WolfSSL
/
wolfssljni
mirror of https://github.com/wolfSSL/wolfssljni.git
1
0
Fork 0
Code Issues Releases Wiki Activity

JNI: add DTLS 1.3 to JNI-only layer

pull/254/head
Chris Conlon 2024-10-14 15:00:54 -06:00
parent 45810c8fbf
commit 36a1057366
8 changed files with 276 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
examples/Client.java
View File

@ -222,10 +222,15 @@ public class Client {
/* sort out DTLS versus TLS versions */ /* sort out DTLS versus TLS versions */
if (doDTLS == 1) { if (doDTLS == 1) {
if (sslVersion == 3) if (sslVersion == 4) {
sslVersion = -3;
}
else if (sslVersion == 3) {
sslVersion = -2; sslVersion = -2;
else }
else {
sslVersion = -1; sslVersion = -1;
}
} }
/* init library */ /* init library */
@ -260,6 +265,9 @@ public class Client {
case -2: case -2:
method = WolfSSL.DTLSv1_2_ClientMethod(); method = WolfSSL.DTLSv1_2_ClientMethod();
break; break;
case -3:
method = WolfSSL.DTLSv1_3_ClientMethod();
break;
default: default:
System.err.println("Bad SSL version"); System.err.println("Bad SSL version");
System.exit(1); System.exit(1);
@ -786,7 +794,7 @@ public class Client {
System.out.println("-d\t\tDisable peer checks"); System.out.println("-d\t\tDisable peer checks");
if (WolfSSL.isEnabledDTLS() == 1) if (WolfSSL.isEnabledDTLS() == 1)
System.out.println("-u\t\tUse UDP DTLS, add -v 2 for DTLSv1 " + System.out.println("-u\t\tUse UDP DTLS, add -v 2 for DTLSv1 " +
"(default), -v 3 for DTLSv1.2"); "(default), -v 3 for DTLSv1.2, -v 4 for DTLSv1.3");
System.out.println("-iocb\t\tEnable test I/O callbacks"); System.out.println("-iocb\t\tEnable test I/O callbacks");
System.out.println("-logtest\tEnable test logging callback"); System.out.println("-logtest\tEnable test logging callback");
if (WolfSSL.isEnabledOCSP() == 1) { if (WolfSSL.isEnabledOCSP() == 1) {

14
examples/Server.java
View File

@ -209,10 +209,15 @@ public class Server {
/* sort out DTLS versus TLS versions */ /* sort out DTLS versus TLS versions */
if (doDTLS == 1) { if (doDTLS == 1) {
if (sslVersion == 3) if (sslVersion == 4) {
sslVersion = -3;
}
else if (sslVersion == 3) {
sslVersion = -2; sslVersion = -2;
else }
else {
sslVersion = -1; sslVersion = -1;
}
} }
/* init library */ /* init library */
@ -247,6 +252,9 @@ public class Server {
case -2: case -2:
method = WolfSSL.DTLSv1_2_ServerMethod(); method = WolfSSL.DTLSv1_2_ServerMethod();
break; break;
case -3:
method = WolfSSL.DTLSv1_3_ServerMethod();
break;
default: default:
System.err.println("Bad SSL version"); System.err.println("Bad SSL version");
System.exit(1); System.exit(1);
@ -683,7 +691,7 @@ public class Server {
System.out.println("-s\t\tUse pre shared keys"); System.out.println("-s\t\tUse pre shared keys");
if (WolfSSL.isEnabledDTLS() == 1) if (WolfSSL.isEnabledDTLS() == 1)
System.out.println("-u\t\tUse UDP DTLS, add -v 2 for DTLSv1 (default)" + System.out.println("-u\t\tUse UDP DTLS, add -v 2 for DTLSv1 (default)" +
", -v 3 for DTLSv1.2"); ", -v 3 for DTLSv1.2, -v 4 for DTLSv1.3");
System.out.println("-iocb\t\tEnable test I/O callbacks"); System.out.println("-iocb\t\tEnable test I/O callbacks");
System.out.println("-logtest\tEnable test logging callback"); System.out.println("-logtest\tEnable test logging callback");
if (WolfSSL.isEnabledOCSP() == 1) { if (WolfSSL.isEnabledOCSP() == 1) {

142
native/com_wolfssl_WolfSSL.c
View File

@ -747,7 +747,7 @@ JNIEXPORT jlong JNICALL Java_com_wolfssl_WolfSSL_SSLv3_1ServerMethod
#if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS) #if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS)
return (jlong)(uintptr_t)wolfSSLv3_server_method(); return (jlong)(uintptr_t)wolfSSLv3_server_method();
#else #else
return NOT_COMPILED_IN; return 0;
#endif #endif
} }
@ -760,7 +760,7 @@ JNIEXPORT jlong JNICALL Java_com_wolfssl_WolfSSL_SSLv3_1ClientMethod
#if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS) #if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS)
return (jlong)(uintptr_t)wolfSSLv3_client_method(); return (jlong)(uintptr_t)wolfSSLv3_client_method();
#else #else
return NOT_COMPILED_IN; return 0;
#endif #endif
} }
@ -773,7 +773,7 @@ JNIEXPORT jlong JNICALL Java_com_wolfssl_WolfSSL_TLSv1_1Method
#if !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_TLSV10) #if !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_TLSV10)
return (jlong)(uintptr_t)wolfTLSv1_method(); return (jlong)(uintptr_t)wolfTLSv1_method();
#else #else
return NOT_COMPILED_IN; return 0;
#endif #endif
} }
@ -786,7 +786,7 @@ JNIEXPORT jlong JNICALL Java_com_wolfssl_WolfSSL_TLSv1_1ServerMethod
#if !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_TLSV10) #if !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_TLSV10)
return (jlong)(uintptr_t)wolfTLSv1_server_method(); return (jlong)(uintptr_t)wolfTLSv1_server_method();
#else #else
return NOT_COMPILED_IN; return 0;
#endif #endif
} }
@ -799,7 +799,7 @@ JNIEXPORT jlong JNICALL Java_com_wolfssl_WolfSSL_TLSv1_1ClientMethod
#if !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_TLSV10) #if !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_TLSV10)
return (jlong)(uintptr_t)wolfTLSv1_client_method(); return (jlong)(uintptr_t)wolfTLSv1_client_method();
#else #else
return NOT_COMPILED_IN; return 0;
#endif #endif
} }
@ -812,7 +812,7 @@ JNIEXPORT jlong JNICALL Java_com_wolfssl_WolfSSL_TLSv1_11_1Method
#ifndef NO_OLD_TLS #ifndef NO_OLD_TLS
return (jlong)(uintptr_t)wolfTLSv1_1_method(); return (jlong)(uintptr_t)wolfTLSv1_1_method();
#else #else
return NOT_COMPILED_IN; return 0;
#endif #endif
} }
@ -825,7 +825,7 @@ JNIEXPORT jlong JNICALL Java_com_wolfssl_WolfSSL_TLSv1_11_1ServerMethod
#ifndef NO_OLD_TLS #ifndef NO_OLD_TLS
return (jlong)(uintptr_t)wolfTLSv1_1_server_method(); return (jlong)(uintptr_t)wolfTLSv1_1_server_method();
#else #else
return NOT_COMPILED_IN; return 0;
#endif #endif
} }
@ -838,7 +838,7 @@ JNIEXPORT jlong JNICALL Java_com_wolfssl_WolfSSL_TLSv1_11_1ClientMethod
#ifndef NO_OLD_TLS #ifndef NO_OLD_TLS
return (jlong)(uintptr_t)wolfTLSv1_1_client_method(); return (jlong)(uintptr_t)wolfTLSv1_1_client_method();
#else #else
return NOT_COMPILED_IN; return 0;
#endif #endif
} }
@ -878,7 +878,7 @@ JNIEXPORT jlong JNICALL Java_com_wolfssl_WolfSSL_TLSv1_13_1Method
#ifdef WOLFSSL_TLS13 #ifdef WOLFSSL_TLS13
return (jlong)(uintptr_t)wolfTLSv1_3_method(); return (jlong)(uintptr_t)wolfTLSv1_3_method();
#else #else
return NOT_COMPILED_IN; return 0;
#endif #endif
} }
@ -891,7 +891,7 @@ JNIEXPORT jlong JNICALL Java_com_wolfssl_WolfSSL_TLSv1_13_1ServerMethod
#ifdef WOLFSSL_TLS13 #ifdef WOLFSSL_TLS13
return (jlong)(uintptr_t)wolfTLSv1_3_server_method(); return (jlong)(uintptr_t)wolfTLSv1_3_server_method();
#else #else
return NOT_COMPILED_IN; return 0;
#endif #endif
} }
@ -904,7 +904,7 @@ JNIEXPORT jlong JNICALL Java_com_wolfssl_WolfSSL_TLSv1_13_1ClientMethod
#ifdef WOLFSSL_TLS13 #ifdef WOLFSSL_TLS13
return (jlong)(uintptr_t)wolfTLSv1_3_client_method(); return (jlong)(uintptr_t)wolfTLSv1_3_client_method();
#else #else
return NOT_COMPILED_IN; return 0;
#endif #endif
} }
@ -917,7 +917,7 @@ JNIEXPORT jlong JNICALL Java_com_wolfssl_WolfSSL_DTLSv1_1Method
#if defined(WOLFSSL_DTLS) && !defined(NO_OLD_TLS) #if defined(WOLFSSL_DTLS) && !defined(NO_OLD_TLS)
return (jlong)(uintptr_t)wolfDTLSv1_method(); return (jlong)(uintptr_t)wolfDTLSv1_method();
#else #else
return NOT_COMPILED_IN; return 0;
#endif #endif
} }
@ -930,7 +930,7 @@ JNIEXPORT jlong JNICALL Java_com_wolfssl_WolfSSL_DTLSv1_1ClientMethod
#if defined(WOLFSSL_DTLS) && !defined(NO_OLD_TLS) #if defined(WOLFSSL_DTLS) && !defined(NO_OLD_TLS)
return (jlong)(uintptr_t)wolfDTLSv1_client_method(); return (jlong)(uintptr_t)wolfDTLSv1_client_method();
#else #else
return NOT_COMPILED_IN; return 0;
#endif #endif
} }
@ -943,7 +943,7 @@ JNIEXPORT jlong JNICALL Java_com_wolfssl_WolfSSL_DTLSv1_1ServerMethod
#if defined(WOLFSSL_DTLS) && !defined(NO_OLD_TLS) #if defined(WOLFSSL_DTLS) && !defined(NO_OLD_TLS)
return (jlong)(uintptr_t)wolfDTLSv1_server_method(); return (jlong)(uintptr_t)wolfDTLSv1_server_method();
#else #else
return NOT_COMPILED_IN; return 0;
#endif #endif
} }
@ -956,7 +956,7 @@ JNIEXPORT jlong JNICALL Java_com_wolfssl_WolfSSL_DTLSv1_12_1Method
#if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) #if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12)
return (jlong)(uintptr_t)wolfDTLSv1_2_method(); return (jlong)(uintptr_t)wolfDTLSv1_2_method();
#else #else
return NOT_COMPILED_IN; return 0;
#endif #endif
} }
@ -969,7 +969,7 @@ JNIEXPORT jlong JNICALL Java_com_wolfssl_WolfSSL_DTLSv1_12_1ClientMethod
#if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) #if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12)
return (jlong)(uintptr_t)wolfDTLSv1_2_client_method(); return (jlong)(uintptr_t)wolfDTLSv1_2_client_method();
#else #else
return NOT_COMPILED_IN; return 0;
#endif #endif
} }
@ -982,7 +982,46 @@ JNIEXPORT jlong JNICALL Java_com_wolfssl_WolfSSL_DTLSv1_12_1ServerMethod
#if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) #if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12)
return (jlong)(uintptr_t)wolfDTLSv1_2_server_method(); return (jlong)(uintptr_t)wolfDTLSv1_2_server_method();
#else #else
return NOT_COMPILED_IN; return 0;
#endif
}
JNIEXPORT jlong JNICALL Java_com_wolfssl_WolfSSL_DTLSv1_13_1Method
(JNIEnv* jenv, jclass jcl)
{
(void)jenv;
(void)jcl;
#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_DTLS13)
return (jlong)(uintptr_t)wolfDTLSv1_3_method();
#else
return 0;
#endif
}
JNIEXPORT jlong JNICALL Java_com_wolfssl_WolfSSL_DTLSv1_13_1ServerMethod
(JNIEnv* jenv, jclass jcl)
{
(void)jenv;
(void)jcl;
#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_DTLS13)
return (jlong)(uintptr_t)wolfDTLSv1_3_server_method();
#else
return 0;
#endif
}
JNIEXPORT jlong JNICALL Java_com_wolfssl_WolfSSL_DTLSv1_13_1ClientMethod
(JNIEnv* jenv, jclass jcl)
{
(void)jenv;
(void)jcl;
#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_DTLS13)
return (jlong)(uintptr_t)wolfDTLSv1_3_client_method();
#else
return 0;
#endif #endif
} }
@ -1652,7 +1691,7 @@ JNIEXPORT jstring JNICALL Java_com_wolfssl_WolfSSL_getAvailableCipherSuitesIana
return NULL; return NULL;
} }
if (protocolVersion < 0 || protocolVersion > 5) { if (protocolVersion < 0 || protocolVersion > 8) {
printf("Input protocol version invalid: %d\n", protocolVersion); printf("Input protocol version invalid: %d\n", protocolVersion);
return NULL; return NULL;
} }
@ -1683,6 +1722,23 @@ JNIEXPORT jstring JNICALL Java_com_wolfssl_WolfSSL_getAvailableCipherSuitesIana
case 5: case 5:
method = wolfSSLv23_client_method(); method = wolfSSLv23_client_method();
break; break;
#ifdef WOLFSSL_DTLS
#ifndef NO_OLD_TLS
case 6:
method = wolfDTLSv1_client_method();
break;
#endif
#ifndef WOLFSSL_NO_TLS12
case 7:
method = wolfDTLSv1_2_client_method();
break;
#endif
#ifdef WOLFSSL_DTLS13
case 8:
method = wolfDTLSv1_3_client_method();
break;
#endif
#endif
default: default:
printf("Input protocol version invalid: %d\n", protocolVersion); printf("Input protocol version invalid: %d\n", protocolVersion);
return NULL; return NULL;
@ -1961,6 +2017,20 @@ JNIEXPORT jobjectArray JNICALL Java_com_wolfssl_WolfSSL_getProtocolsMask
if(!(mask & SSL_OP_NO_SSLv3)) if(!(mask & SSL_OP_NO_SSLv3))
numProtocols += 1; numProtocols += 1;
#endif #endif
#ifdef WOLFSSL_DTLS
#ifndef NO_OLD_TLS
/* DTLS 1.0 */
numProtocols += 1;
#endif
#ifndef WOLFSSL_NO_TLS12
/* DTLS 1.2 */
numProtocols += 1;
#endif
#ifdef WOLFSSL_DTLS13
/* DTLS 1.3 */
numProtocols += 1;
#endif
#endif /* WOLFSSL_DTLS */
ret = (*jenv)->NewObjectArray(jenv, numProtocols, ret = (*jenv)->NewObjectArray(jenv, numProtocols,
(*jenv)->FindClass(jenv, "java/lang/String"), NULL); (*jenv)->FindClass(jenv, "java/lang/String"), NULL);
@ -2031,6 +2101,42 @@ JNIEXPORT jobjectArray JNICALL Java_com_wolfssl_WolfSSL_getProtocolsMask
} }
} }
#endif #endif
#ifdef WOLFSSL_DTLS
#ifndef NO_OLD_TLS
/* DTLS 1.0 */
(*jenv)->SetObjectArrayElement(jenv, ret, idx++,
(*jenv)->NewStringUTF(jenv, "DTLSv1"));
if ((*jenv)->ExceptionOccurred(jenv)) {
(*jenv)->ExceptionDescribe(jenv);
(*jenv)->ExceptionClear(jenv);
(*jenv)->ThrowNew(jenv, jcl, "Error setting DTLSv1 string");
return NULL;
}
#endif
#ifndef WOLFSSL_NO_TLS12
/* DTLS 1.2 */
(*jenv)->SetObjectArrayElement(jenv, ret, idx++,
(*jenv)->NewStringUTF(jenv, "DTLSv1.2"));
if ((*jenv)->ExceptionOccurred(jenv)) {
(*jenv)->ExceptionDescribe(jenv);
(*jenv)->ExceptionClear(jenv);
(*jenv)->ThrowNew(jenv, jcl, "Error setting DTLSv1.2 string");
return NULL;
}
#endif
#ifdef WOLFSSL_DTLS13
/* DTLS 1.3 */
(*jenv)->SetObjectArrayElement(jenv, ret, idx++,
(*jenv)->NewStringUTF(jenv, "DTLSv1.3"));
if ((*jenv)->ExceptionOccurred(jenv)) {
(*jenv)->ExceptionDescribe(jenv);
(*jenv)->ExceptionClear(jenv);
(*jenv)->ThrowNew(jenv, jcl, "Error setting DTLSv1.3 string");
return NULL;
}
#endif
#endif
return ret; return ret;
} }

24
native/com_wolfssl_WolfSSL.h
View File

@ -885,6 +885,30 @@ JNIEXPORT jlong JNICALL Java_com_wolfssl_WolfSSL_DTLSv1_12_1ServerMethod
JNIEXPORT jlong JNICALL Java_com_wolfssl_WolfSSL_DTLSv1_12_1ClientMethod JNIEXPORT jlong JNICALL Java_com_wolfssl_WolfSSL_DTLSv1_12_1ClientMethod
(JNIEnv *, jclass); (JNIEnv *, jclass);
/*
* Class: com_wolfssl_WolfSSL
* Method: DTLSv1_3_Method
* Signature: ()J
*/
JNIEXPORT jlong JNICALL Java_com_wolfssl_WolfSSL_DTLSv1_13_1Method
(JNIEnv *, jclass);
/*
* Class: com_wolfssl_WolfSSL
* Method: DTLSv1_3_ServerMethod
* Signature: ()J
*/
JNIEXPORT jlong JNICALL Java_com_wolfssl_WolfSSL_DTLSv1_13_1ServerMethod
(JNIEnv *, jclass);
/*
* Class: com_wolfssl_WolfSSL
* Method: DTLSv1_3_ClientMethod
* Signature: ()J
*/
JNIEXPORT jlong JNICALL Java_com_wolfssl_WolfSSL_DTLSv1_13_1ClientMethod
(JNIEnv *, jclass);
/* /*
* Class: com_wolfssl_WolfSSL * Class: com_wolfssl_WolfSSL
* Method: SSLv23_Method * Method: SSLv23_Method

48
src/java/com/wolfssl/WolfSSL.java
View File

@ -51,7 +51,13 @@ public class WolfSSL {
/** TLS 1.3 */ /** TLS 1.3 */
TLSv1_3, TLSv1_3,
/** Downgrade starting from highest supported SSL/TLS version */ /** Downgrade starting from highest supported SSL/TLS version */
SSLv23 SSLv23,
/** DTLS 1.0 */
DTLSv1,
/** DTLS 1.2 */
DTLSv1_2,
/** DTLS 1.3 */
DTLSv1_3
} }
/* ------------------ wolfSSL JNI error codes ----------------------- */ /* ------------------ wolfSSL JNI error codes ----------------------- */
@ -1234,6 +1240,46 @@ public class WolfSSL {
*/ */
public static final native long DTLSv1_2_ClientMethod(); public static final native long DTLSv1_2_ClientMethod();
/**
* Indicates that the application will only support the DTLS 1.3 protocol.
* Application is side-independent at this time, and client/server side
* will be determined at connect/accept stage.
* This method allocates memory for and initializes a new native
* WOLFSSL_METHOD structure to be used when creating the SSL/TLS
* context with newContext().
*
* @return A pointer to the created WOLFSSL_METHOD structure if
* successful, null on failure.
* @see WolfSSLContext#newContext(long)
*/
public static final native long DTLSv1_3_Method();
/**
* Indicates that the application is a server and will only support the
* DTLS 1.3 protocol.
* This method allocates memory for and initializes a new native
* WOLFSSL_METHOD structure to be used when creating the SSL/TLS
* context with newContext().
*
* @return A pointer to the created WOLFSSL_METHOD structure if
* successful, null on failure.
* @see WolfSSLContext#newContext(long)
*/
public static final native long DTLSv1_3_ServerMethod();
/**
* Indicates that the application is a client and will only support the
* DTLS 1.3 protocol.
* This method allocates memory for and initializes a new native
* WOLFSSL_METHOD structure to be used when creating the SSL/TLS
* context with newContext().
*
* @return A pointer to the created WOLFSSL_METHOD structure if
* successful, null on failure.
* @see WolfSSLContext#newContext(long)
*/
public static final native long DTLSv1_3_ClientMethod();
/** /**
* Indicates that the application will use the highest possible SSL/TLS * Indicates that the application will use the highest possible SSL/TLS
* version from SSL 3.0 up to TLS 1.2, but is side-independent at creation * version from SSL 3.0 up to TLS 1.2, but is side-independent at creation

4
src/java/com/wolfssl/WolfSSLSession.java
View File

@ -2511,8 +2511,8 @@ public class WolfSSLSession {
/** /**
* Returns the SSL/TLS version being used with this session object in * Returns the SSL/TLS version being used with this session object in
* String format. * String format.
* Examples include "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "DTLS", and * Examples include "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "DTLS",
* "DTLS 1.2". * "DTLS 1.2", and "DTLS 1.3.
* *
* @return SSL/TLS protocol version being used in String format, * @return SSL/TLS protocol version being used in String format,
* or "unknown". * or "unknown".

20
src/java/com/wolfssl/provider/jsse/WolfSSLUtil.java
View File

@ -61,6 +61,11 @@ public class WolfSSLUtil {
* *
* jdk.tls.disabledAlgorithms="TLSv1, TLSv1.1" * jdk.tls.disabledAlgorithms="TLSv1, TLSv1.1"
* *
* This method force-removes DTLSv1.2 and DTLSv1.3 if the input
* protocols list advertises support for it. This is because native
* wolfSSL JNI supports DTLS but the JSSE layer does not yet. When
* DTLS support is added to wolfJSSE, this restriction can/will be removed.
*
* @param protocols Full list of protocols to sanitize/filter, should be * @param protocols Full list of protocols to sanitize/filter, should be
* in a format similar to: "TLSv1", "TLSv1.1", etc. * in a format similar to: "TLSv1", "TLSv1.1", etc.
* *
@ -73,16 +78,21 @@ public class WolfSSLUtil {
Security.getProperty("jdk.tls.disabledAlgorithms"); Security.getProperty("jdk.tls.disabledAlgorithms");
List<?> disabledList = null; List<?> disabledList = null;
/* If system property not set, no filtering needed */
if (disabledAlgos == null || disabledAlgos.isEmpty()) {
return protocols;
}
WolfSSLDebug.log(WolfSSLUtil.class, WolfSSLDebug.INFO, WolfSSLDebug.log(WolfSSLUtil.class, WolfSSLDebug.INFO,
"sanitizing enabled protocols"); "sanitizing enabled protocols");
WolfSSLDebug.log(WolfSSLUtil.class, WolfSSLDebug.INFO, WolfSSLDebug.log(WolfSSLUtil.class, WolfSSLDebug.INFO,
"jdk.tls.disabledAlgorithms: " + disabledAlgos); "jdk.tls.disabledAlgorithms: " + disabledAlgos);
/* Force remove DTLS from supported JSSE protocols. Currently only
* JNI layer supports DTLS, not JSSE. When JSSE layer gets DTLS
* support added, take this restriction out. */
if (disabledAlgos == null) {
disabledAlgos = "DTLSv1.2, DTLSv1.3";
}
else {
disabledAlgos += ",DTLSv1.2,DTLSv1.3";
}
/* Remove spaces after commas, split into List */ /* Remove spaces after commas, split into List */
disabledAlgos = disabledAlgos.replaceAll(", ",","); disabledAlgos = disabledAlgos.replaceAll(", ",",");
disabledList = Arrays.asList(disabledAlgos.split(",")); disabledList = Arrays.asList(disabledAlgos.split(","));

56
src/test/com/wolfssl/test/WolfSSLTest.java
View File

@ -27,6 +27,9 @@ import org.junit.runner.RunWith;
import org.junit.runners.JUnit4; import org.junit.runners.JUnit4;
import static org.junit.Assert.*; import static org.junit.Assert.*;
import java.util.Arrays;
import java.util.List;
import com.wolfssl.WolfSSL; import com.wolfssl.WolfSSL;
import com.wolfssl.WolfSSLException; import com.wolfssl.WolfSSLException;
@ -85,20 +88,45 @@ public class WolfSSLTest {
} }
public void test_WolfSSL_Method_Allocators(WolfSSL lib) { public void test_WolfSSL_Method_Allocators(WolfSSL lib) {
tstMethod(WolfSSL.SSLv3_ServerMethod(), "SSLv3_ServerMethod()"); /* Get protocols compiled into native wolfSSL */
tstMethod(WolfSSL.SSLv3_ClientMethod(), "SSLv3_ClientMethod()"); List<String> enabledProtocols = Arrays.asList(WolfSSL.getProtocols());
tstMethod(WolfSSL.TLSv1_ServerMethod(), "TLSv1_ServerMethod()");
tstMethod(WolfSSL.TLSv1_ClientMethod(), "TLSv1_ClientMethod()"); if (enabledProtocols.contains("SSLv3")) {
tstMethod(WolfSSL.TLSv1_1_ServerMethod(), "TLSv1_1_ServerMethod()"); tstMethod(WolfSSL.SSLv3_ServerMethod(), "SSLv3_ServerMethod()");
tstMethod(WolfSSL.TLSv1_1_ClientMethod(), "TLSv1_1_ClientMethod()"); tstMethod(WolfSSL.SSLv3_ClientMethod(), "SSLv3_ClientMethod()");
tstMethod(WolfSSL.TLSv1_2_ServerMethod(), "TLSv1_2_ServerMethod()"); }
tstMethod(WolfSSL.TLSv1_2_ClientMethod(), "TLSv1_2_ClientMethod()"); if (enabledProtocols.contains("TLSv1")) {
tstMethod(WolfSSL.TLSv1_3_ServerMethod(), "TLSv1_3_ServerMethod()"); tstMethod(WolfSSL.TLSv1_ServerMethod(), "TLSv1_ServerMethod()");
tstMethod(WolfSSL.TLSv1_3_ClientMethod(), "TLSv1_3_ClientMethod()"); tstMethod(WolfSSL.TLSv1_ClientMethod(), "TLSv1_ClientMethod()");
tstMethod(WolfSSL.DTLSv1_ServerMethod(), "DTLSv1_ServerMethod()"); }
tstMethod(WolfSSL.DTLSv1_ClientMethod(), "DTLSv1_ClientMethod()"); if (enabledProtocols.contains("TLSv1.1")) {
tstMethod(WolfSSL.DTLSv1_2_ServerMethod(), "DTLSv1_2_ServerMethod()"); tstMethod(WolfSSL.TLSv1_1_ServerMethod(), "TLSv1_1_ServerMethod()");
tstMethod(WolfSSL.DTLSv1_2_ClientMethod(), "DTLSv1_2_ClientMethod()"); tstMethod(WolfSSL.TLSv1_1_ClientMethod(), "TLSv1_1_ClientMethod()");
}
if (enabledProtocols.contains("TLSv1.2")) {
tstMethod(WolfSSL.TLSv1_2_ServerMethod(), "TLSv1_2_ServerMethod()");
tstMethod(WolfSSL.TLSv1_2_ClientMethod(), "TLSv1_2_ClientMethod()");
}
if (enabledProtocols.contains("TLSv1.3")) {
tstMethod(WolfSSL.TLSv1_3_ServerMethod(), "TLSv1_3_ServerMethod()");
tstMethod(WolfSSL.TLSv1_3_ClientMethod(), "TLSv1_3_ClientMethod()");
}
if (enabledProtocols.contains("DTLSv1")) {
tstMethod(WolfSSL.DTLSv1_ServerMethod(), "DTLSv1_ServerMethod()");
tstMethod(WolfSSL.DTLSv1_ClientMethod(), "DTLSv1_ClientMethod()");
}
if (enabledProtocols.contains("DTLSv1.2")) {
tstMethod(WolfSSL.DTLSv1_2_ServerMethod(),
"DTLSv1_2_ServerMethod()");
tstMethod(WolfSSL.DTLSv1_2_ClientMethod(),
"DTLSv1_2_ClientMethod()");
}
if (enabledProtocols.contains("DTLSv1.3")) {
tstMethod(WolfSSL.DTLSv1_3_ServerMethod(),
"DTLSv1_3_ServerMethod()");
tstMethod(WolfSSL.DTLSv1_3_ClientMethod(),
"DTLSv1_3_ClientMethod()");
}
tstMethod(WolfSSL.SSLv23_ServerMethod(), "SSLv23_ServerMethod()"); tstMethod(WolfSSL.SSLv23_ServerMethod(), "SSLv23_ServerMethod()");
tstMethod(WolfSSL.SSLv23_ClientMethod(), "SSLv23_ClientMethod()"); tstMethod(WolfSSL.SSLv23_ClientMethod(), "SSLv23_ClientMethod()");
} }