You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2020/08/18 12:10:50 UTC
[cxf] branch master updated: Adding SSLContext test
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf.git
The following commit(s) were added to refs/heads/master by this push:
new 6765f6c Adding SSLContext test
6765f6c is described below
commit 6765f6ccf6b5611461ab8e361a729629119e633b
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Tue Aug 18 13:10:24 2020 +0100
Adding SSLContext test
---
.../https/ciphersuites/CipherSuitesTest.java | 63 ++++++++++++++++++++++
1 file changed, 63 insertions(+)
diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/https/ciphersuites/CipherSuitesTest.java b/systests/transports/src/test/java/org/apache/cxf/systest/https/ciphersuites/CipherSuitesTest.java
index c81f98c..3fee468 100644
--- a/systests/transports/src/test/java/org/apache/cxf/systest/https/ciphersuites/CipherSuitesTest.java
+++ b/systests/transports/src/test/java/org/apache/cxf/systest/https/ciphersuites/CipherSuitesTest.java
@@ -19,7 +19,9 @@
package org.apache.cxf.systest.https.ciphersuites;
+import java.io.InputStream;
import java.net.URL;
+import java.security.KeyStore;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
@@ -27,16 +29,20 @@ import java.util.Collections;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
+import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
import javax.xml.ws.BindingProvider;
import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.cxf.common.classloader.ClassLoaderUtils;
import org.apache.cxf.configuration.jsse.TLSClientParameters;
import org.apache.cxf.endpoint.Client;
import org.apache.cxf.frontend.ClientProxy;
import org.apache.cxf.helpers.JavaUtils;
+import org.apache.cxf.systest.https.clientauth.ClientAuthTest;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
import org.apache.cxf.transport.http.HTTPConduit;
import org.apache.cxf.transport.https.InsecureTrustManager;
@@ -488,6 +494,63 @@ public class CipherSuitesTest extends AbstractBusClientServerTestBase {
bus.shutdown(true);
}
+ // Both client + server include AES, client is TLSv1.1
+ @org.junit.Test
+ public void testAESIncludedTLSv11UsingSSLContext() throws Exception {
+ // Doesn't work with IBM JDK
+ if ("IBM Corporation".equals(System.getProperty("java.vendor"))) {
+ return;
+ }
+
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = CipherSuitesTest.class.getResource("ciphersuites-client-noconfig.xml");
+
+ Bus bus = bf.createBus(busFile.toString());
+ BusFactory.setDefaultBus(bus);
+ BusFactory.setThreadDefaultBus(bus);
+
+ URL url = SOAPService.WSDL_LOCATION;
+ SOAPService service = new SOAPService(url, SOAPService.SERVICE);
+ assertNotNull("Service is null", service);
+ final Greeter port = service.getHttpsPort();
+ assertNotNull("Port is null", port);
+
+ updateAddressPort(port, PORT);
+
+ // Enable Async
+ if (async) {
+ ((BindingProvider)port).getRequestContext().put("use.async.http.conduit", true);
+ }
+
+ Client client = ClientProxy.getClient(port);
+ HTTPConduit conduit = (HTTPConduit) client.getConduit();
+
+ // Set up KeyManagers/TrustManagers
+ KeyStore ts = KeyStore.getInstance("JKS");
+ try (InputStream trustStore =
+ ClassLoaderUtils.getResourceAsStream("keys/Truststore.jks", ClientAuthTest.class)) {
+ ts.load(trustStore, "password".toCharArray());
+ }
+
+ TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+ tmf.init(ts);
+
+ SSLContext sslContext = SSLContext.getInstance("TLSv1");
+ sslContext.init(null, tmf.getTrustManagers(), new java.security.SecureRandom());
+
+ TLSClientParameters tlsParams = new TLSClientParameters();
+ tlsParams.setDisableCNCheck(true);
+ tlsParams.setSSLSocketFactory(sslContext.getSocketFactory());
+
+ conduit.setTlsClientParameters(tlsParams);
+
+ assertEquals(port.greetMe("Kitty"), "Hello Kitty");
+
+ ((java.io.Closeable)port).close();
+ bus.shutdown(true);
+ }
+
+
// Both client + server include AES, client is TLSv1.0
@org.junit.Test
public void testAESIncludedTLSv10() throws Exception {