Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/mobile
 Path: blob/master/test/jdk/sun/security/ssl/X509TrustManagerImpl/SelfIssuedCert.java
41152 views
1
/*

2
 * Copyright (c) 2009, 2019, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.

8
 *

9
 * This code is distributed in the hope that it will be useful, but WITHOUT

10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

12
 * version 2 for more details (a copy is included in the LICENSE file that

13
 * accompanied this code).

14
 *

15
 * You should have received a copy of the GNU General Public License version

16
 * 2 along with this work; if not, write to the Free Software Foundation,

17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

18
 *

19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

20
 * or visit www.oracle.com if you need additional information or have any

21
 * questions.

22
 */

23


24
//

25
// SunJSSE does not support dynamic system properties, no way to re-use

26
// system properties in samevm/agentvm mode.

27
//

28


29
/*

30
 * @test

31
 * @bug 6822460

32
 * @summary support self-issued certificate

33
 * @run main/othervm SelfIssuedCert PKIX

34
 * @run main/othervm SelfIssuedCert SunX509

35
 * @author Xuelei Fan

36
 */

37


38
import java.io.*;

39
import javax.net.ssl.*;

40
import java.security.KeyStore;

41
import java.security.KeyFactory;

42
import java.security.cert.Certificate;

43
import java.security.cert.CertificateFactory;

44
import java.security.spec.*;

45
import java.security.interfaces.*;

46


47
import java.util.Base64;

48


49
public class SelfIssuedCert {

50


51
    /*

52
     * =============================================================

53
     * Set the various variables needed for the tests, then

54
     * specify what tests to run on each side.

55
     */

56


57
    /*

58
     * Should we run the client or server in a separate thread?

59
     * Both sides can throw exceptions, but do you have a preference

60
     * as to which side should be the main thread.

61
     */

62
    static boolean separateServerThread = true;

63


64
    /*

65
     * Where do we find the keystores?

66
     */

67
    // Certificate information:

68
    // Issuer: C=US, O=Example, CN=localhost

69
    // Validity

70
    //     Not Before: Dec 19 06:11:58 2019 GMT

71
    //     Not After : Dec 16 06:11:58 2029 GMT

72
    // Subject: C=US, O=Example, CN=localhost

73
    // X509v3 Subject Key Identifier:

74
    //     80:67:BA:EE:10:6A:E3:8E:3E:8E:F7:2D:90:B6:FD:F9:54:87:47:B1

75
    // X509v3 Authority Key Identifier:

76
    //     keyid:80:67:BA:EE:10:6A:E3:8E:3E:8E:F7:2D:90:B6:FD:F9:54:87:47:B1

77
    static String trusedCertStr =

78
        "-----BEGIN CERTIFICATE-----\n" +

79
        "MIIDRzCCAi+gAwIBAgIUFjy13iZYWMGQcGF4svfix/9q4dcwDQYJKoZIhvcNAQEL\n" +

80
        "BQAwMzELMAkGA1UEBhMCVVMxEDAOBgNVBAoMB0V4YW1wbGUxEjAQBgNVBAMMCWxv\n" +

81
        "Y2FsaG9zdDAeFw0xOTEyMTkwNjExNThaFw0yOTEyMTYwNjExNThaMDMxCzAJBgNV\n" +

82
        "BAYTAlVTMRAwDgYDVQQKDAdFeGFtcGxlMRIwEAYDVQQDDAlsb2NhbGhvc3QwggEi\n" +

83
        "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy57BG8Dt+a4ZwWGM07f0z/mzK\n" +

84
        "T/myXM4W//3pkZxO0+4oyYM7G8ks9O64NPpA0CpTPCpfY6dI1Y/kwBUdSoqx2D8t\n" +

85
        "OEfHOat2/AQvvWmEChFH4ZmmQFkLXBy0ueDq0TJbEd94+WhL3q9bA4uqvBsuuaTt\n" +

86
        "bX/GyOC52bpjg0TWY4BRdRVhveISZvqOCoqqJ1aPOnfxqySaZIC34q9gdUCUNxZD\n" +

87
        "qjhuQF3Q0xYsNGZSUmnKj3/0GS600BwQPqSHy287Vda88NvqJGFS4DKrw3HV3Wsk\n" +

88
        "IHGN+tzB5THBy70XrE+XIdXJ/I86q+FvNcTnJygn2nVNG4+vUhW8S3BzTiKPAgMB\n" +

89
        "AAGjUzBRMB0GA1UdDgQWBBSAZ7ruEGrjjj6O9y2Qtv35VIdHsTAfBgNVHSMEGDAW\n" +

90
        "gBSAZ7ruEGrjjj6O9y2Qtv35VIdHsTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3\n" +

91
        "DQEBCwUAA4IBAQBX7icKmR/iUPJhfnvNHiqsyTIcowY3JSAJAyJFrViKx2tdo+qq\n" +

92
        "yA+EUsZlZsCwhiiG4/SjFxgaAp0Z3BBmsO/njWUEx3/fSufTHcs0+fPNkFLru5Lr\n" +

93
        "das4wW9Cv/wO4rz2L6qK/x7+r/wkPccaqxTpdZvXqDid2va5Lv3F7jOW5ns13piZ\n" +

94
        "z571RCpmhGSytYKFrAOGoI4ZBWXrkCiYQZ8KvhdBQP/MNJM+e6ajtF27rK08XTao\n" +

95
        "mW3FXfK6SjKQDGVwtNJ7M1qGutIpe0pNBGwvDpQuY2mk0Le46OXdaQ7AAzE+OnRJ\n" +

96
        "1uRDV+p95MzhtolPgB3I8Rzyd23nfrx6uxMA\n" +

97
        "-----END CERTIFICATE-----";

98


99
    // Certificate information:

100
    // Issuer: C=US, O=Example, CN=localhost

101
    // Validity

102
    //     Not Before: Dec 19 06:12:04 2019 GMT

103
    //     Not After : Dec 16 06:12:04 2029 GMT

104
    // Subject: C=US, O=Example, CN=localhost

105
    // X509v3 Subject Key Identifier:

106
    //     73:79:B7:73:F5:41:BB:3A:90:07:87:F2:CA:A5:B3:C3:45:E0:18:E0

107
    // X509v3 Authority Key Identifier:

108
    //     keyid:80:67:BA:EE:10:6A:E3:8E:3E:8E:F7:2D:90:B6:FD:F9:54:87:47:B1

109
    static String targetCertStr =

110
        "-----BEGIN CERTIFICATE-----\n" +

111
        "MIIDNjCCAh6gAwIBAgIURM+bID1TFw41Z/Vz9tPp7HzpH7QwDQYJKoZIhvcNAQEL\n" +

112
        "BQAwMzELMAkGA1UEBhMCVVMxEDAOBgNVBAoMB0V4YW1wbGUxEjAQBgNVBAMMCWxv\n" +

113
        "Y2FsaG9zdDAeFw0xOTEyMTkwNjEyMDRaFw0yOTEyMTYwNjEyMDRaMDMxCzAJBgNV\n" +

114
        "BAYTAlVTMRAwDgYDVQQKDAdFeGFtcGxlMRIwEAYDVQQDDAlsb2NhbGhvc3QwggEi\n" +

115
        "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtxQXQdTlZNoASIE0TM+tgtUY3\n" +

116
        "jnu0EymO+RGljOIFYhz2MxN0OQ5ABofxdIhbSqtoCO9HbsVWIPKOvbACoAJ4HjTV\n" +

117
        "antLPlvCqbUoR96q6JWbnbQ6uZOsgiQTveQMhLJ+k9BehzcwKvwCFGNY3qW0xwUv\n" +

118
        "mXKWRveRAbTOjZ3i1YzcmkLOwYaeyt2Al3jPCbZySUlB94NRRAQZ4RzqfuetAvEd\n" +

119
        "LFW1fXNwL5bHE7JbJkWInciLOqHf5GuyXDjKE8Oz2/Ywv/5C2K2LtWa1g5jIEQtB\n" +

120
        "cjRa9Cjwcrs8peisC5OmL5cbJweNKr6H0mrVR8KFdFHUmM5X4uSiOMVFr/rTAgMB\n" +

121
        "AAGjQjBAMB0GA1UdDgQWBBRzebdz9UG7OpAHh/LKpbPDReAY4DAfBgNVHSMEGDAW\n" +

122
        "gBSAZ7ruEGrjjj6O9y2Qtv35VIdHsTANBgkqhkiG9w0BAQsFAAOCAQEAZ/Ijlics\n" +

123
        "YGCw9k4he3ZkNfqCPFTJKgkbTuM1Cy+aCXzhhdGKCZ2R0Xyi3ma3snwPtqHy5Aru\n" +

124
        "WwoGssxL6S8+Pb/BPZ9OelU7lEmS69AeBKOHHIEs+wEi2oco8J+WU1O4zekP8Clv\n" +

125
        "hHuwPhoL6g0aAUXAISaqYpHYC15oXGOJcC539kgv4VrL9UZJekxtDERUXKyzW+UC\n" +

126
        "ZBPalts1zM5wD43+9PuoeLiPdvMg1kH4obJYnj23zej41iwqPOWhgm0NuGoJVjSg\n" +

127
        "4YqtS1ePD/I2oRV0bu4P7Q72cMYdcFHfPDoe3vCcEMxUTgGBaoPHw9GwEeRoWn/L\n" +

128
        "whBwzXBsD0aZqQ==\n" +

129
        "-----END CERTIFICATE-----";

130


131
    // Private key in the format of PKCS#8

132
    static String targetPrivateKey =

133
        "MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCtxQXQdTlZNoAS\n" +

134
        "IE0TM+tgtUY3jnu0EymO+RGljOIFYhz2MxN0OQ5ABofxdIhbSqtoCO9HbsVWIPKO\n" +

135
        "vbACoAJ4HjTVantLPlvCqbUoR96q6JWbnbQ6uZOsgiQTveQMhLJ+k9BehzcwKvwC\n" +

136
        "FGNY3qW0xwUvmXKWRveRAbTOjZ3i1YzcmkLOwYaeyt2Al3jPCbZySUlB94NRRAQZ\n" +

137
        "4RzqfuetAvEdLFW1fXNwL5bHE7JbJkWInciLOqHf5GuyXDjKE8Oz2/Ywv/5C2K2L\n" +

138
        "tWa1g5jIEQtBcjRa9Cjwcrs8peisC5OmL5cbJweNKr6H0mrVR8KFdFHUmM5X4uSi\n" +

139
        "OMVFr/rTAgMBAAECggEAIFDvz+C9FZZJIxXWv6d8MrQDpvlckBSwOeKgIYWd0xp4\n" +

140
        "AGFnUMn7mHSee40Mfs3YKrTeqw4yrN3bvigQv6w6SVR0xuvSmh+yuPUOt7sF8grn\n" +

141
        "J9WgWvuANyjMxM8fxiQ3fcrHiYzj+pVD4K8h+rkNYB1THZMP+FqiV9lVYsR7hF+b\n" +

142
        "1D967LB4oLmAaMExaSo23NZLGVTxZSxxGw6Qidz7CyKvIdVXnNIEzMnuXX60xiJm\n" +

143
        "PnLyZUKDmlw5kI4KaDG+6OIOpDu2FGCFVLZmycs4Ri6h6xJp3jhKAVjCcZJUty80\n" +

144
        "+rBfAx4BHfDrcgyEiTN7NA8gnnCzUc6uX6I/tm62gQKBgQDniWuFjSzhaAhj04+N\n" +

145
        "vG8sQjfVmTbON6SfFfujR/Z57qamJ8zcS/REHfc5swdn9uUTJ2xoRRNCwKZyuMXo\n" +

146
        "4B2/O9+sKfEPYGyjAyGo6E4rGLRNcw6Tb8hx/EFvfTOunwapynOJDDs2Z6FzWNIx\n" +

147
        "x4+FHs9hStwL/OTdXF/OY2vGsQKBgQDAIR93LrCC6OpGi89/UDIwpT9pFLa8cvpr\n" +

148
        "1MUNlHhcxQusPUgWT4pTucF/SQpPf77g3YNb5pt3DG0GELM8YAB0Uv9oZIWfJoFY\n" +

149
        "ebYy6tMVxhHhT0OuryMj48BMHnQG78hq8+c0NnjK7jXV6t0iKjN8ANnFqAovm+U9\n" +

150
        "VMobar5CwwKBgFCKN9GsCxmZg5meBQiLrKxbmGp/slXHe0cvcWoZ5T4C6wtPOu7C\n" +

151
        "qQRs3AvBH+llM8gW5ZnbtVh6BSxQ498e3pof7K1JpaXwp7mIpFPKAy7wl/9872wP\n" +

152
        "7UzhL63lgm3SuZGkb84TaCGDqOCj2/Ie9eibkA3K6YJuBPqPYHA9m0bxAoGARdcE\n" +

153
        "iB9pvHyMRM6nw8DULciz7y+/aWtmSnJSmyggRKDAKIEyRiHtx5eblfhoDhQCv9zl\n" +

154
        "1i9SzgivTOgfL1A6eg59l2YLCJpHpHDB4WppBt40O7HDialSXcZ5bXIYfTkGopI8\n" +

155
        "tkciy6mh2jwA3F14z5fDkc0OvtWtlAjRWvwHY18CgYAPONVJtVFiMogBU5Iyv1LB\n" +

156
        "oygn6AFvTI8Pjy2g5GsJBbRnKFjAJrP7HpgUxLdW+Mlnv3Xgtr/L6ep+VKoXTEwv\n" +

157
        "Y83gliDwG2YRjaUbkMfQqcm20/Pi4XPwhy5pwTVsXVBfzKzqJjKAFk97BD9xCUIH\n" +

158
        "FOGe+jaEsWvaEQrH5y17FQ==";

159


160
    static char passphrase[] = "passphrase".toCharArray();

161


162
    /*

163
     * Is the server ready to serve?

164
     */

165
    volatile static boolean serverReady = false;

166


167
    /*

168
     * Turn on SSL debugging?

169
     */

170
    static boolean debug = false;

171


172
    /*

173
     * Define the server side of the test.

174
     *

175
     * If the server prematurely exits, serverReady will be set to true

176
     * to avoid infinite hangs.

177
     */

178
    void doServerSide() throws Exception {

179
        SSLContext context = getSSLContext(null, targetCertStr,

180
                                            targetPrivateKey);

181
        SSLServerSocketFactory sslssf = context.getServerSocketFactory();

182


183
        SSLServerSocket sslServerSocket =

184
            (SSLServerSocket)sslssf.createServerSocket(serverPort);

185
        serverPort = sslServerSocket.getLocalPort();

186


187
        /*

188
         * Signal Client, we're ready for his connect.

189
         */

190
        serverReady = true;

191


192
        SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();

193
        sslSocket.setNeedClientAuth(false);

194


195
        InputStream sslIS = sslSocket.getInputStream();

196
        OutputStream sslOS = sslSocket.getOutputStream();

197


198
        sslIS.read();

199
        sslOS.write(85);

200
        sslOS.flush();

201


202
        sslSocket.close();

203


204
    }

205


206
    /*

207
     * Define the client side of the test.

208
     *

209
     * If the server prematurely exits, serverReady will be set to true

210
     * to avoid infinite hangs.

211
     */

212
    void doClientSide() throws Exception {

213
        /*

214
         * Wait for server to get started.

215
         */

216
        while (!serverReady) {

217
            Thread.sleep(50);

218
        }

219


220
        SSLContext context = getSSLContext(trusedCertStr, null, null);

221
        SSLSocketFactory sslsf = context.getSocketFactory();

222


223
        SSLSocket sslSocket =

224
            (SSLSocket)sslsf.createSocket("localhost", serverPort);

225


226
        InputStream sslIS = sslSocket.getInputStream();

227
        OutputStream sslOS = sslSocket.getOutputStream();

228


229
        sslOS.write(280);

230
        sslOS.flush();

231
        sslIS.read();

232


233
        sslSocket.close();

234
    }

235


236
    // get the ssl context

237
    private static SSLContext getSSLContext(String trusedCertStr,

238
            String keyCertStr, String keySpecStr) throws Exception {

239


240
        // generate certificate from cert string

241
        CertificateFactory cf = CertificateFactory.getInstance("X.509");

242


243
        // create a key store

244
        KeyStore ks = KeyStore.getInstance("JKS");

245
        ks.load(null, null);

246


247
        // import the trused cert

248
        Certificate trusedCert = null;

249
        ByteArrayInputStream is = null;

250
        if (trusedCertStr != null) {

251
            is = new ByteArrayInputStream(trusedCertStr.getBytes());

252
            trusedCert = cf.generateCertificate(is);

253
            is.close();

254


255
            ks.setCertificateEntry("RSA Export Signer", trusedCert);

256
        }

257


258
        if (keyCertStr != null) {

259
            // generate the private key.

260
            PKCS8EncodedKeySpec priKeySpec = new PKCS8EncodedKeySpec(

261
                                Base64.getMimeDecoder().decode(keySpecStr));

262
            KeyFactory kf = KeyFactory.getInstance("RSA");

263
            RSAPrivateKey priKey =

264
                    (RSAPrivateKey)kf.generatePrivate(priKeySpec);

265


266
            // generate certificate chain

267
            is = new ByteArrayInputStream(keyCertStr.getBytes());

268
            Certificate keyCert = cf.generateCertificate(is);

269
            is.close();

270


271
            Certificate[] chain = null;

272
            if (trusedCert != null) {

273
                chain = new Certificate[2];

274
                chain[0] = keyCert;

275
                chain[1] = trusedCert;

276
            } else {

277
                chain = new Certificate[1];

278
                chain[0] = keyCert;

279
            }

280


281
            // import the key entry.

282
            ks.setKeyEntry("Whatever", priKey, passphrase, chain);

283
        }

284


285
        // create SSL context

286
        TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmAlgorithm);

287
        tmf.init(ks);

288


289
        SSLContext ctx = SSLContext.getInstance("TLS");

290
        if (keyCertStr != null && !keyCertStr.isEmpty()) {

291
            KeyManagerFactory kmf = KeyManagerFactory.getInstance("NewSunX509");

292
            kmf.init(ks, passphrase);

293


294
            ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);

295
            ks = null;

296
        } else {

297
            ctx.init(null, tmf.getTrustManagers(), null);

298
        }

299


300
        return ctx;

301
    }

302


303
    private static String tmAlgorithm;        // trust manager

304


305
    private static void parseArguments(String[] args) {

306
        tmAlgorithm = args[0];

307
    }

308


309
    /*

310
     * =============================================================

311
     * The remainder is just support stuff

312
     */

313


314
    // use any free port by default

315
    volatile int serverPort = 0;

316


317
    volatile Exception serverException = null;

318
    volatile Exception clientException = null;

319


320
    public static void main(String args[]) throws Exception {

321
        if (debug)

322
            System.setProperty("javax.net.debug", "all");

323


324
        /*

325
         * Get the customized arguments.

326
         */

327
        parseArguments(args);

328


329
        /*

330
         * Start the tests.

331
         */

332
        new SelfIssuedCert();

333
    }

334


335
    Thread clientThread = null;

336
    Thread serverThread = null;

337
    /*

338
     * Primary constructor, used to drive remainder of the test.

339
     *

340
     * Fork off the other side, then do your work.

341
     */

342
    SelfIssuedCert() throws Exception {

343
        if (separateServerThread) {

344
            startServer(true);

345
            startClient(false);

346
        } else {

347
            startClient(true);

348
            startServer(false);

349
        }

350


351
        /*

352
         * Wait for other side to close down.

353
         */

354
        if (separateServerThread) {

355
            serverThread.join();

356
        } else {

357
            clientThread.join();

358
        }

359


360
        /*

361
         * When we get here, the test is pretty much over.

362
         *

363
         * If the main thread excepted, that propagates back

364
         * immediately.  If the other thread threw an exception, we

365
         * should report back.

366
         */

367
        if (serverException != null)

368
            throw serverException;

369
        if (clientException != null)

370
            throw clientException;

371
    }

372


373
    void startServer(boolean newThread) throws Exception {

374
        if (newThread) {

375
            serverThread = new Thread() {

376
                public void run() {

377
                    try {

378
                        doServerSide();

379
                    } catch (Exception e) {

380
                        /*

381
                         * Our server thread just died.

382
                         *

383
                         * Release the client, if not active already...

384
                         */

385
                        System.err.println("Server died...");

386
                        serverReady = true;

387
                        serverException = e;

388
                    }

389
                }

390
            };

391
            serverThread.start();

392
        } else {

393
            doServerSide();

394
        }

395
    }

396


397
    void startClient(boolean newThread) throws Exception {

398
        if (newThread) {

399
            clientThread = new Thread() {

400
                public void run() {

401
                    try {

402
                        doClientSide();

403
                    } catch (Exception e) {

404
                        /*

405
                         * Our client thread just died.

406
                         */

407
                        System.err.println("Client died...");

408
                        clientException = e;

409
                    }

410
                }

411
            };

412
            clientThread.start();

413
        } else {

414
            doClientSide();

415
        }

416
    }

417


418
}

419


420