1 /*
2  * Copyright (c) 2020, Oracle and/or its affiliates. All rights reserved.
3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4  *
5  * This code is free software; you can redistribute it and/or modify it
6  * under the terms of the GNU General Public License version 2 only, as
7  * published by the Free Software Foundation.
8  *
9  * This code is distributed in the hope that it will be useful, but WITHOUT
10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12  * version 2 for more details (a copy is included in the LICENSE file that
13  * accompanied this code).
14  *
15  * You should have received a copy of the GNU General Public License version
16  * 2 along with this work; if not, write to the Free Software Foundation,
17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18  *
19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20  * or visit www.oracle.com if you need additional information or have any
21  * questions.
22  */
23 
24 /*
25  * @test
26  * @summary This is an interop compatibility test on basic handshaking and
27  *     client authentication against all SSL/TLS protocols.
28  *
29  * @library /test/lib
30  *          ../TLSCommon
31  *          ../TLSCommon/interop
32  * @compile -source 1.8 -target 1.8
33  *          JdkInfoUtils.java
34  *          ../TLSCommon/interop/JdkProcServer.java
35  *          ../TLSCommon/interop/JdkProcClient.java
36  * @run main/manual BasicConnectTest true
37  * @run main/manual BasicConnectTest false
38  */
39 
40 import java.nio.file.Paths;
41 import java.util.ArrayList;
42 import java.util.List;
43 import java.util.Set;
44 
45 public class BasicConnectTest extends BaseInteropTest<UseCase> {
46 
47     private JdkInfo serverJdkInfo;
48     private JdkInfo clientJdkInfo;
49 
BasicConnectTest(JdkInfo serverJdkInfo, JdkInfo clientJdkInfo)50     public BasicConnectTest(JdkInfo serverJdkInfo, JdkInfo clientJdkInfo) {
51         super(new Jdk(serverJdkInfo.version, serverJdkInfo.javaPath),
52               new Jdk(clientJdkInfo.version, clientJdkInfo.javaPath));
53 
54         this.serverJdkInfo = serverJdkInfo;
55         this.clientJdkInfo = clientJdkInfo;
56     }
57 
58     @Override
getTestCases()59     protected List<TestCase<UseCase>> getTestCases() {
60         List<TestCase<UseCase>> useCases = new ArrayList<>();
61         for (Protocol protocol : new Protocol[] {
62                 Protocol.SSLV3,
63                 Protocol.TLSV1,
64                 Protocol.TLSV1_1,
65                 Protocol.TLSV1_2,
66                 Protocol.TLSV1_3 }) {
67             for (CipherSuite cipherSuite : Utilities.ALL_CIPHER_SUITES) {
68                 if (!cipherSuite.supportedByProtocol(protocol)) {
69                     continue;
70                 }
71 
72                 Cert cert = Utils.getCert(cipherSuite.keyExAlgorithm);
73                 CertTuple certTuple = new CertTuple(cert, cert);
74 
75                 UseCase serverCase = UseCase.newInstance()
76                         .setCertTuple(certTuple)
77                         .setClientAuth(true);
78 
79                 UseCase clientCase = UseCase.newInstance()
80                         .setCertTuple(certTuple)
81                         .setProtocols(protocol)
82                         .setCipherSuites(cipherSuite);
83 
84                 useCases.add(new TestCase<UseCase>(serverCase, clientCase));
85             }
86         }
87         return useCases;
88     }
89 
90     @Override
ignoreTestCase(TestCase<UseCase> testCase)91     protected boolean ignoreTestCase(TestCase<UseCase> testCase) {
92         Protocol protocol = testCase.clientCase.getProtocol();
93         CipherSuite cipherSuite = testCase.clientCase.getCipherSuite();
94         return !supportsProtocol(protocol)
95                 || !supportsCipherSuite(cipherSuite)
96                 // DHE_DSS cipher suites cannot work with pre-TLSv1.2 protocols,
97                 // see JDK-8242928 for more details.
98                 || (protocol.id < Protocol.TLSV1_2.id
99                         && (cipherSuite.keyExAlgorithm == KeyExAlgorithm.DHE_DSS
100                                 || cipherSuite.keyExAlgorithm == KeyExAlgorithm.DHE_DSS_EXPORT));
101     }
102 
supportsProtocol(Protocol protocol)103     private boolean supportsProtocol(Protocol protocol) {
104         return serverJdkInfo.enablesProtocol(protocol)
105                 && clientJdkInfo.supportsProtocol(protocol);
106     }
107 
supportsCipherSuite(CipherSuite cipherSuite)108     private boolean supportsCipherSuite(CipherSuite cipherSuite) {
109         return serverJdkInfo.enablesCipherSuite(cipherSuite)
110                 && clientJdkInfo.supportsCipherSuite(cipherSuite);
111     }
112 
113     @Override
createServerBuilder(UseCase useCase)114     protected AbstractServer.Builder createServerBuilder(UseCase useCase)
115             throws Exception {
116         return serverJdkInfo == JdkInfo.DEFAULT
117                ? createJdkServerBuilder(useCase)
118                : createAltJdkServerBuilder(useCase);
119     }
120 
createJdkServerBuilder(UseCase useCase)121     private JdkServer.Builder createJdkServerBuilder(UseCase useCase) {
122         JdkServer.Builder builder = new JdkServer.Builder();
123         builder.setCertTuple(useCase.getCertTuple());
124         builder.setProtocols(useCase.getProtocols());
125         builder.setCipherSuites(useCase.getCipherSuites());
126         builder.setClientAuth(useCase.isClientAuth());
127         return builder;
128     }
129 
createAltJdkServerBuilder(UseCase useCase)130     private JdkProcServer.Builder createAltJdkServerBuilder(UseCase useCase) {
131         JdkProcServer.Builder builder = new JdkProcServer.Builder();
132         builder.setJdk((Jdk) serverProduct);
133         builder.setSecPropsFile(Paths.get(Utils.SEC_PROPS_FILE));
134         builder.setCertTuple(useCase.getCertTuple());
135         builder.setProtocols(useCase.getProtocols());
136         builder.setCipherSuites(useCase.getCipherSuites());
137         builder.setClientAuth(useCase.isClientAuth());
138         return builder;
139     }
140 
141     @Override
createClientBuilder(UseCase useCase)142     protected AbstractClient.Builder createClientBuilder(UseCase useCase)
143             throws Exception {
144         return serverJdkInfo == JdkInfo.DEFAULT
145                ? createJdkClientBuilder(useCase)
146                : createAltJdkClientBuilder(useCase);
147     }
148 
createJdkClientBuilder(UseCase useCase)149     private JdkClient.Builder createJdkClientBuilder(UseCase useCase) {
150         JdkClient.Builder builder = new JdkClient.Builder();
151         builder.setCertTuple(useCase.getCertTuple());
152         builder.setProtocols(useCase.getProtocols());
153         builder.setCipherSuites(useCase.getCipherSuites());
154         return builder;
155     }
156 
createAltJdkClientBuilder(UseCase useCase)157     private JdkProcClient.Builder createAltJdkClientBuilder(UseCase useCase) {
158         JdkProcClient.Builder builder = new JdkProcClient.Builder();
159         builder.setJdk((Jdk) clientProduct);
160         builder.setSecPropsFile(Paths.get(Utils.SEC_PROPS_FILE));
161         builder.setCertTuple(useCase.getCertTuple());
162         builder.setProtocols(useCase.getProtocols());
163         builder.setCipherSuites(useCase.getCipherSuites());
164         return builder;
165     }
166 
main(String[] args)167     public static void main(String[] args) throws Exception {
168         Boolean defaultJdkAsServer = Boolean.valueOf(args[0]);
169 
170         System.setProperty("java.security.properties", Utils.SEC_PROPS_FILE);
171 
172         Set<JdkInfo> jdkInfos = Utils.jdkInfoList();
173         for (JdkInfo jdkInfo : jdkInfos) {
174             BasicConnectTest test = new BasicConnectTest(
175                     defaultJdkAsServer ? JdkInfo.DEFAULT : jdkInfo,
176                     defaultJdkAsServer ? jdkInfo : JdkInfo.DEFAULT);
177             test.execute();
178         }
179     }
180 }
181