Examples with CommonTlsContext io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext used on opensource projects

Search in sources :

Example 16 with CommonTlsContext

use of io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext in project grpc-java by grpc.

the class CommonTlsContextTestsUtil method buildCommonTlsContextWithAdditionalValues.

/**
 * takes additional values and creates CombinedCertificateValidationContext as needed.
 */
@SuppressWarnings("deprecation")
static CommonTlsContext buildCommonTlsContextWithAdditionalValues(String certInstanceName, String certName, String validationContextCertInstanceName, String validationContextCertName, Iterable<StringMatcher> matchSubjectAltNames, Iterable<String> alpnNames) {
    CommonTlsContext.Builder builder = CommonTlsContext.newBuilder();
    CertificateProviderInstance certificateProviderInstance = CertificateProviderInstance.newBuilder().setInstanceName(certInstanceName).setCertificateName(certName).build();
    if (certificateProviderInstance != null) {
        builder.setTlsCertificateCertificateProviderInstance(certificateProviderInstance);
    }
    CertificateProviderInstance validationCertificateProviderInstance = CertificateProviderInstance.newBuilder().setInstanceName(validationContextCertInstanceName).setCertificateName(validationContextCertName).build();
    CertificateValidationContext certValidationContext = matchSubjectAltNames == null ? null : CertificateValidationContext.newBuilder().addAllMatchSubjectAltNames(matchSubjectAltNames).build();
    if (validationCertificateProviderInstance != null) {
        CombinedCertificateValidationContext.Builder combinedBuilder = CombinedCertificateValidationContext.newBuilder().setValidationContextCertificateProviderInstance(validationCertificateProviderInstance);
        if (certValidationContext != null) {
            combinedBuilder = combinedBuilder.setDefaultValidationContext(certValidationContext);
        }
        builder.setCombinedValidationContext(combinedBuilder);
    } else if (validationCertificateProviderInstance != null) {
        builder.setValidationContextCertificateProviderInstance(validationCertificateProviderInstance);
    } else if (certValidationContext != null) {
        builder.setValidationContext(certValidationContext);
    }
    if (alpnNames != null) {
        builder.addAllAlpnProtocols(alpnNames);
    }
    return builder.build();
}
Also used : CertificateProviderInstance(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProviderInstance) CommonTlsContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext) CombinedCertificateValidationContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CombinedCertificateValidationContext) CertificateValidationContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext) CombinedCertificateValidationContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CombinedCertificateValidationContext)

Example 17 with CommonTlsContext

use of io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext in project grpc-java by grpc.

the class ClientXdsClientDataTest method validateCommonTlsContext_tlsCertificateProviderInstance_isRequiredForServer.

@Test
public void validateCommonTlsContext_tlsCertificateProviderInstance_isRequiredForServer() throws ResourceInvalidException {
    CommonTlsContext commonTlsContext = CommonTlsContext.newBuilder().build();
    thrown.expect(ResourceInvalidException.class);
    thrown.expectMessage("tls_certificate_provider_instance is required in downstream-tls-context");
    ClientXdsClient.validateCommonTlsContext(commonTlsContext, null, true);
}
Also used : CommonTlsContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext) Test(org.junit.Test)

Example 18 with CommonTlsContext

use of io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext in project grpc-java by grpc.

the class ClientXdsClientDataTest method validateCommonTlsContext_combinedValidationContext_isRequiredForClient.

@Test
public void validateCommonTlsContext_combinedValidationContext_isRequiredForClient() throws ResourceInvalidException {
    CommonTlsContext commonTlsContext = CommonTlsContext.newBuilder().build();
    thrown.expect(ResourceInvalidException.class);
    thrown.expectMessage("ca_certificate_provider_instance is required in upstream-tls-context");
    ClientXdsClient.validateCommonTlsContext(commonTlsContext, null, false);
}
Also used : CommonTlsContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext) Test(org.junit.Test)

Example 19 with CommonTlsContext

use of io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext in project grpc-java by grpc.

the class ClientXdsClientDataTest method validateCommonTlsContext_combinedValContextWithDefaultValContextVerifyCertHash.

@Test
@SuppressWarnings("deprecation")
public void validateCommonTlsContext_combinedValContextWithDefaultValContextVerifyCertHash() throws ResourceInvalidException {
    CommonTlsContext commonTlsContext = CommonTlsContext.newBuilder().setCombinedValidationContext(CommonTlsContext.CombinedCertificateValidationContext.newBuilder().setValidationContextCertificateProviderInstance(CommonTlsContext.CertificateProviderInstance.getDefaultInstance()).setDefaultValidationContext(CertificateValidationContext.newBuilder().addVerifyCertificateHash("foo"))).setTlsCertificateCertificateProviderInstance(CommonTlsContext.CertificateProviderInstance.getDefaultInstance()).build();
    thrown.expect(ResourceInvalidException.class);
    thrown.expectMessage("verify_certificate_hash in default_validation_context is not " + "supported");
    ClientXdsClient.validateCommonTlsContext(commonTlsContext, ImmutableSet.of(""), false);
}
Also used : CommonTlsContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext) Test(org.junit.Test)

Example 20 with CommonTlsContext

use of io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext in project grpc-java by grpc.

the class ClientXdsClientDataTest method validateCommonTlsContext_tlsCertificateProviderInstance_absentInBootstrapFile.

@Test
@SuppressWarnings("deprecation")
public void validateCommonTlsContext_tlsCertificateProviderInstance_absentInBootstrapFile() throws ResourceInvalidException {
    CommonTlsContext commonTlsContext = CommonTlsContext.newBuilder().setTlsCertificateCertificateProviderInstance(CertificateProviderInstance.newBuilder().setInstanceName("bad-name").build()).build();
    thrown.expect(ResourceInvalidException.class);
    thrown.expectMessage("CertificateProvider instance name 'bad-name' not defined in the bootstrap file.");
    ClientXdsClient.validateCommonTlsContext(commonTlsContext, ImmutableSet.of("name1", "name2"), true);
}
Also used : CommonTlsContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext) Test(org.junit.Test)

Aggregations

CommonTlsContext (io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext)27 Test (org.junit.Test)25 CertificateValidationContext (io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext)3 DownstreamTlsContext (io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext)2 VisibleForTesting (com.google.common.annotations.VisibleForTesting)1 CertificateProviderInstance (io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProviderInstance)1 CombinedCertificateValidationContext (io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CombinedCertificateValidationContext)1 ApplicationProtocolConfig (io.netty.handler.ssl.ApplicationProtocolConfig)1 SslContext (io.netty.handler.ssl.SslContext)1 SslContextBuilder (io.netty.handler.ssl.SslContextBuilder)1 IOException (java.io.IOException)1 CertStoreException (java.security.cert.CertStoreException)1 CertificateException (java.security.cert.CertificateException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial