cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From buhhu...@apache.org
Subject [cxf] branch master updated: SSLUtils: move tests and update due to JDK-8211883
Date Tue, 22 Jan 2019 11:25:48 GMT
This is an automated email from the ASF dual-hosted git repository.

buhhunyx pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf.git


The following commit(s) were added to refs/heads/master by this push:
     new 8df4b33  SSLUtils: move tests and update due to JDK-8211883
8df4b33 is described below

commit 8df4b33f4dad2934b05cb1c0e706276f76bc7044
Author: amarkevich <amarkevich@talend.com>
AuthorDate: Tue Jan 22 13:46:40 2019 +0300

    SSLUtils: move tests and update due to JDK-8211883
---
 .../cxf/configuration/jsse/SSLUtilsTest.java       | 90 ++++++++++++++++++++++
 .../https/ciphersuites/CipherSuitesTest.java       | 55 -------------
 2 files changed, 90 insertions(+), 55 deletions(-)

diff --git a/core/src/test/java/org/apache/cxf/configuration/jsse/SSLUtilsTest.java b/core/src/test/java/org/apache/cxf/configuration/jsse/SSLUtilsTest.java
new file mode 100644
index 0000000..1ac700f
--- /dev/null
+++ b/core/src/test/java/org/apache/cxf/configuration/jsse/SSLUtilsTest.java
@@ -0,0 +1,90 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.configuration.jsse;
+
+import java.util.Arrays;
+
+import javax.net.ssl.SSLContext;
+
+import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.configuration.security.FiltersType;
+
+import org.junit.Test;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+
+public class SSLUtilsTest {
+
+    @Test
+    public void testDefaultCipherSuitesFilterExcluded() throws Exception {
+        SSLContext sslContext = SSLContext.getInstance("TLS");
+        sslContext.init(null, null, new java.security.SecureRandom());
+
+        FiltersType filtersType = new FiltersType();
+        filtersType.getInclude().add(".*_AES_.*");
+        String[] supportedCipherSuites = sslContext.getSocketFactory().getSupportedCipherSuites();
+        String[] filteredCipherSuites = SSLUtils.getFilteredCiphersuites(filtersType, supportedCipherSuites,
+                                         LogUtils.getL7dLogger(SSLUtilsTest.class), false);
+
+        assertTrue(filteredCipherSuites.length > 0);
+        // Check we have no anon/EXPORT/NULL/etc ciphersuites
+        assertFalse(Arrays.stream(
+            filteredCipherSuites).anyMatch(c -> c.matches(".*NULL|anon|EXPORT|DES|MD5|CBC|RC4.*")));
+    }
+
+    @Test
+    public void testExclusionFilter() throws Exception {
+        SSLContext sslContext = SSLContext.getInstance("TLS");
+        sslContext.init(null, null, new java.security.SecureRandom());
+
+        FiltersType filtersType = new FiltersType();
+        filtersType.getInclude().add(".*_SHA384");
+        filtersType.getExclude().add(".*_SHA256");
+        String[] supportedCipherSuites = sslContext.getSocketFactory().getSupportedCipherSuites();
+        String[] filteredCipherSuites = SSLUtils.getFilteredCiphersuites(filtersType, supportedCipherSuites,
+                                         LogUtils.getL7dLogger(SSLUtilsTest.class), false);
+
+        assertTrue(filteredCipherSuites.length > 0);
+        // Check we have no SHA-256 ciphersuites
+        assertFalse(Arrays.stream(
+            filteredCipherSuites).anyMatch(c -> c.matches(".*_SHA256")));
+    }
+
+    @Test
+    public void testInclusionFilter() throws Exception {
+        SSLContext sslContext = SSLContext.getInstance("TLS");
+        sslContext.init(null, null, new java.security.SecureRandom());
+
+        FiltersType filtersType = new FiltersType();
+        filtersType.getInclude().add(".*_SHA256");
+        String[] supportedCipherSuites = sslContext.getSocketFactory().getSupportedCipherSuites();
+        String[] filteredCipherSuites = SSLUtils.getFilteredCiphersuites(filtersType, supportedCipherSuites,
+                                         LogUtils.getL7dLogger(SSLUtilsTest.class), false);
+
+        assertTrue(filteredCipherSuites.length > 0);
+        // Check we have SHA-256 ciphersuites
+        assertTrue(Arrays.stream(
+            filteredCipherSuites).anyMatch(c -> c.matches(".*_SHA256")));
+    }
+
+
+}
\ No newline at end of file
diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/https/ciphersuites/CipherSuitesTest.java
b/systests/transports/src/test/java/org/apache/cxf/systest/https/ciphersuites/CipherSuitesTest.java
index f83ec6f..5438934 100644
--- a/systests/transports/src/test/java/org/apache/cxf/systest/https/ciphersuites/CipherSuitesTest.java
+++ b/systests/transports/src/test/java/org/apache/cxf/systest/https/ciphersuites/CipherSuitesTest.java
@@ -22,13 +22,11 @@ package org.apache.cxf.systest.https.ciphersuites;
 import java.net.URL;
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
-import java.util.Arrays;
 import java.util.Collections;
 
 import javax.crypto.Cipher;
 import javax.crypto.SecretKey;
 import javax.crypto.spec.SecretKeySpec;
-import javax.net.ssl.SSLContext;
 import javax.net.ssl.TrustManager;
 import javax.net.ssl.X509TrustManager;
 import javax.xml.ws.BindingProvider;
@@ -36,10 +34,7 @@ import javax.xml.ws.BindingProvider;
 import org.apache.cxf.Bus;
 import org.apache.cxf.BusFactory;
 import org.apache.cxf.bus.spring.SpringBusFactory;
-import org.apache.cxf.common.logging.LogUtils;
-import org.apache.cxf.configuration.jsse.SSLUtils;
 import org.apache.cxf.configuration.jsse.TLSClientParameters;
-import org.apache.cxf.configuration.security.FiltersType;
 import org.apache.cxf.endpoint.Client;
 import org.apache.cxf.frontend.ClientProxy;
 import org.apache.cxf.helpers.JavaUtils;
@@ -53,7 +48,6 @@ import org.junit.Assume;
 import org.junit.BeforeClass;
 
 import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertTrue;
 import static org.junit.Assert.fail;
@@ -681,55 +675,6 @@ public class CipherSuitesTest extends AbstractBusClientServerTestBase
{
         bus.shutdown(true);
     }
 
-    @org.junit.Test
-    public void testDefaultCipherSuitesFilterExcluded() throws Exception {
-        SSLContext sslContext = SSLContext.getInstance("TLS");
-        sslContext.init(null, null, new java.security.SecureRandom());
-
-        FiltersType filtersType = new FiltersType();
-        filtersType.getInclude().add(".*_AES_.*");
-        String[] supportedCipherSuites = sslContext.getSocketFactory().getSupportedCipherSuites();
-        String[] filteredCipherSuites = SSLUtils.getFilteredCiphersuites(filtersType, supportedCipherSuites,
-                                         LogUtils.getL7dLogger(CipherSuitesTest.class), false);
-
-        // Check we have no anon/EXPORT/NULL/etc ciphersuites
-        assertFalse(Arrays.stream(
-            filteredCipherSuites).anyMatch(c -> c.matches(".*NULL|anon|EXPORT|DES|MD5|CBC|RC4.*")));
-    }
-
-    @org.junit.Test
-    public void testExclusionFilter() throws Exception {
-        SSLContext sslContext = SSLContext.getInstance("TLS");
-        sslContext.init(null, null, new java.security.SecureRandom());
-
-        FiltersType filtersType = new FiltersType();
-        filtersType.getInclude().add(".*_AES_.*");
-        filtersType.getExclude().add(".*anon.*");
-        String[] supportedCipherSuites = sslContext.getSocketFactory().getSupportedCipherSuites();
-        String[] filteredCipherSuites = SSLUtils.getFilteredCiphersuites(filtersType, supportedCipherSuites,
-                                         LogUtils.getL7dLogger(CipherSuitesTest.class), false);
-
-        // Check we have no anon ciphersuites
-        assertFalse(Arrays.stream(
-            filteredCipherSuites).anyMatch(c -> c.matches(".*anon.*")));
-    }
-
-    @org.junit.Test
-    public void testInclusionFilter() throws Exception {
-        SSLContext sslContext = SSLContext.getInstance("TLS");
-        sslContext.init(null, null, new java.security.SecureRandom());
-
-        FiltersType filtersType = new FiltersType();
-        filtersType.getInclude().add(".*anon.*");
-        String[] supportedCipherSuites = sslContext.getSocketFactory().getSupportedCipherSuites();
-        String[] filteredCipherSuites = SSLUtils.getFilteredCiphersuites(filtersType, supportedCipherSuites,
-                                         LogUtils.getL7dLogger(CipherSuitesTest.class), false);
-
-        // Check we have anon ciphersuites
-        assertTrue(Arrays.stream(
-            filteredCipherSuites).anyMatch(c -> c.matches(".*anon.*")));
-    }
-
     private static class NoOpX509TrustManager implements X509TrustManager {
 
         NoOpX509TrustManager() {


Mime
View raw message