diff options
author | Kenny Root <kroot@google.com> | 2014-10-30 15:46:10 -0700 |
---|---|---|
committer | Kenny Root <kroot@google.com> | 2014-11-03 15:52:54 -0800 |
commit | bda96e051a3634b75abec3c989dcf0a8fab009b3 (patch) | |
tree | 38709237cd12ae466b81e2431957dd65186e150f /support | |
parent | 1cb912c53ccaeaa886e6838c5e45aec233777932 (diff) | |
download | libcore-bda96e051a3634b75abec3c989dcf0a8fab009b3.zip libcore-bda96e051a3634b75abec3c989dcf0a8fab009b3.tar.gz libcore-bda96e051a3634b75abec3c989dcf0a8fab009b3.tar.bz2 |
SSLSocket: document current behavior with SSLContext
Currently Android does not pay attention to the algorithm choice, so use
this test as documentation of that.
Bug: 17136008
Change-Id: If8e516be48721bf65a98f22a9cdf02eded8f6375
Diffstat (limited to 'support')
-rw-r--r-- | support/src/test/java/libcore/java/security/StandardNames.java | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/support/src/test/java/libcore/java/security/StandardNames.java b/support/src/test/java/libcore/java/security/StandardNames.java index 528a651..ff6128e 100644 --- a/support/src/test/java/libcore/java/security/StandardNames.java +++ b/support/src/test/java/libcore/java/security/StandardNames.java @@ -101,6 +101,9 @@ public final class StandardNames extends Assert { public static final Map<String,Set<String>> CIPHER_PADDINGS = new HashMap<String,Set<String>>(); + private static final Map<String, String[]> SSL_CONTEXT_PROTOCOLS_ENABLED + = new HashMap<String,String[]>(); + private static void provide(String type, String algorithm) { Set<String> algorithms = PROVIDER_ALGORITHMS.get(type); if (algorithms == null) { @@ -134,6 +137,18 @@ public final class StandardNames extends Assert { } paddings.addAll(Arrays.asList(newPaddings)); } + private static void provideSslContextEnabledProtocols(String algorithm, TLSVersion minimum, + TLSVersion maximum) { + if (minimum.ordinal() > maximum.ordinal()) { + throw new RuntimeException("TLS version: minimum > maximum"); + } + int versionsLength = maximum.ordinal() - minimum.ordinal() + 1; + String[] versionNames = new String[versionsLength]; + for (int i = 0; i < versionsLength; i++) { + versionNames[i] = TLSVersion.values()[i + minimum.ordinal()].name; + } + SSL_CONTEXT_PROTOCOLS_ENABLED.put(algorithm, versionNames); + } static { provide("AlgorithmParameterGenerator", "DSA"); provide("AlgorithmParameterGenerator", "DiffieHellman"); @@ -533,6 +548,22 @@ public final class StandardNames extends Assert { } } + + if (IS_RI) { + provideSslContextEnabledProtocols("SSL", TLSVersion.SSLv3, TLSVersion.TLSv1); + provideSslContextEnabledProtocols("SSLv3", TLSVersion.SSLv3, TLSVersion.TLSv1); + provideSslContextEnabledProtocols("TLS", TLSVersion.SSLv3, TLSVersion.TLSv1); + provideSslContextEnabledProtocols("TLSv1", TLSVersion.SSLv3, TLSVersion.TLSv1); + provideSslContextEnabledProtocols("TLSv1.1", TLSVersion.SSLv3, TLSVersion.TLSv11); + provideSslContextEnabledProtocols("TLSv1.2", TLSVersion.SSLv3, TLSVersion.TLSv12); + } else { + provideSslContextEnabledProtocols("SSL", TLSVersion.SSLv3, TLSVersion.TLSv12); + provideSslContextEnabledProtocols("SSLv3", TLSVersion.SSLv3, TLSVersion.TLSv12); + provideSslContextEnabledProtocols("TLS", TLSVersion.SSLv3, TLSVersion.TLSv12); + provideSslContextEnabledProtocols("TLSv1", TLSVersion.SSLv3, TLSVersion.TLSv12); + provideSslContextEnabledProtocols("TLSv1.1", TLSVersion.SSLv3, TLSVersion.TLSv12); + provideSslContextEnabledProtocols("TLSv1.2", TLSVersion.SSLv3, TLSVersion.TLSv12); + } } public static final String SSL_CONTEXT_PROTOCOLS_DEFAULT = "Default"; @@ -593,6 +624,19 @@ public final class StandardNames extends Assert { } } + private static enum TLSVersion { + SSLv3("SSLv3"), + TLSv1("TLSv1"), + TLSv11("TLSv1.1"), + TLSv12("TLSv1.2"); + + private final String name; + + TLSVersion(String name) { + this.name = name; + } + }; + /** * Valid values for X509TrustManager.checkClientTrusted authType, * either the algorithm of the public key or UNKNOWN. @@ -1084,6 +1128,12 @@ public final class StandardNames extends Assert { } } + public static void assertSSLContextEnabledProtocols(String version, String[] protocols) { + assertEquals("For protocol \"" + version + "\"", + Arrays.toString(SSL_CONTEXT_PROTOCOLS_ENABLED.get(version)), + Arrays.toString(protocols)); + } + private static boolean isPermittedDefaultCipherSuite(String cipherSuite) { assertNotNull(cipherSuite); if (CIPHER_SUITE_SECURE_RENEGOTIATION.equals(cipherSuite)) { |