1/* 2 * Copyright (c) 2002, 2005, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 25import java.io.*; 26import java.net.*; 27import java.util.*; 28 29import java.security.*; 30import java.security.cert.*; 31import java.security.cert.Certificate; 32 33import javax.net.ssl.*; 34 35class JSSEClient extends CipherTest.Client { 36 37 private final SSLContext sslContext; 38 private final MyX509KeyManager keyManager; 39 40 JSSEClient(CipherTest cipherTest) throws Exception { 41 super(cipherTest); 42 this.keyManager = new MyX509KeyManager(CipherTest.keyManager); 43 sslContext = SSLContext.getInstance("TLS"); 44 } 45 46 void runTest(CipherTest.TestParameters params) throws Exception { 47 SSLSocket socket = null; 48 try { 49 keyManager.setAuthType(params.clientAuth); 50 sslContext.init(new KeyManager[] {keyManager}, new TrustManager[] {cipherTest.trustManager}, cipherTest.secureRandom); 51 SSLSocketFactory factory = (SSLSocketFactory)sslContext.getSocketFactory(); 52 socket = (SSLSocket)factory.createSocket("127.0.0.1", cipherTest.serverPort); 53 socket.setSoTimeout(cipherTest.TIMEOUT); 54 socket.setEnabledCipherSuites(new String[] {params.cipherSuite}); 55 socket.setEnabledProtocols(new String[] {params.protocol}); 56 InputStream in = socket.getInputStream(); 57 OutputStream out = socket.getOutputStream(); 58 sendRequest(in, out); 59 socket.close(); 60 SSLSession session = socket.getSession(); 61 session.invalidate(); 62 String cipherSuite = session.getCipherSuite(); 63 if (params.cipherSuite.equals(cipherSuite) == false) { 64 throw new Exception("Negotiated ciphersuite mismatch: " + cipherSuite + " != " + params.cipherSuite); 65 } 66 String protocol = session.getProtocol(); 67 if (params.protocol.equals(protocol) == false) { 68 throw new Exception("Negotiated protocol mismatch: " + protocol + " != " + params.protocol); 69 } 70 if (cipherSuite.indexOf("DH_anon") == -1) { 71 session.getPeerCertificates(); 72 } 73 Certificate[] certificates = session.getLocalCertificates(); 74 if (params.clientAuth == null) { 75 if (certificates != null) { 76 throw new Exception("Local certificates should be null"); 77 } 78 } else { 79 if ((certificates == null) || (certificates.length == 0)) { 80 throw new Exception("Certificates missing"); 81 } 82 String keyAlg = certificates[0].getPublicKey().getAlgorithm(); 83 if (params.clientAuth != keyAlg) { 84 throw new Exception("Certificate type mismatch: " + keyAlg + " != " + params.clientAuth); 85 } 86 } 87 } finally { 88 if (socket != null) { 89 socket.close(); 90 } 91 } 92 } 93 94} 95