Add addPublicKeyPins test
Bug: 273626875
Test: atest -b
Change-Id: I7919e68cc44e74ab7c7978895cb2875c90ee308f
diff --git a/Cronet/tests/cts/src/android/net/http/cts/HttpEngineTest.java b/Cronet/tests/cts/src/android/net/http/cts/HttpEngineTest.java
index 78ba71e..ddeca7f 100644
--- a/Cronet/tests/cts/src/android/net/http/cts/HttpEngineTest.java
+++ b/Cronet/tests/cts/src/android/net/http/cts/HttpEngineTest.java
@@ -26,6 +26,7 @@
import static org.hamcrest.Matchers.containsString;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
import android.content.Context;
@@ -49,6 +50,11 @@
import org.junit.runner.RunWith;
import org.mockito.Mockito;
+import java.time.Instant;
+import java.util.Arrays;
+import java.util.Calendar;
+import java.util.Set;
+
@RunWith(AndroidJUnit4.class)
public class HttpEngineTest {
private static final String HOST = "source.android.com";
@@ -182,6 +188,38 @@
// server.
}
+ private byte[] generateSha256() {
+ byte[] sha256 = new byte[32];
+ Arrays.fill(sha256, (byte) 58);
+ return sha256;
+ }
+
+ private Instant instantInFuture(int secondsIntoFuture) {
+ Calendar cal = Calendar.getInstance();
+ cal.add(Calendar.SECOND, secondsIntoFuture);
+ return cal.getTime().toInstant();
+ }
+
+ @Test
+ public void testHttpEngine_AddPublicKeyPins() {
+ // CtsTestServer, when set in SslMode.NO_CLIENT_AUTH (required to trigger
+ // certificate verification, needed by this test), uses a certificate that
+ // doesn't match the hostname. For this reason, CtsTestServer cannot be used
+ // by this test.
+ Instant expirationInstant = instantInFuture(/* secondsIntoFuture */ 100);
+ boolean includeSubdomains = true;
+ Set<byte[]> pinsSha256 = Set.of(generateSha256());
+ mEngine = mEngineBuilder.addPublicKeyPins(
+ HOST, pinsSha256, includeSubdomains, expirationInstant).build();
+
+ UrlRequest.Builder builder =
+ mEngine.newUrlRequestBuilder(URL, mCallback.getExecutor(), mCallback);
+ mRequest = builder.build();
+ mRequest.start();
+ mCallback.expectCallback(ResponseStep.ON_FAILED);
+ assertNotNull("Expected an error", mCallback.mError);
+ }
+
@Test
public void testHttpEngine_EnableQuic() throws Exception {
mEngine = mEngineBuilder.setEnableQuic(true).addQuicHint(HOST, 443, 443).build();