qpid-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rob...@apache.org
Subject qpid-proton-j git commit: PROTON-1405: add ability to pass in the SSLContext to use, as opposed to the configuration to create one
Date Fri, 17 Feb 2017 18:26:39 GMT
Repository: qpid-proton-j
Updated Branches:
  refs/heads/master 91156dc92 -> 4d9a89bdc


PROTON-1405: add ability to pass in the SSLContext to use, as opposed to the configuration
to create one

This closes #4


Project: http://git-wip-us.apache.org/repos/asf/qpid-proton-j/repo
Commit: http://git-wip-us.apache.org/repos/asf/qpid-proton-j/commit/4d9a89bd
Tree: http://git-wip-us.apache.org/repos/asf/qpid-proton-j/tree/4d9a89bd
Diff: http://git-wip-us.apache.org/repos/asf/qpid-proton-j/diff/4d9a89bd

Branch: refs/heads/master
Commit: 4d9a89bdc366582032df2e4cc5d37f2cabc02ad3
Parents: 91156dc
Author: Robert Gemmell <robbie@apache.org>
Authored: Fri Feb 17 18:24:41 2017 +0000
Committer: Robert Gemmell <robbie@apache.org>
Committed: Fri Feb 17 18:24:41 2017 +0000

----------------------------------------------------------------------
 .../apache/qpid/proton/engine/SslDomain.java    |  16 ++
 .../proton/engine/impl/ssl/SslDomainImpl.java   |  14 ++
 .../engine/impl/ssl/SslEngineFacadeFactory.java |   6 +-
 .../qpid/proton/systemtests/engine/SslTest.java | 172 +++++++++++++++++++
 .../systemtests/engine/TransportPumper.java     |  26 ++-
 proton-j/src/test/resources/README.txt          |  59 +++++++
 proton-j/src/test/resources/ca-pkcs12.keystore  | Bin 0 -> 1508 bytes
 proton-j/src/test/resources/ca.crt              |  15 ++
 .../src/test/resources/client-pkcs12.keystore   | Bin 0 -> 3204 bytes
 .../src/test/resources/client-pkcs12.truststore | Bin 0 -> 1000 bytes
 proton-j/src/test/resources/client.crt          |  16 ++
 proton-j/src/test/resources/client.csr          |  13 ++
 .../src/test/resources/server-pkcs12.keystore   | Bin 0 -> 3212 bytes
 .../src/test/resources/server-pkcs12.truststore | Bin 0 -> 1000 bytes
 proton-j/src/test/resources/server.crt          |  16 ++
 proton-j/src/test/resources/server.csr          |  13 ++
 16 files changed, 360 insertions(+), 6 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/qpid-proton-j/blob/4d9a89bd/proton-j/src/main/java/org/apache/qpid/proton/engine/SslDomain.java
----------------------------------------------------------------------
diff --git a/proton-j/src/main/java/org/apache/qpid/proton/engine/SslDomain.java b/proton-j/src/main/java/org/apache/qpid/proton/engine/SslDomain.java
index 24b101c..279d934 100644
--- a/proton-j/src/main/java/org/apache/qpid/proton/engine/SslDomain.java
+++ b/proton-j/src/main/java/org/apache/qpid/proton/engine/SslDomain.java
@@ -18,6 +18,7 @@
  */
 package org.apache.qpid.proton.engine;
 
+import javax.net.ssl.SSLContext;
 import org.apache.qpid.proton.engine.impl.ssl.SslDomainImpl;
 
 /**
@@ -142,4 +143,19 @@ public interface SslDomain
     void allowUnsecuredClient(boolean allowUnsecured);
 
     boolean allowUnsecuredClient();
+
+    /**
+     * Sets an SSLContext for use when establishing SSL transport. Setting a context this
way overrides alternate
+     * configuration that might otherwise have been used to create a context, such as key
and trust store paths.
+     *
+     *@param sslContext the context to use
+     */
+    void setSslContext(SSLContext sslContext);
+
+    /**
+     * Returns the SSLContext set by {@link #setSslContext(SSLContext)}.
+     *
+     * @return the SSLContext, or null if none was set.
+     */
+    SSLContext getSslContext();
 }

http://git-wip-us.apache.org/repos/asf/qpid-proton-j/blob/4d9a89bd/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslDomainImpl.java
----------------------------------------------------------------------
diff --git a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslDomainImpl.java
b/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslDomainImpl.java
index 583e3ca..9e7201c 100644
--- a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslDomainImpl.java
+++ b/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslDomainImpl.java
@@ -18,6 +18,7 @@
  */
 package org.apache.qpid.proton.engine.impl.ssl;
 
+import javax.net.ssl.SSLContext;
 import org.apache.qpid.proton.ProtonUnsupportedOperationException;
 import org.apache.qpid.proton.engine.ProtonJSslDomain;
 import org.apache.qpid.proton.engine.SslDomain;
@@ -32,6 +33,7 @@ public class SslDomainImpl implements SslDomain, ProtonSslEngineProvider,
Proton
     private String _privateKeyPassword;
     private String _trustedCaDb;
     private boolean _allowUnsecuredClient;
+    private SSLContext _sslContext;
 
     private final SslEngineFacadeFactory _sslEngineFacadeFactory = new SslEngineFacadeFactory();
 
@@ -79,6 +81,18 @@ public class SslDomainImpl implements SslDomain, ProtonSslEngineProvider,
Proton
     }
 
     @Override
+    public void setSslContext(SSLContext sslContext)
+    {
+        _sslContext = sslContext;
+    }
+
+    @Override
+    public SSLContext getSslContext()
+    {
+        return _sslContext;
+    }
+
+    @Override
     public void setPeerAuthentication(VerifyMode verifyMode)
     {
         if(verifyMode == VerifyMode.VERIFY_PEER_NAME)

http://git-wip-us.apache.org/repos/asf/qpid-proton-j/blob/4d9a89bd/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslEngineFacadeFactory.java
----------------------------------------------------------------------
diff --git a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslEngineFacadeFactory.java
b/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslEngineFacadeFactory.java
index f6346aa..64eb2ca 100644
--- a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslEngineFacadeFactory.java
+++ b/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslEngineFacadeFactory.java
@@ -265,7 +265,11 @@ public class SslEngineFacadeFactory
 
     private SSLContext getOrCreateSslContext(SslDomain sslDomain)
     {
-        if(_sslContext == null)
+        if(_sslContext == null && sslDomain.getSslContext() != null)
+        {
+            _sslContext = sslDomain.getSslContext();
+        }
+        else if(_sslContext == null)
         {
             if(_logger.isLoggable(Level.FINE))
             {

http://git-wip-us.apache.org/repos/asf/qpid-proton-j/blob/4d9a89bd/proton-j/src/test/java/org/apache/qpid/proton/systemtests/engine/SslTest.java
----------------------------------------------------------------------
diff --git a/proton-j/src/test/java/org/apache/qpid/proton/systemtests/engine/SslTest.java
b/proton-j/src/test/java/org/apache/qpid/proton/systemtests/engine/SslTest.java
new file mode 100644
index 0000000..b426d3f
--- /dev/null
+++ b/proton-j/src/test/java/org/apache/qpid/proton/systemtests/engine/SslTest.java
@@ -0,0 +1,172 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.qpid.proton.systemtests.engine;
+
+import static org.apache.qpid.proton.engine.EndpointState.ACTIVE;
+import static org.apache.qpid.proton.engine.EndpointState.UNINITIALIZED;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNull;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.InputStream;
+import java.security.KeyStore;
+import java.security.SecureRandom;
+
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManagerFactory;
+
+import org.apache.qpid.proton.Proton;
+import org.apache.qpid.proton.amqp.transport.ErrorCondition;
+import org.apache.qpid.proton.engine.Connection;
+import org.apache.qpid.proton.engine.Endpoint;
+import org.apache.qpid.proton.engine.EndpointState;
+import org.apache.qpid.proton.engine.SslDomain;
+import org.apache.qpid.proton.engine.SslDomain.Mode;
+import org.apache.qpid.proton.engine.SslDomain.VerifyMode;
+import org.apache.qpid.proton.engine.Transport;
+import org.junit.Test;
+
+public class SslTest
+{
+    private static final String SERVER_PKCS12_KEYSTORE = "src/test/resources/server-pkcs12.keystore";
+    private static final String SERVER_PKCS12_TRUSTSTORE = "src/test/resources/server-pkcs12.truststore";
+    private static final String CLIENT_PKCS12_KEYSTORE = "src/test/resources/client-pkcs12.keystore";
+    private static final String CLIENT_PKCS12_TRUSTSTORE = "src/test/resources/client-pkcs12.truststore";
+    private static final String PASSWORD = "password";
+
+    private static final String SERVER_CONTAINER = "serverContainer";
+    private static final String CLIENT_CONTAINER = "clientContainer";
+
+    private final Transport _clientTransport = Proton.transport();
+    private final Transport _serverTransport = Proton.transport();
+
+    private final TransportPumper _pumper = new TransportPumper(_clientTransport, _serverTransport);
+
+    private final Connection _clientConnection = Proton.connection();
+    private final Connection _serverConnection = Proton.connection();
+
+    @Test
+    public void testOpenConnectionOverSslTransports() throws Exception
+    {
+        SslDomain clientSslDomain = SslDomain.Factory.create();
+        clientSslDomain.init(Mode.CLIENT);
+        clientSslDomain.setPeerAuthentication(VerifyMode.VERIFY_PEER);
+        SSLContext clientSslContext = createSslContext(CLIENT_PKCS12_KEYSTORE, PASSWORD,
CLIENT_PKCS12_TRUSTSTORE, PASSWORD);
+        clientSslDomain.setSslContext(clientSslContext);
+        _clientTransport.ssl(clientSslDomain);
+
+        SslDomain serverSslDomain = SslDomain.Factory.create();
+        serverSslDomain.init(Mode.SERVER);
+        serverSslDomain.setPeerAuthentication(VerifyMode.VERIFY_PEER);
+        SSLContext serverSslContext = createSslContext(SERVER_PKCS12_KEYSTORE, PASSWORD,
SERVER_PKCS12_TRUSTSTORE, PASSWORD);
+        serverSslDomain.setSslContext(serverSslContext);
+        _serverTransport.ssl(serverSslDomain);
+
+        _clientConnection.setContainer(CLIENT_CONTAINER);
+        _serverConnection.setContainer(SERVER_CONTAINER);
+
+        _clientTransport.bind(_clientConnection);
+        _serverTransport.bind(_serverConnection);
+
+        assertConditions(_clientTransport);
+        assertConditions(_serverTransport);
+
+        _clientConnection.open();
+
+        assertEndpointState(_clientConnection, ACTIVE, UNINITIALIZED);
+        assertEndpointState(_serverConnection, UNINITIALIZED, UNINITIALIZED);
+
+        assertConditions(_clientTransport);
+        assertConditions(_serverTransport);
+
+        _pumper.pumpAll();
+
+        assertEndpointState(_clientConnection, ACTIVE, UNINITIALIZED);
+        assertEndpointState(_serverConnection, UNINITIALIZED, ACTIVE);
+
+        assertConditions(_clientTransport);
+        assertConditions(_serverTransport);
+
+        _serverConnection.open();
+
+        assertEndpointState(_clientConnection, ACTIVE, UNINITIALIZED);
+        assertEndpointState(_serverConnection, ACTIVE, ACTIVE);
+
+        assertConditions(_clientTransport);
+        assertConditions(_serverTransport);
+
+        _pumper.pumpAll();
+
+        assertEndpointState(_clientConnection, ACTIVE, ACTIVE);
+        assertEndpointState(_serverConnection, ACTIVE, ACTIVE);
+
+        assertConditions(_clientTransport);
+        assertConditions(_serverTransport);
+    }
+
+    private void assertConditions(Transport transport)
+    {
+        ErrorCondition remoteCondition = transport.getRemoteCondition();
+        if (remoteCondition != null)
+        {
+            assertNull(remoteCondition.getCondition());
+        }
+
+        ErrorCondition condition = transport.getCondition();
+        if (condition != null)
+        {
+            assertNull(condition.getCondition());
+        }
+    }
+
+    private SSLContext createSslContext(String keyStoreLocation, String keyStorePassword,
+                                        String trustStoreLocation, String trustStorePassword)
throws Exception
+    {
+        SSLContext context = SSLContext.getInstance("TLS");
+
+        KeyManagerFactory keyFact = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
+        TrustManagerFactory trustFact = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+
+        KeyStore keyStore = KeyStore.getInstance("PKCS12");
+        try (InputStream in = new FileInputStream(new File(keyStoreLocation));)
+        {
+            keyStore.load(in, keyStorePassword.toCharArray());
+        }
+        keyFact.init(keyStore, keyStorePassword.toCharArray());
+
+        KeyStore trustStore = KeyStore.getInstance("PKCS12");
+        try (InputStream in = new FileInputStream(new File(trustStoreLocation));)
+        {
+            trustStore.load(in, trustStorePassword.toCharArray());
+        }
+        trustFact.init(trustStore);
+
+        context.init(keyFact.getKeyManagers(), trustFact.getTrustManagers(), new SecureRandom());
+
+        return context;
+    }
+
+    private void assertEndpointState(Endpoint endpoint, EndpointState localState, EndpointState
remoteState)
+    {
+        assertEquals("Unexpected local state", localState, endpoint.getLocalState());
+        assertEquals("Unexpected remote state", remoteState, endpoint.getRemoteState());
+    }
+}

http://git-wip-us.apache.org/repos/asf/qpid-proton-j/blob/4d9a89bd/proton-j/src/test/java/org/apache/qpid/proton/systemtests/engine/TransportPumper.java
----------------------------------------------------------------------
diff --git a/proton-j/src/test/java/org/apache/qpid/proton/systemtests/engine/TransportPumper.java
b/proton-j/src/test/java/org/apache/qpid/proton/systemtests/engine/TransportPumper.java
index fd1d198..d03f0df 100644
--- a/proton-j/src/test/java/org/apache/qpid/proton/systemtests/engine/TransportPumper.java
+++ b/proton-j/src/test/java/org/apache/qpid/proton/systemtests/engine/TransportPumper.java
@@ -19,9 +19,12 @@
  */
 package org.apache.qpid.proton.systemtests.engine;
 
-import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+import java.nio.ByteBuffer;
 
 import org.apache.qpid.proton.engine.Transport;
+import org.apache.qpid.proton.engine.TransportResult;
 
 public class TransportPumper
 {
@@ -60,13 +63,26 @@ public class TransportPumper
 
     private int pumpOnce(Transport transportFrom, String fromRole, Transport transportTo,
String toRole)
     {
-        final byte[] output = new byte[1024];
-        int outputLength = transportFrom.output(output, 0, output.length);
+        int outputLength = transportFrom.pending();
         if (outputLength > 0)
         {
-            int numberConsumedByServer = transportTo.input(output, 0, outputLength);
-            assertEquals("Expecting " + toRole + " to consume all of " + fromRole + "'s output",
outputLength, numberConsumedByServer);
+            ByteBuffer outputBuffer = transportFrom.head();
+
+            int remaining = outputBuffer.remaining();
+            assertTrue("Unexpected remaining in buffer: " + remaining + " vs " + outputLength,
remaining >= outputLength);
+
+            byte[] output = new byte[remaining];
+            outputBuffer.get(output);
+
+            transportFrom.pop(remaining);
+
+            ByteBuffer inputBuffer = transportTo.getInputBuffer();
+            inputBuffer.put(output, 0, output.length);
+
+            TransportResult result = transportTo.processInput();
+            result.checkIsOk();
         }
+
         return outputLength;
     }
 

http://git-wip-us.apache.org/repos/asf/qpid-proton-j/blob/4d9a89bd/proton-j/src/test/resources/README.txt
----------------------------------------------------------------------
diff --git a/proton-j/src/test/resources/README.txt b/proton-j/src/test/resources/README.txt
new file mode 100644
index 0000000..1a4516e
--- /dev/null
+++ b/proton-j/src/test/resources/README.txt
@@ -0,0 +1,59 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+# The various PKCS12 SSL stores and certificates were created with the following commands:
+# Seems to require the JDK8 keytool.
+
+# Clean up existing files
+# -----------------------
+rm -f *.crt *.csr *.keystore *.truststore
+
+# Create a key and self-signed certificate for the CA, to sign certificate requests and use
for trust:
+# ----------------------------------------------------------------------------------------------------
+keytool -storetype pkcs12 -keystore ca-pkcs12.keystore -storepass password -keypass password
-alias ca -genkey -dname "O=My Trusted Inc.,CN=my-ca.org" -validity 9999 -ext bc:c=ca:true
+keytool -storetype pkcs12 -keystore ca-pkcs12.keystore -storepass password -alias ca -exportcert
-rfc > ca.crt
+
+# Create a key pair for the server, and sign it with the CA:
+# ----------------------------------------------------------
+keytool -storetype pkcs12 -keystore server-pkcs12.keystore -storepass password -keypass password
-alias server -genkey -dname "O=Server,CN=localhost" -validity 9999 -ext bc=ca:false -ext
eku=sA
+
+keytool -storetype pkcs12 -keystore server-pkcs12.keystore -storepass password -alias server
-certreq -file server.csr
+keytool -storetype pkcs12 -keystore ca-pkcs12.keystore -storepass password -alias ca -gencert
-rfc -infile server.csr -outfile server.crt -validity 9999 -ext bc=ca:false -ext eku=sA
+
+keytool -storetype pkcs12 -keystore server-pkcs12.keystore -storepass password -keypass password
-importcert -alias ca -file ca.crt -noprompt
+keytool -storetype pkcs12 -keystore server-pkcs12.keystore -storepass password -keypass password
-importcert -alias server -file server.crt
+
+# Create trust store for the server, import the CA cert:
+# -------------------------------------------------------
+keytool -storetype pkcs12 -keystore server-pkcs12.truststore -storepass password -keypass
password -importcert -alias ca -file ca.crt -noprompt
+
+# Create a key pair for a client, and sign it with the CA:
+# ----------------------------------------------------------
+keytool -storetype pkcs12 -keystore client-pkcs12.keystore -storepass password -keypass password
-alias client -genkey -dname "O=Client,CN=client" -validity 9999 -ext bc=ca:false -ext eku=cA
+
+keytool -storetype pkcs12 -keystore client-pkcs12.keystore -storepass password -alias client
-certreq -file client.csr
+keytool -storetype pkcs12 -keystore ca-pkcs12.keystore -storepass password -alias ca -gencert
-rfc -infile client.csr -outfile client.crt -validity 9999 -ext bc=ca:false -ext eku=cA
+
+keytool -storetype pkcs12 -keystore client-pkcs12.keystore -storepass password -keypass password
-importcert -alias ca -file ca.crt -noprompt
+keytool -storetype pkcs12 -keystore client-pkcs12.keystore -storepass password -keypass password
-importcert -alias client -file client.crt
+
+# Create trust store for the client, import the CA cert:
+# -------------------------------------------------------
+keytool -storetype pkcs12 -keystore client-pkcs12.truststore -storepass password -keypass
password -importcert -alias ca -file ca.crt -noprompt
+

http://git-wip-us.apache.org/repos/asf/qpid-proton-j/blob/4d9a89bd/proton-j/src/test/resources/ca-pkcs12.keystore
----------------------------------------------------------------------
diff --git a/proton-j/src/test/resources/ca-pkcs12.keystore b/proton-j/src/test/resources/ca-pkcs12.keystore
new file mode 100644
index 0000000..8518594
Binary files /dev/null and b/proton-j/src/test/resources/ca-pkcs12.keystore differ

http://git-wip-us.apache.org/repos/asf/qpid-proton-j/blob/4d9a89bd/proton-j/src/test/resources/ca.crt
----------------------------------------------------------------------
diff --git a/proton-j/src/test/resources/ca.crt b/proton-j/src/test/resources/ca.crt
new file mode 100644
index 0000000..ccd8f09
--- /dev/null
+++ b/proton-j/src/test/resources/ca.crt
@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICyTCCAoegAwIBAgIEaAYSUTALBgcqhkjOOAQDBQAwLjESMBAGA1UEAxMJbXktY2Eub3JnMRgw
+FgYDVQQKEw9NeSBUcnVzdGVkIEluYy4wHhcNMTcwMjE3MTc1MjMwWhcNNDQwNzA0MTc1MjMwWjAu
+MRIwEAYDVQQDEwlteS1jYS5vcmcxGDAWBgNVBAoTD015IFRydXN0ZWQgSW5jLjCCAbcwggEsBgcq
+hkjOOAQBMIIBHwKBgQD9f1OBHXUSKVLfSpwu7OTn9hG3UjzvRADDHj+AtlEmaUVdQCJR+1k9jVj6
+v8X1ujD2y5tVbNeBO4AdNG/yZmC3a5lQpaSfn+gEexAiwk+7qdf+t8Yb+DtX58aophUPBPuD9tPF
+HsMCNVQTWhaRMvZ1864rYdcq7/IiAxmd0UgBxwIVAJdgUI8VIwvMspK5gqLrhAvwWBz1AoGBAPfh
+oIXWmz3ey7yrXDa4V7l5lK+7+jrqgvlXTAs9B4JnUVlXjrrUWU/mcQcQgYC0SRZxI+hMKBYTt88J
+MozIpuE8FnqLVHyNKOCjrh4rs6Z1kW6jfwv6ITVi8ftiegEkO8yk8b6oUZCJqIPf4VrlnwaSi2Ze
+gHtVJWQBTDv+z0kqA4GEAAKBgDoxX28C4+6GPhU0tRIeg0aPrz/5HllZwa20GAaKynloG9eIsfHU
+YjoQNSBlkRYtrEAPnD/V1UVlSDhw4hgGbbtCfLtRW5roU/3der29/cJQgDrT6nKk0YhHlMplROpb
+QyZ0nsjtmpx47s3yTp4PDNuQ01//7xaom4/3NSTKsZtqozIwMDAPBgNVHRMBAf8EBTADAQH/MB0G
+A1UdDgQWBBRCc/g0sUmH3EsNis029c9biR3HpDALBgcqhkjOOAQDBQADLwAwLAIUEBP/U+V5dZ+4
+zHPMl4+OJrF2cP0CFCEjdq+u04mVQRjXY2depfJVFdY/
+-----END CERTIFICATE-----

http://git-wip-us.apache.org/repos/asf/qpid-proton-j/blob/4d9a89bd/proton-j/src/test/resources/client-pkcs12.keystore
----------------------------------------------------------------------
diff --git a/proton-j/src/test/resources/client-pkcs12.keystore b/proton-j/src/test/resources/client-pkcs12.keystore
new file mode 100644
index 0000000..ffddc8f
Binary files /dev/null and b/proton-j/src/test/resources/client-pkcs12.keystore differ

http://git-wip-us.apache.org/repos/asf/qpid-proton-j/blob/4d9a89bd/proton-j/src/test/resources/client-pkcs12.truststore
----------------------------------------------------------------------
diff --git a/proton-j/src/test/resources/client-pkcs12.truststore b/proton-j/src/test/resources/client-pkcs12.truststore
new file mode 100644
index 0000000..94980f2
Binary files /dev/null and b/proton-j/src/test/resources/client-pkcs12.truststore differ

http://git-wip-us.apache.org/repos/asf/qpid-proton-j/blob/4d9a89bd/proton-j/src/test/resources/client.crt
----------------------------------------------------------------------
diff --git a/proton-j/src/test/resources/client.crt b/proton-j/src/test/resources/client.crt
new file mode 100644
index 0000000..ad7c13b
--- /dev/null
+++ b/proton-j/src/test/resources/client.crt
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIIC7TCCAqugAwIBAgIEdIsOFTALBgcqhkjOOAQDBQAwLjESMBAGA1UEAxMJbXktY2Eub3JnMRgw
+FgYDVQQKEw9NeSBUcnVzdGVkIEluYy4wHhcNMTcwMjE3MTc1MjMzWhcNNDQwNzA0MTc1MjMzWjAi
+MQ8wDQYDVQQDEwZjbGllbnQxDzANBgNVBAoTBkNsaWVudDCCAbcwggEsBgcqhkjOOAQBMIIBHwKB
+gQD9f1OBHXUSKVLfSpwu7OTn9hG3UjzvRADDHj+AtlEmaUVdQCJR+1k9jVj6v8X1ujD2y5tVbNeB
+O4AdNG/yZmC3a5lQpaSfn+gEexAiwk+7qdf+t8Yb+DtX58aophUPBPuD9tPFHsMCNVQTWhaRMvZ1
+864rYdcq7/IiAxmd0UgBxwIVAJdgUI8VIwvMspK5gqLrhAvwWBz1AoGBAPfhoIXWmz3ey7yrXDa4
+V7l5lK+7+jrqgvlXTAs9B4JnUVlXjrrUWU/mcQcQgYC0SRZxI+hMKBYTt88JMozIpuE8FnqLVHyN
+KOCjrh4rs6Z1kW6jfwv6ITVi8ftiegEkO8yk8b6oUZCJqIPf4VrlnwaSi2ZegHtVJWQBTDv+z0kq
+A4GEAAKBgARwR4H7ol+67WtN32jb3aJwf6fFo+5PirqLWFQeupLmf74yvx/YsTncDaxndBb/hUpy
+P0BdizE8NMN6qbu2j8Nbb6nBpM8SA6uve2T/07mTgFnOiEpD8nOWfgxHsDXncQDxtwi+EpfIp0pl
+HKR0JapmnJfZeMApa0pTc/RYaCXHo2IwYDAfBgNVHSMEGDAWgBRCc/g0sUmH3EsNis029c9biR3H
+pDAJBgNVHRMEAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMCMB0GA1UdDgQWBBQf0HHCQbYVQI5XgCRS
+8EnbLfSRYjALBgcqhkjOOAQDBQADLwAwLAIUcNM9zzJfxoVRGsxoT5ntSCZPkbMCFD4YCU2oHD5r
+0MdlA8iNp9DUb4pi
+-----END CERTIFICATE-----

http://git-wip-us.apache.org/repos/asf/qpid-proton-j/blob/4d9a89bd/proton-j/src/test/resources/client.csr
----------------------------------------------------------------------
diff --git a/proton-j/src/test/resources/client.csr b/proton-j/src/test/resources/client.csr
new file mode 100644
index 0000000..5006c90
--- /dev/null
+++ b/proton-j/src/test/resources/client.csr
@@ -0,0 +1,13 @@
+-----BEGIN NEW CERTIFICATE REQUEST-----
+MIICVjCCAhQCAQAwIjEPMA0GA1UEAxMGY2xpZW50MQ8wDQYDVQQKEwZDbGllbnQwggG3MIIBLAYH
+KoZIzjgEATCCAR8CgYEA/X9TgR11EilS30qcLuzk5/YRt1I870QAwx4/gLZRJmlFXUAiUftZPY1Y
++r/F9bow9subVWzXgTuAHTRv8mZgt2uZUKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bT
+xR7DAjVUE1oWkTL2dfOuK2HXKu/yIgMZndFIAccCFQCXYFCPFSMLzLKSuYKi64QL8Fgc9QKBgQD3
+4aCF1ps93su8q1w2uFe5eZSvu/o66oL5V0wLPQeCZ1FZV4661FlP5nEHEIGAtEkWcSPoTCgWE7fP
+CTKMyKbhPBZ6i1R8jSjgo64eK7OmdZFuo38L+iE1YvH7YnoBJDvMpPG+qFGQiaiD3+Fa5Z8Gkotm
+XoB7VSVkAUw7/s9JKgOBhAACgYAEcEeB+6Jfuu1rTd9o292icH+nxaPuT4q6i1hUHrqS5n++Mr8f
+2LE53A2sZ3QW/4VKcj9AXYsxPDTDeqm7to/DW2+pwaTPEgOrr3tk/9O5k4BZzohKQ/Jzln4MR7A1
+53EA8bcIvhKXyKdKZRykdCWqZpyX2XjAKWtKU3P0WGglx6AwMC4GCSqGSIb3DQEJDjEhMB8wHQYD
+VR0OBBYEFB/QccJBthVAjleAJFLwSdst9JFiMAsGByqGSM44BAMFAAMvADAsAhR/BRqoPI9dFwO8
+pcy+9OS9we85jgIURWkIHmeMXeQnqiLwehzPoDYrH2c=
+-----END NEW CERTIFICATE REQUEST-----

http://git-wip-us.apache.org/repos/asf/qpid-proton-j/blob/4d9a89bd/proton-j/src/test/resources/server-pkcs12.keystore
----------------------------------------------------------------------
diff --git a/proton-j/src/test/resources/server-pkcs12.keystore b/proton-j/src/test/resources/server-pkcs12.keystore
new file mode 100644
index 0000000..dd2e212
Binary files /dev/null and b/proton-j/src/test/resources/server-pkcs12.keystore differ

http://git-wip-us.apache.org/repos/asf/qpid-proton-j/blob/4d9a89bd/proton-j/src/test/resources/server-pkcs12.truststore
----------------------------------------------------------------------
diff --git a/proton-j/src/test/resources/server-pkcs12.truststore b/proton-j/src/test/resources/server-pkcs12.truststore
new file mode 100644
index 0000000..04798ec
Binary files /dev/null and b/proton-j/src/test/resources/server-pkcs12.truststore differ

http://git-wip-us.apache.org/repos/asf/qpid-proton-j/blob/4d9a89bd/proton-j/src/test/resources/server.crt
----------------------------------------------------------------------
diff --git a/proton-j/src/test/resources/server.crt b/proton-j/src/test/resources/server.crt
new file mode 100644
index 0000000..ed0eed6
--- /dev/null
+++ b/proton-j/src/test/resources/server.crt
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIIC8TCCAq+gAwIBAgIELDFSBjALBgcqhkjOOAQDBQAwLjESMBAGA1UEAxMJbXktY2Eub3JnMRgw
+FgYDVQQKEw9NeSBUcnVzdGVkIEluYy4wHhcNMTcwMjE3MTc1MjMyWhcNNDQwNzA0MTc1MjMyWjAl
+MRIwEAYDVQQDEwlsb2NhbGhvc3QxDzANBgNVBAoTBlNlcnZlcjCCAbgwggEsBgcqhkjOOAQBMIIB
+HwKBgQD9f1OBHXUSKVLfSpwu7OTn9hG3UjzvRADDHj+AtlEmaUVdQCJR+1k9jVj6v8X1ujD2y5tV
+bNeBO4AdNG/yZmC3a5lQpaSfn+gEexAiwk+7qdf+t8Yb+DtX58aophUPBPuD9tPFHsMCNVQTWhaR
+MvZ1864rYdcq7/IiAxmd0UgBxwIVAJdgUI8VIwvMspK5gqLrhAvwWBz1AoGBAPfhoIXWmz3ey7yr
+XDa4V7l5lK+7+jrqgvlXTAs9B4JnUVlXjrrUWU/mcQcQgYC0SRZxI+hMKBYTt88JMozIpuE8FnqL
+VHyNKOCjrh4rs6Z1kW6jfwv6ITVi8ftiegEkO8yk8b6oUZCJqIPf4VrlnwaSi2ZegHtVJWQBTDv+
+z0kqA4GFAAKBgQDoMxMn1KARYyWpGTEIlACWODH0Gj76WxhhpknIN7HWBrC6mgzcS+CHZ17gVrxI
+mVx2tNWzEdwi0RvYHvp23QRyw/L6FgHyJ9GCSfLuNbsYZiFnQz80LTNFNP+CT2unpV5PafT6zYQ0
+HljoBZeE8E1uHlET8EKSYLaMGnjSDIVicqNiMGAwHwYDVR0jBBgwFoAUQnP4NLFJh9xLDYrNNvXP
+W4kdx6QwCQYDVR0TBAIwADATBgNVHSUEDDAKBggrBgEFBQcDATAdBgNVHQ4EFgQU82oygO6LZOal
+7o4zHYpvpjAYWhIwCwYHKoZIzjgEAwUAAy8AMCwCFEZFFgcMl8M5VnE7m8v9axovwkQaAhQgiRI0
+D9VhWSz+xcSb6eGnyrz1Dw==
+-----END CERTIFICATE-----

http://git-wip-us.apache.org/repos/asf/qpid-proton-j/blob/4d9a89bd/proton-j/src/test/resources/server.csr
----------------------------------------------------------------------
diff --git a/proton-j/src/test/resources/server.csr b/proton-j/src/test/resources/server.csr
new file mode 100644
index 0000000..92e6d0b
--- /dev/null
+++ b/proton-j/src/test/resources/server.csr
@@ -0,0 +1,13 @@
+-----BEGIN NEW CERTIFICATE REQUEST-----
+MIICWjCCAhgCAQAwJTESMBAGA1UEAxMJbG9jYWxob3N0MQ8wDQYDVQQKEwZTZXJ2ZXIwggG4MIIB
+LAYHKoZIzjgEATCCAR8CgYEA/X9TgR11EilS30qcLuzk5/YRt1I870QAwx4/gLZRJmlFXUAiUftZ
+PY1Y+r/F9bow9subVWzXgTuAHTRv8mZgt2uZUKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7
+g/bTxR7DAjVUE1oWkTL2dfOuK2HXKu/yIgMZndFIAccCFQCXYFCPFSMLzLKSuYKi64QL8Fgc9QKB
+gQD34aCF1ps93su8q1w2uFe5eZSvu/o66oL5V0wLPQeCZ1FZV4661FlP5nEHEIGAtEkWcSPoTCgW
+E7fPCTKMyKbhPBZ6i1R8jSjgo64eK7OmdZFuo38L+iE1YvH7YnoBJDvMpPG+qFGQiaiD3+Fa5Z8G
+kotmXoB7VSVkAUw7/s9JKgOBhQACgYEA6DMTJ9SgEWMlqRkxCJQAljgx9Bo++lsYYaZJyDex1gaw
+upoM3Evgh2de4Fa8SJlcdrTVsxHcItEb2B76dt0EcsPy+hYB8ifRgkny7jW7GGYhZ0M/NC0zRTT/
+gk9rp6VeT2n0+s2ENB5Y6AWXhPBNbh5RE/BCkmC2jBp40gyFYnKgMDAuBgkqhkiG9w0BCQ4xITAf
+MB0GA1UdDgQWBBTzajKA7otk5qXujjMdim+mMBhaEjALBgcqhkjOOAQDBQADLwAwLAIUe/6CarVG
+IB2yNSH9EIso3vmJiuoCFEOFcHlZnVE6ttWis06H76IEaAtt
+-----END NEW CERTIFICATE REQUEST-----


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org


Mime
View raw message