Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/mobile
 Path: blob/master/test/jdk/sun/security/ssl/X509TrustManagerImpl/CertRequestOverflow.java
41152 views
1
/*

2
 * Copyright (c) 2012, 2018, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.

8
 *

9
 * This code is distributed in the hope that it will be useful, but WITHOUT

10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

12
 * version 2 for more details (a copy is included in the LICENSE file that

13
 * accompanied this code).

14
 *

15
 * You should have received a copy of the GNU General Public License version

16
 * 2 along with this work; if not, write to the Free Software Foundation,

17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

18
 *

19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

20
 * or visit www.oracle.com if you need additional information or have any

21
 * questions.

22
 */

23


24
//

25
// SunJSSE does not support dynamic system properties, no way to re-use

26
// system properties in samevm/agentvm mode.

27
//

28


29
/*

30
 * @test

31
 * @bug 7200295

32
 * @summary CertificateRequest message is wrapping when using large

33
 *          numbers of Certs

34
 * @run main/othervm CertRequestOverflow

35
 */

36


37
import java.io.*;

38
import java.net.*;

39
import java.util.*;

40
import javax.net.ssl.*;

41
import java.security.cert.*;

42
import java.security.*;

43


44
public class CertRequestOverflow {

45


46
    /*

47
     * =============================================================

48
     * Set the various variables needed for the tests, then

49
     * specify what tests to run on each side.

50
     */

51


52
    /*

53
     * Should we run the client or server in a separate thread?

54
     * Both sides can throw exceptions, but do you have a preference

55
     * as to which side should be the main thread.

56
     */

57
    static boolean separateServerThread = false;

58


59
    /*

60
     * Where do we find the keystores?

61
     */

62
    static String pathToStores = "../../../../javax/net/ssl/etc";

63
    static String keyStoreFile = "keystore";

64
    static String trustStoreFile = "truststore";

65
    static String passwd = "passphrase";

66
    private final static char[] cpasswd = "passphrase".toCharArray();

67


68
    /*

69
     * Is the server ready to serve?

70
     */

71
    volatile static boolean serverReady = false;

72


73
    /*

74
     * Turn on SSL debugging?

75
     */

76
    static boolean debug = false;

77


78
    /*

79
     * If the client or server is doing some kind of object creation

80
     * that the other side depends on, and that thread prematurely

81
     * exits, you may experience a hang.  The test harness will

82
     * terminate all hung threads after its timeout has expired,

83
     * currently 3 minutes by default, but you might try to be

84
     * smart about it....

85
     */

86


87
    /*

88
     * Define the server side of the test.

89
     *

90
     * If the server prematurely exits, serverReady will be set to true

91
     * to avoid infinite hangs.

92
     */

93
    void doServerSide() throws Exception {

94
        SSLServerSocketFactory sslssf =

95
                                getContext(true).getServerSocketFactory();

96
        SSLServerSocket sslServerSocket =

97
            (SSLServerSocket) sslssf.createServerSocket(serverPort);

98
        serverPort = sslServerSocket.getLocalPort();

99
        if (debug) {

100
            System.out.println("Server port is " + serverPort);

101
        }

102


103
        // enable endpoint identification

104
        // ignore, we may test the feature when known how to parse client

105
        // hostname

106
        //SSLParameters params = sslServerSocket.getSSLParameters();

107
        //params.setEndpointIdentificationAlgorithm("HTTPS");

108
        //sslServerSocket.setSSLParameters(params);

109


110
        /*

111
         * Signal Client, we're ready for his connect.

112
         */

113
        serverReady = true;

114


115
        SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();

116
        sslSocket.setNeedClientAuth(true);

117
        InputStream sslIS = sslSocket.getInputStream();

118
        OutputStream sslOS = sslSocket.getOutputStream();

119


120
        try {

121
            sslIS.read();

122
            sslOS.write(85);

123
            sslOS.flush();

124


125
            throw new Exception("SERVER TEST FAILED!  " +

126
                        "It is expected to fail with field length overflow");

127
        } catch (SSLException ssle) {

128
            Throwable cause = ssle.getCause();

129
            if (!(cause instanceof RuntimeException)) {

130
                System.out.println("We are expecting a RuntimeException!");

131
                throw ssle;

132
            }

133
            System.out.println("The expected exception!  " + ssle);

134
        } finally {

135
            sslSocket.close();

136
        }

137


138
        System.out.println("SERVER TEST PASSED!");

139
    }

140


141
    /*

142
     * Define the client side of the test.

143
     *

144
     * If the server prematurely exits, serverReady will be set to true

145
     * to avoid infinite hangs.

146
     */

147
    void doClientSide() throws Exception {

148


149
        /*

150
         * Wait for server to get started.

151
         */

152
        while (!serverReady) {

153
            Thread.sleep(50);

154
        }

155


156
        SSLSocketFactory sslsf = getContext(false).getSocketFactory();

157
        SSLSocket sslSocket = (SSLSocket)

158
            sslsf.createSocket("localhost", serverPort);

159
        if (debug) {

160
            System.out.println("Connected to: " +

161
                    sslSocket.getRemoteSocketAddress());

162
        }

163


164
        // enable endpoint identification

165
        SSLParameters params = sslSocket.getSSLParameters();

166
        params.setEndpointIdentificationAlgorithm("HTTPS");

167
        sslSocket.setSSLParameters(params);

168


169
        InputStream sslIS = sslSocket.getInputStream();

170
        OutputStream sslOS = sslSocket.getOutputStream();

171


172
        try {

173
            sslOS.write(280);

174
            sslOS.flush();

175
            sslIS.read();

176
        } catch (SSLException ssle) {

177
            System.out.println("An expected exception!");

178
        } finally {

179
            sslSocket.close();

180
        }

181
    }

182


183
    MyExtendedX509TM serverTM;

184
    MyExtendedX509TM clientTM;

185


186
    private SSLContext getContext(boolean server) throws Exception {

187
        String keyFilename =

188
            System.getProperty("test.src", "./") + "/" + pathToStores +

189
                "/" + keyStoreFile;

190
        String trustFilename =

191
            System.getProperty("test.src", "./") + "/" + pathToStores +

192
                "/" + trustStoreFile;

193


194
        KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");

195
        KeyStore ks = KeyStore.getInstance("JKS");

196
        ks.load(new FileInputStream(keyFilename), cpasswd);

197
        kmf.init(ks, cpasswd);

198


199
        TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");

200
        KeyStore ts = KeyStore.getInstance("JKS");

201
        ts.load(new FileInputStream(trustFilename), cpasswd);

202
        tmf.init(ts);

203


204
        TrustManager tms[] = tmf.getTrustManagers();

205
        if (tms == null || tms.length == 0) {

206
            throw new Exception("unexpected trust manager implementation");

207
        } else {

208
           if (!(tms[0] instanceof X509TrustManager)) {

209
            throw new Exception("unexpected trust manager implementation: "

210
                                + tms[0].getClass().getCanonicalName());

211
           }

212
        }

213


214
        if (server) {

215
            serverTM = new MyExtendedX509TM((X509TrustManager)tms[0]);

216


217
            tms = new TrustManager[] {serverTM};

218
        } else {

219
            clientTM = new MyExtendedX509TM((X509TrustManager)tms[0]);

220


221
            tms = new TrustManager[] {clientTM};

222
        }

223


224
        SSLContext ctx = SSLContext.getInstance("TLSv1.2");

225
        ctx.init(kmf.getKeyManagers(), tms, null);

226


227
        return ctx;

228
    }

229


230
    static class MyExtendedX509TM extends X509ExtendedTrustManager

231
            implements X509TrustManager {

232


233
        X509TrustManager tm;

234


235
        boolean clientChecked;

236
        boolean serverChecked;

237


238
        MyExtendedX509TM(X509TrustManager tm) {

239
            clientChecked = false;

240
            serverChecked = false;

241


242
            this.tm = tm;

243
        }

244


245
        public boolean wasClientChecked() {

246
            return clientChecked;

247
        }

248


249
        public boolean wasServerChecked() {

250
            return serverChecked;

251
        }

252


253
        @Override

254
        public void checkClientTrusted(X509Certificate chain[], String authType)

255
                throws CertificateException {

256
            tm.checkClientTrusted(chain, authType);

257
        }

258


259
        @Override

260
        public void checkServerTrusted(X509Certificate chain[], String authType)

261
                throws CertificateException {

262
            tm.checkServerTrusted(chain, authType);

263
        }

264


265
        @Override

266
        public X509Certificate[] getAcceptedIssuers() {

267
            // (hack code) increase the size of the returned array to make a

268
            // overflow CertificateRequest.

269
            List<X509Certificate> issuersList = new LinkedList<>();

270
            X509Certificate[] issuers = tm.getAcceptedIssuers();

271
            for (int i = 0; i < 800; i += issuers.length) {

272
                for (X509Certificate issuer : issuers) {

273
                    issuersList.add(issuer);

274
                }

275
            }

276


277
            return issuersList.toArray(issuers);

278
        }

279


280
        @Override

281
        public void checkClientTrusted(X509Certificate[] chain, String authType,

282
                Socket socket) throws CertificateException {

283
            clientChecked = true;

284
            tm.checkClientTrusted(chain, authType);

285
        }

286


287
        @Override

288
        public void checkServerTrusted(X509Certificate[] chain, String authType,

289
                Socket socket) throws CertificateException {

290
            serverChecked = true;

291
            tm.checkServerTrusted(chain, authType);

292
        }

293


294
        @Override

295
        public void checkClientTrusted(X509Certificate[] chain, String authType,

296
            SSLEngine engine) throws CertificateException {

297
            clientChecked = true;

298
            tm.checkClientTrusted(chain, authType);

299
        }

300


301
        @Override

302
        public void checkServerTrusted(X509Certificate[] chain, String authType,

303
            SSLEngine engine) throws CertificateException {

304
            serverChecked = true;

305
            tm.checkServerTrusted(chain, authType);

306
        }

307
    }

308


309
    /*

310
     * =============================================================

311
     * The remainder is just support stuff

312
     */

313


314
    // use any free port by default

315
    volatile int serverPort = 0;

316


317
    volatile Exception serverException = null;

318
    volatile Exception clientException = null;

319


320
    public static void main(String[] args) throws Exception {

321


322
        if (debug)

323
            System.setProperty("javax.net.debug", "all");

324


325
        /*

326
         * Start the tests.

327
         */

328
        new CertRequestOverflow();

329
    }

330


331
    Thread clientThread = null;

332
    Thread serverThread = null;

333


334
    /*

335
     * Primary constructor, used to drive remainder of the test.

336
     *

337
     * Fork off the other side, then do your work.

338
     */

339
    CertRequestOverflow() throws Exception {

340
        if (separateServerThread) {

341
            startServer(true);

342
            startClient(false);

343
        } else {

344
            startClient(true);

345
            startServer(false);

346
        }

347


348
        /*

349
         * Wait for other side to close down.

350
         */

351
        if (separateServerThread) {

352
            serverThread.join();

353
        } else {

354
            clientThread.join();

355
        }

356


357
        /*

358
         * When we get here, the test is pretty much over.

359
         *

360
         * If the main thread excepted, that propagates back

361
         * immediately.  If the other thread threw an exception, we

362
         * should report back.

363
         */

364
        if (serverException != null)

365
            throw serverException;

366
        if (clientException != null)

367
            throw clientException;

368
    }

369


370
    void startServer(boolean newThread) throws Exception {

371
        if (newThread) {

372
            serverThread = new Thread() {

373
                @Override

374
                public void run() {

375
                    try {

376
                        doServerSide();

377
                    } catch (Exception e) {

378
                        /*

379
                         * Our server thread just died.

380
                         *

381
                         * Release the client, if not active already...

382
                         */

383
                        System.err.println("Server died...");

384
                        serverReady = true;

385
                        serverException = e;

386
                    }

387
                }

388
            };

389
            serverThread.start();

390
        } else {

391
            doServerSide();

392
        }

393
    }

394


395
    void startClient(boolean newThread) throws Exception {

396
        if (newThread) {

397
            clientThread = new Thread() {

398
                @Override

399
                public void run() {

400
                    try {

401
                        doClientSide();

402
                    } catch (Exception e) {

403
                        /*

404
              * Our client thread just died.

405
                         */

406
                        System.err.println("Client died...");

407
                        clientException = e;

408
                    }

409
                }

410
            };

411
            clientThread.start();

412
        } else {

413
            doClientSide();

414
        }

415
    }

416
}

417


418


419