1 /* 2 * Copyright (c) 2002, 2018, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 import java.io.InputStream; 25 import java.io.OutputStream; 26 import java.security.cert.Certificate; 27 28 import javax.net.ssl.KeyManager; 29 import javax.net.ssl.SSLContext; 30 import javax.net.ssl.SSLSession; 31 import javax.net.ssl.SSLSocket; 32 import javax.net.ssl.SSLSocketFactory; 33 import javax.net.ssl.TrustManager; 34 35 class JSSEClient extends CipherTest.Client { 36 37 private final SSLContext sslContext; 38 private final MyX509KeyManager keyManager; 39 40 JSSEClient(CipherTest cipherTest) throws Exception { 41 super(cipherTest); 42 this.keyManager = new MyX509KeyManager(CipherTest.keyManager); 43 sslContext = SSLContext.getInstance("TLS"); 44 } 45 46 void runTest(CipherTest.TestParameters params) throws Exception { 47 SSLSocket socket = null; 48 try { 49 keyManager.setAuthType(params.clientAuth); 50 sslContext.init( 51 new KeyManager[] { keyManager }, 52 new TrustManager[] { CipherTest.trustManager }, 53 CipherTest.secureRandom); 54 SSLSocketFactory factory = (SSLSocketFactory)sslContext.getSocketFactory(); 55 socket = (SSLSocket)factory.createSocket("127.0.0.1", CipherTest.serverPort); 56 socket.setSoTimeout(CipherTest.TIMEOUT); 57 socket.setEnabledCipherSuites(new String[] { params.cipherSuite.name() }); 58 socket.setEnabledProtocols(new String[] { params.protocol.name }); 59 InputStream in = socket.getInputStream(); 60 OutputStream out = socket.getOutputStream(); 61 sendRequest(in, out); 62 socket.close(); 63 SSLSession session = socket.getSession(); 64 session.invalidate(); 65 String cipherSuite = session.getCipherSuite(); 66 if (!params.cipherSuite.name().equals(cipherSuite)) { 67 throw new Exception("Negotiated ciphersuite mismatch: " 68 + cipherSuite + " != " + params.cipherSuite); 69 } 70 String protocol = session.getProtocol(); 71 if (!params.protocol.name.equals(protocol)) { 72 throw new Exception("Negotiated protocol mismatch: " + protocol 73 + " != " + params.protocol); 74 } 75 if (cipherSuite.indexOf("DH_anon") == -1) { 76 session.getPeerCertificates(); 77 } 78 Certificate[] certificates = session.getLocalCertificates(); 79 if (params.clientAuth == null) { 80 if (certificates != null) { 81 throw new Exception("Local certificates should be null"); 82 } 83 } else { 84 if ((certificates == null) || (certificates.length == 0)) { 85 throw new Exception("Certificates missing"); 86 } 87 String keyAlg = certificates[0].getPublicKey().getAlgorithm(); 88 if (params.clientAuth != keyAlg) { 89 throw new Exception("Certificate type mismatch: " + keyAlg + " != " + params.clientAuth); 90 } 91 } 92 } finally { 93 if (socket != null) { 94 socket.close(); 95 } 96 } 97 } 98 99 }