1 /*

     2  * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.

     3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

     4  *

     5  * This code is free software; you can redistribute it and/or modify it

     6  * under the terms of the GNU General Public License version 2 only, as

     7  * published by the Free Software Foundation.

     8  *

     9  * This code is distributed in the hope that it will be useful, but WITHOUT

    10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

    11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

    12  * version 2 for more details (a copy is included in the LICENSE file that

    13  * accompanied this code).

    14  *

    15  * You should have received a copy of the GNU General Public License version

    16  * 2 along with this work; if not, write to the Free Software Foundation,

    17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

    18  *

    19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

    20  * or visit www.oracle.com if you need additional information or have any

    21  * questions.

    22  */

    23 

    24 import com.sun.net.httpserver.*;

    25 import java.io.*;

    26 import java.net.InetSocketAddress;

    27 import java.net.URI;

    28 import java.security.*;

    29 import java.util.*;

    30 import java.util.logging.*;

    31 import java.util.concurrent.Executors;

    32 import java.util.concurrent.ExecutorService;

    33 import javax.net.ssl.*;

    34 

    35 public class Server {

    36 

    37     HttpsServer server;

    38     final ExecutorService exec;

    39     final int port;

    40 

    41     // certfile: needs to be good or bad, ie. bad contains an otherwise valid

    42     // cert but whose CN contains a different host. good must be correct

    43 

    44     // assuming the TLS handshake succeeds, the server returns a 200 OK

    45     // response with a short text string.

    46     public Server(String certfile) throws Exception {

    47         initLogger();

    48         SSLContext ctx = getContext("TLSv1.2", certfile);

    49         Configurator cfg = new Configurator(ctx);

    50         server = HttpsServer.create(new InetSocketAddress(0), 10);

    51         server.setHttpsConfigurator(cfg);

    52         server.createContext("/", new MyHandler());

    53         server.setExecutor((exec=Executors.newCachedThreadPool()));

    54         port = server.getAddress().getPort();

    55         System.out.println ("Listening on port " + port);

    56         server.start();

    57     }

    58 

    59     int getPort() {

    60         return port;

    61     }

    62 

    63     void stop() {

    64         server.stop(1);

    65         exec.shutdownNow();

    66     }

    67 

    68     SSLContext getContext(String protocol, String certfile) throws Exception {

    69         char[] passphrase = "passphrase".toCharArray();

    70         KeyStore ks = KeyStore.getInstance("JKS");

    71         ks.load(new FileInputStream(certfile), passphrase);

    72 

    73         KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");

    74         kmf.init(ks, passphrase);

    75 

    76         TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");

    77         tmf.init(ks);

    78 

    79         SSLContext ssl = SSLContext.getInstance(protocol);

    80         ssl.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);

    81         return ssl;

    82     }

    83 

    84     Logger logger;

    85 

    86     void initLogger() {

    87         logger = Logger.getLogger("com.sun.net.httpserver");

    88         Handler h = new ConsoleHandler();

    89         logger.setLevel(Level.ALL);

    90         h.setLevel(Level.ALL);

    91         logger.addHandler(h);

    92     }

    93 

    94     String responseBody = "Greetings from localhost";

    95 

    96     class MyHandler implements HttpHandler {

    97 

    98         @Override

    99         public void handle(HttpExchange e) throws IOException {

   100             System.out.println("Server: received " + e.getRequestURI());

   101             InputStream is = e.getRequestBody();

   102             byte[] buf = new byte[128];

   103             while (is.read(buf) != -1);

   104             is.close();

   105             e.sendResponseHeaders(200, responseBody.length());

   106             OutputStream os = e.getResponseBody();

   107             os.write(responseBody.getBytes("ISO8859_1"));

   108             os.close();

   109         }

   110     }

   111 

   112     class Configurator extends HttpsConfigurator {

   113         public Configurator(SSLContext ctx) throws Exception {

   114             super(ctx);

   115         }

   116 

   117         public void configure(HttpsParameters params) {

   118             SSLParameters p = getSSLContext().getDefaultSSLParameters();

   119             for (String cipher : p.getCipherSuites())

   120                 System.out.println("Cipher: " + cipher);

   121             System.err.println("PArams = " + p);

   122             params.setSSLParameters(p);

   123         }

   124     }

   125 }