SslErrorTest Class — netty Architecture

Architecture documentation for the SslErrorTest class in SslErrorTest.java from the netty codebase.

Class java

Entity Profile

Dependency Diagram

graph TD
  82658c62_302c_0f55_56df_d775fd8678b9["SslErrorTest"]
  9f113343_96ee_ca58_c1eb_a2480db3e007["SslErrorTest.java"]
  82658c62_302c_0f55_56df_d775fd8678b9 -->|defined in| 9f113343_96ee_ca58_c1eb_a2480db3e007
  3db56957_9e8f_caff_37cb_e3543608fc20["data()"]
  82658c62_302c_0f55_56df_d775fd8678b9 -->|method| 3db56957_9e8f_caff_37cb_e3543608fc20
  908ca8f1_c52a_80ef_3ec9_ec1cd8cd3901["CertificateException()"]
  82658c62_302c_0f55_56df_d775fd8678b9 -->|method| 908ca8f1_c52a_80ef_3ec9_ec1cd8cd3901
  d2d37dde_694d_d20e_8291_0b7fcc6a37b3["testCorrectAlert()"]
  82658c62_302c_0f55_56df_d775fd8678b9 -->|method| d2d37dde_694d_d20e_8291_0b7fcc6a37b3
  afd68690_7174_3247_87f3_c3385f487456["verifyException()"]
  82658c62_302c_0f55_56df_d775fd8678b9 -->|method| afd68690_7174_3247_87f3_c3385f487456

Relationship Graph

Source Code

handler/src/test/java/io/netty/handler/ssl/SslErrorTest.java lines 66–314

public class SslErrorTest {

    static Collection<Object[]> data() {
        List<SslProvider> serverProviders = new ArrayList<SslProvider>(2);
        List<SslProvider> clientProviders = new ArrayList<SslProvider>(3);

        if (OpenSsl.isAvailable()) {
            serverProviders.add(SslProvider.OPENSSL);
            serverProviders.add(SslProvider.OPENSSL_REFCNT);
            clientProviders.add(SslProvider.OPENSSL);
            clientProviders.add(SslProvider.OPENSSL_REFCNT);
        }
        // We not test with SslProvider.JDK on the server side as the JDK implementation currently just send the same
        // alert all the time, sigh.....
        clientProviders.add(SslProvider.JDK);

        List<CertificateException> exceptions = new ArrayList<CertificateException>(6);
        exceptions.add(new CertificateExpiredException());
        exceptions.add(new CertificateNotYetValidException());
        exceptions.add(new CertificateRevokedException(
                new Date(), CRLReason.AA_COMPROMISE, new X500Principal(""),
                Collections.<String, Extension>emptyMap()));

        // Also use wrapped exceptions as this is what the JDK implementation of X509TrustManagerFactory is doing.
        exceptions.add(newCertificateException(CertPathValidatorException.BasicReason.EXPIRED));
        exceptions.add(newCertificateException(CertPathValidatorException.BasicReason.NOT_YET_VALID));
        exceptions.add(newCertificateException(CertPathValidatorException.BasicReason.REVOKED));

        List<Object[]> params = new ArrayList<Object[]>();
        for (SslProvider serverProvider: serverProviders) {
            for (SslProvider clientProvider: clientProviders) {
                for (CertificateException exception: exceptions) {
                    params.add(new Object[] { serverProvider, clientProvider, exception, true });
                    params.add(new Object[] { serverProvider, clientProvider, exception, false });
                }
            }
        }
        return params;
    }

    private static CertificateException newCertificateException(CertPathValidatorException.Reason reason) {
        return new TestCertificateException(
                new CertPathValidatorException("x", null, null, -1, reason));
    }

    @ParameterizedTest(
            name = "{index}: serverProvider = {0}, clientProvider = {1}, exception = {2}, serverProduceError = {3}")
    @MethodSource("data")
    @Timeout(value = 30000, unit = TimeUnit.MILLISECONDS)
    public void testCorrectAlert(SslProvider serverProvider, final SslProvider clientProvider,
                                 final CertificateException exception, final boolean serverProduceError)
            throws Exception {
        // As this only works correctly at the moment when OpenSslEngine is used on the server-side there is
        // no need to run it if there is no openssl is available at all.
        OpenSsl.ensureAvailability();

        SelfSignedCertificate ssc = CachedSelfSignedCertificate.getCachedCertificate();

        SslContextBuilder sslServerCtxBuilder = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey())
                .sslProvider(serverProvider)
                .clientAuth(ClientAuth.REQUIRE);
        SslContextBuilder sslClientCtxBuilder =  SslContextBuilder.forClient()
                .keyManager(new File(getClass().getResource("test.crt").getFile()),
                        new File(getClass().getResource("test_unencrypted.pem").getFile()))
                .sslProvider(clientProvider);

        if (serverProduceError) {
            sslServerCtxBuilder.trustManager(new ExceptionTrustManagerFactory(exception));
            sslClientCtxBuilder.trustManager(InsecureTrustManagerFactory.INSTANCE);
        } else {
            sslServerCtxBuilder.trustManager(InsecureTrustManagerFactory.INSTANCE);
            sslClientCtxBuilder.trustManager(new ExceptionTrustManagerFactory(exception));
        }

        final SslContext sslServerCtx = sslServerCtxBuilder.build();
        final SslContext sslClientCtx = sslClientCtxBuilder.build();

        Channel serverChannel = null;
        Channel clientChannel = null;
        EventLoopGroup group = new MultiThreadIoEventLoopGroup(NioIoHandler.newFactory());
        final Promise<Void> promise = group.next().newPromise();

Defined In

handler/src/test/java/io/netty/handler/ssl/SslErrorTest.java

Source

View on GitHub

Frequently Asked Questions

What is the SslErrorTest class?

SslErrorTest is a class in the netty codebase, defined in handler/src/test/java/io/netty/handler/ssl/SslErrorTest.java.

Where is SslErrorTest defined?

SslErrorTest is defined in handler/src/test/java/io/netty/handler/ssl/SslErrorTest.java at line 66.

Analyze Your Own Codebase

Get architecture documentation, dependency graphs, and domain analysis for your codebase in minutes.

Try Supermodel Free