# HG changeset patch # User tidu # Date 1483511211 28800 # Node ID 9edd5241610a66885a95e0f1f79b3e7f4c90bc54 # Parent 224e91ad76c4bb6c9ab8abfc3396f064ae64bb4e 8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out Reviewed-by: coffeys, xuelei Contributed-by: Tim Du diff -r 224e91ad76c4 -r 9edd5241610a jdk/test/javax/net/ssl/TLSv12/DisabledShortRSAKeys.java --- a/jdk/test/javax/net/ssl/TLSv12/DisabledShortRSAKeys.java Tue Jan 03 21:05:46 2017 -0800 +++ b/jdk/test/javax/net/ssl/TLSv12/DisabledShortRSAKeys.java Tue Jan 03 22:26:51 2017 -0800 @@ -31,7 +31,7 @@ * @bug 7109274 * @summary Consider disabling support for X.509 certificates with RSA keys * less than 1024 bits - * + * @library /javax/net/ssl/templates * @run main/othervm DisabledShortRSAKeys PKIX TLSv1.2 * @run main/othervm DisabledShortRSAKeys SunX509 TLSv1.2 * @run main/othervm DisabledShortRSAKeys PKIX TLSv1.1 @@ -56,20 +56,7 @@ import java.util.Base64; -public class DisabledShortRSAKeys { - - /* - * ============================================================= - * Set the various variables needed for the tests, then - * specify what tests to run on each side. - */ - - /* - * Should we run the client or server in a separate thread? - * Both sides can throw exceptions, but do you have a preference - * as to which side should be the main thread. - */ - static boolean separateServerThread = true; +public class DisabledShortRSAKeys extends SSLSocketTemplate { /* * Where do we find the keystores? @@ -123,81 +110,50 @@ static char passphrase[] = "passphrase".toCharArray(); /* - * Is the server ready to serve? - */ - volatile static boolean serverReady = false; - - /* * Turn on SSL debugging? */ static boolean debug = false; - /* - * Define the server side of the test. - * - * If the server prematurely exits, serverReady will be set to true - * to avoid infinite hangs. - */ - void doServerSide() throws Exception { - SSLContext context = generateSSLContext(null, targetCertStr, - targetPrivateKey); - SSLServerSocketFactory sslssf = context.getServerSocketFactory(); - SSLServerSocket sslServerSocket = - (SSLServerSocket)sslssf.createServerSocket(serverPort); - serverPort = sslServerSocket.getLocalPort(); + @Override + protected SSLContext createClientSSLContext() throws Exception { + return generateSSLContext(trustedCertStr, null, null); + } - /* - * Signal Client, we're ready for his connect. - */ - serverReady = true; + @Override + protected SSLContext createServerSSLContext() throws Exception { + return generateSSLContext(null, targetCertStr, targetPrivateKey); + } - try (SSLSocket sslSocket = (SSLSocket)sslServerSocket.accept()) { - try (InputStream sslIS = sslSocket.getInputStream()) { + @Override + protected void runServerApplication(SSLSocket socket) throws Exception { + try { + try (InputStream sslIS = socket.getInputStream()) { sslIS.read(); } - - throw new Exception( - "RSA keys shorter than 1024 bits should be disabled"); + throw new Exception("RSA keys shorter than 1024 bits should be disabled"); } catch (SSLHandshakeException sslhe) { // the expected exception, ignore } + } - /* - * Define the client side of the test. - * - * If the server prematurely exits, serverReady will be set to true - * to avoid infinite hangs. - */ - void doClientSide() throws Exception { + @Override + protected void runClientApplication(SSLSocket socket) throws Exception { - /* - * Wait for server to get started. - */ - while (!serverReady) { - Thread.sleep(50); - } - - SSLContext context = generateSSLContext(trustedCertStr, null, null); - SSLSocketFactory sslsf = context.getSocketFactory(); - - try (SSLSocket sslSocket = - (SSLSocket)sslsf.createSocket("localhost", serverPort)) { + try { // only enable the target protocol - sslSocket.setEnabledProtocols(new String[] {enabledProtocol}); - + socket.setEnabledProtocols(new String[] { enabledProtocol }); // enable a block cipher - sslSocket.setEnabledCipherSuites( - new String[] {"TLS_DHE_RSA_WITH_AES_128_CBC_SHA"}); + socket.setEnabledCipherSuites( + new String[] { "TLS_DHE_RSA_WITH_AES_128_CBC_SHA" }); - try (OutputStream sslOS = sslSocket.getOutputStream()) { + try (OutputStream sslOS = socket.getOutputStream()) { sslOS.write('B'); sslOS.flush(); } - throw new Exception( - "RSA keys shorter than 1024 bits should be disabled"); + "RSA keys shorter than 1024 bits should be disabled"); } catch (SSLHandshakeException sslhe) { // the expected exception, ignore } @@ -207,16 +163,16 @@ * ============================================================= * The remainder is just support stuff */ - private static String tmAlgorithm; // trust manager - private static String enabledProtocol; // the target protocol + private static String tmAlgorithm; // trust manager + private static String enabledProtocol; // the target protocol private static void parseArguments(String[] args) { - tmAlgorithm = args[0]; - enabledProtocol = args[1]; + tmAlgorithm = args[0]; + enabledProtocol = args[1]; } private static SSLContext generateSSLContext(String trustedCertStr, - String keyCertStr, String keySpecStr) throws Exception { + String keyCertStr, String keySpecStr) throws Exception { // generate certificate from cert string CertificateFactory cf = CertificateFactory.getInstance("X.509"); @@ -239,10 +195,10 @@ if (keyCertStr != null) { // generate the private key. PKCS8EncodedKeySpec priKeySpec = new PKCS8EncodedKeySpec( - Base64.getMimeDecoder().decode(keySpecStr)); + Base64.getMimeDecoder().decode(keySpecStr)); KeyFactory kf = KeyFactory.getInstance("RSA"); RSAPrivateKey priKey = - (RSAPrivateKey)kf.generatePrivate(priKeySpec); + (RSAPrivateKey)kf.generatePrivate(priKeySpec); // generate certificate chain is = new ByteArrayInputStream(keyCertStr.getBytes()); @@ -281,13 +237,6 @@ return ctx; } - - // use any free port by default - volatile int serverPort = 0; - - volatile Exception serverException = null; - volatile Exception clientException = null; - public static void main(String[] args) throws Exception { if (debug) System.setProperty("javax.net.debug", "all"); @@ -300,142 +249,7 @@ /* * Start the tests. */ - new DisabledShortRSAKeys(); + new DisabledShortRSAKeys().run(); } - Thread clientThread = null; - Thread serverThread = null; - - /* - * Primary constructor, used to drive remainder of the test. - * - * Fork off the other side, then do your work. - */ - DisabledShortRSAKeys() throws Exception { - Exception startException = null; - try { - if (separateServerThread) { - startServer(true); - startClient(false); - } else { - startClient(true); - startServer(false); - } - } catch (Exception e) { - startException = e; - } - - /* - * Wait for other side to close down. - */ - if (separateServerThread) { - if (serverThread != null) { - serverThread.join(); - } - } else { - if (clientThread != null) { - clientThread.join(); - } - } - - /* - * When we get here, the test is pretty much over. - * Which side threw the error? - */ - Exception local; - Exception remote; - - if (separateServerThread) { - remote = serverException; - local = clientException; - } else { - remote = clientException; - local = serverException; - } - - Exception exception = null; - - /* - * Check various exception conditions. - */ - if ((local != null) && (remote != null)) { - // If both failed, return the curthread's exception. - local.initCause(remote); - exception = local; - } else if (local != null) { - exception = local; - } else if (remote != null) { - exception = remote; - } else if (startException != null) { - exception = startException; - } - - /* - * If there was an exception *AND* a startException, - * output it. - */ - if (exception != null) { - if (exception != startException && startException != null) { - exception.addSuppressed(startException); - } - throw exception; - } - - // Fall-through: no exception to throw! - } - - void startServer(boolean newThread) throws Exception { - if (newThread) { - serverThread = new Thread() { - public void run() { - try { - doServerSide(); - } catch (Exception e) { - /* - * Our server thread just died. - * - * Release the client, if not active already... - */ - System.err.println("Server died..."); - serverReady = true; - serverException = e; - } - } - }; - serverThread.start(); - } else { - try { - doServerSide(); - } catch (Exception e) { - serverException = e; - } finally { - serverReady = true; - } - } - } - - void startClient(boolean newThread) throws Exception { - if (newThread) { - clientThread = new Thread() { - public void run() { - try { - doClientSide(); - } catch (Exception e) { - /* - * Our client thread just died. - */ - System.err.println("Client died..."); - clientException = e; - } - } - }; - clientThread.start(); - } else { - try { - doClientSide(); - } catch (Exception e) { - clientException = e; - } - } - } }