Merge "Add addPublicKeyPins test" am: d18610d9b1 Original change: https://android-review.googlesource.com/c/platform/packages/modules/Connectivity/+/2497539 Change-Id: I7d2f249a96fa1c9e1a066e25bc1daeec0b1538a5 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

commit: 297d701355dcc48e075b323d65169b081ba4cae2 [log] [tgz]
author: Stefano Duo <stefanoduo@google.com> Tue Mar 21 14:53:13 2023 +0000
committer: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> Tue Mar 21 14:53:13 2023 +0000
tree: 5b143002aa7475afffbaff48001827e457398502
parent: e453de1c2938063859a3429216c2ff77fb46352f [diff]
parent: d18610d9b19488dd5f8a6baf799a1c068592ab17 [diff]
diff --git a/Cronet/tests/cts/src/android/net/http/cts/HttpEngineTest.java b/Cronet/tests/cts/src/android/net/http/cts/HttpEngineTest.java
index a74164e..ed86854 100644
--- a/Cronet/tests/cts/src/android/net/http/cts/HttpEngineTest.java
+++ b/Cronet/tests/cts/src/android/net/http/cts/HttpEngineTest.java

@@ -26,6 +26,7 @@
 import static org.hamcrest.Matchers.containsString;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertTrue;
 
 import android.content.Context;
@@ -49,6 +50,11 @@
 import org.junit.runner.RunWith;
 import org.mockito.Mockito;
 
+import java.time.Instant;
+import java.util.Arrays;
+import java.util.Calendar;
+import java.util.Set;
+
 @RunWith(AndroidJUnit4.class)
 public class HttpEngineTest {
     private static final String HOST = "source.android.com";
@@ -182,6 +188,38 @@
         // server.
     }
 
+    private byte[] generateSha256() {
+        byte[] sha256 = new byte[32];
+        Arrays.fill(sha256, (byte) 58);
+        return sha256;
+    }
+
+    private Instant instantInFuture(int secondsIntoFuture) {
+        Calendar cal = Calendar.getInstance();
+        cal.add(Calendar.SECOND, secondsIntoFuture);
+        return cal.getTime().toInstant();
+    }
+
+    @Test
+    public void testHttpEngine_AddPublicKeyPins() {
+        // CtsTestServer, when set in SslMode.NO_CLIENT_AUTH (required to trigger
+        // certificate verification, needed by this test), uses a certificate that
+        // doesn't match the hostname. For this reason, CtsTestServer cannot be used
+        // by this test.
+        Instant expirationInstant = instantInFuture(/* secondsIntoFuture */ 100);
+        boolean includeSubdomains = true;
+        Set<byte[]> pinsSha256 = Set.of(generateSha256());
+        mEngine = mEngineBuilder.addPublicKeyPins(
+                HOST, pinsSha256, includeSubdomains, expirationInstant).build();
+
+        UrlRequest.Builder builder =
+                mEngine.newUrlRequestBuilder(URL, mCallback.getExecutor(), mCallback);
+        mRequest = builder.build();
+        mRequest.start();
+        mCallback.expectCallback(ResponseStep.ON_FAILED);
+        assertNotNull("Expected an error", mCallback.mError);
+    }
+
     @Test
     public void testHttpEngine_EnableQuic() throws Exception {
         mEngine = mEngineBuilder.setEnableQuic(true).addQuicHint(HOST, 443, 443).build();
commit	297d701355dcc48e075b323d65169b081ba4cae2	[log] [tgz]
author	Stefano Duo <stefanoduo@google.com>	Tue Mar 21 14:53:13 2023 +0000
committer	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	Tue Mar 21 14:53:13 2023 +0000
tree	5b143002aa7475afffbaff48001827e457398502
parent	e453de1c2938063859a3429216c2ff77fb46352f [diff]
parent	d18610d9b19488dd5f8a6baf799a1c068592ab17 [diff]