Merge pull request #8543 from vespa-engine/revert-8511-bjorncs/jdisc-misc-mode-preparations

Revert "Bjorncs/jdisc mixed mode preparations"
author: Håkon Hallingstad <hakon@oath.com> 2019-02-18 19:52:05 +0100
committer: GitHub <noreply@github.com> 2019-02-18 19:52:05 +0100
commit: c3f34b6b1de9836d6d2175757a3081ffcc29a90c (patch)
tree: b8de6a559038b0438a091e32117c51472a27598e /security-utils/src/test/java/com/yahoo/security
parent: 10504a888b8e9affd97edd8749f87b90c23d7b9d (diff)
parent: a9e317a5dd2370866bc5c519d522a824cf118c8e (diff)
3 files changed, 0 insertions, 208 deletions
diff --git a/security-utils/src/test/java/com/yahoo/security/tls/AutoReloadingX509KeyManagerTest.java b/security-utils/src/test/java/com/yahoo/security/tls/AutoReloadingX509KeyManagerTest.java
deleted file mode 100644
index 139d5313074..00000000000
--- a/security-utils/src/test/java/com/yahoo/security/tls/AutoReloadingX509KeyManagerTest.java
+++ /dev/null
@@ -1,84 +0,0 @@
-// Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
-package com.yahoo.security.tls;
-
-import com.yahoo.security.KeyAlgorithm;
-import com.yahoo.security.KeyUtils;
-import com.yahoo.security.SignatureAlgorithm;
-import com.yahoo.security.X509CertificateBuilder;
-import com.yahoo.security.X509CertificateUtils;
-import org.junit.Rule;
-import org.junit.Test;
-import org.junit.rules.TemporaryFolder;
-import org.mockito.ArgumentCaptor;
-import org.mockito.Mockito;
-
-import javax.security.auth.x500.X500Principal;
-import java.io.IOException;
-import java.math.BigInteger;
-import java.nio.file.Files;
-import java.nio.file.Path;
-import java.security.KeyPair;
-import java.security.Principal;
-import java.security.cert.X509Certificate;
-import java.time.Instant;
-import java.util.concurrent.ScheduledExecutorService;
-
-import static java.time.temporal.ChronoUnit.DAYS;
-import static org.assertj.core.api.Assertions.assertThat;
-import static org.mockito.Matchers.any;
-import static org.mockito.Matchers.anyLong;
-import static org.mockito.Mockito.verify;
-
-/**
- * @author bjorncs
- */
-public class AutoReloadingX509KeyManagerTest {
-    private static final X500Principal SUBJECT = new X500Principal("CN=dummy");
-
-    @Rule
-    public TemporaryFolder tempDirectory = new TemporaryFolder();
-
-    @Test
-    public void crypto_material_is_reloaded_when_scheduler_task_is_executed() throws IOException {
-        KeyPair keyPair = KeyUtils.generateKeypair(KeyAlgorithm.EC);
-        Path privateKeyFile = tempDirectory.newFile().toPath();
-        Files.writeString(privateKeyFile, KeyUtils.toPem(keyPair.getPrivate()));
-
-        Path certificateFile = tempDirectory.newFile().toPath();
-        BigInteger serialNumberInitialCertificate = BigInteger.ONE;
-        X509Certificate initialCertificate = generateCertificate(keyPair, serialNumberInitialCertificate);
-        Files.writeString(certificateFile, X509CertificateUtils.toPem(initialCertificate));
-
-        ScheduledExecutorService scheduler = Mockito.mock(ScheduledExecutorService.class);
-        ArgumentCaptor<Runnable> updaterTaskCaptor = ArgumentCaptor.forClass(Runnable.class);
-
-        AutoReloadingX509KeyManager keyManager = new AutoReloadingX509KeyManager(privateKeyFile, certificateFile, scheduler);
-        verify(scheduler).scheduleAtFixedRate(updaterTaskCaptor.capture(), anyLong(), anyLong(), any());
-
-        String[] initialAliases = keyManager.getClientAliases(keyPair.getPublic().getAlgorithm(), new Principal[]{SUBJECT});
-        X509Certificate[] certChain = keyManager.getCertificateChain(initialAliases[0]);
-        assertThat(certChain).hasSize(1);
-        assertThat(certChain[0].getSerialNumber()).isEqualTo(serialNumberInitialCertificate);
-
-        BigInteger serialNumberUpdatedCertificate = BigInteger.TWO;
-        X509Certificate updatedCertificate = generateCertificate(keyPair, serialNumberUpdatedCertificate);
-        Files.writeString(certificateFile, X509CertificateUtils.toPem(updatedCertificate));
-
-        updaterTaskCaptor.getValue().run(); // run update task in ReloadingX509KeyManager
-
-        String[] updatedAliases = keyManager.getClientAliases(keyPair.getPublic().getAlgorithm(), new Principal[]{SUBJECT});
-        X509Certificate[] updatedCertChain = keyManager.getCertificateChain(updatedAliases[0]);
-        assertThat(updatedCertChain).hasSize(1);
-        assertThat(updatedCertChain[0].getSerialNumber()).isEqualTo(serialNumberUpdatedCertificate);
-    }
-
-    private static X509Certificate generateCertificate(KeyPair keyPair, BigInteger serialNumber) {
-        return X509CertificateBuilder.fromKeypair(keyPair,
-                                                  SUBJECT,
-                                                  Instant.EPOCH,
-                                                  Instant.EPOCH.plus(1, DAYS),
-                                                  SignatureAlgorithm.SHA256_WITH_ECDSA,
-                                                  serialNumber)
-                .build();
-    }
-}
-\ No newline at end of file
diff --git a/security-utils/src/test/java/com/yahoo/security/tls/MutableX509KeyManagerTest.java b/security-utils/src/test/java/com/yahoo/security/tls/MutableX509KeyManagerTest.java
deleted file mode 100644
index 30e54d3c09d..00000000000
--- a/security-utils/src/test/java/com/yahoo/security/tls/MutableX509KeyManagerTest.java
+++ /dev/null
@@ -1,65 +0,0 @@
-// Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
-package com.yahoo.security.tls;
-
-import com.yahoo.security.KeyAlgorithm;
-import com.yahoo.security.KeyStoreBuilder;
-import com.yahoo.security.KeyStoreType;
-import com.yahoo.security.KeyUtils;
-import com.yahoo.security.SignatureAlgorithm;
-import com.yahoo.security.X509CertificateBuilder;
-import org.junit.Test;
-
-import javax.security.auth.x500.X500Principal;
-import java.math.BigInteger;
-import java.security.KeyPair;
-import java.security.KeyStore;
-import java.security.Principal;
-import java.security.cert.X509Certificate;
-import java.time.Instant;
-
-import static java.time.temporal.ChronoUnit.DAYS;
-import static org.assertj.core.api.Assertions.assertThat;
-
-/**
- * @author bjorncs
- */
-public class MutableX509KeyManagerTest {
-
-    private static final X500Principal SUBJECT = new X500Principal("CN=dummy");
-
-    @Test
-    public void key_manager_can_be_updated_with_new_certificate() {
-        KeyPair keyPair = KeyUtils.generateKeypair(KeyAlgorithm.EC);
-
-        BigInteger serialNumberInitialCertificate = BigInteger.ONE;
-        KeyStore initialKeystore = generateKeystore(keyPair, serialNumberInitialCertificate);
-
-        MutableX509KeyManager keyManager = new MutableX509KeyManager(initialKeystore, new char[0]);
-
-        String[] initialAliases = keyManager.getClientAliases(keyPair.getPublic().getAlgorithm(), new Principal[]{SUBJECT});
-        assertThat(initialAliases).hasSize(1);
-        X509Certificate[] certChain = keyManager.getCertificateChain(initialAliases[0]);
-        assertThat(certChain).hasSize(1);
-        assertThat(certChain[0].getSerialNumber()).isEqualTo(serialNumberInitialCertificate);
-
-        BigInteger serialNumberUpdatedCertificate = BigInteger.TWO;
-        KeyStore updatedKeystore = generateKeystore(keyPair, serialNumberUpdatedCertificate);
-        keyManager.updateKeystore(updatedKeystore, new char[0]);
-
-        String[] updatedAliases = keyManager.getClientAliases(keyPair.getPublic().getAlgorithm(), new Principal[]{SUBJECT});
-        assertThat(updatedAliases).hasSize(1);
-        X509Certificate[] updatedCertChain = keyManager.getCertificateChain(updatedAliases[0]);
-        assertThat(updatedCertChain).hasSize(1);
-        assertThat(updatedCertChain[0].getSerialNumber()).isEqualTo(serialNumberUpdatedCertificate);
-    }
-
-    private static KeyStore generateKeystore(KeyPair keyPair, BigInteger serialNumber) {
-        X509Certificate certificate = X509CertificateBuilder.fromKeypair(
-                keyPair, SUBJECT, Instant.EPOCH, Instant.EPOCH.plus(1, DAYS), SignatureAlgorithm.SHA256_WITH_ECDSA, serialNumber)
-                .build();
-        return KeyStoreBuilder.withType(KeyStoreType.PKCS12)
-                .withKeyEntry("default", keyPair.getPrivate(), certificate)
-                .build();
-    }
-
-}
-\ No newline at end of file
diff --git a/security-utils/src/test/java/com/yahoo/security/tls/MutableX509TrustManagerTest.java b/security-utils/src/test/java/com/yahoo/security/tls/MutableX509TrustManagerTest.java
deleted file mode 100644
index 4c4ea332818..00000000000
--- a/security-utils/src/test/java/com/yahoo/security/tls/MutableX509TrustManagerTest.java
+++ /dev/null
@@ -1,59 +0,0 @@
-// Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
-package com.yahoo.security.tls;
-
-import com.yahoo.security.KeyAlgorithm;
-import com.yahoo.security.KeyStoreBuilder;
-import com.yahoo.security.KeyStoreType;
-import com.yahoo.security.KeyUtils;
-import com.yahoo.security.SignatureAlgorithm;
-import com.yahoo.security.X509CertificateBuilder;
-import org.junit.Test;
-
-import javax.security.auth.x500.X500Principal;
-import java.math.BigInteger;
-import java.security.KeyPair;
-import java.security.KeyStore;
-import java.security.cert.X509Certificate;
-import java.time.Instant;
-
-import static java.time.temporal.ChronoUnit.DAYS;
-import static org.assertj.core.api.Assertions.assertThat;
-
-/**
- * @author bjorncs
- */
-public class MutableX509TrustManagerTest {
-
-    @Test
-    public void key_manager_can_be_updated_with_new_certificate() {
-        KeyPair keyPair = KeyUtils.generateKeypair(KeyAlgorithm.EC);
-
-        X509Certificate initialCertificate = generateCertificate(new X500Principal("CN=issuer1"), keyPair);
-        KeyStore initialTruststore = generateTruststore(initialCertificate);
-
-        MutableX509TrustManager trustManager = new MutableX509TrustManager(initialTruststore);
-
-        X509Certificate[] initialAcceptedIssuers = trustManager.getAcceptedIssuers();
-        assertThat(initialAcceptedIssuers).containsExactly(initialCertificate);
-
-        X509Certificate updatedCertificate = generateCertificate(new X500Principal("CN=issuer2"), keyPair);
-        KeyStore updatedTruststore = generateTruststore(updatedCertificate);
-        trustManager.updateTruststore(updatedTruststore);
-
-        X509Certificate[] updatedAcceptedIssuers = trustManager.getAcceptedIssuers();
-        assertThat(updatedAcceptedIssuers).containsExactly(updatedCertificate);
-    }
-
-    private static X509Certificate generateCertificate(X500Principal issuer, KeyPair keyPair) {
-        return X509CertificateBuilder.fromKeypair(
-                keyPair, issuer, Instant.EPOCH, Instant.EPOCH.plus(1, DAYS), SignatureAlgorithm.SHA256_WITH_ECDSA, BigInteger.ONE)
-                .build();
-    }
-
-    private static KeyStore generateTruststore(X509Certificate certificate) {
-        return KeyStoreBuilder.withType(KeyStoreType.PKCS12)
-                .withCertificateEntry("default", certificate)
-                .build();
-    }
-
-}
-\ No newline at end of file
author	Håkon Hallingstad <hakon@oath.com>	2019-02-18 19:52:05 +0100
committer	GitHub <noreply@github.com>	2019-02-18 19:52:05 +0100
commit	c3f34b6b1de9836d6d2175757a3081ffcc29a90c (patch)
tree	b8de6a559038b0438a091e32117c51472a27598e /security-utils/src/test/java/com/yahoo/security
parent	10504a888b8e9affd97edd8749f87b90c23d7b9d (diff)
parent	a9e317a5dd2370866bc5c519d522a824cf118c8e (diff)