Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/mobile
 Path: blob/master/test/jdk/sun/security/ssl/CipherSuite/NamedGroupsWithCipherSuite.java
41152 views
1
/*

2
 * Copyright (c) 2019, 2020, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.

8
 *

9
 * This code is distributed in the hope that it will be useful, but WITHOUT

10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

12
 * version 2 for more details (a copy is included in the LICENSE file that

13
 * accompanied this code).

14
 *

15
 * You should have received a copy of the GNU General Public License version

16
 * 2 along with this work; if not, write to the Free Software Foundation,

17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

18
 *

19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

20
 * or visit www.oracle.com if you need additional information or have any

21
 * questions.

22
 */

23


24
import javax.net.ssl.SSLContext;

25
import javax.net.ssl.SSLServerSocket;

26
import javax.net.ssl.SSLSocket;

27


28
import jdk.test.lib.security.SecurityUtils;

29


30
/*

31
  * @test

32
  * @bug 8224650 8242929

33
  * @library /javax/net/ssl/templates

34
  *          /javax/net/ssl/TLSCommon

35
  *          /test/lib

36
  * @summary Test TLS ciphersuite with each individual supported group

37
  * @run main/othervm NamedGroupsWithCipherSuite x25519

38
  * @run main/othervm NamedGroupsWithCipherSuite X448

39
  * @run main/othervm NamedGroupsWithCipherSuite secp256r1

40
  * @run main/othervm NamedGroupsWithCipherSuite secP384r1

41
  * @run main/othervm NamedGroupsWithCipherSuite SECP521R1

42
  * @run main/othervm NamedGroupsWithCipherSuite ffDhe2048

43
  * @run main/othervm NamedGroupsWithCipherSuite FFDHE3072

44
  * @run main/othervm NamedGroupsWithCipherSuite ffdhe4096

45
  * @run main/othervm NamedGroupsWithCipherSuite ffdhe6144

46
  * @run main/othervm NamedGroupsWithCipherSuite ffdhe8192

47
 */

48
public class NamedGroupsWithCipherSuite extends SSLSocketTemplate {

49


50
    private static final Protocol[] PROTOCOLS = new Protocol[] {

51
            Protocol.TLSV1_3,

52
            Protocol.TLSV1_2,

53
            Protocol.TLSV1_1,

54
            Protocol.TLSV1

55
    };

56


57
    private static final CipherSuite[] CIPHER_SUITES = new CipherSuite[] {

58
            CipherSuite.TLS_AES_128_GCM_SHA256,

59
            CipherSuite.TLS_AES_256_GCM_SHA384,

60
            CipherSuite.TLS_CHACHA20_POLY1305_SHA256,

61


62
            CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,

63
            CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,

64
            CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,

65
            CipherSuite.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,

66


67
            CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,

68
            CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,

69
            CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,

70
            CipherSuite.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,

71


72
            CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA,

73
            CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,

74


75
            CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA,

76
            CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,

77
            CipherSuite.TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256

78
    };

79


80
    private String protocol;

81
    private String cipher;

82


83
    private SSLSocketTemplate.Cert[] trustedCerts = TRUSTED_CERTS;

84
    private SSLSocketTemplate.Cert[] endEntityCerts = END_ENTITY_CERTS;

85


86
    NamedGroupsWithCipherSuite(

87
            Protocol protocol,

88
            CipherSuite cipher,

89
            String namedGroup) {

90
        this.protocol = protocol.name;

91
        this.cipher = cipher.name();

92


93
        if (cipher.keyExAlgorithm == KeyExAlgorithm.ECDHE_ECDSA) {

94
            switch (namedGroup) {

95
            case "secp256r1":

96
                trustedCerts = new SSLSocketTemplate.Cert[] {

97
                        SSLSocketTemplate.Cert.CA_ECDSA_SECP256R1 };

98
                endEntityCerts = new SSLSocketTemplate.Cert[] {

99
                        SSLSocketTemplate.Cert.EE_ECDSA_SECP256R1 };

100
                break;

101
            case "secp384r1":

102
                trustedCerts = new SSLSocketTemplate.Cert[] {

103
                        SSLSocketTemplate.Cert.CA_ECDSA_SECP384R1 };

104
                endEntityCerts = new SSLSocketTemplate.Cert[] {

105
                        SSLSocketTemplate.Cert.EE_ECDSA_SECP384R1 };

106
                break;

107
            case "secp521r1":

108
                trustedCerts = new SSLSocketTemplate.Cert[] {

109
                        SSLSocketTemplate.Cert.CA_ECDSA_SECP521R1 };

110
                endEntityCerts = new SSLSocketTemplate.Cert[] {

111
                        SSLSocketTemplate.Cert.EE_ECDSA_SECP521R1 };

112
            }

113
        } else if (protocol.id < Protocol.TLSV1_2.id

114
                && cipher.keyExAlgorithm == KeyExAlgorithm.DHE_DSS) {

115
            trustedCerts = new SSLSocketTemplate.Cert[] {

116
                    SSLSocketTemplate.Cert.CA_DSA_1024 };

117
            endEntityCerts = new SSLSocketTemplate.Cert[] {

118
                    SSLSocketTemplate.Cert.EE_DSA_1024 };

119
        }

120
    }

121


122
    protected SSLContext createClientSSLContext() throws Exception {

123
        return createSSLContext(trustedCerts, endEntityCerts,

124
                getClientContextParameters());

125
    }

126


127
    protected SSLContext createServerSSLContext() throws Exception {

128
        return createSSLContext(trustedCerts, endEntityCerts,

129
                getServerContextParameters());

130
    }

131


132
    // Servers are configured before clients, increment test case after.

133
    @Override

134
    protected void configureClientSocket(SSLSocket socket) {

135
        socket.setEnabledProtocols(new String[] { protocol });

136
        socket.setEnabledCipherSuites(new String[] { cipher });

137
    }

138


139
    @Override

140
    protected void configureServerSocket(SSLServerSocket serverSocket) {

141
        serverSocket.setEnabledProtocols(new String[] { protocol });

142
        serverSocket.setEnabledCipherSuites(new String[] { cipher });

143
    }

144


145
    public static void main(String[] args) throws Exception {

146
        String namedGroup = args[0];

147
        // Named group is set as per run argument with no change in it's alphabet

148
        System.setProperty("jdk.tls.namedGroups", namedGroup);

149
        System.out.println("NamedGroup: " + namedGroup);

150


151
        // Re-enable TLSv1 and TLSv1.1 since test depends on it.

152
        SecurityUtils.removeFromDisabledTlsAlgs("TLSv1", "TLSv1.1");

153


154
        for (Protocol protocol : PROTOCOLS) {

155
            for (CipherSuite cipherSuite : CIPHER_SUITES) {

156
                // Named group converted to lower case just

157
                // to satisfy Test condition

158
                if (cipherSuite.supportedByProtocol(protocol)

159
                        && groupSupportdByCipher(namedGroup.toLowerCase(),

160
                                cipherSuite)) {

161
                    System.out.printf("Protocol: %s, cipher suite: %s%n",

162
                            protocol, cipherSuite);

163
                    // Named group converted to lower case just

164
                    // to satisfy Test condition

165
                    new NamedGroupsWithCipherSuite(protocol,

166
                            cipherSuite, namedGroup.toLowerCase()).run();

167
                }

168
            }

169
        }

170
    }

171


172
    private static boolean groupSupportdByCipher(String group,

173
            CipherSuite cipherSuite) {

174
        return (group.startsWith("x")

175
                        && xdhGroupSupportdByCipher(cipherSuite))

176
                || (group.startsWith("secp")

177
                        && ecdhGroupSupportdByCipher(cipherSuite))

178
                || (group.startsWith("ffdhe")

179
                        && ffdhGroupSupportdByCipher(cipherSuite));

180
    }

181


182
    private static boolean xdhGroupSupportdByCipher(

183
            CipherSuite cipherSuite) {

184
        return cipherSuite.keyExAlgorithm == null

185
                || cipherSuite.keyExAlgorithm == KeyExAlgorithm.ECDHE_RSA;

186
    }

187


188
    private static boolean ecdhGroupSupportdByCipher(

189
            CipherSuite cipherSuite) {

190
        return cipherSuite.keyExAlgorithm == null

191
                || cipherSuite.keyExAlgorithm == KeyExAlgorithm.ECDHE_RSA

192
                || cipherSuite.keyExAlgorithm == KeyExAlgorithm.ECDHE_ECDSA;

193
    }

194


195
    private static boolean ffdhGroupSupportdByCipher(

196
            CipherSuite cipherSuite) {

197
        return cipherSuite.keyExAlgorithm == null

198
                || cipherSuite.keyExAlgorithm == KeyExAlgorithm.DHE_DSS

199
                || cipherSuite.keyExAlgorithm == KeyExAlgorithm.DHE_RSA;

200
    }

201
}

202


203