jdk-sandbox: test/jdk/sun/security/ssl/SSLContextImpl/DefaultEnabledProtocols.java@56aaa6cb3693 (annotated)

22068 95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	1	/*
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	2	* Copyright (c) 2013, 2018, Oracle and/or its affiliates. All rights reserved.
22068 95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	4	*
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	7	* published by the Free Software Foundation.
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	8	*
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	9	* This code is distributed in the hope that it will be useful, but WITHOUT
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	10	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	11	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	12	* version 2 for more details (a copy is included in the LICENSE file that
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	13	* accompanied this code).
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	14	*
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	15	* You should have received a copy of the GNU General Public License version
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	16	* 2 along with this work; if not, write to the Free Software Foundation,
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	17	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	18	*
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	19	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	20	* or visit www.oracle.com if you need additional information or have any
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	21	* questions.
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	22	*/
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	23
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	24	// SunJSSE does not support dynamic system properties, no way to re-use
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	25	// system properties in samevm/agentvm mode.
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	26
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	27	/*
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	28	* @test
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	29	* @bug 7093640
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	30	* @summary Enable TLS 1.1 and TLS 1.2 by default in client side of SunJSSE
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	31	* @run main/othervm DefaultEnabledProtocols
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	32	*/
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	33
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	34	import java.security.Security;
22068 95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	35	import java.util.Arrays;
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	36	import java.util.HashSet;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	37	import java.util.Set;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	38
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	39	import javax.net.SocketFactory;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	40	import javax.net.ssl.KeyManager;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	41	import javax.net.ssl.SSLContext;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	42	import javax.net.ssl.SSLEngine;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	43	import javax.net.ssl.SSLParameters;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	44	import javax.net.ssl.SSLServerSocket;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	45	import javax.net.ssl.SSLServerSocketFactory;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	46	import javax.net.ssl.SSLSocket;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	47	import javax.net.ssl.TrustManager;
22068 95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	48
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	49	public class DefaultEnabledProtocols {
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	50	static enum ContextVersion {
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	51	TLS_CV_01("SSL",
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	52	new String[] {"SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"}),
22068 95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	53	TLS_CV_02("TLS",
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	54	new String[] {"SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"}),
22068 95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	55	TLS_CV_03("SSLv3",
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	56	new String[] {"SSLv3", "TLSv1"}),
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	57	TLS_CV_04("TLSv1",
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	58	new String[] {"SSLv3", "TLSv1"}),
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	59	TLS_CV_05("TLSv1.1",
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	60	new String[] {"SSLv3", "TLSv1", "TLSv1.1"}),
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	61	TLS_CV_06("TLSv1.2",
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	62	new String[] {"SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2"}),
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	63	TLS_CV_07("TLSv1.3",
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	64	new String[] {"SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"}),
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	65	TLS_CV_08("Default",
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	66	new String[] {"SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"});
22068 95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	67
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	68	final String contextVersion;
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	69	final String[] enabledProtocols;
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	70	final static String[] supportedProtocols = new String[] {
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	71	"SSLv2Hello", "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"};
22068 95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	72
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	73	ContextVersion(String contextVersion, String[] enabledProtocols) {
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	74	this.contextVersion = contextVersion;
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	75	this.enabledProtocols = enabledProtocols;
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	76	}
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	77	}
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	78
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	79	private static boolean checkProtocols(String[] target, String[] expected) {
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	80	boolean success = true;
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	81	if (target.length == 0) {
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	82	System.out.println("\tError: No protocols");
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	83	success = false;
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	84	}
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	85
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	86	if (!protocolEquals(target, expected)) {
22068 95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	87	System.out.println("\tError: Expected to get protocols " +
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	88	Arrays.toString(expected));
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	89	System.out.println("\tError: The actual protocols " +
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	90	Arrays.toString(target));
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	91	success = false;
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	92	}
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	93
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	94	return success;
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	95	}
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	96
56542 56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	97	private static boolean protocolEquals(
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	98	String[] actualProtocols,
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	99	String[] expectedProtocols) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	100	if (actualProtocols.length != expectedProtocols.length) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	101	return false;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	102	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	103
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	104	Set<String> set = new HashSet<>(Arrays.asList(expectedProtocols));
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	105	for (String actual : actualProtocols) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	106	if (set.add(actual)) {
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	107	return false;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	108	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	109	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	110
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	111	return true;
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	112	}
56aaa6cb3693 Initial TLSv1.3 Implementation wetmore parents: 47216 diff changeset	113
22068 95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	114	private static boolean checkCipherSuites(String[] target) {
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	115	boolean success = true;
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	116	if (target.length == 0) {
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	117	System.out.println("\tError: No cipher suites");
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	118	success = false;
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	119	}
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	120
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	121	return success;
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	122	}
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	123
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	124	public static void main(String[] args) throws Exception {
28555 c7bf34f7b215 8061210: Issues in TLS xuelei parents: 23052 diff changeset	125	// reset the security property to make sure that the algorithms
c7bf34f7b215 8061210: Issues in TLS xuelei parents: 23052 diff changeset	126	// and keys used in this test are not disabled.
c7bf34f7b215 8061210: Issues in TLS xuelei parents: 23052 diff changeset	127	Security.setProperty("jdk.tls.disabledAlgorithms", "");
c7bf34f7b215 8061210: Issues in TLS xuelei parents: 23052 diff changeset	128
22068 95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	129	boolean failed = false;
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	130	for (ContextVersion cv : ContextVersion.values()) {
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	131	System.out.println("Checking SSLContext of " + cv.contextVersion);
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	132	SSLContext context = SSLContext.getInstance(cv.contextVersion);
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	133
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	134	// Default SSLContext is initialized automatically.
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	135	if (!cv.contextVersion.equals("Default")) {
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	136	// Use default TK, KM and random.
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	137	context.init((KeyManager[])null, (TrustManager[])null, null);
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	138	}
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	139
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	140	//
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	141	// Check SSLContext
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	142	//
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	143	// Check default SSLParameters of SSLContext
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	144	System.out.println("\tChecking default SSLParameters");
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	145	SSLParameters parameters = context.getDefaultSSLParameters();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	146
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	147	String[] protocols = parameters.getProtocols();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	148	failed \|= !checkProtocols(protocols, cv.enabledProtocols);
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	149
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	150	String[] ciphers = parameters.getCipherSuites();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	151	failed \|= !checkCipherSuites(ciphers);
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	152
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	153	// Check supported SSLParameters of SSLContext
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	154	System.out.println("\tChecking supported SSLParameters");
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	155	parameters = context.getSupportedSSLParameters();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	156
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	157	protocols = parameters.getProtocols();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	158	failed \|= !checkProtocols(protocols, cv.supportedProtocols);
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	159
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	160	ciphers = parameters.getCipherSuites();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	161	failed \|= !checkCipherSuites(ciphers);
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	162
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	163	//
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	164	// Check SSLEngine
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	165	//
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	166	// Check SSLParameters of SSLEngine
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	167	System.out.println();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	168	System.out.println("\tChecking SSLEngine of this SSLContext");
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	169	System.out.println("\tChecking SSLEngine.getSSLParameters()");
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	170	SSLEngine engine = context.createSSLEngine();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	171	engine.setUseClientMode(true);
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	172	parameters = engine.getSSLParameters();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	173
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	174	protocols = parameters.getProtocols();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	175	failed \|= !checkProtocols(protocols, cv.enabledProtocols);
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	176
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	177	ciphers = parameters.getCipherSuites();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	178	failed \|= !checkCipherSuites(ciphers);
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	179
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	180	System.out.println("\tChecking SSLEngine.getEnabledProtocols()");
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	181	protocols = engine.getEnabledProtocols();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	182	failed \|= !checkProtocols(protocols, cv.enabledProtocols);
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	183
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	184	System.out.println("\tChecking SSLEngine.getEnabledCipherSuites()");
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	185	ciphers = engine.getEnabledCipherSuites();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	186	failed \|= !checkCipherSuites(ciphers);
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	187
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	188	System.out.println("\tChecking SSLEngine.getSupportedProtocols()");
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	189	protocols = engine.getSupportedProtocols();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	190	failed \|= !checkProtocols(protocols, cv.supportedProtocols);
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	191
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	192	System.out.println(
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	193	"\tChecking SSLEngine.getSupportedCipherSuites()");
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	194	ciphers = engine.getSupportedCipherSuites();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	195	failed \|= !checkCipherSuites(ciphers);
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	196
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	197	//
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	198	// Check SSLSocket
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	199	//
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	200	// Check SSLParameters of SSLSocket
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	201	System.out.println();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	202	System.out.println("\tChecking SSLSocket of this SSLContext");
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	203	System.out.println("\tChecking SSLSocket.getSSLParameters()");
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	204	SocketFactory fac = context.getSocketFactory();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	205	SSLSocket socket = (SSLSocket)fac.createSocket();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	206	parameters = socket.getSSLParameters();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	207
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	208	protocols = parameters.getProtocols();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	209	failed \|= !checkProtocols(protocols, cv.enabledProtocols);
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	210
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	211	ciphers = parameters.getCipherSuites();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	212	failed \|= !checkCipherSuites(ciphers);
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	213
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	214	System.out.println("\tChecking SSLEngine.getEnabledProtocols()");
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	215	protocols = socket.getEnabledProtocols();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	216	failed \|= !checkProtocols(protocols, cv.enabledProtocols);
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	217
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	218	System.out.println("\tChecking SSLEngine.getEnabledCipherSuites()");
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	219	ciphers = socket.getEnabledCipherSuites();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	220	failed \|= !checkCipherSuites(ciphers);
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	221
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	222	System.out.println("\tChecking SSLEngine.getSupportedProtocols()");
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	223	protocols = socket.getSupportedProtocols();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	224	failed \|= !checkProtocols(protocols, cv.supportedProtocols);
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	225
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	226	System.out.println(
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	227	"\tChecking SSLEngine.getSupportedCipherSuites()");
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	228	ciphers = socket.getSupportedCipherSuites();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	229	failed \|= !checkCipherSuites(ciphers);
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	230
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	231	//
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	232	// Check SSLServerSocket
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	233	//
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	234	// Check SSLParameters of SSLServerSocket
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	235	System.out.println();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	236	System.out.println("\tChecking SSLServerSocket of this SSLContext");
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	237	System.out.println("\tChecking SSLServerSocket.getSSLParameters()");
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	238	SSLServerSocketFactory sf = context.getServerSocketFactory();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	239	SSLServerSocket ssocket = (SSLServerSocket)sf.createServerSocket();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	240	parameters = ssocket.getSSLParameters();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	241
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	242	protocols = parameters.getProtocols();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	243	failed \|= !checkProtocols(protocols, cv.supportedProtocols);
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	244
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	245	ciphers = parameters.getCipherSuites();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	246	failed \|= !checkCipherSuites(ciphers);
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	247
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	248	System.out.println("\tChecking SSLEngine.getEnabledProtocols()");
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	249	protocols = ssocket.getEnabledProtocols();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	250	failed \|= !checkProtocols(protocols, cv.supportedProtocols);
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	251
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	252	System.out.println("\tChecking SSLEngine.getEnabledCipherSuites()");
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	253	ciphers = ssocket.getEnabledCipherSuites();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	254	failed \|= !checkCipherSuites(ciphers);
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	255
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	256	System.out.println("\tChecking SSLEngine.getSupportedProtocols()");
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	257	protocols = ssocket.getSupportedProtocols();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	258	failed \|= !checkProtocols(protocols, cv.supportedProtocols);
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	259
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	260	System.out.println(
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	261	"\tChecking SSLEngine.getSupportedCipherSuites()");
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	262	ciphers = ssocket.getSupportedCipherSuites();
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	263	failed \|= !checkCipherSuites(ciphers);
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	264	}
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	265
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	266	if (failed) {
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	267	throw new Exception("Run into problems, see log for more details");
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	268	} else {
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	269	System.out.println("\t... Success");
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	270	}
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	271	}
95a7a3cd72a0 7093640: Enable client-side TLS 1.2 by default xuelei parents: diff changeset	272	}

author	wetmore
	Fri, 11 May 2018 15:53:12 -0700
branch	JDK-8145252-TLS13-branch
changeset 56542	56aaa6cb3693
parent 47216	71c04702a3d5
child 56611	f8f7e604e1f8
permissions	-rw-r--r--