Add an option to Android interop test, to configure TLS protocol on SSLCertificateSocketFactory directly.

Xudong Ma · Xudong Ma · commit 1b3f9a3cde9e · 2015-07-06T11:11:38.000-07:00
This is how our current internal users configure the TLS protocol, with this option, we can test and verify future changes will not break internal users.
diff --git a/android-interop-testing/app/src/main/java/io/grpc/android/integrationtest/InteropTester.java b/android-interop-testing/app/src/main/java/io/grpc/android/integrationtest/InteropTester.java
@@ -33,6 +33,7 @@
 
 import com.google.protobuf.nano.MessageNano;
 
+import android.net.SSLCertificateSocketFactory;
 import android.os.AsyncTask;
 import android.support.annotation.Nullable;
 import android.util.Log;
@@ -47,6 +48,7 @@
 import java.io.InputStream;
 import java.io.PrintWriter;
 import java.io.StringWriter;
+import java.lang.reflect.Method;
 import java.security.KeyStore;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;
@@ -79,6 +81,7 @@ public InteropTester(String testCase,
       @Nullable String serverHostOverride,
       boolean useTls,
       @Nullable InputStream testCa,
+      @Nullable String androidSocketFactoryTls,
       TestListener listener) {
     this.testCase = testCase;
     this.listener = listener;
@@ -90,7 +93,13 @@ public InteropTester(String testCase,
     }
     if (useTls) {
       try {
-        channelBuilder.sslSocketFactory(getSslSocketFactory(testCa));
+        SSLSocketFactory factory;
+        if (androidSocketFactoryTls != null) {
+          factory = getSslCertificateSocketFactory(testCa, androidSocketFactoryTls);
+        } else {
+          factory = getSslSocketFactory(testCa);
+        }
+        channelBuilder.sslSocketFactory(factory);
       } catch (Exception e) {
         throw new RuntimeException(e);
       }
@@ -327,6 +336,39 @@ private SSLSocketFactory getSslSocketFactory(@Nullable InputStream testCa) throw
     if (testCa == null) {
       return (SSLSocketFactory) SSLSocketFactory.getDefault();
     }
+
+    SSLContext context = SSLContext.getInstance("TLS");
+    context.init(null, getTrustManagers(testCa) , null);
+    return context.getSocketFactory();
+  }
+
+  private SSLCertificateSocketFactory getSslCertificateSocketFactory(
+      @Nullable InputStream testCa, String androidSocketFatoryTls) throws Exception {
+    SSLCertificateSocketFactory factory = (SSLCertificateSocketFactory)
+        SSLCertificateSocketFactory.getDefault(5000 /* Timeout in ms*/);
+    // Use HTTP/2.0
+    byte[] h2 = "h2".getBytes();
+    byte[][] protocols = new byte[][]{h2};
+    if (androidSocketFatoryTls.equals("alpn")) {
+      Method setAlpnProtocols =
+          factory.getClass().getDeclaredMethod("setAlpnProtocols", byte[][].class);
+      setAlpnProtocols.invoke(factory, new Object[] { protocols });
+    } else if (androidSocketFatoryTls.equals("npn")) {
+      Method setNpnProtocols =
+          factory.getClass().getDeclaredMethod("setNpnProtocols", byte[][].class);
+      setNpnProtocols.invoke(factory, new Object[]{protocols});
+    } else {
+      throw new RuntimeException("Unknown protocol: " + androidSocketFatoryTls);
+    }
+
+    if (testCa != null) {
+      factory.setTrustManagers(getTrustManagers(testCa));
+    }
+
+    return factory;
+  }
+
+  private TrustManager[] getTrustManagers(InputStream testCa) throws Exception {
     KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
     ks.load(null);
     CertificateFactory cf = CertificateFactory.getInstance("X.509");
@@ -337,9 +379,7 @@ private SSLSocketFactory getSslSocketFactory(@Nullable InputStream testCa) throw
     TrustManagerFactory trustManagerFactory =
         TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
     trustManagerFactory.init(ks);
-    SSLContext context = SSLContext.getInstance("TLS");
-    context.init(null, trustManagerFactory.getTrustManagers() , null);
-    return context.getSocketFactory();
+    return trustManagerFactory.getTrustManagers();
   }
 
   public interface TestListener {
diff --git a/android-interop-testing/app/src/main/java/io/grpc/android/integrationtest/TesterActivity.java b/android-interop-testing/app/src/main/java/io/grpc/android/integrationtest/TesterActivity.java
@@ -112,7 +112,7 @@ private void startTest(String testCase) {
 
     // TODO (madongfly) support server_host_override, useTls and useTestCa in the App UI.
     new InteropTester(testCase, host, port, "foo.test.google.fr", true,
-        getResources().openRawResource(R.raw.ca),
+        getResources().openRawResource(R.raw.ca), null,
         new InteropTester.TestListener() {
       @Override public void onPreTest() {
         resultText.setText("Testing...");
diff --git a/android-interop-testing/app/src/main/java/io/grpc/android/integrationtest/TesterInstrumentation.java b/android-interop-testing/app/src/main/java/io/grpc/android/integrationtest/TesterInstrumentation.java
@@ -52,6 +52,7 @@ public class TesterInstrumentation extends Instrumentation {
   private String serverHostOverride;
   private boolean useTls;
   private boolean useTestCa;
+  private String androidSocketFactoryTls;
 
   @Override
   public void onCreate(Bundle args) {
@@ -63,6 +64,7 @@ public void onCreate(Bundle args) {
     serverHostOverride = args.getString("server_host_override", null);
     useTls = Boolean.parseBoolean(args.getString("use_tls", "true"));
     useTestCa = Boolean.parseBoolean(args.getString("use_test_ca", "false"));
+    androidSocketFactoryTls = args.getString("android_socket_factory_tls", null);
 
     InputStream testCa = null;
     if (useTestCa) {
@@ -84,6 +86,7 @@ public void onCreate(Bundle args) {
     }
 
     new InteropTester(testCase, host, port, serverHostOverride, useTls, testCa,
+        androidSocketFactoryTls,
         new InteropTester.TestListener() {
           @Override
           public void onPreTest() {
@@ -99,6 +102,7 @@ public void onPostTest(String result) {
               finish(1, bundle);
             }
           }
-        }).execute();
+        }
+    ).execute();
   }
 }

Original file line number	Diff line number	Diff line change
`@@ -52,6 +52,7 @@ public class TesterInstrumentation extends Instrumentation {`
`52`	`52`	`private String serverHostOverride;`
`53`	`53`	`private boolean useTls;`
`54`	`54`	`private boolean useTestCa;`
	`55`	`+ private String androidSocketFactoryTls;`
`55`	`56`
`56`	`57`	`@Override`
`57`	`58`	`public void onCreate(Bundle args) {`
`@@ -63,6 +64,7 @@ public void onCreate(Bundle args) {`
`63`	`64`	`serverHostOverride = args.getString("server_host_override", null);`
`64`	`65`	`useTls = Boolean.parseBoolean(args.getString("use_tls", "true"));`
`65`	`66`	`useTestCa = Boolean.parseBoolean(args.getString("use_test_ca", "false"));`
	`67`	`+ androidSocketFactoryTls = args.getString("android_socket_factory_tls", null);`
`66`	`68`
`67`	`69`	`InputStream testCa = null;`
`68`	`70`	`if (useTestCa) {`
`@@ -84,6 +86,7 @@ public void onCreate(Bundle args) {`
`84`	`86`	`}`
`85`	`87`
`86`	`88`	`new InteropTester(testCase, host, port, serverHostOverride, useTls, testCa,`
	`89`	`+ androidSocketFactoryTls,`
`87`	`90`	`new InteropTester.TestListener() {`
`88`	`91`	`@Override`
`89`	`92`	`public void onPreTest() {`
`@@ -99,6 +102,7 @@ public void onPostTest(String result) {`
`99`	`102`	`finish(1, bundle);`
`100`	`103`	`}`
`101`	`104`	`}`
`102`		`- }).execute();`
	`105`	`+ }`
	`106`	`+ ).execute();`
`103`	`107`	`}`
`104`	`108`	`}`