ExternalVendorCode/corda
1
0
Fork 0
mirror of https://github.com/corda/corda.git synced 2025-01-18 10:46:38 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

TLS supports K1 and mixed K1-R1-RSA (#2216)

Browse Source
This commit is contained in:
Konstantinos Chalkias 2017-12-12 20:08:57 +00:00 committed by GitHub
parent c3b9955344
commit b58e2b89cd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 36 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
node/src/test/kotlin/net/corda/node/utilities/TLSAuthenticationTests.kt
View File

@ -78,8 +78,7 @@ class TLSAuthenticationTests {
client2TLSScheme = Crypto.ECDSA_SECP256R1_SHA256
)
val (serverSocket, clientSocket) =
buildTLSSockets(serverSocketFactory, clientSocketFactory, 0, 0)
val (serverSocket, clientSocket) = buildTLSSockets(serverSocketFactory, clientSocketFactory, 0, 0)
testConnect(serverSocket, clientSocket, "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256")
}
@ -95,12 +94,27 @@ class TLSAuthenticationTests {
client2TLSScheme = Crypto.RSA_SHA256
)
val (serverSocket, clientSocket) =
buildTLSSockets(serverSocketFactory, clientSocketFactory, 0, 0)
val (serverSocket, clientSocket) = buildTLSSockets(serverSocketFactory, clientSocketFactory, 0, 0)
testConnect(serverSocket, clientSocket, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256")
}
@Test
fun `All EC K1`() {
val (serverSocketFactory, clientSocketFactory) = buildTLSFactories(
rootCAScheme = Crypto.ECDSA_SECP256K1_SHA256,
intermediateCAScheme = Crypto.ECDSA_SECP256K1_SHA256,
client1CAScheme = Crypto.ECDSA_SECP256K1_SHA256,
client1TLSScheme = Crypto.ECDSA_SECP256K1_SHA256,
client2CAScheme = Crypto.ECDSA_SECP256K1_SHA256,
client2TLSScheme = Crypto.ECDSA_SECP256K1_SHA256
)
val (serverSocket, clientSocket) = buildTLSSockets(serverSocketFactory, clientSocketFactory, 0, 0)
testConnect(serverSocket, clientSocket, "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256")
}
// Server's public key type is the one selected if users use different key types (e.g RSA and EC R1).
@Test
fun `Server RSA - Client EC R1 - CAs all EC R1`() {
@ -113,8 +127,7 @@ class TLSAuthenticationTests {
client2TLSScheme = Crypto.ECDSA_SECP256R1_SHA256
)
val (serverSocket, clientSocket) =
buildTLSSockets(serverSocketFactory, clientSocketFactory, 0, 0)
val (serverSocket, clientSocket) = buildTLSSockets(serverSocketFactory, clientSocketFactory, 0, 0)
testConnect(serverSocket, clientSocket, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256") // Server's key type is selected.
}
@ -148,6 +161,22 @@ class TLSAuthenticationTests {
testConnect(serverSocket, clientSocket, "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256")
}
@Test
fun `Server EC K1 - Client EC R1 - CAs all RSA`() {
val (serverSocketFactory, clientSocketFactory) = buildTLSFactories(
rootCAScheme = Crypto.RSA_SHA256,
intermediateCAScheme = Crypto.RSA_SHA256,
client1CAScheme = Crypto.RSA_SHA256,
client1TLSScheme = Crypto.ECDSA_SECP256K1_SHA256,
client2CAScheme = Crypto.RSA_SHA256,
client2TLSScheme = Crypto.ECDSA_SECP256R1_SHA256
)
val (serverSocket, clientSocket) = buildTLSSockets(serverSocketFactory, clientSocketFactory, 0, 0)
testConnect(serverSocket, clientSocket, "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256")
}
@Test
fun `Server EC R1 - Client RSA - Mixed CAs`() {
val (serverSocketFactory, clientSocketFactory) = buildTLSFactories(
@ -155,7 +184,7 @@ class TLSAuthenticationTests {
intermediateCAScheme = Crypto.RSA_SHA256,
client1CAScheme = Crypto.RSA_SHA256,
client1TLSScheme = Crypto.ECDSA_SECP256R1_SHA256,
client2CAScheme = Crypto.ECDSA_SECP256R1_SHA256,
client2CAScheme = Crypto.ECDSA_SECP256K1_SHA256,
client2TLSScheme = Crypto.RSA_SHA256
)