1 /*
   2  * Copyright (c) 2011, 2016, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 
  24 //
  25 // SunJSSE does not support dynamic system properties, no way to re-use
  26 // system properties in samevm/agentvm mode.
  27 //
  28 
  29 /*
  30  * @test
  31  * @bug 7031830
  32  * @summary bad_record_mac failure on TLSv1.2 enabled connection with SSLEngine

  33  * @run main/othervm SSLEngineBadBufferArrayAccess
  34  */
  35 
  36 /**
  37  * A SSLSocket/SSLEngine interop test case.  This is not the way to
  38  * code SSLEngine-based servers, but works for what we need to do here,
  39  * which is to make sure that SSLEngine/SSLSockets can talk to each other.
  40  * SSLEngines can use direct or indirect buffers, and different code
  41  * is used to get at the buffer contents internally, so we test that here.
  42  *
  43  * The test creates one SSLSocket (client) and one SSLEngine (server).
  44  * The SSLSocket talks to a raw ServerSocket, and the server code
  45  * does the translation between byte [] and ByteBuffers that the SSLEngine
  46  * can use.  The "transport" layer consists of a Socket Input/OutputStream
  47  * and two byte buffers for the SSLEngines:  think of them
  48  * as directly connected pipes.
  49  *
  50  * Again, this is a *very* simple example: real code will be much more
  51  * involved.  For example, different threading and I/O models could be
  52  * used, transport mechanisms could close unexpectedly, and so on.

 140      */
 141     private static final CountDownLatch serverCondition = new CountDownLatch(1);
 142 
 143     /*
 144      * Is the client ready to handshake?
 145      */
 146     private static final CountDownLatch clientCondition = new CountDownLatch(1);
 147 
 148     /*
 149      * What's the server port?  Use any free port by default
 150      */
 151     private volatile int serverPort = 0;
 152 
 153     /*
 154      * Main entry point for this test.
 155      */
 156     public static void main(String args[]) throws Exception {
 157         if (debug) {
 158             System.setProperty("javax.net.debug", "all");
 159         }



 160 
 161         String [] protocols = new String [] {
 162             "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2" };
 163 
 164         for (String protocol : protocols) {
 165             /*
 166              * Run the tests with direct and indirect buffers.
 167              */
 168             log("Testing " + protocol + ":true");
 169             new SSLEngineBadBufferArrayAccess(protocol).runTest(true);
 170 
 171             log("Testing " + protocol + ":false");
 172             new SSLEngineBadBufferArrayAccess(protocol).runTest(false);
 173         }
 174 
 175         System.out.println("Test Passed.");
 176     }
 177 
 178     /*
 179      * Create an initialized SSLContext to use for these tests.

   1 /*
   2  * Copyright (c) 2011, 2020, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 
  24 //
  25 // SunJSSE does not support dynamic system properties, no way to re-use
  26 // system properties in samevm/agentvm mode.
  27 //
  28 
  29 /*
  30  * @test
  31  * @bug 7031830
  32  * @summary bad_record_mac failure on TLSv1.2 enabled connection with SSLEngine
  33  * @library /lib/security
  34  * @run main/othervm SSLEngineBadBufferArrayAccess
  35  */
  36 
  37 /**
  38  * A SSLSocket/SSLEngine interop test case.  This is not the way to
  39  * code SSLEngine-based servers, but works for what we need to do here,
  40  * which is to make sure that SSLEngine/SSLSockets can talk to each other.
  41  * SSLEngines can use direct or indirect buffers, and different code
  42  * is used to get at the buffer contents internally, so we test that here.
  43  *
  44  * The test creates one SSLSocket (client) and one SSLEngine (server).
  45  * The SSLSocket talks to a raw ServerSocket, and the server code
  46  * does the translation between byte [] and ByteBuffers that the SSLEngine
  47  * can use.  The "transport" layer consists of a Socket Input/OutputStream
  48  * and two byte buffers for the SSLEngines:  think of them
  49  * as directly connected pipes.
  50  *
  51  * Again, this is a *very* simple example: real code will be much more
  52  * involved.  For example, different threading and I/O models could be
  53  * used, transport mechanisms could close unexpectedly, and so on.

 141      */
 142     private static final CountDownLatch serverCondition = new CountDownLatch(1);
 143 
 144     /*
 145      * Is the client ready to handshake?
 146      */
 147     private static final CountDownLatch clientCondition = new CountDownLatch(1);
 148 
 149     /*
 150      * What's the server port?  Use any free port by default
 151      */
 152     private volatile int serverPort = 0;
 153 
 154     /*
 155      * Main entry point for this test.
 156      */
 157     public static void main(String args[]) throws Exception {
 158         if (debug) {
 159             System.setProperty("javax.net.debug", "all");
 160         }
 161 
 162         // Re-enable TLSv1 and TLSv1.1 since test depends on them.
 163         SecurityUtils.removeFromDisabledTlsAlgs("TLSv1", "TLSv1.1");
 164 
 165         String [] protocols = new String [] {
 166             "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2" };
 167 
 168         for (String protocol : protocols) {
 169             /*
 170              * Run the tests with direct and indirect buffers.
 171              */
 172             log("Testing " + protocol + ":true");
 173             new SSLEngineBadBufferArrayAccess(protocol).runTest(true);
 174 
 175             log("Testing " + protocol + ":false");
 176             new SSLEngineBadBufferArrayAccess(protocol).runTest(false);
 177         }
 178 
 179         System.out.println("Test Passed.");
 180     }
 181 
 182     /*
 183      * Create an initialized SSLContext to use for these tests.