1
/*
2
 * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
 *
5
 * This code is free software; you can redistribute it and/or modify it
6
 * under the terms of the GNU General Public License version 2 only, as
7
 * published by the Free Software Foundation.
8
 *
9
 * This code is distributed in the hope that it will be useful, but WITHOUT
10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12
 * version 2 for more details (a copy is included in the LICENSE file that
13
 * accompanied this code).
14
 *
15
 * You should have received a copy of the GNU General Public License version
16
 * 2 along with this work; if not, write to the Free Software Foundation,
17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18
 *
19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20
 * or visit www.oracle.com if you need additional information or have any
21
 * questions.
22
 */
23

24
/*
25
 * @test
26
 * @summary Test SSLEngine.begineHandshake() triggers a KeyUpdate handshake
27
 * in TLSv1.3
28
 * @run main/othervm TLS13BeginHandshake
29
 */
30

31
import javax.net.ssl.KeyManagerFactory;
32
import javax.net.ssl.SSLContext;
33
import javax.net.ssl.SSLEngine;
34
import javax.net.ssl.SSLEngineResult;
35
import javax.net.ssl.SSLEngineResult.HandshakeStatus;
36
import javax.net.ssl.SSLSession;
37
import javax.net.ssl.TrustManagerFactory;
38
import java.io.File;
39
import java.io.FileInputStream;
40
import java.nio.ByteBuffer;
41
import java.security.KeyStore;
42
import java.security.SecureRandom;
43

44
public class TLS13BeginHandshake {
45
    static String pathToStores =
46
            System.getProperty("test.src") + "/../../../../javax/net/ssl/etc/";
47
    static String keyStoreFile = "keystore";
48
    static String passwd = "passphrase";
49

50
    private SSLEngine serverEngine, clientEngine;
51
    SSLEngineResult clientResult, serverResult;
52
    private ByteBuffer clientOut, clientIn;
53
    private ByteBuffer serverOut, serverIn;
54
    private ByteBuffer cTOs,sTOc;
55

56
    public static void main(String args[]) throws Exception{
57
        new TLS13BeginHandshake().runDemo();
58
    }
59

60
    private void runDemo() throws Exception {
61
        int done = 0;
62

63
        createSSLEngines();
64
        createBuffers();
65

66
        while (!isEngineClosed(clientEngine) || !isEngineClosed(serverEngine)) {
67

68
            System.out.println("================");
69
            clientResult = clientEngine.wrap(clientOut, cTOs);
70
            System.out.println("client wrap: " + clientResult);
71
            runDelegatedTasks(clientResult, clientEngine);
72
            serverResult = serverEngine.wrap(serverOut, sTOc);
73
            System.out.println("server wrap: " + serverResult);
74
            runDelegatedTasks(serverResult, serverEngine);
75

76
            cTOs.flip();
77
            sTOc.flip();
78

79
            System.out.println("----");
80
            clientResult = clientEngine.unwrap(sTOc, clientIn);
81
            System.out.println("client unwrap: " + clientResult);
82
            if (clientResult.getStatus() == SSLEngineResult.Status.CLOSED) {
83
                break;
84
            }            runDelegatedTasks(clientResult, clientEngine);
85
            serverResult = serverEngine.unwrap(cTOs, serverIn);
86
            System.out.println("server unwrap: " + serverResult);
87
            runDelegatedTasks(serverResult, serverEngine);
88

89
            cTOs.compact();
90
            sTOc.compact();
91

92
            //System.err.println("so limit="+serverOut.limit()+" so pos="+serverOut.position());
93
            //System.out.println("bf ctos limit="+cTOs.limit()+" pos="+cTOs.position()+" cap="+cTOs.capacity());
94
            //System.out.println("bf stoc limit="+sTOc.limit()+" pos="+sTOc.position()+" cap="+sTOc.capacity());
95
            if (done < 2  && (clientOut.limit() == serverIn.position()) &&
96
                    (serverOut.limit() == clientIn.position())) {
97

98
                if (done == 0) {
99
                    checkTransfer(serverOut, clientIn);
100
                    checkTransfer(clientOut, serverIn);
101
                    clientEngine.beginHandshake();
102
                    done++;
103
                    continue;
104
                }
105

106
                checkTransfer(serverOut, clientIn);
107
                checkTransfer(clientOut, serverIn);
108
                System.out.println("\tClosing...");
109
                clientEngine.closeOutbound();
110
                serverEngine.closeOutbound();
111
                done++;
112
                continue;
113
            }
114
        }
115
    }
116

117
    private static boolean isEngineClosed(SSLEngine engine) {
118
        if (engine.isInboundDone())
119
            System.out.println("inbound closed");
120
        if (engine.isOutboundDone())
121
            System.out.println("outbound closed");
122
        return (engine.isOutboundDone() && engine.isInboundDone());
123
    }
124

125
    private static void checkTransfer(ByteBuffer a, ByteBuffer b)
126
            throws Exception {
127
        a.flip();
128
        b.flip();
129

130
        if (!a.equals(b)) {
131
            throw new Exception("Data didn't transfer cleanly");
132
        } else {
133
            System.out.println("\tData transferred cleanly");
134
        }
135

136
        a.compact();
137
        b.compact();
138

139
    }
140
    private void createBuffers() {
141
        SSLSession session = clientEngine.getSession();
142
        int appBufferMax = session.getApplicationBufferSize();
143
        int netBufferMax = session.getPacketBufferSize();
144

145
        clientIn = ByteBuffer.allocate(appBufferMax + 50);
146
        serverIn = ByteBuffer.allocate(appBufferMax + 50);
147

148
        cTOs = ByteBuffer.allocateDirect(netBufferMax);
149
        sTOc = ByteBuffer.allocateDirect(netBufferMax);
150

151
        clientOut = ByteBuffer.wrap("client".getBytes());
152
        serverOut = ByteBuffer.wrap("server".getBytes());
153
    }
154

155
    private void createSSLEngines() throws Exception {
156
        serverEngine = initContext().createSSLEngine();
157
        serverEngine.setUseClientMode(false);
158
        serverEngine.setNeedClientAuth(true);
159

160
        clientEngine = initContext().createSSLEngine("client", 80);
161
        clientEngine.setUseClientMode(true);
162
    }
163

164
    private SSLContext initContext() throws Exception {
165
        SSLContext sc = SSLContext.getInstance("TLSv1.3");
166
        KeyStore ks = KeyStore.getInstance("JKS");
167
        ks.load(new FileInputStream(new File(pathToStores + keyStoreFile)),
168
                passwd.toCharArray());
169
        KeyManagerFactory kmf =
170
                KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
171
        kmf.init(ks, passwd.toCharArray());
172
        TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
173
        tmf.init(ks);
174
        sc.init(kmf.getKeyManagers(), tmf.getTrustManagers(), new SecureRandom());
175
        return sc;
176
    }
177

178
    private static void runDelegatedTasks(SSLEngineResult result,
179
            SSLEngine engine) throws Exception {
180

181
        if (result.getHandshakeStatus() == HandshakeStatus.NEED_TASK) {
182
            Runnable runnable;
183
            while ((runnable = engine.getDelegatedTask()) != null) {
184
                runnable.run();
185
            }
186
            HandshakeStatus hsStatus = engine.getHandshakeStatus();
187
            if (hsStatus == HandshakeStatus.NEED_TASK) {
188
                throw new Exception(
189
                    "handshake shouldn't need additional tasks");
190
            }
191
        }
192
    }
193
}
194

195