poise-tls-remote-file 1.0.0

data/lib/poise_tls_remote_file.rb

@@ -0,0 +1,21 @@
+#
+# Copyright 2017, Noah Kantrowitz
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+
+module PoiseTlsRemoteFile
+  autoload :Resources, 'poise_tls_remote_file/resources'
+  autoload :VERSION, 'poise_tls_remote_file/version'
+end

data/lib/poise_tls_remote_file/cheftie.rb

@@ -0,0 +1,17 @@
+#
+# Copyright 2017, Noah Kantrowitz
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'poise_tls_remote_file/resources'

data/lib/poise_tls_remote_file/resources.rb

@@ -0,0 +1,26 @@
+#
+# Copyright 2017, Noah Kantrowitz
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'poise_tls_remote_file/resources/poise_tls_remote_file'
+
+
+module PoiseTlsRemoteFile
+  # Chef resources and providers for poise-tls-remote-file.
+  #
+  # @since 1.0.0
+  module Resources
+  end
+end

data/lib/poise_tls_remote_file/resources/poise_tls_remote_file.rb

@@ -0,0 +1,148 @@
+#
+# Copyright 2017, Noah Kantrowitz
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'chef/resource/remote_file'
+require 'chef/provider/remote_file'
+
+
+module PoiseTlsRemoteFile
+  module Resources
+    # (see PoiseTlsRemoteFile::Resource)
+    # @since 1.0.0
+    module PoiseTlsRemoteFile
+      # A `tls_remote_file` resource to do something.
+      #
+      # @provides tls_remote_file
+      # @action run
+      # @example
+      #   tls_remote_file '/path/to/file' do
+      #     client_cert '/etc/ssl/client.crt'
+      #     client_key '/etc/ssl/private/client.key'
+      #   end
+      class Resource < Chef::Resource::RemoteFile
+        resource_name(:tls_remote_file)
+
+        def initialize(*args)
+          super
+          @provider = PoiseTlsRemoteFile::Provider if defined?(@provider)
+        end
+
+        property(:client_cert, kind_of: [String, NilClass], default: lazy { default_client_cert })
+        property(:client_key, kind_of: [String, NilClass], default: lazy { default_client_key })
+        property(:ca, kind_of: [String, Array, NilClass], default: lazy { default_ca })
+
+        def client_cert_obj
+          OpenSSL::X509::Certificate.new(maybe_read_file(client_cert)) if client_cert
+        end
+
+        def client_key_obj
+          if client_key
+            OpenSSL::PKey::RSA.new(maybe_read_file(client_key))
+          elsif client_cert
+            begin
+              OpenSSL::PKey::RSA.new(maybe_read_file(client_cert))
+            rescue OpenSSL::PKey::RSAError
+              # It didn't have a key in it, oh well.
+              nil
+            end
+          end
+        end
+
+        def ca_objs
+          Array(ca).map do |path|
+            OpenSSL::X509::Certificate.new(maybe_read_file(path)) if path
+          end
+        end
+
+        private
+
+        def default_client_cert
+          node['poise-tls-remote-file']['client_cert']
+        end
+
+        def default_client_key
+          node['poise-tls-remote-file']['client_key']
+        end
+
+        def default_ca
+          node['poise-tls-remote-file']['ca']
+        end
+
+        def maybe_read_file(path)
+          if path =~ /\A(\/|\w:)/
+            IO.read(path)
+          else
+            # Looks like a literal value.
+            path
+          end
+        end
+      end
+
+      # Provider for `tls_remote_file`.
+      #
+      # @see Resource
+      # @provides tls_remote_file
+      class Provider < Chef::Provider::RemoteFile
+        provides(:tls_remote_file)
+
+        def initialize(*args)
+          super
+          @content_class = PoiseTlsRemoteFile::Content
+        end
+      end
+
+      # Content class for `tls_remote_file`.
+      #
+      # @see Resource
+      class Content < Chef::Provider::RemoteFile::Content
+        def grab_file_from_uri(uri)
+          PoiseTlsRemoteFile::Fetcher.new(uri, @new_resource, @current_resource).fetch
+        end
+      end
+
+      # Fetcher class for `tls_remote_file`.
+      #
+      # @see Resource
+      class Fetcher < Chef::Provider::RemoteFile::HTTP
+        def fetch
+          client_cert = new_resource.client_cert_obj
+          client_key = new_resource.client_key_obj
+          ca = new_resource.ca_objs
+          begin
+            Chef::HTTP::Simple.singleton_class.send(:define_method, :new) do |*args|
+              super(*args).tap do |http_simple|
+                http_simple.singleton_class.prepend(Module.new {
+                  define_method(:http_client) do |*inner_args|
+                    super(*inner_args).tap do |client|
+                      client.http_client.cert = client_cert if client_cert
+                      client.http_client.key = client_key if client_key
+                      ca.each {|cert| client.http_client.cert_store.add_cert(cert) if cert }
+                    end
+                  end
+                })
+              end
+            end
+            super
+          ensure
+            Chef::HTTP::Simple.singleton_class.send(:remove_method, :new)
+          end
+        end
+      end
+
+    end
+  end
+end
+

data/lib/poise_tls_remote_file/version.rb

@@ -0,0 +1,20 @@
+#
+# Copyright 2017, Noah Kantrowitz
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+
+module PoiseTlsRemoteFile
+  VERSION = '1.0.0'
+end

data/poise-tls-remote-file.gemspec

@@ -0,0 +1,41 @@
+#
+# Copyright 2017, Noah Kantrowitz
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'poise_tls_remote_file/version'
+
+Gem::Specification.new do |spec|
+  spec.name = 'poise-tls-remote-file'
+  spec.version = PoiseTlsRemoteFile::VERSION
+  spec.authors = ['Noah Kantrowitz']
+  spec.email = %w{noah@coderanger.net}
+  spec.description = 'A Chef cookbook for managing something.'
+  spec.summary = spec.description
+  spec.homepage = 'https://github.com/poise/poise-tls-remote-file'
+  spec.license = 'Apache 2.0'
+
+  spec.files = `git ls-files`.split($/)
+  spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = %w{lib}
+
+  spec.add_dependency 'chef', '>= 12.5', '< 14'
+  spec.add_dependency 'halite', '~> 1.0'
+
+  spec.add_development_dependency 'poise-boiler', '~> 1.15'
+  spec.add_development_dependency 'poise-service', '~> 1.0'
+end

data/test/cookbook/files/ca.crt

@@ -0,0 +1,33 @@
+-----BEGIN CERTIFICATE-----
+MIIFtTCCA52gAwIBAgIJAM+EuOk3iJp0MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQwHhcNMTcwNDE0MDYxNjU4WhcNMTgwNDE0MDYxNjU4WjBF
+MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
+ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
+CgKCAgEAwSifDWUVuu3d/o3oGpPkldPB5gDm3IR8Xgm9jd5H67dV/YSLtozMq98I
+gJzhGfgo2TQYfBWuBWq3ky/hi5UvNhqA5jNCTJMcMpz99NxMrCaNQcie+EkfRAg7
+1aIT5c9gqgAlCvr5gTujHmb2Spu+cZRCpeyOc754CmLCDb4F69AMh0exFwt4402h
+tyqbfyEeuObyYw0kyrQXzmZscb/0vtPmBzzwHSphtzmbK5z0x6Ty/zMj1b/6Ruop
+koGDiLd2DLgIiIY1KHTXDslWlgUNF6HRucgySkr+hLqiXKVwP6+33hnJuc6rbuF4
+oP15DDH9UMF/4L2KeSXb+/V6VnoCNlO8ZcfL+4BTZzY/wvS+3x3G0uiOTP1ZvDfs
+JPKTAJSA7r27dlQtV04+a4NxFSMMXx3IeNMQ38N93Fofa58mqkT+wI3HCoAaWf8s
++zYzNlK102kHExB3q6QV09CcxUMBrwLGsn7pTfFGX9EBewUCA6UejYSijLOcUkEO
+uuk1l018rK3iykq1YOgRP0JTfp8ZXoo+KKF3tR03sasq/JyqCtGvN3+pCynrT1mq
+dCv7jRmjhlC9oUhPlnToDyngq9nSxiOxSCxXjitKvqK851XRR9IWGM6ddHfa9uPl
+s4nCrp+yirlp9NmZLvB998ztWnRxBIMTFBZ3YGtSRRYcAkifv2sCAwEAAaOBpzCB
+pDAdBgNVHQ4EFgQUgKNVe0qhFHhPV/lA7XJWaJduexUwdQYDVR0jBG4wbIAUgKNV
+e0qhFHhPV/lA7XJWaJduexWhSaRHMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpT
+b21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGSCCQDP
+hLjpN4iadDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4ICAQBCuJkjMxzz
+ChAhFX3fiTEyhoClAZKrw7uZ4x3zgLBq+7uocgJxZeBOCnYHfeT8O3cw8D2tcx2q
+jbryCN/jvH/X0i0r6pt2dnT2UCPulC1dWdcqTky0ZsuxRUrqYM4b/cBRgbkpXbrz
+8QSwi7Ss00Z1NBQnzeI+xB+TrwBj4qQrR/0VViXUdqI+wdesrGIw3eySaoAo8IwD
+mZ48+EO0trE09nmgFMAzpxGwMvNFUhbGgejJYnE9U7vDVQBa15at4u1wcFfyquW3
+QHrXR6S8g2hYkvERI9MNphr6TsAmvajtIrCn8oLW2cQeEjFtIMMCnHf3+8rgKoq5
+ziLYeTVFAwEGgMssLon7dgWZXDTaQZ+PErWR5JEEdSN/ayqJk4KOvndSkTx6jDp4
+ercQck6c7S+lCwywn1mTSnIt5OWVIll/x5A5JwlLwXxe8Ln/yaUiPCw8beIzZh2b
+ziCtvY9+t/PIln6oxpn5ajNuIaDCWzu1qck4O+NdHZyOE+cmgvTItGpYYUzBHe3j
+zKvqcNdjd/1v6yRUs8kDOZhpIkOuAdcRGMlnTrxuYAGDonOL/E+ZKaMUzdQSlpfz
+FVtxR1hvsywUGBh1AA1XJLDG5jKTSV2gGjCycrMlJKatNymlLV5EbZzQBHq3XIxm
+IUKrZzrLGb3USJU17yn1W1jtWoWx0B8EIw==
+-----END CERTIFICATE-----

data/test/cookbook/files/ca.key

@@ -0,0 +1,51 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIJKQIBAAKCAgEAwSifDWUVuu3d/o3oGpPkldPB5gDm3IR8Xgm9jd5H67dV/YSL
+tozMq98IgJzhGfgo2TQYfBWuBWq3ky/hi5UvNhqA5jNCTJMcMpz99NxMrCaNQcie
++EkfRAg71aIT5c9gqgAlCvr5gTujHmb2Spu+cZRCpeyOc754CmLCDb4F69AMh0ex
+Fwt4402htyqbfyEeuObyYw0kyrQXzmZscb/0vtPmBzzwHSphtzmbK5z0x6Ty/zMj
+1b/6RuopkoGDiLd2DLgIiIY1KHTXDslWlgUNF6HRucgySkr+hLqiXKVwP6+33hnJ
+uc6rbuF4oP15DDH9UMF/4L2KeSXb+/V6VnoCNlO8ZcfL+4BTZzY/wvS+3x3G0uiO
+TP1ZvDfsJPKTAJSA7r27dlQtV04+a4NxFSMMXx3IeNMQ38N93Fofa58mqkT+wI3H
+CoAaWf8s+zYzNlK102kHExB3q6QV09CcxUMBrwLGsn7pTfFGX9EBewUCA6UejYSi
+jLOcUkEOuuk1l018rK3iykq1YOgRP0JTfp8ZXoo+KKF3tR03sasq/JyqCtGvN3+p
+CynrT1mqdCv7jRmjhlC9oUhPlnToDyngq9nSxiOxSCxXjitKvqK851XRR9IWGM6d
+dHfa9uPls4nCrp+yirlp9NmZLvB998ztWnRxBIMTFBZ3YGtSRRYcAkifv2sCAwEA
+AQKCAgEAp2Vo0db0yhcy+FRK/h2FUENAGvBVIm6+yVBvse8dLS6pmxevbPkAt0KG
+v881Vag23mXDgmXXdmJRzYEFWk5jp+O4KcfqgSpMmaBshjQVTmvqp0QSYOId8nug
+PzhDPjpGb43IjIeMi27/om1grK/kj9IJIHqtyakbpwSHYBl6UC7xbJu44VvT3El/
+CJooQDiXw26CSU0uwWzp5Lnm6X2NwYMqKsOo493C6WNHErjnec19uaS8PZYudB6j
+AJC1SVqVN9iVrJuCnhkD95CNNV4TRpO6ieLxkmkDwktsQhYt/UNveU+n/xsYfvNv
+8zU4HlWETuQiysX4p50j1GudJix+lMvLUdSwdEnbitMGX+0hFR1pIGhpYyTLbW/W
+f7GFv+l4ONY0YpK7YOeFZvQ26nWYLcOhey2GDUsOvg1tSWYsCrHDfsY9ceBHpmYU
+DaE4jGidK1eP03F/AqqaIUpGrp6ufXGHWJRy3MpA1HFJp3MO7KIHISrgpJNxxa1I
+HCNdf8x+QHvy7/8hva8BlqHWmdwQr6k2RiU93pVt4MvGfdevQVSw25CD0uisTMxI
+aeNlEVrb+9WnlGVHCAGu30/kU2VJ6JkJtH+9VF6cKgnUdwPXFafJNHMT3F4gW1fR
+mpHRFgCv0OqmbSj6BaG1dXpqto3a0UskmQ3nw3aE7HyTj3gVHwECggEBAPBiylVI
+6Rj+TMQoP+kfp95S0XaYkT//ji4HPvO2L74dvQHTd/FzHlcEFBuJYEQ1T/n6S07A
+JHtmDu0NA6QQI1YsVJbygQpbATpbQyHmJlCzFrXEWkLYwzAgBRKJ6I7nGpzXQu2V
+482wUDKBd/NbGUiPGiRaPVAuCZwfoSPgI8uRf7fhewUfoVASoIE4qMR2ptygN/Wx
+XQaqN6vo72chZkel2vrjluJ1GgJVu38ROknUHzS/EkSHvN071mdky3VABxkwEuXO
+5WzHtyhnZNsU3X2O/TBWQ3F6VZqTM4ddW1dXe/RI7WXAiE3JLP3MVbyTWWVprupm
+9LbTikPHZB2PyKECggEBAM20hbjHy7MloPOlX0uV+YD65MoZBNtzKJjZj10vovS/
+mk/VDyzPhFVweQFmOZ5x71Y4Fo1FO+9HoSm8I/6GbpEmLyACKz+Ug8d+msszKjeo
+wJv9BkmrlPzIMY9cCiGuh1hD8sTSB58CJ0Oj58BK4GevgrpnSYKqTHiE+RX42xPg
+MPi67EfnJcybmFaiq6c0RTgAkGVeqFcdLd6OSnH/4oZQCSBVAdgUVoM+xRACg/8T
+y1h8W9yD34n5tS+51DKblxexH5j+AyThba2CIPTytpmMsimuKP4ruZt6aA0ERg8f
+Py+dJQYDv1+IWnNABlH+TjgoDRZH6L84hxICo0Wr0IsCggEAFkhiDxPKH7n67bf5
+bKe1jONKbV7pH/CVgmjDih3aQRpKme+7T5NnPZOwNXk/hjMW7coozuz6tMGaIpkx
+PDUOwX8sfC2QjqAu9fTdvTezV4myUjkYUNf9B+n/7l8AQrbjfaRqnNFnI3rzhCsC
+LnnEVziEqNgAlP0fgOxhqIyvZMBhAW+SUsBC2MRRQok5A7Un9I2ZglnlkKeYr4PR
+JVMwQvX53YXZR7apKYw+7CFxsMRL/Dy1+cpHVI6makEqpvy/a7NMHSdXlwTQUpt6
++t/tRCVMDP4CFHPNmZ2JikO6IteGMvfLocH+II/EbuZREEDsaX0pbKsMhiIH0A6c
+lizs4QKCAQBw1ELArr45XjthSOTzRajcKUHS5FQ4tnqfFD5Bo75jNrFCdp/jOVPh
+tVZ6AQM7uEzJ4uvjwwTz4zsv9CVeF4iQDvysNuRX9HMvum7XZBIVA3faV7faMsX+
+vSQJ+TcJcHyGWobPlFBf1EOLI10bqTZbSPaQndTBWf2l4XHqrlwkE8VouMafTdb6
+2qF9a65xgQcyh4SsRXZaigO93hhRXUR33XCUDmx7g/RL+uMGPAsAn2/a8iNE2gSD
+3raWHfyZYaRHd3zYYwOAeDG7iPPgxzyHDpguqnuLppohAMwPz7dJ1h7HVA+Zs/aF
+RPov2v9ce/uVa8p53Sl5sVzM8StzLKGvAoIBAQDoWvFyIW8CapRcwXdhUNEfwEH8
+9KIhcn3GBhUmWSBAcEnPdnkql9DiKeGqtk3ByxQju/9qrlM5X+dwvh043jrRC8+U
+pg7vFA9PFY42vXlnugvSbvsUjz6FH8w0XQ2qKFP67x9CMtSbzjqFV+mndYBXO7VS
+X2g+qyrZQlRsJNXqF358vic5Y80B6+WSgz9X1qtolAmplPhkO+PfAjTNyM1wC7WO
+EpP3NzrnoamwQrv03f7tFfgFlAZmOmVzSeaLDKTJpgJ+XtSk8K0Hx2HW+Rpy9qwn
+MaRGW02kado9pCFCiAP6JeAgf97slBkhyy7fMpG/BFkO8kFJu9aOH9PfrRSN
+-----END RSA PRIVATE KEY-----

data/test/cookbook/files/client.crt

@@ -0,0 +1,29 @@
+-----BEGIN CERTIFICATE-----
+MIIE/jCCAuYCAQEwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0
+ZDAeFw0xNzA0MTQwNjIwNDRaFw0xODA0MTQwNjIwNDRaMEUxCzAJBgNVBAYTAkFV
+MRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRz
+IFB0eSBMdGQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDb6efFQ9C4
+PVyd30Ddu/97sdHbE8w/8tqIpCY05Wj5nsitL+MkoxKQ24awsaqMY6mW66AN3+ju
+XMTbZWibkZM4UtOr801mJHv3o0bviRndll2+E1VNT8MpKsf6rmEX43Me81cG9jc8
+YI2JcbkIUd4gnH+K9nehuoZs5tHy617DOSp2a/8+/xRUGfzQiT7fcpd2FpHBSV1C
+Xgk2rT4a2uCOeE4T7fxpyVzxQlAgiAQ/Ah/OldI5/Pi/3HG3aZFjfAymM2QUfdEp
+K2PdRPM3dpzgRxhSCX1+T4n44Xju+URPDCFJdYU0GXki1YfSF9IR3AKD2/RPfZfg
+oS4i+mCuxn7/KvhiTsQNTr1uSYuzbFw/nmYHnfdLOkGAL5lYfq1tNo6AJLehOSW1
+OnX467yMSQ+kU6gG7z+2NzMgL+VXvc6N2MPRcBHx44EiEvWWv61K8HbKOo2jjVJE
+yi9vf1sfHRuTYZxhyfLG9T/Ab3o9vpxL23j6EkGeJEj1YVULlOlYMRnFetl6YBTI
+a1h/p6dLknIz8KfEManH9TfZDGl12/lC3wJgV84H9Nnosi2lO4/B6wTA7iDFdVcU
+S/TUuZmqGw4g0sYyCgzYRNjs/xiZozOG32piR/F9hgGkuARDLXTtaEYRTI+MotTK
+kkINwawLLgua80z5xU8kyWXCRXM7RkfVfwIDAQABMA0GCSqGSIb3DQEBBQUAA4IC
+AQBjXsC/5+gWuny8xmfiQW0x64D9eSmZ+hKQa4zS6F7lHkIfJEkzqnvKXX2PpmwK
+xOXL2rtRjHwNLXdXvwBv3oL6dcvcrYZDlhm0FCRigMrvpPGr9YatovW8e99b6PoV
+kRWrlQ9Z5CVuY69rdf/v3xgWignRY4d5a3IcVgoU1p0YDsiBaP7AyRNKdfsGImTg
+GIBniqQIksL5Uhh0HRYedT1q+aPqNFFemJBaOGTQY6xM/fKdkskYitrnom4Nh75d
+xOKitQHqSZ2Nwba3s8tajsa4okA6zz6zE+LsbHJAhyp0nUtEf+7XN3MxahnAEPfD
+15lg9HwsFwAN1gvwN0cPeEWKgzCTwrhFIuYYLdsmk0ChDMV/UEUKgNW4s2p6tYgY
+E0sjrYjmVx+6ykisJJPUFv+sX9IUgpEXkj+xgX4agwTZPmJ3XmoTDO+2FpjRflEj
+JVPsBhdQT1RrQYatLERxbXAawwB7R50CswdwDOzCDPzatO6aZPjUWsgF2TQALLyW
+GLWQYoLaVlxlsHXQPnAbZNfGxtQuW4aP5tv32wfzUJCdXZOyMIb+p6td8RP63Cuc
+XGiXFYX1CC81QIqupOVNQoBFS2N/CSW890pMgrBWL6AYPOR63rJP06Fl2T6fhv5z
+URY68vQCALmp3//Somv9lvpY/7omDE5851RabDFAzyFTsw==
+-----END CERTIFICATE-----

data/test/cookbook/files/client.csr

@@ -0,0 +1,27 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIEijCCAnICAQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
+ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCAiIwDQYJKoZIhvcN
+AQEBBQADggIPADCCAgoCggIBANvp58VD0Lg9XJ3fQN27/3ux0dsTzD/y2oikJjTl
+aPmeyK0v4ySjEpDbhrCxqoxjqZbroA3f6O5cxNtlaJuRkzhS06vzTWYke/ejRu+J
+Gd2WXb4TVU1Pwykqx/quYRfjcx7zVwb2NzxgjYlxuQhR3iCcf4r2d6G6hmzm0fLr
+XsM5KnZr/z7/FFQZ/NCJPt9yl3YWkcFJXUJeCTatPhra4I54ThPt/GnJXPFCUCCI
+BD8CH86V0jn8+L/ccbdpkWN8DKYzZBR90SkrY91E8zd2nOBHGFIJfX5PifjheO75
+RE8MIUl1hTQZeSLVh9IX0hHcAoPb9E99l+ChLiL6YK7Gfv8q+GJOxA1OvW5Ji7Ns
+XD+eZged90s6QYAvmVh+rW02joAkt6E5JbU6dfjrvIxJD6RTqAbvP7Y3MyAv5Ve9
+zo3Yw9FwEfHjgSIS9Za/rUrwdso6jaONUkTKL29/Wx8dG5NhnGHJ8sb1P8Bvej2+
+nEvbePoSQZ4kSPVhVQuU6VgxGcV62XpgFMhrWH+np0uScjPwp8Qxqcf1N9kMaXXb
++ULfAmBXzgf02eiyLaU7j8HrBMDuIMV1VxRL9NS5maobDiDSxjIKDNhE2Oz/GJmj
+M4bfamJH8X2GAaS4BEMtdO1oRhFMj4yi1MqSQg3BrAsuC5rzTPnFTyTJZcJFcztG
+R9V/AgMBAAGgADANBgkqhkiG9w0BAQUFAAOCAgEAqC0rM4q7cxT5Cy/PN6mi9Sgx
+CAhw76o3xVn9s2meVHacyzId46L2DdXr8briu33DN01j6XpH7rW9C7sNbFkbEVOf
+9o5kqHuOXvHYZJRvHj+xzkNw5QGExHOjlX5LwgvF5/Cw2mmlN6gMSzzdl/XMBSNr
+/BGkvzFPFXxRGQ3A5siJ4rzAZt8gSuJtWYDKk0VQc9Y0+VxVbtw/9GULrvhWTwhp
+IYFSjrgO4Y2AneIWPoqyNpbrxOeehpCM514ASWko7ionGkWB4IIsXsLW5z8QHIng
+6vmDopF+qU/sMvhWp4OgaU8hxlwjPLJIlA+yXo4OP5Z+WGUg3zw5/5pbSkHnlSFw
+EopoAeKdm2+oJmqFjJcYTPb5+h5wQDd4D5HIQ85NGqSSHpPFXu6pq2Q3I/n0h50N
+jDBOlG3R+OxRgxB6IV8h+YbIk/LFXjMkj7SZv2GCz2AEN8X2UglFw2z4SsZSzViD
+wxkFaY2CYkcgA6VfmrO2lAgNm5UrEvdIBo/7GAuCqRzYWxQFWH6SwXhL7M5k9lDM
+4ZzYzTiYjguYVbyNNTpnbP48fwQEfi8wODp5VrRF8btcXqj1eMhHjWRYCmASfvfK
+vABQiVduDBAlfv4Tqc2UPhtrjr0wXtZeDyRNdmuL2LWUrh+fv+8ScM7I2qsbLMdj
+0yIEcWiCZ/tGpy2q1ss=
+-----END CERTIFICATE REQUEST-----

data/test/cookbook/files/client.key

@@ -0,0 +1,51 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIJJgIBAAKCAgEA2+nnxUPQuD1cnd9A3bv/e7HR2xPMP/LaiKQmNOVo+Z7IrS/j
+JKMSkNuGsLGqjGOpluugDd/o7lzE22Vom5GTOFLTq/NNZiR796NG74kZ3ZZdvhNV
+TU/DKSrH+q5hF+NzHvNXBvY3PGCNiXG5CFHeIJx/ivZ3obqGbObR8utewzkqdmv/
+Pv8UVBn80Ik+33KXdhaRwUldQl4JNq0+GtrgjnhOE+38aclc8UJQIIgEPwIfzpXS
+Ofz4v9xxt2mRY3wMpjNkFH3RKStj3UTzN3ac4EcYUgl9fk+J+OF47vlETwwhSXWF
+NBl5ItWH0hfSEdwCg9v0T32X4KEuIvpgrsZ+/yr4Yk7EDU69bkmLs2xcP55mB533
+SzpBgC+ZWH6tbTaOgCS3oTkltTp1+Ou8jEkPpFOoBu8/tjczIC/lV73OjdjD0XAR
+8eOBIhL1lr+tSvB2yjqNo41SRMovb39bHx0bk2GcYcnyxvU/wG96Pb6cS9t4+hJB
+niRI9WFVC5TpWDEZxXrZemAUyGtYf6enS5JyM/CnxDGpx/U32Qxpddv5Qt8CYFfO
+B/TZ6LItpTuPwesEwO4gxXVXFEv01LmZqhsOINLGMgoM2ETY7P8YmaMzht9qYkfx
+fYYBpLgEQy107WhGEUyPjKLUypJCDcGsCy4LmvNM+cVPJMllwkVzO0ZH1X8CAwEA
+AQKCAgBVcxC8xLoALM+lBE+XGOqPrKuHPa0amAm0GFxEJ3PfsoP1T2sqHDcllDdE
+xvQm8r69xrZ9Taibne5b9Y5tDGaw9vYKlVJYwwpsUcRJZPNo93lbVvXJQZnqkBX+
+YO2XM6jSuOjy6o7R5g54/nhQNEdkUor4ewZHEEwVWqbvhedfYgIO263lU4YZm7Nx
+cDK+7i7OErz15sTW+eUIms5L7wpcMYDdG5b9n+F+WS77RP6pYPDs+6ghIhuhqU2C
+YAG/Lz9XARb9I1o3bgWyv4zl2y/fsaBQmCFsCAnra+jqqm6RbHwup/xnHxLDp0bM
+KrdUezF6/Od0T6/I97gOnU0d/EDxuqjOMQRMdX1WFAe+N5ESIxGKpVsmQjCofIW7
+Mxm1rDgkehjH9ZY8Jq61qY4NP7CPMaTCWrX3qEK2YzVLfKUCedUfFUR1T2BJKvd2
+L+2c+ee2vsZCcT+bnGeYyr5GZQaN+5jp5dZbPwmW+ylf3mcoGT7OaBiNjkBZ/uzz
+kP8vZFndcLnaDCNpIMna2t3vXkxtS8U7zAh5bVMcaBFrh4P8i++JjQtrWVHqMkHO
+2z6hWad3iXrbxKCspu3KFWEYIkrWg7BT7cWDJggkudFPmVyBSGNjutot6Hs6n+i8
+dm+FNvwdU9xHJqsPIYQYipuxxUwrqWAj4jkvULowmVzTbinzaQKCAQEA+WfHDyhh
+exio7HTKScgD6Ki7hSHSPeNi5QRSpk7kf0QAuWfZSnVNfeLYp/9PazTWPtDrlG0Z
+XRoW96zIciejLHExBt6EJgBzUtxyYM8Nvk6TgzgFkXajNuPWucZMwX+aVAdshlep
+xh1XHfv/hmlCNBzOQ0VO8dXOq1HqxagVqrX81m+/U7lgpNCDXrU0IRcIlPLST9J0
+uf0GXh5+S2K5uTxUp9fT11/mwY2K/2DOTEJOOQwLXTeMM9wIVw4+DCJVlpM9jmpB
+eMXytSzazhck3jd225Kv/dWk6uJfjwy0d+W6dfALX+yyW8BrKWUNqHOt5ZLnes5o
+M5WE93LblU8HVQKCAQEA4bp/tHrAuqTTV/v/DCsAU0sjWmloFVHu9IawpciOL38r
+JHICzJPG4RGMnQNKBMByee8QLmAGVf9aplraiGrg/mEncGncJORVKlosaLjaVFIB
+8/ljevAFI+p2as/fKZDdPB5JjRIe6MZn8Y28A9+IRwh0AA4EJz3bkmzSEyzy6OWM
+10nTHYNQK0XKO9lEsGaQQiL9T04/ZhclxGayguQA7hQ+P4d0o1RvLJyXxDxqrNXr
+OTGWLhMSuBigmjTUkMawrgp8RJxL8m75qnWolqPw9alNf4Md45pHm8xx4JODo0lY
+RrVFA6F+iWlL1Irx4/3qCtLRwc+1LVE8iPz/gRDBgwKB/z5Zs2oWrkgX4iM7D1di
+qZeAl2CxE95k+lRGwGLTVkx6s7OmQqxapwTRsVhOe4xRqT4K/NoebDjaTOOeTn47
+ao+xvI/7EQ5vDmWotu980/K/siEb4Eh9YFBYpVXMPWQignJ/aKItSEQ/EYhtd3Qi
+3GoqyWYH7bSHvyMVV5wSaVhEJvF0/l/v+Dk755vFsUKUf5C9I9bQxl24496jwO8X
+v1aPvpo3Wr59OzMoL5eom+p0qRmZ6T1kpahRWcRpyxk9fCgopzrzVWrcEdE5ZXog
+Txc+xngeM+FBh/kwnrMkefl/dR4G5NEWW4CUmjW/DasPQGokT7pj36kFuDgkfsDV
+AQKCAQEAx6tD2W6X2sF/3R0gPzAuan9Vd10z32AJYi1eRldARo1TqTpcdX/mdSIj
+4qONLuTYnjk0dAEmuZ1WHz7Qfckk2n8v9sT9IXkESKFZFQ0mu12LMreQIqf7tAhq
+1RKpUUg+GjakUvALfVY7jbUU8cwh7MtyaLX9QIT8G+q8bI/fEtoymiFIaJvGJ3Dl
+cck/dFZVFtuCfEs302N4WeGJ2DQ9ClvHsERujSdb6/dcXA4hQl87Ye0V7g2bClNm
+hOFkgefvUxQdVkd2+qzllb3b8dx0galPzxI5NyI6Y3sV5FQ4JhDz0B/6Ozr4Bi6p
+EAoT69un0gkn2CuWFM7+ICLDE/SxZwKCAQBOykm/gq4H5QVcNNF9Fr07n7Y5lvGq
+21l1YFwK4mtCC4WI8k90qO7wsNhUZcpMd5Ga4gnNu+zl/kschP9rdQAUIcA3AdWd
+uafGiEAF+pIfYwuCsv+o6/Rsx/Vka7SAbsPhMpXgT3qEm7teb+qDxMvGpnVLD+Ie
+Cou9/S5n/Wa36+NVShSv3t+YckrBVIIyDc3X2s6+EPFhYv8P/IzpEQBqvlfsjjhR
+0h6x5zT6qfLZ9GIo8YtzBY4oh1IcB3j4sZkl7kDEhHaR9GWhqAfMBSuAUH8ufYkK
+ix5tbf+NbpNFDVFSn7dsPAjVyUDEt0108NpTGpag5TT35+rXAbnv+r+5
+-----END RSA PRIVATE KEY-----