1 /*
2 * Copyright (c) 2016, 2019, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24 //
25 // Please run in othervm mode. SunJSSE does not support dynamic system
26 // properties, no way to re-use system properties in samevm/agentvm mode.
27 //
28
29 /*
30 * @test
31 * @bug 8148421 8193683 8234728
32 * @summary Transport Layer Security (TLS) Session Hash and Extended
33 * Master Secret Extension
34 * @summary Increase the number of clones in the CloneableDigest
35 * @library /javax/net/ssl/templates
36 * @compile DigestBase.java
37 * @run main/othervm -Djdk.tls.client.protocols="TLSv1.3,TLSv1.2,TLSv1.1,TLSv1,SSLv3"
38 * HandshakeHashCloneExhaustion TLSv1.3 TLS_AES_128_GCM_SHA256
39 * @run main/othervm HandshakeHashCloneExhaustion
40 * TLSv1.2 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
41 * @run main/othervm HandshakeHashCloneExhaustion
42 * TLSv1.1 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
43 */
44
45 import java.io.InputStream;
46 import java.io.OutputStream;
47 import java.security.MessageDigest;
48 import java.security.Security;
49 import javax.net.ssl.SSLSocket;
50
51 public class HandshakeHashCloneExhaustion extends SSLSocketTemplate {
52
53 private static String[] protocol;
54 private static String[] ciphersuite;
55 private static String[] mds = { "SHA", "MD5", "SHA-256" };
56
57 /*
58 * ==================
59 * Run the test case.
60 */
61 public static void main(String[] args) throws Exception {
62 // Add in a non-cloneable MD5/SHA1/SHA-256 implementation
63 Security.insertProviderAt(new MyProvider(), 1);
64 // make sure our provider is functioning
65 for (String s : mds) {
66 MessageDigest md = MessageDigest.getInstance(s);
67 String p = md.getProvider().getName();
68 if (!p.equals("MyProvider")) {
69 throw new RuntimeException("Unexpected provider: " + p);
70 }
71 }
72
73 if (args.length != 2) {
74 throw new Exception(
75 "Usage: HandshakeHashCloneExhaustion protocol ciphersuite");
76 }
77
78 System.out.println("Testing: " + args[0] + " " + args[1]);
79 protocol = new String [] { args[0] };
80 ciphersuite = new String[] { args[1] };
81
82 (new HandshakeHashCloneExhaustion()).run();
83 }
84
85 @Override
86 protected void runServerApplication(SSLSocket socket) throws Exception {
87 socket.setNeedClientAuth(true);
88 socket.setEnabledProtocols(protocol);
89 socket.setEnabledCipherSuites(ciphersuite);
90
91 // here comes the test logic
92 InputStream sslIS = socket.getInputStream();
93 OutputStream sslOS = socket.getOutputStream();
94
95 sslIS.read();
96 sslOS.write(85);
97 sslOS.flush();
98 }
99
100 @Override
101 protected void runClientApplication(SSLSocket socket) throws Exception {
102 InputStream sslIS = socket.getInputStream();
103 OutputStream sslOS = socket.getOutputStream();
104
105 sslOS.write(280);
106 sslOS.flush();
107 sslIS.read();
108 }
109 }