Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/mobile
 Path: blob/master/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/IPAddressIPIdentities.java
41161 views
1
/*

2
 * Copyright (c) 2010, 2019, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.

8
 *

9
 * This code is distributed in the hope that it will be useful, but WITHOUT

10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

12
 * version 2 for more details (a copy is included in the LICENSE file that

13
 * accompanied this code).

14
 *

15
 * You should have received a copy of the GNU General Public License version

16
 * 2 along with this work; if not, write to the Free Software Foundation,

17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

18
 *

19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

20
 * or visit www.oracle.com if you need additional information or have any

21
 * questions.

22
 */

23


24
//

25
// SunJSSE does not support dynamic system properties, no way to re-use

26
// system properties in samevm/agentvm mode.

27
//

28


29
/* @test

30
 * @summary X509 certificate hostname checking is broken in JDK1.6.0_10

31
 * @library /test/lib

32
 * @bug 6766775

33
 * @run main/othervm IPAddressIPIdentities

34
 * @author Xuelei Fan

35
 */

36


37
import java.net.*;

38
import java.util.*;

39
import java.io.*;

40
import javax.net.ssl.*;

41
import java.security.Security;

42
import java.security.KeyStore;

43
import java.security.KeyFactory;

44
import java.security.cert.Certificate;

45
import java.security.cert.CertificateFactory;

46
import java.security.spec.*;

47
import java.security.interfaces.*;

48
import java.math.BigInteger;

49
import jdk.test.lib.net.URIBuilder;

50


51
/*

52
 * Certificates and key used in the test.

53
 *

54
 * TLS server certificate:

55
 * server private key:

56
 * -----BEGIN RSA PRIVATE KEY-----

57
 * Proc-Type: 4,ENCRYPTED

58
 * DEK-Info: DES-EDE3-CBC,D9AE407F6D0E389A

59
 *

60
 * WPrA7TFol/cQCcp9oHnXWNpYlvRbbIcQj0m+RKT2Iuzfus+DHt3Zadf8nJpKfX2e

61
 * h2rnhlzCN9M7djRDooZKDOPCsdBn51Au7HlZF3S3Opgo7D8XFM1a8t1Je4ke14oI

62
 * nw6QKYsBblRziPnP2PZ0zvX24nOv7bbY8beynlJHGs00VWSFdoH2DS0aE1p6D+3n

63
 * ptJuJ75dVfZFK4X7162APlNXevX8D6PEQpSiRw1rjjGGcnvQ4HdWk3BxDVDcCNJb

64
 * Y1aGNRxsjTDvPi3R9Qx2M+W03QzEPx4SR3ZHVskeSJHaetM0TM/w/45Paq4GokXP

65
 * ZeTnbEx1xmjkA7h+t4doLL4watx5F6yLsJzu8xB3lt/1EtmkYtLz1t7X4BetPAXz

66
 * zS69X/VwhKfsOI3qXBWuL2oHPyhDmT1gcaUQwEPSV6ogHEEQEDXdiUS8heNK13KF

67
 * TCQYFkETvV2BLxUhV1hypPzRQ6tUpJiAbD5KmoK2lD9slshG2QtvKQq0/bgkDY5J

68
 * LhDHV2dtcZ3kDPkkZXpbcJQvoeH3d09C5sIsuTFo2zgNR6oETHUc5TzP6FY2YYRa

69
 * QcK5HcmtsRRiXFm01ac+aMejJUIujjFt84SiKWT/73vC8AmY4tYcJBLjCg4XIxSH

70
 * fdDFLL1YZENNO5ivlp8mdiHqcawx+36L7DrEZQ8RZt6cqST5t/+XTdM74s6k81GT

71
 * pNsa82P2K2zmIUZ/DL2mKjW1vfRByw1NQFEBkN3vdyZxYfM/JyUzX4hbjXBEkh9Q

72
 * QYrcwLKLjis2QzSvK04B3bvRzRb+4ocWiso8ZPAXAIxZFBWDpTMM2A==

73
 * -----END RSA PRIVATE KEY-----

74
 *

75
 * -----BEGIN RSA PRIVATE KEY-----

76
 * MIICXAIBAAKBgQClrFscN6LdmYktsnm4j9VIpecchBeNaZzGrG358h0fORna03Ie

77
 * buxEzHCk3LoAMPagTz1UemFqzFfQCn+VKBg/mtmU8hvIJIh+/p0PPftXUwizIDPU

78
 * PxdHFNHN6gjYDnVOr77M0uyvqXpJ38LZrLgkQJCmA1Yq0DAFQCxPq9l0iQIDAQAB

79
 * AoGAbqcbg1E1mkR99uOJoNeQYKFOJyGiiXTMnXV1TseC4+PDfQBU7Dax35GcesBi

80
 * CtapIpFKKS5D+ozY6b7ZT8ojxuQ/uHLPAvz0WDR3ds4iRF8tyu71Q1ZHcQsJa17y

81
 * yO7UbkSSKn/Mp9Rb+/dKqftUGNXVFLqgHBOzN2s3We3bbbECQQDYBPKOg3hkaGHo

82
 * OhpHKqtQ6EVkldihG/3i4WejRonelXN+HRh1KrB2HBx0M8D/qAzP1i3rNSlSHer4

83
 * 59YRTJnHAkEAxFX/sVYSn07BHv9Zhn6XXct/Cj43z/tKNbzlNbcxqQwQerw3IH51

84
 * 8UH2YOA+GD3lXbKp+MytoFLWv8zg4YT/LwJAfqan75Z1R6lLffRS49bIiq8jwE16

85
 * rTrUJ+kv8jKxMqc9B3vXkxpsS1M/+4E8bqgAmvpgAb8xcsvHsBd9ErdukQJBAKs2

86
 * j67W75BrPjBI34pQ1LEfp56IGWXOrq1kF8IbCjxv3+MYRT6Z6UJFkpRymNPNDjsC

87
 * dgUYgITiGJHUGXuw3lMCQHEHqo9ZtXz92yFT+VhsNc29B8m/sqUJdtCcMd/jGpAF

88
 * u6GHufjqIZBpQsk63wbwESAPZZ+kk1O1kS5GIRLX608=

89
 * -----END RSA PRIVATE KEY-----

90
 *

91
 * Private-Key: (1024 bit)

92
 * modulus:

93
 *     00:a5:ac:5b:1c:37:a2:dd:99:89:2d:b2:79:b8:8f:

94
 *     d5:48:a5:e7:1c:84:17:8d:69:9c:c6:ac:6d:f9:f2:

95
 *     1d:1f:39:19:da:d3:72:1e:6e:ec:44:cc:70:a4:dc:

96
 *     ba:00:30:f6:a0:4f:3d:54:7a:61:6a:cc:57:d0:0a:

97
 *     7f:95:28:18:3f:9a:d9:94:f2:1b:c8:24:88:7e:fe:

98
 *     9d:0f:3d:fb:57:53:08:b3:20:33:d4:3f:17:47:14:

99
 *     d1:cd:ea:08:d8:0e:75:4e:af:be:cc:d2:ec:af:a9:

100
 *     7a:49:df:c2:d9:ac:b8:24:40:90:a6:03:56:2a:d0:

101
 *     30:05:40:2c:4f:ab:d9:74:89

102
 * publicExponent: 65537 (0x10001)

103
 * privateExponent:

104
 *     6e:a7:1b:83:51:35:9a:44:7d:f6:e3:89:a0:d7:90:

105
 *     60:a1:4e:27:21:a2:89:74:cc:9d:75:75:4e:c7:82:

106
 *     e3:e3:c3:7d:00:54:ec:36:b1:df:91:9c:7a:c0:62:

107
 *     0a:d6:a9:22:91:4a:29:2e:43:fa:8c:d8:e9:be:d9:

108
 *     4f:ca:23:c6:e4:3f:b8:72:cf:02:fc:f4:58:34:77:

109
 *     76:ce:22:44:5f:2d:ca:ee:f5:43:56:47:71:0b:09:

110
 *     6b:5e:f2:c8:ee:d4:6e:44:92:2a:7f:cc:a7:d4:5b:

111
 *     fb:f7:4a:a9:fb:54:18:d5:d5:14:ba:a0:1c:13:b3:

112
 *     37:6b:37:59:ed:db:6d:b1

113
 * prime1:

114
 *     00:d8:04:f2:8e:83:78:64:68:61:e8:3a:1a:47:2a:

115
 *     ab:50:e8:45:64:95:d8:a1:1b:fd:e2:e1:67:a3:46:

116
 *     89:de:95:73:7e:1d:18:75:2a:b0:76:1c:1c:74:33:

117
 *     c0:ff:a8:0c:cf:d6:2d:eb:35:29:52:1d:ea:f8:e7:

118
 *     d6:11:4c:99:c7

119
 * prime2:

120
 *     00:c4:55:ff:b1:56:12:9f:4e:c1:1e:ff:59:86:7e:

121
 *     97:5d:cb:7f:0a:3e:37:cf:fb:4a:35:bc:e5:35:b7:

122
 *     31:a9:0c:10:7a:bc:37:20:7e:75:f1:41:f6:60:e0:

123
 *     3e:18:3d:e5:5d:b2:a9:f8:cc:ad:a0:52:d6:bf:cc:

124
 *     e0:e1:84:ff:2f

125
 * exponent1:

126
 *     7e:a6:a7:ef:96:75:47:a9:4b:7d:f4:52:e3:d6:c8:

127
 *     8a:af:23:c0:4d:7a:ad:3a:d4:27:e9:2f:f2:32:b1:

128
 *     32:a7:3d:07:7b:d7:93:1a:6c:4b:53:3f:fb:81:3c:

129
 *     6e:a8:00:9a:fa:60:01:bf:31:72:cb:c7:b0:17:7d:

130
 *     12:b7:6e:91

131
 * exponent2:

132
 *     00:ab:36:8f:ae:d6:ef:90:6b:3e:30:48:df:8a:50:

133
 *     d4:b1:1f:a7:9e:88:19:65:ce:ae:ad:64:17:c2:1b:

134
 *     0a:3c:6f:df:e3:18:45:3e:99:e9:42:45:92:94:72:

135
 *     98:d3:cd:0e:3b:02:76:05:18:80:84:e2:18:91:d4:

136
 *     19:7b:b0:de:53

137
 * coefficient:

138
 *     71:07:aa:8f:59:b5:7c:fd:db:21:53:f9:58:6c:35:

139
 *     cd:bd:07:c9:bf:b2:a5:09:76:d0:9c:31:df:e3:1a:

140
 *     90:05:bb:a1:87:b9:f8:ea:21:90:69:42:c9:3a:df:

141
 *     06:f0:11:20:0f:65:9f:a4:93:53:b5:91:2e:46:21:

142
 *     12:d7:eb:4f

143
 *

144
 *

145
 * server certificate:

146
 * Data:

147
 *     Version: 3 (0x2)

148
 *     Serial Number: 7 (0x7)

149
 *     Signature Algorithm: md5WithRSAEncryption

150
 *     Issuer: C=US, ST=Some-State, L=Some-City, O=Some-Org

151
 *     Validity

152
 *         Not Before: Dec  8 03:27:57 2008 GMT

153
 *         Not After : Aug 25 03:27:57 2028 GMT

154
 *     Subject: C=US, ST=Some-State, L=Some-City, O=Some-Org, OU=SSL-Server, CN=localhost

155
 *     Subject Public Key Info:

156
 *         Public Key Algorithm: rsaEncryption

157
 *         RSA Public Key: (1024 bit)

158
 *             Modulus (1024 bit):

159
 *                 00:a5:ac:5b:1c:37:a2:dd:99:89:2d:b2:79:b8:8f:

160
 *                 d5:48:a5:e7:1c:84:17:8d:69:9c:c6:ac:6d:f9:f2:

161
 *                 1d:1f:39:19:da:d3:72:1e:6e:ec:44:cc:70:a4:dc:

162
 *                 ba:00:30:f6:a0:4f:3d:54:7a:61:6a:cc:57:d0:0a:

163
 *                 7f:95:28:18:3f:9a:d9:94:f2:1b:c8:24:88:7e:fe:

164
 *                 9d:0f:3d:fb:57:53:08:b3:20:33:d4:3f:17:47:14:

165
 *                 d1:cd:ea:08:d8:0e:75:4e:af:be:cc:d2:ec:af:a9:

166
 *                 7a:49:df:c2:d9:ac:b8:24:40:90:a6:03:56:2a:d0:

167
 *                 30:05:40:2c:4f:ab:d9:74:89

168
 *             Exponent: 65537 (0x10001)

169
 *     X509v3 extensions:

170
 *         X509v3 Basic Constraints:

171
 *             CA:FALSE

172
 *         X509v3 Key Usage:

173
 *             Digital Signature, Non Repudiation, Key Encipherment

174
 *         X509v3 Subject Key Identifier:

175
 *             ED:6E:DB:F4:B5:56:C8:FB:1A:06:61:3F:0F:08:BB:A6:04:D8:16:54

176
 *         X509v3 Authority Key Identifier:

177
 *             keyid:FA:B9:51:BF:4C:E7:D9:86:98:33:F9:E7:CB:1E:F1:33:49:F7:A8:14

178
 *

179
 *         X509v3 Subject Alternative Name: critical

180
 *             IP Address:127.0.0.1

181
 * Signature Algorithm: md5WithRSAEncryption

182
 *

183
 * -----BEGIN CERTIFICATE-----

184
 * MIICnzCCAgigAwIBAgIBBzANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET

185
 * MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK

186
 * EwhTb21lLU9yZzAeFw0wODEyMDgwMzI3NTdaFw0yODA4MjUwMzI3NTdaMHIxCzAJ

187
 * BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp

188
 * dHkxETAPBgNVBAoTCFNvbWUtT3JnMRMwEQYDVQQLEwpTU0wtU2VydmVyMRIwEAYD

189
 * VQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKWsWxw3

190
 * ot2ZiS2yebiP1Uil5xyEF41pnMasbfnyHR85GdrTch5u7ETMcKTcugAw9qBPPVR6

191
 * YWrMV9AKf5UoGD+a2ZTyG8gkiH7+nQ89+1dTCLMgM9Q/F0cU0c3qCNgOdU6vvszS

192
 * 7K+peknfwtmsuCRAkKYDVirQMAVALE+r2XSJAgMBAAGjbjBsMAkGA1UdEwQCMAAw

193
 * CwYDVR0PBAQDAgXgMB0GA1UdDgQWBBTtbtv0tVbI+xoGYT8PCLumBNgWVDAfBgNV

194
 * HSMEGDAWgBT6uVG/TOfZhpgz+efLHvEzSfeoFDASBgNVHREBAf8ECDAGhwR/AAAB

195
 * MA0GCSqGSIb3DQEBBAUAA4GBAFJjItCtCBZcjD69wdqfIbKmRFa6eJAjR6LcoDva

196
 * cKC/sDOLelpspiZ66Zb0Xdv5qQ7QrfOXt3K8QqJKRMdZLF9WfUfy0gJDM32ub91h

197
 * pu+TmcGPs+6RdrAQcuvU1ZDV9X8SMj7BtKaim4d5sqFw1npncKiA5xFn8vOYwdun

198
 * nZif

199
 * -----END CERTIFICATE-----

200
 *

201
 *

202
 * TLS client certificate:

203
 * client private key:

204
 * ----BEGIN RSA PRIVATE KEY-----

205
 * Proc-Type: 4,ENCRYPTED

206
 * DEK-Info: DES-EDE3-CBC,FA2A435CD35A9390

207
 *

208
 * Z+Y2uaETbsUWIyJUyVu1UV2G4rgFYJyACZT6Tp1KjRtxflSh2kXkJ9MpuXMXA0V4

209
 * Yy3fDzPqCL9NJmQAYRlAx/W/+j4F5EyMWDIx8fUxzONRZyoiwF7jLm+KscAfv6Pf

210
 * q7ItWOdj3z7IYrwlB8YIGd3F2cDKT3S+lYRk7rKb/qT7itbuHnY4Ardh3yl+MZak

211
 * jBp+ELUlRsUqSr1V0LoM+0rCCykarpyfhpxEcqsrl0v9Cyi5uhU50/oKv5zql3SH

212
 * l2ImgDjp3batAs8+Bd4NF2aqi0a7Hy44JUHxRm4caZryU/i/D9N1MbuM6882HLat

213
 * 5N0G+NaIUfywa8mjwq2D5aiit18HqKA6XeRRYeJ5Dvu9DCO4GeFSwcUFIBMI0L46

214
 * 7s114+oDodg57pMgITi+04vmUxvqlN9aiyd7f5Fgd7PeHGeOdbMz1NaJLJaPI9++

215
 * NakK8eK9iwT/Gdq0Uap5/CHW7vCT5PO+h3HY0STH0lWStXhdWnFO04zTdywsbSp+

216
 * DLpHeFT66shfeUlxR0PsCbG9vPRt/QmGLeYQZITppWo/ylSq4j+pRIuXvuWHdBRN

217
 * rTZ8QF4Y7AxQUXVz1j1++s6ZMHTzaK2i9HrhmDs1MbJl+QwWre3Xpv3LvTVz3k5U

218
 * wX8kuY1m3STt71QCaRWENq5sRaMImLxZbxc/ivFl9RAzUqo4NCxLod/QgA4iLqtO

219
 * ztnlpzwlC/F8HbQ1oqYWwnZAPhzU/cULtstl+Yrws2c2atO323LbPXZqbASySgig

220
 * sNpFXQMObdfP6LN23bY+1SvtK7V4NUTNhpdIc6INQAQ=

221
 * -----END RSA PRIVATE KEY-----

222
 *

223
 * -----BEGIN RSA PRIVATE KEY-----

224
 * MIICWwIBAAKBgQC78EA2rCZUTvSjWgAvaSFvuXo6k+yi9uGOx2PYLxIwmS6w8o/4

225
 * Jy0keCiE9wG/jUR53TvSVfPOPLJbIX3v/TNKsaP/xsibuQ98QTWX+ds6BWAFFa9Z

226
 * F5KjEK0WHOQHU6+odqJWKpLT+SjgeM9eH0irXBnd4WdDunWN9YKsQ5JEGwIDAQAB

227
 * AoGAEbdqNj0wN85hnWyEi/ObJU8UyKTdL9eaF72QGfcF/fLSxfd3vurihIeXOkGW

228
 * tpn4lIxYcVGM9CognhqgJpl11jFTQzn1KqZ+NEJRKkCHA4hDabKJbSC9fXHvRwrf

229
 * BsFpZqgiNxp3HseUTiwnaUVeyPgMt/jAj5nB5Sib+UyUxrECQQDnNQBiF2aifEg6

230
 * zbJOOC7he5CHAdkFxSxWVFVHL6EfXfqdLVkUohMbgZv+XxyIeU2biOExSg49Kds3

231
 * FOKgTau1AkEA0Bd1haj6QuCo8I0AXm2WO+MMTZMTvtHD/bGjKNM+fT4I8rKYnQRX

232
 * 1acHdqS9Xx2rNJqZgkMmpESIdPR2fc4yjwJALFeM6EMmqvj8/VIf5UJ/Mz14fXwM

233
 * PEARfckUxd9LnnFutCBTWlKvKXJVEZb6KO5ixPaegc57Jp3Vbh3yTN44lQJADD/1

234
 * SSMDaIB1MYP7a5Oj7m6VQNPRq8AJe5vDcRnOae0G9dKRrVyeFxO4GsHj6/+BHp2j

235
 * P8nYMn9eURQ7DXjf/QJAAQzMlWnKGSO8pyTDtnQx3hRMoUkOEhmNq4bQhLkYqtnY

236
 * FcqpUQ2qMjW+NiNWk5HnTrMS3L9EdJobMUzaNZLy4w==

237
 * -----END RSA PRIVATE KEY-----

238
 *

239
 * Private-Key: (1024 bit)

240
 * modulus:

241
 *     00:bb:f0:40:36:ac:26:54:4e:f4:a3:5a:00:2f:69:

242
 *     21:6f:b9:7a:3a:93:ec:a2:f6:e1:8e:c7:63:d8:2f:

243
 *     12:30:99:2e:b0:f2:8f:f8:27:2d:24:78:28:84:f7:

244
 *     01:bf:8d:44:79:dd:3b:d2:55:f3:ce:3c:b2:5b:21:

245
 *     7d:ef:fd:33:4a:b1:a3:ff:c6:c8:9b:b9:0f:7c:41:

246
 *     35:97:f9:db:3a:05:60:05:15:af:59:17:92:a3:10:

247
 *     ad:16:1c:e4:07:53:af:a8:76:a2:56:2a:92:d3:f9:

248
 *     28:e0:78:cf:5e:1f:48:ab:5c:19:dd:e1:67:43:ba:

249
 *     75:8d:f5:82:ac:43:92:44:1b

250
 * publicExponent: 65537 (0x10001)

251
 * privateExponent:

252
 *     11:b7:6a:36:3d:30:37:ce:61:9d:6c:84:8b:f3:9b:

253
 *     25:4f:14:c8:a4:dd:2f:d7:9a:17:bd:90:19:f7:05:

254
 *     fd:f2:d2:c5:f7:77:be:ea:e2:84:87:97:3a:41:96:

255
 *     b6:99:f8:94:8c:58:71:51:8c:f4:2a:20:9e:1a:a0:

256
 *     26:99:75:d6:31:53:43:39:f5:2a:a6:7e:34:42:51:

257
 *     2a:40:87:03:88:43:69:b2:89:6d:20:bd:7d:71:ef:

258
 *     47:0a:df:06:c1:69:66:a8:22:37:1a:77:1e:c7:94:

259
 *     4e:2c:27:69:45:5e:c8:f8:0c:b7:f8:c0:8f:99:c1:

260
 *     e5:28:9b:f9:4c:94:c6:b1

261
 * prime1:

262
 *     00:e7:35:00:62:17:66:a2:7c:48:3a:cd:b2:4e:38:

263
 *     2e:e1:7b:90:87:01:d9:05:c5:2c:56:54:55:47:2f:

264
 *     a1:1f:5d:fa:9d:2d:59:14:a2:13:1b:81:9b:fe:5f:

265
 *     1c:88:79:4d:9b:88:e1:31:4a:0e:3d:29:db:37:14:

266
 *     e2:a0:4d:ab:b5

267
 * prime2:

268
 *     00:d0:17:75:85:a8:fa:42:e0:a8:f0:8d:00:5e:6d:

269
 *     96:3b:e3:0c:4d:93:13:be:d1:c3:fd:b1:a3:28:d3:

270
 *     3e:7d:3e:08:f2:b2:98:9d:04:57:d5:a7:07:76:a4:

271
 *     bd:5f:1d:ab:34:9a:99:82:43:26:a4:44:88:74:f4:

272
 *     76:7d:ce:32:8f

273
 * exponent1:

274
 *     2c:57:8c:e8:43:26:aa:f8:fc:fd:52:1f:e5:42:7f:

275
 *     33:3d:78:7d:7c:0c:3c:40:11:7d:c9:14:c5:df:4b:

276
 *     9e:71:6e:b4:20:53:5a:52:af:29:72:55:11:96:fa:

277
 *     28:ee:62:c4:f6:9e:81:ce:7b:26:9d:d5:6e:1d:f2:

278
 *     4c:de:38:95

279
 * exponent2:

280
 *     0c:3f:f5:49:23:03:68:80:75:31:83:fb:6b:93:a3:

281
 *     ee:6e:95:40:d3:d1:ab:c0:09:7b:9b:c3:71:19:ce:

282
 *     69:ed:06:f5:d2:91:ad:5c:9e:17:13:b8:1a:c1:e3:

283
 *     eb:ff:81:1e:9d:a3:3f:c9:d8:32:7f:5e:51:14:3b:

284
 *     0d:78:df:fd

285
 * coefficient:

286
 *     01:0c:cc:95:69:ca:19:23:bc:a7:24:c3:b6:74:31:

287
 *     de:14:4c:a1:49:0e:12:19:8d:ab:86:d0:84:b9:18:

288
 *     aa:d9:d8:15:ca:a9:51:0d:aa:32:35:be:36:23:56:

289
 *     93:91:e7:4e:b3:12:dc:bf:44:74:9a:1b:31:4c:da:

290
 *     35:92:f2:e3

291
 *

292
 * client certificate:

293
 * Data:

294
 *     Version: 3 (0x2)

295
 *     Serial Number: 6 (0x6)

296
 *     Signature Algorithm: md5WithRSAEncryption

297
 *     Issuer: C=US, ST=Some-State, L=Some-City, O=Some-Org

298
 *     Validity

299
 *         Not Before: Dec  8 03:27:34 2008 GMT

300
 *         Not After : Aug 25 03:27:34 2028 GMT

301
 *     Subject: C=US, ST=Some-State, L=Some-City, O=Some-Org, OU=SSL-Client, CN=localhost

302
 *     Subject Public Key Info:

303
 *         Public Key Algorithm: rsaEncryption

304
 *         RSA Public Key: (1024 bit)

305
 *             Modulus (1024 bit):

306
 *                 00:bb:f0:40:36:ac:26:54:4e:f4:a3:5a:00:2f:69:

307
 *                 21:6f:b9:7a:3a:93:ec:a2:f6:e1:8e:c7:63:d8:2f:

308
 *                 12:30:99:2e:b0:f2:8f:f8:27:2d:24:78:28:84:f7:

309
 *                 01:bf:8d:44:79:dd:3b:d2:55:f3:ce:3c:b2:5b:21:

310
 *                 7d:ef:fd:33:4a:b1:a3:ff:c6:c8:9b:b9:0f:7c:41:

311
 *                 35:97:f9:db:3a:05:60:05:15:af:59:17:92:a3:10:

312
 *                 ad:16:1c:e4:07:53:af:a8:76:a2:56:2a:92:d3:f9:

313
 *                 28:e0:78:cf:5e:1f:48:ab:5c:19:dd:e1:67:43:ba:

314
 *                 75:8d:f5:82:ac:43:92:44:1b

315
 *             Exponent: 65537 (0x10001)

316
 *     X509v3 extensions:

317
 *         X509v3 Basic Constraints:

318
 *             CA:FALSE

319
 *         X509v3 Key Usage:

320
 *             Digital Signature, Non Repudiation, Key Encipherment

321
 *         X509v3 Subject Key Identifier:

322
 *             CD:BB:C8:85:AA:91:BD:FD:1D:BE:CD:67:7C:FF:B3:E9:4C:A8:22:E6

323
 *         X509v3 Authority Key Identifier:

324
 *             keyid:FA:B9:51:BF:4C:E7:D9:86:98:33:F9:E7:CB:1E:F1:33:49:F7:A8:14

325
 *

326
 *         X509v3 Subject Alternative Name: critical

327
 *             IP Address:127.0.0.1

328
 * Signature Algorithm: md5WithRSAEncryption

329
 *

330
 * -----BEGIN CERTIFICATE-----

331
 * MIICnzCCAgigAwIBAgIBBjANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET

332
 * MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK

333
 * EwhTb21lLU9yZzAeFw0wODEyMDgwMzI3MzRaFw0yODA4MjUwMzI3MzRaMHIxCzAJ

334
 * BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp

335
 * dHkxETAPBgNVBAoTCFNvbWUtT3JnMRMwEQYDVQQLEwpTU0wtQ2xpZW50MRIwEAYD

336
 * VQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALvwQDas

337
 * JlRO9KNaAC9pIW+5ejqT7KL24Y7HY9gvEjCZLrDyj/gnLSR4KIT3Ab+NRHndO9JV

338
 * 8848slshfe/9M0qxo//GyJu5D3xBNZf52zoFYAUVr1kXkqMQrRYc5AdTr6h2olYq

339
 * ktP5KOB4z14fSKtcGd3hZ0O6dY31gqxDkkQbAgMBAAGjbjBsMAkGA1UdEwQCMAAw

340
 * CwYDVR0PBAQDAgXgMB0GA1UdDgQWBBTNu8iFqpG9/R2+zWd8/7PpTKgi5jAfBgNV

341
 * HSMEGDAWgBT6uVG/TOfZhpgz+efLHvEzSfeoFDASBgNVHREBAf8ECDAGhwR/AAAB

342
 * MA0GCSqGSIb3DQEBBAUAA4GBACjj9PS+W6XOF7toFMwMOv/AemZeBOpcEF1Ei1Hx

343
 * HjvB6EOHkMY8tFm5OPzkiWiK3+s3awpSW0jWdzMYwrQJ3/klMsPDpI7PEuirqwHP

344
 * i5Wyl/vk7jmfWVcBO9MVhPUo4BYl4vS9aj6JA5QbkbkB95LOgT/BowY0WmHeVsXC

345
 * I9aw

346
 * -----END CERTIFICATE-----

347
 *

348
 *

349
 *

350
 * Trusted CA certificate:

351
 * Certificate:

352
 *   Data:

353
 *     Version: 3 (0x2)

354
 *     Serial Number: 0 (0x0)

355
 *     Signature Algorithm: md5WithRSAEncryption

356
 *     Issuer: C=US, ST=Some-State, L=Some-City, O=Some-Org

357
 *     Validity

358
 *         Not Before: Dec  8 02:43:36 2008 GMT

359
 *         Not After : Aug 25 02:43:36 2028 GMT

360
 *     Subject: C=US, ST=Some-State, L=Some-City, O=Some-Org

361
 *     Subject Public Key Info:

362
 *         Public Key Algorithm: rsaEncryption

363
 *         RSA Public Key: (1024 bit)

364
 *             Modulus (1024 bit):

365
 *                 00:cb:c4:38:20:07:be:88:a7:93:b0:a1:43:51:2d:

366
 *                 d7:8e:85:af:54:dd:ad:a2:7b:23:5b:cf:99:13:53:

367
 *                 99:45:7d:ee:6d:ba:2d:bf:e3:ad:6e:3d:9f:1a:f9:

368
 *                 03:97:e0:17:55:ae:11:26:57:de:01:29:8e:05:3f:

369
 *                 21:f7:e7:36:e8:2e:37:d7:48:ac:53:d6:60:0e:c7:

370
 *                 50:6d:f6:c5:85:f7:8b:a6:c5:91:35:72:3c:94:ee:

371
 *                 f1:17:f0:71:e3:ec:1b:ce:ca:4e:40:42:b0:6d:ee:

372
 *                 6a:0e:d6:e5:ad:3c:0f:c9:ba:82:4f:78:f8:89:97:

373
 *                 89:2a:95:12:4c:d8:09:2a:e9

374
 *             Exponent: 65537 (0x10001)

375
 *     X509v3 extensions:

376
 *         X509v3 Subject Key Identifier:

377
 *             FA:B9:51:BF:4C:E7:D9:86:98:33:F9:E7:CB:1E:F1:33:49:F7:A8:14

378
 *         X509v3 Authority Key Identifier:

379
 *             keyid:FA:B9:51:BF:4C:E7:D9:86:98:33:F9:E7:CB:1E:F1:33:49:F7:A8:14

380
 *             DirName:/C=US/ST=Some-State/L=Some-City/O=Some-Org

381
 *             serial:00

382
 *

383
 *         X509v3 Basic Constraints:

384
 *             CA:TRUE

385
 *  Signature Algorithm: md5WithRSAEncryption

386
 *

387
 * -----BEGIN CERTIFICATE-----

388
 * MIICrDCCAhWgAwIBAgIBADANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET

389
 * MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK

390
 * EwhTb21lLU9yZzAeFw0wODEyMDgwMjQzMzZaFw0yODA4MjUwMjQzMzZaMEkxCzAJ

391
 * BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp

392
 * dHkxETAPBgNVBAoTCFNvbWUtT3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB

393
 * gQDLxDggB76Ip5OwoUNRLdeOha9U3a2ieyNbz5kTU5lFfe5tui2/461uPZ8a+QOX

394
 * 4BdVrhEmV94BKY4FPyH35zboLjfXSKxT1mAOx1Bt9sWF94umxZE1cjyU7vEX8HHj

395
 * 7BvOyk5AQrBt7moO1uWtPA/JuoJPePiJl4kqlRJM2Akq6QIDAQABo4GjMIGgMB0G

396
 * A1UdDgQWBBT6uVG/TOfZhpgz+efLHvEzSfeoFDBxBgNVHSMEajBogBT6uVG/TOfZ

397
 * hpgz+efLHvEzSfeoFKFNpEswSTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUt

398
 * U3RhdGUxEjAQBgNVBAcTCVNvbWUtQ2l0eTERMA8GA1UEChMIU29tZS1PcmeCAQAw

399
 * DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQBcIm534U123Hz+rtyYO5uA

400
 * ofd81G6FnTfEAV8Kw9fGyyEbQZclBv34A9JsFKeMvU4OFIaixD7nLZ/NZ+IWbhmZ

401
 * LovmJXyCkOufea73pNiZ+f/4/ScZaIlM/PRycQSqbFNd4j9Wott+08qxHPLpsf3P

402
 * 6Mvf0r1PNTY2hwTJLJmKtg==

403
 * -----END CERTIFICATE---

404
 */

405


406


407
public class IPAddressIPIdentities {

408
    static Map cookies;

409
    ServerSocket ss;

410


411
    /*

412
     * =============================================================

413
     * Set the various variables needed for the tests, then

414
     * specify what tests to run on each side.

415
     */

416


417
    /*

418
     * Should we run the client or server in a separate thread?

419
     * Both sides can throw exceptions, but do you have a preference

420
     * as to which side should be the main thread.

421
     */

422
    static boolean separateServerThread = true;

423


424
    /*

425
     * Where do we find the keystores?

426
     */

427
    static String trusedCertStr =

428
        "-----BEGIN CERTIFICATE-----\n" +

429
        "MIICrDCCAhWgAwIBAgIBADANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET\n" +

430
        "MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK\n" +

431
        "EwhTb21lLU9yZzAeFw0wODEyMDgwMjQzMzZaFw0yODA4MjUwMjQzMzZaMEkxCzAJ\n" +

432
        "BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp\n" +

433
        "dHkxETAPBgNVBAoTCFNvbWUtT3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB\n" +

434
        "gQDLxDggB76Ip5OwoUNRLdeOha9U3a2ieyNbz5kTU5lFfe5tui2/461uPZ8a+QOX\n" +

435
        "4BdVrhEmV94BKY4FPyH35zboLjfXSKxT1mAOx1Bt9sWF94umxZE1cjyU7vEX8HHj\n" +

436
        "7BvOyk5AQrBt7moO1uWtPA/JuoJPePiJl4kqlRJM2Akq6QIDAQABo4GjMIGgMB0G\n" +

437
        "A1UdDgQWBBT6uVG/TOfZhpgz+efLHvEzSfeoFDBxBgNVHSMEajBogBT6uVG/TOfZ\n" +

438
        "hpgz+efLHvEzSfeoFKFNpEswSTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUt\n" +

439
        "U3RhdGUxEjAQBgNVBAcTCVNvbWUtQ2l0eTERMA8GA1UEChMIU29tZS1PcmeCAQAw\n" +

440
        "DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQBcIm534U123Hz+rtyYO5uA\n" +

441
        "ofd81G6FnTfEAV8Kw9fGyyEbQZclBv34A9JsFKeMvU4OFIaixD7nLZ/NZ+IWbhmZ\n" +

442
        "LovmJXyCkOufea73pNiZ+f/4/ScZaIlM/PRycQSqbFNd4j9Wott+08qxHPLpsf3P\n" +

443
        "6Mvf0r1PNTY2hwTJLJmKtg==\n" +

444
        "-----END CERTIFICATE-----";

445


446
    static String serverCertStr =

447
        "-----BEGIN CERTIFICATE-----\n" +

448
        "MIICnzCCAgigAwIBAgIBBzANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET\n" +

449
        "MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK\n" +

450
        "EwhTb21lLU9yZzAeFw0wODEyMDgwMzI3NTdaFw0yODA4MjUwMzI3NTdaMHIxCzAJ\n" +

451
        "BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp\n" +

452
        "dHkxETAPBgNVBAoTCFNvbWUtT3JnMRMwEQYDVQQLEwpTU0wtU2VydmVyMRIwEAYD\n" +

453
        "VQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKWsWxw3\n" +

454
        "ot2ZiS2yebiP1Uil5xyEF41pnMasbfnyHR85GdrTch5u7ETMcKTcugAw9qBPPVR6\n" +

455
        "YWrMV9AKf5UoGD+a2ZTyG8gkiH7+nQ89+1dTCLMgM9Q/F0cU0c3qCNgOdU6vvszS\n" +

456
        "7K+peknfwtmsuCRAkKYDVirQMAVALE+r2XSJAgMBAAGjbjBsMAkGA1UdEwQCMAAw\n" +

457
        "CwYDVR0PBAQDAgXgMB0GA1UdDgQWBBTtbtv0tVbI+xoGYT8PCLumBNgWVDAfBgNV\n" +

458
        "HSMEGDAWgBT6uVG/TOfZhpgz+efLHvEzSfeoFDASBgNVHREBAf8ECDAGhwR/AAAB\n" +

459
        "MA0GCSqGSIb3DQEBBAUAA4GBAFJjItCtCBZcjD69wdqfIbKmRFa6eJAjR6LcoDva\n" +

460
        "cKC/sDOLelpspiZ66Zb0Xdv5qQ7QrfOXt3K8QqJKRMdZLF9WfUfy0gJDM32ub91h\n" +

461
        "pu+TmcGPs+6RdrAQcuvU1ZDV9X8SMj7BtKaim4d5sqFw1npncKiA5xFn8vOYwdun\n" +

462
        "nZif\n" +

463
        "-----END CERTIFICATE-----";

464


465
    static String clientCertStr =

466
        "-----BEGIN CERTIFICATE-----\n" +

467
        "MIICnzCCAgigAwIBAgIBBjANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET\n" +

468
        "MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK\n" +

469
        "EwhTb21lLU9yZzAeFw0wODEyMDgwMzI3MzRaFw0yODA4MjUwMzI3MzRaMHIxCzAJ\n" +

470
        "BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp\n" +

471
        "dHkxETAPBgNVBAoTCFNvbWUtT3JnMRMwEQYDVQQLEwpTU0wtQ2xpZW50MRIwEAYD\n" +

472
        "VQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALvwQDas\n" +

473
        "JlRO9KNaAC9pIW+5ejqT7KL24Y7HY9gvEjCZLrDyj/gnLSR4KIT3Ab+NRHndO9JV\n" +

474
        "8848slshfe/9M0qxo//GyJu5D3xBNZf52zoFYAUVr1kXkqMQrRYc5AdTr6h2olYq\n" +

475
        "ktP5KOB4z14fSKtcGd3hZ0O6dY31gqxDkkQbAgMBAAGjbjBsMAkGA1UdEwQCMAAw\n" +

476
        "CwYDVR0PBAQDAgXgMB0GA1UdDgQWBBTNu8iFqpG9/R2+zWd8/7PpTKgi5jAfBgNV\n" +

477
        "HSMEGDAWgBT6uVG/TOfZhpgz+efLHvEzSfeoFDASBgNVHREBAf8ECDAGhwR/AAAB\n" +

478
        "MA0GCSqGSIb3DQEBBAUAA4GBACjj9PS+W6XOF7toFMwMOv/AemZeBOpcEF1Ei1Hx\n" +

479
        "HjvB6EOHkMY8tFm5OPzkiWiK3+s3awpSW0jWdzMYwrQJ3/klMsPDpI7PEuirqwHP\n" +

480
        "i5Wyl/vk7jmfWVcBO9MVhPUo4BYl4vS9aj6JA5QbkbkB95LOgT/BowY0WmHeVsXC\n" +

481
        "I9aw\n" +

482
        "-----END CERTIFICATE-----";

483


484


485
    static byte serverPrivateExponent[] = {

486
        (byte)0x6e, (byte)0xa7, (byte)0x1b, (byte)0x83,

487
        (byte)0x51, (byte)0x35, (byte)0x9a, (byte)0x44,

488
        (byte)0x7d, (byte)0xf6, (byte)0xe3, (byte)0x89,

489
        (byte)0xa0, (byte)0xd7, (byte)0x90, (byte)0x60,

490
        (byte)0xa1, (byte)0x4e, (byte)0x27, (byte)0x21,

491
        (byte)0xa2, (byte)0x89, (byte)0x74, (byte)0xcc,

492
        (byte)0x9d, (byte)0x75, (byte)0x75, (byte)0x4e,

493
        (byte)0xc7, (byte)0x82, (byte)0xe3, (byte)0xe3,

494
        (byte)0xc3, (byte)0x7d, (byte)0x00, (byte)0x54,

495
        (byte)0xec, (byte)0x36, (byte)0xb1, (byte)0xdf,

496
        (byte)0x91, (byte)0x9c, (byte)0x7a, (byte)0xc0,

497
        (byte)0x62, (byte)0x0a, (byte)0xd6, (byte)0xa9,

498
        (byte)0x22, (byte)0x91, (byte)0x4a, (byte)0x29,

499
        (byte)0x2e, (byte)0x43, (byte)0xfa, (byte)0x8c,

500
        (byte)0xd8, (byte)0xe9, (byte)0xbe, (byte)0xd9,

501
        (byte)0x4f, (byte)0xca, (byte)0x23, (byte)0xc6,

502
        (byte)0xe4, (byte)0x3f, (byte)0xb8, (byte)0x72,

503
        (byte)0xcf, (byte)0x02, (byte)0xfc, (byte)0xf4,

504
        (byte)0x58, (byte)0x34, (byte)0x77, (byte)0x76,

505
        (byte)0xce, (byte)0x22, (byte)0x44, (byte)0x5f,

506
        (byte)0x2d, (byte)0xca, (byte)0xee, (byte)0xf5,

507
        (byte)0x43, (byte)0x56, (byte)0x47, (byte)0x71,

508
        (byte)0x0b, (byte)0x09, (byte)0x6b, (byte)0x5e,

509
        (byte)0xf2, (byte)0xc8, (byte)0xee, (byte)0xd4,

510
        (byte)0x6e, (byte)0x44, (byte)0x92, (byte)0x2a,

511
        (byte)0x7f, (byte)0xcc, (byte)0xa7, (byte)0xd4,

512
        (byte)0x5b, (byte)0xfb, (byte)0xf7, (byte)0x4a,

513
        (byte)0xa9, (byte)0xfb, (byte)0x54, (byte)0x18,

514
        (byte)0xd5, (byte)0xd5, (byte)0x14, (byte)0xba,

515
        (byte)0xa0, (byte)0x1c, (byte)0x13, (byte)0xb3,

516
        (byte)0x37, (byte)0x6b, (byte)0x37, (byte)0x59,

517
        (byte)0xed, (byte)0xdb, (byte)0x6d, (byte)0xb1

518
    };

519


520
    static byte serverModulus[] = {

521
        (byte)0x00,

522
        (byte)0xa5, (byte)0xac, (byte)0x5b, (byte)0x1c,

523
        (byte)0x37, (byte)0xa2, (byte)0xdd, (byte)0x99,

524
        (byte)0x89, (byte)0x2d, (byte)0xb2, (byte)0x79,

525
        (byte)0xb8, (byte)0x8f, (byte)0xd5, (byte)0x48,

526
        (byte)0xa5, (byte)0xe7, (byte)0x1c, (byte)0x84,

527
        (byte)0x17, (byte)0x8d, (byte)0x69, (byte)0x9c,

528
        (byte)0xc6, (byte)0xac, (byte)0x6d, (byte)0xf9,

529
        (byte)0xf2, (byte)0x1d, (byte)0x1f, (byte)0x39,

530
        (byte)0x19, (byte)0xda, (byte)0xd3, (byte)0x72,

531
        (byte)0x1e, (byte)0x6e, (byte)0xec, (byte)0x44,

532
        (byte)0xcc, (byte)0x70, (byte)0xa4, (byte)0xdc,

533
        (byte)0xba, (byte)0x00, (byte)0x30, (byte)0xf6,

534
        (byte)0xa0, (byte)0x4f, (byte)0x3d, (byte)0x54,

535
        (byte)0x7a, (byte)0x61, (byte)0x6a, (byte)0xcc,

536
        (byte)0x57, (byte)0xd0, (byte)0x0a, (byte)0x7f,

537
        (byte)0x95, (byte)0x28, (byte)0x18, (byte)0x3f,

538
        (byte)0x9a, (byte)0xd9, (byte)0x94, (byte)0xf2,

539
        (byte)0x1b, (byte)0xc8, (byte)0x24, (byte)0x88,

540
        (byte)0x7e, (byte)0xfe, (byte)0x9d, (byte)0x0f,

541
        (byte)0x3d, (byte)0xfb, (byte)0x57, (byte)0x53,

542
        (byte)0x08, (byte)0xb3, (byte)0x20, (byte)0x33,

543
        (byte)0xd4, (byte)0x3f, (byte)0x17, (byte)0x47,

544
        (byte)0x14, (byte)0xd1, (byte)0xcd, (byte)0xea,

545
        (byte)0x08, (byte)0xd8, (byte)0x0e, (byte)0x75,

546
        (byte)0x4e, (byte)0xaf, (byte)0xbe, (byte)0xcc,

547
        (byte)0xd2, (byte)0xec, (byte)0xaf, (byte)0xa9,

548
        (byte)0x7a, (byte)0x49, (byte)0xdf, (byte)0xc2,

549
        (byte)0xd9, (byte)0xac, (byte)0xb8, (byte)0x24,

550
        (byte)0x40, (byte)0x90, (byte)0xa6, (byte)0x03,

551
        (byte)0x56, (byte)0x2a, (byte)0xd0, (byte)0x30,

552
        (byte)0x05, (byte)0x40, (byte)0x2c, (byte)0x4f,

553
        (byte)0xab, (byte)0xd9, (byte)0x74, (byte)0x89

554
    };

555


556
    static byte clientPrivateExponent[] = {

557
        (byte)0x11, (byte)0xb7, (byte)0x6a, (byte)0x36,

558
        (byte)0x3d, (byte)0x30, (byte)0x37, (byte)0xce,

559
        (byte)0x61, (byte)0x9d, (byte)0x6c, (byte)0x84,

560
        (byte)0x8b, (byte)0xf3, (byte)0x9b, (byte)0x25,

561
        (byte)0x4f, (byte)0x14, (byte)0xc8, (byte)0xa4,

562
        (byte)0xdd, (byte)0x2f, (byte)0xd7, (byte)0x9a,

563
        (byte)0x17, (byte)0xbd, (byte)0x90, (byte)0x19,

564
        (byte)0xf7, (byte)0x05, (byte)0xfd, (byte)0xf2,

565
        (byte)0xd2, (byte)0xc5, (byte)0xf7, (byte)0x77,

566
        (byte)0xbe, (byte)0xea, (byte)0xe2, (byte)0x84,

567
        (byte)0x87, (byte)0x97, (byte)0x3a, (byte)0x41,

568
        (byte)0x96, (byte)0xb6, (byte)0x99, (byte)0xf8,

569
        (byte)0x94, (byte)0x8c, (byte)0x58, (byte)0x71,

570
        (byte)0x51, (byte)0x8c, (byte)0xf4, (byte)0x2a,

571
        (byte)0x20, (byte)0x9e, (byte)0x1a, (byte)0xa0,

572
        (byte)0x26, (byte)0x99, (byte)0x75, (byte)0xd6,

573
        (byte)0x31, (byte)0x53, (byte)0x43, (byte)0x39,

574
        (byte)0xf5, (byte)0x2a, (byte)0xa6, (byte)0x7e,

575
        (byte)0x34, (byte)0x42, (byte)0x51, (byte)0x2a,

576
        (byte)0x40, (byte)0x87, (byte)0x03, (byte)0x88,

577
        (byte)0x43, (byte)0x69, (byte)0xb2, (byte)0x89,

578
        (byte)0x6d, (byte)0x20, (byte)0xbd, (byte)0x7d,

579
        (byte)0x71, (byte)0xef, (byte)0x47, (byte)0x0a,

580
        (byte)0xdf, (byte)0x06, (byte)0xc1, (byte)0x69,

581
        (byte)0x66, (byte)0xa8, (byte)0x22, (byte)0x37,

582
        (byte)0x1a, (byte)0x77, (byte)0x1e, (byte)0xc7,

583
        (byte)0x94, (byte)0x4e, (byte)0x2c, (byte)0x27,

584
        (byte)0x69, (byte)0x45, (byte)0x5e, (byte)0xc8,

585
        (byte)0xf8, (byte)0x0c, (byte)0xb7, (byte)0xf8,

586
        (byte)0xc0, (byte)0x8f, (byte)0x99, (byte)0xc1,

587
        (byte)0xe5, (byte)0x28, (byte)0x9b, (byte)0xf9,

588
        (byte)0x4c, (byte)0x94, (byte)0xc6, (byte)0xb1

589
    };

590


591
    static byte clientModulus[] = {

592
        (byte)0x00,

593
        (byte)0xbb, (byte)0xf0, (byte)0x40, (byte)0x36,

594
        (byte)0xac, (byte)0x26, (byte)0x54, (byte)0x4e,

595
        (byte)0xf4, (byte)0xa3, (byte)0x5a, (byte)0x00,

596
        (byte)0x2f, (byte)0x69, (byte)0x21, (byte)0x6f,

597
        (byte)0xb9, (byte)0x7a, (byte)0x3a, (byte)0x93,

598
        (byte)0xec, (byte)0xa2, (byte)0xf6, (byte)0xe1,

599
        (byte)0x8e, (byte)0xc7, (byte)0x63, (byte)0xd8,

600
        (byte)0x2f, (byte)0x12, (byte)0x30, (byte)0x99,

601
        (byte)0x2e, (byte)0xb0, (byte)0xf2, (byte)0x8f,

602
        (byte)0xf8, (byte)0x27, (byte)0x2d, (byte)0x24,

603
        (byte)0x78, (byte)0x28, (byte)0x84, (byte)0xf7,

604
        (byte)0x01, (byte)0xbf, (byte)0x8d, (byte)0x44,

605
        (byte)0x79, (byte)0xdd, (byte)0x3b, (byte)0xd2,

606
        (byte)0x55, (byte)0xf3, (byte)0xce, (byte)0x3c,

607
        (byte)0xb2, (byte)0x5b, (byte)0x21, (byte)0x7d,

608
        (byte)0xef, (byte)0xfd, (byte)0x33, (byte)0x4a,

609
        (byte)0xb1, (byte)0xa3, (byte)0xff, (byte)0xc6,

610
        (byte)0xc8, (byte)0x9b, (byte)0xb9, (byte)0x0f,

611
        (byte)0x7c, (byte)0x41, (byte)0x35, (byte)0x97,

612
        (byte)0xf9, (byte)0xdb, (byte)0x3a, (byte)0x05,

613
        (byte)0x60, (byte)0x05, (byte)0x15, (byte)0xaf,

614
        (byte)0x59, (byte)0x17, (byte)0x92, (byte)0xa3,

615
        (byte)0x10, (byte)0xad, (byte)0x16, (byte)0x1c,

616
        (byte)0xe4, (byte)0x07, (byte)0x53, (byte)0xaf,

617
        (byte)0xa8, (byte)0x76, (byte)0xa2, (byte)0x56,

618
        (byte)0x2a, (byte)0x92, (byte)0xd3, (byte)0xf9,

619
        (byte)0x28, (byte)0xe0, (byte)0x78, (byte)0xcf,

620
        (byte)0x5e, (byte)0x1f, (byte)0x48, (byte)0xab,

621
        (byte)0x5c, (byte)0x19, (byte)0xdd, (byte)0xe1,

622
        (byte)0x67, (byte)0x43, (byte)0xba, (byte)0x75,

623
        (byte)0x8d, (byte)0xf5, (byte)0x82, (byte)0xac,

624
        (byte)0x43, (byte)0x92, (byte)0x44, (byte)0x1b

625
    };

626


627
    static char passphrase[] = "passphrase".toCharArray();

628


629
    /*

630
     * Is the server ready to serve?

631
     */

632
    volatile static boolean serverReady = false;

633


634
    /*

635
     * Is the connection ready to close?

636
     */

637
    volatile static boolean closeReady = false;

638


639
    /*

640
     * Turn on SSL debugging?

641
     */

642
    static boolean debug = false;

643


644
    private SSLServerSocket sslServerSocket = null;

645


646
    /*

647
     * Define the server side of the test.

648
     *

649
     * If the server prematurely exits, serverReady will be set to true

650
     * to avoid infinite hangs.

651
     */

652
    void doServerSide() throws Exception {

653
        SSLContext context = getSSLContext(trusedCertStr, serverCertStr,

654
            serverModulus, serverPrivateExponent, passphrase);

655
        SSLServerSocketFactory sslssf = context.getServerSocketFactory();

656


657
        // doClientSide() connects to the loopback address

658
        InetAddress loopback = InetAddress.getLoopbackAddress();

659
        InetSocketAddress address = new InetSocketAddress(loopback, serverPort);

660


661
        sslServerSocket =

662
            (SSLServerSocket) sslssf.createServerSocket();

663
        sslServerSocket.bind(address);

664
        serverPort = sslServerSocket.getLocalPort();

665


666
        /*

667
         * Signal Client, we're ready for his connect.

668
         */

669
        serverReady = true;

670


671
        SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();

672
        sslSocket.setNeedClientAuth(true);

673


674
        PrintStream out =

675
                new PrintStream(sslSocket.getOutputStream());

676


677
        try {

678
            // ignore request data

679


680
            // send the response

681
            out.print("HTTP/1.1 200 OK\r\n");

682
            out.print("Content-Type: text/html; charset=iso-8859-1\r\n");

683
            out.print("Content-Length: "+ 9 +"\r\n");

684
            out.print("\r\n");

685
            out.print("Testing\r\n");

686
            out.flush();

687
        } finally {

688
             // close the socket

689
             while (!closeReady) {

690
                 Thread.sleep(50);

691
             }

692


693
             System.out.println("Server closing socket");

694
             sslSocket.close();

695
             serverReady = false;

696
        }

697


698
    }

699


700
    /*

701
     * Define the client side of the test.

702
     *

703
     * If the server prematurely exits, serverReady will be set to true

704
     * to avoid infinite hangs.

705
     */

706
    void doClientSide() throws Exception {

707
        SSLContext reservedSSLContext = SSLContext.getDefault();

708
        try {

709
            SSLContext context = getSSLContext(trusedCertStr, clientCertStr,

710
                clientModulus, clientPrivateExponent, passphrase);

711


712
            SSLContext.setDefault(context);

713


714
            /*

715
             * Wait for server to get started.

716
             */

717
            while (!serverReady) {

718
                Thread.sleep(50);

719
            }

720


721
            HttpsURLConnection http = null;

722


723
            /* establish http connection to server */

724
            URL url = URIBuilder.newBuilder()

725
                .scheme("https")

726
                .loopback()

727
                .port(serverPort)

728
                .path("/")

729
                .toURL();

730
            System.out.println("url is "+url.toString());

731


732
            try {

733
                http = (HttpsURLConnection)url.openConnection(Proxy.NO_PROXY);

734


735
                int respCode = http.getResponseCode();

736
                System.out.println("respCode = "+respCode);

737
            } finally {

738
                if (http != null) {

739
                    http.disconnect();

740
                }

741
                closeReady = true;

742
            }

743
        } finally {

744
            SSLContext.setDefault(reservedSSLContext);

745
        }

746
    }

747


748
    /*

749
     * =============================================================

750
     * The remainder is just support stuff

751
     */

752


753
    // use any free port by default

754
    volatile int serverPort = 0;

755


756
    volatile Exception serverException = null;

757
    volatile Exception clientException = null;

758


759
    public static void main(String args[]) throws Exception {

760
        // MD5 is used in this test case, don't disable MD5 algorithm.

761
        Security.setProperty("jdk.certpath.disabledAlgorithms",

762
                "MD2, RSA keySize < 1024");

763
        Security.setProperty("jdk.tls.disabledAlgorithms",

764
                "SSLv3, RC4, DH keySize < 768");

765


766
        if (debug)

767
            System.setProperty("javax.net.debug", "all");

768


769
        /*

770
         * Start the tests.

771
         */

772
        new IPAddressIPIdentities();

773
    }

774


775
    Thread clientThread = null;

776
    Thread serverThread = null;

777
    /*

778
     * Primary constructor, used to drive remainder of the test.

779
     *

780
     * Fork off the other side, then do your work.

781
     */

782
    IPAddressIPIdentities() throws Exception {

783
        if (separateServerThread) {

784
            startServer(true);

785
            startClient(false);

786
        } else {

787
            startClient(true);

788
            startServer(false);

789
        }

790


791
        /*

792
         * Wait for other side to close down.

793
         */

794
        if (separateServerThread) {

795
            serverThread.join();

796
        } else {

797
            clientThread.join();

798
        }

799


800
        /*

801
         * When we get here, the test is pretty much over.

802
         *

803
         * If the main thread excepted, that propagates back

804
         * immediately.  If the other thread threw an exception, we

805
         * should report back.

806
         */

807
        if (serverException != null)

808
            throw serverException;

809
        if (clientException != null)

810
            throw clientException;

811
    }

812


813
    void startServer(boolean newThread) throws Exception {

814
        if (newThread) {

815
            serverThread = new Thread() {

816
                public void run() {

817
                    try {

818
                        doServerSide();

819
                    } catch (Exception e) {

820
                        /*

821
                         * Our server thread just died.

822
                         *

823
                         * Release the client, if not active already...

824
                         */

825
                        System.err.println("Server died...");

826
                        serverReady = true;

827
                        serverException = e;

828
                    }

829
                }

830
            };

831
            serverThread.start();

832
        } else {

833
            doServerSide();

834
        }

835
    }

836


837
    void startClient(boolean newThread) throws Exception {

838
        if (newThread) {

839
            clientThread = new Thread() {

840
                public void run() {

841
                    try {

842
                        doClientSide();

843
                    } catch (Exception e) {

844
                        /*

845
                         * Our client thread just died.

846
                         */

847
                        System.err.println("Client died...");

848
                        clientException = e;

849
                    }

850
                }

851
            };

852
            clientThread.start();

853
        } else {

854
            doClientSide();

855
        }

856
    }

857


858
    // get the ssl context

859
    private static SSLContext getSSLContext(String trusedCertStr,

860
            String keyCertStr, byte[] modulus,

861
            byte[] privateExponent, char[] passphrase) throws Exception {

862


863
        // generate certificate from cert string

864
        CertificateFactory cf = CertificateFactory.getInstance("X.509");

865


866
        ByteArrayInputStream is =

867
                    new ByteArrayInputStream(trusedCertStr.getBytes());

868
        Certificate trusedCert = cf.generateCertificate(is);

869
        is.close();

870


871
        // create a key store

872
        KeyStore ks = KeyStore.getInstance("JKS");

873
        ks.load(null, null);

874


875
        // import the trused cert

876
        ks.setCertificateEntry("RSA Export Signer", trusedCert);

877


878
        if (keyCertStr != null) {

879
            // generate the private key.

880
            RSAPrivateKeySpec priKeySpec = new RSAPrivateKeySpec(

881
                                            new BigInteger(modulus),

882
                                            new BigInteger(privateExponent));

883
            KeyFactory kf = KeyFactory.getInstance("RSA");

884
            RSAPrivateKey priKey =

885
                    (RSAPrivateKey)kf.generatePrivate(priKeySpec);

886


887
            // generate certificate chain

888
            is = new ByteArrayInputStream(keyCertStr.getBytes());

889
            Certificate keyCert = cf.generateCertificate(is);

890
            is.close();

891


892
            Certificate[] chain = new Certificate[2];

893
            chain[0] = keyCert;

894
            chain[1] = trusedCert;

895


896
            // import the key entry.

897
            ks.setKeyEntry("Whatever", priKey, passphrase, chain);

898
        }

899


900
        // create SSL context

901
        TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX");

902
        tmf.init(ks);

903


904
        SSLContext ctx = SSLContext.getInstance("TLS");

905


906
        if (keyCertStr != null) {

907
            KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");

908
            kmf.init(ks, passphrase);

909


910
            ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);

911
        } else {

912
            ctx.init(null, tmf.getTrustManagers(), null);

913
        }

914


915
        return ctx;

916
    }

917


918
}

919


920