Path: blob/master/test/jdk/sun/security/jgss/spnego/NotPreferredMech.java
41154 views
/*1* Copyright (c) 2014, 2020, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation.7*8* This code is distributed in the hope that it will be useful, but WITHOUT9* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or10* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License11* version 2 for more details (a copy is included in the LICENSE file that12* accompanied this code).13*14* You should have received a copy of the GNU General Public License version15* 2 along with this work; if not, write to the Free Software Foundation,16* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.17*18* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA19* or visit www.oracle.com if you need additional information or have any20* questions.21*/2223/*24* @test25* @bug 8048194 824215126* @modules java.base/sun.security.util27* java.security.jgss/sun.security.jgss28* java.security.jgss/sun.security.jgss.spnego:+open29* @run main/othervm NotPreferredMech30* @summary GSSContext.acceptSecContext fails when a supported mech is not initiator preferred31*/3233import org.ietf.jgss.*;34import sun.security.jgss.*;35import sun.security.jgss.spnego.NegTokenInit;36import sun.security.jgss.spnego.NegTokenTarg;37import sun.security.util.BitArray;38import sun.security.util.DerOutputStream;39import sun.security.util.DerValue;40import sun.security.util.ObjectIdentifier;4142import java.io.ByteArrayOutputStream;43import java.lang.reflect.Constructor;44import java.lang.reflect.Method;4546public class NotPreferredMech {4748public static void main(String[] argv) throws Exception {4950// Generates a NegTokenInit mechTypes field, with an51// unsupported mech as the preferred.52DerOutputStream mech = new DerOutputStream();53mech.write(new Oid("1.2.3.4").getDER());54mech.write(GSSUtil.GSS_KRB5_MECH_OID.getDER());55DerOutputStream mechTypeList = new DerOutputStream();56mechTypeList.write(DerValue.tag_Sequence, mech);5758// Generates a NegTokenInit mechToken field for 1.2.3.4 mech59GSSHeader h1 = new GSSHeader(ObjectIdentifier.of("1.2.3.4"), 1);60ByteArrayOutputStream bout = new ByteArrayOutputStream();61h1.encode(bout);62bout.write(new byte[1]);6364// Generates the NegTokenInit token65Constructor<NegTokenInit> ctor = NegTokenInit.class.getDeclaredConstructor(66byte[].class, BitArray.class, byte[].class, byte[].class);67ctor.setAccessible(true);68NegTokenInit initToken = ctor.newInstance(69mechTypeList.toByteArray(),70new BitArray(0),71bout.toByteArray(),72null);73Method m = Class.forName("sun.security.jgss.spnego.SpNegoToken")74.getDeclaredMethod("getEncoded");75m.setAccessible(true);76byte[] spnegoToken = (byte[])m.invoke(initToken);7778// and wraps it into a GSSToken79GSSHeader h = new GSSHeader(80ObjectIdentifier.of(GSSUtil.GSS_SPNEGO_MECH_OID.toString()),81spnegoToken.length);82bout = new ByteArrayOutputStream();83h.encode(bout);84bout.write(spnegoToken);85byte[] token = bout.toByteArray();8687// and feeds it to a GSS acceptor88GSSManager man = GSSManager.getInstance();89GSSContext ctxt = man.createContext((GSSCredential) null);90token = ctxt.acceptSecContext(token, 0, token.length);91NegTokenTarg targ = new NegTokenTarg(token);9293// Make sure it's a GO-ON message94Method m2 = NegTokenTarg.class.getDeclaredMethod("getNegotiatedResult");95m2.setAccessible(true);96int negResult = (int)m2.invoke(targ);9798if (negResult != 1 /* ACCEPT_INCOMPLETE */) {99throw new Exception("Not a continue");100}101}102}103104105