Example 16 with HeldCertificate
use of okhttp3.tls.HeldCertificate in project okhttp by square.
the class ClientAuthTest method buildClient.
private OkHttpClient buildClient(HeldCertificate heldCertificate, X509Certificate... intermediates) {
HandshakeCertificates.Builder builder = new HandshakeCertificates.Builder().addTrustedCertificate(serverRootCa.certificate());
if (heldCertificate != null) {
builder.heldCertificate(heldCertificate, intermediates);
}
HandshakeCertificates handshakeCertificates = builder.build();
return clientTestRule.newClientBuilder().sslSocketFactory(handshakeCertificates.sslSocketFactory(), handshakeCertificates.trustManager()).build();
}
Also used :
HandshakeCertificates(okhttp3.tls.HandshakeCertificates)
Example 17 with HeldCertificate
use of okhttp3.tls.HeldCertificate in project okhttp by square.
the class CertificatePinnerTest method sameKeypairSamePin.
/**
* Multiple certificates generated from the same keypair have the same pin.
*/
@Test
public void sameKeypairSamePin() throws Exception {
HeldCertificate heldCertificateA2 = new HeldCertificate.Builder().keyPair(certA1.keyPair()).serialNumber(101L).build();
String keypairACertificate2Pin = CertificatePinner.pin(heldCertificateA2.certificate());
HeldCertificate heldCertificateB2 = new HeldCertificate.Builder().keyPair(certB1.keyPair()).serialNumber(201L).build();
String keypairBCertificate2Pin = CertificatePinner.pin(heldCertificateB2.certificate());
assertThat(keypairACertificate2Pin).isEqualTo(certA1Sha256Pin);
assertThat(keypairBCertificate2Pin).isEqualTo(certB1Sha256Pin);
assertThat(certB1Sha256Pin).isNotEqualTo(certA1Sha256Pin);
}
Also used :
HeldCertificate(okhttp3.tls.HeldCertificate)
Test(org.junit.jupiter.api.Test)
Example 18 with HeldCertificate
use of okhttp3.tls.HeldCertificate in project okhttp by square.
the class CertificateChainCleanerTest method unorderedChainOfCertificatesWithoutRoot.
@Test
public void unorderedChainOfCertificatesWithoutRoot() throws Exception {
HeldCertificate root = new HeldCertificate.Builder().serialNumber(1L).certificateAuthority(2).build();
HeldCertificate certA = new HeldCertificate.Builder().serialNumber(2L).certificateAuthority(1).signedBy(root).build();
HeldCertificate certB = new HeldCertificate.Builder().serialNumber(3L).certificateAuthority(0).signedBy(certA).build();
HeldCertificate certC = new HeldCertificate.Builder().serialNumber(4L).signedBy(certB).build();
CertificateChainCleaner cleaner = CertificateChainCleaner.Companion.get(root.certificate());
assertThat(cleaner.clean(list(certC, certA, certB), "hostname")).isEqualTo(list(certC, certB, certA, root));
}
Also used :
HeldCertificate(okhttp3.tls.HeldCertificate)
CertificateChainCleaner(okhttp3.internal.tls.CertificateChainCleaner)
Test(org.junit.jupiter.api.Test)
Example 19 with HeldCertificate
use of okhttp3.tls.HeldCertificate in project okhttp by square.
the class CertificateChainCleanerTest method chainMaxLength.
@Test
public void chainMaxLength() throws Exception {
List<HeldCertificate> heldCertificates = chainOfLength(10);
List<Certificate> certificates = new ArrayList<>();
for (HeldCertificate heldCertificate : heldCertificates) {
certificates.add(heldCertificate.certificate());
}
X509Certificate root = heldCertificates.get(heldCertificates.size() - 1).certificate();
CertificateChainCleaner cleaner = CertificateChainCleaner.Companion.get(root);
assertThat(cleaner.clean(certificates, "hostname")).isEqualTo(certificates);
assertThat(cleaner.clean(certificates.subList(0, 9), "hostname")).isEqualTo(certificates);
}
Also used :
HeldCertificate(okhttp3.tls.HeldCertificate)
ArrayList(java.util.ArrayList)
X509Certificate(java.security.cert.X509Certificate)
CertificateChainCleaner(okhttp3.internal.tls.CertificateChainCleaner)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
HeldCertificate(okhttp3.tls.HeldCertificate)
Test(org.junit.jupiter.api.Test)
Example 20 with HeldCertificate
use of okhttp3.tls.HeldCertificate in project okhttp by square.
the class CertificateChainCleanerTest method unrelatedCertificatesAreOmitted.
@Test
public void unrelatedCertificatesAreOmitted() throws Exception {
HeldCertificate root = new HeldCertificate.Builder().serialNumber(1L).certificateAuthority(1).build();
HeldCertificate certA = new HeldCertificate.Builder().serialNumber(2L).certificateAuthority(0).signedBy(root).build();
HeldCertificate certB = new HeldCertificate.Builder().serialNumber(3L).signedBy(certA).build();
HeldCertificate certUnnecessary = new HeldCertificate.Builder().serialNumber(4L).build();
CertificateChainCleaner cleaner = CertificateChainCleaner.Companion.get(root.certificate());
assertThat(cleaner.clean(list(certB, certUnnecessary, certA, root), "hostname")).isEqualTo(list(certB, certA, root));
}
Also used :
HeldCertificate(okhttp3.tls.HeldCertificate)
CertificateChainCleaner(okhttp3.internal.tls.CertificateChainCleaner)
Test(org.junit.jupiter.api.Test)
Aggregations
HeldCertificate (okhttp3.tls.HeldCertificate)25
Test (org.junit.jupiter.api.Test)23
HandshakeCertificates (okhttp3.tls.HandshakeCertificates)12
CertificateChainCleaner (okhttp3.internal.tls.CertificateChainCleaner)11
Call (okhttp3.Call)9
OkHttpClient (okhttp3.OkHttpClient)9
RecordingHostnameVerifier (okhttp3.RecordingHostnameVerifier)9
Request (okhttp3.Request)9
MockResponse (mockwebserver3.MockResponse)7
CertificatePinner (okhttp3.CertificatePinner)7
Response (okhttp3.Response)6
SSLPeerUnverifiedException (javax.net.ssl.SSLPeerUnverifiedException)5
SSLHandshakeException (javax.net.ssl.SSLHandshakeException)4
SSLSocketFactory (javax.net.ssl.SSLSocketFactory)3
BufferedReader (java.io.BufferedReader)2
InputStreamReader (java.io.InputStreamReader)2
Certificate (java.security.cert.Certificate)2
X509Certificate (java.security.cert.X509Certificate)2
ArrayList (java.util.ArrayList)2
HttpsURLConnection (javax.net.ssl.HttpsURLConnection)2
