1 /* 2 * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 import java.util.Arrays; 24 import javax.net.ssl.SSLServerSocket; 25 import javax.net.ssl.SSLSocket; 26 27 /* 28 * @test 29 * @bug 8234728 30 * @library /javax/net/ssl/templates 31 * /javax/net/ssl/TLSCommon 32 * @summary Test TLS ciphersuites order. 33 * Parameter order: <protocol> <client cipher order> <server cipher order> 34 * @run main/othervm TLSCipherSuitesOrder TLSv13 ORDERED default 35 * @run main/othervm TLSCipherSuitesOrder TLSv13 UNORDERED default 36 * @run main/othervm TLSCipherSuitesOrder TLSv13 UNORDERED UNORDERED 37 * @run main/othervm TLSCipherSuitesOrder TLSv13 ORDERED ORDERED 38 * @run main/othervm TLSCipherSuitesOrder TLSv12 ORDERED default 39 * @run main/othervm TLSCipherSuitesOrder TLSv12 UNORDERED default 40 * @run main/othervm TLSCipherSuitesOrder TLSv12 UNORDERED UNORDERED 41 * @run main/othervm TLSCipherSuitesOrder TLSv12 ORDERED ORDERED 42 * @run main/othervm TLSCipherSuitesOrder TLSv11 ORDERED default 43 * @run main/othervm TLSCipherSuitesOrder TLSv11 UNORDERED default 44 * @run main/othervm TLSCipherSuitesOrder TLSv11 UNORDERED UNORDERED 45 * @run main/othervm TLSCipherSuitesOrder TLSv11 ORDERED ORDERED 46 * @run main/othervm TLSCipherSuitesOrder TLSv1 ORDERED default 47 * @run main/othervm TLSCipherSuitesOrder TLSv1 UNORDERED default 48 * @run main/othervm TLSCipherSuitesOrder TLSv1 UNORDERED UNORDERED 49 * @run main/othervm TLSCipherSuitesOrder TLSv1 ORDERED ORDERED 50 */ 51 public class TLSCipherSuitesOrder extends SSLSocketTemplate { 52 53 private final String protocol; 54 private final String[] servercipherSuites; 55 private final String[] clientcipherSuites; 56 57 public static void main(String[] args) { 58 PROTOCOL protocol = PROTOCOL.valueOf(args[0]); 59 try { 60 new TLSCipherSuitesOrder(protocol.getProtocol(), 61 protocol.getCipherSuite(args[1]), 62 protocol.getCipherSuite(args[2])).run(); 63 } catch (Exception e) { 64 throw new RuntimeException(e); 65 } 66 } 67 68 private TLSCipherSuitesOrder(String protocol, String[] clientcipherSuites, 69 String[] servercipherSuites) { 70 this.protocol = protocol; 71 this.clientcipherSuites = clientcipherSuites; 72 this.servercipherSuites = servercipherSuites; 73 } 74 75 // Servers are configured before clients, increment test case after. 76 @Override 77 protected void configureClientSocket(SSLSocket socket) { 78 socket.setEnabledProtocols(new String[]{protocol}); 79 if (clientcipherSuites != null) { 80 socket.setEnabledCipherSuites(clientcipherSuites); 81 } 82 } 83 84 @Override 85 protected void configureServerSocket(SSLServerSocket serverSocket) { 86 serverSocket.setEnabledProtocols(new String[]{protocol}); 87 if (servercipherSuites != null) { 88 serverSocket.setEnabledCipherSuites(servercipherSuites); 89 } 90 } 91 92 protected void runServerApplication(SSLSocket socket) throws Exception { 93 if (servercipherSuites != null) { 94 System.out.printf("SERVER: setEnabledCipherSuites:%s - " 95 + "getEnabledCipherSuites:%s%n", 96 Arrays.deepToString(servercipherSuites), 97 Arrays.deepToString(socket.getEnabledCipherSuites())); 98 } 99 if (servercipherSuites != null && !Arrays.equals(servercipherSuites, 100 socket.getEnabledCipherSuites())) { 101 throw new RuntimeException("Unmatched server side CipherSuite order"); 102 } 103 super.runServerApplication(socket); 104 } 105 106 protected void runClientApplication(SSLSocket socket) throws Exception { 107 if (clientcipherSuites != null) { 108 System.out.printf("CLIENT: setEnabledCipherSuites:%s - " 109 + "getEnabledCipherSuites:%s%n", 110 Arrays.deepToString(clientcipherSuites), 111 Arrays.deepToString(socket.getEnabledCipherSuites())); 112 } 113 if (clientcipherSuites != null && !Arrays.equals( 114 clientcipherSuites, socket.getEnabledCipherSuites())) { 115 throw new RuntimeException("Unmatched client side CipherSuite order"); 116 } 117 super.runClientApplication(socket); 118 } 119 120 enum PROTOCOL { 121 TLSv13("TLSv1.3", 122 new String[]{ 123 "TLS_AES_256_GCM_SHA384", 124 "TLS_AES_128_GCM_SHA256"}, 125 new String[]{ 126 "TLS_AES_128_GCM_SHA256", 127 "TLS_AES_256_GCM_SHA384"}), 128 TLSv12("TLSv1.2", 129 new String[]{ 130 "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", 131 "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"}, 132 new String[]{ 133 "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", 134 "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"}), 135 TLSv11("TLSv1.1", 136 new String[]{ 137 "TLS_RSA_WITH_AES_256_CBC_SHA", 138 "TLS_RSA_WITH_AES_128_CBC_SHA"}, 139 new String[]{ 140 "TLS_RSA_WITH_AES_128_CBC_SHA", 141 "TLS_RSA_WITH_AES_256_CBC_SHA"}), 142 TLSv1("TLSv1", 143 new String[]{ 144 "TLS_RSA_WITH_AES_256_CBC_SHA", 145 "TLS_RSA_WITH_AES_128_CBC_SHA"}, 146 new String[]{ 147 "TLS_RSA_WITH_AES_128_CBC_SHA", 148 "TLS_RSA_WITH_AES_256_CBC_SHA"}); 149 150 String protocol; 151 String[] orderedCiphers; 152 String[] unOrderedCiphers; 153 154 private PROTOCOL(String protocol, String[] orderedCiphers, 155 String[] unOrderedCiphers) { 156 this.protocol = protocol; 157 this.orderedCiphers = orderedCiphers; 158 this.unOrderedCiphers = unOrderedCiphers; 159 } 160 161 public String getProtocol() { 162 return protocol; 163 } 164 165 public String[] getOrderedCiphers() { 166 return orderedCiphers; 167 } 168 169 public String[] getUnOrderedCiphers() { 170 return unOrderedCiphers; 171 } 172 173 public String[] getCipherSuite(String order) { 174 switch (order) { 175 case "ORDERED": 176 return getOrderedCiphers(); 177 case "UNORDERED": 178 return getUnOrderedCiphers(); 179 default: 180 return null; 181 } 182 } 183 } 184 }