BouncyCastle

[Benson Margulies <be...@basistech.com>]

PEM key-reading in Mina requires BouncyCastle.

So, the test I wrote to try out PEM keys in Karaf fails, because
there's no BC in the default build.

Any suggestions? I hate to offer a patch without a test.

I wish that MINA had PEM reading support that didn't depend on BC.

Re: BouncyCastle

[Jean-Baptiste Onofré <jb...@nanthrax.net>]

Absolutely !

I keep you posted.

Regards
JB

On 07/28/2015 03:42 AM, Benson Margulies wrote:
> JB, could I ask you to look at the PR tomorrow? I have something that
> works, no MANIFESTS were harmed.
>
> On Mon, Jul 27, 2015 at 9:18 PM, Jean-Baptiste Onofré <jb...@nanthrax.net> wrote:
>> I will get back to you tomorrow about that. But, I'm not sure I follow you
>> there.
>>
>> Regards
>> JB
>>
>> On 07/27/2015 04:52 PM, Benson Margulies wrote:
>>>
>>> On Mon, Jul 27, 2015 at 10:41 AM, James Carman
>>> <ja...@carmanconsulting.com> wrote:
>>>>
>>>> We're probably going to have to monkey with the MANIFEST.MF file to get
>>>> the
>>>> right imports.
>>>
>>>
>>> James,
>>>
>>> I think that there's a larger question that we need to answer. The
>>> karaf team has chosen to tell people 'yea, you can use BC if you want
>>> to, by installing it into the 'ext' directory so that it can provide
>>> crypto providers.' I suspect that there are licensing considerations
>>> at work here that led them not to wire it in more tightly.  So I think
>>> we need to hear more from JB or some other Karafites.
>>>
>>> I spent some time trying to reconstruct a PEM reader without it, and I
>>> hit a wall, in spite of various code samples lying about that claimed
>>> to provide a path; I might try some more tonight.
>>>
>>>
>>>
>>>
>>>>
>>>> On Mon, Jul 27, 2015 at 10:30 AM Benson Margulies <be...@basistech.com>
>>>> wrote:
>>>>>
>>>>>
>>>>> Yes, I did that. It does not bring BC into the classpath of the shell
>>>>> service.
>>>>>
>>>>> See the git repo, and see what you can do with it.
>>>>>
>>>>>
>>>>> On Mon, Jul 27, 2015 at 10:13 AM, James Carman
>>>>> <ja...@carmanconsulting.com> wrote:
>>>>>>
>>>>>> With PAX-Exam, you can install bundles into Karaf.  Look at the option
>>>>>> type
>>>>>> mavenBundle() used here:
>>>>>>
>>>>>>
>>>>>>
>>>>>> https://github.com/ops4j/org.ops4j.pax.exam2/blob/master/samples/exam-itest-sample-karaf/src/test/java/org/ops4j/pax/exam/sample/karaf/CalculatorITest.java
>>>>>>
>>>>>>
>>>>>> On Mon, Jul 27, 2015 at 9:54 AM Benson Margulies <be...@basistech.com>
>>>>>> wrote:
>>>>>>>
>>>>>>>
>>>>>>> James, I'm not sure that adding bundles on the test changes what's
>>>>>>> available on the server side, but I'll try it.
>>>>>>>
>>>>>>> On Mon, Jul 27, 2015 at 8:19 AM, James Carman
>>>>>>> <ja...@carmanconsulting.com> wrote:
>>>>>>>>
>>>>>>>> Your pax exam test should be able to install the bundles it needs.
>>>>>>>>
>>>>>>>> On Mon, Jul 27, 2015 at 8:01 AM Benson Margulies
>>>>>>>> <be...@basistech.com>
>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> I did write a pax-exam test, which fails because BC is missing.
>>>>>>>>>
>>>>>>>>> I think I can make the server side use PEM keys without BC, in spite
>>>>>>>>> of
>>>>>>>>> Mina.
>>
>>
>> --
>> Jean-Baptiste Onofré
>> jbonofre@apache.org
>> http://blog.nanthrax.net
>> Talend - http://www.talend.com

-- 
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com

Re: BouncyCastle

[Benson Margulies <be...@basistech.com>]

JB, could I ask you to look at the PR tomorrow? I have something that
works, no MANIFESTS were harmed.

On Mon, Jul 27, 2015 at 9:18 PM, Jean-Baptiste Onofré <jb...@nanthrax.net> wrote:
> I will get back to you tomorrow about that. But, I'm not sure I follow you
> there.
>
> Regards
> JB
>
> On 07/27/2015 04:52 PM, Benson Margulies wrote:
>>
>> On Mon, Jul 27, 2015 at 10:41 AM, James Carman
>> <ja...@carmanconsulting.com> wrote:
>>>
>>> We're probably going to have to monkey with the MANIFEST.MF file to get
>>> the
>>> right imports.
>>
>>
>> James,
>>
>> I think that there's a larger question that we need to answer. The
>> karaf team has chosen to tell people 'yea, you can use BC if you want
>> to, by installing it into the 'ext' directory so that it can provide
>> crypto providers.' I suspect that there are licensing considerations
>> at work here that led them not to wire it in more tightly.  So I think
>> we need to hear more from JB or some other Karafites.
>>
>> I spent some time trying to reconstruct a PEM reader without it, and I
>> hit a wall, in spite of various code samples lying about that claimed
>> to provide a path; I might try some more tonight.
>>
>>
>>
>>
>>>
>>> On Mon, Jul 27, 2015 at 10:30 AM Benson Margulies <be...@basistech.com>
>>> wrote:
>>>>
>>>>
>>>> Yes, I did that. It does not bring BC into the classpath of the shell
>>>> service.
>>>>
>>>> See the git repo, and see what you can do with it.
>>>>
>>>>
>>>> On Mon, Jul 27, 2015 at 10:13 AM, James Carman
>>>> <ja...@carmanconsulting.com> wrote:
>>>>>
>>>>> With PAX-Exam, you can install bundles into Karaf.  Look at the option
>>>>> type
>>>>> mavenBundle() used here:
>>>>>
>>>>>
>>>>>
>>>>> https://github.com/ops4j/org.ops4j.pax.exam2/blob/master/samples/exam-itest-sample-karaf/src/test/java/org/ops4j/pax/exam/sample/karaf/CalculatorITest.java
>>>>>
>>>>>
>>>>> On Mon, Jul 27, 2015 at 9:54 AM Benson Margulies <be...@basistech.com>
>>>>> wrote:
>>>>>>
>>>>>>
>>>>>> James, I'm not sure that adding bundles on the test changes what's
>>>>>> available on the server side, but I'll try it.
>>>>>>
>>>>>> On Mon, Jul 27, 2015 at 8:19 AM, James Carman
>>>>>> <ja...@carmanconsulting.com> wrote:
>>>>>>>
>>>>>>> Your pax exam test should be able to install the bundles it needs.
>>>>>>>
>>>>>>> On Mon, Jul 27, 2015 at 8:01 AM Benson Margulies
>>>>>>> <be...@basistech.com>
>>>>>>> wrote:
>>>>>>>>
>>>>>>>>
>>>>>>>> I did write a pax-exam test, which fails because BC is missing.
>>>>>>>>
>>>>>>>> I think I can make the server side use PEM keys without BC, in spite
>>>>>>>> of
>>>>>>>> Mina.
>
>
> --
> Jean-Baptiste Onofré
> jbonofre@apache.org
> http://blog.nanthrax.net
> Talend - http://www.talend.com

Re: BouncyCastle

[Benson Margulies <be...@basistech.com>]

I've succeeded in avoiding BC in favor of not-commons-ssl for reading
OpenSSL key files in all their glory. I have a bit of cleanup left to
do on the test.

Re: BouncyCastle

[Jean-Baptiste Onofré <jb...@nanthrax.net>]

I will get back to you tomorrow about that. But, I'm not sure I follow 
you there.

Regards
JB

On 07/27/2015 04:52 PM, Benson Margulies wrote:
> On Mon, Jul 27, 2015 at 10:41 AM, James Carman
> <ja...@carmanconsulting.com> wrote:
>> We're probably going to have to monkey with the MANIFEST.MF file to get the
>> right imports.
>
> James,
>
> I think that there's a larger question that we need to answer. The
> karaf team has chosen to tell people 'yea, you can use BC if you want
> to, by installing it into the 'ext' directory so that it can provide
> crypto providers.' I suspect that there are licensing considerations
> at work here that led them not to wire it in more tightly.  So I think
> we need to hear more from JB or some other Karafites.
>
> I spent some time trying to reconstruct a PEM reader without it, and I
> hit a wall, in spite of various code samples lying about that claimed
> to provide a path; I might try some more tonight.
>
>
>
>
>>
>> On Mon, Jul 27, 2015 at 10:30 AM Benson Margulies <be...@basistech.com>
>> wrote:
>>>
>>> Yes, I did that. It does not bring BC into the classpath of the shell
>>> service.
>>>
>>> See the git repo, and see what you can do with it.
>>>
>>>
>>> On Mon, Jul 27, 2015 at 10:13 AM, James Carman
>>> <ja...@carmanconsulting.com> wrote:
>>>> With PAX-Exam, you can install bundles into Karaf.  Look at the option
>>>> type
>>>> mavenBundle() used here:
>>>>
>>>>
>>>> https://github.com/ops4j/org.ops4j.pax.exam2/blob/master/samples/exam-itest-sample-karaf/src/test/java/org/ops4j/pax/exam/sample/karaf/CalculatorITest.java
>>>>
>>>>
>>>> On Mon, Jul 27, 2015 at 9:54 AM Benson Margulies <be...@basistech.com>
>>>> wrote:
>>>>>
>>>>> James, I'm not sure that adding bundles on the test changes what's
>>>>> available on the server side, but I'll try it.
>>>>>
>>>>> On Mon, Jul 27, 2015 at 8:19 AM, James Carman
>>>>> <ja...@carmanconsulting.com> wrote:
>>>>>> Your pax exam test should be able to install the bundles it needs.
>>>>>>
>>>>>> On Mon, Jul 27, 2015 at 8:01 AM Benson Margulies
>>>>>> <be...@basistech.com>
>>>>>> wrote:
>>>>>>>
>>>>>>> I did write a pax-exam test, which fails because BC is missing.
>>>>>>>
>>>>>>> I think I can make the server side use PEM keys without BC, in spite
>>>>>>> of
>>>>>>> Mina.

-- 
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com

Re: BouncyCastle

[Benson Margulies <be...@basistech.com>]

On Mon, Jul 27, 2015 at 10:41 AM, James Carman
<ja...@carmanconsulting.com> wrote:
> We're probably going to have to monkey with the MANIFEST.MF file to get the
> right imports.

James,

I think that there's a larger question that we need to answer. The
karaf team has chosen to tell people 'yea, you can use BC if you want
to, by installing it into the 'ext' directory so that it can provide
crypto providers.' I suspect that there are licensing considerations
at work here that led them not to wire it in more tightly.  So I think
we need to hear more from JB or some other Karafites.

I spent some time trying to reconstruct a PEM reader without it, and I
hit a wall, in spite of various code samples lying about that claimed
to provide a path; I might try some more tonight.




>
> On Mon, Jul 27, 2015 at 10:30 AM Benson Margulies <be...@basistech.com>
> wrote:
>>
>> Yes, I did that. It does not bring BC into the classpath of the shell
>> service.
>>
>> See the git repo, and see what you can do with it.
>>
>>
>> On Mon, Jul 27, 2015 at 10:13 AM, James Carman
>> <ja...@carmanconsulting.com> wrote:
>> > With PAX-Exam, you can install bundles into Karaf.  Look at the option
>> > type
>> > mavenBundle() used here:
>> >
>> >
>> > https://github.com/ops4j/org.ops4j.pax.exam2/blob/master/samples/exam-itest-sample-karaf/src/test/java/org/ops4j/pax/exam/sample/karaf/CalculatorITest.java
>> >
>> >
>> > On Mon, Jul 27, 2015 at 9:54 AM Benson Margulies <be...@basistech.com>
>> > wrote:
>> >>
>> >> James, I'm not sure that adding bundles on the test changes what's
>> >> available on the server side, but I'll try it.
>> >>
>> >> On Mon, Jul 27, 2015 at 8:19 AM, James Carman
>> >> <ja...@carmanconsulting.com> wrote:
>> >> > Your pax exam test should be able to install the bundles it needs.
>> >> >
>> >> > On Mon, Jul 27, 2015 at 8:01 AM Benson Margulies
>> >> > <be...@basistech.com>
>> >> > wrote:
>> >> >>
>> >> >> I did write a pax-exam test, which fails because BC is missing.
>> >> >>
>> >> >> I think I can make the server side use PEM keys without BC, in spite
>> >> >> of
>> >> >> Mina.

Re: BouncyCastle

[James Carman <ja...@carmanconsulting.com>]

We're probably going to have to monkey with the MANIFEST.MF file to get the
right imports.

On Mon, Jul 27, 2015 at 10:30 AM Benson Margulies <be...@basistech.com>
wrote:

> Yes, I did that. It does not bring BC into the classpath of the shell
> service.
>
> See the git repo, and see what you can do with it.
>
>
> On Mon, Jul 27, 2015 at 10:13 AM, James Carman
> <ja...@carmanconsulting.com> wrote:
> > With PAX-Exam, you can install bundles into Karaf.  Look at the option
> type
> > mavenBundle() used here:
> >
> >
> https://github.com/ops4j/org.ops4j.pax.exam2/blob/master/samples/exam-itest-sample-karaf/src/test/java/org/ops4j/pax/exam/sample/karaf/CalculatorITest.java
> >
> >
> > On Mon, Jul 27, 2015 at 9:54 AM Benson Margulies <be...@basistech.com>
> > wrote:
> >>
> >> James, I'm not sure that adding bundles on the test changes what's
> >> available on the server side, but I'll try it.
> >>
> >> On Mon, Jul 27, 2015 at 8:19 AM, James Carman
> >> <ja...@carmanconsulting.com> wrote:
> >> > Your pax exam test should be able to install the bundles it needs.
> >> >
> >> > On Mon, Jul 27, 2015 at 8:01 AM Benson Margulies <
> benson@basistech.com>
> >> > wrote:
> >> >>
> >> >> I did write a pax-exam test, which fails because BC is missing.
> >> >>
> >> >> I think I can make the server side use PEM keys without BC, in spite
> of
> >> >> Mina.
>

Re: BouncyCastle

[Benson Margulies <be...@basistech.com>]

Yes, I did that. It does not bring BC into the classpath of the shell service.

See the git repo, and see what you can do with it.


On Mon, Jul 27, 2015 at 10:13 AM, James Carman
<ja...@carmanconsulting.com> wrote:
> With PAX-Exam, you can install bundles into Karaf.  Look at the option type
> mavenBundle() used here:
>
> https://github.com/ops4j/org.ops4j.pax.exam2/blob/master/samples/exam-itest-sample-karaf/src/test/java/org/ops4j/pax/exam/sample/karaf/CalculatorITest.java
>
>
> On Mon, Jul 27, 2015 at 9:54 AM Benson Margulies <be...@basistech.com>
> wrote:
>>
>> James, I'm not sure that adding bundles on the test changes what's
>> available on the server side, but I'll try it.
>>
>> On Mon, Jul 27, 2015 at 8:19 AM, James Carman
>> <ja...@carmanconsulting.com> wrote:
>> > Your pax exam test should be able to install the bundles it needs.
>> >
>> > On Mon, Jul 27, 2015 at 8:01 AM Benson Margulies <be...@basistech.com>
>> > wrote:
>> >>
>> >> I did write a pax-exam test, which fails because BC is missing.
>> >>
>> >> I think I can make the server side use PEM keys without BC, in spite of
>> >> Mina.

Re: BouncyCastle

[James Carman <ja...@carmanconsulting.com>]

With PAX-Exam, you can install bundles into Karaf.  Look at the option type
mavenBundle() used here:

https://github.com/ops4j/org.ops4j.pax.exam2/blob/master/samples/exam-itest-sample-karaf/src/test/java/org/ops4j/pax/exam/sample/karaf/CalculatorITest.java


On Mon, Jul 27, 2015 at 9:54 AM Benson Margulies <be...@basistech.com>
wrote:

> James, I'm not sure that adding bundles on the test changes what's
> available on the server side, but I'll try it.
>
> On Mon, Jul 27, 2015 at 8:19 AM, James Carman
> <ja...@carmanconsulting.com> wrote:
> > Your pax exam test should be able to install the bundles it needs.
> >
> > On Mon, Jul 27, 2015 at 8:01 AM Benson Margulies <be...@basistech.com>
> > wrote:
> >>
> >> I did write a pax-exam test, which fails because BC is missing.
> >>
> >> I think I can make the server side use PEM keys without BC, in spite of
> >> Mina.
>

Re: BouncyCastle

[Benson Margulies <be...@basistech.com>]

James, I'm not sure that adding bundles on the test changes what's
available on the server side, but I'll try it.

On Mon, Jul 27, 2015 at 8:19 AM, James Carman
<ja...@carmanconsulting.com> wrote:
> Your pax exam test should be able to install the bundles it needs.
>
> On Mon, Jul 27, 2015 at 8:01 AM Benson Margulies <be...@basistech.com>
> wrote:
>>
>> I did write a pax-exam test, which fails because BC is missing.
>>
>> I think I can make the server side use PEM keys without BC, in spite of
>> Mina.

Re: BouncyCastle

[James Carman <ja...@carmanconsulting.com>]

Your pax exam test should be able to install the bundles it needs.
On Mon, Jul 27, 2015 at 8:01 AM Benson Margulies <be...@basistech.com>
wrote:

> I did write a pax-exam test, which fails because BC is missing.
>
> I think I can make the server side use PEM keys without BC, in spite of
> Mina.
>

Re: BouncyCastle

[Benson Margulies <be...@basistech.com>]

I did write a pax-exam test, which fails because BC is missing.

I think I can make the server side use PEM keys without BC, in spite of Mina.

Re: BouncyCastle

[James Carman <ja...@carmanconsulting.com>]

You can write a PAX exam-based test. I wasn't working yesterday, so I
haven't looked yet.
On Mon, Jul 27, 2015 at 6:38 AM Benson Margulies <be...@basistech.com>
wrote:

> Yes, but if I'm making a patch to attach to a JIRA., what do I do?
> @Ignore and assume that someone who wants to test will comment it out
> and drop bcpg and comment it in?
>
>
> On Mon, Jul 27, 2015 at 4:58 AM, Jean-Baptiste Onofré <jb...@nanthrax.net>
> wrote:
> > You have the bcpg (BouncyCastly) bundles available at ServiceMix that you
> > can deploy in Karaf (or use as standalone).
> >
> > Regards
> > JB
> >
> >
> > On 07/27/2015 03:49 AM, Benson Margulies wrote:
> >>
> >> PEM key-reading in Mina requires BouncyCastle.
> >>
> >> So, the test I wrote to try out PEM keys in Karaf fails, because
> >> there's no BC in the default build.
> >>
> >> Any suggestions? I hate to offer a patch without a test.
> >>
> >> I wish that MINA had PEM reading support that didn't depend on BC.
> >>
> >
> > --
> > Jean-Baptiste Onofré
> > jbonofre@apache.org
> > http://blog.nanthrax.net
> > Talend - http://www.talend.com
>

Re: BouncyCastle

[Benson Margulies <be...@basistech.com>]

Yes, but if I'm making a patch to attach to a JIRA., what do I do?
@Ignore and assume that someone who wants to test will comment it out
and drop bcpg and comment it in?


On Mon, Jul 27, 2015 at 4:58 AM, Jean-Baptiste Onofré <jb...@nanthrax.net> wrote:
> You have the bcpg (BouncyCastly) bundles available at ServiceMix that you
> can deploy in Karaf (or use as standalone).
>
> Regards
> JB
>
>
> On 07/27/2015 03:49 AM, Benson Margulies wrote:
>>
>> PEM key-reading in Mina requires BouncyCastle.
>>
>> So, the test I wrote to try out PEM keys in Karaf fails, because
>> there's no BC in the default build.
>>
>> Any suggestions? I hate to offer a patch without a test.
>>
>> I wish that MINA had PEM reading support that didn't depend on BC.
>>
>
> --
> Jean-Baptiste Onofré
> jbonofre@apache.org
> http://blog.nanthrax.net
> Talend - http://www.talend.com

Re: BouncyCastle

[Jean-Baptiste Onofré <jb...@nanthrax.net>]

You have the bcpg (BouncyCastly) bundles available at ServiceMix that 
you can deploy in Karaf (or use as standalone).

Regards
JB

On 07/27/2015 03:49 AM, Benson Margulies wrote:
> PEM key-reading in Mina requires BouncyCastle.
>
> So, the test I wrote to try out PEM keys in Karaf fails, because
> there's no BC in the default build.
>
> Any suggestions? I hate to offer a patch without a test.
>
> I wish that MINA had PEM reading support that didn't depend on BC.
>

-- 
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com