Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/mobile
 Path: blob/master/test/jdk/sun/security/ssl/SSLSessionImpl/ResumeChecksServer.java
41152 views
1
/*

2
 * Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.

8
 *

9
 * This code is distributed in the hope that it will be useful, but WITHOUT

10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

12
 * version 2 for more details (a copy is included in the LICENSE file that

13
 * accompanied this code).

14
 *

15
 * You should have received a copy of the GNU General Public License version

16
 * 2 along with this work; if not, write to the Free Software Foundation,

17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

18
 *

19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

20
 * or visit www.oracle.com if you need additional information or have any

21
 * questions.

22
 */

23


24
/*

25
 * @test

26
 * @bug 8206929

27
 * @summary ensure that server only resumes a session if certain properties

28
 *    of the session are compatible with the new connection

29
 * @run main/othervm -Djdk.tls.client.protocols=TLSv1.2 -Djdk.tls.server.enableSessionTicketExtension=false -Djdk.tls.client.enableSessionTicketExtension=false ResumeChecksServer BASIC

30
 * @run main/othervm -Djdk.tls.client.protocols=TLSv1.2 -Djdk.tls.server.enableSessionTicketExtension=true -Djdk.tls.client.enableSessionTicketExtension=false ResumeChecksServer BASIC

31
 * @run main/othervm -Djdk.tls.client.protocols=TLSv1.2 -Djdk.tls.server.enableSessionTicketExtension=true -Djdk.tls.client.enableSessionTicketExtension=true ResumeChecksServer BASIC

32
 * @run main/othervm -Djdk.tls.client.protocols=TLSv1.2 -Djdk.tls.server.enableSessionTicketExtension=false -Djdk.tls.client.enableSessionTicketExtension=false ResumeChecksServer CLIENT_AUTH

33
 * @run main/othervm -Djdk.tls.client.protocols=TLSv1.2 -Djdk.tls.server.enableSessionTicketExtension=true -Djdk.tls.client.enableSessionTicketExtension=false ResumeChecksServer CLIENT_AUTH

34
 * @run main/othervm -Djdk.tls.client.protocols=TLSv1.2 -Djdk.tls.server.enableSessionTicketExtension=true -Djdk.tls.client.enableSessionTicketExtension=true ResumeChecksServer CLIENT_AUTH

35
 * @run main/othervm -Djdk.tls.server.enableSessionTicketExtension=false -Djdk.tls.client.enableSessionTicketExtension=false ResumeChecksServer VERSION_2_TO_3

36
 * @run main/othervm -Djdk.tls.server.enableSessionTicketExtension=false -Djdk.tls.client.enableSessionTicketExtension=true ResumeChecksServer VERSION_2_TO_3

37
 * @run main/othervm -Djdk.tls.server.enableSessionTicketExtension=true -Djdk.tls.client.enableSessionTicketExtension=false ResumeChecksServer VERSION_2_TO_3

38
 * @run main/othervm -Djdk.tls.server.enableSessionTicketExtension=false -Djdk.tls.client.enableSessionTicketExtension=false ResumeChecksServer VERSION_3_TO_2

39
 * @run main/othervm -Djdk.tls.server.enableSessionTicketExtension=false -Djdk.tls.client.enableSessionTicketExtension=true ResumeChecksServer VERSION_3_TO_2

40
 * @run main/othervm -Djdk.tls.server.enableSessionTicketExtension=true -Djdk.tls.client.enableSessionTicketExtension=false ResumeChecksServer VERSION_3_TO_2

41
 *

42
 */

43


44
import javax.net.*;

45
import javax.net.ssl.*;

46
import java.io.*;

47
import java.security.*;

48
import java.net.*;

49
import java.util.*;

50


51
public class ResumeChecksServer {

52


53
    static String pathToStores = "../../../../javax/net/ssl/etc";

54
    static String keyStoreFile = "keystore";

55
    static String trustStoreFile = "truststore";

56
    static String passwd = "passphrase";

57


58
    enum TestMode {

59
        BASIC,

60
        CLIENT_AUTH,

61
        VERSION_2_TO_3,

62
        VERSION_3_TO_2,

63
        CIPHER_SUITE,

64
        SIGNATURE_SCHEME

65
    }

66


67
    public static void main(String[] args) throws Exception {

68


69
        TestMode mode = TestMode.valueOf(args[0]);

70


71
        String keyFilename =

72
            System.getProperty("test.src", "./") + "/" + pathToStores +

73
                "/" + keyStoreFile;

74
        String trustFilename =

75
            System.getProperty("test.src", "./") + "/" + pathToStores +

76
                "/" + trustStoreFile;

77


78
        System.setProperty("javax.net.ssl.keyStore", keyFilename);

79
        System.setProperty("javax.net.ssl.keyStorePassword", passwd);

80
        System.setProperty("javax.net.ssl.trustStore", trustFilename);

81
        System.setProperty("javax.net.ssl.trustStorePassword", passwd);

82


83
        SSLSession secondSession = null;

84


85
        SSLContext sslContext = SSLContext.getDefault();

86
        ServerSocketFactory fac = sslContext.getServerSocketFactory();

87
        SSLServerSocket ssock = (SSLServerSocket)

88
            fac.createServerSocket(0);

89


90
        Client client = startClient(ssock.getLocalPort());

91


92
        try {

93
            connect(client, ssock, mode, false);

94
        } catch (Exception ex) {

95
            throw new RuntimeException(ex);

96
        }

97


98
        long secondStartTime = System.currentTimeMillis();

99
        Thread.sleep(10);

100
        try {

101
            secondSession = connect(client, ssock, mode, true);

102
        } catch (SSLHandshakeException ex) {

103
            // this is expected

104
        } catch (Exception ex) {

105
            throw new RuntimeException(ex);

106
        }

107


108
        client.go = false;

109
        client.signal();

110


111
        switch (mode) {

112
        case BASIC:

113
            // fail if session is not resumed

114
            if (secondSession.getCreationTime() > secondStartTime) {

115
                throw new RuntimeException("Session was not reused");

116
            }

117
            break;

118
        case CLIENT_AUTH:

119
            // throws an exception if the client is not authenticated

120
            secondSession.getPeerCertificates();

121
            break;

122
        case VERSION_2_TO_3:

123
        case VERSION_3_TO_2:

124
        case CIPHER_SUITE:

125
        case SIGNATURE_SCHEME:

126
            // fail if a new session is not created

127
            if (secondSession.getCreationTime() <= secondStartTime) {

128
                throw new RuntimeException("Existing session was used");

129
            }

130
            break;

131
        default:

132
            throw new RuntimeException("unknown mode: " + mode);

133
        }

134
    }

135


136
    private static class NoSig implements AlgorithmConstraints {

137


138
        private final String alg;

139


140
        NoSig(String alg) {

141
            this.alg = alg;

142
        }

143


144


145
        private boolean test(String a) {

146
            return !a.toLowerCase().contains(alg.toLowerCase());

147
        }

148


149
        public boolean permits(Set<CryptoPrimitive> primitives, Key key) {

150
            return true;

151
        }

152
        public boolean permits(Set<CryptoPrimitive> primitives,

153
            String algorithm, AlgorithmParameters parameters) {

154


155
            return test(algorithm);

156
        }

157
        public boolean permits(Set<CryptoPrimitive> primitives,

158
            String algorithm, Key key, AlgorithmParameters parameters) {

159


160
            return test(algorithm);

161
        }

162
    }

163


164
    private static SSLSession connect(Client client, SSLServerSocket ssock,

165
        TestMode mode, boolean second) throws Exception {

166


167
        try {

168
            client.signal();

169
            System.out.println("Waiting for connection");

170
            SSLSocket sock = (SSLSocket) ssock.accept();

171
            SSLParameters params = sock.getSSLParameters();

172


173
            switch (mode) {

174
            case BASIC:

175
                // do nothing to ensure resumption works

176
                break;

177
            case CLIENT_AUTH:

178
                if (second) {

179
                    params.setNeedClientAuth(true);

180
                } else {

181
                    params.setNeedClientAuth(false);

182
                }

183
                break;

184
            case VERSION_2_TO_3:

185
                if (second) {

186
                    params.setProtocols(new String[] {"TLSv1.3"});

187
                } else {

188
                    params.setProtocols(new String[] {"TLSv1.2"});

189
                }

190
                break;

191
            case VERSION_3_TO_2:

192
                if (second) {

193
                    params.setProtocols(new String[] {"TLSv1.2"});

194
                } else {

195
                    params.setProtocols(new String[] {"TLSv1.3"});

196
                }

197
                break;

198
            case CIPHER_SUITE:

199
                if (second) {

200
                    params.setCipherSuites(

201
                        new String[] {"TLS_AES_128_GCM_SHA256"});

202
                } else {

203
                    params.setCipherSuites(

204
                        new String[] {"TLS_AES_256_GCM_SHA384"});

205
                }

206
                break;

207
            case SIGNATURE_SCHEME:

208
                params.setNeedClientAuth(true);

209
                AlgorithmConstraints constraints =

210
                    params.getAlgorithmConstraints();

211
                if (second) {

212
                    params.setAlgorithmConstraints(new NoSig("ecdsa"));

213
                } else {

214
                    params.setAlgorithmConstraints(new NoSig("rsa"));

215
                }

216
                break;

217
            default:

218
                throw new RuntimeException("unknown mode: " + mode);

219
            }

220
            sock.setSSLParameters(params);

221
            BufferedReader reader = new BufferedReader(

222
                new InputStreamReader(sock.getInputStream()));

223
            String line = reader.readLine();

224
            System.out.println("server read: " + line);

225
            PrintWriter out = new PrintWriter(

226
                new OutputStreamWriter(sock.getOutputStream()));

227
            out.println(line);

228
            out.flush();

229
            out.close();

230
            SSLSession result = sock.getSession();

231
            sock.close();

232
            return result;

233
        } catch (SSLHandshakeException ex) {

234
            if (!second) {

235
                throw ex;

236
            }

237
        }

238
        return null;

239
    }

240


241
    private static Client startClient(int port) {

242
        Client client = new Client(port);

243
        new Thread(client).start();

244
        return client;

245
    }

246


247
    private static class Client implements Runnable {

248


249
        public volatile boolean go = true;

250
        private boolean signal = false;

251
        private final int port;

252


253
        Client(int port) {

254
            this.port = port;

255
        }

256


257
        private synchronized void waitForSignal() {

258
            while (!signal) {

259
                try {

260
                    wait();

261
                } catch (InterruptedException ex) {

262
                    // do nothing

263
                }

264
            }

265
            signal = false;

266


267
            try {

268
                Thread.sleep(1000);

269
            } catch (InterruptedException ex) {

270
                // do nothing

271
            }

272
        }

273
        public synchronized void signal() {

274
            signal = true;

275
            notify();

276
        }

277


278
        public void run() {

279
            try {

280


281
                SSLContext sc = SSLContext.getDefault();

282


283
                waitForSignal();

284
                while (go) {

285
                    try {

286
                        SSLSocket sock = (SSLSocket)

287
                            sc.getSocketFactory().createSocket();

288
                        sock.connect(new InetSocketAddress("localhost", port));

289
                        PrintWriter out = new PrintWriter(

290
                            new OutputStreamWriter(sock.getOutputStream()));

291
                        out.println("message");

292
                        out.flush();

293
                        BufferedReader reader = new BufferedReader(

294
                            new InputStreamReader(sock.getInputStream()));

295
                        String inMsg = reader.readLine();

296
                        System.out.println("Client received: " + inMsg);

297
                        out.close();

298
                        sock.close();

299
                        waitForSignal();

300
                    } catch (Exception ex) {

301
                        ex.printStackTrace();

302
                    }

303
                }

304
            } catch (Exception ex) {

305
                throw new RuntimeException(ex);

306
            }

307
        }

308
    }

309
}

310


311