1 /* 2 * Licensed to the Apache Software Foundation (ASF) under one or more 3 * contributor license agreements. See the NOTICE file distributed with 4 * this work for additional information regarding copyright ownership. 5 * The ASF licenses this file to You under the Apache License, Version 2.0 6 * (the "License"); you may not use this file except in compliance with 7 * the License. You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 */ 17 18 19 package org.apache.harmony.tests.javax.net.ssl; 20 21 import java.io.ByteArrayInputStream; 22 import java.net.URL; 23 import java.security.Principal; 24 import java.security.cert.Certificate; 25 import java.security.cert.CertificateException; 26 import java.security.cert.CertificateFactory; 27 28 import javax.net.ssl.HostnameVerifier; 29 import javax.net.ssl.HttpsURLConnection; 30 import javax.net.ssl.SSLPeerUnverifiedException; 31 import javax.net.ssl.SSLSession; 32 import javax.net.ssl.SSLSocketFactory; 33 34 import org.apache.harmony.security.tests.support.cert.TestUtils; 35 36 import junit.framework.TestCase; 37 38 39 40 /** 41 * Tests for <code>HttpsURLConnection</code> class constructors and methods. 42 * 43 */ 44 public class HttpsURLConnectionTest extends TestCase { 45 46 @Override 47 public void setUp() throws Exception { 48 // Set the default SSL Socket factory to avoid an unmatched SSLSocketFactory 49 HttpsURLConnection.setDefaultSSLSocketFactory( 50 (SSLSocketFactory)SSLSocketFactory.getDefault()); 51 } 52 53 /** 54 * javax.net.ssl.HttpsURLConnection#HttpsURLConnection(java_net_URL) 55 */ 56 public final void test_Constructor() throws Exception { 57 new MyHttpsURLConnection(new URL("https://www.fortify.net/")); 58 new MyHttpsURLConnection(null); 59 } 60 61 /** 62 * javax.net.ssl.HttpsURLConnection#getCipherSuite() 63 */ 64 public final void test_getCipherSuite() throws Exception { 65 URL url = new URL("https://localhost:55555"); 66 HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); 67 try { 68 connection.getCipherSuite(); 69 fail("IllegalStateException wasn't thrown"); 70 } catch (IllegalStateException expected) { 71 } 72 73 HttpsURLConnection con = new MyHttpsURLConnection(new URL("https://www.fortify.net/")); 74 assertEquals("CipherSuite", con.getCipherSuite()); 75 } 76 77 /** 78 * javax.net.ssl.HttpsURLConnection#getLocalCertificates() 79 */ 80 public final void test_getLocalCertificates() throws Exception { 81 URL url = new URL("https://localhost:55555"); 82 HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); 83 try { 84 connection.getLocalCertificates(); 85 fail("IllegalStateException wasn't thrown"); 86 } catch (IllegalStateException expected) { 87 } 88 89 HttpsURLConnection con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.508"); 90 assertNull(con.getLocalCertificates()); 91 con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.509"); 92 Certificate[] cert = con.getLocalCertificates(); 93 assertNotNull(cert); 94 assertEquals(1, cert.length); 95 } 96 97 /** 98 * javax.net.ssl.HttpsURLConnection#getDefaultHostnameVerifier() 99 */ 100 public final void test_getDefaultHostnameVerifier() { 101 HostnameVerifier verifyer = 102 HttpsURLConnection.getDefaultHostnameVerifier(); 103 assertNotNull("Default hostname verifyer is null", verifyer); 104 } 105 106 /** 107 * javax.net.ssl.HttpsURLConnection#getHostnameVerifier() 108 */ 109 public final void test_getHostnameVerifier() 110 throws Exception { 111 HttpsURLConnection con = new MyHttpsURLConnection( 112 new URL("https://www.fortify.net/")); 113 HostnameVerifier verifyer = con.getHostnameVerifier(); 114 assertNotNull("Hostname verifyer is null", verifyer); 115 assertEquals("Incorrect value of hostname verirfyer", 116 HttpsURLConnection.getDefaultHostnameVerifier(), verifyer); 117 } 118 119 /** 120 * javax.net.ssl.HttpsURLConnection#getLocalPrincipal() 121 */ 122 public final void test_getLocalPrincipal() throws Exception { 123 URL url = new URL("https://localhost:55555"); 124 HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); 125 try { 126 connection.getLocalPrincipal(); 127 fail("IllegalStateException wasn't thrown"); 128 } catch (IllegalStateException expected) { 129 } 130 131 HttpsURLConnection con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.508"); 132 assertNull(con.getLocalPrincipal()); 133 con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.509"); 134 assertNotNull("Local principal is null", con.getLocalPrincipal()); 135 } 136 137 /** 138 * javax.net.ssl.HttpsURLConnection#getPeerPrincipal() 139 */ 140 public final void test_getPeerPrincipal() throws Exception { 141 URL url = new URL("https://localhost:55555"); 142 HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); 143 try { 144 connection.getPeerPrincipal(); 145 fail("IllegalStateException wasn't thrown"); 146 } catch (IllegalStateException expected) { 147 } 148 HttpsURLConnection con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.508"); 149 try { 150 Principal p = con.getPeerPrincipal(); 151 fail("SSLPeerUnverifiedException wasn't thrown"); 152 } catch (SSLPeerUnverifiedException expected) { 153 } 154 155 con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.509"); 156 Principal p = con.getPeerPrincipal(); 157 assertNotNull(p); 158 } 159 160 /** 161 * javax.net.ssl.HttpsURLConnection#getServerCertificates() 162 */ 163 public final void test_getServerCertificates() throws Exception { 164 URL url = new URL("https://localhost:55555"); 165 HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); 166 try { 167 connection.getServerCertificates(); 168 fail("IllegalStateException wasn't thrown"); 169 } catch (IllegalStateException expected) { 170 } 171 172 HttpsURLConnection con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.508"); 173 try { 174 con.getServerCertificates(); 175 fail("SSLPeerUnverifiedException wasn't thrown"); 176 } catch (SSLPeerUnverifiedException expected) { 177 } 178 179 con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.509"); 180 Certificate[] cert = con.getServerCertificates(); 181 assertNotNull(cert); 182 assertEquals(1, cert.length); 183 } 184 185 /** 186 * javax.net.ssl.HttpsURLConnection#setDefaultHostnameVerifier() 187 */ 188 public final void test_setDefaultHostnameVerifier() { 189 try { 190 HttpsURLConnection.setDefaultHostnameVerifier(null); 191 fail("No expected IllegalArgumentException"); 192 } catch (IllegalArgumentException expected) { 193 } 194 HostnameVerifier def = HttpsURLConnection.getDefaultHostnameVerifier(); 195 try { 196 myHostnameVerifier hnv = new myHostnameVerifier(); 197 HttpsURLConnection.setDefaultHostnameVerifier(hnv); 198 assertEquals(hnv, HttpsURLConnection.getDefaultHostnameVerifier()); 199 } finally { 200 HttpsURLConnection.setDefaultHostnameVerifier(def); 201 } 202 } 203 204 /** 205 * javax.net.ssl.HttpsURLConnection#setHostnameVerifier() 206 */ 207 public final void test_setHostnameVerifier() { 208 HttpsURLConnection con = new MyHttpsURLConnection(null); 209 try { 210 con.setHostnameVerifier(null); 211 fail("No expected IllegalArgumentException"); 212 } catch (IllegalArgumentException expected) { 213 } 214 myHostnameVerifier hnv = new myHostnameVerifier(); 215 con.setHostnameVerifier(hnv); 216 } 217 218 /** 219 * javax.net.ssl.HttpsURLConnection#setDefaultSSLSocketFactory() 220 */ 221 public final void test_setDefaultSSLSocketFactory() { 222 try { 223 HttpsURLConnection.setDefaultSSLSocketFactory(null); 224 fail("No expected IllegalArgumentException"); 225 } catch (IllegalArgumentException expected) { 226 } 227 SSLSocketFactory ssf = (SSLSocketFactory) SSLSocketFactory 228 .getDefault(); 229 HttpsURLConnection.setDefaultSSLSocketFactory(ssf); 230 } 231 232 /** 233 * javax.net.ssl.HttpsURLConnection#setSSLSocketFactory() 234 */ 235 public final void test_setSSLSocketFactory() { 236 HttpsURLConnection con = new MyHttpsURLConnection(null); 237 try { 238 con.setSSLSocketFactory(null); 239 fail("No expected IllegalArgumentException"); 240 } catch (IllegalArgumentException expected) { 241 } 242 SSLSocketFactory ssf = (SSLSocketFactory) SSLSocketFactory 243 .getDefault(); 244 con.setSSLSocketFactory(ssf); 245 } 246 } 247 248 class MyHttpsURLConnection extends javax.net.ssl.HttpsURLConnection { 249 250 private String typeDone; 251 252 public MyHttpsURLConnection(URL url) { 253 super(url); 254 } 255 256 public MyHttpsURLConnection(URL url, String type) { 257 super(url); 258 typeDone = type; 259 } 260 261 /* 262 * @see javax.net.ssl.HttpsURLConnection#getCipherSuite() 263 */ 264 public String getCipherSuite() { 265 return "CipherSuite"; 266 } 267 268 /* 269 * @see javax.net.ssl.HttpsURLConnection#getLocalCertificates() 270 */ 271 public Certificate[] getLocalCertificates() { 272 try { 273 CertificateFactory cf = CertificateFactory.getInstance(typeDone); 274 byte[] barr = TestUtils.getX509Certificate_v1(); 275 ByteArrayInputStream bis = new ByteArrayInputStream(barr); 276 Certificate cert = cf.generateCertificate(bis); 277 return new Certificate[] { cert }; 278 } catch (CertificateException se) { 279 return null; 280 } 281 } 282 283 /* 284 * @see javax.net.ssl.HttpsURLConnection#getServerCertificates() 285 */ 286 public Certificate[] getServerCertificates() throws SSLPeerUnverifiedException { 287 try { 288 CertificateFactory cf = CertificateFactory.getInstance(typeDone); 289 byte[] barr = TestUtils.getX509Certificate_v3(); 290 ByteArrayInputStream bis = new ByteArrayInputStream(barr); 291 Certificate cert = cf.generateCertificate(bis); 292 return new Certificate[] { cert }; 293 } catch (CertificateException se) { 294 throw new SSLPeerUnverifiedException("No server's end-entity certificate"); 295 } 296 } 297 298 /* 299 * @see java.net.HttpURLConnection#disconnect() 300 */ 301 public void disconnect() { 302 } 303 304 /* 305 * @see java.net.HttpURLConnection#usingProxy() 306 */ 307 public boolean usingProxy() { 308 return false; 309 } 310 311 public void connect() { 312 } 313 314 } 315 316 class myHostnameVerifier implements HostnameVerifier { 317 318 myHostnameVerifier() { 319 } 320 321 public boolean verify(String hostname, SSLSession session) { 322 if (hostname == session.getPeerHost()) { 323 return true; 324 } else return false; 325 } 326 } 327 328