Search in sources :

Example 1 with Curve

use of zmq.io.mechanism.curve.Curve in project jeromq by zeromq.

the class SecurityCurveTest method testPlainCurveKeys.

@Test
public void testPlainCurveKeys() throws Exception {
    byte[][] serverKeyPair = new Curve().keypair();
    byte[] serverPublicKey = serverKeyPair[0];
    byte[] serverSecretKey = serverKeyPair[1];
    byte[][] clientKeyPair = new Curve().keypair();
    byte[] clientPublicKey = clientKeyPair[0];
    byte[] clientSecretKey = clientKeyPair[1];
    Ctx context = ZMQ.createContext();
    SocketBase server = context.createSocket(ZMQ.ZMQ_DEALER);
    ZMQ.setSocketOption(server, ZMQ.ZMQ_CURVE_SERVER, true);
    ZMQ.setSocketOption(server, ZMQ.ZMQ_CURVE_SECRETKEY, serverSecretKey);
    server.bind(connectionString);
    SocketBase client = context.createSocket(ZMQ.ZMQ_DEALER);
    ZMQ.setSocketOption(client, ZMQ.ZMQ_CURVE_SERVERKEY, serverPublicKey);
    ZMQ.setSocketOption(client, ZMQ.ZMQ_CURVE_PUBLICKEY, clientPublicKey);
    ZMQ.setSocketOption(client, ZMQ.ZMQ_CURVE_SECRETKEY, clientSecretKey);
    client.connect(connectionString);
    byte[] testBytes = "hello-world".getBytes();
    ZMQ.send(client, testBytes, 0);
    byte[] recv = ZMQ.recv(server, 0).data();
    assertThat(recv, is(equalTo(testBytes)));
    server.close();
    client.close();
    context.terminate();
}
Also used : SocketBase(zmq.SocketBase) Ctx(zmq.Ctx) Curve(zmq.io.mechanism.curve.Curve) Test(org.junit.Test)

Example 2 with Curve

use of zmq.io.mechanism.curve.Curve in project jeromq by zeromq.

the class SecurityCurveTest method testCurveMechanismSecurity.

@Test
public void testCurveMechanismSecurity() throws IOException, InterruptedException {
    Curve cryptoBox = new Curve();
    // Generate new keypairs for this test
    // We'll generate random test keys at startup
    String[] clientKeys = cryptoBox.keypairZ85();
    String clientPublic = clientKeys[0];
    String clientSecret = clientKeys[1];
    String[] serverKeys = cryptoBox.keypairZ85();
    String serverPublic = serverKeys[0];
    String serverSecret = serverKeys[1];
    String host = "tcp://127.0.0.1:*";
    Ctx ctx = ZMQ.createContext();
    // Spawn ZAP handler
    // We create and bind ZAP socket in main thread to avoid case
    // where child thread does not start up fast enough.
    SocketBase handler = ZMQ.socket(ctx, ZMQ.ZMQ_REP);
    assertThat(handler, notNullValue());
    boolean rc = ZMQ.bind(handler, "inproc://zeromq.zap.01");
    assertThat(rc, is(true));
    Thread thread = new Thread(new ZapHandler(handler, clientPublic));
    thread.start();
    // Server socket will accept connections
    SocketBase server = ZMQ.socket(ctx, ZMQ.ZMQ_DEALER);
    assertThat(server, notNullValue());
    ZMQ.setSocketOption(server, ZMQ.ZMQ_CURVE_SERVER, true);
    ZMQ.setSocketOption(server, ZMQ.ZMQ_CURVE_SECRETKEY, serverSecret);
    ZMQ.setSocketOption(server, ZMQ.ZMQ_IDENTITY, "IDENT");
    rc = ZMQ.bind(server, host);
    assertThat(rc, is(true));
    host = (String) ZMQ.getSocketOptionExt(server, ZMQ.ZMQ_LAST_ENDPOINT);
    int port = TestUtils.port(host);
    // Check CURVE security with valid credentials
    System.out.println("Test Correct CURVE security");
    SocketBase client = ZMQ.socket(ctx, ZMQ.ZMQ_DEALER);
    assertThat(client, notNullValue());
    ZMQ.setSocketOption(client, ZMQ.ZMQ_CURVE_SERVERKEY, serverPublic);
    ZMQ.setSocketOption(client, ZMQ.ZMQ_CURVE_PUBLICKEY, clientPublic);
    ZMQ.setSocketOption(client, ZMQ.ZMQ_CURVE_SECRETKEY, clientSecret);
    rc = ZMQ.connect(client, host);
    assertThat(rc, is(true));
    Helper.bounce(server, client);
    ZMQ.close(client);
    // Check CURVE security with a garbage server key
    // This will be caught by the curve_server class, not passed to ZAP
    System.out.println("Test bad server key CURVE security");
    String garbageKey = "0000000000000000000000000000000000000000";
    client = ZMQ.socket(ctx, ZMQ.ZMQ_DEALER);
    assertThat(client, notNullValue());
    ZMQ.setSocketOption(client, ZMQ.ZMQ_CURVE_SERVERKEY, garbageKey);
    ZMQ.setSocketOption(client, ZMQ.ZMQ_CURVE_PUBLICKEY, clientPublic);
    ZMQ.setSocketOption(client, ZMQ.ZMQ_CURVE_SECRETKEY, clientSecret);
    rc = ZMQ.connect(client, host);
    assertThat(rc, is(true));
    Helper.expectBounceFail(server, client);
    ZMQ.closeZeroLinger(client);
    // Check CURVE security with a garbage client public key
    // This will be caught by the curve_server class, not passed to ZAP
    System.out.println("Test bad client public key CURVE security");
    client = ZMQ.socket(ctx, ZMQ.ZMQ_DEALER);
    assertThat(client, notNullValue());
    ZMQ.setSocketOption(client, ZMQ.ZMQ_CURVE_SERVERKEY, serverPublic);
    ZMQ.setSocketOption(client, ZMQ.ZMQ_CURVE_PUBLICKEY, garbageKey);
    ZMQ.setSocketOption(client, ZMQ.ZMQ_CURVE_SECRETKEY, clientSecret);
    rc = ZMQ.connect(client, host);
    assertThat(rc, is(true));
    Helper.expectBounceFail(server, client);
    ZMQ.closeZeroLinger(client);
    // Check CURVE security with a garbage client secret key
    // This will be caught by the curve_server class, not passed to ZAP
    System.out.println("Test bad client public key CURVE security");
    client = ZMQ.socket(ctx, ZMQ.ZMQ_DEALER);
    assertThat(client, notNullValue());
    ZMQ.setSocketOption(client, ZMQ.ZMQ_CURVE_SERVERKEY, serverPublic);
    ZMQ.setSocketOption(client, ZMQ.ZMQ_CURVE_PUBLICKEY, clientPublic);
    ZMQ.setSocketOption(client, ZMQ.ZMQ_CURVE_SECRETKEY, garbageKey);
    rc = ZMQ.connect(client, host);
    assertThat(rc, is(true));
    Helper.expectBounceFail(server, client);
    ZMQ.closeZeroLinger(client);
    // Check CURVE security with bogus client credentials
    // This must be caught by the ZAP handler
    String[] bogus = cryptoBox.keypairZ85();
    String bogusPublic = bogus[0];
    String bogusSecret = bogus[1];
    System.out.println("Test bad client credentials CURVE security");
    client = ZMQ.socket(ctx, ZMQ.ZMQ_DEALER);
    assertThat(client, notNullValue());
    ZMQ.setSocketOption(client, ZMQ.ZMQ_CURVE_SERVERKEY, serverPublic);
    ZMQ.setSocketOption(client, ZMQ.ZMQ_CURVE_PUBLICKEY, bogusPublic);
    ZMQ.setSocketOption(client, ZMQ.ZMQ_CURVE_SECRETKEY, bogusSecret);
    rc = ZMQ.connect(client, host);
    assertThat(rc, is(true));
    Helper.expectBounceFail(server, client);
    ZMQ.closeZeroLinger(client);
    // Check CURVE security with NULL client credentials
    // This must be caught by the curve_server class, not passed to ZAP
    System.out.println("Test NULL client with CURVE security");
    client = ZMQ.socket(ctx, ZMQ.ZMQ_DEALER);
    assertThat(client, notNullValue());
    rc = ZMQ.connect(client, host);
    assertThat(rc, is(true));
    Helper.expectBounceFail(server, client);
    ZMQ.closeZeroLinger(client);
    // Check CURVE security with PLAIN client credentials
    // This must be caught by the curve_server class, not passed to ZAP
    System.out.println("Test PLAIN client with CURVE security");
    client = ZMQ.socket(ctx, ZMQ.ZMQ_DEALER);
    assertThat(client, notNullValue());
    ZMQ.setSocketOption(client, ZMQ.ZMQ_PLAIN_USERNAME, "user");
    ZMQ.setSocketOption(client, ZMQ.ZMQ_PLAIN_PASSWORD, "pass");
    rc = ZMQ.connect(client, host);
    assertThat(rc, is(true));
    Helper.expectBounceFail(server, client);
    ZMQ.closeZeroLinger(client);
    // Unauthenticated messages from a vanilla socket shouldn't be received
    System.out.println("Test unauthenticated from vanilla socket CURVE security");
    Socket sock = new Socket("127.0.0.1", port);
    // send anonymous ZMTP/1.0 greeting
    OutputStream out = sock.getOutputStream();
    out.write(new StringBuilder().append(0x01).append(0x00).toString().getBytes(ZMQ.CHARSET));
    // send sneaky message that shouldn't be received
    out.write(new StringBuilder().append(0x08).append(0x00).append("sneaky").append(0x00).toString().getBytes(ZMQ.CHARSET));
    int timeout = 250;
    ZMQ.setSocketOption(server, ZMQ.ZMQ_RCVTIMEO, timeout);
    Msg msg = ZMQ.recv(server, 0);
    assertThat(msg, nullValue());
    sock.close();
    // Check return codes for invalid buffer sizes
    // TODO
    System.out.println("Test return codes for invalid buffer sizes with CURVE security");
    client = ZMQ.socket(ctx, ZMQ.ZMQ_DEALER);
    assertThat(client, notNullValue());
    rc = ZMQ.setSocketOption(client, ZMQ.ZMQ_CURVE_SERVERKEY, new byte[123]);
    assertThat(rc, is(false));
    assertThat(client.errno.get(), is(ZError.EINVAL));
    rc = ZMQ.setSocketOption(client, ZMQ.ZMQ_CURVE_PUBLICKEY, new byte[123]);
    assertThat(rc, is(false));
    assertThat(client.errno.get(), is(ZError.EINVAL));
    rc = ZMQ.setSocketOption(client, ZMQ.ZMQ_CURVE_SECRETKEY, new byte[123]);
    assertThat(rc, is(false));
    assertThat(client.errno.get(), is(ZError.EINVAL));
    ZMQ.closeZeroLinger(client);
    ZMQ.closeZeroLinger(server);
    // Shutdown
    ZMQ.term(ctx);
    // Wait until ZAP handler terminates
    thread.join();
}
Also used : Msg(zmq.Msg) SocketBase(zmq.SocketBase) Ctx(zmq.Ctx) OutputStream(java.io.OutputStream) Curve(zmq.io.mechanism.curve.Curve) Socket(java.net.Socket) Test(org.junit.Test)

Example 3 with Curve

use of zmq.io.mechanism.curve.Curve in project jeromq by zeromq.

the class ZMonitorTest method testZMonitorCurveKo.

@Test(timeout = 5000)
public void testZMonitorCurveKo() throws IOException, InterruptedException {
    final List<ZEvent> receivedEventsClient = new ArrayList<>();
    final List<ZEvent> receivedEventsServer = new ArrayList<>();
    final byte[][] serverKeyPair = new Curve().keypair();
    final byte[] serverPublicKey = serverKeyPair[0];
    final byte[] serverSecretKey = serverKeyPair[1];
    final byte[][] clientKeyPair = new Curve().keypair();
    final byte[] clientPublicKey = clientKeyPair[0];
    final byte[] clientSecretKey = clientKeyPair[1];
    final ZContext ctx = new ZContext();
    final Socket client = ctx.createSocket(SocketType.PUSH);
    client.setCurveServerKey(serverPublicKey);
    client.setCurvePublicKey(clientPublicKey);
    client.setCurveSecretKey(serverSecretKey);
    final Socket server = ctx.createSocket(SocketType.PULL);
    server.setCurveServer(true);
    server.setCurveSecretKey(clientSecretKey);
    final ZMonitor clientMonitor = new ZMonitor(ctx, client);
    clientMonitor.verbose(true);
    clientMonitor.add(Event.ALL);
    clientMonitor.start();
    final ZMonitor serverMonitor = new ZMonitor(ctx, server);
    serverMonitor.verbose(true);
    serverMonitor.add(Event.ALL);
    serverMonitor.start();
    // Check server is now listening
    server.bind("tcp://127.0.0.1:34782");
    // Check server connected to client
    boolean rc = client.connect("tcp://127.0.0.1:" + 34782);
    Assert.assertTrue(rc);
    Thread.sleep(100);
    client.send("hello");
    Thread.sleep(100);
    client.close();
    ZEvent received;
    while ((received = clientMonitor.nextEvent(100)) != null) {
        receivedEventsClient.add(received);
    }
    clientMonitor.close();
    server.close();
    while ((received = serverMonitor.nextEvent(100)) != null) {
        receivedEventsServer.add(received);
    }
    serverMonitor.close();
    ctx.close();
    final Event[] expectedEventsClient = new Event[] { Event.CONNECT_DELAYED, Event.CONNECTED, Event.HANDSHAKE_PROTOCOL, Event.DISCONNECTED, Event.MONITOR_STOPPED };
    check(receivedEventsClient, expectedEventsClient);
    final Event[] expectedEventsServer = new Event[] { Event.LISTENING, Event.ACCEPTED, Event.HANDSHAKE_PROTOCOL, Event.HANDSHAKE_FAILED_PROTOCOL, Event.DISCONNECTED, Event.CLOSED, Event.MONITOR_STOPPED };
    check(receivedEventsServer, expectedEventsServer);
}
Also used : ZEvent(org.zeromq.ZMonitor.ZEvent) ArrayList(java.util.ArrayList) Curve(zmq.io.mechanism.curve.Curve) ZEvent(org.zeromq.ZMonitor.ZEvent) Event(org.zeromq.ZMonitor.Event) Socket(org.zeromq.ZMQ.Socket) Test(org.junit.Test)

Example 4 with Curve

use of zmq.io.mechanism.curve.Curve in project jeromq by zeromq.

the class ZMonitorTest method testZMonitorCurveOK.

@Test(timeout = 5000)
public void testZMonitorCurveOK() throws IOException {
    final List<ZEvent> receivedEventsClient = new ArrayList<>();
    final List<ZEvent> receivedEventsServer = new ArrayList<>();
    final byte[][] serverKeyPair = new Curve().keypair();
    final byte[] serverPublicKey = serverKeyPair[0];
    final byte[] serverSecretKey = serverKeyPair[1];
    final byte[][] clientKeyPair = new Curve().keypair();
    final byte[] clientPublicKey = clientKeyPair[0];
    final byte[] clientSecretKey = clientKeyPair[1];
    final ZContext ctx = new ZContext();
    final Socket client = ctx.createSocket(SocketType.PUSH);
    client.setCurveServerKey(serverPublicKey);
    client.setCurvePublicKey(clientPublicKey);
    client.setCurveSecretKey(clientSecretKey);
    final Socket server = ctx.createSocket(SocketType.PULL);
    server.setCurveServer(true);
    server.setCurveSecretKey(serverSecretKey);
    final ZMonitor clientMonitor = new ZMonitor(ctx, client);
    clientMonitor.verbose(true);
    clientMonitor.add(Event.ALL);
    clientMonitor.start();
    final ZMonitor serverMonitor = new ZMonitor(ctx, server);
    serverMonitor.verbose(true);
    serverMonitor.add(Event.ALL);
    serverMonitor.start();
    // Check server is now listening
    int port = server.bindToRandomPort("tcp://127.0.0.1");
    // Check server connected to client
    boolean rc = client.connect("tcp://127.0.0.1:" + port);
    client.send("hello");
    server.recvStr();
    Assert.assertTrue(rc);
    client.close();
    ZEvent received;
    while ((received = clientMonitor.nextEvent(100)) != null) {
        receivedEventsClient.add(received);
    }
    clientMonitor.close();
    server.close();
    while ((received = serverMonitor.nextEvent(100)) != null) {
        receivedEventsServer.add(received);
    }
    serverMonitor.close();
    ctx.close();
    // [ZEvent [_PROTOCOL, code=32768, address=tcp://127.0.0.1:53682, value=3], ZEvent [type=DISCONNECTED, code=512, address=tcp://127.0.0.1:53682, value=null]]
    final Event[] expectedEventsClient = new Event[] { Event.CONNECT_DELAYED, Event.CONNECTED, Event.HANDSHAKE_PROTOCOL, Event.MONITOR_STOPPED };
    check(receivedEventsClient, expectedEventsClient);
    final Event[] expectedEventsServer = new Event[] { Event.LISTENING, Event.ACCEPTED, Event.HANDSHAKE_PROTOCOL, Event.DISCONNECTED, Event.CLOSED, Event.MONITOR_STOPPED };
    check(receivedEventsServer, expectedEventsServer);
}
Also used : ArrayList(java.util.ArrayList) Curve(zmq.io.mechanism.curve.Curve) ZEvent(org.zeromq.ZMonitor.ZEvent) ZEvent(org.zeromq.ZMonitor.ZEvent) Event(org.zeromq.ZMonitor.Event) Socket(org.zeromq.ZMQ.Socket) Test(org.junit.Test)

Aggregations

Test (org.junit.Test)4 Curve (zmq.io.mechanism.curve.Curve)4 ArrayList (java.util.ArrayList)2 Socket (org.zeromq.ZMQ.Socket)2 Event (org.zeromq.ZMonitor.Event)2 ZEvent (org.zeromq.ZMonitor.ZEvent)2 Ctx (zmq.Ctx)2 SocketBase (zmq.SocketBase)2 OutputStream (java.io.OutputStream)1 Socket (java.net.Socket)1 Msg (zmq.Msg)1