1 /*
2 * Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24 //
25 // Please run in othervm mode. SunJSSE does not support dynamic system
26 // properties, no way to re-use system properties in samevm/agentvm mode.
27 //
28
29 /*
30 * @test
31 * @bug 8161106 8170329
32 * @modules jdk.crypto.ec
33 * @summary Improve SSLSocket test template
34 * @run main/othervm SSLSocketTemplate
35 */
36
37 import java.io.ByteArrayInputStream;
38 import java.io.InputStream;
39 import java.io.IOException;
40 import java.io.OutputStream;
41 import javax.net.ssl.KeyManagerFactory;
42 import javax.net.ssl.SSLContext;
43 import javax.net.ssl.SSLServerSocket;
44 import javax.net.ssl.SSLServerSocketFactory;
45 import javax.net.ssl.SSLSocket;
46 import javax.net.ssl.SSLSocketFactory;
47 import javax.net.ssl.TrustManagerFactory;
48 import java.net.InetSocketAddress;
49 import java.net.SocketTimeoutException;
50 import java.security.KeyStore;
51 import java.security.PrivateKey;
52 import java.security.KeyFactory;
53 import java.security.cert.Certificate;
54 import java.security.cert.CertificateFactory;
55 import java.security.spec.PKCS8EncodedKeySpec;
56 import java.util.Base64;
57
58 import java.util.concurrent.CountDownLatch;
59 import java.util.concurrent.TimeUnit;
60
61 /**
62 * Template to help speed your client/server tests.
63 *
64 * Two examples that use this template:
65 * test/sun/security/ssl/ServerHandshaker/AnonCipherWithWantClientAuth.java
66 * test/sun/net/www/protocol/https/HttpsClient/ServerIdentityTest.java
67 */
68 public class SSLSocketTemplate {
69
70 /*
71 * ==================
72 * Run the test case.
73 */
74 public static void main(String[] args) throws Exception {
75 (new SSLSocketTemplate()).run();
76 }
77
78 /*
79 * Run the test case.
80 */
81 public void run() throws Exception {
82 bootup();
83 }
84
85 /*
86 * Define the server side application of the test for the specified socket.
87 */
88 protected void runServerApplication(SSLSocket socket) throws Exception {
89 // here comes the test logic
90 InputStream sslIS = socket.getInputStream();
91 OutputStream sslOS = socket.getOutputStream();
92
93 sslIS.read();
94 sslOS.write(85);
95 sslOS.flush();
96 }
97
98 /*
99 * Define the client side application of the test for the specified socket.
100 * This method is used if the returned value of
101 * isCustomizedClientConnection() is false.
102 *
103 * @param socket may be null is no client socket is generated.
104 *
105 * @see #isCustomizedClientConnection()
106 */
107 protected void runClientApplication(SSLSocket socket) throws Exception {
108 InputStream sslIS = socket.getInputStream();
109 OutputStream sslOS = socket.getOutputStream();
110
111 sslOS.write(280);
112 sslOS.flush();
113 sslIS.read();
114 }
115
116 /*
117 * Define the client side application of the test for the specified
118 * server port. This method is used if the returned value of
119 * isCustomizedClientConnection() is true.
120 *
121 * Note that the client need to connect to the server port by itself
122 * for the actual message exchange.
123 *
124 * @see #isCustomizedClientConnection()
125 */
126 protected void runClientApplication(int serverPort) throws Exception {
127 // blank
128 }
129
130 /*
131 * Create an instance of SSLContext for client use.
132 */
133 protected SSLContext createClientSSLContext() throws Exception {
134 return createSSLContext(trustedCertStrs,
135 endEntityCertStrs, endEntityPrivateKeys,
136 endEntityPrivateKeyAlgs,
137 endEntityPrivateKeyNames,
138 getClientContextParameters());
139 }
140
141 /*
142 * Create an instance of SSLContext for server use.
143 */
144 protected SSLContext createServerSSLContext() throws Exception {
145 return createSSLContext(trustedCertStrs,
146 endEntityCertStrs, endEntityPrivateKeys,
147 endEntityPrivateKeyAlgs,
148 endEntityPrivateKeyNames,
149 getServerContextParameters());
150 }
151
152 /*
153 * The parameters used to configure SSLContext.
154 */
155 protected static final class ContextParameters {
156 final String contextProtocol;
157 final String tmAlgorithm;
158 final String kmAlgorithm;
159
160 ContextParameters(String contextProtocol,
161 String tmAlgorithm, String kmAlgorithm) {
162
163 this.contextProtocol = contextProtocol;
164 this.tmAlgorithm = tmAlgorithm;
165 this.kmAlgorithm = kmAlgorithm;
166 }
167 }
168
169 /*
170 * Get the client side parameters of SSLContext.
171 */
172 protected ContextParameters getClientContextParameters() {
173 return new ContextParameters("TLS", "PKIX", "NewSunX509");
174 }
175
176 /*
177 * Get the server side parameters of SSLContext.
178 */
179 protected ContextParameters getServerContextParameters() {
180 return new ContextParameters("TLS", "PKIX", "NewSunX509");
181 }
182
183 /*
184 * Does the client side use customized connection other than
185 * explicit Socket.connect(), for example, URL.openConnection()?
186 */
187 protected boolean isCustomizedClientConnection() {
188 return false;
189 }
190
191 /*
192 * Configure the server side socket.
193 */
194 protected void configureServerSocket(SSLServerSocket socket) {
195
196 }
197
198 /*
199 * =============================================
200 * Define the client and server side operations.
201 *
202 * If the client or server is doing some kind of object creation
203 * that the other side depends on, and that thread prematurely
204 * exits, you may experience a hang. The test harness will
205 * terminate all hung threads after its timeout has expired,
206 * currently 3 minutes by default, but you might try to be
207 * smart about it....
208 */
209
210 /*
211 * Is the server ready to serve?
212 */
213 private final CountDownLatch serverCondition = new CountDownLatch(1);
214
215 /*
216 * Is the client ready to handshake?
217 */
218 private final CountDownLatch clientCondition = new CountDownLatch(1);
219
220 /*
221 * What's the server port? Use any free port by default
222 */
223 private volatile int serverPort = 0;
224
225 /*
226 * Define the server side of the test.
227 */
228 private void doServerSide() throws Exception {
229 // kick start the server side service
230 SSLContext context = createServerSSLContext();
231 SSLServerSocketFactory sslssf = context.getServerSocketFactory();
232 SSLServerSocket sslServerSocket =
233 (SSLServerSocket)sslssf.createServerSocket(serverPort);
234 configureServerSocket(sslServerSocket);
235 serverPort = sslServerSocket.getLocalPort();
236
237 // Signal the client, the server is ready to accept connection.
238 serverCondition.countDown();
239
240 // Try to accept a connection in 30 seconds.
241 SSLSocket sslSocket;
242 try {
243 sslServerSocket.setSoTimeout(30000);
244 sslSocket = (SSLSocket)sslServerSocket.accept();
245 } catch (SocketTimeoutException ste) {
246 // Ignore the test case if no connection within 30 seconds.
247 System.out.println(
248 "No incoming client connection in 30 seconds. " +
249 "Ignore in server side.");
250 return;
251 } finally {
252 sslServerSocket.close();
253 }
254
255 // handle the connection
256 try {
257 // Is it the expected client connection?
258 //
259 // Naughty test cases or third party routines may try to
260 // connection to this server port unintentionally. In
261 // order to mitigate the impact of unexpected client
262 // connections and avoid intermittent failure, it should
263 // be checked that the accepted connection is really linked
264 // to the expected client.
265 boolean clientIsReady =
266 clientCondition.await(30L, TimeUnit.SECONDS);
267
268 if (clientIsReady) {
269 // Run the application in server side.
270 runServerApplication(sslSocket);
271 } else { // Otherwise, ignore
272 // We don't actually care about plain socket connections
273 // for TLS communication testing generally. Just ignore
274 // the test if the accepted connection is not linked to
275 // the expected client or the client connection timeout
276 // in 30 seconds.
277 System.out.println(
278 "The client is not the expected one or timeout. " +
279 "Ignore in server side.");
280 }
281 } finally {
282 sslSocket.close();
283 }
284 }
285
286 /*
287 * Define the client side of the test.
288 */
289 private void doClientSide() throws Exception {
290
291 // Wait for server to get started.
292 //
293 // The server side takes care of the issue if the server cannot
294 // get started in 90 seconds. The client side would just ignore
295 // the test case if the serer is not ready.
296 boolean serverIsReady =
297 serverCondition.await(90L, TimeUnit.SECONDS);
298 if (!serverIsReady) {
299 System.out.println(
300 "The server is not ready yet in 90 seconds. " +
301 "Ignore in client side.");
302 return;
303 }
304
305 if (isCustomizedClientConnection()) {
306 // Signal the server, the client is ready to communicate.
307 clientCondition.countDown();
308
309 // Run the application in client side.
310 runClientApplication(serverPort);
311
312 return;
313 }
314
315 SSLContext context = createClientSSLContext();
316 SSLSocketFactory sslsf = context.getSocketFactory();
317
318 try (SSLSocket sslSocket = (SSLSocket)sslsf.createSocket()) {
319 try {
320 sslSocket.connect(
321 new InetSocketAddress("localhost", serverPort), 15000);
322 } catch (IOException ioe) {
323 // The server side may be impacted by naughty test cases or
324 // third party routines, and cannot accept connections.
325 //
326 // Just ignore the test if the connection cannot be
327 // established.
328 System.out.println(
329 "Cannot make a connection in 15 seconds. " +
330 "Ignore in client side.");
331 return;
332 }
333
334 // OK, here the client and server get connected.
335
336 // Signal the server, the client is ready to communicate.
337 clientCondition.countDown();
338
339 // There is still a chance in theory that the server thread may
340 // wait client-ready timeout and then quit. The chance should
341 // be really rare so we don't consider it until it becomes a
342 // real problem.
343
344 // Run the application in client side.
345 runClientApplication(sslSocket);
346 }
347 }
348
349 /*
350 * =============================================
351 * Stuffs to customize the SSLContext instances.
352 */
353
354 /*
355 * =======================================
356 * Certificates and keys used in the test.
357 */
358 // Trusted certificates.
359 private final static String[] trustedCertStrs = {
360 // SHA256withECDSA, curve prime256v1
361 // Validity
362 // Not Before: Nov 25 04:19:51 2016 GMT
363 // Not After : Nov 5 04:19:51 2037 GMT
364 // Subject Key Identifier:
365 // CA:48:E8:00:C1:42:BD:59:9B:79:D9:B4:B4:CE:3F:68:0C:C8:C4:0C
366 "-----BEGIN CERTIFICATE-----\n" +
367 "MIICHDCCAcGgAwIBAgIJAJtKs6ZEcVjxMAoGCCqGSM49BAMCMDsxCzAJBgNVBAYT\n" +
368 "AlVTMQ0wCwYDVQQKEwRKYXZhMR0wGwYDVQQLExRTdW5KU1NFIFRlc3QgU2VyaXZj\n" +
369 "ZTAeFw0xNjExMjUwNDE5NTFaFw0zNzExMDUwNDE5NTFaMDsxCzAJBgNVBAYTAlVT\n" +
370 "MQ0wCwYDVQQKEwRKYXZhMR0wGwYDVQQLExRTdW5KU1NFIFRlc3QgU2VyaXZjZTBZ\n" +
371 "MBMGByqGSM49AgEGCCqGSM49AwEHA0IABKMO/AFDHZia65RaqMIBX7WBdtzFj8fz\n" +
372 "ggqMADLJhoszS6qfTUDYskETw3uHfB3KAOENsoKX446qFFPuVjxS1aejga0wgaow\n" +
373 "HQYDVR0OBBYEFMpI6ADBQr1Zm3nZtLTOP2gMyMQMMGsGA1UdIwRkMGKAFMpI6ADB\n" +
374 "Qr1Zm3nZtLTOP2gMyMQMoT+kPTA7MQswCQYDVQQGEwJVUzENMAsGA1UEChMESmF2\n" +
375 "YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2WCCQCbSrOmRHFY8TAPBgNV\n" +
376 "HRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNJADBGAiEA5cJ/\n" +
377 "jirBbXxzpZ6kdp/Zb/yrIBnr4jiPGJTLgRTb8s4CIQChUDfP1Zqg0qJVfqFNaL4V\n" +
378 "a0EAeJHXGZnvCGGqHzoxkg==\n" +
379 "-----END CERTIFICATE-----",
380
381 // SHA256withRSA, 2048 bits
382 // Validity
383 // Not Before: Apr 12 06:51:49 2018 GMT
384 // Not After : Apr 7 06:51:49 2038 GMT
385 // Subject Key Identifier:
386 // 14:AE:A5:A9:2C:0F:E3:25:BA:1B:AD:B6:A7:DB:07:F0:4D:14:49:97
387 "-----BEGIN CERTIFICATE-----\n" +
388 "MIIDTDCCAjSgAwIBAgIJALzz9cKBmONRMA0GCSqGSIb3DQEBCwUAMDsxCzAJBgNV\n" +
389 "BAYTAlVTMQ0wCwYDVQQKDARKYXZhMR0wGwYDVQQLDBRTdW5KU1NFIFRlc3QgU2Vy\n" +
390 "aXZjZTAeFw0xODA0MTIwNjUxNDlaFw0zODA0MDcwNjUxNDlaMDsxCzAJBgNVBAYT\n" +
391 "AlVTMQ0wCwYDVQQKDARKYXZhMR0wGwYDVQQLDBRTdW5KU1NFIFRlc3QgU2VyaXZj\n" +
392 "ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANPfPtImftkV2UAB+QPa\n" +
393 "R9udeRxApNphb+70T1p3GFql8sUG6/Rbao5H1QllzZ22+J6xoLVftaDp1S3QibTn\n" +
394 "3hv0KPuzsA7zi83GRp8STSHcwOU5zq5yzkFEPQrQxOYfaRzLrv7+sznXpaWCPb/6\n" +
395 "wGktZrHBXZE0eT1wid7h3DoiOCu1BBLPAImiSk5SVadvQkk6uua4W3M78dzbrE8s\n" +
396 "k6O40Nxyi3gVURU0U/IIm8ur89rYUThzlEdTKRdUfG38oyUvqFclwCbp+3F9BxIa\n" +
397 "5WWmj0avrSFCAuwAoCY762Iah0bRv1SKTE9RzO1P07GNyyIuOZ2J6TlXVBWfzE9V\n" +
398 "DmcCAwEAAaNTMFEwHQYDVR0OBBYEFBSupaksD+MluhuttqfbB/BNFEmXMB8GA1Ud\n" +
399 "IwQYMBaAFBSupaksD+MluhuttqfbB/BNFEmXMA8GA1UdEwEB/wQFMAMBAf8wDQYJ\n" +
400 "KoZIhvcNAQELBQADggEBALXVlY46/qvk7aVrDbJ/u/jmA+gGnEF7PZWg6tuwzME/\n" +
401 "GDd28xwALHw+MgH6sFkKnCCfGnzuLPUMezMNLQxj+uosJvDHkBJ7hReDfowMcTz2\n" +
402 "j0IR+RljNfGcd8lyfq9Jc6t8tTlPLG1ek/ObIMU/NLeK3faqGFLmoJ+xiDGVWhk3\n" +
403 "uPhvc1l1riWaIP67PxpHOuBbOwwFyrkQ7jC0ymi0bdwG4m6BQ1KbWNXoWBnVSTNN\n" +
404 "94C+FOEN6WnxwdX0BA2CPObs3YiUjctzXYaSixG952Lh6lwasrhqd1h6fogtTS4M\n" +
405 "7dfJ99aNjmiQroC7xIe7OIRmGM/UbwA/K5zfQSayuNQ=\n" +
406 "-----END CERTIFICATE-----",
407
408 // SHA256withDSA, 2048 bits
409 // Validity
410 // Not Before: Nov 25 04:19:56 2016 GMT
411 // Not After : Nov 5 04:19:56 2037 GMT
412 // Subject Key Identifier:
413 // 19:46:10:43:24:6A:A5:14:BE:E2:92:01:79:F0:4C:5F:E1:AE:81:B5
414 "-----BEGIN CERTIFICATE-----\n" +
415 "MIIFCzCCBLGgAwIBAgIJAOnEn6YZD/sAMAsGCWCGSAFlAwQDAjA7MQswCQYDVQQG\n" +
416 "EwJVUzENMAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2\n" +
417 "Y2UwHhcNMTYxMTI1MDQxOTU2WhcNMzcxMTA1MDQxOTU2WjA7MQswCQYDVQQGEwJV\n" +
418 "UzENMAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2Uw\n" +
419 "ggNGMIICOQYHKoZIzjgEATCCAiwCggEBAJa17ZYdIChv5yeYuPK3zXxgUEGGsdUD\n" +
420 "AzfQUxtMryCtc3aNgWLxsN1/QYvp9v+hh4twnG20VemCEH9Qlx06Pxg74DwSOA83\n" +
421 "SecO2y7cdgmrHpep9drxKbXVZafwBhbTSwhV+IDO7EO6+LaRvZuya/YOqNIE9ENx\n" +
422 "FVk0NrNsDB6pfDEXZsCZALMN2mcl8KGn1q7vdzJQUEV7F6uLGP33znVfmQyWJH3Y\n" +
423 "W09WVCFXHvDzZHGXDO2O2QwIU1B5AsXnOGeLnKgXzErCoNKwUbVFP0W0OVeJo4pc\n" +
424 "ZfL/8TVELGG90AuuH1V3Gsq6PdzCDPw4Uv/v5m7/6kwXqBQxAJA7jhMCIQCORIGV\n" +
425 "mHy5nBLRhIP4vC7vsTxb4CTApPVmZeL5gTIwtQKCAQB2VZLY22k2+IQM6deRGK3L\n" +
426 "l7tPChGrKnGmTbtUThIza70Sp9DmTBiLzMEY+IgG8kYuT5STVxWjs0cxXCKZGMQW\n" +
427 "tioMtiXPA2M3HA0/8E0mDLSmzb0RAd2xxnDyGsuqo1eVmx7PLjN3bn3EjhD/+j3d\n" +
428 "Jx3ZVScMGyq7sVWppUvpudEXi+2etf6GUHjrcX27juo7u4zQ1ezC/HYG1H+jEFqG\n" +
429 "hdQ6b7H+LBHZH9LegOyIZTMrzAY/TwIr77sXrNJWRoxmDErKB+8bRDybYhNJswlZ\n" +
430 "m0N5YYUlPmepgbl6XzwCv0y0d81h3bayqIPLXEUtRAl9GuM0hNAlA1Y+qSn9xLFY\n" +
431 "A4IBBQACggEAZgWC0uflwqQQP1GRU1tolmFZwyVtKre7SjYgCeQBrOa0Xnj/SLaD\n" +
432 "g1HZ1oH0hccaR/45YouJiCretbbsQ77KouldGSGqTHJgRL75Y2z5uvxa60+YxZ0Z\n" +
433 "v8xvZnj4seyOjgJLxSSYSPl5n/F70RaNiCLVz/kGe6OQ8KoAeQjdDTOHXCegO9KX\n" +
434 "tvhM7EaYc8CII9OIR7S7PXJW0hgLKynZcu/Unh02aM0ABh/uLmw1+tvo8e8KTp98\n" +
435 "NKYSVf6kV3/ya58n4h64UbIYL08JoKUM/5SFETcKAZTU0YKZbpWTM79oJMr8oYVk\n" +
436 "P9jKitNsXq0Xkzt5dSO0kfu/kM7zpnaFsqOBrTCBqjAdBgNVHQ4EFgQUGUYQQyRq\n" +
437 "pRS+4pIBefBMX+GugbUwawYDVR0jBGQwYoAUGUYQQyRqpRS+4pIBefBMX+GugbWh\n" +
438 "P6Q9MDsxCzAJBgNVBAYTAlVTMQ0wCwYDVQQKEwRKYXZhMR0wGwYDVQQLExRTdW5K\n" +
439 "U1NFIFRlc3QgU2VyaXZjZYIJAOnEn6YZD/sAMA8GA1UdEwEB/wQFMAMBAf8wCwYD\n" +
440 "VR0PBAQDAgEGMAsGCWCGSAFlAwQDAgNHADBEAiAwBafz5RRR9nc4cCYoYuBlT/D9\n" +
441 "9eayhkjhBY/zYunypwIgNp/JnFR88/T4hh36QfSKBGXId9RBCM6uaOkOKnEGkps=\n" +
442 "-----END CERTIFICATE-----"
443 };
444
445 // End entity certificate.
446 private final static String[] endEntityCertStrs = {
447 // SHA256withECDSA, curve prime256v1
448 // Validity
449 // Not Before: Nov 25 04:19:51 2016 GMT
450 // Not After : Aug 12 04:19:51 2036 GMT
451 // Authority Key Identifier:
452 // CA:48:E8:00:C1:42:BD:59:9B:79:D9:B4:B4:CE:3F:68:0C:C8:C4:0C
453 "-----BEGIN CERTIFICATE-----\n" +
454 "MIIB1zCCAXygAwIBAgIJAPFq2QL/nUNZMAoGCCqGSM49BAMCMDsxCzAJBgNVBAYT\n" +
455 "AlVTMQ0wCwYDVQQKEwRKYXZhMR0wGwYDVQQLExRTdW5KU1NFIFRlc3QgU2VyaXZj\n" +
456 "ZTAeFw0xNjExMjUwNDE5NTFaFw0zNjA4MTIwNDE5NTFaMFUxCzAJBgNVBAYTAlVT\n" +
457 "MQ0wCwYDVQQKDARKYXZhMR0wGwYDVQQLDBRTdW5KU1NFIFRlc3QgU2VyaXZjZTEY\n" +
458 "MBYGA1UEAwwPUmVncmVzc2lvbiBUZXN0MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD\n" +
459 "QgAE4yvRGVvy9iVATyuHPJVdX6+lh/GLm/sRJ5qLT/3PVFOoNIvlEVNiARo7xhyj\n" +
460 "2p6bnf32gNg5Ye+QCw20VUv9E6NPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSO\n" +
461 "hHlHZQp9hyBfSGTSQWeszqMXejAfBgNVHSMEGDAWgBTKSOgAwUK9WZt52bS0zj9o\n" +
462 "DMjEDDAKBggqhkjOPQQDAgNJADBGAiEAu3t6cvFglBAZfkhZlEwB04ZjUFqyfiRj\n" +
463 "4Hr275E4ZoQCIQDUEonJHlmA19J6oobfR5lYsmoqPm1r0DPm/IiNNKGKKA==\n" +
464 "-----END CERTIFICATE-----",
465
466 // SHA256withRSA, 2048 bits
467 // Validity
468 // Not Before: Apr 12 06:52:29 2018 GMT
469 // Not After : Apr 7 06:52:29 2038 GMT
470 // Authority Key Identifier:
471 // 14:AE:A5:A9:2C:0F:E3:25:BA:1B:AD:B6:A7:DB:07:F0:4D:14:49:97
472 "-----BEGIN CERTIFICATE-----\n" +
473 "MIIDDDCCAfQCCQDd9PfUCpKn0DANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJV\n" +
474 "UzENMAsGA1UECgwESmF2YTEdMBsGA1UECwwUU3VuSlNTRSBUZXN0IFNlcml2Y2Uw\n" +
475 "HhcNMTgwNDEyMDY1MjI5WhcNMzgwNDA3MDY1MjI5WjBVMQswCQYDVQQGEwJVUzEN\n" +
476 "MAsGA1UECgwESmF2YTEdMBsGA1UECwwUU3VuSlNTRSBUZXN0IFNlcml2Y2UxGDAW\n" +
477 "BgNVBAMMD1JlZ3Jlc3Npb24gVGVzdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC\n" +
478 "AQoCggEBAJWFd+AEAZWRBbua9ax4CJgyXoU3Nx9zwkxbxz2DGZ5sJb/64b/mKBz4\n" +
479 "mgT6cknJPrCv3vLg9v6WzlpIqISzEP6ARxmMDTomt8ppRFqDq31uGJ3cKWvhpwG1\n" +
480 "92HwJUxvbjZYvqszXA5piOtFWa+uBavKSF/dXXrMXijDl6LbL3GU4pZLmeUP8PRy\n" +
481 "UfwWhcy3HikBIx7fGCcNB+dHXtB5DTgxdR8ypTCB5xFfhgL9EqO8X0pin+bubfpF\n" +
482 "5IY68p5B4ob7EdNmBCTUyFAN3Mh9r49ZzwpYIvi9shNmddwMakJOB9YaMsRmc3Ea\n" +
483 "mUVpdR0fR8bY5RtgZwEhtaizp2DkS0ECAwEAATANBgkqhkiG9w0BAQsFAAOCAQEA\n" +
484 "pUqCPnpeUITq9tfDdB9rolb5dV3fIhRtj0rsjimKbcMAeYAkb3qHvlZOLZ/PMD3v\n" +
485 "y8J9TJ88YPGGOUXCsAqJ88Ous883xqLkOjZYEiY/0gdU2/v6uQ35lgHtJynmzO3E\n" +
486 "YUbwleJETUNA66sOtiW7om9vcAVPu3mmea5bZkkdwxydn/IZvVYp5JLu4MuJpfh1\n" +
487 "lWpC3z2U7DgZrt4ZQGzok+DRnGiKIOo+G2JvLVIKz/rbsIbjDBqQTdt7TKLu8wbV\n" +
488 "UdN8SOF7qZhBpiwQHZCmiw8KhQ5R/aNDQxCVfMOXcAGqmiFpdHPqWgxCob778mjc\n" +
489 "Na2CGaztVh+f9MSz3j/Hmg==\n" +
490 "-----END CERTIFICATE-----",
491
492 // SHA256withRSA, curv prime256v1
493 // Validity
494 // Not Before: Apr 12 06:54:43 2018 GMT
495 // Not After : Apr 7 06:54:43 2038 GMT
496 // Authority Key Identifier:
497 // 14:AE:A5:A9:2C:0F:E3:25:BA:1B:AD:B6:A7:DB:07:F0:4D:14:49:97
498 "-----BEGIN CERTIFICATE-----\n" +
499 "MIICQTCCASkCCQDd9PfUCpKn0TANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJV\n" +
500 "UzENMAsGA1UECgwESmF2YTEdMBsGA1UECwwUU3VuSlNTRSBUZXN0IFNlcml2Y2Uw\n" +
501 "HhcNMTgwNDEyMDY1NDQzWhcNMzgwNDA3MDY1NDQzWjBVMQswCQYDVQQGEwJVUzEN\n" +
502 "MAsGA1UECgwESmF2YTEdMBsGA1UECwwUU3VuSlNTRSBUZXN0IFNlcml2Y2UxGDAW\n" +
503 "BgNVBAMMD1JlZ3Jlc3Npb24gVGVzdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA\n" +
504 "BOlOthBVzSCU0TPRiW+O4mhOn0ZHE338wLhy4HYiMnuBVWzl2L7krSpCXKM/b//a\n" +
505 "/0YPobAEXKbShh0oFxo51IIwDQYJKoZIhvcNAQELBQADggEBAD/a7z31ODFCSdyf\n" +
506 "AUq5vYsVZIV4s2J2tJh5piYoipP0BKRcthw1RtvqbNZFjB5DLyWVq39Tk6gCJvKo\n" +
507 "csaV3O/VRaQWRyLD1Ak7T0oG5eZDlpYWwjzyMMR32NjOyRG6clWWQx5O7Pc2uxvz\n" +
508 "GL8Pf+YgKU5QLqcghN+104e3+GMzmNccmK5nBmr2Lz1Hy54JxGRXUEKI85VoiUgk\n" +
509 "ArF0RLeUQxBFFBrYBsqLY6DI+Rgvhxk9ri9Udoa3sn8pYfNqxe1beyazbn4ChM6z\n" +
510 "y/7/we+wAnPaPSReugkDO4w/XqUGKa26EiPrQ/9s0QGhKyqeNg/CRY+FEH0sEjuK\n" +
511 "ycLgJK0=\n" +
512 "-----END CERTIFICATE-----",
513
514 // SHA256withDSA, 2048 bits
515 // Validity
516 // Not Before: Nov 25 04:19:56 2016 GMT
517 // Not After : Aug 12 04:19:56 2036 GMT
518 // Authority Key Identifier:
519 // 19:46:10:43:24:6A:A5:14:BE:E2:92:01:79:F0:4C:5F:E1:AE:81:B5
520 "-----BEGIN CERTIFICATE-----\n" +
521 "MIIE2jCCBICgAwIBAgIJAONcI1oba9V9MAsGCWCGSAFlAwQDAjA7MQswCQYDVQQG\n" +
522 "EwJVUzENMAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2\n" +
523 "Y2UwHhcNMTYxMTI1MDQxOTU2WhcNMzYwODEyMDQxOTU2WjBVMQswCQYDVQQGEwJV\n" +
524 "UzENMAsGA1UECgwESmF2YTEdMBsGA1UECwwUU3VuSlNTRSBUZXN0IFNlcml2Y2Ux\n" +
525 "GDAWBgNVBAMMD1JlZ3Jlc3Npb24gVGVzdDCCA0YwggI5BgcqhkjOOAQBMIICLAKC\n" +
526 "AQEAlrXtlh0gKG/nJ5i48rfNfGBQQYax1QMDN9BTG0yvIK1zdo2BYvGw3X9Bi+n2\n" +
527 "/6GHi3CcbbRV6YIQf1CXHTo/GDvgPBI4DzdJ5w7bLtx2Casel6n12vEptdVlp/AG\n" +
528 "FtNLCFX4gM7sQ7r4tpG9m7Jr9g6o0gT0Q3EVWTQ2s2wMHql8MRdmwJkAsw3aZyXw\n" +
529 "oafWru93MlBQRXsXq4sY/ffOdV+ZDJYkfdhbT1ZUIVce8PNkcZcM7Y7ZDAhTUHkC\n" +
530 "xec4Z4ucqBfMSsKg0rBRtUU/RbQ5V4mjilxl8v/xNUQsYb3QC64fVXcayro93MIM\n" +
531 "/DhS/+/mbv/qTBeoFDEAkDuOEwIhAI5EgZWYfLmcEtGEg/i8Lu+xPFvgJMCk9WZl\n" +
532 "4vmBMjC1AoIBAHZVktjbaTb4hAzp15EYrcuXu08KEasqcaZNu1ROEjNrvRKn0OZM\n" +
533 "GIvMwRj4iAbyRi5PlJNXFaOzRzFcIpkYxBa2Kgy2Jc8DYzccDT/wTSYMtKbNvREB\n" +
534 "3bHGcPIay6qjV5WbHs8uM3dufcSOEP/6Pd0nHdlVJwwbKruxVamlS+m50ReL7Z61\n" +
535 "/oZQeOtxfbuO6ju7jNDV7ML8dgbUf6MQWoaF1Dpvsf4sEdkf0t6A7IhlMyvMBj9P\n" +
536 "Aivvuxes0lZGjGYMSsoH7xtEPJtiE0mzCVmbQ3lhhSU+Z6mBuXpfPAK/TLR3zWHd\n" +
537 "trKog8tcRS1ECX0a4zSE0CUDVj6pKf3EsVgDggEFAAKCAQBEGmdP55PyE3M+Q3fU\n" +
538 "dCGq0sbKw/04xPVhaNYRnRKNR82n+wb8bMCI1vvFqXy1BB6svti4mTHbQZ8+bQXm\n" +
539 "gyce67uYMwIa5BIk6omNGCeW/kd4ruPgyFxeb6O/Y/7w6AWyRmQttlxRA5M5OhSC\n" +
540 "tVS4oVC1KK1EfHAUh7mu8S8GrWJoJAWA3PM97Oy/HSGCEUl6HGEu1m7FHPhOKeYG\n" +
541 "cLkSaov5cbCYO76smHchI+tdUciVqeL3YKQdS+KAzsQoeAZIu/WpbaI1V+5/rSG1\n" +
542 "I94uBITLCjlJfJZ1aredCDrRXOFH7qgSBhM8/WzwFpFCnnpbSKMgrcrKubsFmW9E\n" +
543 "jQhXo2MwYTALBgNVHQ8EBAMCA+gwHQYDVR0OBBYEFNA9PhQOjB+05fxxXPNqe0OT\n" +
544 "doCjMB8GA1UdIwQYMBaAFBlGEEMkaqUUvuKSAXnwTF/hroG1MBIGA1UdEQEB/wQI\n" +
545 "MAaHBH8AAAEwCwYJYIZIAWUDBAMCA0cAMEQCIE0LM2sZi+L8tjH9sgjLEwJmYZvO\n" +
546 "yqNfQnXrkTCb+MLMAiBZLaRTVJrOW3edQjum+SonKKuiN22bRclO6pGuNRCtng==\n" +
547 "-----END CERTIFICATE-----"
548 };
549
550 // Private key in the format of PKCS#8.
551 private final static String[] endEntityPrivateKeys = {
552 //
553 // EC private key related to cert endEntityCertStrs[0].
554 //
555 "MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgGAy4Pxrd2keM7AdP\n" +
556 "VNUMEO5iO681v4/tstVGfdXkCTuhRANCAATjK9EZW/L2JUBPK4c8lV1fr6WH8Yub\n" +
557 "+xEnmotP/c9UU6g0i+URU2IBGjvGHKPanpud/faA2Dlh75ALDbRVS/0T",
558
559 //
560 // RSA private key related to cert endEntityCertStrs[1].
561 //
562 "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCVhXfgBAGVkQW7\n" +
563 "mvWseAiYMl6FNzcfc8JMW8c9gxmebCW/+uG/5igc+JoE+nJJyT6wr97y4Pb+ls5a\n" +
564 "SKiEsxD+gEcZjA06JrfKaURag6t9bhid3Clr4acBtfdh8CVMb242WL6rM1wOaYjr\n" +
565 "RVmvrgWrykhf3V16zF4ow5ei2y9xlOKWS5nlD/D0clH8FoXMtx4pASMe3xgnDQfn\n" +
566 "R17QeQ04MXUfMqUwgecRX4YC/RKjvF9KYp/m7m36ReSGOvKeQeKG+xHTZgQk1MhQ\n" +
567 "DdzIfa+PWc8KWCL4vbITZnXcDGpCTgfWGjLEZnNxGplFaXUdH0fG2OUbYGcBIbWo\n" +
568 "s6dg5EtBAgMBAAECggEBAI5toQ8HQesTRf67UaKEhMtVz6veOOgBAOhz1IrHwzOh\n" +
569 "mSQS+9AskbFnLm/nkc6voMP2A84gdad2SALAi6Y8XMfRsein/EGUeCabt7zxB/5n\n" +
570 "TZOyENLvFIMQryHf++efjcC/MIEsX1hrNz3FxfUPM9+8xMxstYsv+dGi32MGn171\n" +
571 "G1AKFOqs/n0X16Sh1kLtkHq1xaqZJUYQyrBasFtCPDwCFhhkwsxGQZ2Dcy3gFDxy\n" +
572 "5O5IMSxFtaoiTLrnA/X4MxM3OyA57EG+KWtrokahTMmhPwysodlIS8kw3ROtCYBx\n" +
573 "7FLclf49LDtiUtjLoyF+I8WCr44/zp7c13HlBijoNAECgYEAxdSLeCkWSuopZmjP\n" +
574 "j0Cj00pME3W3gsy/1QQxRM+FfRQ6U1evNLp4JKakJUlZ+/xtsd1H9a6FAEzrgcbJ\n" +
575 "xY8W++3IFUNLYop9c9/VXaaKLG2QyfoqBNAHROKyRxoKihDdPgNFwxcwI2tWJEnE\n" +
576 "kBDZ+Kn4dAcxO3j/nVzD/Gvg5PECgYEAwXyGSo7Xzf0zwej1uVx5kSOKfn5dRUbr\n" +
577 "2DDUleMFm7pnOIDriQ+pz6euROJNieoesX1Bo/PaML2095ljb19DI9U1OWMXFhTL\n" +
578 "lKH/yOuDAdUTswp085ohPOCr48+QWLL6Awicd08L6tjg7Fm4j+VXaaNBbXuXOfjG\n" +
579 "KeK+FOU9i1ECgYA4NNcbYLEQv87bZdPy426oTWen774fz4SBRRuqbTuD+gdIPpVs\n" +
580 "6b3Qy/e/EEQcr++KpVAYoWjwWOpgiNYy5yCkmz5JrEDy0l4qWeIJJZQEY2zLtePS\n" +
581 "Ujh+fdohEWkFKR1yzQM5FpF6vrhOvxa1x9PmLoSEkraOKyaU0xJr2UqgQQKBgGG1\n" +
582 "yPuN912HKMQcKTtaf+nT0PTgS6nYjvG2dyTaaNKj58yZDllBF7hOLauLvSyQlr97\n" +
583 "SdLKKr3Cj8kaJSTxLq7B1QcOC3KTPdvpk4qbpKUgPbqE5Vq/01ky/JsnDvY8LBWs\n" +
584 "G5gEyzfmHnA9Pv8sCmDGmRv49f3IrAoq/2L+AX6BAoGBAJ1Wf2Qg8ox75ir0e1kH\n" +
585 "8r+Lmr3gsoxKfh/0fTPV5mbH7PBOSzXwg5fiDUngy9aMDkqCAum5y2Jg0aHhx1Df\n" +
586 "0dTiKsMBCEmPI3/2/O6gJ+HJ0xX6LxmwU9m21xM055IuS5oDXJhonJa2fWusQS1s\n" +
587 "oqd5EGtoPFy0ccqHzYCv3F5A",
588
589 //
590 // EC private key related to cert endEntityCertStrs[2].
591 //
592 "MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgomzbfLMRU6+4FNsa\n" +
593 "KQ+qutNxLGgKmRcXWGbFKt71RzqhRANCAATpTrYQVc0glNEz0YlvjuJoTp9GRxN9\n" +
594 "/MC4cuB2IjJ7gVVs5di+5K0qQlyjP2//2v9GD6GwBFym0oYdKBcaOdSC",
595
596 //
597 // DSA private key related to cert endEntityCertStrs[3].
598 //
599 "MIICZAIBADCCAjkGByqGSM44BAEwggIsAoIBAQCWte2WHSAob+cnmLjyt818YFBB\n" +
600 "hrHVAwM30FMbTK8grXN2jYFi8bDdf0GL6fb/oYeLcJxttFXpghB/UJcdOj8YO+A8\n" +
601 "EjgPN0nnDtsu3HYJqx6XqfXa8Sm11WWn8AYW00sIVfiAzuxDuvi2kb2bsmv2DqjS\n" +
602 "BPRDcRVZNDazbAweqXwxF2bAmQCzDdpnJfChp9au73cyUFBFexerixj99851X5kM\n" +
603 "liR92FtPVlQhVx7w82RxlwztjtkMCFNQeQLF5zhni5yoF8xKwqDSsFG1RT9FtDlX\n" +
604 "iaOKXGXy//E1RCxhvdALrh9VdxrKuj3cwgz8OFL/7+Zu/+pMF6gUMQCQO44TAiEA\n" +
605 "jkSBlZh8uZwS0YSD+Lwu77E8W+AkwKT1ZmXi+YEyMLUCggEAdlWS2NtpNviEDOnX\n" +
606 "kRity5e7TwoRqypxpk27VE4SM2u9EqfQ5kwYi8zBGPiIBvJGLk+Uk1cVo7NHMVwi\n" +
607 "mRjEFrYqDLYlzwNjNxwNP/BNJgy0ps29EQHdscZw8hrLqqNXlZsezy4zd259xI4Q\n" +
608 "//o93Scd2VUnDBsqu7FVqaVL6bnRF4vtnrX+hlB463F9u47qO7uM0NXswvx2BtR/\n" +
609 "oxBahoXUOm+x/iwR2R/S3oDsiGUzK8wGP08CK++7F6zSVkaMZgxKygfvG0Q8m2IT\n" +
610 "SbMJWZtDeWGFJT5nqYG5el88Ar9MtHfNYd22sqiDy1xFLUQJfRrjNITQJQNWPqkp\n" +
611 "/cSxWAQiAiAKHYbYwEy0XS9J0MeKQmqPswn0nCJKvH+esfMKkZvV3w=="
612 };
613
614 // Private key algorithm of endEntityPrivateKeys.
615 private final static String[] endEntityPrivateKeyAlgs = {
616 "EC",
617 "RSA",
618 "EC",
619 "DSA",
620 };
621
622 // Private key names of endEntityPrivateKeys.
623 private final static String[] endEntityPrivateKeyNames = {
624 "ecdsa",
625 "rsa",
626 "ec-rsa",
627 "dsa",
628 };
629
630 /*
631 * Create an instance of SSLContext with the specified trust/key materials.
632 */
633 private SSLContext createSSLContext(
634 String[] trustedMaterials,
635 String[] keyMaterialCerts,
636 String[] keyMaterialKeys,
637 String[] keyMaterialKeyAlgs,
638 String[] keyMaterialKeyNames,
639 ContextParameters params) throws Exception {
640
641 KeyStore ts = null; // trust store
642 KeyStore ks = null; // key store
643 char passphrase[] = "passphrase".toCharArray();
644
645 // Generate certificate from cert string.
646 CertificateFactory cf = CertificateFactory.getInstance("X.509");
647
648 // Import the trused certs.
649 ByteArrayInputStream is;
650 if (trustedMaterials != null && trustedMaterials.length != 0) {
651 ts = KeyStore.getInstance("JKS");
652 ts.load(null, null);
653
654 Certificate[] trustedCert =
655 new Certificate[trustedMaterials.length];
656 for (int i = 0; i < trustedMaterials.length; i++) {
657 String trustedCertStr = trustedMaterials[i];
658
659 is = new ByteArrayInputStream(trustedCertStr.getBytes());
660 try {
661 trustedCert[i] = cf.generateCertificate(is);
662 } finally {
663 is.close();
664 }
665
666 ts.setCertificateEntry("trusted-cert-" + i, trustedCert[i]);
667 }
668 }
669
670 // Import the key materials.
671 //
672 // Note that certification pathes bigger than one are not supported yet.
673 boolean hasKeyMaterials =
674 (keyMaterialCerts != null) && (keyMaterialCerts.length != 0) &&
675 (keyMaterialKeys != null) && (keyMaterialKeys.length != 0) &&
676 (keyMaterialKeyAlgs != null) && (keyMaterialKeyAlgs.length != 0) &&
677 (keyMaterialCerts.length == keyMaterialKeys.length) &&
678 (keyMaterialCerts.length == keyMaterialKeyAlgs.length);
679 if (hasKeyMaterials) {
680 ks = KeyStore.getInstance("JKS");
681 ks.load(null, null);
682
683 for (int i = 0; i < keyMaterialCerts.length; i++) {
684 String keyCertStr = keyMaterialCerts[i];
685
686 // generate the private key.
687 PKCS8EncodedKeySpec priKeySpec = new PKCS8EncodedKeySpec(
688 Base64.getMimeDecoder().decode(keyMaterialKeys[i]));
689 KeyFactory kf =
690 KeyFactory.getInstance(keyMaterialKeyAlgs[i]);
691 PrivateKey priKey = kf.generatePrivate(priKeySpec);
692
693 // generate certificate chain
694 is = new ByteArrayInputStream(keyCertStr.getBytes());
695 Certificate keyCert = null;
696 try {
697 keyCert = cf.generateCertificate(is);
698 } finally {
699 is.close();
700 }
701
702 Certificate[] chain = new Certificate[] { keyCert };
703
704 // import the key entry.
705 ks.setKeyEntry("cert-" + keyMaterialKeyNames[i],
706 priKey, passphrase, chain);
707 }
708 }
709
710 // Create an SSLContext object.
711 TrustManagerFactory tmf =
712 TrustManagerFactory.getInstance(params.tmAlgorithm);
713 tmf.init(ts);
714
715 SSLContext context = SSLContext.getInstance(params.contextProtocol);
716 if (hasKeyMaterials && ks != null) {
717 KeyManagerFactory kmf =
718 KeyManagerFactory.getInstance(params.kmAlgorithm);
719 kmf.init(ks, passphrase);
720
721 context.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
722 } else {
723 context.init(null, tmf.getTrustManagers(), null);
724 }
725
726 return context;
727 }
728
729 /*
730 * =================================================
731 * Stuffs to boot up the client-server mode testing.
732 */
733 private Thread clientThread = null;
734 private Thread serverThread = null;
735 private volatile Exception serverException = null;
736 private volatile Exception clientException = null;
737
738 /*
739 * Should we run the client or server in a separate thread?
740 * Both sides can throw exceptions, but do you have a preference
741 * as to which side should be the main thread.
742 */
743 private static final boolean separateServerThread = false;
744
745 /*
746 * Boot up the testing, used to drive remainder of the test.
747 */
748 private void bootup() throws Exception {
749 Exception startException = null;
750 try {
751 if (separateServerThread) {
752 startServer(true);
753 startClient(false);
754 } else {
755 startClient(true);
756 startServer(false);
757 }
758 } catch (Exception e) {
759 startException = e;
760 }
761
762 /*
763 * Wait for other side to close down.
764 */
765 if (separateServerThread) {
766 if (serverThread != null) {
767 serverThread.join();
768 }
769 } else {
770 if (clientThread != null) {
771 clientThread.join();
772 }
773 }
774
775 /*
776 * When we get here, the test is pretty much over.
777 * Which side threw the error?
778 */
779 Exception local;
780 Exception remote;
781
782 if (separateServerThread) {
783 remote = serverException;
784 local = clientException;
785 } else {
786 remote = clientException;
787 local = serverException;
788 }
789
790 Exception exception = null;
791
792 /*
793 * Check various exception conditions.
794 */
795 if ((local != null) && (remote != null)) {
796 // If both failed, return the curthread's exception.
797 local.initCause(remote);
798 exception = local;
799 } else if (local != null) {
800 exception = local;
801 } else if (remote != null) {
802 exception = remote;
803 } else if (startException != null) {
804 exception = startException;
805 }
806
807 /*
808 * If there was an exception *AND* a startException,
809 * output it.
810 */
811 if (exception != null) {
812 if (exception != startException && startException != null) {
813 exception.addSuppressed(startException);
814 }
815 throw exception;
816 }
817
818 // Fall-through: no exception to throw!
819 }
820
821 private void startServer(boolean newThread) throws Exception {
822 if (newThread) {
823 serverThread = new Thread() {
824 @Override
825 public void run() {
826 try {
827 doServerSide();
828 } catch (Exception e) {
829 /*
830 * Our server thread just died.
831 *
832 * Release the client, if not active already...
833 */
834 logException("Server died", e);
835 serverException = e;
836 }
837 }
838 };
839 serverThread.start();
840 } else {
841 try {
842 doServerSide();
843 } catch (Exception e) {
844 logException("Server failed", e);
845 serverException = e;
846 }
847 }
848 }
849
850 private void startClient(boolean newThread) throws Exception {
851 if (newThread) {
852 clientThread = new Thread() {
853 @Override
854 public void run() {
855 try {
856 doClientSide();
857 } catch (Exception e) {
858 /*
859 * Our client thread just died.
860 */
861 logException("Client died", e);
862 clientException = e;
863 }
864 }
865 };
866 clientThread.start();
867 } else {
868 try {
869 doClientSide();
870 } catch (Exception e) {
871 logException("Client failed", e);
872 clientException = e;
873 }
874 }
875 }
876
877 private synchronized void logException(String prefix, Throwable cause) {
878 System.out.println(prefix + ": " + cause);
879 cause.printStackTrace(System.out);
880 }
881 }
882