1
/*
2
 * Copyright (c) 2008, 2014, Oracle and/or its affiliates. All rights reserved.
3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
 *
5
 * This code is free software; you can redistribute it and/or modify it
6
 * under the terms of the GNU General Public License version 2 only, as
7
 * published by the Free Software Foundation.
8
 *
9
 * This code is distributed in the hope that it will be useful, but WITHOUT
10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12
 * version 2 for more details (a copy is included in the LICENSE file that
13
 * accompanied this code).
14
 *
15
 * You should have received a copy of the GNU General Public License version
16
 * 2 along with this work; if not, write to the Free Software Foundation,
17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18
 *
19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20
 * or visit www.oracle.com if you need additional information or have any
21
 * questions.
22
 */
23

24
/*
25
 * @test
26
 * @bug 6659990 8147772
27
 * @summary test the immutability of the Date fields in KerberosTicket class,
28
 *          serialization, and behavior after being destroyed.
29
 */
30

31
/*
32
 * Must setup KDC and Kerberos configuration file
33
 */
34

35
import java.lang.reflect.InvocationTargetException;
36
import java.lang.reflect.Method;
37
import java.lang.reflect.Modifier;
38
import java.util.Date;
39
import java.io.*;
40
import javax.security.auth.RefreshFailedException;
41
import javax.security.auth.kerberos.KerberosPrincipal;
42
import javax.security.auth.kerberos.KerberosTicket;
43
import java.util.Base64;
44

45
public class KerberosTixDateTest {
46

47
    // Serialized KerberosTicket from JDK6 (encoded in BASE64)
48
    // Note: the KerberosTicket object is created using the same values as
49
    // the KerberosTicket 't' in main(). Deserialization should succeed
50
    // and the deserialized object should equal to 't'.
51
    static String serializedKerberosTix =
52
"rO0ABXNyACtqYXZheC5zZWN1cml0eS5hdXRoLmtlcmJlcm9zLktlcmJlcm9zVGlja2V0ZqGBbXB3" +
53
"w7sCAApbAAxhc24xRW5jb2Rpbmd0AAJbQkwACGF1dGhUaW1ldAAQTGphdmEvdXRpbC9EYXRlO0wA" +
54
"BmNsaWVudHQAMExqYXZheC9zZWN1cml0eS9hdXRoL2tlcmJlcm9zL0tlcmJlcm9zUHJpbmNpcGFs" +
55
"O1sAD2NsaWVudEFkZHJlc3Nlc3QAF1tMamF2YS9uZXQvSW5ldEFkZHJlc3M7TAAHZW5kVGltZXEA" +
56
"fgACWwAFZmxhZ3N0AAJbWkwACXJlbmV3VGlsbHEAfgACTAAGc2VydmVycQB+AANMAApzZXNzaW9u" +
57
"S2V5dAAmTGphdmF4L3NlY3VyaXR5L2F1dGgva2VyYmVyb3MvS2V5SW1wbDtMAAlzdGFydFRpbWVx" +
58
"AH4AAnhwdXIAAltCrPMX+AYIVOACAAB4cAAAAARhc24xc3IADmphdmEudXRpbC5EYXRlaGqBAUtZ" +
59
"dBkDAAB4cHcIAAAAAAC8YU54c3IALmphdmF4LnNlY3VyaXR5LmF1dGgua2VyYmVyb3MuS2VyYmVy" +
60
"b3NQcmluY2lwYWyZp31dDx4zKQMAAHhwdXEAfgAIAAAAEzARoAMCAQGhCjAIGwZjbGllbnR1cQB+" +
61
"AAgAAAAVGxNKTEFCUy5TRkJBWS5TVU4uQ09NeHBxAH4AC3VyAAJbWlePIDkUuF3iAgAAeHAAAAAg" +
62
"AAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABxAH4AC3NxAH4ADHVxAH4ACAAAABMwEaAD" +
63
"AgEBoQowCBsGc2VydmVydXEAfgAIAAAAFRsTSkxBQlMuU0ZCQVkuU1VOLkNPTXhzcgAkamF2YXgu" +
64
"c2VjdXJpdHkuYXV0aC5rZXJiZXJvcy5LZXlJbXBskoOG6DyvS9cDAAB4cHVxAH4ACAAAABUwE6AD" +
65
        "AgEBoQwECnNlc3Npb25LZXl4cQB+AAs=";
66

67
    public static void main(String[] args) throws Exception {
68
        byte[] asn1Bytes = "asn1".getBytes();
69
        KerberosPrincipal client = new KerberosPrincipal("[email protected]");
70
        KerberosPrincipal server = new KerberosPrincipal("[email protected]");
71
        byte[] keyBytes = "sessionKey".getBytes();
72
        long originalTime = 12345678L;
73
        Date inDate = new Date(originalTime);
74
        boolean[] flags = new boolean[9];
75
        flags[8] = true; // renewable
76
        KerberosTicket t = new KerberosTicket(asn1Bytes, client, server,
77
                keyBytes, 1 /*keyType*/, flags, inDate /*authTime*/,
78
                inDate /*startTime*/, inDate /*endTime*/,
79
                inDate /*renewTill*/, null /*clientAddresses*/);
80
        inDate.setTime(0); // for testing the constructor
81

82
        testDateImmutability(t, originalTime);
83
        testS11nCompatibility(t); // S11n: Serialization
84
        testDestroy(t);
85
    }
86

87
    private static void checkTime(KerberosTicket kt, long timeValue) {
88
        if (kt.getAuthTime().getTime() != timeValue) {
89
            throw new RuntimeException("authTime check fails!");
90
        }
91
        if (kt.getStartTime().getTime() != timeValue) {
92
            throw new RuntimeException("startTime check fails!");
93
        }
94
        if (kt.getEndTime().getTime() != timeValue) {
95
            throw new RuntimeException("endTime check fails!");
96
        }
97
        if (kt.getRenewTill().getTime() != timeValue) {
98
            throw new RuntimeException("renewTill check fails!");
99
        }
100
    }
101

102
    private static void testDateImmutability(KerberosTicket t, long origTime)
103
        throws Exception {
104
        // test the constructor
105
        System.out.println("Testing constructor...");
106
        checkTime(t, origTime);
107

108
        // test the getAuth/Start/EndTime() & getRenewTill() methods
109
        System.out.println("Testing getAuth/Start/EndTime() & getRenewTill()...");
110
        t.getAuthTime().setTime(0);
111
        t.getStartTime().setTime(0);
112
        t.getEndTime().setTime(0);
113
        t.getRenewTill().setTime(0);
114
        checkTime(t, origTime);
115

116
        System.out.println("DateImmutability Test Passed");
117
    }
118

119
    private static void checkEqualsAndHashCode(byte[] bytes, KerberosTicket t)
120
        throws IOException, ClassNotFoundException {
121
        ByteArrayInputStream bais = new ByteArrayInputStream(bytes);
122
        KerberosTicket deserializedTicket = (KerberosTicket)
123
                (new ObjectInputStream(bais).readObject());
124
        if (!deserializedTicket.equals(t)) {
125
            throw new RuntimeException("equals() check fails!");
126
        }
127
        if (deserializedTicket.hashCode() != t.hashCode()) {
128
            throw new RuntimeException("hashCode() check fails!");
129
        }
130
    }
131

132
    private static void testS11nCompatibility(KerberosTicket t)
133
        throws Exception {
134

135
        System.out.println("Testing against KerberosTicket from JDK6...");
136
        byte[] serializedBytes =
137
            Base64.getMimeDecoder().decode(serializedKerberosTix);
138
        checkEqualsAndHashCode(serializedBytes, t);
139

140
        System.out.println("Testing against KerberosTicket from current rel...");
141
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
142
        new ObjectOutputStream(baos).writeObject(t);
143
        checkEqualsAndHashCode(baos.toByteArray(), t);
144

145
        System.out.println("S11nCompatibility Test Passed");
146
    }
147

148
    private static void testDestroy(KerberosTicket t) throws Exception {
149
        t.destroy();
150
        if (!t.isDestroyed()) {
151
            throw new RuntimeException("ticket should have been destroyed");
152
        }
153
        // Although these methods are meaningless, they can be called
154
        for (Method m: KerberosTicket.class.getDeclaredMethods()) {
155
            if (Modifier.isPublic(m.getModifiers())
156
                    && m.getParameterCount() == 0) {
157
                System.out.println("Testing " + m.getName() + "...");
158
                try {
159
                    m.invoke(t);
160
                } catch (InvocationTargetException e) {
161
                    Throwable cause = e.getCause();
162
                    if (cause instanceof RefreshFailedException ||
163
                            cause instanceof IllegalStateException) {
164
                        // this is OK
165
                    } else {
166
                        throw e;
167
                    }
168
                }
169
            }
170
        }
171
        System.out.println("Destroy Test Passed");
172
    }
173
}
174

175