Commit 5bdcaaaa authored by Dave Cridland's avatar Dave Cridland

Merge pull request #454 from guusdk/OF-1004

OF-1004: Reduce complexity of connection configuration
parents 22159e5b 3c8a143b
......@@ -2466,3 +2466,15 @@ client.connections.settings.ping.footnote=The XMPP specification requires all cl
If a client does not support the XMPP Ping request, it must return an error (which in itself is a response too).
client.connections.settings.ping.enable=Send an XMPP Ping request to idle clients.
client.connections.settings.ping.disable=Do not send XMPP Ping requests to idle clients.
# Connection type and mode
connection-type.socket-s2s=server-to-server (federation)
connection-type.socket-c2s=client-to-server
connection-type.bosh-c2s=HTTP-binding (BOSH)
connection-type.webadmin=admin console
connection-type.component=external component
connection-type.connection-manager=connection manager
connection-type.unspecified=unspecified
connection-mode.plain=plain text (with STARTSSL)
connection-mode.legacy=encrypted (legacy-mode)
connection-mode.unspecified=unspecified
......@@ -2429,3 +2429,15 @@ client.connections.settings.ping.footnote=The XMPP specification requires all cl
If a client does not support the XMPP Ping request, it must return an error (which in itself is a response too).
client.connections.settings.ping.enable=Send an XMPP Ping request to idle clients.
client.connections.settings.ping.disable=Do not send XMPP Ping requests to idle clients.
# Connection type and mode
connection-type.socket-s2s=server-to-server (federation)
connection-type.socket-c2s=client-to-server
connection-type.bosh-c2s=HTTP-binding (BOSH)
connection-type.webadmin=admin console
connection-type.component=external component
connection-type.connection-manager=connection manager
connection-type.unspecified=unspecified
connection-mode.plain=plain text (with STARTSSL)
connection-mode.legacy=encrypted (legacy-mode)
connection-mode.unspecified=unspecified
......@@ -3062,3 +3062,15 @@ client.connections.settings.ping.footnote=The XMPP specification requires all cl
If a client does not support the XMPP Ping request, it must return an error (which in itself is a response too).
client.connections.settings.ping.enable=Send an XMPP Ping request to idle clients.
client.connections.settings.ping.disable=Do not send XMPP Ping requests to idle clients.
# Connection type and mode
connection-type.socket-s2s=server-to-server (federation)
connection-type.socket-c2s=client-to-server
connection-type.bosh-c2s=HTTP-binding (BOSH)
connection-type.webadmin=admin console
connection-type.component=external component
connection-type.connection-manager=connection manager
connection-type.unspecified=unspecified
connection-mode.plain=plain text (with STARTSSL)
connection-mode.legacy=encrypted (legacy-mode)
connection-mode.unspecified=unspecified
......@@ -2487,3 +2487,15 @@ client.connections.settings.ping.footnote=La especificaci\u00f3n de XMPP requeir
solicitud. Si un cliente no soporta la solicitud XMPP Ping debe retornar error (lo cual tambi\u00e9n es una respuesta).
client.connections.settings.ping.enable=Enviar una solicitud XMPP Ping a los clientes inactivos.
client.connections.settings.ping.disable=No enviar una solicitud XMPP Ping a los clientes inactivos.
# Connection type and mode
connection-type.socket-s2s=server-to-server (federation)
connection-type.socket-c2s=client-to-server
connection-type.bosh-c2s=HTTP-binding (BOSH)
connection-type.webadmin=admin console
connection-type.component=external component
connection-type.connection-manager=connection manager
connection-type.unspecified=unspecified
connection-mode.plain=plain text (with STARTSSL)
connection-mode.legacy=encrypted (legacy-mode)
connection-mode.unspecified=unspecified
......@@ -2042,3 +2042,15 @@ client.connections.settings.ping.footnote=The XMPP specification requires all cl
If a client does not support the XMPP Ping request, it must return an error (which in itself is a response too).
client.connections.settings.ping.enable=Send an XMPP Ping request to idle clients.
client.connections.settings.ping.disable=Do not send XMPP Ping requests to idle clients.
# Connection type and mode
connection-type.socket-s2s=server-to-server (federation)
connection-type.socket-c2s=client-to-server
connection-type.bosh-c2s=HTTP-binding (BOSH)
connection-type.webadmin=admin console
connection-type.component=external component
connection-type.connection-manager=connection manager
connection-type.unspecified=unspecified
connection-mode.plain=plain text (with STARTSSL)
connection-mode.legacy=encrypted (legacy-mode)
connection-mode.unspecified=unspecified
......@@ -2413,3 +2413,15 @@ client.connections.settings.ping.footnote=The XMPP specification requires all cl
If a client does not support the XMPP Ping request, it must return an error (which in itself is a response too).
client.connections.settings.ping.enable=Send an XMPP Ping request to idle clients.
client.connections.settings.ping.disable=Do not send XMPP Ping requests to idle clients.
# Connection type and mode
connection-type.socket-s2s=server-to-server (federation)
connection-type.socket-c2s=client-to-server
connection-type.bosh-c2s=HTTP-binding (BOSH)
connection-type.webadmin=admin console
connection-type.component=external component
connection-type.connection-manager=connection manager
connection-type.unspecified=unspecified
connection-mode.plain=plain text (with STARTSSL)
connection-mode.legacy=encrypted (legacy-mode)
connection-mode.unspecified=unspecified
......@@ -2433,3 +2433,15 @@ client.connections.settings.ping.footnote=De XMPP specificatie verplicht alle cl
is, waaraan Openfire kan zien dat de verbinding actief is).
client.connections.settings.ping.enable=Verstuur XMPP Ping verzoeken aan clienten die inactief zijn.
client.connections.settings.ping.disable=Verstuur geen XMPP ping verzoeken.
# Connection type and mode
connection-type.socket-s2s=server-to-server (federation)
connection-type.socket-c2s=client-to-server
connection-type.bosh-c2s=HTTP-binding (BOSH)
connection-type.webadmin=admin console
connection-type.component=external component
connection-type.connection-manager=connection manager
connection-type.unspecified=unspecified
connection-mode.plain=plain text (with STARTSSL)
connection-mode.legacy=encrypted (legacy-mode)
connection-mode.unspecified=unspecified
......@@ -2400,3 +2400,15 @@ client.connections.settings.ping.footnote=The XMPP specification requires all cl
If a client does not support the XMPP Ping request, it must return an error (which in itself is a response too).
client.connections.settings.ping.enable=Send an XMPP Ping request to idle clients.
client.connections.settings.ping.disable=Do not send XMPP Ping requests to idle clients.
# Connection type and mode
connection-type.socket-s2s=server-to-server (federation)
connection-type.socket-c2s=client-to-server
connection-type.bosh-c2s=HTTP-binding (BOSH)
connection-type.webadmin=admin console
connection-type.component=external component
connection-type.connection-manager=connection manager
connection-type.unspecified=unspecified
connection-mode.plain=plain text (with STARTSSL)
connection-mode.legacy=encrypted (legacy-mode)
connection-mode.unspecified=unspecified
......@@ -2433,3 +2433,15 @@ client.connections.settings.ping.footnote=The XMPP specification requires all cl
If a client does not support the XMPP Ping request, it must return an error (which in itself is a response too).
client.connections.settings.ping.enable=Send an XMPP Ping request to idle clients.
client.connections.settings.ping.disable=Do not send XMPP Ping requests to idle clients.
# Connection type and mode
connection-type.socket-s2s=server-to-server (federation)
connection-type.socket-c2s=client-to-server
connection-type.bosh-c2s=HTTP-binding (BOSH)
connection-type.webadmin=admin console
connection-type.component=external component
connection-type.connection-manager=connection manager
connection-type.unspecified=unspecified
connection-mode.plain=plain text (with STARTSSL)
connection-mode.legacy=encrypted (legacy-mode)
connection-mode.unspecified=unspecified
......@@ -2974,3 +2974,15 @@ client.connections.settings.ping.footnote=As defini\u00e7\u00f5es XMPP requerem
Se o cliente n\u00e3o suportar o Ping XMPP, vai ter de devolver um erro (o que no fundo tambem \u00e9 uma resposta).
client.connections.settings.ping.enable=Enviar um Ping XMPP aos clientes para verifica\u00e7\u00e3o.
client.connections.settings.ping.disable=N\u00e3o enviar Ping XMPP de verifica\u00e7\u00e3o.
# Connection type and mode
connection-type.socket-s2s=server-to-server (federation)
connection-type.socket-c2s=client-to-server
connection-type.bosh-c2s=HTTP-binding (BOSH)
connection-type.webadmin=admin console
connection-type.component=external component
connection-type.connection-manager=connection manager
connection-type.unspecified=unspecified
connection-mode.plain=plain text (with STARTSSL)
connection-mode.legacy=encrypted (legacy-mode)
connection-mode.unspecified=unspecified
......@@ -1886,4 +1886,15 @@ xmpp.error.501=\u041D\u0435 \u0440\u0435\u0430\u043B\u0438\u0437\u043E\u0432\u04
xmpp.error.502=\u041E\u0448\u0438\u0431\u043A\u0430 \u0443\u0434\u0430\u043B\u0435\u043D\u043D\u043E\u0433\u043E \u0441\u0435\u0440\u0432\u0435\u0440\u0430
xmpp.error.503=\u0421\u043B\u0443\u0436\u0431\u0430 \u043D\u0435\u0434\u043E\u0441\u0442\u0443\u043F\u043D\u0430
xmpp.error.504=\u0422\u0430\u0439\u043C-\u0430\u0443\u0442 \u0443\u0434\u0430\u043B\u0435\u043D\u043D\u043E\u0433\u043E \u0441\u0435\u0440\u0432\u0435\u0440\u0430
xmpp.error.unknown=\u041D\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043D\u044B\u0439 \u043A\u043E\u0434 \u043E\u0448\u0438\u0431\u043A\u0438
\ No newline at end of file
xmpp.error.unknown=\u041D\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043D\u044B\u0439 \u043A\u043E\u0434 \u043E\u0448\u0438\u0431\u043A\u0438
# Connection type and mode
connection-type.socket-s2s=server-to-server (federation)
connection-type.socket-c2s=client-to-server
connection-type.bosh-c2s=HTTP-binding (BOSH)
connection-type.webadmin=admin console
connection-type.component=external component
connection-type.connection-manager=connection manager
connection-type.unspecified=unspecified
connection-mode.plain=plain text (with STARTSSL)
connection-mode.legacy=encrypted (legacy-mode)
connection-mode.unspecified=unspecified
......@@ -2269,3 +2269,15 @@ client.connections.settings.ping.footnote=The XMPP specification requires all cl
If a client does not support the XMPP Ping request, it must return an error (which in itself is a response too).
client.connections.settings.ping.enable=Send an XMPP Ping request to idle clients.
client.connections.settings.ping.disable=Do not send XMPP Ping requests to idle clients.
# Connection type and mode
connection-type.socket-s2s=server-to-server (federation)
connection-type.socket-c2s=client-to-server
connection-type.bosh-c2s=HTTP-binding (BOSH)
connection-type.webadmin=admin console
connection-type.component=external component
connection-type.connection-manager=connection manager
connection-type.unspecified=unspecified
connection-mode.plain=plain text (with STARTSSL)
connection-mode.legacy=encrypted (legacy-mode)
connection-mode.unspecified=unspecified
......@@ -2325,3 +2325,15 @@ client.connections.settings.ping.footnote=The XMPP specification requires all cl
If a client does not support the XMPP Ping request, it must return an error (which in itself is a response too).
client.connections.settings.ping.enable=Send an XMPP Ping request to idle clients.
client.connections.settings.ping.disable=Do not send XMPP Ping requests to idle clients.
# Connection type and mode
connection-type.socket-s2s=server-to-server (federation)
connection-type.socket-c2s=client-to-server
connection-type.bosh-c2s=HTTP-binding (BOSH)
connection-type.webadmin=admin console
connection-type.component=external component
connection-type.connection-manager=connection manager
connection-type.unspecified=unspecified
connection-mode.plain=plain text (with STARTSSL)
connection-mode.legacy=encrypted (legacy-mode)
connection-mode.unspecified=unspecified
......@@ -34,10 +34,8 @@ public class ConnectionConfiguration
private final CertificateStoreConfiguration trustStoreConfiguration;
private final boolean acceptSelfSignedCertificates;
private final boolean verifyCertificateValidity;
private final Set<String> encryptionProtocolsEnabled;
private final Set<String> encryptionProtocolsDisabled;
private final Set<String> cipherSuitesEnabled;
private final Set<String> cipherSuitesDisabled;
private final Set<String> encryptionProtocols;
private final Set<String> encryptionCipherSuites;
private final Connection.CompressionPolicy compressionPolicy;
// derived
......@@ -55,7 +53,7 @@ public class ConnectionConfiguration
* @param tlsPolicy The TLS policy that is applied to connections (cannot be null).
*/
// TODO input validation
public ConnectionConfiguration( ConnectionType type, boolean enabled, int maxThreadPoolSize, int maxBufferSize, Connection.ClientAuth clientAuth, InetAddress bindAddress, int port, Connection.TLSPolicy tlsPolicy, CertificateStoreConfiguration identityStoreConfiguration, CertificateStoreConfiguration trustStoreConfiguration, boolean acceptSelfSignedCertificates, boolean verifyCertificateValidity, Set<String> encryptionProtocolsEnabled, Set<String> encryptionProtocolsDisabled, Set<String> cipherSuitesEnabled, Set<String> cipherSuitesDisabled, Connection.CompressionPolicy compressionPolicy )
public ConnectionConfiguration( ConnectionType type, boolean enabled, int maxThreadPoolSize, int maxBufferSize, Connection.ClientAuth clientAuth, InetAddress bindAddress, int port, Connection.TLSPolicy tlsPolicy, CertificateStoreConfiguration identityStoreConfiguration, CertificateStoreConfiguration trustStoreConfiguration, boolean acceptSelfSignedCertificates, boolean verifyCertificateValidity, Set<String> encryptionProtocols, Set<String> encryptionCipherSuites, Connection.CompressionPolicy compressionPolicy )
{
if ( maxThreadPoolSize <= 0 ) {
throw new IllegalArgumentException( "Argument 'maxThreadPoolSize' must be equal to or greater than one." );
......@@ -76,21 +74,8 @@ public class ConnectionConfiguration
this.trustStoreConfiguration = trustStoreConfiguration;
this.acceptSelfSignedCertificates = acceptSelfSignedCertificates;
this.verifyCertificateValidity = verifyCertificateValidity;
// Remove all disabled protocols from the enabled ones.
final Set<String> protocolsEnabled = new HashSet<>();
protocolsEnabled.addAll( encryptionProtocolsEnabled );
protocolsEnabled.removeAll( encryptionProtocolsDisabled );
this.encryptionProtocolsEnabled = Collections.unmodifiableSet( protocolsEnabled );
this.encryptionProtocolsDisabled = Collections.unmodifiableSet( encryptionProtocolsDisabled );
// Remove all disabled suites from the enabled ones.
final Set<String> suitesEnabled = new HashSet<>();
suitesEnabled.addAll( cipherSuitesEnabled );
suitesEnabled.removeAll( cipherSuitesDisabled );
this.cipherSuitesEnabled = Collections.unmodifiableSet( suitesEnabled );
this.cipherSuitesDisabled = Collections.unmodifiableSet( cipherSuitesDisabled );
this.encryptionProtocols = Collections.unmodifiableSet( encryptionProtocols );
this.encryptionCipherSuites = Collections.unmodifiableSet( encryptionCipherSuites );
this.compressionPolicy = compressionPolicy;
final CertificateStoreManager certificateStoreManager = XMPPServer.getInstance().getCertificateStoreManager();
......@@ -175,66 +160,30 @@ public class ConnectionConfiguration
* When non-empty, the list is intended to specify those protocols (from a larger collection of implementation-
* supported protocols) that can be used to establish encryption.
*
* Values returned by {@link #getEncryptionProtocolsDisabled()} are not included in the result of this method.
*
* The order over which values are iterated in the result is equal to the order of values in the comma-separated
* configuration string. This can, but is not guaranteed to, indicate preference.
*
* @return An (ordered) set of protocols, never null but possibly empty.
*/
public Set<String> getEncryptionProtocolsEnabled()
public Set<String> getEncryptionProtocols()
{
return encryptionProtocolsEnabled;
}
/**
* A collection of protocols that must not be used for encryption of connections.
*
* When non-empty, the list is intended to specify those protocols (from a larger collection of implementation-
* supported protocols) that must not be used to establish encryption.
*
* The order over which values are iterated in the result is equal to the order of values in the comma-separated
* configuration string.
*
* @return An (ordered) set of protocols, never null but possibly empty.
*/
public Set<String> getEncryptionProtocolsDisabled()
{
return encryptionProtocolsDisabled;
return encryptionProtocols;
}
/**
* A collection of cipher suite names that can be used for encryption of connections.
*
* When non-empty, the list is intended to specify those cipher suites (from a larger collection of implementation-
* supported cipher suties) that can be used to establish encryption.
*
* Values returned by {@link #getCipherSuitesDisabled()} are not included in the result of this method.
* supported cipher suites) that can be used to establish encryption.
*
* The order over which values are iterated in the result is equal to the order of values in the comma-separated
* configuration string. This can, but is not guaranteed to, indicate preference.
*
* @return An (ordered) set of cipher suites, never null but possibly empty.
*/
public Set<String> getCipherSuitesEnabled()
{
return cipherSuitesEnabled;
}
/**
* A collection of cipher suites that must not be used for encryption of connections.
*
* When non-empty, the list is intended to specify those cipher suites (from a larger collection of implementation-
* supported cipher suites) that must not be used to establish encryption.
*
* The order over which values are iterated in the result is equal to the order of values in the comma-separated
* configuration string.
*
* @return An (ordered) set of cipher suites, never null but possibly empty.
*/
public Set<String> getCipherSuitesDisabled()
public Set<String> getEncryptionCipherSuites()
{
return cipherSuitesDisabled;
return encryptionCipherSuites;
}
public IdentityStore getIdentityStore()
......
......@@ -9,6 +9,8 @@ import org.slf4j.LoggerFactory;
import javax.net.ssl.*;
import java.security.*;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.Set;
/**
......@@ -109,49 +111,19 @@ public class EncryptionArtifactFactory
final SSLEngine sslEngine = sslContext.createSSLEngine();
// Configure protocol support.
final Set<String> protocolsEnabled = configuration.getEncryptionProtocolsEnabled();
if ( !protocolsEnabled.isEmpty() )
final Set<String> protocols = configuration.getEncryptionProtocols();
if ( !protocols.isEmpty() )
{
// When an explicit list of enabled protocols is defined, use only those.
sslEngine.setEnabledProtocols( protocolsEnabled.toArray( new String[ protocolsEnabled.size() ] ) );
}
else
{
// Otherwise, use all supported protocols (except for the ones that are explicitly disabled).
final Set<String> disabled = configuration.getEncryptionProtocolsDisabled();
final ArrayList<String> supported = new ArrayList<>();
for ( final String candidate : sslEngine.getSupportedProtocols() )
{
if ( !disabled.contains( candidate ) )
{
supported.add( candidate );
}
}
sslEngine.setEnabledProtocols( supported.toArray( new String[ supported.size()] ) );
// When an explicit list of enabled protocols is defined, use only those (otherwise, an implementation-specific default will be used).
sslEngine.setEnabledProtocols( protocols.toArray( new String[ protocols.size() ] ) );
}
// Configure cipher suite support.
final Set<String> cipherSuitesEnabled = configuration.getCipherSuitesEnabled();
if ( !cipherSuitesEnabled.isEmpty() )
final Set<String> cipherSuites = configuration.getEncryptionCipherSuites();
if ( !cipherSuites.isEmpty() )
{
// When an explicit list of enabled protocols is defined, use only those.
sslEngine.setEnabledCipherSuites( cipherSuitesEnabled.toArray( new String[ cipherSuitesEnabled.size() ] ) );
}
else
{
// Otherwise, use all supported cipher suites (except for the ones that are explicitly disabled).
final Set<String> disabled = configuration.getCipherSuitesDisabled();
final ArrayList<String> supported = new ArrayList<>();
for ( final String candidate : sslEngine.getSupportedCipherSuites() )
{
if ( !disabled.contains( candidate ) )
{
supported.add( candidate );
}
}
sslEngine.setEnabledCipherSuites( supported.toArray( new String[ supported.size() ] ) );
// When an explicit list of enabled protocols is defined, use only those (otherwise, an implementation-specific default will be used)..
sslEngine.setEnabledCipherSuites( cipherSuites.toArray( new String[ cipherSuites.size() ] ) );
}
return sslEngine;
......@@ -221,20 +193,20 @@ public class EncryptionArtifactFactory
sslContextFactory.setKeyStorePassword( new String( configuration.getIdentityStore().getConfiguration().getPassword() ) );
// Configure protocol support
if ( configuration.getEncryptionProtocolsEnabled() != null && !configuration.getEncryptionProtocolsEnabled().isEmpty() )
final Set<String> protocols = configuration.getEncryptionProtocols();
if ( !protocols.isEmpty() )
{
sslContextFactory.setIncludeProtocols( configuration.getEncryptionProtocolsEnabled().toArray( new String[ configuration.getEncryptionProtocolsEnabled().size() ] ) );
sslContextFactory.setIncludeProtocols( protocols.toArray( new String[ protocols.size() ] ) );
}
sslContextFactory.setExcludeProtocols( configuration.getEncryptionProtocolsDisabled().toArray( new String[ configuration.getEncryptionProtocolsDisabled().size() ] ) );
// Configure cipher suite support.
if ( configuration.getCipherSuitesEnabled() != null && !configuration.getCipherSuitesEnabled().isEmpty() )
final Set<String> cipherSuites = configuration.getEncryptionCipherSuites();
if ( !cipherSuites.isEmpty() )
{
sslContextFactory.setIncludeCipherSuites( configuration.getCipherSuitesEnabled().toArray( new String[ configuration.getCipherSuitesEnabled().size() ] ) );
sslContextFactory.setIncludeCipherSuites( cipherSuites.toArray( new String[ cipherSuites.size() ] ) );
}
sslContextFactory.setExcludeCipherSuites( configuration.getCipherSuitesDisabled().toArray( new String[ configuration.getCipherSuitesDisabled().size() ] ) );
//Set policy for checking client certificates
// Set policy for checking client certificates.
switch ( configuration.getClientAuth() )
{
case disabled:
......@@ -325,4 +297,57 @@ public class EncryptionArtifactFactory
}
return filter;
}
/**
* Returns the names of all encryption protocols that are supported (but not necessarily enabled).
*
* @return An array of protocol names. Not expected to be empty.
*/
public static List<String> getSupportedProtocols() throws NoSuchAlgorithmException, KeyManagementException
{
// TODO Might want to cache the result. It's unlikely to change at runtime.
final SSLContext context = SSLContext.getInstance( "TLSv1" );
context.init( null, null, null );
return Arrays.asList( context.createSSLEngine().getSupportedProtocols() );
}
/**
* Returns the names of all encryption protocols that are enabled by default.
*
* @return An array of protocol names. Not expected to be empty.
*/
public static List<String> getDefaultProtocols() throws NoSuchAlgorithmException, KeyManagementException
{
// TODO Might want to cache the result. It's unlikely to change at runtime.
final SSLContext context = SSLContext.getInstance( "TLSv1" );
context.init( null, null, null );
return Arrays.asList( context.createSSLEngine().getEnabledProtocols() );
}
/**
* Returns the names of all encryption cipher suites that are supported (but not necessarily enabled).
*
* @return An array of cipher suite names. Not expected to be empty.
*/
public static List<String> getSupportedCipherSuites() throws NoSuchAlgorithmException, KeyManagementException
{
// TODO Might want to cache the result. It's unlikely to change at runtime.
final SSLContext context = SSLContext.getInstance( "TLSv1" );
context.init( null, null, null );
return Arrays.asList( context.createSSLEngine().getSupportedCipherSuites() );
}
/**
* Returns the names of all encryption cipher suites that are enabled by default.
*
* @return An array of cipher suite names. Not expected to be empty.
*/
public static List<String> getDefaultCipherSuites() throws NoSuchAlgorithmException, KeyManagementException
{
// TODO Might want to cache the result. It's unlikely to change at runtime.
final SSLContext context = SSLContext.getInstance( "TLSv1" );
context.init( null, null, null );
return Arrays.asList( context.createSSLEngine().getEnabledCipherSuites() );
}
}
package org.jivesoftware.openfire.spi;
import org.junit.Assert;
import org.junit.Test;
import java.util.Collection;
/**
* Unit tests that verify the functionality of {@link EncryptionArtifactFactory}.
*
* @author Guus der Kinderen, guus.der.kinderen@gmail.com
*/
public class EncryptionArtifactFactoryTest
{
/**
* Verifies that the collection of supported encryption protocols is not empty.
*/
@Test
public void testHasSupportedProtocols() throws Exception
{
// Setup fixture.
// (not needed)
// Execute system under test.
final Collection<String> result = EncryptionArtifactFactory.getSupportedProtocols();
// Verify results.
Assert.assertFalse( result.isEmpty() );
}
/**
* Verifies that the collection of default encryption protocols is not empty.
*/
@Test
public void testHasDefaultProtocols() throws Exception
{
// Setup fixture.
// (not needed)
// Execute system under test.
final Collection<String> result = EncryptionArtifactFactory.getDefaultProtocols();
// Verify results.
Assert.assertFalse( result.isEmpty() );
}
/**
* Verifies that the collection of supported cipher suites is not empty.
*/
@Test
public void testHasSupportedCipherSuites() throws Exception
{
// Setup fixture.
// (not needed)
// Execute system under test.
final Collection<String> result = EncryptionArtifactFactory.getSupportedCipherSuites();
// Verify results.
Assert.assertFalse( result.isEmpty() );
}
/**
* Verifies that the collection of default cipher suites is not empty.
*/
@Test
public void testHasDefaultCipherSuites() throws Exception
{
// Setup fixture.
// (not needed)
// Execute system under test.
final Collection<String> result = EncryptionArtifactFactory.getDefaultCipherSuites();
// Verify results.
Assert.assertFalse( result.isEmpty() );
}
}
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment