From 52306ddf6e786bd1ceaba09cbe37b42778b715fe Mon Sep 17 00:00:00 2001 From: Christof Rabensteiner Date: Fri, 28 Jun 2019 08:00:42 +0200 Subject: Simplified Config Validation - Also: Ensure that truststore is of type JKS because PKCS12 is not supported. --- src/test/java/at/gv/egiz/moazs/MsgClientTest.java | 31 +++++++++++------------ 1 file changed, 15 insertions(+), 16 deletions(-) (limited to 'src/test/java/at/gv/egiz/moazs') diff --git a/src/test/java/at/gv/egiz/moazs/MsgClientTest.java b/src/test/java/at/gv/egiz/moazs/MsgClientTest.java index bd68d9d..485d01c 100644 --- a/src/test/java/at/gv/egiz/moazs/MsgClientTest.java +++ b/src/test/java/at/gv/egiz/moazs/MsgClientTest.java @@ -7,12 +7,9 @@ import at.gv.zustellung.app2mzs.xsd.ClientType; import at.gv.zustellung.app2mzs.xsd.KeyStoreType; import at.gv.zustellung.msg.xsd.DeliveryRequestType; import at.gv.zustellung.msg.xsd.ObjectFactory; -import org.junit.runner.RunWith; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.test.context.junit4.SpringRunner; import javax.xml.bind.JAXBElement; import java.io.BufferedInputStream; @@ -91,12 +88,12 @@ public class MsgClientTest { // - server uses the server certificate in ssl/server/server.localhost.*.pem // - server sends certificate chain ssl/server/ca-chain.cert.pem //@Test - public void sendOverSSLWithTrustAll() throws IOException { + public void sendOverSSLWithClientAuthTrustAll() throws IOException { var request = loadFromFile("validDeliveryRequest.xml"); - var sslServiceUri = "https://localhost/zusemsg/services/DeliveryRequest"; + var httpsServiceURL = "https://localhost/zusemsg/services/DeliveryRequest"; - var clientParams = generateSSLClientParams(sslServiceUri, true, false); + var clientParams = generateSSLClientParams(httpsServiceURL, true, false); var client = factory.create(clientParams); var status = client.delivery(request); @@ -109,12 +106,12 @@ public class MsgClientTest { // - server uses the server certificate in ssl/server/server.localhost.*.pem // - server sends certificate chain ssl/server/ca-chain.cert.pem //@Test - public void sendOverSSLWithLaxHostnameVerification() throws IOException { + public void sendOverSSLWithClientAuthLaxHostnameVerification() throws IOException { var request = loadFromFile("validDeliveryRequest.xml"); - var sslServiceUri = "https://notlocalhost/zusemsg/services/DeliveryRequest"; + var httpsServiceURL = "https://notlocalhost/zusemsg/services/DeliveryRequest"; - var clientParams = generateSSLClientParams(sslServiceUri, false, true); + var clientParams = generateSSLClientParams(httpsServiceURL, false, true); var client = factory.create(clientParams); var status = client.delivery(request); @@ -130,16 +127,20 @@ public class MsgClientTest { public void rejectBecauseHostNameVerificationFails() throws IOException { var request = loadFromFile("validDeliveryRequest.xml"); - var sslServiceUri = "https://notlocalhost/zusemsg/services/DeliveryRequest"; + var httpsServiceURL = "https://notlocalhost/zusemsg/services/DeliveryRequest"; - var clientParams = generateSSLClientParams(sslServiceUri, false, false); + var clientParams = generateSSLClientParams(httpsServiceURL, false, false); var client = factory.create(clientParams); var status = client.delivery(request); log.info("status: " + msgMarshaller.marshallXml(OF.createDeliveryRequestStatus(status))); } - private ClientType generateSSLClientParams(String sslServiceUri, boolean trustAll, boolean laxHostNameVerification) { + private ClientType generateSSLClientParams(String httpsServiceURL, boolean trustAll, boolean laxHostNameVerification) { + return generateSSLClientParams(httpsServiceURL, trustAll, laxHostNameVerification, generateTrustLocalhostStore()); + } + + private ClientType generateSSLClientParams(String httpsServiceURL, boolean trustAll, boolean laxHostNameVerification, KeyStoreType truststore) { var keystore = keyStoreTypeBuilder() .withFileName("ssl/client.cert.key.p12") @@ -147,17 +148,15 @@ public class MsgClientTest { .withPassword("123456") .build(); - var truststore = trustAll ? null : generateTrustLocalhostStore(); - var sslParams = SSLTypeBuilder() .withLaxHostNameVerification(laxHostNameVerification) .withTrustAll(trustAll) .withKeyStore(keystore) - .withTrustStore(truststore) + .withTrustStore(trustAll ? null : truststore) .build(); return clientTypeBuilder() - .withURL(sslServiceUri) + .withURL(httpsServiceURL) .withSSL(sslParams) .withReceiveTimeout(BigInteger.ZERO) .withConnectionTimeout(BigInteger.ZERO) -- cgit v1.2.3