Fix CertificateRequest encoding (of certificate_authorities) and add

coverage in D/TLS tests
author: Peter Dettman <peter.dettman@bouncycastle.org> 2014-07-22 08:48:41 +0400
committer: Peter Dettman <peter.dettman@bouncycastle.org> 2014-07-22 08:48:41 +0400
commit: 1206355fed94bcfec4fd5b0b2904ab4f0b3043fe (patch)
tree: f77f3ebad613a0653912b805f463c822d81b361f
parent: eb80a1574ee8ab73297de99b7c40d47149755769 (diff)
4 files changed, 16 insertions, 7 deletions
diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/CertificateRequest.java b/core/src/main/java/org/bouncycastle/crypto/tls/CertificateRequest.java
index 1e2e8e37..68e051ea 100644
--- a/core/src/main/java/org/bouncycastle/crypto/tls/CertificateRequest.java
+++ b/core/src/main/java/org/bouncycastle/crypto/tls/CertificateRequest.java
@@ -102,7 +102,7 @@ public class CertificateRequest
                 X500Name certificateAuthority = (X500Name)certificateAuthorities.elementAt(i);
                 byte[] derEncoding = certificateAuthority.getEncoded(ASN1Encoding.DER);
                 derEncodings.addElement(derEncoding);
-                totalLength += derEncoding.length;
+                totalLength += derEncoding.length + 2;
             }
 
             TlsUtils.checkUint16(totalLength);
@@ -110,8 +110,8 @@ public class CertificateRequest
 
             for (int i = 0; i < derEncodings.size(); ++i)
             {
-                byte[] encDN = (byte[])derEncodings.elementAt(i);
-                output.write(encDN);
+                byte[] derEncoding = (byte[])derEncodings.elementAt(i);
+                TlsUtils.writeOpaque16(derEncoding, output);
             }
         }
     }
diff --git a/core/src/test/java/org/bouncycastle/crypto/tls/test/MockDTLSServer.java b/core/src/test/java/org/bouncycastle/crypto/tls/test/MockDTLSServer.java
index fdbb84f1..abd5d731 100644
--- a/core/src/test/java/org/bouncycastle/crypto/tls/test/MockDTLSServer.java
+++ b/core/src/test/java/org/bouncycastle/crypto/tls/test/MockDTLSServer.java
@@ -57,7 +57,7 @@ public class MockDTLSServer
             });
     }
 
-    public CertificateRequest getCertificateRequest()
+    public CertificateRequest getCertificateRequest() throws IOException
     {
         Vector serverSigAlgs = null;
 
@@ -78,7 +78,10 @@ public class MockDTLSServer
             }
         }
 
-        return new CertificateRequest(new short[]{ ClientCertificateType.rsa_sign }, serverSigAlgs, null);
+        Vector certificateAuthorities = new Vector();
+        certificateAuthorities.add(TlsTestUtils.loadCertificateResource("x509-ca.pem").getSubject());
+
+        return new CertificateRequest(new short[]{ ClientCertificateType.rsa_sign }, serverSigAlgs, certificateAuthorities);
     }
 
     public void notifyClientCertificate(org.bouncycastle.crypto.tls.Certificate clientCertificate)
diff --git a/core/src/test/java/org/bouncycastle/crypto/tls/test/MockTlsServer.java b/core/src/test/java/org/bouncycastle/crypto/tls/test/MockTlsServer.java
index 45d7b093..0f3c4631 100644
--- a/core/src/test/java/org/bouncycastle/crypto/tls/test/MockTlsServer.java
+++ b/core/src/test/java/org/bouncycastle/crypto/tls/test/MockTlsServer.java
@@ -92,7 +92,10 @@ class MockTlsServer
             }
         }
 
-        return new CertificateRequest(new short[]{ ClientCertificateType.rsa_sign }, serverSigAlgs, null);
+        Vector certificateAuthorities = new Vector();
+        certificateAuthorities.add(TlsTestUtils.loadCertificateResource("x509-ca.pem").getSubject());
+
+        return new CertificateRequest(new short[]{ ClientCertificateType.rsa_sign }, serverSigAlgs, certificateAuthorities);
     }
 
     public void notifyClientCertificate(org.bouncycastle.crypto.tls.Certificate clientCertificate)
diff --git a/core/src/test/java/org/bouncycastle/crypto/tls/test/TlsTestServerImpl.java b/core/src/test/java/org/bouncycastle/crypto/tls/test/TlsTestServerImpl.java
index e9d9aafc..835db459 100644
--- a/core/src/test/java/org/bouncycastle/crypto/tls/test/TlsTestServerImpl.java
+++ b/core/src/test/java/org/bouncycastle/crypto/tls/test/TlsTestServerImpl.java
@@ -141,7 +141,10 @@ class TlsTestServerImpl
             }
         }
 
-        return new CertificateRequest(new short[]{ ClientCertificateType.rsa_sign }, serverSigAlgs, null);
+        Vector certificateAuthorities = new Vector();
+        certificateAuthorities.add(TlsTestUtils.loadCertificateResource("x509-ca.pem").getSubject());
+
+        return new CertificateRequest(new short[]{ ClientCertificateType.rsa_sign }, serverSigAlgs, certificateAuthorities);
     }
 
     public void notifyClientCertificate(org.bouncycastle.crypto.tls.Certificate clientCertificate)
author	Peter Dettman <peter.dettman@bouncycastle.org>	2014-07-22 08:48:41 +0400
committer	Peter Dettman <peter.dettman@bouncycastle.org>	2014-07-22 08:48:41 +0400
commit	1206355fed94bcfec4fd5b0b2904ab4f0b3043fe (patch)
tree	f77f3ebad613a0653912b805f463c822d81b361f
parent	eb80a1574ee8ab73297de99b7c40d47149755769 (diff)