Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/mobile
 Path: blob/master/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/IPIdentities.java
41161 views
1
/*

2
 * Copyright (c) 2010, 2015, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.

8
 *

9
 * This code is distributed in the hope that it will be useful, but WITHOUT

10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

12
 * version 2 for more details (a copy is included in the LICENSE file that

13
 * accompanied this code).

14
 *

15
 * You should have received a copy of the GNU General Public License version

16
 * 2 along with this work; if not, write to the Free Software Foundation,

17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

18
 *

19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

20
 * or visit www.oracle.com if you need additional information or have any

21
 * questions.

22
 */

23


24
//

25
// SunJSSE does not support dynamic system properties, no way to re-use

26
// system properties in samevm/agentvm mode.

27
//

28


29
/* @test

30
 * @summary X509 certificate hostname checking is broken in JDK1.6.0_10

31
 * @bug 6766775

32
 * @library /test/lib

33
 * @run main/othervm IPIdentities

34
 * @author Xuelei Fan

35
 */

36


37
import java.net.*;

38
import java.util.*;

39
import java.io.*;

40
import javax.net.ssl.*;

41
import java.security.Security;

42
import java.security.KeyStore;

43
import java.security.KeyFactory;

44
import java.security.cert.Certificate;

45
import java.security.cert.CertificateFactory;

46
import java.security.spec.*;

47
import java.security.interfaces.*;

48
import java.math.BigInteger;

49
import jdk.test.lib.net.URIBuilder;

50


51
/*

52
 * Certificates and key used in the test.

53
 *

54
 * TLS server certificate:

55
 * server private key:

56
 * -----BEGIN RSA PRIVATE KEY-----

57
 * Proc-Type: 4,ENCRYPTED

58
 * DEK-Info: DES-EDE3-CBC,D9AE407F6D0E389A

59
 *

60
 * WPrA7TFol/cQCcp9oHnXWNpYlvRbbIcQj0m+RKT2Iuzfus+DHt3Zadf8nJpKfX2e

61
 * h2rnhlzCN9M7djRDooZKDOPCsdBn51Au7HlZF3S3Opgo7D8XFM1a8t1Je4ke14oI

62
 * nw6QKYsBblRziPnP2PZ0zvX24nOv7bbY8beynlJHGs00VWSFdoH2DS0aE1p6D+3n

63
 * ptJuJ75dVfZFK4X7162APlNXevX8D6PEQpSiRw1rjjGGcnvQ4HdWk3BxDVDcCNJb

64
 * Y1aGNRxsjTDvPi3R9Qx2M+W03QzEPx4SR3ZHVskeSJHaetM0TM/w/45Paq4GokXP

65
 * ZeTnbEx1xmjkA7h+t4doLL4watx5F6yLsJzu8xB3lt/1EtmkYtLz1t7X4BetPAXz

66
 * zS69X/VwhKfsOI3qXBWuL2oHPyhDmT1gcaUQwEPSV6ogHEEQEDXdiUS8heNK13KF

67
 * TCQYFkETvV2BLxUhV1hypPzRQ6tUpJiAbD5KmoK2lD9slshG2QtvKQq0/bgkDY5J

68
 * LhDHV2dtcZ3kDPkkZXpbcJQvoeH3d09C5sIsuTFo2zgNR6oETHUc5TzP6FY2YYRa

69
 * QcK5HcmtsRRiXFm01ac+aMejJUIujjFt84SiKWT/73vC8AmY4tYcJBLjCg4XIxSH

70
 * fdDFLL1YZENNO5ivlp8mdiHqcawx+36L7DrEZQ8RZt6cqST5t/+XTdM74s6k81GT

71
 * pNsa82P2K2zmIUZ/DL2mKjW1vfRByw1NQFEBkN3vdyZxYfM/JyUzX4hbjXBEkh9Q

72
 * QYrcwLKLjis2QzSvK04B3bvRzRb+4ocWiso8ZPAXAIxZFBWDpTMM2A==

73
 * -----END RSA PRIVATE KEY-----

74
 *

75
 * -----BEGIN RSA PRIVATE KEY-----

76
 * MIICXAIBAAKBgQClrFscN6LdmYktsnm4j9VIpecchBeNaZzGrG358h0fORna03Ie

77
 * buxEzHCk3LoAMPagTz1UemFqzFfQCn+VKBg/mtmU8hvIJIh+/p0PPftXUwizIDPU

78
 * PxdHFNHN6gjYDnVOr77M0uyvqXpJ38LZrLgkQJCmA1Yq0DAFQCxPq9l0iQIDAQAB

79
 * AoGAbqcbg1E1mkR99uOJoNeQYKFOJyGiiXTMnXV1TseC4+PDfQBU7Dax35GcesBi

80
 * CtapIpFKKS5D+ozY6b7ZT8ojxuQ/uHLPAvz0WDR3ds4iRF8tyu71Q1ZHcQsJa17y

81
 * yO7UbkSSKn/Mp9Rb+/dKqftUGNXVFLqgHBOzN2s3We3bbbECQQDYBPKOg3hkaGHo

82
 * OhpHKqtQ6EVkldihG/3i4WejRonelXN+HRh1KrB2HBx0M8D/qAzP1i3rNSlSHer4

83
 * 59YRTJnHAkEAxFX/sVYSn07BHv9Zhn6XXct/Cj43z/tKNbzlNbcxqQwQerw3IH51

84
 * 8UH2YOA+GD3lXbKp+MytoFLWv8zg4YT/LwJAfqan75Z1R6lLffRS49bIiq8jwE16

85
 * rTrUJ+kv8jKxMqc9B3vXkxpsS1M/+4E8bqgAmvpgAb8xcsvHsBd9ErdukQJBAKs2

86
 * j67W75BrPjBI34pQ1LEfp56IGWXOrq1kF8IbCjxv3+MYRT6Z6UJFkpRymNPNDjsC

87
 * dgUYgITiGJHUGXuw3lMCQHEHqo9ZtXz92yFT+VhsNc29B8m/sqUJdtCcMd/jGpAF

88
 * u6GHufjqIZBpQsk63wbwESAPZZ+kk1O1kS5GIRLX608=

89
 * -----END RSA PRIVATE KEY-----

90
 *

91
 * Private-Key: (1024 bit)

92
 * modulus:

93
 *     00:a5:ac:5b:1c:37:a2:dd:99:89:2d:b2:79:b8:8f:

94
 *     d5:48:a5:e7:1c:84:17:8d:69:9c:c6:ac:6d:f9:f2:

95
 *     1d:1f:39:19:da:d3:72:1e:6e:ec:44:cc:70:a4:dc:

96
 *     ba:00:30:f6:a0:4f:3d:54:7a:61:6a:cc:57:d0:0a:

97
 *     7f:95:28:18:3f:9a:d9:94:f2:1b:c8:24:88:7e:fe:

98
 *     9d:0f:3d:fb:57:53:08:b3:20:33:d4:3f:17:47:14:

99
 *     d1:cd:ea:08:d8:0e:75:4e:af:be:cc:d2:ec:af:a9:

100
 *     7a:49:df:c2:d9:ac:b8:24:40:90:a6:03:56:2a:d0:

101
 *     30:05:40:2c:4f:ab:d9:74:89

102
 * publicExponent: 65537 (0x10001)

103
 * privateExponent:

104
 *     6e:a7:1b:83:51:35:9a:44:7d:f6:e3:89:a0:d7:90:

105
 *     60:a1:4e:27:21:a2:89:74:cc:9d:75:75:4e:c7:82:

106
 *     e3:e3:c3:7d:00:54:ec:36:b1:df:91:9c:7a:c0:62:

107
 *     0a:d6:a9:22:91:4a:29:2e:43:fa:8c:d8:e9:be:d9:

108
 *     4f:ca:23:c6:e4:3f:b8:72:cf:02:fc:f4:58:34:77:

109
 *     76:ce:22:44:5f:2d:ca:ee:f5:43:56:47:71:0b:09:

110
 *     6b:5e:f2:c8:ee:d4:6e:44:92:2a:7f:cc:a7:d4:5b:

111
 *     fb:f7:4a:a9:fb:54:18:d5:d5:14:ba:a0:1c:13:b3:

112
 *     37:6b:37:59:ed:db:6d:b1

113
 * prime1:

114
 *     00:d8:04:f2:8e:83:78:64:68:61:e8:3a:1a:47:2a:

115
 *     ab:50:e8:45:64:95:d8:a1:1b:fd:e2:e1:67:a3:46:

116
 *     89:de:95:73:7e:1d:18:75:2a:b0:76:1c:1c:74:33:

117
 *     c0:ff:a8:0c:cf:d6:2d:eb:35:29:52:1d:ea:f8:e7:

118
 *     d6:11:4c:99:c7

119
 * prime2:

120
 *     00:c4:55:ff:b1:56:12:9f:4e:c1:1e:ff:59:86:7e:

121
 *     97:5d:cb:7f:0a:3e:37:cf:fb:4a:35:bc:e5:35:b7:

122
 *     31:a9:0c:10:7a:bc:37:20:7e:75:f1:41:f6:60:e0:

123
 *     3e:18:3d:e5:5d:b2:a9:f8:cc:ad:a0:52:d6:bf:cc:

124
 *     e0:e1:84:ff:2f

125
 * exponent1:

126
 *     7e:a6:a7:ef:96:75:47:a9:4b:7d:f4:52:e3:d6:c8:

127
 *     8a:af:23:c0:4d:7a:ad:3a:d4:27:e9:2f:f2:32:b1:

128
 *     32:a7:3d:07:7b:d7:93:1a:6c:4b:53:3f:fb:81:3c:

129
 *     6e:a8:00:9a:fa:60:01:bf:31:72:cb:c7:b0:17:7d:

130
 *     12:b7:6e:91

131
 * exponent2:

132
 *     00:ab:36:8f:ae:d6:ef:90:6b:3e:30:48:df:8a:50:

133
 *     d4:b1:1f:a7:9e:88:19:65:ce:ae:ad:64:17:c2:1b:

134
 *     0a:3c:6f:df:e3:18:45:3e:99:e9:42:45:92:94:72:

135
 *     98:d3:cd:0e:3b:02:76:05:18:80:84:e2:18:91:d4:

136
 *     19:7b:b0:de:53

137
 * coefficient:

138
 *     71:07:aa:8f:59:b5:7c:fd:db:21:53:f9:58:6c:35:

139
 *     cd:bd:07:c9:bf:b2:a5:09:76:d0:9c:31:df:e3:1a:

140
 *     90:05:bb:a1:87:b9:f8:ea:21:90:69:42:c9:3a:df:

141
 *     06:f0:11:20:0f:65:9f:a4:93:53:b5:91:2e:46:21:

142
 *     12:d7:eb:4f

143
 *

144
 *

145
 * server certificate:

146
 * Data:

147
 *     Version: 3 (0x2)

148
 *     Serial Number: 7 (0x7)

149
 *     Signature Algorithm: md5WithRSAEncryption

150
 *     Issuer: C=US, ST=Some-State, L=Some-City, O=Some-Org

151
 *     Validity

152
 *         Not Before: Dec  8 03:27:57 2008 GMT

153
 *         Not After : Aug 25 03:27:57 2028 GMT

154
 *     Subject: C=US, ST=Some-State, L=Some-City, O=Some-Org, OU=SSL-Server, CN=localhost

155
 *     Subject Public Key Info:

156
 *         Public Key Algorithm: rsaEncryption

157
 *         RSA Public Key: (1024 bit)

158
 *             Modulus (1024 bit):

159
 *                 00:a5:ac:5b:1c:37:a2:dd:99:89:2d:b2:79:b8:8f:

160
 *                 d5:48:a5:e7:1c:84:17:8d:69:9c:c6:ac:6d:f9:f2:

161
 *                 1d:1f:39:19:da:d3:72:1e:6e:ec:44:cc:70:a4:dc:

162
 *                 ba:00:30:f6:a0:4f:3d:54:7a:61:6a:cc:57:d0:0a:

163
 *                 7f:95:28:18:3f:9a:d9:94:f2:1b:c8:24:88:7e:fe:

164
 *                 9d:0f:3d:fb:57:53:08:b3:20:33:d4:3f:17:47:14:

165
 *                 d1:cd:ea:08:d8:0e:75:4e:af:be:cc:d2:ec:af:a9:

166
 *                 7a:49:df:c2:d9:ac:b8:24:40:90:a6:03:56:2a:d0:

167
 *                 30:05:40:2c:4f:ab:d9:74:89

168
 *             Exponent: 65537 (0x10001)

169
 *     X509v3 extensions:

170
 *         X509v3 Basic Constraints:

171
 *             CA:FALSE

172
 *         X509v3 Key Usage:

173
 *             Digital Signature, Non Repudiation, Key Encipherment

174
 *         X509v3 Subject Key Identifier:

175
 *             ED:6E:DB:F4:B5:56:C8:FB:1A:06:61:3F:0F:08:BB:A6:04:D8:16:54

176
 *         X509v3 Authority Key Identifier:

177
 *             keyid:FA:B9:51:BF:4C:E7:D9:86:98:33:F9:E7:CB:1E:F1:33:49:F7:A8:14

178
 *

179
 *         X509v3 Subject Alternative Name: critical

180
 *             IP Address:127.0.0.1

181
 * Signature Algorithm: md5WithRSAEncryption

182
 *

183
 * -----BEGIN CERTIFICATE-----

184
 * MIICnzCCAgigAwIBAgIBBzANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET

185
 * MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK

186
 * EwhTb21lLU9yZzAeFw0wODEyMDgwMzI3NTdaFw0yODA4MjUwMzI3NTdaMHIxCzAJ

187
 * BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp

188
 * dHkxETAPBgNVBAoTCFNvbWUtT3JnMRMwEQYDVQQLEwpTU0wtU2VydmVyMRIwEAYD

189
 * VQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKWsWxw3

190
 * ot2ZiS2yebiP1Uil5xyEF41pnMasbfnyHR85GdrTch5u7ETMcKTcugAw9qBPPVR6

191
 * YWrMV9AKf5UoGD+a2ZTyG8gkiH7+nQ89+1dTCLMgM9Q/F0cU0c3qCNgOdU6vvszS

192
 * 7K+peknfwtmsuCRAkKYDVirQMAVALE+r2XSJAgMBAAGjbjBsMAkGA1UdEwQCMAAw

193
 * CwYDVR0PBAQDAgXgMB0GA1UdDgQWBBTtbtv0tVbI+xoGYT8PCLumBNgWVDAfBgNV

194
 * HSMEGDAWgBT6uVG/TOfZhpgz+efLHvEzSfeoFDASBgNVHREBAf8ECDAGhwR/AAAB

195
 * MA0GCSqGSIb3DQEBBAUAA4GBAFJjItCtCBZcjD69wdqfIbKmRFa6eJAjR6LcoDva

196
 * cKC/sDOLelpspiZ66Zb0Xdv5qQ7QrfOXt3K8QqJKRMdZLF9WfUfy0gJDM32ub91h

197
 * pu+TmcGPs+6RdrAQcuvU1ZDV9X8SMj7BtKaim4d5sqFw1npncKiA5xFn8vOYwdun

198
 * nZif

199
 * -----END CERTIFICATE-----

200
 *

201
 *

202
 * TLS client certificate:

203
 * client private key:

204
 * ----BEGIN RSA PRIVATE KEY-----

205
 * Proc-Type: 4,ENCRYPTED

206
 * DEK-Info: DES-EDE3-CBC,FA2A435CD35A9390

207
 *

208
 * Z+Y2uaETbsUWIyJUyVu1UV2G4rgFYJyACZT6Tp1KjRtxflSh2kXkJ9MpuXMXA0V4

209
 * Yy3fDzPqCL9NJmQAYRlAx/W/+j4F5EyMWDIx8fUxzONRZyoiwF7jLm+KscAfv6Pf

210
 * q7ItWOdj3z7IYrwlB8YIGd3F2cDKT3S+lYRk7rKb/qT7itbuHnY4Ardh3yl+MZak

211
 * jBp+ELUlRsUqSr1V0LoM+0rCCykarpyfhpxEcqsrl0v9Cyi5uhU50/oKv5zql3SH

212
 * l2ImgDjp3batAs8+Bd4NF2aqi0a7Hy44JUHxRm4caZryU/i/D9N1MbuM6882HLat

213
 * 5N0G+NaIUfywa8mjwq2D5aiit18HqKA6XeRRYeJ5Dvu9DCO4GeFSwcUFIBMI0L46

214
 * 7s114+oDodg57pMgITi+04vmUxvqlN9aiyd7f5Fgd7PeHGeOdbMz1NaJLJaPI9++

215
 * NakK8eK9iwT/Gdq0Uap5/CHW7vCT5PO+h3HY0STH0lWStXhdWnFO04zTdywsbSp+

216
 * DLpHeFT66shfeUlxR0PsCbG9vPRt/QmGLeYQZITppWo/ylSq4j+pRIuXvuWHdBRN

217
 * rTZ8QF4Y7AxQUXVz1j1++s6ZMHTzaK2i9HrhmDs1MbJl+QwWre3Xpv3LvTVz3k5U

218
 * wX8kuY1m3STt71QCaRWENq5sRaMImLxZbxc/ivFl9RAzUqo4NCxLod/QgA4iLqtO

219
 * ztnlpzwlC/F8HbQ1oqYWwnZAPhzU/cULtstl+Yrws2c2atO323LbPXZqbASySgig

220
 * sNpFXQMObdfP6LN23bY+1SvtK7V4NUTNhpdIc6INQAQ=

221
 * -----END RSA PRIVATE KEY-----

222
 *

223
 * -----BEGIN RSA PRIVATE KEY-----

224
 * MIICWwIBAAKBgQC78EA2rCZUTvSjWgAvaSFvuXo6k+yi9uGOx2PYLxIwmS6w8o/4

225
 * Jy0keCiE9wG/jUR53TvSVfPOPLJbIX3v/TNKsaP/xsibuQ98QTWX+ds6BWAFFa9Z

226
 * F5KjEK0WHOQHU6+odqJWKpLT+SjgeM9eH0irXBnd4WdDunWN9YKsQ5JEGwIDAQAB

227
 * AoGAEbdqNj0wN85hnWyEi/ObJU8UyKTdL9eaF72QGfcF/fLSxfd3vurihIeXOkGW

228
 * tpn4lIxYcVGM9CognhqgJpl11jFTQzn1KqZ+NEJRKkCHA4hDabKJbSC9fXHvRwrf

229
 * BsFpZqgiNxp3HseUTiwnaUVeyPgMt/jAj5nB5Sib+UyUxrECQQDnNQBiF2aifEg6

230
 * zbJOOC7he5CHAdkFxSxWVFVHL6EfXfqdLVkUohMbgZv+XxyIeU2biOExSg49Kds3

231
 * FOKgTau1AkEA0Bd1haj6QuCo8I0AXm2WO+MMTZMTvtHD/bGjKNM+fT4I8rKYnQRX

232
 * 1acHdqS9Xx2rNJqZgkMmpESIdPR2fc4yjwJALFeM6EMmqvj8/VIf5UJ/Mz14fXwM

233
 * PEARfckUxd9LnnFutCBTWlKvKXJVEZb6KO5ixPaegc57Jp3Vbh3yTN44lQJADD/1

234
 * SSMDaIB1MYP7a5Oj7m6VQNPRq8AJe5vDcRnOae0G9dKRrVyeFxO4GsHj6/+BHp2j

235
 * P8nYMn9eURQ7DXjf/QJAAQzMlWnKGSO8pyTDtnQx3hRMoUkOEhmNq4bQhLkYqtnY

236
 * FcqpUQ2qMjW+NiNWk5HnTrMS3L9EdJobMUzaNZLy4w==

237
 * -----END RSA PRIVATE KEY-----

238
 *

239
 * Private-Key: (1024 bit)

240
 * modulus:

241
 *     00:bb:f0:40:36:ac:26:54:4e:f4:a3:5a:00:2f:69:

242
 *     21:6f:b9:7a:3a:93:ec:a2:f6:e1:8e:c7:63:d8:2f:

243
 *     12:30:99:2e:b0:f2:8f:f8:27:2d:24:78:28:84:f7:

244
 *     01:bf:8d:44:79:dd:3b:d2:55:f3:ce:3c:b2:5b:21:

245
 *     7d:ef:fd:33:4a:b1:a3:ff:c6:c8:9b:b9:0f:7c:41:

246
 *     35:97:f9:db:3a:05:60:05:15:af:59:17:92:a3:10:

247
 *     ad:16:1c:e4:07:53:af:a8:76:a2:56:2a:92:d3:f9:

248
 *     28:e0:78:cf:5e:1f:48:ab:5c:19:dd:e1:67:43:ba:

249
 *     75:8d:f5:82:ac:43:92:44:1b

250
 * publicExponent: 65537 (0x10001)

251
 * privateExponent:

252
 *     11:b7:6a:36:3d:30:37:ce:61:9d:6c:84:8b:f3:9b:

253
 *     25:4f:14:c8:a4:dd:2f:d7:9a:17:bd:90:19:f7:05:

254
 *     fd:f2:d2:c5:f7:77:be:ea:e2:84:87:97:3a:41:96:

255
 *     b6:99:f8:94:8c:58:71:51:8c:f4:2a:20:9e:1a:a0:

256
 *     26:99:75:d6:31:53:43:39:f5:2a:a6:7e:34:42:51:

257
 *     2a:40:87:03:88:43:69:b2:89:6d:20:bd:7d:71:ef:

258
 *     47:0a:df:06:c1:69:66:a8:22:37:1a:77:1e:c7:94:

259
 *     4e:2c:27:69:45:5e:c8:f8:0c:b7:f8:c0:8f:99:c1:

260
 *     e5:28:9b:f9:4c:94:c6:b1

261
 * prime1:

262
 *     00:e7:35:00:62:17:66:a2:7c:48:3a:cd:b2:4e:38:

263
 *     2e:e1:7b:90:87:01:d9:05:c5:2c:56:54:55:47:2f:

264
 *     a1:1f:5d:fa:9d:2d:59:14:a2:13:1b:81:9b:fe:5f:

265
 *     1c:88:79:4d:9b:88:e1:31:4a:0e:3d:29:db:37:14:

266
 *     e2:a0:4d:ab:b5

267
 * prime2:

268
 *     00:d0:17:75:85:a8:fa:42:e0:a8:f0:8d:00:5e:6d:

269
 *     96:3b:e3:0c:4d:93:13:be:d1:c3:fd:b1:a3:28:d3:

270
 *     3e:7d:3e:08:f2:b2:98:9d:04:57:d5:a7:07:76:a4:

271
 *     bd:5f:1d:ab:34:9a:99:82:43:26:a4:44:88:74:f4:

272
 *     76:7d:ce:32:8f

273
 * exponent1:

274
 *     2c:57:8c:e8:43:26:aa:f8:fc:fd:52:1f:e5:42:7f:

275
 *     33:3d:78:7d:7c:0c:3c:40:11:7d:c9:14:c5:df:4b:

276
 *     9e:71:6e:b4:20:53:5a:52:af:29:72:55:11:96:fa:

277
 *     28:ee:62:c4:f6:9e:81:ce:7b:26:9d:d5:6e:1d:f2:

278
 *     4c:de:38:95

279
 * exponent2:

280
 *     0c:3f:f5:49:23:03:68:80:75:31:83:fb:6b:93:a3:

281
 *     ee:6e:95:40:d3:d1:ab:c0:09:7b:9b:c3:71:19:ce:

282
 *     69:ed:06:f5:d2:91:ad:5c:9e:17:13:b8:1a:c1:e3:

283
 *     eb:ff:81:1e:9d:a3:3f:c9:d8:32:7f:5e:51:14:3b:

284
 *     0d:78:df:fd

285
 * coefficient:

286
 *     01:0c:cc:95:69:ca:19:23:bc:a7:24:c3:b6:74:31:

287
 *     de:14:4c:a1:49:0e:12:19:8d:ab:86:d0:84:b9:18:

288
 *     aa:d9:d8:15:ca:a9:51:0d:aa:32:35:be:36:23:56:

289
 *     93:91:e7:4e:b3:12:dc:bf:44:74:9a:1b:31:4c:da:

290
 *     35:92:f2:e3

291
 *

292
 * client certificate:

293
 * Data:

294
 *     Version: 3 (0x2)

295
 *     Serial Number: 6 (0x6)

296
 *     Signature Algorithm: md5WithRSAEncryption

297
 *     Issuer: C=US, ST=Some-State, L=Some-City, O=Some-Org

298
 *     Validity

299
 *         Not Before: Dec  8 03:27:34 2008 GMT

300
 *         Not After : Aug 25 03:27:34 2028 GMT

301
 *     Subject: C=US, ST=Some-State, L=Some-City, O=Some-Org, OU=SSL-Client, CN=localhost

302
 *     Subject Public Key Info:

303
 *         Public Key Algorithm: rsaEncryption

304
 *         RSA Public Key: (1024 bit)

305
 *             Modulus (1024 bit):

306
 *                 00:bb:f0:40:36:ac:26:54:4e:f4:a3:5a:00:2f:69:

307
 *                 21:6f:b9:7a:3a:93:ec:a2:f6:e1:8e:c7:63:d8:2f:

308
 *                 12:30:99:2e:b0:f2:8f:f8:27:2d:24:78:28:84:f7:

309
 *                 01:bf:8d:44:79:dd:3b:d2:55:f3:ce:3c:b2:5b:21:

310
 *                 7d:ef:fd:33:4a:b1:a3:ff:c6:c8:9b:b9:0f:7c:41:

311
 *                 35:97:f9:db:3a:05:60:05:15:af:59:17:92:a3:10:

312
 *                 ad:16:1c:e4:07:53:af:a8:76:a2:56:2a:92:d3:f9:

313
 *                 28:e0:78:cf:5e:1f:48:ab:5c:19:dd:e1:67:43:ba:

314
 *                 75:8d:f5:82:ac:43:92:44:1b

315
 *             Exponent: 65537 (0x10001)

316
 *     X509v3 extensions:

317
 *         X509v3 Basic Constraints:

318
 *             CA:FALSE

319
 *         X509v3 Key Usage:

320
 *             Digital Signature, Non Repudiation, Key Encipherment

321
 *         X509v3 Subject Key Identifier:

322
 *             CD:BB:C8:85:AA:91:BD:FD:1D:BE:CD:67:7C:FF:B3:E9:4C:A8:22:E6

323
 *         X509v3 Authority Key Identifier:

324
 *             keyid:FA:B9:51:BF:4C:E7:D9:86:98:33:F9:E7:CB:1E:F1:33:49:F7:A8:14

325
 *

326
 *         X509v3 Subject Alternative Name: critical

327
 *             IP Address:127.0.0.1

328
 * Signature Algorithm: md5WithRSAEncryption

329
 *

330
 * -----BEGIN CERTIFICATE-----

331
 * MIICnzCCAgigAwIBAgIBBjANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET

332
 * MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK

333
 * EwhTb21lLU9yZzAeFw0wODEyMDgwMzI3MzRaFw0yODA4MjUwMzI3MzRaMHIxCzAJ

334
 * BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp

335
 * dHkxETAPBgNVBAoTCFNvbWUtT3JnMRMwEQYDVQQLEwpTU0wtQ2xpZW50MRIwEAYD

336
 * VQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALvwQDas

337
 * JlRO9KNaAC9pIW+5ejqT7KL24Y7HY9gvEjCZLrDyj/gnLSR4KIT3Ab+NRHndO9JV

338
 * 8848slshfe/9M0qxo//GyJu5D3xBNZf52zoFYAUVr1kXkqMQrRYc5AdTr6h2olYq

339
 * ktP5KOB4z14fSKtcGd3hZ0O6dY31gqxDkkQbAgMBAAGjbjBsMAkGA1UdEwQCMAAw

340
 * CwYDVR0PBAQDAgXgMB0GA1UdDgQWBBTNu8iFqpG9/R2+zWd8/7PpTKgi5jAfBgNV

341
 * HSMEGDAWgBT6uVG/TOfZhpgz+efLHvEzSfeoFDASBgNVHREBAf8ECDAGhwR/AAAB

342
 * MA0GCSqGSIb3DQEBBAUAA4GBACjj9PS+W6XOF7toFMwMOv/AemZeBOpcEF1Ei1Hx

343
 * HjvB6EOHkMY8tFm5OPzkiWiK3+s3awpSW0jWdzMYwrQJ3/klMsPDpI7PEuirqwHP

344
 * i5Wyl/vk7jmfWVcBO9MVhPUo4BYl4vS9aj6JA5QbkbkB95LOgT/BowY0WmHeVsXC

345
 * I9aw

346
 * -----END CERTIFICATE-----

347
 *

348
 *

349
 *

350
 * Trusted CA certificate:

351
 * Certificate:

352
 *   Data:

353
 *     Version: 3 (0x2)

354
 *     Serial Number: 0 (0x0)

355
 *     Signature Algorithm: md5WithRSAEncryption

356
 *     Issuer: C=US, ST=Some-State, L=Some-City, O=Some-Org

357
 *     Validity

358
 *         Not Before: Dec  8 02:43:36 2008 GMT

359
 *         Not After : Aug 25 02:43:36 2028 GMT

360
 *     Subject: C=US, ST=Some-State, L=Some-City, O=Some-Org

361
 *     Subject Public Key Info:

362
 *         Public Key Algorithm: rsaEncryption

363
 *         RSA Public Key: (1024 bit)

364
 *             Modulus (1024 bit):

365
 *                 00:cb:c4:38:20:07:be:88:a7:93:b0:a1:43:51:2d:

366
 *                 d7:8e:85:af:54:dd:ad:a2:7b:23:5b:cf:99:13:53:

367
 *                 99:45:7d:ee:6d:ba:2d:bf:e3:ad:6e:3d:9f:1a:f9:

368
 *                 03:97:e0:17:55:ae:11:26:57:de:01:29:8e:05:3f:

369
 *                 21:f7:e7:36:e8:2e:37:d7:48:ac:53:d6:60:0e:c7:

370
 *                 50:6d:f6:c5:85:f7:8b:a6:c5:91:35:72:3c:94:ee:

371
 *                 f1:17:f0:71:e3:ec:1b:ce:ca:4e:40:42:b0:6d:ee:

372
 *                 6a:0e:d6:e5:ad:3c:0f:c9:ba:82:4f:78:f8:89:97:

373
 *                 89:2a:95:12:4c:d8:09:2a:e9

374
 *             Exponent: 65537 (0x10001)

375
 *     X509v3 extensions:

376
 *         X509v3 Subject Key Identifier:

377
 *             FA:B9:51:BF:4C:E7:D9:86:98:33:F9:E7:CB:1E:F1:33:49:F7:A8:14

378
 *         X509v3 Authority Key Identifier:

379
 *             keyid:FA:B9:51:BF:4C:E7:D9:86:98:33:F9:E7:CB:1E:F1:33:49:F7:A8:14

380
 *             DirName:/C=US/ST=Some-State/L=Some-City/O=Some-Org

381
 *             serial:00

382
 *

383
 *         X509v3 Basic Constraints:

384
 *             CA:TRUE

385
 *  Signature Algorithm: md5WithRSAEncryption

386
 *

387
 * -----BEGIN CERTIFICATE-----

388
 * MIICrDCCAhWgAwIBAgIBADANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET

389
 * MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK

390
 * EwhTb21lLU9yZzAeFw0wODEyMDgwMjQzMzZaFw0yODA4MjUwMjQzMzZaMEkxCzAJ

391
 * BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp

392
 * dHkxETAPBgNVBAoTCFNvbWUtT3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB

393
 * gQDLxDggB76Ip5OwoUNRLdeOha9U3a2ieyNbz5kTU5lFfe5tui2/461uPZ8a+QOX

394
 * 4BdVrhEmV94BKY4FPyH35zboLjfXSKxT1mAOx1Bt9sWF94umxZE1cjyU7vEX8HHj

395
 * 7BvOyk5AQrBt7moO1uWtPA/JuoJPePiJl4kqlRJM2Akq6QIDAQABo4GjMIGgMB0G

396
 * A1UdDgQWBBT6uVG/TOfZhpgz+efLHvEzSfeoFDBxBgNVHSMEajBogBT6uVG/TOfZ

397
 * hpgz+efLHvEzSfeoFKFNpEswSTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUt

398
 * U3RhdGUxEjAQBgNVBAcTCVNvbWUtQ2l0eTERMA8GA1UEChMIU29tZS1PcmeCAQAw

399
 * DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQBcIm534U123Hz+rtyYO5uA

400
 * ofd81G6FnTfEAV8Kw9fGyyEbQZclBv34A9JsFKeMvU4OFIaixD7nLZ/NZ+IWbhmZ

401
 * LovmJXyCkOufea73pNiZ+f/4/ScZaIlM/PRycQSqbFNd4j9Wott+08qxHPLpsf3P

402
 * 6Mvf0r1PNTY2hwTJLJmKtg==

403
 * -----END CERTIFICATE---

404
 */

405


406


407
public class IPIdentities {

408
    static Map cookies;

409
    ServerSocket ss;

410


411
    /*

412
     * =============================================================

413
     * Set the various variables needed for the tests, then

414
     * specify what tests to run on each side.

415
     */

416


417
    /*

418
     * Should we run the client or server in a separate thread?

419
     * Both sides can throw exceptions, but do you have a preference

420
     * as to which side should be the main thread.

421
     */

422
    static boolean separateServerThread = true;

423


424
    /*

425
     * Where do we find the keystores?

426
     */

427
    static String trusedCertStr =

428
        "-----BEGIN CERTIFICATE-----\n" +

429
        "MIICrDCCAhWgAwIBAgIBADANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET\n" +

430
        "MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK\n" +

431
        "EwhTb21lLU9yZzAeFw0wODEyMDgwMjQzMzZaFw0yODA4MjUwMjQzMzZaMEkxCzAJ\n" +

432
        "BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp\n" +

433
        "dHkxETAPBgNVBAoTCFNvbWUtT3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB\n" +

434
        "gQDLxDggB76Ip5OwoUNRLdeOha9U3a2ieyNbz5kTU5lFfe5tui2/461uPZ8a+QOX\n" +

435
        "4BdVrhEmV94BKY4FPyH35zboLjfXSKxT1mAOx1Bt9sWF94umxZE1cjyU7vEX8HHj\n" +

436
        "7BvOyk5AQrBt7moO1uWtPA/JuoJPePiJl4kqlRJM2Akq6QIDAQABo4GjMIGgMB0G\n" +

437
        "A1UdDgQWBBT6uVG/TOfZhpgz+efLHvEzSfeoFDBxBgNVHSMEajBogBT6uVG/TOfZ\n" +

438
        "hpgz+efLHvEzSfeoFKFNpEswSTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUt\n" +

439
        "U3RhdGUxEjAQBgNVBAcTCVNvbWUtQ2l0eTERMA8GA1UEChMIU29tZS1PcmeCAQAw\n" +

440
        "DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQBcIm534U123Hz+rtyYO5uA\n" +

441
        "ofd81G6FnTfEAV8Kw9fGyyEbQZclBv34A9JsFKeMvU4OFIaixD7nLZ/NZ+IWbhmZ\n" +

442
        "LovmJXyCkOufea73pNiZ+f/4/ScZaIlM/PRycQSqbFNd4j9Wott+08qxHPLpsf3P\n" +

443
        "6Mvf0r1PNTY2hwTJLJmKtg==\n" +

444
        "-----END CERTIFICATE-----";

445


446
    static String serverCertStr =

447
        "-----BEGIN CERTIFICATE-----\n" +

448
        "MIICnzCCAgigAwIBAgIBBzANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET\n" +

449
        "MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK\n" +

450
        "EwhTb21lLU9yZzAeFw0wODEyMDgwMzI3NTdaFw0yODA4MjUwMzI3NTdaMHIxCzAJ\n" +

451
        "BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp\n" +

452
        "dHkxETAPBgNVBAoTCFNvbWUtT3JnMRMwEQYDVQQLEwpTU0wtU2VydmVyMRIwEAYD\n" +

453
        "VQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKWsWxw3\n" +

454
        "ot2ZiS2yebiP1Uil5xyEF41pnMasbfnyHR85GdrTch5u7ETMcKTcugAw9qBPPVR6\n" +

455
        "YWrMV9AKf5UoGD+a2ZTyG8gkiH7+nQ89+1dTCLMgM9Q/F0cU0c3qCNgOdU6vvszS\n" +

456
        "7K+peknfwtmsuCRAkKYDVirQMAVALE+r2XSJAgMBAAGjbjBsMAkGA1UdEwQCMAAw\n" +

457
        "CwYDVR0PBAQDAgXgMB0GA1UdDgQWBBTtbtv0tVbI+xoGYT8PCLumBNgWVDAfBgNV\n" +

458
        "HSMEGDAWgBT6uVG/TOfZhpgz+efLHvEzSfeoFDASBgNVHREBAf8ECDAGhwR/AAAB\n" +

459
        "MA0GCSqGSIb3DQEBBAUAA4GBAFJjItCtCBZcjD69wdqfIbKmRFa6eJAjR6LcoDva\n" +

460
        "cKC/sDOLelpspiZ66Zb0Xdv5qQ7QrfOXt3K8QqJKRMdZLF9WfUfy0gJDM32ub91h\n" +

461
        "pu+TmcGPs+6RdrAQcuvU1ZDV9X8SMj7BtKaim4d5sqFw1npncKiA5xFn8vOYwdun\n" +

462
        "nZif\n" +

463
        "-----END CERTIFICATE-----";

464


465
    static String clientCertStr =

466
        "-----BEGIN CERTIFICATE-----\n" +

467
        "MIICnzCCAgigAwIBAgIBBjANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET\n" +

468
        "MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK\n" +

469
        "EwhTb21lLU9yZzAeFw0wODEyMDgwMzI3MzRaFw0yODA4MjUwMzI3MzRaMHIxCzAJ\n" +

470
        "BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp\n" +

471
        "dHkxETAPBgNVBAoTCFNvbWUtT3JnMRMwEQYDVQQLEwpTU0wtQ2xpZW50MRIwEAYD\n" +

472
        "VQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALvwQDas\n" +

473
        "JlRO9KNaAC9pIW+5ejqT7KL24Y7HY9gvEjCZLrDyj/gnLSR4KIT3Ab+NRHndO9JV\n" +

474
        "8848slshfe/9M0qxo//GyJu5D3xBNZf52zoFYAUVr1kXkqMQrRYc5AdTr6h2olYq\n" +

475
        "ktP5KOB4z14fSKtcGd3hZ0O6dY31gqxDkkQbAgMBAAGjbjBsMAkGA1UdEwQCMAAw\n" +

476
        "CwYDVR0PBAQDAgXgMB0GA1UdDgQWBBTNu8iFqpG9/R2+zWd8/7PpTKgi5jAfBgNV\n" +

477
        "HSMEGDAWgBT6uVG/TOfZhpgz+efLHvEzSfeoFDASBgNVHREBAf8ECDAGhwR/AAAB\n" +

478
        "MA0GCSqGSIb3DQEBBAUAA4GBACjj9PS+W6XOF7toFMwMOv/AemZeBOpcEF1Ei1Hx\n" +

479
        "HjvB6EOHkMY8tFm5OPzkiWiK3+s3awpSW0jWdzMYwrQJ3/klMsPDpI7PEuirqwHP\n" +

480
        "i5Wyl/vk7jmfWVcBO9MVhPUo4BYl4vS9aj6JA5QbkbkB95LOgT/BowY0WmHeVsXC\n" +

481
        "I9aw\n" +

482
        "-----END CERTIFICATE-----";

483


484


485
    static byte serverPrivateExponent[] = {

486
        (byte)0x6e, (byte)0xa7, (byte)0x1b, (byte)0x83,

487
        (byte)0x51, (byte)0x35, (byte)0x9a, (byte)0x44,

488
        (byte)0x7d, (byte)0xf6, (byte)0xe3, (byte)0x89,

489
        (byte)0xa0, (byte)0xd7, (byte)0x90, (byte)0x60,

490
        (byte)0xa1, (byte)0x4e, (byte)0x27, (byte)0x21,

491
        (byte)0xa2, (byte)0x89, (byte)0x74, (byte)0xcc,

492
        (byte)0x9d, (byte)0x75, (byte)0x75, (byte)0x4e,

493
        (byte)0xc7, (byte)0x82, (byte)0xe3, (byte)0xe3,

494
        (byte)0xc3, (byte)0x7d, (byte)0x00, (byte)0x54,

495
        (byte)0xec, (byte)0x36, (byte)0xb1, (byte)0xdf,

496
        (byte)0x91, (byte)0x9c, (byte)0x7a, (byte)0xc0,

497
        (byte)0x62, (byte)0x0a, (byte)0xd6, (byte)0xa9,

498
        (byte)0x22, (byte)0x91, (byte)0x4a, (byte)0x29,

499
        (byte)0x2e, (byte)0x43, (byte)0xfa, (byte)0x8c,

500
        (byte)0xd8, (byte)0xe9, (byte)0xbe, (byte)0xd9,

501
        (byte)0x4f, (byte)0xca, (byte)0x23, (byte)0xc6,

502
        (byte)0xe4, (byte)0x3f, (byte)0xb8, (byte)0x72,

503
        (byte)0xcf, (byte)0x02, (byte)0xfc, (byte)0xf4,

504
        (byte)0x58, (byte)0x34, (byte)0x77, (byte)0x76,

505
        (byte)0xce, (byte)0x22, (byte)0x44, (byte)0x5f,

506
        (byte)0x2d, (byte)0xca, (byte)0xee, (byte)0xf5,

507
        (byte)0x43, (byte)0x56, (byte)0x47, (byte)0x71,

508
        (byte)0x0b, (byte)0x09, (byte)0x6b, (byte)0x5e,

509
        (byte)0xf2, (byte)0xc8, (byte)0xee, (byte)0xd4,

510
        (byte)0x6e, (byte)0x44, (byte)0x92, (byte)0x2a,

511
        (byte)0x7f, (byte)0xcc, (byte)0xa7, (byte)0xd4,

512
        (byte)0x5b, (byte)0xfb, (byte)0xf7, (byte)0x4a,

513
        (byte)0xa9, (byte)0xfb, (byte)0x54, (byte)0x18,

514
        (byte)0xd5, (byte)0xd5, (byte)0x14, (byte)0xba,

515
        (byte)0xa0, (byte)0x1c, (byte)0x13, (byte)0xb3,

516
        (byte)0x37, (byte)0x6b, (byte)0x37, (byte)0x59,

517
        (byte)0xed, (byte)0xdb, (byte)0x6d, (byte)0xb1

518
    };

519


520
    static byte serverModulus[] = {

521
        (byte)0x00,

522
        (byte)0xa5, (byte)0xac, (byte)0x5b, (byte)0x1c,

523
        (byte)0x37, (byte)0xa2, (byte)0xdd, (byte)0x99,

524
        (byte)0x89, (byte)0x2d, (byte)0xb2, (byte)0x79,

525
        (byte)0xb8, (byte)0x8f, (byte)0xd5, (byte)0x48,

526
        (byte)0xa5, (byte)0xe7, (byte)0x1c, (byte)0x84,

527
        (byte)0x17, (byte)0x8d, (byte)0x69, (byte)0x9c,

528
        (byte)0xc6, (byte)0xac, (byte)0x6d, (byte)0xf9,

529
        (byte)0xf2, (byte)0x1d, (byte)0x1f, (byte)0x39,

530
        (byte)0x19, (byte)0xda, (byte)0xd3, (byte)0x72,

531
        (byte)0x1e, (byte)0x6e, (byte)0xec, (byte)0x44,

532
        (byte)0xcc, (byte)0x70, (byte)0xa4, (byte)0xdc,

533
        (byte)0xba, (byte)0x00, (byte)0x30, (byte)0xf6,

534
        (byte)0xa0, (byte)0x4f, (byte)0x3d, (byte)0x54,

535
        (byte)0x7a, (byte)0x61, (byte)0x6a, (byte)0xcc,

536
        (byte)0x57, (byte)0xd0, (byte)0x0a, (byte)0x7f,

537
        (byte)0x95, (byte)0x28, (byte)0x18, (byte)0x3f,

538
        (byte)0x9a, (byte)0xd9, (byte)0x94, (byte)0xf2,

539
        (byte)0x1b, (byte)0xc8, (byte)0x24, (byte)0x88,

540
        (byte)0x7e, (byte)0xfe, (byte)0x9d, (byte)0x0f,

541
        (byte)0x3d, (byte)0xfb, (byte)0x57, (byte)0x53,

542
        (byte)0x08, (byte)0xb3, (byte)0x20, (byte)0x33,

543
        (byte)0xd4, (byte)0x3f, (byte)0x17, (byte)0x47,

544
        (byte)0x14, (byte)0xd1, (byte)0xcd, (byte)0xea,

545
        (byte)0x08, (byte)0xd8, (byte)0x0e, (byte)0x75,

546
        (byte)0x4e, (byte)0xaf, (byte)0xbe, (byte)0xcc,

547
        (byte)0xd2, (byte)0xec, (byte)0xaf, (byte)0xa9,

548
        (byte)0x7a, (byte)0x49, (byte)0xdf, (byte)0xc2,

549
        (byte)0xd9, (byte)0xac, (byte)0xb8, (byte)0x24,

550
        (byte)0x40, (byte)0x90, (byte)0xa6, (byte)0x03,

551
        (byte)0x56, (byte)0x2a, (byte)0xd0, (byte)0x30,

552
        (byte)0x05, (byte)0x40, (byte)0x2c, (byte)0x4f,

553
        (byte)0xab, (byte)0xd9, (byte)0x74, (byte)0x89

554
    };

555


556
    static byte clientPrivateExponent[] = {

557
        (byte)0x11, (byte)0xb7, (byte)0x6a, (byte)0x36,

558
        (byte)0x3d, (byte)0x30, (byte)0x37, (byte)0xce,

559
        (byte)0x61, (byte)0x9d, (byte)0x6c, (byte)0x84,

560
        (byte)0x8b, (byte)0xf3, (byte)0x9b, (byte)0x25,

561
        (byte)0x4f, (byte)0x14, (byte)0xc8, (byte)0xa4,

562
        (byte)0xdd, (byte)0x2f, (byte)0xd7, (byte)0x9a,

563
        (byte)0x17, (byte)0xbd, (byte)0x90, (byte)0x19,

564
        (byte)0xf7, (byte)0x05, (byte)0xfd, (byte)0xf2,

565
        (byte)0xd2, (byte)0xc5, (byte)0xf7, (byte)0x77,

566
        (byte)0xbe, (byte)0xea, (byte)0xe2, (byte)0x84,

567
        (byte)0x87, (byte)0x97, (byte)0x3a, (byte)0x41,

568
        (byte)0x96, (byte)0xb6, (byte)0x99, (byte)0xf8,

569
        (byte)0x94, (byte)0x8c, (byte)0x58, (byte)0x71,

570
        (byte)0x51, (byte)0x8c, (byte)0xf4, (byte)0x2a,

571
        (byte)0x20, (byte)0x9e, (byte)0x1a, (byte)0xa0,

572
        (byte)0x26, (byte)0x99, (byte)0x75, (byte)0xd6,

573
        (byte)0x31, (byte)0x53, (byte)0x43, (byte)0x39,

574
        (byte)0xf5, (byte)0x2a, (byte)0xa6, (byte)0x7e,

575
        (byte)0x34, (byte)0x42, (byte)0x51, (byte)0x2a,

576
        (byte)0x40, (byte)0x87, (byte)0x03, (byte)0x88,

577
        (byte)0x43, (byte)0x69, (byte)0xb2, (byte)0x89,

578
        (byte)0x6d, (byte)0x20, (byte)0xbd, (byte)0x7d,

579
        (byte)0x71, (byte)0xef, (byte)0x47, (byte)0x0a,

580
        (byte)0xdf, (byte)0x06, (byte)0xc1, (byte)0x69,

581
        (byte)0x66, (byte)0xa8, (byte)0x22, (byte)0x37,

582
        (byte)0x1a, (byte)0x77, (byte)0x1e, (byte)0xc7,

583
        (byte)0x94, (byte)0x4e, (byte)0x2c, (byte)0x27,

584
        (byte)0x69, (byte)0x45, (byte)0x5e, (byte)0xc8,

585
        (byte)0xf8, (byte)0x0c, (byte)0xb7, (byte)0xf8,

586
        (byte)0xc0, (byte)0x8f, (byte)0x99, (byte)0xc1,

587
        (byte)0xe5, (byte)0x28, (byte)0x9b, (byte)0xf9,

588
        (byte)0x4c, (byte)0x94, (byte)0xc6, (byte)0xb1

589
    };

590


591
    static byte clientModulus[] = {

592
        (byte)0x00,

593
        (byte)0xbb, (byte)0xf0, (byte)0x40, (byte)0x36,

594
        (byte)0xac, (byte)0x26, (byte)0x54, (byte)0x4e,

595
        (byte)0xf4, (byte)0xa3, (byte)0x5a, (byte)0x00,

596
        (byte)0x2f, (byte)0x69, (byte)0x21, (byte)0x6f,

597
        (byte)0xb9, (byte)0x7a, (byte)0x3a, (byte)0x93,

598
        (byte)0xec, (byte)0xa2, (byte)0xf6, (byte)0xe1,

599
        (byte)0x8e, (byte)0xc7, (byte)0x63, (byte)0xd8,

600
        (byte)0x2f, (byte)0x12, (byte)0x30, (byte)0x99,

601
        (byte)0x2e, (byte)0xb0, (byte)0xf2, (byte)0x8f,

602
        (byte)0xf8, (byte)0x27, (byte)0x2d, (byte)0x24,

603
        (byte)0x78, (byte)0x28, (byte)0x84, (byte)0xf7,

604
        (byte)0x01, (byte)0xbf, (byte)0x8d, (byte)0x44,

605
        (byte)0x79, (byte)0xdd, (byte)0x3b, (byte)0xd2,

606
        (byte)0x55, (byte)0xf3, (byte)0xce, (byte)0x3c,

607
        (byte)0xb2, (byte)0x5b, (byte)0x21, (byte)0x7d,

608
        (byte)0xef, (byte)0xfd, (byte)0x33, (byte)0x4a,

609
        (byte)0xb1, (byte)0xa3, (byte)0xff, (byte)0xc6,

610
        (byte)0xc8, (byte)0x9b, (byte)0xb9, (byte)0x0f,

611
        (byte)0x7c, (byte)0x41, (byte)0x35, (byte)0x97,

612
        (byte)0xf9, (byte)0xdb, (byte)0x3a, (byte)0x05,

613
        (byte)0x60, (byte)0x05, (byte)0x15, (byte)0xaf,

614
        (byte)0x59, (byte)0x17, (byte)0x92, (byte)0xa3,

615
        (byte)0x10, (byte)0xad, (byte)0x16, (byte)0x1c,

616
        (byte)0xe4, (byte)0x07, (byte)0x53, (byte)0xaf,

617
        (byte)0xa8, (byte)0x76, (byte)0xa2, (byte)0x56,

618
        (byte)0x2a, (byte)0x92, (byte)0xd3, (byte)0xf9,

619
        (byte)0x28, (byte)0xe0, (byte)0x78, (byte)0xcf,

620
        (byte)0x5e, (byte)0x1f, (byte)0x48, (byte)0xab,

621
        (byte)0x5c, (byte)0x19, (byte)0xdd, (byte)0xe1,

622
        (byte)0x67, (byte)0x43, (byte)0xba, (byte)0x75,

623
        (byte)0x8d, (byte)0xf5, (byte)0x82, (byte)0xac,

624
        (byte)0x43, (byte)0x92, (byte)0x44, (byte)0x1b

625
    };

626


627
    static char passphrase[] = "passphrase".toCharArray();

628


629
    /*

630
     * Is the server ready to serve?

631
     */

632
    volatile static boolean serverReady = false;

633


634
    /*

635
     * Is the connection ready to close?

636
     */

637
    volatile static boolean closeReady = false;

638


639
    /*

640
     * Turn on SSL debugging?

641
     */

642
    static boolean debug = false;

643


644
    private SSLServerSocket sslServerSocket = null;

645


646
    /*

647
     * Define the server side of the test.

648
     *

649
     * If the server prematurely exits, serverReady will be set to true

650
     * to avoid infinite hangs.

651
     */

652
    void doServerSide() throws Exception {

653
        SSLContext context = getSSLContext(trusedCertStr, serverCertStr,

654
            serverModulus, serverPrivateExponent, passphrase);

655
        SSLServerSocketFactory sslssf = context.getServerSocketFactory();

656


657
        // doClientSide() connects to the loopback address

658
        InetAddress loopback = InetAddress.getLoopbackAddress();

659
        InetSocketAddress address = new InetSocketAddress(loopback, serverPort);

660


661
        sslServerSocket =

662
            (SSLServerSocket) sslssf.createServerSocket();

663
        sslServerSocket.bind(address);

664
        serverPort = sslServerSocket.getLocalPort();

665


666
        /*

667
         * Signal Client, we're ready for his connect.

668
         */

669
        serverReady = true;

670


671
        SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();

672
        sslSocket.setNeedClientAuth(true);

673


674
        PrintStream out =

675
                new PrintStream(sslSocket.getOutputStream());

676


677
        try {

678
            // ignore request data

679


680
            // send the response

681
            out.print("HTTP/1.1 200 OK\r\n");

682
            out.print("Content-Type: text/html; charset=iso-8859-1\r\n");

683
            out.print("Content-Length: "+ 9 +"\r\n");

684
            out.print("\r\n");

685
            out.print("Testing\r\n");

686
            out.flush();

687
        } finally {

688
             // close the socket

689
             while (!closeReady) {

690
                 Thread.sleep(50);

691
             }

692


693
             System.out.println("Server closing socket");

694
             sslSocket.close();

695
             serverReady = false;

696
        }

697


698
    }

699


700
    /*

701
     * Define the client side of the test.

702
     *

703
     * If the server prematurely exits, serverReady will be set to true

704
     * to avoid infinite hangs.

705
     */

706
    void doClientSide() throws Exception {

707
        SSLContext reservedSSLContext = SSLContext.getDefault();

708
        try {

709
            SSLContext context = getSSLContext(trusedCertStr, clientCertStr,

710
                clientModulus, clientPrivateExponent, passphrase);

711
            SSLContext.setDefault(context);

712


713
            /*

714
             * Wait for server to get started.

715
             */

716
            while (!serverReady) {

717
                Thread.sleep(50);

718
            }

719


720
            HttpsURLConnection http = null;

721


722
            /* establish http connection to server */

723
            URL url = URIBuilder.newBuilder()

724
                .scheme("https")

725
                .loopback()

726
                .port(serverPort)

727
                .path("/")

728
                .toURL();

729
            System.out.println("url is "+url.toString());

730


731
            try {

732
                http = (HttpsURLConnection)url.openConnection(Proxy.NO_PROXY);

733


734
                int respCode = http.getResponseCode();

735
                System.out.println("respCode = "+respCode);

736
            } finally {

737
                if (http != null) {

738
                    http.disconnect();

739
                }

740
                closeReady = true;

741
            }

742
        } finally {

743
            SSLContext.setDefault(reservedSSLContext);

744
        }

745
    }

746


747
    /*

748
     * =============================================================

749
     * The remainder is just support stuff

750
     */

751


752
    // use any free port by default

753
    volatile int serverPort = 0;

754


755
    volatile Exception serverException = null;

756
    volatile Exception clientException = null;

757


758
    public static void main(String args[]) throws Exception {

759
        // MD5 is used in this test case, don't disable MD5 algorithm.

760
        Security.setProperty("jdk.certpath.disabledAlgorithms",

761
                "MD2, RSA keySize < 1024");

762
        Security.setProperty("jdk.tls.disabledAlgorithms",

763
                "SSLv3, RC4, DH keySize < 768");

764


765
        if (debug)

766
            System.setProperty("javax.net.debug", "all");

767


768
        /*

769
         * Start the tests.

770
         */

771
        new IPIdentities();

772
    }

773


774
    Thread clientThread = null;

775
    Thread serverThread = null;

776
    /*

777
     * Primary constructor, used to drive remainder of the test.

778
     *

779
     * Fork off the other side, then do your work.

780
     */

781
    IPIdentities() throws Exception {

782
        if (separateServerThread) {

783
            startServer(true);

784
            startClient(false);

785
        } else {

786
            startClient(true);

787
            startServer(false);

788
        }

789


790
        /*

791
         * Wait for other side to close down.

792
         */

793
        if (separateServerThread) {

794
            serverThread.join();

795
        } else {

796
            clientThread.join();

797
        }

798


799
        /*

800
         * When we get here, the test is pretty much over.

801
         *

802
         * If the main thread excepted, that propagates back

803
         * immediately.  If the other thread threw an exception, we

804
         * should report back.

805
         */

806
        if (serverException != null)

807
            throw serverException;

808
        if (clientException != null)

809
            throw clientException;

810
    }

811


812
    void startServer(boolean newThread) throws Exception {

813
        if (newThread) {

814
            serverThread = new Thread() {

815
                public void run() {

816
                    try {

817
                        doServerSide();

818
                    } catch (Exception e) {

819
                        /*

820
                         * Our server thread just died.

821
                         *

822
                         * Release the client, if not active already...

823
                         */

824
                        System.err.println("Server died...");

825
                        serverReady = true;

826
                        serverException = e;

827
                    }

828
                }

829
            };

830
            serverThread.start();

831
        } else {

832
            doServerSide();

833
        }

834
    }

835


836
    void startClient(boolean newThread) throws Exception {

837
        if (newThread) {

838
            clientThread = new Thread() {

839
                public void run() {

840
                    try {

841
                        doClientSide();

842
                    } catch (Exception e) {

843
                        /*

844
                         * Our client thread just died.

845
                         */

846
                        System.err.println("Client died...");

847
                        clientException = e;

848
                    }

849
                }

850
            };

851
            clientThread.start();

852
        } else {

853
            doClientSide();

854
        }

855
    }

856


857
    // get the ssl context

858
    private static SSLContext getSSLContext(String trusedCertStr,

859
            String keyCertStr, byte[] modulus,

860
            byte[] privateExponent, char[] passphrase) throws Exception {

861


862
        // generate certificate from cert string

863
        CertificateFactory cf = CertificateFactory.getInstance("X.509");

864


865
        ByteArrayInputStream is =

866
                    new ByteArrayInputStream(trusedCertStr.getBytes());

867
        Certificate trusedCert = cf.generateCertificate(is);

868
        is.close();

869


870
        // create a key store

871
        KeyStore ks = KeyStore.getInstance("JKS");

872
        ks.load(null, null);

873


874
        // import the trused cert

875
        ks.setCertificateEntry("RSA Export Signer", trusedCert);

876


877
        if (keyCertStr != null) {

878
            // generate the private key.

879
            RSAPrivateKeySpec priKeySpec = new RSAPrivateKeySpec(

880
                                            new BigInteger(modulus),

881
                                            new BigInteger(privateExponent));

882
            KeyFactory kf = KeyFactory.getInstance("RSA");

883
            RSAPrivateKey priKey =

884
                    (RSAPrivateKey)kf.generatePrivate(priKeySpec);

885


886
            // generate certificate chain

887
            is = new ByteArrayInputStream(keyCertStr.getBytes());

888
            Certificate keyCert = cf.generateCertificate(is);

889
            is.close();

890


891
            Certificate[] chain = new Certificate[2];

892
            chain[0] = keyCert;

893
            chain[1] = trusedCert;

894


895
            // import the key entry.

896
            ks.setKeyEntry("Whatever", priKey, passphrase, chain);

897
        }

898


899
        // create SSL context

900
        TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX");

901
        tmf.init(ks);

902


903
        SSLContext ctx = SSLContext.getInstance("TLS");

904


905
        if (keyCertStr != null) {

906
            KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");

907
            kmf.init(ks, passphrase);

908


909
            ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);

910
        } else {

911
            ctx.init(null, tmf.getTrustManagers(), null);

912
        }

913


914
        return ctx;

915
    }

916


917
}

918


919