1 /* 2 * Licensed to the Apache Software Foundation (ASF) under one or more 3 * contributor license agreements. See the NOTICE file distributed with 4 * this work for additional information regarding copyright ownership. 5 * The ASF licenses this file to You under the Apache License, Version 2.0 6 * (the "License"); you may not use this file except in compliance with 7 * the License. You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 */ 17 18 19 package tests.api.javax.net.ssl; 20 21 import java.io.ByteArrayInputStream; 22 import java.net.URL; 23 import java.security.Principal; 24 import java.security.cert.Certificate; 25 import java.security.cert.CertificateException; 26 import java.security.cert.CertificateFactory; 27 28 import javax.net.ssl.HostnameVerifier; 29 import javax.net.ssl.HttpsURLConnection; 30 import javax.net.ssl.SSLPeerUnverifiedException; 31 import javax.net.ssl.SSLSession; 32 import javax.net.ssl.SSLSocketFactory; 33 34 import org.apache.harmony.security.tests.support.cert.TestUtils; 35 36 import junit.framework.TestCase; 37 38 39 40 /** 41 * Tests for <code>HttpsURLConnection</code> class constructors and methods. 42 * 43 */ 44 public class HttpsURLConnectionTest extends TestCase { 45 46 /** 47 * javax.net.ssl.HttpsURLConnection#HttpsURLConnection(java_net_URL) 48 */ 49 public final void test_Constructor() throws Exception { 50 new MyHttpsURLConnection(new URL("https://www.fortify.net/")); 51 new MyHttpsURLConnection(null); 52 } 53 54 /** 55 * javax.net.ssl.HttpsURLConnection#getCipherSuite() 56 */ 57 public final void test_getCipherSuite() throws Exception { 58 URL url = new URL("https://localhost:55555"); 59 HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); 60 try { 61 connection.getCipherSuite(); 62 fail("IllegalStateException wasn't thrown"); 63 } catch (IllegalStateException expected) { 64 } 65 66 HttpsURLConnection con = new MyHttpsURLConnection(new URL("https://www.fortify.net/")); 67 assertEquals("CipherSuite", con.getCipherSuite()); 68 } 69 70 /** 71 * javax.net.ssl.HttpsURLConnection#getLocalCertificates() 72 */ 73 public final void test_getLocalCertificates() throws Exception { 74 URL url = new URL("https://localhost:55555"); 75 HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); 76 try { 77 connection.getLocalCertificates(); 78 fail("IllegalStateException wasn't thrown"); 79 } catch (IllegalStateException expected) { 80 } 81 82 HttpsURLConnection con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.508"); 83 assertNull(con.getLocalCertificates()); 84 con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.509"); 85 Certificate[] cert = con.getLocalCertificates(); 86 assertNotNull(cert); 87 assertEquals(1, cert.length); 88 } 89 90 /** 91 * javax.net.ssl.HttpsURLConnection#getDefaultHostnameVerifier() 92 */ 93 public final void test_getDefaultHostnameVerifier() { 94 HostnameVerifier verifyer = 95 HttpsURLConnection.getDefaultHostnameVerifier(); 96 assertNotNull("Default hostname verifyer is null", verifyer); 97 } 98 99 /** 100 * javax.net.ssl.HttpsURLConnection#getDefaultSSLSocketFactory() 101 */ 102 public final void test_getDefaultSSLSocketFactory() { 103 SSLSocketFactory sf = HttpsURLConnection.getDefaultSSLSocketFactory(); 104 if (!sf.equals(SSLSocketFactory.getDefault())) { 105 fail("incorrect DefaultSSLSocketFactory"); 106 } 107 } 108 109 /** 110 * javax.net.ssl.HttpsURLConnection#getHostnameVerifier() 111 */ 112 public final void test_getHostnameVerifier() 113 throws Exception { 114 HttpsURLConnection con = new MyHttpsURLConnection( 115 new URL("https://www.fortify.net/")); 116 HostnameVerifier verifyer = con.getHostnameVerifier(); 117 assertNotNull("Hostname verifyer is null", verifyer); 118 assertEquals("Incorrect value of hostname verirfyer", 119 HttpsURLConnection.getDefaultHostnameVerifier(), verifyer); 120 } 121 122 /** 123 * javax.net.ssl.HttpsURLConnection#getLocalPrincipal() 124 */ 125 public final void test_getLocalPrincipal() throws Exception { 126 URL url = new URL("https://localhost:55555"); 127 HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); 128 try { 129 connection.getLocalPrincipal(); 130 fail("IllegalStateException wasn't thrown"); 131 } catch (IllegalStateException expected) { 132 } 133 134 HttpsURLConnection con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.508"); 135 assertNull(con.getLocalPrincipal()); 136 con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.509"); 137 assertNotNull("Local principal is null", con.getLocalPrincipal()); 138 } 139 140 /** 141 * javax.net.ssl.HttpsURLConnection#getPeerPrincipal() 142 */ 143 public final void test_getPeerPrincipal() throws Exception { 144 URL url = new URL("https://localhost:55555"); 145 HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); 146 try { 147 connection.getPeerPrincipal(); 148 fail("IllegalStateException wasn't thrown"); 149 } catch (IllegalStateException expected) { 150 } 151 HttpsURLConnection con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.508"); 152 try { 153 Principal p = con.getPeerPrincipal(); 154 fail("SSLPeerUnverifiedException wasn't thrown"); 155 } catch (SSLPeerUnverifiedException expected) { 156 } 157 158 con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.509"); 159 Principal p = con.getPeerPrincipal(); 160 assertNotNull(p); 161 } 162 163 /** 164 * javax.net.ssl.HttpsURLConnection#getServerCertificates() 165 */ 166 public final void test_getServerCertificates() throws Exception { 167 URL url = new URL("https://localhost:55555"); 168 HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); 169 try { 170 connection.getServerCertificates(); 171 fail("IllegalStateException wasn't thrown"); 172 } catch (IllegalStateException expected) { 173 } 174 175 HttpsURLConnection con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.508"); 176 try { 177 con.getServerCertificates(); 178 fail("SSLPeerUnverifiedException wasn't thrown"); 179 } catch (SSLPeerUnverifiedException expected) { 180 } 181 182 con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.509"); 183 Certificate[] cert = con.getServerCertificates(); 184 assertNotNull(cert); 185 assertEquals(1, cert.length); 186 } 187 188 /** 189 * javax.net.ssl.HttpsURLConnection#getSSLSocketFactory() 190 */ 191 public final void test_getSSLSocketFactory() { 192 HttpsURLConnection con = new MyHttpsURLConnection(null); 193 SSLSocketFactory sf = con.getSSLSocketFactory(); 194 if (!sf.equals(SSLSocketFactory.getDefault())) { 195 fail("incorrect DefaultSSLSocketFactory"); 196 } 197 } 198 199 /** 200 * javax.net.ssl.HttpsURLConnection#setDefaultHostnameVerifier() 201 */ 202 public final void test_setDefaultHostnameVerifier() { 203 try { 204 HttpsURLConnection.setDefaultHostnameVerifier(null); 205 fail("No expected IllegalArgumentException"); 206 } catch (IllegalArgumentException expected) { 207 } 208 HostnameVerifier def = HttpsURLConnection.getDefaultHostnameVerifier(); 209 try { 210 myHostnameVerifier hnv = new myHostnameVerifier(); 211 HttpsURLConnection.setDefaultHostnameVerifier(hnv); 212 assertEquals(hnv, HttpsURLConnection.getDefaultHostnameVerifier()); 213 } finally { 214 HttpsURLConnection.setDefaultHostnameVerifier(def); 215 } 216 } 217 218 /** 219 * javax.net.ssl.HttpsURLConnection#setHostnameVerifier() 220 */ 221 public final void test_setHostnameVerifier() { 222 HttpsURLConnection con = new MyHttpsURLConnection(null); 223 try { 224 con.setHostnameVerifier(null); 225 fail("No expected IllegalArgumentException"); 226 } catch (IllegalArgumentException expected) { 227 } 228 myHostnameVerifier hnv = new myHostnameVerifier(); 229 con.setHostnameVerifier(hnv); 230 } 231 232 /** 233 * javax.net.ssl.HttpsURLConnection#setDefaultSSLSocketFactory() 234 */ 235 public final void test_setDefaultSSLSocketFactory() { 236 try { 237 HttpsURLConnection.setDefaultSSLSocketFactory(null); 238 fail("No expected IllegalArgumentException"); 239 } catch (IllegalArgumentException expected) { 240 } 241 SSLSocketFactory ssf = (SSLSocketFactory) SSLSocketFactory 242 .getDefault(); 243 HttpsURLConnection.setDefaultSSLSocketFactory(ssf); 244 } 245 246 /** 247 * javax.net.ssl.HttpsURLConnection#setSSLSocketFactory() 248 */ 249 public final void test_setSSLSocketFactory() { 250 HttpsURLConnection con = new MyHttpsURLConnection(null); 251 try { 252 con.setSSLSocketFactory(null); 253 fail("No expected IllegalArgumentException"); 254 } catch (IllegalArgumentException expected) { 255 } 256 SSLSocketFactory ssf = (SSLSocketFactory) SSLSocketFactory 257 .getDefault(); 258 con.setSSLSocketFactory(ssf); 259 } 260 } 261 262 class MyHttpsURLConnection extends javax.net.ssl.HttpsURLConnection { 263 264 private String typeDone; 265 266 public MyHttpsURLConnection(URL url) { 267 super(url); 268 } 269 270 public MyHttpsURLConnection(URL url, String type) { 271 super(url); 272 typeDone = type; 273 } 274 275 /* 276 * @see javax.net.ssl.HttpsURLConnection#getCipherSuite() 277 */ 278 public String getCipherSuite() { 279 return "CipherSuite"; 280 } 281 282 /* 283 * @see javax.net.ssl.HttpsURLConnection#getLocalCertificates() 284 */ 285 public Certificate[] getLocalCertificates() { 286 try { 287 CertificateFactory cf = CertificateFactory.getInstance(typeDone); 288 byte[] barr = TestUtils.getX509Certificate_v1(); 289 ByteArrayInputStream bis = new ByteArrayInputStream(barr); 290 Certificate cert = cf.generateCertificate(bis); 291 return new Certificate[] { cert }; 292 } catch (CertificateException se) { 293 return null; 294 } 295 } 296 297 /* 298 * @see javax.net.ssl.HttpsURLConnection#getServerCertificates() 299 */ 300 public Certificate[] getServerCertificates() throws SSLPeerUnverifiedException { 301 try { 302 CertificateFactory cf = CertificateFactory.getInstance(typeDone); 303 byte[] barr = TestUtils.getX509Certificate_v3(); 304 ByteArrayInputStream bis = new ByteArrayInputStream(barr); 305 Certificate cert = cf.generateCertificate(bis); 306 return new Certificate[] { cert }; 307 } catch (CertificateException se) { 308 throw new SSLPeerUnverifiedException("No server's end-entity certificate"); 309 } 310 } 311 312 /* 313 * @see java.net.HttpURLConnection#disconnect() 314 */ 315 public void disconnect() { 316 } 317 318 /* 319 * @see java.net.HttpURLConnection#usingProxy() 320 */ 321 public boolean usingProxy() { 322 return false; 323 } 324 325 public void connect() { 326 } 327 328 } 329 330 class myHostnameVerifier implements HostnameVerifier { 331 332 myHostnameVerifier() { 333 } 334 335 public boolean verify(String hostname, SSLSession session) { 336 if (hostname == session.getPeerHost()) { 337 return true; 338 } else return false; 339 } 340 } 341 342