diff options
Diffstat (limited to 'luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java')
-rw-r--r-- | luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java | 269 |
1 files changed, 172 insertions, 97 deletions
diff --git a/luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java b/luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java index c8df4ab..303c234 100644 --- a/luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java +++ b/luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java @@ -21,10 +21,14 @@ import java.io.IOException; import java.net.ServerSocket; import java.net.Socket; import java.net.SocketTimeoutException; +import java.security.KeyPair; +import java.security.KeyPairGenerator; import java.security.KeyStore; import java.security.KeyStore.PrivateKeyEntry; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; +import java.security.interfaces.RSAPrivateCrtKey; +import java.security.interfaces.RSAPrivateKey; import java.util.ArrayList; import java.util.Arrays; import java.util.List; @@ -38,6 +42,7 @@ import javax.net.ssl.SSLException; import javax.net.ssl.SSLProtocolException; import javax.security.auth.x500.X500Principal; import junit.framework.TestCase; +import libcore.io.IoUtils; import libcore.java.security.StandardNames; import libcore.java.security.TestKeyStore; import org.apache.harmony.xnet.provider.jsse.NativeCrypto.SSLHandshakeCallbacks; @@ -47,7 +52,8 @@ public class NativeCryptoTest extends TestCase { private static final int NULL = 0; private static final FileDescriptor INVALID_FD = new FileDescriptor(); - private static final SSLHandshakeCallbacks DUMMY_CB = new TestSSLHandshakeCallbacks(-1, null); + private static final SSLHandshakeCallbacks DUMMY_CB + = new TestSSLHandshakeCallbacks(null, 0, null); private static final long TIMEOUT_SECONDS = 5; @@ -131,6 +137,87 @@ public class NativeCryptoTest extends TestCase { assertEquals(Arrays.deepToString(expected), Arrays.deepToString(actual)); } + public void test_EVP_PKEY_cmp() throws Exception { + try { + NativeCrypto.EVP_PKEY_cmp(NULL, NULL); + fail("Should throw NullPointerException when arguments are NULL"); + } catch (NullPointerException expected) { + } + + KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA"); + kpg.initialize(512); + + KeyPair kp1 = kpg.generateKeyPair(); + RSAPrivateCrtKey privKey1 = (RSAPrivateCrtKey) kp1.getPrivate(); + + KeyPair kp2 = kpg.generateKeyPair(); + RSAPrivateCrtKey privKey2 = (RSAPrivateCrtKey) kp2.getPrivate(); + + int pkey1 = 0, pkey1_copy = 0, pkey2 = 0; + try { + pkey1 = NativeCrypto.EVP_PKEY_new_RSA(privKey1.getModulus().toByteArray(), + privKey1.getPublicExponent().toByteArray(), + privKey1.getPrivateExponent().toByteArray(), + privKey1.getPrimeP().toByteArray(), + privKey1.getPrimeQ().toByteArray(), + privKey1.getPrimeExponentP().toByteArray(), + privKey1.getPrimeExponentQ().toByteArray(), + privKey1.getCrtCoefficient().toByteArray()); + assertNotSame(NULL, pkey1); + + pkey1_copy = NativeCrypto.EVP_PKEY_new_RSA(privKey1.getModulus().toByteArray(), + privKey1.getPublicExponent().toByteArray(), + privKey1.getPrivateExponent().toByteArray(), + privKey1.getPrimeP().toByteArray(), + privKey1.getPrimeQ().toByteArray(), + privKey1.getPrimeExponentP().toByteArray(), + privKey1.getPrimeExponentQ().toByteArray(), + privKey1.getCrtCoefficient().toByteArray()); + assertNotSame(NULL, pkey1_copy); + + pkey2 = NativeCrypto.EVP_PKEY_new_RSA(privKey2.getModulus().toByteArray(), + privKey2.getPublicExponent().toByteArray(), + privKey2.getPrivateExponent().toByteArray(), + privKey2.getPrimeP().toByteArray(), + privKey2.getPrimeQ().toByteArray(), + privKey2.getPrimeExponentP().toByteArray(), + privKey2.getPrimeExponentQ().toByteArray(), + privKey2.getCrtCoefficient().toByteArray()); + assertNotSame(NULL, pkey2); + + try { + NativeCrypto.EVP_PKEY_cmp(pkey1, NULL); + fail("Should throw NullPointerException when arguments are NULL"); + } catch (NullPointerException expected) { + } + + try { + NativeCrypto.EVP_PKEY_cmp(NULL, pkey1); + fail("Should throw NullPointerException when arguments are NULL"); + } catch (NullPointerException expected) { + } + + assertEquals("Same keys should be the equal", 1, + NativeCrypto.EVP_PKEY_cmp(pkey1, pkey1)); + + assertEquals("Same keys should be the equal", 1, + NativeCrypto.EVP_PKEY_cmp(pkey1, pkey1_copy)); + + assertEquals("Different keys should not be equal", 0, + NativeCrypto.EVP_PKEY_cmp(pkey1, pkey2)); + } finally { + if (pkey1 != 0) { + NativeCrypto.EVP_PKEY_free(pkey1); + } + if (pkey1_copy != 0) { + NativeCrypto.EVP_PKEY_free(pkey1_copy); + } + if (pkey2 != 0) { + NativeCrypto.EVP_PKEY_free(pkey2); + } + } + } + public void test_SSL_CTX_new() throws Exception { int c = NativeCrypto.SSL_CTX_new(); assertTrue(c != NULL); @@ -490,11 +577,14 @@ public class NativeCryptoTest extends TestCase { } public static class TestSSLHandshakeCallbacks implements SSLHandshakeCallbacks { + private final Socket socket; private final int sslNativePointer; private final Hooks hooks; - public TestSSLHandshakeCallbacks(int sslNativePointer, + public TestSSLHandshakeCallbacks(Socket socket, + int sslNativePointer, Hooks hooks) { + this.socket = socket; this.sslNativePointer = sslNativePointer; this.hooks = hooks; } @@ -546,6 +636,10 @@ public class NativeCryptoTest extends TestCase { } this.handshakeCompletedCalled = true; } + + public Socket getSocket() { + return socket; + } } public static class ServerHooks extends Hooks { @@ -577,18 +671,19 @@ public class NativeCryptoTest extends TestCase { ExecutorService executor = Executors.newSingleThreadExecutor(); Future<TestSSLHandshakeCallbacks> future = executor.submit( new Callable<TestSSLHandshakeCallbacks>() { - public TestSSLHandshakeCallbacks call() throws Exception { + @Override public TestSSLHandshakeCallbacks call() throws Exception { Socket socket = (client ? new Socket(listener.getInetAddress(), listener.getLocalPort()) : listener.accept()); if (timeout == -1) { - return null; + return new TestSSLHandshakeCallbacks(socket, 0, null); } FileDescriptor fd = socket.getFileDescriptor$(); int c = hooks.getContext(); int s = hooks.beforeHandshake(c); - TestSSLHandshakeCallbacks callback = new TestSSLHandshakeCallbacks(s, hooks); + TestSSLHandshakeCallbacks callback + = new TestSSLHandshakeCallbacks(socket, s, hooks); if (DEBUG) { System.out.println("ssl=0x" + Integer.toString(s, 16) + " handshake" @@ -598,14 +693,19 @@ public class NativeCryptoTest extends TestCase { + " timeout=" + timeout + " client=" + client); } - int session = NativeCrypto.SSL_do_handshake(s, fd, callback, timeout, client, - npnProtocols); - if (DEBUG) { - System.out.println("ssl=0x" + Integer.toString(s, 16) - + " handshake" - + " session=0x" + Integer.toString(session, 16)); + int session = NULL; + try { + session = NativeCrypto.SSL_do_handshake(s, fd, callback, timeout, client, + npnProtocols); + if (DEBUG) { + System.out.println("ssl=0x" + Integer.toString(s, 16) + + " handshake" + + " session=0x" + Integer.toString(session, 16)); + } + } finally { + // Ensure afterHandshake is called to free resources + hooks.afterHandshake(session, s, c, socket, fd, callback); } - hooks.afterHandshake(session, s, c, socket, fd, callback); return callback; } }); @@ -777,17 +877,21 @@ public class NativeCryptoTest extends TestCase { Socket sock, FileDescriptor fd, SSLHandshakeCallbacks callback) throws Exception { - NativeCrypto.SSL_set_verify(s, NativeCrypto.SSL_VERIFY_PEER); - NativeCrypto.SSL_set_options( - s, NativeCrypto.SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION); - NativeCrypto.SSL_renegotiate(s); - NativeCrypto.SSL_write(s, fd, callback, new byte[] { 42 }, 0, 1); - super.afterHandshake(session, s, c, sock, fd, callback); + try { + NativeCrypto.SSL_set_verify(s, NativeCrypto.SSL_VERIFY_PEER); + NativeCrypto.SSL_set_options( + s, NativeCrypto.SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION); + NativeCrypto.SSL_renegotiate(s); + NativeCrypto.SSL_write(s, fd, callback, new byte[] { 42 }, 0, 1, + (int) ((TIMEOUT_SECONDS * 1000) / 2)); + } catch (IOException expected) { + } finally { + super.afterHandshake(session, s, c, sock, fd, callback); + } } }; Future<TestSSLHandshakeCallbacks> client = handshake(listener, 0, true, cHooks, null); Future<TestSSLHandshakeCallbacks> server = handshake(listener, 0, false, sHooks, null); - server.get(TIMEOUT_SECONDS, TimeUnit.SECONDS); try { client.get(TIMEOUT_SECONDS, TimeUnit.SECONDS); } catch (ExecutionException e) { @@ -795,35 +899,49 @@ public class NativeCryptoTest extends TestCase { throw e; } } + server.get(TIMEOUT_SECONDS, TimeUnit.SECONDS); } public void test_SSL_do_handshake_client_timeout() throws Exception { // client timeout final ServerSocket listener = new ServerSocket(0); + Socket serverSocket = null; try { Hooks cHooks = new Hooks(); Hooks sHooks = new ServerHooks(getServerPrivateKey(), getServerCertificates()); Future<TestSSLHandshakeCallbacks> client = handshake(listener, 1, true, cHooks, null); Future<TestSSLHandshakeCallbacks> server = handshake(listener, -1, false, sHooks, null); + serverSocket = server.get(TIMEOUT_SECONDS, TimeUnit.SECONDS).getSocket(); client.get(TIMEOUT_SECONDS, TimeUnit.SECONDS); fail(); } catch (ExecutionException expected) { + if (SocketTimeoutException.class != expected.getCause().getClass()) { + expected.printStackTrace(); + } assertEquals(SocketTimeoutException.class, expected.getCause().getClass()); + } finally { + // Manually close peer socket when testing timeout + IoUtils.closeQuietly(serverSocket); } } public void test_SSL_do_handshake_server_timeout() throws Exception { // server timeout final ServerSocket listener = new ServerSocket(0); + Socket clientSocket = null; try { Hooks cHooks = new Hooks(); Hooks sHooks = new ServerHooks(getServerPrivateKey(), getServerCertificates()); Future<TestSSLHandshakeCallbacks> client = handshake(listener, -1, true, cHooks, null); Future<TestSSLHandshakeCallbacks> server = handshake(listener, 1, false, sHooks, null); + clientSocket = client.get(TIMEOUT_SECONDS, TimeUnit.SECONDS).getSocket(); server.get(TIMEOUT_SECONDS, TimeUnit.SECONDS); fail(); } catch (ExecutionException expected) { assertEquals(SocketTimeoutException.class, expected.getCause().getClass()); + } finally { + // Manually close peer socket when testing timeout + IoUtils.closeQuietly(clientSocket); } } @@ -1150,7 +1268,7 @@ public class NativeCryptoTest extends TestCase { SSLHandshakeCallbacks callback) throws Exception { NativeCrypto.SSL_renegotiate(s); - NativeCrypto.SSL_write(s, fd, callback, new byte[] { 42 }, 0, 1); + NativeCrypto.SSL_write(s, fd, callback, new byte[] { 42 }, 0, 1, 0); super.afterHandshake(session, s, c, sock, fd, callback); } }; @@ -1317,7 +1435,7 @@ public class NativeCryptoTest extends TestCase { Socket sock, FileDescriptor fd, SSLHandshakeCallbacks callback) throws Exception { - NativeCrypto.SSL_write(s, fd, callback, BYTES, 0, BYTES.length); + NativeCrypto.SSL_write(s, fd, callback, BYTES, 0, BYTES.length, 0); super.afterHandshake(session, s, c, sock, fd, callback); } }; @@ -1360,7 +1478,7 @@ public class NativeCryptoTest extends TestCase { public void test_SSL_write() throws Exception { try { - NativeCrypto.SSL_write(NULL, null, null, null, 0, 0); + NativeCrypto.SSL_write(NULL, null, null, null, 0, 0, 0); fail(); } catch (NullPointerException expected) { } @@ -1370,7 +1488,7 @@ public class NativeCryptoTest extends TestCase { int c = NativeCrypto.SSL_CTX_new(); int s = NativeCrypto.SSL_new(c); try { - NativeCrypto.SSL_write(s, null, DUMMY_CB, null, 0, 1); + NativeCrypto.SSL_write(s, null, DUMMY_CB, null, 0, 1, 0); fail(); } catch (NullPointerException expected) { } @@ -1383,7 +1501,7 @@ public class NativeCryptoTest extends TestCase { int c = NativeCrypto.SSL_CTX_new(); int s = NativeCrypto.SSL_new(c); try { - NativeCrypto.SSL_write(s, INVALID_FD, null, null, 0, 1); + NativeCrypto.SSL_write(s, INVALID_FD, null, null, 0, 1, 0); fail(); } catch (NullPointerException expected) { } @@ -1396,7 +1514,7 @@ public class NativeCryptoTest extends TestCase { int c = NativeCrypto.SSL_CTX_new(); int s = NativeCrypto.SSL_new(c); try { - NativeCrypto.SSL_write(s, INVALID_FD, DUMMY_CB, null, 0, 1); + NativeCrypto.SSL_write(s, INVALID_FD, DUMMY_CB, null, 0, 1, 0); fail(); } catch (NullPointerException expected) { } @@ -1409,7 +1527,7 @@ public class NativeCryptoTest extends TestCase { int c = NativeCrypto.SSL_CTX_new(); int s = NativeCrypto.SSL_new(c); try { - NativeCrypto.SSL_write(s, INVALID_FD, DUMMY_CB, new byte[1], 0, 1); + NativeCrypto.SSL_write(s, INVALID_FD, DUMMY_CB, new byte[1], 0, 1, 0); fail(); } catch (SSLException expected) { } @@ -1628,76 +1746,6 @@ public class NativeCryptoTest extends TestCase { server.get(TIMEOUT_SECONDS, TimeUnit.SECONDS); } - public void test_SSL_SESSION_compress_meth_null() throws Exception { - try { - NativeCrypto.SSL_SESSION_compress_meth(NULL, NULL); - fail(); - } catch (NullPointerException expected) { - } - - { - int c = NativeCrypto.SSL_CTX_new(); - try { - NativeCrypto.SSL_SESSION_compress_meth(c, NULL); - } catch (NullPointerException expected) { - } - NativeCrypto.SSL_CTX_free(c); - } - } - - public void test_SSL_SESSION_compress_meth_NULL() throws Exception { - final ServerSocket listener = new ServerSocket(0); - - Hooks cHooks = new Hooks() { - @Override - public void afterHandshake(int session, int s, int c, - Socket sock, FileDescriptor fd, - SSLHandshakeCallbacks callback) - throws Exception { - assertEquals("NULL", NativeCrypto.SSL_SESSION_compress_meth(c, session)); - super.afterHandshake(session, s, c, sock, fd, callback); - } - }; - Hooks sHooks = new ServerHooks(getServerPrivateKey(), getServerCertificates()); - Future<TestSSLHandshakeCallbacks> client = handshake(listener, 0, true, cHooks, null); - Future<TestSSLHandshakeCallbacks> server = handshake(listener, 0, false, sHooks, null); - client.get(TIMEOUT_SECONDS, TimeUnit.SECONDS); - server.get(TIMEOUT_SECONDS, TimeUnit.SECONDS); - } - - public void test_SSL_SESSION_compress_meth_ZLIB() throws Exception { - final ServerSocket listener = new ServerSocket(0); - - Hooks cHooks = new Hooks() { - @Override - public int beforeHandshake(int c) throws SSLException { - int s = super.beforeHandshake(c); - NativeCrypto.SSL_clear_options(s, NativeCrypto.SSL_OP_NO_COMPRESSION); - return s; - } - @Override - public void afterHandshake(int session, int s, int c, - Socket sock, FileDescriptor fd, - SSLHandshakeCallbacks callback) - throws Exception { - assertEquals("ZLIB", NativeCrypto.SSL_SESSION_compress_meth(c, session)); - super.afterHandshake(session, s, c, sock, fd, callback); - } - }; - Hooks sHooks = new ServerHooks(getServerPrivateKey(), getServerCertificates()) { - @Override - public int beforeHandshake(int c) throws SSLException { - int s = super.beforeHandshake(c); - NativeCrypto.SSL_clear_options(s, NativeCrypto.SSL_OP_NO_COMPRESSION); - return s; - } - }; - Future<TestSSLHandshakeCallbacks> client = handshake(listener, 0, true, cHooks, null); - Future<TestSSLHandshakeCallbacks> server = handshake(listener, 0, false, sHooks, null); - client.get(TIMEOUT_SECONDS, TimeUnit.SECONDS); - server.get(TIMEOUT_SECONDS, TimeUnit.SECONDS); - } - public void test_SSL_SESSION_free() throws Exception { try { NativeCrypto.SSL_SESSION_free(NULL); @@ -1728,6 +1776,12 @@ public class NativeCryptoTest extends TestCase { assertNotNull(b); int session2 = NativeCrypto.d2i_SSL_SESSION(b); assertTrue(session2 != NULL); + + // Make sure d2i_SSL_SESSION retores SSL_SESSION_cipher value http://b/7091840 + assertTrue(NativeCrypto.SSL_SESSION_cipher(session2) != null); + assertEquals(NativeCrypto.SSL_SESSION_cipher(session), + NativeCrypto.SSL_SESSION_cipher(session2)); + NativeCrypto.SSL_SESSION_free(session2); super.afterHandshake(session, s, c, sock, fd, callback); } @@ -1749,7 +1803,7 @@ public class NativeCryptoTest extends TestCase { assertEquals(NULL, NativeCrypto.d2i_SSL_SESSION(new byte[0])); assertEquals(NULL, NativeCrypto.d2i_SSL_SESSION(new byte[1])); - // positively testing by test_i2d_SSL_SESSION + // positive testing by test_i2d_SSL_SESSION } public void test_X509_NAME_hashes() { @@ -1771,4 +1825,25 @@ public class NativeCryptoTest extends TestCase { // Success } } + + public void test_RAND_bytes_Success() throws Exception { + byte[] output = new byte[32]; + NativeCrypto.RAND_bytes(output); + + boolean isZero = true; + for (int i = 0; i < output.length; i++) { + isZero &= (output[i] == 0); + } + + assertFalse("Random output was zero. This is a very low probability event " + + "and probably indicates an error.", isZero); + } + + public void test_RAND_bytes_Null_Failure() throws Exception { + byte[] output = null; + try { + NativeCrypto.RAND_bytes(output); + fail("Should be an error on null buffer input"); + } catch (RuntimeException success) { } + } } |