Skip to content

Commit

Permalink
u
Browse files Browse the repository at this point in the history
  • Loading branch information
JinhangZhang committed Sep 6, 2024
1 parent 7fc63aa commit 3576259
Show file tree
Hide file tree
Showing 66 changed files with 453 additions and 436 deletions.
23 changes: 17 additions & 6 deletions test/jdk/javax/net/ssl/DTLS/CipherSuite.java
Original file line number Diff line number Diff line change
Expand Up @@ -75,18 +75,29 @@ public static void main(String[] args) throws Exception {
try {
testCase.runTest(testCase);
} catch (javax.net.ssl.SSLHandshakeException sslhe) {
if (Utils.isFIPS()
&& !SecurityUtils.TLS_CIPHERSUITES.containsKey(cipherSuite)) {
if ("No appropriate protocol (protocol is disabled or cipher suites are inappropriate)".equals(sslhe.getMessage())) {
System.out.println("Expected exception msg: <No appropriate protocol (protocol is disabled or cipher suites are inappropriate)> is caught");
if (Utils.isFIPS()) {
if(!SecurityUtils.TLS_CIPHERSUITES.containsKey(cipherSuite)) {
if ("No appropriate protocol (protocol is disabled or cipher suites are inappropriate)".equals(sslhe.getMessage())) {
System.out.println("Expected exception msg: <No appropriate protocol (protocol is disabled or cipher suites are inappropriate)> is caught");
return;
} else {
System.out.println("Unexpected exception msg: <" + sslhe.getMessage() + "> is caught");
return;
}
} else {
System.out.println("Unexpected exception is caught");
sslhe.printStackTrace();
return;
}
} else {
System.out.println("Unexpected exception is caught in Non-FIPS mode");
sslhe.printStackTrace();
return;
}
} catch (Exception e) {
e.printStackTrace();
return;
}
testCase.runTest(testCase);
}

@Override
Expand All @@ -99,4 +110,4 @@ SSLEngine createSSLEngine(boolean isClient) throws Exception {

return engine;
}
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -48,9 +48,6 @@
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLException;

import jdk.test.lib.Utils;
import jdk.test.lib.security.SecurityUtils;

/**
* Testing DTLS engines handshake using each of the supported cipher suites with
* replicated packets check.
Expand All @@ -62,9 +59,7 @@ public class DTLSHandshakeWithReplicatedPacketsTest extends SSLEngineTestCase {
public static void main(String[] args) {
DTLSHandshakeWithReplicatedPacketsTest test
= new DTLSHandshakeWithReplicatedPacketsTest();
if (Utils.isFIPS()) {
setUpAndStartKDCIfNeeded();
}
setUpAndStartKDCIfNeeded();
test.runTests();
}

Expand Down
7 changes: 1 addition & 6 deletions test/jdk/javax/net/ssl/DTLS/DTLSIncorrectAppDataTest.java
Original file line number Diff line number Diff line change
Expand Up @@ -53,9 +53,6 @@
import java.util.Random;
import jdk.test.lib.RandomFactory;

import jdk.test.lib.Utils;
import jdk.test.lib.security.SecurityUtils;

/**
* Testing DTLS incorrect app data packages unwrapping. Incorrect application
* data packages should be ignored by DTLS SSLEngine.
Expand All @@ -66,9 +63,7 @@ public class DTLSIncorrectAppDataTest extends SSLEngineTestCase {

public static void main(String[] s) {
DTLSIncorrectAppDataTest test = new DTLSIncorrectAppDataTest();
if (Utils.isFIPS()) {
setUpAndStartKDCIfNeeded();
}
setUpAndStartKDCIfNeeded();
test.runTests();
}

Expand Down
1 change: 0 additions & 1 deletion test/jdk/javax/net/ssl/DTLS/DTLSOverDatagram.java
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,6 @@
import java.util.concurrent.atomic.AtomicBoolean;

import jdk.test.lib.hexdump.HexPrinter;
import jdk.test.lib.Utils;

/**
* An example to show the way to use SSLEngine in datagram connections.
Expand Down
7 changes: 1 addition & 6 deletions test/jdk/javax/net/ssl/DTLS/DTLSSequenceNumberTest.java
Original file line number Diff line number Diff line change
Expand Up @@ -55,9 +55,6 @@
import java.util.Random;
import jdk.test.lib.RandomFactory;

import jdk.test.lib.Utils;
import jdk.test.lib.security.SecurityUtils;

/**
* Testing DTLS records sequence number property support in application data
* exchange.
Expand All @@ -72,9 +69,7 @@ public class DTLSSequenceNumberTest extends SSLEngineTestCase {

public static void main(String[] args) {
DTLSSequenceNumberTest test = new DTLSSequenceNumberTest();
if (Utils.isFIPS()) {
setUpAndStartKDCIfNeeded();
}
setUpAndStartKDCIfNeeded();
test.runTests();
}

Expand Down
19 changes: 16 additions & 3 deletions test/jdk/javax/net/ssl/DTLS/DTLSWontNegotiateV10.java
Original file line number Diff line number Diff line change
Expand Up @@ -78,11 +78,24 @@ public static void main(String[] args) throws Exception {
} catch (SocketTimeoutException exc) {
System.out.println("The server timed-out waiting for packets from the client.");
} catch (javax.net.ssl.SSLHandshakeException sslhe) {
if (Utils.isFIPS() && !SecurityUtils.TLS_PROTOCOLS.contains(args[0])) {
if ("No appropriate protocol (protocol is disabled or cipher suites are inappropriate)".equals(sslhe.getMessage())) {
System.out.println("Expected exception msg: <No appropriate protocol (protocol is disabled or cipher suites are inappropriate)> is caught");
if (Utils.isFIPS()) {
if(!SecurityUtils.TLS_PROTOCOLS.contains(args[0])) {
if ("No appropriate protocol (protocol is disabled or cipher suites are inappropriate)".equals(sslhe.getMessage())) {
System.out.println("Expected exception msg: <No appropriate protocol (protocol is disabled or cipher suites are inappropriate)> is caught");
return;
} else {
System.out.println("Unexpected exception msg: <" + sslhe.getMessage() + "> is caught");
return;
}
} else {
System.out.println("Unexpected exception is caught");
sslhe.printStackTrace();
return;
}
} else {
System.out.println("Unexpected exception is caught in Non-FIPS mode");
sslhe.printStackTrace();
return;
}
}
}
Expand Down
22 changes: 17 additions & 5 deletions test/jdk/javax/net/ssl/DTLS/WeakCipherSuite.java
Original file line number Diff line number Diff line change
Expand Up @@ -66,12 +66,24 @@ public static void main(String[] args) throws Exception {
try {
testCase.runTest(testCase);
} catch (javax.net.ssl.SSLHandshakeException sslhe) {
if (Utils.isFIPS()
&& !SecurityUtils.TLS_CIPHERSUITES.containsKey(cipherSuite)) {
if ("No appropriate protocol (protocol is disabled or cipher suites are inappropriate)".equals(sslhe.getMessage())) {
System.out.println("Expected exception msg: <No appropriate protocol (protocol is disabled or cipher suites are inappropriate)> is caught");
if (Utils.isFIPS()) {
if(!SecurityUtils.TLS_CIPHERSUITES.containsKey(cipherSuite)) {
if ("No appropriate protocol (protocol is disabled or cipher suites are inappropriate)".equals(sslhe.getMessage())) {
System.out.println("Expected exception msg: <No appropriate protocol (protocol is disabled or cipher suites are inappropriate)> is caught");
return;
} else {
System.out.println("Unexpected exception msg: <" + sslhe.getMessage() + "> is caught");
return;
}
} else {
System.out.println("Unexpected exception is caught");
sslhe.printStackTrace();
return;
}
} else {
System.out.println("Unexpected exception is caught in Non-FIPS mode");
sslhe.printStackTrace();
return;
}
} catch (Exception e) {
e.printStackTrace();
Expand All @@ -86,4 +98,4 @@ SSLEngine createSSLEngine(boolean isClient) throws Exception {

return engine;
}
}
}
2 changes: 1 addition & 1 deletion test/jdk/javax/net/ssl/FIPSFlag/FIPSFlagTests.java
Original file line number Diff line number Diff line change
Expand Up @@ -37,4 +37,4 @@
* -Dsemeru.fips=true
* -Dsemeru.customprofile=OpenJCEPlusFIPS
* TestFIPS true 140-3
*/
*/
3 changes: 2 additions & 1 deletion test/jdk/javax/net/ssl/FIPSFlag/TestFIPS.java
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,7 @@ public static void main(String[] args) throws Exception {
return;
}

System.out.println("profile is: " + PROFILE);
if (PROFILE.contains("OpenJCEPlusFIPS")) {
if (SEMERU_FIPS.equals(args[0])) {
if (args[0].equals("true")) {
Expand All @@ -83,4 +84,4 @@ public FIPSException(String message) {
super(message);
}
}
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,6 @@
import javax.net.ssl.*;

import jdk.test.lib.Utils;
import jdk.test.lib.security.SecurityUtils;

public class ImplicitHandshake {

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,6 @@
import java.security.cert.Certificate;

import jdk.test.lib.Utils;
import jdk.test.lib.security.SecurityUtils;

public class CriticalSubjectAltName implements HostnameVerifier {
/*
Expand Down Expand Up @@ -201,11 +200,20 @@ public static void main(String[] args) throws Exception {
if ("Algorithm constraints check failed on signature algorithm: MD5withRSA".equals(e.getMessage())) {
System.out.println("MD5withRSA is not a supported signature algorithm.");
return;
} else {
System.out.println("Unexpected exception msg: <" + e.getMessage() + "> is caught");
return;
}
} else {
System.out.println("Unexpected exception is caught");
e.printStackTrace();
return;
}
} else {
System.out.println("Unexpected exception is caught in Non-FIPS mode");
e.printStackTrace();
return;
}
e.printStackTrace();
return;
}
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,6 @@
import java.security.cert.Certificate;

import jdk.test.lib.Utils;
import jdk.test.lib.security.SecurityUtils;

public class GetResponseCode implements HostnameVerifier {
/*
Expand Down

This file was deleted.

5 changes: 0 additions & 5 deletions test/jdk/javax/net/ssl/SSLEngine/ArgCheck.java
Original file line number Diff line number Diff line change
Expand Up @@ -36,9 +36,6 @@
import java.security.*;
import java.nio.*;

import jdk.test.lib.Utils;
import jdk.test.lib.security.SecurityUtils;

public class ArgCheck {

private static boolean debug = false;
Expand Down Expand Up @@ -261,8 +258,6 @@ static private SSLEngine createSSLEngine(String keyFile, String trustFile)
KeyStore ks = KeyStore.getInstance("JKS");
KeyStore ts = KeyStore.getInstance("JKS");

ks.load(null, null);

char[] passphrase = "passphrase".toCharArray();

ks.load(new FileInputStream(keyFile), passphrase);
Expand Down
35 changes: 28 additions & 7 deletions test/jdk/javax/net/ssl/SSLEngine/Arrays.java
Original file line number Diff line number Diff line change
Expand Up @@ -196,19 +196,40 @@ public static void main(String args[]) throws Exception {
contextVersion.equals("TLSv1.1")) {
SecurityUtils.removeFromDisabledTlsAlgs(contextVersion);
}
} else {
if (!SecurityUtils.TLS_PROTOCOLS.contains(contextVersion)) {
return;
}
}
}

Arrays test = null;
Arrays test;

test = new Arrays();

test.createSSLEngines();

test.runTest();
try {
test.runTest();
} catch (javax.net.ssl.SSLHandshakeException sslhe) {
if (Utils.isFIPS()) {
if(!SecurityUtils.TLS_PROTOCOLS.contains(contextVersion)) {
if ("No appropriate protocol (protocol is disabled or cipher suites are inappropriate)".equals(sslhe.getMessage())) {
System.out.println("Expected exception msg: <No appropriate protocol (protocol is disabled or cipher suites are inappropriate)> is caught");
return;
} else {
System.out.println("Unexpected exception msg: <" + sslhe.getMessage() + "> is caught");
return;
}
} else {
System.out.println("Unexpected exception is caught");
sslhe.printStackTrace();
return;
}
} else {
System.out.println("Unexpected exception is caught in Non-FIPS mode");
sslhe.printStackTrace();
return;
}
} catch (Exception e) {
e.printStackTrace();
return;
}

System.err.println("Test Passed.");
}
Expand Down
1 change: 0 additions & 1 deletion test/jdk/javax/net/ssl/SSLEngine/Basics.java
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,6 @@ private static void runTest(String protocol, String cipherSuite) throws Exceptio

KeyStore ks = KeyStore.getInstance("JKS");
KeyStore ts = KeyStore.getInstance("JKS");

char[] passphrase = "passphrase".toCharArray();

ks.load(new FileInputStream(KEYSTORE_PATH), passphrase);
Expand Down
Loading

0 comments on commit 3576259

Please sign in to comment.