You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ozone.apache.org by GitBox <gi...@apache.org> on 2020/01/22 00:24:31 UTC

[GitHub] [hadoop-ozone] abhishekaypurohit opened a new pull request #471: HDDS-2906. Added Unit Test Cases ofr CRLCodec

abhishekaypurohit opened a new pull request #471: HDDS-2906. Added Unit Test Cases ofr CRLCodec
URL: https://github.com/apache/hadoop-ozone/pull/471
 
 
   ## What changes were proposed in this pull request?
   
   Added more Unit Tests for CRLCodec
   
   ## What is the link to the Apache JIRA
   
   https://issues.apache.org/jira/browse/HDDS-2906
   
   ## How was this patch tested?
   
   mvn build and unit tests. 
   
   
   @anuengineer 

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

---------------------------------------------------------------------
To unsubscribe, e-mail: ozone-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: ozone-issues-help@hadoop.apache.org

[GitHub] [hadoop-ozone] abhishekaypurohit commented on a change in pull request #471: HDDS-2906. Added Unit Test Cases ofr CRLCodec

Posted by GitBox <gi...@apache.org>.

abhishekaypurohit commented on a change in pull request #471: HDDS-2906. Added Unit Test Cases ofr CRLCodec
URL: https://github.com/apache/hadoop-ozone/pull/471#discussion_r370308383
 
 

 ##########
 File path: hadoop-hdds/common/src/test/java/org/apache/hadoop/hdds/security/x509/certificate/utils/TestCRLCodec.java
 ##########
 @@ -101,11 +122,124 @@ public void testWriteCRL() throws IOException, OperatorCreationException {
         builder.build(contentSignerBuilder.build(privateKey));
 
     CRLCodec crlCodec = new CRLCodec(securityConfig);
-    crlCodec.writeCRL(cRLHolder, CRL_FILE_NAME, true);
+    crlCodec.writeCRL(cRLHolder, this.securityConfig.getCrlName(), true);
 
     X509CRLEntryHolder entryHolder =
         cRLHolder.getRevokedCertificate(BigInteger.ONE);
     assertNotNull(entryHolder);
+
+    // verify file generation
+    File crlFile =
+        Paths.get(crlCodec.getLocation().toString(),
+                  this.securityConfig.getCrlName()).toFile();
+    assertTrue(crlFile.exists());
+
+    try (BufferedReader reader = new BufferedReader(new FileReader(crlFile))){
+
+      // Verify contents of the file
+      String header = reader.readLine();
+      assertEquals("-----BEGIN X509 CRL-----", header);
+
+      String footer = null;
+      String line = null;
+      while ((line = reader.readLine()) != null) {
+        footer = line;
+      }
+      assertEquals("-----END X509 CRL-----", footer);
+    }
+  }
+
+  @Test
+  public void testWriteCRLX509() throws IOException,
+      OperatorCreationException, CertificateException, CRLException {
+
+    X500Name issuer = x509CertificateHolder.getIssuer();
+    Date now = new Date();
+    X509v2CRLBuilder builder = new X509v2CRLBuilder(issuer, now);
+    builder.addCRLEntry(x509CertificateHolder.getSerialNumber(), now,
+                        CRLReason.cACompromise);
+
+    InputStream inStream = null;
+    byte[] crlBytes = TMP_CRL_ENTRY.getBytes();
+    try {
 
 Review comment:
   Done. 

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

---------------------------------------------------------------------
To unsubscribe, e-mail: ozone-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: ozone-issues-help@hadoop.apache.org

[GitHub] [hadoop-ozone] abhishekaypurohit commented on a change in pull request #471: HDDS-2906. Added Unit Test Cases ofr CRLCodec

Posted by GitBox <gi...@apache.org>.

abhishekaypurohit commented on a change in pull request #471: HDDS-2906. Added Unit Test Cases ofr CRLCodec
URL: https://github.com/apache/hadoop-ozone/pull/471#discussion_r370308521
 
 

 ##########
 File path: hadoop-hdds/common/src/main/java/org/apache/hadoop/hdds/security/x509/certificate/utils/CRLCodec.java
 ##########
 @@ -78,7 +78,7 @@ public CRLCodec(SecurityConfig securityConfig) {
    * Returns a X509 CRL from the CRL Holder.
    *
    * @param holder - Holder
-   * @return X509Certificate.
+   * @return X509CRL - X509 CRL.
    * @throws CRLException - on Error.
    */
   public static X509CRL get509CRL(X509CRLHolder holder)
 
 Review comment:
   Good point. Done. 

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

---------------------------------------------------------------------
To unsubscribe, e-mail: ozone-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: ozone-issues-help@hadoop.apache.org

[GitHub] [hadoop-ozone] xiaoyuyao commented on a change in pull request #471: HDDS-2906. Added Unit Test Cases ofr CRLCodec

Posted by GitBox <gi...@apache.org>.

xiaoyuyao commented on a change in pull request #471: HDDS-2906. Added Unit Test Cases ofr CRLCodec
URL: https://github.com/apache/hadoop-ozone/pull/471#discussion_r370293102
 
 

 ##########
 File path: hadoop-hdds/common/src/main/java/org/apache/hadoop/hdds/security/x509/certificate/utils/CRLCodec.java
 ##########
 @@ -78,7 +78,7 @@ public CRLCodec(SecurityConfig securityConfig) {
    * Returns a X509 CRL from the CRL Holder.
    *
    * @param holder - Holder
-   * @return X509Certificate.
+   * @return X509CRL - X509 CRL.
    * @throws CRLException - on Error.
    */
   public static X509CRL get509CRL(X509CRLHolder holder)
 
 Review comment:
   NIT: should we rename the method from get509CRL to getX509CRL?

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

---------------------------------------------------------------------
To unsubscribe, e-mail: ozone-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: ozone-issues-help@hadoop.apache.org

[GitHub] [hadoop-ozone] xiaoyuyao merged pull request #471: HDDS-2906. Added Unit Test Cases ofr CRLCodec

Posted by GitBox <gi...@apache.org>.

xiaoyuyao merged pull request #471: HDDS-2906. Added Unit Test Cases ofr CRLCodec
URL: https://github.com/apache/hadoop-ozone/pull/471
 
 
   

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

---------------------------------------------------------------------
To unsubscribe, e-mail: ozone-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: ozone-issues-help@hadoop.apache.org

[GitHub] [hadoop-ozone] xiaoyuyao commented on a change in pull request #471: HDDS-2906. Added Unit Test Cases ofr CRLCodec

Posted by GitBox <gi...@apache.org>.

xiaoyuyao commented on a change in pull request #471: HDDS-2906. Added Unit Test Cases ofr CRLCodec
URL: https://github.com/apache/hadoop-ozone/pull/471#discussion_r370297284
 
 

 ##########
 File path: hadoop-hdds/common/src/test/java/org/apache/hadoop/hdds/security/x509/certificate/utils/TestCRLCodec.java
 ##########
 @@ -101,11 +122,124 @@ public void testWriteCRL() throws IOException, OperatorCreationException {
         builder.build(contentSignerBuilder.build(privateKey));
 
     CRLCodec crlCodec = new CRLCodec(securityConfig);
-    crlCodec.writeCRL(cRLHolder, CRL_FILE_NAME, true);
+    crlCodec.writeCRL(cRLHolder, this.securityConfig.getCrlName(), true);
 
     X509CRLEntryHolder entryHolder =
         cRLHolder.getRevokedCertificate(BigInteger.ONE);
     assertNotNull(entryHolder);
+
+    // verify file generation
+    File crlFile =
+        Paths.get(crlCodec.getLocation().toString(),
+                  this.securityConfig.getCrlName()).toFile();
+    assertTrue(crlFile.exists());
+
+    try (BufferedReader reader = new BufferedReader(new FileReader(crlFile))){
+
+      // Verify contents of the file
+      String header = reader.readLine();
+      assertEquals("-----BEGIN X509 CRL-----", header);
+
+      String footer = null;
+      String line = null;
+      while ((line = reader.readLine()) != null) {
+        footer = line;
+      }
+      assertEquals("-----END X509 CRL-----", footer);
+    }
+  }
+
+  @Test
+  public void testWriteCRLX509() throws IOException,
+      OperatorCreationException, CertificateException, CRLException {
+
+    X500Name issuer = x509CertificateHolder.getIssuer();
+    Date now = new Date();
+    X509v2CRLBuilder builder = new X509v2CRLBuilder(issuer, now);
+    builder.addCRLEntry(x509CertificateHolder.getSerialNumber(), now,
+                        CRLReason.cACompromise);
+
+    InputStream inStream = null;
+    byte[] crlBytes = TMP_CRL_ENTRY.getBytes();
+    try {
 
 Review comment:
   NIT: the InputStream can be wrapped with try-with-resource.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

---------------------------------------------------------------------
To unsubscribe, e-mail: ozone-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: ozone-issues-help@hadoop.apache.org

[GitHub] [hadoop-ozone] xiaoyuyao commented on issue #471: HDDS-2906. Added Unit Test Cases ofr CRLCodec

Posted by GitBox <gi...@apache.org>.

xiaoyuyao commented on issue #471: HDDS-2906. Added Unit Test Cases ofr CRLCodec
URL: https://github.com/apache/hadoop-ozone/pull/471#issuecomment-577914188
 
 
   +1 I will merge it shortly.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

---------------------------------------------------------------------
To unsubscribe, e-mail: ozone-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: ozone-issues-help@hadoop.apache.org