1 /* 2 * Copyright (C) 2010 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package libcore.javax.net.ssl; 18 19 import static org.junit.Assert.assertEquals; 20 import static org.junit.Assert.assertNotNull; 21 import static org.junit.Assert.assertNotSame; 22 import static org.junit.Assert.assertNull; 23 import static org.junit.Assert.assertSame; 24 import static org.junit.Assert.assertTrue; 25 import static org.junit.Assert.fail; 26 27 import java.io.IOException; 28 import java.security.InvalidAlgorithmParameterException; 29 import java.security.KeyManagementException; 30 import java.security.KeyStore; 31 import java.security.KeyStoreException; 32 import java.security.NoSuchAlgorithmException; 33 import java.security.Provider; 34 import java.security.Security; 35 import java.security.UnrecoverableKeyException; 36 import java.util.ArrayList; 37 import java.util.Arrays; 38 import java.util.Collections; 39 import java.util.List; 40 import java.util.concurrent.Callable; 41 import javax.net.ServerSocketFactory; 42 import javax.net.SocketFactory; 43 import javax.net.ssl.KeyManager; 44 import javax.net.ssl.KeyManagerFactory; 45 import javax.net.ssl.KeyManagerFactorySpi; 46 import javax.net.ssl.ManagerFactoryParameters; 47 import javax.net.ssl.SSLContext; 48 import javax.net.ssl.SSLEngine; 49 import javax.net.ssl.SSLServerSocket; 50 import javax.net.ssl.SSLServerSocketFactory; 51 import javax.net.ssl.SSLSessionContext; 52 import javax.net.ssl.SSLSocket; 53 import javax.net.ssl.SSLSocketFactory; 54 import javax.net.ssl.TrustManager; 55 import javax.net.ssl.TrustManagerFactory; 56 import javax.net.ssl.TrustManagerFactorySpi; 57 import javax.net.ssl.X509KeyManager; 58 import junit.framework.AssertionFailedError; 59 import libcore.java.security.StandardNames; 60 import org.conscrypt.TestUtils; 61 import org.junit.Test; 62 import org.junit.runner.RunWith; 63 import org.junit.runners.JUnit4; 64 65 @RunWith(JUnit4.class) 66 public class SSLContextTest extends AbstractSSLTest { 67 68 @Test 69 public void test_SSLContext_getDefault() throws Exception { 70 SSLContext sslContext = SSLContext.getDefault(); 71 assertNotNull(sslContext); 72 try { 73 sslContext.init(null, null, null); 74 fail(); 75 } catch (KeyManagementException expected) { 76 // Ignored. 77 } 78 } 79 80 @Test 81 public void test_SSLContext_setDefault() throws Exception { 82 try { 83 SSLContext.setDefault(null); 84 fail(); 85 } catch (NullPointerException expected) { 86 // Ignored. 87 } 88 89 SSLContext defaultContext = SSLContext.getDefault(); 90 for (String protocol : StandardNames.SSL_CONTEXT_PROTOCOLS) { 91 SSLContext oldContext = SSLContext.getDefault(); 92 assertNotNull(oldContext); 93 SSLContext newContext = SSLContext.getInstance(protocol); 94 assertNotNull(newContext); 95 assertNotSame(oldContext, newContext); 96 SSLContext.setDefault(newContext); 97 assertSame(newContext, SSLContext.getDefault()); 98 } 99 SSLContext.setDefault(defaultContext); 100 } 101 102 @Test 103 public void test_SSLContext_defaultConfiguration() throws Exception { 104 SSLConfigurationAsserts.assertSSLContextDefaultConfiguration(SSLContext.getDefault()); 105 106 for (String protocol : StandardNames.SSL_CONTEXT_PROTOCOLS) { 107 SSLContext sslContext = SSLContext.getInstance(protocol); 108 if (!protocol.equals(StandardNames.SSL_CONTEXT_PROTOCOLS_DEFAULT)) { 109 sslContext.init(null, null, null); 110 } 111 SSLConfigurationAsserts.assertSSLContextDefaultConfiguration(sslContext); 112 } 113 } 114 115 @Test 116 public void test_SSLContext_pskOnlyConfiguration_defaultProviderOnly() throws Exception { 117 // Test the scenario where only a PSKKeyManager is provided and no TrustManagers are 118 // provided. 119 SSLContext sslContext = SSLContext.getInstance("TLS"); 120 sslContext.init(new KeyManager[] {PSKKeyManagerProxy.getConscryptPSKKeyManager( 121 new PSKKeyManagerProxy())}, 122 new TrustManager[0], null); 123 List<String> expectedCipherSuites = 124 new ArrayList<>(StandardNames.CIPHER_SUITES_DEFAULT_PSK); 125 expectedCipherSuites.add(StandardNames.CIPHER_SUITE_SECURE_RENEGOTIATION); 126 assertEnabledCipherSuites(expectedCipherSuites, sslContext); 127 } 128 129 @Test 130 public void test_SSLContext_x509AndPskConfiguration_defaultProviderOnly() throws Exception { 131 // Test the scenario where an X509TrustManager and PSKKeyManager are provided. 132 SSLContext sslContext = SSLContext.getInstance("TLS"); 133 sslContext.init(new KeyManager[] {PSKKeyManagerProxy.getConscryptPSKKeyManager( 134 new PSKKeyManagerProxy())}, 135 null, // Use default trust managers, one of which is an X.509 one. 136 null); 137 List<String> expectedCipherSuites = 138 new ArrayList<>(StandardNames.CIPHER_SUITES_DEFAULT_PSK); 139 expectedCipherSuites.addAll(StandardNames.CIPHER_SUITES_DEFAULT); 140 assertEnabledCipherSuites(expectedCipherSuites, sslContext); 141 142 // Test the scenario where an X509KeyManager and PSKKeyManager are provided. 143 sslContext = SSLContext.getInstance("TLS"); 144 // Just an arbitrary X509KeyManager -- it won't be invoked in this test. 145 X509KeyManager x509KeyManager = new RandomPrivateKeyX509ExtendedKeyManager(null); 146 sslContext.init( 147 new KeyManager[] {x509KeyManager, 148 PSKKeyManagerProxy.getConscryptPSKKeyManager(new PSKKeyManagerProxy())}, 149 new TrustManager[0], null); 150 assertEnabledCipherSuites(expectedCipherSuites, sslContext); 151 } 152 153 @Test 154 public void test_SSLContext_emptyConfiguration_defaultProviderOnly() throws Exception { 155 // Test the scenario where neither X.509 nor PSK KeyManagers or TrustManagers are provided. 156 SSLContext sslContext = SSLContext.getInstance("TLS"); 157 sslContext.init(new KeyManager[0], new TrustManager[0], null); 158 assertEnabledCipherSuites( 159 Collections.singletonList(StandardNames.CIPHER_SUITE_SECURE_RENEGOTIATION), 160 sslContext); 161 } 162 163 @Test 164 public void test_SSLContext_init_correctProtocolVersionsEnabled() throws Exception { 165 for (String tlsVersion : StandardNames.SSL_CONTEXT_PROTOCOLS) { 166 // Don't test the "Default" instance. 167 if (StandardNames.SSL_CONTEXT_PROTOCOLS_DEFAULT.equals(tlsVersion)) { 168 continue; 169 } 170 171 SSLContext context = SSLContext.getInstance(tlsVersion); 172 context.init(null, null, null); 173 174 StandardNames.assertSSLContextEnabledProtocols( 175 tlsVersion, ((SSLSocket) (context.getSocketFactory().createSocket())) 176 .getEnabledProtocols()); 177 StandardNames.assertSSLContextEnabledProtocols(tlsVersion, 178 ((SSLServerSocket) (context.getServerSocketFactory().createServerSocket())) 179 .getEnabledProtocols()); 180 StandardNames.assertSSLContextEnabledProtocols( 181 tlsVersion, context.getDefaultSSLParameters().getProtocols()); 182 StandardNames.assertSSLContextEnabledProtocols( 183 tlsVersion, context.createSSLEngine().getEnabledProtocols()); 184 } 185 } 186 187 private static void assertEnabledCipherSuites( 188 List<String> expectedCipherSuites, SSLContext sslContext) throws Exception { 189 assertContentsInOrder( 190 expectedCipherSuites, sslContext.createSSLEngine().getEnabledCipherSuites()); 191 assertContentsInOrder(expectedCipherSuites, 192 sslContext.createSSLEngine().getSSLParameters().getCipherSuites()); 193 assertContentsInOrder( 194 expectedCipherSuites, sslContext.getSocketFactory().getDefaultCipherSuites()); 195 assertContentsInOrder( 196 expectedCipherSuites, sslContext.getServerSocketFactory().getDefaultCipherSuites()); 197 198 SSLSocket sslSocket = (SSLSocket) sslContext.getSocketFactory().createSocket(); 199 try { 200 assertContentsInOrder(expectedCipherSuites, sslSocket.getEnabledCipherSuites()); 201 assertContentsInOrder( 202 expectedCipherSuites, sslSocket.getSSLParameters().getCipherSuites()); 203 } finally { 204 try { 205 sslSocket.close(); 206 } catch (IOException ignored) { 207 } 208 } 209 210 SSLServerSocket sslServerSocket = 211 (SSLServerSocket) sslContext.getServerSocketFactory().createServerSocket(); 212 try { 213 assertContentsInOrder(expectedCipherSuites, sslServerSocket.getEnabledCipherSuites()); 214 } finally { 215 try { 216 sslSocket.close(); 217 } catch (IOException ignored) { 218 } 219 } 220 } 221 222 @Test 223 public void test_SSLContext_getInstance() throws Exception { 224 try { 225 SSLContext.getInstance(null); 226 fail(); 227 } catch (NullPointerException expected) { 228 // Ignored. 229 } 230 for (String protocol : StandardNames.SSL_CONTEXT_PROTOCOLS) { 231 assertNotNull(SSLContext.getInstance(protocol)); 232 assertNotSame(SSLContext.getInstance(protocol), SSLContext.getInstance(protocol)); 233 } 234 235 try { 236 SSLContext.getInstance(null, (String) null); 237 fail(); 238 } catch (IllegalArgumentException expected) { 239 // Ignored. 240 } 241 try { 242 SSLContext.getInstance(null, ""); 243 fail(); 244 } catch (IllegalArgumentException expected) { 245 // Ignored. 246 } 247 for (String protocol : StandardNames.SSL_CONTEXT_PROTOCOLS) { 248 try { 249 SSLContext.getInstance(protocol, (String) null); 250 fail(); 251 } catch (IllegalArgumentException expected) { 252 // Ignored. 253 } 254 } 255 try { 256 SSLContext.getInstance(null, StandardNames.JSSE_PROVIDER_NAME); 257 fail(); 258 } catch (NullPointerException expected) { 259 // Ignored. 260 } 261 } 262 263 @Test 264 public void test_SSLContext_getProtocol() throws Exception { 265 for (String protocol : StandardNames.SSL_CONTEXT_PROTOCOLS) { 266 String protocolName = SSLContext.getInstance(protocol).getProtocol(); 267 assertNotNull(protocolName); 268 assertTrue(protocol.startsWith(protocolName)); 269 } 270 } 271 272 @Test 273 public void test_SSLContext_getProvider() throws Exception { 274 Provider provider = SSLContext.getDefault().getProvider(); 275 assertNotNull(provider); 276 assertEquals(StandardNames.JSSE_PROVIDER_NAME, provider.getName()); 277 } 278 279 @Test 280 public void test_SSLContext_init_Default() throws Exception { 281 // Assert that initializing a default SSLContext fails because it's supposed to be 282 // initialized already. 283 SSLContext sslContext = SSLContext.getInstance(StandardNames.SSL_CONTEXT_PROTOCOLS_DEFAULT); 284 try { 285 sslContext.init(null, null, null); 286 fail(); 287 } catch (KeyManagementException expected) { 288 // Ignored. 289 } 290 try { 291 sslContext.init(new KeyManager[0], new TrustManager[0], null); 292 fail(); 293 } catch (KeyManagementException expected) { 294 // Ignored. 295 } 296 try { 297 sslContext.init(new KeyManager[] {new KeyManager(){}}, 298 new TrustManager[] {new TrustManager(){}}, null); 299 fail(); 300 } catch (KeyManagementException expected) { 301 // Ignored. 302 } 303 } 304 305 @Test 306 public void test_SSLContext_init_withNullManagerArrays() throws Exception { 307 // Assert that SSLContext.init works fine even when provided with null arrays of 308 // KeyManagers and TrustManagers. 309 // The contract of SSLContext.init is that it will for default X.509 KeyManager and 310 // TrustManager from the highest priority KeyManagerFactory and TrustManagerFactory. 311 for (String protocol : StandardNames.SSL_CONTEXT_PROTOCOLS) { 312 if (protocol.equals(StandardNames.SSL_CONTEXT_PROTOCOLS_DEFAULT)) { 313 // Default SSLContext is provided in an already initialized state 314 continue; 315 } 316 SSLContext sslContext = SSLContext.getInstance(protocol); 317 sslContext.init(null, null, null); 318 } 319 } 320 321 @Test 322 public void test_SSLContext_init_withEmptyManagerArrays() throws Exception { 323 // Assert that SSLContext.init works fine even when provided with empty arrays of 324 // KeyManagers and TrustManagers. 325 // The contract of SSLContext.init is that it will not look for default X.509 KeyManager and 326 // TrustManager. 327 // This test thus installs a Provider of KeyManagerFactory and TrustManagerFactory whose 328 // factories throw exceptions which will make this test fail if the factories are used. 329 Provider provider = new ThrowExceptionKeyAndTrustManagerFactoryProvider(); 330 invokeWithHighestPrioritySecurityProvider(provider, (Callable<Void>) () -> { 331 assertEquals(ThrowExceptionKeyAndTrustManagerFactoryProvider.class, 332 TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()) 333 .getProvider() 334 .getClass()); 335 assertEquals(ThrowExceptionKeyAndTrustManagerFactoryProvider.class, 336 KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()) 337 .getProvider() 338 .getClass()); 339 340 KeyManager[] keyManagers = new KeyManager[0]; 341 TrustManager[] trustManagers = new TrustManager[0]; 342 for (String protocol : StandardNames.SSL_CONTEXT_PROTOCOLS) { 343 if (protocol.equals(StandardNames.SSL_CONTEXT_PROTOCOLS_DEFAULT)) { 344 // Default SSLContext is provided in an already initialized state 345 continue; 346 } 347 SSLContext sslContext = SSLContext.getInstance(protocol); 348 sslContext.init(keyManagers, trustManagers, null); 349 } 350 351 return null; 352 }); 353 } 354 355 @Test 356 public void test_SSLContext_init_withoutX509() throws Exception { 357 // Assert that SSLContext.init works fine even when provided with KeyManagers and 358 // TrustManagers which don't include the X.509 ones. 359 // The contract of SSLContext.init is that it will not look for default X.509 KeyManager and 360 // TrustManager. 361 // This test thus installs a Provider of KeyManagerFactory and TrustManagerFactory whose 362 // factories throw exceptions which will make this test fail if the factories are used. 363 Provider provider = new ThrowExceptionKeyAndTrustManagerFactoryProvider(); 364 invokeWithHighestPrioritySecurityProvider(provider, (Callable<Void>) () -> { 365 assertEquals(ThrowExceptionKeyAndTrustManagerFactoryProvider.class, 366 TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()) 367 .getProvider() 368 .getClass()); 369 assertEquals(ThrowExceptionKeyAndTrustManagerFactoryProvider.class, 370 KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()) 371 .getProvider() 372 .getClass()); 373 374 KeyManager[] keyManagers = new KeyManager[] {new KeyManager(){}}; 375 TrustManager[] trustManagers = new TrustManager[] {new TrustManager(){}}; 376 for (String protocol : StandardNames.SSL_CONTEXT_PROTOCOLS) { 377 if (protocol.equals(StandardNames.SSL_CONTEXT_PROTOCOLS_DEFAULT)) { 378 // Default SSLContext is provided in an already initialized state 379 continue; 380 } 381 SSLContext sslContext = SSLContext.getInstance(protocol); 382 sslContext.init(keyManagers, trustManagers, null); 383 } 384 385 return null; 386 }); 387 } 388 389 public static class ThrowExceptionKeyAndTrustManagerFactoryProvider extends Provider { 390 public ThrowExceptionKeyAndTrustManagerFactoryProvider() { 391 super("ThrowExceptionKeyAndTrustManagerProvider", 1.0, 392 "SSLContextTest fake KeyManagerFactory and TrustManagerFactory provider"); 393 394 put("TrustManagerFactory." + TrustManagerFactory.getDefaultAlgorithm(), 395 ThrowExceptionTrustManagagerFactorySpi.class.getName()); 396 put("TrustManagerFactory.PKIX", ThrowExceptionTrustManagagerFactorySpi.class.getName()); 397 398 put("KeyManagerFactory." + KeyManagerFactory.getDefaultAlgorithm(), 399 ThrowExceptionKeyManagagerFactorySpi.class.getName()); 400 put("KeyManagerFactory.PKIX", ThrowExceptionKeyManagagerFactorySpi.class.getName()); 401 } 402 } 403 404 public static class ThrowExceptionTrustManagagerFactorySpi extends TrustManagerFactorySpi { 405 @Override 406 protected void engineInit(KeyStore ks) throws KeyStoreException { 407 fail(); 408 } 409 410 @Override 411 protected void engineInit(ManagerFactoryParameters spec) 412 throws InvalidAlgorithmParameterException { 413 fail(); 414 } 415 416 @Override 417 protected TrustManager[] engineGetTrustManagers() { 418 throw new AssertionFailedError(); 419 } 420 } 421 422 public static class ThrowExceptionKeyManagagerFactorySpi extends KeyManagerFactorySpi { 423 @Override 424 protected void engineInit(KeyStore ks, char[] password) 425 throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException { 426 fail(); 427 } 428 429 @Override 430 protected void engineInit(ManagerFactoryParameters spec) 431 throws InvalidAlgorithmParameterException { 432 fail(); 433 } 434 435 @Override 436 protected KeyManager[] engineGetKeyManagers() { 437 throw new AssertionFailedError(); 438 } 439 } 440 441 /** 442 * Installs the specified security provider as the highest provider, invokes the provided 443 * {@link Callable}, and removes the provider. 444 * 445 * @return result returned by the {@code callable}. 446 */ 447 private static <T> T invokeWithHighestPrioritySecurityProvider( 448 Provider provider, Callable<T> callable) throws Exception { 449 int providerPosition = -1; 450 try { 451 providerPosition = Security.insertProviderAt(provider, 1); 452 assertEquals(1, providerPosition); 453 return callable.call(); 454 } finally { 455 if (providerPosition != -1) { 456 Security.removeProvider(provider.getName()); 457 } 458 } 459 } 460 461 @Test 462 public void test_SSLContext_getSocketFactory() throws Exception { 463 for (String protocol : StandardNames.SSL_CONTEXT_PROTOCOLS) { 464 if (protocol.equals(StandardNames.SSL_CONTEXT_PROTOCOLS_DEFAULT)) { 465 SSLContext.getInstance(protocol).getSocketFactory(); 466 } else { 467 try { 468 SSLContext.getInstance(protocol).getSocketFactory(); 469 fail(); 470 } catch (IllegalStateException expected) { 471 // Ignored. 472 } 473 } 474 475 SSLContext sslContext = SSLContext.getInstance(protocol); 476 if (!protocol.equals(StandardNames.SSL_CONTEXT_PROTOCOLS_DEFAULT)) { 477 sslContext.init(null, null, null); 478 } 479 SocketFactory sf = sslContext.getSocketFactory(); 480 assertNotNull(sf); 481 assertTrue(SSLSocketFactory.class.isAssignableFrom(sf.getClass())); 482 } 483 } 484 485 @Test 486 public void test_SSLContext_getServerSocketFactory() throws Exception { 487 for (String protocol : StandardNames.SSL_CONTEXT_PROTOCOLS) { 488 if (protocol.equals(StandardNames.SSL_CONTEXT_PROTOCOLS_DEFAULT)) { 489 SSLContext.getInstance(protocol).getServerSocketFactory(); 490 } else { 491 try { 492 SSLContext.getInstance(protocol).getServerSocketFactory(); 493 fail(); 494 } catch (IllegalStateException expected) { 495 // Ignored. 496 } 497 } 498 499 SSLContext sslContext = SSLContext.getInstance(protocol); 500 if (!protocol.equals(StandardNames.SSL_CONTEXT_PROTOCOLS_DEFAULT)) { 501 sslContext.init(null, null, null); 502 } 503 ServerSocketFactory ssf = sslContext.getServerSocketFactory(); 504 assertNotNull(ssf); 505 assertTrue(SSLServerSocketFactory.class.isAssignableFrom(ssf.getClass())); 506 } 507 } 508 509 @Test 510 public void test_SSLContext_createSSLEngine() throws Exception { 511 for (String protocol : StandardNames.SSL_CONTEXT_PROTOCOLS) { 512 if (protocol.equals(StandardNames.SSL_CONTEXT_PROTOCOLS_DEFAULT)) { 513 SSLContext.getInstance(protocol).createSSLEngine(); 514 } else { 515 try { 516 SSLContext.getInstance(protocol).createSSLEngine(); 517 fail(); 518 } catch (IllegalStateException expected) { 519 // Ignored. 520 } 521 } 522 523 if (protocol.equals(StandardNames.SSL_CONTEXT_PROTOCOLS_DEFAULT)) { 524 SSLContext.getInstance(protocol).createSSLEngine(null, -1); 525 } else { 526 try { 527 SSLContext.getInstance(protocol).createSSLEngine(null, -1); 528 fail(); 529 } catch (IllegalStateException expected) { 530 // Ignored. 531 } 532 } 533 534 { 535 SSLContext sslContext = SSLContext.getInstance(protocol); 536 if (!protocol.equals(StandardNames.SSL_CONTEXT_PROTOCOLS_DEFAULT)) { 537 sslContext.init(null, null, null); 538 } 539 SSLEngine se = sslContext.createSSLEngine(); 540 assertNotNull(se); 541 } 542 543 { 544 SSLContext sslContext = SSLContext.getInstance(protocol); 545 if (!protocol.equals(StandardNames.SSL_CONTEXT_PROTOCOLS_DEFAULT)) { 546 sslContext.init(null, null, null); 547 } 548 SSLEngine se = sslContext.createSSLEngine(null, -1); 549 assertNotNull(se); 550 } 551 } 552 } 553 554 @Test 555 public void test_SSLContext_getServerSessionContext() throws Exception { 556 for (String protocol : StandardNames.SSL_CONTEXT_PROTOCOLS) { 557 SSLContext sslContext = SSLContext.getInstance(protocol); 558 SSLSessionContext sessionContext = sslContext.getServerSessionContext(); 559 assertNotNull(sessionContext); 560 561 if (protocol.equals(StandardNames.SSL_CONTEXT_PROTOCOLS_DEFAULT)) { 562 assertSame( 563 SSLContext.getInstance(protocol).getServerSessionContext(), sessionContext); 564 } else { 565 assertNotSame( 566 SSLContext.getInstance(protocol).getServerSessionContext(), sessionContext); 567 } 568 } 569 } 570 571 @Test 572 public void test_SSLContext_getClientSessionContext() throws Exception { 573 for (String protocol : StandardNames.SSL_CONTEXT_PROTOCOLS) { 574 SSLContext sslContext = SSLContext.getInstance(protocol); 575 SSLSessionContext sessionContext = sslContext.getClientSessionContext(); 576 assertNotNull(sessionContext); 577 578 if (protocol.equals(StandardNames.SSL_CONTEXT_PROTOCOLS_DEFAULT)) { 579 assertSame( 580 SSLContext.getInstance(protocol).getClientSessionContext(), sessionContext); 581 } else { 582 assertNotSame( 583 SSLContext.getInstance(protocol).getClientSessionContext(), sessionContext); 584 } 585 } 586 } 587 588 @Test 589 public void test_SSLContextTest_TestSSLContext_create() { 590 TestSSLContext testContext = TestSSLContext.create(); 591 assertNotNull(testContext); 592 assertNotNull(testContext.clientKeyStore); 593 assertNull(testContext.clientStorePassword); 594 assertNotNull(testContext.serverKeyStore); 595 assertNotNull(testContext.clientKeyManagers); 596 assertNotNull(testContext.serverKeyManagers); 597 if (testContext.clientKeyManagers.length == 0) { 598 fail("No client KeyManagers"); 599 } 600 if (testContext.serverKeyManagers.length == 0) { 601 fail("No server KeyManagers"); 602 } 603 assertNotNull(testContext.clientKeyManagers[0]); 604 assertNotNull(testContext.serverKeyManagers[0]); 605 assertNotNull(testContext.clientTrustManager); 606 assertNotNull(testContext.serverTrustManager); 607 assertNotNull(testContext.clientContext); 608 assertNotNull(testContext.serverContext); 609 assertNotNull(testContext.serverSocket); 610 assertNotNull(testContext.host); 611 assertTrue(testContext.port != 0); 612 testContext.close(); 613 } 614 615 @Test(expected = NoSuchAlgorithmException.class) 616 public void test_SSLContext_SSLv3Unsupported() throws Exception { 617 // Find the default provider for TLS and verify that it does NOT support SSLv3. 618 Provider defaultTlsProvider = null; 619 for (Provider p : Security.getProviders()) { 620 if (p.get(TestUtils.PROVIDER_PROPERTY) != null) { 621 defaultTlsProvider = p; 622 break; 623 } 624 } 625 assertNotNull(defaultTlsProvider); 626 SSLContext.getInstance("SSLv3", defaultTlsProvider); 627 } 628 629 private static void assertContentsInOrder(List<String> expected, String... actual) { 630 if (expected.size() != actual.length) { 631 fail("Unexpected length. Expected len <" + expected.size() + ">, actual len <" 632 + actual.length + ">, expected <" + expected + ">, actual <" 633 + Arrays.asList(actual) + ">"); 634 } 635 if (!expected.equals(Arrays.asList(actual))) { 636 fail("Unexpected element(s). Expected <" + expected + ">, actual <" 637 + Arrays.asList(actual) + ">"); 638 } 639 } 640 } 641