diff options
4 files changed, 119 insertions, 37 deletions
diff --git a/luni/src/test/java/com/android/org/bouncycastle/jce/provider/CertBlacklistTest.java b/luni/src/test/java/com/android/org/bouncycastle/jce/provider/CertBlacklistTest.java index bd12aeaf16..b374f56c3c 100644 --- a/luni/src/test/java/com/android/org/bouncycastle/jce/provider/CertBlacklistTest.java +++ b/luni/src/test/java/com/android/org/bouncycastle/jce/provider/CertBlacklistTest.java @@ -16,15 +16,24 @@ package com.android.org.bouncycastle.jce.provider; +import java.io.ByteArrayInputStream; import java.io.File; import java.io.FileOutputStream; import java.io.FileNotFoundException; +import java.io.InputStream; import java.io.IOException; import java.math.BigInteger; +import java.security.cert.CertificateFactory; +import java.security.cert.Certificate; +import java.security.MessageDigest; +import java.security.PrivateKey; +import java.security.PublicKey; import java.util.HashSet; import java.util.Set; import junit.framework.TestCase; import com.android.org.bouncycastle.jce.provider.CertBlacklist; +import com.android.org.bouncycastle.crypto.Digest; +import com.android.org.bouncycastle.util.encoders.Base64; import com.android.org.bouncycastle.util.encoders.Hex; public class CertBlacklistTest extends TestCase { @@ -34,6 +43,25 @@ public class CertBlacklistTest extends TestCase { private Set<String> DEFAULT_PUBKEYS; private Set<String> DEFAULT_SERIALS; + public static final String TEST_CERT = "" + + "MIIDsjCCAxugAwIBAgIJAPLf2gS0zYGUMA0GCSqGSIb3DQEBBQUAMIGYMQswCQYDVQQGEwJVUzET" + + "MBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEPMA0GA1UEChMGR29v" + + "Z2xlMRAwDgYDVQQLEwd0ZXN0aW5nMRYwFAYDVQQDEw1HZXJlbXkgQ29uZHJhMSEwHwYJKoZIhvcN" + + "AQkBFhJnY29uZHJhQGdvb2dsZS5jb20wHhcNMTIwNzE0MTc1MjIxWhcNMTIwODEzMTc1MjIxWjCB" + + "mDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDU1vdW50YWluIFZp" + + "ZXcxDzANBgNVBAoTBkdvb2dsZTEQMA4GA1UECxMHdGVzdGluZzEWMBQGA1UEAxMNR2VyZW15IENv" + + "bmRyYTEhMB8GCSqGSIb3DQEJARYSZ2NvbmRyYUBnb29nbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUA" + + "A4GNADCBiQKBgQCjGGHATBYlmas+0sEECkno8LZ1KPglb/mfe6VpCT3GhSr+7br7NG/ZwGZnEhLq" + + "E7YIH4fxltHmQC3Tz+jM1YN+kMaQgRRjo/LBCJdOKaMwUbkVynAH6OYsKevjrOPk8lfM5SFQzJMG" + + "sA9+Tfopr5xg0BwZ1vA/+E3mE7Tr3M2UvwIDAQABo4IBADCB/TAdBgNVHQ4EFgQUhzkS9E6G+x8W" + + "L4EsmRjDxu28tHUwgc0GA1UdIwSBxTCBwoAUhzkS9E6G+x8WL4EsmRjDxu28tHWhgZ6kgZswgZgx" + + "CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3" + + "MQ8wDQYDVQQKEwZHb29nbGUxEDAOBgNVBAsTB3Rlc3RpbmcxFjAUBgNVBAMTDUdlcmVteSBDb25k" + + "cmExITAfBgkqhkiG9w0BCQEWEmdjb25kcmFAZ29vZ2xlLmNvbYIJAPLf2gS0zYGUMAwGA1UdEwQF" + + "MAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAYiugFDmbDOQ2U/+mqNt7o8ftlEo9SJrns6O8uTtK6AvR" + + "orDrR1AXTXkuxwLSbmVfedMGOZy7Awh7iZa8hw5x9XmUudfNxvmrKVEwGQY2DZ9PXbrnta/dwbhK" + + "mWfoepESVbo7CKIhJp8gRW0h1Z55ETXD57aGJRvQS4pxkP8ANhM="; + public CertBlacklistTest() throws IOException { tmpFile = File.createTempFile("test", ""); DEFAULT_PUBKEYS = getDefaultPubkeys(); @@ -82,6 +110,13 @@ public class CertBlacklistTest extends TestCase { return results; } + private String getHash(PublicKey publicKey) throws Exception { + byte[] encoded = publicKey.getEncoded(); + MessageDigest digest = MessageDigest.getInstance("SHA1"); + byte[] hexlifiedHash = Hex.encode(digest.digest(encoded)); + return new String(hexlifiedHash); + } + private Set<String> getDefaultPubkeys() throws IOException { return getPubkeyBlacklist(""); } @@ -116,7 +151,14 @@ public class CertBlacklistTest extends TestCase { blacklistToFile(result.toString()); } - public void testPubkeyBlacklistLegit() throws IOException { + private PublicKey createPublicKey(String cert) throws Exception { + byte[] derCert = Base64.decode(cert.getBytes()); + InputStream istream = new ByteArrayInputStream(derCert); + CertificateFactory cf = CertificateFactory.getInstance("X.509"); + return cf.generateCertificate(istream).getPublicKey(); + } + + public void testPubkeyBlacklistLegit() throws Exception { // build the blacklist HashSet<String> bl = new HashSet<String>(); bl.add("6ccabd7db47e94a5759901b6a7dfd45d1c091ccc"); @@ -128,6 +170,34 @@ public class CertBlacklistTest extends TestCase { assertEquals(bl, getCurrentPubkeyBlacklist()); } + public void testLegitPubkeyIsntBlacklisted() throws Exception { + // build the public key + PublicKey pk = createPublicKey(TEST_CERT); + // write that to the test blacklist + writeBlacklist(new HashSet<String>()); + // set our blacklist path + CertBlacklist bl = new CertBlacklist(tmpFile.getCanonicalPath(), + CertBlacklist.DEFAULT_SERIAL_BLACKLIST_PATH); + // check to make sure it isn't blacklisted + assertEquals(bl.isPublicKeyBlackListed(pk), false); + } + + public void testPubkeyIsBlacklisted() throws Exception { + // build the public key + PublicKey pk = createPublicKey(TEST_CERT); + // get its hash + String hash = getHash(pk); + // write that to the test blacklist + HashSet<String> testBlackList = new HashSet<String>(); + testBlackList.add(hash); + writeBlacklist(testBlackList); + // set our blacklist path + CertBlacklist bl = new CertBlacklist(tmpFile.getCanonicalPath(), + CertBlacklist.DEFAULT_SERIAL_BLACKLIST_PATH); + // check to make sure it isn't blacklited + assertTrue(bl.isPublicKeyBlackListed(pk)); + } + public void testSerialBlacklistLegit() throws IOException { // build the blacklist HashSet<String> bl = new HashSet<String>(); diff --git a/luni/src/test/java/libcore/java/nio/channels/OldSocketChannelTest.java b/luni/src/test/java/libcore/java/nio/channels/OldSocketChannelTest.java index 750be35968..6560a7bbbf 100644 --- a/luni/src/test/java/libcore/java/nio/channels/OldSocketChannelTest.java +++ b/luni/src/test/java/libcore/java/nio/channels/OldSocketChannelTest.java @@ -282,14 +282,27 @@ public class OldSocketChannelTest extends TestCase { } public void test_socketChannel_read_DirectByteBuffer() throws InterruptedException, IOException { - - ServerThread server = new ServerThread(); + final ServerSocketChannel ssc = ServerSocketChannel.open(); + ssc.socket().bind(null, 0); + + Thread server = new Thread() { + @Override public void run() { + try { + for (int i = 0; i < 2; ++i) { + ByteBuffer buf = ByteBuffer.allocate(10); + buf.put(data); + buf.rewind(); + ssc.accept().write(buf); + } + } catch (Exception ignored) { + } + } + }; server.start(); - Thread.currentThread().sleep(1000); // First test with array based byte buffer SocketChannel sc = SocketChannel.open(); - sc.connect(server.getLocalSocketAddress()); + sc.connect(ssc.socket().getLocalSocketAddress()); ByteBuffer buf = ByteBuffer.allocate(data.length); buf.limit(data.length / 2); @@ -305,7 +318,7 @@ public class OldSocketChannelTest extends TestCase { // Now test with direct byte buffer sc = SocketChannel.open(); - sc.connect(server.getLocalSocketAddress()); + sc.connect(ssc.socket().getLocalSocketAddress()); buf = ByteBuffer.allocateDirect(data.length); buf.limit(data.length / 2); @@ -333,32 +346,6 @@ public class OldSocketChannelTest extends TestCase { public static boolean done = false; public static byte[] data = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10}; - static class ServerThread extends Thread { - private ServerSocketChannel ssc; - - @Override public void run() { - try { - ssc = ServerSocketChannel.open(); - ssc.socket().bind(null, 0); - - ByteBuffer buf = ByteBuffer.allocate(10); - buf.put(data); - - while (!done) { - SocketChannel sc = ssc.accept(); - buf.rewind(); - sc.write(buf); - } - } catch (Exception e) { - // ignore - } - } - - public SocketAddress getLocalSocketAddress() { - return ssc.socket().getLocalSocketAddress(); - } - } - class MockSocketChannel extends SocketChannel { private boolean isConstructorCalled = false; diff --git a/luni/src/test/java/libcore/java/text/OldSimpleDateFormatTest.java b/luni/src/test/java/libcore/java/text/OldSimpleDateFormatTest.java index 01506df77c..ff24bb6a7d 100644 --- a/luni/src/test/java/libcore/java/text/OldSimpleDateFormatTest.java +++ b/luni/src/test/java/libcore/java/text/OldSimpleDateFormatTest.java @@ -30,9 +30,21 @@ import java.util.TimeZone; public class OldSimpleDateFormatTest extends junit.framework.TestCase { - SimpleDateFormat format = new SimpleDateFormat("", Locale.ENGLISH); + SimpleDateFormat format = null; + SimpleDateFormat pFormat = null; + + @Override + protected void setUp() throws Exception { + TimeZone.setDefault(TimeZone.getTimeZone("GMT")); + format = new SimpleDateFormat("", Locale.ENGLISH); + pFormat = new SimpleDateFormat("", Locale.ENGLISH); + } - SimpleDateFormat pFormat = new SimpleDateFormat("", Locale.ENGLISH); + @Override + protected void tearDown() throws Exception { + format = null; + pFormat = null; + } class FormatTester { boolean testsFailed = false; diff --git a/luni/src/test/java/libcore/javax/net/ssl/SSLSessionTest.java b/luni/src/test/java/libcore/javax/net/ssl/SSLSessionTest.java index 217dfe9e82..67c83bf955 100644 --- a/luni/src/test/java/libcore/javax/net/ssl/SSLSessionTest.java +++ b/luni/src/test/java/libcore/javax/net/ssl/SSLSessionTest.java @@ -54,11 +54,24 @@ public class SSLSessionTest extends TestCase { } public void test_SSLSession_getCreationTime() { + // We use OpenSSL, which only returns times accurate to the nearest second. + // NativeCrypto just multiplies by 1000, which looks like truncation, which + // would make it appear as if the OpenSSL side of things was created before + // we called it. + long t0 = System.currentTimeMillis() / 1000; TestSSLSessions s = TestSSLSessions.create(); + long t1 = System.currentTimeMillis() / 1000; + assertTrue(s.invalid.getCreationTime() > 0); - assertTrue(s.server.getCreationTime() > 0); - assertTrue(s.client.getCreationTime() > 0); - assertTrue(Math.abs(s.server.getCreationTime() - s.client.getCreationTime()) < 1 * 1000); + + long sTime = s.server.getCreationTime() / 1000; + assertTrue(sTime + " >= " + t0, sTime >= t0); + assertTrue(sTime + " <= " + t1, sTime <= t1); + + long cTime = s.client.getCreationTime() / 1000; + assertTrue(cTime + " >= " + t0, cTime >= t0); + assertTrue(cTime + " <= " + t1, cTime <= t1); + s.close(); } |