jdk-sandbox: jdk/test/javax/net/ssl/TLSv11/EmptyCertificateAuthorities.java@83e2c403fefd (annotated)

7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	1	/*
22268 d72c97c708ae 8030829: Add MD5 to jdk.certpath.disabledAlgorithms security property xuelei parents: 14342 diff changeset	2	* Copyright (c) 2010, 2014, Oracle and/or its affiliates. All rights reserved.
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	4	*
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	7	* published by the Free Software Foundation. Oracle designates this
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	8	* particular file as subject to the "Classpath" exception as provided
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	9	* by Oracle in the LICENSE file that accompanied this code.
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	10	*
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	11	* This code is distributed in the hope that it will be useful, but WITHOUT
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	12	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	13	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	14	* version 2 for more details (a copy is included in the LICENSE file that
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	15	* accompanied this code).
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	16	*
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	17	* You should have received a copy of the GNU General Public License version
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	18	* 2 along with this work; if not, write to the Free Software Foundation,
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	19	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	20	*
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	21	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	22	* or visit www.oracle.com if you need additional information or have any
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	23	* questions.
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	24	*/
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	25
22268 d72c97c708ae 8030829: Add MD5 to jdk.certpath.disabledAlgorithms security property xuelei parents: 14342 diff changeset	26	//
d72c97c708ae 8030829: Add MD5 to jdk.certpath.disabledAlgorithms security property xuelei parents: 14342 diff changeset	27	// SunJSSE does not support dynamic system properties, no way to re-use
d72c97c708ae 8030829: Add MD5 to jdk.certpath.disabledAlgorithms security property xuelei parents: 14342 diff changeset	28	// system properties in samevm/agentvm mode.
d72c97c708ae 8030829: Add MD5 to jdk.certpath.disabledAlgorithms security property xuelei parents: 14342 diff changeset	29	//
d72c97c708ae 8030829: Add MD5 to jdk.certpath.disabledAlgorithms security property xuelei parents: 14342 diff changeset	30
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	31	/*
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	32	* @test
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	33	* @bug 4873188
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	34	* @summary Support TLS 1.1
10328 06c93c42bca0 7055363: jdk_security3 test target cleanup weijun parents: 7039 diff changeset	35	* @run main/othervm EmptyCertificateAuthorities
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	36	* @author Xuelei Fan
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	37	*/
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	38
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	39	import java.io.*;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	40	import java.net.*;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	41	import java.security.*;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	42	import java.security.cert.*;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	43	import javax.net.ssl.*;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	44
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	45	public class EmptyCertificateAuthorities {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	46
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	47	/*
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	48	* =============================================================
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	49	* Set the various variables needed for the tests, then
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	50	* specify what tests to run on each side.
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	51	*/
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	52
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	53	/*
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	54	* Should we run the client or server in a separate thread?
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	55	* Both sides can throw exceptions, but do you have a preference
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	56	* as to which side should be the main thread.
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	57	*/
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	58	static boolean separateServerThread = false;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	59
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	60	/*
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	61	* Where do we find the keystores?
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	62	*/
23052 241885315119 8032473: Restructure JSSE regression test hierarchy in jdk test xuelei parents: 22268 diff changeset	63	static String pathToStores = "../etc";
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	64	static String keyStoreFile = "keystore";
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	65	static String trustStoreFile = "truststore";
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	66	static String passwd = "passphrase";
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	67
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	68	/*
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	69	* Is the server ready to serve?
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	70	*/
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	71	volatile static boolean serverReady = false;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	72
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	73	/*
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	74	* Turn on SSL debugging?
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	75	*/
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	76	static boolean debug = false;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	77
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	78	/*
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	79	* If the client or server is doing some kind of object creation
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	80	* that the other side depends on, and that thread prematurely
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	81	* exits, you may experience a hang. The test harness will
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	82	* terminate all hung threads after its timeout has expired,
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	83	* currently 3 minutes by default, but you might try to be
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	84	* smart about it....
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	85	*/
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	86
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	87	/*
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	88	* Define the server side of the test.
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	89	*
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	90	* If the server prematurely exits, serverReady will be set to true
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	91	* to avoid infinite hangs.
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	92	*/
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	93	void doServerSide() throws Exception {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	94	SSLServerSocketFactory sslssf = getSSLServerSF();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	95	SSLServerSocket sslServerSocket =
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	96	(SSLServerSocket) sslssf.createServerSocket(serverPort);
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	97
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	98	// require client authentication.
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	99	sslServerSocket.setNeedClientAuth(true);
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	100
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	101	serverPort = sslServerSocket.getLocalPort();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	102
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	103	/*
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	104	* Signal Client, we're ready for his connect.
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	105	*/
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	106	serverReady = true;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	107
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	108	SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	109	InputStream sslIS = sslSocket.getInputStream();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	110	OutputStream sslOS = sslSocket.getOutputStream();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	111
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	112	sslIS.read();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	113	sslOS.write('A');
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	114	sslOS.flush();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	115
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	116	sslSocket.close();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	117	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	118
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	119	/*
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	120	* Define the client side of the test.
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	121	*
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	122	* If the server prematurely exits, serverReady will be set to true
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	123	* to avoid infinite hangs.
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	124	*/
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	125	void doClientSide() throws Exception {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	126
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	127	/*
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	128	* Wait for server to get started.
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	129	*/
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	130	while (!serverReady) {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	131	Thread.sleep(50);
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	132	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	133
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	134	SSLSocketFactory sslsf =
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	135	(SSLSocketFactory) SSLSocketFactory.getDefault();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	136	SSLSocket sslSocket = (SSLSocket)
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	137	sslsf.createSocket("localhost", serverPort);
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	138
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	139	// enable TLSv1.1 only
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	140	sslSocket.setEnabledProtocols(new String[] {"TLSv1.1"});
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	141
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	142	InputStream sslIS = sslSocket.getInputStream();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	143	OutputStream sslOS = sslSocket.getOutputStream();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	144
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	145	sslOS.write('B');
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	146	sslOS.flush();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	147	sslIS.read();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	148
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	149	sslSocket.close();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	150	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	151
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	152	private SSLServerSocketFactory getSSLServerSF() throws Exception {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	153
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	154	char [] password =
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	155	System.getProperty("javax.net.ssl.keyStorePassword").toCharArray();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	156	String keyFilename = System.getProperty("javax.net.ssl.keyStore");
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	157
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	158	KeyStore ks = KeyStore.getInstance("JKS");
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	159	ks.load(new FileInputStream(keyFilename), password);
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	160
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	161	KeyManagerFactory kmf = KeyManagerFactory.getInstance("NewSunX509");
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	162	kmf.init(ks, password);
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	163
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	164	KeyManager[] kms = kmf.getKeyManagers();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	165	TrustManager[] tms = new MyX509TM[] {new MyX509TM()};
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	166
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	167	SSLContext ctx = SSLContext.getInstance("TLS");
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	168	ctx.init(kms, tms, null);
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	169
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	170	return ctx.getServerSocketFactory();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	171	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	172
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	173
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	174	static class MyX509TM implements X509TrustManager {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	175	X509TrustManager tm;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	176
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	177	public void checkClientTrusted(X509Certificate[] chain,
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	178	String authType) throws CertificateException {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	179	if (tm == null) {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	180	initialize();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	181	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	182	tm.checkClientTrusted(chain, authType);
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	183	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	184
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	185	public void checkServerTrusted(X509Certificate[] chain,
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	186	String authType) throws CertificateException {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	187	if (tm == null) {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	188	initialize();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	189	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	190	tm.checkServerTrusted(chain, authType);
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	191	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	192
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	193	public X509Certificate[] getAcceptedIssuers() {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	194	// always return empty array
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	195	return new X509Certificate[0];
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	196	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	197
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	198	private void initialize() throws CertificateException {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	199	String passwd =
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	200	System.getProperty("javax.net.ssl.trustStorePassword");
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	201	char [] password = passwd.toCharArray();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	202	String trustFilename =
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	203	System.getProperty("javax.net.ssl.trustStore");
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	204
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	205	try {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	206	KeyStore ks = KeyStore.getInstance("JKS");
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	207	ks.load(new FileInputStream(trustFilename), password);
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	208
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	209	TrustManagerFactory tmf =
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	210	TrustManagerFactory.getInstance("PKIX");
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	211	tmf.init(ks);
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	212	tm = (X509TrustManager)tmf.getTrustManagers()[0];
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	213	} catch (Exception e) {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	214	throw new CertificateException("Unable to initialize TM");
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	215	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	216
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	217	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	218	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	219
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	220	/*
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	221	* =============================================================
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	222	* The remainder is just support stuff
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	223	*/
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	224
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	225	// use any free port by default
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	226	volatile int serverPort = 0;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	227
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	228	volatile Exception serverException = null;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	229	volatile Exception clientException = null;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	230
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	231	public static void main(String[] args) throws Exception {
22268 d72c97c708ae 8030829: Add MD5 to jdk.certpath.disabledAlgorithms security property xuelei parents: 14342 diff changeset	232	// MD5 is used in this test case, don't disable MD5 algorithm.
d72c97c708ae 8030829: Add MD5 to jdk.certpath.disabledAlgorithms security property xuelei parents: 14342 diff changeset	233	Security.setProperty(
d72c97c708ae 8030829: Add MD5 to jdk.certpath.disabledAlgorithms security property xuelei parents: 14342 diff changeset	234	"jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
d72c97c708ae 8030829: Add MD5 to jdk.certpath.disabledAlgorithms security property xuelei parents: 14342 diff changeset	235
7039 6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	236	String keyFilename =
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	237	System.getProperty("test.src", ".") + "/" + pathToStores +
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	238	"/" + keyStoreFile;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	239	String trustFilename =
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	240	System.getProperty("test.src", ".") + "/" + pathToStores +
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	241	"/" + trustStoreFile;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	242
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	243	System.setProperty("javax.net.ssl.keyStore", keyFilename);
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	244	System.setProperty("javax.net.ssl.keyStorePassword", passwd);
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	245	System.setProperty("javax.net.ssl.trustStore", trustFilename);
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	246	System.setProperty("javax.net.ssl.trustStorePassword", passwd);
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	247
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	248	if (debug)
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	249	System.setProperty("javax.net.debug", "all");
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	250
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	251	/*
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	252	* Start the tests.
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	253	*/
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	254	new EmptyCertificateAuthorities();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	255	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	256
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	257	Thread clientThread = null;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	258	Thread serverThread = null;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	259
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	260	/*
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	261	* Primary constructor, used to drive remainder of the test.
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	262	*
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	263	* Fork off the other side, then do your work.
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	264	*/
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	265	EmptyCertificateAuthorities() throws Exception {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	266	try {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	267	if (separateServerThread) {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	268	startServer(true);
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	269	startClient(false);
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	270	} else {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	271	startClient(true);
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	272	startServer(false);
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	273	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	274	} catch (Exception e) {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	275	// swallow for now. Show later
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	276	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	277
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	278	/*
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	279	* Wait for other side to close down.
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	280	*/
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	281	if (separateServerThread) {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	282	serverThread.join();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	283	} else {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	284	clientThread.join();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	285	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	286
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	287	/*
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	288	* When we get here, the test is pretty much over.
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	289	* Which side threw the error?
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	290	*/
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	291	Exception local;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	292	Exception remote;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	293	String whichRemote;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	294
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	295	if (separateServerThread) {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	296	remote = serverException;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	297	local = clientException;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	298	whichRemote = "server";
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	299	} else {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	300	remote = clientException;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	301	local = serverException;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	302	whichRemote = "client";
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	303	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	304
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	305	/*
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	306	* If both failed, return the curthread's exception, but also
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	307	* print the remote side Exception
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	308	*/
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	309	if ((local != null) && (remote != null)) {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	310	System.out.println(whichRemote + " also threw:");
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	311	remote.printStackTrace();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	312	System.out.println();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	313	throw local;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	314	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	315
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	316	if (remote != null) {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	317	throw remote;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	318	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	319
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	320	if (local != null) {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	321	throw local;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	322	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	323	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	324
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	325	void startServer(boolean newThread) throws Exception {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	326	if (newThread) {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	327	serverThread = new Thread() {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	328	public void run() {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	329	try {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	330	doServerSide();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	331	} catch (Exception e) {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	332	/*
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	333	* Our server thread just died.
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	334	*
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	335	* Release the client, if not active already...
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	336	*/
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	337	System.err.println("Server died...");
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	338	serverReady = true;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	339	serverException = e;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	340	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	341	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	342	};
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	343	serverThread.start();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	344	} else {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	345	try {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	346	doServerSide();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	347	} catch (Exception e) {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	348	serverException = e;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	349	} finally {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	350	serverReady = true;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	351	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	352	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	353	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	354
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	355	void startClient(boolean newThread) throws Exception {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	356	if (newThread) {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	357	clientThread = new Thread() {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	358	public void run() {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	359	try {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	360	doClientSide();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	361	} catch (Exception e) {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	362	/*
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	363	* Our client thread just died.
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	364	*/
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	365	System.err.println("Client died...");
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	366	clientException = e;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	367	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	368	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	369	};
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	370	clientThread.start();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	371	} else {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	372	try {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	373	doClientSide();
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	374	} catch (Exception e) {
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	375	clientException = e;
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	376	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	377	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	378	}
6464c8e62a18 4873188: Support TLS 1.1 xuelei parents: diff changeset	379	}

author	prr
	Thu, 18 Dec 2014 10:45:45 -0800
changeset 29908	83e2c403fefd
parent 23052	241885315119
child 35298	9f93cbce8c44
permissions	-rw-r--r--