Source code

001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018package org.apache.hadoop.hbase.io.crypto.tls;
019
020import java.io.IOException;
021import java.security.KeyStore;
022import java.security.KeyStoreException;
023import org.apache.hadoop.hbase.HBaseClassTestRule;
024import org.apache.hadoop.hbase.testclassification.SecurityTests;
025import org.apache.hadoop.hbase.testclassification.SmallTests;
026import org.junit.Assert;
027import org.junit.ClassRule;
028import org.junit.Test;
029import org.junit.experimental.categories.Category;
030import org.junit.runner.RunWith;
031import org.junit.runners.Parameterized;
032
033/**
034 * This file has been copied from the Apache ZooKeeper project.
035 * @see <a href=
036 *      "https://github.com/apache/zookeeper/blob/master/zookeeper-server/src/test/java/org/apache/zookeeper/common/PEMFileLoaderTest.java">Base
037 *      revision</a>
038 */
039@RunWith(Parameterized.class)
040@Category({ SecurityTests.class, SmallTests.class })
041public class TestPEMFileLoader extends AbstractTestX509Parameterized {
042
043  @ClassRule
044  public static final HBaseClassTestRule CLASS_RULE =
045    HBaseClassTestRule.forClass(TestPEMFileLoader.class);
046
047  @Test
048  public void testLoadKeyStore() throws Exception {
049    String path = x509TestContext.getKeyStoreFile(KeyStoreFileType.PEM).getAbsolutePath();
050    KeyStore ks = new PEMFileLoader.Builder().setKeyStorePath(path)
051      .setKeyStorePassword(x509TestContext.getKeyStorePassword()).build().loadKeyStore();
052    Assert.assertEquals(1, ks.size());
053  }
054
055  @Test(expected = Exception.class)
056  public void testLoadKeyStoreWithWrongPassword() throws Exception {
057    String path = x509TestContext.getKeyStoreFile(KeyStoreFileType.PEM).getAbsolutePath();
058    new PEMFileLoader.Builder().setKeyStorePath(path)
059      .setKeyStorePassword("wrong password".toCharArray()).build().loadKeyStore();
060  }
061
062  @Test(expected = IOException.class)
063  public void testLoadKeyStoreWithWrongFilePath() throws Exception {
064    String path = x509TestContext.getKeyStoreFile(KeyStoreFileType.PEM).getAbsolutePath();
065    new PEMFileLoader.Builder().setKeyStorePath(path + ".does_not_exist")
066      .setKeyStorePassword(x509TestContext.getKeyStorePassword()).build().loadKeyStore();
067  }
068
069  @Test(expected = NullPointerException.class)
070  public void testLoadKeyStoreWithNullFilePath() throws Exception {
071    new PEMFileLoader.Builder().setKeyStorePassword(x509TestContext.getKeyStorePassword()).build()
072      .loadKeyStore();
073  }
074
075  @Test(expected = KeyStoreException.class)
076  public void testLoadKeyStoreWithWrongFileType() throws Exception {
077    // Trying to load a JKS file with PEM loader should fail
078    String path = x509TestContext.getKeyStoreFile(KeyStoreFileType.JKS).getAbsolutePath();
079    new PEMFileLoader.Builder().setKeyStorePath(path)
080      .setKeyStorePassword(x509TestContext.getKeyStorePassword()).build().loadKeyStore();
081  }
082
083  @Test
084  public void testLoadTrustStore() throws Exception {
085    String path = x509TestContext.getTrustStoreFile(KeyStoreFileType.PEM).getAbsolutePath();
086    KeyStore ts = new PEMFileLoader.Builder().setTrustStorePath(path)
087      .setTrustStorePassword(x509TestContext.getTrustStorePassword()).build().loadTrustStore();
088    Assert.assertEquals(1, ts.size());
089  }
090
091  @Test(expected = IOException.class)
092  public void testLoadTrustStoreWithWrongFilePath() throws Exception {
093    String path = x509TestContext.getTrustStoreFile(KeyStoreFileType.PEM).getAbsolutePath();
094    new PEMFileLoader.Builder().setTrustStorePath(path + ".does_not_exist")
095      .setTrustStorePassword(x509TestContext.getTrustStorePassword()).build().loadTrustStore();
096  }
097
098  @Test(expected = NullPointerException.class)
099  public void testLoadTrustStoreWithNullFilePath() throws Exception {
100    new PEMFileLoader.Builder().setTrustStorePassword(x509TestContext.getTrustStorePassword())
101      .build().loadTrustStore();
102  }
103
104  @Test
105  public void testLoadTrustStoreWithWrongFileType() throws Exception {
106    // Trying to load a JKS file with PEM loader should fail
107    String path = x509TestContext.getTrustStoreFile(KeyStoreFileType.JKS).getAbsolutePath();
108    KeyStore ts = new PEMFileLoader.Builder().setTrustStorePath(path)
109      .setTrustStorePassword(x509TestContext.getTrustStorePassword()).build().loadTrustStore();
110    Assert.assertEquals(0, ts.size());
111  }
112}