfDdp8l48f3dbTpnFQ780SoZ7d9T2+9+CmxA +i+PGItBCZL5ocXZcrFrFKZBFOXs9az/rhrOaNArn0BqZkg9VeBuHuglJjuGUJf9o +oPcafMzsR0YEUSxA5+zLK1/Oi1wY7So= -----END PRIVATE KEY----- diff --git a/tests/tls/certs/server/bolt/trusted/client.pem b/tests/tls/certs/server/bolt/trusted/client.pem index 4fa535f0c..e0d16dc23 100644 --- a/tests/tls/certs/server/bolt/trusted/client.pem +++ b/tests/tls/certs/server/bolt/trusted/client.pem @@ -1,29 +1,29 @@ -----BEGIN CERTIFICATE----- -MIIFAzCCAuugAwIBAgIQI+SZhRo+8CR3WCsmtLSFDjANBgkqhkiG9w0BAQsFADAR -MQ8wDQYDVQQDEwZjbGllbnQwHhcNMjQwMjI3MTUwNDQzWhcNNDQwMjIyMTYwNDQz -WjARMQ8wDQYDVQQDEwZjbGllbnQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQCqYTaHYssFQF6BSxisJ756f2a8BfC2EkYoiGYuLM9vQB+0F6qV0vQP1RrA -o7ZAhK+UFmm8BnFZLg6dlrFki0gGgehK5hpd5v7tnYINyBpO1KDh0fz8xmT4oPya -3IYw/l30N30SOgd2E+H61/lTcOFsrtQUVvG6YcxzXPxtdU7JfgFJag0mR42zIZUD -9LOqoOGj9L0byW0pJmEOkEljt5efBLKAnMX6S4XzzU6VJlkqvwO6WS2AnpMWxOzy -SOl+qQuBQKZ2Nnuk+yc2g5MqtC8C1E6jBHxFNtZcOS+KwawxfwCSvzMtZCMHs0Ky -4eo/0imljFUYJIGanjD6pi7ps3WfA5kP060Xl0v2cYCabpgcorfiYG93e4+Tb5cX -HhsuDvBn34fsFj7AjMy58b+2MVlqrI+k0vAJGOuL4iwO8mrQrNWw3KeF/32pyTBG -r2MEaqUO10m/7LVrld2PzVDlKVxOcw1Yy3hM2JKurQ5DOvQdSOEim7kXWf0fuxCe -xz06suceA9/j5iD5fxR7/0IrlQqVnQQM3/SwpvIjkotB2e7stdyDUtWT2RBPmB3G -DlJSOjmPnXC78Vr16LLUrMCRSdVwdpDa8CyTwT5uY9FLBcLMxrL0M6Uj/v4F71dm -r3u9JTGbcNTIwg+IMeRvu42kBHx+Z5VuTlSy4FkuZJntBbphjwIDAQABo1cwVTAO -BgNVHQ8BAf8EBAMCAgQwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0TAQH/BAUw -AwEB/zAdBgNVHQ4EFgQUyFYPImfvvjeQ9Zj6d0S5R2cKQXMwDQYJKoZIhvcNAQEL -BQADggIBAKZGfCV4jRX/3MdFSworqZEAt1lFUnG4F7XFHo1k8fhnVgQCOpiDTg53 -bvMy8EPjdJo77rsmIxFHfvFm/I0AcVhqcQav35ilRyR26NextBFpcAd+dTh1VkPL -8mSc+aBWXkbiH2ExJW84Hbf6NTPf5cfMZfRnsdYRfa1Jj4bh0gOgc3O1UU1WdEnT -DSge0sKhru8XTfR+/A+QH6b2FPwnPBhB9k5BdKZ2StR1w8TMZQPFjpAm0OSsSOBb -v3q/clqLxcqwBh01RCblYOdjtW/OmnS3ZRTp/hq+dO+izS7nPc2LKzWdbuHS1Ac4 -pekqRFTK7/7XJXXXH5rUl8DkCoerQQuKCz475ogciVDJMKsDLaHVyGESoaZrs0kT -HDwyFKUikXqf3dgTGr41sCXdZ4UyLNHFv+vaPpqjucy8kZ0QiXUyxxRAwR90daHa -XDUH68MpnNFkXRVigGSbdAOelbNbjTwl3fHQ6iRMSwFg5fh42qw07MV4eVJla3OM -2Lfops2/pP+0782rx1oUUQusykeOVDmW/8EXE7LtbVyiz9fq1tvJrCzYOgy2D8zA -lC0IAGiKzTBPHrM+1pBkR88K1xyej8JU7S4TZjFisO3uPmP+IaQx1UClhVmiejWG -XAFlo3YO3LDdWBFw/+AyXXu/S/mpHrJYs0PTWDf3iNsFRQn5Iy1w +MIIFBDCCAuygAwIBAgIRALttVMpNPme8IgSVUSZ9JLQwDQYJKoZIhvcNAQELBQAw +ETEPMA0GA1UEAxMGY2xpZW50MB4XDTI0MDIyOTE0MDE0MFoXDTQ0MDIyNDE1MDE0 +MFowETEPMA0GA1UEAxMGY2xpZW50MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC +CgKCAgEA4ctwlOv4zq6pbJkDNgXYJSmhZ+UgyCEe9eJfTcId92KgKxSjxS1jeBNX +7n0WUXAT1M3y+k4pNIlb59619lTABFvJKas/8dEHAlDvHBvnZXI6tqz15+358pMs +AyD3ppYCCHmW88XdZA+5mEfdP0qtm6LCRBmPYY8zPRYclK21DDT37IpX6YSIwOs4 +rdRnsStiA18ZNh6CTUgaJ3EtwKm0ug+TN7O81e4YMlfROLM5yJGxozXqNXk4ram9 +WyzICY7tFkZ3YrtCYMtgZkMvpbNsLJ7NEUM5oF9DxwEsEAVY9xbe84tKEE5RBIsW +CE5CRr1dEBoOxZvlNrByV2oobGIQ3Fqjb0IgjDeGJYU2S2CtNpeIqV1KvnbZfo/1 +edZvsxOo3xhm1eSWCKs1nOlaDLgPOA+D1H6hGMseUQN69SLD5sTvG2oPoJWl6HFB +kH8o29lpKIFmFBhRUyaPx5FNGBkUqbIxNTzU5czilsXnlVEEFE0cbU4/Q+UhD5TG +uLptLX0FuR20ahhg5grCy942VZRYKpuv1ZgqBzbNqewNWWC732nKFNR3ei3FCcgK +ff3FI8fxY8L0WULxYjZS2x/IJdhsf2b03JPcSiZM/mTBBXVlC+W/O8tW4ubDm1uo +byoAIUh+A3mSFwrao5x+w0kGs/htXJlTMFG7xaU92gLouSTDbo8CAwEAAaNXMFUw +DgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMCMA8GA1UdEwEB/wQF +MAMBAf8wHQYDVR0OBBYEFDPPCDNf39oOvio9EolwBdZXpWohMA0GCSqGSIb3DQEB +CwUAA4ICAQBCUA7dNtoBTGy/P2Zwz6kdbi/s0t0wu4ZuQfSZkmFpXYxF2ieCjfyb +CQje/+fgGStTksuf/jaDPFHJYdjN+lM/p0HqYTXEzU/R4+o8owQCJ4hzocjx2C4N +uaSL9OyMG9sRpA5jhF0Ks1Hmqfzxv5q2Vm9RleS+EovxBcQzp1BPZiZgh9C5/EUx +btnsml/RNe93pqcSwdfSlXKItVpP+mok63V3oQXggwdFrtwMJgsxVY3cr+TSppy4 +6qZo+Q7L1CtmaQbOhPr6+o/FLgg5P/DxQze0E0YTFSQbgWX4EoUfbwotjej6UstG +44z9wX+MKI15UOAxX8lzP9GRLGdaAPsW15qUT4AcoqZ09+jmPYta6k0KEkw+dy4S +YQnqs8qJVNrXOvR7ISkoszlSeZpgxPaoTTVNpgyCMKaRZ5nmo8as1bXyo4syou6T +pFx0EJHEONK+nZ4qYsP02XsR68duqDoNicXlhbmTgs0Rlh8KWZlYIM1fUcAtCvs5 +ECimE6fSrcgFqM1aLlgH4ukSK83ncuffm39tYH+patp2ZM6SmTXc7vgRIq4JvdAg +w2/rdhsTsTszl9GSgDlK4Yxl6bYXKnfwO1tcfavczySVOT4R57Y+y8q6vY0uK0OL +RIijQiqM/6dMRZUff7kCwTYBSMHoGaSyDUD/DQWV7rziCI6yd+zxFg== -----END CERTIFICATE----- diff --git a/tests/tls/test_client_certificate.py b/tests/tls/test_client_certificate.py index 9b2e3b7e1..2750acc51 100644 --- a/tests/tls/test_client_certificate.py +++ b/tests/tls/test_client_certificate.py @@ -44,7 +44,7 @@ def test_s_and_client_certificate_present(self): for driver_config in self.extra_driver_configs: for scheme in schemes: with self.subTest(scheme=scheme, driver_config=driver_config): - self._start_server("thehost", + self._start_server("trustedRoot_thehost", client_cert=self.client_cert_on_server) self.assertTrue(self._try_connect( self._server, scheme, "thehost", @@ -58,7 +58,7 @@ def test_s_and_certificate_not_present(self): for driver_config in self.extra_driver_configs: for scheme in schemes: with self.subTest(scheme=scheme, driver_config=driver_config): - self._start_server("thehost", + self._start_server("trustedRoot_thehost", client_cert=self.client_cert_on_server) self.assertFalse(self._try_connect( self._server, scheme, "thehost", **driver_config diff --git a/tlsserver/main.go b/tlsserver/main.go index 0040af27b..6f2dafebc 100644 --- a/tlsserver/main.go +++ b/tlsserver/main.go @@ -66,7 +66,7 @@ func main() { certPool := x509.NewCertPool() certPool.AppendCertsFromPEM(clientCert) - config.ClientCAs = certPool + config.ClientCAs = certPool config.ClientAuth = tls.RequireAndVerifyClientCert } From ec0216ca9a1defa7515ceb8667f62088a0af64ad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antonio=20Barc=C3=A9los?= Date: Thu, 29 Feb 2024 16:53:57 +0100 Subject: [PATCH 10/18] Revert unneeded changes --- certgen/main.go | 12 --- driver.py | 5 +- main.py | 49 ++++------- neo4j.py | 86 ++----------------- runner.py | 22 +---- tests/tls/certs/server/bolt/private.key | 52 ----------- tests/tls/certs/server/bolt/public.crt | 29 ------- .../tls/certs/server/bolt/trusted/public.crt | 29 ------- tests/tls/certs/server/https/private.key | 52 ----------- tests/tls/certs/server/https/public.crt | 29 ------- .../tls/certs/server/https/trusted/client.pem | 29 ------- .../tls/certs/server/https/trusted/public.crt | 29 ------- 12 files changed, 32 insertions(+), 391 deletions(-) delete mode 100644 tests/tls/certs/server/bolt/private.key delete mode 100644 tests/tls/certs/server/bolt/public.crt delete mode 100644 tests/tls/certs/server/bolt/trusted/public.crt delete mode 100644 tests/tls/certs/server/https/private.key delete mode 100644 tests/tls/certs/server/https/public.crt delete mode 100644 tests/tls/certs/server/https/trusted/client.pem delete mode 100644 tests/tls/certs/server/https/trusted/public.crt diff --git a/certgen/main.go b/certgen/main.go index 1772133ef..82573954d 100644 --- a/certgen/main.go +++ b/certgen/main.go @@ -212,22 +212,10 @@ func main() { writeKey(path.Join(basePath, "server", "untrustedRoot_thehost.key"), untrustedRoot_server1Key) writeCert(path.Join(basePath, "server", "untrustedRoot_thehost.pem"), untrustedRoot_server1Der) - // Generate Server Certificate - serverKey, serverDer := generateRsa4096Sha512(anHourAgo, tenYearsFromNow, "client") - // Write client certificate to server - writeCert(path.Join(basePath, "server", "bolt", "public.crt"), serverDer) - writeCert(path.Join(basePath, "server", "https", "public.crt"), serverDer) - writeCert(path.Join(basePath, "server", "bolt", "trusted", "public.crt"), serverDer) - writeCert(path.Join(basePath, "server", "https", "trusted", "public.crt"), serverDer) - // Write client private key to server - writeKey(path.Join(basePath, "server", "bolt", "private.key"), serverKey) - writeKey(path.Join(basePath, "server", "https", "private.key"), serverKey) - // Generate certificate.pem clientKey, clientDer := generateRsa4096Sha512(anHourAgo, tenYearsFromNow, "client") writeCert(path.Join(basePath, "driver", "certificate.pem"), clientDer) writeKey(path.Join(basePath, "driver", "privatekey.pem"), clientKey) // Copy to writeCert(path.Join(basePath, "server", "bolt", "trusted", "client.pem"), clientDer) - writeCert(path.Join(basePath, "server", "https", "trusted", "client.pem"), clientDer) } diff --git a/driver.py b/driver.py index a1f24b86b..33dfd940a 100644 --- a/driver.py +++ b/driver.py @@ -70,13 +70,10 @@ def start_container(testkit_path, branch_name, driver_name, driver_path, branch_name, driver_name, artifacts_path_build, build_args=_get_build_args()) container_name = "driver" - certificates_path = os.path.join(testkit_path, - "tests", "tls", "certs", "driver") # Configure volume map for the driver container mount_map = { testkit_path: "/testkit", - driver_path: "/driver", - certificates_path: "/certificates:ro" + driver_path: "/driver" } if os.environ.get("TEST_BUILD_CACHE_ENABLED") == "true": if driver_name == "java": diff --git a/main.py b/main.py index 8c7ee82fd..de8edf077 100644 --- a/main.py +++ b/main.py @@ -42,12 +42,9 @@ def initialise_configurations(settings): - def generate_config(version, enterprise, cluster, scheme, stress_test, - mtls=False): - assert (cluster - and scheme in ("neo4j", "neo4j+s", "neo4j+ssc") - or not cluster - and scheme in ("neo4j", "bolt", "neo4j+s", "neo4j+ssc")) + def generate_config(version, enterprise, cluster, scheme, stress_test): + assert (cluster and scheme == "neo4j" + or not cluster and scheme in ("neo4j", "bolt")) edition = "enterprise" if enterprise else "community" name = "%s-%s%s-%s" % (version, edition, "-cluster" if cluster else "", scheme) @@ -60,8 +57,7 @@ def generate_config(version, enterprise, cluster, scheme, stress_test, cluster=cluster, suite=version, scheme=scheme, - stress_test_duration=stress_test, - mtls=mtls + stress_test_duration=stress_test ) def generate_tc_config( @@ -93,34 +89,29 @@ def generate_tc_config( # neo4j:4.4-enterprise, ...) grouped together. Else, TestKit will download # the same image multiple times if `TEST_DOCKER_RMI` is set to `true`. configurations = [ - generate_config(version_, enterprise_, - cluster_, scheme_, stress_test_, mtls_) - for (version_, enterprise_, - cluster_, scheme_, stress_test_, mtls_) - in ( + generate_config(version_, enterprise_, cluster_, scheme_, stress_test_) + for (version_, enterprise_, cluster_, scheme_, stress_test_) in ( # not officially supported versions - ("4.2", True, False, "neo4j", 0, False), - ("4.3", True, False, "neo4j", 0, False), + ("4.2", True, False, "neo4j", 0), + ("4.3", True, False, "neo4j", 0), # official backwards-compatibility # LTS version - ("4.4", False, False, "bolt", 0, False), - ("4.4", False, False, "neo4j", 0, False), - ("4.4", True, False, "bolt", 0, False), - ("4.4", True, False, "neo4j", 0, False), - ("4.4", True, True, "neo4j", 90, False), + ("4.4", False, False, "bolt", 0), + ("4.4", False, False, "neo4j", 0), + ("4.4", True, False, "bolt", 0), + ("4.4", True, False, "neo4j", 0), + ("4.4", True, True, "neo4j", 90), # Selected 5.x versions # Oldest 5.x version (BOLT 5.0) would be 5.0. # However, that has no tag at dockerhub, so we use 5.1 # https://github.com/neo4j/docker-neo4j/issues/391 - ("5.1", True, True, "neo4j", 0, False), + ("5.1", True, True, "neo4j", 0), # Bolt 5.1 - ("5.5", True, True, "neo4j", 0, False), + ("5.5", True, True, "neo4j", 0), # Bolt 5.2 - ("5.7", True, True, "neo4j", 0, False), + ("5.7", True, True, "neo4j", 0), # Bolt 5.3 - ("5.9", True, True, "neo4j", 0, False), - # mtls - ("5.15", True, False, "neo4j+ssc", 0, True), + ("5.9", True, True, "neo4j", 0), ) ] configurations += [ @@ -426,15 +417,13 @@ def _exit(): server = neo4j.Cluster(neo4j_config.image, server_name, neo4j_artifacts_path, - neo4j_config.version, - mtls=neo4j_config.mtls) + neo4j_config.version) else: print("\n Starting neo4j standalone server (%s)\n" % server_name) server = neo4j.Standalone( neo4j_config.image, server_name, neo4j_artifacts_path, - "neo4jserver", 7687, neo4j_config.version, - neo4j_config.edition, neo4j_config.mtls + "neo4jserver", 7687, neo4j_config.version, neo4j_config.edition ) server.start(networks[0]) addresses = server.addresses() diff --git a/neo4j.py b/neo4j.py index 69e8a1a59..5e8e2a677 100644 --- a/neo4j.py +++ b/neo4j.py @@ -20,7 +20,6 @@ class Config: suite: str scheme: str stress_test_duration: int - mtls: bool username = "neo4j" @@ -31,14 +30,13 @@ class Standalone: """Single instance Neo4j server.""" def __init__(self, image, name, artifacts_path, hostname, port, version, - edition, mtls=False): + edition): self.name = name self._image = image self._artifacts_path = join(artifacts_path, name) self._container = None self._hostname = hostname self._port = port - self._mtls = mtls match = re.match(r"(\d+)\.dev", version) if match: self._version = (int(match.group(1)), float("inf")) @@ -52,8 +50,6 @@ def start(self, network): env_map = { "NEO4J_AUTH": f"{username}/{password}", } - logs_path = join(self._artifacts_path, "logs") - mount_map = {logs_path: "/logs"} if self._version < (5, 0): env_map.update({ "NEO4J_dbms_connector_bolt_advertised__address": @@ -73,40 +69,10 @@ def start(self, network): if self._edition != "community": env_map["NEO4J_ACCEPT_LICENSE_AGREEMENT"] = "yes" - - if self._mtls: - # BOLT - env_map["NEO4J_dbms_ssl_policy_bolt_enabled"] = "true" - env_map["NEO4J_dbms_ssl_policy_bolt_base__directory"] = \ - "/certificates/bolt" - env_map["NEO4J_dbms_ssl_policy_bolt_private__key"] = \ - "private.key" - env_map["NEO4J_dbms_ssl_policy_bolt_public__certificate"] = \ - "public.crt" - env_map["NEO4J_dbms_ssl_policy_bolt_client__auth"] = \ - "REQUIRE" - env_map["NEO4J_server_bolt_tls__level"] = "REQUIRED" - - # HTTPS - env_map["NEO4J_server_http_enabled"] = "false" - env_map["NEO4J_server_https_enabled"] = "true" - env_map["NEO4J_dbms_ssl_policy_https_enabled"] = "true" - env_map["NEO4J_dbms_ssl_policy_https_base__directory"] = \ - "/certificates/https" - env_map["NEO4J_dbms_ssl_policy_https_private__key"] = \ - "private.key" - env_map["NEO4J_dbms_ssl_policy_https_public__certificate"] = \ - "public.crt" - - # SHARE CERTIFICATES - certificates_path = join(os.path.curdir, - "tests", "tls", "certs", "server") - mount_map[certificates_path] = \ - "/certificates:ro" - + logs_path = join(self._artifacts_path, "logs") self._container = docker.run( self._image, self._hostname, - mount_map=mount_map, + mount_map={logs_path: "/logs"}, env_map=env_map, network=network ) @@ -122,19 +88,17 @@ def stop(self): class Cluster: """Cluster of Neo4j servers.""" - def __init__(self, image, name, artifacts_path, version, num_cores=3, - mtls=False): + def __init__(self, image, name, artifacts_path, version, num_cores=3): self.name = name self._image = image self._artifacts_path = join(artifacts_path, name) self._version = version self._num_cores = num_cores self._cores = [] - self._mtls = mtls def start(self, network): for i in range(self._num_cores): - core = Core(i, self._artifacts_path, self._version, self._mtls) + core = Core(i, self._artifacts_path, self._version) self._cores.append(core) initial_members = ",".join([c.discover for c in self._cores]) @@ -157,7 +121,7 @@ class Core: TRANSACTION_PORT = 6000 RAFT_PORT = 7000 - def __init__(self, index, artifacts_path, version, mtls): + def __init__(self, index, artifacts_path, version): self.name = "core%d" % index self.discover = "%s:%d" % (self.name, Core.DISCOVERY_PORT + index) self.transaction = "%s:%d" % (self.name, Core.TRANSACTION_PORT + index) @@ -165,7 +129,6 @@ def __init__(self, index, artifacts_path, version, mtls): self._index = index self._artifacts_path = join(artifacts_path, self.name) self._container = None - self._mtls = mtls match = re.match(r"(\d+)\.dev", version) if match: self._version = (int(match.group(1)), float("inf")) @@ -179,13 +142,9 @@ def start(self, image, initial_members, network): "NEO4J_ACCEPT_LICENSE_AGREEMENT": "yes", "NEO4J_AUTH": f"{username}/{password}", } - logs_path = join(self._artifacts_path, "logs") - os.makedirs(logs_path, exist_ok=True) - mount_map = {logs_path: "/logs"} if self._version >= (5, 3) and len(password) < 8: env_map["NEO4J_dbms_security_auth__minimum__password__length"] = \ str(len(password)) - if self._version < (5, 0): env_map.update({ "NEO4J_dbms_connector_bolt_advertised__address": @@ -230,39 +189,12 @@ def start(self, image, initial_members, network): "0.0.0.0:%d" % (Core.TRANSACTION_PORT + self._index), }) - if self._mtls: - # BOLT - env_map["NEO4J_dbms_ssl_policy_bolt_enabled"] = "true" - env_map["NEO4J_dbms_ssl_policy_bolt_base__directory"] = \ - "/certificates/bolt" - env_map["NEO4J_dbms_ssl_policy_bolt_private__key"] = \ - "private.key" - env_map["NEO4J_dbms_ssl_policy_bolt_public__certificate"] = \ - "public.crt" - env_map["NEO4J_dbms_ssl_policy_bolt_client__auth"] = \ - "REQUIRE" - env_map["NEO4J_server_bolt_tls__level"] = "REQUIRED" - - # HTTPS - env_map["NEO4J_server_http_enabled"] = "false" - env_map["NEO4J_server_https_enabled"] = "true" - env_map["NEO4J_dbms_ssl_policy_https_enabled"] = "true" - env_map["NEO4J_dbms_ssl_policy_https_base__directory"] = \ - "/certificates/https" - env_map["NEO4J_dbms_ssl_policy_https_private__key"] = \ - "private.key" - env_map["NEO4J_dbms_ssl_policy_https_public__certificate"] = \ - "public.crt" - - # SHARE CERTIFICATES - certificates_path = join(os.path.curdir, - "tests", "tls", "certs", "server") - mount_map[certificates_path] = \ - "/certificates:ro" + logs_path = join(self._artifacts_path, "logs") + os.makedirs(logs_path, exist_ok=True) self._container = docker.run( image, self.name, - env_map=env_map, network=network, mount_map=mount_map, + env_map=env_map, network=network, mount_map={logs_path: "/logs"}, log_path=self._artifacts_path, background=True ) diff --git a/runner.py b/runner.py index a66f583c9..9e3bba029 100644 --- a/runner.py +++ b/runner.py @@ -78,15 +78,8 @@ def run_neo4j_tests(self, suite, hostname, username, password, "TEST_NEO4J_SCHEME": neo4j_config.scheme, "TEST_NEO4J_VERSION": neo4j_config.version, "TEST_NEO4J_EDITION": neo4j_config.edition, - "TEST_NEO4J_CLUSTER": neo4j_config.cluster, - + "TEST_NEO4J_CLUSTER": neo4j_config.cluster }) - if neo4j_config.mtls: - self._env.update({ - "TEST_NEO4J_SSL_CLIENT_CERT": "/certificates/certificate.pem", - "TEST_NEO4J_SSL_CLIENT_KEY": "/certificates/privatekey.pem" - }) - self._container.exec( ["python3", "-m", "tests.neo4j.suites", suite, neo4j_config.name], env_map=self._env @@ -99,9 +92,7 @@ def run_neo4j_tests_env_config(self): "TEST_NEO4J_SCHEME", "TEST_NEO4J_VERSION", "TEST_NEO4J_EDITION", - "TEST_NEO4J_CLUSTER", - "TEST_NEO4J_SSL_CLIENT_CERT", - "TEST_NEO4J_SSL_CLIENT_KEY"): + "TEST_NEO4J_CLUSTER"): self._env.update({key: os.environ.get(key)}) if self._env.get("TEST_NEO4J_HOST") == "localhost": self._env.update({"TEST_NEO4J_HOST": "host.docker.internal"}) @@ -136,11 +127,6 @@ def run_selected_neo4j_tests(self, test_pattern, hostname, username, "TEST_NEO4J_EDITION": neo4j_config.edition, "TEST_NEO4J_CLUSTER": neo4j_config.cluster }) - if neo4j_config.mtls: - self._env.update({ - "TEST_NEO4J_SSL_CLIENT_CERT": "/certificates/certificate.pem", - "TEST_NEO4J_SSL_CLIENT_KEY": "/certificates/privatekey.pem" - }) self._container.exec( ["python3", "-m", "unittest", "-v", test_pattern], env_map=self._env @@ -153,9 +139,7 @@ def run_selected_neo4j_tests_env_config(self, test_pattern): "TEST_NEO4J_SCHEME", "TEST_NEO4J_VERSION", "TEST_NEO4J_EDITION", - "TEST_NEO4J_CLUSTER", - "TEST_NEO4J_SSL_CLIENT_CERT", - "TEST_NEO4J_SSL_CLIENT_KEY"): + "TEST_NEO4J_CLUSTER"): self._env.update({key: os.environ.get(key)}) if self._env.get("TEST_NEO4J_HOST") == "localhost": self._env.update({"TEST_NEO4J_HOST": "host.docker.internal"}) diff --git a/tests/tls/certs/server/bolt/private.key b/tests/tls/certs/server/bolt/private.key deleted file mode 100644 index 0d011b532..000000000 --- a/tests/tls/certs/server/bolt/private.key +++ /dev/null @@ -1,52 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQCw3YJNDdacpe26 -0hfNRr26prreh3GmtpnqqBFUWH9HebpYtV5z0PZRPUw4A210AHbYBHAiFTFF42aU -10uFMijd58NDzHEDHKpfXeAbQjl4v0iWnoW9d6lwBpoYTYwEq1/cSCOhbe5c+GQd -bHglqfwJq3cQg0O3bDvpLfBIjZjZ9DXujothVjbK1BB7ct3YaVwbHXL2Gi2y3Dyp -sBhztmYIY9HZjAm6DSHgLe7nXfGBZPK6/MYyU61OUrDbE1lmrnOl3JB+VB5KZOYm -c/n7PWD6CFvlZwIYkNWPQL1+srk+lhFOHuCf+7DAad/2MPwfCC0LJOJr50iO/qNN -Jc7PtEWrkkidmHF06hxZjwUTF0kTa6szPI5RJA836C3FBOOW3/liqrTG6/QAmCln -UcYPT7BFM02HMDFKpjWDLN1NDhL1cxh/l0lehtQcPVXAO4pyigSxJ6oYk8Ijh0QH -Bwtxbziea+Pr+gfXeqqt14vthqKXHK2OmHDPAN917XTjMC84/gtRqo6IBCPjibyw -TA4XjoqjRZKG9E1zm3rKIymALF0+rOcs76jxiuP9XF/T3E76GkjnrbHiSi+y5xoc -s/kgVpIUhtDmQY5A69HHMcHT/UmyPAsrjfjFR8NKuujBzDeRjMhaMo8WC3o9Q5+t -yUnEr98CuuSLPh3dahk5f+EWoUaJgQIDAQABAoICAGzWw3q7i1g23AbdhvwyDkuw -ksqiOxRGxo0bBB8NnrXTeRNh+U/4RbxUpnTJ1y9NodTpVkADHqFNgTETFExRQ8ja -+NTeGKW7nDS3xlO/+zINNJRL1S11V/Wyel1+Sy4McB9U3WhYCBl6WdGpkH5NDua8 -d7bXsHJNzsh+FqHvUSK/H/lACxHJRkqnGcV+OHsWyzF8e+Rq07h/w20BCusaUcvT -8a2YedvefPxCCASlURs5jg33w9fwmnPaey81xwxjSpPFGb5D8agCU4dSU4GCkg0L -29FeBHItnt5bDsHLJigXnWqfoceR0YF3JfWQy3YlR+LVveh9Ga+1j7TIEW7MFxqq -MaH2XFHiYaNEzoNo1a7Y17awQqwWTtWOZnUiSGkRDmQ8NFmxhsyrCOCu/aviW+Gw -7So3KUo7HqyzwaI+k5pwOwhS83TcfvQgflrwCwRcaqGgWGpmibfndn4Y+ADAmm+c -/CkyQDLUszFxapMdSnEUNZ05Nti/a3yuziBHfWs5k0lMwVzyOHNui14lR5H7XhX6 -Oyo73ySfwUwhkLXesVDA0kshFErfv9mn3MN/HM//VXyqr6pj+W8iTVppCF1T4e0R -IeCm6uNwKHzbWMHoPQ9QXkS4f3IOc6VLhfykQVp+8g1db/lDXpoehAmQrMUejYKb -c3uhz3sNsw8R/Th6QCfhAoIBAQDSuyFKLrHtfug5qFE2+wGGW/wmz1Bnp7jfT9PA -gAcn7c+qGufPbOkRPUF2y21Wt6vda2PCEVb8SFOFwKtdnv6R1ceD27+ln8LE/hYG -nXalBbhVcAc2q9beNV3UTkQG4YUq+oVMO1MmCw2fFQtt1WjsjJglmEMzukOKm+KH -QfejxDAmzhZKLNWrDS5vi886chS+rtx48SEMAGqE6+rNPQBVBuCTht0MlWufvXD7 -cKkp7eggta9XLmGyaKzvUCfCtvN8toxjLwa5rfmXkkHy+Kqx7/pmdbkpIoz5Zixm -wXQPl+5C3jwgD3OXLk91LU2zxv0132vN7fTJPgi6kBlUWMVFAoIBAQDW2/q5pfK9 -7cfSzj0p/nj9msfF5Z6iKEZRKplzBYGeLPrfB/PrdRa6cVXu5UlSQiRurzkf0tT6 -CmLp3IVAI5JPIPi1JFHBm25beGjZV6WiQCywFshvm9aPwMp9FPEGagNiH7xUy9ZS -1Vavi7z2zm9WAcymimGwgNfhNhCOiQWJ+IDrV0QQb7MRKCifS03VERIZPuqjHQvR -Fm/mkqU01JvRT/qUu3brZIkunBftJI1RDv3ftJQE/tWoPgg5IlkfnDSO3S/HXv8e -PzFtG33Ft8ZqmWbC9uAbFnqNbQ0mM29VX5Hiu7BFRmtKN/XAzlBlO2VZnUTHjIPi -SXGpjMs71kENAoIBAQC67U+sVBt0xnwMmSfhk2pY2sOjUYbLS9YMEO2O9oJigusQ -w2kZcEyWBDZLwEuu/qIveRE2ltcIVsfv/2aDV4QNrQqcBpPLwRmuUI0NNSSHYbmP -4B4l+uxQlBo1N2/Ugrvz0eHoKz+ooWll0e8fcIzwOA7GWnhSLEm5bGnW/UdEN8VW -xryy825dmwWz4Nrjx0prkwTzK0HbOYtDeVoA0Lm4sq8Hbjwq62hafFr6T4dfMDAW -w9NTjEsRTRUJ+5opeMwntm51lMNsdczPDOf/NWGFEZCWzpp+yK0wldeRFs1y/5xU -KHpBHjO0yVmmYZdpf3whC5y/QPNAiAyKIUS2sz/ZAoIBAAEXew2obzRR2fsTOzJU -ba70M2GpCgZO6BSPf9oaxA7WsauicbXXkXb/Dm25UocNePvq/gJQYu6mUNxZV3/8 -7khipYDeH2A5dvUWBopcLKZHZzK52ujeRNfUJfM+wP7EWSINgTp5Eqy3EsqvjhU+ -9UfdmHmcKGTqMq6dRLZEsfeCgL0xY1ImDyXeK16r1khn3sysCissAZxdXdIxGo/L -KMOGgYJx9We6ygunlWOKFQG9bsLNOxdPaCyDrC0GJKfJdmbnbs+3htpTfd/NDPWN -On/eKayB7p+UnKjNTgzMpBst8iLRy1J+yhrFcAU7xyLMi3ZKG0hcSWtD7kTrRzkV -nJ0CggEAbbQXtjMmVW2+h6+Wixg8s4Qwkqz8YSGacXzBkXTFwFJH6MX/VDRpxCBy -JePBAtFWW3a+/TYMtIhUKnQBG2TKQv8EcLSjmzQ4Iti/mpdR6ApOywt7Lg0VvLUP -1XD88IeGyIrlDKFE3gIAoU4JCGD3pU836085v7zGTrutMGJbXixTgcHCm7Fvh1LN -9XpeJEH7yH1PUsjemUSkeEtRgmJBv6FzCQd0Aieo5sr8vriYcfKAjfjib00Y5B8a -iJ9MAOEFyoy/2zBbi7R0Yr5OY3HgzgTCw7SUdLxo4JlXzVPmQz73S9OanhpMr2yn -/KMWCjm5wyl55BgI3EIad+oq+snclw== ------END PRIVATE KEY----- diff --git a/tests/tls/certs/server/bolt/public.crt b/tests/tls/certs/server/bolt/public.crt deleted file mode 100644 index c5f669d94..000000000 --- a/tests/tls/certs/server/bolt/public.crt +++ /dev/null @@ -1,29 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFBDCCAuygAwIBAgIRANwygrmTFPjKkHMJjFgR7uIwDQYJKoZIhvcNAQELBQAw -ETEPMA0GA1UEAxMGY2xpZW50MB4XDTI0MDIyNzE1MDQ0M1oXDTQ0MDIyMjE2MDQ0 -M1owETEPMA0GA1UEAxMGY2xpZW50MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC -CgKCAgEAsN2CTQ3WnKXtutIXzUa9uqa63odxpraZ6qgRVFh/R3m6WLVec9D2UT1M -OANtdAB22ARwIhUxReNmlNdLhTIo3efDQ8xxAxyqX13gG0I5eL9Ilp6FvXepcAaa -GE2MBKtf3EgjoW3uXPhkHWx4Jan8Cat3EINDt2w76S3wSI2Y2fQ17o6LYVY2ytQQ -e3Ld2GlcGx1y9hotstw8qbAYc7ZmCGPR2YwJug0h4C3u513xgWTyuvzGMlOtTlKw -2xNZZq5zpdyQflQeSmTmJnP5+z1g+ghb5WcCGJDVj0C9frK5PpYRTh7gn/uwwGnf -9jD8HwgtCyTia+dIjv6jTSXOz7RFq5JInZhxdOocWY8FExdJE2urMzyOUSQPN+gt -xQTjlt/5Yqq0xuv0AJgpZ1HGD0+wRTNNhzAxSqY1gyzdTQ4S9XMYf5dJXobUHD1V -wDuKcooEsSeqGJPCI4dEBwcLcW84nmvj6/oH13qqrdeL7YailxytjphwzwDfde10 -4zAvOP4LUaqOiAQj44m8sEwOF46Ko0WShvRNc5t6yiMpgCxdPqznLO+o8Yrj/Vxf -09xO+hpI562x4kovsucaHLP5IFaSFIbQ5kGOQOvRxzHB0/1JsjwLK434xUfDSrro -wcw3kYzIWjKPFgt6PUOfrclJxK/fArrkiz4d3WoZOX/hFqFGiYECAwEAAaNXMFUw -DgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdEwEB/wQF -MAMBAf8wHQYDVR0OBBYEFB5Uvk55eyHlw7ywklhKWgjwknU3MA0GCSqGSIb3DQEB -CwUAA4ICAQBSDO2/OIwRFzu6ob40B70vGXR+9TJKZMWwsEgtZ9+3TW3Ukxo378WG -O4Oq1C34ER2EsAZrAh3U6U7qdgtJWIVZUFtoG79h8hdEzgYNgLb3x2zM//3OAFtb -dNigq4wMA/FLN7Gyo6p+yxsfutvRqy7kjZZo+/3DNjhC8+RHqy62T8FVg9lRS6uH -bc9XLI2RI1boyYHxCn2ovqTHVYYRvF4IfhWqLkt4WTeZ4UA7n3PsFuJhf/ibJOR4 -9R7XR+tWSaEhOFVdTNwvNn5iAgWfEfP+vO3SygMIb1CqrjhAz2DjdmwntAPkACmx -VTe0p/EnpTK36NU1p+HJu+lj5qUrUqGKbHNIWOx9PCZlNUKOSiGcUSfUuCjknRhT -zWZ2XE8k8BhZ43t0bCs2gdvmI6GasL97beqOpX1Aa2LQ6+5kpkqAHz9JC0FS6vSp -76SoLTVtuTpHNOm0pBr+x/7h5ZQCIFk86MMfUQV1a0ecm9RNpd89hoGbANXdso1U -P+jBof3ttC2oeFGMSiKMCn9MmtqPNtRtga/hEyQoMmWY7EzO2KFx4IfeEzFohp0t -8xC+KKw+PWuJop6a9ZRw+i6zzl2mLpAVFyIvVFOTVunaOdshVExog3rQkI6Ny3z7 -/7ZAgmGIlvb+h5dYknJu8ZrCYWOyBevhP1dX5885LBBwUCmy8cxB2w== ------END CERTIFICATE----- diff --git a/tests/tls/certs/server/bolt/trusted/public.crt b/tests/tls/certs/server/bolt/trusted/public.crt deleted file mode 100644 index c5f669d94..000000000 --- a/tests/tls/certs/server/bolt/trusted/public.crt +++ /dev/null @@ -1,29 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFBDCCAuygAwIBAgIRANwygrmTFPjKkHMJjFgR7uIwDQYJKoZIhvcNAQELBQAw -ETEPMA0GA1UEAxMGY2xpZW50MB4XDTI0MDIyNzE1MDQ0M1oXDTQ0MDIyMjE2MDQ0 -M1owETEPMA0GA1UEAxMGY2xpZW50MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC -CgKCAgEAsN2CTQ3WnKXtutIXzUa9uqa63odxpraZ6qgRVFh/R3m6WLVec9D2UT1M -OANtdAB22ARwIhUxReNmlNdLhTIo3efDQ8xxAxyqX13gG0I5eL9Ilp6FvXepcAaa -GE2MBKtf3EgjoW3uXPhkHWx4Jan8Cat3EINDt2w76S3wSI2Y2fQ17o6LYVY2ytQQ -e3Ld2GlcGx1y9hotstw8qbAYc7ZmCGPR2YwJug0h4C3u513xgWTyuvzGMlOtTlKw -2xNZZq5zpdyQflQeSmTmJnP5+z1g+ghb5WcCGJDVj0C9frK5PpYRTh7gn/uwwGnf -9jD8HwgtCyTia+dIjv6jTSXOz7RFq5JInZhxdOocWY8FExdJE2urMzyOUSQPN+gt -xQTjlt/5Yqq0xuv0AJgpZ1HGD0+wRTNNhzAxSqY1gyzdTQ4S9XMYf5dJXobUHD1V -wDuKcooEsSeqGJPCI4dEBwcLcW84nmvj6/oH13qqrdeL7YailxytjphwzwDfde10 -4zAvOP4LUaqOiAQj44m8sEwOF46Ko0WShvRNc5t6yiMpgCxdPqznLO+o8Yrj/Vxf -09xO+hpI562x4kovsucaHLP5IFaSFIbQ5kGOQOvRxzHB0/1JsjwLK434xUfDSrro -wcw3kYzIWjKPFgt6PUOfrclJxK/fArrkiz4d3WoZOX/hFqFGiYECAwEAAaNXMFUw -DgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdEwEB/wQF -MAMBAf8wHQYDVR0OBBYEFB5Uvk55eyHlw7ywklhKWgjwknU3MA0GCSqGSIb3DQEB -CwUAA4ICAQBSDO2/OIwRFzu6ob40B70vGXR+9TJKZMWwsEgtZ9+3TW3Ukxo378WG -O4Oq1C34ER2EsAZrAh3U6U7qdgtJWIVZUFtoG79h8hdEzgYNgLb3x2zM//3OAFtb -dNigq4wMA/FLN7Gyo6p+yxsfutvRqy7kjZZo+/3DNjhC8+RHqy62T8FVg9lRS6uH -bc9XLI2RI1boyYHxCn2ovqTHVYYRvF4IfhWqLkt4WTeZ4UA7n3PsFuJhf/ibJOR4 -9R7XR+tWSaEhOFVdTNwvNn5iAgWfEfP+vO3SygMIb1CqrjhAz2DjdmwntAPkACmx -VTe0p/EnpTK36NU1p+HJu+lj5qUrUqGKbHNIWOx9PCZlNUKOSiGcUSfUuCjknRhT -zWZ2XE8k8BhZ43t0bCs2gdvmI6GasL97beqOpX1Aa2LQ6+5kpkqAHz9JC0FS6vSp -76SoLTVtuTpHNOm0pBr+x/7h5ZQCIFk86MMfUQV1a0ecm9RNpd89hoGbANXdso1U -P+jBof3ttC2oeFGMSiKMCn9MmtqPNtRtga/hEyQoMmWY7EzO2KFx4IfeEzFohp0t -8xC+KKw+PWuJop6a9ZRw+i6zzl2mLpAVFyIvVFOTVunaOdshVExog3rQkI6Ny3z7 -/7ZAgmGIlvb+h5dYknJu8ZrCYWOyBevhP1dX5885LBBwUCmy8cxB2w== ------END CERTIFICATE----- diff --git a/tests/tls/certs/server/https/private.key b/tests/tls/certs/server/https/private.key deleted file mode 100644 index 0d011b532..000000000 --- a/tests/tls/certs/server/https/private.key +++ /dev/null @@ -1,52 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQCw3YJNDdacpe26 -0hfNRr26prreh3GmtpnqqBFUWH9HebpYtV5z0PZRPUw4A210AHbYBHAiFTFF42aU -10uFMijd58NDzHEDHKpfXeAbQjl4v0iWnoW9d6lwBpoYTYwEq1/cSCOhbe5c+GQd -bHglqfwJq3cQg0O3bDvpLfBIjZjZ9DXujothVjbK1BB7ct3YaVwbHXL2Gi2y3Dyp -sBhztmYIY9HZjAm6DSHgLe7nXfGBZPK6/MYyU61OUrDbE1lmrnOl3JB+VB5KZOYm -c/n7PWD6CFvlZwIYkNWPQL1+srk+lhFOHuCf+7DAad/2MPwfCC0LJOJr50iO/qNN -Jc7PtEWrkkidmHF06hxZjwUTF0kTa6szPI5RJA836C3FBOOW3/liqrTG6/QAmCln -UcYPT7BFM02HMDFKpjWDLN1NDhL1cxh/l0lehtQcPVXAO4pyigSxJ6oYk8Ijh0QH -Bwtxbziea+Pr+gfXeqqt14vthqKXHK2OmHDPAN917XTjMC84/gtRqo6IBCPjibyw -TA4XjoqjRZKG9E1zm3rKIymALF0+rOcs76jxiuP9XF/T3E76GkjnrbHiSi+y5xoc -s/kgVpIUhtDmQY5A69HHMcHT/UmyPAsrjfjFR8NKuujBzDeRjMhaMo8WC3o9Q5+t -yUnEr98CuuSLPh3dahk5f+EWoUaJgQIDAQABAoICAGzWw3q7i1g23AbdhvwyDkuw -ksqiOxRGxo0bBB8NnrXTeRNh+U/4RbxUpnTJ1y9NodTpVkADHqFNgTETFExRQ8ja -+NTeGKW7nDS3xlO/+zINNJRL1S11V/Wyel1+Sy4McB9U3WhYCBl6WdGpkH5NDua8 -d7bXsHJNzsh+FqHvUSK/H/lACxHJRkqnGcV+OHsWyzF8e+Rq07h/w20BCusaUcvT -8a2YedvefPxCCASlURs5jg33w9fwmnPaey81xwxjSpPFGb5D8agCU4dSU4GCkg0L -29FeBHItnt5bDsHLJigXnWqfoceR0YF3JfWQy3YlR+LVveh9Ga+1j7TIEW7MFxqq -MaH2XFHiYaNEzoNo1a7Y17awQqwWTtWOZnUiSGkRDmQ8NFmxhsyrCOCu/aviW+Gw -7So3KUo7HqyzwaI+k5pwOwhS83TcfvQgflrwCwRcaqGgWGpmibfndn4Y+ADAmm+c -/CkyQDLUszFxapMdSnEUNZ05Nti/a3yuziBHfWs5k0lMwVzyOHNui14lR5H7XhX6 -Oyo73ySfwUwhkLXesVDA0kshFErfv9mn3MN/HM//VXyqr6pj+W8iTVppCF1T4e0R -IeCm6uNwKHzbWMHoPQ9QXkS4f3IOc6VLhfykQVp+8g1db/lDXpoehAmQrMUejYKb -c3uhz3sNsw8R/Th6QCfhAoIBAQDSuyFKLrHtfug5qFE2+wGGW/wmz1Bnp7jfT9PA -gAcn7c+qGufPbOkRPUF2y21Wt6vda2PCEVb8SFOFwKtdnv6R1ceD27+ln8LE/hYG -nXalBbhVcAc2q9beNV3UTkQG4YUq+oVMO1MmCw2fFQtt1WjsjJglmEMzukOKm+KH -QfejxDAmzhZKLNWrDS5vi886chS+rtx48SEMAGqE6+rNPQBVBuCTht0MlWufvXD7 -cKkp7eggta9XLmGyaKzvUCfCtvN8toxjLwa5rfmXkkHy+Kqx7/pmdbkpIoz5Zixm -wXQPl+5C3jwgD3OXLk91LU2zxv0132vN7fTJPgi6kBlUWMVFAoIBAQDW2/q5pfK9 -7cfSzj0p/nj9msfF5Z6iKEZRKplzBYGeLPrfB/PrdRa6cVXu5UlSQiRurzkf0tT6 -CmLp3IVAI5JPIPi1JFHBm25beGjZV6WiQCywFshvm9aPwMp9FPEGagNiH7xUy9ZS -1Vavi7z2zm9WAcymimGwgNfhNhCOiQWJ+IDrV0QQb7MRKCifS03VERIZPuqjHQvR -Fm/mkqU01JvRT/qUu3brZIkunBftJI1RDv3ftJQE/tWoPgg5IlkfnDSO3S/HXv8e -PzFtG33Ft8ZqmWbC9uAbFnqNbQ0mM29VX5Hiu7BFRmtKN/XAzlBlO2VZnUTHjIPi -SXGpjMs71kENAoIBAQC67U+sVBt0xnwMmSfhk2pY2sOjUYbLS9YMEO2O9oJigusQ -w2kZcEyWBDZLwEuu/qIveRE2ltcIVsfv/2aDV4QNrQqcBpPLwRmuUI0NNSSHYbmP -4B4l+uxQlBo1N2/Ugrvz0eHoKz+ooWll0e8fcIzwOA7GWnhSLEm5bGnW/UdEN8VW -xryy825dmwWz4Nrjx0prkwTzK0HbOYtDeVoA0Lm4sq8Hbjwq62hafFr6T4dfMDAW -w9NTjEsRTRUJ+5opeMwntm51lMNsdczPDOf/NWGFEZCWzpp+yK0wldeRFs1y/5xU -KHpBHjO0yVmmYZdpf3whC5y/QPNAiAyKIUS2sz/ZAoIBAAEXew2obzRR2fsTOzJU -ba70M2GpCgZO6BSPf9oaxA7WsauicbXXkXb/Dm25UocNePvq/gJQYu6mUNxZV3/8 -7khipYDeH2A5dvUWBopcLKZHZzK52ujeRNfUJfM+wP7EWSINgTp5Eqy3EsqvjhU+ -9UfdmHmcKGTqMq6dRLZEsfeCgL0xY1ImDyXeK16r1khn3sysCissAZxdXdIxGo/L -KMOGgYJx9We6ygunlWOKFQG9bsLNOxdPaCyDrC0GJKfJdmbnbs+3htpTfd/NDPWN -On/eKayB7p+UnKjNTgzMpBst8iLRy1J+yhrFcAU7xyLMi3ZKG0hcSWtD7kTrRzkV -nJ0CggEAbbQXtjMmVW2+h6+Wixg8s4Qwkqz8YSGacXzBkXTFwFJH6MX/VDRpxCBy -JePBAtFWW3a+/TYMtIhUKnQBG2TKQv8EcLSjmzQ4Iti/mpdR6ApOywt7Lg0VvLUP -1XD88IeGyIrlDKFE3gIAoU4JCGD3pU836085v7zGTrutMGJbXixTgcHCm7Fvh1LN -9XpeJEH7yH1PUsjemUSkeEtRgmJBv6FzCQd0Aieo5sr8vriYcfKAjfjib00Y5B8a -iJ9MAOEFyoy/2zBbi7R0Yr5OY3HgzgTCw7SUdLxo4JlXzVPmQz73S9OanhpMr2yn -/KMWCjm5wyl55BgI3EIad+oq+snclw== ------END PRIVATE KEY----- diff --git a/tests/tls/certs/server/https/public.crt b/tests/tls/certs/server/https/public.crt deleted file mode 100644 index c5f669d94..000000000 --- a/tests/tls/certs/server/https/public.crt +++ /dev/null @@ -1,29 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFBDCCAuygAwIBAgIRANwygrmTFPjKkHMJjFgR7uIwDQYJKoZIhvcNAQELBQAw -ETEPMA0GA1UEAxMGY2xpZW50MB4XDTI0MDIyNzE1MDQ0M1oXDTQ0MDIyMjE2MDQ0 -M1owETEPMA0GA1UEAxMGY2xpZW50MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC -CgKCAgEAsN2CTQ3WnKXtutIXzUa9uqa63odxpraZ6qgRVFh/R3m6WLVec9D2UT1M -OANtdAB22ARwIhUxReNmlNdLhTIo3efDQ8xxAxyqX13gG0I5eL9Ilp6FvXepcAaa -GE2MBKtf3EgjoW3uXPhkHWx4Jan8Cat3EINDt2w76S3wSI2Y2fQ17o6LYVY2ytQQ -e3Ld2GlcGx1y9hotstw8qbAYc7ZmCGPR2YwJug0h4C3u513xgWTyuvzGMlOtTlKw -2xNZZq5zpdyQflQeSmTmJnP5+z1g+ghb5WcCGJDVj0C9frK5PpYRTh7gn/uwwGnf -9jD8HwgtCyTia+dIjv6jTSXOz7RFq5JInZhxdOocWY8FExdJE2urMzyOUSQPN+gt -xQTjlt/5Yqq0xuv0AJgpZ1HGD0+wRTNNhzAxSqY1gyzdTQ4S9XMYf5dJXobUHD1V -wDuKcooEsSeqGJPCI4dEBwcLcW84nmvj6/oH13qqrdeL7YailxytjphwzwDfde10 -4zAvOP4LUaqOiAQj44m8sEwOF46Ko0WShvRNc5t6yiMpgCxdPqznLO+o8Yrj/Vxf -09xO+hpI562x4kovsucaHLP5IFaSFIbQ5kGOQOvRxzHB0/1JsjwLK434xUfDSrro -wcw3kYzIWjKPFgt6PUOfrclJxK/fArrkiz4d3WoZOX/hFqFGiYECAwEAAaNXMFUw -DgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdEwEB/wQF -MAMBAf8wHQYDVR0OBBYEFB5Uvk55eyHlw7ywklhKWgjwknU3MA0GCSqGSIb3DQEB -CwUAA4ICAQBSDO2/OIwRFzu6ob40B70vGXR+9TJKZMWwsEgtZ9+3TW3Ukxo378WG -O4Oq1C34ER2EsAZrAh3U6U7qdgtJWIVZUFtoG79h8hdEzgYNgLb3x2zM//3OAFtb -dNigq4wMA/FLN7Gyo6p+yxsfutvRqy7kjZZo+/3DNjhC8+RHqy62T8FVg9lRS6uH -bc9XLI2RI1boyYHxCn2ovqTHVYYRvF4IfhWqLkt4WTeZ4UA7n3PsFuJhf/ibJOR4 -9R7XR+tWSaEhOFVdTNwvNn5iAgWfEfP+vO3SygMIb1CqrjhAz2DjdmwntAPkACmx -VTe0p/EnpTK36NU1p+HJu+lj5qUrUqGKbHNIWOx9PCZlNUKOSiGcUSfUuCjknRhT -zWZ2XE8k8BhZ43t0bCs2gdvmI6GasL97beqOpX1Aa2LQ6+5kpkqAHz9JC0FS6vSp -76SoLTVtuTpHNOm0pBr+x/7h5ZQCIFk86MMfUQV1a0ecm9RNpd89hoGbANXdso1U -P+jBof3ttC2oeFGMSiKMCn9MmtqPNtRtga/hEyQoMmWY7EzO2KFx4IfeEzFohp0t -8xC+KKw+PWuJop6a9ZRw+i6zzl2mLpAVFyIvVFOTVunaOdshVExog3rQkI6Ny3z7 -/7ZAgmGIlvb+h5dYknJu8ZrCYWOyBevhP1dX5885LBBwUCmy8cxB2w== ------END CERTIFICATE----- diff --git a/tests/tls/certs/server/https/trusted/client.pem b/tests/tls/certs/server/https/trusted/client.pem deleted file mode 100644 index 4fa535f0c..000000000 --- a/tests/tls/certs/server/https/trusted/client.pem +++ /dev/null @@ -1,29 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFAzCCAuugAwIBAgIQI+SZhRo+8CR3WCsmtLSFDjANBgkqhkiG9w0BAQsFADAR -MQ8wDQYDVQQDEwZjbGllbnQwHhcNMjQwMjI3MTUwNDQzWhcNNDQwMjIyMTYwNDQz -WjARMQ8wDQYDVQQDEwZjbGllbnQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQCqYTaHYssFQF6BSxisJ756f2a8BfC2EkYoiGYuLM9vQB+0F6qV0vQP1RrA -o7ZAhK+UFmm8BnFZLg6dlrFki0gGgehK5hpd5v7tnYINyBpO1KDh0fz8xmT4oPya -3IYw/l30N30SOgd2E+H61/lTcOFsrtQUVvG6YcxzXPxtdU7JfgFJag0mR42zIZUD -9LOqoOGj9L0byW0pJmEOkEljt5efBLKAnMX6S4XzzU6VJlkqvwO6WS2AnpMWxOzy -SOl+qQuBQKZ2Nnuk+yc2g5MqtC8C1E6jBHxFNtZcOS+KwawxfwCSvzMtZCMHs0Ky -4eo/0imljFUYJIGanjD6pi7ps3WfA5kP060Xl0v2cYCabpgcorfiYG93e4+Tb5cX -HhsuDvBn34fsFj7AjMy58b+2MVlqrI+k0vAJGOuL4iwO8mrQrNWw3KeF/32pyTBG -r2MEaqUO10m/7LVrld2PzVDlKVxOcw1Yy3hM2JKurQ5DOvQdSOEim7kXWf0fuxCe -xz06suceA9/j5iD5fxR7/0IrlQqVnQQM3/SwpvIjkotB2e7stdyDUtWT2RBPmB3G -DlJSOjmPnXC78Vr16LLUrMCRSdVwdpDa8CyTwT5uY9FLBcLMxrL0M6Uj/v4F71dm -r3u9JTGbcNTIwg+IMeRvu42kBHx+Z5VuTlSy4FkuZJntBbphjwIDAQABo1cwVTAO -BgNVHQ8BAf8EBAMCAgQwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0TAQH/BAUw -AwEB/zAdBgNVHQ4EFgQUyFYPImfvvjeQ9Zj6d0S5R2cKQXMwDQYJKoZIhvcNAQEL -BQADggIBAKZGfCV4jRX/3MdFSworqZEAt1lFUnG4F7XFHo1k8fhnVgQCOpiDTg53 -bvMy8EPjdJo77rsmIxFHfvFm/I0AcVhqcQav35ilRyR26NextBFpcAd+dTh1VkPL -8mSc+aBWXkbiH2ExJW84Hbf6NTPf5cfMZfRnsdYRfa1Jj4bh0gOgc3O1UU1WdEnT -DSge0sKhru8XTfR+/A+QH6b2FPwnPBhB9k5BdKZ2StR1w8TMZQPFjpAm0OSsSOBb -v3q/clqLxcqwBh01RCblYOdjtW/OmnS3ZRTp/hq+dO+izS7nPc2LKzWdbuHS1Ac4 -pekqRFTK7/7XJXXXH5rUl8DkCoerQQuKCz475ogciVDJMKsDLaHVyGESoaZrs0kT -HDwyFKUikXqf3dgTGr41sCXdZ4UyLNHFv+vaPpqjucy8kZ0QiXUyxxRAwR90daHa -XDUH68MpnNFkXRVigGSbdAOelbNbjTwl3fHQ6iRMSwFg5fh42qw07MV4eVJla3OM -2Lfops2/pP+0782rx1oUUQusykeOVDmW/8EXE7LtbVyiz9fq1tvJrCzYOgy2D8zA -lC0IAGiKzTBPHrM+1pBkR88K1xyej8JU7S4TZjFisO3uPmP+IaQx1UClhVmiejWG -XAFlo3YO3LDdWBFw/+AyXXu/S/mpHrJYs0PTWDf3iNsFRQn5Iy1w ------END CERTIFICATE----- diff --git a/tests/tls/certs/server/https/trusted/public.crt b/tests/tls/certs/server/https/trusted/public.crt deleted file mode 100644 index c5f669d94..000000000 --- a/tests/tls/certs/server/https/trusted/public.crt +++ /dev/null @@ -1,29 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFBDCCAuygAwIBAgIRANwygrmTFPjKkHMJjFgR7uIwDQYJKoZIhvcNAQELBQAw -ETEPMA0GA1UEAxMGY2xpZW50MB4XDTI0MDIyNzE1MDQ0M1oXDTQ0MDIyMjE2MDQ0 -M1owETEPMA0GA1UEAxMGY2xpZW50MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC -CgKCAgEAsN2CTQ3WnKXtutIXzUa9uqa63odxpraZ6qgRVFh/R3m6WLVec9D2UT1M -OANtdAB22ARwIhUxReNmlNdLhTIo3efDQ8xxAxyqX13gG0I5eL9Ilp6FvXepcAaa -GE2MBKtf3EgjoW3uXPhkHWx4Jan8Cat3EINDt2w76S3wSI2Y2fQ17o6LYVY2ytQQ -e3Ld2GlcGx1y9hotstw8qbAYc7ZmCGPR2YwJug0h4C3u513xgWTyuvzGMlOtTlKw -2xNZZq5zpdyQflQeSmTmJnP5+z1g+ghb5WcCGJDVj0C9frK5PpYRTh7gn/uwwGnf -9jD8HwgtCyTia+dIjv6jTSXOz7RFq5JInZhxdOocWY8FExdJE2urMzyOUSQPN+gt -xQTjlt/5Yqq0xuv0AJgpZ1HGD0+wRTNNhzAxSqY1gyzdTQ4S9XMYf5dJXobUHD1V -wDuKcooEsSeqGJPCI4dEBwcLcW84nmvj6/oH13qqrdeL7YailxytjphwzwDfde10 -4zAvOP4LUaqOiAQj44m8sEwOF46Ko0WShvRNc5t6yiMpgCxdPqznLO+o8Yrj/Vxf -09xO+hpI562x4kovsucaHLP5IFaSFIbQ5kGOQOvRxzHB0/1JsjwLK434xUfDSrro -wcw3kYzIWjKPFgt6PUOfrclJxK/fArrkiz4d3WoZOX/hFqFGiYECAwEAAaNXMFUw -DgYDVR0PAQH/BAQDAgIEMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdEwEB/wQF -MAMBAf8wHQYDVR0OBBYEFB5Uvk55eyHlw7ywklhKWgjwknU3MA0GCSqGSIb3DQEB -CwUAA4ICAQBSDO2/OIwRFzu6ob40B70vGXR+9TJKZMWwsEgtZ9+3TW3Ukxo378WG -O4Oq1C34ER2EsAZrAh3U6U7qdgtJWIVZUFtoG79h8hdEzgYNgLb3x2zM//3OAFtb -dNigq4wMA/FLN7Gyo6p+yxsfutvRqy7kjZZo+/3DNjhC8+RHqy62T8FVg9lRS6uH -bc9XLI2RI1boyYHxCn2ovqTHVYYRvF4IfhWqLkt4WTeZ4UA7n3PsFuJhf/ibJOR4 -9R7XR+tWSaEhOFVdTNwvNn5iAgWfEfP+vO3SygMIb1CqrjhAz2DjdmwntAPkACmx -VTe0p/EnpTK36NU1p+HJu+lj5qUrUqGKbHNIWOx9PCZlNUKOSiGcUSfUuCjknRhT -zWZ2XE8k8BhZ43t0bCs2gdvmI6GasL97beqOpX1Aa2LQ6+5kpkqAHz9JC0FS6vSp -76SoLTVtuTpHNOm0pBr+x/7h5ZQCIFk86MMfUQV1a0ecm9RNpd89hoGbANXdso1U -P+jBof3ttC2oeFGMSiKMCn9MmtqPNtRtga/hEyQoMmWY7EzO2KFx4IfeEzFohp0t -8xC+KKw+PWuJop6a9ZRw+i6zzl2mLpAVFyIvVFOTVunaOdshVExog3rQkI6Ny3z7 -/7ZAgmGIlvb+h5dYknJu8ZrCYWOyBevhP1dX5885LBBwUCmy8cxB2w== ------END CERTIFICATE----- From 35be079e0c81a471cc0b60c0e3c2a5cdd76fd262 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antonio=20Barc=C3=A9los?= Date: Thu, 29 Feb 2024 16:57:04 +0100 Subject: [PATCH 11/18] Protect feature behind feature flag --- nutkit/protocol/feature.py | 2 ++ tests/tls/test_client_certificate.py | 3 ++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/nutkit/protocol/feature.py b/nutkit/protocol/feature.py index c0ff0def2..5671c0a80 100644 --- a/nutkit/protocol/feature.py +++ b/nutkit/protocol/feature.py @@ -67,6 +67,8 @@ class Feature(Enum): # The session supports notification filters configuration. API_SESSION_NOTIFICATIONS_CONFIG = \ "Feature:API:Session:NotificationsConfig" + # The driver implements configuration for client certificates. + API_SSL_CLIENT_CERTIFICATE = "Feature:API:SSLClientCertificate" # The driver implements explicit configuration options for SSL. # - enable / disable SSL # - verify signature against system store / custom cert / not at all diff --git a/tests/tls/test_client_certificate.py b/tests/tls/test_client_certificate.py index 2750acc51..f5134d884 100644 --- a/tests/tls/test_client_certificate.py +++ b/tests/tls/test_client_certificate.py @@ -35,7 +35,8 @@ def tearDown(self): "certs", "driver", "privatekey.pem") - required_features = types.Feature.API_SSL_SCHEMES, + required_features = types.Feature.API_SSL_SCHEMES, \ + types.Feature.API_SSL_CLIENT_CERTIFICATE extra_driver_configs = { }, From 82a1ea63a16a2c8826b9b50aaedb9e0537aac6a5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antonio=20Barc=C3=A9los?= Date: Thu, 29 Feb 2024 17:53:13 +0100 Subject: [PATCH 12/18] Add tests for certificates with password --- certgen/main.go | 33 ++++++ tests/tls/certs/driver/certificate.pem | 54 +++++----- tests/tls/certs/driver/privatekey.pem | 100 +++++++++--------- .../driver/privatekey_with_thepassword.pem | 55 ++++++++++ .../tls/certs/server/bolt/trusted/client.pem | 54 +++++----- tests/tls/test_client_certificate.py | 68 +++++++----- 6 files changed, 232 insertions(+), 132 deletions(-) create mode 100644 tests/tls/certs/driver/privatekey_with_thepassword.pem diff --git a/certgen/main.go b/certgen/main.go index 82573954d..417a48009 100644 --- a/certgen/main.go +++ b/certgen/main.go @@ -55,6 +55,38 @@ func writeKey(path string, keyx interface{}) { } } +func writeKeyEncrypted(password, path string, keyx interface{}) { + file := createFile(path) + defer file.Close() + + switch key := keyx.(type) { + case *rsa.PrivateKey: + m, err := x509.MarshalPKCS8PrivateKey(key) + if err != nil { + panic(err) + } + + block := &pem.Block{ + Type: "RSA PRIVATE KEY", + Bytes: m, + } + + block, err = x509.EncryptPEMBlock(rand.Reader, block.Type, block.Bytes, + []byte(password), x509.PEMCipherAES256) + if err != nil { + panic(err) + } + + err = pem.Encode(file, block) + if err != nil { + panic(err) + } + default: + panic("Unknown key type") + } + +} + func writeCert(path string, der []byte) { file := createFile(path) defer file.Close() @@ -216,6 +248,7 @@ func main() { clientKey, clientDer := generateRsa4096Sha512(anHourAgo, tenYearsFromNow, "client") writeCert(path.Join(basePath, "driver", "certificate.pem"), clientDer) writeKey(path.Join(basePath, "driver", "privatekey.pem"), clientKey) + writeKeyEncrypted("thepassword", path.Join(basePath, "driver", "privatekey_with_thepassword.pem"), clientKey) // Copy to writeCert(path.Join(basePath, "server", "bolt", "trusted", "client.pem"), clientDer) } diff --git a/tests/tls/certs/driver/certificate.pem b/tests/tls/certs/driver/certificate.pem index e0d16dc23..b533f7353 100644 --- a/tests/tls/certs/driver/certificate.pem +++ b/tests/tls/certs/driver/certificate.pem @@ -1,29 +1,29 @@ -----BEGIN CERTIFICATE----- -MIIFBDCCAuygAwIBAgIRALttVMpNPme8IgSVUSZ9JLQwDQYJKoZIhvcNAQELBQAw -ETEPMA0GA1UEAxMGY2xpZW50MB4XDTI0MDIyOTE0MDE0MFoXDTQ0MDIyNDE1MDE0 -MFowETEPMA0GA1UEAxMGY2xpZW50MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC -CgKCAgEA4ctwlOv4zq6pbJkDNgXYJSmhZ+UgyCEe9eJfTcId92KgKxSjxS1jeBNX -7n0WUXAT1M3y+k4pNIlb59619lTABFvJKas/8dEHAlDvHBvnZXI6tqz15+358pMs -AyD3ppYCCHmW88XdZA+5mEfdP0qtm6LCRBmPYY8zPRYclK21DDT37IpX6YSIwOs4 -rdRnsStiA18ZNh6CTUgaJ3EtwKm0ug+TN7O81e4YMlfROLM5yJGxozXqNXk4ram9 -WyzICY7tFkZ3YrtCYMtgZkMvpbNsLJ7NEUM5oF9DxwEsEAVY9xbe84tKEE5RBIsW -CE5CRr1dEBoOxZvlNrByV2oobGIQ3Fqjb0IgjDeGJYU2S2CtNpeIqV1KvnbZfo/1 -edZvsxOo3xhm1eSWCKs1nOlaDLgPOA+D1H6hGMseUQN69SLD5sTvG2oPoJWl6HFB -kH8o29lpKIFmFBhRUyaPx5FNGBkUqbIxNTzU5czilsXnlVEEFE0cbU4/Q+UhD5TG -uLptLX0FuR20ahhg5grCy942VZRYKpuv1ZgqBzbNqewNWWC732nKFNR3ei3FCcgK -ff3FI8fxY8L0WULxYjZS2x/IJdhsf2b03JPcSiZM/mTBBXVlC+W/O8tW4ubDm1uo -byoAIUh+A3mSFwrao5x+w0kGs/htXJlTMFG7xaU92gLouSTDbo8CAwEAAaNXMFUw -DgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMCMA8GA1UdEwEB/wQF -MAMBAf8wHQYDVR0OBBYEFDPPCDNf39oOvio9EolwBdZXpWohMA0GCSqGSIb3DQEB -CwUAA4ICAQBCUA7dNtoBTGy/P2Zwz6kdbi/s0t0wu4ZuQfSZkmFpXYxF2ieCjfyb -CQje/+fgGStTksuf/jaDPFHJYdjN+lM/p0HqYTXEzU/R4+o8owQCJ4hzocjx2C4N -uaSL9OyMG9sRpA5jhF0Ks1Hmqfzxv5q2Vm9RleS+EovxBcQzp1BPZiZgh9C5/EUx -btnsml/RNe93pqcSwdfSlXKItVpP+mok63V3oQXggwdFrtwMJgsxVY3cr+TSppy4 -6qZo+Q7L1CtmaQbOhPr6+o/FLgg5P/DxQze0E0YTFSQbgWX4EoUfbwotjej6UstG -44z9wX+MKI15UOAxX8lzP9GRLGdaAPsW15qUT4AcoqZ09+jmPYta6k0KEkw+dy4S -YQnqs8qJVNrXOvR7ISkoszlSeZpgxPaoTTVNpgyCMKaRZ5nmo8as1bXyo4syou6T -pFx0EJHEONK+nZ4qYsP02XsR68duqDoNicXlhbmTgs0Rlh8KWZlYIM1fUcAtCvs5 -ECimE6fSrcgFqM1aLlgH4ukSK83ncuffm39tYH+patp2ZM6SmTXc7vgRIq4JvdAg -w2/rdhsTsTszl9GSgDlK4Yxl6bYXKnfwO1tcfavczySVOT4R57Y+y8q6vY0uK0OL -RIijQiqM/6dMRZUff7kCwTYBSMHoGaSyDUD/DQWV7rziCI6yd+zxFg== +MIIFAzCCAuugAwIBAgIQWrpn/AQGRfZhiNdZ4CZz6DANBgkqhkiG9w0BAQsFADAR +MQ8wDQYDVQQDEwZjbGllbnQwHhcNMjQwMjI5MTUzODQ1WhcNNDQwMjI0MTYzODQ1 +WjARMQ8wDQYDVQQDEwZjbGllbnQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK +AoICAQDZLemMsMZR6zKIMKKXjNk0v12pHrQtSyftqminn1vbv9zVmqJxncoMOrke +MxKfiguWbn/M+6BtaIyY3t5Q5MyucfCU0BIm/ngmfVozl4zddmnm3tc4rImgaWe6 +yTXQzH3v4vRzYJaA9DXYH2QQv7UcP13L/tP9q4PU92cB/Wz057eSSk9odjNTGmpD +77zPkgDThotW3JMRBtRBFLWFty+Tnykf81YRCwArZQ3gmxOGAbINRq42v02paCTY +yOxa3rZ4564KsawaX2+6/55vPyST28Hm9b/9cqVEV0PiVXFOkbX5BLabyglaEFx2 +ywRsDvPv1EXKU18T6fLYOpYvkjyoNRQGqyB//MLcm8/QiSM6paVIt+qJcsvuiNTb +UlZEZ548yk46vi5xip0hVKbkie0mtXAooXhEg4no4eBYf1wgFtzh+q3Q7WyepqkU +pbCGGcidMqnStVKlh2qcqUgiACoDLbktMboQ6+j2EHCvr/Uw6NoQQvgOYA3EVwjF +iZvu0q5sU2qDNbKgNoCgsJ0m1oMury5lvL2AkqrBd2HDqe3SQcKJADLFyQKPd4eR +P6LpB3ndGE58J3cOjmtoJK8R45Z7osCRS5SP1YIIoUh09DoDW3LUPpZTycZ9BZFa +NGO3CVwyC+V/S0GX8r0nBR3ImY7fccYSr9pxFUZbZhSCWAVPKwIDAQABo1cwVTAO +BgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0TAQH/BAUw +AwEB/zAdBgNVHQ4EFgQUeQTx5ArwU6EZmhYDQvW8kUtE5oAwDQYJKoZIhvcNAQEL +BQADggIBALlet9phM89XGDU5tVdMsnKAcGC1NUjhMbXl+6441NZonC9FnAAs92JA +PpJNCKVgGTIkGbq8dAUpTH2S9pS6pkThq6GL7GObfVhFytAWUH2zXeyooACVqDUa +VBvGedZV3QclDrK65lPAcgoZtXl/KCyCtBo6ufupTX7PWl1EqT7/M2aGRnivO9M0 +cFP1d4bZ1Z92EHYLRSxjiSwiFCvxFOYDGFpBlOaAHw8FpG0Ps3ro99cdaWmlkex+ +rc1F+Amk5/sZxaQfeKtYhKOVYTKKZM/z3TEbrghd4NBugxRMPHw9xfS9DPyzf+OY +vAwFLObIOiytcCHFYpV3rVjH7HjZf/YyK9MrDaSsahMAKZuSv9lZ/VQMDLtCcwhn +ntYUt42Fc19w4R+dmQT3zucePuwr/bk2mjiHjvvpxi0PJh2qVOQG7m841FLtF8YR +zJ2iHUNXFK6Nafa33gMZfAv9/EKHeeFfpN5Xl1IyQsx1ty0faiE4RNIt9VXqYo+y +Zgmqvn1gbHBaYvZ+VmOWvXgDfufkB/FFly0jAD9r/47DUVS/ndLqwQFTEjzdqDHA +TT3QNJ59oJES9fthbDEg3FZhtdMlOpZyHucDP1OCeZGmBJ3UwGyVZ/aIB9bjZBT4 +kmXPQxQunxqs5ZwlwzspEI9jFQKTMfh5cccao36XkyqjVQo4+iXR -----END CERTIFICATE----- diff --git a/tests/tls/certs/driver/privatekey.pem b/tests/tls/certs/driver/privatekey.pem index 11a293d97..844f2350a 100644 --- a/tests/tls/certs/driver/privatekey.pem +++ b/tests/tls/certs/driver/privatekey.pem @@ -1,52 +1,52 @@ -----BEGIN PRIVATE KEY----- -MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDhy3CU6/jOrqls -mQM2BdglKaFn5SDIIR714l9Nwh33YqArFKPFLWN4E1fufRZRcBPUzfL6Tik0iVvn -3rX2VMAEW8kpqz/x0QcCUO8cG+dlcjq2rPXn7fnykywDIPemlgIIeZbzxd1kD7mY -R90/Sq2bosJEGY9hjzM9FhyUrbUMNPfsilfphIjA6zit1GexK2IDXxk2HoJNSBon -cS3AqbS6D5M3s7zV7hgyV9E4sznIkbGjNeo1eTitqb1bLMgJju0WRndiu0Jgy2Bm -Qy+ls2wsns0RQzmgX0PHASwQBVj3Ft7zi0oQTlEEixYITkJGvV0QGg7Fm+U2sHJX -aihsYhDcWqNvQiCMN4YlhTZLYK02l4ipXUq+dtl+j/V51m+zE6jfGGbV5JYIqzWc -6VoMuA84D4PUfqEYyx5RA3r1IsPmxO8bag+glaXocUGQfyjb2WkogWYUGFFTJo/H -kU0YGRSpsjE1PNTlzOKWxeeVUQQUTRxtTj9D5SEPlMa4um0tfQW5HbRqGGDmCsLL -3jZVlFgqm6/VmCoHNs2p7A1ZYLvfacoU1Hd6LcUJyAp9/cUjx/FjwvRZQvFiNlLb -H8gl2Gx/ZvTck9xKJkz+ZMEFdWUL5b87y1bi5sObW6hvKgAhSH4DeZIXCtqjnH7D -SQaz+G1cmVMwUbvFpT3aAui5JMNujwIDAQABAoICAQDU4pjM8Abv52G6EDIk1zHJ -KA0UBcX4qrGkJsCwcZsLSaO1uooGOBsWdTZsludZ9Q/djifOs67J59ANN7/b9l/s -PBXYAawSdH/lQSWQHQb4cNDGtyBKgectPHE8qfKUz84u62TVhfKMiv7zgp4pNGGm -4bfDuU2kL/2hVJ2x2G1givhNvsnQU7MUITKZQjBZrIuGnj0I947nCloOYfk/M0JA -QrsMw5wBH7EUlhOfH+wVHLidJxIhRJ+ZrPXpZrlbubPzUpDxN5kH5fiHskTUN+x/ -zWGPKxDEEc23bXV7zW7p2Fhwyx0TbqOYYwJs5kw6ogOCUO8ohSmBfK7xmBdwyK0X -L7vdaj20AvTI8KqT+d9+CtLWKHE6+/3qgpwizVvLznSrQ/1BZYsPtGf0ZQoexQgM -EqKmIZF5q0q6sDN6tHANrtWu5XyJS4K7YUoXojh/Q/Sp1/7m0uqBxOS/9A3NKdO+ -aqVYzGrnmqUZicYRQY6my42jiX0E1f52mHr7TSAGKBcXsorFhjDnGIc9w7PFL1pQ -+SoORP2mcvd3sfyLPkptfTVI69vh/LvoP98+Ie6j12mxInVA9Rh5Nr+a/CJICGYU -ZmHj/Y3u7zTBbDYqfOpe8AKnb0Q74mjR90PO5MPjmFmMKWG5GtzhEWYl83W5EDZY -F4x8mPPHSCxrQIOxo5Zn4QKCAQEA7MuFDb/XV5WYVlZNGWMr4MefTlVst1hEDsor -Doo3tgUGZ34+xv496W05+6bTFwSEylvYECv0xrZa0GW7GHd8S6lASlcFClpxJeXy -wsUVqirFgZoVIhctGCZNYmjqy08fR+/UUyssg1n9P5EV7cuLhe54fliqeml81Nl5 -zg5ayeCjB9QI2BfqkQBWIHpnNCC3COJoM7LYMpPkP4INPrjGEx6w//iv2STAuRPW -natqQsyPF7EqYBxw6XAxcmDBzrSDZNlPgGVQEoYV+7YxQIzhrJdANJYnMx+50KhZ -DhM1YcM12x3gBecy3Syttn+Pe13226PNGe+DG88mPKmKw7L/WQKCAQEA9BuGYZLv -nuYFL2QFlcC3VmhXKfLglm09hL8AjbeOKnzeoSVr29LzJ3A8Omk0teth5cNlxau1 -QNoNtBSo1Zy1QJtNu5onH7DkkEA+RSS8Q6C8UiqLq1s/uI6pc8RDFM8cMxqX7wI+ -kk7JX6BwUzADwou3trvGdMEmSeR/HZOEfIz4ahHlxGfZ4tFsaDTjbvns82oak5bQ -a2NqXxN7rvokgGDwRFaP0/OD9yjXxzF9gODh1+PSC/ursRgvHCjJ0mzElJSRhyoQ -HzaPlDkYhWYKaUaC3DvCyr9MW++hI8LLFlQrSBJP8Qw3W0CWLtr6vCc4Ap+RmQaa -AWRY0mxqHenIJwKCAQBEDND1/JXUM8eNuEt76kYn2PZtOpt9rT4RygPJr+sGwjbu -8xbzdQkx1hP9wBmV2dSXmwFi1F8J5EoA7dtw0pXD4KX7NzrZmNg/fe/gDWeGebg8 -4J0GKQbqk8dVarVfLCPfNoscQ6INNYVUCUv2BLLaEIhMNwr3Fu2q9bzNfM6WiZoQ -m9zWzTi55xDZUJPsJSK0yOwNP25mSp4jqipIRi2WPRG83ikbDDbeeVcKBMMK42KT -+nQlHsdMLtPm/Ot1jebcyp7QVU1HpYUXy2ooFNSeFvF6q1Qkmw95aYf+RYLnz4Pg -rps81w6FBVv+wHXpjD1vLYm51F0nVsa0VDzutLgxAoIBAQCSyLpVkfVkpwwXIx34 -npmf673+C33g9m83k2LR1L437j4wyD/DP2XXITYWKYz4l0GW15gq9MVY6cWzs3iS -eljDMJ/dXySHeeb2lqrbCOvr/os/HTY/I+99GsvqQOnVaXSbhjI2FjNp5tZQGjlw -zD52jW07BE6hhkNvy2ZkcoAIJPx7S6fOImRyb1uwjZz07nP9KqAwf090Q6OC6ERH -Q0MPrzrK3QI/gP6pcHXP4YKGLLOhDe0QJ5VmOBSb6irxzVWnwm5/yFtJaZWMm4iT -Lni0NSIbLBRFtiJEZiOPTWKxWotsGxbW63Gd/YhRRHvhB/Q2H519VurkS2LdpTNq -KVmhAoIBADcqZwL927PgYKwTc6qc6mXGsLdG2BD+vagg1ZOQNXrJlxOQF5sWYWdH -9qoF30OEfTirONcZU5AMcl4zJuVNkN/TCgwmcujzeHRFJ1Y+3d1LeU0FRVT0I8ba -F+OrEVzBHIrUtsuhwikvXgjAKzeuZ6P4QIJqDuOO1td9Fx55R7Fzsmc1D/if8eG2 -TUTFRCKKbKoZCmH/z0TnXgSgYP+WqfDdp8l48f3dbTpnFQ780SoZ7d9T2+9+CmxA -i+PGItBCZL5ocXZcrFrFKZBFOXs9az/rhrOaNArn0BqZkg9VeBuHuglJjuGUJf9o -oPcafMzsR0YEUSxA5+zLK1/Oi1wY7So= +MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDZLemMsMZR6zKI +MKKXjNk0v12pHrQtSyftqminn1vbv9zVmqJxncoMOrkeMxKfiguWbn/M+6BtaIyY +3t5Q5MyucfCU0BIm/ngmfVozl4zddmnm3tc4rImgaWe6yTXQzH3v4vRzYJaA9DXY +H2QQv7UcP13L/tP9q4PU92cB/Wz057eSSk9odjNTGmpD77zPkgDThotW3JMRBtRB +FLWFty+Tnykf81YRCwArZQ3gmxOGAbINRq42v02paCTYyOxa3rZ4564KsawaX2+6 +/55vPyST28Hm9b/9cqVEV0PiVXFOkbX5BLabyglaEFx2ywRsDvPv1EXKU18T6fLY +OpYvkjyoNRQGqyB//MLcm8/QiSM6paVIt+qJcsvuiNTbUlZEZ548yk46vi5xip0h +VKbkie0mtXAooXhEg4no4eBYf1wgFtzh+q3Q7WyepqkUpbCGGcidMqnStVKlh2qc +qUgiACoDLbktMboQ6+j2EHCvr/Uw6NoQQvgOYA3EVwjFiZvu0q5sU2qDNbKgNoCg +sJ0m1oMury5lvL2AkqrBd2HDqe3SQcKJADLFyQKPd4eRP6LpB3ndGE58J3cOjmto +JK8R45Z7osCRS5SP1YIIoUh09DoDW3LUPpZTycZ9BZFaNGO3CVwyC+V/S0GX8r0n +BR3ImY7fccYSr9pxFUZbZhSCWAVPKwIDAQABAoICAQCYunjrv8U4Brban5k4Co0V +Ux6CuFztHVVPBe/jMWZf+2VJsh1a2SQlxYY5fqEyINpVSBAID0yapFN7jf+50609 +YFNX05twYLQOHUk5zvH5LDT9bujbqjp+3KFd8fIujCBkeq5+FQbCWPskqa6tOKQc +4VMNCn/6fIuRUQrXk2j0MaAe+LMvOzCM2J6yd/3H211JY+zJgQTLjInn2rBtAI4s +ulkpZu63vYy496/yrBvmuXqFa5dIWPA8mkiPS30rykN4czUpwBjP0x2329uHUFhg +wsJxsZD6o40lqljK6ltsbXwTSwVAOayp8aeUwuCxPTK/DgCmcEsErhlhhpHnkmek +douBVo0y4Kc+zT+bm5FlF0geL654KFJcqE5McEF7F/a/uRlykT2dmQPoE8CRd3GV +xQNVkqxBI+IWG7XrE7AtHHMeqRoFadXyRDHF3px8MqTG1W4SK8yD4boMAuTHjgBY +0Zvq/R0DyxKM9hYKdq45JXu7eERBMessKn4IRwvL9ARr22o+OgdVyaxcXg87J2wU +Pi+bVos0RQJRmUB8Ht8lDz4r75pGAixG0EHPob4N0umXqfyi4np6+jcyw61b03QN +I796TT6E8LHd/Asv4xm09Ksht+eXdsQ7PEkj0jPdgvDdKUUrAR30MdkyXmzxIKxb +fVnGM+9Pkq4FC1MZ3FrzwQKCAQEA/C/Nw+kjmwl0SV//NvgwSfrPRUt1jJlva78Z +7Dvjp/u4uJ1fk3sctaTRJkt48anK6MF1Xlwympkq9xGwBCQYy23iWqOiMAcvw7z/ +jJuK7eoh3TA3HWZMJGLSVXrssJZE/hv9KX7YJT72HW/slOSVAZL8rVl/LAJXg3yk +G+6DbbjsKnMxDvs+2hW5H4YIPP9rAexEiqoVtUd4EgleArtYKzIcnVMmg/PlY8o1 +tyk+Dh9cfwkNQUQ59B6j83N+QMf5G7R5vt4pnJyLo9TpnNHVJrNI8cPn+EglkL9w +OF93irub0f7G6NZ5F7QUGr2d4KViWtr33EGjQuDV6ltva07qZQKCAQEA3HaY9sb4 +8btdodqjiJNJDfYqCljS+95OQ0i+Evk1ow1BMVLDYNLMjVRhSobC9RMSQ7joBQV5 +lH4g49pOqm/hisyQpKhL9TCp+bIgHbwXkj7yGduujrttFQLTdDELQh0Dt/bKfQ4z +zHM1iVDVhU8tR6JBYGK9S1mC1ePsE34fRnkq16hNo6+a20XELoJ40E84RCThwA8u +KbzsXrZwlo9IjNY3QJQMbRUDaghHS26bBBDmmwZZtTMRGXc4YN5DKBK3iqpXjoej +xYA5adN2HDVYNTEthY91YaAw+KOy/2VBR1tl9L6otTLg6XKLExVh4aytEltJrPNk +GIf2H3izY4JyTwKCAQEAy8dhEOaqA9Ru5/+vPd7tPkpyBD+GfBdcBofETbTTL+Fj +EaLxIT5BI7JL4xLnZvfZ45y314jOx0fvhPgA8Eeu1Ws0liNVolOcUCG/qgHiEH+5 +337fel04N8q2xaXv7n1uwJsjRc2eoPIwc/cGCAZxNXVtwjHoZkp6JuCnx35DK31b +MK4mPUHeNuGI1qU6sPd/o20ksZvgsLxQlNqG4dQ62aTDpIkVPVjuymUSZK/p2gWT +e393+35DCjVcLBPuODCe5bk/C3F/1HJXEAqyvyp7f6stzVaNcn3yBPX8m0DhWvRg +ZB7o4iq0bOfxuu3vziA1ys7XrF5Jq3f8w0QhU2fQVQKCAQB4g3gwhin1clfHr03v +zZuEv0jR6SZEOoyLqUsF8ibI3+kAPl7BIdphc3vPkoUmFOvKC10BybFhY+U0yNRx +xMEE77gt2jXTbWutLBr0RiqYbkJHslfkfD4v2yCeBmVCGbw7pvOfktDr9RqR2pct +zU9SNjcIqlERzHeB1prpOOt9yaSKyNzQGqFLNgL87aN/M57tWT/yjhnNBRIs4AwB +sYeWPU9sxMFaK793Cdl3OZoRie+VVM5bB/RT+GDgSv9o+3pLmbxNFIaI4wP/fnG1 +D9ANG7nnpbkjyb6bXFjv1Xjuud6tAEAW9R4PXub5YpnkFFFzlGVc3pub8U6we3mM +bvVvAoIBABywhZTAwVqyyWBZcyoROVZkk6wrxN1CHwfJfeXoJB6dCcuaLQqv2w+U +FhMPw8pXQ/CPAEp2yBOtpIIB8U12X3Vh+fjkGn7dWQzOQ9L81gerAsATGWLC4aH+ +yoKq0tWNh3PaoNl2Wexjdm+yc0UgdxOkuLq6sIWYwq0sRuE+RMscmieeqZzor5Sm +JN5c0oM0pXolUCum0Dmvj74diC4GusMvZO3Ik5T4yEDzMTwQCmK4wEERj0UqWwNI +g97Tgnwta+Aus1Fi4QW39IaH3gXPDXmcLl8+tTaNW7SDVVRpfyq0F5J8BzZ5SGXa +PbxpMqTNqdU7Z1RBbQXKrbDKUfqJ4a4= -----END PRIVATE KEY----- diff --git a/tests/tls/certs/driver/privatekey_with_thepassword.pem b/tests/tls/certs/driver/privatekey_with_thepassword.pem new file mode 100644 index 000000000..555235405 --- /dev/null +++ b/tests/tls/certs/driver/privatekey_with_thepassword.pem @@ -0,0 +1,55 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,2abfa6d9e7a45ade20731060b475abce + +eyVhDzoMurQ1PPBVUrgg+1zNL/kmmfElVXARAAdS20xPpkdyF896mkoFKILbx+kK +fnhKR0euWet4LLqVZcF1eRTbBresmpRncW/UtQCt/uL4BhiOQsMLOZ9KGeRFB/OD +kjrb4QOQzG9iihpipnIBjY9yLueKiFoSDBgR2h67vRLCeuwMWCEOFRnMN1FSh99p +Mc59iP2aH1CS16hneBDt1N5oWWBY0kmlQ38FHKMMXRjn2s482qNGY5Z/yG8URIUq +CTAiVyTqeKa68UQ7uPBp6bcVnC9F/zW3qIFAmIiDVRPiyHz81lCUeCo1LspwaDmZ +wPA6+CKdD1xIC0vLEKuLlvCFqXCJekPMewEFNZRedqiy29Ilry8/SDTgclwv1a6C +ZT8gOh/DK4GAb11jWAPlMpeMwuAZm5u+sWt2Cvc2KTeBqaOwIdSPjtfbDU6l97cD +gnSAr5T6z28Zc5/J34xCUxJ4AYUBenOK4lW4Jr1xOrZK36tWDNaECqXLiDtbcafL +gqiOzrZyDWvHgyIT/A+g8TbQexXDIBG45tkcItAq92ark9FzJO0bUCrVZhvL52e4 +rEYSR9mkwsEFvUWvArQpKMAC+hmyS8OpCvKMnbVAQD5elMz6J+XA0/3WjTTSI6F2 +bQXIFqVN3uVrB2J3qgdfzC5jp3JDcJ18Ws3X0hTLozf3hwTZ6lVFP/rZzFHl2KG8 +2K4jlnsn2SbQrVRN2aZQJ9W4o5vsQYXzdo75hNmfhBuaGS07cRJpJ9zrVS5qjNoj +CZcn+UO7Ym3gs32KnAzo5GcW6mnVFmOoihGPytuQjbPoGEmfh1xh9UbLHXiy82/9 +gmuxT9nLjI0upbvF7UX3geGu6nwoCdPLSgE9MHwsPgPRlgl6mlTveQgkj0/tSK5K +og1OvO0J0zrhH6kJHH21GHLFgZNtALGxdf9usVxH+5KruMyX9dnayjiQahkLLtlv +aVoGeg67k0yxwPOXY3gwMUV9zdX4XXzzmmGp3ZBsdHdl4uFRkrRBzn59IFGDqXLq +2cnH6bfgbn5N1ubL6vAgcLiHIgeIZc/qsBWmUeHfAbV1cOMtrpwA4gAFLwXiM+i8 +9qz7diH5M/x5DTUZ5Xewa5TyzDpB1UD+SS6ReuaXOcRLfKL+929LTqrxe12TdjMj ++sb5bnpAFnRfUnF90DI2X6ZEjNIy/yjv3RYJuI1kvEdgB8WS9vEMeR/IVxAwpQKf +zFyD7MP73Mp0lLlrkvoJ4c6ZkFHoin4li5ZZjZdeG+yfI2Kv4LX4/9IEWpXBpugZ +Xfk3tBfYZbPV5A52BK/aNozSu03yr5Q7a2CCgbJzo8sO+tXKYYmQg4wFVsLNfG9E +xxUXGGdd3yqj5hD+RFpGAQuLIgf44MDqvQOcAmknGvnERLE2ktcBxbiY+AJURdNC +dUK9BqWofIh25k+KmUHaht01AvSKGPP+gSQdee4cbjJy7MH21GpF7f26D6De84tD +PL9+llZUK5/fvNDhA63XnGwJoTMprs3S/XCPTDCDvVxwWFZHw2btAkjHxeEKmPe0 +QjlHgV06VaDvdnmDskZovw/+THwzfquYbkqblq+/2jtFK8ULhrfe65R11rs15XwT +pZbWPt2WpFTrY2+PtvZ0vX10m3YHm538en9e8sBIwqWU8ryjhLZ3UmJ/6ovdcuwu +RarMl4FimT2reaWKAl/jexkIA3f+hAvfoucrWG6HGRV5ScTAwkjgV/NFwKli+gKT +tOFs5Qk7elvERH79sLJnrGkldfzr12aL+L1ffF2EtcHG2D61Nq1VPTmNzVpHi23c +weUU0hu/N3k+ClXcwan8g7VIVxNm63jf0zJjMg8IzH5ss4lK0HK4DDuLDf3pIoBb +LwL8b1zPWQNIerrnjQMx3nRjzO5qtm74t1kNzwF9DfDu4PTg72MlXBkxnCXqMOSk +4lmr524d1bsRIAl0iQdTs+BUYHRdRpJJdOdY2LMr6AVzJH9hDY3HEF0VghgRyVOD +IHVJymVjviAwcLZQVZJJKTefiI5OXvrAFRIUXh1bsJaCKfPehH4N0OoMIyjy/Vqq +J70oykeqLytnvXFUw36+uOeVDZ8pKJ3kBuy1Id41qGEruo/+jQzBpZMz8ZSRGo6d +sUNxOnJdkhHh0+fY/2JFabEEdOYMg9EKJgRdnLEJTGCwgdDm6DBC+RPBbbw3snLg +bBrtpCMbbfFLc/WlJPHveVqZMch1v9ZWwdTCJrwuaSSkB+gGwiPF03onCt2zOfqw +r/Q+zzAFJfos00RZusVRVkf9gRlsiBgtCL3Ovz8LQ/c7Vs1DVr9Gn8UXxmGJtj0T +gZ38T2zcCRhc4EeLQUtXoqT147lbFtMej6/3i22YyGh1BoQQi/hzCFYrxxkxxtgP +Mfdk7BeelkJkTFvv624+rEa6Stu3G/gASZM6/awafYW7o6InE7J9bVrfCyJ6SOg6 +IxLuWoCrYgBgTpFoFd+TQsYD/WcpWbw2iHayCUIbw0ayx+P7YLEKPkNfNuTnKlzg +x6BRS4Wyn4JgDu1KPCkY1+uxrgWcZdKfuqcCa72Khrvqb3M6EWpK0ezfX9DXKn/e +2fz064jZoNvx7jtZLmNGT21v0gWANwTDqeWGBVhSUA5HYScZICvyVyxrEXIwUpMN +b4+gwkgxnWphxedpfLeD6lSaQL59OOjUco1CpsMUJao0CA7PlEK6fNppy71/s/cR +dAgq+3hEMcBefrJGp0G4gb7ffmZJxKfCamHOONIBFI6qpJa2p1Nusdvlsy3/ccaX +igHHki+gbUSOSTScuIjalhVEJkDbdp6g9G14iCjwjKGT4DML+zxFdj13JP6EhqIH +q4B5MhusBbfiGNHYzAKcANAY0u44fjoCEaFqWVwmSzs2BTfuKQQwLqnNyoD8DLeh +QAPUDBMJCBtQ4GHprAhGhhlK55X0bey1b0hGDU9eWvxvr6NuREC+535PXvAkPwfl +lU+BtyQvqQfPHhPwbGRuKNGEjJCZm1DL5KxtuEf/W3hTSVo/ilFUsuSbsny8Y51R +lytkPyv68WhpOz9+jL9c37UgAKkfs6rLXLnvPwX/fTBSScJ2utBy4gtF8v0U3aGJ +LS/AGC22sSmD/bNZI//MHc34eufB8zoMNbkI3/Q8rgERXQX9GBUPDwVbTYIICn4u +cZWxa7NX3qVKhmEnnLa9HHxrw8EbdW4RlI8dk8jDKIU= +-----END RSA PRIVATE KEY----- diff --git a/tests/tls/certs/server/bolt/trusted/client.pem b/tests/tls/certs/server/bolt/trusted/client.pem index e0d16dc23..b533f7353 100644 --- a/tests/tls/certs/server/bolt/trusted/client.pem +++ b/tests/tls/certs/server/bolt/trusted/client.pem @@ -1,29 +1,29 @@ -----BEGIN CERTIFICATE----- -MIIFBDCCAuygAwIBAgIRALttVMpNPme8IgSVUSZ9JLQwDQYJKoZIhvcNAQELBQAw -ETEPMA0GA1UEAxMGY2xpZW50MB4XDTI0MDIyOTE0MDE0MFoXDTQ0MDIyNDE1MDE0 -MFowETEPMA0GA1UEAxMGY2xpZW50MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC -CgKCAgEA4ctwlOv4zq6pbJkDNgXYJSmhZ+UgyCEe9eJfTcId92KgKxSjxS1jeBNX -7n0WUXAT1M3y+k4pNIlb59619lTABFvJKas/8dEHAlDvHBvnZXI6tqz15+358pMs -AyD3ppYCCHmW88XdZA+5mEfdP0qtm6LCRBmPYY8zPRYclK21DDT37IpX6YSIwOs4 -rdRnsStiA18ZNh6CTUgaJ3EtwKm0ug+TN7O81e4YMlfROLM5yJGxozXqNXk4ram9 -WyzICY7tFkZ3YrtCYMtgZkMvpbNsLJ7NEUM5oF9DxwEsEAVY9xbe84tKEE5RBIsW -CE5CRr1dEBoOxZvlNrByV2oobGIQ3Fqjb0IgjDeGJYU2S2CtNpeIqV1KvnbZfo/1 -edZvsxOo3xhm1eSWCKs1nOlaDLgPOA+D1H6hGMseUQN69SLD5sTvG2oPoJWl6HFB -kH8o29lpKIFmFBhRUyaPx5FNGBkUqbIxNTzU5czilsXnlVEEFE0cbU4/Q+UhD5TG -uLptLX0FuR20ahhg5grCy942VZRYKpuv1ZgqBzbNqewNWWC732nKFNR3ei3FCcgK -ff3FI8fxY8L0WULxYjZS2x/IJdhsf2b03JPcSiZM/mTBBXVlC+W/O8tW4ubDm1uo -byoAIUh+A3mSFwrao5x+w0kGs/htXJlTMFG7xaU92gLouSTDbo8CAwEAAaNXMFUw -DgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMCMA8GA1UdEwEB/wQF -MAMBAf8wHQYDVR0OBBYEFDPPCDNf39oOvio9EolwBdZXpWohMA0GCSqGSIb3DQEB -CwUAA4ICAQBCUA7dNtoBTGy/P2Zwz6kdbi/s0t0wu4ZuQfSZkmFpXYxF2ieCjfyb -CQje/+fgGStTksuf/jaDPFHJYdjN+lM/p0HqYTXEzU/R4+o8owQCJ4hzocjx2C4N -uaSL9OyMG9sRpA5jhF0Ks1Hmqfzxv5q2Vm9RleS+EovxBcQzp1BPZiZgh9C5/EUx -btnsml/RNe93pqcSwdfSlXKItVpP+mok63V3oQXggwdFrtwMJgsxVY3cr+TSppy4 -6qZo+Q7L1CtmaQbOhPr6+o/FLgg5P/DxQze0E0YTFSQbgWX4EoUfbwotjej6UstG -44z9wX+MKI15UOAxX8lzP9GRLGdaAPsW15qUT4AcoqZ09+jmPYta6k0KEkw+dy4S -YQnqs8qJVNrXOvR7ISkoszlSeZpgxPaoTTVNpgyCMKaRZ5nmo8as1bXyo4syou6T -pFx0EJHEONK+nZ4qYsP02XsR68duqDoNicXlhbmTgs0Rlh8KWZlYIM1fUcAtCvs5 -ECimE6fSrcgFqM1aLlgH4ukSK83ncuffm39tYH+patp2ZM6SmTXc7vgRIq4JvdAg -w2/rdhsTsTszl9GSgDlK4Yxl6bYXKnfwO1tcfavczySVOT4R57Y+y8q6vY0uK0OL -RIijQiqM/6dMRZUff7kCwTYBSMHoGaSyDUD/DQWV7rziCI6yd+zxFg== +MIIFAzCCAuugAwIBAgIQWrpn/AQGRfZhiNdZ4CZz6DANBgkqhkiG9w0BAQsFADAR +MQ8wDQYDVQQDEwZjbGllbnQwHhcNMjQwMjI5MTUzODQ1WhcNNDQwMjI0MTYzODQ1 +WjARMQ8wDQYDVQQDEwZjbGllbnQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK +AoICAQDZLemMsMZR6zKIMKKXjNk0v12pHrQtSyftqminn1vbv9zVmqJxncoMOrke +MxKfiguWbn/M+6BtaIyY3t5Q5MyucfCU0BIm/ngmfVozl4zddmnm3tc4rImgaWe6 +yTXQzH3v4vRzYJaA9DXYH2QQv7UcP13L/tP9q4PU92cB/Wz057eSSk9odjNTGmpD +77zPkgDThotW3JMRBtRBFLWFty+Tnykf81YRCwArZQ3gmxOGAbINRq42v02paCTY +yOxa3rZ4564KsawaX2+6/55vPyST28Hm9b/9cqVEV0PiVXFOkbX5BLabyglaEFx2 +ywRsDvPv1EXKU18T6fLYOpYvkjyoNRQGqyB//MLcm8/QiSM6paVIt+qJcsvuiNTb +UlZEZ548yk46vi5xip0hVKbkie0mtXAooXhEg4no4eBYf1wgFtzh+q3Q7WyepqkU +pbCGGcidMqnStVKlh2qcqUgiACoDLbktMboQ6+j2EHCvr/Uw6NoQQvgOYA3EVwjF +iZvu0q5sU2qDNbKgNoCgsJ0m1oMury5lvL2AkqrBd2HDqe3SQcKJADLFyQKPd4eR +P6LpB3ndGE58J3cOjmtoJK8R45Z7osCRS5SP1YIIoUh09DoDW3LUPpZTycZ9BZFa +NGO3CVwyC+V/S0GX8r0nBR3ImY7fccYSr9pxFUZbZhSCWAVPKwIDAQABo1cwVTAO +BgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0TAQH/BAUw +AwEB/zAdBgNVHQ4EFgQUeQTx5ArwU6EZmhYDQvW8kUtE5oAwDQYJKoZIhvcNAQEL +BQADggIBALlet9phM89XGDU5tVdMsnKAcGC1NUjhMbXl+6441NZonC9FnAAs92JA +PpJNCKVgGTIkGbq8dAUpTH2S9pS6pkThq6GL7GObfVhFytAWUH2zXeyooACVqDUa +VBvGedZV3QclDrK65lPAcgoZtXl/KCyCtBo6ufupTX7PWl1EqT7/M2aGRnivO9M0 +cFP1d4bZ1Z92EHYLRSxjiSwiFCvxFOYDGFpBlOaAHw8FpG0Ps3ro99cdaWmlkex+ +rc1F+Amk5/sZxaQfeKtYhKOVYTKKZM/z3TEbrghd4NBugxRMPHw9xfS9DPyzf+OY +vAwFLObIOiytcCHFYpV3rVjH7HjZf/YyK9MrDaSsahMAKZuSv9lZ/VQMDLtCcwhn +ntYUt42Fc19w4R+dmQT3zucePuwr/bk2mjiHjvvpxi0PJh2qVOQG7m841FLtF8YR +zJ2iHUNXFK6Nafa33gMZfAv9/EKHeeFfpN5Xl1IyQsx1ty0faiE4RNIt9VXqYo+y +Zgmqvn1gbHBaYvZ+VmOWvXgDfufkB/FFly0jAD9r/47DUVS/ndLqwQFTEjzdqDHA +TT3QNJ59oJES9fthbDEg3FZhtdMlOpZyHucDP1OCeZGmBJ3UwGyVZ/aIB9bjZBT4 +kmXPQxQunxqs5ZwlwzspEI9jFQKTMfh5cccao36XkyqjVQo4+iXR -----END CERTIFICATE----- diff --git a/tests/tls/test_client_certificate.py b/tests/tls/test_client_certificate.py index f5134d884..e5a95f6fb 100644 --- a/tests/tls/test_client_certificate.py +++ b/tests/tls/test_client_certificate.py @@ -35,62 +35,69 @@ def tearDown(self): "certs", "driver", "privatekey.pem") + client_certificate_key_with_pwd = \ + os.path.join(THIS_PATH, + "certs", "driver", + "privatekey_with_thepassword.pem") + + client_certificate_password = "thepassword" + required_features = types.Feature.API_SSL_SCHEMES, \ types.Feature.API_SSL_CLIENT_CERTIFICATE - extra_driver_configs = { - }, def test_s_and_client_certificate_present(self): schemes = "neo4j+s", "bolt+s" - for driver_config in self.extra_driver_configs: + client_certificates = (self._get_client_certificate(), + self._get_client_certificate_with_password()) + for client_certificate in client_certificates: for scheme in schemes: - with self.subTest(scheme=scheme, driver_config=driver_config): + with self.subTest(scheme=scheme, + client_certificate=client_certificate): self._start_server("trustedRoot_thehost", client_cert=self.client_cert_on_server) self.assertTrue(self._try_connect( self._server, scheme, "thehost", - client_certificate=self._get_client_certificate(), - **driver_config + client_certificate=client_certificate, )) self._server.reset() def test_s_and_certificate_not_present(self): schemes = "neo4j+s", "bolt+s" - for driver_config in self.extra_driver_configs: - for scheme in schemes: - with self.subTest(scheme=scheme, driver_config=driver_config): - self._start_server("trustedRoot_thehost", - client_cert=self.client_cert_on_server) - self.assertFalse(self._try_connect( - self._server, scheme, "thehost", **driver_config - )) - self._server.reset() + for scheme in schemes: + with self.subTest(scheme=scheme): + self._start_server("trustedRoot_thehost", + client_cert=self.client_cert_on_server) + self.assertFalse(self._try_connect( + self._server, scheme, "thehost" + )) + self._server.reset() def test_ssc_and_client_certificate_present(self): schemes = "neo4j+ssc", "bolt+ssc" - for driver_config in self.extra_driver_configs: + client_certificates = (self._get_client_certificate(), + self._get_client_certificate_with_password()) + for client_certificate in client_certificates: for scheme in schemes: - with self.subTest(scheme=scheme, driver_config=driver_config): + with self.subTest(scheme=scheme, + client_certificate=client_certificate): self._start_server("trustedRoot_thehost", client_cert=self.client_cert_on_server) self.assertTrue(self._try_connect( self._server, scheme, "thehost", - client_certificate=self._get_client_certificate(), - **driver_config + client_certificate=client_certificate, )) self._server.reset() def test_scc_and_certificate_not_present(self): schemes = "neo4j+ssc", "bolt+ssc" - for driver_config in self.extra_driver_configs: - for scheme in schemes: - with self.subTest(scheme=scheme, driver_config=driver_config): - self._start_server("trustedRoot_thehost", - client_cert=self.client_cert_on_server) - self.assertFalse(self._try_connect( - self._server, scheme, "thehost", **driver_config - )) - self._server.reset() + for scheme in schemes: + with self.subTest(scheme=scheme): + self._start_server("trustedRoot_thehost", + client_cert=self.client_cert_on_server) + self.assertFalse(self._try_connect( + self._server, scheme, "thehost" + )) + self._server.reset() def _start_server(self, cert, **kwargs): self._server = TlsServer(cert, **kwargs) @@ -98,3 +105,8 @@ def _start_server(self, cert, **kwargs): def _get_client_certificate(self): return types.ClientCertificate(self.client_certificate_cert, self.client_certificate_key) + + def _get_client_certificate_with_password(self): + return types.ClientCertificate(self.client_certificate_cert, + self.client_certificate_key_with_pwd, + self.client_certificate_password) From 6e54dd2600e11e6cf1ad4059ee9d28aa0e75a346 Mon Sep 17 00:00:00 2001 From: Robsdedude Date: Mon, 4 Mar 2024 14:12:25 +0100 Subject: [PATCH 13/18] Add test for client cert rotation --- certgen/main.go | 18 +- nutkit/frontend/__init__.py | 1 + .../frontend/client_certificate_provider.py | 77 +++++++ nutkit/frontend/driver.py | 23 +- nutkit/protocol/requests.py | 43 +++- nutkit/protocol/responses.py | 39 +++- tests/tls/certs/driver/certificate.pem | 29 --- tests/tls/certs/driver/certificate1.pem | 29 +++ tests/tls/certs/driver/certificate2.pem | 29 +++ tests/tls/certs/driver/privatekey.pem | 52 ----- tests/tls/certs/driver/privatekey1.pem | 52 +++++ .../driver/privatekey1_with_thepassword1.pem | 55 +++++ tests/tls/certs/driver/privatekey2.pem | 52 +++++ .../driver/privatekey2_with_thepassword2.pem | 55 +++++ .../driver/privatekey_with_thepassword.pem | 55 ----- .../tls/certs/server/bolt/trusted/client.pem | 29 --- .../tls/certs/server/bolt/trusted/client1.pem | 29 +++ .../tls/certs/server/bolt/trusted/client2.pem | 29 +++ tests/tls/shared.py | 28 ++- tests/tls/test_client_certificate.py | 207 ++++++++++++------ tests/tls/test_secure_scheme.py | 46 ++-- tests/tls/test_self_signed_scheme.py | 56 +++-- tests/tls/test_tls_versions.py | 17 +- tests/tls/test_unsecure_scheme.py | 16 +- 24 files changed, 768 insertions(+), 298 deletions(-) create mode 100644 nutkit/frontend/client_certificate_provider.py delete mode 100644 tests/tls/certs/driver/certificate.pem create mode 100644 tests/tls/certs/driver/certificate1.pem create mode 100644 tests/tls/certs/driver/certificate2.pem delete mode 100644 tests/tls/certs/driver/privatekey.pem create mode 100644 tests/tls/certs/driver/privatekey1.pem create mode 100644 tests/tls/certs/driver/privatekey1_with_thepassword1.pem create mode 100644 tests/tls/certs/driver/privatekey2.pem create mode 100644 tests/tls/certs/driver/privatekey2_with_thepassword2.pem delete mode 100644 tests/tls/certs/driver/privatekey_with_thepassword.pem delete mode 100644 tests/tls/certs/server/bolt/trusted/client.pem create mode 100644 tests/tls/certs/server/bolt/trusted/client1.pem create mode 100644 tests/tls/certs/server/bolt/trusted/client2.pem diff --git a/certgen/main.go b/certgen/main.go index 417a48009..1b0264d32 100644 --- a/certgen/main.go +++ b/certgen/main.go @@ -13,6 +13,7 @@ import ( "crypto/x509" "crypto/x509/pkix" "encoding/pem" + "fmt" "math/big" "os" "path" @@ -244,11 +245,14 @@ func main() { writeKey(path.Join(basePath, "server", "untrustedRoot_thehost.key"), untrustedRoot_server1Key) writeCert(path.Join(basePath, "server", "untrustedRoot_thehost.pem"), untrustedRoot_server1Der) - // Generate certificate.pem - clientKey, clientDer := generateRsa4096Sha512(anHourAgo, tenYearsFromNow, "client") - writeCert(path.Join(basePath, "driver", "certificate.pem"), clientDer) - writeKey(path.Join(basePath, "driver", "privatekey.pem"), clientKey) - writeKeyEncrypted("thepassword", path.Join(basePath, "driver", "privatekey_with_thepassword.pem"), clientKey) - // Copy to - writeCert(path.Join(basePath, "server", "bolt", "trusted", "client.pem"), clientDer) + // Generate client's certificates + for i := 1; i <= 2; i++ { + clientKey, clientDer := generateRsa4096Sha512(anHourAgo, tenYearsFromNow, "client") + writeCert(path.Join(basePath, "driver", fmt.Sprintf("certificate%d.pem", i)), clientDer) + writeKey(path.Join(basePath, "driver", fmt.Sprintf("privatekey%d.pem", i)), clientKey) + writeKeyEncrypted(fmt.Sprintf("thepassword%d", i), + path.Join(basePath, "driver", fmt.Sprintf("privatekey%d_with_thepassword%d.pem", i, i)), clientKey) + // Copy to + writeCert(path.Join(basePath, "server", "bolt", "trusted", fmt.Sprintf("client%d.pem", i)), clientDer) + } } diff --git a/nutkit/frontend/__init__.py b/nutkit/frontend/__init__.py index 77c85b34a..303c1a2fd 100644 --- a/nutkit/frontend/__init__.py +++ b/nutkit/frontend/__init__.py @@ -7,6 +7,7 @@ BookmarkManager, Neo4jBookmarkManagerConfig, ) +from .client_certificate_provider import ClientCertificateProvider from .driver import Driver from .exceptions import ApplicationCodeError from .fake_time import FakeTime diff --git a/nutkit/frontend/client_certificate_provider.py b/nutkit/frontend/client_certificate_provider.py new file mode 100644 index 000000000..785104946 --- /dev/null +++ b/nutkit/frontend/client_certificate_provider.py @@ -0,0 +1,77 @@ +from __future__ import annotations + +from dataclasses import dataclass +from typing import ( + Any, + Callable, + ClassVar, + Dict, +) + +from ..backend import Backend +from ..protocol import ClientCertificate +from ..protocol import ( + ClientCertificateProvider as ClientCertificateProviderMessage, +) +from ..protocol import ( + ClientCertificateProviderClose, + ClientCertificateProviderCompleted, + ClientCertificateProviderRequest, + NewClientCertificateProvider, +) + +__all__ = [ + "ClientCertificateProvider", +] + + +@dataclass +class ClientCertificateProvider: + _registry: ClassVar[Dict[Any, ClientCertificateProvider]] = {} + + def __init__( + self, + backend: Backend, + handler: Callable[[], (bool, ClientCertificate)], + ): + self._backend = backend + self._handler = handler + + req = NewClientCertificateProvider() + res = backend.send_and_receive(req) + if not isinstance(res, ClientCertificateProviderMessage): + raise Exception( + f"Should be ClientCertificateProvider but was {res}" + ) + + self._client_certificate_provider = res + self._registry[self._client_certificate_provider.id] = self + + @property + def id(self): + return self._client_certificate_provider.id + + @classmethod + def process_callbacks(cls, request): + if isinstance(request, ClientCertificateProviderRequest): + if request.client_certificate_provider_id not in cls._registry: + raise Exception( + "Backend provided unknown Client Certificate Provider " + f"id: {request.client_certificate_provider_id} not found" + ) + manager = cls._registry[request.client_certificate_provider_id] + has_update, cert = manager._handler() + return ClientCertificateProviderCompleted( + request.id, has_update, cert + ) + + def close(self, hooks=None): + res = self._backend.send_and_receive( + ClientCertificateProviderClose(self.id), + hooks=hooks + ) + if not isinstance(res, ClientCertificateProviderMessage): + raise Exception( + f"Should be ClientCertificateProvider but was {res}" + ) + del self._registry[self.id] diff --git a/nutkit/frontend/driver.py b/nutkit/frontend/driver.py index 530948bc3..6b1631d21 100644 --- a/nutkit/frontend/driver.py +++ b/nutkit/frontend/driver.py @@ -5,6 +5,7 @@ BearerAuthTokenManager, ) from .bookmark_manager import BookmarkManager +from .client_certificate_provider import ClientCertificateProvider from .session import Session @@ -38,6 +39,16 @@ def __init__(self, backend, uri, auth_token, user_agent=None, ) self._auth_token_manager = auth_token auth_token_manager_id = auth_token.id + client_certificate_, client_certificate_provider_id_ = None, None + if client_certificate is not None: + assert isinstance( + client_certificate, + (protocol.ClientCertificate, ClientCertificateProvider) + ) + if isinstance(client_certificate, protocol.ClientCertificate): + client_certificate_ = client_certificate + else: + client_certificate_provider_id_ = client_certificate.id req = protocol.NewDriver( uri, self._auth_token, auth_token_manager_id, @@ -52,7 +63,8 @@ def __init__(self, backend, uri, auth_token, user_agent=None, notifications_min_severity=notifications_min_severity, notifications_disabled_categories=notifications_disabled_categories, # noqa: E501 telemetry_disabled=telemetry_disabled, - client_certificate=client_certificate + client_certificate=client_certificate_, + client_certificate_provider_id=client_certificate_provider_id_, ) res = backend.send_and_receive(req) if not isinstance(res, protocol.Driver): @@ -80,10 +92,11 @@ def receive(self, timeout=None, hooks=None, *, allow_resolution): ) continue for cb_processor in ( - AuthTokenManager, - BasicAuthTokenManager, - BearerAuthTokenManager, - BookmarkManager, + AuthTokenManager, + BasicAuthTokenManager, + BearerAuthTokenManager, + BookmarkManager, + ClientCertificateProvider, ): cb_response = cb_processor.process_callbacks(res) if cb_response is not None: diff --git a/nutkit/protocol/requests.py b/nutkit/protocol/requests.py index ecc530474..d829ad532 100644 --- a/nutkit/protocol/requests.py +++ b/nutkit/protocol/requests.py @@ -76,7 +76,7 @@ def __init__( notifications_min_severity=None, notifications_disabled_categories=None, telemetry_disabled=None, - client_certificate=None + client_certificate=None, client_certificate_provider_id=None, ): # Neo4j URI to connect to self.uri = uri @@ -94,7 +94,10 @@ def __init__( self.livenessCheckTimeoutMs = liveness_check_timeout_ms self.maxConnectionPoolSize = max_connection_pool_size self.connectionAcquisitionTimeoutMs = connection_acquisition_timeout_ms + assert (client_certificate is None + or client_certificate_provider_id is None) self.clientCertificate = client_certificate + self.clientCertificateProviderId = client_certificate_provider_id if notifications_min_severity is not None: self.notificationsMinSeverity = notifications_min_severity if notifications_disabled_categories is not None: @@ -275,6 +278,44 @@ def __init__(self, certfile, keyfile, password=None): self.password = password +class NewClientCertificateProvider: + """ + Create a new client certificate provider on the backend. + + The backend should respond with `ClientCertificateProvider`. + """ + + def __init__(self): + pass + + +class ClientCertificateProviderClose: + """ + Request to remove a client certificate provider from the backend. + + The backend may free any resources associated with the provider and respond + with `ClientCertificateProvider` echoing back the given id. + """ + + def __init__(self, id): + # Id of the client certificate provider to close. + self.id = id + + +class ClientCertificateProviderCompleted: + """ + Result of a completed client certificate provider call. + + No response is expected. + """ + + def __init__(self, request_id, has_update, client_certificate): + self.requestId = request_id + assert isinstance(client_certificate, ClientCertificate) + self.clientCertificate = client_certificate + self.hasUpdate = bool(has_update) + + class VerifyConnectivity: """ Request to verify connectivity on the driver. diff --git a/nutkit/protocol/responses.py b/nutkit/protocol/responses.py index 491d83a78..3989e42c7 100644 --- a/nutkit/protocol/responses.py +++ b/nutkit/protocol/responses.py @@ -116,11 +116,11 @@ class BasicAuthTokenManager: Represents a new auth manager to handle password rotation. The passed id is used when creating a new driver (`NewDriver`) to refer to - this auth token manager + this auth token manager. """ def __init__(self, id): - # Id of BasicAuthTokenManager instance on backend. + # Id of BasicAuthTokenManager instance on the backend. # Note that the id space needs to be shared with AuthTokenManager. self.id = id @@ -150,7 +150,7 @@ class BearerAuthTokenManager: Represents a new auth manager to handle potentially expiring bearer tokens. The passed id is used when creating a new driver (`NewDriver`) to refer to - this auth token manager + this auth token manager. """ def __init__(self, id): @@ -179,6 +179,39 @@ def __init__(self, id, bearerAuthTokenManagerId): self.bearer_auth_token_manager_id = bearerAuthTokenManagerId +class ClientCertificateProvider: + """ + Represents a new auth manager to handle password rotation. + + The passed id is used when creating a new driver (`NewDriver`) to refer to + this client certificate provider. + """ + + def __init__(self, id): + # Id of ClientCertificateProvider instance on the backend. + self.id = id + + +class ClientCertificateProviderRequest: + """ + Represents the need for a fresh client certificate. + + This message may be sent by the backend at any time should the driver call + the `provide` method of a client certificate provider's that was previously + created in response to `ClientCertificateProvider`. + + TestKit will respond with `ClientCertificateProviderCompleted`. + """ + + def __init__(self, id, clientCertificateProviderId): + # Id of the request. TestKit will send the same id back as `requestId` + # in the `ClientCertificateProviderCompleted` response. + self.id = id + # Id of the client certificate provider whose provide method was + # called. + self.client_certificate_provider_id = clientCertificateProviderId + + class ResolverResolutionRequired: """ Represents a need for new address resolution. diff --git a/tests/tls/certs/driver/certificate.pem b/tests/tls/certs/driver/certificate.pem deleted file mode 100644 index b533f7353..000000000 --- a/tests/tls/certs/driver/certificate.pem +++ /dev/null @@ -1,29 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFAzCCAuugAwIBAgIQWrpn/AQGRfZhiNdZ4CZz6DANBgkqhkiG9w0BAQsFADAR -MQ8wDQYDVQQDEwZjbGllbnQwHhcNMjQwMjI5MTUzODQ1WhcNNDQwMjI0MTYzODQ1 -WjARMQ8wDQYDVQQDEwZjbGllbnQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQDZLemMsMZR6zKIMKKXjNk0v12pHrQtSyftqminn1vbv9zVmqJxncoMOrke -MxKfiguWbn/M+6BtaIyY3t5Q5MyucfCU0BIm/ngmfVozl4zddmnm3tc4rImgaWe6 -yTXQzH3v4vRzYJaA9DXYH2QQv7UcP13L/tP9q4PU92cB/Wz057eSSk9odjNTGmpD -77zPkgDThotW3JMRBtRBFLWFty+Tnykf81YRCwArZQ3gmxOGAbINRq42v02paCTY -yOxa3rZ4564KsawaX2+6/55vPyST28Hm9b/9cqVEV0PiVXFOkbX5BLabyglaEFx2 -ywRsDvPv1EXKU18T6fLYOpYvkjyoNRQGqyB//MLcm8/QiSM6paVIt+qJcsvuiNTb -UlZEZ548yk46vi5xip0hVKbkie0mtXAooXhEg4no4eBYf1wgFtzh+q3Q7WyepqkU -pbCGGcidMqnStVKlh2qcqUgiACoDLbktMboQ6+j2EHCvr/Uw6NoQQvgOYA3EVwjF -iZvu0q5sU2qDNbKgNoCgsJ0m1oMury5lvL2AkqrBd2HDqe3SQcKJADLFyQKPd4eR -P6LpB3ndGE58J3cOjmtoJK8R45Z7osCRS5SP1YIIoUh09DoDW3LUPpZTycZ9BZFa -NGO3CVwyC+V/S0GX8r0nBR3ImY7fccYSr9pxFUZbZhSCWAVPKwIDAQABo1cwVTAO -BgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0TAQH/BAUw -AwEB/zAdBgNVHQ4EFgQUeQTx5ArwU6EZmhYDQvW8kUtE5oAwDQYJKoZIhvcNAQEL -BQADggIBALlet9phM89XGDU5tVdMsnKAcGC1NUjhMbXl+6441NZonC9FnAAs92JA -PpJNCKVgGTIkGbq8dAUpTH2S9pS6pkThq6GL7GObfVhFytAWUH2zXeyooACVqDUa -VBvGedZV3QclDrK65lPAcgoZtXl/KCyCtBo6ufupTX7PWl1EqT7/M2aGRnivO9M0 -cFP1d4bZ1Z92EHYLRSxjiSwiFCvxFOYDGFpBlOaAHw8FpG0Ps3ro99cdaWmlkex+ -rc1F+Amk5/sZxaQfeKtYhKOVYTKKZM/z3TEbrghd4NBugxRMPHw9xfS9DPyzf+OY -vAwFLObIOiytcCHFYpV3rVjH7HjZf/YyK9MrDaSsahMAKZuSv9lZ/VQMDLtCcwhn -ntYUt42Fc19w4R+dmQT3zucePuwr/bk2mjiHjvvpxi0PJh2qVOQG7m841FLtF8YR -zJ2iHUNXFK6Nafa33gMZfAv9/EKHeeFfpN5Xl1IyQsx1ty0faiE4RNIt9VXqYo+y -Zgmqvn1gbHBaYvZ+VmOWvXgDfufkB/FFly0jAD9r/47DUVS/ndLqwQFTEjzdqDHA -TT3QNJ59oJES9fthbDEg3FZhtdMlOpZyHucDP1OCeZGmBJ3UwGyVZ/aIB9bjZBT4 -kmXPQxQunxqs5ZwlwzspEI9jFQKTMfh5cccao36XkyqjVQo4+iXR ------END CERTIFICATE----- diff --git a/tests/tls/certs/driver/certificate1.pem b/tests/tls/certs/driver/certificate1.pem new file mode 100644 index 000000000..728f0a2ab --- /dev/null +++ b/tests/tls/certs/driver/certificate1.pem @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIFAzCCAuugAwIBAgIQLkH7vXc7bap3K/TxUuWyjDANBgkqhkiG9w0BAQsFADAR +MQ8wDQYDVQQDEwZjbGllbnQwHhcNMjQwMzA0MDg1NzQ4WhcNNDQwMjI4MDk1NzQ4 +WjARMQ8wDQYDVQQDEwZjbGllbnQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK +AoICAQCyvV7hpmx/Bn3iHOfOZM0s6tjHFs/qzYLD8sEtThAXKMLwUwXXQXg5WhW/ +33P+aGzNIkQz4674zJfS3C/V0YAz/9K9NaKr2nUdJRLE0sWtWPNKAOPwBkQwgpwe +egzcgYOHzTCC6P9mqMPk/fvX16SzihkE+xjiOEWPxmB6TUjkH36iS1MqKrV76VFp +FZF+mPbaoTjCEO7ldXJPZilE2zPNiSilCLhy470CC+cexASl2/ga/Wj6KJSnPX6h +rRMaeINWavO8Alby4bhc7AEVJRTnCzRsl3n5dfnBmQsFsgI7lsuUl/ebKDU2azQi +AzNCpxHmY4cIR9UxxHzbFh2mX3L9d/3evAh+96RreJVJxe6ilSKQSfKoxHiJp8e8 +GzQR1J/84YsZqOE5mpoMei9avvAIuSZxl0oP1kHLp9H/JwRg5glw4G1W/JHWK1TR +d5WuDDGCMU0xliWt3+zrvGw+fTqyM9wwybRhvlXt0a9z/o4Po+sIfBO0bA/+o4OG +FSeMtG1SH6WHXt1rdyEcCjuuw5XlIezBhLL40RVtbLJR1ERJ/7bjkoAZUJULIsxK +QPdjv+x9depIFJ/PHwa86qtqueU1kdPfTS7uRhlsJuAkxPM5KF4V/rz7qEgTe0vH +0lsd3/IGqKTsqKcy4ETj8Ksb9xA91yPmHMao4YWUWYoLKeQRVwIDAQABo1cwVTAO +BgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0TAQH/BAUw +AwEB/zAdBgNVHQ4EFgQUqqQ1RxpUgwdzdd2cGuoL9Ip/92swDQYJKoZIhvcNAQEL +BQADggIBAA+dcjgQsWnJb+Ipr6GgQ3KeDScwqoE61cOQLm3G2jw7EA2DG32tX3D1 +z+eSTJTRVsJEZ94aKgxCA+aR9P0i9ku74CPPW1/Z9ZDtUCbugif8GtD6L0XikElU +uQFhH35aq42d05tXBzUN0JOt8h8T86F+07fLhw8ufmM/FEU2OnAlR1XnQKGUCQho +FlqI/yhPijv4B0DfJNoQNj66bi22iPzXF/sB4wuWany9O1/e0CldkN32pPU4eQOH +0npQ/tBg/TkVsI1rH9joBHcUxlsnydZ7IqR1jBGeod6ByszQG2hcNNJzUT6ahKnE +WGj4CzwdusppGFoKl6UeVVy+0ubOepHnes4y1ycDN/BwvCScO/5RNqBUl3gBObxC +7sF+Mss3TSnkaScroS1z1mNAUtyCVvwIhRkmsrauuR1+Jj2ZLWaJV4tI96WtoZxs +ux1sK1DoYvow9JZALBUFaX7d9ZaZ25ovcoq40av1twocHuRnJgzT/3RbKBPJdNEm +nbOh1baFQ8CIi3RMoKm7dF6xLj6BR5VNu/yiqDP7GBcVE27dCYrga0GOSuUFz/n4 +34Fhmqc/odZm9TGgQnOzRHS4gSG+AB7TXCUEisK17YhRwSgJKd2pj+UWfZzk17S9 +JhNd7+GwXGwAhfdAwTIYZcH73v8sTfYLL5QOMCD5Pc/tnC3VgleZ +-----END CERTIFICATE----- diff --git a/tests/tls/certs/driver/certificate2.pem b/tests/tls/certs/driver/certificate2.pem new file mode 100644 index 000000000..2247f6faf --- /dev/null +++ b/tests/tls/certs/driver/certificate2.pem @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIFAzCCAuugAwIBAgIQZ80JfLF49Gvu7dyWdDWZszANBgkqhkiG9w0BAQsFADAR +MQ8wDQYDVQQDEwZjbGllbnQwHhcNMjQwMzA0MDg1NzQ4WhcNNDQwMjI4MDk1NzQ4 +WjARMQ8wDQYDVQQDEwZjbGllbnQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK +AoICAQDue+O2warGb9RplBKhC1RG+S4NAH755IpOEHryfm9/lDbECCeSoqf5FCtc +4VKRBK/vzuZI3DdzkN9KvoTOPrgBBjWkKgFzegKMo5BarQ61wI5xwH8/W3c/Z70m +CnV6ckk7X5LyHAyrxXQaRuxkN8PvqFylGOV7tMvRZnAnGfa6hbQFMczXHHOJHMvy +Kb33QvbpdFEiG8iCAHYahDnS4Q6IZ6rn0L3O/DQ5YwRSlNcnAYwSMEkSgeuhkQG3 +NUz/JDB1+DGqVf6yyFX/6YF5OBmtFEipUbM/lVNQ1I62l5HSYMO4rGd8RMcHI5kn +FrvidS10cMNN4whN0gzYZC7XkCwbt8bKOc4Vw4MutapQuVHivJBzHRowxYsxmHUB ++A4TpZwr869MnhoqTmHLCt9SBSwR+4YDu2Yrm1Zpy0rtemDlJBwYg763uDoK2DZY +V0cdzrtjL+MK8kGOALQN10LbdpxVt5enMhRl+p8Xcg6yLylt/TmYRFXfteHcuZhW +Fx877Rp0hr9Wu+xjD3ePF1tqJkSFJdnffD4s1OAFro4GsnX5hFzVRIQzqJP09ASO +H2ZfA+QkifxUaiSOW3S9xnKvLR0Viycci82QQPVeOxg+ovdY8OpZUMRQjpZavUlp +xRfG4PlWmI+DFGazaInjCYGjp1Om48tYoKhgJvBA3tkwebmxdQIDAQABo1cwVTAO +BgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0TAQH/BAUw +AwEB/zAdBgNVHQ4EFgQURdTZaG2qJc9svt3fkwDbcB522tcwDQYJKoZIhvcNAQEL +BQADggIBACqrXIHhAW6yfI85rPtopUCezq31Mrvkl9E/PqpqF/SlkI1/IOof5WO/ +jC1wFXGN3EGleFgYA4ka15IRo4seH/5PidU6+rsBnjkPNVbn+HHn8HOonQAomUeK +lHmwdfSgpXwihZvktEuzUScaH//u3NSJEAiZfHZh+6hWf/Z9FcTprYN7yFkVzapo +aAaMrYGmlZVOdyEkJqibhaBUko2dNGHTAFhMnSq9ELDHzbGh6pRcr4clKAtV5LPg +7/g1ZWOz0lBXzZLtMPAo6cqeHdHrXBWp2wzB41fphgbkYHCWYqstDF9NwOBD1pDV +BWwbtxZC8eV1/qvWeJoS7bdpmlLfVSDL0V4cyUtzSXVWej5MHVkc5PYRvJVssjyd +VKXs4JzgVcZL+z1LknB3IZDg7wI75bXdVIjagDGEU6A7bYpAyOa+JYvMoLsdoJq/ +RaIsIbMIut3kpWSW+mqxVZP8WEmbUlbjNtTvea3PreRQYa6vB8CawoH4uWyKAC28 +3Tf9N3tyVsUkBlfSdnDRY8BNotElUhNr/Sz1VXmMGgZV1ZAtdeb255abv4Jd3HCV +AdnKEHjdsXPKHL5BeK/IepmHoNzNaygTVScR4JWHp7FKYuReKp8szgcvlhrGs7NQ +KsEaQ9xmFOOjuhqiLRj82qQufdkJq6/JW8j8Hxh7TnM3XDCpJLkP +-----END CERTIFICATE----- diff --git a/tests/tls/certs/driver/privatekey.pem b/tests/tls/certs/driver/privatekey.pem deleted file mode 100644 index 844f2350a..000000000 --- a/tests/tls/certs/driver/privatekey.pem +++ /dev/null @@ -1,52 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDZLemMsMZR6zKI -MKKXjNk0v12pHrQtSyftqminn1vbv9zVmqJxncoMOrkeMxKfiguWbn/M+6BtaIyY -3t5Q5MyucfCU0BIm/ngmfVozl4zddmnm3tc4rImgaWe6yTXQzH3v4vRzYJaA9DXY -H2QQv7UcP13L/tP9q4PU92cB/Wz057eSSk9odjNTGmpD77zPkgDThotW3JMRBtRB -FLWFty+Tnykf81YRCwArZQ3gmxOGAbINRq42v02paCTYyOxa3rZ4564KsawaX2+6 -/55vPyST28Hm9b/9cqVEV0PiVXFOkbX5BLabyglaEFx2ywRsDvPv1EXKU18T6fLY -OpYvkjyoNRQGqyB//MLcm8/QiSM6paVIt+qJcsvuiNTbUlZEZ548yk46vi5xip0h -VKbkie0mtXAooXhEg4no4eBYf1wgFtzh+q3Q7WyepqkUpbCGGcidMqnStVKlh2qc -qUgiACoDLbktMboQ6+j2EHCvr/Uw6NoQQvgOYA3EVwjFiZvu0q5sU2qDNbKgNoCg -sJ0m1oMury5lvL2AkqrBd2HDqe3SQcKJADLFyQKPd4eRP6LpB3ndGE58J3cOjmto -JK8R45Z7osCRS5SP1YIIoUh09DoDW3LUPpZTycZ9BZFaNGO3CVwyC+V/S0GX8r0n -BR3ImY7fccYSr9pxFUZbZhSCWAVPKwIDAQABAoICAQCYunjrv8U4Brban5k4Co0V -Ux6CuFztHVVPBe/jMWZf+2VJsh1a2SQlxYY5fqEyINpVSBAID0yapFN7jf+50609 -YFNX05twYLQOHUk5zvH5LDT9bujbqjp+3KFd8fIujCBkeq5+FQbCWPskqa6tOKQc -4VMNCn/6fIuRUQrXk2j0MaAe+LMvOzCM2J6yd/3H211JY+zJgQTLjInn2rBtAI4s -ulkpZu63vYy496/yrBvmuXqFa5dIWPA8mkiPS30rykN4czUpwBjP0x2329uHUFhg -wsJxsZD6o40lqljK6ltsbXwTSwVAOayp8aeUwuCxPTK/DgCmcEsErhlhhpHnkmek -douBVo0y4Kc+zT+bm5FlF0geL654KFJcqE5McEF7F/a/uRlykT2dmQPoE8CRd3GV -xQNVkqxBI+IWG7XrE7AtHHMeqRoFadXyRDHF3px8MqTG1W4SK8yD4boMAuTHjgBY -0Zvq/R0DyxKM9hYKdq45JXu7eERBMessKn4IRwvL9ARr22o+OgdVyaxcXg87J2wU -Pi+bVos0RQJRmUB8Ht8lDz4r75pGAixG0EHPob4N0umXqfyi4np6+jcyw61b03QN -I796TT6E8LHd/Asv4xm09Ksht+eXdsQ7PEkj0jPdgvDdKUUrAR30MdkyXmzxIKxb -fVnGM+9Pkq4FC1MZ3FrzwQKCAQEA/C/Nw+kjmwl0SV//NvgwSfrPRUt1jJlva78Z -7Dvjp/u4uJ1fk3sctaTRJkt48anK6MF1Xlwympkq9xGwBCQYy23iWqOiMAcvw7z/ -jJuK7eoh3TA3HWZMJGLSVXrssJZE/hv9KX7YJT72HW/slOSVAZL8rVl/LAJXg3yk -G+6DbbjsKnMxDvs+2hW5H4YIPP9rAexEiqoVtUd4EgleArtYKzIcnVMmg/PlY8o1 -tyk+Dh9cfwkNQUQ59B6j83N+QMf5G7R5vt4pnJyLo9TpnNHVJrNI8cPn+EglkL9w -OF93irub0f7G6NZ5F7QUGr2d4KViWtr33EGjQuDV6ltva07qZQKCAQEA3HaY9sb4 -8btdodqjiJNJDfYqCljS+95OQ0i+Evk1ow1BMVLDYNLMjVRhSobC9RMSQ7joBQV5 -lH4g49pOqm/hisyQpKhL9TCp+bIgHbwXkj7yGduujrttFQLTdDELQh0Dt/bKfQ4z -zHM1iVDVhU8tR6JBYGK9S1mC1ePsE34fRnkq16hNo6+a20XELoJ40E84RCThwA8u -KbzsXrZwlo9IjNY3QJQMbRUDaghHS26bBBDmmwZZtTMRGXc4YN5DKBK3iqpXjoej -xYA5adN2HDVYNTEthY91YaAw+KOy/2VBR1tl9L6otTLg6XKLExVh4aytEltJrPNk -GIf2H3izY4JyTwKCAQEAy8dhEOaqA9Ru5/+vPd7tPkpyBD+GfBdcBofETbTTL+Fj -EaLxIT5BI7JL4xLnZvfZ45y314jOx0fvhPgA8Eeu1Ws0liNVolOcUCG/qgHiEH+5 -337fel04N8q2xaXv7n1uwJsjRc2eoPIwc/cGCAZxNXVtwjHoZkp6JuCnx35DK31b -MK4mPUHeNuGI1qU6sPd/o20ksZvgsLxQlNqG4dQ62aTDpIkVPVjuymUSZK/p2gWT -e393+35DCjVcLBPuODCe5bk/C3F/1HJXEAqyvyp7f6stzVaNcn3yBPX8m0DhWvRg -ZB7o4iq0bOfxuu3vziA1ys7XrF5Jq3f8w0QhU2fQVQKCAQB4g3gwhin1clfHr03v -zZuEv0jR6SZEOoyLqUsF8ibI3+kAPl7BIdphc3vPkoUmFOvKC10BybFhY+U0yNRx -xMEE77gt2jXTbWutLBr0RiqYbkJHslfkfD4v2yCeBmVCGbw7pvOfktDr9RqR2pct -zU9SNjcIqlERzHeB1prpOOt9yaSKyNzQGqFLNgL87aN/M57tWT/yjhnNBRIs4AwB -sYeWPU9sxMFaK793Cdl3OZoRie+VVM5bB/RT+GDgSv9o+3pLmbxNFIaI4wP/fnG1 -D9ANG7nnpbkjyb6bXFjv1Xjuud6tAEAW9R4PXub5YpnkFFFzlGVc3pub8U6we3mM -bvVvAoIBABywhZTAwVqyyWBZcyoROVZkk6wrxN1CHwfJfeXoJB6dCcuaLQqv2w+U -FhMPw8pXQ/CPAEp2yBOtpIIB8U12X3Vh+fjkGn7dWQzOQ9L81gerAsATGWLC4aH+ -yoKq0tWNh3PaoNl2Wexjdm+yc0UgdxOkuLq6sIWYwq0sRuE+RMscmieeqZzor5Sm -JN5c0oM0pXolUCum0Dmvj74diC4GusMvZO3Ik5T4yEDzMTwQCmK4wEERj0UqWwNI -g97Tgnwta+Aus1Fi4QW39IaH3gXPDXmcLl8+tTaNW7SDVVRpfyq0F5J8BzZ5SGXa -PbxpMqTNqdU7Z1RBbQXKrbDKUfqJ4a4= ------END PRIVATE KEY----- diff --git a/tests/tls/certs/driver/privatekey1.pem b/tests/tls/certs/driver/privatekey1.pem new file mode 100644 index 000000000..160cb8f28 --- /dev/null +++ b/tests/tls/certs/driver/privatekey1.pem @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQCyvV7hpmx/Bn3i +HOfOZM0s6tjHFs/qzYLD8sEtThAXKMLwUwXXQXg5WhW/33P+aGzNIkQz4674zJfS +3C/V0YAz/9K9NaKr2nUdJRLE0sWtWPNKAOPwBkQwgpweegzcgYOHzTCC6P9mqMPk +/fvX16SzihkE+xjiOEWPxmB6TUjkH36iS1MqKrV76VFpFZF+mPbaoTjCEO7ldXJP +ZilE2zPNiSilCLhy470CC+cexASl2/ga/Wj6KJSnPX6hrRMaeINWavO8Alby4bhc +7AEVJRTnCzRsl3n5dfnBmQsFsgI7lsuUl/ebKDU2azQiAzNCpxHmY4cIR9UxxHzb +Fh2mX3L9d/3evAh+96RreJVJxe6ilSKQSfKoxHiJp8e8GzQR1J/84YsZqOE5mpoM +ei9avvAIuSZxl0oP1kHLp9H/JwRg5glw4G1W/JHWK1TRd5WuDDGCMU0xliWt3+zr +vGw+fTqyM9wwybRhvlXt0a9z/o4Po+sIfBO0bA/+o4OGFSeMtG1SH6WHXt1rdyEc +Cjuuw5XlIezBhLL40RVtbLJR1ERJ/7bjkoAZUJULIsxKQPdjv+x9depIFJ/PHwa8 +6qtqueU1kdPfTS7uRhlsJuAkxPM5KF4V/rz7qEgTe0vH0lsd3/IGqKTsqKcy4ETj +8Ksb9xA91yPmHMao4YWUWYoLKeQRVwIDAQABAoICAQCgfcWaW/MDw/J4e3fxLTXF +5UGs0mDy9oE6LNkkMvnjsagIXqPZ+mFXLfplhOEESQOY1fHjncdYg2y32xngpfK1 +vjmdx3E/WjLabpWBwbfZxQr/IfmJZjcIT96axwCRZoGSCL5MbaYWqebr0Nq3nlu3 +EoMQo95eEiTzyi6K4qZWn6j3VSdhr2Ox1XhSIRm5UOQmv6jVKJs50dFIVfUsbJ8B +KO0j8sab8r2d/s4SI/QAcZk/stb1+EYyPNddmKiUli1oBTTBVmB4ShFe7lKyh89S +/g6eiwzs3+/Y0/C/tmym0OoPjLy5xsqxCGWRPMpkSNubwTZYSxe1TjbGCf+pif8W +9NN4QNbXE0GoV/rzxXqgPQD2sDbxZifeJGYK5dBB6LO1rhZY5sxPx0Q4csc/9qH/ +N5OBjP8oKiKgmkUgaxMyeTaCzCFRUBHBgNezXJ93Y4NGSMavguJxm9C6VChLuNeS +xKXLJVVp6z4ywh3WXQ8g7M7gHVhacZ9z7uxvWt2j7TBChvpFembsvD3s7sNVP7DV +z1cI2Qttvuanm63Op+FWLGBwaBzfPT2f5Zw+n23UAFfPR/vm23WyXOpeU15VJt6V +6x6iIvypWiOBHjGgCe/sRvvUxguEJJuJpZP5Re34gbf1ATZOFZQsSm/4Rhcnvxp/ +VICpsVYTmRWAs4zMcayfwQKCAQEA2kZ3Osg+s4NE7ih7uocegigsYpnfvBZAHF0f +tmCh0/UWZeFjJPwNc+MKX5Q6AAqJrAJT9w7ErimBI/V5vVPlV6CYFaiBSPzS60ag +XpweWWMC5iVp7lnX7TnmAxKuOdAgJ1R5M9pPGY9PRA7WrkC03iVO3f0YfBaJ1fZ4 +uwm3muZUxsug07m9e6mSTSS8fY/y/3Q+MsHVUsL6Q5Rhf9shh4C4fpWNpsDhXNIG +8GkQ1DJLTuMsy5aUP6lrVoY9iiD4bFg7vD9VtaKseqLQCwoVnf4NjVi8L+sKxDEt +/ZryOXYbNF9YaR2kTNfkY4FFB6CA715XrjMAgYVJq2fEQOm3hwKCAQEA0aGqUyH0 +pewCMN0ChnBbZmvJmcyee04/kozZ5A9BgIRYkTSokCP2dhCnDAidLur4PHg4YxJM +tVsKGZ5ehRtdHF/MUAB4vMhiIx7V1bKXALWoXocPTHcmYD+Auvcozq6wll0jDRwN +pYhFMieTyo69f9iMoBicd97plO8f/e20ndH9nr+6GPej+up6QdN0huLrSVU/kUyP +2aj3l5eL844MeNgVnplzCjy5E6pR81xtkfsNaQ+NILKC14Np3QlgJmEyFJexcgTZ +qMdNhXClg47ICBT/2OKHWshSK5Kj80sXoaT72ZFtCx+TFsCtomDPqRB46fbcvO+j +H5pG+Bm7ouOrsQKCAQAgwZBk/uYB9IIkp2ih/mMCr1qx1VuxEzm9x+/ZY7kFYPNi +iKdjRnwSVxEYdNsbZHlymcrV+Z5kcJATwGPrmKqDMvN/1JDKTj6s1iV87TrUuToX +Jag2/76auCSfc28399bLcC7cLDfQoyQHF575+XXrHHgwcin5fTxkIp/NmdC26zfv +uWFCRM59v13YO9oZkb+qvFwVK+eCiwYZnCvhjxYCCrwlKvZd/vYTAuXNsEa5QW7x +wL/ZMZi/0QHtsymLEBWX1MnqHysSnf36TXKhJXtHAXgxLQ7YthIgjSzUsSsGmoXM +nz5aT/t3GLMKh7y/P0P6KBNKbhb2WPVMRr856pkDAoIBAQDF9AFgq0nYfHq9JZZC +2UqV9ubSgvSMv6EshDElOHrEHzV7ONyL8EnFx4fWxzOWoG90upmUhC1HfAaXloLu +8p4EMzo9uZRJwHdbbrzCJPiOxPuO976smD722EB5TPeN5EwAUUbOFFWWoI2nBNR8 +jDnJxfVVIKhwUWEFMKFnKdZKyYbTJ31WIlMIl+6GxmTdEt7XytZSIJgeE35p+cNA +ZDzGyFXyBDkry5eBSG5GfltBZG6PbQ35eFgxpniLL1VKKLIf2/bGEmpvBHThszO4 +fVXKu/m1FoR2Z3+ggcKr9ZcFH0RrePYdcN12uM+96+lsXo+vb1uWVjwVlZu6oKIc ++RyhAoIBAQDXdJmnJ/1i9RuE8kFND/az8gRuHuqgAuacmW+/UsOmbjBVkNxvtGIW +Pimm6lbKPqvhQMkOvzltyGk0CRbhu5G0ZaMtaNp4LM6N/AouEh08IPLp4y+WmrPg +XQupurCvh/MpOu/5S8TV6tPQtV2Iv3Bj3uaEujb94HHpdpRPHMau9ZmmvBJXgZ89 +mwVcE8P6nB8AJgm7ZtfP4qucsxtgXevWNklSNYvpYVy5KJGvCI/oOAqMo7gJq+wX +hg8dN8L05bBUpyfE+W0ACYS7uIZXcLCqmwQTknNKOKNU20UUK32as0robrmqtJcV +3VcFpfW04XcUvCsRDrHvDCH7wzA33kN1 +-----END PRIVATE KEY----- diff --git a/tests/tls/certs/driver/privatekey1_with_thepassword1.pem b/tests/tls/certs/driver/privatekey1_with_thepassword1.pem new file mode 100644 index 000000000..eb530d063 --- /dev/null +++ b/tests/tls/certs/driver/privatekey1_with_thepassword1.pem @@ -0,0 +1,55 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,3bc1bf8c3663edca1322889b47fb2401 + +UhWefzIxKbtpJso8Lhn2092NBh6PIbARdf5AwQrsrFgwq7kCpJ+UUsc5ZoQ0Wj9R +AiCfDi2kCdwLiMpwBexTvBIeeNvL1QGnQJbNqTQ7rwJ840yfe0M1gSHxWKSTCtUD +SCWvGKjBBdoYTVVGgdnWj6AMDuauUwq1aYOY2tsE6ud12h0cjW2WQBg81iDVBD99 +kH7pai9sOFjblDfM8Gj85Y6OPmpbMcmjLO0+e+UwhnY7bYgGJl3SO/RvmuhQOFyB +uU9/q0fBJaLXsy2QRtUqgm+n26EmT8lMsrRTF+GRkA8azEXRI1skfbW4TMqW0Qs4 +waCvU94taFN3sl0AQSvSIvBn1ZnBw2X2vDjVM8goedlMxMwht1LKWSQ5OTpi2KMY +MO5bR0Tiyyozfli4Gwt7y6Vc9HrgUiIqV3EKy3KhH8BJncRa4mqQtvVlohwmQtUu +1ZLznR5JK6AGIqEhgNP29QLQN6C9UtmIXdQhDZvCSubMo28+r8+k6mofZUZClgBK +UBjKXZ8d/BRKZewmNO3JjoN5AqPjN3qMd6aQ/WUC6h3x0HYSx20bSnSgkEhrx4vC +roz94k9eZY19TpinzHg2Iat9lntKXjkPZBH+rKYKAK9VPg1H7fQtsUUrQQsuVHgT +unlTcLJrqwsqo786LAV3YBZhoVFUvV8ZLeQFwlW8fdtMI7hs0hEmyanjGnhFapl9 +M4Y/Wcfv2oQvK/ouIMSJuOR/7X8IAzk9+Gn97JbSrUqTtSTAzQjwPlKiyZ6LUV3K +GJ/P+whFWjO8UOkYVWNkxSU3lv4Zhxj/ldCCn4LJo+dq8YYW1uxRiET+V41XzTCi +SZE+2BLIWYt5ODqZOZE+T/6lsO5nHZnMcyn7On4D2cE7UKJOuacPoOVQCe3WOdfS +VtBelBbi3dqj7KNDSm+ivvtlcAl8aZWSvzExQK7nBoMSjcDkDBHzH2gpYt6OyK5j +tWZuPpmYMSGSkA0sV5X8ABdD9jf9nVX0pA0EZ/CMr9Mo25STHVHuFecITMs5pWmF +f8wyZjSxZbGIIaCfXN5hw4gJmL4C1zb5FJNC6OtRHhYIjTSmGaFTj52OZ3vCc8D2 +VupvF9fWDGBJfeRMIN4M/VRuu8YOjXyIn5k2ItEetIBav2Gb7GlEPkmSkak4wnKX +nCCTAjz1FhQIVefKJG5y/TrCIkzefPVrDsUxJbwLXf+bUCFZ2ALzWXD6sPTr6apN +26aPYmBzaeIXgyDvMtftuvk2me3DiXdRFVxWYmiJO5r5WRqsYOyAf1qJXygSQFL8 +UED/2B9qYVu4/Q1PSwzzaAbygCHzdxSdUz28//ZjdoUxEAOgdLzT6Xta+qG/1IsH +/B/5C1Mf549vA2vWpnfTIBOpCc6M2WhBz+mjBtNAt5IgB5VV1frmgGkxGUGx31bW +cMG/jHGHTfNyhX21luNslThg98AK/nO2CervKucJYkzLHO15fBwWhNvzIdhRf8os +L9i/v6vdsuVfHelw4wJlecQcp5yV0cOADEVdJghN1fFBAse4wNUSK2pw0e6AZEZH +9Nf3BVxa8Ta6j4PjL/1hQAe2Nffrwk6P91ZSgetnpQYk/EwfVjibQMTPm85vSWYp +vNwgaxqS/Cj36zOrMfnr11oVlgGPo3yYyksSO3+ZnHmNljvE7/W1NflQVyPl0uNg +8vz71Gs9qFgLH1diOSNgfrT6xQeW+//rPZmlBb884kytwykQL/7AOLuTfrzyL5k7 +CA7RBrNqXPdNGDuOHXnRmdWU3sgglRZXtmt9rrwBNcHZQOp+Cy9eOzIYIEicxGjy +AeZihM2DnzB5bKYtFBbspzsgAflcxylbgwtMNPZZ37Xnckx6WtC3hEZUjQCzw7gk +ML5jW3FTGqQJS4VFmSdpWMtzrVgQc0ysYzFc/0WfwBf1HIPd2uHEStf2Fdd19y9S +WuIzjGs6zSji1Ik2fHI7m2U6GZJ42ZF9lAr0Vn2I2xzYKCFiYIRu/C3RH/dKaT85 +1HqeTHT4sGQ0u3g61xlImEOKvoyNPG0Cy8FrpOqXjxhQDs45jMyEZDmrD0DCzfPW +yhfIxEX23KRFWGy/M2bZgHGO/mtU/c66/BWES+fDQG52aYLCeDwaEG5QfywY40n6 +iv1m5DTUSc3uanoAOZc7kOpp2+L8hC3ZqkuY5UOOajQhqlAZy3LIJc55ATuwC/Mc +gf5u9+autfpleLs8cxikD1AFD9KemznfNpjxmJ0kfIzH7Cuf6ktp8LJW+/Dn0sPY +i6XKTb+rMrA16vCcNZUDouO+fLXGk51/CvWGk0Lr0SwRlC7Rel6Ffg9UrrPPHkmV +q3ptCc/YRl5mTcBKlRKiP4dVry7sn41HLNTTPbO1TeDR9RY1tW2pHV1KlbWif6iR +Z1YcZn3roUOi1c7knHyITuD6zq4GNxuNFIcotdGTyn0bG+iBWlKTea4P4i0qaehC +Nh6dCzuAIvUofO7Ypr1V9QOXlvUra0iy8uviTeP5SJSzPu68SRZl3a6EcbBQhZvx +vLmB48wEkjw410EFwnx+YTSqi+j/mhJDx0ljXuE/IxpfBEArlnhWhHJfErRzx8Nw ++nLTheheQItLpLxgTtTHiexHbE6X5xo31+CTwVwgkrhXOasbDU4ZKmNlEWfytXfr +moyHI+5Ug3P2P18nyvK0mwVJAKZU+RiEUPTe0XScSoYz0xme2CAr/UGP09osWdPI +Bcl/oktDxLGbwcPTou0QnWmOWmL2Lm1NvLpGlbhC7i8GZQaAj0x/GrizwSEA3dqY +tRNt73vRl26FX8snlW36NBBYjqENPWc3A+BwG92NFrCj67oavxFCiBeQtjUqSW0e +UNfZ4uT9IkBohShZ5EecOASsEw6ODxy3glt0SJl95Qm6rfsR/kk5uLZ84Sim/6DY +em9Ux0GnbW6eq8LEbrR2REZxeAVNUBln7VMFdsCIVG57Ra5oVtsYRGy1fvIHtRal +3SUqha2NH/aJK61ZUwz4ld9At21+ZgxOiEGnnVfNcl6K/MSYsGxrU/CTDjhJnoR8 +FtsSNtXQcF1i1NBarJqrpTS9JOytzqP3IhIQ5DHnpVn6iDS6mBpvsXdzo6DQbGrm +YoqaT/vUVKf5GytPlmZs+Y0Sxudwe5gtk9dN+9Jppg0x6tApU9H+oxGQ7x7+XL7o +k47OzXIZdt1Cm6mRuIb5DTkZysW/NwL8tRti+pr1bkM= +-----END RSA PRIVATE KEY----- diff --git a/tests/tls/certs/driver/privatekey2.pem b/tests/tls/certs/driver/privatekey2.pem new file mode 100644 index 000000000..b48009153 --- /dev/null +++ b/tests/tls/certs/driver/privatekey2.pem @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQDue+O2warGb9Rp +lBKhC1RG+S4NAH755IpOEHryfm9/lDbECCeSoqf5FCtc4VKRBK/vzuZI3DdzkN9K +voTOPrgBBjWkKgFzegKMo5BarQ61wI5xwH8/W3c/Z70mCnV6ckk7X5LyHAyrxXQa +RuxkN8PvqFylGOV7tMvRZnAnGfa6hbQFMczXHHOJHMvyKb33QvbpdFEiG8iCAHYa +hDnS4Q6IZ6rn0L3O/DQ5YwRSlNcnAYwSMEkSgeuhkQG3NUz/JDB1+DGqVf6yyFX/ +6YF5OBmtFEipUbM/lVNQ1I62l5HSYMO4rGd8RMcHI5knFrvidS10cMNN4whN0gzY +ZC7XkCwbt8bKOc4Vw4MutapQuVHivJBzHRowxYsxmHUB+A4TpZwr869MnhoqTmHL +Ct9SBSwR+4YDu2Yrm1Zpy0rtemDlJBwYg763uDoK2DZYV0cdzrtjL+MK8kGOALQN +10LbdpxVt5enMhRl+p8Xcg6yLylt/TmYRFXfteHcuZhWFx877Rp0hr9Wu+xjD3eP +F1tqJkSFJdnffD4s1OAFro4GsnX5hFzVRIQzqJP09ASOH2ZfA+QkifxUaiSOW3S9 +xnKvLR0Viycci82QQPVeOxg+ovdY8OpZUMRQjpZavUlpxRfG4PlWmI+DFGazaInj +CYGjp1Om48tYoKhgJvBA3tkwebmxdQIDAQABAoICAQDse4eL4zGQAraUVxO+BDj3 +BAKpO/OtovWOgYMZUU0JKpTAAQIUwxxjvp9dQ8YXLZm05+qtF0oZW/A/8vpIdiMK +SPkKJ+k2dCdxBISRlgf/LMlTfTnxPqbaBemnfjmOSSPbL2PMlwntjygZInkoy6+M +x9vOjwiIifiOVdEixPlHbmvbts1UBc9/iEGoicHpHcswJnqJoxlJ6GE03CdmuGsr +0fjEVNbTGH5E5a4UoalT8ZHPO3hKVPCuTtdvr/gBDQbNBGdjbFDbQhMdaJRN+tZj +Lbj7xZtEkrOCdLRr1ZLxFakfSD56GM1vg9pLy5xV7DI9w8+3PUkvufmo3ncgpMNG +cvFELkL801s8/Fg4Nt1vZ1vY2o8QZ1pYgYva1hwEWkxlx3CPLtHUcFkFE2zmmNlV +YBSjnNkyLluF5aOEUvcg3XZSt8+bkYrkP4kTFuQCxuyU+Nqvgq7cheuVVgxd9dCI +9bR0Z1H/9x3XMQrrbKgk+kLpQi1PdC/wEjUBmZrlaFuJ52qXe1oo2lAHyI5u4euP +rCxlJFK6Wzdz1DYfCIr++y4VqRtt7N9HFJbcfmu21nJ9Z9wiZRGP5H//gZL2xB2n +Wqn37plZR+6PveyNlY4rdBzDKh+up8s/ooAdynvp3YDGDuRGny/O3yb9Qc0lBjVN +zjo9UfMMrwWSjV3TQetJ5QKCAQEA+65Dn9x7hYmSV3BmF2gNrhpp3zandPVtZHyG +ryPKcfeDzqR2iqMevw5aP5sg6qUCL+aXrbU2IlmuK7tR1qcy4o2Yg+9rzpolCmuq +40pMNunc0joViURA92HdkQx14K+WbNb8e78wKfPwltj+0gTSa2cJur47E/f0NR6S +B2TSi4EElN/3m9mm6bCdAPpNj5eNcvWY3idDRlE9sKsXE0X0IzlIcxwFnWt9LTMd +NMK8HlZuX8+M3RcWlG7M5D05IcE2R6kJ+npQgFzoLe/VG27cLCA7wZxTiA/1uJyD +0Iy7C0tzfpo/jYZy1wfdcLkeEGCQdDNS7yQnBNtVmAIr9lacfwKCAQEA8pOlg7XA +zlUgSIo0QLW6C730Qnx6Vw3j9CtL4EgKzYLhon6Ikd8de5WlWYdM/5lh3DL0wFtN +wMDvINp3Nh8yGB5yhMQZhWiFQVAX8WSnmtakcbpWUG9FPdKsjx0ILm9Qhfc8oXwY +7Jg7+p/1xfvflEPoGZLYtxv4nt1Hqlh/Y4qn/BjNY5fkgNlegEoFohgCqatuZa4S +Cm6f/G3cThkXrzftrfAGVbMfK+9Y+AAU49q9gI9+/0FsPDVbkGqVoQNkCuxvpmAc +dJ6vulyO2XVs4W9Ul0mUSGzQu+0ia5ywUgHfpuUsggx4ViTaYlJTSbklKaT36MRX +AA+0hXn3VmMICwKCAQB/sXvoCPK23wTbzlBOAeIm+onK0a0Gv1sAR9oB1FPrnNxI +JNNsJbT81KhfazK5On0wlntQjAdqSDwBPioYkX5Uyeie0APPsA+pCNWMOm8O0XrT +QtsYaQPZP9Mtu7e3Bv94O1+g3XDvaDAiKPioz/9+tKmQEOJikERcCyWmELZuR0hu +zG+RqE1ydcRC8bwWZZtDv24PELamX6PAFh5ADhb/JBopJQeIRjgdjbh8w2y0q7+W +ZvSeXA99wfW8u39YK/KBSzef2R0s83ZtkCh8obOdw8Dty4XqG8bdIrQSRMTFx0NS +8anbAWMUzI3Cmnmxb3z7J+slIB+X7DyyQi/R7UG7AoIBAQDwETT9y3NcAB0qDTS3 +UeIk2sIQxpZg70tJC0xVU5b1WnEpWqaYDsJj226/0speLxMNVJSqhfHGMGq4Dd1q +/6aY/hEB2f0T7aPrRnPbn2zMLV6jevEPO3/ANm42WFoPcnSzkEI94s3b4LGDUKlw +XdwgJLBgFtdJKHJ97qqNKHYyMjgbowQpa1pmNjlzJ065459HAXUJRiNulZrZvHQK +CoVJEEW2HVR3ngTce0yGa7ZA5esjf2AFCF8wmvHaU9FvfyaUNPguJPIkbCOngRCS +n8a4uHB0JQqOPrq5MW8eJvzMvDP2PNo2flbdki1anvT0gjoII86BW0ZqtiBG9LTW +lr2PAoIBAQChL4yc5rssxz4YZgZWno+n/29Ny3nAloiSeA4pA2Kj5sqruUW1wPi8 +gSBy1TGFF4kyLraEx54u/ukvsrnFoN71+o0dM/Cw/Btahf2MeUjkna+wzXc9b0lw +XCI4Sj9gtDFIpN5FjMoIlyOKhH8/bwhAAtOYYIKUxjG5du3zHnWVt78jX7Hk/hfr +DHL6c70nwSLdMcFrfI4gH8jUOyqDv5ibhjqCFvQ5vQlru69xL9rhoi/0IcA7wZBx +sP+WujcAZO9qPv0nwuu05ZobuyFZwpoZBr7OAtVM43qGpvduMRmxGoMc+wQzDXCE +dtP6PB3etZ8KFIZn6C5C691ioxQbwcIu +-----END PRIVATE KEY----- diff --git a/tests/tls/certs/driver/privatekey2_with_thepassword2.pem b/tests/tls/certs/driver/privatekey2_with_thepassword2.pem new file mode 100644 index 000000000..376e75da8 --- /dev/null +++ b/tests/tls/certs/driver/privatekey2_with_thepassword2.pem @@ -0,0 +1,55 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,539246aa82b7123ae1b8e0236e1f3818 + +aBIpkyjXSkHOHsJoIaKt9VqJJYpiSl3AuynaNC6RhUwpIqd7izNS47oMji/FRzsO +VrUx7yMKv6rhS2QeJfkPlN6WBxnBlmS/PCLbBrLWdYqLCifea/Mh5YWNt8z3nxBD ++cgfucUACyiQE7zI1EKw74tk/lTXDGgpd2Zgdk8S7mpSjX1ewAih1WqOmERn0Tjf +v7MWjOr1uwPXNabdIexF6IILz2pHMvW3e8+dlIyg0DCM+XPSwlU0JO2mINXD9biK +Bg8AAECPQauCzwz1Oq5KY8AFKAdevU3zISpLCPfctiF1KSZb3Qfs8qiVK0okrmPn +ZMyNuwpXiD8QHSOqI643E949IxDWLz1cDkWsdKHcQBTBsBAzxjLzxi6/LMw101Xs +1D6KFFZzEwxXdsc9ANL71c0JJUwkytvavzOPPUjo8vQoUsqUT+V554+vwGYHTo6m +gEzSPVqN1ZsRHbIfXBrfY9/2rtBwMkC97R5N+roH9ofZ8qdN2DxemkL/1TN17xQu +52R12fNKsaVJCTNh+q1ZQy5nv7ThzTx5SNN2lyKrKfu4vEcgEx35I1n/CpC2wwF8 +pbRkyHmPKAJ4PzuCmi5gxvtNFGJP2T8v/P+AM7Im6lH7q43eM6StBds5dgovff1B +/cP/nqL3xssnrwiTGZlMwG/s/jNpNtvr9YWNhdP8HDtNaPE8rN6zJeYBRTkBP+uk +TQcVwCG7kBJxTTfNwivAUMLhoMZy34jwvSGFzAwTtNlNi7YnZmG4W/Tcr6IepBFv +7qklC0VQqQJ1ZfizKinODDjSJiDzqe78qa/8ce2X9EvKg+tkgZBqG9eGRFEe9wx0 +DjHp+ZU9mUjgWIGoTb4xvwUbnWGrlyRKchWweexZHjOq6Fxf9a9EIeYvEcg9JKZQ +5FekWKbKMPP5uKQpsdn9bul5fqRCfSU+62y0E50/fj2LOJvsh/aG3Dl0GjJXOb2U +WHP3PBldKTK2j0QXeqy6DAvGdA4tHQl3Jw9p2jl3C5RZPhDHqU99mJFhOd+u6mT1 +dIkaLDvMNIjmW1ud5sfOk5fF4rw16ePnm6mS2Eh6lpvn1GtTQM+fg10YhKn9L+kN +mQpz6idwUpK2eR/LUwwTpOEdR+ohPxTJiLCOCKGeoQ0EMb3sMfXcsnyzcwrdRPjc +9wyOEBz2SdRD6InVaCVn9I7EdeEwPg2N38LWBM445LHydK6WxK2iIwn5cZdEWFCm +HfH1yHBgwW1L4DdoTBh9ULseeTsv8PXWf0pjVESxWZHYJSUbvPuQglmpwxlYhM5v +AnTVaB0Ut6ByDg6rn4kpS4j7ORrju0PN+QwR7I1OoPLZSJXFl7z3HDdr5222BDh9 +yujMP4HXqrOyclmF5qpta5zQDAj3FD/ul/ojx1Gj93LhkKKn8OnQO52fdqcHrlIS +MMMvvfSN/wjmCtLbQqh4P2dOjfhVq8cBmKjJwAO7Gt55hx9MdZ5rjyEFH6F+L7qL +D4e3O8ZJJVwdgwh1RqhbQukD2DV/jwIwkwBny7mHJzMR9LrKkbzkNdSEhD38YKQu +MOtSwOF6YE7p3I6qlKlLYKr/o126OwIaewfKreT7r9hp1wyvEzGeqZ1JfQ5gn81X +nPiYWpuwNPihy4wcMd9vx8qZZO4+70+Gu7FYQkIRo9u6FIa96vsnFBNLrbZco21A +XhgjItV0MC+5SQq+Xd78S6W+ipmrg5Yvs+AtIIakywYxRt2Ji/M9Zin33srEM7Nc +kE+G45AyAkaHaR6RbXnB87Sj6d4CwC28wkCTgG8ermJf/DV1+WivnEvdfWKAFi1M +oXqS185IhcpIS1OvMeOIEKk0snp5EbSKgDVlWLFAyplCV3trDvdMgyzt97ZWZDSc +FjWhVLLNyGCofOWuFxxavqY66gUgy8eTBWs/AXC+bd2oMGQOjUxiOWb/EeutTsCQ +gDNaURL/D5TF2G7ue9GHcetTFf1lGt6TPX6gpsC6TkIgkSX2JsVIjiOXHjaBlinp +qZOyfup7fu45E0Qa0BS6C8PobMnA8o3MzTO0y+MLe4slRvlY3NluMaPSGtGbC/9I +7KKYPJlRefas9l9nNguemnA51QfWrjg26R8WDUGpV04yoQ2st8ujPTrjwf6pkjGG +LKzxOUFCC9Y+xvNdMjTIeM9KsRApR6WV+UizfB2x8NH/0ztqFDFxoFyGowlW1FIP +DW2YH1EYEMRoJJ2q9gByCZ/D6aGnEfun5eOIeMqbLm/p+77gov1GGPViD4Ts/OOz +25A6etTUUIOb9KrLli9fdY4CZTqn5a/p7Fh5h4DQSqscAVXk+uKIYGz3+nsPJy4E +fT2XsMaXYt0q27v96QouHZFDfA2NjLG67/rwsKiB1X44MB42it2hB25QOPd0Ha9z +lbAwXVzE9QFwzUmEk9UCtxP0q1EydkXN0tNTqMlh6lUc1Rn2a8XSUoPNm2sIh9dz +hevQ/uMza+myhn+3L6AxVrgGosH4X22d4ron5qqUcFWLc1SYFuncgBBdMV7cpYXw +61+B9qiayejpd76eaaLF66hEK8IXbx1oJvC6R/OwKegL+N8d2KoGvPz9xUNRKTbb +jKQ9MN5ZNQ93f7b5lC2zS/CRe3PlbvMQsOEjJWosM2PpoB4/1MzA2ko3jA6MYgK7 +SqsTjz2ubQUwenKoN8pD4njv6kVA+NRzvIzDxhtv23C75u9apagHOJjUvN+fKL5F +ZzpOcRGYoyhhCYRR64n6RfSfRkrHhQ08mO4JPY9QqeJyxG8hXaDtNm8E5dDKzGZQ +OzzJxRLxLRvPUuaSbAKNVJnn0AQR7dLYX+u9lCbu6ClI/5MkGlQlxJMyK9/8ZqXi +KhqcGsFTFsm+ZnfFXiZg2xdzveeI3uGsoJOLxm6u4YQRbjGwzO621eBhqkQow6m7 +N65u2D9ji3UQUHbOYCtCZk6Hj7TBbMItut2zKCwmCEqHk1YXJTwnKt2NSDcA19C0 +wTONhiY/+O8U0MTS9PIyOI6DlzAAR0Qv6tTP9oFbSdgk/JJuREITsR9pft5h10ub +bmfalKs4AyFWhy6XlcXoM+qQyKfubNlmIS1rqcmubJwjb2/AtgjDM8c/Wen1hNEw +b10n0szJENtfpdu8v+qxvebduIlVQcfezKyQB/pPdKcHsCYOX4/mO6ncGSosNRLr +a4L+Kfu1hcPwiiJdvPfLLbP5QlUFa0eolE6KmRjM3Mo= +-----END RSA PRIVATE KEY----- diff --git a/tests/tls/certs/driver/privatekey_with_thepassword.pem b/tests/tls/certs/driver/privatekey_with_thepassword.pem deleted file mode 100644 index 555235405..000000000 --- a/tests/tls/certs/driver/privatekey_with_thepassword.pem +++ /dev/null @@ -1,55 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -Proc-Type: 4,ENCRYPTED -DEK-Info: AES-256-CBC,2abfa6d9e7a45ade20731060b475abce - -eyVhDzoMurQ1PPBVUrgg+1zNL/kmmfElVXARAAdS20xPpkdyF896mkoFKILbx+kK -fnhKR0euWet4LLqVZcF1eRTbBresmpRncW/UtQCt/uL4BhiOQsMLOZ9KGeRFB/OD -kjrb4QOQzG9iihpipnIBjY9yLueKiFoSDBgR2h67vRLCeuwMWCEOFRnMN1FSh99p -Mc59iP2aH1CS16hneBDt1N5oWWBY0kmlQ38FHKMMXRjn2s482qNGY5Z/yG8URIUq -CTAiVyTqeKa68UQ7uPBp6bcVnC9F/zW3qIFAmIiDVRPiyHz81lCUeCo1LspwaDmZ -wPA6+CKdD1xIC0vLEKuLlvCFqXCJekPMewEFNZRedqiy29Ilry8/SDTgclwv1a6C -ZT8gOh/DK4GAb11jWAPlMpeMwuAZm5u+sWt2Cvc2KTeBqaOwIdSPjtfbDU6l97cD -gnSAr5T6z28Zc5/J34xCUxJ4AYUBenOK4lW4Jr1xOrZK36tWDNaECqXLiDtbcafL -gqiOzrZyDWvHgyIT/A+g8TbQexXDIBG45tkcItAq92ark9FzJO0bUCrVZhvL52e4 -rEYSR9mkwsEFvUWvArQpKMAC+hmyS8OpCvKMnbVAQD5elMz6J+XA0/3WjTTSI6F2 -bQXIFqVN3uVrB2J3qgdfzC5jp3JDcJ18Ws3X0hTLozf3hwTZ6lVFP/rZzFHl2KG8 -2K4jlnsn2SbQrVRN2aZQJ9W4o5vsQYXzdo75hNmfhBuaGS07cRJpJ9zrVS5qjNoj -CZcn+UO7Ym3gs32KnAzo5GcW6mnVFmOoihGPytuQjbPoGEmfh1xh9UbLHXiy82/9 -gmuxT9nLjI0upbvF7UX3geGu6nwoCdPLSgE9MHwsPgPRlgl6mlTveQgkj0/tSK5K -og1OvO0J0zrhH6kJHH21GHLFgZNtALGxdf9usVxH+5KruMyX9dnayjiQahkLLtlv -aVoGeg67k0yxwPOXY3gwMUV9zdX4XXzzmmGp3ZBsdHdl4uFRkrRBzn59IFGDqXLq -2cnH6bfgbn5N1ubL6vAgcLiHIgeIZc/qsBWmUeHfAbV1cOMtrpwA4gAFLwXiM+i8 -9qz7diH5M/x5DTUZ5Xewa5TyzDpB1UD+SS6ReuaXOcRLfKL+929LTqrxe12TdjMj -+sb5bnpAFnRfUnF90DI2X6ZEjNIy/yjv3RYJuI1kvEdgB8WS9vEMeR/IVxAwpQKf -zFyD7MP73Mp0lLlrkvoJ4c6ZkFHoin4li5ZZjZdeG+yfI2Kv4LX4/9IEWpXBpugZ -Xfk3tBfYZbPV5A52BK/aNozSu03yr5Q7a2CCgbJzo8sO+tXKYYmQg4wFVsLNfG9E -xxUXGGdd3yqj5hD+RFpGAQuLIgf44MDqvQOcAmknGvnERLE2ktcBxbiY+AJURdNC -dUK9BqWofIh25k+KmUHaht01AvSKGPP+gSQdee4cbjJy7MH21GpF7f26D6De84tD -PL9+llZUK5/fvNDhA63XnGwJoTMprs3S/XCPTDCDvVxwWFZHw2btAkjHxeEKmPe0 -QjlHgV06VaDvdnmDskZovw/+THwzfquYbkqblq+/2jtFK8ULhrfe65R11rs15XwT -pZbWPt2WpFTrY2+PtvZ0vX10m3YHm538en9e8sBIwqWU8ryjhLZ3UmJ/6ovdcuwu -RarMl4FimT2reaWKAl/jexkIA3f+hAvfoucrWG6HGRV5ScTAwkjgV/NFwKli+gKT -tOFs5Qk7elvERH79sLJnrGkldfzr12aL+L1ffF2EtcHG2D61Nq1VPTmNzVpHi23c -weUU0hu/N3k+ClXcwan8g7VIVxNm63jf0zJjMg8IzH5ss4lK0HK4DDuLDf3pIoBb -LwL8b1zPWQNIerrnjQMx3nRjzO5qtm74t1kNzwF9DfDu4PTg72MlXBkxnCXqMOSk -4lmr524d1bsRIAl0iQdTs+BUYHRdRpJJdOdY2LMr6AVzJH9hDY3HEF0VghgRyVOD -IHVJymVjviAwcLZQVZJJKTefiI5OXvrAFRIUXh1bsJaCKfPehH4N0OoMIyjy/Vqq -J70oykeqLytnvXFUw36+uOeVDZ8pKJ3kBuy1Id41qGEruo/+jQzBpZMz8ZSRGo6d -sUNxOnJdkhHh0+fY/2JFabEEdOYMg9EKJgRdnLEJTGCwgdDm6DBC+RPBbbw3snLg -bBrtpCMbbfFLc/WlJPHveVqZMch1v9ZWwdTCJrwuaSSkB+gGwiPF03onCt2zOfqw -r/Q+zzAFJfos00RZusVRVkf9gRlsiBgtCL3Ovz8LQ/c7Vs1DVr9Gn8UXxmGJtj0T -gZ38T2zcCRhc4EeLQUtXoqT147lbFtMej6/3i22YyGh1BoQQi/hzCFYrxxkxxtgP -Mfdk7BeelkJkTFvv624+rEa6Stu3G/gASZM6/awafYW7o6InE7J9bVrfCyJ6SOg6 -IxLuWoCrYgBgTpFoFd+TQsYD/WcpWbw2iHayCUIbw0ayx+P7YLEKPkNfNuTnKlzg -x6BRS4Wyn4JgDu1KPCkY1+uxrgWcZdKfuqcCa72Khrvqb3M6EWpK0ezfX9DXKn/e -2fz064jZoNvx7jtZLmNGT21v0gWANwTDqeWGBVhSUA5HYScZICvyVyxrEXIwUpMN -b4+gwkgxnWphxedpfLeD6lSaQL59OOjUco1CpsMUJao0CA7PlEK6fNppy71/s/cR -dAgq+3hEMcBefrJGp0G4gb7ffmZJxKfCamHOONIBFI6qpJa2p1Nusdvlsy3/ccaX -igHHki+gbUSOSTScuIjalhVEJkDbdp6g9G14iCjwjKGT4DML+zxFdj13JP6EhqIH -q4B5MhusBbfiGNHYzAKcANAY0u44fjoCEaFqWVwmSzs2BTfuKQQwLqnNyoD8DLeh -QAPUDBMJCBtQ4GHprAhGhhlK55X0bey1b0hGDU9eWvxvr6NuREC+535PXvAkPwfl -lU+BtyQvqQfPHhPwbGRuKNGEjJCZm1DL5KxtuEf/W3hTSVo/ilFUsuSbsny8Y51R -lytkPyv68WhpOz9+jL9c37UgAKkfs6rLXLnvPwX/fTBSScJ2utBy4gtF8v0U3aGJ -LS/AGC22sSmD/bNZI//MHc34eufB8zoMNbkI3/Q8rgERXQX9GBUPDwVbTYIICn4u -cZWxa7NX3qVKhmEnnLa9HHxrw8EbdW4RlI8dk8jDKIU= ------END RSA PRIVATE KEY----- diff --git a/tests/tls/certs/server/bolt/trusted/client.pem b/tests/tls/certs/server/bolt/trusted/client.pem deleted file mode 100644 index b533f7353..000000000 --- a/tests/tls/certs/server/bolt/trusted/client.pem +++ /dev/null @@ -1,29 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFAzCCAuugAwIBAgIQWrpn/AQGRfZhiNdZ4CZz6DANBgkqhkiG9w0BAQsFADAR -MQ8wDQYDVQQDEwZjbGllbnQwHhcNMjQwMjI5MTUzODQ1WhcNNDQwMjI0MTYzODQ1 -WjARMQ8wDQYDVQQDEwZjbGllbnQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQDZLemMsMZR6zKIMKKXjNk0v12pHrQtSyftqminn1vbv9zVmqJxncoMOrke -MxKfiguWbn/M+6BtaIyY3t5Q5MyucfCU0BIm/ngmfVozl4zddmnm3tc4rImgaWe6 -yTXQzH3v4vRzYJaA9DXYH2QQv7UcP13L/tP9q4PU92cB/Wz057eSSk9odjNTGmpD -77zPkgDThotW3JMRBtRBFLWFty+Tnykf81YRCwArZQ3gmxOGAbINRq42v02paCTY -yOxa3rZ4564KsawaX2+6/55vPyST28Hm9b/9cqVEV0PiVXFOkbX5BLabyglaEFx2 -ywRsDvPv1EXKU18T6fLYOpYvkjyoNRQGqyB//MLcm8/QiSM6paVIt+qJcsvuiNTb -UlZEZ548yk46vi5xip0hVKbkie0mtXAooXhEg4no4eBYf1wgFtzh+q3Q7WyepqkU -pbCGGcidMqnStVKlh2qcqUgiACoDLbktMboQ6+j2EHCvr/Uw6NoQQvgOYA3EVwjF -iZvu0q5sU2qDNbKgNoCgsJ0m1oMury5lvL2AkqrBd2HDqe3SQcKJADLFyQKPd4eR -P6LpB3ndGE58J3cOjmtoJK8R45Z7osCRS5SP1YIIoUh09DoDW3LUPpZTycZ9BZFa -NGO3CVwyC+V/S0GX8r0nBR3ImY7fccYSr9pxFUZbZhSCWAVPKwIDAQABo1cwVTAO -BgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0TAQH/BAUw -AwEB/zAdBgNVHQ4EFgQUeQTx5ArwU6EZmhYDQvW8kUtE5oAwDQYJKoZIhvcNAQEL -BQADggIBALlet9phM89XGDU5tVdMsnKAcGC1NUjhMbXl+6441NZonC9FnAAs92JA -PpJNCKVgGTIkGbq8dAUpTH2S9pS6pkThq6GL7GObfVhFytAWUH2zXeyooACVqDUa -VBvGedZV3QclDrK65lPAcgoZtXl/KCyCtBo6ufupTX7PWl1EqT7/M2aGRnivO9M0 -cFP1d4bZ1Z92EHYLRSxjiSwiFCvxFOYDGFpBlOaAHw8FpG0Ps3ro99cdaWmlkex+ -rc1F+Amk5/sZxaQfeKtYhKOVYTKKZM/z3TEbrghd4NBugxRMPHw9xfS9DPyzf+OY -vAwFLObIOiytcCHFYpV3rVjH7HjZf/YyK9MrDaSsahMAKZuSv9lZ/VQMDLtCcwhn -ntYUt42Fc19w4R+dmQT3zucePuwr/bk2mjiHjvvpxi0PJh2qVOQG7m841FLtF8YR -zJ2iHUNXFK6Nafa33gMZfAv9/EKHeeFfpN5Xl1IyQsx1ty0faiE4RNIt9VXqYo+y -Zgmqvn1gbHBaYvZ+VmOWvXgDfufkB/FFly0jAD9r/47DUVS/ndLqwQFTEjzdqDHA -TT3QNJ59oJES9fthbDEg3FZhtdMlOpZyHucDP1OCeZGmBJ3UwGyVZ/aIB9bjZBT4 -kmXPQxQunxqs5ZwlwzspEI9jFQKTMfh5cccao36XkyqjVQo4+iXR ------END CERTIFICATE----- diff --git a/tests/tls/certs/server/bolt/trusted/client1.pem b/tests/tls/certs/server/bolt/trusted/client1.pem new file mode 100644 index 000000000..728f0a2ab --- /dev/null +++ b/tests/tls/certs/server/bolt/trusted/client1.pem @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIFAzCCAuugAwIBAgIQLkH7vXc7bap3K/TxUuWyjDANBgkqhkiG9w0BAQsFADAR +MQ8wDQYDVQQDEwZjbGllbnQwHhcNMjQwMzA0MDg1NzQ4WhcNNDQwMjI4MDk1NzQ4 +WjARMQ8wDQYDVQQDEwZjbGllbnQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK +AoICAQCyvV7hpmx/Bn3iHOfOZM0s6tjHFs/qzYLD8sEtThAXKMLwUwXXQXg5WhW/ +33P+aGzNIkQz4674zJfS3C/V0YAz/9K9NaKr2nUdJRLE0sWtWPNKAOPwBkQwgpwe +egzcgYOHzTCC6P9mqMPk/fvX16SzihkE+xjiOEWPxmB6TUjkH36iS1MqKrV76VFp +FZF+mPbaoTjCEO7ldXJPZilE2zPNiSilCLhy470CC+cexASl2/ga/Wj6KJSnPX6h +rRMaeINWavO8Alby4bhc7AEVJRTnCzRsl3n5dfnBmQsFsgI7lsuUl/ebKDU2azQi +AzNCpxHmY4cIR9UxxHzbFh2mX3L9d/3evAh+96RreJVJxe6ilSKQSfKoxHiJp8e8 +GzQR1J/84YsZqOE5mpoMei9avvAIuSZxl0oP1kHLp9H/JwRg5glw4G1W/JHWK1TR +d5WuDDGCMU0xliWt3+zrvGw+fTqyM9wwybRhvlXt0a9z/o4Po+sIfBO0bA/+o4OG +FSeMtG1SH6WHXt1rdyEcCjuuw5XlIezBhLL40RVtbLJR1ERJ/7bjkoAZUJULIsxK +QPdjv+x9depIFJ/PHwa86qtqueU1kdPfTS7uRhlsJuAkxPM5KF4V/rz7qEgTe0vH +0lsd3/IGqKTsqKcy4ETj8Ksb9xA91yPmHMao4YWUWYoLKeQRVwIDAQABo1cwVTAO +BgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0TAQH/BAUw +AwEB/zAdBgNVHQ4EFgQUqqQ1RxpUgwdzdd2cGuoL9Ip/92swDQYJKoZIhvcNAQEL +BQADggIBAA+dcjgQsWnJb+Ipr6GgQ3KeDScwqoE61cOQLm3G2jw7EA2DG32tX3D1 +z+eSTJTRVsJEZ94aKgxCA+aR9P0i9ku74CPPW1/Z9ZDtUCbugif8GtD6L0XikElU +uQFhH35aq42d05tXBzUN0JOt8h8T86F+07fLhw8ufmM/FEU2OnAlR1XnQKGUCQho +FlqI/yhPijv4B0DfJNoQNj66bi22iPzXF/sB4wuWany9O1/e0CldkN32pPU4eQOH +0npQ/tBg/TkVsI1rH9joBHcUxlsnydZ7IqR1jBGeod6ByszQG2hcNNJzUT6ahKnE +WGj4CzwdusppGFoKl6UeVVy+0ubOepHnes4y1ycDN/BwvCScO/5RNqBUl3gBObxC +7sF+Mss3TSnkaScroS1z1mNAUtyCVvwIhRkmsrauuR1+Jj2ZLWaJV4tI96WtoZxs +ux1sK1DoYvow9JZALBUFaX7d9ZaZ25ovcoq40av1twocHuRnJgzT/3RbKBPJdNEm +nbOh1baFQ8CIi3RMoKm7dF6xLj6BR5VNu/yiqDP7GBcVE27dCYrga0GOSuUFz/n4 +34Fhmqc/odZm9TGgQnOzRHS4gSG+AB7TXCUEisK17YhRwSgJKd2pj+UWfZzk17S9 +JhNd7+GwXGwAhfdAwTIYZcH73v8sTfYLL5QOMCD5Pc/tnC3VgleZ +-----END CERTIFICATE----- diff --git a/tests/tls/certs/server/bolt/trusted/client2.pem b/tests/tls/certs/server/bolt/trusted/client2.pem new file mode 100644 index 000000000..2247f6faf --- /dev/null +++ b/tests/tls/certs/server/bolt/trusted/client2.pem @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIFAzCCAuugAwIBAgIQZ80JfLF49Gvu7dyWdDWZszANBgkqhkiG9w0BAQsFADAR +MQ8wDQYDVQQDEwZjbGllbnQwHhcNMjQwMzA0MDg1NzQ4WhcNNDQwMjI4MDk1NzQ4 +WjARMQ8wDQYDVQQDEwZjbGllbnQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK +AoICAQDue+O2warGb9RplBKhC1RG+S4NAH755IpOEHryfm9/lDbECCeSoqf5FCtc +4VKRBK/vzuZI3DdzkN9KvoTOPrgBBjWkKgFzegKMo5BarQ61wI5xwH8/W3c/Z70m +CnV6ckk7X5LyHAyrxXQaRuxkN8PvqFylGOV7tMvRZnAnGfa6hbQFMczXHHOJHMvy +Kb33QvbpdFEiG8iCAHYahDnS4Q6IZ6rn0L3O/DQ5YwRSlNcnAYwSMEkSgeuhkQG3 +NUz/JDB1+DGqVf6yyFX/6YF5OBmtFEipUbM/lVNQ1I62l5HSYMO4rGd8RMcHI5kn +FrvidS10cMNN4whN0gzYZC7XkCwbt8bKOc4Vw4MutapQuVHivJBzHRowxYsxmHUB ++A4TpZwr869MnhoqTmHLCt9SBSwR+4YDu2Yrm1Zpy0rtemDlJBwYg763uDoK2DZY +V0cdzrtjL+MK8kGOALQN10LbdpxVt5enMhRl+p8Xcg6yLylt/TmYRFXfteHcuZhW +Fx877Rp0hr9Wu+xjD3ePF1tqJkSFJdnffD4s1OAFro4GsnX5hFzVRIQzqJP09ASO +H2ZfA+QkifxUaiSOW3S9xnKvLR0Viycci82QQPVeOxg+ovdY8OpZUMRQjpZavUlp +xRfG4PlWmI+DFGazaInjCYGjp1Om48tYoKhgJvBA3tkwebmxdQIDAQABo1cwVTAO +BgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0TAQH/BAUw +AwEB/zAdBgNVHQ4EFgQURdTZaG2qJc9svt3fkwDbcB522tcwDQYJKoZIhvcNAQEL +BQADggIBACqrXIHhAW6yfI85rPtopUCezq31Mrvkl9E/PqpqF/SlkI1/IOof5WO/ +jC1wFXGN3EGleFgYA4ka15IRo4seH/5PidU6+rsBnjkPNVbn+HHn8HOonQAomUeK +lHmwdfSgpXwihZvktEuzUScaH//u3NSJEAiZfHZh+6hWf/Z9FcTprYN7yFkVzapo +aAaMrYGmlZVOdyEkJqibhaBUko2dNGHTAFhMnSq9ELDHzbGh6pRcr4clKAtV5LPg +7/g1ZWOz0lBXzZLtMPAo6cqeHdHrXBWp2wzB41fphgbkYHCWYqstDF9NwOBD1pDV +BWwbtxZC8eV1/qvWeJoS7bdpmlLfVSDL0V4cyUtzSXVWej5MHVkc5PYRvJVssjyd +VKXs4JzgVcZL+z1LknB3IZDg7wI75bXdVIjagDGEU6A7bYpAyOa+JYvMoLsdoJq/ +RaIsIbMIut3kpWSW+mqxVZP8WEmbUlbjNtTvea3PreRQYa6vB8CawoH4uWyKAC28 +3Tf9N3tyVsUkBlfSdnDRY8BNotElUhNr/Sz1VXmMGgZV1ZAtdeb255abv4Jd3HCV +AdnKEHjdsXPKHL5BeK/IepmHoNzNaygTVScR4JWHp7FKYuReKp8szgcvlhrGs7NQ +KsEaQ9xmFOOjuhqiLRj82qQufdkJq6/JW8j8Hxh7TnM3XDCpJLkP +-----END CERTIFICATE----- diff --git a/tests/tls/shared.py b/tests/tls/shared.py index 799299abd..3f5878802 100644 --- a/tests/tls/shared.py +++ b/tests/tls/shared.py @@ -2,6 +2,7 @@ import subprocess import sys import time +from contextlib import contextmanager from nutkit.frontend import Driver from nutkit.protocol import ( @@ -100,19 +101,32 @@ def reset(self): class TestkitTlsTestCase(TestkitTestCase): - def _try_connect(self, server, scheme, host, **driver_config): + @contextmanager + def _make_driver(self, scheme, host, **driver_config): url = "%s://%s:6666" % (scheme, host) # Doesn't really matter auth = AuthorizationToken("basic", principal="neo4j", credentials="pass") driver = Driver(self._backend, url, auth, **driver_config) - session = driver.session("r") try: - session.run("RETURN 1 as n") - except DriverError: - pass - session.close() - driver.close() + yield driver + finally: + driver.close() + + @contextmanager + def _make_session(self, driver, mode, **session_config): + session = driver.session(mode, **session_config) + try: + yield session + finally: + session.close() + + def _try_connect(self, server, driver): + with self._make_session(driver, "r") as session: + try: + session.run("RETURN 1 AS n") + except DriverError: + pass return server.connected() @driver_feature(Feature.API_DRIVER_IS_ENCRYPTED) diff --git a/tests/tls/test_client_certificate.py b/tests/tls/test_client_certificate.py index e5a95f6fb..a659ff647 100644 --- a/tests/tls/test_client_certificate.py +++ b/tests/tls/test_client_certificate.py @@ -1,6 +1,8 @@ import os +from dataclasses import dataclass import nutkit.protocol as types +from nutkit.frontend import ClientCertificateProvider from tests.shared import get_driver_name from tests.tls.shared import ( TestkitTlsTestCase, @@ -10,7 +12,10 @@ THIS_PATH = os.path.dirname(os.path.abspath(__file__)) -class TestClientCertificate(TestkitTlsTestCase): +class _TestClientCertificateBase(TestkitTlsTestCase): + required_features = (types.Feature.API_SSL_SCHEMES, + types.Feature.API_SSL_CLIENT_CERTIFICATE) + def setUp(self): super().setUp() self._server = None @@ -19,94 +24,174 @@ def setUp(self): def tearDown(self): if self._server: # If test raised an exception this will make sure that the stub - # server is killed and it's output is dumped for analysis. + # server is killed, and its output is dumped for analysis. self._server.reset() self._server = None super().tearDown() - client_cert_on_server = os.path.join(THIS_PATH, - "certs", "server", "bolt", "trusted", - "client.pem") - - client_certificate_cert = os.path.join(THIS_PATH, - "certs", "driver", - "certificate.pem") - client_certificate_key = os.path.join(THIS_PATH, - "certs", "driver", - "privatekey.pem") - - client_certificate_key_with_pwd = \ - os.path.join(THIS_PATH, - "certs", "driver", - "privatekey_with_thepassword.pem") - - client_certificate_password = "thepassword" - - required_features = types.Feature.API_SSL_SCHEMES, \ - types.Feature.API_SSL_CLIENT_CERTIFICATE + def _start_server(self, cert, **kwargs): + self._server = TlsServer(cert, **kwargs) + @classmethod + def _client_cert_on_server(cls, i=1): + return os.path.join( + THIS_PATH, "certs", "server", "bolt", "trusted", f"client{i}.pem" + ) + + @classmethod + def _client_certificate_cert(cls, i=1): + return os.path.join( + THIS_PATH, "certs", "driver", f"certificate{i}.pem" + ) + + @classmethod + def _client_certificate_key(cls, i=1): + return os.path.join( + THIS_PATH, "certs", "driver", f"privatekey{i}.pem" + ) + + @classmethod + def _client_certificate_key_with_pwd(cls, i=1): + return os.path.join( + THIS_PATH, "certs", "driver", + f"privatekey{i}_with_thepassword{i}.pem" + ) + + @classmethod + def _client_certificate_password(cls, i=1): + return f"thepassword{i}" + + @classmethod + def _get_client_certificate(cls, i=1): + return types.ClientCertificate( + cls._client_certificate_cert(i), + cls._client_certificate_key(i) + ) + + @classmethod + def _get_client_certificate_with_password(cls, i=1): + return types.ClientCertificate( + cls._client_certificate_cert(i), + cls._client_certificate_key_with_pwd(i), + cls._client_certificate_password(i) + ) + + +class TestClientCertificate(_TestClientCertificateBase): def test_s_and_client_certificate_present(self): - schemes = "neo4j+s", "bolt+s" + schemes = ("neo4j+s", "bolt+s") client_certificates = (self._get_client_certificate(), self._get_client_certificate_with_password()) for client_certificate in client_certificates: for scheme in schemes: with self.subTest(scheme=scheme, client_certificate=client_certificate): - self._start_server("trustedRoot_thehost", - client_cert=self.client_cert_on_server) - self.assertTrue(self._try_connect( - self._server, scheme, "thehost", - client_certificate=client_certificate, - )) - self._server.reset() + self._start_server( + "trustedRoot_thehost", + client_cert=self._client_cert_on_server() + ) + with self._make_driver( + scheme, "thehost", + client_certificate=client_certificate + ) as driver: + self.assertTrue( + self._try_connect(self._server, driver) + ) + if self._server: + self._server.reset() def test_s_and_certificate_not_present(self): - schemes = "neo4j+s", "bolt+s" + schemes = ("neo4j+s", "bolt+s") for scheme in schemes: with self.subTest(scheme=scheme): - self._start_server("trustedRoot_thehost", - client_cert=self.client_cert_on_server) - self.assertFalse(self._try_connect( - self._server, scheme, "thehost" - )) - self._server.reset() + self._start_server( + "trustedRoot_thehost", + client_cert=self._client_cert_on_server() + ) + with self._make_driver(scheme, "thehost") as driver: + self.assertFalse(self._try_connect( + self._server, driver + )) + if self._server: + self._server.reset() def test_ssc_and_client_certificate_present(self): - schemes = "neo4j+ssc", "bolt+ssc" + schemes = ("neo4j+ssc", "bolt+ssc") client_certificates = (self._get_client_certificate(), self._get_client_certificate_with_password()) for client_certificate in client_certificates: for scheme in schemes: with self.subTest(scheme=scheme, client_certificate=client_certificate): - self._start_server("trustedRoot_thehost", - client_cert=self.client_cert_on_server) - self.assertTrue(self._try_connect( - self._server, scheme, "thehost", - client_certificate=client_certificate, - )) - self._server.reset() + self._start_server( + "trustedRoot_thehost", + client_cert=self._client_cert_on_server() + ) + with self._make_driver( + scheme, "thehost", + client_certificate=client_certificate + ) as driver: + self.assertTrue( + self._try_connect(self._server, driver) + ) + if self._server: + self._server.reset() def test_scc_and_certificate_not_present(self): - schemes = "neo4j+ssc", "bolt+ssc" + schemes = ("neo4j+ssc", "bolt+ssc") for scheme in schemes: with self.subTest(scheme=scheme): - self._start_server("trustedRoot_thehost", - client_cert=self.client_cert_on_server) - self.assertFalse(self._try_connect( - self._server, scheme, "thehost" - )) - self._server.reset() + self._start_server( + "trustedRoot_thehost", + client_cert=self._client_cert_on_server() + ) + with self._make_driver(scheme, "thehost") as driver: + self.assertFalse( + self._try_connect(self._server, driver) + ) + if self._server: + self._server.reset() - def _start_server(self, cert, **kwargs): - self._server = TlsServer(cert, **kwargs) - def _get_client_certificate(self): - return types.ClientCertificate(self.client_certificate_cert, - self.client_certificate_key) +@dataclass +class CertBuffer: + cert: types.ClientCertificate + has_update: bool = True + + +class TestClientCertificateRotation(_TestClientCertificateBase): + required_features = ( + *_TestClientCertificateBase.required_features, + types.Feature.API_LIVENESS_CHECK, + ) + + def test_client_rotation(self): + cert_calls = 0 + cert_buffer = CertBuffer(self._get_client_certificate(1)) + + def get_cert(): + nonlocal cert_calls, cert_buffer + cert_calls += 1 + has_update = cert_buffer.has_update + cert_buffer.has_update = False + return has_update, cert_buffer.cert + + cert_provider = ClientCertificateProvider(self._backend, get_cert) + + with self._make_driver( + "bolt+s", "thehost", client_certificate=cert_provider + ) as driver: + for i in (1, 2): + for _ in (1, 2): + self._start_server( + "trustedRoot_thehost", + client_cert=self._client_cert_on_server(i=i) + ) + self.assertTrue(self._try_connect( + self._server, driver + )) + self._server.reset() + assert cert_calls == 1 + cert_calls = 0 - def _get_client_certificate_with_password(self): - return types.ClientCertificate(self.client_certificate_cert, - self.client_certificate_key_with_pwd, - self.client_certificate_password) + cert_buffer = CertBuffer(self._get_client_certificate(i + 1)) diff --git a/tests/tls/test_secure_scheme.py b/tests/tls/test_secure_scheme.py index 05187464c..6ceb03ff0 100644 --- a/tests/tls/test_secure_scheme.py +++ b/tests/tls/test_secure_scheme.py @@ -49,9 +49,12 @@ def test_trusted_ca_correct_hostname(self): for scheme in self.schemes: with self.subTest(scheme=scheme, driver_config=driver_config): self._start_server("thehost") - self.assertTrue(self._try_connect( - self._server, scheme, "thehost", **driver_config - )) + with self._make_driver( + scheme, "thehost", **driver_config + ) as driver: + self.assertTrue(self._try_connect( + self._server, driver + )) self._server.reset() def test_trusted_ca_expired_server_correct_hostname(self): @@ -61,9 +64,12 @@ def test_trusted_ca_expired_server_correct_hostname(self): for scheme in self.schemes: with self.subTest(scheme=scheme, driver_config=driver_config): self._start_server("thehost_expired") - self.assertFalse(self._try_connect( - self._server, scheme, "thehost", **driver_config - )) + with self._make_driver( + scheme, "thehost", **driver_config + ) as driver: + self.assertFalse(self._try_connect( + self._server, driver + )) self._server.reset() def test_trusted_ca_wrong_hostname(self): @@ -78,10 +84,12 @@ def test_trusted_ca_wrong_hostname(self): for scheme in self.schemes: with self.subTest(scheme=scheme, driver_config=driver_config): self._start_server("thehost") - self.assertFalse(self._try_connect( - self._server, scheme, "thehostbutwrong", - **driver_config - )) + with self._make_driver( + scheme, "thehostbutwrong", **driver_config + ) as driver: + self.assertFalse(self._try_connect( + self._server, driver + )) self._server.reset() def test_untrusted_ca_correct_hostname(self): @@ -91,9 +99,12 @@ def test_untrusted_ca_correct_hostname(self): for scheme in self.schemes: with self.subTest(scheme=scheme, driver_config=driver_config): self._server = TlsServer("untrustedRoot_thehost") - self.assertFalse(self._try_connect( - self._server, scheme, "thehost", **driver_config - )) + with self._make_driver( + scheme, "thehost", **driver_config + ) as driver: + self.assertFalse(self._try_connect( + self._server, driver + )) self._server.reset() def test_unencrypted(self): @@ -105,9 +116,12 @@ def test_unencrypted(self): # The server cert doesn't really matter but set it to the # one that would work if TLS happens to be on. self._start_server("thehost", disable_tls=True) - self.assertFalse(self._try_connect( - self._server, scheme, "thehost", **driver_config - )) + with self._make_driver( + scheme, "thehost", **driver_config + ) as driver: + self.assertFalse(self._try_connect( + self._server, driver + )) self._server.reset() diff --git a/tests/tls/test_self_signed_scheme.py b/tests/tls/test_self_signed_scheme.py index b52322adb..63d681aa6 100644 --- a/tests/tls/test_self_signed_scheme.py +++ b/tests/tls/test_self_signed_scheme.py @@ -40,9 +40,12 @@ def test_trusted_ca_correct_hostname(self): for scheme in self.schemes: with self.subTest(scheme=scheme, driver_config=driver_config): self._server = TlsServer("trustedRoot_thehost") - self.assertTrue(self._try_connect( - self._server, scheme, "thehost", **driver_config - )) + with self._make_driver( + scheme, "thehost", **driver_config + ) as driver: + self.assertTrue(self._try_connect( + self._server, driver + )) if self._server is not None: self._server.reset() @@ -54,9 +57,12 @@ def test_trusted_ca_expired_server_correct_hostname(self): for scheme in self.schemes: with self.subTest(scheme=scheme, driver_config=driver_config): self._server = TlsServer("trustedRoot_thehost_expired") - self.assertTrue(self._try_connect( - self._server, scheme, "thehost", **driver_config - )) + with self._make_driver( + scheme, "thehost", **driver_config + ) as driver: + self.assertTrue(self._try_connect( + self._server, driver + )) if self._server is not None: self._server.reset() @@ -73,10 +79,12 @@ def test_trusted_ca_wrong_hostname(self): for scheme in self.schemes: with self.subTest(scheme=scheme, driver_config=driver_config): self._server = TlsServer("trustedRoot_thehost") - self.assertTrue(self._try_connect( - self._server, scheme, "thehostbutwrong", - **driver_config - )) + with self._make_driver( + scheme, "thehostbutwrong", **driver_config + ) as driver: + self.assertTrue(self._try_connect( + self._server, driver + )) if self._server is not None: self._server.reset() @@ -86,9 +94,12 @@ def test_untrusted_ca_correct_hostname(self): for scheme in self.schemes: with self.subTest(scheme=scheme, driver_config=driver_config): self._server = TlsServer("untrustedRoot_thehost") - self.assertTrue(self._try_connect( - self._server, scheme, "thehost", **driver_config - )) + with self._make_driver( + scheme, "thehost", **driver_config + ) as driver: + self.assertTrue(self._try_connect( + self._server, driver + )) if self._server is not None: self._server.reset() @@ -98,10 +109,12 @@ def test_untrusted_ca_wrong_hostname(self): for scheme in self.schemes: with self.subTest(scheme=scheme, driver_config=driver_config): self._server = TlsServer("untrustedRoot_thehost") - self.assertTrue(self._try_connect( - self._server, scheme, "thehostbutwrong", - **driver_config - )) + with self._make_driver( + scheme, "thehostbutwrong", **driver_config + ) as driver: + self.assertTrue(self._try_connect( + self._server, driver + )) if self._server is not None: self._server.reset() @@ -115,9 +128,12 @@ def test_unencrypted(self): # one that would work if TLS happens to be on. self._server = TlsServer("untrustedRoot_thehost", disable_tls=True) - self.assertFalse(self._try_connect( - self._server, scheme, "thehost", **driver_config - )) + with self._make_driver( + scheme, "thehost", **driver_config + ) as driver: + self.assertFalse(self._try_connect( + self._server, driver + )) if self._server is not None: self._server.reset() diff --git a/tests/tls/test_tls_versions.py b/tests/tls/test_tls_versions.py index 7f2d7ccf5..3bfab1291 100644 --- a/tests/tls/test_tls_versions.py +++ b/tests/tls/test_tls_versions.py @@ -23,14 +23,17 @@ def tearDown(self): def _try_connect_smart(self): if self.driver_supports_features(types.Feature.API_SSL_SCHEMES): - return super()._try_connect(self._server, "neo4j+s", "thehost") + driver_ctx = self._make_driver("neo4j+s", "thehost") elif self.driver_supports_features(types.Feature.API_SSL_CONFIG): - return super()._try_connect(self._server, "neo4j", "thehost", - encrypted=True) - self.skipTest("Needs support for either of %s" % ", ".join( - map(lambda f: f.value, - (types.Feature.API_SSL_SCHEMES, types.Feature.API_SSL_CONFIG)) - )) + driver_ctx = self._make_driver("neo4j", "thehost", encrypted=True) + else: + self.skipTest("Needs support for either of %s" % ", ".join( + (types.Feature.API_SSL_SCHEMES.value, + types.Feature.API_SSL_CONFIG.value) + )) + return + with driver_ctx as driver: + return super()._try_connect(self._server, driver) def test_1_1(self): if self._driver in ["dotnet"]: diff --git a/tests/tls/test_unsecure_scheme.py b/tests/tls/test_unsecure_scheme.py index e4e286096..919b1adb5 100644 --- a/tests/tls/test_unsecure_scheme.py +++ b/tests/tls/test_unsecure_scheme.py @@ -39,9 +39,10 @@ def test_secure_server(self): for scheme in schemes: with self.subTest(scheme=scheme): self._server = TlsServer("trustedRoot_thehost") - self.assertFalse(self._try_connect( - self._server, scheme, "thehost" - )) + with self._make_driver(scheme, "thehost") as driver: + self.assertFalse(self._try_connect( + self._server, driver + )) self._server.reset() @driver_feature(types.Feature.API_SSL_CONFIG) @@ -49,7 +50,10 @@ def test_secure_server_explicitly_disabled_encryption(self): for scheme in schemes: with self.subTest(scheme=scheme): self._server = TlsServer("trustedRoot_thehost") - self.assertFalse(self._try_connect( - self._server, scheme, "thehost", encrypted=False - )) + with self._make_driver( + scheme, "thehost", encrypted=False + ) as driver: + self.assertFalse(self._try_connect( + self._server, driver + )) self._server.reset() From b475ae163043e4c702e721f404fea0a229033df9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antonio=20Barc=C3=A9los?= Date: Mon, 4 Mar 2024 17:05:52 +0100 Subject: [PATCH 14/18] improve assertion --- tests/tls/test_client_certificate.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/tls/test_client_certificate.py b/tests/tls/test_client_certificate.py index a659ff647..7abfef39f 100644 --- a/tests/tls/test_client_certificate.py +++ b/tests/tls/test_client_certificate.py @@ -191,7 +191,7 @@ def get_cert(): self._server, driver )) self._server.reset() - assert cert_calls == 1 + self.assertEqual(1, cert_calls) cert_calls = 0 cert_buffer = CertBuffer(self._get_client_certificate(i + 1)) From b2746feeb012ab8b7c406bca67eaa0aa2b066834 Mon Sep 17 00:00:00 2001 From: Dmitriy Tverdiakov Date: Tue, 5 Mar 2024 00:49:52 +0000 Subject: [PATCH 15/18] Switch to MarshalPKCS1PrivateKey --- certgen/main.go | 14 +-- tests/tls/certs/customRoot.key | 6 +- tests/tls/certs/customRoot2.key | 6 +- tests/tls/certs/driver/certificate1.pem | 54 ++++----- tests/tls/certs/driver/certificate2.pem | 50 ++++----- tests/tls/certs/driver/custom/customRoot.crt | 18 +-- tests/tls/certs/driver/custom/customRoot2.crt | 18 +-- tests/tls/certs/driver/privatekey1.pem | 103 +++++++++--------- .../driver/privatekey1_with_thepassword1.pem | 101 +++++++++-------- tests/tls/certs/driver/privatekey2.pem | 103 +++++++++--------- .../driver/privatekey2_with_thepassword2.pem | 101 +++++++++-------- .../tls/certs/driver/trusted/trustedRoot.crt | 17 +-- .../tls/certs/server/bolt/trusted/client1.pem | 54 ++++----- .../tls/certs/server/bolt/trusted/client2.pem | 50 ++++----- .../tls/certs/server/customRoot2_thehost.key | 6 +- .../tls/certs/server/customRoot2_thehost.pem | 14 +-- tests/tls/certs/server/customRoot_thehost.key | 6 +- tests/tls/certs/server/customRoot_thehost.pem | 16 +-- .../server/customRoot_thehost_expired.key | 6 +- .../server/customRoot_thehost_expired.pem | 16 +-- .../tls/certs/server/trustedRoot_thehost.key | 6 +- .../tls/certs/server/trustedRoot_thehost.pem | 15 +-- .../server/trustedRoot_thehost_expired.key | 6 +- .../server/trustedRoot_thehost_expired.pem | 16 +-- .../certs/server/untrustedRoot_thehost.key | 6 +- .../certs/server/untrustedRoot_thehost.pem | 18 +-- tests/tls/certs/trustedRoot.key | 6 +- 27 files changed, 412 insertions(+), 420 deletions(-) diff --git a/certgen/main.go b/certgen/main.go index 1b0264d32..fca1c7a63 100644 --- a/certgen/main.go +++ b/certgen/main.go @@ -43,11 +43,8 @@ func writeKey(path string, keyx interface{}) { panic(err) } case *rsa.PrivateKey: - m, err := x509.MarshalPKCS8PrivateKey(key) - if err != nil { - panic(err) - } - err = pem.Encode(file, &pem.Block{Type: "PRIVATE KEY", Bytes: m}) + m := x509.MarshalPKCS1PrivateKey(key) + err := pem.Encode(file, &pem.Block{Type: "RSA PRIVATE KEY", Bytes: m}) if err != nil { panic(err) } @@ -62,17 +59,14 @@ func writeKeyEncrypted(password, path string, keyx interface{}) { switch key := keyx.(type) { case *rsa.PrivateKey: - m, err := x509.MarshalPKCS8PrivateKey(key) - if err != nil { - panic(err) - } + m := x509.MarshalPKCS1PrivateKey(key) block := &pem.Block{ Type: "RSA PRIVATE KEY", Bytes: m, } - block, err = x509.EncryptPEMBlock(rand.Reader, block.Type, block.Bytes, + block, err := x509.EncryptPEMBlock(rand.Reader, block.Type, block.Bytes, []byte(password), x509.PEMCipherAES256) if err != nil { panic(err) diff --git a/tests/tls/certs/customRoot.key b/tests/tls/certs/customRoot.key index d1db4d898..16ae19933 100644 --- a/tests/tls/certs/customRoot.key +++ b/tests/tls/certs/customRoot.key @@ -1,5 +1,5 @@ -----BEGIN EC PRIVATE KEY----- -MHcCAQEEIB2DavQnjDSvTFbcQ8LAiOf0jdJw2vE5ws8BXimCubHOoAoGCCqGSM49 -AwEHoUQDQgAE7iYj3U966MS9xqfqn9hbG11Fe6+5rExRZNO3qqnosyFRMqaZ7U54 -hPwjVsqHOsvhMI7M71BXqrd6iOhkHsbFIA== +MHcCAQEEIKYmthXXA++8kXENGIy2EcTMTu+ps8IcbhgumpNuQQlKoAoGCCqGSM49 +AwEHoUQDQgAEX7D1pD4WK2M3oPKd9CmeU7A57Oy8WyvS2vOizJDyW1h2XZTvvj89 +vS8WooXFSXX+TayDDaEZB/rk19B5OJfZjg== -----END EC PRIVATE KEY----- diff --git a/tests/tls/certs/customRoot2.key b/tests/tls/certs/customRoot2.key index 2d17d11c4..beee2388b 100644 --- a/tests/tls/certs/customRoot2.key +++ b/tests/tls/certs/customRoot2.key @@ -1,5 +1,5 @@ -----BEGIN EC PRIVATE KEY----- -MHcCAQEEIDK5fELEd3XFyNDsHpV32VcNtBmXWejBXDO/0wLIueHGoAoGCCqGSM49 -AwEHoUQDQgAEKtc4mzv0JEBevEtp6hDadUMTGhtl78i38IJXABB3fDUjeGdQQynB -7YaHtPFbxPOmR2VfgRybMhDhwMQxZcTsAw== +MHcCAQEEIDzNIm96f6QsnVvzSaGVkj47d5lNeMYmDCOaTj6Gj5UyoAoGCCqGSM49 +AwEHoUQDQgAEimpbDnttGQAe2W4EbkYGnFztHe95YXI9ZBG2vpNpRFOCr8oEop3U +mLDUtXOGqj8hTENgj6qz2oC/7mAGVp58Bg== -----END EC PRIVATE KEY----- diff --git a/tests/tls/certs/driver/certificate1.pem b/tests/tls/certs/driver/certificate1.pem index 728f0a2ab..3e3e60cf5 100644 --- a/tests/tls/certs/driver/certificate1.pem +++ b/tests/tls/certs/driver/certificate1.pem @@ -1,29 +1,29 @@ -----BEGIN CERTIFICATE----- -MIIFAzCCAuugAwIBAgIQLkH7vXc7bap3K/TxUuWyjDANBgkqhkiG9w0BAQsFADAR -MQ8wDQYDVQQDEwZjbGllbnQwHhcNMjQwMzA0MDg1NzQ4WhcNNDQwMjI4MDk1NzQ4 -WjARMQ8wDQYDVQQDEwZjbGllbnQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQCyvV7hpmx/Bn3iHOfOZM0s6tjHFs/qzYLD8sEtThAXKMLwUwXXQXg5WhW/ -33P+aGzNIkQz4674zJfS3C/V0YAz/9K9NaKr2nUdJRLE0sWtWPNKAOPwBkQwgpwe -egzcgYOHzTCC6P9mqMPk/fvX16SzihkE+xjiOEWPxmB6TUjkH36iS1MqKrV76VFp -FZF+mPbaoTjCEO7ldXJPZilE2zPNiSilCLhy470CC+cexASl2/ga/Wj6KJSnPX6h -rRMaeINWavO8Alby4bhc7AEVJRTnCzRsl3n5dfnBmQsFsgI7lsuUl/ebKDU2azQi -AzNCpxHmY4cIR9UxxHzbFh2mX3L9d/3evAh+96RreJVJxe6ilSKQSfKoxHiJp8e8 -GzQR1J/84YsZqOE5mpoMei9avvAIuSZxl0oP1kHLp9H/JwRg5glw4G1W/JHWK1TR -d5WuDDGCMU0xliWt3+zrvGw+fTqyM9wwybRhvlXt0a9z/o4Po+sIfBO0bA/+o4OG -FSeMtG1SH6WHXt1rdyEcCjuuw5XlIezBhLL40RVtbLJR1ERJ/7bjkoAZUJULIsxK -QPdjv+x9depIFJ/PHwa86qtqueU1kdPfTS7uRhlsJuAkxPM5KF4V/rz7qEgTe0vH -0lsd3/IGqKTsqKcy4ETj8Ksb9xA91yPmHMao4YWUWYoLKeQRVwIDAQABo1cwVTAO -BgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0TAQH/BAUw -AwEB/zAdBgNVHQ4EFgQUqqQ1RxpUgwdzdd2cGuoL9Ip/92swDQYJKoZIhvcNAQEL -BQADggIBAA+dcjgQsWnJb+Ipr6GgQ3KeDScwqoE61cOQLm3G2jw7EA2DG32tX3D1 -z+eSTJTRVsJEZ94aKgxCA+aR9P0i9ku74CPPW1/Z9ZDtUCbugif8GtD6L0XikElU -uQFhH35aq42d05tXBzUN0JOt8h8T86F+07fLhw8ufmM/FEU2OnAlR1XnQKGUCQho -FlqI/yhPijv4B0DfJNoQNj66bi22iPzXF/sB4wuWany9O1/e0CldkN32pPU4eQOH -0npQ/tBg/TkVsI1rH9joBHcUxlsnydZ7IqR1jBGeod6ByszQG2hcNNJzUT6ahKnE -WGj4CzwdusppGFoKl6UeVVy+0ubOepHnes4y1ycDN/BwvCScO/5RNqBUl3gBObxC -7sF+Mss3TSnkaScroS1z1mNAUtyCVvwIhRkmsrauuR1+Jj2ZLWaJV4tI96WtoZxs -ux1sK1DoYvow9JZALBUFaX7d9ZaZ25ovcoq40av1twocHuRnJgzT/3RbKBPJdNEm -nbOh1baFQ8CIi3RMoKm7dF6xLj6BR5VNu/yiqDP7GBcVE27dCYrga0GOSuUFz/n4 -34Fhmqc/odZm9TGgQnOzRHS4gSG+AB7TXCUEisK17YhRwSgJKd2pj+UWfZzk17S9 -JhNd7+GwXGwAhfdAwTIYZcH73v8sTfYLL5QOMCD5Pc/tnC3VgleZ +MIIFBDCCAuygAwIBAgIRAI2TewtlIMVyyzHcv1TQ9zAwDQYJKoZIhvcNAQELBQAw +ETEPMA0GA1UEAxMGY2xpZW50MB4XDTI0MDMwNDIzNDkyMloXDTQ0MDIyOTAwNDky +MlowETEPMA0GA1UEAxMGY2xpZW50MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC +CgKCAgEAylkawVY3Uzvl/RvznZjRmjDwCwt33wvXbT6FHhzTSUXBdl4XExAjY5Ej +dcTyEcbLqnKInkmo5wYZkpmtq4BImN6D9P1uWkvVwrXXUl+0BgsiIXjml6Dfkvwh +Kxt1JSdrFAiID5ESiryarc8d1qE2l5ilxmBPlYPUFcdYJthRx88A91pm5lvX8x9D +yFxGHO7id3fiQ6bdDpAHCbWYQkjAeVvPnY5PRmhEQ+9KyHjTWQ0WKAAuoGbxc7Ot +s+nanGuiOC5eu0tPO3A1nMD2LgTPley6+fgwdP0VSfdPfJIgWT+q0/IUqSGJvLDb +/yDMLr67VYL/i9fg1WU787bmNlslWeLyNUPSW4AQOhNefdeJikVrmttlRIZEScSG +cIfmJ20C5uVu+BvuxOPKb+0NAY03rmKqQmEveUsHg9DIXJYRCwK57GrrIvIXby/H +FKHNADNX/i+CWX2UXGbop6J/QjEOakRFCOc2VBJ89q7lT1bDS6CHC/3MsFC8M1DN +0wkBMpxJ2bpF0U8Nv3C1sezw05kfaPWN1fGZKCKKAa4EGuc1HEExA3VAKJhn0NGd +emiLf7Ak4EvIuZwtkNMxPdAloO1udBWtOK+H+8Wv/vBpj6Ui5AYfaI0gQL5vqRz4 +K9t3EqtVsgBwXdNN31DZWAaXlB9yokUrz4Ci7rpvekiO9bhAfC0CAwEAAaNXMFUw +DgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMCMA8GA1UdEwEB/wQF +MAMBAf8wHQYDVR0OBBYEFLSi1HOLeE+IMvJhQn4qfTR/PPwJMA0GCSqGSIb3DQEB +CwUAA4ICAQBIM2pqtwmQ+uUwHMmGkNUM6y9CTlOKMRwuDGiFr/25cVUJh0Q5pcSM +5VKc4vycj24FjqXN5+Zk86Ftj+5ip4NN+mjPMYQz4rGXaKJCWTz0I9dqT9g7gBVy +ZKNrpoJLyly39h5ktAqARoMC5Zm1pK1k+pyBBoJ+VOTEKL9FhqRQdAJguSM/A3kJ +rZCUOkR7Z6TPGJjgr7L78bta+nHagCi1giwHYkSgwWkwNQhJEQPatj6w7w8sWGSi +vinbfJVgWlZBp3lI88hh2rbnAc8IHGBwr0J5VAjK+7/ojcplyczAWayMy90w5DRO +9Qr2EuJuMP5ywTMMXqGtUK8aJZdrxZCW1X9WAJScHhm6y6Z7ZrQ7brYNDq3QFmd0 +V5U6hx19qwJ2ODWWyFqzDb9Y83VEDJPpZJMFCJ2rdOlW0wO2hwFTV0ShMcOT5l38 +WQzkfkdmKPjKZqXM+69IjzWnFBh9Nv4dXIYkQvSqhBqyNehpd6ZGJ73j83oKP8va +W31jsHiRhXVJpAUJ21xJfKKiLTDOXzQJzhm1+389gsz7VkaBZxYnxCPnSNshCr1/ +oE8XjZ8oV1v6ntCJV6UQV3Ea4stBFvflHyRW9XQTn2eRvdTJmtWMkQl6qPgYU5Du +fzSonuLmPdYu/WjcrrmjhXUU2meMdET0o31KkJ8Pcbbscz31UZFBjw== -----END CERTIFICATE----- diff --git a/tests/tls/certs/driver/certificate2.pem b/tests/tls/certs/driver/certificate2.pem index 2247f6faf..d5c4db1b2 100644 --- a/tests/tls/certs/driver/certificate2.pem +++ b/tests/tls/certs/driver/certificate2.pem @@ -1,29 +1,29 @@ -----BEGIN CERTIFICATE----- -MIIFAzCCAuugAwIBAgIQZ80JfLF49Gvu7dyWdDWZszANBgkqhkiG9w0BAQsFADAR -MQ8wDQYDVQQDEwZjbGllbnQwHhcNMjQwMzA0MDg1NzQ4WhcNNDQwMjI4MDk1NzQ4 +MIIFAzCCAuugAwIBAgIQCGhGdAoa7K1pDEAtTiXO4DANBgkqhkiG9w0BAQsFADAR +MQ8wDQYDVQQDEwZjbGllbnQwHhcNMjQwMzA0MjM0OTIyWhcNNDQwMjI5MDA0OTIy WjARMQ8wDQYDVQQDEwZjbGllbnQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQDue+O2warGb9RplBKhC1RG+S4NAH755IpOEHryfm9/lDbECCeSoqf5FCtc -4VKRBK/vzuZI3DdzkN9KvoTOPrgBBjWkKgFzegKMo5BarQ61wI5xwH8/W3c/Z70m -CnV6ckk7X5LyHAyrxXQaRuxkN8PvqFylGOV7tMvRZnAnGfa6hbQFMczXHHOJHMvy -Kb33QvbpdFEiG8iCAHYahDnS4Q6IZ6rn0L3O/DQ5YwRSlNcnAYwSMEkSgeuhkQG3 -NUz/JDB1+DGqVf6yyFX/6YF5OBmtFEipUbM/lVNQ1I62l5HSYMO4rGd8RMcHI5kn -FrvidS10cMNN4whN0gzYZC7XkCwbt8bKOc4Vw4MutapQuVHivJBzHRowxYsxmHUB -+A4TpZwr869MnhoqTmHLCt9SBSwR+4YDu2Yrm1Zpy0rtemDlJBwYg763uDoK2DZY -V0cdzrtjL+MK8kGOALQN10LbdpxVt5enMhRl+p8Xcg6yLylt/TmYRFXfteHcuZhW -Fx877Rp0hr9Wu+xjD3ePF1tqJkSFJdnffD4s1OAFro4GsnX5hFzVRIQzqJP09ASO -H2ZfA+QkifxUaiSOW3S9xnKvLR0Viycci82QQPVeOxg+ovdY8OpZUMRQjpZavUlp -xRfG4PlWmI+DFGazaInjCYGjp1Om48tYoKhgJvBA3tkwebmxdQIDAQABo1cwVTAO +AoICAQDHhp3bSy8rQkwtxZdHqukhNnHXGXYDGQp6TkJNREwKDDYl0o04t1gyTcWV +++HLtLr7rCbZZMtoUziHUIOM8TBdPEwr4fwfBxc6iSUCV8gWioYvPvosh3fs/1o+ +ER2d+u/X1yUgLZVTrJ/4obQStQr+ZWUzWrKCcU7kFcetL8x5a7y1s99lIJcTXiLO +Y9XqcELHct+CkOkklrViOiB9LFnYHW9Nnboxvn9ANC82dEsEA/jqiExadOAKKuc6 +n7i/cC4oJmnlrzOPAYwCJClTbRbct1jvBVWQvwSAAyu702rYfrkNNAM5QljvSc76 +jeCN4uoDb7VGgVhRo3a8OS1IKKo8i9O/NbrjiWdooSV/7cffvARYQHOYgI32YBb9 +3k7vAOAS4QIKQQT+cKi2NyCiDrcmRmws8vPoQPlLWk2/LcSQJyG+BMHbfrOtFosD +GaqRaT/Cr6ep5fK/e0SU+704YJOVTnhvivrGuNYK0ZHDDGtD4481iRJ2Po8NZ5yR +KDWulOPbMCLzINb0ZsNPJK/dFjnWT5+ZEyhaNXvINFDFAUX5i3KMyrcU0eT7KA33 +ba8sGqKiVbknjFGY1IxvoTkE2FoB/0qm4THvZiyWc5fotleyRMcnVZ9gtPmdNTom +XbTVqFJChLjx6i42zLudYELfPT5fWY0UNA/7XN7Pc70cov7M0QIDAQABo1cwVTAO BgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0TAQH/BAUw -AwEB/zAdBgNVHQ4EFgQURdTZaG2qJc9svt3fkwDbcB522tcwDQYJKoZIhvcNAQEL -BQADggIBACqrXIHhAW6yfI85rPtopUCezq31Mrvkl9E/PqpqF/SlkI1/IOof5WO/ -jC1wFXGN3EGleFgYA4ka15IRo4seH/5PidU6+rsBnjkPNVbn+HHn8HOonQAomUeK -lHmwdfSgpXwihZvktEuzUScaH//u3NSJEAiZfHZh+6hWf/Z9FcTprYN7yFkVzapo -aAaMrYGmlZVOdyEkJqibhaBUko2dNGHTAFhMnSq9ELDHzbGh6pRcr4clKAtV5LPg -7/g1ZWOz0lBXzZLtMPAo6cqeHdHrXBWp2wzB41fphgbkYHCWYqstDF9NwOBD1pDV -BWwbtxZC8eV1/qvWeJoS7bdpmlLfVSDL0V4cyUtzSXVWej5MHVkc5PYRvJVssjyd -VKXs4JzgVcZL+z1LknB3IZDg7wI75bXdVIjagDGEU6A7bYpAyOa+JYvMoLsdoJq/ -RaIsIbMIut3kpWSW+mqxVZP8WEmbUlbjNtTvea3PreRQYa6vB8CawoH4uWyKAC28 -3Tf9N3tyVsUkBlfSdnDRY8BNotElUhNr/Sz1VXmMGgZV1ZAtdeb255abv4Jd3HCV -AdnKEHjdsXPKHL5BeK/IepmHoNzNaygTVScR4JWHp7FKYuReKp8szgcvlhrGs7NQ -KsEaQ9xmFOOjuhqiLRj82qQufdkJq6/JW8j8Hxh7TnM3XDCpJLkP +AwEB/zAdBgNVHQ4EFgQUM5kbiHv1KFXtLCGFtYFPEh8DFRQwDQYJKoZIhvcNAQEL +BQADggIBAH30LlY/QlcgIs/YtbPeLWvE9FNnOszIcboeVhm4bXT+BtdO4mNqJp7d +30kN2SsLQtdZnhXHMHNHW0li/GasGajFeQG8mltSQi1njqTL+JItkMRWN7G2Blny +QRyNiGOHK8fp4KjrfIlKPBs7NaJBeVNnaUXa+AkcgdoC0O0T51ybxMTPma0U4kpQ +n1upXUqPwDA1l8sKmsHc2HnMefsXxYAIQaTyOAYvgKNQIpyMGfKshkR27ww2taVi +zT6N+N23cD0LFKra5cH7XR4czHxRGggSxKJcsNPX7uhq0IT7DgZx/Gvzd33wc2hD +AUiJErceDo5iTKLoDwd357vcngL2oZ1otu1rXPBU9fUkmKfwF9T8UzTQiTgeYhXN +Uxq9ZE3lg1x/u0TSnd6nJjU5K9wXjsXrNyZVxDDTSRjdGpbLkLEPcWjqO4Zx4vqB +gfB2kvi0GPpUhzSBgjOEVlc7pEAd/UnpS1Sct45/LEYKFH9YgclZhrj+W2sLYHAg +UJUF+QbGNELR4gT+FGaD55dWOiXwpZGYnabP4ax3J1fLgcOQuTJgT5F7scQ8gkAq +bFg9hflaLQfG1jBK4D8K0boyEHpiDnC66XFvbbj+6l/bba8EcwxSKFVYMpAJJU4m +5BgjWZknIjE+a5cCQ9Hyp1iSI0Ckmx5YM4+g+1I1O1tjMAuqkknu -----END CERTIFICATE----- diff --git a/tests/tls/certs/driver/custom/customRoot.crt b/tests/tls/certs/driver/custom/customRoot.crt index 5d3b8ad74..c08a932a7 100644 --- a/tests/tls/certs/driver/custom/customRoot.crt +++ b/tests/tls/certs/driver/custom/customRoot.crt @@ -1,11 +1,11 @@ -----BEGIN CERTIFICATE----- -MIIBfzCCASWgAwIBAgIQG6ywjQkkfBgCXAM3e21cMTAKBggqhkjOPQQDAjAVMRMw -EQYDVQQDEwpjdXN0b21Sb290MB4XDTIxMDkyNzExNDY1MFoXDTQxMDkyMjEyNDY1 -MFowFTETMBEGA1UEAxMKY3VzdG9tUm9vdDBZMBMGByqGSM49AgEGCCqGSM49AwEH -A0IABO4mI91PeujEvcan6p/YWxtdRXuvuaxMUWTTt6qp6LMhUTKmme1OeIT8I1bK -hzrL4TCOzO9QV6q3eojoZB7GxSCjVzBVMA4GA1UdDwEB/wQEAwICBDATBgNVHSUE -DDAKBggrBgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRGg7urqkqX -cidUaYZ7IhcpqW41lTAKBggqhkjOPQQDAgNIADBFAiBeFBloeaSr9fa6N94GmeaE -3qOrcRS4dqWf5A81OwmFegIhAOs9fcjfeHBmX2r07WN07RlbYXag4xlnl1BQUbAj -UMXk +MIIBgDCCASagAwIBAgIRAOxTpjiToH/Is+xTvqE00IMwCgYIKoZIzj0EAwIwFTET +MBEGA1UEAxMKY3VzdG9tUm9vdDAeFw0yNDAzMDQyMzQ5MjJaFw00NDAyMjkwMDQ5 +MjJaMBUxEzARBgNVBAMTCmN1c3RvbVJvb3QwWTATBgcqhkjOPQIBBggqhkjOPQMB +BwNCAARfsPWkPhYrYzeg8p30KZ5TsDns7LxbK9La86LMkPJbWHZdlO++Pz29Lxai +hcVJdf5NrIMNoRkH+uTX0Hk4l9mOo1cwVTAOBgNVHQ8BAf8EBAMCAgQwEwYDVR0l +BAwwCgYIKwYBBQUHAwEwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUwrluA4+N +leUQw3bofMffAVpr1lMwCgYIKoZIzj0EAwIDSAAwRQIhAKm/zboImwbkOMHQC/ah +YPSLyi0ebyJPBkvFcpIJJnPqAiApvKkHi00c5LpRiVV1CBH6XMnYlX69yNT8y9uG +JyCixg== -----END CERTIFICATE----- diff --git a/tests/tls/certs/driver/custom/customRoot2.crt b/tests/tls/certs/driver/custom/customRoot2.crt index 73afb47df..02e431fcb 100644 --- a/tests/tls/certs/driver/custom/customRoot2.crt +++ b/tests/tls/certs/driver/custom/customRoot2.crt @@ -1,11 +1,11 @@ -----BEGIN CERTIFICATE----- -MIIBgDCCASegAwIBAgIQBFCs0ckOUAPEmdkVdEOa8DAKBggqhkjOPQQDAjAWMRQw -EgYDVQQDEwtjdXN0b21Sb290MjAeFw0yMTA5MjcxMTQ2NTBaFw00MTA5MjIxMjQ2 -NTBaMBYxFDASBgNVBAMTC2N1c3RvbVJvb3QyMFkwEwYHKoZIzj0CAQYIKoZIzj0D -AQcDQgAEKtc4mzv0JEBevEtp6hDadUMTGhtl78i38IJXABB3fDUjeGdQQynB7YaH -tPFbxPOmR2VfgRybMhDhwMQxZcTsA6NXMFUwDgYDVR0PAQH/BAQDAgIEMBMGA1Ud -JQQMMAoGCCsGAQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNDV2FCL -wDKV0dSdrhodOt+U0kmAMAoGCCqGSM49BAMCA0cAMEQCIAeUEL4P4gsY0gmOQ2i+ -/eXJvLH7iOxMmIW7RugnOc1ZAiACq1JA0BYyMZzDWl/8cn1Qs/0R35t/te+G5+K0 -VsqVbg== +MIIBgTCCASigAwIBAgIRALmJnyVOdOOJpw5D9jbnG2IwCgYIKoZIzj0EAwIwFjEU +MBIGA1UEAxMLY3VzdG9tUm9vdDIwHhcNMjQwMzA0MjM0OTIyWhcNNDQwMjI5MDA0 +OTIyWjAWMRQwEgYDVQQDEwtjdXN0b21Sb290MjBZMBMGByqGSM49AgEGCCqGSM49 +AwEHA0IABIpqWw57bRkAHtluBG5GBpxc7R3veWFyPWQRtr6TaURTgq/KBKKd1Jiw +1LVzhqo/IUxDYI+qs9qAv+5gBlaefAajVzBVMA4GA1UdDwEB/wQEAwICBDATBgNV +HSUEDDAKBggrBgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR8YJZJ +0KgubKLq1TKMzSCp51AuMjAKBggqhkjOPQQDAgNHADBEAiBuGPhwVd5LV/auw0A0 +3v0uULL11hllozAEWxhZFrcJVAIgeKpEKQuv6arMjcYP7Znbv1jZIh+hM95IFETu +Ep66CaE= -----END CERTIFICATE----- diff --git a/tests/tls/certs/driver/privatekey1.pem b/tests/tls/certs/driver/privatekey1.pem index 160cb8f28..615ab8067 100644 --- a/tests/tls/certs/driver/privatekey1.pem +++ b/tests/tls/certs/driver/privatekey1.pem @@ -1,52 +1,51 @@ ------BEGIN PRIVATE KEY----- -MIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQCyvV7hpmx/Bn3i -HOfOZM0s6tjHFs/qzYLD8sEtThAXKMLwUwXXQXg5WhW/33P+aGzNIkQz4674zJfS -3C/V0YAz/9K9NaKr2nUdJRLE0sWtWPNKAOPwBkQwgpweegzcgYOHzTCC6P9mqMPk -/fvX16SzihkE+xjiOEWPxmB6TUjkH36iS1MqKrV76VFpFZF+mPbaoTjCEO7ldXJP -ZilE2zPNiSilCLhy470CC+cexASl2/ga/Wj6KJSnPX6hrRMaeINWavO8Alby4bhc -7AEVJRTnCzRsl3n5dfnBmQsFsgI7lsuUl/ebKDU2azQiAzNCpxHmY4cIR9UxxHzb -Fh2mX3L9d/3evAh+96RreJVJxe6ilSKQSfKoxHiJp8e8GzQR1J/84YsZqOE5mpoM -ei9avvAIuSZxl0oP1kHLp9H/JwRg5glw4G1W/JHWK1TRd5WuDDGCMU0xliWt3+zr -vGw+fTqyM9wwybRhvlXt0a9z/o4Po+sIfBO0bA/+o4OGFSeMtG1SH6WHXt1rdyEc -Cjuuw5XlIezBhLL40RVtbLJR1ERJ/7bjkoAZUJULIsxKQPdjv+x9depIFJ/PHwa8 -6qtqueU1kdPfTS7uRhlsJuAkxPM5KF4V/rz7qEgTe0vH0lsd3/IGqKTsqKcy4ETj -8Ksb9xA91yPmHMao4YWUWYoLKeQRVwIDAQABAoICAQCgfcWaW/MDw/J4e3fxLTXF -5UGs0mDy9oE6LNkkMvnjsagIXqPZ+mFXLfplhOEESQOY1fHjncdYg2y32xngpfK1 -vjmdx3E/WjLabpWBwbfZxQr/IfmJZjcIT96axwCRZoGSCL5MbaYWqebr0Nq3nlu3 -EoMQo95eEiTzyi6K4qZWn6j3VSdhr2Ox1XhSIRm5UOQmv6jVKJs50dFIVfUsbJ8B -KO0j8sab8r2d/s4SI/QAcZk/stb1+EYyPNddmKiUli1oBTTBVmB4ShFe7lKyh89S -/g6eiwzs3+/Y0/C/tmym0OoPjLy5xsqxCGWRPMpkSNubwTZYSxe1TjbGCf+pif8W -9NN4QNbXE0GoV/rzxXqgPQD2sDbxZifeJGYK5dBB6LO1rhZY5sxPx0Q4csc/9qH/ -N5OBjP8oKiKgmkUgaxMyeTaCzCFRUBHBgNezXJ93Y4NGSMavguJxm9C6VChLuNeS -xKXLJVVp6z4ywh3WXQ8g7M7gHVhacZ9z7uxvWt2j7TBChvpFembsvD3s7sNVP7DV -z1cI2Qttvuanm63Op+FWLGBwaBzfPT2f5Zw+n23UAFfPR/vm23WyXOpeU15VJt6V -6x6iIvypWiOBHjGgCe/sRvvUxguEJJuJpZP5Re34gbf1ATZOFZQsSm/4Rhcnvxp/ -VICpsVYTmRWAs4zMcayfwQKCAQEA2kZ3Osg+s4NE7ih7uocegigsYpnfvBZAHF0f -tmCh0/UWZeFjJPwNc+MKX5Q6AAqJrAJT9w7ErimBI/V5vVPlV6CYFaiBSPzS60ag -XpweWWMC5iVp7lnX7TnmAxKuOdAgJ1R5M9pPGY9PRA7WrkC03iVO3f0YfBaJ1fZ4 -uwm3muZUxsug07m9e6mSTSS8fY/y/3Q+MsHVUsL6Q5Rhf9shh4C4fpWNpsDhXNIG -8GkQ1DJLTuMsy5aUP6lrVoY9iiD4bFg7vD9VtaKseqLQCwoVnf4NjVi8L+sKxDEt -/ZryOXYbNF9YaR2kTNfkY4FFB6CA715XrjMAgYVJq2fEQOm3hwKCAQEA0aGqUyH0 -pewCMN0ChnBbZmvJmcyee04/kozZ5A9BgIRYkTSokCP2dhCnDAidLur4PHg4YxJM -tVsKGZ5ehRtdHF/MUAB4vMhiIx7V1bKXALWoXocPTHcmYD+Auvcozq6wll0jDRwN -pYhFMieTyo69f9iMoBicd97plO8f/e20ndH9nr+6GPej+up6QdN0huLrSVU/kUyP -2aj3l5eL844MeNgVnplzCjy5E6pR81xtkfsNaQ+NILKC14Np3QlgJmEyFJexcgTZ -qMdNhXClg47ICBT/2OKHWshSK5Kj80sXoaT72ZFtCx+TFsCtomDPqRB46fbcvO+j -H5pG+Bm7ouOrsQKCAQAgwZBk/uYB9IIkp2ih/mMCr1qx1VuxEzm9x+/ZY7kFYPNi -iKdjRnwSVxEYdNsbZHlymcrV+Z5kcJATwGPrmKqDMvN/1JDKTj6s1iV87TrUuToX -Jag2/76auCSfc28399bLcC7cLDfQoyQHF575+XXrHHgwcin5fTxkIp/NmdC26zfv -uWFCRM59v13YO9oZkb+qvFwVK+eCiwYZnCvhjxYCCrwlKvZd/vYTAuXNsEa5QW7x -wL/ZMZi/0QHtsymLEBWX1MnqHysSnf36TXKhJXtHAXgxLQ7YthIgjSzUsSsGmoXM -nz5aT/t3GLMKh7y/P0P6KBNKbhb2WPVMRr856pkDAoIBAQDF9AFgq0nYfHq9JZZC -2UqV9ubSgvSMv6EshDElOHrEHzV7ONyL8EnFx4fWxzOWoG90upmUhC1HfAaXloLu -8p4EMzo9uZRJwHdbbrzCJPiOxPuO976smD722EB5TPeN5EwAUUbOFFWWoI2nBNR8 -jDnJxfVVIKhwUWEFMKFnKdZKyYbTJ31WIlMIl+6GxmTdEt7XytZSIJgeE35p+cNA -ZDzGyFXyBDkry5eBSG5GfltBZG6PbQ35eFgxpniLL1VKKLIf2/bGEmpvBHThszO4 -fVXKu/m1FoR2Z3+ggcKr9ZcFH0RrePYdcN12uM+96+lsXo+vb1uWVjwVlZu6oKIc -+RyhAoIBAQDXdJmnJ/1i9RuE8kFND/az8gRuHuqgAuacmW+/UsOmbjBVkNxvtGIW -Pimm6lbKPqvhQMkOvzltyGk0CRbhu5G0ZaMtaNp4LM6N/AouEh08IPLp4y+WmrPg -XQupurCvh/MpOu/5S8TV6tPQtV2Iv3Bj3uaEujb94HHpdpRPHMau9ZmmvBJXgZ89 -mwVcE8P6nB8AJgm7ZtfP4qucsxtgXevWNklSNYvpYVy5KJGvCI/oOAqMo7gJq+wX -hg8dN8L05bBUpyfE+W0ACYS7uIZXcLCqmwQTknNKOKNU20UUK32as0robrmqtJcV -3VcFpfW04XcUvCsRDrHvDCH7wzA33kN1 ------END PRIVATE KEY----- +-----BEGIN RSA PRIVATE KEY----- +MIIJKQIBAAKCAgEAylkawVY3Uzvl/RvznZjRmjDwCwt33wvXbT6FHhzTSUXBdl4X +ExAjY5EjdcTyEcbLqnKInkmo5wYZkpmtq4BImN6D9P1uWkvVwrXXUl+0BgsiIXjm +l6DfkvwhKxt1JSdrFAiID5ESiryarc8d1qE2l5ilxmBPlYPUFcdYJthRx88A91pm +5lvX8x9DyFxGHO7id3fiQ6bdDpAHCbWYQkjAeVvPnY5PRmhEQ+9KyHjTWQ0WKAAu +oGbxc7Ots+nanGuiOC5eu0tPO3A1nMD2LgTPley6+fgwdP0VSfdPfJIgWT+q0/IU +qSGJvLDb/yDMLr67VYL/i9fg1WU787bmNlslWeLyNUPSW4AQOhNefdeJikVrmttl +RIZEScSGcIfmJ20C5uVu+BvuxOPKb+0NAY03rmKqQmEveUsHg9DIXJYRCwK57Grr +IvIXby/HFKHNADNX/i+CWX2UXGbop6J/QjEOakRFCOc2VBJ89q7lT1bDS6CHC/3M +sFC8M1DN0wkBMpxJ2bpF0U8Nv3C1sezw05kfaPWN1fGZKCKKAa4EGuc1HEExA3VA +KJhn0NGdemiLf7Ak4EvIuZwtkNMxPdAloO1udBWtOK+H+8Wv/vBpj6Ui5AYfaI0g +QL5vqRz4K9t3EqtVsgBwXdNN31DZWAaXlB9yokUrz4Ci7rpvekiO9bhAfC0CAwEA +AQKCAgEArIjnqFzkVcNoKrbPtdxdNLVvqGtB7dzB9rNtfCyl9/9To6M815NWKYrT +CpNAuOmiNZbtaNJ0A3EPExKYo/iBbl+lcps5oiKxhRHaJLHX5aNOme3l6PpSSJlV +itUhwOlogy93HJbdkZCZ74P/9EeILiEJkSoEEf/TMjLEtnKS4OVf9ImP3fIII5TQ +DiKn4fnK/oUpV/gK22Txq1S9HB++hnxDfhue+vDi7G44fNGRnIftEXR+TWUZkkdt +4E+RiPi53F+lhNwFFjBqdluOTdTqT/MHxybZ4pb9tRD8JMLQdGk2Nvxeo4wmTs8a +9uK3V1BomdRWI56SZkKoqPmWOFjlccf804IJWNbAEFjG3tW0mpYQNPYe5sB3LQ9k +0n4AF003Z00i1zYnSrQP7YbEBqaB2GvfOUngfmOh7D1NTzTIjSZ6tgya4uXqiMRF +IfSH9/GDugqjLaJEemqUiBz8Wa3cVs5o6NVy1+ACK9JCTUAasu3HgjjXRybutWGi +UtY9wYFG85sb1i0xKUktPOWttqaDVEy9TLGup/kNMl2O6jUPCRc3Z8Csq6hulex8 +BfmECEYwQ2j43DM7/BVp2YcENCOheth7Me39+Ef24z+6X/iZtIbrsac6En99yGRS +YomBhBzlpI0XL+487MCQ7EQIWJdFcJgqfxrPnSG2SqgnUbkqcx0CggEBANqBkjOa +7U5uDpkXIIpzlKZN1q8demAyAwM3fNORnpuLnDsXqlg+WzhxJIDFAYvWEVRWgwVU +qsTPeMfxhk44xXani8Xgij3rom+S7Jd1pgDvHg8r6kXuH4a1mynL1uWuvMFzFlLz +U513XZO4NLCDwfkBjqCZO29+khb/d132PBH/iLKZlCtyy8b0EIpTx1Wgohiinpjf +MFnK5t3Wv2Kc4kU3yE77rsRcdRk93y/gsVsbqFm3eg5+kxEhHjUIxPTKeSbVzslw +nq5dFmgxhxNtlZ0KiR73nB7Vz+6uFxazGUD/b63WisHcJZtsDxkE6gBtwrVl5Xev +egFSEMxK/l0EbnsCggEBAO0Rv+gv3hVyLoQEb3jR9JCYTZs7dS4hRvxzpvYp11jd +FlruNKjfjbiyB3Cd+QoiNeTfslyQ17apzZrMEagcIyf+COQcThKtsz07umDHaiHv +9ACX/7Ix6hIrxUl4tV3FiEWac0MsCh1pVwaGE75lTytHPagkV+TUFA5BGtsXiPC2 +v6V/FxQiFbRFttR8EjkDfByfKY2Def70YudMCeLlkv2US176+DexVjfI92ar1Ufh +ivy8VL2rn2S3rgaWix1OKxJv2Zm27cvvek+iUoqU1/UAxJujIYIJlV61bqNG59qY +S2PXS2BwGo6MTNTU8lAZ+rTxuio8BGtBjkUmTcOaE3cCggEBAKBKJMIOiL7cJYFQ +YeKu3wEQYMidS0R964/UiJF7ZWqdg8IlniSVub0x4qFD49p88sF3pS2n6o3t1KB4 +IRoIs3JTfkluanr5/HL0yPJir6BHyTk/8d/SyvW7C1Qh4EclY/pVPq8jKNd+1Pqk +SqKiRQ0xgzt0rREhPHH6fcpD89UQK2s5FmS5FZuhNvECfFvoNoDz6nwiXgnAupNK +EaN5itNUFHE8V/xcBtq5dJxerDw1kc4etj8jwybxsIMfJ7ybOzyt48AKCZ3HU8Sj +cH9kCDjnnadF5RUJrDtfIjjYsVHpEDfqBmgn4r6dCoZEAJTH7+m6Ehc2dr25QfFb +ojUCJzkCggEAY+zfXxcOHSwLv0m/UsXsuCX6UDw3oEIWkcKN1aS9SI+oJJvTRns0 +WW1xBV8Q4dyZquc/XxUOV8grCdyKdLmnd+v0A3KK1gSxUFYksTZc3gEucDGhbZLs +fsxEVDu09tmUHwKDIwUlHlCQhgdtuwso260jqAPpqGJcMcXvc/nvlsbw8Oko6SuU +ym+4KMhDRhTZ85aDBUst2PFZ3vSGFkV+N7SSMG7IwXDWTp0+6t/y/mFrHCyl62yz +uthRWiWKbcfND/BlYA1jHlrKy1Y4RIGIpZS1SoTwUseHVmxTPi9c+x7GaEcPVo7q +IruwhuVbXbgVnL9nIPY7RppTRYJntNL08QKCAQAQGO/3/jeY70UKcsRAiZA6BjWT +2BcnAK5Cgq5S7Sqj+Y5D+VSTR7ZaPSuJ8mE7QK6FTv3S5oM96HN3b2pKvclMmv1z +jgZUB+bbdkstjXNZ9r1OxRoVZ13x8QtbZbfsj6vbdMR9EAM4ljknqb2+pN1xzkUt +YSNv40SW4VBVaOxljPMYvLeydOXn/s5ZvBu/WxUIZq4JBj31edBYbOoCVJobPeEx +/MR9840GcvVrp5ZlvrEroEslEGTXgKq4V42O0v2rv1LpcOEnUB9FFVfC9oHjgr3R +AK5l1ZHru6jTTv0sj/YFCokni2l6gQOgIoVur5A7wwyeIdf3JUVRAmUPWNvJ +-----END RSA PRIVATE KEY----- diff --git a/tests/tls/certs/driver/privatekey1_with_thepassword1.pem b/tests/tls/certs/driver/privatekey1_with_thepassword1.pem index eb530d063..c57b1f22b 100644 --- a/tests/tls/certs/driver/privatekey1_with_thepassword1.pem +++ b/tests/tls/certs/driver/privatekey1_with_thepassword1.pem @@ -1,55 +1,54 @@ -----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED -DEK-Info: AES-256-CBC,3bc1bf8c3663edca1322889b47fb2401 +DEK-Info: AES-256-CBC,7db73f09e8812b08000064a405b3d084 -UhWefzIxKbtpJso8Lhn2092NBh6PIbARdf5AwQrsrFgwq7kCpJ+UUsc5ZoQ0Wj9R -AiCfDi2kCdwLiMpwBexTvBIeeNvL1QGnQJbNqTQ7rwJ840yfe0M1gSHxWKSTCtUD -SCWvGKjBBdoYTVVGgdnWj6AMDuauUwq1aYOY2tsE6ud12h0cjW2WQBg81iDVBD99 -kH7pai9sOFjblDfM8Gj85Y6OPmpbMcmjLO0+e+UwhnY7bYgGJl3SO/RvmuhQOFyB -uU9/q0fBJaLXsy2QRtUqgm+n26EmT8lMsrRTF+GRkA8azEXRI1skfbW4TMqW0Qs4 -waCvU94taFN3sl0AQSvSIvBn1ZnBw2X2vDjVM8goedlMxMwht1LKWSQ5OTpi2KMY -MO5bR0Tiyyozfli4Gwt7y6Vc9HrgUiIqV3EKy3KhH8BJncRa4mqQtvVlohwmQtUu -1ZLznR5JK6AGIqEhgNP29QLQN6C9UtmIXdQhDZvCSubMo28+r8+k6mofZUZClgBK -UBjKXZ8d/BRKZewmNO3JjoN5AqPjN3qMd6aQ/WUC6h3x0HYSx20bSnSgkEhrx4vC -roz94k9eZY19TpinzHg2Iat9lntKXjkPZBH+rKYKAK9VPg1H7fQtsUUrQQsuVHgT -unlTcLJrqwsqo786LAV3YBZhoVFUvV8ZLeQFwlW8fdtMI7hs0hEmyanjGnhFapl9 -M4Y/Wcfv2oQvK/ouIMSJuOR/7X8IAzk9+Gn97JbSrUqTtSTAzQjwPlKiyZ6LUV3K -GJ/P+whFWjO8UOkYVWNkxSU3lv4Zhxj/ldCCn4LJo+dq8YYW1uxRiET+V41XzTCi -SZE+2BLIWYt5ODqZOZE+T/6lsO5nHZnMcyn7On4D2cE7UKJOuacPoOVQCe3WOdfS -VtBelBbi3dqj7KNDSm+ivvtlcAl8aZWSvzExQK7nBoMSjcDkDBHzH2gpYt6OyK5j -tWZuPpmYMSGSkA0sV5X8ABdD9jf9nVX0pA0EZ/CMr9Mo25STHVHuFecITMs5pWmF -f8wyZjSxZbGIIaCfXN5hw4gJmL4C1zb5FJNC6OtRHhYIjTSmGaFTj52OZ3vCc8D2 -VupvF9fWDGBJfeRMIN4M/VRuu8YOjXyIn5k2ItEetIBav2Gb7GlEPkmSkak4wnKX -nCCTAjz1FhQIVefKJG5y/TrCIkzefPVrDsUxJbwLXf+bUCFZ2ALzWXD6sPTr6apN -26aPYmBzaeIXgyDvMtftuvk2me3DiXdRFVxWYmiJO5r5WRqsYOyAf1qJXygSQFL8 -UED/2B9qYVu4/Q1PSwzzaAbygCHzdxSdUz28//ZjdoUxEAOgdLzT6Xta+qG/1IsH -/B/5C1Mf549vA2vWpnfTIBOpCc6M2WhBz+mjBtNAt5IgB5VV1frmgGkxGUGx31bW -cMG/jHGHTfNyhX21luNslThg98AK/nO2CervKucJYkzLHO15fBwWhNvzIdhRf8os -L9i/v6vdsuVfHelw4wJlecQcp5yV0cOADEVdJghN1fFBAse4wNUSK2pw0e6AZEZH -9Nf3BVxa8Ta6j4PjL/1hQAe2Nffrwk6P91ZSgetnpQYk/EwfVjibQMTPm85vSWYp -vNwgaxqS/Cj36zOrMfnr11oVlgGPo3yYyksSO3+ZnHmNljvE7/W1NflQVyPl0uNg -8vz71Gs9qFgLH1diOSNgfrT6xQeW+//rPZmlBb884kytwykQL/7AOLuTfrzyL5k7 -CA7RBrNqXPdNGDuOHXnRmdWU3sgglRZXtmt9rrwBNcHZQOp+Cy9eOzIYIEicxGjy -AeZihM2DnzB5bKYtFBbspzsgAflcxylbgwtMNPZZ37Xnckx6WtC3hEZUjQCzw7gk -ML5jW3FTGqQJS4VFmSdpWMtzrVgQc0ysYzFc/0WfwBf1HIPd2uHEStf2Fdd19y9S -WuIzjGs6zSji1Ik2fHI7m2U6GZJ42ZF9lAr0Vn2I2xzYKCFiYIRu/C3RH/dKaT85 -1HqeTHT4sGQ0u3g61xlImEOKvoyNPG0Cy8FrpOqXjxhQDs45jMyEZDmrD0DCzfPW -yhfIxEX23KRFWGy/M2bZgHGO/mtU/c66/BWES+fDQG52aYLCeDwaEG5QfywY40n6 -iv1m5DTUSc3uanoAOZc7kOpp2+L8hC3ZqkuY5UOOajQhqlAZy3LIJc55ATuwC/Mc -gf5u9+autfpleLs8cxikD1AFD9KemznfNpjxmJ0kfIzH7Cuf6ktp8LJW+/Dn0sPY -i6XKTb+rMrA16vCcNZUDouO+fLXGk51/CvWGk0Lr0SwRlC7Rel6Ffg9UrrPPHkmV -q3ptCc/YRl5mTcBKlRKiP4dVry7sn41HLNTTPbO1TeDR9RY1tW2pHV1KlbWif6iR -Z1YcZn3roUOi1c7knHyITuD6zq4GNxuNFIcotdGTyn0bG+iBWlKTea4P4i0qaehC -Nh6dCzuAIvUofO7Ypr1V9QOXlvUra0iy8uviTeP5SJSzPu68SRZl3a6EcbBQhZvx -vLmB48wEkjw410EFwnx+YTSqi+j/mhJDx0ljXuE/IxpfBEArlnhWhHJfErRzx8Nw -+nLTheheQItLpLxgTtTHiexHbE6X5xo31+CTwVwgkrhXOasbDU4ZKmNlEWfytXfr -moyHI+5Ug3P2P18nyvK0mwVJAKZU+RiEUPTe0XScSoYz0xme2CAr/UGP09osWdPI -Bcl/oktDxLGbwcPTou0QnWmOWmL2Lm1NvLpGlbhC7i8GZQaAj0x/GrizwSEA3dqY -tRNt73vRl26FX8snlW36NBBYjqENPWc3A+BwG92NFrCj67oavxFCiBeQtjUqSW0e -UNfZ4uT9IkBohShZ5EecOASsEw6ODxy3glt0SJl95Qm6rfsR/kk5uLZ84Sim/6DY -em9Ux0GnbW6eq8LEbrR2REZxeAVNUBln7VMFdsCIVG57Ra5oVtsYRGy1fvIHtRal -3SUqha2NH/aJK61ZUwz4ld9At21+ZgxOiEGnnVfNcl6K/MSYsGxrU/CTDjhJnoR8 -FtsSNtXQcF1i1NBarJqrpTS9JOytzqP3IhIQ5DHnpVn6iDS6mBpvsXdzo6DQbGrm -YoqaT/vUVKf5GytPlmZs+Y0Sxudwe5gtk9dN+9Jppg0x6tApU9H+oxGQ7x7+XL7o -k47OzXIZdt1Cm6mRuIb5DTkZysW/NwL8tRti+pr1bkM= +sovzUJ9PEibxRySdO6cvVniPiF+XDUYzANDbwuxLvorijkpPA+mhhRFYWw19JInC +JZJKAsvhCr5hkysdYw/RHzNpI9aAuO0b1p4+lrGjUBgBSuSDII8bsx5wt8ZDKbN9 +SJAP57HA5tuTvYIYGmTsyrIyCPutbBEs3VSXcJwbN6cwV3zAGG5EZ9ULNhSNcSLm +sWzkdanlsDHkWxm3gA+NpZcie5AXogLuAs6kyEiIT4N3MrYyXDyV9iKoaDgL65/Z +GoxbllKCFd/jytbQmttN4+4ToqkAPfEoU+CJWJFSKV2KDNFxGwU/LlwtVn6q6WDR +i4OW1+SM+zCK9edHSaUZKBjk5dBT4ikLrJyTCTSdPeggi9zfMhCp7j7sASOkTlEL +6UmV73XEmpotNrpIqlNKHRjQWI0YoJjKxEWX9PJS05LWSSQNjMAwl9Dxdhj23ZS5 +QnHvqCk8Tc1Ycbge+F1p1Bv9rvRILDxZxjvspCLZv8ntknU5eRTdBEEgBgnx7Ge+ +Uz8ALO6WfnUEGYrhuZLLXaKb/xqxwFfCJ7N6x1fhSoygShOc2U9TXFETKdM0HY77 +unzXqgGHiKRfBHdK06UW7WUG4gmmfVZVrfroQm6Vfj6OuMGu6SsHzVZey4M3k/H8 +1QUYJG6j2aZfmFYXlSOuOkTXxfewWWubtB4LkS9Xr/qxOEmZphDlDPdKMYm0mbH+ +NqPezCXTZ8orvYfxLI6YCm/QCXrF/EH8GOEkpKKi9Dd9w4/s90on2tdV4c3FxNn/ +Rl2Uic8Lb1QupbvLi1bzdGdhc6auahBjhmWMrAQYWGHE7t2KkpXN7uyWlgqUm9WP +QOeJoGS7vtfM/TLcYf3LFpRM1vQvIHH9cEXwkxergFKpbvwpX0JJ/5r6FkS52vm6 +7A0pY7/8AXhkYEoyLBBeA0erIYmAnyfQ+85pP6IQ0KbrEPvhFZtyOxSNKXnpfm92 +kqM8A4uBEqr/aWuwEfD1M0ehTy71g48d3As42u9B16mnGhlImk4G48PbL5FwWeTG +JKGxS5LU8rXqvfufKCsNxl1P7mXI64+x7iD09Le7GAGGrkwwbeldlPECcoL8LnmG +DCra7T8XU72x+IM9jPB9P0PXaD31ZzIRfnZhnAA5nyrvfIoyoWLincBB8jGdj9km +Dkz9Ocisai0IM0C1z6XZUidrlzM0oFByawxgbg9QfD73ekpvrgaRTdmUsl77578A +1EnBlxeK2MU9PRcVY3arjUinTZBa/1feqSUvmuKUnqmeQFVvfw3ZjJBmZC5Qv4Tb +NpVB5f9AKbuMsCzPAbM+11aopLgk2ZWUbBxlM6nHXE5EJDKaUF71Uu3hO46ubGRs +lAmShRRjnn6FXldjnLEuNGlR5uBiVR6TagV8ZEE299HnKwZYQX3yUfrRh6HfHRTY +jucoMpbAXVnmtbYXxh0QED2VjWYmQ3dExs4srVn295KqQXt3tOSTW6fuJVfFy7Y+ +rqGfwng+WLQIJJmFjjOhdfIMk8gJWcsz0zdZYTfMbLjY4FVX6IvUm0VKlq5BeeFr +XdSwO2BXfT2AtvYsvepugzkeOr2yfQhOIxSHsKBvtbvpe0dbKy0+JAmbiVPoLnPF +UhuuoPQ1vdfwibtvd41TZSEdxUXCzhhb9mBIZoFiCadXOqwQun/Ouyr6qGLYXB+Q +gGU7Sbvy/OaVpg3VJEh4bDJDvj1hUdjVV9AOkPAC87GBCXDjTiyLTR9xD7Yuhk0b +UXnL/7iDSc2qiiqOd2qBLwcH0Q7aMBuG+XtQ2hrcslHz3qQpFkG3gYJr1xJP6+gg +6Uk+wLMvpfct+hVKTDGzxoNN2h63DLc7VKI8TRbtRLt9lvriiVjyYr8A6lUy4eDU +fyIogKuEacd6Fq4aJ9/Bip0Z6g3UlhNWccCNEegU6W30z3iTNhBvuXTNRrEUIu2G +4BHnKD3NE9sA7u0PJb6tAECZH/pwH4knAW3SNMLYcf0TfiExwYQ+l9CX7n/Surke +m6trqx98PCEPIjCKp+HymVXNDesWXB7GgAjpyFv63cFwsSTHlkS4ACQBooF6uLGm +HdWMQLaujhOgHyqcYbOwhS/ILcq9nf4NcsVeJiGos5LCDxkfLD2gDWcGEnI0H7wX +fJt9tG/jwEaf0WGfd/xX7WU5+TzaGSmUuyIwpFT0YqBYXC8wQlBVkdsNwbyHtY4W +OtYJh8YBfI17avKUyU5wAJylxAJwM6HBY29HqH/4HwvdimDl+YJmUQEOfHOVtwsf +0A3/nZy6jm68keqazGyO7WTAlC6fMh9yX4xw+rKDFg+5DPCWSIb2P2GW80TrmeGe +O0b6lzFs6Nx/CxUqd6GC5TXackFhai6E9B3niqwW6cSo6a16D66yIRzNGwMzKA6j +RhPZrSPUkHR68Oxanq40N+MPpAekZrb6m75+KtRlWJsjSCKZlCdywbAtBIjEVkBu +VX3HPaeYEThvejk4u0g+3hmVkCpyFtMWiB/Ic8TNhukxf3aOuvsI1g47ss1eR8TU +QGa6oyRRSgASLCjAQnGkCtU+W7V7eAPhKiaKJVmklxsUGBqU+i3gM6JT5gZZuI2+ +L/gkUFIRoeUOkMEl70+g/Kc9nWDjFfEhDywabeWhIpauRvlaphEYoBV6xm1Yn3+c +XWQRrmnab9/0dCG5lfdY8mYMGngfZ6YyhCYyp6YhI/+9A6BfFuqXsYgCTspHc/zO +GoD8nZUzQmwcL2/4UMHToQEzq4O+yy0H+Mc3FiZ8O8i1K2oKcWbIiNVM3Pi+zfWY +uIEggzfhwPF8JKYaYo7yZf7jihoa/zXqZMUjIGChLyQgx5uRH01UiUY3NioYcgox +bsqUpX8d2S2RYHX/SjMPQxEaMbmKejGP+o80uY8MrxFKMhkOvOFGx1DsPObvCEbA +r/evivwC7Goc3qFaHiI0cD6+qAGuqcc3BAi3H8MMrL+WENKfFbLZ+U9vXdfwF0hW +9i5AhCfW3CaoXieU031d7lNh5XH7SXmN6zcysxRGYfMfrl5pQZfjDB9dOmrvICyy +su0yEs4iYJDLbTx6JoW20BH/qYtYaMCZFCj0Viu778fwzFGWq7n09WsiBGBVboBU +Cqq7hA6L3WWuvjaCLnOfskr9C1HpmDZ6fTquL40bzZExnsBCn4FVQIfYvXD4jv+P -----END RSA PRIVATE KEY----- diff --git a/tests/tls/certs/driver/privatekey2.pem b/tests/tls/certs/driver/privatekey2.pem index b48009153..d769a6665 100644 --- a/tests/tls/certs/driver/privatekey2.pem +++ b/tests/tls/certs/driver/privatekey2.pem @@ -1,52 +1,51 @@ ------BEGIN PRIVATE KEY----- -MIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQDue+O2warGb9Rp -lBKhC1RG+S4NAH755IpOEHryfm9/lDbECCeSoqf5FCtc4VKRBK/vzuZI3DdzkN9K -voTOPrgBBjWkKgFzegKMo5BarQ61wI5xwH8/W3c/Z70mCnV6ckk7X5LyHAyrxXQa -RuxkN8PvqFylGOV7tMvRZnAnGfa6hbQFMczXHHOJHMvyKb33QvbpdFEiG8iCAHYa -hDnS4Q6IZ6rn0L3O/DQ5YwRSlNcnAYwSMEkSgeuhkQG3NUz/JDB1+DGqVf6yyFX/ -6YF5OBmtFEipUbM/lVNQ1I62l5HSYMO4rGd8RMcHI5knFrvidS10cMNN4whN0gzY -ZC7XkCwbt8bKOc4Vw4MutapQuVHivJBzHRowxYsxmHUB+A4TpZwr869MnhoqTmHL -Ct9SBSwR+4YDu2Yrm1Zpy0rtemDlJBwYg763uDoK2DZYV0cdzrtjL+MK8kGOALQN -10LbdpxVt5enMhRl+p8Xcg6yLylt/TmYRFXfteHcuZhWFx877Rp0hr9Wu+xjD3eP -F1tqJkSFJdnffD4s1OAFro4GsnX5hFzVRIQzqJP09ASOH2ZfA+QkifxUaiSOW3S9 -xnKvLR0Viycci82QQPVeOxg+ovdY8OpZUMRQjpZavUlpxRfG4PlWmI+DFGazaInj -CYGjp1Om48tYoKhgJvBA3tkwebmxdQIDAQABAoICAQDse4eL4zGQAraUVxO+BDj3 -BAKpO/OtovWOgYMZUU0JKpTAAQIUwxxjvp9dQ8YXLZm05+qtF0oZW/A/8vpIdiMK -SPkKJ+k2dCdxBISRlgf/LMlTfTnxPqbaBemnfjmOSSPbL2PMlwntjygZInkoy6+M -x9vOjwiIifiOVdEixPlHbmvbts1UBc9/iEGoicHpHcswJnqJoxlJ6GE03CdmuGsr -0fjEVNbTGH5E5a4UoalT8ZHPO3hKVPCuTtdvr/gBDQbNBGdjbFDbQhMdaJRN+tZj -Lbj7xZtEkrOCdLRr1ZLxFakfSD56GM1vg9pLy5xV7DI9w8+3PUkvufmo3ncgpMNG -cvFELkL801s8/Fg4Nt1vZ1vY2o8QZ1pYgYva1hwEWkxlx3CPLtHUcFkFE2zmmNlV -YBSjnNkyLluF5aOEUvcg3XZSt8+bkYrkP4kTFuQCxuyU+Nqvgq7cheuVVgxd9dCI -9bR0Z1H/9x3XMQrrbKgk+kLpQi1PdC/wEjUBmZrlaFuJ52qXe1oo2lAHyI5u4euP -rCxlJFK6Wzdz1DYfCIr++y4VqRtt7N9HFJbcfmu21nJ9Z9wiZRGP5H//gZL2xB2n -Wqn37plZR+6PveyNlY4rdBzDKh+up8s/ooAdynvp3YDGDuRGny/O3yb9Qc0lBjVN -zjo9UfMMrwWSjV3TQetJ5QKCAQEA+65Dn9x7hYmSV3BmF2gNrhpp3zandPVtZHyG -ryPKcfeDzqR2iqMevw5aP5sg6qUCL+aXrbU2IlmuK7tR1qcy4o2Yg+9rzpolCmuq -40pMNunc0joViURA92HdkQx14K+WbNb8e78wKfPwltj+0gTSa2cJur47E/f0NR6S -B2TSi4EElN/3m9mm6bCdAPpNj5eNcvWY3idDRlE9sKsXE0X0IzlIcxwFnWt9LTMd -NMK8HlZuX8+M3RcWlG7M5D05IcE2R6kJ+npQgFzoLe/VG27cLCA7wZxTiA/1uJyD -0Iy7C0tzfpo/jYZy1wfdcLkeEGCQdDNS7yQnBNtVmAIr9lacfwKCAQEA8pOlg7XA -zlUgSIo0QLW6C730Qnx6Vw3j9CtL4EgKzYLhon6Ikd8de5WlWYdM/5lh3DL0wFtN -wMDvINp3Nh8yGB5yhMQZhWiFQVAX8WSnmtakcbpWUG9FPdKsjx0ILm9Qhfc8oXwY -7Jg7+p/1xfvflEPoGZLYtxv4nt1Hqlh/Y4qn/BjNY5fkgNlegEoFohgCqatuZa4S -Cm6f/G3cThkXrzftrfAGVbMfK+9Y+AAU49q9gI9+/0FsPDVbkGqVoQNkCuxvpmAc -dJ6vulyO2XVs4W9Ul0mUSGzQu+0ia5ywUgHfpuUsggx4ViTaYlJTSbklKaT36MRX -AA+0hXn3VmMICwKCAQB/sXvoCPK23wTbzlBOAeIm+onK0a0Gv1sAR9oB1FPrnNxI -JNNsJbT81KhfazK5On0wlntQjAdqSDwBPioYkX5Uyeie0APPsA+pCNWMOm8O0XrT -QtsYaQPZP9Mtu7e3Bv94O1+g3XDvaDAiKPioz/9+tKmQEOJikERcCyWmELZuR0hu -zG+RqE1ydcRC8bwWZZtDv24PELamX6PAFh5ADhb/JBopJQeIRjgdjbh8w2y0q7+W -ZvSeXA99wfW8u39YK/KBSzef2R0s83ZtkCh8obOdw8Dty4XqG8bdIrQSRMTFx0NS -8anbAWMUzI3Cmnmxb3z7J+slIB+X7DyyQi/R7UG7AoIBAQDwETT9y3NcAB0qDTS3 -UeIk2sIQxpZg70tJC0xVU5b1WnEpWqaYDsJj226/0speLxMNVJSqhfHGMGq4Dd1q -/6aY/hEB2f0T7aPrRnPbn2zMLV6jevEPO3/ANm42WFoPcnSzkEI94s3b4LGDUKlw -XdwgJLBgFtdJKHJ97qqNKHYyMjgbowQpa1pmNjlzJ065459HAXUJRiNulZrZvHQK -CoVJEEW2HVR3ngTce0yGa7ZA5esjf2AFCF8wmvHaU9FvfyaUNPguJPIkbCOngRCS -n8a4uHB0JQqOPrq5MW8eJvzMvDP2PNo2flbdki1anvT0gjoII86BW0ZqtiBG9LTW -lr2PAoIBAQChL4yc5rssxz4YZgZWno+n/29Ny3nAloiSeA4pA2Kj5sqruUW1wPi8 -gSBy1TGFF4kyLraEx54u/ukvsrnFoN71+o0dM/Cw/Btahf2MeUjkna+wzXc9b0lw -XCI4Sj9gtDFIpN5FjMoIlyOKhH8/bwhAAtOYYIKUxjG5du3zHnWVt78jX7Hk/hfr -DHL6c70nwSLdMcFrfI4gH8jUOyqDv5ibhjqCFvQ5vQlru69xL9rhoi/0IcA7wZBx -sP+WujcAZO9qPv0nwuu05ZobuyFZwpoZBr7OAtVM43qGpvduMRmxGoMc+wQzDXCE -dtP6PB3etZ8KFIZn6C5C691ioxQbwcIu ------END PRIVATE KEY----- +-----BEGIN RSA PRIVATE KEY----- +MIIJKAIBAAKCAgEAx4ad20svK0JMLcWXR6rpITZx1xl2AxkKek5CTURMCgw2JdKN +OLdYMk3Flfvhy7S6+6wm2WTLaFM4h1CDjPEwXTxMK+H8HwcXOoklAlfIFoqGLz76 +LId37P9aPhEdnfrv19clIC2VU6yf+KG0ErUK/mVlM1qygnFO5BXHrS/MeWu8tbPf +ZSCXE14izmPV6nBCx3LfgpDpJJa1YjogfSxZ2B1vTZ26Mb5/QDQvNnRLBAP46ohM +WnTgCirnOp+4v3AuKCZp5a8zjwGMAiQpU20W3LdY7wVVkL8EgAMru9Nq2H65DTQD +OUJY70nO+o3gjeLqA2+1RoFYUaN2vDktSCiqPIvTvzW644lnaKElf+3H37wEWEBz +mICN9mAW/d5O7wDgEuECCkEE/nCotjcgog63JkZsLPLz6ED5S1pNvy3EkCchvgTB +236zrRaLAxmqkWk/wq+nqeXyv3tElPu9OGCTlU54b4r6xrjWCtGRwwxrQ+OPNYkS +dj6PDWeckSg1rpTj2zAi8yDW9GbDTySv3RY51k+fmRMoWjV7yDRQxQFF+YtyjMq3 +FNHk+ygN922vLBqiolW5J4xRmNSMb6E5BNhaAf9KpuEx72YslnOX6LZXskTHJ1Wf +YLT5nTU6Jl201ahSQoS48eouNsy7nWBC3z0+X1mNFDQP+1zez3O9HKL+zNECAwEA +AQKCAgEApbkYMGbYPNQKNhJiPrKkhGOWVpTdQmFwJHoP8+GATvApoWyqw6r1ZILY +VGUr/GiWzicE9ZgUowhMcYfcXBqQk0Bb/C7tnE/laUc0KCgFF0PjhCaI4Kd8YqsN +p3PL58XfpKUcPwfdeextyrN0v/0Drp1FW0w/7Lx0TFoSybRj344u5bULHhHdqcaM +nmSp7tljfgnZv7bhDvTmnzmsdot57Fk2c39Igby6MPenJ1GcZS9vdk3TLWbaF1ff +SwATEV7513tghdfpuSQNyFGEybhYPudCxPTnRxyBfloj3xQRMNTAm0jSTKLg/4+M +jOt+0hrhSA1mwbL5SoW9P0U2aTLtgXdD/L0+H1jds+5eklv06Cm7eIgajkvd5XFs +PqNaZf5SgeK83T8clAuw5zC7KbfnfTxNZtVvsEyKYe36ED7HAiiNvToL/ddzmLkD +Xjy9jZFKP78Mh0XuKQY+y81lBnxC7mVyR34OFBUg3/UBPsKmpod0HPvp7ojtpAer +71wBfgWsCTgz4eoc0tdac5xikKOZvITaDNrdP9OAtVdODkGxiXfq7poEOMJnUeAi +PT2oSgAE9SVGa3gZNkwAzZAPRLctbiKZ5akRbp9hbm5aFNmVQqF2v1Ao5dPmkZF8 ++xdqRsyhNKU3AmnDvkJ61E/b7SvzPA7G2/BT72y2O0LNEgemsckCggEBAPnnD9NB +D0MOfC3gvmABpI61Tbf7oBaHEW/JkihZEv9ocjKd/dNb55VngbilPRtEOxaviRli +zOz+dT8GJq6FBIgzOVVqe8e3qBw1QPBxPV8y0xTb2wy8GDrF/DhIIe7UtLIhToag +Aqj2iLokjGLEa1pxHSHToutzQA00jBhILqFEbt93YDIaxqVPqQdhx2ZtYKFhqzV2 +wQr8N3BttLCYinJiBgDfC81GTGbaVaokXLdHepuOYGxR6mPDFz+H8x9Se5SWQOnx +kbJlTNruwe2vVRqlFbvIjlJQgQWko1UTro8LgIBwJ4cz631ZU2ckWpo4sNpUc72A +xIQtxL0brlszxe8CggEBAMxk5G2W8AlMWB59r7yQCxTpXyaCuCuDtrFxwWGo81ad +zh/lw+PpgTeKcc2ouoVM4D0vLfirbPhVx5dyYcxB+iRdNTJg3W1UYKUPkNrYfkSJ +hX2i91RKy9bDiEFZ7I3JjMsHKkVVGlYmPD50lFYe70TnLoQzqwHI1A2p8z9sZ2WV +jVjznPMpagmDeXX2zXyBsRXfj7ChMPH8N70IbQyIZcUT2CeA+ugBvBXdECR0CkIS +0+3YV1Vm9MgO/QvgvA+vZShO8ffITSTiTVTcV5Lf0e0EPTFlK6mNBtDAVYkbg0zl +WDLTh3XJ62qBYY9SGFtY8UdYjnH9H4kekGnIbt6fWT8CggEAEONxqVgzPNfkwoD2 +vKw/v7k2+GET75HPNtvLediTNRmM5ijRN5B1dR5aoOzh1U7mI2FXhZSsvrNvnwO+ +Z3rr1HyJumEI3nVl8goTSmyMtjtMEpPNGO45QPeSVQdi664KTCN+GBEGPP70PIgt +yJr3mlQcoOWZlAnk4T+U3Cs8o39pcsaxhJFUrWVVyf7sp9pqdl2QYXuWDjT/ViTD +2k9kw9gmCbcJKCVBEo5czbPJZEV7XrnfgFKE4ZsUniGE56/+VAtXdbfynbjE2eLa +zkJUIQnZDyi9nYh9P7FhrGU5HcesNoHd2gBDQORhg43sZZHBOfANJlhmb3xcWF9f +iCBWlwKCAQBmUfuogO8ZOIbEfNcE5ncluM5RUQ8xeXZzziao5RMsQUN25Gb0KWju +jPf7pIP7R0jaWEwDOI4Mo6SPREuBHWZD3gVLewJeQOdAulIhvE85sD6LbpGyON9i +W/BSBtpNAKDi4mte2gOdLPbrrSC1HDdbnv/CXrs04XyGepWzImmAiSWBajMf55OV +v6OGUk78DVDBSnF8UrVV7pVYpGcy5vVLe2uyGveAPZ4Ss9/o385i1VoSr0LJFglk +PVygHZkHoR5a12p6SGOWG1PrL4MHm9RTetPHboY1EsxepGotgQBx9j3487vUU4ju +gGZ+gPKAiD4BIWvt1HF9CzfwPM6D0/GxAoIBAHrq0h+77/BeJeyTDbdrfeG9WhGP +7oTEJh/kqCqKWt/5M9ff/iCJkMJ3G5v43Ye3pX94YyGVEPAyC/FCe+6uMmgN9F5Z +38QI7xUptNGxO2pPiN07xI+Kx+AQSneEW1hZwSdApEHJ9XNja8HT64A0drlqUl7i +sMqBusVguiaUGfPWFdbsvi4he6+2zFTK39T6qiNlKdufeU3wcm30dxKlQJSDNpvA +FFwHcf6l6B+J4fQ8kbwWvUvGxlHsqd4Od/JTooqYVzLhZ93IEZgYtnP3N7Ob9s3H +XEoz00WRi6BWRRZRSALcgEjr1rSqJiRCksHEtlIeKvqqS2ZiA+s3jIGWycU= +-----END RSA PRIVATE KEY----- diff --git a/tests/tls/certs/driver/privatekey2_with_thepassword2.pem b/tests/tls/certs/driver/privatekey2_with_thepassword2.pem index 376e75da8..84d94ecc9 100644 --- a/tests/tls/certs/driver/privatekey2_with_thepassword2.pem +++ b/tests/tls/certs/driver/privatekey2_with_thepassword2.pem @@ -1,55 +1,54 @@ -----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED -DEK-Info: AES-256-CBC,539246aa82b7123ae1b8e0236e1f3818 +DEK-Info: AES-256-CBC,d313b0de9fa3b95217301e0b8fa4f03f -aBIpkyjXSkHOHsJoIaKt9VqJJYpiSl3AuynaNC6RhUwpIqd7izNS47oMji/FRzsO -VrUx7yMKv6rhS2QeJfkPlN6WBxnBlmS/PCLbBrLWdYqLCifea/Mh5YWNt8z3nxBD -+cgfucUACyiQE7zI1EKw74tk/lTXDGgpd2Zgdk8S7mpSjX1ewAih1WqOmERn0Tjf -v7MWjOr1uwPXNabdIexF6IILz2pHMvW3e8+dlIyg0DCM+XPSwlU0JO2mINXD9biK -Bg8AAECPQauCzwz1Oq5KY8AFKAdevU3zISpLCPfctiF1KSZb3Qfs8qiVK0okrmPn -ZMyNuwpXiD8QHSOqI643E949IxDWLz1cDkWsdKHcQBTBsBAzxjLzxi6/LMw101Xs -1D6KFFZzEwxXdsc9ANL71c0JJUwkytvavzOPPUjo8vQoUsqUT+V554+vwGYHTo6m -gEzSPVqN1ZsRHbIfXBrfY9/2rtBwMkC97R5N+roH9ofZ8qdN2DxemkL/1TN17xQu -52R12fNKsaVJCTNh+q1ZQy5nv7ThzTx5SNN2lyKrKfu4vEcgEx35I1n/CpC2wwF8 -pbRkyHmPKAJ4PzuCmi5gxvtNFGJP2T8v/P+AM7Im6lH7q43eM6StBds5dgovff1B -/cP/nqL3xssnrwiTGZlMwG/s/jNpNtvr9YWNhdP8HDtNaPE8rN6zJeYBRTkBP+uk -TQcVwCG7kBJxTTfNwivAUMLhoMZy34jwvSGFzAwTtNlNi7YnZmG4W/Tcr6IepBFv -7qklC0VQqQJ1ZfizKinODDjSJiDzqe78qa/8ce2X9EvKg+tkgZBqG9eGRFEe9wx0 -DjHp+ZU9mUjgWIGoTb4xvwUbnWGrlyRKchWweexZHjOq6Fxf9a9EIeYvEcg9JKZQ -5FekWKbKMPP5uKQpsdn9bul5fqRCfSU+62y0E50/fj2LOJvsh/aG3Dl0GjJXOb2U -WHP3PBldKTK2j0QXeqy6DAvGdA4tHQl3Jw9p2jl3C5RZPhDHqU99mJFhOd+u6mT1 -dIkaLDvMNIjmW1ud5sfOk5fF4rw16ePnm6mS2Eh6lpvn1GtTQM+fg10YhKn9L+kN -mQpz6idwUpK2eR/LUwwTpOEdR+ohPxTJiLCOCKGeoQ0EMb3sMfXcsnyzcwrdRPjc -9wyOEBz2SdRD6InVaCVn9I7EdeEwPg2N38LWBM445LHydK6WxK2iIwn5cZdEWFCm -HfH1yHBgwW1L4DdoTBh9ULseeTsv8PXWf0pjVESxWZHYJSUbvPuQglmpwxlYhM5v -AnTVaB0Ut6ByDg6rn4kpS4j7ORrju0PN+QwR7I1OoPLZSJXFl7z3HDdr5222BDh9 -yujMP4HXqrOyclmF5qpta5zQDAj3FD/ul/ojx1Gj93LhkKKn8OnQO52fdqcHrlIS -MMMvvfSN/wjmCtLbQqh4P2dOjfhVq8cBmKjJwAO7Gt55hx9MdZ5rjyEFH6F+L7qL -D4e3O8ZJJVwdgwh1RqhbQukD2DV/jwIwkwBny7mHJzMR9LrKkbzkNdSEhD38YKQu -MOtSwOF6YE7p3I6qlKlLYKr/o126OwIaewfKreT7r9hp1wyvEzGeqZ1JfQ5gn81X -nPiYWpuwNPihy4wcMd9vx8qZZO4+70+Gu7FYQkIRo9u6FIa96vsnFBNLrbZco21A -XhgjItV0MC+5SQq+Xd78S6W+ipmrg5Yvs+AtIIakywYxRt2Ji/M9Zin33srEM7Nc -kE+G45AyAkaHaR6RbXnB87Sj6d4CwC28wkCTgG8ermJf/DV1+WivnEvdfWKAFi1M -oXqS185IhcpIS1OvMeOIEKk0snp5EbSKgDVlWLFAyplCV3trDvdMgyzt97ZWZDSc -FjWhVLLNyGCofOWuFxxavqY66gUgy8eTBWs/AXC+bd2oMGQOjUxiOWb/EeutTsCQ -gDNaURL/D5TF2G7ue9GHcetTFf1lGt6TPX6gpsC6TkIgkSX2JsVIjiOXHjaBlinp -qZOyfup7fu45E0Qa0BS6C8PobMnA8o3MzTO0y+MLe4slRvlY3NluMaPSGtGbC/9I -7KKYPJlRefas9l9nNguemnA51QfWrjg26R8WDUGpV04yoQ2st8ujPTrjwf6pkjGG -LKzxOUFCC9Y+xvNdMjTIeM9KsRApR6WV+UizfB2x8NH/0ztqFDFxoFyGowlW1FIP -DW2YH1EYEMRoJJ2q9gByCZ/D6aGnEfun5eOIeMqbLm/p+77gov1GGPViD4Ts/OOz -25A6etTUUIOb9KrLli9fdY4CZTqn5a/p7Fh5h4DQSqscAVXk+uKIYGz3+nsPJy4E -fT2XsMaXYt0q27v96QouHZFDfA2NjLG67/rwsKiB1X44MB42it2hB25QOPd0Ha9z -lbAwXVzE9QFwzUmEk9UCtxP0q1EydkXN0tNTqMlh6lUc1Rn2a8XSUoPNm2sIh9dz -hevQ/uMza+myhn+3L6AxVrgGosH4X22d4ron5qqUcFWLc1SYFuncgBBdMV7cpYXw -61+B9qiayejpd76eaaLF66hEK8IXbx1oJvC6R/OwKegL+N8d2KoGvPz9xUNRKTbb -jKQ9MN5ZNQ93f7b5lC2zS/CRe3PlbvMQsOEjJWosM2PpoB4/1MzA2ko3jA6MYgK7 -SqsTjz2ubQUwenKoN8pD4njv6kVA+NRzvIzDxhtv23C75u9apagHOJjUvN+fKL5F -ZzpOcRGYoyhhCYRR64n6RfSfRkrHhQ08mO4JPY9QqeJyxG8hXaDtNm8E5dDKzGZQ -OzzJxRLxLRvPUuaSbAKNVJnn0AQR7dLYX+u9lCbu6ClI/5MkGlQlxJMyK9/8ZqXi -KhqcGsFTFsm+ZnfFXiZg2xdzveeI3uGsoJOLxm6u4YQRbjGwzO621eBhqkQow6m7 -N65u2D9ji3UQUHbOYCtCZk6Hj7TBbMItut2zKCwmCEqHk1YXJTwnKt2NSDcA19C0 -wTONhiY/+O8U0MTS9PIyOI6DlzAAR0Qv6tTP9oFbSdgk/JJuREITsR9pft5h10ub -bmfalKs4AyFWhy6XlcXoM+qQyKfubNlmIS1rqcmubJwjb2/AtgjDM8c/Wen1hNEw -b10n0szJENtfpdu8v+qxvebduIlVQcfezKyQB/pPdKcHsCYOX4/mO6ncGSosNRLr -a4L+Kfu1hcPwiiJdvPfLLbP5QlUFa0eolE6KmRjM3Mo= +BjiO6mPks1XZgULX8Wj6cJiRquEYoW4KslgMKD/5InU935SLawmT/J5kNvM0TDo1 +1y97+Ntnt1HpUVD2IsU9yS7Ab6q4V4uPRpApDnkAr3L1nBmCZ35Zh11jv1Evvv8V +QWbTeBOs9pks/nr74/qZcEz9L8slmdMNoC5nNL9lRFhTzZURJgjVsIgtr/f3cVD7 +TeZ49FqJZ4uDvCKElSTiN0/X6qS0tZX6GoHoYnJVvjEZNnsw549Xtmms43bezuWj +RkeRKAUqLKU20fpSyx+sQTANKTccOa8DowiOyJVX8qe9DNB1mi2HFNnG2agpDLih +JiNom0hxW09ssKAS85qG2BjhwzA7lqKjGi7rO4XLoIAvY6Inz5MEjbfW4BwAZw96 +DLqRsAkAVoND8TUM/JWbFuiAAFuzSs7CXdb5QiIU0RDM7P2bmKN70plSDql8HZah +hKPvNLQCmG26y0WGJwPLvxZNF04NpRuSAgdgMwhjfid4Y25jdsYEeRR1hQAOlWiY +A7GQ/3F8CbHHfkUXTn0JsIR9dY0IbeXWqh1PWL9MHGlgHeQGaQVXrWWokdrPlvKi +/6Kt4CWPq5c2yaUbBwACEG5ZnG3Wb6bJMmSAW4X+RSMZNGxOqEBkyANE7Ax55khc +vBvOqTEBtJAzPZp6wzmGOx0a477cGUUv11fNqe5f2BRwwv8Ts81FkqwDdrADtlWq +A8wumpbWnMc9qAb9hH2uxqgQF8sUbOT1umjGz0eca5i6Hr1Ioh0hsn6FzuorrY5S +KaXAr6LkFMAgfJO8hB7iry2khyzxJHda0uRWaTBS6jb4zFkj5n7jhGJYehhK0lim +zMFMRIjBAt0ALwuhacWymZvZGfwwYfNKarm6oLfO2I6BZOqgh4tx2mdhm6MsX/AL +KvK3F/52rbqpWjSbmAG+ud24tHVCaCCLaq/QbmItK2TvUn+zwLfmswQ7VgNxrpRo +vV+Im0ispTWE3+aUP2TP7J3LWYWC+2HaS014XbxNms7rciprDUjZw62b5f46V0AX +5Nw5/RkJNSJ/eg5Ytbt5O/W/YNQTAuqCbuj7S6XzpweaL1BxXoXyhYwfpVptKOyC ++4Vdfgu/e9I08RtF0XNKEypz+mPV4+0f9zcJKm7OYlhogQsl6jSTRSeEY7JoAC1L +tZ2FYZ8DgaoTHbVPNbHb5aHohMvGJ3rXfCIVnNoDOwh5in8dccr/rc6fMAunLEmb +kMAumRbj+RhdB9CIn0Jqd+GGxuiUgtxMcTPZ/wz6UH9OBACgu6FMofjDRd6mby5N +Jpwp/4ivfm4uXkf8hq3KkVhZJUas1FF6R72KvKbRPkZjG9Oy87QNnvjJoMcWRe19 +aw+x2axLQC90gQKPKisHov0mYOCzR7TR7o1475qg3Cfen6omRF0kJIeH3KPGEC6P +dNKz1HrBsfhkb0s1U/2BTstX7Go+d5tBfl1Kkkm0IeBtIK9suliEGWjI1AmUsozv +wJC3X2kg4whCWjXcKaJ9Q4LwUQor9RGloGMxQXlKo9eY6v0wH76dZgvEyk/XYqYa +O5g4yelSmlISsPrJEgXMeZv6fTrFNeuJlX6fQbEzom9ygNrKE0qmjV62pFNkzrjV +rcBdtyBe/+PZHQsErXyepCz0C0bxac88nMHC2lHsITmpE9hHz9MsYDFi4SS9LOYO +e604ML2Rso4itlmukIUd3g8vXthvvDLKy9cgRHKKgC575hUxzN1w6mDV04+Q2gBU +Oj0eePeBVfrurLyQyztJ1C4fPiaffvStftWacKm4FHOSyYJrGTDkLjo3vV3y/qcn +VKtF30wDj5htBcwboxK9OL+tMT8smRewvs+OGfzFoX6F1ouPkRyyMe4tPmeZy5oz +O5xU+LgajmwRNxyqxBQa2qNyLvkUjFdjfPVav3H9xL0rI/X/A1GaixVbVKjb8gen +DcN+Puvy0ebKFwKgkPGmk98nUfd+oWGunwCDdhWBvEb4M2gJppl97yksmGnDcFvF +c9VsYMD4FLo7s2wJD4lawEulNW808OQnl89hz3Oj1n5+LNDVIZJ+VWLR018gik42 +KR0AxnBY6UJ9RkT9VuFxCqUnLjHEWkdbDoDv85bHbmoUJS/XW/LP+9TeVwVkRAVf +Xg9j7e8Zjv0bU4UBb90CAyhadBXF+3p2kscQxF/Cb1210S1R7hca5b3Zs0xvAncz +69mpe+6KNCwMr0Qqe087+YFo/FTAtjK2c5bx9EqSqbPhVeEqrBs5V7u83cFEDxai +//ryU6mTrl96psESRpMUraSoWf6Gtcp5mkXmCfZPl9FYBtT4EKmwaqIk6xAN99xV +NzVSxdtMVjUZv8yoPJ3e1HqpQ31EWvMaxQsVK5nsZDikWusfOPgZPtppzgYgiEK+ +AgkBEry8vhKcYPlLgZNVauFwjqO7eCfs2Z/qbp3SCqchDqmBAQHhRfOJwbwqmW8g +GYggCX8CrGeufeYpu77EXkRxvW5pvJDqWt1clFvzq9EdDNKEUI6/zW1iORSyH+kR +B6nf7ENLOg/Eh2zNa2nfBPUEqbYsDY7aDkx3Wat6UvnrEKJmMPJIRKAgozFnVmEd +nFNwQpcnVLWuOXkZNysI+WdVCAOxqrOCFiYEWAetcBMpW6oxthCykSdxwNhvxFG5 +LMaE0VXBy/3ogyzTl9JJUNag3vFoJ3g9XYaIsDP/a2jr6FwG32HmmBolJfX9PwMZ +kjGcIQd81VASeylG6BD0R7zhQNxSoG/kxC8swSDBJzE1vwhltqYKaJWxiDcTL8rH +5JXmh8f4cKdWI3jwp2jKG1/5NCFup1RL4QO6WzLQQf6NZavzPONLO27SqalQq92j +L4gUjOAr55DF5sFTelfwav20xEzDCuhg1vwiz0N4yLI/iZRAH4XJzm0BNpu/fvqU +U9L1vwv2TpMerKluNUD9wDDa0psXeI5qT6Ea0ypjdDtmbObIx8Sf5FDSjoT0oaeT +WKdrbMpVqmFgauug4Y5KzmDBJRGQdQMpPA0E4DON0ELCOKykCweQufBeOWRk6IOc +V/LVQoRsS2JpE3YjZQy54bm6y21UvVl1gllr0O2keYCG0Fw8WWD0JPST0E4iOrVL +k1g7yvzMeeZ9PZdxup4jBmCAjbq3qSYrmmDtoSemGxGh4lSYnlieQQRe1umxQ8vK -----END RSA PRIVATE KEY----- diff --git a/tests/tls/certs/driver/trusted/trustedRoot.crt b/tests/tls/certs/driver/trusted/trustedRoot.crt index 42a69e994..7c21a26ac 100644 --- a/tests/tls/certs/driver/trusted/trustedRoot.crt +++ b/tests/tls/certs/driver/trusted/trustedRoot.crt @@ -1,10 +1,11 @@ -----BEGIN CERTIFICATE----- -MIIBYjCCAQigAwIBAgIQa3X6W6m8ncU/z6IapvH47jAKBggqhkjOPQQDAjAWMRQw -EgYDVQQDEwt0cnVzdGVkUm9vdDAeFw0yMDA4MjYwNDMxNTlaFw00MDA4MjEwNTMx -NTlaMBYxFDASBgNVBAMTC3RydXN0ZWRSb290MFkwEwYHKoZIzj0CAQYIKoZIzj0D -AQcDQgAEhoOTHBV0ZcpKAF+i8DpishgandrMMOnOb9xWi7bvwZ6ISUMcOHyi+NHU -FDl4/TC1pY9VV8C8aAVDbR68KD3iF6M4MDYwDgYDVR0PAQH/BAQDAgIEMBMGA1Ud -JQQMMAoGCCsGAQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wCgYIKoZIzj0EAwIDSAAw -RQIgbMCAMhPgjnM928h0cVnvwhTdCWp5KK5gfh048tjdrhICIQD1FLjrJ4I3m3HJ -1idY5YFj9TwoDxKAtpugoDcyxaOgIQ== +MIIBgjCCASigAwIBAgIRAJ1txAh5eyscs+sifl0dc94wCgYIKoZIzj0EAwIwFjEU +MBIGA1UEAxMLdHJ1c3RlZFJvb3QwHhcNMjQwMzA0MjM0OTIyWhcNNDQwMjI5MDA0 +OTIyWjAWMRQwEgYDVQQDEwt0cnVzdGVkUm9vdDBZMBMGByqGSM49AgEGCCqGSM49 +AwEHA0IABA92oOT50cF4ZMjI1VtgIpP5DDg8bDfP+Eukz/60n4pUxfMZMlFQ98MI +yRAn6qQH6iUVtJ7U18mgUruRJZp2k8mjVzBVMA4GA1UdDwEB/wQEAwICBDATBgNV +HSUEDDAKBggrBgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQtAvKO +cFuDjRQQdxOgChZAR3CDxDAKBggqhkjOPQQDAgNIADBFAiBXYnEl9eGhDR2QR/Mx +BY0q+KwdBaSt3Qi4O7UQB6A3IAIhAKMLzarbmeKp+68QFeocF+TCl/bnbDvB+eoC +vq+AtMSr -----END CERTIFICATE----- diff --git a/tests/tls/certs/server/bolt/trusted/client1.pem b/tests/tls/certs/server/bolt/trusted/client1.pem index 728f0a2ab..3e3e60cf5 100644 --- a/tests/tls/certs/server/bolt/trusted/client1.pem +++ b/tests/tls/certs/server/bolt/trusted/client1.pem @@ -1,29 +1,29 @@ -----BEGIN CERTIFICATE----- -MIIFAzCCAuugAwIBAgIQLkH7vXc7bap3K/TxUuWyjDANBgkqhkiG9w0BAQsFADAR -MQ8wDQYDVQQDEwZjbGllbnQwHhcNMjQwMzA0MDg1NzQ4WhcNNDQwMjI4MDk1NzQ4 -WjARMQ8wDQYDVQQDEwZjbGllbnQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQCyvV7hpmx/Bn3iHOfOZM0s6tjHFs/qzYLD8sEtThAXKMLwUwXXQXg5WhW/ -33P+aGzNIkQz4674zJfS3C/V0YAz/9K9NaKr2nUdJRLE0sWtWPNKAOPwBkQwgpwe -egzcgYOHzTCC6P9mqMPk/fvX16SzihkE+xjiOEWPxmB6TUjkH36iS1MqKrV76VFp -FZF+mPbaoTjCEO7ldXJPZilE2zPNiSilCLhy470CC+cexASl2/ga/Wj6KJSnPX6h -rRMaeINWavO8Alby4bhc7AEVJRTnCzRsl3n5dfnBmQsFsgI7lsuUl/ebKDU2azQi -AzNCpxHmY4cIR9UxxHzbFh2mX3L9d/3evAh+96RreJVJxe6ilSKQSfKoxHiJp8e8 -GzQR1J/84YsZqOE5mpoMei9avvAIuSZxl0oP1kHLp9H/JwRg5glw4G1W/JHWK1TR -d5WuDDGCMU0xliWt3+zrvGw+fTqyM9wwybRhvlXt0a9z/o4Po+sIfBO0bA/+o4OG -FSeMtG1SH6WHXt1rdyEcCjuuw5XlIezBhLL40RVtbLJR1ERJ/7bjkoAZUJULIsxK -QPdjv+x9depIFJ/PHwa86qtqueU1kdPfTS7uRhlsJuAkxPM5KF4V/rz7qEgTe0vH -0lsd3/IGqKTsqKcy4ETj8Ksb9xA91yPmHMao4YWUWYoLKeQRVwIDAQABo1cwVTAO -BgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0TAQH/BAUw -AwEB/zAdBgNVHQ4EFgQUqqQ1RxpUgwdzdd2cGuoL9Ip/92swDQYJKoZIhvcNAQEL -BQADggIBAA+dcjgQsWnJb+Ipr6GgQ3KeDScwqoE61cOQLm3G2jw7EA2DG32tX3D1 -z+eSTJTRVsJEZ94aKgxCA+aR9P0i9ku74CPPW1/Z9ZDtUCbugif8GtD6L0XikElU -uQFhH35aq42d05tXBzUN0JOt8h8T86F+07fLhw8ufmM/FEU2OnAlR1XnQKGUCQho -FlqI/yhPijv4B0DfJNoQNj66bi22iPzXF/sB4wuWany9O1/e0CldkN32pPU4eQOH -0npQ/tBg/TkVsI1rH9joBHcUxlsnydZ7IqR1jBGeod6ByszQG2hcNNJzUT6ahKnE -WGj4CzwdusppGFoKl6UeVVy+0ubOepHnes4y1ycDN/BwvCScO/5RNqBUl3gBObxC -7sF+Mss3TSnkaScroS1z1mNAUtyCVvwIhRkmsrauuR1+Jj2ZLWaJV4tI96WtoZxs -ux1sK1DoYvow9JZALBUFaX7d9ZaZ25ovcoq40av1twocHuRnJgzT/3RbKBPJdNEm -nbOh1baFQ8CIi3RMoKm7dF6xLj6BR5VNu/yiqDP7GBcVE27dCYrga0GOSuUFz/n4 -34Fhmqc/odZm9TGgQnOzRHS4gSG+AB7TXCUEisK17YhRwSgJKd2pj+UWfZzk17S9 -JhNd7+GwXGwAhfdAwTIYZcH73v8sTfYLL5QOMCD5Pc/tnC3VgleZ +MIIFBDCCAuygAwIBAgIRAI2TewtlIMVyyzHcv1TQ9zAwDQYJKoZIhvcNAQELBQAw +ETEPMA0GA1UEAxMGY2xpZW50MB4XDTI0MDMwNDIzNDkyMloXDTQ0MDIyOTAwNDky +MlowETEPMA0GA1UEAxMGY2xpZW50MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC +CgKCAgEAylkawVY3Uzvl/RvznZjRmjDwCwt33wvXbT6FHhzTSUXBdl4XExAjY5Ej +dcTyEcbLqnKInkmo5wYZkpmtq4BImN6D9P1uWkvVwrXXUl+0BgsiIXjml6Dfkvwh +Kxt1JSdrFAiID5ESiryarc8d1qE2l5ilxmBPlYPUFcdYJthRx88A91pm5lvX8x9D +yFxGHO7id3fiQ6bdDpAHCbWYQkjAeVvPnY5PRmhEQ+9KyHjTWQ0WKAAuoGbxc7Ot +s+nanGuiOC5eu0tPO3A1nMD2LgTPley6+fgwdP0VSfdPfJIgWT+q0/IUqSGJvLDb +/yDMLr67VYL/i9fg1WU787bmNlslWeLyNUPSW4AQOhNefdeJikVrmttlRIZEScSG +cIfmJ20C5uVu+BvuxOPKb+0NAY03rmKqQmEveUsHg9DIXJYRCwK57GrrIvIXby/H +FKHNADNX/i+CWX2UXGbop6J/QjEOakRFCOc2VBJ89q7lT1bDS6CHC/3MsFC8M1DN +0wkBMpxJ2bpF0U8Nv3C1sezw05kfaPWN1fGZKCKKAa4EGuc1HEExA3VAKJhn0NGd +emiLf7Ak4EvIuZwtkNMxPdAloO1udBWtOK+H+8Wv/vBpj6Ui5AYfaI0gQL5vqRz4 +K9t3EqtVsgBwXdNN31DZWAaXlB9yokUrz4Ci7rpvekiO9bhAfC0CAwEAAaNXMFUw +DgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMCMA8GA1UdEwEB/wQF +MAMBAf8wHQYDVR0OBBYEFLSi1HOLeE+IMvJhQn4qfTR/PPwJMA0GCSqGSIb3DQEB +CwUAA4ICAQBIM2pqtwmQ+uUwHMmGkNUM6y9CTlOKMRwuDGiFr/25cVUJh0Q5pcSM +5VKc4vycj24FjqXN5+Zk86Ftj+5ip4NN+mjPMYQz4rGXaKJCWTz0I9dqT9g7gBVy +ZKNrpoJLyly39h5ktAqARoMC5Zm1pK1k+pyBBoJ+VOTEKL9FhqRQdAJguSM/A3kJ +rZCUOkR7Z6TPGJjgr7L78bta+nHagCi1giwHYkSgwWkwNQhJEQPatj6w7w8sWGSi +vinbfJVgWlZBp3lI88hh2rbnAc8IHGBwr0J5VAjK+7/ojcplyczAWayMy90w5DRO +9Qr2EuJuMP5ywTMMXqGtUK8aJZdrxZCW1X9WAJScHhm6y6Z7ZrQ7brYNDq3QFmd0 +V5U6hx19qwJ2ODWWyFqzDb9Y83VEDJPpZJMFCJ2rdOlW0wO2hwFTV0ShMcOT5l38 +WQzkfkdmKPjKZqXM+69IjzWnFBh9Nv4dXIYkQvSqhBqyNehpd6ZGJ73j83oKP8va +W31jsHiRhXVJpAUJ21xJfKKiLTDOXzQJzhm1+389gsz7VkaBZxYnxCPnSNshCr1/ +oE8XjZ8oV1v6ntCJV6UQV3Ea4stBFvflHyRW9XQTn2eRvdTJmtWMkQl6qPgYU5Du +fzSonuLmPdYu/WjcrrmjhXUU2meMdET0o31KkJ8Pcbbscz31UZFBjw== -----END CERTIFICATE----- diff --git a/tests/tls/certs/server/bolt/trusted/client2.pem b/tests/tls/certs/server/bolt/trusted/client2.pem index 2247f6faf..d5c4db1b2 100644 --- a/tests/tls/certs/server/bolt/trusted/client2.pem +++ b/tests/tls/certs/server/bolt/trusted/client2.pem @@ -1,29 +1,29 @@ -----BEGIN CERTIFICATE----- -MIIFAzCCAuugAwIBAgIQZ80JfLF49Gvu7dyWdDWZszANBgkqhkiG9w0BAQsFADAR -MQ8wDQYDVQQDEwZjbGllbnQwHhcNMjQwMzA0MDg1NzQ4WhcNNDQwMjI4MDk1NzQ4 +MIIFAzCCAuugAwIBAgIQCGhGdAoa7K1pDEAtTiXO4DANBgkqhkiG9w0BAQsFADAR +MQ8wDQYDVQQDEwZjbGllbnQwHhcNMjQwMzA0MjM0OTIyWhcNNDQwMjI5MDA0OTIy WjARMQ8wDQYDVQQDEwZjbGllbnQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQDue+O2warGb9RplBKhC1RG+S4NAH755IpOEHryfm9/lDbECCeSoqf5FCtc -4VKRBK/vzuZI3DdzkN9KvoTOPrgBBjWkKgFzegKMo5BarQ61wI5xwH8/W3c/Z70m -CnV6ckk7X5LyHAyrxXQaRuxkN8PvqFylGOV7tMvRZnAnGfa6hbQFMczXHHOJHMvy -Kb33QvbpdFEiG8iCAHYahDnS4Q6IZ6rn0L3O/DQ5YwRSlNcnAYwSMEkSgeuhkQG3 -NUz/JDB1+DGqVf6yyFX/6YF5OBmtFEipUbM/lVNQ1I62l5HSYMO4rGd8RMcHI5kn -FrvidS10cMNN4whN0gzYZC7XkCwbt8bKOc4Vw4MutapQuVHivJBzHRowxYsxmHUB -+A4TpZwr869MnhoqTmHLCt9SBSwR+4YDu2Yrm1Zpy0rtemDlJBwYg763uDoK2DZY -V0cdzrtjL+MK8kGOALQN10LbdpxVt5enMhRl+p8Xcg6yLylt/TmYRFXfteHcuZhW -Fx877Rp0hr9Wu+xjD3ePF1tqJkSFJdnffD4s1OAFro4GsnX5hFzVRIQzqJP09ASO -H2ZfA+QkifxUaiSOW3S9xnKvLR0Viycci82QQPVeOxg+ovdY8OpZUMRQjpZavUlp -xRfG4PlWmI+DFGazaInjCYGjp1Om48tYoKhgJvBA3tkwebmxdQIDAQABo1cwVTAO +AoICAQDHhp3bSy8rQkwtxZdHqukhNnHXGXYDGQp6TkJNREwKDDYl0o04t1gyTcWV +++HLtLr7rCbZZMtoUziHUIOM8TBdPEwr4fwfBxc6iSUCV8gWioYvPvosh3fs/1o+ +ER2d+u/X1yUgLZVTrJ/4obQStQr+ZWUzWrKCcU7kFcetL8x5a7y1s99lIJcTXiLO +Y9XqcELHct+CkOkklrViOiB9LFnYHW9Nnboxvn9ANC82dEsEA/jqiExadOAKKuc6 +n7i/cC4oJmnlrzOPAYwCJClTbRbct1jvBVWQvwSAAyu702rYfrkNNAM5QljvSc76 +jeCN4uoDb7VGgVhRo3a8OS1IKKo8i9O/NbrjiWdooSV/7cffvARYQHOYgI32YBb9 +3k7vAOAS4QIKQQT+cKi2NyCiDrcmRmws8vPoQPlLWk2/LcSQJyG+BMHbfrOtFosD +GaqRaT/Cr6ep5fK/e0SU+704YJOVTnhvivrGuNYK0ZHDDGtD4481iRJ2Po8NZ5yR +KDWulOPbMCLzINb0ZsNPJK/dFjnWT5+ZEyhaNXvINFDFAUX5i3KMyrcU0eT7KA33 +ba8sGqKiVbknjFGY1IxvoTkE2FoB/0qm4THvZiyWc5fotleyRMcnVZ9gtPmdNTom +XbTVqFJChLjx6i42zLudYELfPT5fWY0UNA/7XN7Pc70cov7M0QIDAQABo1cwVTAO BgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0TAQH/BAUw -AwEB/zAdBgNVHQ4EFgQURdTZaG2qJc9svt3fkwDbcB522tcwDQYJKoZIhvcNAQEL -BQADggIBACqrXIHhAW6yfI85rPtopUCezq31Mrvkl9E/PqpqF/SlkI1/IOof5WO/ -jC1wFXGN3EGleFgYA4ka15IRo4seH/5PidU6+rsBnjkPNVbn+HHn8HOonQAomUeK -lHmwdfSgpXwihZvktEuzUScaH//u3NSJEAiZfHZh+6hWf/Z9FcTprYN7yFkVzapo -aAaMrYGmlZVOdyEkJqibhaBUko2dNGHTAFhMnSq9ELDHzbGh6pRcr4clKAtV5LPg -7/g1ZWOz0lBXzZLtMPAo6cqeHdHrXBWp2wzB41fphgbkYHCWYqstDF9NwOBD1pDV -BWwbtxZC8eV1/qvWeJoS7bdpmlLfVSDL0V4cyUtzSXVWej5MHVkc5PYRvJVssjyd -VKXs4JzgVcZL+z1LknB3IZDg7wI75bXdVIjagDGEU6A7bYpAyOa+JYvMoLsdoJq/ -RaIsIbMIut3kpWSW+mqxVZP8WEmbUlbjNtTvea3PreRQYa6vB8CawoH4uWyKAC28 -3Tf9N3tyVsUkBlfSdnDRY8BNotElUhNr/Sz1VXmMGgZV1ZAtdeb255abv4Jd3HCV -AdnKEHjdsXPKHL5BeK/IepmHoNzNaygTVScR4JWHp7FKYuReKp8szgcvlhrGs7NQ -KsEaQ9xmFOOjuhqiLRj82qQufdkJq6/JW8j8Hxh7TnM3XDCpJLkP +AwEB/zAdBgNVHQ4EFgQUM5kbiHv1KFXtLCGFtYFPEh8DFRQwDQYJKoZIhvcNAQEL +BQADggIBAH30LlY/QlcgIs/YtbPeLWvE9FNnOszIcboeVhm4bXT+BtdO4mNqJp7d +30kN2SsLQtdZnhXHMHNHW0li/GasGajFeQG8mltSQi1njqTL+JItkMRWN7G2Blny +QRyNiGOHK8fp4KjrfIlKPBs7NaJBeVNnaUXa+AkcgdoC0O0T51ybxMTPma0U4kpQ +n1upXUqPwDA1l8sKmsHc2HnMefsXxYAIQaTyOAYvgKNQIpyMGfKshkR27ww2taVi +zT6N+N23cD0LFKra5cH7XR4czHxRGggSxKJcsNPX7uhq0IT7DgZx/Gvzd33wc2hD +AUiJErceDo5iTKLoDwd357vcngL2oZ1otu1rXPBU9fUkmKfwF9T8UzTQiTgeYhXN +Uxq9ZE3lg1x/u0TSnd6nJjU5K9wXjsXrNyZVxDDTSRjdGpbLkLEPcWjqO4Zx4vqB +gfB2kvi0GPpUhzSBgjOEVlc7pEAd/UnpS1Sct45/LEYKFH9YgclZhrj+W2sLYHAg +UJUF+QbGNELR4gT+FGaD55dWOiXwpZGYnabP4ax3J1fLgcOQuTJgT5F7scQ8gkAq +bFg9hflaLQfG1jBK4D8K0boyEHpiDnC66XFvbbj+6l/bba8EcwxSKFVYMpAJJU4m +5BgjWZknIjE+a5cCQ9Hyp1iSI0Ckmx5YM4+g+1I1O1tjMAuqkknu -----END CERTIFICATE----- diff --git a/tests/tls/certs/server/customRoot2_thehost.key b/tests/tls/certs/server/customRoot2_thehost.key index 5666873f0..4fc48109d 100644 --- a/tests/tls/certs/server/customRoot2_thehost.key +++ b/tests/tls/certs/server/customRoot2_thehost.key @@ -1,5 +1,5 @@ -----BEGIN EC PRIVATE KEY----- -MHcCAQEEICzYDTUBiNlCIngyqiTQ86fkG5KAvPPIAXbUW7kcMD9YoAoGCCqGSM49 -AwEHoUQDQgAESiRDcNXhPOKcT0HSLhNcVQsICPHYMgJcpz/nzhYWVAs5SGFyQM5i -vitjDQob2TkY5N8SUPVg3BzfNu08ny5mtw== +MHcCAQEEIJ0YvrZmyjxCRAMdYRyds29vgGSd6py/qCjyQ04fMHpXoAoGCCqGSM49 +AwEHoUQDQgAE4jM2JNSS4qSzZnSQbjIQn/mj52PXbCHZz9333r7FzW7Onc+kFrf1 +Njbx8eBKuIoo+QEgXaqGDv1/cjh/e/oQsA== -----END EC PRIVATE KEY----- diff --git a/tests/tls/certs/server/customRoot2_thehost.pem b/tests/tls/certs/server/customRoot2_thehost.pem index e8bb9183a..529f1dfe6 100644 --- a/tests/tls/certs/server/customRoot2_thehost.pem +++ b/tests/tls/certs/server/customRoot2_thehost.pem @@ -1,10 +1,10 @@ -----BEGIN CERTIFICATE----- -MIIBezCCASGgAwIBAgIQauOWHc5x54LVpRIRRzAPKTAKBggqhkjOPQQDAjAWMRQw -EgYDVQQDEwtjdXN0b21Sb290MjAeFw0yMTA5MjcxMTQ2NTBaFw00MTA5MjIxMjQ2 -NTBaMB4xHDAaBgNVBAMME2N1c3RvbVJvb3QyX3RoZWhvc3QwWTATBgcqhkjOPQIB -BggqhkjOPQMBBwNCAARKJENw1eE84pxPQdIuE1xVCwgI8dgyAlynP+fOFhZUCzlI -YXJAzmK+K2MNChvZORjk3xJQ9WDcHN827TyfLma3o0kwRzAOBgNVHQ8BAf8EBAMC +MIIBfDCCASGgAwIBAgIQaDND2RaRpB817cuKdkelATAKBggqhkjOPQQDAjAWMRQw +EgYDVQQDEwtjdXN0b21Sb290MjAeFw0yNDAzMDQyMzQ5MjJaFw00NDAyMjkwMDQ5 +MjJaMB4xHDAaBgNVBAMME2N1c3RvbVJvb3QyX3RoZWhvc3QwWTATBgcqhkjOPQIB +BggqhkjOPQMBBwNCAATiMzYk1JLipLNmdJBuMhCf+aPnY9dsIdnP3ffevsXNbs6d +z6QWt/U2NvHx4Eq4iij5ASBdqoYO/X9yOH97+hCwo0kwRzAOBgNVHQ8BAf8EBAMC BaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADASBgNVHREECzAJ -ggd0aGVob3N0MAoGCCqGSM49BAMCA0gAMEUCIQDOh74w1gEy/CrjGmxfMPkrFIWz -I+bG9Ck28akdACUC0QIgRnidQd3BRR10bIaws7/QFB/s0070Ok+OJhYrvhZN55Q= +ggd0aGVob3N0MAoGCCqGSM49BAMCA0kAMEYCIQCP8tpstYjFMlWet4prM9ullPYW +UrCSeUQhWTczj3B1ggIhAOpKf4KQcZE5st6j4W3gG6rEk/J43OO04cvEfnVwOgSD -----END CERTIFICATE----- diff --git a/tests/tls/certs/server/customRoot_thehost.key b/tests/tls/certs/server/customRoot_thehost.key index 73f07383e..9b973c542 100644 --- a/tests/tls/certs/server/customRoot_thehost.key +++ b/tests/tls/certs/server/customRoot_thehost.key @@ -1,5 +1,5 @@ -----BEGIN EC PRIVATE KEY----- -MHcCAQEEIMF+VyuuzaUjcum67tkMJnpcQWR8B/wnkNW1tkKSYUCroAoGCCqGSM49 -AwEHoUQDQgAEPbA6GMdGy7sIXMoAKbaNEdJZa0yGrOtS04UOuodCfIKPh099YT9t -D+kJ0sJtgiWvz75CJXvBE1ZVXG5DX8XssQ== +MHcCAQEEIKeFQxzQXPv0JkLM+Ggjrxy8tdyr4ko3AZjGzB0tueQXoAoGCCqGSM49 +AwEHoUQDQgAEPQkm3WYHHYNM8fUYAKyHqtCJlO6cgWcLl8IfsSAYSA8avLPRShsM +JwEUR34WHey4rf/X3Wz2HyB5bRLz/8d7FQ== -----END EC PRIVATE KEY----- diff --git a/tests/tls/certs/server/customRoot_thehost.pem b/tests/tls/certs/server/customRoot_thehost.pem index 74306494f..58a0242fb 100644 --- a/tests/tls/certs/server/customRoot_thehost.pem +++ b/tests/tls/certs/server/customRoot_thehost.pem @@ -1,10 +1,10 @@ -----BEGIN CERTIFICATE----- -MIIBezCCASCgAwIBAgIRAPW09/lYACnO/SApHmOa+GEwCgYIKoZIzj0EAwIwFTET -MBEGA1UEAxMKY3VzdG9tUm9vdDAeFw0yMTA5MjcxMTQ2NTBaFw00MTA5MjIxMjQ2 -NTBaMB0xGzAZBgNVBAMMEmN1c3RvbVJvb3RfdGhlaG9zdDBZMBMGByqGSM49AgEG -CCqGSM49AwEHA0IABD2wOhjHRsu7CFzKACm2jRHSWWtMhqzrUtOFDrqHQnyCj4dP -fWE/bQ/pCdLCbYIlr8++QiV7wRNWVVxuQ1/F7LGjSTBHMA4GA1UdDwEB/wQEAwIF -oDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMBIGA1UdEQQLMAmC -B3RoZWhvc3QwCgYIKoZIzj0EAwIDSQAwRgIhAJqA5gax2RvjhcwXkMBvoBSwTTfl -huKrHFgTkf60swI7AiEA5fYtkckwZFk+6D/fUBIjc0UZgHF0KLKM0zcFWtuYyr8= +MIIBeTCCAR+gAwIBAgIQHtumbSmi59Mc8l6iTWvv8jAKBggqhkjOPQQDAjAVMRMw +EQYDVQQDEwpjdXN0b21Sb290MB4XDTI0MDMwNDIzNDkyMloXDTQ0MDIyOTAwNDky +MlowHTEbMBkGA1UEAwwSY3VzdG9tUm9vdF90aGVob3N0MFkwEwYHKoZIzj0CAQYI +KoZIzj0DAQcDQgAEPQkm3WYHHYNM8fUYAKyHqtCJlO6cgWcLl8IfsSAYSA8avLPR +ShsMJwEUR34WHey4rf/X3Wz2HyB5bRLz/8d7FaNJMEcwDgYDVR0PAQH/BAQDAgWg +MBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwEgYDVR0RBAswCYIH +dGhlaG9zdDAKBggqhkjOPQQDAgNIADBFAiB3l5sCR5mURmDjYxBu9UDtJApxExt+ +r0ermB1vuhRmHQIhANwZ0ogYHL2HV0ABtSZ/HvY/TtyUVGhTmvmMHAsR7qBX -----END CERTIFICATE----- diff --git a/tests/tls/certs/server/customRoot_thehost_expired.key b/tests/tls/certs/server/customRoot_thehost_expired.key index fc6664c37..02a7987de 100644 --- a/tests/tls/certs/server/customRoot_thehost_expired.key +++ b/tests/tls/certs/server/customRoot_thehost_expired.key @@ -1,5 +1,5 @@ -----BEGIN EC PRIVATE KEY----- -MHcCAQEEIDm3744x0TZfnfTNQaxaN98clgGPS9iy7Blj6XGWTEDAoAoGCCqGSM49 -AwEHoUQDQgAEsYrhTVlHdnS6l8OtfK46y/hXW/3M6QX1DjPx/4epOXbAXk9XkmcI -phz6MV9p8YteCbDgKtAy4QuHv/dyHsLKVw== +MHcCAQEEIPjcFpMSFZMiEcDEa/k+kmJI8QeUvnPrM79DFMYJxrg8oAoGCCqGSM49 +AwEHoUQDQgAEx0XZRCnStHoYC2jeC/DGc+dKU5rPe7bJlF6MM/BTzcsQaqZVwdyV +qG1m+MTx/8G3jjztQm0nYzAWt9ZENhLdww== -----END EC PRIVATE KEY----- diff --git a/tests/tls/certs/server/customRoot_thehost_expired.pem b/tests/tls/certs/server/customRoot_thehost_expired.pem index 4b0a259b8..591c5caeb 100644 --- a/tests/tls/certs/server/customRoot_thehost_expired.pem +++ b/tests/tls/certs/server/customRoot_thehost_expired.pem @@ -1,10 +1,10 @@ -----BEGIN CERTIFICATE----- -MIIBeDCCAR+gAwIBAgIQfYQ2BYaQwMOUjvubE4a8ZTAKBggqhkjOPQQDAjAVMRMw -EQYDVQQDEwpjdXN0b21Sb290MB4XDTAxMTAwMjEyNDY1MFoXDTIxMDkyNzExNDY1 -MFowHTEbMBkGA1UEAwwSY3VzdG9tUm9vdF90aGVob3N0MFkwEwYHKoZIzj0CAQYI -KoZIzj0DAQcDQgAEsYrhTVlHdnS6l8OtfK46y/hXW/3M6QX1DjPx/4epOXbAXk9X -kmcIphz6MV9p8YteCbDgKtAy4QuHv/dyHsLKV6NJMEcwDgYDVR0PAQH/BAQDAgWg -MBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwEgYDVR0RBAswCYIH -dGhlaG9zdDAKBggqhkjOPQQDAgNHADBEAiAEcKjBFoE1iYrdmoJ7WDndMEXyvmK+ -wBGbvdlapzEUlAIgGm0uf3OPPdg3O9bP95T1DSjwqy5208+IjRwO2MJwabc= +MIIBejCCASCgAwIBAgIRAJkUs6vEtBfp2Gp/nRFPub8wCgYIKoZIzj0EAwIwFTET +MBEGA1UEAxMKY3VzdG9tUm9vdDAeFw0wNDAzMTAwMDQ5MjJaFw0yNDAzMDQyMzQ5 +MjJaMB0xGzAZBgNVBAMMEmN1c3RvbVJvb3RfdGhlaG9zdDBZMBMGByqGSM49AgEG +CCqGSM49AwEHA0IABMdF2UQp0rR6GAto3gvwxnPnSlOaz3u2yZRejDPwU83LEGqm +VcHclahtZvjE8f/Bt4487UJtJ2MwFrfWRDYS3cOjSTBHMA4GA1UdDwEB/wQEAwIF +oDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMBIGA1UdEQQLMAmC +B3RoZWhvc3QwCgYIKoZIzj0EAwIDSAAwRQIgIoH3W84E+ibvfuiEuSkFwV4Yz1Vd +q8RRfHo2xjH7xxgCIQDZhKVkBI5i9oKsSj9OYlEFDM19OwuD1hgnf3NKms78Tw== -----END CERTIFICATE----- diff --git a/tests/tls/certs/server/trustedRoot_thehost.key b/tests/tls/certs/server/trustedRoot_thehost.key index 481957f94..c6f1bb8a9 100644 --- a/tests/tls/certs/server/trustedRoot_thehost.key +++ b/tests/tls/certs/server/trustedRoot_thehost.key @@ -1,5 +1,5 @@ -----BEGIN EC PRIVATE KEY----- -MHcCAQEEIJEGCseLAIb5bjQ1OGxO+tOCt2g1G4+a/vh2g8ReC/PVoAoGCCqGSM49 -AwEHoUQDQgAE2t9uNO4Yk30wUQTVMA2pqwvP8whnOL/L+0cDnG0y7dJotOfQnWpy -0KbTEFdGXr7cm5v5ZgG/Nl7DMO7lhrT9qA== +MHcCAQEEIEodc4qmubFEZsPn7zQo3zgrDGf4A7Xy+k3iFNso5YnGoAoGCCqGSM49 +AwEHoUQDQgAEzx/LH+yRW0V4+d5MiZacABJYLsQlxEp0ib7qft0sl1BYeddomuOb +lD6MSMK272kkRqE1IGAMOzKAaMzdXFBV7g== -----END EC PRIVATE KEY----- diff --git a/tests/tls/certs/server/trustedRoot_thehost.pem b/tests/tls/certs/server/trustedRoot_thehost.pem index 53451dbcb..001920130 100644 --- a/tests/tls/certs/server/trustedRoot_thehost.pem +++ b/tests/tls/certs/server/trustedRoot_thehost.pem @@ -1,10 +1,11 @@ -----BEGIN CERTIFICATE----- -MIIBfDCCASKgAwIBAgIRANhVWES8l75wxzCi68n9AtwwCgYIKoZIzj0EAwIwFjEU -MBIGA1UEAxMLdHJ1c3RlZFJvb3QwHhcNMjAwODI2MDQzMTU5WhcNNDAwODIxMDUz -MTU5WjAeMRwwGgYDVQQDDBN0cnVzdGVkUm9vdF90aGVob3N0MFkwEwYHKoZIzj0C -AQYIKoZIzj0DAQcDQgAE2t9uNO4Yk30wUQTVMA2pqwvP8whnOL/L+0cDnG0y7dJo -tOfQnWpy0KbTEFdGXr7cm5v5ZgG/Nl7DMO7lhrT9qKNJMEcwDgYDVR0PAQH/BAQD +MIIBfTCCASKgAwIBAgIRAN9oSl2LJiANAB/c1tNORGIwCgYIKoZIzj0EAwIwFjEU +MBIGA1UEAxMLdHJ1c3RlZFJvb3QwHhcNMjQwMzA0MjM0OTIyWhcNNDQwMjI5MDA0 +OTIyWjAeMRwwGgYDVQQDDBN0cnVzdGVkUm9vdF90aGVob3N0MFkwEwYHKoZIzj0C +AQYIKoZIzj0DAQcDQgAEzx/LH+yRW0V4+d5MiZacABJYLsQlxEp0ib7qft0sl1BY +eddomuOblD6MSMK272kkRqE1IGAMOzKAaMzdXFBV7qNJMEcwDgYDVR0PAQH/BAQD AgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwEgYDVR0RBAsw -CYIHdGhlaG9zdDAKBggqhkjOPQQDAgNIADBFAiAA3IBesXu3tHjVHee8M6zruVjy -w9hDHn4Xg1BgvcDQ8AIhAOPiwZOBOHWYSsH7m0Fii5Cpilig9rosjHyLmk5mK+CC +CYIHdGhlaG9zdDAKBggqhkjOPQQDAgNJADBGAiEA1Dqp1BS6Kkq7uAjUcRwC0yxb +GwgUtTkqZZV8GAy5gPgCIQCP7+XKUWOilFiQw6fs4gejqsrI1L7LDd7eW0s/VQin +fQ== -----END CERTIFICATE----- diff --git a/tests/tls/certs/server/trustedRoot_thehost_expired.key b/tests/tls/certs/server/trustedRoot_thehost_expired.key index 921829451..cf6ee1dad 100644 --- a/tests/tls/certs/server/trustedRoot_thehost_expired.key +++ b/tests/tls/certs/server/trustedRoot_thehost_expired.key @@ -1,5 +1,5 @@ -----BEGIN EC PRIVATE KEY----- -MHcCAQEEIB70AZ0Yb82D6pD55QERQWaUbV8RWoDG5LNfsjLLXOxPoAoGCCqGSM49 -AwEHoUQDQgAE1MHiktyKkUk5kJSOI9UgK2/tADF33S4+7e8SimxGjAMeE75Ff++v -Xo9BRI43slLWTOuUDzxjPS6WPmHOZGn1XA== +MHcCAQEEIMA2QKrVZWaa3EEsr8k/TFnvGVDJV4X9M5s8wNFY34OyoAoGCCqGSM49 +AwEHoUQDQgAEvAzChdoOgPB/A7fezyyb5Nc+zmnz+Vd23ZTJRSpq0h6Bt4R6zEQu +TXxYhsxQL+tV3MNfU6zMW3RzY7qGfRcLqQ== -----END EC PRIVATE KEY----- diff --git a/tests/tls/certs/server/trustedRoot_thehost_expired.pem b/tests/tls/certs/server/trustedRoot_thehost_expired.pem index b6be7eeb4..4cc743693 100644 --- a/tests/tls/certs/server/trustedRoot_thehost_expired.pem +++ b/tests/tls/certs/server/trustedRoot_thehost_expired.pem @@ -1,10 +1,10 @@ -----BEGIN CERTIFICATE----- -MIIBfDCCASKgAwIBAgIRAKMTjX+c53voo3T1QyaHrA8wCgYIKoZIzj0EAwIwFjEU -MBIGA1UEAxMLdHJ1c3RlZFJvb3QwHhcNMDAwODMxMDUzMTU5WhcNMjAwODI2MDQz -MTU5WjAeMRwwGgYDVQQDDBN0cnVzdGVkUm9vdF90aGVob3N0MFkwEwYHKoZIzj0C -AQYIKoZIzj0DAQcDQgAE1MHiktyKkUk5kJSOI9UgK2/tADF33S4+7e8SimxGjAMe -E75Ff++vXo9BRI43slLWTOuUDzxjPS6WPmHOZGn1XKNJMEcwDgYDVR0PAQH/BAQD -AgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwEgYDVR0RBAsw -CYIHdGhlaG9zdDAKBggqhkjOPQQDAgNIADBFAiEAxtkhzPGzO0dBvev10MXpCKa3 -dRwovlk/j+0Tlb9XGHECIFzSR5Z1i8dLfq+I/JNGffGddjRwZdMgRh0q5YuU64T9 +MIIBejCCASGgAwIBAgIQd9fQQIwWxeE7jujYAbGJqDAKBggqhkjOPQQDAjAWMRQw +EgYDVQQDEwt0cnVzdGVkUm9vdDAeFw0wNDAzMTAwMDQ5MjJaFw0yNDAzMDQyMzQ5 +MjJaMB4xHDAaBgNVBAMME3RydXN0ZWRSb290X3RoZWhvc3QwWTATBgcqhkjOPQIB +BggqhkjOPQMBBwNCAAS8DMKF2g6A8H8Dt97PLJvk1z7OafP5V3bdlMlFKmrSHoG3 +hHrMRC5NfFiGzFAv61Xcw19TrMxbdHNjuoZ9Fwupo0kwRzAOBgNVHQ8BAf8EBAMC +BaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADASBgNVHREECzAJ +ggd0aGVob3N0MAoGCCqGSM49BAMCA0cAMEQCIBdz7r1Lb/cRxnQ/3ZnNqVEvoS3x +6gA98U4uFACLSHHiAiAH0tEEZM3ClBS3OmUnxm9PxR3Cqq2LsyV6FM0qa80c/Q== -----END CERTIFICATE----- diff --git a/tests/tls/certs/server/untrustedRoot_thehost.key b/tests/tls/certs/server/untrustedRoot_thehost.key index 6430400ff..0857eb406 100644 --- a/tests/tls/certs/server/untrustedRoot_thehost.key +++ b/tests/tls/certs/server/untrustedRoot_thehost.key @@ -1,5 +1,5 @@ -----BEGIN EC PRIVATE KEY----- -MHcCAQEEIMsLIQaTT8AqLaWkNdokL3d8/Z1WYqk3InAGw7yMbXI7oAoGCCqGSM49 -AwEHoUQDQgAEVmBskdRvu8z+05dwZE4XbyWhs/Dp0dQqmknBnfj1qskQM2hcraWj -7wS3NdyWmVwflpQxF5T6Szw8vJ4fTjZtjA== +MHcCAQEEIBbyHNN9WiJDNd97jV05CMe2XA9U5o2j9LYuosUJXz6soAoGCCqGSM49 +AwEHoUQDQgAEMNTIbFDXTBScCnzEPpHMOajeM9R+r0XccGLSzVge7ZycxeprZ/im +YlMfwj5L0mnsD3bLe6mTNrvsmnAwLYeSow== -----END EC PRIVATE KEY----- diff --git a/tests/tls/certs/server/untrustedRoot_thehost.pem b/tests/tls/certs/server/untrustedRoot_thehost.pem index ce33a8da6..3a6695a2f 100644 --- a/tests/tls/certs/server/untrustedRoot_thehost.pem +++ b/tests/tls/certs/server/untrustedRoot_thehost.pem @@ -1,11 +1,11 @@ -----BEGIN CERTIFICATE----- -MIIBfzCCASWgAwIBAgIQXRCyPbYSG28CzAQRenmZvzAKBggqhkjOPQQDAjAYMRYw -FAYDVQQDEw11bnRydXN0ZWRSb290MB4XDTIwMDgyNjA0MzE1OVoXDTQwMDgyMTA1 -MzE1OVowIDEeMBwGA1UEAwwVdW50cnVzdGVkUm9vdF90aGVob3N0MFkwEwYHKoZI -zj0CAQYIKoZIzj0DAQcDQgAEVmBskdRvu8z+05dwZE4XbyWhs/Dp0dQqmknBnfj1 -qskQM2hcraWj7wS3NdyWmVwflpQxF5T6Szw8vJ4fTjZtjKNJMEcwDgYDVR0PAQH/ -BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwEgYDVR0R -BAswCYIHdGhlaG9zdDAKBggqhkjOPQQDAgNIADBFAiEA0f9pHHDwBrAfhoJbUVfG -PHiQRRW1MFfMZKTxKFrovfkCIBGKkpbctyZ8pslrodMPsm6s/aF089sR/Vf01NZ4 -dPlz +MIIBgDCCASagAwIBAgIRAPJ6cQQREN2mIoFTSCQuyMAwCgYIKoZIzj0EAwIwGDEW +MBQGA1UEAxMNdW50cnVzdGVkUm9vdDAeFw0yNDAzMDQyMzQ5MjJaFw00NDAyMjkw +MDQ5MjJaMCAxHjAcBgNVBAMMFXVudHJ1c3RlZFJvb3RfdGhlaG9zdDBZMBMGByqG +SM49AgEGCCqGSM49AwEHA0IABDDUyGxQ10wUnAp8xD6RzDmo3jPUfq9F3HBi0s1Y +Hu2cnMXqa2f4pmJTH8I+S9Jp7A92y3upkza77JpwMC2HkqOjSTBHMA4GA1UdDwEB +/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMBIGA1Ud +EQQLMAmCB3RoZWhvc3QwCgYIKoZIzj0EAwIDSAAwRQIhAL4fY7LOXnqwm9gQi1AP +4mhk8ShTg8ocThd//lL7bhEWAiBwdzmtQmRMP5cszyjZRR796StFyZFAzb/6snej +Lqd7aA== -----END CERTIFICATE----- diff --git a/tests/tls/certs/trustedRoot.key b/tests/tls/certs/trustedRoot.key index d27e0047c..98d080fca 100644 --- a/tests/tls/certs/trustedRoot.key +++ b/tests/tls/certs/trustedRoot.key @@ -1,5 +1,5 @@ -----BEGIN EC PRIVATE KEY----- -MHcCAQEEIAvxrkdyTpeA1vWaCJxlQOZZsq6t2nu477SX/K0/o/RwoAoGCCqGSM49 -AwEHoUQDQgAE74l9pA6YhikKz49gjmlTnS0IdT/O3mh4eODQYDlzYCsjdgRCIKtj -Tej/SW9wFPyi5v52F5y7uLGrONDxR3U1Zg== +MHcCAQEEIFIS2NB01ris13TohCWQkw2u120lijceMo9ZUpQMHmYLoAoGCCqGSM49 +AwEHoUQDQgAEUkiJaMVzO8CqVGQjN5GF73Hvsv13t9m0iTcsjqhioaC98FBYEU4t +w1kepJIXiPIooWpVAjag9qhg0b1qD38dqw== -----END EC PRIVATE KEY----- From a46f000588ffe4711633652890d8963ec26a0430 Mon Sep 17 00:00:00 2001 From: Robsdedude Date: Tue, 5 Mar 2024 16:56:57 +0100 Subject: [PATCH 16/18] Remove unnecessary dataclass decorators --- nutkit/frontend/auth_token_manager.py | 4 ---- nutkit/frontend/bookmark_manager.py | 1 - nutkit/frontend/client_certificate_provider.py | 2 -- 3 files changed, 7 deletions(-) diff --git a/nutkit/frontend/auth_token_manager.py b/nutkit/frontend/auth_token_manager.py index 90e19435d..c6c36bef3 100644 --- a/nutkit/frontend/auth_token_manager.py +++ b/nutkit/frontend/auth_token_manager.py @@ -1,6 +1,5 @@ from __future__ import annotations -from dataclasses import dataclass from typing import ( Any, Callable, @@ -42,7 +41,6 @@ ] -@dataclass class AuthTokenManager: _registry: ClassVar[Dict[Any, AuthTokenManager]] = {} @@ -105,7 +103,6 @@ def close(self, hooks=None): del self._registry[self.id] -@dataclass class BasicAuthTokenManager: _registry: ClassVar[Dict[Any, BasicAuthTokenManager]] = {} @@ -163,7 +160,6 @@ def close(self, hooks=None): del self._registry[self.id] -@dataclass class BearerAuthTokenManager: _registry: ClassVar[Dict[Any, BearerAuthTokenManager]] = {} diff --git a/nutkit/frontend/bookmark_manager.py b/nutkit/frontend/bookmark_manager.py index 5340cb378..f41a9d68b 100644 --- a/nutkit/frontend/bookmark_manager.py +++ b/nutkit/frontend/bookmark_manager.py @@ -22,7 +22,6 @@ class Neo4jBookmarkManagerConfig: bookmarks_consumer: Optional[Callable[[List[str]], None]] = None -@dataclass class BookmarkManager: _registry: ClassVar[Dict[Any, BookmarkManager]] = {} diff --git a/nutkit/frontend/client_certificate_provider.py b/nutkit/frontend/client_certificate_provider.py index 785104946..77cbd7bff 100644 --- a/nutkit/frontend/client_certificate_provider.py +++ b/nutkit/frontend/client_certificate_provider.py @@ -1,6 +1,5 @@ from __future__ import annotations -from dataclasses import dataclass from typing import ( Any, Callable, @@ -25,7 +24,6 @@ ] -@dataclass class ClientCertificateProvider: _registry: ClassVar[Dict[Any, ClientCertificateProvider]] = {} From 6da82a8d5a0bcb04590298ab195cf7a5fbe60431 Mon Sep 17 00:00:00 2001 From: Robsdedude Date: Tue, 5 Mar 2024 17:30:08 +0100 Subject: [PATCH 17/18] Refactor common code for a DRYer future --- nutkit/frontend/__init__.py | 5 +++- .../frontend/client_certificate_provider.py | 16 +++++++++-- tests/tls/test_client_certificate.py | 28 +++++++++---------- 3 files changed, 30 insertions(+), 19 deletions(-) diff --git a/nutkit/frontend/__init__.py b/nutkit/frontend/__init__.py index 303c1a2fd..5cda58965 100644 --- a/nutkit/frontend/__init__.py +++ b/nutkit/frontend/__init__.py @@ -7,7 +7,10 @@ BookmarkManager, Neo4jBookmarkManagerConfig, ) -from .client_certificate_provider import ClientCertificateProvider +from .client_certificate_provider import ( + ClientCertificateHolder, + ClientCertificateProvider, +) from .driver import Driver from .exceptions import ApplicationCodeError from .fake_time import FakeTime diff --git a/nutkit/frontend/client_certificate_provider.py b/nutkit/frontend/client_certificate_provider.py index 77cbd7bff..b380cf605 100644 --- a/nutkit/frontend/client_certificate_provider.py +++ b/nutkit/frontend/client_certificate_provider.py @@ -1,5 +1,6 @@ from __future__ import annotations +from dataclasses import dataclass from typing import ( Any, Callable, @@ -20,17 +21,26 @@ ) __all__ = [ + "ClientCertificateHolder", "ClientCertificateProvider", ] +@dataclass +class ClientCertificateHolder: + cert: ClientCertificate + has_update: bool = True + + class ClientCertificateProvider: _registry: ClassVar[Dict[Any, ClientCertificateProvider]] = {} + _backend: Any + _handler: Callable[[], ClientCertificateHolder] def __init__( self, backend: Backend, - handler: Callable[[], (bool, ClientCertificate)], + handler: Callable[[], ClientCertificateHolder], ): self._backend = backend self._handler = handler @@ -58,9 +68,9 @@ def process_callbacks(cls, request): f"id: {request.client_certificate_provider_id} not found" ) manager = cls._registry[request.client_certificate_provider_id] - has_update, cert = manager._handler() + cert_holder = manager._handler() return ClientCertificateProviderCompleted( - request.id, has_update, cert + request.id, cert_holder.has_update, cert_holder.cert ) def close(self, hooks=None): diff --git a/tests/tls/test_client_certificate.py b/tests/tls/test_client_certificate.py index 7abfef39f..78fe17cbc 100644 --- a/tests/tls/test_client_certificate.py +++ b/tests/tls/test_client_certificate.py @@ -1,8 +1,10 @@ import os -from dataclasses import dataclass import nutkit.protocol as types -from nutkit.frontend import ClientCertificateProvider +from nutkit.frontend import ( + ClientCertificateHolder, + ClientCertificateProvider, +) from tests.shared import get_driver_name from tests.tls.shared import ( TestkitTlsTestCase, @@ -153,12 +155,6 @@ def test_scc_and_certificate_not_present(self): self._server.reset() -@dataclass -class CertBuffer: - cert: types.ClientCertificate - has_update: bool = True - - class TestClientCertificateRotation(_TestClientCertificateBase): required_features = ( *_TestClientCertificateBase.required_features, @@ -167,14 +163,14 @@ class TestClientCertificateRotation(_TestClientCertificateBase): def test_client_rotation(self): cert_calls = 0 - cert_buffer = CertBuffer(self._get_client_certificate(1)) + cert_holder = ClientCertificateHolder(self._get_client_certificate(1)) - def get_cert(): - nonlocal cert_calls, cert_buffer + def get_cert() -> ClientCertificateHolder: + nonlocal cert_calls, cert_holder cert_calls += 1 - has_update = cert_buffer.has_update - cert_buffer.has_update = False - return has_update, cert_buffer.cert + has_update = cert_holder.has_update + cert_holder.has_update = False + return ClientCertificateHolder(cert_holder.cert, has_update) cert_provider = ClientCertificateProvider(self._backend, get_cert) @@ -194,4 +190,6 @@ def get_cert(): self.assertEqual(1, cert_calls) cert_calls = 0 - cert_buffer = CertBuffer(self._get_client_certificate(i + 1)) + cert_holder = ClientCertificateHolder( + self._get_client_certificate(i + 1) + ) From 6fa6d28ead3792a21e6f01e7901eaef467257b6c Mon Sep 17 00:00:00 2001 From: Robsdedude Date: Tue, 5 Mar 2024 17:31:40 +0100 Subject: [PATCH 18/18] Fix required feature flags --- tests/tls/test_client_certificate.py | 4 ---- 1 file changed, 4 deletions(-) diff --git a/tests/tls/test_client_certificate.py b/tests/tls/test_client_certificate.py index 78fe17cbc..9d61e1d5d 100644 --- a/tests/tls/test_client_certificate.py +++ b/tests/tls/test_client_certificate.py @@ -156,10 +156,6 @@ def test_scc_and_certificate_not_present(self): class TestClientCertificateRotation(_TestClientCertificateBase): - required_features = ( - *_TestClientCertificateBase.required_features, - types.Feature.API_LIVENESS_CHECK, - ) def test_client_rotation(self): cert_calls = 0