use of io.grpc.util.AdvancedTlsX509KeyManager in project grpc-java by grpc.
the class AdvancedTlsTest method onFileReloadingKeyManagerBadInitialContentTest.
@Test
public void onFileReloadingKeyManagerBadInitialContentTest() throws Exception {
exceptionRule.expect(GeneralSecurityException.class);
AdvancedTlsX509KeyManager keyManager = new AdvancedTlsX509KeyManager();
// We swap the order of key and certificates to intentionally create an exception.
Closeable keyShutdown = keyManager.updateIdentityCredentialsFromFile(serverCert0File, serverKey0File, 100, TimeUnit.MILLISECONDS, executor);
keyShutdown.close();
}
use of io.grpc.util.AdvancedTlsX509KeyManager in project grpc-java by grpc.
the class AdvancedTlsTest method onFileReloadingKeyManagerTrustManagerTest.
@Test
public void onFileReloadingKeyManagerTrustManagerTest() throws Exception {
// Create & start a server.
AdvancedTlsX509KeyManager serverKeyManager = new AdvancedTlsX509KeyManager();
Closeable serverKeyShutdown = serverKeyManager.updateIdentityCredentialsFromFile(serverKey0File, serverCert0File, 100, TimeUnit.MILLISECONDS, executor);
AdvancedTlsX509TrustManager serverTrustManager = AdvancedTlsX509TrustManager.newBuilder().setVerification(Verification.CERTIFICATE_ONLY_VERIFICATION).build();
Closeable serverTrustShutdown = serverTrustManager.updateTrustCredentialsFromFile(caCertFile, 100, TimeUnit.MILLISECONDS, executor);
ServerCredentials serverCredentials = TlsServerCredentials.newBuilder().keyManager(serverKeyManager).trustManager(serverTrustManager).clientAuth(ClientAuth.REQUIRE).build();
server = Grpc.newServerBuilderForPort(0, serverCredentials).addService(new SimpleServiceImpl()).build().start();
// Create a client to connect.
AdvancedTlsX509KeyManager clientKeyManager = new AdvancedTlsX509KeyManager();
Closeable clientKeyShutdown = clientKeyManager.updateIdentityCredentialsFromFile(clientKey0File, clientCert0File, 100, TimeUnit.MILLISECONDS, executor);
AdvancedTlsX509TrustManager clientTrustManager = AdvancedTlsX509TrustManager.newBuilder().setVerification(Verification.CERTIFICATE_AND_HOST_NAME_VERIFICATION).build();
Closeable clientTrustShutdown = clientTrustManager.updateTrustCredentialsFromFile(caCertFile, 100, TimeUnit.MILLISECONDS, executor);
ChannelCredentials channelCredentials = TlsChannelCredentials.newBuilder().keyManager(clientKeyManager).trustManager(clientTrustManager).build();
channel = Grpc.newChannelBuilderForAddress("localhost", server.getPort(), channelCredentials).overrideAuthority("foo.test.google.com.au").build();
// Start the connection.
try {
SimpleServiceGrpc.SimpleServiceBlockingStub client = SimpleServiceGrpc.newBlockingStub(channel);
// Send an actual request, via the full GRPC & network stack, and check that a proper
// response comes back.
client.unaryRpc(SimpleRequest.getDefaultInstance());
} catch (StatusRuntimeException e) {
e.printStackTrace();
fail("Find error: " + e.getMessage());
}
// Clean up.
serverKeyShutdown.close();
serverTrustShutdown.close();
clientKeyShutdown.close();
clientTrustShutdown.close();
}
Aggregations