PageRenderTime 57ms CodeModel.GetById 24ms RepoModel.GetById 1ms app.codeStats 0ms

/vt-ldap/branches/vt-ldap-3/src/test/java/edu/vt/middleware/ldap/ssl/TLSSocketFactoryTest.java

http://vt-middleware.googlecode.com/
Java | 208 lines | 152 code | 22 blank | 34 comment | 0 complexity | 5c473915e0b1f5b18e6dc893f55f6a72 MD5 | raw file
Possible License(s): GPL-3.0, Apache-2.0, LGPL-3.0, LGPL-2.1 
    

  1. /*
    2. 

  2.   $Id: TLSSocketFactoryTest.java 1486 2010-08-17 18:53:58Z dfisher $
    3. 

    4. 

  4.   Copyright (C) 2003-2010 Virginia Tech.
    5. 

  5.   All rights reserved.
    6. 

    7. 

  7.   SEE LICENSE FOR MORE INFORMATION
    8. 

    9. 

  9.   Author:  Middleware Services
    10. 

  10.   Email:   middleware@vt.edu
    11. 

  11.   Version: $Revision: 1486 $
    12. 

  12.   Updated: $Date: 2010-08-17 20:53:58 +0200 (Tue, 17 Aug 2010) $
    13. 

  13. */
    14. 

  14. package edu.vt.middleware.ldap.ssl;
    15. 

  15. 

  16. import java.util.Arrays;
    17. 

  17. import javax.net.ssl.SSLSocket;
    18. 

  18. import edu.vt.middleware.ldap.AnyHostnameVerifier;
    19. 

  19. import edu.vt.middleware.ldap.Ldap;
    20. 

  20. import edu.vt.middleware.ldap.TestUtil;
    21. 

  21. import org.testng.AssertJUnit;
    22. 

  22. import org.testng.annotations.Test;
    23. 

  23. 

  24. /**
    25. 

  25.  * Unit test for {@link TLSSocketFactory}.
    26. 

  26.  *
    27. 

  27.  * @author  Middleware Services
    28. 

  28.  * @version  $Revision: 1486 $
    29. 

  29.  */
    30. 

  30. public class TLSSocketFactoryTest
    31. 

  31. {
    32. 

  32. 

  33.   /** List of ciphers. */
    34. 

  34.   public static final String[] CIPHERS = new String[] {
    35. 

  35.     "TLS_DH_anon_WITH_AES_128_CBC_SHA",
    36. 

  36.     "TLS_DH_anon_WITH_AES_256_CBC_SHA",
    37. 

  37.     "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA",
    38. 

  38.     "SSL_DH_anon_WITH_RC4_128_MD5",
    39. 

  39.     "TLS_RSA_WITH_AES_128_CBC_SHA",
    40. 

  40.     "TLS_RSA_WITH_AES_256_CBC_SHA",
    41. 

  41.     "SSL_RSA_WITH_3DES_EDE_CBC_SHA",
    42. 

  42.     "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
    43. 

  43.     "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
    44. 

  44.     "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
    45. 

  45.     "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
    46. 

  46.     "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
    47. 

  47.     "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
    48. 

  48.     "SSL_RSA_WITH_RC4_128_MD5",
    49. 

  49.     "SSL_RSA_WITH_RC4_128_SHA",
    50. 

  50.   };
    51. 

  51. 

  52.   /** List of ciphers. */
    53. 

  53.   public static final String[] UNKNOWN_CIPHERS = new String[] {
    54. 

  54.     "TLS_DH_anon_WITH_AES_128_CBC_SHA",
    55. 

  55.     "TLS_DH_anon_WITH_3DES_256_CBC_SHA",
    56. 

  56.     "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA",
    57. 

  57.     "SSL_DH_anon_WITH_RC4_128_MD5",
    58. 

  58.   };
    59. 

  59. 

  60.   /** List of protocols. */
    61. 

  61.   public static final String[] ALL_PROTOCOLS = new String[] {
    62. 

  62.     "SSLv2Hello",
    63. 

  63.     "SSLv3",
    64. 

  64.     "TLSv1",
    65. 

  65.   };
    66. 

  66. 

  67.   /** List of protocols. */
    68. 

  68.   public static final String[] PROTOCOLS = new String[] {
    69. 

  69.     "SSLv3",
    70. 

  70.     "TLSv1",
    71. 

  71.   };
    72. 

  72. 

  73.   /** List of protocols. */
    74. 

  74.   public static final String[] FAIL_PROTOCOLS = new String[] {
    75. 

  75.     "SSLv2Hello",
    76. 

  76.   };
    77. 

  77. 

  78.   /** List of protocols. */
    79. 

  79.   public static final String[] UNKNOWN_PROTOCOLS = new String[] {
    80. 

  80.     "SSLv2Hello",
    81. 

  81.     "SSLv3Hello",
    82. 

  82.     "TLSv1",
    83. 

  83.   };
    84. 

  84. 

  85. 

  86.   /**
    87. 

  87.    * @return  <code>Ldap</code>
    88. 

  88.    *
    89. 

  89.    * @throws  Exception  On ldap construction failure.
    90. 

  90.    */
    91. 

  91.   public Ldap createTLSLdap()
    92. 

  92.     throws Exception
    93. 

  93.   {
    94. 

  94.     // configure TLSSocketFactory
    95. 

  95.     final X509CertificatesCredentialReader reader =
    96. 

  96.       new X509CertificatesCredentialReader();
    97. 

  97.     final X509SSLContextInitializer ctxInit =
    98. 

  98.       new X509SSLContextInitializer();
    99. 

  99.     ctxInit.setTrustCertificates(
    100. 

  100.       reader.read("file:src/test/resources/ed.trust.crt"));
    101. 

  101.     final TLSSocketFactory sf = new TLSSocketFactory();
    102. 

  102.     sf.setSSLContextInitializer(ctxInit);
    103. 

  103.     sf.initialize();
    104. 

  104. 

  105.     // configure ldap object to use TLS
    106. 

  106.     final Ldap ldap = TestUtil.createLdap();
    107. 

  107.     ldap.getLdapConfig().setTls(true);
    108. 

  108.     ldap.getLdapConfig().setSslSocketFactory(sf);
    109. 

  109.     ldap.getLdapConfig().setHostnameVerifier(new AnyHostnameVerifier());
    110. 

  110.     return ldap;
    111. 

  111.   }
    112. 

  112. 

  113. 

  114.   /** @throws  Exception  On test failure. */
    115. 

  115.   @Test(groups = {"ssltest"})
    116. 

  116.   public void setEnabledCipherSuites()
    117. 

  117.     throws Exception
    118. 

  118.   {
    119. 

  119.     final Ldap ldap = this.createTLSLdap();
    120. 

  120.     final TLSSocketFactory sf =
    121. 

  121.       (TLSSocketFactory) ldap.getLdapConfig().getSslSocketFactory();
    122. 

  122. 

  123.     AssertJUnit.assertTrue(ldap.connect());
    124. 

  124.     ldap.getSchema("ou=test,dc=vt,dc=edu");
    125. 

  125.     AssertJUnit.assertEquals(
    126. 

  126.       Arrays.asList(((SSLSocket) sf.createSocket()).getEnabledCipherSuites()),
    127. 

  127.       Arrays.asList(sf.getDefaultCipherSuites()));
    128. 

  128.     AssertJUnit.assertNotSame(
    129. 

  129.       Arrays.asList(sf.getDefaultCipherSuites()), Arrays.asList(CIPHERS));
    130. 

  130.     ldap.close();
    131. 

  131. 

  132.     sf.setEnabledCipherSuites(UNKNOWN_CIPHERS);
    133. 

  133.     try {
    134. 

  134.       ldap.connect();
    135. 

  135.       AssertJUnit.fail(
    136. 

  136.         "Should have thrown IllegalArgumentException, no exception thrown");
    137. 

  137.     } catch (IllegalArgumentException e) {
    138. 

  138.       AssertJUnit.assertEquals(IllegalArgumentException.class, e.getClass());
    139. 

  139.     } catch (Exception e) {
    140. 

  140.       AssertJUnit.fail(
    141. 

  141.         "Should have thrown IllegalArgumentException, threw " + e);
    142. 

  142.     }
    143. 

  143.     ldap.close();
    144. 

  144. 

  145.     sf.setEnabledCipherSuites(CIPHERS);
    146. 

  146.     AssertJUnit.assertTrue(ldap.connect());
    147. 

  147.     ldap.getSchema("ou=test,dc=vt,dc=edu");
    148. 

  148.     AssertJUnit.assertEquals(
    149. 

  149.       Arrays.asList(((SSLSocket) sf.createSocket()).getEnabledCipherSuites()),
    150. 

  150.       Arrays.asList(CIPHERS));
    151. 

  151.     ldap.close();
    152. 

  152.   }
    153. 

  153. 

  154. 

  155.   /** @throws  Exception  On test failure. */
    156. 

  156.   @Test(groups = {"ssltest"})
    157. 

  157.   public void setEnabledProtocols()
    158. 

  158.     throws Exception
    159. 

  159.   {
    160. 

  160.     final Ldap ldap = this.createTLSLdap();
    161. 

  161.     final TLSSocketFactory sf =
    162. 

  162.       (TLSSocketFactory) ldap.getLdapConfig().getSslSocketFactory();
    163. 

  163. 

  164.     AssertJUnit.assertTrue(ldap.connect());
    165. 

  165.     ldap.getSchema("ou=test,dc=vt,dc=edu");
    166. 

  166.     AssertJUnit.assertEquals(
    167. 

  167.       Arrays.asList(((SSLSocket) sf.createSocket()).getEnabledProtocols()),
    168. 

  168.       Arrays.asList(ALL_PROTOCOLS));
    169. 

  169.     AssertJUnit.assertNotSame(
    170. 

  170.       Arrays.asList(((SSLSocket) sf.createSocket()).getEnabledProtocols()),
    171. 

  171.       Arrays.asList(PROTOCOLS));
    172. 

  172.     ldap.close();
    173. 

  173. 

  174.     sf.setEnabledProtocols(FAIL_PROTOCOLS);
    175. 

  175.     try {
    176. 

  176.       ldap.connect();
    177. 

  177.       AssertJUnit.fail(
    178. 

  178.         "Should have thrown IllegalArgumentException, no exception thrown");
    179. 

  179.     } catch (IllegalArgumentException e) {
    180. 

  180.       AssertJUnit.assertEquals(IllegalArgumentException.class, e.getClass());
    181. 

  181.     } catch (Exception e) {
    182. 

  182.       AssertJUnit.fail(
    183. 

  183.         "Should have thrown IllegalArgumentException, threw " + e);
    184. 

  184.     }
    185. 

  185.     ldap.close();
    186. 

  186. 

  187.     sf.setEnabledProtocols(UNKNOWN_PROTOCOLS);
    188. 

  188.     try {
    189. 

  189.       ldap.connect();
    190. 

  190.       AssertJUnit.fail(
    191. 

  191.         "Should have thrown IllegalArgumentException, no exception thrown");
    192. 

  192.     } catch (IllegalArgumentException e) {
    193. 

  193.       AssertJUnit.assertEquals(IllegalArgumentException.class, e.getClass());
    194. 

  194.     } catch (Exception e) {
    195. 

  195.       AssertJUnit.fail(
    196. 

  196.         "Should have thrown IllegalArgumentException, threw " + e);
    197. 

  197.     }
    198. 

  198.     ldap.close();
    199. 

  199. 

  200.     sf.setEnabledProtocols(PROTOCOLS);
    201. 

  201.     AssertJUnit.assertTrue(ldap.connect());
    202. 

  202.     ldap.getSchema("ou=test,dc=vt,dc=edu");
    203. 

  203.     AssertJUnit.assertEquals(
    204. 

  204.       Arrays.asList(((SSLSocket) sf.createSocket()).getEnabledProtocols()),
    205. 

  205.       Arrays.asList(PROTOCOLS));
    206. 

  206.     ldap.close();
    207. 

  207.   }
    208. 

  208. }
    209. 

  209.