8167680 DTLS implementation bugs

   1 /*
   2  * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 
  24 import javax.net.ssl.KeyManagerFactory;
  25 import javax.net.ssl.SNIHostName;
  26 import javax.net.ssl.SNIMatcher;
  27 import javax.net.ssl.SNIServerName;
  28 import javax.net.ssl.SSLContext;
  29 import javax.net.ssl.SSLEngine;

  30 import javax.net.ssl.SSLEngineResult;

  31 import javax.net.ssl.SSLException;
  32 import javax.net.ssl.SSLParameters;
  33 import javax.net.ssl.TrustManagerFactory;
  34 import java.io.File;
  35 import java.io.FileInputStream;
  36 import java.io.IOException;
  37 import java.nio.ByteBuffer;
  38 import java.security.KeyManagementException;
  39 import java.security.KeyStore;
  40 import java.security.KeyStoreException;
  41 import java.security.NoSuchAlgorithmException;
  42 import java.security.UnrecoverableKeyException;
  43 import java.security.cert.CertificateException;
  44 import java.util.ArrayList;
  45 import java.util.Arrays;
  46 import java.util.HashMap;
  47 import java.util.LinkedList;
  48 import java.util.List;
  49 import java.util.Map;
  50 
  51 /**
  52  * Basic class to inherit SSLEngine test cases from it. Tests apply for
  53  * the TLS or DTLS security protocols and their versions.
  54  */
  55 abstract public class SSLEngineTestCase {
  56 
  57     public enum Ciphers {
  58 
  59         /**
  60          * Ciphers supported by the tested SSLEngine without those with kerberos
  61          * authentication.
  62          */
  63         SUPPORTED_NON_KRB_CIPHERS(SSLEngineTestCase.SUPPORTED_NON_KRB_CIPHERS,
  64                 "Supported non kerberos"),
  65         /**
  66          * Ciphers supported by the tested SSLEngine without those with kerberos
  67          * authentication and without those with SHA256 ans SHA384.
  68          */
  69         SUPPORTED_NON_KRB_NON_SHA_CIPHERS(SSLEngineTestCase.SUPPORTED_NON_KRB_NON_SHA_CIPHERS,

  70                 "Supported non kerberos non SHA256 and SHA384"),
  71         /**
  72          * Ciphers supported by the tested SSLEngine with kerberos authentication.

  73          */
  74         SUPPORTED_KRB_CIPHERS(SSLEngineTestCase.SUPPORTED_KRB_CIPHERS,
  75                 "Supported kerberos"),
  76         /**
  77          * Ciphers enabled by default for the tested SSLEngine without kerberos
  78          * and anon.
  79          */
  80         ENABLED_NON_KRB_NOT_ANON_CIPHERS(
  81                 SSLEngineTestCase.ENABLED_NON_KRB_NOT_ANON_CIPHERS,
  82                 "Enabled by default non kerberos not anonymous"),
  83         /**
  84          * Ciphers unsupported by the tested SSLEngine.
  85          */
  86         UNSUPPORTED_CIPHERS(SSLEngineTestCase.UNSUPPORTED_CIPHERS,
  87                 "Unsupported");
  88 
  89         Ciphers(String[] ciphers, String description) {
  90             this.ciphers = ciphers;
  91             this.description = description;
  92         }
  93 
  94         final String[] ciphers;
  95         final String description;
  96     }
  97 
  98     /**
  99      * Enumeration used to distinguish handshake mode in
 100      * {@link SSLEngineTestCase#doHandshake(javax.net.ssl.SSLEngine,
 101      * javax.net.ssl.SSLEngine, int, SSLEngineTestCase.HandshakeMode, boolean)
 102      * SSLEngineTestCase.doHandshake} method.
 103      */
 104     public enum HandshakeMode {
 105 
 106         /**
 107          * Initial handshake done for the first time: both engines call
 108          * {@link SSLEngine#beginHandshake()} method.
 109          */
 110         INITIAL_HANDSHAKE,
 111         /**
 112          * Repeated handshake done by client: client engine calls
 113          * {@link SSLEngine#beginHandshake()} method.
 114          */
 115         REHANDSHAKE_BEGIN_CLIENT,
 116         /**
 117          * Repeated handshake done by server: server engine calls
 118          * {@link SSLEngine#beginHandshake()} method.
 119          */
 120         REHANDSHAKE_BEGIN_SERVER;
 121     }
 122     /**
 123      * Security protocol to be tested: "TLS" or "DTLS" or their versions,
 124      * e.g. "TLSv1", "TLSv1.1", "TLSv1.2", "DTLSv1.0", "DTLSv1.2".
 125      */
 126     public static final String TESTED_SECURITY_PROTOCOL
 127             = System.getProperty("test.security.protocol", "TLS");
 128     /**
 129      * Test mode: "norm", "norm_sni" or "krb".
 130      * Modes "norm" and "norm_sni" are used to run
 131      * with all supported non-kerberos ciphers.
 132      * Mode "krb" is used to run with kerberos ciphers.
 133      */
 134     public static final String TEST_MODE
 135             = System.getProperty("test.mode", "norm");
 136 
 137     private static final String FS = System.getProperty("file.separator", "/");
 138     private static final String PATH_TO_STORES = ".." + FS + "etc";
 139     private static final String KEY_STORE_FILE = "keystore";
 140     private static final String TRUST_STORE_FILE = "truststore";
 141     private static final String PASSWD = "passphrase";
 142 
 143     private static final String KEY_FILE_NAME
 144             = System.getProperty("test.src", ".") + FS + PATH_TO_STORES
 145             + FS + KEY_STORE_FILE;
 146     private static final String TRUST_FILE_NAME
 147             = System.getProperty("test.src", ".") + FS + PATH_TO_STORES
 148             + FS + TRUST_STORE_FILE;
 149 

 150     private static ByteBuffer net;
 151     private static ByteBuffer netReplicatedClient;
 152     private static ByteBuffer netReplicatedServer;
 153     private static final int MAX_HANDSHAKE_LOOPS = 100;
 154     private static final String EXCHANGE_MSG_SENT = "Hello, peer!";
 155     private static boolean doUnwrapForNotHandshakingStatus;
 156     private static boolean endHandshakeLoop = false;



 157     private static final String TEST_SRC = System.getProperty("test.src", ".");
 158     private static final String KTAB_FILENAME = "krb5.keytab.data";
 159     private static final String KRB_REALM = "TEST.REALM";
 160     private static final String KRBTGT_PRINCIPAL = "krbtgt/" + KRB_REALM;
 161     private static final String KRB_USER = "USER";
 162     private static final String KRB_USER_PASSWORD = "password";
 163     private static final String KRB_USER_PRINCIPAL = KRB_USER + "@" + KRB_REALM;
 164     private static final String KRB5_CONF_FILENAME = "krb5.conf";
 165     private static final String PATH_TO_COMMON = ".." + FS + "TLSCommon";
 166     private static final String JAAS_CONF_FILE = PATH_TO_COMMON
 167             + FS + "jaas.conf";
 168     private static final int DELAY = 1000;
 169     private static final String HOST = "localhost";
 170     private static final String SERVER_NAME = "service.localhost";
 171     private static final String SNI_PATTERN = ".*";
 172 
 173     private static final String[] SUPPORTED_NON_KRB_CIPHERS;
 174 
 175     static {
 176         try {
 177             String[] allSupportedCiphers = getContext()
 178                     .createSSLEngine().getSupportedCipherSuites();
 179             List<String> supportedCiphersList = new LinkedList<>();
 180             for (String cipher : allSupportedCiphers) {
 181                 if (!cipher.contains("KRB5")
 182                         && !cipher.contains("TLS_EMPTY_RENEGOTIATION_INFO_SCSV")) {

 183                     supportedCiphersList.add(cipher);
 184                 }
 185             }
 186             SUPPORTED_NON_KRB_CIPHERS = supportedCiphersList.toArray(new String[0]);

 187         } catch (Exception ex) {
 188             throw new Error("Unexpected issue", ex);
 189         }
 190     }
 191 
 192     private static final String[] SUPPORTED_NON_KRB_NON_SHA_CIPHERS;
 193 
 194     static {
 195         try {
 196             String[] allSupportedCiphers = getContext()
 197                     .createSSLEngine().getSupportedCipherSuites();
 198             List<String> supportedCiphersList = new LinkedList<>();
 199             for (String cipher : allSupportedCiphers) {
 200                 if (!cipher.contains("KRB5")
 201                         && !cipher.contains("TLS_EMPTY_RENEGOTIATION_INFO_SCSV")
 202                         && !cipher.endsWith("_SHA256")
 203                         && !cipher.endsWith("_SHA384")) {
 204                     supportedCiphersList.add(cipher);
 205                 }
 206             }
 207             SUPPORTED_NON_KRB_NON_SHA_CIPHERS
 208                     = supportedCiphersList.toArray(new String[0]);
 209         } catch (Exception ex) {
 210             throw new Error("Unexpected issue", ex);
 211         }
 212     }
 213 
 214     private static final String[] SUPPORTED_KRB_CIPHERS;
 215 
 216     static {
 217         try {
 218             String[] allSupportedCiphers = getContext()
 219                     .createSSLEngine().getSupportedCipherSuites();
 220             List<String> supportedCiphersList = new LinkedList<>();
 221             for (String cipher : allSupportedCiphers) {
 222                 if (cipher.contains("KRB5")
 223                         && !cipher.contains("TLS_EMPTY_RENEGOTIATION_INFO_SCSV")) {
 224                     supportedCiphersList.add(cipher);
 225                 }
 226             }
 227             SUPPORTED_KRB_CIPHERS = supportedCiphersList.toArray(new String[0]);
 228         } catch (Exception ex) {
 229             throw new Error("Unexpected issue", ex);
 230         }
 231     }
 232 
 233     private static final String[] ENABLED_NON_KRB_NOT_ANON_CIPHERS;
 234 
 235     static {
 236         try {
 237             SSLEngine temporary = getContext().createSSLEngine();
 238             temporary.setUseClientMode(true);
 239             String[] enabledCiphers = temporary.getEnabledCipherSuites();
 240             List<String> enabledCiphersList = new LinkedList<>();
 241             for (String cipher : enabledCiphers) {
 242                 if (!cipher.contains("anon") && !cipher.contains("KRB5")
 243                         && !cipher.contains("TLS_EMPTY_RENEGOTIATION_INFO_SCSV")) {
 244                     enabledCiphersList.add(cipher);
 245                 }
 246             }
 247             ENABLED_NON_KRB_NOT_ANON_CIPHERS = enabledCiphersList.toArray(new String[0]);

 248         } catch (Exception ex) {
 249             throw new Error("Unexpected issue", ex);
 250         }
 251     }
 252 
 253     private static final String[] UNSUPPORTED_CIPHERS = {
 254             "SSL_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA",
 255             "SSL_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA",
 256             "SSL_DHE_DSS_WITH_RC4_128_SHA",
 257             "SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA",
 258             "SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA",
 259             "SSL_DH_DSS_WITH_DES_CBC_SHA",
 260             "SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA",
 261             "SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA",
 262             "SSL_DH_RSA_WITH_DES_CBC_SHA",
 263             "SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA",
 264             "SSL_FORTEZZA_DMS_WITH_NULL_SHA",
 265             "SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA",
 266             "SSL_RSA_EXPORT1024_WITH_RC4_56_SHA",
 267             "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5",
 268             "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA",
 269             "SSL_RSA_FIPS_WITH_DES_CBC_SHA",
 270             "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5",
 271             "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA",
 272             "TLS_KRB5_WITH_IDEA_CBC_MD5",
 273             "TLS_KRB5_WITH_IDEA_CBC_SHA",
 274             "SSL_RSA_WITH_IDEA_CBC_SHA",
 275             "TLS_DH_RSA_WITH_AES_128_GCM_SHA256",
 276             "TLS_DH_RSA_WITH_AES_256_GCM_SHA384",
 277             "TLS_DH_DSS_WITH_AES_128_GCM_SHA256",
 278             "TLS_DH_DSS_WITH_AES_256_GCM_SHA384"
 279     };
 280 
 281     private final int maxPacketSize;
 282 
 283     /**
 284      * Constructs test case with the given MFLN maxMacketSize.
 285      *
 286      * @param maxPacketSize - MLFN extension max packet size.
 287      */
 288     public SSLEngineTestCase(int maxPacketSize) {
 289         this.maxPacketSize = maxPacketSize;
 290     }
 291 
 292     /**
 293      * Constructs test case with {@code maxPacketSize = 0}.
 294      */
 295     public SSLEngineTestCase() {
 296         this.maxPacketSize = 0;
 297     }
 298 
 299     /**
 300      * Wraps data with the specified engine.
 301      *
 302      * @param engine        - SSLEngine that wraps data.
 303      * @param wrapper       - Set wrapper id, e.g. "server" of "client". Used for
 304      *                      logging only.
 305      * @param maxPacketSize - Max packet size to check that MFLN extension works
 306      *                      or zero for no check.
 307      * @param app           - Buffer with data to wrap.
 308      * @return - Buffer with wrapped data.
 309      * @throws SSLException - thrown on engine errors.
 310      */
 311     public static ByteBuffer doWrap(SSLEngine engine, String wrapper,
 312                                     int maxPacketSize, ByteBuffer app)
 313             throws SSLException {
 314         return doWrap(engine, wrapper, maxPacketSize,
 315                 app, SSLEngineResult.Status.OK, null);
 316     }
 317 
 318     /**
 319      * Wraps data with the specified engine.
 320      *
 321      * @param engine        - SSLEngine that wraps data.
 322      * @param wrapper       - Set wrapper id, e.g. "server" of "client". Used for
 323      *                      logging only.
 324      * @param maxPacketSize - Max packet size to check that MFLN extension works
 325      *                      or zero for no check.
 326      * @param app           - Buffer with data to wrap.
 327      * @param result        - Array which first element will be used to output wrap
 328      *                      result object.
 329      * @return - Buffer with wrapped data.
 330      * @throws SSLException - thrown on engine errors.
 331      */
 332     public static ByteBuffer doWrap(SSLEngine engine, String wrapper,
 333                                     int maxPacketSize, ByteBuffer app,
 334                                     SSLEngineResult[] result)
 335             throws SSLException {
 336         return doWrap(engine, wrapper, maxPacketSize,
 337                 app, SSLEngineResult.Status.OK, result);
 338     }
 339 
 340     /**
 341      * Wraps data with the specified engine.
 342      *
 343      * @param engine        - SSLEngine that wraps data.
 344      * @param wrapper       - Set wrapper id, e.g. "server" of "client". Used for
 345      *                      logging only.
 346      * @param maxPacketSize - Max packet size to check that MFLN extension works
 347      *                      or zero for no check.
 348      * @param app           - Buffer with data to wrap.
 349      * @param wantedStatus  - Specifies expected result status of wrapping.
 350      * @return - Buffer with wrapped data.
 351      * @throws SSLException - thrown on engine errors.
 352      */
 353     public static ByteBuffer doWrap(SSLEngine engine, String wrapper,
 354                                     int maxPacketSize, ByteBuffer app,
 355                                     SSLEngineResult.Status wantedStatus)
 356             throws SSLException {
 357         return doWrap(engine, wrapper, maxPacketSize,
 358                 app, wantedStatus, null);
 359     }
 360 
 361     /**
 362      * Wraps data with the specified engine.
 363      *
 364      * @param engine        - SSLEngine that wraps data.
 365      * @param wrapper       - Set wrapper id, e.g. "server" of "client". Used for
 366      *                      logging only.
 367      * @param maxPacketSize - Max packet size to check that MFLN extension works
 368      *                      or zero for no check.
 369      * @param app           - Buffer with data to wrap.
 370      * @param wantedStatus  - Specifies expected result status of wrapping.
 371      * @param result        - Array which first element will be used to output wrap
 372      *                      result object.
 373      * @return - Buffer with wrapped data.
 374      * @throws SSLException - thrown on engine errors.
 375      */
 376     public static ByteBuffer doWrap(SSLEngine engine, String wrapper,
 377                                     int maxPacketSize, ByteBuffer app,
 378                                     SSLEngineResult.Status wantedStatus,
 379                                     SSLEngineResult[] result)
 380             throws SSLException {
 381         ByteBuffer net = ByteBuffer.allocate(engine.getSession()
 382                 .getPacketBufferSize());
 383         SSLEngineResult r = engine.wrap(app, net);
 384         net.flip();
 385         int length = net.remaining();
 386         System.out.println(wrapper + " wrapped " + length + " bytes.");
 387         System.out.println(wrapper + " handshake status is "
 388                 + engine.getHandshakeStatus());
 389         if (maxPacketSize < length && maxPacketSize != 0) {
 390             throw new AssertionError("Handshake wrapped net buffer length "
 391                     + length + " exceeds maximum packet size "
 392                     + maxPacketSize);
 393         }
 394         checkResult(r, wantedStatus);
 395         if (result != null && result.length > 0) {
 396             result[0] = r;
 397         }
 398         return net;
 399     }
 400 
 401     /**
 402      * Unwraps data with the specified engine.
 403      *
 404      * @param engine    - SSLEngine that unwraps data.
 405      * @param unwrapper - Set unwrapper id, e.g. "server" of "client". Used for
 406      *                  logging only.
 407      * @param net       - Buffer with data to unwrap.
 408      * @return - Buffer with unwrapped data.
 409      * @throws SSLException - thrown on engine errors.
 410      */
 411     public static ByteBuffer doUnWrap(SSLEngine engine, String unwrapper,
 412                                       ByteBuffer net)
 413             throws SSLException {
 414         return doUnWrap(engine, unwrapper, net, SSLEngineResult.Status.OK, null);
 415     }
 416 
 417     /**
 418      * Unwraps data with the specified engine.
 419      *
 420      * @param engine    - SSLEngine that unwraps data.
 421      * @param unwrapper - Set unwrapper id, e.g. "server" of "client". Used for
 422      *                  logging only.
 423      * @param net       - Buffer with data to unwrap.
 424      * @param result    - Array which first element will be used to output wrap
 425      *                  result object.
 426      * @return - Buffer with unwrapped data.
 427      * @throws SSLException - thrown on engine errors.
 428      */
 429     public static ByteBuffer doUnWrap(SSLEngine engine, String unwrapper,
 430                                       ByteBuffer net, SSLEngineResult[] result)
 431             throws SSLException {
 432         return doUnWrap(engine, unwrapper, net, SSLEngineResult.Status.OK, result);
 433     }
 434 
 435     /**
 436      * Unwraps data with the specified engine.
 437      *
 438      * @param engine       - SSLEngine that unwraps data.
 439      * @param unwrapper    - Set unwrapper id, e.g. "server" of "client". Used for
 440      *                     logging only.
 441      * @param net          - Buffer with data to unwrap.
 442      * @param wantedStatus - Specifies expected result status of wrapping.
 443      * @return - Buffer with unwrapped data.
 444      * @throws SSLException - thrown on engine errors.
 445      */
 446     public static ByteBuffer doUnWrap(SSLEngine engine, String unwrapper,
 447                                       ByteBuffer net,
 448                                       SSLEngineResult.Status wantedStatus)
 449             throws SSLException {
 450         return doUnWrap(engine, unwrapper, net, wantedStatus, null);
 451     }
 452 
 453     /**
 454      * Unwraps data with the specified engine.
 455      *
 456      * @param engine       - SSLEngine that unwraps data.
 457      * @param unwrapper    - Set unwrapper id, e.g. "server" of "client". Used for
 458      *                     logging only.
 459      * @param net          - Buffer with data to unwrap.
 460      * @param wantedStatus - Specifies expected result status of wrapping.
 461      * @param result       - Array which first element will be used to output wrap
 462      *                     result object.
 463      * @return - Buffer with unwrapped data.
 464      * @throws SSLException - thrown on engine errors.
 465      */
 466     public static ByteBuffer doUnWrap(SSLEngine engine, String unwrapper,
 467                                       ByteBuffer net,
 468                                       SSLEngineResult.Status wantedStatus,
 469                                       SSLEngineResult[] result)
 470             throws SSLException {
 471         ByteBuffer app = ByteBuffer.allocate(engine.getSession()
 472                 .getApplicationBufferSize());
 473         int length = net.remaining();
 474         System.out.println(unwrapper + " unwrapping "
 475                 + length + " bytes...");
 476         SSLEngineResult r = engine.unwrap(net, app);
 477         app.flip();
 478         System.out.println(unwrapper + " handshake status is "
 479                 + engine.getHandshakeStatus());
 480         checkResult(r, wantedStatus);
 481         if (result != null && result.length > 0) {
 482             result[0] = r;
 483         }
 484         return app;
 485     }
 486 
 487     /**
 488      * Does the handshake of the two specified engines according to the
 489      * {@code mode} specified.
 490      *
 491      * @param clientEngine  - Client SSLEngine.
 492      * @param serverEngine  - Server SSLEngine.
 493      * @param maxPacketSize - Maximum packet size for MFLN of zero for no limit.
 494      * @param mode          - Handshake mode according to {@link HandshakeMode} enum.

 495      * @throws SSLException - thrown on engine errors.
 496      */
 497     public static void doHandshake(SSLEngine clientEngine,
 498                                    SSLEngine serverEngine,
 499                                    int maxPacketSize, HandshakeMode mode)
 500             throws SSLException {
 501         doHandshake(clientEngine, serverEngine, maxPacketSize, mode, false);
 502     }
 503 
 504     /**
 505      * Does the handshake of the two specified engines according to the
 506      * {@code mode} specified.
 507      *
 508      * @param clientEngine          - Client SSLEngine.
 509      * @param serverEngine          - Server SSLEngine.
 510      * @param maxPacketSize         - Maximum packet size for MFLN of zero for no limit.
 511      * @param mode                  - Handshake mode according to {@link HandshakeMode} enum.


 512      * @param enableReplicatedPacks - Set {@code true} to enable replicated
 513      *                              packet sending.
 514      * @throws SSLException - thrown on engine errors.
 515      */
 516     public static void doHandshake(SSLEngine clientEngine,
 517                                    SSLEngine serverEngine, int maxPacketSize,
 518                                    HandshakeMode mode,
 519                                    boolean enableReplicatedPacks)
 520             throws SSLException {
 521         System.out.println("================================================="
 522                 + "===========");
 523         System.out.println("Starting handshake " + mode.name());
 524         int loop = 0;
 525         if (maxPacketSize < 0) {
 526             throw new Error("Test issue: maxPacketSize is less than zero!");
 527         }
 528         SSLParameters params = clientEngine.getSSLParameters();
 529         params.setMaximumPacketSize(maxPacketSize);
 530         clientEngine.setSSLParameters(params);
 531         params = serverEngine.getSSLParameters();
 532         params.setMaximumPacketSize(maxPacketSize);
 533         serverEngine.setSSLParameters(params);
 534         SSLEngine firstEngine;
 535         SSLEngine secondEngine;
 536         switch (mode) {
 537             case INITIAL_HANDSHAKE:
 538                 firstEngine = clientEngine;
 539                 secondEngine = serverEngine;
 540                 doUnwrapForNotHandshakingStatus = false;
 541                 clientEngine.beginHandshake();
 542                 serverEngine.beginHandshake();
 543                 break;
 544             case REHANDSHAKE_BEGIN_CLIENT:
 545                 firstEngine = clientEngine;
 546                 secondEngine = serverEngine;
 547                 doUnwrapForNotHandshakingStatus = true;
 548                 clientEngine.beginHandshake();
 549                 break;
 550             case REHANDSHAKE_BEGIN_SERVER:
 551                 firstEngine = serverEngine;
 552                 secondEngine = clientEngine;
 553                 doUnwrapForNotHandshakingStatus = true;
 554                 serverEngine.beginHandshake();
 555                 break;
 556             default:
 557                 throw new Error("Test issue: unknown handshake mode");
 558         }
 559         endHandshakeLoop = false;
 560         while (!endHandshakeLoop) {
 561             if (++loop > MAX_HANDSHAKE_LOOPS) {
 562                 throw new Error("Too much loops for handshaking");
 563             }
 564             System.out.println("==============================================");
 565             System.out.println("Handshake loop " + loop);
 566             SSLEngineResult.HandshakeStatus clientHSStatus
 567                     = clientEngine.getHandshakeStatus();
 568             SSLEngineResult.HandshakeStatus serverHSStatus
 569                     = serverEngine.getHandshakeStatus();
 570             System.out.println("Client handshake status "
 571                     + clientHSStatus.name());
 572             System.out.println("Server handshake status "
 573                     + serverHSStatus.name());
 574             handshakeProcess(firstEngine, secondEngine, maxPacketSize,
 575                     enableReplicatedPacks);





 576             handshakeProcess(secondEngine, firstEngine, maxPacketSize,
 577                     enableReplicatedPacks);
 578         }
 579     }
 580 
 581     /**
 582      * Routine to send application data from one SSLEngine to another.
 583      *
 584      * @param fromEngine - Sending engine.
 585      * @param toEngine   - Receiving engine.
 586      * @return - Result of unwrap method of the receiving engine.
 587      * @throws SSLException - thrown on engine errors.
 588      */
 589     public static SSLEngineResult sendApplicationData(SSLEngine fromEngine,
 590                                                       SSLEngine toEngine)
 591             throws SSLException {
 592         String sender = null;
 593         String reciever = null;
 594         String excMsgSent = EXCHANGE_MSG_SENT;
 595         if (fromEngine.getUseClientMode() && !toEngine.getUseClientMode()) {
 596             sender = "Client";
 597             reciever = "Server";
 598             excMsgSent += " Client.";
 599         } else if (toEngine.getUseClientMode() && !fromEngine.getUseClientMode()) {

 600             sender = "Server";
 601             reciever = "Client";
 602             excMsgSent += " Server.";
 603         } else {
 604             throw new Error("Test issue: both engines are in the same mode");
 605         }
 606         System.out.println("================================================="
 607                 + "===========");
 608         System.out.println("Trying to send application data from " + sender
 609                 + " to " + reciever);
 610         ByteBuffer clientAppSent
 611                 = ByteBuffer.wrap(excMsgSent.getBytes());
 612         net = doWrap(fromEngine, sender, 0, clientAppSent);
 613         SSLEngineResult[] r = new SSLEngineResult[1];
 614         ByteBuffer serverAppRecv = doUnWrap(toEngine, reciever, net, r);
 615         byte[] serverAppRecvTrunc = Arrays.copyOf(serverAppRecv.array(),
 616                 serverAppRecv.limit());
 617         String msgRecv = new String(serverAppRecvTrunc);
 618         if (!msgRecv.equals(excMsgSent)) {
 619             throw new AssertionError(sender + " to " + reciever
 620                     + ": application data"
 621                     + " has been altered while sending."
 622                     + " Message sent: " + "\"" + excMsgSent + "\"."
 623                     + " Message recieved: " + "\"" + msgRecv + "\".");
 624         }
 625         System.out.println("Successful sending application data from " + sender
 626                 + " to " + reciever);
 627         return r[0];
 628     }
 629 
 630     /**
 631      * Close engines by sending "close outbound" message from one SSLEngine to
 632      * another.
 633      *
 634      * @param fromEngine - Sending engine.
 635      * @param toEngine   - Receiving engine.
 636      * @throws SSLException - thrown on engine errors.
 637      */
 638     public static void closeEngines(SSLEngine fromEngine,
 639                                     SSLEngine toEngine) throws SSLException {
 640         String from = null;
 641         String to = null;
 642         ByteBuffer app;
 643         if (fromEngine.getUseClientMode() && !toEngine.getUseClientMode()) {
 644             from = "Client";
 645             to = "Server";
 646         } else if (toEngine.getUseClientMode() && !fromEngine.getUseClientMode()) {

 647             from = "Server";
 648             to = "Client";
 649         } else {
 650             throw new Error("Both engines are in the same mode");
 651         }
 652         System.out.println("=========================================================");
 653         System.out.println("Trying to close engines from " + from + " to " + to);

 654         // Sending close outbound request to peer
 655         fromEngine.closeOutbound();
 656         app = ByteBuffer.allocate(fromEngine.getSession().getApplicationBufferSize());

 657         net = doWrap(fromEngine, from, 0, app, SSLEngineResult.Status.CLOSED);
 658         doUnWrap(toEngine, to, net, SSLEngineResult.Status.CLOSED);
 659         app = ByteBuffer.allocate(fromEngine.getSession().getApplicationBufferSize());

 660         net = doWrap(toEngine, to, 0, app, SSLEngineResult.Status.CLOSED);
 661         doUnWrap(fromEngine, from, net, SSLEngineResult.Status.CLOSED);
 662         if (!toEngine.isInboundDone()) {
 663             throw new AssertionError(from + " sent close request to " + to
 664                     + ", but " + to + "did not close inbound.");
 665         }
 666         // Executing close inbound
 667         fromEngine.closeInbound();
 668         app = ByteBuffer.allocate(fromEngine.getSession().getApplicationBufferSize());

 669         net = doWrap(fromEngine, from, 0, app, SSLEngineResult.Status.CLOSED);
 670         doUnWrap(toEngine, to, net, SSLEngineResult.Status.CLOSED);
 671         if (!toEngine.isOutboundDone()) {
 672             throw new AssertionError(from + "sent close request to " + to
 673                     + ", but " + to + "did not close outbound.");
 674         }
 675         System.out.println("Successful closing from " + from + " to " + to);
 676     }
 677 
 678     /**
 679      * Runs the same test case for all given {@code ciphers}. Method counts all
 680      * failures and throws {@code AssertionError} if one or more tests fail.
 681      *
 682      * @param ciphers - Ciphers that should be tested.
 683      */
 684     public void runTests(Ciphers ciphers) {
 685         int total = ciphers.ciphers.length;
 686         int failed = testSomeCiphers(ciphers);
 687         if (failed > 0) {
 688             throw new AssertionError("" + failed + " of " + total
 689                     + " tests failed!");
 690         }
 691         System.out.println("All tests passed!");
 692     }
 693 
 694     /**
 695      * Runs test cases for ciphers defined by the test mode.
 696      */
 697     public void runTests() {
 698         switch (TEST_MODE) {
 699             case "norm":
 700             case "norm_sni":
 701                 switch (TESTED_SECURITY_PROTOCOL) {
 702                     case "DTLSv1.0":
 703                     case "TLSv1":
 704                     case "TLSv1.1":
 705                         runTests(Ciphers.SUPPORTED_NON_KRB_NON_SHA_CIPHERS);
 706                         break;
 707                     default:
 708                         runTests(Ciphers.SUPPORTED_NON_KRB_CIPHERS);
 709                 }
 710                 break;
 711             case "krb":
 712                 runTests(Ciphers.SUPPORTED_KRB_CIPHERS);
 713                 break;
 714             default:
 715                 throw new Error("Test error: unexpected test mode: " + TEST_MODE);

 716         }
 717     }
 718 
 719     /**
 720      * Returns maxPacketSize value used for MFLN extension testing
 721      *
 722      * @return - MLFN extension max packet size.
 723      */
 724     public int getMaxPacketSize() {
 725         return maxPacketSize;
 726     }
 727 
 728     /**
 729      * Checks that status of result {@code r} is {@code wantedStatus}.
 730      *
 731      * @param r            - Result.
 732      * @param wantedStatus - Wanted status of the result.
 733      * @throws AssertionError - if status or {@code r} is not
 734      *                        {@code wantedStatus}.
 735      */
 736     public static void checkResult(SSLEngineResult r,
 737                                    SSLEngineResult.Status wantedStatus) {
 738         SSLEngineResult.Status rs = r.getStatus();
 739         if (!rs.equals(wantedStatus)) {
 740             throw new AssertionError("Unexpected status " + rs.name()
 741                     + ", should be " + wantedStatus.name());
 742         }
 743     }
 744 
 745     /**
 746      * Returns SSLContext with TESTED_SECURITY_PROTOCOL protocol and sets up keys.

 747      *
 748      * @return - SSLContext with a protocol specified by TESTED_SECURITY_PROTOCOL.

 749      */
 750     public static SSLContext getContext() {
 751         try {
 752             java.security.Security.setProperty("jdk.tls.disabledAlgorithms", "");
 753             java.security.Security.setProperty("jdk.certpath.disabledAlgorithms", "");


 754             KeyStore ks = KeyStore.getInstance("JKS");
 755             KeyStore ts = KeyStore.getInstance("JKS");
 756             char[] passphrase = PASSWD.toCharArray();
 757             try (FileInputStream keyFileStream = new FileInputStream(KEY_FILE_NAME)) {

 758                 ks.load(keyFileStream, passphrase);
 759             }
 760             try (FileInputStream trustFileStream = new FileInputStream(TRUST_FILE_NAME)) {

 761                 ts.load(trustFileStream, passphrase);
 762             }
 763             KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
 764             kmf.init(ks, passphrase);
 765             TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");

 766             tmf.init(ts);
 767             SSLContext sslCtx = SSLContext.getInstance(TESTED_SECURITY_PROTOCOL);

 768             sslCtx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
 769             return sslCtx;
 770         } catch (KeyStoreException | IOException | NoSuchAlgorithmException |
 771                 CertificateException | UnrecoverableKeyException |
 772                 KeyManagementException ex) {
 773             throw new Error("Unexpected exception", ex);
 774         }
 775     }
 776 
 777     /**
 778      * Sets up and starts kerberos KDC server.
 779      */
 780     public static void setUpAndStartKDC() {
 781         String servicePrincipal = "host/" + SERVER_NAME + "@" + KRB_REALM;
 782         Map<String, String> principals = new HashMap<>();
 783         principals.put(KRB_USER_PRINCIPAL, KRB_USER_PASSWORD);
 784         principals.put(KRBTGT_PRINCIPAL, null);
 785         principals.put(servicePrincipal, null);
 786         System.setProperty("java.security.krb5.conf", KRB5_CONF_FILENAME);
 787         startKDC(KRB_REALM, principals, KTAB_FILENAME);
 788         System.setProperty("java.security.auth.login.config",
 789                 TEST_SRC + FS + JAAS_CONF_FILE);
 790         System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");
 791     }
 792 
 793     /**
 794      * Sets up and starts kerberos KDC server if SSLEngineTestCase.TEST_MODE is "krb".

 795      */
 796     public static void setUpAndStartKDCIfNeeded() {
 797         if (TEST_MODE.equals("krb")) {
 798             setUpAndStartKDC();
 799         }
 800     }
 801 
 802     /**
 803      * Returns client ssl engine.
 804      *
 805      * @param context - SSLContext to get SSLEngine from.
 806      * @param useSNI  - flag used to enable or disable using SNI extension.
 807      *                Needed for Kerberos.
 808      */
 809     public static SSLEngine getClientSSLEngine(SSLContext context, boolean useSNI) {


 810         SSLEngine clientEngine = context.createSSLEngine(HOST, 80);
 811         clientEngine.setUseClientMode(true);
 812         if (useSNI) {
 813             SNIHostName serverName = new SNIHostName(SERVER_NAME);
 814             List<SNIServerName> serverNames = new ArrayList<>();
 815             serverNames.add(serverName);
 816             SSLParameters params = clientEngine.getSSLParameters();
 817             params.setServerNames(serverNames);
 818             clientEngine.setSSLParameters(params);
 819         }
 820         return clientEngine;
 821     }
 822 
 823     /**
 824      * Returns server ssl engine.
 825      *
 826      * @param context - SSLContext to get SSLEngine from.
 827      * @param useSNI  - flag used to enable or disable using SNI extension.
 828      *                Needed for Kerberos.
 829      */
 830     public static SSLEngine getServerSSLEngine(SSLContext context, boolean useSNI) {


 831         SSLEngine serverEngine = context.createSSLEngine();
 832         serverEngine.setUseClientMode(false);
 833         if (useSNI) {
 834             SNIMatcher matcher = SNIHostName.createSNIMatcher(SNI_PATTERN);
 835             List<SNIMatcher> matchers = new ArrayList<>();
 836             matchers.add(matcher);
 837             SSLParameters params = serverEngine.getSSLParameters();
 838             params.setSNIMatchers(matchers);
 839             serverEngine.setSSLParameters(params);
 840         }
 841         return serverEngine;
 842     }
 843 
 844     /**
 845      * Runs the test case for one cipher suite.
 846      *
 847      * @param cipher - Cipher suite name.
 848      * @throws SSLException - If tests fails.
 849      */
 850     abstract protected void testOneCipher(String cipher)
 851             throws SSLException;
 852 
 853     /**
 854      * Iterates through an array of ciphers and runs the same test case for
 855      * every entry.
 856      *
 857      * @param ciphers - Array of cipher names.
 858      * @return - Number of tests failed.
 859      */
 860     protected int testSomeCiphers(Ciphers ciphers) {
 861         int failedNum = 0;
 862         String description = ciphers.description;
 863         System.out.println("==================================================="
 864                 + "=========");
 865         System.out.println(description + " ciphers testing");
 866         System.out.println("==================================================="
 867                 + "=========");
 868         for (String cs : ciphers.ciphers) {
 869             System.out.println("-----------------------------------------------"
 870                     + "-------------");
 871             System.out.println("Testing cipher suite " + cs);
 872             System.out.println("-----------------------------------------------"
 873                     + "-------------");
 874             Throwable error = null;






 875             try {
 876                 testOneCipher(cs);
 877             } catch (Throwable t) {
 878                 error = t;
 879             }
 880             switch (ciphers) {
 881                 case SUPPORTED_NON_KRB_CIPHERS:
 882                 case SUPPORTED_NON_KRB_NON_SHA_CIPHERS:
 883                 case SUPPORTED_KRB_CIPHERS:
 884                 case ENABLED_NON_KRB_NOT_ANON_CIPHERS:
 885                     if (error != null) {
 886                         System.out.println("Test Failed: " + cs);
 887                         System.err.println("Test Exception for " + cs);
 888                         error.printStackTrace();
 889                         failedNum++;
 890                     } else {
 891                         System.out.println("Test Passed: " + cs);
 892                     }
 893                     break;
 894                 case UNSUPPORTED_CIPHERS:
 895                     if (error == null) {
 896                         System.out.println("Test Failed: " + cs);
 897                         System.err.println("Test for " + cs + " should have thrown"
 898                                 + " IllegalArgumentException, but it has not!");

 899                         failedNum++;
 900                     } else if (!(error instanceof IllegalArgumentException)) {
 901                         System.out.println("Test Failed: " + cs);
 902                         System.err.println("Test Exception for " + cs);
 903                         error.printStackTrace();
 904                         failedNum++;
 905                     } else {
 906                         System.out.println("Test Passed: " + cs);
 907                     }
 908                     break;
 909                 default:
 910                     throw new Error("Test issue: unexpected ciphers: "
 911                             + ciphers.name());
 912             }
 913         }

 914         return failedNum;
 915     }
 916 
 917     /**
 918      * Method used for the handshake routine.
 919      *
 920      * @param wrapingEngine         - Engine that is expected to wrap data.
 921      * @param unwrapingEngine       - Engine that is expected to unwrap data.
 922      * @param maxPacketSize         - Maximum packet size for MFLN of zero for no limit.

 923      * @param enableReplicatedPacks - Set {@code true} to enable replicated
 924      *                              packet sending.
 925      * @throws SSLException - thrown on engine errors.
 926      */
 927     private static void handshakeProcess(SSLEngine wrapingEngine,
 928                                          SSLEngine unwrapingEngine,
 929                                          int maxPacketSize,
 930                                          boolean enableReplicatedPacks)
 931             throws SSLException {
 932         SSLEngineResult.HandshakeStatus wrapingHSStatus = wrapingEngine
 933                 .getHandshakeStatus();
 934         SSLEngineResult.HandshakeStatus unwrapingHSStatus = unwrapingEngine
 935                 .getHandshakeStatus();
 936         SSLEngineResult r;
 937         String wrapper, unwrapper;
 938         if (wrapingEngine.getUseClientMode()
 939                 && !unwrapingEngine.getUseClientMode()) {
 940             wrapper = "Client";
 941             unwrapper = "Server";
 942         } else if (unwrapingEngine.getUseClientMode()
 943                 && !wrapingEngine.getUseClientMode()) {
 944             wrapper = "Server";
 945             unwrapper = "Client";
 946         } else {
 947             throw new Error("Both engines are in the same mode");
 948         }







 949         switch (wrapingHSStatus) {
 950             case NEED_WRAP:
 951                 if (enableReplicatedPacks) {
 952                     if (net != null) {
 953                         net.flip();
 954                         if (net.remaining() != 0) {
 955                             if (wrapingEngine.getUseClientMode()) {
 956                                 netReplicatedServer = net;
 957                             } else {
 958                                 netReplicatedClient = net;
 959                             }
 960                         }
 961                     }
 962                 }
 963                 ByteBuffer app = ByteBuffer.allocate(wrapingEngine.getSession()
 964                         .getApplicationBufferSize());
 965                 net = doWrap(wrapingEngine, wrapper, maxPacketSize, app);


 966             case NOT_HANDSHAKING:
 967                 switch (unwrapingHSStatus) {
 968                     case NEED_TASK:
 969                         runDelegatedTasks(unwrapingEngine);
 970                     case NEED_UNWRAP:
 971                         doUnWrap(unwrapingEngine, unwrapper, net);
 972                         if (enableReplicatedPacks) {
 973                             System.out.println("Unwrapping replicated packet...");

 974                             if (unwrapingEngine.getHandshakeStatus()
 975                                     .equals(SSLEngineResult.HandshakeStatus.NEED_TASK)) {
 976                                 runDelegatedTasks(unwrapingEngine);
 977                             }
 978                             runDelegatedTasks(unwrapingEngine);
 979                             ByteBuffer netReplicated;
 980                             if (unwrapingEngine.getUseClientMode()) {
 981                                 netReplicated = netReplicatedClient;
 982                             } else {
 983                                 netReplicated = netReplicatedServer;
 984                             }
 985                             if (netReplicated != null) {
 986                                 doUnWrap(unwrapingEngine, unwrapper, netReplicated);

 987                             } else {
 988                                 net.flip();
 989                                 doUnWrap(unwrapingEngine, unwrapper, net);
 990                             }
 991                         }
 992                         break;
 993                     case NEED_UNWRAP_AGAIN:
 994                         break;
 995                     case NOT_HANDSHAKING:
 996                         if (doUnwrapForNotHandshakingStatus) {

 997                             doUnWrap(unwrapingEngine, unwrapper, net);
 998                             doUnwrapForNotHandshakingStatus = false;
 999                             break;
1000                         } else {



1001                             endHandshakeLoop = true;
1002                         }

1003                         break;


















1004                     default:
1005                         throw new Error("Unexpected unwraping engine handshake status "

1006                                 + unwrapingHSStatus.name());
1007                 }
1008                 break;
1009             case NEED_UNWRAP:
1010                 break;
1011             case NEED_UNWRAP_AGAIN:
1012                 net.flip();
1013                 doUnWrap(wrapingEngine, wrapper, net);
1014                 break;
1015             case NEED_TASK:
1016                 runDelegatedTasks(wrapingEngine);
1017                 break;
1018             default:
1019                 throw new Error("Unexpected wraping engine handshake status "
1020                         + wrapingHSStatus.name());
1021         }
1022     }
1023 
1024     private static void runDelegatedTasks(SSLEngine engine) {
1025         Runnable runnable;
1026         System.out.println("Running delegated tasks...");
1027         while ((runnable = engine.getDelegatedTask()) != null) {
1028             runnable.run();
1029         }
1030         SSLEngineResult.HandshakeStatus hs = engine.getHandshakeStatus();
1031         if (hs == SSLEngineResult.HandshakeStatus.NEED_TASK) {
1032             throw new Error("Handshake shouldn't need additional tasks.");
1033         }
1034     }
1035 
1036     /**
1037      * Start a KDC server:
1038      * - create a KDC instance
1039      * - create Kerberos principals
1040      * - save Kerberos configuration
1041      * - save keys to keytab file
1042      * - no pre-auth is required
1043      */
1044     private static void startKDC(String realm, Map<String, String> principals,
1045                                  String ktab) {
1046         try {
1047             KDC kdc = KDC.create(realm, HOST, 0, true);
1048             kdc.setOption(KDC.Option.PREAUTH_REQUIRED, Boolean.FALSE);
1049             if (principals != null) {
1050                 principals.entrySet().stream().forEach((entry) -> {
1051                     String name = entry.getKey();
1052                     String password = entry.getValue();
1053                     if (password == null || password.isEmpty()) {
1054                         System.out.println("KDC: add a principal '" + name
1055                                 + "' with a random password");
1056                         kdc.addPrincipalRandKey(name);
1057                     } else {
1058                         System.out.println("KDC: add a principal '" + name
1059                                 + "' with '" + password + "' password");
1060                         kdc.addPrincipal(name, password.toCharArray());
1061                     }
1062                 });
1063             }
1064             KDC.saveConfig(KRB5_CONF_FILENAME, kdc);
1065             if (ktab != null) {
1066                 File ktabFile = new File(ktab);
1067                 if (ktabFile.exists()) {
1068                     System.out.println("KDC: append keys to an exising "
1069                             + "keytab file " + ktab);
1070                     kdc.appendKtab(ktab);
1071                 } else {
1072                     System.out.println("KDC: create a new keytab file "
1073                             + ktab);
1074                     kdc.writeKtab(ktab);
1075                 }
1076             }
1077             System.out.println("KDC: started on " + HOST + ":" + kdc.getPort()
1078                     + " with '" + realm + "' realm");
1079         } catch (Exception e) {
1080             throw new RuntimeException("KDC: unexpected exception", e);
1081         }
1082     }
1083 }
--- EOF ---