| /* |
| * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. |
| * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
| * |
| * This code is free software; you can redistribute it and/or modify it |
| * under the terms of the GNU General Public License version 2 only, as |
| * published by the Free Software Foundation. |
| * |
| * This code is distributed in the hope that it will be useful, but WITHOUT |
| * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
| * version 2 for more details (a copy is included in the LICENSE file that |
| * accompanied this code). |
| * |
| * You should have received a copy of the GNU General Public License version |
| * 2 along with this work; if not, write to the Free Software Foundation, |
| * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
| * |
| * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
| * or visit www.oracle.com if you need additional information or have any |
| * questions. |
| */ |
| |
| /* |
| * @test |
| * @bug 4495742 |
| * @summary Add non-blocking SSL/TLS functionality, usable with any |
| * I/O abstraction |
| * @ignore JSSE supported cipher suites are changed with CR 6916074, |
| * need to update this test case in JDK 7 soon |
| * |
| * This is intended to test many of the basic API calls to the SSLEngine |
| * interface. This doesn't really exercise much of the SSL code. |
| * |
| * @author Brad Wetmore |
| */ |
| |
| import java.security.*; |
| import java.io.*; |
| import java.nio.*; |
| import javax.net.ssl.*; |
| import javax.net.ssl.SSLEngineResult.*; |
| |
| public class Basics { |
| |
| private static String pathToStores = "../etc"; |
| private static String keyStoreFile = "keystore"; |
| private static String trustStoreFile = "truststore"; |
| private static String passwd = "passphrase"; |
| |
| private static String keyFilename = |
| System.getProperty("test.src", "./") + "/" + pathToStores + |
| "/" + keyStoreFile; |
| private static String trustFilename = |
| System.getProperty("test.src", "./") + "/" + pathToStores + |
| "/" + trustStoreFile; |
| |
| public static void main(String args[]) throws Exception { |
| |
| KeyStore ks = KeyStore.getInstance("JKS"); |
| KeyStore ts = KeyStore.getInstance("JKS"); |
| char[] passphrase = "passphrase".toCharArray(); |
| |
| ks.load(new FileInputStream(keyFilename), passphrase); |
| ts.load(new FileInputStream(trustFilename), passphrase); |
| |
| KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); |
| kmf.init(ks, passphrase); |
| |
| TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509"); |
| tmf.init(ks); |
| |
| SSLContext sslCtx = SSLContext.getInstance("TLS"); |
| |
| sslCtx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); |
| |
| SSLEngine ssle = sslCtx.createSSLEngine(); |
| |
| System.out.println(ssle); |
| |
| String [] suites = ssle.getSupportedCipherSuites(); |
| String secondSuite = suites[1]; |
| String [] oneSuites = new String [] { secondSuite }; |
| |
| printStrings("Supported Ciphersuites", suites); |
| printStrings("Enabled Ciphersuites", ssle.getEnabledCipherSuites()); |
| ssle.setEnabledCipherSuites(oneSuites); |
| printStrings("Set Ciphersuites", ssle.getEnabledCipherSuites()); |
| |
| suites = ssle.getEnabledCipherSuites(); |
| if ((ssle.getEnabledCipherSuites().length != 1) || |
| !(suites[0].equals(secondSuite))) { |
| throw new Exception("set ciphers not what was expected"); |
| } |
| |
| System.out.println(); |
| |
| String [] protocols = ssle.getSupportedProtocols(); |
| String secondProtocol = protocols[1]; |
| String [] oneProtocols = new String [] { protocols[1] }; |
| |
| printStrings("Supported Protocols", protocols); |
| printStrings("Enabled Protocols", ssle.getEnabledProtocols()); |
| ssle.setEnabledProtocols(oneProtocols); |
| printStrings("Set Protocols", ssle.getEnabledProtocols()); |
| |
| protocols = ssle.getEnabledProtocols(); |
| if ((ssle.getEnabledProtocols().length != 1) || |
| !(protocols[0].equals(secondProtocol))) { |
| throw new Exception("set protocols not what was expected"); |
| } |
| |
| System.out.println("Checking get/setUseClientMode"); |
| |
| ssle.setUseClientMode(true); |
| if (ssle.getUseClientMode() != true) { |
| throw new Exception("set/getUseClientMode false"); |
| } |
| |
| ssle.setUseClientMode(false); |
| if (ssle.getUseClientMode() != false) { |
| throw new Exception("set/getUseClientMode true"); |
| } |
| |
| |
| System.out.println("Checking get/setClientAuth"); |
| |
| ssle.setNeedClientAuth(false); |
| if (ssle.getNeedClientAuth() != false) { |
| throw new Exception("set/getNeedClientAuth true"); |
| } |
| |
| ssle.setNeedClientAuth(true); |
| if (ssle.getNeedClientAuth() != true) { |
| throw new Exception("set/getNeedClientAuth false"); |
| } |
| |
| ssle.setWantClientAuth(true); |
| |
| if (ssle.getNeedClientAuth() == true) { |
| throw new Exception("set/getWantClientAuth need = true"); |
| } |
| |
| if (ssle.getWantClientAuth() != true) { |
| throw new Exception("set/getNeedClientAuth false"); |
| } |
| |
| ssle.setWantClientAuth(false); |
| if (ssle.getWantClientAuth() != false) { |
| throw new Exception("set/getNeedClientAuth true"); |
| } |
| |
| /* |
| * Reset back to client mode |
| */ |
| ssle.setUseClientMode(true); |
| |
| System.out.println("checking session creation"); |
| |
| ssle.setEnableSessionCreation(false); |
| if (ssle.getEnableSessionCreation() != false) { |
| throw new Exception("set/getSessionCreation true"); |
| } |
| |
| ssle.setEnableSessionCreation(true); |
| if (ssle.getEnableSessionCreation() != true) { |
| throw new Exception("set/getSessionCreation false"); |
| } |
| |
| /* Checking for overflow wrap/unwrap() */ |
| ByteBuffer smallBB = ByteBuffer.allocate(10); |
| |
| if (ssle.wrap(smallBB, smallBB).getStatus() != |
| Status.BUFFER_OVERFLOW) { |
| throw new Exception("wrap should have overflowed"); |
| } |
| |
| // For unwrap(), the BUFFER_OVERFLOW will not be generated |
| // until received SSL/TLS application data. |
| // Test test/javax/net/ssl/NewAPIs/SSLEngine/LargePacket will check |
| // BUFFER_OVERFLOW/UNDERFLOW for both wrap() and unwrap(). |
| // |
| //if (ssle.unwrap(smallBB, smallBB).getStatus() != |
| // Status.BUFFER_OVERFLOW) { |
| // throw new Exception("unwrap should have overflowed"); |
| //} |
| |
| SSLSession ssls = ssle.getSession(); |
| |
| ByteBuffer appBB = |
| ByteBuffer.allocate(ssls.getApplicationBufferSize()); |
| ByteBuffer netBB = |
| ByteBuffer.allocate(ssls.getPacketBufferSize()); |
| appBB.position(10); |
| |
| /* |
| * start handshake, drain buffer |
| */ |
| if (ssle.wrap(appBB, netBB).getHandshakeStatus() != |
| HandshakeStatus.NEED_UNWRAP) { |
| throw new Exception("initial client hello needs unwrap"); |
| } |
| |
| /* Checking for overflow wrap/unwrap() */ |
| |
| if (ssle.wrap(appBB, netBB).getStatus() != |
| Status.BUFFER_OVERFLOW) { |
| throw new Exception("unwrap should have overflowed"); |
| } |
| |
| ByteBuffer ro = appBB.asReadOnlyBuffer(); |
| |
| System.out.println("checking for wrap/unwrap on RO Buffers"); |
| try { |
| ssle.wrap(netBB, ro); |
| throw new Exception("wrap wasn't ReadOnlyBufferException"); |
| } catch (ReadOnlyBufferException e) { |
| System.out.println("Caught the ReadOnlyBuffer: " + e); |
| } |
| |
| try { |
| ssle.unwrap(netBB, ro); |
| throw new Exception("unwrap wasn't ReadOnlyBufferException"); |
| } catch (ReadOnlyBufferException e) { |
| System.out.println("Caught the ReadOnlyBuffer: " + e); |
| } |
| |
| appBB.position(0); |
| System.out.println("Check various UNDERFLOW conditions"); |
| |
| SSLEngineResult sslER; |
| |
| if ((sslER = |
| ssle.unwrap(ByteBuffer.wrap(smallSSLHeader), |
| appBB)).getStatus() != |
| Status.BUFFER_UNDERFLOW) { |
| System.out.println(sslER); |
| throw new Exception("unwrap should underflow"); |
| } |
| |
| if ((sslER = |
| ssle.unwrap(ByteBuffer.wrap(incompleteSSLHeader), |
| appBB)).getStatus() != |
| Status.BUFFER_UNDERFLOW) { |
| System.out.println(sslER); |
| throw new Exception("unwrap should underflow"); |
| } |
| |
| if ((sslER = |
| ssle.unwrap(ByteBuffer.wrap(smallv2Header), |
| appBB)).getStatus() != |
| Status.BUFFER_UNDERFLOW) { |
| System.out.println(sslER); |
| throw new Exception("unwrap should underflow"); |
| } |
| |
| // junk inbound message |
| try { |
| ssle.unwrap(ByteBuffer.wrap(gobblydegook), appBB); |
| throw new Exception("Didn't catch the nasty SSLException"); |
| } catch (SSLException e) { |
| System.out.println("caught the nasty SSLException: " + e); |
| } |
| |
| System.out.println("Test PASSED"); |
| |
| } |
| |
| static byte [] smallSSLHeader = new byte [] { |
| (byte) 0x16, (byte) 0x03, (byte) 0x01, |
| (byte) 0x05 }; |
| |
| static byte [] incompleteSSLHeader = new byte [] { |
| (byte) 0x16, (byte) 0x03, (byte) 0x01, |
| (byte) 0x00, (byte) 0x5, // 5 bytes |
| (byte) 0x16, (byte) 0x03, (byte) 0x01, (byte) 0x00 }; |
| |
| static byte [] smallv2Header = new byte [] { |
| (byte) 0x80, (byte) 0x03, (byte) 0x01, |
| (byte) 0x00 }; |
| |
| static byte [] gobblydegook = new byte [] { |
| // "HELLO HELLO" |
| (byte) 0x48, (byte) 0x45, (byte) 0x4C, (byte) 0x4C, (byte) 0x20, |
| (byte) 0x48, (byte) 0x45, (byte) 0x4C, (byte) 0x4C }; |
| |
| static void printStrings(String label, String [] strs) { |
| System.out.println(label); |
| |
| for (int i = 0; i < strs.length; i++) { |
| System.out.println(" " + strs[i]); |
| } |
| } |
| } |