diff --git a/crypto/test/src/crypto/tls/test/MockDtlsClient.cs b/crypto/test/src/crypto/tls/test/MockDtlsClient.cs
index 51493fae1..43b987cc1 100644
--- a/crypto/test/src/crypto/tls/test/MockDtlsClient.cs
+++ b/crypto/test/src/crypto/tls/test/MockDtlsClient.cs
@@ -143,8 +143,9 @@ namespace Org.BouncyCastle.Crypto.Tls.Tests
if (certificateTypes == null || !Arrays.Contains(certificateTypes, ClientCertificateType.rsa_sign))
return null;
- return TlsTestUtilities.LoadSignerCredentials(mContext, certificateRequest.SupportedSignatureAlgorithms,
- SignatureAlgorithm.rsa, "x509-client.pem", "x509-client-key.pem");
+ return TlsTestUtilities.LoadSignerCredentials(mContext,
+ certificateRequest.SupportedSignatureAlgorithms, SignatureAlgorithm.rsa,
+ new string[]{ "x509-client-rsa.pem", "x509-ca-rsa.pem" }, "x509-client-key-rsa.pem");
}
};
}
diff --git a/crypto/test/src/crypto/tls/test/MockDtlsServer.cs b/crypto/test/src/crypto/tls/test/MockDtlsServer.cs
index 16e92b258..842cbba58 100644
--- a/crypto/test/src/crypto/tls/test/MockDtlsServer.cs
+++ b/crypto/test/src/crypto/tls/test/MockDtlsServer.cs
@@ -53,7 +53,7 @@ namespace Org.BouncyCastle.Crypto.Tls.Tests
}
IList certificateAuthorities = new ArrayList();
- certificateAuthorities.Add(TlsTestUtilities.LoadCertificateResource("x509-ca.pem").Subject);
+ certificateAuthorities.Add(TlsTestUtilities.LoadCertificateResource("x509-ca-rsa.pem").Subject);
return new CertificateRequest(certificateTypes, serverSigAlgs, certificateAuthorities);
}
@@ -83,14 +83,15 @@ namespace Org.BouncyCastle.Crypto.Tls.Tests
protected override TlsEncryptionCredentials GetRsaEncryptionCredentials()
{
- return TlsTestUtilities.LoadEncryptionCredentials(mContext, new string[] { "x509-server.pem", "x509-ca.pem" },
- "x509-server-key.pem");
+ return TlsTestUtilities.LoadEncryptionCredentials(mContext,
+ new string[] { "x509-server-rsa-enc.pem", "x509-ca-rsa.pem" }, "x509-server-key-rsa-enc.pem");
}
protected override TlsSignerCredentials GetRsaSignerCredentials()
{
- return TlsTestUtilities.LoadSignerCredentials(mContext, mSupportedSignatureAlgorithms, SignatureAlgorithm.rsa,
- "x509-server.pem", "x509-server-key.pem");
+ return TlsTestUtilities.LoadSignerCredentials(mContext, mSupportedSignatureAlgorithms,
+ SignatureAlgorithm.rsa, new string[]{ "x509-server-rsa-sign.pem", "x509-ca-rsa.pem" },
+ "x509-server-key-rsa-sign.pem");
}
}
}
diff --git a/crypto/test/src/crypto/tls/test/MockPskTlsServer.cs b/crypto/test/src/crypto/tls/test/MockPskTlsServer.cs
index 79c5d6363..3a6860280 100644
--- a/crypto/test/src/crypto/tls/test/MockPskTlsServer.cs
+++ b/crypto/test/src/crypto/tls/test/MockPskTlsServer.cs
@@ -76,8 +76,8 @@ namespace Org.BouncyCastle.Crypto.Tls.Tests
protected override TlsEncryptionCredentials GetRsaEncryptionCredentials()
{
- return TlsTestUtilities.LoadEncryptionCredentials(mContext, new string[]{"x509-server.pem", "x509-ca.pem"},
- "x509-server-key.pem");
+ return TlsTestUtilities.LoadEncryptionCredentials(mContext,
+ new string[]{ "x509-server-rsa-enc.pem", "x509-ca-rsa.pem"}, "x509-server-key-rsa-enc.pem");
}
internal class MyIdentityManager
diff --git a/crypto/test/src/crypto/tls/test/MockSrpTlsServer.cs b/crypto/test/src/crypto/tls/test/MockSrpTlsServer.cs
index c15f63e0b..61a86d34e 100644
--- a/crypto/test/src/crypto/tls/test/MockSrpTlsServer.cs
+++ b/crypto/test/src/crypto/tls/test/MockSrpTlsServer.cs
@@ -78,14 +78,16 @@ namespace Org.BouncyCastle.Crypto.Tls.Tests
protected override TlsSignerCredentials GetDsaSignerCredentials()
{
- return TlsTestUtilities.LoadSignerCredentials(mContext, mSupportedSignatureAlgorithms, SignatureAlgorithm.dsa,
- "x509-server-dsa.pem", "x509-server-key-dsa.pem");
+ return TlsTestUtilities.LoadSignerCredentials(mContext, mSupportedSignatureAlgorithms,
+ SignatureAlgorithm.dsa, new string[] { "x509-server-dsa.pem", "x509-ca-dsa.pem" },
+ "x509-server-key-dsa.pem");
}
protected override TlsSignerCredentials GetRsaSignerCredentials()
{
- return TlsTestUtilities.LoadSignerCredentials(mContext, mSupportedSignatureAlgorithms, SignatureAlgorithm.rsa,
- "x509-server.pem", "x509-server-key.pem");
+ return TlsTestUtilities.LoadSignerCredentials(mContext, mSupportedSignatureAlgorithms,
+ SignatureAlgorithm.rsa, new string[] { "x509-server-rsa-sign.pem", "x509-ca-rsa.pem" },
+ "x509-server-key-rsa-sign.pem");
}
internal class MyIdentityManager
diff --git a/crypto/test/src/crypto/tls/test/MockTlsClient.cs b/crypto/test/src/crypto/tls/test/MockTlsClient.cs
index f28236f0b..cdf727cc9 100644
--- a/crypto/test/src/crypto/tls/test/MockTlsClient.cs
+++ b/crypto/test/src/crypto/tls/test/MockTlsClient.cs
@@ -133,8 +133,9 @@ namespace Org.BouncyCastle.Crypto.Tls.Tests
if (certificateTypes == null || !Arrays.Contains(certificateTypes, ClientCertificateType.rsa_sign))
return null;
- return TlsTestUtilities.LoadSignerCredentials(mContext, certificateRequest.SupportedSignatureAlgorithms,
- SignatureAlgorithm.rsa, "x509-client.pem", "x509-client-key.pem");
+ return TlsTestUtilities.LoadSignerCredentials(mContext,
+ certificateRequest.SupportedSignatureAlgorithms, SignatureAlgorithm.rsa,
+ new string[]{ "x509-client-rsa.pem", "x509-ca-rsa.pem" }, "x509-client-key-rsa.pem");
}
};
}
diff --git a/crypto/test/src/crypto/tls/test/MockTlsServer.cs b/crypto/test/src/crypto/tls/test/MockTlsServer.cs
index f0a9be0a5..5911607bc 100644
--- a/crypto/test/src/crypto/tls/test/MockTlsServer.cs
+++ b/crypto/test/src/crypto/tls/test/MockTlsServer.cs
@@ -67,7 +67,7 @@ namespace Org.BouncyCastle.Crypto.Tls.Tests
}
IList certificateAuthorities = new ArrayList();
- certificateAuthorities.Add(TlsTestUtilities.LoadCertificateResource("x509-ca.pem").Subject);
+ certificateAuthorities.Add(TlsTestUtilities.LoadCertificateResource("x509-ca-rsa.pem").Subject);
return new CertificateRequest(certificateTypes, serverSigAlgs, certificateAuthorities);
}
@@ -87,14 +87,15 @@ namespace Org.BouncyCastle.Crypto.Tls.Tests
protected override TlsEncryptionCredentials GetRsaEncryptionCredentials()
{
- return TlsTestUtilities.LoadEncryptionCredentials(mContext, new string[]{ "x509-server.pem", "x509-ca.pem" },
- "x509-server-key.pem");
+ return TlsTestUtilities.LoadEncryptionCredentials(mContext,
+ new string[]{ "x509-server-rsa-enc.pem", "x509-ca-rsa.pem" }, "x509-server-key-rsa-enc.pem");
}
protected override TlsSignerCredentials GetRsaSignerCredentials()
{
- return TlsTestUtilities.LoadSignerCredentials(mContext, mSupportedSignatureAlgorithms, SignatureAlgorithm.rsa,
- "x509-server.pem", "x509-server-key.pem");
+ return TlsTestUtilities.LoadSignerCredentials(mContext, mSupportedSignatureAlgorithms,
+ SignatureAlgorithm.rsa, new string[]{ "x509-server-rsa-sign.pem", "x509-ca-rsa.pem" },
+ "x509-server-key-rsa-sign.pem");
}
}
}
diff --git a/crypto/test/src/crypto/tls/test/TlsTestClientImpl.cs b/crypto/test/src/crypto/tls/test/TlsTestClientImpl.cs
index 864a0a5cc..ae1f632ba 100644
--- a/crypto/test/src/crypto/tls/test/TlsTestClientImpl.cs
+++ b/crypto/test/src/crypto/tls/test/TlsTestClientImpl.cs
@@ -180,9 +180,12 @@ namespace Org.BouncyCastle.Crypto.Tls.Tests
X509CertificateStructure[] chain = serverCertificate.GetCertificateList();
// TODO Cache test resources?
- if (isEmpty || !(chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-server.pem"))
- || chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-server-dsa.pem"))
- || chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-server-ecdsa.pem"))))
+ if (isEmpty || !(
+ chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-server-dsa.pem")) ||
+ chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-server-ecdsa.pem")) ||
+ chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-server-rsa-enc.pem")) ||
+ chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-server-rsa-sign.pem"))
+ ))
{
throw new TlsFatalAlert(AlertDescription.bad_certificate);
}
@@ -221,7 +224,8 @@ namespace Org.BouncyCastle.Crypto.Tls.Tests
}
TlsSignerCredentials signerCredentials = TlsTestUtilities.LoadSignerCredentials(mContext,
- supportedSigAlgs, SignatureAlgorithm.rsa, "x509-client.pem", "x509-client-key.pem");
+ supportedSigAlgs, SignatureAlgorithm.rsa, new string[]{ "x509-client-rsa.pem", "x509-ca-rsa.pem" },
+ "x509-client-key-rsa.pem");
if (mOuter.mConfig.clientAuth == TlsTestConfig.CLIENT_AUTH_VALID)
{
diff --git a/crypto/test/src/crypto/tls/test/TlsTestServerImpl.cs b/crypto/test/src/crypto/tls/test/TlsTestServerImpl.cs
index 9edd2e524..2587181a5 100644
--- a/crypto/test/src/crypto/tls/test/TlsTestServerImpl.cs
+++ b/crypto/test/src/crypto/tls/test/TlsTestServerImpl.cs
@@ -131,7 +131,7 @@ namespace Org.BouncyCastle.Crypto.Tls.Tests
}
IList certificateAuthorities = new ArrayList();
- certificateAuthorities.Add(TlsTestUtilities.LoadCertificateResource("x509-ca.pem").Subject);
+ certificateAuthorities.Add(TlsTestUtilities.LoadCertificateResource("x509-ca-rsa.pem").Subject);
return new CertificateRequest(certificateTypes, serverSigAlgs, certificateAuthorities);
}
@@ -152,9 +152,11 @@ namespace Org.BouncyCastle.Crypto.Tls.Tests
X509CertificateStructure[] chain = clientCertificate.GetCertificateList();
// TODO Cache test resources?
- if (!isEmpty && !(chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-client.pem"))
- || chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-client-dsa.pem"))
- || chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-client-ecdsa.pem"))))
+ if (!isEmpty && !(
+ chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-client-dsa.pem")) ||
+ chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-client-ecdsa.pem")) ||
+ chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-client-rsa.pem"))
+ ))
{
throw new TlsFatalAlert(AlertDescription.bad_certificate);
}
@@ -186,26 +188,29 @@ namespace Org.BouncyCastle.Crypto.Tls.Tests
protected override TlsSignerCredentials GetDsaSignerCredentials()
{
- return TlsTestUtilities.LoadSignerCredentials(mContext, GetSupportedSignatureAlgorithms(), SignatureAlgorithm.dsa,
- "x509-server-dsa.pem", "x509-server-key-dsa.pem");
+ return TlsTestUtilities.LoadSignerCredentials(mContext, GetSupportedSignatureAlgorithms(),
+ SignatureAlgorithm.dsa, new string[]{ "x509-server-dsa.pem", "x509-ca-dsa.pem" },
+ "x509-server-key-dsa.pem");
}
protected override TlsSignerCredentials GetECDsaSignerCredentials()
{
- return TlsTestUtilities.LoadSignerCredentials(mContext, GetSupportedSignatureAlgorithms(), SignatureAlgorithm.ecdsa,
- "x509-server-ecdsa.pem", "x509-server-key-ecdsa.pem");
+ return TlsTestUtilities.LoadSignerCredentials(mContext, GetSupportedSignatureAlgorithms(),
+ SignatureAlgorithm.ecdsa, new string[]{ "x509-server-ecdsa.pem", "x509-ca-ecdsa.pem" },
+ "x509-server-key-ecdsa.pem");
}
protected override TlsEncryptionCredentials GetRsaEncryptionCredentials()
{
- return TlsTestUtilities.LoadEncryptionCredentials(mContext, new string[]{ "x509-server.pem", "x509-ca.pem" },
- "x509-server-key.pem");
+ return TlsTestUtilities.LoadEncryptionCredentials(mContext,
+ new string[]{ "x509-server-rsa-enc.pem", "x509-ca-rsa.pem" }, "x509-server-key-rsa-enc.pem");
}
protected override TlsSignerCredentials GetRsaSignerCredentials()
{
- return TlsTestUtilities.LoadSignerCredentials(mContext, GetSupportedSignatureAlgorithms(), SignatureAlgorithm.rsa,
- "x509-server.pem", "x509-server-key.pem");
+ return TlsTestUtilities.LoadSignerCredentials(mContext, GetSupportedSignatureAlgorithms(),
+ SignatureAlgorithm.rsa, new string[]{ "x509-server-rsa-sign.pem", "x509-ca-rsa.pem" },
+ "x509-server-key-rsa-sign.pem");
}
private static void SafeWriteLine(TextWriter output, object line)
diff --git a/crypto/test/src/crypto/tls/test/TlsTestUtilities.cs b/crypto/test/src/crypto/tls/test/TlsTestUtilities.cs
index a76858ce6..e339850a6 100644
--- a/crypto/test/src/crypto/tls/test/TlsTestUtilities.cs
+++ b/crypto/test/src/crypto/tls/test/TlsTestUtilities.cs
@@ -91,7 +91,7 @@ namespace Org.BouncyCastle.Crypto.Tls.Tests
}
internal static TlsSignerCredentials LoadSignerCredentials(TlsContext context, IList supportedSignatureAlgorithms,
- byte signatureAlgorithm, string certResource, string keyResource)
+ byte signatureAlgorithm, string[] certResources, string keyResource)
{
/*
* TODO Note that this code fails to provide default value for the client supported
@@ -114,8 +114,7 @@ namespace Org.BouncyCastle.Crypto.Tls.Tests
return null;
}
- return LoadSignerCredentials(context, new String[]{ certResource, "x509-ca.pem" },
- keyResource, signatureAndHashAlgorithm);
+ return LoadSignerCredentials(context, certResources, keyResource, signatureAndHashAlgorithm);
}
internal static Certificate LoadCertificateChain(string[] resources)
|
