1 /* 2 * Copyright 2014 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package org.conscrypt; 18 19 import static org.conscrypt.TestUtils.assumeJava8; 20 import static org.conscrypt.TestUtils.isJavaVersion; 21 import static org.junit.Assert.assertArrayEquals; 22 import static org.junit.Assert.assertEquals; 23 import static org.junit.Assert.assertFalse; 24 25 import java.lang.reflect.Method; 26 import java.net.Socket; 27 import java.util.ArrayList; 28 import java.util.Collection; 29 import java.util.Collections; 30 import java.util.HashSet; 31 import java.util.List; 32 import javax.net.ssl.SNIHostName; 33 import javax.net.ssl.SNIMatcher; 34 import javax.net.ssl.SNIServerName; 35 import javax.net.ssl.SSLParameters; 36 import org.conscrypt.testing.FailingSniMatcher; 37 import org.conscrypt.testing.RestrictedAlgorithmConstraints; 38 import org.junit.Test; 39 40 /** 41 * Test for Platform 42 */ 43 public class PlatformTest { 44 private static final Method SSL_PARAMETERS_GET_APPLICATION_PROTOCOLS_METHOD; 45 private static final Method SSL_PARAMETERS_SET_APPLICATION_PROTOCOLS_METHOD; 46 47 static { 48 Class<?> sslParameters = SSLParameters.class; 49 Method getApplicationProtocolsMethod; 50 Method setApplicationProtocolsMethod; 51 try { 52 getApplicationProtocolsMethod = sslParameters.getMethod("getApplicationProtocols"); 53 setApplicationProtocolsMethod = 54 sslParameters.getMethod("setApplicationProtocols", String[].class); 55 } catch (NoSuchMethodException e) { 56 getApplicationProtocolsMethod = null; 57 setApplicationProtocolsMethod = null; 58 } 59 60 SSL_PARAMETERS_GET_APPLICATION_PROTOCOLS_METHOD = getApplicationProtocolsMethod; 61 SSL_PARAMETERS_SET_APPLICATION_PROTOCOLS_METHOD = setApplicationProtocolsMethod; 62 } 63 64 @Test test_setSSLParameters_Socket()65 public void test_setSSLParameters_Socket() throws Exception { 66 assumeJava8(); 67 Socket socket = new OpenSSLSocketFactoryImpl().createSocket(); 68 SSLParametersImpl impl = SSLParametersImpl.getDefault(); 69 SSLParameters params = new SSLParameters(); 70 List<SNIServerName> names = new ArrayList<SNIServerName>(); 71 names.add(new SNIHostName("some.host")); 72 params.setServerNames(names); 73 params.setUseCipherSuitesOrder(false); 74 params.setEndpointIdentificationAlgorithm("ABC"); 75 String[] applicationProtocols = new String[] {"foo", "bar"}; 76 if (isJavaVersion(9)) { 77 setApplicationProtocols(params, applicationProtocols); 78 } 79 Platform.setSSLParameters(params, impl, (AbstractConscryptSocket) socket); 80 assertEquals("some.host", ((AbstractConscryptSocket) socket).getHostname()); 81 assertFalse(impl.getUseCipherSuitesOrder()); 82 assertEquals("ABC", impl.getEndpointIdentificationAlgorithm()); 83 if (isJavaVersion(9)) { 84 assertArrayEquals(applicationProtocols, impl.getApplicationProtocols()); 85 } 86 } 87 88 @Test test_getSSLParameters_Socket()89 public void test_getSSLParameters_Socket() throws Exception { 90 assumeJava8(); 91 Socket socket = new OpenSSLSocketFactoryImpl().createSocket(); 92 SSLParametersImpl impl = SSLParametersImpl.getDefault(); 93 SSLParameters params = new SSLParameters(); 94 impl.setUseCipherSuitesOrder(false); 95 impl.setEndpointIdentificationAlgorithm("ABC"); 96 String[] applicationProtocols = new String[] {"foo", "bar"}; 97 if (isJavaVersion(9)) { 98 impl.setApplicationProtocols(applicationProtocols); 99 } 100 ((AbstractConscryptSocket) socket).setHostname("some.host"); 101 Platform.getSSLParameters(params, impl, (AbstractConscryptSocket) socket); 102 assertEquals("some.host", ((SNIHostName) params.getServerNames().get(0)).getAsciiName()); 103 assertFalse(params.getUseCipherSuitesOrder()); 104 assertEquals("ABC", params.getEndpointIdentificationAlgorithm()); 105 if (isJavaVersion(9)) { 106 assertArrayEquals(applicationProtocols, getApplicationProtocols(params)); 107 } 108 } 109 110 @Test test_setSSLParameters_Engine()111 public void test_setSSLParameters_Engine() throws Exception { 112 assumeJava8(); 113 SSLParametersImpl impl = SSLParametersImpl.getDefault(); 114 SSLParameters params = new SSLParameters(); 115 ConscryptEngine engine = new ConscryptEngine(impl); 116 List<SNIServerName> names = new ArrayList<SNIServerName>(); 117 names.add(new SNIHostName("some.host")); 118 params.setServerNames(names); 119 params.setUseCipherSuitesOrder(false); 120 params.setEndpointIdentificationAlgorithm("ABC"); 121 String[] applicationProtocols = new String[] {"foo", "bar"}; 122 if (isJavaVersion(9)) { 123 setApplicationProtocols(params, applicationProtocols); 124 } 125 Platform.setSSLParameters(params, impl, engine); 126 assertEquals("some.host", engine.getHostname()); 127 assertFalse(impl.getUseCipherSuitesOrder()); 128 assertEquals("ABC", impl.getEndpointIdentificationAlgorithm()); 129 if (isJavaVersion(9)) { 130 assertArrayEquals(applicationProtocols, impl.getApplicationProtocols()); 131 } 132 } 133 134 @Test test_getSSLParameters_Engine()135 public void test_getSSLParameters_Engine() throws Exception { 136 assumeJava8(); 137 SSLParametersImpl impl = SSLParametersImpl.getDefault(); 138 SSLParameters params = new SSLParameters(); 139 ConscryptEngine engine = new ConscryptEngine(impl); 140 impl.setUseCipherSuitesOrder(false); 141 impl.setEndpointIdentificationAlgorithm("ABC"); 142 engine.setHostname("some.host"); 143 String[] applicationProtocols = new String[] {"foo", "bar"}; 144 if (isJavaVersion(9)) { 145 impl.setApplicationProtocols(applicationProtocols); 146 } 147 Platform.getSSLParameters(params, impl, engine); 148 assertEquals("some.host", ((SNIHostName) params.getServerNames().get(0)).getAsciiName()); 149 assertFalse(params.getUseCipherSuitesOrder()); 150 assertEquals("ABC", params.getEndpointIdentificationAlgorithm()); 151 if (isJavaVersion(9)) { 152 assertArrayEquals(applicationProtocols, getApplicationProtocols(params)); 153 } 154 } 155 156 @Test test_setAndGetSSLParameters()157 public void test_setAndGetSSLParameters() throws Exception { 158 assumeJava8(); 159 ConscryptEngine engine = new ConscryptEngine(SSLParametersImpl.getDefault()); 160 SSLParameters paramsIn = new SSLParameters(); 161 162 List<SNIServerName> names = new ArrayList<>(); 163 names.add(new SNIHostName("some.host")); 164 paramsIn.setServerNames(names); 165 paramsIn.setUseCipherSuitesOrder(true); 166 paramsIn.setEndpointIdentificationAlgorithm("ABC"); 167 paramsIn.setWantClientAuth(true); 168 paramsIn.setSNIMatchers(Collections.singleton(FailingSniMatcher.create())); 169 paramsIn.setAlgorithmConstraints(new RestrictedAlgorithmConstraints()); 170 171 engine.setSSLParameters(paramsIn); 172 SSLParameters paramsOut = engine.getSSLParameters(); 173 174 assertEquals(paramsIn.getServerNames(), paramsOut.getServerNames()); 175 assertEquals(paramsIn.getUseCipherSuitesOrder(), paramsOut.getUseCipherSuitesOrder()); 176 assertEquals(paramsIn.getEndpointIdentificationAlgorithm(), 177 paramsOut.getEndpointIdentificationAlgorithm()); 178 assertEquals(paramsIn.getWantClientAuth(), paramsOut.getWantClientAuth()); 179 assertEquals(paramsIn.getNeedClientAuth(), paramsOut.getNeedClientAuth()); 180 assertSNIMatchersEqual(paramsIn.getSNIMatchers(), paramsOut.getSNIMatchers()); 181 assertEquals(paramsIn.getAlgorithmConstraints(), paramsOut.getAlgorithmConstraints()); 182 } 183 assertSNIMatchersEqual(Collection<SNIMatcher> a, Collection<SNIMatcher> b)184 private static void assertSNIMatchersEqual(Collection<SNIMatcher> a, Collection<SNIMatcher> b) { 185 assertEquals(a.size(), b.size()); 186 187 HashSet<SNIMatcher> aSet = new HashSet<>(a); 188 aSet.removeAll(b); 189 assertEquals(0, aSet.size()); 190 } 191 getApplicationProtocols(SSLParameters params)192 private static String[] getApplicationProtocols(SSLParameters params) { 193 if (SSL_PARAMETERS_GET_APPLICATION_PROTOCOLS_METHOD != null) { 194 try { 195 return (String[]) SSL_PARAMETERS_GET_APPLICATION_PROTOCOLS_METHOD.invoke(params); 196 } catch (Exception ignored) { 197 // TODO(nmittler): Should we throw here? 198 } 199 } 200 return EmptyArray.STRING; 201 } 202 setApplicationProtocols(SSLParameters params, String[] protocols)203 private static void setApplicationProtocols(SSLParameters params, String[] protocols) { 204 if (SSL_PARAMETERS_SET_APPLICATION_PROTOCOLS_METHOD != null) { 205 try { 206 SSL_PARAMETERS_SET_APPLICATION_PROTOCOLS_METHOD.invoke(params, (Object) protocols); 207 } catch (Exception ignored) { 208 // TODO(nmittler): Should we throw here? 209 } 210 } 211 } 212 } 213