jetty-exssl/src/test/java/org/eclipse/jetty/exssl/CertificateValidationTestBase.java - jetty/org.eclipse.jetty.sandbox - Git at Google

 package org.eclipse.jetty.exssl;

 import java.io.File;
 import java.lang.reflect.Constructor;
 import java.security.cert.CertificateException;

 import org.eclipse.jetty.io.SslContextFactory;
 import org.eclipse.jetty.server.Server;
 import org.eclipse.jetty.server.ssl.SslConnector;
 import org.eclipse.jetty.toolchain.test.MavenTestingUtils;
 import org.junit.After;
 import org.junit.Test;

 public abstract class CertificateValidationTestBase
 {
     protected Server _server;
     protected Class<? extends SslConnector> _klass;

     @After
     public void tearDown()
     {
         try
         {
             _server.stop();
             _server = null;
         }
         catch (Exception ex) {}
     }

     protected void doTest(String keystore) throws Exception
     {
         String keypath = MavenTestingUtils.getTestResourceFile(keystore).getAbsolutePath();
         String trustpath = new File(System.getProperty("java.home"),"./lib/security/cacerts").getAbsolutePath();
         String crlpath = MavenTestingUtils.getTestResourceFile("crlfile.pem").getAbsolutePath();

         SslContextFactory sslContextFactory = new SslContextFactory();
         sslContextFactory.setValidateCerts(true);
         sslContextFactory.setKeystore(keypath);
         sslContextFactory.setKeyStorePassword("webtide");
         sslContextFactory.setKeyManagerPassword("webtide");
         sslContextFactory.setTruststore(trustpath);
         sslContextFactory.setTrustStorePassword("changeit");
         sslContextFactory.setCrlPath(crlpath);

         Constructor<? extends SslConnector> constructor = _klass.getConstructor(SslContextFactory.class);
         SslConnector connector = constructor.newInstance(sslContextFactory);
         connector.setPort(0);

         _server = new Server();
         _server.addConnector(connector);
         _server.start();

         Thread.sleep(1000);
     }

     @Test
     public void validCertificateTest() throws Exception
     {
         doTest("jetty-valid.keystore"); // certificate is valid until Jan 1, 2050
     }

     @Test(expected = CertificateException.class)
     public void revokedCertificateTest() throws Exception
     {
         doTest("jetty-revoked.keystore"); // certificate is valid until Jan 1, 2050
     }

     @Test(expected = CertificateException.class)
     public void notvalidCertificateTest() throws Exception
     {
         doTest("jetty-notvalid.keystore"); // certificate is valid from Jan 1, 2049
     }

     @Test(expected = CertificateException.class)
     public void expiredCertificateTest() throws Exception
     {
         doTest("jetty-expired.keystore"); // certificate is valid until Dec 31, 2000
     }
 }
	package org.eclipse.jetty.exssl;

	import java.io.File;
	import java.lang.reflect.Constructor;
	import java.security.cert.CertificateException;

	import org.eclipse.jetty.io.SslContextFactory;
	import org.eclipse.jetty.server.Server;
	import org.eclipse.jetty.server.ssl.SslConnector;
	import org.eclipse.jetty.toolchain.test.MavenTestingUtils;
	import org.junit.After;
	import org.junit.Test;

	public abstract class CertificateValidationTestBase
	{
	protected Server _server;
	protected Class<? extends SslConnector> _klass;

	@After
	public void tearDown()
	{
	try
	{
	_server.stop();
	_server = null;
	}
	catch (Exception ex) {}
	}

	protected void doTest(String keystore) throws Exception
	{
	String keypath = MavenTestingUtils.getTestResourceFile(keystore).getAbsolutePath();
	String trustpath = new File(System.getProperty("java.home"),"./lib/security/cacerts").getAbsolutePath();
	String crlpath = MavenTestingUtils.getTestResourceFile("crlfile.pem").getAbsolutePath();

	SslContextFactory sslContextFactory = new SslContextFactory();
	sslContextFactory.setValidateCerts(true);
	sslContextFactory.setKeystore(keypath);
	sslContextFactory.setKeyStorePassword("webtide");
	sslContextFactory.setKeyManagerPassword("webtide");
	sslContextFactory.setTruststore(trustpath);
	sslContextFactory.setTrustStorePassword("changeit");
	sslContextFactory.setCrlPath(crlpath);

	Constructor<? extends SslConnector> constructor = _klass.getConstructor(SslContextFactory.class);
	SslConnector connector = constructor.newInstance(sslContextFactory);
	connector.setPort(0);

	_server = new Server();
	_server.addConnector(connector);
	_server.start();

	Thread.sleep(1000);
	}

	@Test
	public void validCertificateTest() throws Exception
	{
	doTest("jetty-valid.keystore"); // certificate is valid until Jan 1, 2050
	}

	@Test(expected = CertificateException.class)
	public void revokedCertificateTest() throws Exception
	{
	doTest("jetty-revoked.keystore"); // certificate is valid until Jan 1, 2050
	}

	@Test(expected = CertificateException.class)
	public void notvalidCertificateTest() throws Exception
	{
	doTest("jetty-notvalid.keystore"); // certificate is valid from Jan 1, 2049
	}

	@Test(expected = CertificateException.class)
	public void expiredCertificateTest() throws Exception
	{
	doTest("jetty-expired.keystore"); // certificate is valid until Dec 31, 2000
	}
	}