@Override public synchronized ProtocolSignerInfo retrieveSignerInfo(ByteString signerId) { SignerInfo signerInfo; try { signerInfo = certPathStore.getSignerInfo(signerId.toByteArray()); // null is acceptable for retrieveSignerInfo. The user of the certificate manager should call // prefetchDeltaSignerInfo for the mechanism to actually populate the certificate manager. return signerInfo == null ? null : signerInfo.toProtoBuf(); } catch (SignatureException e) { /* * TODO: This may result in the server endlessly requesting the signer info from the * remote server, a more graceful failure needs to be implemented. */ LOG.severe("Failed to retreive signer info for " + new String(Hex.encodeHex(signerId.toByteArray())), e); return null; } }
@Override public void getDeltaSignerInfo(ByteString signerId, WaveletName waveletName, ProtocolHashedVersion deltaEndVersion, DeltaSignerInfoResponseListener listener) { try { listener.onSuccess(Certificates.getRealSignerInfo().toProtoBuf()); } catch (Exception e) { throw new RuntimeException(e); } } };
@Override public void getDeltaSignerInfo(ByteString signerId, WaveletName waveletName, ProtocolHashedVersion deltaEndVersion, DeltaSignerInfoResponseListener listener) { try { listener.onSuccess(Certificates.getRealSignerInfo().toProtoBuf()); } catch (Exception e) { throw new RuntimeException(e); } } };
public void testCertificatesAreStored() throws Exception { CertPathStore certPathStore = newCertPathStore(); ProtocolSignerInfo realSignerInfoProto = realSignerInfo.toProtoBuf(); certPathStore.putSignerInfo(realSignerInfoProto); ProtocolSignerInfo exampleSignerInfoProto = exampleSignerInfo.toProtoBuf(); certPathStore.putSignerInfo(exampleSignerInfoProto); checkCertificateExists(realSignerInfo, certPathStore); checkCertificateExists(exampleSignerInfo, certPathStore); }
public void testCertificatesAreStored() throws Exception { CertPathStore certPathStore = newCertPathStore(); ProtocolSignerInfo realSignerInfoProto = realSignerInfo.toProtoBuf(); certPathStore.putSignerInfo(realSignerInfoProto); ProtocolSignerInfo exampleSignerInfoProto = exampleSignerInfo.toProtoBuf(); certPathStore.putSignerInfo(exampleSignerInfoProto); checkCertificateExists(realSignerInfo, certPathStore); checkCertificateExists(exampleSignerInfo, certPathStore); }
private byte[] storeSignerInfo(ImmutableList<X509Certificate> certs) throws Exception { SignerInfo info = new SignerInfo(HashAlgorithm.SHA256, certs, DOMAIN); store.putSignerInfo(info.toProtoBuf()); return info.getSignerId(); }
private byte[] storeSignerInfo(ImmutableList<X509Certificate> certs) throws Exception { SignerInfo info = new SignerInfo(HashAlgorithm.SHA256, certs, DOMAIN); store.putSignerInfo(info.toProtoBuf()); return info.getSignerId(); }
/** * Test prefetchDeltaSignerInfo for a single request on a single domain, and that subsequent * requests on the same domain return instantly. */ public void test_prefetchDeltaSignerInfo1() throws Exception { SignerInfoPrefetchResultListener mockListener = mock(SignerInfoPrefetchResultListener.class); manager.prefetchDeltaSignerInfo(getSuccessfulProvider(), getRealSignerId(), getFakeWaveletName(CertificateManagerImplTest.DOMAIN), null, mockListener); verify(mockListener).onSuccess(Certificates.getRealSignerInfo().toProtoBuf()); // Shouldn't get a NPE from the null provider because the callback should not be used manager.prefetchDeltaSignerInfo(null, getRealSignerId(), getFakeWaveletName(CertificateManagerImplTest.DOMAIN), null, mockListener); verify(mockListener, times(2)).onSuccess(Certificates.getRealSignerInfo().toProtoBuf()); }
/** * Test prefetchDeltaSignerInfo for a single request on a single domain, and that subsequent * requests on the same domain return instantly. */ public void test_prefetchDeltaSignerInfo1() throws Exception { SignerInfoPrefetchResultListener mockListener = mock(SignerInfoPrefetchResultListener.class); manager.prefetchDeltaSignerInfo(getSuccessfulProvider(), getRealSignerId(), getFakeWaveletName(CertificateManagerImplTest.DOMAIN), null, mockListener); verify(mockListener).onSuccess(Certificates.getRealSignerInfo().toProtoBuf()); // Shouldn't get a NPE from the null provider because the callback should not be used manager.prefetchDeltaSignerInfo(null, getRealSignerId(), getFakeWaveletName(CertificateManagerImplTest.DOMAIN), null, mockListener); verify(mockListener, times(2)).onSuccess(Certificates.getRealSignerInfo().toProtoBuf()); }
/** * Constructor. * * @param listenerExecutor executes callback listeners * @param certificateManager provider of certificates; it also determines which * domains this wave server regards as local wavelets. * @param federationRemote federation remote interface * @param waveMap records the waves and wavelets in memory */ @Inject WaveServerImpl(@ListenerExecutor Executor listenerExecutor, CertificateManager certificateManager, @FederationRemoteBridge WaveletFederationProvider federationRemote, WaveMap waveMap) { this.listenerExecutor = listenerExecutor; this.certificateManager = certificateManager; this.federationRemote = federationRemote; this.waveMap = waveMap; LOG.info("Wave Server configured to host local domains: " + certificateManager.getLocalDomains()); // Preemptively add our own signer info to the certificate manager SignerInfo signerInfo = certificateManager.getLocalSigner().getSignerInfo(); if (signerInfo != null) { try { certificateManager.storeSignerInfo(signerInfo.toProtoBuf()); } catch (SignatureException e) { LOG.severe("Failed to add our own signer info to the certificate store", e); } } }
/** * Test prefetchDeltaSignerInfo for failing requests where a previous request on a different * domain has already succeeded. The failing request should also appear to succeed. */ public void test_prefetchDeltaSignerInfo5() throws Exception { // This would fail if the next (immediate) request didn't succeed SignerInfoPrefetchResultListener failListener = mock(SignerInfoPrefetchResultListener.class); manager.prefetchDeltaSignerInfo(getSlowFailingProvider(ticker, EASY_TICKS), getRealSignerId(), getFakeWaveletName(CertificateManagerImplTest.DOMAIN), getHashedVersion(), failListener); verifyZeroInteractions(failListener); // This will succeed immediately SignerInfoPrefetchResultListener successListener = mock(SignerInfoPrefetchResultListener.class); manager.prefetchDeltaSignerInfo(getSuccessfulProvider(), getRealSignerId(), getFakeWaveletName(OTHER_DOMAIN), getHashedVersion(), successListener); verify(successListener).onSuccess(Certificates.getRealSignerInfo().toProtoBuf()); verify(failListener).onSuccess(Certificates.getRealSignerInfo().toProtoBuf()); // The failing listener shouldn't do anything, even after the ticks ticker.tick(EASY_TICKS); verifyNoMoreInteractions(failListener); verifyNoMoreInteractions(successListener); }
/** * Test prefetchDeltaSignerInfo for failing requests where a previous request on a different * domain has already succeeded. The failing request should also appear to succeed. */ public void test_prefetchDeltaSignerInfo5() throws Exception { // This would fail if the next (immediate) request didn't succeed SignerInfoPrefetchResultListener failListener = mock(SignerInfoPrefetchResultListener.class); manager.prefetchDeltaSignerInfo(getSlowFailingProvider(ticker, EASY_TICKS), getRealSignerId(), getFakeWaveletName(CertificateManagerImplTest.DOMAIN), getHashedVersion(), failListener); verifyZeroInteractions(failListener); // This will succeed immediately SignerInfoPrefetchResultListener successListener = mock(SignerInfoPrefetchResultListener.class); manager.prefetchDeltaSignerInfo(getSuccessfulProvider(), getRealSignerId(), getFakeWaveletName(OTHER_DOMAIN), getHashedVersion(), successListener); verify(successListener).onSuccess(Certificates.getRealSignerInfo().toProtoBuf()); verify(failListener).onSuccess(Certificates.getRealSignerInfo().toProtoBuf()); // The failing listener shouldn't do anything, even after the ticks ticker.tick(EASY_TICKS); verifyNoMoreInteractions(failListener); verifyNoMoreInteractions(successListener); }
/** * Test prefetchDeltaSignerInfo for failing requests -- even though the first request fails, * the second request on a different domain should succeed. */ public void test_prefetchDeltaSignerInfo6() throws Exception { // This will fail later SignerInfoPrefetchResultListener failListener = mock(SignerInfoPrefetchResultListener.class); manager.prefetchDeltaSignerInfo(getSlowFailingProvider(ticker, EASY_TICKS), getRealSignerId(), getFakeWaveletName(CertificateManagerImplTest.DOMAIN), getHashedVersion(), failListener); verifyZeroInteractions(failListener); // This will succeed later, after the failing one fails SignerInfoPrefetchResultListener successListener = mock(SignerInfoPrefetchResultListener.class); manager.prefetchDeltaSignerInfo(getSlowSuccessfulProvider(ticker, EASY_TICKS * 2), getRealSignerId(), getFakeWaveletName(OTHER_DOMAIN), getHashedVersion(), successListener); verifyZeroInteractions(successListener); // The failing request should fail, but successful request left alone ticker.tick(EASY_TICKS); verifyZeroInteractions(successListener); verify(failListener).onFailure(GENERIC_ERROR); // The successful request should now succeed ticker.tick(EASY_TICKS); verify(successListener).onSuccess(Certificates.getRealSignerInfo().toProtoBuf()); verifyNoMoreInteractions(failListener); }
/** * Test prefetchDeltaSignerInfo for failing requests -- even though the first request fails, * the second request on a different domain should succeed. */ public void test_prefetchDeltaSignerInfo6() throws Exception { // This will fail later SignerInfoPrefetchResultListener failListener = mock(SignerInfoPrefetchResultListener.class); manager.prefetchDeltaSignerInfo(getSlowFailingProvider(ticker, EASY_TICKS), getRealSignerId(), getFakeWaveletName(CertificateManagerImplTest.DOMAIN), getHashedVersion(), failListener); verifyZeroInteractions(failListener); // This will succeed later, after the failing one fails SignerInfoPrefetchResultListener successListener = mock(SignerInfoPrefetchResultListener.class); manager.prefetchDeltaSignerInfo(getSlowSuccessfulProvider(ticker, EASY_TICKS * 2), getRealSignerId(), getFakeWaveletName(OTHER_DOMAIN), getHashedVersion(), successListener); verifyZeroInteractions(successListener); // The failing request should fail, but successful request left alone ticker.tick(EASY_TICKS); verifyZeroInteractions(successListener); verify(failListener).onFailure(GENERIC_ERROR); // The successful request should now succeed ticker.tick(EASY_TICKS); verify(successListener).onSuccess(Certificates.getRealSignerInfo().toProtoBuf()); verifyNoMoreInteractions(failListener); }
public void testRealSignature() throws Exception { manager = new CertificateManagerImpl(config, getSigner(), getRealVerifier(store), store); manager.storeSignerInfo(Certificates.getRealSignerInfo().toProtoBuf()); ByteStringMessage<ProtocolWaveletDelta> compare = manager.verifyDelta(getFakeSignedDelta()); assertEquals(compare, getFakeDelta()); }
public void testRealSignature() throws Exception { manager = new CertificateManagerImpl(config, getSigner(), getRealVerifier(store), store); manager.storeSignerInfo(Certificates.getRealSignerInfo().toProtoBuf()); ByteStringMessage<ProtocolWaveletDelta> compare = manager.verifyDelta(getFakeSignedDelta()); assertEquals(compare, getFakeDelta()); }
public void testSignature() throws Exception { ProtocolWaveletDelta delta = ProtocolWaveletDelta.newBuilder() .setHashedVersion(getProtocolHashedVersion()) .setAuthor("bob@example.com") .build(); ByteStringMessage<ProtocolWaveletDelta> canonicalDelta = ByteStringMessage.serializeMessage(delta); ProtocolSignedDelta signedDelta = manager.signDelta(canonicalDelta); manager.storeSignerInfo(getSignerInfo().toProtoBuf()); ByteStringMessage<ProtocolWaveletDelta> compare = manager.verifyDelta(signedDelta); assertEquals(canonicalDelta, compare); }
public void testSignature() throws Exception { ProtocolWaveletDelta delta = ProtocolWaveletDelta.newBuilder() .setHashedVersion(getProtocolHashedVersion()) .setAuthor("bob@example.com") .build(); ByteStringMessage<ProtocolWaveletDelta> canonicalDelta = ByteStringMessage.serializeMessage(delta); ProtocolSignedDelta signedDelta = manager.signDelta(canonicalDelta); manager.storeSignerInfo(getSignerInfo().toProtoBuf()); ByteStringMessage<ProtocolWaveletDelta> compare = manager.verifyDelta(signedDelta); assertEquals(canonicalDelta, compare); }
public void testSignature_authorNotMatching() throws Exception { ProtocolWaveletDelta delta = ProtocolWaveletDelta.newBuilder() .setHashedVersion(getProtocolHashedVersion()) .setAuthor("bob@someotherdomain.com") .build(); ByteStringMessage<ProtocolWaveletDelta> canonicalDelta = ByteStringMessage.serializeMessage(delta); ProtocolSignedDelta signedDelta = manager.signDelta(canonicalDelta); manager.storeSignerInfo(getSignerInfo().toProtoBuf()); try { manager.verifyDelta(signedDelta); fail("expected exception, but didn't get it"); } catch (SignatureException e) { // expected } }
public void testSignature_authorNotMatching() throws Exception { ProtocolWaveletDelta delta = ProtocolWaveletDelta.newBuilder() .setHashedVersion(getProtocolHashedVersion()) .setAuthor("bob@someotherdomain.com") .build(); ByteStringMessage<ProtocolWaveletDelta> canonicalDelta = ByteStringMessage.serializeMessage(delta); ProtocolSignedDelta signedDelta = manager.signDelta(canonicalDelta); manager.storeSignerInfo(getSignerInfo().toProtoBuf()); try { manager.verifyDelta(signedDelta); fail("expected exception, but didn't get it"); } catch (SignatureException e) { // expected } }