* FYI: new JSSE tests
@ 2006-07-30 22:34 Casey Marshall
0 siblings, 0 replies; only message in thread
From: Casey Marshall @ 2006-07-30 22:34 UTC (permalink / raw)
To: Mauve-patches
[-- Attachment #1.1: Type: text/plain, Size: 806 bytes --]
This adds tests for the new version of Jessie, which is still pending
to be merged back into the generics branch.
2006-07-30 Casey Marshall <csm@gnu.org>
* gnu/testlet/javax/net/ssl/SSLContext/TestDefaultInit.java,
* gnu/testlet/javax/net/ssl/SSLContext/TestGetInstance.java,
* gnu/testlet/javax/net/ssl/SSLEngine/AbstractEngineTest.java,
* gnu/testlet/javax/net/ssl/SSLEngine/SimplePSKKeyManager.java,
* gnu/testlet/javax/net/ssl/SSLEngine/SimpleX509KeyManager.java,
* gnu/testlet/javax/net/ssl/SSLEngine/SimpleX509TrustManager.java,
* gnu/testlet/javax/net/ssl/SSLEngine/TestGNUHandshake.java,
* gnu/testlet/javax/net/ssl/SSLEngine/TestHandshake.java,
* gnu/testlet/javax/net/ssl/SSLEngine/TestNoCiphersuites.java,
* gnu/testlet/javax/net/ssl/SSLEngine/TestNoProtocols.java:
New tests.
[-- Attachment #1.2: 20060730.patch.txt --]
[-- Type: text/plain, Size: 45586 bytes --]
### Eclipse Workspace Patch 1.0
#P mauve
Index: gnu/testlet/javax/net/ssl/SSLEngine/SimpleX509KeyManager.java
===================================================================
RCS file: gnu/testlet/javax/net/ssl/SSLEngine/SimpleX509KeyManager.java
diff -N gnu/testlet/javax/net/ssl/SSLEngine/SimpleX509KeyManager.java
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ gnu/testlet/javax/net/ssl/SSLEngine/SimpleX509KeyManager.java 1 Jan 1970 00:00:00 -0000
@@ -0,0 +1,204 @@
+/* SimpleX509KeyManager.java -- key manager for testing.
+ Copyright (C) 2006 Casey Marshall <csm@gnu.org>
+
+This file is part of Mauve.
+
+Mauve is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+Mauve is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with Mauve; see the file COPYING. If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+*/
+
+// Tags: not-a-test
+
+package gnu.testlet.javax.net.ssl.SSLEngine;
+
+import gnu.java.security.key.dss.DSSPrivateKey;
+import gnu.java.security.key.rsa.GnuRSAPrivateKey;
+
+import java.math.BigInteger;
+import java.net.Socket;
+import java.security.KeyFactory;
+import java.security.Principal;
+import java.security.PrivateKey;
+import java.security.cert.X509Certificate;
+import java.security.spec.PKCS8EncodedKeySpec;
+
+import javax.net.ssl.SSLEngine;
+import javax.net.ssl.X509ExtendedKeyManager;
+
+/**
+ * @author Casey Marshall (csm@gnu.org)
+ */
+public class SimpleX509KeyManager
+ extends X509ExtendedKeyManager
+{
+
+ /* (non-Javadoc)
+ * @see javax.net.ssl.X509KeyManager#chooseClientAlias(java.lang.String[], java.security.Principal[], java.net.Socket)
+ */
+ public String chooseClientAlias(String[] arg0, Principal[] arg1, Socket arg2)
+ {
+ for (int i = 0; i < arg0.length; i++)
+ {
+ if (arg0[i].equalsIgnoreCase("rsa_sign"))
+ return "rsakey";
+ if (arg0[i].equalsIgnoreCase("dss_sign"))
+ return "dsskey";
+ }
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see javax.net.ssl.X509KeyManager#chooseServerAlias(java.lang.String, java.security.Principal[], java.net.Socket)
+ */
+ public String chooseServerAlias(String arg0, Principal[] arg1, Socket arg2)
+ {
+ if (arg0.equalsIgnoreCase("DHE_RSA")
+ || arg0.equalsIgnoreCase("SRP_RSA")
+ || arg0.equalsIgnoreCase("RSA")
+ || arg0.equalsIgnoreCase("RSA_PSK"))
+ return "rsakey";
+ if (arg0.equalsIgnoreCase("DHE_DSS")
+ || arg0.equalsIgnoreCase("SRP_DSS"))
+ return "dsakey";
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see javax.net.ssl.X509KeyManager#getCertificateChain(java.lang.String)
+ */
+ public X509Certificate[] getCertificateChain(String arg0)
+ {
+ if (arg0.equals("rsakey"))
+ return new X509Certificate[] { SimpleX509TrustManager.RSA };
+ if (arg0.equals("dsakey"))
+ return new X509Certificate[] { SimpleX509TrustManager.DSA };
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see javax.net.ssl.X509KeyManager#getClientAliases(java.lang.String, java.security.Principal[])
+ */
+ public String[] getClientAliases(String arg0, Principal[] arg1)
+ {
+ if (arg0.equalsIgnoreCase("rsa_sign"))
+ return new String[] { "rsakey" };
+ if (arg0.equalsIgnoreCase("dss_sign"))
+ return new String[] { "dsakey" };
+ return new String[0];
+ }
+
+ /* (non-Javadoc)
+ * @see javax.net.ssl.X509KeyManager#getPrivateKey(java.lang.String)
+ */
+ public PrivateKey getPrivateKey(String arg0)
+ {
+ if (arg0.equals("dsakey"))
+ return DSAKEY;
+ if (arg0.equals("rsakey"))
+ return RSAKEY;
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see javax.net.ssl.X509KeyManager#getServerAliases(java.lang.String, java.security.Principal[])
+ */
+ public String[] getServerAliases(String arg0, Principal[] arg1)
+ {
+ if (arg0.equalsIgnoreCase("DHE_RSA")
+ || arg0.equalsIgnoreCase("SRP_RSA")
+ || arg0.equalsIgnoreCase("RSA")
+ || arg0.equalsIgnoreCase("RSA_PSK"))
+ return new String[] { "rsakey" };
+ if (arg0.equalsIgnoreCase("DHE_DSS")
+ || arg0.equalsIgnoreCase("SRP_DSS"))
+ return new String[] { "dsakey" };
+ return new String[0];
+ }
+
+ /* (non-Javadoc)
+ * @see javax.net.ssl.X509ExtendedKeyManager#chooseEngineClientAlias(java.lang.String[], java.security.Principal[], javax.net.ssl.SSLEngine)
+ */
+ public String chooseEngineClientAlias(String[] arg0, Principal[] arg1, SSLEngine arg2)
+ {
+ for (int i = 0; i < arg0.length; i++)
+ {
+ if (arg0[i].equalsIgnoreCase("rsa_sign"))
+ return "rsakey";
+ if (arg0[i].equalsIgnoreCase("dss_sign"))
+ return "dsskey";
+ }
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see javax.net.ssl.X509ExtendedKeyManager#chooseEngineServerAlias(java.lang.String, java.security.Principal[], javax.net.ssl.SSLEngine)
+ */
+ public String chooseEngineServerAlias(String arg0, Principal[] arg1, SSLEngine arg2)
+ {
+ if (arg0.equalsIgnoreCase("DHE_RSA")
+ || arg0.equalsIgnoreCase("SRP_RSA")
+ || arg0.equalsIgnoreCase("RSA")
+ || arg0.equalsIgnoreCase("RSA_PSK"))
+ return "rsakey";
+ if (arg0.equalsIgnoreCase("DHE_DSS")
+ || arg0.equalsIgnoreCase("SRP_DSS"))
+ return "dsakey";
+ return null;
+ }
+
+ static final PrivateKey RSAKEY = new GnuRSAPrivateKey
+ (new BigInteger("00e83e0911bdfd4d53f67e8642c720" +
+ "8cfb338cfa6ffd984a26155146ba79" +
+ "7fd595f03fff85d0e98490b7544f3a" +
+ "742ee77f54c2ca9d5bf62677144565" +
+ "a303ff6f37", 16),
+ new BigInteger("00cc582a56f26eb17d54f9d8eeb386" +
+ "9fe6b21368b501ecaa908f0cff0306" +
+ "7b95867b8f07992a6208304f272092" +
+ "dc7538cd5d03b1393108b4f2bd5be2" +
+ "e4f471ca87", 16),
+ new BigInteger("10001", 16),
+ new BigInteger("00a986a8e62ef20867949a84a2df1b" +
+ "7ff4ed645d31749637696dbeb7d079" +
+ "ac17323692f5de0dc60c8e509213d1" +
+ "b76827aa503d0fa789501abf3c92eb" +
+ "5ad6f6de8e4e3eda86c782c55024d6" +
+ "e3be87a203d9260e9b30245ff45802" +
+ "acc824f5477bee73e2767cde28e10b" +
+ "479dfc39c52c67d17d1922a126def7" +
+ "cd5bc7c9f5f4f02771", 16));
+ static final PrivateKey DSAKEY = new DSSPrivateKey
+ (new BigInteger("00df089411968aba94c203bebe06f9" +
+ "81342c98354c7fd675d5360038fe41" +
+ "2939a8d656db002a9bff95026dd94c" +
+ "b5a4861f994276db28e8007e7dcf10" +
+ "df05011a8fe82a102f3642e75f7c7f" +
+ "9b4c4c66d39c1708a2a783f584fd14" +
+ "c6927253f25bfd2effa9710465e5a0" +
+ "f63969852515d876e1f05fc6d4c18d" +
+ "7e00e1318877835dd9", 16),
+ new BigInteger("009ff16bac62ce0f0dc77d16de6cf3000adea61c7b", 16),
+ new BigInteger("12946984d6336481e7e6c87aa8dc0f" +
+ "d28afea6c842367048e065d9ff9c51" +
+ "106358298cf2d205c78e3c7e4569e4" +
+ "86e132d48eddaae88875fde5f6b71e" +
+ "2d75960c8f10541ac94eba96008233" +
+ "de8aa2041ca1e98a55b90c8c43bf2c" +
+ "15e040df4e7f167db198549e6a4eb8" +
+ "ae41b41576d95791f6779377cf49c8" +
+ "b68498a2e200038e", 16),
+ new BigInteger("2564481362698611a67084e8857612b5dd8dd668", 16));
+}
Index: gnu/testlet/javax/net/ssl/SSLContext/TestDefaultInit.java
===================================================================
RCS file: gnu/testlet/javax/net/ssl/SSLContext/TestDefaultInit.java
diff -N gnu/testlet/javax/net/ssl/SSLContext/TestDefaultInit.java
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ gnu/testlet/javax/net/ssl/SSLContext/TestDefaultInit.java 1 Jan 1970 00:00:00 -0000
@@ -0,0 +1,71 @@
+/* defaultInit.java -- test default context initialization.
+ Copyright (C) 2006 Casey Marshall <csm@gnu.org>
+This file is part of Mauve.
+
+Mauve is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+Mauve is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with Mauve; see the file COPYING. If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+*/
+
+// Tags: JDK1.5
+
+package gnu.testlet.javax.net.ssl.SSLContext;
+
+import gnu.testlet.TestHarness;
+import gnu.testlet.Testlet;
+
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+
+import javax.net.ssl.SSLContext;
+
+
+/**
+ * @author Casey Marshall (csm@gnu.org)
+ */
+public class TestDefaultInit
+ implements Testlet
+{
+
+ /* (non-Javadoc)
+ * @see gnu.testlet.Testlet#test(gnu.testlet.TestHarness)
+ */
+ public void test(TestHarness harness)
+ {
+ SSLContext context = null;
+ try
+ {
+ context = SSLContext.getInstance("SSL");
+ harness.check(context != null);
+ }
+ catch (NoSuchAlgorithmException nsae)
+ {
+ harness.fail("getInstance");
+ harness.debug(nsae);
+ }
+
+ try
+ {
+ System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
+ context.init(null, null, null);
+ harness.check(true);
+ }
+ catch (KeyManagementException kme)
+ {
+ harness.fail("SSLContext.init");
+ harness.debug(kme);
+ }
+ }
+}
Index: gnu/testlet/javax/net/ssl/SSLEngine/TestNoCiphersuites.java
===================================================================
RCS file: gnu/testlet/javax/net/ssl/SSLEngine/TestNoCiphersuites.java
diff -N gnu/testlet/javax/net/ssl/SSLEngine/TestNoCiphersuites.java
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ gnu/testlet/javax/net/ssl/SSLEngine/TestNoCiphersuites.java 1 Jan 1970 00:00:00 -0000
@@ -0,0 +1,94 @@
+/* TestNoCiphersuites.java -- test no common ciphersuites.
+ Copyright (C) 2006 Casey Marshall <csm@gnu.org>
+
+This file is part of Mauve.
+
+Mauve is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+Mauve is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with Mauve; see the file COPYING. If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+*/
+
+// Tags: JDK1.5 JSSE
+
+package gnu.testlet.javax.net.ssl.SSLEngine;
+
+import gnu.testlet.TestHarness;
+
+/**
+ * Test a connection between two SSLEngines with no cipher suites in common
+ * (which should fail).
+ *
+ * @author Casey Marshall (csm@gnu.org)
+ */
+public class TestNoCiphersuites
+ extends AbstractEngineTest
+{
+
+ /* (non-Javadoc)
+ * @see gnu.testlet.javax.net.ssl.SSLEngine.AbstractEngineTest#implTest(gnu.testlet.TestHarness)
+ */
+ protected void implTest(TestHarness harness)
+ {
+ setupEngines(harness);
+
+ clientEngine.setEnabledCipherSuites(new String[] {
+ "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
+ "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
+ "TLS_DH_DSS_WITH_AES_256_CBC_SHA",
+ "TLS_DH_RSA_WITH_AES_256_CBC_SHA",
+ "TLS_RSA_WITH_AES_256_CBC_SHA",
+ "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
+ "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
+ "TLS_DH_DSS_WITH_AES_128_CBC_SHA",
+ "TLS_DH_RSA_WITH_AES_128_CBC_SHA",
+ "TLS_RSA_WITH_AES_128_CBC_SHA",
+ "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
+ "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
+ "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA",
+ "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA",
+ "TLS_RSA_WITH_3DES_EDE_CBC_SHA"
+ });
+
+ serverEngine.setEnabledCipherSuites(new String[] {
+ "TLS_RSA_WITH_RC4_128_MD5",
+ "TLS_RSA_WITH_RC4_128_SHA",
+ "TLS_DHE_DSS_WITH_DES_CBC_SHA",
+ "TLS_DHE_RSA_WITH_DES_CBC_SHA",
+ "TLS_DH_DSS_WITH_DES_CBC_SHA",
+ "TLS_DH_RSA_WITH_DES_CBC_SHA",
+ "TLS_RSA_WITH_DES_CBC_SHA",
+ "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA",
+ "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA",
+ "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA",
+ "TLS_RSA_EXPORT_WITH_RC4_40_MD5",
+ "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA",
+ "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
+ "TLS_RSA_WITH_NULL_MD5",
+ "TLS_RSA_WITH_NULL_SHA"
+ });
+
+ harness.checkPoint("SSLEngine/no-ciphersuites");
+
+ try
+ {
+ runHandshake();
+ harness.fail("SSLEngine/no-ciphersuites");
+ }
+ catch (Exception x)
+ {
+ harness.check(true);
+ }
+ }
+}
Index: gnu/testlet/javax/net/ssl/SSLEngine/TestNoProtocols.java
===================================================================
RCS file: gnu/testlet/javax/net/ssl/SSLEngine/TestNoProtocols.java
diff -N gnu/testlet/javax/net/ssl/SSLEngine/TestNoProtocols.java
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ gnu/testlet/javax/net/ssl/SSLEngine/TestNoProtocols.java 1 Jan 1970 00:00:00 -0000
@@ -0,0 +1,59 @@
+/* TestNoProtocols.java -- test handshake failure with no common protocols.
+ Copyright (C) 2006 Casey Marshall <csm@gnu.org>
+
+This file is part of Mauve.
+
+Mauve is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+Mauve is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with Mauve; see the file COPYING. If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+*/
+
+// Tags: JDK1.5 JSSE
+
+package gnu.testlet.javax.net.ssl.SSLEngine;
+
+import gnu.testlet.TestHarness;
+import gnu.testlet.Testlet;
+
+/**
+ * Test a connection between SSLEngines that don't have any protocols in
+ * common (that is, test that the handshake fails).
+ *
+ * @author Casey Marshall (csm@gnu.org)
+ */
+public class TestNoProtocols extends AbstractEngineTest
+{
+
+ /* (non-Javadoc)
+ * @see gnu.testlet.javax.net.ssl.SSLEngine.AbstractEngineTest#implTest(gnu.testlet.TestHarness)
+ */
+ protected void implTest(TestHarness harness)
+ {
+ setupEngines(harness);
+ clientEngine.setEnabledProtocols(new String[] { "SSLv3" });
+ serverEngine.setEnabledProtocols(new String[] { "TLSv1", "TLSv1.1" });
+
+ harness.checkPoint("SSLEngine/protcols");
+ try
+ {
+ runHandshake();
+ harness.fail("SSLEngine/protocols");
+ }
+ catch (Exception e)
+ {
+ harness.check(true);
+ }
+ }
+}
Index: gnu/testlet/javax/net/ssl/SSLEngine/TestHandshake.java
===================================================================
RCS file: gnu/testlet/javax/net/ssl/SSLEngine/TestHandshake.java
diff -N gnu/testlet/javax/net/ssl/SSLEngine/TestHandshake.java
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ gnu/testlet/javax/net/ssl/SSLEngine/TestHandshake.java 1 Jan 1970 00:00:00 -0000
@@ -0,0 +1,85 @@
+/* testAll.java -- test all protocol versions and cipher suites.
+ Copyright (C) 2006 Casey Marshall <csm@gnu.org>
+
+This file is part of Mauve.
+
+Mauve is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+Mauve is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with Mauve; see the file COPYING. If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+*/
+
+// Tags: JDK1.5 JSSE
+
+package gnu.testlet.javax.net.ssl.SSLEngine;
+
+import gnu.testlet.TestHarness;
+
+import javax.net.ssl.SSLEngine;
+
+/**
+ * Test every protocol and cipher suite that we can.
+ *
+ * @author Casey Marshall (csm@gnu.org)
+ */
+public class TestHandshake
+ extends AbstractEngineTest
+{
+
+ /* (non-Javadoc)
+ * @see gnu.testlet.javax.net.ssl.SSLEngine.AbstractEngineTest#implTest(gnu.testlet.TestHarness)
+ */
+ protected void implTest(TestHarness harness)
+ {
+ String[] protocols;
+ String[] suites;
+
+ SSLEngine fake = context.createSSLEngine();
+ protocols = fake.getSupportedProtocols();
+ suites = fake.getSupportedCipherSuites();
+
+ for (int i = 0; i < protocols.length; i++)
+ {
+ for (int j = 0; j < suites.length; j++)
+ {
+ // Skip static DH suites; we need a way to generate appropriate
+ // certificates for these suites.
+ if (suites[j].indexOf("DH_RSA") >= 0
+ || suites[j].indexOf("DH_DSS") >= 0)
+ continue;
+ // Test these in GNU-specific test.
+ if (suites[j].indexOf("PSK") >= 0
+ || suites[j].indexOf("SRP") >= 0)
+ continue;
+ setupEngines(harness);
+ clientEngine.setEnabledProtocols(new String[] { protocols[i] });
+ clientEngine.setEnabledCipherSuites(new String[] { suites[j] });
+ serverEngine.setEnabledCipherSuites(serverEngine.getSupportedCipherSuites());
+
+ harness.checkPoint("SSLEngine/" + protocols[i] + "/"
+ + suites[j]);
+ try
+ {
+ runHandshake();
+ harness.check(true);
+ }
+ catch (Exception x)
+ {
+ harness.check(false);
+ harness.debug(x);
+ }
+ }
+ }
+ }
+}
Index: gnu/testlet/javax/net/ssl/SSLEngine/TestGNUHandshake.java
===================================================================
RCS file: gnu/testlet/javax/net/ssl/SSLEngine/TestGNUHandshake.java
diff -N gnu/testlet/javax/net/ssl/SSLEngine/TestGNUHandshake.java
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ gnu/testlet/javax/net/ssl/SSLEngine/TestGNUHandshake.java 1 Jan 1970 00:00:00 -0000
@@ -0,0 +1,103 @@
+/* TestGNUHandshake.java -- test GNU-supported cipher suites.
+ Copyright (C) 2006 Casey Marshall <csm@gnu.org>
+This file is part of Mauve.
+
+Mauve is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+Mauve is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with Mauve; see the file COPYING. If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+*/
+
+// Tags: GNU JESSIE
+
+package gnu.testlet.javax.net.ssl.SSLEngine;
+
+import gnu.testlet.TestHarness;
+
+import java.security.SecureRandom;
+import java.security.Security;
+
+import javax.net.ssl.KeyManager;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLEngine;
+import javax.net.ssl.TrustManager;
+
+/**
+ * @author Casey Marshall (csm@gnu.org)
+ */
+public class TestGNUHandshake
+ extends AbstractEngineTest
+{
+ protected boolean setup(TestHarness harness)
+ {
+ try
+ {
+ harness.checkPoint("SSLContext.getInstance");
+ context = SSLContext.getInstance("SSL");
+ context.init(new KeyManager[] { new SimpleX509KeyManager(),
+ new SimplePSKKeyManager() },
+ new TrustManager[] { new SimpleX509TrustManager() },
+ SecureRandom.getInstance("Fortuna"));
+ Security.setProperty("jessie.client.psk.identity", "MAUVE");
+ }
+ catch (Exception e)
+ {
+ harness.fail("SSLContext.getInstance");
+ harness.debug(e);
+ return false;
+ }
+ return true;
+ }
+
+
+ /* (non-Javadoc)
+ * @see gnu.testlet.javax.net.ssl.SSLEngine.AbstractEngineTest#implTest(gnu.testlet.TestHarness)
+ */
+ protected void implTest(TestHarness harness)
+ {
+ String[] protocols;
+ String[] suites;
+
+ SSLEngine fake = context.createSSLEngine();
+ protocols = fake.getSupportedProtocols();
+ suites = fake.getSupportedCipherSuites();
+
+ for (int i = 0; i < protocols.length; i++)
+ {
+ for (int j = 0; j < suites.length; j++)
+ {
+ // Only test PSK suites.
+ if (suites[j].indexOf("PSK") < 0)
+ continue;
+ setupEngines(harness);
+ clientEngine.setEnabledProtocols(new String[] { protocols[i] });
+ clientEngine.setEnabledCipherSuites(new String[] { suites[j] });
+ serverEngine.setEnabledCipherSuites(serverEngine.getSupportedCipherSuites());
+
+ harness.checkPoint("SSLEngine/" + protocols[i] + "/"
+ + suites[j]);
+ try
+ {
+ runHandshake();
+ harness.check(true);
+ }
+ catch (Exception x)
+ {
+ harness.check(false);
+ harness.debug(x);
+ }
+ }
+ }
+ }
+}
Index: gnu/testlet/javax/net/ssl/SSLContext/TestGetInstance.java
===================================================================
RCS file: gnu/testlet/javax/net/ssl/SSLContext/TestGetInstance.java
diff -N gnu/testlet/javax/net/ssl/SSLContext/TestGetInstance.java
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ gnu/testlet/javax/net/ssl/SSLContext/TestGetInstance.java 1 Jan 1970 00:00:00 -0000
@@ -0,0 +1,58 @@
+/* testGetInstance.java -- test if SSLContext.getInstance works.
+ Copyright (C) 2006 Casey Marshall <csm@gnu.org>
+
+This file is part of Mauve.
+
+Mauve is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+Mauve is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with Mauve; see the file COPYING. If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+*/
+
+// Tags: JDK1.5
+
+package gnu.testlet.javax.net.ssl.SSLContext;
+
+import gnu.testlet.TestHarness;
+import gnu.testlet.Testlet;
+
+import java.security.NoSuchAlgorithmException;
+
+import javax.net.ssl.SSLContext;
+
+/**
+ * @author Casey Marshall (csm@gnu.org)
+ */
+public class TestGetInstance implements Testlet
+{
+
+ /* (non-Javadoc)
+ * @see gnu.testlet.Testlet#test(gnu.testlet.TestHarness)
+ */
+ public void test(TestHarness harness)
+ {
+ SSLContext context = null;
+ harness.checkPoint("SSLContext.getInstance(\"SSL\")");
+ try
+ {
+ context = SSLContext.getInstance("SSL");
+ harness.check(context != null);
+ }
+ catch (NoSuchAlgorithmException nsae)
+ {
+ harness.fail("SSLContext.getInstance(\"SSL\")");
+ harness.debug(nsae);
+ }
+ }
+}
Index: gnu/testlet/javax/net/ssl/SSLEngine/SimplePSKKeyManager.java
===================================================================
RCS file: gnu/testlet/javax/net/ssl/SSLEngine/SimplePSKKeyManager.java
diff -N gnu/testlet/javax/net/ssl/SSLEngine/SimplePSKKeyManager.java
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ gnu/testlet/javax/net/ssl/SSLEngine/SimplePSKKeyManager.java 1 Jan 1970 00:00:00 -0000
@@ -0,0 +1,61 @@
+/* SimplePSKKeyManager.java -- simple PSK key manager for testing.
+ Copyright (C) 2006 Casey Marshall <csm@gnu.org>
+
+This file is part of Mauve.
+
+Mauve is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+Mauve is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with Mauve; see the file COPYING. If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+*/
+
+// Tags: not-a-test
+
+package gnu.testlet.javax.net.ssl.SSLEngine;
+
+import gnu.javax.net.ssl.PreSharedKeyManager;
+
+import java.security.KeyManagementException;
+
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+
+/**
+ * @author Casey Marshall (csm@gnu.org)
+ */
+public class SimplePSKKeyManager
+ implements PreSharedKeyManager
+{
+
+ /* (non-Javadoc)
+ * @see gnu.javax.net.ssl.PreSharedKeyManager#chooseIdentityHint()
+ */
+ public String chooseIdentityHint()
+ {
+ return "MAUVE";
+ }
+
+ /* (non-Javadoc)
+ * @see gnu.javax.net.ssl.PreSharedKeyManager#getKey(java.lang.String)
+ */
+ public SecretKey getKey(String arg0) throws KeyManagementException
+ {
+ if (arg0.equals("MAUVE"))
+ return KEY;
+ return null;
+ }
+
+ static final SecretKey KEY
+ = new SecretKeySpec("Mauve TLS PSK test key".getBytes(), "PSK");
+}
Index: gnu/testlet/javax/net/ssl/SSLEngine/SimpleX509TrustManager.java
===================================================================
RCS file: gnu/testlet/javax/net/ssl/SSLEngine/SimpleX509TrustManager.java
diff -N gnu/testlet/javax/net/ssl/SSLEngine/SimpleX509TrustManager.java
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ gnu/testlet/javax/net/ssl/SSLEngine/SimpleX509TrustManager.java 1 Jan 1970 00:00:00 -0000
@@ -0,0 +1,183 @@
+/* SimpleX509TrustManager.java -- trust manager for testing.
+ Copyright (C) 2006 Casey Marshall <csm@gnu.org>
+
+This file is part of Mauve.
+
+Mauve is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+Mauve is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with Mauve; see the file COPYING. If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+*/
+
+// Tags: not-a-test
+
+package gnu.testlet.javax.net.ssl.SSLEngine;
+
+import java.io.ByteArrayInputStream;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+
+import javax.net.ssl.X509TrustManager;
+
+/**
+ * @author Casey Marshall (csm@gnu.org)
+ */
+public class SimpleX509TrustManager
+ implements X509TrustManager
+{
+ static final String CA_CERT =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIEjDCCA3SgAwIBAgIJAMOUZM/pKkaNMA0GCSqGSIb3DQEBBQUAMIGKMREwDwYD\n" +
+ "VQQDEwhNYXV2ZSBDQTELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDU1hc3NhY2h1c2V0\n" +
+ "dHMxDzANBgNVBAcTBkJvc3RvbjEOMAwGA1UEChMFTWF1dmUxLzAtBgkqhkiG9w0B\n" +
+ "CQEWIG1hdXZlLWRpc2N1c3NAc291cmNlcy5yZWRoYXQuY29tMB4XDTA2MDcxNzAz\n" +
+ "MDg0OVoXDTExMDcxNjAzMDg0OVowgYoxETAPBgNVBAMTCE1hdXZlIENBMQswCQYD\n" +
+ "VQQGEwJVUzEWMBQGA1UECBMNTWFzc2FjaHVzZXR0czEPMA0GA1UEBxMGQm9zdG9u\n" +
+ "MQ4wDAYDVQQKEwVNYXV2ZTEvMC0GCSqGSIb3DQEJARYgbWF1dmUtZGlzY3Vzc0Bz\n" +
+ "b3VyY2VzLnJlZGhhdC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB\n" +
+ "AQC1sXjS8OAxk6DmfW0sbsOadgjQsKsydQ3xRinjA7dMPYyPaoY5huE7Ur4ClHka\n" +
+ "ThF7enGkQi5mIaGUD5noDoE0+2IcRqp/bIXFEvwgVFrCvG9GbG8mmoEEhdBSG0ol\n" +
+ "+VUwsCmwaTbzi4erCIq6907CvVUmqB3NMLKD6blghHUCWQT2BvbWev5CGktPvsp+\n" +
+ "9mDpI898Xdp+zqrVkd4vGyvFI51Fj6GdZhud6ctFBMsZApkTHTaLi3m+4LGvR4gP\n" +
+ "x+5ukOWQKe/MACIna6ARVxLSiYHiusdSOOvjIWW6cSC89Lmnlqp2IjDEqObLhNjF\n" +
+ "ilvfnJ2/q+WJvEDSyjvO0ywvAgMBAAGjgfIwge8wHQYDVR0OBBYEFP2xH8L1npmn\n" +
+ "dwjY7nndHfo+EILFMIG/BgNVHSMEgbcwgbSAFP2xH8L1npmndwjY7nndHfo+EILF\n" +
+ "oYGQpIGNMIGKMREwDwYDVQQDEwhNYXV2ZSBDQTELMAkGA1UEBhMCVVMxFjAUBgNV\n" +
+ "BAgTDU1hc3NhY2h1c2V0dHMxDzANBgNVBAcTBkJvc3RvbjEOMAwGA1UEChMFTWF1\n" +
+ "dmUxLzAtBgkqhkiG9w0BCQEWIG1hdXZlLWRpc2N1c3NAc291cmNlcy5yZWRoYXQu\n" +
+ "Y29tggkAw5Rkz+kqRo0wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEA\n" +
+ "cAQ0W4kd7mvT/yZvTxjZ9NSvXLGJvaxDoSnDgJ4OVBI+BxYyp7BfseBpywUY2vke\n" +
+ "nyMwjKsrDIgkEGwJGN7s2fTbw4L8f3/RThB26uF03UUZYKBQNKeeQjNAMI8rXBnO\n" +
+ "oZHARSSWbH9IdllFaaP1aB0bq6ystrwaVj2y689UY6X1/MY8gc8WaUP/C/7Lj8T6\n" +
+ "eJFSuZSvNaAdaAW/G9KQNPONVWHBty7OrFK/U56JcyKg0VSc0Edd9YxWqHdByuFr\n" +
+ "hM9SaKM3GMmOi3Avh59STCXqgdrKh4CE6ytGiutN1bMKrhx6xKZMZjWHzZ1Ab8Jd\n" +
+ "FypiU79sLqjQamv/fV5CBw==\n" +
+ "-----END CERTIFICATE-----\n";
+
+ static final String DSA_CERT =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIFRDCCBCygAwIBAgIBATANBgkqhkiG9w0BAQUFADCBijERMA8GA1UEAxMITWF1\n" +
+ "dmUgQ0ExCzAJBgNVBAYTAlVTMRYwFAYDVQQIEw1NYXNzYWNodXNldHRzMQ8wDQYD\n" +
+ "VQQHEwZCb3N0b24xDjAMBgNVBAoTBU1hdXZlMS8wLQYJKoZIhvcNAQkBFiBtYXV2\n" +
+ "ZS1kaXNjdXNzQHNvdXJjZXMucmVkaGF0LmNvbTAeFw0wNjA3MTcwMzEwNDdaFw0w\n" +
+ "NzA3MTcwMzEwNDdaMIGHMQswCQYDVQQGEwJVUzEWMBQGA1UECBMNTWFzc2FjaHVz\n" +
+ "ZXR0czEOMAwGA1UEChMFTWF1dmUxDjAMBgNVBAsTBU1hdXZlMQ8wDQYDVQQDEwZk\n" +
+ "c2FrZXkxLzAtBgkqhkiG9w0BCQEWIG1hdXZlLWRpc2N1c3NAc291cmNlcy5yZWRo\n" +
+ "YXQuY29tMIIBtjCCASsGByqGSM44BAEwggEeAoGBAN8IlBGWirqUwgO+vgb5gTQs\n" +
+ "mDVMf9Z11TYAOP5BKTmo1lbbACqb/5UCbdlMtaSGH5lCdtso6AB+fc8Q3wUBGo/o\n" +
+ "KhAvNkLnX3x/m0xMZtOcFwiip4P1hP0UxpJyU/Jb/S7/qXEEZeWg9jlphSUV2Hbh\n" +
+ "8F/G1MGNfgDhMYh3g13ZAhUAn/FrrGLODw3HfRbebPMACt6mHHsCgYASlGmE1jNk\n" +
+ "gefmyHqo3A/Siv6myEI2cEjgZdn/nFEQY1gpjPLSBceOPH5FaeSG4TLUjt2q6Ih1\n" +
+ "/eX2tx4tdZYMjxBUGslOupYAgjPeiqIEHKHpilW5DIxDvywV4EDfTn8WfbGYVJ5q\n" +
+ "TriuQbQVdtlXkfZ3k3fPSci2hJii4gADjgOBhAACgYATRBEs6kCrp+8MsPhTkb8P\n" +
+ "dT8FhIVN6txvwWfBFnMzbWrn32MDdxPL5pNT3wYcwqJ5jNxFZdexpuid6JYYx6KU\n" +
+ "tO/UOkDvu1XIMaJF0Auy+m+NMF5FQD9uF5d0p6CQvq0sgwrz30ss7etBdFEltOsp\n" +
+ "LNDAVdMuxO54oerzZ6Z6vKOCASAwggEcMAkGA1UdEwQCMAAwHQYDVR0OBBYEFJFR\n" +
+ "LmRjeyJPwYtRnzLiXMpf0MUAMIG/BgNVHSMEgbcwgbSAFP2xH8L1npmndwjY7nnd\n" +
+ "Hfo+EILFoYGQpIGNMIGKMREwDwYDVQQDEwhNYXV2ZSBDQTELMAkGA1UEBhMCVVMx\n" +
+ "FjAUBgNVBAgTDU1hc3NhY2h1c2V0dHMxDzANBgNVBAcTBkJvc3RvbjEOMAwGA1UE\n" +
+ "ChMFTWF1dmUxLzAtBgkqhkiG9w0BCQEWIG1hdXZlLWRpc2N1c3NAc291cmNlcy5y\n" +
+ "ZWRoYXQuY29tggkAw5Rkz+kqRo0wLgYJYIZIAYb4QgEEBCEWH2h0dHBzOi8vd3d3\n" +
+ "LnNpYWwub3JnL2NhLWNybC5wZW0wDQYJKoZIhvcNAQEFBQADggEBABeqOYKPgeS2\n" +
+ "y+z3IQwoYABlqahQAur+HOoXrZqs/XJ8YgyOWJtLkdHFyTYEo48yVZNp9zW11DMx\n" +
+ "mB5ChsGTR4YBG8DvQ3ua+aZo3Sdcum7IChgUfhLTfklSV8el13rjj8DyIBv2WQrn\n" +
+ "KCofgObOrDoXUaNEBGMGVC5znCoFbmdE8SsTXMtjRC+sNhRvDFpKiXzNFJOwR7v7\n" +
+ "zrVC6uyaXxfQMbcSdq0Ma9yVzHCc7rZfCQOoeieX6reAxp+iC7q/I+bTC5bi0GdH\n" +
+ "wPSpQ+DnpimjvrSU2ESYORxZBrdxzQHCXaoJCtCF26w5P9KkpTCavo+ERgTaiVA6\n" +
+ "5Wcv1NVwcM0=\n" +
+ "-----END CERTIFICATE-----\n";
+
+ static final String RSA_CERT =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIELDCCAxSgAwIBAgIBAjANBgkqhkiG9w0BAQUFADCBijERMA8GA1UEAxMITWF1\n" +
+ "dmUgQ0ExCzAJBgNVBAYTAlVTMRYwFAYDVQQIEw1NYXNzYWNodXNldHRzMQ8wDQYD\n" +
+ "VQQHEwZCb3N0b24xDjAMBgNVBAoTBU1hdXZlMS8wLQYJKoZIhvcNAQkBFiBtYXV2\n" +
+ "ZS1kaXNjdXNzQHNvdXJjZXMucmVkaGF0LmNvbTAeFw0wNjA3MTcwMzEwNDhaFw0w\n" +
+ "NzA3MTcwMzEwNDhaMIGHMQswCQYDVQQGEwJVUzEWMBQGA1UECBMNTWFzc2FjaHVz\n" +
+ "ZXR0czEOMAwGA1UEChMFTWF1dmUxDjAMBgNVBAsTBU1hdXZlMQ8wDQYDVQQDEwZy\n" +
+ "c2FrZXkxLzAtBgkqhkiG9w0BCQEWIG1hdXZlLWRpc2N1c3NAc291cmNlcy5yZWRo\n" +
+ "YXQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC5YWr2T8IuEiHxGzT3\n" +
+ "MZjEnV4sEpjiaDBo3+tJzQjn0ObAedylwISssX3J/XwsE/ePIIOmgeuvWeL/Q9bM\n" +
+ "Y/FVtCoeLZAnKMa17duerFvOft/eErt5Ed4TBaR08HTgyVToIW1CKh5JGBB7n76P\n" +
+ "A7FMu4aL8WHak+jiyg7bLLwMAQIDAQABo4IBIDCCARwwCQYDVR0TBAIwADAdBgNV\n" +
+ "HQ4EFgQU9Wreo4FMtz6QD0GYU3ZpYrRoB3Awgb8GA1UdIwSBtzCBtIAU/bEfwvWe\n" +
+ "mad3CNjued0d+j4QgsWhgZCkgY0wgYoxETAPBgNVBAMTCE1hdXZlIENBMQswCQYD\n" +
+ "VQQGEwJVUzEWMBQGA1UECBMNTWFzc2FjaHVzZXR0czEPMA0GA1UEBxMGQm9zdG9u\n" +
+ "MQ4wDAYDVQQKEwVNYXV2ZTEvMC0GCSqGSIb3DQEJARYgbWF1dmUtZGlzY3Vzc0Bz\n" +
+ "b3VyY2VzLnJlZGhhdC5jb22CCQDDlGTP6SpGjTAuBglghkgBhvhCAQQEIRYfaHR0\n" +
+ "cHM6Ly93d3cuc2lhbC5vcmcvY2EtY3JsLnBlbTANBgkqhkiG9w0BAQUFAAOCAQEA\n" +
+ "DDBAL1KQl+KZSLpN7vHOUETz8ypin+BK5DKlvHS1vhjutSYoDdZBVYauXL2BaTN8\n" +
+ "WXKdf8B5ucJOtDvSs4flvKT9YHw7Jg6JgxO0efScBsqCbB6JDZv0fpagSqZUpFTj\n" +
+ "MKRpWOHaqTynUCou6vdAcEtAGMV9GupwZe26qEJbvYF0gj77bfoPelQB6B7H3xEZ\n" +
+ "3zUC57ViXghvCTMPtOC/FoI2NcT1FMm/ffpsKbW5q4/daWt0sicpOho97mUip5MS\n" +
+ "F3VXSY3POgoHXT+5oFyuvgAh6az7GmdM3/0CpL99dGNzyHv2s5LEsd1Hcl7SKoUJ\n" +
+ "cTxGbnNzFAM+bKAoKK64IQ==\n" +
+ "-----END CERTIFICATE-----\n";
+
+ static final X509Certificate CA;
+ static final X509Certificate DSA;
+ static final X509Certificate RSA;
+
+ static
+ {
+ X509Certificate ca = null;
+ X509Certificate dsa = null;
+ X509Certificate rsa = null;
+ try
+ {
+ CertificateFactory cf = CertificateFactory.getInstance("X509");
+ ca = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(CA_CERT.getBytes()));
+ dsa = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(DSA_CERT.getBytes()));
+ rsa = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(RSA_CERT.getBytes()));
+ }
+ catch (Exception x)
+ {
+ x.printStackTrace();
+ }
+ CA = ca;
+ DSA = dsa;
+ RSA = rsa;
+ }
+
+ /* (non-Javadoc)
+ * @see javax.net.ssl.X509TrustManager#checkClientTrusted(java.security.cert.X509Certificate[], java.lang.String)
+ */
+ public void checkClientTrusted(X509Certificate[] arg0, String arg1)
+ throws CertificateException
+ {
+ if (DSA.equals(arg0[0]) || RSA.equals(arg0[0]))
+ return;
+ throw new CertificateException();
+ }
+
+ /* (non-Javadoc)
+ * @see javax.net.ssl.X509TrustManager#checkServerTrusted(java.security.cert.X509Certificate[], java.lang.String)
+ */
+ public void checkServerTrusted(X509Certificate[] arg0, String arg1)
+ throws CertificateException
+ {
+ if (DSA.equals(arg0[0]) || RSA.equals(arg0[0]))
+ return;
+ throw new CertificateException();
+ }
+
+ /* (non-Javadoc)
+ * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers()
+ */
+ public X509Certificate[] getAcceptedIssuers()
+ {
+ return new X509Certificate[] { CA };
+ }
+}
Index: gnu/testlet/javax/net/ssl/SSLEngine/AbstractEngineTest.java
===================================================================
RCS file: gnu/testlet/javax/net/ssl/SSLEngine/AbstractEngineTest.java
diff -N gnu/testlet/javax/net/ssl/SSLEngine/AbstractEngineTest.java
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ gnu/testlet/javax/net/ssl/SSLEngine/AbstractEngineTest.java 1 Jan 1970 00:00:00 -0000
@@ -0,0 +1,233 @@
+/* AbstractEngineTest.java -- base SSLEngine test.
+ Copyright (C) 2006 Casey Marshall <csm@gnu.org>
+
+This file is part of Mauve.
+
+Mauve is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+Mauve is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with Mauve; see the file COPYING. If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+*/
+
+// Tags: not-a-test
+
+package gnu.testlet.javax.net.ssl.SSLEngine;
+
+import gnu.testlet.TestHarness;
+import gnu.testlet.Testlet;
+
+import java.nio.ByteBuffer;
+import java.nio.CharBuffer;
+import java.nio.charset.Charset;
+import java.nio.charset.CharsetEncoder;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+
+import javax.net.ssl.KeyManager;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLEngine;
+import javax.net.ssl.SSLEngineResult;
+import javax.net.ssl.SSLException;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.SSLEngineResult.HandshakeStatus;
+import javax.net.ssl.SSLEngineResult.Status;
+
+/**
+ * @author Casey Marshall (csm@gnu.org)
+ */
+public abstract class AbstractEngineTest
+ implements Testlet
+{
+ protected static final String TEST_MESSAGE = "Hello, world!";
+ protected SSLContext context;
+ protected SSLEngine clientEngine;
+ protected SSLEngine serverEngine;
+
+ /* (non-Javadoc)
+ * @see gnu.testlet.Testlet#test(gnu.testlet.TestHarness)
+ */
+ public final void test(TestHarness harness)
+ {
+ if (setup(harness))
+ implTest(harness);
+ }
+
+ protected boolean setup(TestHarness harness)
+ {
+ try
+ {
+ harness.checkPoint("SSLContext.getInstance");
+ context = SSLContext.getInstance("SSL");
+ context.init(new KeyManager[] { new SimpleX509KeyManager() },
+ new TrustManager[] { new SimpleX509TrustManager() },
+ SecureRandom.getInstance("Fortuna"));
+ }
+ catch (Exception e)
+ {
+ harness.fail("SSLContext.getInstance");
+ harness.debug(e);
+ return false;
+ }
+ return true;
+ }
+
+ protected boolean setupEngines(TestHarness harness)
+ {
+ serverEngine = context.createSSLEngine();
+ clientEngine = context.createSSLEngine();
+ harness.check(serverEngine != null);
+ harness.check(clientEngine != null);
+
+ serverEngine.setUseClientMode(false);
+ clientEngine.setUseClientMode(true);
+ return true;
+ }
+
+ protected abstract void implTest(TestHarness harness);
+
+ protected void runHandshake() throws SSLException
+ {
+ ByteBuffer empty = ByteBuffer.allocate(0);
+ ByteBuffer cnetBuffer = ByteBuffer.allocate(clientEngine.getSession().getPacketBufferSize());
+ ByteBuffer snetBuffer = ByteBuffer.allocate(serverEngine.getSession().getPacketBufferSize());
+
+ clientEngine.beginHandshake();
+ serverEngine.beginHandshake();
+
+ SSLEngineResult result = null;
+ SSLEngineResult.HandshakeStatus srv = serverEngine.getHandshakeStatus();
+ SSLEngineResult.HandshakeStatus cli = clientEngine.getHandshakeStatus();
+
+ while (srv != HandshakeStatus.NOT_HANDSHAKING
+ && cli != HandshakeStatus.NOT_HANDSHAKING)
+ {
+ if (cli == HandshakeStatus.NEED_WRAP)
+ {
+ if (srv != HandshakeStatus.NEED_UNWRAP)
+ {
+ throw new SSLException("invalid server handshake state: " + srv);
+ }
+
+ result = clientEngine.wrap(empty, cnetBuffer);
+ if (result.getStatus() != Status.OK)
+ throw new SSLException("unexpected status after wrap: "
+ + result.getStatus());
+ cli = result.getHandshakeStatus();
+ cnetBuffer.flip();
+ result = serverEngine.unwrap(cnetBuffer, empty);
+ cnetBuffer.compact();
+ if (result.getStatus() != Status.OK)
+ throw new SSLException("unexpected status after unwrap: "
+ + result.getStatus());
+ srv = result.getHandshakeStatus();
+
+ if (cli == HandshakeStatus.NEED_TASK)
+ {
+ Runnable task = null;
+ while ((task = clientEngine.getDelegatedTask()) != null)
+ task.run();
+ cli = clientEngine.getHandshakeStatus();
+ }
+
+ if (srv == HandshakeStatus.NEED_TASK)
+ {
+ Runnable task = null;
+ while ((task = serverEngine.getDelegatedTask()) != null)
+ task.run();
+ srv = serverEngine.getHandshakeStatus();
+ }
+ }
+ else if (cli == HandshakeStatus.NEED_UNWRAP)
+ {
+ if (srv != HandshakeStatus.NEED_WRAP)
+ {
+ throw new SSLException("invalid server handshake state: " + srv);
+ }
+
+ result = serverEngine.wrap(empty, snetBuffer);
+ if (result.getStatus() != Status.OK)
+ throw new SSLException("unexpected status after wrap: "
+ + result.getStatus());
+ srv = result.getHandshakeStatus();
+ snetBuffer.flip();
+ result = clientEngine.unwrap(snetBuffer, empty);
+ snetBuffer.compact();
+ if (result.getStatus() != Status.OK)
+ throw new SSLException("unexpected status after unwrap: "
+ + result.getStatus());
+ cli = result.getHandshakeStatus();
+
+ if (cli == HandshakeStatus.NEED_TASK)
+ {
+ Runnable task = null;
+ while ((task = clientEngine.getDelegatedTask()) != null)
+ task.run();
+ cli = clientEngine.getHandshakeStatus();
+ }
+
+ if (srv == HandshakeStatus.NEED_TASK)
+ {
+ Runnable task = null;
+ while ((task = serverEngine.getDelegatedTask()) != null)
+ task.run();
+ srv = serverEngine.getHandshakeStatus();
+ }
+ }
+ else if (cli == HandshakeStatus.NEED_TASK)
+ {
+ throw new SSLException("invalid initial state: " + cli);
+ }
+ else if (cli == HandshakeStatus.FINISHED)
+ {
+ if (srv != HandshakeStatus.FINISHED)
+ throw new SSLException("invalid final server state: " + srv);
+ break;
+ }
+ }
+
+ ByteBuffer appBuffer = ByteBuffer.allocate(serverEngine.getSession().getApplicationBufferSize());
+ Charset cs = Charset.forName("US-ASCII");
+ CharsetEncoder enc = cs.newEncoder();
+ enc.encode(CharBuffer.wrap(TEST_MESSAGE), appBuffer, true);
+ appBuffer.flip();
+ result = clientEngine.wrap(appBuffer, cnetBuffer);
+ if (result.getStatus() != Status.OK)
+ throw new SSLException("unexpected status: " + result.getStatus());
+ cnetBuffer.flip();
+ appBuffer.clear();
+ result = serverEngine.unwrap(cnetBuffer, appBuffer);
+ if (result.getStatus() != Status.OK)
+ throw new SSLException("unexpected status: " + result.getStatus());
+ appBuffer.flip();
+ String msg = cs.decode(appBuffer).toString();
+ if (!msg.equals(TEST_MESSAGE))
+ throw new SSLException("message decode failed");
+
+ appBuffer.clear();
+ enc.encode(CharBuffer.wrap(msg), appBuffer, true);
+ appBuffer.flip();
+ result = serverEngine.wrap(appBuffer, snetBuffer);
+ if (result.getStatus() != Status.OK)
+ throw new SSLException("unexpected status: " + result.getStatus());
+ snetBuffer.flip();
+ appBuffer.clear();
+ result = clientEngine.unwrap(snetBuffer, appBuffer);
+ if (result.getStatus() != Status.OK)
+ throw new SSLException("unexpected status: " + result.getStatus());
+ appBuffer.flip();
+ msg = cs.decode(appBuffer).toString();
+ if (!msg.equals(TEST_MESSAGE))
+ throw new SSLException("message decode (2) failed");
+ }
+}
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 478 bytes --]
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2006-07-30 22:34 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2006-07-30 22:34 FYI: new JSSE tests Casey Marshall
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).