This is an automated email from the ASF dual-hosted git repository. coheigea pushed a commit to branch camel-2.x in repository https://gitbox.apache.org/repos/asf/camel.git
commit cf7186d874546d18b1c06b1c04542561f9884156 Author: Colm O hEigeartaigh <[email protected]> AuthorDate: Tue May 7 17:00:06 2019 +0100 CAMEL-13471 - Adding more tests --- .../java/org/apache/camel/coap/CoAPComponent.java | 2 +- .../java/org/apache/camel/coap/CoAPEndpoint.java | 2 +- .../java/org/apache/camel/coap/CoAPProducer.java | 2 +- .../apache/camel/coap/CoAPComponentTCPTLSTest.java | 39 ++ .../apache/camel/coap/CoAPComponentTLSTest.java | 404 +-------------------- ...tTLSTest.java => CoAPComponentTLSTestBase.java} | 217 +++++------ 6 files changed, 166 insertions(+), 500 deletions(-) diff --git a/components/camel-coap/src/main/java/org/apache/camel/coap/CoAPComponent.java b/components/camel-coap/src/main/java/org/apache/camel/coap/CoAPComponent.java index 65ae1d4..a732a89 100644 --- a/components/camel-coap/src/main/java/org/apache/camel/coap/CoAPComponent.java +++ b/components/camel-coap/src/main/java/org/apache/camel/coap/CoAPComponent.java @@ -75,7 +75,7 @@ public class CoAPComponent extends UriEndpointComponent implements RestConsumerF coapBuilder.setNetworkConfig(config); // Configure TLS and / or TCP - if (CoAPEndpoint.enableTLS(endpoint.getUri())) { + if (CoAPEndpoint.enableDTLS(endpoint.getUri())) { DTLSConnector connector = endpoint.createDTLSConnector(address, false); coapBuilder.setConnector(connector); } else if (CoAPEndpoint.enableTCP(endpoint.getUri())) { diff --git a/components/camel-coap/src/main/java/org/apache/camel/coap/CoAPEndpoint.java b/components/camel-coap/src/main/java/org/apache/camel/coap/CoAPEndpoint.java index a86c77e..65ba27e 100644 --- a/components/camel-coap/src/main/java/org/apache/camel/coap/CoAPEndpoint.java +++ b/components/camel-coap/src/main/java/org/apache/camel/coap/CoAPEndpoint.java @@ -316,7 +316,7 @@ public class CoAPEndpoint extends DefaultEndpoint { } - public static boolean enableTLS(URI uri) { + public static boolean enableDTLS(URI uri) { return "coaps".equals(uri.getScheme()); } diff --git a/components/camel-coap/src/main/java/org/apache/camel/coap/CoAPProducer.java b/components/camel-coap/src/main/java/org/apache/camel/coap/CoAPProducer.java index 866c684..81f662b 100644 --- a/components/camel-coap/src/main/java/org/apache/camel/coap/CoAPProducer.java +++ b/components/camel-coap/src/main/java/org/apache/camel/coap/CoAPProducer.java @@ -102,7 +102,7 @@ public class CoAPProducer extends DefaultProducer { client = new CoapClient(uri); // Configure TLS and / or TCP - if (CoAPEndpoint.enableTLS(uri)) { + if (CoAPEndpoint.enableDTLS(uri)) { DTLSConnector connector = endpoint.createDTLSConnector(null, true); CoapEndpoint.Builder coapBuilder = new CoapEndpoint.Builder(); coapBuilder.setConnector(connector); diff --git a/components/camel-coap/src/test/java/org/apache/camel/coap/CoAPComponentTCPTLSTest.java b/components/camel-coap/src/test/java/org/apache/camel/coap/CoAPComponentTCPTLSTest.java new file mode 100644 index 0000000..8582613 --- /dev/null +++ b/components/camel-coap/src/test/java/org/apache/camel/coap/CoAPComponentTCPTLSTest.java @@ -0,0 +1,39 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.coap; + +/** + * TCP + TLS tests + */ +public class CoAPComponentTCPTLSTest extends CoAPComponentTLSTestBase { + + @Override + protected String getProtocol() { + return "coaps+tcp"; + } + + @Override + protected boolean isPSKSupported() { + return false; + } + + @Override + protected boolean isRPKSupported() { + return false; + } + +} diff --git a/components/camel-coap/src/test/java/org/apache/camel/coap/CoAPComponentTLSTest.java b/components/camel-coap/src/test/java/org/apache/camel/coap/CoAPComponentTLSTest.java index 11aa4a5..1601506 100644 --- a/components/camel-coap/src/test/java/org/apache/camel/coap/CoAPComponentTLSTest.java +++ b/components/camel-coap/src/test/java/org/apache/camel/coap/CoAPComponentTLSTest.java @@ -16,407 +16,25 @@ */ package org.apache.camel.coap; -import java.io.IOException; -import java.security.GeneralSecurityException; -import java.security.KeyStore; -import java.security.PrivateKey; -import java.security.PublicKey; - -import javax.crypto.KeyGenerator; - -import org.apache.camel.Exchange; -import org.apache.camel.Message; -import org.apache.camel.Processor; -import org.apache.camel.Produce; -import org.apache.camel.ProducerTemplate; -import org.apache.camel.builder.RouteBuilder; -import org.apache.camel.component.mock.MockEndpoint; -import org.apache.camel.impl.JndiRegistry; -import org.apache.camel.test.AvailablePortFinder; -import org.apache.camel.test.junit4.CamelTestSupport; -import org.apache.camel.util.jsse.KeyManagersParameters; -import org.apache.camel.util.jsse.KeyStoreParameters; -import org.apache.camel.util.jsse.SSLContextParameters; -import org.apache.camel.util.jsse.SSLContextServerParameters; -import org.apache.camel.util.jsse.TrustManagersParameters; -import org.eclipse.californium.core.coap.CoAP; -import org.eclipse.californium.core.coap.MediaTypeRegistry; -import org.eclipse.californium.scandium.dtls.pskstore.PskStore; -import org.eclipse.californium.scandium.dtls.pskstore.StaticPskStore; -import org.eclipse.californium.scandium.dtls.rpkstore.TrustedRpkStore; -import org.junit.Test; - -public class CoAPComponentTLSTest extends CamelTestSupport { - - private static final int PORT = AvailablePortFinder.getNextAvailable(); - private static final int PORT2 = AvailablePortFinder.getNextAvailable(); - private static final int PORT3 = AvailablePortFinder.getNextAvailable(); - private static final int PORT4 = AvailablePortFinder.getNextAvailable(); - private static final int PORT5 = AvailablePortFinder.getNextAvailable(); - private static final int PORT6 = AvailablePortFinder.getNextAvailable(); - private static final int PORT7 = AvailablePortFinder.getNextAvailable(); - private static final int PORT8 = AvailablePortFinder.getNextAvailable(); - private static final int PORT9 = AvailablePortFinder.getNextAvailable(); - - @Produce(uri = "direct:start") - protected ProducerTemplate sender; - - @Test - public void testSuccessfulCall() throws Exception { - MockEndpoint mock = getMockEndpoint("mock:result"); - mock.expectedMinimumMessageCount(1); - mock.expectedBodiesReceived("Hello Camel CoAP"); - mock.expectedHeaderReceived(Exchange.CONTENT_TYPE, MediaTypeRegistry.toString(MediaTypeRegistry.APPLICATION_OCTET_STREAM)); - mock.expectedHeaderReceived(CoAPConstants.COAP_RESPONSE_CODE, CoAP.ResponseCode.CONTENT.toString()); - sendBodyAndHeader("direct:start", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); - assertMockEndpointsSatisfied(); - } - - @Test - public void testNoTruststore() throws Exception { - MockEndpoint mock = getMockEndpoint("mock:result"); - mock.expectedMessageCount(0); - sendBodyAndHeader("direct:notruststore", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); - assertMockEndpointsSatisfied(); - } - - @Test - public void testTrustValidationFailed() throws Exception { - MockEndpoint mock = getMockEndpoint("mock:result"); - mock.expectedMessageCount(0); - sendBodyAndHeader("direct:failedtrust", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); - assertMockEndpointsSatisfied(); - } - - @Test - public void testSelfSigned() throws Exception { - MockEndpoint mock = getMockEndpoint("mock:result"); - mock.expectedMinimumMessageCount(1); - mock.expectedBodiesReceived("Hello Camel CoAP"); - mock.expectedHeaderReceived(Exchange.CONTENT_TYPE, MediaTypeRegistry.toString(MediaTypeRegistry.APPLICATION_OCTET_STREAM)); - mock.expectedHeaderReceived(CoAPConstants.COAP_RESPONSE_CODE, CoAP.ResponseCode.CONTENT.toString()); - sendBodyAndHeader("direct:selfsigned", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); - assertMockEndpointsSatisfied(); - } - - @Test - public void testClientAuthentication() throws Exception { - MockEndpoint mock = getMockEndpoint("mock:result"); - mock.expectedMinimumMessageCount(1); - mock.expectedBodiesReceived("Hello Camel CoAP"); - mock.expectedHeaderReceived(Exchange.CONTENT_TYPE, MediaTypeRegistry.toString(MediaTypeRegistry.APPLICATION_OCTET_STREAM)); - mock.expectedHeaderReceived(CoAPConstants.COAP_RESPONSE_CODE, CoAP.ResponseCode.CONTENT.toString()); - sendBodyAndHeader("direct:clientauth", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); - assertMockEndpointsSatisfied(); - } - - @Test - public void testFailedClientAuthentication() throws Exception { - MockEndpoint mock = getMockEndpoint("mock:result"); - mock.expectedMessageCount(0); - sendBodyAndHeader("direct:failedclientauth", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); - assertMockEndpointsSatisfied(); - } - - @Test - public void testCipherSuites() throws Exception { - MockEndpoint mock = getMockEndpoint("mock:result"); - mock.expectedMinimumMessageCount(1); - mock.expectedBodiesReceived("Hello Camel CoAP"); - mock.expectedHeaderReceived(Exchange.CONTENT_TYPE, MediaTypeRegistry.toString(MediaTypeRegistry.APPLICATION_OCTET_STREAM)); - mock.expectedHeaderReceived(CoAPConstants.COAP_RESPONSE_CODE, CoAP.ResponseCode.CONTENT.toString()); - sendBodyAndHeader("direct:ciphersuites", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); - assertMockEndpointsSatisfied(); - } - - @Test - public void testRawPublicKey() throws Exception { - MockEndpoint mock = getMockEndpoint("mock:result"); - mock.expectedMinimumMessageCount(1); - mock.expectedBodiesReceived("Hello Camel CoAP"); - mock.expectedHeaderReceived(Exchange.CONTENT_TYPE, MediaTypeRegistry.toString(MediaTypeRegistry.APPLICATION_OCTET_STREAM)); - mock.expectedHeaderReceived(CoAPConstants.COAP_RESPONSE_CODE, CoAP.ResponseCode.CONTENT.toString()); - sendBodyAndHeader("direct:rpk", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); - assertMockEndpointsSatisfied(); - } - - @Test - public void testRawPublicKeyNoTruststore() throws Exception { - MockEndpoint mock = getMockEndpoint("mock:result"); - mock.expectedMessageCount(0); - sendBodyAndHeader("direct:rpknotruststore", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); - assertMockEndpointsSatisfied(); - } - - @Test - public void testRawPublicKeyFailedTrust() throws Exception { - MockEndpoint mock = getMockEndpoint("mock:result"); - mock.expectedMessageCount(0); - sendBodyAndHeader("direct:rpkfailedtrust", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); - assertMockEndpointsSatisfied(); - } - - @Test - public void testRawPublicKeyClientAuth() throws Exception { - MockEndpoint mock = getMockEndpoint("mock:result"); - mock.expectedMinimumMessageCount(1); - mock.expectedBodiesReceived("Hello Camel CoAP"); - mock.expectedHeaderReceived(Exchange.CONTENT_TYPE, MediaTypeRegistry.toString(MediaTypeRegistry.APPLICATION_OCTET_STREAM)); - mock.expectedHeaderReceived(CoAPConstants.COAP_RESPONSE_CODE, CoAP.ResponseCode.CONTENT.toString()); - sendBodyAndHeader("direct:rpkclientauth", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); - assertMockEndpointsSatisfied(); - } - - @Test - public void testPreSharedKey() throws Exception { - MockEndpoint mock = getMockEndpoint("mock:result"); - mock.expectedMinimumMessageCount(1); - mock.expectedBodiesReceived("Hello Camel CoAP"); - mock.expectedHeaderReceived(Exchange.CONTENT_TYPE, MediaTypeRegistry.toString(MediaTypeRegistry.APPLICATION_OCTET_STREAM)); - mock.expectedHeaderReceived(CoAPConstants.COAP_RESPONSE_CODE, CoAP.ResponseCode.CONTENT.toString()); - sendBodyAndHeader("direct:psk", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); - assertMockEndpointsSatisfied(); - } - - @Test - public void testPreSharedKeyCipherSuite() throws Exception { - MockEndpoint mock = getMockEndpoint("mock:result"); - mock.expectedMinimumMessageCount(1); - mock.expectedBodiesReceived("Hello Camel CoAP"); - mock.expectedHeaderReceived(Exchange.CONTENT_TYPE, MediaTypeRegistry.toString(MediaTypeRegistry.APPLICATION_OCTET_STREAM)); - mock.expectedHeaderReceived(CoAPConstants.COAP_RESPONSE_CODE, CoAP.ResponseCode.CONTENT.toString()); - sendBodyAndHeader("direct:pskciphersuite", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); - assertMockEndpointsSatisfied(); - } - - @Test - public void testPreSharedKeyX509() throws Exception { - MockEndpoint mock = getMockEndpoint("mock:result"); - mock.expectedMinimumMessageCount(1); - mock.expectedBodiesReceived("Hello Camel CoAP"); - mock.expectedHeaderReceived(Exchange.CONTENT_TYPE, MediaTypeRegistry.toString(MediaTypeRegistry.APPLICATION_OCTET_STREAM)); - mock.expectedHeaderReceived(CoAPConstants.COAP_RESPONSE_CODE, CoAP.ResponseCode.CONTENT.toString()); - sendBodyAndHeader("direct:pskx509", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); - assertMockEndpointsSatisfied(); - } +/** + * UDP + DTLS tests + */ +public class CoAPComponentTLSTest extends CoAPComponentTLSTestBase { - @Test - public void testTCP() throws Exception { - MockEndpoint mock = getMockEndpoint("mock:result"); - mock.expectedMinimumMessageCount(1); - mock.expectedBodiesReceived("Hello Camel CoAP"); - mock.expectedHeaderReceived(Exchange.CONTENT_TYPE, MediaTypeRegistry.toString(MediaTypeRegistry.APPLICATION_OCTET_STREAM)); - mock.expectedHeaderReceived(CoAPConstants.COAP_RESPONSE_CODE, CoAP.ResponseCode.CONTENT.toString()); - sendBodyAndHeader("direct:tcp", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); - assertMockEndpointsSatisfied(); + @Override + protected String getProtocol() { + return "coaps"; } - @Override - protected RouteBuilder createRouteBuilder() throws Exception { - - return new RouteBuilder() { - @Override - public void configure() throws Exception { - - - fromF("coaps://localhost:%d/TestResource?sslContextParameters=#serviceSSLContextParameters", PORT) - .transform(body().prepend("Hello ")); - - fromF("coaps://localhost:%d/TestResource?alias=selfsigned&sslContextParameters=#selfSignedServiceSSLContextParameters", PORT2) - .transform(body().prepend("Hello ")); - - fromF("coaps://localhost:%d/TestResource?sslContextParameters=#clientAuthServiceSSLContextParameters", PORT3) - .transform(body().prepend("Hello ")); - - fromF("coaps://localhost:%d/TestResource?sslContextParameters=#serviceSSLContextParameters&cipherSuites=TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", PORT4) - .transform(body().prepend("Hello ")); - fromF("coaps://localhost:%d/TestResource?privateKey=#privateKey&publicKey=#publicKey", PORT5).transform(body().prepend("Hello ")); - - fromF("coaps://localhost:%d/TestResource?privateKey=#privateKey&publicKey=#publicKey&" + "clientAuthentication=REQUIRE&trustedRpkStore=#trustedRpkStore", PORT6) - .transform(body().prepend("Hello ")); - - fromF("coaps://localhost:%d/TestResource?pskStore=#pskStore", PORT7).transform(body().prepend("Hello ")); - - - fromF("coaps://localhost:%d/TestResource?sslContextParameters=#serviceSSLContextParameters&pskStore=#pskStore", PORT8) - .transform(body().prepend("Hello ")); - - fromF("coaps+tcp://localhost:%d/TestResource?sslContextParameters=#serviceSSLContextParameters", PORT9) - .transform(body().prepend("Hello ")); - - from("direct:start") - .toF("coaps://localhost:%d/TestResource?sslContextParameters=#clientSSLContextParameters", PORT) - .to("mock:result"); - - from("direct:notruststore").toF("coaps://localhost:%d/TestResource", PORT).to("mock:result"); - - from("direct:failedtrust") - .toF("coaps://localhost:%d/TestResource?sslContextParameters=#clientSSLContextParameters2", PORT) - .to("mock:result"); - - from("direct:selfsigned") - .toF("coaps://localhost:%d/TestResource?sslContextParameters=#selfSignedClientSSLContextParameters", PORT2) - .to("mock:result"); - - from("direct:clientauth") - .toF("coaps://localhost:%d/TestResource?sslContextParameters=#clientAuthClientSSLContextParameters", PORT3) - .to("mock:result"); - - from("direct:failedclientauth") - .toF("coaps://localhost:%d/TestResource?sslContextParameters=#clientAuthClientSSLContextParameters2", PORT3) - .to("mock:result"); - - from("direct:ciphersuites") - .toF("coaps://localhost:%d/TestResource?sslContextParameters=#clientSSLContextParameters&cipherSuites=TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", PORT4) - .to("mock:result"); - - from("direct:rpk").toF("coaps://localhost:%d/TestResource?trustedRpkStore=#trustedRpkStore", PORT5).to("mock:result"); - - from("direct:rpknotruststore").toF("coaps://localhost:%d/TestResource", PORT5).to("mock:result"); - - from("direct:rpkfailedtrust").toF("coaps://localhost:%d/TestResource?trustedRpkStore=#failedTrustedRpkStore", PORT5).to("mock:result"); - - from("direct:rpkclientauth").toF("coaps://localhost:%d/TestResource?trustedRpkStore=#trustedRpkStore&" + "privateKey=#privateKey&publicKey=#publicKey", PORT6) - .to("mock:result"); - - from("direct:psk").toF("coaps://localhost:%d/TestResource?pskStore=#pskStore", PORT7).to("mock:result"); - - from("direct:pskciphersuite").toF("coaps://localhost:%d/TestResource?pskStore=#pskStore&" + "cipherSuites=TLS_PSK_WITH_AES_128_CBC_SHA256", PORT7) - .to("mock:result"); - - - from("direct:pskx509") - .toF("coaps://localhost:%d/TestResource?pskStore=#pskStore&sslContextParameters=#clientSSLContextParameters", PORT8) - .to("mock:result"); - - from("direct:tcp") - .toF("coaps+tcp://localhost:%d/TestResource?sslContextParameters=#clientSSLContextParameters", PORT9) - .to("mock:result"); - - } - }; + protected boolean isPSKSupported() { + return true; } @Override - protected JndiRegistry createRegistry() throws Exception { - JndiRegistry registry = super.createRegistry(); - KeyStoreParameters serviceKeystoreParameters = new KeyStoreParameters(); - serviceKeystoreParameters.setResource("service.jks"); - serviceKeystoreParameters.setPassword("security"); - - KeyStoreParameters selfSignedKeyStoreParameters = new KeyStoreParameters(); - selfSignedKeyStoreParameters.setResource("selfsigned.jks"); - selfSignedKeyStoreParameters.setPassword("security"); - - KeyStoreParameters clientKeystoreParameters = new KeyStoreParameters(); - clientKeystoreParameters.setResource("client.jks"); - clientKeystoreParameters.setPassword("security"); - - KeyStoreParameters truststoreParameters = new KeyStoreParameters(); - truststoreParameters.setResource("truststore.jks"); - truststoreParameters.setPassword("storepass"); - - KeyStoreParameters truststoreParameters2 = new KeyStoreParameters(); - truststoreParameters2.setResource("truststore2.jks"); - truststoreParameters2.setPassword("storepass"); - - SSLContextParameters serviceSSLContextParameters = new SSLContextParameters(); - KeyManagersParameters serviceSSLKeyManagers = new KeyManagersParameters(); - serviceSSLKeyManagers.setKeyPassword("security"); - serviceSSLKeyManagers.setKeyStore(serviceKeystoreParameters); - serviceSSLContextParameters.setKeyManagers(serviceSSLKeyManagers); - - SSLContextParameters selfSignedServiceSSLContextParameters = new SSLContextParameters(); - KeyManagersParameters selfSignedServiceSSLKeyManagers = new KeyManagersParameters(); - selfSignedServiceSSLKeyManagers.setKeyPassword("security"); - selfSignedServiceSSLKeyManagers.setKeyStore(selfSignedKeyStoreParameters); - selfSignedServiceSSLContextParameters.setKeyManagers(selfSignedServiceSSLKeyManagers); - - SSLContextParameters clientAuthServiceSSLContextParameters = new SSLContextParameters(); - KeyManagersParameters clientAuthServiceSSLKeyManagers = new KeyManagersParameters(); - clientAuthServiceSSLKeyManagers.setKeyPassword("security"); - clientAuthServiceSSLKeyManagers.setKeyStore(serviceKeystoreParameters); - clientAuthServiceSSLContextParameters.setKeyManagers(clientAuthServiceSSLKeyManagers); - TrustManagersParameters clientAuthServiceSSLTrustManagers = new TrustManagersParameters(); - clientAuthServiceSSLTrustManagers.setKeyStore(truststoreParameters); - clientAuthServiceSSLContextParameters.setTrustManagers(clientAuthServiceSSLTrustManagers); - SSLContextServerParameters clientAuthSSLContextServerParameters = new SSLContextServerParameters(); - clientAuthSSLContextServerParameters.setClientAuthentication("REQUIRE"); - clientAuthServiceSSLContextParameters.setServerParameters(clientAuthSSLContextServerParameters); - - SSLContextParameters clientSSLContextParameters = new SSLContextParameters(); - TrustManagersParameters clientSSLTrustManagers = new TrustManagersParameters(); - clientSSLTrustManagers.setKeyStore(truststoreParameters); - clientSSLContextParameters.setTrustManagers(clientSSLTrustManagers); - - SSLContextParameters clientSSLContextParameters2 = new SSLContextParameters(); - TrustManagersParameters clientSSLTrustManagers2 = new TrustManagersParameters(); - clientSSLTrustManagers2.setKeyStore(truststoreParameters2); - clientSSLContextParameters2.setTrustManagers(clientSSLTrustManagers2); - - SSLContextParameters clientAuthClientSSLContextParameters = new SSLContextParameters(); - TrustManagersParameters clientAuthClientSSLTrustManagers = new TrustManagersParameters(); - clientAuthClientSSLTrustManagers.setKeyStore(truststoreParameters); - clientAuthClientSSLContextParameters.setTrustManagers(clientAuthClientSSLTrustManagers); - KeyManagersParameters clientAuthClientSSLKeyManagers = new KeyManagersParameters(); - clientAuthClientSSLKeyManagers.setKeyPassword("security"); - clientAuthClientSSLKeyManagers.setKeyStore(clientKeystoreParameters); - clientAuthClientSSLContextParameters.setKeyManagers(clientAuthClientSSLKeyManagers); - - SSLContextParameters clientAuthClientSSLContextParameters2 = new SSLContextParameters(); - TrustManagersParameters clientAuthClientSSLTrustManagers2 = new TrustManagersParameters(); - clientAuthClientSSLTrustManagers2.setKeyStore(truststoreParameters2); - clientAuthClientSSLContextParameters2.setTrustManagers(clientAuthClientSSLTrustManagers2); - KeyManagersParameters clientAuthClientSSLKeyManagers2 = new KeyManagersParameters(); - clientAuthClientSSLKeyManagers2.setKeyPassword("security"); - clientAuthClientSSLKeyManagers2.setKeyStore(clientKeystoreParameters); - clientAuthClientSSLContextParameters2.setKeyManagers(clientAuthClientSSLKeyManagers2); - - SSLContextParameters selfSignedClientSSLContextParameters = new SSLContextParameters(); - TrustManagersParameters selfSignedClientSSLTrustManagers = new TrustManagersParameters(); - selfSignedClientSSLTrustManagers.setKeyStore(selfSignedKeyStoreParameters); - selfSignedClientSSLContextParameters.setTrustManagers(selfSignedClientSSLTrustManagers); - - KeyStore keyStore = serviceKeystoreParameters.createKeyStore(); - PrivateKey privateKey = (PrivateKey)keyStore.getKey("service", "security".toCharArray()); - PublicKey publicKey = keyStore.getCertificate("service").getPublicKey(); - - TrustedRpkStore trustedRpkStore = id -> { - return true; - }; - TrustedRpkStore failedTrustedRpkStore = id -> { - return false; - }; - KeyGenerator keyGenerator = KeyGenerator.getInstance("AES"); - PskStore pskStore = new StaticPskStore("some-identity", keyGenerator.generateKey().getEncoded()); - - registry.bind("serviceSSLContextParameters", serviceSSLContextParameters); - registry.bind("selfSignedServiceSSLContextParameters", selfSignedServiceSSLContextParameters); - registry.bind("clientAuthServiceSSLContextParameters", clientAuthServiceSSLContextParameters); - registry.bind("clientSSLContextParameters", clientSSLContextParameters); - registry.bind("clientSSLContextParameters2", clientSSLContextParameters2); - registry.bind("clientAuthClientSSLContextParameters", clientAuthClientSSLContextParameters); - registry.bind("clientAuthClientSSLContextParameters2", clientAuthClientSSLContextParameters2); - registry.bind("selfSignedClientSSLContextParameters", selfSignedClientSSLContextParameters); - - registry.bind("privateKey", privateKey); - registry.bind("publicKey", publicKey); - registry.bind("trustedRpkStore", trustedRpkStore); - registry.bind("failedTrustedRpkStore", failedTrustedRpkStore); - registry.bind("pskStore", pskStore); - - return registry; + protected boolean isRPKSupported() { + return true; } - protected void sendBodyAndHeader(String endpointUri, final Object body, String headerName, String headerValue) { - template.send(endpointUri, new Processor() { - public void process(Exchange exchange) { - Message in = exchange.getIn(); - in.setBody(body); - in.setHeader(headerName, headerValue); - } - }); - } } diff --git a/components/camel-coap/src/test/java/org/apache/camel/coap/CoAPComponentTLSTest.java b/components/camel-coap/src/test/java/org/apache/camel/coap/CoAPComponentTLSTestBase.java similarity index 65% copy from components/camel-coap/src/test/java/org/apache/camel/coap/CoAPComponentTLSTest.java copy to components/camel-coap/src/test/java/org/apache/camel/coap/CoAPComponentTLSTestBase.java index 11aa4a5..7363ef8 100644 --- a/components/camel-coap/src/test/java/org/apache/camel/coap/CoAPComponentTLSTest.java +++ b/components/camel-coap/src/test/java/org/apache/camel/coap/CoAPComponentTLSTestBase.java @@ -27,18 +27,16 @@ import javax.crypto.KeyGenerator; import org.apache.camel.Exchange; import org.apache.camel.Message; import org.apache.camel.Processor; -import org.apache.camel.Produce; -import org.apache.camel.ProducerTemplate; import org.apache.camel.builder.RouteBuilder; import org.apache.camel.component.mock.MockEndpoint; import org.apache.camel.impl.JndiRegistry; -import org.apache.camel.test.AvailablePortFinder; -import org.apache.camel.test.junit4.CamelTestSupport; import org.apache.camel.util.jsse.KeyManagersParameters; import org.apache.camel.util.jsse.KeyStoreParameters; import org.apache.camel.util.jsse.SSLContextParameters; import org.apache.camel.util.jsse.SSLContextServerParameters; import org.apache.camel.util.jsse.TrustManagersParameters; +import org.apache.camel.test.AvailablePortFinder; +import org.apache.camel.test.junit4.CamelTestSupport; import org.eclipse.californium.core.coap.CoAP; import org.eclipse.californium.core.coap.MediaTypeRegistry; import org.eclipse.californium.scandium.dtls.pskstore.PskStore; @@ -46,7 +44,7 @@ import org.eclipse.californium.scandium.dtls.pskstore.StaticPskStore; import org.eclipse.californium.scandium.dtls.rpkstore.TrustedRpkStore; import org.junit.Test; -public class CoAPComponentTLSTest extends CamelTestSupport { +abstract class CoAPComponentTLSTestBase extends CamelTestSupport { private static final int PORT = AvailablePortFinder.getNextAvailable(); private static final int PORT2 = AvailablePortFinder.getNextAvailable(); @@ -56,10 +54,6 @@ public class CoAPComponentTLSTest extends CamelTestSupport { private static final int PORT6 = AvailablePortFinder.getNextAvailable(); private static final int PORT7 = AvailablePortFinder.getNextAvailable(); private static final int PORT8 = AvailablePortFinder.getNextAvailable(); - private static final int PORT9 = AvailablePortFinder.getNextAvailable(); - - @Produce(uri = "direct:start") - protected ProducerTemplate sender; @Test public void testSuccessfulCall() throws Exception { @@ -131,169 +125,183 @@ public class CoAPComponentTLSTest extends CamelTestSupport { @Test public void testRawPublicKey() throws Exception { - MockEndpoint mock = getMockEndpoint("mock:result"); - mock.expectedMinimumMessageCount(1); - mock.expectedBodiesReceived("Hello Camel CoAP"); - mock.expectedHeaderReceived(Exchange.CONTENT_TYPE, MediaTypeRegistry.toString(MediaTypeRegistry.APPLICATION_OCTET_STREAM)); - mock.expectedHeaderReceived(CoAPConstants.COAP_RESPONSE_CODE, CoAP.ResponseCode.CONTENT.toString()); - sendBodyAndHeader("direct:rpk", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); - assertMockEndpointsSatisfied(); + if (isRPKSupported()) { + MockEndpoint mock = getMockEndpoint("mock:result"); + mock.expectedMinimumMessageCount(1); + mock.expectedBodiesReceived("Hello Camel CoAP"); + mock.expectedHeaderReceived(Exchange.CONTENT_TYPE, MediaTypeRegistry.toString(MediaTypeRegistry.APPLICATION_OCTET_STREAM)); + mock.expectedHeaderReceived(CoAPConstants.COAP_RESPONSE_CODE, CoAP.ResponseCode.CONTENT.toString()); + sendBodyAndHeader("direct:rpk", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); + assertMockEndpointsSatisfied(); + } } @Test public void testRawPublicKeyNoTruststore() throws Exception { - MockEndpoint mock = getMockEndpoint("mock:result"); - mock.expectedMessageCount(0); - sendBodyAndHeader("direct:rpknotruststore", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); - assertMockEndpointsSatisfied(); + if (isRPKSupported()) { + MockEndpoint mock = getMockEndpoint("mock:result"); + mock.expectedMessageCount(0); + sendBodyAndHeader("direct:rpknotruststore", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); + assertMockEndpointsSatisfied(); + } } @Test public void testRawPublicKeyFailedTrust() throws Exception { - MockEndpoint mock = getMockEndpoint("mock:result"); - mock.expectedMessageCount(0); - sendBodyAndHeader("direct:rpkfailedtrust", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); - assertMockEndpointsSatisfied(); + if (isRPKSupported()) { + MockEndpoint mock = getMockEndpoint("mock:result"); + mock.expectedMessageCount(0); + sendBodyAndHeader("direct:rpkfailedtrust", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); + assertMockEndpointsSatisfied(); + } } @Test public void testRawPublicKeyClientAuth() throws Exception { - MockEndpoint mock = getMockEndpoint("mock:result"); - mock.expectedMinimumMessageCount(1); - mock.expectedBodiesReceived("Hello Camel CoAP"); - mock.expectedHeaderReceived(Exchange.CONTENT_TYPE, MediaTypeRegistry.toString(MediaTypeRegistry.APPLICATION_OCTET_STREAM)); - mock.expectedHeaderReceived(CoAPConstants.COAP_RESPONSE_CODE, CoAP.ResponseCode.CONTENT.toString()); - sendBodyAndHeader("direct:rpkclientauth", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); - assertMockEndpointsSatisfied(); + if (isRPKSupported()) { + MockEndpoint mock = getMockEndpoint("mock:result"); + mock.expectedMinimumMessageCount(1); + mock.expectedBodiesReceived("Hello Camel CoAP"); + mock.expectedHeaderReceived(Exchange.CONTENT_TYPE, MediaTypeRegistry.toString(MediaTypeRegistry.APPLICATION_OCTET_STREAM)); + mock.expectedHeaderReceived(CoAPConstants.COAP_RESPONSE_CODE, CoAP.ResponseCode.CONTENT.toString()); + sendBodyAndHeader("direct:rpkclientauth", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); + assertMockEndpointsSatisfied(); + } } @Test public void testPreSharedKey() throws Exception { - MockEndpoint mock = getMockEndpoint("mock:result"); - mock.expectedMinimumMessageCount(1); - mock.expectedBodiesReceived("Hello Camel CoAP"); - mock.expectedHeaderReceived(Exchange.CONTENT_TYPE, MediaTypeRegistry.toString(MediaTypeRegistry.APPLICATION_OCTET_STREAM)); - mock.expectedHeaderReceived(CoAPConstants.COAP_RESPONSE_CODE, CoAP.ResponseCode.CONTENT.toString()); - sendBodyAndHeader("direct:psk", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); - assertMockEndpointsSatisfied(); + if (isPSKSupported()) { + MockEndpoint mock = getMockEndpoint("mock:result"); + mock.expectedMinimumMessageCount(1); + mock.expectedBodiesReceived("Hello Camel CoAP"); + mock.expectedHeaderReceived(Exchange.CONTENT_TYPE, MediaTypeRegistry.toString(MediaTypeRegistry.APPLICATION_OCTET_STREAM)); + mock.expectedHeaderReceived(CoAPConstants.COAP_RESPONSE_CODE, CoAP.ResponseCode.CONTENT.toString()); + sendBodyAndHeader("direct:psk", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); + assertMockEndpointsSatisfied(); + } } @Test public void testPreSharedKeyCipherSuite() throws Exception { - MockEndpoint mock = getMockEndpoint("mock:result"); - mock.expectedMinimumMessageCount(1); - mock.expectedBodiesReceived("Hello Camel CoAP"); - mock.expectedHeaderReceived(Exchange.CONTENT_TYPE, MediaTypeRegistry.toString(MediaTypeRegistry.APPLICATION_OCTET_STREAM)); - mock.expectedHeaderReceived(CoAPConstants.COAP_RESPONSE_CODE, CoAP.ResponseCode.CONTENT.toString()); - sendBodyAndHeader("direct:pskciphersuite", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); - assertMockEndpointsSatisfied(); + if (isPSKSupported()) { + MockEndpoint mock = getMockEndpoint("mock:result"); + mock.expectedMinimumMessageCount(1); + mock.expectedBodiesReceived("Hello Camel CoAP"); + mock.expectedHeaderReceived(Exchange.CONTENT_TYPE, MediaTypeRegistry.toString(MediaTypeRegistry.APPLICATION_OCTET_STREAM)); + mock.expectedHeaderReceived(CoAPConstants.COAP_RESPONSE_CODE, CoAP.ResponseCode.CONTENT.toString()); + sendBodyAndHeader("direct:pskciphersuite", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); + assertMockEndpointsSatisfied(); + } } @Test public void testPreSharedKeyX509() throws Exception { - MockEndpoint mock = getMockEndpoint("mock:result"); - mock.expectedMinimumMessageCount(1); - mock.expectedBodiesReceived("Hello Camel CoAP"); - mock.expectedHeaderReceived(Exchange.CONTENT_TYPE, MediaTypeRegistry.toString(MediaTypeRegistry.APPLICATION_OCTET_STREAM)); - mock.expectedHeaderReceived(CoAPConstants.COAP_RESPONSE_CODE, CoAP.ResponseCode.CONTENT.toString()); - sendBodyAndHeader("direct:pskx509", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); - assertMockEndpointsSatisfied(); - } - - @Test - public void testTCP() throws Exception { - MockEndpoint mock = getMockEndpoint("mock:result"); - mock.expectedMinimumMessageCount(1); - mock.expectedBodiesReceived("Hello Camel CoAP"); - mock.expectedHeaderReceived(Exchange.CONTENT_TYPE, MediaTypeRegistry.toString(MediaTypeRegistry.APPLICATION_OCTET_STREAM)); - mock.expectedHeaderReceived(CoAPConstants.COAP_RESPONSE_CODE, CoAP.ResponseCode.CONTENT.toString()); - sendBodyAndHeader("direct:tcp", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); - assertMockEndpointsSatisfied(); + if (isPSKSupported()) { + MockEndpoint mock = getMockEndpoint("mock:result"); + mock.expectedMinimumMessageCount(1); + mock.expectedBodiesReceived("Hello Camel CoAP"); + mock.expectedHeaderReceived(Exchange.CONTENT_TYPE, MediaTypeRegistry.toString(MediaTypeRegistry.APPLICATION_OCTET_STREAM)); + mock.expectedHeaderReceived(CoAPConstants.COAP_RESPONSE_CODE, CoAP.ResponseCode.CONTENT.toString()); + sendBodyAndHeader("direct:pskx509", "Camel CoAP", CoAPConstants.COAP_METHOD, "POST"); + assertMockEndpointsSatisfied(); + } } + protected abstract String getProtocol(); + protected abstract boolean isPSKSupported(); + protected abstract boolean isRPKSupported(); @Override protected RouteBuilder createRouteBuilder() throws Exception { - + return new RouteBuilder() { @Override public void configure() throws Exception { - - fromF("coaps://localhost:%d/TestResource?sslContextParameters=#serviceSSLContextParameters", PORT) + fromF(getProtocol() + "://localhost:%d/TestResource?sslContextParameters=#serviceSSLContextParameters", PORT) .transform(body().prepend("Hello ")); - fromF("coaps://localhost:%d/TestResource?alias=selfsigned&sslContextParameters=#selfSignedServiceSSLContextParameters", PORT2) + fromF(getProtocol() + "://localhost:%d/TestResource?alias=selfsigned&sslContextParameters=#selfSignedServiceSSLContextParameters", PORT2) .transform(body().prepend("Hello ")); - fromF("coaps://localhost:%d/TestResource?sslContextParameters=#clientAuthServiceSSLContextParameters", PORT3) + fromF(getProtocol() + "://localhost:%d/TestResource?sslContextParameters=#clientAuthServiceSSLContextParameters", PORT3) .transform(body().prepend("Hello ")); - fromF("coaps://localhost:%d/TestResource?sslContextParameters=#serviceSSLContextParameters&cipherSuites=TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", PORT4) + fromF(getProtocol() + "://localhost:%d/TestResource?sslContextParameters=#serviceSSLContextParameters&cipherSuites=TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", PORT4) .transform(body().prepend("Hello ")); - fromF("coaps://localhost:%d/TestResource?privateKey=#privateKey&publicKey=#publicKey", PORT5).transform(body().prepend("Hello ")); - - fromF("coaps://localhost:%d/TestResource?privateKey=#privateKey&publicKey=#publicKey&" + "clientAuthentication=REQUIRE&trustedRpkStore=#trustedRpkStore", PORT6) - .transform(body().prepend("Hello ")); - - fromF("coaps://localhost:%d/TestResource?pskStore=#pskStore", PORT7).transform(body().prepend("Hello ")); - - - fromF("coaps://localhost:%d/TestResource?sslContextParameters=#serviceSSLContextParameters&pskStore=#pskStore", PORT8) - .transform(body().prepend("Hello ")); - - fromF("coaps+tcp://localhost:%d/TestResource?sslContextParameters=#serviceSSLContextParameters", PORT9) - .transform(body().prepend("Hello ")); - from("direct:start") - .toF("coaps://localhost:%d/TestResource?sslContextParameters=#clientSSLContextParameters", PORT) + .toF(getProtocol() + "://localhost:%d/TestResource?sslContextParameters=#clientSSLContextParameters", PORT) .to("mock:result"); - from("direct:notruststore").toF("coaps://localhost:%d/TestResource", PORT).to("mock:result"); + from("direct:notruststore") + .toF(getProtocol() + "://localhost:%d/TestResource", PORT) + .to("mock:result"); from("direct:failedtrust") - .toF("coaps://localhost:%d/TestResource?sslContextParameters=#clientSSLContextParameters2", PORT) + .toF(getProtocol() + "://localhost:%d/TestResource?sslContextParameters=#clientSSLContextParameters2", PORT) .to("mock:result"); from("direct:selfsigned") - .toF("coaps://localhost:%d/TestResource?sslContextParameters=#selfSignedClientSSLContextParameters", PORT2) + .toF(getProtocol() + "://localhost:%d/TestResource?sslContextParameters=#selfSignedClientSSLContextParameters", PORT2) .to("mock:result"); from("direct:clientauth") - .toF("coaps://localhost:%d/TestResource?sslContextParameters=#clientAuthClientSSLContextParameters", PORT3) + .toF(getProtocol() + "://localhost:%d/TestResource?sslContextParameters=#clientAuthClientSSLContextParameters", PORT3) .to("mock:result"); from("direct:failedclientauth") - .toF("coaps://localhost:%d/TestResource?sslContextParameters=#clientAuthClientSSLContextParameters2", PORT3) + .toF(getProtocol() + "://localhost:%d/TestResource?sslContextParameters=#clientAuthClientSSLContextParameters2", PORT3) .to("mock:result"); from("direct:ciphersuites") - .toF("coaps://localhost:%d/TestResource?sslContextParameters=#clientSSLContextParameters&cipherSuites=TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", PORT4) + .toF(getProtocol() + "://localhost:%d/TestResource?sslContextParameters=#clientSSLContextParameters&cipherSuites=TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", PORT4) .to("mock:result"); - from("direct:rpk").toF("coaps://localhost:%d/TestResource?trustedRpkStore=#trustedRpkStore", PORT5).to("mock:result"); + if (isRPKSupported()) { + fromF(getProtocol() + "://localhost:%d/TestResource?privateKey=#privateKey&publicKey=#publicKey", PORT5) + .transform(body().prepend("Hello ")); - from("direct:rpknotruststore").toF("coaps://localhost:%d/TestResource", PORT5).to("mock:result"); + fromF(getProtocol() + "://localhost:%d/TestResource?privateKey=#privateKey&publicKey=#publicKey&clientAuthentication=REQUIRE&trustedRpkStore=#trustedRpkStore", PORT6) + .transform(body().prepend("Hello ")); - from("direct:rpkfailedtrust").toF("coaps://localhost:%d/TestResource?trustedRpkStore=#failedTrustedRpkStore", PORT5).to("mock:result"); + from("direct:rpk") + .toF(getProtocol() + "://localhost:%d/TestResource?trustedRpkStore=#trustedRpkStore", PORT5) + .to("mock:result"); - from("direct:rpkclientauth").toF("coaps://localhost:%d/TestResource?trustedRpkStore=#trustedRpkStore&" + "privateKey=#privateKey&publicKey=#publicKey", PORT6) - .to("mock:result"); + from("direct:rpknotruststore") + .toF(getProtocol() + "://localhost:%d/TestResource", PORT5) + .to("mock:result"); - from("direct:psk").toF("coaps://localhost:%d/TestResource?pskStore=#pskStore", PORT7).to("mock:result"); + from("direct:rpkfailedtrust") + .toF(getProtocol() + "://localhost:%d/TestResource?trustedRpkStore=#failedTrustedRpkStore", PORT5) + .to("mock:result"); - from("direct:pskciphersuite").toF("coaps://localhost:%d/TestResource?pskStore=#pskStore&" + "cipherSuites=TLS_PSK_WITH_AES_128_CBC_SHA256", PORT7) - .to("mock:result"); + from("direct:rpkclientauth") + .toF(getProtocol() + "://localhost:%d/TestResource?trustedRpkStore=#trustedRpkStore&privateKey=#privateKey&publicKey=#publicKey", PORT6) + .to("mock:result"); + } + if (isPSKSupported()) { + fromF(getProtocol() + "://localhost:%d/TestResource?pskStore=#pskStore", PORT7) + .transform(body().prepend("Hello ")); - from("direct:pskx509") - .toF("coaps://localhost:%d/TestResource?pskStore=#pskStore&sslContextParameters=#clientSSLContextParameters", PORT8) - .to("mock:result"); + fromF(getProtocol() + "://localhost:%d/TestResource?sslContextParameters=#serviceSSLContextParameters&pskStore=#pskStore", PORT8) + .transform(body().prepend("Hello ")); - from("direct:tcp") - .toF("coaps+tcp://localhost:%d/TestResource?sslContextParameters=#clientSSLContextParameters", PORT9) - .to("mock:result"); + from("direct:psk") + .toF(getProtocol() + "://localhost:%d/TestResource?pskStore=#pskStore", PORT7) + .to("mock:result"); + + from("direct:pskciphersuite") + .toF(getProtocol() + "://localhost:%d/TestResource?pskStore=#pskStore&cipherSuites=TLS_PSK_WITH_AES_128_CBC_SHA256", PORT7) + .to("mock:result"); + + from("direct:pskx509") + .toF(getProtocol() + "://localhost:%d/TestResource?pskStore=#pskStore&sslContextParameters=#clientSSLContextParameters", PORT8) + .to("mock:result"); + } } }; @@ -302,6 +310,7 @@ public class CoAPComponentTLSTest extends CamelTestSupport { @Override protected JndiRegistry createRegistry() throws Exception { JndiRegistry registry = super.createRegistry(); + KeyStoreParameters serviceKeystoreParameters = new KeyStoreParameters(); serviceKeystoreParameters.setResource("service.jks"); serviceKeystoreParameters.setPassword("security");
