4 * A test class for TLS. Not a finished product.
5 * Copyright (c) 2007 Henri Torgemane
7 * See LICENSE.txt for full license information.
9 package com.hurlant.crypto.tls {
10 import com.hurlant.crypto.cert.X509Certificate;
11 import com.hurlant.crypto.cert.X509CertificateCollection;
12 import com.hurlant.util.Hex;
13 import com.hurlant.util.der.PEM;
15 import flash.events.Event;
16 import flash.events.ProgressEvent;
17 import flash.net.Socket;
18 import flash.utils.ByteArray;
19 import flash.utils.getTimer;
21 public class TLSTest {
24 public var myDebugData:String;
26 //[Embed(source="/src/host.cert",mimeType="application/octet-stream")]
27 public var myCert:Class;
28 //[Embed(source="/src/host.key",mimeType="application/octet-stream")]
29 public var myKey:Class;
31 public function TLSTest(host:String = null, port:int = 0, type:int = 0 ) {
34 if (type == 0) { // SSL 3.0
35 connectLoginYahooCom();
36 // connectLocalSSL(host, port);
38 connectLocalTLS(host, port);
45 public function connectLoginYahooCom():void {
46 trace("Connecting test socket");
47 var s:Socket = new Socket("esx.bluebearllc.net", 903);
49 var clientConfig:TLSConfig = new TLSConfig(TLSEngine.CLIENT,
55 SSLSecurityParameters.PROTOCOL_VERSION);
57 var client:TLSEngine = new TLSEngine(clientConfig, s, s);
59 s.addEventListener(ProgressEvent.SOCKET_DATA, client.dataAvailable);
60 client.addEventListener(ProgressEvent.SOCKET_DATA, function(e:*):void { s.flush(); });
64 public function connectLocalTLS(host:String, port:int):void {
65 var s:Socket = new Socket(host, port);
67 var clientConfig:TLSConfig = new TLSConfig(TLSEngine.CLIENT);
69 var client:TLSEngine = new TLSEngine(clientConfig, s, s);
71 s.addEventListener(ProgressEvent.SOCKET_DATA, client.dataAvailable);
72 client.addEventListener(ProgressEvent.SOCKET_DATA, function(e:*):void { s.flush(); });
77 public function connectLocalSSL(host:String, port:int):void {
78 var s:Socket = new Socket(host, port);
80 var clientConfig:TLSConfig = new TLSConfig(TLSEngine.CLIENT,
86 SSLSecurityParameters.PROTOCOL_VERSION);
88 var client:TLSEngine = new TLSEngine(clientConfig, s, s);
90 s.addEventListener(ProgressEvent.SOCKET_DATA, client.dataAvailable);
91 client.addEventListener(ProgressEvent.SOCKET_DATA, function(e:*):void { s.flush(); });
96 public function loopback():void {
98 var server_write:ByteArray = new ByteArray;
99 var client_write:ByteArray = new ByteArray;
100 var server_write_cursor:uint = 0;
101 var client_write_cursor:uint = 0;
103 var clientConfig:TLSConfig = new TLSConfig(TLSEngine.CLIENT, null, null, null, null, null, SSLSecurityParameters.PROTOCOL_VERSION);
104 var serverConfig:TLSConfig = new TLSConfig(TLSEngine.SERVER, null, null, null, null, null, SSLSecurityParameters.PROTOCOL_VERSION);
107 var cert:ByteArray = new myCert;
108 var key:ByteArray = new myKey;
109 serverConfig.setPEMCertificate(cert.readUTFBytes(cert.length), key.readUTFBytes(key.length));
110 // tmp, for debugging. currently useless
113 clientConfig.setPEMCertificate(cert.readUTFBytes(cert.length), key.readUTFBytes(key.length));
114 // put the server cert in the client's trusted store, to keep things happy.
115 clientConfig.CAStore = new X509CertificateCollection;
117 var x509:X509Certificate = new X509Certificate(PEM.readCertIntoArray(cert.readUTFBytes(cert.length)));
118 clientConfig.CAStore.addCertificate(x509);
121 var server:TLSEngine = new TLSEngine(serverConfig, client_write, server_write);
122 var client:TLSEngine = new TLSEngine(clientConfig, server_write, client_write);
124 server.addEventListener(ProgressEvent.SOCKET_DATA, function(e:*=null):void {
125 trace("server wrote something!");
126 trace(Hex.fromArray(server_write));
127 var l:uint = server_write.position;
128 server_write.position = server_write_cursor;
129 client.dataAvailable(e);
130 server_write.position = l;
131 server_write_cursor = l;
133 client.addEventListener(ProgressEvent.SOCKET_DATA, function(e:*=null):void {
134 trace("client wrote something!");
135 trace(Hex.fromArray(client_write));
136 var l:uint = client_write.position;
137 client_write.position = client_write_cursor;
138 server.dataAvailable(e);
139 client_write.position = l;
140 client_write_cursor = l;
147 public function testSocket():void {
149 "bugs.adobe.com", // apache
150 "login.yahoo.com", // apache, bigger response
151 "login.live.com", // IIS-6, chain of 3 certs
152 "banking.wellsfargo.com", // custom, sends its CA cert along for the ride.
153 "www.bankofamerica.com" // sun-one, chain of 3 certs
156 (function next():void {
157 testHost(hosts[i++], next);
161 private function testHost(host:String, next:Function):void {
162 if (host==null) return;
163 var t1:int = getTimer();
165 var host:String = host;
166 var t:TLSSocket = new TLSSocket;
167 t.connect(host, 4433);
168 t.writeUTFBytes("GET / HTTP/1.0\nHost: "+host+"\n\n");
169 t.addEventListener(Event.CLOSE, function(e:*):void {
170 var s:String = t.readUTFBytes(t.bytesAvailable);
171 trace("Response from "+host+": "+s.length+" characters");
172 var bytes:ByteArray = new ByteArray();
173 t.readBytes(bytes, 0, t.bytesAvailable);
174 trace(Hex.fromArray(bytes));
175 trace("Time used = "+(getTimer()-t1)+"ms");