CertificateValidationTest.java example

Explorer
coprhd-controller-master
/*
 * Copyright (c) 2015 EMC Corporation
 * All Rights Reserved
 */
package com.emc.storageos.api.service.impl.resource;

import org.junit.Assert;
import org.junit.Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import java.io.InputStream;

public class CertificateValidationTest {

    private static final Logger _log = LoggerFactory.getLogger(CertificateValidationTest.class);

    /**
     * the certificate is a vipr auto-generated one, and it is for 1+0 cluster.
     * VIP: 10.247.101.102 (lglw1102.lss.emc.com)
     * vipr1: 10.247.101.103 (lglw1103.lss.emc.com)
     */
    @Test
    public void validateSelfSignedCert() throws Exception {

        InputStream is = ClassLoader.class.getResourceAsStream("/certificate-lglw1102.txt");
        String certStr = convertStreamToString(is);

        VirtualDataCenterService.verifyVdcCert(certStr, "lglw1102.lss.emc.com", true);
        VirtualDataCenterService.verifyVdcCert(certStr, "lglw1103.lss.emc.com", true);
        VirtualDataCenterService.verifyVdcCert(certStr, "10.247.101.102", true);
        VirtualDataCenterService.verifyVdcCert(certStr, "10.247.101.103", true);

        // negative tests
        try {
            VirtualDataCenterService.verifyVdcCert(certStr, "lglw1104.lss.emc.com", true);
            Assert.fail("should fail");
        } catch (Exception e) {
            Assert.assertTrue(e.getMessage().contains("does not match any subject names in certificate"));
        }

        try {
            VirtualDataCenterService.verifyVdcCert(certStr, "10.247.101.104", true);
            Assert.fail("should fail");
        } catch (Exception e) {
            Assert.assertTrue(e.getMessage().contains("does not match any subject names in certificate"));
        }
    }

    /**
     * this is a CA signed certification, the subject is lglw2051.lss.emc.com (10.247.102.51)
     * 
     * @throws Exception
     */
    @Test
    public void validateCASignedCert() throws Exception {
        InputStream is = ClassLoader.class.getResourceAsStream("/ca-certificate-lglw2051.pem");
        String certStr = convertStreamToString(is);

        VirtualDataCenterService.verifyVdcCert(certStr, "lglw2051.lss.emc.com", true);
        VirtualDataCenterService.verifyVdcCert(certStr, "10.247.102.51", true);

        // negative tests
        try {
            VirtualDataCenterService.verifyVdcCert(certStr, "lglw1104.lss.emc.com", true);
            Assert.fail("should fail");
        } catch (Exception e) {
            Assert.assertTrue(e.getMessage().contains("does not match any subject names in certificate"));
        }

        try {
            VirtualDataCenterService.verifyVdcCert(certStr, "10.247.101.104", true);
            Assert.fail("should fail");
        } catch (Exception e) {
            Assert.assertTrue(e.getMessage().contains("does not match any subject names in certificate"));
        }
    }

    private String convertStreamToString(java.io.InputStream is) {
        java.util.Scanner s = new java.util.Scanner(is).useDelimiter("\\A");
        return s.hasNext() ? s.next() : "";
    }

}