Path: blob/master/test/jdk/javax/net/ssl/compatibility/HrrTest.java
41152 views
/*1* Copyright (c) 2020, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation.7*8* This code is distributed in the hope that it will be useful, but WITHOUT9* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or10* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License11* version 2 for more details (a copy is included in the LICENSE file that12* accompanied this code).13*14* You should have received a copy of the GNU General Public License version15* 2 along with this work; if not, write to the Free Software Foundation,16* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.17*18* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA19* or visit www.oracle.com if you need additional information or have any20* questions.21*/2223/*24* @test25* @summary This is an interop compatibility test on TLSv1.3 hello retry request.26*27* @library /test/lib28* ../TLSCommon29* ../TLSCommon/interop30* @compile -source 1.8 -target 1.831* JdkInfoUtils.java32* ../TLSCommon/interop/JdkProcServer.java33* ../TLSCommon/interop/JdkProcClient.java34* @run main/manual HrrTest true35* @run main/manual HrrTest false36*/3738import java.util.ArrayList;39import java.util.List;40import java.util.Set;4142import jdk.test.lib.security.CertUtils;4344public class HrrTest extends ExtInteropTest {4546private JdkInfo serverJdkInfo;47private JdkInfo clientJdkInfo;4849public HrrTest(JdkInfo serverJdkInfo, JdkInfo clientJdkInfo) {50super(new Jdk(serverJdkInfo.version, serverJdkInfo.javaPath),51new Jdk(clientJdkInfo.version, clientJdkInfo.javaPath));5253this.serverJdkInfo = serverJdkInfo;54this.clientJdkInfo = clientJdkInfo;55}5657@Override58protected boolean skipExecute() {59return super.skipExecute() || !supportsTLSv1_3();60}6162private boolean supportsTLSv1_3() {63boolean supported = true;6465if (!serverJdkInfo.enablesProtocol(Protocol.TLSV1_3)) {66System.out.println("The server doesn't support TLSv1.3.");67supported = false;68}6970if (!clientJdkInfo.enablesProtocol(Protocol.TLSV1_3)) {71System.out.println("The client doesn't support TLSv1.3.");72supported = false;73}7475return supported;76}7778/*79* It takes the server to support secp384r1 only, and the client to support80* secp256r1 and secp384r1 in order, the server should respond hello retry81* request message.82* Please note that it has to specify the supported groups via property83* jdk.tls.namedGroups for JSSE peers.84*/85@Override86protected List<TestCase<ExtUseCase>> getTestCases() {87List<TestCase<ExtUseCase>> testCases = new ArrayList<>();88for (CipherSuite cipherSuite : new CipherSuite[] {89CipherSuite.TLS_AES_128_GCM_SHA256,90CipherSuite.TLS_AES_256_GCM_SHA384,91CipherSuite.TLS_CHACHA20_POLY1305_SHA256}) {92testCases.add(createTestCase(cipherSuite));93}94return testCases;95}9697private TestCase<ExtUseCase> createTestCase(CipherSuite cipherSuite) {98Cert cert = new Cert(KeyAlgorithm.RSA, SignatureAlgorithm.RSA,99HashAlgorithm.SHA256, CertUtils.RSA_CERT, CertUtils.RSA_KEY);100CertTuple certTuple = new CertTuple(cert, cert);101102ExtUseCase serverCase = ExtUseCase.newInstance();103serverCase.setCertTuple(certTuple);104serverCase.setNamedGroups(NamedGroup.SECP384R1);105106ExtUseCase clientCase = ExtUseCase.newInstance();107clientCase.setCertTuple(certTuple);108clientCase.setProtocols(Protocol.TLSV1_3);109clientCase.setCipherSuites(cipherSuite);110clientCase.setNamedGroups(NamedGroup.SECP256R1, NamedGroup.SECP384R1);111112return new TestCase<ExtUseCase>(serverCase, clientCase);113}114115@Override116protected boolean ignoreTestCase(TestCase<ExtUseCase> testCase) {117CipherSuite cipherSuite = testCase.clientCase.getCipherSuite();118return !serverJdkInfo.enablesCipherSuite(cipherSuite)119|| !clientJdkInfo.supportsCipherSuite(cipherSuite);120}121122@Override123protected JdkProcServer.Builder createServerBuilder(ExtUseCase useCase)124throws Exception {125JdkProcServer.Builder builder = new JdkProcServer.Builder();126builder.setJdk((Jdk) serverProduct);127builder.setCertTuple(useCase.getCertTuple());128builder.setProtocols(useCase.getProtocols());129builder.setCipherSuites(useCase.getCipherSuites());130builder.setClientAuth(useCase.isClientAuth());131builder.setServerNames(useCase.getServerNames());132builder.setAppProtocols(useCase.getAppProtocols());133builder.setNamedGroups(useCase.getNamedGroups());134return builder;135}136137@Override138protected JdkProcClient.Builder createClientBuilder(ExtUseCase useCase)139throws Exception {140JdkProcClient.Builder builder = new JdkProcClient.Builder();141builder.setJdk((Jdk) clientProduct);142builder.setCertTuple(useCase.getCertTuple());143builder.setProtocols(useCase.getProtocols());144builder.setCipherSuites(useCase.getCipherSuites());145builder.setServerNames(useCase.getServerNames());146builder.setAppProtocols(useCase.getAppProtocols());147builder.setNamedGroups(useCase.getNamedGroups());148return builder;149}150151public static void main(String[] args) throws Exception {152Boolean defaultJdkAsServer = Boolean.valueOf(args[0]);153154Set<JdkInfo> jdkInfos = Utils.jdkInfoList();155for (JdkInfo jdkInfo : jdkInfos) {156HrrTest test = new HrrTest(157defaultJdkAsServer ? JdkInfo.DEFAULT : jdkInfo,158defaultJdkAsServer ? jdkInfo : JdkInfo.DEFAULT);159test.execute();160}161}162}163164165