1 /* 2 * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 // 25 // SunJSSE does not support dynamic system properties, no way to re-use 26 // system properties in samevm/agentvm mode. 27 // 28 29 /* 30 * @test 31 * @bug 4495742 32 * @summary Demonstrate SSLEngine switch from no client auth to client auth. 33 * @run main/othervm NoAuthClientAuth SSLv3 34 * @run main/othervm NoAuthClientAuth TLSv1 35 * @run main/othervm NoAuthClientAuth TLSv1.1 36 * @run main/othervm NoAuthClientAuth TLSv1.2 37 * @author Brad R. Wetmore 38 */ 39 40 /** 41 * A SSLEngine usage example which simplifies the presentation 42 * by removing the I/O and multi-threading concerns. 43 * 44 * The test creates two SSLEngines, simulating a client and server. 45 * The "transport" layer consists two byte buffers: think of them 46 * as directly connected pipes. 47 * 48 * Note, this is a *very* simple example: real code will be much more 49 * involved. For example, different threading and I/O models could be 50 * used, transport mechanisms could close unexpectedly, and so on. 51 * 287 if (hsCompleted == 2) { 288 log("Closing server."); 289 serverEngine.closeOutbound(); 290 } 291 } 292 } 293 294 /* 295 * Using the SSLContext created during object creation, 296 * create/configure the SSLEngines we'll use for this test. 297 */ 298 private void createSSLEngines() throws Exception { 299 /* 300 * Configure the serverEngine to act as a server in the SSL/TLS 301 * handshake. Also, require SSL client authentication. 302 */ 303 serverEngine = sslc.createSSLEngine(); 304 serverEngine.setUseClientMode(false); 305 serverEngine.setNeedClientAuth(false); 306 307 /* 308 * Similar to above, but using client mode instead. 309 */ 310 clientEngine = sslc.createSSLEngine("client", 80); 311 clientEngine.setUseClientMode(true); 312 clientEngine.setEnabledProtocols(new String[] { tlsProtocol }); 313 } 314 315 /* 316 * Create and size the buffers appropriately. 317 */ 318 private void createBuffers() { 319 320 /* 321 * We'll assume the buffer sizes are the same 322 * between client and server. 323 */ 324 SSLSession session = clientEngine.getSession(); 325 int appBufferMax = session.getApplicationBufferSize(); 326 int netBufferMax = session.getPacketBufferSize(); | 1 /* 2 * Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 // 25 // SunJSSE does not support dynamic system properties, no way to re-use 26 // system properties in samevm/agentvm mode. 27 // 28 29 /* 30 * @test 31 * @bug 4495742 8190492 32 * @summary Demonstrate SSLEngine switch from no client auth to client auth. 33 * @run main/othervm NoAuthClientAuth SSLv3 34 * @run main/othervm NoAuthClientAuth TLSv1 35 * @run main/othervm NoAuthClientAuth TLSv1.1 36 * @run main/othervm NoAuthClientAuth TLSv1.2 37 * @author Brad R. Wetmore 38 */ 39 40 /** 41 * A SSLEngine usage example which simplifies the presentation 42 * by removing the I/O and multi-threading concerns. 43 * 44 * The test creates two SSLEngines, simulating a client and server. 45 * The "transport" layer consists two byte buffers: think of them 46 * as directly connected pipes. 47 * 48 * Note, this is a *very* simple example: real code will be much more 49 * involved. For example, different threading and I/O models could be 50 * used, transport mechanisms could close unexpectedly, and so on. 51 * 287 if (hsCompleted == 2) { 288 log("Closing server."); 289 serverEngine.closeOutbound(); 290 } 291 } 292 } 293 294 /* 295 * Using the SSLContext created during object creation, 296 * create/configure the SSLEngines we'll use for this test. 297 */ 298 private void createSSLEngines() throws Exception { 299 /* 300 * Configure the serverEngine to act as a server in the SSL/TLS 301 * handshake. Also, require SSL client authentication. 302 */ 303 serverEngine = sslc.createSSLEngine(); 304 serverEngine.setUseClientMode(false); 305 serverEngine.setNeedClientAuth(false); 306 307 // Enable all supported protocols on server side to test SSLv3 308 if ("SSLv3".equals(tlsProtocol)) { 309 serverEngine.setEnabledProtocols(serverEngine.getSupportedProtocols()); 310 } 311 312 /* 313 * Similar to above, but using client mode instead. 314 */ 315 clientEngine = sslc.createSSLEngine("client", 80); 316 clientEngine.setUseClientMode(true); 317 clientEngine.setEnabledProtocols(new String[] { tlsProtocol }); 318 } 319 320 /* 321 * Create and size the buffers appropriately. 322 */ 323 private void createBuffers() { 324 325 /* 326 * We'll assume the buffer sizes are the same 327 * between client and server. 328 */ 329 SSLSession session = clientEngine.getSession(); 330 int appBufferMax = session.getApplicationBufferSize(); 331 int netBufferMax = session.getPacketBufferSize(); |