cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [2/7] cxf git commit: Rationalising the keys used in security tests - part I
Date Thu, 02 Jun 2016 16:42:25 GMT
http://git-wip-us.apache.org/repos/asf/cxf/blob/b2e34286/testutils/src/test/resources/keys/Truststore.pem
----------------------------------------------------------------------
diff --git a/testutils/src/test/resources/keys/Truststore.pem b/testutils/src/test/resources/keys/Truststore.pem
new file mode 100644
index 0000000..c04eaf8
--- /dev/null
+++ b/testutils/src/test/resources/keys/Truststore.pem
@@ -0,0 +1,86 @@
+-----BEGIN CERTIFICATE-----
+MIIDSTCCAjGgAwIBAgIEGFcAsjANBgkqhkiG9w0BAQsFADBVMQswCQYDVQQGEwJVUzERMA8GA1UE
+BxMIU3lyYWN1c2UxEzARBgNVBAoTCkFwYWNoZVRlc3QxDjAMBgNVBAsTBUdvcmR5MQ4wDAYDVQQD
+EwVHb3JkeTAeFw0xNTA5MDkxNTUyMzRaFw0yNTA5MDYxNTUyMzRaMFUxCzAJBgNVBAYTAlVTMREw
+DwYDVQQHEwhTeXJhY3VzZTETMBEGA1UEChMKQXBhY2hlVGVzdDEOMAwGA1UECxMFR29yZHkxDjAM
+BgNVBAMTBUdvcmR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVubnwltwu38Slqe
+ANXNBFkWQ3PV4n/T5tU1PLrkg+g7AEOtaWn/3TDfcxYovDF/TWnkwcYeYDeILdXcLJgoa0mhMO2n
+46JrR3NpLM5jBtw0NVBeBR+HuFfbdlLIABgD90+aalm4kB0Fq8BO1moP4NnbxccSl2vLdP6u9oLE
+xXDog+FpHfwffKvgnyDh0Mc3lYJ7dJpwQNOmPO8docyePR53IbQuAXL8C5rYc+OHU/smj4rvwqP9
+S5zj/yOpl+7tTAq+0kLJetHJ03Cb+KVhpl6Gn/80a5DGjm7c1gAzlEwQpxltY0PkD62WJhPsVOkW
+CtRhvUNWrxq+68i460m4ZwIDAQABoyEwHzAdBgNVHQ4EFgQUSYfZ7HYvl7iTrZaoOOwXMbR80Fow
+DQYJKoZIhvcNAQELBQADggEBAAFJpi0Fu74YK0TZk96ApCgGXKU4+CyRtk5OyBeYUN746ImacDO8
+Qg2idSnOAw08sEZGN0RQnHec9r/3dhIZvULf00uDLybhN+Q9ErqI2seooJo4oF0fsd3gR4jJIU5K
+fVL8UJ0mSqUVMyH7oklyN0e3btKgAjY24ycNt+WTXaX0e1K7phsX0vNc9WMp1ZQN9NjozWXW0mte
+5FsrjiFAdnbRx8Bsj4E25ZkyplibBqDnKmlQxl+VDk1QEdignRexdJIBsjRguJfdyl6u//fSRhp0
+GMFO9ovDEyegHf0ZnWJthq4egYTMLmkzReE2neQDzuN8zYoZLTngbA3ynP+Ghgc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDTTCCAjWgAwIBAgIEOEaECjANBgkqhkiG9w0BAQsFADBXMQswCQYDVQQGEwJVUzERMA8GA1UE
+BxMIU3lyYWN1c2UxEzARBgNVBAoTCkFwYWNoZVRlc3QxDzANBgNVBAsTBkJldGhhbDEPMA0GA1UE
+AxMGQmV0aGFsMB4XDTE1MDkwOTE1NTIwN1oXDTI1MDkwNjE1NTIwN1owVzELMAkGA1UEBhMCVVMx
+ETAPBgNVBAcTCFN5cmFjdXNlMRMwEQYDVQQKEwpBcGFjaGVUZXN0MQ8wDQYDVQQLEwZCZXRoYWwx
+DzANBgNVBAMTBkJldGhhbDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMxgwx2lxVDL
+teM15IOsdgBGff42ozTaLVjr30qHsREbnZrk+1G8KscUtVYUwtCDCEErz64tu/TY2jskUi54q1j2
+tOXCz0awxDRKbE4ddyvnqSqItYC9nB+T/LLFJ65bqyleRbO+Zsqj4Gi+8lGmzgk0kCLoCJ9LTrpt
+VzsHHuBsvEkcBHEX8in5umzbTy6y1jq3zsUdclgA/EV4eyvFd5+8J8XiB6Ac4q7qYJdUaOrDKk5X
+Ns05WuzW3hP/qXDpmyxgS1GQLBMj8yuopVR7/FuGCeDBSJe60cyWtDTxosjTLwjTEYIEB/ySIcgK
+0TU+QxU8XEwwutjMzecKd9PQdpMCAwEAAaMhMB8wHQYDVR0OBBYEFDWt03QU4rqQa91UjYCNkfx0
+tp3HMA0GCSqGSIb3DQEBCwUAA4IBAQCwObHeIssS3e1INNs67T2g0v17Z1+HDEx65dfwph6Wxbex
+hb9yNKEXFUIUk+Z6ZzTmv1fc4DBZ2z0Nbk8rrS2BD6kojWVRwZVnv6pfPDjU82mFL7kHztiNPq8u
+23+lTrhO9HjuQZtVnTW3+Uw9RW5mBu+8QVgze0Q1DjL5PqX3YHq16LCYp6vVjdm0o7fKDQke2Z01
+a4hYtUF17m/Sw6319ocSI2fRA2ppQ7Ts8J3GSkAyygSR52mqaC7jDgD2Oh1eRhRaTgiyxLNLnAHu
+Koxbcr3sGFP2ZYwtP9DlhxwZzzpPcNWwFMqcQ79WPKmRvBMNOQDBdW77P3cxG3DF5KkO
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDYTCCAkmgAwIBAgIEDV+5sjANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJVUzERMA8GA1UE
+BxMIU3lyYWN1c2UxEzARBgNVBAoTCkFwYWNoZVRlc3QxDzANBgNVBAsTBk1vcnBpdDEZMBcGA1UE
+AxMQd2hhdGV2ZXJob3N0LmNvbTAeFw0xNTA5MDkxNTUzMTRaFw0yNTA5MDYxNTUzMTRaMGExCzAJ
+BgNVBAYTAlVTMREwDwYDVQQHEwhTeXJhY3VzZTETMBEGA1UEChMKQXBhY2hlVGVzdDEPMA0GA1UE
+CxMGTW9ycGl0MRkwFwYDVQQDExB3aGF0ZXZlcmhvc3QuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAjKod4Ne5+B5rPhvl7Dt7//O1fRZYw5GACCgTG6F2Cy8ozF7lfQo7jy3KTjrC
+xOkty6IUxcll5EKZQBfsqfKq2beEWI+tG//ZEfc1paK+4HGrqARtFXYm/azzEC8E66cVKRIej8DM
+yXPHvNsSSN/T7c5QCMBAd5p+uQFCGkHcX6ywiCu5hOBDhxBTr3680lRIOjBoICd3ytlT8pnHqjm7
+VexiG5sPg32f90Tf1UCJQL41Jn1miow4xLjDw0L9pCcoLtoh1jjOwErwISeTXtfp0zMAZ1T0Cwmu
+DQCL2Ek0ysmoDSQlpwL/zi/9XzeZCUY9a4KK2DV6q1WNnGJq6pMu0QIDAQABoyEwHzAdBgNVHQ4E
+FgQULNllc99it0vTugh22XKUn7H3zUkwDQYJKoZIhvcNAQELBQADggEBAFnOo+ghsy59M25gjVBG
+82siBQkhgl0eSzp/wVqa41F/KCY5hY8moKZARelNgOFQQxRpK6gBhj53TjF7B0w834r3S30F37qA
+d+T7yfH9drN5I4mNeTHpxPKeI1KJneZUqKt1PR1iZScwPzHHIfUWRiZ8ilJwNNy2MoZONKh7lhf4
+ILfYclRmMu7UJfb2gFjvTnzUwS5YJ8U0H5EYy7oHZS+7q3GXuL953tFypr1m0kvDYW4kYwyhHRZE
+XcDvDWvmO83BIk1AOQhzQ4ak4JLBpVQJnrPBhGUZOUAmIuRoV9If5WfvjVymH13VuAKoPJR3902u
+Gul/3Uq+ifNDF8btPpw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDTTCCAjWgAwIBAgIEOHEczzANBgkqhkiG9w0BAQsFADBXMQswCQYDVQQGEwJVUzERMA8GA1UE
+BxMIU3lyYWN1c2UxEzARBgNVBAoTCkFwYWNoZVRlc3QxDzANBgNVBAsTBlRhcnBpbjEPMA0GA1UE
+AxMGVGFycGluMB4XDTE1MDkwOTE1NTA1M1oXDTI1MDkwNjE1NTA1M1owVzELMAkGA1UEBhMCVVMx
+ETAPBgNVBAcTCFN5cmFjdXNlMRMwEQYDVQQKEwpBcGFjaGVUZXN0MQ8wDQYDVQQLEwZUYXJwaW4x
+DzANBgNVBAMTBlRhcnBpbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJlWtQr06Soq
+QwTIKgvrLXxcqs/i6FNep3OF5nhzi4K7GOuV88UTyD3TBCFOF/sOtnVfR+mPPSfWe0z+avMKsRiw
+szzak+w2eM9cOBofO+3Ag1i9mQLpkjmkMHxflZ45C0GPcwnU/BekOKZvJ0OcJYZU6S8wszpGPinv
+OPeN1V56Wj3ud/lLR3Ll14G4QdbOxbS6tstJ+olL7Xtz7CfARqCNEjGbKx4VceiIjraheqKM0kLE
+RpdQ0DBgefGEI41BW1wogg92t6PQ6Em1RYeu97pDppSYoA/RYBW5xIDj7vz7aTVY6RaHZwAGNF+1
+Yzj8PVgV7Ppgf5VIhcIFiTyaUuECAwEAAaMhMB8wHQYDVR0OBBYEFMhTmGMuJOrPNTUCjKuRLGQ9
+la4gMA0GCSqGSIb3DQEBCwUAA4IBAQA86Rqp0xrNYb/M7dfk8SzVLaCMPyTslnhiZOVIWwQScwu8
+xqfiDXGg1000r/3N9/ACduiMwwmxYRT3OZOK8DhsHsmQXbY1vTBUEAQ3hx+mV7dPMi3WtmdU4vz6
+KtLPbl3G0803Jujxe0qcFk6FzOhlIiqd0jBRQqvMFWqzzRXDjhy64uLeVY2fNtX9w/b3xWUTL1kI
+mR8SpQnOdWunLqZLrksnuzVGU/hutD11ge0JOQRKHhTBoLBSpqGD8PPTjJipR0p7JII8KI8LbDI6
+YesmuRQmkEbpCMqM5FGVjN7VLeLjRSWcf5dT056WjErd/1zRNFrC0Jjf++g37arTOLQn
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDTTCCAjWgAwIBAgIEUgxbaTANBgkqhkiG9w0BAQsFADBXMQswCQYDVQQGEwJVUzERMA8GA1UE
+BxMIU3lyYWN1c2UxEzARBgNVBAoTCkFwYWNoZVRlc3QxDzANBgNVBAsTBlBvbHRpbTEPMA0GA1UE
+AxMGUG9sdGltMB4XDTE1MDkwOTE1NTM0NFoXDTI1MDkwNjE1NTM0NFowVzELMAkGA1UEBhMCVVMx
+ETAPBgNVBAcTCFN5cmFjdXNlMRMwEQYDVQQKEwpBcGFjaGVUZXN0MQ8wDQYDVQQLEwZQb2x0aW0x
+DzANBgNVBAMTBlBvbHRpbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKxyUZCjOaVe
+IpptbRbdr9Ki+3W/n2G6jmEOp3LJGtQC6JbAh1IprMpC6nbWwp/W0nnBXyCpevYk6Dj5VtLV0NU/
+1pLnzaS5E/EhZKmxL2PXpMozH7js3FsP/8j9FflvIhhMybSa3otw9tmBf1+Tc6mGlcDsZlHRju91
+WdVMRUVEsOBhNPZccKRTd2QK0H83kYSXMrcGc7dmtuWUWzavbVXdq20+UrV6V8Z/aW/Um270d3Zj
+9VFw6Ax4m0IlCmPM7OA/ONA/gzmsT5BVu0EueE4s9RtXCvK+vR+l2o1fwHW0gtIkQShvR8RBGZjf
+9onepE27U/Uya/+CxQWb3K17g+kCAwEAAaMhMB8wHQYDVR0OBBYEFKI4clFM35A+xunrsFmmuN8i
+Rc/gMA0GCSqGSIb3DQEBCwUAA4IBAQCceUMhVspIAMhA4JMdXgdowWhVEY9vhKJhoILRQ4wdorLs
+pQrUZMBxB7juJ2RdOCO+17Y2gYJi4F1HYaPn0q70iZQRAH4AxiSGPpKD9Qxgs4wIHZgzZ5NwCkko
+AXmSM+SyNiDDZBFd01120gmw40Ly8/3HcDR/um6/kx/YAKgJhc6fDGpzQOrLnoTxeyVV1twAmA+R
+PcrmRA6NAS8baWlzUXAYu8pq/xTOl77niKdAvndmtmlEDmsj0BXeXeCURRVODYU8cMTueudHjois
+tj5C6jX6xjGz1/XcXUaZX5Lr34GixSwJRzabrrGYl7S2sKHmEBUUoB4hortyb2Ufedg+
+-----END CERTIFICATE-----

http://git-wip-us.apache.org/repos/asf/cxf/blob/b2e34286/testutils/src/test/resources/keys/alice.jks
----------------------------------------------------------------------
diff --git a/testutils/src/test/resources/keys/alice.jks b/testutils/src/test/resources/keys/alice.jks
new file mode 100644
index 0000000..213b26c
Binary files /dev/null and b/testutils/src/test/resources/keys/alice.jks differ

http://git-wip-us.apache.org/repos/asf/cxf/blob/b2e34286/testutils/src/test/resources/keys/bob.jks
----------------------------------------------------------------------
diff --git a/testutils/src/test/resources/keys/bob.jks b/testutils/src/test/resources/keys/bob.jks
new file mode 100644
index 0000000..5550912
Binary files /dev/null and b/testutils/src/test/resources/keys/bob.jks differ

http://git-wip-us.apache.org/repos/asf/cxf/blob/b2e34286/testutils/src/test/resources/keys/cxfca.jks
----------------------------------------------------------------------
diff --git a/testutils/src/test/resources/keys/cxfca.jks b/testutils/src/test/resources/keys/cxfca.jks
new file mode 100644
index 0000000..53ad239
Binary files /dev/null and b/testutils/src/test/resources/keys/cxfca.jks differ

http://git-wip-us.apache.org/repos/asf/cxf/blob/b2e34286/testutils/src/test/resources/keys/genkeys.sh
----------------------------------------------------------------------
diff --git a/testutils/src/test/resources/keys/genkeys.sh b/testutils/src/test/resources/keys/genkeys.sh
new file mode 100755
index 0000000..a01a569
--- /dev/null
+++ b/testutils/src/test/resources/keys/genkeys.sh
@@ -0,0 +1,53 @@
+
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+#
+# This file generates a number of keys/certificates and keystores for 
+# names to be used with corresponding CXF configuration files (*.cxf).
+#
+
+#
+# Start with a clean slate. Remove all keystores.
+#
+rm -f *.jks
+rm -f Truststore.pem
+
+#
+# This function generates a key/self-signed certificate with the following DN.
+#  "CN=$1, OU=$2, O=ApacheTest, L=Syracuse, C=US" and adds it to 
+# the truststore.
+#
+function genkey {
+    keytool -genkey -alias $2 -keystore $2.jks -dname "CN=$1, OU=$2, O=ApacheTest, L=Syracuse,
C=US" -keyalg RSA -keypass password -storepass password -storetype jks -validity 10000
+    keytool -export -file $2.cer -alias $2 -keystore $2.jks -storepass password
+    keytool -import -file $2.cer -alias $2 -noprompt -keystore Truststore.jks -storepass
password
+}
+
+#
+# We generate keys/certificates with the following CN=<name> OU=<name>
+# The CN used to be "localhost" to conform to the default HostnameVerifier of
+# HttpsURLConnection so it would work for tests. However, we have enhanced
+# the HTTP Conduit logic to accept anything in the CN in favor of the 
+# MessageTrustDecider callback making the verification determination.
+#
+for name in Bethal Gordy Tarpin Poltim Morpit
+do
+   genkey $name $name
+   keytool -export -keystore Truststore.jks -storepass password -alias $i -rfc >> Truststore.pem
+done
+

http://git-wip-us.apache.org/repos/asf/cxf/blob/b2e34286/testutils/src/test/resources/keys/sts.jks
----------------------------------------------------------------------
diff --git a/testutils/src/test/resources/keys/sts.jks b/testutils/src/test/resources/keys/sts.jks
new file mode 100644
index 0000000..880463d
Binary files /dev/null and b/testutils/src/test/resources/keys/sts.jks differ

http://git-wip-us.apache.org/repos/asf/cxf/blob/b2e34286/testutils/src/test/resources/keys/subjalt.jks
----------------------------------------------------------------------
diff --git a/testutils/src/test/resources/keys/subjalt.jks b/testutils/src/test/resources/keys/subjalt.jks
new file mode 100644
index 0000000..fefac18
Binary files /dev/null and b/testutils/src/test/resources/keys/subjalt.jks differ


Mime
View raw message