PageRenderTime 57ms CodeModel.GetById 27ms RepoModel.GetById 0ms app.codeStats 0ms

/vt-ldap/branches/vt-ldap-3/src/test/java/edu/vt/middleware/ldap/ssl/TLSSocketFactoryTest.java

http://vt-middleware.googlecode.com/
Java | 208 lines | 152 code | 22 blank | 34 comment | 0 complexity | 5c473915e0b1f5b18e6dc893f55f6a72 MD5 | raw file
Possible License(s): GPL-3.0, Apache-2.0, LGPL-3.0, LGPL-2.1
  1. /*
  2. $Id: TLSSocketFactoryTest.java 1486 2010-08-17 18:53:58Z dfisher $
  3. Copyright (C) 2003-2010 Virginia Tech.
  4. All rights reserved.
  5. SEE LICENSE FOR MORE INFORMATION
  6. Author: Middleware Services
  7. Email: middleware@vt.edu
  8. Version: $Revision: 1486 $
  9. Updated: $Date: 2010-08-17 20:53:58 +0200 (Tue, 17 Aug 2010) $
  10. */
  11. package edu.vt.middleware.ldap.ssl;
  12. import java.util.Arrays;
  13. import javax.net.ssl.SSLSocket;
  14. import edu.vt.middleware.ldap.AnyHostnameVerifier;
  15. import edu.vt.middleware.ldap.Ldap;
  16. import edu.vt.middleware.ldap.TestUtil;
  17. import org.testng.AssertJUnit;
  18. import org.testng.annotations.Test;
  19. /**
  20. * Unit test for {@link TLSSocketFactory}.
  21. *
  22. * @author Middleware Services
  23. * @version $Revision: 1486 $
  24. */
  25. public class TLSSocketFactoryTest
  26. {
  27. /** List of ciphers. */
  28. public static final String[] CIPHERS = new String[] {
  29. "TLS_DH_anon_WITH_AES_128_CBC_SHA",
  30. "TLS_DH_anon_WITH_AES_256_CBC_SHA",
  31. "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA",
  32. "SSL_DH_anon_WITH_RC4_128_MD5",
  33. "TLS_RSA_WITH_AES_128_CBC_SHA",
  34. "TLS_RSA_WITH_AES_256_CBC_SHA",
  35. "SSL_RSA_WITH_3DES_EDE_CBC_SHA",
  36. "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
  37. "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
  38. "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
  39. "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
  40. "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
  41. "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
  42. "SSL_RSA_WITH_RC4_128_MD5",
  43. "SSL_RSA_WITH_RC4_128_SHA",
  44. };
  45. /** List of ciphers. */
  46. public static final String[] UNKNOWN_CIPHERS = new String[] {
  47. "TLS_DH_anon_WITH_AES_128_CBC_SHA",
  48. "TLS_DH_anon_WITH_3DES_256_CBC_SHA",
  49. "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA",
  50. "SSL_DH_anon_WITH_RC4_128_MD5",
  51. };
  52. /** List of protocols. */
  53. public static final String[] ALL_PROTOCOLS = new String[] {
  54. "SSLv2Hello",
  55. "SSLv3",
  56. "TLSv1",
  57. };
  58. /** List of protocols. */
  59. public static final String[] PROTOCOLS = new String[] {
  60. "SSLv3",
  61. "TLSv1",
  62. };
  63. /** List of protocols. */
  64. public static final String[] FAIL_PROTOCOLS = new String[] {
  65. "SSLv2Hello",
  66. };
  67. /** List of protocols. */
  68. public static final String[] UNKNOWN_PROTOCOLS = new String[] {
  69. "SSLv2Hello",
  70. "SSLv3Hello",
  71. "TLSv1",
  72. };
  73. /**
  74. * @return <code>Ldap</code>
  75. *
  76. * @throws Exception On ldap construction failure.
  77. */
  78. public Ldap createTLSLdap()
  79. throws Exception
  80. {
  81. // configure TLSSocketFactory
  82. final X509CertificatesCredentialReader reader =
  83. new X509CertificatesCredentialReader();
  84. final X509SSLContextInitializer ctxInit =
  85. new X509SSLContextInitializer();
  86. ctxInit.setTrustCertificates(
  87. reader.read("file:src/test/resources/ed.trust.crt"));
  88. final TLSSocketFactory sf = new TLSSocketFactory();
  89. sf.setSSLContextInitializer(ctxInit);
  90. sf.initialize();
  91. // configure ldap object to use TLS
  92. final Ldap ldap = TestUtil.createLdap();
  93. ldap.getLdapConfig().setTls(true);
  94. ldap.getLdapConfig().setSslSocketFactory(sf);
  95. ldap.getLdapConfig().setHostnameVerifier(new AnyHostnameVerifier());
  96. return ldap;
  97. }
  98. /** @throws Exception On test failure. */
  99. @Test(groups = {"ssltest"})
  100. public void setEnabledCipherSuites()
  101. throws Exception
  102. {
  103. final Ldap ldap = this.createTLSLdap();
  104. final TLSSocketFactory sf =
  105. (TLSSocketFactory) ldap.getLdapConfig().getSslSocketFactory();
  106. AssertJUnit.assertTrue(ldap.connect());
  107. ldap.getSchema("ou=test,dc=vt,dc=edu");
  108. AssertJUnit.assertEquals(
  109. Arrays.asList(((SSLSocket) sf.createSocket()).getEnabledCipherSuites()),
  110. Arrays.asList(sf.getDefaultCipherSuites()));
  111. AssertJUnit.assertNotSame(
  112. Arrays.asList(sf.getDefaultCipherSuites()), Arrays.asList(CIPHERS));
  113. ldap.close();
  114. sf.setEnabledCipherSuites(UNKNOWN_CIPHERS);
  115. try {
  116. ldap.connect();
  117. AssertJUnit.fail(
  118. "Should have thrown IllegalArgumentException, no exception thrown");
  119. } catch (IllegalArgumentException e) {
  120. AssertJUnit.assertEquals(IllegalArgumentException.class, e.getClass());
  121. } catch (Exception e) {
  122. AssertJUnit.fail(
  123. "Should have thrown IllegalArgumentException, threw " + e);
  124. }
  125. ldap.close();
  126. sf.setEnabledCipherSuites(CIPHERS);
  127. AssertJUnit.assertTrue(ldap.connect());
  128. ldap.getSchema("ou=test,dc=vt,dc=edu");
  129. AssertJUnit.assertEquals(
  130. Arrays.asList(((SSLSocket) sf.createSocket()).getEnabledCipherSuites()),
  131. Arrays.asList(CIPHERS));
  132. ldap.close();
  133. }
  134. /** @throws Exception On test failure. */
  135. @Test(groups = {"ssltest"})
  136. public void setEnabledProtocols()
  137. throws Exception
  138. {
  139. final Ldap ldap = this.createTLSLdap();
  140. final TLSSocketFactory sf =
  141. (TLSSocketFactory) ldap.getLdapConfig().getSslSocketFactory();
  142. AssertJUnit.assertTrue(ldap.connect());
  143. ldap.getSchema("ou=test,dc=vt,dc=edu");
  144. AssertJUnit.assertEquals(
  145. Arrays.asList(((SSLSocket) sf.createSocket()).getEnabledProtocols()),
  146. Arrays.asList(ALL_PROTOCOLS));
  147. AssertJUnit.assertNotSame(
  148. Arrays.asList(((SSLSocket) sf.createSocket()).getEnabledProtocols()),
  149. Arrays.asList(PROTOCOLS));
  150. ldap.close();
  151. sf.setEnabledProtocols(FAIL_PROTOCOLS);
  152. try {
  153. ldap.connect();
  154. AssertJUnit.fail(
  155. "Should have thrown IllegalArgumentException, no exception thrown");
  156. } catch (IllegalArgumentException e) {
  157. AssertJUnit.assertEquals(IllegalArgumentException.class, e.getClass());
  158. } catch (Exception e) {
  159. AssertJUnit.fail(
  160. "Should have thrown IllegalArgumentException, threw " + e);
  161. }
  162. ldap.close();
  163. sf.setEnabledProtocols(UNKNOWN_PROTOCOLS);
  164. try {
  165. ldap.connect();
  166. AssertJUnit.fail(
  167. "Should have thrown IllegalArgumentException, no exception thrown");
  168. } catch (IllegalArgumentException e) {
  169. AssertJUnit.assertEquals(IllegalArgumentException.class, e.getClass());
  170. } catch (Exception e) {
  171. AssertJUnit.fail(
  172. "Should have thrown IllegalArgumentException, threw " + e);
  173. }
  174. ldap.close();
  175. sf.setEnabledProtocols(PROTOCOLS);
  176. AssertJUnit.assertTrue(ldap.connect());
  177. ldap.getSchema("ou=test,dc=vt,dc=edu");
  178. AssertJUnit.assertEquals(
  179. Arrays.asList(((SSLSocket) sf.createSocket()).getEnabledProtocols()),
  180. Arrays.asList(PROTOCOLS));
  181. ldap.close();
  182. }
  183. }