1ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom/* 2ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom * Copyright (C) 2010 The Android Open Source Project 3ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom * 4ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom * Licensed under the Apache License, Version 2.0 (the "License"); 5ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom * you may not use this file except in compliance with the License. 6ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom * You may obtain a copy of the License at 7ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom * 8ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom * http://www.apache.org/licenses/LICENSE-2.0 9ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom * 10ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom * Unless required by applicable law or agreed to in writing, software 11ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom * distributed under the License is distributed on an "AS IS" BASIS, 12ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom * See the License for the specific language governing permissions and 14ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom * limitations under the License. 15ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom */ 16ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom 174557728efb66c455a52b7669a8eefef7a9e54854Jesse Wilsonpackage libcore.javax.net.ssl; 18ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom 19f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstromimport java.util.ArrayList; 20ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstromimport java.util.Arrays; 21ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstromimport java.util.Collections; 22ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstromimport java.util.Enumeration; 23ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstromimport java.util.Iterator; 24ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstromimport java.util.LinkedList; 25f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstromimport java.util.List; 264557728efb66c455a52b7669a8eefef7a9e54854Jesse Wilsonimport javax.net.ssl.SSLSessionContext; 27f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstromimport javax.net.ssl.SSLSocket; 28ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstromimport junit.framework.TestCase; 29ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom 30ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrompublic class SSLSessionContextTest extends TestCase { 31ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom 32059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom public static final void assertSSLSessionContextSize(int expected, TestSSLContext c) { 33204cab3c22b4d75c866c95e2d2eec42e14cbd924Brian Carlstrom assertSSLSessionContextSize(expected, 34059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom c.clientContext.getClientSessionContext(), 35059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom c.serverContext.getServerSessionContext()); 36059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom assertSSLSessionContextSize(0, 37059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom c.serverContext.getClientSessionContext(), 38059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom c.clientContext.getServerSessionContext()); 399acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom } 409acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom 41204cab3c22b4d75c866c95e2d2eec42e14cbd924Brian Carlstrom public static final void assertSSLSessionContextSize(int expected, 42204cab3c22b4d75c866c95e2d2eec42e14cbd924Brian Carlstrom SSLSessionContext client, 439acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom SSLSessionContext server) { 449acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom assertSSLSessionContextSize(expected, client, false); 459acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom assertSSLSessionContextSize(expected, server, true); 469acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom } 479acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom 48e9505132a9a878aa77b0fb40a40dd55c9e6affe7Brian Carlstrom public static final void assertSSLSessionContextSize(int expected, 49e9505132a9a878aa77b0fb40a40dd55c9e6affe7Brian Carlstrom SSLSessionContext s, 50e9505132a9a878aa77b0fb40a40dd55c9e6affe7Brian Carlstrom boolean server) { 519acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom int size = Collections.list(s.getIds()).size(); 529acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom if (server && TestSSLContext.sslServerSocketSupportsSessionTickets()) { 539acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom assertEquals(0, size); 549acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom } else { 559acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom assertEquals(expected, size); 569acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom } 57ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom } 58ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom 59ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom public void test_SSLSessionContext_getIds() { 60bcfb325d5b1f9529b439cc0805a1c140521510f7Brian Carlstrom TestSSLContext c = TestSSLContext.create(); 61059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom assertSSLSessionContextSize(0, c); 62f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstrom c.close(); 63ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom 6417c744222e249ed5f7ab36e49ed11f9bb062a302Brian Carlstrom TestSSLSocketPair s = TestSSLSocketPair.create(); 65059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom assertSSLSessionContextSize(1, s.c); 66059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom Enumeration clientIds = s.c.clientContext.getClientSessionContext().getIds(); 67059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom Enumeration serverIds = s.c.serverContext.getServerSessionContext().getIds(); 688ee2e66dc0ef38f4fbdf0fd649abc6e47876c9afBrian Carlstrom byte[] clientId = (byte[]) clientIds.nextElement(); 69ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom assertEquals(32, clientId.length); 70bcfb325d5b1f9529b439cc0805a1c140521510f7Brian Carlstrom if (TestSSLContext.sslServerSocketSupportsSessionTickets()) { 71bcfb325d5b1f9529b439cc0805a1c140521510f7Brian Carlstrom assertFalse(serverIds.hasMoreElements()); 72bcfb325d5b1f9529b439cc0805a1c140521510f7Brian Carlstrom } else { 73bcfb325d5b1f9529b439cc0805a1c140521510f7Brian Carlstrom byte[] serverId = (byte[]) serverIds.nextElement(); 74bcfb325d5b1f9529b439cc0805a1c140521510f7Brian Carlstrom assertEquals(32, serverId.length); 75bcfb325d5b1f9529b439cc0805a1c140521510f7Brian Carlstrom assertTrue(Arrays.equals(clientId, serverId)); 76bcfb325d5b1f9529b439cc0805a1c140521510f7Brian Carlstrom } 77f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstrom s.close(); 78ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom } 79ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom 80ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom public void test_SSLSessionContext_getSession() { 81bcfb325d5b1f9529b439cc0805a1c140521510f7Brian Carlstrom TestSSLContext c = TestSSLContext.create(); 82ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom try { 83059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom c.clientContext.getClientSessionContext().getSession(null); 84ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom fail(); 85e9505132a9a878aa77b0fb40a40dd55c9e6affe7Brian Carlstrom } catch (NullPointerException expected) { 86ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom } 87059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom assertNull(c.clientContext.getClientSessionContext().getSession(new byte[0])); 88059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom assertNull(c.clientContext.getClientSessionContext().getSession(new byte[1])); 890af0a7959d838c48e6b4e8dc9ac188ff6bbb6a87Brian Carlstrom try { 90059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom c.serverContext.getServerSessionContext().getSession(null); 910af0a7959d838c48e6b4e8dc9ac188ff6bbb6a87Brian Carlstrom fail(); 92e9505132a9a878aa77b0fb40a40dd55c9e6affe7Brian Carlstrom } catch (NullPointerException expected) { 930af0a7959d838c48e6b4e8dc9ac188ff6bbb6a87Brian Carlstrom } 94059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom assertNull(c.serverContext.getServerSessionContext().getSession(new byte[0])); 95059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom assertNull(c.serverContext.getServerSessionContext().getSession(new byte[1])); 96f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstrom c.close(); 97ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom 9817c744222e249ed5f7ab36e49ed11f9bb062a302Brian Carlstrom TestSSLSocketPair s = TestSSLSocketPair.create(); 99059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom SSLSessionContext client = s.c.clientContext.getClientSessionContext(); 100059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom SSLSessionContext server = s.c.serverContext.getServerSessionContext(); 1018ee2e66dc0ef38f4fbdf0fd649abc6e47876c9afBrian Carlstrom byte[] clientId = (byte[]) client.getIds().nextElement(); 102ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom assertNotNull(client.getSession(clientId)); 103cac49819d66d7928fe524ccd3eb93590120d9d30Brian Carlstrom assertTrue(Arrays.equals(clientId, client.getSession(clientId).getId())); 1040af0a7959d838c48e6b4e8dc9ac188ff6bbb6a87Brian Carlstrom if (TestSSLContext.sslServerSocketSupportsSessionTickets()) { 1050af0a7959d838c48e6b4e8dc9ac188ff6bbb6a87Brian Carlstrom assertFalse(server.getIds().hasMoreElements()); 1060af0a7959d838c48e6b4e8dc9ac188ff6bbb6a87Brian Carlstrom } else { 1070af0a7959d838c48e6b4e8dc9ac188ff6bbb6a87Brian Carlstrom byte[] serverId = (byte[]) server.getIds().nextElement(); 1080af0a7959d838c48e6b4e8dc9ac188ff6bbb6a87Brian Carlstrom assertNotNull(server.getSession(serverId)); 1090af0a7959d838c48e6b4e8dc9ac188ff6bbb6a87Brian Carlstrom assertTrue(Arrays.equals(serverId, server.getSession(serverId).getId())); 1100af0a7959d838c48e6b4e8dc9ac188ff6bbb6a87Brian Carlstrom } 111f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstrom s.close(); 112ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom } 113ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom 114ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom public void test_SSLSessionContext_getSessionCacheSize() { 115bcfb325d5b1f9529b439cc0805a1c140521510f7Brian Carlstrom TestSSLContext c = TestSSLContext.create(); 116f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes assertEquals(TestSSLContext.EXPECTED_DEFAULT_CLIENT_SSL_SESSION_CACHE_SIZE, 117059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom c.clientContext.getClientSessionContext().getSessionCacheSize()); 118f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes assertEquals(TestSSLContext.EXPECTED_DEFAULT_SERVER_SSL_SESSION_CACHE_SIZE, 119059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom c.serverContext.getServerSessionContext().getSessionCacheSize()); 120f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstrom c.close(); 121ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom 12217c744222e249ed5f7ab36e49ed11f9bb062a302Brian Carlstrom TestSSLSocketPair s = TestSSLSocketPair.create(); 123f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes assertEquals(TestSSLContext.EXPECTED_DEFAULT_CLIENT_SSL_SESSION_CACHE_SIZE, 124059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom s.c.clientContext.getClientSessionContext().getSessionCacheSize()); 125f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes assertEquals(TestSSLContext.EXPECTED_DEFAULT_SERVER_SSL_SESSION_CACHE_SIZE, 126059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom s.c.serverContext.getServerSessionContext().getSessionCacheSize()); 127f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstrom s.close(); 128ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom } 129ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom 1309acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom public void test_SSLSessionContext_setSessionCacheSize_noConnect() { 131bcfb325d5b1f9529b439cc0805a1c140521510f7Brian Carlstrom TestSSLContext c = TestSSLContext.create(); 132e9505132a9a878aa77b0fb40a40dd55c9e6affe7Brian Carlstrom assertNoConnectSetSessionCacheSizeBehavior( 133e9505132a9a878aa77b0fb40a40dd55c9e6affe7Brian Carlstrom TestSSLContext.EXPECTED_DEFAULT_CLIENT_SSL_SESSION_CACHE_SIZE, 134059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom c.clientContext.getClientSessionContext()); 135e9505132a9a878aa77b0fb40a40dd55c9e6affe7Brian Carlstrom assertNoConnectSetSessionCacheSizeBehavior( 136e9505132a9a878aa77b0fb40a40dd55c9e6affe7Brian Carlstrom TestSSLContext.EXPECTED_DEFAULT_SERVER_SSL_SESSION_CACHE_SIZE, 137059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom c.serverContext.getServerSessionContext()); 138f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstrom c.close(); 139ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom } 140ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom 141e9505132a9a878aa77b0fb40a40dd55c9e6affe7Brian Carlstrom private static void assertNoConnectSetSessionCacheSizeBehavior(int expectedDefault, 142e9505132a9a878aa77b0fb40a40dd55c9e6affe7Brian Carlstrom SSLSessionContext s) { 143ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom try { 144ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom s.setSessionCacheSize(-1); 145ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom fail(); 146e9505132a9a878aa77b0fb40a40dd55c9e6affe7Brian Carlstrom } catch (IllegalArgumentException expected) { 147ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom } 1480af0a7959d838c48e6b4e8dc9ac188ff6bbb6a87Brian Carlstrom assertEquals(expectedDefault, s.getSessionCacheSize()); 149ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom s.setSessionCacheSize(1); 150ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom assertEquals(1, s.getSessionCacheSize()); 151ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom } 152ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom 1539acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom public void test_SSLSessionContext_setSessionCacheSize_oneConnect() { 15417c744222e249ed5f7ab36e49ed11f9bb062a302Brian Carlstrom TestSSLSocketPair s = TestSSLSocketPair.create(); 155059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom SSLSessionContext client = s.c.clientContext.getClientSessionContext(); 156059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom SSLSessionContext server = s.c.serverContext.getServerSessionContext(); 157f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes assertEquals(TestSSLContext.EXPECTED_DEFAULT_CLIENT_SSL_SESSION_CACHE_SIZE, 1580af0a7959d838c48e6b4e8dc9ac188ff6bbb6a87Brian Carlstrom client.getSessionCacheSize()); 159f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes assertEquals(TestSSLContext.EXPECTED_DEFAULT_SERVER_SSL_SESSION_CACHE_SIZE, 1600af0a7959d838c48e6b4e8dc9ac188ff6bbb6a87Brian Carlstrom server.getSessionCacheSize()); 161059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom assertSSLSessionContextSize(1, s.c); 162f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstrom s.close(); 1639acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom } 164ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom 165f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstrom public void test_SSLSessionContext_setSessionCacheSize_dynamic() throws Exception { 1669acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom TestSSLContext c = TestSSLContext.create(); 167059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom SSLSessionContext client = c.clientContext.getClientSessionContext(); 168059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom SSLSessionContext server = c.serverContext.getServerSessionContext(); 169ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom 1709acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom String[] supportedCipherSuites = c.serverSocket.getSupportedCipherSuites(); 1719acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom c.serverSocket.setEnabledCipherSuites(supportedCipherSuites); 172204cab3c22b4d75c866c95e2d2eec42e14cbd924Brian Carlstrom LinkedList<String> uniqueCipherSuites 1739acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom = new LinkedList(Arrays.asList(supportedCipherSuites)); 174ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom // only use RSA cipher suites which will work with our TrustProvider 175ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom Iterator<String> i = uniqueCipherSuites.iterator(); 176ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom while (i.hasNext()) { 177ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom String cipherSuite = i.next(); 1789acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom 1799acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom // Certificate key length too long for export ciphers 1809acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom if (cipherSuite.startsWith("SSL_RSA_EXPORT_")) { 1819acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom i.remove(); 1829acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom continue; 1839acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom } 1849acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom 185ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom if (cipherSuite.startsWith("SSL_RSA_")) { 186ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom continue; 187ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom } 188ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom if (cipherSuite.startsWith("TLS_RSA_")) { 189ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom continue; 190ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom } 191ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom if (cipherSuite.startsWith("TLS_DHE_RSA_")) { 192ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom continue; 193ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom } 194ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom if (cipherSuite.startsWith("SSL_DHE_RSA_")) { 195ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom continue; 196ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom } 197ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom i.remove(); 198ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom } 199ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom 200ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom /* 2019acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom * having more than 3 uniqueCipherSuites is a test 202ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom * requirement, not a requirement of the interface or 203ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom * implementation. It simply allows us to make sure that we 204ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom * will not get a cached session ID since we'll have to 205ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom * renegotiate a new session due to the new cipher suite 206ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom * requirement. even this test only really needs three if it 207ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom * reused the unique cipher suites every time it resets the 208ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom * session cache. 209ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom */ 2109acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom assertTrue(uniqueCipherSuites.size() >= 3); 2119acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom String cipherSuite1 = uniqueCipherSuites.get(0); 2129acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom String cipherSuite2 = uniqueCipherSuites.get(1); 2139acacc36bafda869c6e9cc63786cdddd995ca96aBrian Carlstrom String cipherSuite3 = uniqueCipherSuites.get(2); 214204cab3c22b4d75c866c95e2d2eec42e14cbd924Brian Carlstrom 215f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstrom List<SSLSocket[]> toClose = new ArrayList<SSLSocket[]>(); 216f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstrom toClose.add(TestSSLSocketPair.connect(c, new String[] { cipherSuite1 }, null)); 217059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom assertSSLSessionContextSize(1, c); 218f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstrom toClose.add(TestSSLSocketPair.connect(c, new String[] { cipherSuite2 }, null)); 219059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom assertSSLSessionContextSize(2, c); 220f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstrom toClose.add(TestSSLSocketPair.connect(c, new String[] { cipherSuite3 }, null)); 221059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom assertSSLSessionContextSize(3, c); 222ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom 223ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom client.setSessionCacheSize(1); 224ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom server.setSessionCacheSize(1); 225ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom assertEquals(1, client.getSessionCacheSize()); 226ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom assertEquals(1, server.getSessionCacheSize()); 227059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom assertSSLSessionContextSize(1, c); 228f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstrom toClose.add(TestSSLSocketPair.connect(c, new String[] { cipherSuite1 }, null)); 229059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom assertSSLSessionContextSize(1, c); 230ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom 231ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom client.setSessionCacheSize(2); 232ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom server.setSessionCacheSize(2); 233f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstrom toClose.add(TestSSLSocketPair.connect(c, new String[] { cipherSuite2 }, null)); 234059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom assertSSLSessionContextSize(2, c); 235f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstrom toClose.add(TestSSLSocketPair.connect(c, new String[] { cipherSuite3 }, null)); 236059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom assertSSLSessionContextSize(2, c); 237f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstrom 238f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstrom for (SSLSocket[] pair : toClose) { 239f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstrom for (SSLSocket s : pair) { 240f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstrom s.close(); 241f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstrom } 242f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstrom } 243f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstrom c.close(); 244ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom } 245ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom 246ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom public void test_SSLSessionContext_getSessionTimeout() { 247bcfb325d5b1f9529b439cc0805a1c140521510f7Brian Carlstrom TestSSLContext c = TestSSLContext.create(); 248f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes assertEquals(TestSSLContext.EXPECTED_DEFAULT_SSL_SESSION_CACHE_TIMEOUT, 249059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom c.clientContext.getClientSessionContext().getSessionTimeout()); 250f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes assertEquals(TestSSLContext.EXPECTED_DEFAULT_SSL_SESSION_CACHE_TIMEOUT, 251059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom c.serverContext.getServerSessionContext().getSessionTimeout()); 252f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstrom c.close(); 253ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom 25417c744222e249ed5f7ab36e49ed11f9bb062a302Brian Carlstrom TestSSLSocketPair s = TestSSLSocketPair.create(); 255f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes assertEquals(TestSSLContext.EXPECTED_DEFAULT_SSL_SESSION_CACHE_TIMEOUT, 256059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom s.c.clientContext.getClientSessionContext().getSessionTimeout()); 257f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes assertEquals(TestSSLContext.EXPECTED_DEFAULT_SSL_SESSION_CACHE_TIMEOUT, 258059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom s.c.serverContext.getServerSessionContext().getSessionTimeout()); 259f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstrom s.close(); 260ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom } 261ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom 262ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom public void test_SSLSessionContext_setSessionTimeout() throws Exception { 263bcfb325d5b1f9529b439cc0805a1c140521510f7Brian Carlstrom TestSSLContext c = TestSSLContext.create(); 2640af0a7959d838c48e6b4e8dc9ac188ff6bbb6a87Brian Carlstrom assertEquals(TestSSLContext.EXPECTED_DEFAULT_SSL_SESSION_CACHE_TIMEOUT, 265059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom c.clientContext.getClientSessionContext().getSessionTimeout()); 266f33eae7e84eb6d3b0f4e86b59605bb3de73009f3Elliott Hughes assertEquals(TestSSLContext.EXPECTED_DEFAULT_SSL_SESSION_CACHE_TIMEOUT, 267059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom c.serverContext.getServerSessionContext().getSessionTimeout()); 268059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom c.clientContext.getClientSessionContext().setSessionTimeout(0); 269059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom c.serverContext.getServerSessionContext().setSessionTimeout(0); 270059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom assertEquals(0, c.clientContext.getClientSessionContext().getSessionTimeout()); 271059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom assertEquals(0, c.serverContext.getServerSessionContext().getSessionTimeout()); 272ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom 273ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom try { 274059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom c.clientContext.getClientSessionContext().setSessionTimeout(-1); 275ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom fail(); 276e9505132a9a878aa77b0fb40a40dd55c9e6affe7Brian Carlstrom } catch (IllegalArgumentException expected) { 277ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom } 278ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom try { 279059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom c.serverContext.getServerSessionContext().setSessionTimeout(-1); 280ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom fail(); 281e9505132a9a878aa77b0fb40a40dd55c9e6affe7Brian Carlstrom } catch (IllegalArgumentException expected) { 282ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom } 283f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstrom c.close(); 284ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom 28517c744222e249ed5f7ab36e49ed11f9bb062a302Brian Carlstrom TestSSLSocketPair s = TestSSLSocketPair.create(); 286059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom assertSSLSessionContextSize(1, s.c); 287ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom Thread.sleep(1 * 1000); 288059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom s.c.clientContext.getClientSessionContext().setSessionTimeout(1); 289059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom s.c.serverContext.getServerSessionContext().setSessionTimeout(1); 290059dbc04218144f985b20a228bbe98139d400d0cBrian Carlstrom assertSSLSessionContextSize(0, s.c); 291f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8aBrian Carlstrom s.close(); 292ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom } 293ebabb91c8c87ac2be2dca70ae343130f9755047fBrian Carlstrom} 294