2 * ============LICENSE_START=======================================================
3 * dcaegen2-collectors-veshv
4 * ================================================================================
5 * Copyright (C) 2018 NOKIA
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
20 package org.onap.dcae.collectors.veshv.impl.socket
22 import io.netty.handler.ssl.ClientAuth
23 import io.netty.handler.ssl.ReferenceCountedOpenSslContext
24 import io.netty.handler.ssl.SslContextBuilder
25 import org.assertj.core.api.Assertions.assertThat
26 import org.jetbrains.spek.api.Spek
27 import org.jetbrains.spek.api.dsl.describe
28 import org.jetbrains.spek.api.dsl.given
29 import org.jetbrains.spek.api.dsl.it
30 import org.jetbrains.spek.api.dsl.on
31 import org.onap.dcae.collectors.veshv.domain.SecurityConfiguration
32 import java.nio.file.Paths
33 import kotlin.test.assertTrue
36 * @author Piotr Jaszczyk <piotr.jaszczyk@nokia.com>
39 object SslContextFactoryTest : Spek({
40 describe("SslContextFactory") {
41 given("config without disabled SSL") {
42 val sampleConfig = SecurityConfiguration(
43 privateKey = Paths.get("/", "tmp", "pk.pem"),
44 cert = Paths.get("/", "tmp", "cert.crt"),
45 trustedCert = Paths.get("/", "tmp", "clientCa.crt"))
47 val cut = object : SslContextFactory() {
48 override fun createSslContextWithConfiguredCerts(secConfig: SecurityConfiguration): SslContextBuilder {
49 return SslContextBuilder.forServer(resource("/ssl/ca.crt"), resource("/ssl/server.key"))
52 private fun resource(path: String) = SslContextFactoryTest.javaClass.getResourceAsStream(path)
55 on("creation of SSL context") {
56 val result = cut.createSslContext(sampleConfig)
58 it("should be server context") {
59 assertTrue(result.exists {
64 it("should use OpenSSL provider") {
65 assertTrue(result.isDefined())
69 * It is too important to leave it untested on unit level.
70 * Because of the Netty API design we need to do it this way.
72 it("should turn on client authentication") {
73 val clientAuth: ClientAuth = ReferenceCountedOpenSslContext::class.java
74 .getDeclaredField("clientAuth")
77 get(result.orNull()) as ClientAuth
79 assertThat(clientAuth).isEqualTo(ClientAuth.REQUIRE)
84 given("config with SSL disabled") {
85 val securityConfiguration = SecurityConfiguration(
87 privateKey = Paths.get("sample", "key"),
88 cert = Paths.get("sample", "cert"),
89 trustedCert = Paths.get("/", "sample", "trusted", "cert")
91 val cut = SslContextFactory()
93 on("creation of SSL context") {
94 val result = cut.createSslContext(securityConfiguration)
96 it("should not create any SSL context ") {
97 assertThat(result.isDefined()).isFalse()