/* * Copyright 2002-2005 Sun Microsystems, Inc. All Rights Reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License version 2 only, as * published by the Free Software Foundation. * * This code is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * version 2 for more details (a copy is included in the LICENSE file that * accompanied this code). * * You should have received a copy of the GNU General Public License version * 2 along with this work; if not, write to the Free Software Foundation, * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. * * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, * CA 95054 USA or visit www.sun.com if you need additional information or * have any questions. */ import java.io.*; import java.net.*; import java.util.*; import java.security.*; import java.security.cert.*; import java.security.cert.Certificate; import javax.net.ssl.*; class JSSEClient extends CipherTest.Client { private final SSLContext sslContext; private final MyX509KeyManager keyManager; JSSEClient(CipherTest cipherTest) throws Exception { super(cipherTest); this.keyManager = new MyX509KeyManager(CipherTest.keyManager); sslContext = SSLContext.getInstance("TLS"); } void runTest(CipherTest.TestParameters params) throws Exception { SSLSocket socket = null; try { keyManager.setAuthType(params.clientAuth); sslContext.init(new KeyManager[] {CipherTest.keyManager}, new TrustManager[] {cipherTest.trustManager}, cipherTest.secureRandom); SSLSocketFactory factory = (SSLSocketFactory)sslContext.getSocketFactory(); socket = (SSLSocket)factory.createSocket("127.0.0.1", cipherTest.serverPort); socket.setSoTimeout(cipherTest.TIMEOUT); socket.setEnabledCipherSuites(new String[] {params.cipherSuite}); socket.setEnabledProtocols(new String[] {params.protocol}); InputStream in = socket.getInputStream(); OutputStream out = socket.getOutputStream(); sendRequest(in, out); socket.close(); SSLSession session = socket.getSession(); session.invalidate(); String cipherSuite = session.getCipherSuite(); if (params.cipherSuite.equals(cipherSuite) == false) { throw new Exception("Negotiated ciphersuite mismatch: " + cipherSuite + " != " + params.cipherSuite); } String protocol = session.getProtocol(); if (params.protocol.equals(protocol) == false) { throw new Exception("Negotiated protocol mismatch: " + protocol + " != " + params.protocol); } if (cipherSuite.indexOf("DH_anon") == -1) { session.getPeerCertificates(); } Certificate[] certificates = session.getLocalCertificates(); if (params.clientAuth == null) { if (certificates != null) { throw new Exception("Local certificates should be null"); } } else { if ((certificates == null) || (certificates.length == 0)) { throw new Exception("Certificates missing"); } String keyAlg = certificates[0].getPublicKey().getAlgorithm(); if (params.clientAuth != keyAlg) { throw new Exception("Certificate type mismatch: " + keyAlg + " != " + params.clientAuth); } } } finally { if (socket != null) { socket.close(); } } } }