1 /*
2 * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23 import java.util.Arrays;
24 import javax.net.ssl.SSLServerSocket;
25 import javax.net.ssl.SSLSocket;
26
27 /*
28 * @test
29 * @bug 8234728
30 * @library /javax/net/ssl/templates
31 * /javax/net/ssl/TLSCommon
32 * @summary Test TLS ciphersuites order.
33 * Parameter order: <protocol> <client cipher order> <server cipher order>
34 * @run main/othervm TLSCipherSuitesOrder TLSv13 ORDERED default
35 * @run main/othervm TLSCipherSuitesOrder TLSv13 UNORDERED default
36 * @run main/othervm TLSCipherSuitesOrder TLSv13 UNORDERED UNORDERED
37 * @run main/othervm TLSCipherSuitesOrder TLSv13 ORDERED ORDERED
38 * @run main/othervm TLSCipherSuitesOrder TLSv12 ORDERED default
39 * @run main/othervm TLSCipherSuitesOrder TLSv12 UNORDERED default
40 * @run main/othervm TLSCipherSuitesOrder TLSv12 UNORDERED UNORDERED
41 * @run main/othervm TLSCipherSuitesOrder TLSv12 ORDERED ORDERED
42 * @run main/othervm TLSCipherSuitesOrder TLSv11 ORDERED default
43 * @run main/othervm TLSCipherSuitesOrder TLSv11 UNORDERED default
44 * @run main/othervm TLSCipherSuitesOrder TLSv11 UNORDERED UNORDERED
45 * @run main/othervm TLSCipherSuitesOrder TLSv11 ORDERED ORDERED
46 * @run main/othervm TLSCipherSuitesOrder TLSv1 ORDERED default
47 * @run main/othervm TLSCipherSuitesOrder TLSv1 UNORDERED default
48 * @run main/othervm TLSCipherSuitesOrder TLSv1 UNORDERED UNORDERED
49 * @run main/othervm TLSCipherSuitesOrder TLSv1 ORDERED ORDERED
50 */
51 public class TLSCipherSuitesOrder extends SSLSocketTemplate {
52
53 private final String protocol;
54 private final String[] servercipherSuites;
55 private final String[] clientcipherSuites;
56
57 public static void main(String[] args) {
58 PROTOCOL protocol = PROTOCOL.valueOf(args[0]);
59 try {
60 new TLSCipherSuitesOrder(protocol.getProtocol(),
61 protocol.getCipherSuite(args[1]),
62 protocol.getCipherSuite(args[2])).run();
63 } catch (Exception e) {
64 throw new RuntimeException(e);
65 }
66 }
67
68 private TLSCipherSuitesOrder(String protocol, String[] clientcipherSuites,
69 String[] servercipherSuites) {
70 this.protocol = protocol;
71 this.clientcipherSuites = clientcipherSuites;
72 this.servercipherSuites = servercipherSuites;
73 }
74
75 // Servers are configured before clients, increment test case after.
76 @Override
77 protected void configureClientSocket(SSLSocket socket) {
78 socket.setEnabledProtocols(new String[]{protocol});
79 if (clientcipherSuites != null) {
80 socket.setEnabledCipherSuites(clientcipherSuites);
81 }
82 }
83
84 @Override
85 protected void configureServerSocket(SSLServerSocket serverSocket) {
86 serverSocket.setEnabledProtocols(new String[]{protocol});
87 if (servercipherSuites != null) {
88 serverSocket.setEnabledCipherSuites(servercipherSuites);
89 }
90 }
91
92 protected void runServerApplication(SSLSocket socket) throws Exception {
93 if (servercipherSuites != null) {
94 System.out.printf("SERVER: setEnabledCipherSuites:%s - "
95 + "getEnabledCipherSuites:%s%n",
96 Arrays.deepToString(servercipherSuites),
97 Arrays.deepToString(socket.getEnabledCipherSuites()));
98 }
99 if (servercipherSuites != null && !Arrays.equals(servercipherSuites,
100 socket.getEnabledCipherSuites())) {
101 throw new RuntimeException("Unmatched server side CipherSuite order");
102 }
103 super.runServerApplication(socket);
104 }
105
106 protected void runClientApplication(SSLSocket socket) throws Exception {
107 if (clientcipherSuites != null) {
108 System.out.printf("CLIENT: setEnabledCipherSuites:%s - "
109 + "getEnabledCipherSuites:%s%n",
110 Arrays.deepToString(clientcipherSuites),
111 Arrays.deepToString(socket.getEnabledCipherSuites()));
112 }
113 if (clientcipherSuites != null && !Arrays.equals(
114 clientcipherSuites, socket.getEnabledCipherSuites())) {
115 throw new RuntimeException("Unmatched client side CipherSuite order");
116 }
117 super.runClientApplication(socket);
118 }
119
120 enum PROTOCOL {
121 TLSv13("TLSv1.3",
122 new String[]{
123 "TLS_AES_256_GCM_SHA384",
124 "TLS_AES_128_GCM_SHA256"},
125 new String[]{
126 "TLS_AES_128_GCM_SHA256",
127 "TLS_AES_256_GCM_SHA384"}),
128 TLSv12("TLSv1.2",
129 new String[]{
130 "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
131 "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"},
132 new String[]{
133 "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
134 "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"}),
135 TLSv11("TLSv1.1",
136 new String[]{
137 "TLS_RSA_WITH_AES_256_CBC_SHA",
138 "TLS_RSA_WITH_AES_128_CBC_SHA"},
139 new String[]{
140 "TLS_RSA_WITH_AES_128_CBC_SHA",
141 "TLS_RSA_WITH_AES_256_CBC_SHA"}),
142 TLSv1("TLSv1",
143 new String[]{
144 "TLS_RSA_WITH_AES_256_CBC_SHA",
145 "TLS_RSA_WITH_AES_128_CBC_SHA"},
146 new String[]{
147 "TLS_RSA_WITH_AES_128_CBC_SHA",
148 "TLS_RSA_WITH_AES_256_CBC_SHA"});
149
150 String protocol;
151 String[] orderedCiphers;
152 String[] unOrderedCiphers;
153
154 private PROTOCOL(String protocol, String[] orderedCiphers,
155 String[] unOrderedCiphers) {
156 this.protocol = protocol;
157 this.orderedCiphers = orderedCiphers;
158 this.unOrderedCiphers = unOrderedCiphers;
159 }
160
161 public String getProtocol() {
162 return protocol;
163 }
164
165 public String[] getOrderedCiphers() {
166 return orderedCiphers;
167 }
168
169 public String[] getUnOrderedCiphers() {
170 return unOrderedCiphers;
171 }
172
173 public String[] getCipherSuite(String order) {
174 switch (order) {
175 case "ORDERED":
176 return getOrderedCiphers();
177 case "UNORDERED":
178 return getUnOrderedCiphers();
179 default:
180 return null;
181 }
182 }
183 }
184 }