Test the use of client authentication configuration (JORAM-368).

bfc1413a · Andre Freyssinet · 7a750557 · bfc1413a · bfc1413a · bfc1413a
Commit bfc1413a authored Jun 25, 2020 by Andre Freyssinet
18 changed files
--- a/tests/src/joram/build.xml
+++ b/tests/src/joram/build.xml
@@ -636,6 +636,10 @@
  <target name="tests.ssl"
          description=" --> launch all ssl tests">
    <antcall target="ssl.test"/>
+    <antcall target="ssl.noneclientauth"/>
+    <antcall target="ssl.wantclientauth1"/>
+    <antcall target="ssl.wantclientauth2"/>
+    <antcall target="ssl.needclientauth"/>
  </target>

  <target name="tests.jca" description=" --> test joram connector">
@@ -6491,26 +6495,92 @@

  <!-- Initializes the ssl centralized configuration -->
  <target name="sslsimple_init" depends="init.a3props,compile">
-    <property name="keystore" location="${test.dir}/joram_ks"/>
-    <property name="keystore_pass" value="jorampass"/>
    <antcall target="init.test" inheritAll="true">
      <param name="jvmargs" value=""/>
      <param name="args" value=""/>
-      <param name="a3conf" value="ssl/a3servers.xml"/>
-      <param name="jndiconf" value="ssl/jndi.properties"/>
    </antcall>
-    <copy file="ssl/joram_ks" todir="${test.dir}"/>
+    <copy file="ssl/${mom.keystore}" todir="${test.dir}"/>
+    <copy file="ssl/${client.keystore}" todir="${test.dir}"/>
  </target>

-
-  <target name="ssl.test" depends="sslsimple_init"
+  <target name="ssl.base" depends="sslsimple_init"
          description=" --> test with ssl conection">
    <java classname="joram.ssl.Test" failonerror="no" fork="yes" dir="${test.dir}">
      <classpath path="${project.class.path}"/>
-      <jvmarg line="-Dfelix.dir=${felix.dir} -Dorg.objectweb.joram.keystore=${keystore} -Dorg.objectweb.joram.keystorepass=${keystore_pass} -Dframework.TestCase.OutFile=${report.file} "/>
+      <jvmarg line="-Dfelix.dir=${felix.dir} -Dclient.ks=${test.dir}/${client.keystore} -Dclient.pass=${client.pass} -Dclient.auth=${client.auth} -Dserver.ks=${test.dir}/${mom.keystore} -Dserver.pass=${mom.pass} -Dframework.TestCase.TestId=${testid} -Dframework.TestCase.OutFile=${report.file} ${jvmargs}"/>
    </java>
  </target>

+  <target name="ssl.test" description=" --> test with ssl conection">
+    <antcall target="ssl.base" inheritAll="true">
+      <param name="classname" value="joram.ssl.Test"/>
+      <param name="testid" value="ssl.test"/>
+      <param name="mom.keystore" value="joram_ks"/>
+      <param name="mom.pass" value="jorampass"/>
+      <param name="client.auth" value="NEED"/>
+      <param name="client.keystore" value="joram_ks"/>
+      <param name="client.pass" value="jorampass"/>
+      <param name="a3conf" value="ssl/a3servers.xml"/>
+      <param name="jndiconf" value="ssl/jndi.properties"/>
+    </antcall>
+  </target>
+  
+  <target name="ssl.noneclientauth" description=" --> test with ssl conection, no authentication">
+    <antcall target="ssl.base" inheritAll="true">
+      <param name="classname" value="joram.ssl.Test"/>
+      <param name="testid" value="ssl.noneclientauth"/>
+      <param name="mom.keystore" value="keystore_srv.jks"/>
+      <param name="mom.pass" value="jorampass"/>
+      <param name="client.auth" value="NONE"/>
+      <param name="client.keystore" value="keystore_ca.jks"/>
+      <param name="client.pass" value="jorampass"/>
+      <param name="a3conf" value="ssl/a3servers.xml"/>
+      <param name="jndiconf" value="ssl/jndi.properties"/>
+    </antcall>
+  </target>
+
+  <target name="ssl.wantclientauth1" description=" --> test with ssl conection, authentication wanted, not provided">
+    <antcall target="ssl.base" inheritAll="true">
+      <param name="classname" value="joram.ssl.Test"/>
+      <param name="testid" value="ssl.wantclientauth1"/>
+      <param name="mom.keystore" value="keystore_srv_ca.jks "/>
+      <param name="mom.pass" value="jorampass"/>
+      <param name="client.auth" value="WANT"/>
+      <param name="client.keystore" value="keystore_ca.jks"/>
+      <param name="client.pass" value="jorampass"/>
+      <param name="a3conf" value="ssl/a3servers.xml"/>
+      <param name="jndiconf" value="ssl/jndi.properties"/>
+    </antcall>
+  </target>
+
+  <target name="ssl.wantclientauth2" description=" --> test with ssl conection, authentication wanted, done">
+    <antcall target="ssl.base" inheritAll="true">
+      <param name="classname" value="joram.ssl.Test"/>
+      <param name="testid" value="ssl.wantclientauth2"/>
+      <param name="mom.keystore" value="keystore_srv_ca.jks "/>
+      <param name="mom.pass" value="jorampass"/>
+      <param name="client.auth" value="WANT"/>
+      <param name="client.keystore" value="keystore_clt_ca.jks"/>
+      <param name="client.pass" value="jorampass"/>
+      <param name="a3conf" value="ssl/a3servers.xml"/>
+      <param name="jndiconf" value="ssl/jndi.properties"/>
+    </antcall>
+  </target>
+
+  <target name="ssl.needclientauth" description=" --> test with ssl conection, authentication needed">
+    <antcall target="ssl.base" inheritAll="true">
+      <param name="classname" value="joram.ssl.Test"/>
+      <param name="testid" value="ssl.needclientauth"/>
+      <param name="mom.keystore" value="keystore_srv_ca.jks "/>
+      <param name="mom.pass" value="jorampass"/>
+      <param name="client.auth" value="NEED"/>
+      <param name="client.keystore" value="keystore_clt_ca.jks "/>
+      <param name="client.pass" value="jorampass"/>
+      <param name="a3conf" value="ssl/a3servers.xml"/>
+      <param name="jndiconf" value="ssl/jndi.properties"/>
+    </antcall>
+  </target>
+  
  <!-- end test ssl -->

  <!--  start JCA tests -->

--- a/tests/src/joram/ssl/Test.java
+++ b/tests/src/joram/ssl/Test.java
-/*
- * JORAM: Java(TM) Open Reliable Asynchronous Messaging
- * Copyright (C) 2007 - 2010 ScalAgent Distributed Technologies
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or any later version.
- * 
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- * 
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307
- * USA.
- *
- * Initial developer(s):Badolle Fabien (ScalAgent D.T.)
- * Contributor(s): 
- */
-package joram.ssl;
-
-import javax.jms.Connection;
-import javax.jms.ConnectionFactory;
-import javax.jms.Message;
-import javax.jms.MessageConsumer;
-import javax.jms.MessageProducer;
-import javax.jms.Session;
-import javax.jms.TextMessage;
-import javax.naming.Context;
-import javax.naming.InitialContext;
-
-import org.objectweb.joram.client.jms.Queue;
-import org.objectweb.joram.client.jms.Topic;
-import org.objectweb.joram.client.jms.admin.AdminModule;
-import org.objectweb.joram.client.jms.admin.User;
-import org.objectweb.joram.client.jms.tcp.TcpConnectionFactory;
-
-import framework.TestCase;
-
-/**
- * Test :
- */
-public class Test extends TestCase {
-
-  public static void main(String[] args) {
-    new Test().run();
-  }
-
-  public void run() {
-    try {
-      System.out.println("server start");
-      startAgentServer((short) 0);
-
-      Thread.sleep(1000);
-
-      admin();
-      System.out.println("admin config ok");
-
-      Context ictx = new InitialContext();
-      Queue queue = (Queue) ictx.lookup("queue");
-      ConnectionFactory cf = (ConnectionFactory) ictx.lookup("cf");
-      ictx.close();
-
-      Connection cnx = cf.createConnection();
-      Session sessionp = cnx.createSession(false, Session.AUTO_ACKNOWLEDGE);
-      Session sessionc = cnx.createSession(false, Session.AUTO_ACKNOWLEDGE);
-      cnx.start();
-
-      // create a producer and a consumer
-      MessageProducer producer = sessionp.createProducer(queue);
-      MessageConsumer consumer = sessionc.createConsumer(queue);
-      // create a text message send to the queue by the producer 
-      TextMessage msg = sessionp.createTextMessage();
-      msg.setText("message_type_text");
-      producer.send(msg);
-      // the consumer receive the message from the queue
-      Message msg1 = consumer.receive();
-      TextMessage msg2 = (TextMessage) msg1;
-
-      //test messages
-      assertEquals(msg.getJMSMessageID(), msg1.getJMSMessageID());
-      assertEquals(msg.getJMSType(), msg1.getJMSType());
-      assertEquals(msg.getJMSDestination(), msg1.getJMSDestination());
-      assertEquals("message_type_text", msg2.getText());
-
-      cnx.close();
-    } catch (Throwable exc) {
-      exc.printStackTrace();
-      error(exc);
-    } finally {
-      System.out.println("Server stop ");
-      killAgentServer((short) 0);
-      endTest();
-    }
-  }
-
-  public void admin() throws Exception {
-
-    AdminModule.connect("root", "root", 60, "org.objectweb.joram.client.jms.tcp.ReliableSSLTcpClient");
-
-    Queue queue = Queue.create("queue");
-    Topic topic = Topic.create("topic");
-
-    User.create("anonymous", "anonymous");
-
-    queue.setFreeReading();
-    topic.setFreeReading();
-    queue.setFreeWriting();
-    topic.setFreeWriting();
-
-    javax.jms.ConnectionFactory cf = TcpConnectionFactory.create("localhost", 16010,
-        "org.objectweb.joram.client.jms.tcp.ReliableSSLTcpClient");
-
-    javax.naming.Context jndiCtx = new javax.naming.InitialContext();
-    jndiCtx.bind("cf", cf);
-    jndiCtx.bind("queue", queue);
-    jndiCtx.bind("topic", topic);
-    jndiCtx.close();
-
-    AdminModule.disconnect();
-
-  }
-}
+/*
+ * JORAM: Java(TM) Open Reliable Asynchronous Messaging
+ * Copyright (C) 2007 - 2010 ScalAgent Distributed Technologies
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or any later version.
+ * 
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307
+ * USA.
+ *
+ * Initial developer(s):Badolle Fabien (ScalAgent D.T.)
+ * Contributor(s): 
+ */
+package joram.ssl;
+
+import javax.jms.Connection;
+import javax.jms.ConnectionFactory;
+import javax.jms.Message;
+import javax.jms.MessageConsumer;
+import javax.jms.MessageProducer;
+import javax.jms.Session;
+import javax.jms.TextMessage;
+import javax.naming.Context;
+import javax.naming.InitialContext;
+
+import org.objectweb.joram.client.jms.Queue;
+import org.objectweb.joram.client.jms.Topic;
+import org.objectweb.joram.client.jms.admin.AdminModule;
+import org.objectweb.joram.client.jms.admin.User;
+import org.objectweb.joram.client.jms.tcp.TcpConnectionFactory;
+
+import framework.TestCase;
+
+/**
+ * Test :
+ */
+public class Test extends TestCase {
+
+  public static void main(String[] args) {
+    new Test().run();
+  }
+
+  public void run() {
+    try {
+      System.out.println("server start");
+      
+      String serverks = System.getProperty("server.ks", "joram_ks");
+      String serverpass = System.getProperty("server.pass", "jorampass");
+      String clientauth = System.getProperty("client.auth", "NEED");
+      startAgentServer((short) 0,
+                       new String[] {"-Dorg.objectweb.joram.clientAuth=" + clientauth,
+                                     "-Dorg.objectweb.joram.keystore=" + serverks,
+                                     "-Dorg.objectweb.joram.keystorepass=" + serverpass});
+      Thread.sleep(1000);
+
+      // Joram client and server use the same property names, so we have to overload these
+      // properties prior to create the Connection.
+      String clientks = System.getProperty("client.ks");
+      if (clientks != null)
+        System.setProperty("org.objectweb.joram.keystore", clientks);
+      String clientpass = System.getProperty("client.pass");
+      if (clientpass != null)
+        System.setProperty("org.objectweb.joram.keystorepass", clientpass);
+
+      System.out.println("ks=" + clientks + ", pass=" + clientpass);
+      
+      admin();
+      System.out.println("admin config ok");
+
+      Context ictx = new InitialContext();
+      Queue queue = (Queue) ictx.lookup("queue");
+      ConnectionFactory cf = (ConnectionFactory) ictx.lookup("cf");
+      ictx.close();
+
+      Connection cnx = cf.createConnection();
+      Session sessionp = cnx.createSession(false, Session.AUTO_ACKNOWLEDGE);
+      Session sessionc = cnx.createSession(false, Session.AUTO_ACKNOWLEDGE);
+      cnx.start();
+
+      // create a producer and a consumer
+      MessageProducer producer = sessionp.createProducer(queue);
+      MessageConsumer consumer = sessionc.createConsumer(queue);
+      // create a text message send to the queue by the producer 
+      TextMessage msg = sessionp.createTextMessage();
+      msg.setText("message_type_text");
+      producer.send(msg);
+      // the consumer receive the message from the queue
+      Message msg1 = consumer.receive();
+      TextMessage msg2 = (TextMessage) msg1;
+
+      //test messages
+      assertEquals(msg.getJMSMessageID(), msg1.getJMSMessageID());
+      assertEquals(msg.getJMSType(), msg1.getJMSType());
+      assertEquals(msg.getJMSDestination(), msg1.getJMSDestination());
+      assertEquals("message_type_text", msg2.getText());
+
+      cnx.close();
+    } catch (Throwable exc) {
+      exc.printStackTrace();
+      error(exc);
+    } finally {
+      System.out.println("Server stop ");
+      killAgentServer((short) 0);
+      endTest();
+    }
+  }
+
+  public void admin() throws Exception {
+
+    AdminModule.connect("root", "root", 30, "org.objectweb.joram.client.jms.tcp.ReliableSSLTcpClient");
+
+    Queue queue = Queue.create("queue");
+    Topic topic = Topic.create("topic");
+
+    User.create("anonymous", "anonymous");
+
+    queue.setFreeReading();
+    topic.setFreeReading();
+    queue.setFreeWriting();
+    topic.setFreeWriting();
+
+    javax.jms.ConnectionFactory cf = TcpConnectionFactory.create("localhost", 16010,
+        "org.objectweb.joram.client.jms.tcp.ReliableSSLTcpClient");
+
+    javax.naming.Context jndiCtx = new javax.naming.InitialContext();
+    jndiCtx.bind("cf", cf);
+    jndiCtx.bind("queue", queue);
+    jndiCtx.bind("topic", topic);
+    jndiCtx.close();
+
+    AdminModule.disconnect();
+  }
+}
--- a/tests/src/joram/ssl/keystore_ca.jks
+++ b/tests/src/joram/ssl/keystore_ca.jks
--- a/tests/src/joram/ssl/keystore_clt.jks
+++ b/tests/src/joram/ssl/keystore_clt.jks
--- a/tests/src/joram/ssl/keystore_clt_ca.jks
+++ b/tests/src/joram/ssl/keystore_clt_ca.jks
--- a/tests/src/joram/ssl/keystore_srv.jks
+++ b/tests/src/joram/ssl/keystore_srv.jks
--- a/tests/src/joram/ssl/keystore_srv_ca.jks
+++ b/tests/src/joram/ssl/keystore_srv_ca.jks
--- a/tests/src/joram/ssl/testssl/sadt_test_ca.crt
+++ b/tests/src/joram/ssl/testssl/sadt_test_ca.crt
+-----BEGIN CERTIFICATE-----
+MIIClDCCAf2gAwIBAgIJAM2e3q6PGP57MA0GCSqGSIb3DQEBCwUAMGIxFTATBgNV
+BAMMDFNBRFQgVEVTVCBDQTEVMBMGA1UECgwMU2NhbEFnZW50IERUMRAwDgYDVQQL
+DAdURVNUIFdHMQswCQYDVQQGEwJGUjETMBEGA1UEBwwKRWNoaXJvbGxlczAgFw0y
+MDA2MjUwNTI4NDRaGA8yMTIwMDYwMTA1Mjg0NFowYjEVMBMGA1UEAwwMU0FEVCBU
+RVNUIENBMRUwEwYDVQQKDAxTY2FsQWdlbnQgRFQxEDAOBgNVBAsMB1RFU1QgV0cx
+CzAJBgNVBAYTAkZSMRMwEQYDVQQHDApFY2hpcm9sbGVzMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQDBzNwpRSqy/jBN7mkQg+FLk4AHKYh5ENKO5AXuml1dL/fF
+qhXksTuj0UCuEIuoGSEms0VxDSj5OyebPtrxY6+XCIOQVy4hW8OiJy3SMMpWhx9L
+c4/gkIt9kcgmZZAJUoR7sP4/uO8jrpZLM6RZa7Re9wdkNpAU74EzZdIY9N/cSwID
+AQABo1AwTjAdBgNVHQ4EFgQUZr18+3QMi0DBW75GEB9IhDUR7n4wHwYDVR0jBBgw
+FoAUZr18+3QMi0DBW75GEB9IhDUR7n4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0B
+AQsFAAOBgQCEGSdv6r1Ozedzz7gRgq4CJyjkPb0swnj55Y8u/uR6uvQ8kxqlcJ7z
+oeAiwZNbQ3tGpSDJ3ppw3mfLvO67w1xwA7rSd+m5XihKo2HqBahWLb80dhYFvHhg
+wjHdfOQp425BWeoqi0rDs4ooWdcAhDysM3GYdVCbWY/ZonMfqbTmkA==
+-----END CERTIFICATE-----
--- a/tests/src/joram/ssl/testssl/sadt_test_ca.key
+++ b/tests/src/joram/ssl/testssl/sadt_test_ca.key
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,4D26A5A0636C6D7D
+
+GeTLFd2wwANqse8bxPD9m8DGCGIzevfUmm27G5R9NAKQ03C3GkurRN1mNm+iFN4I
+Zb8OVab2XH1uBZxc45yOE9ejqCMoQ7Gd9GmgsswVrfWVsSDhRpG6FQ8i8KAOEUC8
+qs4HCp2oLfqbj6+acCkT/Cu66eqlfCjNYH7XbDT0rIazTi9zKOXr8g8XcnvYuALZ
+S31BFtmLGSDJPUZIXA4w1FkbaggI7il3hz9lVBWXFKHrdb9QPykpJmiNRNPNpxQQ
+TwlRaxtXO+YJX+fS77cZ+gMHS7jYIe6Cdjc7E4bdbnOoZ3xxX2noOdRbS/LlN1YN
+UDe3grPEekQ6mLOR0tzwzVJT9Usd5RYFI3elahAPuQ5D779EBA9jBX1vd47wze6x
+aDsLaWe03Od1CKjQElUZvb7iXe1B4a8u5QVcapcp+Sbd3zRYOYEcw76u9+8jZJ8e
+Dk38+HdpRFT6CN3M39TAYhrXefvzb047Krf6pqprS7vGWxrV837CiVGcPB7TzotE
+PHQhWF3ROsGXPJ6RVyx8kSHM34fYzZeajEEzCsrQin7P/ZEehbKdxq4SD5UPoryT
+1Z/bK1W+ZaqrGThuUHJoakM703CjNhmj/UeZABGmARE3s/TfUVr1Gwy1Y33WIPZ6
+L1geB26H7so3/UzKnngmxVgayd1ut2389Izu/KxylADxpRs9MWM+6yugvrRPaEXF
+9E5FthScmJB5M4CNOnA7sakRZ1A6WjxIV261qFM02/6ZTJuAe7raZv1mBhXr+6iJ
+PT7oeLPMelIpaD42h/oJVEDiaiSludYgFJmuxf1yeMcDaIDPgbvvJw==
+-----END RSA PRIVATE KEY-----
--- a/tests/src/joram/ssl/testssl/sadt_test_ca.srl
+++ b/tests/src/joram/ssl/testssl/sadt_test_ca.srl
+9FD5B183751F694D
--- a/tests/src/joram/ssl/testssl/sadt_test_clt.crt
+++ b/tests/src/joram/ssl/testssl/sadt_test_clt.crt
+-----BEGIN CERTIFICATE-----
+MIICNzCCAaACCQCf1bGDdR9pTTANBgkqhkiG9w0BAQsFADBiMRUwEwYDVQQDDAxT
+QURUIFRFU1QgQ0ExFTATBgNVBAoMDFNjYWxBZ2VudCBEVDEQMA4GA1UECwwHVEVT
+VCBXRzELMAkGA1UEBhMCRlIxEzARBgNVBAcMCkVjaGlyb2xsZXMwIBcNMjAwNjI1
+MDU1NDE0WhgPMjEyMDA2MDEwNTU0MTRaMFwxDzANBgNVBAMMBmNsaWVudDEVMBMG
+A1UECgwMU2NhbEFnZW50IERUMRAwDgYDVQQLDAdURVNUIFdHMQswCQYDVQQGEwJG
+UjETMBEGA1UEBwwKRWNoaXJvbGxlczCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
+gYEAlrvRjFgS2RmBjtj/VgjuxUQtHriyyrXCWKLhYn/7xW4xnRvE80W1g7bNLaF3
+BU2AuxbdNoavQD7M11OdctKUlPPKWZl5bh5BgFBmCqk57FBqsOiOHJMQ6xPlMjkJ
+oyb6mf5WhOFkvgWESjzOPq0dX2OnApOviL/4zhgo43Jy0kCAwEAATANBgkqhkiG
+9w0BAQsFAAOBgQBE1Ya4k1QFAEl/Xrw/UytJTcsQaNcpdAI9GIftmi2rAPmkDnlp
+jMBxlOuKwvPoTMobEyQaE5gsFyrvPlHwInhBcRQalrgLW2ezLYZGWFkdjxI+fHHI
+loKrFdRjFX/iz/QfbNnKN0nbsn7BPxSq3hYdcOyIfwNYi1Gii5AEAKLFgg==
+-----END CERTIFICATE-----
--- a/tests/src/joram/ssl/testssl/sadt_test_clt.csr
+++ b/tests/src/joram/ssl/testssl/sadt_test_clt.csr
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBnDCCAQUCAQAwXDEPMA0GA1UEAwwGY2xpZW50MRUwEwYDVQQKDAxTY2FsQWdl
+bnQgRFQxEDAOBgNVBAsMB1RFU1QgV0cxCzAJBgNVBAYTAkZSMRMwEQYDVQQHDApF
+Y2hpcm9sbGVzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCWu9GMWBLZGYGO
+2P9WCO7FRC0euLLKtcJYouFif/vFbjGdG8TzRbWDts0toXcFTYC7Ft02hq9APszX
+U51y0pSU88pZmXluHkGAUGYKqTnsUGqw6I4ckxDrE+UyOQn6jJvqZ/laE4WS+BYR
+KPM4+rR1fY6cCk6+Iv/jOGCjjcnLSQIDAQABoAAwDQYJKoZIhvcNAQELBQADgYEA
+fPeklFY8KCSJcb1SxDg5N3Mj2LfIqZosYLpEFpVqmeB+FC+Eir1rsHluyCiSHjW8
+6jPg9B9Bey+Skxi7nrBLyb41s0gKCGLAsoUxQlVxUaeZfY8q8qEIY06LhxAK2mrW
+7vfw2r+ZyBaHAzsw8HVA4PRUKpIp4ud2NtOM0cItkc=
+-----END CERTIFICATE REQUEST-----
--- a/tests/src/joram/ssl/testssl/sadt_test_clt.key
+++ b/tests/src/joram/ssl/testssl/sadt_test_clt.key
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCWu9GMWBLZGYGO2P9WCO7FRC0euLLKtcJYouFif/vFbjGdG8Tz
+RbWDts0toXcFTYC7Ft02hq9APszXU51y0pSU88pZmXluHkGAUGYKqTnsUGqw6I4c
+kxDrE+UyOQn6jJvqZ/laE4WS+BYRKPM4+rR1fY6cCk6+Iv/jOGCjjcnLSQIDAQAB
+AoGAY/yorxEJR6vMrkYxcg+w23gy+esI5sCU75j0KxO8niVPkekGx1zZYErVZcxy
+mDjmCLTM/stu2w4NcVSM38riNbu47HYiZ0gee5nIPwqKFx+433tPNRfRjNWIvACO
+vol9uhOYn+SDocrA1tIK2LT6QiO2t7EFx6Ij/btuA4YUxQECQQDE83u5LWCrk5iR
+OSsfr0Rk7ckz7fWFCbt2ZIa43+zILj+kpqH0PM164rZlX6PhIEnkvDY6IqHgP5nd
+wlx+97gpAkEAw+0GXFf2g6Vl0RDrptBKvO0GZX6ySA67Qno5eczRNlgO2f2TzMA4
+4ElH3id6mgwR1wNuPc+8drEYK0HBH9xeIQJAfy+FjHYDYYm1EsNKV/HFRzBPqJtY
+3AsG5lPQtH7W2AcVzmxVVfYV8++IPjrfB7jkPzRUCILo6nnoEU88kDnE0QJBALqH
+nLip3j4zZ54FV/U29RCtMJvMZXuI2utNZg752my8pVcQvnf+wad23P854tVqjEmC
+MKCUeD8gF3yHW5Azw0ECQCzPtxeX3qYgUj0DGK07xezMyKYL39u/YrYWIPOSNA4o
+XHVNhqCBU4HMRwgvoz706HEtNlwKBPdUYpMYna6a7O8=
+-----END RSA PRIVATE KEY-----
--- a/tests/src/joram/ssl/testssl/sadt_test_clt.p12
+++ b/tests/src/joram/ssl/testssl/sadt_test_clt.p12
--- a/tests/src/joram/ssl/testssl/sadt_test_srv.crt
+++ b/tests/src/joram/ssl/testssl/sadt_test_srv.crt
+-----BEGIN CERTIFICATE-----
+MIICNzCCAaACCQCf1bGDdR9pTDANBgkqhkiG9w0BAQsFADBiMRUwEwYDVQQDDAxT
+QURUIFRFU1QgQ0ExFTATBgNVBAoMDFNjYWxBZ2VudCBEVDEQMA4GA1UECwwHVEVT
+VCBXRzELMAkGA1UEBhMCRlIxEzARBgNVBAcMCkVjaGlyb2xsZXMwIBcNMjAwNjI1
+MDU0OTAzWhgPMjEyMDA2MDEwNTQ5MDNaMFwxDzANBgNVBAMMBnNlcnZlcjEVMBMG
+A1UECgwMU2NhbEFnZW50IERUMRAwDgYDVQQLDAdURVNUIFdHMQswCQYDVQQGEwJG
+UjETMBEGA1UEBwwKRWNoaXJvbGxlczCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
+gYEAsRxU8h6k+88vqXgBc7QSD7l0FZ5CT5ZIa8+3YmpMQMoALf7rTWBjzCeRk2C3
+Qd/cv9JyEXEXOkFonYtxDptpcKe4hCNTSVZloFm+KBTSNx2QlkJn2LkdVJy+XYMh
+/s/+Y5muToWf8WFjXsGzeFf8RtCLEkcbwgPQWXHfpSamrtECAwEAATANBgkqhkiG
+9w0BAQsFAAOBgQBQAGGUOZ+ioTTUEorKGEdt1FHV98LBkhZRhRWI5JyKM6QE2R4i
+RRv3Mfb8iWIv7l4xeCFAwklwNVVZ2dsW4Puz9416t7oSxXz82fvsmKOltN6Abc8i
+K+7s2n/lQFeAHpsZXue1oLlf8hwD//dYluuYi9BPPRUks+U+WolvfIoORg==
+-----END CERTIFICATE-----
--- a/tests/src/joram/ssl/testssl/sadt_test_srv.csr
+++ b/tests/src/joram/ssl/testssl/sadt_test_srv.csr
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBnDCCAQUCAQAwXDEPMA0GA1UEAwwGc2VydmVyMRUwEwYDVQQKDAxTY2FsQWdl
+bnQgRFQxEDAOBgNVBAsMB1RFU1QgV0cxCzAJBgNVBAYTAkZSMRMwEQYDVQQHDApF
+Y2hpcm9sbGVzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCxHFTyHqT7zy+p
+eAFztBIPuXQVnkJPlkhrz7diakxAygAt/utNYGPMJ5GTYLdB39y/0nIRcRc6QWid
+i3EOm2lwp7iEI1NJVmWgWb4oFNI3HZCWQmfYuR1UnL5dgyH+z/5jma5OhZ/xYWNe
+wbN4V/xG0IsSRxvCA9BZcd+lJqau0QIDAQABoAAwDQYJKoZIhvcNAQELBQADgYEA
+Fj3waVvkLdmaL4y8Bw0PcGSGgO5t8IzQixuXEjw958HmFXSa3lflpbQ6u7Nc0mEt
+Ntxm53Fl6fZqGjPxhzJXamFnzaeWEw0jm9vNZt4VX9rXR45yq5Xu3DUeoAdk5Wcw
+rYYfUM3wxpkkw1rSt4e9ZdupsYDQA6JnbkgJCv2pBNU=
+-----END CERTIFICATE REQUEST-----
--- a/tests/src/joram/ssl/testssl/sadt_test_srv.key
+++ b/tests/src/joram/ssl/testssl/sadt_test_srv.key
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQCxHFTyHqT7zy+peAFztBIPuXQVnkJPlkhrz7diakxAygAt/utN
+YGPMJ5GTYLdB39y/0nIRcRc6QWidi3EOm2lwp7iEI1NJVmWgWb4oFNI3HZCWQmfY
+uR1UnL5dgyH+z/5jma5OhZ/xYWNewbN4V/xG0IsSRxvCA9BZcd+lJqau0QIDAQAB
+AoGAEmziIXYyr8e0K6tCa2kWX/BpNT6Lo3/89MpdR63LVQouzpownJIkj76mFHEB
+X6cMbiBUoZ/kTLk1Sv6QunZMl7Fs39F8ixTtJOSRETNrqWXrt4HcBoil734bsJMv
+u3jKfozFI9RzifsUJIN8MflvlwhVCYuZ4I8OuGcJin6taukCQQDWhsuZFVPTHpBe
+f2OH6GKaZbH0ynnZgDsKGeePDYdayU9ckwL0bPKKf8Pf3xfcd7LvOddwMp7Il4L+
+Hwq28NRDAkEA01nGa0oHLhxqQcLeg96cNOBX90XLb6D/43nH7LWFeyQh28tyQbJq
+gMAGbsHGBnXqnkEp/oHzXEqBYNSYoDmpWwJBAJoS89U9kRe3At8rxPNOfsr/MQFs
+Dnmc9Eo78qg2gjk9DkehumSMfuHkA20dUIjiW1wfgdCuOoY88zLKXqqnavsCQHZn
+BfTXPRyFCLYcoKIJ1UL+J+m8bRL1hEWA1RL0QnpRLLLA0BqkBGxqp2/nGLRH3Q+Z
+fBg73wVmLAL+Nx8UDp8CQQCrB+0Wbe4/bDAGcljHW7ATTWp9GM8uYi/A46U/SFRS
+dAHtGl4wATi8NuyPO7iD+vSqckFaCeW+f9QQ9Ba9taq7
+-----END RSA PRIVATE KEY-----
--- a/tests/src/joram/ssl/testssl/sadt_test_srv.p12
+++ b/tests/src/joram/ssl/testssl/sadt_test_srv.p12