diff --git a/src/systemTest/java/com/hivemq/cli/commands/cli/publish/PublishConnectTlsST.java b/src/systemTest/java/com/hivemq/cli/commands/cli/publish/PublishConnectTlsST.java index 6a20a4831..2a4615441 100644 --- a/src/systemTest/java/com/hivemq/cli/commands/cli/publish/PublishConnectTlsST.java +++ b/src/systemTest/java/com/hivemq/cli/commands/cli/publish/PublishConnectTlsST.java @@ -242,6 +242,45 @@ void test_tls_pem_format( }); } + @CartesianTest + @Timeout(value = 3, unit = TimeUnit.MINUTES) + void test_tls_pem_format_via_folder( + @CartesianTest.Values(chars = {'3', '5'}) final char mqttVersion, + @CartesianTest.Enum final @NotNull TlsVersion tlsVersion) throws Exception { + final String certificateAuthorityPublicKey = Resources.getResource("tls/certificateAuthority/capath/pem").getPath(); + + final List publishCommand = List.of("pub", + "-h", + hivemq.getHost(), + "-p", + String.valueOf(hivemq.getMqttTlsPort()), + "-V", + String.valueOf(mqttVersion), + "-i", + "cliTest", + "-t", + "test", + "-m", + "message", + "-s", + "--tls-version", + tlsVersion.toString(), + "--capath", + certificateAuthorityPublicKey, + "-d"); + + final ExecutionResultAsync executionResult = mqttCli.executeAsync(publishCommand); + executionResult.awaitStdOut("finish PUBLISH"); + assertConnectPacket(hivemq.getConnectPackets().get(0), + connectAssertion -> connectAssertion.setMqttVersion(MqttVersionConverter.toExtensionSdkVersion( + mqttVersion))); + + assertPublishPacket(hivemq.getPublishPackets().get(0), publishAssertion -> { + publishAssertion.setTopic("test"); + publishAssertion.setPayload(ByteBuffer.wrap("message".getBytes(StandardCharsets.UTF_8))); + }); + } + @CartesianTest @Timeout(value = 3, unit = TimeUnit.MINUTES) void test_properties_tls_pem_format( @@ -323,6 +362,45 @@ void test_tls_der_format( }); } + @CartesianTest + @Timeout(value = 3, unit = TimeUnit.MINUTES) + void test_tls_der_format_via_folder( + @CartesianTest.Values(chars = {'3', '5'}) final char mqttVersion, + @CartesianTest.Enum final @NotNull TlsVersion tlsVersion) throws Exception { + final String certificateAuthorityPublicKey = Resources.getResource("tls/certificateAuthority/capath/der").getPath(); + + final List publishCommand = List.of("pub", + "-h", + hivemq.getHost(), + "-p", + String.valueOf(hivemq.getMqttTlsPort()), + "-V", + String.valueOf(mqttVersion), + "-i", + "cliTest", + "-t", + "test", + "-m", + "message", + "-s", + "--tls-version", + tlsVersion.toString(), + "--capath", + certificateAuthorityPublicKey, + "-d"); + + final ExecutionResultAsync executionResult = mqttCli.executeAsync(publishCommand); + executionResult.awaitStdOut("finish PUBLISH"); + assertConnectPacket(hivemq.getConnectPackets().get(0), + connectAssertion -> connectAssertion.setMqttVersion(MqttVersionConverter.toExtensionSdkVersion( + mqttVersion))); + + assertPublishPacket(hivemq.getPublishPackets().get(0), publishAssertion -> { + publishAssertion.setTopic("test"); + publishAssertion.setPayload(ByteBuffer.wrap("message".getBytes(StandardCharsets.UTF_8))); + }); + } + @CartesianTest @Timeout(value = 3, unit = TimeUnit.MINUTES) void test_properties_tls_der_format( diff --git a/src/systemTest/java/com/hivemq/cli/commands/cli/subscribe/SubscribeConnectTlsST.java b/src/systemTest/java/com/hivemq/cli/commands/cli/subscribe/SubscribeConnectTlsST.java index b69349aac..e06849330 100644 --- a/src/systemTest/java/com/hivemq/cli/commands/cli/subscribe/SubscribeConnectTlsST.java +++ b/src/systemTest/java/com/hivemq/cli/commands/cli/subscribe/SubscribeConnectTlsST.java @@ -245,6 +245,48 @@ void test_tls_pem_format( }); } + @CartesianTest + @Timeout(value = 3, unit = TimeUnit.MINUTES) + void test_tls_pem_format_via_folder( + @CartesianTest.Values(chars = {'3', '5'}) final char mqttVersion, + @CartesianTest.Enum final @NotNull TlsVersion tlsVersion) throws Exception { + final String certificateAuthorityPublicKey = Resources.getResource("tls/certificateAuthority/capath/pem").getPath(); + + final List subscribeCommand = List.of("sub", + "-h", + hivemq.getHost(), + "-p", + String.valueOf(hivemq.getMqttTlsPort()), + "-V", + String.valueOf(mqttVersion), + "-i", + "cliTest", + "-t", + "topic", + "-s", + "--tls-version", + tlsVersion.toString(), + "--capath", + certificateAuthorityPublicKey, + "-d"); + + final ExecutionResultAsync executionResultAsync = mqttCli.executeAsync(subscribeCommand); + executionResultAsync.awaitStdOut("sending CONNECT"); + executionResultAsync.awaitStdOut("received CONNACK"); + executionResultAsync.awaitStdOut("sending SUBSCRIBE"); + executionResultAsync.awaitStdOut("received SUBACK"); + + assertConnectPacket(hivemq.getConnectPackets().get(0), + connectAssertion -> connectAssertion.setMqttVersion(MqttVersionConverter.toExtensionSdkVersion( + mqttVersion))); + + assertSubscribePacket(hivemq.getSubscribePackets().get(0), subscribeAssertion -> { + final List expectedSubscriptions = + List.of(new SubscriptionImpl("topic", Qos.EXACTLY_ONCE, RetainHandling.SEND, false, false)); + subscribeAssertion.setSubscriptions(expectedSubscriptions); + }); + } + @CartesianTest @Timeout(value = 3, unit = TimeUnit.MINUTES) void test_properties_tls_pem_format( @@ -332,6 +374,48 @@ void test_tls_der_format( }); } + @CartesianTest + @Timeout(value = 3, unit = TimeUnit.MINUTES) + void test_tls_der_format_via_folder( + @CartesianTest.Values(chars = {'3', '5'}) final char mqttVersion, + @CartesianTest.Enum final @NotNull TlsVersion tlsVersion) throws Exception { + final String certificateAuthorityPublicKey = Resources.getResource("tls/certificateAuthority/capath/der").getPath(); + + final List subscribeCommand = List.of("sub", + "-h", + hivemq.getHost(), + "-p", + String.valueOf(hivemq.getMqttTlsPort()), + "-V", + String.valueOf(mqttVersion), + "-i", + "cliTest", + "-t", + "topic", + "-s", + "--tls-version", + tlsVersion.toString(), + "--capath", + certificateAuthorityPublicKey, + "-d"); + + final ExecutionResultAsync executionResultAsync = mqttCli.executeAsync(subscribeCommand); + executionResultAsync.awaitStdOut("sending CONNECT"); + executionResultAsync.awaitStdOut("received CONNACK"); + executionResultAsync.awaitStdOut("sending SUBSCRIBE"); + executionResultAsync.awaitStdOut("received SUBACK"); + + assertConnectPacket(hivemq.getConnectPackets().get(0), + connectAssertion -> connectAssertion.setMqttVersion(MqttVersionConverter.toExtensionSdkVersion( + mqttVersion))); + + assertSubscribePacket(hivemq.getSubscribePackets().get(0), subscribeAssertion -> { + final List expectedSubscriptions = + List.of(new SubscriptionImpl("topic", Qos.EXACTLY_ONCE, RetainHandling.SEND, false, false)); + subscribeAssertion.setSubscriptions(expectedSubscriptions); + }); + } + @CartesianTest @Timeout(value = 3, unit = TimeUnit.MINUTES) void test_properties_tls_der_format( diff --git a/src/systemTest/java/com/hivemq/cli/commands/cli/test_broker/TestBrokerConnectTlsST.java b/src/systemTest/java/com/hivemq/cli/commands/cli/test_broker/TestBrokerConnectTlsST.java index afac68d71..acb50e586 100644 --- a/src/systemTest/java/com/hivemq/cli/commands/cli/test_broker/TestBrokerConnectTlsST.java +++ b/src/systemTest/java/com/hivemq/cli/commands/cli/test_broker/TestBrokerConnectTlsST.java @@ -193,6 +193,34 @@ void test_tls_pem_format( mqttVersion))); } + @CartesianTest + @Timeout(value = 3, unit = TimeUnit.MINUTES) + void test_tls_pem_format_via_folder( + @CartesianTest.Values(chars = {'3', '5'}) final char mqttVersion, + @CartesianTest.Enum final @NotNull TlsVersion tlsVersion) throws Exception { + final String certificateAuthorityPublicKey = Resources.getResource("tls/certificateAuthority/capath/pem").getPath(); + + final List testCommand = List.of("test", + "-h", + hivemq.getHost(), + "-p", + String.valueOf(hivemq.getMqttTlsPort()), + "-V", + String.valueOf(mqttVersion), + "-s", + "--tls-version", + tlsVersion.toString(), + "--capath", + certificateAuthorityPublicKey); + + final ExecutionResultAsync executionResult = mqttCli.executeAsync(testCommand); + executionResult.awaitStdOut("MQTT " + mqttVersion + ": OK"); + + assertTestConnectPacket(hivemq.getConnectPackets().get(0), + connectAssertion -> connectAssertion.setMqttVersion(MqttVersionConverter.toExtensionSdkVersion( + mqttVersion))); + } + @CartesianTest @Timeout(value = 3, unit = TimeUnit.MINUTES) void test_properties_tls_pem_format( @@ -252,6 +280,34 @@ void test_tls_der_format( mqttVersion))); } + @CartesianTest + @Timeout(value = 3, unit = TimeUnit.MINUTES) + void test_tls_der_format_via_folder( + @CartesianTest.Values(chars = {'3', '5'}) final char mqttVersion, + @CartesianTest.Enum final @NotNull TlsVersion tlsVersion) throws Exception { + final String certificateAuthorityPublicKey = Resources.getResource("tls/certificateAuthority/capath/der").getPath(); + + final List testCommand = List.of("test", + "-h", + hivemq.getHost(), + "-p", + String.valueOf(hivemq.getMqttTlsPort()), + "-V", + String.valueOf(mqttVersion), + "-s", + "--tls-version", + tlsVersion.toString(), + "--capath", + certificateAuthorityPublicKey); + + final ExecutionResultAsync executionResult = mqttCli.executeAsync(testCommand); + executionResult.awaitStdOut("MQTT " + mqttVersion + ": OK"); + + assertTestConnectPacket(hivemq.getConnectPackets().get(0), + connectAssertion -> connectAssertion.setMqttVersion(MqttVersionConverter.toExtensionSdkVersion( + mqttVersion))); + } + @CartesianTest @Timeout(value = 3, unit = TimeUnit.MINUTES) void test_properties_tls_der_format( diff --git a/src/systemTest/java/com/hivemq/cli/commands/shell/connect/ShellConnectTlsST.java b/src/systemTest/java/com/hivemq/cli/commands/shell/connect/ShellConnectTlsST.java index 52b371b7a..49fb1145e 100644 --- a/src/systemTest/java/com/hivemq/cli/commands/shell/connect/ShellConnectTlsST.java +++ b/src/systemTest/java/com/hivemq/cli/commands/shell/connect/ShellConnectTlsST.java @@ -159,6 +159,35 @@ void test_tls_pem_format( mqttVersion))); } + @CartesianTest + @Timeout(value = 3, unit = TimeUnit.MINUTES) + void test_tls_pem_format_via_folder( + @CartesianTest.Values(chars = {'3', '5'}) final char mqttVersion, + @CartesianTest.Enum final @NotNull TlsVersion tlsVersion) throws Exception { + final String certificateAuthorityPublicKey = Resources.getResource("tls/certificateAuthority/capath/pem").getPath(); + + final List connectCommand = List.of("con", + "-h", + hivemq.getHost(), + "-p", + String.valueOf(hivemq.getMqttTlsPort()), + "-V", + String.valueOf(mqttVersion), + "-i", + "cliTest", + "-s", + "--tls-version", + tlsVersion.toString(), + "--capath", + certificateAuthorityPublicKey); + + mqttCliShell.executeAsync(connectCommand).awaitLog("sending CONNECT").awaitLog("received CONNACK"); + + assertConnectPacket(hivemq.getConnectPackets().get(0), + connectAssertion -> connectAssertion.setMqttVersion(MqttVersionConverter.toExtensionSdkVersion( + mqttVersion))); + } + //DER @@ -191,6 +220,35 @@ void test_tls_der_format( mqttVersion))); } + @CartesianTest + @Timeout(value = 3, unit = TimeUnit.MINUTES) + void test_tls_der_format_via_folder( + @CartesianTest.Values(chars = {'3', '5'}) final char mqttVersion, + @CartesianTest.Enum final @NotNull TlsVersion tlsVersion) throws Exception { + final String certificateAuthorityPublicKey = Resources.getResource("tls/certificateAuthority/capath/der").getPath(); + + final List connectCommand = List.of("con", + "-h", + hivemq.getHost(), + "-p", + String.valueOf(hivemq.getMqttTlsPort()), + "-V", + String.valueOf(mqttVersion), + "-i", + "cliTest", + "-s", + "--tls-version", + tlsVersion.toString(), + "--capath", + certificateAuthorityPublicKey); + + mqttCliShell.executeAsync(connectCommand).awaitLog("sending CONNECT").awaitLog("received CONNACK"); + + assertConnectPacket(hivemq.getConnectPackets().get(0), + connectAssertion -> connectAssertion.setMqttVersion(MqttVersionConverter.toExtensionSdkVersion( + mqttVersion))); + } + //NO CERT diff --git a/src/systemTest/resources/tls/certificate-generator-tool.sh b/src/systemTest/resources/tls/certificate-generator-tool.sh index f40473a88..96fa71402 100755 --- a/src/systemTest/resources/tls/certificate-generator-tool.sh +++ b/src/systemTest/resources/tls/certificate-generator-tool.sh @@ -44,7 +44,8 @@ keytool -exportcert -alias ca -file $caFolder/$caCertName.cer -keystore $caFolde keytool -exportcert -alias ca -file $caFolder/$caCertName.pem -keystore $caFolder/$caKeystoreName.p12 -storepass $caKeystorePass -rfc ##JKS keytool -importkeystore -srckeystore $caFolder/$caKeystoreName.p12 -destkeystore $caFolder/$caKeystoreName.jks -srcstoretype PKCS12 -deststoretype JKS -srcstorepass $caKeystorePass -deststorepass $caKeystorePass -srcalias ca -destalias ca -srckeypass $caKeyPass -destkeypass $caKeyPass -noprompt - +mkdir -p $caFolder/capath/der && cp $caFolder/$caCertName.cer $caFolder/capath/der +mkdir -p $caFolder/capath/pem && cp $caFolder/$caCertName.pem $caFolder/capath/pem #*****************************************# diff --git a/src/systemTest/resources/tls/certificateAuthority/capath/der/ca.cer b/src/systemTest/resources/tls/certificateAuthority/capath/der/ca.cer new file mode 100644 index 000000000..06ed1ebd4 Binary files /dev/null and b/src/systemTest/resources/tls/certificateAuthority/capath/der/ca.cer differ diff --git a/src/systemTest/resources/tls/certificateAuthority/capath/pem/ca.pem b/src/systemTest/resources/tls/certificateAuthority/capath/pem/ca.pem new file mode 100644 index 000000000..0962db6b8 --- /dev/null +++ b/src/systemTest/resources/tls/certificateAuthority/capath/pem/ca.pem @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC4zCCAcugAwIBAgIEcqEwRzANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDEwdS +b290LUNBMCAXDTIzMDIxNzEwMjM1N1oYDzMwMjIwNjIwMTAyMzU3WjASMRAwDgYD +VQQDEwdSb290LUNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqkJ +mgBCcnc3xf2qnJvD3txr8ASAmQMt14FzINmRoOBu9FyPQ9sc1EkfzywTHWBySzYK +sqS2ofk+4aL3j3O3dhBZNngUJS69zF37K72E9NhQss9EiocLzHhDfj1v+xAhDRfe +rLcKgGYSqX0SsRabKD8UGViDc3AHblvScelS4Ohc9NP+QwJJxLqQ7p5cNnh1MGr4 +Y6M2kYMFZwcqxQIcx67A9kZlLU6ER909Pg8/Ip+MGPv2xAZp5z7nli+rm6LyUDUg +tP3VXQ4VvZuYT+04dcwuP7NP+N1IZDN6aQA5+XbT16NWZ/KrXFLi+dXJdeObUmDS +gkPsNy3t9GYonwLzlwIDAQABoz8wPTAdBgNVHQ4EFgQUT6Dk80UQ2jayXbtGO6Lk +k6gR0oYwCwYDVR0PBAQDAgKEMA8GA1UdEwQIMAYBAf8CAQMwDQYJKoZIhvcNAQEL +BQADggEBAHFsqy7uJpJGkUCLjb116XsAmJE/1zcParuhBNT/rLCqiA6vYYUiNRd0 +qTHzR/M7tSe52gMt6MNaDzPA/MBE30foHL5j+SjD3p8XJF68ReByQCXpj4njwQ6n +EkYSlTplCNNjQ6ivef78T4Tb5RITOn9SRmd+0mUVzFtcetRa+2cafLAgA0XKp4Tv +/EQ/7f9RcGIMaf/Umpum0rax+/omn0yz2G8eURNh13ZgP4/dsw2EXUUCfvQ84TdL +yDuZnxLRieHtAA0h+AMC4t1JHz6QfrDcbP1tptyXbae9LTsCjGZN+SJRQ3Y79dJD +GuyIlVc3tCIMdHH9kqNAe696K242YJo= +-----END CERTIFICATE-----