Example 41 with SSLHandshakeException
use of javax.net.ssl.SSLHandshakeException in project robovm by robovm.
the class URLConnectionTest method testConnectViaHttpProxyToHttpsUsingBadProxyAndHttpResponseCache.
/**
* Tolerate bad https proxy response when using HttpResponseCache. http://b/6754912
*/
public void testConnectViaHttpProxyToHttpsUsingBadProxyAndHttpResponseCache() throws Exception {
ProxyConfig proxyConfig = ProxyConfig.PROXY_SYSTEM_PROPERTY;
TestSSLContext testSSLContext = TestSSLContext.create();
initResponseCache();
server.useHttps(testSSLContext.serverContext.getSocketFactory(), true);
MockResponse badProxyResponse = new MockResponse().setSocketPolicy(SocketPolicy.UPGRADE_TO_SSL_AT_END).clearHeaders().setBody(// Key to reproducing b/6754912
"bogus proxy connect response content");
// We enqueue the bad response twice because the connection will
// be retried with TLS_MODE_COMPATIBLE after the first connection
// fails.
server.enqueue(badProxyResponse);
server.enqueue(badProxyResponse);
server.play();
URL url = new URL("https://android.com/foo");
HttpsURLConnection connection = (HttpsURLConnection) proxyConfig.connect(server, url);
connection.setSSLSocketFactory(testSSLContext.clientContext.getSocketFactory());
try {
connection.connect();
fail();
} catch (SSLHandshakeException expected) {
// Thrown when the connect causes SSLSocket.startHandshake() to throw
// when it sees the "bogus proxy connect response content"
// instead of a ServerHello handshake message.
}
RecordedRequest connect = server.takeRequest();
assertEquals("Connect line failure on proxy", "CONNECT android.com:443 HTTP/1.1", connect.getRequestLine());
assertContains(connect.getHeaders(), "Host: android.com");
}
Also used :
RecordedRequest(com.google.mockwebserver.RecordedRequest)
MockResponse(com.google.mockwebserver.MockResponse)
TestSSLContext(libcore.javax.net.ssl.TestSSLContext)
URL(java.net.URL)
HttpsURLConnection(javax.net.ssl.HttpsURLConnection)
SSLHandshakeException(javax.net.ssl.SSLHandshakeException)
Example 42 with SSLHandshakeException
use of javax.net.ssl.SSLHandshakeException in project jdk8u_jdk by JetBrains.
the class DHCrypt method getAgreedSecret.
/**
* Get the secret data that has been agreed on through Diffie-Hellman
* key agreement protocol. Note that in the two party protocol, if
* the peer keys are already known, no other data needs to be sent in
* order to agree on a secret. That is, a secured message may be
* sent without any mandatory round-trip overheads.
*
* <P>It is illegal to call this member function if the private key
* has not been set (or generated).
*
* @param peerPublicKey the peer's public key.
* @param keyIsValidated whether the {@code peerPublicKey} has beed
* validated
* @return the secret, which is an unsigned big-endian integer
* the same size as the Diffie-Hellman modulus.
*/
SecretKey getAgreedSecret(BigInteger peerPublicValue, boolean keyIsValidated) throws SSLHandshakeException {
try {
KeyFactory kf = JsseJce.getKeyFactory("DiffieHellman");
DHPublicKeySpec spec = new DHPublicKeySpec(peerPublicValue, modulus, base);
PublicKey publicKey = kf.generatePublic(spec);
KeyAgreement ka = JsseJce.getKeyAgreement("DiffieHellman");
// validate the Diffie-Hellman public key
if (!keyIsValidated && !KeyUtil.isOracleJCEProvider(ka.getProvider().getName())) {
try {
KeyUtil.validate(spec);
} catch (InvalidKeyException ike) {
// prefer handshake_failure alert to internal_error alert
throw new SSLHandshakeException(ike.getMessage());
}
}
ka.init(privateKey);
ka.doPhase(publicKey, true);
return ka.generateSecret("TlsPremasterSecret");
} catch (GeneralSecurityException e) {
throw (SSLHandshakeException) new SSLHandshakeException("Could not generate secret").initCause(e);
}
}
Also used :
DHPublicKey(javax.crypto.interfaces.DHPublicKey)
KeyAgreement(javax.crypto.KeyAgreement)
SSLHandshakeException(javax.net.ssl.SSLHandshakeException)
Example 43 with SSLHandshakeException
use of javax.net.ssl.SSLHandshakeException in project jdk8u_jdk by JetBrains.
the class ECDHCrypt method checkConstraints.
// Check constraints of the specified EC public key.
void checkConstraints(AlgorithmConstraints constraints, byte[] encodedPoint) throws SSLHandshakeException {
try {
ECParameterSpec params = publicKey.getParams();
ECPoint point = JsseJce.decodePoint(encodedPoint, params.getCurve());
ECPublicKeySpec spec = new ECPublicKeySpec(point, params);
KeyFactory kf = JsseJce.getKeyFactory("EC");
ECPublicKey publicKey = (ECPublicKey) kf.generatePublic(spec);
// check constraints of ECPublicKey
if (!constraints.permits(EnumSet.of(CryptoPrimitive.KEY_AGREEMENT), publicKey)) {
throw new SSLHandshakeException("ECPublicKey does not comply to algorithm constraints");
}
} catch (GeneralSecurityException | java.io.IOException e) {
throw (SSLHandshakeException) new SSLHandshakeException("Could not generate ECPublicKey").initCause(e);
}
}
Also used :
ECPublicKey(java.security.interfaces.ECPublicKey)
SSLHandshakeException(javax.net.ssl.SSLHandshakeException)
Example 44 with SSLHandshakeException
use of javax.net.ssl.SSLHandshakeException in project google-cloud-java by GoogleCloudPlatform.
the class CloudStorageReadChannelTest method testReadRetrySSLHandshake.
@Test
public void testReadRetrySSLHandshake() throws IOException {
ByteBuffer buffer = ByteBuffer.allocate(1);
when(gcsChannel.read(eq(buffer))).thenThrow(new StorageException(new IOException("something", new IOException("thing", new SSLHandshakeException("connection closed due to throttling"))))).thenReturn(1);
assertThat(chan.position()).isEqualTo(0L);
assertThat(chan.read(buffer)).isEqualTo(1);
assertThat(chan.position()).isEqualTo(1L);
verify(gcsChannel, times(2)).read(any(ByteBuffer.class));
}
Also used :
IOException(java.io.IOException)
ByteBuffer(java.nio.ByteBuffer)
StorageException(com.google.cloud.storage.StorageException)
SSLHandshakeException(javax.net.ssl.SSLHandshakeException)
Test(org.junit.Test)
Example 45 with SSLHandshakeException
use of javax.net.ssl.SSLHandshakeException in project android_frameworks_base by crdroidandroid.
the class TestUtils method assertUrlConnectionFails.
public static void assertUrlConnectionFails(SSLContext context, String host, int port) throws Exception {
URL url = new URL("https://" + host + ":" + port);
HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
connection.setSSLSocketFactory(context.getSocketFactory());
try {
connection.getInputStream();
fail("Connection to " + host + ":" + port + " expected to fail");
} catch (SSLHandshakeException expected) {
// ignored.
}
}
Also used :
URL(java.net.URL)
HttpsURLConnection(javax.net.ssl.HttpsURLConnection)
SSLHandshakeException(javax.net.ssl.SSLHandshakeException)
Aggregations
SSLHandshakeException (javax.net.ssl.SSLHandshakeException)90
IOException (java.io.IOException)29
Test (org.junit.Test)22
CertificateException (java.security.cert.CertificateException)18
URL (java.net.URL)15
SSLException (javax.net.ssl.SSLException)15
SocketException (java.net.SocketException)13
HttpsURLConnection (javax.net.ssl.HttpsURLConnection)12
SSLProtocolException (javax.net.ssl.SSLProtocolException)10
Socket (java.net.Socket)9
SSLSocket (javax.net.ssl.SSLSocket)9
SSLPeerUnverifiedException (javax.net.ssl.SSLPeerUnverifiedException)8
SocketTimeoutException (java.net.SocketTimeoutException)7
SSLSession (javax.net.ssl.SSLSession)7
InputStream (java.io.InputStream)6
SSLSocketFactory (javax.net.ssl.SSLSocketFactory)6
Channel (io.netty.channel.Channel)5
InetSocketAddress (java.net.InetSocketAddress)5
MalformedURLException (java.net.MalformedURLException)5
ClosedChannelException (java.nio.channels.ClosedChannelException)5
