Example 11 with SelfSignedCertificate
use of io.vertx.core.net.SelfSignedCertificate in project hono by eclipse.
the class AmqpConnectionIT method testConnectFailsIfAutoProvisioningIsDisabled.
/**
* Verifies that the adapter rejects connection attempts from an unknown device for which auto-provisioning is
* disabled.
*
* @param ctx The test context
*/
@Test
public void testConnectFailsIfAutoProvisioningIsDisabled(final VertxTestContext ctx) {
final String tenantId = helper.getRandomTenantId();
final SelfSignedCertificate deviceCert = SelfSignedCertificate.create(UUID.randomUUID().toString());
// GIVEN a tenant configured with a trust anchor that does not allow auto-provisioning
helper.getCertificate(deviceCert.certificatePath()).compose(cert -> {
final var tenant = Tenants.createTenantForTrustAnchor(cert);
tenant.getTrustedCertificateAuthorities().get(0).setAutoProvisioningEnabled(false);
return helper.registry.addTenant(tenantId, tenant);
}).compose(ok -> connectToAdapter(deviceCert)).onComplete(ctx.failing(t -> {
// THEN the connection is refused
ctx.verify(() -> assertThat(t).isInstanceOf(SaslException.class));
ctx.completeNow();
}));
}
Also used :
HttpURLConnection(java.net.HttpURLConnection)
VertxTestContext(io.vertx.junit5.VertxTestContext)
KeyPair(java.security.KeyPair)
CsvSource(org.junit.jupiter.params.provider.CsvSource)
SelfSignedCertificate(io.vertx.core.net.SelfSignedCertificate)
ClientErrorException(org.eclipse.hono.client.ClientErrorException)
SaslException(javax.security.sasl.SaslException)
Supplier(java.util.function.Supplier)
Constants(org.eclipse.hono.util.Constants)
Tenant(org.eclipse.hono.service.management.tenant.Tenant)
Timeout(io.vertx.junit5.Timeout)
GeneralSecurityException(java.security.GeneralSecurityException)
IntegrationTestSupport(org.eclipse.hono.tests.IntegrationTestSupport)
ExtendWith(org.junit.jupiter.api.extension.ExtendWith)
Assumptions.assumeTrue(org.junit.jupiter.api.Assumptions.assumeTrue)
JsonObject(io.vertx.core.json.JsonObject)
Tenants(org.eclipse.hono.tests.Tenants)
RegistryManagementConstants(org.eclipse.hono.util.RegistryManagementConstants)
ValueSource(org.junit.jupiter.params.provider.ValueSource)
SSLHandshakeException(javax.net.ssl.SSLHandshakeException)
Promise(io.vertx.core.Promise)
RegistrationConstants(org.eclipse.hono.util.RegistrationConstants)
UUID(java.util.UUID)
Truth.assertThat(com.google.common.truth.Truth.assertThat)
VertxExtension(io.vertx.junit5.VertxExtension)
Future(io.vertx.core.Future)
TimeUnit(java.util.concurrent.TimeUnit)
Test(org.junit.jupiter.api.Test)
Adapter(org.eclipse.hono.util.Adapter)
ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)
AuthenticationException(javax.security.sasl.AuthenticationException)
SelfSignedCertificate(io.vertx.core.net.SelfSignedCertificate)
Test(org.junit.jupiter.api.Test)
ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)
Example 12 with SelfSignedCertificate
use of io.vertx.core.net.SelfSignedCertificate in project hono by eclipse.
the class AmqpConnectionIT method testConnectX509SucceedsUsingSni.
/**
* Verifies that an attempt to open a connection using a valid X.509 client certificate succeeds
* for a device belonging to a tenant that uses the same trust anchor as another tenant.
*
* @param tlsVersion The TLS protocol version to use for connecting to the adapter.
* @param ctx The test context
*/
@ParameterizedTest(name = IntegrationTestSupport.PARAMETERIZED_TEST_NAME_PATTERN)
@ValueSource(strings = { IntegrationTestSupport.TLS_VERSION_1_2, IntegrationTestSupport.TLS_VERSION_1_3 })
public void testConnectX509SucceedsUsingSni(final String tlsVersion, final VertxTestContext ctx) {
assumeTrue(IntegrationTestSupport.isTrustAnchorGroupsSupported(), "device registry does not support trust anchor groups");
final String tenantId = helper.getRandomTenantId();
final String deviceId = helper.getRandomDeviceId(tenantId);
final SelfSignedCertificate deviceCert = SelfSignedCertificate.create(deviceId + ".iot.eclipse.org");
helper.getCertificate(deviceCert.certificatePath()).compose(cert -> helper.registry.addTenant(helper.getRandomTenantId(), Tenants.createTenantForTrustAnchor(cert).setTrustAnchorGroup("test-group")).map(cert)).compose(cert -> helper.registry.addDeviceForTenant(tenantId, Tenants.createTenantForTrustAnchor(cert).setTrustAnchorGroup("test-group"), deviceId, cert)).compose(ok -> connectToAdapter(tenantId + "." + IntegrationTestSupport.AMQP_HOST, deviceCert, tlsVersion)).onComplete(ctx.succeeding(con -> {
ctx.verify(() -> assertThat(con.isDisconnected()).isFalse());
ctx.completeNow();
}));
}
Also used :
HttpURLConnection(java.net.HttpURLConnection)
VertxTestContext(io.vertx.junit5.VertxTestContext)
KeyPair(java.security.KeyPair)
CsvSource(org.junit.jupiter.params.provider.CsvSource)
SelfSignedCertificate(io.vertx.core.net.SelfSignedCertificate)
ClientErrorException(org.eclipse.hono.client.ClientErrorException)
SaslException(javax.security.sasl.SaslException)
Supplier(java.util.function.Supplier)
Constants(org.eclipse.hono.util.Constants)
Tenant(org.eclipse.hono.service.management.tenant.Tenant)
Timeout(io.vertx.junit5.Timeout)
GeneralSecurityException(java.security.GeneralSecurityException)
IntegrationTestSupport(org.eclipse.hono.tests.IntegrationTestSupport)
ExtendWith(org.junit.jupiter.api.extension.ExtendWith)
Assumptions.assumeTrue(org.junit.jupiter.api.Assumptions.assumeTrue)
JsonObject(io.vertx.core.json.JsonObject)
Tenants(org.eclipse.hono.tests.Tenants)
RegistryManagementConstants(org.eclipse.hono.util.RegistryManagementConstants)
ValueSource(org.junit.jupiter.params.provider.ValueSource)
SSLHandshakeException(javax.net.ssl.SSLHandshakeException)
Promise(io.vertx.core.Promise)
RegistrationConstants(org.eclipse.hono.util.RegistrationConstants)
UUID(java.util.UUID)
Truth.assertThat(com.google.common.truth.Truth.assertThat)
VertxExtension(io.vertx.junit5.VertxExtension)
Future(io.vertx.core.Future)
TimeUnit(java.util.concurrent.TimeUnit)
Test(org.junit.jupiter.api.Test)
Adapter(org.eclipse.hono.util.Adapter)
ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)
AuthenticationException(javax.security.sasl.AuthenticationException)
SelfSignedCertificate(io.vertx.core.net.SelfSignedCertificate)
ValueSource(org.junit.jupiter.params.provider.ValueSource)
ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)
Example 13 with SelfSignedCertificate
use of io.vertx.core.net.SelfSignedCertificate in project hono by eclipse.
the class DeviceAndGatewayAutoProvisionerTest method init.
/**
* Initializes common fixture.
*
* @throws GeneralSecurityException if the self signed certificate cannot be created.
* @throws IOException if the self signed certificate cannot be read.
*/
@SuppressWarnings("unchecked")
@BeforeEach
public void init() throws GeneralSecurityException, IOException {
tenantId = UUID.randomUUID().toString();
deviceId = UUID.randomUUID().toString();
commonName = UUID.randomUUID().toString();
final SelfSignedCertificate ssc = SelfSignedCertificate.create(String.format("%s,OU=Hono,O=Eclipse", commonName));
cert = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new FileInputStream(ssc.certificatePath()));
subjectDn = cert.getSubjectX500Principal().getName(X500Principal.RFC2253);
final TrustedCertificateAuthority trustedCertificateAuthority = new TrustedCertificateAuthority().setCertificate(cert.getEncoded());
tenant = new Tenant().setTrustedCertificateAuthorities(List.of(trustedCertificateAuthority));
deviceManagementService = mock(DeviceManagementService.class);
credentialsManagementService = mock(CredentialsManagementService.class);
sender = mock(EventSender.class);
when(sender.getMessagingType()).thenReturn(MessagingType.amqp);
when(sender.sendEvent(any(TenantObject.class), any(RegistrationAssertion.class), anyString(), any(), any(Map.class), any())).thenReturn(Future.succeededFuture());
deviceAndGatewayAutoProvisioner = new DeviceAndGatewayAutoProvisioner(mock(Vertx.class), deviceManagementService, credentialsManagementService, new MessagingClientProvider<EventSender>().setClient(sender));
}
Also used :
TenantObject(org.eclipse.hono.util.TenantObject)
SelfSignedCertificate(io.vertx.core.net.SelfSignedCertificate)
Tenant(org.eclipse.hono.service.management.tenant.Tenant)
RegistrationAssertion(org.eclipse.hono.util.RegistrationAssertion)
EventSender(org.eclipse.hono.client.telemetry.EventSender)
TrustedCertificateAuthority(org.eclipse.hono.service.management.tenant.TrustedCertificateAuthority)
CredentialsManagementService(org.eclipse.hono.service.management.credentials.CredentialsManagementService)
Map(java.util.Map)
FileInputStream(java.io.FileInputStream)
BeforeEach(org.junit.jupiter.api.BeforeEach)
Example 14 with SelfSignedCertificate
use of io.vertx.core.net.SelfSignedCertificate in project hono by eclipse.
the class TrustedCertificateAuthorityTest method setUp.
/**
* Sets up class fixture.
*
* @throws GeneralSecurityException if the self signed certificate cannot be created.
* @throws IOException if the self signed certificate cannot be read.
*/
@BeforeAll
public static void setUp() throws GeneralSecurityException, IOException {
final SelfSignedCertificate selfSignedCert = SelfSignedCertificate.create("eclipse.org");
final CertificateFactory factory = CertificateFactory.getInstance("X.509");
certificate = (X509Certificate) factory.generateCertificate(new FileInputStream(selfSignedCert.certificatePath()));
}
Also used :
SelfSignedCertificate(io.vertx.core.net.SelfSignedCertificate)
CertificateFactory(java.security.cert.CertificateFactory)
FileInputStream(java.io.FileInputStream)
BeforeAll(org.junit.jupiter.api.BeforeAll)
Example 15 with SelfSignedCertificate
use of io.vertx.core.net.SelfSignedCertificate in project hono by eclipse.
the class TenantTest method setUp.
/**
* Sets up class fixture.
* @throws GeneralSecurityException if the self signed certificate cannot be created.
* @throws IOException if the self signed certificate cannot be read.
*/
@BeforeAll
public static void setUp() throws GeneralSecurityException, IOException {
final SelfSignedCertificate selfSignedCert = SelfSignedCertificate.create("eclipse.org");
final CertificateFactory factory = CertificateFactory.getInstance("X.509");
certificate = (X509Certificate) factory.generateCertificate(new FileInputStream(selfSignedCert.certificatePath()));
}
Also used :
SelfSignedCertificate(io.vertx.core.net.SelfSignedCertificate)
CertificateFactory(java.security.cert.CertificateFactory)
FileInputStream(java.io.FileInputStream)
BeforeAll(org.junit.jupiter.api.BeforeAll)
Aggregations
SelfSignedCertificate (io.vertx.core.net.SelfSignedCertificate)17
VertxTestContext (io.vertx.junit5.VertxTestContext)10
Tenant (org.eclipse.hono.service.management.tenant.Tenant)10
Test (org.junit.jupiter.api.Test)10
Truth.assertThat (com.google.common.truth.Truth.assertThat)9
Future (io.vertx.core.Future)9
Promise (io.vertx.core.Promise)9
HttpURLConnection (java.net.HttpURLConnection)9
TimeUnit (java.util.concurrent.TimeUnit)9
IntegrationTestSupport (org.eclipse.hono.tests.IntegrationTestSupport)9
Tenants (org.eclipse.hono.tests.Tenants)9
RegistryManagementConstants (org.eclipse.hono.util.RegistryManagementConstants)9
JsonObject (io.vertx.core.json.JsonObject)8
Timeout (io.vertx.junit5.Timeout)8
VertxExtension (io.vertx.junit5.VertxExtension)8
UUID (java.util.UUID)8
Constants (org.eclipse.hono.util.Constants)8
ExtendWith (org.junit.jupiter.api.extension.ExtendWith)8
ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)8
GeneralSecurityException (java.security.GeneralSecurityException)7
