SocketSslLargeCertificateTest Class — netty Architecture

Architecture documentation for the SocketSslLargeCertificateTest class in SocketSslLargeCertificateTest.java from the netty codebase.

Class java

Entity Profile

Dependency Diagram

graph TD
  f7c3b053_8072_7730_8f03_078336ec47ba["SocketSslLargeCertificateTest"]
  727dd37a_e86a_d1ba_934b_f4fd23399e7d["SocketSslLargeCertificateTest.java"]
  f7c3b053_8072_7730_8f03_078336ec47ba -->|defined in| 727dd37a_e86a_d1ba_934b_f4fd23399e7d
  6b3e2768_f4dc_4d0c_2734_a7b4df521927["setUp()"]
  f7c3b053_8072_7730_8f03_078336ec47ba -->|method| 6b3e2768_f4dc_4d0c_2734_a7b4df521927
  5d1cfc93_df20_dd19_f7f8_401a48fcccc2["tearDown()"]
  f7c3b053_8072_7730_8f03_078336ec47ba -->|method| 5d1cfc93_df20_dd19_f7f8_401a48fcccc2
  d3505407_6ef8_7003_22f3_8561e89ea1ee["supportKeyManagerAndTLS13()"]
  f7c3b053_8072_7730_8f03_078336ec47ba -->|method| d3505407_6ef8_7003_22f3_8561e89ea1ee
  fea9f259_9f97_7c82_4793_b9296e99f36a["certExtensionSizes()"]
  f7c3b053_8072_7730_8f03_078336ec47ba -->|method| fea9f259_9f97_7c82_4793_b9296e99f36a
  1cd25f7a_2a5a_cae4_0b9f_9d9f608514c8["resumptionWithLargeCertificates()"]
  f7c3b053_8072_7730_8f03_078336ec47ba -->|method| 1cd25f7a_2a5a_cae4_0b9f_9d9f608514c8

Relationship Graph

Source Code

testsuite/src/main/java/io/netty/testsuite/transport/socket/SocketSslLargeCertificateTest.java lines 65–230

@EnabledIf("supportKeyManagerAndTLS13")
@TestInstance(TestInstance.Lifecycle.PER_CLASS)
@Execution(ExecutionMode.SAME_THREAD)
public class SocketSslLargeCertificateTest {

    private CertificateBuilder base;
    private X509Bundle rootCert;
    private MultiThreadIoEventLoopGroup group;

    @BeforeAll
    public void setUp() throws Exception {
        base = new CertificateBuilder()
                .ecp256()
                .setKeyUsage(true, CertificateBuilder.KeyUsage.digitalSignature,
                        CertificateBuilder.KeyUsage.keyCertSign);
        rootCert = base.copy()
                .subject("cn=root.netty.io")
                .setIsCertificateAuthority(true)
                .buildSelfSigned();
        group = new MultiThreadIoEventLoopGroup(NioIoHandler.newFactory());
    }

    @AfterAll
    public void tearDown() {
        group.shutdownGracefully(100, 1000, TimeUnit.MILLISECONDS);
    }

    public static boolean supportKeyManagerAndTLS13() {
        return OpenSsl.isAvailable() &&
                OpenSsl.supportsKeyManagerFactory() &&
                SslProvider.isTlsv13Supported(SslProvider.OPENSSL);
    }

    public static Stream<Arguments> certExtensionSizes() {
        int defaultMaxHandshakeMessageLength = 16384;
        return IntStream.rangeClosed(defaultMaxHandshakeMessageLength - 768, defaultMaxHandshakeMessageLength)
                .mapToObj(Arguments::of);
    }

    @ParameterizedTest
    @MethodSource("certExtensionSizes")
    void resumptionWithLargeCertificates(int certExtensionSize) throws Exception {
        X509Bundle serverCert = base.copy()
                .subject("cn=localhost")
                .addExtendedKeyUsageServerAuth()
                .buildIssuedBy(rootCert);
        byte[] extension = new byte[certExtensionSize];
        ThreadLocalRandom.current().nextBytes(extension);
        X509Bundle clientCert = base.copy()
                .subject("cn=client")
                .addExtendedKeyUsageClientAuth()
                .addExtensionOctetString("1.2.840.113635.100.6.2.1", false, extension)
                .buildIssuedBy(rootCert);

        TrustManagerFactory tmf = rootCert.toTrustManagerFactory();
        KeyManagerFactory serverKmf = serverCert.toKeyManagerFactory();
        KeyManagerFactory clientKmf = clientCert.toKeyManagerFactory();

        SslContext serverSsl = SslContextBuilder.forServer(serverKmf)
                .sslProvider(SslProvider.OPENSSL)
                .trustManager(tmf)
                .protocols("TLSv1.3")
                .clientAuth(ClientAuth.REQUIRE)
                .option(OpenSslContextOption.MAX_CERTIFICATE_LIST_BYTES, 32768)
                .build();
        SslContext clientSsl = SslContextBuilder.forClient()
                .sslProvider(SslProvider.OPENSSL)
                .keyManager(clientKmf)
                .trustManager(tmf)
                .protocols("TLSv1.3")
                .option(OpenSslContextOption.MAX_CERTIFICATE_LIST_BYTES, 32768)
                .serverName(new SNIHostName("localhost"))
                .endpointIdentificationAlgorithm(null)
                .build();

        final Promise<Void> completion = ImmediateEventExecutor.INSTANCE.newPromise();

        ChannelFuture bindFuture = new ServerBootstrap()
                .group(group)
                .channel(NioServerSocketChannel.class)
                .childHandler(new ChannelInitializer<Channel>() {

Defined In

testsuite/src/main/java/io/netty/testsuite/transport/socket/SocketSslLargeCertificateTest.java

Source

View on GitHub

Frequently Asked Questions

What is the SocketSslLargeCertificateTest class?

SocketSslLargeCertificateTest is a class in the netty codebase, defined in testsuite/src/main/java/io/netty/testsuite/transport/socket/SocketSslLargeCertificateTest.java.

Where is SocketSslLargeCertificateTest defined?

SocketSslLargeCertificateTest is defined in testsuite/src/main/java/io/netty/testsuite/transport/socket/SocketSslLargeCertificateTest.java at line 65.

Analyze Your Own Codebase

Get architecture documentation, dependency graphs, and domain analysis for your codebase in minutes.

Try Supermodel Free