You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2020/08/18 12:10:50 UTC

[cxf] branch master updated: Adding SSLContext test

This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf.git


The following commit(s) were added to refs/heads/master by this push:
     new 6765f6c  Adding SSLContext test
6765f6c is described below

commit 6765f6ccf6b5611461ab8e361a729629119e633b
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Tue Aug 18 13:10:24 2020 +0100

    Adding SSLContext test
---
 .../https/ciphersuites/CipherSuitesTest.java       | 63 ++++++++++++++++++++++
 1 file changed, 63 insertions(+)

diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/https/ciphersuites/CipherSuitesTest.java b/systests/transports/src/test/java/org/apache/cxf/systest/https/ciphersuites/CipherSuitesTest.java
index c81f98c..3fee468 100644
--- a/systests/transports/src/test/java/org/apache/cxf/systest/https/ciphersuites/CipherSuitesTest.java
+++ b/systests/transports/src/test/java/org/apache/cxf/systest/https/ciphersuites/CipherSuitesTest.java
@@ -19,7 +19,9 @@
 
 package org.apache.cxf.systest.https.ciphersuites;
 
+import java.io.InputStream;
 import java.net.URL;
+import java.security.KeyStore;
 import java.util.Arrays;
 import java.util.Collection;
 import java.util.Collections;
@@ -27,16 +29,20 @@ import java.util.Collections;
 import javax.crypto.Cipher;
 import javax.crypto.SecretKey;
 import javax.crypto.spec.SecretKeySpec;
+import javax.net.ssl.SSLContext;
 import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
 import javax.xml.ws.BindingProvider;
 
 import org.apache.cxf.Bus;
 import org.apache.cxf.BusFactory;
 import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.cxf.common.classloader.ClassLoaderUtils;
 import org.apache.cxf.configuration.jsse.TLSClientParameters;
 import org.apache.cxf.endpoint.Client;
 import org.apache.cxf.frontend.ClientProxy;
 import org.apache.cxf.helpers.JavaUtils;
+import org.apache.cxf.systest.https.clientauth.ClientAuthTest;
 import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
 import org.apache.cxf.transport.http.HTTPConduit;
 import org.apache.cxf.transport.https.InsecureTrustManager;
@@ -488,6 +494,63 @@ public class CipherSuitesTest extends AbstractBusClientServerTestBase {
         bus.shutdown(true);
     }
 
+    // Both client + server include AES, client is TLSv1.1
+    @org.junit.Test
+    public void testAESIncludedTLSv11UsingSSLContext() throws Exception {
+        // Doesn't work with IBM JDK
+        if ("IBM Corporation".equals(System.getProperty("java.vendor"))) {
+            return;
+        }
+
+        SpringBusFactory bf = new SpringBusFactory();
+        URL busFile = CipherSuitesTest.class.getResource("ciphersuites-client-noconfig.xml");
+
+        Bus bus = bf.createBus(busFile.toString());
+        BusFactory.setDefaultBus(bus);
+        BusFactory.setThreadDefaultBus(bus);
+
+        URL url = SOAPService.WSDL_LOCATION;
+        SOAPService service = new SOAPService(url, SOAPService.SERVICE);
+        assertNotNull("Service is null", service);
+        final Greeter port = service.getHttpsPort();
+        assertNotNull("Port is null", port);
+
+        updateAddressPort(port, PORT);
+
+        // Enable Async
+        if (async) {
+            ((BindingProvider)port).getRequestContext().put("use.async.http.conduit", true);
+        }
+
+        Client client = ClientProxy.getClient(port);
+        HTTPConduit conduit = (HTTPConduit) client.getConduit();
+
+        // Set up KeyManagers/TrustManagers
+        KeyStore ts = KeyStore.getInstance("JKS");
+        try (InputStream trustStore =
+                     ClassLoaderUtils.getResourceAsStream("keys/Truststore.jks", ClientAuthTest.class)) {
+            ts.load(trustStore, "password".toCharArray());
+        }
+
+        TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+        tmf.init(ts);
+
+        SSLContext sslContext = SSLContext.getInstance("TLSv1");
+        sslContext.init(null, tmf.getTrustManagers(), new java.security.SecureRandom());
+
+        TLSClientParameters tlsParams = new TLSClientParameters();
+        tlsParams.setDisableCNCheck(true);
+        tlsParams.setSSLSocketFactory(sslContext.getSocketFactory());
+
+        conduit.setTlsClientParameters(tlsParams);
+
+        assertEquals(port.greetMe("Kitty"), "Hello Kitty");
+
+        ((java.io.Closeable)port).close();
+        bus.shutdown(true);
+    }
+
+
     // Both client + server include AES, client is TLSv1.0
     @org.junit.Test
     public void testAESIncludedTLSv10() throws Exception {