1 /* 2 * Copyright (c) 2002, 2005, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 import java.io.*; 25 import java.net.*; 26 import java.util.*; 27 28 import java.security.*; 29 import java.security.cert.*; 30 import java.security.cert.Certificate; 31 32 import javax.net.ssl.*; 33 34 class JSSEClient extends CipherTest.Client { 35 36 private final SSLContext sslContext; 37 private final MyX509KeyManager keyManager; 38 JSSEClient(CipherTest cipherTest)39 JSSEClient(CipherTest cipherTest) throws Exception { 40 super(cipherTest); 41 this.keyManager = new MyX509KeyManager(CipherTest.keyManager); 42 sslContext = SSLContext.getInstance("TLS"); 43 } 44 runTest(CipherTest.TestParameters params)45 void runTest(CipherTest.TestParameters params) throws Exception { 46 SSLSocket socket = null; 47 try { 48 keyManager.setAuthType(params.clientAuth); 49 sslContext.init(new KeyManager[] {CipherTest.keyManager}, new TrustManager[] {cipherTest.trustManager}, cipherTest.secureRandom); 50 SSLSocketFactory factory = (SSLSocketFactory)sslContext.getSocketFactory(); 51 socket = (SSLSocket)factory.createSocket("127.0.0.1", cipherTest.serverPort); 52 socket.setSoTimeout(cipherTest.TIMEOUT); 53 socket.setEnabledCipherSuites(new String[] {params.cipherSuite}); 54 socket.setEnabledProtocols(new String[] {params.protocol}); 55 InputStream in = socket.getInputStream(); 56 OutputStream out = socket.getOutputStream(); 57 sendRequest(in, out); 58 socket.close(); 59 SSLSession session = socket.getSession(); 60 session.invalidate(); 61 String cipherSuite = session.getCipherSuite(); 62 if (params.cipherSuite.equals(cipherSuite) == false) { 63 throw new Exception("Negotiated ciphersuite mismatch: " + cipherSuite + " != " + params.cipherSuite); 64 } 65 String protocol = session.getProtocol(); 66 if (params.protocol.equals(protocol) == false) { 67 throw new Exception("Negotiated protocol mismatch: " + protocol + " != " + params.protocol); 68 } 69 if (cipherSuite.indexOf("DH_anon") == -1) { 70 session.getPeerCertificates(); 71 } 72 Certificate[] certificates = session.getLocalCertificates(); 73 if (params.clientAuth == null) { 74 if (certificates != null) { 75 throw new Exception("Local certificates should be null"); 76 } 77 } else { 78 if ((certificates == null) || (certificates.length == 0)) { 79 throw new Exception("Certificates missing"); 80 } 81 String keyAlg = certificates[0].getPublicKey().getAlgorithm(); 82 if (params.clientAuth != keyAlg) { 83 throw new Exception("Certificate type mismatch: " + keyAlg + " != " + params.clientAuth); 84 } 85 } 86 } finally { 87 if (socket != null) { 88 socket.close(); 89 } 90 } 91 } 92 93 } 94