Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/test/javax/net/ssl/TLSv11/GenericBlockCipher.java
38853 views
/*1* Copyright (c) 2010, 2020, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation. Oracle designates this7* particular file as subject to the "Classpath" exception as provided8* by Oracle in the LICENSE file that accompanied this code.9*10* This code is distributed in the hope that it will be useful, but WITHOUT11* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or12* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License13* version 2 for more details (a copy is included in the LICENSE file that14* accompanied this code).15*16* You should have received a copy of the GNU General Public License version17* 2 along with this work; if not, write to the Free Software Foundation,18* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.19*20* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA21* or visit www.oracle.com if you need additional information or have any22* questions.23*/2425/*26* @test27* @bug 487318828* @summary Support TLS 1.129* @library /lib/security30* @run main/othervm GenericBlockCipher31*32* SunJSSE does not support dynamic system properties, no way to re-use33* system properties in samevm/agentvm mode.34*35* @author Xuelei Fan36*/3738import java.io.*;39import java.net.*;40import javax.net.ssl.*;4142public class GenericBlockCipher {4344/*45* =============================================================46* Set the various variables needed for the tests, then47* specify what tests to run on each side.48*/4950/*51* Should we run the client or server in a separate thread?52* Both sides can throw exceptions, but do you have a preference53* as to which side should be the main thread.54*/55static boolean separateServerThread = false;5657/*58* Where do we find the keystores?59*/60static String pathToStores = "../etc";61static String keyStoreFile = "keystore";62static String trustStoreFile = "truststore";63static String passwd = "passphrase";6465/*66* Is the server ready to serve?67*/68volatile static boolean serverReady = false;6970/*71* Turn on SSL debugging?72*/73static boolean debug = false;7475/*76* If the client or server is doing some kind of object creation77* that the other side depends on, and that thread prematurely78* exits, you may experience a hang. The test harness will79* terminate all hung threads after its timeout has expired,80* currently 3 minutes by default, but you might try to be81* smart about it....82*/8384/*85* Define the server side of the test.86*87* If the server prematurely exits, serverReady will be set to true88* to avoid infinite hangs.89*/90void doServerSide() throws Exception {91SSLServerSocketFactory sslssf =92(SSLServerSocketFactory) SSLServerSocketFactory.getDefault();93SSLServerSocket sslServerSocket =94(SSLServerSocket) sslssf.createServerSocket(serverPort);9596serverPort = sslServerSocket.getLocalPort();9798/*99* Signal Client, we're ready for his connect.100*/101serverReady = true;102103SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();104InputStream sslIS = sslSocket.getInputStream();105OutputStream sslOS = sslSocket.getOutputStream();106107sslIS.read();108sslOS.write('A');109sslOS.flush();110111sslSocket.close();112}113114/*115* Define the client side of the test.116*117* If the server prematurely exits, serverReady will be set to true118* to avoid infinite hangs.119*/120void doClientSide() throws Exception {121122/*123* Wait for server to get started.124*/125while (!serverReady) {126Thread.sleep(50);127}128129SSLSocketFactory sslsf =130(SSLSocketFactory) SSLSocketFactory.getDefault();131SSLSocket sslSocket = (SSLSocket)132sslsf.createSocket("localhost", serverPort);133134// enable TLSv1.1 only135sslSocket.setEnabledProtocols(new String[] {"TLSv1.1"});136137// enable a block cipher138sslSocket.setEnabledCipherSuites(139new String[] {"TLS_RSA_WITH_AES_128_CBC_SHA"});140141InputStream sslIS = sslSocket.getInputStream();142OutputStream sslOS = sslSocket.getOutputStream();143144sslOS.write('B');145sslOS.flush();146sslIS.read();147148sslSocket.close();149}150151/*152* =============================================================153* The remainder is just support stuff154*/155156// use any free port by default157volatile int serverPort = 0;158159volatile Exception serverException = null;160volatile Exception clientException = null;161162public static void main(String[] args) throws Exception {163// Re-enable TLSv1.1 since test depends on it.164SecurityUtils.removeFromDisabledTlsAlgs("TLSv1.1");165166String keyFilename =167System.getProperty("test.src", ".") + "/" + pathToStores +168"/" + keyStoreFile;169String trustFilename =170System.getProperty("test.src", ".") + "/" + pathToStores +171"/" + trustStoreFile;172173System.setProperty("javax.net.ssl.keyStore", keyFilename);174System.setProperty("javax.net.ssl.keyStorePassword", passwd);175System.setProperty("javax.net.ssl.trustStore", trustFilename);176System.setProperty("javax.net.ssl.trustStorePassword", passwd);177178if (debug)179System.setProperty("javax.net.debug", "all");180181/*182* Start the tests.183*/184new GenericBlockCipher();185}186187Thread clientThread = null;188Thread serverThread = null;189190/*191* Primary constructor, used to drive remainder of the test.192*193* Fork off the other side, then do your work.194*/195GenericBlockCipher() throws Exception {196try {197if (separateServerThread) {198startServer(true);199startClient(false);200} else {201startClient(true);202startServer(false);203}204} catch (Exception e) {205// swallow for now. Show later206}207208/*209* Wait for other side to close down.210*/211if (separateServerThread) {212serverThread.join();213} else {214clientThread.join();215}216217/*218* When we get here, the test is pretty much over.219* Which side threw the error?220*/221Exception local;222Exception remote;223String whichRemote;224225if (separateServerThread) {226remote = serverException;227local = clientException;228whichRemote = "server";229} else {230remote = clientException;231local = serverException;232whichRemote = "client";233}234235/*236* If both failed, return the curthread's exception, but also237* print the remote side Exception238*/239if ((local != null) && (remote != null)) {240System.out.println(whichRemote + " also threw:");241remote.printStackTrace();242System.out.println();243throw local;244}245246if (remote != null) {247throw remote;248}249250if (local != null) {251throw local;252}253}254255void startServer(boolean newThread) throws Exception {256if (newThread) {257serverThread = new Thread() {258public void run() {259try {260doServerSide();261} catch (Exception e) {262/*263* Our server thread just died.264*265* Release the client, if not active already...266*/267System.err.println("Server died...");268serverReady = true;269serverException = e;270}271}272};273serverThread.start();274} else {275try {276doServerSide();277} catch (Exception e) {278serverException = e;279} finally {280serverReady = true;281}282}283}284285void startClient(boolean newThread) throws Exception {286if (newThread) {287clientThread = new Thread() {288public void run() {289try {290doClientSide();291} catch (Exception e) {292/*293* Our client thread just died.294*/295System.err.println("Client died...");296clientException = e;297}298}299};300clientThread.start();301} else {302try {303doClientSide();304} catch (Exception e) {305clientException = e;306}307}308}309}310311312