Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/test/javax/net/ssl/TLSv11/ExportableBlockCipher.java
38853 views
/*1* Copyright (c) 2010, 2016, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation. Oracle designates this7* particular file as subject to the "Classpath" exception as provided8* by Oracle in the LICENSE file that accompanied this code.9*10* This code is distributed in the hope that it will be useful, but WITHOUT11* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or12* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License13* version 2 for more details (a copy is included in the LICENSE file that14* accompanied this code).15*16* You should have received a copy of the GNU General Public License version17* 2 along with this work; if not, write to the Free Software Foundation,18* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.19*20* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA21* or visit www.oracle.com if you need additional information or have any22* questions.23*/2425//26// SunJSSE does not support dynamic system properties, no way to re-use27// system properties in samevm/agentvm mode.28//2930/*31* @test32* @bug 487318833* @summary Support TLS 1.134* @run main/othervm ExportableBlockCipher35* @author Xuelei Fan36*/3738import java.io.IOException;39import java.io.InputStream;40import java.io.OutputStream;41import javax.net.ssl.SSLException;42import javax.net.ssl.SSLHandshakeException;43import javax.net.ssl.SSLServerSocket;44import javax.net.ssl.SSLServerSocketFactory;45import javax.net.ssl.SSLSocket;46import javax.net.ssl.SSLSocketFactory;4748public class ExportableBlockCipher {4950/*51* =============================================================52* Set the various variables needed for the tests, then53* specify what tests to run on each side.54*/5556/*57* Should we run the client or server in a separate thread?58* Both sides can throw exceptions, but do you have a preference59* as to which side should be the main thread.60*/61static boolean separateServerThread = false;6263/*64* Where do we find the keystores?65*/66static String pathToStores = "../etc";67static String keyStoreFile = "keystore";68static String trustStoreFile = "truststore";69static String passwd = "passphrase";7071/*72* Is the server ready to serve?73*/74volatile static boolean serverReady = false;7576/*77* Turn on SSL debugging?78*/79static boolean debug = false;8081/*82* If the client or server is doing some kind of object creation83* that the other side depends on, and that thread prematurely84* exits, you may experience a hang. The test harness will85* terminate all hung threads after its timeout has expired,86* currently 3 minutes by default, but you might try to be87* smart about it....88*/8990/*91* Define the server side of the test.92*93* If the server prematurely exits, serverReady will be set to true94* to avoid infinite hangs.95*/96void doServerSide() throws Exception {97SSLServerSocketFactory sslssf =98(SSLServerSocketFactory) SSLServerSocketFactory.getDefault();99SSLServerSocket sslServerSocket =100(SSLServerSocket) sslssf.createServerSocket(serverPort);101102serverPort = sslServerSocket.getLocalPort();103104/*105* Signal Client, we're ready for his connect.106*/107serverReady = true;108109SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();110InputStream sslIS = sslSocket.getInputStream();111OutputStream sslOS = sslSocket.getOutputStream();112113boolean interrupted = false;114try {115sslIS.read();116sslOS.write('A');117sslOS.flush();118} catch (IOException ioe) {119// get the expected exception120interrupted = true;121} finally {122sslSocket.close();123}124125if (!interrupted) {126throw new SSLHandshakeException(127"A weak cipher suite is negotiated, " +128"TLSv1.1 must not negotiate the exportable cipher suites.");129}130}131132/*133* Define the client side of the test.134*135* If the server prematurely exits, serverReady will be set to true136* to avoid infinite hangs.137*/138void doClientSide() throws Exception {139140/*141* Wait for server to get started.142*/143while (!serverReady) {144Thread.sleep(50);145}146147SSLSocketFactory sslsf =148(SSLSocketFactory) SSLSocketFactory.getDefault();149SSLSocket sslSocket = (SSLSocket)150sslsf.createSocket("localhost", serverPort);151152// enable TLSv1.1 only153sslSocket.setEnabledProtocols(new String[] {"TLSv1.1"});154155// enable a exportable block cipher156sslSocket.setEnabledCipherSuites(157new String[] {"SSL_RSA_EXPORT_WITH_DES40_CBC_SHA"});158159InputStream sslIS = sslSocket.getInputStream();160OutputStream sslOS = sslSocket.getOutputStream();161162boolean interrupted = false;163try {164sslOS.write('B');165sslOS.flush();166sslIS.read();167} catch (SSLException ssle) {168// get the expected exception169interrupted = true;170} finally {171sslSocket.close();172}173174if (!interrupted) {175throw new SSLHandshakeException(176"A weak cipher suite is negotiated, " +177"TLSv1.1 must not negotiate the exportable cipher suites.");178}179}180181/*182* =============================================================183* The remainder is just support stuff184*/185186// use any free port by default187volatile int serverPort = 0;188189volatile Exception serverException = null;190volatile Exception clientException = null;191192public static void main(String[] args) throws Exception {193String keyFilename =194System.getProperty("test.src", ".") + "/" + pathToStores +195"/" + keyStoreFile;196String trustFilename =197System.getProperty("test.src", ".") + "/" + pathToStores +198"/" + trustStoreFile;199200System.setProperty("javax.net.ssl.keyStore", keyFilename);201System.setProperty("javax.net.ssl.keyStorePassword", passwd);202System.setProperty("javax.net.ssl.trustStore", trustFilename);203System.setProperty("javax.net.ssl.trustStorePassword", passwd);204205if (debug)206System.setProperty("javax.net.debug", "all");207208/*209* Start the tests.210*/211new ExportableBlockCipher();212}213214Thread clientThread = null;215Thread serverThread = null;216217/*218* Primary constructor, used to drive remainder of the test.219*220* Fork off the other side, then do your work.221*/222ExportableBlockCipher() throws Exception {223try {224if (separateServerThread) {225startServer(true);226startClient(false);227} else {228startClient(true);229startServer(false);230}231} catch (Exception e) {232// swallow for now. Show later233}234235/*236* Wait for other side to close down.237*/238if (separateServerThread) {239serverThread.join();240} else {241clientThread.join();242}243244/*245* When we get here, the test is pretty much over.246* Which side threw the error?247*/248Exception local;249Exception remote;250String whichRemote;251252if (separateServerThread) {253remote = serverException;254local = clientException;255whichRemote = "server";256} else {257remote = clientException;258local = serverException;259whichRemote = "client";260}261262/*263* If both failed, return the curthread's exception, but also264* print the remote side Exception265*/266if ((local != null) && (remote != null)) {267System.out.println(whichRemote + " also threw:");268remote.printStackTrace();269System.out.println();270throw local;271}272273if (remote != null) {274throw remote;275}276277if (local != null) {278throw local;279}280}281282void startServer(boolean newThread) throws Exception {283if (newThread) {284serverThread = new Thread() {285public void run() {286try {287doServerSide();288} catch (Exception e) {289/*290* Our server thread just died.291*292* Release the client, if not active already...293*/294System.err.println("Server died...");295serverReady = true;296serverException = e;297}298}299};300serverThread.start();301} else {302try {303doServerSide();304} catch (Exception e) {305serverException = e;306} finally {307serverReady = true;308}309}310}311312void startClient(boolean newThread) throws Exception {313if (newThread) {314clientThread = new Thread() {315public void run() {316try {317doClientSide();318} catch (Exception e) {319/*320* Our client thread just died.321*/322System.err.println("Client died...");323clientException = e;324}325}326};327clientThread.start();328} else {329try {330doClientSide();331} catch (Exception e) {332clientException = e;333}334}335}336}337338339