static void fromJson(Iterable<java.util.Map.Entry<String, Object>> json, PemTrustOptions obj) { for (java.util.Map.Entry<String, Object> member : json) { switch (member.getKey()) { case "certPaths": if (member.getValue() instanceof JsonArray) { ((Iterable<Object>)member.getValue()).forEach( item -> { if (item instanceof String) obj.addCertPath((String)item); }); } break; case "certValues": if (member.getValue() instanceof JsonArray) { ((Iterable<Object>)member.getValue()).forEach( item -> { if (item instanceof String) obj.addCertValue(io.vertx.core.buffer.Buffer.buffer(java.util.Base64.getDecoder().decode((String)item))); }); } break; } } }
@Override public PemTrustOptions trustOptions() { return new PemTrustOptions().addCertPath(certificatePath()); }
@Test public void testCaInvalidPem() throws IOException { String[] contents = { "", "-----BEGIN CERTIFICATE-----", "-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----", "-----BEGIN CERTIFICATE-----\n*\n-----END CERTIFICATE-----" }; String[] messages = { "Missing -----BEGIN CERTIFICATE----- delimiter", "Missing -----END CERTIFICATE----- delimiter", "Empty pem file", "Input byte[] should at least have 2 bytes for base64 bytes" }; for (int i = 0;i < contents.length;i++) { Path file = testFolder.newFile("vertx" + UUID.randomUUID().toString() + ".pem").toPath(); Files.write(file, Collections.singleton(contents[i])); String expectedMessage = messages[i]; testInvalidTrustStore(new PemTrustOptions().addCertPath(file.toString()), expectedMessage, null); } }
@Test public void testCaInvalidPath() { testInvalidTrustStore(new PemTrustOptions().addCertPath("/invalid.pem"), "java.nio.file.NoSuchFileException: ", "invalid.pem"); }
@Test public void testTrustOptions() throws Exception { PemTrustOptions options = new PemTrustOptions(); assertEquals(Collections.emptyList(), options.getCertPaths()); assertNullPointerException(() -> options.addCertPath(null)); assertIllegalArgumentException(() -> options.addCertPath("")); String randString = TestUtils.randomAlphaString(100); options.addCertPath(randString); assertEquals(Collections.singletonList(randString), options.getCertPaths()); assertEquals(Collections.emptyList(), options.getCertValues()); assertNullPointerException(() -> options.addCertValue(null)); randString = TestUtils.randomAlphaString(100); options.addCertValue(Buffer.buffer(randString)); assertEquals(Collections.singletonList(Buffer.buffer(randString)), options.getCertValues()); }
@Test public void testCopyTrustOptions() throws Exception { PemTrustOptions options = new PemTrustOptions(new JsonObject()); String certPath = TestUtils.randomAlphaString(100); Buffer certValue = Buffer.buffer(TestUtils.randomAlphaString(100)); options.addCertPath(certPath); options.addCertValue(certValue); options = new PemTrustOptions(options); assertEquals(Collections.singletonList(certPath), options.getCertPaths()); assertEquals(Collections.singletonList(certValue), options.getCertValues()); options = new PemTrustOptions(options.toJson()); assertEquals(Collections.singletonList(certPath), options.getCertPaths()); assertEquals(Collections.singletonList(certValue), options.getCertValues()); }
@Test public void testTrustOptionsEquality() { String certPath1 = TestUtils.randomAlphaString(100); String certPath2 = TestUtils.randomAlphaString(100); Buffer certValue1 = Buffer.buffer(TestUtils.randomAlphaString(100)); Buffer certValue2 = Buffer.buffer(TestUtils.randomAlphaString(100)); PemTrustOptions options = new PemTrustOptions(); PemTrustOptions otherOptions = new PemTrustOptions(); assertEquals(options, otherOptions); assertEquals(options.hashCode(), otherOptions.hashCode()); options.addCertPath(certPath1); options.addCertPath(certPath2); options.addCertValue(certValue1); options.addCertValue(certValue2); otherOptions.addCertPath(certPath1); otherOptions.addCertPath(certPath2); otherOptions.addCertValue(certValue1); otherOptions.addCertValue(certValue2); assertEquals(options, otherOptions); assertEquals(options.hashCode(), otherOptions.hashCode()); otherOptions.addCertPath(TestUtils.randomAlphaString(100)); assertNotEquals(options, otherOptions); PemTrustOptions reverseOrderOptions = new PemTrustOptions(); reverseOrderOptions.addCertPath(certPath2); reverseOrderOptions.addCertPath(certPath1); reverseOrderOptions.addCertValue(certValue2); reverseOrderOptions.addCertValue(certValue1); assertNotEquals(options, reverseOrderOptions); }
static void fromJson(Iterable<java.util.Map.Entry<String, Object>> json, PemTrustOptions obj) { for (java.util.Map.Entry<String, Object> member : json) { switch (member.getKey()) { case "certPaths": if (member.getValue() instanceof JsonArray) { ((Iterable<Object>)member.getValue()).forEach( item -> { if (item instanceof String) obj.addCertPath((String)item); }); } break; case "certValues": if (member.getValue() instanceof JsonArray) { ((Iterable<Object>)member.getValue()).forEach( item -> { if (item instanceof String) obj.addCertValue(io.vertx.core.buffer.Buffer.buffer(java.util.Base64.getDecoder().decode((String)item))); }); } break; } } }
@Override public PemTrustOptions trustOptions() { return new PemTrustOptions().addCertPath(certificatePath()); }
@Test public void testCaInvalidPem() throws IOException { String[] contents = { "", "-----BEGIN CERTIFICATE-----", "-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----", "-----BEGIN CERTIFICATE-----\n*\n-----END CERTIFICATE-----" }; String[] messages = { "Missing -----BEGIN CERTIFICATE----- delimiter", "Missing -----END CERTIFICATE----- delimiter", "Empty pem file", "Input byte[] should at least have 2 bytes for base64 bytes" }; for (int i = 0;i < contents.length;i++) { Path file = testFolder.newFile("vertx" + UUID.randomUUID().toString() + ".pem").toPath(); Files.write(file, Collections.singleton(contents[i])); String expectedMessage = messages[i]; testInvalidTrustStore(new PemTrustOptions().addCertPath(file.toString()), expectedMessage, null); } }
@Test public void testCaInvalidPath() { testInvalidTrustStore(new PemTrustOptions().addCertPath("/invalid.pem"), "java.nio.file.NoSuchFileException: ", "invalid.pem"); }
@Test public void testTrustOptions() throws Exception { PemTrustOptions options = new PemTrustOptions(); assertEquals(Collections.emptyList(), options.getCertPaths()); assertNullPointerException(() -> options.addCertPath(null)); assertIllegalArgumentException(() -> options.addCertPath("")); String randString = TestUtils.randomAlphaString(100); options.addCertPath(randString); assertEquals(Collections.singletonList(randString), options.getCertPaths()); assertEquals(Collections.emptyList(), options.getCertValues()); assertNullPointerException(() -> options.addCertValue(null)); randString = TestUtils.randomAlphaString(100); options.addCertValue(Buffer.buffer(randString)); assertEquals(Collections.singletonList(Buffer.buffer(randString)), options.getCertValues()); }
@Test public void testCopyTrustOptions() throws Exception { PemTrustOptions options = new PemTrustOptions(new JsonObject()); String certPath = TestUtils.randomAlphaString(100); Buffer certValue = Buffer.buffer(TestUtils.randomAlphaString(100)); options.addCertPath(certPath); options.addCertValue(certValue); options = new PemTrustOptions(options); assertEquals(Collections.singletonList(certPath), options.getCertPaths()); assertEquals(Collections.singletonList(certValue), options.getCertValues()); options = new PemTrustOptions(options.toJson()); assertEquals(Collections.singletonList(certPath), options.getCertPaths()); assertEquals(Collections.singletonList(certValue), options.getCertValues()); }
@Test public void testTrustOptionsEquality() { String certPath1 = TestUtils.randomAlphaString(100); String certPath2 = TestUtils.randomAlphaString(100); Buffer certValue1 = Buffer.buffer(TestUtils.randomAlphaString(100)); Buffer certValue2 = Buffer.buffer(TestUtils.randomAlphaString(100)); PemTrustOptions options = new PemTrustOptions(); PemTrustOptions otherOptions = new PemTrustOptions(); assertEquals(options, otherOptions); assertEquals(options.hashCode(), otherOptions.hashCode()); options.addCertPath(certPath1); options.addCertPath(certPath2); options.addCertValue(certValue1); options.addCertValue(certValue2); otherOptions.addCertPath(certPath1); otherOptions.addCertPath(certPath2); otherOptions.addCertValue(certValue1); otherOptions.addCertValue(certValue2); assertEquals(options, otherOptions); assertEquals(options.hashCode(), otherOptions.hashCode()); otherOptions.addCertPath(TestUtils.randomAlphaString(100)); assertNotEquals(options, otherOptions); PemTrustOptions reverseOrderOptions = new PemTrustOptions(); reverseOrderOptions.addCertPath(certPath2); reverseOrderOptions.addCertPath(certPath1); reverseOrderOptions.addCertValue(certValue2); reverseOrderOptions.addCertValue(certValue1); assertNotEquals(options, reverseOrderOptions); }
.setUseAlpn(true) .setProtocolVersion(HttpVersion.HTTP_2) .setPemTrustOptions(new PemTrustOptions().addCertPath("tls/server-cert.pem")); HttpClient client = vertx.createHttpClient(options); HttpClientRequest request = client.get(8443, "localhost", "/testLinkPreload.html", onSuccess(resp -> {
PemTrustOptions pemTrustOptions = new PemTrustOptions(); if (pemTrustStore.getPath() != null && !pemTrustStore.getPath().isEmpty()) { pemTrustOptions.addCertPath(pemTrustStore.getPath()); } else { pemTrustOptions.addCertValue(io.vertx.core.buffer.Buffer.buffer(pemTrustStore.getContent()));
PemTrustOptions pemTrustOptions = new PemTrustOptions(); if (pemTrustStore.getPath() != null && !pemTrustStore.getPath().isEmpty()) { pemTrustOptions.addCertPath(pemTrustStore.getPath()); } else { pemTrustOptions.addCertValue(io.vertx.core.buffer.Buffer.buffer(pemTrustStore.getContent()));
@Test public void testNoHttp2Push() throws Exception { stat.setWebRoot("webroot/somedir3"); router.route().handler(stat); HttpServer http2Server = vertx.createHttpServer(new HttpServerOptions() .setUseAlpn(true) .setSsl(true) .setPemKeyCertOptions(new PemKeyCertOptions().setKeyPath("tls/server-key.pem").setCertPath("tls/server-cert.pem"))); http2Server.requestHandler(router).listen(8443); HttpClientOptions options = new HttpClientOptions() .setSsl(true) .setUseAlpn(true) .setProtocolVersion(HttpVersion.HTTP_2) .setPemTrustOptions(new PemTrustOptions().addCertPath("tls/server-cert.pem")); HttpClient client = vertx.createHttpClient(options); HttpClientRequest request = client.get(8443, "localhost", "/testLinkPreload.html", onSuccess(resp -> { assertEquals(200, resp.statusCode()); assertEquals(HttpVersion.HTTP_2, resp.version()); resp.bodyHandler(this::assertNotNull); testComplete(); })); request.pushHandler(pushedReq -> pushedReq.handler(pushedResp -> { fail(); })); request.end(); await(); }
public MutualTlsBrokerClientFactory(Vertx vertx, String certDir) { this.vertx = vertx; this.protonClientOptions = new ProtonClientOptions() .setSsl(true) .setHostnameVerificationAlgorithm("") .setPemTrustOptions(new PemTrustOptions() .addCertPath(new File(certDir, "ca.crt").getAbsolutePath())) .setPemKeyCertOptions(new PemKeyCertOptions() .setCertPath(new File(certDir, "tls.crt").getAbsolutePath()) .setKeyPath(new File(certDir, "tls.key").getAbsolutePath())); }
private ProtonClientOptions getOptions() { ProtonClientOptions options = new ProtonClientOptions(); if (certDir != null) { options.setHostnameVerificationAlgorithm("") .setSsl(true) .addEnabledSaslMechanism("ANONYMOUS") .setHostnameVerificationAlgorithm("") .setPemTrustOptions(new PemTrustOptions() .addCertPath(new File(certDir, "ca.crt").getAbsolutePath())) .setPemKeyCertOptions(new PemKeyCertOptions() .setCertPath(new File(certDir, "tls.crt").getAbsolutePath()) .setKeyPath(new File(certDir, "tls.key").getAbsolutePath())); } return options; }