1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28 package org.apache.hc.client5.http.ssl;
29
30 import static org.junit.jupiter.api.Assertions.assertEquals;
31 import static org.mockito.Mockito.mock;
32 import static org.mockito.Mockito.when;
33
34 import java.security.cert.X509Certificate;
35
36 import javax.net.ssl.SSLEngine;
37 import javax.net.ssl.SSLParameters;
38 import javax.net.ssl.SSLSession;
39 import javax.security.auth.x500.X500Principal;
40
41 import org.apache.hc.core5.reactor.ssl.SSLBufferMode;
42 import org.apache.hc.core5.reactor.ssl.TlsDetails;
43 import org.apache.hc.core5.ssl.SSLContexts;
44 import org.junit.jupiter.api.Test;
45
46 class AbstractClientTlsStrategyTest {
47
48 @Test
49 void testToEscapedString_withControlCharacters() {
50
51 final X500Principal principal = new X500Principal("CN=Test\b\bName\n,O=TestOrg");
52
53
54 final AbstractClientTlsStrategy tlsStrategy = new AbstractClientTlsStrategy(
55 SSLContexts.createDefault(),
56 null, null, SSLBufferMode.STATIC,
57 HostnameVerificationPolicy.BUILTIN,
58 HttpsSupport.getDefaultHostnameVerifier()) {
59 @Override
60 void applyParameters(final SSLEngine sslEngine, final SSLParameters sslParameters, final String[] appProtocols) {
61
62 }
63
64 @Override
65 TlsDetails createTlsDetails(final SSLEngine sslEngine) {
66 return null;
67 }
68 };
69
70
71 final String escaped = tlsStrategy.toEscapedString(principal);
72
73
74 assertEquals("CN=Test\\x08\\x08Name\\x0a,O=TestOrg", escaped);
75 }
76
77 @Test
78 void testVerifySession_escapedPeerAndIssuer() throws Exception {
79
80 final SSLSession mockSession = mock(SSLSession.class);
81 final X509Certificate mockCert = mock(X509Certificate.class);
82
83
84 final X500Principal peerPrincipal = new X500Principal("CN=Peer\bName,O=PeerOrg");
85 final X500Principal issuerPrincipal = new X500Principal("CN=Issuer\bName,O=IssuerOrg");
86
87 when(mockSession.getPeerCertificates()).thenReturn(new X509Certificate[]{mockCert});
88 when(mockCert.getSubjectX500Principal()).thenReturn(peerPrincipal);
89 when(mockCert.getIssuerX500Principal()).thenReturn(issuerPrincipal);
90
91
92 final AbstractClientTlsStrategy tlsStrategy = new AbstractClientTlsStrategy(
93 SSLContexts.createDefault(),
94 null, null, SSLBufferMode.STATIC,
95 HostnameVerificationPolicy.BUILTIN,
96 HttpsSupport.getDefaultHostnameVerifier()) {
97 @Override
98 void applyParameters(final SSLEngine sslEngine, final SSLParameters sslParameters, final String[] appProtocols) {
99
100 }
101
102 @Override
103 TlsDetails createTlsDetails(final SSLEngine sslEngine) {
104 return null;
105 }
106 };
107
108
109 tlsStrategy.verifySession("localhost", mockSession, null);
110
111 }
112
113
114 }