Return-Path: X-Original-To: apmail-directory-commits-archive@www.apache.org Delivered-To: apmail-directory-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 576D5180A2 for ; Sun, 13 Dec 2015 02:21:45 +0000 (UTC) Received: (qmail 56307 invoked by uid 500); 13 Dec 2015 02:21:45 -0000 Delivered-To: apmail-directory-commits-archive@directory.apache.org Received: (qmail 56261 invoked by uid 500); 13 Dec 2015 02:21:45 -0000 Mailing-List: contact commits-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@directory.apache.org Delivered-To: mailing list commits@directory.apache.org Received: (qmail 56251 invoked by uid 99); 13 Dec 2015 02:21:45 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 13 Dec 2015 02:21:45 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id CE0E1E01F5; Sun, 13 Dec 2015 02:21:44 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: drankye@apache.org To: commits@directory.apache.org Message-Id: <896aab740f274db2ba8ab5e8307672cd@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: directory-kerby git commit: Consolidate codes in pki-provider module into kerby-pkix module and cleaned up accordingly Date: Sun, 13 Dec 2015 02:21:44 +0000 (UTC) Repository: directory-kerby Updated Branches: refs/heads/pkinit-support a2c604ee2 -> fa5daa976 Consolidate codes in pki-provider module into kerby-pkix module and cleaned up accordingly Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/fa5daa97 Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/fa5daa97 Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/fa5daa97 Branch: refs/heads/pkinit-support Commit: fa5daa976a8e70ce913da836280ab17b4eedf783 Parents: a2c604e Author: Kai Zheng Authored: Sun Dec 13 10:21:28 2015 +0800 Committer: Kai Zheng Committed: Sun Dec 13 10:21:28 2015 +0800 ---------------------------------------------------------------------- .../kerby/kerberos/kdc/WithCertKdcTest.java | 9 +- .../apache/kerby/kerberos/kerb/KrbRuntime.java | 21 ---- .../kerberos/kerb/provider/OtpProvider.java | 29 ----- .../kerby/kerberos/kerb/provider/PkiLoader.java | 70 ----------- .../kerberos/kerb/provider/PkiProvider.java | 33 ----- .../java/org/apache/kerby/x509/PkiLoader.java | 114 ++++++++++++++++++ .../org/apache/kerby/x509/PkiLoaderTest.java | 66 ++++++++++ kerby-pkix/src/test/resources/cacert.pem | 23 ++++ kerby-pkix/src/test/resources/cakey.pem | 27 +++++ kerby-pkix/src/test/resources/extensions.kdc | 36 ++++++ kerby-pkix/src/test/resources/kdccert.pem | 26 ++++ kerby-pkix/src/test/resources/kdckey.pem | 27 +++++ kerby-pkix/src/test/resources/usercert.pem | 26 ++++ kerby-pkix/src/test/resources/userkey.pem | 27 +++++ kerby-provider/pki-provider/pom.xml | 85 ------------- .../kerberos/provider/pki/KerbyPkiLoader.java | 120 ------------------- .../kerberos/provider/pki/KerbyPkiProvider.java | 35 ------ .../provider/pki/KerbyPkiLoaderTest.java | 67 ----------- .../pki-provider/src/test/resources/cacert.pem | 23 ---- .../pki-provider/src/test/resources/cakey.pem | 27 ----- .../src/test/resources/extensions.kdc | 36 ------ .../pki-provider/src/test/resources/kdccert.pem | 26 ---- .../pki-provider/src/test/resources/kdckey.pem | 27 ----- .../src/test/resources/usercert.pem | 26 ---- .../pki-provider/src/test/resources/userkey.pem | 27 ----- kerby-provider/pom.xml | 1 - 26 files changed, 375 insertions(+), 659 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fa5daa97/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithCertKdcTest.java ---------------------------------------------------------------------- diff --git a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithCertKdcTest.java b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithCertKdcTest.java index bed4dc6..5b5d5e4 100644 --- a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithCertKdcTest.java +++ b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithCertKdcTest.java @@ -20,14 +20,12 @@ package org.apache.kerby.kerberos.kdc; import org.apache.kerby.kerberos.kerb.KrbException; -import org.apache.kerby.kerberos.kerb.KrbRuntime; import org.apache.kerby.kerberos.kerb.client.KrbPkinitClient; -import org.apache.kerby.kerberos.kerb.provider.PkiLoader; import org.apache.kerby.kerberos.kerb.server.KdcConfigKey; import org.apache.kerby.kerberos.kerb.server.KdcTestBase; import org.apache.kerby.kerberos.kerb.type.ticket.SgtTicket; import org.apache.kerby.kerberos.kerb.type.ticket.TgtTicket; -import org.apache.kerby.kerberos.provider.pki.KerbyPkiProvider; +import org.apache.kerby.x509.PkiLoader; import org.junit.Before; import java.io.InputStream; @@ -56,8 +54,7 @@ public class WithCertKdcTest extends KdcTestBase { @Before public void setUp() throws Exception { - KrbRuntime.setPkiProvider(new KerbyPkiProvider()); - pkiLoader = KrbRuntime.getPkiProvider().createPkiLoader(); + pkiLoader = new PkiLoader(); super.setUp(); } @@ -135,7 +132,7 @@ public class WithCertKdcTest extends KdcTestBase { assertThat(tkt).isNotNull(); } - private void loadCredentials() throws KrbException { + private void loadCredentials() throws Exception { InputStream res = getClass().getResourceAsStream("/usercert.pem"); userCert = pkiLoader.loadCerts(res).iterator().next(); http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fa5daa97/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/KrbRuntime.java ---------------------------------------------------------------------- diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/KrbRuntime.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/KrbRuntime.java index d864627..c31053e 100644 --- a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/KrbRuntime.java +++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/KrbRuntime.java @@ -19,7 +19,6 @@ */ package org.apache.kerby.kerberos.kerb; -import org.apache.kerby.kerberos.kerb.provider.PkiProvider; import org.apache.kerby.kerberos.kerb.provider.TokenProvider; /** @@ -31,7 +30,6 @@ import org.apache.kerby.kerberos.kerb.provider.TokenProvider; public class KrbRuntime { private static TokenProvider tokenProvider; - private static PkiProvider pkiProvider; /** * Set up token provider, should be done at very initial time @@ -51,23 +49,4 @@ public class KrbRuntime { public static synchronized void setTokenProvider(TokenProvider tokenProvider) { KrbRuntime.tokenProvider = tokenProvider; } - - /** - * Get pki provider - * @return pki provider - */ - public static synchronized PkiProvider getPkiProvider() { - if (pkiProvider == null) { - throw new RuntimeException("No token provider is hooked into yet"); - } - return pkiProvider; - } - - /** - * Setup pkiProvider. - * @param pkiProvider The pki provider - */ - public static synchronized void setPkiProvider(PkiProvider pkiProvider) { - KrbRuntime.pkiProvider = pkiProvider; - } } http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fa5daa97/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/provider/OtpProvider.java ---------------------------------------------------------------------- diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/provider/OtpProvider.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/provider/OtpProvider.java deleted file mode 100644 index 8cbe94d..0000000 --- a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/provider/OtpProvider.java +++ /dev/null @@ -1,29 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerby.kerberos.kerb.provider; - -/** - * Otp provider for OTP mechanism. - */ -public interface OtpProvider extends KrbProvider { - - - -} http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fa5daa97/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/provider/PkiLoader.java ---------------------------------------------------------------------- diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/provider/PkiLoader.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/provider/PkiLoader.java deleted file mode 100644 index 4739e1a..0000000 --- a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/provider/PkiLoader.java +++ /dev/null @@ -1,70 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerby.kerberos.kerb.provider; - -import org.apache.kerby.kerberos.kerb.KrbException; - -import java.io.InputStream; -import java.security.PrivateKey; -import java.security.cert.Certificate; -import java.util.List; - -/** - * A PKI certificate and key loader. - */ -public interface PkiLoader { - - /** - * Load certificates from a cert file. - * @param certFile The cert file - * @return The certificates - * @throws KrbException e - */ - List loadCerts(String certFile) throws KrbException; - - /** - * Load certificates from an input stream. - * @param inputStream The input stream - * @return The certificates - * @throws KrbException e - */ - List loadCerts(InputStream inputStream) throws KrbException; - - /** - * Load private key from a key file with a password. - * @param keyFile The key file - * @param password The password - * @return private key - * @throws KrbException e - */ - PrivateKey loadPrivateKey(String keyFile, - String password) throws KrbException; - - /** - * Load a private key from input stream with a password. - * @param inputStream The input stream - * @param password The password - * @return private key - * @throws KrbException e - */ - PrivateKey loadPrivateKey(InputStream inputStream, - String password) throws KrbException; - -} http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fa5daa97/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/provider/PkiProvider.java ---------------------------------------------------------------------- diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/provider/PkiProvider.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/provider/PkiProvider.java deleted file mode 100644 index 70edeac..0000000 --- a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/provider/PkiProvider.java +++ /dev/null @@ -1,33 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerby.kerberos.kerb.provider; - -/** - * Pki provider for PKINIT mechanism. - */ -public interface PkiProvider extends KrbProvider { - - /** - * Create a pki loader. - * @return pki loader - */ - PkiLoader createPkiLoader(); - -} http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fa5daa97/kerby-pkix/src/main/java/org/apache/kerby/x509/PkiLoader.java ---------------------------------------------------------------------- diff --git a/kerby-pkix/src/main/java/org/apache/kerby/x509/PkiLoader.java b/kerby-pkix/src/main/java/org/apache/kerby/x509/PkiLoader.java new file mode 100644 index 0000000..00742a0 --- /dev/null +++ b/kerby-pkix/src/main/java/org/apache/kerby/x509/PkiLoader.java @@ -0,0 +1,114 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ +package org.apache.kerby.x509; + +import org.apache.commons.ssl.PKCS8Key; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.io.InputStream; +import java.security.GeneralSecurityException; +import java.security.KeyFactory; +import java.security.PrivateKey; +import java.security.cert.Certificate; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.spec.PKCS8EncodedKeySpec; +import java.util.ArrayList; +import java.util.Collection; +import java.util.List; + +public class PkiLoader { + + public List loadCerts(String certFile) throws IOException { + InputStream is; + try { + is = new FileInputStream(new File(certFile)); + } catch (FileNotFoundException e) { + throw new IOException("No cert file found", e); + } + return loadCerts(is); + } + + public List loadCerts(InputStream inputStream) throws IOException { + CertificateFactory certFactory = null; + try { + certFactory = CertificateFactory.getInstance("X.509"); + Collection certs = (Collection) + certFactory.generateCertificates(inputStream); + return new ArrayList(certs); + } catch (CertificateException e) { + throw new IOException("Failed to load certificates", e); + } + } + + public PrivateKey loadPrivateKey(String keyFile, String password) throws IOException { + InputStream in = null; + try { + in = new FileInputStream("/path/to/pkcs8_private_key.der"); + } catch (FileNotFoundException e) { + throw new IOException("No cert file found", e); + } + return loadPrivateKey(in, password); + } + + public PrivateKey loadPrivateKey(InputStream inputStream, String password) throws IOException { + try { + return doLoadPrivateKey(inputStream, password); + } catch (GeneralSecurityException e) { + throw new IOException("Failed to load private key", e); + } catch (IOException e) { + throw new IOException("Failed to load private key", e); + } + } + + private PrivateKey doLoadPrivateKey( + InputStream inputStream, String password) throws GeneralSecurityException, IOException { + if (password == null) { + password = ""; + } + // If the provided InputStream is encrypted, we need a password to decrypt + // it. If the InputStream is not encrypted, then the password is ignored + // (can be null). The InputStream can be DER (raw ASN.1) or PEM (base64). + PKCS8Key pkcs8 = new PKCS8Key(inputStream, password.toCharArray()); + + // If an unencrypted PKCS8 key was provided, then this actually returns + // exactly what was originally passed inputStream (with no changes). If an OpenSSL + // key was provided, it gets reformatted as PKCS #8 first, and so these + // bytes will still be PKCS #8, not OpenSSL. + byte[] decrypted = pkcs8.getDecryptedBytes(); + PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(decrypted); + + // A Java PrivateKey object is born. + PrivateKey pk = null; + if (pkcs8.isDSA()) { + pk = KeyFactory.getInstance("DSA").generatePrivate(spec); + } else if (pkcs8.isRSA()) { + pk = KeyFactory.getInstance("RSA").generatePrivate(spec); + } + + // For lazier types: + pk = pkcs8.getPrivateKey(); + + return pk; + } +} http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fa5daa97/kerby-pkix/src/test/java/org/apache/kerby/x509/PkiLoaderTest.java ---------------------------------------------------------------------- diff --git a/kerby-pkix/src/test/java/org/apache/kerby/x509/PkiLoaderTest.java b/kerby-pkix/src/test/java/org/apache/kerby/x509/PkiLoaderTest.java new file mode 100644 index 0000000..76dcd73 --- /dev/null +++ b/kerby-pkix/src/test/java/org/apache/kerby/x509/PkiLoaderTest.java @@ -0,0 +1,66 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ +package org.apache.kerby.x509; + +import org.junit.Before; +import org.junit.Test; + +import java.io.IOException; +import java.io.InputStream; +import java.security.PrivateKey; +import java.security.cert.Certificate; +import java.util.List; + +import static org.assertj.core.api.Assertions.assertThat; + +/** + openssl genrsa -out cakey.pem 2048 + openssl req -key cakey.pem -new -x509 -out cacert.pem -days 3650 + vi extensions.kdc + openssl genrsa -out kdckey.pem 2048 + openssl req -new -out kdc.req -key kdckey.pem + env REALM=SH.INTEL.COM openssl x509 -req -in kdc.req -CAkey cakey.pem \ + -CA cacert.pem -out kdc.pem -days 365 -extfile extensions.kdc -extensions kdc_cert -CAcreateserial + */ +public class PkiLoaderTest { + private PkiLoader pkiLoader; + + @Before + public void setup() { + pkiLoader = new PkiLoader(); + } + + @Test + public void loadCert() throws IOException { + InputStream res = getClass().getResourceAsStream("/usercert.pem"); + List certs = pkiLoader.loadCerts(res); + Certificate userCert = certs.iterator().next(); + + assertThat(userCert).isNotNull(); + } + + @Test + public void loadKey() throws IOException { + InputStream res = getClass().getResourceAsStream("/userkey.pem"); + PrivateKey key = pkiLoader.loadPrivateKey(res, null); + + assertThat(key).isNotNull(); + } +} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fa5daa97/kerby-pkix/src/test/resources/cacert.pem ---------------------------------------------------------------------- diff --git a/kerby-pkix/src/test/resources/cacert.pem b/kerby-pkix/src/test/resources/cacert.pem new file mode 100644 index 0000000..6b91561 --- /dev/null +++ b/kerby-pkix/src/test/resources/cacert.pem @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIID6zCCAtOgAwIBAgIJAMrZoeDxTzwWMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD +VQQGEwJjaDERMA8GA1UECAwIc2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4w +DAYDVQQKDAVpbnRlbDEQMA4GA1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0 +YTEiMCAGCSqGSIb3DQEJARYTa2FpLnpoZW5nQGludGVsLmNvbTAeFw0xNDA1MTMx +MzEzMjdaFw0yNDA1MTAxMzEzMjdaMIGLMQswCQYDVQQGEwJjaDERMA8GA1UECAwI +c2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4wDAYDVQQKDAVpbnRlbDEQMA4G +A1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0YTEiMCAGCSqGSIb3DQEJARYT +a2FpLnpoZW5nQGludGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAMCznJJ02ZUjCPvAwnBmfPs0akb5QRc/NKu8kCtAPWzgHS2JPTQfJhkDbTAD +eIlg8IeJpOdrYnzdaBCzgxqjSkls+vxjYotOU0Zbrpy2bj0lRDqdYbNsiuConKgT +MeuDEd/4ZI0X9NWLAi06Iv1F4mHXf36c6uqiUWTtXiofogrFUoTRwACKR2qeC95X +Py+FDmpS9lz0mo0vDWjetLQC2IBngjjPFdR16n87QDIWfRBkk66rn7rEA6Li66b/ +cToajMSA/n+2Ud1mntSY4RdDdd0TBtAq9RrXtUOfzGaE7S6t+FtYyEprvT4FdOTU +uyYgSNaI9ANVP1zhQ9LACKuudOECAwEAAaNQME4wHQYDVR0OBBYEFD91SVOejfwx +u33+5N0TdYbHJbgAMB8GA1UdIwQYMBaAFD91SVOejfwxu33+5N0TdYbHJbgAMAwG +A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBADsONtUqGNBPBXnRowcJwv+Y +F1Vea+4dkBwYbhkiO6H5XMKr+waOnOD2eAvgP4aeYg/a0xOzzETRD9wi1Z1P1ZMy +d/NzHQjj4egPENwDv1PH2voZgsXXzXIqUMOtz9t12TuJUrSA2SBW1tz/evckHhNY +fHg4ThvTIgwEdV/yvrOEBLV9dXG5IhhF+NW1MegTGkt4SpOoH1pi3o9VekVRnix9 +xrIdaC4Ee6vQaR603HwDS9Y+a1c2KU7QoLX8Vaa904cQ+rxhGsTAkocnZXeo6Hl5 +V8BlDYXxeP86fzcWi04ll2BmEEw/RimHEOLpGqxTVHJ5p5BVSCHP8aCD0VJheaU= +-----END CERTIFICATE----- http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fa5daa97/kerby-pkix/src/test/resources/cakey.pem ---------------------------------------------------------------------- diff --git a/kerby-pkix/src/test/resources/cakey.pem b/kerby-pkix/src/test/resources/cakey.pem new file mode 100644 index 0000000..66dc806 --- /dev/null +++ b/kerby-pkix/src/test/resources/cakey.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAwLOcknTZlSMI+8DCcGZ8+zRqRvlBFz80q7yQK0A9bOAdLYk9 +NB8mGQNtMAN4iWDwh4mk52tifN1oELODGqNKSWz6/GNii05TRluunLZuPSVEOp1h +s2yK4KicqBMx64MR3/hkjRf01YsCLToi/UXiYdd/fpzq6qJRZO1eKh+iCsVShNHA +AIpHap4L3lc/L4UOalL2XPSajS8NaN60tALYgGeCOM8V1HXqfztAMhZ9EGSTrquf +usQDouLrpv9xOhqMxID+f7ZR3Wae1JjhF0N13RMG0Cr1Gte1Q5/MZoTtLq34W1jI +Smu9PgV05NS7JiBI1oj0A1U/XOFD0sAIq6504QIDAQABAoIBAHqFeMax3unxBbQ0 +Aiy/LTX3RJ9tuZITUOTklnG5fZStBkA+oxhxuaJryE+f1VLbvPMgdCXj5BHqIFGG +IZSdQA1hak9wzWYvXck9X88qOvtLp47xI/6Vw9NFwZ0n3zST+JiD8UK4eaYQpUim +Tzrj5SU6hEi3crHOlJvsRFPaGwhnA9wycoOo4o22XBj3C8Hwzi4vWcKXH/RCSwZQ +zFuYbe77Pn9Sv5q5zdglkmm7wngoVt/aKQke/Vk+Eincx1V12b05DNLjugo6FWQh +0f2MmHpvqNSHs9USC5+y2lKQ1JNHh7mnpPCXkZEH4V7q+3mKVzl9tXzj9Gul20pw +tneD6WUCgYEA9QUrQoWHKeVMjeukHjDJa2KjRLMmg9YRQyVABH9+nQTp1jYUjMRA +GUoUx91gG6gjjJD/xvor/U0Fh3vKtZE93c+avrcaYDwf3q/L4gh+3b87lVDfzjrp +L+MPTpEzWiyyLfr/kLA0TgUjnrj9bav5uDps8mJpNf8s9ZP1/QDhF5sCgYEAyVZA +pHSIyBI2GT0+92JXvYDK/ZfV5m4RGHaG/PMDoU4IbGbjHVyzzsyzDUgvOASXwfF8 +YzwX7Tf95RZw12P/Jepxt0vqBJPKUCsMLUrmANQvN1Pz8+Vk6UADLM7kNc06MqB9 +/U3GKCFZZuedEhbgXnEV9gzelhILImJGZMxG0zMCgYApymnofLHjGXMHOcvSQmv4 +XuiODShikB59n1rd6YkE6xOfL7YtlEOCjLoipMWBshnuHcUigQUDvSFWTGz0rwMo +VAKGyOA8zcR5zO4vbVeGJtnYy+SAXlfrjQTNV8K0fK8fXJI+cW9aZ1H9/ntrO0vq +ejye0t4zEYTvlf782iuKRQKBgQCnTQ7mGRfX+JoPmv8JniR+idkjpNnPYsK96y/8 +XQs1LJx/R3eN3IxlWV+nt8XU7KwWMs5Dv5m6Ov61MFKQCL3qCch4oZJSP2Sr/Tlf +IY/CPI8HkLF0h7e0wsZgo4Kq2mBz1T0cEVaJ3jxl8Cxq7at/jsTK8qK7XT73UWZh +OAXaVQKBgDmg2QTX7c0/dbDMOuw18g3xfE/oqU+VWT784wtvpcdjHR+KAVLWHG8l +oc/bm8Bs0o0f5dfH7uUvWdP6JMvbgYZBgIMqw+iH8P2lFCLzIRf0me/l+r0Oi64U +5jp9K+7Ggc7S0SSnCLmBLMN5lXQZbhzks1La7DZmFeAz8rOEnlUB +-----END RSA PRIVATE KEY----- http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fa5daa97/kerby-pkix/src/test/resources/extensions.kdc ---------------------------------------------------------------------- diff --git a/kerby-pkix/src/test/resources/extensions.kdc b/kerby-pkix/src/test/resources/extensions.kdc new file mode 100644 index 0000000..8052f71 --- /dev/null +++ b/kerby-pkix/src/test/resources/extensions.kdc @@ -0,0 +1,36 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +[kdc_cert] +basicConstraints=CA:FALSE +keyUsage=nonRepudiation,digitalSignature,keyEncipherment,keyAgreement +extendedKeyUsage=1.3.6.1.5.2.3.5 +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid,issuer +issuerAltName=issuer:copy +subjectAltName=otherName:1.3.6.1.5.2.2;SEQUENCE:kdc_princ_name + +[kdc_princ_name] +realm=EXP:0,GeneralString:${ENV::REALM} +principal_name=EXP:1,SEQUENCE:kdc_principal_seq + +[kdc_principal_seq] +name_type=EXP:0,INTEGER:1 +name_string=EXP:1,SEQUENCE:kdc_principals + +[kdc_principals] +princ1=GeneralString:krbtgt +princ2=GeneralString:${ENV::REALM} http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fa5daa97/kerby-pkix/src/test/resources/kdccert.pem ---------------------------------------------------------------------- diff --git a/kerby-pkix/src/test/resources/kdccert.pem b/kerby-pkix/src/test/resources/kdccert.pem new file mode 100644 index 0000000..67e538c --- /dev/null +++ b/kerby-pkix/src/test/resources/kdccert.pem @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIEYjCCA0qgAwIBAgIJAL2ZFUkXCgK2MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD +VQQGEwJjaDERMA8GA1UECAwIc2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4w +DAYDVQQKDAVpbnRlbDEQMA4GA1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0 +YTEiMCAGCSqGSIb3DQEJARYTa2FpLnpoZW5nQGludGVsLmNvbTAeFw0xNDA1MTMx +MzI3MjFaFw0xNTA1MTMxMzI3MjFaMIGLMQswCQYDVQQGEwJjaDERMA8GA1UECAwI +c2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4wDAYDVQQKDAVpbnRlbDEQMA4G +A1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0YTEiMCAGCSqGSIb3DQEJARYT +a2FpLnpoZW5nQGludGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAMs0jF1fi5AVMunQ/jpxgSjRlpmVQyT//LrwBmyI77C+hCD4z/InoG4q2tl5 +fAH+2n7HHgon4E0QXyRxAz0+Ugun7qHW9oT2pnxoc1l8seyGNMK9adsxLpCv7RXK +quqLcj34UQCzRDKxgkH5UBwxGY0kId0W1MqPh1LZRZIk1hakREC4DBj+slnDkN0s +nh8pC/8q/hTPJ9QrqWT6oc1FjMVKz3FxFbxXELYxg4M6SXnzGzdWa3xSe4Ou0QO2 +EwncQUoo8N6plOKX5lncDhC2usT//AZHvKdcVmOwX0ByxZqGQIXk7g1kbsbG5m45 +JMjt/HnOQcfg88iSLKJZu+ODw00CAwEAAaOBxjCBwzAJBgNVHRMEAjAAMAsGA1Ud +DwQEAwID6DASBgNVHSUECzAJBgcrBgEFAgMFMB0GA1UdDgQWBBS8Bmb9kTUkw61e +Is+9KDV5U6JjyjAfBgNVHSMEGDAWgBQ/dUlTno38Mbt9/uTdE3WGxyW4ADAJBgNV +HRIEAjAAMEoGA1UdEQRDMEGgPwYGKwYBBQICoDUwM6AOGwxTSC5JTlRFTC5DT02h +ITAfoAMCAQGhGDAWGwZrcmJ0Z3QbDFNILklOVEVMLkNPTTANBgkqhkiG9w0BAQUF +AAOCAQEAS/I0zH9ByFcXTF56I5aPmPdzYKpIpFF6Kkwyw0M2EuIcTcpDl74/xmq9 +YPHS6TSDAt3wHzs9JQlSWah04L0R+IgHVacLRgdXfTWqglFFH/pve3p49WCrYmWz +txQeRV5dxzaE3oTdDq15DRkUJmt0GIk1x6ehrGZOpIL8oTFmVmnR7EgrKWlIMYCs +R/GkEuCH15wadom/Hw5Db1KLPEjxCdwy947guOh4SO0fcW3h55V3troS/46TbVFF +FvNSqGD+19/QM/MhLIy5OnTxOio8M9zp+yfDlzLnpbMi0ZO6tLvB4XhjvP0as34c +5vCA/8HPfaearSyAYi2Ir9vT3O9J/w== +-----END CERTIFICATE----- http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fa5daa97/kerby-pkix/src/test/resources/kdckey.pem ---------------------------------------------------------------------- diff --git a/kerby-pkix/src/test/resources/kdckey.pem b/kerby-pkix/src/test/resources/kdckey.pem new file mode 100644 index 0000000..c9e75e2 --- /dev/null +++ b/kerby-pkix/src/test/resources/kdckey.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAyzSMXV+LkBUy6dD+OnGBKNGWmZVDJP/8uvAGbIjvsL6EIPjP +8iegbira2Xl8Af7afsceCifgTRBfJHEDPT5SC6fuodb2hPamfGhzWXyx7IY0wr1p +2zEukK/tFcqq6otyPfhRALNEMrGCQflQHDEZjSQh3RbUyo+HUtlFkiTWFqREQLgM +GP6yWcOQ3SyeHykL/yr+FM8n1CupZPqhzUWMxUrPcXEVvFcQtjGDgzpJefMbN1Zr +fFJ7g67RA7YTCdxBSijw3qmU4pfmWdwOELa6xP/8Bke8p1xWY7BfQHLFmoZAheTu +DWRuxsbmbjkkyO38ec5Bx+DzyJIsolm744PDTQIDAQABAoIBAQC4Byb3iQgDvK8X +QcZ7dz/Zj7Yr8RmV8J8ZTTcEJB+umVtf4PWyAGEyZG0+dt7vj7ahCgMSf3qLUEBZ +6F9en4n+NF/RAbTQRfAQyydr65nW8tPlaVTsxWW+cxTrn1eagh88MB5r2+3vWwL0 +bK04Wt8hC4//giXELKgJR+vRprqcVRgy11nYaTP59IDdg4YscbHfc/LYa7ABQ1G5 +5NKtjMy13UvtD/4C3TS1NpL2xtzAgQRe3XFDIyOmv476Ts1boqSHBFX+MXmLBAfi +8Qhaj1DO8A0HS/c4egcL6esCe4kcgtCuq66n8JzOlVbCDGOYIUkUyQ9Nfo31M5i5 +XhqF9CsBAoGBAP7PqkncLAvyjHQKPpDyWCBtkV7z+DWRZRPz4w8tit+TiAv6hRF7 +kK+NUhP1mBuS4duyEV58B8LWOR0ir7ftbL0/unxR1XWMOvTEHr/9lG1sKZoI0dJS +Ee+VvuVFwdm/ABxfnveGCRrSHY7GAvFln3gC1Cst3NPPKbpznb3FiH/JAoGBAMwn +P1Labt/OuzB70Vxve3TCeFA6jYzcYdA3riv1V0FIWoNgcQ742b0+6HDpEQgn4Rdb +KiKz8hSplM1nx8NyWwS9r7gRQ9HIc0qC5S4A0A9QEbdKrkUiQDlwHgdDKPPCWih9 +qH05etiQ044BtOq7uXsWYqiIomOW/XyDUEhbRRFlAoGALmVnj01Mo9xFILfgzomh +7D2nE4/+qNpRekGVHWVgfPci9XNnGVjTbnOf90xnptWm1Fbm/Lo+u4ZAHgL71dSg +UREyhoJsCJxA++Jd6v1kMkxYgtiKQ+53n5U3jg2Wj2xMu93ZVx6Lt9t8UEvTq1qi +n7p8IWSXaeW1pmJ43V4DTakCgYAFcSpj+ASqnKUqxrIvB52/4As7AESTs7A7z7Ap +5dFcoSQgimqZHpMXU1z43Y2hrQZ4C+sUn71dRaP80b5mfF7mwnOzsWogZnqESvb3 +AfiJ3/WI8Emy+BXEMjPqt6SY0t56Y9cg925J5ZpuF6eN9lEccd1RZssFYpoBPrLe +KuitbQKBgQC3DNejUqol2max6rf4h/GnwLE2BOTmFLnswexlw76p/63Jo1SaVpk7 +9nAltsqNCl4L/eAJ8hJdeTE5YVjYsgAVJrXZbiRfxHBMeHj9g0d1VafGqdomKf0R +7Qytlcvsw8jn96ckEMPPLJF0bX5cu9S6lMyEbb6Ih41P13uvgP6ufg== +-----END RSA PRIVATE KEY----- http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fa5daa97/kerby-pkix/src/test/resources/usercert.pem ---------------------------------------------------------------------- diff --git a/kerby-pkix/src/test/resources/usercert.pem b/kerby-pkix/src/test/resources/usercert.pem new file mode 100644 index 0000000..67e538c --- /dev/null +++ b/kerby-pkix/src/test/resources/usercert.pem @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIEYjCCA0qgAwIBAgIJAL2ZFUkXCgK2MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD +VQQGEwJjaDERMA8GA1UECAwIc2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4w +DAYDVQQKDAVpbnRlbDEQMA4GA1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0 +YTEiMCAGCSqGSIb3DQEJARYTa2FpLnpoZW5nQGludGVsLmNvbTAeFw0xNDA1MTMx +MzI3MjFaFw0xNTA1MTMxMzI3MjFaMIGLMQswCQYDVQQGEwJjaDERMA8GA1UECAwI +c2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4wDAYDVQQKDAVpbnRlbDEQMA4G +A1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0YTEiMCAGCSqGSIb3DQEJARYT +a2FpLnpoZW5nQGludGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAMs0jF1fi5AVMunQ/jpxgSjRlpmVQyT//LrwBmyI77C+hCD4z/InoG4q2tl5 +fAH+2n7HHgon4E0QXyRxAz0+Ugun7qHW9oT2pnxoc1l8seyGNMK9adsxLpCv7RXK +quqLcj34UQCzRDKxgkH5UBwxGY0kId0W1MqPh1LZRZIk1hakREC4DBj+slnDkN0s +nh8pC/8q/hTPJ9QrqWT6oc1FjMVKz3FxFbxXELYxg4M6SXnzGzdWa3xSe4Ou0QO2 +EwncQUoo8N6plOKX5lncDhC2usT//AZHvKdcVmOwX0ByxZqGQIXk7g1kbsbG5m45 +JMjt/HnOQcfg88iSLKJZu+ODw00CAwEAAaOBxjCBwzAJBgNVHRMEAjAAMAsGA1Ud +DwQEAwID6DASBgNVHSUECzAJBgcrBgEFAgMFMB0GA1UdDgQWBBS8Bmb9kTUkw61e +Is+9KDV5U6JjyjAfBgNVHSMEGDAWgBQ/dUlTno38Mbt9/uTdE3WGxyW4ADAJBgNV +HRIEAjAAMEoGA1UdEQRDMEGgPwYGKwYBBQICoDUwM6AOGwxTSC5JTlRFTC5DT02h +ITAfoAMCAQGhGDAWGwZrcmJ0Z3QbDFNILklOVEVMLkNPTTANBgkqhkiG9w0BAQUF +AAOCAQEAS/I0zH9ByFcXTF56I5aPmPdzYKpIpFF6Kkwyw0M2EuIcTcpDl74/xmq9 +YPHS6TSDAt3wHzs9JQlSWah04L0R+IgHVacLRgdXfTWqglFFH/pve3p49WCrYmWz +txQeRV5dxzaE3oTdDq15DRkUJmt0GIk1x6ehrGZOpIL8oTFmVmnR7EgrKWlIMYCs +R/GkEuCH15wadom/Hw5Db1KLPEjxCdwy947guOh4SO0fcW3h55V3troS/46TbVFF +FvNSqGD+19/QM/MhLIy5OnTxOio8M9zp+yfDlzLnpbMi0ZO6tLvB4XhjvP0as34c +5vCA/8HPfaearSyAYi2Ir9vT3O9J/w== +-----END CERTIFICATE----- http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fa5daa97/kerby-pkix/src/test/resources/userkey.pem ---------------------------------------------------------------------- diff --git a/kerby-pkix/src/test/resources/userkey.pem b/kerby-pkix/src/test/resources/userkey.pem new file mode 100644 index 0000000..c9e75e2 --- /dev/null +++ b/kerby-pkix/src/test/resources/userkey.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAyzSMXV+LkBUy6dD+OnGBKNGWmZVDJP/8uvAGbIjvsL6EIPjP +8iegbira2Xl8Af7afsceCifgTRBfJHEDPT5SC6fuodb2hPamfGhzWXyx7IY0wr1p +2zEukK/tFcqq6otyPfhRALNEMrGCQflQHDEZjSQh3RbUyo+HUtlFkiTWFqREQLgM +GP6yWcOQ3SyeHykL/yr+FM8n1CupZPqhzUWMxUrPcXEVvFcQtjGDgzpJefMbN1Zr +fFJ7g67RA7YTCdxBSijw3qmU4pfmWdwOELa6xP/8Bke8p1xWY7BfQHLFmoZAheTu +DWRuxsbmbjkkyO38ec5Bx+DzyJIsolm744PDTQIDAQABAoIBAQC4Byb3iQgDvK8X +QcZ7dz/Zj7Yr8RmV8J8ZTTcEJB+umVtf4PWyAGEyZG0+dt7vj7ahCgMSf3qLUEBZ +6F9en4n+NF/RAbTQRfAQyydr65nW8tPlaVTsxWW+cxTrn1eagh88MB5r2+3vWwL0 +bK04Wt8hC4//giXELKgJR+vRprqcVRgy11nYaTP59IDdg4YscbHfc/LYa7ABQ1G5 +5NKtjMy13UvtD/4C3TS1NpL2xtzAgQRe3XFDIyOmv476Ts1boqSHBFX+MXmLBAfi +8Qhaj1DO8A0HS/c4egcL6esCe4kcgtCuq66n8JzOlVbCDGOYIUkUyQ9Nfo31M5i5 +XhqF9CsBAoGBAP7PqkncLAvyjHQKPpDyWCBtkV7z+DWRZRPz4w8tit+TiAv6hRF7 +kK+NUhP1mBuS4duyEV58B8LWOR0ir7ftbL0/unxR1XWMOvTEHr/9lG1sKZoI0dJS +Ee+VvuVFwdm/ABxfnveGCRrSHY7GAvFln3gC1Cst3NPPKbpznb3FiH/JAoGBAMwn +P1Labt/OuzB70Vxve3TCeFA6jYzcYdA3riv1V0FIWoNgcQ742b0+6HDpEQgn4Rdb +KiKz8hSplM1nx8NyWwS9r7gRQ9HIc0qC5S4A0A9QEbdKrkUiQDlwHgdDKPPCWih9 +qH05etiQ044BtOq7uXsWYqiIomOW/XyDUEhbRRFlAoGALmVnj01Mo9xFILfgzomh +7D2nE4/+qNpRekGVHWVgfPci9XNnGVjTbnOf90xnptWm1Fbm/Lo+u4ZAHgL71dSg +UREyhoJsCJxA++Jd6v1kMkxYgtiKQ+53n5U3jg2Wj2xMu93ZVx6Lt9t8UEvTq1qi +n7p8IWSXaeW1pmJ43V4DTakCgYAFcSpj+ASqnKUqxrIvB52/4As7AESTs7A7z7Ap +5dFcoSQgimqZHpMXU1z43Y2hrQZ4C+sUn71dRaP80b5mfF7mwnOzsWogZnqESvb3 +AfiJ3/WI8Emy+BXEMjPqt6SY0t56Y9cg925J5ZpuF6eN9lEccd1RZssFYpoBPrLe +KuitbQKBgQC3DNejUqol2max6rf4h/GnwLE2BOTmFLnswexlw76p/63Jo1SaVpk7 +9nAltsqNCl4L/eAJ8hJdeTE5YVjYsgAVJrXZbiRfxHBMeHj9g0d1VafGqdomKf0R +7Qytlcvsw8jn96ckEMPPLJF0bX5cu9S6lMyEbb6Ih41P13uvgP6ufg== +-----END RSA PRIVATE KEY----- http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fa5daa97/kerby-provider/pki-provider/pom.xml ---------------------------------------------------------------------- diff --git a/kerby-provider/pki-provider/pom.xml b/kerby-provider/pki-provider/pom.xml deleted file mode 100644 index fd5137d..0000000 --- a/kerby-provider/pki-provider/pom.xml +++ /dev/null @@ -1,85 +0,0 @@ - - - - 4.0.0 - - - org.apache.kerby - kerby-provider - 1.0.0-RC2-SNAPSHOT - - - pki-provider - Pki provider - Pki provider - - - - org.apache.kerby - kerb-core - ${project.version} - - - org.apache.kerby - not-yet-commons-ssl - ${project.version} - - - - test - junit - junit - ${junit.version} - - - org.assertj - assertj-core - ${assertj.version} - test - - - - - - dist - - - - org.apache.maven.plugins - maven-assembly-plugin - 2.2 - - - package-all - package - - single - - - - jar-with-dependencies - - - - - - - - - - - \ No newline at end of file http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fa5daa97/kerby-provider/pki-provider/src/main/java/org/apache/kerby/kerberos/provider/pki/KerbyPkiLoader.java ---------------------------------------------------------------------- diff --git a/kerby-provider/pki-provider/src/main/java/org/apache/kerby/kerberos/provider/pki/KerbyPkiLoader.java b/kerby-provider/pki-provider/src/main/java/org/apache/kerby/kerberos/provider/pki/KerbyPkiLoader.java deleted file mode 100644 index ba1f581..0000000 --- a/kerby-provider/pki-provider/src/main/java/org/apache/kerby/kerberos/provider/pki/KerbyPkiLoader.java +++ /dev/null @@ -1,120 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerby.kerberos.provider.pki; - -import org.apache.commons.ssl.PKCS8Key; -import org.apache.kerby.kerberos.kerb.KrbException; -import org.apache.kerby.kerberos.kerb.provider.PkiLoader; - -import java.io.File; -import java.io.FileInputStream; -import java.io.FileNotFoundException; -import java.io.IOException; -import java.io.InputStream; -import java.security.GeneralSecurityException; -import java.security.KeyFactory; -import java.security.PrivateKey; -import java.security.cert.Certificate; -import java.security.cert.CertificateException; -import java.security.cert.CertificateFactory; -import java.security.spec.PKCS8EncodedKeySpec; -import java.util.ArrayList; -import java.util.Collection; -import java.util.List; - -public class KerbyPkiLoader implements PkiLoader { - - @Override - public List loadCerts(String certFile) throws KrbException { - InputStream is; - try { - is = new FileInputStream(new File(certFile)); - } catch (FileNotFoundException e) { - throw new KrbException("No cert file found", e); - } - return loadCerts(is); - } - - @Override - public List loadCerts(InputStream inputStream) throws KrbException { - CertificateFactory certFactory = null; - try { - certFactory = CertificateFactory.getInstance("X.509"); - Collection certs = (Collection) - certFactory.generateCertificates(inputStream); - return new ArrayList(certs); - } catch (CertificateException e) { - throw new KrbException("Failed to load certificates", e); - } - } - - @Override - public PrivateKey loadPrivateKey(String keyFile, String password) throws KrbException { - InputStream in = null; - try { - in = new FileInputStream("/path/to/pkcs8_private_key.der"); - } catch (FileNotFoundException e) { - throw new KrbException("No cert file found", e); - } - return loadPrivateKey(in, password); - } - - @Override - public PrivateKey loadPrivateKey(InputStream inputStream, String password) throws KrbException { - try { - return doLoadPrivateKey(inputStream, password); - } catch (GeneralSecurityException e) { - throw new KrbException("Failed to load private key", e); - } catch (IOException e) { - throw new KrbException("Failed to load private key", e); - } - } - - private PrivateKey doLoadPrivateKey( - InputStream inputStream, String password) throws GeneralSecurityException, IOException { - if (password == null) { - password = ""; - } - // If the provided InputStream is encrypted, we need a password to decrypt - // it. If the InputStream is not encrypted, then the password is ignored - // (can be null). The InputStream can be DER (raw ASN.1) or PEM (base64). - PKCS8Key pkcs8 = new PKCS8Key(inputStream, password.toCharArray()); - - // If an unencrypted PKCS8 key was provided, then this actually returns - // exactly what was originally passed inputStream (with no changes). If an OpenSSL - // key was provided, it gets reformatted as PKCS #8 first, and so these - // bytes will still be PKCS #8, not OpenSSL. - byte[] decrypted = pkcs8.getDecryptedBytes(); - PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(decrypted); - - // A Java PrivateKey object is born. - PrivateKey pk = null; - if (pkcs8.isDSA()) { - pk = KeyFactory.getInstance("DSA").generatePrivate(spec); - } else if (pkcs8.isRSA()) { - pk = KeyFactory.getInstance("RSA").generatePrivate(spec); - } - - // For lazier types: - pk = pkcs8.getPrivateKey(); - - return pk; - } -} http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fa5daa97/kerby-provider/pki-provider/src/main/java/org/apache/kerby/kerberos/provider/pki/KerbyPkiProvider.java ---------------------------------------------------------------------- diff --git a/kerby-provider/pki-provider/src/main/java/org/apache/kerby/kerberos/provider/pki/KerbyPkiProvider.java b/kerby-provider/pki-provider/src/main/java/org/apache/kerby/kerberos/provider/pki/KerbyPkiProvider.java deleted file mode 100644 index 7a830f9..0000000 --- a/kerby-provider/pki-provider/src/main/java/org/apache/kerby/kerberos/provider/pki/KerbyPkiProvider.java +++ /dev/null @@ -1,35 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerby.kerberos.provider.pki; - -import org.apache.kerby.kerberos.kerb.provider.PkiLoader; -import org.apache.kerby.kerberos.kerb.provider.PkiProvider; - -/** - * Kerby Pki provider. - */ -public class KerbyPkiProvider implements PkiProvider { - - @Override - public PkiLoader createPkiLoader() { - return new KerbyPkiLoader(); - } - -} http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fa5daa97/kerby-provider/pki-provider/src/test/java/org/apache/kerby/kerberos/provider/pki/KerbyPkiLoaderTest.java ---------------------------------------------------------------------- diff --git a/kerby-provider/pki-provider/src/test/java/org/apache/kerby/kerberos/provider/pki/KerbyPkiLoaderTest.java b/kerby-provider/pki-provider/src/test/java/org/apache/kerby/kerberos/provider/pki/KerbyPkiLoaderTest.java deleted file mode 100644 index 4091dca..0000000 --- a/kerby-provider/pki-provider/src/test/java/org/apache/kerby/kerberos/provider/pki/KerbyPkiLoaderTest.java +++ /dev/null @@ -1,67 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.kerby.kerberos.provider.pki; - -import org.apache.kerby.kerberos.kerb.KrbException; -import org.apache.kerby.kerberos.kerb.provider.PkiLoader; -import org.junit.Before; -import org.junit.Test; - -import java.io.InputStream; -import java.security.PrivateKey; -import java.security.cert.Certificate; -import java.util.List; - -import static org.assertj.core.api.Assertions.assertThat; - -/** - openssl genrsa -out cakey.pem 2048 - openssl req -key cakey.pem -new -x509 -out cacert.pem -days 3650 - vi extensions.kdc - openssl genrsa -out kdckey.pem 2048 - openssl req -new -out kdc.req -key kdckey.pem - env REALM=SH.INTEL.COM openssl x509 -req -in kdc.req -CAkey cakey.pem \ - -CA cacert.pem -out kdc.pem -days 365 -extfile extensions.kdc -extensions kdc_cert -CAcreateserial - */ -public class KerbyPkiLoaderTest { - private PkiLoader pkiLoader; - - @Before - public void setup() { - pkiLoader = new KerbyPkiLoader(); - } - - @Test - public void loadCert() throws KrbException { - InputStream res = getClass().getResourceAsStream("/usercert.pem"); - List certs = pkiLoader.loadCerts(res); - Certificate userCert = certs.iterator().next(); - - assertThat(userCert).isNotNull(); - } - - @Test - public void loadKey() throws KrbException { - InputStream res = getClass().getResourceAsStream("/userkey.pem"); - PrivateKey key = pkiLoader.loadPrivateKey(res, null); - - assertThat(key).isNotNull(); - } -} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fa5daa97/kerby-provider/pki-provider/src/test/resources/cacert.pem ---------------------------------------------------------------------- diff --git a/kerby-provider/pki-provider/src/test/resources/cacert.pem b/kerby-provider/pki-provider/src/test/resources/cacert.pem deleted file mode 100644 index 6b91561..0000000 --- a/kerby-provider/pki-provider/src/test/resources/cacert.pem +++ /dev/null @@ -1,23 +0,0 @@ ------BEGIN CERTIFICATE----- -MIID6zCCAtOgAwIBAgIJAMrZoeDxTzwWMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD -VQQGEwJjaDERMA8GA1UECAwIc2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4w -DAYDVQQKDAVpbnRlbDEQMA4GA1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0 -YTEiMCAGCSqGSIb3DQEJARYTa2FpLnpoZW5nQGludGVsLmNvbTAeFw0xNDA1MTMx -MzEzMjdaFw0yNDA1MTAxMzEzMjdaMIGLMQswCQYDVQQGEwJjaDERMA8GA1UECAwI -c2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4wDAYDVQQKDAVpbnRlbDEQMA4G -A1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0YTEiMCAGCSqGSIb3DQEJARYT -a2FpLnpoZW5nQGludGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC -ggEBAMCznJJ02ZUjCPvAwnBmfPs0akb5QRc/NKu8kCtAPWzgHS2JPTQfJhkDbTAD -eIlg8IeJpOdrYnzdaBCzgxqjSkls+vxjYotOU0Zbrpy2bj0lRDqdYbNsiuConKgT -MeuDEd/4ZI0X9NWLAi06Iv1F4mHXf36c6uqiUWTtXiofogrFUoTRwACKR2qeC95X -Py+FDmpS9lz0mo0vDWjetLQC2IBngjjPFdR16n87QDIWfRBkk66rn7rEA6Li66b/ -cToajMSA/n+2Ud1mntSY4RdDdd0TBtAq9RrXtUOfzGaE7S6t+FtYyEprvT4FdOTU -uyYgSNaI9ANVP1zhQ9LACKuudOECAwEAAaNQME4wHQYDVR0OBBYEFD91SVOejfwx -u33+5N0TdYbHJbgAMB8GA1UdIwQYMBaAFD91SVOejfwxu33+5N0TdYbHJbgAMAwG -A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBADsONtUqGNBPBXnRowcJwv+Y -F1Vea+4dkBwYbhkiO6H5XMKr+waOnOD2eAvgP4aeYg/a0xOzzETRD9wi1Z1P1ZMy -d/NzHQjj4egPENwDv1PH2voZgsXXzXIqUMOtz9t12TuJUrSA2SBW1tz/evckHhNY -fHg4ThvTIgwEdV/yvrOEBLV9dXG5IhhF+NW1MegTGkt4SpOoH1pi3o9VekVRnix9 -xrIdaC4Ee6vQaR603HwDS9Y+a1c2KU7QoLX8Vaa904cQ+rxhGsTAkocnZXeo6Hl5 -V8BlDYXxeP86fzcWi04ll2BmEEw/RimHEOLpGqxTVHJ5p5BVSCHP8aCD0VJheaU= ------END CERTIFICATE----- http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fa5daa97/kerby-provider/pki-provider/src/test/resources/cakey.pem ---------------------------------------------------------------------- diff --git a/kerby-provider/pki-provider/src/test/resources/cakey.pem b/kerby-provider/pki-provider/src/test/resources/cakey.pem deleted file mode 100644 index 66dc806..0000000 --- a/kerby-provider/pki-provider/src/test/resources/cakey.pem +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEAwLOcknTZlSMI+8DCcGZ8+zRqRvlBFz80q7yQK0A9bOAdLYk9 -NB8mGQNtMAN4iWDwh4mk52tifN1oELODGqNKSWz6/GNii05TRluunLZuPSVEOp1h -s2yK4KicqBMx64MR3/hkjRf01YsCLToi/UXiYdd/fpzq6qJRZO1eKh+iCsVShNHA -AIpHap4L3lc/L4UOalL2XPSajS8NaN60tALYgGeCOM8V1HXqfztAMhZ9EGSTrquf -usQDouLrpv9xOhqMxID+f7ZR3Wae1JjhF0N13RMG0Cr1Gte1Q5/MZoTtLq34W1jI -Smu9PgV05NS7JiBI1oj0A1U/XOFD0sAIq6504QIDAQABAoIBAHqFeMax3unxBbQ0 -Aiy/LTX3RJ9tuZITUOTklnG5fZStBkA+oxhxuaJryE+f1VLbvPMgdCXj5BHqIFGG -IZSdQA1hak9wzWYvXck9X88qOvtLp47xI/6Vw9NFwZ0n3zST+JiD8UK4eaYQpUim -Tzrj5SU6hEi3crHOlJvsRFPaGwhnA9wycoOo4o22XBj3C8Hwzi4vWcKXH/RCSwZQ -zFuYbe77Pn9Sv5q5zdglkmm7wngoVt/aKQke/Vk+Eincx1V12b05DNLjugo6FWQh -0f2MmHpvqNSHs9USC5+y2lKQ1JNHh7mnpPCXkZEH4V7q+3mKVzl9tXzj9Gul20pw -tneD6WUCgYEA9QUrQoWHKeVMjeukHjDJa2KjRLMmg9YRQyVABH9+nQTp1jYUjMRA -GUoUx91gG6gjjJD/xvor/U0Fh3vKtZE93c+avrcaYDwf3q/L4gh+3b87lVDfzjrp -L+MPTpEzWiyyLfr/kLA0TgUjnrj9bav5uDps8mJpNf8s9ZP1/QDhF5sCgYEAyVZA -pHSIyBI2GT0+92JXvYDK/ZfV5m4RGHaG/PMDoU4IbGbjHVyzzsyzDUgvOASXwfF8 -YzwX7Tf95RZw12P/Jepxt0vqBJPKUCsMLUrmANQvN1Pz8+Vk6UADLM7kNc06MqB9 -/U3GKCFZZuedEhbgXnEV9gzelhILImJGZMxG0zMCgYApymnofLHjGXMHOcvSQmv4 -XuiODShikB59n1rd6YkE6xOfL7YtlEOCjLoipMWBshnuHcUigQUDvSFWTGz0rwMo -VAKGyOA8zcR5zO4vbVeGJtnYy+SAXlfrjQTNV8K0fK8fXJI+cW9aZ1H9/ntrO0vq -ejye0t4zEYTvlf782iuKRQKBgQCnTQ7mGRfX+JoPmv8JniR+idkjpNnPYsK96y/8 -XQs1LJx/R3eN3IxlWV+nt8XU7KwWMs5Dv5m6Ov61MFKQCL3qCch4oZJSP2Sr/Tlf -IY/CPI8HkLF0h7e0wsZgo4Kq2mBz1T0cEVaJ3jxl8Cxq7at/jsTK8qK7XT73UWZh -OAXaVQKBgDmg2QTX7c0/dbDMOuw18g3xfE/oqU+VWT784wtvpcdjHR+KAVLWHG8l -oc/bm8Bs0o0f5dfH7uUvWdP6JMvbgYZBgIMqw+iH8P2lFCLzIRf0me/l+r0Oi64U -5jp9K+7Ggc7S0SSnCLmBLMN5lXQZbhzks1La7DZmFeAz8rOEnlUB ------END RSA PRIVATE KEY----- http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fa5daa97/kerby-provider/pki-provider/src/test/resources/extensions.kdc ---------------------------------------------------------------------- diff --git a/kerby-provider/pki-provider/src/test/resources/extensions.kdc b/kerby-provider/pki-provider/src/test/resources/extensions.kdc deleted file mode 100644 index 8052f71..0000000 --- a/kerby-provider/pki-provider/src/test/resources/extensions.kdc +++ /dev/null @@ -1,36 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. -[kdc_cert] -basicConstraints=CA:FALSE -keyUsage=nonRepudiation,digitalSignature,keyEncipherment,keyAgreement -extendedKeyUsage=1.3.6.1.5.2.3.5 -subjectKeyIdentifier=hash -authorityKeyIdentifier=keyid,issuer -issuerAltName=issuer:copy -subjectAltName=otherName:1.3.6.1.5.2.2;SEQUENCE:kdc_princ_name - -[kdc_princ_name] -realm=EXP:0,GeneralString:${ENV::REALM} -principal_name=EXP:1,SEQUENCE:kdc_principal_seq - -[kdc_principal_seq] -name_type=EXP:0,INTEGER:1 -name_string=EXP:1,SEQUENCE:kdc_principals - -[kdc_principals] -princ1=GeneralString:krbtgt -princ2=GeneralString:${ENV::REALM} http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fa5daa97/kerby-provider/pki-provider/src/test/resources/kdccert.pem ---------------------------------------------------------------------- diff --git a/kerby-provider/pki-provider/src/test/resources/kdccert.pem b/kerby-provider/pki-provider/src/test/resources/kdccert.pem deleted file mode 100644 index 67e538c..0000000 --- a/kerby-provider/pki-provider/src/test/resources/kdccert.pem +++ /dev/null @@ -1,26 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEYjCCA0qgAwIBAgIJAL2ZFUkXCgK2MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD -VQQGEwJjaDERMA8GA1UECAwIc2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4w -DAYDVQQKDAVpbnRlbDEQMA4GA1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0 -YTEiMCAGCSqGSIb3DQEJARYTa2FpLnpoZW5nQGludGVsLmNvbTAeFw0xNDA1MTMx -MzI3MjFaFw0xNTA1MTMxMzI3MjFaMIGLMQswCQYDVQQGEwJjaDERMA8GA1UECAwI -c2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4wDAYDVQQKDAVpbnRlbDEQMA4G -A1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0YTEiMCAGCSqGSIb3DQEJARYT -a2FpLnpoZW5nQGludGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC -ggEBAMs0jF1fi5AVMunQ/jpxgSjRlpmVQyT//LrwBmyI77C+hCD4z/InoG4q2tl5 -fAH+2n7HHgon4E0QXyRxAz0+Ugun7qHW9oT2pnxoc1l8seyGNMK9adsxLpCv7RXK -quqLcj34UQCzRDKxgkH5UBwxGY0kId0W1MqPh1LZRZIk1hakREC4DBj+slnDkN0s -nh8pC/8q/hTPJ9QrqWT6oc1FjMVKz3FxFbxXELYxg4M6SXnzGzdWa3xSe4Ou0QO2 -EwncQUoo8N6plOKX5lncDhC2usT//AZHvKdcVmOwX0ByxZqGQIXk7g1kbsbG5m45 -JMjt/HnOQcfg88iSLKJZu+ODw00CAwEAAaOBxjCBwzAJBgNVHRMEAjAAMAsGA1Ud -DwQEAwID6DASBgNVHSUECzAJBgcrBgEFAgMFMB0GA1UdDgQWBBS8Bmb9kTUkw61e -Is+9KDV5U6JjyjAfBgNVHSMEGDAWgBQ/dUlTno38Mbt9/uTdE3WGxyW4ADAJBgNV -HRIEAjAAMEoGA1UdEQRDMEGgPwYGKwYBBQICoDUwM6AOGwxTSC5JTlRFTC5DT02h -ITAfoAMCAQGhGDAWGwZrcmJ0Z3QbDFNILklOVEVMLkNPTTANBgkqhkiG9w0BAQUF -AAOCAQEAS/I0zH9ByFcXTF56I5aPmPdzYKpIpFF6Kkwyw0M2EuIcTcpDl74/xmq9 -YPHS6TSDAt3wHzs9JQlSWah04L0R+IgHVacLRgdXfTWqglFFH/pve3p49WCrYmWz -txQeRV5dxzaE3oTdDq15DRkUJmt0GIk1x6ehrGZOpIL8oTFmVmnR7EgrKWlIMYCs -R/GkEuCH15wadom/Hw5Db1KLPEjxCdwy947guOh4SO0fcW3h55V3troS/46TbVFF -FvNSqGD+19/QM/MhLIy5OnTxOio8M9zp+yfDlzLnpbMi0ZO6tLvB4XhjvP0as34c -5vCA/8HPfaearSyAYi2Ir9vT3O9J/w== ------END CERTIFICATE----- http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fa5daa97/kerby-provider/pki-provider/src/test/resources/kdckey.pem ---------------------------------------------------------------------- diff --git a/kerby-provider/pki-provider/src/test/resources/kdckey.pem b/kerby-provider/pki-provider/src/test/resources/kdckey.pem deleted file mode 100644 index c9e75e2..0000000 --- a/kerby-provider/pki-provider/src/test/resources/kdckey.pem +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAyzSMXV+LkBUy6dD+OnGBKNGWmZVDJP/8uvAGbIjvsL6EIPjP -8iegbira2Xl8Af7afsceCifgTRBfJHEDPT5SC6fuodb2hPamfGhzWXyx7IY0wr1p -2zEukK/tFcqq6otyPfhRALNEMrGCQflQHDEZjSQh3RbUyo+HUtlFkiTWFqREQLgM -GP6yWcOQ3SyeHykL/yr+FM8n1CupZPqhzUWMxUrPcXEVvFcQtjGDgzpJefMbN1Zr -fFJ7g67RA7YTCdxBSijw3qmU4pfmWdwOELa6xP/8Bke8p1xWY7BfQHLFmoZAheTu -DWRuxsbmbjkkyO38ec5Bx+DzyJIsolm744PDTQIDAQABAoIBAQC4Byb3iQgDvK8X -QcZ7dz/Zj7Yr8RmV8J8ZTTcEJB+umVtf4PWyAGEyZG0+dt7vj7ahCgMSf3qLUEBZ -6F9en4n+NF/RAbTQRfAQyydr65nW8tPlaVTsxWW+cxTrn1eagh88MB5r2+3vWwL0 -bK04Wt8hC4//giXELKgJR+vRprqcVRgy11nYaTP59IDdg4YscbHfc/LYa7ABQ1G5 -5NKtjMy13UvtD/4C3TS1NpL2xtzAgQRe3XFDIyOmv476Ts1boqSHBFX+MXmLBAfi -8Qhaj1DO8A0HS/c4egcL6esCe4kcgtCuq66n8JzOlVbCDGOYIUkUyQ9Nfo31M5i5 -XhqF9CsBAoGBAP7PqkncLAvyjHQKPpDyWCBtkV7z+DWRZRPz4w8tit+TiAv6hRF7 -kK+NUhP1mBuS4duyEV58B8LWOR0ir7ftbL0/unxR1XWMOvTEHr/9lG1sKZoI0dJS -Ee+VvuVFwdm/ABxfnveGCRrSHY7GAvFln3gC1Cst3NPPKbpznb3FiH/JAoGBAMwn -P1Labt/OuzB70Vxve3TCeFA6jYzcYdA3riv1V0FIWoNgcQ742b0+6HDpEQgn4Rdb -KiKz8hSplM1nx8NyWwS9r7gRQ9HIc0qC5S4A0A9QEbdKrkUiQDlwHgdDKPPCWih9 -qH05etiQ044BtOq7uXsWYqiIomOW/XyDUEhbRRFlAoGALmVnj01Mo9xFILfgzomh -7D2nE4/+qNpRekGVHWVgfPci9XNnGVjTbnOf90xnptWm1Fbm/Lo+u4ZAHgL71dSg -UREyhoJsCJxA++Jd6v1kMkxYgtiKQ+53n5U3jg2Wj2xMu93ZVx6Lt9t8UEvTq1qi -n7p8IWSXaeW1pmJ43V4DTakCgYAFcSpj+ASqnKUqxrIvB52/4As7AESTs7A7z7Ap -5dFcoSQgimqZHpMXU1z43Y2hrQZ4C+sUn71dRaP80b5mfF7mwnOzsWogZnqESvb3 -AfiJ3/WI8Emy+BXEMjPqt6SY0t56Y9cg925J5ZpuF6eN9lEccd1RZssFYpoBPrLe -KuitbQKBgQC3DNejUqol2max6rf4h/GnwLE2BOTmFLnswexlw76p/63Jo1SaVpk7 -9nAltsqNCl4L/eAJ8hJdeTE5YVjYsgAVJrXZbiRfxHBMeHj9g0d1VafGqdomKf0R -7Qytlcvsw8jn96ckEMPPLJF0bX5cu9S6lMyEbb6Ih41P13uvgP6ufg== ------END RSA PRIVATE KEY----- http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fa5daa97/kerby-provider/pki-provider/src/test/resources/usercert.pem ---------------------------------------------------------------------- diff --git a/kerby-provider/pki-provider/src/test/resources/usercert.pem b/kerby-provider/pki-provider/src/test/resources/usercert.pem deleted file mode 100644 index 67e538c..0000000 --- a/kerby-provider/pki-provider/src/test/resources/usercert.pem +++ /dev/null @@ -1,26 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEYjCCA0qgAwIBAgIJAL2ZFUkXCgK2MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD -VQQGEwJjaDERMA8GA1UECAwIc2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4w -DAYDVQQKDAVpbnRlbDEQMA4GA1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0 -YTEiMCAGCSqGSIb3DQEJARYTa2FpLnpoZW5nQGludGVsLmNvbTAeFw0xNDA1MTMx -MzI3MjFaFw0xNTA1MTMxMzI3MjFaMIGLMQswCQYDVQQGEwJjaDERMA8GA1UECAwI -c2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4wDAYDVQQKDAVpbnRlbDEQMA4G -A1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0YTEiMCAGCSqGSIb3DQEJARYT -a2FpLnpoZW5nQGludGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC -ggEBAMs0jF1fi5AVMunQ/jpxgSjRlpmVQyT//LrwBmyI77C+hCD4z/InoG4q2tl5 -fAH+2n7HHgon4E0QXyRxAz0+Ugun7qHW9oT2pnxoc1l8seyGNMK9adsxLpCv7RXK -quqLcj34UQCzRDKxgkH5UBwxGY0kId0W1MqPh1LZRZIk1hakREC4DBj+slnDkN0s -nh8pC/8q/hTPJ9QrqWT6oc1FjMVKz3FxFbxXELYxg4M6SXnzGzdWa3xSe4Ou0QO2 -EwncQUoo8N6plOKX5lncDhC2usT//AZHvKdcVmOwX0ByxZqGQIXk7g1kbsbG5m45 -JMjt/HnOQcfg88iSLKJZu+ODw00CAwEAAaOBxjCBwzAJBgNVHRMEAjAAMAsGA1Ud -DwQEAwID6DASBgNVHSUECzAJBgcrBgEFAgMFMB0GA1UdDgQWBBS8Bmb9kTUkw61e -Is+9KDV5U6JjyjAfBgNVHSMEGDAWgBQ/dUlTno38Mbt9/uTdE3WGxyW4ADAJBgNV -HRIEAjAAMEoGA1UdEQRDMEGgPwYGKwYBBQICoDUwM6AOGwxTSC5JTlRFTC5DT02h -ITAfoAMCAQGhGDAWGwZrcmJ0Z3QbDFNILklOVEVMLkNPTTANBgkqhkiG9w0BAQUF -AAOCAQEAS/I0zH9ByFcXTF56I5aPmPdzYKpIpFF6Kkwyw0M2EuIcTcpDl74/xmq9 -YPHS6TSDAt3wHzs9JQlSWah04L0R+IgHVacLRgdXfTWqglFFH/pve3p49WCrYmWz -txQeRV5dxzaE3oTdDq15DRkUJmt0GIk1x6ehrGZOpIL8oTFmVmnR7EgrKWlIMYCs -R/GkEuCH15wadom/Hw5Db1KLPEjxCdwy947guOh4SO0fcW3h55V3troS/46TbVFF -FvNSqGD+19/QM/MhLIy5OnTxOio8M9zp+yfDlzLnpbMi0ZO6tLvB4XhjvP0as34c -5vCA/8HPfaearSyAYi2Ir9vT3O9J/w== ------END CERTIFICATE----- http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fa5daa97/kerby-provider/pki-provider/src/test/resources/userkey.pem ---------------------------------------------------------------------- diff --git a/kerby-provider/pki-provider/src/test/resources/userkey.pem b/kerby-provider/pki-provider/src/test/resources/userkey.pem deleted file mode 100644 index c9e75e2..0000000 --- a/kerby-provider/pki-provider/src/test/resources/userkey.pem +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAyzSMXV+LkBUy6dD+OnGBKNGWmZVDJP/8uvAGbIjvsL6EIPjP -8iegbira2Xl8Af7afsceCifgTRBfJHEDPT5SC6fuodb2hPamfGhzWXyx7IY0wr1p -2zEukK/tFcqq6otyPfhRALNEMrGCQflQHDEZjSQh3RbUyo+HUtlFkiTWFqREQLgM -GP6yWcOQ3SyeHykL/yr+FM8n1CupZPqhzUWMxUrPcXEVvFcQtjGDgzpJefMbN1Zr -fFJ7g67RA7YTCdxBSijw3qmU4pfmWdwOELa6xP/8Bke8p1xWY7BfQHLFmoZAheTu -DWRuxsbmbjkkyO38ec5Bx+DzyJIsolm744PDTQIDAQABAoIBAQC4Byb3iQgDvK8X -QcZ7dz/Zj7Yr8RmV8J8ZTTcEJB+umVtf4PWyAGEyZG0+dt7vj7ahCgMSf3qLUEBZ -6F9en4n+NF/RAbTQRfAQyydr65nW8tPlaVTsxWW+cxTrn1eagh88MB5r2+3vWwL0 -bK04Wt8hC4//giXELKgJR+vRprqcVRgy11nYaTP59IDdg4YscbHfc/LYa7ABQ1G5 -5NKtjMy13UvtD/4C3TS1NpL2xtzAgQRe3XFDIyOmv476Ts1boqSHBFX+MXmLBAfi -8Qhaj1DO8A0HS/c4egcL6esCe4kcgtCuq66n8JzOlVbCDGOYIUkUyQ9Nfo31M5i5 -XhqF9CsBAoGBAP7PqkncLAvyjHQKPpDyWCBtkV7z+DWRZRPz4w8tit+TiAv6hRF7 -kK+NUhP1mBuS4duyEV58B8LWOR0ir7ftbL0/unxR1XWMOvTEHr/9lG1sKZoI0dJS -Ee+VvuVFwdm/ABxfnveGCRrSHY7GAvFln3gC1Cst3NPPKbpznb3FiH/JAoGBAMwn -P1Labt/OuzB70Vxve3TCeFA6jYzcYdA3riv1V0FIWoNgcQ742b0+6HDpEQgn4Rdb -KiKz8hSplM1nx8NyWwS9r7gRQ9HIc0qC5S4A0A9QEbdKrkUiQDlwHgdDKPPCWih9 -qH05etiQ044BtOq7uXsWYqiIomOW/XyDUEhbRRFlAoGALmVnj01Mo9xFILfgzomh -7D2nE4/+qNpRekGVHWVgfPci9XNnGVjTbnOf90xnptWm1Fbm/Lo+u4ZAHgL71dSg -UREyhoJsCJxA++Jd6v1kMkxYgtiKQ+53n5U3jg2Wj2xMu93ZVx6Lt9t8UEvTq1qi -n7p8IWSXaeW1pmJ43V4DTakCgYAFcSpj+ASqnKUqxrIvB52/4As7AESTs7A7z7Ap -5dFcoSQgimqZHpMXU1z43Y2hrQZ4C+sUn71dRaP80b5mfF7mwnOzsWogZnqESvb3 -AfiJ3/WI8Emy+BXEMjPqt6SY0t56Y9cg925J5ZpuF6eN9lEccd1RZssFYpoBPrLe -KuitbQKBgQC3DNejUqol2max6rf4h/GnwLE2BOTmFLnswexlw76p/63Jo1SaVpk7 -9nAltsqNCl4L/eAJ8hJdeTE5YVjYsgAVJrXZbiRfxHBMeHj9g0d1VafGqdomKf0R -7Qytlcvsw8jn96ckEMPPLJF0bX5cu9S6lMyEbb6Ih41P13uvgP6ufg== ------END RSA PRIVATE KEY----- http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fa5daa97/kerby-provider/pom.xml ---------------------------------------------------------------------- diff --git a/kerby-provider/pom.xml b/kerby-provider/pom.xml index a23352e..1519bd3 100644 --- a/kerby-provider/pom.xml +++ b/kerby-provider/pom.xml @@ -26,7 +26,6 @@ token-provider - pki-provider