package test.at.gv.egovernment.moa.id.util; import iaik.pki.jsse.IAIKX509TrustManager; import java.net.URL; import java.security.Security; import javax.net.ssl.SSLException; import javax.net.ssl.SSLSocketFactory; import com.sun.net.ssl.HttpsURLConnection; import at.gv.egovernment.moa.id.config.ConfigurationProvider; import at.gv.egovernment.moa.id.config.ConnectionParameter; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter; import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider; import at.gv.egovernment.moa.id.iaik.config.LoggerConfigImpl; import at.gv.egovernment.moa.id.util.SSLUtils; import test.at.gv.egovernment.moa.id.UnitTestCase; /* * @author Paul Ivancsics * @version $Id$ */ public class SSLUtilsTest extends UnitTestCase { public SSLUtilsTest(String name) { super(name); } protected void setUp() throws Exception { //System.setProperty("javax.net.debug", "all"); Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); IAIKX509TrustManager.initLog(new LoggerConfigImpl("file:" + TESTDATA_ROOT + "conf/log4j.properties")); System.setProperty("https.cipherSuites", "SSL_DHE_DSS_WITH_DES_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,SSL_RSA_WITH_DES_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_EXPORT_WITH_RC4_40_MD5"); } public void testVerisignOK() throws Exception { doTestOA("conf/ConfigurationTest.xml", "http://verisign.moa.gv.at/", true, null); } public void testATrustOK() throws Exception { doTestOA("conf/ConfigurationTest.xml", "http://a-trust.moa.gv.at/", true, null); } public void testBaltimoreOK() throws Exception { doTestOA("conf/ConfigurationTest.xml", "http://baltimore.moa.gv.at/", true, null); } public void testCIOOK() throws Exception { doTestOA("conf/ConfigurationTest.xml", "http://cio.moa.gv.at/", true, null); } public void testMOASPOK() throws Exception { System.setProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME, TESTDATA_ROOT + "conf/ConfigurationTest.xml"); ConnectionParameter connParam = AuthConfigurationProvider.getInstance().getMoaSpConnectionParameter(); doTest(connParam, true, null); } private void doTestOA(String configFile, String publicURLPrefix, boolean shouldOK, String exMessageFragment) throws Exception { System.setProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME, TESTDATA_ROOT + configFile); ProxyConfigurationProvider proxyConf = ProxyConfigurationProvider.getInstance(); OAProxyParameter oaParam = proxyConf.getOnlineApplicationParameter(publicURLPrefix); ConnectionParameter connParam = oaParam.getConnectionParameter(); doTest(connParam, shouldOK, exMessageFragment); } private void doTest(ConnectionParameter connParam, boolean shouldOK, String exMessageFragment) throws Exception { SSLUtils.initialize(); AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); SSLSocketFactory ssf = SSLUtils.getSSLSocketFactory(authConf, connParam); URL url = new URL(connParam.getUrl()); HttpsURLConnection conn = (HttpsURLConnection)url.openConnection(); conn.setRequestMethod("GET"); conn.setDoInput(true); conn.setDoOutput(true); conn.setUseCaches(false); conn.setAllowUserInteraction(false); conn.setSSLSocketFactory(ssf); try { conn.connect(); assertTrue(shouldOK); assertEquals(200, conn.getResponseCode()); conn.disconnect(); } catch (SSLException ex) { ex.printStackTrace(); assertFalse(shouldOK); assertTrue(ex.getMessage().indexOf(exMessageFragment) >= 0); } } }