PkiTestingTlsTest Class — netty Architecture

Architecture documentation for the PkiTestingTlsTest class in PkiTestingTlsTest.java from the netty codebase.

Class java

Entity Profile

Dependency Diagram

graph TD
  938821ed_7909_bb31_9c78_1d4536ee982b["PkiTestingTlsTest"]
  ad39456e_e077_cde7_4de9_be645d2589d9["PkiTestingTlsTest.java"]
  938821ed_7909_bb31_9c78_1d4536ee982b -->|defined in| ad39456e_e077_cde7_4de9_be645d2589d9
  cf3191ef_0b54_c9b0_c341_916817f529a8["classicalAlgorithms()"]
  938821ed_7909_bb31_9c78_1d4536ee982b -->|method| cf3191ef_0b54_c9b0_c341_916817f529a8
  a2a3f8b4_d2b5_02e2_5830_3e58e39da84b["interoperabilityParams()"]
  938821ed_7909_bb31_9c78_1d4536ee982b -->|method| a2a3f8b4_d2b5_02e2_5830_3e58e39da84b
  c65da3b1_05e4_27d2_a895_d5ef7ed855e8["connectWithClassicalAlgorithms()"]
  938821ed_7909_bb31_9c78_1d4536ee982b -->|method| c65da3b1_05e4_27d2_a895_d5ef7ed855e8
  cea9e376_01a4_af2e_0ca6_46efb41fb600["connectWithEd25519()"]
  938821ed_7909_bb31_9c78_1d4536ee982b -->|method| cea9e376_01a4_af2e_0ca6_46efb41fb600
  10032fd1_d129_b894_a995_6f8d578df291["isBoringSSLAvailable()"]
  938821ed_7909_bb31_9c78_1d4536ee982b -->|method| 10032fd1_d129_b894_a995_6f8d578df291
  eed95e4e_189c_4491_cee2_0794e8520686["connectWithX25519MLKEM768()"]
  938821ed_7909_bb31_9c78_1d4536ee982b -->|method| eed95e4e_189c_4491_cee2_0794e8520686
  d960b596_11c1_9f7a_3c78_b975a04730e6["x25519MLKEM768Interoperability()"]
  938821ed_7909_bb31_9c78_1d4536ee982b -->|method| d960b596_11c1_9f7a_3c78_b975a04730e6
  a8eac5c5_344b_7e6d_6f39_e94e4efd9850["testTlsConnection()"]
  938821ed_7909_bb31_9c78_1d4536ee982b -->|method| a8eac5c5_344b_7e6d_6f39_e94e4efd9850

Relationship Graph

Source Code

handler/src/test/java/io/netty/handler/ssl/PkiTestingTlsTest.java lines 50–336

public class PkiTestingTlsTest {

    static List<Arguments> classicalAlgorithms() {
        List<SslProvider> providers = new ArrayList<>();
        if (SslProvider.isTlsv13Supported(SslProvider.JDK)) {
            providers.add(SslProvider.JDK);
        }
        if (OpenSsl.isAvailable() && OpenSsl.supportsKeyManagerFactory() && OpenSsl.isTlsv13Supported()) {
            providers.add(SslProvider.OPENSSL);
        }

        List<Arguments> args = new ArrayList<>();
        for (SslProvider provider : providers) {
            List<CertificateBuilder.Algorithm> algs =  new ArrayList<>();
            algs.add(CertificateBuilder.Algorithm.rsa2048);
            algs.add(CertificateBuilder.Algorithm.ecp256);

            for (CertificateBuilder.Algorithm alg : algs) {
                args.add(Arguments.of(provider, alg));
            }
        }
        return args;
    }

    static Stream<Arguments> interoperabilityParams() {
        Stream.Builder<Arguments> builder = Stream.builder();
        for (boolean enableOnClient : new boolean[] {true, false}) {
            for (String[] protocols : new String[][] {{"TLSv1.2"}, {"TLSv1.3"}, {"TLSv1.3", "TLSv1.2"}}) {
                builder.add(Arguments.of(enableOnClient, protocols));
            }
        }
        return builder.build();
    }

    /**
     * A TLS connection with just classical algorithms.
     */
    @ParameterizedTest
    @MethodSource("classicalAlgorithms")
    public void connectWithClassicalAlgorithms(SslProvider provider, CertificateBuilder.Algorithm algorithm)
            throws Exception {
        X509Bundle cert = new CertificateBuilder()
                .algorithm(algorithm)
                .setIsCertificateAuthority(true)
                .subject("CN=localhost")
                .buildSelfSigned();

        final SslContext serverContext = SslContextBuilder.forServer(cert.toKeyManagerFactory())
                .sslProvider(provider)
                .build();

        final SslContext clientContext = SslContextBuilder.forClient()
                .trustManager(cert.toTrustManagerFactory())
                .sslProvider(provider)
                .serverName(new SNIHostName("localhost"))
                .protocols("TLSv1.3")
                .build();

        testTlsConnection(serverContext, clientContext, null);
    }

    @EnabledForJreRange(min = JRE.JAVA_15)
    @Test
    public void connectWithEd25519()
            throws Exception {
        X509Bundle cert = new CertificateBuilder()
                .algorithm(CertificateBuilder.Algorithm.ed25519)
                .setIsCertificateAuthority(true)
                .subject("CN=localhost")
                .buildSelfSigned();

        // We currently don't support Ed25519 or Ed448 with the OPENSSL provider,
        // so to use those algorithms we have to use the JDK provider.
        SslProvider provider = SslProvider.JDK;

        final SslContext serverContext = SslContextBuilder.forServer(cert.toKeyManagerFactory())
                .sslProvider(provider)
                .build();

        final SslContext clientContext = SslContextBuilder.forClient()
                .trustManager(cert.toTrustManagerFactory())

Defined In

handler/src/test/java/io/netty/handler/ssl/PkiTestingTlsTest.java

Source

View on GitHub

Frequently Asked Questions

What is the PkiTestingTlsTest class?

PkiTestingTlsTest is a class in the netty codebase, defined in handler/src/test/java/io/netty/handler/ssl/PkiTestingTlsTest.java.

Where is PkiTestingTlsTest defined?

PkiTestingTlsTest is defined in handler/src/test/java/io/netty/handler/ssl/PkiTestingTlsTest.java at line 50.

Analyze Your Own Codebase

Get architecture documentation, dependency graphs, and domain analysis for your codebase in minutes.

Try Supermodel Free