Examples with HandshakeCertificates okhttp3.tls.HandshakeCertificates used on opensource projects

Search in sources :

Example 1 with HandshakeCertificates

use of okhttp3.tls.HandshakeCertificates in project okhttp by square.

the class ConnectionCoalescingTest method setUp.

@BeforeEach
public void setUp(MockWebServer server) throws Exception {
    this.server = server;
    platform.assumeHttp2Support();
    platform.assumeNotBouncyCastle();
    rootCa = new HeldCertificate.Builder().serialNumber(1L).certificateAuthority(0).commonName("root").build();
    certificate = new HeldCertificate.Builder().signedBy(rootCa).serialNumber(2L).commonName(server.getHostName()).addSubjectAlternativeName(server.getHostName()).addSubjectAlternativeName("san.com").addSubjectAlternativeName("*.wildcard.com").addSubjectAlternativeName("differentdns.com").build();
    serverIps = Dns.SYSTEM.lookup(server.getHostName());
    dns.set(server.getHostName(), serverIps);
    dns.set("san.com", serverIps);
    dns.set("nonsan.com", serverIps);
    dns.set("www.wildcard.com", serverIps);
    dns.set("differentdns.com", Collections.emptyList());
    HandshakeCertificates handshakeCertificates = new HandshakeCertificates.Builder().addTrustedCertificate(rootCa.certificate()).build();
    client = clientTestRule.newClientBuilder().fastFallback(// Avoid data races.
    false).dns(dns).sslSocketFactory(handshakeCertificates.sslSocketFactory(), handshakeCertificates.trustManager()).build();
    HandshakeCertificates serverHandshakeCertificates = new HandshakeCertificates.Builder().heldCertificate(certificate).build();
    server.useHttps(serverHandshakeCertificates.sslSocketFactory(), false);
    url = server.url("/robots.txt");
}
Also used : HandshakeCertificates(okhttp3.tls.HandshakeCertificates) HeldCertificate(okhttp3.tls.HeldCertificate) BeforeEach(org.junit.jupiter.api.BeforeEach)

Example 2 with HandshakeCertificates

use of okhttp3.tls.HandshakeCertificates in project okhttp by square.

the class MockWebServerTest method httpsWithClientAuth.

@Test
public void httpsWithClientAuth() throws Exception {
    assumeFalse(getPlatform().equals("conscrypt"));
    HeldCertificate clientCa = new HeldCertificate.Builder().certificateAuthority(0).build();
    HeldCertificate serverCa = new HeldCertificate.Builder().certificateAuthority(0).build();
    HeldCertificate serverCertificate = new HeldCertificate.Builder().signedBy(serverCa).addSubjectAlternativeName(server.getHostName()).build();
    HandshakeCertificates serverHandshakeCertificates = new HandshakeCertificates.Builder().addTrustedCertificate(clientCa.certificate()).heldCertificate(serverCertificate).build();
    server.useHttps(serverHandshakeCertificates.sslSocketFactory(), false);
    server.enqueue(new MockResponse().setBody("abc"));
    server.requestClientAuth();
    HeldCertificate clientCertificate = new HeldCertificate.Builder().signedBy(clientCa).build();
    HandshakeCertificates clientHandshakeCertificates = new HandshakeCertificates.Builder().addTrustedCertificate(serverCa.certificate()).heldCertificate(clientCertificate).build();
    HttpUrl url = server.url("/");
    HttpsURLConnection connection = (HttpsURLConnection) url.url().openConnection();
    connection.setSSLSocketFactory(clientHandshakeCertificates.sslSocketFactory());
    connection.setHostnameVerifier(new RecordingHostnameVerifier());
    assertThat(connection.getResponseCode()).isEqualTo(HttpURLConnection.HTTP_OK);
    BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream(), UTF_8));
    assertThat(reader.readLine()).isEqualTo("abc");
    RecordedRequest request = server.takeRequest();
    assertThat(request.getRequestUrl().scheme()).isEqualTo("https");
    Handshake handshake = request.getHandshake();
    assertThat(handshake.tlsVersion()).isNotNull();
    assertThat(handshake.cipherSuite()).isNotNull();
    assertThat(handshake.localPrincipal()).isNotNull();
    assertThat(handshake.localCertificates().size()).isEqualTo(1);
    assertThat(handshake.peerPrincipal()).isNotNull();
    assertThat(handshake.peerCertificates().size()).isEqualTo(1);
}
Also used : InputStreamReader(java.io.InputStreamReader) HandshakeCertificates(okhttp3.tls.HandshakeCertificates) HeldCertificate(okhttp3.tls.HeldCertificate) HttpUrl(okhttp3.HttpUrl) BufferedReader(java.io.BufferedReader) HttpsURLConnection(javax.net.ssl.HttpsURLConnection) RecordingHostnameVerifier(okhttp3.RecordingHostnameVerifier) Handshake(okhttp3.Handshake) Test(org.junit.jupiter.api.Test)

Example 3 with HandshakeCertificates

use of okhttp3.tls.HandshakeCertificates in project okhttp by square.

the class MockWebServerTest method https.

@Test
public void https() throws Exception {
    HandshakeCertificates handshakeCertificates = localhost();
    server.useHttps(handshakeCertificates.sslSocketFactory(), false);
    server.enqueue(new MockResponse().setBody("abc"));
    HttpUrl url = server.url("/");
    HttpsURLConnection connection = (HttpsURLConnection) url.url().openConnection();
    connection.setSSLSocketFactory(handshakeCertificates.sslSocketFactory());
    connection.setHostnameVerifier(new RecordingHostnameVerifier());
    assertThat(connection.getResponseCode()).isEqualTo(HttpURLConnection.HTTP_OK);
    BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream(), UTF_8));
    assertThat(reader.readLine()).isEqualTo("abc");
    RecordedRequest request = server.takeRequest();
    assertThat(request.getRequestUrl().scheme()).isEqualTo("https");
    Handshake handshake = request.getHandshake();
    assertThat(handshake.tlsVersion()).isNotNull();
    assertThat(handshake.cipherSuite()).isNotNull();
    assertThat(handshake.localPrincipal()).isNotNull();
    assertThat(handshake.localCertificates().size()).isEqualTo(1);
    assertThat(handshake.peerPrincipal()).isNull();
    assertThat(handshake.peerCertificates().size()).isEqualTo(0);
}
Also used : InputStreamReader(java.io.InputStreamReader) HandshakeCertificates(okhttp3.tls.HandshakeCertificates) BufferedReader(java.io.BufferedReader) HttpUrl(okhttp3.HttpUrl) HttpsURLConnection(javax.net.ssl.HttpsURLConnection) RecordingHostnameVerifier(okhttp3.RecordingHostnameVerifier) Handshake(okhttp3.Handshake) Test(org.junit.jupiter.api.Test)

Example 4 with HandshakeCertificates

use of okhttp3.tls.HandshakeCertificates in project okhttp by square.

the class CertificatePinnerChainValidationTest method pinIntermediatePresentInChain.

/**
 * The pinner should accept an intermediate from the server's chain.
 */
@Test
public void pinIntermediatePresentInChain() throws Exception {
    // Fails on 11.0.1 https://github.com/square/okhttp/issues/4703
    HeldCertificate rootCa = new HeldCertificate.Builder().serialNumber(1L).certificateAuthority(1).commonName("root").build();
    HeldCertificate intermediateCa = new HeldCertificate.Builder().signedBy(rootCa).certificateAuthority(0).serialNumber(2L).commonName("intermediate_ca").build();
    HeldCertificate certificate = new HeldCertificate.Builder().signedBy(intermediateCa).serialNumber(3L).commonName(server.getHostName()).build();
    CertificatePinner certificatePinner = new CertificatePinner.Builder().add(server.getHostName(), CertificatePinner.pin(intermediateCa.certificate())).build();
    HandshakeCertificates handshakeCertificates = new HandshakeCertificates.Builder().addTrustedCertificate(rootCa.certificate()).build();
    OkHttpClient client = clientTestRule.newClientBuilder().sslSocketFactory(handshakeCertificates.sslSocketFactory(), handshakeCertificates.trustManager()).hostnameVerifier(new RecordingHostnameVerifier()).certificatePinner(certificatePinner).build();
    HandshakeCertificates serverHandshakeCertificates = new HandshakeCertificates.Builder().heldCertificate(certificate, intermediateCa.certificate()).build();
    server.useHttps(serverHandshakeCertificates.sslSocketFactory(), false);
    // The request should complete successfully.
    server.enqueue(new MockResponse().setBody("abc").setSocketPolicy(SocketPolicy.DISCONNECT_AT_END));
    Call call1 = client.newCall(new Request.Builder().url(server.url("/")).build());
    Response response1 = call1.execute();
    assertThat(response1.body().string()).isEqualTo("abc");
    response1.close();
    // Force a fresh connection for the next request.
    client.connectionPool().evictAll();
    // Confirm that a second request also succeeds. This should detect caching problems.
    server.enqueue(new MockResponse().setBody("def").setSocketPolicy(SocketPolicy.DISCONNECT_AT_END));
    Call call2 = client.newCall(new Request.Builder().url(server.url("/")).build());
    Response response2 = call2.execute();
    assertThat(response2.body().string()).isEqualTo("def");
    response2.close();
}
Also used : Response(okhttp3.Response) MockResponse(mockwebserver3.MockResponse) MockResponse(mockwebserver3.MockResponse) Call(okhttp3.Call) OkHttpClient(okhttp3.OkHttpClient) HandshakeCertificates(okhttp3.tls.HandshakeCertificates) CertificatePinner(okhttp3.CertificatePinner) HeldCertificate(okhttp3.tls.HeldCertificate) Request(okhttp3.Request) RecordingHostnameVerifier(okhttp3.RecordingHostnameVerifier) Test(org.junit.jupiter.api.Test)

Example 5 with HandshakeCertificates

use of okhttp3.tls.HandshakeCertificates in project okhttp by square.

the class CertificatePinnerChainValidationTest method pinRootNotPresentInChain.

/**
 * The pinner should pull the root certificate from the trust manager.
 */
@Test
public void pinRootNotPresentInChain() throws Exception {
    // Fails on 11.0.1 https://github.com/square/okhttp/issues/4703
    HeldCertificate rootCa = new HeldCertificate.Builder().serialNumber(1L).certificateAuthority(1).commonName("root").build();
    HeldCertificate intermediateCa = new HeldCertificate.Builder().signedBy(rootCa).certificateAuthority(0).serialNumber(2L).commonName("intermediate_ca").build();
    HeldCertificate certificate = new HeldCertificate.Builder().signedBy(intermediateCa).serialNumber(3L).commonName(server.getHostName()).build();
    CertificatePinner certificatePinner = new CertificatePinner.Builder().add(server.getHostName(), CertificatePinner.pin(rootCa.certificate())).build();
    HandshakeCertificates handshakeCertificates = new HandshakeCertificates.Builder().addTrustedCertificate(rootCa.certificate()).build();
    OkHttpClient client = clientTestRule.newClientBuilder().sslSocketFactory(handshakeCertificates.sslSocketFactory(), handshakeCertificates.trustManager()).hostnameVerifier(new RecordingHostnameVerifier()).certificatePinner(certificatePinner).build();
    HandshakeCertificates serverHandshakeCertificates = new HandshakeCertificates.Builder().heldCertificate(certificate, intermediateCa.certificate()).build();
    server.useHttps(serverHandshakeCertificates.sslSocketFactory(), false);
    // The request should complete successfully.
    server.enqueue(new MockResponse().setBody("abc"));
    Call call1 = client.newCall(new Request.Builder().url(server.url("/")).build());
    Response response1 = call1.execute();
    assertThat(response1.body().string()).isEqualTo("abc");
}
Also used : Response(okhttp3.Response) MockResponse(mockwebserver3.MockResponse) MockResponse(mockwebserver3.MockResponse) Call(okhttp3.Call) OkHttpClient(okhttp3.OkHttpClient) HandshakeCertificates(okhttp3.tls.HandshakeCertificates) CertificatePinner(okhttp3.CertificatePinner) HeldCertificate(okhttp3.tls.HeldCertificate) Request(okhttp3.Request) RecordingHostnameVerifier(okhttp3.RecordingHostnameVerifier) Test(org.junit.jupiter.api.Test)

Aggregations

HandshakeCertificates (okhttp3.tls.HandshakeCertificates)17 Test (org.junit.jupiter.api.Test)12 RecordingHostnameVerifier (okhttp3.RecordingHostnameVerifier)11 HeldCertificate (okhttp3.tls.HeldCertificate)11 OkHttpClient (okhttp3.OkHttpClient)9 Call (okhttp3.Call)8 Request (okhttp3.Request)8 MockResponse (mockwebserver3.MockResponse)7 CertificatePinner (okhttp3.CertificatePinner)7 Response (okhttp3.Response)6 BufferedReader (java.io.BufferedReader)4 InputStreamReader (java.io.InputStreamReader)4 HttpsURLConnection (javax.net.ssl.HttpsURLConnection)4 SSLHandshakeException (javax.net.ssl.SSLHandshakeException)4 Handshake (okhttp3.Handshake)4 HttpUrl (okhttp3.HttpUrl)4 SSLPeerUnverifiedException (javax.net.ssl.SSLPeerUnverifiedException)3 ByteArrayInputStream (java.io.ByteArrayInputStream)2 Certificate (java.security.cert.Certificate)2 CertificateFactory (java.security.cert.CertificateFactory)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial