diff --git a/src/main/java/pro/javacard/gp/DAPProperties.java b/src/main/java/pro/javacard/gp/DAPProperties.java new file mode 100644 index 00000000..a1a5ce0e --- /dev/null +++ b/src/main/java/pro/javacard/gp/DAPProperties.java @@ -0,0 +1,64 @@ +package pro.javacard.gp; + +import joptsimple.OptionSet; +import pro.javacard.AID; + +import javax.smartcardio.CardException; + +import static pro.javacard.gp.GPCommandLineInterface.OPT_DAP_DOMAIN; +import static pro.javacard.gp.GPCommandLineInterface.OPT_TO; +import static pro.javacard.gp.GPTool.fail; + +public class DAPProperties { + private AID targetDomain = null; + private AID dapDomain = null; + private boolean required = false; + + public DAPProperties(OptionSet args, GlobalPlatform gp) throws CardException, GPException { + // Override target and check for DAP + if (args.has(OPT_TO)) { + targetDomain = AID.fromString(args.valueOf(OPT_TO)); + if (gp.getRegistry().getDomain(targetDomain).getPrivileges().has(GPRegistryEntry.Privilege.DAPVerification)) + required = true; + } + + // Check if DAP block is required + for (GPRegistryEntryApp e : gp.getRegistry().allDomains()) { + if (e.getPrivileges().has(GPRegistryEntry.Privilege.MandatedDAPVerification)) + required = true; + } + + // Check if DAP is overriden + if (args.has(OPT_DAP_DOMAIN)) { + dapDomain = AID.fromString(args.valueOf(OPT_DAP_DOMAIN)); + GPRegistryEntry.Privileges p = gp.getRegistry().getDomain(dapDomain).getPrivileges(); + if (!(p.has(GPRegistryEntry.Privilege.DAPVerification) || p.has(GPRegistryEntry.Privilege.MandatedDAPVerification))) { + fail("Specified DAP domain does not have (Mandated)DAPVerification privilege: " + p.toString()); + } + } + } + + public AID getTargetDomain() { + return targetDomain; + } + + public void setTargetDomain(AID targetDomain) { + this.targetDomain = targetDomain; + } + + public AID getDapDomain() { + return dapDomain; + } + + public void setDapDomain(AID dapDomain) { + this.dapDomain = dapDomain; + } + + public boolean isRequired() { + return required; + } + + public void setRequired(boolean required) { + this.required = required; + } +} diff --git a/src/main/java/pro/javacard/gp/GPTool.java b/src/main/java/pro/javacard/gp/GPTool.java index 9c598e75..d4c00945 100644 --- a/src/main/java/pro/javacard/gp/GPTool.java +++ b/src/main/java/pro/javacard/gp/GPTool.java @@ -237,6 +237,8 @@ public static void main(String[] argv) throws Exception { // FIXME: would like to get AID from oracle as well. } + gp.setTokenKey(privateKeyOrNull(args)); + // Don't do sanity checks, just run asked commands if (args.has(OPT_FORCE)) gp.setStrict(false); @@ -358,8 +360,7 @@ public static void main(String[] argv) throws Exception { // DWIM: assume that default selected is the one to be deleted if (args.has(OPT_DEFAULT) && reg.getDefaultSelectedAID() != null) { if (reg.getDefaultSelectedPackageAID() != null) { - PrivateKey delegatedManagementKey = privateKeyOrNull(args); - gp.deleteAID(reg.getDefaultSelectedPackageAID(), true, delegatedManagementKey); + gp.deleteAID(reg.getDefaultSelectedPackageAID(), true); } else { System.err.println("Could not identify default selected application!"); } @@ -369,8 +370,7 @@ public static void main(String[] argv) throws Exception { try { // If the AID represents a package or otherwise force is enabled. Boolean deleteDeps = reg.allPackageAIDs().contains(aid) || args.has(OPT_FORCE); - PrivateKey delegatedManagementKey = privateKeyOrNull(args); - gp.deleteAID(aid, deleteDeps, delegatedManagementKey); + gp.deleteAID(aid, deleteDeps); } catch (GPException e) { if (!gp.getRegistry().allAIDs().contains(aid)) { System.err.println("Could not delete AID (not present on card): " + aid); @@ -394,8 +394,7 @@ public static void main(String[] argv) throws Exception { if (!gp.getRegistry().allAIDs().contains(aid)) { System.out.println(aid + " is not present on card!"); } else { - PrivateKey delegatedManagementKey = privateKeyOrNull(args); - gp.deleteAID(aid, true, delegatedManagementKey); + gp.deleteAID(aid, true); System.out.println(aid + " deleted."); } } @@ -408,55 +407,8 @@ public static void main(String[] argv) throws Exception { if (isVerbose) { loadcap.dump(System.out); } - try { - AID target = null; - AID dapdomain = null; - boolean dapRequired = false; - - // Override target and check for DAP - if (args.has(OPT_TO)) { - target = AID.fromString(args.valueOf(OPT_TO)); - if (gp.getRegistry().getDomain(target).getPrivileges().has(Privilege.DAPVerification)) - dapRequired = true; - } - - // Check if DAP block is required - for (GPRegistryEntryApp e : gp.getRegistry().allDomains()) { - if (e.getPrivileges().has(Privilege.MandatedDAPVerification)) - dapRequired = true; - } - - // Check if DAP is overriden - if (args.has(OPT_DAP_DOMAIN)) { - dapdomain = AID.fromString(args.valueOf(OPT_DAP_DOMAIN)); - Privileges p = gp.getRegistry().getDomain(dapdomain).getPrivileges(); - if (!(p.has(Privilege.DAPVerification) || p.has(Privilege.MandatedDAPVerification))) { - fail("Specified DAP domain does not have (Mandated)DAPVerification privilege: " + p.toString()); - } - } - // XXX: figure out right signature type in a better way - if (dapRequired) { - byte[] dap = args.has(OPT_SHA256) ? loadcap.getMetaInfEntry(CAPFile.DAP_RSA_V1_SHA256_FILE) : loadcap.getMetaInfEntry(CAPFile.DAP_RSA_V1_SHA1_FILE); - PrivateKey delegatedManagementKey = privateKeyOrNull(args); - gp.loadCapFile(loadcap, target, dapdomain == null ? target : dapdomain, dap, args.has(OPT_SHA256) ? "SHA-256" : "SHA1", delegatedManagementKey); - } else { - PrivateKey delegatedManagementKey = privateKeyOrNull(args); - gp.loadCapFile(loadcap, target, delegatedManagementKey); - } - } catch (GPException e) { - switch (e.sw) { - case 0x6A80: - System.err.println("Applet loading failed. Are you sure the card can handle it?"); - break; - case 0x6985: - System.err.println("Applet loading not allowed. Are you sure the domain can accept it?"); - break; - default: - // Do nothing. Here for findbugs - } - throw e; - } + calculateDapPropertiesAndLoadCap(args, gp, loadcap); } } @@ -495,27 +447,12 @@ public static void main(String[] argv) throws Exception { // Remove existing load file if (args.has(OPT_FORCE) && reg.allPackageAIDs().contains(instcap.getPackageAID())) { - PrivateKey delegatedManagementKey = privateKeyOrNull(args); - gp.deleteAID(instcap.getPackageAID(), true, delegatedManagementKey); + gp.deleteAID(instcap.getPackageAID(), true); } // Load - // TODO: handle DAP here as well if (instcap.getAppletAIDs().size() <= 1) { - try { - AID target = null; - if (args.has(OPT_TO)) { - target = AID.fromString(args.valueOf(OPT_TO)); - } - PrivateKey delegatedManagementKey = privateKeyOrNull(args); - gp.loadCapFile(instcap, target, delegatedManagementKey); - System.out.println("CAP loaded"); - } catch (GPException e) { - if (e.sw == 0x6985 || e.sw == 0x6A80) { - System.err.println("Loading failed. Are you sure the CAP file (JC version, packages, sizes) is compatible with your card?"); - } - throw e; - } + calculateDapPropertiesAndLoadCap(args, gp, instcap); } // Install @@ -545,8 +482,7 @@ public static void main(String[] argv) throws Exception { // Remove existing default app if (args.has(OPT_FORCE) && (reg.getDefaultSelectedAID() != null && privs.has(Privilege.CardReset))) { - PrivateKey delegatedManagementKey = privateKeyOrNull(args); - gp.deleteAID(reg.getDefaultSelectedAID(), false, delegatedManagementKey); + gp.deleteAID(reg.getDefaultSelectedAID(), false); } // warn @@ -555,8 +491,7 @@ public static void main(String[] argv) throws Exception { } // shoot - PrivateKey delegatedManagementKey = privateKeyOrNull(args); - gp.installAndMakeSelectable(instcap.getPackageAID(), appaid, instanceaid, privs, getInstParams(args), delegatedManagementKey); + gp.installAndMakeSelectable(instcap.getPackageAID(), appaid, instanceaid, privs, getInstParams(args)); } // --create (--applet --package or --cap ) @@ -592,8 +527,7 @@ public static void main(String[] argv) throws Exception { // shoot AID instanceAID = AID.fromString(args.valueOf(OPT_CREATE)); - PrivateKey delegatedManagementKey = privateKeyOrNull(args); - gp.installAndMakeSelectable(packageAID, appletAID, instanceAID, getInstPrivs(args), getInstParams(args), delegatedManagementKey); + gp.installAndMakeSelectable(packageAID, appletAID, instanceAID, getInstPrivs(args), getInstParams(args)); } // --domain @@ -634,8 +568,7 @@ public static void main(String[] argv) throws Exception { } // shoot - PrivateKey delegatedManagementKey = privateKeyOrNull(args); - gp.installAndMakeSelectable(packageAID, appletAID, instanceAID, privs, params, delegatedManagementKey); + gp.installAndMakeSelectable(packageAID, appletAID, instanceAID, privs, params); } // --move @@ -645,8 +578,7 @@ public static void main(String[] argv) throws Exception { } AID what = AID.fromString(args.valueOf(OPT_MOVE)); AID to = AID.fromString(args.valueOf(OPT_TO)); - PrivateKey delegatedManagementKey = privateKeyOrNull(args); - gp.extradite(what, to, delegatedManagementKey); + gp.extradite(what, to); } // --store-data @@ -854,8 +786,7 @@ public static void main(String[] argv) throws Exception { // --make-default if (args.has(OPT_MAKE_DEFAULT)) { - PrivateKey delegatedManagementKey = privateKeyOrNull(args); - gp.makeDefaultSelected(AID.fromString(args.valueOf(OPT_MAKE_DEFAULT)), delegatedManagementKey); + gp.makeDefaultSelected(AID.fromString(args.valueOf(OPT_MAKE_DEFAULT))); } // --rename-isd @@ -912,6 +843,38 @@ public static void main(String[] argv) throws Exception { System.exit(0); } + private static void calculateDapPropertiesAndLoadCap(OptionSet args, GlobalPlatform gp, CAPFile capFile) throws GPException, CardException { + try { + DAPProperties dap = new DAPProperties(args, gp); + loadCapAccordingToDapRequirement(args, gp, dap.getTargetDomain(), dap.getDapDomain(), dap.isRequired(), capFile); + System.out.println("CAP loaded"); + } catch (GPException e) { + switch (e.sw) { + case 0x6A80: + System.err.println("Applet loading failed. Are you sure the card can handle it?"); + break; + case 0x6985: + System.err.println("Applet loading not allowed. Are you sure the domain can accept it?"); + break; + default: + // Do nothing. Here for findbugs + } + throw e; + } catch (CardException e) { + throw e; + } + } + + private static void loadCapAccordingToDapRequirement(OptionSet args, GlobalPlatform gp, AID targetDomain, AID dapDomain, boolean dapRequired, CAPFile cap) throws CardException, GPException { + // XXX: figure out right signature type in a better way + if (dapRequired) { + byte[] dap = args.has(OPT_SHA256) ? cap.getMetaInfEntry(CAPFile.DAP_RSA_V1_SHA256_FILE) : cap.getMetaInfEntry(CAPFile.DAP_RSA_V1_SHA1_FILE); + gp.loadCapFile(cap, targetDomain, dapDomain == null ? targetDomain : dapDomain, dap, args.has(OPT_SHA256) ? "SHA-256" : "SHA1"); + } else { + gp.loadCapFile(cap, targetDomain); + } + } + private static PrivateKey privateKeyOrNull(OptionSet args) { if (args.has(OPT_TOKEN)) { try (FileInputStream fin = new FileInputStream(new File(args.valueOf(OPT_TOKEN).toString()))) { @@ -1005,7 +968,7 @@ private static boolean needsAuthentication(OptionSet args) { return false; } - private static void fail(String msg) { + public static void fail(String msg) { System.err.println(msg); System.exit(1); } diff --git a/src/main/java/pro/javacard/gp/GlobalPlatform.java b/src/main/java/pro/javacard/gp/GlobalPlatform.java index 3caf075d..5dea6f68 100644 --- a/src/main/java/pro/javacard/gp/GlobalPlatform.java +++ b/src/main/java/pro/javacard/gp/GlobalPlatform.java @@ -86,6 +86,7 @@ public class GlobalPlatform extends CardChannel implements AutoCloseable { public static final byte P1_INSTALL_AND_MAKE_SELECTABLE = (byte) 0x0C; public static final byte P1_INSTALL_FOR_INSTALL = (byte) 0x04; + public static final byte P1_INSTALL_FOR_LOAD = (byte) 0x02; public static final byte P1_MORE_BLOCKS = (byte) 0x00; public static final byte P1_LAST_BLOCK = (byte) 0x80; @@ -103,6 +104,7 @@ public class GlobalPlatform extends CardChannel implements AutoCloseable { private SecureChannelWrapper wrapper = null; private CardChannel channel; private GPRegistry registry = null; + private PrivateKey tokenKey; private boolean dirty = true; // True if registry is dirty. /** @@ -233,6 +235,10 @@ public void setSpec(GPSpec spec) { this.spec = spec; } + public void setTokenKey(PrivateKey key) { + this.tokenKey = key; + } + public AID getAID() { return new AID(sdAID.getBytes()); } @@ -538,11 +544,21 @@ public ResponseAPDU transmit(CommandAPDU command) throws CardException { private ResponseAPDU transmitLV(CommandAPDU command) throws CardException { logger.trace("Payload: "); - //Causes exception at java.util.Arrays.copyOfRange in trace_lv if data has token appended + // TODO - Next line causes exception at java.util.Arrays.copyOfRange in trace_lv if data has token appended //GPUtils.trace_lv(command.getData(), logger); return transmit(command); } + private ResponseAPDU transmitDM(CommandAPDU command) throws CardException { + if (tokenKey == null && command.getINS() == INS_DELETE) { + //Only add token bytes to INS_DELETE if key exists for token calculation, since token is optional + return transmitLV(command); + } + DelegatedManagementHandler dmHandler = new DelegatedManagementHandler(tokenKey); + command = dmHandler.applyToken(command); + return transmitLV(command); + } + @Override public int transmit(ByteBuffer byteBuffer, ByteBuffer byteBuffer1) throws CardException { throw new IllegalStateException("Use the other transmit"); @@ -552,25 +568,25 @@ public int getSCPVersion() { return scpMajorVersion; } - public void loadCapFile(CAPFile cap, AID target, PrivateKey key) throws CardException, GPException { - if (target == null) - target = sdAID; - loadCapFile(cap, target, false, false, null, null, LFDBH_SHA1, key); + public void loadCapFile(CAPFile cap, AID targetDomain) throws CardException, GPException { + if (targetDomain == null) + targetDomain = sdAID; + loadCapFile(cap, targetDomain, false, false, null, null, LFDBH_SHA1); } - public void loadCapFile(CAPFile cap, AID target, byte[] dap, String hash) throws CardException, GPException { - if (target == null) - target = sdAID; - loadCapFile(cap, target, false, false, target, dap, hash, null); + public void loadCapFile(CAPFile cap, AID targetDomain, byte[] dap, String hash) throws CardException, GPException { + if (targetDomain == null) + targetDomain = sdAID; + loadCapFile(cap, targetDomain, false, false, targetDomain, dap, hash); } - public void loadCapFile(CAPFile cap, AID target, AID dapdomain, byte[] dap, String hashFunction, PrivateKey key) throws CardException, GPException { - if (target == null) - target = sdAID; - loadCapFile(cap, target, false, false, dapdomain, dap, hashFunction, key); + public void loadCapFile(CAPFile cap, AID targetDomain, AID dapdomain, byte[] dap, String hashFunction) throws CardException, GPException { + if (targetDomain == null) + targetDomain = sdAID; + loadCapFile(cap, targetDomain, false, false, dapdomain, dap, hashFunction); } - private void loadCapFile(CAPFile cap, AID sdaid, boolean includeDebug, boolean loadParam, AID dapdomain, byte[] dap, String hashFunction, PrivateKey key) + private void loadCapFile(CAPFile cap, AID targetDomain, boolean includeDebug, boolean loadParam, AID dapDomain, byte[] dap, String hashFunction) throws GPException, CardException { if (getRegistry().allAIDs().contains(cap.getPackageAID())) { @@ -589,8 +605,8 @@ private void loadCapFile(CAPFile cap, AID sdaid, boolean includeDebug, boolean l bo.write(cap.getPackageAID().getLength()); bo.write(cap.getPackageAID().getBytes()); - bo.write(sdaid.getLength()); - bo.write(sdaid.getBytes()); + bo.write(targetDomain.getLength()); + bo.write(targetDomain.getBytes()); bo.write(hash.length); bo.write(hash); @@ -601,23 +617,20 @@ private void loadCapFile(CAPFile cap, AID sdaid, boolean includeDebug, boolean l throw new RuntimeException(ioe); } - DelegatedManagementHandler dmHandler = new DelegatedManagementHandler(key); - CommandAPDU command = new CommandAPDU(CLA_GP, INS_INSTALL, 0x02, 0x00, bo.toByteArray()); - command = dmHandler.applyToken(command); - ResponseAPDU response = transmitLV(command); + CommandAPDU command = new CommandAPDU(CLA_GP, INS_INSTALL, P1_INSTALL_FOR_LOAD, 0x00, bo.toByteArray()); + ResponseAPDU response = transmitDM(command); GPException.check(response, "INSTALL [for load] failed"); - // Construct load block ByteArrayOutputStream loadBlock = new ByteArrayOutputStream(); try { // Add DAP block, if signature present if (dap != null) { loadBlock.write(0xE2); - loadBlock.write(GPUtils.encodeLength(dapdomain.getLength() + dap.length + GPUtils.encodeLength(dap.length).length + 3)); // two tags, two lengths FIXME: proper size + loadBlock.write(GPUtils.encodeLength(dapDomain.getLength() + dap.length + GPUtils.encodeLength(dap.length).length + 3)); // two tags, two lengths FIXME: proper size loadBlock.write(0x4F); - loadBlock.write(dapdomain.getLength()); - loadBlock.write(dapdomain.getBytes()); + loadBlock.write(dapDomain.getLength()); + loadBlock.write(dapDomain.getBytes()); loadBlock.write(0xC3); loadBlock.write(GPUtils.encodeLength(dap.length)); loadBlock.write(dap); @@ -664,7 +677,7 @@ private void loadCapFile(CAPFile cap, AID sdaid, boolean includeDebug, boolean l * (ie. no installation parameters) if null, if non-null the * format is {@code 0xC9 len data...} */ - public void installAndMakeSelectable(AID packageAID, AID appletAID, AID instanceAID, Privileges privileges, byte[] installParams, PrivateKey key) throws GPException, CardException { + public void installAndMakeSelectable(AID packageAID, AID appletAID, AID instanceAID, Privileges privileges, byte[] installParams) throws GPException, CardException { if (instanceAID == null) { instanceAID = appletAID; } @@ -673,10 +686,8 @@ public void installAndMakeSelectable(AID packageAID, AID appletAID, AID instance } byte[] data = buildInstallData(packageAID, appletAID, instanceAID, privileges, installParams); - DelegatedManagementHandler dmHandler = new DelegatedManagementHandler(key); CommandAPDU command = new CommandAPDU(CLA_GP, INS_INSTALL, P1_INSTALL_AND_MAKE_SELECTABLE, 0x00, data); - command = dmHandler.applyToken(command); - ResponseAPDU response = transmitLV(command); + ResponseAPDU response = transmitDM(command); GPException.check(response, "INSTALL [for install and make selectable] failed"); dirty = true; } @@ -711,10 +722,8 @@ public void installForInstall(AID packageAID, AID appletAID, AID instanceAID, Pr } byte[] data = buildInstallData(packageAID, appletAID, instanceAID, privileges, installParams); - DelegatedManagementHandler dmHandler = new DelegatedManagementHandler(key); CommandAPDU command = new CommandAPDU(CLA_GP, INS_INSTALL, P1_INSTALL_FOR_INSTALL, 0x00, data); - command = dmHandler.applyToken(command); - ResponseAPDU response = transmitLV(command); + ResponseAPDU response = transmitDM(command); GPException.check(response, "INSTALL [for install] failed"); dirty = true; } @@ -757,7 +766,7 @@ private byte[] buildInstallData(AID packageAID, AID appletAID, AID instanceAID, return bo.toByteArray(); } - public void extradite(AID what, AID to, PrivateKey key) throws GPException, CardException { + public void extradite(AID what, AID to) throws GPException, CardException { // GP 2.2.1 Table 11-45 ByteArrayOutputStream bo = new ByteArrayOutputStream(); try { @@ -775,10 +784,8 @@ public void extradite(AID what, AID to, PrivateKey key) throws GPException, Card throw new RuntimeException(ioe); } - DelegatedManagementHandler dmHandler = new DelegatedManagementHandler(key); CommandAPDU command = new CommandAPDU(CLA_GP, INS_INSTALL, 0x10, 0x00, bo.toByteArray()); - command = dmHandler.applyToken(command); - ResponseAPDU response = transmitLV(command); + ResponseAPDU response = transmitDM(command); GPException.check(response, "INSTALL [for extradition] failed"); dirty = true; } @@ -857,7 +864,7 @@ byte[] _storeDataSingle(byte[] data, int P1, int P2) throws CardException, GPExc return GPException.check(transmit(store), "STORE DATA failed").getData(); } - public void makeDefaultSelected(AID aid, PrivateKey key) throws CardException, GPException { + public void makeDefaultSelected(AID aid) throws CardException, GPException { // FIXME: only works for some 2.1.1 cards ? Clarify and document ByteArrayOutputStream bo = new ByteArrayOutputStream(); // Only supported privilege. @@ -876,10 +883,8 @@ public void makeDefaultSelected(AID aid, PrivateKey key) throws CardException, G throw new RuntimeException(ioe); } - DelegatedManagementHandler dmHandler = new DelegatedManagementHandler(key); CommandAPDU command = new CommandAPDU(CLA_GP, INS_INSTALL, 0x08, 0x00, bo.toByteArray()); - command = dmHandler.applyToken(command); - ResponseAPDU response = transmitLV(command); + ResponseAPDU response = transmitDM(command); GPException.check(response, "INSTALL [for make selectable] failed"); dirty = true; } @@ -907,7 +912,7 @@ public void setCardStatus(byte status) throws CardException, GPException { * @param deleteDeps if true delete dependencies as well * @throws CardException for low-level communication errors */ - public void deleteAID(AID aid, boolean deleteDeps, PrivateKey key) throws GPException, CardException { + public void deleteAID(AID aid, boolean deleteDeps) throws GPException, CardException { ByteArrayOutputStream bo = new ByteArrayOutputStream(); try { bo.write(0x4f); @@ -917,12 +922,7 @@ public void deleteAID(AID aid, boolean deleteDeps, PrivateKey key) throws GPExce throw new RuntimeException(ioe); } CommandAPDU command = new CommandAPDU(CLA_GP, INS_DELETE, 0x00, deleteDeps ? 0x80 : 0x00, bo.toByteArray()); - if (key != null) { - //Only add token bytes if key exists for token calculation, since token is optional - DelegatedManagementHandler dmHandler = new DelegatedManagementHandler(key); - command = dmHandler.applyToken(command); - } - ResponseAPDU response = transmit(command); + ResponseAPDU response = transmitDM(command); GPException.check(response, "Deletion failed"); dirty = true; } diff --git a/src/test/java/pro/javacard/gp/TestDelegatedManagementHandler.java b/src/test/java/pro/javacard/gp/TestDelegatedManagementHandler.java index 78361d4c..0cf9e90f 100644 --- a/src/test/java/pro/javacard/gp/TestDelegatedManagementHandler.java +++ b/src/test/java/pro/javacard/gp/TestDelegatedManagementHandler.java @@ -19,7 +19,7 @@ public class TestDelegatedManagementHandler { @Before public void setUp() { - try (FileInputStream fin = new FileInputStream(new File("test.pem"))) { + try (FileInputStream fin = new FileInputStream(new File("src/test/resources/test-private.pem"))) { key = GPCrypto.pem2PrivateKey(fin); } catch (Exception e) { e.printStackTrace(); diff --git a/src/test/resources/test.pem b/src/test/resources/test-private.pem similarity index 100% rename from src/test/resources/test.pem rename to src/test/resources/test-private.pem