WolfSSL
/
wolfssljni
mirror of https://github.com/wolfSSL/wolfssljni.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #143 from cconlon/supportedCurves 

Add wolfjsse.enabledSupportedCurves Security Property Support
pull/141/head
JacobBarthelmeh 2023-08-03 15:04:29 -06:00 committed by GitHub
parent f2e2a2f985 02c1cb8f4d
commit f905670413
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 537 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
native/com_wolfssl_WolfSSL.h
View File

@ -199,6 +199,80 @@ extern "C" {
#define com_wolfssl_WolfSSL_ECDSAk 518L
#undef com_wolfssl_WolfSSL_ED25519k
#define com_wolfssl_WolfSSL_ED25519k 256L
#undef com_wolfssl_WolfSSL_WOLFSSL_NAMED_GROUP_INVALID
#define com_wolfssl_WolfSSL_WOLFSSL_NAMED_GROUP_INVALID 0L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_SECT163K1
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_SECT163K1 1L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_SECT163R1
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_SECT163R1 2L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_SECT163R2
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_SECT163R2 3L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_SECT193R1
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_SECT193R1 4L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_SECT193R2
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_SECT193R2 5L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_SECT233K1
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_SECT233K1 6L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_SECT233R1
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_SECT233R1 7L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_SECT239K1
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_SECT239K1 8L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_SECT283K1
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_SECT283K1 9L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_SECT283R1
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_SECT283R1 10L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_SECT409K1
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_SECT409K1 11L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_SECT409R1
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_SECT409R1 12L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_SECT571K1
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_SECT571K1 13L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_SECT571R1
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_SECT571R1 14L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_SECP160K1
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_SECP160K1 15L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_SECP160R1
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_SECP160R1 16L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_SECP160R2
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_SECP160R2 17L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_SECP192K1
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_SECP192K1 18L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_SECP192R1
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_SECP192R1 19L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_SECP224K1
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_SECP224K1 20L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_SECP224R1
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_SECP224R1 21L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_SECP256K1
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_SECP256K1 22L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_SECP256R1
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_SECP256R1 23L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_SECP384R1
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_SECP384R1 24L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_SECP521R1
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_SECP521R1 25L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_BRAINPOOLP256R1
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_BRAINPOOLP256R1 26L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_BRAINPOOLP384R1
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_BRAINPOOLP384R1 27L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_BRAINPOOLP512R1
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_BRAINPOOLP512R1 28L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_X25519
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_X25519 29L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_X448
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_X448 30L
#undef com_wolfssl_WolfSSL_WOLFSSL_ECC_SM2P256V1
#define com_wolfssl_WolfSSL_WOLFSSL_ECC_SM2P256V1 41L
#undef com_wolfssl_WolfSSL_WOLFSSL_FFDHE_2048
#define com_wolfssl_WolfSSL_WOLFSSL_FFDHE_2048 256L
#undef com_wolfssl_WolfSSL_WOLFSSL_FFDHE_3072
#define com_wolfssl_WolfSSL_WOLFSSL_FFDHE_3072 257L
#undef com_wolfssl_WolfSSL_WOLFSSL_FFDHE_4096
#define com_wolfssl_WolfSSL_WOLFSSL_FFDHE_4096 258L
#undef com_wolfssl_WolfSSL_WOLFSSL_FFDHE_6144
#define com_wolfssl_WolfSSL_WOLFSSL_FFDHE_6144 259L
#undef com_wolfssl_WolfSSL_WOLFSSL_FFDHE_8192
#define com_wolfssl_WolfSSL_WOLFSSL_FFDHE_8192 260L
/*
* Class: com_wolfssl_WolfSSL
* Method: init

12
native/com_wolfssl_WolfSSLContext.c
View File

@ -228,10 +228,14 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLContext_setTmpDH
ret = wolfSSL_CTX_SetTmpDH(ctx, pBuf, pSz, gBuf, gSz);
}
XMEMSET(pBuf, 0, (int)pSz);
XMEMSET(gBuf, 0, (int)gSz);
XFREE(pBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(gBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (pBuf != NULL) {
XMEMSET(pBuf, 0, (int)pSz);
XFREE(pBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
}
if (gBuf != NULL) {
XMEMSET(gBuf, 0, (int)gSz);
XFREE(gBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
}
return (jint)ret;
#else

27
native/com_wolfssl_WolfSSLSession.c
View File

@ -3979,6 +3979,7 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLSession_set1SigAlgsList
int ret = 0;
const char* sigAlgList = NULL;
WOLFSSL* ssl = (WOLFSSL*)(uintptr_t)sslPtr;
(void)jcl;
if (jenv == NULL || ssl == NULL || list == NULL) {
return SSL_FAILURE;
@ -3989,14 +3990,38 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLSession_set1SigAlgsList
ret = wolfSSL_set1_sigalgs_list(ssl, sigAlgList);
(*jenv)->ReleaseStringUTFChars(jenv, list, sigAlgList);
return (jint)ret;
#else
(void)jenv;
(void)ssl;
(void)list;
return NOT_COMPILED_IN;
return (jint)NOT_COMPILED_IN;
#endif
}
JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLSession_useSupportedCurve
(JNIEnv* jenv, jobject jcl, jlong sslPtr, jint name)
{
#ifdef HAVE_SUPPORTED_CURVES
int ret = 0;
WOLFSSL* ssl = (WOLFSSL*)(uintptr_t)sslPtr;
(void)jcl;
if (jenv == NULL || ssl == NULL) {
return (jint)SSL_FAILURE;
}
ret = wolfSSL_UseSupportedCurve(ssl, (word16)name);
return (jint)ret;
#else
(void)jenv;
(void)jcl;
(void)sslPtr;
(void)name;
return (jint)NOT_COMPILED_IN;
#endif
}
JNIEXPORT void JNICALL Java_com_wolfssl_WolfSSLSession_setSSLIORecv

8
native/com_wolfssl_WolfSSLSession.h
View File

@ -767,6 +767,14 @@ JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLSession_rehandshake
JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLSession_set1SigAlgsList
(JNIEnv *, jobject, jlong, jstring);
/*
* Class: com_wolfssl_WolfSSLSession
* Method: useSupportedCurve
* Signature: (JI)I
*/
JNIEXPORT jint JNICALL Java_com_wolfssl_WolfSSLSession_useSupportedCurve
(JNIEnv *, jobject, jlong, jint);
#ifdef __cplusplus
}
#endif

133
src/java/com/wolfssl/WolfSSL.java
View File

@ -349,6 +349,45 @@ public class WolfSSL {
/* is this object active, or has it been cleaned up? */
private boolean active = false;
/* -------------- Named Groups (from enum in ssl.h) ----------------- */
public static final int WOLFSSL_NAMED_GROUP_INVALID = 0;
public static final int WOLFSSL_ECC_SECT163K1 = 1;
public static final int WOLFSSL_ECC_SECT163R1 = 2;
public static final int WOLFSSL_ECC_SECT163R2 = 3;
public static final int WOLFSSL_ECC_SECT193R1 = 4;
public static final int WOLFSSL_ECC_SECT193R2 = 5;
public static final int WOLFSSL_ECC_SECT233K1 = 6;
public static final int WOLFSSL_ECC_SECT233R1 = 7;
public static final int WOLFSSL_ECC_SECT239K1 = 8;
public static final int WOLFSSL_ECC_SECT283K1 = 9;
public static final int WOLFSSL_ECC_SECT283R1 = 10;
public static final int WOLFSSL_ECC_SECT409K1 = 11;
public static final int WOLFSSL_ECC_SECT409R1 = 12;
public static final int WOLFSSL_ECC_SECT571K1 = 13;
public static final int WOLFSSL_ECC_SECT571R1 = 14;
public static final int WOLFSSL_ECC_SECP160K1 = 15;
public static final int WOLFSSL_ECC_SECP160R1 = 16;
public static final int WOLFSSL_ECC_SECP160R2 = 17;
public static final int WOLFSSL_ECC_SECP192K1 = 18;
public static final int WOLFSSL_ECC_SECP192R1 = 19;
public static final int WOLFSSL_ECC_SECP224K1 = 20;
public static final int WOLFSSL_ECC_SECP224R1 = 21;
public static final int WOLFSSL_ECC_SECP256K1 = 22;
public static final int WOLFSSL_ECC_SECP256R1 = 23;
public static final int WOLFSSL_ECC_SECP384R1 = 24;
public static final int WOLFSSL_ECC_SECP521R1 = 25;
public static final int WOLFSSL_ECC_BRAINPOOLP256R1 = 26;
public static final int WOLFSSL_ECC_BRAINPOOLP384R1 = 27;
public static final int WOLFSSL_ECC_BRAINPOOLP512R1 = 28;
public static final int WOLFSSL_ECC_X25519 = 29;
public static final int WOLFSSL_ECC_X448 = 30;
public static final int WOLFSSL_ECC_SM2P256V1 = 41;
public static final int WOLFSSL_FFDHE_2048 = 256;
public static final int WOLFSSL_FFDHE_3072 = 257;
public static final int WOLFSSL_FFDHE_4096 = 258;
public static final int WOLFSSL_FFDHE_6144 = 259;
public static final int WOLFSSL_FFDHE_8192 = 260;
/* ---------------------------- locks ------------------------------- */
/* lock for cleanup */
@ -1120,6 +1159,100 @@ public class WolfSSL {
*/
public static native String[] getProtocolsMask(long mask);
/**
* Gets the internal wolfSSL named group enum matching provided string.
*
* Returned enum values are in Named Groups section above and come from
* native ssl.h "Named Groups" enum.
*
* @param curveName String representation of ECC curve
* @return Native wolfSSL Named Groups enum value which maps to input
* String, or WolfSSL.WOLFSSL_NAMED_GROUP_INVALID if curve
* String not supported.
*/
protected static int getNamedGroupFromString(String curveName) {
switch (curveName) {
case "sect163k1":
return WolfSSL.WOLFSSL_ECC_SECT163K1;
case "sect163r1":
return WolfSSL.WOLFSSL_ECC_SECT163R1;
case "sect163r2":
return WolfSSL.WOLFSSL_ECC_SECT163R2;
case "sect193r1":
return WolfSSL.WOLFSSL_ECC_SECT193R1;
case "sect193r2":
return WolfSSL.WOLFSSL_ECC_SECT193R2;
case "sect233k1":
return WolfSSL.WOLFSSL_ECC_SECT233K1;
case "sect233r1":
return WolfSSL.WOLFSSL_ECC_SECT233R1;
case "sect239k1":
return WolfSSL.WOLFSSL_ECC_SECT239K1;
case "sect283k1":
return WolfSSL.WOLFSSL_ECC_SECT283K1;
case "sect283r1":
return WolfSSL.WOLFSSL_ECC_SECT283R1;
case "sect409k1":
return WolfSSL.WOLFSSL_ECC_SECT409K1;
case "sect409r1":
return WolfSSL.WOLFSSL_ECC_SECT409R1;
case "sect571k1":
return WolfSSL.WOLFSSL_ECC_SECT571K1;
case "sect571r1":
return WolfSSL.WOLFSSL_ECC_SECT571R1;
case "secp160k1":
return WolfSSL.WOLFSSL_ECC_SECP160K1;
case "secp160r1":
return WolfSSL.WOLFSSL_ECC_SECP160R1;
case "secp160r2":
return WolfSSL.WOLFSSL_ECC_SECP160R2;
case "secp192k1":
return WolfSSL.WOLFSSL_ECC_SECP192K1;
case "secp192r1":
return WolfSSL.WOLFSSL_ECC_SECP192R1;
case "secp224k1":
return WolfSSL.WOLFSSL_ECC_SECP224K1;
case "secp224r1":
return WolfSSL.WOLFSSL_ECC_SECP224R1;
case "secp256k1":
return WolfSSL.WOLFSSL_ECC_SECP256K1;
case "secp256r1":
return WolfSSL.WOLFSSL_ECC_SECP256R1;
case "secp384r1":
return WolfSSL.WOLFSSL_ECC_SECP384R1;
case "secp521r1":
return WolfSSL.WOLFSSL_ECC_SECP521R1;
case "brainpoolP256r1":
return WolfSSL.WOLFSSL_ECC_BRAINPOOLP256R1;
case "brainpoolP384r1":
return WolfSSL.WOLFSSL_ECC_BRAINPOOLP384R1;
case "brainpoolP512r1":
return WolfSSL.WOLFSSL_ECC_BRAINPOOLP512R1;
case "X25519":
case "x25519":
return WolfSSL.WOLFSSL_ECC_X25519;
case "X448":
case "x448":
return WolfSSL.WOLFSSL_ECC_X448;
case "sm2P256v1":
return WolfSSL.WOLFSSL_ECC_SM2P256V1;
case "ffdhe2048":
return WolfSSL.WOLFSSL_FFDHE_2048;
case "ffdhe3072":
return WolfSSL.WOLFSSL_FFDHE_3072;
case "ffdhe4096":
return WolfSSL.WOLFSSL_FFDHE_4096;
case "ffdhe6144":
return WolfSSL.WOLFSSL_FFDHE_6144;
case "ffdhe8192":
return WolfSSL.WOLFSSL_FFDHE_8192;
default:
return WolfSSL.WOLFSSL_NAMED_GROUP_INVALID;
}
}
@SuppressWarnings("deprecation")
@Override
protected void finalize() throws Throwable

39
src/java/com/wolfssl/WolfSSLSession.java
View File

@ -299,6 +299,7 @@ public class WolfSSLSession {
private native int useSecureRenegotiation(long ssl);
private native int rehandshake(long ssl);
private native int set1SigAlgsList(long ssl, String list);
private native int useSupportedCurve(long ssl, int name);
/* ------------------- session-specific methods --------------------- */
@ -1266,6 +1267,44 @@ public class WolfSSLSession {
}
}
/**
* Sets the TLS Supported Curves to be used in the ClientHello
* extension if enabled in native wolfSSL.
*
* @param curveNames String array of ECC curve names to set into the
* Supported Curve extension. String values should match names from
* the following list:
* "sect163k1", "sect163r1", "sect163r2", "sect193r1",
* "sect193r2", "sect233k1", "sect233r1", "sect239k1",
* "sect283k1", "sect283r1", "sect409k1", "sect409r1",
* "sect571k1", "sect571r1", "secp160k1", "secp160r1",
* "secp160r2", "secp192k1", "secp192r1", "secp224k1",
* "secp224r1", "secp256k1", "secp256r1", "secp384r1",
* "secp521r1", "brainpoolP256r1", "brainpoolP384r1",
* "brainpoolP512r1", "x25519", "x448", "sm2P256v1",
* "ffdhe2048", "ffdhe3072", "ffdhe4096", "ffdhe6144",
* "ffdhe8192"
*
* @return <code>WolfSSL.SSL_SUCCESS</code> on success, otherwise
* negative on error.
* @throws IllegalStateException WolfSSLSession has been freed
*/
public int useSupportedCurves(String[] curveNames)
throws IllegalStateException {
int ret = 0;
int curveEnum = 0;
for (String curve : curveNames) {
curveEnum = WolfSSL.getNamedGroupFromString(curve);
synchronized (sslLock) {
ret = useSupportedCurve(getSessionPtr(), curveEnum);
}
}
return ret;
}
/* ---------------- Nonblocking DTLS helper functions -------------- */
/**

34
src/java/com/wolfssl/provider/jsse/WolfSSLEngineHelper.java
View File

@ -693,6 +693,39 @@ public class WolfSSLEngineHelper {
}
}
private void setLocalSupportedCurves() throws SSLException {
int ret = 0;
if (this.clientMode) {
/* Get restricted supported curves for ClientHello if set by
* user in "wolfjsse.enabledSupportedCurves" Security property */
String[] curves = WolfSSLUtil.getSupportedCurves();
if (curves != null) {
ret = this.ssl.useSupportedCurves(curves);
if (ret != WolfSSL.SSL_SUCCESS) {
if (ret == WolfSSL.NOT_COMPILED_IN) {
WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO,
"Unable to set requested TLS Supported Curves, " +
"native support not compiled in.");
}
else {
throw new SSLException(
"Error setting TLS Supported Curves based on " +
"wolfjsse.enabledSupportedCurves property, ret = " +
ret + ", curves: " + Arrays.toString(curves));
}
}
else {
WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO,
"set TLS Supported Curves based on " +
"wolfjsse.enabledSupportedCurves property");
}
}
}
}
private void setLocalParams() throws SSLException {
this.setLocalCiphers(
WolfSSLUtil.sanitizeSuites(this.params.getCipherSuites()));
@ -704,6 +737,7 @@ public class WolfSSLEngineHelper {
this.setLocalAlpnProtocols();
this.setLocalSecureRenegotiation();
this.setLocalSigAlgorithms();
this.setLocalSupportedCurves();
}
/**

27
src/java/com/wolfssl/provider/jsse/WolfSSLUtil.java
View File

@ -186,6 +186,33 @@ public class WolfSSLUtil {
return sigAlgos;
}
/**
* Return TLS Supported Curves allowed if set in
* wolfjsse.enabledSupportedCurves system Security property.
*
* @return String array of Supported Curves to be set into the
* TLS ClientHello.
*/
protected static String[] getSupportedCurves() {
String curves =
Security.getProperty("wolfjsse.enabledSupportedCurves");
if (curves == null || curves.isEmpty()) {
return null;
}
WolfSSLDebug.log(WolfSSLUtil.class, WolfSSLDebug.INFO,
"restricting enabled ClientHello supported curves");
WolfSSLDebug.log(WolfSSLUtil.class, WolfSSLDebug.INFO,
"wolfjsse.enabledSupportedCurves: " + curves);
/* Remove spaces between commas if present */
curves = curves.replaceAll(", ", ",");
return curves.split(",");
}
/**
* Return maximum key size allowed if minimum is set in
* jdk.tls.disabledAlgorithms security property for specified algorithm.

192
src/test/com/wolfssl/provider/jsse/test/WolfSSLSocketTest.java
View File

@ -445,6 +445,194 @@ public class WolfSSLSocketTest {
System.out.println("\t... passed");
}
@Test
public void testEnabledSupportedCurvesProperty() throws Exception {
SSLServerSocket ss = null;
TestServer server = null;
TestClient client = null;
Exception srvException = null;
Exception cliException = null;
System.out.print("\twolfjsse.enabledSupportedCurves");
/* create new CTX */
this.ctx = tf.createSSLContext("TLS", ctxProvider);
/* Save existing Security property before setting */
String originalProperty =
Security.getProperty("wolfjsse.enabledSupportedCurves");
/* Test with empty property */
{
Security.setProperty("wolfjsse.enabledSupportedCurves", "");
/* create SSLServerSocket first to get ephemeral port */
ss = (SSLServerSocket)ctx.getServerSocketFactory()
.createServerSocket(0);
server = new TestServer(this, ss);
server.start();
client = new TestClient(this, ss.getLocalPort());
client.start();
srvException = server.getException();
if (srvException != null) {
Security.setProperty("wolfjsse.enabledSupportedCurves",
originalProperty);
throw srvException;
}
cliException = client.getException();
if (cliException != null) {
Security.setProperty("wolfjsse.enabledSupportedCurves",
originalProperty);
throw cliException;
}
try {
client.join(1000);
server.join(1000);
} catch (InterruptedException e) {
System.out.println("interrupt happened");
Security.setProperty("wolfjsse.enabledSupportedCurves",
originalProperty);
fail("Threaded client/server test failed");
}
}
/* Test with single property entry */
{
Security.setProperty("wolfjsse.enabledSupportedCurves",
"secp256r1");
/* create SSLServerSocket first to get ephemeral port */
ss = (SSLServerSocket)ctx.getServerSocketFactory()
.createServerSocket(0);
server = new TestServer(this, ss);
server.start();
client = new TestClient(this, ss.getLocalPort());
client.start();
srvException = server.getException();
if (srvException != null) {
Security.setProperty("wolfjsse.enabledSupportedCurves",
originalProperty);
throw srvException;
}
cliException = client.getException();
if (cliException != null) {
Security.setProperty("wolfjsse.enabledSupportedCurves",
originalProperty);
throw cliException;
}
try {
client.join(1000);
server.join(1000);
} catch (InterruptedException e) {
System.out.println("interrupt happened");
Security.setProperty("wolfjsse.enabledSupportedCurves",
originalProperty);
fail("Threaded client/server test failed");
}
}
/* Test with multiple property entries */
{
Security.setProperty("wolfjsse.enabledSupportedCurves",
"secp256r1, secp521r1");
/* create SSLServerSocket first to get ephemeral port */
ss = (SSLServerSocket)ctx.getServerSocketFactory()
.createServerSocket(0);
server = new TestServer(this, ss);
server.start();
client = new TestClient(this, ss.getLocalPort());
client.start();
srvException = server.getException();
if (srvException != null) {
Security.setProperty("wolfjsse.enabledSupportedCurves",
originalProperty);
throw srvException;
}
cliException = client.getException();
if (cliException != null) {
Security.setProperty("wolfjsse.enabledSupportedCurves",
originalProperty);
throw cliException;
}
try {
client.join(1000);
server.join(1000);
} catch (InterruptedException e) {
System.out.println("interrupt happened");
Security.setProperty("wolfjsse.enabledSupportedCurves",
originalProperty);
fail("Threaded client/server test failed");
}
}
/* Test with invalid property entries */
{
Security.setProperty("wolfjsse.enabledSupportedCurves",
"badone, badtwo");
/* create SSLServerSocket first to get ephemeral port */
ss = (SSLServerSocket)ctx.getServerSocketFactory()
.createServerSocket(0);
server = new TestServer(this, ss);
server.start();
client = new TestClient(this, ss.getLocalPort());
client.start();
srvException = server.getException();
if (srvException != null) {
Security.setProperty("wolfjsse.enabledSupportedCurves",
originalProperty);
throw srvException;
}
cliException = client.getException();
if (cliException != null) {
/* expected Exception here, bad Supported Curve values */
}
try {
client.join(1000);
server.join(1000);
} catch (InterruptedException e) {
System.out.println("interrupt happened");
Security.setProperty("wolfjsse.enabledSupportedCurves",
originalProperty);
fail("Threaded client/server test failed");
}
}
/* restore original property value */
if (originalProperty == null) {
/* set property to empty if original was not set */
Security.setProperty("wolfjsse.enabledSupportedCurves", "");
} else {
Security.setProperty("wolfjsse.enabledSupportedCurves",
originalProperty);
}
System.out.println("\t... passed");
}
@Test
public void testClientServerThreaded() throws Exception {
@ -1913,8 +2101,6 @@ public class WolfSSLSocketTest {
} catch (Exception e) {
this.exception = e;
Logger.getLogger(WolfSSLSocketTest.class.getName())
.log(Level.SEVERE, null, e);
}
}
@ -1951,8 +2137,6 @@ public class WolfSSLSocketTest {
} catch (Exception e) {
this.exception = e;
Logger.getLogger(WolfSSLSocketTest.class.getName())
.log(Level.SEVERE, null, e);
}
}