test/javax/net/ssl/TLSv12/ShortRSAKeyGCM.java

Print this page




  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 //
  27 // SunJSSE does not support dynamic system properties, no way to re-use
  28 // system properties in samevm/agentvm mode.
  29 //
  30 
  31 /*
  32  * @test
  33  * @bug 7030966
  34  * @summary Support AEAD CipherSuites
  35  * @modules java.base/sun.misc
  36  * @run main/othervm ShortRSAKeyGCM PKIX TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  37  * @run main/othervm ShortRSAKeyGCM PKIX TLS_RSA_WITH_AES_128_GCM_SHA256
  38  * @run main/othervm ShortRSAKeyGCM PKIX TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
  39  * @run main/othervm ShortRSAKeyGCM PKIX TLS_DH_anon_WITH_AES_128_GCM_SHA256
  40  */
  41 
  42 /*
  43  * Need additional key materials to run the following cases.
  44  *
  45  * @run main/othervm ShortRSAKeyGCM PKIX TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
  46  * @run main/othervm ShortRSAKeyGCM PKIX TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  47  * @run main/othervm ShortRSAKeyGCM PKIX TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
  48  *
  49  * Need unlimited JCE Unlimited Strength Jurisdiction Policy to run the
  50  * following cases.
  51  *
  52  * @run main/othervm ShortRSAKeyGCM PKIX TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  53  * @run main/othervm ShortRSAKeyGCM PKIX TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
  54  * @run main/othervm ShortRSAKeyGCM PKIX TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  55  * @run main/othervm ShortRSAKeyGCM PKIX TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
  56  * @run main/othervm ShortRSAKeyGCM PKIX TLS_RSA_WITH_AES_256_GCM_SHA384
  57  * @run main/othervm ShortRSAKeyGCM PKIX TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
  58  * @run main/othervm ShortRSAKeyGCM PKIX TLS_DH_anon_WITH_AES_256_GCM_SHA384
  59  */
  60 
  61 import java.net.*;
  62 import java.util.*;
  63 import java.io.*;
  64 import javax.net.ssl.*;
  65 import java.security.Security;
  66 import java.security.KeyStore;
  67 import java.security.KeyFactory;
  68 import java.security.cert.Certificate;
  69 import java.security.cert.CertificateFactory;
  70 import java.security.spec.*;
  71 import java.security.interfaces.*;
  72 import sun.misc.BASE64Decoder;
  73 
  74 
  75 public class ShortRSAKeyGCM {
  76 
  77     /*
  78      * =============================================================
  79      * Set the various variables needed for the tests, then
  80      * specify what tests to run on each side.
  81      */
  82 
  83     /*
  84      * Should we run the client or server in a separate thread?
  85      * Both sides can throw exceptions, but do you have a preference
  86      * as to which side should be the main thread.
  87      */
  88     static boolean separateServerThread = true;
  89 
  90     /*
  91      * Where do we find the keystores?
  92      */


 235         CertificateFactory cf = CertificateFactory.getInstance("X.509");
 236 
 237         // create a key store
 238         KeyStore ks = KeyStore.getInstance("JKS");
 239         ks.load(null, null);
 240 
 241         // import the trused cert
 242         Certificate trusedCert = null;
 243         ByteArrayInputStream is = null;
 244         if (trustedCertStr != null) {
 245             is = new ByteArrayInputStream(trustedCertStr.getBytes());
 246             trusedCert = cf.generateCertificate(is);
 247             is.close();
 248 
 249             ks.setCertificateEntry("RSA Export Signer", trusedCert);
 250         }
 251 
 252         if (keyCertStr != null) {
 253             // generate the private key.
 254             PKCS8EncodedKeySpec priKeySpec = new PKCS8EncodedKeySpec(
 255                                 new BASE64Decoder().decodeBuffer(keySpecStr));
 256             KeyFactory kf = KeyFactory.getInstance("RSA");
 257             RSAPrivateKey priKey =
 258                     (RSAPrivateKey)kf.generatePrivate(priKeySpec);
 259 
 260             // generate certificate chain
 261             is = new ByteArrayInputStream(keyCertStr.getBytes());
 262             Certificate keyCert = cf.generateCertificate(is);
 263             is.close();
 264 
 265             Certificate[] chain = null;
 266             if (trusedCert != null) {
 267                 chain = new Certificate[2];
 268                 chain[0] = keyCert;
 269                 chain[1] = trusedCert;
 270             } else {
 271                 chain = new Certificate[1];
 272                 chain[0] = keyCert;
 273             }
 274 
 275             // import the key entry.




  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 //
  27 // SunJSSE does not support dynamic system properties, no way to re-use
  28 // system properties in samevm/agentvm mode.
  29 //
  30 
  31 /*
  32  * @test
  33  * @bug 7030966
  34  * @summary Support AEAD CipherSuites

  35  * @run main/othervm ShortRSAKeyGCM PKIX TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  36  * @run main/othervm ShortRSAKeyGCM PKIX TLS_RSA_WITH_AES_128_GCM_SHA256
  37  * @run main/othervm ShortRSAKeyGCM PKIX TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
  38  * @run main/othervm ShortRSAKeyGCM PKIX TLS_DH_anon_WITH_AES_128_GCM_SHA256
  39  */
  40 
  41 /*
  42  * Need additional key materials to run the following cases.
  43  *
  44  * @run main/othervm ShortRSAKeyGCM PKIX TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
  45  * @run main/othervm ShortRSAKeyGCM PKIX TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  46  * @run main/othervm ShortRSAKeyGCM PKIX TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
  47  *
  48  * Need unlimited JCE Unlimited Strength Jurisdiction Policy to run the
  49  * following cases.
  50  *
  51  * @run main/othervm ShortRSAKeyGCM PKIX TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  52  * @run main/othervm ShortRSAKeyGCM PKIX TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
  53  * @run main/othervm ShortRSAKeyGCM PKIX TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  54  * @run main/othervm ShortRSAKeyGCM PKIX TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
  55  * @run main/othervm ShortRSAKeyGCM PKIX TLS_RSA_WITH_AES_256_GCM_SHA384
  56  * @run main/othervm ShortRSAKeyGCM PKIX TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
  57  * @run main/othervm ShortRSAKeyGCM PKIX TLS_DH_anon_WITH_AES_256_GCM_SHA384
  58  */
  59 
  60 import java.net.*;
  61 import java.util.*;
  62 import java.io.*;
  63 import javax.net.ssl.*;
  64 import java.security.Security;
  65 import java.security.KeyStore;
  66 import java.security.KeyFactory;
  67 import java.security.cert.Certificate;
  68 import java.security.cert.CertificateFactory;
  69 import java.security.spec.*;
  70 import java.security.interfaces.*;

  71 
  72 
  73 public class ShortRSAKeyGCM {
  74 
  75     /*
  76      * =============================================================
  77      * Set the various variables needed for the tests, then
  78      * specify what tests to run on each side.
  79      */
  80 
  81     /*
  82      * Should we run the client or server in a separate thread?
  83      * Both sides can throw exceptions, but do you have a preference
  84      * as to which side should be the main thread.
  85      */
  86     static boolean separateServerThread = true;
  87 
  88     /*
  89      * Where do we find the keystores?
  90      */


 233         CertificateFactory cf = CertificateFactory.getInstance("X.509");
 234 
 235         // create a key store
 236         KeyStore ks = KeyStore.getInstance("JKS");
 237         ks.load(null, null);
 238 
 239         // import the trused cert
 240         Certificate trusedCert = null;
 241         ByteArrayInputStream is = null;
 242         if (trustedCertStr != null) {
 243             is = new ByteArrayInputStream(trustedCertStr.getBytes());
 244             trusedCert = cf.generateCertificate(is);
 245             is.close();
 246 
 247             ks.setCertificateEntry("RSA Export Signer", trusedCert);
 248         }
 249 
 250         if (keyCertStr != null) {
 251             // generate the private key.
 252             PKCS8EncodedKeySpec priKeySpec = new PKCS8EncodedKeySpec(
 253                                 Base64.getMimeDecoder().decode(keySpecStr));
 254             KeyFactory kf = KeyFactory.getInstance("RSA");
 255             RSAPrivateKey priKey =
 256                     (RSAPrivateKey)kf.generatePrivate(priKeySpec);
 257 
 258             // generate certificate chain
 259             is = new ByteArrayInputStream(keyCertStr.getBytes());
 260             Certificate keyCert = cf.generateCertificate(is);
 261             is.close();
 262 
 263             Certificate[] chain = null;
 264             if (trusedCert != null) {
 265                 chain = new Certificate[2];
 266                 chain[0] = keyCert;
 267                 chain[1] = trusedCert;
 268             } else {
 269                 chain = new Certificate[1];
 270                 chain[0] = keyCert;
 271             }
 272 
 273             // import the key entry.