Jan Tattermusch | eea5955 | 2015-07-23 22:05:32 -0700 | [diff] [blame] | 1 | #region Copyright notice and license |
| 2 | |
Jan Tattermusch | 7897ae9 | 2017-06-07 22:57:36 +0200 | [diff] [blame] | 3 | // Copyright 2015-2016 gRPC authors. |
Jan Tattermusch | eea5955 | 2015-07-23 22:05:32 -0700 | [diff] [blame] | 4 | // |
Jan Tattermusch | 7897ae9 | 2017-06-07 22:57:36 +0200 | [diff] [blame] | 5 | // Licensed under the Apache License, Version 2.0 (the "License"); |
| 6 | // you may not use this file except in compliance with the License. |
| 7 | // You may obtain a copy of the License at |
Jan Tattermusch | eea5955 | 2015-07-23 22:05:32 -0700 | [diff] [blame] | 8 | // |
Jan Tattermusch | 7897ae9 | 2017-06-07 22:57:36 +0200 | [diff] [blame] | 9 | // http://www.apache.org/licenses/LICENSE-2.0 |
Jan Tattermusch | eea5955 | 2015-07-23 22:05:32 -0700 | [diff] [blame] | 10 | // |
Jan Tattermusch | 7897ae9 | 2017-06-07 22:57:36 +0200 | [diff] [blame] | 11 | // Unless required by applicable law or agreed to in writing, software |
| 12 | // distributed under the License is distributed on an "AS IS" BASIS, |
| 13 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 14 | // See the License for the specific language governing permissions and |
| 15 | // limitations under the License. |
Jan Tattermusch | eea5955 | 2015-07-23 22:05:32 -0700 | [diff] [blame] | 16 | |
| 17 | #endregion |
| 18 | |
| 19 | using System; |
| 20 | using System.Collections.Generic; |
| 21 | using System.IO; |
Jan Tattermusch | 31ba063 | 2015-08-04 22:02:55 -0700 | [diff] [blame] | 22 | using System.Linq; |
Jan Tattermusch | eea5955 | 2015-07-23 22:05:32 -0700 | [diff] [blame] | 23 | using System.Threading; |
| 24 | using System.Threading.Tasks; |
Jan Tattermusch | c9b03fe | 2017-02-06 08:45:00 -0800 | [diff] [blame] | 25 | using Google.Protobuf; |
Jan Tattermusch | eea5955 | 2015-07-23 22:05:32 -0700 | [diff] [blame] | 26 | using Grpc.Core; |
| 27 | using Grpc.Core.Utils; |
Jan Tattermusch | 8644aea | 2015-08-03 10:21:18 -0700 | [diff] [blame] | 28 | using Grpc.Testing; |
Jan Tattermusch | eea5955 | 2015-07-23 22:05:32 -0700 | [diff] [blame] | 29 | using NUnit.Framework; |
| 30 | |
| 31 | namespace Grpc.IntegrationTesting |
| 32 | { |
| 33 | /// <summary> |
| 34 | /// Test SSL credentials where server authenticates client |
| 35 | /// and client authenticates the server. |
| 36 | /// </summary> |
| 37 | public class SslCredentialsTest |
| 38 | { |
Jan Tattermusch | 31ba063 | 2015-08-04 22:02:55 -0700 | [diff] [blame] | 39 | const string Host = "localhost"; |
Jan Tattermusch | eea5955 | 2015-07-23 22:05:32 -0700 | [diff] [blame] | 40 | Server server; |
| 41 | Channel channel; |
Jan Tattermusch | 809148d | 2016-03-22 15:09:41 -0700 | [diff] [blame] | 42 | TestService.TestServiceClient client; |
Jan Tattermusch | eea5955 | 2015-07-23 22:05:32 -0700 | [diff] [blame] | 43 | |
Jan Tattermusch | c152d66 | 2017-08-09 09:24:20 +0200 | [diff] [blame] | 44 | [OneTimeSetUp] |
Jan Tattermusch | eea5955 | 2015-07-23 22:05:32 -0700 | [diff] [blame] | 45 | public void Init() |
| 46 | { |
| 47 | var rootCert = File.ReadAllText(TestCredentials.ClientCertAuthorityPath); |
| 48 | var keyCertPair = new KeyCertificatePair( |
| 49 | File.ReadAllText(TestCredentials.ServerCertChainPath), |
| 50 | File.ReadAllText(TestCredentials.ServerPrivateKeyPath)); |
| 51 | |
Jan Tattermusch | d27dfa7 | 2015-08-04 18:10:54 -0700 | [diff] [blame] | 52 | var serverCredentials = new SslServerCredentials(new[] { keyCertPair }, rootCert, true); |
Jan Tattermusch | eea5955 | 2015-07-23 22:05:32 -0700 | [diff] [blame] | 53 | var clientCredentials = new SslCredentials(rootCert, keyCertPair); |
| 54 | |
Jan Tattermusch | 09d2f55 | 2017-04-20 11:39:37 +0200 | [diff] [blame] | 55 | // Disable SO_REUSEPORT to prevent https://github.com/grpc/grpc/issues/10755 |
| 56 | server = new Server(new[] { new ChannelOption(ChannelOptions.SoReuseport, 0) }) |
Jan Tattermusch | 021df8a | 2015-08-04 20:31:11 -0700 | [diff] [blame] | 57 | { |
Jan Tattermusch | c9b03fe | 2017-02-06 08:45:00 -0800 | [diff] [blame] | 58 | Services = { TestService.BindService(new SslCredentialsTestServiceImpl()) }, |
Jan Tattermusch | 31ba063 | 2015-08-04 22:02:55 -0700 | [diff] [blame] | 59 | Ports = { { Host, ServerPort.PickUnused, serverCredentials } } |
Jan Tattermusch | 021df8a | 2015-08-04 20:31:11 -0700 | [diff] [blame] | 60 | }; |
Jan Tattermusch | eea5955 | 2015-07-23 22:05:32 -0700 | [diff] [blame] | 61 | server.Start(); |
| 62 | |
| 63 | var options = new List<ChannelOption> |
| 64 | { |
| 65 | new ChannelOption(ChannelOptions.SslTargetNameOverride, TestCredentials.DefaultHostOverride) |
| 66 | }; |
| 67 | |
Jan Tattermusch | 31ba063 | 2015-08-04 22:02:55 -0700 | [diff] [blame] | 68 | channel = new Channel(Host, server.Ports.Single().BoundPort, clientCredentials, options); |
Jan Tattermusch | f41ebc3 | 2016-06-22 12:47:14 -0700 | [diff] [blame] | 69 | client = new TestService.TestServiceClient(channel); |
Jan Tattermusch | eea5955 | 2015-07-23 22:05:32 -0700 | [diff] [blame] | 70 | } |
| 71 | |
Jan Tattermusch | c152d66 | 2017-08-09 09:24:20 +0200 | [diff] [blame] | 72 | [OneTimeTearDown] |
Jan Tattermusch | eea5955 | 2015-07-23 22:05:32 -0700 | [diff] [blame] | 73 | public void Cleanup() |
| 74 | { |
Jan Tattermusch | 2b35795 | 2015-08-20 14:54:33 -0700 | [diff] [blame] | 75 | channel.ShutdownAsync().Wait(); |
Jan Tattermusch | eea5955 | 2015-07-23 22:05:32 -0700 | [diff] [blame] | 76 | server.ShutdownAsync().Wait(); |
Jan Tattermusch | eea5955 | 2015-07-23 22:05:32 -0700 | [diff] [blame] | 77 | } |
| 78 | |
| 79 | [Test] |
| 80 | public void AuthenticatedClientAndServer() |
| 81 | { |
Jan Tattermusch | 8644aea | 2015-08-03 10:21:18 -0700 | [diff] [blame] | 82 | var response = client.UnaryCall(new SimpleRequest { ResponseSize = 10 }); |
Jan Tattermusch | eea5955 | 2015-07-23 22:05:32 -0700 | [diff] [blame] | 83 | Assert.AreEqual(10, response.Payload.Body.Length); |
| 84 | } |
Jan Tattermusch | c9b03fe | 2017-02-06 08:45:00 -0800 | [diff] [blame] | 85 | |
| 86 | [Test] |
| 87 | public async Task AuthContextIsPopulated() |
| 88 | { |
| 89 | var call = client.StreamingInputCall(); |
| 90 | await call.RequestStream.CompleteAsync(); |
| 91 | var response = await call.ResponseAsync; |
| 92 | Assert.AreEqual(12345, response.AggregatedPayloadSize); |
| 93 | } |
| 94 | |
| 95 | private class SslCredentialsTestServiceImpl : TestService.TestServiceBase |
| 96 | { |
Jan Tattermusch | c152d66 | 2017-08-09 09:24:20 +0200 | [diff] [blame] | 97 | public override Task<SimpleResponse> UnaryCall(SimpleRequest request, ServerCallContext context) |
Jan Tattermusch | c9b03fe | 2017-02-06 08:45:00 -0800 | [diff] [blame] | 98 | { |
Jan Tattermusch | c152d66 | 2017-08-09 09:24:20 +0200 | [diff] [blame] | 99 | return Task.FromResult(new SimpleResponse { Payload = CreateZerosPayload(request.ResponseSize) }); |
Jan Tattermusch | c9b03fe | 2017-02-06 08:45:00 -0800 | [diff] [blame] | 100 | } |
| 101 | |
| 102 | public override async Task<StreamingInputCallResponse> StreamingInputCall(IAsyncStreamReader<StreamingInputCallRequest> requestStream, ServerCallContext context) |
| 103 | { |
| 104 | var authContext = context.AuthContext; |
Jan Tattermusch | c152d66 | 2017-08-09 09:24:20 +0200 | [diff] [blame] | 105 | await requestStream.ForEachAsync(request => TaskUtils.CompletedTask); |
Jan Tattermusch | c9b03fe | 2017-02-06 08:45:00 -0800 | [diff] [blame] | 106 | |
| 107 | Assert.IsTrue(authContext.IsPeerAuthenticated); |
| 108 | Assert.AreEqual("x509_subject_alternative_name", authContext.PeerIdentityPropertyName); |
| 109 | Assert.IsTrue(authContext.PeerIdentity.Count() > 0); |
| 110 | Assert.AreEqual("ssl", authContext.FindPropertiesByName("transport_security_type").First().Value); |
| 111 | |
| 112 | return new StreamingInputCallResponse { AggregatedPayloadSize = 12345 }; |
| 113 | } |
| 114 | |
| 115 | private static Payload CreateZerosPayload(int size) |
| 116 | { |
| 117 | return new Payload { Body = ByteString.CopyFrom(new byte[size]) }; |
| 118 | } |
| 119 | } |
Jan Tattermusch | eea5955 | 2015-07-23 22:05:32 -0700 | [diff] [blame] | 120 | } |
| 121 | } |