예제 #1
0
        private static void AddFallbackTests(IList testSuite)
        {
            {
                TlsTestConfig c = CreateDtlsTestConfig(ProtocolVersion.DTLSv12);
                c.clientFallback = true;

                testSuite.Add(new TestCaseData(c).SetName("FallbackGood"));
            }

            /*
             * NOTE: Temporarily disabled automatic test runs because of problems getting a clean exit
             * of the DTLS server after a fatal alert. As of writing, manual runs show the correct
             * alerts being raised
             */

            //{
            //    TlsTestConfig c = CreateDtlsTestConfig(ProtocolVersion.DTLSv12);
            //    c.clientOfferVersion = ProtocolVersion.DTLSv10;
            //    c.clientFallback = true;
            //    c.ExpectServerFatalAlert(AlertDescription.inappropriate_fallback);

            //    testSuite.Add(new TestCaseData(c).SetName("FallbackBad"));
            //}

            {
                TlsTestConfig c = CreateDtlsTestConfig(ProtocolVersion.DTLSv12);
                c.clientOfferVersion = ProtocolVersion.DTLSv10;

                testSuite.Add(new TestCaseData(c).SetName("FallbackNone"));
            }
        }
예제 #2
0
        private static void AddFallbackTests(IList testSuite)
        {
            {
                TlsTestConfig c = CreateTlsTestConfig(ProtocolVersion.TLSv12);
                c.clientFallback = true;

                testSuite.Add(new TestCaseData(c).SetName("FallbackGood"));
            }

            {
                TlsTestConfig c = CreateTlsTestConfig(ProtocolVersion.TLSv12);
                c.clientOfferVersion = ProtocolVersion.TLSv11;
                c.clientFallback     = true;
                c.ExpectServerFatalAlert(AlertDescription.inappropriate_fallback);

                testSuite.Add(new TestCaseData(c).SetName("FallbackBad"));
            }

            {
                TlsTestConfig c = CreateTlsTestConfig(ProtocolVersion.TLSv12);
                c.clientOfferVersion = ProtocolVersion.TLSv11;

                testSuite.Add(new TestCaseData(c).SetName("FallbackNone"));
            }
        }
예제 #3
0
        private static void AddVersionTests(IList testSuite, ProtocolVersion version)
        {
            string prefix = version.ToString()
                            .Replace(" ", "")
                            .Replace("\\", "")
                            .Replace(".", "")
                            + "_";

            /*
             * NOTE: Temporarily disabled automatic test runs because of problems getting a clean exit
             * of the DTLS server after a fatal alert. As of writing, manual runs show the correct
             * alerts being raised
             */

            //{
            //    TlsTestConfig c = CreateDtlsTestConfig(version);
            //    c.clientAuth = C.CLIENT_AUTH_INVALID_VERIFY;
            //    c.ExpectServerFatalAlert(AlertDescription.decrypt_error);

            //    testSuite.Add(new TestCaseData(c).SetName(prefix + "BadCertificateVerify"));
            //}

            //{
            //    TlsTestConfig c = CreateDtlsTestConfig(version);
            //    c.clientAuth = C.CLIENT_AUTH_INVALID_CERT;
            //    c.ExpectServerFatalAlert(AlertDescription.bad_certificate);

            //    testSuite.Add(new TestCaseData(c).SetName(prefix + "BadClientCertificate"));
            //}

            //{
            //    TlsTestConfig c = CreateDtlsTestConfig(version);
            //    c.clientAuth = C.CLIENT_AUTH_NONE;
            //    c.serverCertReq = C.SERVER_CERT_REQ_MANDATORY;
            //    c.ExpectServerFatalAlert(AlertDescription.handshake_failure);

            //    testSuite.Add(new TestCaseData(c).SetName(prefix + "BadMandatoryCertReqDeclined"));
            //}

            {
                TlsTestConfig c = CreateDtlsTestConfig(version);

                testSuite.Add(new TestCaseData(c).SetName(prefix + "GoodDefault"));
            }

            {
                TlsTestConfig c = CreateDtlsTestConfig(version);
                c.serverCertReq = C.SERVER_CERT_REQ_NONE;

                testSuite.Add(new TestCaseData(c).SetName(prefix + "GoodNoCertReq"));
            }

            {
                TlsTestConfig c = CreateDtlsTestConfig(version);
                c.clientAuth = C.CLIENT_AUTH_NONE;

                testSuite.Add(new TestCaseData(c).SetName(prefix + "GoodOptionalCertReqDeclined"));
            }
        }
예제 #4
0
        private static TlsTestConfig CreateTlsTestConfig(ProtocolVersion version)
        {
            TlsTestConfig c = new TlsTestConfig();

            c.clientMinimumVersion = ProtocolVersion.TLSv10;
            c.clientOfferVersion   = ProtocolVersion.TLSv12;
            c.serverMaximumVersion = version;
            c.serverMinimumVersion = ProtocolVersion.TLSv10;
            return(c);
        }
예제 #5
0
        private static void AddVersionTests(IList testSuite, ProtocolVersion version)
        {
            string prefix = version.ToString()
                            .Replace(" ", "")
                            .Replace("\\", "")
                            .Replace(".", "")
                            + "_";

            {
                TlsTestConfig c = CreateTlsTestConfig(version);

                testSuite.Add(new TestCaseData(c).SetName(prefix + "GoodDefault"));
            }

            {
                TlsTestConfig c = CreateTlsTestConfig(version);
                c.clientAuth = C.CLIENT_AUTH_INVALID_VERIFY;
                c.ExpectServerFatalAlert(AlertDescription.decrypt_error);

                testSuite.Add(new TestCaseData(c).SetName(prefix + "BadCertificateVerify"));
            }

            {
                TlsTestConfig c = CreateTlsTestConfig(version);
                c.clientAuth = C.CLIENT_AUTH_INVALID_CERT;
                c.ExpectServerFatalAlert(AlertDescription.bad_certificate);

                testSuite.Add(new TestCaseData(c).SetName(prefix + "BadClientCertificate"));
            }

            {
                TlsTestConfig c = CreateTlsTestConfig(version);
                c.clientAuth    = C.CLIENT_AUTH_NONE;
                c.serverCertReq = C.SERVER_CERT_REQ_MANDATORY;
                c.ExpectServerFatalAlert(AlertDescription.handshake_failure);

                testSuite.Add(new TestCaseData(c).SetName(prefix + "BadMandatoryCertReqDeclined"));
            }

            {
                TlsTestConfig c = CreateTlsTestConfig(version);
                c.serverCertReq = C.SERVER_CERT_REQ_NONE;

                testSuite.Add(new TestCaseData(c).SetName(prefix + "GoodNoCertReq"));
            }

            {
                TlsTestConfig c = CreateTlsTestConfig(version);
                c.clientAuth = C.CLIENT_AUTH_NONE;

                testSuite.Add(new TestCaseData(c).SetName(prefix + "GoodOptionalCertReqDeclined"));
            }
        }
예제 #6
0
        private static TlsTestConfig CreateDtlsTestConfig(ProtocolVersion version)
        {
            TlsTestConfig c = new TlsTestConfig();

            c.clientMinimumVersion = ProtocolVersion.DTLSv10;

            /*
             * TODO We'd like to just set the offer version to DTLSv12, but there is a known issue with
             * overly-restrictive version checks b/w BC DTLS 1.2 client, BC DTLS 1.0 server
             */
            c.clientOfferVersion   = version;
            c.serverMaximumVersion = version;
            c.serverMinimumVersion = ProtocolVersion.DTLSv10;
            return(c);
        }
 internal TlsTestServerImpl(TlsTestConfig config)
 {
     this.mConfig = config;
 }
 public DtlsTestClientProtocol(SecureRandom secureRandom, TlsTestConfig config)
     : base(secureRandom)
 {
     this.config = config;
 }
예제 #9
0
        public void RunTest(TlsTestConfig config)
        {
            CheckDtlsVersion(config.clientMinimumVersion);
            CheckDtlsVersion(config.clientOfferVersion);
            CheckDtlsVersion(config.serverMaximumVersion);
            CheckDtlsVersion(config.serverMinimumVersion);

            SecureRandom secureRandom = new SecureRandom();

            DtlsClientProtocol clientProtocol = new DtlsClientProtocol(secureRandom);
            DtlsServerProtocol serverProtocol = new DtlsServerProtocol(secureRandom);

            MockDatagramAssociation network = new MockDatagramAssociation(1500);

            TlsTestClientImpl clientImpl = new TlsTestClientImpl(config);
            TlsTestServerImpl serverImpl = new TlsTestServerImpl(config);

            Server server = new Server(this, serverProtocol, network.Server, serverImpl);

            Thread serverThread = new Thread(new ThreadStart(server.Run));

            serverThread.Start();

            Exception caught = null;

            try
            {
                DatagramTransport clientTransport = network.Client;

                if (TlsTestConfig.DEBUG)
                {
                    clientTransport = new LoggingDatagramTransport(clientTransport, Console.Out);
                }

                DtlsTransport dtlsClient = clientProtocol.Connect(clientImpl, clientTransport);

                for (int i = 1; i <= 10; ++i)
                {
                    byte[] data = new byte[i];
                    Arrays.Fill(data, (byte)i);
                    dtlsClient.Send(data, 0, data.Length);
                }

                byte[] buf = new byte[dtlsClient.GetReceiveLimit()];
                while (dtlsClient.Receive(buf, 0, buf.Length, 100) >= 0)
                {
                }

                dtlsClient.Close();
            }
            catch (Exception e)
            {
                caught = e;
                LogException(caught);
            }

            server.Shutdown(serverThread);

            // TODO Add checks that the various streams were closed

            Assert.AreEqual(config.expectFatalAlertConnectionEnd, clientImpl.FirstFatalAlertConnectionEnd, "Client fatal alert connection end");
            Assert.AreEqual(config.expectFatalAlertConnectionEnd, serverImpl.FirstFatalAlertConnectionEnd, "Server fatal alert connection end");

            Assert.AreEqual(config.expectFatalAlertDescription, clientImpl.FirstFatalAlertDescription, "Client fatal alert description");
            Assert.AreEqual(config.expectFatalAlertDescription, serverImpl.FirstFatalAlertDescription, "Server fatal alert description");

            if (config.expectFatalAlertConnectionEnd == -1)
            {
                Assert.IsNull(caught, "Unexpected client exception");
                Assert.IsNull(server.mCaught, "Unexpected server exception");
            }
        }
 public DtlsTestClientProtocol(SecureRandom secureRandom, TlsTestConfig config)
     : base(secureRandom)
 {
     this.config = config;
 }
예제 #11
0
 internal TlsTestServerImpl(TlsTestConfig config)
 {
     this.mConfig = config;
 }
예제 #12
0
 public TlsTestClientProtocol(Stream stream, SecureRandom secureRandom, TlsTestConfig config)
     : base(stream, secureRandom)
 {
     this.config = config;
 }
 internal TlsTestClientImpl(TlsTestConfig config)
 {
     this.mConfig = config;
 }
예제 #14
0
        public void RunTest(TlsTestConfig config)
        {
            CheckTlsVersion(config.clientMinimumVersion);
            CheckTlsVersion(config.clientOfferVersion);
            CheckTlsVersion(config.serverMaximumVersion);
            CheckTlsVersion(config.serverMinimumVersion);

            SecureRandom secureRandom = new SecureRandom();

            PipedStream clientPipe = new PipedStream();
            PipedStream serverPipe = new PipedStream(clientPipe);

            NetworkStream clientNet = new NetworkStream(clientPipe);
            NetworkStream serverNet = new NetworkStream(serverPipe);

            TlsTestClientProtocol clientProtocol = new TlsTestClientProtocol(clientNet, secureRandom, config);
            TlsTestServerProtocol serverProtocol = new TlsTestServerProtocol(serverNet, secureRandom, config);

            TlsTestClientImpl clientImpl = new TlsTestClientImpl(config);
            TlsTestServerImpl serverImpl = new TlsTestServerImpl(config);

            Server server = new Server(this, serverProtocol, serverImpl);

            Thread serverThread = new Thread(new ThreadStart(server.Run));
            serverThread.Start();

            Exception caught = null;
            try
            {
                clientProtocol.Connect(clientImpl);

                // NOTE: Because we write-all before we read-any, this length can't be more than the pipe capacity
                int length = 1000;

                byte[] data = new byte[length];
                secureRandom.NextBytes(data);
    
                Stream output = clientProtocol.Stream;
                output.Write(data, 0, data.Length);

                byte[] echo = new byte[data.Length];
                int count = Streams.ReadFully(clientProtocol.Stream, echo);

                Assert.AreEqual(count, data.Length);
                Assert.IsTrue(Arrays.AreEqual(data, echo));

                output.Close();
            }
            catch (Exception e)
            {
                caught = e;
                LogException(caught);
            }

            server.AllowExit();
            serverThread.Join();

            Assert.IsTrue(clientNet.IsClosed, "Client Stream not closed");
            Assert.IsTrue(serverNet.IsClosed, "Server Stream not closed");

            Assert.AreEqual(config.expectFatalAlertConnectionEnd, clientImpl.FirstFatalAlertConnectionEnd, "Client fatal alert connection end");
            Assert.AreEqual(config.expectFatalAlertConnectionEnd, serverImpl.FirstFatalAlertConnectionEnd, "Server fatal alert connection end");

            Assert.AreEqual(config.expectFatalAlertDescription, clientImpl.FirstFatalAlertDescription, "Client fatal alert description");
            Assert.AreEqual(config.expectFatalAlertDescription, serverImpl.FirstFatalAlertDescription, "Server fatal alert description");

            if (config.expectFatalAlertConnectionEnd == -1)
            {
                Assert.IsNull(caught, "Unexpected client exception");
                Assert.IsNull(server.mCaught, "Unexpected server exception");
            }
        }
예제 #15
0
 private static void AddTestCase(IList testSuite, TlsTestConfig config, String name)
 {
     testSuite.Add(new TestCaseData(config).SetName(name));
 }
예제 #16
0
        public void RunTest(TlsTestConfig config)
        {
            CheckDtlsVersion(config.clientMinimumVersion);
            CheckDtlsVersion(config.clientOfferVersion);
            CheckDtlsVersion(config.serverMaximumVersion);
            CheckDtlsVersion(config.serverMinimumVersion);

            SecureRandom secureRandom = new SecureRandom();

            DtlsClientProtocol clientProtocol = new DtlsClientProtocol(secureRandom);
            DtlsServerProtocol serverProtocol = new DtlsServerProtocol(secureRandom);

            MockDatagramAssociation network = new MockDatagramAssociation(1500);

            TlsTestClientImpl clientImpl = new TlsTestClientImpl(config);
            TlsTestServerImpl serverImpl = new TlsTestServerImpl(config);

            Server server = new Server(this, serverProtocol, network.Server, serverImpl);

            Thread serverThread = new Thread(new ThreadStart(server.Run));
            serverThread.Start();

            Exception caught = null;
            try
            {
                DatagramTransport clientTransport = network.Client;

                if (TlsTestConfig.DEBUG)
                {
                    clientTransport = new LoggingDatagramTransport(clientTransport, Console.Out);
                }

                DtlsTransport dtlsClient = clientProtocol.Connect(clientImpl, clientTransport);

                for (int i = 1; i <= 10; ++i)
                {
                    byte[] data = new byte[i];
                    Arrays.Fill(data, (byte)i);
                    dtlsClient.Send(data, 0, data.Length);
                }
    
                byte[] buf = new byte[dtlsClient.GetReceiveLimit()];
                while (dtlsClient.Receive(buf, 0, buf.Length, 100) >= 0)
                {
                }
    
                dtlsClient.Close();
            }
            catch (Exception e)
            {
                caught = e;
                LogException(caught);
            }

            server.Shutdown(serverThread);

            // TODO Add checks that the various streams were closed

            Assert.AreEqual(config.expectFatalAlertConnectionEnd, clientImpl.FirstFatalAlertConnectionEnd, "Client fatal alert connection end");
            Assert.AreEqual(config.expectFatalAlertConnectionEnd, serverImpl.FirstFatalAlertConnectionEnd, "Server fatal alert connection end");

            Assert.AreEqual(config.expectFatalAlertDescription, clientImpl.FirstFatalAlertDescription, "Client fatal alert description");
            Assert.AreEqual(config.expectFatalAlertDescription, serverImpl.FirstFatalAlertDescription, "Server fatal alert description");

            if (config.expectFatalAlertConnectionEnd == -1)
            {
                Assert.IsNull(caught, "Unexpected client exception");
                Assert.IsNull(server.mCaught, "Unexpected server exception");
            }
        }
예제 #17
0
 internal TlsTestClientImpl(TlsTestConfig config)
 {
     this.mConfig = config;
 }
예제 #18
0
        private static void AddVersionTests(IList testSuite, ProtocolVersion version)
        {
            string prefix = version.ToString()
                            .Replace(" ", "")
                            .Replace("\\", "")
                            .Replace(".", "")
                            + "_";

            /*
             * NOTE: Temporarily disabled automatic test runs because of problems getting a clean exit
             * of the DTLS server after a fatal alert. As of writing, manual runs show the correct
             * alerts being raised
             */

#if false
            /*
             * Server only declares support for SHA1/RSA, client selects MD5/RSA. Since the client is
             * NOT actually tracking MD5 over the handshake, we expect fatal alert from the client.
             */
            if (TlsUtilities.IsTlsV12(version))
            {
                TlsTestConfig c = CreateDtlsTestConfig(version);
                c.clientAuth           = C.CLIENT_AUTH_VALID;
                c.clientAuthSigAlg     = new SignatureAndHashAlgorithm(HashAlgorithm.md5, SignatureAlgorithm.rsa);
                c.serverCertReqSigAlgs = TlsUtilities.GetDefaultRsaSignatureAlgorithms();
                c.ExpectClientFatalAlert(AlertDescription.internal_error);

                AddTestCase(testSuite, c, prefix + "BadCertificateVerifyHashAlg");
            }

            /*
             * Server only declares support for SHA1/ECDSA, client selects SHA1/RSA. Since the client is
             * actually tracking SHA1 over the handshake, we expect fatal alert to come from the server
             * when it verifies the selected algorithm against the CertificateRequest supported
             * algorithms.
             */
            if (TlsUtilities.IsTlsV12(version))
            {
                TlsTestConfig c = CreateDtlsTestConfig(version);
                c.clientAuth           = C.CLIENT_AUTH_VALID;
                c.clientAuthSigAlg     = new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.rsa);
                c.serverCertReqSigAlgs = TlsUtilities.GetDefaultECDsaSignatureAlgorithms();
                c.ExpectServerFatalAlert(AlertDescription.illegal_parameter);

                AddTestCase(testSuite, c, prefix + "BadCertificateVerifySigAlg");
            }

            /*
             * Server only declares support for SHA1/ECDSA, client signs with SHA1/RSA, but sends
             * SHA1/ECDSA in the CertificateVerify. Since the client is actually tracking SHA1 over the
             * handshake, and the claimed algorithm is in the CertificateRequest supported algorithms,
             * we expect fatal alert to come from the server when it finds the claimed algorithm
             * doesn't match the client certificate.
             */
            if (TlsUtilities.IsTlsV12(version))
            {
                TlsTestConfig c = CreateDtlsTestConfig(version);
                c.clientAuth              = C.CLIENT_AUTH_VALID;
                c.clientAuthSigAlg        = new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.rsa);
                c.clientAuthSigAlgClaimed = new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.ecdsa);
                c.serverCertReqSigAlgs    = TlsUtilities.GetDefaultECDsaSignatureAlgorithms();
                c.ExpectServerFatalAlert(AlertDescription.decrypt_error);

                AddTestCase(testSuite, c, prefix + "BadCertificateVerifySigAlgMismatch");
            }

            {
                TlsTestConfig c = CreateDtlsTestConfig(version);
                c.clientAuth = C.CLIENT_AUTH_INVALID_VERIFY;
                c.ExpectServerFatalAlert(AlertDescription.decrypt_error);

                AddTestCase(testSuite, c, prefix + "BadCertificateVerifySignature");
            }

            {
                TlsTestConfig c = CreateDtlsTestConfig(version);
                c.clientAuth = C.CLIENT_AUTH_INVALID_CERT;
                c.ExpectServerFatalAlert(AlertDescription.bad_certificate);

                AddTestCase(testSuite, c, prefix + "BadClientCertificate");
            }

            {
                TlsTestConfig c = CreateDtlsTestConfig(version);
                c.clientAuth    = C.CLIENT_AUTH_NONE;
                c.serverCertReq = C.SERVER_CERT_REQ_MANDATORY;
                c.ExpectServerFatalAlert(AlertDescription.handshake_failure);

                AddTestCase(testSuite, c, prefix + "BadMandatoryCertReqDeclined");
            }

            /*
             * Server selects MD5/RSA for ServerKeyExchange signature, which is not in the default
             * supported signature algorithms that the client sent. We expect fatal alert from the
             * client when it verifies the selected algorithm against the supported algorithms.
             */
            if (TlsUtilities.IsTlsV12(version))
            {
                TlsTestConfig c = CreateDtlsTestConfig(version);
                c.serverAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.md5, SignatureAlgorithm.rsa);
                c.ExpectClientFatalAlert(AlertDescription.illegal_parameter);

                AddTestCase(testSuite, c, prefix + "BadServerKeyExchangeSigAlg");
            }

            /*
             * Server selects MD5/RSA for ServerKeyExchange signature, which is not the default {sha1,rsa}
             * implied by the absent signature_algorithms extension. We expect fatal alert from the
             * client when it verifies the selected algorithm against the implicit default.
             */
            if (TlsUtilities.IsTlsV12(version))
            {
                TlsTestConfig c = CreateDtlsTestConfig(version);
                c.clientSendSignatureAlgorithms = false;
                c.serverAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.md5, SignatureAlgorithm.rsa);
                c.ExpectClientFatalAlert(AlertDescription.illegal_parameter);

                AddTestCaseDebug(testSuite, c, prefix + "BadServerKeyExchangeSigAlg2");
            }
#endif

            {
                TlsTestConfig c = CreateDtlsTestConfig(version);

                AddTestCase(testSuite, c, prefix + "GoodDefault");
            }

            {
                TlsTestConfig c = CreateDtlsTestConfig(version);
                c.serverCertReq = C.SERVER_CERT_REQ_NONE;

                AddTestCase(testSuite, c, prefix + "GoodNoCertReq");
            }

            {
                TlsTestConfig c = CreateDtlsTestConfig(version);
                c.clientAuth = C.CLIENT_AUTH_NONE;

                AddTestCase(testSuite, c, prefix + "GoodOptionalCertReqDeclined");
            }
        }
예제 #19
0
 private static void AddTestCase(IList testSuite, TlsTestConfig config, String name)
 {
     testSuite.Add(new TestCaseData(config).SetName(name));
 }
예제 #20
0
        public void RunTest(TlsTestConfig config)
        {
            CheckTlsVersion(config.clientMinimumVersion);
            CheckTlsVersion(config.clientOfferVersion);
            CheckTlsVersion(config.serverMaximumVersion);
            CheckTlsVersion(config.serverMinimumVersion);

            SecureRandom secureRandom = new SecureRandom();

            PipedStream clientPipe = new PipedStream();
            PipedStream serverPipe = new PipedStream(clientPipe);

            NetworkStream clientNet = new NetworkStream(clientPipe);
            NetworkStream serverNet = new NetworkStream(serverPipe);

            TlsTestClientProtocol clientProtocol = new TlsTestClientProtocol(clientNet, secureRandom, config);
            TlsTestServerProtocol serverProtocol = new TlsTestServerProtocol(serverNet, secureRandom, config);

            TlsTestClientImpl clientImpl = new TlsTestClientImpl(config);
            TlsTestServerImpl serverImpl = new TlsTestServerImpl(config);

            Server server = new Server(this, serverProtocol, serverImpl);

            Thread serverThread = new Thread(new ThreadStart(server.Run));

            serverThread.Start();

            Exception caught = null;

            try
            {
                clientProtocol.Connect(clientImpl);

                // NOTE: Because we write-all before we read-any, this length can't be more than the pipe capacity
                int length = 1000;

                byte[] data = new byte[length];
                secureRandom.NextBytes(data);

                Stream output = clientProtocol.Stream;
                output.Write(data, 0, data.Length);

                byte[] echo  = new byte[data.Length];
                int    count = Streams.ReadFully(clientProtocol.Stream, echo);

                Assert.AreEqual(count, data.Length);
                Assert.IsTrue(Arrays.AreEqual(data, echo));

                output.Close();
            }
            catch (Exception e)
            {
                caught = e;
                LogException(caught);
            }

            server.AllowExit();
            serverThread.Join();

            Assert.IsTrue(clientNet.IsClosed, "Client Stream not closed");
            Assert.IsTrue(serverNet.IsClosed, "Server Stream not closed");

            Assert.AreEqual(config.expectFatalAlertConnectionEnd, clientImpl.FirstFatalAlertConnectionEnd, "Client fatal alert connection end");
            Assert.AreEqual(config.expectFatalAlertConnectionEnd, serverImpl.FirstFatalAlertConnectionEnd, "Server fatal alert connection end");

            Assert.AreEqual(config.expectFatalAlertDescription, clientImpl.FirstFatalAlertDescription, "Client fatal alert description");
            Assert.AreEqual(config.expectFatalAlertDescription, serverImpl.FirstFatalAlertDescription, "Server fatal alert description");

            if (config.expectFatalAlertConnectionEnd == -1)
            {
                Assert.IsNull(caught, "Unexpected client exception");
                Assert.IsNull(server.mCaught, "Unexpected server exception");
            }
        }
예제 #21
0
 private static TlsTestConfig CreateDtlsTestConfig(ProtocolVersion version)
 {
     TlsTestConfig c = new TlsTestConfig();
     c.clientMinimumVersion = ProtocolVersion.DTLSv10;
     c.clientOfferVersion = ProtocolVersion.DTLSv12;
     c.serverMaximumVersion = version;
     c.serverMinimumVersion = ProtocolVersion.DTLSv10;
     return c;
 }
예제 #22
0
 private static TlsTestConfig CreateDtlsTestConfig(ProtocolVersion version)
 {
     TlsTestConfig c = new TlsTestConfig();
     c.clientMinimumVersion = ProtocolVersion.DTLSv10;
     /*
      * TODO We'd like to just set the offer version to DTLSv12, but there is a known issue with
      * overly-restrictive version checks b/w BC DTLS 1.2 client, BC DTLS 1.0 server
      */
     c.clientOfferVersion = version;
     c.serverMaximumVersion = version;
     c.serverMinimumVersion = ProtocolVersion.DTLSv10;
     return c;
 }