static void fromJson(Iterable<java.util.Map.Entry<String, Object>> json, PfxOptions obj) { for (java.util.Map.Entry<String, Object> member : json) { switch (member.getKey()) { case "password": if (member.getValue() instanceof String) { obj.setPassword((String)member.getValue()); } break; case "path": if (member.getValue() instanceof String) { obj.setPath((String)member.getValue()); } break; case "value": if (member.getValue() instanceof String) { obj.setValue(io.vertx.core.buffer.Buffer.buffer(java.util.Base64.getDecoder().decode((String)member.getValue()))); } break; } } }
@Test public void testPKCS12InvalidPassword() { testInvalidKeyStore(Cert.SERVER_PKCS12.get().setPassword("wrongpassword"), Arrays.asList( "failed to decrypt safe contents entry: javax.crypto.BadPaddingException: Given final block not properly padded", "keystore password was incorrect"), null); }
@Test public void testPKCS12MissingPassword() { testInvalidKeyStore(Cert.SERVER_PKCS12.get().setPassword(null), "Get Key failed: null", null); }
public static KeyCertOptions randomKeyCertOptions() { KeyCertOptions keyCertOptions; switch (TestUtils.randomPositiveInt() % 3) { case 0: keyCertOptions = new JksOptions(); String jksPassword = TestUtils.randomAlphaString(100); ((JksOptions) keyCertOptions).setPassword(jksPassword); break; case 1: keyCertOptions = new PemKeyCertOptions(); Buffer keyValue = TestUtils.randomBuffer(100); ((PemKeyCertOptions) keyCertOptions).setKeyValue(keyValue); break; default: keyCertOptions = new PfxOptions(); String pfxPassword = TestUtils.randomAlphaString(100); ((PfxOptions) keyCertOptions).setPassword(pfxPassword); } return keyCertOptions; }
public static TrustOptions randomTrustOptions() { TrustOptions trustOptions; switch (TestUtils.randomPositiveInt() % 3) { case 0: trustOptions = new JksOptions(); String tsPassword = TestUtils.randomAlphaString(100); ((JksOptions) trustOptions).setPassword(tsPassword); break; case 1: trustOptions = new PemTrustOptions(); Buffer keyValue = TestUtils.randomBuffer(100); ((PemTrustOptions) trustOptions).addCertValue(keyValue); break; default: trustOptions = new PfxOptions(); String pfxPassword = TestUtils.randomAlphaString(100); ((PfxOptions) trustOptions).setPassword(pfxPassword); } return trustOptions; }
@Test public void testPKCS12Options() throws Exception { PfxOptions options = new PfxOptions(); assertNull(options.getPath()); String randString = TestUtils.randomAlphaString(100); assertEquals(options, options.setPath(randString)); assertEquals(randString, options.getPath()); assertNull(options.getPassword()); randString = TestUtils.randomAlphaString(100); assertEquals(options, options.setPassword(randString)); assertEquals(randString, options.getPassword()); }
@Test public void testCopyPKCS12Options() throws Exception { PfxOptions options = new PfxOptions(); String password = TestUtils.randomAlphaString(100); String path = TestUtils.randomAlphaString(100); Buffer value = Buffer.buffer(TestUtils.randomAlphaString(100)); options.setPassword(password); options.setPath(path); options.setValue(value); options = new PfxOptions(options); assertEquals(password, options.getPassword()); assertEquals(path, options.getPath()); assertEquals(value, options.getValue()); options = new PfxOptions(options.toJson()); assertEquals(password, options.getPassword()); assertEquals(path, options.getPath()); assertEquals(value, options.getValue()); }
static void fromJson(Iterable<java.util.Map.Entry<String, Object>> json, PfxOptions obj) { for (java.util.Map.Entry<String, Object> member : json) { switch (member.getKey()) { case "password": if (member.getValue() instanceof String) { obj.setPassword((String)member.getValue()); } break; case "path": if (member.getValue() instanceof String) { obj.setPath((String)member.getValue()); } break; case "value": if (member.getValue() instanceof String) { obj.setValue(io.vertx.core.buffer.Buffer.buffer(java.util.Base64.getDecoder().decode((String)member.getValue()))); } break; } } }
@Test public void testPKCS12InvalidPassword() { testInvalidKeyStore(Cert.SERVER_PKCS12.get().setPassword("wrongpassword"), Arrays.asList( "failed to decrypt safe contents entry: javax.crypto.BadPaddingException: Given final block not properly padded", "keystore password was incorrect"), null); }
@Test public void testPKCS12MissingPassword() { testInvalidKeyStore(Cert.SERVER_PKCS12.get().setPassword(null), "Get Key failed: null", null); }
PfxOptions keyPfxOptions = new PfxOptions(); keyPfxOptions.setPath(sslCustom.getFullPath(sslOption.getKeyStore())); keyPfxOptions.setPassword(new String(sslCustom.decode(sslOption.getKeyStoreValue().toCharArray()))); tcpClientOptions.setPfxKeyCertOptions(keyPfxOptions); } else if (STORE_JKS.equalsIgnoreCase(sslOption.getKeyStoreType())) { trustPfxOptions.setPath(sslCustom.getFullPath(sslOption.getTrustStore())); trustPfxOptions .setPassword(new String(sslCustom.decode(sslOption.getTrustStoreValue().toCharArray()))); tcpClientOptions.setPfxTrustOptions(trustPfxOptions); } else if (STORE_JKS.equalsIgnoreCase(sslOption.getTrustStoreType())) {
PKCS12TrustStore pkcs12TrustStore = (PKCS12TrustStore) sslOptions.getTrustStore(); PfxOptions pfxOptions = new PfxOptions(); pfxOptions.setPassword(pkcs12TrustStore.getPassword()); if (pkcs12TrustStore.getPath() != null && !pkcs12TrustStore.getPath().isEmpty()) { pfxOptions.setPath(pkcs12TrustStore.getPath()); PKCS12KeyStore pkcs12KeyStore = (PKCS12KeyStore) sslOptions.getKeyStore(); PfxOptions pfxOptions = new PfxOptions(); pfxOptions.setPassword(pkcs12KeyStore.getPassword()); if (pkcs12KeyStore.getPath() != null && !pkcs12KeyStore.getPath().isEmpty()) { pfxOptions.setPath(pkcs12KeyStore.getPath());
public static TrustOptions randomTrustOptions() { TrustOptions trustOptions; switch (TestUtils.randomPositiveInt() % 3) { case 0: trustOptions = new JksOptions(); String tsPassword = TestUtils.randomAlphaString(100); ((JksOptions) trustOptions).setPassword(tsPassword); break; case 1: trustOptions = new PemTrustOptions(); Buffer keyValue = TestUtils.randomBuffer(100); ((PemTrustOptions) trustOptions).addCertValue(keyValue); break; default: trustOptions = new PfxOptions(); String pfxPassword = TestUtils.randomAlphaString(100); ((PfxOptions) trustOptions).setPassword(pfxPassword); } return trustOptions; }
public static KeyCertOptions randomKeyCertOptions() { KeyCertOptions keyCertOptions; switch (TestUtils.randomPositiveInt() % 3) { case 0: keyCertOptions = new JksOptions(); String jksPassword = TestUtils.randomAlphaString(100); ((JksOptions) keyCertOptions).setPassword(jksPassword); break; case 1: keyCertOptions = new PemKeyCertOptions(); Buffer keyValue = TestUtils.randomBuffer(100); ((PemKeyCertOptions) keyCertOptions).setKeyValue(keyValue); break; default: keyCertOptions = new PfxOptions(); String pfxPassword = TestUtils.randomAlphaString(100); ((PfxOptions) keyCertOptions).setPassword(pfxPassword); } return keyCertOptions; }
PKCS12TrustStore pkcs12TrustStore = (PKCS12TrustStore) sslOptions.getTrustStore(); PfxOptions pfxOptions = new PfxOptions(); pfxOptions.setPassword(pkcs12TrustStore.getPassword()); if (pkcs12TrustStore.getPath() != null && !pkcs12TrustStore.getPath().isEmpty()) { pfxOptions.setPath(pkcs12TrustStore.getPath()); PKCS12KeyStore pkcs12KeyStore = (PKCS12KeyStore) sslOptions.getKeyStore(); PfxOptions pfxOptions = new PfxOptions(); pfxOptions.setPassword(pkcs12KeyStore.getPassword()); if (pkcs12KeyStore.getPath() != null && !pkcs12KeyStore.getPath().isEmpty()) { pfxOptions.setPath(pkcs12KeyStore.getPath());
@Test public void testPKCS12Options() throws Exception { PfxOptions options = new PfxOptions(); assertNull(options.getPath()); String randString = TestUtils.randomAlphaString(100); assertEquals(options, options.setPath(randString)); assertEquals(randString, options.getPath()); assertNull(options.getPassword()); randString = TestUtils.randomAlphaString(100); assertEquals(options, options.setPassword(randString)); assertEquals(randString, options.getPassword()); }
@Test public void testCopyPKCS12Options() throws Exception { PfxOptions options = new PfxOptions(); String password = TestUtils.randomAlphaString(100); String path = TestUtils.randomAlphaString(100); Buffer value = Buffer.buffer(TestUtils.randomAlphaString(100)); options.setPassword(password); options.setPath(path); options.setValue(value); options = new PfxOptions(options); assertEquals(password, options.getPassword()); assertEquals(path, options.getPath()); assertEquals(value, options.getValue()); options = new PfxOptions(options.toJson()); assertEquals(password, options.getPassword()); assertEquals(path, options.getPath()); assertEquals(value, options.getValue()); }
@Test(timeout = 20000) public void testConnectWithSslToServerWithUntrustedKeyFails(TestContext context) throws Exception { Async async = context.async(); ProtonServerOptions serverOptions = new ProtonServerOptions(); serverOptions.setSsl(true); PfxOptions serverPfxOptions = new PfxOptions().setPath(KEYSTORE).setPassword(PASSWORD); serverOptions.setPfxKeyCertOptions(serverPfxOptions); mockServer = new MockServer(vertx, conn -> { handleBridgeStartupProcess(conn, context); }, serverOptions); // Try to start the bridge and expect it to fail due to not trusting the server AmqpBridgeOptions bridgeOptions = new AmqpBridgeOptions(); bridgeOptions.setSsl(true); PfxOptions pfxOptions = new PfxOptions().setPath(OTHER_CA_TRUSTSTORE).setPassword(PASSWORD); bridgeOptions.setPfxTrustOptions(pfxOptions); AmqpBridge bridge = AmqpBridge.create(vertx, bridgeOptions); bridge.start("localhost", mockServer.actualPort(), res -> { // Expect start to fail due to remote peer not being trusted context.assertFalse(res.succeeded(), "expected start to fail due to untrusted server"); async.complete(); }); async.awaitSuccess(); }
@Test(timeout = 20000) public void testConnectWithSslToNonSslServerFails(TestContext context) throws Exception { Async async = context.async(); // Create a server that doesn't use ssl ProtonServerOptions serverOptions = new ProtonServerOptions(); serverOptions.setSsl(false); mockServer = new MockServer(vertx, conn -> { handleBridgeStartupProcess(conn, context); }, serverOptions); // Try to start the bridge and expect it to fail AmqpBridgeOptions bridgeOptions = new AmqpBridgeOptions(); bridgeOptions.setSsl(true); PfxOptions pfxOptions = new PfxOptions().setPath(TRUSTSTORE).setPassword(PASSWORD); bridgeOptions.setPfxTrustOptions(pfxOptions); AmqpBridge bridge = AmqpBridge.create(vertx, bridgeOptions); bridge.start("localhost", mockServer.actualPort(), res -> { // Expect start to fail due to remote peer not doing SSL context.assertFalse(res.succeeded(), "expected start to fail due to server not using secure transport"); async.complete(); }); async.awaitSuccess(); }
@Test(timeout = 20000) public void testConnectWithSslToServerWhileUsingTrustAll(TestContext context) throws Exception { Async async = context.async(); ProtonServerOptions serverOptions = new ProtonServerOptions(); serverOptions.setSsl(true); PfxOptions serverPfxOptions = new PfxOptions().setPath(KEYSTORE).setPassword(PASSWORD); serverOptions.setPfxKeyCertOptions(serverPfxOptions); mockServer = new MockServer(vertx, conn -> { handleBridgeStartupProcess(conn, context); }, serverOptions); // Try to start the bridge and expect it to succeed due to trusting all certs AmqpBridgeOptions bridgeOptions = new AmqpBridgeOptions(); bridgeOptions.setSsl(true); bridgeOptions.setTrustAll(true); AmqpBridge bridge = AmqpBridge.create(vertx, bridgeOptions); bridge.start("localhost", mockServer.actualPort(), res -> { // Expect start to succeed context.assertTrue(res.succeeded(), "expected start to suceed due to trusting all certs"); async.complete(); }); async.awaitSuccess(); }