File: InvalidRecords.java

package info (click to toggle)
openjdk-24 24.0.2%2B12-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 831,900 kB
  • sloc: java: 5,677,020; cpp: 1,323,154; xml: 1,320,524; ansic: 486,889; asm: 405,131; objc: 21,025; sh: 15,221; javascript: 11,049; python: 8,222; makefile: 2,504; perl: 357; awk: 351; sed: 172; pascal: 103; exp: 54; jsp: 24; csh: 3
file content (109 lines) | stat: -rw-r--r-- 4,517 bytes parent folder | download | duplicates (9) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
 
/*
 * Copyright (c) 2015, 2024, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */

// SunJSSE does not support dynamic system properties, no way to re-use
// system properties in samevm/agentvm mode.

/*
 * @test
 * @bug 8043758 8307383
 * @summary Datagram Transport Layer Security (DTLS)
 * @modules java.base/sun.security.util
 * @library /test/lib
 * @build DTLSOverDatagram
 * @run main/othervm InvalidRecords
 */

import java.net.DatagramPacket;
import java.net.SocketAddress;
import java.nio.ByteBuffer;
import java.util.concurrent.atomic.AtomicBoolean;

/**
 * Test that if handshake messages are changed, the handshake would fail
 * because of handshaking hash verification.
 */
public class InvalidRecords extends DTLSOverDatagram {
    private static final AtomicBoolean needInvalidRecords = new AtomicBoolean(true);

    public static void main(String[] args) throws Exception {
        InvalidRecords testCase = new InvalidRecords();
        testCase.runTest(testCase);

        if (needInvalidRecords.get()) {
            // if this is true, the createHandshakePacket() method
            // was NOT called twice to create ClientHello messages
            throw new RuntimeException(
                    "The invalid handshake packet was not"
                    + " rejected as it should have been.");
        }
    }


    @Override
    DatagramPacket createHandshakePacket(byte[] ba, SocketAddress socketAddr) {
        if (needInvalidRecords.get() && (ba.length >= 60) &&
                (ba[0x00] == (byte)0x16) && (ba[0x0D] == (byte)0x01) &&
                (ba[0x3B] == (byte)0x00) && (ba[0x3C] > 0)) {

            // ba[0x00]: record type
            // ba[0x0D]: handshake type
            // ba[0x3B]: length of session ID
            // ba[0x3C]: length of cookie

            // ClientHello with cookie
            needInvalidRecords.set(false);
            System.out.println("invalidate ClientHello message");
            // We will alter the compression method field in order to make the cookie
            // check fail.
            ByteBuffer chRec = ByteBuffer.wrap(ba);
            // Skip 59 bytes past the record header (13), the handshake header (12),
            // the protocol version (2), and client random (32)
            chRec.position(59);
            // Jump past the session ID
            int len = Byte.toUnsignedInt(chRec.get());
            chRec.position(chRec.position() + len);
            // Skip the cookie
            len = Byte.toUnsignedInt(chRec.get());
            chRec.position(chRec.position() + len);
            // Skip past cipher suites
            len = Short.toUnsignedInt(chRec.getShort());
            chRec.position(chRec.position() + len);
            // Read the data on the compression methods, should be at least 1
            len = Byte.toUnsignedInt(chRec.get());
            if (len >= 1) {
                System.out.println("Detected compression methods (count = " + len + ")");
            } else {
                ba[ba.length - 1] = (byte)0xFF;
                throw new RuntimeException("Got zero length comp methods");
            }
            // alter the first comp method.
            int compMethodVal = Byte.toUnsignedInt(chRec.get(chRec.position()));
            System.out.println("Changing value at position " + chRec.position() +
                    " from " + compMethodVal + " to " + ++compMethodVal);
            chRec.put(chRec.position(), (byte)compMethodVal);
        }

        return super.createHandshakePacket(ba, socketAddr);
    }
}