File: DTLSIncorrectAppDataTest.java

package info (click to toggle)
openjdk-11 11.0.4%2B11-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 757,028 kB
  • sloc: java: 5,016,041; xml: 1,191,974; cpp: 934,731; ansic: 555,697; sh: 24,299; objc: 12,703; python: 3,602; asm: 3,415; makefile: 2,772; awk: 351; sed: 172; perl: 114; jsp: 24; csh: 3
file content (111 lines) | stat: -rw-r--r-- 4,723 bytes parent folder | download | duplicates (16) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
 
/*
 * Copyright (c) 2015, 2017, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */

/*
 * @test
 * @bug 8043758
 * @summary Testing DTLS incorrect app data packages unwrapping.
 * @key randomness
 * @library /sun/security/krb5/auto /test/lib /javax/net/ssl/TLSCommon
 * @modules java.security.jgss
 *          jdk.security.auth
 *          java.security.jgss/sun.security.jgss.krb5
 *          java.security.jgss/sun.security.krb5:+open
 *          java.security.jgss/sun.security.krb5.internal:+open
 *          java.security.jgss/sun.security.krb5.internal.ccache
 *          java.security.jgss/sun.security.krb5.internal.crypto
 *          java.security.jgss/sun.security.krb5.internal.ktab
 *          java.base/sun.security.util
 * @build jdk.test.lib.RandomFactory
 * @run main/othervm -Dtest.security.protocol=DTLS
 *      -Dtest.mode=norm DTLSIncorrectAppDataTest
 * @run main/othervm -Dtest.security.protocol=DTLS
 *      -Dtest.mode=norm_sni DTLSIncorrectAppDataTest
 * @run main/othervm -Dtest.security.protocol=DTLS
 *      -Dtest.mode=krb DTLSIncorrectAppDataTest
 */

import java.nio.ByteBuffer;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLException;
import java.util.Random;
import jdk.test.lib.RandomFactory;

/**
 * Testing DTLS incorrect app data packages unwrapping. Incorrect application
 * data packages should be ignored by DTLS SSLEngine.
 */
public class DTLSIncorrectAppDataTest extends SSLEngineTestCase {

    private final String MESSAGE = "Hello peer!";

    public static void main(String[] s) {
        DTLSIncorrectAppDataTest test = new DTLSIncorrectAppDataTest();
        setUpAndStartKDCIfNeeded();
        test.runTests();
    }

    @Override
    protected void testOneCipher(String cipher) {
        SSLContext context = getContext();
        int maxPacketSize = getMaxPacketSize();
        boolean useSNI = !TEST_MODE.equals("norm");
        SSLEngine clientEngine = getClientSSLEngine(context, useSNI);
        SSLEngine serverEngine = getServerSSLEngine(context, useSNI);
        clientEngine.setEnabledCipherSuites(new String[]{cipher});
        serverEngine.setEnabledCipherSuites(new String[]{cipher});
        serverEngine.setNeedClientAuth(!cipher.contains("anon"));
        try {
            doHandshake(clientEngine, serverEngine, maxPacketSize,
                    HandshakeMode.INITIAL_HANDSHAKE);
            checkIncorrectAppDataUnwrap(clientEngine, serverEngine);
            checkIncorrectAppDataUnwrap(serverEngine, clientEngine);
        } catch (SSLException ssle) {
            throw new AssertionError("Error during handshake or sending app data",
                    ssle);
        }
    }

    private void checkIncorrectAppDataUnwrap(SSLEngine sendEngine,
            SSLEngine recvEngine) throws SSLException {
        String direction = sendEngine.getUseClientMode() ? "client"
                : "server";
        System.out.println("================================================="
                + "===========");
        System.out.println("Testing DTLS incorrect app data packages unwrapping"
                + " by sending data from " + direction);
        ByteBuffer app = ByteBuffer.wrap(MESSAGE.getBytes());
        ByteBuffer net = doWrap(sendEngine, direction, 0, app);
        final Random RNG = RandomFactory.getRandom();
        int randomPlace = RNG.nextInt(net.remaining());
        net.array()[randomPlace] += 1;
        app = ByteBuffer.allocate(recvEngine.getSession()
                .getApplicationBufferSize());
        recvEngine.unwrap(net, app);
        app.flip();
        int length = app.remaining();
        System.out.println("Unwrapped " + length + " bytes.");
    }
}