1 /* 2 * Copyright (c) 2014, 2019, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 /* 25 * @test 26 * @bug 8049432 8069038 8234723 27 * @summary New tests for TLS property jdk.tls.client.protocols 28 * @summary javax/net/ssl/TLS/TLSClientPropertyTest.java needs to be 29 * updated for JDK-8061210 30 * @run main/othervm TLSClientPropertyTest NoProperty 31 * @run main/othervm TLSClientPropertyTest SSLv3 32 * @run main/othervm TLSClientPropertyTest TLSv1 33 * @run main/othervm TLSClientPropertyTest TLSv11 34 * @run main/othervm TLSClientPropertyTest TLSv12 35 * @run main/othervm TLSClientPropertyTest TLSv13 36 * @run main/othervm TLSClientPropertyTest TLS 37 * @run main/othervm TLSClientPropertyTest WrongProperty 38 */ 39 40 import java.security.KeyManagementException; 41 import java.security.NoSuchAlgorithmException; 42 import java.util.Arrays; 43 import java.util.List; 44 import javax.net.ssl.SSLContext; 45 46 /** 47 * Sets the property jdk.tls.client.protocols to one of this protocols: 48 * SSLv3,TLSv1,TLSv1.1,TLSv1.2 and TLSV(invalid) or removes this 49 * property (if any),then validates the default, supported and current 50 * protocols in the SSLContext. 51 */ 52 public class TLSClientPropertyTest { 53 private final String[] expectedSupportedProtos = new String[] { 54 "SSLv2Hello", "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3" 55 }; 56 57 public static void main(String[] args) throws Exception { 58 59 if (args.length < 1) { 60 throw new RuntimeException( 61 "Incorrect arguments,expected arguments: testCase"); 62 } 63 64 String[] expectedDefaultProtos; 65 String testCase = args[0]; 66 String contextProtocol; 67 switch (testCase) { 68 case "NoProperty": 69 if (System.getProperty("jdk.tls.client.protocols") != null) { 70 System.getProperties().remove("jdk.tls.client.protocols"); 71 } 72 contextProtocol = null; 73 expectedDefaultProtos = new String[] { 74 "TLSv1", "TLSv1.1", "TLSv1.2" 75 }; 76 break; 77 case "SSLv3": 78 contextProtocol = "SSLv3"; 79 expectedDefaultProtos = new String[] { 80 }; 81 break; 82 case "TLSv1": 83 contextProtocol = "TLSv1"; 84 expectedDefaultProtos = new String[] { 85 "TLSv1" 86 }; 87 break; 88 case "TLSv11": 89 contextProtocol = "TLSv1.1"; 90 expectedDefaultProtos = new String[] { 91 "TLSv1", "TLSv1.1" 92 }; 93 break; 94 case "TLSv12": 95 case "TLS": 96 contextProtocol = "TLSv1.2"; 97 expectedDefaultProtos = new String[] { 98 "TLSv1", "TLSv1.1", "TLSv1.2" 99 }; 100 break; 101 case "TLSv13": 102 contextProtocol = "TLSv1.3"; 103 expectedDefaultProtos = new String[] { 104 "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3" 105 }; 106 break; 107 case "WrongProperty": 108 expectedDefaultProtos = new String[] {}; 109 contextProtocol = "TLSV"; 110 break; 111 default: 112 throw new RuntimeException("test case is wrong"); 113 } 114 if (contextProtocol != null) { 115 System.setProperty("jdk.tls.client.protocols", contextProtocol); 116 } 117 try { 118 TLSClientPropertyTest test = new TLSClientPropertyTest(); 119 test.test(contextProtocol, expectedDefaultProtos); 120 if (testCase.equals("WrongProperty")) { 121 throw new RuntimeException( 122 "Test failed: NoSuchAlgorithmException " + 123 "is expected when input wrong protocol"); 124 } else { 125 System.out.println("Test " + contextProtocol + " passed"); 126 } 127 } catch (NoSuchAlgorithmException nsae) { 128 if (testCase.equals("WrongProperty")) { 129 System.out.println("NoSuchAlgorithmException is expected," 130 + contextProtocol + " test passed"); 131 } else { 132 throw nsae; 133 } 134 } 135 136 } 137 138 /** 139 * The parameter passed is the user enforced protocol. Does not catch 140 * NoSuchAlgorithmException, WrongProperty test will use it. 141 */ 142 public void test(String expectedContextProto, 143 String[] expectedDefaultProtos) throws NoSuchAlgorithmException { 144 145 SSLContext context = null; 146 try { 147 if (expectedContextProto != null) { 148 context = SSLContext.getInstance(expectedContextProto); 149 context.init(null, null, null); 150 } else { 151 context = SSLContext.getDefault(); 152 } 153 printContextDetails(context); 154 } catch (KeyManagementException ex) { 155 error(null, ex); 156 } 157 158 validateContext(expectedContextProto, expectedDefaultProtos, context); 159 } 160 161 /** 162 * Simple print utility for SSLContext's protocol details. 163 */ 164 private void printContextDetails(SSLContext context) { 165 System.out.println("Default Protocols: " 166 + Arrays.toString(context.getDefaultSSLParameters() 167 .getProtocols())); 168 System.out.println("Supported Protocols: " 169 + Arrays.toString(context.getSupportedSSLParameters() 170 .getProtocols())); 171 System.out.println("Current Protocol : " + context.getProtocol()); 172 173 } 174 175 /** 176 * Error handler. 177 */ 178 private void error(String msg, Throwable tble) { 179 String finalMsg = "FAILED " + (msg != null ? msg : ""); 180 if (tble != null) { 181 throw new RuntimeException(finalMsg, tble); 182 } 183 throw new RuntimeException(finalMsg); 184 } 185 186 /** 187 * Validates the SSLContext's protocols against the user enforced protocol. 188 */ 189 private void validateContext(String expectedProto, 190 String[] expectedDefaultProtos, SSLContext context) { 191 if (expectedProto == null) { 192 expectedProto = "Default"; 193 } 194 if (!context.getProtocol().equals(expectedProto)) { 195 error("Invalid current protocol: " + context.getProtocol() 196 + ", Expected:" + expectedProto, null); 197 } 198 List<String> actualDefaultProtos = Arrays.asList(context 199 .getDefaultSSLParameters().getProtocols()); 200 for (String p : expectedDefaultProtos) { 201 if (!actualDefaultProtos.contains(p)) { 202 error("Default protocol " + p + "missing", null); 203 } 204 } 205 List<String> actualSupportedProtos = Arrays.asList(context 206 .getSupportedSSLParameters().getProtocols()); 207 208 for (String p : expectedSupportedProtos) { 209 if (!actualSupportedProtos.contains(p)) { 210 error("Expected to support protocol:" + p, null); 211 } 212 } 213 } 214 }