Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/mobile
 Path: blob/master/test/jdk/sun/security/ssl/X509TrustManagerImpl/SunX509ExtendedTM.java
41152 views
1
/*

2
 * Copyright (c) 2010, 2015, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.

8
 *

9
 * This code is distributed in the hope that it will be useful, but WITHOUT

10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

12
 * version 2 for more details (a copy is included in the LICENSE file that

13
 * accompanied this code).

14
 *

15
 * You should have received a copy of the GNU General Public License version

16
 * 2 along with this work; if not, write to the Free Software Foundation,

17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

18
 *

19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

20
 * or visit www.oracle.com if you need additional information or have any

21
 * questions.

22
 */

23


24
//

25
// SunJSSE does not support dynamic system properties, no way to re-use

26
// system properties in samevm/agentvm mode.

27
//

28


29
/*

30
 * @test

31
 * @bug 6916074

32
 * @summary Add support for TLS 1.2

33
 * @run main/othervm SunX509ExtendedTM

34
 */

35


36
import java.net.*;

37
import java.util.*;

38
import java.io.*;

39
import javax.net.ssl.*;

40
import java.security.Security;

41
import java.security.KeyStore;

42
import java.security.KeyFactory;

43
import java.security.cert.Certificate;

44
import java.security.cert.CertificateFactory;

45
import java.security.spec.*;

46
import java.security.interfaces.*;

47
import java.math.BigInteger;

48


49


50
/*

51
 * Certificates and key used in the test.

52
 *

53
 * TLS server certificate:

54
 * server private key:

55
 * -----BEGIN RSA PRIVATE KEY-----

56
 * Proc-Type: 4,ENCRYPTED

57
 * DEK-Info: DES-EDE3-CBC,D9AE407F6D0E389A

58
 *

59
 * WPrA7TFol/cQCcp9oHnXWNpYlvRbbIcQj0m+RKT2Iuzfus+DHt3Zadf8nJpKfX2e

60
 * h2rnhlzCN9M7djRDooZKDOPCsdBn51Au7HlZF3S3Opgo7D8XFM1a8t1Je4ke14oI

61
 * nw6QKYsBblRziPnP2PZ0zvX24nOv7bbY8beynlJHGs00VWSFdoH2DS0aE1p6D+3n

62
 * ptJuJ75dVfZFK4X7162APlNXevX8D6PEQpSiRw1rjjGGcnvQ4HdWk3BxDVDcCNJb

63
 * Y1aGNRxsjTDvPi3R9Qx2M+W03QzEPx4SR3ZHVskeSJHaetM0TM/w/45Paq4GokXP

64
 * ZeTnbEx1xmjkA7h+t4doLL4watx5F6yLsJzu8xB3lt/1EtmkYtLz1t7X4BetPAXz

65
 * zS69X/VwhKfsOI3qXBWuL2oHPyhDmT1gcaUQwEPSV6ogHEEQEDXdiUS8heNK13KF

66
 * TCQYFkETvV2BLxUhV1hypPzRQ6tUpJiAbD5KmoK2lD9slshG2QtvKQq0/bgkDY5J

67
 * LhDHV2dtcZ3kDPkkZXpbcJQvoeH3d09C5sIsuTFo2zgNR6oETHUc5TzP6FY2YYRa

68
 * QcK5HcmtsRRiXFm01ac+aMejJUIujjFt84SiKWT/73vC8AmY4tYcJBLjCg4XIxSH

69
 * fdDFLL1YZENNO5ivlp8mdiHqcawx+36L7DrEZQ8RZt6cqST5t/+XTdM74s6k81GT

70
 * pNsa82P2K2zmIUZ/DL2mKjW1vfRByw1NQFEBkN3vdyZxYfM/JyUzX4hbjXBEkh9Q

71
 * QYrcwLKLjis2QzSvK04B3bvRzRb+4ocWiso8ZPAXAIxZFBWDpTMM2A==

72
 * -----END RSA PRIVATE KEY-----

73
 *

74
 * -----BEGIN RSA PRIVATE KEY-----

75
 * MIICXAIBAAKBgQClrFscN6LdmYktsnm4j9VIpecchBeNaZzGrG358h0fORna03Ie

76
 * buxEzHCk3LoAMPagTz1UemFqzFfQCn+VKBg/mtmU8hvIJIh+/p0PPftXUwizIDPU

77
 * PxdHFNHN6gjYDnVOr77M0uyvqXpJ38LZrLgkQJCmA1Yq0DAFQCxPq9l0iQIDAQAB

78
 * AoGAbqcbg1E1mkR99uOJoNeQYKFOJyGiiXTMnXV1TseC4+PDfQBU7Dax35GcesBi

79
 * CtapIpFKKS5D+ozY6b7ZT8ojxuQ/uHLPAvz0WDR3ds4iRF8tyu71Q1ZHcQsJa17y

80
 * yO7UbkSSKn/Mp9Rb+/dKqftUGNXVFLqgHBOzN2s3We3bbbECQQDYBPKOg3hkaGHo

81
 * OhpHKqtQ6EVkldihG/3i4WejRonelXN+HRh1KrB2HBx0M8D/qAzP1i3rNSlSHer4

82
 * 59YRTJnHAkEAxFX/sVYSn07BHv9Zhn6XXct/Cj43z/tKNbzlNbcxqQwQerw3IH51

83
 * 8UH2YOA+GD3lXbKp+MytoFLWv8zg4YT/LwJAfqan75Z1R6lLffRS49bIiq8jwE16

84
 * rTrUJ+kv8jKxMqc9B3vXkxpsS1M/+4E8bqgAmvpgAb8xcsvHsBd9ErdukQJBAKs2

85
 * j67W75BrPjBI34pQ1LEfp56IGWXOrq1kF8IbCjxv3+MYRT6Z6UJFkpRymNPNDjsC

86
 * dgUYgITiGJHUGXuw3lMCQHEHqo9ZtXz92yFT+VhsNc29B8m/sqUJdtCcMd/jGpAF

87
 * u6GHufjqIZBpQsk63wbwESAPZZ+kk1O1kS5GIRLX608=

88
 * -----END RSA PRIVATE KEY-----

89
 *

90
 * Private-Key: (1024 bit)

91
 * modulus:

92
 *     00:a5:ac:5b:1c:37:a2:dd:99:89:2d:b2:79:b8:8f:

93
 *     d5:48:a5:e7:1c:84:17:8d:69:9c:c6:ac:6d:f9:f2:

94
 *     1d:1f:39:19:da:d3:72:1e:6e:ec:44:cc:70:a4:dc:

95
 *     ba:00:30:f6:a0:4f:3d:54:7a:61:6a:cc:57:d0:0a:

96
 *     7f:95:28:18:3f:9a:d9:94:f2:1b:c8:24:88:7e:fe:

97
 *     9d:0f:3d:fb:57:53:08:b3:20:33:d4:3f:17:47:14:

98
 *     d1:cd:ea:08:d8:0e:75:4e:af:be:cc:d2:ec:af:a9:

99
 *     7a:49:df:c2:d9:ac:b8:24:40:90:a6:03:56:2a:d0:

100
 *     30:05:40:2c:4f:ab:d9:74:89

101
 * publicExponent: 65537 (0x10001)

102
 * privateExponent:

103
 *     6e:a7:1b:83:51:35:9a:44:7d:f6:e3:89:a0:d7:90:

104
 *     60:a1:4e:27:21:a2:89:74:cc:9d:75:75:4e:c7:82:

105
 *     e3:e3:c3:7d:00:54:ec:36:b1:df:91:9c:7a:c0:62:

106
 *     0a:d6:a9:22:91:4a:29:2e:43:fa:8c:d8:e9:be:d9:

107
 *     4f:ca:23:c6:e4:3f:b8:72:cf:02:fc:f4:58:34:77:

108
 *     76:ce:22:44:5f:2d:ca:ee:f5:43:56:47:71:0b:09:

109
 *     6b:5e:f2:c8:ee:d4:6e:44:92:2a:7f:cc:a7:d4:5b:

110
 *     fb:f7:4a:a9:fb:54:18:d5:d5:14:ba:a0:1c:13:b3:

111
 *     37:6b:37:59:ed:db:6d:b1

112
 * prime1:

113
 *     00:d8:04:f2:8e:83:78:64:68:61:e8:3a:1a:47:2a:

114
 *     ab:50:e8:45:64:95:d8:a1:1b:fd:e2:e1:67:a3:46:

115
 *     89:de:95:73:7e:1d:18:75:2a:b0:76:1c:1c:74:33:

116
 *     c0:ff:a8:0c:cf:d6:2d:eb:35:29:52:1d:ea:f8:e7:

117
 *     d6:11:4c:99:c7

118
 * prime2:

119
 *     00:c4:55:ff:b1:56:12:9f:4e:c1:1e:ff:59:86:7e:

120
 *     97:5d:cb:7f:0a:3e:37:cf:fb:4a:35:bc:e5:35:b7:

121
 *     31:a9:0c:10:7a:bc:37:20:7e:75:f1:41:f6:60:e0:

122
 *     3e:18:3d:e5:5d:b2:a9:f8:cc:ad:a0:52:d6:bf:cc:

123
 *     e0:e1:84:ff:2f

124
 * exponent1:

125
 *     7e:a6:a7:ef:96:75:47:a9:4b:7d:f4:52:e3:d6:c8:

126
 *     8a:af:23:c0:4d:7a:ad:3a:d4:27:e9:2f:f2:32:b1:

127
 *     32:a7:3d:07:7b:d7:93:1a:6c:4b:53:3f:fb:81:3c:

128
 *     6e:a8:00:9a:fa:60:01:bf:31:72:cb:c7:b0:17:7d:

129
 *     12:b7:6e:91

130
 * exponent2:

131
 *     00:ab:36:8f:ae:d6:ef:90:6b:3e:30:48:df:8a:50:

132
 *     d4:b1:1f:a7:9e:88:19:65:ce:ae:ad:64:17:c2:1b:

133
 *     0a:3c:6f:df:e3:18:45:3e:99:e9:42:45:92:94:72:

134
 *     98:d3:cd:0e:3b:02:76:05:18:80:84:e2:18:91:d4:

135
 *     19:7b:b0:de:53

136
 * coefficient:

137
 *     71:07:aa:8f:59:b5:7c:fd:db:21:53:f9:58:6c:35:

138
 *     cd:bd:07:c9:bf:b2:a5:09:76:d0:9c:31:df:e3:1a:

139
 *     90:05:bb:a1:87:b9:f8:ea:21:90:69:42:c9:3a:df:

140
 *     06:f0:11:20:0f:65:9f:a4:93:53:b5:91:2e:46:21:

141
 *     12:d7:eb:4f

142
 *

143
 *

144
 * server certificate:

145
 * Data:

146
 *     Version: 3 (0x2)

147
 *     Serial Number: 8 (0x8)

148
 *     Signature Algorithm: md5WithRSAEncryption

149
 *     Issuer: C=US, ST=Some-State, L=Some-City, O=Some-Org

150
 *     Validity

151
 *         Not Before: Dec  8 03:43:04 2008 GMT

152
 *         Not After : Aug 25 03:43:04 2028 GMT

153
 *     Subject: C=US, ST=Some-State, L=Some-City, O=Some-Org, OU=SSL-Server, CN=localhost

154
 *     Subject Public Key Info:

155
 *         Public Key Algorithm: rsaEncryption

156
 *         RSA Public Key: (1024 bit)

157
 *             Modulus (1024 bit):

158
 *                 00:a5:ac:5b:1c:37:a2:dd:99:89:2d:b2:79:b8:8f:

159
 *                 d5:48:a5:e7:1c:84:17:8d:69:9c:c6:ac:6d:f9:f2:

160
 *                 1d:1f:39:19:da:d3:72:1e:6e:ec:44:cc:70:a4:dc:

161
 *                 ba:00:30:f6:a0:4f:3d:54:7a:61:6a:cc:57:d0:0a:

162
 *                 7f:95:28:18:3f:9a:d9:94:f2:1b:c8:24:88:7e:fe:

163
 *                 9d:0f:3d:fb:57:53:08:b3:20:33:d4:3f:17:47:14:

164
 *                 d1:cd:ea:08:d8:0e:75:4e:af:be:cc:d2:ec:af:a9:

165
 *                 7a:49:df:c2:d9:ac:b8:24:40:90:a6:03:56:2a:d0:

166
 *                 30:05:40:2c:4f:ab:d9:74:89

167
 *             Exponent: 65537 (0x10001)

168
 *     X509v3 extensions:

169
 *         X509v3 Basic Constraints:

170
 *             CA:FALSE

171
 *         X509v3 Key Usage:

172
 *             Digital Signature, Non Repudiation, Key Encipherment

173
 *         X509v3 Subject Key Identifier:

174
 *             ED:6E:DB:F4:B5:56:C8:FB:1A:06:61:3F:0F:08:BB:A6:04:D8:16:54

175
 *         X509v3 Authority Key Identifier:

176
 *             keyid:FA:B9:51:BF:4C:E7:D9:86:98:33:F9:E7:CB:1E:F1:33:49:F7:A8:14

177
 *

178
 *         X509v3 Subject Alternative Name: critical

179
 *             DNS:localhost

180
 * Signature Algorithm: md5WithRSAEncryption0

181
 *

182
 * -----BEGIN CERTIFICATE-----

183
 * MIICpDCCAg2gAwIBAgIBCDANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET

184
 * MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK

185
 * EwhTb21lLU9yZzAeFw0wODEyMDgwMzQzMDRaFw0yODA4MjUwMzQzMDRaMHIxCzAJ

186
 * BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp

187
 * dHkxETAPBgNVBAoTCFNvbWUtT3JnMRMwEQYDVQQLEwpTU0wtU2VydmVyMRIwEAYD

188
 * VQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKWsWxw3

189
 * ot2ZiS2yebiP1Uil5xyEF41pnMasbfnyHR85GdrTch5u7ETMcKTcugAw9qBPPVR6

190
 * YWrMV9AKf5UoGD+a2ZTyG8gkiH7+nQ89+1dTCLMgM9Q/F0cU0c3qCNgOdU6vvszS

191
 * 7K+peknfwtmsuCRAkKYDVirQMAVALE+r2XSJAgMBAAGjczBxMAkGA1UdEwQCMAAw

192
 * CwYDVR0PBAQDAgXgMB0GA1UdDgQWBBTtbtv0tVbI+xoGYT8PCLumBNgWVDAfBgNV

193
 * HSMEGDAWgBT6uVG/TOfZhpgz+efLHvEzSfeoFDAXBgNVHREBAf8EDTALgglsb2Nh

194
 * bGhvc3QwDQYJKoZIhvcNAQEEBQADgYEAoqVTciHtcvsUj+YaTct8tUh3aTCsKsac

195
 * PHhfQ+ObjiXSgxsKYTX7ym/wk/wvlbUcbqLKxsu7qrcJitH+H9heV1hEHEu65Uoi

196
 * nRugFruyOrwvAylV8Cm2af7ddilmYJ+sdJA6N2M3xJRxR0G2LFHEXDNEjYReyexn

197
 * JqCpf5uZGOo=

198
 * -----END CERTIFICATE-----

199
 *

200
 *

201
 * TLS client certificate:

202
 * client private key:

203
 * ----BEGIN RSA PRIVATE KEY-----

204
 * Proc-Type: 4,ENCRYPTED

205
 * DEK-Info: DES-EDE3-CBC,FA2A435CD35A9390

206
 *

207
 * Z+Y2uaETbsUWIyJUyVu1UV2G4rgFYJyACZT6Tp1KjRtxflSh2kXkJ9MpuXMXA0V4

208
 * Yy3fDzPqCL9NJmQAYRlAx/W/+j4F5EyMWDIx8fUxzONRZyoiwF7jLm+KscAfv6Pf

209
 * q7ItWOdj3z7IYrwlB8YIGd3F2cDKT3S+lYRk7rKb/qT7itbuHnY4Ardh3yl+MZak

210
 * jBp+ELUlRsUqSr1V0LoM+0rCCykarpyfhpxEcqsrl0v9Cyi5uhU50/oKv5zql3SH

211
 * l2ImgDjp3batAs8+Bd4NF2aqi0a7Hy44JUHxRm4caZryU/i/D9N1MbuM6882HLat

212
 * 5N0G+NaIUfywa8mjwq2D5aiit18HqKA6XeRRYeJ5Dvu9DCO4GeFSwcUFIBMI0L46

213
 * 7s114+oDodg57pMgITi+04vmUxvqlN9aiyd7f5Fgd7PeHGeOdbMz1NaJLJaPI9++

214
 * NakK8eK9iwT/Gdq0Uap5/CHW7vCT5PO+h3HY0STH0lWStXhdWnFO04zTdywsbSp+

215
 * DLpHeFT66shfeUlxR0PsCbG9vPRt/QmGLeYQZITppWo/ylSq4j+pRIuXvuWHdBRN

216
 * rTZ8QF4Y7AxQUXVz1j1++s6ZMHTzaK2i9HrhmDs1MbJl+QwWre3Xpv3LvTVz3k5U

217
 * wX8kuY1m3STt71QCaRWENq5sRaMImLxZbxc/ivFl9RAzUqo4NCxLod/QgA4iLqtO

218
 * ztnlpzwlC/F8HbQ1oqYWwnZAPhzU/cULtstl+Yrws2c2atO323LbPXZqbASySgig

219
 * sNpFXQMObdfP6LN23bY+1SvtK7V4NUTNhpdIc6INQAQ=

220
 * -----END RSA PRIVATE KEY-----

221
 *

222
 * -----BEGIN RSA PRIVATE KEY-----

223
 * MIICWwIBAAKBgQC78EA2rCZUTvSjWgAvaSFvuXo6k+yi9uGOx2PYLxIwmS6w8o/4

224
 * Jy0keCiE9wG/jUR53TvSVfPOPLJbIX3v/TNKsaP/xsibuQ98QTWX+ds6BWAFFa9Z

225
 * F5KjEK0WHOQHU6+odqJWKpLT+SjgeM9eH0irXBnd4WdDunWN9YKsQ5JEGwIDAQAB

226
 * AoGAEbdqNj0wN85hnWyEi/ObJU8UyKTdL9eaF72QGfcF/fLSxfd3vurihIeXOkGW

227
 * tpn4lIxYcVGM9CognhqgJpl11jFTQzn1KqZ+NEJRKkCHA4hDabKJbSC9fXHvRwrf

228
 * BsFpZqgiNxp3HseUTiwnaUVeyPgMt/jAj5nB5Sib+UyUxrECQQDnNQBiF2aifEg6

229
 * zbJOOC7he5CHAdkFxSxWVFVHL6EfXfqdLVkUohMbgZv+XxyIeU2biOExSg49Kds3

230
 * FOKgTau1AkEA0Bd1haj6QuCo8I0AXm2WO+MMTZMTvtHD/bGjKNM+fT4I8rKYnQRX

231
 * 1acHdqS9Xx2rNJqZgkMmpESIdPR2fc4yjwJALFeM6EMmqvj8/VIf5UJ/Mz14fXwM

232
 * PEARfckUxd9LnnFutCBTWlKvKXJVEZb6KO5ixPaegc57Jp3Vbh3yTN44lQJADD/1

233
 * SSMDaIB1MYP7a5Oj7m6VQNPRq8AJe5vDcRnOae0G9dKRrVyeFxO4GsHj6/+BHp2j

234
 * P8nYMn9eURQ7DXjf/QJAAQzMlWnKGSO8pyTDtnQx3hRMoUkOEhmNq4bQhLkYqtnY

235
 * FcqpUQ2qMjW+NiNWk5HnTrMS3L9EdJobMUzaNZLy4w==

236
 * -----END RSA PRIVATE KEY-----

237
 *

238
 * Private-Key: (1024 bit)

239
 * modulus:

240
 *     00:bb:f0:40:36:ac:26:54:4e:f4:a3:5a:00:2f:69:

241
 *     21:6f:b9:7a:3a:93:ec:a2:f6:e1:8e:c7:63:d8:2f:

242
 *     12:30:99:2e:b0:f2:8f:f8:27:2d:24:78:28:84:f7:

243
 *     01:bf:8d:44:79:dd:3b:d2:55:f3:ce:3c:b2:5b:21:

244
 *     7d:ef:fd:33:4a:b1:a3:ff:c6:c8:9b:b9:0f:7c:41:

245
 *     35:97:f9:db:3a:05:60:05:15:af:59:17:92:a3:10:

246
 *     ad:16:1c:e4:07:53:af:a8:76:a2:56:2a:92:d3:f9:

247
 *     28:e0:78:cf:5e:1f:48:ab:5c:19:dd:e1:67:43:ba:

248
 *     75:8d:f5:82:ac:43:92:44:1b

249
 * publicExponent: 65537 (0x10001)

250
 * privateExponent:

251
 *     11:b7:6a:36:3d:30:37:ce:61:9d:6c:84:8b:f3:9b:

252
 *     25:4f:14:c8:a4:dd:2f:d7:9a:17:bd:90:19:f7:05:

253
 *     fd:f2:d2:c5:f7:77:be:ea:e2:84:87:97:3a:41:96:

254
 *     b6:99:f8:94:8c:58:71:51:8c:f4:2a:20:9e:1a:a0:

255
 *     26:99:75:d6:31:53:43:39:f5:2a:a6:7e:34:42:51:

256
 *     2a:40:87:03:88:43:69:b2:89:6d:20:bd:7d:71:ef:

257
 *     47:0a:df:06:c1:69:66:a8:22:37:1a:77:1e:c7:94:

258
 *     4e:2c:27:69:45:5e:c8:f8:0c:b7:f8:c0:8f:99:c1:

259
 *     e5:28:9b:f9:4c:94:c6:b1

260
 * prime1:

261
 *     00:e7:35:00:62:17:66:a2:7c:48:3a:cd:b2:4e:38:

262
 *     2e:e1:7b:90:87:01:d9:05:c5:2c:56:54:55:47:2f:

263
 *     a1:1f:5d:fa:9d:2d:59:14:a2:13:1b:81:9b:fe:5f:

264
 *     1c:88:79:4d:9b:88:e1:31:4a:0e:3d:29:db:37:14:

265
 *     e2:a0:4d:ab:b5

266
 * prime2:

267
 *     00:d0:17:75:85:a8:fa:42:e0:a8:f0:8d:00:5e:6d:

268
 *     96:3b:e3:0c:4d:93:13:be:d1:c3:fd:b1:a3:28:d3:

269
 *     3e:7d:3e:08:f2:b2:98:9d:04:57:d5:a7:07:76:a4:

270
 *     bd:5f:1d:ab:34:9a:99:82:43:26:a4:44:88:74:f4:

271
 *     76:7d:ce:32:8f

272
 * exponent1:

273
 *     2c:57:8c:e8:43:26:aa:f8:fc:fd:52:1f:e5:42:7f:

274
 *     33:3d:78:7d:7c:0c:3c:40:11:7d:c9:14:c5:df:4b:

275
 *     9e:71:6e:b4:20:53:5a:52:af:29:72:55:11:96:fa:

276
 *     28:ee:62:c4:f6:9e:81:ce:7b:26:9d:d5:6e:1d:f2:

277
 *     4c:de:38:95

278
 * exponent2:

279
 *     0c:3f:f5:49:23:03:68:80:75:31:83:fb:6b:93:a3:

280
 *     ee:6e:95:40:d3:d1:ab:c0:09:7b:9b:c3:71:19:ce:

281
 *     69:ed:06:f5:d2:91:ad:5c:9e:17:13:b8:1a:c1:e3:

282
 *     eb:ff:81:1e:9d:a3:3f:c9:d8:32:7f:5e:51:14:3b:

283
 *     0d:78:df:fd

284
 * coefficient:

285
 *     01:0c:cc:95:69:ca:19:23:bc:a7:24:c3:b6:74:31:

286
 *     de:14:4c:a1:49:0e:12:19:8d:ab:86:d0:84:b9:18:

287
 *     aa:d9:d8:15:ca:a9:51:0d:aa:32:35:be:36:23:56:

288
 *     93:91:e7:4e:b3:12:dc:bf:44:74:9a:1b:31:4c:da:

289
 *     35:92:f2:e3

290
 *

291
 * client certificate:

292
 * Data:

293
 *     Version: 3 (0x2)

294
 *     Serial Number: 9 (0x9)

295
 *     Signature Algorithm: md5WithRSAEncryption

296
 *     Issuer: C=US, ST=Some-State, L=Some-City, O=Some-Org

297
 *     Validity

298
 *         Not Before: Dec  8 03:43:24 2008 GMT

299
 *         Not After : Aug 25 03:43:24 2028 GMT

300
 *     Subject: C=US, ST=Some-State, L=Some-City, O=Some-Org, OU=SSL-Client, CN=localhost

301
 *     Subject Public Key Info:

302
 *         Public Key Algorithm: rsaEncryption

303
 *         RSA Public Key: (1024 bit)

304
 *             Modulus (1024 bit):

305
 *                 00:bb:f0:40:36:ac:26:54:4e:f4:a3:5a:00:2f:69:

306
 *                 21:6f:b9:7a:3a:93:ec:a2:f6:e1:8e:c7:63:d8:2f:

307
 *                 12:30:99:2e:b0:f2:8f:f8:27:2d:24:78:28:84:f7:

308
 *                 01:bf:8d:44:79:dd:3b:d2:55:f3:ce:3c:b2:5b:21:

309
 *                 7d:ef:fd:33:4a:b1:a3:ff:c6:c8:9b:b9:0f:7c:41:

310
 *                 35:97:f9:db:3a:05:60:05:15:af:59:17:92:a3:10:

311
 *                 ad:16:1c:e4:07:53:af:a8:76:a2:56:2a:92:d3:f9:

312
 *                 28:e0:78:cf:5e:1f:48:ab:5c:19:dd:e1:67:43:ba:

313
 *                 75:8d:f5:82:ac:43:92:44:1b

314
 *             Exponent: 65537 (0x10001)

315
 *     X509v3 extensions:

316
 *         X509v3 Basic Constraints:

317
 *             CA:FALSE

318
 *         X509v3 Key Usage:

319
 *             Digital Signature, Non Repudiation, Key Encipherment

320
 *         X509v3 Subject Key Identifier:

321
 *             CD:BB:C8:85:AA:91:BD:FD:1D:BE:CD:67:7C:FF:B3:E9:4C:A8:22:E6

322
 *         X509v3 Authority Key Identifier:

323
 *             keyid:FA:B9:51:BF:4C:E7:D9:86:98:33:F9:E7:CB:1E:F1:33:49:F7:A8:14

324
 *

325
 *         X509v3 Subject Alternative Name: critical

326
 *             DNS:localhost

327
 * Signature Algorithm: md5WithRSAEncryption

328
 *

329
 * -----BEGIN CERTIFICATE-----

330
 * MIICpDCCAg2gAwIBAgIBCTANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET

331
 * MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK

332
 * EwhTb21lLU9yZzAeFw0wODEyMDgwMzQzMjRaFw0yODA4MjUwMzQzMjRaMHIxCzAJ

333
 * BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp

334
 * dHkxETAPBgNVBAoTCFNvbWUtT3JnMRMwEQYDVQQLEwpTU0wtQ2xpZW50MRIwEAYD

335
 * VQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALvwQDas

336
 * JlRO9KNaAC9pIW+5ejqT7KL24Y7HY9gvEjCZLrDyj/gnLSR4KIT3Ab+NRHndO9JV

337
 * 8848slshfe/9M0qxo//GyJu5D3xBNZf52zoFYAUVr1kXkqMQrRYc5AdTr6h2olYq

338
 * ktP5KOB4z14fSKtcGd3hZ0O6dY31gqxDkkQbAgMBAAGjczBxMAkGA1UdEwQCMAAw

339
 * CwYDVR0PBAQDAgXgMB0GA1UdDgQWBBTNu8iFqpG9/R2+zWd8/7PpTKgi5jAfBgNV

340
 * HSMEGDAWgBT6uVG/TOfZhpgz+efLHvEzSfeoFDAXBgNVHREBAf8EDTALgglsb2Nh

341
 * bGhvc3QwDQYJKoZIhvcNAQEEBQADgYEAm25gJyqW1JznQ1EyOtTGswBVwfgBOf+F

342
 * HJuBTcflYQLbTD/AETPQJGvZU9tdhuLtbG3OPhR7vSY8zeAbfM3dbH7QFr3r47Gj

343
 * XEH7qM/MX+Z3ifVaC4MeJmrYQkYFSuKeyyKpdRVX4w4nnFHF6OsNASsYrMW6LpxN

344
 * cl/epUcHL7E=

345
 * -----END CERTIFICATE-----

346
 *

347
 *

348
 *

349
 * Trusted CA certificate:

350
 * Certificate:

351
 *   Data:

352
 *     Version: 3 (0x2)

353
 *     Serial Number: 0 (0x0)

354
 *     Signature Algorithm: md5WithRSAEncryption

355
 *     Issuer: C=US, ST=Some-State, L=Some-City, O=Some-Org

356
 *     Validity

357
 *         Not Before: Dec  8 02:43:36 2008 GMT

358
 *         Not After : Aug 25 02:43:36 2028 GMT

359
 *     Subject: C=US, ST=Some-State, L=Some-City, O=Some-Org

360
 *     Subject Public Key Info:

361
 *         Public Key Algorithm: rsaEncryption

362
 *         RSA Public Key: (1024 bit)

363
 *             Modulus (1024 bit):

364
 *                 00:cb:c4:38:20:07:be:88:a7:93:b0:a1:43:51:2d:

365
 *                 d7:8e:85:af:54:dd:ad:a2:7b:23:5b:cf:99:13:53:

366
 *                 99:45:7d:ee:6d:ba:2d:bf:e3:ad:6e:3d:9f:1a:f9:

367
 *                 03:97:e0:17:55:ae:11:26:57:de:01:29:8e:05:3f:

368
 *                 21:f7:e7:36:e8:2e:37:d7:48:ac:53:d6:60:0e:c7:

369
 *                 50:6d:f6:c5:85:f7:8b:a6:c5:91:35:72:3c:94:ee:

370
 *                 f1:17:f0:71:e3:ec:1b:ce:ca:4e:40:42:b0:6d:ee:

371
 *                 6a:0e:d6:e5:ad:3c:0f:c9:ba:82:4f:78:f8:89:97:

372
 *                 89:2a:95:12:4c:d8:09:2a:e9

373
 *             Exponent: 65537 (0x10001)

374
 *     X509v3 extensions:

375
 *         X509v3 Subject Key Identifier:

376
 *             FA:B9:51:BF:4C:E7:D9:86:98:33:F9:E7:CB:1E:F1:33:49:F7:A8:14

377
 *         X509v3 Authority Key Identifier:

378
 *             keyid:FA:B9:51:BF:4C:E7:D9:86:98:33:F9:E7:CB:1E:F1:33:49:F7:A8:14

379
 *             DirName:/C=US/ST=Some-State/L=Some-City/O=Some-Org

380
 *             serial:00

381
 *

382
 *         X509v3 Basic Constraints:

383
 *             CA:TRUE

384
 *  Signature Algorithm: md5WithRSAEncryption

385
 *

386
 * -----BEGIN CERTIFICATE-----

387
 * MIICrDCCAhWgAwIBAgIBADANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET

388
 * MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK

389
 * EwhTb21lLU9yZzAeFw0wODEyMDgwMjQzMzZaFw0yODA4MjUwMjQzMzZaMEkxCzAJ

390
 * BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp

391
 * dHkxETAPBgNVBAoTCFNvbWUtT3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB

392
 * gQDLxDggB76Ip5OwoUNRLdeOha9U3a2ieyNbz5kTU5lFfe5tui2/461uPZ8a+QOX

393
 * 4BdVrhEmV94BKY4FPyH35zboLjfXSKxT1mAOx1Bt9sWF94umxZE1cjyU7vEX8HHj

394
 * 7BvOyk5AQrBt7moO1uWtPA/JuoJPePiJl4kqlRJM2Akq6QIDAQABo4GjMIGgMB0G

395
 * A1UdDgQWBBT6uVG/TOfZhpgz+efLHvEzSfeoFDBxBgNVHSMEajBogBT6uVG/TOfZ

396
 * hpgz+efLHvEzSfeoFKFNpEswSTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUt

397
 * U3RhdGUxEjAQBgNVBAcTCVNvbWUtQ2l0eTERMA8GA1UEChMIU29tZS1PcmeCAQAw

398
 * DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQBcIm534U123Hz+rtyYO5uA

399
 * ofd81G6FnTfEAV8Kw9fGyyEbQZclBv34A9JsFKeMvU4OFIaixD7nLZ/NZ+IWbhmZ

400
 * LovmJXyCkOufea73pNiZ+f/4/ScZaIlM/PRycQSqbFNd4j9Wott+08qxHPLpsf3P

401
 * 6Mvf0r1PNTY2hwTJLJmKtg==

402
 * -----END CERTIFICATE---

403
 */

404


405


406
public class SunX509ExtendedTM {

407


408
    /*

409
     * =============================================================

410
     * Set the various variables needed for the tests, then

411
     * specify what tests to run on each side.

412
     */

413


414
    /*

415
     * Should we run the client or server in a separate thread?

416
     * Both sides can throw exceptions, but do you have a preference

417
     * as to which side should be the main thread.

418
     */

419
    static boolean separateServerThread = false;

420


421
    /*

422
     * Where do we find the keystores?

423
     */

424
    static String trusedCertStr =

425
        "-----BEGIN CERTIFICATE-----\n" +

426
        "MIICrDCCAhWgAwIBAgIBADANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET\n" +

427
        "MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK\n" +

428
        "EwhTb21lLU9yZzAeFw0wODEyMDgwMjQzMzZaFw0yODA4MjUwMjQzMzZaMEkxCzAJ\n" +

429
        "BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp\n" +

430
        "dHkxETAPBgNVBAoTCFNvbWUtT3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB\n" +

431
        "gQDLxDggB76Ip5OwoUNRLdeOha9U3a2ieyNbz5kTU5lFfe5tui2/461uPZ8a+QOX\n" +

432
        "4BdVrhEmV94BKY4FPyH35zboLjfXSKxT1mAOx1Bt9sWF94umxZE1cjyU7vEX8HHj\n" +

433
        "7BvOyk5AQrBt7moO1uWtPA/JuoJPePiJl4kqlRJM2Akq6QIDAQABo4GjMIGgMB0G\n" +

434
        "A1UdDgQWBBT6uVG/TOfZhpgz+efLHvEzSfeoFDBxBgNVHSMEajBogBT6uVG/TOfZ\n" +

435
        "hpgz+efLHvEzSfeoFKFNpEswSTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUt\n" +

436
        "U3RhdGUxEjAQBgNVBAcTCVNvbWUtQ2l0eTERMA8GA1UEChMIU29tZS1PcmeCAQAw\n" +

437
        "DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQBcIm534U123Hz+rtyYO5uA\n" +

438
        "ofd81G6FnTfEAV8Kw9fGyyEbQZclBv34A9JsFKeMvU4OFIaixD7nLZ/NZ+IWbhmZ\n" +

439
        "LovmJXyCkOufea73pNiZ+f/4/ScZaIlM/PRycQSqbFNd4j9Wott+08qxHPLpsf3P\n" +

440
        "6Mvf0r1PNTY2hwTJLJmKtg==\n" +

441
        "-----END CERTIFICATE-----";

442


443
    static String serverCertStr =

444
        "-----BEGIN CERTIFICATE-----\n" +

445
        "MIICpDCCAg2gAwIBAgIBCDANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET\n" +

446
        "MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK\n" +

447
        "EwhTb21lLU9yZzAeFw0wODEyMDgwMzQzMDRaFw0yODA4MjUwMzQzMDRaMHIxCzAJ\n" +

448
        "BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp\n" +

449
        "dHkxETAPBgNVBAoTCFNvbWUtT3JnMRMwEQYDVQQLEwpTU0wtU2VydmVyMRIwEAYD\n" +

450
        "VQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKWsWxw3\n" +

451
        "ot2ZiS2yebiP1Uil5xyEF41pnMasbfnyHR85GdrTch5u7ETMcKTcugAw9qBPPVR6\n" +

452
        "YWrMV9AKf5UoGD+a2ZTyG8gkiH7+nQ89+1dTCLMgM9Q/F0cU0c3qCNgOdU6vvszS\n" +

453
        "7K+peknfwtmsuCRAkKYDVirQMAVALE+r2XSJAgMBAAGjczBxMAkGA1UdEwQCMAAw\n" +

454
        "CwYDVR0PBAQDAgXgMB0GA1UdDgQWBBTtbtv0tVbI+xoGYT8PCLumBNgWVDAfBgNV\n" +

455
        "HSMEGDAWgBT6uVG/TOfZhpgz+efLHvEzSfeoFDAXBgNVHREBAf8EDTALgglsb2Nh\n" +

456
        "bGhvc3QwDQYJKoZIhvcNAQEEBQADgYEAoqVTciHtcvsUj+YaTct8tUh3aTCsKsac\n" +

457
        "PHhfQ+ObjiXSgxsKYTX7ym/wk/wvlbUcbqLKxsu7qrcJitH+H9heV1hEHEu65Uoi\n" +

458
        "nRugFruyOrwvAylV8Cm2af7ddilmYJ+sdJA6N2M3xJRxR0G2LFHEXDNEjYReyexn\n" +

459
        "JqCpf5uZGOo=\n" +

460
        "-----END CERTIFICATE-----";

461


462
    static String clientCertStr =

463
        "-----BEGIN CERTIFICATE-----\n" +

464
        "MIICpDCCAg2gAwIBAgIBCTANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET\n" +

465
        "MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK\n" +

466
        "EwhTb21lLU9yZzAeFw0wODEyMDgwMzQzMjRaFw0yODA4MjUwMzQzMjRaMHIxCzAJ\n" +

467
        "BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp\n" +

468
        "dHkxETAPBgNVBAoTCFNvbWUtT3JnMRMwEQYDVQQLEwpTU0wtQ2xpZW50MRIwEAYD\n" +

469
        "VQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALvwQDas\n" +

470
        "JlRO9KNaAC9pIW+5ejqT7KL24Y7HY9gvEjCZLrDyj/gnLSR4KIT3Ab+NRHndO9JV\n" +

471
        "8848slshfe/9M0qxo//GyJu5D3xBNZf52zoFYAUVr1kXkqMQrRYc5AdTr6h2olYq\n" +

472
        "ktP5KOB4z14fSKtcGd3hZ0O6dY31gqxDkkQbAgMBAAGjczBxMAkGA1UdEwQCMAAw\n" +

473
        "CwYDVR0PBAQDAgXgMB0GA1UdDgQWBBTNu8iFqpG9/R2+zWd8/7PpTKgi5jAfBgNV\n" +

474
        "HSMEGDAWgBT6uVG/TOfZhpgz+efLHvEzSfeoFDAXBgNVHREBAf8EDTALgglsb2Nh\n" +

475
        "bGhvc3QwDQYJKoZIhvcNAQEEBQADgYEAm25gJyqW1JznQ1EyOtTGswBVwfgBOf+F\n" +

476
        "HJuBTcflYQLbTD/AETPQJGvZU9tdhuLtbG3OPhR7vSY8zeAbfM3dbH7QFr3r47Gj\n" +

477
        "XEH7qM/MX+Z3ifVaC4MeJmrYQkYFSuKeyyKpdRVX4w4nnFHF6OsNASsYrMW6LpxN\n" +

478
        "cl/epUcHL7E=\n" +

479
        "-----END CERTIFICATE-----";

480


481
    static byte serverPrivateExponent[] = {

482
        (byte)0x6e, (byte)0xa7, (byte)0x1b, (byte)0x83,

483
        (byte)0x51, (byte)0x35, (byte)0x9a, (byte)0x44,

484
        (byte)0x7d, (byte)0xf6, (byte)0xe3, (byte)0x89,

485
        (byte)0xa0, (byte)0xd7, (byte)0x90, (byte)0x60,

486
        (byte)0xa1, (byte)0x4e, (byte)0x27, (byte)0x21,

487
        (byte)0xa2, (byte)0x89, (byte)0x74, (byte)0xcc,

488
        (byte)0x9d, (byte)0x75, (byte)0x75, (byte)0x4e,

489
        (byte)0xc7, (byte)0x82, (byte)0xe3, (byte)0xe3,

490
        (byte)0xc3, (byte)0x7d, (byte)0x00, (byte)0x54,

491
        (byte)0xec, (byte)0x36, (byte)0xb1, (byte)0xdf,

492
        (byte)0x91, (byte)0x9c, (byte)0x7a, (byte)0xc0,

493
        (byte)0x62, (byte)0x0a, (byte)0xd6, (byte)0xa9,

494
        (byte)0x22, (byte)0x91, (byte)0x4a, (byte)0x29,

495
        (byte)0x2e, (byte)0x43, (byte)0xfa, (byte)0x8c,

496
        (byte)0xd8, (byte)0xe9, (byte)0xbe, (byte)0xd9,

497
        (byte)0x4f, (byte)0xca, (byte)0x23, (byte)0xc6,

498
        (byte)0xe4, (byte)0x3f, (byte)0xb8, (byte)0x72,

499
        (byte)0xcf, (byte)0x02, (byte)0xfc, (byte)0xf4,

500
        (byte)0x58, (byte)0x34, (byte)0x77, (byte)0x76,

501
        (byte)0xce, (byte)0x22, (byte)0x44, (byte)0x5f,

502
        (byte)0x2d, (byte)0xca, (byte)0xee, (byte)0xf5,

503
        (byte)0x43, (byte)0x56, (byte)0x47, (byte)0x71,

504
        (byte)0x0b, (byte)0x09, (byte)0x6b, (byte)0x5e,

505
        (byte)0xf2, (byte)0xc8, (byte)0xee, (byte)0xd4,

506
        (byte)0x6e, (byte)0x44, (byte)0x92, (byte)0x2a,

507
        (byte)0x7f, (byte)0xcc, (byte)0xa7, (byte)0xd4,

508
        (byte)0x5b, (byte)0xfb, (byte)0xf7, (byte)0x4a,

509
        (byte)0xa9, (byte)0xfb, (byte)0x54, (byte)0x18,

510
        (byte)0xd5, (byte)0xd5, (byte)0x14, (byte)0xba,

511
        (byte)0xa0, (byte)0x1c, (byte)0x13, (byte)0xb3,

512
        (byte)0x37, (byte)0x6b, (byte)0x37, (byte)0x59,

513
        (byte)0xed, (byte)0xdb, (byte)0x6d, (byte)0xb1

514
    };

515


516
    static byte serverModulus[] = {

517
        (byte)0x00,

518
        (byte)0xa5, (byte)0xac, (byte)0x5b, (byte)0x1c,

519
        (byte)0x37, (byte)0xa2, (byte)0xdd, (byte)0x99,

520
        (byte)0x89, (byte)0x2d, (byte)0xb2, (byte)0x79,

521
        (byte)0xb8, (byte)0x8f, (byte)0xd5, (byte)0x48,

522
        (byte)0xa5, (byte)0xe7, (byte)0x1c, (byte)0x84,

523
        (byte)0x17, (byte)0x8d, (byte)0x69, (byte)0x9c,

524
        (byte)0xc6, (byte)0xac, (byte)0x6d, (byte)0xf9,

525
        (byte)0xf2, (byte)0x1d, (byte)0x1f, (byte)0x39,

526
        (byte)0x19, (byte)0xda, (byte)0xd3, (byte)0x72,

527
        (byte)0x1e, (byte)0x6e, (byte)0xec, (byte)0x44,

528
        (byte)0xcc, (byte)0x70, (byte)0xa4, (byte)0xdc,

529
        (byte)0xba, (byte)0x00, (byte)0x30, (byte)0xf6,

530
        (byte)0xa0, (byte)0x4f, (byte)0x3d, (byte)0x54,

531
        (byte)0x7a, (byte)0x61, (byte)0x6a, (byte)0xcc,

532
        (byte)0x57, (byte)0xd0, (byte)0x0a, (byte)0x7f,

533
        (byte)0x95, (byte)0x28, (byte)0x18, (byte)0x3f,

534
        (byte)0x9a, (byte)0xd9, (byte)0x94, (byte)0xf2,

535
        (byte)0x1b, (byte)0xc8, (byte)0x24, (byte)0x88,

536
        (byte)0x7e, (byte)0xfe, (byte)0x9d, (byte)0x0f,

537
        (byte)0x3d, (byte)0xfb, (byte)0x57, (byte)0x53,

538
        (byte)0x08, (byte)0xb3, (byte)0x20, (byte)0x33,

539
        (byte)0xd4, (byte)0x3f, (byte)0x17, (byte)0x47,

540
        (byte)0x14, (byte)0xd1, (byte)0xcd, (byte)0xea,

541
        (byte)0x08, (byte)0xd8, (byte)0x0e, (byte)0x75,

542
        (byte)0x4e, (byte)0xaf, (byte)0xbe, (byte)0xcc,

543
        (byte)0xd2, (byte)0xec, (byte)0xaf, (byte)0xa9,

544
        (byte)0x7a, (byte)0x49, (byte)0xdf, (byte)0xc2,

545
        (byte)0xd9, (byte)0xac, (byte)0xb8, (byte)0x24,

546
        (byte)0x40, (byte)0x90, (byte)0xa6, (byte)0x03,

547
        (byte)0x56, (byte)0x2a, (byte)0xd0, (byte)0x30,

548
        (byte)0x05, (byte)0x40, (byte)0x2c, (byte)0x4f,

549
        (byte)0xab, (byte)0xd9, (byte)0x74, (byte)0x89

550
    };

551


552
    static byte clientPrivateExponent[] = {

553
        (byte)0x11, (byte)0xb7, (byte)0x6a, (byte)0x36,

554
        (byte)0x3d, (byte)0x30, (byte)0x37, (byte)0xce,

555
        (byte)0x61, (byte)0x9d, (byte)0x6c, (byte)0x84,

556
        (byte)0x8b, (byte)0xf3, (byte)0x9b, (byte)0x25,

557
        (byte)0x4f, (byte)0x14, (byte)0xc8, (byte)0xa4,

558
        (byte)0xdd, (byte)0x2f, (byte)0xd7, (byte)0x9a,

559
        (byte)0x17, (byte)0xbd, (byte)0x90, (byte)0x19,

560
        (byte)0xf7, (byte)0x05, (byte)0xfd, (byte)0xf2,

561
        (byte)0xd2, (byte)0xc5, (byte)0xf7, (byte)0x77,

562
        (byte)0xbe, (byte)0xea, (byte)0xe2, (byte)0x84,

563
        (byte)0x87, (byte)0x97, (byte)0x3a, (byte)0x41,

564
        (byte)0x96, (byte)0xb6, (byte)0x99, (byte)0xf8,

565
        (byte)0x94, (byte)0x8c, (byte)0x58, (byte)0x71,

566
        (byte)0x51, (byte)0x8c, (byte)0xf4, (byte)0x2a,

567
        (byte)0x20, (byte)0x9e, (byte)0x1a, (byte)0xa0,

568
        (byte)0x26, (byte)0x99, (byte)0x75, (byte)0xd6,

569
        (byte)0x31, (byte)0x53, (byte)0x43, (byte)0x39,

570
        (byte)0xf5, (byte)0x2a, (byte)0xa6, (byte)0x7e,

571
        (byte)0x34, (byte)0x42, (byte)0x51, (byte)0x2a,

572
        (byte)0x40, (byte)0x87, (byte)0x03, (byte)0x88,

573
        (byte)0x43, (byte)0x69, (byte)0xb2, (byte)0x89,

574
        (byte)0x6d, (byte)0x20, (byte)0xbd, (byte)0x7d,

575
        (byte)0x71, (byte)0xef, (byte)0x47, (byte)0x0a,

576
        (byte)0xdf, (byte)0x06, (byte)0xc1, (byte)0x69,

577
        (byte)0x66, (byte)0xa8, (byte)0x22, (byte)0x37,

578
        (byte)0x1a, (byte)0x77, (byte)0x1e, (byte)0xc7,

579
        (byte)0x94, (byte)0x4e, (byte)0x2c, (byte)0x27,

580
        (byte)0x69, (byte)0x45, (byte)0x5e, (byte)0xc8,

581
        (byte)0xf8, (byte)0x0c, (byte)0xb7, (byte)0xf8,

582
        (byte)0xc0, (byte)0x8f, (byte)0x99, (byte)0xc1,

583
        (byte)0xe5, (byte)0x28, (byte)0x9b, (byte)0xf9,

584
        (byte)0x4c, (byte)0x94, (byte)0xc6, (byte)0xb1

585
    };

586


587
    static byte clientModulus[] = {

588
        (byte)0x00,

589
        (byte)0xbb, (byte)0xf0, (byte)0x40, (byte)0x36,

590
        (byte)0xac, (byte)0x26, (byte)0x54, (byte)0x4e,

591
        (byte)0xf4, (byte)0xa3, (byte)0x5a, (byte)0x00,

592
        (byte)0x2f, (byte)0x69, (byte)0x21, (byte)0x6f,

593
        (byte)0xb9, (byte)0x7a, (byte)0x3a, (byte)0x93,

594
        (byte)0xec, (byte)0xa2, (byte)0xf6, (byte)0xe1,

595
        (byte)0x8e, (byte)0xc7, (byte)0x63, (byte)0xd8,

596
        (byte)0x2f, (byte)0x12, (byte)0x30, (byte)0x99,

597
        (byte)0x2e, (byte)0xb0, (byte)0xf2, (byte)0x8f,

598
        (byte)0xf8, (byte)0x27, (byte)0x2d, (byte)0x24,

599
        (byte)0x78, (byte)0x28, (byte)0x84, (byte)0xf7,

600
        (byte)0x01, (byte)0xbf, (byte)0x8d, (byte)0x44,

601
        (byte)0x79, (byte)0xdd, (byte)0x3b, (byte)0xd2,

602
        (byte)0x55, (byte)0xf3, (byte)0xce, (byte)0x3c,

603
        (byte)0xb2, (byte)0x5b, (byte)0x21, (byte)0x7d,

604
        (byte)0xef, (byte)0xfd, (byte)0x33, (byte)0x4a,

605
        (byte)0xb1, (byte)0xa3, (byte)0xff, (byte)0xc6,

606
        (byte)0xc8, (byte)0x9b, (byte)0xb9, (byte)0x0f,

607
        (byte)0x7c, (byte)0x41, (byte)0x35, (byte)0x97,

608
        (byte)0xf9, (byte)0xdb, (byte)0x3a, (byte)0x05,

609
        (byte)0x60, (byte)0x05, (byte)0x15, (byte)0xaf,

610
        (byte)0x59, (byte)0x17, (byte)0x92, (byte)0xa3,

611
        (byte)0x10, (byte)0xad, (byte)0x16, (byte)0x1c,

612
        (byte)0xe4, (byte)0x07, (byte)0x53, (byte)0xaf,

613
        (byte)0xa8, (byte)0x76, (byte)0xa2, (byte)0x56,

614
        (byte)0x2a, (byte)0x92, (byte)0xd3, (byte)0xf9,

615
        (byte)0x28, (byte)0xe0, (byte)0x78, (byte)0xcf,

616
        (byte)0x5e, (byte)0x1f, (byte)0x48, (byte)0xab,

617
        (byte)0x5c, (byte)0x19, (byte)0xdd, (byte)0xe1,

618
        (byte)0x67, (byte)0x43, (byte)0xba, (byte)0x75,

619
        (byte)0x8d, (byte)0xf5, (byte)0x82, (byte)0xac,

620
        (byte)0x43, (byte)0x92, (byte)0x44, (byte)0x1b

621
    };

622


623
    static char passphrase[] = "passphrase".toCharArray();

624


625
    /*

626
     * Is the server ready to serve?

627
     */

628
    volatile static boolean serverReady = false;

629


630
    /*

631
     * Turn on SSL debugging?

632
     */

633
    static boolean debug = false;

634


635
    /*

636
     * Define the server side of the test.

637
     *

638
     * If the server prematurely exits, serverReady will be set to true

639
     * to avoid infinite hangs.

640
     */

641
    void doServerSide() throws Exception {

642
        SSLContext context = getSSLContext(trusedCertStr, serverCertStr,

643
            serverModulus, serverPrivateExponent, passphrase);

644
        SSLServerSocketFactory sslssf = context.getServerSocketFactory();

645


646
        SSLServerSocket sslServerSocket =

647
            (SSLServerSocket) sslssf.createServerSocket(serverPort);

648
        serverPort = sslServerSocket.getLocalPort();

649


650


651
        // enable endpoint identification

652
        // ignore, we may test the feature when known how to parse client

653
        // hostname

654
        //SSLParameters params = sslServerSocket.getSSLParameters();

655
        //params.setEndpointIdentificationAlgorithm("HTTPS");

656
        //sslServerSocket.setSSLParameters(params);

657


658
        /*

659
         * Signal Client, we're ready for his connect.

660
         */

661
        serverReady = true;

662


663
        SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();

664
        sslSocket.setNeedClientAuth(true);

665


666
        InputStream sslIS = sslSocket.getInputStream();

667
        OutputStream sslOS = sslSocket.getOutputStream();

668


669
        sslIS.read();

670
        sslOS.write(85);

671
        sslOS.flush();

672


673
        sslSocket.close();

674


675
    }

676


677
    /*

678
     * Define the client side of the test.

679
     *

680
     * If the server prematurely exits, serverReady will be set to true

681
     * to avoid infinite hangs.

682
     */

683
    void doClientSide() throws Exception {

684
        /*

685
         * Wait for server to get started.

686
         */

687
        while (!serverReady) {

688
            Thread.sleep(50);

689
        }

690


691
        SSLContext context = getSSLContext(trusedCertStr, clientCertStr,

692
            clientModulus, clientPrivateExponent, passphrase);

693


694
        SSLSocketFactory sslsf = context.getSocketFactory();

695
        SSLSocket sslSocket = (SSLSocket)

696
            sslsf.createSocket("localhost", serverPort);

697


698
        // enable endpoint identification

699
        SSLParameters params = sslSocket.getSSLParameters();

700
        params.setEndpointIdentificationAlgorithm("HTTPS");

701
        sslSocket.setSSLParameters(params);

702


703
        InputStream sslIS = sslSocket.getInputStream();

704
        OutputStream sslOS = sslSocket.getOutputStream();

705


706
        sslOS.write(280);

707
        sslOS.flush();

708
        sslIS.read();

709


710
        sslSocket.close();

711


712
    }

713


714
    // get the ssl context

715
    private static SSLContext getSSLContext(String trusedCertStr,

716
            String keyCertStr, byte[] modulus,

717
            byte[] privateExponent, char[] passphrase) throws Exception {

718


719
        // generate certificate from cert string

720
        CertificateFactory cf = CertificateFactory.getInstance("X.509");

721


722
        ByteArrayInputStream is =

723
                    new ByteArrayInputStream(trusedCertStr.getBytes());

724
        Certificate trusedCert = cf.generateCertificate(is);

725
        is.close();

726


727
        // create a key store

728
        KeyStore ks = KeyStore.getInstance("JKS");

729
        ks.load(null, null);

730


731
        // import the trused cert

732
        ks.setCertificateEntry("RSA Export Signer", trusedCert);

733


734
        if (keyCertStr != null) {

735
            // generate the private key.

736
            RSAPrivateKeySpec priKeySpec = new RSAPrivateKeySpec(

737
                                            new BigInteger(modulus),

738
                                            new BigInteger(privateExponent));

739
            KeyFactory kf = KeyFactory.getInstance("RSA");

740
            RSAPrivateKey priKey =

741
                    (RSAPrivateKey)kf.generatePrivate(priKeySpec);

742


743
            // generate certificate chain

744
            is = new ByteArrayInputStream(keyCertStr.getBytes());

745
            Certificate keyCert = cf.generateCertificate(is);

746
            is.close();

747


748
            Certificate[] chain = new Certificate[2];

749
            chain[0] = keyCert;

750
            chain[1] = trusedCert;

751


752
            // import the key entry.

753
            ks.setKeyEntry("Whatever", priKey, passphrase, chain);

754
        }

755


756
        // create SSL context

757
        TrustManagerFactory tmf =

758
                TrustManagerFactory.getInstance("SunX509");

759
        tmf.init(ks);

760


761
        TrustManager tms[] = tmf.getTrustManagers();

762
        if (tms == null || tms.length == 0) {

763
            throw new Exception("unexpected trust manager implementation");

764
        } else {

765
           if (!(tms[0] instanceof X509ExtendedTrustManager)) {

766
            throw new Exception("unexpected trust manager implementation: "

767
                                + tms[0].getClass().getCanonicalName());

768
           }

769
        }

770


771


772
        SSLContext ctx = SSLContext.getInstance("TLS");

773


774
        if (keyCertStr != null) {

775
            KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");

776
            kmf.init(ks, passphrase);

777


778
            ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);

779
        } else {

780
            ctx.init(null, tmf.getTrustManagers(), null);

781
        }

782


783
        return ctx;

784
    }

785


786
    /*

787
     * =============================================================

788
     * The remainder is just support stuff

789
     */

790


791
    // use any free port by default

792
    volatile int serverPort = 0;

793


794
    volatile Exception serverException = null;

795
    volatile Exception clientException = null;

796


797
    public static void main(String args[]) throws Exception {

798
        // MD5 is used in this test case, don't disable MD5 algorithm.

799
        Security.setProperty("jdk.certpath.disabledAlgorithms",

800
                "MD2, RSA keySize < 1024");

801
        Security.setProperty("jdk.tls.disabledAlgorithms",

802
                "SSLv3, RC4, DH keySize < 768");

803


804
        if (debug)

805
            System.setProperty("javax.net.debug", "all");

806


807
        /*

808
         * Start the tests.

809
         */

810
        new SunX509ExtendedTM();

811
    }

812


813
    Thread clientThread = null;

814
    Thread serverThread = null;

815
    /*

816
     * Primary constructor, used to drive remainder of the test.

817
     *

818
     * Fork off the other side, then do your work.

819
     */

820
    SunX509ExtendedTM() throws Exception {

821
        if (separateServerThread) {

822
            startServer(true);

823
            startClient(false);

824
        } else {

825
            startClient(true);

826
            startServer(false);

827
        }

828


829
        /*

830
         * Wait for other side to close down.

831
         */

832
        if (separateServerThread) {

833
            serverThread.join();

834
        } else {

835
            clientThread.join();

836
        }

837


838
        /*

839
         * When we get here, the test is pretty much over.

840
         *

841
         * If the main thread excepted, that propagates back

842
         * immediately.  If the other thread threw an exception, we

843
         * should report back.

844
         */

845
        if (serverException != null)

846
            throw serverException;

847
        if (clientException != null)

848
            throw clientException;

849
    }

850


851
    void startServer(boolean newThread) throws Exception {

852
        if (newThread) {

853
            serverThread = new Thread() {

854
                public void run() {

855
                    try {

856
                        doServerSide();

857
                    } catch (Exception e) {

858
                        /*

859
                         * Our server thread just died.

860
                         *

861
                         * Release the client, if not active already...

862
                         */

863
                        System.err.println("Server died...");

864
                        serverReady = true;

865
                        serverException = e;

866
                    }

867
                }

868
            };

869
            serverThread.start();

870
        } else {

871
            doServerSide();

872
        }

873
    }

874


875
    void startClient(boolean newThread) throws Exception {

876
        if (newThread) {

877
            clientThread = new Thread() {

878
                public void run() {

879
                    try {

880
                        doClientSide();

881
                    } catch (Exception e) {

882
                        /*

883
                         * Our client thread just died.

884
                         */

885
                        System.err.println("Client died...");

886
                        clientException = e;

887
                    }

888
                }

889
            };

890
            clientThread.start();

891
        } else {

892
            doClientSide();

893
        }

894
    }

895


896
}

897


898