1 /* 2 * Licensed to the Apache Software Foundation (ASF) under one or more 3 * contributor license agreements. See the NOTICE file distributed with 4 * this work for additional information regarding copyright ownership. 5 * The ASF licenses this file to You under the Apache License, Version 2.0 6 * (the "License"); you may not use this file except in compliance with 7 * the License. You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 */ 17 18 19 package tests.api.javax.net.ssl; 20 21 import dalvik.annotation.TestTargetClass; 22 import dalvik.annotation.TestLevel; 23 import dalvik.annotation.TestTargetNew; 24 25 import java.io.ByteArrayInputStream; 26 import java.net.URL; 27 import java.security.Principal; 28 import java.security.cert.Certificate; 29 import java.security.cert.CertificateException; 30 import java.security.cert.CertificateFactory; 31 32 import javax.net.ssl.HostnameVerifier; 33 import javax.net.ssl.HttpsURLConnection; 34 import javax.net.ssl.SSLPeerUnverifiedException; 35 import javax.net.ssl.SSLSession; 36 import javax.net.ssl.SSLSocketFactory; 37 38 import org.apache.harmony.security.tests.support.cert.TestUtils; 39 40 import junit.framework.TestCase; 41 42 43 44 /** 45 * Tests for <code>HttpsURLConnection</code> class constructors and methods. 46 * 47 */ 48 @TestTargetClass(HttpsURLConnection.class) 49 public class HttpsURLConnectionTest extends TestCase { 50 51 /** 52 * @tests javax.net.ssl.HttpsURLConnection#HttpsURLConnection(java_net_URL) 53 */ 54 @TestTargetNew( 55 level = TestLevel.COMPLETE, 56 notes = "", 57 method = "HttpsURLConnection", 58 args = {java.net.URL.class} 59 ) 60 public final void test_Constructor() { 61 try { 62 MyHttpsURLConnection huc = new MyHttpsURLConnection(new URL("https://www.fortify.net/")); 63 } catch (Exception e) { 64 fail("Unexpected exception: " + e.toString()); 65 } 66 try { 67 MyHttpsURLConnection huc = new MyHttpsURLConnection(null); 68 } catch (Exception e) { 69 fail("Unexpected exception " + e.toString()); 70 } 71 } 72 73 /** 74 * @tests javax.net.ssl.HttpsURLConnection#getCipherSuite() 75 */ 76 @TestTargetNew( 77 level = TestLevel.COMPLETE, 78 notes = "", 79 method = "getCipherSuite", 80 args = {} 81 ) 82 public final void test_getCipherSuite() { 83 try { 84 URL url = new URL("https://localhost:55555"); 85 HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); 86 try { 87 connection.getCipherSuite(); 88 fail("IllegalStateException wasn't thrown"); 89 } catch (IllegalStateException ise) { 90 //expected 91 } 92 } catch (Exception e) { 93 fail("Unexpected exception " + e + " for exception case"); 94 } 95 96 try { 97 HttpsURLConnection con = new MyHttpsURLConnection(new URL("https://www.fortify.net/")); 98 assertEquals("CipherSuite", con.getCipherSuite()); 99 } catch (Exception e) { 100 fail("Unexpected exception " + e); 101 } 102 } 103 104 /** 105 * @tests javax.net.ssl.HttpsURLConnection#getLocalCertificates() 106 */ 107 @TestTargetNew( 108 level = TestLevel.COMPLETE, 109 notes = "", 110 method = "getLocalCertificates", 111 args = {} 112 ) 113 public final void test_getLocalCertificates() { 114 try { 115 URL url = new URL("https://localhost:55555"); 116 HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); 117 try { 118 connection.getLocalCertificates(); 119 fail("IllegalStateException wasn't thrown"); 120 } catch (IllegalStateException ise) { 121 //expected 122 } 123 } catch (Exception e) { 124 fail("Unexpected exception " + e + " for exception case"); 125 } 126 127 try { 128 HttpsURLConnection con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.508"); 129 assertNull(con.getLocalCertificates()); 130 con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.509"); 131 Certificate[] cert = con.getLocalCertificates(); 132 assertNotNull(cert); 133 assertEquals(1, cert.length); 134 } catch (Exception e) { 135 fail("Unexpected exception " + e); 136 } 137 } 138 139 /** 140 * @tests javax.net.ssl.HttpsURLConnection#getDefaultHostnameVerifier() 141 */ 142 @TestTargetNew( 143 level = TestLevel.COMPLETE, 144 notes = "", 145 method = "getDefaultHostnameVerifier", 146 args = {} 147 ) 148 public final void test_getDefaultHostnameVerifier() { 149 HostnameVerifier verifyer = 150 HttpsURLConnection.getDefaultHostnameVerifier(); 151 assertNotNull("Default hostname verifyer is null", verifyer); 152 } 153 154 /** 155 * @tests javax.net.ssl.HttpsURLConnection#getDefaultSSLSocketFactory() 156 */ 157 @TestTargetNew( 158 level = TestLevel.COMPLETE, 159 notes = "", 160 method = "getDefaultSSLSocketFactory", 161 args = {} 162 ) 163 public final void test_getDefaultSSLSocketFactory() { 164 SSLSocketFactory sf = HttpsURLConnection.getDefaultSSLSocketFactory(); 165 if (!sf.equals(SSLSocketFactory.getDefault())) { 166 fail("incorrect DefaultSSLSocketFactory"); 167 } 168 } 169 170 /** 171 * @tests javax.net.ssl.HttpsURLConnection#getHostnameVerifier() 172 */ 173 @TestTargetNew( 174 level = TestLevel.COMPLETE, 175 notes = "", 176 method = "getHostnameVerifier", 177 args = {} 178 ) 179 public final void test_getHostnameVerifier() 180 throws Exception { 181 HttpsURLConnection con = new MyHttpsURLConnection( 182 new URL("https://www.fortify.net/")); 183 HostnameVerifier verifyer = con.getHostnameVerifier(); 184 assertNotNull("Hostname verifyer is null", verifyer); 185 assertEquals("Incorrect value of hostname verirfyer", 186 HttpsURLConnection.getDefaultHostnameVerifier(), verifyer); 187 } 188 189 /** 190 * @tests javax.net.ssl.HttpsURLConnection#getLocalPrincipal() 191 */ 192 @TestTargetNew( 193 level = TestLevel.COMPLETE, 194 notes = "", 195 method = "getLocalPrincipal", 196 args = {} 197 ) 198 public final void test_getLocalPrincipal() { 199 try { 200 URL url = new URL("https://localhost:55555"); 201 HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); 202 try { 203 connection.getLocalPrincipal(); 204 fail("IllegalStateException wasn't thrown"); 205 } catch (IllegalStateException ise) { 206 //expected 207 } 208 } catch (Exception e) { 209 fail("Unexpected exception " + e + " for exception case"); 210 } 211 212 try { 213 HttpsURLConnection con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.508"); 214 assertNull(con.getLocalPrincipal()); 215 con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.509"); 216 assertNotNull("Local principal is null", con.getLocalPrincipal()); 217 } catch (Exception e) { 218 fail("Unexpected exception " + e); 219 } 220 } 221 222 /** 223 * @tests javax.net.ssl.HttpsURLConnection#getPeerPrincipal() 224 */ 225 @TestTargetNew( 226 level = TestLevel.COMPLETE, 227 notes = "", 228 method = "getPeerPrincipal", 229 args = {} 230 ) 231 public final void test_getPeerPrincipal() throws Exception { 232 try { 233 URL url = new URL("https://localhost:55555"); 234 HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); 235 try { 236 connection.getPeerPrincipal(); 237 fail("IllegalStateException wasn't thrown"); 238 } catch (IllegalStateException ise) { 239 //expected 240 } 241 } catch (Exception e) { 242 fail("Unexpected exception " + e + " for exception case"); 243 } 244 HttpsURLConnection con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.508"); 245 try { 246 Principal p = con.getPeerPrincipal(); 247 fail("SSLPeerUnverifiedException wasn't thrown"); 248 } catch (SSLPeerUnverifiedException e) { 249 //expected 250 } 251 252 con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.509"); 253 try { 254 Principal p = con.getPeerPrincipal(); 255 assertNotNull(p); 256 } catch (Exception e) { 257 fail("Unexpected exception " + e); 258 } 259 } 260 261 /** 262 * @tests javax.net.ssl.HttpsURLConnection#getServerCertificates() 263 */ 264 @TestTargetNew( 265 level = TestLevel.COMPLETE, 266 notes = "", 267 method = "getServerCertificates", 268 args = {} 269 ) 270 public final void test_getServerCertificates() throws Exception { 271 try { 272 URL url = new URL("https://localhost:55555"); 273 HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); 274 try { 275 connection.getServerCertificates(); 276 fail("IllegalStateException wasn't thrown"); 277 } catch (IllegalStateException ise) { 278 //expected 279 } 280 } catch (Exception e) { 281 fail("Unexpected exception " + e + " for exception case"); 282 } 283 284 HttpsURLConnection con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.508"); 285 try { 286 Certificate[] cert = con.getServerCertificates(); 287 fail("SSLPeerUnverifiedException wasn't thrown"); 288 } catch (SSLPeerUnverifiedException e) { 289 //expected 290 } 291 292 con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.509"); 293 try { 294 Certificate[] cert = con.getServerCertificates(); 295 assertNotNull(cert); 296 assertEquals(1, cert.length); 297 } catch (Exception e) { 298 fail("Unexpected exception " + e); 299 } 300 } 301 302 /** 303 * @tests javax.net.ssl.HttpsURLConnection#getSSLSocketFactory() 304 */ 305 @TestTargetNew( 306 level = TestLevel.COMPLETE, 307 notes = "", 308 method = "getSSLSocketFactory", 309 args = {} 310 ) 311 public final void test_getSSLSocketFactory() { 312 HttpsURLConnection con = new MyHttpsURLConnection(null); 313 SSLSocketFactory sf = con.getSSLSocketFactory(); 314 if (!sf.equals(SSLSocketFactory.getDefault())) { 315 fail("incorrect DefaultSSLSocketFactory"); 316 } 317 } 318 319 /** 320 * @tests javax.net.ssl.HttpsURLConnection#setDefaultHostnameVerifier() 321 */ 322 @TestTargetNew( 323 level = TestLevel.COMPLETE, 324 notes = "", 325 method = "setDefaultHostnameVerifier", 326 args = {javax.net.ssl.HostnameVerifier.class} 327 ) 328 public final void test_setDefaultHostnameVerifier() { 329 try { 330 HttpsURLConnection.setDefaultHostnameVerifier(null); 331 fail("No expected IllegalArgumentException"); 332 } catch (IllegalArgumentException e) { 333 // expected 334 } 335 HostnameVerifier def = HttpsURLConnection.getDefaultHostnameVerifier(); 336 try { 337 myHostnameVerifier hnv = new myHostnameVerifier(); 338 HttpsURLConnection.setDefaultHostnameVerifier(hnv); 339 assertEquals(hnv, HttpsURLConnection.getDefaultHostnameVerifier()); 340 } catch (Exception e) { 341 fail("Unexpected exception " + e); 342 } finally { 343 HttpsURLConnection.setDefaultHostnameVerifier(def); 344 } 345 } 346 347 /** 348 * @tests javax.net.ssl.HttpsURLConnection#setHostnameVerifier() 349 */ 350 @TestTargetNew( 351 level = TestLevel.COMPLETE, 352 notes = "", 353 method = "setHostnameVerifier", 354 args = {javax.net.ssl.HostnameVerifier.class} 355 ) 356 public final void test_setHostnameVerifier() { 357 HttpsURLConnection con = new MyHttpsURLConnection(null); 358 try { 359 con.setHostnameVerifier(null); 360 fail("No expected IllegalArgumentException"); 361 } catch (IllegalArgumentException e) { 362 } 363 try { 364 myHostnameVerifier hnv = new myHostnameVerifier(); 365 con.setHostnameVerifier(hnv); 366 } catch (Exception e) { 367 fail("Unexpected exception " + e); 368 } 369 } 370 371 /** 372 * @tests javax.net.ssl.HttpsURLConnection#setDefaultSSLSocketFactory() 373 */ 374 @TestTargetNew( 375 level = TestLevel.COMPLETE, 376 notes = "", 377 method = "setDefaultSSLSocketFactory", 378 args = {javax.net.ssl.SSLSocketFactory.class} 379 ) 380 public final void test_setDefaultSSLSocketFactory() { 381 try { 382 HttpsURLConnection.setDefaultSSLSocketFactory(null); 383 fail("No expected IllegalArgumentException"); 384 } catch (IllegalArgumentException e) { 385 } 386 try { 387 SSLSocketFactory ssf = (SSLSocketFactory) SSLSocketFactory 388 .getDefault(); 389 HttpsURLConnection.setDefaultSSLSocketFactory(ssf); 390 } catch (Exception e) { 391 fail("Unexpected exception " + e); 392 } 393 } 394 395 /** 396 * @tests javax.net.ssl.HttpsURLConnection#setSSLSocketFactory() 397 */ 398 @TestTargetNew( 399 level = TestLevel.COMPLETE, 400 notes = "", 401 method = "setSSLSocketFactory", 402 args = {javax.net.ssl.SSLSocketFactory.class} 403 ) 404 public final void test_setSSLSocketFactory() { 405 HttpsURLConnection con = new MyHttpsURLConnection(null); 406 try { 407 con.setSSLSocketFactory(null); 408 fail("No expected IllegalArgumentException"); 409 } catch (IllegalArgumentException e) { 410 } 411 try { 412 SSLSocketFactory ssf = (SSLSocketFactory) SSLSocketFactory 413 .getDefault(); 414 con.setSSLSocketFactory(ssf); 415 } catch (Exception e) { 416 fail("Unexpected exception " + e); 417 } 418 } 419 } 420 421 class MyHttpsURLConnection extends javax.net.ssl.HttpsURLConnection { 422 423 private String typeDone; 424 425 public MyHttpsURLConnection(URL url) { 426 super(url); 427 } 428 429 public MyHttpsURLConnection(URL url, String type) { 430 super(url); 431 typeDone = type; 432 } 433 434 /* 435 * @see javax.net.ssl.HttpsURLConnection#getCipherSuite() 436 */ 437 public String getCipherSuite() { 438 return "CipherSuite"; 439 } 440 441 /* 442 * @see javax.net.ssl.HttpsURLConnection#getLocalCertificates() 443 */ 444 public Certificate[] getLocalCertificates() { 445 Certificate cert = null; 446 try { 447 CertificateFactory cf = CertificateFactory.getInstance(typeDone); 448 byte[] barr = TestUtils.getX509Certificate_v1(); 449 ByteArrayInputStream bis = new ByteArrayInputStream(barr); 450 cert = cf.generateCertificate(bis); 451 } catch (CertificateException se) { 452 cert = null; 453 } 454 return cert == null ? null : new Certificate[]{cert}; 455 } 456 457 /* 458 * @see javax.net.ssl.HttpsURLConnection#getServerCertificates() 459 */ 460 public Certificate[] getServerCertificates() throws SSLPeerUnverifiedException { 461 Certificate cert = null; 462 try { 463 CertificateFactory cf = CertificateFactory.getInstance(typeDone); 464 byte[] barr = TestUtils.getX509Certificate_v3(); 465 ByteArrayInputStream bis = new ByteArrayInputStream(barr); 466 cert = cf.generateCertificate(bis); 467 } catch (CertificateException se) { 468 throw new SSLPeerUnverifiedException("No server's end-entity certificate"); 469 } 470 return cert == null ? null : new Certificate[]{cert}; 471 } 472 473 /* 474 * @see java.net.HttpURLConnection#disconnect() 475 */ 476 public void disconnect() { 477 } 478 479 /* 480 * @see java.net.HttpURLConnection#usingProxy() 481 */ 482 public boolean usingProxy() { 483 return false; 484 } 485 486 public void connect() { 487 } 488 489 } 490 491 class myHostnameVerifier implements HostnameVerifier { 492 493 myHostnameVerifier() { 494 } 495 496 public boolean verify(String hostname, SSLSession session) { 497 if (hostname == session.getPeerHost()) { 498 return true; 499 } else return false; 500 } 501 } 502 503