Example 91 with SSLSocket
use of javax.net.ssl.SSLSocket in project robovm by robovm.
the class SSLSocketTest method test_SSLSocket_clientAuth.
public void test_SSLSocket_clientAuth() throws Exception {
TestSSLContext c = TestSSLContext.create(TestKeyStore.getClientCertificate(), TestKeyStore.getServer());
SSLSocket client = (SSLSocket) c.clientContext.getSocketFactory().createSocket(c.host, c.port);
final SSLSocket server = (SSLSocket) c.serverSocket.accept();
ExecutorService executor = Executors.newSingleThreadExecutor();
Future<Void> future = executor.submit(new Callable<Void>() {
@Override
public Void call() throws Exception {
assertFalse(server.getWantClientAuth());
assertFalse(server.getNeedClientAuth());
// confirm turning one on by itself
server.setWantClientAuth(true);
assertTrue(server.getWantClientAuth());
assertFalse(server.getNeedClientAuth());
// confirm turning setting on toggles the other
server.setNeedClientAuth(true);
assertFalse(server.getWantClientAuth());
assertTrue(server.getNeedClientAuth());
// confirm toggling back
server.setWantClientAuth(true);
assertTrue(server.getWantClientAuth());
assertFalse(server.getNeedClientAuth());
server.startHandshake();
return null;
}
});
executor.shutdown();
client.startHandshake();
assertNotNull(client.getSession().getLocalCertificates());
TestKeyStore.assertChainLength(client.getSession().getLocalCertificates());
TestSSLContext.assertClientCertificateChain(c.clientTrustManager, client.getSession().getLocalCertificates());
future.get();
client.close();
server.close();
c.close();
}
Also used :
SSLSocket(javax.net.ssl.SSLSocket)
ExecutorService(java.util.concurrent.ExecutorService)
SocketException(java.net.SocketException)
SocketTimeoutException(java.net.SocketTimeoutException)
SSLProtocolException(javax.net.ssl.SSLProtocolException)
SSLHandshakeException(javax.net.ssl.SSLHandshakeException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
SSLException(javax.net.ssl.SSLException)
SSLPeerUnverifiedException(javax.net.ssl.SSLPeerUnverifiedException)
Example 92 with SSLSocket
use of javax.net.ssl.SSLSocket in project robovm by robovm.
the class SSLSocketTest method test_SSLSocket_setEnableSessionCreation_client.
public void test_SSLSocket_setEnableSessionCreation_client() throws Exception {
TestSSLContext c = TestSSLContext.create();
SSLSocket client = (SSLSocket) c.clientContext.getSocketFactory().createSocket(c.host, c.port);
final SSLSocket server = (SSLSocket) c.serverSocket.accept();
ExecutorService executor = Executors.newSingleThreadExecutor();
Future<Void> future = executor.submit(new Callable<Void>() {
@Override
public Void call() throws Exception {
try {
server.startHandshake();
fail();
} catch (SSLException expected) {
}
return null;
}
});
executor.shutdown();
client.setEnableSessionCreation(false);
try {
client.startHandshake();
fail();
} catch (SSLException expected) {
}
future.get();
client.close();
server.close();
c.close();
}
Also used :
SSLSocket(javax.net.ssl.SSLSocket)
ExecutorService(java.util.concurrent.ExecutorService)
SSLException(javax.net.ssl.SSLException)
SocketException(java.net.SocketException)
SocketTimeoutException(java.net.SocketTimeoutException)
SSLProtocolException(javax.net.ssl.SSLProtocolException)
SSLHandshakeException(javax.net.ssl.SSLHandshakeException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
SSLException(javax.net.ssl.SSLException)
SSLPeerUnverifiedException(javax.net.ssl.SSLPeerUnverifiedException)
Example 93 with SSLSocket
use of javax.net.ssl.SSLSocket in project robovm by robovm.
the class SSLSessionContextTest method test_SSLSessionContext_setSessionCacheSize_dynamic.
public void test_SSLSessionContext_setSessionCacheSize_dynamic() throws Exception {
TestSSLContext c = TestSSLContext.create();
SSLSessionContext client = c.clientContext.getClientSessionContext();
SSLSessionContext server = c.serverContext.getServerSessionContext();
String[] supportedCipherSuites = c.serverSocket.getSupportedCipherSuites();
c.serverSocket.setEnabledCipherSuites(supportedCipherSuites);
LinkedList<String> uniqueCipherSuites = new LinkedList(Arrays.asList(supportedCipherSuites));
// only use RSA cipher suites which will work with our TrustProvider
Iterator<String> i = uniqueCipherSuites.iterator();
while (i.hasNext()) {
String cipherSuite = i.next();
// Certificate key length too long for export ciphers
if (cipherSuite.startsWith("SSL_RSA_EXPORT_")) {
i.remove();
continue;
}
if (cipherSuite.startsWith("SSL_RSA_")) {
continue;
}
if (cipherSuite.startsWith("TLS_RSA_")) {
continue;
}
if (cipherSuite.startsWith("TLS_DHE_RSA_")) {
continue;
}
if (cipherSuite.startsWith("SSL_DHE_RSA_")) {
continue;
}
i.remove();
}
/*
* having more than 3 uniqueCipherSuites is a test
* requirement, not a requirement of the interface or
* implementation. It simply allows us to make sure that we
* will not get a cached session ID since we'll have to
* renegotiate a new session due to the new cipher suite
* requirement. even this test only really needs three if it
* reused the unique cipher suites every time it resets the
* session cache.
*/
assertTrue(uniqueCipherSuites.size() >= 3);
String cipherSuite1 = uniqueCipherSuites.get(0);
String cipherSuite2 = uniqueCipherSuites.get(1);
String cipherSuite3 = uniqueCipherSuites.get(2);
List<SSLSocket[]> toClose = new ArrayList<SSLSocket[]>();
toClose.add(TestSSLSocketPair.connect(c, new String[] { cipherSuite1 }, null));
assertSSLSessionContextSize(1, c);
toClose.add(TestSSLSocketPair.connect(c, new String[] { cipherSuite2 }, null));
assertSSLSessionContextSize(2, c);
toClose.add(TestSSLSocketPair.connect(c, new String[] { cipherSuite3 }, null));
assertSSLSessionContextSize(3, c);
client.setSessionCacheSize(1);
server.setSessionCacheSize(1);
assertEquals(1, client.getSessionCacheSize());
assertEquals(1, server.getSessionCacheSize());
assertSSLSessionContextSize(1, c);
toClose.add(TestSSLSocketPair.connect(c, new String[] { cipherSuite1 }, null));
assertSSLSessionContextSize(1, c);
client.setSessionCacheSize(2);
server.setSessionCacheSize(2);
toClose.add(TestSSLSocketPair.connect(c, new String[] { cipherSuite2 }, null));
assertSSLSessionContextSize(2, c);
toClose.add(TestSSLSocketPair.connect(c, new String[] { cipherSuite3 }, null));
assertSSLSessionContextSize(2, c);
for (SSLSocket[] pair : toClose) {
for (SSLSocket s : pair) {
s.close();
}
}
c.close();
}
Also used :
SSLSessionContext(javax.net.ssl.SSLSessionContext)
SSLSocket(javax.net.ssl.SSLSocket)
ArrayList(java.util.ArrayList)
LinkedList(java.util.LinkedList)
Example 94 with SSLSocket
use of javax.net.ssl.SSLSocket in project robovm by robovm.
the class SSLSocketTest method test_SSLSocket_TrustManagerRuntimeException.
public void test_SSLSocket_TrustManagerRuntimeException() throws Exception {
TestSSLContext c = TestSSLContext.create();
SSLContext clientContext = SSLContext.getInstance("TLS");
X509TrustManager trustManager = new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
throw new AssertionError();
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
// throw a RuntimeException from custom TrustManager
throw new RuntimeException();
}
@Override
public X509Certificate[] getAcceptedIssuers() {
throw new AssertionError();
}
};
clientContext.init(null, new TrustManager[] { trustManager }, null);
SSLSocket client = (SSLSocket) clientContext.getSocketFactory().createSocket(c.host, c.port);
final SSLSocket server = (SSLSocket) c.serverSocket.accept();
ExecutorService executor = Executors.newSingleThreadExecutor();
Future<Void> future = executor.submit(new Callable<Void>() {
@Override
public Void call() throws Exception {
server.startHandshake();
return null;
}
});
executor.shutdown();
try {
client.startHandshake();
fail();
} catch (SSLHandshakeException expected) {
// before we would get a RuntimeException from checkServerTrusted.
}
future.get();
client.close();
server.close();
c.close();
}
Also used :
SSLSocket(javax.net.ssl.SSLSocket)
SSLContext(javax.net.ssl.SSLContext)
X509Certificate(java.security.cert.X509Certificate)
SocketException(java.net.SocketException)
SocketTimeoutException(java.net.SocketTimeoutException)
SSLProtocolException(javax.net.ssl.SSLProtocolException)
SSLHandshakeException(javax.net.ssl.SSLHandshakeException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
SSLException(javax.net.ssl.SSLException)
SSLPeerUnverifiedException(javax.net.ssl.SSLPeerUnverifiedException)
SSLHandshakeException(javax.net.ssl.SSLHandshakeException)
X509TrustManager(javax.net.ssl.X509TrustManager)
ExecutorService(java.util.concurrent.ExecutorService)
Example 95 with SSLSocket
use of javax.net.ssl.SSLSocket in project robovm by robovm.
the class SSLSocketTest method test_SSLSocket_confirmSessionReuse.
public void test_SSLSocket_confirmSessionReuse() throws Exception {
final TestSSLContext c = TestSSLContext.create();
final ExecutorService executor = Executors.newSingleThreadExecutor();
final SSLSocket client1 = (SSLSocket) c.clientContext.getSocketFactory().createSocket(c.host, c.port);
final SSLSocket server1 = (SSLSocket) c.serverSocket.accept();
final Future<byte[]> future1 = executor.submit(new SSLServerSessionIdCallable(server1));
client1.startHandshake();
assertNotNull(client1.getSession());
assertNotNull(client1.getSession().getId());
final byte[] clientSessionId1 = client1.getSession().getId();
final byte[] serverSessionId1 = future1.get();
assertTrue(Arrays.equals(clientSessionId1, serverSessionId1));
client1.close();
server1.close();
final SSLSocket client2 = (SSLSocket) c.clientContext.getSocketFactory().createSocket(c.host, c.port);
final SSLSocket server2 = (SSLSocket) c.serverSocket.accept();
final Future<byte[]> future2 = executor.submit(new SSLServerSessionIdCallable(server2));
client2.startHandshake();
assertNotNull(client2.getSession());
assertNotNull(client2.getSession().getId());
final byte[] clientSessionId2 = client2.getSession().getId();
final byte[] serverSessionId2 = future2.get();
assertTrue(Arrays.equals(clientSessionId2, serverSessionId2));
client2.close();
server2.close();
assertTrue(Arrays.equals(clientSessionId1, clientSessionId2));
executor.shutdown();
c.close();
}
Also used :
SSLSocket(javax.net.ssl.SSLSocket)
ExecutorService(java.util.concurrent.ExecutorService)
Aggregations
SSLSocket (javax.net.ssl.SSLSocket)326
IOException (java.io.IOException)101
Test (org.junit.Test)62
SSLContext (javax.net.ssl.SSLContext)59
SSLSocketFactory (javax.net.ssl.SSLSocketFactory)59
Socket (java.net.Socket)57
OutputStream (java.io.OutputStream)50
InetSocketAddress (java.net.InetSocketAddress)39
CertificateException (java.security.cert.CertificateException)33
SSLException (javax.net.ssl.SSLException)32
SSLSession (javax.net.ssl.SSLSession)31
InputStream (java.io.InputStream)30
SSLPeerUnverifiedException (javax.net.ssl.SSLPeerUnverifiedException)30
SSLServerSocket (javax.net.ssl.SSLServerSocket)27
SocketTimeoutException (java.net.SocketTimeoutException)24
SocketException (java.net.SocketException)23
ServerSocket (java.net.ServerSocket)22
UnknownHostException (java.net.UnknownHostException)21
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)21
InputStreamReader (java.io.InputStreamReader)19
