Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/test/sun/security/ssl/SSLContextImpl/CustomizedServerDefaultProtocols.java
38853 views
/*1* Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation.7*8* This code is distributed in the hope that it will be useful, but WITHOUT9* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or10* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License11* version 2 for more details (a copy is included in the LICENSE file that12* accompanied this code).13*14* You should have received a copy of the GNU General Public License version15* 2 along with this work; if not, write to the Free Software Foundation,16* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.17*18* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA19* or visit www.oracle.com if you need additional information or have any20* questions.21*/2223// SunJSSE does not support dynamic system properties, no way to re-use24// system properties in samevm/agentvm mode.2526/*27* @test28* @summary Test jdk.tls.server.protocols with TLS29* @run main/othervm -Djdk.tls.server.protocols="SSLv3,TLSv1,TLSv1.1"30* CustomizedServerDefaultProtocols31*/3233import java.security.Security;34import java.util.Arrays;35import java.util.HashSet;36import java.util.Set;3738import javax.net.SocketFactory;39import javax.net.ssl.SSLContext;40import javax.net.ssl.SSLEngine;41import javax.net.ssl.SSLParameters;42import javax.net.ssl.SSLServerSocket;43import javax.net.ssl.SSLServerSocketFactory;44import javax.net.ssl.SSLSocket;4546public class CustomizedServerDefaultProtocols {4748final static String[] supportedProtocols = new String[]{49"SSLv2Hello", "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"};5051enum ContextVersion {52TLS_CV_01("SSL",53new String[]{"SSLv3", "TLSv1", "TLSv1.1"},54new String[]{"SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2"}),55TLS_CV_02("TLS",56new String[]{"SSLv3", "TLSv1", "TLSv1.1"},57new String[]{"SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2"}),58TLS_CV_03("SSLv3",59supportedProtocols,60new String[]{"SSLv3", "TLSv1"}),61TLS_CV_04("TLSv1",62supportedProtocols,63new String[]{"SSLv3", "TLSv1"}),64TLS_CV_05("TLSv1.1",65supportedProtocols,66new String[]{"SSLv3", "TLSv1", "TLSv1.1"}),67TLS_CV_06("TLSv1.2",68supportedProtocols,69new String[]{"SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2"}),70TLS_CV_07("TLSv1.3",71supportedProtocols,72new String[]{"SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"}),73TLS_CV_08("Default",74new String[]{"SSLv3", "TLSv1", "TLSv1.1"},75new String[]{"SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2"});7677final String contextVersion;78final String[] serverEnabledProtocols;79final String[] clientEnabledProtocols;8081ContextVersion(String contextVersion, String[] serverEnabledProtocols,82String[] clientEnabledProtocols) {83this.contextVersion = contextVersion;84this.serverEnabledProtocols = serverEnabledProtocols;85this.clientEnabledProtocols = clientEnabledProtocols;86}87}8889private static boolean checkProtocols(String[] target, String[] expected) {90boolean success = true;91if (target.length == 0) {92System.out.println("\tError: No protocols");93success = false;94}9596if (!protocolEquals(target, expected)) {97System.out.println("\tError: Expected to get protocols " +98Arrays.toString(expected));99success = false;100}101System.out.println("\t Protocols found " + Arrays.toString(target));102return success;103}104105private static boolean protocolEquals(106String[] actualProtocols,107String[] expectedProtocols) {108if (actualProtocols.length != expectedProtocols.length) {109return false;110}111112Set<String> set = new HashSet<>(Arrays.asList(expectedProtocols));113for (String actual : actualProtocols) {114if (set.add(actual)) {115return false;116}117}118119return true;120}121122private static boolean checkCipherSuites(String[] target) {123boolean success = true;124if (target.length == 0) {125System.out.println("\tError: No cipher suites");126success = false;127}128129return success;130}131132public static void main(String[] args) throws Exception {133// reset the security property to make sure that the algorithms134// and keys used in this test are not disabled.135Security.setProperty("jdk.tls.disabledAlgorithms", "");136System.out.println("jdk.tls.client.protocols = " +137System.getProperty("jdk.tls.client.protocols"));138System.out.println("jdk.tls.server.protocols = "+139System.getProperty("jdk.tls.server.protocols"));140Test();141}142143static void Test() throws Exception {144boolean failed = false;145146for (ContextVersion cv : ContextVersion.values()) {147System.out.println("Checking SSLContext of " + cv.contextVersion);148SSLContext context = SSLContext.getInstance(cv.contextVersion);149150// Default SSLContext is initialized automatically.151if (!cv.contextVersion.equals("Default")) {152// Use default TK, KM and random.153context.init(null, null, null);154}155156//157// Check SSLContext158//159// Check default SSLParameters of SSLContext160System.out.println("\tChecking default SSLParameters");161SSLParameters parameters = context.getDefaultSSLParameters();162163String[] protocols = parameters.getProtocols();164failed |= !checkProtocols(protocols, cv.clientEnabledProtocols);165166String[] ciphers = parameters.getCipherSuites();167failed |= !checkCipherSuites(ciphers);168169// Check supported SSLParameters of SSLContext170System.out.println("\tChecking supported SSLParameters");171parameters = context.getSupportedSSLParameters();172173protocols = parameters.getProtocols();174failed |= !checkProtocols(protocols, supportedProtocols);175176ciphers = parameters.getCipherSuites();177failed |= !checkCipherSuites(ciphers);178179//180// Check SSLEngine181//182// Check SSLParameters of SSLEngine183System.out.println();184System.out.println("\tChecking SSLEngine of this SSLContext");185System.out.println("\tChecking SSLEngine.getSSLParameters()");186SSLEngine engine = context.createSSLEngine();187engine.setUseClientMode(true);188parameters = engine.getSSLParameters();189190protocols = parameters.getProtocols();191failed |= !checkProtocols(protocols, cv.clientEnabledProtocols);192193ciphers = parameters.getCipherSuites();194failed |= !checkCipherSuites(ciphers);195196System.out.println("\tChecking SSLEngine.getEnabledProtocols()");197protocols = engine.getEnabledProtocols();198failed |= !checkProtocols(protocols, cv.clientEnabledProtocols);199200System.out.println("\tChecking SSLEngine.getEnabledCipherSuites()");201ciphers = engine.getEnabledCipherSuites();202failed |= !checkCipherSuites(ciphers);203204System.out.println("\tChecking SSLEngine.getSupportedProtocols()");205protocols = engine.getSupportedProtocols();206failed |= !checkProtocols(protocols, supportedProtocols);207208System.out.println(209"\tChecking SSLEngine.getSupportedCipherSuites()");210ciphers = engine.getSupportedCipherSuites();211failed |= !checkCipherSuites(ciphers);212213//214// Check SSLSocket215//216// Check SSLParameters of SSLSocket217System.out.println();218System.out.println("\tChecking SSLSocket of this SSLContext");219System.out.println("\tChecking SSLSocket.getSSLParameters()");220SocketFactory fac = context.getSocketFactory();221SSLSocket socket = (SSLSocket) fac.createSocket();222parameters = socket.getSSLParameters();223224protocols = parameters.getProtocols();225failed |= !checkProtocols(protocols, cv.clientEnabledProtocols);226227ciphers = parameters.getCipherSuites();228failed |= !checkCipherSuites(ciphers);229230System.out.println("\tChecking SSLSocket.getEnabledProtocols()");231protocols = socket.getEnabledProtocols();232failed |= !checkProtocols(protocols, cv.clientEnabledProtocols);233234System.out.println("\tChecking SSLSocket.getEnabledCipherSuites()");235ciphers = socket.getEnabledCipherSuites();236failed |= !checkCipherSuites(ciphers);237238System.out.println("\tChecking SSLSocket.getSupportedProtocols()");239protocols = socket.getSupportedProtocols();240failed |= !checkProtocols(protocols, supportedProtocols);241242System.out.println(243"\tChecking SSLSocket.getSupportedCipherSuites()");244ciphers = socket.getSupportedCipherSuites();245failed |= !checkCipherSuites(ciphers);246247//248// Check SSLServerSocket249//250// Check SSLParameters of SSLServerSocket251System.out.println();252System.out.println("\tChecking SSLServerSocket of this SSLContext");253System.out.println("\tChecking SSLServerSocket.getSSLParameters()");254SSLServerSocketFactory sf = context.getServerSocketFactory();255SSLServerSocket ssocket = (SSLServerSocket) sf.createServerSocket();256parameters = ssocket.getSSLParameters();257258protocols = parameters.getProtocols();259failed |= !checkProtocols(protocols, cv.serverEnabledProtocols);260261ciphers = parameters.getCipherSuites();262failed |= !checkCipherSuites(ciphers);263264System.out.println("\tChecking SSLEngine.getEnabledProtocols()");265protocols = ssocket.getEnabledProtocols();266failed |= !checkProtocols(protocols, cv.serverEnabledProtocols);267268System.out.println("\tChecking SSLEngine.getEnabledCipherSuites()");269ciphers = ssocket.getEnabledCipherSuites();270failed |= !checkCipherSuites(ciphers);271272System.out.println("\tChecking SSLEngine.getSupportedProtocols()");273protocols = ssocket.getSupportedProtocols();274failed |= !checkProtocols(protocols, supportedProtocols);275276System.out.println(277"\tChecking SSLEngine.getSupportedCipherSuites()");278ciphers = ssocket.getSupportedCipherSuites();279failed |= !checkCipherSuites(ciphers);280281if (failed) {282throw new Exception("Run into problems, see log for more details");283} else {284System.out.println("\t... Success");285}286}287}288}289290291