| package org.bouncycastle.crypto.tls.test; |
| |
| import java.io.IOException; |
| import java.io.PrintStream; |
| import java.util.Vector; |
| |
| import org.bouncycastle.asn1.x509.Certificate; |
| import org.bouncycastle.crypto.tls.AlertDescription; |
| import org.bouncycastle.crypto.tls.AlertLevel; |
| import org.bouncycastle.crypto.tls.CertificateRequest; |
| import org.bouncycastle.crypto.tls.CipherSuite; |
| import org.bouncycastle.crypto.tls.ClientCertificateType; |
| import org.bouncycastle.crypto.tls.DefaultTlsServer; |
| import org.bouncycastle.crypto.tls.ProtocolVersion; |
| import org.bouncycastle.crypto.tls.SignatureAlgorithm; |
| import org.bouncycastle.crypto.tls.TlsEncryptionCredentials; |
| import org.bouncycastle.crypto.tls.TlsSignerCredentials; |
| import org.bouncycastle.crypto.tls.TlsUtils; |
| import org.bouncycastle.util.Arrays; |
| |
| public class MockDTLSServer |
| extends DefaultTlsServer |
| { |
| public void notifyAlertRaised(short alertLevel, short alertDescription, String message, Throwable cause) |
| { |
| PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out; |
| out.println("DTLS server raised alert: " + AlertLevel.getText(alertLevel) |
| + ", " + AlertDescription.getText(alertDescription)); |
| if (message != null) |
| { |
| out.println(message); |
| } |
| if (cause != null) |
| { |
| cause.printStackTrace(out); |
| } |
| } |
| |
| public void notifyAlertReceived(short alertLevel, short alertDescription) |
| { |
| PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out; |
| out.println("DTLS server received alert: " + AlertLevel.getText(alertLevel) |
| + ", " + AlertDescription.getText(alertDescription)); |
| } |
| |
| protected int[] getCipherSuites() |
| { |
| return Arrays.concatenate(super.getCipherSuites(), |
| new int[] |
| { |
| CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, |
| }); |
| } |
| |
| public CertificateRequest getCertificateRequest() throws IOException |
| { |
| short[] certificateTypes = new short[]{ ClientCertificateType.rsa_sign, |
| ClientCertificateType.dss_sign, ClientCertificateType.ecdsa_sign }; |
| |
| Vector serverSigAlgs = null; |
| if (TlsUtils.isSignatureAlgorithmsExtensionAllowed(serverVersion)) |
| { |
| serverSigAlgs = TlsUtils.getDefaultSupportedSignatureAlgorithms(); |
| } |
| |
| Vector certificateAuthorities = new Vector(); |
| certificateAuthorities.addElement(TlsTestUtils.loadCertificateResource("x509-ca.pem").getSubject()); |
| |
| return new CertificateRequest(certificateTypes, serverSigAlgs, certificateAuthorities); |
| } |
| |
| public void notifyClientCertificate(org.bouncycastle.crypto.tls.Certificate clientCertificate) |
| throws IOException |
| { |
| Certificate[] chain = clientCertificate.getCertificateList(); |
| System.out.println("DTLS server received client certificate chain of length " + chain.length); |
| for (int i = 0; i != chain.length; i++) |
| { |
| Certificate entry = chain[i]; |
| // TODO Create fingerprint based on certificate signature algorithm digest |
| System.out.println(" fingerprint:SHA-256 " + TlsTestUtils.fingerprint(entry) + " (" + entry.getSubject() |
| + ")"); |
| } |
| } |
| |
| protected ProtocolVersion getMaximumVersion() |
| { |
| return ProtocolVersion.DTLSv12; |
| } |
| |
| protected ProtocolVersion getMinimumVersion() |
| { |
| return ProtocolVersion.DTLSv10; |
| } |
| |
| protected TlsEncryptionCredentials getRSAEncryptionCredentials() |
| throws IOException |
| { |
| return TlsTestUtils.loadEncryptionCredentials(context, new String[]{"x509-server.pem", "x509-ca.pem"}, |
| "x509-server-key.pem"); |
| } |
| |
| protected TlsSignerCredentials getRSASignerCredentials() throws IOException |
| { |
| return TlsTestUtils.loadSignerCredentials(context, supportedSignatureAlgorithms, SignatureAlgorithm.rsa, |
| "x509-server.pem", "x509-server-key.pem"); |
| } |
| } |