diff options
| author | Kenny Root <kroot@google.com> | 2016-01-06 10:02:28 -0800 |
|---|---|---|
| committer | Kenny Root <kroot@google.com> | 2016-01-06 10:45:16 -0800 |
| commit | e7bdc26218b2f0fa323778de1ff1449f4c5f5a52 (patch) | |
| tree | 764b1a38912f323e27d42303ddb8eee7981e37ff /luni | |
| parent | c547ad05a040b638ef7d72acf118217d573e9d71 (diff) | |
| download | libcore-e7bdc26218b2f0fa323778de1ff1449f4c5f5a52.zip libcore-e7bdc26218b2f0fa323778de1ff1449f4c5f5a52.tar.gz libcore-e7bdc26218b2f0fa323778de1ff1449f4c5f5a52.tar.bz2 | |
Check for RFC 5746 TLS extension
RFC 5746 allows you to either include a signaling cipher suite or a TLS
extension. However, since TLS API has no way to indicate or check that
a certain TLS extension is used, we insert it into the cipher suites
we see to check against the enabled cipher suites.
(cherry picked from commit 81885494e46596c796cdcb5037b91d92915b65a7)
Bug: 24602368
Change-Id: I06422b9a90f47bb5ffa10ef614233d856773d336
Diffstat (limited to 'luni')
| -rw-r--r-- | luni/src/test/java/libcore/javax/net/ssl/SSLSocketTest.java | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/luni/src/test/java/libcore/javax/net/ssl/SSLSocketTest.java b/luni/src/test/java/libcore/javax/net/ssl/SSLSocketTest.java index bf2d0f8..11dfb3d 100644 --- a/luni/src/test/java/libcore/javax/net/ssl/SSLSocketTest.java +++ b/luni/src/test/java/libcore/javax/net/ssl/SSLSocketTest.java @@ -1559,7 +1559,23 @@ public class SSLSocketTest extends TestCase { @Override public void run(SSLSocketFactory sslSocketFactory) throws Exception { ClientHello clientHello = captureTlsHandshakeClientHello(sslSocketFactory); - String[] cipherSuites = new String[clientHello.cipherSuites.size()]; + final String[] cipherSuites; + + // RFC 5746 allows you to send an empty "renegotiation_info" extension *or* + // a special signaling cipher suite. The TLS API has no way to check or + // indicate that a certain TLS extension should be used. + HelloExtension renegotiationInfoExtension = clientHello.findExtensionByType( + HelloExtension.TYPE_RENEGOTIATION_INFO); + if (renegotiationInfoExtension != null && + renegotiationInfoExtension.data.length == 1 && + renegotiationInfoExtension.data[0] == 0) { + cipherSuites = new String[clientHello.cipherSuites.size() + 1]; + cipherSuites[clientHello.cipherSuites.size()] = + StandardNames.CIPHER_SUITE_SECURE_RENEGOTIATION; + } else { + cipherSuites = new String[clientHello.cipherSuites.size()]; + } + for (int i = 0; i < clientHello.cipherSuites.size(); i++) { CipherSuite cipherSuite = clientHello.cipherSuites.get(i); cipherSuites[i] = cipherSuite.getAndroidName(); |