Home | History | Annotate | Download | only in ssl 
      1 /*
      2  *  Licensed to the Apache Software Foundation (ASF) under one or more
      3  *  contributor license agreements.  See the NOTICE file distributed with
      4  *  this work for additional information regarding copyright ownership.
      5  *  The ASF licenses this file to You under the Apache License, Version 2.0
      6  *  (the "License"); you may not use this file except in compliance with
      7  *  the License.  You may obtain a copy of the License at
      8  *
      9  *     http://www.apache.org/licenses/LICENSE-2.0
     10  *
     11  *  Unless required by applicable law or agreed to in writing, software
     12  *  distributed under the License is distributed on an "AS IS" BASIS,
     13  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     14  *  See the License for the specific language governing permissions and
     15  *  limitations under the License.
     16  */
     17 
     18 
     19 package org.apache.harmony.tests.javax.net.ssl;
     20 
     21 import java.io.ByteArrayInputStream;
     22 import java.net.URL;
     23 import java.security.Principal;
     24 import java.security.cert.Certificate;
     25 import java.security.cert.CertificateException;
     26 import java.security.cert.CertificateFactory;
     27 
     28 import javax.net.ssl.HostnameVerifier;
     29 import javax.net.ssl.HttpsURLConnection;
     30 import javax.net.ssl.SSLPeerUnverifiedException;
     31 import javax.net.ssl.SSLSession;
     32 import javax.net.ssl.SSLSocketFactory;
     33 
     34 import org.apache.harmony.security.tests.support.cert.TestUtils;
     35 
     36 import junit.framework.TestCase;
     37 
     38 
     39 
     40 /**
     41  * Tests for <code>HttpsURLConnection</code> class constructors and methods.
     42  *
     43  */
     44 public class HttpsURLConnectionTest extends TestCase {
     45 
     46     @Override
     47     public void setUp() throws Exception {
     48         // Set the default SSL Socket factory to avoid an unmatched SSLSocketFactory
     49         HttpsURLConnection.setDefaultSSLSocketFactory(
     50             (SSLSocketFactory)SSLSocketFactory.getDefault());
     51     }
     52 
     53     /**
     54      * javax.net.ssl.HttpsURLConnection#HttpsURLConnection(java_net_URL)
     55      */
     56     public final void test_Constructor() throws Exception {
     57         new MyHttpsURLConnection(new URL("https://www.fortify.net/"));
     58         new MyHttpsURLConnection(null);
     59     }
     60 
     61     /**
     62      * javax.net.ssl.HttpsURLConnection#getCipherSuite()
     63      */
     64     public final void test_getCipherSuite() throws Exception {
     65         URL url = new URL("https://localhost:55555");
     66         HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
     67         try {
     68             connection.getCipherSuite();
     69             fail("IllegalStateException wasn't thrown");
     70         } catch (IllegalStateException expected) {
     71         }
     72 
     73         HttpsURLConnection con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"));
     74         assertEquals("CipherSuite", con.getCipherSuite());
     75     }
     76 
     77     /**
     78      * javax.net.ssl.HttpsURLConnection#getLocalCertificates()
     79      */
     80     public final void test_getLocalCertificates() throws Exception {
     81         URL url = new URL("https://localhost:55555");
     82         HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
     83         try {
     84             connection.getLocalCertificates();
     85             fail("IllegalStateException wasn't thrown");
     86         } catch (IllegalStateException expected) {
     87         }
     88 
     89         HttpsURLConnection con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.508");
     90         assertNull(con.getLocalCertificates());
     91         con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.509");
     92         Certificate[] cert = con.getLocalCertificates();
     93         assertNotNull(cert);
     94         assertEquals(1, cert.length);
     95     }
     96 
     97     /**
     98      * javax.net.ssl.HttpsURLConnection#getDefaultHostnameVerifier()
     99      */
    100     public final void test_getDefaultHostnameVerifier() {
    101         HostnameVerifier verifyer =
    102             HttpsURLConnection.getDefaultHostnameVerifier();
    103         assertNotNull("Default hostname verifyer is null", verifyer);
    104     }
    105 
    106     /**
    107      * javax.net.ssl.HttpsURLConnection#getHostnameVerifier()
    108      */
    109     public final void test_getHostnameVerifier()
    110         throws Exception {
    111         HttpsURLConnection con = new MyHttpsURLConnection(
    112                 new URL("https://www.fortify.net/"));
    113         HostnameVerifier verifyer = con.getHostnameVerifier();
    114         assertNotNull("Hostname verifyer is null", verifyer);
    115         assertEquals("Incorrect value of hostname verirfyer",
    116                 HttpsURLConnection.getDefaultHostnameVerifier(), verifyer);
    117     }
    118 
    119     /**
    120      * javax.net.ssl.HttpsURLConnection#getLocalPrincipal()
    121      */
    122     public final void test_getLocalPrincipal() throws Exception {
    123         URL url = new URL("https://localhost:55555");
    124         HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
    125         try {
    126             connection.getLocalPrincipal();
    127             fail("IllegalStateException wasn't thrown");
    128         } catch (IllegalStateException expected) {
    129         }
    130 
    131         HttpsURLConnection con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.508");
    132         assertNull(con.getLocalPrincipal());
    133         con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.509");
    134         assertNotNull("Local principal is null", con.getLocalPrincipal());
    135     }
    136 
    137     /**
    138      * javax.net.ssl.HttpsURLConnection#getPeerPrincipal()
    139      */
    140     public final void test_getPeerPrincipal() throws Exception {
    141         URL url = new URL("https://localhost:55555");
    142         HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
    143         try {
    144             connection.getPeerPrincipal();
    145             fail("IllegalStateException wasn't thrown");
    146         } catch (IllegalStateException expected) {
    147         }
    148         HttpsURLConnection con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.508");
    149         try {
    150             Principal p = con.getPeerPrincipal();
    151             fail("SSLPeerUnverifiedException wasn't thrown");
    152         } catch (SSLPeerUnverifiedException expected) {
    153         }
    154 
    155         con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.509");
    156         Principal p = con.getPeerPrincipal();
    157         assertNotNull(p);
    158     }
    159 
    160     /**
    161      * javax.net.ssl.HttpsURLConnection#getServerCertificates()
    162      */
    163     public final void test_getServerCertificates() throws Exception {
    164         URL url = new URL("https://localhost:55555");
    165         HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
    166         try {
    167             connection.getServerCertificates();
    168             fail("IllegalStateException wasn't thrown");
    169         } catch (IllegalStateException expected) {
    170         }
    171 
    172         HttpsURLConnection con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.508");
    173         try {
    174             con.getServerCertificates();
    175             fail("SSLPeerUnverifiedException wasn't thrown");
    176         } catch (SSLPeerUnverifiedException expected) {
    177         }
    178 
    179         con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.509");
    180         Certificate[] cert = con.getServerCertificates();
    181         assertNotNull(cert);
    182         assertEquals(1, cert.length);
    183     }
    184 
    185     /**
    186      * javax.net.ssl.HttpsURLConnection#setDefaultHostnameVerifier()
    187      */
    188     public final void test_setDefaultHostnameVerifier() {
    189         try {
    190             HttpsURLConnection.setDefaultHostnameVerifier(null);
    191             fail("No expected IllegalArgumentException");
    192         } catch (IllegalArgumentException expected) {
    193         }
    194         HostnameVerifier def = HttpsURLConnection.getDefaultHostnameVerifier();
    195         try {
    196             myHostnameVerifier hnv = new myHostnameVerifier();
    197             HttpsURLConnection.setDefaultHostnameVerifier(hnv);
    198             assertEquals(hnv, HttpsURLConnection.getDefaultHostnameVerifier());
    199         } finally {
    200             HttpsURLConnection.setDefaultHostnameVerifier(def);
    201         }
    202     }
    203 
    204     /**
    205      * javax.net.ssl.HttpsURLConnection#setHostnameVerifier()
    206      */
    207     public final void test_setHostnameVerifier() {
    208         HttpsURLConnection con = new MyHttpsURLConnection(null);
    209         try {
    210             con.setHostnameVerifier(null);
    211             fail("No expected IllegalArgumentException");
    212         } catch (IllegalArgumentException expected) {
    213         }
    214         myHostnameVerifier hnv = new myHostnameVerifier();
    215         con.setHostnameVerifier(hnv);
    216     }
    217 
    218     /**
    219      * javax.net.ssl.HttpsURLConnection#setDefaultSSLSocketFactory()
    220      */
    221     public final void test_setDefaultSSLSocketFactory() {
    222         try {
    223             HttpsURLConnection.setDefaultSSLSocketFactory(null);
    224             fail("No expected IllegalArgumentException");
    225         } catch (IllegalArgumentException expected) {
    226         }
    227         SSLSocketFactory ssf = (SSLSocketFactory) SSLSocketFactory
    228                 .getDefault();
    229         HttpsURLConnection.setDefaultSSLSocketFactory(ssf);
    230     }
    231 
    232     /**
    233      * javax.net.ssl.HttpsURLConnection#setSSLSocketFactory()
    234      */
    235     public final void test_setSSLSocketFactory() {
    236         HttpsURLConnection con = new MyHttpsURLConnection(null);
    237         try {
    238             con.setSSLSocketFactory(null);
    239             fail("No expected IllegalArgumentException");
    240         } catch (IllegalArgumentException expected) {
    241         }
    242         SSLSocketFactory ssf = (SSLSocketFactory) SSLSocketFactory
    243                 .getDefault();
    244         con.setSSLSocketFactory(ssf);
    245     }
    246 }
    247 
    248 class MyHttpsURLConnection extends javax.net.ssl.HttpsURLConnection {
    249 
    250     private String typeDone;
    251 
    252     public MyHttpsURLConnection(URL url) {
    253         super(url);
    254     }
    255 
    256     public MyHttpsURLConnection(URL url, String type) {
    257         super(url);
    258         typeDone = type;
    259     }
    260 
    261     /*
    262      * @see javax.net.ssl.HttpsURLConnection#getCipherSuite()
    263      */
    264     public String getCipherSuite() {
    265         return "CipherSuite";
    266     }
    267 
    268     /*
    269      * @see javax.net.ssl.HttpsURLConnection#getLocalCertificates()
    270      */
    271     public Certificate[] getLocalCertificates() {
    272         try {
    273             CertificateFactory cf = CertificateFactory.getInstance(typeDone);
    274             byte[] barr = TestUtils.getX509Certificate_v1();
    275             ByteArrayInputStream bis = new ByteArrayInputStream(barr);
    276             Certificate cert = cf.generateCertificate(bis);
    277             return new Certificate[] { cert };
    278         } catch (CertificateException se) {
    279             return null;
    280         }
    281     }
    282 
    283     /*
    284      * @see javax.net.ssl.HttpsURLConnection#getServerCertificates()
    285      */
    286     public Certificate[] getServerCertificates() throws SSLPeerUnverifiedException {
    287         try {
    288             CertificateFactory cf = CertificateFactory.getInstance(typeDone);
    289             byte[] barr = TestUtils.getX509Certificate_v3();
    290             ByteArrayInputStream bis = new ByteArrayInputStream(barr);
    291             Certificate cert = cf.generateCertificate(bis);
    292             return new Certificate[] { cert };
    293         } catch (CertificateException se) {
    294             throw new SSLPeerUnverifiedException("No server's end-entity certificate");
    295         }
    296     }
    297 
    298     /*
    299      * @see java.net.HttpURLConnection#disconnect()
    300      */
    301     public void disconnect() {
    302     }
    303 
    304     /*
    305      * @see java.net.HttpURLConnection#usingProxy()
    306      */
    307     public boolean usingProxy() {
    308         return false;
    309     }
    310 
    311     public void connect() {
    312     }
    313 
    314 }
    315 
    316 class myHostnameVerifier implements HostnameVerifier {
    317 
    318     myHostnameVerifier() {
    319     }
    320 
    321     public boolean verify(String hostname, SSLSession session) {
    322         if (hostname == session.getPeerHost()) {
    323             return true;
    324         } else return false;
    325     }
    326 }
    327 
    328