CoCalc -- RSAExport.java

GitHub Repository: PojavLauncherTeam/mobile
Path: blob/master/test/jdk/sun/security/ssl/ClientHandshaker/RSAExport.java
⁴¹¹⁵² views
1
/*
2
 * Copyright (c) 2008, 2017, Oracle and/or its affiliates. All rights reserved.
3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
 *
5
 * This code is free software; you can redistribute it and/or modify it
6
 * under the terms of the GNU General Public License version 2 only, as
7
 * published by the Free Software Foundation.
8
 *
9
 * This code is distributed in the hope that it will be useful, but WITHOUT
10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12
 * version 2 for more details (a copy is included in the LICENSE file that
13
 * accompanied this code).
14
 *
15
 * You should have received a copy of the GNU General Public License version
16
 * 2 along with this work; if not, write to the Free Software Foundation,
17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18
 *
19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20
 * or visit www.oracle.com if you need additional information or have any
21
 * questions.
22
 */
23

24
// SunJSSE does not support dynamic system properties, no way to re-use
25
// system properties in samevm/agentvm mode.
26

27
/*
28
 * @test
29
 * @bug 6690018
30
 * @summary RSAClientKeyExchange NullPointerException
31
 * @run main/othervm RSAExport
32
 */
33

34
/*
35
 * Certificates and key used in the test.
36
 *
37
 * TLS server certificate:
38
 * server private key:
39
 * -----BEGIN RSA PRIVATE KEY-----
40
 * Proc-Type: 4,ENCRYPTED
41
 * DEK-Info: DES-EDE3-CBC,97EC03A2D031B7BC
42
 *
43
 * 22wrD+DPv3VF8xg9xoeBqHzFnOVbTLQgVulzaCECDF4zWdxElYKy4yYyY6dMDehi
44
 * XT77NTsq1J14zjJHPp2/U6B5OpZxnf97ZSD0ZC9/DDe/2gjW4fY1Lv0TVP0PdXnm
45
 * cj84RaDiiSk/cERlFzFJ5L8ULMwxdOtYwXwZ4upITw2lT+8zDlBD2i3zZ4TcWrzE
46
 * /su5Kpu+Mp3wthfGX+ZGga2T/NS8ZCKZE+gJDPKQZ/x34VBw+YANQGyCJPv1iMaE
47
 * RyagnpApH9OPSrRIp2iR6uWT6836CET2erbfPaC1odyd8IsbnLldVs9CklH7EgXL
48
 * Nms+DqrQEbNmvMuQYEFyZEHN9D1fGONeacx+cjI85FyMSHSEO65JJmasAxgQe4nF
49
 * /yVz3rNQ2qAGqBhjsjP/WaXuB2aLZiAli/HjN17EJws=
50
 * -----END RSA PRIVATE KEY-----
51
 *
52
 * -----BEGIN RSA PRIVATE KEY-----
53
 * MIIBOQIBAAJBALlfGg/5ZweJcW5zqLdnQ2uyircqDDlENKnv9FABOm/j0wnlPHqX
54
 * CCqFBLoM7tG8ohci1SPy6fLJ5dqLf5FOH2sCAwEAAQJATO0/hpOMgx8xmJGc2Yeb
55
 * /gyY7kwfyIAajs9Khw0LcDTYTo2EAI+vMmDpU+dvmOCLUqq/Z2tiKJhGyrmcBlxr
56
 * kQIhAPYkbYovtvWHslxRb78x4eCrn2p1H7iolNKbyepjCI3zAiEAwMufJlLI9Q0O
57
 * BIr7fPnUhbs9NyMHLIvIQAf/hXYubqkCIGJZR9NxIT+VyrSMbYQNoF0u9fGJfvU/
58
 * lsdYLCOVEnP1AiAsSFjUx50K1CXNG1MqYIPU963W1T/Xln+3XV7ue7esiQIgW2Lu
59
 * xGvz2dAUsGId+Xr2GZXb7ZucY/cPt4o5qdP1m7c=
60
 * -----END RSA PRIVATE KEY-----
61
 *
62
 * Private-Key: (512 bit)
63
 * modulus:
64
 *     00:b9:5f:1a:0f:f9:67:07:89:71:6e:73:a8:b7:67:
65
 *     43:6b:b2:8a:b7:2a:0c:39:44:34:a9:ef:f4:50:01:
66
 *     3a:6f:e3:d3:09:e5:3c:7a:97:08:2a:85:04:ba:0c:
67
 *     ee:d1:bc:a2:17:22:d5:23:f2:e9:f2:c9:e5:da:8b:
68
 *     7f:91:4e:1f:6b
69
 * publicExponent: 65537 (0x10001)
70
 * privateExponent:
71
 *     4c:ed:3f:86:93:8c:83:1f:31:98:91:9c:d9:87:9b:
72
 *     fe:0c:98:ee:4c:1f:c8:80:1a:8e:cf:4a:87:0d:0b:
73
 *     70:34:d8:4e:8d:84:00:8f:af:32:60:e9:53:e7:6f:
74
 *     98:e0:8b:52:aa:bf:67:6b:62:28:98:46:ca:b9:9c:
75
 *     06:5c:6b:91
76
 * prime1:
77
 *     00:f6:24:6d:8a:2f:b6:f5:87:b2:5c:51:6f:bf:31:
78
 *     e1:e0:ab:9f:6a:75:1f:b8:a8:94:d2:9b:c9:ea:63:
79
 *     08:8d:f3
80
 * prime2:
81
 *     00:c0:cb:9f:26:52:c8:f5:0d:0e:04:8a:fb:7c:f9:
82
 *     d4:85:bb:3d:37:23:07:2c:8b:c8:40:07:ff:85:76:
83
 *     2e:6e:a9
84
 * exponent1:
85
 *     62:59:47:d3:71:21:3f:95:ca:b4:8c:6d:84:0d:a0:
86
 *     5d:2e:f5:f1:89:7e:f5:3f:96:c7:58:2c:23:95:12:
87
 *     73:f5
88
 * exponent2:
89
 *     2c:48:58:d4:c7:9d:0a:d4:25:cd:1b:53:2a:60:83:
90
 *     d4:f7:ad:d6:d5:3f:d7:96:7f:b7:5d:5e:ee:7b:b7:
91
 *     ac:89
92
 * coefficient:
93
 *     5b:62:ee:c4:6b:f3:d9:d0:14:b0:62:1d:f9:7a:f6:
94
 *     19:95:db:ed:9b:9c:63:f7:0f:b7:8a:39:a9:d3:f5:
95
 *     9b:b7
96
 *
97
 *
98
 * server certificate:
99
 *  Data:
100
 *      Version: 3 (0x2)
101
 *      Serial Number: 11 (0xb)
102
 *      Signature Algorithm: sha1WithRSAEncryption
103
 *      Issuer: C=US, ST=Some-State, O=Some Org, CN=Someone
104
 *      Validity
105
 *          Not Before: Apr 18 15:07:30 2008 GMT
106
 *          Not After : Jan  4 15:07:30 2028 GMT
107
 *      Subject: C=US, ST=Some-State, O=Some Org, CN=SomeoneExport
108
 *      Subject Public Key Info:
109
 *          Public Key Algorithm: rsaEncryption
110
 *          RSA Public Key: (512 bit)
111
 *              Modulus (512 bit):
112
 *                  00:b9:5f:1a:0f:f9:67:07:89:71:6e:73:a8:b7:67:
113
 *                  43:6b:b2:8a:b7:2a:0c:39:44:34:a9:ef:f4:50:01:
114
 *                  3a:6f:e3:d3:09:e5:3c:7a:97:08:2a:85:04:ba:0c:
115
 *                  ee:d1:bc:a2:17:22:d5:23:f2:e9:f2:c9:e5:da:8b:
116
 *                  7f:91:4e:1f:6b
117
 *              Exponent: 65537 (0x10001)
118
 *      X509v3 extensions:
119
 *          X509v3 Basic Constraints:
120
 *              CA:FALSE
121
 *          X509v3 Key Usage:
122
 *              Digital Signature, Non Repudiation, Key Encipherment
123
 *          X509v3 Subject Key Identifier:
124
 *              F1:30:98:BE:7C:AA:F9:B1:91:38:60:AE:13:5F:67:9C:0A:32:9E:31
125
 *          X509v3 Authority Key Identifier:
126
 *              keyid:B5:32:43:D7:00:24:92:BA:E9:95:E5:F9:A3:64:6C:84:EE:33:2E:15
127
 *
128
 * -----BEGIN CERTIFICATE-----
129
 * MIICIDCCAYmgAwIBAgIBCzANBgkqhkiG9w0BAQUFADBHMQswCQYDVQQGEwJVUzET
130
 * MBEGA1UECBMKU29tZS1TdGF0ZTERMA8GA1UEChMIU29tZSBPcmcxEDAOBgNVBAMT
131
 * B1NvbWVvbmUwHhcNMDgwNDE4MTUwNzMwWhcNMjgwMTA0MTUwNzMwWjBNMQswCQYD
132
 * VQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTERMA8GA1UEChMIU29tZSBPcmcx
133
 * FjAUBgNVBAMTDVNvbWVvbmVFeHBvcnQwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA
134
 * uV8aD/lnB4lxbnOot2dDa7KKtyoMOUQ0qe/0UAE6b+PTCeU8epcIKoUEugzu0byi
135
 * FyLVI/Lp8snl2ot/kU4fawIDAQABo1owWDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF
136
 * 4DAdBgNVHQ4EFgQU8TCYvnyq+bGROGCuE19nnAoynjEwHwYDVR0jBBgwFoAUtTJD
137
 * 1wAkkrrpleX5o2RshO4zLhUwDQYJKoZIhvcNAQEFBQADgYEAFU+fP9FSTQNVZOhv
138
 * eJ+zq6wI/biwzTgPbAq3yu2gb5kT85z4nzqBhPd2LWWFXhUW/D8QyNZ54X30y0Ug
139
 * 3NfUAvOANW7CgUbHBmm77KQiF4nWdh338qqq9HzLGrPqcxX0dmiq2RBVPy9wb2Ea
140
 * FTZiU2v+9pkoLoSDnCOfPCg/4Q4=
141
 * -----END CERTIFICATE-----
142
 *
143
 *
144
 * Trusted CA certificate:
145
 * Certificate:
146
 *   Data:
147
 *       Version: 3 (0x2)
148
 *       Serial Number: 0 (0x0)
149
 *       Signature Algorithm: md5WithRSAEncryption
150
 *       Issuer: C=US, ST=Some-State, O=Some Org, CN=Someone
151
 *       Validity
152
 *           Not Before: Mar 30 11:44:47 2001 GMT
153
 *           Not After : Apr 27 11:44:47 2028 GMT
154
 *       Subject: C=US, ST=Some-State, O=Some Org, CN=Someone
155
 *       Subject Public Key Info:
156
 *           Public Key Algorithm: rsaEncryption
157
 *           RSA Public Key: (1024 bit)
158
 *               Modulus (1024 bit):
159
 *                   00:c1:98:e4:7a:87:53:0f:94:87:dc:da:f3:59:39:
160
 *                   3e:36:95:e8:77:58:ff:46:8a:81:1b:5e:c5:4c:fa:
161
 *                   b6:91:19:30:be:5b:ef:4c:aa:84:30:a4:9a:d4:68:
162
 *                   af:ef:fa:b4:2c:76:8b:29:33:46:cf:38:74:7c:79:
163
 *                   d5:07:a6:43:39:84:52:39:4f:8a:1c:f3:73:19:12:
164
 *                   40:cf:ee:a1:77:43:01:02:be:8d:32:11:28:70:f4:
165
 *                   cf:ab:43:75:e4:fb:74:f1:8c:2e:43:24:ba:85:3f:
166
 *                   66:3a:05:ea:f7:ce:5b:97:e2:34:a3:f0:87:f4:f8:
167
 *                   d1:59:12:5a:68:b7:78:64:a9
168
 *               Exponent: 65537 (0x10001)
169
 *       X509v3 extensions:
170
 *           X509v3 Subject Key Identifier:
171
 *               B5:32:43:D7:00:24:92:BA:E9:95:E5:F9:A3:64:6C:84:EE:33:2E:15
172
 *           X509v3 Authority Key Identifier:
173
 *               keyid:B5:32:43:D7:00:24:92:BA:E9:95:E5:F9:A3:64:6C:84:EE:33:2E:15
174
 *               DirName:/C=US/ST=Some-State/O=Some Org/CN=Someone
175
 *               serial:00
176
 *
177
 *           X509v3 Basic Constraints:
178
 *               CA:TRUE
179
 *
180
 * -----BEGIN CERTIFICATE-----
181
 * MIICpjCCAg+gAwIBAgIBADANBgkqhkiG9w0BAQQFADBHMQswCQYDVQQGEwJVUzET
182
 * MBEGA1UECBMKU29tZS1TdGF0ZTERMA8GA1UEChMIU29tZSBPcmcxEDAOBgNVBAMT
183
 * B1NvbWVvbmUwHhcNMDEwMzMwMTE0NDQ3WhcNMjgwNDI3MTE0NDQ3WjBHMQswCQYD
184
 * VQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTERMA8GA1UEChMIU29tZSBPcmcx
185
 * EDAOBgNVBAMTB1NvbWVvbmUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMGY
186
 * 5HqHUw+Uh9za81k5PjaV6HdY/0aKgRtexUz6tpEZML5b70yqhDCkmtRor+/6tCx2
187
 * iykzRs84dHx51QemQzmEUjlPihzzcxkSQM/uoXdDAQK+jTIRKHD0z6tDdeT7dPGM
188
 * LkMkuoU/ZjoF6vfOW5fiNKPwh/T40VkSWmi3eGSpAgMBAAGjgaEwgZ4wHQYDVR0O
189
 * BBYEFLUyQ9cAJJK66ZXl+aNkbITuMy4VMG8GA1UdIwRoMGaAFLUyQ9cAJJK66ZXl
190
 * +aNkbITuMy4VoUukSTBHMQswCQYDVQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0
191
 * ZTERMA8GA1UEChMIU29tZSBPcmcxEDAOBgNVBAMTB1NvbWVvbmWCAQAwDAYDVR0T
192
 * BAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQBhf3PX0xWxtaUwZlWCO7GfPwCKgBWr
193
 * CXqlqjtWHCshaaU7wUsDOwxFDWwKjFrMerQLsLuBlhdXEbNfSPjychkQtfezQHcS
194
 * q0Atq7+KVSmRbDw6oKVRs5v1BBzLCupy+o16fNz3/hwreAWwQnSMtAh/osNS9w1b
195
 * QeVWU+JV47H+vg==
196
 * -----END CERTIFICATE-----
197
 *
198
 */
199

200
import java.io.*;
201
import java.net.*;
202
import java.security.Security;
203
import java.security.KeyStore;
204
import java.security.KeyFactory;
205
import java.security.cert.Certificate;
206
import java.security.cert.CertificateFactory;
207
import java.security.spec.*;
208
import java.security.interfaces.*;
209
import javax.net.ssl.*;
210
import java.math.BigInteger;
211

212
public class RSAExport {
213

214
    /*
215
     * =============================================================
216
     * Set the various variables needed for the tests, then
217
     * specify what tests to run on each side.
218
     */
219

220

221
    /*
222
     * Should we run the client or server in a separate thread?
223
     * Both sides can throw exceptions, but do you have a preference
224
     * as to which side should be the main thread.
225
     */
226
    static boolean separateServerThread = true;
227

228
    /*
229
     * Where do we find the keystores?
230
     */
231
    static String trusedCertStr =
232
        "-----BEGIN CERTIFICATE-----\n" +
233
        "MIICpjCCAg+gAwIBAgIBADANBgkqhkiG9w0BAQQFADBHMQswCQYDVQQGEwJVUzET\n" +
234
        "MBEGA1UECBMKU29tZS1TdGF0ZTERMA8GA1UEChMIU29tZSBPcmcxEDAOBgNVBAMT\n" +
235
        "B1NvbWVvbmUwHhcNMDEwMzMwMTE0NDQ3WhcNMjgwNDI3MTE0NDQ3WjBHMQswCQYD\n" +
236
        "VQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTERMA8GA1UEChMIU29tZSBPcmcx\n" +
237
        "EDAOBgNVBAMTB1NvbWVvbmUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMGY\n" +
238
        "5HqHUw+Uh9za81k5PjaV6HdY/0aKgRtexUz6tpEZML5b70yqhDCkmtRor+/6tCx2\n" +
239
        "iykzRs84dHx51QemQzmEUjlPihzzcxkSQM/uoXdDAQK+jTIRKHD0z6tDdeT7dPGM\n" +
240
        "LkMkuoU/ZjoF6vfOW5fiNKPwh/T40VkSWmi3eGSpAgMBAAGjgaEwgZ4wHQYDVR0O\n" +
241
        "BBYEFLUyQ9cAJJK66ZXl+aNkbITuMy4VMG8GA1UdIwRoMGaAFLUyQ9cAJJK66ZXl\n" +
242
        "+aNkbITuMy4VoUukSTBHMQswCQYDVQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0\n" +
243
        "ZTERMA8GA1UEChMIU29tZSBPcmcxEDAOBgNVBAMTB1NvbWVvbmWCAQAwDAYDVR0T\n" +
244
        "BAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQBhf3PX0xWxtaUwZlWCO7GfPwCKgBWr\n" +
245
        "CXqlqjtWHCshaaU7wUsDOwxFDWwKjFrMerQLsLuBlhdXEbNfSPjychkQtfezQHcS\n" +
246
        "q0Atq7+KVSmRbDw6oKVRs5v1BBzLCupy+o16fNz3/hwreAWwQnSMtAh/osNS9w1b\n" +
247
        "QeVWU+JV47H+vg==\n" +
248
        "-----END CERTIFICATE-----";
249

250
    static String serverCertStr =
251
        "-----BEGIN CERTIFICATE-----\n" +
252
        "MIICIDCCAYmgAwIBAgIBCzANBgkqhkiG9w0BAQUFADBHMQswCQYDVQQGEwJVUzET\n" +
253
        "MBEGA1UECBMKU29tZS1TdGF0ZTERMA8GA1UEChMIU29tZSBPcmcxEDAOBgNVBAMT\n" +
254
        "B1NvbWVvbmUwHhcNMDgwNDE4MTUwNzMwWhcNMjgwMTA0MTUwNzMwWjBNMQswCQYD\n" +
255
        "VQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTERMA8GA1UEChMIU29tZSBPcmcx\n" +
256
        "FjAUBgNVBAMTDVNvbWVvbmVFeHBvcnQwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA\n" +
257
        "uV8aD/lnB4lxbnOot2dDa7KKtyoMOUQ0qe/0UAE6b+PTCeU8epcIKoUEugzu0byi\n" +
258
        "FyLVI/Lp8snl2ot/kU4fawIDAQABo1owWDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF\n" +
259
        "4DAdBgNVHQ4EFgQU8TCYvnyq+bGROGCuE19nnAoynjEwHwYDVR0jBBgwFoAUtTJD\n" +
260
        "1wAkkrrpleX5o2RshO4zLhUwDQYJKoZIhvcNAQEFBQADgYEAFU+fP9FSTQNVZOhv\n" +
261
        "eJ+zq6wI/biwzTgPbAq3yu2gb5kT85z4nzqBhPd2LWWFXhUW/D8QyNZ54X30y0Ug\n" +
262
        "3NfUAvOANW7CgUbHBmm77KQiF4nWdh338qqq9HzLGrPqcxX0dmiq2RBVPy9wb2Ea\n" +
263
        "FTZiU2v+9pkoLoSDnCOfPCg/4Q4=\n" +
264
        "-----END CERTIFICATE-----";
265

266
    static byte privateExponent[] = {
267
        (byte)0x4c, (byte)0xed, (byte)0x3f, (byte)0x86,
268
        (byte)0x93, (byte)0x8c, (byte)0x83, (byte)0x1f,
269
        (byte)0x31, (byte)0x98, (byte)0x91, (byte)0x9c,
270
        (byte)0xd9, (byte)0x87, (byte)0x9b, (byte)0xfe,
271
        (byte)0x0c, (byte)0x98, (byte)0xee, (byte)0x4c,
272
        (byte)0x1f, (byte)0xc8, (byte)0x80, (byte)0x1a,
273
        (byte)0x8e, (byte)0xcf, (byte)0x4a, (byte)0x87,
274
        (byte)0x0d, (byte)0x0b, (byte)0x70, (byte)0x34,
275
        (byte)0xd8, (byte)0x4e, (byte)0x8d, (byte)0x84,
276
        (byte)0x00, (byte)0x8f, (byte)0xaf, (byte)0x32,
277
        (byte)0x60, (byte)0xe9, (byte)0x53, (byte)0xe7,
278
        (byte)0x6f, (byte)0x98, (byte)0xe0, (byte)0x8b,
279
        (byte)0x52, (byte)0xaa, (byte)0xbf, (byte)0x67,
280
        (byte)0x6b, (byte)0x62, (byte)0x28, (byte)0x98,
281
        (byte)0x46, (byte)0xca, (byte)0xb9, (byte)0x9c,
282
        (byte)0x06, (byte)0x5c, (byte)0x6b, (byte)0x91
283
    };
284

285
    static byte modulus[] = {
286
        (byte)0x00,
287
        (byte)0xb9, (byte)0x5f, (byte)0x1a, (byte)0x0f,
288
        (byte)0xf9, (byte)0x67, (byte)0x07, (byte)0x89,
289
        (byte)0x71, (byte)0x6e, (byte)0x73, (byte)0xa8,
290
        (byte)0xb7, (byte)0x67, (byte)0x43, (byte)0x6b,
291
        (byte)0xb2, (byte)0x8a, (byte)0xb7, (byte)0x2a,
292
        (byte)0x0c, (byte)0x39, (byte)0x44, (byte)0x34,
293
        (byte)0xa9, (byte)0xef, (byte)0xf4, (byte)0x50,
294
        (byte)0x01, (byte)0x3a, (byte)0x6f, (byte)0xe3,
295
        (byte)0xd3, (byte)0x09, (byte)0xe5, (byte)0x3c,
296
        (byte)0x7a, (byte)0x97, (byte)0x08, (byte)0x2a,
297
        (byte)0x85, (byte)0x04, (byte)0xba, (byte)0x0c,
298
        (byte)0xee, (byte)0xd1, (byte)0xbc, (byte)0xa2,
299
        (byte)0x17, (byte)0x22, (byte)0xd5, (byte)0x23,
300
        (byte)0xf2, (byte)0xe9, (byte)0xf2, (byte)0xc9,
301
        (byte)0xe5, (byte)0xda, (byte)0x8b, (byte)0x7f,
302
        (byte)0x91, (byte)0x4e, (byte)0x1f, (byte)0x6b
303
    };
304

305
    static char passphrase[] = "passphrase".toCharArray();
306

307
    /*
308
     * Is the server ready to serve?
309
     */
310
    volatile static boolean serverReady = false;
311

312
    /*
313
     * Turn on SSL debugging?
314
     */
315
    static boolean debug = false;
316

317
    /*
318
     * If the client or server is doing some kind of object creation
319
     * that the other side depends on, and that thread prematurely
320
     * exits, you may experience a hang.  The test harness will
321
     * terminate all hung threads after its timeout has expired,
322
     * currently 3 minutes by default, but you might try to be
323
     * smart about it....
324
     */
325

326
    /*
327
     * Define the server side of the test.
328
     *
329
     * If the server prematurely exits, serverReady will be set to true
330
     * to avoid infinite hangs.
331
     */
332
    void doServerSide() throws Exception {
333
        SSLServerSocketFactory sslssf =
334
                getSSLContext(true).getServerSocketFactory();
335
        SSLServerSocket sslServerSocket =
336
                (SSLServerSocket) sslssf.createServerSocket(serverPort);
337

338
        serverPort = sslServerSocket.getLocalPort();
339

340
        /*
341
         * Signal Client, we're ready for this connect.
342
         */
343
        serverReady = true;
344

345
        // Enable RSA_EXPORT cipher suites only.
346
        try {
347
            String enabledSuites[] = {
348
                "SSL_RSA_EXPORT_WITH_RC4_40_MD5",
349
                "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA"};
350
            sslServerSocket.setEnabledCipherSuites(enabledSuites);
351
        } catch (IllegalArgumentException iae) {
352
            // ignore the exception a cipher suite is unsupported.
353
        }
354

355
        SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();
356
        InputStream sslIS = sslSocket.getInputStream();
357
        OutputStream sslOS = sslSocket.getOutputStream();
358

359
        sslIS.read();
360
        sslOS.write(85);
361
        sslOS.flush();
362

363

364
        sslSocket.close();
365
    }
366

367
    /*
368
     * Define the client side of the test.
369
     *
370
     * If the server prematurely exits, serverReady will be set to true
371
     * to avoid infinite hangs.
372
     */
373
    void doClientSide() throws Exception {
374

375
        /*
376
         * Wait for server to get started.
377
         */
378
        while (!serverReady) {
379
            Thread.sleep(50);
380
        }
381

382
        SSLSocketFactory sslsf =
383
                getSSLContext(false).getSocketFactory();
384
        SSLSocket sslSocket = (SSLSocket)
385
                sslsf.createSocket("localhost", serverPort);
386

387
        // Enable RSA_EXPORT cipher suites only.
388
        try {
389
            String enabledSuites[] = {
390
                "SSL_RSA_EXPORT_WITH_RC4_40_MD5",
391
                "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA"};
392
            sslSocket.setEnabledCipherSuites(enabledSuites);
393
        } catch (IllegalArgumentException iae) {
394
            // ignore the exception a cipher suite is unsupported.
395
        }
396

397
        InputStream sslIS = sslSocket.getInputStream();
398
        OutputStream sslOS = sslSocket.getOutputStream();
399

400
        sslOS.write(280);
401
        sslOS.flush();
402
        sslIS.read();
403

404
        sslSocket.close();
405
    }
406

407
    /*
408
     * =============================================================
409
     * The remainder is just support stuff
410
     */
411

412
    // use any free port by default
413
    volatile int serverPort = 0;
414

415
    volatile Exception serverException = null;
416
    volatile Exception clientException = null;
417

418
    public static void main(String[] args) throws Exception {
419
        // reset the security property to make sure that the algorithms
420
        // and keys used in this test are not disabled.
421
        Security.setProperty("jdk.certpath.disabledAlgorithms", "MD2");
422
        Security.setProperty("jdk.tls.disabledAlgorithms", "MD2");
423

424
        if (debug)
425
            System.setProperty("javax.net.debug", "all");
426

427
        /*
428
         * Start the tests.
429
         */
430
        new RSAExport();
431
    }
432

433
    Thread clientThread = null;
434
    Thread serverThread = null;
435

436
    /*
437
     * Primary constructor, used to drive remainder of the test.
438
     *
439
     * Fork off the other side, then do your work.
440
     */
441
    RSAExport() throws Exception {
442
        if (separateServerThread) {
443
            startServer(true);
444
            startClient(false);
445
        } else {
446
            startClient(true);
447
            startServer(false);
448
        }
449

450
        /*
451
         * Wait for other side to close down.
452
         */
453
        if (separateServerThread) {
454
            serverThread.join();
455
        } else {
456
            clientThread.join();
457
        }
458

459
        /*
460
         * When we get here, the test is pretty much over.
461
         *
462
         * If the main thread excepted, that propagates back
463
         * immediately.  If the other thread threw an exception, we
464
         * should report back.
465
         */
466
        if (serverException != null)
467
            throw serverException;
468
        if (clientException != null)
469
            throw clientException;
470
    }
471

472
    void startServer(boolean newThread) throws Exception {
473
        if (newThread) {
474
            serverThread = new Thread() {
475
                public void run() {
476
                    try {
477
                        doServerSide();
478
                    } catch (Exception e) {
479
                        /*
480
                         * Our server thread just died.
481
                         *
482
                         * Release the client, if not active already...
483
                         */
484
                        System.err.println("Server died..." + e);
485
                        serverReady = true;
486
                        serverException = e;
487
                    }
488
                }
489
            };
490
            serverThread.start();
491
        } else {
492
            doServerSide();
493
        }
494
    }
495

496
    void startClient(boolean newThread) throws Exception {
497
        if (newThread) {
498
            clientThread = new Thread() {
499
                public void run() {
500
                    try {
501
                        doClientSide();
502
                    } catch (Exception e) {
503
                        /*
504
                         * Our client thread just died.
505
                         */
506
                        System.err.println("Client died...");
507
                        clientException = e;
508
                    }
509
                }
510
            };
511
            clientThread.start();
512
        } else {
513
            doClientSide();
514
        }
515
    }
516

517
    // Get the SSL context
518
    private SSLContext getSSLContext(boolean authnRequired) throws Exception {
519
        // generate certificate from cert string
520
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
521

522
        ByteArrayInputStream is =
523
                    new ByteArrayInputStream(trusedCertStr.getBytes());
524
        Certificate trustedCert = cf.generateCertificate(is);
525

526
        // create a key store
527
        KeyStore ks = KeyStore.getInstance("JKS");
528
        ks.load(null, null);
529

530
        // import the trusted cert
531
        ks.setCertificateEntry("RSA Export Signer", trustedCert);
532

533
        if (authnRequired) {
534
            // generate the private key.
535
            RSAPrivateKeySpec priKeySpec = new RSAPrivateKeySpec(
536
                                            new BigInteger(modulus),
537
                                            new BigInteger(privateExponent));
538
            KeyFactory kf = KeyFactory.getInstance("RSA");
539
            RSAPrivateKey priKey =
540
                    (RSAPrivateKey)kf.generatePrivate(priKeySpec);
541

542
            // generate certificate chain
543
            is = new ByteArrayInputStream(serverCertStr.getBytes());
544
            Certificate serverCert = cf.generateCertificate(is);
545

546
            Certificate[] chain = new Certificate[2];
547
            chain[0] = serverCert;
548
            chain[1] = trustedCert;
549

550
            // import the key entry.
551
            ks.setKeyEntry("RSA Export", priKey, passphrase, chain);
552
        }
553

554
        // create SSL context
555
        TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX");
556
        tmf.init(ks);
557

558
        SSLContext ctx = SSLContext.getInstance("TLS");
559
        if (authnRequired) {
560
            KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
561
            kmf.init(ks, passphrase);
562

563
            ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
564
        } else {
565
            ctx.init(null, tmf.getTrustManagers(), null);
566
        }
567

568
        return ctx;
569
    }
570

571
}
572

573
Product

Resources

Company
