/* * Copyright (c) 2020, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License version 2 only, as * published by the Free Software Foundation. * * This code is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * version 2 for more details (a copy is included in the LICENSE file that * accompanied this code). * * You should have received a copy of the GNU General Public License version * 2 along with this work; if not, write to the Free Software Foundation, * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. * * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA * or visit www.oracle.com if you need additional information or have any * questions. */ /* * @test * @summary This is an interop compatibility test on TLSv1.3 hello retry request. * * @library /test/lib * ../TLSCommon * ../TLSCommon/interop * @compile -source 1.8 -target 1.8 * JdkInfoUtils.java * ../TLSCommon/interop/JdkProcServer.java * ../TLSCommon/interop/JdkProcClient.java * @run main/manual HrrTest true * @run main/manual HrrTest false */ import java.util.ArrayList; import java.util.List; import java.util.Set; import jdk.test.lib.security.CertUtils; public class HrrTest extends ExtInteropTest { private JdkInfo serverJdkInfo; private JdkInfo clientJdkInfo; public HrrTest(JdkInfo serverJdkInfo, JdkInfo clientJdkInfo) { super(new Jdk(serverJdkInfo.version, serverJdkInfo.javaPath), new Jdk(clientJdkInfo.version, clientJdkInfo.javaPath)); this.serverJdkInfo = serverJdkInfo; this.clientJdkInfo = clientJdkInfo; } @Override protected boolean skipExecute() { return super.skipExecute() || !supportsTLSv1_3(); } private boolean supportsTLSv1_3() { boolean supported = true; if (!serverJdkInfo.enablesProtocol(Protocol.TLSV1_3)) { System.out.println("The server doesn't support TLSv1.3."); supported = false; } if (!clientJdkInfo.enablesProtocol(Protocol.TLSV1_3)) { System.out.println("The client doesn't support TLSv1.3."); supported = false; } return supported; } /* * It takes the server to support secp384r1 only, and the client to support * secp256r1 and secp384r1 in order, the server should respond hello retry * request message. * Please note that it has to specify the supported groups via property * jdk.tls.namedGroups for JSSE peers. */ @Override protected List> getTestCases() { List> testCases = new ArrayList<>(); for (CipherSuite cipherSuite : new CipherSuite[] { CipherSuite.TLS_AES_128_GCM_SHA256, CipherSuite.TLS_AES_256_GCM_SHA384, CipherSuite.TLS_CHACHA20_POLY1305_SHA256}) { testCases.add(createTestCase(cipherSuite)); } return testCases; } private TestCase createTestCase(CipherSuite cipherSuite) { Cert cert = new Cert(KeyAlgorithm.RSA, SignatureAlgorithm.RSA, HashAlgorithm.SHA256, CertUtils.RSA_CERT, CertUtils.RSA_KEY); CertTuple certTuple = new CertTuple(cert, cert); ExtUseCase serverCase = ExtUseCase.newInstance(); serverCase.setCertTuple(certTuple); serverCase.setNamedGroups(NamedGroup.SECP384R1); ExtUseCase clientCase = ExtUseCase.newInstance(); clientCase.setCertTuple(certTuple); clientCase.setProtocols(Protocol.TLSV1_3); clientCase.setCipherSuites(cipherSuite); clientCase.setNamedGroups(NamedGroup.SECP256R1, NamedGroup.SECP384R1); return new TestCase(serverCase, clientCase); } @Override protected boolean ignoreTestCase(TestCase testCase) { CipherSuite cipherSuite = testCase.clientCase.getCipherSuite(); return !serverJdkInfo.enablesCipherSuite(cipherSuite) || !clientJdkInfo.supportsCipherSuite(cipherSuite); } @Override protected JdkProcServer.Builder createServerBuilder(ExtUseCase useCase) throws Exception { JdkProcServer.Builder builder = new JdkProcServer.Builder(); builder.setJdk((Jdk) serverProduct); builder.setCertTuple(useCase.getCertTuple()); builder.setProtocols(useCase.getProtocols()); builder.setCipherSuites(useCase.getCipherSuites()); builder.setClientAuth(useCase.isClientAuth()); builder.setServerNames(useCase.getServerNames()); builder.setAppProtocols(useCase.getAppProtocols()); builder.setNamedGroups(useCase.getNamedGroups()); return builder; } @Override protected JdkProcClient.Builder createClientBuilder(ExtUseCase useCase) throws Exception { JdkProcClient.Builder builder = new JdkProcClient.Builder(); builder.setJdk((Jdk) clientProduct); builder.setCertTuple(useCase.getCertTuple()); builder.setProtocols(useCase.getProtocols()); builder.setCipherSuites(useCase.getCipherSuites()); builder.setServerNames(useCase.getServerNames()); builder.setAppProtocols(useCase.getAppProtocols()); builder.setNamedGroups(useCase.getNamedGroups()); return builder; } public static void main(String[] args) throws Exception { Boolean defaultJdkAsServer = Boolean.valueOf(args[0]); Set jdkInfos = Utils.jdkInfoList(); for (JdkInfo jdkInfo : jdkInfos) { HrrTest test = new HrrTest( defaultJdkAsServer ? JdkInfo.DEFAULT : jdkInfo, defaultJdkAsServer ? jdkInfo : JdkInfo.DEFAULT); test.execute(); } } }