diff --git a/CHANGELOG.md b/CHANGELOG.md index f5e3d87a..3146f4c5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,16 @@ All notable changes to this project will be documented in this file. ## [[NEXT]](https://github.com/iExecBlockchainComputing/iexec-sms/releases/tag/vNEXT) 2025 +### Quality + +- Refactor `SslConfig` and `TwoWaySslClient` to use HttpClient 5 and improve ssl handling. (#285) + +### Dependency Upgrades + +- Upgrade to `eclipse-temurin:17.0.13_11-jre-focal`. (#285) +- Upgrade to Spring Boot 3.0.13. (#285) +- Upgrade to `org.springdoc:springdoc-openapi-starter-webmvc-ui` 2.6.0. (#285) + ## [[8.7.0]](https://github.com/iExecBlockchainComputing/iexec-sms/releases/tag/v8.7.0) 2024-12-23 ### New Features diff --git a/Dockerfile b/Dockerfile index 99e39cff..537898fb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM eclipse-temurin:11.0.24_8-jre-focal +FROM eclipse-temurin:17.0.13_11-jre-focal ARG jar diff --git a/build.gradle b/build.gradle index 48c5ee8a..d1f5a636 100644 --- a/build.gradle +++ b/build.gradle @@ -1,7 +1,13 @@ +buildscript { + ext { + springBootVersion = '3.0.13' + } +} + plugins { id 'java' id 'io.freefair.lombok' version '8.10.2' - id 'org.springframework.boot' version '2.7.18' + id 'org.springframework.boot' version "${springBootVersion}" id 'io.spring.dependency-management' version '1.1.6' id 'jacoco' id 'org.sonarqube' version '5.1.0.4882' @@ -39,12 +45,14 @@ allprojects { toolchain { languageVersion.set(JavaLanguageVersion.of(17)) } - sourceCompatibility = "11" - targetCompatibility = "11" + sourceCompatibility = JavaVersion.VERSION_17 + targetCompatibility = JavaVersion.VERSION_17 } } dependencies { + implementation platform("org.springframework.boot:spring-boot-dependencies:${springBootVersion}") + // iexec implementation "com.iexec.commons:iexec-commons-poco:$iexecCommonsPocoVersion" implementation "com.iexec.common:iexec-common:$iexecCommonVersion" @@ -55,15 +63,16 @@ dependencies { implementation 'org.springframework.boot:spring-boot-starter-validation' implementation 'org.springframework.boot:spring-boot-starter-web' implementation 'org.springframework.retry:spring-retry' + // H2 implementation 'org.springframework.boot:spring-boot-starter-data-jpa' implementation 'com.h2database:h2:2.2.224' // Spring Doc - implementation 'org.springdoc:springdoc-openapi-ui:1.7.0' + implementation 'org.springdoc:springdoc-openapi-starter-webmvc-ui:2.6.0' - //ssl - implementation 'org.apache.httpcomponents:httpclient' + // ssl + implementation 'org.apache.httpcomponents.client5:httpclient5' // observability runtimeOnly 'io.micrometer:micrometer-registry-prometheus' diff --git a/gradle.properties b/gradle.properties index 90a11379..9e5db5d0 100644 --- a/gradle.properties +++ b/gradle.properties @@ -1,6 +1,6 @@ version=8.7.0 -iexecCommonVersion=8.6.0 -iexecCommonsPocoVersion=4.2.0 +iexecCommonVersion=8.6.0-NEXT-SNAPSHOT +iexecCommonsPocoVersion=4.2.0-NEXT-SNAPSHOT nexusUser nexusPassword diff --git a/iexec-sms-library/build.gradle b/iexec-sms-library/build.gradle index edf44ffb..e417d7e2 100644 --- a/iexec-sms-library/build.gradle +++ b/iexec-sms-library/build.gradle @@ -5,14 +5,20 @@ plugins { id 'maven-publish' } +ext { + springBootVersion = '3.0.13' +} + dependencies { + implementation platform("org.springframework.boot:spring-boot-dependencies:${springBootVersion}") + implementation "com.iexec.commons:iexec-commons-poco:$iexecCommonsPocoVersion" implementation "com.iexec.common:iexec-common:$iexecCommonVersion" } java { - sourceCompatibility = "11" - targetCompatibility = "11" + sourceCompatibility = JavaVersion.VERSION_17 + targetCompatibility = JavaVersion.VERSION_17 withJavadocJar() withSourcesJar() } @@ -22,9 +28,8 @@ testing { test { useJUnitJupiter() dependencies { - implementation "org.assertj:assertj-core:3.22.0" - implementation 'org.junit.jupiter:junit-jupiter:5.8.2' - implementation 'org.mockito:mockito-junit-jupiter:4.7.0' + implementation "org.assertj:assertj-core" + implementation 'org.mockito:mockito-junit-jupiter' } } } diff --git a/src/itest/java/com/iexec/sms/CommonTestSetup.java b/src/itest/java/com/iexec/sms/CommonTestSetup.java index 494288f9..d285c1f5 100644 --- a/src/itest/java/com/iexec/sms/CommonTestSetup.java +++ b/src/itest/java/com/iexec/sms/CommonTestSetup.java @@ -1,5 +1,5 @@ /* - * Copyright 2021 IEXEC BLOCKCHAIN TECH + * Copyright 2021-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ package com.iexec.sms; import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.boot.web.server.LocalServerPort; +import org.springframework.boot.test.web.server.LocalServerPort; import org.springframework.test.annotation.DirtiesContext; @SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) diff --git a/src/itest/java/com/iexec/sms/secret/compute/TeeTaskComputeSecretIntegrationTests.java b/src/itest/java/com/iexec/sms/secret/compute/TeeTaskComputeSecretIntegrationTests.java index bd882c4d..4388a514 100644 --- a/src/itest/java/com/iexec/sms/secret/compute/TeeTaskComputeSecretIntegrationTests.java +++ b/src/itest/java/com/iexec/sms/secret/compute/TeeTaskComputeSecretIntegrationTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2021-2024 IEXEC BLOCKCHAIN TECH + * Copyright 2021-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -43,7 +43,6 @@ import java.util.List; import java.util.Optional; import java.util.Random; -import java.util.stream.Collectors; import static com.iexec.commons.poco.utils.SignatureUtils.signMessageHashAndGetSignature; import static com.iexec.sms.MockChainConfiguration.MOCK_CHAIN_PROFILE; @@ -212,7 +211,7 @@ void addMultipleRequesterSecrets() { .stream() .map(TeeTaskComputeSecret::getHeader) .map(TeeTaskComputeSecretHeader::getKey) - .collect(Collectors.toList()); + .toList(); Assertions.assertThat(retrievedKeys) .containsExactlyInAnyOrder("secret-key-1", "secret-key-2", "secret-key-3"); diff --git a/src/main/java/com/iexec/sms/admin/ApiKeyRequestFilter.java b/src/main/java/com/iexec/sms/admin/ApiKeyRequestFilter.java index d6c6391e..729bf816 100644 --- a/src/main/java/com/iexec/sms/admin/ApiKeyRequestFilter.java +++ b/src/main/java/com/iexec/sms/admin/ApiKeyRequestFilter.java @@ -1,5 +1,5 @@ /* - * Copyright 2023-2024 IEXEC BLOCKCHAIN TECH + * Copyright 2023-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,16 +16,16 @@ package com.iexec.sms.admin; +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.ServletRequest; +import jakarta.servlet.ServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; import org.springframework.web.filter.GenericFilterBean; -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import java.io.IOException; /** diff --git a/src/main/java/com/iexec/sms/admin/OutOfServiceRequestFilter.java b/src/main/java/com/iexec/sms/admin/OutOfServiceRequestFilter.java index c6d883e7..f6a20052 100644 --- a/src/main/java/com/iexec/sms/admin/OutOfServiceRequestFilter.java +++ b/src/main/java/com/iexec/sms/admin/OutOfServiceRequestFilter.java @@ -1,5 +1,5 @@ /* - * Copyright 2024-2024 IEXEC BLOCKCHAIN TECH + * Copyright 2024-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,13 +15,13 @@ */ package com.iexec.sms.admin; +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.ServletRequest; +import jakarta.servlet.ServletResponse; +import jakarta.servlet.http.HttpServletResponse; import org.springframework.web.filter.GenericFilterBean; -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletResponse; import java.io.IOException; /** diff --git a/src/main/java/com/iexec/sms/blockchain/BlockchainConfig.java b/src/main/java/com/iexec/sms/blockchain/BlockchainConfig.java index c6988930..400fef29 100644 --- a/src/main/java/com/iexec/sms/blockchain/BlockchainConfig.java +++ b/src/main/java/com/iexec/sms/blockchain/BlockchainConfig.java @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 IEXEC BLOCKCHAIN TECH + * Copyright 2020-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -18,12 +18,10 @@ import lombok.Value; import org.springframework.boot.context.properties.ConfigurationProperties; -import org.springframework.boot.context.properties.ConstructorBinding; import java.time.Duration; @Value -@ConstructorBinding @ConfigurationProperties(prefix = "blockchain") public class BlockchainConfig { int id; diff --git a/src/main/java/com/iexec/sms/config/SecretsConfig.java b/src/main/java/com/iexec/sms/config/SecretsConfig.java index f542a13d..3114b16c 100644 --- a/src/main/java/com/iexec/sms/config/SecretsConfig.java +++ b/src/main/java/com/iexec/sms/config/SecretsConfig.java @@ -1,5 +1,5 @@ /* - * Copyright 2023-2024 IEXEC BLOCKCHAIN TECH + * Copyright 2023-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -27,12 +27,12 @@ import com.iexec.sms.secret.web3.Web3SecretRepository; import com.iexec.sms.tee.challenge.EthereumCredentialsRepository; import com.iexec.sms.tee.challenge.TeeChallengeRepository; +import jakarta.annotation.PreDestroy; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; -import javax.annotation.PreDestroy; import java.util.concurrent.Executors; import java.util.concurrent.ScheduledExecutorService; import java.util.concurrent.TimeUnit; diff --git a/src/main/java/com/iexec/sms/encryption/EncryptionConfiguration.java b/src/main/java/com/iexec/sms/encryption/EncryptionConfiguration.java index 40c21757..b8184ad6 100644 --- a/src/main/java/com/iexec/sms/encryption/EncryptionConfiguration.java +++ b/src/main/java/com/iexec/sms/encryption/EncryptionConfiguration.java @@ -1,5 +1,5 @@ /* - * Copyright 2020 IEXEC BLOCKCHAIN TECH + * Copyright 2020-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -18,10 +18,8 @@ import lombok.Data; import org.springframework.boot.context.properties.ConfigurationProperties; -import org.springframework.boot.context.properties.ConstructorBinding; @Data -@ConstructorBinding @ConfigurationProperties(prefix = "encryption") public class EncryptionConfiguration { private final String aesKeyPath; diff --git a/src/main/java/com/iexec/sms/encryption/EncryptionService.java b/src/main/java/com/iexec/sms/encryption/EncryptionService.java index 67836a57..a0190d96 100644 --- a/src/main/java/com/iexec/sms/encryption/EncryptionService.java +++ b/src/main/java/com/iexec/sms/encryption/EncryptionService.java @@ -1,5 +1,5 @@ /* - * Copyright 2020-2024 IEXEC BLOCKCHAIN TECH + * Copyright 2020-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -20,13 +20,13 @@ import com.iexec.common.security.CipherHelper; import com.iexec.common.utils.FileHelper; import com.iexec.commons.poco.utils.BytesUtils; +import jakarta.annotation.PostConstruct; import lombok.Getter; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; import org.springframework.stereotype.Service; import org.web3j.crypto.Hash; -import javax.annotation.PostConstruct; import java.io.File; import static com.iexec.common.utils.FileHelper.createFileWithContent; diff --git a/src/main/java/com/iexec/sms/secret/MeasuredSecretService.java b/src/main/java/com/iexec/sms/secret/MeasuredSecretService.java index 61507315..1937cc53 100644 --- a/src/main/java/com/iexec/sms/secret/MeasuredSecretService.java +++ b/src/main/java/com/iexec/sms/secret/MeasuredSecretService.java @@ -1,5 +1,5 @@ /* - * Copyright 2023-2023 IEXEC BLOCKCHAIN TECH + * Copyright 2023-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -18,10 +18,10 @@ import io.micrometer.core.instrument.Counter; import io.micrometer.core.instrument.Metrics; +import jakarta.annotation.PostConstruct; import lombok.Getter; import lombok.extern.slf4j.Slf4j; -import javax.annotation.PostConstruct; import java.util.concurrent.ScheduledExecutorService; import java.util.concurrent.TimeUnit; import java.util.concurrent.atomic.AtomicLong; diff --git a/src/main/java/com/iexec/sms/secret/Secret.java b/src/main/java/com/iexec/sms/secret/Secret.java index 9053a0c3..10d3f29b 100644 --- a/src/main/java/com/iexec/sms/secret/Secret.java +++ b/src/main/java/com/iexec/sms/secret/Secret.java @@ -1,5 +1,5 @@ /* - * Copyright 2020 IEXEC BLOCKCHAIN TECH + * Copyright 2020-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,12 +16,12 @@ package com.iexec.sms.secret; +import jakarta.persistence.Column; +import jakarta.persistence.MappedSuperclass; import lombok.AccessLevel; import lombok.Getter; import lombok.NoArgsConstructor; -import javax.persistence.Column; -import javax.persistence.MappedSuperclass; import java.util.Objects; @MappedSuperclass diff --git a/src/main/java/com/iexec/sms/secret/compute/TeeTaskComputeSecret.java b/src/main/java/com/iexec/sms/secret/compute/TeeTaskComputeSecret.java index 272f69d5..26593b78 100644 --- a/src/main/java/com/iexec/sms/secret/compute/TeeTaskComputeSecret.java +++ b/src/main/java/com/iexec/sms/secret/compute/TeeTaskComputeSecret.java @@ -1,5 +1,5 @@ /* - * Copyright 2021 IEXEC BLOCKCHAIN TECH + * Copyright 2021-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,12 +17,12 @@ package com.iexec.sms.secret.compute; import com.iexec.sms.secret.SecretUtils; +import jakarta.persistence.Column; +import jakarta.persistence.EmbeddedId; +import jakarta.persistence.Entity; +import jakarta.validation.constraints.NotNull; import lombok.*; -import javax.persistence.Column; -import javax.persistence.EmbeddedId; -import javax.persistence.Entity; -import javax.validation.constraints.NotNull; import java.io.Serializable; import java.util.Objects; diff --git a/src/main/java/com/iexec/sms/secret/compute/TeeTaskComputeSecretHeader.java b/src/main/java/com/iexec/sms/secret/compute/TeeTaskComputeSecretHeader.java index 48d070fa..48178a2c 100644 --- a/src/main/java/com/iexec/sms/secret/compute/TeeTaskComputeSecretHeader.java +++ b/src/main/java/com/iexec/sms/secret/compute/TeeTaskComputeSecretHeader.java @@ -1,5 +1,5 @@ /* - * Copyright 2022 IEXEC BLOCKCHAIN TECH + * Copyright 2022-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,6 +16,10 @@ package com.iexec.sms.secret.compute; +import jakarta.persistence.Embeddable; +import jakarta.validation.*; +import jakarta.validation.constraints.NotNull; +import jakarta.validation.constraints.Size; import lombok.AccessLevel; import lombok.EqualsAndHashCode; import lombok.Getter; @@ -23,13 +27,8 @@ import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; -import javax.persistence.Embeddable; -import javax.validation.*; -import javax.validation.constraints.NotNull; -import javax.validation.constraints.Size; import java.io.Serializable; import java.util.Set; -import java.util.stream.Collectors; @Embeddable @Slf4j @@ -86,7 +85,7 @@ private void validateFields() { final Validator validator = factory.getValidator(); final Set> issues = validator.validate(this); if (!issues.isEmpty()) { - log.warn("{}", issues.stream().map(ConstraintViolation::getMessage).collect(Collectors.toList())); + log.warn("{}", issues.stream().map(ConstraintViolation::getMessage).toList()); throw new ValidationException("Can't create TeeTaskComputeSecretHeader."); } } diff --git a/src/main/java/com/iexec/sms/secret/compute/TeeTaskComputeSecretService.java b/src/main/java/com/iexec/sms/secret/compute/TeeTaskComputeSecretService.java index a97915da..62675f4a 100644 --- a/src/main/java/com/iexec/sms/secret/compute/TeeTaskComputeSecretService.java +++ b/src/main/java/com/iexec/sms/secret/compute/TeeTaskComputeSecretService.java @@ -1,5 +1,5 @@ /* - * Copyright 2021-2024 IEXEC BLOCKCHAIN TECH + * Copyright 2021-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -28,7 +28,6 @@ import java.util.List; import java.util.Optional; -import java.util.stream.Collectors; @Slf4j @Service @@ -82,7 +81,7 @@ public Optional getSecret( public List getSecretsForTeeSession(Iterable ids) { return teeTaskComputeSecretRepository.findAllById(ids).stream() .map(secret -> secret.withValue(encryptionService.decrypt(secret.getValue()))) - .collect(Collectors.toList()); + .toList(); } /** diff --git a/src/main/java/com/iexec/sms/secret/web2/Web2Secret.java b/src/main/java/com/iexec/sms/secret/web2/Web2Secret.java index 8eb198fa..ab1de394 100644 --- a/src/main/java/com/iexec/sms/secret/web2/Web2Secret.java +++ b/src/main/java/com/iexec/sms/secret/web2/Web2Secret.java @@ -1,5 +1,5 @@ /* - * Copyright 2022-2024 IEXEC BLOCKCHAIN TECH + * Copyright 2022-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,13 +17,12 @@ package com.iexec.sms.secret.web2; import com.iexec.sms.secret.Secret; +import jakarta.persistence.EmbeddedId; +import jakarta.persistence.Entity; import lombok.AccessLevel; import lombok.Getter; import lombok.NoArgsConstructor; -import javax.persistence.EmbeddedId; -import javax.persistence.Entity; - @Entity @Getter @NoArgsConstructor(access = AccessLevel.PROTECTED) diff --git a/src/main/java/com/iexec/sms/secret/web2/Web2SecretHeader.java b/src/main/java/com/iexec/sms/secret/web2/Web2SecretHeader.java index f8ae6ea7..5cedf3e2 100644 --- a/src/main/java/com/iexec/sms/secret/web2/Web2SecretHeader.java +++ b/src/main/java/com/iexec/sms/secret/web2/Web2SecretHeader.java @@ -1,5 +1,5 @@ /* - * Copyright 2022-2024 IEXEC BLOCKCHAIN TECH + * Copyright 2022-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,12 +16,12 @@ package com.iexec.sms.secret.web2; +import jakarta.persistence.Embeddable; import lombok.AccessLevel; import lombok.EqualsAndHashCode; import lombok.Getter; import lombok.NoArgsConstructor; -import javax.persistence.Embeddable; import java.io.Serializable; import java.util.Objects; diff --git a/src/main/java/com/iexec/sms/secret/web2/Web2SecretService.java b/src/main/java/com/iexec/sms/secret/web2/Web2SecretService.java index 731f092b..5931dd43 100644 --- a/src/main/java/com/iexec/sms/secret/web2/Web2SecretService.java +++ b/src/main/java/com/iexec/sms/secret/web2/Web2SecretService.java @@ -1,5 +1,5 @@ /* - * Copyright 2022-2024 IEXEC BLOCKCHAIN TECH + * Copyright 2022-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -29,7 +29,6 @@ import java.util.List; import java.util.Objects; import java.util.Optional; -import java.util.stream.Collectors; @Slf4j @Service @@ -73,7 +72,7 @@ public Optional getDecryptedValue(String ownerAddress, String secretAddr public List getSecretsForTeeSession(Iterable ids) { return web2SecretRepository.findAllById(ids).stream() .map(secret -> secret.withValue(encryptionService.decrypt(secret.getValue()))) - .collect(Collectors.toList()); + .toList(); } public boolean isSecretPresent(String ownerAddress, String secretAddress) { diff --git a/src/main/java/com/iexec/sms/secret/web3/Web3Secret.java b/src/main/java/com/iexec/sms/secret/web3/Web3Secret.java index 75f35292..30f93980 100644 --- a/src/main/java/com/iexec/sms/secret/web3/Web3Secret.java +++ b/src/main/java/com/iexec/sms/secret/web3/Web3Secret.java @@ -1,5 +1,5 @@ /* - * Copyright 2020 IEXEC BLOCKCHAIN TECH + * Copyright 2020-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,13 +17,12 @@ package com.iexec.sms.secret.web3; import com.iexec.sms.secret.Secret; +import jakarta.persistence.EmbeddedId; +import jakarta.persistence.Entity; import lombok.AccessLevel; import lombok.Getter; import lombok.NoArgsConstructor; -import javax.persistence.EmbeddedId; -import javax.persistence.Entity; - @Entity @Getter @NoArgsConstructor(access = AccessLevel.PROTECTED) diff --git a/src/main/java/com/iexec/sms/secret/web3/Web3SecretHeader.java b/src/main/java/com/iexec/sms/secret/web3/Web3SecretHeader.java index b0b48e78..a30060c4 100644 --- a/src/main/java/com/iexec/sms/secret/web3/Web3SecretHeader.java +++ b/src/main/java/com/iexec/sms/secret/web3/Web3SecretHeader.java @@ -1,5 +1,5 @@ /* - * Copyright 2022-2024 IEXEC BLOCKCHAIN TECH + * Copyright 2022-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,12 +16,12 @@ package com.iexec.sms.secret.web3; +import jakarta.persistence.Embeddable; import lombok.AccessLevel; import lombok.EqualsAndHashCode; import lombok.Getter; import lombok.NoArgsConstructor; -import javax.persistence.Embeddable; import java.io.Serializable; import java.util.Objects; diff --git a/src/main/java/com/iexec/sms/ssl/SslConfig.java b/src/main/java/com/iexec/sms/ssl/SslConfig.java index 180949f9..3d6883d1 100644 --- a/src/main/java/com/iexec/sms/ssl/SslConfig.java +++ b/src/main/java/com/iexec/sms/ssl/SslConfig.java @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 IEXEC BLOCKCHAIN TECH + * Copyright 2020-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -18,11 +18,9 @@ import com.iexec.commons.poco.tee.TeeFramework; import com.iexec.sms.tee.ConditionalOnTeeFramework; -import lombok.Value; import lombok.extern.slf4j.Slf4j; -import org.apache.http.ssl.SSLContexts; +import org.apache.hc.core5.ssl.SSLContexts; import org.springframework.boot.context.properties.ConfigurationProperties; -import org.springframework.boot.context.properties.ConstructorBinding; import javax.net.ssl.SSLContext; import java.io.File; @@ -34,8 +32,6 @@ import java.security.cert.CertificateException; @Slf4j -@Value -@ConstructorBinding @ConfigurationProperties(prefix = "tee.ssl") @ConditionalOnTeeFramework(frameworks = TeeFramework.SCONE) public class SslConfig { @@ -45,6 +41,29 @@ public class SslConfig { String keyAlias; char[] keystorePassword; + public SslConfig(String keystore, String keystoreType, String keyAlias, char[] keystorePassword) { + this.keystore = keystore; + this.keystoreType = keystoreType; + this.keyAlias = keyAlias; + this.keystorePassword = keystorePassword; + } + + public String getKeystore() { + return keystore; + } + + public String getKeystoreType() { + return keystoreType; + } + + public String getKeyAlias() { + return keyAlias; + } + + public char[] getKeystorePassword() { + return keystorePassword; + } + /* * Generates new SSLContext on each call */ @@ -56,9 +75,10 @@ public SSLContext getFreshSslContext() { keystorePassword, keystorePassword, (aliases, socket) -> keyAlias) - .loadTrustMaterial(null, (chain, authType) -> true)////TODO: Add CAS certificate to truststore + .loadTrustMaterial(null, (chain, authType) -> true) //TODO: Add CAS certificate to truststore .build(); - } catch (IOException | NoSuchAlgorithmException | KeyStoreException | UnrecoverableKeyException | CertificateException | KeyManagementException e) { + } catch (IOException | NoSuchAlgorithmException | KeyStoreException | UnrecoverableKeyException | + CertificateException | KeyManagementException e) { log.warn("Failed to create a fresh SSL context", e); } return null; diff --git a/src/main/java/com/iexec/sms/ssl/TwoWaySslClient.java b/src/main/java/com/iexec/sms/ssl/TwoWaySslClient.java index 3bb98c5a..c4ce2675 100644 --- a/src/main/java/com/iexec/sms/ssl/TwoWaySslClient.java +++ b/src/main/java/com/iexec/sms/ssl/TwoWaySslClient.java @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 IEXEC BLOCKCHAIN TECH + * Copyright 2020-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -18,8 +18,15 @@ import com.iexec.commons.poco.tee.TeeFramework; import com.iexec.sms.tee.ConditionalOnTeeFramework; -import org.apache.http.conn.ssl.NoopHostnameVerifier; -import org.apache.http.impl.client.HttpClientBuilder; +import org.apache.hc.client5.http.impl.classic.CloseableHttpClient; +import org.apache.hc.client5.http.impl.classic.HttpClients; +import org.apache.hc.client5.http.impl.io.BasicHttpClientConnectionManager; +import org.apache.hc.client5.http.socket.ConnectionSocketFactory; +import org.apache.hc.client5.http.socket.PlainConnectionSocketFactory; +import org.apache.hc.client5.http.ssl.NoopHostnameVerifier; +import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory; +import org.apache.hc.core5.http.config.Registry; +import org.apache.hc.core5.http.config.RegistryBuilder; import org.springframework.context.annotation.Configuration; import org.springframework.http.client.HttpComponentsClientHttpRequestFactory; import org.springframework.web.client.RestTemplate; @@ -42,19 +49,23 @@ public TwoWaySslClient(SslConfig sslConfig) { * Note: currently not able to avoid 401 responses with feignClient (see feignClient() method starter below) * */ public RestTemplate getRestTemplate() { - HttpClientBuilder clientBuilder = HttpClientBuilder.create(); - clientBuilder.setSSLContext(sslConfig.getFreshSslContext()); - clientBuilder.setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE); - HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory(); - factory.setHttpClient(clientBuilder.build()); - return new RestTemplate(factory); - } + final SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory( + sslConfig.getFreshSslContext(), + NoopHostnameVerifier.INSTANCE); - /* - @Bean - public Client feignClient() { - return new Client.Default(sslConfig.getFreshSslContext().getSocketFactory(), NoopHostnameVerifier.INSTANCE); + final Registry socketFactoryRegistry = RegistryBuilder.create() + .register("https", sslsf) + .register("http", new PlainConnectionSocketFactory()) + .build(); + + final BasicHttpClientConnectionManager connectionManager = new BasicHttpClientConnectionManager(socketFactoryRegistry); + + final CloseableHttpClient httpClient = HttpClients.custom() + .setConnectionManager(connectionManager) + .build(); + + final HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory(httpClient); + return new RestTemplate(factory); } - */ } diff --git a/src/main/java/com/iexec/sms/tee/challenge/EthereumCredentials.java b/src/main/java/com/iexec/sms/tee/challenge/EthereumCredentials.java index 9fcd225c..168dae62 100644 --- a/src/main/java/com/iexec/sms/tee/challenge/EthereumCredentials.java +++ b/src/main/java/com/iexec/sms/tee/challenge/EthereumCredentials.java @@ -1,5 +1,5 @@ /* - * Copyright 2020-2024 IEXEC BLOCKCHAIN TECH + * Copyright 2020-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,6 +17,9 @@ package com.iexec.sms.tee.challenge; import com.iexec.commons.poco.utils.CredentialsUtils; +import jakarta.persistence.Entity; +import jakarta.persistence.GeneratedValue; +import jakarta.persistence.Id; import lombok.AllArgsConstructor; import lombok.Getter; import lombok.NoArgsConstructor; @@ -25,9 +28,6 @@ import org.web3j.crypto.Keys; import org.web3j.utils.Numeric; -import javax.persistence.Entity; -import javax.persistence.GeneratedValue; -import javax.persistence.Id; import java.security.GeneralSecurityException; /** @@ -82,4 +82,4 @@ public void setEncryptedPrivateKey(String privateKey) { this.isEncrypted = true; } -} \ No newline at end of file +} diff --git a/src/main/java/com/iexec/sms/tee/challenge/TeeChallenge.java b/src/main/java/com/iexec/sms/tee/challenge/TeeChallenge.java index d6ca3350..3b3008e9 100644 --- a/src/main/java/com/iexec/sms/tee/challenge/TeeChallenge.java +++ b/src/main/java/com/iexec/sms/tee/challenge/TeeChallenge.java @@ -1,5 +1,5 @@ /* - * Copyright 2020-2024 IEXEC BLOCKCHAIN TECH + * Copyright 2020-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,13 +16,13 @@ package com.iexec.sms.tee.challenge; +import jakarta.persistence.*; import lombok.AllArgsConstructor; import lombok.Builder; import lombok.Getter; import lombok.NoArgsConstructor; import org.hibernate.annotations.GenericGenerator; -import javax.persistence.*; import java.security.GeneralSecurityException; import java.time.Instant; diff --git a/src/main/java/com/iexec/sms/tee/config/TeeChallengeCleanupConfiguration.java b/src/main/java/com/iexec/sms/tee/config/TeeChallengeCleanupConfiguration.java index a75d06ad..47c9998b 100644 --- a/src/main/java/com/iexec/sms/tee/config/TeeChallengeCleanupConfiguration.java +++ b/src/main/java/com/iexec/sms/tee/config/TeeChallengeCleanupConfiguration.java @@ -1,5 +1,5 @@ /* - * Copyright 2024 IEXEC BLOCKCHAIN TECH + * Copyright 2024-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -18,12 +18,10 @@ import lombok.Value; import org.springframework.boot.context.properties.ConfigurationProperties; -import org.springframework.boot.context.properties.ConstructorBinding; import java.time.Duration; @Value -@ConstructorBinding @ConfigurationProperties(prefix = "tee.challenge.cleanup") public class TeeChallengeCleanupConfiguration { String cron; diff --git a/src/main/java/com/iexec/sms/tee/config/TeeWorkerInternalConfiguration.java b/src/main/java/com/iexec/sms/tee/config/TeeWorkerInternalConfiguration.java index 73eed94c..94e467ba 100644 --- a/src/main/java/com/iexec/sms/tee/config/TeeWorkerInternalConfiguration.java +++ b/src/main/java/com/iexec/sms/tee/config/TeeWorkerInternalConfiguration.java @@ -1,5 +1,5 @@ /* - * Copyright 2022-2023 IEXEC BLOCKCHAIN TECH + * Copyright 2022-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -21,15 +21,14 @@ import com.iexec.sms.api.config.SconeServicesProperties; import com.iexec.sms.api.config.TeeAppProperties; import com.iexec.sms.tee.ConditionalOnTeeFramework; +import jakarta.validation.constraints.NotBlank; +import jakarta.validation.constraints.Positive; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.util.unit.DataSize; import org.springframework.validation.annotation.Validated; -import javax.validation.constraints.NotBlank; -import javax.validation.constraints.Positive; - @Configuration @Validated public class TeeWorkerInternalConfiguration { diff --git a/src/main/java/com/iexec/sms/tee/session/generic/TeeSessionRequest.java b/src/main/java/com/iexec/sms/tee/session/generic/TeeSessionRequest.java index 2e07648b..a4a9ccb7 100644 --- a/src/main/java/com/iexec/sms/tee/session/generic/TeeSessionRequest.java +++ b/src/main/java/com/iexec/sms/tee/session/generic/TeeSessionRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 IEXEC BLOCKCHAIN TECH + * Copyright 2020-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,11 +17,10 @@ package com.iexec.sms.tee.session.generic; import com.iexec.commons.poco.task.TaskDescription; +import jakarta.validation.constraints.NotNull; import lombok.Builder; import lombok.Value; -import javax.validation.constraints.NotNull; - @Value @Builder public class TeeSessionRequest { diff --git a/src/main/java/com/iexec/sms/tee/session/scone/SconeSessionSecurityConfig.java b/src/main/java/com/iexec/sms/tee/session/scone/SconeSessionSecurityConfig.java index 6c5b4920..57243fb0 100644 --- a/src/main/java/com/iexec/sms/tee/session/scone/SconeSessionSecurityConfig.java +++ b/src/main/java/com/iexec/sms/tee/session/scone/SconeSessionSecurityConfig.java @@ -1,5 +1,5 @@ /* - * Copyright 2020-2024 IEXEC BLOCKCHAIN TECH + * Copyright 2020-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -18,16 +18,14 @@ import com.iexec.commons.poco.tee.TeeFramework; import com.iexec.sms.tee.ConditionalOnTeeFramework; +import jakarta.validation.constraints.NotBlank; import lombok.Value; import org.springframework.boot.context.properties.ConfigurationProperties; -import org.springframework.boot.context.properties.ConstructorBinding; -import javax.validation.constraints.NotBlank; import java.net.URL; import java.util.List; @Value -@ConstructorBinding @ConfigurationProperties(prefix = "tee.scone.attestation") @ConditionalOnTeeFramework(frameworks = TeeFramework.SCONE) public class SconeSessionSecurityConfig { diff --git a/src/main/java/com/iexec/sms/version/VersionController.java b/src/main/java/com/iexec/sms/version/VersionController.java index c11a123a..c799076f 100644 --- a/src/main/java/com/iexec/sms/version/VersionController.java +++ b/src/main/java/com/iexec/sms/version/VersionController.java @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 IEXEC BLOCKCHAIN TECH + * Copyright 2020-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -19,13 +19,12 @@ import com.iexec.sms.api.config.TeeServicesProperties; import io.micrometer.core.instrument.Gauge; import io.micrometer.core.instrument.Metrics; +import jakarta.annotation.PostConstruct; import org.springframework.boot.info.BuildProperties; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RestController; -import javax.annotation.PostConstruct; - @RestController public class VersionController { diff --git a/src/test/java/com/iexec/sms/admin/AdminServiceTests.java b/src/test/java/com/iexec/sms/admin/AdminServiceTests.java index 6361bcd6..7c828371 100644 --- a/src/test/java/com/iexec/sms/admin/AdminServiceTests.java +++ b/src/test/java/com/iexec/sms/admin/AdminServiceTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2023-2024 IEXEC BLOCKCHAIN TECH + * Copyright 2023-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/src/test/java/com/iexec/sms/admin/ApiKeyRequestFilterTest.java b/src/test/java/com/iexec/sms/admin/ApiKeyRequestFilterTest.java index ee184211..bd94fb60 100644 --- a/src/test/java/com/iexec/sms/admin/ApiKeyRequestFilterTest.java +++ b/src/test/java/com/iexec/sms/admin/ApiKeyRequestFilterTest.java @@ -1,5 +1,5 @@ /* - * Copyright 2023-2024 IEXEC BLOCKCHAIN TECH + * Copyright 2023-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,6 +16,7 @@ package com.iexec.sms.admin; +import jakarta.servlet.http.HttpServletResponse; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.junit.jupiter.params.ParameterizedTest; @@ -25,8 +26,6 @@ import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; -import javax.servlet.http.HttpServletResponse; - import static org.junit.jupiter.api.Assertions.assertEquals; class ApiKeyRequestFilterTest { diff --git a/src/test/java/com/iexec/sms/admin/OutOfServiceRequestFilterTests.java b/src/test/java/com/iexec/sms/admin/OutOfServiceRequestFilterTests.java index d7b06ae4..a07dbb00 100644 --- a/src/test/java/com/iexec/sms/admin/OutOfServiceRequestFilterTests.java +++ b/src/test/java/com/iexec/sms/admin/OutOfServiceRequestFilterTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2024-2024 IEXEC BLOCKCHAIN TECH + * Copyright 2024-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -13,8 +13,10 @@ * See the License for the specific language governing permissions and * limitations under the License. */ + package com.iexec.sms.admin; +import jakarta.servlet.http.HttpServletResponse; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.mockito.Mock; @@ -24,8 +26,6 @@ import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; -import javax.servlet.http.HttpServletResponse; - import static org.assertj.core.api.Assertions.assertThat; import static org.junit.jupiter.api.Assertions.assertAll; diff --git a/src/test/java/com/iexec/sms/secret/compute/TeeTaskComputeSecretHeaderTests.java b/src/test/java/com/iexec/sms/secret/compute/TeeTaskComputeSecretHeaderTests.java index 0ceabd2e..7d49b50b 100644 --- a/src/test/java/com/iexec/sms/secret/compute/TeeTaskComputeSecretHeaderTests.java +++ b/src/test/java/com/iexec/sms/secret/compute/TeeTaskComputeSecretHeaderTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2022-2024 IEXEC BLOCKCHAIN TECH + * Copyright 2022-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,13 +16,12 @@ package com.iexec.sms.secret.compute; +import jakarta.validation.ValidationException; import org.assertj.core.api.Assertions; import org.junit.jupiter.api.Test; import org.junit.jupiter.params.ParameterizedTest; import org.junit.jupiter.params.provider.EnumSource; -import javax.validation.ValidationException; - class TeeTaskComputeSecretHeaderTests { private static final String ON_CHAIN_OBJECT_ADDRESS = "onChainObjectAddress"; private static final String FIXED_SECRET_OWNER = "fixedSecretOwner"; diff --git a/src/test/java/com/iexec/sms/secret/compute/TeeTaskComputeSecretTest.java b/src/test/java/com/iexec/sms/secret/compute/TeeTaskComputeSecretTest.java index 9c233cbc..3ebe600f 100644 --- a/src/test/java/com/iexec/sms/secret/compute/TeeTaskComputeSecretTest.java +++ b/src/test/java/com/iexec/sms/secret/compute/TeeTaskComputeSecretTest.java @@ -1,5 +1,5 @@ /* - * Copyright 2024-2024 IEXEC BLOCKCHAIN TECH + * Copyright 2024-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -13,14 +13,14 @@ * See the License for the specific language governing permissions and * limitations under the License. */ + package com.iexec.sms.secret.compute; +import jakarta.validation.ConstraintViolationException; import org.junit.jupiter.api.Test; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.test.autoconfigure.orm.jpa.DataJpaTest; -import javax.validation.ConstraintViolationException; - import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; diff --git a/src/test/java/com/iexec/sms/ssl/SslConfigTests.java b/src/test/java/com/iexec/sms/ssl/SslConfigTests.java new file mode 100644 index 00000000..22d0e15d --- /dev/null +++ b/src/test/java/com/iexec/sms/ssl/SslConfigTests.java @@ -0,0 +1,95 @@ +/* + * Copyright 2025 IEXEC BLOCKCHAIN TECH + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.iexec.sms.ssl; + +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.io.TempDir; + +import javax.net.ssl.SSLContext; +import java.io.File; +import java.io.FileOutputStream; +import java.io.IOException; +import java.nio.file.Path; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.cert.CertificateException; + +import static org.assertj.core.api.Assertions.assertThat; + +class SslConfigTests { + + private static final String PASSWORD = "password"; + private static final String ALIAS = "test-alias"; + private static final String KEYSTORE_TYPE = "PKCS12"; + + @TempDir + Path tempDir; + + private SslConfig sslConfig; + private String keystorePath; + + @BeforeEach + void setUp() throws Exception { + keystorePath = createTemporaryKeystore(); + sslConfig = new SslConfig( + keystorePath, + KEYSTORE_TYPE, + ALIAS, + PASSWORD.toCharArray() + ); + } + + private String createTemporaryKeystore() throws KeyStoreException, IOException, + NoSuchAlgorithmException, CertificateException { + KeyStore keyStore = KeyStore.getInstance(KEYSTORE_TYPE); + keyStore.load(null, PASSWORD.toCharArray()); + + File keystoreFile = tempDir.resolve("keystore.p12").toFile(); + try (FileOutputStream fos = new FileOutputStream(keystoreFile)) { + keyStore.store(fos, PASSWORD.toCharArray()); + } + return keystoreFile.getAbsolutePath(); + } + + @Test + void shouldReturnValidContext() { + SSLContext sslContext = sslConfig.getFreshSslContext(); + assertThat(sslContext).isNotNull(); + } + + @Test + void shouldGetCorrectAttributes() { + assertThat(sslConfig.getKeystore()).isEqualTo(keystorePath); + assertThat(sslConfig.getKeystoreType()).isEqualTo(KEYSTORE_TYPE); + assertThat(sslConfig.getKeyAlias()).isEqualTo(ALIAS); + assertThat(sslConfig.getKeystorePassword()).isEqualTo(PASSWORD.toCharArray()); + } + + @Test + void shouldReturnNullWhenKeystoreNotFound() { + sslConfig = new SslConfig( + "non-existing-keystore", + KEYSTORE_TYPE, + ALIAS, + PASSWORD.toCharArray() + ); + SSLContext sslContext = sslConfig.getFreshSslContext(); + assertThat(sslContext).isNull(); + } +} diff --git a/src/test/java/com/iexec/sms/ssl/TwoWaySslClientTests.java b/src/test/java/com/iexec/sms/ssl/TwoWaySslClientTests.java new file mode 100644 index 00000000..29cb5d4f --- /dev/null +++ b/src/test/java/com/iexec/sms/ssl/TwoWaySslClientTests.java @@ -0,0 +1,53 @@ +/* + * Copyright 2025 IEXEC BLOCKCHAIN TECH + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.iexec.sms.ssl; + +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.ExtendWith; +import org.mockito.InjectMocks; +import org.mockito.Mock; +import org.mockito.junit.jupiter.MockitoExtension; +import org.springframework.web.client.RestTemplate; + +import javax.net.ssl.SSLContext; +import java.security.KeyManagementException; +import java.security.NoSuchAlgorithmException; + +import static org.assertj.core.api.Assertions.assertThat; +import static org.mockito.Mockito.when; + +@ExtendWith(MockitoExtension.class) +class TwoWaySslClientTests { + + @Mock + private SslConfig sslConfig; + @InjectMocks + private TwoWaySslClient twoWaySslClient; + + @Test + void shouldReturnConfiguredRestTemplate() throws NoSuchAlgorithmException, KeyManagementException { + SSLContext mockSslContext = SSLContext.getInstance("TLS"); + mockSslContext.init(null, null, null); + when(sslConfig.getFreshSslContext()).thenReturn(mockSslContext); + + twoWaySslClient = new TwoWaySslClient(sslConfig); + RestTemplate restTemplate = twoWaySslClient.getRestTemplate(); + + assertThat(restTemplate).isNotNull(); + } + +} diff --git a/src/test/java/com/iexec/sms/tee/challenge/TeeChallengeServiceTests.java b/src/test/java/com/iexec/sms/tee/challenge/TeeChallengeServiceTests.java index 49f80433..1abc0e0f 100644 --- a/src/test/java/com/iexec/sms/tee/challenge/TeeChallengeServiceTests.java +++ b/src/test/java/com/iexec/sms/tee/challenge/TeeChallengeServiceTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2020-2024 IEXEC BLOCKCHAIN TECH + * Copyright 2020-2025 IEXEC BLOCKCHAIN TECH * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -21,6 +21,7 @@ import com.iexec.sms.encryption.EncryptionService; import com.iexec.sms.secret.MeasuredSecretService; import com.iexec.sms.tee.config.TeeChallengeCleanupConfiguration; +import jakarta.persistence.EntityManager; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; @@ -30,7 +31,6 @@ import org.springframework.boot.test.autoconfigure.orm.jpa.DataJpaTest; import org.springframework.jdbc.core.JdbcTemplate; -import javax.persistence.EntityManager; import java.security.GeneralSecurityException; import java.time.Duration; import java.time.Instant;