jdk-sandbox: test/jdk/javax/net/ssl/sanity/ciphersuites/CipherSuitesInOrder.java@68fa3d4026ea (annotated)

12874 14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	1	/*
31706 895170f33881 8043202: Prohibit RC4 cipher suites asmotrak parents: 27722 diff changeset	2	* Copyright (c) 2012, 2015, Oracle and/or its affiliates. All rights reserved.
12874 14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	4	*
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	7	* published by the Free Software Foundation.
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	8	*
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	9	* This code is distributed in the hope that it will be useful, but WITHOUT
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	10	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	11	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	12	* version 2 for more details (a copy is included in the LICENSE file that
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	13	* accompanied this code).
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	14	*
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	15	* You should have received a copy of the GNU General Public License version
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	16	* 2 along with this work; if not, write to the Free Software Foundation,
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	17	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	18	*
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	19	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	20	* or visit www.oracle.com if you need additional information or have any
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	21	* questions.
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	22	*/
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	23
16913 a6f4d1626ad9 8011680: Re-integrate AEAD implementation of JSSE xuelei parents: 16067 diff changeset	24	//
a6f4d1626ad9 8011680: Re-integrate AEAD implementation of JSSE xuelei parents: 16067 diff changeset	25	// SunJSSE does not support dynamic system properties, no way to re-use
a6f4d1626ad9 8011680: Re-integrate AEAD implementation of JSSE xuelei parents: 16067 diff changeset	26	// system properties in samevm/agentvm mode.
a6f4d1626ad9 8011680: Re-integrate AEAD implementation of JSSE xuelei parents: 16067 diff changeset	27	//
a6f4d1626ad9 8011680: Re-integrate AEAD implementation of JSSE xuelei parents: 16067 diff changeset	28
12874 14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	29	/*
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	30	* @test
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	31	* @bug 7174244
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	32	* @summary NPE in Krb5ProxyImpl.getServerKeys()
50768 68fa3d4026ea 8196584: TLS 1.3 Implementation xuelei parents: 47216 diff changeset	33	* @ignore the dependent implementation details are changed
12874 14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	34	* @run main/othervm CipherSuitesInOrder
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	35	*/
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	36
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	37	import java.util.*;
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	38	import javax.net.ssl.*;
22267 13f418b13938 8028518: Increase the priorities of GCM cipher suites xuelei parents: 16913 diff changeset	39	import java.security.Security;
12874 14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	40
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	41	public class CipherSuitesInOrder {
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	42
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	43	// supported ciphersuites
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	44	private final static List<String> supportedCipherSuites =
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	45	Arrays.<String>asList(
22267 13f418b13938 8028518: Increase the priorities of GCM cipher suites xuelei parents: 16913 diff changeset	46	"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
13f418b13938 8028518: Increase the priorities of GCM cipher suites xuelei parents: 16913 diff changeset	47	"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
13f418b13938 8028518: Increase the priorities of GCM cipher suites xuelei parents: 16913 diff changeset	48	"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
13f418b13938 8028518: Increase the priorities of GCM cipher suites xuelei parents: 16913 diff changeset	49	"TLS_RSA_WITH_AES_256_GCM_SHA384",
13f418b13938 8028518: Increase the priorities of GCM cipher suites xuelei parents: 16913 diff changeset	50	"TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
13f418b13938 8028518: Increase the priorities of GCM cipher suites xuelei parents: 16913 diff changeset	51	"TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
13f418b13938 8028518: Increase the priorities of GCM cipher suites xuelei parents: 16913 diff changeset	52	"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
13f418b13938 8028518: Increase the priorities of GCM cipher suites xuelei parents: 16913 diff changeset	53	"TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
13f418b13938 8028518: Increase the priorities of GCM cipher suites xuelei parents: 16913 diff changeset	54	"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
13f418b13938 8028518: Increase the priorities of GCM cipher suites xuelei parents: 16913 diff changeset	55	"TLS_RSA_WITH_AES_128_GCM_SHA256",
13f418b13938 8028518: Increase the priorities of GCM cipher suites xuelei parents: 16913 diff changeset	56	"TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
13f418b13938 8028518: Increase the priorities of GCM cipher suites xuelei parents: 16913 diff changeset	57	"TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
13f418b13938 8028518: Increase the priorities of GCM cipher suites xuelei parents: 16913 diff changeset	58	"TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
13f418b13938 8028518: Increase the priorities of GCM cipher suites xuelei parents: 16913 diff changeset	59	"TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
13f418b13938 8028518: Increase the priorities of GCM cipher suites xuelei parents: 16913 diff changeset	60
12874 14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	61	"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	62	"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	63	"TLS_RSA_WITH_AES_256_CBC_SHA256",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	64	"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	65	"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	66	"TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	67	"TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	68	"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	69	"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	70	"TLS_RSA_WITH_AES_256_CBC_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	71	"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	72	"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	73	"TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	74	"TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	75	"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	76	"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	77	"TLS_RSA_WITH_AES_128_CBC_SHA256",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	78	"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	79	"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	80	"TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	81	"TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	82	"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	83	"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	84	"TLS_RSA_WITH_AES_128_CBC_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	85	"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	86	"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	87	"TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	88	"TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
16913 a6f4d1626ad9 8011680: Re-integrate AEAD implementation of JSSE xuelei parents: 16067 diff changeset	89
12874 14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	90	"TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	91	"TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	92	"SSL_RSA_WITH_3DES_EDE_CBC_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	93	"TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	94	"TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	95	"SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	96	"SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
27722 0fb5bf040fd0 8043200: Decrease the preference mode of RC4 in the enabled cipher suite list xuelei parents: 23052 diff changeset	97
12874 14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	98	"TLS_EMPTY_RENEGOTIATION_INFO_SCSV",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	99
16913 a6f4d1626ad9 8011680: Re-integrate AEAD implementation of JSSE xuelei parents: 16067 diff changeset	100	"TLS_DH_anon_WITH_AES_256_GCM_SHA384",
a6f4d1626ad9 8011680: Re-integrate AEAD implementation of JSSE xuelei parents: 16067 diff changeset	101	"TLS_DH_anon_WITH_AES_128_GCM_SHA256",
a6f4d1626ad9 8011680: Re-integrate AEAD implementation of JSSE xuelei parents: 16067 diff changeset	102
12874 14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	103	"TLS_DH_anon_WITH_AES_256_CBC_SHA256",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	104	"TLS_ECDH_anon_WITH_AES_256_CBC_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	105	"TLS_DH_anon_WITH_AES_256_CBC_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	106	"TLS_DH_anon_WITH_AES_128_CBC_SHA256",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	107	"TLS_ECDH_anon_WITH_AES_128_CBC_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	108	"TLS_DH_anon_WITH_AES_128_CBC_SHA",
27722 0fb5bf040fd0 8043200: Decrease the preference mode of RC4 in the enabled cipher suite list xuelei parents: 23052 diff changeset	109	"TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA",
0fb5bf040fd0 8043200: Decrease the preference mode of RC4 in the enabled cipher suite list xuelei parents: 23052 diff changeset	110	"SSL_DH_anon_WITH_3DES_EDE_CBC_SHA",
31706 895170f33881 8043202: Prohibit RC4 cipher suites asmotrak parents: 27722 diff changeset	111
895170f33881 8043202: Prohibit RC4 cipher suites asmotrak parents: 27722 diff changeset	112	"TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
895170f33881 8043202: Prohibit RC4 cipher suites asmotrak parents: 27722 diff changeset	113	"TLS_ECDHE_RSA_WITH_RC4_128_SHA",
895170f33881 8043202: Prohibit RC4 cipher suites asmotrak parents: 27722 diff changeset	114	"SSL_RSA_WITH_RC4_128_SHA",
895170f33881 8043202: Prohibit RC4 cipher suites asmotrak parents: 27722 diff changeset	115	"TLS_ECDH_ECDSA_WITH_RC4_128_SHA",
895170f33881 8043202: Prohibit RC4 cipher suites asmotrak parents: 27722 diff changeset	116	"TLS_ECDH_RSA_WITH_RC4_128_SHA",
895170f33881 8043202: Prohibit RC4 cipher suites asmotrak parents: 27722 diff changeset	117	"SSL_RSA_WITH_RC4_128_MD5",
12874 14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	118	"TLS_ECDH_anon_WITH_RC4_128_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	119	"SSL_DH_anon_WITH_RC4_128_MD5",
27722 0fb5bf040fd0 8043200: Decrease the preference mode of RC4 in the enabled cipher suite list xuelei parents: 23052 diff changeset	120
0fb5bf040fd0 8043200: Decrease the preference mode of RC4 in the enabled cipher suite list xuelei parents: 23052 diff changeset	121	"SSL_RSA_WITH_DES_CBC_SHA",
0fb5bf040fd0 8043200: Decrease the preference mode of RC4 in the enabled cipher suite list xuelei parents: 23052 diff changeset	122	"SSL_DHE_RSA_WITH_DES_CBC_SHA",
0fb5bf040fd0 8043200: Decrease the preference mode of RC4 in the enabled cipher suite list xuelei parents: 23052 diff changeset	123	"SSL_DHE_DSS_WITH_DES_CBC_SHA",
0fb5bf040fd0 8043200: Decrease the preference mode of RC4 in the enabled cipher suite list xuelei parents: 23052 diff changeset	124	"SSL_DH_anon_WITH_DES_CBC_SHA",
0fb5bf040fd0 8043200: Decrease the preference mode of RC4 in the enabled cipher suite list xuelei parents: 23052 diff changeset	125	"SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
0fb5bf040fd0 8043200: Decrease the preference mode of RC4 in the enabled cipher suite list xuelei parents: 23052 diff changeset	126	"SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
0fb5bf040fd0 8043200: Decrease the preference mode of RC4 in the enabled cipher suite list xuelei parents: 23052 diff changeset	127	"SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA",
0fb5bf040fd0 8043200: Decrease the preference mode of RC4 in the enabled cipher suite list xuelei parents: 23052 diff changeset	128	"SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA",
0fb5bf040fd0 8043200: Decrease the preference mode of RC4 in the enabled cipher suite list xuelei parents: 23052 diff changeset	129
0fb5bf040fd0 8043200: Decrease the preference mode of RC4 in the enabled cipher suite list xuelei parents: 23052 diff changeset	130	"SSL_RSA_EXPORT_WITH_RC4_40_MD5",
0fb5bf040fd0 8043200: Decrease the preference mode of RC4 in the enabled cipher suite list xuelei parents: 23052 diff changeset	131	"SSL_DH_anon_EXPORT_WITH_RC4_40_MD5",
0fb5bf040fd0 8043200: Decrease the preference mode of RC4 in the enabled cipher suite list xuelei parents: 23052 diff changeset	132
12874 14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	133	"TLS_RSA_WITH_NULL_SHA256",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	134	"TLS_ECDHE_ECDSA_WITH_NULL_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	135	"TLS_ECDHE_RSA_WITH_NULL_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	136	"SSL_RSA_WITH_NULL_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	137	"TLS_ECDH_ECDSA_WITH_NULL_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	138	"TLS_ECDH_RSA_WITH_NULL_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	139	"TLS_ECDH_anon_WITH_NULL_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	140	"SSL_RSA_WITH_NULL_MD5",
27722 0fb5bf040fd0 8043200: Decrease the preference mode of RC4 in the enabled cipher suite list xuelei parents: 23052 diff changeset	141
0fb5bf040fd0 8043200: Decrease the preference mode of RC4 in the enabled cipher suite list xuelei parents: 23052 diff changeset	142	"TLS_KRB5_WITH_3DES_EDE_CBC_SHA",
0fb5bf040fd0 8043200: Decrease the preference mode of RC4 in the enabled cipher suite list xuelei parents: 23052 diff changeset	143	"TLS_KRB5_WITH_3DES_EDE_CBC_MD5",
12874 14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	144	"TLS_KRB5_WITH_RC4_128_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	145	"TLS_KRB5_WITH_RC4_128_MD5",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	146	"TLS_KRB5_WITH_DES_CBC_SHA",
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	147	"TLS_KRB5_WITH_DES_CBC_MD5",
27722 0fb5bf040fd0 8043200: Decrease the preference mode of RC4 in the enabled cipher suite list xuelei parents: 23052 diff changeset	148	"TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA",
0fb5bf040fd0 8043200: Decrease the preference mode of RC4 in the enabled cipher suite list xuelei parents: 23052 diff changeset	149	"TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5",
12874 14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	150	"TLS_KRB5_EXPORT_WITH_RC4_40_SHA",
27722 0fb5bf040fd0 8043200: Decrease the preference mode of RC4 in the enabled cipher suite list xuelei parents: 23052 diff changeset	151	"TLS_KRB5_EXPORT_WITH_RC4_40_MD5"
12874 14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	152	);
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	153
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	154	private final static String[] protocols = {
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	155	"", "SSL", "TLS", "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2"
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	156	};
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	157
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	158
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	159	public static void main(String[] args) throws Exception {
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	160	// show all of the supported cipher suites
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	161	showSuites(supportedCipherSuites.toArray(new String[0]),
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	162	"All supported cipher suites");
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	163
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	164	for (String protocol : protocols) {
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	165	System.out.println("//");
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	166	System.out.println("// " +
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	167	"Testing for SSLContext of " + protocol);
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	168	System.out.println("//");
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	169	checkForProtocols(protocol);
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	170	}
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	171	}
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	172
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	173	public static void checkForProtocols(String protocol) throws Exception {
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	174	SSLContext context;
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	175	if (protocol.isEmpty()) {
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	176	context = SSLContext.getDefault();
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	177	} else {
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	178	context = SSLContext.getInstance(protocol);
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	179	context.init(null, null, null);
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	180	}
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	181
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	182	// check the order of default cipher suites of SSLContext
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	183	SSLParameters parameters = context.getDefaultSSLParameters();
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	184	checkSuites(parameters.getCipherSuites(),
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	185	"Default cipher suites in SSLContext");
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	186
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	187	// check the order of supported cipher suites of SSLContext
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	188	parameters = context.getSupportedSSLParameters();
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	189	checkSuites(parameters.getCipherSuites(),
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	190	"Supported cipher suites in SSLContext");
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	191
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	192
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	193	//
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	194	// Check the cipher suites order of SSLEngine
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	195	//
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	196	SSLEngine engine = context.createSSLEngine();
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	197
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	198	// check the order of endabled cipher suites
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	199	String[] ciphers = engine.getEnabledCipherSuites();
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	200	checkSuites(ciphers,
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	201	"Enabled cipher suites in SSLEngine");
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	202
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	203	// check the order of supported cipher suites
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	204	ciphers = engine.getSupportedCipherSuites();
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	205	checkSuites(ciphers,
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	206	"Supported cipher suites in SSLEngine");
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	207
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	208	//
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	209	// Check the cipher suites order of SSLSocket
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	210	//
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	211	SSLSocketFactory factory = context.getSocketFactory();
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	212	try (SSLSocket socket = (SSLSocket)factory.createSocket()) {
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	213
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	214	// check the order of endabled cipher suites
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	215	ciphers = socket.getEnabledCipherSuites();
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	216	checkSuites(ciphers,
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	217	"Enabled cipher suites in SSLSocket");
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	218
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	219	// check the order of supported cipher suites
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	220	ciphers = socket.getSupportedCipherSuites();
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	221	checkSuites(ciphers,
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	222	"Supported cipher suites in SSLSocket");
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	223	}
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	224
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	225	//
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	226	// Check the cipher suites order of SSLServerSocket
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	227	//
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	228	SSLServerSocketFactory serverFactory = context.getServerSocketFactory();
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	229	try (SSLServerSocket serverSocket =
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	230	(SSLServerSocket)serverFactory.createServerSocket()) {
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	231	// check the order of endabled cipher suites
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	232	ciphers = serverSocket.getEnabledCipherSuites();
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	233	checkSuites(ciphers,
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	234	"Enabled cipher suites in SSLServerSocket");
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	235
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	236	// check the order of supported cipher suites
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	237	ciphers = serverSocket.getSupportedCipherSuites();
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	238	checkSuites(ciphers,
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	239	"Supported cipher suites in SSLServerSocket");
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	240	}
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	241	}
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	242
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	243	private static void checkSuites(String[] suites, String title) {
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	244	showSuites(suites, title);
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	245
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	246	int loc = -1;
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	247	int index = 0;
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	248	for (String suite : suites) {
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	249	index = supportedCipherSuites.indexOf(suite);
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	250	if (index <= loc) {
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	251	throw new RuntimeException(suite + " is not in order");
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	252	}
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	253
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	254	loc = index;
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	255	}
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	256	}
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	257
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	258	private static void showSuites(String[] suites, String title) {
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	259	System.out.println(title + "[" + suites.length + "]:");
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	260	for (String suite : suites) {
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	261	System.out.println(" " + suite);
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	262	}
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	263	}
14df9c7c18e1 7174244: NPE in Krb5ProxyImpl.getServerKeys() xuelei parents: diff changeset	264	}

author	xuelei
	Mon, 25 Jun 2018 13:41:39 -0700
changeset 50768	68fa3d4026ea
parent 47216	71c04702a3d5
permissions	-rw-r--r--