< prev index next >

test/javax/net/ssl/sanity/ciphersuites/SystemPropCipherSuitesOrder.java

Print this page
rev 14346 : 8202343: Disable TLS 1.0 and 1.1
Reviewed-by: xuelei, dfuchs, coffeys, sgehwolf
   1 /*
   2  * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 import java.util.Arrays;
  24 import javax.net.ssl.SSLServerSocket;
  25 import javax.net.ssl.SSLSocket;
  26 
  27 /*
  28  * @test
  29  * @bug 8234728
  30  * @library /javax/net/ssl/templates
  31  *          /javax/net/ssl/TLSCommon

  32  * @summary Test TLS ciphersuites order set through System properties
  33  * @run main/othervm
  34  *      -Djdk.tls.client.cipherSuites=TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384
  35  *      -Djdk.tls.server.cipherSuites=TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256
  36  *      -Djdk.tls.client.protocols="TLSv1.3,TLSv1.2,TLSv1.1,TLSv1,SSLv3"
  37  *      SystemPropCipherSuitesOrder TLSv1.3
  38  * @run main/othervm
  39  *      -Djdk.tls.client.cipherSuites=TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384
  40  *      -Djdk.tls.client.protocols="TLSv1.3,TLSv1.2,TLSv1.1,TLSv1,SSLv3"
  41  *      SystemPropCipherSuitesOrder TLSv1.3
  42  * @run main/othervm
  43  *      -Djdk.tls.server.cipherSuites=TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384
  44  *      -Djdk.tls.client.protocols="TLSv1.3,TLSv1.2,TLSv1.1,TLSv1,SSLv3"
  45  *      SystemPropCipherSuitesOrder TLSv1.3
  46  * @run main/othervm
  47  *      -Djdk.tls.client.cipherSuites=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  48  *      -Djdk.tls.server.cipherSuites=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  49  *      SystemPropCipherSuitesOrder TLSv1.2
  50  * @run main/othervm
  51  *      -Djdk.tls.client.cipherSuites=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384


  81     private static String[] clientcipherSuites;
  82 
  83     public static void main(String[] args) {
  84         servercipherSuites
  85                 = toArray(System.getProperty("jdk.tls.server.cipherSuites"));
  86         clientcipherSuites
  87                 = toArray(System.getProperty("jdk.tls.client.cipherSuites"));
  88         System.out.printf("SYSTEM PROPERTIES: ServerProp:%s - ClientProp:%s%n",
  89                 Arrays.deepToString(servercipherSuites),
  90                 Arrays.deepToString(clientcipherSuites));
  91 
  92         try {
  93             new SystemPropCipherSuitesOrder(args[0]).run();
  94         } catch (Exception e) {
  95             throw new RuntimeException(e);
  96         }
  97     }
  98 
  99     private SystemPropCipherSuitesOrder(String protocol) {
 100         this.protocol = protocol;




 101     }
 102 
 103     // Servers are configured before clients, increment test case after.
 104     @Override
 105     protected void configureClientSocket(SSLSocket socket) {
 106         socket.setEnabledProtocols(new String[]{protocol});
 107     }
 108 
 109     @Override
 110     protected void configureServerSocket(SSLServerSocket serverSocket) {
 111         serverSocket.setEnabledProtocols(new String[]{protocol});
 112     }
 113 
 114     protected void runServerApplication(SSLSocket socket) throws Exception {
 115         if (servercipherSuites != null) {
 116             System.out.printf("SERVER: SystemProperty:%s - "
 117                     + "getEnabledCipherSuites:%s%n",
 118                     Arrays.deepToString(servercipherSuites),
 119                     Arrays.deepToString(socket.getEnabledCipherSuites()));
 120         }


   1 /*
   2  * Copyright (c) 2019, 2020, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 import java.util.Arrays;
  24 import javax.net.ssl.SSLServerSocket;
  25 import javax.net.ssl.SSLSocket;
  26 
  27 /*
  28  * @test
  29  * @bug 8234728
  30  * @library /javax/net/ssl/templates
  31  *          /javax/net/ssl/TLSCommon
  32  *          /lib/security
  33  * @summary Test TLS ciphersuites order set through System properties
  34  * @run main/othervm
  35  *      -Djdk.tls.client.cipherSuites=TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384
  36  *      -Djdk.tls.server.cipherSuites=TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256
  37  *      -Djdk.tls.client.protocols="TLSv1.3,TLSv1.2,TLSv1.1,TLSv1,SSLv3"
  38  *      SystemPropCipherSuitesOrder TLSv1.3
  39  * @run main/othervm
  40  *      -Djdk.tls.client.cipherSuites=TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384
  41  *      -Djdk.tls.client.protocols="TLSv1.3,TLSv1.2,TLSv1.1,TLSv1,SSLv3"
  42  *      SystemPropCipherSuitesOrder TLSv1.3
  43  * @run main/othervm
  44  *      -Djdk.tls.server.cipherSuites=TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384
  45  *      -Djdk.tls.client.protocols="TLSv1.3,TLSv1.2,TLSv1.1,TLSv1,SSLv3"
  46  *      SystemPropCipherSuitesOrder TLSv1.3
  47  * @run main/othervm
  48  *      -Djdk.tls.client.cipherSuites=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  49  *      -Djdk.tls.server.cipherSuites=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  50  *      SystemPropCipherSuitesOrder TLSv1.2
  51  * @run main/othervm
  52  *      -Djdk.tls.client.cipherSuites=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384


  82     private static String[] clientcipherSuites;
  83 
  84     public static void main(String[] args) {
  85         servercipherSuites
  86                 = toArray(System.getProperty("jdk.tls.server.cipherSuites"));
  87         clientcipherSuites
  88                 = toArray(System.getProperty("jdk.tls.client.cipherSuites"));
  89         System.out.printf("SYSTEM PROPERTIES: ServerProp:%s - ClientProp:%s%n",
  90                 Arrays.deepToString(servercipherSuites),
  91                 Arrays.deepToString(clientcipherSuites));
  92 
  93         try {
  94             new SystemPropCipherSuitesOrder(args[0]).run();
  95         } catch (Exception e) {
  96             throw new RuntimeException(e);
  97         }
  98     }
  99 
 100     private SystemPropCipherSuitesOrder(String protocol) {
 101         this.protocol = protocol;
 102         // Re-enable protocol if disabled.
 103         if (protocol.equals("TLSv1") || protocol.equals("TLSv1.1")) {
 104             SecurityUtils.removeFromDisabledTlsAlgs(protocol);
 105         }
 106     }
 107 
 108     // Servers are configured before clients, increment test case after.
 109     @Override
 110     protected void configureClientSocket(SSLSocket socket) {
 111         socket.setEnabledProtocols(new String[]{protocol});
 112     }
 113 
 114     @Override
 115     protected void configureServerSocket(SSLServerSocket serverSocket) {
 116         serverSocket.setEnabledProtocols(new String[]{protocol});
 117     }
 118 
 119     protected void runServerApplication(SSLSocket socket) throws Exception {
 120         if (servercipherSuites != null) {
 121             System.out.printf("SERVER: SystemProperty:%s - "
 122                     + "getEnabledCipherSuites:%s%n",
 123                     Arrays.deepToString(servercipherSuites),
 124                     Arrays.deepToString(socket.getEnabledCipherSuites()));
 125         }


< prev index next >