use of io.vertx.core.net.SelfSignedCertificate in project hono by eclipse.
the class AmqpUploadTestBase method testUploadMessagesUsingSaslExternal.
/**
* Verifies that a number of messages uploaded to the AMQP adapter using client certificate
* based authentication can be successfully consumed via the AMQP Messaging Network.
*
* @param senderQos The delivery semantics used by the device for uploading messages.
* @throws InterruptedException if test execution is interrupted.
*/
@ParameterizedTest(name = IntegrationTestSupport.PARAMETERIZED_TEST_NAME_PATTERN)
@MethodSource("senderQoSTypes")
public void testUploadMessagesUsingSaslExternal(final ProtonQoS senderQos) throws InterruptedException {
final String tenantId = helper.getRandomTenantId();
final String deviceId = helper.getRandomDeviceId(tenantId);
final SelfSignedCertificate deviceCert = SelfSignedCertificate.create(deviceId + ".iot.eclipse.org");
final VertxTestContext setup = new VertxTestContext();
helper.getCertificate(deviceCert.certificatePath()).compose(cert -> {
final var tenant = Tenants.createTenantForTrustAnchor(cert);
prepareTenantConfig(tenant);
return helper.registry.addDeviceForTenant(tenantId, tenant, deviceId, cert);
}).compose(ok -> connectToAdapter(deviceCert)).compose(con -> createProducer(null, senderQos)).onComplete(setup.succeeding(s -> {
setup.verify(() -> {
final UnsignedLong maxMessageSize = s.getRemoteMaxMessageSize();
assertWithMessage("max-message-size included in adapter's attach frame").that(maxMessageSize).isNotNull();
assertWithMessage("max-message-size").that(maxMessageSize.longValue()).isGreaterThan(0);
});
sender = s;
setup.completeNow();
}));
assertThat(setup.awaitCompletion(5, TimeUnit.SECONDS)).isTrue();
assertWithMessage("adapter connection failure occurred").that(setup.failed()).isFalse();
testUploadMessages(tenantId, senderQos);
}
use of io.vertx.core.net.SelfSignedCertificate in project hono by eclipse.
the class DeviceCertificateValidatorTest method testValidateSucceedsForTrustAnchorBasedOnPublicKey.
/**
* Verifies that the validator succeeds to verify a certificate chain
* using a trust anchor that has been created with a name and public key
* instead of a certificate.
*
* @param vertx The vert.x instance to use.
* @param ctx The vert.x test context.
*/
@Test
void testValidateSucceedsForTrustAnchorBasedOnPublicKey(final Vertx vertx, final VertxTestContext ctx) {
final SelfSignedCertificate deviceCert = SelfSignedCertificate.create("iot.eclipse.org");
VertxTools.getCertificate(vertx, deviceCert.certificatePath()).compose(cert -> {
final TrustAnchor ca = new TrustAnchor(cert.getSubjectX500Principal(), cert.getPublicKey(), null);
return validator.validate(List.of(cert), ca);
}).onComplete(ctx.succeedingThenComplete());
}
use of io.vertx.core.net.SelfSignedCertificate in project hono by eclipse.
the class MqttPublishTestBase method testUploadMessagesUsingClientCertificate.
/**
* Verifies that a number of messages published by a device authenticating with a client certificate can be
* successfully consumed via the AMQP Messaging Network.
*
* @param ctx The test context.
* @throws InterruptedException if the test fails.
*/
@Test
public void testUploadMessagesUsingClientCertificate(final VertxTestContext ctx) throws InterruptedException {
final SelfSignedCertificate deviceCert = SelfSignedCertificate.create(UUID.randomUUID().toString());
final String tenantId = helper.getRandomTenantId();
final String deviceId = helper.getRandomDeviceId(tenantId);
final VertxTestContext setup = new VertxTestContext();
helper.getCertificate(deviceCert.certificatePath()).compose(cert -> {
final var tenant = Tenants.createTenantForTrustAnchor(cert);
return helper.registry.addDeviceForTenant(tenantId, tenant, deviceId, cert);
}).onComplete(setup.succeedingThenComplete());
assertThat(setup.awaitCompletion(5, TimeUnit.SECONDS)).isTrue();
if (setup.failed()) {
ctx.failNow(setup.causeOfFailure());
return;
}
doTestUploadMessages(ctx, tenantId, deviceId, connectToAdapter(deviceCert), false);
}
use of io.vertx.core.net.SelfSignedCertificate in project hono by eclipse.
the class CredentialsApiTests method createCertificate.
private X509Certificate createCertificate() throws CertificateException, FileNotFoundException {
final SelfSignedCertificate ssc = SelfSignedCertificate.create(UUID.randomUUID().toString());
final CertificateFactory factory = CertificateFactory.getInstance("X.509");
return (X509Certificate) factory.generateCertificate(new FileInputStream(ssc.certificatePath()));
}
use of io.vertx.core.net.SelfSignedCertificate in project hono by eclipse.
the class AmqpConnectionIT method testConnectFailsForNonMatchingTrustAnchor.
/**
* Verifies that the adapter fails to authenticate a device if the device's client certificate's signature cannot be
* validated using the trust anchor that is registered for the tenant that the device belongs to.
*
* @param ctx The test context.
* @throws GeneralSecurityException if the tenant's trust anchor cannot be generated
*/
@Test
public void testConnectFailsForNonMatchingTrustAnchor(final VertxTestContext ctx) throws GeneralSecurityException {
final String tenantId = helper.getRandomTenantId();
final String deviceId = helper.getRandomDeviceId(tenantId);
final KeyPair keyPair = helper.newEcKeyPair();
final SelfSignedCertificate deviceCert = SelfSignedCertificate.create(UUID.randomUUID().toString());
// GIVEN a tenant configured with a trust anchor
helper.getCertificate(deviceCert.certificatePath()).compose(cert -> {
final Tenant tenant = Tenants.createTenantForTrustAnchor(cert.getSubjectX500Principal(), keyPair.getPublic());
return helper.registry.addDeviceForTenant(tenantId, tenant, deviceId, cert);
}).compose(ok -> {
// using the trust anchor registered for the device's tenant
return connectToAdapter(deviceCert);
}).onComplete(ctx.failing(t -> {
// THEN the connection is not established
ctx.verify(() -> assertThat(t).isInstanceOf(SaslException.class));
ctx.completeNow();
}));
}
Aggregations