1 /* 2 * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 /* 27 * @test 28 * @bug 4873188 29 * @summary Support TLS 1.1 30 * @run main/othervm GenericBlockCipher 31 * 32 * SunJSSE does not support dynamic system properties, no way to re-use 33 * system properties in samevm/agentvm mode. 34 * 35 * @author Xuelei Fan 36 */ 37 38 import java.io.*; 39 import java.net.*; 40 import javax.net.ssl.*; 41 42 public class GenericBlockCipher { 43 44 /* 45 * ============================================================= 46 * Set the various variables needed for the tests, then 47 * specify what tests to run on each side. 48 */ 49 50 /* 51 * Should we run the client or server in a separate thread? 52 * Both sides can throw exceptions, but do you have a preference 53 * as to which side should be the main thread. 54 */ 55 static boolean separateServerThread = false; 56 57 /* 58 * Where do we find the keystores? 59 */ 60 static String pathToStores = "../etc"; 61 static String keyStoreFile = "keystore"; 62 static String trustStoreFile = "truststore"; 63 static String passwd = "passphrase"; 64 65 /* 66 * Is the server ready to serve? 67 */ 68 volatile static boolean serverReady = false; 69 70 /* 71 * Turn on SSL debugging? 72 */ 73 static boolean debug = false; 74 75 /* 76 * If the client or server is doing some kind of object creation 77 * that the other side depends on, and that thread prematurely 78 * exits, you may experience a hang. The test harness will 79 * terminate all hung threads after its timeout has expired, 80 * currently 3 minutes by default, but you might try to be 81 * smart about it.... 82 */ 83 84 /* 85 * Define the server side of the test. 86 * 87 * If the server prematurely exits, serverReady will be set to true 88 * to avoid infinite hangs. 89 */ 90 void doServerSide() throws Exception { 91 SSLServerSocketFactory sslssf = 92 (SSLServerSocketFactory) SSLServerSocketFactory.getDefault(); 93 SSLServerSocket sslServerSocket = 94 (SSLServerSocket) sslssf.createServerSocket(serverPort); 95 96 serverPort = sslServerSocket.getLocalPort(); 97 98 /* 99 * Signal Client, we're ready for his connect. 100 */ 101 serverReady = true; 102 103 SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept(); 104 InputStream sslIS = sslSocket.getInputStream(); 105 OutputStream sslOS = sslSocket.getOutputStream(); 106 107 sslIS.read(); 108 sslOS.write('A'); 109 sslOS.flush(); 110 111 sslSocket.close(); 112 } 113 114 /* 115 * Define the client side of the test. 116 * 117 * If the server prematurely exits, serverReady will be set to true 118 * to avoid infinite hangs. 119 */ 120 void doClientSide() throws Exception { 121 122 /* 123 * Wait for server to get started. 124 */ 125 while (!serverReady) { 126 Thread.sleep(50); 127 } 128 129 SSLSocketFactory sslsf = 130 (SSLSocketFactory) SSLSocketFactory.getDefault(); 131 SSLSocket sslSocket = (SSLSocket) 132 sslsf.createSocket("localhost", serverPort); 133 134 // enable TLSv1.1 only 135 sslSocket.setEnabledProtocols(new String[] {"TLSv1.1"}); 136 137 // enable a block cipher 138 sslSocket.setEnabledCipherSuites( 139 new String[] {"TLS_RSA_WITH_AES_128_CBC_SHA"}); 140 141 InputStream sslIS = sslSocket.getInputStream(); 142 OutputStream sslOS = sslSocket.getOutputStream(); 143 144 sslOS.write('B'); 145 sslOS.flush(); 146 sslIS.read(); 147 148 sslSocket.close(); 149 } 150 151 /* 152 * ============================================================= 153 * The remainder is just support stuff 154 */ 155 156 // use any free port by default 157 volatile int serverPort = 0; 158 159 volatile Exception serverException = null; 160 volatile Exception clientException = null; 161 162 public static void main(String[] args) throws Exception { 163 String keyFilename = 164 System.getProperty("test.src", ".") + "/" + pathToStores + 165 "/" + keyStoreFile; 166 String trustFilename = 167 System.getProperty("test.src", ".") + "/" + pathToStores + 168 "/" + trustStoreFile; 169 170 System.setProperty("javax.net.ssl.keyStore", keyFilename); 171 System.setProperty("javax.net.ssl.keyStorePassword", passwd); 172 System.setProperty("javax.net.ssl.trustStore", trustFilename); 173 System.setProperty("javax.net.ssl.trustStorePassword", passwd); 174 175 if (debug) 176 System.setProperty("javax.net.debug", "all"); 177 178 /* 179 * Start the tests. 180 */ 181 new GenericBlockCipher(); 182 } 183 184 Thread clientThread = null; 185 Thread serverThread = null; 186 187 /* 188 * Primary constructor, used to drive remainder of the test. 189 * 190 * Fork off the other side, then do your work. 191 */ 192 GenericBlockCipher() throws Exception { 193 try { 194 if (separateServerThread) { 195 startServer(true); 196 startClient(false); 197 } else { 198 startClient(true); 199 startServer(false); 200 } 201 } catch (Exception e) { 202 // swallow for now. Show later 203 } 204 205 /* 206 * Wait for other side to close down. 207 */ 208 if (separateServerThread) { 209 serverThread.join(); 210 } else { 211 clientThread.join(); 212 } 213 214 /* 215 * When we get here, the test is pretty much over. 216 * Which side threw the error? 217 */ 218 Exception local; 219 Exception remote; 220 String whichRemote; 221 222 if (separateServerThread) { 223 remote = serverException; 224 local = clientException; 225 whichRemote = "server"; 226 } else { 227 remote = clientException; 228 local = serverException; 229 whichRemote = "client"; 230 } 231 232 /* 233 * If both failed, return the curthread's exception, but also 234 * print the remote side Exception 235 */ 236 if ((local != null) && (remote != null)) { 237 System.out.println(whichRemote + " also threw:"); 238 remote.printStackTrace(); 239 System.out.println(); 240 throw local; 241 } 242 243 if (remote != null) { 244 throw remote; 245 } 246 247 if (local != null) { 248 throw local; 249 } 250 } 251 252 void startServer(boolean newThread) throws Exception { 253 if (newThread) { 254 serverThread = new Thread() { 255 public void run() { 256 try { 257 doServerSide(); 258 } catch (Exception e) { 259 /* 260 * Our server thread just died. 261 * 262 * Release the client, if not active already... 263 */ 264 System.err.println("Server died..."); 265 serverReady = true; 266 serverException = e; 267 } 268 } 269 }; 270 serverThread.start(); 271 } else { 272 try { 273 doServerSide(); 274 } catch (Exception e) { 275 serverException = e; 276 } finally { 277 serverReady = true; 278 } 279 } 280 } 281 282 void startClient(boolean newThread) throws Exception { 283 if (newThread) { 284 clientThread = new Thread() { 285 public void run() { 286 try { 287 doClientSide(); 288 } catch (Exception e) { 289 /* 290 * Our client thread just died. 291 */ 292 System.err.println("Client died..."); 293 clientException = e; 294 } 295 } 296 }; 297 clientThread.start(); 298 } else { 299 try { 300 doClientSide(); 301 } catch (Exception e) { 302 clientException = e; 303 } 304 } 305 } 306 }