Path: blob/master/test/jdk/sun/security/ssl/SSLContextImpl/BadKSProvider.java
41152 views
/*1* Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation.7*8* This code is distributed in the hope that it will be useful, but WITHOUT9* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or10* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License11* version 2 for more details (a copy is included in the LICENSE file that12* accompanied this code).13*14* You should have received a copy of the GNU General Public License version15* 2 along with this work; if not, write to the Free Software Foundation,16* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.17*18* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA19* or visit www.oracle.com if you need additional information or have any20* questions.21*/2223//24// SunJSSE does not support dynamic system properties, no way to re-use25// system properties in samevm/agentvm mode.26//2728/*29* @test30* @bug 4919147 816806931* @summary Support for token-based KeyStores32* @run main/othervm BadKSProvider33*/3435import java.io.*;36import java.net.*;37import javax.net.ssl.*;3839public class BadKSProvider {4041/*42* =============================================================43* Set the various variables needed for the tests, then44* specify what tests to run on each side.45*/4647/*48* Should we run the client or server in a separate thread?49* Both sides can throw exceptions, but do you have a preference50* as to which side should be the main thread.51*/52static boolean separateServerThread = false;5354/*55* Where do we find the keystores?56*/57static String pathToStores = "../../../../javax/net/ssl/etc";58static String keyStoreFile = "keystore";59static String trustStoreFile = "truststore";60static String passwd = "passphrase";6162/*63* Is the server ready to serve?64*/65volatile static boolean serverReady = false;6667/*68* Turn on SSL debugging?69*/70static boolean debug = false;7172/*73* If the client or server is doing some kind of object creation74* that the other side depends on, and that thread prematurely75* exits, you may experience a hang. The test harness will76* terminate all hung threads after its timeout has expired,77* currently 3 minutes by default, but you might try to be78* smart about it....79*/8081/*82* Define the server side of the test.83*84* If the server prematurely exits, serverReady will be set to true85* to avoid infinite hangs.86*/87void doServerSide() throws Exception {88SSLServerSocketFactory sslssf =89(SSLServerSocketFactory) SSLServerSocketFactory.getDefault();90SSLServerSocket sslServerSocket =91(SSLServerSocket) sslssf.createServerSocket(serverPort);9293serverPort = sslServerSocket.getLocalPort();9495/*96* Signal Client, we're ready for his connect.97*/98serverReady = true;99100SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();101InputStream sslIS = sslSocket.getInputStream();102OutputStream sslOS = sslSocket.getOutputStream();103104sslIS.read();105sslOS.write(85);106sslOS.flush();107108sslSocket.close();109}110111/*112* Define the client side of the test.113*114* If the server prematurely exits, serverReady will be set to true115* to avoid infinite hangs.116*/117void doClientSide() throws Exception {118119/*120* Wait for server to get started.121*/122while (!serverReady) {123Thread.sleep(50);124}125126SSLSocketFactory sslsf =127(SSLSocketFactory) SSLSocketFactory.getDefault();128SSLSocket sslSocket = (SSLSocket)129sslsf.createSocket("localhost", serverPort);130131InputStream sslIS = sslSocket.getInputStream();132OutputStream sslOS = sslSocket.getOutputStream();133134sslOS.write(280);135sslOS.flush();136sslIS.read();137138sslSocket.close();139}140141/*142* =============================================================143* The remainder is just support stuff144*/145146// use any free port by default147volatile int serverPort = 0;148149volatile Exception serverException = null;150volatile Exception clientException = null;151152public static void main(String[] args) throws Exception {153String keyFilename =154System.getProperty("test.src", "./") + "/" + pathToStores +155"/" + keyStoreFile;156String trustFilename =157System.getProperty("test.src", "./") + "/" + pathToStores +158"/" + trustStoreFile;159160// first test a good provider name161162System.setProperty("javax.net.ssl.keyStore", keyFilename);163System.setProperty("javax.net.ssl.keyStoreProvider", "BAD-PROVIDER");164System.setProperty("javax.net.ssl.keyStorePassword", passwd);165System.setProperty("javax.net.ssl.trustStore", trustFilename);166System.setProperty("javax.net.ssl.trustStoreProvider", "SUN");167System.setProperty("javax.net.ssl.trustStorePassword", passwd);168169if (debug)170System.setProperty("javax.net.debug", "ssl,defaultctx");171172try {173new BadKSProvider();174throw new SecurityException("expected no-such-provider exception");175} catch (SocketException se) {176177// catching the exception is ok,178// but let's try to confirm it is the right exception.179//180// Note: this test must be updated if the exception message changes181182Throwable cause = se.getCause();183if (!(cause instanceof java.security.NoSuchAlgorithmException)) {184se.printStackTrace();185throw new Exception("Unexpected exception" + se);186}187188cause = cause.getCause();189if (!(cause instanceof java.security.KeyManagementException)) {190se.printStackTrace();191throw new Exception("Unexpected exception" + se);192}193194System.out.println("OK");195}196}197198Thread clientThread = null;199Thread serverThread = null;200201/*202* Primary constructor, used to drive remainder of the test.203*204* Fork off the other side, then do your work.205*/206BadKSProvider() throws Exception {207try {208if (separateServerThread) {209startServer(true);210startClient(false);211} else {212startClient(true);213startServer(false);214}215} catch (Exception e) {216//swallow for now. Show later217}218219/*220* Wait for other side to close down.221*/222if (separateServerThread) {223serverThread.join();224} else {225clientThread.join();226}227228/*229* When we get here, the test is pretty much over.230* Which side threw the error?231*/232Exception local;233Exception remote;234String whichRemote;235236if (separateServerThread) {237remote = serverException;238local = clientException;239whichRemote = "server";240} else {241remote = clientException;242local = serverException;243whichRemote = "client";244}245246/*247* If both failed, return the curthread's exception, but also248* print the remote side Exception249*/250if ((local != null) && (remote != null)) {251System.out.println(whichRemote + " also threw:");252//remote.printStackTrace();253System.out.println();254throw local;255}256257if (remote != null) {258throw remote;259}260261if (local != null) {262throw local;263}264}265266void startServer(boolean newThread) throws Exception {267if (newThread) {268serverThread = new Thread() {269public void run() {270try {271doServerSide();272} catch (Exception e) {273/*274* Our server thread just died.275*276* Release the client, if not active already...277*/278System.err.println("Server died...");279serverReady = true;280serverException = e;281}282}283};284serverThread.start();285} else {286try {287doServerSide();288} catch (Exception e) {289serverException = e;290} finally {291serverReady = true;292}293}294}295296void startClient(boolean newThread) throws Exception {297if (newThread) {298clientThread = new Thread() {299public void run() {300try {301doClientSide();302} catch (Exception e) {303/*304* Our client thread just died.305*/306System.err.println("Client died...");307clientException = e;308}309}310};311clientThread.start();312} else {313try {314doClientSide();315} catch (Exception e) {316clientException = e;317}318}319}320}321322323