19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
20 * or visit www.oracle.com if you need additional information or have any |
20 * or visit www.oracle.com if you need additional information or have any |
21 * questions. |
21 * questions. |
22 */ |
22 */ |
23 |
23 |
|
24 // |
|
25 // SunJSSE does not support dynamic system properties, no way to re-use |
|
26 // system properties in samevm/agentvm mode. |
|
27 // |
|
28 |
24 /* |
29 /* |
25 * @test |
30 * @test |
26 * @bug 4495742 |
31 * @bug 4495742 |
27 * @summary Demonstrate SSLEngine switch from no client auth to client auth. |
32 * @summary Demonstrate SSLEngine switch from no client auth to client auth. |
28 * @run main/othervm NoAuthClientAuth |
33 * @run main/othervm NoAuthClientAuth SSLv3 |
29 * |
34 * @run main/othervm NoAuthClientAuth TLSv1 |
30 * SunJSSE does not support dynamic system properties, no way to re-use |
35 * @run main/othervm NoAuthClientAuth TLSv1.1 |
31 * system properties in samevm/agentvm mode. |
36 * @run main/othervm NoAuthClientAuth TLSv1.2 |
32 * |
|
33 * @author Brad R. Wetmore |
37 * @author Brad R. Wetmore |
34 */ |
38 */ |
35 |
39 |
36 /** |
40 /** |
37 * A SSLEngine usage example which simplifies the presentation |
41 * A SSLEngine usage example which simplifies the presentation |
76 import javax.net.ssl.SSLEngineResult.*; |
80 import javax.net.ssl.SSLEngineResult.*; |
77 import java.io.*; |
81 import java.io.*; |
78 import java.security.*; |
82 import java.security.*; |
79 import java.nio.*; |
83 import java.nio.*; |
80 |
84 |
|
85 // Note that this test case depends on JSSE provider implementation details. |
81 public class NoAuthClientAuth { |
86 public class NoAuthClientAuth { |
82 |
87 |
83 /* |
88 /* |
84 * Enables logging of the SSLEngine operations. |
89 * Enables logging of the SSLEngine operations. |
85 */ |
90 */ |
92 * |
97 * |
93 * This gives a lot of low-level information about operations underway, |
98 * This gives a lot of low-level information about operations underway, |
94 * including specific handshake messages, and might be best examined |
99 * including specific handshake messages, and might be best examined |
95 * after gaining some familiarity with this application. |
100 * after gaining some familiarity with this application. |
96 */ |
101 */ |
97 private static boolean debug = false; |
102 private static boolean debug = true; |
98 |
103 |
99 private SSLContext sslc; |
104 private SSLContext sslc; |
100 |
105 |
101 private SSLEngine clientEngine; // client Engine |
106 private SSLEngine clientEngine; // client Engine |
102 private ByteBuffer clientOut; // write side of clientEngine |
107 private ByteBuffer clientOut; // write side of clientEngine |
126 System.getProperty("test.src", ".") + "/" + pathToStores + |
131 System.getProperty("test.src", ".") + "/" + pathToStores + |
127 "/" + keyStoreFile; |
132 "/" + keyStoreFile; |
128 private static String trustFilename = |
133 private static String trustFilename = |
129 System.getProperty("test.src", ".") + "/" + pathToStores + |
134 System.getProperty("test.src", ".") + "/" + pathToStores + |
130 "/" + trustStoreFile; |
135 "/" + trustStoreFile; |
|
136 // the specified protocol |
|
137 private static String tlsProtocol; |
131 |
138 |
132 /* |
139 /* |
133 * Main entry point for this test. |
140 * Main entry point for this test. |
134 */ |
141 */ |
135 public static void main(String args[]) throws Exception { |
142 public static void main(String args[]) throws Exception { |
|
143 Security.setProperty("jdk.tls.disabledAlgorithms", ""); |
|
144 |
136 if (debug) { |
145 if (debug) { |
137 System.setProperty("javax.net.debug", "all"); |
146 System.setProperty("javax.net.debug", "all"); |
138 } |
147 } |
|
148 |
|
149 tlsProtocol = args[0]; |
139 |
150 |
140 NoAuthClientAuth test = new NoAuthClientAuth(); |
151 NoAuthClientAuth test = new NoAuthClientAuth(); |
141 test.runTest(); |
152 test.runTest(); |
142 |
153 |
143 System.out.println("Test Passed."); |
154 System.out.println("Test Passed."); |
241 serverEngine.getSession().getPeerCertificates(); |
252 serverEngine.getSession().getPeerCertificates(); |
242 System.out.println("Client Certificate(s) received"); |
253 System.out.println("Client Certificate(s) received"); |
243 for (java.security.cert.Certificate c : certs) { |
254 for (java.security.cert.Certificate c : certs) { |
244 System.out.println(c); |
255 System.out.println(c); |
245 } |
256 } |
246 log("Closing server."); |
257 // log("Closing server."); |
247 serverEngine.closeOutbound(); |
258 // serverEngine.closeOutbound(); |
248 } // nothing. |
259 } // nothing. |
249 } |
260 } |
250 |
261 |
251 cTOs.flip(); |
262 cTOs.flip(); |
252 sTOc.flip(); |
263 sTOc.flip(); |
253 |
264 |
254 log("----"); |
265 log("----"); |
255 |
266 |
256 clientResult = clientEngine.unwrap(sTOc, clientIn); |
267 if (!clientEngine.isInboundDone()) { |
257 log("client unwrap: ", clientResult); |
268 clientResult = clientEngine.unwrap(sTOc, clientIn); |
258 runDelegatedTasks(clientResult, clientEngine); |
269 log("client unwrap: ", clientResult); |
259 clientIn.clear(); |
270 runDelegatedTasks(clientResult, clientEngine); |
260 |
271 clientIn.clear(); |
261 serverResult = serverEngine.unwrap(cTOs, serverIn); |
272 sTOc.compact(); |
262 log("server unwrap: ", serverResult); |
273 } else { |
263 runDelegatedTasks(serverResult, serverEngine); |
274 sTOc.clear(); |
264 serverIn.clear(); |
275 } |
265 |
276 |
266 cTOs.compact(); |
277 if (!serverEngine.isInboundDone()) { |
267 sTOc.compact(); |
278 serverResult = serverEngine.unwrap(cTOs, serverIn); |
|
279 log("server unwrap: ", serverResult); |
|
280 runDelegatedTasks(serverResult, serverEngine); |
|
281 serverIn.clear(); |
|
282 cTOs.compact(); |
|
283 } else { |
|
284 cTOs.clear(); |
|
285 } |
|
286 |
|
287 if (hsCompleted == 2) { |
|
288 log("Closing server."); |
|
289 serverEngine.closeOutbound(); |
|
290 } |
268 } |
291 } |
269 } |
292 } |
270 |
293 |
271 /* |
294 /* |
272 * Using the SSLContext created during object creation, |
295 * Using the SSLContext created during object creation, |
284 /* |
307 /* |
285 * Similar to above, but using client mode instead. |
308 * Similar to above, but using client mode instead. |
286 */ |
309 */ |
287 clientEngine = sslc.createSSLEngine("client", 80); |
310 clientEngine = sslc.createSSLEngine("client", 80); |
288 clientEngine.setUseClientMode(true); |
311 clientEngine.setUseClientMode(true); |
|
312 clientEngine.setEnabledProtocols(new String[] { tlsProtocol }); |
289 } |
313 } |
290 |
314 |
291 /* |
315 /* |
292 * Create and size the buffers appropriately. |
316 * Create and size the buffers appropriately. |
293 */ |
317 */ |