1 /* 2 * Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 // 25 // Please run in othervm mode. SunJSSE does not support dynamic system 26 // properties, no way to re-use system properties in samevm/agentvm mode. 27 // 28 29 /* 30 * @test 31 * @bug 8161106 8170329 32 * @modules jdk.crypto.ec 33 * @summary Improve SSLSocket test template 34 * @run main/othervm SSLSocketTemplate 35 */ 36 37 import java.io.ByteArrayInputStream; 38 import java.io.InputStream; 39 import java.io.IOException; 40 import java.io.OutputStream; 41 import javax.net.ssl.KeyManagerFactory; 42 import javax.net.ssl.SSLContext; 43 import javax.net.ssl.SSLServerSocket; 44 import javax.net.ssl.SSLServerSocketFactory; 45 import javax.net.ssl.SSLSocket; 46 import javax.net.ssl.SSLSocketFactory; 47 import javax.net.ssl.TrustManagerFactory; 48 import java.net.InetSocketAddress; 49 import java.net.SocketTimeoutException; 50 import java.security.KeyStore; 51 import java.security.PrivateKey; 52 import java.security.KeyFactory; 53 import java.security.cert.Certificate; 54 import java.security.cert.CertificateFactory; 55 import java.security.spec.PKCS8EncodedKeySpec; 56 import java.util.Base64; 57 58 import java.util.concurrent.CountDownLatch; 59 import java.util.concurrent.TimeUnit; 60 61 /** 62 * Template to help speed your client/server tests. 63 * 64 * Two examples that use this template: 65 * test/sun/security/ssl/ServerHandshaker/AnonCipherWithWantClientAuth.java 66 * test/sun/net/www/protocol/https/HttpsClient/ServerIdentityTest.java 67 */ 68 public class SSLSocketTemplate { 69 70 /* 71 * ================== 72 * Run the test case. 73 */ 74 public static void main(String[] args) throws Exception { 75 (new SSLSocketTemplate()).run(); 76 } 77 78 /* 79 * Run the test case. 80 */ 81 public void run() throws Exception { 82 bootup(); 83 } 84 85 /* 86 * Define the server side application of the test for the specified socket. 87 */ 88 protected void runServerApplication(SSLSocket socket) throws Exception { 89 // here comes the test logic 90 InputStream sslIS = socket.getInputStream(); 91 OutputStream sslOS = socket.getOutputStream(); 92 93 sslIS.read(); 94 sslOS.write(85); 95 sslOS.flush(); 96 } 97 98 /* 99 * Define the client side application of the test for the specified socket. 100 * This method is used if the returned value of 101 * isCustomizedClientConnection() is false. 102 * 103 * @param socket may be null is no client socket is generated. 104 * 105 * @see #isCustomizedClientConnection() 106 */ 107 protected void runClientApplication(SSLSocket socket) throws Exception { 108 InputStream sslIS = socket.getInputStream(); 109 OutputStream sslOS = socket.getOutputStream(); 110 111 sslOS.write(280); 112 sslOS.flush(); 113 sslIS.read(); 114 } 115 116 /* 117 * Define the client side application of the test for the specified 118 * server port. This method is used if the returned value of 119 * isCustomizedClientConnection() is true. 120 * 121 * Note that the client need to connect to the server port by itself 122 * for the actual message exchange. 123 * 124 * @see #isCustomizedClientConnection() 125 */ 126 protected void runClientApplication(int serverPort) throws Exception { 127 // blank 128 } 129 130 /* 131 * Create an instance of SSLContext for client use. 132 */ 133 protected SSLContext createClientSSLContext() throws Exception { 134 return createSSLContext(trustedCertStrs, 135 endEntityCertStrs, endEntityPrivateKeys, 136 endEntityPrivateKeyAlgs, 137 endEntityPrivateKeyNames, 138 getClientContextParameters()); 139 } 140 141 /* 142 * Create an instance of SSLContext for server use. 143 */ 144 protected SSLContext createServerSSLContext() throws Exception { 145 return createSSLContext(trustedCertStrs, 146 endEntityCertStrs, endEntityPrivateKeys, 147 endEntityPrivateKeyAlgs, 148 endEntityPrivateKeyNames, 149 getServerContextParameters()); 150 } 151 152 /* 153 * The parameters used to configure SSLContext. 154 */ 155 protected static final class ContextParameters { 156 final String contextProtocol; 157 final String tmAlgorithm; 158 final String kmAlgorithm; 159 160 ContextParameters(String contextProtocol, 161 String tmAlgorithm, String kmAlgorithm) { 162 163 this.contextProtocol = contextProtocol; 164 this.tmAlgorithm = tmAlgorithm; 165 this.kmAlgorithm = kmAlgorithm; 166 } 167 } 168 169 /* 170 * Get the client side parameters of SSLContext. 171 */ 172 protected ContextParameters getClientContextParameters() { 173 return new ContextParameters("TLS", "PKIX", "NewSunX509"); 174 } 175 176 /* 177 * Get the server side parameters of SSLContext. 178 */ 179 protected ContextParameters getServerContextParameters() { 180 return new ContextParameters("TLS", "PKIX", "NewSunX509"); 181 } 182 183 /* 184 * Does the client side use customized connection other than 185 * explicit Socket.connect(), for example, URL.openConnection()? 186 */ 187 protected boolean isCustomizedClientConnection() { 188 return false; 189 } 190 191 /* 192 * Configure the server side socket. 193 */ 194 protected void configureServerSocket(SSLServerSocket socket) { 195 196 } 197 198 /* 199 * ============================================= 200 * Define the client and server side operations. 201 * 202 * If the client or server is doing some kind of object creation 203 * that the other side depends on, and that thread prematurely 204 * exits, you may experience a hang. The test harness will 205 * terminate all hung threads after its timeout has expired, 206 * currently 3 minutes by default, but you might try to be 207 * smart about it.... 208 */ 209 210 /* 211 * Is the server ready to serve? 212 */ 213 private final CountDownLatch serverCondition = new CountDownLatch(1); 214 215 /* 216 * Is the client ready to handshake? 217 */ 218 private final CountDownLatch clientCondition = new CountDownLatch(1); 219 220 /* 221 * What's the server port? Use any free port by default 222 */ 223 private volatile int serverPort = 0; 224 225 /* 226 * Define the server side of the test. 227 */ 228 private void doServerSide() throws Exception { 229 // kick start the server side service 230 SSLContext context = createServerSSLContext(); 231 SSLServerSocketFactory sslssf = context.getServerSocketFactory(); 232 SSLServerSocket sslServerSocket = 233 (SSLServerSocket)sslssf.createServerSocket(serverPort); 234 configureServerSocket(sslServerSocket); 235 serverPort = sslServerSocket.getLocalPort(); 236 237 // Signal the client, the server is ready to accept connection. 238 serverCondition.countDown(); 239 240 // Try to accept a connection in 30 seconds. 241 SSLSocket sslSocket; 242 try { 243 sslServerSocket.setSoTimeout(30000); 244 sslSocket = (SSLSocket)sslServerSocket.accept(); 245 } catch (SocketTimeoutException ste) { 246 // Ignore the test case if no connection within 30 seconds. 247 System.out.println( 248 "No incoming client connection in 30 seconds. " + 249 "Ignore in server side."); 250 return; 251 } finally { 252 sslServerSocket.close(); 253 } 254 255 // handle the connection 256 try { 257 // Is it the expected client connection? 258 // 259 // Naughty test cases or third party routines may try to 260 // connection to this server port unintentionally. In 261 // order to mitigate the impact of unexpected client 262 // connections and avoid intermittent failure, it should 263 // be checked that the accepted connection is really linked 264 // to the expected client. 265 boolean clientIsReady = 266 clientCondition.await(30L, TimeUnit.SECONDS); 267 268 if (clientIsReady) { 269 // Run the application in server side. 270 runServerApplication(sslSocket); 271 } else { // Otherwise, ignore 272 // We don't actually care about plain socket connections 273 // for TLS communication testing generally. Just ignore 274 // the test if the accepted connection is not linked to 275 // the expected client or the client connection timeout 276 // in 30 seconds. 277 System.out.println( 278 "The client is not the expected one or timeout. " + 279 "Ignore in server side."); 280 } 281 } finally { 282 sslSocket.close(); 283 } 284 } 285 286 /* 287 * Define the client side of the test. 288 */ 289 private void doClientSide() throws Exception { 290 291 // Wait for server to get started. 292 // 293 // The server side takes care of the issue if the server cannot 294 // get started in 90 seconds. The client side would just ignore 295 // the test case if the serer is not ready. 296 boolean serverIsReady = 297 serverCondition.await(90L, TimeUnit.SECONDS); 298 if (!serverIsReady) { 299 System.out.println( 300 "The server is not ready yet in 90 seconds. " + 301 "Ignore in client side."); 302 return; 303 } 304 305 if (isCustomizedClientConnection()) { 306 // Signal the server, the client is ready to communicate. 307 clientCondition.countDown(); 308 309 // Run the application in client side. 310 runClientApplication(serverPort); 311 312 return; 313 } 314 315 SSLContext context = createClientSSLContext(); 316 SSLSocketFactory sslsf = context.getSocketFactory(); 317 318 try (SSLSocket sslSocket = (SSLSocket)sslsf.createSocket()) { 319 try { 320 sslSocket.connect( 321 new InetSocketAddress("localhost", serverPort), 15000); 322 } catch (IOException ioe) { 323 // The server side may be impacted by naughty test cases or 324 // third party routines, and cannot accept connections. 325 // 326 // Just ignore the test if the connection cannot be 327 // established. 328 System.out.println( 329 "Cannot make a connection in 15 seconds. " + 330 "Ignore in client side."); 331 return; 332 } 333 334 // OK, here the client and server get connected. 335 336 // Signal the server, the client is ready to communicate. 337 clientCondition.countDown(); 338 339 // There is still a chance in theory that the server thread may 340 // wait client-ready timeout and then quit. The chance should 341 // be really rare so we don't consider it until it becomes a 342 // real problem. 343 344 // Run the application in client side. 345 runClientApplication(sslSocket); 346 } 347 } 348 349 /* 350 * ============================================= 351 * Stuffs to customize the SSLContext instances. 352 */ 353 354 /* 355 * ======================================= 356 * Certificates and keys used in the test. 357 */ 358 // Trusted certificates. 359 private final static String[] trustedCertStrs = { 360 // SHA256withECDSA, curve prime256v1 361 // Validity 362 // Not Before: Nov 25 04:19:51 2016 GMT 363 // Not After : Nov 5 04:19:51 2037 GMT 364 // Subject Key Identifier: 365 // CA:48:E8:00:C1:42:BD:59:9B:79:D9:B4:B4:CE:3F:68:0C:C8:C4:0C 366 "-----BEGIN CERTIFICATE-----\n" + 367 "MIICHDCCAcGgAwIBAgIJAJtKs6ZEcVjxMAoGCCqGSM49BAMCMDsxCzAJBgNVBAYT\n" + 368 "AlVTMQ0wCwYDVQQKEwRKYXZhMR0wGwYDVQQLExRTdW5KU1NFIFRlc3QgU2VyaXZj\n" + 369 "ZTAeFw0xNjExMjUwNDE5NTFaFw0zNzExMDUwNDE5NTFaMDsxCzAJBgNVBAYTAlVT\n" + 370 "MQ0wCwYDVQQKEwRKYXZhMR0wGwYDVQQLExRTdW5KU1NFIFRlc3QgU2VyaXZjZTBZ\n" + 371 "MBMGByqGSM49AgEGCCqGSM49AwEHA0IABKMO/AFDHZia65RaqMIBX7WBdtzFj8fz\n" + 372 "ggqMADLJhoszS6qfTUDYskETw3uHfB3KAOENsoKX446qFFPuVjxS1aejga0wgaow\n" + 373 "HQYDVR0OBBYEFMpI6ADBQr1Zm3nZtLTOP2gMyMQMMGsGA1UdIwRkMGKAFMpI6ADB\n" + 374 "Qr1Zm3nZtLTOP2gMyMQMoT+kPTA7MQswCQYDVQQGEwJVUzENMAsGA1UEChMESmF2\n" + 375 "YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2WCCQCbSrOmRHFY8TAPBgNV\n" + 376 "HRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNJADBGAiEA5cJ/\n" + 377 "jirBbXxzpZ6kdp/Zb/yrIBnr4jiPGJTLgRTb8s4CIQChUDfP1Zqg0qJVfqFNaL4V\n" + 378 "a0EAeJHXGZnvCGGqHzoxkg==\n" + 379 "-----END CERTIFICATE-----", 380 381 // SHA256withRSA, 2048 bits 382 // Validity 383 // Not Before: Apr 12 06:51:49 2018 GMT 384 // Not After : Apr 7 06:51:49 2038 GMT 385 // Subject Key Identifier: 386 // 14:AE:A5:A9:2C:0F:E3:25:BA:1B:AD:B6:A7:DB:07:F0:4D:14:49:97 387 "-----BEGIN CERTIFICATE-----\n" + 388 "MIIDTDCCAjSgAwIBAgIJALzz9cKBmONRMA0GCSqGSIb3DQEBCwUAMDsxCzAJBgNV\n" + 389 "BAYTAlVTMQ0wCwYDVQQKDARKYXZhMR0wGwYDVQQLDBRTdW5KU1NFIFRlc3QgU2Vy\n" + 390 "aXZjZTAeFw0xODA0MTIwNjUxNDlaFw0zODA0MDcwNjUxNDlaMDsxCzAJBgNVBAYT\n" + 391 "AlVTMQ0wCwYDVQQKDARKYXZhMR0wGwYDVQQLDBRTdW5KU1NFIFRlc3QgU2VyaXZj\n" + 392 "ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANPfPtImftkV2UAB+QPa\n" + 393 "R9udeRxApNphb+70T1p3GFql8sUG6/Rbao5H1QllzZ22+J6xoLVftaDp1S3QibTn\n" + 394 "3hv0KPuzsA7zi83GRp8STSHcwOU5zq5yzkFEPQrQxOYfaRzLrv7+sznXpaWCPb/6\n" + 395 "wGktZrHBXZE0eT1wid7h3DoiOCu1BBLPAImiSk5SVadvQkk6uua4W3M78dzbrE8s\n" + 396 "k6O40Nxyi3gVURU0U/IIm8ur89rYUThzlEdTKRdUfG38oyUvqFclwCbp+3F9BxIa\n" + 397 "5WWmj0avrSFCAuwAoCY762Iah0bRv1SKTE9RzO1P07GNyyIuOZ2J6TlXVBWfzE9V\n" + 398 "DmcCAwEAAaNTMFEwHQYDVR0OBBYEFBSupaksD+MluhuttqfbB/BNFEmXMB8GA1Ud\n" + 399 "IwQYMBaAFBSupaksD+MluhuttqfbB/BNFEmXMA8GA1UdEwEB/wQFMAMBAf8wDQYJ\n" + 400 "KoZIhvcNAQELBQADggEBALXVlY46/qvk7aVrDbJ/u/jmA+gGnEF7PZWg6tuwzME/\n" + 401 "GDd28xwALHw+MgH6sFkKnCCfGnzuLPUMezMNLQxj+uosJvDHkBJ7hReDfowMcTz2\n" + 402 "j0IR+RljNfGcd8lyfq9Jc6t8tTlPLG1ek/ObIMU/NLeK3faqGFLmoJ+xiDGVWhk3\n" + 403 "uPhvc1l1riWaIP67PxpHOuBbOwwFyrkQ7jC0ymi0bdwG4m6BQ1KbWNXoWBnVSTNN\n" + 404 "94C+FOEN6WnxwdX0BA2CPObs3YiUjctzXYaSixG952Lh6lwasrhqd1h6fogtTS4M\n" + 405 "7dfJ99aNjmiQroC7xIe7OIRmGM/UbwA/K5zfQSayuNQ=\n" + 406 "-----END CERTIFICATE-----", 407 408 // SHA256withDSA, 2048 bits 409 // Validity 410 // Not Before: Nov 25 04:19:56 2016 GMT 411 // Not After : Nov 5 04:19:56 2037 GMT 412 // Subject Key Identifier: 413 // 19:46:10:43:24:6A:A5:14:BE:E2:92:01:79:F0:4C:5F:E1:AE:81:B5 414 "-----BEGIN CERTIFICATE-----\n" + 415 "MIIFCzCCBLGgAwIBAgIJAOnEn6YZD/sAMAsGCWCGSAFlAwQDAjA7MQswCQYDVQQG\n" + 416 "EwJVUzENMAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2\n" + 417 "Y2UwHhcNMTYxMTI1MDQxOTU2WhcNMzcxMTA1MDQxOTU2WjA7MQswCQYDVQQGEwJV\n" + 418 "UzENMAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2Uw\n" + 419 "ggNGMIICOQYHKoZIzjgEATCCAiwCggEBAJa17ZYdIChv5yeYuPK3zXxgUEGGsdUD\n" + 420 "AzfQUxtMryCtc3aNgWLxsN1/QYvp9v+hh4twnG20VemCEH9Qlx06Pxg74DwSOA83\n" + 421 "SecO2y7cdgmrHpep9drxKbXVZafwBhbTSwhV+IDO7EO6+LaRvZuya/YOqNIE9ENx\n" + 422 "FVk0NrNsDB6pfDEXZsCZALMN2mcl8KGn1q7vdzJQUEV7F6uLGP33znVfmQyWJH3Y\n" + 423 "W09WVCFXHvDzZHGXDO2O2QwIU1B5AsXnOGeLnKgXzErCoNKwUbVFP0W0OVeJo4pc\n" + 424 "ZfL/8TVELGG90AuuH1V3Gsq6PdzCDPw4Uv/v5m7/6kwXqBQxAJA7jhMCIQCORIGV\n" + 425 "mHy5nBLRhIP4vC7vsTxb4CTApPVmZeL5gTIwtQKCAQB2VZLY22k2+IQM6deRGK3L\n" + 426 "l7tPChGrKnGmTbtUThIza70Sp9DmTBiLzMEY+IgG8kYuT5STVxWjs0cxXCKZGMQW\n" + 427 "tioMtiXPA2M3HA0/8E0mDLSmzb0RAd2xxnDyGsuqo1eVmx7PLjN3bn3EjhD/+j3d\n" + 428 "Jx3ZVScMGyq7sVWppUvpudEXi+2etf6GUHjrcX27juo7u4zQ1ezC/HYG1H+jEFqG\n" + 429 "hdQ6b7H+LBHZH9LegOyIZTMrzAY/TwIr77sXrNJWRoxmDErKB+8bRDybYhNJswlZ\n" + 430 "m0N5YYUlPmepgbl6XzwCv0y0d81h3bayqIPLXEUtRAl9GuM0hNAlA1Y+qSn9xLFY\n" + 431 "A4IBBQACggEAZgWC0uflwqQQP1GRU1tolmFZwyVtKre7SjYgCeQBrOa0Xnj/SLaD\n" + 432 "g1HZ1oH0hccaR/45YouJiCretbbsQ77KouldGSGqTHJgRL75Y2z5uvxa60+YxZ0Z\n" + 433 "v8xvZnj4seyOjgJLxSSYSPl5n/F70RaNiCLVz/kGe6OQ8KoAeQjdDTOHXCegO9KX\n" + 434 "tvhM7EaYc8CII9OIR7S7PXJW0hgLKynZcu/Unh02aM0ABh/uLmw1+tvo8e8KTp98\n" + 435 "NKYSVf6kV3/ya58n4h64UbIYL08JoKUM/5SFETcKAZTU0YKZbpWTM79oJMr8oYVk\n" + 436 "P9jKitNsXq0Xkzt5dSO0kfu/kM7zpnaFsqOBrTCBqjAdBgNVHQ4EFgQUGUYQQyRq\n" + 437 "pRS+4pIBefBMX+GugbUwawYDVR0jBGQwYoAUGUYQQyRqpRS+4pIBefBMX+GugbWh\n" + 438 "P6Q9MDsxCzAJBgNVBAYTAlVTMQ0wCwYDVQQKEwRKYXZhMR0wGwYDVQQLExRTdW5K\n" + 439 "U1NFIFRlc3QgU2VyaXZjZYIJAOnEn6YZD/sAMA8GA1UdEwEB/wQFMAMBAf8wCwYD\n" + 440 "VR0PBAQDAgEGMAsGCWCGSAFlAwQDAgNHADBEAiAwBafz5RRR9nc4cCYoYuBlT/D9\n" + 441 "9eayhkjhBY/zYunypwIgNp/JnFR88/T4hh36QfSKBGXId9RBCM6uaOkOKnEGkps=\n" + 442 "-----END CERTIFICATE-----" 443 }; 444 445 // End entity certificate. 446 private final static String[] endEntityCertStrs = { 447 // SHA256withECDSA, curve prime256v1 448 // Validity 449 // Not Before: Nov 25 04:19:51 2016 GMT 450 // Not After : Aug 12 04:19:51 2036 GMT 451 // Authority Key Identifier: 452 // CA:48:E8:00:C1:42:BD:59:9B:79:D9:B4:B4:CE:3F:68:0C:C8:C4:0C 453 "-----BEGIN CERTIFICATE-----\n" + 454 "MIIB1zCCAXygAwIBAgIJAPFq2QL/nUNZMAoGCCqGSM49BAMCMDsxCzAJBgNVBAYT\n" + 455 "AlVTMQ0wCwYDVQQKEwRKYXZhMR0wGwYDVQQLExRTdW5KU1NFIFRlc3QgU2VyaXZj\n" + 456 "ZTAeFw0xNjExMjUwNDE5NTFaFw0zNjA4MTIwNDE5NTFaMFUxCzAJBgNVBAYTAlVT\n" + 457 "MQ0wCwYDVQQKDARKYXZhMR0wGwYDVQQLDBRTdW5KU1NFIFRlc3QgU2VyaXZjZTEY\n" + 458 "MBYGA1UEAwwPUmVncmVzc2lvbiBUZXN0MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD\n" + 459 "QgAE4yvRGVvy9iVATyuHPJVdX6+lh/GLm/sRJ5qLT/3PVFOoNIvlEVNiARo7xhyj\n" + 460 "2p6bnf32gNg5Ye+QCw20VUv9E6NPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSO\n" + 461 "hHlHZQp9hyBfSGTSQWeszqMXejAfBgNVHSMEGDAWgBTKSOgAwUK9WZt52bS0zj9o\n" + 462 "DMjEDDAKBggqhkjOPQQDAgNJADBGAiEAu3t6cvFglBAZfkhZlEwB04ZjUFqyfiRj\n" + 463 "4Hr275E4ZoQCIQDUEonJHlmA19J6oobfR5lYsmoqPm1r0DPm/IiNNKGKKA==\n" + 464 "-----END CERTIFICATE-----", 465 466 // SHA256withRSA, 2048 bits 467 // Validity 468 // Not Before: Apr 12 06:52:29 2018 GMT 469 // Not After : Apr 7 06:52:29 2038 GMT 470 // Authority Key Identifier: 471 // 14:AE:A5:A9:2C:0F:E3:25:BA:1B:AD:B6:A7:DB:07:F0:4D:14:49:97 472 "-----BEGIN CERTIFICATE-----\n" + 473 "MIIDDDCCAfQCCQDd9PfUCpKn0DANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJV\n" + 474 "UzENMAsGA1UECgwESmF2YTEdMBsGA1UECwwUU3VuSlNTRSBUZXN0IFNlcml2Y2Uw\n" + 475 "HhcNMTgwNDEyMDY1MjI5WhcNMzgwNDA3MDY1MjI5WjBVMQswCQYDVQQGEwJVUzEN\n" + 476 "MAsGA1UECgwESmF2YTEdMBsGA1UECwwUU3VuSlNTRSBUZXN0IFNlcml2Y2UxGDAW\n" + 477 "BgNVBAMMD1JlZ3Jlc3Npb24gVGVzdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC\n" + 478 "AQoCggEBAJWFd+AEAZWRBbua9ax4CJgyXoU3Nx9zwkxbxz2DGZ5sJb/64b/mKBz4\n" + 479 "mgT6cknJPrCv3vLg9v6WzlpIqISzEP6ARxmMDTomt8ppRFqDq31uGJ3cKWvhpwG1\n" + 480 "92HwJUxvbjZYvqszXA5piOtFWa+uBavKSF/dXXrMXijDl6LbL3GU4pZLmeUP8PRy\n" + 481 "UfwWhcy3HikBIx7fGCcNB+dHXtB5DTgxdR8ypTCB5xFfhgL9EqO8X0pin+bubfpF\n" + 482 "5IY68p5B4ob7EdNmBCTUyFAN3Mh9r49ZzwpYIvi9shNmddwMakJOB9YaMsRmc3Ea\n" + 483 "mUVpdR0fR8bY5RtgZwEhtaizp2DkS0ECAwEAATANBgkqhkiG9w0BAQsFAAOCAQEA\n" + 484 "pUqCPnpeUITq9tfDdB9rolb5dV3fIhRtj0rsjimKbcMAeYAkb3qHvlZOLZ/PMD3v\n" + 485 "y8J9TJ88YPGGOUXCsAqJ88Ous883xqLkOjZYEiY/0gdU2/v6uQ35lgHtJynmzO3E\n" + 486 "YUbwleJETUNA66sOtiW7om9vcAVPu3mmea5bZkkdwxydn/IZvVYp5JLu4MuJpfh1\n" + 487 "lWpC3z2U7DgZrt4ZQGzok+DRnGiKIOo+G2JvLVIKz/rbsIbjDBqQTdt7TKLu8wbV\n" + 488 "UdN8SOF7qZhBpiwQHZCmiw8KhQ5R/aNDQxCVfMOXcAGqmiFpdHPqWgxCob778mjc\n" + 489 "Na2CGaztVh+f9MSz3j/Hmg==\n" + 490 "-----END CERTIFICATE-----", 491 492 // SHA256withRSA, curv prime256v1 493 // Validity 494 // Not Before: Apr 12 06:54:43 2018 GMT 495 // Not After : Apr 7 06:54:43 2038 GMT 496 // Authority Key Identifier: 497 // 14:AE:A5:A9:2C:0F:E3:25:BA:1B:AD:B6:A7:DB:07:F0:4D:14:49:97 498 "-----BEGIN CERTIFICATE-----\n" + 499 "MIICQTCCASkCCQDd9PfUCpKn0TANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJV\n" + 500 "UzENMAsGA1UECgwESmF2YTEdMBsGA1UECwwUU3VuSlNTRSBUZXN0IFNlcml2Y2Uw\n" + 501 "HhcNMTgwNDEyMDY1NDQzWhcNMzgwNDA3MDY1NDQzWjBVMQswCQYDVQQGEwJVUzEN\n" + 502 "MAsGA1UECgwESmF2YTEdMBsGA1UECwwUU3VuSlNTRSBUZXN0IFNlcml2Y2UxGDAW\n" + 503 "BgNVBAMMD1JlZ3Jlc3Npb24gVGVzdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA\n" + 504 "BOlOthBVzSCU0TPRiW+O4mhOn0ZHE338wLhy4HYiMnuBVWzl2L7krSpCXKM/b//a\n" + 505 "/0YPobAEXKbShh0oFxo51IIwDQYJKoZIhvcNAQELBQADggEBAD/a7z31ODFCSdyf\n" + 506 "AUq5vYsVZIV4s2J2tJh5piYoipP0BKRcthw1RtvqbNZFjB5DLyWVq39Tk6gCJvKo\n" + 507 "csaV3O/VRaQWRyLD1Ak7T0oG5eZDlpYWwjzyMMR32NjOyRG6clWWQx5O7Pc2uxvz\n" + 508 "GL8Pf+YgKU5QLqcghN+104e3+GMzmNccmK5nBmr2Lz1Hy54JxGRXUEKI85VoiUgk\n" + 509 "ArF0RLeUQxBFFBrYBsqLY6DI+Rgvhxk9ri9Udoa3sn8pYfNqxe1beyazbn4ChM6z\n" + 510 "y/7/we+wAnPaPSReugkDO4w/XqUGKa26EiPrQ/9s0QGhKyqeNg/CRY+FEH0sEjuK\n" + 511 "ycLgJK0=\n" + 512 "-----END CERTIFICATE-----", 513 514 // SHA256withDSA, 2048 bits 515 // Validity 516 // Not Before: Nov 25 04:19:56 2016 GMT 517 // Not After : Aug 12 04:19:56 2036 GMT 518 // Authority Key Identifier: 519 // 19:46:10:43:24:6A:A5:14:BE:E2:92:01:79:F0:4C:5F:E1:AE:81:B5 520 "-----BEGIN CERTIFICATE-----\n" + 521 "MIIE2jCCBICgAwIBAgIJAONcI1oba9V9MAsGCWCGSAFlAwQDAjA7MQswCQYDVQQG\n" + 522 "EwJVUzENMAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2\n" + 523 "Y2UwHhcNMTYxMTI1MDQxOTU2WhcNMzYwODEyMDQxOTU2WjBVMQswCQYDVQQGEwJV\n" + 524 "UzENMAsGA1UECgwESmF2YTEdMBsGA1UECwwUU3VuSlNTRSBUZXN0IFNlcml2Y2Ux\n" + 525 "GDAWBgNVBAMMD1JlZ3Jlc3Npb24gVGVzdDCCA0YwggI5BgcqhkjOOAQBMIICLAKC\n" + 526 "AQEAlrXtlh0gKG/nJ5i48rfNfGBQQYax1QMDN9BTG0yvIK1zdo2BYvGw3X9Bi+n2\n" + 527 "/6GHi3CcbbRV6YIQf1CXHTo/GDvgPBI4DzdJ5w7bLtx2Casel6n12vEptdVlp/AG\n" + 528 "FtNLCFX4gM7sQ7r4tpG9m7Jr9g6o0gT0Q3EVWTQ2s2wMHql8MRdmwJkAsw3aZyXw\n" + 529 "oafWru93MlBQRXsXq4sY/ffOdV+ZDJYkfdhbT1ZUIVce8PNkcZcM7Y7ZDAhTUHkC\n" + 530 "xec4Z4ucqBfMSsKg0rBRtUU/RbQ5V4mjilxl8v/xNUQsYb3QC64fVXcayro93MIM\n" + 531 "/DhS/+/mbv/qTBeoFDEAkDuOEwIhAI5EgZWYfLmcEtGEg/i8Lu+xPFvgJMCk9WZl\n" + 532 "4vmBMjC1AoIBAHZVktjbaTb4hAzp15EYrcuXu08KEasqcaZNu1ROEjNrvRKn0OZM\n" + 533 "GIvMwRj4iAbyRi5PlJNXFaOzRzFcIpkYxBa2Kgy2Jc8DYzccDT/wTSYMtKbNvREB\n" + 534 "3bHGcPIay6qjV5WbHs8uM3dufcSOEP/6Pd0nHdlVJwwbKruxVamlS+m50ReL7Z61\n" + 535 "/oZQeOtxfbuO6ju7jNDV7ML8dgbUf6MQWoaF1Dpvsf4sEdkf0t6A7IhlMyvMBj9P\n" + 536 "Aivvuxes0lZGjGYMSsoH7xtEPJtiE0mzCVmbQ3lhhSU+Z6mBuXpfPAK/TLR3zWHd\n" + 537 "trKog8tcRS1ECX0a4zSE0CUDVj6pKf3EsVgDggEFAAKCAQBEGmdP55PyE3M+Q3fU\n" + 538 "dCGq0sbKw/04xPVhaNYRnRKNR82n+wb8bMCI1vvFqXy1BB6svti4mTHbQZ8+bQXm\n" + 539 "gyce67uYMwIa5BIk6omNGCeW/kd4ruPgyFxeb6O/Y/7w6AWyRmQttlxRA5M5OhSC\n" + 540 "tVS4oVC1KK1EfHAUh7mu8S8GrWJoJAWA3PM97Oy/HSGCEUl6HGEu1m7FHPhOKeYG\n" + 541 "cLkSaov5cbCYO76smHchI+tdUciVqeL3YKQdS+KAzsQoeAZIu/WpbaI1V+5/rSG1\n" + 542 "I94uBITLCjlJfJZ1aredCDrRXOFH7qgSBhM8/WzwFpFCnnpbSKMgrcrKubsFmW9E\n" + 543 "jQhXo2MwYTALBgNVHQ8EBAMCA+gwHQYDVR0OBBYEFNA9PhQOjB+05fxxXPNqe0OT\n" + 544 "doCjMB8GA1UdIwQYMBaAFBlGEEMkaqUUvuKSAXnwTF/hroG1MBIGA1UdEQEB/wQI\n" + 545 "MAaHBH8AAAEwCwYJYIZIAWUDBAMCA0cAMEQCIE0LM2sZi+L8tjH9sgjLEwJmYZvO\n" + 546 "yqNfQnXrkTCb+MLMAiBZLaRTVJrOW3edQjum+SonKKuiN22bRclO6pGuNRCtng==\n" + 547 "-----END CERTIFICATE-----" 548 }; 549 550 // Private key in the format of PKCS#8. 551 private final static String[] endEntityPrivateKeys = { 552 // 553 // EC private key related to cert endEntityCertStrs[0]. 554 // 555 "MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgGAy4Pxrd2keM7AdP\n" + 556 "VNUMEO5iO681v4/tstVGfdXkCTuhRANCAATjK9EZW/L2JUBPK4c8lV1fr6WH8Yub\n" + 557 "+xEnmotP/c9UU6g0i+URU2IBGjvGHKPanpud/faA2Dlh75ALDbRVS/0T", 558 559 // 560 // RSA private key related to cert endEntityCertStrs[1]. 561 // 562 "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCVhXfgBAGVkQW7\n" + 563 "mvWseAiYMl6FNzcfc8JMW8c9gxmebCW/+uG/5igc+JoE+nJJyT6wr97y4Pb+ls5a\n" + 564 "SKiEsxD+gEcZjA06JrfKaURag6t9bhid3Clr4acBtfdh8CVMb242WL6rM1wOaYjr\n" + 565 "RVmvrgWrykhf3V16zF4ow5ei2y9xlOKWS5nlD/D0clH8FoXMtx4pASMe3xgnDQfn\n" + 566 "R17QeQ04MXUfMqUwgecRX4YC/RKjvF9KYp/m7m36ReSGOvKeQeKG+xHTZgQk1MhQ\n" + 567 "DdzIfa+PWc8KWCL4vbITZnXcDGpCTgfWGjLEZnNxGplFaXUdH0fG2OUbYGcBIbWo\n" + 568 "s6dg5EtBAgMBAAECggEBAI5toQ8HQesTRf67UaKEhMtVz6veOOgBAOhz1IrHwzOh\n" + 569 "mSQS+9AskbFnLm/nkc6voMP2A84gdad2SALAi6Y8XMfRsein/EGUeCabt7zxB/5n\n" + 570 "TZOyENLvFIMQryHf++efjcC/MIEsX1hrNz3FxfUPM9+8xMxstYsv+dGi32MGn171\n" + 571 "G1AKFOqs/n0X16Sh1kLtkHq1xaqZJUYQyrBasFtCPDwCFhhkwsxGQZ2Dcy3gFDxy\n" + 572 "5O5IMSxFtaoiTLrnA/X4MxM3OyA57EG+KWtrokahTMmhPwysodlIS8kw3ROtCYBx\n" + 573 "7FLclf49LDtiUtjLoyF+I8WCr44/zp7c13HlBijoNAECgYEAxdSLeCkWSuopZmjP\n" + 574 "j0Cj00pME3W3gsy/1QQxRM+FfRQ6U1evNLp4JKakJUlZ+/xtsd1H9a6FAEzrgcbJ\n" + 575 "xY8W++3IFUNLYop9c9/VXaaKLG2QyfoqBNAHROKyRxoKihDdPgNFwxcwI2tWJEnE\n" + 576 "kBDZ+Kn4dAcxO3j/nVzD/Gvg5PECgYEAwXyGSo7Xzf0zwej1uVx5kSOKfn5dRUbr\n" + 577 "2DDUleMFm7pnOIDriQ+pz6euROJNieoesX1Bo/PaML2095ljb19DI9U1OWMXFhTL\n" + 578 "lKH/yOuDAdUTswp085ohPOCr48+QWLL6Awicd08L6tjg7Fm4j+VXaaNBbXuXOfjG\n" + 579 "KeK+FOU9i1ECgYA4NNcbYLEQv87bZdPy426oTWen774fz4SBRRuqbTuD+gdIPpVs\n" + 580 "6b3Qy/e/EEQcr++KpVAYoWjwWOpgiNYy5yCkmz5JrEDy0l4qWeIJJZQEY2zLtePS\n" + 581 "Ujh+fdohEWkFKR1yzQM5FpF6vrhOvxa1x9PmLoSEkraOKyaU0xJr2UqgQQKBgGG1\n" + 582 "yPuN912HKMQcKTtaf+nT0PTgS6nYjvG2dyTaaNKj58yZDllBF7hOLauLvSyQlr97\n" + 583 "SdLKKr3Cj8kaJSTxLq7B1QcOC3KTPdvpk4qbpKUgPbqE5Vq/01ky/JsnDvY8LBWs\n" + 584 "G5gEyzfmHnA9Pv8sCmDGmRv49f3IrAoq/2L+AX6BAoGBAJ1Wf2Qg8ox75ir0e1kH\n" + 585 "8r+Lmr3gsoxKfh/0fTPV5mbH7PBOSzXwg5fiDUngy9aMDkqCAum5y2Jg0aHhx1Df\n" + 586 "0dTiKsMBCEmPI3/2/O6gJ+HJ0xX6LxmwU9m21xM055IuS5oDXJhonJa2fWusQS1s\n" + 587 "oqd5EGtoPFy0ccqHzYCv3F5A", 588 589 // 590 // EC private key related to cert endEntityCertStrs[2]. 591 // 592 "MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgomzbfLMRU6+4FNsa\n" + 593 "KQ+qutNxLGgKmRcXWGbFKt71RzqhRANCAATpTrYQVc0glNEz0YlvjuJoTp9GRxN9\n" + 594 "/MC4cuB2IjJ7gVVs5di+5K0qQlyjP2//2v9GD6GwBFym0oYdKBcaOdSC", 595 596 // 597 // DSA private key related to cert endEntityCertStrs[3]. 598 // 599 "MIICZAIBADCCAjkGByqGSM44BAEwggIsAoIBAQCWte2WHSAob+cnmLjyt818YFBB\n" + 600 "hrHVAwM30FMbTK8grXN2jYFi8bDdf0GL6fb/oYeLcJxttFXpghB/UJcdOj8YO+A8\n" + 601 "EjgPN0nnDtsu3HYJqx6XqfXa8Sm11WWn8AYW00sIVfiAzuxDuvi2kb2bsmv2DqjS\n" + 602 "BPRDcRVZNDazbAweqXwxF2bAmQCzDdpnJfChp9au73cyUFBFexerixj99851X5kM\n" + 603 "liR92FtPVlQhVx7w82RxlwztjtkMCFNQeQLF5zhni5yoF8xKwqDSsFG1RT9FtDlX\n" + 604 "iaOKXGXy//E1RCxhvdALrh9VdxrKuj3cwgz8OFL/7+Zu/+pMF6gUMQCQO44TAiEA\n" + 605 "jkSBlZh8uZwS0YSD+Lwu77E8W+AkwKT1ZmXi+YEyMLUCggEAdlWS2NtpNviEDOnX\n" + 606 "kRity5e7TwoRqypxpk27VE4SM2u9EqfQ5kwYi8zBGPiIBvJGLk+Uk1cVo7NHMVwi\n" + 607 "mRjEFrYqDLYlzwNjNxwNP/BNJgy0ps29EQHdscZw8hrLqqNXlZsezy4zd259xI4Q\n" + 608 "//o93Scd2VUnDBsqu7FVqaVL6bnRF4vtnrX+hlB463F9u47qO7uM0NXswvx2BtR/\n" + 609 "oxBahoXUOm+x/iwR2R/S3oDsiGUzK8wGP08CK++7F6zSVkaMZgxKygfvG0Q8m2IT\n" + 610 "SbMJWZtDeWGFJT5nqYG5el88Ar9MtHfNYd22sqiDy1xFLUQJfRrjNITQJQNWPqkp\n" + 611 "/cSxWAQiAiAKHYbYwEy0XS9J0MeKQmqPswn0nCJKvH+esfMKkZvV3w==" 612 }; 613 614 // Private key algorithm of endEntityPrivateKeys. 615 private final static String[] endEntityPrivateKeyAlgs = { 616 "EC", 617 "RSA", 618 "EC", 619 "DSA", 620 }; 621 622 // Private key names of endEntityPrivateKeys. 623 private final static String[] endEntityPrivateKeyNames = { 624 "ecdsa", 625 "rsa", 626 "ec-rsa", 627 "dsa", 628 }; 629 630 /* 631 * Create an instance of SSLContext with the specified trust/key materials. 632 */ 633 private SSLContext createSSLContext( 634 String[] trustedMaterials, 635 String[] keyMaterialCerts, 636 String[] keyMaterialKeys, 637 String[] keyMaterialKeyAlgs, 638 String[] keyMaterialKeyNames, 639 ContextParameters params) throws Exception { 640 641 KeyStore ts = null; // trust store 642 KeyStore ks = null; // key store 643 char passphrase[] = "passphrase".toCharArray(); 644 645 // Generate certificate from cert string. 646 CertificateFactory cf = CertificateFactory.getInstance("X.509"); 647 648 // Import the trused certs. 649 ByteArrayInputStream is; 650 if (trustedMaterials != null && trustedMaterials.length != 0) { 651 ts = KeyStore.getInstance("JKS"); 652 ts.load(null, null); 653 654 Certificate[] trustedCert = 655 new Certificate[trustedMaterials.length]; 656 for (int i = 0; i < trustedMaterials.length; i++) { 657 String trustedCertStr = trustedMaterials[i]; 658 659 is = new ByteArrayInputStream(trustedCertStr.getBytes()); 660 try { 661 trustedCert[i] = cf.generateCertificate(is); 662 } finally { 663 is.close(); 664 } 665 666 ts.setCertificateEntry("trusted-cert-" + i, trustedCert[i]); 667 } 668 } 669 670 // Import the key materials. 671 // 672 // Note that certification pathes bigger than one are not supported yet. 673 boolean hasKeyMaterials = 674 (keyMaterialCerts != null) && (keyMaterialCerts.length != 0) && 675 (keyMaterialKeys != null) && (keyMaterialKeys.length != 0) && 676 (keyMaterialKeyAlgs != null) && (keyMaterialKeyAlgs.length != 0) && 677 (keyMaterialCerts.length == keyMaterialKeys.length) && 678 (keyMaterialCerts.length == keyMaterialKeyAlgs.length); 679 if (hasKeyMaterials) { 680 ks = KeyStore.getInstance("JKS"); 681 ks.load(null, null); 682 683 for (int i = 0; i < keyMaterialCerts.length; i++) { 684 String keyCertStr = keyMaterialCerts[i]; 685 686 // generate the private key. 687 PKCS8EncodedKeySpec priKeySpec = new PKCS8EncodedKeySpec( 688 Base64.getMimeDecoder().decode(keyMaterialKeys[i])); 689 KeyFactory kf = 690 KeyFactory.getInstance(keyMaterialKeyAlgs[i]); 691 PrivateKey priKey = kf.generatePrivate(priKeySpec); 692 693 // generate certificate chain 694 is = new ByteArrayInputStream(keyCertStr.getBytes()); 695 Certificate keyCert = null; 696 try { 697 keyCert = cf.generateCertificate(is); 698 } finally { 699 is.close(); 700 } 701 702 Certificate[] chain = new Certificate[] { keyCert }; 703 704 // import the key entry. 705 ks.setKeyEntry("cert-" + keyMaterialKeyNames[i], 706 priKey, passphrase, chain); 707 } 708 } 709 710 // Create an SSLContext object. 711 TrustManagerFactory tmf = 712 TrustManagerFactory.getInstance(params.tmAlgorithm); 713 tmf.init(ts); 714 715 SSLContext context = SSLContext.getInstance(params.contextProtocol); 716 if (hasKeyMaterials && ks != null) { 717 KeyManagerFactory kmf = 718 KeyManagerFactory.getInstance(params.kmAlgorithm); 719 kmf.init(ks, passphrase); 720 721 context.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); 722 } else { 723 context.init(null, tmf.getTrustManagers(), null); 724 } 725 726 return context; 727 } 728 729 /* 730 * ================================================= 731 * Stuffs to boot up the client-server mode testing. 732 */ 733 private Thread clientThread = null; 734 private Thread serverThread = null; 735 private volatile Exception serverException = null; 736 private volatile Exception clientException = null; 737 738 /* 739 * Should we run the client or server in a separate thread? 740 * Both sides can throw exceptions, but do you have a preference 741 * as to which side should be the main thread. 742 */ 743 private static final boolean separateServerThread = false; 744 745 /* 746 * Boot up the testing, used to drive remainder of the test. 747 */ 748 private void bootup() throws Exception { 749 Exception startException = null; 750 try { 751 if (separateServerThread) { 752 startServer(true); 753 startClient(false); 754 } else { 755 startClient(true); 756 startServer(false); 757 } 758 } catch (Exception e) { 759 startException = e; 760 } 761 762 /* 763 * Wait for other side to close down. 764 */ 765 if (separateServerThread) { 766 if (serverThread != null) { 767 serverThread.join(); 768 } 769 } else { 770 if (clientThread != null) { 771 clientThread.join(); 772 } 773 } 774 775 /* 776 * When we get here, the test is pretty much over. 777 * Which side threw the error? 778 */ 779 Exception local; 780 Exception remote; 781 782 if (separateServerThread) { 783 remote = serverException; 784 local = clientException; 785 } else { 786 remote = clientException; 787 local = serverException; 788 } 789 790 Exception exception = null; 791 792 /* 793 * Check various exception conditions. 794 */ 795 if ((local != null) && (remote != null)) { 796 // If both failed, return the curthread's exception. 797 local.initCause(remote); 798 exception = local; 799 } else if (local != null) { 800 exception = local; 801 } else if (remote != null) { 802 exception = remote; 803 } else if (startException != null) { 804 exception = startException; 805 } 806 807 /* 808 * If there was an exception *AND* a startException, 809 * output it. 810 */ 811 if (exception != null) { 812 if (exception != startException && startException != null) { 813 exception.addSuppressed(startException); 814 } 815 throw exception; 816 } 817 818 // Fall-through: no exception to throw! 819 } 820 821 private void startServer(boolean newThread) throws Exception { 822 if (newThread) { 823 serverThread = new Thread() { 824 @Override 825 public void run() { 826 try { 827 doServerSide(); 828 } catch (Exception e) { 829 /* 830 * Our server thread just died. 831 * 832 * Release the client, if not active already... 833 */ 834 logException("Server died", e); 835 serverException = e; 836 } 837 } 838 }; 839 serverThread.start(); 840 } else { 841 try { 842 doServerSide(); 843 } catch (Exception e) { 844 logException("Server failed", e); 845 serverException = e; 846 } 847 } 848 } 849 850 private void startClient(boolean newThread) throws Exception { 851 if (newThread) { 852 clientThread = new Thread() { 853 @Override 854 public void run() { 855 try { 856 doClientSide(); 857 } catch (Exception e) { 858 /* 859 * Our client thread just died. 860 */ 861 logException("Client died", e); 862 clientException = e; 863 } 864 } 865 }; 866 clientThread.start(); 867 } else { 868 try { 869 doClientSide(); 870 } catch (Exception e) { 871 logException("Client failed", e); 872 clientException = e; 873 } 874 } 875 } 876 877 private synchronized void logException(String prefix, Throwable cause) { 878 System.out.println(prefix + ": " + cause); 879 cause.printStackTrace(System.out); 880 } 881 } 882