diff options
author | Peter Dettman <peter.dettman@bouncycastle.org> | 2014-07-22 08:48:41 +0400 |
---|---|---|
committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2014-07-22 08:48:41 +0400 |
commit | 1206355fed94bcfec4fd5b0b2904ab4f0b3043fe (patch) | |
tree | f77f3ebad613a0653912b805f463c822d81b361f | |
parent | eb80a1574ee8ab73297de99b7c40d47149755769 (diff) |
Fix CertificateRequest encoding (of certificate_authorities) and add
coverage in D/TLS tests
4 files changed, 16 insertions, 7 deletions
diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/CertificateRequest.java b/core/src/main/java/org/bouncycastle/crypto/tls/CertificateRequest.java index 1e2e8e37..68e051ea 100644 --- a/core/src/main/java/org/bouncycastle/crypto/tls/CertificateRequest.java +++ b/core/src/main/java/org/bouncycastle/crypto/tls/CertificateRequest.java @@ -102,7 +102,7 @@ public class CertificateRequest X500Name certificateAuthority = (X500Name)certificateAuthorities.elementAt(i); byte[] derEncoding = certificateAuthority.getEncoded(ASN1Encoding.DER); derEncodings.addElement(derEncoding); - totalLength += derEncoding.length; + totalLength += derEncoding.length + 2; } TlsUtils.checkUint16(totalLength); @@ -110,8 +110,8 @@ public class CertificateRequest for (int i = 0; i < derEncodings.size(); ++i) { - byte[] encDN = (byte[])derEncodings.elementAt(i); - output.write(encDN); + byte[] derEncoding = (byte[])derEncodings.elementAt(i); + TlsUtils.writeOpaque16(derEncoding, output); } } } diff --git a/core/src/test/java/org/bouncycastle/crypto/tls/test/MockDTLSServer.java b/core/src/test/java/org/bouncycastle/crypto/tls/test/MockDTLSServer.java index fdbb84f1..abd5d731 100644 --- a/core/src/test/java/org/bouncycastle/crypto/tls/test/MockDTLSServer.java +++ b/core/src/test/java/org/bouncycastle/crypto/tls/test/MockDTLSServer.java @@ -57,7 +57,7 @@ public class MockDTLSServer }); } - public CertificateRequest getCertificateRequest() + public CertificateRequest getCertificateRequest() throws IOException { Vector serverSigAlgs = null; @@ -78,7 +78,10 @@ public class MockDTLSServer } } - return new CertificateRequest(new short[]{ ClientCertificateType.rsa_sign }, serverSigAlgs, null); + Vector certificateAuthorities = new Vector(); + certificateAuthorities.add(TlsTestUtils.loadCertificateResource("x509-ca.pem").getSubject()); + + return new CertificateRequest(new short[]{ ClientCertificateType.rsa_sign }, serverSigAlgs, certificateAuthorities); } public void notifyClientCertificate(org.bouncycastle.crypto.tls.Certificate clientCertificate) diff --git a/core/src/test/java/org/bouncycastle/crypto/tls/test/MockTlsServer.java b/core/src/test/java/org/bouncycastle/crypto/tls/test/MockTlsServer.java index 45d7b093..0f3c4631 100644 --- a/core/src/test/java/org/bouncycastle/crypto/tls/test/MockTlsServer.java +++ b/core/src/test/java/org/bouncycastle/crypto/tls/test/MockTlsServer.java @@ -92,7 +92,10 @@ class MockTlsServer } } - return new CertificateRequest(new short[]{ ClientCertificateType.rsa_sign }, serverSigAlgs, null); + Vector certificateAuthorities = new Vector(); + certificateAuthorities.add(TlsTestUtils.loadCertificateResource("x509-ca.pem").getSubject()); + + return new CertificateRequest(new short[]{ ClientCertificateType.rsa_sign }, serverSigAlgs, certificateAuthorities); } public void notifyClientCertificate(org.bouncycastle.crypto.tls.Certificate clientCertificate) diff --git a/core/src/test/java/org/bouncycastle/crypto/tls/test/TlsTestServerImpl.java b/core/src/test/java/org/bouncycastle/crypto/tls/test/TlsTestServerImpl.java index e9d9aafc..835db459 100644 --- a/core/src/test/java/org/bouncycastle/crypto/tls/test/TlsTestServerImpl.java +++ b/core/src/test/java/org/bouncycastle/crypto/tls/test/TlsTestServerImpl.java @@ -141,7 +141,10 @@ class TlsTestServerImpl } } - return new CertificateRequest(new short[]{ ClientCertificateType.rsa_sign }, serverSigAlgs, null); + Vector certificateAuthorities = new Vector(); + certificateAuthorities.add(TlsTestUtils.loadCertificateResource("x509-ca.pem").getSubject()); + + return new CertificateRequest(new short[]{ ClientCertificateType.rsa_sign }, serverSigAlgs, certificateAuthorities); } public void notifyClientCertificate(org.bouncycastle.crypto.tls.Certificate clientCertificate) |