chore: fix ssl test

oliveigah · Mar 28, 2024 · 489556a · 489556a
1 parent 54c2526
commit 489556a
Show file tree

Hide file tree

Showing 13 changed files with 87 additions and 63 deletions.
diff --git a/.iex.exs b/.iex.exs
@@ -1,11 +1,8 @@
-alias Mix.Tasks.Help
 alias KlifeProtocol.TestSupport.Helpers
-alias KlifeProtocol.Messages
-alias KlifeProtocol.Socket
 
 Helpers.initialize_shared_storage()
 
 ssl_opts = [
   verify: :verify_peer,
-  cacertfile: Path.relative("test/compose_files/truststore/ca.crt")
+  cacertfile: Path.relative("test/compose_files/ssl/ca.crt")
 ]
diff --git a/test/compose_files/docker-compose-kafka.yml b/test/compose_files/docker-compose-kafka.yml
@@ -35,8 +35,8 @@ services:
       KAFKA_SSL_KEYSTORE_PASSWORD: klifeprotocol
       KAFKA_SSL_TRUSTSTORE_PASSWORD: klifeprotocol
     volumes:
-    - ./keystore/kafka.keystore.jks:/secrets/kafka.keystore.jks:ro,z
-    - ./truststore/kafka.truststore.jks:/secrets/kafka.truststore.jks:ro,z
+    - ./ssl/localhost.keystore.jks:/secrets/kafka.keystore.jks:ro,z
+    - ./ssl/localhost.truststore.jks:/secrets/kafka.truststore.jks:ro,z
 
   kafka2:
     image: confluentinc/cp-kafka:7.4.0
@@ -58,8 +58,8 @@ services:
       KAFKA_SSL_KEYSTORE_PASSWORD: klifeprotocol
       KAFKA_SSL_TRUSTSTORE_PASSWORD: klifeprotocol
     volumes:
-    - ./keystore/kafka.keystore.jks:/secrets/kafka.keystore.jks:ro,z
-    - ./truststore/kafka.truststore.jks:/secrets/kafka.truststore.jks:ro,z
+    - ./ssl/localhost.keystore.jks:/secrets/kafka.keystore.jks:ro,z
+    - ./ssl/localhost.truststore.jks:/secrets/kafka.truststore.jks:ro,z
 
   kafka3:
     image: confluentinc/cp-kafka:7.4.0
@@ -81,5 +81,5 @@ services:
       KAFKA_SSL_KEYSTORE_PASSWORD: klifeprotocol
       KAFKA_SSL_TRUSTSTORE_PASSWORD: klifeprotocol
     volumes:
-    - ./keystore/kafka.keystore.jks:/secrets/kafka.keystore.jks:ro,z
-    - ./truststore/kafka.truststore.jks:/secrets/kafka.truststore.jks:ro,z
+    - ./ssl/localhost.keystore.jks:/secrets/kafka.keystore.jks:ro,z
+    - ./ssl/localhost.truststore.jks:/secrets/kafka.truststore.jks:ro,z
diff --git a/test/compose_files/generate_ssl_files.sh b/test/compose_files/generate_ssl_files.sh
@@ -0,0 +1,26 @@
+#!/bin/bash
+
+mkdir ./ssl/tmp
+
+openssl req -new -x509 -keyout ./ssl/ca.key -out ./ssl/ca.crt -days 3650 -subj '/CN=localhost/OU=klife_protocol/O=klife/L=brazil/C=br' -passin pass:klifeprotocol -passout pass:klifeprotocol
+
+keytool -genkey -noprompt \
+                 -alias localhost \
+				 -dname "CN=localhost, OU=klife_protocol, O=klife, L=brazil, C=br" \
+				 -keystore ./ssl/localhost.keystore.jks \
+				 -keyalg RSA \
+				 -storepass klifeprotocol \
+				 -keypass klifeprotocol \
+                 -validity 3650
+
+keytool -keystore ./ssl/localhost.keystore.jks -alias localhost -certreq -file ./ssl/tmp/localhost.csr -storepass klifeprotocol -keypass klifeprotocol
+
+openssl x509 -req -CA ./ssl/ca.crt -CAkey ./ssl/ca.key -in ./ssl/tmp/localhost.csr -out ./ssl/tmp/localhost-ca-signed.crt -days 3650 -CAcreateserial -passin pass:klifeprotocol
+
+keytool -keystore ./ssl/localhost.keystore.jks -alias CARoot -import -noprompt -file ./ssl/ca.crt -storepass klifeprotocol -keypass klifeprotocol
+
+keytool -keystore ./ssl/localhost.keystore.jks -alias localhost -import -file ./ssl/tmp/localhost-ca-signed.crt -storepass klifeprotocol -keypass klifeprotocol
+
+keytool -keystore ./ssl/localhost.truststore.jks -alias CARoot -import -noprompt -file ./ssl/ca.crt -storepass klifeprotocol -keypass klifeprotocol
+
+rm -rf ./ssl/tmp
diff --git a/test/compose_files/keystore/kafka.keystore.jks b/test/compose_files/keystore/kafka.keystore.jks
diff --git a/test/compose_files/ssl/ca.crt b/test/compose_files/ssl/ca.crt
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDlzCCAn+gAwIBAgIUcOPRU2TYwIStODKyx4076xke8rAwDQYJKoZIhvcNAQEL
+BQAwWzESMBAGA1UEAwwJbG9jYWxob3N0MRcwFQYDVQQLDA5rbGlmZV9wcm90b2Nv
+bDEOMAwGA1UECgwFa2xpZmUxDzANBgNVBAcMBmJyYXppbDELMAkGA1UEBhMCYnIw
+HhcNMjQwMzI4MjI1MTMxWhcNMzQwMzI2MjI1MTMxWjBbMRIwEAYDVQQDDAlsb2Nh
+bGhvc3QxFzAVBgNVBAsMDmtsaWZlX3Byb3RvY29sMQ4wDAYDVQQKDAVrbGlmZTEP
+MA0GA1UEBwwGYnJhemlsMQswCQYDVQQGEwJicjCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAJEWx2hJNZI46lDlja7QBoOKnytck0wr8/phfLODtoQZt31C
+ImmzqyJi6Q4hotiYhNY53aVpsCz/4QEuo2d4HDCU/LRdEhr6U5Bc6TcdIqzoso2+
+btTboVA9oXZHfVdL5ZK3weWIo+4Sp8IN1xeswAxbB3SEo611NDKUCN7TyGN+6LJR
+1UgPQSXfmxyzDEA1VwDMn4fjQ+LMgAxTg8/Y/W8T044Zk7G5vbRkIx6KBpjI9EW5
+Mn2xQafKZSlJnTqjMnLabtMvSjCe6i0UDfTrj1pX9Tcq+DRKFrsf81SGMkl5mXD0
+5qnLBj63X22yl18N9POCAnypIlJCKlIBs7BHPT8CAwEAAaNTMFEwHQYDVR0OBBYE
+FFW1CLwjlxKu0ZqnNte4hgPr8kwOMB8GA1UdIwQYMBaAFFW1CLwjlxKu0ZqnNte4
+hgPr8kwOMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAI6UxlDN
+w48DPnzrG2RS/xIBI+6GuEvMa/nrVRIeuZFubCtdhZZ6wlGVvT7O/Ds/f2BVrRsx
+O9LughQdzjvmIUwQ75QA40xyxXPG24eNi5hxjwUR6Fbuk2mFnwNrC2AskBH6tmQw
+Up8hBcT/4w9uv6NUYZwnM+IaaG7jOr+iiIT9DyIS3VqBsxWKeZ8RzTqqjV17ecfC
+Zc7z+7y1AvxvSJ7Ag8U6krk/JtcI1dvLVVqAqjyD6l8KqpIL/RTVK1iB6DfKVnpJ
+pG9ZBQ8i59dxYrdpkTYXb2YkfPjdQfNwEL9fBJYYEzRgBkLyDThe/xXxZS/3bK5u
+EinHlwerYDhG3/w=
+-----END CERTIFICATE-----
diff --git a/test/compose_files/ssl/ca.key b/test/compose_files/ssl/ca.key
@@ -0,0 +1,30 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQI1DClX5NjHyACAggA
+MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECNaHWWRUu3FWBIIEyCfFoIfOZsE7
+hKKe8yzi2gBPwMRr+8QNAA2pZVSJfzKl0ntVyzAQ7XajR45LWpmQucbiG+utOMcT
+zwATWv57kGpIPYvK3px59enfjPjZXDwIvWIv2JI+6IKLYJA5j9dE0z5qU8JHbSCH
+NQLnPeC2JvW7AAxRFFCBunTUFRdN2VqUrl8Jb1JBNAAPLCILfxrGuVYRRNaTeA6o
+EQOEWxNFeUlRBxuXWRoKz8PHTFyZOewE5x/d+f3PUoEHS4d5K5lTTqjW51rUgQ9D
+yn20JMpJSYzpi/WKaLkIb8Q+ZCSv8DH48DPeVsOtQsFokLpml1FNj+7JttKV5K3b
+Vhbc/LeZ/5j+DaaPrG8/KGl7qjzvt5p7m6FJhOGjLk9YcPrLcJNN4cjOnxzLhqbD
+Fmp6wnBIIOrqhkSlISwsnEZSP93EuRkag5Qzqk1aN6rS0CHB+6soTVThVXXhuoVt
+EY7RLzdOq+mlY0zb/bwp2KCo46BhqxeNQaMiVK5AyWQpkTNgYHUZyImpD1Lt5i1o
+EnjbP35tHtpbUv1XC2slX7DdAkMPC/JjQMnqwwOq6DtJgxmK/x+zcUayHMLIvjAk
+AIl6Spx5k19M2Nj/pSK+ZWLhezoqyxZQc1EYKB8faYzSslXkwRjxGTkAW2ry7azq
+Co2IKMx4WxoC0zZRsF/dcaNcRWj7QjJbnVTniEb0/u8V8VHn5uvWvwr1Qcs5VMzF
+W7rYoXYmZScYoOHg7+18JMkWJM7KPRMLtO+YfRWtGf7O3w2hsH60eO6a0+cZn84p
+AEAirs1Ma43050Y9Fr/HMgi52AnJN1hxpfYYTVc7E6huhQA7UN4/CnISVgQux+Pm
+IhoAfjw1KT1+17an3GBxigYcmiE7W2f4/XZkH3dCHXBOtM6U37586aUxtu8OZyOW
+7h1mAYgBf019yijgW6Z8xEBhnQ9WwR/lrtw5adLgA5WbLdJoO6YV0oiMsOpkK7Vt
+Wv2uOwAuYUzLNLxb4gpnfV0WoXSWdSngfnkPMHAbckMqVDhb+FlrJuDUCHRIxdg/
+vOhJsraTCPqr/lLXtfWEouVjCvDlCEyg/0FdgN91+Hw2S/eQtVaijNucellC5cmS
+7c7uhJm5A7tR+R4+WgrtnoRc1Q40vliuBvYTdXveO01xwxiiRh23DreQJzbq9vCO
+T6SbBg8/vrbUExKRIcjmSBN+P8CI3kW+JebMd6SHrm1bfQw+lk2iD8wXXNbKD8hh
+K3uDEEtOyzPNxCJiMLji2GEpV17vQ01AAlcM1+ZFIUxwB5LC1R1rxfLKD2uc/rDV
+b1+0nFpIvXgPNxhWqfa6Vr7KYS+3BJn4K0iJa/OSxRWVipm64pAXwKC7XOY0hcnv
+a05OQsrbV6N9iPcniP695ZJKeX9+7rYl48WYmuJJ+HxvjmU88EWfv0PEnr4eLzqZ
+7sAsn7aGYHsNBmdggMtbRTp9LZvtQyjHd0Sd+zw37AlsQ2/d/AZoMtYrLhdROxuO
+L5Uqq3DyrMLGDvmuQ7UmU8dvSVXYXXOUTi9BmQp88bYlwRegZEArQf1/dAJ2p1rI
+nH4jlwt7r2ZgtlLVNPLpwwD7SsTMLwS/okpgdex/GU3Tcg785lsJNAjSArD4dzl3
+RqdjV2DeS8El8hJWTN4WnA==
+-----END ENCRYPTED PRIVATE KEY-----
diff --git a/test/compose_files/ssl/ca.srl b/test/compose_files/ssl/ca.srl
@@ -0,0 +1 @@
+2CDECFE8886A4E080F4AEF64452D7410E7F8926A
diff --git a/test/compose_files/ssl/localhost.keystore.jks b/test/compose_files/ssl/localhost.keystore.jks
diff --git a/test/compose_files/ssl/localhost.truststore.jks b/test/compose_files/ssl/localhost.truststore.jks
diff --git a/test/compose_files/truststore/ca-key b/test/compose_files/truststore/ca-key
diff --git a/test/compose_files/truststore/ca.crt b/test/compose_files/truststore/ca.crt
diff --git a/test/compose_files/truststore/kafka.truststore.jks b/test/compose_files/truststore/kafka.truststore.jks
diff --git a/test/support/helpers.ex b/test/support/helpers.ex
@@ -29,7 +29,7 @@ defmodule KlifeProtocol.TestSupport.Helpers do
   def initialize_connections("SSL") do
     ssl_opts = [
       verify: :verify_peer,
-      cacertfile: Path.relative("test/compose_files/truststore/ca.crt")
+      cacertfile: Path.relative("test/compose_files/ssl/ca.crt")
     ]
 
     socket_backend = :ssl