Mercurial > hg > openjdk > jdk6 > jdk
changeset 1838:bcc6c3db1df4
8193892: Impact of noncloneable MessageDigest implementation
Reviewed-by: wetmore
| author | coffeys |
|---|---|
| date | Tue, 06 Mar 2018 18:29:10 +0000 |
| parents | f6f944b3b9a0 |
| children | 8d9cb2b095e5 |
| files | test/sun/security/ssl/HandshakeHash/DigestBase.java test/sun/security/ssl/HandshakeHash/HandshakeHashCloneExhaustion.java test/sun/security/ssl/HandshakeHash/MyProvider.java |
| diffstat | 3 files changed, 213 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/ssl/HandshakeHash/DigestBase.java Tue Mar 06 18:29:10 2018 +0000 @@ -0,0 +1,71 @@ +/* + * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.security.*; + +class DigestBase extends MessageDigestSpi { + + private MessageDigest digest = null; + + public DigestBase(String alg, String provider) throws Exception { + digest = MessageDigest.getInstance(alg, provider); + } + + @Override + protected void engineUpdate(byte input) { + digest.update(input); + } + + @Override + protected void engineUpdate(byte[] input, int offset, int len) { + digest.update(input, offset, len); + } + + @Override + protected byte[] engineDigest() { + return digest.digest(); + } + + @Override + protected void engineReset() { + digest.reset(); + } + + public static final class MD5 extends DigestBase { + public MD5() throws Exception { + super("MD5", "SUN"); + } + } + + public static final class SHA extends DigestBase { + public SHA() throws Exception { + super("SHA", "SUN"); + } + } + + public static final class SHA256 extends DigestBase { + public SHA256() throws Exception { + super("SHA-256", "SUN"); + } + } +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/ssl/HandshakeHash/HandshakeHashCloneExhaustion.java Tue Mar 06 18:29:10 2018 +0000 @@ -0,0 +1,107 @@ +/* + * Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +// +// Please run in othervm mode. SunJSSE does not support dynamic system +// properties, no way to re-use system properties in samevm/agentvm mode. +// + +/* + * @test + * @bug 8148421 8193683 + * @summary Transport Layer Security (TLS) Session Hash and Extended + * Master Secret Extension + * @summary Increase the number of clones in the CloneableDigest + * @library /javax/net/ssl/templates + * @compile DigestBase.java + * @run main/othervm HandshakeHashCloneExhaustion + * TLSv1.2 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + * @run main/othervm HandshakeHashCloneExhaustion + * TLSv1.1 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + */ + +import java.io.InputStream; +import java.io.OutputStream; +import java.security.MessageDigest; +import java.security.Security; +import javax.net.ssl.SSLSocket; + +public class HandshakeHashCloneExhaustion extends SSLSocketTemplate { + + private static String[] protocol; + private static String[] ciphersuite; + private static String[] mds = { "SHA", "MD5", "SHA-256" }; + + /* + * ================== + * Run the test case. + */ + public static void main(String[] args) throws Exception { + // Add in a non-cloneable MD5/SHA1/SHA-256 implementation + Security.insertProviderAt(new MyProvider(), 1); + // make sure our provider is functioning + for (String s : mds) { + MessageDigest md = MessageDigest.getInstance(s); + String p = md.getProvider().getName(); + if (!p.equals("MyProvider")) { + throw new RuntimeException("Unexpected provider: " + p); + } + } + + if (args.length != 2) { + throw new Exception( + "Usage: HandshakeHashCloneExhaustion protocol ciphersuite"); + } + + System.out.println("Testing: " + args[0] + " " + args[1]); + protocol = new String [] { args[0] }; + ciphersuite = new String[] { args[1] }; + + (new HandshakeHashCloneExhaustion()).run(); + } + + @Override + protected void runServerApplication(SSLSocket socket) throws Exception { + socket.setNeedClientAuth(true); + socket.setEnabledProtocols(protocol); + socket.setEnabledCipherSuites(ciphersuite); + + // here comes the test logic + InputStream sslIS = socket.getInputStream(); + OutputStream sslOS = socket.getOutputStream(); + + sslIS.read(); + sslOS.write(85); + sslOS.flush(); + } + + @Override + protected void runClientApplication(SSLSocket socket) throws Exception { + InputStream sslIS = socket.getInputStream(); + OutputStream sslOS = socket.getOutputStream(); + + sslOS.write(280); + sslOS.flush(); + sslIS.read(); + } +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/sun/security/ssl/HandshakeHash/MyProvider.java Tue Mar 06 18:29:10 2018 +0000 @@ -0,0 +1,35 @@ +/* + * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.security.*; + +public final class MyProvider extends Provider { + + public MyProvider() { + super("MyProvider", 1.0d, + "Test Provider: SHA1/MD5/SHA256 exhaustion testing"); + put("MessageDigest.SHA", "DigestBase$SHA"); + put("MessageDigest.MD5", "DigestBase$MD5"); + put("MessageDigest.SHA-256", "DigestBase$SHA256"); + } +}