1 package club.wpia.gigi;
3 import java.io.EOFException;
4 import java.io.IOException;
5 import java.net.InetSocketAddress;
6 import java.nio.ByteBuffer;
7 import java.nio.channels.SocketChannel;
8 import java.security.NoSuchAlgorithmException;
10 import javax.net.ssl.SSLContext;
11 import javax.net.ssl.SSLEngine;
12 import javax.net.ssl.SSLEngineResult;
13 import javax.net.ssl.SSLEngineResult.HandshakeStatus;
14 import javax.net.ssl.SSLException;
16 import org.junit.Test;
18 import club.wpia.gigi.testUtils.InitTruststore;
19 import club.wpia.gigi.testUtils.ManagedTest;
21 public class TestSSL extends ManagedTest {
23 private ByteBuffer in;
25 private ByteBuffer inC;
27 private ByteBuffer outC;
29 private ByteBuffer out;
35 public void testClientIntitiatedRenegotiation() throws NoSuchAlgorithmException, IOException {
36 SSLContext sc = SSLContext.getDefault();
37 SSLEngine se = sc.createSSLEngine();
38 String[] serverParts = getServerName().split(":", 2);
39 try (SocketChannel s = SocketChannel.open(new InetSocketAddress(serverParts[0], Integer.parseInt(serverParts[1])))) {
41 in = ByteBuffer.allocate(se.getSession().getApplicationBufferSize());
42 inC = ByteBuffer.allocate(se.getSession().getPacketBufferSize());
44 out = ByteBuffer.allocate(se.getSession().getApplicationBufferSize());
45 outC = ByteBuffer.allocate(se.getSession().getPacketBufferSize());
47 se.setUseClientMode(true);
54 throw new Error("Client re-negotiation succeded (possible DoS vulnerability");
55 } catch (EOFException e) {
56 // Cool, server closed connection
62 private void work(SSLEngine se, SocketChannel s) throws SSLException, IOException {
63 while (se.getHandshakeStatus() != HandshakeStatus.NOT_HANDSHAKING && se.getHandshakeStatus() != HandshakeStatus.FINISHED) {
64 switch (se.getHandshakeStatus()) {
72 se.getDelegatedTask().run();
75 System.out.println(se.getHandshakeStatus());
80 private SSLEngineResult unwrap(SSLEngine se, SocketChannel s) throws IOException, SSLException {
81 if (inC.remaining() == 0) {
86 SSLEngineResult result = se.unwrap(inC, in);
87 if (result.getStatus() == javax.net.ssl.SSLEngineResult.Status.BUFFER_UNDERFLOW) {
88 int pos = inC.position();
89 int limit = inC.limit();
90 inC.limit(inC.capacity());
92 int read = s.read(inC);
94 throw new EOFException();
96 inC.limit(inC.position());
102 private SSLEngineResult wrap(SSLEngine se, SocketChannel s) throws SSLException, IOException {
104 SSLEngineResult result = se.wrap(out, outC);