Example 1 with AthenzService
use of com.yahoo.vespa.athenz.api.AthenzService in project vespa by vespa-engine.
the class SiaIdentityProviderTest method constructs_ssl_context_from_file.
@Test
public void constructs_ssl_context_from_file() throws IOException {
File keyFile = tempDirectory.newFile();
KeyPair keypair = KeyUtils.generateKeypair(KeyAlgorithm.RSA);
createPrivateKeyFile(keyFile, keypair);
X509Certificate certificate = createCertificate(keypair);
File certificateFile = tempDirectory.newFile();
createCertificateFile(certificate, certificateFile);
File trustStoreFile = tempDirectory.newFile();
createTrustStoreFile(certificate, trustStoreFile);
SiaIdentityProvider provider = new SiaIdentityProvider(new AthenzService("domain", "service-name"), keyFile, certificateFile, trustStoreFile, mock(ScheduledExecutorService.class));
assertNotNull(provider.getIdentitySslContext());
}
Also used :
AthenzService(com.yahoo.vespa.athenz.api.AthenzService)
KeyPair(java.security.KeyPair)
ScheduledExecutorService(java.util.concurrent.ScheduledExecutorService)
File(java.io.File)
X509Certificate(java.security.cert.X509Certificate)
Test(org.junit.Test)
Example 2 with AthenzService
use of com.yahoo.vespa.athenz.api.AthenzService in project vespa by vespa-engine.
the class AthenzIdentityVerifierTest method verifies_certificate_with_athenz_service_as_common_name.
@Test
public void verifies_certificate_with_athenz_service_as_common_name() throws Exception {
AthenzIdentity trustedIdentity = new AthenzService("mydomain", "alice");
AthenzIdentity unknownIdentity = new AthenzService("mydomain", "mallory");
KeyPair keyPair = createKeyPair();
AthenzIdentityVerifier verifier = new AthenzIdentityVerifier(singleton(trustedIdentity));
assertTrue(verifier.verify("hostname", createSslSessionMock(createSelfSignedCertificate(keyPair, trustedIdentity))));
assertFalse(verifier.verify("hostname", createSslSessionMock(createSelfSignedCertificate(keyPair, unknownIdentity))));
}
Also used :
AthenzService(com.yahoo.vespa.athenz.api.AthenzService)
KeyPair(java.security.KeyPair)
AthenzIdentity(com.yahoo.vespa.athenz.api.AthenzIdentity)
AthenzIdentityVerifier(com.yahoo.vespa.athenz.tls.AthenzIdentityVerifier)
Test(org.junit.Test)
Example 3 with AthenzService
use of com.yahoo.vespa.athenz.api.AthenzService in project vespa by vespa-engine.
the class AthenzIdentitiesTest method athenz_identity_is_parsed_from_dot_separated_string.
@Test
public void athenz_identity_is_parsed_from_dot_separated_string() {
AthenzIdentity expectedIdentity = new AthenzService(new AthenzDomain("my.subdomain"), "myservicename");
String fullName = expectedIdentity.getFullName();
AthenzIdentity actualIdentity = AthenzIdentities.from(fullName);
assertEquals(expectedIdentity, actualIdentity);
}
Also used :
AthenzService(com.yahoo.vespa.athenz.api.AthenzService)
AthenzDomain(com.yahoo.vespa.athenz.api.AthenzDomain)
AthenzIdentity(com.yahoo.vespa.athenz.api.AthenzIdentity)
Test(org.junit.Test)
Aggregations
AthenzService (com.yahoo.vespa.athenz.api.AthenzService)3
Test (org.junit.Test)3
AthenzIdentity (com.yahoo.vespa.athenz.api.AthenzIdentity)2
KeyPair (java.security.KeyPair)2
AthenzDomain (com.yahoo.vespa.athenz.api.AthenzDomain)1
AthenzIdentityVerifier (com.yahoo.vespa.athenz.tls.AthenzIdentityVerifier)1
File (java.io.File)1
X509Certificate (java.security.cert.X509Certificate)1
ScheduledExecutorService (java.util.concurrent.ScheduledExecutorService)1
