1
/*
2
 * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
 *
5
 * This code is free software; you can redistribute it and/or modify it
6
 * under the terms of the GNU General Public License version 2 only, as
7
 * published by the Free Software Foundation.
8
 *
9
 * This code is distributed in the hope that it will be useful, but WITHOUT
10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12
 * version 2 for more details (a copy is included in the LICENSE file that
13
 * accompanied this code).
14
 *
15
 * You should have received a copy of the GNU General Public License version
16
 * 2 along with this work; if not, write to the Free Software Foundation,
17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18
 *
19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20
 * or visit www.oracle.com if you need additional information or have any
21
 * questions.
22
 */
23

24
/*
25
 * @test
26
 * @run main/othervm -Djavax.net.debug=ssl RenegotiateTLS13
27
 */
28

29
import javax.net.ssl.KeyManagerFactory;
30
import javax.net.ssl.SSLContext;
31
import javax.net.ssl.SSLServerSocket;
32
import javax.net.ssl.SSLServerSocketFactory;
33
import javax.net.ssl.SSLSocket;
34
import javax.net.ssl.SSLSocketFactory;
35
import javax.net.ssl.TrustManagerFactory;
36
import java.io.DataInputStream;
37
import java.io.DataOutputStream;
38
import java.io.File;
39
import java.io.IOException;
40
import java.security.KeyStore;
41
import java.security.SecureRandom;
42

43
public class RenegotiateTLS13 {
44

45
    static final String dataString = "This is a test";
46

47
    // Run the server as a thread instead of the client
48
    static boolean separateServerThread = false;
49

50
    static String pathToStores = "../etc";
51
    static String keyStoreFile = "keystore";
52
    static String trustStoreFile = "truststore";
53
    static String passwd = "passphrase";
54

55
    // Server ready flag
56
    volatile static boolean serverReady = false;
57
    // Turn on SSL debugging
58
    static boolean debug = false;
59
    // Server done flag
60
    static boolean done = false;
61

62
    // Main server code
63

64
    void doServerSide() throws Exception {
65
        SSLServerSocketFactory sslssf;
66
            sslssf = initContext().getServerSocketFactory();
67
        SSLServerSocket sslServerSocket =
68
            (SSLServerSocket) sslssf.createServerSocket(serverPort);
69
        serverPort = sslServerSocket.getLocalPort();
70

71
        serverReady = true;
72

73
        SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();
74

75
        DataInputStream sslIS =
76
            new DataInputStream(sslSocket.getInputStream());
77
        String s = "";
78
        while (s.compareTo("done") != 0) {
79
            try {
80
                s = sslIS.readUTF();
81
                System.out.println("Received: " + s);
82
            } catch (IOException e) {
83
                throw e;
84
            }
85
        }
86
        done = true;
87
        sslSocket.close();
88
    }
89

90
    // Main client code
91
    void doClientSide() throws Exception {
92

93
        while (!serverReady) {
94
            Thread.sleep(5);
95
        }
96

97
        SSLSocketFactory sslsf;
98
        sslsf = initContext().getSocketFactory();
99

100
        SSLSocket sslSocket = (SSLSocket)
101
            sslsf.createSocket("localhost", serverPort);
102

103
        DataOutputStream sslOS =
104
            new DataOutputStream(sslSocket.getOutputStream());
105

106
        sslOS.writeUTF("With " + dataString);
107
        sslOS.writeUTF("With " + dataString);
108
        sslOS.writeUTF("With " + dataString);
109

110
        sslSocket.startHandshake();
111

112
        sslOS.writeUTF("With " + dataString);
113
        sslOS.writeUTF("With " + dataString);
114
        sslOS.writeUTF("With " + dataString);
115

116
        sslSocket.startHandshake();
117

118
        sslOS.writeUTF("With " + dataString);
119
        sslOS.writeUTF("With " + dataString);
120
        sslOS.writeUTF("With " + dataString);
121
        sslOS.writeUTF("done");
122

123
        while (!done) {
124
            Thread.sleep(5);
125
        }
126
        sslSocket.close();
127
    }
128

129
    volatile int serverPort = 0;
130

131
    volatile Exception serverException = null;
132
    volatile Exception clientException = null;
133

134
    public static void main(String[] args) throws Exception {
135
        String keyFilename =
136
            System.getProperty("test.src", "./") + "/" + pathToStores +
137
                "/" + keyStoreFile;
138
        String trustFilename =
139
            System.getProperty("test.src", "./") + "/" + pathToStores +
140
                "/" + trustStoreFile;
141

142
        System.setProperty("javax.net.ssl.keyStore", keyFilename);
143
        System.setProperty("javax.net.ssl.keyStorePassword", passwd);
144
        System.setProperty("javax.net.ssl.trustStore", trustFilename);
145
        System.setProperty("javax.net.ssl.trustStorePassword", passwd);
146

147
        if (debug)
148
            System.setProperty("javax.net.debug", "ssl");
149

150
        new RenegotiateTLS13();
151
    }
152

153
    Thread clientThread = null;
154
    Thread serverThread = null;
155

156
    /*
157
     * Primary constructor, used to drive remainder of the test.
158
     *
159
     * Fork off the other side, then do your work.
160
     */
161
    RenegotiateTLS13() throws Exception {
162
        try {
163
            if (separateServerThread) {
164
                startServer(true);
165
                startClient(false);
166
            } else {
167
                startClient(true);
168
                startServer(false);
169
            }
170
        } catch (Exception e) {
171
            // swallow for now.  Show later
172
        }
173

174
        /*
175
         * Wait for other side to close down.
176
         */
177
        if (separateServerThread) {
178
            serverThread.join();
179
        } else {
180
            clientThread.join();
181
        }
182

183
        /*
184
         * When we get here, the test is pretty much over.
185
         * Which side threw the error?
186
         */
187
        Exception local;
188
        Exception remote;
189
        String whichRemote;
190

191
        if (separateServerThread) {
192
            remote = serverException;
193
            local = clientException;
194
            whichRemote = "server";
195
        } else {
196
            remote = clientException;
197
            local = serverException;
198
            whichRemote = "client";
199
        }
200

201
        /*
202
         * If both failed, return the curthread's exception, but also
203
         * print the remote side Exception
204
         */
205
        if ((local != null) && (remote != null)) {
206
            System.out.println(whichRemote + " also threw:");
207
            remote.printStackTrace();
208
            System.out.println();
209
            throw local;
210
        }
211

212
        if (remote != null) {
213
            throw remote;
214
        }
215

216
        if (local != null) {
217
            throw local;
218
        }
219
    }
220

221
    void startServer(boolean newThread) throws Exception {
222
        if (newThread) {
223
            serverThread = new Thread() {
224
                public void run() {
225
                    try {
226
                        doServerSide();
227
                    } catch (Exception e) {
228
                        /*
229
                         * Our server thread just died.
230
                         *
231
                         * Release the client, if not active already...
232
                         */
233
                        System.err.println("Server died...");
234
                        serverReady = true;
235
                        serverException = e;
236
                    }
237
                }
238
            };
239
            serverThread.start();
240
        } else {
241
            try {
242
                doServerSide();
243
            } catch (Exception e) {
244
                serverException = e;
245
            } finally {
246
                serverReady = true;
247
            }
248
        }
249
    }
250

251
    void startClient(boolean newThread) throws Exception {
252
        if (newThread) {
253
            clientThread = new Thread() {
254
                public void run() {
255
                    try {
256
                        doClientSide();
257
                    } catch (Exception e) {
258
                        /*
259
                         * Our client thread just died.
260
                         */
261
                        System.err.println("Client died...");
262
                        clientException = e;
263
                    }
264
                }
265
            };
266
            clientThread.start();
267
        } else {
268
            try {
269
                doClientSide();
270
            } catch (Exception e) {
271
                clientException = e;
272
            }
273
        }
274
    }
275

276
    // Initialize context for TLS 1.3
277
    SSLContext initContext() throws Exception {
278
        System.out.println("Using TLS13");
279
        SSLContext sc = SSLContext.getInstance("TLSv1.3");
280
        KeyStore ks = KeyStore.getInstance(
281
                new File(System.getProperty("javax.net.ssl.keyStore")),
282
                passwd.toCharArray());
283
        KeyManagerFactory kmf = KeyManagerFactory.getInstance(
284
                KeyManagerFactory.getDefaultAlgorithm());
285
        kmf.init(ks, passwd.toCharArray());
286
        TrustManagerFactory tmf = TrustManagerFactory.getInstance(
287
                TrustManagerFactory.getDefaultAlgorithm());
288
        tmf.init(ks);
289
        sc.init(kmf.getKeyManagers(), tmf.getTrustManagers(), new SecureRandom());
290
        return sc;
291
    }
292
}
293

294