My favorites | Sign in
Project Home Issues
New issue   Search
for
  Advanced search   Search tips   Subscriptions
Issue 39205: [CTS 4.1 r1] org.apache.harmony.xnet.provider.jsse.NativeCryptoTest failed
2 people starred this issue and may be notified of changes. Back to list
 
Reported by nick2...@gmail.com, Nov 2, 2012
Hello,

I have a dev device which is platform 4.1.2(JZO54K), like Nexus S.

I have below failure of 3 test cases in CTS 4.1 r1 after applying security patch; CVE-2012-3977.
-	org.apache.harmony.xnet.provider.jsse.NativeCryptoTest#test_SSL_SESSION_compress_meth_NULL
-	org.apache.harmony.xnet.provider.jsse.NativeCryptoTest#test_SSL_SESSION_compress_meth_ZLIB
-	org.apache.harmony.xnet.provider.jsse.NativeCryptoTest#test_SSL_SESSION_compress_meth_null

However, Nexus S got passed.
Did you apply CVE-2012-3977 on Nexus S(platform 4.1.2)?
It this right operation on Our device with failures above?
Do I miss something?

Thank you.

Nov 2, 2012
Project Member #1 e...@google.com
(No comment was entered for this change.)
Owner: b...@google.com
Cc: btm...@android.com e...@google.com
Nov 2, 2012
Project Member #2 b...@google.com
I think this a known issue after the below libcore change and will be waived:

commit 7695a9b3261bfee3a810e0829bd8082fe1fcb6a4
Author: Brian Carlstrom <bdc@google.com>
Date:   Wed Aug 29 15:56:56 2012 -0700

    Disable SSL compression

    Bug: 7079965

    Change-Id: I8e060a827613e212bbcced66507fbf124bb04543


Owner: btm...@android.com
Cc: -btm...@android.com b...@google.com
Dec 7, 2012
#3 shangmu0...@gmail.com
I rollback the CTS "Disable SSL compression" patch,the 3 test items will pass,
but the result about 
"org.apache.harmony.xnet.provider.jsse.NativeCryptoTest#test_SSL_SESSION_compress_meth_ZLIB" test case will be fail,anyone can help to pass it? 
Dec 7, 2012
Project Member #4 b...@google.com
The same change that disabled compression fixed the tests. It seems like you need a newer version of CTS. I don't know anything about delivering that to you.
Dec 9, 2012
#5 shangmu0...@gmail.com
I'm sorry,i state the misinformation,
In the Android Compatibility Downloads page,the "Android 4.1 R1 Compatibility Test Suite (CTS)" is for Android 4.1.1
But our dev device which is platform 4.1.2.
we rollback the CTS "Disable SSL compression" patch,the 2 test items about "test_SSL_SESSION_compress_meth_NULL" and 
"test_SSL_SESSION_compress_meth_null" will pass,but the test case "test_SSL_SESSION_compress_meth_ZLIB" still fail,
the detail failure log as below

I TestRunner: started: test_SSL_SESSION_compress_meth_ZLIB(org.apache.harmony.xnet.provider.jsse.NativeCryptoTest)
I TestRunner: failed: test_SSL_SESSION_compress_meth_ZLIB(org.apache.harmony.xnet.provider.jsse.NativeCryptoTest)
I TestRunner: ----- begin exception -----

I TestRunner: 
I TestRunner: java.util.concurrent.ExecutionException: junit.framework.ComparisonFailure: expected:<[ZLIB]> but was:<[NULL]>
I TestRunner: 	at java.util.concurrent.FutureTask$Sync.innerGet(FutureTask.java:233)
I TestRunner: 	at java.util.concurrent.FutureTask.get(FutureTask.java:90)
I TestRunner: 	at org.apache.harmony.xnet.provider.jsse.NativeCryptoTest.test_SSL_SESSION_compress_meth_ZLIB(NativeCryptoTest.java:1697)
I TestRunner: 	at java.lang.reflect.Method.invokeNative(Native Method)
I TestRunner: 	at java.lang.reflect.Method.invoke(Method.java:511)
I TestRunner: 	at junit.framework.TestCase.runTest(TestCase.java:168)
I TestRunner: 	at junit.framework.TestCase.runBare(TestCase.java:134)
I TestRunner: 	at junit.framework.TestResult$1.protect(TestResult.java:115)
I TestRunner: 	at junit.framework.TestResult.runProtected(TestResult.java:133)
I TestRunner: 	at junit.framework.TestResult.run(TestResult.java:118)
I TestRunner: 	at junit.framework.TestCase.run(TestCase.java:124)
I TestRunner: 	at android.test.AndroidTestRunner.runTest(AndroidTestRunner.java:190)
I TestRunner: 	at android.test.AndroidTestRunner.runTest(AndroidTestRunner.java:175)
I TestRunner: 	at android.test.InstrumentationTestRunner.onStart(InstrumentationTestRunner.java:555)
I TestRunner: 	at android.app.Instrumentation$InstrumentationThread.run(Instrumentation.java:1584)
I TestRunner: Caused by: junit.framework.ComparisonFailure: expected:<[ZLIB]> but was:<[NULL]>
I TestRunner: 	at junit.framework.Assert.assertEquals(Assert.java:85)
I TestRunner: 	at junit.framework.Assert.assertEquals(Assert.java:91)
I TestRunner: 	at org.apache.harmony.xnet.provider.jsse.NativeCryptoTest$33.afterHandshake(NativeCryptoTest.java:1683)
I TestRunner: 	at org.apache.harmony.xnet.provider.jsse.NativeCryptoTest$1.call(NativeCryptoTest.java:608)
I TestRunner: 	at org.apache.harmony.xnet.provider.jsse.NativeCryptoTest$1.call(NativeCryptoTest.java:579)
I TestRunner: 	at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:305)
I TestRunner: 	at java.util.concurrent.FutureTask.run(FutureTask.java:137)
I TestRunner: 	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1076)
I TestRunner: 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:569)
I TestRunner: 	at java.lang.Thread.run(Thread.java:856)
I TestRunner: ----- end exception -----

I TestRunner: finished: test_SSL_SESSION_compress_meth_ZLIB(org.apache.harmony.xnet.provider.jsse.NativeCryptoTest)

anyone can help us?Thanks a lot..
Dec 10, 2012
#6 tcl1...@gmail.com
What is CVE-2012-3977?
Where to find the patch?
How to rollback?
Thanks.

Dec 10, 2012
Project Member #7 b...@google.com
"What is CVE-2012-3977?"

Did you try googling it? It is the "CRIME" attack.

"Where to find the patch?"

This is the patch:

commit 7695a9b3261bfee3a810e0829bd8082fe1fcb6a4
Author: Brian Carlstrom <bdc@google.com>
Date:   Wed Aug 29 15:56:56 2012 -0700

    Disable SSL compression

    Bug: 7079965

    Change-Id: I8e060a827613e212bbcced66507fbf124bb04543

"How to rollback?"

Rollback what? You shouldn't rollback the patch. It is a security fix. You should get a newer CTS that removes the problematic tests, or just submit results with the known issues and get a waiver possibly. 
Jun 18, 2013
#8 jbq@android.com
(No comment was entered for this change.)
Status: Assigned
Sign in to add a comment

Powered by Google Project Hosting