libcore/luni/src/test/java/libcore/javax/net/ssl/SSLSessionContextTest.java

   1 /*
   2  * Copyright (C) 2010 The Android Open Source Project
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  *      http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16
  17 package libcore.javax.net.ssl;
  18
  19 import java.util.Arrays;
  20 import java.util.Collections;
  21 import java.util.Enumeration;
  22 import java.util.Iterator;
  23 import java.util.LinkedList;
  24 import javax.net.ssl.SSLSessionContext;
  25 import junit.framework.TestCase;
  26
  27 public class SSLSessionContextTest extends TestCase {
  28
  29     public static final void assertSSLSessionContextSize(int expected, TestSSLContext c) {
  30         assertSSLSessionContextSize(expected,
  31                                     c.clientContext.getClientSessionContext(),
  32                                     c.serverContext.getServerSessionContext());
  33         assertSSLSessionContextSize(0,
  34                                     c.serverContext.getClientSessionContext(),
  35                                     c.clientContext.getServerSessionContext());
  36     }
  37
  38     public static final void assertSSLSessionContextSize(int expected,
  39                                                          SSLSessionContext client,
  40                                                          SSLSessionContext server) {
  41         assertSSLSessionContextSize(expected, client, false);
  42         assertSSLSessionContextSize(expected, server, true);
  43     }
  44
  45     public static final void assertSSLSessionContextSize(int expected,
  46                                                          SSLSessionContext s,
  47                                                          boolean server) {
  48         int size = Collections.list(s.getIds()).size();
  49         if (server && TestSSLContext.sslServerSocketSupportsSessionTickets()) {
  50             assertEquals(0, size);
  51         } else {
  52             assertEquals(expected, size);
  53         }
  54     }
  55
  56     public void test_SSLSessionContext_getIds() {
  57         TestSSLContext c = TestSSLContext.create();
  58         assertSSLSessionContextSize(0, c);
  59
  60         TestSSLSocketPair s = TestSSLSocketPair.create();
  61         assertSSLSessionContextSize(1, s.c);
  62         Enumeration clientIds = s.c.clientContext.getClientSessionContext().getIds();
  63         Enumeration serverIds = s.c.serverContext.getServerSessionContext().getIds();
  64         byte[] clientId = (byte[]) clientIds.nextElement();
  65         assertEquals(32, clientId.length);
  66         if (TestSSLContext.sslServerSocketSupportsSessionTickets()) {
  67             assertFalse(serverIds.hasMoreElements());
  68         } else {
  69             byte[] serverId = (byte[]) serverIds.nextElement();
  70             assertEquals(32, serverId.length);
  71             assertTrue(Arrays.equals(clientId, serverId));
  72         }
  73     }
  74
  75     public void test_SSLSessionContext_getSession() {
  76         TestSSLContext c = TestSSLContext.create();
  77         try {
  78             c.clientContext.getClientSessionContext().getSession(null);
  79             fail();
  80         } catch (NullPointerException expected) {
  81         }
  82         assertNull(c.clientContext.getClientSessionContext().getSession(new byte[0]));
  83         assertNull(c.clientContext.getClientSessionContext().getSession(new byte[1]));
  84         try {
  85             c.serverContext.getServerSessionContext().getSession(null);
  86             fail();
  87         } catch (NullPointerException expected) {
  88         }
  89         assertNull(c.serverContext.getServerSessionContext().getSession(new byte[0]));
  90         assertNull(c.serverContext.getServerSessionContext().getSession(new byte[1]));
  91
  92         TestSSLSocketPair s = TestSSLSocketPair.create();
  93         SSLSessionContext client = s.c.clientContext.getClientSessionContext();
  94         SSLSessionContext server = s.c.serverContext.getServerSessionContext();
  95         byte[] clientId = (byte[]) client.getIds().nextElement();
  96         assertNotNull(client.getSession(clientId));
  97         assertTrue(Arrays.equals(clientId, client.getSession(clientId).getId()));
  98         if (TestSSLContext.sslServerSocketSupportsSessionTickets()) {
  99             assertFalse(server.getIds().hasMoreElements());
 100         } else {
 101             byte[] serverId = (byte[]) server.getIds().nextElement();
 102             assertNotNull(server.getSession(serverId));
 103             assertTrue(Arrays.equals(serverId, server.getSession(serverId).getId()));
 104         }
 105     }
 106
 107     public void test_SSLSessionContext_getSessionCacheSize() {
 108         TestSSLContext c = TestSSLContext.create();
 109         assertEquals(TestSSLContext.EXPECTED_DEFAULT_CLIENT_SSL_SESSION_CACHE_SIZE,
 110                      c.clientContext.getClientSessionContext().getSessionCacheSize());
 111         assertEquals(TestSSLContext.EXPECTED_DEFAULT_SERVER_SSL_SESSION_CACHE_SIZE,
 112                      c.serverContext.getServerSessionContext().getSessionCacheSize());
 113
 114         TestSSLSocketPair s = TestSSLSocketPair.create();
 115         assertEquals(TestSSLContext.EXPECTED_DEFAULT_CLIENT_SSL_SESSION_CACHE_SIZE,
 116                      s.c.clientContext.getClientSessionContext().getSessionCacheSize());
 117         assertEquals(TestSSLContext.EXPECTED_DEFAULT_SERVER_SSL_SESSION_CACHE_SIZE,
 118                      s.c.serverContext.getServerSessionContext().getSessionCacheSize());
 119     }
 120
 121     public void test_SSLSessionContext_setSessionCacheSize_noConnect() {
 122         TestSSLContext c = TestSSLContext.create();
 123         assertNoConnectSetSessionCacheSizeBehavior(
 124                 TestSSLContext.EXPECTED_DEFAULT_CLIENT_SSL_SESSION_CACHE_SIZE,
 125                 c.clientContext.getClientSessionContext());
 126         assertNoConnectSetSessionCacheSizeBehavior(
 127                 TestSSLContext.EXPECTED_DEFAULT_SERVER_SSL_SESSION_CACHE_SIZE,
 128                 c.serverContext.getServerSessionContext());
 129     }
 130
 131     private static void assertNoConnectSetSessionCacheSizeBehavior(int expectedDefault,
 132                                                                    SSLSessionContext s) {
 133         try {
 134             s.setSessionCacheSize(-1);
 135             fail();
 136         } catch (IllegalArgumentException expected) {
 137         }
 138         assertEquals(expectedDefault, s.getSessionCacheSize());
 139         s.setSessionCacheSize(1);
 140         assertEquals(1, s.getSessionCacheSize());
 141     }
 142
 143     public void test_SSLSessionContext_setSessionCacheSize_oneConnect() {
 144         TestSSLSocketPair s = TestSSLSocketPair.create();
 145         SSLSessionContext client = s.c.clientContext.getClientSessionContext();
 146         SSLSessionContext server = s.c.serverContext.getServerSessionContext();
 147         assertEquals(TestSSLContext.EXPECTED_DEFAULT_CLIENT_SSL_SESSION_CACHE_SIZE,
 148                      client.getSessionCacheSize());
 149         assertEquals(TestSSLContext.EXPECTED_DEFAULT_SERVER_SSL_SESSION_CACHE_SIZE,
 150                      server.getSessionCacheSize());
 151         assertSSLSessionContextSize(1, s.c);
 152     }
 153
 154     public void test_SSLSessionContext_setSessionCacheSize_dynamic() {
 155         TestSSLContext c = TestSSLContext.create();
 156         SSLSessionContext client = c.clientContext.getClientSessionContext();
 157         SSLSessionContext server = c.serverContext.getServerSessionContext();
 158
 159         String[] supportedCipherSuites = c.serverSocket.getSupportedCipherSuites();
 160         c.serverSocket.setEnabledCipherSuites(supportedCipherSuites);
 161         LinkedList<String> uniqueCipherSuites
 162             = new LinkedList(Arrays.asList(supportedCipherSuites));
 163         // only use RSA cipher suites which will work with our TrustProvider
 164         Iterator<String> i = uniqueCipherSuites.iterator();
 165         while (i.hasNext()) {
 166             String cipherSuite = i.next();
 167
 168             // Certificate key length too long for export ciphers
 169             if (cipherSuite.startsWith("SSL_RSA_EXPORT_")) {
 170                 i.remove();
 171                 continue;
 172             }
 173
 174             if (cipherSuite.startsWith("SSL_RSA_")) {
 175                 continue;
 176             }
 177             if (cipherSuite.startsWith("TLS_RSA_")) {
 178                 continue;
 179             }
 180             if (cipherSuite.startsWith("TLS_DHE_RSA_")) {
 181                 continue;
 182             }
 183             if (cipherSuite.startsWith("SSL_DHE_RSA_")) {
 184                 continue;
 185             }
 186             i.remove();
 187         }
 188
 189         /*
 190          * having more than 3 uniqueCipherSuites is a test
 191          * requirement, not a requirement of the interface or
 192          * implementation. It simply allows us to make sure that we
 193          * will not get a cached session ID since we'll have to
 194          * renegotiate a new session due to the new cipher suite
 195          * requirement. even this test only really needs three if it
 196          * reused the unique cipher suites every time it resets the
 197          * session cache.
 198          */
 199         assertTrue(uniqueCipherSuites.size() >= 3);
 200         String cipherSuite1 = uniqueCipherSuites.get(0);
 201         String cipherSuite2 = uniqueCipherSuites.get(1);
 202         String cipherSuite3 = uniqueCipherSuites.get(2);
 203
 204         TestSSLSocketPair.connect(c, new String[] { cipherSuite1 }, null);
 205         assertSSLSessionContextSize(1, c);
 206         TestSSLSocketPair.connect(c, new String[] { cipherSuite2 }, null);
 207         assertSSLSessionContextSize(2, c);
 208         TestSSLSocketPair.connect(c, new String[] { cipherSuite3 }, null);
 209         assertSSLSessionContextSize(3, c);
 210
 211         client.setSessionCacheSize(1);
 212         server.setSessionCacheSize(1);
 213         assertEquals(1, client.getSessionCacheSize());
 214         assertEquals(1, server.getSessionCacheSize());
 215         assertSSLSessionContextSize(1, c);
 216         TestSSLSocketPair.connect(c, new String[] { cipherSuite1 }, null);
 217         assertSSLSessionContextSize(1, c);
 218
 219         client.setSessionCacheSize(2);
 220         server.setSessionCacheSize(2);
 221         TestSSLSocketPair.connect(c, new String[] { cipherSuite2 }, null);
 222         assertSSLSessionContextSize(2, c);
 223         TestSSLSocketPair.connect(c, new String[] { cipherSuite3 }, null);
 224         assertSSLSessionContextSize(2, c);
 225     }
 226
 227     public void test_SSLSessionContext_getSessionTimeout() {
 228         TestSSLContext c = TestSSLContext.create();
 229         assertEquals(TestSSLContext.EXPECTED_DEFAULT_SSL_SESSION_CACHE_TIMEOUT,
 230                      c.clientContext.getClientSessionContext().getSessionTimeout());
 231         assertEquals(TestSSLContext.EXPECTED_DEFAULT_SSL_SESSION_CACHE_TIMEOUT,
 232                      c.serverContext.getServerSessionContext().getSessionTimeout());
 233
 234         TestSSLSocketPair s = TestSSLSocketPair.create();
 235         assertEquals(TestSSLContext.EXPECTED_DEFAULT_SSL_SESSION_CACHE_TIMEOUT,
 236                      s.c.clientContext.getClientSessionContext().getSessionTimeout());
 237         assertEquals(TestSSLContext.EXPECTED_DEFAULT_SSL_SESSION_CACHE_TIMEOUT,
 238                      s.c.serverContext.getServerSessionContext().getSessionTimeout());
 239     }
 240
 241     public void test_SSLSessionContext_setSessionTimeout() throws Exception {
 242         TestSSLContext c = TestSSLContext.create();
 243         assertEquals(TestSSLContext.EXPECTED_DEFAULT_SSL_SESSION_CACHE_TIMEOUT,
 244                      c.clientContext.getClientSessionContext().getSessionTimeout());
 245         assertEquals(TestSSLContext.EXPECTED_DEFAULT_SSL_SESSION_CACHE_TIMEOUT,
 246                      c.serverContext.getServerSessionContext().getSessionTimeout());
 247         c.clientContext.getClientSessionContext().setSessionTimeout(0);
 248         c.serverContext.getServerSessionContext().setSessionTimeout(0);
 249         assertEquals(0, c.clientContext.getClientSessionContext().getSessionTimeout());
 250         assertEquals(0, c.serverContext.getServerSessionContext().getSessionTimeout());
 251
 252         try {
 253             c.clientContext.getClientSessionContext().setSessionTimeout(-1);
 254             fail();
 255         } catch (IllegalArgumentException expected) {
 256         }
 257         try {
 258             c.serverContext.getServerSessionContext().setSessionTimeout(-1);
 259             fail();
 260         } catch (IllegalArgumentException expected) {
 261         }
 262
 263         TestSSLSocketPair s = TestSSLSocketPair.create();
 264         assertSSLSessionContextSize(1, s.c);
 265         Thread.sleep(1 * 1000);
 266         s.c.clientContext.getClientSessionContext().setSessionTimeout(1);
 267         s.c.serverContext.getServerSessionContext().setSessionTimeout(1);
 268         assertSSLSessionContextSize(0, s.c);
 269     }
 270 }