diff options
Diffstat (limited to 'bcprov/src/main/java/org/bouncycastle/crypto/tls/test/DTLSTestSuite.java')
-rw-r--r-- | bcprov/src/main/java/org/bouncycastle/crypto/tls/test/DTLSTestSuite.java | 126 |
1 files changed, 126 insertions, 0 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/DTLSTestSuite.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/DTLSTestSuite.java new file mode 100644 index 0000000..df26bff --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/DTLSTestSuite.java @@ -0,0 +1,126 @@ +package org.bouncycastle.crypto.tls.test; + +import junit.framework.Test; +import junit.framework.TestSuite; + +import org.bouncycastle.crypto.tls.AlertDescription; +import org.bouncycastle.crypto.tls.ProtocolVersion; + +public class DTLSTestSuite extends TestSuite +{ + // Make the access to constants less verbose + static abstract class C extends TlsTestConfig {} + + public static Test suite() + { + DTLSTestSuite testSuite = new DTLSTestSuite(); + + addFallbackTests(testSuite); + addVersionTests(testSuite, ProtocolVersion.DTLSv10); + addVersionTests(testSuite, ProtocolVersion.DTLSv12); + + return testSuite; + } + + private static void addFallbackTests(TestSuite testSuite) + { + { + TlsTestConfig c = createDTLSTestConfig(ProtocolVersion.DTLSv12); + c.clientFallback = true; + + testSuite.addTest(new DTLSTestCase(c, "FallbackGood")); + } + + /* + * NOTE: Temporarily disabled automatic test runs because of problems getting a clean exit + * of the DTLS server after a fatal alert. As of writing, manual runs show the correct + * alerts being raised + */ + +// { +// TlsTestConfig c = createDTLSTestConfig(ProtocolVersion.DTLSv12); +// c.clientOfferVersion = ProtocolVersion.DTLSv10; +// c.clientFallback = true; +// c.expectServerFatalAlert(AlertDescription.inappropriate_fallback); +// +// testSuite.addTest(new DTLSTestCase(c, "FallbackBad")); +// } + + { + TlsTestConfig c = createDTLSTestConfig(ProtocolVersion.DTLSv12); + c.clientOfferVersion = ProtocolVersion.DTLSv10; + + testSuite.addTest(new DTLSTestCase(c, "FallbackNone")); + } + } + + private static void addVersionTests(TestSuite testSuite, ProtocolVersion version) + { + String prefix = version.toString().replaceAll("[ \\.]", "") + "_"; + + /* + * NOTE: Temporarily disabled automatic test runs because of problems getting a clean exit + * of the DTLS server after a fatal alert. As of writing, manual runs show the correct + * alerts being raised + */ + +// { +// TlsTestConfig c = createDTLSTestConfig(version); +// c.clientAuth = C.CLIENT_AUTH_INVALID_VERIFY; +// c.expectServerFatalAlert(AlertDescription.decrypt_error); +// +// testSuite.addTest(new DTLSTestCase(c, prefix + "BadCertificateVerify")); +// } +// +// { +// TlsTestConfig c = createDTLSTestConfig(version); +// c.clientAuth = C.CLIENT_AUTH_INVALID_CERT; +// c.expectServerFatalAlert(AlertDescription.bad_certificate); +// +// testSuite.addTest(new DTLSTestCase(c, prefix + "BadClientCertificate")); +// } +// +// { +// TlsTestConfig c = createDTLSTestConfig(version); +// c.clientAuth = C.CLIENT_AUTH_NONE; +// c.serverCertReq = C.SERVER_CERT_REQ_MANDATORY; +// c.expectServerFatalAlert(AlertDescription.handshake_failure); +// +// testSuite.addTest(new DTLSTestCase(c, prefix + "BadMandatoryCertReqDeclined")); +// } + + { + TlsTestConfig c = createDTLSTestConfig(version); + + testSuite.addTest(new DTLSTestCase(c, prefix + "GoodDefault")); + } + + { + TlsTestConfig c = createDTLSTestConfig(version); + c.serverCertReq = C.SERVER_CERT_REQ_NONE; + + testSuite.addTest(new DTLSTestCase(c, prefix + "GoodNoCertReq")); + } + + { + TlsTestConfig c = createDTLSTestConfig(version); + c.clientAuth = C.CLIENT_AUTH_NONE; + + testSuite.addTest(new DTLSTestCase(c, prefix + "GoodOptionalCertReqDeclined")); + } + } + + private static TlsTestConfig createDTLSTestConfig(ProtocolVersion version) + { + TlsTestConfig c = new TlsTestConfig(); + c.clientMinimumVersion = ProtocolVersion.DTLSv10; + /* + * TODO We'd like to just set the offer version to DTLSv12, but there is a known issue with + * overly-restrictive version checks b/w BC DTLS 1.2 client, BC DTLS 1.0 server + */ + c.clientOfferVersion = version; + c.serverMaximumVersion = version; + c.serverMinimumVersion = ProtocolVersion.DTLSv10; + return c; + } +} |