Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/openjdk-multiarch-jdk8u
 Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/test/javax/net/ssl/sanity/ciphersuites/CipherSuitesInOrder.java
38861 views
1
/*

2
 * Copyright (c) 2012, 2019, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.

8
 *

9
 * This code is distributed in the hope that it will be useful, but WITHOUT

10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

12
 * version 2 for more details (a copy is included in the LICENSE file that

13
 * accompanied this code).

14
 *

15
 * You should have received a copy of the GNU General Public License version

16
 * 2 along with this work; if not, write to the Free Software Foundation,

17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

18
 *

19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

20
 * or visit www.oracle.com if you need additional information or have any

21
 * questions.

22
 */

23


24
//

25
// SunJSSE does not support dynamic system properties, no way to re-use

26
// system properties in samevm/agentvm mode.

27
//

28


29
/*

30
 * @test

31
 * @bug 7174244 8234728

32
 * @summary Test for ciphersuites order

33
 * @run main/othervm CipherSuitesInOrder

34
 */

35


36
import java.util.*;

37
import javax.net.ssl.*;

38


39
public class CipherSuitesInOrder {

40


41
    // Supported ciphersuites

42
    private final static List<String> supportedCipherSuites

43
            = Arrays.<String>asList(

44
        "TLS_AES_128_GCM_SHA256",

45
        "TLS_AES_256_GCM_SHA384",

46
        "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",

47
        "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",

48
        "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",

49
        "TLS_RSA_WITH_AES_256_GCM_SHA384",

50
        "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",

51
        "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",

52
        "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",

53
        "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",

54
        "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",

55
        "TLS_RSA_WITH_AES_128_GCM_SHA256",

56
        "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",

57
        "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",

58
        "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",

59
        "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",

60


61
        "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",

62
        "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",

63
        "TLS_RSA_WITH_AES_256_CBC_SHA256",

64
        "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",

65
        "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",

66
        "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",

67
        "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",

68
        "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",

69
        "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",

70
        "TLS_RSA_WITH_AES_256_CBC_SHA",

71
        "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",

72
        "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",

73
        "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",

74
        "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",

75
        "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",

76
        "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",

77
        "TLS_RSA_WITH_AES_128_CBC_SHA256",

78
        "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",

79
        "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",

80
        "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",

81
        "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",

82
        "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",

83
        "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",

84
        "TLS_RSA_WITH_AES_128_CBC_SHA",

85
        "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",

86
        "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",

87
        "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",

88
        "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",

89


90
        "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA",

91
        "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",

92
        "SSL_RSA_WITH_3DES_EDE_CBC_SHA",

93
        "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA",

94
        "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA",

95
        "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA",

96
        "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA",

97


98
        "TLS_EMPTY_RENEGOTIATION_INFO_SCSV",

99


100
        "TLS_DH_anon_WITH_AES_256_GCM_SHA384",

101
        "TLS_DH_anon_WITH_AES_128_GCM_SHA256",

102


103
        "TLS_DH_anon_WITH_AES_256_CBC_SHA256",

104
        "TLS_ECDH_anon_WITH_AES_256_CBC_SHA",

105
        "TLS_DH_anon_WITH_AES_256_CBC_SHA",

106
        "TLS_DH_anon_WITH_AES_128_CBC_SHA256",

107
        "TLS_ECDH_anon_WITH_AES_128_CBC_SHA",

108
        "TLS_DH_anon_WITH_AES_128_CBC_SHA",

109
        "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA",

110
        "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA",

111


112
        "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",

113
        "TLS_ECDHE_RSA_WITH_RC4_128_SHA",

114
        "SSL_RSA_WITH_RC4_128_SHA",

115
        "TLS_ECDH_ECDSA_WITH_RC4_128_SHA",

116
        "TLS_ECDH_RSA_WITH_RC4_128_SHA",

117
        "SSL_RSA_WITH_RC4_128_MD5",

118
        "TLS_ECDH_anon_WITH_RC4_128_SHA",

119
        "SSL_DH_anon_WITH_RC4_128_MD5",

120


121
        "SSL_RSA_WITH_DES_CBC_SHA",

122
        "SSL_DHE_RSA_WITH_DES_CBC_SHA",

123
        "SSL_DHE_DSS_WITH_DES_CBC_SHA",

124
        "SSL_DH_anon_WITH_DES_CBC_SHA",

125
        "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",

126
        "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",

127
        "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA",

128
        "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA",

129


130
        "SSL_RSA_EXPORT_WITH_RC4_40_MD5",

131
        "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5",

132


133
        "TLS_RSA_WITH_NULL_SHA256",

134
        "TLS_ECDHE_ECDSA_WITH_NULL_SHA",

135
        "TLS_ECDHE_RSA_WITH_NULL_SHA",

136
        "SSL_RSA_WITH_NULL_SHA",

137
        "TLS_ECDH_ECDSA_WITH_NULL_SHA",

138
        "TLS_ECDH_RSA_WITH_NULL_SHA",

139
        "TLS_ECDH_anon_WITH_NULL_SHA",

140
        "SSL_RSA_WITH_NULL_MD5",

141


142
        "TLS_KRB5_WITH_3DES_EDE_CBC_SHA",

143
        "TLS_KRB5_WITH_3DES_EDE_CBC_MD5",

144
        "TLS_KRB5_WITH_RC4_128_SHA",

145
        "TLS_KRB5_WITH_RC4_128_MD5",

146
        "TLS_KRB5_WITH_DES_CBC_SHA",

147
        "TLS_KRB5_WITH_DES_CBC_MD5",

148
        "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA",

149
        "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5",

150
        "TLS_KRB5_EXPORT_WITH_RC4_40_SHA",

151
        "TLS_KRB5_EXPORT_WITH_RC4_40_MD5"

152
    );

153


154
    private final static String[] protocols = {

155
        "", "SSL", "TLS", "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"

156
    };

157


158


159
    public static void main(String[] args) throws Exception {

160
        // show all of the supported cipher suites

161
        showSuites(supportedCipherSuites.toArray(new String[0]),

162
                 "All supported cipher suites");

163


164
        for (String protocol : protocols) {

165
            System.out.println("//");

166
            System.out.println("// "

167
                    + "Testing for SSLContext of " + protocol);

168
            System.out.println("//");

169
            checkForProtocols(protocol);

170
        }

171
    }

172


173
    public static void checkForProtocols(String protocol) throws Exception {

174
        SSLContext context;

175
        if (protocol.isEmpty()) {

176
            context = SSLContext.getDefault();

177
        } else {

178
            context = SSLContext.getInstance(protocol);

179
            context.init(null, null, null);

180
        }

181


182
        // check the order of default cipher suites of SSLContext

183
        SSLParameters parameters = context.getDefaultSSLParameters();

184
        checkSuites(parameters.getCipherSuites(),

185
                "Default cipher suites in SSLContext");

186


187
        // check the order of supported cipher suites of SSLContext

188
        parameters = context.getSupportedSSLParameters();

189
        checkSuites(parameters.getCipherSuites(),

190
                "Supported cipher suites in SSLContext");

191


192
        //

193
        // Check the cipher suites order of SSLEngine

194
        //

195
        SSLEngine engine = context.createSSLEngine();

196


197
        // check the order of endabled cipher suites

198
        String[] ciphers = engine.getEnabledCipherSuites();

199
        checkSuites(ciphers,

200
                "Enabled cipher suites in SSLEngine");

201


202
        // check the order of supported cipher suites

203
        ciphers = engine.getSupportedCipherSuites();

204
        checkSuites(ciphers,

205
                "Supported cipher suites in SSLEngine");

206


207
        //

208
        // Check the cipher suites order of SSLSocket

209
        //

210
        SSLSocketFactory factory = context.getSocketFactory();

211
        try (SSLSocket socket = (SSLSocket) factory.createSocket()) {

212


213
            // check the order of endabled cipher suites

214
            ciphers = socket.getEnabledCipherSuites();

215
            checkSuites(ciphers,

216
                    "Enabled cipher suites in SSLSocket");

217


218
            // check the order of supported cipher suites

219
            ciphers = socket.getSupportedCipherSuites();

220
            checkSuites(ciphers,

221
                    "Supported cipher suites in SSLSocket");

222
        }

223


224
        //

225
        // Check the cipher suites order of SSLServerSocket

226
        //

227
        SSLServerSocketFactory serverFactory = context.getServerSocketFactory();

228
        try (SSLServerSocket serverSocket

229
                = (SSLServerSocket) serverFactory.createServerSocket()) {

230
            // check the order of endabled cipher suites

231
            ciphers = serverSocket.getEnabledCipherSuites();

232
            checkSuites(ciphers,

233
                    "Enabled cipher suites in SSLServerSocket");

234


235
            // check the order of supported cipher suites

236
            ciphers = serverSocket.getSupportedCipherSuites();

237
            checkSuites(ciphers,

238
                    "Supported cipher suites in SSLServerSocket");

239
        }

240
    }

241


242
    private static void checkSuites(String[] suites, String title) {

243
        showSuites(suites, title);

244


245
        int loc = -1;

246
        int index = 0;

247
        for (String suite : suites) {

248
            index = supportedCipherSuites.indexOf(suite);

249
            if (index <= loc) {

250
                throw new RuntimeException(suite + " is not in order");

251
            }

252
            loc = index;

253
        }

254
    }

255


256
    private static void showSuites(String[] suites, String title) {

257
        System.out.println(title + "[" + suites.length + "]:");

258
        for (String suite : suites) {

259
            System.out.println("  " + suite);

260
        }

261
    }

262
}

263


264