use of software.amazon.awssdk.crt.io.TlsContextOptions in project aws-crt-java by awslabs.
the class TlsContextOptionsTest method testMtlsFromBadPath.
// Test should fail to create TlsContext because the file paths are not valid
@Test
public void testMtlsFromBadPath() {
skipIfNetworkUnavailable();
String certPath = getPathStringFromSystemProperty(TEST_CERT_PATH_PROPERTY);
String keyPath = getPathStringFromSystemProperty(TEST_KEY_PATH_PROPERTY);
certPath = certPath + ".not.valid.path";
keyPath = keyPath + ".not.valid.path";
boolean successfullyCreatedTlsContext = false;
try (TlsContextOptions options = TlsContextOptions.createDefaultClient()) {
options.initMtlsFromPath(certPath, keyPath);
try (TlsContext tls = new TlsContext(options)) {
successfullyCreatedTlsContext = true;
}
} catch (Exception ex) {
// exceptions are expected
}
assertFalse(successfullyCreatedTlsContext);
}
use of software.amazon.awssdk.crt.io.TlsContextOptions in project aws-crt-java by awslabs.
the class TlsContextOptionsTest method testMtlsFromPath.
@Test
public void testMtlsFromPath() {
skipIfNetworkUnavailable();
String certPath = getPathStringFromSystemProperty(TEST_CERT_PATH_PROPERTY);
String keyPath = getPathStringFromSystemProperty(TEST_KEY_PATH_PROPERTY);
try (TlsContextOptions options = TlsContextOptions.createDefaultClient()) {
options.initMtlsFromPath(certPath, keyPath);
try (TlsContext tls = new TlsContext(options)) {
assertNotNull(tls);
} catch (Exception ex) {
fail(ex.toString());
}
} catch (Exception ex) {
fail(ex.toString());
}
}
use of software.amazon.awssdk.crt.io.TlsContextOptions in project aws-crt-java by awslabs.
the class TlsContextOptionsTest method testMtlsPkcs11.
@Test
public void testMtlsPkcs11() {
Assume.assumeTrue(System.getProperty("NETWORK_TESTS_DISABLED") == null);
Pkcs11LibTest.assumeEnvironmentSetUpForPkcs11Tests();
try (Pkcs11Lib pkcs11Lib = new Pkcs11Lib(Pkcs11LibTest.TEST_PKCS11_LIB);
TlsContextPkcs11Options pkcs11Options = new TlsContextPkcs11Options(pkcs11Lib).withUserPin(Pkcs11LibTest.TEST_PKCS11_PIN).withTokenLabel(Pkcs11LibTest.TEST_PKCS11_TOKEN_LABEL).withPrivateKeyObjectLabel(Pkcs11LibTest.TEST_PKCS11_PKEY_LABEL).withCertificateFilePath(Pkcs11LibTest.TEST_PKCS11_CERT_FILE);
TlsContextOptions tlsOptions = TlsContextOptions.createWithMtlsPkcs11(pkcs11Options);
TlsContext tls = new TlsContext(tlsOptions)) {
} catch (CrtRuntimeException ex) {
// This is expected to fail on platforms where we don't yet support mTLS with PKCS#11
assertEquals("AWS_ERROR_UNIMPLEMENTED", ex.errorName);
}
}
use of software.amazon.awssdk.crt.io.TlsContextOptions in project aws-iot-device-sdk-java-v2 by aws.
the class RawConnect method main.
public static void main(String[] args) {
cmdUtils = new CommandLineUtils();
cmdUtils.registerProgramName("RawConnect");
cmdUtils.addCommonMQTTCommands();
cmdUtils.registerCommand("key", "<path>", "Path to your key in PEM format.");
cmdUtils.registerCommand("cert", "<path>", "Path to your client certificate in PEM format.");
cmdUtils.addCommonProxyCommands();
cmdUtils.registerCommand("client_id", "<int>", "Client id to use (optional, default='test-*').");
cmdUtils.registerCommand("username", "<str>", "Username to use as part of the connection/authentication process.");
cmdUtils.registerCommand("password", "<str>", "Password to use as part of the connection/authentication process.");
cmdUtils.registerCommand("protocol", "<str>", "ALPN protocol to use (optional, default='x-amzn-mqtt-ca').");
cmdUtils.registerCommand("auth_params", "<comma delimited list>", "Comma delimited list of auth parameters. For websockets these will be set as headers. " + "For raw mqtt these will be appended to user_name. (optional)");
cmdUtils.sendArguments(args);
String endpoint = cmdUtils.getCommandRequired("endpoint", "");
String clientId = cmdUtils.getCommandOrDefault("client_id", "test-" + UUID.randomUUID().toString());
String caPath = cmdUtils.getCommandOrDefault("ca_file", "");
String certPath = cmdUtils.getCommandRequired("cert", "");
String keyPath = cmdUtils.getCommandRequired("key", "");
String proxyHost = cmdUtils.getCommandOrDefault("proxy_host", "");
int proxyPort = Integer.parseInt(cmdUtils.getCommandOrDefault("proxy_port", "8080"));
String userName = cmdUtils.getCommandRequired("username", "");
String password = cmdUtils.getCommandRequired("password", "");
String protocolName = cmdUtils.getCommandOrDefault("protocol", "x-amzn-mqtt-ca");
List<String> authParams = null;
if (cmdUtils.hasCommand("auth_params")) {
authParams = Arrays.asList(cmdUtils.getCommand("auth_params").split("\\s*,\\s*"));
}
MqttClientConnectionEvents callbacks = new MqttClientConnectionEvents() {
@Override
public void onConnectionInterrupted(int errorCode) {
if (errorCode != 0) {
System.out.println("Connection interrupted: " + errorCode + ": " + CRT.awsErrorString(errorCode));
}
}
@Override
public void onConnectionResumed(boolean sessionPresent) {
System.out.println("Connection resumed: " + (sessionPresent ? "existing session" : "clean session"));
}
};
if (authParams != null && authParams.size() > 0) {
if (userName.length() > 0) {
StringBuilder usernameBuilder = new StringBuilder();
usernameBuilder.append(userName);
usernameBuilder.append("?");
for (int i = 0; i < authParams.size(); ++i) {
usernameBuilder.append(authParams.get(i));
if (i + 1 < authParams.size()) {
usernameBuilder.append("&");
}
}
userName = usernameBuilder.toString();
}
}
try (TlsContextOptions tlsContextOptions = TlsContextOptions.createWithMtlsFromPath(certPath, keyPath)) {
if (caPath != null) {
tlsContextOptions.overrideDefaultTrustStoreFromPath(null, caPath);
}
int port = 8883;
if (TlsContextOptions.isAlpnSupported()) {
port = 443;
tlsContextOptions.withAlpnList(protocolName);
}
try (TlsContext tlsContext = new TlsContext(tlsContextOptions);
MqttClient client = new MqttClient(tlsContext);
MqttConnectionConfig config = new MqttConnectionConfig()) {
config.setMqttClient(client);
config.setClientId(clientId);
config.setConnectionCallbacks(callbacks);
config.setCleanSession(true);
config.setEndpoint(endpoint);
config.setPort(port);
if (userName != null && userName.length() > 0) {
config.setLogin(userName, password);
}
try (MqttClientConnection connection = new MqttClientConnection(config)) {
// Connect and disconnect using the connection we created
// (see sampleConnectAndDisconnect for implementation)
cmdUtils.sampleConnectAndDisconnect(connection);
}
}
} catch (CrtRuntimeException | InterruptedException | ExecutionException ex) {
System.out.println("Exception encountered: " + ex.toString());
}
CrtResource.waitForNoResources();
System.out.println("Complete!");
}
use of software.amazon.awssdk.crt.io.TlsContextOptions in project aws-crt-java by awslabs.
the class TlsContextOptionsTest method testTlsContextOptionsAPI.
@Test
public void testTlsContextOptionsAPI() {
skipIfNetworkUnavailable();
try (TlsContextOptions options = TlsContextOptions.createDefaultClient()) {
for (TlsCipherPreference pref : TlsCipherPreference.values()) {
if (TlsContextOptions.isCipherPreferenceSupported(pref)) {
options.setCipherPreference(pref);
}
}
Assert.assertNotEquals(0, options.getNativeHandle());
}
try (TlsContextOptions options = TlsContextOptions.createDefaultClient()) {
boolean exceptionThrown = false;
try {
options.setCipherPreference(TlsCipherPreference.TLS_CIPHER_KMS_PQ_TLSv1_0_2019_06);
options.minTlsVersion = TlsVersions.TLSv1_2;
// Will never get here
Assert.assertEquals(0, options.getNativeHandle());
} catch (IllegalArgumentException | IllegalStateException e) {
exceptionThrown = true;
}
Assert.assertTrue(exceptionThrown);
}
}
Aggregations