PropertiesSslBundleTests Class — spring-boot Architecture

Architecture documentation for the PropertiesSslBundleTests class in PropertiesSslBundleTests.java from the spring-boot codebase.
Class java GradlePlugin
Entity Profile

GradlePlugin→ PropertiesSslBundleTests Class — spring-boot Architecture
Relationship Graph

Source Code

core/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/ssl/PropertiesSslBundleTests.java lines 44–176
class PropertiesSslBundleTests {

	private static final char[] EMPTY_KEY_PASSWORD = new char[] {};

	@Test
	void pemPropertiesAreMappedToSslBundle() throws Exception {
		PemSslBundleProperties properties = new PemSslBundleProperties();
		properties.getKey().setAlias("alias");
		properties.getKey().setPassword("secret");
		properties.getOptions().setCiphers(Set.of("cipher1", "cipher2", "cipher3"));
		properties.getOptions().setEnabledProtocols(Set.of("protocol1", "protocol2"));
		properties.getKeystore().setCertificate("classpath:org/springframework/boot/autoconfigure/ssl/rsa-cert.pem");
		properties.getKeystore().setPrivateKey("classpath:org/springframework/boot/autoconfigure/ssl/rsa-key.pem");
		properties.getKeystore().setPrivateKeyPassword(null);
		properties.getKeystore().setType("PKCS12");
		properties.getTruststore()
			.setCertificate("classpath:org/springframework/boot/autoconfigure/ssl/ed25519-cert.pem");
		properties.getTruststore()
			.setPrivateKey("classpath:org/springframework/boot/autoconfigure/ssl/ed25519-key.pem");
		properties.getTruststore().setPrivateKeyPassword("secret");
		properties.getTruststore().setType("PKCS12");
		SslBundle sslBundle = PropertiesSslBundle.get(properties);
		assertThat(sslBundle.getKey().getAlias()).isEqualTo("alias");
		assertThat(sslBundle.getKey().getPassword()).isEqualTo("secret");
		assertThat(sslBundle.getOptions().getCiphers()).containsExactlyInAnyOrder("cipher1", "cipher2", "cipher3");
		assertThat(sslBundle.getOptions().getEnabledProtocols()).containsExactlyInAnyOrder("protocol1", "protocol2");
		assertThat(sslBundle.getStores()).isNotNull();
		KeyStore keyStore = sslBundle.getStores().getKeyStore();
		assertThat(keyStore).isNotNull();
		Certificate certificate = keyStore.getCertificate("alias");
		assertThat(certificate).isNotNull();
		assertThat(certificate.getType()).isEqualTo("X.509");
		Key key = keyStore.getKey("alias", "secret".toCharArray());
		assertThat(key).isNotNull();
		assertThat(key.getAlgorithm()).isEqualTo("RSA");
		KeyStore trustStore = sslBundle.getStores().getTrustStore();
		assertThat(trustStore).isNotNull();
		certificate = trustStore.getCertificate("ssl");
		assertThat(certificate).isNotNull();
		assertThat(certificate.getType()).isEqualTo("X.509");
	}

	@Test
	void jksPropertiesAreMappedToSslBundle() {
		JksSslBundleProperties properties = new JksSslBundleProperties();
		properties.getKey().setAlias("alias");
		properties.getKey().setPassword("secret");
		properties.getOptions().setCiphers(Set.of("cipher1", "cipher2", "cipher3"));
		properties.getOptions().setEnabledProtocols(Set.of("protocol1", "protocol2"));
		properties.getKeystore().setPassword("secret");
		properties.getKeystore().setProvider("SUN");
		properties.getKeystore().setType("JKS");
		properties.getKeystore().setLocation("classpath:org/springframework/boot/autoconfigure/ssl/keystore.jks");
		properties.getTruststore().setPassword("secret");
		properties.getTruststore().setProvider("SUN");
		properties.getTruststore().setType("PKCS12");
		properties.getTruststore().setLocation("classpath:org/springframework/boot/autoconfigure/ssl/keystore.pkcs12");
		SslBundle sslBundle = PropertiesSslBundle.get(properties);
		assertThat(sslBundle.getKey().getAlias()).isEqualTo("alias");
		assertThat(sslBundle.getKey().getPassword()).isEqualTo("secret");
		assertThat(sslBundle.getOptions().getCiphers()).containsExactlyInAnyOrder("cipher1", "cipher2", "cipher3");
		assertThat(sslBundle.getOptions().getEnabledProtocols()).containsExactlyInAnyOrder("protocol1", "protocol2");
		assertThat(sslBundle.getStores()).isNotNull();
		assertThat(sslBundle.getStores()).extracting("keyStoreDetails")
			.extracting("location", "password", "provider", "type")
			.containsExactly("classpath:org/springframework/boot/autoconfigure/ssl/keystore.jks", "secret", "SUN",
					"JKS");
		KeyStore trustStore = sslBundle.getStores().getTrustStore();
		assertThat(trustStore).isNotNull();
		assertThat(trustStore.getType()).isEqualTo("PKCS12");
		assertThat(trustStore.getProvider().getName()).isEqualTo("SUN");
	}

	@Test
	void getWithPemSslBundlePropertiesWhenVerifyKeyStoreAgainstSingleCertificateWithMatchCreatesBundle() {
		PemSslBundleProperties properties = new PemSslBundleProperties();
		properties.getKeystore().setCertificate("classpath:org/springframework/boot/autoconfigure/ssl/key1.crt");
		properties.getKeystore().setPrivateKey("classpath:org/springframework/boot/autoconfigure/ssl/key1.pem");
		properties.getKeystore().setVerifyKeys(true);
		properties.getKey().setAlias("test-alias");
		SslBundle bundle = PropertiesSslBundle.get(properties);
		assertThat(bundle.getStores().getKeyStore()).satisfies(storeContainingCertAndKey("test-alias"));
	}

	@Test
	void getWithPemSslBundlePropertiesWhenVerifyKeyStoreAgainstCertificateChainWithMatchCreatesBundle() {
		PemSslBundleProperties properties = new PemSslBundleProperties();
		properties.getKeystore().setCertificate("classpath:org/springframework/boot/autoconfigure/ssl/key2-chain.crt");
		properties.getKeystore().setPrivateKey("classpath:org/springframework/boot/autoconfigure/ssl/key2.pem");
		properties.getKeystore().setVerifyKeys(true);
		properties.getKey().setAlias("test-alias");
		SslBundle bundle = PropertiesSslBundle.get(properties);
		assertThat(bundle.getStores().getKeyStore()).satisfies(storeContainingCertAndKey("test-alias"));
	}

	@Test
	void getWithPemSslBundlePropertiesWhenVerifyKeyStoreWithNoMatchThrowsException() {
		PemSslBundleProperties properties = new PemSslBundleProperties();
		properties.getKeystore().setCertificate("classpath:org/springframework/boot/autoconfigure/ssl/key2.crt");
		properties.getKeystore().setPrivateKey("classpath:org/springframework/boot/autoconfigure/ssl/key1.pem");
		properties.getKeystore().setVerifyKeys(true);
		properties.getKey().setAlias("test-alias");
		assertThatIllegalStateException().isThrownBy(() -> PropertiesSslBundle.get(properties))
			.withMessageContaining("Private key in keystore matches none of the certificates");
	}

	@Test
	void getWithResourceLoader() {
		PemSslBundleProperties properties = new PemSslBundleProperties();
		properties.getKeystore().setCertificate("classpath:org/springframework/boot/autoconfigure/ssl/key2-chain.crt");
		properties.getKeystore().setPrivateKey("classpath:org/springframework/boot/autoconfigure/ssl/key2.pem");
		properties.getKeystore().setVerifyKeys(true);
		properties.getKey().setAlias("test-alias");
		ResourceLoader resourceLoader = spy(new DefaultResourceLoader());
		SslBundle bundle = PropertiesSslBundle.get(properties, resourceLoader);
		assertThat(bundle.getStores().getKeyStore()).satisfies(storeContainingCertAndKey("test-alias"));
		then(resourceLoader).should(atLeastOnce())
			.getResource("classpath:org/springframework/boot/autoconfigure/ssl/key2-chain.crt");
		then(resourceLoader).should(atLeastOnce())
			.getResource("classpath:org/springframework/boot/autoconfigure/ssl/key2.pem");
	}

	private Consumer<KeyStore> storeContainingCertAndKey(String keyAlias) {
		return ThrowingConsumer.of((keyStore) -> {
			assertThat(keyStore).isNotNull();
			assertThat(keyStore.getType()).isEqualTo(KeyStore.getDefaultType());
			assertThat(keyStore.containsAlias(keyAlias)).isTrue();
			assertThat(keyStore.getCertificate(keyAlias)).isNotNull();
			assertThat(keyStore.getKey(keyAlias, EMPTY_KEY_PASSWORD)).isNotNull();
		});
	}

}
Domain

GradlePlugin
Source

View on GitHub
Analyze Your Own Codebase

Get architecture documentation, dependency graphs, and domain analysis for your codebase in minutes.
Try Supermodel Free