1 package org.cacert.gigi;
3 import java.io.EOFException;
4 import java.io.IOException;
5 import java.net.InetSocketAddress;
6 import java.nio.ByteBuffer;
7 import java.nio.channels.SocketChannel;
8 import java.security.NoSuchAlgorithmException;
9 import javax.net.ssl.SSLContext;
10 import javax.net.ssl.SSLEngine;
11 import javax.net.ssl.SSLEngineResult;
12 import javax.net.ssl.SSLException;
13 import javax.net.ssl.SSLEngineResult.HandshakeStatus;
15 import org.junit.Test;
17 public class TestSSL {
18 private ByteBuffer in;
19 private ByteBuffer inC;
20 private ByteBuffer outC;
21 private ByteBuffer out;
26 public void testClientIntitiatedRenegotiation()
27 throws NoSuchAlgorithmException, IOException {
28 SSLContext sc = SSLContext.getDefault();
29 SSLEngine se = sc.createSSLEngine();
30 SocketChannel s = SocketChannel.open(new InetSocketAddress("localhost",
33 in = ByteBuffer.allocate(se.getSession().getApplicationBufferSize());
34 inC = ByteBuffer.allocate(se.getSession().getPacketBufferSize());
36 out = ByteBuffer.allocate(se.getSession().getApplicationBufferSize());
37 outC = ByteBuffer.allocate(se.getSession().getPacketBufferSize());
39 se.setUseClientMode(true);
47 "Client re-negotiation failed (possible DoS vurnability");
48 } catch (EOFException e) {
49 // Cool, server closed connection
53 private void work(SSLEngine se, SocketChannel s) throws SSLException,
55 while (se.getHandshakeStatus() != HandshakeStatus.NOT_HANDSHAKING
56 && se.getHandshakeStatus() != HandshakeStatus.FINISHED) {
57 switch (se.getHandshakeStatus()) {
65 se.getDelegatedTask().run();
68 System.out.println(se.getHandshakeStatus());
72 private SSLEngineResult unwrap(SSLEngine se, SocketChannel s)
73 throws IOException, SSLException {
74 if (inC.remaining() == 0) {
79 SSLEngineResult result = se.unwrap(inC, in);
80 if (result.getStatus() == javax.net.ssl.SSLEngineResult.Status.BUFFER_UNDERFLOW) {
81 int pos = inC.position();
82 int limit = inC.limit();
83 inC.limit(inC.capacity());
85 int read = s.read(inC);
87 throw new EOFException();
89 inC.limit(inC.position());
94 private SSLEngineResult wrap(SSLEngine se, SocketChannel s)
95 throws SSLException, IOException {
97 SSLEngineResult result = se.wrap(out, outC);