diff options
author | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2019-02-01 13:01:14 +0100 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2019-02-01 13:01:14 +0100 |
commit | d6f675f18bd0218312cb9aeb475ae574f3366e45 (patch) | |
tree | 9c75f931e7ef357032fb4f35d945bf4d4a1cb7a9 /security-utils/src/test | |
parent | b2b1cac07d55fcd1f2936849f01a4ee637cc1bdf (diff) |
Restrict enabled protocols
Diffstat (limited to 'security-utils/src/test')
-rw-r--r-- | security-utils/src/test/java/com/yahoo/security/tls/DefaultTlsContextTest.java | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/security-utils/src/test/java/com/yahoo/security/tls/DefaultTlsContextTest.java b/security-utils/src/test/java/com/yahoo/security/tls/DefaultTlsContextTest.java index cfaa7ba06df..656cfa77d61 100644 --- a/security-utils/src/test/java/com/yahoo/security/tls/DefaultTlsContextTest.java +++ b/security-utils/src/test/java/com/yahoo/security/tls/DefaultTlsContextTest.java @@ -12,6 +12,7 @@ import org.junit.Test; import javax.net.ssl.SSLEngine; import javax.security.auth.x500.X500Principal; +import java.security.GeneralSecurityException; import java.security.KeyPair; import java.security.cert.X509Certificate; import java.time.Instant; @@ -32,7 +33,7 @@ import static org.assertj.core.api.Assertions.assertThat; public class DefaultTlsContextTest { @Test - public void can_create_sslcontext_from_credentials() { + public void can_create_sslcontext_from_credentials() throws GeneralSecurityException { KeyPair keyPair = KeyUtils.generateKeypair(EC); X509Certificate certificate = X509CertificateBuilder @@ -54,6 +55,9 @@ public class DefaultTlsContextTest { String[] enabledCiphers = sslEngine.getEnabledCipherSuites(); assertThat(enabledCiphers).isNotEmpty(); assertThat(enabledCiphers).isSubsetOf(DefaultTlsContext.ALLOWED_CIPHER_SUITES.toArray(new String[0])); + + String[] enabledProtocols = sslEngine.getEnabledProtocols(); + assertThat(enabledProtocols).contains("TLSv1.2"); } }
\ No newline at end of file |