Examples with StringMatcher io.envoyproxy.envoy.type.matcher.v3.StringMatcher used on opensource projects

Search in sources :

Example 1 with StringMatcher

use of io.envoyproxy.envoy.type.matcher.v3.StringMatcher in project grpc-java by grpc.

the class SdsX509TrustManagerTest method wildcardSanInPeerCertsVerifiesMultipleVerifySans.

@Test
public void wildcardSanInPeerCertsVerifiesMultipleVerifySans() throws CertificateException, IOException {
    StringMatcher stringMatcher = StringMatcher.newBuilder().setExact("x.foo.com").build();
    StringMatcher stringMatcher1 = StringMatcher.newBuilder().setSuffix("test.youTube.Com").setIgnoreCase(true).build();
    CertificateValidationContext certContext = CertificateValidationContext.newBuilder().addMatchSubjectAltNames(stringMatcher).addMatchSubjectAltNames(// should match suffix test.youTube.Com
    stringMatcher1).build();
    trustManager = new SdsX509TrustManager(certContext, mockDelegate);
    X509Certificate[] certs = CertificateUtils.toX509Certificates(TestUtils.loadCert(SERVER_1_PEM_FILE));
    trustManager.verifySubjectAltNameInChain(certs);
}
Also used : StringMatcher(io.envoyproxy.envoy.type.matcher.v3.StringMatcher) X509Certificate(java.security.cert.X509Certificate) CertificateValidationContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext) Test(org.junit.Test)

Example 2 with StringMatcher

use of io.envoyproxy.envoy.type.matcher.v3.StringMatcher in project grpc-java by grpc.

the class SdsX509TrustManagerTest method oneSanInPeerCerts_substringIgnoreCase.

@Test
public void oneSanInPeerCerts_substringIgnoreCase() throws CertificateException, IOException {
    StringMatcher stringMatcher = StringMatcher.newBuilder().setContains("zooI.Test.Google").setIgnoreCase(true).build();
    CertificateValidationContext certContext = CertificateValidationContext.newBuilder().addMatchSubjectAltNames(stringMatcher).build();
    trustManager = new SdsX509TrustManager(certContext, mockDelegate);
    X509Certificate[] certs = CertificateUtils.toX509Certificates(TestUtils.loadCert(SERVER_1_PEM_FILE));
    trustManager.verifySubjectAltNameInChain(certs);
}
Also used : StringMatcher(io.envoyproxy.envoy.type.matcher.v3.StringMatcher) X509Certificate(java.security.cert.X509Certificate) CertificateValidationContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext) Test(org.junit.Test)

Example 3 with StringMatcher

use of io.envoyproxy.envoy.type.matcher.v3.StringMatcher in project grpc-java by grpc.

the class SdsX509TrustManagerTest method wildcardSanInPeerCertsVerifiesMultipleVerifySans1.

@Test
public void wildcardSanInPeerCertsVerifiesMultipleVerifySans1() throws CertificateException, IOException {
    StringMatcher stringMatcher = StringMatcher.newBuilder().setExact("x.foo.com").build();
    StringMatcher stringMatcher1 = StringMatcher.newBuilder().setContains("est.Google.f").setIgnoreCase(true).build();
    CertificateValidationContext certContext = CertificateValidationContext.newBuilder().addMatchSubjectAltNames(stringMatcher).addMatchSubjectAltNames(// should contain est.Google.f
    stringMatcher1).build();
    trustManager = new SdsX509TrustManager(certContext, mockDelegate);
    X509Certificate[] certs = CertificateUtils.toX509Certificates(TestUtils.loadCert(SERVER_1_PEM_FILE));
    trustManager.verifySubjectAltNameInChain(certs);
}
Also used : StringMatcher(io.envoyproxy.envoy.type.matcher.v3.StringMatcher) X509Certificate(java.security.cert.X509Certificate) CertificateValidationContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext) Test(org.junit.Test)

Example 4 with StringMatcher

use of io.envoyproxy.envoy.type.matcher.v3.StringMatcher in project grpc-java by grpc.

the class SdsX509TrustManagerTest method oneSanInPeerCertsSuffix_differentCase_expectException.

@Test
public void oneSanInPeerCertsSuffix_differentCase_expectException() throws CertificateException, IOException {
    StringMatcher stringMatcher = StringMatcher.newBuilder().setSuffix(".gooGle.bE").setIgnoreCase(false).build();
    CertificateValidationContext certContext = CertificateValidationContext.newBuilder().addMatchSubjectAltNames(stringMatcher).build();
    trustManager = new SdsX509TrustManager(certContext, mockDelegate);
    X509Certificate[] certs = CertificateUtils.toX509Certificates(TestUtils.loadCert(SERVER_1_PEM_FILE));
    try {
        trustManager.verifySubjectAltNameInChain(certs);
        fail("no exception thrown");
    } catch (CertificateException expected) {
        assertThat(expected).hasMessageThat().isEqualTo("Peer certificate SAN check failed");
    }
}
Also used : StringMatcher(io.envoyproxy.envoy.type.matcher.v3.StringMatcher) CertificateException(java.security.cert.CertificateException) X509Certificate(java.security.cert.X509Certificate) CertificateValidationContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext) Test(org.junit.Test)

Example 5 with StringMatcher

use of io.envoyproxy.envoy.type.matcher.v3.StringMatcher in project grpc-java by grpc.

the class SdsX509TrustManagerTest method oneSanInPeerCertsVerifies_ignoreCase.

@Test
public void oneSanInPeerCertsVerifies_ignoreCase() throws CertificateException, IOException {
    StringMatcher stringMatcher = StringMatcher.newBuilder().setExact("Waterzooi.Test.google.be").setIgnoreCase(true).build();
    CertificateValidationContext certContext = CertificateValidationContext.newBuilder().addMatchSubjectAltNames(stringMatcher).build();
    trustManager = new SdsX509TrustManager(certContext, mockDelegate);
    X509Certificate[] certs = CertificateUtils.toX509Certificates(TestUtils.loadCert(SERVER_1_PEM_FILE));
    trustManager.verifySubjectAltNameInChain(certs);
}
Also used : StringMatcher(io.envoyproxy.envoy.type.matcher.v3.StringMatcher) X509Certificate(java.security.cert.X509Certificate) CertificateValidationContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext) Test(org.junit.Test)

Aggregations

CertificateValidationContext (io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext)27 StringMatcher (io.envoyproxy.envoy.type.matcher.v3.StringMatcher)27 Test (org.junit.Test)27 X509Certificate (java.security.cert.X509Certificate)25 CertificateException (java.security.cert.CertificateException)12
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial