SSLEngineTest should not depend on OpenSsl* class.
Motivation:
6152990073 introduced a test-case in SSLEngineTest which used OpenSsl.* which should not be done as this is am abstract bass class that is also used for non OpenSsl tests.
Modifications:
Move the protocol definations into SslUtils.
Result:
Cleaner code.
This commit is contained in:
Norman Maurer
parent
0ad99310f5
commit
64a3e6c69c
@ -42,6 +42,12 @@ import java.util.Set;
|
||||
import static io.netty.handler.ssl.SslUtils.DEFAULT_CIPHER_SUITES;
|
||||
import static io.netty.handler.ssl.SslUtils.addIfSupported;
|
||||
import static io.netty.handler.ssl.SslUtils.useFallbackCiphersIfDefaultIsEmpty;
|
||||
import static io.netty.handler.ssl.SslUtils.PROTOCOL_SSL_V2;
|
||||
import static io.netty.handler.ssl.SslUtils.PROTOCOL_SSL_V2_HELLO;
|
||||
import static io.netty.handler.ssl.SslUtils.PROTOCOL_SSL_V3;
|
||||
import static io.netty.handler.ssl.SslUtils.PROTOCOL_TLS_V1;
|
||||
import static io.netty.handler.ssl.SslUtils.PROTOCOL_TLS_V1_1;
|
||||
import static io.netty.handler.ssl.SslUtils.PROTOCOL_TLS_V1_2;
|
||||
|
||||
/**
|
||||
* Tells if <a href="http://netty.io/wiki/forked-tomcat-native.html">{@code netty-tcnative}</a> and its OpenSSL support
|
||||
@ -63,14 +69,6 @@ public final class OpenSsl {
|
||||
private static final boolean USE_KEYMANAGER_FACTORY;
|
||||
private static final boolean SUPPORTS_OCSP;
|
||||
|
||||
// Protocols
|
||||
static final String PROTOCOL_SSL_V2_HELLO = "SSLv2Hello";
|
||||
static final String PROTOCOL_SSL_V2 = "SSLv2";
|
||||
static final String PROTOCOL_SSL_V3 = "SSLv3";
|
||||
static final String PROTOCOL_TLS_V1 = "TLSv1";
|
||||
static final String PROTOCOL_TLS_V1_1 = "TLSv1.1";
|
||||
static final String PROTOCOL_TLS_V1_2 = "TLSv1.2";
|
||||
|
||||
static final Set<String> SUPPORTED_PROTOCOLS_SET;
|
||||
|
||||
static {
|
||||
|
||||
@ -61,6 +61,12 @@ import static io.netty.handler.ssl.OpenSsl.memoryAddress;
|
||||
import static io.netty.util.internal.EmptyArrays.EMPTY_CERTIFICATES;
|
||||
import static io.netty.util.internal.EmptyArrays.EMPTY_JAVAX_X509_CERTIFICATES;
|
||||
import static io.netty.util.internal.ObjectUtil.checkNotNull;
|
||||
import static io.netty.handler.ssl.SslUtils.PROTOCOL_SSL_V2;
|
||||
import static io.netty.handler.ssl.SslUtils.PROTOCOL_SSL_V2_HELLO;
|
||||
import static io.netty.handler.ssl.SslUtils.PROTOCOL_SSL_V3;
|
||||
import static io.netty.handler.ssl.SslUtils.PROTOCOL_TLS_V1;
|
||||
import static io.netty.handler.ssl.SslUtils.PROTOCOL_TLS_V1_1;
|
||||
import static io.netty.handler.ssl.SslUtils.PROTOCOL_TLS_V1_2;
|
||||
import static java.lang.Integer.MAX_VALUE;
|
||||
import static java.lang.Math.min;
|
||||
import static javax.net.ssl.SSLEngineResult.HandshakeStatus.FINISHED;
|
||||
@ -1341,7 +1347,7 @@ public class ReferenceCountedOpenSslEngine extends SSLEngine implements Referenc
|
||||
public final String[] getEnabledProtocols() {
|
||||
List<String> enabled = new ArrayList<String>(6);
|
||||
// Seems like there is no way to explicit disable SSLv2Hello in openssl so it is always enabled
|
||||
enabled.add(OpenSsl.PROTOCOL_SSL_V2_HELLO);
|
||||
enabled.add(PROTOCOL_SSL_V2_HELLO);
|
||||
|
||||
int opts;
|
||||
synchronized (this) {
|
||||
@ -1351,20 +1357,20 @@ public class ReferenceCountedOpenSslEngine extends SSLEngine implements Referenc
|
||||
return enabled.toArray(new String[1]);
|
||||
}
|
||||
}
|
||||
if (isProtocolEnabled(opts, SSL.SSL_OP_NO_TLSv1, OpenSsl.PROTOCOL_TLS_V1)) {
|
||||
enabled.add(OpenSsl.PROTOCOL_TLS_V1);
|
||||
if (isProtocolEnabled(opts, SSL.SSL_OP_NO_TLSv1, PROTOCOL_TLS_V1)) {
|
||||
enabled.add(PROTOCOL_TLS_V1);
|
||||
}
|
||||
if (isProtocolEnabled(opts, SSL.SSL_OP_NO_TLSv1_1, OpenSsl.PROTOCOL_TLS_V1_1)) {
|
||||
enabled.add(OpenSsl.PROTOCOL_TLS_V1_1);
|
||||
if (isProtocolEnabled(opts, SSL.SSL_OP_NO_TLSv1_1, PROTOCOL_TLS_V1_1)) {
|
||||
enabled.add(PROTOCOL_TLS_V1_1);
|
||||
}
|
||||
if (isProtocolEnabled(opts, SSL.SSL_OP_NO_TLSv1_2, OpenSsl.PROTOCOL_TLS_V1_2)) {
|
||||
enabled.add(OpenSsl.PROTOCOL_TLS_V1_2);
|
||||
if (isProtocolEnabled(opts, SSL.SSL_OP_NO_TLSv1_2, PROTOCOL_TLS_V1_2)) {
|
||||
enabled.add(PROTOCOL_TLS_V1_2);
|
||||
}
|
||||
if (isProtocolEnabled(opts, SSL.SSL_OP_NO_SSLv2, OpenSsl.PROTOCOL_SSL_V2)) {
|
||||
enabled.add(OpenSsl.PROTOCOL_SSL_V2);
|
||||
if (isProtocolEnabled(opts, SSL.SSL_OP_NO_SSLv2, PROTOCOL_SSL_V2)) {
|
||||
enabled.add(PROTOCOL_SSL_V2);
|
||||
}
|
||||
if (isProtocolEnabled(opts, SSL.SSL_OP_NO_SSLv3, OpenSsl.PROTOCOL_SSL_V3)) {
|
||||
enabled.add(OpenSsl.PROTOCOL_SSL_V3);
|
||||
if (isProtocolEnabled(opts, SSL.SSL_OP_NO_SSLv3, PROTOCOL_SSL_V3)) {
|
||||
enabled.add(PROTOCOL_SSL_V3);
|
||||
}
|
||||
return enabled.toArray(new String[enabled.size()]);
|
||||
}
|
||||
@ -1396,35 +1402,35 @@ public class ReferenceCountedOpenSslEngine extends SSLEngine implements Referenc
|
||||
if (!OpenSsl.SUPPORTED_PROTOCOLS_SET.contains(p)) {
|
||||
throw new IllegalArgumentException("Protocol " + p + " is not supported.");
|
||||
}
|
||||
if (p.equals(OpenSsl.PROTOCOL_SSL_V2)) {
|
||||
if (p.equals(PROTOCOL_SSL_V2)) {
|
||||
if (minProtocolIndex > OPENSSL_OP_NO_PROTOCOL_INDEX_SSLV2) {
|
||||
minProtocolIndex = OPENSSL_OP_NO_PROTOCOL_INDEX_SSLV2;
|
||||
}
|
||||
if (maxProtocolIndex < OPENSSL_OP_NO_PROTOCOL_INDEX_SSLV2) {
|
||||
maxProtocolIndex = OPENSSL_OP_NO_PROTOCOL_INDEX_SSLV2;
|
||||
}
|
||||
} else if (p.equals(OpenSsl.PROTOCOL_SSL_V3)) {
|
||||
} else if (p.equals(PROTOCOL_SSL_V3)) {
|
||||
if (minProtocolIndex > OPENSSL_OP_NO_PROTOCOL_INDEX_SSLV3) {
|
||||
minProtocolIndex = OPENSSL_OP_NO_PROTOCOL_INDEX_SSLV3;
|
||||
}
|
||||
if (maxProtocolIndex < OPENSSL_OP_NO_PROTOCOL_INDEX_SSLV3) {
|
||||
maxProtocolIndex = OPENSSL_OP_NO_PROTOCOL_INDEX_SSLV3;
|
||||
}
|
||||
} else if (p.equals(OpenSsl.PROTOCOL_TLS_V1)) {
|
||||
} else if (p.equals(PROTOCOL_TLS_V1)) {
|
||||
if (minProtocolIndex > OPENSSL_OP_NO_PROTOCOL_INDEX_TLSv1) {
|
||||
minProtocolIndex = OPENSSL_OP_NO_PROTOCOL_INDEX_TLSv1;
|
||||
}
|
||||
if (maxProtocolIndex < OPENSSL_OP_NO_PROTOCOL_INDEX_TLSv1) {
|
||||
maxProtocolIndex = OPENSSL_OP_NO_PROTOCOL_INDEX_TLSv1;
|
||||
}
|
||||
} else if (p.equals(OpenSsl.PROTOCOL_TLS_V1_1)) {
|
||||
} else if (p.equals(PROTOCOL_TLS_V1_1)) {
|
||||
if (minProtocolIndex > OPENSSL_OP_NO_PROTOCOL_INDEX_TLSv1_1) {
|
||||
minProtocolIndex = OPENSSL_OP_NO_PROTOCOL_INDEX_TLSv1_1;
|
||||
}
|
||||
if (maxProtocolIndex < OPENSSL_OP_NO_PROTOCOL_INDEX_TLSv1_1) {
|
||||
maxProtocolIndex = OPENSSL_OP_NO_PROTOCOL_INDEX_TLSv1_1;
|
||||
}
|
||||
} else if (p.equals(OpenSsl.PROTOCOL_TLS_V1_2)) {
|
||||
} else if (p.equals(PROTOCOL_TLS_V1_2)) {
|
||||
if (minProtocolIndex > OPENSSL_OP_NO_PROTOCOL_INDEX_TLSv1_2) {
|
||||
minProtocolIndex = OPENSSL_OP_NO_PROTOCOL_INDEX_TLSv1_2;
|
||||
}
|
||||
|
||||
@ -36,6 +36,14 @@ import static java.util.Arrays.asList;
|
||||
*/
|
||||
final class SslUtils {
|
||||
|
||||
// Protocols
|
||||
static final String PROTOCOL_SSL_V2_HELLO = "SSLv2Hello";
|
||||
static final String PROTOCOL_SSL_V2 = "SSLv2";
|
||||
static final String PROTOCOL_SSL_V3 = "SSLv3";
|
||||
static final String PROTOCOL_TLS_V1 = "TLSv1";
|
||||
static final String PROTOCOL_TLS_V1_1 = "TLSv1.1";
|
||||
static final String PROTOCOL_TLS_V1_2 = "TLSv1.2";
|
||||
|
||||
/**
|
||||
* change cipher spec
|
||||
*/
|
||||
|
||||
@ -271,7 +271,7 @@ public class JdkSslEngineTest extends SSLEngineTest {
|
||||
|
||||
@Test
|
||||
public void testEnablingAnAlreadyDisabledSslProtocol() throws Exception {
|
||||
testEnablingAnAlreadyDisabledSslProtocol(new String[]{}, new String[]{PROTOCOL_TLS_V1_2});
|
||||
testEnablingAnAlreadyDisabledSslProtocol(new String[]{}, new String[]{ SslUtils.PROTOCOL_TLS_V1_2 });
|
||||
}
|
||||
|
||||
@Ignore /* Does the JDK support a "max certificate chain length"? */
|
||||
|
||||
@ -44,6 +44,11 @@ import javax.net.ssl.SSLParameters;
|
||||
|
||||
import static io.netty.handler.ssl.OpenSslTestUtils.checkShouldUseKeyManagerFactory;
|
||||
import static io.netty.handler.ssl.ReferenceCountedOpenSslEngine.MAX_PLAINTEXT_LENGTH;
|
||||
import static io.netty.handler.ssl.SslUtils.PROTOCOL_SSL_V2_HELLO;
|
||||
import static io.netty.handler.ssl.SslUtils.PROTOCOL_SSL_V3;
|
||||
import static io.netty.handler.ssl.SslUtils.PROTOCOL_TLS_V1;
|
||||
import static io.netty.handler.ssl.SslUtils.PROTOCOL_TLS_V1_1;
|
||||
import static io.netty.handler.ssl.SslUtils.PROTOCOL_TLS_V1_2;
|
||||
import static io.netty.internal.tcnative.SSL.SSL_CVERIFY_IGNORED;
|
||||
import static java.lang.Integer.MAX_VALUE;
|
||||
import static org.junit.Assert.assertEquals;
|
||||
@ -53,6 +58,7 @@ import static org.junit.Assert.assertSame;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
import static org.junit.Assume.assumeTrue;
|
||||
|
||||
|
||||
@RunWith(Parameterized.class)
|
||||
public class OpenSslEngineTest extends SSLEngineTest {
|
||||
private static final String PREFERRED_APPLICATION_LEVEL_PROTOCOL = "my-protocol-http2";
|
||||
@ -375,36 +381,36 @@ public class OpenSslEngineTest extends SSLEngineTest {
|
||||
.sslProvider(sslServerProvider())
|
||||
.build();
|
||||
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "ADH-AES128-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "AES128-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "ECDHE-RSA-AES128-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "ADH-CAMELLIA128-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "AECDH-AES128-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "AECDH-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "CAMELLIA128-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "DHE-RSA-AES256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "SEED-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "RC4-MD5");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "ADH-AES256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "AES256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "ADH-SEED-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "ADH-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "EDH-RSA-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "ADH-RC4-MD5");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "IDEA-CBC-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "DHE-RSA-AES128-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "RC4-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "CAMELLIA256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "AECDH-RC4-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "DHE-RSA-SEED-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "AECDH-AES256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "ECDHE-RSA-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "ADH-CAMELLIA256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "DHE-RSA-CAMELLIA256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "ECDHE-RSA-AES256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "DHE-RSA-CAMELLIA128-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1, "ECDHE-RSA-RC4-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "ADH-AES128-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "AES128-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "ECDHE-RSA-AES128-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "ADH-CAMELLIA128-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "AECDH-AES128-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "AECDH-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "CAMELLIA128-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "DHE-RSA-AES256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "SEED-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "RC4-MD5");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "ADH-AES256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "AES256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "ADH-SEED-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "ADH-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "EDH-RSA-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "ADH-RC4-MD5");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "IDEA-CBC-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "DHE-RSA-AES128-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "RC4-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "CAMELLIA256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "AECDH-RC4-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "DHE-RSA-SEED-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "AECDH-AES256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "ECDHE-RSA-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "ADH-CAMELLIA256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "DHE-RSA-CAMELLIA256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "ECDHE-RSA-AES256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "DHE-RSA-CAMELLIA128-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1, "ECDHE-RSA-RC4-SHA");
|
||||
}
|
||||
|
||||
@Test
|
||||
@ -418,30 +424,30 @@ public class OpenSslEngineTest extends SSLEngineTest {
|
||||
.sslProvider(sslServerProvider())
|
||||
.build();
|
||||
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_1, "ECDHE-RSA-AES256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_1, "DHE-RSA-AES256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_1, "DHE-RSA-CAMELLIA256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_1, "ADH-CAMELLIA256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_1, "ADH-AES256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_1, "AES256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_1, "CAMELLIA256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_1, "AECDH-AES128-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_1, "DHE-RSA-CAMELLIA128-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_1, "ECDHE-RSA-AES256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_1, "ADH-AES128-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_1, "ADH-SEED-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_1, "ADH-CAMELLIA128-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_1, "SEED-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_1, "CAMELLIA128-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_1, "IDEA-CBC-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_1, "AECDH-RC4-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_1, "ADH-RC4-MD5");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_1, "RC4-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_1, "ECDHE-RSA-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_1, "EDH-RSA-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_1, "AECDH-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_1, "ADH-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_1, "DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_1, "ECDHE-RSA-AES256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_1, "DHE-RSA-AES256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_1, "DHE-RSA-CAMELLIA256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_1, "ADH-CAMELLIA256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_1, "ADH-AES256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_1, "AES256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_1, "CAMELLIA256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_1, "AECDH-AES128-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_1, "DHE-RSA-CAMELLIA128-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_1, "ECDHE-RSA-AES256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_1, "ADH-AES128-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_1, "ADH-SEED-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_1, "ADH-CAMELLIA128-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_1, "SEED-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_1, "CAMELLIA128-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_1, "IDEA-CBC-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_1, "AECDH-RC4-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_1, "ADH-RC4-MD5");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_1, "RC4-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_1, "ECDHE-RSA-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_1, "EDH-RSA-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_1, "AECDH-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_1, "ADH-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_1, "DES-CBC3-SHA");
|
||||
}
|
||||
|
||||
@Test
|
||||
@ -455,52 +461,52 @@ public class OpenSslEngineTest extends SSLEngineTest {
|
||||
.sslProvider(sslServerProvider())
|
||||
.build();
|
||||
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "ADH-AES128-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "AES128-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "ECDHE-RSA-AES128-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "ADH-CAMELLIA128-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "DHE-RSA-AES256-GCM-SHA384");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "AECDH-AES128-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "AES128-GCM-SHA256");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "DHE-RSA-AES128-GCM-SHA256");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "ECDHE-RSA-AES256-SHA384");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "AECDH-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "AES256-GCM-SHA384");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "AES256-SHA256");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "ECDHE-RSA-AES128-GCM-SHA256");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "ECDHE-RSA-AES128-SHA256");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "CAMELLIA128-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "DHE-RSA-AES256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "SEED-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "RC4-MD5");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "ADH-AES256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "AES256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "ADH-SEED-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "DHE-RSA-AES128-SHA256");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "ADH-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "EDH-RSA-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "ADH-RC4-MD5");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "IDEA-CBC-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "DHE-RSA-AES128-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "RC4-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "CAMELLIA256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "ADH-AES128-GCM-SHA256");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "AES128-SHA256");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "AECDH-RC4-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "ADH-AES256-GCM-SHA384");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "DHE-RSA-SEED-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "DHE-RSA-AES256-SHA256");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "AECDH-AES256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "ECDHE-RSA-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "ADH-CAMELLIA256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "ECDHE-RSA-AES256-GCM-SHA384");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "DHE-RSA-CAMELLIA256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "ADH-AES256-SHA256");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "ADH-AES128-SHA256");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "ECDHE-RSA-AES256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "DHE-RSA-CAMELLIA128-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_TLS_V1_2, "ECDHE-RSA-RC4-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "ADH-AES128-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "AES128-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "ECDHE-RSA-AES128-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "ADH-CAMELLIA128-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "DHE-RSA-AES256-GCM-SHA384");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "AECDH-AES128-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "AES128-GCM-SHA256");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "DHE-RSA-AES128-GCM-SHA256");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "ECDHE-RSA-AES256-SHA384");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "AECDH-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "AES256-GCM-SHA384");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "AES256-SHA256");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "ECDHE-RSA-AES128-GCM-SHA256");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "ECDHE-RSA-AES128-SHA256");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "CAMELLIA128-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "DHE-RSA-AES256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "SEED-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "RC4-MD5");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "ADH-AES256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "AES256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "ADH-SEED-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "DHE-RSA-AES128-SHA256");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "ADH-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "EDH-RSA-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "ADH-RC4-MD5");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "IDEA-CBC-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "DHE-RSA-AES128-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "RC4-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "CAMELLIA256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "ADH-AES128-GCM-SHA256");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "AES128-SHA256");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "AECDH-RC4-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "ADH-AES256-GCM-SHA384");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "DHE-RSA-SEED-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "DHE-RSA-AES256-SHA256");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "AECDH-AES256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "ECDHE-RSA-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "ADH-CAMELLIA256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "ECDHE-RSA-AES256-GCM-SHA384");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "DHE-RSA-CAMELLIA256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "ADH-AES256-SHA256");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "ADH-AES128-SHA256");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "ECDHE-RSA-AES256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "DHE-RSA-CAMELLIA128-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_TLS_V1_2, "ECDHE-RSA-RC4-SHA");
|
||||
}
|
||||
|
||||
@Test
|
||||
@ -514,34 +520,34 @@ public class OpenSslEngineTest extends SSLEngineTest {
|
||||
.sslProvider(sslServerProvider())
|
||||
.build();
|
||||
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_SSL_V3, "ADH-AES128-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_SSL_V3, "AES128-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_SSL_V3, "ADH-CAMELLIA128-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_SSL_V3, "DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_SSL_V3, "AECDH-AES128-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_SSL_V3, "AECDH-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_SSL_V3, "CAMELLIA128-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_SSL_V3, "DHE-RSA-AES256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_SSL_V3, "SEED-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_SSL_V3, "RC4-MD5");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_SSL_V3, "ADH-AES256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_SSL_V3, "AES256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_SSL_V3, "ADH-SEED-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_SSL_V3, "ADH-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_SSL_V3, "EDH-RSA-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_SSL_V3, "ADH-RC4-MD5");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_SSL_V3, "IDEA-CBC-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_SSL_V3, "DHE-RSA-AES128-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_SSL_V3, "RC4-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_SSL_V3, "CAMELLIA256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_SSL_V3, "AECDH-RC4-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_SSL_V3, "DHE-RSA-SEED-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_SSL_V3, "AECDH-AES256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_SSL_V3, "ECDHE-RSA-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_SSL_V3, "ADH-CAMELLIA256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_SSL_V3, "DHE-RSA-CAMELLIA256-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_SSL_V3, "DHE-RSA-CAMELLIA128-SHA");
|
||||
testWrapWithDifferentSizes(OpenSsl.PROTOCOL_SSL_V3, "ECDHE-RSA-RC4-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_SSL_V3, "ADH-AES128-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_SSL_V3, "AES128-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_SSL_V3, "ADH-CAMELLIA128-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_SSL_V3, "DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_SSL_V3, "AECDH-AES128-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_SSL_V3, "AECDH-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_SSL_V3, "CAMELLIA128-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_SSL_V3, "DHE-RSA-AES256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_SSL_V3, "SEED-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_SSL_V3, "RC4-MD5");
|
||||
testWrapWithDifferentSizes(PROTOCOL_SSL_V3, "ADH-AES256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_SSL_V3, "AES256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_SSL_V3, "ADH-SEED-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_SSL_V3, "ADH-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_SSL_V3, "EDH-RSA-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_SSL_V3, "ADH-RC4-MD5");
|
||||
testWrapWithDifferentSizes(PROTOCOL_SSL_V3, "IDEA-CBC-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_SSL_V3, "DHE-RSA-AES128-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_SSL_V3, "RC4-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_SSL_V3, "CAMELLIA256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_SSL_V3, "AECDH-RC4-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_SSL_V3, "DHE-RSA-SEED-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_SSL_V3, "AECDH-AES256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_SSL_V3, "ECDHE-RSA-DES-CBC3-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_SSL_V3, "ADH-CAMELLIA256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_SSL_V3, "DHE-RSA-CAMELLIA256-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_SSL_V3, "DHE-RSA-CAMELLIA128-SHA");
|
||||
testWrapWithDifferentSizes(PROTOCOL_SSL_V3, "ECDHE-RSA-RC4-SHA");
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@ -75,6 +75,10 @@ import javax.net.ssl.SSLParameters;
|
||||
import javax.net.ssl.SSLSession;
|
||||
import javax.security.cert.X509Certificate;
|
||||
|
||||
import static io.netty.handler.ssl.SslUtils.PROTOCOL_TLS_V1;
|
||||
import static io.netty.handler.ssl.SslUtils.PROTOCOL_TLS_V1_2;
|
||||
import static io.netty.handler.ssl.SslUtils.SSL_RECORD_HEADER_LENGTH;
|
||||
|
||||
import static org.junit.Assert.assertArrayEquals;
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertFalse;
|
||||
@ -152,8 +156,6 @@ public abstract class SSLEngineTest {
|
||||
"-----END PRIVATE KEY-----\n";
|
||||
private static final String CLIENT_X509_CERT_CHAIN_PEM = CLIENT_X509_CERT_PEM + X509_CERT_PEM;
|
||||
|
||||
protected static final String PROTOCOL_TLS_V1_2 = "TLSv1.2";
|
||||
protected static final String PROTOCOL_SSL_V2_HELLO = "SSLv2Hello";
|
||||
private static final String PRINCIPAL_NAME = "CN=e8ac02fa0d65a84219016045db8b05c485b4ecdf.netty.test";
|
||||
|
||||
@Mock
|
||||
@ -1238,7 +1240,7 @@ public abstract class SSLEngineTest {
|
||||
assertArrayEquals(protocols1, enabledProtocols);
|
||||
|
||||
// Enable a protocol that is currently disabled
|
||||
sslEngine.setEnabledProtocols(new String[]{PROTOCOL_TLS_V1_2});
|
||||
sslEngine.setEnabledProtocols(new String[]{ PROTOCOL_TLS_V1_2 });
|
||||
|
||||
// The protocol that was just enabled should be returned
|
||||
enabledProtocols = sslEngine.getEnabledProtocols();
|
||||
@ -1691,13 +1693,13 @@ public abstract class SSLEngineTest {
|
||||
clientSslCtx = SslContextBuilder.forClient()
|
||||
.trustManager(InsecureTrustManagerFactory.INSTANCE)
|
||||
.ciphers(Arrays.asList(sharedCipher))
|
||||
.protocols(OpenSsl.PROTOCOL_TLS_V1_2, OpenSsl.PROTOCOL_TLS_V1)
|
||||
.protocols(PROTOCOL_TLS_V1_2, PROTOCOL_TLS_V1)
|
||||
.sslProvider(sslClientProvider())
|
||||
.build();
|
||||
|
||||
serverSslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey())
|
||||
.ciphers(Arrays.asList(sharedCipher))
|
||||
.protocols(OpenSsl.PROTOCOL_TLS_V1_2, OpenSsl.PROTOCOL_TLS_V1)
|
||||
.protocols(PROTOCOL_TLS_V1_2, PROTOCOL_TLS_V1)
|
||||
.sslProvider(sslServerProvider())
|
||||
.build();
|
||||
SSLEngine clientEngine = null;
|
||||
@ -2225,20 +2227,19 @@ public abstract class SSLEngineTest {
|
||||
int remaining = encClientToServer.remaining();
|
||||
|
||||
// We limit the buffer so we have less then the header to read, this should result in an BUFFER_UNDERFLOW.
|
||||
encClientToServer.limit(SslUtils.SSL_RECORD_HEADER_LENGTH - 1);
|
||||
encClientToServer.limit(SSL_RECORD_HEADER_LENGTH - 1);
|
||||
result = server.unwrap(encClientToServer, plainServer);
|
||||
assertResultIsBufferUnderflow(result);
|
||||
|
||||
// We limit the buffer so we can read the header but not the rest, this should result in an
|
||||
// BUFFER_UNDERFLOW.
|
||||
encClientToServer.limit(SslUtils.SSL_RECORD_HEADER_LENGTH);
|
||||
encClientToServer.limit(SSL_RECORD_HEADER_LENGTH);
|
||||
result = server.unwrap(encClientToServer, plainServer);
|
||||
assertResultIsBufferUnderflow(result);
|
||||
|
||||
// We limit the buffer so we can read the header and partly the rest, this should result in an
|
||||
// BUFFER_UNDERFLOW.
|
||||
encClientToServer.limit(
|
||||
SslUtils.SSL_RECORD_HEADER_LENGTH + remaining - 1 - SslUtils.SSL_RECORD_HEADER_LENGTH);
|
||||
encClientToServer.limit(SSL_RECORD_HEADER_LENGTH + remaining - 1 - SSL_RECORD_HEADER_LENGTH);
|
||||
result = server.unwrap(encClientToServer, plainServer);
|
||||
assertResultIsBufferUnderflow(result);
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user