1 /*
2  *  Licensed to the Apache Software Foundation (ASF) under one or more
3  *  contributor license agreements.  See the NOTICE file distributed with
4  *  this work for additional information regarding copyright ownership.
5  *  The ASF licenses this file to You under the Apache License, Version 2.0
6  *  (the "License"); you may not use this file except in compliance with
7  *  the License.  You may obtain a copy of the License at
8  *
9  *     http://www.apache.org/licenses/LICENSE-2.0
10  *
11  *  Unless required by applicable law or agreed to in writing, software
12  *  distributed under the License is distributed on an "AS IS" BASIS,
13  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  *  See the License for the specific language governing permissions and
15  *  limitations under the License.
16  */
17 
18 
19 package org.apache.harmony.tests.javax.net.ssl;
20 
21 import java.io.ByteArrayInputStream;
22 import java.net.URL;
23 import java.security.Principal;
24 import java.security.cert.Certificate;
25 import java.security.cert.CertificateException;
26 import java.security.cert.CertificateFactory;
27 
28 import javax.net.ssl.HostnameVerifier;
29 import javax.net.ssl.HttpsURLConnection;
30 import javax.net.ssl.SSLPeerUnverifiedException;
31 import javax.net.ssl.SSLSession;
32 import javax.net.ssl.SSLSocketFactory;
33 
34 import org.apache.harmony.security.tests.support.cert.TestUtils;
35 
36 import junit.framework.TestCase;
37 
38 
39 
40 /**
41  * Tests for <code>HttpsURLConnection</code> class constructors and methods.
42  *
43  */
44 public class HttpsURLConnectionTest extends TestCase {
45 
46     @Override
setUp()47     public void setUp() throws Exception {
48         // Set the default SSL Socket factory to avoid an unmatched SSLSocketFactory
49         HttpsURLConnection.setDefaultSSLSocketFactory(
50             (SSLSocketFactory)SSLSocketFactory.getDefault());
51     }
52 
53     /**
54      * javax.net.ssl.HttpsURLConnection#HttpsURLConnection(java_net_URL)
55      */
test_Constructor()56     public final void test_Constructor() throws Exception {
57         new MyHttpsURLConnection(new URL("https://www.fortify.net/"));
58         new MyHttpsURLConnection(null);
59     }
60 
61     /**
62      * javax.net.ssl.HttpsURLConnection#getCipherSuite()
63      */
test_getCipherSuite()64     public final void test_getCipherSuite() throws Exception {
65         URL url = new URL("https://localhost:55555");
66         HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
67         try {
68             connection.getCipherSuite();
69             fail("IllegalStateException wasn't thrown");
70         } catch (IllegalStateException expected) {
71         }
72 
73         HttpsURLConnection con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"));
74         assertEquals("CipherSuite", con.getCipherSuite());
75     }
76 
77     /**
78      * javax.net.ssl.HttpsURLConnection#getLocalCertificates()
79      */
test_getLocalCertificates()80     public final void test_getLocalCertificates() throws Exception {
81         URL url = new URL("https://localhost:55555");
82         HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
83         try {
84             connection.getLocalCertificates();
85             fail("IllegalStateException wasn't thrown");
86         } catch (IllegalStateException expected) {
87         }
88 
89         HttpsURLConnection con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.508");
90         assertNull(con.getLocalCertificates());
91         con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.509");
92         Certificate[] cert = con.getLocalCertificates();
93         assertNotNull(cert);
94         assertEquals(1, cert.length);
95     }
96 
97     /**
98      * javax.net.ssl.HttpsURLConnection#getDefaultHostnameVerifier()
99      */
test_getDefaultHostnameVerifier()100     public final void test_getDefaultHostnameVerifier() {
101         HostnameVerifier verifyer =
102             HttpsURLConnection.getDefaultHostnameVerifier();
103         assertNotNull("Default hostname verifyer is null", verifyer);
104     }
105 
106     /**
107      * javax.net.ssl.HttpsURLConnection#getHostnameVerifier()
108      */
test_getHostnameVerifier()109     public final void test_getHostnameVerifier()
110         throws Exception {
111         HttpsURLConnection con = new MyHttpsURLConnection(
112                 new URL("https://www.fortify.net/"));
113         HostnameVerifier verifyer = con.getHostnameVerifier();
114         assertNotNull("Hostname verifyer is null", verifyer);
115         assertEquals("Incorrect value of hostname verirfyer",
116                 HttpsURLConnection.getDefaultHostnameVerifier(), verifyer);
117     }
118 
119     /**
120      * javax.net.ssl.HttpsURLConnection#getLocalPrincipal()
121      */
test_getLocalPrincipal()122     public final void test_getLocalPrincipal() throws Exception {
123         URL url = new URL("https://localhost:55555");
124         HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
125         try {
126             connection.getLocalPrincipal();
127             fail("IllegalStateException wasn't thrown");
128         } catch (IllegalStateException expected) {
129         }
130 
131         HttpsURLConnection con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.508");
132         assertNull(con.getLocalPrincipal());
133         con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.509");
134         assertNotNull("Local principal is null", con.getLocalPrincipal());
135     }
136 
137     /**
138      * javax.net.ssl.HttpsURLConnection#getPeerPrincipal()
139      */
test_getPeerPrincipal()140     public final void test_getPeerPrincipal() throws Exception {
141         URL url = new URL("https://localhost:55555");
142         HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
143         try {
144             connection.getPeerPrincipal();
145             fail("IllegalStateException wasn't thrown");
146         } catch (IllegalStateException expected) {
147         }
148         HttpsURLConnection con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.508");
149         try {
150             Principal p = con.getPeerPrincipal();
151             fail("SSLPeerUnverifiedException wasn't thrown");
152         } catch (SSLPeerUnverifiedException expected) {
153         }
154 
155         con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.509");
156         Principal p = con.getPeerPrincipal();
157         assertNotNull(p);
158     }
159 
160     /**
161      * javax.net.ssl.HttpsURLConnection#getServerCertificates()
162      */
test_getServerCertificates()163     public final void test_getServerCertificates() throws Exception {
164         URL url = new URL("https://localhost:55555");
165         HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
166         try {
167             connection.getServerCertificates();
168             fail("IllegalStateException wasn't thrown");
169         } catch (IllegalStateException expected) {
170         }
171 
172         HttpsURLConnection con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.508");
173         try {
174             con.getServerCertificates();
175             fail("SSLPeerUnverifiedException wasn't thrown");
176         } catch (SSLPeerUnverifiedException expected) {
177         }
178 
179         con = new MyHttpsURLConnection(new URL("https://www.fortify.net/"), "X.509");
180         Certificate[] cert = con.getServerCertificates();
181         assertNotNull(cert);
182         assertEquals(1, cert.length);
183     }
184 
185     /**
186      * javax.net.ssl.HttpsURLConnection#setDefaultHostnameVerifier()
187      */
test_setDefaultHostnameVerifier()188     public final void test_setDefaultHostnameVerifier() {
189         try {
190             HttpsURLConnection.setDefaultHostnameVerifier(null);
191             fail("No expected IllegalArgumentException");
192         } catch (IllegalArgumentException expected) {
193         }
194         HostnameVerifier def = HttpsURLConnection.getDefaultHostnameVerifier();
195         try {
196             myHostnameVerifier hnv = new myHostnameVerifier();
197             HttpsURLConnection.setDefaultHostnameVerifier(hnv);
198             assertEquals(hnv, HttpsURLConnection.getDefaultHostnameVerifier());
199         } finally {
200             HttpsURLConnection.setDefaultHostnameVerifier(def);
201         }
202     }
203 
204     /**
205      * javax.net.ssl.HttpsURLConnection#setHostnameVerifier()
206      */
test_setHostnameVerifier()207     public final void test_setHostnameVerifier() {
208         HttpsURLConnection con = new MyHttpsURLConnection(null);
209         try {
210             con.setHostnameVerifier(null);
211             fail("No expected IllegalArgumentException");
212         } catch (IllegalArgumentException expected) {
213         }
214         myHostnameVerifier hnv = new myHostnameVerifier();
215         con.setHostnameVerifier(hnv);
216     }
217 
218     /**
219      * javax.net.ssl.HttpsURLConnection#setDefaultSSLSocketFactory()
220      */
test_setDefaultSSLSocketFactory()221     public final void test_setDefaultSSLSocketFactory() {
222         try {
223             HttpsURLConnection.setDefaultSSLSocketFactory(null);
224             fail("No expected IllegalArgumentException");
225         } catch (IllegalArgumentException expected) {
226         }
227         SSLSocketFactory ssf = (SSLSocketFactory) SSLSocketFactory
228                 .getDefault();
229         HttpsURLConnection.setDefaultSSLSocketFactory(ssf);
230     }
231 
232     /**
233      * javax.net.ssl.HttpsURLConnection#setSSLSocketFactory()
234      */
test_setSSLSocketFactory()235     public final void test_setSSLSocketFactory() {
236         HttpsURLConnection con = new MyHttpsURLConnection(null);
237         try {
238             con.setSSLSocketFactory(null);
239             fail("No expected IllegalArgumentException");
240         } catch (IllegalArgumentException expected) {
241         }
242         SSLSocketFactory ssf = (SSLSocketFactory) SSLSocketFactory
243                 .getDefault();
244         con.setSSLSocketFactory(ssf);
245     }
246 }
247 
248 class MyHttpsURLConnection extends javax.net.ssl.HttpsURLConnection {
249 
250     private String typeDone;
251 
MyHttpsURLConnection(URL url)252     public MyHttpsURLConnection(URL url) {
253         super(url);
254     }
255 
MyHttpsURLConnection(URL url, String type)256     public MyHttpsURLConnection(URL url, String type) {
257         super(url);
258         typeDone = type;
259     }
260 
261     /*
262      * @see javax.net.ssl.HttpsURLConnection#getCipherSuite()
263      */
getCipherSuite()264     public String getCipherSuite() {
265         return "CipherSuite";
266     }
267 
268     /*
269      * @see javax.net.ssl.HttpsURLConnection#getLocalCertificates()
270      */
getLocalCertificates()271     public Certificate[] getLocalCertificates() {
272         try {
273             CertificateFactory cf = CertificateFactory.getInstance(typeDone);
274             byte[] barr = TestUtils.getX509Certificate_v1();
275             ByteArrayInputStream bis = new ByteArrayInputStream(barr);
276             Certificate cert = cf.generateCertificate(bis);
277             return new Certificate[] { cert };
278         } catch (CertificateException se) {
279             return null;
280         }
281     }
282 
283     /*
284      * @see javax.net.ssl.HttpsURLConnection#getServerCertificates()
285      */
getServerCertificates()286     public Certificate[] getServerCertificates() throws SSLPeerUnverifiedException {
287         try {
288             CertificateFactory cf = CertificateFactory.getInstance(typeDone);
289             byte[] barr = TestUtils.getX509Certificate_v3();
290             ByteArrayInputStream bis = new ByteArrayInputStream(barr);
291             Certificate cert = cf.generateCertificate(bis);
292             return new Certificate[] { cert };
293         } catch (CertificateException se) {
294             throw new SSLPeerUnverifiedException("No server's end-entity certificate");
295         }
296     }
297 
298     /*
299      * @see java.net.HttpURLConnection#disconnect()
300      */
disconnect()301     public void disconnect() {
302     }
303 
304     /*
305      * @see java.net.HttpURLConnection#usingProxy()
306      */
usingProxy()307     public boolean usingProxy() {
308         return false;
309     }
310 
connect()311     public void connect() {
312     }
313 
314 }
315 
316 class myHostnameVerifier implements HostnameVerifier {
317 
myHostnameVerifier()318     myHostnameVerifier() {
319     }
320 
verify(String hostname, SSLSession session)321     public boolean verify(String hostname, SSLSession session) {
322         if (hostname == session.getPeerHost()) {
323             return true;
324         } else return false;
325     }
326 }
327 
328