moparisthebest/k-9
1
0
Fork 0
mirror of https://github.com/moparisthebest/k-9 synced 2025-02-11 12:40:22 -05:00
Code Issues Releases Wiki Activity

Add test to make sure we don't check the wrong certificates

Browse Source 
Right now we happily accept every certificate in our local key store as long as
the hostname matches the certificate DN. So this test fails.
It's not a huge deal since the user accepted the certificate at one point. But we
want to do this right.
This commit is contained in:
cketti 2013-11-29 11:39:04 +01:00
parent 9cc98bcd33
commit 07e4eb9042
1 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
tests/src/com/fsck/k9/mail/store/TrustManagerFactoryTest.java
View File

@ -115,6 +115,21 @@ public class TrustManagerFactoryTest extends AndroidTestCase {
assertFalse("The certificate should have been rejected but wasn't", certificateValid); assertFalse("The certificate should have been rejected but wasn't", certificateValid);
} }
public void testCertificateOfOtherHost() throws Exception {
TrustManagerFactory.addCertificate(MATCHING_HOST, PORT1, mCert1);
TrustManagerFactory.addCertificate(MATCHING_HOST, PORT2, mCert2);
X509TrustManager trustManager = TrustManagerFactory.get(MATCHING_HOST, PORT1, true);
boolean certificateValid;
try {
trustManager.checkServerTrusted(new X509Certificate[] { mCert2 }, "authType");
certificateValid = true;
} catch (CertificateException e) {
certificateValid = false;
}
assertFalse("The certificate should have been rejected but wasn't", certificateValid);
}
private static class DummyApplication extends Application { private static class DummyApplication extends Application {
private final Context mContext; private final Context mContext;