From 52306ddf6e786bd1ceaba09cbe37b42778b715fe Mon Sep 17 00:00:00 2001
From: Christof Rabensteiner <christof.rabensteiner@iaik.tugraz.at>
Date: Fri, 28 Jun 2019 08:00:42 +0200
Subject: Simplified Config Validation

- Also: Ensure that truststore is of type JKS because PKCS12 is not
  supported.
---
 src/test/java/at/gv/egiz/moazs/MsgClientTest.java | 31 +++++++++++------------
 1 file changed, 15 insertions(+), 16 deletions(-)

(limited to 'src/test/java')

diff --git a/src/test/java/at/gv/egiz/moazs/MsgClientTest.java b/src/test/java/at/gv/egiz/moazs/MsgClientTest.java
index bd68d9d..485d01c 100644
--- a/src/test/java/at/gv/egiz/moazs/MsgClientTest.java
+++ b/src/test/java/at/gv/egiz/moazs/MsgClientTest.java
@@ -7,12 +7,9 @@ import at.gv.zustellung.app2mzs.xsd.ClientType;
 import at.gv.zustellung.app2mzs.xsd.KeyStoreType;
 import at.gv.zustellung.msg.xsd.DeliveryRequestType;
 import at.gv.zustellung.msg.xsd.ObjectFactory;
-import org.junit.runner.RunWith;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.test.context.junit4.SpringRunner;
 
 import javax.xml.bind.JAXBElement;
 import java.io.BufferedInputStream;
@@ -91,12 +88,12 @@ public class MsgClientTest {
     // - server uses the server certificate in ssl/server/server.localhost.*.pem
     // - server sends certificate chain ssl/server/ca-chain.cert.pem
     //@Test
-    public void sendOverSSLWithTrustAll() throws IOException {
+    public void sendOverSSLWithClientAuthTrustAll() throws IOException {
 
         var request = loadFromFile("validDeliveryRequest.xml");
-        var sslServiceUri = "https://localhost/zusemsg/services/DeliveryRequest";
+        var httpsServiceURL = "https://localhost/zusemsg/services/DeliveryRequest";
 
-        var clientParams = generateSSLClientParams(sslServiceUri, true, false);
+        var clientParams = generateSSLClientParams(httpsServiceURL, true, false);
         var client = factory.create(clientParams);
 
         var status = client.delivery(request);
@@ -109,12 +106,12 @@ public class MsgClientTest {
     // - server uses the server certificate in ssl/server/server.localhost.*.pem
     // - server sends certificate chain ssl/server/ca-chain.cert.pem
     //@Test
-    public void sendOverSSLWithLaxHostnameVerification() throws IOException {
+    public void sendOverSSLWithClientAuthLaxHostnameVerification() throws IOException {
 
         var request = loadFromFile("validDeliveryRequest.xml");
-        var sslServiceUri = "https://notlocalhost/zusemsg/services/DeliveryRequest";
+        var httpsServiceURL = "https://notlocalhost/zusemsg/services/DeliveryRequest";
 
-        var clientParams = generateSSLClientParams(sslServiceUri, false, true);
+        var clientParams = generateSSLClientParams(httpsServiceURL, false, true);
         var client = factory.create(clientParams);
 
         var status = client.delivery(request);
@@ -130,16 +127,20 @@ public class MsgClientTest {
     public void rejectBecauseHostNameVerificationFails() throws IOException {
 
         var request = loadFromFile("validDeliveryRequest.xml");
-        var sslServiceUri = "https://notlocalhost/zusemsg/services/DeliveryRequest";
+        var httpsServiceURL = "https://notlocalhost/zusemsg/services/DeliveryRequest";
 
-        var clientParams = generateSSLClientParams(sslServiceUri, false, false);
+        var clientParams = generateSSLClientParams(httpsServiceURL, false, false);
         var client = factory.create(clientParams);
 
         var status = client.delivery(request);
         log.info("status: " + msgMarshaller.marshallXml(OF.createDeliveryRequestStatus(status)));
     }
 
-    private ClientType generateSSLClientParams(String sslServiceUri, boolean trustAll, boolean laxHostNameVerification) {
+    private ClientType generateSSLClientParams(String httpsServiceURL, boolean trustAll, boolean laxHostNameVerification) {
+        return generateSSLClientParams(httpsServiceURL, trustAll, laxHostNameVerification, generateTrustLocalhostStore());
+    }
+
+    private ClientType generateSSLClientParams(String httpsServiceURL, boolean trustAll, boolean laxHostNameVerification, KeyStoreType truststore) {
 
         var keystore = keyStoreTypeBuilder()
                 .withFileName("ssl/client.cert.key.p12")
@@ -147,17 +148,15 @@ public class MsgClientTest {
                 .withPassword("123456")
                 .build();
 
-        var truststore = trustAll ? null : generateTrustLocalhostStore();
-
         var sslParams = SSLTypeBuilder()
                 .withLaxHostNameVerification(laxHostNameVerification)
                 .withTrustAll(trustAll)
                 .withKeyStore(keystore)
-                .withTrustStore(truststore)
+                .withTrustStore(trustAll ? null : truststore)
                 .build();
 
         return clientTypeBuilder()
-                .withURL(sslServiceUri)
+                .withURL(httpsServiceURL)
                 .withSSL(sslParams)
                 .withReceiveTimeout(BigInteger.ZERO)
                 .withConnectionTimeout(BigInteger.ZERO)
-- 
cgit v1.2.3