summaryrefslogtreecommitdiffstats
path: root/test
diff options
context:
space:
mode:
authorTarun Gupta <tarun1995gupta@gmail.com>2015-07-24 17:01:42 (GMT)
committerNick Hudson <nick.hudson@isode.com>2015-08-14 15:32:08 (GMT)
commit0a1f7199e26523dd2693f44a5841c5434cc9000d (patch)
tree8f28ebb20fbe60f420ea25055955ac3d246db549 /test
parentdc2b35bee48261e8b06e12bd82a434af118e035e (diff)
downloadstroke-0a1f7199e26523dd2693f44a5841c5434cc9000d.zip
stroke-0a1f7199e26523dd2693f44a5841c5434cc9000d.tar.bz2
Completes TLS & Session.
Adds TLSError and TLSOptions. Updates BasicSessionStream, SessionStream and Session. Updates Client and Components to accomodate changes in TLS. Also completes TLSLayer in StreamStack which was pending due to TLS port. License: This patch is BSD-licensed, see Documentation/Licenses/BSD-simplified.txt for details. Test-Information: Tests added for Certificate and ServerIdentityVerifier. Test updated for ComponentSession. All tests pass. Change-Id: I34a8fe068c1e8af5348cc4ab49d3d1ed118ae833
Diffstat (limited to 'test')
-rw-r--r--test/com/isode/stroke/component/ComponentSessionTest.java8
-rw-r--r--test/com/isode/stroke/tls/CertificateTest.java36
-rw-r--r--test/com/isode/stroke/tls/ServerIdentityVerifierTest.java185
3 files changed, 227 insertions, 2 deletions
diff --git a/test/com/isode/stroke/component/ComponentSessionTest.java b/test/com/isode/stroke/component/ComponentSessionTest.java
index c7fa36b..5d6d21e 100644
--- a/test/com/isode/stroke/component/ComponentSessionTest.java
+++ b/test/com/isode/stroke/component/ComponentSessionTest.java
@@ -65,13 +65,17 @@ public class ComponentSessionTest {
}
public void close() {
- onClosed.emit((SessionStream.Error)null);
+ onClosed.emit((SessionStream.SessionStreamError)null);
}
public boolean isOpen() {
return available;
}
+ public void disconnect() {
+
+ }
+
public void writeHeader(final ProtocolHeader header) {
receivedEvents.add(new Event(header));
}
@@ -133,7 +137,7 @@ public class ComponentSessionTest {
}
public void breakConnection() {
- onClosed.emit(new SessionStream.Error(SessionStream.Error.Type.ConnectionReadError));
+ onClosed.emit(new SessionStream.SessionStreamError(SessionStream.SessionStreamError.Type.ConnectionReadError));
}
public void sendStreamStart() {
diff --git a/test/com/isode/stroke/tls/CertificateTest.java b/test/com/isode/stroke/tls/CertificateTest.java
new file mode 100644
index 0000000..44d6701
--- /dev/null
+++ b/test/com/isode/stroke/tls/CertificateTest.java
@@ -0,0 +1,36 @@
+/*
+ * Copyright (c) 2010-2013 Isode Limited.
+ * All rights reserved.
+ * See the COPYING file for more information.
+ */
+/*
+ * Copyright (c) 2015 Tarun Gupta.
+ * Licensed under the simplified BSD license.
+ * See Documentation/Licenses/BSD-simplified.txt for more information.
+ */
+
+package com.isode.stroke.tls;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+import org.junit.Test;
+import org.junit.Before;
+import com.isode.stroke.crypto.CryptoProvider;
+import com.isode.stroke.crypto.JavaCryptoProvider;
+import com.isode.stroke.tls.SimpleCertificate;
+import com.isode.stroke.tls.Certificate;
+import com.isode.stroke.base.ByteArray;
+
+public class CertificateTest {
+
+ @Test
+ public void testGetSHA1Fingerprint() {
+ SimpleCertificate testling = new SimpleCertificate();
+ testling.setDER(new ByteArray("abcdefg"));
+
+ assertEquals("2f:b5:e1:34:19:fc:89:24:68:65:e7:a3:24:f4:76:ec:62:4e:87:40", Certificate.getSHA1Fingerprint(testling, new JavaCryptoProvider()));
+ }
+}
diff --git a/test/com/isode/stroke/tls/ServerIdentityVerifierTest.java b/test/com/isode/stroke/tls/ServerIdentityVerifierTest.java
new file mode 100644
index 0000000..17a8c5a
--- /dev/null
+++ b/test/com/isode/stroke/tls/ServerIdentityVerifierTest.java
@@ -0,0 +1,185 @@
+/*
+ * Copyright (c) 2010 Isode Limited.
+ * All rights reserved.
+ * See the COPYING file for more information.
+ */
+/*
+ * Copyright (c) 2015 Tarun Gupta.
+ * Licensed under the simplified BSD license.
+ * See Documentation/Licenses/BSD-simplified.txt for more information.
+ */
+
+package com.isode.stroke.tls;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+import org.junit.Test;
+import org.junit.Before;
+import com.isode.stroke.crypto.CryptoProvider;
+import com.isode.stroke.crypto.JavaCryptoProvider;
+import com.isode.stroke.tls.SimpleCertificate;
+import com.isode.stroke.tls.Certificate;
+import com.isode.stroke.tls.ServerIdentityVerifier;
+import com.isode.stroke.base.ByteArray;
+import com.isode.stroke.idn.IDNConverter;
+import com.isode.stroke.idn.ICUConverter;
+import com.isode.stroke.jid.JID;
+
+public class ServerIdentityVerifierTest {
+
+ private IDNConverter idnConverter;
+
+ @Before
+ public void setUp() {
+ idnConverter = new ICUConverter();
+ }
+
+ @Test
+ public void testCertificateVerifies_WithoutMatchingDNSName() {
+ ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@bar.com/baz"), idnConverter);
+ SimpleCertificate certificate = new SimpleCertificate();
+ certificate.addDNSName("foo.com");
+
+ assertFalse(testling.certificateVerifies(certificate));
+ }
+
+ @Test
+ public void testCertificateVerifies_WithMatchingDNSName() {
+ ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@bar.com/baz"), idnConverter);
+ SimpleCertificate certificate = new SimpleCertificate();
+ certificate.addDNSName("bar.com");
+
+ assertTrue(testling.certificateVerifies(certificate));
+ }
+
+ @Test
+ public void testCertificateVerifies_WithSecondMatchingDNSName() {
+ ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@bar.com/baz"), idnConverter);
+ SimpleCertificate certificate = new SimpleCertificate();
+ certificate.addDNSName("foo.com");
+ certificate.addDNSName("bar.com");
+
+ assertTrue(testling.certificateVerifies(certificate));
+ }
+
+ @Test
+ public void testCertificateVerifies_WithMatchingInternationalDNSName() {
+ ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@tronçon.com/baz"), idnConverter);
+ SimpleCertificate certificate = new SimpleCertificate();
+ certificate.addDNSName("xn--tronon-zua.com");
+
+ assertTrue(testling.certificateVerifies(certificate));
+ }
+
+ @Test
+ public void testCertificateVerifies_WithMatchingDNSNameWithWildcard() {
+ ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@im.bar.com/baz"), idnConverter);
+ SimpleCertificate certificate = new SimpleCertificate();
+ certificate.addDNSName("*.bar.com");
+
+ assertTrue(testling.certificateVerifies(certificate));
+ }
+
+ @Test
+ public void testCertificateVerifies_WithMatchingDNSNameWithWildcardMatchingNoComponents() {
+ ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@bar.com/baz"), idnConverter);
+ SimpleCertificate certificate = new SimpleCertificate();
+ certificate.addDNSName("*.bar.com");
+
+ assertFalse(testling.certificateVerifies(certificate));
+ }
+
+ @Test
+ public void testCertificateVerifies_WithDNSNameWithWildcardMatchingTwoComponents() {
+ ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@xmpp.im.bar.com/baz"), idnConverter);
+ SimpleCertificate certificate = new SimpleCertificate();
+ certificate.addDNSName("*.bar.com");
+
+ assertFalse(testling.certificateVerifies(certificate));
+ }
+
+ @Test
+ public void testCertificateVerifies_WithMatchingSRVNameWithoutService() {
+ ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@bar.com/baz"), idnConverter);
+ SimpleCertificate certificate = new SimpleCertificate();
+ certificate.addSRVName("bar.com");
+
+ assertFalse(testling.certificateVerifies(certificate));
+ }
+
+ @Test
+ public void testCertificateVerifies_WithMatchingSRVNameWithService() {
+ ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@bar.com/baz"), idnConverter);
+ SimpleCertificate certificate = new SimpleCertificate();
+ certificate.addSRVName("_xmpp-client.bar.com");
+
+ assertTrue(testling.certificateVerifies(certificate));
+ }
+
+ @Test
+ public void testCertificateVerifies_WithMatchingSRVNameWithServiceAndWildcard() {
+ ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@im.bar.com/baz"), idnConverter);
+ SimpleCertificate certificate = new SimpleCertificate();
+ certificate.addSRVName("_xmpp-client.*.bar.com");
+
+ assertTrue(testling.certificateVerifies(certificate));
+ }
+
+ @Test
+ public void testCertificateVerifies_WithMatchingSRVNameWithDifferentService() {
+ ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@bar.com/baz"), idnConverter);
+ SimpleCertificate certificate = new SimpleCertificate();
+ certificate.addSRVName("_xmpp-server.bar.com");
+
+ assertFalse(testling.certificateVerifies(certificate));
+ }
+
+ @Test
+ public void testCertificateVerifies_WithMatchingXmppAddr() {
+ ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@bar.com/baz"), idnConverter);
+ SimpleCertificate certificate = new SimpleCertificate();
+ certificate.addXMPPAddress("bar.com");
+
+ assertTrue(testling.certificateVerifies(certificate));
+ }
+
+ @Test
+ public void testCertificateVerifies_WithMatchingXmppAddrWithWildcard() {
+ ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@im.bar.com/baz"), idnConverter);
+ SimpleCertificate certificate = new SimpleCertificate();
+ certificate.addXMPPAddress("*.bar.com");
+
+ assertFalse(testling.certificateVerifies(certificate));
+ }
+
+ @Test
+ public void testCertificateVerifies_WithMatchingInternationalXmppAddr() {
+ ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@tronçon.com/baz"), idnConverter);
+ SimpleCertificate certificate = new SimpleCertificate();
+ certificate.addXMPPAddress("tronçon.com");
+
+ assertTrue(testling.certificateVerifies(certificate));
+ }
+
+ @Test
+ public void testCertificateVerifies_WithMatchingCNWithoutSAN() {
+ ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@bar.com/baz"), idnConverter);
+ SimpleCertificate certificate = new SimpleCertificate();
+ certificate.addCommonName("bar.com");
+
+ assertTrue(testling.certificateVerifies(certificate));
+ }
+
+ @Test
+ public void testCertificateVerifies_WithMatchingCNWithSAN() {
+ ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@bar.com/baz"), idnConverter);
+ SimpleCertificate certificate = new SimpleCertificate();
+ certificate.addSRVName("foo.com");
+ certificate.addCommonName("bar.com");
+
+ assertFalse(testling.certificateVerifies(certificate));
+ }
+} \ No newline at end of file