Search in sources :

Example 11 with PfxOptions

use of io.vertx.core.net.PfxOptions in project vert.x by eclipse.

the class KeyStoreHelper method create.

public static KeyStoreHelper create(VertxInternal vertx, KeyCertOptions options) {
    if (options instanceof JksOptions) {
        JksOptions jks = (JksOptions) options;
        Supplier<Buffer> value;
        if (jks.getPath() != null) {
            value = () -> vertx.fileSystem().readFileBlocking(vertx.resolveFile(jks.getPath()).getAbsolutePath());
        } else if (jks.getValue() != null) {
            value = jks::getValue;
        } else {
            return null;
        }
        return new JKSOrPKCS12("JKS", jks.getPassword(), value);
    } else if (options instanceof PfxOptions) {
        PfxOptions pkcs12 = (PfxOptions) options;
        Supplier<Buffer> value;
        if (pkcs12.getPath() != null) {
            value = () -> vertx.fileSystem().readFileBlocking(vertx.resolveFile(pkcs12.getPath()).getAbsolutePath());
        } else if (pkcs12.getValue() != null) {
            value = pkcs12::getValue;
        } else {
            return null;
        }
        return new JKSOrPKCS12("PKCS12", pkcs12.getPassword(), value);
    } else if (options instanceof PemKeyCertOptions) {
        PemKeyCertOptions keyCert = (PemKeyCertOptions) options;
        Supplier<Buffer> key = () -> {
            if (keyCert.getKeyPath() != null) {
                return vertx.fileSystem().readFileBlocking(vertx.resolveFile(keyCert.getKeyPath()).getAbsolutePath());
            } else if (keyCert.getKeyValue() != null) {
                return keyCert.getKeyValue();
            } else {
                throw new RuntimeException("Missing private key");
            }
        };
        Supplier<Buffer> cert = () -> {
            if (keyCert.getCertPath() != null) {
                return vertx.fileSystem().readFileBlocking(vertx.resolveFile(keyCert.getCertPath()).getAbsolutePath());
            } else if (keyCert.getCertValue() != null) {
                return keyCert.getCertValue();
            } else {
                throw new RuntimeException("Missing X.509 certificate");
            }
        };
        return new KeyCert(DUMMY_PASSWORD, key, cert);
    } else {
        return null;
    }
}
Also used : Buffer(io.vertx.core.buffer.Buffer) PemKeyCertOptions(io.vertx.core.net.PemKeyCertOptions) JksOptions(io.vertx.core.net.JksOptions) Supplier(java.util.function.Supplier) PfxOptions(io.vertx.core.net.PfxOptions)

Example 12 with PfxOptions

use of io.vertx.core.net.PfxOptions in project vertx-proton by vert-x3.

the class ProtonClientSslTest method testConnectWithSslToNonSslServerFails.

@Test(timeout = 20000)
public void testConnectWithSslToNonSslServerFails(TestContext context) throws Exception {
    Async async = context.async();
    // Create a server that doesn't use ssl
    ProtonServerOptions serverOptions = new ProtonServerOptions();
    serverOptions.setSsl(false);
    protonServer = createServer(serverOptions, this::handleClientConnectionSessionReceiverOpen);
    // Try to connect the client and expect it to fail
    ProtonClientOptions clientOptions = new ProtonClientOptions();
    clientOptions.setSsl(true);
    PfxOptions pfxOptions = new PfxOptions().setPath(TRUSTSTORE).setPassword(PASSWORD);
    clientOptions.setPfxTrustOptions(pfxOptions);
    ProtonClient client = ProtonClient.create(vertx);
    client.connect(clientOptions, "localhost", protonServer.actualPort(), res -> {
        // Expect connect to fail due to remote peer not doing SSL
        context.assertFalse(res.succeeded());
        async.complete();
    });
    async.awaitSuccess();
}
Also used : Async(io.vertx.ext.unit.Async) PfxOptions(io.vertx.core.net.PfxOptions) Test(org.junit.Test)

Example 13 with PfxOptions

use of io.vertx.core.net.PfxOptions in project vertx-proton by vert-x3.

the class ProtonClientSslTest method doHostnameVerificationTestImpl.

private void doHostnameVerificationTestImpl(TestContext context, boolean verifyHost) throws Exception {
    Async async = context.async();
    // Create a server that accept a connection and expects a client connection+session+receiver
    ProtonServerOptions serverOptions = new ProtonServerOptions();
    serverOptions.setSsl(true);
    PfxOptions serverPfxOptions = new PfxOptions().setPath(WRONG_HOST_KEYSTORE).setPassword(PASSWORD);
    serverOptions.setPfxKeyCertOptions(serverPfxOptions);
    protonServer = createServer(serverOptions, this::handleClientConnectionSessionReceiverOpen);
    // Connect the client and open a receiver to verify the connection works
    ProtonClientOptions clientOptions = new ProtonClientOptions();
    clientOptions.setSsl(true);
    PfxOptions clientPfxOptions = new PfxOptions().setPath(TRUSTSTORE).setPassword(PASSWORD);
    clientOptions.setPfxTrustOptions(clientPfxOptions);
    // Verify/update the hostname verification settings
    context.assertEquals(VERIFY_HTTPS, clientOptions.getHostnameVerificationAlgorithm(), "expected host verification to be on by default");
    if (!verifyHost) {
        clientOptions.setHostnameVerificationAlgorithm(NO_VERIFY);
    }
    ProtonClient client = ProtonClient.create(vertx);
    client.connect(clientOptions, "localhost", protonServer.actualPort(), res -> {
        if (verifyHost) {
            // Expect connect to fail as server cert hostname doesn't match.
            context.assertFalse(res.succeeded(), "expected connect to fail");
            LOG.trace("Connect failed");
            async.complete();
        } else {
            // Expect connect to succeed as verification is disabled
            context.assertTrue(res.succeeded(), "expected connect to succeed");
            LOG.trace("Connect succeeded");
            ProtonConnection connection = res.result();
            connection.open();
            ProtonReceiver receiver = connection.createReceiver("some-address");
            receiver.openHandler(recvResult -> {
                context.assertTrue(recvResult.succeeded());
                LOG.trace("Client receiver open");
                async.complete();
            }).open();
        }
    });
    async.awaitSuccess();
}
Also used : TestContext(io.vertx.ext.unit.TestContext) Async(io.vertx.ext.unit.Async) RunWith(org.junit.runner.RunWith) Vertx(io.vertx.core.Vertx) Test(org.junit.Test) VertxUnitRunner(io.vertx.ext.unit.junit.VertxUnitRunner) LoggerFactory(io.vertx.core.logging.LoggerFactory) PfxOptions(io.vertx.core.net.PfxOptions) ExecutionException(java.util.concurrent.ExecutionException) After(org.junit.After) ClientAuth(io.vertx.core.http.ClientAuth) AsyncResult(io.vertx.core.AsyncResult) Handler(io.vertx.core.Handler) Logger(io.vertx.core.logging.Logger) Before(org.junit.Before) Async(io.vertx.ext.unit.Async) PfxOptions(io.vertx.core.net.PfxOptions)

Example 14 with PfxOptions

use of io.vertx.core.net.PfxOptions in project vertx-proton by vert-x3.

the class ProtonClientSslTest method doClientCertificateTestImpl.

private void doClientCertificateTestImpl(TestContext context, boolean supplyClientCert) throws InterruptedException, ExecutionException {
    Async async = context.async();
    // Create a server that accept a connection and expects a client connection+session+receiver
    ProtonServerOptions serverOptions = new ProtonServerOptions();
    serverOptions.setSsl(true);
    serverOptions.setClientAuth(ClientAuth.REQUIRED);
    PfxOptions serverPfxOptions = new PfxOptions().setPath(KEYSTORE).setPassword(PASSWORD);
    serverOptions.setPfxKeyCertOptions(serverPfxOptions);
    PfxOptions pfxOptions = new PfxOptions().setPath(TRUSTSTORE).setPassword(PASSWORD);
    serverOptions.setPfxTrustOptions(pfxOptions);
    protonServer = createServer(serverOptions, this::handleClientConnectionSessionReceiverOpen);
    // Try to connect the client
    ProtonClientOptions clientOptions = new ProtonClientOptions();
    clientOptions.setSsl(true);
    clientOptions.setPfxTrustOptions(pfxOptions);
    if (supplyClientCert) {
        PfxOptions clientKeyPfxOptions = new PfxOptions().setPath(KEYSTORE_CLIENT).setPassword(PASSWORD);
        clientOptions.setPfxKeyCertOptions(clientKeyPfxOptions);
    }
    ProtonClient client = ProtonClient.create(vertx);
    client.connect(clientOptions, "localhost", protonServer.actualPort(), res -> {
        if (supplyClientCert) {
            // Expect connect to succeed
            context.assertTrue(res.succeeded());
        } else {
            // Expect connect to fail
            context.assertFalse(res.succeeded());
        }
        async.complete();
    });
    async.awaitSuccess();
}
Also used : Async(io.vertx.ext.unit.Async) PfxOptions(io.vertx.core.net.PfxOptions)

Example 15 with PfxOptions

use of io.vertx.core.net.PfxOptions in project vertx-proton by vert-x3.

the class ProtonClientSslTest method testConnectWithSslToServerWithUntrustedKeyFails.

@Test(timeout = 20000)
public void testConnectWithSslToServerWithUntrustedKeyFails(TestContext context) throws Exception {
    Async async = context.async();
    // Create a server that accept a connection and expects a client connection+session+receiver
    ProtonServerOptions serverOptions = new ProtonServerOptions();
    serverOptions.setSsl(true);
    PfxOptions serverPfxOptions = new PfxOptions().setPath(KEYSTORE).setPassword(PASSWORD);
    serverOptions.setPfxKeyCertOptions(serverPfxOptions);
    protonServer = createServer(serverOptions, this::handleClientConnectionSessionReceiverOpen);
    // Try to connect the client and expect it to fail due to us not trusting the server
    ProtonClientOptions clientOptions = new ProtonClientOptions();
    clientOptions.setSsl(true);
    PfxOptions pfxOptions = new PfxOptions().setPath(OTHER_CA_TRUSTSTORE).setPassword(PASSWORD);
    clientOptions.setPfxTrustOptions(pfxOptions);
    ProtonClient client = ProtonClient.create(vertx);
    client.connect(clientOptions, "localhost", protonServer.actualPort(), res -> {
        // Expect connect to fail due to remote peer not doing SSL
        context.assertFalse(res.succeeded());
        async.complete();
    });
    async.awaitSuccess();
}
Also used : Async(io.vertx.ext.unit.Async) PfxOptions(io.vertx.core.net.PfxOptions) Test(org.junit.Test)

Aggregations

PfxOptions (io.vertx.core.net.PfxOptions)15 Test (org.junit.Test)11 Async (io.vertx.ext.unit.Async)6 JksOptions (io.vertx.core.net.JksOptions)4 Buffer (io.vertx.core.buffer.Buffer)3 PemKeyCertOptions (io.vertx.core.net.PemKeyCertOptions)3 AsyncResult (io.vertx.core.AsyncResult)2 Handler (io.vertx.core.Handler)2 Vertx (io.vertx.core.Vertx)2 ClientAuth (io.vertx.core.http.ClientAuth)2 JsonObject (io.vertx.core.json.JsonObject)2 Logger (io.vertx.core.logging.Logger)2 LoggerFactory (io.vertx.core.logging.LoggerFactory)2 TestContext (io.vertx.ext.unit.TestContext)2 VertxUnitRunner (io.vertx.ext.unit.junit.VertxUnitRunner)2 ExecutionException (java.util.concurrent.ExecutionException)2 After (org.junit.After)2 Before (org.junit.Before)2 RunWith (org.junit.runner.RunWith)2 Supplier (java.util.function.Supplier)1