• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2018 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package android.net.ssl;
18 
19 import static org.junit.Assert.assertArrayEquals;
20 import static org.junit.Assert.assertEquals;
21 import static org.junit.Assert.assertFalse;
22 import static org.junit.Assert.assertNotNull;
23 import static org.junit.Assert.assertNull;
24 import static org.junit.Assert.assertTrue;
25 
26 import com.android.org.conscrypt.javax.net.ssl.TestSSLContext;
27 import com.android.org.conscrypt.javax.net.ssl.TestSSLEnginePair;
28 import com.android.org.conscrypt.tlswire.TlsTester;
29 import com.android.org.conscrypt.tlswire.handshake.ClientHello;
30 import com.android.org.conscrypt.tlswire.handshake.HelloExtension;
31 import java.nio.ByteBuffer;
32 import javax.net.ssl.SSLContext;
33 import javax.net.ssl.SSLEngine;
34 import javax.net.ssl.SSLEngineResult;
35 import javax.net.ssl.SSLSession;
36 import org.junit.Test;
37 import org.junit.runner.RunWith;
38 import org.junit.runners.JUnit4;
39 
40 @RunWith(JUnit4.class)
41 public class SSLEnginesTest {
42 
43     private static class BrokenSSLEngine extends SSLEngine {
wrap(ByteBuffer[] byteBuffers, int i, int i1, ByteBuffer byteBuffer)44         @Override public SSLEngineResult wrap(ByteBuffer[] byteBuffers, int i, int i1,
45                 ByteBuffer byteBuffer) { throw new AssertionError(); }
unwrap(ByteBuffer byteBuffer, ByteBuffer[] byteBuffers, int i, int i1)46         @Override public SSLEngineResult unwrap(ByteBuffer byteBuffer, ByteBuffer[] byteBuffers,
47                 int i, int i1)  { throw new AssertionError(); }
getDelegatedTask()48         @Override public Runnable getDelegatedTask() { throw new AssertionError(); }
closeInbound()49         @Override public void closeInbound()  { throw new AssertionError(); }
isInboundDone()50         @Override public boolean isInboundDone() { throw new AssertionError(); }
closeOutbound()51         @Override public void closeOutbound() { throw new AssertionError(); }
isOutboundDone()52         @Override public boolean isOutboundDone() { throw new AssertionError(); }
getSupportedCipherSuites()53         @Override public String[] getSupportedCipherSuites() { throw new AssertionError(); }
getEnabledCipherSuites()54         @Override public String[] getEnabledCipherSuites() { throw new AssertionError(); }
setEnabledCipherSuites(String[] strings)55         @Override public void setEnabledCipherSuites(String[] strings) { throw new AssertionError(); }
getSupportedProtocols()56         @Override public String[] getSupportedProtocols() { throw new AssertionError(); }
getEnabledProtocols()57         @Override public String[] getEnabledProtocols() { throw new AssertionError(); }
setEnabledProtocols(String[] strings)58         @Override public void setEnabledProtocols(String[] strings) { throw new AssertionError(); }
getSession()59         @Override public SSLSession getSession() { throw new AssertionError(); }
beginHandshake()60         @Override public void beginHandshake() { throw new AssertionError(); }
getHandshakeStatus()61         @Override public SSLEngineResult.HandshakeStatus getHandshakeStatus() { throw new AssertionError(); }
setUseClientMode(boolean b)62         @Override public void setUseClientMode(boolean b) { throw new AssertionError(); }
getUseClientMode()63         @Override public boolean getUseClientMode() { throw new AssertionError(); }
setNeedClientAuth(boolean b)64         @Override public void setNeedClientAuth(boolean b) { throw new AssertionError(); }
getNeedClientAuth()65         @Override public boolean getNeedClientAuth() { throw new AssertionError(); }
setWantClientAuth(boolean b)66         @Override public void setWantClientAuth(boolean b) { throw new AssertionError(); }
getWantClientAuth()67         @Override public boolean getWantClientAuth() { throw new AssertionError(); }
setEnableSessionCreation(boolean b)68         @Override public void setEnableSessionCreation(boolean b) { throw new AssertionError(); }
getEnableSessionCreation()69         @Override public boolean getEnableSessionCreation() { throw new AssertionError(); }
70     }
71 
72     private static final ByteBuffer EMPTY_BUFFER = ByteBuffer.allocate(0);
73 
74     @Test
testIsSupported()75     public void testIsSupported() throws Exception {
76         SSLEngine e = SSLContext.getDefault().createSSLEngine();
77         assertTrue(SSLEngines.isSupportedEngine(e));
78 
79         e = new BrokenSSLEngine();
80         assertFalse(SSLEngines.isSupportedEngine(e));
81     }
82 
83     @Test(expected = IllegalArgumentException.class)
useSessionTickets_InvalidEngine()84     public void useSessionTickets_InvalidEngine() {
85         SSLEngines.setUseSessionTickets(new BrokenSSLEngine(), true);
86     }
87 
88     @Test
useSessionTickets_ValidEngine()89     public void useSessionTickets_ValidEngine() throws Exception {
90         SSLEngine e = SSLContext.getDefault().createSSLEngine();
91         e.setUseClientMode(true);
92         SSLEngines.setUseSessionTickets(e, true);
93 
94         ClientHello hello = getClientHello(e);
95         assertNotNull(hello.findExtensionByType(HelloExtension.TYPE_SESSION_TICKET));
96 
97         e = SSLContext.getDefault().createSSLEngine();
98         e.setUseClientMode(true);
99         SSLEngines.setUseSessionTickets(e, false);
100 
101         hello = getClientHello(e);
102         assertNull(hello.findExtensionByType(HelloExtension.TYPE_SESSION_TICKET));
103     }
104 
getClientHello(SSLEngine e)105     private static ClientHello getClientHello(SSLEngine e) throws Exception {
106         ByteBuffer out = ByteBuffer.allocate(64 * 1024);
107 
108         e.wrap(EMPTY_BUFFER, out);
109         out.flip();
110         byte[] data = new byte[out.limit()];
111         out.get(data);
112 
113         return TlsTester.parseClientHello(data);
114     }
115 
116     @Test(expected = IllegalArgumentException.class)
exportKeyingMaterial_InvalidEngine()117     public void exportKeyingMaterial_InvalidEngine() throws Exception {
118         SSLEngines.exportKeyingMaterial(new BrokenSSLEngine(), "label", null, 20);
119     }
120 
121     @Test
exportKeyingMaterial_ValidEngine()122     public void exportKeyingMaterial_ValidEngine() throws Exception {
123         String label = "Some label";
124         int keyLength = 32;
125 
126         TestSSLEnginePair pair = TestSSLEnginePair.create(TestSSLContext.create());
127 
128         byte[] clientEkm = SSLEngines.exportKeyingMaterial(pair.client, label, null, keyLength);
129         byte[] serverEkm = SSLEngines.exportKeyingMaterial(pair.server, label, null, keyLength);
130         assertNotNull(clientEkm);
131         assertNotNull(serverEkm);
132         assertEquals(keyLength, clientEkm.length);
133         assertEquals(keyLength, serverEkm.length);
134         assertArrayEquals(clientEkm, serverEkm);
135     }
136 }
137