Old test/javax/net/ssl/DTLS/DTLSIncorrectAppDataTest.java

   1 /*
   2  * Copyright (c) 2015, 2017, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 
  24 /*
  25  * @test
  26  * @bug 8043758
  27  * @summary Testing DTLS incorrect app data packages unwrapping.
  28  * @key randomness
  29  * @library /sun/security/krb5/auto /test/lib /javax/net/ssl/TLSCommon
  30  * @modules java.security.jgss
  31  *          jdk.security.auth
  32  *          java.security.jgss/sun.security.krb5:+open
  33  *          java.security.jgss/sun.security.krb5.internal:+open
  34  *          java.security.jgss/sun.security.krb5.internal.ccache
  35  *          java.security.jgss/sun.security.krb5.internal.crypto
  36  *          java.security.jgss/sun.security.krb5.internal.ktab
  37  *          java.base/sun.security.util
  38  * @run main/othervm -Dtest.security.protocol=DTLS
  39  *      -Dtest.mode=norm DTLSIncorrectAppDataTest
  40  * @run main/othervm -Dtest.security.protocol=DTLS
  41  *      -Dtest.mode=norm_sni DTLSIncorrectAppDataTest
  42  * @run main/othervm -Dtest.security.protocol=DTLS
  43  *      -Dtest.mode=krb DTLSIncorrectAppDataTest
  44  */
  45 
  46 import java.nio.ByteBuffer;
  47 import javax.net.ssl.SSLContext;
  48 import javax.net.ssl.SSLEngine;
  49 import javax.net.ssl.SSLEngineResult;
  50 import javax.net.ssl.SSLException;
  51 import java.util.Random;
  52 import jdk.test.lib.RandomFactory;
  53 
  54 /**
  55  * Testing DTLS incorrect app data packages unwrapping. Incorrect application
  56  * data packages should be ignored by DTLS SSLEngine.
  57  */
  58 public class DTLSIncorrectAppDataTest extends SSLEngineTestCase {
  59 
  60     private final String MESSAGE = "Hello peer!";
  61 
  62     public static void main(String[] s) {
  63         DTLSIncorrectAppDataTest test = new DTLSIncorrectAppDataTest();
  64         setUpAndStartKDCIfNeeded();
  65         test.runTests();
  66     }
  67 
  68     @Override
  69     protected void testOneCipher(String cipher) {
  70         SSLContext context = getContext();
  71         int maxPacketSize = getMaxPacketSize();
  72         boolean useSNI = !TEST_MODE.equals("norm");
  73         SSLEngine clientEngine = getClientSSLEngine(context, useSNI);
  74         SSLEngine serverEngine = getServerSSLEngine(context, useSNI);
  75         clientEngine.setEnabledCipherSuites(new String[]{cipher});
  76         serverEngine.setEnabledCipherSuites(new String[]{cipher});
  77         serverEngine.setNeedClientAuth(!cipher.contains("anon"));
  78         try {
  79             doHandshake(clientEngine, serverEngine, maxPacketSize,
  80                     HandshakeMode.INITIAL_HANDSHAKE);
  81             checkIncorrectAppDataUnwrap(clientEngine, serverEngine);
  82             checkIncorrectAppDataUnwrap(serverEngine, clientEngine);
  83         } catch (SSLException ssle) {
  84             throw new AssertionError("Error during handshake or sending app data",
  85                     ssle);
  86         }
  87     }
  88 
  89     private void checkIncorrectAppDataUnwrap(SSLEngine sendEngine,
  90             SSLEngine recvEngine) throws SSLException {
  91         String direction = sendEngine.getUseClientMode() ? "client"
  92                 : "server";
  93         System.out.println("================================================="
  94                 + "===========");
  95         System.out.println("Testing DTLS incorrect app data packages unwrapping"
  96                 + " by sending data from " + direction);
  97         ByteBuffer app = ByteBuffer.wrap(MESSAGE.getBytes());
  98         ByteBuffer net = doWrap(sendEngine, direction, 0, app);
  99         final Random RNG = RandomFactory.getRandom();
 100         int randomPlace = RNG.nextInt(net.remaining());
 101         net.array()[randomPlace] += 1;
 102         app = ByteBuffer.allocate(recvEngine.getSession()
 103                 .getApplicationBufferSize());
 104         recvEngine.unwrap(net, app);
 105         app.flip();
 106         int length = app.remaining();
 107         System.out.println("Unwrapped " + length + " bytes.");
 108     }
 109 }