bcprov/src/main/java/org/bouncycastle/crypto/tls/test/MockTlsClient.java - platform/external/bouncycastle - Git at Google

 package org.bouncycastle.crypto.tls.test;

 import java.io.IOException;
 import java.io.PrintStream;
 import java.util.Hashtable;

 import org.bouncycastle.asn1.x509.Certificate;
 import org.bouncycastle.crypto.tls.AlertDescription;
 import org.bouncycastle.crypto.tls.AlertLevel;
 import org.bouncycastle.crypto.tls.CertificateRequest;
 import org.bouncycastle.crypto.tls.CipherSuite;
 import org.bouncycastle.crypto.tls.ClientCertificateType;
 import org.bouncycastle.crypto.tls.DefaultTlsClient;
 import org.bouncycastle.crypto.tls.MaxFragmentLength;
 import org.bouncycastle.crypto.tls.ProtocolVersion;
 import org.bouncycastle.crypto.tls.SignatureAlgorithm;
 import org.bouncycastle.crypto.tls.TlsAuthentication;
 import org.bouncycastle.crypto.tls.TlsCredentials;
 import org.bouncycastle.crypto.tls.TlsExtensionsUtils;
 import org.bouncycastle.crypto.tls.TlsSession;
 import org.bouncycastle.util.Arrays;
 import org.bouncycastle.util.encoders.Hex;

 class MockTlsClient
     extends DefaultTlsClient
 {
     TlsSession session;

     MockTlsClient(TlsSession session)
     {
         this.session = session;
     }

     public TlsSession getSessionToResume()
     {
         return this.session;
     }

     public void notifyAlertRaised(short alertLevel, short alertDescription, String message, Throwable cause)
     {
         PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;
         out.println("TLS client raised alert: " + AlertLevel.getText(alertLevel)
             + ", " + AlertDescription.getText(alertDescription));
         if (message != null)
         {
             out.println("> " + message);
         }
         if (cause != null)
         {
             cause.printStackTrace(out);
         }
     }

     public void notifyAlertReceived(short alertLevel, short alertDescription)
     {
         PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;
         out.println("TLS client received alert: " + AlertLevel.getText(alertLevel)
             + ", " + AlertDescription.getText(alertDescription));
     }

 //    public int[] getCipherSuites()
 //    {
 //        return Arrays.concatenate(super.getCipherSuites(),
 //            new int[]
 //            {
 //                CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
 //            });
 //    }

     public Hashtable getClientExtensions() throws IOException
     {
         Hashtable clientExtensions = TlsExtensionsUtils.ensureExtensionsInitialised(super.getClientExtensions());
         TlsExtensionsUtils.addEncryptThenMACExtension(clientExtensions);
         {
             /*
              * NOTE: If you are copying test code, do not blindly set these extensions in your own client.
              */
             TlsExtensionsUtils.addMaxFragmentLengthExtension(clientExtensions, MaxFragmentLength.pow2_9);
             TlsExtensionsUtils.addPaddingExtension(clientExtensions, context.getSecureRandom().nextInt(16));
             TlsExtensionsUtils.addTruncatedHMacExtension(clientExtensions);
         }
         return clientExtensions;
     }

     public void notifyServerVersion(ProtocolVersion serverVersion) throws IOException
     {
         super.notifyServerVersion(serverVersion);

         System.out.println("TLS client negotiated " + serverVersion);
     }

     public TlsAuthentication getAuthentication()
         throws IOException
     {
         return new TlsAuthentication()
         {
             public void notifyServerCertificate(org.bouncycastle.crypto.tls.Certificate serverCertificate)
                 throws IOException
             {
                 Certificate[] chain = serverCertificate.getCertificateList();
                 System.out.println("TLS client received server certificate chain of length " + chain.length);
                 for (int i = 0; i != chain.length; i++)
                 {
                     Certificate entry = chain[i];
                     // TODO Create fingerprint based on certificate signature algorithm digest
                     System.out.println("    fingerprint:SHA-256 " + TlsTestUtils.fingerprint(entry) + " ("
                         + entry.getSubject() + ")");
                 }
             }

             public TlsCredentials getClientCredentials(CertificateRequest certificateRequest)
                 throws IOException
             {
                 short[] certificateTypes = certificateRequest.getCertificateTypes();
                 if (certificateTypes == null || !Arrays.contains(certificateTypes, ClientCertificateType.rsa_sign))
                 {
                     return null;
                 }

                 return TlsTestUtils.loadSignerCredentials(context, certificateRequest.getSupportedSignatureAlgorithms(),
                     SignatureAlgorithm.rsa, "x509-client.pem", "x509-client-key.pem");
             }
         };
     }

     public void notifyHandshakeComplete() throws IOException
     {
         super.notifyHandshakeComplete();

         TlsSession newSession = context.getResumableSession();
         if (newSession != null)
         {
             byte[] newSessionID = newSession.getSessionID();
             String hex = Hex.toHexString(newSessionID);

             if (this.session != null && Arrays.areEqual(this.session.getSessionID(), newSessionID))
             {
                 System.out.println("Resumed session: " + hex);
             }
             else
             {
                 System.out.println("Established session: " + hex);
             }

             this.session = newSession;
         }
     }
 }
	package org.bouncycastle.crypto.tls.test;

	import java.io.IOException;
	import java.io.PrintStream;
	import java.util.Hashtable;

	import org.bouncycastle.asn1.x509.Certificate;
	import org.bouncycastle.crypto.tls.AlertDescription;
	import org.bouncycastle.crypto.tls.AlertLevel;
	import org.bouncycastle.crypto.tls.CertificateRequest;
	import org.bouncycastle.crypto.tls.CipherSuite;
	import org.bouncycastle.crypto.tls.ClientCertificateType;
	import org.bouncycastle.crypto.tls.DefaultTlsClient;
	import org.bouncycastle.crypto.tls.MaxFragmentLength;
	import org.bouncycastle.crypto.tls.ProtocolVersion;
	import org.bouncycastle.crypto.tls.SignatureAlgorithm;
	import org.bouncycastle.crypto.tls.TlsAuthentication;
	import org.bouncycastle.crypto.tls.TlsCredentials;
	import org.bouncycastle.crypto.tls.TlsExtensionsUtils;
	import org.bouncycastle.crypto.tls.TlsSession;
	import org.bouncycastle.util.Arrays;
	import org.bouncycastle.util.encoders.Hex;

	class MockTlsClient
	extends DefaultTlsClient
	{
	TlsSession session;

	MockTlsClient(TlsSession session)
	{
	this.session = session;
	}

	public TlsSession getSessionToResume()
	{
	return this.session;
	}

	public void notifyAlertRaised(short alertLevel, short alertDescription, String message, Throwable cause)
	{
	PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;
	out.println("TLS client raised alert: " + AlertLevel.getText(alertLevel)
	+ ", " + AlertDescription.getText(alertDescription));
	if (message != null)
	{
	out.println("> " + message);
	}
	if (cause != null)
	{
	cause.printStackTrace(out);
	}
	}

	public void notifyAlertReceived(short alertLevel, short alertDescription)
	{
	PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;
	out.println("TLS client received alert: " + AlertLevel.getText(alertLevel)
	+ ", " + AlertDescription.getText(alertDescription));
	}

	// public int[] getCipherSuites()
	// {
	// return Arrays.concatenate(super.getCipherSuites(),
	// new int[]
	// {
	// CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
	// });
	// }

	public Hashtable getClientExtensions() throws IOException
	{
	Hashtable clientExtensions = TlsExtensionsUtils.ensureExtensionsInitialised(super.getClientExtensions());
	TlsExtensionsUtils.addEncryptThenMACExtension(clientExtensions);
	{
	/*
	* NOTE: If you are copying test code, do not blindly set these extensions in your own client.
	*/
	TlsExtensionsUtils.addMaxFragmentLengthExtension(clientExtensions, MaxFragmentLength.pow2_9);
	TlsExtensionsUtils.addPaddingExtension(clientExtensions, context.getSecureRandom().nextInt(16));
	TlsExtensionsUtils.addTruncatedHMacExtension(clientExtensions);
	}
	return clientExtensions;
	}

	public void notifyServerVersion(ProtocolVersion serverVersion) throws IOException
	{
	super.notifyServerVersion(serverVersion);

	System.out.println("TLS client negotiated " + serverVersion);
	}

	public TlsAuthentication getAuthentication()
	throws IOException
	{
	return new TlsAuthentication()
	{
	public void notifyServerCertificate(org.bouncycastle.crypto.tls.Certificate serverCertificate)
	throws IOException
	{
	Certificate[] chain = serverCertificate.getCertificateList();
	System.out.println("TLS client received server certificate chain of length " + chain.length);
	for (int i = 0; i != chain.length; i++)
	{
	Certificate entry = chain[i];
	// TODO Create fingerprint based on certificate signature algorithm digest
	System.out.println(" fingerprint:SHA-256 " + TlsTestUtils.fingerprint(entry) + " ("
	+ entry.getSubject() + ")");
	}
	}

	public TlsCredentials getClientCredentials(CertificateRequest certificateRequest)
	throws IOException
	{
	short[] certificateTypes = certificateRequest.getCertificateTypes();
	if (certificateTypes == null \|\| !Arrays.contains(certificateTypes, ClientCertificateType.rsa_sign))
	{
	return null;
	}

	return TlsTestUtils.loadSignerCredentials(context, certificateRequest.getSupportedSignatureAlgorithms(),
	SignatureAlgorithm.rsa, "x509-client.pem", "x509-client-key.pem");
	}
	};
	}

	public void notifyHandshakeComplete() throws IOException
	{
	super.notifyHandshakeComplete();

	TlsSession newSession = context.getResumableSession();
	if (newSession != null)
	{
	byte[] newSessionID = newSession.getSessionID();
	String hex = Hex.toHexString(newSessionID);

	if (this.session != null && Arrays.areEqual(this.session.getSessionID(), newSessionID))
	{
	System.out.println("Resumed session: " + hex);
	}
	else
	{
	System.out.println("Established session: " + hex);
	}

	this.session = newSession;
	}
	}
	}