37 * @run main/othervm SSLSocketSNISensitive PKIX www.example.net
38 * @run main/othervm SSLSocketSNISensitive SunX509 www.example.net
39 * @run main/othervm SSLSocketSNISensitive PKIX www.invalid.com
40 * @run main/othervm SSLSocketSNISensitive SunX509 www.invalid.com
41 */
42
43 import java.net.*;
44 import java.util.*;
45 import java.io.*;
46 import javax.net.ssl.*;
47 import java.security.Security;
48 import java.security.KeyStore;
49 import java.security.KeyFactory;
50 import java.security.cert.Certificate;
51 import java.security.cert.X509Certificate;
52 import java.security.cert.CertificateFactory;
53 import java.security.spec.*;
54 import java.security.interfaces.*;
55 import java.util.Base64;
56
57
58 public class SSLSocketSNISensitive {
59
60 /*
61 * =============================================================
62 * Set the various variables needed for the tests, then
63 * specify what tests to run on each side.
64 */
65
66 /*
67 * Should we run the client or server in a separate thread?
68 * Both sides can throw exceptions, but do you have a preference
69 * as to which side should be the main thread.
70 */
71 static boolean separateServerThread = false;
72
73 /*
74 * Where do we find the keystores?
75 */
76 // Certificates and key used in the test.
77 static String trustedCertStr =
398 (RSAPrivateKey)kf.generatePrivate(priKeySpec);
399
400 // generate certificate chain
401 String keyCertStr = certStrs[i];
402 is = new ByteArrayInputStream(keyCertStr.getBytes());
403 Certificate keyCert = cf.generateCertificate(is);
404 is.close();
405
406 Certificate[] chain = new Certificate[2];
407 chain[0] = keyCert;
408 chain[1] = trusedCert;
409
410 // import the key entry.
411 ks.setKeyEntry("key-entry-" + i, priKey, passphrase, chain);
412 }
413
414 // create SSL context
415 TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmAlgorithm);
416 tmf.init(ks);
417
418 SSLContext ctx = SSLContext.getInstance("TLS");
419 KeyManagerFactory kmf = KeyManagerFactory.getInstance("NewSunX509");
420 kmf.init(ks, passphrase);
421
422 ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
423 ks = null;
424
425 return ctx;
426 }
427
428 // use any free port by default
429 volatile int serverPort = 0;
430
431 volatile Exception serverException = null;
432 volatile Exception clientException = null;
433
434 public static void main(String[] args) throws Exception {
435 // MD5 is used in this test case, don't disable MD5 algorithm.
436 Security.setProperty("jdk.certpath.disabledAlgorithms",
437 "MD2, RSA keySize < 1024");
438 Security.setProperty("jdk.tls.disabledAlgorithms",
|
37 * @run main/othervm SSLSocketSNISensitive PKIX www.example.net
38 * @run main/othervm SSLSocketSNISensitive SunX509 www.example.net
39 * @run main/othervm SSLSocketSNISensitive PKIX www.invalid.com
40 * @run main/othervm SSLSocketSNISensitive SunX509 www.invalid.com
41 */
42
43 import java.net.*;
44 import java.util.*;
45 import java.io.*;
46 import javax.net.ssl.*;
47 import java.security.Security;
48 import java.security.KeyStore;
49 import java.security.KeyFactory;
50 import java.security.cert.Certificate;
51 import java.security.cert.X509Certificate;
52 import java.security.cert.CertificateFactory;
53 import java.security.spec.*;
54 import java.security.interfaces.*;
55 import java.util.Base64;
56
57 // Note: this test case works only on TLS 1.2 and prior versions because of
58 // the use of MD5withRSA signed certificate.
59 public class SSLSocketSNISensitive {
60
61 /*
62 * =============================================================
63 * Set the various variables needed for the tests, then
64 * specify what tests to run on each side.
65 */
66
67 /*
68 * Should we run the client or server in a separate thread?
69 * Both sides can throw exceptions, but do you have a preference
70 * as to which side should be the main thread.
71 */
72 static boolean separateServerThread = false;
73
74 /*
75 * Where do we find the keystores?
76 */
77 // Certificates and key used in the test.
78 static String trustedCertStr =
399 (RSAPrivateKey)kf.generatePrivate(priKeySpec);
400
401 // generate certificate chain
402 String keyCertStr = certStrs[i];
403 is = new ByteArrayInputStream(keyCertStr.getBytes());
404 Certificate keyCert = cf.generateCertificate(is);
405 is.close();
406
407 Certificate[] chain = new Certificate[2];
408 chain[0] = keyCert;
409 chain[1] = trusedCert;
410
411 // import the key entry.
412 ks.setKeyEntry("key-entry-" + i, priKey, passphrase, chain);
413 }
414
415 // create SSL context
416 TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmAlgorithm);
417 tmf.init(ks);
418
419 SSLContext ctx = SSLContext.getInstance("TLSv1.2");
420 KeyManagerFactory kmf = KeyManagerFactory.getInstance("NewSunX509");
421 kmf.init(ks, passphrase);
422
423 ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
424 ks = null;
425
426 return ctx;
427 }
428
429 // use any free port by default
430 volatile int serverPort = 0;
431
432 volatile Exception serverException = null;
433 volatile Exception clientException = null;
434
435 public static void main(String[] args) throws Exception {
436 // MD5 is used in this test case, don't disable MD5 algorithm.
437 Security.setProperty("jdk.certpath.disabledAlgorithms",
438 "MD2, RSA keySize < 1024");
439 Security.setProperty("jdk.tls.disabledAlgorithms",
|