summaryrefslogtreecommitdiffstats
path: root/support
diff options
context:
space:
mode:
authorKenny Root <kroot@google.com>2014-10-30 15:46:10 -0700
committerKenny Root <kroot@google.com>2014-11-03 15:52:54 -0800
commitbda96e051a3634b75abec3c989dcf0a8fab009b3 (patch)
tree38709237cd12ae466b81e2431957dd65186e150f /support
parent1cb912c53ccaeaa886e6838c5e45aec233777932 (diff)
downloadlibcore-bda96e051a3634b75abec3c989dcf0a8fab009b3.zip
libcore-bda96e051a3634b75abec3c989dcf0a8fab009b3.tar.gz
libcore-bda96e051a3634b75abec3c989dcf0a8fab009b3.tar.bz2
SSLSocket: document current behavior with SSLContext
Currently Android does not pay attention to the algorithm choice, so use this test as documentation of that. Bug: 17136008 Change-Id: If8e516be48721bf65a98f22a9cdf02eded8f6375
Diffstat (limited to 'support')
-rw-r--r--support/src/test/java/libcore/java/security/StandardNames.java50
1 files changed, 50 insertions, 0 deletions
diff --git a/support/src/test/java/libcore/java/security/StandardNames.java b/support/src/test/java/libcore/java/security/StandardNames.java
index 528a651..ff6128e 100644
--- a/support/src/test/java/libcore/java/security/StandardNames.java
+++ b/support/src/test/java/libcore/java/security/StandardNames.java
@@ -101,6 +101,9 @@ public final class StandardNames extends Assert {
public static final Map<String,Set<String>> CIPHER_PADDINGS
= new HashMap<String,Set<String>>();
+ private static final Map<String, String[]> SSL_CONTEXT_PROTOCOLS_ENABLED
+ = new HashMap<String,String[]>();
+
private static void provide(String type, String algorithm) {
Set<String> algorithms = PROVIDER_ALGORITHMS.get(type);
if (algorithms == null) {
@@ -134,6 +137,18 @@ public final class StandardNames extends Assert {
}
paddings.addAll(Arrays.asList(newPaddings));
}
+ private static void provideSslContextEnabledProtocols(String algorithm, TLSVersion minimum,
+ TLSVersion maximum) {
+ if (minimum.ordinal() > maximum.ordinal()) {
+ throw new RuntimeException("TLS version: minimum > maximum");
+ }
+ int versionsLength = maximum.ordinal() - minimum.ordinal() + 1;
+ String[] versionNames = new String[versionsLength];
+ for (int i = 0; i < versionsLength; i++) {
+ versionNames[i] = TLSVersion.values()[i + minimum.ordinal()].name;
+ }
+ SSL_CONTEXT_PROTOCOLS_ENABLED.put(algorithm, versionNames);
+ }
static {
provide("AlgorithmParameterGenerator", "DSA");
provide("AlgorithmParameterGenerator", "DiffieHellman");
@@ -533,6 +548,22 @@ public final class StandardNames extends Assert {
}
}
+
+ if (IS_RI) {
+ provideSslContextEnabledProtocols("SSL", TLSVersion.SSLv3, TLSVersion.TLSv1);
+ provideSslContextEnabledProtocols("SSLv3", TLSVersion.SSLv3, TLSVersion.TLSv1);
+ provideSslContextEnabledProtocols("TLS", TLSVersion.SSLv3, TLSVersion.TLSv1);
+ provideSslContextEnabledProtocols("TLSv1", TLSVersion.SSLv3, TLSVersion.TLSv1);
+ provideSslContextEnabledProtocols("TLSv1.1", TLSVersion.SSLv3, TLSVersion.TLSv11);
+ provideSslContextEnabledProtocols("TLSv1.2", TLSVersion.SSLv3, TLSVersion.TLSv12);
+ } else {
+ provideSslContextEnabledProtocols("SSL", TLSVersion.SSLv3, TLSVersion.TLSv12);
+ provideSslContextEnabledProtocols("SSLv3", TLSVersion.SSLv3, TLSVersion.TLSv12);
+ provideSslContextEnabledProtocols("TLS", TLSVersion.SSLv3, TLSVersion.TLSv12);
+ provideSslContextEnabledProtocols("TLSv1", TLSVersion.SSLv3, TLSVersion.TLSv12);
+ provideSslContextEnabledProtocols("TLSv1.1", TLSVersion.SSLv3, TLSVersion.TLSv12);
+ provideSslContextEnabledProtocols("TLSv1.2", TLSVersion.SSLv3, TLSVersion.TLSv12);
+ }
}
public static final String SSL_CONTEXT_PROTOCOLS_DEFAULT = "Default";
@@ -593,6 +624,19 @@ public final class StandardNames extends Assert {
}
}
+ private static enum TLSVersion {
+ SSLv3("SSLv3"),
+ TLSv1("TLSv1"),
+ TLSv11("TLSv1.1"),
+ TLSv12("TLSv1.2");
+
+ private final String name;
+
+ TLSVersion(String name) {
+ this.name = name;
+ }
+ };
+
/**
* Valid values for X509TrustManager.checkClientTrusted authType,
* either the algorithm of the public key or UNKNOWN.
@@ -1084,6 +1128,12 @@ public final class StandardNames extends Assert {
}
}
+ public static void assertSSLContextEnabledProtocols(String version, String[] protocols) {
+ assertEquals("For protocol \"" + version + "\"",
+ Arrays.toString(SSL_CONTEXT_PROTOCOLS_ENABLED.get(version)),
+ Arrays.toString(protocols));
+ }
+
private static boolean isPermittedDefaultCipherSuite(String cipherSuite) {
assertNotNull(cipherSuite);
if (CIPHER_SUITE_SECURE_RENEGOTIATION.equals(cipherSuite)) {