782740701db73dd2dc4fef9df8cde270b0e631a4 |
|
18-Nov-2014 |
Alex Klyubin <klyubin@google.com> |
Fix SSLContextTest.test_SSLContext_defaultConfiguration failure This test was failing because it assumed that all SSLContext instances have the same set of TLS protocol versions enabled. The fix refactored SSLDefaultConfigurationAsserts class into SSLConfigurationAsserts class. The main difference is that the new class has wider scope: it can assert that (1) the default configuration of TLS/SSL primitives is as expected -- exactly what the old SSLDefaultConfigurationAsserts class offered, and (2) that TLS/SSL primitives are configured the same as a provided SSLContext. Assertions about the default configuration of primitives other than SSLContext are now implemented by asserting that these primitives are configured exactly like the default SSLContext. Change-Id: I52d6514768c4053054df2cf79e7182d8fd87bfe2
|
ee109f62e99f43bcf8b78c857af430be9cf02985 |
|
19-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
Assert that setEnabledProtocols/CipherSuites copy their inputs. SSLSocket, SSLServerSocket, and SSLEngine offer setEnabledProtocols and setEnabledCipherSuites methods which take an array of protocols or cipher suites as input. If these methods store references to the input arrays, then the internal state (lists of enabled protocols and cipher suites) of SSLSocket, SSLServerSocket, and SSLEngine could be modified without going through the setter methods of these classes. Correct implementations of these methods should store copies of the input arrays. Bug: 15753142 Change-Id: Ia5248050d81320ed1da99892278bd60872605f52
|
358552b505a8985ec9ed3691d0a6d590b60d620f |
|
25-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Assert that getEnabledCipherSuites/Protocols is affected by setters. Change-Id: I806cfd4fd7f8be39c9bfcce956f6c2804e917c26
|
f605c6822da13b32cd3643415a707882b62a3e91 |
|
06-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Higher-level default configuration asserts for TLS/SSL primitives. This adds SSLDefaultConfigurationAsserts class that offers higher-level checks for each TLS/SSL primitive. The goals are: * check not only the cipher suites and protocols configured but also the configuration of child primitives (e.g, configuration of SSLSockets returned by SSLSocketFactory, or configuration of SSLSocketFactory returned by SSLContext). * hide the upcoming target API level dependent configuration checks from test classes. Bug: 11220570 Change-Id: Iec1476a1b2d132c984413754129adfcb671885fb
|
f13911b39126ffae49737dadc74332b3a84e0d19 |
|
04-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Exact asserts for TLS/SSL protocols used by default. Previously, assertions about the list of protocols used by default by TLS/SSL primitives were checking that all of the protocols are supported, but were not checking that the list was exactly as expected. This CL adjusts the assertions to check that all of the expected protocols are listed and that no other protocols are listed. Three assert methods are added, corresponding to the three concentually different lists: client-side (e.g., SSLSocket), server-side (SSLServerSocket), and SSLEngine which currently does not switch lists based on whether it's in client or server mode. Bug: 11220570 Change-Id: Ib6b56c2372d76f94f254481aa01d29d2d03a085f
|
befd74b622281de69f9f72ed1a046b9b899d85eb |
|
01-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Test the default config of SSLServerSocket(Factory). Bug: 11220570 Change-Id: If3025296c50f794dbba7ffef499e82f49f7da42b
|