Merge
This commit is contained in:
commit
5f7a7de614
@ -43,7 +43,7 @@ import sun.security.util.SecurityConstants;
|
|||||||
* CookieHandler.getDefault().
|
* CookieHandler.getDefault().
|
||||||
*
|
*
|
||||||
* For more information on HTTP state management, see <a
|
* For more information on HTTP state management, see <a
|
||||||
* href="http://www.ietf.org/rfc/rfc2965.txt""><i>RFC 2965: HTTP
|
* href="http://www.ietf.org/rfc/rfc2965.txt"><i>RFC 2965: HTTP
|
||||||
* State Management Mechanism</i></a>
|
* State Management Mechanism</i></a>
|
||||||
*
|
*
|
||||||
* @author Yingxian Wang
|
* @author Yingxian Wang
|
||||||
|
@ -52,7 +52,7 @@ import sun.security.util.SecurityConstants;
|
|||||||
* protocol is allowed to use a cached response.
|
* protocol is allowed to use a cached response.
|
||||||
*
|
*
|
||||||
* For more information on HTTP caching, see <a
|
* For more information on HTTP caching, see <a
|
||||||
* href="http://www.ietf.org/rfc/rfc2616.txt""><i>RFC 2616: Hypertext
|
* href="http://www.ietf.org/rfc/rfc2616.txt"><i>RFC 2616: Hypertext
|
||||||
* Transfer Protocol -- HTTP/1.1</i></a>
|
* Transfer Protocol -- HTTP/1.1</i></a>
|
||||||
*
|
*
|
||||||
* @author Yingxian Wang
|
* @author Yingxian Wang
|
||||||
|
@ -49,7 +49,7 @@ import java.lang.NullPointerException; // for javadoc
|
|||||||
*
|
*
|
||||||
* <p> Aside from some minor deviations noted below, an instance of this
|
* <p> Aside from some minor deviations noted below, an instance of this
|
||||||
* class represents a URI reference as defined by
|
* class represents a URI reference as defined by
|
||||||
* <a href="http://www.ietf.org/rfc/rfc2396.txt""><i>RFC 2396: Uniform
|
* <a href="http://www.ietf.org/rfc/rfc2396.txt"><i>RFC 2396: Uniform
|
||||||
* Resource Identifiers (URI): Generic Syntax</i></a>, amended by <a
|
* Resource Identifiers (URI): Generic Syntax</i></a>, amended by <a
|
||||||
* href="http://www.ietf.org/rfc/rfc2732.txt"><i>RFC 2732: Format for
|
* href="http://www.ietf.org/rfc/rfc2732.txt"><i>RFC 2732: Format for
|
||||||
* Literal IPv6 Addresses in URLs</i></a>. The Literal IPv6 address format
|
* Literal IPv6 Addresses in URLs</i></a>. The Literal IPv6 address format
|
||||||
@ -461,7 +461,7 @@ import java.lang.NullPointerException; // for javadoc
|
|||||||
* transformation format of ISO 10646</i></a>, <br><a
|
* transformation format of ISO 10646</i></a>, <br><a
|
||||||
* href="http://www.ietf.org/rfc/rfc2373.txt"><i>RFC 2373: IPv6 Addressing
|
* href="http://www.ietf.org/rfc/rfc2373.txt"><i>RFC 2373: IPv6 Addressing
|
||||||
* Architecture</i></a>, <br><a
|
* Architecture</i></a>, <br><a
|
||||||
* href="http://www.ietf.org/rfc/rfc2396.txt""><i>RFC 2396: Uniform
|
* href="http://www.ietf.org/rfc/rfc2396.txt"><i>RFC 2396: Uniform
|
||||||
* Resource Identifiers (URI): Generic Syntax</i></a>, <br><a
|
* Resource Identifiers (URI): Generic Syntax</i></a>, <br><a
|
||||||
* href="http://www.ietf.org/rfc/rfc2732.txt"><i>RFC 2732: Format for
|
* href="http://www.ietf.org/rfc/rfc2732.txt"><i>RFC 2732: Format for
|
||||||
* Literal IPv6 Addresses in URLs</i></a>, <br><a
|
* Literal IPv6 Addresses in URLs</i></a>, <br><a
|
||||||
|
@ -66,7 +66,7 @@ import sun.security.util.SecurityConstants;
|
|||||||
* </pre></blockquote>
|
* </pre></blockquote>
|
||||||
* <p>
|
* <p>
|
||||||
* The syntax of <code>URL</code> is defined by <a
|
* The syntax of <code>URL</code> is defined by <a
|
||||||
* href="http://www.ietf.org/rfc/rfc2396.txt""><i>RFC 2396: Uniform
|
* href="http://www.ietf.org/rfc/rfc2396.txt"><i>RFC 2396: Uniform
|
||||||
* Resource Identifiers (URI): Generic Syntax</i></a>, amended by <a
|
* Resource Identifiers (URI): Generic Syntax</i></a>, amended by <a
|
||||||
* href="http://www.ietf.org/rfc/rfc2732.txt"><i>RFC 2732: Format for
|
* href="http://www.ietf.org/rfc/rfc2732.txt"><i>RFC 2732: Format for
|
||||||
* Literal IPv6 Addresses in URLs</i></a>. The Literal IPv6 address format
|
* Literal IPv6 Addresses in URLs</i></a>. The Literal IPv6 address format
|
||||||
|
@ -32,6 +32,7 @@ import java.security.*;
|
|||||||
import java.util.*;
|
import java.util.*;
|
||||||
|
|
||||||
import java.security.interfaces.ECPublicKey;
|
import java.security.interfaces.ECPublicKey;
|
||||||
|
import java.security.interfaces.RSAPublicKey;
|
||||||
import java.security.spec.ECParameterSpec;
|
import java.security.spec.ECParameterSpec;
|
||||||
|
|
||||||
import java.security.cert.X509Certificate;
|
import java.security.cert.X509Certificate;
|
||||||
@ -147,8 +148,33 @@ final class ClientHandshaker extends Handshaker {
|
|||||||
case HandshakeMessage.ht_server_key_exchange:
|
case HandshakeMessage.ht_server_key_exchange:
|
||||||
serverKeyExchangeReceived = true;
|
serverKeyExchangeReceived = true;
|
||||||
switch (keyExchange) {
|
switch (keyExchange) {
|
||||||
case K_RSA:
|
|
||||||
case K_RSA_EXPORT:
|
case K_RSA_EXPORT:
|
||||||
|
/**
|
||||||
|
* The server key exchange message is sent by the server only
|
||||||
|
* when the server certificate message does not contain the
|
||||||
|
* proper amount of data to allow the client to exchange a
|
||||||
|
* premaster secret, such as when RSA_EXPORT is used and the
|
||||||
|
* public key in the server certificate is longer than 512 bits.
|
||||||
|
*/
|
||||||
|
if (serverKey == null) {
|
||||||
|
throw new SSLProtocolException
|
||||||
|
("Server did not send certificate message");
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!(serverKey instanceof RSAPublicKey)) {
|
||||||
|
throw new SSLProtocolException("Protocol violation:" +
|
||||||
|
" the certificate type must be appropriate for the" +
|
||||||
|
" selected cipher suite's key exchange algorithm");
|
||||||
|
}
|
||||||
|
|
||||||
|
if (JsseJce.getRSAKeyLength(serverKey) <= 512) {
|
||||||
|
throw new SSLProtocolException("Protocol violation:" +
|
||||||
|
" server sent a server key exchange message for" +
|
||||||
|
" key exchange " + keyExchange +
|
||||||
|
" when the public key in the server certificate" +
|
||||||
|
" is less than or equal to 512 bits in length");
|
||||||
|
}
|
||||||
|
|
||||||
try {
|
try {
|
||||||
this.serverKeyExchange(new RSA_ServerKeyExchange(input));
|
this.serverKeyExchange(new RSA_ServerKeyExchange(input));
|
||||||
} catch (GeneralSecurityException e) {
|
} catch (GeneralSecurityException e) {
|
||||||
@ -180,6 +206,9 @@ final class ClientHandshaker extends Handshaker {
|
|||||||
throwSSLException("Server key", e);
|
throwSSLException("Server key", e);
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
case K_RSA:
|
||||||
|
case K_DH_RSA:
|
||||||
|
case K_DH_DSS:
|
||||||
case K_ECDH_ECDSA:
|
case K_ECDH_ECDSA:
|
||||||
case K_ECDH_RSA:
|
case K_ECDH_RSA:
|
||||||
throw new SSLProtocolException("Protocol violation: server sent"
|
throw new SSLProtocolException("Protocol violation: server sent"
|
||||||
@ -580,6 +609,16 @@ final class ClientHandshaker extends Handshaker {
|
|||||||
|
|
||||||
case K_RSA:
|
case K_RSA:
|
||||||
case K_RSA_EXPORT:
|
case K_RSA_EXPORT:
|
||||||
|
if (serverKey == null) {
|
||||||
|
throw new SSLProtocolException
|
||||||
|
("Server did not send certificate message");
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!(serverKey instanceof RSAPublicKey)) {
|
||||||
|
throw new SSLProtocolException
|
||||||
|
("Server certificate does not include an RSA key");
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* For RSA key exchange, we randomly generate a new
|
* For RSA key exchange, we randomly generate a new
|
||||||
* pre-master secret and encrypt it with the server's
|
* pre-master secret and encrypt it with the server's
|
||||||
@ -588,8 +627,29 @@ final class ClientHandshaker extends Handshaker {
|
|||||||
* it's a performance speedup not to do that until
|
* it's a performance speedup not to do that until
|
||||||
* the client's waiting for the server response, but
|
* the client's waiting for the server response, but
|
||||||
* more of a speedup for the D-H case.
|
* more of a speedup for the D-H case.
|
||||||
|
*
|
||||||
|
* If the RSA_EXPORT scheme is active, when the public
|
||||||
|
* key in the server certificate is less than or equal
|
||||||
|
* to 512 bits in length, use the cert's public key,
|
||||||
|
* otherwise, the ephemeral one.
|
||||||
*/
|
*/
|
||||||
PublicKey key = (keyExchange == K_RSA) ? serverKey : ephemeralServerKey;
|
PublicKey key;
|
||||||
|
if (keyExchange == K_RSA) {
|
||||||
|
key = serverKey;
|
||||||
|
} else { // K_RSA_EXPORT
|
||||||
|
if (JsseJce.getRSAKeyLength(serverKey) <= 512) {
|
||||||
|
// extraneous ephemeralServerKey check done
|
||||||
|
// above in processMessage()
|
||||||
|
key = serverKey;
|
||||||
|
} else {
|
||||||
|
if (ephemeralServerKey == null) {
|
||||||
|
throw new SSLProtocolException("Server did not send" +
|
||||||
|
" a RSA_EXPORT Server Key Exchange message");
|
||||||
|
}
|
||||||
|
key = ephemeralServerKey;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
m2 = new RSAClientKeyExchange(protocolVersion, maxProtocolVersion,
|
m2 = new RSAClientKeyExchange(protocolVersion, maxProtocolVersion,
|
||||||
sslContext.getSecureRandom(), key);
|
sslContext.getSecureRandom(), key);
|
||||||
break;
|
break;
|
||||||
|
@ -4104,7 +4104,7 @@ class RuntimePerm extends Perm {
|
|||||||
"getClassLoader",
|
"getClassLoader",
|
||||||
"setContextClassLoader",
|
"setContextClassLoader",
|
||||||
"enableContextClassLoaderOverride",
|
"enableContextClassLoaderOverride",
|
||||||
"setSecurityManage",
|
"setSecurityManager",
|
||||||
"createSecurityManager",
|
"createSecurityManager",
|
||||||
"getenv.<" +
|
"getenv.<" +
|
||||||
PolicyTool.rb.getString("environment variable name") + ">",
|
PolicyTool.rb.getString("environment variable name") + ">",
|
||||||
|
@ -138,7 +138,6 @@ JNIEXPORT jobjectArray JNICALL
|
|||||||
Java_java_net_Inet4AddressImpl_lookupAllHostAddr(JNIEnv *env, jobject this,
|
Java_java_net_Inet4AddressImpl_lookupAllHostAddr(JNIEnv *env, jobject this,
|
||||||
jstring host) {
|
jstring host) {
|
||||||
const char *hostname;
|
const char *hostname;
|
||||||
jobject name;
|
|
||||||
jobjectArray ret = 0;
|
jobjectArray ret = 0;
|
||||||
struct hostent res, *hp = 0;
|
struct hostent res, *hp = 0;
|
||||||
char buf[HENT_BUF_SIZE];
|
char buf[HENT_BUF_SIZE];
|
||||||
@ -210,12 +209,6 @@ Java_java_net_Inet4AddressImpl_lookupAllHostAddr(JNIEnv *env, jobject this,
|
|||||||
addrp++;
|
addrp++;
|
||||||
}
|
}
|
||||||
|
|
||||||
name = (*env)->NewStringUTF(env, hostname);
|
|
||||||
|
|
||||||
if (IS_NULL(name)) {
|
|
||||||
goto cleanupAndReturn;
|
|
||||||
}
|
|
||||||
|
|
||||||
ret = (*env)->NewObjectArray(env, i, ni_iacls, NULL);
|
ret = (*env)->NewObjectArray(env, i, ni_iacls, NULL);
|
||||||
if (IS_NULL(ret)) {
|
if (IS_NULL(ret)) {
|
||||||
/* we may have memory to free at the end of this */
|
/* we may have memory to free at the end of this */
|
||||||
@ -231,7 +224,7 @@ Java_java_net_Inet4AddressImpl_lookupAllHostAddr(JNIEnv *env, jobject this,
|
|||||||
}
|
}
|
||||||
(*env)->SetIntField(env, iaObj, ni_iaaddressID,
|
(*env)->SetIntField(env, iaObj, ni_iaaddressID,
|
||||||
ntohl((*addrp)->s_addr));
|
ntohl((*addrp)->s_addr));
|
||||||
(*env)->SetObjectField(env, iaObj, ni_iahostID, name);
|
(*env)->SetObjectField(env, iaObj, ni_iahostID, host);
|
||||||
(*env)->SetObjectArrayElement(env, ret, i, iaObj);
|
(*env)->SetObjectArrayElement(env, ret, i, iaObj);
|
||||||
addrp++;
|
addrp++;
|
||||||
i++;
|
i++;
|
||||||
|
@ -142,7 +142,6 @@ Java_java_net_Inet6AddressImpl_lookupAllHostAddr(JNIEnv *env, jobject this,
|
|||||||
jstring host) {
|
jstring host) {
|
||||||
const char *hostname;
|
const char *hostname;
|
||||||
jobjectArray ret = 0;
|
jobjectArray ret = 0;
|
||||||
jobject name;
|
|
||||||
int retLen = 0;
|
int retLen = 0;
|
||||||
jclass byteArrayCls;
|
jclass byteArrayCls;
|
||||||
jboolean preferIPv6Address;
|
jboolean preferIPv6Address;
|
||||||
@ -310,11 +309,6 @@ Java_java_net_Inet6AddressImpl_lookupAllHostAddr(JNIEnv *env, jobject this,
|
|||||||
inet6Index = inetCount;
|
inet6Index = inetCount;
|
||||||
}
|
}
|
||||||
|
|
||||||
name = (*env)->NewStringUTF(env, hostname);
|
|
||||||
if (IS_NULL(name)) {
|
|
||||||
ret = NULL;
|
|
||||||
goto cleanupAndReturn;
|
|
||||||
}
|
|
||||||
while (iterator != NULL) {
|
while (iterator != NULL) {
|
||||||
if (iterator->ai_family == AF_INET) {
|
if (iterator->ai_family == AF_INET) {
|
||||||
jobject iaObj = (*env)->NewObject(env, ni_ia4cls, ni_ia4ctrID);
|
jobject iaObj = (*env)->NewObject(env, ni_ia4cls, ni_ia4ctrID);
|
||||||
@ -324,7 +318,7 @@ Java_java_net_Inet6AddressImpl_lookupAllHostAddr(JNIEnv *env, jobject this,
|
|||||||
}
|
}
|
||||||
(*env)->SetIntField(env, iaObj, ni_iaaddressID,
|
(*env)->SetIntField(env, iaObj, ni_iaaddressID,
|
||||||
ntohl(((struct sockaddr_in*)iterator->ai_addr)->sin_addr.s_addr));
|
ntohl(((struct sockaddr_in*)iterator->ai_addr)->sin_addr.s_addr));
|
||||||
(*env)->SetObjectField(env, iaObj, ni_iahostID, name);
|
(*env)->SetObjectField(env, iaObj, ni_iahostID, host);
|
||||||
(*env)->SetObjectArrayElement(env, ret, inetIndex, iaObj);
|
(*env)->SetObjectArrayElement(env, ret, inetIndex, iaObj);
|
||||||
inetIndex++;
|
inetIndex++;
|
||||||
} else if (iterator->ai_family == AF_INET6) {
|
} else if (iterator->ai_family == AF_INET6) {
|
||||||
@ -355,7 +349,7 @@ Java_java_net_Inet6AddressImpl_lookupAllHostAddr(JNIEnv *env, jobject this,
|
|||||||
(*env)->SetBooleanField(env, iaObj, ia6_scopeidsetID, JNI_TRUE);
|
(*env)->SetBooleanField(env, iaObj, ia6_scopeidsetID, JNI_TRUE);
|
||||||
}
|
}
|
||||||
(*env)->SetObjectField(env, iaObj, ni_ia6ipaddressID, ipaddress);
|
(*env)->SetObjectField(env, iaObj, ni_ia6ipaddressID, ipaddress);
|
||||||
(*env)->SetObjectField(env, iaObj, ni_iahostID, name);
|
(*env)->SetObjectField(env, iaObj, ni_iahostID, host);
|
||||||
(*env)->SetObjectArrayElement(env, ret, inet6Index, iaObj);
|
(*env)->SetObjectArrayElement(env, ret, inet6Index, iaObj);
|
||||||
inet6Index++;
|
inet6Index++;
|
||||||
}
|
}
|
||||||
|
@ -1117,9 +1117,33 @@ static short getFlags(JNIEnv *env, jstring name) {
|
|||||||
if (ioctl(sock, SIOCGIFFLAGS, (char *)&if2) >= 0) {
|
if (ioctl(sock, SIOCGIFFLAGS, (char *)&if2) >= 0) {
|
||||||
ret = if2.ifr_flags;
|
ret = if2.ifr_flags;
|
||||||
} else {
|
} else {
|
||||||
|
#if defined(__solaris__) && defined(AF_INET6)
|
||||||
|
/* Try with an IPv6 socket in case the interface has only IPv6 addresses assigned to it */
|
||||||
|
struct lifreq lifr;
|
||||||
|
|
||||||
|
close(sock);
|
||||||
|
sock = JVM_Socket(AF_INET6, SOCK_DGRAM, 0);
|
||||||
|
|
||||||
|
if (sock < 0) {
|
||||||
|
(*env)->ReleaseStringUTFChars(env, name, name_utf);
|
||||||
|
NET_ThrowByNameWithLastError(env, JNU_JAVANETPKG "SocketException",
|
||||||
|
"Socket creation failed");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
memset((caddr_t)&lifr, 0, sizeof(lifr));
|
||||||
|
strcpy((caddr_t)&(lifr.lifr_name), name_utf);
|
||||||
|
|
||||||
|
if (ioctl(sock, SIOCGLIFFLAGS, (char *)&lifr) >= 0) {
|
||||||
|
ret = lifr.lifr_flags;
|
||||||
|
} else {
|
||||||
|
NET_ThrowByNameWithLastError(env, JNU_JAVANETPKG "SocketException",
|
||||||
|
"IOCTL failed");
|
||||||
|
}
|
||||||
|
#else
|
||||||
NET_ThrowByNameWithLastError(env, JNU_JAVANETPKG "SocketException",
|
NET_ThrowByNameWithLastError(env, JNU_JAVANETPKG "SocketException",
|
||||||
"IOCTL failed");
|
"IOCTL failed");
|
||||||
ret = -1;
|
#endif
|
||||||
}
|
}
|
||||||
close(sock);
|
close(sock);
|
||||||
/* release the UTF string and interface list */
|
/* release the UTF string and interface list */
|
||||||
@ -1484,8 +1508,23 @@ JNIEXPORT jint JNICALL Java_java_net_NetworkInterface_getMTU0(JNIEnv *env, jclas
|
|||||||
if (ioctl(sock, SIOCGLIFMTU, (caddr_t)&lifr) >= 0) {
|
if (ioctl(sock, SIOCGLIFMTU, (caddr_t)&lifr) >= 0) {
|
||||||
ret = lifr.lifr_mtu;
|
ret = lifr.lifr_mtu;
|
||||||
} else {
|
} else {
|
||||||
NET_ThrowByNameWithLastError(env, JNU_JAVANETPKG "SocketException",
|
/* Try wIth an IPv6 socket in case the interface has only IPv6 addresses assigned to it */
|
||||||
"IOCTL failed");
|
close(sock);
|
||||||
|
sock = JVM_Socket(AF_INET6, SOCK_DGRAM, 0);
|
||||||
|
|
||||||
|
if (sock < 0) {
|
||||||
|
(*env)->ReleaseStringUTFChars(env, name, name_utf);
|
||||||
|
NET_ThrowByNameWithLastError(env, JNU_JAVANETPKG "SocketException",
|
||||||
|
"Socket creation failed");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (ioctl(sock, SIOCGLIFMTU, (caddr_t)&lifr) >= 0) {
|
||||||
|
ret = lifr.lifr_mtu;
|
||||||
|
} else {
|
||||||
|
NET_ThrowByNameWithLastError(env, JNU_JAVANETPKG "SocketException",
|
||||||
|
"IOCTL failed");
|
||||||
|
}
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
close(sock);
|
close(sock);
|
||||||
|
@ -95,94 +95,24 @@ static int marker_fd = -1;
|
|||||||
*/
|
*/
|
||||||
static int getMarkerFD()
|
static int getMarkerFD()
|
||||||
{
|
{
|
||||||
int server_fd, child_fd, connect_fd;
|
int sv[2];
|
||||||
SOCKADDR him;
|
|
||||||
int type, len, port;
|
|
||||||
|
|
||||||
type = AF_INET;
|
#ifdef AF_UNIX
|
||||||
#ifdef AF_INET6
|
if (socketpair(AF_UNIX, SOCK_STREAM, 0, sv) == -1) {
|
||||||
if (ipv6_available()) {
|
return -1;
|
||||||
type = AF_INET6;
|
|
||||||
}
|
}
|
||||||
|
#else
|
||||||
|
return -1;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Create listener on any port
|
* Finally shutdown sv[0] (any reads to this fd will get
|
||||||
*/
|
|
||||||
server_fd = JVM_Socket(type, SOCK_STREAM, 0);
|
|
||||||
if (server_fd < 0) {
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
if (JVM_Listen(server_fd, 1) == -1) {
|
|
||||||
JVM_SocketClose(server_fd);
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
len = SOCKADDR_LEN;
|
|
||||||
if (JVM_GetSockName(server_fd, (struct sockaddr *)&him, &len) == -1) {
|
|
||||||
JVM_SocketClose(server_fd);
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
port = NET_GetPortFromSockaddr((struct sockaddr *)&him);
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Establish connection from client socket.
|
|
||||||
* Server is bound to 0.0.0.0/X or ::/X
|
|
||||||
* We connect to 127.0.0.1/X or ::1/X
|
|
||||||
*/
|
|
||||||
#ifdef AF_INET6
|
|
||||||
if (ipv6_available()) {
|
|
||||||
struct sockaddr_in6 *him6 = (struct sockaddr_in6 *)&him;
|
|
||||||
jbyte caddr[16];
|
|
||||||
memset((char *) caddr, 0, 16);
|
|
||||||
caddr[15] = 1;
|
|
||||||
memset((char *)him6, 0, sizeof(struct sockaddr_in6));
|
|
||||||
memcpy((void *)&(him6->sin6_addr), caddr, sizeof(struct in6_addr) );
|
|
||||||
him6->sin6_port = htons((short) port);
|
|
||||||
him6->sin6_family = AF_INET6;
|
|
||||||
len = sizeof(struct sockaddr_in6) ;
|
|
||||||
} else
|
|
||||||
#endif /* AF_INET6 */
|
|
||||||
{
|
|
||||||
struct sockaddr_in *him4 = (struct sockaddr_in*)&him;
|
|
||||||
memset((char *) him4, 0, sizeof(struct sockaddr_in));
|
|
||||||
him4->sin_port = htons((short) port);
|
|
||||||
him4->sin_addr.s_addr = (uint32_t) htonl(0x7f000001);
|
|
||||||
him4->sin_family = AF_INET;
|
|
||||||
len = sizeof(struct sockaddr_in);
|
|
||||||
}
|
|
||||||
connect_fd = JVM_Socket(type, SOCK_STREAM, 0);
|
|
||||||
if (connect_fd < 0) {
|
|
||||||
JVM_SocketClose(server_fd);
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
if (JVM_Connect(connect_fd, (struct sockaddr *) &him, len) == -1) {
|
|
||||||
JVM_SocketClose(server_fd);
|
|
||||||
JVM_SocketClose(connect_fd);
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Server accepts connection - do in in non-blocking mode to avoid
|
|
||||||
* hanging if there's an error (should never happen!!!)
|
|
||||||
*/
|
|
||||||
SET_NONBLOCKING(server_fd);
|
|
||||||
len = SOCKADDR_LEN;
|
|
||||||
child_fd = JVM_Accept(server_fd, (struct sockaddr *)&him, (jint *)&len);
|
|
||||||
if (child_fd == -1) {
|
|
||||||
JVM_SocketClose(server_fd);
|
|
||||||
JVM_SocketClose(connect_fd);
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Finally shutdown connect_fd (any reads to this fd will get
|
|
||||||
* EOF; any writes will get an error).
|
* EOF; any writes will get an error).
|
||||||
*/
|
*/
|
||||||
JVM_SocketShutdown(connect_fd, 2);
|
JVM_SocketShutdown(sv[0], 2);
|
||||||
JVM_SocketClose(child_fd);
|
JVM_SocketClose(sv[1]);
|
||||||
JVM_SocketClose(server_fd);
|
|
||||||
|
|
||||||
return connect_fd;
|
return sv[0];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -1087,7 +1017,7 @@ Java_java_net_PlainSocketImpl_socketGetOption(JNIEnv *env, jobject this,
|
|||||||
*/
|
*/
|
||||||
if (cmd == java_net_SocketOptions_SO_BINDADDR) {
|
if (cmd == java_net_SocketOptions_SO_BINDADDR) {
|
||||||
SOCKADDR him;
|
SOCKADDR him;
|
||||||
int len = 0;
|
socklen_t len = 0;
|
||||||
int port;
|
int port;
|
||||||
jobject iaObj;
|
jobject iaObj;
|
||||||
jclass iaCntrClass;
|
jclass iaCntrClass;
|
||||||
|
@ -137,7 +137,6 @@ JNIEXPORT jobjectArray JNICALL
|
|||||||
Java_java_net_Inet4AddressImpl_lookupAllHostAddr(JNIEnv *env, jobject this,
|
Java_java_net_Inet4AddressImpl_lookupAllHostAddr(JNIEnv *env, jobject this,
|
||||||
jstring host) {
|
jstring host) {
|
||||||
const char *hostname;
|
const char *hostname;
|
||||||
jobject name;
|
|
||||||
struct hostent *hp;
|
struct hostent *hp;
|
||||||
unsigned int addr[4];
|
unsigned int addr[4];
|
||||||
|
|
||||||
@ -229,10 +228,6 @@ Java_java_net_Inet4AddressImpl_lookupAllHostAddr(JNIEnv *env, jobject this,
|
|||||||
addrp++;
|
addrp++;
|
||||||
}
|
}
|
||||||
|
|
||||||
name = (*env)->NewStringUTF(env, hostname);
|
|
||||||
if (IS_NULL(name)) {
|
|
||||||
goto cleanupAndReturn;
|
|
||||||
}
|
|
||||||
ret = (*env)->NewObjectArray(env, i, ni_iacls, NULL);
|
ret = (*env)->NewObjectArray(env, i, ni_iacls, NULL);
|
||||||
|
|
||||||
if (IS_NULL(ret)) {
|
if (IS_NULL(ret)) {
|
||||||
@ -249,7 +244,7 @@ Java_java_net_Inet4AddressImpl_lookupAllHostAddr(JNIEnv *env, jobject this,
|
|||||||
}
|
}
|
||||||
(*env)->SetIntField(env, iaObj, ni_iaaddressID,
|
(*env)->SetIntField(env, iaObj, ni_iaaddressID,
|
||||||
ntohl((*addrp)->s_addr));
|
ntohl((*addrp)->s_addr));
|
||||||
(*env)->SetObjectField(env, iaObj, ni_iahostID, name);
|
(*env)->SetObjectField(env, iaObj, ni_iahostID, host);
|
||||||
(*env)->SetObjectArrayElement(env, ret, i, iaObj);
|
(*env)->SetObjectArrayElement(env, ret, i, iaObj);
|
||||||
addrp++;
|
addrp++;
|
||||||
i++;
|
i++;
|
||||||
|
@ -86,7 +86,6 @@ JNIEXPORT jobjectArray JNICALL
|
|||||||
Java_java_net_Inet6AddressImpl_lookupAllHostAddr(JNIEnv *env, jobject this,
|
Java_java_net_Inet6AddressImpl_lookupAllHostAddr(JNIEnv *env, jobject this,
|
||||||
jstring host) {
|
jstring host) {
|
||||||
const char *hostname;
|
const char *hostname;
|
||||||
jobject name;
|
|
||||||
jobjectArray ret = 0;
|
jobjectArray ret = 0;
|
||||||
int retLen = 0;
|
int retLen = 0;
|
||||||
jboolean preferIPv6Address;
|
jboolean preferIPv6Address;
|
||||||
@ -237,12 +236,6 @@ Java_java_net_Inet6AddressImpl_lookupAllHostAddr(JNIEnv *env, jobject this,
|
|||||||
inet6Index = inetCount;
|
inet6Index = inetCount;
|
||||||
}
|
}
|
||||||
|
|
||||||
name = (*env)->NewStringUTF(env, hostname);
|
|
||||||
if (IS_NULL(name)) {
|
|
||||||
ret = NULL;
|
|
||||||
goto cleanupAndReturn;
|
|
||||||
}
|
|
||||||
|
|
||||||
while (iterator != NULL) {
|
while (iterator != NULL) {
|
||||||
if (iterator->ai_family == AF_INET) {
|
if (iterator->ai_family == AF_INET) {
|
||||||
jobject iaObj = (*env)->NewObject(env, ni_ia4cls, ni_ia4ctrID);
|
jobject iaObj = (*env)->NewObject(env, ni_ia4cls, ni_ia4ctrID);
|
||||||
@ -252,7 +245,7 @@ Java_java_net_Inet6AddressImpl_lookupAllHostAddr(JNIEnv *env, jobject this,
|
|||||||
}
|
}
|
||||||
(*env)->SetIntField(env, iaObj, ni_iaaddressID,
|
(*env)->SetIntField(env, iaObj, ni_iaaddressID,
|
||||||
ntohl(((struct sockaddr_in*)iterator->ai_addr)->sin_addr.s_addr));
|
ntohl(((struct sockaddr_in*)iterator->ai_addr)->sin_addr.s_addr));
|
||||||
(*env)->SetObjectField(env, iaObj, ni_iahostID, name);
|
(*env)->SetObjectField(env, iaObj, ni_iahostID, host);
|
||||||
(*env)->SetObjectArrayElement(env, ret, inetIndex, iaObj);
|
(*env)->SetObjectArrayElement(env, ret, inetIndex, iaObj);
|
||||||
inetIndex ++;
|
inetIndex ++;
|
||||||
} else if (iterator->ai_family == AF_INET6) {
|
} else if (iterator->ai_family == AF_INET6) {
|
||||||
@ -276,7 +269,7 @@ Java_java_net_Inet6AddressImpl_lookupAllHostAddr(JNIEnv *env, jobject this,
|
|||||||
(*env)->SetBooleanField(env, iaObj, ia6_scopeidsetID, JNI_TRUE);
|
(*env)->SetBooleanField(env, iaObj, ia6_scopeidsetID, JNI_TRUE);
|
||||||
}
|
}
|
||||||
(*env)->SetObjectField(env, iaObj, ni_ia6ipaddressID, ipaddress);
|
(*env)->SetObjectField(env, iaObj, ni_ia6ipaddressID, ipaddress);
|
||||||
(*env)->SetObjectField(env, iaObj, ni_iahostID, name);
|
(*env)->SetObjectField(env, iaObj, ni_iahostID, host);
|
||||||
(*env)->SetObjectArrayElement(env, ret, inet6Index, iaObj);
|
(*env)->SetObjectArrayElement(env, ret, inet6Index, iaObj);
|
||||||
inet6Index ++;
|
inet6Index ++;
|
||||||
}
|
}
|
||||||
|
@ -22,7 +22,7 @@
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
/* @test
|
/* @test
|
||||||
* @bug 6285901
|
* @bug 6285901 6501089
|
||||||
* @summary Check no data is written to wrong socket channel during async closing.
|
* @summary Check no data is written to wrong socket channel during async closing.
|
||||||
* @author Xueming Shen
|
* @author Xueming Shen
|
||||||
*/
|
*/
|
||||||
@ -33,13 +33,13 @@ import java.nio.channels.*;
|
|||||||
import java.net.*;
|
import java.net.*;
|
||||||
|
|
||||||
public class AsyncCloseChannel {
|
public class AsyncCloseChannel {
|
||||||
static boolean failed = false;
|
static volatile boolean failed = false;
|
||||||
static boolean keepGoing = true;
|
static volatile boolean keepGoing = true;
|
||||||
|
static int maxAcceptCount = 100;
|
||||||
|
static volatile int acceptCount = 0;
|
||||||
static String host = "127.0.0.1";
|
static String host = "127.0.0.1";
|
||||||
static int sensorPort = 3010;
|
static int sensorPort;
|
||||||
static int targetPort = 3020;
|
static int targetPort;
|
||||||
static int maxAcceptCount = 1000;
|
|
||||||
static int acceptCount = 0;
|
|
||||||
|
|
||||||
public static void main(String args[]) throws Exception {
|
public static void main(String args[]) throws Exception {
|
||||||
if (System.getProperty("os.name").startsWith("Windows")) {
|
if (System.getProperty("os.name").startsWith("Windows")) {
|
||||||
@ -48,11 +48,15 @@ public class AsyncCloseChannel {
|
|||||||
}
|
}
|
||||||
Thread ss = new SensorServer(); ss.start();
|
Thread ss = new SensorServer(); ss.start();
|
||||||
Thread ts = new TargetServer(); ts.start();
|
Thread ts = new TargetServer(); ts.start();
|
||||||
|
|
||||||
|
sensorPort = ((ServerThread)ss).server.getLocalPort();
|
||||||
|
targetPort = ((ServerThread)ts).server.getLocalPort();
|
||||||
|
|
||||||
Thread sc = new SensorClient(); sc.start();
|
Thread sc = new SensorClient(); sc.start();
|
||||||
Thread tc = new TargetClient(); tc.start();
|
Thread tc = new TargetClient(); tc.start();
|
||||||
|
|
||||||
while(acceptCount < maxAcceptCount && !failed) {
|
while(acceptCount < maxAcceptCount && !failed) {
|
||||||
Thread.yield();
|
Thread.sleep(10);
|
||||||
}
|
}
|
||||||
keepGoing = false;
|
keepGoing = false;
|
||||||
try {
|
try {
|
||||||
@ -66,11 +70,8 @@ public class AsyncCloseChannel {
|
|||||||
+ acceptCount + "> times of accept!");
|
+ acceptCount + "> times of accept!");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static class SensorServer extends ServerThread {
|
||||||
static class SensorServer extends ThreadEx {
|
|
||||||
public void runEx() throws Exception {
|
public void runEx() throws Exception {
|
||||||
ServerSocket server;
|
|
||||||
server = new ServerSocket(sensorPort);
|
|
||||||
while(keepGoing) {
|
while(keepGoing) {
|
||||||
try {
|
try {
|
||||||
final Socket s = server.accept();
|
final Socket s = server.accept();
|
||||||
@ -80,7 +81,7 @@ public class AsyncCloseChannel {
|
|||||||
int c = s.getInputStream().read();
|
int c = s.getInputStream().read();
|
||||||
if(c != -1) {
|
if(c != -1) {
|
||||||
// No data is ever written to the peer's socket!
|
// No data is ever written to the peer's socket!
|
||||||
System.out.println("Oops: read a character: "
|
System.err.println("Oops: read a character: "
|
||||||
+ (char) c);
|
+ (char) c);
|
||||||
failed = true;
|
failed = true;
|
||||||
}
|
}
|
||||||
@ -92,17 +93,14 @@ public class AsyncCloseChannel {
|
|||||||
}
|
}
|
||||||
}.start();
|
}.start();
|
||||||
} catch (IOException ex) {
|
} catch (IOException ex) {
|
||||||
//ex.printStackTrace();
|
System.err.println("Exception on sensor server " + ex.getMessage());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
static class TargetServer extends ThreadEx {
|
static class TargetServer extends ServerThread {
|
||||||
public void runEx() throws Exception {
|
public void runEx() throws Exception {
|
||||||
|
|
||||||
ServerSocket server;
|
|
||||||
server = new ServerSocket(targetPort);
|
|
||||||
while (keepGoing) {
|
while (keepGoing) {
|
||||||
try {
|
try {
|
||||||
final Socket s = server.accept();
|
final Socket s = server.accept();
|
||||||
@ -127,7 +125,7 @@ public class AsyncCloseChannel {
|
|||||||
}
|
}
|
||||||
}.start();
|
}.start();
|
||||||
} catch (IOException ex) {
|
} catch (IOException ex) {
|
||||||
//ex.printStackTrace();
|
System.err.println("Exception on target server " + ex.getMessage());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -142,19 +140,19 @@ public class AsyncCloseChannel {
|
|||||||
try {
|
try {
|
||||||
s = new Socket();
|
s = new Socket();
|
||||||
synchronized(this) {
|
synchronized(this) {
|
||||||
while(!wake) {
|
while(!wake && keepGoing) {
|
||||||
try {
|
try {
|
||||||
wait();
|
wait();
|
||||||
} catch (InterruptedException ex) { }
|
} catch (InterruptedException ex) { }
|
||||||
}
|
}
|
||||||
|
wake = false;
|
||||||
}
|
}
|
||||||
wake = false;
|
|
||||||
s.connect(new InetSocketAddress(host, sensorPort));
|
s.connect(new InetSocketAddress(host, sensorPort));
|
||||||
try {
|
try {
|
||||||
Thread.sleep(10);
|
Thread.sleep(10);
|
||||||
} catch (InterruptedException ex) { }
|
} catch (InterruptedException ex) { }
|
||||||
} catch (IOException ex) {
|
} catch (IOException ex) {
|
||||||
System.out.println("Exception on sensor client " + ex.getMessage());
|
System.err.println("Exception on sensor client " + ex.getMessage());
|
||||||
} finally {
|
} finally {
|
||||||
if(s != null) {
|
if(s != null) {
|
||||||
try {
|
try {
|
||||||
@ -200,26 +198,49 @@ public class AsyncCloseChannel {
|
|||||||
}
|
}
|
||||||
} catch (IOException ex) {
|
} catch (IOException ex) {
|
||||||
if(!(ex instanceof ClosedChannelException))
|
if(!(ex instanceof ClosedChannelException))
|
||||||
System.out.println("Exception in target client child "
|
System.err.println("Exception in target client child "
|
||||||
+ ex.toString());
|
+ ex.toString());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
t.start();
|
t.start();
|
||||||
while(!ready)
|
while(!ready && keepGoing) {
|
||||||
Thread.yield();
|
try {
|
||||||
|
Thread.sleep(10);
|
||||||
|
} catch (InterruptedException ex) {}
|
||||||
|
}
|
||||||
s.close();
|
s.close();
|
||||||
SensorClient.wakeMe();
|
SensorClient.wakeMe();
|
||||||
t.join();
|
t.join();
|
||||||
} catch (IOException ex) {
|
} catch (IOException ex) {
|
||||||
System.out.println("Exception in target client parent "
|
System.err.println("Exception in target client parent "
|
||||||
+ ex.getMessage());
|
+ ex.getMessage());
|
||||||
} catch (InterruptedException ex) {}
|
} catch (InterruptedException ex) {}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
static abstract class ThreadEx extends Thread {
|
static abstract class ServerThread extends Thread {
|
||||||
|
ServerSocket server;
|
||||||
|
public ServerThread() {
|
||||||
|
super();
|
||||||
|
try {
|
||||||
|
server = new ServerSocket(0);
|
||||||
|
} catch (IOException ex) {
|
||||||
|
ex.printStackTrace();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public void interrupt() {
|
||||||
|
super.interrupt();
|
||||||
|
if (server != null) {
|
||||||
|
try {
|
||||||
|
server.close();
|
||||||
|
} catch (IOException ex) {
|
||||||
|
ex.printStackTrace();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
public void run() {
|
public void run() {
|
||||||
try {
|
try {
|
||||||
runEx();
|
runEx();
|
||||||
@ -231,7 +252,6 @@ public class AsyncCloseChannel {
|
|||||||
abstract void runEx() throws Exception;
|
abstract void runEx() throws Exception;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
public static void closeIt(Socket s) {
|
public static void closeIt(Socket s) {
|
||||||
try {
|
try {
|
||||||
if(s != null)
|
if(s != null)
|
||||||
|
@ -0,0 +1,561 @@
|
|||||||
|
/*
|
||||||
|
* Copyright 2008 Sun Microsystems, Inc. All Rights Reserved.
|
||||||
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
|
*
|
||||||
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
|
* under the terms of the GNU General Public License version 2 only, as
|
||||||
|
* published by the Free Software Foundation.
|
||||||
|
*
|
||||||
|
* This code is distributed in the hope that it will be useful, but WITHOUT
|
||||||
|
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
||||||
|
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||||
|
* version 2 for more details (a copy is included in the LICENSE file that
|
||||||
|
* accompanied this code).
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License version
|
||||||
|
* 2 along with this work; if not, write to the Free Software Foundation,
|
||||||
|
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||||
|
*
|
||||||
|
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
|
||||||
|
* CA 95054 USA or visit www.sun.com if you need additional information or
|
||||||
|
* have any questions.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* @test
|
||||||
|
* @bug 6690018
|
||||||
|
* @summary RSAClientKeyExchange NullPointerException
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Certificates and key used in the test.
|
||||||
|
*
|
||||||
|
* TLS server certificate:
|
||||||
|
* server private key:
|
||||||
|
* -----BEGIN RSA PRIVATE KEY-----
|
||||||
|
* Proc-Type: 4,ENCRYPTED
|
||||||
|
* DEK-Info: DES-EDE3-CBC,97EC03A2D031B7BC
|
||||||
|
*
|
||||||
|
* 22wrD+DPv3VF8xg9xoeBqHzFnOVbTLQgVulzaCECDF4zWdxElYKy4yYyY6dMDehi
|
||||||
|
* XT77NTsq1J14zjJHPp2/U6B5OpZxnf97ZSD0ZC9/DDe/2gjW4fY1Lv0TVP0PdXnm
|
||||||
|
* cj84RaDiiSk/cERlFzFJ5L8ULMwxdOtYwXwZ4upITw2lT+8zDlBD2i3zZ4TcWrzE
|
||||||
|
* /su5Kpu+Mp3wthfGX+ZGga2T/NS8ZCKZE+gJDPKQZ/x34VBw+YANQGyCJPv1iMaE
|
||||||
|
* RyagnpApH9OPSrRIp2iR6uWT6836CET2erbfPaC1odyd8IsbnLldVs9CklH7EgXL
|
||||||
|
* Nms+DqrQEbNmvMuQYEFyZEHN9D1fGONeacx+cjI85FyMSHSEO65JJmasAxgQe4nF
|
||||||
|
* /yVz3rNQ2qAGqBhjsjP/WaXuB2aLZiAli/HjN17EJws=
|
||||||
|
* -----END RSA PRIVATE KEY-----
|
||||||
|
*
|
||||||
|
* -----BEGIN RSA PRIVATE KEY-----
|
||||||
|
* MIIBOQIBAAJBALlfGg/5ZweJcW5zqLdnQ2uyircqDDlENKnv9FABOm/j0wnlPHqX
|
||||||
|
* CCqFBLoM7tG8ohci1SPy6fLJ5dqLf5FOH2sCAwEAAQJATO0/hpOMgx8xmJGc2Yeb
|
||||||
|
* /gyY7kwfyIAajs9Khw0LcDTYTo2EAI+vMmDpU+dvmOCLUqq/Z2tiKJhGyrmcBlxr
|
||||||
|
* kQIhAPYkbYovtvWHslxRb78x4eCrn2p1H7iolNKbyepjCI3zAiEAwMufJlLI9Q0O
|
||||||
|
* BIr7fPnUhbs9NyMHLIvIQAf/hXYubqkCIGJZR9NxIT+VyrSMbYQNoF0u9fGJfvU/
|
||||||
|
* lsdYLCOVEnP1AiAsSFjUx50K1CXNG1MqYIPU963W1T/Xln+3XV7ue7esiQIgW2Lu
|
||||||
|
* xGvz2dAUsGId+Xr2GZXb7ZucY/cPt4o5qdP1m7c=
|
||||||
|
* -----END RSA PRIVATE KEY-----
|
||||||
|
*
|
||||||
|
* Private-Key: (512 bit)
|
||||||
|
* modulus:
|
||||||
|
* 00:b9:5f:1a:0f:f9:67:07:89:71:6e:73:a8:b7:67:
|
||||||
|
* 43:6b:b2:8a:b7:2a:0c:39:44:34:a9:ef:f4:50:01:
|
||||||
|
* 3a:6f:e3:d3:09:e5:3c:7a:97:08:2a:85:04:ba:0c:
|
||||||
|
* ee:d1:bc:a2:17:22:d5:23:f2:e9:f2:c9:e5:da:8b:
|
||||||
|
* 7f:91:4e:1f:6b
|
||||||
|
* publicExponent: 65537 (0x10001)
|
||||||
|
* privateExponent:
|
||||||
|
* 4c:ed:3f:86:93:8c:83:1f:31:98:91:9c:d9:87:9b:
|
||||||
|
* fe:0c:98:ee:4c:1f:c8:80:1a:8e:cf:4a:87:0d:0b:
|
||||||
|
* 70:34:d8:4e:8d:84:00:8f:af:32:60:e9:53:e7:6f:
|
||||||
|
* 98:e0:8b:52:aa:bf:67:6b:62:28:98:46:ca:b9:9c:
|
||||||
|
* 06:5c:6b:91
|
||||||
|
* prime1:
|
||||||
|
* 00:f6:24:6d:8a:2f:b6:f5:87:b2:5c:51:6f:bf:31:
|
||||||
|
* e1:e0:ab:9f:6a:75:1f:b8:a8:94:d2:9b:c9:ea:63:
|
||||||
|
* 08:8d:f3
|
||||||
|
* prime2:
|
||||||
|
* 00:c0:cb:9f:26:52:c8:f5:0d:0e:04:8a:fb:7c:f9:
|
||||||
|
* d4:85:bb:3d:37:23:07:2c:8b:c8:40:07:ff:85:76:
|
||||||
|
* 2e:6e:a9
|
||||||
|
* exponent1:
|
||||||
|
* 62:59:47:d3:71:21:3f:95:ca:b4:8c:6d:84:0d:a0:
|
||||||
|
* 5d:2e:f5:f1:89:7e:f5:3f:96:c7:58:2c:23:95:12:
|
||||||
|
* 73:f5
|
||||||
|
* exponent2:
|
||||||
|
* 2c:48:58:d4:c7:9d:0a:d4:25:cd:1b:53:2a:60:83:
|
||||||
|
* d4:f7:ad:d6:d5:3f:d7:96:7f:b7:5d:5e:ee:7b:b7:
|
||||||
|
* ac:89
|
||||||
|
* coefficient:
|
||||||
|
* 5b:62:ee:c4:6b:f3:d9:d0:14:b0:62:1d:f9:7a:f6:
|
||||||
|
* 19:95:db:ed:9b:9c:63:f7:0f:b7:8a:39:a9:d3:f5:
|
||||||
|
* 9b:b7
|
||||||
|
*
|
||||||
|
*
|
||||||
|
* server certificate:
|
||||||
|
* Data:
|
||||||
|
* Version: 3 (0x2)
|
||||||
|
* Serial Number: 11 (0xb)
|
||||||
|
* Signature Algorithm: sha1WithRSAEncryption
|
||||||
|
* Issuer: C=US, ST=Some-State, O=Some Org, CN=Someone
|
||||||
|
* Validity
|
||||||
|
* Not Before: Apr 18 15:07:30 2008 GMT
|
||||||
|
* Not After : Jan 4 15:07:30 2028 GMT
|
||||||
|
* Subject: C=US, ST=Some-State, O=Some Org, CN=SomeoneExport
|
||||||
|
* Subject Public Key Info:
|
||||||
|
* Public Key Algorithm: rsaEncryption
|
||||||
|
* RSA Public Key: (512 bit)
|
||||||
|
* Modulus (512 bit):
|
||||||
|
* 00:b9:5f:1a:0f:f9:67:07:89:71:6e:73:a8:b7:67:
|
||||||
|
* 43:6b:b2:8a:b7:2a:0c:39:44:34:a9:ef:f4:50:01:
|
||||||
|
* 3a:6f:e3:d3:09:e5:3c:7a:97:08:2a:85:04:ba:0c:
|
||||||
|
* ee:d1:bc:a2:17:22:d5:23:f2:e9:f2:c9:e5:da:8b:
|
||||||
|
* 7f:91:4e:1f:6b
|
||||||
|
* Exponent: 65537 (0x10001)
|
||||||
|
* X509v3 extensions:
|
||||||
|
* X509v3 Basic Constraints:
|
||||||
|
* CA:FALSE
|
||||||
|
* X509v3 Key Usage:
|
||||||
|
* Digital Signature, Non Repudiation, Key Encipherment
|
||||||
|
* X509v3 Subject Key Identifier:
|
||||||
|
* F1:30:98:BE:7C:AA:F9:B1:91:38:60:AE:13:5F:67:9C:0A:32:9E:31
|
||||||
|
* X509v3 Authority Key Identifier:
|
||||||
|
* keyid:B5:32:43:D7:00:24:92:BA:E9:95:E5:F9:A3:64:6C:84:EE:33:2E:15
|
||||||
|
*
|
||||||
|
* -----BEGIN CERTIFICATE-----
|
||||||
|
* MIICIDCCAYmgAwIBAgIBCzANBgkqhkiG9w0BAQUFADBHMQswCQYDVQQGEwJVUzET
|
||||||
|
* MBEGA1UECBMKU29tZS1TdGF0ZTERMA8GA1UEChMIU29tZSBPcmcxEDAOBgNVBAMT
|
||||||
|
* B1NvbWVvbmUwHhcNMDgwNDE4MTUwNzMwWhcNMjgwMTA0MTUwNzMwWjBNMQswCQYD
|
||||||
|
* VQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTERMA8GA1UEChMIU29tZSBPcmcx
|
||||||
|
* FjAUBgNVBAMTDVNvbWVvbmVFeHBvcnQwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA
|
||||||
|
* uV8aD/lnB4lxbnOot2dDa7KKtyoMOUQ0qe/0UAE6b+PTCeU8epcIKoUEugzu0byi
|
||||||
|
* FyLVI/Lp8snl2ot/kU4fawIDAQABo1owWDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF
|
||||||
|
* 4DAdBgNVHQ4EFgQU8TCYvnyq+bGROGCuE19nnAoynjEwHwYDVR0jBBgwFoAUtTJD
|
||||||
|
* 1wAkkrrpleX5o2RshO4zLhUwDQYJKoZIhvcNAQEFBQADgYEAFU+fP9FSTQNVZOhv
|
||||||
|
* eJ+zq6wI/biwzTgPbAq3yu2gb5kT85z4nzqBhPd2LWWFXhUW/D8QyNZ54X30y0Ug
|
||||||
|
* 3NfUAvOANW7CgUbHBmm77KQiF4nWdh338qqq9HzLGrPqcxX0dmiq2RBVPy9wb2Ea
|
||||||
|
* FTZiU2v+9pkoLoSDnCOfPCg/4Q4=
|
||||||
|
* -----END CERTIFICATE-----
|
||||||
|
*
|
||||||
|
*
|
||||||
|
* Trusted CA certificate:
|
||||||
|
* Certificate:
|
||||||
|
* Data:
|
||||||
|
* Version: 3 (0x2)
|
||||||
|
* Serial Number: 0 (0x0)
|
||||||
|
* Signature Algorithm: md5WithRSAEncryption
|
||||||
|
* Issuer: C=US, ST=Some-State, O=Some Org, CN=Someone
|
||||||
|
* Validity
|
||||||
|
* Not Before: Mar 30 11:44:47 2001 GMT
|
||||||
|
* Not After : Apr 27 11:44:47 2028 GMT
|
||||||
|
* Subject: C=US, ST=Some-State, O=Some Org, CN=Someone
|
||||||
|
* Subject Public Key Info:
|
||||||
|
* Public Key Algorithm: rsaEncryption
|
||||||
|
* RSA Public Key: (1024 bit)
|
||||||
|
* Modulus (1024 bit):
|
||||||
|
* 00:c1:98:e4:7a:87:53:0f:94:87:dc:da:f3:59:39:
|
||||||
|
* 3e:36:95:e8:77:58:ff:46:8a:81:1b:5e:c5:4c:fa:
|
||||||
|
* b6:91:19:30:be:5b:ef:4c:aa:84:30:a4:9a:d4:68:
|
||||||
|
* af:ef:fa:b4:2c:76:8b:29:33:46:cf:38:74:7c:79:
|
||||||
|
* d5:07:a6:43:39:84:52:39:4f:8a:1c:f3:73:19:12:
|
||||||
|
* 40:cf:ee:a1:77:43:01:02:be:8d:32:11:28:70:f4:
|
||||||
|
* cf:ab:43:75:e4:fb:74:f1:8c:2e:43:24:ba:85:3f:
|
||||||
|
* 66:3a:05:ea:f7:ce:5b:97:e2:34:a3:f0:87:f4:f8:
|
||||||
|
* d1:59:12:5a:68:b7:78:64:a9
|
||||||
|
* Exponent: 65537 (0x10001)
|
||||||
|
* X509v3 extensions:
|
||||||
|
* X509v3 Subject Key Identifier:
|
||||||
|
* B5:32:43:D7:00:24:92:BA:E9:95:E5:F9:A3:64:6C:84:EE:33:2E:15
|
||||||
|
* X509v3 Authority Key Identifier:
|
||||||
|
* keyid:B5:32:43:D7:00:24:92:BA:E9:95:E5:F9:A3:64:6C:84:EE:33:2E:15
|
||||||
|
* DirName:/C=US/ST=Some-State/O=Some Org/CN=Someone
|
||||||
|
* serial:00
|
||||||
|
*
|
||||||
|
* X509v3 Basic Constraints:
|
||||||
|
* CA:TRUE
|
||||||
|
*
|
||||||
|
* -----BEGIN CERTIFICATE-----
|
||||||
|
* MIICpjCCAg+gAwIBAgIBADANBgkqhkiG9w0BAQQFADBHMQswCQYDVQQGEwJVUzET
|
||||||
|
* MBEGA1UECBMKU29tZS1TdGF0ZTERMA8GA1UEChMIU29tZSBPcmcxEDAOBgNVBAMT
|
||||||
|
* B1NvbWVvbmUwHhcNMDEwMzMwMTE0NDQ3WhcNMjgwNDI3MTE0NDQ3WjBHMQswCQYD
|
||||||
|
* VQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTERMA8GA1UEChMIU29tZSBPcmcx
|
||||||
|
* EDAOBgNVBAMTB1NvbWVvbmUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMGY
|
||||||
|
* 5HqHUw+Uh9za81k5PjaV6HdY/0aKgRtexUz6tpEZML5b70yqhDCkmtRor+/6tCx2
|
||||||
|
* iykzRs84dHx51QemQzmEUjlPihzzcxkSQM/uoXdDAQK+jTIRKHD0z6tDdeT7dPGM
|
||||||
|
* LkMkuoU/ZjoF6vfOW5fiNKPwh/T40VkSWmi3eGSpAgMBAAGjgaEwgZ4wHQYDVR0O
|
||||||
|
* BBYEFLUyQ9cAJJK66ZXl+aNkbITuMy4VMG8GA1UdIwRoMGaAFLUyQ9cAJJK66ZXl
|
||||||
|
* +aNkbITuMy4VoUukSTBHMQswCQYDVQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0
|
||||||
|
* ZTERMA8GA1UEChMIU29tZSBPcmcxEDAOBgNVBAMTB1NvbWVvbmWCAQAwDAYDVR0T
|
||||||
|
* BAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQBhf3PX0xWxtaUwZlWCO7GfPwCKgBWr
|
||||||
|
* CXqlqjtWHCshaaU7wUsDOwxFDWwKjFrMerQLsLuBlhdXEbNfSPjychkQtfezQHcS
|
||||||
|
* q0Atq7+KVSmRbDw6oKVRs5v1BBzLCupy+o16fNz3/hwreAWwQnSMtAh/osNS9w1b
|
||||||
|
* QeVWU+JV47H+vg==
|
||||||
|
* -----END CERTIFICATE-----
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
import java.io.*;
|
||||||
|
import java.net.*;
|
||||||
|
import java.security.KeyStore;
|
||||||
|
import java.security.KeyFactory;
|
||||||
|
import java.security.cert.Certificate;
|
||||||
|
import java.security.cert.CertificateFactory;
|
||||||
|
import java.security.spec.*;
|
||||||
|
import java.security.interfaces.*;
|
||||||
|
import javax.net.ssl.*;
|
||||||
|
import java.math.BigInteger;
|
||||||
|
|
||||||
|
public class RSAExport {
|
||||||
|
|
||||||
|
/*
|
||||||
|
* =============================================================
|
||||||
|
* Set the various variables needed for the tests, then
|
||||||
|
* specify what tests to run on each side.
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Should we run the client or server in a separate thread?
|
||||||
|
* Both sides can throw exceptions, but do you have a preference
|
||||||
|
* as to which side should be the main thread.
|
||||||
|
*/
|
||||||
|
static boolean separateServerThread = true;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Where do we find the keystores?
|
||||||
|
*/
|
||||||
|
static String trusedCertStr =
|
||||||
|
"-----BEGIN CERTIFICATE-----\n" +
|
||||||
|
"MIICpjCCAg+gAwIBAgIBADANBgkqhkiG9w0BAQQFADBHMQswCQYDVQQGEwJVUzET\n" +
|
||||||
|
"MBEGA1UECBMKU29tZS1TdGF0ZTERMA8GA1UEChMIU29tZSBPcmcxEDAOBgNVBAMT\n" +
|
||||||
|
"B1NvbWVvbmUwHhcNMDEwMzMwMTE0NDQ3WhcNMjgwNDI3MTE0NDQ3WjBHMQswCQYD\n" +
|
||||||
|
"VQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTERMA8GA1UEChMIU29tZSBPcmcx\n" +
|
||||||
|
"EDAOBgNVBAMTB1NvbWVvbmUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMGY\n" +
|
||||||
|
"5HqHUw+Uh9za81k5PjaV6HdY/0aKgRtexUz6tpEZML5b70yqhDCkmtRor+/6tCx2\n" +
|
||||||
|
"iykzRs84dHx51QemQzmEUjlPihzzcxkSQM/uoXdDAQK+jTIRKHD0z6tDdeT7dPGM\n" +
|
||||||
|
"LkMkuoU/ZjoF6vfOW5fiNKPwh/T40VkSWmi3eGSpAgMBAAGjgaEwgZ4wHQYDVR0O\n" +
|
||||||
|
"BBYEFLUyQ9cAJJK66ZXl+aNkbITuMy4VMG8GA1UdIwRoMGaAFLUyQ9cAJJK66ZXl\n" +
|
||||||
|
"+aNkbITuMy4VoUukSTBHMQswCQYDVQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0\n" +
|
||||||
|
"ZTERMA8GA1UEChMIU29tZSBPcmcxEDAOBgNVBAMTB1NvbWVvbmWCAQAwDAYDVR0T\n" +
|
||||||
|
"BAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQBhf3PX0xWxtaUwZlWCO7GfPwCKgBWr\n" +
|
||||||
|
"CXqlqjtWHCshaaU7wUsDOwxFDWwKjFrMerQLsLuBlhdXEbNfSPjychkQtfezQHcS\n" +
|
||||||
|
"q0Atq7+KVSmRbDw6oKVRs5v1BBzLCupy+o16fNz3/hwreAWwQnSMtAh/osNS9w1b\n" +
|
||||||
|
"QeVWU+JV47H+vg==\n" +
|
||||||
|
"-----END CERTIFICATE-----";
|
||||||
|
|
||||||
|
static String serverCertStr =
|
||||||
|
"-----BEGIN CERTIFICATE-----\n" +
|
||||||
|
"MIICIDCCAYmgAwIBAgIBCzANBgkqhkiG9w0BAQUFADBHMQswCQYDVQQGEwJVUzET\n" +
|
||||||
|
"MBEGA1UECBMKU29tZS1TdGF0ZTERMA8GA1UEChMIU29tZSBPcmcxEDAOBgNVBAMT\n" +
|
||||||
|
"B1NvbWVvbmUwHhcNMDgwNDE4MTUwNzMwWhcNMjgwMTA0MTUwNzMwWjBNMQswCQYD\n" +
|
||||||
|
"VQQGEwJVUzETMBEGA1UECBMKU29tZS1TdGF0ZTERMA8GA1UEChMIU29tZSBPcmcx\n" +
|
||||||
|
"FjAUBgNVBAMTDVNvbWVvbmVFeHBvcnQwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA\n" +
|
||||||
|
"uV8aD/lnB4lxbnOot2dDa7KKtyoMOUQ0qe/0UAE6b+PTCeU8epcIKoUEugzu0byi\n" +
|
||||||
|
"FyLVI/Lp8snl2ot/kU4fawIDAQABo1owWDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF\n" +
|
||||||
|
"4DAdBgNVHQ4EFgQU8TCYvnyq+bGROGCuE19nnAoynjEwHwYDVR0jBBgwFoAUtTJD\n" +
|
||||||
|
"1wAkkrrpleX5o2RshO4zLhUwDQYJKoZIhvcNAQEFBQADgYEAFU+fP9FSTQNVZOhv\n" +
|
||||||
|
"eJ+zq6wI/biwzTgPbAq3yu2gb5kT85z4nzqBhPd2LWWFXhUW/D8QyNZ54X30y0Ug\n" +
|
||||||
|
"3NfUAvOANW7CgUbHBmm77KQiF4nWdh338qqq9HzLGrPqcxX0dmiq2RBVPy9wb2Ea\n" +
|
||||||
|
"FTZiU2v+9pkoLoSDnCOfPCg/4Q4=\n" +
|
||||||
|
"-----END CERTIFICATE-----";
|
||||||
|
|
||||||
|
static byte privateExponent[] = {
|
||||||
|
(byte)0x4c, (byte)0xed, (byte)0x3f, (byte)0x86,
|
||||||
|
(byte)0x93, (byte)0x8c, (byte)0x83, (byte)0x1f,
|
||||||
|
(byte)0x31, (byte)0x98, (byte)0x91, (byte)0x9c,
|
||||||
|
(byte)0xd9, (byte)0x87, (byte)0x9b, (byte)0xfe,
|
||||||
|
(byte)0x0c, (byte)0x98, (byte)0xee, (byte)0x4c,
|
||||||
|
(byte)0x1f, (byte)0xc8, (byte)0x80, (byte)0x1a,
|
||||||
|
(byte)0x8e, (byte)0xcf, (byte)0x4a, (byte)0x87,
|
||||||
|
(byte)0x0d, (byte)0x0b, (byte)0x70, (byte)0x34,
|
||||||
|
(byte)0xd8, (byte)0x4e, (byte)0x8d, (byte)0x84,
|
||||||
|
(byte)0x00, (byte)0x8f, (byte)0xaf, (byte)0x32,
|
||||||
|
(byte)0x60, (byte)0xe9, (byte)0x53, (byte)0xe7,
|
||||||
|
(byte)0x6f, (byte)0x98, (byte)0xe0, (byte)0x8b,
|
||||||
|
(byte)0x52, (byte)0xaa, (byte)0xbf, (byte)0x67,
|
||||||
|
(byte)0x6b, (byte)0x62, (byte)0x28, (byte)0x98,
|
||||||
|
(byte)0x46, (byte)0xca, (byte)0xb9, (byte)0x9c,
|
||||||
|
(byte)0x06, (byte)0x5c, (byte)0x6b, (byte)0x91
|
||||||
|
};
|
||||||
|
|
||||||
|
static byte modulus[] = {
|
||||||
|
(byte)0x00,
|
||||||
|
(byte)0xb9, (byte)0x5f, (byte)0x1a, (byte)0x0f,
|
||||||
|
(byte)0xf9, (byte)0x67, (byte)0x07, (byte)0x89,
|
||||||
|
(byte)0x71, (byte)0x6e, (byte)0x73, (byte)0xa8,
|
||||||
|
(byte)0xb7, (byte)0x67, (byte)0x43, (byte)0x6b,
|
||||||
|
(byte)0xb2, (byte)0x8a, (byte)0xb7, (byte)0x2a,
|
||||||
|
(byte)0x0c, (byte)0x39, (byte)0x44, (byte)0x34,
|
||||||
|
(byte)0xa9, (byte)0xef, (byte)0xf4, (byte)0x50,
|
||||||
|
(byte)0x01, (byte)0x3a, (byte)0x6f, (byte)0xe3,
|
||||||
|
(byte)0xd3, (byte)0x09, (byte)0xe5, (byte)0x3c,
|
||||||
|
(byte)0x7a, (byte)0x97, (byte)0x08, (byte)0x2a,
|
||||||
|
(byte)0x85, (byte)0x04, (byte)0xba, (byte)0x0c,
|
||||||
|
(byte)0xee, (byte)0xd1, (byte)0xbc, (byte)0xa2,
|
||||||
|
(byte)0x17, (byte)0x22, (byte)0xd5, (byte)0x23,
|
||||||
|
(byte)0xf2, (byte)0xe9, (byte)0xf2, (byte)0xc9,
|
||||||
|
(byte)0xe5, (byte)0xda, (byte)0x8b, (byte)0x7f,
|
||||||
|
(byte)0x91, (byte)0x4e, (byte)0x1f, (byte)0x6b
|
||||||
|
};
|
||||||
|
|
||||||
|
static char passphrase[] = "passphrase".toCharArray();
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Is the server ready to serve?
|
||||||
|
*/
|
||||||
|
volatile static boolean serverReady = false;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Turn on SSL debugging?
|
||||||
|
*/
|
||||||
|
static boolean debug = false;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If the client or server is doing some kind of object creation
|
||||||
|
* that the other side depends on, and that thread prematurely
|
||||||
|
* exits, you may experience a hang. The test harness will
|
||||||
|
* terminate all hung threads after its timeout has expired,
|
||||||
|
* currently 3 minutes by default, but you might try to be
|
||||||
|
* smart about it....
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Define the server side of the test.
|
||||||
|
*
|
||||||
|
* If the server prematurely exits, serverReady will be set to true
|
||||||
|
* to avoid infinite hangs.
|
||||||
|
*/
|
||||||
|
void doServerSide() throws Exception {
|
||||||
|
SSLServerSocketFactory sslssf =
|
||||||
|
getSSLContext(true).getServerSocketFactory();
|
||||||
|
SSLServerSocket sslServerSocket =
|
||||||
|
(SSLServerSocket) sslssf.createServerSocket(serverPort);
|
||||||
|
|
||||||
|
serverPort = sslServerSocket.getLocalPort();
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Signal Client, we're ready for this connect.
|
||||||
|
*/
|
||||||
|
serverReady = true;
|
||||||
|
|
||||||
|
// Enable RSA_EXPORT cipher suites only.
|
||||||
|
try {
|
||||||
|
String enabledSuites[] = {
|
||||||
|
"SSL_RSA_EXPORT_WITH_RC4_40_MD5",
|
||||||
|
"SSL_RSA_EXPORT_WITH_DES40_CBC_SHA"};
|
||||||
|
sslServerSocket.setEnabledCipherSuites(enabledSuites);
|
||||||
|
} catch (IllegalArgumentException iae) {
|
||||||
|
// ignore the exception a cipher suite is unsupported.
|
||||||
|
}
|
||||||
|
|
||||||
|
SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();
|
||||||
|
InputStream sslIS = sslSocket.getInputStream();
|
||||||
|
OutputStream sslOS = sslSocket.getOutputStream();
|
||||||
|
|
||||||
|
sslIS.read();
|
||||||
|
sslOS.write(85);
|
||||||
|
sslOS.flush();
|
||||||
|
|
||||||
|
|
||||||
|
sslSocket.close();
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Define the client side of the test.
|
||||||
|
*
|
||||||
|
* If the server prematurely exits, serverReady will be set to true
|
||||||
|
* to avoid infinite hangs.
|
||||||
|
*/
|
||||||
|
void doClientSide() throws Exception {
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Wait for server to get started.
|
||||||
|
*/
|
||||||
|
while (!serverReady) {
|
||||||
|
Thread.sleep(50);
|
||||||
|
}
|
||||||
|
|
||||||
|
SSLSocketFactory sslsf =
|
||||||
|
getSSLContext(false).getSocketFactory();
|
||||||
|
SSLSocket sslSocket = (SSLSocket)
|
||||||
|
sslsf.createSocket("localhost", serverPort);
|
||||||
|
|
||||||
|
// Enable RSA_EXPORT cipher suites only.
|
||||||
|
try {
|
||||||
|
String enabledSuites[] = {
|
||||||
|
"SSL_RSA_EXPORT_WITH_RC4_40_MD5",
|
||||||
|
"SSL_RSA_EXPORT_WITH_DES40_CBC_SHA"};
|
||||||
|
sslSocket.setEnabledCipherSuites(enabledSuites);
|
||||||
|
} catch (IllegalArgumentException iae) {
|
||||||
|
// ignore the exception a cipher suite is unsupported.
|
||||||
|
}
|
||||||
|
|
||||||
|
InputStream sslIS = sslSocket.getInputStream();
|
||||||
|
OutputStream sslOS = sslSocket.getOutputStream();
|
||||||
|
|
||||||
|
sslOS.write(280);
|
||||||
|
sslOS.flush();
|
||||||
|
sslIS.read();
|
||||||
|
|
||||||
|
sslSocket.close();
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* =============================================================
|
||||||
|
* The remainder is just support stuff
|
||||||
|
*/
|
||||||
|
|
||||||
|
// use any free port by default
|
||||||
|
volatile int serverPort = 0;
|
||||||
|
|
||||||
|
volatile Exception serverException = null;
|
||||||
|
volatile Exception clientException = null;
|
||||||
|
|
||||||
|
public static void main(String[] args) throws Exception {
|
||||||
|
if (debug)
|
||||||
|
System.setProperty("javax.net.debug", "all");
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Start the tests.
|
||||||
|
*/
|
||||||
|
new RSAExport();
|
||||||
|
}
|
||||||
|
|
||||||
|
Thread clientThread = null;
|
||||||
|
Thread serverThread = null;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Primary constructor, used to drive remainder of the test.
|
||||||
|
*
|
||||||
|
* Fork off the other side, then do your work.
|
||||||
|
*/
|
||||||
|
RSAExport() throws Exception {
|
||||||
|
if (separateServerThread) {
|
||||||
|
startServer(true);
|
||||||
|
startClient(false);
|
||||||
|
} else {
|
||||||
|
startClient(true);
|
||||||
|
startServer(false);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Wait for other side to close down.
|
||||||
|
*/
|
||||||
|
if (separateServerThread) {
|
||||||
|
serverThread.join();
|
||||||
|
} else {
|
||||||
|
clientThread.join();
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* When we get here, the test is pretty much over.
|
||||||
|
*
|
||||||
|
* If the main thread excepted, that propagates back
|
||||||
|
* immediately. If the other thread threw an exception, we
|
||||||
|
* should report back.
|
||||||
|
*/
|
||||||
|
if (serverException != null)
|
||||||
|
throw serverException;
|
||||||
|
if (clientException != null)
|
||||||
|
throw clientException;
|
||||||
|
}
|
||||||
|
|
||||||
|
void startServer(boolean newThread) throws Exception {
|
||||||
|
if (newThread) {
|
||||||
|
serverThread = new Thread() {
|
||||||
|
public void run() {
|
||||||
|
try {
|
||||||
|
doServerSide();
|
||||||
|
} catch (Exception e) {
|
||||||
|
/*
|
||||||
|
* Our server thread just died.
|
||||||
|
*
|
||||||
|
* Release the client, if not active already...
|
||||||
|
*/
|
||||||
|
System.err.println("Server died..." + e);
|
||||||
|
serverReady = true;
|
||||||
|
serverException = e;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
};
|
||||||
|
serverThread.start();
|
||||||
|
} else {
|
||||||
|
doServerSide();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
void startClient(boolean newThread) throws Exception {
|
||||||
|
if (newThread) {
|
||||||
|
clientThread = new Thread() {
|
||||||
|
public void run() {
|
||||||
|
try {
|
||||||
|
doClientSide();
|
||||||
|
} catch (Exception e) {
|
||||||
|
/*
|
||||||
|
* Our client thread just died.
|
||||||
|
*/
|
||||||
|
System.err.println("Client died...");
|
||||||
|
clientException = e;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
};
|
||||||
|
clientThread.start();
|
||||||
|
} else {
|
||||||
|
doClientSide();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Get the SSL context
|
||||||
|
private SSLContext getSSLContext(boolean authnRequired) throws Exception {
|
||||||
|
// generate certificate from cert string
|
||||||
|
CertificateFactory cf = CertificateFactory.getInstance("X.509");
|
||||||
|
|
||||||
|
ByteArrayInputStream is =
|
||||||
|
new ByteArrayInputStream(trusedCertStr.getBytes());
|
||||||
|
Certificate trustedCert = cf.generateCertificate(is);
|
||||||
|
|
||||||
|
// create a key store
|
||||||
|
KeyStore ks = KeyStore.getInstance("JKS");
|
||||||
|
ks.load(null, null);
|
||||||
|
|
||||||
|
// import the trusted cert
|
||||||
|
ks.setCertificateEntry("RSA Export Signer", trustedCert);
|
||||||
|
|
||||||
|
if (authnRequired) {
|
||||||
|
// generate the private key.
|
||||||
|
RSAPrivateKeySpec priKeySpec = new RSAPrivateKeySpec(
|
||||||
|
new BigInteger(modulus),
|
||||||
|
new BigInteger(privateExponent));
|
||||||
|
KeyFactory kf = KeyFactory.getInstance("RSA");
|
||||||
|
RSAPrivateKey priKey =
|
||||||
|
(RSAPrivateKey)kf.generatePrivate(priKeySpec);
|
||||||
|
|
||||||
|
// generate certificate chain
|
||||||
|
is = new ByteArrayInputStream(serverCertStr.getBytes());
|
||||||
|
Certificate serverCert = cf.generateCertificate(is);
|
||||||
|
|
||||||
|
Certificate[] chain = new Certificate[2];
|
||||||
|
chain[0] = serverCert;
|
||||||
|
chain[1] = trustedCert;
|
||||||
|
|
||||||
|
// import the key entry.
|
||||||
|
ks.setKeyEntry("RSA Export", priKey, passphrase, chain);
|
||||||
|
}
|
||||||
|
|
||||||
|
// create SSL context
|
||||||
|
TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX");
|
||||||
|
tmf.init(ks);
|
||||||
|
|
||||||
|
SSLContext ctx = SSLContext.getInstance("TLS");
|
||||||
|
if (authnRequired) {
|
||||||
|
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
|
||||||
|
kmf.init(ks, passphrase);
|
||||||
|
|
||||||
|
ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
|
||||||
|
} else {
|
||||||
|
ctx.init(null, tmf.getTrustManagers(), null);
|
||||||
|
}
|
||||||
|
|
||||||
|
return ctx;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
@ -30,7 +30,7 @@
|
|||||||
#
|
#
|
||||||
# @run shell/manual console.sh
|
# @run shell/manual console.sh
|
||||||
|
|
||||||
if [ "$ALT_PASS" == "" ]; then
|
if [ "$ALT_PASS" = "" ]; then
|
||||||
export PASS=äöäöäöäö
|
export PASS=äöäöäöäö
|
||||||
else
|
else
|
||||||
export PASS=$ALT_PASS
|
export PASS=$ALT_PASS
|
||||||
@ -87,3 +87,6 @@ echo $PASS| $J5/bin/keytool -keystore kkk -genkey -dname CN=olala
|
|||||||
$JM/bin/keytool -keystore kkk -list
|
$JM/bin/keytool -keystore kkk -list
|
||||||
echo $PASS| $J5/bin/keytool -keystore kkk -list
|
echo $PASS| $J5/bin/keytool -keystore kkk -list
|
||||||
echo $PASS| $JM/bin/keytool -keystore kkk -list
|
echo $PASS| $JM/bin/keytool -keystore kkk -list
|
||||||
|
rm kkk
|
||||||
|
|
||||||
|
exit 0
|
||||||
|
Loading…
x
Reference in New Issue
Block a user