| /* |
| * Copyright (c) 2020, Oracle and/or its affiliates. All rights reserved. |
| * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
| * |
| * This code is free software; you can redistribute it and/or modify it |
| * under the terms of the GNU General Public License version 2 only, as |
| * published by the Free Software Foundation. |
| * |
| * This code is distributed in the hope that it will be useful, but WITHOUT |
| * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
| * version 2 for more details (a copy is included in the LICENSE file that |
| * accompanied this code). |
| * |
| * You should have received a copy of the GNU General Public License version |
| * 2 along with this work; if not, write to the Free Software Foundation, |
| * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
| * |
| * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
| * or visit www.oracle.com if you need additional information or have any |
| * questions. |
| */ |
| |
| /* |
| * @test |
| * @summary This is an interop compatibility test on TLSv1.3 hello retry request. |
| * |
| * @library /test/lib |
| * ../TLSCommon |
| * ../TLSCommon/interop |
| * @compile -source 1.8 -target 1.8 |
| * JdkInfoUtils.java |
| * ../TLSCommon/interop/JdkProcServer.java |
| * ../TLSCommon/interop/JdkProcClient.java |
| * @run main/manual HrrTest true |
| * @run main/manual HrrTest false |
| */ |
| |
| import java.util.ArrayList; |
| import java.util.List; |
| import java.util.Set; |
| |
| import jdk.test.lib.security.CertUtils; |
| |
| public class HrrTest extends ExtInteropTest { |
| |
| private JdkInfo serverJdkInfo; |
| private JdkInfo clientJdkInfo; |
| |
| public HrrTest(JdkInfo serverJdkInfo, JdkInfo clientJdkInfo) { |
| super(new Jdk(serverJdkInfo.version, serverJdkInfo.javaPath), |
| new Jdk(clientJdkInfo.version, clientJdkInfo.javaPath)); |
| |
| this.serverJdkInfo = serverJdkInfo; |
| this.clientJdkInfo = clientJdkInfo; |
| } |
| |
| @Override |
| protected boolean skipExecute() { |
| return super.skipExecute() || !supportsTLSv1_3(); |
| } |
| |
| private boolean supportsTLSv1_3() { |
| boolean supported = true; |
| |
| if (!serverJdkInfo.enablesProtocol(Protocol.TLSV1_3)) { |
| System.out.println("The server doesn't support TLSv1.3."); |
| supported = false; |
| } |
| |
| if (!clientJdkInfo.enablesProtocol(Protocol.TLSV1_3)) { |
| System.out.println("The client doesn't support TLSv1.3."); |
| supported = false; |
| } |
| |
| return supported; |
| } |
| |
| /* |
| * It takes the server to support secp384r1 only, and the client to support |
| * secp256r1 and secp384r1 in order, the server should respond hello retry |
| * request message. |
| * Please note that it has to specify the supported groups via property |
| * jdk.tls.namedGroups for JSSE peers. |
| */ |
| @Override |
| protected List<TestCase<ExtUseCase>> getTestCases() { |
| List<TestCase<ExtUseCase>> testCases = new ArrayList<>(); |
| for (CipherSuite cipherSuite : new CipherSuite[] { |
| CipherSuite.TLS_AES_128_GCM_SHA256, |
| CipherSuite.TLS_AES_256_GCM_SHA384}) { |
| testCases.add(createTestCase(cipherSuite)); |
| } |
| return testCases; |
| } |
| |
| private TestCase<ExtUseCase> createTestCase(CipherSuite cipherSuite) { |
| Cert cert = new Cert(KeyAlgorithm.RSA, SignatureAlgorithm.RSA, |
| HashAlgorithm.SHA256, CertUtils.RSA_CERT, CertUtils.RSA_KEY); |
| CertTuple certTuple = new CertTuple(cert, cert); |
| |
| ExtUseCase serverCase = ExtUseCase.newInstance(); |
| serverCase.setCertTuple(certTuple); |
| serverCase.setNamedGroups(NamedGroup.SECP384R1); |
| |
| ExtUseCase clientCase = ExtUseCase.newInstance(); |
| clientCase.setCertTuple(certTuple); |
| clientCase.setProtocols(Protocol.TLSV1_3); |
| clientCase.setCipherSuites(cipherSuite); |
| clientCase.setNamedGroups(NamedGroup.SECP256R1, NamedGroup.SECP384R1); |
| |
| return new TestCase<ExtUseCase>(serverCase, clientCase); |
| } |
| |
| @Override |
| protected boolean ignoreTestCase(TestCase<ExtUseCase> testCase) { |
| CipherSuite cipherSuite = testCase.clientCase.getCipherSuite(); |
| return !serverJdkInfo.enablesCipherSuite(cipherSuite) |
| || !clientJdkInfo.supportsCipherSuite(cipherSuite); |
| } |
| |
| @Override |
| protected JdkProcServer.Builder createServerBuilder(ExtUseCase useCase) |
| throws Exception { |
| JdkProcServer.Builder builder = new JdkProcServer.Builder(); |
| builder.setJdk((Jdk) serverProduct); |
| builder.setCertTuple(useCase.getCertTuple()); |
| builder.setProtocols(useCase.getProtocols()); |
| builder.setCipherSuites(useCase.getCipherSuites()); |
| builder.setClientAuth(useCase.isClientAuth()); |
| builder.setServerNames(useCase.getServerNames()); |
| builder.setAppProtocols(useCase.getAppProtocols()); |
| builder.setNamedGroups(useCase.getNamedGroups()); |
| return builder; |
| } |
| |
| @Override |
| protected JdkProcClient.Builder createClientBuilder(ExtUseCase useCase) |
| throws Exception { |
| JdkProcClient.Builder builder = new JdkProcClient.Builder(); |
| builder.setJdk((Jdk) clientProduct); |
| builder.setCertTuple(useCase.getCertTuple()); |
| builder.setProtocols(useCase.getProtocols()); |
| builder.setCipherSuites(useCase.getCipherSuites()); |
| builder.setServerNames(useCase.getServerNames()); |
| builder.setAppProtocols(useCase.getAppProtocols()); |
| builder.setNamedGroups(useCase.getNamedGroups()); |
| return builder; |
| } |
| |
| public static void main(String[] args) throws Exception { |
| Boolean defaultJdkAsServer = Boolean.valueOf(args[0]); |
| |
| Set<JdkInfo> jdkInfos = Utils.jdkInfoList(); |
| for (JdkInfo jdkInfo : jdkInfos) { |
| HrrTest test = new HrrTest( |
| defaultJdkAsServer ? JdkInfo.DEFAULT : jdkInfo, |
| defaultJdkAsServer ? jdkInfo : JdkInfo.DEFAULT); |
| test.execute(); |
| } |
| } |
| } |