From 2a6b0c7e2d1cbbe77f72f2ab9c28629386756249 Mon Sep 17 00:00:00 2001 From: kares Date: Fri, 24 May 2024 14:21:05 +0200 Subject: [PATCH 01/11] [release] update to 0.14.6.dev SNAPSHOT --- lib/jopenssl/version.rb | 2 +- pom.xml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/jopenssl/version.rb b/lib/jopenssl/version.rb index d9954f31..b4fb119a 100644 --- a/lib/jopenssl/version.rb +++ b/lib/jopenssl/version.rb @@ -1,5 +1,5 @@ module JOpenSSL - VERSION = '0.14.5' + VERSION = '0.14.6.dev' BOUNCY_CASTLE_VERSION = '1.74' end diff --git a/pom.xml b/pom.xml index 854964b9..a1bc0f91 100644 --- a/pom.xml +++ b/pom.xml @@ -11,7 +11,7 @@ DO NOT MODIFY - GENERATED CODE 4.0.0 rubygems jruby-openssl - 0.14.5 + 0.14.6.dev-SNAPSHOT gem JRuby OpenSSL JRuby-OpenSSL is an add-on gem for JRuby that emulates the Ruby OpenSSL native library. From f9e7c184f805d7508cdf9fac2f8c2c1614049682 Mon Sep 17 00:00:00 2001 From: kares Date: Sat, 20 Apr 2024 13:40:39 +0200 Subject: [PATCH 02/11] [test] regenerate OpenSSL CA based setup --- src/test/ruby/x509/SETUP.txt | 7 +- src/test/ruby/x509/ca.crt | 90 +++++++++++--- src/test/ruby/x509/demoCA/cacert.pem | 108 ++++++++--------- src/test/ruby/x509/demoCA/careq.pem | 24 ++-- src/test/ruby/x509/demoCA/index.txt | 4 +- src/test/ruby/x509/demoCA/index.txt.old | 2 +- ...E8F464B762C7B6945A158128839DB93F9D4E4B.pem | 80 ------------- ...E8F464B762C7B6945A158128839DB93F9D4E4C.pem | 79 ------------ ...E0E82756779BDA39DFF3AEE16916DE984FFD24.pem | 80 +++++++++++++ ...E0E82756779BDA39DFF3AEE16916DE984FFD25.pem | 79 ++++++++++++ src/test/ruby/x509/demoCA/private/cakey.pem | 56 ++++----- src/test/ruby/x509/demoCA/serial | 2 +- src/test/ruby/x509/demoCA/serial.old | 2 +- src/test/ruby/x509/javastore.ts | Bin 978 -> 978 bytes src/test/ruby/x509/newcert.pem | 112 +++++++++--------- src/test/ruby/x509/newkey.pem | 56 ++++----- src/test/ruby/x509/newreq.pem | 30 ++--- src/test/ruby/x509/test_x509cert.rb | 2 +- 18 files changed, 435 insertions(+), 378 deletions(-) delete mode 100644 src/test/ruby/x509/demoCA/newcerts/1EE8F464B762C7B6945A158128839DB93F9D4E4B.pem delete mode 100644 src/test/ruby/x509/demoCA/newcerts/1EE8F464B762C7B6945A158128839DB93F9D4E4C.pem create mode 100644 src/test/ruby/x509/demoCA/newcerts/7FE0E82756779BDA39DFF3AEE16916DE984FFD24.pem create mode 100644 src/test/ruby/x509/demoCA/newcerts/7FE0E82756779BDA39DFF3AEE16916DE984FFD25.pem diff --git a/src/test/ruby/x509/SETUP.txt b/src/test/ruby/x509/SETUP.txt index 78f0fe25..5f7b2c7b 100644 --- a/src/test/ruby/x509/SETUP.txt +++ b/src/test/ruby/x509/SETUP.txt @@ -5,17 +5,16 @@ $ /usr/lib/ssl/misc/CA.sh -newreq $ /usr/lib/ssl/misc/CA.sh -sign Signed certificate is in newcert.pem -$ keytool -importcert --file demoCA/cacert.pem -alias demoCA -keystore javastore.ts -storetype jks +$ keytool -importcert --file demoCA/cacert.pem -alias demoCA -keystore javastore.ts -storetype jks -storepass keystore Trust this certificate? [no]: y Certificate was added to keystore $ keytool -list -keystore javastore.ts -Enter keystore password: ... - +Enter keystore password: Keystore type: JKS Keystore provider: SUN Your keystore contains 1 entry -democa, Apr 13, 2023, trustedCertEntry, +democa, Apr 20, 2024, trustedCertEntry, Certificate fingerprint (SHA-256): ... diff --git a/src/test/ruby/x509/ca.crt b/src/test/ruby/x509/ca.crt index 8d65e2af..e83dd63a 100644 --- a/src/test/ruby/x509/ca.crt +++ b/src/test/ruby/x509/ca.crt @@ -1,22 +1,80 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 7f:e0:e8:27:56:77:9b:da:39:df:f3:ae:e1:69:16:de:98:4f:fd:24 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd, CN=demo.ca + Validity + Not Before: Apr 20 11:09:21 2024 GMT + Not After : Apr 20 11:09:21 2027 GMT + Subject: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd, CN=demo.ca + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:a0:8b:ba:ec:b2:e2:fc:47:b9:a8:dd:59:a9:47: + 49:37:0a:b0:61:c5:ee:ee:73:bc:f6:ad:9a:cc:f2: + e3:d9:82:86:a7:a9:ef:5b:9d:2e:b9:42:18:c6:46: + 01:b9:3d:15:0c:89:7b:c2:7a:bc:17:de:54:43:4a: + 89:55:53:a1:cf:7c:5b:7a:d2:c7:45:fe:da:da:d3: + a6:c5:24:55:d7:69:8b:85:db:d1:bf:47:43:45:bb: + b4:74:48:50:91:99:81:84:b5:d6:35:d4:66:c6:d0: + 69:b4:7b:8e:f8:47:f4:f7:47:a8:a5:01:87:40:d4: + 41:57:4e:93:13:0a:41:22:14:2d:e3:dc:ac:00:70: + 2d:d1:cf:08:28:d9:7b:64:d3:dd:48:ad:ce:75:57: + 90:3f:9d:c3:d3:8c:d3:80:44:96:4e:71:71:7c:db: + f7:d1:1f:3a:09:2d:13:4c:de:c7:19:5c:c1:b6:cb: + ca:91:f8:d6:7e:22:32:aa:d4:51:5d:69:6a:df:34: + 81:99:8c:fd:0e:22:30:17:89:20:15:ff:b5:00:a9: + 49:aa:f3:d5:65:e5:c8:9d:bf:c7:8f:fa:7f:56:77: + e0:5d:b4:86:a6:d7:70:d6:f6:76:8b:fe:88:84:2b: + 2b:28:81:27:59:45:08:3b:39:52:d0:df:00:9d:b8: + 54:c7 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 8F:B4:94:C8:7F:CB:EF:00:89:B2:F6:C1:BE:44:4B:1C:12:54:3B:28 + X509v3 Authority Key Identifier: + 8F:B4:94:C8:7F:CB:EF:00:89:B2:F6:C1:BE:44:4B:1C:12:54:3B:28 + X509v3 Basic Constraints: critical + CA:TRUE + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 28:9d:22:51:f2:3a:0b:48:0c:8c:fa:8b:be:a4:3b:5d:dc:33: + d9:07:f0:f8:1a:cb:99:15:59:a1:87:0c:5c:8e:de:a8:96:57: + 8c:50:c2:ba:ef:fd:c4:03:0b:d8:6d:9e:3a:02:9c:99:43:2e: + b5:bf:9b:d6:81:1a:40:b1:61:50:0b:3f:da:84:85:e2:55:c7: + a6:88:d9:ed:b8:df:b6:33:03:3c:47:e3:f8:ac:df:cc:ab:2a: + 7a:a0:bf:73:6c:25:97:a4:7d:60:1d:24:6c:31:d8:b6:98:f1: + 8a:2e:3c:f0:7e:d1:fa:65:0a:6a:64:e3:bd:3f:ad:bb:8e:9d: + 02:b8:46:90:70:ed:40:3a:3c:9b:8b:97:cf:c2:f3:31:e4:f4: + 4c:7d:7a:f8:7e:ee:3e:47:cf:de:d8:8d:ce:3c:d0:96:36:5f: + 8e:eb:23:de:de:95:cc:73:5b:e3:1e:0e:30:55:86:32:03:74: + 35:74:bd:96:91:78:c8:75:27:0b:3e:8e:2b:0b:69:a9:27:d2: + 1b:cf:8a:74:d9:ce:90:e2:b6:fa:bb:d9:9b:18:f5:42:49:c9: + 86:91:14:fe:e2:df:3a:63:f2:c8:31:57:7c:17:bb:d8:73:b5: + e5:4f:2a:b7:97:f2:c0:ef:12:db:15:16:d2:c2:8e:e9:0f:c7: + 63:3f:9d:52 -----BEGIN CERTIFICATE----- -MIIDjzCCAnegAwIBAgIUHuj0ZLdix7aUWhWBKIOduT+dTkswDQYJKoZIhvcNAQEL +MIIDjzCCAnegAwIBAgIUf+DoJ1Z3m9o53/Ou4WkW3phP/SQwDQYJKoZIhvcNAQEL BQAwVzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEQMA4GA1UEAwwHZGVtby5jYTAeFw0y -MzA0MTMxMjMyMzZaFw0yNjA0MTIxMjMyMzZaMFcxCzAJBgNVBAYTAkFVMRMwEQYD +NDA0MjAxMTA5MjFaFw0yNzA0MjAxMTA5MjFaMFcxCzAJBgNVBAYTAkFVMRMwEQYD VQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBM dGQxEDAOBgNVBAMMB2RlbW8uY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK -AoIBAQCtdMb3vQDPt2hWm+pJ2VDq0hwRIxfeKwsHHk6fVe0Wa7HG/QxlsUWe9wvV -C7HTw8PzQzTEtrtplgrC+KmSSOdvnL1Pgzswo8dD3PNHEfmaFsGFoegUDZUXxOMD -jJGS8Xw1oBAblEstm2wwxa0FhWZ965Et7PA9QqpkAumQ9tT20Cwo418YgV7TZ+8q -d8+zL7+ov6yajC4PJnWBsqq9eN5tvUtQS2vvH6qr+M5zBxW2yPWKoq9Hqv0DZJWQ -orI5hgeuzU8tlVAP71mezJ5lYln8qVkyLawBtFIvwh6BySO5fW26A2dIJeNGOGm1 -8uR0oqa8gZaMY8f8Y1/4KWsnc5/lAgMBAAGjUzBRMB0GA1UdDgQWBBSNfMMThDCW -5AagK3t6aw/OxQPT5TAfBgNVHSMEGDAWgBSNfMMThDCW5AagK3t6aw/OxQPT5TAP -BgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAx7T66sA8qnMuUQKmG -EOVjSXIJJI4D0BVzcnPmxiYbSn9fL2rsuXQz79y4hnSveDxVeI4JpFnEUaHuW1JI -2zIVxyTCbrWbCuQYdFDnJm1ODUyOtbywirb5P+W2nMqIGqhCqjbwt+jveZPbMxiq -XqM79zox57X8v/qxZylV8BFovB2SD2bLmncnrnOmGlqCx85LEkv+4XME1Y5nqbeA -zVYk7ihVtmohGoTSMSiLYugeDvsf8wpLCDgj78AR8n2tiFpjJHhFonieEeSXEMuR -mxnx0q1w69WdT9EWSfacIY5lPtMRq6Z2NRQUATIbgQqYL0bG1rP5Q7jPwFhYZ8fD -6kLd +AoIBAQCgi7rssuL8R7mo3VmpR0k3CrBhxe7uc7z2rZrM8uPZgoanqe9bnS65QhjG +RgG5PRUMiXvCerwX3lRDSolVU6HPfFt60sdF/tra06bFJFXXaYuF29G/R0NFu7R0 +SFCRmYGEtdY11GbG0Gm0e474R/T3R6ilAYdA1EFXTpMTCkEiFC3j3KwAcC3Rzwgo +2Xtk091Irc51V5A/ncPTjNOARJZOcXF82/fRHzoJLRNM3scZXMG2y8qR+NZ+IjKq +1FFdaWrfNIGZjP0OIjAXiSAV/7UAqUmq89Vl5cidv8eP+n9Wd+BdtIam13DW9naL +/oiEKysogSdZRQg7OVLQ3wCduFTHAgMBAAGjUzBRMB0GA1UdDgQWBBSPtJTIf8vv +AImy9sG+REscElQ7KDAfBgNVHSMEGDAWgBSPtJTIf8vvAImy9sG+REscElQ7KDAP +BgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAonSJR8joLSAyM+ou+ +pDtd3DPZB/D4GsuZFVmhhwxcjt6olleMUMK67/3EAwvYbZ46ApyZQy61v5vWgRpA +sWFQCz/ahIXiVcemiNntuN+2MwM8R+P4rN/Mqyp6oL9zbCWXpH1gHSRsMdi2mPGK +LjzwftH6ZQpqZOO9P627jp0CuEaQcO1AOjybi5fPwvMx5PRMfXr4fu4+R8/e2I3O +PNCWNl+O6yPe3pXMc1vjHg4wVYYyA3Q1dL2WkXjIdScLPo4rC2mpJ9Ibz4p02c6Q +4rb6u9mbGPVCScmGkRT+4t86Y/LIMVd8F7vYc7XlTyq3l/LA7xLbFRbSwo7pD8dj +P51S -----END CERTIFICATE----- diff --git a/src/test/ruby/x509/demoCA/cacert.pem b/src/test/ruby/x509/demoCA/cacert.pem index c1b24b44..e83dd63a 100644 --- a/src/test/ruby/x509/demoCA/cacert.pem +++ b/src/test/ruby/x509/demoCA/cacert.pem @@ -2,79 +2,79 @@ Certificate: Data: Version: 3 (0x2) Serial Number: - 1e:e8:f4:64:b7:62:c7:b6:94:5a:15:81:28:83:9d:b9:3f:9d:4e:4b + 7f:e0:e8:27:56:77:9b:da:39:df:f3:ae:e1:69:16:de:98:4f:fd:24 Signature Algorithm: sha256WithRSAEncryption Issuer: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd, CN=demo.ca Validity - Not Before: Apr 13 12:32:36 2023 GMT - Not After : Apr 12 12:32:36 2026 GMT + Not Before: Apr 20 11:09:21 2024 GMT + Not After : Apr 20 11:09:21 2027 GMT Subject: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd, CN=demo.ca Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: - 00:ad:74:c6:f7:bd:00:cf:b7:68:56:9b:ea:49:d9: - 50:ea:d2:1c:11:23:17:de:2b:0b:07:1e:4e:9f:55: - ed:16:6b:b1:c6:fd:0c:65:b1:45:9e:f7:0b:d5:0b: - b1:d3:c3:c3:f3:43:34:c4:b6:bb:69:96:0a:c2:f8: - a9:92:48:e7:6f:9c:bd:4f:83:3b:30:a3:c7:43:dc: - f3:47:11:f9:9a:16:c1:85:a1:e8:14:0d:95:17:c4: - e3:03:8c:91:92:f1:7c:35:a0:10:1b:94:4b:2d:9b: - 6c:30:c5:ad:05:85:66:7d:eb:91:2d:ec:f0:3d:42: - aa:64:02:e9:90:f6:d4:f6:d0:2c:28:e3:5f:18:81: - 5e:d3:67:ef:2a:77:cf:b3:2f:bf:a8:bf:ac:9a:8c: - 2e:0f:26:75:81:b2:aa:bd:78:de:6d:bd:4b:50:4b: - 6b:ef:1f:aa:ab:f8:ce:73:07:15:b6:c8:f5:8a:a2: - af:47:aa:fd:03:64:95:90:a2:b2:39:86:07:ae:cd: - 4f:2d:95:50:0f:ef:59:9e:cc:9e:65:62:59:fc:a9: - 59:32:2d:ac:01:b4:52:2f:c2:1e:81:c9:23:b9:7d: - 6d:ba:03:67:48:25:e3:46:38:69:b5:f2:e4:74:a2: - a6:bc:81:96:8c:63:c7:fc:63:5f:f8:29:6b:27:73: - 9f:e5 + 00:a0:8b:ba:ec:b2:e2:fc:47:b9:a8:dd:59:a9:47: + 49:37:0a:b0:61:c5:ee:ee:73:bc:f6:ad:9a:cc:f2: + e3:d9:82:86:a7:a9:ef:5b:9d:2e:b9:42:18:c6:46: + 01:b9:3d:15:0c:89:7b:c2:7a:bc:17:de:54:43:4a: + 89:55:53:a1:cf:7c:5b:7a:d2:c7:45:fe:da:da:d3: + a6:c5:24:55:d7:69:8b:85:db:d1:bf:47:43:45:bb: + b4:74:48:50:91:99:81:84:b5:d6:35:d4:66:c6:d0: + 69:b4:7b:8e:f8:47:f4:f7:47:a8:a5:01:87:40:d4: + 41:57:4e:93:13:0a:41:22:14:2d:e3:dc:ac:00:70: + 2d:d1:cf:08:28:d9:7b:64:d3:dd:48:ad:ce:75:57: + 90:3f:9d:c3:d3:8c:d3:80:44:96:4e:71:71:7c:db: + f7:d1:1f:3a:09:2d:13:4c:de:c7:19:5c:c1:b6:cb: + ca:91:f8:d6:7e:22:32:aa:d4:51:5d:69:6a:df:34: + 81:99:8c:fd:0e:22:30:17:89:20:15:ff:b5:00:a9: + 49:aa:f3:d5:65:e5:c8:9d:bf:c7:8f:fa:7f:56:77: + e0:5d:b4:86:a6:d7:70:d6:f6:76:8b:fe:88:84:2b: + 2b:28:81:27:59:45:08:3b:39:52:d0:df:00:9d:b8: + 54:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: - 8D:7C:C3:13:84:30:96:E4:06:A0:2B:7B:7A:6B:0F:CE:C5:03:D3:E5 + 8F:B4:94:C8:7F:CB:EF:00:89:B2:F6:C1:BE:44:4B:1C:12:54:3B:28 X509v3 Authority Key Identifier: - 8D:7C:C3:13:84:30:96:E4:06:A0:2B:7B:7A:6B:0F:CE:C5:03:D3:E5 + 8F:B4:94:C8:7F:CB:EF:00:89:B2:F6:C1:BE:44:4B:1C:12:54:3B:28 X509v3 Basic Constraints: critical CA:TRUE Signature Algorithm: sha256WithRSAEncryption Signature Value: - 31:ed:3e:ba:b0:0f:2a:9c:cb:94:40:a9:86:10:e5:63:49:72: - 09:24:8e:03:d0:15:73:72:73:e6:c6:26:1b:4a:7f:5f:2f:6a: - ec:b9:74:33:ef:dc:b8:86:74:af:78:3c:55:78:8e:09:a4:59: - c4:51:a1:ee:5b:52:48:db:32:15:c7:24:c2:6e:b5:9b:0a:e4: - 18:74:50:e7:26:6d:4e:0d:4c:8e:b5:bc:b0:8a:b6:f9:3f:e5: - b6:9c:ca:88:1a:a8:42:aa:36:f0:b7:e8:ef:79:93:db:33:18: - aa:5e:a3:3b:f7:3a:31:e7:b5:fc:bf:fa:b1:67:29:55:f0:11: - 68:bc:1d:92:0f:66:cb:9a:77:27:ae:73:a6:1a:5a:82:c7:ce: - 4b:12:4b:fe:e1:73:04:d5:8e:67:a9:b7:80:cd:56:24:ee:28: - 55:b6:6a:21:1a:84:d2:31:28:8b:62:e8:1e:0e:fb:1f:f3:0a: - 4b:08:38:23:ef:c0:11:f2:7d:ad:88:5a:63:24:78:45:a2:78: - 9e:11:e4:97:10:cb:91:9b:19:f1:d2:ad:70:eb:d5:9d:4f:d1: - 16:49:f6:9c:21:8e:65:3e:d3:11:ab:a6:76:35:14:14:01:32: - 1b:81:0a:98:2f:46:c6:d6:b3:f9:43:b8:cf:c0:58:58:67:c7: - c3:ea:42:dd + 28:9d:22:51:f2:3a:0b:48:0c:8c:fa:8b:be:a4:3b:5d:dc:33: + d9:07:f0:f8:1a:cb:99:15:59:a1:87:0c:5c:8e:de:a8:96:57: + 8c:50:c2:ba:ef:fd:c4:03:0b:d8:6d:9e:3a:02:9c:99:43:2e: + b5:bf:9b:d6:81:1a:40:b1:61:50:0b:3f:da:84:85:e2:55:c7: + a6:88:d9:ed:b8:df:b6:33:03:3c:47:e3:f8:ac:df:cc:ab:2a: + 7a:a0:bf:73:6c:25:97:a4:7d:60:1d:24:6c:31:d8:b6:98:f1: + 8a:2e:3c:f0:7e:d1:fa:65:0a:6a:64:e3:bd:3f:ad:bb:8e:9d: + 02:b8:46:90:70:ed:40:3a:3c:9b:8b:97:cf:c2:f3:31:e4:f4: + 4c:7d:7a:f8:7e:ee:3e:47:cf:de:d8:8d:ce:3c:d0:96:36:5f: + 8e:eb:23:de:de:95:cc:73:5b:e3:1e:0e:30:55:86:32:03:74: + 35:74:bd:96:91:78:c8:75:27:0b:3e:8e:2b:0b:69:a9:27:d2: + 1b:cf:8a:74:d9:ce:90:e2:b6:fa:bb:d9:9b:18:f5:42:49:c9: + 86:91:14:fe:e2:df:3a:63:f2:c8:31:57:7c:17:bb:d8:73:b5: + e5:4f:2a:b7:97:f2:c0:ef:12:db:15:16:d2:c2:8e:e9:0f:c7: + 63:3f:9d:52 -----BEGIN CERTIFICATE----- -MIIDjzCCAnegAwIBAgIUHuj0ZLdix7aUWhWBKIOduT+dTkswDQYJKoZIhvcNAQEL +MIIDjzCCAnegAwIBAgIUf+DoJ1Z3m9o53/Ou4WkW3phP/SQwDQYJKoZIhvcNAQEL BQAwVzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEQMA4GA1UEAwwHZGVtby5jYTAeFw0y -MzA0MTMxMjMyMzZaFw0yNjA0MTIxMjMyMzZaMFcxCzAJBgNVBAYTAkFVMRMwEQYD +NDA0MjAxMTA5MjFaFw0yNzA0MjAxMTA5MjFaMFcxCzAJBgNVBAYTAkFVMRMwEQYD VQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBM dGQxEDAOBgNVBAMMB2RlbW8uY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK -AoIBAQCtdMb3vQDPt2hWm+pJ2VDq0hwRIxfeKwsHHk6fVe0Wa7HG/QxlsUWe9wvV -C7HTw8PzQzTEtrtplgrC+KmSSOdvnL1Pgzswo8dD3PNHEfmaFsGFoegUDZUXxOMD -jJGS8Xw1oBAblEstm2wwxa0FhWZ965Et7PA9QqpkAumQ9tT20Cwo418YgV7TZ+8q -d8+zL7+ov6yajC4PJnWBsqq9eN5tvUtQS2vvH6qr+M5zBxW2yPWKoq9Hqv0DZJWQ -orI5hgeuzU8tlVAP71mezJ5lYln8qVkyLawBtFIvwh6BySO5fW26A2dIJeNGOGm1 -8uR0oqa8gZaMY8f8Y1/4KWsnc5/lAgMBAAGjUzBRMB0GA1UdDgQWBBSNfMMThDCW -5AagK3t6aw/OxQPT5TAfBgNVHSMEGDAWgBSNfMMThDCW5AagK3t6aw/OxQPT5TAP -BgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAx7T66sA8qnMuUQKmG -EOVjSXIJJI4D0BVzcnPmxiYbSn9fL2rsuXQz79y4hnSveDxVeI4JpFnEUaHuW1JI -2zIVxyTCbrWbCuQYdFDnJm1ODUyOtbywirb5P+W2nMqIGqhCqjbwt+jveZPbMxiq -XqM79zox57X8v/qxZylV8BFovB2SD2bLmncnrnOmGlqCx85LEkv+4XME1Y5nqbeA -zVYk7ihVtmohGoTSMSiLYugeDvsf8wpLCDgj78AR8n2tiFpjJHhFonieEeSXEMuR -mxnx0q1w69WdT9EWSfacIY5lPtMRq6Z2NRQUATIbgQqYL0bG1rP5Q7jPwFhYZ8fD -6kLd +AoIBAQCgi7rssuL8R7mo3VmpR0k3CrBhxe7uc7z2rZrM8uPZgoanqe9bnS65QhjG +RgG5PRUMiXvCerwX3lRDSolVU6HPfFt60sdF/tra06bFJFXXaYuF29G/R0NFu7R0 +SFCRmYGEtdY11GbG0Gm0e474R/T3R6ilAYdA1EFXTpMTCkEiFC3j3KwAcC3Rzwgo +2Xtk091Irc51V5A/ncPTjNOARJZOcXF82/fRHzoJLRNM3scZXMG2y8qR+NZ+IjKq +1FFdaWrfNIGZjP0OIjAXiSAV/7UAqUmq89Vl5cidv8eP+n9Wd+BdtIam13DW9naL +/oiEKysogSdZRQg7OVLQ3wCduFTHAgMBAAGjUzBRMB0GA1UdDgQWBBSPtJTIf8vv +AImy9sG+REscElQ7KDAfBgNVHSMEGDAWgBSPtJTIf8vvAImy9sG+REscElQ7KDAP +BgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAonSJR8joLSAyM+ou+ +pDtd3DPZB/D4GsuZFVmhhwxcjt6olleMUMK67/3EAwvYbZ46ApyZQy61v5vWgRpA +sWFQCz/ahIXiVcemiNntuN+2MwM8R+P4rN/Mqyp6oL9zbCWXpH1gHSRsMdi2mPGK +LjzwftH6ZQpqZOO9P627jp0CuEaQcO1AOjybi5fPwvMx5PRMfXr4fu4+R8/e2I3O +PNCWNl+O6yPe3pXMc1vjHg4wVYYyA3Q1dL2WkXjIdScLPo4rC2mpJ9Ibz4p02c6Q +4rb6u9mbGPVCScmGkRT+4t86Y/LIMVd8F7vYc7XlTyq3l/LA7xLbFRbSwo7pD8dj +P51S -----END CERTIFICATE----- diff --git a/src/test/ruby/x509/demoCA/careq.pem b/src/test/ruby/x509/demoCA/careq.pem index 5e551674..c19a58ed 100644 --- a/src/test/ruby/x509/demoCA/careq.pem +++ b/src/test/ruby/x509/demoCA/careq.pem @@ -1,16 +1,16 @@ -----BEGIN CERTIFICATE REQUEST----- MIICnDCCAYQCAQAwVzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEQMA4GA1UEAwwHZGVt -by5jYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK10xve9AM+3aFab -6knZUOrSHBEjF94rCwceTp9V7RZrscb9DGWxRZ73C9ULsdPDw/NDNMS2u2mWCsL4 -qZJI52+cvU+DOzCjx0Pc80cR+ZoWwYWh6BQNlRfE4wOMkZLxfDWgEBuUSy2bbDDF -rQWFZn3rkS3s8D1CqmQC6ZD21PbQLCjjXxiBXtNn7yp3z7Mvv6i/rJqMLg8mdYGy -qr143m29S1BLa+8fqqv4znMHFbbI9Yqir0eq/QNklZCisjmGB67NTy2VUA/vWZ7M -nmViWfypWTItrAG0Ui/CHoHJI7l9bboDZ0gl40Y4abXy5HSipryBloxjx/xjX/gp -aydzn+UCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQBlsERV2Yk/dxAmwKXPT3vo -5Bi1LLIHUAa00otarEi/+BEgallTfjNAbwVPaMbQSkdlm2SnUPJBWJcY7BEjp36U -KWJzK2QuoXo+TZU2ILAXmCx0Ij5sBToAFe/201b01OFZe8bt6CQheo1/xf4hqpZg -ZW9+H3EsjeLOq178ViHwiH8M9DmJmP2a60zZom8bPk+0tQCCccZ7DKuzJFUALlPa -eJd3GAKfZmyT7M5/GP2TLgkYWac2j5R1xvWKvj7nx4PtTD9vhhslJzptZh1KwPnV -A8wIW0nt7QioUudNpDxI6zGeRb631HWeyDfRg8n0UIctpLMY0KhIwYbIE5uf03RS +by5jYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKCLuuyy4vxHuajd +WalHSTcKsGHF7u5zvPatmszy49mChqep71udLrlCGMZGAbk9FQyJe8J6vBfeVENK +iVVToc98W3rSx0X+2trTpsUkVddpi4Xb0b9HQ0W7tHRIUJGZgYS11jXUZsbQabR7 +jvhH9PdHqKUBh0DUQVdOkxMKQSIULePcrABwLdHPCCjZe2TT3UitznVXkD+dw9OM +04BElk5xcXzb99EfOgktE0zexxlcwbbLypH41n4iMqrUUV1pat80gZmM/Q4iMBeJ +IBX/tQCpSarz1WXlyJ2/x4/6f1Z34F20hqbXcNb2dov+iIQrKyiBJ1lFCDs5UtDf +AJ24VMcCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQCTcwtA28eCbhgz9xraP8UL +VVdlLXzXUJVIg1ekjLyp7blSyNRx4c/Eymw03QTZOJqG3J9h9NbQ1fpsGcRpiruh +qHI7gM+givDP+IjPIuz3kOToZtmJ3Nj25fKmBpGcy0ftcoJ9ZpwYcVzlgA4eT07v +XHhYX64b9EAJttKGB3sFfI1ecTaeZ9sRpAuIYm6jtfcsH/oEfFPVAs/FfHGcCy3B +aqvBOUfFbxqPPe+aDRYKnTcaKvtZIbg61IqRUpW2o+tBCnr/RJMV21jBaEIGnT2B +TLdwMZ2xniFRjIr9UEGNR0lC0HAufGAZBqRy4NPUT9128mz5kYnftafXC5Y5J7UB -----END CERTIFICATE REQUEST----- diff --git a/src/test/ruby/x509/demoCA/index.txt b/src/test/ruby/x509/demoCA/index.txt index 25dbbd76..ee9978dd 100644 --- a/src/test/ruby/x509/demoCA/index.txt +++ b/src/test/ruby/x509/demoCA/index.txt @@ -1,2 +1,2 @@ -V 260412123236Z 1EE8F464B762C7B6945A158128839DB93F9D4E4B unknown /C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=demo.ca -V 240412124104Z 1EE8F464B762C7B6945A158128839DB93F9D4E4C unknown /C=AU/ST=None/O=JRuby Dev Team/OU=jossl/CN=jruby.org +V 270420110921Z 7FE0E82756779BDA39DFF3AEE16916DE984FFD24 unknown /C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=demo.ca +V 250420111357Z 7FE0E82756779BDA39DFF3AEE16916DE984FFD25 unknown /C=AU/ST=None/O=JRuby Dev Team/OU=JOSSL/CN=jruby.org diff --git a/src/test/ruby/x509/demoCA/index.txt.old b/src/test/ruby/x509/demoCA/index.txt.old index 9bd35913..2c79c486 100644 --- a/src/test/ruby/x509/demoCA/index.txt.old +++ b/src/test/ruby/x509/demoCA/index.txt.old @@ -1 +1 @@ -V 260412123236Z 1EE8F464B762C7B6945A158128839DB93F9D4E4B unknown /C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=demo.ca +V 270420110921Z 7FE0E82756779BDA39DFF3AEE16916DE984FFD24 unknown /C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=demo.ca diff --git a/src/test/ruby/x509/demoCA/newcerts/1EE8F464B762C7B6945A158128839DB93F9D4E4B.pem b/src/test/ruby/x509/demoCA/newcerts/1EE8F464B762C7B6945A158128839DB93F9D4E4B.pem deleted file mode 100644 index c1b24b44..00000000 --- a/src/test/ruby/x509/demoCA/newcerts/1EE8F464B762C7B6945A158128839DB93F9D4E4B.pem +++ /dev/null @@ -1,80 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 1e:e8:f4:64:b7:62:c7:b6:94:5a:15:81:28:83:9d:b9:3f:9d:4e:4b - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd, CN=demo.ca - Validity - Not Before: Apr 13 12:32:36 2023 GMT - Not After : Apr 12 12:32:36 2026 GMT - Subject: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd, CN=demo.ca - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:ad:74:c6:f7:bd:00:cf:b7:68:56:9b:ea:49:d9: - 50:ea:d2:1c:11:23:17:de:2b:0b:07:1e:4e:9f:55: - ed:16:6b:b1:c6:fd:0c:65:b1:45:9e:f7:0b:d5:0b: - b1:d3:c3:c3:f3:43:34:c4:b6:bb:69:96:0a:c2:f8: - a9:92:48:e7:6f:9c:bd:4f:83:3b:30:a3:c7:43:dc: - f3:47:11:f9:9a:16:c1:85:a1:e8:14:0d:95:17:c4: - e3:03:8c:91:92:f1:7c:35:a0:10:1b:94:4b:2d:9b: - 6c:30:c5:ad:05:85:66:7d:eb:91:2d:ec:f0:3d:42: - aa:64:02:e9:90:f6:d4:f6:d0:2c:28:e3:5f:18:81: - 5e:d3:67:ef:2a:77:cf:b3:2f:bf:a8:bf:ac:9a:8c: - 2e:0f:26:75:81:b2:aa:bd:78:de:6d:bd:4b:50:4b: - 6b:ef:1f:aa:ab:f8:ce:73:07:15:b6:c8:f5:8a:a2: - af:47:aa:fd:03:64:95:90:a2:b2:39:86:07:ae:cd: - 4f:2d:95:50:0f:ef:59:9e:cc:9e:65:62:59:fc:a9: - 59:32:2d:ac:01:b4:52:2f:c2:1e:81:c9:23:b9:7d: - 6d:ba:03:67:48:25:e3:46:38:69:b5:f2:e4:74:a2: - a6:bc:81:96:8c:63:c7:fc:63:5f:f8:29:6b:27:73: - 9f:e5 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - 8D:7C:C3:13:84:30:96:E4:06:A0:2B:7B:7A:6B:0F:CE:C5:03:D3:E5 - X509v3 Authority Key Identifier: - 8D:7C:C3:13:84:30:96:E4:06:A0:2B:7B:7A:6B:0F:CE:C5:03:D3:E5 - X509v3 Basic Constraints: critical - CA:TRUE - Signature Algorithm: sha256WithRSAEncryption - Signature Value: - 31:ed:3e:ba:b0:0f:2a:9c:cb:94:40:a9:86:10:e5:63:49:72: - 09:24:8e:03:d0:15:73:72:73:e6:c6:26:1b:4a:7f:5f:2f:6a: - ec:b9:74:33:ef:dc:b8:86:74:af:78:3c:55:78:8e:09:a4:59: - c4:51:a1:ee:5b:52:48:db:32:15:c7:24:c2:6e:b5:9b:0a:e4: - 18:74:50:e7:26:6d:4e:0d:4c:8e:b5:bc:b0:8a:b6:f9:3f:e5: - b6:9c:ca:88:1a:a8:42:aa:36:f0:b7:e8:ef:79:93:db:33:18: - aa:5e:a3:3b:f7:3a:31:e7:b5:fc:bf:fa:b1:67:29:55:f0:11: - 68:bc:1d:92:0f:66:cb:9a:77:27:ae:73:a6:1a:5a:82:c7:ce: - 4b:12:4b:fe:e1:73:04:d5:8e:67:a9:b7:80:cd:56:24:ee:28: - 55:b6:6a:21:1a:84:d2:31:28:8b:62:e8:1e:0e:fb:1f:f3:0a: - 4b:08:38:23:ef:c0:11:f2:7d:ad:88:5a:63:24:78:45:a2:78: - 9e:11:e4:97:10:cb:91:9b:19:f1:d2:ad:70:eb:d5:9d:4f:d1: - 16:49:f6:9c:21:8e:65:3e:d3:11:ab:a6:76:35:14:14:01:32: - 1b:81:0a:98:2f:46:c6:d6:b3:f9:43:b8:cf:c0:58:58:67:c7: - c3:ea:42:dd ------BEGIN CERTIFICATE----- -MIIDjzCCAnegAwIBAgIUHuj0ZLdix7aUWhWBKIOduT+dTkswDQYJKoZIhvcNAQEL -BQAwVzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM -GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEQMA4GA1UEAwwHZGVtby5jYTAeFw0y -MzA0MTMxMjMyMzZaFw0yNjA0MTIxMjMyMzZaMFcxCzAJBgNVBAYTAkFVMRMwEQYD -VQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBM -dGQxEDAOBgNVBAMMB2RlbW8uY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK -AoIBAQCtdMb3vQDPt2hWm+pJ2VDq0hwRIxfeKwsHHk6fVe0Wa7HG/QxlsUWe9wvV -C7HTw8PzQzTEtrtplgrC+KmSSOdvnL1Pgzswo8dD3PNHEfmaFsGFoegUDZUXxOMD -jJGS8Xw1oBAblEstm2wwxa0FhWZ965Et7PA9QqpkAumQ9tT20Cwo418YgV7TZ+8q -d8+zL7+ov6yajC4PJnWBsqq9eN5tvUtQS2vvH6qr+M5zBxW2yPWKoq9Hqv0DZJWQ -orI5hgeuzU8tlVAP71mezJ5lYln8qVkyLawBtFIvwh6BySO5fW26A2dIJeNGOGm1 -8uR0oqa8gZaMY8f8Y1/4KWsnc5/lAgMBAAGjUzBRMB0GA1UdDgQWBBSNfMMThDCW -5AagK3t6aw/OxQPT5TAfBgNVHSMEGDAWgBSNfMMThDCW5AagK3t6aw/OxQPT5TAP -BgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAx7T66sA8qnMuUQKmG -EOVjSXIJJI4D0BVzcnPmxiYbSn9fL2rsuXQz79y4hnSveDxVeI4JpFnEUaHuW1JI -2zIVxyTCbrWbCuQYdFDnJm1ODUyOtbywirb5P+W2nMqIGqhCqjbwt+jveZPbMxiq -XqM79zox57X8v/qxZylV8BFovB2SD2bLmncnrnOmGlqCx85LEkv+4XME1Y5nqbeA -zVYk7ihVtmohGoTSMSiLYugeDvsf8wpLCDgj78AR8n2tiFpjJHhFonieEeSXEMuR -mxnx0q1w69WdT9EWSfacIY5lPtMRq6Z2NRQUATIbgQqYL0bG1rP5Q7jPwFhYZ8fD -6kLd ------END CERTIFICATE----- diff --git a/src/test/ruby/x509/demoCA/newcerts/1EE8F464B762C7B6945A158128839DB93F9D4E4C.pem b/src/test/ruby/x509/demoCA/newcerts/1EE8F464B762C7B6945A158128839DB93F9D4E4C.pem deleted file mode 100644 index 5959128e..00000000 --- a/src/test/ruby/x509/demoCA/newcerts/1EE8F464B762C7B6945A158128839DB93F9D4E4C.pem +++ /dev/null @@ -1,79 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 1e:e8:f4:64:b7:62:c7:b6:94:5a:15:81:28:83:9d:b9:3f:9d:4e:4c - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd, CN=demo.ca - Validity - Not Before: Apr 13 12:41:04 2023 GMT - Not After : Apr 12 12:41:04 2024 GMT - Subject: C=AU, ST=None, O=JRuby Dev Team, OU=jossl, CN=jruby.org - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:84:32:48:ed:06:4d:c5:a0:7a:b7:23:5b:87:5f: - fc:e4:6d:85:41:ff:91:dd:06:09:30:b3:81:4b:e7: - 86:32:bb:ce:5c:fd:0a:ae:5e:1d:4d:8a:19:f8:66: - 1b:fe:ed:6d:6f:e2:14:84:14:07:16:d9:1e:83:ee: - f9:b6:d4:6e:11:32:9e:50:15:fe:f1:a2:16:b0:84: - b9:54:03:65:60:29:78:71:80:ce:20:bc:37:d9:6b: - 25:5b:38:93:d0:cf:e3:cf:83:4c:4e:61:a3:e3:2b: - b1:f3:db:09:57:49:be:15:1d:28:03:ae:64:62:5c: - 06:a6:80:f1:a1:31:e0:98:ed:02:bd:e2:5f:1e:a5: - ad:b8:02:ee:f4:5c:42:78:0c:6e:34:ed:92:23:a9: - 3e:b0:e2:07:98:8e:dd:68:7b:58:b0:51:6e:39:c1: - 41:c8:7b:83:b4:5d:5e:3e:b8:00:bc:63:e3:e9:31: - 59:50:4e:1b:13:ac:db:e4:7e:9d:06:c4:da:00:b6: - 33:ca:c7:cb:c7:dd:5a:64:87:54:d0:3a:a1:2b:00: - 4b:71:a6:2a:00:32:75:78:01:11:f6:24:32:d6:5d: - bb:bb:a0:95:67:ac:99:ce:81:42:ad:5b:d8:6a:df: - 61:68:e0:34:54:60:d8:9d:db:d5:79:c8:ef:33:43: - c1:0b - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:FALSE - X509v3 Subject Key Identifier: - 25:87:7B:AE:5E:CC:BF:41:F6:90:04:D1:E1:A4:20:7F:84:18:BD:A4 - X509v3 Authority Key Identifier: - 8D:7C:C3:13:84:30:96:E4:06:A0:2B:7B:7A:6B:0F:CE:C5:03:D3:E5 - Signature Algorithm: sha256WithRSAEncryption - Signature Value: - 44:d0:24:26:a7:81:2e:9d:28:d7:0c:b5:66:75:06:a3:ba:f5: - c4:7f:2e:4e:6b:fe:b1:95:ca:25:c2:40:05:ba:b9:e1:8b:ac: - 03:57:2b:3b:2a:6e:d2:c7:35:92:5e:ed:90:79:ec:7a:ae:06: - 3c:b6:1c:ad:ac:03:90:ba:4c:19:bc:67:8e:c3:48:a1:07:e6: - 09:a0:a7:fd:1a:f2:2d:29:96:af:fc:7c:d7:48:c5:3e:1d:42: - fc:61:ba:96:02:2f:74:b6:c3:82:38:81:3c:3f:b2:c7:2b:72: - 30:47:88:53:4b:7a:b0:63:31:42:de:3a:92:d1:ee:27:e4:45: - 79:93:40:4a:d3:b9:6e:2d:01:98:da:ba:db:34:e8:b4:76:f8: - 86:f2:49:03:11:f9:61:aa:3d:49:78:61:b4:f0:c0:f5:f4:29: - 9e:7b:3c:95:1d:1a:38:e7:7a:37:fc:eb:30:34:1f:4d:03:05: - df:fe:b5:b6:c9:1a:fe:f0:09:cd:1e:26:ee:f7:0e:70:60:41: - eb:14:b8:4f:ec:fb:02:64:6e:c8:08:74:07:49:ef:ed:a2:28: - 2e:c7:0d:a5:29:3a:8a:fe:81:7f:a9:89:0c:2c:14:32:00:36: - 0d:ad:8c:c7:ba:36:9b:5b:6c:15:be:52:59:26:97:a9:d3:5b: - 57:93:81:53 ------BEGIN CERTIFICATE----- -MIIDizCCAnOgAwIBAgIUHuj0ZLdix7aUWhWBKIOduT+dTkwwDQYJKoZIhvcNAQEL -BQAwVzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM -GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEQMA4GA1UEAwwHZGVtby5jYTAeFw0y -MzA0MTMxMjQxMDRaFw0yNDA0MTIxMjQxMDRaMFkxCzAJBgNVBAYTAkFVMQ0wCwYD -VQQIDAROb25lMRcwFQYDVQQKDA5KUnVieSBEZXYgVGVhbTEOMAwGA1UECwwFam9z -c2wxEjAQBgNVBAMMCWpydWJ5Lm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC -AQoCggEBAIQySO0GTcWgercjW4df/ORthUH/kd0GCTCzgUvnhjK7zlz9Cq5eHU2K -GfhmG/7tbW/iFIQUBxbZHoPu+bbUbhEynlAV/vGiFrCEuVQDZWApeHGAziC8N9lr -JVs4k9DP48+DTE5ho+MrsfPbCVdJvhUdKAOuZGJcBqaA8aEx4JjtAr3iXx6lrbgC -7vRcQngMbjTtkiOpPrDiB5iO3Wh7WLBRbjnBQch7g7RdXj64ALxj4+kxWVBOGxOs -2+R+nQbE2gC2M8rHy8fdWmSHVNA6oSsAS3GmKgAydXgBEfYkMtZdu7uglWesmc6B -Qq1b2GrfYWjgNFRg2J3b1XnI7zNDwQsCAwEAAaNNMEswCQYDVR0TBAIwADAdBgNV -HQ4EFgQUJYd7rl7Mv0H2kATR4aQgf4QYvaQwHwYDVR0jBBgwFoAUjXzDE4QwluQG -oCt7emsPzsUD0+UwDQYJKoZIhvcNAQELBQADggEBAETQJCangS6dKNcMtWZ1BqO6 -9cR/Lk5r/rGVyiXCQAW6ueGLrANXKzsqbtLHNZJe7ZB57HquBjy2HK2sA5C6TBm8 -Z47DSKEH5gmgp/0a8i0plq/8fNdIxT4dQvxhupYCL3S2w4I4gTw/sscrcjBHiFNL -erBjMULeOpLR7ifkRXmTQErTuW4tAZjauts06LR2+IbySQMR+WGqPUl4YbTwwPX0 -KZ57PJUdGjjnejf86zA0H00DBd/+tbbJGv7wCc0eJu73DnBgQesUuE/s+wJkbsgI -dAdJ7+2iKC7HDaUpOor+gX+piQwsFDIANg2tjMe6NptbbBW+Ulkml6nTW1eTgVM= ------END CERTIFICATE----- diff --git a/src/test/ruby/x509/demoCA/newcerts/7FE0E82756779BDA39DFF3AEE16916DE984FFD24.pem b/src/test/ruby/x509/demoCA/newcerts/7FE0E82756779BDA39DFF3AEE16916DE984FFD24.pem new file mode 100644 index 00000000..e83dd63a --- /dev/null +++ b/src/test/ruby/x509/demoCA/newcerts/7FE0E82756779BDA39DFF3AEE16916DE984FFD24.pem @@ -0,0 +1,80 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 7f:e0:e8:27:56:77:9b:da:39:df:f3:ae:e1:69:16:de:98:4f:fd:24 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd, CN=demo.ca + Validity + Not Before: Apr 20 11:09:21 2024 GMT + Not After : Apr 20 11:09:21 2027 GMT + Subject: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd, CN=demo.ca + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:a0:8b:ba:ec:b2:e2:fc:47:b9:a8:dd:59:a9:47: + 49:37:0a:b0:61:c5:ee:ee:73:bc:f6:ad:9a:cc:f2: + e3:d9:82:86:a7:a9:ef:5b:9d:2e:b9:42:18:c6:46: + 01:b9:3d:15:0c:89:7b:c2:7a:bc:17:de:54:43:4a: + 89:55:53:a1:cf:7c:5b:7a:d2:c7:45:fe:da:da:d3: + a6:c5:24:55:d7:69:8b:85:db:d1:bf:47:43:45:bb: + b4:74:48:50:91:99:81:84:b5:d6:35:d4:66:c6:d0: + 69:b4:7b:8e:f8:47:f4:f7:47:a8:a5:01:87:40:d4: + 41:57:4e:93:13:0a:41:22:14:2d:e3:dc:ac:00:70: + 2d:d1:cf:08:28:d9:7b:64:d3:dd:48:ad:ce:75:57: + 90:3f:9d:c3:d3:8c:d3:80:44:96:4e:71:71:7c:db: + f7:d1:1f:3a:09:2d:13:4c:de:c7:19:5c:c1:b6:cb: + ca:91:f8:d6:7e:22:32:aa:d4:51:5d:69:6a:df:34: + 81:99:8c:fd:0e:22:30:17:89:20:15:ff:b5:00:a9: + 49:aa:f3:d5:65:e5:c8:9d:bf:c7:8f:fa:7f:56:77: + e0:5d:b4:86:a6:d7:70:d6:f6:76:8b:fe:88:84:2b: + 2b:28:81:27:59:45:08:3b:39:52:d0:df:00:9d:b8: + 54:c7 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 8F:B4:94:C8:7F:CB:EF:00:89:B2:F6:C1:BE:44:4B:1C:12:54:3B:28 + X509v3 Authority Key Identifier: + 8F:B4:94:C8:7F:CB:EF:00:89:B2:F6:C1:BE:44:4B:1C:12:54:3B:28 + X509v3 Basic Constraints: critical + CA:TRUE + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 28:9d:22:51:f2:3a:0b:48:0c:8c:fa:8b:be:a4:3b:5d:dc:33: + d9:07:f0:f8:1a:cb:99:15:59:a1:87:0c:5c:8e:de:a8:96:57: + 8c:50:c2:ba:ef:fd:c4:03:0b:d8:6d:9e:3a:02:9c:99:43:2e: + b5:bf:9b:d6:81:1a:40:b1:61:50:0b:3f:da:84:85:e2:55:c7: + a6:88:d9:ed:b8:df:b6:33:03:3c:47:e3:f8:ac:df:cc:ab:2a: + 7a:a0:bf:73:6c:25:97:a4:7d:60:1d:24:6c:31:d8:b6:98:f1: + 8a:2e:3c:f0:7e:d1:fa:65:0a:6a:64:e3:bd:3f:ad:bb:8e:9d: + 02:b8:46:90:70:ed:40:3a:3c:9b:8b:97:cf:c2:f3:31:e4:f4: + 4c:7d:7a:f8:7e:ee:3e:47:cf:de:d8:8d:ce:3c:d0:96:36:5f: + 8e:eb:23:de:de:95:cc:73:5b:e3:1e:0e:30:55:86:32:03:74: + 35:74:bd:96:91:78:c8:75:27:0b:3e:8e:2b:0b:69:a9:27:d2: + 1b:cf:8a:74:d9:ce:90:e2:b6:fa:bb:d9:9b:18:f5:42:49:c9: + 86:91:14:fe:e2:df:3a:63:f2:c8:31:57:7c:17:bb:d8:73:b5: + e5:4f:2a:b7:97:f2:c0:ef:12:db:15:16:d2:c2:8e:e9:0f:c7: + 63:3f:9d:52 +-----BEGIN CERTIFICATE----- +MIIDjzCCAnegAwIBAgIUf+DoJ1Z3m9o53/Ou4WkW3phP/SQwDQYJKoZIhvcNAQEL +BQAwVzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM +GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEQMA4GA1UEAwwHZGVtby5jYTAeFw0y +NDA0MjAxMTA5MjFaFw0yNzA0MjAxMTA5MjFaMFcxCzAJBgNVBAYTAkFVMRMwEQYD +VQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBM +dGQxEDAOBgNVBAMMB2RlbW8uY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQCgi7rssuL8R7mo3VmpR0k3CrBhxe7uc7z2rZrM8uPZgoanqe9bnS65QhjG +RgG5PRUMiXvCerwX3lRDSolVU6HPfFt60sdF/tra06bFJFXXaYuF29G/R0NFu7R0 +SFCRmYGEtdY11GbG0Gm0e474R/T3R6ilAYdA1EFXTpMTCkEiFC3j3KwAcC3Rzwgo +2Xtk091Irc51V5A/ncPTjNOARJZOcXF82/fRHzoJLRNM3scZXMG2y8qR+NZ+IjKq +1FFdaWrfNIGZjP0OIjAXiSAV/7UAqUmq89Vl5cidv8eP+n9Wd+BdtIam13DW9naL +/oiEKysogSdZRQg7OVLQ3wCduFTHAgMBAAGjUzBRMB0GA1UdDgQWBBSPtJTIf8vv +AImy9sG+REscElQ7KDAfBgNVHSMEGDAWgBSPtJTIf8vvAImy9sG+REscElQ7KDAP +BgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAonSJR8joLSAyM+ou+ +pDtd3DPZB/D4GsuZFVmhhwxcjt6olleMUMK67/3EAwvYbZ46ApyZQy61v5vWgRpA +sWFQCz/ahIXiVcemiNntuN+2MwM8R+P4rN/Mqyp6oL9zbCWXpH1gHSRsMdi2mPGK +LjzwftH6ZQpqZOO9P627jp0CuEaQcO1AOjybi5fPwvMx5PRMfXr4fu4+R8/e2I3O +PNCWNl+O6yPe3pXMc1vjHg4wVYYyA3Q1dL2WkXjIdScLPo4rC2mpJ9Ibz4p02c6Q +4rb6u9mbGPVCScmGkRT+4t86Y/LIMVd8F7vYc7XlTyq3l/LA7xLbFRbSwo7pD8dj +P51S +-----END CERTIFICATE----- diff --git a/src/test/ruby/x509/demoCA/newcerts/7FE0E82756779BDA39DFF3AEE16916DE984FFD25.pem b/src/test/ruby/x509/demoCA/newcerts/7FE0E82756779BDA39DFF3AEE16916DE984FFD25.pem new file mode 100644 index 00000000..b9309714 --- /dev/null +++ b/src/test/ruby/x509/demoCA/newcerts/7FE0E82756779BDA39DFF3AEE16916DE984FFD25.pem @@ -0,0 +1,79 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 7f:e0:e8:27:56:77:9b:da:39:df:f3:ae:e1:69:16:de:98:4f:fd:25 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd, CN=demo.ca + Validity + Not Before: Apr 20 11:13:57 2024 GMT + Not After : Apr 20 11:13:57 2025 GMT + Subject: C=AU, ST=None, O=JRuby Dev Team, OU=JOSSL, CN=jruby.org + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:b3:83:9b:f8:e7:5d:25:cd:ac:dc:19:aa:46:ce: + ff:66:30:b0:9d:da:1f:24:32:b1:9a:82:fc:bb:d0: + 4a:38:96:fe:b3:64:51:92:a0:11:5c:51:4f:f3:dc: + d9:29:5e:25:ed:8b:17:35:6b:b2:01:0a:10:ce:ea: + 4d:67:7f:b3:a1:12:6d:dd:6e:31:11:12:a7:56:98: + 4a:89:87:e7:e8:4d:23:aa:6a:28:6e:4f:b4:73:9b: + 0f:6d:e7:32:5b:50:46:0e:06:5d:96:e4:5b:23:b1: + b3:f3:a4:9b:12:ff:a1:7c:1a:ef:76:6a:b0:52:bf: + 03:1a:b8:7c:07:8d:f8:53:15:80:e5:37:38:05:01: + 01:ef:25:d7:86:ea:1d:79:0f:fc:00:35:0d:7d:4d: + 9c:9f:d8:d6:2e:42:df:72:13:8a:49:3a:59:ae:a7: + d9:a1:a7:92:74:ca:c1:ab:c5:47:04:ad:b1:3f:69: + 02:a4:09:e0:94:bb:80:54:81:e6:8a:bc:1c:db:db: + 60:87:66:77:8d:f9:2b:bf:74:ba:dc:3d:5a:20:fa: + 5a:fd:50:4b:a7:43:f3:e2:11:04:31:0a:42:69:1f: + 4c:6d:db:71:a0:5b:1a:e8:70:2c:69:3e:e9:ce:ce: + 4e:c1:83:3c:39:cb:2b:8d:45:72:0a:3d:b8:74:c8: + f7:a9 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + A4:5D:C3:4D:EA:92:65:AE:F2:66:60:9B:E2:4C:EC:78:FD:CA:E9:A2 + X509v3 Authority Key Identifier: + 8F:B4:94:C8:7F:CB:EF:00:89:B2:F6:C1:BE:44:4B:1C:12:54:3B:28 + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 3a:cf:7b:5c:f4:46:9b:dc:77:38:68:1d:a9:48:f0:01:68:9a: + 9f:f7:34:4a:63:8a:d1:50:d6:18:a7:b3:ad:13:9f:46:01:e6: + 89:7d:81:de:5f:49:1f:76:18:ec:23:07:fb:a2:3d:e0:eb:29: + 67:12:2a:c0:ea:a6:51:69:37:81:49:c0:6e:6e:73:db:7d:09: + 92:db:fe:5b:9f:3f:a0:3e:96:1c:2a:40:bc:9b:73:3b:38:59: + a4:e4:6b:07:a6:d3:3c:fd:48:07:fc:d8:3d:d4:e9:91:20:fd: + d5:a7:98:4f:ea:8b:ab:39:fa:f3:95:e0:cd:af:85:0b:85:ed: + 72:ad:e0:74:83:88:b1:1f:1e:a7:13:56:4a:b5:6a:c5:6d:81: + cd:e7:69:f2:b9:49:f0:50:ae:21:ff:12:af:2f:c4:2a:23:43: + c3:73:64:f6:1a:b7:0f:9a:7b:3a:1f:93:6d:e3:30:23:00:dc: + b1:f1:83:22:a2:e6:6a:b0:e5:89:6a:71:f6:76:c3:4d:1f:c7: + 4a:75:75:8a:85:6e:b6:11:89:9d:59:3a:ac:6a:bc:df:4e:ad: + 1e:db:4c:81:66:64:b8:8a:86:be:0e:f2:10:3e:94:63:e3:e5: + 97:9a:b1:24:6f:ea:ff:09:06:9c:e8:f7:38:e1:7e:32:5e:55: + ae:39:5b:fa +-----BEGIN CERTIFICATE----- +MIIDizCCAnOgAwIBAgIUf+DoJ1Z3m9o53/Ou4WkW3phP/SUwDQYJKoZIhvcNAQEL +BQAwVzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM +GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEQMA4GA1UEAwwHZGVtby5jYTAeFw0y +NDA0MjAxMTEzNTdaFw0yNTA0MjAxMTEzNTdaMFkxCzAJBgNVBAYTAkFVMQ0wCwYD +VQQIDAROb25lMRcwFQYDVQQKDA5KUnVieSBEZXYgVGVhbTEOMAwGA1UECwwFSk9T +U0wxEjAQBgNVBAMMCWpydWJ5Lm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC +AQoCggEBALODm/jnXSXNrNwZqkbO/2YwsJ3aHyQysZqC/LvQSjiW/rNkUZKgEVxR +T/Pc2SleJe2LFzVrsgEKEM7qTWd/s6ESbd1uMRESp1aYSomH5+hNI6pqKG5PtHOb +D23nMltQRg4GXZbkWyOxs/OkmxL/oXwa73ZqsFK/Axq4fAeN+FMVgOU3OAUBAe8l +14bqHXkP/AA1DX1NnJ/Y1i5C33ITikk6Wa6n2aGnknTKwavFRwStsT9pAqQJ4JS7 +gFSB5oq8HNvbYIdmd435K790utw9WiD6Wv1QS6dD8+IRBDEKQmkfTG3bcaBbGuhw +LGk+6c7OTsGDPDnLK41Fcgo9uHTI96kCAwEAAaNNMEswCQYDVR0TBAIwADAdBgNV +HQ4EFgQUpF3DTeqSZa7yZmCb4kzseP3K6aIwHwYDVR0jBBgwFoAUj7SUyH/L7wCJ +svbBvkRLHBJUOygwDQYJKoZIhvcNAQELBQADggEBADrPe1z0RpvcdzhoHalI8AFo +mp/3NEpjitFQ1hins60Tn0YB5ol9gd5fSR92GOwjB/uiPeDrKWcSKsDqplFpN4FJ +wG5uc9t9CZLb/lufP6A+lhwqQLybczs4WaTkawem0zz9SAf82D3U6ZEg/dWnmE/q +i6s5+vOV4M2vhQuF7XKt4HSDiLEfHqcTVkq1asVtgc3nafK5SfBQriH/Eq8vxCoj +Q8NzZPYatw+aezofk23jMCMA3LHxgyKi5mqw5YlqcfZ2w00fx0p1dYqFbrYRiZ1Z +OqxqvN9OrR7bTIFmZLiKhr4O8hA+lGPj5ZeasSRv6v8JBpzo9zjhfjJeVa45W/o= +-----END CERTIFICATE----- diff --git a/src/test/ruby/x509/demoCA/private/cakey.pem b/src/test/ruby/x509/demoCA/private/cakey.pem index 290ddd85..39b0a4f8 100644 --- a/src/test/ruby/x509/demoCA/private/cakey.pem +++ b/src/test/ruby/x509/demoCA/private/cakey.pem @@ -1,30 +1,30 @@ -----BEGIN ENCRYPTED PRIVATE KEY----- -MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIkIt8nAfxV/gCAggA -MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECJio7kG11xBSBIIEyPq1A+278rJd -4Q9jXJYC4CMirNmcGzyWXY8WEPOqYnSLrO7H3MfwZTySe3ku6bOJGnboVa4xHpWB -EYhYuby7u5C24iXq6teiB+b993dc9crB+JHfoa/NRa4fSVfhVghG0qabPT0xk+9X -zUahCQF6e457vnw7G5DwPiFbhLg5u5xS6OWrhqn4s/uhn5+XJEqhutn0Z5llbW4p -TmzuENr3j8dS5aKywmnRG13WIFwTLHJ6CJDraZBLbDGidb0OBnGDsVK1pj1Q1hl+ -dsVxrM8QYETDH4HHOTG4asd47PRVq5mOVS7p26W25GJqt8pBkRNzaqSA0OpY/Fgd -levsspMkLFmXJiFBs+gvcxFfURN8wG/ZMij9eh5PYTnaFQvXT3pcvrdSXCcDUNnZ -n0wDMeZ+tFJ3YC+HoxVshnzneJY36HTIQcNnp/L1JYsvlV6yqLAF4c6Mwa+dpZOX -GmJ8NL94ULR4Z2loW5Snn/N/TMEse1sBvQ48jicBbqKNVyFSSMTIUGsXsWwCnFyM -8ClAXM1StUM6OzW3VOntO/8E6GoKUu5CSO0ke2mZPDTS21TkGZWy8tLqw7ztbrDW -tl+ngVc03QK3jT7mVwOtHcXmWTH89wOZxj7IpcKus4dIpFEwOVHYlNlkahSxIdsM -z1FL84xX8KcnLxn4UqbEE2RkxhTwl0viVWr5/thFiyNCbtsGsdOmiZinuWPxa20b -quTxkKXdJ1ge7Zdz40n49fGdHKMIGnixzdq8/onwj8Ej/2quRfZu/Mjl3Gkt093g -VgNxTZ8wbkC8OO8RGyE4b2pu/C4CPovUZrvm4QroXxl6yKoUw13CGe+jSbuBU8fz -t6+HDILbyx1FIQxobQUpUi7cNTo1urCVxs/yLVVdIbPCp1Rk8AIekqw8VkU+mebL -n506k8pS5s40W0dSl11DtfuQO90xOLKOkjZ02R8cUPSuemJ0ZQx8+w4dePkgzFH4 -YtnluS/r02KL72ld/5TxbOeLltGU7NfdUy1z9mzvO6JJrMJg48RqMC1SMNg4OLuO -jwL+LHjt2ROxOX33WneYtgdlbrkkI5JD83J4EfZeXdU7D+PJHlfUdnEXrpBIoufZ -kte6OqgD4wrkWK8XpJG1SlNzU5JU9+6u9+CdQEdK0G1SOCNXEfnNnFaWA7wu1rrf -96j3Ypo/eJfGsTjbiGYKEniG/09W0wpeVh3M9i62s+CG1/daWVYez8zz2D+mHUXM -f8dVKZs1ZpTgt/cN8w+C//rr82D9loz8dUs/NtEFjBAlpv3g+LtuY/66DmkCltln -2IJwd7vcpzA6q7FxsnlK7ouc2jSvLBxPsv6h1Bt8CBHV668Ywo5hRrKkrbIHDgAA -v/3bHgFIsOD4GZi94py6EUK+oemjITv3MxFyyxszO50t/ilhopQKMGP+xtQIKxHW -j6v4L38a1eLvw6FEBIZD+QQNCdzakP1sc9oPrRKqatqtkcDRQcTEKgM2HxsC/EjS -tzWc2JqtNnV0PqSvvfho52c3Dlm2aDHtYnWUJRfJbhbCr8RSXFzBolRTwJjPXOLW -mHLK4e/LzWg64dBLP95FgpA8A6puDV3xw3ROHmxwITbeDn9ls5LXzGiMYN57nFFl -36FPw6CKMdIjTkPcRqyUzQ== +MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIga/rK91RImECAggA +MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECKwVl8kx/xDEBIIEyJlHqU2PSAWV +vHlaaYalchpBH2aZ88In3JcFuQ8t+sTr8AmTL2PBg/KVEyiDLeCcWbAJcvpkM6y2 +GJjAxAYiibipVwbG0Zx/7YJqq3FdG64Bo+z8yI4AFk+lTTU9Kvezz20y+N7+qZuX +JBQu8yJsbMw7MMmsk1Ydt/nmu1gF/sX3r8eJ4ELi7cUPu9juBffXTtsE7nXJTeZL +j+7Ubh6YhF1JHmEz5b+6x16KZ971FHUkb7VS7BP9gK84LWfVSoLPOTRP66zIT8Ob +fi3EgRKjqE99YZFIkKWJx+zv0nmJz25dZMdXdTGZgVS7pfTavPHkdbAyqeEXa+RE +63RpPa4aW5rge54enfIl+EIxG6Xds9jn4oZJP4V8kHsmfx2JAziBnXp5Z5wBJXjk +NekM78sP3AnHVwtPbsmUP2r5IVA+l3AAYhckaCw8V65TrQZu86CWiUoOj5pDuJub +v65/+rrYYcrDdJTvrh86Ws0e1AjNZvV7TW2sgA+J29cuM1WigGFwV2iYsvvmU+EY +PoXSX10PRdg73k6NeJ75/653mbATp/35LPY1N7zGYmQap0Y8llErp+7m7au6LHsX +zxqp6PISAGXtJTQBngBBf0wgMYZlErzNXpcVglea9Xa8dw163sMKJ3F8dEB6gK9M +Gm7KRK1gM0wUbrA0i0fOasHmqTZKYJLWYcVaoqc9qQAdSuU9USWgriJl1rHe0g7q +PT/jbSKLFn6e5cYlcIy7lfXQRoReh6fT7HnN7noej3IGZ7+2u1iOQTVYo/RvHXOt +EcRS5AhycWoVa4p/hGsAdLm1/P5jJL96MgZUpwH1Wp/PkaZptn4fhAzsmLnthsSn +ArMl7+PLu3Sv/ojfPAWeuoZvCTe3imPoL/k3sMPseGeRUKuq8QzCNLrBTwCeagtF +kH3/JqZim8kmlvum+stCt2CusnfQX4PFF7aLjiZzr0mAouScQTJXNKDdYGzEIOhL +5iZ+RvzUAh42VVVj0BkDMbrWmr+FV4MFqF+Tw2EQB6jVQyVupRQfTIRvDy3DPKX7 +fLWNwOzVUCCIjJxPWCT8DmTpAmIVb6SsZ3uSh3LkKjMxKSAe6n0r/gkD65o/N1p1 +f5d+vCrUHp/BdHRV1L+8sYrHE0j8Df5xTVSgnbQkPFXqBU3WiwqfRY4eN7ZDGvS+ +/SSd1FLnLrieXEDfz9dVScbCrqAVD7IfRvvrE+IOV0/WnuV7gLN/ARYT0RF05JJd +KFqbT48exw4nV8RGGQHdQTdtQYiaSz5Pj+jqHX6xvjI7wxyeDpuQQK0FcBHzbHVg +fplulR0TAZzhh1cMk1KeKAugAelBhE6LYGViWa6oHLAYIygghE3sR3ey9CXMfjr8 +4M3eqZNnPODqt9fY40DEaxPRXsspSExfpWycRrl8pEMRtwi330E7mZ5Z2LYVtiNu +PYYi7LK+xa6MsftdSn/MsmumNMQqNIiu6ZDZ2iuRdHM1aBzdV8CJ66CSn3NvkYjt +zQj6kZweVFsRufcLinwUSO3s+w+6O0bmQTLbFsE7w9+cxHnrHuQxZXKrX2DIxgSU +CN1sGp+t/HZpguIegBvAdL6U3WTtZkYqOJgdPU7J6XDj2P5M6RW3RWiTsWhjbveU +AuJKvhA0WgNS4+XnyBwZNw== -----END ENCRYPTED PRIVATE KEY----- diff --git a/src/test/ruby/x509/demoCA/serial b/src/test/ruby/x509/demoCA/serial index 108a9c45..0b14c109 100644 --- a/src/test/ruby/x509/demoCA/serial +++ b/src/test/ruby/x509/demoCA/serial @@ -1 +1 @@ -1EE8F464B762C7B6945A158128839DB93F9D4E4D +7FE0E82756779BDA39DFF3AEE16916DE984FFD26 diff --git a/src/test/ruby/x509/demoCA/serial.old b/src/test/ruby/x509/demoCA/serial.old index ea6498d8..f82eb9f3 100644 --- a/src/test/ruby/x509/demoCA/serial.old +++ b/src/test/ruby/x509/demoCA/serial.old @@ -1 +1 @@ -1EE8F464B762C7B6945A158128839DB93F9D4E4C +7FE0E82756779BDA39DFF3AEE16916DE984FFD25 diff --git a/src/test/ruby/x509/javastore.ts b/src/test/ruby/x509/javastore.ts index 0571c1a7161eb84fd58fbdcebbb15ca20bc01b6c..dfd844f7b1903313f2a9118cdfd9b07ebe3945d7 100644 GIT binary patch delta 674 zcmV;T0$u&m2hsJJ zC@>!e163U(1Q;+DfE16kl*oU}?*NIi_QAeHOB@nZJ1CQx0wsSaogz{4Itxe)jQWed zq&r>QGua35_!`TZ67hB5hLIHh z;@>)B^2jk)d>6aebG7A9Dz}&N!0!^<6&BLMj_D7_V?P$1QrSwx2rV)ZiKi5QR+;ah INKgT9YsVAb+iN#`nDd&$nn+o9ao~Q0meg5hEAg zD+>o6PM=ln7HhG_{S0NXMV|Ky)eEuH!^87KG{m;MX_gAY_^Fae=Wm?7PlG!!qsK$s z^G6Z+nij!@q39G1l^4Y01B{W9@q9I)5F35%r+ z_J7bUDC1ukfnL*R?<#lCvoF7>zpR>!E)OPkfwHQ-c;0QjOHfN|?;onG_|9_&6}HIr zilVPas{I3Gm5`#cIfe(W%}*_rP!I1}p3I(QVp;sDSu!oG0kl#t!XAOiBe{KTx&voO zCF4doX|?j?bfTubftHM8$NXbo_$g~Aa{`~`lTZQ_HI0136NE69ot56;B{)8&(y0wsSj?LNA&4=S9?lt8J5 z5anY@atS1k1JD(7a&zX!CL2nBUoUFxxpXt{+_;8xuXsFFc#a9AS;SGH?psnw+cFi$ zB*JdBn+oI@bWrCeZB7kLjL%7etSXgJr!|E17-I0I|bDwMYo2EBZzSr Date: Wed, 22 May 2024 19:17:11 +0200 Subject: [PATCH 03/11] [refactor] organize i-var sets (set @context after setup) --- src/main/java/org/jruby/ext/openssl/SSLSocket.java | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/main/java/org/jruby/ext/openssl/SSLSocket.java b/src/main/java/org/jruby/ext/openssl/SSLSocket.java index 63bbc07b..ea2e33f2 100644 --- a/src/main/java/org/jruby/ext/openssl/SSLSocket.java +++ b/src/main/java/org/jruby/ext/openssl/SSLSocket.java @@ -162,19 +162,18 @@ public IRubyObject initialize(final ThreadContext context, final IRubyObject[] a final Ruby runtime = context.runtime; if (Arity.checkArgumentCount(runtime, args, 1, 2) == 1) { - sslContext = new SSLContext(runtime).initializeImpl(); + this.sslContext = new SSLContext(runtime).initializeImpl(); } else { if (!(args[1] instanceof SSLContext)) { throw runtime.newTypeError(args[1], "OpenSSL::SSL::SSLContext"); } - sslContext = (SSLContext) args[1]; + this.sslContext = (SSLContext) args[1]; } if (!(args[0] instanceof RubyIO)) { throw runtime.newTypeError("IO expected but got " + args[0].getMetaClass().getName()); } - setInstanceVariable("@context", this.sslContext); // only compat (we do not use @context) - setInstanceVariable("@io", this.io = (RubyIO) args[0]); + setInstanceVariable("@io", this.io = (RubyIO) args[0]); // RubyBasicSocket extends RubyIO set_io_nonblock_checked(context, runtime.getTrue()); // This is a bit of a hack: SSLSocket should share code with // RubyBasicSocket, which always sets sync to true. @@ -182,6 +181,7 @@ public IRubyObject initialize(final ThreadContext context, final IRubyObject[] a set_sync(context, runtime.getTrue()); // io.sync = true setInstanceVariable("@sync_close", runtime.getFalse()); // self.sync_close = false sslContext.setup(context); + setInstanceVariable("@context", sslContext); // only compat (we do not use @context) this.initializeTime = System.currentTimeMillis(); From b612897f6b1dae08d0f0bd0233988b0e091c857b Mon Sep 17 00:00:00 2001 From: kares Date: Wed, 22 May 2024 19:18:37 +0200 Subject: [PATCH 04/11] [refactor] freeze SSLContext when everything okay --- src/main/java/org/jruby/ext/openssl/SSLContext.java | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/src/main/java/org/jruby/ext/openssl/SSLContext.java b/src/main/java/org/jruby/ext/openssl/SSLContext.java index 76380b5d..ddaa4711 100644 --- a/src/main/java/org/jruby/ext/openssl/SSLContext.java +++ b/src/main/java/org/jruby/ext/openssl/SSLContext.java @@ -339,11 +339,6 @@ public IRubyObject setup(final ThreadContext context) { if ( isFrozen() ) return runtime.getNil(); - synchronized(this) { - if ( isFrozen() ) return runtime.getNil(); - this.freeze(context); - } - final X509Store certStore = getCertStore(); // TODO: handle tmp_dh_callback : @@ -513,6 +508,8 @@ public IRubyObject setup(final ThreadContext context) { throw newSSLError(runtime, e); } + this.freeze(context); + return runtime.getTrue(); } From 2f251b926c0d6a47ef32ddd23bc003588c42cd0b Mon Sep 17 00:00:00 2001 From: kares Date: Mon, 27 May 2024 08:07:37 +0200 Subject: [PATCH 05/11] [fix] sync SSLContext#setup as it could be shared (#302) follow-up on previous commit: b612897f6b1dae08d0f0bd0233988b0e091c857b --- src/main/java/org/jruby/ext/openssl/SSLContext.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/java/org/jruby/ext/openssl/SSLContext.java b/src/main/java/org/jruby/ext/openssl/SSLContext.java index ddaa4711..1d7729e5 100644 --- a/src/main/java/org/jruby/ext/openssl/SSLContext.java +++ b/src/main/java/org/jruby/ext/openssl/SSLContext.java @@ -315,7 +315,7 @@ public SSLContext(Ruby runtime, RubyClass type) { //private int sessionCacheMode; // 2 default on MRI private int sessionCacheSize; // 20480 - private InternalContext internalContext; + private volatile InternalContext internalContext; @JRubyMethod(required = 0, optional = 1, visibility = Visibility.PRIVATE) public IRubyObject initialize(IRubyObject[] args) { @@ -334,7 +334,7 @@ public IRubyObject initialize_copy(IRubyObject original) { final SSLContext initializeImpl() { return this; } @JRubyMethod - public IRubyObject setup(final ThreadContext context) { + public synchronized IRubyObject setup(final ThreadContext context) { final Ruby runtime = context.runtime; if ( isFrozen() ) return runtime.getNil(); From 8847ce3aab865b528de6bd35b2d97c2d61aa32b3 Mon Sep 17 00:00:00 2001 From: kares Date: Mon, 27 May 2024 08:10:00 +0200 Subject: [PATCH 06/11] [refactor] add exception debugging within SSLSocket#waitSelect --- .../java/org/jruby/ext/openssl/SSLSocket.java | 41 +++++++++---------- 1 file changed, 20 insertions(+), 21 deletions(-) diff --git a/src/main/java/org/jruby/ext/openssl/SSLSocket.java b/src/main/java/org/jruby/ext/openssl/SSLSocket.java index ea2e33f2..36c61508 100644 --- a/src/main/java/org/jruby/ext/openssl/SSLSocket.java +++ b/src/main/java/org/jruby/ext/openssl/SSLSocket.java @@ -471,8 +471,8 @@ else if ((operations & SelectionKey.OP_WRITE) != 0) { writeWouldBlock(runtime, exception, result); } } - } - catch (IOException ioe) { + } catch (IOException ioe) { + debugStackTrace(runtime, "SSLSocket.waitSelect", ioe); throw runtime.newRuntimeError("Error with selector: " + ioe.getMessage()); } } else { @@ -483,6 +483,7 @@ public void run() throws InterruptedException { result[0] = selector.select(); } catch (IOException ioe) { + debugStackTrace(runtime, "SSLSocket.waitSelect", ioe); throw runtime.newRuntimeError("Error with selector: " + ioe.getMessage()); } } @@ -505,32 +506,27 @@ public void wakeup() { //JRuby <= 9.1.2.0 that makes this not always the case, so we have to check return selector.selectedKeys().contains(key) ? Boolean.TRUE : Boolean.FALSE; } - } - catch (InterruptedException interrupt) { return Boolean.FALSE; } - finally { - // Note: I don't like ignoring these exceptions, but it's - // unclear how likely they are to happen or what damage we - // might do by ignoring them. Note that the pieces are separate - // so that we can ensure one failing does not affect the others - // running. + } catch (InterruptedException interrupt) { + debug(runtime, "SSLSocket.waitSelect", interrupt); + return Boolean.FALSE; + } finally { + // Note: I don't like ignoring these exceptions, but it's unclear how likely they are to happen or what + // damage we might do by ignoring them. Note that the pieces are separate so that we can ensure one failing + // does not affect the others running. // clean up the key in the selector try { if ( key != null ) key.cancel(); if ( selector != null ) selector.selectNow(); - } - catch (Exception e) { // ignore - debugStackTrace(runtime, e); + } catch (Exception e) { // ignore + debugStackTrace(runtime, "SSLSocket.waitSelect (ignored)", e); } // shut down and null out the selector try { - if ( selector != null ) { - runtime.getSelectorPool().put(selector); - } - } - catch (Exception e) { // ignore - debugStackTrace(runtime, e); + if ( selector != null ) runtime.getSelectorPool().put(selector); + } catch (Exception e) { // ignore + debugStackTrace(runtime, "SSLSocket.waitSelect (ignored)", e); } if (blocking) { @@ -810,8 +806,11 @@ private void doShutdown() throws IOException { flushData(true); } - private IRubyObject sysreadImpl(final ThreadContext context, - IRubyObject len, IRubyObject buff, final boolean blocking, final boolean exception) { + /** + * @return the (@link RubyString} buffer or :wait_readable / :wait_writeable {@link RubySymbol} + */ + private IRubyObject sysreadImpl(final ThreadContext context, final IRubyObject len, final IRubyObject buff, + final boolean blocking, final boolean exception) { final Ruby runtime = context.runtime; final int length = RubyNumeric.fix2int(len); From d8d67cd057a8bad3e66d6e4d6338179801464daa Mon Sep 17 00:00:00 2001 From: Charles Oliver Nutter Date: Mon, 6 May 2024 13:03:34 -0500 Subject: [PATCH 07/11] Convert IOException to Ruby exception correctly Many libraries depend on us raising the actual Errno exceptions for what comes out of Java as IOException. The utilities in JRuby exist to convert these IOException objects into the appropriate Errno exception by examining the exception type and message. This patch switches one key place for #242 to use this utility method. --- src/main/java/org/jruby/ext/openssl/SSLSocket.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/org/jruby/ext/openssl/SSLSocket.java b/src/main/java/org/jruby/ext/openssl/SSLSocket.java index 36c61508..ed336bdb 100644 --- a/src/main/java/org/jruby/ext/openssl/SSLSocket.java +++ b/src/main/java/org/jruby/ext/openssl/SSLSocket.java @@ -951,7 +951,7 @@ private IRubyObject syswriteImpl(final ThreadContext context, } catch (IOException ex) { debugStackTrace(runtime, "SSLSocket.syswriteImpl", ex); - throw Utils.newError(runtime, runtime.getIOError(), ex); + throw runtime.newIOErrorFromException(ex); } } From 5f462bdd4438d9e660ec0f8b925889c26eb0aaff Mon Sep 17 00:00:00 2001 From: kares Date: Mon, 27 May 2024 10:29:08 +0200 Subject: [PATCH 08/11] [fix] OpenSSL::PKey::DH#set_pqg regression (#300) introduced at: adcd03115f6906fad9424f3276b86c9c54f91c05 --- lib/jopenssl/_compat23.rb | 4 ++-- src/test/ruby/test_pkey.rb | 14 ++++++++++++++ 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/lib/jopenssl/_compat23.rb b/lib/jopenssl/_compat23.rb index 8da642c6..78f9d0ef 100644 --- a/lib/jopenssl/_compat23.rb +++ b/lib/jopenssl/_compat23.rb @@ -14,9 +14,9 @@ def set_key(pub_key, priv_key) def set_pqg(p, q, g) self.p = p - if respond_to?(:q) + if respond_to?(:q=) self.q = q - else # TODO self.q = q + else OpenSSL.warn "JRuby-OpenSSL does not support setting q param on #{inspect}" if q end self.g = g diff --git a/src/test/ruby/test_pkey.rb b/src/test/ruby/test_pkey.rb index 30b83489..2a0f0e12 100644 --- a/src/test/ruby/test_pkey.rb +++ b/src/test/ruby/test_pkey.rb @@ -83,6 +83,20 @@ def test_pkey_pem_file_error end end + def test_pkey_dh + dh = OpenSSL::PKey::DH.new + assert_equal nil, dh.p + assert_equal nil, dh.priv_key + + # OpenSSL::PKey::PKeyError: dh#set_pqg= is incompatible with OpenSSL 3.0 + if defined? JRUBY_VERSION + dh.set_pqg(1_000_000, nil, 10) + assert_equal 1_000_000, dh.p + assert_equal 10, dh.g + end + assert_equal nil, dh.q + end + def test_to_java pkey = OpenSSL::PKey.read(KEY) assert_kind_of java.security.PublicKey, pkey.to_java From 5df8e30d641cbbedb8756242e6fd5c8b20500f51 Mon Sep 17 00:00:00 2001 From: kares Date: Mon, 27 May 2024 10:54:15 +0200 Subject: [PATCH 09/11] [compat] OpenSSL::ConfigError and DEFAULT_CONFIG_FILE (#304) --- lib/jopenssl/load.rb | 1 + lib/openssl/config.rb | 3 +++ 2 files changed, 4 insertions(+) diff --git a/lib/jopenssl/load.rb b/lib/jopenssl/load.rb index db90cdf4..ab224c27 100644 --- a/lib/jopenssl/load.rb +++ b/lib/jopenssl/load.rb @@ -43,6 +43,7 @@ module OpenSSL autoload :Config, 'openssl/config' unless const_defined?(:Config, false) + autoload :ConfigError, 'openssl/config' unless const_defined?(:ConfigError, false) autoload :PKCS12, 'openssl/pkcs12' end diff --git a/lib/openssl/config.rb b/lib/openssl/config.rb index 9a0b7874..547b08f2 100644 --- a/lib/openssl/config.rb +++ b/lib/openssl/config.rb @@ -14,6 +14,7 @@ require 'stringio' module OpenSSL + class ConfigError < OpenSSLError; end ## # = OpenSSL::Config # @@ -27,6 +28,8 @@ module OpenSSL class Config include Enumerable + DEFAULT_CONFIG_FILE = nil # JRuby: compatibility (we do not read openssl.cnf) + class << self ## From bbf5ccc9171eb5362f89e7f4d5c2f535ce48b47f Mon Sep 17 00:00:00 2001 From: kares Date: Mon, 27 May 2024 11:07:24 +0200 Subject: [PATCH 10/11] [release] prepare for 0.14.6 --- History.md | 11 ++++++++++- lib/jopenssl/version.rb | 2 +- pom.xml | 2 +- 3 files changed, 12 insertions(+), 3 deletions(-) diff --git a/History.md b/History.md index e5a4c3bd..e61e7d20 100644 --- a/History.md +++ b/History.md @@ -1,6 +1,15 @@ +## 0.14.6 + +* [compat] OpenSSL::ConfigError and DEFAULT_CONFIG_FILE (#304) +* [fix] `OpenSSL::PKey::DH#set_pqg` regression (#300) +* Convert `IOException` to Ruby exception correctly (#242) +* [refactor] add exception debugging within SSLSocket#waitSelect +* [fix] sync `SSLContext#setup` as it could be shared (#302) +* [refactor] organize i-var sets (set `@context` after setup) + ## 0.14.5 -* [fix] OpenSSL::X509::Request#verify with DSA public key +* [fix] `OpenSSL::X509::Request#verify` with DSA public key (this was a regression introduced in JOSSL 0.14.4) ## 0.14.4 diff --git a/lib/jopenssl/version.rb b/lib/jopenssl/version.rb index b4fb119a..68a4b385 100644 --- a/lib/jopenssl/version.rb +++ b/lib/jopenssl/version.rb @@ -1,5 +1,5 @@ module JOpenSSL - VERSION = '0.14.6.dev' + VERSION = '0.14.6' BOUNCY_CASTLE_VERSION = '1.74' end diff --git a/pom.xml b/pom.xml index a1bc0f91..f4ed3e28 100644 --- a/pom.xml +++ b/pom.xml @@ -11,7 +11,7 @@ DO NOT MODIFY - GENERATED CODE 4.0.0 rubygems jruby-openssl - 0.14.6.dev-SNAPSHOT + 0.14.6 gem JRuby OpenSSL JRuby-OpenSSL is an add-on gem for JRuby that emulates the Ruby OpenSSL native library. From c1672c9afbda83a5c43659a215b2d90f34969290 Mon Sep 17 00:00:00 2001 From: kares Date: Mon, 27 May 2024 11:11:57 +0200 Subject: [PATCH 11/11] [release] update for next dev SNAPSHOT --- lib/jopenssl/version.rb | 2 +- pom.xml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/jopenssl/version.rb b/lib/jopenssl/version.rb index 68a4b385..f9c1e8ff 100644 --- a/lib/jopenssl/version.rb +++ b/lib/jopenssl/version.rb @@ -1,5 +1,5 @@ module JOpenSSL - VERSION = '0.14.6' + VERSION = '0.14.7.dev' BOUNCY_CASTLE_VERSION = '1.74' end diff --git a/pom.xml b/pom.xml index f4ed3e28..6f8c8850 100644 --- a/pom.xml +++ b/pom.xml @@ -11,7 +11,7 @@ DO NOT MODIFY - GENERATED CODE 4.0.0 rubygems jruby-openssl - 0.14.6 + 0.14.7.dev-SNAPSHOT gem JRuby OpenSSL JRuby-OpenSSL is an add-on gem for JRuby that emulates the Ruby OpenSSL native library.