Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/test/sun/security/ssl/SSLContextImpl/SSLContextDefault.java
38853 views
/*1* Copyright (c) 2020, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation.7*8* This code is distributed in the hope that it will be useful, but WITHOUT9* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or10* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License11* version 2 for more details (a copy is included in the LICENSE file that12* accompanied this code).13*14* You should have received a copy of the GNU General Public License version15* 2 along with this work; if not, write to the Free Software Foundation,16* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.17*18* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA19* or visit www.oracle.com if you need additional information or have any20* questions.21*/2223//24// SunJSSE does not support dynamic system properties, no way to re-use25// system properties in samevm/agentvm mode.26//2728/*29* @test30* @bug 820234331* @summary Check that SSLv3, TLSv1 and TLSv1.1 are disabled by default32* @run main/othervm SSLContextDefault33*/3435import java.util.Arrays;36import java.util.Collections;37import java.util.List;38import javax.net.ssl.*;3940public class SSLContextDefault {4142private final static String[] protocols = {43"", "SSL", "TLS", "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"44};4546private final static List<String> disabledProtocols =47Collections.unmodifiableList(48Arrays.asList("SSLv3", "TLSv1", "TLSv1.1"));4950public static void main(String[] args) throws Exception {51for (String protocol : protocols) {52System.out.println("//");53System.out.println("// " + "Testing for SSLContext of " +54(protocol.isEmpty() ? "<default>" : protocol));55System.out.println("//");56checkForProtocols(protocol);57System.out.println();58}59}6061public static void checkForProtocols(String protocol) throws Exception {62SSLContext context;63if (protocol.isEmpty()) {64context = SSLContext.getDefault();65} else {66context = SSLContext.getInstance(protocol);67context.init(null, null, null);68}6970// check for the presence of supported protocols of SSLContext71SSLParameters parameters = context.getSupportedSSLParameters();72checkProtocols(parameters.getProtocols(),73"Supported protocols in SSLContext", false);747576// check for the presence of default protocols of SSLContext77parameters = context.getDefaultSSLParameters();78checkProtocols(parameters.getProtocols(),79"Enabled protocols in SSLContext", true);8081// check for the presence of supported protocols of SSLEngine82SSLEngine engine = context.createSSLEngine();83checkProtocols(engine.getSupportedProtocols(),84"Supported protocols in SSLEngine", false);8586// Check for the presence of default protocols of SSLEngine87checkProtocols(engine.getEnabledProtocols(),88"Enabled protocols in SSLEngine", true);8990SSLSocketFactory factory = context.getSocketFactory();91try (SSLSocket socket = (SSLSocket)factory.createSocket()) {92// check for the presence of supported protocols of SSLSocket93checkProtocols(socket.getSupportedProtocols(),94"Supported cipher suites in SSLSocket", false);9596// Check for the presence of default protocols of SSLSocket97checkProtocols(socket.getEnabledProtocols(),98"Enabled protocols in SSLSocket", true);99}100101SSLServerSocketFactory serverFactory = context.getServerSocketFactory();102try (SSLServerSocket serverSocket =103(SSLServerSocket)serverFactory.createServerSocket()) {104// check for the presence of supported protocols of SSLServerSocket105checkProtocols(serverSocket.getSupportedProtocols(),106"Supported cipher suites in SSLServerSocket", false);107108// Check for the presence of default protocols of SSLServerSocket109checkProtocols(serverSocket.getEnabledProtocols(),110"Enabled protocols in SSLServerSocket", true);111}112}113114private static void checkProtocols(String[] protocols,115String title, boolean disabled) throws Exception {116showProtocols(protocols, title);117118if (disabled) {119for (String protocol : protocols ) {120if (disabledProtocols.contains(protocol)) {121throw new Exception(protocol +122" should not be enabled by default");123}124}125} else {126List<String> protocolsList = Collections.unmodifiableList(127Arrays.asList(protocols));128for (String disabledProtocol : disabledProtocols) {129if (!protocolsList.contains(disabledProtocol)) {130throw new Exception(disabledProtocol +131" should be supported by default");132}133}134}135}136137private static void showProtocols(String[] protocols, String title) {138System.out.println(title + "[" + protocols.length + "]:");139for (String protocol : protocols) {140System.out.println(" " + protocol);141}142}143}144145146