1 /*
2  * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4  *
5  * This code is free software; you can redistribute it and/or modify it
6  * under the terms of the GNU General Public License version 2 only, as
7  * published by the Free Software Foundation.
8  *
9  * This code is distributed in the hope that it will be useful, but WITHOUT
10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12  * version 2 for more details (a copy is included in the LICENSE file that
13  * accompanied this code).
14  *
15  * You should have received a copy of the GNU General Public License version
16  * 2 along with this work; if not, write to the Free Software Foundation,
17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18  *
19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20  * or visit www.oracle.com if you need additional information or have any
21  * questions.
22  */
23 
24 /*
25  * @test
26  * @bug 5053815
27  * @summary unspecified exceptions in X509TrustManager.checkClient[Server]Truste
28 d
29  * @author Xuelei Fan
30  */
31 
32 import java.io.*;
33 import java.net.*;
34 import javax.net.ssl.*;
35 import java.security.cert.X509Certificate;
36 import java.security.*;
37 import java.util.Enumeration;
38 
39 public class CheckNullEntity {
40 
41     /*
42      * =============================================================
43      * Set the various variables needed for the tests, then
44      * specify what tests to run on each side.
45      */
46 
47     /*
48      * Should we run the client or server in a separate thread?
49      * Both sides can throw exceptions, but do you have a preference
50      * as to which side should be the main thread.
51      */
52     static boolean separateServerThread = true;
53 
54     /*
55      * Where do we find the keystores?
56      */
57     static String pathToStores = "../../../../javax/net/ssl/etc";
58     static String keyStoreFile = "keystore";
59     static String trustStoreFile = "truststore";
60     static String passwd = "passphrase";
61 
initialize()62     private void initialize() throws Exception {
63         String trustFilename =
64             System.getProperty("test.src", "./") + "/" + pathToStores +
65                 "/" + trustStoreFile;
66         char[] passphrase = "passphrase".toCharArray();
67 
68         KeyStore ks = KeyStore.getInstance("JKS");
69         ks.load(new FileInputStream(trustFilename), passphrase);
70 
71         for (Enumeration e = ks.aliases() ; e.hasMoreElements() ;) {
72             String alias = (String)e.nextElement();
73             if (ks.isCertificateEntry(alias)) {
74                 certChain[0] = (X509Certificate)ks.getCertificate(alias);
75                 break;
76             }
77         }
78 
79         TrustManagerFactory tmf =
80             TrustManagerFactory.getInstance("SunX509");
81         tmf.init(ks);
82 
83         trustManager = (X509TrustManager)(tmf.getTrustManagers())[0];
84     }
85 
86     /*
87      * =============================================================
88      * The remainder is just support stuff
89      */
main(String[] args)90     public static void main(String[] args) throws Exception {
91         /*
92          * Start the tests.
93          */
94         new CheckNullEntity();
95     }
96 
97     X509Certificate[] certChain = {null, null};
98     X509TrustManager trustManager = null;
99 
100     /*
101      * Primary constructor, used to drive remainder of the test.
102      *
103      * Fork off the other side, then do your work.
104      */
CheckNullEntity()105     CheckNullEntity() throws Exception {
106         String authType = "RSA";
107         int failed = 0x3F; // indicate six tests for normal TM
108         int extFailed = 0x3F; // indicate six tests for extended TM
109 
110         initialize();
111         try {
112             try {
113                 trustManager.checkClientTrusted(certChain, (String)null);
114             } catch (IllegalArgumentException iae) {
115                 // get the right exception
116                 failed >>= 1;
117             }
118 
119             try {
120                 trustManager.checkServerTrusted(certChain, (String)null);
121             } catch (IllegalArgumentException iae) {
122                 // get the right exception
123                 failed >>= 1;
124             }
125 
126             try {
127                 trustManager.checkClientTrusted(certChain, "");
128             } catch (IllegalArgumentException iae) {
129                 // get the right exception
130                 failed >>= 1;
131             }
132 
133             try {
134                 trustManager.checkServerTrusted(certChain, "");
135             } catch (IllegalArgumentException iae) {
136                 // get the right exception
137                 failed >>= 1;
138             }
139 
140             try {
141                 trustManager.checkClientTrusted(null, authType);
142             } catch (IllegalArgumentException iae) {
143                 // get the right exception
144                 failed >>= 1;
145             }
146 
147             try {
148                 trustManager.checkServerTrusted(null, authType);
149             } catch (IllegalArgumentException iae) {
150                 // get the right exception
151                 failed >>= 1;
152             }
153 
154             if (trustManager instanceof X509ExtendedTrustManager) {
155                 try {
156                     ((X509ExtendedTrustManager)trustManager).checkClientTrusted(
157                         certChain, (String)null, (Socket)null);
158                 } catch (IllegalArgumentException iae) {
159                     // get the right exception
160                     extFailed >>= 1;
161                 }
162 
163                 try {
164                     ((X509ExtendedTrustManager)trustManager).checkServerTrusted(
165                         certChain, (String)null, (Socket)null);
166                 } catch (IllegalArgumentException iae) {
167                     // get the right exception
168                     extFailed >>= 1;
169                 }
170 
171                 try {
172                     ((X509ExtendedTrustManager)trustManager).checkClientTrusted(
173                         certChain, "", (Socket)null);
174                 } catch (IllegalArgumentException iae) {
175                     // get the right exception
176                     extFailed >>= 1;
177                 }
178 
179                 try {
180                     ((X509ExtendedTrustManager)trustManager).checkServerTrusted(
181                         certChain, "", (Socket)null);
182                 } catch (IllegalArgumentException iae) {
183                     // get the right exception
184                     extFailed >>= 1;
185                 }
186 
187                 try {
188                     ((X509ExtendedTrustManager)trustManager).checkClientTrusted(
189                         null, authType, (Socket)null);
190                 } catch (IllegalArgumentException iae) {
191                     // get the right exception
192                     extFailed >>= 1;
193                 }
194 
195                 try {
196                     ((X509ExtendedTrustManager)trustManager).checkServerTrusted(
197                         null, authType, (Socket)null);
198                 } catch (IllegalArgumentException iae) {
199                     // get the right exception
200                     extFailed >>= 1;
201                 }
202             } else {
203                 extFailed = 0;
204             }
205         } catch (NullPointerException npe) {
206             // IllegalArgumentException should be thrown
207             failed = 1;
208         } catch (Exception e) {
209             // ignore
210             System.out.println("Got another exception e" + e);
211         }
212 
213         if (failed != 0 || extFailed != 0) {
214             throw new Exception("Should throw IllegalArgumentException");
215         }
216     }
217 }
218