Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/openjdk-multiarch-jdk8u
 Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/test/sun/security/util/HostnameMatcher/TestHostnameChecker.java
38853 views
1
/*

2
 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.

8
 *

9
 * This code is distributed in the hope that it will be useful, but WITHOUT

10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

12
 * version 2 for more details (a copy is included in the LICENSE file that

13
 * accompanied this code).

14
 *

15
 * You should have received a copy of the GNU General Public License version

16
 * 2 along with this work; if not, write to the Free Software Foundation,

17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

18
 *

19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

20
 * or visit www.oracle.com if you need additional information or have any

21
 * questions.

22
 */

23


24
/*

25
 * @test

26
 * @bug 4514108

27
 * @summary Verify host name matching behaves as defined in RFC2818.

28
 */

29


30
import java.io.*;

31
import java.security.cert.*;

32


33
import sun.security.util.*;

34


35
/**

36
 * Certificate 1:

37
 *   . no subject alternative names, most specific CN is foo1.com.

38
 *     (also test if serialnumber attribute is ignored)

39
 * <pre>

40
    [

41
    [

42
      Version: V1

43
      Subject: SERIALNUMBER=12 + CN=foo1.com, CN=foo2.com, O=Sun, C=US

44
      Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

45


46
      Key:  com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@1d8957f

47
      Validity: [From: Fri Mar 22 12:22:57 GMT 2002,

48
                   To: Tue Mar 22 12:22:57 GMT 2022]

49
      Issuer: CN=CA, O=Sun, C=US

50
      SerialNumber: [  0  ]

51


52
    ]

53
      Algorithm: [SHA1withRSA]

54
      Signature:

55
    0000: B8 E1 F8 A8 23 EB C4 E9   F9 03 F6 97 FA DD A2 56  ....#..........V

56
    0010: 06 B6 95 99 68 6B F8 72   6A 27 F4 13 CC 40 06 83  ....hk.rj'...@..

57
    0020: 62 C1 94 72 63 EA 69 FD   78 A2 06 D8 3B F5 D0 2C  b..rc.i.x...;..,

58
    0030: 97 D6 29 84 FA 6F 2E E1   13 6A C7 5D DE 2F 6A 2F  ..)..o...j.]./j/

59
    0040: 08 85 43 3B 7D DB C1 AB   1A DC 38 BE F7 4B 6B 82  ..C;......8..Kk.

60
    0050: 84 06 FA 46 82 77 42 A6   47 55 33 63 2B D4 05 2E  ...F.wB.GU3c+...

61
    0060: 76 F5 1B 6A CD 8E B2 B3   83 8E 9D 13 BC 82 0C 4B  v..j...........K

62
    0070: DE 8A 63 B5 EA F1 07 00   C0 7E C9 75 DF 13 FC 34  ..c........u...4

63


64
    ]

65
 * </pre>

66
 *

67
 * Certificate 2:

68
 *   . CN contains IP address, must be ignored.

69
 * <pre>

70
    [

71
    [

72
      Version: V1

73
      Subject: CN=1.2.3.4, O=Sun, C=US

74
      Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

75


76
      Key:  com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@173831b

77
      Validity: [From: Fri Mar 22 12:22:57 GMT 2002,

78
                   To: Tue Mar 22 12:22:57 GMT 2022]

79
      Issuer: CN=CA, O=Sun, C=US

80
      SerialNumber: [    01]

81


82
    ]

83
      Algorithm: [SHA1withRSA]

84
      Signature:

85
    0000: 15 86 83 1E 79 7F 8B 06   1F E0 BF 79 0F EA 84 D1  ....y......y....

86
    0010: C5 CD 2C D6 9D 4A 36 7C   75 41 E6 0D 8C 1D 65 60  ..,..J6.uA....e`

87
    0020: 0F 53 15 54 41 43 AE F9   E9 54 34 8A 4B B9 39 12  .S.TAC...T4.K.9.

88
    0030: DE 58 21 86 D3 F9 11 6C   4F 72 EF 8C 4B C3 66 FC  .X!....lOr..K.f.

89
    0040: BD AB 87 63 8F 59 1D C3   FE 76 DB B7 76 43 C2 A1  ...c.Y...v..vC..

90
    0050: 4D D7 92 C4 CA C6 DC 59   CA A6 1B 6D FE 01 AC F4  M......Y...m....

91
    0060: 09 86 D8 A1 40 C4 C2 77   BF 53 21 9A 3B 43 2E 9A  [email protected]!.;C..

92
    0070: D4 0C BE 85 47 A5 02 35   7D EE 27 11 36 0E 80 14  ....G..5..'.6...

93


94
    ]

95
 * </pre>

96
 *

97
 * Certificate 3:

98
 *   . Contains subject alternative name extension with DNS altfoo1.com,

99
 *     DNS altfoo2.com, IP 5.6.7.8. CNs in subject DN must be ignored.

100
 * <pre>

101
    [

102
    [

103
      Version: V3

104
      Subject: SERIALNUMBER=12 + CN=foo1.com, CN=foo2.com, O=Sun, C=US

105
      Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

106


107
      Key:  com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@18e2b22

108
      Validity: [From: Fri Mar 22 12:22:57 GMT 2002,

109
                   To: Tue Mar 22 12:22:57 GMT 2022]

110
      Issuer: CN=CA, O=Sun, C=US

111
      SerialNumber: [    02]

112


113
    Certificate Extensions: 1

114
    [1]: ObjectId: 2.5.29.17 Criticality=false

115
    SubjectAlternativeName [

116
    [DNSName: altfoo1.com, DNSName: altfoo2.com, IPAddress: 5.6.7.8]]

117


118
    ]

119
      Algorithm: [SHA1withRSA]

120
      Signature:

121
    0000: 65 A6 E5 96 4A D5 8F 8D   3E 70 7D 63 BE B1 58 1C  e...J...>p.c..X.

122
    0010: B5 35 EF 7D E8 00 9C 9E   56 E7 E9 52 71 7B BD 35  .5......V..Rq..5

123
    0020: 3D B5 F5 F7 B2 49 A0 E4   23 BB 2A 0A 25 84 0E E2  =....I..#.*.%...

124
    0030: 4B 6D 61 73 D5 C8 F1 0A   EC 2B F2 98 3D 80 F9 DC  Kmas.....+..=...

125
    0040: F5 D1 2A 36 44 EB 59 9A   E9 DF 97 FA AE C0 86 F1  ..*6D.Y.........

126
    0050: 2C 7B 54 21 F2 3A 56 83   0D E0 5A E1 0D FC D5 E2  ,.T!.:V...Z.....

127
    0060: 45 44 ED C8 C6 F8 26 8E   0C 14 ED D0 F7 37 1C 01  ED....&......7..

128
    0070: A5 E2 61 29 5D 14 B3 5A   EF 72 CC 9B 13 05 B0 B1  ..a)]..Z.r......

129


130
    ]

131
 * </pre>

132
 *

133
 * Certificate 4:

134
 *   . SubjAltName contains wildcard char, in the leftmost as well as

135
 *     in the middle component.

136
 * <pre>

137
   [

138
   [

139
    Version: V3

140
    Subject: SERIALNUMBER=12, O=Sun, C=US

141
    Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

142


143
    Key:  com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@17a8bd

144
    Validity: [From: Mon Apr 01 22:32:38 PST 2002,

145
               To: Fri Apr 01 22:32:38 PST 2022]

146
    Issuer: CN=CA, O=Sun, C=US

147
    SerialNumber: [    02]

148


149
    Certificate Extensions: 1

150
    [1]: ObjectId: 2.5.29.17 Criticality=false

151
    SubjectAlternativeName [

152


153
    [DNSName: f*.bar.com, DNSName: altfoo.b*.com]]

154


155
   ]

156
   Algorithm: [SHA1withRSA]

157
   Signature:

158
   0000: BB 9B 00 DB C9 94 15 34   03 9F 28 59 20 4D 10 63  .......4..(Y M.c

159
   0010: 63 6A F5 C8 56 7B 7C CC   E7 06 7E 1E BE 0B 84 92  cj..V...........

160
   0020: 05 0A 12 5E 21 5D 70 03   DA 27 0B 4E 39 67 FC 8D  ...^!]p..'.N9g..

161
   0030: D6 FC A6 5B F5 CA F1 4C   75 53 33 E3 4F 30 88 68  ...[...LuS3.O0.h

162
   0040: B8 F1 2C DF C2 A8 71 A7   37 55 66 7C 51 23 BB C2  ..,...q.7Uf.Q#..

163
   0050: 25 70 EA EE 44 ED 32 63   56 E0 BA C8 94 36 87 E2  %p..D.2cV....6..

164
   0060: 94 00 2A 3D 4C 46 78 E9   2B 20 9F 73 3C 8E 92 2E  ..*=LFx.+ .s<...

165
   0070: 66 85 C6 27 3A 84 21 94   82 93 B1 A4 94 B6 DE 2F  f..':.!......../

166


167
   ]

168
 * </pre>

169
 *

170
 */

171


172
public class TestHostnameChecker {

173


174
    private final static String PATH = System.getProperty("test.src", ".");

175


176
    public static void main(String[] args) throws Exception {

177
        CertificateFactory cf = CertificateFactory.getInstance("X.509");

178
        InputStream in = new FileInputStream(new File(PATH, "cert1.crt"));

179
        X509Certificate cert1 = (X509Certificate)cf.generateCertificate(in);

180
        in.close();

181
        in = new FileInputStream(new File(PATH, "cert2.crt"));

182
        X509Certificate cert2 = (X509Certificate)cf.generateCertificate(in);

183
        in.close();

184
        in = new FileInputStream(new File(PATH, "cert3.crt"));

185
        X509Certificate cert3 = (X509Certificate)cf.generateCertificate(in);

186
        in.close();

187
        in = new FileInputStream(new File(PATH, "cert4.crt"));

188
        X509Certificate cert4 = (X509Certificate)cf.generateCertificate(in);

189
        in.close();

190
        in = new FileInputStream(new File(PATH, "cert5.crt"));

191
        X509Certificate cert5 = (X509Certificate)cf.generateCertificate(in);

192
        in.close();

193


194
        HostnameChecker checker = HostnameChecker.getInstance(

195
                                        HostnameChecker.TYPE_TLS);

196
        System.out.println("TLS tests.........");

197
        System.out.println("==================");

198
        check(checker, "foo1.com", cert1, true);

199
        check(checker, "foo2.com", cert1, false);

200
        check(checker, "1.2.3.4", cert2, false);

201
        check(checker, "foo1.com", cert3, false);

202
        check(checker, "foo2.com", cert3, false);

203
        check(checker, "altfoo1.com", cert3, true);

204
        check(checker, "altfoo2.com", cert3, true);

205
        check(checker, "5.6.7.8", cert3, true);

206
        check(checker, "foo.bar.com", cert4, true);

207
        check(checker, "altfoo.bar.com", cert4, true);

208
        check(checker, "2001:db8:3c4d:15::1a2f:1a2b", cert5, true);

209
        check(checker, "2001:0db8:3c4d:0015:0000:0000:1a2f:1a2b", cert5, true);

210
        check(checker, "2002:db8:3c4d:15::1a2f:1a2b", cert5, false);

211


212
        checker = HostnameChecker.getInstance(

213
                                HostnameChecker.TYPE_LDAP);

214
        System.out.println();

215
        System.out.println("LDAP tests.........");

216
        System.out.println("==================");

217
        check(checker, "foo1.com", cert1, true);

218
        check(checker, "foo2.com", cert1, false);

219
        check(checker, "foo1.com", cert3, false);

220
        check(checker, "foo2.com", cert3, false);

221
        check(checker, "altfoo1.com", cert3, true);

222
        check(checker, "altfoo2.com", cert3, true);

223
        check(checker, "5.6.7.8", cert3, true);

224
        check(checker, "foo.bar.com", cert4, true);

225
        check(checker, "altfoo.bar.com", cert4, false);

226
    }

227


228
    private static void check(HostnameChecker checker, String name,

229
                 X509Certificate cert, boolean expectedResult)

230
                 throws Exception {

231
        try {

232
            checker.match(name, cert);

233
            if (expectedResult == false) {

234
                throw new Exception("Passed invalid test: " + name);

235
            }

236
        } catch (CertificateException e) {

237
            if (expectedResult == true) {

238
                throw e;

239
            }

240
        }

241
        System.out.println("OK: " + name);

242
    }

243
}

244


245