Search in sources :

Example 6 with AdvancedTlsX509KeyManager

use of io.grpc.util.AdvancedTlsX509KeyManager in project grpc-java by grpc.

the class AdvancedTlsTest method onFileReloadingKeyManagerBadInitialContentTest.

@Test
public void onFileReloadingKeyManagerBadInitialContentTest() throws Exception {
    exceptionRule.expect(GeneralSecurityException.class);
    AdvancedTlsX509KeyManager keyManager = new AdvancedTlsX509KeyManager();
    // We swap the order of key and certificates to intentionally create an exception.
    Closeable keyShutdown = keyManager.updateIdentityCredentialsFromFile(serverCert0File, serverKey0File, 100, TimeUnit.MILLISECONDS, executor);
    keyShutdown.close();
}
Also used : AdvancedTlsX509KeyManager(io.grpc.util.AdvancedTlsX509KeyManager) Closeable(java.io.Closeable) Test(org.junit.Test)

Example 7 with AdvancedTlsX509KeyManager

use of io.grpc.util.AdvancedTlsX509KeyManager in project grpc-java by grpc.

the class AdvancedTlsTest method onFileReloadingKeyManagerTrustManagerTest.

@Test
public void onFileReloadingKeyManagerTrustManagerTest() throws Exception {
    // Create & start a server.
    AdvancedTlsX509KeyManager serverKeyManager = new AdvancedTlsX509KeyManager();
    Closeable serverKeyShutdown = serverKeyManager.updateIdentityCredentialsFromFile(serverKey0File, serverCert0File, 100, TimeUnit.MILLISECONDS, executor);
    AdvancedTlsX509TrustManager serverTrustManager = AdvancedTlsX509TrustManager.newBuilder().setVerification(Verification.CERTIFICATE_ONLY_VERIFICATION).build();
    Closeable serverTrustShutdown = serverTrustManager.updateTrustCredentialsFromFile(caCertFile, 100, TimeUnit.MILLISECONDS, executor);
    ServerCredentials serverCredentials = TlsServerCredentials.newBuilder().keyManager(serverKeyManager).trustManager(serverTrustManager).clientAuth(ClientAuth.REQUIRE).build();
    server = Grpc.newServerBuilderForPort(0, serverCredentials).addService(new SimpleServiceImpl()).build().start();
    // Create a client to connect.
    AdvancedTlsX509KeyManager clientKeyManager = new AdvancedTlsX509KeyManager();
    Closeable clientKeyShutdown = clientKeyManager.updateIdentityCredentialsFromFile(clientKey0File, clientCert0File, 100, TimeUnit.MILLISECONDS, executor);
    AdvancedTlsX509TrustManager clientTrustManager = AdvancedTlsX509TrustManager.newBuilder().setVerification(Verification.CERTIFICATE_AND_HOST_NAME_VERIFICATION).build();
    Closeable clientTrustShutdown = clientTrustManager.updateTrustCredentialsFromFile(caCertFile, 100, TimeUnit.MILLISECONDS, executor);
    ChannelCredentials channelCredentials = TlsChannelCredentials.newBuilder().keyManager(clientKeyManager).trustManager(clientTrustManager).build();
    channel = Grpc.newChannelBuilderForAddress("localhost", server.getPort(), channelCredentials).overrideAuthority("foo.test.google.com.au").build();
    // Start the connection.
    try {
        SimpleServiceGrpc.SimpleServiceBlockingStub client = SimpleServiceGrpc.newBlockingStub(channel);
        // Send an actual request, via the full GRPC & network stack, and check that a proper
        // response comes back.
        client.unaryRpc(SimpleRequest.getDefaultInstance());
    } catch (StatusRuntimeException e) {
        e.printStackTrace();
        fail("Find error: " + e.getMessage());
    }
    // Clean up.
    serverKeyShutdown.close();
    serverTrustShutdown.close();
    clientKeyShutdown.close();
    clientTrustShutdown.close();
}
Also used : AdvancedTlsX509KeyManager(io.grpc.util.AdvancedTlsX509KeyManager) TlsServerCredentials(io.grpc.TlsServerCredentials) ServerCredentials(io.grpc.ServerCredentials) ChannelCredentials(io.grpc.ChannelCredentials) TlsChannelCredentials(io.grpc.TlsChannelCredentials) Closeable(java.io.Closeable) AdvancedTlsX509TrustManager(io.grpc.util.AdvancedTlsX509TrustManager) StatusRuntimeException(io.grpc.StatusRuntimeException) SimpleServiceGrpc(io.grpc.testing.protobuf.SimpleServiceGrpc) Test(org.junit.Test)

Aggregations

AdvancedTlsX509KeyManager (io.grpc.util.AdvancedTlsX509KeyManager)7 Test (org.junit.Test)7 ChannelCredentials (io.grpc.ChannelCredentials)5 ServerCredentials (io.grpc.ServerCredentials)5 StatusRuntimeException (io.grpc.StatusRuntimeException)5 TlsChannelCredentials (io.grpc.TlsChannelCredentials)5 TlsServerCredentials (io.grpc.TlsServerCredentials)5 SimpleServiceGrpc (io.grpc.testing.protobuf.SimpleServiceGrpc)5 AdvancedTlsX509TrustManager (io.grpc.util.AdvancedTlsX509TrustManager)5 SslSocketAndEnginePeerVerifier (io.grpc.util.AdvancedTlsX509TrustManager.SslSocketAndEnginePeerVerifier)2 Closeable (java.io.Closeable)2 Socket (java.net.Socket)2 SSLEngine (javax.net.ssl.SSLEngine)2 CertificateException (java.security.cert.CertificateException)1 X509Certificate (java.security.cert.X509Certificate)1