/*
   * Define the client side of the test.
   *
   * If the server prematurely exits, serverReady will be set to true
   * to avoid infinite hangs.
   */
  void doClientSide() throws Exception {

    /*
     * Wait for server to get started.
     */
    while (!serverReady) {
      Thread.sleep(50);
    }

    SSLSocketFactory sslsf = (SSLSocketFactory) SSLSocketFactory.getDefault();
    SSLSocket sslSocket = (SSLSocket) sslsf.createSocket("localhost", serverPort);

    InputStream sslIS = sslSocket.getInputStream();
    OutputStream sslOS = sslSocket.getOutputStream();

    for (int i = 0; i < 10; i++) {
      sslOS.write(280);
      sslOS.flush();
      sslIS.read();
    }

    for (int i = 0; i < 10; i++) {
      sslOS.write(280);
      sslOS.flush();
      sslIS.read();
    }

    sslSocket.close();
  }
Пример #2
0
  public SSLResult fingerprint() throws IOException, FingerprintError {

    SSLConfigCollector scc;

    scc = new SSLConfigCollector(host, port, si);
    scc.setCertValidator(cv);

    startDate = new Date();

    sslSupport = SSLResult.UNKNOWN;

    // If a delay is set, wait some time, except for
    // the first request
    if (!initial && (delay > 0)) {
      if (Debug.get(Debug.Delay)) {
        System.err.println("Delaying request.");
      }
      try {
        Thread.sleep(delay);
      } catch (InterruptedException e) {
        Thread.currentThread().interrupt();
      }
    }
    initial = false;

    try {
      scc.probe();
      sslSupport = SSLResult.SUPPORTED;
      sslSupportReason = null;
    } catch (NoSSLException e) {
      // This exception is thrown when the protocol support
      // for ssl is not available
      sslSupport = SSLResult.UNSUPPORTED;
      sslSupportReason = e.toString();
    } catch (FingerprintException e) {
      sslSupport = SSLResult.UNSUPPORTED;
      sslSupportReason = e.toString();
    } catch (IOException e) {
      sslSupport = SSLResult.UNKNOWN;
      sslSupportReason = e.toString();
    }
    endDate = new Date();

    protos = scc.getSupportedProtos();

    ProbeResult pres =
        new ProbeResult(
            host,
            port,
            startDate,
            endDate,
            sslSupport,
            sslSupportReason,
            scc.getServerCertificates(),
            scc.serverCertificateVerifies(),
            scc.serverCertNameMatch());

    pres.setProtosResult(protos);
    return pres;
  }
Пример #3
0
  /*
   * Define the client side of the test.
   *
   * If the server prematurely exits, serverReady will be set to true
   * to avoid infinite hangs.
   */
  void doClientSide() throws Exception {

    /*
     * Wait for server to get started.
     */
    while (!serverReady) {
      Thread.sleep(50);
    }

    // Send HTTP POST request to server
    URL url = new URL("https://localhost:" + serverPort);

    HttpsURLConnection.setDefaultHostnameVerifier(new NameVerifier());
    HttpsURLConnection http = (HttpsURLConnection) url.openConnection();
    http.setDoOutput(true);

    http.setRequestMethod("POST");
    PrintStream ps = new PrintStream(http.getOutputStream());
    try {
      ps.println(postMsg);
      ps.flush();
      if (http.getResponseCode() != 200) {
        throw new RuntimeException("test Failed");
      }
    } finally {
      ps.close();
      http.disconnect();
      closeReady = true;
    }
  }
Пример #4
0
  /*
   * Define the client side of the test.
   *
   * If the server prematurely exits, serverReady will be set to true
   * to avoid infinite hangs.
   */
  void doClientSide() throws Exception {
    // create SSLEngine.
    SSLEngine ssle = createSSLEngine(true);

    /*
     * Wait for server to get started.
     */
    while (!serverReady) {
      Thread.sleep(50);
    }

    // Create a non-blocking socket channel.
    SocketChannel sc = SocketChannel.open();
    sc.configureBlocking(false);
    InetSocketAddress isa = new InetSocketAddress(InetAddress.getLocalHost(), serverPort);
    sc.connect(isa);

    // Complete connection.
    while (!sc.finishConnect()) {
      // waiting for the connection completed.
    }

    // handshaking
    handshaking(ssle, sc, null);

    // send out application data
    deliver(ssle, sc);

    // receive application data
    receive(ssle, sc);

    // close the socket channel.
    sc.close();
  }
Пример #5
0
  /*
   * Define the client side of the test.
   *
   * If the server prematurely exits, serverReady will be set to true
   * to avoid infinite hangs.
   */
  void doClientSide() throws Exception {

    /*
     * Wait for server to get started.
     */
    while (!serverReady) {
      Thread.sleep(50);
    }

    /*
     * See if an unknown keystore actually gets checked ok.
     */
    System.out.println("==============");
    System.out.println("Starting test0");
    KeyStore uks = KeyStore.getInstance("JKS");
    SSLContext ctx = SSLContext.getInstance("TLS");
    KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");

    uks.load(new FileInputStream(unknownFilename), cpasswd);
    kmf.init(uks, cpasswd);

    TrustManager[] tms = new TrustManager[] {new MyJavaxX509TrustManager()};

    ctx.init(kmf.getKeyManagers(), tms, null);

    SSLSocketFactory sslsf = (SSLSocketFactory) ctx.getSocketFactory();

    System.out.println("Trying first socket " + serverPort);
    SSLSocket sslSocket = (SSLSocket) sslsf.createSocket("localhost", serverPort);

    doTest(sslSocket);

    /*
     * Now try the other way.
     */
    com.sun.net.ssl.SSLContext ctx1 = com.sun.net.ssl.SSLContext.getInstance("TLS");
    com.sun.net.ssl.KeyManagerFactory kmf1 =
        com.sun.net.ssl.KeyManagerFactory.getInstance("SunX509");
    kmf1.init(uks, cpasswd);

    com.sun.net.ssl.TrustManager[] tms1 =
        new com.sun.net.ssl.TrustManager[] {new MyComX509TrustManager()};

    ctx1.init(kmf1.getKeyManagers(), tms1, null);

    sslsf = (SSLSocketFactory) ctx1.getSocketFactory();

    System.out.println("Trying second socket " + serverPort1);
    sslSocket = (SSLSocket) sslsf.createSocket("localhost", serverPort1);

    doTest(sslSocket);
    System.out.println("Completed test1");
  }
  /*
   * Primary constructor, used to drive remainder of the test.
   *
   * Fork off the other side, then do your work.
   */
  InvalidateServerSessionRenegotiate() throws Exception {
    if (separateServerThread) {
      startServer(true);
      startClient(false);
    } else {
      startClient(true);
      startServer(false);
    }

    /*
     * Wait for other side to close down.
     */
    if (separateServerThread) {
      serverThread.join();
    } else {
      clientThread.join();
    }

    /*
     * When we get here, the test is pretty much over.
     *
     * If the main thread excepted, that propagates back
     * immediately.  If the other thread threw an exception, we
     * should report back.
     */
    if (serverException != null) {
      System.out.print("Server Exception:");
      throw serverException;
    }
    if (clientException != null) {
      System.out.print("Client Exception:");
      throw clientException;
    }

    /*
     * Give the Handshaker Thread a chance to run
     */
    Thread.sleep(1000);

    synchronized (this) {
      if (handshakesCompleted != 2) {
        throw new Exception("Didn't see 2 handshake completed events.");
      }
    }
  }
Пример #7
0
  /*
   * Define the server side of the test.
   *
   * If the server prematurely exits, serverReady will be set to true
   * to avoid infinite hangs.
   */
  void doServerSide() throws Exception {
    SSLServerSocketFactory sslssf = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
    SSLServerSocket sslServerSocket = (SSLServerSocket) sslssf.createServerSocket(serverPort);
    serverPort = sslServerSocket.getLocalPort();

    /*
     * Signal Client, we're ready for his connect.
     */
    serverReady = true;

    SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();
    try {
      InputStream sslIS = sslSocket.getInputStream();
      OutputStream sslOS = sslSocket.getOutputStream();
      BufferedReader br = new BufferedReader(new InputStreamReader(sslIS));
      PrintStream ps = new PrintStream(sslOS);

      // process HTTP POST request from client
      System.out.println("status line: " + br.readLine());
      String msg = null;
      while ((msg = br.readLine()) != null && msg.length() > 0) ;

      msg = br.readLine();
      if (msg.equals(postMsg)) {
        ps.println("HTTP/1.1 200 OK\n\n");
      } else {
        ps.println("HTTP/1.1 500 Not OK\n\n");
      }
      ps.flush();

      // close the socket
      while (!closeReady) {
        Thread.sleep(50);
      }
    } finally {
      sslSocket.close();
      sslServerSocket.close();
    }
  }
  /*
   * Define the client side of the test.
   *
   * If the server prematurely exits, serverReady will be set to true
   * to avoid infinite hangs.
   */
  void doClientSide() throws Exception {
    /*
     * Wait for server to get started.
     */
    while (!serverReady) {
      Thread.sleep(50);
    }

    System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
    HttpsURLConnection.setDefaultHostnameVerifier(new NameVerifier());

    URL url = new URL("https://" + "localhost:" + serverPort + "/etc/hosts");
    URLConnection urlc = url.openConnection();

    if (!(urlc instanceof com.sun.net.ssl.HttpsURLConnection)) {
      throw new Exception("URLConnection ! instanceof " + "com.sun.net.ssl.HttpsURLConnection");
    }

    BufferedReader in = null;
    try {
      in = new BufferedReader(new InputStreamReader(urlc.getInputStream()));
      String inputLine;
      System.out.print("Client reading... ");
      while ((inputLine = in.readLine()) != null) System.out.println(inputLine);

      System.out.println("Cipher Suite: " + ((HttpsURLConnection) urlc).getCipherSuite());
      X509Certificate[] certs = ((HttpsURLConnection) urlc).getServerCertificateChain();
      for (int i = 0; i < certs.length; i++) {
        System.out.println(certs[0]);
      }

      in.close();
    } catch (SSLException e) {
      if (in != null) in.close();
      throw e;
    }
    System.out.println("Client reports:  SUCCESS");
  }
 private void handshake() throws IOException {
   if (handshakeCompleted) {
     return;
   }
   if (DEBUG) {
     log("Starting handshake...");
   }
   synchronized (this) {
     if (handshakeCompleted) {
       if (DEBUG) {
         log("Handshake already completed...");
       }
       return;
     }
     int counter = 0;
     if (DEBUG) {
       log("Begin handshake");
     }
     sslEngine.beginHandshake();
     writeInternal(emptyBuffer);
     while (counter++ < 250
         && sslEngineResult.getHandshakeStatus() != SSLEngineResult.HandshakeStatus.FINISHED) {
       if (DEBUG) {
         log("Handshake status: " + sslEngineResult.getHandshakeStatus());
       }
       if (sslEngineResult.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NEED_UNWRAP) {
         if (DEBUG) {
           log("Begin UNWRAP");
         }
         netInBuffer.clear();
         while (socketChannel.read(netInBuffer) < 1) {
           try {
             if (DEBUG) {
               log("Spinning on channel read...");
             }
             Thread.sleep(50);
           } catch (InterruptedException e) {
             throw new IOException(e);
           }
         }
         netInBuffer.flip();
         unwrap(netInBuffer);
         if (DEBUG) {
           log("Done UNWRAP: " + sslEngineResult.getHandshakeStatus());
         }
         if (sslEngineResult.getHandshakeStatus() != SSLEngineResult.HandshakeStatus.FINISHED) {
           emptyBuffer.clear();
           writeInternal(emptyBuffer);
           if (DEBUG) {
             log("Done WRAP after UNWRAP: " + sslEngineResult.getHandshakeStatus());
           }
         }
       } else if (sslEngineResult.getHandshakeStatus()
           == SSLEngineResult.HandshakeStatus.NEED_WRAP) {
         if (DEBUG) {
           log("Begin WRAP");
         }
         emptyBuffer.clear();
         writeInternal(emptyBuffer);
         if (DEBUG) {
           log("Done WRAP: " + sslEngineResult.getHandshakeStatus());
         }
       } else {
         try {
           if (DEBUG) {
             log("Sleeping... Status: " + sslEngineResult.getHandshakeStatus());
           }
           Thread.sleep(500);
         } catch (InterruptedException e) {
           throw new IOException(e);
         }
       }
     }
     if (sslEngineResult.getHandshakeStatus() != SSLEngineResult.HandshakeStatus.FINISHED) {
       throw new SSLHandshakeException(
           "SSL handshake failed after "
               + counter
               + " trials! -> "
               + sslEngineResult.getHandshakeStatus());
     }
     if (DEBUG) {
       log("Handshake completed!");
     }
     in.clear();
     in.flip();
     handshakeCompleted = true;
   }
 }