diff --git a/COPYING b/COPYING index 7ab1831a79..a66f7be4ad 100644 --- a/COPYING +++ b/COPYING @@ -604,3 +604,8 @@ Exhibit B - "Incompatible With Secondary Licenses" Notice The ext/coroutine code is externally maintained and distributed under the Boost Software License, Version 1.0. (See its accompanying file LICENSE_1_0.txt.) + +Sample TLS clients and servers are used for tests and are included in +src/lib/asiolink/testutils. The files are distributed under Boost +Software license 1.0 and are used for testing only. They're not part +of Kea installation. diff --git a/src/lib/asiolink/Makefile.am b/src/lib/asiolink/Makefile.am index 2d148f9e2c..235b57b211 100644 --- a/src/lib/asiolink/Makefile.am +++ b/src/lib/asiolink/Makefile.am @@ -18,7 +18,7 @@ libkea_asiolink_la_SOURCES = asiolink.h libkea_asiolink_la_SOURCES += asio_wrapper.h libkea_asiolink_la_SOURCES += addr_utilities.cc addr_utilities.h libkea_asiolink_la_SOURCES += botan_tls.h -libkea_asiolink_la_SOURCES += common_tls.h +libkea_asiolink_la_SOURCES += common_tls.cc common_tls.h libkea_asiolink_la_SOURCES += crypto_tls.h libkea_asiolink_la_SOURCES += dummy_io_cb.h libkea_asiolink_la_SOURCES += interval_timer.cc interval_timer.h @@ -44,7 +44,7 @@ libkea_asiolink_la_SOURCES += unix_domain_socket_acceptor.h libkea_asiolink_la_SOURCES += unix_domain_socket_endpoint.h if HAVE_BOTAN -#libkea_asiolink_la_SOURCES += botan_tls.cc +libkea_asiolink_la_SOURCES += botan_tls.cc endif if HAVE_OPENSSL libkea_asiolink_la_SOURCES += openssl_tls.cc @@ -88,11 +88,3 @@ libkea_asiolink_include_HEADERS = \ unix_domain_socket.h \ unix_domain_socket_acceptor.h \ unix_domain_socket_endpoint.h - -if HAVE_BOTAN -libkea_asiolink_include_HEADERS += botan_tls.h -endif - -if HAVE_OPENSSL -libkea_asiolink_include_HEADERS += openssl_tls.h -endif diff --git a/src/lib/asiolink/botan_tls.cc b/src/lib/asiolink/botan_tls.cc new file mode 100644 index 0000000000..33ad20c99a --- /dev/null +++ b/src/lib/asiolink/botan_tls.cc @@ -0,0 +1,56 @@ +// Copyright (C) 2021 Internet Systems Consortium, Inc. ("ISC") +// +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +/// @file botan_tls.cc Botan fake implementation of the TLS API. + +#include + +#ifdef WITH_BOTAN + +#include +#include + +namespace isc { +namespace asiolink { + +TlsContext::TlsContext(TlsRole role) + : TlsContextBase(role), cert_required_(true) { +} + +void +TlsContext::setCertRequired(bool cert_required) { + cert_required_ = cert_required; +} + +bool +TlsContext::getCertRequired() const { + return (cert_required_); +} + +void +TlsContext::loadCaFile(const std::string&) { + isc_throw(NotImplemented, "Botan TLS is not yet supported"); +} + +void +TlsContext::loadCaPath(const std::string&) { + isc_throw(NotImplemented, "loadCaPath is not implemented by Botan"); +} + +void +TlsContext::loadCertFile(const std::string&) { + isc_throw(NotImplemented, "Botan TLS is not yet supported"); +} + +void +TlsContext::loadKeyFile(const std::string&) { + isc_throw(NotImplemented, "Botan TLS is not yet supported"); +} + +} // namespace asiolink +} // namespace isc + +#endif // WITH_BOTAN diff --git a/src/lib/asiolink/botan_tls.h b/src/lib/asiolink/botan_tls.h index 7a260270ad..10ad5f9160 100644 --- a/src/lib/asiolink/botan_tls.h +++ b/src/lib/asiolink/botan_tls.h @@ -9,6 +9,8 @@ #ifndef BOTAN_TLS_H #define BOTAN_TLS_H +/// @file botan_tls.h Botan fake implementation of the TLS API. + #ifdef WITH_BOTAN #include @@ -16,9 +18,158 @@ #include #include +#include + namespace isc { namespace asiolink { +/// @brief Botan TLS context. +class TlsContext : public TlsContextBase { +public: + + /// @brief Destructor. + virtual ~TlsContext() { } + + /// @brief Create a fresh context. + /// + /// @param role The TLS role client or server. + explicit TlsContext(TlsRole role); + + /// @brief Set the peer certificate requirement mode. + /// + /// @param cert_required True if peer certificates are required, + /// false if they are optional. + virtual void setCertRequired(bool cert_required); + + /// @brief Get the peer certificate requirement mode. + /// + /// @return True if peer certificates are required, false if they + /// are optional. + virtual bool getCertRequired() const; + + /// @brief Load the trust anchor aka certificate authority. + /// + /// @param ca_file The certificate file name. + /// @throw isc::cryptolink::LibraryError on various errors as + /// file not found, bad format, etc. + virtual void loadCaFile(const std::string& ca_file); + + /// @brief Load the trust anchor aka certificate authority. + /// + /// @param ca_path The certificate directory name. + /// @throw isc::cryptolink::LibraryError on various errors as + /// file not found, bad format, etc. + virtual void loadCaPath(const std::string& ca_path); + + /// @brief Load the certificate file. + /// + /// @param cert_file The certificate file name. + /// @throw isc::cryptolink::LibraryError on various errors as + /// file not found, bad format, etc. + virtual void loadCertFile(const std::string& cert_file); + + /// @brief Load the private key from a file. + /// + /// @param key_file The private key file name. + /// @throw isc::cryptolink::LibraryError on various errors as + /// file not found, bad format, etc. + virtual void loadKeyFile(const std::string& key_file); + +protected: + /// @brief Cached cert_required value. + bool cert_required_; +}; + +/// @brief The type of Botan TLS streams (in fact pure TCP streams). +typedef boost::asio::ip::tcp::socket TlsStreamImpl; + +/// @brief Dummy type of X509 certificates. +struct TlsCertificate { }; + +/// @brief TlsStreamBase constructor. +/// +/// @tparam Callback The type of callbacks. +/// @tparam TlsStreamImpl The type of underlying TLS streams. +/// @tparam TlsCertificate The type of X509 certificates. +/// @param service I/O Service object used to manage the stream. +/// @param context Pointer to the TLS context. +/// @note The caller must not provide a null pointer to the TLS context. +template +TlsStreamBase:: +TlsStreamBase(IOService& service, TlsContextPtr context) + : TlsStreamImpl(service.get_io_service()), role_(context->getRole()) { +} + +/// @brief Botan fake TLS stream. +/// +/// @tparam callback The callback. +template +class TlsStream : public TlsStreamBase { +public: + + /// @brief Type of the base. + typedef TlsStreamBase Base; + + /// @brief Constructor. + /// + /// @param service I/O Service object used to manage the stream. + /// @param context Pointer to the TLS context. + /// @note The caller must not provide a null pointer to the TLS context. + TlsStream(IOService& service, TlsContextPtr context) + : Base(service, context) { + } + + /// @brief Destructor. + virtual ~TlsStream() { } + + /// @brief TLS Handshake. + /// + /// @param callback Callback object. + virtual void handshake(Callback& callback) { + isc_throw(NotImplemented, "Botan TLS is not yet supported"); + } + + /// @brief TLS shutdown. + /// + /// @param callback Callback object. + virtual void shutdown(Callback& callback) { + isc_throw(NotImplemented, "Botan TLS is not yet supported"); + } + + /// @brief Clear the TLS state. + virtual void clear() { + isc_throw(NotImplemented, "Botan TLS is not yet supported"); + } + + /// @brief Return the peer certificate. + /// + /// @note The native_handle() method is used so it can't be made const. + /// @note Do not forget to free it when no longer used. + virtual TlsCertificate* getPeerCert() { + return (0); + } + + /// @brief Return the commonName part of the subjectName of + /// the peer certificate. + /// + /// First commonName when there are more than one, in UTF-8. + /// + /// @return The commonName part of the subjectName or the empty string. + std::string getSubject() { + return (""); + } + + /// @brief Return the commonName part of the issuerName of + /// the peer certificate. + /// + /// First commonName when there are more than one, in UTF-8. + /// + /// @return The commonName part of the issuerName or the empty string. + std::string getIssuer() { + return (""); + } +}; + } // namespace asiolink } // namespace isc diff --git a/src/lib/asiolink/common_tls.cc b/src/lib/asiolink/common_tls.cc new file mode 100644 index 0000000000..ee0d0bce50 --- /dev/null +++ b/src/lib/asiolink/common_tls.cc @@ -0,0 +1,59 @@ +// Copyright (C) 2021 Internet Systems Consortium, Inc. ("ISC") +// +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at http://mozilla.org/MPL/2.0/. + +/// @file common_tls.cc Common part of implementations of the TLS API. + +#include + +#include +#include + +#include + +using namespace isc::cryptolink; + +namespace { // anonymous namespace + +// C++17 has this function but Kea is still C++11 so provide it. +bool +isDir(const std::string& name) { + struct stat stats; + if (::stat(name.c_str(), &stats) < 0) { + return (false); + } + return ((stats.st_mode & S_IFMT) == S_IFDIR); +} + +} // end of namespace + +namespace isc { +namespace asiolink { + +void +TlsContextBase::configure(TlsContextPtr& context, + TlsRole role, + const std::string& ca_file, + const std::string& cert_file, + const std::string& key_file, + bool cert_required) { + try { + context.reset(new TlsContext(role)); + if (isDir(ca_file)) { + context->loadCaPath(ca_file); + } else { + context->loadCaFile(ca_file); + } + context->loadCertFile(cert_file); + context->loadKeyFile(key_file); + context->setCertRequired(cert_required); + } catch (...) { + context.reset(); + throw; + } +} + +} // namespace asiolink +} // namespace isc diff --git a/src/lib/asiolink/common_tls.h b/src/lib/asiolink/common_tls.h index 92143d03e7..35515dc300 100644 --- a/src/lib/asiolink/common_tls.h +++ b/src/lib/asiolink/common_tls.h @@ -30,6 +30,14 @@ namespace asiolink { /// @brief Client and server roles. enum TlsRole { CLIENT, SERVER }; +/// @brief Forward declaration of backend TLS context. +class TlsContext; + +/// @brief The type of shared pointers to TlsContext objects. +/// +/// @note Not clear we need shared pointers but they cover more use cases... +typedef boost::shared_ptr TlsContextPtr; + /// @brief TLS context base class. class TlsContextBase : private boost::noncopyable { public: @@ -48,6 +56,22 @@ public: /// @note No need for a role set method. + /// @brief Configure. + /// + /// @param context The TLS context to configure. + /// @param role The TLS role client or server. + /// @param ca_file The certificate file or directory name. + /// @param cert_file The certificate file name. + /// @param key_file The private key file name. + /// @param cert_required True if peer certificates are required, + /// false if they are optional. + static void configure(TlsContextPtr& context, + TlsRole role, + const std::string& ca_file, + const std::string& cert_file, + const std::string& key_file, + bool cert_required); + /// @brief Set the peer certificate requirement mode. /// /// @param cert_required True if peer certificates are required, @@ -81,7 +105,7 @@ public: /// file not found, bad format, etc. virtual void loadCertFile(const std::string& cert_file) = 0; - /// @brief Load the private key file name. + /// @brief Load the private key from a file. /// /// @param key_file The private key file name. /// @throw isc::cryptolink::LibraryError on various errors as @@ -93,14 +117,6 @@ public: TlsRole role_; }; -/// @brief Forward declaration of OpenSSL TLS context. -class TlsContext; - -/// @brief The type of shared pointers to TlsContext objects. -/// -/// @note Not clear we need shared pointers but they covers more use cases... -typedef boost::shared_ptr TlsContextPtr; - /// @brief TLS stream base class. /// /// @tparam Callback The type of callbacks. @@ -136,6 +152,8 @@ public: virtual void shutdown(Callback& callback) = 0; /// @brief Clear the TLS state. + /// + /// @note For some unit tests only. virtual void clear() = 0; /// @brief Return the peer certificate. diff --git a/src/lib/asiolink/openssl_tls.cc b/src/lib/asiolink/openssl_tls.cc index 0eecfc099c..e23e4de998 100644 --- a/src/lib/asiolink/openssl_tls.cc +++ b/src/lib/asiolink/openssl_tls.cc @@ -4,6 +4,8 @@ // License, v. 2.0. If a copy of the MPL was not distributed with this // file, You can obtain one at http://mozilla.org/MPL/2.0/. +/// @file openssl_tls.cc OpenSSL implementation of the TLS API. + #include #ifdef WITH_OPENSSL @@ -95,43 +97,6 @@ TlsContext::loadKeyFile(const std::string& key_file) { } } -namespace { // anonymous namespace - -// C++17 has this function but Kea is still C++11 so provide it. -bool -isDir(const std::string& name) { - struct stat stats; - if (::stat(name.c_str(), &stats) < 0) { - return (false); - } - return ((stats.st_mode & S_IFMT) == S_IFDIR); -} - -} // end of namespace - -void -TlsContext::configure(TlsContextPtr& context, - TlsRole role, - const std::string& ca_file, - const std::string& cert_file, - const std::string& key_file, - bool cert_required) { - try { - context.reset(new TlsContext(role)); - if (isDir(ca_file)) { - context->loadCaPath(ca_file); - } else { - context->loadCaFile(ca_file); - } - context->loadCertFile(cert_file); - context->loadKeyFile(key_file); - context->setCertRequired(cert_required); - } catch (...) { - context.reset(); - throw; - } -} - } // namespace asiolink } // namespace isc diff --git a/src/lib/asiolink/openssl_tls.h b/src/lib/asiolink/openssl_tls.h index 14703d1718..6a4b532412 100644 --- a/src/lib/asiolink/openssl_tls.h +++ b/src/lib/asiolink/openssl_tls.h @@ -23,6 +23,15 @@ namespace isc { namespace asiolink { +/// @brief Translate TLS role into implementation. +inline boost::asio::ssl::stream_base::handshake_type roleToImpl(TlsRole role) { + if (role == TlsRole::SERVER) { + return (boost::asio::ssl::stream_base::server); + } else { + return (boost::asio::ssl::stream_base::client); + } +} + /// @brief OpenSSL TLS context. class TlsContext : public TlsContextBase { public: @@ -71,27 +80,11 @@ public: /// @param cert_file The certificate file name. virtual void loadCertFile(const std::string& cert_file); - /// @brief Load the private key file name. + /// @brief Load the private key from a file. /// /// @param key_file The private key file name. virtual void loadKeyFile(const std::string& key_file); - /// @brief Configure. - /// - /// @param context The TLS context to configure. - /// @param role The TLS role client or server. - /// @param ca_file The certificate file or directory name. - /// @param cert_file The certificate file name. - /// @param key_file The private key file name. - /// @param cert_required True if peer certificates are required, - /// false if they are optional. - static void configure(TlsContextPtr& context, - TlsRole role, - const std::string& ca_file, - const std::string& cert_file, - const std::string& key_file, - bool cert_required); - protected: /// @brief Cached cert_required value. bool cert_required_; @@ -107,11 +100,13 @@ typedef boost::asio::ssl::stream TlsStreamImpl; typedef ::X509 TlsCertificate; /// @brief TlsStreamBase constructor. -/// @brief TLS stream base class. /// /// @tparam Callback The type of callbacks. /// @tparam TlsStreamImpl The type of underlying TLS streams. /// @tparam TlsCertificate The type of X509 certificates. +/// @param service I/O Service object used to manage the stream. +/// @param context Pointer to the TLS context. +/// @note The caller must not provide a null pointer to the TLS context. template TlsStreamBase:: TlsStreamBase(IOService& service, TlsContextPtr context) @@ -145,12 +140,7 @@ public: /// /// @param callback Callback object. virtual void handshake(Callback& callback) { - using namespace boost::asio::ssl; - if (Base::getRole() == SERVER) { - Base::async_handshake(stream_base::server, callback); - } else { - Base::async_handshake(stream_base::client, callback); - } + Base::async_handshake(roleToImpl(Base::getRole()), callback); } /// @brief TLS shutdown. @@ -234,6 +224,9 @@ public: } }; +// Stream truncated error code. +const int STREAM_TRUNCATED = boost::asio::ssl::error::stream_truncated; + } // namespace asiolink } // namespace isc diff --git a/src/lib/asiolink/tcp_socket.h b/src/lib/asiolink/tcp_socket.h index 8a58feda25..ef5ee28322 100644 --- a/src/lib/asiolink/tcp_socket.h +++ b/src/lib/asiolink/tcp_socket.h @@ -232,7 +232,7 @@ private: // Socket boost::asio::ip::tcp::socket& socket_; - // TODO: Remove temporary buffer + // @todo Remove temporary buffer // The current implementation copies the buffer passed to asyncSend() into // a temporary buffer and precedes it with a two-byte count field. As // ASIO should really be just about sending and receiving data, the TCP @@ -284,8 +284,8 @@ TCPSocket::open(const IOEndpoint* endpoint, C& callback) { close(); } // Ignore opens on already-open socket. Don't throw a failure because - // of uncertainties as to what precedes whan when using asynchronous I/O. - // At also allows us a treat a passed-in socket as a self-managed socket. + // of uncertainties as to what precedes when using asynchronous I/O. + // Also allows us a treat a passed-in socket as a self-managed socket. if (!socket_.is_open()) { if (endpoint->getFamily() == AF_INET) { socket_.open(boost::asio::ip::tcp::v4()); @@ -350,7 +350,7 @@ TCPSocket::asyncSend(const void* data, size_t length, // Need to copy the data into a temporary buffer and precede it with // a two-byte count field. - // TODO: arrange for the buffer passed to be preceded by the count + // @todo arrange for the buffer passed to be preceded by the count try { // Ensure it fits into 16 bits uint16_t count = boost::numeric_cast(length); diff --git a/src/lib/asiolink/tests/Makefile.am b/src/lib/asiolink/tests/Makefile.am index 94f00657e8..db32572bb4 100644 --- a/src/lib/asiolink/tests/Makefile.am +++ b/src/lib/asiolink/tests/Makefile.am @@ -39,9 +39,11 @@ run_unittests_SOURCES += dummy_io_callback_unittest.cc run_unittests_SOURCES += tcp_acceptor_unittest.cc run_unittests_SOURCES += unix_domain_socket_unittest.cc run_unittests_SOURCES += process_spawn_unittest.cc +if HAVE_OPENSSL run_unittests_SOURCES += tls_unittest.cc run_unittests_SOURCES += tls_acceptor_unittest.cc run_unittests_SOURCES += tls_socket_unittest.cc +endif run_unittests_CPPFLAGS = $(AM_CPPFLAGS) $(GTEST_INCLUDES) diff --git a/src/lib/asiolink/tests/tcp_socket_unittest.cc b/src/lib/asiolink/tests/tcp_socket_unittest.cc index c41d2bb11e..539cbcb675 100644 --- a/src/lib/asiolink/tests/tcp_socket_unittest.cc +++ b/src/lib/asiolink/tests/tcp_socket_unittest.cc @@ -4,7 +4,7 @@ // License, v. 2.0. If a copy of the MPL was not distributed with this // file, You can obtain one at http://mozilla.org/MPL/2.0/. -/// \brief Test of TCPSocket +/// @brief Test of TCPSocket /// /// Tests the functionality of a TCPSocket by working through an open-send- /// receive-close sequence and checking that the asynchronous notifications @@ -43,7 +43,7 @@ namespace { const char SERVER_ADDRESS[] = "127.0.0.1"; const unsigned short SERVER_PORT = 5303; -// TODO: Shouldn't we send something that is real message? +/// @todo Shouldn't we send something that is real message? const char OUTBOUND_DATA[] = "Data sent from client to server"; const char INBOUND_DATA[] = "Returned data from server to client"; } @@ -300,7 +300,7 @@ TEST(TCPSocket, processReceivedData) { EXPECT_TRUE(equal(inbuff + 2, inbuff + cumulative, dataptr)); } -// TODO: Need to add a test to check the cancel() method +/// @todo Need to add a test to check the cancel() method // Tests the operation of a TCPSocket by opening it, sending an asynchronous // message to a server, receiving an asynchronous message from the server and diff --git a/src/lib/asiolink/tests/tls_socket_unittest.cc b/src/lib/asiolink/tests/tls_socket_unittest.cc index a996fada64..e531b2b074 100644 --- a/src/lib/asiolink/tests/tls_socket_unittest.cc +++ b/src/lib/asiolink/tests/tls_socket_unittest.cc @@ -4,7 +4,7 @@ // License, v. 2.0. If a copy of the MPL was not distributed with this // file, You can obtain one at http://mozilla.org/MPL/2.0/. -/// \brief Test of TCPSocket +/// @brief Test of TLSSocket /// /// Tests the functionality of a TCPSocket by working through an open-send- /// receive-close sequence and checking that the asynchronous notifications @@ -44,7 +44,7 @@ namespace { const char SERVER_ADDRESS[] = "127.0.0.1"; const unsigned short SERVER_PORT = 5303; -// TODO: Shouldn't we send something that is real message? +/// @todo Shouldn't we send something that is real message? const char OUTBOUND_DATA[] = "Data sent from client to server"; const char INBOUND_DATA[] = "Returned data from server to client"; } @@ -310,7 +310,7 @@ TEST(TLSSocket, processReceivedData) { EXPECT_TRUE(equal(inbuff + 2, inbuff + cumulative, dataptr)); } -// TODO: Need to add a test to check the cancel() method +/// @todo Need to add a test to check the cancel() method // Tests the operation of a TLSSocket by opening it, sending an asynchronous // message to a server, receiving an asynchronous message from the server and @@ -394,7 +394,7 @@ TEST(TLSSocket, sequenceTest) { server_cb.queued() = TLSCallback::HANDSHAKE; server_cb.called() = TLSCallback::NONE; server_cb.setCode(42); // Some error - server.async_handshake(ssl::stream_base::server, server_cb); + server.async_handshake(roleToImpl(TlsRole::SERVER), server_cb); while ((server_cb.called() == TLSCallback::NONE) || (client_cb.called() == TLSCallback::NONE)) { diff --git a/src/lib/asiolink/testutils/Makefile.am b/src/lib/asiolink/testutils/Makefile.am index 09d780c08e..b614e7fdd8 100644 --- a/src/lib/asiolink/testutils/Makefile.am +++ b/src/lib/asiolink/testutils/Makefile.am @@ -8,13 +8,13 @@ AM_CPPFLAGS += -DTEST_CA_DIR=\"$(TEST_CA_DIR)\" AM_CXXFLAGS = $(KEA_CXXFLAGS) EXTRA_DIST = +EXTRA_DIST += ca/00af7a28.0 EXTRA_DIST += ca/0c7eedb9.0 -EXTRA_DIST += ca/26d052a5.0 -EXTRA_DIST += ca/3071e5ff.0 -EXTRA_DIST += ca/a465d731.0 +EXTRA_DIST += ca/28f5a777.0 +EXTRA_DIST += ca/2eefa08b.0 +EXTRA_DIST += ca/7a5b785e.0 EXTRA_DIST += ca/ad950210.0 -EXTRA_DIST += ca/d3d11a5f.0 -EXTRA_DIST += ca/doc +EXTRA_DIST += ca/doc.txt EXTRA_DIST += ca/ext-addr-conf.cnf EXTRA_DIST += ca/ext-conf.cnf EXTRA_DIST += ca/kea-ca.crt @@ -61,19 +61,14 @@ if HAVE_OPENSSL noinst_PROGRAMS = openssl_sample_client openssl_sample_server -openssl_sample_client_SOURCES = openssl_sample_client.cpp +openssl_sample_client_SOURCES = openssl_sample_client.cc openssl_sample_client_CPPFLAGS = $(AM_CPPFLAGS) openssl_sample_client_LDFLAGS = $(AM_LDFLAGS) $(CRYPTO_LDFLAGS) openssl_sample_client_LDADD = $(CRYPTO_LIBS) -openssl_sample_server_SOURCES = openssl_sample_server.cpp +openssl_sample_server_SOURCES = openssl_sample_server.cc openssl_sample_server_CPPFLAGS = $(AM_CPPFLAGS) openssl_sample_server_LDFLAGS = $(AM_LDFLAGS) $(CRYPTO_LDFLAGS) openssl_sample_server_LDADD = $(CRYPTO_LIBS) endif - endif - - - - diff --git a/src/lib/asiolink/testutils/ca/26d052a5.0 b/src/lib/asiolink/testutils/ca/00af7a28.0 similarity index 100% rename from src/lib/asiolink/testutils/ca/26d052a5.0 rename to src/lib/asiolink/testutils/ca/00af7a28.0 diff --git a/src/lib/asiolink/testutils/ca/a465d731.0 b/src/lib/asiolink/testutils/ca/28f5a777.0 similarity index 100% rename from src/lib/asiolink/testutils/ca/a465d731.0 rename to src/lib/asiolink/testutils/ca/28f5a777.0 diff --git a/src/lib/asiolink/testutils/ca/d3d11a5f.0 b/src/lib/asiolink/testutils/ca/2eefa08b.0 similarity index 100% rename from src/lib/asiolink/testutils/ca/d3d11a5f.0 rename to src/lib/asiolink/testutils/ca/2eefa08b.0 diff --git a/src/lib/asiolink/testutils/ca/3071e5ff.0 b/src/lib/asiolink/testutils/ca/7a5b785e.0 similarity index 100% rename from src/lib/asiolink/testutils/ca/3071e5ff.0 rename to src/lib/asiolink/testutils/ca/7a5b785e.0 diff --git a/src/lib/asiolink/testutils/ca/doc b/src/lib/asiolink/testutils/ca/doc.txt similarity index 53% rename from src/lib/asiolink/testutils/ca/doc rename to src/lib/asiolink/testutils/ca/doc.txt index 280dc7fd3f..1ca812fec1 100644 --- a/src/lib/asiolink/testutils/ca/doc +++ b/src/lib/asiolink/testutils/ca/doc.txt @@ -4,27 +4,69 @@ Similar to doc/examples/https/nginx/kea-nginx.conf Organization Name is ISC Inc. Common Name is the key name. +Some critical details: + - recent versions of OpenSSL requires at least 2038 bit RSA + - certificate version should be 3 (enforced by Botan for leaves), + if openssl creates a version 1 add an extension + - RSA allows a simpler format than PKCS#8 for RSA private keys + but Botan and other algorithms require PKCS#8 + - some tools check the alternate subject name of the server so put + a correct value in it + +Files: + - doc.txt this file + - ext-addr-conf.cnf extension definition file to add an IP address subject + alternative name to the server certificate (IP 127.0.0.1) + - ext-conf.cnf extension definition file to add a subject alternative + name to the server certificate (DNS localhost) + - kea-ca.crt Certification Authority (CA) certificate + - kea-ca.key Certification Authority (CA) private key (password keatest) + - kea-client.crt client certificate + - kea-client.csr client PKCS#10 certificate request + - kea-client.key client private key (not encrypted) + - kea-client.p12 client PKCS#12 archive with the certificate and the private + key (required by curl on macOS or iOS when built with Secure Transport) + - kea-other.crt test client certificate (signed by another CA) + - kea-other.key test client private key (signed by another CA, not encrypted) + - kea-self.crt test client certificate (self-signed) + - kea-self.key test client private key (self-signed, not encrypted) + - kea-server-addr.crt server certificate using the 127.0.0.1 IP address + - kea-server-addr.csr server PKCS#10 certificate request using the + 127.0.0.1 IP address + - kea-server.crt server certificate using the localhost DNS name + - kea-server.csr server PKCS#10 certificate request using the localhost + DNS name + - kea-server.key server private key (all certificates, not encrypted) + - server-addr-conf.cnf OpenSSL configuration file to add an IP address + subject alternative name (127.0.0.1 and ::1) + - server-conf.cnf OpenSSL configuration file to add a DNS subject + alternative name (localhost) + +Procedure to build CA, server and client files: + 1 - create a CA self signed certificate (password is keatest) openssl genrsa -aes128 -out kea-ca.key 4096 - openssl req -new -x509 -days 3650 -key kea-ca.key -out kea-ca.crt + openssl req -new -x509 -days 3650 -key kea-ca.key -out kea-ca.crt \ + -extensions v3_ca -config server-conf.cnf -2 - create a key for the client and decipher it +2 - create a key for the client and convert to PKCS#8 openssl genrsa -aes128 -out kea-client-aes.key 2048 - openssl rsa -in kea-client-aes.key -out kea-client.key + openssl pkcs8 -in kea-client-aes.key -out kea-client.key -nocrypt rm kea-client-aes.key 3 - create a certificate for the client openssl req -new -key kea-client.key -out kea-client.csr openssl x509 -req -days 3650 -in kea-client.csr -CA kea-ca.crt \ - -CAkey kea-ca.key -set_serial 10 -out kea-client.crt -sha256 + -CAkey kea-ca.key -set_serial 10 -out kea-client.crt \ + -extfile /dev/null -sha256 4 - create a PKCS#12 bundle on macOS (password is keatest) openssl pkcs12 -in kea-client.crt -inkey kea-client.key -export \ -out kea-client.p12 -5 - create a key for the server and decipher it (same than 2) +5 - create a key for the server and convert to PKCS#8 (same than 2) openssl genrsa -aes128 -out kea-server-aes.key 2048 - openssl rsa -in kea-server-aes.key -out kea-server.key + openssl pkcs8 -in kea-server-aes.key -out kea-server.key -nocrypt rm kea-server-aes.key 6 - create a certificate with a subject alternate name set to localhost diff --git a/src/lib/asiolink/testutils/ca/kea-ca.crt b/src/lib/asiolink/testutils/ca/kea-ca.crt index cfb8c53896..e5762cd207 100644 --- a/src/lib/asiolink/testutils/ca/kea-ca.crt +++ b/src/lib/asiolink/testutils/ca/kea-ca.crt @@ -1,29 +1,30 @@ -----BEGIN CERTIFICATE----- -MIIE3jCCAsYCCQDVzhmZelXOXDANBgkqhkiG9w0BAQsFADAxMQswCQYDVQQGEwJV -UzERMA8GA1UECgwISVNDIEluYy4xDzANBgNVBAMMBmtlYS1jYTAeFw0yMDA2MTEx -MzU3MzhaFw0zMDA2MDkxMzU3MzhaMDExCzAJBgNVBAYTAlVTMREwDwYDVQQKDAhJ -U0MgSW5jLjEPMA0GA1UEAwwGa2VhLWNhMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A -MIICCgKCAgEAvKQ/vJpJnXjZ+/LxZNfPc/QYSChSEQ8qoxh8prBYvPXyDu9ORHOa -Dtd5AWusQLCI3iNYMDaJwrazj0g91jPKcxfvFZbnzFHTAZrDnmJwcTw96UfrP4b7 -PyXpUSF1/YfDf+/M3C7Wm9IJ/e704XHln/vFCw2dR/N5VOrXXJRcCd5NOES/ICXe -xe62Mv7OjUQS8u6ovejtaaMkvoV2hGSG2LXdgVOCv0U8ybRs03Xl8BVM4lFYVO9H -jnQ7O9AeGMqebvuyNAyGK9Dv+ERu65M9hB+pW//d+tVv3Dkfou+d5cOXPFXjf6vI -K+2ClxkBH4A5dhsRJ7vPI41mwXA+H0g+MzxJ8Lg0pzJuLher03RZq3pBHvEc/jek -P4u6mPrc+5J84jQ0hFwH4XIpxaKJsUiE/r1nFDiWRV27PgXMQgEbjdotxFX4IDBN -KPtQNrybxiQHsYoZPdKcEfh8XyVT4NHrcbqN1SNf2ZIfDkm09aeDYXDdINAD+0yZ -E+3YMeH4oWPpOIfW4OVzEDyfBGHyo2klTZfI5zdd54Kp4dKkzSlmIPC7OubdZZGo -SlZfUlWVcRkqMbUAsZ8H2sdz0l+4k8+VmyiA4EWAiO6SV5xmYSncPQIN5dE2PbIx -jKosl9JGhajs2gxCqlK+ZA3zgoFHhG1mKGWW7ucMic8Jy4oEq1XsoI0CAwEAATAN -BgkqhkiG9w0BAQsFAAOCAgEAert/+ovFSWtRWKbFZNXs/o9ElWtVp+dxbOtgUNIS -hdfLSHt/9nXw2FuBrvonDnTtl0kPhci1Qcwd5uAErlgddE6k27kcjOesMuXtwUke -LLb7UQG7TQy3KmB+ARnG+toNTm2d8I5420+VDLqU1oh++x9l9KpWsDENSNeTDulT -lVTJ7fVOTK7++NTCmqrp+Ublri3a2aoTK4pkt1ymcdIGD/kyCNeZro3/CKooV4yU -xyTMBV0Huyu9V6OldtKtfbP2sWrQn5McRY1/18wJVTMq+OV5EI73R4bn/frfwl8o -k8x8PH/ulozK+Pk4wz3z2NdT+ckSIfFs0RtVLW2MF1+8kJyt/9u8yUNfcw7MvNor -94Zr86Mg0ZsHlXgeFfLm7h9dB/lQ5mtotrXfH4C4zltjPz17xouBSuZjZhgbkLaJ -s4nPxWwxM/tN1mSYuVkiwq+qOz8ooePZh7zzEwpDiHr1tgzXxKojDcNC2uvVRTw/ -DKq8htcEb9kFyvDzxTq6zbvuNIyvzmpseEnpYxuzHFqCQtbN54Q88HuyebJlbxEI -0BNb74yxvAQj3P+KS8xY9iqPExBeMiQu85eGmpTtKSnNjP1i09bg+xOVlESOeUPE -cEe2ZsdEBwVaoCvjl5vbt2eJfpdt3UEwg6zfyncxjMZka/315B7d7k5qIEqsD5KO -HXQ= +MIIFMzCCAxugAwIBAgIJAJHdRK24tsELMA0GCSqGSIb3DQEBCwUAMDAxCzAJBgNV +BAYTAlVTMRAwDgYDVQQKDAdJU0MgSW5jMQ8wDQYDVQQDDAZrZWEtY2EwHhcNMjEw +MzAyMTQ1OTM3WhcNMzEwMjI4MTQ1OTM3WjAwMQswCQYDVQQGEwJVUzEQMA4GA1UE +CgwHSVNDIEluYzEPMA0GA1UEAwwGa2VhLWNhMIICIjANBgkqhkiG9w0BAQEFAAOC +Ag8AMIICCgKCAgEAvKQ/vJpJnXjZ+/LxZNfPc/QYSChSEQ8qoxh8prBYvPXyDu9O +RHOaDtd5AWusQLCI3iNYMDaJwrazj0g91jPKcxfvFZbnzFHTAZrDnmJwcTw96Ufr +P4b7PyXpUSF1/YfDf+/M3C7Wm9IJ/e704XHln/vFCw2dR/N5VOrXXJRcCd5NOES/ +ICXexe62Mv7OjUQS8u6ovejtaaMkvoV2hGSG2LXdgVOCv0U8ybRs03Xl8BVM4lFY +VO9HjnQ7O9AeGMqebvuyNAyGK9Dv+ERu65M9hB+pW//d+tVv3Dkfou+d5cOXPFXj +f6vIK+2ClxkBH4A5dhsRJ7vPI41mwXA+H0g+MzxJ8Lg0pzJuLher03RZq3pBHvEc +/jekP4u6mPrc+5J84jQ0hFwH4XIpxaKJsUiE/r1nFDiWRV27PgXMQgEbjdotxFX4 +IDBNKPtQNrybxiQHsYoZPdKcEfh8XyVT4NHrcbqN1SNf2ZIfDkm09aeDYXDdINAD ++0yZE+3YMeH4oWPpOIfW4OVzEDyfBGHyo2klTZfI5zdd54Kp4dKkzSlmIPC7Oubd +ZZGoSlZfUlWVcRkqMbUAsZ8H2sdz0l+4k8+VmyiA4EWAiO6SV5xmYSncPQIN5dE2 +PbIxjKosl9JGhajs2gxCqlK+ZA3zgoFHhG1mKGWW7ucMic8Jy4oEq1XsoI0CAwEA +AaNQME4wHQYDVR0OBBYEFA2rYljxKlzKLA/dsiAmRtO876ifMB8GA1UdIwQYMBaA +FA2rYljxKlzKLA/dsiAmRtO876ifMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEL +BQADggIBAGqY1cv913Hj1+FDmD5fhzW6D/SeyL/vh3bCJ6ZJmnHFXxHZbK4lufdi +v3HRJ4iSPnU40ZWVukWE+vKrZOJeBM2ip/cqv8iAiZg2NaQ56AcDgrpOfJcXOJzD +83kZI8W3dF/zk1flJM3rsi5QlwkCaxBvwA+QInejN+oncA90CphumNqblPQp1Ifm +dt+b1BIk6QJFYT0oEXnNj+5EmSu+zJ+fR5bJoZX0YTcP6YAHjdZo2qAHTeM6yX8s +bLnX97IopyPZ/xgG2kdlp2TZZdeysaICOZ16LldE7fp2OD2ifjrAqF9eezwa2ybi +wNhduRUn0Nmuw/Vy3X5l3gUekc3mS9br8ooHy6N+8pnq04gGWK3AAZLY5v7uvzmD +BC6eA0IJAvLyeiuTpBlkHZTFxk7ENaStEMFjvPiLrgquHLmJQzsgKoUtR7TGdEJ+ +DOeLAhuXjpaZ/kefSODmm09BP0d/q3iFU3gp1xGu2svUK0/BC6NQNuTIIap+L/I+ +tKq+SpPpp7laJ7M04TqAlI+EMQ4KFRDbmlWAy5uq/ynEpEJ1FFuyg6Zo+fxracTR +ytP3p/LUEYl1VQbtn9IEcrkzZNEshBglRSJ09u1nLccy3WoX03P0iQiF4oNCEPMg +PdPlvvf1t3FbcEn5AFOsMRW4U7MBPD/gvy0EVuEJ/boydq8qMzyi -----END CERTIFICATE----- diff --git a/src/lib/asiolink/testutils/ca/kea-client.crt b/src/lib/asiolink/testutils/ca/kea-client.crt index 1a0565c589..29ff5e5ace 100644 --- a/src/lib/asiolink/testutils/ca/kea-client.crt +++ b/src/lib/asiolink/testutils/ca/kea-client.crt @@ -1,23 +1,23 @@ -----BEGIN CERTIFICATE----- -MIID2jCCAcICARQwDQYJKoZIhvcNAQELBQAwMTELMAkGA1UEBhMCVVMxETAPBgNV -BAoMCElTQyBJbmMuMQ8wDQYDVQQDDAZrZWEtY2EwHhcNMjEwMjIxMTg0MDQzWhcN -MzEwMjE5MTg0MDQzWjA1MQswCQYDVQQGEwJVUzERMA8GA1UECgwISVNDIEluYy4x -EzARBgNVBAMMCmtlYS1jbGllbnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK -AoIBAQDKbsDkElojvFhVt234GQOEVVudEp4s8KYnDQTZpsdeidrP3yY+qWfzG1k1 -6qMB5jXF7dRhzq4FiPbZMs5cz3BfwZDlxjWMxgixPaCrVphYLGhI8AOne8PEl47e -4Ae3Cl96dWUfQKQmGIzzHfTcJvCxUOCob5zYOCDvtjk48IxdvHi18Ab/hXyGJKXS -uqCsaXBRK7Amn8/jxMgdhds92tNxm0BiAJtsmkQm9QW8ztcoiEEgO4ViDRJSRKaG -9hVRrAe4GPisOjUzerADkPX/pchHIqmrTJ9YKhngOfDdiAZY1lkZc1cbM6zqqTgT -p1MvttSv8JEN6OMhM+bpCbaiWp4DAgMBAAEwDQYJKoZIhvcNAQELBQADggIBAElh -o7srSKP+6qiuzXR1eWDgTXcZa13Zj1z78Ipr3GnnoKJLLa+X69nHkA8fC2nP+Y6h -2COdlPn/JVJ20ZKMkmC+VnnBklAe7zGnd83cmiOm12kj8lGUwQ/muDW3GU402WBT -3CZubevUGgVIZv3fYcw1l3t1Q6eNASRr/xY40a9QvGAilKQSvZKdbIuYbAoMEbpX -yCErSCVPxHcIjVDghIx/Jsn2RXg+yehpRgtCO/DM9E7/6q7yhb6jMrUqujCE40cc -5TuBexXZsXH1x/Ic7mcwVDgAfGMm9j5a5isyIh7+uCItNpGlTOQIIx80wZbVHVyx -9IpUA+IInq2rK5LGp4otXGODAN9wbMBrMX0VTQlY2DZ24Vr5L6sykmHkOSELaWvW -2M0bNU16NUPxRUoWDkG99AwqT2ZnKMnsYqwayWMiQu/s1ek9zs01Pf4YFf5w659I -YHgAVhd5gSmxcJ3VTilgUaYE9DRAKY3GVFkliTlGYM55khyJYdASWGijHI14hs4W -TZQWebbaoaKNtEq+5omj7HsNLrWfKe6EQrn9z7PY+96ZbSZsbt34/tmsVpmTrOFB -BV/iU3uEJGvAucI0VXgguKN3jmw2hWstHzEWEMHm107Vp3QPWmrHzvcosAxLsKpg -WyHjO3AiUQOsP9NPOy9Owr/XJCcSbf5k4MuFDLXi +MIID3TCCAcWgAwIBAgIBCjANBgkqhkiG9w0BAQsFADAwMQswCQYDVQQGEwJVUzEQ +MA4GA1UECgwHSVNDIEluYzEPMA0GA1UEAwwGa2VhLWNhMB4XDTIxMDMwMjE1MDAz +M1oXDTMxMDIyODE1MDAzM1owNDELMAkGA1UEBhMCVVMxEDAOBgNVBAoMB0lTQyBJ +bmMxEzARBgNVBAMMCmtlYS1jbGllbnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQDKbsDkElojvFhVt234GQOEVVudEp4s8KYnDQTZpsdeidrP3yY+qWfz +G1k16qMB5jXF7dRhzq4FiPbZMs5cz3BfwZDlxjWMxgixPaCrVphYLGhI8AOne8PE +l47e4Ae3Cl96dWUfQKQmGIzzHfTcJvCxUOCob5zYOCDvtjk48IxdvHi18Ab/hXyG +JKXSuqCsaXBRK7Amn8/jxMgdhds92tNxm0BiAJtsmkQm9QW8ztcoiEEgO4ViDRJS +RKaG9hVRrAe4GPisOjUzerADkPX/pchHIqmrTJ9YKhngOfDdiAZY1lkZc1cbM6zq +qTgTp1MvttSv8JEN6OMhM+bpCbaiWp4DAgMBAAEwDQYJKoZIhvcNAQELBQADggIB +AENl7hCBjAft1uC/XAO/yBkkDrTk6R21+mdJMghJ9ojFP33QvYYv0pDNeCZ/IJEK +G2ML8gFzd2YulF1qzBMuFvESRQyqJMnIWJS8FSEIKEyqj5RMTnVWjFM6V2yGhBA5 +XXAL4CVVNz/NqWV/Ebd1XB1OB/y5uz+ZowpWktHtqCKYhDzDtK600GswMOJ5UsZF +X6JtkvG86nVfuyOIK3NtMXQE/ptAgwa87hVecu7yY/u6PmRwS7YbVBsh9VplnAsQ +bLARtTGCWHL3otZaDi81dghHkHYmv1NmaubgKnFffKxJGLCtyHF0pqS7C0v7lLOo +qOhSd3qaFEU1yWpXCFlyglDnadFQs8pdWIPBngwQC2luF1N7Kppz5zzGF5MHNt+E +LuPlRAwgs8aRRPsySGYKvtCeNYAgjsbec9f0P7lMEGr+AqbZF9qNbbQQkq0dHrMH +goazCek3XtlMAYYUdmkqQ5a44XRQUu4FuTVqzCH8nqhkeHcWTwO9BHayUebxiBk8 +njDwLtHiQ8u9TjVf/35UOdqFSxra+wZJPKYbH++82KG6rbEotGp3jv0uxasgiHVL +qrD3dkQAU8zF7cllsUkRE3Gw4tDaZXkZCawiMfLiGK1FVApXkUnKilASDsaH6i3x +Ui8LM1F9vbtJnzftTa3yi0FR6Gmi5Mc+R42gpE8xCa4y -----END CERTIFICATE----- diff --git a/src/lib/asiolink/testutils/ca/kea-client.csr b/src/lib/asiolink/testutils/ca/kea-client.csr index 89c3d02698..e60736023f 100644 --- a/src/lib/asiolink/testutils/ca/kea-client.csr +++ b/src/lib/asiolink/testutils/ca/kea-client.csr @@ -1,16 +1,16 @@ -----BEGIN CERTIFICATE REQUEST----- -MIICejCCAWICAQAwNTELMAkGA1UEBhMCVVMxETAPBgNVBAoMCElTQyBJbmMuMRMw -EQYDVQQDDAprZWEtY2xpZW50MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEAym7A5BJaI7xYVbdt+BkDhFVbnRKeLPCmJw0E2abHXonaz98mPqln8xtZNeqj -AeY1xe3UYc6uBYj22TLOXM9wX8GQ5cY1jMYIsT2gq1aYWCxoSPADp3vDxJeO3uAH -twpfenVlH0CkJhiM8x303CbwsVDgqG+c2Dgg77Y5OPCMXbx4tfAG/4V8hiSl0rqg -rGlwUSuwJp/P48TIHYXbPdrTcZtAYgCbbJpEJvUFvM7XKIhBIDuFYg0SUkSmhvYV -UawHuBj4rDo1M3qwA5D1/6XIRyKpq0yfWCoZ4Dnw3YgGWNZZGXNXGzOs6qk4E6dT -L7bUr/CRDejjITPm6Qm2olqeAwIDAQABoAAwDQYJKoZIhvcNAQELBQADggEBAMgA -4PiiHLAdo5tjjEWyPOsVCaKORAB8PqELc9XJHfZeyyCEDRptQfH//XKe7WRZmbZI -baq1cqjZFVb8yrMjBr1mXUOuBzmofexaXwFEMOufirUawenqGeivkIW23j+Jq6vX -xs2jlXdqE7H6ApXo5De0NhnpeNQS+88xDfQvcaqPYw5TmOrAtPrGt42vSa0x0vf6 -OnnFnOFEFh6AFfj6Sg6SWeNOn61RgUR5iqPkQsH33o/viTqKL4qITroFUHmau7Ec -BimeigqvKOMS785BxmXeYl2qEg9Vu4zaFePAHPPpjIA7LELfXdM/B6TOP9/aCMEd -NhQVPAUOXFxCnBHWo84= +MIICeTCCAWECAQAwNDELMAkGA1UEBhMCVVMxEDAOBgNVBAoMB0lTQyBJbmMxEzAR +BgNVBAMMCmtlYS1jbGllbnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB +AQDKbsDkElojvFhVt234GQOEVVudEp4s8KYnDQTZpsdeidrP3yY+qWfzG1k16qMB +5jXF7dRhzq4FiPbZMs5cz3BfwZDlxjWMxgixPaCrVphYLGhI8AOne8PEl47e4Ae3 +Cl96dWUfQKQmGIzzHfTcJvCxUOCob5zYOCDvtjk48IxdvHi18Ab/hXyGJKXSuqCs +aXBRK7Amn8/jxMgdhds92tNxm0BiAJtsmkQm9QW8ztcoiEEgO4ViDRJSRKaG9hVR +rAe4GPisOjUzerADkPX/pchHIqmrTJ9YKhngOfDdiAZY1lkZc1cbM6zqqTgTp1Mv +ttSv8JEN6OMhM+bpCbaiWp4DAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAs7Ed +zY2f2BN33Jd2/XAe3Vl/Jm7JgLN7GnvwzdoM/KewsTsSo0wrgqBU2r36F+W2+/T6 +rN8C0SseFfaURd3CQc66UcGzp4+FKxWIS9loO4P43t6MjBUQ/RiW3IQUAbkMIL52 +CG1HiyyOp7GNtXb861CCu25t82oXeW7WWvWJxaKeAk/hkr7lrVxCcU7XkVY6sDU0 +t4fP3W31p5ZkLUK4qELiZ3iJZLnf/5xaXgJpVlS3E4DUe8tyl3TjayYxroyRj+TT +D0LWwE65QGygJM2cZrraIvue5kVan4C8XZvO/VvZoakWH/ZkGN8Pis33r8oEfrQL +SyGt7oTSRYob5MTWmA== -----END CERTIFICATE REQUEST----- diff --git a/src/lib/asiolink/testutils/ca/kea-client.key b/src/lib/asiolink/testutils/ca/kea-client.key index 8a5bf94e46..a8768b343c 100644 --- a/src/lib/asiolink/testutils/ca/kea-client.key +++ b/src/lib/asiolink/testutils/ca/kea-client.key @@ -1,27 +1,28 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEAym7A5BJaI7xYVbdt+BkDhFVbnRKeLPCmJw0E2abHXonaz98m -Pqln8xtZNeqjAeY1xe3UYc6uBYj22TLOXM9wX8GQ5cY1jMYIsT2gq1aYWCxoSPAD -p3vDxJeO3uAHtwpfenVlH0CkJhiM8x303CbwsVDgqG+c2Dgg77Y5OPCMXbx4tfAG -/4V8hiSl0rqgrGlwUSuwJp/P48TIHYXbPdrTcZtAYgCbbJpEJvUFvM7XKIhBIDuF -Yg0SUkSmhvYVUawHuBj4rDo1M3qwA5D1/6XIRyKpq0yfWCoZ4Dnw3YgGWNZZGXNX -GzOs6qk4E6dTL7bUr/CRDejjITPm6Qm2olqeAwIDAQABAoIBAQCiT9OSC7UC2k3p -zL38I/JR9S8T7o2tcveGcEXnTnalMtujuUUtESAsKU2KkaxKJZAQN/YGxnV6Mqva -04XrnNh5rvbDhf4B9feaRdPCDhjw+gpUET6c1/vMcck4o2EMPuD3i5GdUXNMqHq7 -pNVkgESVqEe6RmP4amjeS7nuEdI6hSqFQa7EelC7C7HIIxz/jpiHRYk2pp5o3wx3 -EEyyhR+Ip3+U9EOlGZyqvasaGf6PYgBC2pTjitVP7+ArxokBTx1/VfNmVgOT+A+2 -kkqg4Ee3sgmBGjy0aUatr/QOSEELnJw9cHZLIapklDo+cS/ypSWiGASGUvCyjmBm -VDg/DDDBAoGBAPFXAR1NwmVNs5mU5LA9kgs8Pz/d4LAOa3CrUEFjBSMrfAkB3Je8 -0x0Xmht2QIRVPQ2NFklM07aqToWMtxPSoLoGlovgTEAtcyLWnRrANlhd0VwG0m62 -YlRkIrRcS5m1yS+EKETCEWnsGoCrdYbBdpKJVoNd4pxAHXYgjlzKLPH5AoGBANa6 -tz0RiP6GHU7yONR0yXEYmLhniWnE9A+5UEKjEt4ZOo4rDxocBZSENPwMf7576Vv3 -kTuL4aSkBPA5DxBsjOq/CT3o3Fng2aRLNL37glYrVLAsNIPs/YVWuLJZ2fXJZMbG -PbR2SVhXU8YvQaY3s6OlzfQ07Zd4T5TUnoMpDA7bAoGAJ5638R6d5lGeRX1bGc/R -1QRcAdkkFOMZIlMNht6BrmdqInRqyYJXSjRguVdtegwgTMQ3v2rcauWEpIoYWCnA -9ykzt9znx7VubG69NfIOOe2U/D2meER62g3iYKeyRZbBY4qXrcoKX9BB/ZOoZKoI -FEB1snVMSYiBDa6EkJkkTckCgYBeU3UtAWfxjw6O4H6wbYEUCl8EGo9VhCxGP/yO -2T3vjJuZWjbvHEIjRJRV6FOxZJNVUAJfawo7HcYBlL8WUujwMe0oYgNyBAD3WAYa -MsLFgZFZNoH3NgMEMN0/k5LYkpiPbQQsIw4DHZFybM3k63EhQTOgxCNet34V/fSH -318powKBgH/QdL/jSMUV4DGnPtayzTEszjgNsqt7SPkWvKtA+K+EoX2rlpZf65RI -Mei9BawHU2H4rfCN3QTqimHt2/xNKyCowF+a4fRLPz8bDqOqiWMPZeD+PscWSrKq -r3TDUNfttWQvdE5x1nct20T4dQ9FY1w8MgcsouBbmhFoWYDQOfuO ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDKbsDkElojvFhV +t234GQOEVVudEp4s8KYnDQTZpsdeidrP3yY+qWfzG1k16qMB5jXF7dRhzq4FiPbZ +Ms5cz3BfwZDlxjWMxgixPaCrVphYLGhI8AOne8PEl47e4Ae3Cl96dWUfQKQmGIzz +HfTcJvCxUOCob5zYOCDvtjk48IxdvHi18Ab/hXyGJKXSuqCsaXBRK7Amn8/jxMgd +hds92tNxm0BiAJtsmkQm9QW8ztcoiEEgO4ViDRJSRKaG9hVRrAe4GPisOjUzerAD +kPX/pchHIqmrTJ9YKhngOfDdiAZY1lkZc1cbM6zqqTgTp1MvttSv8JEN6OMhM+bp +CbaiWp4DAgMBAAECggEBAKJP05ILtQLaTenMvfwj8lH1LxPuja1y94ZwRedOdqUy +26O5RS0RICwpTYqRrEolkBA39gbGdXoyq9rTheuc2Hmu9sOF/gH195pF08IOGPD6 +ClQRPpzX+8xxyTijYQw+4PeLkZ1Rc0yoeruk1WSARJWoR7pGY/hqaN5Lue4R0jqF +KoVBrsR6ULsLscgjHP+OmIdFiTamnmjfDHcQTLKFH4inf5T0Q6UZnKq9qxoZ/o9i +AELalOOK1U/v4CvGiQFPHX9V82ZWA5P4D7aSSqDgR7eyCYEaPLRpRq2v9A5IQQuc +nD1wdkshqmSUOj5xL/KlJaIYBIZS8LKOYGZUOD8MMMECgYEA8VcBHU3CZU2zmZTk +sD2SCzw/P93gsA5rcKtQQWMFIyt8CQHcl7zTHReaG3ZAhFU9DY0WSUzTtqpOhYy3 +E9KgugaWi+BMQC1zItadGsA2WF3RXAbSbrZiVGQitFxLmbXJL4QoRMIRaewagKt1 +hsF2kolWg13inEAddiCOXMos8fkCgYEA1rq3PRGI/oYdTvI41HTJcRiYuGeJacT0 +D7lQQqMS3hk6jisPGhwFlIQ0/Ax/vnvpW/eRO4vhpKQE8DkPEGyM6r8JPejcWeDZ +pEs0vfuCVitUsCw0g+z9hVa4slnZ9clkxsY9tHZJWFdTxi9Bpjezo6XN9DTtl3hP +lNSegykMDtsCgYAnnrfxHp3mUZ5FfVsZz9HVBFwB2SQU4xkiUw2G3oGuZ2oidGrJ +gldKNGC5V216DCBMxDe/atxq5YSkihhYKcD3KTO33OfHtW5sbr018g457ZT8PaZ4 +RHraDeJgp7JFlsFjipetygpf0EH9k6hkqggUQHWydUxJiIENroSQmSRNyQKBgF5T +dS0BZ/GPDo7gfrBtgRQKXwQaj1WELEY//I7ZPe+Mm5laNu8cQiNElFXoU7Fkk1VQ +Al9rCjsdxgGUvxZS6PAx7ShiA3IEAPdYBhoywsWBkVk2gfc2AwQw3T+TktiSmI9t +BCwjDgMdkXJszeTrcSFBM6DEI163fhX99IffXymjAoGAf9B0v+NIxRXgMac+1rLN +MSzOOA2yq3tI+Ra8q0D4r4ShfauWll/rlEgx6L0FrAdTYfit8I3dBOqKYe3b/E0r +IKjAX5rh9Es/PxsOo6qJYw9l4P4+xxZKsqqvdMNQ1+21ZC90TnHWdy3bRPh1D0Vj +XDwyByyi4FuaEWhZgNA5+44= +-----END PRIVATE KEY----- diff --git a/src/lib/asiolink/testutils/ca/kea-client.p12 b/src/lib/asiolink/testutils/ca/kea-client.p12 index 008252b96e..baf4420580 100644 Binary files a/src/lib/asiolink/testutils/ca/kea-client.p12 and b/src/lib/asiolink/testutils/ca/kea-client.p12 differ diff --git a/src/lib/asiolink/testutils/ca/kea-other.crt b/src/lib/asiolink/testutils/ca/kea-other.crt index dbb636617f..bdcc9bdf5c 100644 --- a/src/lib/asiolink/testutils/ca/kea-other.crt +++ b/src/lib/asiolink/testutils/ca/kea-other.crt @@ -1,23 +1,23 @@ -----BEGIN CERTIFICATE----- -MIID1zCCAb8CARQwDQYJKoZIhvcNAQELBQAwMzELMAkGA1UEBhMCVVMxETAPBgNV -BAoMCElTQyBJbmMuMREwDwYDVQQDDAhvdGhlci1jYTAeFw0yMTAyMjEyMTE4NDda -Fw0zMTAyMTkyMTE4NDdaMDAxCzAJBgNVBAYTAlVTMREwDwYDVQQKDAhJU0MgSW5j -LjEOMAwGA1UEAwwFb3RoZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB -AQDAoEENWQ6tl6aaRMn+yaNUKTBIIWpVoy5+uGsBdZW++fEvw4xmleGD+bwyHZFE -sHPos/v7zWUNFaX2aWD0H+Hk4l2WTFigWO3utPoXDzDOjfQmglKG+R08p3giURrJ -zUKWwe/RRJBs7qXdcD9yNXVOb2JWp4Cxk1iPj7zTS/LGsFr7F4/k2nlH3EuqvB3G -BEXHa/sA55xigMyvqVnVb4rNh+PjGL8l5SZzSnrbdoIEtKw/LVbBCAVrQsgcADNq -jR7ILbqeIqg1Td11QvQzB7f/U5dQoQPzq3j4ow1zOiaSokZE7UcUCUNfjRv5E2lW -+mmyM7nkgyE9LqUJ/3udIh1vAgMBAAEwDQYJKoZIhvcNAQELBQADggIBACK3Dl0s -NmwPSNQuVH9d/fgL954ephn+GAsNamOLL9gFwZmHxVzHJ93GnbrVsTtvWFa2w+Tc -jDGzRvbhMMh4bnKOJ4OUzn2ISQOyWdhBWnSKVt9kiunP7Jn8ufH4WOpkeP1FKXRg -xMgGcK/3oOn2OV2Nj9BT5Wm8MPytVdsY1e3XCbBcRfYB1acNE0Q6Fx9/u0OxGNQ2 -ITRUQb5T1yoI6Isq2bhdW1hdl3O5DPcjkzDBQlqxXOUoZeLKuXeQlPxV+rELO52o -z48CL/Y1jOhmplM7aUCNNxdObZZ0ym1OCEGo6yNCkGil6ErEgmVE7IrGaLMwbAHj -eylbIcAieaAuc1w858nRbB+ryND9BWj5G0+B3xhuX3Xs4bfDKxPayytf9ixfshrn -9TR0g3GIV+lIVOuCmQtf5H2eZ2wTxd09f6Sglh7WMm/RNEd+E53n3dnksjt9X/Lc -27Q513x6IudXTreJMQdAstna/Aftjm4KN+zMc1JEYXPyiwN3UEFk8gfBstbg3Tb9 -ioA/yX4E1Jim7HHqB4eoTcmv4nz0kYrNtFxp4xAoy1qYc8afFOyborWdCqZFbERO -JQJop0aVSm7tR95nhcd1O3ZgxMjzT6jOIw7P/DxCBQqz5xwXThpcYboK5z4cdWe7 -QAsCwmY3m4pbVvxtY9xl+LtEqNt7/eFXqstV +MIID4DCCAcigAwIBAgIBFDANBgkqhkiG9w0BAQsFADAzMQswCQYDVQQGEwJVUzER +MA8GA1UECgwISVNDIEluYy4xETAPBgNVBAMMCG90aGVyLWNhMB4XDTIxMDMwMjE0 +NTI0OFoXDTMxMDIyODE0NTI0OFowNDELMAkGA1UEBhMCVVMxETAPBgNVBAoMCElT +QyBJbmMuMRIwEAYDVQQDDAlrZWEtb3RoZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IB +DwAwggEKAoIBAQDAoEENWQ6tl6aaRMn+yaNUKTBIIWpVoy5+uGsBdZW++fEvw4xm +leGD+bwyHZFEsHPos/v7zWUNFaX2aWD0H+Hk4l2WTFigWO3utPoXDzDOjfQmglKG ++R08p3giURrJzUKWwe/RRJBs7qXdcD9yNXVOb2JWp4Cxk1iPj7zTS/LGsFr7F4/k +2nlH3EuqvB3GBEXHa/sA55xigMyvqVnVb4rNh+PjGL8l5SZzSnrbdoIEtKw/LVbB +CAVrQsgcADNqjR7ILbqeIqg1Td11QvQzB7f/U5dQoQPzq3j4ow1zOiaSokZE7UcU +CUNfjRv5E2lW+mmyM7nkgyE9LqUJ/3udIh1vAgMBAAEwDQYJKoZIhvcNAQELBQAD +ggIBAMYcxVfoCIn+NPlsoRB2m5vAOuJTuBNigf8Fm0HYougE2W+p50+5USx2BCM8 +M1Cet+8X0dktHbRdDL5aZrRbYnz/OENBD4tKuWMQoP/qzafRiKSkDckxYM6AR4T+ +fzPgLjUde2NE1cDeRlJUmereRXiD2qefEFH55StLl8YnnciAMGTRjwBuLiReF+qE +noaD8ZIKZ5pBMzoxyOe+39tLJkzhESdZ8gJZRXGm+ickAlP96w8z8TlQiWHG3Caw +kM7SZSyVYdyfiF32J6A7hwlG3qud83GcunfrjOurWBe1lv51pb/OFGe6wlRD/pcS +UcKZ07KXXYMXV40O6A5Dv0yJB8ocKhOkfU5MvotAAm2GL2ZXizfmEAz23X9I8830 +B5ggVxgp/bO/exC1sBJjUgF4qVPByE1MdDDWYvPKT8cYg5j8pD9rDn7WGVAmgCk9 +59lEI0HBP33ulBRoxrOQ7kV3pUlV8oP3wG/joz8PwSNAbbtQuUnAmjElONPyTrMN +2Yqah89SqH9ygzz/UomdrKYuoTu/QEfLLtBcyBLKHrRT8ODvsp2kY9RpveCctsAR +2gmnYixj7GDdp5c6zTich1+QkVvFtrl3Zu+AWRekFAn92bwwOli14S3LgW2t4iXL +InVUqNg6l6K9d+FdHogvITQLKKMpfIfsCKPqvacpqryyaith -----END CERTIFICATE----- diff --git a/src/lib/asiolink/testutils/ca/kea-other.key b/src/lib/asiolink/testutils/ca/kea-other.key index 6c1714fee3..212dbe6763 100644 --- a/src/lib/asiolink/testutils/ca/kea-other.key +++ b/src/lib/asiolink/testutils/ca/kea-other.key @@ -1,27 +1,28 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEAwKBBDVkOrZemmkTJ/smjVCkwSCFqVaMufrhrAXWVvvnxL8OM -ZpXhg/m8Mh2RRLBz6LP7+81lDRWl9mlg9B/h5OJdlkxYoFjt7rT6Fw8wzo30JoJS -hvkdPKd4IlEayc1ClsHv0USQbO6l3XA/cjV1Tm9iVqeAsZNYj4+800vyxrBa+xeP -5Np5R9xLqrwdxgRFx2v7AOecYoDMr6lZ1W+KzYfj4xi/JeUmc0p623aCBLSsPy1W -wQgFa0LIHAAzao0eyC26niKoNU3ddUL0Mwe3/1OXUKED86t4+KMNczomkqJGRO1H -FAlDX40b+RNpVvppsjO55IMhPS6lCf97nSIdbwIDAQABAoIBAGFKT7D7MzOwbeBr -MA71Lv5aE13LKtb4JYqxgLJq/mhH+26heO9zckTjRQ+W6YFlEhYNmg8TLZ/POFTd -4q9KzyB4yMYZ54WNhRdU5x/wdzlMb21n02ECv6ab+0xx5HLarnBQodzzoXKzkqjm -gdUgdRBZp7SWw6RtBIT2F2wtZwC8v9TbLVjgYanK+sU1NlVJ86kg8WuPaST7kmaR -I+BtFXapq5SP/MI5dJki3WNlalzJUIUiRtmqkSointJIEL1Jx1RGonPWDTQtmq8V -/86eXOFEoqMXpK5gpKACl6amxbMBks3BViUHq/p7wpCF/c4a/t2xZ+P3ZAyuBg+P -QLcNJCkCgYEA3sP4hAyoENqG0BVVttloXk0rhN7A7AXZ6Hd2EWYCJ+1X+0Mmjas6 -DnnPEIBN6DLthHSisiw8jfP9yAQlas1CHliSzdwgregzSt+PIRCXNxXNoYm7/xGu -E0OK2cjcYmCX1fOp3WLyjEEjJh8/ZQys64wf8dS2gQbjuKi1M4Cu78MCgYEA3V0s -CaPTMwng76kLVMTWzFyiTnxKhbrGlvzYnW0vTJ6YSJnLEKGzH3Df4e+K9mh/sRhw -ZOaT3nH1P6iuPHcxFp3K1qaUU3yfVXlOVWJZ5LyP5hwyiaqBGRMnEapVAkb5bvAx -qhDh3pVu2Qo3Bg+A3JEQ5mQmng+/DsSpIsrtjOUCgYAYthiNXXIPXI5z6sn1XKyt -OVZIiQVRqVyA4y+fwncewr9tygcu0/2+uVh09iauSWf7t4yMw0d8X8KZO4yDCn35 -K84tM+wUHpwCBEa2XkbH/40uDD9kjiuHS4jNm/CGoTx2qW8Adgd984PYqMK5jOxp -vMOWaghMy9zbESv4qJ+/TQKBgGBLcKW841n3eScoNSqp+fqqbVyRCuYDqvHxidVp -ssK01u/2HvTcMoyB0JJ7Xsr0CGAkjngGKdsBXbtUiH77Jpp9B8i6bBmpQ7Kt81qH -Ty2GrV5fc8iZKFGdGEjB/Prhnw4YZLJjZ64o+TBnFiqHwfmxDVX7ySTHGsi02hKt -jgrVAoGBAKF0Z+KdT95HbS12J0wLJ4LAyFRMxQJ2+A17ryt6MwN5lICMBh0IosHD -fpgh5pd4ZDJ5pA0seG2pGwFLkPhCM5EuumikU713SGboxkjS8ozfUkJGiXyg2C1t -9lpsU6MKC4eTMg6WlTjBXoFc3seXP83mNKjy7Rn/qqIDHKH7WXke ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDAoEENWQ6tl6aa +RMn+yaNUKTBIIWpVoy5+uGsBdZW++fEvw4xmleGD+bwyHZFEsHPos/v7zWUNFaX2 +aWD0H+Hk4l2WTFigWO3utPoXDzDOjfQmglKG+R08p3giURrJzUKWwe/RRJBs7qXd +cD9yNXVOb2JWp4Cxk1iPj7zTS/LGsFr7F4/k2nlH3EuqvB3GBEXHa/sA55xigMyv +qVnVb4rNh+PjGL8l5SZzSnrbdoIEtKw/LVbBCAVrQsgcADNqjR7ILbqeIqg1Td11 +QvQzB7f/U5dQoQPzq3j4ow1zOiaSokZE7UcUCUNfjRv5E2lW+mmyM7nkgyE9LqUJ +/3udIh1vAgMBAAECggEAYUpPsPszM7Bt4GswDvUu/loTXcsq1vglirGAsmr+aEf7 +bqF473NyRONFD5bpgWUSFg2aDxMtn884VN3ir0rPIHjIxhnnhY2FF1TnH/B3OUxv +bWfTYQK/ppv7THHkctqucFCh3POhcrOSqOaB1SB1EFmntJbDpG0EhPYXbC1nALy/ +1NstWOBhqcr6xTU2VUnzqSDxa49pJPuSZpEj4G0VdqmrlI/8wjl0mSLdY2VqXMlQ +hSJG2aqRKiKe0kgQvUnHVEaic9YNNC2arxX/zp5c4USioxekrmCkoAKXpqbFswGS +zcFWJQer+nvCkIX9zhr+3bFn4/dkDK4GD49Atw0kKQKBgQDew/iEDKgQ2obQFVW2 +2WheTSuE3sDsBdnod3YRZgIn7Vf7QyaNqzoOec8QgE3oMu2EdKKyLDyN8/3IBCVq +zUIeWJLN3CCt6DNK348hEJc3Fc2hibv/Ea4TQ4rZyNxiYJfV86ndYvKMQSMmHz9l +DKzrjB/x1LaBBuO4qLUzgK7vwwKBgQDdXSwJo9MzCeDvqQtUxNbMXKJOfEqFusaW +/NidbS9MnphImcsQobMfcN/h74r2aH+xGHBk5pPecfU/qK48dzEWncrWppRTfJ9V +eU5VYlnkvI/mHDKJqoEZEycRqlUCRvlu8DGqEOHelW7ZCjcGD4DckRDmZCaeD78O +xKkiyu2M5QKBgBi2GI1dcg9cjnPqyfVcrK05VkiJBVGpXIDjL5/Cdx7Cv23KBy7T +/b65WHT2Jq5JZ/u3jIzDR3xfwpk7jIMKffkrzi0z7BQenAIERrZeRsf/jS4MP2SO +K4dLiM2b8IahPHapbwB2B33zg9iowrmM7Gm8w5ZqCEzL3NsRK/ion79NAoGAYEtw +pbzjWfd5Jyg1Kqn5+qptXJEK5gOq8fGJ1WmywrTW7/Ye9NwyjIHQknteyvQIYCSO +eAYp2wFdu1SIfvsmmn0HyLpsGalDsq3zWodPLYatXl9zyJkoUZ0YSMH8+uGfDhhk +smNnrij5MGcWKofB+bENVfvJJMcayLTaEq2OCtUCgYEAoXRn4p1P3kdtLXYnTAsn +gsDIVEzFAnb4DXuvK3ozA3mUgIwGHQiiwcN+mCHml3hkMnmkDSx4bakbAUuQ+EIz +kS66aKRTvXdIZujGSNLyjN9SQkaJfKDYLW32WmxTowoLh5MyDpaVOMFegVzex5c/ +zeY0qPLtGf+qogMcoftZeR4= +-----END PRIVATE KEY----- diff --git a/src/lib/asiolink/testutils/ca/kea-self.crt b/src/lib/asiolink/testutils/ca/kea-self.crt index a062c4c53e..5d7534d7a6 100644 --- a/src/lib/asiolink/testutils/ca/kea-self.crt +++ b/src/lib/asiolink/testutils/ca/kea-self.crt @@ -1,18 +1,19 @@ -----BEGIN CERTIFICATE----- -MIIC6DCCAdACCQC3T0mkbypFVTANBgkqhkiG9w0BAQsFADA2MQswCQYDVQQGEwJV -UzERMA8GA1UECgwISVNDIEluYy4xFDASBgNVBAMMC3NlbGYtc2lnbmVkMB4XDTIx -MDIxODE4MzA0MloXDTMxMDIxNjE4MzA0MlowNjELMAkGA1UEBhMCVVMxETAPBgNV -BAoMCElTQyBJbmMuMRQwEgYDVQQDDAtzZWxmLXNpZ25lZDCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAMCgQQ1ZDq2XpppEyf7Jo1QpMEghalWjLn64awF1 -lb758S/DjGaV4YP5vDIdkUSwc+iz+/vNZQ0VpfZpYPQf4eTiXZZMWKBY7e60+hcP -MM6N9CaCUob5HTyneCJRGsnNQpbB79FEkGzupd1wP3I1dU5vYlangLGTWI+PvNNL -8sawWvsXj+TaeUfcS6q8HcYERcdr+wDnnGKAzK+pWdVvis2H4+MYvyXlJnNKett2 -ggS0rD8tVsEIBWtCyBwAM2qNHsgtup4iqDVN3XVC9DMHt/9Tl1ChA/OrePijDXM6 -JpKiRkTtRxQJQ1+NG/kTaVb6abIzueSDIT0upQn/e50iHW8CAwEAATANBgkqhkiG -9w0BAQsFAAOCAQEAnhmEeDZv9IJL5Vv8K9Ltb8WzCaH7faSd/wKW5qqh+odeUJHk -mZN8gwBaL8VSrXiCGKgTexn5Uc4PgxAbK887t3Q0BUIleOHG5mvQ7/0+uBtGEp72 -PSSsIHL7osiSMTi142ppY2/LpUfP7I65Z1lpaThdJu2YgxjVeoFZI+L3ubzVM6M0 -V/yBrK/vZMVVQv4tkCgte3jX/XH7aQ/+OK1xB9oyOqe7yShMrPS6oFLmvGjWMqQO -/NMPxqsGWH/EZeTVmPP8+zw7/s2mnHrdqMLkHO6/sEPAdgyxrjcDLqtIdNgoMdBz -2sH8t4L5qGTKQjDIJ8Zam6O9lJJhZ18D6Rqtwg== +MIIDHDCCAgSgAwIBAgIUe1AyLcAeSfKwCZNZLFTRkWMyOJQwDQYJKoZIhvcNAQEL +BQAwSDELMAkGA1UEBhMCVVMxEzARBgNVBAgMClNvbWUtU3RhdGUxETAPBgNVBAoM +CElTQyBJbmMuMREwDwYDVQQDDAhrZWEtc2VsZjAeFw0yMTAzMDIxNDQ3MDdaFw0z +MTAyMjgxNDQ3MDdaMEgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApTb21lLVN0YXRl +MREwDwYDVQQKDAhJU0MgSW5jLjERMA8GA1UEAwwIa2VhLXNlbGYwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAoEENWQ6tl6aaRMn+yaNUKTBIIWpVoy5+ +uGsBdZW++fEvw4xmleGD+bwyHZFEsHPos/v7zWUNFaX2aWD0H+Hk4l2WTFigWO3u +tPoXDzDOjfQmglKG+R08p3giURrJzUKWwe/RRJBs7qXdcD9yNXVOb2JWp4Cxk1iP +j7zTS/LGsFr7F4/k2nlH3EuqvB3GBEXHa/sA55xigMyvqVnVb4rNh+PjGL8l5SZz +SnrbdoIEtKw/LVbBCAVrQsgcADNqjR7ILbqeIqg1Td11QvQzB7f/U5dQoQPzq3j4 +ow1zOiaSokZE7UcUCUNfjRv5E2lW+mmyM7nkgyE9LqUJ/3udIh1vAgMBAAEwDQYJ +KoZIhvcNAQELBQADggEBAHWFX55xUt1Opqtji+I2XvBrcexleSAME+irKwExe+tY +laFEWb1eWyzFHiuOSuNLjcXt1PkUYZ0lYUg17cDj5urpAy+F07uCRQWTXBY8W53H +IppYl4KjN3w4e5DSyDfiTv99MT8xVKJk+rVu75lQ0kgg68fZR6yK82SLjBQmjV2A +OcSqHNHtnBU5RcdlZ+E05M1Vo1jHzxHpybkgNxjvmUgBRc9ieLbgSFRZji0nNmhA +TSZ0DjRce6eyDI+OoEFJL0wXMl0ZOijeuCJr4C45h3TyreU2COC1GaoIeNwmGSIb +mw0j+XR4rKHcgkUQ7L2DfwOjGFG7IeT+k0QdyeM2NU4= -----END CERTIFICATE----- diff --git a/src/lib/asiolink/testutils/ca/kea-self.key b/src/lib/asiolink/testutils/ca/kea-self.key index 6c1714fee3..212dbe6763 100644 --- a/src/lib/asiolink/testutils/ca/kea-self.key +++ b/src/lib/asiolink/testutils/ca/kea-self.key @@ -1,27 +1,28 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEAwKBBDVkOrZemmkTJ/smjVCkwSCFqVaMufrhrAXWVvvnxL8OM -ZpXhg/m8Mh2RRLBz6LP7+81lDRWl9mlg9B/h5OJdlkxYoFjt7rT6Fw8wzo30JoJS -hvkdPKd4IlEayc1ClsHv0USQbO6l3XA/cjV1Tm9iVqeAsZNYj4+800vyxrBa+xeP -5Np5R9xLqrwdxgRFx2v7AOecYoDMr6lZ1W+KzYfj4xi/JeUmc0p623aCBLSsPy1W -wQgFa0LIHAAzao0eyC26niKoNU3ddUL0Mwe3/1OXUKED86t4+KMNczomkqJGRO1H -FAlDX40b+RNpVvppsjO55IMhPS6lCf97nSIdbwIDAQABAoIBAGFKT7D7MzOwbeBr -MA71Lv5aE13LKtb4JYqxgLJq/mhH+26heO9zckTjRQ+W6YFlEhYNmg8TLZ/POFTd -4q9KzyB4yMYZ54WNhRdU5x/wdzlMb21n02ECv6ab+0xx5HLarnBQodzzoXKzkqjm -gdUgdRBZp7SWw6RtBIT2F2wtZwC8v9TbLVjgYanK+sU1NlVJ86kg8WuPaST7kmaR -I+BtFXapq5SP/MI5dJki3WNlalzJUIUiRtmqkSointJIEL1Jx1RGonPWDTQtmq8V -/86eXOFEoqMXpK5gpKACl6amxbMBks3BViUHq/p7wpCF/c4a/t2xZ+P3ZAyuBg+P -QLcNJCkCgYEA3sP4hAyoENqG0BVVttloXk0rhN7A7AXZ6Hd2EWYCJ+1X+0Mmjas6 -DnnPEIBN6DLthHSisiw8jfP9yAQlas1CHliSzdwgregzSt+PIRCXNxXNoYm7/xGu -E0OK2cjcYmCX1fOp3WLyjEEjJh8/ZQys64wf8dS2gQbjuKi1M4Cu78MCgYEA3V0s -CaPTMwng76kLVMTWzFyiTnxKhbrGlvzYnW0vTJ6YSJnLEKGzH3Df4e+K9mh/sRhw -ZOaT3nH1P6iuPHcxFp3K1qaUU3yfVXlOVWJZ5LyP5hwyiaqBGRMnEapVAkb5bvAx -qhDh3pVu2Qo3Bg+A3JEQ5mQmng+/DsSpIsrtjOUCgYAYthiNXXIPXI5z6sn1XKyt -OVZIiQVRqVyA4y+fwncewr9tygcu0/2+uVh09iauSWf7t4yMw0d8X8KZO4yDCn35 -K84tM+wUHpwCBEa2XkbH/40uDD9kjiuHS4jNm/CGoTx2qW8Adgd984PYqMK5jOxp -vMOWaghMy9zbESv4qJ+/TQKBgGBLcKW841n3eScoNSqp+fqqbVyRCuYDqvHxidVp -ssK01u/2HvTcMoyB0JJ7Xsr0CGAkjngGKdsBXbtUiH77Jpp9B8i6bBmpQ7Kt81qH -Ty2GrV5fc8iZKFGdGEjB/Prhnw4YZLJjZ64o+TBnFiqHwfmxDVX7ySTHGsi02hKt -jgrVAoGBAKF0Z+KdT95HbS12J0wLJ4LAyFRMxQJ2+A17ryt6MwN5lICMBh0IosHD -fpgh5pd4ZDJ5pA0seG2pGwFLkPhCM5EuumikU713SGboxkjS8ozfUkJGiXyg2C1t -9lpsU6MKC4eTMg6WlTjBXoFc3seXP83mNKjy7Rn/qqIDHKH7WXke ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDAoEENWQ6tl6aa +RMn+yaNUKTBIIWpVoy5+uGsBdZW++fEvw4xmleGD+bwyHZFEsHPos/v7zWUNFaX2 +aWD0H+Hk4l2WTFigWO3utPoXDzDOjfQmglKG+R08p3giURrJzUKWwe/RRJBs7qXd +cD9yNXVOb2JWp4Cxk1iPj7zTS/LGsFr7F4/k2nlH3EuqvB3GBEXHa/sA55xigMyv +qVnVb4rNh+PjGL8l5SZzSnrbdoIEtKw/LVbBCAVrQsgcADNqjR7ILbqeIqg1Td11 +QvQzB7f/U5dQoQPzq3j4ow1zOiaSokZE7UcUCUNfjRv5E2lW+mmyM7nkgyE9LqUJ +/3udIh1vAgMBAAECggEAYUpPsPszM7Bt4GswDvUu/loTXcsq1vglirGAsmr+aEf7 +bqF473NyRONFD5bpgWUSFg2aDxMtn884VN3ir0rPIHjIxhnnhY2FF1TnH/B3OUxv +bWfTYQK/ppv7THHkctqucFCh3POhcrOSqOaB1SB1EFmntJbDpG0EhPYXbC1nALy/ +1NstWOBhqcr6xTU2VUnzqSDxa49pJPuSZpEj4G0VdqmrlI/8wjl0mSLdY2VqXMlQ +hSJG2aqRKiKe0kgQvUnHVEaic9YNNC2arxX/zp5c4USioxekrmCkoAKXpqbFswGS +zcFWJQer+nvCkIX9zhr+3bFn4/dkDK4GD49Atw0kKQKBgQDew/iEDKgQ2obQFVW2 +2WheTSuE3sDsBdnod3YRZgIn7Vf7QyaNqzoOec8QgE3oMu2EdKKyLDyN8/3IBCVq +zUIeWJLN3CCt6DNK348hEJc3Fc2hibv/Ea4TQ4rZyNxiYJfV86ndYvKMQSMmHz9l +DKzrjB/x1LaBBuO4qLUzgK7vwwKBgQDdXSwJo9MzCeDvqQtUxNbMXKJOfEqFusaW +/NidbS9MnphImcsQobMfcN/h74r2aH+xGHBk5pPecfU/qK48dzEWncrWppRTfJ9V +eU5VYlnkvI/mHDKJqoEZEycRqlUCRvlu8DGqEOHelW7ZCjcGD4DckRDmZCaeD78O +xKkiyu2M5QKBgBi2GI1dcg9cjnPqyfVcrK05VkiJBVGpXIDjL5/Cdx7Cv23KBy7T +/b65WHT2Jq5JZ/u3jIzDR3xfwpk7jIMKffkrzi0z7BQenAIERrZeRsf/jS4MP2SO +K4dLiM2b8IahPHapbwB2B33zg9iowrmM7Gm8w5ZqCEzL3NsRK/ion79NAoGAYEtw +pbzjWfd5Jyg1Kqn5+qptXJEK5gOq8fGJ1WmywrTW7/Ye9NwyjIHQknteyvQIYCSO +eAYp2wFdu1SIfvsmmn0HyLpsGalDsq3zWodPLYatXl9zyJkoUZ0YSMH8+uGfDhhk +smNnrij5MGcWKofB+bENVfvJJMcayLTaEq2OCtUCgYEAoXRn4p1P3kdtLXYnTAsn +gsDIVEzFAnb4DXuvK3ozA3mUgIwGHQiiwcN+mCHml3hkMnmkDSx4bakbAUuQ+EIz +kS66aKRTvXdIZujGSNLyjN9SQkaJfKDYLW32WmxTowoLh5MyDpaVOMFegVzex5c/ +zeY0qPLtGf+qogMcoftZeR4= +-----END PRIVATE KEY----- diff --git a/src/lib/asiolink/testutils/ca/kea-server-addr.crt b/src/lib/asiolink/testutils/ca/kea-server-addr.crt index f0efe824dc..23320466f2 100644 --- a/src/lib/asiolink/testutils/ca/kea-server-addr.crt +++ b/src/lib/asiolink/testutils/ca/kea-server-addr.crt @@ -1,24 +1,24 @@ -----BEGIN CERTIFICATE----- -MIIECzCCAfOgAwIBAgIBHjANBgkqhkiG9w0BAQsFADAxMQswCQYDVQQGEwJVUzER -MA8GA1UECgwISVNDIEluYy4xDzANBgNVBAMMBmtlYS1jYTAeFw0yMTAyMjEyMTE1 -MTdaFw0zMTAyMTkyMTE1MTdaMDoxCzAJBgNVBAYTAlVTMREwDwYDVQQKDAhJU0Mg -SW5jLjEYMBYGA1UEAwwPa2VhLXNlcnZlci1hZGRyMIIBIjANBgkqhkiG9w0BAQEF -AAOCAQ8AMIIBCgKCAQEAveRRgIN0S8oeBXVaIEnsG1DKuDzKKqLoLdBQNfoZrKzD -LIMNzlabxu20h82Y/OU02EdEzar98OstzglIWimKFVI0Omi0AuinUkv9640tjoO0 -g0oyCiWFpJLJ8WOF4j7vmZUWuSS3VthlB+MLWlOZ5zACyPyWPo4Z2noHaYjfiQxB -H8r5GJtQiJGapgWRbeyI+m837bjimpz6V1AGebHvf+zd1Lj+zDOczp38PqIGUbmA -vfKCj+ILMS46wYjjHTvCG5WSCG/Skker2HAJM2cNcEPmQqAOpAkmFQ2G46bXB4rB -Xh9dNZB52U9QkyPFHKrnNn400B/xBGNKoyTSYbLQEwIDAQABoyUwIzAhBgNVHREE -GjAYhwR/AAABhxAAAAAAAAAAAAAAAAAAAAABMA0GCSqGSIb3DQEBCwUAA4ICAQAz -qHfXZGJ7fBZPEvOhAHrPyNTrf66tqNavGG+xkSIZ8R58SaS2JHQO/YvmX1vZ+kHI -AM1DiqEFiT2/yeuh1OrzSN58L5n6mHxfkaCDFW3y7dmm8P34G36CqRY2YxiXH20Z -pr+rAz2rVoopWxpsIY0hzuXytBF/ZDGLNv6NsrJzK6joM+WM23ugQ9krOy79whf5 -rrvVERygbnaTP+gXOrc1KePaw5YFEdGAdbOHxR2/1j+xvyNtdO5eqZr78SX81dr3 -YE6O3NHz+aHf3zJ5f0cXABSe9ZDqCnBaBvF3vj5Hd0BGdZ5TuM+tKLEQDCivdC2K -89cthsPpCqTzednw3Q/mEuIqyJg6F6grQR1/qapMf8OlVa6LQXhTL9RVe6M6sg3u -DuAnrdrFDcmxP2dGL4oycxA2t82lnJ3vjfl329PQmZ3iEVQJDuitQGsymv0nnqos -S9YCqPpTnk6ADnv9RLqHuCyKJLgERy5RO/pMM9rjB0mqtNtSQgVW55Or2byFL1qR -IKQIQWneP7VLAXaNKUQNbyDzTCTo7QZTHivDgC03E/36vKz2wWbcl4u/oBxkEa+H -LORk7RNnXQJRXQms7rydJQk9osBWio0hsuZddkwuetUzkverWOSdofqAtN+xZUBt -lZYE+em29aBd6/wektxqJriVZxpaQxyrSMKF+jQtmA== +MIIECjCCAfKgAwIBAgIBHjANBgkqhkiG9w0BAQsFADAwMQswCQYDVQQGEwJVUzEQ +MA4GA1UECgwHSVNDIEluYzEPMA0GA1UEAwwGa2VhLWNhMB4XDTIxMDMwMjE1MDE0 +OVoXDTMxMDIyODE1MDE0OVowOjELMAkGA1UEBhMCVVMxETAPBgNVBAoMCElTQyBJ +bmMuMRgwFgYDVQQDDA9rZWEtc2VydmVyLWFkZHIwggEiMA0GCSqGSIb3DQEBAQUA +A4IBDwAwggEKAoIBAQC95FGAg3RLyh4FdVogSewbUMq4PMoqougt0FA1+hmsrMMs +gw3OVpvG7bSHzZj85TTYR0TNqv3w6y3OCUhaKYoVUjQ6aLQC6KdSS/3rjS2Og7SD +SjIKJYWkksnxY4XiPu+ZlRa5JLdW2GUH4wtaU5nnMALI/JY+jhnaegdpiN+JDEEf +yvkYm1CIkZqmBZFt7Ij6bzftuOKanPpXUAZ5se9/7N3UuP7MM5zOnfw+ogZRuYC9 +8oKP4gsxLjrBiOMdO8IblZIIb9KSR6vYcAkzZw1wQ+ZCoA6kCSYVDYbjptcHisFe +H101kHnZT1CTI8Ucquc2fjTQH/EEY0qjJNJhstATAgMBAAGjJTAjMCEGA1UdEQQa +MBiHBH8AAAGHEAAAAAAAAAAAAAAAAAAAAAEwDQYJKoZIhvcNAQELBQADggIBAAaf +GIHwgnSo4zo6cIfpzirVpSqjzOrsAqzSswigZdj7dwx959sgSJzZssDf/TA98iXM +YQEkBao6jPuo8fTlCF0XGCUGAfq/f6Yn1Nhkk0qUdxLrNsEjKPXjISZPaVZllZBR ++mRMKObn0l86vJ/0zGzPRxH2P5CKg9g3sT8zkg1fGIE/SNr8abZV5Cf3spYQ9PF9 +zQ2TdpgaEGGufKR6VAIJH4CVShMfvBF0qFbzMC7R/CTdSvEBXagWclBT7PqcVGlV +rK/NB6rt8W8hLQQE6bRunJmkLrmLKLVjFtPZPq5hm3jE8fnGxfzvThiZHTj+oFGw +KXcbuSvwgYuLKym648V+VDGiDWdpS2dIwQi2JeHTt7Y4P+8dqPfHY7oDy2+67J6o +ElTXvloGVNCedQtpp9gNrtil5avXrU9HCfD9avYlsn89kqYZ3Ht1GBYPyqeSZDCo +a+sffazhYPfqFdH0U7wpq6Gf8/JMSAuQmAR2UAwhjoQatqDqEJ3pAFsI3YcQOZqm +kj3/T0iYkU8YdJkxI2YgVCRRIzTKHkGMVc/iz+C0OJwFeJDuj+dj+EXXtyi3sjhL +oTQT2y01nW2TPrHqlG3/fQyPx1gKXrij+1uOZJpZcgKE7/YBGByRiUdOyRJ0E6h6 +oimhTLT6mC9wteMiRmj68z5tTC1P0H4nuOU7OqwL -----END CERTIFICATE----- diff --git a/src/lib/asiolink/testutils/ca/kea-server.crt b/src/lib/asiolink/testutils/ca/kea-server.crt index d5314bbe21..3476032672 100644 --- a/src/lib/asiolink/testutils/ca/kea-server.crt +++ b/src/lib/asiolink/testutils/ca/kea-server.crt @@ -1,24 +1,24 @@ -----BEGIN CERTIFICATE----- -MIID+TCCAeGgAwIBAgIBFDANBgkqhkiG9w0BAQsFADAxMQswCQYDVQQGEwJVUzER -MA8GA1UECgwISVNDIEluYy4xDzANBgNVBAMMBmtlYS1jYTAeFw0yMTAyMjEyMTEz -MzZaFw0zMTAyMTkyMTEzMzZaMDUxCzAJBgNVBAYTAlVTMREwDwYDVQQKDAhJU0Mg -SW5jLjETMBEGA1UEAwwKa2VhLXNlcnZlcjCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAL3kUYCDdEvKHgV1WiBJ7BtQyrg8yiqi6C3QUDX6GayswyyDDc5W -m8bttIfNmPzlNNhHRM2q/fDrLc4JSFopihVSNDpotALop1JL/euNLY6DtINKMgol -haSSyfFjheI+75mVFrkkt1bYZQfjC1pTmecwAsj8lj6OGdp6B2mI34kMQR/K+Rib -UIiRmqYFkW3siPpvN+244pqc+ldQBnmx73/s3dS4/swznM6d/D6iBlG5gL3ygo/i -CzEuOsGI4x07whuVkghv0pJHq9hwCTNnDXBD5kKgDqQJJhUNhuOm1weKwV4fXTWQ -edlPUJMjxRyq5zZ+NNAf8QRjSqMk0mGy0BMCAwEAAaMYMBYwFAYDVR0RBA0wC4IJ -bG9jYWxob3N0MA0GCSqGSIb3DQEBCwUAA4ICAQBXVoyYSkLjFHKwAutjN8E0SWdX -tBuEPtYwB9lZrGx+B36x4dufxl5NBeUvNLvmJrJlZC4tnrdXzWQBTNX1wKjaNcbM -nNMvcczFUo/H7mJJys3vVxQx2kCkMwjgOjA/VsFjcgGF5zK630o2+0fdLYEmoe2J -OgOz304HccOS8j888p0Sfh4y3v4ZvvZ2uwrWXjVtehGa1Yy6iBNrrczmiVRBcOrh -GSw4kw+p+BuLZ2VK98DWD5FzW1+9+a7pEJA5Zt/ru88wm+/FK5SpysIykq/2CY6G -pHyBh361es+4gRobg0ApSkldqmd3TubWyQj9zXV98qghhyT0DuQN3KIAF/RMloq2 -dQHVK6a6h7hPk876/FSGILwKw3yxaXFYmkoUpv2bnEBtMvNYgrkoxp6zpxFforKa -VVz6NhpkKg1iG4wEc7rot60IlRUfqPFX68sQfkcOXezuj6Qdkl41sfBSQIyUcPkH -OOQ9Mi1Rn/pPMm/kHXwJthcuVcLP006eS5zFaU5ejicx+nT2L0YS/eyNygq6jubJ -4Xm2QcX2be3LNyWwiGWPw1CqOCxpGFIgY1Z9cyORGL12KyZ5sPxFdwUWI2RTXLOn -mjDYzyR8cByql0QZSO7neH/QSrQyfVeDxawbWJCK9VimAKqxUXWuAqjqtfF42XGM -xbwIHFtwsd+04XA8xQ== +MIID+DCCAeCgAwIBAgIBFDANBgkqhkiG9w0BAQsFADAwMQswCQYDVQQGEwJVUzEQ +MA4GA1UECgwHSVNDIEluYzEPMA0GA1UEAwwGa2VhLWNhMB4XDTIxMDMwMjE1MDEy +N1oXDTMxMDIyODE1MDEyN1owNTELMAkGA1UEBhMCVVMxETAPBgNVBAoMCElTQyBJ +bmMuMRMwEQYDVQQDDAprZWEtc2VydmVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEAveRRgIN0S8oeBXVaIEnsG1DKuDzKKqLoLdBQNfoZrKzDLIMNzlab +xu20h82Y/OU02EdEzar98OstzglIWimKFVI0Omi0AuinUkv9640tjoO0g0oyCiWF +pJLJ8WOF4j7vmZUWuSS3VthlB+MLWlOZ5zACyPyWPo4Z2noHaYjfiQxBH8r5GJtQ +iJGapgWRbeyI+m837bjimpz6V1AGebHvf+zd1Lj+zDOczp38PqIGUbmAvfKCj+IL +MS46wYjjHTvCG5WSCG/Skker2HAJM2cNcEPmQqAOpAkmFQ2G46bXB4rBXh9dNZB5 +2U9QkyPFHKrnNn400B/xBGNKoyTSYbLQEwIDAQABoxgwFjAUBgNVHREEDTALggls +b2NhbGhvc3QwDQYJKoZIhvcNAQELBQADggIBAKYtC4/KKZnTktvWankLnlVact5K +L0bJT4qCDg/0gj0pj3rofqyOEoGIjZssQtAG/wmJNF6gNisX/1F23BdEdPAsOJQv +KuRwr4zL3uj2Mkz585Or/iz633LnD8Ibv8KQsKLnJ/UnJikeH5UgxqcU9kA7ymAE +pzilP23p3bINvyBMwWZUzT3CsYB7PrcRzx3ScZhbhYaN0f8lq83nspXr8U3FyH5U +NkrgpuqIE9dFPiaY4CsjNIISpYANcVeWwyPKMk/uty3KbzbmDr7ssm1u1MyJjeVP +jE/Dhq+WTbDGMfqR3gyXBWq7b1ROA7tk9kAMQg91PLAELSB6lRmzfxzrH/wYk6E/ +0gHgpznpDcA68uW/54eX8phJQQp7Ak7csElXjqXDJ1AWA8VVjRXHerOkq0cUWply +YsJQCkx3jKdLDFfjtKZWVOjc9rGCnph4BfUej/Lt7z7tTr/Yh+oAR+UyowRzdZM/ +RSsui8vVbvKU+bRlyB5qmNR8cSI5oEA+kAs5DXK2bh5v1SGSxVjwKuwwLeu8eCr3 +HUYQMxKi7Y15+BqjbrOZCEfHE4WORkKze1dh9U/UU9h+LVd+TB7jprZc3ZOvuqYP +Bb+ponHJJaRvHUKD/jL8kHQ7KX79wXNVkrevGcPe8qE1X/xu4ChK5PuDzq2HQPLs +USYWw/aARNwslhV6 -----END CERTIFICATE----- diff --git a/src/lib/asiolink/testutils/ca/kea-server.key b/src/lib/asiolink/testutils/ca/kea-server.key index 9f0a30e129..7709e16367 100644 --- a/src/lib/asiolink/testutils/ca/kea-server.key +++ b/src/lib/asiolink/testutils/ca/kea-server.key @@ -1,27 +1,28 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEogIBAAKCAQEAveRRgIN0S8oeBXVaIEnsG1DKuDzKKqLoLdBQNfoZrKzDLIMN -zlabxu20h82Y/OU02EdEzar98OstzglIWimKFVI0Omi0AuinUkv9640tjoO0g0oy -CiWFpJLJ8WOF4j7vmZUWuSS3VthlB+MLWlOZ5zACyPyWPo4Z2noHaYjfiQxBH8r5 -GJtQiJGapgWRbeyI+m837bjimpz6V1AGebHvf+zd1Lj+zDOczp38PqIGUbmAvfKC -j+ILMS46wYjjHTvCG5WSCG/Skker2HAJM2cNcEPmQqAOpAkmFQ2G46bXB4rBXh9d -NZB52U9QkyPFHKrnNn400B/xBGNKoyTSYbLQEwIDAQABAoIBAHYZ4nbDSzk346QR -cJRUZXw3q10ascICv9R+kuR/QCic6mZsu9FxHEGE5ZrwzA29oDhDWw9vIbENE9fo -/g7VdwP7tG//XrXQbQBKMwqlK4hPcZ2WL7kPzSamBOMUutgTvIEQsKlFpKFmxK87 -DnyHMlkPCyxlrCwLxRiUfLeuYRiiau/3mAHUneJiYTL+pqQVkeznSkWq1cYp9A7n -Gy4+3lxzyj3ru///S28V4UShh53PgPD5ghWKPqLJYbS6Zc1T8c0mtg/cbwZBUyuX -W8AkT/ifYuJEBn3oQWluI2acwV7Yy+onRgFOsfZwUiX1oQ7keNh7D5+5XJ6CpZxK -xtIpw0ECgYEA8wW6O07AQfA0dNNyMbHijfVabpeG1FKfqZeIhAnbYLwU1DJiipHl -fyNDo7wM0AM27puohMAjo16ZfacUseruIiUSvv8bcWQE9g3XN7RGqpfJHHPlRI2V -WT0iHEkjkMOkq4viufWcxGz/nw4BZERBnYmAOANmbwXX7ZnVbCnrjEUCgYEAyAhD -PPNUTQGTcME98lVPohHvtekuaqA415otCtHA330I4mG8I3XGYbYymXYnmbIzy0KH -+ZjMZdTXiWmqPYIh0P7ZOeXKXNe8ZTedCwfX+1wGpjk01KCIzpdoS8X5WeN23/1t -hoF+HTKdhRBQte68WFD36Dtb0r1Hwe+IKC8h7HcCgYB0i0mdSY3v0UcGw6Re6qTw -WTqOEMLLLfh9tzrzv1pikLAYdzVEqOT7TKkSa4tlcjU0xpdRWmd84FARrz/Adx7O -ZyMPT34UqderPEX648yD4RjEOVw4vQFjc2rZT8XrlbdxwTrw3TXaCT+pQmkucYFa -EGfZ9N953L6Jpp1wKsZYVQKBgEwaiKpZ0YryvIu7mbvnJUL+G/tT2isLBlVQ/S4O -m5jr00N997xuBKoMTbgBMhPRrs74Yw9dSPa9QbuwDesU5ZTEQRU8Df/AvJatz/vw -YgXp/0Wioiz7XtFq3W1mxvWiCwoxO0hfYAHvzepgSLTPPa1EMO2UF91X0kNAxMa1 -F+0FAoGAAIcCoN3PazFWSsNMO4EfZf4VUgnTg9Dh3mMH8M3hEGybISSVKz5NILBC -OKRKNLPLuj4TwTcurelNjMOUvkd/+yQgu1B9ImNuHdSvJjS9TzWCgZ26Q16woMzv -yKeky514sst/1LtWuwiitmGS0rpKf3vIlkqcUE9WcLd3Hy/PxKg= ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC95FGAg3RLyh4F +dVogSewbUMq4PMoqougt0FA1+hmsrMMsgw3OVpvG7bSHzZj85TTYR0TNqv3w6y3O +CUhaKYoVUjQ6aLQC6KdSS/3rjS2Og7SDSjIKJYWkksnxY4XiPu+ZlRa5JLdW2GUH +4wtaU5nnMALI/JY+jhnaegdpiN+JDEEfyvkYm1CIkZqmBZFt7Ij6bzftuOKanPpX +UAZ5se9/7N3UuP7MM5zOnfw+ogZRuYC98oKP4gsxLjrBiOMdO8IblZIIb9KSR6vY +cAkzZw1wQ+ZCoA6kCSYVDYbjptcHisFeH101kHnZT1CTI8Ucquc2fjTQH/EEY0qj +JNJhstATAgMBAAECggEAdhnidsNLOTfjpBFwlFRlfDerXRqxwgK/1H6S5H9AKJzq +Zmy70XEcQYTlmvDMDb2gOENbD28hsQ0T1+j+DtV3A/u0b/9etdBtAEozCqUriE9x +nZYvuQ/NJqYE4xS62BO8gRCwqUWkoWbErzsOfIcyWQ8LLGWsLAvFGJR8t65hGKJq +7/eYAdSd4mJhMv6mpBWR7OdKRarVxin0DucbLj7eXHPKPeu7//9LbxXhRKGHnc+A +8PmCFYo+oslhtLplzVPxzSa2D9xvBkFTK5dbwCRP+J9i4kQGfehBaW4jZpzBXtjL +6idGAU6x9nBSJfWhDuR42HsPn7lcnoKlnErG0inDQQKBgQDzBbo7TsBB8DR003Ix +seKN9Vpul4bUUp+pl4iECdtgvBTUMmKKkeV/I0OjvAzQAzbum6iEwCOjXpl9pxSx +6u4iJRK+/xtxZAT2Ddc3tEaql8kcc+VEjZVZPSIcSSOQw6Sri+K59ZzEbP+fDgFk +REGdiYA4A2ZvBdftmdVsKeuMRQKBgQDICEM881RNAZNwwT3yVU+iEe+16S5qoDjX +mi0K0cDffQjiYbwjdcZhtjKZdieZsjPLQof5mMxl1NeJaao9giHQ/tk55cpc17xl +N50LB9f7XAamOTTUoIjOl2hLxflZ43bf/W2GgX4dMp2FEFC17rxYUPfoO1vSvUfB +74goLyHsdwKBgHSLSZ1Jje/RRwbDpF7qpPBZOo4Qwsst+H23OvO/WmKQsBh3NUSo +5PtMqRJri2VyNTTGl1FaZ3zgUBGvP8B3Hs5nIw9PfhSp16s8RfrjzIPhGMQ5XDi9 +AWNzatlPxeuVt3HBOvDdNdoJP6lCaS5xgVoQZ9n033ncvommnXAqxlhVAoGATBqI +qlnRivK8i7uZu+clQv4b+1PaKwsGVVD9Lg6bmOvTQ333vG4EqgxNuAEyE9Guzvhj +D11I9r1Bu7AN6xTllMRBFTwN/8C8lq3P+/BiBen/RaKiLPte0WrdbWbG9aILCjE7 +SF9gAe/N6mBItM89rUQw7ZQX3VfSQ0DExrUX7QUCgYAAhwKg3c9rMVZKw0w7gR9l +/hVSCdOD0OHeYwfwzeEQbJshJJUrPk0gsEI4pEo0s8u6PhPBNy6t6U2Mw5S+R3/7 +JCC7UH0iY24d1K8mNL1PNYKBnbpDXrCgzO/Ip6TLnXiyy3/Uu1a7CKK2YZLSukp/ +e8iWSpxQT1Zwt3cfL8/EqA== +-----END PRIVATE KEY----- diff --git a/src/lib/asiolink/testutils/openssl_sample_client.cpp b/src/lib/asiolink/testutils/openssl_sample_client.cc similarity index 99% rename from src/lib/asiolink/testutils/openssl_sample_client.cpp rename to src/lib/asiolink/testutils/openssl_sample_client.cc index e989ee2def..d882703d06 100644 --- a/src/lib/asiolink/testutils/openssl_sample_client.cpp +++ b/src/lib/asiolink/testutils/openssl_sample_client.cc @@ -8,6 +8,8 @@ // file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) // +#include + #include #include #include diff --git a/src/lib/asiolink/testutils/openssl_sample_server.cpp b/src/lib/asiolink/testutils/openssl_sample_server.cc similarity index 99% rename from src/lib/asiolink/testutils/openssl_sample_server.cpp rename to src/lib/asiolink/testutils/openssl_sample_server.cc index fa907f949c..5641b01087 100644 --- a/src/lib/asiolink/testutils/openssl_sample_server.cpp +++ b/src/lib/asiolink/testutils/openssl_sample_server.cc @@ -11,6 +11,8 @@ // Use the cpp03 version because the cpp11 version does not compile with // some g++ e.g. on Fedora 33. +#include + #include #include #include diff --git a/src/lib/asiolink/tls_socket.h b/src/lib/asiolink/tls_socket.h index 0468788bc2..c11c66e536 100644 --- a/src/lib/asiolink/tls_socket.h +++ b/src/lib/asiolink/tls_socket.h @@ -204,6 +204,9 @@ public: virtual void close(); /// @brief TLS shutdown. + /// + /// The callback is called on completion i.e. when the peer performs + /// a shutdown or a close. virtual void shutdown(C& callback); /// @brief Returns reference to the underlying ASIO socket. @@ -234,7 +237,7 @@ private: /// @brief Underlying TCP socket. typename TlsStream::lowest_layer_type& socket_; - /// TODO: Remove temporary buffer + /// @todo Remove temporary buffer /// The current implementation copies the buffer passed to asyncSend() into /// a temporary buffer and precedes it with a two-byte count field. As /// ASIO should really be just about sending and receiving data, the TCP @@ -280,8 +283,8 @@ TLSSocket::open(const IOEndpoint* endpoint, C& callback) { } // Ignore opens on already-open socket. Don't throw a failure because - // of uncertainties as to what precedes whan when using asynchronous I/O. - // At also allows us a treat a passed-in socket as a self-managed socket. + // of uncertainties as to what precedes when using asynchronous I/O. + // Also allows us a treat a passed-in socket as a self-managed socket. if (!socket_.is_open()) { if (endpoint->getFamily() == AF_INET) { socket_.open(boost::asio::ip::tcp::v4()); @@ -358,7 +361,7 @@ TLSSocket::asyncSend(const void* data, size_t length, // Need to copy the data into a temporary buffer and precede it with // a two-byte count field. - // TODO: arrange for the buffer passed to be preceded by the count + // @todo arrange for the buffer passed to be preceded by the count try { // Ensure it fits into 16 bits uint16_t count = boost::numeric_cast(length); diff --git a/src/lib/asiolink/udp_socket.h b/src/lib/asiolink/udp_socket.h index 758179bfe0..66815ed018 100644 --- a/src/lib/asiolink/udp_socket.h +++ b/src/lib/asiolink/udp_socket.h @@ -191,7 +191,7 @@ template void UDPSocket::open(const IOEndpoint* endpoint, C&) { // Ignore opens on already-open socket. (Don't throw a failure because - // of uncertainties as to what precedes whan when using asynchronous I/O.) + // of uncertainties as to what precedes when using asynchronous I/O.) // It also allows us a treat a passed-in socket in exactly the same way as // a self-managed socket (in that we can call the open() and close() methods // of this class).