Use example IPs according to RFC3849/RFC5737

pull/168/head
Richard Körber 2024-03-13 20:27:12 +01:00
parent 97a6708db3
commit b5a7e00ac3
No known key found for this signature in database
GPG Key ID: AAB9FD19C78AA3E0
10 changed files with 31 additions and 31 deletions

View File

@ -80,20 +80,20 @@ public class IdentifierTest {
@Test
public void testIp() throws UnknownHostException {
var id1 = Identifier.ip(InetAddress.getByName("192.168.1.2"));
var id1 = Identifier.ip(InetAddress.getByName("192.0.2.2"));
assertThat(id1.getType()).isEqualTo(Identifier.TYPE_IP);
assertThat(id1.getValue()).isEqualTo("192.168.1.2");
assertThat(id1.getIP().getHostAddress()).isEqualTo("192.168.1.2");
assertThat(id1.getValue()).isEqualTo("192.0.2.2");
assertThat(id1.getIP().getHostAddress()).isEqualTo("192.0.2.2");
var id2 = Identifier.ip(InetAddress.getByName("2001:db8:85a3::8a2e:370:7334"));
assertThat(id2.getType()).isEqualTo(Identifier.TYPE_IP);
assertThat(id2.getValue()).isEqualTo("2001:db8:85a3:0:0:8a2e:370:7334");
assertThat(id2.getIP().getHostAddress()).isEqualTo("2001:db8:85a3:0:0:8a2e:370:7334");
var id3 = Identifier.ip("192.168.2.99");
var id3 = Identifier.ip("192.0.2.99");
assertThat(id3.getType()).isEqualTo(Identifier.TYPE_IP);
assertThat(id3.getValue()).isEqualTo("192.168.2.99");
assertThat(id3.getIP().getHostAddress()).isEqualTo("192.168.2.99");
assertThat(id3.getValue()).isEqualTo("192.0.2.99");
assertThat(id3.getIP().getHostAddress()).isEqualTo("192.0.2.99");
}
@Test

View File

@ -83,7 +83,7 @@ public class OrderBuilderTest {
.identifier(Identifier.dns("d.example.com"))
.identifiers(Arrays.asList(
Identifier.dns("d2.example.com"),
Identifier.ip(InetAddress.getByName("192.168.1.2"))))
Identifier.ip(InetAddress.getByName("192.0.2.2"))))
.notBefore(notBefore)
.notAfter(notAfter)
.create();
@ -97,7 +97,7 @@ public class OrderBuilderTest {
Identifier.dns("m.example.org"),
Identifier.dns("d.example.com"),
Identifier.dns("d2.example.com"),
Identifier.ip(InetAddress.getByName("192.168.1.2")));
Identifier.ip(InetAddress.getByName("192.0.2.2")));
softly.assertThat(order.getNotBefore().orElseThrow())
.isEqualTo("2016-01-01T00:10:00Z");
softly.assertThat(order.getNotAfter().orElseThrow())

View File

@ -36,7 +36,7 @@ public class NetworkSettingsTest {
public void testGettersAndSetters() {
var settings = new NetworkSettings();
var proxyAddress = new InetSocketAddress("10.0.0.1", 8080);
var proxyAddress = new InetSocketAddress("198.51.100.1", 8080);
var proxySelector = ProxySelector.of(proxyAddress);
assertThat(settings.getProxySelector()).isSameAs(HttpClient.Builder.NO_PROXY);

View File

@ -209,14 +209,14 @@ public class CSRBuilderTest {
builder.addDomains("jklm.no", "pqr.st");
builder.addDomains(Arrays.asList("uv.wx", "y.z"));
builder.addDomain("*.wild.card");
builder.addIP(InetAddress.getByName("192.168.0.1"));
builder.addIP(InetAddress.getByName("192.168.0.2"));
builder.addIPs(InetAddress.getByName("10.0.0.1"), InetAddress.getByName("10.0.0.2"));
builder.addIPs(Arrays.asList(InetAddress.getByName("fd00::1"), InetAddress.getByName("fd00::2")));
builder.addIP(InetAddress.getByName("192.0.2.1"));
builder.addIP(InetAddress.getByName("192.0.2.2"));
builder.addIPs(InetAddress.getByName("198.51.100.1"), InetAddress.getByName("198.51.100.2"));
builder.addIPs(Arrays.asList(InetAddress.getByName("2001:db8::1"), InetAddress.getByName("2001:db8::2")));
builder.addIdentifier(Identifier.dns("ide1.nt"));
builder.addIdentifier(Identifier.ip("192.168.5.5"));
builder.addIdentifiers(Identifier.dns("ide2.nt"), Identifier.ip("192.168.5.6"));
builder.addIdentifiers(Arrays.asList(Identifier.dns("ide3.nt"), Identifier.ip("192.168.5.7")));
builder.addIdentifier(Identifier.ip("203.0.113.5"));
builder.addIdentifiers(Identifier.dns("ide2.nt"), Identifier.ip("203.0.113.6"));
builder.addIdentifiers(Arrays.asList(Identifier.dns("ide3.nt"), Identifier.ip("203.0.113.7")));
builder.setCommonName("abc.de");
builder.setCountry("XX");
@ -229,9 +229,9 @@ public class CSRBuilderTest {
+ "OU=Testunit,ST=ABC,"
+ "DNS=abc.de,DNS=fg.hi,DNS=jklm.no,DNS=pqr.st,DNS=uv.wx,DNS=y.z,DNS=*.wild.card,"
+ "DNS=ide1.nt,DNS=ide2.nt,DNS=ide3.nt,"
+ "IP=192.168.0.1,IP=192.168.0.2,IP=10.0.0.1,IP=10.0.0.2,"
+ "IP=fd00:0:0:0:0:0:0:1,IP=fd00:0:0:0:0:0:0:2,"
+ "IP=192.168.5.5,IP=192.168.5.6,IP=192.168.5.7");
+ "IP=192.0.2.1,IP=192.0.2.2,IP=198.51.100.1,IP=198.51.100.2,"
+ "IP=2001:db8:0:0:0:0:0:1,IP=2001:db8:0:0:0:0:0:2,"
+ "IP=203.0.113.5,IP=203.0.113.6,IP=203.0.113.7");
return builder;
}
@ -281,9 +281,9 @@ public class CSRBuilderTest {
assertThat(names.getNames())
.filteredOn(gn -> gn.getTagNo() == GeneralName.iPAddress)
.extracting(gn -> getIP(gn.getName()).getHostAddress())
.containsExactlyInAnyOrder("192.168.0.1", "192.168.0.2", "10.0.0.1",
"10.0.0.2", "fd00:0:0:0:0:0:0:1", "fd00:0:0:0:0:0:0:2",
"192.168.5.5", "192.168.5.6", "192.168.5.7");
.containsExactlyInAnyOrder("192.0.2.1", "192.0.2.2", "198.51.100.1",
"198.51.100.2", "2001:db8:0:0:0:0:0:1", "2001:db8:0:0:0:0:0:2",
"203.0.113.5", "203.0.113.6", "203.0.113.7");
}
/**

View File

@ -220,7 +220,7 @@ public class CertificateUtilsTest {
var builder = new CSRBuilder();
builder.addDomains("example.org", "www.example.org");
builder.addIP(InetAddress.getByName("192.168.0.1"));
builder.addIP(InetAddress.getByName("192.0.2.1"));
builder.sign(keypair);
var csr = builder.getCSR();
@ -230,7 +230,7 @@ public class CertificateUtilsTest {
assertThat(cert.getIssuerX500Principal().getName()).isEqualTo(rootSubject);
assertThat(cert.getSubjectX500Principal().getName()).isEqualTo("");
assertThat(getSANs(cert)).contains("example.org", "www.example.org");
assertThat(getIpSANs(cert)).contains(InetAddress.getByName("192.168.0.1"));
assertThat(getIpSANs(cert)).contains(InetAddress.getByName("192.0.2.1"));
assertThat(cert.getNotBefore().toInstant()).isEqualTo(notBefore);
assertThat(cert.getNotAfter().toInstant()).isEqualTo(notAfter);
assertThat(cert.getSerialNumber()).isNotNull();

View File

@ -30,7 +30,7 @@
},
{
"type": "ip",
"value": "192.168.1.2"
"value": "192.0.2.2"
}
],
"notBefore": "2016-01-01T00:00:00Z",

View File

@ -32,7 +32,7 @@
},
{
"type": "ip",
"value": "192.168.1.2"
"value": "192.0.2.2"
}
],
"notBefore": "2016-01-01T00:10:00Z",

View File

@ -227,7 +227,7 @@ public class EmailProcessorTest extends SMIMETests {
assertThatExceptionOfType(AcmeProtocolException.class)
.isThrownBy(() -> {
var processor = EmailProcessor.plainMessage(message);
processor.expectedIdentifier(Identifier.ip("192.168.0.1"));
processor.expectedIdentifier(Identifier.ip("192.0.2.1"));
})
.withMessage("Wrong identifier type: ip");
}

View File

@ -35,8 +35,8 @@ The `CSRBuilder` also accepts IP addresses and `Identifier` for generating the C
```java
CSRBuilder csrb = new CSRBuilder();
csrb.addIP(InetAddress.getByName("192.168.1.2"));
csrb.addIdentifier(Identifier.ip("192.168.2.3"));
csrb.addIP(InetAddress.getByName("192.0.2.2"));
csrb.addIdentifier(Identifier.ip("192.0.2.3"));
csrb.sign(domainKeyPair);
```

View File

@ -212,8 +212,8 @@ Besides domains, _acme4j_ also supports IP identifier validation as specified in
```java
Order order = account.newOrder()
.identifier(Identifier.ip(InetAddress.getByName("192.168.1.2")))
.identifier(Identifier.ip("192.168.2.3")) // for your convenience
.identifier(Identifier.ip(InetAddress.getByName("192.0.2.2")))
.identifier(Identifier.ip("192.0.2.3")) // for your convenience
.identifier(Identifier.dns("example.org"))
.create();
```