Skip to content

8306014: Update javax.net.ssl TLS tests to use SSLContextTemplate or SSLEngineTemplate #2156

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
GoeLin wants to merge 1 commit into from
Closed

8306014: Update javax.net.ssl TLS tests to use SSLContextTemplate or SSLEngineTemplate #2156

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
163 changes: 12 additions & 151 deletions test/jdk/javax/net/ssl/ALPN/SSLEngineAlpnTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
Expand Down Expand Up @@ -28,6 +28,7 @@
* @test
* @bug 8051498 8145849 8170282
* @summary JEP 244: TLS Application-Layer Protocol Negotiation Extension
* @library /javax/net/ssl/templates
*
* @run main/othervm SSLEngineAlpnTest h2 UNUSED h2 h2
* @run main/othervm SSLEngineAlpnTest h2 UNUSED h2,http/1.1 h2
Expand Down Expand Up @@ -124,12 +125,9 @@
*/
import javax.net.ssl.*;
import javax.net.ssl.SSLEngineResult.*;
import java.io.*;
import java.security.*;
import java.nio.*;
import java.util.Arrays;

public class SSLEngineAlpnTest {
public class SSLEngineAlpnTest extends SSLEngineTemplate {

/*
* Enables logging of the SSLEngine operations.
Expand All @@ -147,41 +145,8 @@ public class SSLEngineAlpnTest {
*/
private static final boolean debug = false;

private static boolean hasServerAPs; // whether server APs are present
private static boolean hasCallback; // whether a callback is present

private final SSLContext sslc;

private SSLEngine clientEngine; // client Engine
private ByteBuffer clientOut; // write side of clientEngine
private ByteBuffer clientIn; // read side of clientEngine

private SSLEngine serverEngine; // server Engine
private ByteBuffer serverOut; // write side of serverEngine
private ByteBuffer serverIn; // read side of serverEngine

/*
* For data transport, this example uses local ByteBuffers. This
* isn't really useful, but the purpose of this example is to show
* SSLEngine concepts, not how to do network transport.
*/
private ByteBuffer cTOs; // "reliable" transport client->server
private ByteBuffer sTOc; // "reliable" transport server->client

/*
* The following is to set up the keystores.
*/
private static final String pathToStores = "../etc";
private static final String keyStoreFile = "keystore";
private static final String trustStoreFile = "truststore";
private static final String passwd = "passphrase";

private static final String keyFilename
= System.getProperty("test.src", ".") + "/" + pathToStores
+ "/" + keyStoreFile;
private static final String trustFilename
= System.getProperty("test.src", ".") + "/" + pathToStores
+ "/" + trustStoreFile;

/*
* Main entry point for this test.
Expand All @@ -198,10 +163,9 @@ public static void main(String args[]) throws Exception {
throw new Exception("Invalid number of test parameters");
}

hasServerAPs = !args[0].equals("UNUSED"); // are server APs being used?
hasCallback = !args[1].equals("UNUSED"); // is callback being used?

SSLEngineAlpnTest test = new SSLEngineAlpnTest(args[3]);
SSLEngineAlpnTest test = new SSLEngineAlpnTest();
try {
test.runTest(convert(args[0]), args[1], convert(args[2]), args[3]);
} catch (SSLHandshakeException she) {
Expand All @@ -215,35 +179,8 @@ public static void main(String args[]) throws Exception {
System.out.println("Test Passed.");
}

/*
* Create an initialized SSLContext to use for these tests.
*/
public SSLEngineAlpnTest(String expectedAP) throws Exception {

KeyStore ks = KeyStore.getInstance("JKS");
KeyStore ts = KeyStore.getInstance("JKS");

char[] passphrase = "passphrase".toCharArray();

ks.load(new FileInputStream(keyFilename), passphrase);
ts.load(new FileInputStream(trustFilename), passphrase);

KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, passphrase);

KeyManager [] kms = kmf.getKeyManagers();
if (!(kms[0] instanceof X509ExtendedKeyManager)) {
throw new Exception("kms[0] not X509ExtendedKeyManager");
}

TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
tmf.init(ts);

SSLContext sslCtx = SSLContext.getInstance("TLS");

sslCtx.init(kms, tmf.getTrustManagers(), null);

sslc = sslCtx;
public SSLEngineAlpnTest() throws Exception {
super();
}

/*
Expand Down Expand Up @@ -290,8 +227,7 @@ private void runTest(String[] serverAPs, String callbackAP,

boolean dataDone = false;

createSSLEngines(serverAPs, callbackAP, clientAPs);
createBuffers();
configureSSLEngines(serverAPs, callbackAP, clientAPs);

SSLEngineResult clientResult; // results from client's last operation
SSLEngineResult serverResult; // results from server's last operation
Expand All @@ -311,12 +247,12 @@ private void runTest(String[] serverAPs, String callbackAP,

clientResult = clientEngine.wrap(clientOut, cTOs);
log("client wrap: ", clientResult);
runDelegatedTasks(clientResult, clientEngine);
runDelegatedTasks(clientEngine);
checkAPResult(clientEngine, clientResult, expectedAP);

serverResult = serverEngine.wrap(serverOut, sTOc);
log("server wrap: ", serverResult);
runDelegatedTasks(serverResult, serverEngine);
runDelegatedTasks(serverEngine);
checkAPResult(serverEngine, serverResult, expectedAP);

cTOs.flip();
Expand All @@ -326,12 +262,12 @@ private void runTest(String[] serverAPs, String callbackAP,

clientResult = clientEngine.unwrap(sTOc, clientIn);
log("client unwrap: ", clientResult);
runDelegatedTasks(clientResult, clientEngine);
runDelegatedTasks(clientEngine);
checkAPResult(clientEngine, clientResult, expectedAP);

serverResult = serverEngine.unwrap(cTOs, serverIn);
log("server unwrap: ", serverResult);
runDelegatedTasks(serverResult, serverEngine);
runDelegatedTasks(serverEngine);
checkAPResult(serverEngine, serverResult, expectedAP);

cTOs.compact();
Expand Down Expand Up @@ -403,13 +339,12 @@ private static void checkAPResult(SSLEngine engine, SSLEngineResult result,
* Using the SSLContext created during object creation,
* create/configure the SSLEngines we'll use for this test.
*/
private void createSSLEngines(String[] serverAPs, String callbackAP,
private void configureSSLEngines(String[] serverAPs, String callbackAP,
String[] clientAPs) throws Exception {
/*
* Configure the serverEngine to act as a server in the SSL/TLS
* handshake. Also, require SSL client authentication.
*/
serverEngine = sslc.createSSLEngine();
serverEngine.setUseClientMode(false);

SSLParameters sslp = serverEngine.getSSLParameters();
Expand Down Expand Up @@ -454,7 +389,6 @@ private void createSSLEngines(String[] serverAPs, String callbackAP,
/*
* Similar to above, but using client mode instead.
*/
clientEngine = sslc.createSSLEngine("client", 80);
clientEngine.setUseClientMode(true);
sslp = clientEngine.getSSLParameters();
if (clientAPs != null) {
Expand All @@ -469,83 +403,10 @@ private void createSSLEngines(String[] serverAPs, String callbackAP,
}
}

/*
* Create and size the buffers appropriately.
*/
private void createBuffers() {

/*
* We'll assume the buffer sizes are the same
* between client and server.
*/
SSLSession session = clientEngine.getSession();
int appBufferMax = session.getApplicationBufferSize();
int netBufferMax = session.getPacketBufferSize();

/*
* We'll make the input buffers a bit bigger than the max needed
* size, so that unwrap()s following a successful data transfer
* won't generate BUFFER_OVERFLOWS.
*
* We'll use a mix of direct and indirect ByteBuffers for
* tutorial purposes only. In reality, only use direct
* ByteBuffers when they give a clear performance enhancement.
*/
clientIn = ByteBuffer.allocate(appBufferMax + 50);
serverIn = ByteBuffer.allocate(appBufferMax + 50);

cTOs = ByteBuffer.allocateDirect(netBufferMax);
sTOc = ByteBuffer.allocateDirect(netBufferMax);

clientOut = ByteBuffer.wrap("Hi Server, I'm Client".getBytes());
serverOut = ByteBuffer.wrap("Hello Client, I'm Server".getBytes());
}

/*
* If the result indicates that we have outstanding tasks to do,
* go ahead and run them in this thread.
*/
private static void runDelegatedTasks(SSLEngineResult result,
SSLEngine engine) throws Exception {

if (result.getHandshakeStatus() == HandshakeStatus.NEED_TASK) {
Runnable runnable;
while ((runnable = engine.getDelegatedTask()) != null) {
log("\trunning delegated task...");
runnable.run();
}
HandshakeStatus hsStatus = engine.getHandshakeStatus();
if (hsStatus == HandshakeStatus.NEED_TASK) {
throw new Exception(
"handshake shouldn't need additional tasks");
}
log("\tnew HandshakeStatus: " + hsStatus);
}
}

private static boolean isEngineClosed(SSLEngine engine) {
return (engine.isOutboundDone() && engine.isInboundDone());
}

/*
* Simple check to make sure everything came across as expected.
*/
private static void checkTransfer(ByteBuffer a, ByteBuffer b)
throws Exception {
a.flip();
b.flip();

if (!a.equals(b)) {
throw new Exception("Data didn't transfer cleanly");
} else {
log("\tData transferred cleanly");
}

a.position(a.limit());
b.position(b.limit());
a.limit(a.capacity());
b.limit(b.capacity());
}

/*
* Logging code
Expand Down
Loading