< prev index next >
test/javax/net/ssl/sanity/ciphersuites/CipherSuitesInOrder.java
Print this page
rev 14340 : 8234728: Some security tests should support TLSv1.3
Summary: Tests were updated to support TLSv1.3 and cipher suite order
Reviewed-by: xuelei
*** 1,7 ****
/*
! * Copyright (c) 2012, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
--- 1,7 ----
/*
! * Copyright (c) 2012, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*** 26,50 ****
// system properties in samevm/agentvm mode.
//
/*
* @test
! * @bug 7174244
! * @summary NPE in Krb5ProxyImpl.getServerKeys()
! * @ignore the dependent implementation details are changed
* @run main/othervm CipherSuitesInOrder
*/
import java.util.*;
import javax.net.ssl.*;
- import java.security.Security;
public class CipherSuitesInOrder {
! // supported ciphersuites
! private final static List<String> supportedCipherSuites =
! Arrays.<String>asList(
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
--- 26,50 ----
// system properties in samevm/agentvm mode.
//
/*
* @test
! * @bug 7174244 8234728
! * @summary Test for ciphersuites order
* @run main/othervm CipherSuitesInOrder
*/
import java.util.*;
import javax.net.ssl.*;
public class CipherSuitesInOrder {
! // Supported ciphersuites
! private final static List<String> supportedCipherSuites
! = Arrays.<String>asList(
! "TLS_AES_128_GCM_SHA256",
! "TLS_AES_256_GCM_SHA384",
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
*** 150,172 ****
"TLS_KRB5_EXPORT_WITH_RC4_40_SHA",
"TLS_KRB5_EXPORT_WITH_RC4_40_MD5"
);
private final static String[] protocols = {
! "", "SSL", "TLS", "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2"
};
public static void main(String[] args) throws Exception {
// show all of the supported cipher suites
showSuites(supportedCipherSuites.toArray(new String[0]),
"All supported cipher suites");
for (String protocol : protocols) {
System.out.println("//");
! System.out.println("// " +
! "Testing for SSLContext of " + protocol);
System.out.println("//");
checkForProtocols(protocol);
}
}
--- 150,172 ----
"TLS_KRB5_EXPORT_WITH_RC4_40_SHA",
"TLS_KRB5_EXPORT_WITH_RC4_40_MD5"
);
private final static String[] protocols = {
! "", "SSL", "TLS", "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"
};
public static void main(String[] args) throws Exception {
// show all of the supported cipher suites
showSuites(supportedCipherSuites.toArray(new String[0]),
"All supported cipher suites");
for (String protocol : protocols) {
System.out.println("//");
! System.out.println("// "
! + "Testing for SSLContext of " + protocol);
System.out.println("//");
checkForProtocols(protocol);
}
}
*** 187,197 ****
// check the order of supported cipher suites of SSLContext
parameters = context.getSupportedSSLParameters();
checkSuites(parameters.getCipherSuites(),
"Supported cipher suites in SSLContext");
-
//
// Check the cipher suites order of SSLEngine
//
SSLEngine engine = context.createSSLEngine();
--- 187,196 ----
*** 207,217 ****
//
// Check the cipher suites order of SSLSocket
//
SSLSocketFactory factory = context.getSocketFactory();
! try (SSLSocket socket = (SSLSocket)factory.createSocket()) {
// check the order of endabled cipher suites
ciphers = socket.getEnabledCipherSuites();
checkSuites(ciphers,
"Enabled cipher suites in SSLSocket");
--- 206,216 ----
//
// Check the cipher suites order of SSLSocket
//
SSLSocketFactory factory = context.getSocketFactory();
! try (SSLSocket socket = (SSLSocket) factory.createSocket()) {
// check the order of endabled cipher suites
ciphers = socket.getEnabledCipherSuites();
checkSuites(ciphers,
"Enabled cipher suites in SSLSocket");
*** 224,235 ****
//
// Check the cipher suites order of SSLServerSocket
//
SSLServerSocketFactory serverFactory = context.getServerSocketFactory();
! try (SSLServerSocket serverSocket =
! (SSLServerSocket)serverFactory.createServerSocket()) {
// check the order of endabled cipher suites
ciphers = serverSocket.getEnabledCipherSuites();
checkSuites(ciphers,
"Enabled cipher suites in SSLServerSocket");
--- 223,234 ----
//
// Check the cipher suites order of SSLServerSocket
//
SSLServerSocketFactory serverFactory = context.getServerSocketFactory();
! try (SSLServerSocket serverSocket
! = (SSLServerSocket) serverFactory.createServerSocket()) {
// check the order of endabled cipher suites
ciphers = serverSocket.getEnabledCipherSuites();
checkSuites(ciphers,
"Enabled cipher suites in SSLServerSocket");
*** 248,258 ****
for (String suite : suites) {
index = supportedCipherSuites.indexOf(suite);
if (index <= loc) {
throw new RuntimeException(suite + " is not in order");
}
-
loc = index;
}
}
private static void showSuites(String[] suites, String title) {
--- 247,256 ----
< prev index next >