/*
* Primary constructor, used to drive remainder of the test.
*
* Fork off the other side, then do your work.
*/
JavaxHTTPSConnection() throws Exception {
if (separateServerThread) {
startServer(true);
startClient(false);
} else {
startClient(true);
startServer(false);
}
/*
* Wait for other side to close down.
*/
if (separateServerThread) {
serverThread.join();
} else {
clientThread.join();
}
/*
* When we get here, the test is pretty much over.
*
* If the main thread excepted, that propagates back
* immediately. If the other thread threw an exception, we
* should report back.
*/
if (serverException != null) {
System.out.print("Server Exception:");
throw serverException;
}
if (clientException != null) {
System.out.print("Client Exception:");
throw clientException;
}
}
public SSLResult fingerprint() throws IOException, FingerprintError {
SSLConfigCollector scc;
scc = new SSLConfigCollector(host, port, si);
scc.setCertValidator(cv);
startDate = new Date();
sslSupport = SSLResult.UNKNOWN;
// If a delay is set, wait some time, except for
// the first request
if (!initial && (delay > 0)) {
if (Debug.get(Debug.Delay)) {
System.err.println("Delaying request.");
}
try {
Thread.sleep(delay);
} catch (InterruptedException e) {
Thread.currentThread().interrupt();
}
}
initial = false;
try {
scc.probe();
sslSupport = SSLResult.SUPPORTED;
sslSupportReason = null;
} catch (NoSSLException e) {
// This exception is thrown when the protocol support
// for ssl is not available
sslSupport = SSLResult.UNSUPPORTED;
sslSupportReason = e.toString();
} catch (FingerprintException e) {
sslSupport = SSLResult.UNSUPPORTED;
sslSupportReason = e.toString();
} catch (IOException e) {
sslSupport = SSLResult.UNKNOWN;
sslSupportReason = e.toString();
}
endDate = new Date();
protos = scc.getSupportedProtos();
ProbeResult pres =
new ProbeResult(
host,
port,
startDate,
endDate,
sslSupport,
sslSupportReason,
scc.getServerCertificates(),
scc.serverCertificateVerifies(),
scc.serverCertNameMatch());
pres.setProtosResult(protos);
return pres;
}
public static void main(PeerFactory peerFactory, KeyStore keyStore, String[] args)
throws Exception {
long time = System.currentTimeMillis();
String relPath;
if ((args != null) && (args.length > 0) && args[0].equals("sh")) {
relPath = pathToStoresSH;
} else {
relPath = pathToStores;
}
PATH = new File(System.getProperty("test.src", "."), relPath);
CipherTest.peerFactory = peerFactory;
System.out.print("Initializing test '" + peerFactory.getName() + "'...");
// secureRandom = new SecureRandom();
// secureRandom.nextInt();
// trustStore = readKeyStore(trustStoreFile);
CipherTest.keyStore = keyStore;
// keyStore = readKeyStore(keyStoreFile);
KeyManagerFactory keyFactory =
KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyFactory.init(keyStore, "test12".toCharArray());
keyManager = (X509ExtendedKeyManager) keyFactory.getKeyManagers()[0];
TrustManagerFactory tmf =
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(keyStore);
trustManager = (X509TrustManager) tmf.getTrustManagers()[0];
// trustManager = new AlwaysTrustManager();
SSLContext context = SSLContext.getInstance("TLS");
context.init(new KeyManager[] {keyManager}, new TrustManager[] {trustManager}, null);
SSLContext.setDefault(context);
CipherTest cipherTest = new CipherTest(peerFactory);
Thread serverThread = new Thread(peerFactory.newServer(cipherTest), "Server");
serverThread.setDaemon(true);
serverThread.start();
System.out.println("Done");
cipherTest.run();
time = System.currentTimeMillis() - time;
System.out.println("Done. (" + time + " ms)");
}
/*
* Define the client side of the test.
*
* If the server prematurely exits, serverReady will be set to true
* to avoid infinite hangs.
*/
void doClientSide() throws Exception {
/*
* Wait for server to get started.
*/
while (!serverReady) {
Thread.sleep(50);
}
/*
* See if an unknown keystore actually gets checked ok.
*/
System.out.println("==============");
System.out.println("Starting test0");
KeyStore uks = KeyStore.getInstance("JKS");
SSLContext ctx = SSLContext.getInstance("TLS");
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
uks.load(new FileInputStream(unknownFilename), cpasswd);
kmf.init(uks, cpasswd);
TrustManager[] tms = new TrustManager[] {new MyJavaxX509TrustManager()};
ctx.init(kmf.getKeyManagers(), tms, null);
SSLSocketFactory sslsf = (SSLSocketFactory) ctx.getSocketFactory();
System.out.println("Trying first socket " + serverPort);
SSLSocket sslSocket = (SSLSocket) sslsf.createSocket("localhost", serverPort);
doTest(sslSocket);
/*
* Now try the other way.
*/
com.sun.net.ssl.SSLContext ctx1 = com.sun.net.ssl.SSLContext.getInstance("TLS");
com.sun.net.ssl.KeyManagerFactory kmf1 =
com.sun.net.ssl.KeyManagerFactory.getInstance("SunX509");
kmf1.init(uks, cpasswd);
com.sun.net.ssl.TrustManager[] tms1 =
new com.sun.net.ssl.TrustManager[] {new MyComX509TrustManager()};
ctx1.init(kmf1.getKeyManagers(), tms1, null);
sslsf = (SSLSocketFactory) ctx1.getSocketFactory();
System.out.println("Trying second socket " + serverPort1);
sslSocket = (SSLSocket) sslsf.createSocket("localhost", serverPort1);
doTest(sslSocket);
System.out.println("Completed test1");
}
void startClient(boolean newThread) throws Exception {
if (newThread) {
clientThread =
new Thread() {
public void run() {
try {
doClientSide();
} catch (Exception e) {
/*
* Our client thread just died.
*/
System.err.println("Client died...");
clientException = e;
}
}
};
clientThread.start();
} else {
doClientSide();
}
}
void startServer(boolean newThread) throws Exception {
if (newThread) {
serverThread =
new Thread() {
public void run() {
try {
doServerSide();
} catch (Exception e) {
/*
* Our server thread just died.
*
* Release the client, if not active already...
*/
System.err.println("Server died...");
serverReady = true;
serverException = e;
}
}
};
serverThread.start();
} else {
doServerSide();
}
}
/*
* Define the client side of the test.
*
* If the server prematurely exits, serverReady will be set to true
* to avoid infinite hangs.
*/
void doClientSide() throws Exception {
/*
* Wait for server to get started.
*/
while (!serverReady) {
Thread.sleep(50);
}
HttpsURLConnection.setDefaultHostnameVerifier(new NameVerifier());
URL url = new URL("https://" + "localhost:" + serverPort + "/etc/hosts");
URLConnection urlc = url.openConnection();
if (!(urlc instanceof javax.net.ssl.HttpsURLConnection)) {
throw new Exception("URLConnection ! instanceof javax.net.ssl.HttpsURLConnection");
}
BufferedReader in = null;
try {
in = new BufferedReader(new InputStreamReader(urlc.getInputStream()));
String inputLine;
System.out.print("Client reading... ");
while ((inputLine = in.readLine()) != null) System.out.println(inputLine);
System.out.println("Cipher Suite: " + ((HttpsURLConnection) urlc).getCipherSuite());
Certificate[] certs = ((HttpsURLConnection) urlc).getServerCertificates();
for (int i = 0; i < certs.length; i++) {
System.out.println(certs[0]);
}
in.close();
} catch (SSLException e) {
if (in != null) in.close();
throw e;
}
System.out.println("Client reports: SUCCESS");
}
public Thread newThread(Runnable r) {
Thread t = DEFAULT.newThread(r);
t.setDaemon(true);
return t;
}