Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rest-assurance client is not working with BCFIPS certificates #638

Merged
merged 1 commit into from
May 12, 2022
Merged

Rest-assurance client is not working with BCFIPS certificates #638

merged 1 commit into from
May 12, 2022

Conversation

pjgg
Copy link
Contributor

@pjgg pjgg commented May 6, 2022
edited
Loading

Rest-assurance client is not working with BCFIPS certificates, swap to Vertx HTTP client.

Also, we have to split the module in two because QuarkusScenarios doesn't deal well with bouncyCastle Jsse
so we used QuarkusTest instead. But...quarkusTest doesn't support "pom dependencies injection for a single scenario", so this is why we end with two different modules.

Please select the relevant options.

  • Bug fix (non-breaking change which fixes an issue)

Checklist:

  • Methods and classes used in PR scenarios are meaningful
  • Commits are well encapsulated and follow the best practices

@pjgg pjgg requested a review from michalvavrik May 6, 2022 12:37
@pjgg pjgg force-pushed the fix/bouncycastle-fips branch from 45c72a4 to a07b75b Compare May 6, 2022 12:39
@pjgg pjgg mentioned this pull request May 7, 2022
Open
@michalvavrik
Copy link
Member

lgtm so far, I'll finish review on Monday

@pjgg pjgg force-pushed the fix/bouncycastle-fips branch from a07b75b to 4d9c2b4 Compare May 9, 2022 09:31
@michalvavrik
Copy link
Member

@pjgg one test fails on my workstation

14:04:53,484 INFO  ## Running test BouncyCastleFipsJsseIT.verifyBouncyCastleFipsAndJsseProviderAvailability()
14:04:59,617 INFO  [app] Service stopped (Quarkus JVM mode)
[ERROR] Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 14.346 s <<< FAILURE! - in io.quarkus.ts.security.bouncycastle.fips.BouncyCastleFipsJsseIT
[ERROR] verifyBouncyCastleFipsAndJsseProviderAvailability  Time elapsed: 3.053 s  <<< ERROR!
java.util.concurrent.CompletionException: javax.net.ssl.SSLHandshakeException: Failed to create SSL connection
	at io.smallrye.mutiny.operators.uni.UniBlockingAwait.await(UniBlockingAwait.java:79)
	at io.smallrye.mutiny.groups.UniAwait.atMost(UniAwait.java:65)
	at io.smallrye.mutiny.groups.UniAwait.indefinitely(UniAwait.java:46)
	at io.vertx.mutiny.ext.web.client.HttpRequest.sendAndAwait(HttpRequest.java:755)
	at io.quarkus.ts.security.bouncycastle.fips.BouncyCastleFipsJsseIT.verifyBouncyCastleFipsAndJsseProviderAvailability(BouncyCastleFipsJsseIT.java:46)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:568)
	at org.junit.platform.commons.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:725)
	at org.junit.jupiter.engine.execution.MethodInvocation.proceed(MethodInvocation.java:60)
	at org.junit.jupiter.engine.execution.InvocationInterceptorChain$ValidatingInvocation.proceed(InvocationInterceptorChain.java:131)
	at org.junit.jupiter.engine.extension.TimeoutExtension.intercept(TimeoutExtension.java:149)
	at org.junit.jupiter.engine.extension.TimeoutExtension.interceptTestableMethod(TimeoutExtension.java:140)
	at org.junit.jupiter.engine.extension.TimeoutExtension.interceptTestMethod(TimeoutExtension.java:84)
	at org.junit.jupiter.engine.execution.ExecutableInvoker$ReflectiveInterceptorCall.lambda$ofVoidMethod$0(ExecutableInvoker.java:115)
	at org.junit.jupiter.engine.execution.ExecutableInvoker.lambda$invoke$0(ExecutableInvoker.java:105)
	at org.junit.jupiter.engine.execution.InvocationInterceptorChain$InterceptedInvocation.proceed(InvocationInterceptorChain.java:106)
	at org.junit.jupiter.engine.execution.InvocationInterceptorChain.proceed(InvocationInterceptorChain.java:64)
	at org.junit.jupiter.engine.execution.InvocationInterceptorChain.chainAndInvoke(InvocationInterceptorChain.java:45)
	at org.junit.jupiter.engine.execution.InvocationInterceptorChain.invoke(InvocationInterceptorChain.java:37)
	at org.junit.jupiter.engine.execution.ExecutableInvoker.invoke(ExecutableInvoker.java:104)
	at org.junit.jupiter.engine.execution.ExecutableInvoker.invoke(ExecutableInvoker.java:98)
	at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.lambda$invokeTestMethod$7(TestMethodTestDescriptor.java:214)
	at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
	at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.invokeTestMethod(TestMethodTestDescriptor.java:210)
	at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.execute(TestMethodTestDescriptor.java:135)
	at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.execute(TestMethodTestDescriptor.java:66)
	at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$6(NodeTestTask.java:151)
	at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
	at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$8(NodeTestTask.java:141)
	at org.junit.platform.engine.support.hierarchical.Node.around(Node.java:137)
	at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$9(NodeTestTask.java:139)
	at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
	at org.junit.platform.engine.support.hierarchical.NodeTestTask.executeRecursively(NodeTestTask.java:138)
	at org.junit.platform.engine.support.hierarchical.NodeTestTask.execute(NodeTestTask.java:95)
	at java.base/java.util.ArrayList.forEach(ArrayList.java:1511)

my configuration

[mvavrik@fedora bouncycastle-fips]$ mvn --version
Apache Maven 3.8.1 (05c21c65bdfed0f71a2f2ada8b84da59348c4c5d)
Maven home: /home/mvavrik/.sdkman/candidates/maven/current
Java version: 17.0.3, vendor: Eclipse Adoptium, runtime: /home/mvavrik/.sdkman/candidates/java/17.0.3-tem
Default locale: en_US, platform encoding: UTF-8
OS name: "linux", version: "5.17.4-200.fc35.x86_64", arch: "amd64", family: "unix"

michalvavrik
michalvavrik requested changes May 10, 2022
View reviewed changes
Copy link
Member

@michalvavrik michalvavrik left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please have a look to the exception.

@pjgg pjgg force-pushed the fix/bouncycastle-fips branch from 4d9c2b4 to ab415aa Compare May 11, 2022 19:11
@pjgg
Copy link
Contributor Author

pjgg commented May 11, 2022

@pjgg one test fails on my workstation

14:04:53,484 INFO  ## Running test BouncyCastleFipsJsseIT.verifyBouncyCastleFipsAndJsseProviderAvailability()
14:04:59,617 INFO  [app] Service stopped (Quarkus JVM mode)
[ERROR] Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 14.346 s <<< FAILURE! - in io.quarkus.ts.security.bouncycastle.fips.BouncyCastleFipsJsseIT
[ERROR] verifyBouncyCastleFipsAndJsseProviderAvailability  Time elapsed: 3.053 s  <<< ERROR!
java.util.concurrent.CompletionException: javax.net.ssl.SSLHandshakeException: Failed to create SSL connection
	at io.smallrye.mutiny.operators.uni.UniBlockingAwait.await(UniBlockingAwait.java:79)
	at io.smallrye.mutiny.groups.UniAwait.atMost(UniAwait.java:65)
	at io.smallrye.mutiny.groups.UniAwait.indefinitely(UniAwait.java:46)
	at io.vertx.mutiny.ext.web.client.HttpRequest.sendAndAwait(HttpRequest.java:755)
	at io.quarkus.ts.security.bouncycastle.fips.BouncyCastleFipsJsseIT.verifyBouncyCastleFipsAndJsseProviderAvailability(BouncyCastleFipsJsseIT.java:46)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:568)
	at org.junit.platform.commons.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:725)
	at org.junit.jupiter.engine.execution.MethodInvocation.proceed(MethodInvocation.java:60)
	at org.junit.jupiter.engine.execution.InvocationInterceptorChain$ValidatingInvocation.proceed(InvocationInterceptorChain.java:131)
	at org.junit.jupiter.engine.extension.TimeoutExtension.intercept(TimeoutExtension.java:149)
	at org.junit.jupiter.engine.extension.TimeoutExtension.interceptTestableMethod(TimeoutExtension.java:140)
	at org.junit.jupiter.engine.extension.TimeoutExtension.interceptTestMethod(TimeoutExtension.java:84)
	at org.junit.jupiter.engine.execution.ExecutableInvoker$ReflectiveInterceptorCall.lambda$ofVoidMethod$0(ExecutableInvoker.java:115)
	at org.junit.jupiter.engine.execution.ExecutableInvoker.lambda$invoke$0(ExecutableInvoker.java:105)
	at org.junit.jupiter.engine.execution.InvocationInterceptorChain$InterceptedInvocation.proceed(InvocationInterceptorChain.java:106)
	at org.junit.jupiter.engine.execution.InvocationInterceptorChain.proceed(InvocationInterceptorChain.java:64)
	at org.junit.jupiter.engine.execution.InvocationInterceptorChain.chainAndInvoke(InvocationInterceptorChain.java:45)
	at org.junit.jupiter.engine.execution.InvocationInterceptorChain.invoke(InvocationInterceptorChain.java:37)
	at org.junit.jupiter.engine.execution.ExecutableInvoker.invoke(ExecutableInvoker.java:104)
	at org.junit.jupiter.engine.execution.ExecutableInvoker.invoke(ExecutableInvoker.java:98)
	at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.lambda$invokeTestMethod$7(TestMethodTestDescriptor.java:214)
	at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
	at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.invokeTestMethod(TestMethodTestDescriptor.java:210)
	at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.execute(TestMethodTestDescriptor.java:135)
	at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.execute(TestMethodTestDescriptor.java:66)
	at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$6(NodeTestTask.java:151)
	at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
	at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$8(NodeTestTask.java:141)
	at org.junit.platform.engine.support.hierarchical.Node.around(Node.java:137)
	at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$9(NodeTestTask.java:139)
	at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
	at org.junit.platform.engine.support.hierarchical.NodeTestTask.executeRecursively(NodeTestTask.java:138)
	at org.junit.platform.engine.support.hierarchical.NodeTestTask.execute(NodeTestTask.java:95)
	at java.base/java.util.ArrayList.forEach(ArrayList.java:1511)

my configuration

[mvavrik@fedora bouncycastle-fips]$ mvn --version
Apache Maven 3.8.1 (05c21c65bdfed0f71a2f2ada8b84da59348c4c5d)
Maven home: /home/mvavrik/.sdkman/candidates/maven/current
Java version: 17.0.3, vendor: Eclipse Adoptium, runtime: /home/mvavrik/.sdkman/candidates/java/17.0.3-tem
Default locale: en_US, platform encoding: UTF-8
OS name: "linux", version: "5.17.4-200.fc35.x86_64", arch: "amd64", family: "unix"

Looks like doesn't work on JDK17
quarkusio/quarkus#25516

@pjgg pjgg requested a review from michalvavrik May 11, 2022 19:12
@pjgg pjgg force-pushed the fix/bouncycastle-fips branch from ab415aa to f393fff Compare May 12, 2022 11:05
Split bouncycastle module into two modules
bcba925 
Rest-assurance client is not working with BCFIPS certificates, swap to Vertx HTTP client.

Also, we have to split the module in two because QuarkusScenarios doesn't deal well with bouncyCastle Jsse
so we used QuarkusTest instead. But...quarkusTest doesn't support "pom dependencies injection for a single scenario", so this is why we end with two different modules.
@pjgg pjgg force-pushed the fix/bouncycastle-fips branch from f393fff to bcba925 Compare May 12, 2022 11:09
michalvavrik
michalvavrik approved these changes May 12, 2022
View reviewed changes
Copy link
Member

@michalvavrik michalvavrik left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@michalvavrik michalvavrik merged commit cce1c70 into quarkus-qe:main May 12, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@michalvavrik michalvavrik michalvavrik approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@pjgg @michalvavrik