You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by co...@apache.org on 2019/05/24 19:39:29 UTC
[camel] 07/21: Adding TLS tests
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch camel-2.x
in repository https://gitbox.apache.org/repos/asf/camel.git
commit 0117334304fc89585acd2638c95affd999cdeba2
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Thu Apr 18 16:46:10 2019 +0100
Adding TLS tests
---
.../java/org/apache/camel/coap/CoAPEndpoint.java | 44 +++++----
.../apache/camel/coap/CoAPComponentTLSTest.java | 75 +++++++++++++++
.../camel/coap/CoAPRestComponentTLSTest.java | 101 +++++++++++++++++++++
.../camel-coap/src/test/resources/client.jks | Bin 0 -> 2306 bytes
.../camel-coap/src/test/resources/service.jks | Bin 0 -> 2308 bytes
.../camel-coap/src/test/resources/truststore.jks | Bin 0 -> 717 bytes
6 files changed, 202 insertions(+), 18 deletions(-)
diff --git a/components/camel-coap/src/main/java/org/apache/camel/coap/CoAPEndpoint.java b/components/camel-coap/src/main/java/org/apache/camel/coap/CoAPEndpoint.java
index 6076cc2..e2d9dbb 100644
--- a/components/camel-coap/src/main/java/org/apache/camel/coap/CoAPEndpoint.java
+++ b/components/camel-coap/src/main/java/org/apache/camel/coap/CoAPEndpoint.java
@@ -268,17 +268,21 @@ public class CoAPEndpoint extends DefaultEndpoint {
}
private Certificate[] getTrustedCerts() throws KeyStoreException {
- Enumeration<String> aliases = truststore.aliases();
- List<Certificate> trustCerts = new ArrayList<>();
- while (aliases.hasMoreElements()) {
- String alias = aliases.nextElement();
- X509Certificate cert = (X509Certificate) truststore.getCertificate(alias);
- if (cert != null) {
- trustCerts.add(cert);
+ if (truststore != null) {
+ Enumeration<String> aliases = truststore.aliases();
+ List<Certificate> trustCerts = new ArrayList<>();
+ while (aliases.hasMoreElements()) {
+ String alias = aliases.nextElement();
+ X509Certificate cert = (X509Certificate) truststore.getCertificate(alias);
+ if (cert != null) {
+ trustCerts.add(cert);
+ }
}
+
+ return trustCerts.toArray(new Certificate[0]);
}
- return trustCerts.toArray(new Certificate[0]);
+ return new Certificate[0];
}
public static boolean enableTLS(URI uri) {
@@ -286,10 +290,15 @@ public class CoAPEndpoint extends DefaultEndpoint {
}
public DTLSConnector createDTLSConnector(InetSocketAddress address, boolean client) {
- if (getTruststore() == null) {
- throw new IllegalStateException("A truststore must be configured to use TLS");
- }
- if (!client) {
+
+ DtlsConnectorConfig.Builder builder = new DtlsConnectorConfig.Builder();
+ if (client) {
+ if (getTruststore() == null) {
+ throw new IllegalStateException("A truststore must be configured to use TLS");
+ }
+
+ builder.setClientOnly();
+ } else {
if (getKeystore() == null) {
throw new IllegalStateException("A keystore must be configured to use TLS");
}
@@ -299,12 +308,11 @@ public class CoAPEndpoint extends DefaultEndpoint {
if (getPassword() == null) {
throw new IllegalStateException("A password must be configured to use TLS");
}
- }
-
- DtlsConnectorConfig.Builder builder = new DtlsConnectorConfig.Builder();
- if (client) {
- builder.setClientOnly();
- } else {
+ if ((isClientAuthenticationRequired() || isClientAuthenticationWanted())
+ && getTruststore() == null) {
+ throw new IllegalStateException("A truststore must be configured to support TLS client authentication");
+ }
+
builder.setAddress(address);
builder.setClientAuthenticationRequired(isClientAuthenticationRequired());
builder.setClientAuthenticationWanted(isClientAuthenticationWanted());
diff --git a/components/camel-coap/src/test/java/org/apache/camel/coap/CoAPComponentTLSTest.java b/components/camel-coap/src/test/java/org/apache/camel/coap/CoAPComponentTLSTest.java
new file mode 100644
index 0000000..dfd5664
--- /dev/null
+++ b/components/camel-coap/src/test/java/org/apache/camel/coap/CoAPComponentTLSTest.java
@@ -0,0 +1,75 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.coap;
+
+import org.apache.camel.Exchange;
+import org.apache.camel.Produce;
+import org.apache.camel.ProducerTemplate;
+import org.apache.camel.builder.RouteBuilder;
+import org.apache.camel.component.mock.MockEndpoint;
+import org.apache.camel.support.jsse.KeyStoreParameters;
+import org.apache.camel.test.AvailablePortFinder;
+import org.apache.camel.test.junit4.CamelTestSupport;
+import org.eclipse.californium.core.coap.CoAP;
+import org.eclipse.californium.core.coap.MediaTypeRegistry;
+import org.junit.Test;
+
+public class CoAPComponentTLSTest extends CamelTestSupport {
+
+ protected static final int PORT = AvailablePortFinder.getNextAvailable();
+
+ @Produce("direct:start")
+ protected ProducerTemplate sender;
+
+ @Test
+ public void testTLS() throws Exception {
+ MockEndpoint mock = getMockEndpoint("mock:result");
+ mock.expectedMinimumMessageCount(1);
+ mock.expectedBodiesReceived("Hello Camel CoAP");
+ mock.expectedHeaderReceived(Exchange.CONTENT_TYPE, MediaTypeRegistry.toString(MediaTypeRegistry.APPLICATION_OCTET_STREAM));
+ mock.expectedHeaderReceived(CoAPConstants.COAP_RESPONSE_CODE, CoAP.ResponseCode.CONTENT.toString());
+ sender.sendBodyAndHeader("Camel CoAP", CoAPConstants.COAP_METHOD, "POST");
+ assertMockEndpointsSatisfied();
+ }
+
+ @Override
+ protected RouteBuilder createRouteBuilder() throws Exception {
+ KeyStoreParameters keystoreParameters = new KeyStoreParameters();
+ keystoreParameters.setResource("service.jks");
+ keystoreParameters.setPassword("security");
+
+ KeyStoreParameters truststoreParameters = new KeyStoreParameters();
+ truststoreParameters.setResource("truststore.jks");
+ truststoreParameters.setPassword("storepass");
+
+ context.getRegistry().bind("keyParams", keystoreParameters);
+ context.getRegistry().bind("trustParams", truststoreParameters);
+
+ return new RouteBuilder() {
+ @Override
+ public void configure() throws Exception {
+ fromF("coaps://localhost:%d/TestResource?alias=service&password=security&"
+ + "keyStoreParameters=#keyParams", PORT)
+ .transform(body().prepend("Hello "));
+
+ from("direct:start")
+ .toF("coaps://localhost:%d/TestResource?trustStoreParameters=#trustParams", PORT)
+ .to("mock:result");
+ }
+ };
+ }
+}
diff --git a/components/camel-coap/src/test/java/org/apache/camel/coap/CoAPRestComponentTLSTest.java b/components/camel-coap/src/test/java/org/apache/camel/coap/CoAPRestComponentTLSTest.java
new file mode 100644
index 0000000..8d94bce
--- /dev/null
+++ b/components/camel-coap/src/test/java/org/apache/camel/coap/CoAPRestComponentTLSTest.java
@@ -0,0 +1,101 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.coap;
+
+import org.apache.camel.Exchange;
+import org.apache.camel.Processor;
+import org.apache.camel.Produce;
+import org.apache.camel.ProducerTemplate;
+import org.apache.camel.builder.RouteBuilder;
+import org.apache.camel.component.mock.MockEndpoint;
+import org.apache.camel.support.jsse.KeyStoreParameters;
+import org.apache.camel.test.AvailablePortFinder;
+import org.apache.camel.test.junit4.CamelTestSupport;
+import org.eclipse.californium.core.coap.CoAP;
+import org.junit.Test;
+
+public class CoAPRestComponentTLSTest extends CamelTestSupport {
+ protected static final int PORT = AvailablePortFinder.getNextAvailable();
+
+ @Produce("direct:start")
+ protected ProducerTemplate sender;
+
+ @Test
+ public void testPOST() throws Exception {
+ MockEndpoint mock = getMockEndpoint("mock:result");
+ mock.expectedMinimumMessageCount(1);
+ mock.expectedBodiesReceived("Hello Camel CoAP");
+ mock.expectedHeaderReceived(CoAPConstants.COAP_RESPONSE_CODE, CoAP.ResponseCode.CONTENT.toString());
+ sender.sendBodyAndHeader("Camel CoAP", CoAPConstants.COAP_METHOD, "POST");
+ assertMockEndpointsSatisfied();
+ }
+
+ @Test
+ public void testGET() throws Exception {
+ MockEndpoint mock = getMockEndpoint("mock:result");
+ mock.expectedMinimumMessageCount(1);
+ mock.expectedBodiesReceived("Hello user");
+ mock.expectedHeaderReceived(CoAPConstants.COAP_RESPONSE_CODE, CoAP.ResponseCode.CONTENT.toString());
+ sender.sendBody("");
+ assertMockEndpointsSatisfied();
+ }
+
+ @Override
+ protected RouteBuilder createRouteBuilder() throws Exception {
+
+ KeyStoreParameters keystoreParameters = new KeyStoreParameters();
+ keystoreParameters.setResource("service.jks");
+ keystoreParameters.setPassword("security");
+
+ KeyStoreParameters truststoreParameters = new KeyStoreParameters();
+ truststoreParameters.setResource("truststore.jks");
+ truststoreParameters.setPassword("storepass");
+
+ context.getRegistry().bind("keystoreParameters", keystoreParameters);
+ context.getRegistry().bind("truststoreParameters", truststoreParameters);
+
+ return new RouteBuilder() {
+ @Override
+ public void configure() throws Exception {
+ restConfiguration().component("coap").scheme("coaps").host("localhost").port(PORT)
+ .endpointProperty("keyStoreParameters", "#keystoreParameters")
+ .endpointProperty("alias", "service")
+ .endpointProperty("password", "security");
+
+ rest("/TestResource")
+ .get().to("direct:get1")
+ .post().to("direct:post1");
+
+ from("direct:get1").process(new Processor() {
+ public void process(Exchange exchange) throws Exception {
+ exchange.getOut().setBody("Hello user");
+ }
+ });
+
+ from("direct:post1").process(new Processor() {
+ public void process(Exchange exchange) throws Exception {
+ exchange.getOut().setBody("Hello " + exchange.getIn().getBody(String.class));
+ }
+ });
+
+ from("direct:start")
+ .toF("coaps://localhost:%d/TestResource?trustStoreParameters=#truststoreParameters", PORT)
+ .to("mock:result");
+ }
+ };
+ }
+}
diff --git a/components/camel-coap/src/test/resources/client.jks b/components/camel-coap/src/test/resources/client.jks
new file mode 100644
index 0000000..99c9b86
Binary files /dev/null and b/components/camel-coap/src/test/resources/client.jks differ
diff --git a/components/camel-coap/src/test/resources/service.jks b/components/camel-coap/src/test/resources/service.jks
new file mode 100644
index 0000000..40d24df
Binary files /dev/null and b/components/camel-coap/src/test/resources/service.jks differ
diff --git a/components/camel-coap/src/test/resources/truststore.jks b/components/camel-coap/src/test/resources/truststore.jks
new file mode 100644
index 0000000..2a7c179
Binary files /dev/null and b/components/camel-coap/src/test/resources/truststore.jks differ