CoCalc -- ResumeChecksServer.java

GitHub Repository: PojavLauncherTeam/openjdk-multiarch-jdk8u
Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/test/sun/security/ssl/SSLSessionImpl/ResumeChecksServer.java
³⁸⁸⁵³ views
1
/*
2
 * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
 *
5
 * This code is free software; you can redistribute it and/or modify it
6
 * under the terms of the GNU General Public License version 2 only, as
7
 * published by the Free Software Foundation.
8
 *
9
 * This code is distributed in the hope that it will be useful, but WITHOUT
10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12
 * version 2 for more details (a copy is included in the LICENSE file that
13
 * accompanied this code).
14
 *
15
 * You should have received a copy of the GNU General Public License version
16
 * 2 along with this work; if not, write to the Free Software Foundation,
17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18
 *
19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20
 * or visit www.oracle.com if you need additional information or have any
21
 * questions.
22
 */
23

24
/*
25
 * @test
26
 * @bug 8206929
27
 * @summary ensure that server only resumes a session if certain properties
28
 *    of the session are compatible with the new connection
29
 * @run main/othervm -Djdk.tls.client.protocols=TLSv1.2 ResumeChecksServer BASIC
30
 * @run main/othervm -Djdk.tls.client.protocols=TLSv1.3 ResumeChecksServer BASIC
31
 * @run main/othervm ResumeChecksServer BASIC
32
 * @run main/othervm -Djdk.tls.client.protocols=TLSv1.2 ResumeChecksServer CLIENT_AUTH
33
 * @run main/othervm -Djdk.tls.client.protocols=TLSv1.3 ResumeChecksServer CLIENT_AUTH
34
 * @run main/othervm ResumeChecksServer CLIENT_AUTH
35
 * @run main/othervm -Djdk.tls.client.protocols=TLSv1.2,TLSv1.3 ResumeChecksServer VERSION_2_TO_3
36
 * @run main/othervm -Djdk.tls.client.protocols=TLSv1.2,TLSv1.3 ResumeChecksServer VERSION_3_TO_2
37
 * @run main/othervm -Djdk.tls.client.protocols=TLSv1.3 ResumeChecksServer CIPHER_SUITE
38
 * @run main/othervm -Djdk.tls.client.protocols=TLSv1.3 ResumeChecksServer SIGNATURE_SCHEME
39
 *
40
 */
41

42
import javax.net.*;
43
import javax.net.ssl.*;
44
import java.io.*;
45
import java.security.*;
46
import java.net.*;
47
import java.util.*;
48

49
public class ResumeChecksServer {
50

51
    static String pathToStores = "../../../../javax/net/ssl/etc";
52
    static String keyStoreFile = "keystore";
53
    static String trustStoreFile = "truststore";
54
    static String passwd = "passphrase";
55

56
    enum TestMode {
57
        BASIC,
58
        CLIENT_AUTH,
59
        VERSION_2_TO_3,
60
        VERSION_3_TO_2,
61
        CIPHER_SUITE,
62
        SIGNATURE_SCHEME
63
    }
64

65
    public static void main(String[] args) throws Exception {
66

67
        TestMode mode = TestMode.valueOf(args[0]);
68

69
        String keyFilename =
70
            System.getProperty("test.src", "./") + "/" + pathToStores +
71
                "/" + keyStoreFile;
72
        String trustFilename =
73
            System.getProperty("test.src", "./") + "/" + pathToStores +
74
                "/" + trustStoreFile;
75

76
        System.setProperty("javax.net.ssl.keyStore", keyFilename);
77
        System.setProperty("javax.net.ssl.keyStorePassword", passwd);
78
        System.setProperty("javax.net.ssl.trustStore", trustFilename);
79
        System.setProperty("javax.net.ssl.trustStorePassword", passwd);
80

81
        SSLSession secondSession = null;
82

83
        SSLContext sslContext = SSLContext.getDefault();
84
        ServerSocketFactory fac = sslContext.getServerSocketFactory();
85
        SSLServerSocket ssock = (SSLServerSocket)
86
            fac.createServerSocket(0);
87

88
        Client client = startClient(ssock.getLocalPort());
89

90
        try {
91
            connect(client, ssock, mode, false);
92
        } catch (Exception ex) {
93
            throw new RuntimeException(ex);
94
        }
95

96
        long secondStartTime = System.currentTimeMillis();
97
        Thread.sleep(10);
98
        try {
99
            secondSession = connect(client, ssock, mode, true);
100
        } catch (SSLHandshakeException ex) {
101
            // this is expected
102
        } catch (Exception ex) {
103
            throw new RuntimeException(ex);
104
        }
105

106
        client.go = false;
107
        client.signal();
108

109
        switch (mode) {
110
        case BASIC:
111
            // fail if session is not resumed
112
            if (secondSession.getCreationTime() > secondStartTime) {
113
                throw new RuntimeException("Session was not reused");
114
            }
115
            break;
116
        case CLIENT_AUTH:
117
            // throws an exception if the client is not authenticated
118
            secondSession.getPeerCertificates();
119
            break;
120
        case VERSION_2_TO_3:
121
        case VERSION_3_TO_2:
122
        case CIPHER_SUITE:
123
        case SIGNATURE_SCHEME:
124
            // fail if a new session is not created
125
            if (secondSession.getCreationTime() <= secondStartTime) {
126
                throw new RuntimeException("Existing session was used");
127
            }
128
            break;
129
        default:
130
            throw new RuntimeException("unknown mode: " + mode);
131
        }
132
    }
133

134
    private static class NoSig implements AlgorithmConstraints {
135

136
        private final String alg;
137

138
        NoSig(String alg) {
139
            this.alg = alg;
140
        }
141

142

143
        private boolean test(String a) {
144
            return !a.toLowerCase().contains(alg.toLowerCase());
145
        }
146

147
        public boolean permits(Set<CryptoPrimitive> primitives, Key key) {
148
            return true;
149
        }
150
        public boolean permits(Set<CryptoPrimitive> primitives,
151
            String algorithm, AlgorithmParameters parameters) {
152

153
            return test(algorithm);
154
        }
155
        public boolean permits(Set<CryptoPrimitive> primitives,
156
            String algorithm, Key key, AlgorithmParameters parameters) {
157

158
            return test(algorithm);
159
        }
160
    }
161

162
    private static SSLSession connect(Client client, SSLServerSocket ssock,
163
        TestMode mode, boolean second) throws Exception {
164

165
        try {
166
            client.signal();
167
            System.out.println("Waiting for connection");
168
            SSLSocket sock = (SSLSocket) ssock.accept();
169
            SSLParameters params = sock.getSSLParameters();
170

171
            switch (mode) {
172
            case BASIC:
173
                // do nothing to ensure resumption works
174
                break;
175
            case CLIENT_AUTH:
176
                if (second) {
177
                    params.setNeedClientAuth(true);
178
                } else {
179
                    params.setNeedClientAuth(false);
180
                }
181
                break;
182
            case VERSION_2_TO_3:
183
                if (second) {
184
                    params.setProtocols(new String[] {"TLSv1.3"});
185
                } else {
186
                    params.setProtocols(new String[] {"TLSv1.2"});
187
                }
188
                break;
189
            case VERSION_3_TO_2:
190
                if (second) {
191
                    params.setProtocols(new String[] {"TLSv1.2"});
192
                } else {
193
                    params.setProtocols(new String[] {"TLSv1.3"});
194
                }
195
                break;
196
            case CIPHER_SUITE:
197
                if (second) {
198
                    params.setCipherSuites(
199
                        new String[] {"TLS_AES_128_GCM_SHA256"});
200
                } else {
201
                    params.setCipherSuites(
202
                        new String[] {"TLS_AES_256_GCM_SHA384"});
203
                }
204
                break;
205
            case SIGNATURE_SCHEME:
206
                params.setNeedClientAuth(true);
207
                AlgorithmConstraints constraints =
208
                    params.getAlgorithmConstraints();
209
                if (second) {
210
                    params.setAlgorithmConstraints(new NoSig("ecdsa"));
211
                } else {
212
                    params.setAlgorithmConstraints(new NoSig("rsa"));
213
                }
214
                break;
215
            default:
216
                throw new RuntimeException("unknown mode: " + mode);
217
            }
218
            sock.setSSLParameters(params);
219
            BufferedReader reader = new BufferedReader(
220
                new InputStreamReader(sock.getInputStream()));
221
            String line = reader.readLine();
222
            System.out.println("server read: " + line);
223
            PrintWriter out = new PrintWriter(
224
                new OutputStreamWriter(sock.getOutputStream()));
225
            out.println(line);
226
            out.flush();
227
            out.close();
228
            SSLSession result = sock.getSession();
229
            sock.close();
230
            return result;
231
        } catch (SSLHandshakeException ex) {
232
            if (!second) {
233
                throw ex;
234
            }
235
        }
236
        return null;
237
    }
238

239
    private static Client startClient(int port) {
240
        Client client = new Client(port);
241
        new Thread(client).start();
242
        return client;
243
    }
244

245
    private static class Client implements Runnable {
246

247
        public volatile boolean go = true;
248
        private boolean signal = false;
249
        private final int port;
250

251
        Client(int port) {
252
            this.port = port;
253
        }
254

255
        private synchronized void waitForSignal() {
256
            while (!signal) {
257
                try {
258
                    wait();
259
                } catch (InterruptedException ex) {
260
                    // do nothing
261
                }
262
            }
263
            signal = false;
264

265
            try {
266
                Thread.sleep(1000);
267
            } catch (InterruptedException ex) {
268
                // do nothing
269
            }
270
        }
271
        public synchronized void signal() {
272
            signal = true;
273
            notify();
274
        }
275

276
        public void run() {
277
            try {
278

279
                SSLContext sc = SSLContext.getDefault();
280

281
                waitForSignal();
282
                while (go) {
283
                    try {
284
                        SSLSocket sock = (SSLSocket)
285
                            sc.getSocketFactory().createSocket();
286
                        sock.connect(new InetSocketAddress("localhost", port));
287
                        PrintWriter out = new PrintWriter(
288
                            new OutputStreamWriter(sock.getOutputStream()));
289
                        out.println("message");
290
                        out.flush();
291
                        BufferedReader reader = new BufferedReader(
292
                            new InputStreamReader(sock.getInputStream()));
293
                        String inMsg = reader.readLine();
294
                        System.out.println("Client received: " + inMsg);
295
                        out.close();
296
                        sock.close();
297
                        waitForSignal();
298
                    } catch (Exception ex) {
299
                        ex.printStackTrace();
300
                    }
301
                }
302
            } catch (Exception ex) {
303
                throw new RuntimeException(ex);
304
            }
305
        }
306
    }
307
}
308

309
Product

Resources

Company
