8234723: javax/net/ssl/TLS tests support TLSv1.3
Summary: Missing TLSv1.3 test cases
Reviewed-by: xuelei
/*
* Copyright (c) 2014, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* @test
* @bug 8049432 8069038 8234723
* @summary New tests for TLS property jdk.tls.client.protocols
* @summary javax/net/ssl/TLS/TLSClientPropertyTest.java needs to be
* updated for JDK-8061210
* @modules java.security.jgss
* java.security.jgss/sun.security.jgss.krb5
* java.security.jgss/sun.security.krb5:+open
* java.security.jgss/sun.security.krb5.internal:+open
* java.security.jgss/sun.security.krb5.internal.ccache
* java.security.jgss/sun.security.krb5.internal.crypto
* java.security.jgss/sun.security.krb5.internal.ktab
* java.base/sun.security.util
* @run main/othervm TLSClientPropertyTest NoProperty
* @run main/othervm TLSClientPropertyTest SSLv3
* @run main/othervm TLSClientPropertyTest TLSv1
* @run main/othervm TLSClientPropertyTest TLSv11
* @run main/othervm TLSClientPropertyTest TLSv12
* @run main/othervm TLSClientPropertyTest TLSv13
* @run main/othervm TLSClientPropertyTest TLS
* @run main/othervm TLSClientPropertyTest WrongProperty
*/
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.List;
import javax.net.ssl.SSLContext;
/**
* Sets the property jdk.tls.client.protocols to one of this protocols:
* SSLv3,TLSv1,TLSv1.1,TLSv1.2 and TLSV(invalid) or removes this
* property (if any),then validates the default, supported and current
* protocols in the SSLContext.
*/
public class TLSClientPropertyTest {
private final String[] expectedSupportedProtos = new String[] {
"SSLv2Hello", "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"
};
public static void main(String[] args) throws Exception {
if (args.length < 1) {
throw new RuntimeException(
"Incorrect arguments,expected arguments: testCase");
}
String[] expectedDefaultProtos;
String testCase = args[0];
String contextProtocol;
switch (testCase) {
case "NoProperty":
if (System.getProperty("jdk.tls.client.protocols") != null) {
System.getProperties().remove("jdk.tls.client.protocols");
}
contextProtocol = null;
expectedDefaultProtos = new String[] {
"TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"
};
break;
case "SSLv3":
contextProtocol = "SSLv3";
expectedDefaultProtos = new String[] {
};
break;
case "TLSv1":
contextProtocol = "TLSv1";
expectedDefaultProtos = new String[] {
"TLSv1"
};
break;
case "TLSv11":
contextProtocol = "TLSv1.1";
expectedDefaultProtos = new String[] {
"TLSv1", "TLSv1.1"
};
break;
case "TLSv12":
contextProtocol = "TLSv1.2";
expectedDefaultProtos = new String[] {
"TLSv1", "TLSv1.1", "TLSv1.2"
};
break;
case "TLSv13":
case "TLS":
contextProtocol = "TLSv1.3";
expectedDefaultProtos = new String[] {
"TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"
};
break;
case "WrongProperty":
expectedDefaultProtos = new String[] {};
contextProtocol = "TLSV";
break;
default:
throw new RuntimeException("test case is wrong");
}
if (contextProtocol != null) {
System.setProperty("jdk.tls.client.protocols", contextProtocol);
}
try {
TLSClientPropertyTest test = new TLSClientPropertyTest();
test.test(contextProtocol, expectedDefaultProtos);
if (testCase.equals("WrongProperty")) {
throw new RuntimeException(
"Test failed: NoSuchAlgorithmException " +
"is expected when input wrong protocol");
} else {
System.out.println("Test " + contextProtocol + " passed");
}
} catch (NoSuchAlgorithmException nsae) {
if (testCase.equals("WrongProperty")) {
System.out.println("NoSuchAlgorithmException is expected,"
+ contextProtocol + " test passed");
} else {
throw nsae;
}
}
}
/**
* The parameter passed is the user enforced protocol. Does not catch
* NoSuchAlgorithmException, WrongProperty test will use it.
*/
public void test(String expectedContextProto,
String[] expectedDefaultProtos) throws NoSuchAlgorithmException {
SSLContext context = null;
try {
if (expectedContextProto != null) {
context = SSLContext.getInstance(expectedContextProto);
context.init(null, null, null);
} else {
context = SSLContext.getDefault();
}
printContextDetails(context);
} catch (KeyManagementException ex) {
error(null, ex);
}
validateContext(expectedContextProto, expectedDefaultProtos, context);
}
/**
* Simple print utility for SSLContext's protocol details.
*/
private void printContextDetails(SSLContext context) {
System.out.println("Default Protocols: "
+ Arrays.toString(context.getDefaultSSLParameters()
.getProtocols()));
System.out.println("Supported Protocols: "
+ Arrays.toString(context.getSupportedSSLParameters()
.getProtocols()));
System.out.println("Current Protocol : " + context.getProtocol());
}
/**
* Error handler.
*/
private void error(String msg, Throwable tble) {
String finalMsg = "FAILED " + (msg != null ? msg : "");
if (tble != null) {
throw new RuntimeException(finalMsg, tble);
}
throw new RuntimeException(finalMsg);
}
/**
* Validates the SSLContext's protocols against the user enforced protocol.
*/
private void validateContext(String expectedProto,
String[] expectedDefaultProtos, SSLContext context) {
if (expectedProto == null) {
expectedProto = "Default";
}
if (!context.getProtocol().equals(expectedProto)) {
error("Invalid current protocol: " + context.getProtocol()
+ ", Expected:" + expectedProto, null);
}
List<String> actualDefaultProtos = Arrays.asList(context
.getDefaultSSLParameters().getProtocols());
for (String p : expectedDefaultProtos) {
if (!actualDefaultProtos.contains(p)) {
error("Default protocol " + p + "missing", null);
}
}
List<String> actualSupportedProtos = Arrays.asList(context
.getSupportedSSLParameters().getProtocols());
for (String p : expectedSupportedProtos) {
if (!actualSupportedProtos.contains(p)) {
error("Expected to support protocol:" + p, null);
}
}
}
}