Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/openjdk-multiarch-jdk8u
 Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/test/sun/net/www/protocol/https/HttpsURLConnection/IPAddressIPIdentities.java
38889 views
1
/*

2
 * Copyright (c) 2010, 2015, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.

8
 *

9
 * This code is distributed in the hope that it will be useful, but WITHOUT

10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

12
 * version 2 for more details (a copy is included in the LICENSE file that

13
 * accompanied this code).

14
 *

15
 * You should have received a copy of the GNU General Public License version

16
 * 2 along with this work; if not, write to the Free Software Foundation,

17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

18
 *

19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

20
 * or visit www.oracle.com if you need additional information or have any

21
 * questions.

22
 */

23


24
//

25
// SunJSSE does not support dynamic system properties, no way to re-use

26
// system properties in samevm/agentvm mode.

27
//

28


29
/* @test

30
 * @summary X509 certificate hostname checking is broken in JDK1.6.0_10

31
 * @bug 6766775

32
 * @run main/othervm IPAddressIPIdentities

33
 * @author Xuelei Fan

34
 */

35


36
import java.net.*;

37
import java.util.*;

38
import java.io.*;

39
import javax.net.ssl.*;

40
import java.security.Security;

41
import java.security.KeyStore;

42
import java.security.KeyFactory;

43
import java.security.cert.Certificate;

44
import java.security.cert.CertificateFactory;

45
import java.security.spec.*;

46
import java.security.interfaces.*;

47
import java.math.BigInteger;

48


49
/*

50
 * Certificates and key used in the test.

51
 *

52
 * TLS server certificate:

53
 * server private key:

54
 * -----BEGIN RSA PRIVATE KEY-----

55
 * Proc-Type: 4,ENCRYPTED

56
 * DEK-Info: DES-EDE3-CBC,D9AE407F6D0E389A

57
 *

58
 * WPrA7TFol/cQCcp9oHnXWNpYlvRbbIcQj0m+RKT2Iuzfus+DHt3Zadf8nJpKfX2e

59
 * h2rnhlzCN9M7djRDooZKDOPCsdBn51Au7HlZF3S3Opgo7D8XFM1a8t1Je4ke14oI

60
 * nw6QKYsBblRziPnP2PZ0zvX24nOv7bbY8beynlJHGs00VWSFdoH2DS0aE1p6D+3n

61
 * ptJuJ75dVfZFK4X7162APlNXevX8D6PEQpSiRw1rjjGGcnvQ4HdWk3BxDVDcCNJb

62
 * Y1aGNRxsjTDvPi3R9Qx2M+W03QzEPx4SR3ZHVskeSJHaetM0TM/w/45Paq4GokXP

63
 * ZeTnbEx1xmjkA7h+t4doLL4watx5F6yLsJzu8xB3lt/1EtmkYtLz1t7X4BetPAXz

64
 * zS69X/VwhKfsOI3qXBWuL2oHPyhDmT1gcaUQwEPSV6ogHEEQEDXdiUS8heNK13KF

65
 * TCQYFkETvV2BLxUhV1hypPzRQ6tUpJiAbD5KmoK2lD9slshG2QtvKQq0/bgkDY5J

66
 * LhDHV2dtcZ3kDPkkZXpbcJQvoeH3d09C5sIsuTFo2zgNR6oETHUc5TzP6FY2YYRa

67
 * QcK5HcmtsRRiXFm01ac+aMejJUIujjFt84SiKWT/73vC8AmY4tYcJBLjCg4XIxSH

68
 * fdDFLL1YZENNO5ivlp8mdiHqcawx+36L7DrEZQ8RZt6cqST5t/+XTdM74s6k81GT

69
 * pNsa82P2K2zmIUZ/DL2mKjW1vfRByw1NQFEBkN3vdyZxYfM/JyUzX4hbjXBEkh9Q

70
 * QYrcwLKLjis2QzSvK04B3bvRzRb+4ocWiso8ZPAXAIxZFBWDpTMM2A==

71
 * -----END RSA PRIVATE KEY-----

72
 *

73
 * -----BEGIN RSA PRIVATE KEY-----

74
 * MIICXAIBAAKBgQClrFscN6LdmYktsnm4j9VIpecchBeNaZzGrG358h0fORna03Ie

75
 * buxEzHCk3LoAMPagTz1UemFqzFfQCn+VKBg/mtmU8hvIJIh+/p0PPftXUwizIDPU

76
 * PxdHFNHN6gjYDnVOr77M0uyvqXpJ38LZrLgkQJCmA1Yq0DAFQCxPq9l0iQIDAQAB

77
 * AoGAbqcbg1E1mkR99uOJoNeQYKFOJyGiiXTMnXV1TseC4+PDfQBU7Dax35GcesBi

78
 * CtapIpFKKS5D+ozY6b7ZT8ojxuQ/uHLPAvz0WDR3ds4iRF8tyu71Q1ZHcQsJa17y

79
 * yO7UbkSSKn/Mp9Rb+/dKqftUGNXVFLqgHBOzN2s3We3bbbECQQDYBPKOg3hkaGHo

80
 * OhpHKqtQ6EVkldihG/3i4WejRonelXN+HRh1KrB2HBx0M8D/qAzP1i3rNSlSHer4

81
 * 59YRTJnHAkEAxFX/sVYSn07BHv9Zhn6XXct/Cj43z/tKNbzlNbcxqQwQerw3IH51

82
 * 8UH2YOA+GD3lXbKp+MytoFLWv8zg4YT/LwJAfqan75Z1R6lLffRS49bIiq8jwE16

83
 * rTrUJ+kv8jKxMqc9B3vXkxpsS1M/+4E8bqgAmvpgAb8xcsvHsBd9ErdukQJBAKs2

84
 * j67W75BrPjBI34pQ1LEfp56IGWXOrq1kF8IbCjxv3+MYRT6Z6UJFkpRymNPNDjsC

85
 * dgUYgITiGJHUGXuw3lMCQHEHqo9ZtXz92yFT+VhsNc29B8m/sqUJdtCcMd/jGpAF

86
 * u6GHufjqIZBpQsk63wbwESAPZZ+kk1O1kS5GIRLX608=

87
 * -----END RSA PRIVATE KEY-----

88
 *

89
 * Private-Key: (1024 bit)

90
 * modulus:

91
 *     00:a5:ac:5b:1c:37:a2:dd:99:89:2d:b2:79:b8:8f:

92
 *     d5:48:a5:e7:1c:84:17:8d:69:9c:c6:ac:6d:f9:f2:

93
 *     1d:1f:39:19:da:d3:72:1e:6e:ec:44:cc:70:a4:dc:

94
 *     ba:00:30:f6:a0:4f:3d:54:7a:61:6a:cc:57:d0:0a:

95
 *     7f:95:28:18:3f:9a:d9:94:f2:1b:c8:24:88:7e:fe:

96
 *     9d:0f:3d:fb:57:53:08:b3:20:33:d4:3f:17:47:14:

97
 *     d1:cd:ea:08:d8:0e:75:4e:af:be:cc:d2:ec:af:a9:

98
 *     7a:49:df:c2:d9:ac:b8:24:40:90:a6:03:56:2a:d0:

99
 *     30:05:40:2c:4f:ab:d9:74:89

100
 * publicExponent: 65537 (0x10001)

101
 * privateExponent:

102
 *     6e:a7:1b:83:51:35:9a:44:7d:f6:e3:89:a0:d7:90:

103
 *     60:a1:4e:27:21:a2:89:74:cc:9d:75:75:4e:c7:82:

104
 *     e3:e3:c3:7d:00:54:ec:36:b1:df:91:9c:7a:c0:62:

105
 *     0a:d6:a9:22:91:4a:29:2e:43:fa:8c:d8:e9:be:d9:

106
 *     4f:ca:23:c6:e4:3f:b8:72:cf:02:fc:f4:58:34:77:

107
 *     76:ce:22:44:5f:2d:ca:ee:f5:43:56:47:71:0b:09:

108
 *     6b:5e:f2:c8:ee:d4:6e:44:92:2a:7f:cc:a7:d4:5b:

109
 *     fb:f7:4a:a9:fb:54:18:d5:d5:14:ba:a0:1c:13:b3:

110
 *     37:6b:37:59:ed:db:6d:b1

111
 * prime1:

112
 *     00:d8:04:f2:8e:83:78:64:68:61:e8:3a:1a:47:2a:

113
 *     ab:50:e8:45:64:95:d8:a1:1b:fd:e2:e1:67:a3:46:

114
 *     89:de:95:73:7e:1d:18:75:2a:b0:76:1c:1c:74:33:

115
 *     c0:ff:a8:0c:cf:d6:2d:eb:35:29:52:1d:ea:f8:e7:

116
 *     d6:11:4c:99:c7

117
 * prime2:

118
 *     00:c4:55:ff:b1:56:12:9f:4e:c1:1e:ff:59:86:7e:

119
 *     97:5d:cb:7f:0a:3e:37:cf:fb:4a:35:bc:e5:35:b7:

120
 *     31:a9:0c:10:7a:bc:37:20:7e:75:f1:41:f6:60:e0:

121
 *     3e:18:3d:e5:5d:b2:a9:f8:cc:ad:a0:52:d6:bf:cc:

122
 *     e0:e1:84:ff:2f

123
 * exponent1:

124
 *     7e:a6:a7:ef:96:75:47:a9:4b:7d:f4:52:e3:d6:c8:

125
 *     8a:af:23:c0:4d:7a:ad:3a:d4:27:e9:2f:f2:32:b1:

126
 *     32:a7:3d:07:7b:d7:93:1a:6c:4b:53:3f:fb:81:3c:

127
 *     6e:a8:00:9a:fa:60:01:bf:31:72:cb:c7:b0:17:7d:

128
 *     12:b7:6e:91

129
 * exponent2:

130
 *     00:ab:36:8f:ae:d6:ef:90:6b:3e:30:48:df:8a:50:

131
 *     d4:b1:1f:a7:9e:88:19:65:ce:ae:ad:64:17:c2:1b:

132
 *     0a:3c:6f:df:e3:18:45:3e:99:e9:42:45:92:94:72:

133
 *     98:d3:cd:0e:3b:02:76:05:18:80:84:e2:18:91:d4:

134
 *     19:7b:b0:de:53

135
 * coefficient:

136
 *     71:07:aa:8f:59:b5:7c:fd:db:21:53:f9:58:6c:35:

137
 *     cd:bd:07:c9:bf:b2:a5:09:76:d0:9c:31:df:e3:1a:

138
 *     90:05:bb:a1:87:b9:f8:ea:21:90:69:42:c9:3a:df:

139
 *     06:f0:11:20:0f:65:9f:a4:93:53:b5:91:2e:46:21:

140
 *     12:d7:eb:4f

141
 *

142
 *

143
 * server certificate:

144
 * Data:

145
 *     Version: 3 (0x2)

146
 *     Serial Number: 7 (0x7)

147
 *     Signature Algorithm: md5WithRSAEncryption

148
 *     Issuer: C=US, ST=Some-State, L=Some-City, O=Some-Org

149
 *     Validity

150
 *         Not Before: Dec  8 03:27:57 2008 GMT

151
 *         Not After : Aug 25 03:27:57 2028 GMT

152
 *     Subject: C=US, ST=Some-State, L=Some-City, O=Some-Org, OU=SSL-Server, CN=localhost

153
 *     Subject Public Key Info:

154
 *         Public Key Algorithm: rsaEncryption

155
 *         RSA Public Key: (1024 bit)

156
 *             Modulus (1024 bit):

157
 *                 00:a5:ac:5b:1c:37:a2:dd:99:89:2d:b2:79:b8:8f:

158
 *                 d5:48:a5:e7:1c:84:17:8d:69:9c:c6:ac:6d:f9:f2:

159
 *                 1d:1f:39:19:da:d3:72:1e:6e:ec:44:cc:70:a4:dc:

160
 *                 ba:00:30:f6:a0:4f:3d:54:7a:61:6a:cc:57:d0:0a:

161
 *                 7f:95:28:18:3f:9a:d9:94:f2:1b:c8:24:88:7e:fe:

162
 *                 9d:0f:3d:fb:57:53:08:b3:20:33:d4:3f:17:47:14:

163
 *                 d1:cd:ea:08:d8:0e:75:4e:af:be:cc:d2:ec:af:a9:

164
 *                 7a:49:df:c2:d9:ac:b8:24:40:90:a6:03:56:2a:d0:

165
 *                 30:05:40:2c:4f:ab:d9:74:89

166
 *             Exponent: 65537 (0x10001)

167
 *     X509v3 extensions:

168
 *         X509v3 Basic Constraints:

169
 *             CA:FALSE

170
 *         X509v3 Key Usage:

171
 *             Digital Signature, Non Repudiation, Key Encipherment

172
 *         X509v3 Subject Key Identifier:

173
 *             ED:6E:DB:F4:B5:56:C8:FB:1A:06:61:3F:0F:08:BB:A6:04:D8:16:54

174
 *         X509v3 Authority Key Identifier:

175
 *             keyid:FA:B9:51:BF:4C:E7:D9:86:98:33:F9:E7:CB:1E:F1:33:49:F7:A8:14

176
 *

177
 *         X509v3 Subject Alternative Name: critical

178
 *             IP Address:127.0.0.1

179
 * Signature Algorithm: md5WithRSAEncryption

180
 *

181
 * -----BEGIN CERTIFICATE-----

182
 * MIICnzCCAgigAwIBAgIBBzANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET

183
 * MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK

184
 * EwhTb21lLU9yZzAeFw0wODEyMDgwMzI3NTdaFw0yODA4MjUwMzI3NTdaMHIxCzAJ

185
 * BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp

186
 * dHkxETAPBgNVBAoTCFNvbWUtT3JnMRMwEQYDVQQLEwpTU0wtU2VydmVyMRIwEAYD

187
 * VQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKWsWxw3

188
 * ot2ZiS2yebiP1Uil5xyEF41pnMasbfnyHR85GdrTch5u7ETMcKTcugAw9qBPPVR6

189
 * YWrMV9AKf5UoGD+a2ZTyG8gkiH7+nQ89+1dTCLMgM9Q/F0cU0c3qCNgOdU6vvszS

190
 * 7K+peknfwtmsuCRAkKYDVirQMAVALE+r2XSJAgMBAAGjbjBsMAkGA1UdEwQCMAAw

191
 * CwYDVR0PBAQDAgXgMB0GA1UdDgQWBBTtbtv0tVbI+xoGYT8PCLumBNgWVDAfBgNV

192
 * HSMEGDAWgBT6uVG/TOfZhpgz+efLHvEzSfeoFDASBgNVHREBAf8ECDAGhwR/AAAB

193
 * MA0GCSqGSIb3DQEBBAUAA4GBAFJjItCtCBZcjD69wdqfIbKmRFa6eJAjR6LcoDva

194
 * cKC/sDOLelpspiZ66Zb0Xdv5qQ7QrfOXt3K8QqJKRMdZLF9WfUfy0gJDM32ub91h

195
 * pu+TmcGPs+6RdrAQcuvU1ZDV9X8SMj7BtKaim4d5sqFw1npncKiA5xFn8vOYwdun

196
 * nZif

197
 * -----END CERTIFICATE-----

198
 *

199
 *

200
 * TLS client certificate:

201
 * client private key:

202
 * ----BEGIN RSA PRIVATE KEY-----

203
 * Proc-Type: 4,ENCRYPTED

204
 * DEK-Info: DES-EDE3-CBC,FA2A435CD35A9390

205
 *

206
 * Z+Y2uaETbsUWIyJUyVu1UV2G4rgFYJyACZT6Tp1KjRtxflSh2kXkJ9MpuXMXA0V4

207
 * Yy3fDzPqCL9NJmQAYRlAx/W/+j4F5EyMWDIx8fUxzONRZyoiwF7jLm+KscAfv6Pf

208
 * q7ItWOdj3z7IYrwlB8YIGd3F2cDKT3S+lYRk7rKb/qT7itbuHnY4Ardh3yl+MZak

209
 * jBp+ELUlRsUqSr1V0LoM+0rCCykarpyfhpxEcqsrl0v9Cyi5uhU50/oKv5zql3SH

210
 * l2ImgDjp3batAs8+Bd4NF2aqi0a7Hy44JUHxRm4caZryU/i/D9N1MbuM6882HLat

211
 * 5N0G+NaIUfywa8mjwq2D5aiit18HqKA6XeRRYeJ5Dvu9DCO4GeFSwcUFIBMI0L46

212
 * 7s114+oDodg57pMgITi+04vmUxvqlN9aiyd7f5Fgd7PeHGeOdbMz1NaJLJaPI9++

213
 * NakK8eK9iwT/Gdq0Uap5/CHW7vCT5PO+h3HY0STH0lWStXhdWnFO04zTdywsbSp+

214
 * DLpHeFT66shfeUlxR0PsCbG9vPRt/QmGLeYQZITppWo/ylSq4j+pRIuXvuWHdBRN

215
 * rTZ8QF4Y7AxQUXVz1j1++s6ZMHTzaK2i9HrhmDs1MbJl+QwWre3Xpv3LvTVz3k5U

216
 * wX8kuY1m3STt71QCaRWENq5sRaMImLxZbxc/ivFl9RAzUqo4NCxLod/QgA4iLqtO

217
 * ztnlpzwlC/F8HbQ1oqYWwnZAPhzU/cULtstl+Yrws2c2atO323LbPXZqbASySgig

218
 * sNpFXQMObdfP6LN23bY+1SvtK7V4NUTNhpdIc6INQAQ=

219
 * -----END RSA PRIVATE KEY-----

220
 *

221
 * -----BEGIN RSA PRIVATE KEY-----

222
 * MIICWwIBAAKBgQC78EA2rCZUTvSjWgAvaSFvuXo6k+yi9uGOx2PYLxIwmS6w8o/4

223
 * Jy0keCiE9wG/jUR53TvSVfPOPLJbIX3v/TNKsaP/xsibuQ98QTWX+ds6BWAFFa9Z

224
 * F5KjEK0WHOQHU6+odqJWKpLT+SjgeM9eH0irXBnd4WdDunWN9YKsQ5JEGwIDAQAB

225
 * AoGAEbdqNj0wN85hnWyEi/ObJU8UyKTdL9eaF72QGfcF/fLSxfd3vurihIeXOkGW

226
 * tpn4lIxYcVGM9CognhqgJpl11jFTQzn1KqZ+NEJRKkCHA4hDabKJbSC9fXHvRwrf

227
 * BsFpZqgiNxp3HseUTiwnaUVeyPgMt/jAj5nB5Sib+UyUxrECQQDnNQBiF2aifEg6

228
 * zbJOOC7he5CHAdkFxSxWVFVHL6EfXfqdLVkUohMbgZv+XxyIeU2biOExSg49Kds3

229
 * FOKgTau1AkEA0Bd1haj6QuCo8I0AXm2WO+MMTZMTvtHD/bGjKNM+fT4I8rKYnQRX

230
 * 1acHdqS9Xx2rNJqZgkMmpESIdPR2fc4yjwJALFeM6EMmqvj8/VIf5UJ/Mz14fXwM

231
 * PEARfckUxd9LnnFutCBTWlKvKXJVEZb6KO5ixPaegc57Jp3Vbh3yTN44lQJADD/1

232
 * SSMDaIB1MYP7a5Oj7m6VQNPRq8AJe5vDcRnOae0G9dKRrVyeFxO4GsHj6/+BHp2j

233
 * P8nYMn9eURQ7DXjf/QJAAQzMlWnKGSO8pyTDtnQx3hRMoUkOEhmNq4bQhLkYqtnY

234
 * FcqpUQ2qMjW+NiNWk5HnTrMS3L9EdJobMUzaNZLy4w==

235
 * -----END RSA PRIVATE KEY-----

236
 *

237
 * Private-Key: (1024 bit)

238
 * modulus:

239
 *     00:bb:f0:40:36:ac:26:54:4e:f4:a3:5a:00:2f:69:

240
 *     21:6f:b9:7a:3a:93:ec:a2:f6:e1:8e:c7:63:d8:2f:

241
 *     12:30:99:2e:b0:f2:8f:f8:27:2d:24:78:28:84:f7:

242
 *     01:bf:8d:44:79:dd:3b:d2:55:f3:ce:3c:b2:5b:21:

243
 *     7d:ef:fd:33:4a:b1:a3:ff:c6:c8:9b:b9:0f:7c:41:

244
 *     35:97:f9:db:3a:05:60:05:15:af:59:17:92:a3:10:

245
 *     ad:16:1c:e4:07:53:af:a8:76:a2:56:2a:92:d3:f9:

246
 *     28:e0:78:cf:5e:1f:48:ab:5c:19:dd:e1:67:43:ba:

247
 *     75:8d:f5:82:ac:43:92:44:1b

248
 * publicExponent: 65537 (0x10001)

249
 * privateExponent:

250
 *     11:b7:6a:36:3d:30:37:ce:61:9d:6c:84:8b:f3:9b:

251
 *     25:4f:14:c8:a4:dd:2f:d7:9a:17:bd:90:19:f7:05:

252
 *     fd:f2:d2:c5:f7:77:be:ea:e2:84:87:97:3a:41:96:

253
 *     b6:99:f8:94:8c:58:71:51:8c:f4:2a:20:9e:1a:a0:

254
 *     26:99:75:d6:31:53:43:39:f5:2a:a6:7e:34:42:51:

255
 *     2a:40:87:03:88:43:69:b2:89:6d:20:bd:7d:71:ef:

256
 *     47:0a:df:06:c1:69:66:a8:22:37:1a:77:1e:c7:94:

257
 *     4e:2c:27:69:45:5e:c8:f8:0c:b7:f8:c0:8f:99:c1:

258
 *     e5:28:9b:f9:4c:94:c6:b1

259
 * prime1:

260
 *     00:e7:35:00:62:17:66:a2:7c:48:3a:cd:b2:4e:38:

261
 *     2e:e1:7b:90:87:01:d9:05:c5:2c:56:54:55:47:2f:

262
 *     a1:1f:5d:fa:9d:2d:59:14:a2:13:1b:81:9b:fe:5f:

263
 *     1c:88:79:4d:9b:88:e1:31:4a:0e:3d:29:db:37:14:

264
 *     e2:a0:4d:ab:b5

265
 * prime2:

266
 *     00:d0:17:75:85:a8:fa:42:e0:a8:f0:8d:00:5e:6d:

267
 *     96:3b:e3:0c:4d:93:13:be:d1:c3:fd:b1:a3:28:d3:

268
 *     3e:7d:3e:08:f2:b2:98:9d:04:57:d5:a7:07:76:a4:

269
 *     bd:5f:1d:ab:34:9a:99:82:43:26:a4:44:88:74:f4:

270
 *     76:7d:ce:32:8f

271
 * exponent1:

272
 *     2c:57:8c:e8:43:26:aa:f8:fc:fd:52:1f:e5:42:7f:

273
 *     33:3d:78:7d:7c:0c:3c:40:11:7d:c9:14:c5:df:4b:

274
 *     9e:71:6e:b4:20:53:5a:52:af:29:72:55:11:96:fa:

275
 *     28:ee:62:c4:f6:9e:81:ce:7b:26:9d:d5:6e:1d:f2:

276
 *     4c:de:38:95

277
 * exponent2:

278
 *     0c:3f:f5:49:23:03:68:80:75:31:83:fb:6b:93:a3:

279
 *     ee:6e:95:40:d3:d1:ab:c0:09:7b:9b:c3:71:19:ce:

280
 *     69:ed:06:f5:d2:91:ad:5c:9e:17:13:b8:1a:c1:e3:

281
 *     eb:ff:81:1e:9d:a3:3f:c9:d8:32:7f:5e:51:14:3b:

282
 *     0d:78:df:fd

283
 * coefficient:

284
 *     01:0c:cc:95:69:ca:19:23:bc:a7:24:c3:b6:74:31:

285
 *     de:14:4c:a1:49:0e:12:19:8d:ab:86:d0:84:b9:18:

286
 *     aa:d9:d8:15:ca:a9:51:0d:aa:32:35:be:36:23:56:

287
 *     93:91:e7:4e:b3:12:dc:bf:44:74:9a:1b:31:4c:da:

288
 *     35:92:f2:e3

289
 *

290
 * client certificate:

291
 * Data:

292
 *     Version: 3 (0x2)

293
 *     Serial Number: 6 (0x6)

294
 *     Signature Algorithm: md5WithRSAEncryption

295
 *     Issuer: C=US, ST=Some-State, L=Some-City, O=Some-Org

296
 *     Validity

297
 *         Not Before: Dec  8 03:27:34 2008 GMT

298
 *         Not After : Aug 25 03:27:34 2028 GMT

299
 *     Subject: C=US, ST=Some-State, L=Some-City, O=Some-Org, OU=SSL-Client, CN=localhost

300
 *     Subject Public Key Info:

301
 *         Public Key Algorithm: rsaEncryption

302
 *         RSA Public Key: (1024 bit)

303
 *             Modulus (1024 bit):

304
 *                 00:bb:f0:40:36:ac:26:54:4e:f4:a3:5a:00:2f:69:

305
 *                 21:6f:b9:7a:3a:93:ec:a2:f6:e1:8e:c7:63:d8:2f:

306
 *                 12:30:99:2e:b0:f2:8f:f8:27:2d:24:78:28:84:f7:

307
 *                 01:bf:8d:44:79:dd:3b:d2:55:f3:ce:3c:b2:5b:21:

308
 *                 7d:ef:fd:33:4a:b1:a3:ff:c6:c8:9b:b9:0f:7c:41:

309
 *                 35:97:f9:db:3a:05:60:05:15:af:59:17:92:a3:10:

310
 *                 ad:16:1c:e4:07:53:af:a8:76:a2:56:2a:92:d3:f9:

311
 *                 28:e0:78:cf:5e:1f:48:ab:5c:19:dd:e1:67:43:ba:

312
 *                 75:8d:f5:82:ac:43:92:44:1b

313
 *             Exponent: 65537 (0x10001)

314
 *     X509v3 extensions:

315
 *         X509v3 Basic Constraints:

316
 *             CA:FALSE

317
 *         X509v3 Key Usage:

318
 *             Digital Signature, Non Repudiation, Key Encipherment

319
 *         X509v3 Subject Key Identifier:

320
 *             CD:BB:C8:85:AA:91:BD:FD:1D:BE:CD:67:7C:FF:B3:E9:4C:A8:22:E6

321
 *         X509v3 Authority Key Identifier:

322
 *             keyid:FA:B9:51:BF:4C:E7:D9:86:98:33:F9:E7:CB:1E:F1:33:49:F7:A8:14

323
 *

324
 *         X509v3 Subject Alternative Name: critical

325
 *             IP Address:127.0.0.1

326
 * Signature Algorithm: md5WithRSAEncryption

327
 *

328
 * -----BEGIN CERTIFICATE-----

329
 * MIICnzCCAgigAwIBAgIBBjANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET

330
 * MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK

331
 * EwhTb21lLU9yZzAeFw0wODEyMDgwMzI3MzRaFw0yODA4MjUwMzI3MzRaMHIxCzAJ

332
 * BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp

333
 * dHkxETAPBgNVBAoTCFNvbWUtT3JnMRMwEQYDVQQLEwpTU0wtQ2xpZW50MRIwEAYD

334
 * VQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALvwQDas

335
 * JlRO9KNaAC9pIW+5ejqT7KL24Y7HY9gvEjCZLrDyj/gnLSR4KIT3Ab+NRHndO9JV

336
 * 8848slshfe/9M0qxo//GyJu5D3xBNZf52zoFYAUVr1kXkqMQrRYc5AdTr6h2olYq

337
 * ktP5KOB4z14fSKtcGd3hZ0O6dY31gqxDkkQbAgMBAAGjbjBsMAkGA1UdEwQCMAAw

338
 * CwYDVR0PBAQDAgXgMB0GA1UdDgQWBBTNu8iFqpG9/R2+zWd8/7PpTKgi5jAfBgNV

339
 * HSMEGDAWgBT6uVG/TOfZhpgz+efLHvEzSfeoFDASBgNVHREBAf8ECDAGhwR/AAAB

340
 * MA0GCSqGSIb3DQEBBAUAA4GBACjj9PS+W6XOF7toFMwMOv/AemZeBOpcEF1Ei1Hx

341
 * HjvB6EOHkMY8tFm5OPzkiWiK3+s3awpSW0jWdzMYwrQJ3/klMsPDpI7PEuirqwHP

342
 * i5Wyl/vk7jmfWVcBO9MVhPUo4BYl4vS9aj6JA5QbkbkB95LOgT/BowY0WmHeVsXC

343
 * I9aw

344
 * -----END CERTIFICATE-----

345
 *

346
 *

347
 *

348
 * Trusted CA certificate:

349
 * Certificate:

350
 *   Data:

351
 *     Version: 3 (0x2)

352
 *     Serial Number: 0 (0x0)

353
 *     Signature Algorithm: md5WithRSAEncryption

354
 *     Issuer: C=US, ST=Some-State, L=Some-City, O=Some-Org

355
 *     Validity

356
 *         Not Before: Dec  8 02:43:36 2008 GMT

357
 *         Not After : Aug 25 02:43:36 2028 GMT

358
 *     Subject: C=US, ST=Some-State, L=Some-City, O=Some-Org

359
 *     Subject Public Key Info:

360
 *         Public Key Algorithm: rsaEncryption

361
 *         RSA Public Key: (1024 bit)

362
 *             Modulus (1024 bit):

363
 *                 00:cb:c4:38:20:07:be:88:a7:93:b0:a1:43:51:2d:

364
 *                 d7:8e:85:af:54:dd:ad:a2:7b:23:5b:cf:99:13:53:

365
 *                 99:45:7d:ee:6d:ba:2d:bf:e3:ad:6e:3d:9f:1a:f9:

366
 *                 03:97:e0:17:55:ae:11:26:57:de:01:29:8e:05:3f:

367
 *                 21:f7:e7:36:e8:2e:37:d7:48:ac:53:d6:60:0e:c7:

368
 *                 50:6d:f6:c5:85:f7:8b:a6:c5:91:35:72:3c:94:ee:

369
 *                 f1:17:f0:71:e3:ec:1b:ce:ca:4e:40:42:b0:6d:ee:

370
 *                 6a:0e:d6:e5:ad:3c:0f:c9:ba:82:4f:78:f8:89:97:

371
 *                 89:2a:95:12:4c:d8:09:2a:e9

372
 *             Exponent: 65537 (0x10001)

373
 *     X509v3 extensions:

374
 *         X509v3 Subject Key Identifier:

375
 *             FA:B9:51:BF:4C:E7:D9:86:98:33:F9:E7:CB:1E:F1:33:49:F7:A8:14

376
 *         X509v3 Authority Key Identifier:

377
 *             keyid:FA:B9:51:BF:4C:E7:D9:86:98:33:F9:E7:CB:1E:F1:33:49:F7:A8:14

378
 *             DirName:/C=US/ST=Some-State/L=Some-City/O=Some-Org

379
 *             serial:00

380
 *

381
 *         X509v3 Basic Constraints:

382
 *             CA:TRUE

383
 *  Signature Algorithm: md5WithRSAEncryption

384
 *

385
 * -----BEGIN CERTIFICATE-----

386
 * MIICrDCCAhWgAwIBAgIBADANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET

387
 * MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK

388
 * EwhTb21lLU9yZzAeFw0wODEyMDgwMjQzMzZaFw0yODA4MjUwMjQzMzZaMEkxCzAJ

389
 * BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp

390
 * dHkxETAPBgNVBAoTCFNvbWUtT3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB

391
 * gQDLxDggB76Ip5OwoUNRLdeOha9U3a2ieyNbz5kTU5lFfe5tui2/461uPZ8a+QOX

392
 * 4BdVrhEmV94BKY4FPyH35zboLjfXSKxT1mAOx1Bt9sWF94umxZE1cjyU7vEX8HHj

393
 * 7BvOyk5AQrBt7moO1uWtPA/JuoJPePiJl4kqlRJM2Akq6QIDAQABo4GjMIGgMB0G

394
 * A1UdDgQWBBT6uVG/TOfZhpgz+efLHvEzSfeoFDBxBgNVHSMEajBogBT6uVG/TOfZ

395
 * hpgz+efLHvEzSfeoFKFNpEswSTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUt

396
 * U3RhdGUxEjAQBgNVBAcTCVNvbWUtQ2l0eTERMA8GA1UEChMIU29tZS1PcmeCAQAw

397
 * DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQBcIm534U123Hz+rtyYO5uA

398
 * ofd81G6FnTfEAV8Kw9fGyyEbQZclBv34A9JsFKeMvU4OFIaixD7nLZ/NZ+IWbhmZ

399
 * LovmJXyCkOufea73pNiZ+f/4/ScZaIlM/PRycQSqbFNd4j9Wott+08qxHPLpsf3P

400
 * 6Mvf0r1PNTY2hwTJLJmKtg==

401
 * -----END CERTIFICATE---

402
 */

403


404


405
public class IPAddressIPIdentities {

406
    static Map cookies;

407
    ServerSocket ss;

408


409
    /*

410
     * =============================================================

411
     * Set the various variables needed for the tests, then

412
     * specify what tests to run on each side.

413
     */

414


415
    /*

416
     * Should we run the client or server in a separate thread?

417
     * Both sides can throw exceptions, but do you have a preference

418
     * as to which side should be the main thread.

419
     */

420
    static boolean separateServerThread = true;

421


422
    /*

423
     * Where do we find the keystores?

424
     */

425
    static String trusedCertStr =

426
        "-----BEGIN CERTIFICATE-----\n" +

427
        "MIICrDCCAhWgAwIBAgIBADANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET\n" +

428
        "MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK\n" +

429
        "EwhTb21lLU9yZzAeFw0wODEyMDgwMjQzMzZaFw0yODA4MjUwMjQzMzZaMEkxCzAJ\n" +

430
        "BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp\n" +

431
        "dHkxETAPBgNVBAoTCFNvbWUtT3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB\n" +

432
        "gQDLxDggB76Ip5OwoUNRLdeOha9U3a2ieyNbz5kTU5lFfe5tui2/461uPZ8a+QOX\n" +

433
        "4BdVrhEmV94BKY4FPyH35zboLjfXSKxT1mAOx1Bt9sWF94umxZE1cjyU7vEX8HHj\n" +

434
        "7BvOyk5AQrBt7moO1uWtPA/JuoJPePiJl4kqlRJM2Akq6QIDAQABo4GjMIGgMB0G\n" +

435
        "A1UdDgQWBBT6uVG/TOfZhpgz+efLHvEzSfeoFDBxBgNVHSMEajBogBT6uVG/TOfZ\n" +

436
        "hpgz+efLHvEzSfeoFKFNpEswSTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUt\n" +

437
        "U3RhdGUxEjAQBgNVBAcTCVNvbWUtQ2l0eTERMA8GA1UEChMIU29tZS1PcmeCAQAw\n" +

438
        "DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQBcIm534U123Hz+rtyYO5uA\n" +

439
        "ofd81G6FnTfEAV8Kw9fGyyEbQZclBv34A9JsFKeMvU4OFIaixD7nLZ/NZ+IWbhmZ\n" +

440
        "LovmJXyCkOufea73pNiZ+f/4/ScZaIlM/PRycQSqbFNd4j9Wott+08qxHPLpsf3P\n" +

441
        "6Mvf0r1PNTY2hwTJLJmKtg==\n" +

442
        "-----END CERTIFICATE-----";

443


444
    static String serverCertStr =

445
        "-----BEGIN CERTIFICATE-----\n" +

446
        "MIICnzCCAgigAwIBAgIBBzANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET\n" +

447
        "MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK\n" +

448
        "EwhTb21lLU9yZzAeFw0wODEyMDgwMzI3NTdaFw0yODA4MjUwMzI3NTdaMHIxCzAJ\n" +

449
        "BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp\n" +

450
        "dHkxETAPBgNVBAoTCFNvbWUtT3JnMRMwEQYDVQQLEwpTU0wtU2VydmVyMRIwEAYD\n" +

451
        "VQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKWsWxw3\n" +

452
        "ot2ZiS2yebiP1Uil5xyEF41pnMasbfnyHR85GdrTch5u7ETMcKTcugAw9qBPPVR6\n" +

453
        "YWrMV9AKf5UoGD+a2ZTyG8gkiH7+nQ89+1dTCLMgM9Q/F0cU0c3qCNgOdU6vvszS\n" +

454
        "7K+peknfwtmsuCRAkKYDVirQMAVALE+r2XSJAgMBAAGjbjBsMAkGA1UdEwQCMAAw\n" +

455
        "CwYDVR0PBAQDAgXgMB0GA1UdDgQWBBTtbtv0tVbI+xoGYT8PCLumBNgWVDAfBgNV\n" +

456
        "HSMEGDAWgBT6uVG/TOfZhpgz+efLHvEzSfeoFDASBgNVHREBAf8ECDAGhwR/AAAB\n" +

457
        "MA0GCSqGSIb3DQEBBAUAA4GBAFJjItCtCBZcjD69wdqfIbKmRFa6eJAjR6LcoDva\n" +

458
        "cKC/sDOLelpspiZ66Zb0Xdv5qQ7QrfOXt3K8QqJKRMdZLF9WfUfy0gJDM32ub91h\n" +

459
        "pu+TmcGPs+6RdrAQcuvU1ZDV9X8SMj7BtKaim4d5sqFw1npncKiA5xFn8vOYwdun\n" +

460
        "nZif\n" +

461
        "-----END CERTIFICATE-----";

462


463
    static String clientCertStr =

464
        "-----BEGIN CERTIFICATE-----\n" +

465
        "MIICnzCCAgigAwIBAgIBBjANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET\n" +

466
        "MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK\n" +

467
        "EwhTb21lLU9yZzAeFw0wODEyMDgwMzI3MzRaFw0yODA4MjUwMzI3MzRaMHIxCzAJ\n" +

468
        "BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp\n" +

469
        "dHkxETAPBgNVBAoTCFNvbWUtT3JnMRMwEQYDVQQLEwpTU0wtQ2xpZW50MRIwEAYD\n" +

470
        "VQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALvwQDas\n" +

471
        "JlRO9KNaAC9pIW+5ejqT7KL24Y7HY9gvEjCZLrDyj/gnLSR4KIT3Ab+NRHndO9JV\n" +

472
        "8848slshfe/9M0qxo//GyJu5D3xBNZf52zoFYAUVr1kXkqMQrRYc5AdTr6h2olYq\n" +

473
        "ktP5KOB4z14fSKtcGd3hZ0O6dY31gqxDkkQbAgMBAAGjbjBsMAkGA1UdEwQCMAAw\n" +

474
        "CwYDVR0PBAQDAgXgMB0GA1UdDgQWBBTNu8iFqpG9/R2+zWd8/7PpTKgi5jAfBgNV\n" +

475
        "HSMEGDAWgBT6uVG/TOfZhpgz+efLHvEzSfeoFDASBgNVHREBAf8ECDAGhwR/AAAB\n" +

476
        "MA0GCSqGSIb3DQEBBAUAA4GBACjj9PS+W6XOF7toFMwMOv/AemZeBOpcEF1Ei1Hx\n" +

477
        "HjvB6EOHkMY8tFm5OPzkiWiK3+s3awpSW0jWdzMYwrQJ3/klMsPDpI7PEuirqwHP\n" +

478
        "i5Wyl/vk7jmfWVcBO9MVhPUo4BYl4vS9aj6JA5QbkbkB95LOgT/BowY0WmHeVsXC\n" +

479
        "I9aw\n" +

480
        "-----END CERTIFICATE-----";

481


482


483
    static byte serverPrivateExponent[] = {

484
        (byte)0x6e, (byte)0xa7, (byte)0x1b, (byte)0x83,

485
        (byte)0x51, (byte)0x35, (byte)0x9a, (byte)0x44,

486
        (byte)0x7d, (byte)0xf6, (byte)0xe3, (byte)0x89,

487
        (byte)0xa0, (byte)0xd7, (byte)0x90, (byte)0x60,

488
        (byte)0xa1, (byte)0x4e, (byte)0x27, (byte)0x21,

489
        (byte)0xa2, (byte)0x89, (byte)0x74, (byte)0xcc,

490
        (byte)0x9d, (byte)0x75, (byte)0x75, (byte)0x4e,

491
        (byte)0xc7, (byte)0x82, (byte)0xe3, (byte)0xe3,

492
        (byte)0xc3, (byte)0x7d, (byte)0x00, (byte)0x54,

493
        (byte)0xec, (byte)0x36, (byte)0xb1, (byte)0xdf,

494
        (byte)0x91, (byte)0x9c, (byte)0x7a, (byte)0xc0,

495
        (byte)0x62, (byte)0x0a, (byte)0xd6, (byte)0xa9,

496
        (byte)0x22, (byte)0x91, (byte)0x4a, (byte)0x29,

497
        (byte)0x2e, (byte)0x43, (byte)0xfa, (byte)0x8c,

498
        (byte)0xd8, (byte)0xe9, (byte)0xbe, (byte)0xd9,

499
        (byte)0x4f, (byte)0xca, (byte)0x23, (byte)0xc6,

500
        (byte)0xe4, (byte)0x3f, (byte)0xb8, (byte)0x72,

501
        (byte)0xcf, (byte)0x02, (byte)0xfc, (byte)0xf4,

502
        (byte)0x58, (byte)0x34, (byte)0x77, (byte)0x76,

503
        (byte)0xce, (byte)0x22, (byte)0x44, (byte)0x5f,

504
        (byte)0x2d, (byte)0xca, (byte)0xee, (byte)0xf5,

505
        (byte)0x43, (byte)0x56, (byte)0x47, (byte)0x71,

506
        (byte)0x0b, (byte)0x09, (byte)0x6b, (byte)0x5e,

507
        (byte)0xf2, (byte)0xc8, (byte)0xee, (byte)0xd4,

508
        (byte)0x6e, (byte)0x44, (byte)0x92, (byte)0x2a,

509
        (byte)0x7f, (byte)0xcc, (byte)0xa7, (byte)0xd4,

510
        (byte)0x5b, (byte)0xfb, (byte)0xf7, (byte)0x4a,

511
        (byte)0xa9, (byte)0xfb, (byte)0x54, (byte)0x18,

512
        (byte)0xd5, (byte)0xd5, (byte)0x14, (byte)0xba,

513
        (byte)0xa0, (byte)0x1c, (byte)0x13, (byte)0xb3,

514
        (byte)0x37, (byte)0x6b, (byte)0x37, (byte)0x59,

515
        (byte)0xed, (byte)0xdb, (byte)0x6d, (byte)0xb1

516
    };

517


518
    static byte serverModulus[] = {

519
        (byte)0x00,

520
        (byte)0xa5, (byte)0xac, (byte)0x5b, (byte)0x1c,

521
        (byte)0x37, (byte)0xa2, (byte)0xdd, (byte)0x99,

522
        (byte)0x89, (byte)0x2d, (byte)0xb2, (byte)0x79,

523
        (byte)0xb8, (byte)0x8f, (byte)0xd5, (byte)0x48,

524
        (byte)0xa5, (byte)0xe7, (byte)0x1c, (byte)0x84,

525
        (byte)0x17, (byte)0x8d, (byte)0x69, (byte)0x9c,

526
        (byte)0xc6, (byte)0xac, (byte)0x6d, (byte)0xf9,

527
        (byte)0xf2, (byte)0x1d, (byte)0x1f, (byte)0x39,

528
        (byte)0x19, (byte)0xda, (byte)0xd3, (byte)0x72,

529
        (byte)0x1e, (byte)0x6e, (byte)0xec, (byte)0x44,

530
        (byte)0xcc, (byte)0x70, (byte)0xa4, (byte)0xdc,

531
        (byte)0xba, (byte)0x00, (byte)0x30, (byte)0xf6,

532
        (byte)0xa0, (byte)0x4f, (byte)0x3d, (byte)0x54,

533
        (byte)0x7a, (byte)0x61, (byte)0x6a, (byte)0xcc,

534
        (byte)0x57, (byte)0xd0, (byte)0x0a, (byte)0x7f,

535
        (byte)0x95, (byte)0x28, (byte)0x18, (byte)0x3f,

536
        (byte)0x9a, (byte)0xd9, (byte)0x94, (byte)0xf2,

537
        (byte)0x1b, (byte)0xc8, (byte)0x24, (byte)0x88,

538
        (byte)0x7e, (byte)0xfe, (byte)0x9d, (byte)0x0f,

539
        (byte)0x3d, (byte)0xfb, (byte)0x57, (byte)0x53,

540
        (byte)0x08, (byte)0xb3, (byte)0x20, (byte)0x33,

541
        (byte)0xd4, (byte)0x3f, (byte)0x17, (byte)0x47,

542
        (byte)0x14, (byte)0xd1, (byte)0xcd, (byte)0xea,

543
        (byte)0x08, (byte)0xd8, (byte)0x0e, (byte)0x75,

544
        (byte)0x4e, (byte)0xaf, (byte)0xbe, (byte)0xcc,

545
        (byte)0xd2, (byte)0xec, (byte)0xaf, (byte)0xa9,

546
        (byte)0x7a, (byte)0x49, (byte)0xdf, (byte)0xc2,

547
        (byte)0xd9, (byte)0xac, (byte)0xb8, (byte)0x24,

548
        (byte)0x40, (byte)0x90, (byte)0xa6, (byte)0x03,

549
        (byte)0x56, (byte)0x2a, (byte)0xd0, (byte)0x30,

550
        (byte)0x05, (byte)0x40, (byte)0x2c, (byte)0x4f,

551
        (byte)0xab, (byte)0xd9, (byte)0x74, (byte)0x89

552
    };

553


554
    static byte clientPrivateExponent[] = {

555
        (byte)0x11, (byte)0xb7, (byte)0x6a, (byte)0x36,

556
        (byte)0x3d, (byte)0x30, (byte)0x37, (byte)0xce,

557
        (byte)0x61, (byte)0x9d, (byte)0x6c, (byte)0x84,

558
        (byte)0x8b, (byte)0xf3, (byte)0x9b, (byte)0x25,

559
        (byte)0x4f, (byte)0x14, (byte)0xc8, (byte)0xa4,

560
        (byte)0xdd, (byte)0x2f, (byte)0xd7, (byte)0x9a,

561
        (byte)0x17, (byte)0xbd, (byte)0x90, (byte)0x19,

562
        (byte)0xf7, (byte)0x05, (byte)0xfd, (byte)0xf2,

563
        (byte)0xd2, (byte)0xc5, (byte)0xf7, (byte)0x77,

564
        (byte)0xbe, (byte)0xea, (byte)0xe2, (byte)0x84,

565
        (byte)0x87, (byte)0x97, (byte)0x3a, (byte)0x41,

566
        (byte)0x96, (byte)0xb6, (byte)0x99, (byte)0xf8,

567
        (byte)0x94, (byte)0x8c, (byte)0x58, (byte)0x71,

568
        (byte)0x51, (byte)0x8c, (byte)0xf4, (byte)0x2a,

569
        (byte)0x20, (byte)0x9e, (byte)0x1a, (byte)0xa0,

570
        (byte)0x26, (byte)0x99, (byte)0x75, (byte)0xd6,

571
        (byte)0x31, (byte)0x53, (byte)0x43, (byte)0x39,

572
        (byte)0xf5, (byte)0x2a, (byte)0xa6, (byte)0x7e,

573
        (byte)0x34, (byte)0x42, (byte)0x51, (byte)0x2a,

574
        (byte)0x40, (byte)0x87, (byte)0x03, (byte)0x88,

575
        (byte)0x43, (byte)0x69, (byte)0xb2, (byte)0x89,

576
        (byte)0x6d, (byte)0x20, (byte)0xbd, (byte)0x7d,

577
        (byte)0x71, (byte)0xef, (byte)0x47, (byte)0x0a,

578
        (byte)0xdf, (byte)0x06, (byte)0xc1, (byte)0x69,

579
        (byte)0x66, (byte)0xa8, (byte)0x22, (byte)0x37,

580
        (byte)0x1a, (byte)0x77, (byte)0x1e, (byte)0xc7,

581
        (byte)0x94, (byte)0x4e, (byte)0x2c, (byte)0x27,

582
        (byte)0x69, (byte)0x45, (byte)0x5e, (byte)0xc8,

583
        (byte)0xf8, (byte)0x0c, (byte)0xb7, (byte)0xf8,

584
        (byte)0xc0, (byte)0x8f, (byte)0x99, (byte)0xc1,

585
        (byte)0xe5, (byte)0x28, (byte)0x9b, (byte)0xf9,

586
        (byte)0x4c, (byte)0x94, (byte)0xc6, (byte)0xb1

587
    };

588


589
    static byte clientModulus[] = {

590
        (byte)0x00,

591
        (byte)0xbb, (byte)0xf0, (byte)0x40, (byte)0x36,

592
        (byte)0xac, (byte)0x26, (byte)0x54, (byte)0x4e,

593
        (byte)0xf4, (byte)0xa3, (byte)0x5a, (byte)0x00,

594
        (byte)0x2f, (byte)0x69, (byte)0x21, (byte)0x6f,

595
        (byte)0xb9, (byte)0x7a, (byte)0x3a, (byte)0x93,

596
        (byte)0xec, (byte)0xa2, (byte)0xf6, (byte)0xe1,

597
        (byte)0x8e, (byte)0xc7, (byte)0x63, (byte)0xd8,

598
        (byte)0x2f, (byte)0x12, (byte)0x30, (byte)0x99,

599
        (byte)0x2e, (byte)0xb0, (byte)0xf2, (byte)0x8f,

600
        (byte)0xf8, (byte)0x27, (byte)0x2d, (byte)0x24,

601
        (byte)0x78, (byte)0x28, (byte)0x84, (byte)0xf7,

602
        (byte)0x01, (byte)0xbf, (byte)0x8d, (byte)0x44,

603
        (byte)0x79, (byte)0xdd, (byte)0x3b, (byte)0xd2,

604
        (byte)0x55, (byte)0xf3, (byte)0xce, (byte)0x3c,

605
        (byte)0xb2, (byte)0x5b, (byte)0x21, (byte)0x7d,

606
        (byte)0xef, (byte)0xfd, (byte)0x33, (byte)0x4a,

607
        (byte)0xb1, (byte)0xa3, (byte)0xff, (byte)0xc6,

608
        (byte)0xc8, (byte)0x9b, (byte)0xb9, (byte)0x0f,

609
        (byte)0x7c, (byte)0x41, (byte)0x35, (byte)0x97,

610
        (byte)0xf9, (byte)0xdb, (byte)0x3a, (byte)0x05,

611
        (byte)0x60, (byte)0x05, (byte)0x15, (byte)0xaf,

612
        (byte)0x59, (byte)0x17, (byte)0x92, (byte)0xa3,

613
        (byte)0x10, (byte)0xad, (byte)0x16, (byte)0x1c,

614
        (byte)0xe4, (byte)0x07, (byte)0x53, (byte)0xaf,

615
        (byte)0xa8, (byte)0x76, (byte)0xa2, (byte)0x56,

616
        (byte)0x2a, (byte)0x92, (byte)0xd3, (byte)0xf9,

617
        (byte)0x28, (byte)0xe0, (byte)0x78, (byte)0xcf,

618
        (byte)0x5e, (byte)0x1f, (byte)0x48, (byte)0xab,

619
        (byte)0x5c, (byte)0x19, (byte)0xdd, (byte)0xe1,

620
        (byte)0x67, (byte)0x43, (byte)0xba, (byte)0x75,

621
        (byte)0x8d, (byte)0xf5, (byte)0x82, (byte)0xac,

622
        (byte)0x43, (byte)0x92, (byte)0x44, (byte)0x1b

623
    };

624


625
    static char passphrase[] = "passphrase".toCharArray();

626


627
    /*

628
     * Is the server ready to serve?

629
     */

630
    volatile static boolean serverReady = false;

631


632
    /*

633
     * Is the connection ready to close?

634
     */

635
    volatile static boolean closeReady = false;

636


637
    /*

638
     * Turn on SSL debugging?

639
     */

640
    static boolean debug = false;

641


642
    private SSLServerSocket sslServerSocket = null;

643


644
    /*

645
     * Define the server side of the test.

646
     *

647
     * If the server prematurely exits, serverReady will be set to true

648
     * to avoid infinite hangs.

649
     */

650
    void doServerSide() throws Exception {

651
        SSLContext context = getSSLContext(trusedCertStr, serverCertStr,

652
            serverModulus, serverPrivateExponent, passphrase);

653
        SSLServerSocketFactory sslssf = context.getServerSocketFactory();

654


655
        sslServerSocket =

656
            (SSLServerSocket) sslssf.createServerSocket(serverPort);

657
        serverPort = sslServerSocket.getLocalPort();

658


659
        /*

660
         * Signal Client, we're ready for his connect.

661
         */

662
        serverReady = true;

663


664
        SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();

665
        sslSocket.setNeedClientAuth(true);

666


667
        PrintStream out =

668
                new PrintStream(sslSocket.getOutputStream());

669


670
        try {

671
            // ignore request data

672


673
            // send the response

674
            out.print("HTTP/1.1 200 OK\r\n");

675
            out.print("Content-Type: text/html; charset=iso-8859-1\r\n");

676
            out.print("Content-Length: "+ 9 +"\r\n");

677
            out.print("\r\n");

678
            out.print("Testing\r\n");

679
            out.flush();

680
        } finally {

681
             // close the socket

682
             while (!closeReady) {

683
                 Thread.sleep(50);

684
             }

685


686
             System.out.println("Server closing socket");

687
             sslSocket.close();

688
             serverReady = false;

689
        }

690


691
    }

692


693
    /*

694
     * Define the client side of the test.

695
     *

696
     * If the server prematurely exits, serverReady will be set to true

697
     * to avoid infinite hangs.

698
     */

699
    void doClientSide() throws Exception {

700
        SSLContext reservedSSLContext = SSLContext.getDefault();

701
        try {

702
            SSLContext context = getSSLContext(trusedCertStr, clientCertStr,

703
                clientModulus, clientPrivateExponent, passphrase);

704


705
            SSLContext.setDefault(context);

706


707
            /*

708
             * Wait for server to get started.

709
             */

710
            while (!serverReady) {

711
                Thread.sleep(50);

712
            }

713


714
            HttpsURLConnection http = null;

715


716
            /* establish http connection to server */

717
            URL url = new URL("https://127.0.0.1:" + serverPort+"/");

718
            System.out.println("url is "+url.toString());

719


720
            try {

721
                http = (HttpsURLConnection)url.openConnection();

722


723
                int respCode = http.getResponseCode();

724
                System.out.println("respCode = "+respCode);

725
            } finally {

726
                if (http != null) {

727
                    http.disconnect();

728
                }

729
                closeReady = true;

730
            }

731
        } finally {

732
            SSLContext.setDefault(reservedSSLContext);

733
        }

734
    }

735


736
    /*

737
     * =============================================================

738
     * The remainder is just support stuff

739
     */

740


741
    // use any free port by default

742
    volatile int serverPort = 0;

743


744
    volatile Exception serverException = null;

745
    volatile Exception clientException = null;

746


747
    public static void main(String args[]) throws Exception {

748
        // MD5 is used in this test case, don't disable MD5 algorithm.

749
        Security.setProperty("jdk.certpath.disabledAlgorithms",

750
                "MD2, RSA keySize < 1024");

751
        Security.setProperty("jdk.tls.disabledAlgorithms",

752
                "SSLv3, RC4, DH keySize < 768");

753


754
        if (debug)

755
            System.setProperty("javax.net.debug", "all");

756


757
        /*

758
         * Start the tests.

759
         */

760
        new IPAddressIPIdentities();

761
    }

762


763
    Thread clientThread = null;

764
    Thread serverThread = null;

765
    /*

766
     * Primary constructor, used to drive remainder of the test.

767
     *

768
     * Fork off the other side, then do your work.

769
     */

770
    IPAddressIPIdentities() throws Exception {

771
        if (separateServerThread) {

772
            startServer(true);

773
            startClient(false);

774
        } else {

775
            startClient(true);

776
            startServer(false);

777
        }

778


779
        /*

780
         * Wait for other side to close down.

781
         */

782
        if (separateServerThread) {

783
            serverThread.join();

784
        } else {

785
            clientThread.join();

786
        }

787


788
        /*

789
         * When we get here, the test is pretty much over.

790
         *

791
         * If the main thread excepted, that propagates back

792
         * immediately.  If the other thread threw an exception, we

793
         * should report back.

794
         */

795
        if (serverException != null)

796
            throw serverException;

797
        if (clientException != null)

798
            throw clientException;

799
    }

800


801
    void startServer(boolean newThread) throws Exception {

802
        if (newThread) {

803
            serverThread = new Thread() {

804
                public void run() {

805
                    try {

806
                        doServerSide();

807
                    } catch (Exception e) {

808
                        /*

809
                         * Our server thread just died.

810
                         *

811
                         * Release the client, if not active already...

812
                         */

813
                        System.err.println("Server died...");

814
                        serverReady = true;

815
                        serverException = e;

816
                    }

817
                }

818
            };

819
            serverThread.start();

820
        } else {

821
            doServerSide();

822
        }

823
    }

824


825
    void startClient(boolean newThread) throws Exception {

826
        if (newThread) {

827
            clientThread = new Thread() {

828
                public void run() {

829
                    try {

830
                        doClientSide();

831
                    } catch (Exception e) {

832
                        /*

833
                         * Our client thread just died.

834
                         */

835
                        System.err.println("Client died...");

836
                        clientException = e;

837
                    }

838
                }

839
            };

840
            clientThread.start();

841
        } else {

842
            doClientSide();

843
        }

844
    }

845


846
    // get the ssl context

847
    private static SSLContext getSSLContext(String trusedCertStr,

848
            String keyCertStr, byte[] modulus,

849
            byte[] privateExponent, char[] passphrase) throws Exception {

850


851
        // generate certificate from cert string

852
        CertificateFactory cf = CertificateFactory.getInstance("X.509");

853


854
        ByteArrayInputStream is =

855
                    new ByteArrayInputStream(trusedCertStr.getBytes());

856
        Certificate trusedCert = cf.generateCertificate(is);

857
        is.close();

858


859
        // create a key store

860
        KeyStore ks = KeyStore.getInstance("JKS");

861
        ks.load(null, null);

862


863
        // import the trused cert

864
        ks.setCertificateEntry("RSA Export Signer", trusedCert);

865


866
        if (keyCertStr != null) {

867
            // generate the private key.

868
            RSAPrivateKeySpec priKeySpec = new RSAPrivateKeySpec(

869
                                            new BigInteger(modulus),

870
                                            new BigInteger(privateExponent));

871
            KeyFactory kf = KeyFactory.getInstance("RSA");

872
            RSAPrivateKey priKey =

873
                    (RSAPrivateKey)kf.generatePrivate(priKeySpec);

874


875
            // generate certificate chain

876
            is = new ByteArrayInputStream(keyCertStr.getBytes());

877
            Certificate keyCert = cf.generateCertificate(is);

878
            is.close();

879


880
            Certificate[] chain = new Certificate[2];

881
            chain[0] = keyCert;

882
            chain[1] = trusedCert;

883


884
            // import the key entry.

885
            ks.setKeyEntry("Whatever", priKey, passphrase, chain);

886
        }

887


888
        // create SSL context

889
        TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX");

890
        tmf.init(ks);

891


892
        SSLContext ctx = SSLContext.getInstance("TLS");

893


894
        if (keyCertStr != null) {

895
            KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");

896
            kmf.init(ks, passphrase);

897


898
            ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);

899
        } else {

900
            ctx.init(null, tmf.getTrustManagers(), null);

901
        }

902


903
        return ctx;

904
    }

905


906
}

907


908