/******************************************************************************
* Copyright (c) 2012-2014 VMware, Inc. All Rights Reserved.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*****************************************************************************/
package com.vmware.bdd.security.tls;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import org.testng.Assert;
import org.testng.annotations.AfterMethod;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;
import com.vmware.bdd.apitypes.Password;
/**
* Created By xiaoliangl on 11/28/14.
*/
public class TestTlsClient {
private final static String KEY_STORE_PATH = System.getProperty("java.io.tmpdir") + File.separator + "keystore.jks";
@BeforeMethod
public void beforeMethod() throws IOException {
InputStream is = TestTlsClient.class.getResourceAsStream("/com/vmware/bdd/security/tls/keystore.jks");
FileOutputStream fos = new FileOutputStream(KEY_STORE_PATH);
try {
byte[] temp = new byte[512];
int count = is.read(temp);
while (count != -1) {
fos.write(temp, 0, count);
count = is.read(temp);
}
} finally {
try {
is.close();
} finally {
fos.close();
}
}
trustManager = new SimpleServerTrustManager();
trustManager.setTrustStoreConfig(new TrustStoreConfig() {
@Override
public String getType() {
return "JKS";
}
@Override
public String getPath() {
return KEY_STORE_PATH;
}
@Override
public Password getPassword() {
return new Password() {
@Override
public String getPlainString() {
return "changeit";
}
@Override
public char[] getPlainChars() {
return getPlainString().toCharArray();
}
};
}
});
helper.setTrustManager(trustManager);
}
private SimpleServerTrustManager trustManager;
private TlsTcpClient helper = new TlsTcpClient();
@AfterMethod
public void afterMethod() {
new File(KEY_STORE_PATH).delete();
}
@Test(expectedExceptions = {UntrustedCertificateException.class})
public void testConnectFirstly() throws IOException {
try {
helper.checkCertificateFirstly("wiki.eng.vmware.com", 443, false);
} catch (UntrustedCertificateException uce) {
CertificateInfo certInfo = uce.getCertInfo();
Assert.assertNotNull(certInfo);
Assert.assertEquals(certInfo.getSubjectDn(), "CN=*.eng.vmware.com, O=\"VMware, Inc.\", L=Palo Alto, ST=California, C=US");
Assert.assertEquals(certInfo.getIssuerDn(), "CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=DigiCert Inc, C=US");
Assert.assertEquals(certInfo.getSerialNumber(), "09881EA1812A7891F0F1227BEB39A6D4");
Assert.assertEquals(certInfo.getSha1Fingerprint(), "9005D818D76E908558C29793A0231FDC90A794FC");
Assert.assertNotNull(certInfo.getNotAfter());
Assert.assertNotNull(certInfo.getNotBefore());
throw uce;
}
// helper.checkCertificateFirstly("10.112.113.182", 8443);
// helper.checkCertificateFirstly("10.112.113.137", 636);
}
@Test
public void testConnectAgainAndAgain() throws IOException {
helper.checkCertificateFirstly("wiki.eng.vmware.com", 443, true);
helper.checkCertificateFirstly("wiki.eng.vmware.com", 443, true);
}
@Test
public void testConnectAgain() throws IOException {
helper.checkCertificateFirstly("wiki.eng.vmware.com", 443, true);
}
@Test(expectedExceptions = {TruststoreException.class})
public void testCheckCertFirstly_wrongPassphrase() {
trustManager.setTrustStoreConfig(new TrustStoreConfig() {
@Override
public String getType() {
return "JKS";
}
@Override
public String getPath() {
return KEY_STORE_PATH;
}
@Override
public Password getPassword() {
return new Password() {
@Override
public String getPlainString() {
return "badpassword";
}
@Override
public char[] getPlainChars() {
return getPlainString().toCharArray();
}
};
}
});
helper.checkCertificateFirstly("wiki.eng.vmware.com", 443, false);
}
@Test(expectedExceptions = {TruststoreException.class})
public void test_keystoreNotFound() {
trustManager.setTrustStoreConfig(new TrustStoreConfig() {
@Override
public String getType() {
return "JKS";
}
@Override
public String getPath() {
return "filenotfound";
}
@Override
public Password getPassword() {
return new Password() {
@Override
public String getPlainString() {
return "changeit";
}
@Override
public char[] getPlainChars() {
return getPlainString().toCharArray();
}
};
}
});
helper.checkCertificateFirstly("wiki.eng.vmware.com", 443, false);
}
@Test(expectedExceptions = {TlsConnectionException.class})
public void testCheckCertFirstly_plain() {
helper.checkCertificateFirstly("www.vmware.com", 80, false);
}
@Test(expectedExceptions = {TlsConnectionException.class})
public void testCheckCertFirstly_unknownServer() {
helper.checkCertificateFirstly("www.unknown.com", 80, false);
}
}