Add a basic DTLS server test, for use with an external client

core/docs/OpenSSLSetup.html

@@ -2,8 +2,7 @@
     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
 <body>
-<h3>Instructions for setting up an OpenSSL server for use with DTLSClientTest,
-TlsClientTest, TlsServerTest.</h3>
+<h3>Instructions for setting up an OpenSSL server for use with DTLSClientTest, DTLSServerTest, TlsClientTest, TlsServerTest.</h3>
 
 <ul>
 <li> Download and Install OpenSSL (exercise for the reader)
@@ -22,7 +21,8 @@ <h3>Instructions for setting up an OpenSSL server for use with DTLSClientTest,
 <li>
 DTLS:
 <pre>
-    openssl s_server -accept 5556 -mtu 1500 -debug -msg -state -dtls1 -CAfile x509-ca.pem -cert x509-server.pem -key x509-server-key.pem
+    openssl s_client -connect localhost:5556 -mtu 1500 -debug -msg -state -dtls1_2 -CAfile x509-ca.pem -cert x509-client.pem -key x509-client-key.pem -verify 0
+    openssl s_server -accept 5556 -mtu 1500 -debug -msg -state -dtls1_2 -CAfile x509-ca.pem -cert x509-server.pem -key x509-server-key.pem -verify 0
 </pre>
 </li>
 </ul>

core/src/test/java/org/bouncycastle/crypto/tls/test/DTLSServerTest.java

@@ -0,0 +1,76 @@
+package org.bouncycastle.crypto.tls.test;
+
+import java.net.DatagramPacket;
+import java.net.DatagramSocket;
+import java.net.InetAddress;
+import java.net.SocketTimeoutException;
+import java.security.SecureRandom;
+
+import org.bouncycastle.crypto.tls.DTLSServerProtocol;
+import org.bouncycastle.crypto.tls.DTLSTransport;
+import org.bouncycastle.crypto.tls.DatagramTransport;
+import org.bouncycastle.crypto.tls.UDPTransport;
+
+/**
+ * A simple test designed to conduct a DTLS handshake with an external DTLS client.
+ * <p/>
+ * Please refer to GnuTLSSetup.txt or OpenSSLSetup.txt, and x509-*.pem files in this package for
+ * help configuring an external DTLS client.
+ */
+public class DTLSServerTest
+{
+    public static void main(String[] args)
+        throws Exception
+    {
+        InetAddress address = InetAddress.getLocalHost();
+        int port = 5556;
+
+        int mtu = 1500;
+
+        SecureRandom secureRandom = new SecureRandom();
+
+        DTLSServerProtocol serverProtocol = new DTLSServerProtocol(secureRandom);
+
+        byte[] data = new byte[mtu];
+        DatagramPacket packet = new DatagramPacket(data, mtu);
+
+        DatagramSocket socket = new DatagramSocket(port, address);
+        socket.receive(packet);
+
+        System.out.println("Accepting connection from " + packet.getAddress().getHostAddress() + ":" + port);
+        socket.connect(packet.getAddress(), packet.getPort());
+
+        /*
+         * NOTE: For simplicity, and since we don't yet have HelloVerifyRequest support, we just
+         * discard the initial packet, which the client should re-send anyway.
+         */
+
+        DatagramTransport transport = new UDPTransport(socket, mtu);
+
+        // Uncomment to see packets
+//        transport = new LoggingDatagramTransport(transport, System.out);
+
+        MockDTLSServer server = new MockDTLSServer();
+        DTLSTransport dtlsServer = serverProtocol.accept(server, transport);
+
+        byte[] buf = new byte[dtlsServer.getReceiveLimit()];
+
+        while (!socket.isClosed())
+        {
+            try
+            {
+                int length = dtlsServer.receive(buf, 0, buf.length, 60000);
+                if (length >= 0)
+                {
+                    System.out.write(buf, 0, length);
+                    dtlsServer.send(buf, 0, length);
+                }
+            }
+            catch (SocketTimeoutException ste)
+            {
+            }
+        }
+
+        dtlsServer.close();
+    }
+}