1 /* 2 * Licensed to the Apache Software Foundation (ASF) under one 3 * or more contributor license agreements. See the NOTICE file 4 * distributed with this work for additional information 5 * regarding copyright ownership. The ASF licenses this file 6 * to you under the Apache License, Version 2.0 (the 7 * "License"); you may not use this file except in compliance 8 * with the License. You may obtain a copy of the License at 9 * 10 * http://www.apache.org/licenses/LICENSE-2.0 11 * 12 * Unless required by applicable law or agreed to in writing, software 13 * distributed under the License is distributed on an "AS IS" BASIS, 14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 * See the License for the specific language governing permissions and 16 * limitations under the License. 17 */ 18 19 package org.apache.zookeeper.common; 20 21 import static org.junit.jupiter.api.Assertions.assertEquals; 22 import static org.junit.jupiter.api.Assertions.assertThrows; 23 import java.io.IOException; 24 import java.security.KeyStore; 25 import java.security.KeyStoreException; 26 import org.junit.jupiter.params.ParameterizedTest; 27 import org.junit.jupiter.params.provider.MethodSource; 28 29 public class PEMFileLoaderTest extends BaseX509ParameterizedTestCase { 30 31 @ParameterizedTest 32 @MethodSource("data") testLoadKeyStore( X509KeyType caKeyType, X509KeyType certKeyType, String keyPassword, Integer paramIndex)33 public void testLoadKeyStore( 34 X509KeyType caKeyType, X509KeyType certKeyType, String keyPassword, Integer paramIndex) 35 throws Exception { 36 init(caKeyType, certKeyType, keyPassword, paramIndex); 37 String path = x509TestContext.getKeyStoreFile(KeyStoreFileType.PEM).getAbsolutePath(); 38 KeyStore ks = new PEMFileLoader.Builder() 39 .setKeyStorePath(path) 40 .setKeyStorePassword(x509TestContext.getKeyStorePassword()) 41 .build() 42 .loadKeyStore(); 43 assertEquals(1, ks.size()); 44 } 45 46 @ParameterizedTest 47 @MethodSource("data") testLoadKeyStoreWithWrongPassword( X509KeyType caKeyType, X509KeyType certKeyType, String keyPassword, Integer paramIndex)48 public void testLoadKeyStoreWithWrongPassword( 49 X509KeyType caKeyType, X509KeyType certKeyType, String keyPassword, Integer paramIndex) 50 throws Exception { 51 init(caKeyType, certKeyType, keyPassword, paramIndex); 52 assertThrows(Exception.class, () -> { 53 String path = x509TestContext.getKeyStoreFile(KeyStoreFileType.PEM).getAbsolutePath(); 54 new PEMFileLoader.Builder() 55 .setKeyStorePath(path) 56 .setKeyStorePassword("wrong password") 57 .build() 58 .loadKeyStore(); 59 }); 60 } 61 62 @ParameterizedTest 63 @MethodSource("data") testLoadKeyStoreWithWrongFilePath( X509KeyType caKeyType, X509KeyType certKeyType, String keyPassword, Integer paramIndex)64 public void testLoadKeyStoreWithWrongFilePath( 65 X509KeyType caKeyType, X509KeyType certKeyType, String keyPassword, Integer paramIndex) 66 throws Exception { 67 init(caKeyType, certKeyType, keyPassword, paramIndex); 68 assertThrows(IOException.class, () -> { 69 String path = x509TestContext.getKeyStoreFile(KeyStoreFileType.PEM).getAbsolutePath(); 70 new PEMFileLoader.Builder() 71 .setKeyStorePath(path + ".does_not_exist") 72 .setKeyStorePassword(x509TestContext.getKeyStorePassword()) 73 .build() 74 .loadKeyStore(); 75 }); 76 } 77 78 @ParameterizedTest 79 @MethodSource("data") testLoadKeyStoreWithNullFilePath( X509KeyType caKeyType, X509KeyType certKeyType, String keyPassword, Integer paramIndex)80 public void testLoadKeyStoreWithNullFilePath( 81 X509KeyType caKeyType, X509KeyType certKeyType, String keyPassword, Integer paramIndex) 82 throws Exception { 83 init(caKeyType, certKeyType, keyPassword, paramIndex); 84 assertThrows(NullPointerException.class, () -> { 85 new PEMFileLoader.Builder() 86 .setKeyStorePassword(x509TestContext.getKeyStorePassword()) 87 .build() 88 .loadKeyStore(); 89 }); 90 } 91 92 @ParameterizedTest 93 @MethodSource("data") testLoadKeyStoreWithWrongFileType( X509KeyType caKeyType, X509KeyType certKeyType, String keyPassword, Integer paramIndex)94 public void testLoadKeyStoreWithWrongFileType( 95 X509KeyType caKeyType, X509KeyType certKeyType, String keyPassword, Integer paramIndex) 96 throws Exception { 97 init(caKeyType, certKeyType, keyPassword, paramIndex); 98 assertThrows(KeyStoreException.class, () -> { 99 // Trying to load a JKS file with PEM loader should fail 100 String path = x509TestContext.getKeyStoreFile(KeyStoreFileType.JKS).getAbsolutePath(); 101 new PEMFileLoader.Builder() 102 .setKeyStorePath(path) 103 .setKeyStorePassword(x509TestContext.getKeyStorePassword()) 104 .build() 105 .loadKeyStore(); 106 }); 107 } 108 109 @ParameterizedTest 110 @MethodSource("data") testLoadTrustStore( X509KeyType caKeyType, X509KeyType certKeyType, String keyPassword, Integer paramIndex)111 public void testLoadTrustStore( 112 X509KeyType caKeyType, X509KeyType certKeyType, String keyPassword, Integer paramIndex) 113 throws Exception { 114 init(caKeyType, certKeyType, keyPassword, paramIndex); 115 String path = x509TestContext.getTrustStoreFile(KeyStoreFileType.PEM).getAbsolutePath(); 116 KeyStore ts = new PEMFileLoader.Builder() 117 .setTrustStorePath(path) 118 .setTrustStorePassword(x509TestContext.getTrustStorePassword()) 119 .build() 120 .loadTrustStore(); 121 assertEquals(1, ts.size()); 122 } 123 124 @ParameterizedTest 125 @MethodSource("data") testLoadTrustStoreWithWrongFilePath( X509KeyType caKeyType, X509KeyType certKeyType, String keyPassword, Integer paramIndex)126 public void testLoadTrustStoreWithWrongFilePath( 127 X509KeyType caKeyType, X509KeyType certKeyType, String keyPassword, Integer paramIndex) 128 throws Exception { 129 init(caKeyType, certKeyType, keyPassword, paramIndex); 130 assertThrows(IOException.class, () -> { 131 String path = x509TestContext.getTrustStoreFile(KeyStoreFileType.PEM).getAbsolutePath(); 132 new PEMFileLoader.Builder() 133 .setTrustStorePath(path + ".does_not_exist") 134 .setTrustStorePassword(x509TestContext.getTrustStorePassword()) 135 .build() 136 .loadTrustStore(); 137 }); 138 } 139 140 @ParameterizedTest 141 @MethodSource("data") testLoadTrustStoreWithNullFilePath( X509KeyType caKeyType, X509KeyType certKeyType, String keyPassword, Integer paramIndex)142 public void testLoadTrustStoreWithNullFilePath( 143 X509KeyType caKeyType, X509KeyType certKeyType, String keyPassword, Integer paramIndex) 144 throws Exception { 145 init(caKeyType, certKeyType, keyPassword, paramIndex); 146 assertThrows(NullPointerException.class, () -> { 147 new PEMFileLoader.Builder() 148 .setTrustStorePassword(x509TestContext.getTrustStorePassword()) 149 .build() 150 .loadTrustStore(); 151 }); 152 } 153 154 @ParameterizedTest 155 @MethodSource("data") testLoadTrustStoreWithWrongFileType( X509KeyType caKeyType, X509KeyType certKeyType, String keyPassword, Integer paramIndex)156 public void testLoadTrustStoreWithWrongFileType( 157 X509KeyType caKeyType, X509KeyType certKeyType, String keyPassword, Integer paramIndex) 158 throws Exception { 159 init(caKeyType, certKeyType, keyPassword, paramIndex); 160 // Trying to load a JKS file with PEM loader should fail 161 String path = x509TestContext.getTrustStoreFile(KeyStoreFileType.JKS).getAbsolutePath(); 162 KeyStore ts = new PEMFileLoader.Builder() 163 .setTrustStorePath(path) 164 .setTrustStorePassword(x509TestContext.getTrustStorePassword()) 165 .build() 166 .loadTrustStore(); 167 assertEquals(0, ts.size()); 168 } 169 170 } 171