• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2018 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package android.net.ssl;
18 
19 import static org.junit.Assert.assertArrayEquals;
20 import static org.junit.Assert.assertEquals;
21 import static org.junit.Assert.assertFalse;
22 import static org.junit.Assert.assertNotNull;
23 import static org.junit.Assert.assertNull;
24 import static org.junit.Assert.assertTrue;
25 
26 import com.android.org.conscrypt.javax.net.ssl.TestSSLSocketPair;
27 import com.android.org.conscrypt.tlswire.TlsTester;
28 import com.android.org.conscrypt.tlswire.handshake.ClientHello;
29 import com.android.org.conscrypt.tlswire.handshake.HelloExtension;
30 import java.util.concurrent.ExecutorService;
31 import java.util.concurrent.Executors;
32 import java.util.concurrent.TimeUnit;
33 import javax.net.ssl.HandshakeCompletedListener;
34 import javax.net.ssl.SSLSession;
35 import javax.net.ssl.SSLSocket;
36 import javax.net.ssl.SSLSocketFactory;
37 import org.junit.After;
38 import org.junit.Before;
39 import org.junit.Test;
40 import org.junit.runner.RunWith;
41 import org.junit.runners.JUnit4;
42 import tests.net.DelegatingSSLSocketFactory;
43 
44 @RunWith(JUnit4.class)
45 public class SSLSocketsTest {
46 
47     private static class BrokenSSLSocket extends SSLSocket {
getSupportedCipherSuites()48         @Override public String[] getSupportedCipherSuites() { throw new AssertionError(); }
getEnabledCipherSuites()49         @Override public String[] getEnabledCipherSuites() { throw new AssertionError(); }
setEnabledCipherSuites(String[] strings)50         @Override public void setEnabledCipherSuites(String[] strings) { throw new AssertionError(); }
getSupportedProtocols()51         @Override public String[] getSupportedProtocols() { throw new AssertionError(); }
getEnabledProtocols()52         @Override public String[] getEnabledProtocols() { throw new AssertionError(); }
setEnabledProtocols(String[] strings)53         @Override public void setEnabledProtocols(String[] strings) { throw new AssertionError(); }
getSession()54         @Override public SSLSession getSession() { throw new AssertionError(); }
addHandshakeCompletedListener( HandshakeCompletedListener handshakeCompletedListener)55         @Override public void addHandshakeCompletedListener(
56                 HandshakeCompletedListener handshakeCompletedListener) { throw new AssertionError(); }
removeHandshakeCompletedListener( HandshakeCompletedListener handshakeCompletedListener)57         @Override public void removeHandshakeCompletedListener(
58                 HandshakeCompletedListener handshakeCompletedListener) { throw new AssertionError(); }
startHandshake()59         @Override public void startHandshake() { throw new AssertionError(); }
setUseClientMode(boolean b)60         @Override public void setUseClientMode(boolean b) { throw new AssertionError(); }
getUseClientMode()61         @Override public boolean getUseClientMode() { throw new AssertionError(); }
setNeedClientAuth(boolean b)62         @Override public void setNeedClientAuth(boolean b) { throw new AssertionError(); }
getNeedClientAuth()63         @Override public boolean getNeedClientAuth() { throw new AssertionError(); }
setWantClientAuth(boolean b)64         @Override public void setWantClientAuth(boolean b) { throw new AssertionError(); }
getWantClientAuth()65         @Override public boolean getWantClientAuth() { throw new AssertionError(); }
setEnableSessionCreation(boolean b)66         @Override public void setEnableSessionCreation(boolean b) { throw new AssertionError(); }
getEnableSessionCreation()67         @Override public boolean getEnableSessionCreation() { throw new AssertionError(); }
68     }
69 
70     private ExecutorService executor;
71 
72     @Before
setUp()73     public void setUp() {
74         executor = Executors.newCachedThreadPool();
75     }
76 
77     @After
tearDown()78     public void tearDown() throws InterruptedException {
79         executor.shutdown();
80         executor.awaitTermination(1, TimeUnit.SECONDS);
81     }
82 
83     @Test
testIsSupported()84     public void testIsSupported() throws Exception {
85         SSLSocket s = (SSLSocket) SSLSocketFactory.getDefault().createSocket();
86         assertTrue(SSLSockets.isSupportedSocket(s));
87 
88         s = new BrokenSSLSocket();
89         assertFalse(SSLSockets.isSupportedSocket(s));
90     }
91 
92     @Test(expected = IllegalArgumentException.class)
setUseSessionTickets_InvalidSocket()93     public void setUseSessionTickets_InvalidSocket() {
94         SSLSockets.setUseSessionTickets(new BrokenSSLSocket(), true);
95     }
96 
97     @Test
setUseSessionTickets_ValidSocket()98     public void setUseSessionTickets_ValidSocket() throws Exception {
99         SSLSocket s = (SSLSocket) SSLSocketFactory.getDefault().createSocket();
100         SSLSockets.setUseSessionTickets(s, true);
101 
102         ClientHello hello = TlsTester.captureTlsHandshakeClientHello(executor,
103                 new DelegatingSSLSocketFactory((SSLSocketFactory) SSLSocketFactory.getDefault()) {
104                     @Override public SSLSocket configureSocket(SSLSocket socket) {
105                         SSLSockets.setUseSessionTickets(socket, true);
106                         return socket;
107                     }
108                 });
109         assertNotNull(hello.findExtensionByType(HelloExtension.TYPE_SESSION_TICKET));
110 
111         hello = TlsTester.captureTlsHandshakeClientHello(executor,
112                 new DelegatingSSLSocketFactory((SSLSocketFactory) SSLSocketFactory.getDefault()) {
113                     @Override public SSLSocket configureSocket(SSLSocket socket) {
114                         SSLSockets.setUseSessionTickets(socket, false);
115                         return socket;
116                     }
117                 });
118         assertNull(hello.findExtensionByType(HelloExtension.TYPE_SESSION_TICKET));
119     }
120 
121     @Test(expected = IllegalArgumentException.class)
exportKeyingMaterial_InvalidSocket()122     public void exportKeyingMaterial_InvalidSocket() throws Exception {
123         SSLSockets.exportKeyingMaterial(new BrokenSSLSocket(), "label", null, 20);
124     }
125 
126     @Test
exportKeyingMaterial_ValidSocket()127     public void exportKeyingMaterial_ValidSocket() throws Exception {
128         TestSSLSocketPair pair = TestSSLSocketPair.create();
129         String label = "Some label";
130         int keyLength = 32;
131 
132         pair.connect();
133 
134         byte[] clientEkm = SSLSockets.exportKeyingMaterial(pair.client, label, null, keyLength);
135         byte[] serverEkm = SSLSockets.exportKeyingMaterial(pair.server, label, null, keyLength);
136         assertNotNull(clientEkm);
137         assertNotNull(serverEkm);
138         assertEquals(keyLength, clientEkm.length);
139         assertEquals(keyLength, serverEkm.length);
140         assertArrayEquals(clientEkm, serverEkm);
141     }
142 }
143