CoCalc -- ClientHelloInterOp.java

GitHub Repository: PojavLauncherTeam/mobile
Path: blob/master/test/jdk/javax/net/ssl/interop/ClientHelloInterOp.java
⁴¹¹⁵² views
1
/*
2
 * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
 *
5
 * This code is free software; you can redistribute it and/or modify it
6
 * under the terms of the GNU General Public License version 2 only, as
7
 * published by the Free Software Foundation.
8
 *
9
 * This code is distributed in the hope that it will be useful, but WITHOUT
10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12
 * version 2 for more details (a copy is included in the LICENSE file that
13
 * accompanied this code).
14
 *
15
 * You should have received a copy of the GNU General Public License version
16
 * 2 along with this work; if not, write to the Free Software Foundation,
17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18
 *
19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20
 * or visit www.oracle.com if you need additional information or have any
21
 * questions.
22
 */
23

24
import javax.net.ssl.*;
25
import javax.net.ssl.SSLEngineResult.*;
26
import java.io.*;
27
import java.nio.*;
28
import java.security.KeyStore;
29
import java.security.PrivateKey;
30
import java.security.KeyFactory;
31
import java.security.cert.Certificate;
32
import java.security.cert.CertificateFactory;
33
import java.security.spec.*;
34
import java.util.Base64;
35

36
public abstract class ClientHelloInterOp {
37

38
    /*
39
     * Certificates and keys used in the test.
40
     */
41
    // Trusted certificates.
42
    private final static String[] trustedCertStrs = {
43
        // SHA256withECDSA, curve prime256v1
44
        // Validity
45
        //     Not Before: Nov  9 03:24:05 2016 GMT
46
        //     Not After : Oct 20 03:24:05 2037 GMT
47
        "-----BEGIN CERTIFICATE-----\n" +
48
        "MIICHDCCAcGgAwIBAgIJAM83C/MVp9F5MAoGCCqGSM49BAMCMDsxCzAJBgNVBAYT\n" +
49
        "AlVTMQ0wCwYDVQQKEwRKYXZhMR0wGwYDVQQLExRTdW5KU1NFIFRlc3QgU2VyaXZj\n" +
50
        "ZTAeFw0xNjExMDkwMzI0MDVaFw0zNzEwMjAwMzI0MDVaMDsxCzAJBgNVBAYTAlVT\n" +
51
        "MQ0wCwYDVQQKEwRKYXZhMR0wGwYDVQQLExRTdW5KU1NFIFRlc3QgU2VyaXZjZTBZ\n" +
52
        "MBMGByqGSM49AgEGCCqGSM49AwEHA0IABGeQXwyeNyU4UAATfwUbMO5zaREI21Wh\n" +
53
        "bds6WDu+PmfK8SWsTgsgpYxBRui+fZtYqSmbdjkurvAQ3j2fvN++BtWjga0wgaow\n" +
54
        "HQYDVR0OBBYEFDF/OeJ82qBSRkAm1rdZUPbWfDzyMGsGA1UdIwRkMGKAFDF/OeJ8\n" +
55
        "2qBSRkAm1rdZUPbWfDzyoT+kPTA7MQswCQYDVQQGEwJVUzENMAsGA1UEChMESmF2\n" +
56
        "YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2WCCQDPNwvzFafReTAPBgNV\n" +
57
        "HRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNJADBGAiEAlHQY\n" +
58
        "QFPlODOsjLVQYSxgeSUvYzMp0vP8naeVB9bfFG8CIQCFfrKZvhq9z3bOtlYKxs2a\n" +
59
        "EWUjUZ82a1JTqkP+lgHY5A==\n" +
60
        "-----END CERTIFICATE-----",
61

62
        // SHA256withRSA, 2048 bits
63
        // Validity
64
        //     Not Before: Nov  9 03:24:16 2016 GMT
65
        //     Not After : Oct 20 03:24:16 2037 GMT
66
        "-----BEGIN CERTIFICATE-----\n" +
67
        "MIIDpzCCAo+gAwIBAgIJAJAYpR2aIlA1MA0GCSqGSIb3DQEBCwUAMDsxCzAJBgNV\n" +
68
        "BAYTAlVTMQ0wCwYDVQQKEwRKYXZhMR0wGwYDVQQLExRTdW5KU1NFIFRlc3QgU2Vy\n" +
69
        "aXZjZTAeFw0xNjExMDkwMzI0MTZaFw0zNzEwMjAwMzI0MTZaMDsxCzAJBgNVBAYT\n" +
70
        "AlVTMQ0wCwYDVQQKEwRKYXZhMR0wGwYDVQQLExRTdW5KU1NFIFRlc3QgU2VyaXZj\n" +
71
        "ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL+F/FTPODYzsU0Pakfp\n" +
72
        "lsh88YoQWZPjABhCU+HPsCTMYc8UBkaiduUzregwwVBW3D7kmec2K408krGQsxdy\n" +
73
        "oKJA12GL/XX1YgzDEsyBRk/gvex5lPaBIZiJ5IZlUfjLuRDGxPjtRelBTpZ7SUet\n" +
74
        "PJVZz6zV6hMPGO6kQzCtbzzET515EE0okIS40LkAmtWoOmVm3gRldomaZTrZ0V2L\n" +
75
        "MMaJGzrXYqk0SX+PYul8v+2EEHeMuaXG/XpK5xsg9gZvzpKqFQcBOdENoJHB07go\n" +
76
        "jCmRC328ALqr+bMyktKAuYfB+mhjmN2AU8TQx72WPpvNTXxFDYcwo+8254cCAVKB\n" +
77
        "e98CAwEAAaOBrTCBqjAdBgNVHQ4EFgQUlJQlQTbi8YIyiNf+SqF7LtH+gicwawYD\n" +
78
        "VR0jBGQwYoAUlJQlQTbi8YIyiNf+SqF7LtH+giehP6Q9MDsxCzAJBgNVBAYTAlVT\n" +
79
        "MQ0wCwYDVQQKEwRKYXZhMR0wGwYDVQQLExRTdW5KU1NFIFRlc3QgU2VyaXZjZYIJ\n" +
80
        "AJAYpR2aIlA1MA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3\n" +
81
        "DQEBCwUAA4IBAQAI0lTY0YAKQ2VdoIQ6dnqolphLVWdNGiC9drHEYSn7+hmAD2r2\n" +
82
        "v1U/9m752TkcT74a65xKbEVuVtleD/w6i+QjALW2PYt6ivjOnnY0a9Y9a9UCa00j\n" +
83
        "C9415sCw84Tp9VoKtuYqzhN87bBUeABOw5dsW3z32C2N/YhprkqeF/vdx4JxulPr\n" +
84
        "PKze5BREXnKLA1ISoDioCPphvNMKrSpkAofb1rTCwtgt5V/WFls283L52ORmpRGO\n" +
85
        "Ja88ztXOz00ZGu0RQLwlmpN7m8tNgA/5MPrldyYIwegP4RSkkJlF/8+hxvvqfJhK\n" +
86
        "FFDa0HHQSJfR2b9628Iniw1UHOMMT6qx5EHr\n" +
87
        "-----END CERTIFICATE-----"
88
        };
89

90
    // End entity certificate.
91
    private final static String[] endEntityCertStrs = {
92
        // SHA256withECDSA, curve prime256v1
93
        // Validity
94
        //     Not Before: Nov  9 03:24:05 2016 GMT
95
        //     Not After : Jul 27 03:24:05 2036 GMT
96
        "-----BEGIN CERTIFICATE-----\n" +
97
        "MIIB1DCCAXmgAwIBAgIJAKVa+4dIUjaLMAoGCCqGSM49BAMCMDsxCzAJBgNVBAYT\n" +
98
        "AlVTMQ0wCwYDVQQKEwRKYXZhMR0wGwYDVQQLExRTdW5KU1NFIFRlc3QgU2VyaXZj\n" +
99
        "ZTAeFw0xNjExMDkwMzI0MDVaFw0zNjA3MjcwMzI0MDVaMFIxCzAJBgNVBAYTAlVT\n" +
100
        "MQ0wCwYDVQQKDARKYXZhMR0wGwYDVQQLDBRTdW5KU1NFIFRlc3QgU2VyaXZjZTEV\n" +
101
        "MBMGA1UEAwwMSW50ZXJPcCBUZXN0MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE\n" +
102
        "h4vXNUJzULq4e7fAOvF0WiWU6cllOAMus1GqTFvcnRPOChl8suZsvksO0CpZqL3h\n" +
103
        "jXmVX9dp1FV/rUBGLo1aG6NPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSO8V5+\n" +
104
        "bj0ik0T9BtJc4jLJt7m6wjAfBgNVHSMEGDAWgBQxfznifNqgUkZAJta3WVD21nw8\n" +
105
        "8jAKBggqhkjOPQQDAgNJADBGAiEAk7MF+L9bFRwUsbPsBCbCqH9DMdzBQR+kFDNf\n" +
106
        "lfn8Rs4CIQD9qWvBXd+EJqwraxiX6cftaFchn+T2HpvMboy+irMFow==\n" +
107
        "-----END CERTIFICATE-----",
108

109
        // SHA256withRSA, 2048 bits
110
        // Validity
111
        //     Not Before: Nov  9 03:24:16 2016 GMT
112
        //     Not After : Jul 27 03:24:16 2036 GMT
113
        "-----BEGIN CERTIFICATE-----\n" +
114
        "MIIDczCCAlugAwIBAgIJAPhM2oUKx0aJMA0GCSqGSIb3DQEBCwUAMDsxCzAJBgNV\n" +
115
        "BAYTAlVTMQ0wCwYDVQQKEwRKYXZhMR0wGwYDVQQLExRTdW5KU1NFIFRlc3QgU2Vy\n" +
116
        "aXZjZTAeFw0xNjExMDkwMzI0MTZaFw0zNjA3MjcwMzI0MTZaMFIxCzAJBgNVBAYT\n" +
117
        "AlVTMQ0wCwYDVQQKDARKYXZhMR0wGwYDVQQLDBRTdW5KU1NFIFRlc3QgU2VyaXZj\n" +
118
        "ZTEVMBMGA1UEAwwMSW50ZXJPcCBUZXN0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A\n" +
119
        "MIIBCgKCAQEA36tJaXfJ2B/AFvES+tnueyQPSNABVu9nfMdU+NEPamJ+FH7cEF8Z\n" +
120
        "1Spr1vlQgNzCpDUVrfnmT75rCapgz5ldA9+y+3hdfUyHjZBzzfx+6GHXLB4u6eU2\n" +
121
        "NATa7vqSLNbcLcfZ7/QmkFqg4JRJbX4F42kKkRJrWdKZ8UoCYC8WXWvDaZ3nUs05\n" +
122
        "XHe+mBJ8qMNPTbYST1jpzXPyH5CljlFGYi2mKJDTImDhwht7mu2+zvwvbJ81Gj2X\n" +
123
        "JUSTSf9fu0zxFcCk6RmJPw9nSVqePVlOwtNNBodfKN+k4yr+gOz1v8NmMtmEtklV\n" +
124
        "Sulr/J4QxI+E2Zar/C+4XjxkvstIS+PNKQIDAQABo2MwYTALBgNVHQ8EBAMCA+gw\n" +
125
        "HQYDVR0OBBYEFHt19CItAz0VOF0WKGWwaT4DtEsSMB8GA1UdIwQYMBaAFJSUJUE2\n" +
126
        "4vGCMojX/kqhey7R/oInMBIGA1UdEQEB/wQIMAaHBH8AAAEwDQYJKoZIhvcNAQEL\n" +
127
        "BQADggEBACKYZWvo9B9IEpCCdBba2sNo4X1NI/VEY3fyUx1lkw+Kna+1d2Ab+RCZ\n" +
128
        "cf3Y85fcwv03hNE///wNBp+Nde4NQRDK/oiQARzWwWslfinm5d83eQwzC3cpSzt+\n" +
129
        "7ts6M5UlOblGsLXZI7THWO1tkgoEra9p+zezxLMmf/2MpNyZMZlVoJPM2YGxU9cN\n" +
130
        "ws0AyeY1gpBEdT21vjsBPdxxj6qklXVMnzS3zF8YwXyOndDYQWdjmFEknRK/qmQ2\n" +
131
        "gkLHrzpSpyCziecna5mGuDRdCU2dpsWiq1npEPXTq+PQGwWYcoaFTtXF8DDqhfPC\n" +
132
        "4Abe8gPm6MfzerdmS3RFTj9b/DIIENM=\n" +
133
        "-----END CERTIFICATE-----"
134
        };
135

136
    // Private key in the format of PKCS#8.
137
    private final static String[] endEntityPrivateKeys = {
138
        //
139
        // EC private key related to cert endEntityCertStrs[0].
140
        //
141
        "MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgA3pmS+OrIjGyUv2F\n" +
142
        "K/PkyayJIePM2RTFYxNoQqmJGnihRANCAASHi9c1QnNQurh7t8A68XRaJZTpyWU4\n" +
143
        "Ay6zUapMW9ydE84KGXyy5my+Sw7QKlmoveGNeZVf12nUVX+tQEYujVob",
144

145
        //
146
        // RSA private key related to cert endEntityCertStrs[1].
147
        //
148
        "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDfq0lpd8nYH8AW\n" +
149
        "8RL62e57JA9I0AFW72d8x1T40Q9qYn4UftwQXxnVKmvW+VCA3MKkNRWt+eZPvmsJ\n" +
150
        "qmDPmV0D37L7eF19TIeNkHPN/H7oYdcsHi7p5TY0BNru+pIs1twtx9nv9CaQWqDg\n" +
151
        "lEltfgXjaQqREmtZ0pnxSgJgLxZda8NpnedSzTlcd76YEnyow09NthJPWOnNc/If\n" +
152
        "kKWOUUZiLaYokNMiYOHCG3ua7b7O/C9snzUaPZclRJNJ/1+7TPEVwKTpGYk/D2dJ\n" +
153
        "Wp49WU7C000Gh18o36TjKv6A7PW/w2Yy2YS2SVVK6Wv8nhDEj4TZlqv8L7hePGS+\n" +
154
        "y0hL480pAgMBAAECggEBAJyP1zk+IkloIBtu7+wrdCU6HoDHKMjjlzrehHoOTI4Z\n" +
155
        "F0vdaMkE6J4vrYCyz0kEPjKW/e/jxvT2wxHm8xEdtuApS61+mWJFmXTcMlNzdJnR\n" +
156
        "Mr6s+gW67fAHngA94OgGFeTtyX2PFxdgeM/6vFMqLZD7S+w0SnR7WEpvla4iB7On\n" +
157
        "lXqhJKVQeVc+IpByg/S4MmJb91jck73GltCaCL/b6BTrsz+zc/AY5tb8JInxjMZ9\n" +
158
        "jmjmA+s6l7tnBrFQfJHlF9a374lxCOtZTxyxVJjD7tQcGpsUpSHXZGdpDcT34qYT\n" +
159
        "UGh0yp2Mc/1PfWni5gS/6UGLrYmT57RRCn5YJBJTEkkCgYEA/XPCNehFaOMSxOZh\n" +
160
        "OGBVhQ+eRAmdpJfMhSUsDdEdQLZyWGmZsMTHjZZrwevBX/D0dxQYDv/sAl0GZomJ\n" +
161
        "d6iRCHlscycwx5Q0U/EpacsgRlYHz1nMRzXqS3Ry+8O8qQlliqCLUM7SfVgzdI5/\n" +
162
        "ll9JMrng9NnRl8ccjEdOGK8g/MMCgYEA4eriKMfRslGY4uOQoTPbuEJSMMwQ2X4k\n" +
163
        "lPj1p+xSQfU9QBaWJake67oBj3vpCxqN7/VkvCIeC6LCjhLpWHCn4EkdGiqkEdWz\n" +
164
        "m5CHzpzVIgznzWnbt0rCVL2KdL+ihgY8KPDdsZ6tZrABHuYhsWkAu10wyvuQYM88\n" +
165
        "3u6yOIQn36MCgYEAk5qR1UEzAxWTPbaJkgKQa5Cf9DHBbDS3eCcg098f8SsPxquh\n" +
166
        "RRAkwzGCCgqZsJ0sUhkStdGXifzRGHAq7dPuuwe0ABAn2WNXYjeFjcYtQqkhnUFH\n" +
167
        "tYURsOXdfQAOZEdDqos691GrxjHSraO7bECL6Y3VE+Oyq3jbCFsSgU+kn28CgYBT\n" +
168
        "mrXZO6FJqVK33FlAns1YEgsSjeJKapklHEDkxNroF9Zz6ifkhgKwX6SGMefbORd/\n" +
169
        "zsNZsBKIYdI3+52pIf+uS8BeV5tiEkCmeEUZ3AYv1LDP3rX1zc++xmn/rI97o8EN\n" +
170
        "sZ2JRtyK3OV9RtL/MYmYzPLqm1Ah02+GXLVNnvKWmwKBgE8Ble8CzrXYuuPdGxXz\n" +
171
        "BZU6HnXQrmTUcgeze0tj8SDHzCfsGsaG6pHrVNkT7CKsRuCHTZLM0kXmUijLFKuP\n" +
172
        "5xyE257z4IbbEbs+tcbB3p28n4/47MzZkSR3kt8+FrsEMZq5oOHbFTGzgp9dhZCC\n" +
173
        "dKUqlw5BPHdbxoWB/JpSHGCV"
174
        };
175

176
    // Private key names of endEntityPrivateKeys.
177
    private final static String[] endEntityPrivateKeyNames = {
178
        "EC",
179
        "RSA"
180
        };
181

182
    /*
183
     * Run the test case.
184
     */
185
    public void run() throws Exception {
186
        SSLEngine serverEngine = createServerEngine();
187

188
        //
189
        // Create and size the buffers appropriately.
190
        //
191
        SSLSession session = serverEngine.getSession();
192
        ByteBuffer serverAppInbound =
193
            ByteBuffer.allocate(session.getApplicationBufferSize());
194
        ByteBuffer clientHello =
195
            ByteBuffer.allocate(session.getPacketBufferSize());
196

197
        //
198
        // Generate a ClientHello message, and check if the server
199
        // engine can read it or not.
200
        //
201
        clientHello.put(createClientHelloMessage());
202
        clientHello.flip();
203

204
        SSLEngineResult serverResult =
205
                serverEngine.unwrap(clientHello, serverAppInbound);
206
        log("Server unwrap: ", serverResult);
207
        runDelegatedTasks(serverResult, serverEngine);
208

209
        //
210
        // Generate server responses to the ClientHello request.
211
        //
212
        ByteBuffer clientNetInbound =
213
            ByteBuffer.allocate(session.getPacketBufferSize());
214
        ByteBuffer clientAppInbound =
215
            ByteBuffer.wrap("Hello Client, I'm Server".getBytes());
216

217
        serverResult = serverEngine.wrap(clientAppInbound, clientNetInbound);
218
        log("Server wrap: ", serverResult);
219
        runDelegatedTasks(serverResult, serverEngine);
220
    }
221

222
    /*
223
     * Create a ClientHello message.
224
     */
225
    abstract protected byte[] createClientHelloMessage();
226

227
    /*
228
     * Create an instance of SSLContext for client use.
229
     */
230
    protected SSLContext createClientSSLContext() throws Exception {
231
        return createSSLContext(trustedCertStrs, null, null, null);
232
    }
233

234
    /*
235
     * Create an instance of SSLContext for server use.
236
     */
237
    protected SSLContext createServerSSLContext() throws Exception {
238
        return createSSLContext(null,
239
                endEntityCertStrs, endEntityPrivateKeys,
240
                endEntityPrivateKeyNames);
241
    }
242

243
    /*
244
     * Create an instance of SSLContext with the specified trust/key materials.
245
     */
246
    protected SSLContext createSSLContext(
247
            String[] trustedMaterials,
248
            String[] keyMaterialCerts,
249
            String[] keyMaterialKeys,
250
            String[] keyMaterialKeyAlgs) throws Exception {
251

252
        KeyStore ts = null;     // trust store
253
        KeyStore ks = null;     // key store
254
        char passphrase[] = "passphrase".toCharArray();
255

256
        // Generate certificate from cert string.
257
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
258

259
        // Import the trused certs.
260
        ByteArrayInputStream is;
261
        if (trustedMaterials != null && trustedMaterials.length != 0) {
262
            ts = KeyStore.getInstance("JKS");
263
            ts.load(null, null);
264

265
            Certificate[] trustedCert =
266
                    new Certificate[trustedMaterials.length];
267
            for (int i = 0; i < trustedMaterials.length; i++) {
268
                String trustedCertStr = trustedMaterials[i];
269

270
                is = new ByteArrayInputStream(trustedCertStr.getBytes());
271
                try {
272
                    trustedCert[i] = cf.generateCertificate(is);
273
                } finally {
274
                    is.close();
275
                }
276

277
                ts.setCertificateEntry("trusted-cert-" + i, trustedCert[i]);
278
            }
279
        }
280

281
        // Import the key materials.
282
        //
283
        // Note that certification pathes bigger than one are not supported yet.
284
        boolean hasKeyMaterials =
285
            (keyMaterialCerts != null) && (keyMaterialCerts.length != 0) &&
286
            (keyMaterialKeys != null) && (keyMaterialKeys.length != 0) &&
287
            (keyMaterialKeyAlgs != null) && (keyMaterialKeyAlgs.length != 0) &&
288
            (keyMaterialCerts.length == keyMaterialKeys.length) &&
289
            (keyMaterialCerts.length == keyMaterialKeyAlgs.length);
290
        if (hasKeyMaterials) {
291
            ks = KeyStore.getInstance("JKS");
292
            ks.load(null, null);
293

294
            for (int i = 0; i < keyMaterialCerts.length; i++) {
295
                String keyCertStr = keyMaterialCerts[i];
296

297
                // generate the private key.
298
                PKCS8EncodedKeySpec priKeySpec = new PKCS8EncodedKeySpec(
299
                    Base64.getMimeDecoder().decode(keyMaterialKeys[i]));
300
                KeyFactory kf =
301
                    KeyFactory.getInstance(keyMaterialKeyAlgs[i]);
302
                PrivateKey priKey = kf.generatePrivate(priKeySpec);
303

304
                // generate certificate chain
305
                is = new ByteArrayInputStream(keyCertStr.getBytes());
306
                Certificate keyCert = null;
307
                try {
308
                    keyCert = cf.generateCertificate(is);
309
                } finally {
310
                    is.close();
311
                }
312

313
                Certificate[] chain = new Certificate[] { keyCert };
314

315
                // import the key entry.
316
                ks.setKeyEntry("cert-" + i, priKey, passphrase, chain);
317
            }
318
        }
319

320
        // Create an SSLContext object.
321
        TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX");
322
        tmf.init(ts);
323

324
        SSLContext context = SSLContext.getInstance("TLS");
325
        if (hasKeyMaterials && ks != null) {
326
            KeyManagerFactory kmf = KeyManagerFactory.getInstance("NewSunX509");
327
            kmf.init(ks, passphrase);
328

329
            context.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
330
        } else {
331
            context.init(null, tmf.getTrustManagers(), null);
332
        }
333

334
        return context;
335
    }
336

337
    /*
338
     * Create an instance of SSLEngine in client mode.
339
     */
340
    protected SSLEngine createClientEngine() throws Exception {
341
        return createClientEngine(createClientSSLContext());
342
    }
343

344
    /*
345
     * Create an instance of SSLEngine in client mode with the
346
     * specified SSLContext object.
347
     */
348
    protected SSLEngine createClientEngine(
349
        SSLContext context) throws Exception {
350

351
        SSLEngine engine = context.createSSLEngine();
352
        engine.setUseClientMode(true);
353

354
        /*
355
         * Customize the SSLEngine object.
356
         */
357
        // blank
358

359
        return engine;
360
    }
361

362
    /*
363
     * Create an instance of SSLEngine in server mode.
364
     */
365
    protected SSLEngine createServerEngine() throws Exception {
366
        return createServerEngine(createServerSSLContext());
367
    }
368

369
    /*
370
     * Create an instance of SSLEngine in server mode with the
371
     * specified SSLContext object.
372
     */
373
    protected SSLEngine createServerEngine(
374
        SSLContext context) throws Exception {
375

376
        SSLEngine engine = context.createSSLEngine();
377
        engine.setUseClientMode(false);
378

379
        /*
380
         * Customize the SSLEngine object.
381
         */
382
        engine.setNeedClientAuth(false);
383

384
        return engine;
385
    }
386

387
    /*
388
     * Run the delagayed tasks if any.
389
     *
390
     * If the result indicates that we have outstanding tasks to do,
391
     * go ahead and run them in this thread.
392
     */
393
    protected static void runDelegatedTasks(SSLEngineResult result,
394
            SSLEngine engine) throws Exception {
395

396
        if (result.getHandshakeStatus() == HandshakeStatus.NEED_TASK) {
397
            Runnable runnable;
398
            while ((runnable = engine.getDelegatedTask()) != null) {
399
                log("\trunning delegated task...");
400
                runnable.run();
401
            }
402
            HandshakeStatus hsStatus = engine.getHandshakeStatus();
403
            if (hsStatus == HandshakeStatus.NEED_TASK) {
404
                throw new Exception(
405
                    "handshake shouldn't need additional tasks");
406
            }
407
            log("\tnew HandshakeStatus: " + hsStatus);
408
        }
409
    }
410

411
    /*
412
     * Logging the specificated message and the SSLEngine operation result.
413
     */
414
    protected static void log(String str, SSLEngineResult result) {
415
        HandshakeStatus hsStatus = result.getHandshakeStatus();
416
        log(str +
417
            result.getStatus() + "/" + hsStatus + ", consumed: " +
418
            result.bytesConsumed() + "/produced: " + result.bytesProduced() +
419
            " bytes");
420

421
        if (hsStatus == HandshakeStatus.FINISHED) {
422
            log("\t...ready for application data");
423
        }
424
    }
425

426
    /*
427
     * Logging the specificated message.
428
     */
429
    protected static void log(String str) {
430
        System.out.println(str);
431
    }
432
}
433

434
Product

Resources

Company
