am 5a1225cc: Merge "NativeCrypto: add assertions for no OpenSSL errors"
* commit '5a1225cc1b870ffab8be63f2f4a5baa2f3e26126':
NativeCrypto: add assertions for no OpenSSL errors
diff --git a/luni/src/test/java/com/android/org/bouncycastle/jce/provider/CertBlacklistTest.java b/luni/src/test/java/com/android/org/bouncycastle/jce/provider/CertBlacklistTest.java
index bd12aea..b374f56 100644
--- a/luni/src/test/java/com/android/org/bouncycastle/jce/provider/CertBlacklistTest.java
+++ b/luni/src/test/java/com/android/org/bouncycastle/jce/provider/CertBlacklistTest.java
@@ -16,15 +16,24 @@
package com.android.org.bouncycastle.jce.provider;
+import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.FileNotFoundException;
+import java.io.InputStream;
import java.io.IOException;
import java.math.BigInteger;
+import java.security.cert.CertificateFactory;
+import java.security.cert.Certificate;
+import java.security.MessageDigest;
+import java.security.PrivateKey;
+import java.security.PublicKey;
import java.util.HashSet;
import java.util.Set;
import junit.framework.TestCase;
import com.android.org.bouncycastle.jce.provider.CertBlacklist;
+import com.android.org.bouncycastle.crypto.Digest;
+import com.android.org.bouncycastle.util.encoders.Base64;
import com.android.org.bouncycastle.util.encoders.Hex;
public class CertBlacklistTest extends TestCase {
@@ -34,6 +43,25 @@
private Set<String> DEFAULT_PUBKEYS;
private Set<String> DEFAULT_SERIALS;
+ public static final String TEST_CERT = "" +
+ "MIIDsjCCAxugAwIBAgIJAPLf2gS0zYGUMA0GCSqGSIb3DQEBBQUAMIGYMQswCQYDVQQGEwJVUzET" +
+ "MBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEPMA0GA1UEChMGR29v" +
+ "Z2xlMRAwDgYDVQQLEwd0ZXN0aW5nMRYwFAYDVQQDEw1HZXJlbXkgQ29uZHJhMSEwHwYJKoZIhvcN" +
+ "AQkBFhJnY29uZHJhQGdvb2dsZS5jb20wHhcNMTIwNzE0MTc1MjIxWhcNMTIwODEzMTc1MjIxWjCB" +
+ "mDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDU1vdW50YWluIFZp" +
+ "ZXcxDzANBgNVBAoTBkdvb2dsZTEQMA4GA1UECxMHdGVzdGluZzEWMBQGA1UEAxMNR2VyZW15IENv" +
+ "bmRyYTEhMB8GCSqGSIb3DQEJARYSZ2NvbmRyYUBnb29nbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUA" +
+ "A4GNADCBiQKBgQCjGGHATBYlmas+0sEECkno8LZ1KPglb/mfe6VpCT3GhSr+7br7NG/ZwGZnEhLq" +
+ "E7YIH4fxltHmQC3Tz+jM1YN+kMaQgRRjo/LBCJdOKaMwUbkVynAH6OYsKevjrOPk8lfM5SFQzJMG" +
+ "sA9+Tfopr5xg0BwZ1vA/+E3mE7Tr3M2UvwIDAQABo4IBADCB/TAdBgNVHQ4EFgQUhzkS9E6G+x8W" +
+ "L4EsmRjDxu28tHUwgc0GA1UdIwSBxTCBwoAUhzkS9E6G+x8WL4EsmRjDxu28tHWhgZ6kgZswgZgx" +
+ "CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3" +
+ "MQ8wDQYDVQQKEwZHb29nbGUxEDAOBgNVBAsTB3Rlc3RpbmcxFjAUBgNVBAMTDUdlcmVteSBDb25k" +
+ "cmExITAfBgkqhkiG9w0BCQEWEmdjb25kcmFAZ29vZ2xlLmNvbYIJAPLf2gS0zYGUMAwGA1UdEwQF" +
+ "MAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAYiugFDmbDOQ2U/+mqNt7o8ftlEo9SJrns6O8uTtK6AvR" +
+ "orDrR1AXTXkuxwLSbmVfedMGOZy7Awh7iZa8hw5x9XmUudfNxvmrKVEwGQY2DZ9PXbrnta/dwbhK" +
+ "mWfoepESVbo7CKIhJp8gRW0h1Z55ETXD57aGJRvQS4pxkP8ANhM=";
+
public CertBlacklistTest() throws IOException {
tmpFile = File.createTempFile("test", "");
DEFAULT_PUBKEYS = getDefaultPubkeys();
@@ -82,6 +110,13 @@
return results;
}
+ private String getHash(PublicKey publicKey) throws Exception {
+ byte[] encoded = publicKey.getEncoded();
+ MessageDigest digest = MessageDigest.getInstance("SHA1");
+ byte[] hexlifiedHash = Hex.encode(digest.digest(encoded));
+ return new String(hexlifiedHash);
+ }
+
private Set<String> getDefaultPubkeys() throws IOException {
return getPubkeyBlacklist("");
}
@@ -116,7 +151,14 @@
blacklistToFile(result.toString());
}
- public void testPubkeyBlacklistLegit() throws IOException {
+ private PublicKey createPublicKey(String cert) throws Exception {
+ byte[] derCert = Base64.decode(cert.getBytes());
+ InputStream istream = new ByteArrayInputStream(derCert);
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+ return cf.generateCertificate(istream).getPublicKey();
+ }
+
+ public void testPubkeyBlacklistLegit() throws Exception {
// build the blacklist
HashSet<String> bl = new HashSet<String>();
bl.add("6ccabd7db47e94a5759901b6a7dfd45d1c091ccc");
@@ -128,6 +170,34 @@
assertEquals(bl, getCurrentPubkeyBlacklist());
}
+ public void testLegitPubkeyIsntBlacklisted() throws Exception {
+ // build the public key
+ PublicKey pk = createPublicKey(TEST_CERT);
+ // write that to the test blacklist
+ writeBlacklist(new HashSet<String>());
+ // set our blacklist path
+ CertBlacklist bl = new CertBlacklist(tmpFile.getCanonicalPath(),
+ CertBlacklist.DEFAULT_SERIAL_BLACKLIST_PATH);
+ // check to make sure it isn't blacklisted
+ assertEquals(bl.isPublicKeyBlackListed(pk), false);
+ }
+
+ public void testPubkeyIsBlacklisted() throws Exception {
+ // build the public key
+ PublicKey pk = createPublicKey(TEST_CERT);
+ // get its hash
+ String hash = getHash(pk);
+ // write that to the test blacklist
+ HashSet<String> testBlackList = new HashSet<String>();
+ testBlackList.add(hash);
+ writeBlacklist(testBlackList);
+ // set our blacklist path
+ CertBlacklist bl = new CertBlacklist(tmpFile.getCanonicalPath(),
+ CertBlacklist.DEFAULT_SERIAL_BLACKLIST_PATH);
+ // check to make sure it isn't blacklited
+ assertTrue(bl.isPublicKeyBlackListed(pk));
+ }
+
public void testSerialBlacklistLegit() throws IOException {
// build the blacklist
HashSet<String> bl = new HashSet<String>();
diff --git a/luni/src/test/java/libcore/java/nio/channels/OldSocketChannelTest.java b/luni/src/test/java/libcore/java/nio/channels/OldSocketChannelTest.java
index 750be35..6560a7b 100644
--- a/luni/src/test/java/libcore/java/nio/channels/OldSocketChannelTest.java
+++ b/luni/src/test/java/libcore/java/nio/channels/OldSocketChannelTest.java
@@ -282,14 +282,27 @@
}
public void test_socketChannel_read_DirectByteBuffer() throws InterruptedException, IOException {
+ final ServerSocketChannel ssc = ServerSocketChannel.open();
+ ssc.socket().bind(null, 0);
- ServerThread server = new ServerThread();
+ Thread server = new Thread() {
+ @Override public void run() {
+ try {
+ for (int i = 0; i < 2; ++i) {
+ ByteBuffer buf = ByteBuffer.allocate(10);
+ buf.put(data);
+ buf.rewind();
+ ssc.accept().write(buf);
+ }
+ } catch (Exception ignored) {
+ }
+ }
+ };
server.start();
- Thread.currentThread().sleep(1000);
// First test with array based byte buffer
SocketChannel sc = SocketChannel.open();
- sc.connect(server.getLocalSocketAddress());
+ sc.connect(ssc.socket().getLocalSocketAddress());
ByteBuffer buf = ByteBuffer.allocate(data.length);
buf.limit(data.length / 2);
@@ -305,7 +318,7 @@
// Now test with direct byte buffer
sc = SocketChannel.open();
- sc.connect(server.getLocalSocketAddress());
+ sc.connect(ssc.socket().getLocalSocketAddress());
buf = ByteBuffer.allocateDirect(data.length);
buf.limit(data.length / 2);
@@ -333,32 +346,6 @@
public static boolean done = false;
public static byte[] data = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10};
- static class ServerThread extends Thread {
- private ServerSocketChannel ssc;
-
- @Override public void run() {
- try {
- ssc = ServerSocketChannel.open();
- ssc.socket().bind(null, 0);
-
- ByteBuffer buf = ByteBuffer.allocate(10);
- buf.put(data);
-
- while (!done) {
- SocketChannel sc = ssc.accept();
- buf.rewind();
- sc.write(buf);
- }
- } catch (Exception e) {
- // ignore
- }
- }
-
- public SocketAddress getLocalSocketAddress() {
- return ssc.socket().getLocalSocketAddress();
- }
- }
-
class MockSocketChannel extends SocketChannel {
private boolean isConstructorCalled = false;
diff --git a/luni/src/test/java/libcore/java/text/OldSimpleDateFormatTest.java b/luni/src/test/java/libcore/java/text/OldSimpleDateFormatTest.java
index 01506df..ff24bb6 100644
--- a/luni/src/test/java/libcore/java/text/OldSimpleDateFormatTest.java
+++ b/luni/src/test/java/libcore/java/text/OldSimpleDateFormatTest.java
@@ -30,9 +30,21 @@
public class OldSimpleDateFormatTest extends junit.framework.TestCase {
- SimpleDateFormat format = new SimpleDateFormat("", Locale.ENGLISH);
+ SimpleDateFormat format = null;
+ SimpleDateFormat pFormat = null;
- SimpleDateFormat pFormat = new SimpleDateFormat("", Locale.ENGLISH);
+ @Override
+ protected void setUp() throws Exception {
+ TimeZone.setDefault(TimeZone.getTimeZone("GMT"));
+ format = new SimpleDateFormat("", Locale.ENGLISH);
+ pFormat = new SimpleDateFormat("", Locale.ENGLISH);
+ }
+
+ @Override
+ protected void tearDown() throws Exception {
+ format = null;
+ pFormat = null;
+ }
class FormatTester {
boolean testsFailed = false;
diff --git a/luni/src/test/java/libcore/javax/net/ssl/SSLSessionTest.java b/luni/src/test/java/libcore/javax/net/ssl/SSLSessionTest.java
index 217dfe9..67c83bf 100644
--- a/luni/src/test/java/libcore/javax/net/ssl/SSLSessionTest.java
+++ b/luni/src/test/java/libcore/javax/net/ssl/SSLSessionTest.java
@@ -54,11 +54,24 @@
}
public void test_SSLSession_getCreationTime() {
+ // We use OpenSSL, which only returns times accurate to the nearest second.
+ // NativeCrypto just multiplies by 1000, which looks like truncation, which
+ // would make it appear as if the OpenSSL side of things was created before
+ // we called it.
+ long t0 = System.currentTimeMillis() / 1000;
TestSSLSessions s = TestSSLSessions.create();
+ long t1 = System.currentTimeMillis() / 1000;
+
assertTrue(s.invalid.getCreationTime() > 0);
- assertTrue(s.server.getCreationTime() > 0);
- assertTrue(s.client.getCreationTime() > 0);
- assertTrue(Math.abs(s.server.getCreationTime() - s.client.getCreationTime()) < 1 * 1000);
+
+ long sTime = s.server.getCreationTime() / 1000;
+ assertTrue(sTime + " >= " + t0, sTime >= t0);
+ assertTrue(sTime + " <= " + t1, sTime <= t1);
+
+ long cTime = s.client.getCreationTime() / 1000;
+ assertTrue(cTime + " >= " + t0, cTime >= t0);
+ assertTrue(cTime + " <= " + t1, cTime <= t1);
+
s.close();
}