SSLSocket: document current behavior with SSLContext

Currently Android does not pay attention to the algorithm choice, so use this test as documentation of that. Bug: 17136008 Change-Id: If8e516be48721bf65a98f22a9cdf02eded8f6375
author: Kenny Root <kroot@google.com> 2014-10-30 15:46:10 -0700
committer: Kenny Root <kroot@google.com> 2014-11-03 15:52:54 -0800
commit: bda96e051a3634b75abec3c989dcf0a8fab009b3 (patch)
tree: 38709237cd12ae466b81e2431957dd65186e150f /support
parent: 1cb912c53ccaeaa886e6838c5e45aec233777932 (diff)
download: libcore-bda96e051a3634b75abec3c989dcf0a8fab009b3.zip
libcore-bda96e051a3634b75abec3c989dcf0a8fab009b3.tar.gz
libcore-bda96e051a3634b75abec3c989dcf0a8fab009b3.tar.bz2
1 files changed, 50 insertions, 0 deletions
diff --git a/support/src/test/java/libcore/java/security/StandardNames.java b/support/src/test/java/libcore/java/security/StandardNames.java
index 528a651..ff6128e 100644
--- a/support/src/test/java/libcore/java/security/StandardNames.java
+++ b/support/src/test/java/libcore/java/security/StandardNames.java
@@ -101,6 +101,9 @@ public final class StandardNames extends Assert {
     public static final Map<String,Set<String>> CIPHER_PADDINGS
             = new HashMap<String,Set<String>>();
 
+    private static final Map<String, String[]> SSL_CONTEXT_PROTOCOLS_ENABLED
+            = new HashMap<String,String[]>();
+
     private static void provide(String type, String algorithm) {
         Set<String> algorithms = PROVIDER_ALGORITHMS.get(type);
         if (algorithms == null) {
@@ -134,6 +137,18 @@ public final class StandardNames extends Assert {
         }
         paddings.addAll(Arrays.asList(newPaddings));
     }
+    private static void provideSslContextEnabledProtocols(String algorithm, TLSVersion minimum,
+            TLSVersion maximum) {
+        if (minimum.ordinal() > maximum.ordinal()) {
+            throw new RuntimeException("TLS version: minimum > maximum");
+        }
+        int versionsLength = maximum.ordinal() - minimum.ordinal() + 1;
+        String[] versionNames = new String[versionsLength];
+        for (int i = 0; i < versionsLength; i++) {
+            versionNames[i] = TLSVersion.values()[i + minimum.ordinal()].name;
+        }
+        SSL_CONTEXT_PROTOCOLS_ENABLED.put(algorithm, versionNames);
+    }
     static {
         provide("AlgorithmParameterGenerator", "DSA");
         provide("AlgorithmParameterGenerator", "DiffieHellman");
@@ -533,6 +548,22 @@ public final class StandardNames extends Assert {
             }
 
         }
+
+        if (IS_RI) {
+            provideSslContextEnabledProtocols("SSL", TLSVersion.SSLv3, TLSVersion.TLSv1);
+            provideSslContextEnabledProtocols("SSLv3", TLSVersion.SSLv3, TLSVersion.TLSv1);
+            provideSslContextEnabledProtocols("TLS", TLSVersion.SSLv3, TLSVersion.TLSv1);
+            provideSslContextEnabledProtocols("TLSv1", TLSVersion.SSLv3, TLSVersion.TLSv1);
+            provideSslContextEnabledProtocols("TLSv1.1", TLSVersion.SSLv3, TLSVersion.TLSv11);
+            provideSslContextEnabledProtocols("TLSv1.2", TLSVersion.SSLv3, TLSVersion.TLSv12);
+        } else {
+            provideSslContextEnabledProtocols("SSL", TLSVersion.SSLv3, TLSVersion.TLSv12);
+            provideSslContextEnabledProtocols("SSLv3", TLSVersion.SSLv3, TLSVersion.TLSv12);
+            provideSslContextEnabledProtocols("TLS", TLSVersion.SSLv3, TLSVersion.TLSv12);
+            provideSslContextEnabledProtocols("TLSv1", TLSVersion.SSLv3, TLSVersion.TLSv12);
+            provideSslContextEnabledProtocols("TLSv1.1", TLSVersion.SSLv3, TLSVersion.TLSv12);
+            provideSslContextEnabledProtocols("TLSv1.2", TLSVersion.SSLv3, TLSVersion.TLSv12);
+        }
     }
 
     public static final String SSL_CONTEXT_PROTOCOLS_DEFAULT = "Default";
@@ -593,6 +624,19 @@ public final class StandardNames extends Assert {
         }
     }
 
+    private static enum TLSVersion {
+        SSLv3("SSLv3"),
+        TLSv1("TLSv1"),
+        TLSv11("TLSv1.1"),
+        TLSv12("TLSv1.2");
+
+        private final String name;
+
+        TLSVersion(String name) {
+            this.name = name;
+        }
+    };
+
     /**
      * Valid values for X509TrustManager.checkClientTrusted authType,
      * either the algorithm of the public key or UNKNOWN.
@@ -1084,6 +1128,12 @@ public final class StandardNames extends Assert {
         }
     }
 
+    public static void assertSSLContextEnabledProtocols(String version, String[] protocols) {
+        assertEquals("For protocol \"" + version + "\"",
+                Arrays.toString(SSL_CONTEXT_PROTOCOLS_ENABLED.get(version)),
+                Arrays.toString(protocols));
+    }
+
     private static boolean isPermittedDefaultCipherSuite(String cipherSuite) {
         assertNotNull(cipherSuite);
         if (CIPHER_SUITE_SECURE_RENEGOTIATION.equals(cipherSuite)) {
author	Kenny Root <kroot@google.com>	2014-10-30 15:46:10 -0700
committer	Kenny Root <kroot@google.com>	2014-11-03 15:52:54 -0800
commit	bda96e051a3634b75abec3c989dcf0a8fab009b3 (patch)
tree	38709237cd12ae466b81e2431957dd65186e150f /support
parent	1cb912c53ccaeaa886e6838c5e45aec233777932 (diff)
download	libcore-bda96e051a3634b75abec3c989dcf0a8fab009b3.zip libcore-bda96e051a3634b75abec3c989dcf0a8fab009b3.tar.gz libcore-bda96e051a3634b75abec3c989dcf0a8fab009b3.tar.bz2