1 /*
2 * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 /*
27 * @test
28 * @bug 4873188
29 * @summary Support TLS 1.1
30 * @run main/othervm GenericBlockCipher
31 *
32 * SunJSSE does not support dynamic system properties, no way to re-use
33 * system properties in samevm/agentvm mode.
34 *
35 * @author Xuelei Fan
36 */
37
38 import java.io.*;
39 import java.net.*;
40 import javax.net.ssl.*;
41
42 public class GenericBlockCipher {
43
44 /*
45 * =============================================================
46 * Set the various variables needed for the tests, then
47 * specify what tests to run on each side.
48 */
49
50 /*
51 * Should we run the client or server in a separate thread?
52 * Both sides can throw exceptions, but do you have a preference
53 * as to which side should be the main thread.
54 */
55 static boolean separateServerThread = false;
56
57 /*
58 * Where do we find the keystores?
59 */
60 static String pathToStores = "../etc";
61 static String keyStoreFile = "keystore";
62 static String trustStoreFile = "truststore";
63 static String passwd = "passphrase";
64
65 /*
66 * Is the server ready to serve?
67 */
68 volatile static boolean serverReady = false;
69
70 /*
71 * Turn on SSL debugging?
72 */
73 static boolean debug = false;
74
75 /*
76 * If the client or server is doing some kind of object creation
77 * that the other side depends on, and that thread prematurely
78 * exits, you may experience a hang. The test harness will
79 * terminate all hung threads after its timeout has expired,
80 * currently 3 minutes by default, but you might try to be
81 * smart about it....
82 */
83
84 /*
85 * Define the server side of the test.
86 *
87 * If the server prematurely exits, serverReady will be set to true
88 * to avoid infinite hangs.
89 */
90 void doServerSide() throws Exception {
91 SSLServerSocketFactory sslssf =
92 (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
93 SSLServerSocket sslServerSocket =
94 (SSLServerSocket) sslssf.createServerSocket(serverPort);
95
96 serverPort = sslServerSocket.getLocalPort();
97
98 /*
99 * Signal Client, we're ready for his connect.
100 */
101 serverReady = true;
102
103 SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();
104 InputStream sslIS = sslSocket.getInputStream();
105 OutputStream sslOS = sslSocket.getOutputStream();
106
107 sslIS.read();
108 sslOS.write('A');
109 sslOS.flush();
110
111 sslSocket.close();
112 }
113
114 /*
115 * Define the client side of the test.
116 *
117 * If the server prematurely exits, serverReady will be set to true
118 * to avoid infinite hangs.
119 */
120 void doClientSide() throws Exception {
121
122 /*
123 * Wait for server to get started.
124 */
125 while (!serverReady) {
126 Thread.sleep(50);
127 }
128
129 SSLSocketFactory sslsf =
130 (SSLSocketFactory) SSLSocketFactory.getDefault();
131 SSLSocket sslSocket = (SSLSocket)
132 sslsf.createSocket("localhost", serverPort);
133
134 // enable TLSv1.1 only
135 sslSocket.setEnabledProtocols(new String[] {"TLSv1.1"});
136
137 // enable a block cipher
138 sslSocket.setEnabledCipherSuites(
139 new String[] {"TLS_RSA_WITH_AES_128_CBC_SHA"});
140
141 InputStream sslIS = sslSocket.getInputStream();
142 OutputStream sslOS = sslSocket.getOutputStream();
143
144 sslOS.write('B');
145 sslOS.flush();
146 sslIS.read();
147
148 sslSocket.close();
149 }
150
151 /*
152 * =============================================================
153 * The remainder is just support stuff
154 */
155
156 // use any free port by default
157 volatile int serverPort = 0;
158
159 volatile Exception serverException = null;
160 volatile Exception clientException = null;
161
162 public static void main(String[] args) throws Exception {
163 String keyFilename =
164 System.getProperty("test.src", ".") + "/" + pathToStores +
165 "/" + keyStoreFile;
166 String trustFilename =
167 System.getProperty("test.src", ".") + "/" + pathToStores +
168 "/" + trustStoreFile;
169
170 System.setProperty("javax.net.ssl.keyStore", keyFilename);
171 System.setProperty("javax.net.ssl.keyStorePassword", passwd);
172 System.setProperty("javax.net.ssl.trustStore", trustFilename);
173 System.setProperty("javax.net.ssl.trustStorePassword", passwd);
174
175 if (debug)
176 System.setProperty("javax.net.debug", "all");
177
178 /*
179 * Start the tests.
180 */
181 new GenericBlockCipher();
182 }
183
184 Thread clientThread = null;
185 Thread serverThread = null;
186
187 /*
188 * Primary constructor, used to drive remainder of the test.
189 *
190 * Fork off the other side, then do your work.
191 */
192 GenericBlockCipher() throws Exception {
193 try {
194 if (separateServerThread) {
195 startServer(true);
196 startClient(false);
197 } else {
198 startClient(true);
199 startServer(false);
200 }
201 } catch (Exception e) {
202 // swallow for now. Show later
203 }
204
205 /*
206 * Wait for other side to close down.
207 */
208 if (separateServerThread) {
209 serverThread.join();
210 } else {
211 clientThread.join();
212 }
213
214 /*
215 * When we get here, the test is pretty much over.
216 * Which side threw the error?
217 */
218 Exception local;
219 Exception remote;
220 String whichRemote;
221
222 if (separateServerThread) {
223 remote = serverException;
224 local = clientException;
225 whichRemote = "server";
226 } else {
227 remote = clientException;
228 local = serverException;
229 whichRemote = "client";
230 }
231
232 /*
233 * If both failed, return the curthread's exception, but also
234 * print the remote side Exception
235 */
236 if ((local != null) && (remote != null)) {
237 System.out.println(whichRemote + " also threw:");
238 remote.printStackTrace();
239 System.out.println();
240 throw local;
241 }
242
243 if (remote != null) {
244 throw remote;
245 }
246
247 if (local != null) {
248 throw local;
249 }
250 }
251
252 void startServer(boolean newThread) throws Exception {
253 if (newThread) {
254 serverThread = new Thread() {
255 public void run() {
256 try {
257 doServerSide();
258 } catch (Exception e) {
259 /*
260 * Our server thread just died.
261 *
262 * Release the client, if not active already...
263 */
264 System.err.println("Server died...");
265 serverReady = true;
266 serverException = e;
267 }
268 }
269 };
270 serverThread.start();
271 } else {
272 try {
273 doServerSide();
274 } catch (Exception e) {
275 serverException = e;
276 } finally {
277 serverReady = true;
278 }
279 }
280 }
281
282 void startClient(boolean newThread) throws Exception {
283 if (newThread) {
284 clientThread = new Thread() {
285 public void run() {
286 try {
287 doClientSide();
288 } catch (Exception e) {
289 /*
290 * Our client thread just died.
291 */
292 System.err.println("Client died...");
293 clientException = e;
294 }
295 }
296 };
297 clientThread.start();
298 } else {
299 try {
300 doClientSide();
301 } catch (Exception e) {
302 clientException = e;
303 }
304 }
305 }
306 }