Пример #1
0
  @Override
  public void notifyOfferedCipherSuites(int[] offeredCipherSuites) {
    String cipherSuites = "";
    for (int cipherSuite : offeredCipherSuites) {
      cipherSuites += " " + BouncyCastleTlsHelper.convertCipherSuiteIntToString(cipherSuite);
    }
    logger.logState("TLS client offered cipher suites:" + cipherSuites);

    if (!testData.getSkipNextICSCheck()) {
      TLSVersionType expectedProtocolVersion =
          TLSVersionType.fromValue(testData.getEServiceTLSExpectedClientVersion());
      if (matcher.matchCipherSuites(true, expectedProtocolVersion, offeredCipherSuites)) {
        logger.logConformity(ConformityResult.passed, "Check cipher suites against ICS passed.");
      } else {
        hasFatalErrors = true;
        logger.logConformity(ConformityResult.failed, "Check cipher suites against ICS failed.");
      }
    }
  }
Пример #2
0
  @Override
  public void notifySupportedEllipticCurvesExtension(int[] namedCurves) {
    String curves = "";
    for (int entry : namedCurves) {
      curves += " " + BouncyCastleTlsHelper.convertNamedCurveIntToString(entry);
    }
    logger.logState("TLS client sent SupportedEllipticCurves extension:" + curves);

    if (!testData.getSkipNextICSCheck()) {
      TLSVersionType expectedProtocolVersion =
          TLSVersionType.fromValue(testData.getEServiceTLSExpectedClientVersion());
      if (matcher.matchEllipticCurves(true, expectedProtocolVersion, namedCurves)) {
        logger.logConformity(
            ConformityResult.passed, "Check SupportedEllipticCurves extension against ICS passed.");
      } else {
        hasFatalErrors = true;
        logger.logConformity(
            ConformityResult.failed, "Check SupportedEllipticCurves extension against ICS failed.");
      }
    }
  }
Пример #3
0
  @Override
  public void notifySignatureAlgorithmsExtension(SignatureAndHashAlgorithm[] signatureAlgorithms) {
    String algorithms = "";
    for (Object entry : signatureAlgorithms) {
      SignatureAndHashAlgorithm saha = (SignatureAndHashAlgorithm) entry;
      algorithms +=
          " " + BouncyCastleTlsHelper.convertSignatureAndHashAlgorithmObjectToString(saha);
    }
    logger.logState("TLS client sent SignatureAlgorithms extension:" + algorithms);

    if (!testData.getSkipNextICSCheck()) {
      TLSVersionType expectedProtocolVersion =
          TLSVersionType.fromValue(testData.getEServiceTLSExpectedClientVersion());
      if (matcher.matchSignatureAndHashAlgorithms(
          true, expectedProtocolVersion, signatureAlgorithms)) {
        logger.logConformity(
            ConformityResult.passed, "Check SignatureAlgorithms extension against ICS passed.");
      } else {
        hasFatalErrors = true;
        logger.logConformity(
            ConformityResult.failed, "Check SignatureAlgorithms extension against ICS failed.");
      }
    }
  }