From 43e57a42832ea8b4ceb0317f3c9028a4174ffa7b Mon Sep 17 00:00:00 2001
From: mcentner <mcentner@d688527b-c9ab-4aba-bd8d-4036d912da1d>
Date: Wed, 8 Aug 2007 07:25:32 +0000
Subject: Adapted project directory structure to suit the new maven based build
 process.

git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@909 d688527b-c9ab-4aba-bd8d-4036d912da1d
---
 .../at/gv/egovernment/moa/util/SSLUtilsTest.java   | 160 +++++++++++++++++++++
 1 file changed, 160 insertions(+)
 create mode 100644 common-test/src/main/java/test/at/gv/egovernment/moa/util/SSLUtilsTest.java

(limited to 'common-test/src/main/java/test/at/gv/egovernment/moa/util/SSLUtilsTest.java')

diff --git a/common-test/src/main/java/test/at/gv/egovernment/moa/util/SSLUtilsTest.java b/common-test/src/main/java/test/at/gv/egovernment/moa/util/SSLUtilsTest.java
new file mode 100644
index 000000000..7e55cb7d0
--- /dev/null
+++ b/common-test/src/main/java/test/at/gv/egovernment/moa/util/SSLUtilsTest.java
@@ -0,0 +1,160 @@
+package test.at.gv.egovernment.moa.util;
+
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.net.URL;
+import java.security.KeyStore;
+import java.security.Security;
+
+import javax.net.ssl.SSLException;
+import javax.net.ssl.SSLSocketFactory;
+
+import com.sun.net.ssl.HostnameVerifier;
+import com.sun.net.ssl.HttpsURLConnection;
+
+import at.gv.egovernment.moa.util.KeyStoreUtils;
+import at.gv.egovernment.moa.util.SSLUtils;
+
+import junit.framework.TestCase;
+
+/**
+ * @author Paul Ivancsics
+ * @version $Id$
+ */
+public class SSLUtilsTest extends TestCase {
+
+  public SSLUtilsTest(String arg0) {
+    super(arg0);
+  }
+
+	
+  protected void setUp() throws Exception {
+    //System.setProperty("javax.net.debug", "all");
+    Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
+    System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
+    System.setProperty("https.cipherSuites", "SSL_DHE_DSS_WITH_DES_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,SSL_RSA_WITH_DES_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_EXPORT_WITH_RC4_40_MD5");
+  }
+
+	public void testGetSSLSocketFactoryBaltimoreOK() throws Exception {
+		doTestGetSSLSocketFactory(
+			"GET",
+			"https://www.baltimore.com/",
+			false,
+			"file:data/test/security/cacerts+gt_cybertrust_root",
+			"changeit",
+			true);
+	}
+	public void testGetSSLSocketFactoryBaltimoreNOK() throws Exception {
+		doTestGetSSLSocketFactory(
+			"GET",
+			"https://www.baltimore.com/",
+			false,
+			"file:data/test/security/cacerts",
+			"changeit", 
+			false);
+	}
+	public void testGetSSLSocketFactoryVerisignOK() throws Exception {
+		doTestGetSSLSocketFactory(
+			"GET",
+			"https://www.verisign.com/",
+			false,
+			"file:data/test/security/cacerts",
+			"changeit",
+			true);
+	}
+	public void testGetSSLSocketFactoryVerisignNoTruststoreOK() throws Exception {
+		doTestGetSSLSocketFactory(
+			"GET",
+			"https://www.verisign.com/",
+			false,
+			null,
+			null,
+			true);
+	}
+	public void testGetSSLSocketFactoryLocalhostOK() throws Exception {
+		String urlString = "https://localhost:8443/moa-id-auth/index.jsp";
+		doTestGetSSLSocketFactory(
+			"GET",
+			urlString,
+			true,
+			"file:data/test/security/server.keystore.tomcat",
+			"changeit",
+			true);
+	}
+	public void testGetSSLSocketFactoryLocalhostNOK() throws Exception {
+		String urlString = "https://localhost:8443/moa-id-auth/index.jsp";
+		doTestGetSSLSocketFactory(
+			"GET",
+			urlString,
+			true,
+			null,
+			null,
+			false);
+	}
+		
+	public void doTestGetSSLSocketFactory(
+		String requestMethod,
+		String urlString, 
+		boolean useHostnameVerifierHack,
+		String truststoreurl,
+		String trustpassword,
+		boolean shouldOk
+		) throws Exception {
+
+		doTestGetSSLSocketFactory(
+			requestMethod, urlString, useHostnameVerifierHack, truststoreurl, trustpassword, null, null, null, shouldOk);
+		}
+	public void doTestGetSSLSocketFactory(
+		String requestMethod,
+		String urlString, 
+		boolean useHostnameVerifierHack,
+		String truststoreurl,
+		String trustpassword,
+		String keystoretype,
+		String keystoreurl,
+		String keypassword,
+		boolean shouldOk
+		) throws Exception {
+
+		KeyStore truststore = null;
+		if (truststoreurl != null)
+			truststore = KeyStoreUtils.loadKeyStore("jks", truststoreurl, trustpassword);
+		SSLSocketFactory sf = SSLUtils.getSSLSocketFactory(
+			truststore, keystoretype, keystoreurl, keypassword);
+		System.out.println(requestMethod + " " + urlString);
+
+		URL url = new URL(urlString);
+		HttpsURLConnection conn = (HttpsURLConnection)url.openConnection();
+		conn.setRequestMethod(requestMethod);
+		conn.setDoInput(true);
+		conn.setDoOutput(true);
+		conn.setUseCaches(false);
+		conn.setAllowUserInteraction(false);		
+  	conn.setSSLSocketFactory(sf);
+  	if (useHostnameVerifierHack)
+  		conn.setHostnameVerifier(new HostnameVerifierHack());
+  	try {
+			conn.connect();
+			assertTrue(shouldOk);
+			assertEquals(200, conn.getResponseCode());
+			conn.disconnect();
+  	}
+  	catch (SSLException ex) {
+  		assertFalse(shouldOk);
+  	}
+	}
+	private byte[] readTruststore(String filename) throws IOException {
+		if (filename == null)
+			return null;
+		FileInputStream in = new FileInputStream(filename);
+		byte[] buffer = new byte[in.available()];
+		in.read(buffer);
+		in.close();
+		return buffer;
+	}
+  private class HostnameVerifierHack implements HostnameVerifier {
+    public boolean verify(String arg0, String arg1) {
+      return true;
+    }
+	}
+}
-- 
cgit v1.2.3