/** * Checks that SSLFactory initialization is successful with the given * arguments. This is a helper method for writing test cases that cover * different combinations of settings for the store password and key password. * It takes care of bootstrapping a keystore, a truststore, and SSL client or * server configuration. Then, it initializes an SSLFactory. If no exception * is thrown, then initialization was successful. * * @param mode SSLFactory.Mode mode to test * @param password String store password to set on keystore * @param keyPassword String key password to set on keystore * @param confPassword String store password to set in SSL config file, or null * to avoid setting in SSL config file * @param confKeyPassword String key password to set in SSL config file, or * null to avoid setting in SSL config file * @throws Exception for any error */ private void checkSSLFactoryInitWithPasswords(SSLFactory.Mode mode, String password, String keyPassword, String confPassword, String confKeyPassword) throws Exception { checkSSLFactoryInitWithPasswords(mode, password, keyPassword, confPassword, confKeyPassword, false); }
@Test(expected = IllegalStateException.class) public void serverModeWithClientCertsSocket() throws Exception { serverMode(true, true); }
@Test(expected = GeneralSecurityException.class) public void invalidHostnameVerifier() throws Exception { Configuration conf = createConfiguration(false, true); conf.set(SSLFactory.SSL_HOSTNAME_VERIFIER_KEY, "foo"); SSLFactory sslFactory = new SSLFactory(SSLFactory.Mode.CLIENT, conf); try { sslFactory.init(); } finally { sslFactory.destroy(); } }
@Test(expected = GeneralSecurityException.class) public void invalidHostnameVerifier() throws Exception { Configuration conf = createConfiguration(false, true); conf.set(SSLFactory.SSL_HOSTNAME_VERIFIER_KEY, "foo"); SSLFactory sslFactory = new SSLFactory(SSLFactory.Mode.CLIENT, conf); try { sslFactory.init(); } finally { sslFactory.destroy(); } }
@Test public void testConnectionConfigurator() throws Exception { Configuration conf = createConfiguration(false, true); conf.set(SSLFactory.SSL_HOSTNAME_VERIFIER_KEY, "STRICT_IE6"); SSLFactory sslFactory = new SSLFactory(SSLFactory.Mode.CLIENT, conf); try { sslFactory.init(); HttpsURLConnection sslConn = (HttpsURLConnection) new URL("https://foo").openConnection(); Assert.assertNotSame("STRICT_IE6", sslConn.getHostnameVerifier().toString()); sslFactory.configure(sslConn); Assert.assertEquals("STRICT_IE6", sslConn.getHostnameVerifier().toString()); } finally { sslFactory.destroy(); } }
/** * Checks that SSLFactory initialization is successful with the given * arguments. This is a helper method for writing test cases that cover * different combinations of settings for the store password and key password. * It takes care of bootstrapping a keystore, a truststore, and SSL client or * server configuration. Then, it initializes an SSLFactory. If no exception * is thrown, then initialization was successful. * * @param mode SSLFactory.Mode mode to test * @param password String store password to set on keystore * @param keyPassword String key password to set on keystore * @param confPassword String store password to set in SSL config file, or null * to avoid setting in SSL config file * @param confKeyPassword String key password to set in SSL config file, or * null to avoid setting in SSL config file * @throws Exception for any error */ private void checkSSLFactoryInitWithPasswords(SSLFactory.Mode mode, String password, String keyPassword, String confPassword, String confKeyPassword) throws Exception { checkSSLFactoryInitWithPasswords(mode, password, keyPassword, confPassword, confKeyPassword, false); }
@Test(expected = IllegalStateException.class) public void serverModeWithClientCertsVerifier() throws Exception { serverMode(true, false); }
@Test public void testConnectionConfigurator() throws Exception { Configuration conf = createConfiguration(false, true); conf.set(SSLFactory.SSL_HOSTNAME_VERIFIER_KEY, "STRICT_IE6"); SSLFactory sslFactory = new SSLFactory(SSLFactory.Mode.CLIENT, conf); try { sslFactory.init(); HttpsURLConnection sslConn = (HttpsURLConnection) new URL("https://foo").openConnection(); Assert.assertNotSame("STRICT_IE6", sslConn.getHostnameVerifier().toString()); sslFactory.configure(sslConn); Assert.assertEquals("STRICT_IE6", sslConn.getHostnameVerifier().toString()); } finally { sslFactory.destroy(); } }
@Test public void testServerKeyPasswordDefaultsToPassword() throws Exception { checkSSLFactoryInitWithPasswords(SSLFactory.Mode.SERVER, "password", "password", "password", null); }
@Test(expected = IllegalStateException.class) public void serverModeWithoutClientCertsSocket() throws Exception { serverMode(false, true); }
@Test public void testNoTrustStore() throws Exception { Configuration conf = createConfiguration(false, false); conf.unset(SSLFactory.SSL_REQUIRE_CLIENT_CERT_KEY); SSLFactory sslFactory = new SSLFactory(SSLFactory.Mode.SERVER, conf); try { sslFactory.init(); } finally { sslFactory.destroy(); } }
@Test public void testClientKeyPasswordDefaultsToPassword() throws Exception { checkSSLFactoryInitWithPasswords(SSLFactory.Mode.CLIENT, "password", "password", "password", null); }
@Test(expected = IllegalStateException.class) public void serverModeWithClientCertsVerifier() throws Exception { serverMode(true, false); }
@Test public void testNoClientCertsInitialization() throws Exception { Configuration conf = createConfiguration(false, true); conf.unset(SSLFactory.SSL_REQUIRE_CLIENT_CERT_KEY); SSLFactory sslFactory = new SSLFactory(SSLFactory.Mode.CLIENT, conf); try { sslFactory.init(); } finally { sslFactory.destroy(); } }
@Test public void testServerKeyPasswordDefaultsToPassword() throws Exception { checkSSLFactoryInitWithPasswords(SSLFactory.Mode.SERVER, "password", "password", "password", null); }
@Test(expected = IllegalStateException.class) public void serverModeWithClientCertsSocket() throws Exception { serverMode(true, true); }
@Test public void testNoClientCertsInitialization() throws Exception { Configuration conf = createConfiguration(false, true); conf.unset(SSLFactory.SSL_REQUIRE_CLIENT_CERT_KEY); SSLFactory sslFactory = new SSLFactory(SSLFactory.Mode.CLIENT, conf); try { sslFactory.init(); } finally { sslFactory.destroy(); } }
@Test public void testServerDifferentPasswordAndKeyPassword() throws Exception { checkSSLFactoryInitWithPasswords(SSLFactory.Mode.SERVER, "password", "keyPassword", "password", "keyPassword"); }
@Test(expected = IllegalStateException.class) public void serverModeWithoutClientCertsVerifier() throws Exception { serverMode(false, false); }
@Test public void testNoTrustStore() throws Exception { Configuration conf = createConfiguration(false, false); conf.unset(SSLFactory.SSL_REQUIRE_CLIENT_CERT_KEY); SSLFactory sslFactory = new SSLFactory(SSLFactory.Mode.SERVER, conf); try { sslFactory.init(); } finally { sslFactory.destroy(); } }