diff options
4 files changed, 83 insertions, 103 deletions
diff --git a/expectations/knownfailures.txt b/expectations/knownfailures.txt index 66b39fb..276e781 100644 --- a/expectations/knownfailures.txt +++ b/expectations/knownfailures.txt @@ -939,49 +939,6 @@ name: "libcore.java.sql.OldStatementTest#testGetUpdateCount" }, { - description: "Handshake Status is never finished. NPE in ClientSessionContext$HostAndPort.hashCode() when host - is null", - bug: 3403706, - name: "tests.api.javax.net.ssl.SSLEngineTest#testHandshake" -}, -{ - description: "com.android.org.conscrypt.SSLEngineImpl#getDelegatedTask() throws NPE instead of - returning null", - bug: 3403706, - name: "tests.api.javax.net.ssl.SSLEngineTest#test_getDelegatedTask" -}, -{ - description: "Fixed in DonutBurger, boundary checks missing", - bug: 3403706, - name: "tests.api.javax.net.ssl.SSLEngineTest#test_unwrap_02" -}, -{ - description: "Fixed on DonutBurger, Wrong Exception thrown", - bug: 3403706, - names: [ - "tests.api.javax.net.ssl.SSLEngineTest#test_unwrap_03", - "tests.api.javax.net.ssl.SSLEngineTest#test_unwrap_04", - "tests.api.javax.net.ssl.SSLEngineTest#test_unwrap_ByteBuffer$ByteBuffer_02", - "tests.api.javax.net.ssl.SSLEngineTest#test_unwrap_ByteBuffer$ByteBuffer_03", - "tests.api.javax.net.ssl.SSLEngineTest#test_unwrap_ByteBuffer_ByteBuffer_02", - "tests.api.javax.net.ssl.SSLEngineTest#test_unwrap_ByteBuffer_ByteBuffer_03" - ] -}, -{ - description: "Fixed in DonutBurger, boundary checks missing", - bug: 3403706, - name: "tests.api.javax.net.ssl.SSLEngineTest#test_wrap_02" -}, -{ - description: "Fixed on DonutBurger, Wrong Exception thrown", - bug: 3403706, - names: [ - "tests.api.javax.net.ssl.SSLEngineTest#test_wrap_04", - "tests.api.javax.net.ssl.SSLEngineTest#test_wrap_ByteBuffer$ByteBuffer_03", - "tests.api.javax.net.ssl.SSLEngineTest#test_wrap_ByteBuffer_ByteBuffer_03" - ] -}, -{ description: "ManagerFactoryParameters object is not supported and InvalidAlgorithmParameterException was thrown.", bug: 3403706, @@ -993,26 +950,6 @@ name: "tests.api.javax.net.ssl.HostnameVerifierTest#testVerifyIpAddress" }, { - description: "NO SERVER CERTIFICATE FOUND - selectSuite should not pick a suite that needs a certificate if it is missing", - bug: 3045163, - name: "libcore.javax.net.ssl.SSLEngineTest#test_SSLEngine_beginHandshake_noKeyStore" -}, -{ - description: "AlertException instead of SSLException", - bug: 3045163, - name: "libcore.javax.net.ssl.SSLEngineTest#test_SSLEngine_setEnableSessionCreation_client" -}, -{ - description: "SSLException instead of failure to handshake", - bug: 3045163, - name: "libcore.javax.net.ssl.SSLEngineTest#test_SSLEngine_setEnableSessionCreation_server" -}, -{ - description: "SSLHandshakeException instead of failure to handshake", - bug: 3045163, - name: "libcore.javax.net.ssl.SSLEngineTest#test_SSLEngine_setUseClientMode" -}, -{ description: "method test fails once in a while. Cannot be sure that exception is thrown in every test execution.", bug: 3403706, name: "libcore.sqlite.OldDatabaseTest#testBusy_handler" diff --git a/luni/src/test/java/libcore/javax/net/ssl/SSLEngineTest.java b/luni/src/test/java/libcore/javax/net/ssl/SSLEngineTest.java index f8cee20..a7d0df2 100644 --- a/luni/src/test/java/libcore/javax/net/ssl/SSLEngineTest.java +++ b/luni/src/test/java/libcore/javax/net/ssl/SSLEngineTest.java @@ -82,9 +82,7 @@ public class SSLEngineTest extends TestCase { .ca(true) .build(); test_SSLEngine_getSupportedCipherSuites_connect(testKeyStore, false); - if (StandardNames.IS_RI) { - test_SSLEngine_getSupportedCipherSuites_connect(testKeyStore, true); - } + test_SSLEngine_getSupportedCipherSuites_connect(testKeyStore, true); } private void test_SSLEngine_getSupportedCipherSuites_connect(TestKeyStore testKeyStore, boolean secureRenegotiation) @@ -133,8 +131,12 @@ public class SSLEngineTest extends TestCase { testKeyStore.keyManagers[replaceIndex] = originalKeyManager; } + // To catch all the errors. + StringBuilder error = new StringBuilder(); + String[] cipherSuites = c.clientContext.createSSLEngine().getSupportedCipherSuites(); for (String cipherSuite : cipherSuites) { + try { // Skip cipher suites that are obsoleted. if (StandardNames.IS_RI && "TLSv1.2".equals(c.clientContext.getProtocol()) && StandardNames.CIPHER_SUITES_OBSOLETE_TLS12.contains(cipherSuite)) { @@ -201,8 +203,20 @@ public class SSLEngineTest extends TestCase { assertNotConnected(p); } catch (IOException expected) {} } + } catch (Exception e) { + String message = ("Problem trying to connect cipher suite " + cipherSuite); + System.out.println(message); + e.printStackTrace(); + error.append(message); + error.append('\n'); + } } c.close(); + + if (error.length() > 0) { + throw new Exception("One or more problems in " + + "test_SSLEngine_getSupportedCipherSuites_connect:\n" + error); + } } private static void assertSendsCorrectly(final byte[] sourceBytes, SSLEngine source, @@ -389,17 +403,34 @@ public class SSLEngineTest extends TestCase { } public void test_SSLEngine_setUseClientMode() throws Exception { + boolean[] finished; + // client is client, server is server - assertConnected(test_SSLEngine_setUseClientMode(true, false)); + finished = new boolean[2]; + assertConnected(test_SSLEngine_setUseClientMode(true, false, finished)); + assertTrue(finished[0]); + assertTrue(finished[1]); // client is server, server is client - assertConnected(test_SSLEngine_setUseClientMode(false, true)); + finished = new boolean[2]; + assertConnected(test_SSLEngine_setUseClientMode(false, true, finished)); + assertTrue(finished[0]); + assertTrue(finished[1]); // both are client - assertNotConnected(test_SSLEngine_setUseClientMode(true, true)); + /* + * Our implementation throws an SSLHandshakeException, but RI just + * stalls forever + */ + try { + assertNotConnected(test_SSLEngine_setUseClientMode(true, true, null)); + assertTrue(StandardNames.IS_RI); + } catch (SSLHandshakeException maybeExpected) { + assertFalse(StandardNames.IS_RI); + } // both are server - assertNotConnected(test_SSLEngine_setUseClientMode(false, false)); + assertNotConnected(test_SSLEngine_setUseClientMode(false, false, null)); } public void test_SSLEngine_setUseClientMode_afterHandshake() throws Exception { @@ -419,7 +450,8 @@ public class SSLEngineTest extends TestCase { } private TestSSLEnginePair test_SSLEngine_setUseClientMode(final boolean clientClientMode, - final boolean serverClientMode) + final boolean serverClientMode, + final boolean[] finished) throws Exception { TestSSLContext c; if (!clientClientMode && serverClientMode) { @@ -434,7 +466,7 @@ public class SSLEngineTest extends TestCase { client.setUseClientMode(clientClientMode); server.setUseClientMode(serverClientMode); } - }); + }, finished); } public void test_SSLEngine_clientAuth() throws Exception { diff --git a/support/src/test/java/libcore/java/security/StandardNames.java b/support/src/test/java/libcore/java/security/StandardNames.java index a14de53..da6fcd6 100644 --- a/support/src/test/java/libcore/java/security/StandardNames.java +++ b/support/src/test/java/libcore/java/security/StandardNames.java @@ -887,28 +887,6 @@ public final class StandardNames extends Assert { public static final List<String> CIPHER_SUITES_DEFAULT_SSLENGINE = new ArrayList<String>(CIPHER_SUITES_DEFAULT); public static final Set<String> CIPHER_SUITES_SSLENGINE = new HashSet<String>(CIPHER_SUITES); - static { - // No Elliptic Curve or TLSv1.2 cipher suite support on SSLEngine based provider - if (!IS_RI) { - Iterator<String> i = CIPHER_SUITES_SSLENGINE.iterator(); - while (i.hasNext()) { - String cs = i.next(); - if (cs.startsWith("TLS_EC") || cs.contains("_SHA256") || cs.contains("_SHA384") - || cs.equals(CIPHER_SUITE_SECURE_RENEGOTIATION)) { - i.remove(); - } - } - - i = CIPHER_SUITES_DEFAULT_SSLENGINE.iterator(); - while (i.hasNext()) { - String cs = i.next(); - if (cs.startsWith("TLS_EC") || cs.contains("_SHA256") || cs.contains("_SHA384") - || cs.equals(CIPHER_SUITE_SECURE_RENEGOTIATION)) { - i.remove(); - } - } - } - } public static final Map<String, Class<? extends KeySpec>> PRIVATE_KEY_SPEC_CLASSES; public static final Map<String, Class<? extends KeySpec>> PUBLIC_KEY_SPEC_CLASSES; diff --git a/support/src/test/java/libcore/javax/net/ssl/TestSSLEnginePair.java b/support/src/test/java/libcore/javax/net/ssl/TestSSLEnginePair.java index 5feedb3..79d5d00 100644 --- a/support/src/test/java/libcore/javax/net/ssl/TestSSLEnginePair.java +++ b/support/src/test/java/libcore/javax/net/ssl/TestSSLEnginePair.java @@ -47,10 +47,19 @@ public final class TestSSLEnginePair extends Assert { } public static TestSSLEnginePair create(TestSSLContext c, Hooks hooks) throws IOException { - SSLEngine[] engines = connect(c, hooks); + return create(c, hooks, null); + } + + public static TestSSLEnginePair create(TestSSLContext c, Hooks hooks, boolean[] finished) + throws IOException { + SSLEngine[] engines = connect(c, hooks, finished); return new TestSSLEnginePair(c, engines[0], engines[1]); } + public static SSLEngine[] connect(TestSSLContext c, Hooks hooks) throws IOException { + return connect(c, hooks, null); + } + /** * Create a new connected server/client engine pair within a * existing SSLContext. Optionally specify clientCipherSuites to @@ -59,11 +68,16 @@ public final class TestSSLEnginePair extends Assert { * cipher suite negotiation. */ public static SSLEngine[] connect(final TestSSLContext c, - Hooks hooks) throws IOException { + Hooks hooks, + boolean finished[]) throws IOException { if (hooks == null) { hooks = new Hooks(); } + // FINISHED state should be returned only once. + boolean[] clientFinished = new boolean[1]; + boolean[] serverFinished = new boolean[1]; + SSLSession session = c.clientContext.createSSLEngine().getSession(); int packetBufferSize = session.getPacketBufferSize(); @@ -93,20 +107,26 @@ public final class TestSSLEnginePair extends Assert { progress |= handshakeCompleted(client, clientToServer, serverToClient, - scratch); + scratch, + clientFinished); } if (!serverDone) { progress |= handshakeCompleted(server, serverToClient, clientToServer, - scratch); + scratch, + serverFinished); } if (!progress) { - // let caller detect the problem, but don't just hang here break; } } + if (finished != null) { + assertEquals(2, finished.length); + finished[0] = clientFinished[0]; + finished[1] = clientFinished[0]; + } return new SSLEngine[] { server, client }; } @@ -119,7 +139,8 @@ public final class TestSSLEnginePair extends Assert { private static boolean handshakeCompleted(SSLEngine engine, ByteBuffer output, ByteBuffer input, - ByteBuffer scratch) throws IOException { + ByteBuffer scratch, + boolean[] finished) throws IOException { try { // make the other side's output into our input input.flip(); @@ -127,7 +148,7 @@ public final class TestSSLEnginePair extends Assert { HandshakeStatus status = engine.getHandshakeStatus(); switch (status) { - case NEED_TASK: + case NEED_TASK: { boolean progress = false; while (true) { Runnable runnable = engine.getDelegatedTask(); @@ -137,8 +158,9 @@ public final class TestSSLEnginePair extends Assert { runnable.run(); progress = true; } + } - case NEED_UNWRAP: + case NEED_UNWRAP: { // avoid underflow if (input.remaining() == 0) { return false; @@ -146,16 +168,20 @@ public final class TestSSLEnginePair extends Assert { SSLEngineResult unwrapResult = engine.unwrap(input, scratch); assertEquals(SSLEngineResult.Status.OK, unwrapResult.getStatus()); assertEquals(0, scratch.position()); + assertFinishedOnce(finished, unwrapResult); return true; + } - case NEED_WRAP: + case NEED_WRAP: { // avoid possible overflow if (output.remaining() != output.capacity()) { return false; } SSLEngineResult wrapResult = engine.wrap(EMPTY_BYTE_BUFFER, output); assertEquals(SSLEngineResult.Status.OK, wrapResult.getStatus()); + assertFinishedOnce(finished, wrapResult); return true; + } case NOT_HANDSHAKING: // should have been checked by caller before calling @@ -170,4 +196,11 @@ public final class TestSSLEnginePair extends Assert { input.compact(); } } + + private static void assertFinishedOnce(boolean[] finishedOut, SSLEngineResult result) { + if (result.getHandshakeStatus() == HandshakeStatus.FINISHED) { + assertFalse("should only return FINISHED once", finishedOut[0]); + finishedOut[0] = true; + } + } } |