Example 26 with ConnectionSpec
use of okhttp3.ConnectionSpec in project okhttp by square.
the class ConnectionSpecTest method allEnabledCipherSuites.
@Test
public void allEnabledCipherSuites() throws Exception {
platform.assumeNotConscrypt();
platform.assumeNotBouncyCastle();
ConnectionSpec tlsSpec = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS).allEnabledCipherSuites().build();
assertThat(tlsSpec.cipherSuites()).isNull();
SSLSocket sslSocket = (SSLSocket) SSLSocketFactory.getDefault().createSocket();
sslSocket.setEnabledCipherSuites(new String[] { CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256.javaName(), CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA.javaName() });
applyConnectionSpec(tlsSpec, sslSocket, false);
if (platform.isAndroid()) {
// https://developer.android.com/reference/javax/net/ssl/SSLSocket
Integer sdkVersion = platform.androidSdkVersion();
if (sdkVersion != null && sdkVersion >= 29) {
assertThat(sslSocket.getEnabledCipherSuites()).containsExactly(CipherSuite.TLS_AES_128_GCM_SHA256.javaName(), CipherSuite.TLS_AES_256_GCM_SHA384.javaName(), CipherSuite.TLS_CHACHA20_POLY1305_SHA256.javaName(), CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256.javaName(), CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA.javaName());
} else {
assertThat(sslSocket.getEnabledCipherSuites()).containsExactly(CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256.javaName(), CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA.javaName());
}
} else {
assertThat(sslSocket.getEnabledCipherSuites()).containsExactly(CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256.javaName(), CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA.javaName());
}
}
Also used :
Internal.applyConnectionSpec(okhttp3.internal.Internal.applyConnectionSpec)
SSLSocket(javax.net.ssl.SSLSocket)
Test(org.junit.jupiter.api.Test)
Example 27 with ConnectionSpec
use of okhttp3.ConnectionSpec in project okhttp by square.
the class ConnectionSpecTest method allEnabledToString.
@Test
public void allEnabledToString() throws Exception {
ConnectionSpec connectionSpec = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS).allEnabledTlsVersions().allEnabledCipherSuites().build();
assertThat(connectionSpec.toString()).isEqualTo(("ConnectionSpec(cipherSuites=[all enabled], tlsVersions=[all enabled], " + "supportsTlsExtensions=true)"));
}
Also used :
Internal.applyConnectionSpec(okhttp3.internal.Internal.applyConnectionSpec)
Test(org.junit.jupiter.api.Test)
Example 28 with ConnectionSpec
use of okhttp3.ConnectionSpec in project okhttp by square.
the class ConnectionSpecTest method tls_defaultCiphers_withFallbackIndicator.
@Test
public void tls_defaultCiphers_withFallbackIndicator() throws Exception {
platform.assumeNotConscrypt();
platform.assumeNotBouncyCastle();
ConnectionSpec tlsSpec = new ConnectionSpec.Builder(true).tlsVersions(TlsVersion.TLS_1_2).supportsTlsExtensions(false).build();
SSLSocket socket = (SSLSocket) SSLSocketFactory.getDefault().createSocket();
socket.setEnabledCipherSuites(new String[] { CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256.javaName(), CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA.javaName() });
socket.setEnabledProtocols(new String[] { TlsVersion.TLS_1_2.javaName(), TlsVersion.TLS_1_1.javaName() });
assertThat(tlsSpec.isCompatible(socket)).isTrue();
applyConnectionSpec(tlsSpec, socket, true);
assertThat(socket.getEnabledProtocols()).containsExactly(TlsVersion.TLS_1_2.javaName());
List<String> expectedCipherSuites = new ArrayList<>();
expectedCipherSuites.add(CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256.javaName());
expectedCipherSuites.add(CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA.javaName());
if (asList(socket.getSupportedCipherSuites()).contains("TLS_FALLBACK_SCSV")) {
expectedCipherSuites.add("TLS_FALLBACK_SCSV");
}
assertThat(socket.getEnabledCipherSuites()).containsExactlyElementsOf(expectedCipherSuites);
}
Also used :
Internal.applyConnectionSpec(okhttp3.internal.Internal.applyConnectionSpec)
SSLSocket(javax.net.ssl.SSLSocket)
ArrayList(java.util.ArrayList)
Test(org.junit.jupiter.api.Test)
Example 29 with ConnectionSpec
use of okhttp3.ConnectionSpec in project okhttp by square.
the class ConnectionSpecTest method equalsAndHashCode.
@Test
public void equalsAndHashCode() throws Exception {
ConnectionSpec allCipherSuites = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS).allEnabledCipherSuites().build();
ConnectionSpec allTlsVersions = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS).allEnabledTlsVersions().build();
Set<Object> set = new CopyOnWriteArraySet<>();
assertThat(set.add(ConnectionSpec.MODERN_TLS)).isTrue();
assertThat(set.add(ConnectionSpec.COMPATIBLE_TLS)).isTrue();
assertThat(set.add(ConnectionSpec.CLEARTEXT)).isTrue();
assertThat(set.add(allTlsVersions)).isTrue();
assertThat(set.add(allCipherSuites)).isTrue();
allCipherSuites.hashCode();
assertThat(allCipherSuites.equals(null)).isFalse();
assertThat(set.remove(ConnectionSpec.MODERN_TLS)).isTrue();
assertThat(set.remove(ConnectionSpec.COMPATIBLE_TLS)).isTrue();
assertThat(set.remove(ConnectionSpec.CLEARTEXT)).isTrue();
assertThat(set.remove(allTlsVersions)).isTrue();
assertThat(set.remove(allCipherSuites)).isTrue();
assertThat(set).isEmpty();
allTlsVersions.hashCode();
assertThat(allTlsVersions.equals(null)).isFalse();
}
Also used :
Internal.applyConnectionSpec(okhttp3.internal.Internal.applyConnectionSpec)
CopyOnWriteArraySet(java.util.concurrent.CopyOnWriteArraySet)
Test(org.junit.jupiter.api.Test)
Example 30 with ConnectionSpec
use of okhttp3.ConnectionSpec in project okhttp by square.
the class ConnectionSpecTest method tls_missingTlsVersion.
@Test
public void tls_missingTlsVersion() throws Exception {
platform.assumeNotConscrypt();
platform.assumeNotBouncyCastle();
ConnectionSpec tlsSpec = new ConnectionSpec.Builder(true).cipherSuites(CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256).tlsVersions(TlsVersion.TLS_1_2).supportsTlsExtensions(false).build();
SSLSocket socket = (SSLSocket) SSLSocketFactory.getDefault().createSocket();
socket.setEnabledCipherSuites(new String[] { CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256.javaName() });
socket.setEnabledProtocols(new String[] { TlsVersion.TLS_1_2.javaName(), TlsVersion.TLS_1_1.javaName() });
assertThat(tlsSpec.isCompatible(socket)).isTrue();
socket.setEnabledProtocols(new String[] { TlsVersion.TLS_1_1.javaName() });
assertThat(tlsSpec.isCompatible(socket)).isFalse();
}
Also used :
Internal.applyConnectionSpec(okhttp3.internal.Internal.applyConnectionSpec)
SSLSocket(javax.net.ssl.SSLSocket)
Test(org.junit.jupiter.api.Test)
Aggregations
ConnectionSpec (okhttp3.ConnectionSpec)18
Internal.applyConnectionSpec (okhttp3.internal.Internal.applyConnectionSpec)18
Test (org.junit.jupiter.api.Test)18
ArrayList (java.util.ArrayList)11
SSLSocket (javax.net.ssl.SSLSocket)9
X509TrustManager (javax.net.ssl.X509TrustManager)9
OkHttpClient (okhttp3.OkHttpClient)7
SSLSocketFactory (javax.net.ssl.SSLSocketFactory)6
SSLContext (javax.net.ssl.SSLContext)5
TrustManager (javax.net.ssl.TrustManager)5
TrustManagerFactory (javax.net.ssl.TrustManagerFactory)5
IOException (java.io.IOException)4
KeyManagementException (java.security.KeyManagementException)3
KeyStoreException (java.security.KeyStoreException)3
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)3
NonNull (android.support.annotation.NonNull)2
UnknownServiceException (java.net.UnknownServiceException)2
HttpLoggingInterceptor (okhttp3.logging.HttpLoggingInterceptor)2
GsonBuilder (com.google.gson.GsonBuilder)1
FileNotFoundException (java.io.FileNotFoundException)1
