1 /*

     2  * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.

     3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

     4  *

     5  * This code is free software; you can redistribute it and/or modify it

     6  * under the terms of the GNU General Public License version 2 only, as

     7  * published by the Free Software Foundation.

     8  *

     9  * This code is distributed in the hope that it will be useful, but WITHOUT

    10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

    11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

    12  * version 2 for more details (a copy is included in the LICENSE file that

    13  * accompanied this code).

    14  *

    15  * You should have received a copy of the GNU General Public License version

    16  * 2 along with this work; if not, write to the Free Software Foundation,

    17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

    18  *

    19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

    20  * or visit www.oracle.com if you need additional information or have any

    21  * questions.

    22  */

    23 

    24 import java.net.URI;

    25 import java.net.http.HttpClient;

    26 import java.net.http.HttpClient.Version;

    27 import java.net.http.HttpResponse.BodyHandler;

    28 import static java.net.http.HttpResponse.BodyHandler.asString;

    29 import java.net.http.HttpRequest;

    30 import java.net.http.HttpResponse;

    31 import javax.net.ssl.SSLContext;

    32 import javax.net.ssl.SSLParameters;

    33 

    34 /*

    35  * @test

    36  * @build Server CertificateTest

    37  * @run main/othervm CertificateTest good

    38  * @run main/othervm CertificateTest bad

    39  */

    40 

    41 /**

    42  * The test runs twice. In both cases it uses a valid self-signed certificate

    43  * that is installed in the trust store (so is trusted) and the same cert is supplied

    44  * by the server for its own identity. Two servers on two different ports are used

    45  * on the remote end.

    46  *

    47  * For the "good" run the cert contains the correct hostname of the target server

    48  * and therefore should be accepted by the cert checking code in the client.

    49  * For the "bad" run, the cert contains an invalid hostname, and should be rejected.

    50  */

    51 public class CertificateTest {

    52     static SSLContext ctx;

    53     static SSLParameters params;

    54     static boolean good;

    55     static String trustStoreProp;

    56     static String suffix;

    57     static Server server;

    58     static int port;

    59 

    60     static String TESTSRC = System.getProperty("test.src");

    61     public static void main(String[] args) throws Exception

    62     {

    63         try {

    64             if (args[0].equals("good")) {

    65                 good = true;

    66                 trustStoreProp = TESTSRC + "/good.keystore";

    67             } else {

    68                 good = false;

    69                 trustStoreProp = TESTSRC + "/bad.keystore";

    70             }

    71             server = new Server(trustStoreProp);

    72             port = server.getPort();

    73             System.setProperty("javax.net.ssl.trustStore", trustStoreProp);

    74             System.setProperty("javax.net.ssl.trustStorePassword", "passphrase");

    75             init();

    76             test(args);

    77         } finally {

    78             server.stop();

    79         }

    80     }

    81 

    82     static void init() throws Exception

    83     {

    84         ctx = SSLContext.getDefault();

    85         params = ctx.getDefaultSSLParameters();

    86         //params.setProtocols(new String[] { "TLSv1.2" });

    87     }

    88 

    89     static void test(String[] args) throws Exception

    90     {

    91         String uri_s = "https://127.0.0.1:" + Integer.toString(port) + "/foo";

    92         String error = null;

    93         Exception exception = null;

    94         System.out.println("Making request to " + uri_s);

    95         HttpClient client = HttpClient.newBuilder()

    96                 .sslContext(ctx)

    97                 .sslParameters(params)

    98                 .build();

    99 

   100         HttpRequest request = HttpRequest.newBuilder(new URI(uri_s))

   101                 .version(HttpClient.Version.HTTP_1_1)

   102                 .GET()

   103                 .build();

   104 

   105         try {

   106             HttpResponse<String> response = client.send(request, asString());

   107             System.out.printf("Status code %d received\n", response.statusCode());

   108             if (good && response.statusCode() != 200)

   109                 error = "Test failed: good: status should be 200";

   110             else if (!good)

   111                 error = "Test failed: bad: status should not be 200";

   112         } catch (Exception e) {

   113             System.err.println("Exception good = " + good);

   114             exception = e;

   115             if (good)

   116                 error = "Test failed: good: got exception";

   117         }

   118         if (error != null)

   119             throw new RuntimeException(error, exception);

   120     }

   121 }