1 /* |
1 /* |
2 * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved. |
2 * Copyright (c) 2015, 2018, Oracle and/or its affiliates. All rights reserved. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 * |
4 * |
5 * This code is free software; you can redistribute it and/or modify it |
5 * This code is free software; you can redistribute it and/or modify it |
6 * under the terms of the GNU General Public License version 2 only, as |
6 * under the terms of the GNU General Public License version 2 only, as |
7 * published by the Free Software Foundation. |
7 * published by the Free Software Foundation. |
192 |
192 |
193 // In this case the server should also have thrown an exception |
193 // In this case the server should also have thrown an exception |
194 // because of the client alert |
194 // because of the client alert |
195 if (tr.serverExc instanceof SSLHandshakeException) { |
195 if (tr.serverExc instanceof SSLHandshakeException) { |
196 if (!tr.serverExc.getMessage().contains( |
196 if (!tr.serverExc.getMessage().contains( |
197 "alert: bad_certificate_status_response")) { |
197 "bad_certificate_status_response")) { |
198 throw tr.serverExc; |
198 throw tr.serverExc; |
199 } |
199 } |
200 } |
200 } |
201 |
201 |
202 System.out.println(" PASS"); |
202 System.out.println(" PASS"); |
232 KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); |
232 KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); |
233 kmf.init(serverKeystore, passwd.toCharArray()); |
233 kmf.init(serverKeystore, passwd.toCharArray()); |
234 TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509"); |
234 TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509"); |
235 tmf.init(trustStore); |
235 tmf.init(trustStore); |
236 |
236 |
237 SSLContext sslc = SSLContext.getInstance("TLS"); |
237 SSLContext sslc = SSLContext.getInstance("TLSv1.2"); |
238 sslc.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); |
238 sslc.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); |
239 |
239 |
240 SSLServerSocketFactory sslssf = sslc.getServerSocketFactory(); |
240 SSLServerSocketFactory sslssf = sslc.getServerSocketFactory(); |
241 SSLServerSocket sslServerSocket = |
241 SSLServerSocket sslServerSocket = |
242 (SSLServerSocket) sslssf.createServerSocket(serverPort); |
242 (SSLServerSocket) sslssf.createServerSocket(serverPort); |
331 |
331 |
332 int contentLength = tlsConn.getContentLength(); |
332 int contentLength = tlsConn.getContentLength(); |
333 if (contentLength == -1) { |
333 if (contentLength == -1) { |
334 contentLength = Integer.MAX_VALUE; |
334 contentLength = Integer.MAX_VALUE; |
335 } |
335 } |
336 byte[] response = new byte[contentLength > 2048 ? 2048 : contentLength]; |
336 byte[] response = new byte[contentLength > 2048 ? 2048 : |
|
337 contentLength]; |
337 int total = 0; |
338 int total = 0; |
338 while (total < contentLength) { |
339 while (total < contentLength) { |
339 int count = in.read(response, total, response.length - total); |
340 int count = in.read(response, total, response.length - total); |
340 if (count < 0) |
341 if (count < 0) |
341 break; |
342 break; |
389 } |
390 } |
390 |
391 |
391 /** |
392 /** |
392 * Checks a validation failure to see if it failed for the reason we think |
393 * Checks a validation failure to see if it failed for the reason we think |
393 * it should. This comes in as an SSLException of some sort, but it |
394 * it should. This comes in as an SSLException of some sort, but it |
394 * encapsulates a ValidatorException which in turn encapsulates the |
395 * encapsulates a CertPathValidatorException at some point in the |
395 * CertPathValidatorException we are interested in. |
396 * exception stack. |
396 * |
397 * |
397 * @param e the exception thrown at the top level |
398 * @param e the exception thrown at the top level |
398 * @param reason the underlying CertPathValidatorException BasicReason |
399 * @param reason the underlying CertPathValidatorException BasicReason |
399 * we are expecting it to have. |
400 * we are expecting it to have. |
400 * |
401 * |
402 */ |
403 */ |
403 static boolean checkClientValidationFailure(Exception e, |
404 static boolean checkClientValidationFailure(Exception e, |
404 BasicReason reason) { |
405 BasicReason reason) { |
405 boolean result = false; |
406 boolean result = false; |
406 |
407 |
407 if (e instanceof SSLException) { |
408 // Locate the CertPathValidatorException. If one |
408 Throwable valExc = e.getCause(); |
409 // Does not exist, then it's an automatic failure of |
409 if (valExc instanceof sun.security.validator.ValidatorException) { |
410 // the test. |
410 Throwable cause = valExc.getCause(); |
411 Throwable curExc = e; |
411 if (cause instanceof CertPathValidatorException) { |
412 CertPathValidatorException cpve = null; |
412 CertPathValidatorException cpve = |
413 while (curExc != null) { |
413 (CertPathValidatorException)cause; |
414 if (curExc instanceof CertPathValidatorException) { |
414 if (cpve.getReason() == reason) { |
415 cpve = (CertPathValidatorException)curExc; |
415 result = true; |
416 } |
416 } |
417 curExc = curExc.getCause(); |
417 } |
418 } |
418 } |
419 |
419 } |
420 // If we get through the loop and cpve is null then we |
|
421 // we didn't find CPVE and this is a failure |
|
422 if (cpve != null) { |
|
423 if (cpve.getReason() == reason) { |
|
424 result = true; |
|
425 } else { |
|
426 System.out.println("CPVE Reason Mismatch: Expected = " + |
|
427 reason + ", Actual = " + cpve.getReason()); |
|
428 } |
|
429 } else { |
|
430 System.out.println("Failed to find an expected CPVE"); |
|
431 } |
|
432 |
420 return result; |
433 return result; |
421 } |
434 } |
422 |
435 |
423 TestResult getResult() { |
436 TestResult getResult() { |
424 TestResult tr = new TestResult(); |
437 TestResult tr = new TestResult(); |
715 } |
728 } |
716 |
729 |
717 static class TestResult { |
730 static class TestResult { |
718 Exception serverExc = null; |
731 Exception serverExc = null; |
719 Exception clientExc = null; |
732 Exception clientExc = null; |
|
733 |
|
734 @Override |
|
735 public String toString() { |
|
736 StringBuilder sb = new StringBuilder(); |
|
737 sb.append("Test Result:\n"). |
|
738 append("\tServer Exc = ").append(serverExc).append("\n"). |
|
739 append("\tClient Exc = ").append(clientExc).append("\n"); |
|
740 return sb.toString(); |
|
741 } |
720 } |
742 } |
721 |
743 |
722 static class HtucSSLSocketFactory extends SSLSocketFactory { |
744 static class HtucSSLSocketFactory extends SSLSocketFactory { |
723 SSLContext sslc = SSLContext.getInstance("TLS"); |
745 SSLContext sslc = SSLContext.getInstance("TLSv1.2"); |
724 |
746 |
725 HtucSSLSocketFactory(ClientParameters cliParams) |
747 HtucSSLSocketFactory(ClientParameters cliParams) |
726 throws GeneralSecurityException { |
748 throws GeneralSecurityException { |
727 super(); |
749 super(); |
728 |
750 |