changeset 42990:9edd5241610a

8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out Reviewed-by: coffeys, xuelei Contributed-by: Tim Du <tiantian.du@oracle.com>
author tidu
date Tue, 03 Jan 2017 22:26:51 -0800
parents 224e91ad76c4
children 174ff3aebaf7
files jdk/test/javax/net/ssl/TLSv12/DisabledShortRSAKeys.java
diffstat 1 files changed, 33 insertions(+), 219 deletions(-) [+]
line wrap: on
line diff
--- a/jdk/test/javax/net/ssl/TLSv12/DisabledShortRSAKeys.java	Tue Jan 03 21:05:46 2017 -0800
+++ b/jdk/test/javax/net/ssl/TLSv12/DisabledShortRSAKeys.java	Tue Jan 03 22:26:51 2017 -0800
@@ -31,7 +31,7 @@
  * @bug 7109274
  * @summary Consider disabling support for X.509 certificates with RSA keys
  *          less than 1024 bits
- *
+ * @library /javax/net/ssl/templates
  * @run main/othervm DisabledShortRSAKeys PKIX TLSv1.2
  * @run main/othervm DisabledShortRSAKeys SunX509 TLSv1.2
  * @run main/othervm DisabledShortRSAKeys PKIX TLSv1.1
@@ -56,20 +56,7 @@
 import java.util.Base64;
 
 
-public class DisabledShortRSAKeys {
-
-    /*
-     * =============================================================
-     * Set the various variables needed for the tests, then
-     * specify what tests to run on each side.
-     */
-
-    /*
-     * Should we run the client or server in a separate thread?
-     * Both sides can throw exceptions, but do you have a preference
-     * as to which side should be the main thread.
-     */
-    static boolean separateServerThread = true;
+public class DisabledShortRSAKeys extends SSLSocketTemplate {
 
     /*
      * Where do we find the keystores?
@@ -123,81 +110,50 @@
     static char passphrase[] = "passphrase".toCharArray();
 
     /*
-     * Is the server ready to serve?
-     */
-    volatile static boolean serverReady = false;
-
-    /*
      * Turn on SSL debugging?
      */
     static boolean debug = false;
 
-    /*
-     * Define the server side of the test.
-     *
-     * If the server prematurely exits, serverReady will be set to true
-     * to avoid infinite hangs.
-     */
-    void doServerSide() throws Exception {
-        SSLContext context = generateSSLContext(null, targetCertStr,
-                                            targetPrivateKey);
-        SSLServerSocketFactory sslssf = context.getServerSocketFactory();
-        SSLServerSocket sslServerSocket =
-            (SSLServerSocket)sslssf.createServerSocket(serverPort);
-        serverPort = sslServerSocket.getLocalPort();
+    @Override
+    protected SSLContext createClientSSLContext() throws Exception {
+        return generateSSLContext(trustedCertStr, null, null);
+    }
 
-        /*
-         * Signal Client, we're ready for his connect.
-         */
-        serverReady = true;
+    @Override
+    protected SSLContext createServerSSLContext() throws Exception {
+        return generateSSLContext(null, targetCertStr, targetPrivateKey);
+    }
 
-        try (SSLSocket sslSocket = (SSLSocket)sslServerSocket.accept()) {
-            try (InputStream sslIS = sslSocket.getInputStream()) {
+    @Override
+    protected void runServerApplication(SSLSocket socket) throws Exception {
+        try {
+            try (InputStream sslIS = socket.getInputStream()) {
                 sslIS.read();
             }
-
-            throw new Exception(
-                    "RSA keys shorter than 1024 bits should be disabled");
+            throw new Exception("RSA keys shorter than 1024 bits should be disabled");
         } catch (SSLHandshakeException sslhe) {
             // the expected exception, ignore
         }
+
     }
 
-    /*
-     * Define the client side of the test.
-     *
-     * If the server prematurely exits, serverReady will be set to true
-     * to avoid infinite hangs.
-     */
-    void doClientSide() throws Exception {
+    @Override
+    protected void runClientApplication(SSLSocket socket) throws Exception {
 
-        /*
-         * Wait for server to get started.
-         */
-        while (!serverReady) {
-            Thread.sleep(50);
-        }
-
-        SSLContext context = generateSSLContext(trustedCertStr, null, null);
-        SSLSocketFactory sslsf = context.getSocketFactory();
-
-        try (SSLSocket sslSocket =
-            (SSLSocket)sslsf.createSocket("localhost", serverPort)) {
+        try {
 
             // only enable the target protocol
-            sslSocket.setEnabledProtocols(new String[] {enabledProtocol});
+            socket.setEnabledProtocols(new String[] { enabledProtocol });
+            // enable a block cipher
+            socket.setEnabledCipherSuites(
+                new String[] { "TLS_DHE_RSA_WITH_AES_128_CBC_SHA" });
 
-            // enable a block cipher
-            sslSocket.setEnabledCipherSuites(
-                new String[] {"TLS_DHE_RSA_WITH_AES_128_CBC_SHA"});
-
-            try (OutputStream sslOS = sslSocket.getOutputStream()) {
+            try (OutputStream sslOS = socket.getOutputStream()) {
                 sslOS.write('B');
                 sslOS.flush();
             }
-
             throw new Exception(
-                    "RSA keys shorter than 1024 bits should be disabled");
+               "RSA keys shorter than 1024 bits should be disabled");
         } catch (SSLHandshakeException sslhe) {
             // the expected exception, ignore
         }
@@ -207,16 +163,16 @@
      * =============================================================
      * The remainder is just support stuff
      */
-    private static String tmAlgorithm;        // trust manager
-    private static String enabledProtocol;    // the target protocol
+    private static String tmAlgorithm; // trust manager
+    private static String enabledProtocol; // the target protocol
 
     private static void parseArguments(String[] args) {
-        tmAlgorithm = args[0];
-        enabledProtocol = args[1];
+            tmAlgorithm = args[0];
+            enabledProtocol = args[1];
     }
 
     private static SSLContext generateSSLContext(String trustedCertStr,
-            String keyCertStr, String keySpecStr) throws Exception {
+                String keyCertStr, String keySpecStr) throws Exception {
 
         // generate certificate from cert string
         CertificateFactory cf = CertificateFactory.getInstance("X.509");
@@ -239,10 +195,10 @@
         if (keyCertStr != null) {
             // generate the private key.
             PKCS8EncodedKeySpec priKeySpec = new PKCS8EncodedKeySpec(
-                                Base64.getMimeDecoder().decode(keySpecStr));
+                            Base64.getMimeDecoder().decode(keySpecStr));
             KeyFactory kf = KeyFactory.getInstance("RSA");
             RSAPrivateKey priKey =
-                    (RSAPrivateKey)kf.generatePrivate(priKeySpec);
+                (RSAPrivateKey)kf.generatePrivate(priKeySpec);
 
             // generate certificate chain
             is = new ByteArrayInputStream(keyCertStr.getBytes());
@@ -281,13 +237,6 @@
         return ctx;
     }
 
-
-    // use any free port by default
-    volatile int serverPort = 0;
-
-    volatile Exception serverException = null;
-    volatile Exception clientException = null;
-
     public static void main(String[] args) throws Exception {
         if (debug)
             System.setProperty("javax.net.debug", "all");
@@ -300,142 +249,7 @@
         /*
          * Start the tests.
          */
-        new DisabledShortRSAKeys();
+        new DisabledShortRSAKeys().run();
     }
 
-    Thread clientThread = null;
-    Thread serverThread = null;
-
-    /*
-     * Primary constructor, used to drive remainder of the test.
-     *
-     * Fork off the other side, then do your work.
-     */
-    DisabledShortRSAKeys() throws Exception {
-        Exception startException = null;
-        try {
-            if (separateServerThread) {
-                startServer(true);
-                startClient(false);
-            } else {
-                startClient(true);
-                startServer(false);
-            }
-        } catch (Exception e) {
-            startException = e;
-        }
-
-        /*
-         * Wait for other side to close down.
-         */
-        if (separateServerThread) {
-            if (serverThread != null) {
-                serverThread.join();
-            }
-        } else {
-            if (clientThread != null) {
-                clientThread.join();
-            }
-        }
-
-        /*
-         * When we get here, the test is pretty much over.
-         * Which side threw the error?
-         */
-        Exception local;
-        Exception remote;
-
-        if (separateServerThread) {
-            remote = serverException;
-            local = clientException;
-        } else {
-            remote = clientException;
-            local = serverException;
-        }
-
-        Exception exception = null;
-
-        /*
-         * Check various exception conditions.
-         */
-        if ((local != null) && (remote != null)) {
-            // If both failed, return the curthread's exception.
-            local.initCause(remote);
-            exception = local;
-        } else if (local != null) {
-            exception = local;
-        } else if (remote != null) {
-            exception = remote;
-        } else if (startException != null) {
-            exception = startException;
-        }
-
-        /*
-         * If there was an exception *AND* a startException,
-         * output it.
-         */
-        if (exception != null) {
-            if (exception != startException && startException != null) {
-                exception.addSuppressed(startException);
-            }
-            throw exception;
-        }
-
-        // Fall-through: no exception to throw!
-    }
-
-    void startServer(boolean newThread) throws Exception {
-        if (newThread) {
-            serverThread = new Thread() {
-                public void run() {
-                    try {
-                        doServerSide();
-                    } catch (Exception e) {
-                        /*
-                         * Our server thread just died.
-                         *
-                         * Release the client, if not active already...
-                         */
-                        System.err.println("Server died...");
-                        serverReady = true;
-                        serverException = e;
-                    }
-                }
-            };
-            serverThread.start();
-        } else {
-            try {
-                doServerSide();
-            } catch (Exception e) {
-                serverException = e;
-            } finally {
-                serverReady = true;
-            }
-        }
-    }
-
-    void startClient(boolean newThread) throws Exception {
-        if (newThread) {
-            clientThread = new Thread() {
-                public void run() {
-                    try {
-                        doClientSide();
-                    } catch (Exception e) {
-                        /*
-                         * Our client thread just died.
-                         */
-                        System.err.println("Client died...");
-                        clientException = e;
-                    }
-                }
-            };
-            clientThread.start();
-        } else {
-            try {
-                doClientSide();
-            } catch (Exception e) {
-                clientException = e;
-            }
-        }
-    }
 }