Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/openjdk-multiarch-jdk8u
 Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/test/sun/net/www/protocol/https/HttpsURLConnection/IPIdentities.java
38889 views
1
/*

2
 * Copyright (c) 2010, 2015, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.

8
 *

9
 * This code is distributed in the hope that it will be useful, but WITHOUT

10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

12
 * version 2 for more details (a copy is included in the LICENSE file that

13
 * accompanied this code).

14
 *

15
 * You should have received a copy of the GNU General Public License version

16
 * 2 along with this work; if not, write to the Free Software Foundation,

17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

18
 *

19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

20
 * or visit www.oracle.com if you need additional information or have any

21
 * questions.

22
 */

23


24
//

25
// SunJSSE does not support dynamic system properties, no way to re-use

26
// system properties in samevm/agentvm mode.

27
//

28


29
/* @test

30
 * @summary X509 certificate hostname checking is broken in JDK1.6.0_10

31
 * @bug 6766775

32
 * @run main/othervm IPIdentities

33
 * @author Xuelei Fan

34
 */

35


36
import java.net.*;

37
import java.util.*;

38
import java.io.*;

39
import javax.net.ssl.*;

40
import java.security.Security;

41
import java.security.KeyStore;

42
import java.security.KeyFactory;

43
import java.security.cert.Certificate;

44
import java.security.cert.CertificateFactory;

45
import java.security.spec.*;

46
import java.security.interfaces.*;

47
import java.math.BigInteger;

48


49
/*

50
 * Certificates and key used in the test.

51
 *

52
 * TLS server certificate:

53
 * server private key:

54
 * -----BEGIN RSA PRIVATE KEY-----

55
 * Proc-Type: 4,ENCRYPTED

56
 * DEK-Info: DES-EDE3-CBC,D9AE407F6D0E389A

57
 *

58
 * WPrA7TFol/cQCcp9oHnXWNpYlvRbbIcQj0m+RKT2Iuzfus+DHt3Zadf8nJpKfX2e

59
 * h2rnhlzCN9M7djRDooZKDOPCsdBn51Au7HlZF3S3Opgo7D8XFM1a8t1Je4ke14oI

60
 * nw6QKYsBblRziPnP2PZ0zvX24nOv7bbY8beynlJHGs00VWSFdoH2DS0aE1p6D+3n

61
 * ptJuJ75dVfZFK4X7162APlNXevX8D6PEQpSiRw1rjjGGcnvQ4HdWk3BxDVDcCNJb

62
 * Y1aGNRxsjTDvPi3R9Qx2M+W03QzEPx4SR3ZHVskeSJHaetM0TM/w/45Paq4GokXP

63
 * ZeTnbEx1xmjkA7h+t4doLL4watx5F6yLsJzu8xB3lt/1EtmkYtLz1t7X4BetPAXz

64
 * zS69X/VwhKfsOI3qXBWuL2oHPyhDmT1gcaUQwEPSV6ogHEEQEDXdiUS8heNK13KF

65
 * TCQYFkETvV2BLxUhV1hypPzRQ6tUpJiAbD5KmoK2lD9slshG2QtvKQq0/bgkDY5J

66
 * LhDHV2dtcZ3kDPkkZXpbcJQvoeH3d09C5sIsuTFo2zgNR6oETHUc5TzP6FY2YYRa

67
 * QcK5HcmtsRRiXFm01ac+aMejJUIujjFt84SiKWT/73vC8AmY4tYcJBLjCg4XIxSH

68
 * fdDFLL1YZENNO5ivlp8mdiHqcawx+36L7DrEZQ8RZt6cqST5t/+XTdM74s6k81GT

69
 * pNsa82P2K2zmIUZ/DL2mKjW1vfRByw1NQFEBkN3vdyZxYfM/JyUzX4hbjXBEkh9Q

70
 * QYrcwLKLjis2QzSvK04B3bvRzRb+4ocWiso8ZPAXAIxZFBWDpTMM2A==

71
 * -----END RSA PRIVATE KEY-----

72
 *

73
 * -----BEGIN RSA PRIVATE KEY-----

74
 * MIICXAIBAAKBgQClrFscN6LdmYktsnm4j9VIpecchBeNaZzGrG358h0fORna03Ie

75
 * buxEzHCk3LoAMPagTz1UemFqzFfQCn+VKBg/mtmU8hvIJIh+/p0PPftXUwizIDPU

76
 * PxdHFNHN6gjYDnVOr77M0uyvqXpJ38LZrLgkQJCmA1Yq0DAFQCxPq9l0iQIDAQAB

77
 * AoGAbqcbg1E1mkR99uOJoNeQYKFOJyGiiXTMnXV1TseC4+PDfQBU7Dax35GcesBi

78
 * CtapIpFKKS5D+ozY6b7ZT8ojxuQ/uHLPAvz0WDR3ds4iRF8tyu71Q1ZHcQsJa17y

79
 * yO7UbkSSKn/Mp9Rb+/dKqftUGNXVFLqgHBOzN2s3We3bbbECQQDYBPKOg3hkaGHo

80
 * OhpHKqtQ6EVkldihG/3i4WejRonelXN+HRh1KrB2HBx0M8D/qAzP1i3rNSlSHer4

81
 * 59YRTJnHAkEAxFX/sVYSn07BHv9Zhn6XXct/Cj43z/tKNbzlNbcxqQwQerw3IH51

82
 * 8UH2YOA+GD3lXbKp+MytoFLWv8zg4YT/LwJAfqan75Z1R6lLffRS49bIiq8jwE16

83
 * rTrUJ+kv8jKxMqc9B3vXkxpsS1M/+4E8bqgAmvpgAb8xcsvHsBd9ErdukQJBAKs2

84
 * j67W75BrPjBI34pQ1LEfp56IGWXOrq1kF8IbCjxv3+MYRT6Z6UJFkpRymNPNDjsC

85
 * dgUYgITiGJHUGXuw3lMCQHEHqo9ZtXz92yFT+VhsNc29B8m/sqUJdtCcMd/jGpAF

86
 * u6GHufjqIZBpQsk63wbwESAPZZ+kk1O1kS5GIRLX608=

87
 * -----END RSA PRIVATE KEY-----

88
 *

89
 * Private-Key: (1024 bit)

90
 * modulus:

91
 *     00:a5:ac:5b:1c:37:a2:dd:99:89:2d:b2:79:b8:8f:

92
 *     d5:48:a5:e7:1c:84:17:8d:69:9c:c6:ac:6d:f9:f2:

93
 *     1d:1f:39:19:da:d3:72:1e:6e:ec:44:cc:70:a4:dc:

94
 *     ba:00:30:f6:a0:4f:3d:54:7a:61:6a:cc:57:d0:0a:

95
 *     7f:95:28:18:3f:9a:d9:94:f2:1b:c8:24:88:7e:fe:

96
 *     9d:0f:3d:fb:57:53:08:b3:20:33:d4:3f:17:47:14:

97
 *     d1:cd:ea:08:d8:0e:75:4e:af:be:cc:d2:ec:af:a9:

98
 *     7a:49:df:c2:d9:ac:b8:24:40:90:a6:03:56:2a:d0:

99
 *     30:05:40:2c:4f:ab:d9:74:89

100
 * publicExponent: 65537 (0x10001)

101
 * privateExponent:

102
 *     6e:a7:1b:83:51:35:9a:44:7d:f6:e3:89:a0:d7:90:

103
 *     60:a1:4e:27:21:a2:89:74:cc:9d:75:75:4e:c7:82:

104
 *     e3:e3:c3:7d:00:54:ec:36:b1:df:91:9c:7a:c0:62:

105
 *     0a:d6:a9:22:91:4a:29:2e:43:fa:8c:d8:e9:be:d9:

106
 *     4f:ca:23:c6:e4:3f:b8:72:cf:02:fc:f4:58:34:77:

107
 *     76:ce:22:44:5f:2d:ca:ee:f5:43:56:47:71:0b:09:

108
 *     6b:5e:f2:c8:ee:d4:6e:44:92:2a:7f:cc:a7:d4:5b:

109
 *     fb:f7:4a:a9:fb:54:18:d5:d5:14:ba:a0:1c:13:b3:

110
 *     37:6b:37:59:ed:db:6d:b1

111
 * prime1:

112
 *     00:d8:04:f2:8e:83:78:64:68:61:e8:3a:1a:47:2a:

113
 *     ab:50:e8:45:64:95:d8:a1:1b:fd:e2:e1:67:a3:46:

114
 *     89:de:95:73:7e:1d:18:75:2a:b0:76:1c:1c:74:33:

115
 *     c0:ff:a8:0c:cf:d6:2d:eb:35:29:52:1d:ea:f8:e7:

116
 *     d6:11:4c:99:c7

117
 * prime2:

118
 *     00:c4:55:ff:b1:56:12:9f:4e:c1:1e:ff:59:86:7e:

119
 *     97:5d:cb:7f:0a:3e:37:cf:fb:4a:35:bc:e5:35:b7:

120
 *     31:a9:0c:10:7a:bc:37:20:7e:75:f1:41:f6:60:e0:

121
 *     3e:18:3d:e5:5d:b2:a9:f8:cc:ad:a0:52:d6:bf:cc:

122
 *     e0:e1:84:ff:2f

123
 * exponent1:

124
 *     7e:a6:a7:ef:96:75:47:a9:4b:7d:f4:52:e3:d6:c8:

125
 *     8a:af:23:c0:4d:7a:ad:3a:d4:27:e9:2f:f2:32:b1:

126
 *     32:a7:3d:07:7b:d7:93:1a:6c:4b:53:3f:fb:81:3c:

127
 *     6e:a8:00:9a:fa:60:01:bf:31:72:cb:c7:b0:17:7d:

128
 *     12:b7:6e:91

129
 * exponent2:

130
 *     00:ab:36:8f:ae:d6:ef:90:6b:3e:30:48:df:8a:50:

131
 *     d4:b1:1f:a7:9e:88:19:65:ce:ae:ad:64:17:c2:1b:

132
 *     0a:3c:6f:df:e3:18:45:3e:99:e9:42:45:92:94:72:

133
 *     98:d3:cd:0e:3b:02:76:05:18:80:84:e2:18:91:d4:

134
 *     19:7b:b0:de:53

135
 * coefficient:

136
 *     71:07:aa:8f:59:b5:7c:fd:db:21:53:f9:58:6c:35:

137
 *     cd:bd:07:c9:bf:b2:a5:09:76:d0:9c:31:df:e3:1a:

138
 *     90:05:bb:a1:87:b9:f8:ea:21:90:69:42:c9:3a:df:

139
 *     06:f0:11:20:0f:65:9f:a4:93:53:b5:91:2e:46:21:

140
 *     12:d7:eb:4f

141
 *

142
 *

143
 * server certificate:

144
 * Data:

145
 *     Version: 3 (0x2)

146
 *     Serial Number: 7 (0x7)

147
 *     Signature Algorithm: md5WithRSAEncryption

148
 *     Issuer: C=US, ST=Some-State, L=Some-City, O=Some-Org

149
 *     Validity

150
 *         Not Before: Dec  8 03:27:57 2008 GMT

151
 *         Not After : Aug 25 03:27:57 2028 GMT

152
 *     Subject: C=US, ST=Some-State, L=Some-City, O=Some-Org, OU=SSL-Server, CN=localhost

153
 *     Subject Public Key Info:

154
 *         Public Key Algorithm: rsaEncryption

155
 *         RSA Public Key: (1024 bit)

156
 *             Modulus (1024 bit):

157
 *                 00:a5:ac:5b:1c:37:a2:dd:99:89:2d:b2:79:b8:8f:

158
 *                 d5:48:a5:e7:1c:84:17:8d:69:9c:c6:ac:6d:f9:f2:

159
 *                 1d:1f:39:19:da:d3:72:1e:6e:ec:44:cc:70:a4:dc:

160
 *                 ba:00:30:f6:a0:4f:3d:54:7a:61:6a:cc:57:d0:0a:

161
 *                 7f:95:28:18:3f:9a:d9:94:f2:1b:c8:24:88:7e:fe:

162
 *                 9d:0f:3d:fb:57:53:08:b3:20:33:d4:3f:17:47:14:

163
 *                 d1:cd:ea:08:d8:0e:75:4e:af:be:cc:d2:ec:af:a9:

164
 *                 7a:49:df:c2:d9:ac:b8:24:40:90:a6:03:56:2a:d0:

165
 *                 30:05:40:2c:4f:ab:d9:74:89

166
 *             Exponent: 65537 (0x10001)

167
 *     X509v3 extensions:

168
 *         X509v3 Basic Constraints:

169
 *             CA:FALSE

170
 *         X509v3 Key Usage:

171
 *             Digital Signature, Non Repudiation, Key Encipherment

172
 *         X509v3 Subject Key Identifier:

173
 *             ED:6E:DB:F4:B5:56:C8:FB:1A:06:61:3F:0F:08:BB:A6:04:D8:16:54

174
 *         X509v3 Authority Key Identifier:

175
 *             keyid:FA:B9:51:BF:4C:E7:D9:86:98:33:F9:E7:CB:1E:F1:33:49:F7:A8:14

176
 *

177
 *         X509v3 Subject Alternative Name: critical

178
 *             IP Address:127.0.0.1

179
 * Signature Algorithm: md5WithRSAEncryption

180
 *

181
 * -----BEGIN CERTIFICATE-----

182
 * MIICnzCCAgigAwIBAgIBBzANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET

183
 * MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK

184
 * EwhTb21lLU9yZzAeFw0wODEyMDgwMzI3NTdaFw0yODA4MjUwMzI3NTdaMHIxCzAJ

185
 * BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp

186
 * dHkxETAPBgNVBAoTCFNvbWUtT3JnMRMwEQYDVQQLEwpTU0wtU2VydmVyMRIwEAYD

187
 * VQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKWsWxw3

188
 * ot2ZiS2yebiP1Uil5xyEF41pnMasbfnyHR85GdrTch5u7ETMcKTcugAw9qBPPVR6

189
 * YWrMV9AKf5UoGD+a2ZTyG8gkiH7+nQ89+1dTCLMgM9Q/F0cU0c3qCNgOdU6vvszS

190
 * 7K+peknfwtmsuCRAkKYDVirQMAVALE+r2XSJAgMBAAGjbjBsMAkGA1UdEwQCMAAw

191
 * CwYDVR0PBAQDAgXgMB0GA1UdDgQWBBTtbtv0tVbI+xoGYT8PCLumBNgWVDAfBgNV

192
 * HSMEGDAWgBT6uVG/TOfZhpgz+efLHvEzSfeoFDASBgNVHREBAf8ECDAGhwR/AAAB

193
 * MA0GCSqGSIb3DQEBBAUAA4GBAFJjItCtCBZcjD69wdqfIbKmRFa6eJAjR6LcoDva

194
 * cKC/sDOLelpspiZ66Zb0Xdv5qQ7QrfOXt3K8QqJKRMdZLF9WfUfy0gJDM32ub91h

195
 * pu+TmcGPs+6RdrAQcuvU1ZDV9X8SMj7BtKaim4d5sqFw1npncKiA5xFn8vOYwdun

196
 * nZif

197
 * -----END CERTIFICATE-----

198
 *

199
 *

200
 * TLS client certificate:

201
 * client private key:

202
 * ----BEGIN RSA PRIVATE KEY-----

203
 * Proc-Type: 4,ENCRYPTED

204
 * DEK-Info: DES-EDE3-CBC,FA2A435CD35A9390

205
 *

206
 * Z+Y2uaETbsUWIyJUyVu1UV2G4rgFYJyACZT6Tp1KjRtxflSh2kXkJ9MpuXMXA0V4

207
 * Yy3fDzPqCL9NJmQAYRlAx/W/+j4F5EyMWDIx8fUxzONRZyoiwF7jLm+KscAfv6Pf

208
 * q7ItWOdj3z7IYrwlB8YIGd3F2cDKT3S+lYRk7rKb/qT7itbuHnY4Ardh3yl+MZak

209
 * jBp+ELUlRsUqSr1V0LoM+0rCCykarpyfhpxEcqsrl0v9Cyi5uhU50/oKv5zql3SH

210
 * l2ImgDjp3batAs8+Bd4NF2aqi0a7Hy44JUHxRm4caZryU/i/D9N1MbuM6882HLat

211
 * 5N0G+NaIUfywa8mjwq2D5aiit18HqKA6XeRRYeJ5Dvu9DCO4GeFSwcUFIBMI0L46

212
 * 7s114+oDodg57pMgITi+04vmUxvqlN9aiyd7f5Fgd7PeHGeOdbMz1NaJLJaPI9++

213
 * NakK8eK9iwT/Gdq0Uap5/CHW7vCT5PO+h3HY0STH0lWStXhdWnFO04zTdywsbSp+

214
 * DLpHeFT66shfeUlxR0PsCbG9vPRt/QmGLeYQZITppWo/ylSq4j+pRIuXvuWHdBRN

215
 * rTZ8QF4Y7AxQUXVz1j1++s6ZMHTzaK2i9HrhmDs1MbJl+QwWre3Xpv3LvTVz3k5U

216
 * wX8kuY1m3STt71QCaRWENq5sRaMImLxZbxc/ivFl9RAzUqo4NCxLod/QgA4iLqtO

217
 * ztnlpzwlC/F8HbQ1oqYWwnZAPhzU/cULtstl+Yrws2c2atO323LbPXZqbASySgig

218
 * sNpFXQMObdfP6LN23bY+1SvtK7V4NUTNhpdIc6INQAQ=

219
 * -----END RSA PRIVATE KEY-----

220
 *

221
 * -----BEGIN RSA PRIVATE KEY-----

222
 * MIICWwIBAAKBgQC78EA2rCZUTvSjWgAvaSFvuXo6k+yi9uGOx2PYLxIwmS6w8o/4

223
 * Jy0keCiE9wG/jUR53TvSVfPOPLJbIX3v/TNKsaP/xsibuQ98QTWX+ds6BWAFFa9Z

224
 * F5KjEK0WHOQHU6+odqJWKpLT+SjgeM9eH0irXBnd4WdDunWN9YKsQ5JEGwIDAQAB

225
 * AoGAEbdqNj0wN85hnWyEi/ObJU8UyKTdL9eaF72QGfcF/fLSxfd3vurihIeXOkGW

226
 * tpn4lIxYcVGM9CognhqgJpl11jFTQzn1KqZ+NEJRKkCHA4hDabKJbSC9fXHvRwrf

227
 * BsFpZqgiNxp3HseUTiwnaUVeyPgMt/jAj5nB5Sib+UyUxrECQQDnNQBiF2aifEg6

228
 * zbJOOC7he5CHAdkFxSxWVFVHL6EfXfqdLVkUohMbgZv+XxyIeU2biOExSg49Kds3

229
 * FOKgTau1AkEA0Bd1haj6QuCo8I0AXm2WO+MMTZMTvtHD/bGjKNM+fT4I8rKYnQRX

230
 * 1acHdqS9Xx2rNJqZgkMmpESIdPR2fc4yjwJALFeM6EMmqvj8/VIf5UJ/Mz14fXwM

231
 * PEARfckUxd9LnnFutCBTWlKvKXJVEZb6KO5ixPaegc57Jp3Vbh3yTN44lQJADD/1

232
 * SSMDaIB1MYP7a5Oj7m6VQNPRq8AJe5vDcRnOae0G9dKRrVyeFxO4GsHj6/+BHp2j

233
 * P8nYMn9eURQ7DXjf/QJAAQzMlWnKGSO8pyTDtnQx3hRMoUkOEhmNq4bQhLkYqtnY

234
 * FcqpUQ2qMjW+NiNWk5HnTrMS3L9EdJobMUzaNZLy4w==

235
 * -----END RSA PRIVATE KEY-----

236
 *

237
 * Private-Key: (1024 bit)

238
 * modulus:

239
 *     00:bb:f0:40:36:ac:26:54:4e:f4:a3:5a:00:2f:69:

240
 *     21:6f:b9:7a:3a:93:ec:a2:f6:e1:8e:c7:63:d8:2f:

241
 *     12:30:99:2e:b0:f2:8f:f8:27:2d:24:78:28:84:f7:

242
 *     01:bf:8d:44:79:dd:3b:d2:55:f3:ce:3c:b2:5b:21:

243
 *     7d:ef:fd:33:4a:b1:a3:ff:c6:c8:9b:b9:0f:7c:41:

244
 *     35:97:f9:db:3a:05:60:05:15:af:59:17:92:a3:10:

245
 *     ad:16:1c:e4:07:53:af:a8:76:a2:56:2a:92:d3:f9:

246
 *     28:e0:78:cf:5e:1f:48:ab:5c:19:dd:e1:67:43:ba:

247
 *     75:8d:f5:82:ac:43:92:44:1b

248
 * publicExponent: 65537 (0x10001)

249
 * privateExponent:

250
 *     11:b7:6a:36:3d:30:37:ce:61:9d:6c:84:8b:f3:9b:

251
 *     25:4f:14:c8:a4:dd:2f:d7:9a:17:bd:90:19:f7:05:

252
 *     fd:f2:d2:c5:f7:77:be:ea:e2:84:87:97:3a:41:96:

253
 *     b6:99:f8:94:8c:58:71:51:8c:f4:2a:20:9e:1a:a0:

254
 *     26:99:75:d6:31:53:43:39:f5:2a:a6:7e:34:42:51:

255
 *     2a:40:87:03:88:43:69:b2:89:6d:20:bd:7d:71:ef:

256
 *     47:0a:df:06:c1:69:66:a8:22:37:1a:77:1e:c7:94:

257
 *     4e:2c:27:69:45:5e:c8:f8:0c:b7:f8:c0:8f:99:c1:

258
 *     e5:28:9b:f9:4c:94:c6:b1

259
 * prime1:

260
 *     00:e7:35:00:62:17:66:a2:7c:48:3a:cd:b2:4e:38:

261
 *     2e:e1:7b:90:87:01:d9:05:c5:2c:56:54:55:47:2f:

262
 *     a1:1f:5d:fa:9d:2d:59:14:a2:13:1b:81:9b:fe:5f:

263
 *     1c:88:79:4d:9b:88:e1:31:4a:0e:3d:29:db:37:14:

264
 *     e2:a0:4d:ab:b5

265
 * prime2:

266
 *     00:d0:17:75:85:a8:fa:42:e0:a8:f0:8d:00:5e:6d:

267
 *     96:3b:e3:0c:4d:93:13:be:d1:c3:fd:b1:a3:28:d3:

268
 *     3e:7d:3e:08:f2:b2:98:9d:04:57:d5:a7:07:76:a4:

269
 *     bd:5f:1d:ab:34:9a:99:82:43:26:a4:44:88:74:f4:

270
 *     76:7d:ce:32:8f

271
 * exponent1:

272
 *     2c:57:8c:e8:43:26:aa:f8:fc:fd:52:1f:e5:42:7f:

273
 *     33:3d:78:7d:7c:0c:3c:40:11:7d:c9:14:c5:df:4b:

274
 *     9e:71:6e:b4:20:53:5a:52:af:29:72:55:11:96:fa:

275
 *     28:ee:62:c4:f6:9e:81:ce:7b:26:9d:d5:6e:1d:f2:

276
 *     4c:de:38:95

277
 * exponent2:

278
 *     0c:3f:f5:49:23:03:68:80:75:31:83:fb:6b:93:a3:

279
 *     ee:6e:95:40:d3:d1:ab:c0:09:7b:9b:c3:71:19:ce:

280
 *     69:ed:06:f5:d2:91:ad:5c:9e:17:13:b8:1a:c1:e3:

281
 *     eb:ff:81:1e:9d:a3:3f:c9:d8:32:7f:5e:51:14:3b:

282
 *     0d:78:df:fd

283
 * coefficient:

284
 *     01:0c:cc:95:69:ca:19:23:bc:a7:24:c3:b6:74:31:

285
 *     de:14:4c:a1:49:0e:12:19:8d:ab:86:d0:84:b9:18:

286
 *     aa:d9:d8:15:ca:a9:51:0d:aa:32:35:be:36:23:56:

287
 *     93:91:e7:4e:b3:12:dc:bf:44:74:9a:1b:31:4c:da:

288
 *     35:92:f2:e3

289
 *

290
 * client certificate:

291
 * Data:

292
 *     Version: 3 (0x2)

293
 *     Serial Number: 6 (0x6)

294
 *     Signature Algorithm: md5WithRSAEncryption

295
 *     Issuer: C=US, ST=Some-State, L=Some-City, O=Some-Org

296
 *     Validity

297
 *         Not Before: Dec  8 03:27:34 2008 GMT

298
 *         Not After : Aug 25 03:27:34 2028 GMT

299
 *     Subject: C=US, ST=Some-State, L=Some-City, O=Some-Org, OU=SSL-Client, CN=localhost

300
 *     Subject Public Key Info:

301
 *         Public Key Algorithm: rsaEncryption

302
 *         RSA Public Key: (1024 bit)

303
 *             Modulus (1024 bit):

304
 *                 00:bb:f0:40:36:ac:26:54:4e:f4:a3:5a:00:2f:69:

305
 *                 21:6f:b9:7a:3a:93:ec:a2:f6:e1:8e:c7:63:d8:2f:

306
 *                 12:30:99:2e:b0:f2:8f:f8:27:2d:24:78:28:84:f7:

307
 *                 01:bf:8d:44:79:dd:3b:d2:55:f3:ce:3c:b2:5b:21:

308
 *                 7d:ef:fd:33:4a:b1:a3:ff:c6:c8:9b:b9:0f:7c:41:

309
 *                 35:97:f9:db:3a:05:60:05:15:af:59:17:92:a3:10:

310
 *                 ad:16:1c:e4:07:53:af:a8:76:a2:56:2a:92:d3:f9:

311
 *                 28:e0:78:cf:5e:1f:48:ab:5c:19:dd:e1:67:43:ba:

312
 *                 75:8d:f5:82:ac:43:92:44:1b

313
 *             Exponent: 65537 (0x10001)

314
 *     X509v3 extensions:

315
 *         X509v3 Basic Constraints:

316
 *             CA:FALSE

317
 *         X509v3 Key Usage:

318
 *             Digital Signature, Non Repudiation, Key Encipherment

319
 *         X509v3 Subject Key Identifier:

320
 *             CD:BB:C8:85:AA:91:BD:FD:1D:BE:CD:67:7C:FF:B3:E9:4C:A8:22:E6

321
 *         X509v3 Authority Key Identifier:

322
 *             keyid:FA:B9:51:BF:4C:E7:D9:86:98:33:F9:E7:CB:1E:F1:33:49:F7:A8:14

323
 *

324
 *         X509v3 Subject Alternative Name: critical

325
 *             IP Address:127.0.0.1

326
 * Signature Algorithm: md5WithRSAEncryption

327
 *

328
 * -----BEGIN CERTIFICATE-----

329
 * MIICnzCCAgigAwIBAgIBBjANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET

330
 * MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK

331
 * EwhTb21lLU9yZzAeFw0wODEyMDgwMzI3MzRaFw0yODA4MjUwMzI3MzRaMHIxCzAJ

332
 * BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp

333
 * dHkxETAPBgNVBAoTCFNvbWUtT3JnMRMwEQYDVQQLEwpTU0wtQ2xpZW50MRIwEAYD

334
 * VQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALvwQDas

335
 * JlRO9KNaAC9pIW+5ejqT7KL24Y7HY9gvEjCZLrDyj/gnLSR4KIT3Ab+NRHndO9JV

336
 * 8848slshfe/9M0qxo//GyJu5D3xBNZf52zoFYAUVr1kXkqMQrRYc5AdTr6h2olYq

337
 * ktP5KOB4z14fSKtcGd3hZ0O6dY31gqxDkkQbAgMBAAGjbjBsMAkGA1UdEwQCMAAw

338
 * CwYDVR0PBAQDAgXgMB0GA1UdDgQWBBTNu8iFqpG9/R2+zWd8/7PpTKgi5jAfBgNV

339
 * HSMEGDAWgBT6uVG/TOfZhpgz+efLHvEzSfeoFDASBgNVHREBAf8ECDAGhwR/AAAB

340
 * MA0GCSqGSIb3DQEBBAUAA4GBACjj9PS+W6XOF7toFMwMOv/AemZeBOpcEF1Ei1Hx

341
 * HjvB6EOHkMY8tFm5OPzkiWiK3+s3awpSW0jWdzMYwrQJ3/klMsPDpI7PEuirqwHP

342
 * i5Wyl/vk7jmfWVcBO9MVhPUo4BYl4vS9aj6JA5QbkbkB95LOgT/BowY0WmHeVsXC

343
 * I9aw

344
 * -----END CERTIFICATE-----

345
 *

346
 *

347
 *

348
 * Trusted CA certificate:

349
 * Certificate:

350
 *   Data:

351
 *     Version: 3 (0x2)

352
 *     Serial Number: 0 (0x0)

353
 *     Signature Algorithm: md5WithRSAEncryption

354
 *     Issuer: C=US, ST=Some-State, L=Some-City, O=Some-Org

355
 *     Validity

356
 *         Not Before: Dec  8 02:43:36 2008 GMT

357
 *         Not After : Aug 25 02:43:36 2028 GMT

358
 *     Subject: C=US, ST=Some-State, L=Some-City, O=Some-Org

359
 *     Subject Public Key Info:

360
 *         Public Key Algorithm: rsaEncryption

361
 *         RSA Public Key: (1024 bit)

362
 *             Modulus (1024 bit):

363
 *                 00:cb:c4:38:20:07:be:88:a7:93:b0:a1:43:51:2d:

364
 *                 d7:8e:85:af:54:dd:ad:a2:7b:23:5b:cf:99:13:53:

365
 *                 99:45:7d:ee:6d:ba:2d:bf:e3:ad:6e:3d:9f:1a:f9:

366
 *                 03:97:e0:17:55:ae:11:26:57:de:01:29:8e:05:3f:

367
 *                 21:f7:e7:36:e8:2e:37:d7:48:ac:53:d6:60:0e:c7:

368
 *                 50:6d:f6:c5:85:f7:8b:a6:c5:91:35:72:3c:94:ee:

369
 *                 f1:17:f0:71:e3:ec:1b:ce:ca:4e:40:42:b0:6d:ee:

370
 *                 6a:0e:d6:e5:ad:3c:0f:c9:ba:82:4f:78:f8:89:97:

371
 *                 89:2a:95:12:4c:d8:09:2a:e9

372
 *             Exponent: 65537 (0x10001)

373
 *     X509v3 extensions:

374
 *         X509v3 Subject Key Identifier:

375
 *             FA:B9:51:BF:4C:E7:D9:86:98:33:F9:E7:CB:1E:F1:33:49:F7:A8:14

376
 *         X509v3 Authority Key Identifier:

377
 *             keyid:FA:B9:51:BF:4C:E7:D9:86:98:33:F9:E7:CB:1E:F1:33:49:F7:A8:14

378
 *             DirName:/C=US/ST=Some-State/L=Some-City/O=Some-Org

379
 *             serial:00

380
 *

381
 *         X509v3 Basic Constraints:

382
 *             CA:TRUE

383
 *  Signature Algorithm: md5WithRSAEncryption

384
 *

385
 * -----BEGIN CERTIFICATE-----

386
 * MIICrDCCAhWgAwIBAgIBADANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET

387
 * MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK

388
 * EwhTb21lLU9yZzAeFw0wODEyMDgwMjQzMzZaFw0yODA4MjUwMjQzMzZaMEkxCzAJ

389
 * BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp

390
 * dHkxETAPBgNVBAoTCFNvbWUtT3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB

391
 * gQDLxDggB76Ip5OwoUNRLdeOha9U3a2ieyNbz5kTU5lFfe5tui2/461uPZ8a+QOX

392
 * 4BdVrhEmV94BKY4FPyH35zboLjfXSKxT1mAOx1Bt9sWF94umxZE1cjyU7vEX8HHj

393
 * 7BvOyk5AQrBt7moO1uWtPA/JuoJPePiJl4kqlRJM2Akq6QIDAQABo4GjMIGgMB0G

394
 * A1UdDgQWBBT6uVG/TOfZhpgz+efLHvEzSfeoFDBxBgNVHSMEajBogBT6uVG/TOfZ

395
 * hpgz+efLHvEzSfeoFKFNpEswSTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUt

396
 * U3RhdGUxEjAQBgNVBAcTCVNvbWUtQ2l0eTERMA8GA1UEChMIU29tZS1PcmeCAQAw

397
 * DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQBcIm534U123Hz+rtyYO5uA

398
 * ofd81G6FnTfEAV8Kw9fGyyEbQZclBv34A9JsFKeMvU4OFIaixD7nLZ/NZ+IWbhmZ

399
 * LovmJXyCkOufea73pNiZ+f/4/ScZaIlM/PRycQSqbFNd4j9Wott+08qxHPLpsf3P

400
 * 6Mvf0r1PNTY2hwTJLJmKtg==

401
 * -----END CERTIFICATE---

402
 */

403


404


405
public class IPIdentities {

406
    static Map cookies;

407
    ServerSocket ss;

408


409
    /*

410
     * =============================================================

411
     * Set the various variables needed for the tests, then

412
     * specify what tests to run on each side.

413
     */

414


415
    /*

416
     * Should we run the client or server in a separate thread?

417
     * Both sides can throw exceptions, but do you have a preference

418
     * as to which side should be the main thread.

419
     */

420
    static boolean separateServerThread = true;

421


422
    /*

423
     * Where do we find the keystores?

424
     */

425
    static String trusedCertStr =

426
        "-----BEGIN CERTIFICATE-----\n" +

427
        "MIICrDCCAhWgAwIBAgIBADANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET\n" +

428
        "MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK\n" +

429
        "EwhTb21lLU9yZzAeFw0wODEyMDgwMjQzMzZaFw0yODA4MjUwMjQzMzZaMEkxCzAJ\n" +

430
        "BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp\n" +

431
        "dHkxETAPBgNVBAoTCFNvbWUtT3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB\n" +

432
        "gQDLxDggB76Ip5OwoUNRLdeOha9U3a2ieyNbz5kTU5lFfe5tui2/461uPZ8a+QOX\n" +

433
        "4BdVrhEmV94BKY4FPyH35zboLjfXSKxT1mAOx1Bt9sWF94umxZE1cjyU7vEX8HHj\n" +

434
        "7BvOyk5AQrBt7moO1uWtPA/JuoJPePiJl4kqlRJM2Akq6QIDAQABo4GjMIGgMB0G\n" +

435
        "A1UdDgQWBBT6uVG/TOfZhpgz+efLHvEzSfeoFDBxBgNVHSMEajBogBT6uVG/TOfZ\n" +

436
        "hpgz+efLHvEzSfeoFKFNpEswSTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUt\n" +

437
        "U3RhdGUxEjAQBgNVBAcTCVNvbWUtQ2l0eTERMA8GA1UEChMIU29tZS1PcmeCAQAw\n" +

438
        "DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQBcIm534U123Hz+rtyYO5uA\n" +

439
        "ofd81G6FnTfEAV8Kw9fGyyEbQZclBv34A9JsFKeMvU4OFIaixD7nLZ/NZ+IWbhmZ\n" +

440
        "LovmJXyCkOufea73pNiZ+f/4/ScZaIlM/PRycQSqbFNd4j9Wott+08qxHPLpsf3P\n" +

441
        "6Mvf0r1PNTY2hwTJLJmKtg==\n" +

442
        "-----END CERTIFICATE-----";

443


444
    static String serverCertStr =

445
        "-----BEGIN CERTIFICATE-----\n" +

446
        "MIICnzCCAgigAwIBAgIBBzANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET\n" +

447
        "MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK\n" +

448
        "EwhTb21lLU9yZzAeFw0wODEyMDgwMzI3NTdaFw0yODA4MjUwMzI3NTdaMHIxCzAJ\n" +

449
        "BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp\n" +

450
        "dHkxETAPBgNVBAoTCFNvbWUtT3JnMRMwEQYDVQQLEwpTU0wtU2VydmVyMRIwEAYD\n" +

451
        "VQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKWsWxw3\n" +

452
        "ot2ZiS2yebiP1Uil5xyEF41pnMasbfnyHR85GdrTch5u7ETMcKTcugAw9qBPPVR6\n" +

453
        "YWrMV9AKf5UoGD+a2ZTyG8gkiH7+nQ89+1dTCLMgM9Q/F0cU0c3qCNgOdU6vvszS\n" +

454
        "7K+peknfwtmsuCRAkKYDVirQMAVALE+r2XSJAgMBAAGjbjBsMAkGA1UdEwQCMAAw\n" +

455
        "CwYDVR0PBAQDAgXgMB0GA1UdDgQWBBTtbtv0tVbI+xoGYT8PCLumBNgWVDAfBgNV\n" +

456
        "HSMEGDAWgBT6uVG/TOfZhpgz+efLHvEzSfeoFDASBgNVHREBAf8ECDAGhwR/AAAB\n" +

457
        "MA0GCSqGSIb3DQEBBAUAA4GBAFJjItCtCBZcjD69wdqfIbKmRFa6eJAjR6LcoDva\n" +

458
        "cKC/sDOLelpspiZ66Zb0Xdv5qQ7QrfOXt3K8QqJKRMdZLF9WfUfy0gJDM32ub91h\n" +

459
        "pu+TmcGPs+6RdrAQcuvU1ZDV9X8SMj7BtKaim4d5sqFw1npncKiA5xFn8vOYwdun\n" +

460
        "nZif\n" +

461
        "-----END CERTIFICATE-----";

462


463
    static String clientCertStr =

464
        "-----BEGIN CERTIFICATE-----\n" +

465
        "MIICnzCCAgigAwIBAgIBBjANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET\n" +

466
        "MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK\n" +

467
        "EwhTb21lLU9yZzAeFw0wODEyMDgwMzI3MzRaFw0yODA4MjUwMzI3MzRaMHIxCzAJ\n" +

468
        "BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp\n" +

469
        "dHkxETAPBgNVBAoTCFNvbWUtT3JnMRMwEQYDVQQLEwpTU0wtQ2xpZW50MRIwEAYD\n" +

470
        "VQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALvwQDas\n" +

471
        "JlRO9KNaAC9pIW+5ejqT7KL24Y7HY9gvEjCZLrDyj/gnLSR4KIT3Ab+NRHndO9JV\n" +

472
        "8848slshfe/9M0qxo//GyJu5D3xBNZf52zoFYAUVr1kXkqMQrRYc5AdTr6h2olYq\n" +

473
        "ktP5KOB4z14fSKtcGd3hZ0O6dY31gqxDkkQbAgMBAAGjbjBsMAkGA1UdEwQCMAAw\n" +

474
        "CwYDVR0PBAQDAgXgMB0GA1UdDgQWBBTNu8iFqpG9/R2+zWd8/7PpTKgi5jAfBgNV\n" +

475
        "HSMEGDAWgBT6uVG/TOfZhpgz+efLHvEzSfeoFDASBgNVHREBAf8ECDAGhwR/AAAB\n" +

476
        "MA0GCSqGSIb3DQEBBAUAA4GBACjj9PS+W6XOF7toFMwMOv/AemZeBOpcEF1Ei1Hx\n" +

477
        "HjvB6EOHkMY8tFm5OPzkiWiK3+s3awpSW0jWdzMYwrQJ3/klMsPDpI7PEuirqwHP\n" +

478
        "i5Wyl/vk7jmfWVcBO9MVhPUo4BYl4vS9aj6JA5QbkbkB95LOgT/BowY0WmHeVsXC\n" +

479
        "I9aw\n" +

480
        "-----END CERTIFICATE-----";

481


482


483
    static byte serverPrivateExponent[] = {

484
        (byte)0x6e, (byte)0xa7, (byte)0x1b, (byte)0x83,

485
        (byte)0x51, (byte)0x35, (byte)0x9a, (byte)0x44,

486
        (byte)0x7d, (byte)0xf6, (byte)0xe3, (byte)0x89,

487
        (byte)0xa0, (byte)0xd7, (byte)0x90, (byte)0x60,

488
        (byte)0xa1, (byte)0x4e, (byte)0x27, (byte)0x21,

489
        (byte)0xa2, (byte)0x89, (byte)0x74, (byte)0xcc,

490
        (byte)0x9d, (byte)0x75, (byte)0x75, (byte)0x4e,

491
        (byte)0xc7, (byte)0x82, (byte)0xe3, (byte)0xe3,

492
        (byte)0xc3, (byte)0x7d, (byte)0x00, (byte)0x54,

493
        (byte)0xec, (byte)0x36, (byte)0xb1, (byte)0xdf,

494
        (byte)0x91, (byte)0x9c, (byte)0x7a, (byte)0xc0,

495
        (byte)0x62, (byte)0x0a, (byte)0xd6, (byte)0xa9,

496
        (byte)0x22, (byte)0x91, (byte)0x4a, (byte)0x29,

497
        (byte)0x2e, (byte)0x43, (byte)0xfa, (byte)0x8c,

498
        (byte)0xd8, (byte)0xe9, (byte)0xbe, (byte)0xd9,

499
        (byte)0x4f, (byte)0xca, (byte)0x23, (byte)0xc6,

500
        (byte)0xe4, (byte)0x3f, (byte)0xb8, (byte)0x72,

501
        (byte)0xcf, (byte)0x02, (byte)0xfc, (byte)0xf4,

502
        (byte)0x58, (byte)0x34, (byte)0x77, (byte)0x76,

503
        (byte)0xce, (byte)0x22, (byte)0x44, (byte)0x5f,

504
        (byte)0x2d, (byte)0xca, (byte)0xee, (byte)0xf5,

505
        (byte)0x43, (byte)0x56, (byte)0x47, (byte)0x71,

506
        (byte)0x0b, (byte)0x09, (byte)0x6b, (byte)0x5e,

507
        (byte)0xf2, (byte)0xc8, (byte)0xee, (byte)0xd4,

508
        (byte)0x6e, (byte)0x44, (byte)0x92, (byte)0x2a,

509
        (byte)0x7f, (byte)0xcc, (byte)0xa7, (byte)0xd4,

510
        (byte)0x5b, (byte)0xfb, (byte)0xf7, (byte)0x4a,

511
        (byte)0xa9, (byte)0xfb, (byte)0x54, (byte)0x18,

512
        (byte)0xd5, (byte)0xd5, (byte)0x14, (byte)0xba,

513
        (byte)0xa0, (byte)0x1c, (byte)0x13, (byte)0xb3,

514
        (byte)0x37, (byte)0x6b, (byte)0x37, (byte)0x59,

515
        (byte)0xed, (byte)0xdb, (byte)0x6d, (byte)0xb1

516
    };

517


518
    static byte serverModulus[] = {

519
        (byte)0x00,

520
        (byte)0xa5, (byte)0xac, (byte)0x5b, (byte)0x1c,

521
        (byte)0x37, (byte)0xa2, (byte)0xdd, (byte)0x99,

522
        (byte)0x89, (byte)0x2d, (byte)0xb2, (byte)0x79,

523
        (byte)0xb8, (byte)0x8f, (byte)0xd5, (byte)0x48,

524
        (byte)0xa5, (byte)0xe7, (byte)0x1c, (byte)0x84,

525
        (byte)0x17, (byte)0x8d, (byte)0x69, (byte)0x9c,

526
        (byte)0xc6, (byte)0xac, (byte)0x6d, (byte)0xf9,

527
        (byte)0xf2, (byte)0x1d, (byte)0x1f, (byte)0x39,

528
        (byte)0x19, (byte)0xda, (byte)0xd3, (byte)0x72,

529
        (byte)0x1e, (byte)0x6e, (byte)0xec, (byte)0x44,

530
        (byte)0xcc, (byte)0x70, (byte)0xa4, (byte)0xdc,

531
        (byte)0xba, (byte)0x00, (byte)0x30, (byte)0xf6,

532
        (byte)0xa0, (byte)0x4f, (byte)0x3d, (byte)0x54,

533
        (byte)0x7a, (byte)0x61, (byte)0x6a, (byte)0xcc,

534
        (byte)0x57, (byte)0xd0, (byte)0x0a, (byte)0x7f,

535
        (byte)0x95, (byte)0x28, (byte)0x18, (byte)0x3f,

536
        (byte)0x9a, (byte)0xd9, (byte)0x94, (byte)0xf2,

537
        (byte)0x1b, (byte)0xc8, (byte)0x24, (byte)0x88,

538
        (byte)0x7e, (byte)0xfe, (byte)0x9d, (byte)0x0f,

539
        (byte)0x3d, (byte)0xfb, (byte)0x57, (byte)0x53,

540
        (byte)0x08, (byte)0xb3, (byte)0x20, (byte)0x33,

541
        (byte)0xd4, (byte)0x3f, (byte)0x17, (byte)0x47,

542
        (byte)0x14, (byte)0xd1, (byte)0xcd, (byte)0xea,

543
        (byte)0x08, (byte)0xd8, (byte)0x0e, (byte)0x75,

544
        (byte)0x4e, (byte)0xaf, (byte)0xbe, (byte)0xcc,

545
        (byte)0xd2, (byte)0xec, (byte)0xaf, (byte)0xa9,

546
        (byte)0x7a, (byte)0x49, (byte)0xdf, (byte)0xc2,

547
        (byte)0xd9, (byte)0xac, (byte)0xb8, (byte)0x24,

548
        (byte)0x40, (byte)0x90, (byte)0xa6, (byte)0x03,

549
        (byte)0x56, (byte)0x2a, (byte)0xd0, (byte)0x30,

550
        (byte)0x05, (byte)0x40, (byte)0x2c, (byte)0x4f,

551
        (byte)0xab, (byte)0xd9, (byte)0x74, (byte)0x89

552
    };

553


554
    static byte clientPrivateExponent[] = {

555
        (byte)0x11, (byte)0xb7, (byte)0x6a, (byte)0x36,

556
        (byte)0x3d, (byte)0x30, (byte)0x37, (byte)0xce,

557
        (byte)0x61, (byte)0x9d, (byte)0x6c, (byte)0x84,

558
        (byte)0x8b, (byte)0xf3, (byte)0x9b, (byte)0x25,

559
        (byte)0x4f, (byte)0x14, (byte)0xc8, (byte)0xa4,

560
        (byte)0xdd, (byte)0x2f, (byte)0xd7, (byte)0x9a,

561
        (byte)0x17, (byte)0xbd, (byte)0x90, (byte)0x19,

562
        (byte)0xf7, (byte)0x05, (byte)0xfd, (byte)0xf2,

563
        (byte)0xd2, (byte)0xc5, (byte)0xf7, (byte)0x77,

564
        (byte)0xbe, (byte)0xea, (byte)0xe2, (byte)0x84,

565
        (byte)0x87, (byte)0x97, (byte)0x3a, (byte)0x41,

566
        (byte)0x96, (byte)0xb6, (byte)0x99, (byte)0xf8,

567
        (byte)0x94, (byte)0x8c, (byte)0x58, (byte)0x71,

568
        (byte)0x51, (byte)0x8c, (byte)0xf4, (byte)0x2a,

569
        (byte)0x20, (byte)0x9e, (byte)0x1a, (byte)0xa0,

570
        (byte)0x26, (byte)0x99, (byte)0x75, (byte)0xd6,

571
        (byte)0x31, (byte)0x53, (byte)0x43, (byte)0x39,

572
        (byte)0xf5, (byte)0x2a, (byte)0xa6, (byte)0x7e,

573
        (byte)0x34, (byte)0x42, (byte)0x51, (byte)0x2a,

574
        (byte)0x40, (byte)0x87, (byte)0x03, (byte)0x88,

575
        (byte)0x43, (byte)0x69, (byte)0xb2, (byte)0x89,

576
        (byte)0x6d, (byte)0x20, (byte)0xbd, (byte)0x7d,

577
        (byte)0x71, (byte)0xef, (byte)0x47, (byte)0x0a,

578
        (byte)0xdf, (byte)0x06, (byte)0xc1, (byte)0x69,

579
        (byte)0x66, (byte)0xa8, (byte)0x22, (byte)0x37,

580
        (byte)0x1a, (byte)0x77, (byte)0x1e, (byte)0xc7,

581
        (byte)0x94, (byte)0x4e, (byte)0x2c, (byte)0x27,

582
        (byte)0x69, (byte)0x45, (byte)0x5e, (byte)0xc8,

583
        (byte)0xf8, (byte)0x0c, (byte)0xb7, (byte)0xf8,

584
        (byte)0xc0, (byte)0x8f, (byte)0x99, (byte)0xc1,

585
        (byte)0xe5, (byte)0x28, (byte)0x9b, (byte)0xf9,

586
        (byte)0x4c, (byte)0x94, (byte)0xc6, (byte)0xb1

587
    };

588


589
    static byte clientModulus[] = {

590
        (byte)0x00,

591
        (byte)0xbb, (byte)0xf0, (byte)0x40, (byte)0x36,

592
        (byte)0xac, (byte)0x26, (byte)0x54, (byte)0x4e,

593
        (byte)0xf4, (byte)0xa3, (byte)0x5a, (byte)0x00,

594
        (byte)0x2f, (byte)0x69, (byte)0x21, (byte)0x6f,

595
        (byte)0xb9, (byte)0x7a, (byte)0x3a, (byte)0x93,

596
        (byte)0xec, (byte)0xa2, (byte)0xf6, (byte)0xe1,

597
        (byte)0x8e, (byte)0xc7, (byte)0x63, (byte)0xd8,

598
        (byte)0x2f, (byte)0x12, (byte)0x30, (byte)0x99,

599
        (byte)0x2e, (byte)0xb0, (byte)0xf2, (byte)0x8f,

600
        (byte)0xf8, (byte)0x27, (byte)0x2d, (byte)0x24,

601
        (byte)0x78, (byte)0x28, (byte)0x84, (byte)0xf7,

602
        (byte)0x01, (byte)0xbf, (byte)0x8d, (byte)0x44,

603
        (byte)0x79, (byte)0xdd, (byte)0x3b, (byte)0xd2,

604
        (byte)0x55, (byte)0xf3, (byte)0xce, (byte)0x3c,

605
        (byte)0xb2, (byte)0x5b, (byte)0x21, (byte)0x7d,

606
        (byte)0xef, (byte)0xfd, (byte)0x33, (byte)0x4a,

607
        (byte)0xb1, (byte)0xa3, (byte)0xff, (byte)0xc6,

608
        (byte)0xc8, (byte)0x9b, (byte)0xb9, (byte)0x0f,

609
        (byte)0x7c, (byte)0x41, (byte)0x35, (byte)0x97,

610
        (byte)0xf9, (byte)0xdb, (byte)0x3a, (byte)0x05,

611
        (byte)0x60, (byte)0x05, (byte)0x15, (byte)0xaf,

612
        (byte)0x59, (byte)0x17, (byte)0x92, (byte)0xa3,

613
        (byte)0x10, (byte)0xad, (byte)0x16, (byte)0x1c,

614
        (byte)0xe4, (byte)0x07, (byte)0x53, (byte)0xaf,

615
        (byte)0xa8, (byte)0x76, (byte)0xa2, (byte)0x56,

616
        (byte)0x2a, (byte)0x92, (byte)0xd3, (byte)0xf9,

617
        (byte)0x28, (byte)0xe0, (byte)0x78, (byte)0xcf,

618
        (byte)0x5e, (byte)0x1f, (byte)0x48, (byte)0xab,

619
        (byte)0x5c, (byte)0x19, (byte)0xdd, (byte)0xe1,

620
        (byte)0x67, (byte)0x43, (byte)0xba, (byte)0x75,

621
        (byte)0x8d, (byte)0xf5, (byte)0x82, (byte)0xac,

622
        (byte)0x43, (byte)0x92, (byte)0x44, (byte)0x1b

623
    };

624


625
    static char passphrase[] = "passphrase".toCharArray();

626


627
    /*

628
     * Is the server ready to serve?

629
     */

630
    volatile static boolean serverReady = false;

631


632
    /*

633
     * Is the connection ready to close?

634
     */

635
    volatile static boolean closeReady = false;

636


637
    /*

638
     * Turn on SSL debugging?

639
     */

640
    static boolean debug = false;

641


642
    private SSLServerSocket sslServerSocket = null;

643


644
    /*

645
     * Define the server side of the test.

646
     *

647
     * If the server prematurely exits, serverReady will be set to true

648
     * to avoid infinite hangs.

649
     */

650
    void doServerSide() throws Exception {

651
        SSLContext context = getSSLContext(trusedCertStr, serverCertStr,

652
            serverModulus, serverPrivateExponent, passphrase);

653
        SSLServerSocketFactory sslssf = context.getServerSocketFactory();

654


655
        sslServerSocket =

656
            (SSLServerSocket) sslssf.createServerSocket(serverPort);

657
        serverPort = sslServerSocket.getLocalPort();

658


659
        /*

660
         * Signal Client, we're ready for his connect.

661
         */

662
        serverReady = true;

663


664
        SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();

665
        sslSocket.setNeedClientAuth(true);

666


667
        PrintStream out =

668
                new PrintStream(sslSocket.getOutputStream());

669


670
        try {

671
            // ignore request data

672


673
            // send the response

674
            out.print("HTTP/1.1 200 OK\r\n");

675
            out.print("Content-Type: text/html; charset=iso-8859-1\r\n");

676
            out.print("Content-Length: "+ 9 +"\r\n");

677
            out.print("\r\n");

678
            out.print("Testing\r\n");

679
            out.flush();

680
        } finally {

681
             // close the socket

682
             while (!closeReady) {

683
                 Thread.sleep(50);

684
             }

685


686
             System.out.println("Server closing socket");

687
             sslSocket.close();

688
             serverReady = false;

689
        }

690


691
    }

692


693
    /*

694
     * Define the client side of the test.

695
     *

696
     * If the server prematurely exits, serverReady will be set to true

697
     * to avoid infinite hangs.

698
     */

699
    void doClientSide() throws Exception {

700
        SSLContext reservedSSLContext = SSLContext.getDefault();

701
        try {

702
            SSLContext context = getSSLContext(trusedCertStr, clientCertStr,

703
                clientModulus, clientPrivateExponent, passphrase);

704
            SSLContext.setDefault(context);

705


706
            /*

707
             * Wait for server to get started.

708
             */

709
            while (!serverReady) {

710
                Thread.sleep(50);

711
            }

712


713
            HttpsURLConnection http = null;

714


715
            /* establish http connection to server */

716
            URL url = new URL("https://localhost:" + serverPort+"/");

717
            System.out.println("url is "+url.toString());

718


719
            try {

720
                http = (HttpsURLConnection)url.openConnection();

721


722
                int respCode = http.getResponseCode();

723
                System.out.println("respCode = "+respCode);

724
            } finally {

725
                if (http != null) {

726
                    http.disconnect();

727
                }

728
                closeReady = true;

729
            }

730
        } finally {

731
            SSLContext.setDefault(reservedSSLContext);

732
        }

733
    }

734


735
    /*

736
     * =============================================================

737
     * The remainder is just support stuff

738
     */

739


740
    // use any free port by default

741
    volatile int serverPort = 0;

742


743
    volatile Exception serverException = null;

744
    volatile Exception clientException = null;

745


746
    public static void main(String args[]) throws Exception {

747
        // MD5 is used in this test case, don't disable MD5 algorithm.

748
        Security.setProperty("jdk.certpath.disabledAlgorithms",

749
                "MD2, RSA keySize < 1024");

750
        Security.setProperty("jdk.tls.disabledAlgorithms",

751
                "SSLv3, RC4, DH keySize < 768");

752


753
        if (debug)

754
            System.setProperty("javax.net.debug", "all");

755


756
        /*

757
         * Start the tests.

758
         */

759
        new IPIdentities();

760
    }

761


762
    Thread clientThread = null;

763
    Thread serverThread = null;

764
    /*

765
     * Primary constructor, used to drive remainder of the test.

766
     *

767
     * Fork off the other side, then do your work.

768
     */

769
    IPIdentities() throws Exception {

770
        if (separateServerThread) {

771
            startServer(true);

772
            startClient(false);

773
        } else {

774
            startClient(true);

775
            startServer(false);

776
        }

777


778
        /*

779
         * Wait for other side to close down.

780
         */

781
        if (separateServerThread) {

782
            serverThread.join();

783
        } else {

784
            clientThread.join();

785
        }

786


787
        /*

788
         * When we get here, the test is pretty much over.

789
         *

790
         * If the main thread excepted, that propagates back

791
         * immediately.  If the other thread threw an exception, we

792
         * should report back.

793
         */

794
        if (serverException != null)

795
            throw serverException;

796
        if (clientException != null)

797
            throw clientException;

798
    }

799


800
    void startServer(boolean newThread) throws Exception {

801
        if (newThread) {

802
            serverThread = new Thread() {

803
                public void run() {

804
                    try {

805
                        doServerSide();

806
                    } catch (Exception e) {

807
                        /*

808
                         * Our server thread just died.

809
                         *

810
                         * Release the client, if not active already...

811
                         */

812
                        System.err.println("Server died...");

813
                        serverReady = true;

814
                        serverException = e;

815
                    }

816
                }

817
            };

818
            serverThread.start();

819
        } else {

820
            doServerSide();

821
        }

822
    }

823


824
    void startClient(boolean newThread) throws Exception {

825
        if (newThread) {

826
            clientThread = new Thread() {

827
                public void run() {

828
                    try {

829
                        doClientSide();

830
                    } catch (Exception e) {

831
                        /*

832
                         * Our client thread just died.

833
                         */

834
                        System.err.println("Client died...");

835
                        clientException = e;

836
                    }

837
                }

838
            };

839
            clientThread.start();

840
        } else {

841
            doClientSide();

842
        }

843
    }

844


845
    // get the ssl context

846
    private static SSLContext getSSLContext(String trusedCertStr,

847
            String keyCertStr, byte[] modulus,

848
            byte[] privateExponent, char[] passphrase) throws Exception {

849


850
        // generate certificate from cert string

851
        CertificateFactory cf = CertificateFactory.getInstance("X.509");

852


853
        ByteArrayInputStream is =

854
                    new ByteArrayInputStream(trusedCertStr.getBytes());

855
        Certificate trusedCert = cf.generateCertificate(is);

856
        is.close();

857


858
        // create a key store

859
        KeyStore ks = KeyStore.getInstance("JKS");

860
        ks.load(null, null);

861


862
        // import the trused cert

863
        ks.setCertificateEntry("RSA Export Signer", trusedCert);

864


865
        if (keyCertStr != null) {

866
            // generate the private key.

867
            RSAPrivateKeySpec priKeySpec = new RSAPrivateKeySpec(

868
                                            new BigInteger(modulus),

869
                                            new BigInteger(privateExponent));

870
            KeyFactory kf = KeyFactory.getInstance("RSA");

871
            RSAPrivateKey priKey =

872
                    (RSAPrivateKey)kf.generatePrivate(priKeySpec);

873


874
            // generate certificate chain

875
            is = new ByteArrayInputStream(keyCertStr.getBytes());

876
            Certificate keyCert = cf.generateCertificate(is);

877
            is.close();

878


879
            Certificate[] chain = new Certificate[2];

880
            chain[0] = keyCert;

881
            chain[1] = trusedCert;

882


883
            // import the key entry.

884
            ks.setKeyEntry("Whatever", priKey, passphrase, chain);

885
        }

886


887
        // create SSL context

888
        TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX");

889
        tmf.init(ks);

890


891
        SSLContext ctx = SSLContext.getInstance("TLS");

892


893
        if (keyCertStr != null) {

894
            KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");

895
            kmf.init(ks, passphrase);

896


897
            ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);

898
        } else {

899
            ctx.init(null, tmf.getTrustManagers(), null);

900
        }

901


902
        return ctx;

903
    }

904


905
}

906


907