1 /* 2 * Copyright (c) 2014, 2020, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 /* 25 * @test 26 * @bug 8049432 8069038 8234723 8202343 27 * @summary New tests for TLS property jdk.tls.client.protocols 28 * @summary javax/net/ssl/TLS/TLSClientPropertyTest.java needs to be 29 * updated for JDK-8061210 30 * @run main/othervm TLSClientPropertyTest NoProperty 31 * @run main/othervm TLSClientPropertyTest SSLv3 32 * @run main/othervm TLSClientPropertyTest TLSv1 33 * @run main/othervm TLSClientPropertyTest TLSv11 34 * @run main/othervm TLSClientPropertyTest TLSv12 35 * @run main/othervm TLSClientPropertyTest TLSv13 36 * @run main/othervm TLSClientPropertyTest TLS 37 * @run main/othervm TLSClientPropertyTest WrongProperty 38 */ 39 40 import java.security.KeyManagementException; 41 import java.security.NoSuchAlgorithmException; 42 import java.util.Arrays; 43 import java.util.List; 44 import javax.net.ssl.SSLContext; 45 46 /** 47 * Sets the property jdk.tls.client.protocols to one of this protocols: 48 * SSLv3,TLSv1,TLSv1.1,TLSv1.2 and TLSV(invalid) or removes this 49 * property (if any),then validates the default, supported and current 50 * protocols in the SSLContext. 51 */ 52 public class TLSClientPropertyTest { 53 private final String[] expectedSupportedProtos = new String[] { 54 "SSLv2Hello", "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3" 55 }; 56 57 public static void main(String[] args) throws Exception { 58 59 if (args.length < 1) { 60 throw new RuntimeException( 61 "Incorrect arguments,expected arguments: testCase"); 62 } 63 64 String[] expectedDefaultProtos; 65 String testCase = args[0]; 66 String contextProtocol; 67 switch (testCase) { 68 case "NoProperty": 69 if (System.getProperty("jdk.tls.client.protocols") != null) { 70 System.getProperties().remove("jdk.tls.client.protocols"); 71 } 72 contextProtocol = null; 73 expectedDefaultProtos = new String[] { 74 "TLSv1.2" 75 }; 76 break; 77 case "SSLv3": 78 contextProtocol = "SSLv3"; 79 expectedDefaultProtos = new String[] { 80 }; 81 break; 82 case "TLSv1": 83 contextProtocol = "TLSv1"; 84 expectedDefaultProtos = new String[] { 85 }; 86 break; 87 case "TLSv11": 88 contextProtocol = "TLSv1.1"; 89 expectedDefaultProtos = new String[] { 90 }; 91 break; 92 case "TLSv12": 93 case "TLS": 94 contextProtocol = "TLSv1.2"; 95 expectedDefaultProtos = new String[] { 96 "TLSv1.2" 97 }; 98 break; 99 case "TLSv13": 100 contextProtocol = "TLSv1.3"; 101 expectedDefaultProtos = new String[] { 102 "TLSv1.2", "TLSv1.3" 103 }; 104 break; 105 case "WrongProperty": 106 expectedDefaultProtos = new String[] {}; 107 contextProtocol = "TLSV"; 108 break; 109 default: 110 throw new RuntimeException("test case is wrong"); 111 } 112 if (contextProtocol != null) { 113 System.setProperty("jdk.tls.client.protocols", contextProtocol); 114 } 115 try { 116 TLSClientPropertyTest test = new TLSClientPropertyTest(); 117 test.test(contextProtocol, expectedDefaultProtos); 118 if (testCase.equals("WrongProperty")) { 119 throw new RuntimeException( 120 "Test failed: NoSuchAlgorithmException " + 121 "is expected when input wrong protocol"); 122 } else { 123 System.out.println("Test " + contextProtocol + " passed"); 124 } 125 } catch (NoSuchAlgorithmException nsae) { 126 if (testCase.equals("WrongProperty")) { 127 System.out.println("NoSuchAlgorithmException is expected," 128 + contextProtocol + " test passed"); 129 } else { 130 throw nsae; 131 } 132 } 133 134 } 135 136 /** 137 * The parameter passed is the user enforced protocol. Does not catch 138 * NoSuchAlgorithmException, WrongProperty test will use it. 139 */ 140 public void test(String expectedContextProto, 141 String[] expectedDefaultProtos) throws NoSuchAlgorithmException { 142 143 SSLContext context = null; 144 try { 145 if (expectedContextProto != null) { 146 context = SSLContext.getInstance(expectedContextProto); 147 context.init(null, null, null); 148 } else { 149 context = SSLContext.getDefault(); 150 } 151 printContextDetails(context); 152 } catch (KeyManagementException ex) { 153 error(null, ex); 154 } 155 156 validateContext(expectedContextProto, expectedDefaultProtos, context); 157 } 158 159 /** 160 * Simple print utility for SSLContext's protocol details. 161 */ 162 private void printContextDetails(SSLContext context) { 163 System.out.println("Default Protocols: " 164 + Arrays.toString(context.getDefaultSSLParameters() 165 .getProtocols())); 166 System.out.println("Supported Protocols: " 167 + Arrays.toString(context.getSupportedSSLParameters() 168 .getProtocols())); 169 System.out.println("Current Protocol : " + context.getProtocol()); 170 171 } 172 173 /** 174 * Error handler. 175 */ 176 private void error(String msg, Throwable tble) { 177 String finalMsg = "FAILED " + (msg != null ? msg : ""); 178 if (tble != null) { 179 throw new RuntimeException(finalMsg, tble); 180 } 181 throw new RuntimeException(finalMsg); 182 } 183 184 /** 185 * Validates the SSLContext's protocols against the user enforced protocol. 186 */ 187 private void validateContext(String expectedProto, 188 String[] expectedDefaultProtos, SSLContext context) { 189 if (expectedProto == null) { 190 expectedProto = "Default"; 191 } 192 if (!context.getProtocol().equals(expectedProto)) { 193 error("Invalid current protocol: " + context.getProtocol() 194 + ", Expected:" + expectedProto, null); 195 } 196 List<String> actualDefaultProtos = Arrays.asList(context 197 .getDefaultSSLParameters().getProtocols()); 198 for (String p : expectedDefaultProtos) { 199 if (!actualDefaultProtos.contains(p)) { 200 error("Default protocol " + p + "missing", null); 201 } 202 } 203 List<String> actualSupportedProtos = Arrays.asList(context 204 .getSupportedSSLParameters().getProtocols()); 205 206 for (String p : expectedSupportedProtos) { 207 if (!actualSupportedProtos.contains(p)) { 208 error("Expected to support protocol:" + p, null); 209 } 210 } 211 } 212 }