1 /*
2 * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23 import java.util.Arrays;
24 import javax.net.ssl.SSLServerSocket;
25 import javax.net.ssl.SSLSocket;
26
27 /*
28 * @test
29 * @bug 8234728
30 * @library /javax/net/ssl/templates
31 * /javax/net/ssl/TLSCommon
32 * @summary Test TLS ciphersuites order set through System properties
33 * @run main/othervm
34 * -Djdk.tls.client.cipherSuites=TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384
35 * -Djdk.tls.server.cipherSuites=TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256
36 * -Djdk.tls.client.protocols="TLSv1.3,TLSv1.2,TLSv1.1,TLSv1,SSLv3"
37 * SystemPropCipherSuitesOrder TLSv1.3
38 * @run main/othervm
39 * -Djdk.tls.client.cipherSuites=TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384
40 * -Djdk.tls.client.protocols="TLSv1.3,TLSv1.2,TLSv1.1,TLSv1,SSLv3"
41 * SystemPropCipherSuitesOrder TLSv1.3
42 * @run main/othervm
43 * -Djdk.tls.server.cipherSuites=TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384
44 * -Djdk.tls.client.protocols="TLSv1.3,TLSv1.2,TLSv1.1,TLSv1,SSLv3"
45 * SystemPropCipherSuitesOrder TLSv1.3
46 * @run main/othervm
47 * -Djdk.tls.client.cipherSuites=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
48 * -Djdk.tls.server.cipherSuites=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
49 * SystemPropCipherSuitesOrder TLSv1.2
50 * @run main/othervm
51 * -Djdk.tls.client.cipherSuites=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
81 private static String[] clientcipherSuites;
82
83 public static void main(String[] args) {
84 servercipherSuites
85 = toArray(System.getProperty("jdk.tls.server.cipherSuites"));
86 clientcipherSuites
87 = toArray(System.getProperty("jdk.tls.client.cipherSuites"));
88 System.out.printf("SYSTEM PROPERTIES: ServerProp:%s - ClientProp:%s%n",
89 Arrays.deepToString(servercipherSuites),
90 Arrays.deepToString(clientcipherSuites));
91
92 try {
93 new SystemPropCipherSuitesOrder(args[0]).run();
94 } catch (Exception e) {
95 throw new RuntimeException(e);
96 }
97 }
98
99 private SystemPropCipherSuitesOrder(String protocol) {
100 this.protocol = protocol;
101 }
102
103 // Servers are configured before clients, increment test case after.
104 @Override
105 protected void configureClientSocket(SSLSocket socket) {
106 socket.setEnabledProtocols(new String[]{protocol});
107 }
108
109 @Override
110 protected void configureServerSocket(SSLServerSocket serverSocket) {
111 serverSocket.setEnabledProtocols(new String[]{protocol});
112 }
113
114 protected void runServerApplication(SSLSocket socket) throws Exception {
115 if (servercipherSuites != null) {
116 System.out.printf("SERVER: SystemProperty:%s - "
117 + "getEnabledCipherSuites:%s%n",
118 Arrays.deepToString(servercipherSuites),
119 Arrays.deepToString(socket.getEnabledCipherSuites()));
120 }
|
1 /*
2 * Copyright (c) 2019, 2020, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23 import java.util.Arrays;
24 import javax.net.ssl.SSLServerSocket;
25 import javax.net.ssl.SSLSocket;
26
27 /*
28 * @test
29 * @bug 8234728
30 * @library /javax/net/ssl/templates
31 * /javax/net/ssl/TLSCommon
32 * /lib/security
33 * @summary Test TLS ciphersuites order set through System properties
34 * @run main/othervm
35 * -Djdk.tls.client.cipherSuites=TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384
36 * -Djdk.tls.server.cipherSuites=TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256
37 * -Djdk.tls.client.protocols="TLSv1.3,TLSv1.2,TLSv1.1,TLSv1,SSLv3"
38 * SystemPropCipherSuitesOrder TLSv1.3
39 * @run main/othervm
40 * -Djdk.tls.client.cipherSuites=TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384
41 * -Djdk.tls.client.protocols="TLSv1.3,TLSv1.2,TLSv1.1,TLSv1,SSLv3"
42 * SystemPropCipherSuitesOrder TLSv1.3
43 * @run main/othervm
44 * -Djdk.tls.server.cipherSuites=TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384
45 * -Djdk.tls.client.protocols="TLSv1.3,TLSv1.2,TLSv1.1,TLSv1,SSLv3"
46 * SystemPropCipherSuitesOrder TLSv1.3
47 * @run main/othervm
48 * -Djdk.tls.client.cipherSuites=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
49 * -Djdk.tls.server.cipherSuites=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
50 * SystemPropCipherSuitesOrder TLSv1.2
51 * @run main/othervm
52 * -Djdk.tls.client.cipherSuites=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
82 private static String[] clientcipherSuites;
83
84 public static void main(String[] args) {
85 servercipherSuites
86 = toArray(System.getProperty("jdk.tls.server.cipherSuites"));
87 clientcipherSuites
88 = toArray(System.getProperty("jdk.tls.client.cipherSuites"));
89 System.out.printf("SYSTEM PROPERTIES: ServerProp:%s - ClientProp:%s%n",
90 Arrays.deepToString(servercipherSuites),
91 Arrays.deepToString(clientcipherSuites));
92
93 try {
94 new SystemPropCipherSuitesOrder(args[0]).run();
95 } catch (Exception e) {
96 throw new RuntimeException(e);
97 }
98 }
99
100 private SystemPropCipherSuitesOrder(String protocol) {
101 this.protocol = protocol;
102 // Re-enable protocol if disabled.
103 if (protocol.equals("TLSv1") || protocol.equals("TLSv1.1")) {
104 SecurityUtils.removeFromDisabledTlsAlgs(protocol);
105 }
106 }
107
108 // Servers are configured before clients, increment test case after.
109 @Override
110 protected void configureClientSocket(SSLSocket socket) {
111 socket.setEnabledProtocols(new String[]{protocol});
112 }
113
114 @Override
115 protected void configureServerSocket(SSLServerSocket serverSocket) {
116 serverSocket.setEnabledProtocols(new String[]{protocol});
117 }
118
119 protected void runServerApplication(SSLSocket socket) throws Exception {
120 if (servercipherSuites != null) {
121 System.out.printf("SERVER: SystemProperty:%s - "
122 + "getEnabledCipherSuites:%s%n",
123 Arrays.deepToString(servercipherSuites),
124 Arrays.deepToString(socket.getEnabledCipherSuites()));
125 }
|