diff options
4 files changed, 455 insertions, 23 deletions
diff --git a/archive/src/main/java/java/util/zip/ZipInputStream.java b/archive/src/main/java/java/util/zip/ZipInputStream.java index 8c6a4c5..262fa3f 100644 --- a/archive/src/main/java/java/util/zip/ZipInputStream.java +++ b/archive/src/main/java/java/util/zip/ZipInputStream.java @@ -58,7 +58,9 @@ public class ZipInputStream extends InflaterInputStream implements ZipConstants static final int ZIPLocalHeaderVersionNeeded = 20; - private boolean zipClosed = false; + // BEGI android-removed + // private boolean zipClosed = false; + // END android-removed private boolean entriesEnd = false; @@ -101,11 +103,12 @@ public class ZipInputStream extends InflaterInputStream implements ZipConstants */ @Override public void close() throws IOException { - if (zipClosed != true) { + // BEGIN android-changed + if (closed != true) { closeEntry(); // Close the current entry - zipClosed = true; super.close(); } + // END android-changed } /** @@ -116,9 +119,11 @@ public class ZipInputStream extends InflaterInputStream implements ZipConstants * @since Android 1.0 */ public void closeEntry() throws IOException { - if (zipClosed) { + // BEGIN android-changed + if (closed) { throw new IOException(Messages.getString("archive.1E")); //$NON-NLS-1$ } + // END android-changed if (currentEntry == null) { return; } @@ -261,6 +266,9 @@ public class ZipInputStream extends InflaterInputStream implements ZipConstants } currentEntry.setExtra(e); } + // BEGIN android-added + eof = false; + // END android-added return currentEntry; } @@ -268,9 +276,11 @@ public class ZipInputStream extends InflaterInputStream implements ZipConstants @Override public int read(byte[] buffer, int start, int length) throws IOException { - if (zipClosed) { + // BEGIN android-changed + if (closed) { throw new IOException(Messages.getString("archive.1E")); //$NON-NLS-1$ } + // END android-changed if (inf.finished() || currentEntry == null) { return -1; } @@ -280,11 +290,17 @@ public class ZipInputStream extends InflaterInputStream implements ZipConstants if (currentEntry.compressionMethod == STORED) { int csize = (int) currentEntry.size; if (inRead >= csize) { + // BEGIN android-added + eof = true; + // END android-added return -1; } if (lastRead >= len) { lastRead = 0; if ((len = in.read(buf)) == -1) { + // BEGIN android-added + eof = true; + // END android-added return -1; } entryIn += len; @@ -360,22 +376,15 @@ public class ZipInputStream extends InflaterInputStream implements ZipConstants */ @Override public int available() throws IOException { - if (zipClosed) { + // BEGIN android-changed + if (closed) { throw new IOException(Messages.getString("archive.1E")); //$NON-NLS-1$ } if (currentEntry == null) { return 1; } - if (currentEntry.compressionMethod == STORED) { - if (inRead >= currentEntry.size) { - return 0; - } - } else { - if (inf.finished()) { - return 0; - } - } - return 1; + return super.available(); + // END android-changed } /** diff --git a/luni/src/main/java/java/net/InetAddress.java b/luni/src/main/java/java/net/InetAddress.java index 89f827b..72c7669 100644 --- a/luni/src/main/java/java/net/InetAddress.java +++ b/luni/src/main/java/java/net/InetAddress.java @@ -227,7 +227,7 @@ public class InetAddress extends Object implements Serializable { if (security != null) { security.checkConnect(host, -1); } - + // BEGIN android-changed byte[][] rawAddresses = getallbyname(host, Socket.preferIPv4Stack()); InetAddress[] returnedAddresses = new @@ -248,6 +248,7 @@ public class InetAddress extends Object implements Serializable { // ok we may have to re-order to make sure the // preferIPv6Addresses is respected + // END android-changed InetAddress[] orderedAddresses = null; if (returnedAddresses != null) { orderedAddresses = new InetAddress[returnedAddresses.length]; @@ -525,20 +526,21 @@ public class InetAddress extends Object implements Serializable { return anInetAddress; } - // BEGIN android-changed + // BEGIN android-added /** * Multiplies value by 1 billion. */ private static long secondsToNanos(int ttl) { return (long) ttl * 1000000000; } - // END android-changed + // END android-added // BEGIN android-deleted // static native InetAddress[] getAliasesByNameImpl(String name) // throws UnknownHostException; // END android-deleted + // BEGIN android-changed /** * Resolves a host name to its IP addresses. Thread safe. */ @@ -579,7 +581,8 @@ public class InetAddress extends Object implements Serializable { * exception, so this value should not be used as an argument. See also * inetAddr(String). */ -// static native int inetAddrImpl(String host) throws UnknownHostException; + // BEGIN android-changed + // static native int inetAddrImpl(String host) throws UnknownHostException; static int inetAddrImpl(String host) throws UnknownHostException { // TODO Probably not exactly what we want, and also inefficient. Provide native later. try { @@ -595,12 +598,14 @@ public class InetAddress extends Object implements Serializable { throw new UnknownHostException(host); } } + // END android-changed /** * Convert a binary address into a string containing an Ipv4 Internet * Protocol dotted address. */ -// static native String inetNtoaImpl(int hipAddr); + // BEGIN android-changed + // static native String inetNtoaImpl(int hipAddr); static String inetNtoaImpl(int hipAddr) { // TODO Inefficient and probably wrong. Provide proper (native?) implementation later. int a = (hipAddr >> 24) & 0xFF; @@ -610,6 +615,7 @@ public class InetAddress extends Object implements Serializable { return "" + a + "." + b + "." + c + "." + d; } + // END android-changed /** * Query the IP stack for the host address. The host is in string name form. diff --git a/luni/src/main/native/java_net_InetAddress.cpp b/luni/src/main/native/java_net_InetAddress.cpp index 84c9751..cf026bc 100644 --- a/luni/src/main/native/java_net_InetAddress.cpp +++ b/luni/src/main/native/java_net_InetAddress.cpp @@ -104,11 +104,16 @@ static jobjectArray getAllByNameUsingDns(JNIEnv* env, const char* name, memset(&hints, 0, sizeof(hints)); /* + * IPv4 only for now until the socket code supports IPv6; otherwise, the + * resolver will create two separate requests, one for IPv4 and one, + * currently unnecessary, for IPv6. + */ + hints.ai_family = AF_INET; + /* * If we don't specify a socket type, every address will appear twice, once * for SOCK_STREAM and one for SOCK_DGRAM. Since we do not return the family * anyway, just pick one. */ - hints.ai_family = preferIPv4Stack ? AF_INET : AF_UNSPEC; hints.ai_socktype = SOCK_STREAM; int result = getaddrinfo(name, NULL, &hints, &addressList); diff --git a/x-net/src/test/java/tests/api/javax/net/ssl/HandshakeCompletedEventTest.java b/x-net/src/test/java/tests/api/javax/net/ssl/HandshakeCompletedEventTest.java index 1b3c9d7..d21215b 100644 --- a/x-net/src/test/java/tests/api/javax/net/ssl/HandshakeCompletedEventTest.java +++ b/x-net/src/test/java/tests/api/javax/net/ssl/HandshakeCompletedEventTest.java @@ -22,20 +22,32 @@ import dalvik.annotation.TestLevel; import dalvik.annotation.TestTargetNew; import java.io.ByteArrayInputStream; +import java.io.InputStream; +import java.io.OutputStream; +import java.net.InetSocketAddress; +import java.security.KeyStore; import java.security.cert.Certificate; +import java.security.cert.CertificateException; import javax.net.ssl.HandshakeCompletedEvent; +import javax.net.ssl.HandshakeCompletedListener; +import javax.net.ssl.KeyManager; +import javax.net.ssl.KeyManagerFactory; +import javax.net.ssl.SSLContext; import javax.net.ssl.SSLPeerUnverifiedException; +import javax.net.ssl.SSLServerSocket; import javax.net.ssl.SSLSession; import javax.net.ssl.SSLSocket; +import javax.net.ssl.TrustManager; +import javax.net.ssl.X509TrustManager; import javax.security.cert.X509Certificate; import junit.framework.TestCase; +import org.apache.harmony.luni.util.Base64; import org.apache.harmony.xnet.tests.support.mySSLSession; import org.apache.harmony.xnet.tests.support.mySSLSocket; - /** * Tests for <code>HandshakeCompletedEvent</code> class constructors and methods. * @@ -276,4 +288,404 @@ public class HandshakeCompletedEventTest extends TestCase { fail("Unexpected exception: " + e); } } + + + // Regression test for CompletedHandshakeEvent not firing with a custom + // TrustManager + + + SSLSocket socket; + SSLSocket serverSocket; + MyHandshakeListener listener; + int port = 1081; + String host = "localhost"; + + private String PASSWORD = "android"; + + /** + * Defines the keystore contents for the server, BKS version. Holds just a + * single self-generated key. The subject name is "Test Server". + */ + private static final String SERVER_KEYS_BKS = + "AAAAAQAAABQDkebzoP1XwqyWKRCJEpn/t8dqIQAABDkEAAVteWtleQAAARpYl20nAAAAAQAFWC41" + + "MDkAAAJNMIICSTCCAbKgAwIBAgIESEfU1jANBgkqhkiG9w0BAQUFADBpMQswCQYDVQQGEwJVUzET" + + "MBEGA1UECBMKQ2FsaWZvcm5pYTEMMAoGA1UEBxMDTVRWMQ8wDQYDVQQKEwZHb29nbGUxEDAOBgNV" + + "BAsTB0FuZHJvaWQxFDASBgNVBAMTC1Rlc3QgU2VydmVyMB4XDTA4MDYwNTExNTgxNFoXDTA4MDkw" + + "MzExNTgxNFowaTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExDDAKBgNVBAcTA01U" + + "VjEPMA0GA1UEChMGR29vZ2xlMRAwDgYDVQQLEwdBbmRyb2lkMRQwEgYDVQQDEwtUZXN0IFNlcnZl" + + "cjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0LIdKaIr9/vsTq8BZlA3R+NFWRaH4lGsTAQy" + + "DPMF9ZqEDOaL6DJuu0colSBBBQ85hQTPa9m9nyJoN3pEi1hgamqOvQIWcXBk+SOpUGRZZFXwniJV" + + "zDKU5nE9MYgn2B9AoiH3CSuMz6HRqgVaqtppIe1jhukMc/kHVJvlKRNy9XMCAwEAATANBgkqhkiG" + + "9w0BAQUFAAOBgQC7yBmJ9O/eWDGtSH9BH0R3dh2NdST3W9hNZ8hIa8U8klhNHbUCSSktZmZkvbPU" + + "hse5LI3dh6RyNDuqDrbYwcqzKbFJaq/jX9kCoeb3vgbQElMRX8D2ID1vRjxwlALFISrtaN4VpWzV" + + "yeoHPW4xldeZmoVtjn8zXNzQhLuBqX2MmAAAAqwAAAAUvkUScfw9yCSmALruURNmtBai7kQAAAZx" + + "4Jmijxs/l8EBaleaUru6EOPioWkUAEVWCxjM/TxbGHOi2VMsQWqRr/DZ3wsDmtQgw3QTrUK666sR" + + "MBnbqdnyCyvM1J2V1xxLXPUeRBmR2CXorYGF9Dye7NkgVdfA+9g9L/0Au6Ugn+2Cj5leoIgkgApN" + + "vuEcZegFlNOUPVEs3SlBgUF1BY6OBM0UBHTPwGGxFBBcetcuMRbUnu65vyDG0pslT59qpaR0TMVs" + + "P+tcheEzhyjbfM32/vwhnL9dBEgM8qMt0sqF6itNOQU/F4WGkK2Cm2v4CYEyKYw325fEhzTXosck" + + "MhbqmcyLab8EPceWF3dweoUT76+jEZx8lV2dapR+CmczQI43tV9btsd1xiBbBHAKvymm9Ep9bPzM" + + "J0MQi+OtURL9Lxke/70/MRueqbPeUlOaGvANTmXQD2OnW7PISwJ9lpeLfTG0LcqkoqkbtLKQLYHI" + + "rQfV5j0j+wmvmpMxzjN3uvNajLa4zQ8l0Eok9SFaRr2RL0gN8Q2JegfOL4pUiHPsh64WWya2NB7f" + + "V+1s65eA5ospXYsShRjo046QhGTmymwXXzdzuxu8IlnTEont6P4+J+GsWk6cldGbl20hctuUKzyx" + + "OptjEPOKejV60iDCYGmHbCWAzQ8h5MILV82IclzNViZmzAapeeCnexhpXhWTs+xDEYSKEiG/camt" + + "bhmZc3BcyVJrW23PktSfpBQ6D8ZxoMfF0L7V2GQMaUg+3r7ucrx82kpqotjv0xHghNIm95aBr1Qw" + + "1gaEjsC/0wGmmBDg1dTDH+F1p9TInzr3EFuYD0YiQ7YlAHq3cPuyGoLXJ5dXYuSBfhDXJSeddUkl" + + "k1ufZyOOcskeInQge7jzaRfmKg3U94r+spMEvb0AzDQVOKvjjo1ivxMSgFRZaDb/4qw="; + + /** + * Defines the keystore contents for the server, JKS version. Holds just a + * single self-generated key. The subject name is "Test Server". + */ + private static final String SERVER_KEYS_JKS = + "/u3+7QAAAAIAAAABAAAAAQAFbXlrZXkAAAEaWFfBeAAAArowggK2MA4GCisGAQQBKgIRAQEFAASC" + + "AqI2kp5XjnF8YZkhcF92YsJNQkvsmH7zqMM87j23zSoV4DwyE3XeC/gZWq1ToScIhoqZkzlbWcu4" + + "T/Zfc/DrfGk/rKbBL1uWKGZ8fMtlZk8KoAhxZk1JSyJvdkyKxqmzUbxk1OFMlN2VJNu97FPVH+du" + + "dvjTvmpdoM81INWBW/1fZJeQeDvn4mMbbe0IxgpiLnI9WSevlaDP/sm1X3iO9yEyzHLL+M5Erspo" + + "Cwa558fOu5DdsICMXhvDQxjWFKFhPHnKtGe+VvwkG9/bAaDgx3kfhk0w5zvdnkKb+8Ed9ylNRzdk" + + "ocAa/mxlMTOsTvDKXjjsBupNPIIj7OP4GNnZaxkJjSs98pEO67op1GX2qhy6FSOPNuq8k/65HzUc" + + "PYn6voEeh6vm02U/sjEnzRevQ2+2wXoAdp0EwtQ/DlMe+NvcwPGWKuMgX4A4L93DZGb04N2VmAU3" + + "YLOtZwTO0LbuWrcCM/q99G/7LcczkxIVrO2I/rh8RXVczlf9QzcrFObFv4ATuspWJ8xG7DhsMbnk" + + "rT94Pq6TogYeoz8o8ZMykesAqN6mt/9+ToIemmXv+e+KU1hI5oLwWMnUG6dXM6hIvrULY6o+QCPH" + + "172YQJMa+68HAeS+itBTAF4Clm/bLn6reHCGGU6vNdwU0lYldpiOj9cB3t+u2UuLo6tiFWjLf5Zs" + + "EQJETd4g/EK9nHxJn0GAKrWnTw7pEHQJ08elzUuy04C/jEEG+4QXU1InzS4o/kR0Sqz2WTGDoSoq" + + "ewuPRU5bzQs/b9daq3mXrnPtRBL6HfSDAdpTK76iHqLCGdqx3avHjVSBm4zFvEuYBCev+3iKOBmg" + + "yh7eQRTjz4UOWfy85omMBr7lK8PtfVBDzOXpasxS0uBgdUyBDX4tO6k9jZ8a1kmQRQAAAAEABVgu" + + "NTA5AAACSDCCAkQwggGtAgRIR8SKMA0GCSqGSIb3DQEBBAUAMGkxCzAJBgNVBAYTAlVTMRMwEQYD" + + "VQQIEwpDYWxpZm9ybmlhMQwwCgYDVQQHEwNNVFYxDzANBgNVBAoTBkdvb2dsZTEQMA4GA1UECxMH" + + "QW5kcm9pZDEUMBIGA1UEAxMLVGVzdCBTZXJ2ZXIwHhcNMDgwNjA1MTA0ODQyWhcNMDgwOTAzMTA0" + + "ODQyWjBpMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEMMAoGA1UEBxMDTVRWMQ8w" + + "DQYDVQQKEwZHb29nbGUxEDAOBgNVBAsTB0FuZHJvaWQxFDASBgNVBAMTC1Rlc3QgU2VydmVyMIGf" + + "MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCwoC6chqCI84rj1PrXuJgbiit4EV909zR6N0jNlYfg" + + "itwB39bP39wH03rFm8T59b3mbSptnGmCIpLZn25KPPFsYD3JJ+wFlmiUdEP9H05flfwtFQJnw9uT" + + "3rRIdYVMPcQ3RoZzwAMliGr882I2thIDbA6xjGU/1nRIdvk0LtxH3QIDAQABMA0GCSqGSIb3DQEB" + + "BAUAA4GBAJn+6YgUlY18Ie+0+Vt8oEi81DNi/bfPrAUAh63fhhBikx/3R9dl3wh09Z6p7cIdNxjW" + + "n2ll+cRW9eqF7z75F0Omm0C7/KAEPjukVbszmzeU5VqzkpSt0j84YWi+TfcHRrfvhLbrlmGITVpY" + + "ol5pHLDyqGmDs53pgwipWqsn/nEXEBgj3EoqPeqHbDf7YaP8h/5BSt0="; + + /** + * Defines the keystore contents for the client, JKS version. Holds just a + * single self-generated key. The subject name is "Test Client". + */ + private static final String CLIENT_KEYS_JKS = + "/u3+7QAAAAIAAAABAAAAAQAFbXlrZXkAAAEaWFhyMAAAArkwggK1MA4GCisGAQQBKgIRAQEFAASC" + + "AqGVSfXolBStZy4nnRNn4fAr+S7kfU2BS23wwW8uB2Ru3GvtLzlK9q08Gvq/LNqBafjyFTVL5FV5" + + "SED/8YomO5a98GpskSeRvytCiTBLJdgGhws5TOGekgIAcBROPGIyOtJPQ0HfOQs+BqgzGDHzHQhw" + + "u/8Tm6yQwiP+W/1I9B1QnaEztZA3mhTyMMJsmsFTYroGgAog885D5Cmzd8sYGfxec3R6I+xcmBAY" + + "eibR5kGpWwt1R+qMvRrtBqh5r6WSKhCBNax+SJVbtUNRiKyjKccdJg6fGqIWWeivwYTy0OhjA6b4" + + "NiZ/ZZs5pxFGWUj/Rlp0RYy8fCF6aw5/5s4Bf4MI6dPSqMG8Hf7sJR91GbcELyzPdM0h5lNavgit" + + "QPEzKeuDrGxhY1frJThBsNsS0gxeu+OgfJPEb/H4lpYX5IvuIGbWKcxoO9zq4/fimIZkdA8A+3eY" + + "mfDaowvy65NBVQPJSxaOyFhLHfeLqOeCsVENAea02vA7andZHTZehvcrqyKtm+z8ncHGRC2H9H8O" + + "jKwKHfxxrYY/jMAKLl00+PBb3kspO+BHI2EcQnQuMw/zr83OR9Meq4TJ0TMuNkApZELAeFckIBbS" + + "rBr8NNjAIfjuCTuKHhsTFWiHfk9ZIzigxXagfeDRiyVc6khOuF/bGorj23N2o7Rf3uLoU6PyXWi4" + + "uhctR1aL6NzxDoK2PbYCeA9hxbDv8emaVPIzlVwpPK3Ruvv9mkjcOhZ74J8bPK2fQmbplbOljcZi" + + "tZijOfzcO/11JrwhuJZRA6wanTqHoujgChV9EukVrmbWGGAcewFnAsSbFXIik7/+QznXaDIt5NgL" + + "H/Bcz4Z/fdV7Ae1eUaxKXdPbI//4J+8liVT/d8awjW2tldIaDlmGMR3aoc830+3mAAAAAQAFWC41" + + "MDkAAAJIMIICRDCCAa0CBEhHxLgwDQYJKoZIhvcNAQEEBQAwaTELMAkGA1UEBhMCVVMxEzARBgNV" + + "BAgTCkNhbGlmb3JuaWExDDAKBgNVBAcTA01UVjEPMA0GA1UEChMGR29vZ2xlMRAwDgYDVQQLEwdB" + + "bmRyb2lkMRQwEgYDVQQDEwtUZXN0IENsaWVudDAeFw0wODA2MDUxMDQ5MjhaFw0wODA5MDMxMDQ5" + + "MjhaMGkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMQwwCgYDVQQHEwNNVFYxDzAN" + + "BgNVBAoTBkdvb2dsZTEQMA4GA1UECxMHQW5kcm9pZDEUMBIGA1UEAxMLVGVzdCBDbGllbnQwgZ8w" + + "DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAIK3Q+KiFbmCGg422TAo4gggdhMH6FJhiuz8DxRyeMKR" + + "UAfP4MK0wtc8N42waZ6OKvxpBFUy0BRfBsX0GD4Ku99yu9/tavSigTraeJtwV3WWRRjIqk7L3wX5" + + "cmgS2KSD43Y0rNUKrko26lnt9N4qiYRBSj+tcAN3Lx9+ptqk1LApAgMBAAEwDQYJKoZIhvcNAQEE" + + "BQADgYEANb7Q1GVSuy1RPJ0FmiXoMYCCtvlRLkmJphwxovK0cAQK12Vll+yAzBhHiQHy/RA11mng" + + "wYudC7u3P8X/tBT8GR1Yk7QW3KgFyPafp3lQBBCraSsfrjKj+dCLig1uBLUr4f68W8VFWZWWTHqp" + + "NMGpCX6qmjbkJQLVK/Yfo1ePaUexPSOX0G9m8+DoV3iyNw6at01NRw=="; + + /** + * Defines the keystore contents for the client, BKS version. Holds just a + * single self-generated key. The subject name is "Test Client". + */ + private static final String CLIENT_KEYS_BKS = + "AAAAAQAAABT4Rka6fxbFps98Y5k2VilmbibNkQAABfQEAAVteWtleQAAARpYl+POAAAAAQAFWC41" + + "MDkAAAJNMIICSTCCAbKgAwIBAgIESEfU9TANBgkqhkiG9w0BAQUFADBpMQswCQYDVQQGEwJVUzET" + + "MBEGA1UECBMKQ2FsaWZvcm5pYTEMMAoGA1UEBxMDTVRWMQ8wDQYDVQQKEwZHb29nbGUxEDAOBgNV" + + "BAsTB0FuZHJvaWQxFDASBgNVBAMTC1Rlc3QgQ2xpZW50MB4XDTA4MDYwNTExNTg0NVoXDTA4MDkw" + + "MzExNTg0NVowaTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExDDAKBgNVBAcTA01U" + + "VjEPMA0GA1UEChMGR29vZ2xlMRAwDgYDVQQLEwdBbmRyb2lkMRQwEgYDVQQDEwtUZXN0IENsaWVu" + + "dDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApUvmWsQDHPpbDKK13Yez2/q54tTOmRml/qva" + + "2K6dZjkjSTW0iRuk7ztaVEvdJpfVIDv1oBsCI51ttyLHROy1epjF+GoL74mJb7fkcd0VOoSOTjtD" + + "+3GgZkHPAm5YmUYxiJXqxKKJJqMCTIW46eJaA2nAep9QIwZ14/NFAs4ObV8CAwEAATANBgkqhkiG" + + "9w0BAQUFAAOBgQCJrCr3hZQFDlLIfsSKI1/w+BLvyf4fubOid0pBxfklR8KBNPTiqjSmu7pd/C/F" + + "1FR8CdZUDoPflZHCOU+fj5r5KUC1HyigY/tEUvlforBpfB0uCF+tXW4DbUfOWhfMtLV4nCOJOOZg" + + "awfZLJWBJouLKOp427vDftxTSB+Ks8YjlgAAAqwAAAAU+NH6TtrzjyDdCXm5B6Vo7xX5G4YAAAZx" + + "EAUkcZtmykn7YdaYxC1jRFJ+GEJpC8nZVg83QClVuCSIS8a5f8Hl44Bk4oepOZsPzhtz3RdVzDVi" + + "RFfoyZFsrk9F5bDTVJ6sQbb/1nfJkLhZFXokka0vND5AXMSoD5Bj1Fqem3cK7fSUyqKvFoRKC3XD" + + "FQvhqoam29F1rbl8FaYdPvhhZo8TfZQYUyUKwW+RbR44M5iHPx+ykieMe/C/4bcM3z8cwIbYI1aO" + + "gjQKS2MK9bs17xaDzeAh4sBKrskFGrDe+2dgvrSKdoakJhLTNTBSG6m+rzqMSCeQpafLKMSjTSSz" + + "+KoQ9bLyax8cbvViGGju0SlVhquloZmKOfHr8TukIoV64h3uCGFOVFtQjCYDOq6NbfRvMh14UVF5" + + "zgDIGczoD9dMoULWxBmniGSntoNgZM+QP6Id7DBasZGKfrHIAw3lHBqcvB5smemSu7F4itRoa3D8" + + "N7hhUEKAc+xA+8NKmXfiCBoHfPHTwDvt4IR7gWjeP3Xv5vitcKQ/MAfO5RwfzkYCXQ3FfjfzmsE1" + + "1IfLRDiBj+lhQSulhRVStKI88Che3M4JUNGKllrc0nt1pWa1vgzmUhhC4LSdm6trTHgyJnB6OcS9" + + "t2furYjK88j1AuB4921oxMxRm8c4Crq8Pyuf+n3YKi8Pl2BzBtw++0gj0ODlgwut8SrVj66/nvIB" + + "jN3kLVahR8nZrEFF6vTTmyXi761pzq9yOVqI57wJGx8o3Ygox1p+pWUPl1hQR7rrhUbgK/Q5wno9" + + "uJk07h3IZnNxE+/IKgeMTP/H4+jmyT4mhsexJ2BFHeiKF1KT/FMcJdSi+ZK5yoNVcYuY8aZbx0Ef" + + "lHorCXAmLFB0W6Cz4KPP01nD9YBB4olxiK1t7m0AU9zscdivNiuUaB5OIEr+JuZ6dNw="; + + + /** + * Implements the actual test case. Launches a server and a client, requires + * client authentication and checks the certificates afterwards (not in the + * usual sense, we just make sure that we got the expected certificates, + * because our self-signed test certificates are not valid.) + */ + @TestTargetNew( + level = TestLevel.COMPLETE, + notes = "", + clazz = SSLSocket.class, + method = "addHandshakeCompletedListener", + args = {HandshakeCompletedListener.class} + ) + public void testClientAuth() { + listener = new MyHandshakeListener(); + try { + TestServer server = new TestServer(8088, true, TestServer.CLIENT_AUTH_WANTED); + TestClient client = new TestClient(8088, true); + + Thread serverThread = new Thread(server); + Thread clientThread = new Thread(client); + + serverThread.start(); + Thread.currentThread().sleep(3000); + clientThread.start(); + + serverThread.join(); + clientThread.join(); + + // The server must have completed without an exception. + if (server.getException() != null) { + throw new RuntimeException(server.getException()); + } + + // The client must have completed without an exception. + if (client.getException() != null) { + throw new RuntimeException(client.getException()); + } + + assertTrue(listener.completeDone); + + } catch (Exception ex) { + throw new RuntimeException(ex); + } + } + + /** + * Implements a test SSL socket server. It wait for a connection on a given + * port, requests client authentication (if specified), and read 256 bytes + * from the socket. + */ + class TestServer implements Runnable { + + public static final int CLIENT_AUTH_NONE = 0; + + public static final int CLIENT_AUTH_WANTED = 1; + + public static final int CLIENT_AUTH_NEEDED = 2; + + private TestTrustManager trustManager; + + private Exception exception; + + private int port; + + private int clientAuth; + + private boolean provideKeys; + + public TestServer(int port, boolean provideKeys, int clientAuth) { + this.port = port; + this.clientAuth = clientAuth; + this.provideKeys = provideKeys; + + trustManager = new TestTrustManager(); + } + + public void run() { + try { + KeyManager[] keyManagers = provideKeys ? getKeyManagers(SERVER_KEYS_BKS) : null; + TrustManager[] trustManagers = new TrustManager[] { trustManager }; + + SSLContext sslContext = SSLContext.getInstance("TLS"); + sslContext.init(keyManagers, trustManagers, null); + + SSLServerSocket serverSocket = (SSLServerSocket)sslContext.getServerSocketFactory().createServerSocket(); + + if (clientAuth == CLIENT_AUTH_WANTED) { + serverSocket.setWantClientAuth(true); + } else if (clientAuth == CLIENT_AUTH_NEEDED) { + serverSocket.setNeedClientAuth(true); + } else { + serverSocket.setWantClientAuth(false); + } + + serverSocket.bind(new InetSocketAddress(port)); + + SSLSocket clientSocket = (SSLSocket)serverSocket.accept(); + + InputStream stream = clientSocket.getInputStream(); + + for (int i = 0; i < 256; i++) { + int j = stream.read(); + if (i != j) { + throw new RuntimeException("Error reading socket, expected " + i + ", got " + j); + } + } + + stream.close(); + clientSocket.close(); + serverSocket.close(); + + } catch (Exception ex) { + exception = ex; + } + } + + public Exception getException() { + return exception; + } + + public X509Certificate[] getChain() { + return trustManager.getChain(); + } + + } + + /** + * Implements a test SSL socket client. It open a connection to localhost on + * a given port and writes 256 bytes to the socket. + */ + class TestClient implements Runnable { + + private TestTrustManager trustManager; + + private Exception exception; + + private int port; + + private boolean provideKeys; + + public TestClient(int port, boolean provideKeys) { + this.port = port; + this.provideKeys = provideKeys; + + trustManager = new TestTrustManager(); + } + + public void run() { + try { + KeyManager[] keyManagers = provideKeys ? getKeyManagers(CLIENT_KEYS_BKS) : null; + TrustManager[] trustManagers = new TrustManager[] { trustManager }; + + SSLContext sslContext = SSLContext.getInstance("TLS"); + sslContext.init(keyManagers, trustManagers, null); + + SSLSocket socket = (SSLSocket)sslContext.getSocketFactory().createSocket(); + + socket.connect(new InetSocketAddress(port)); + socket.addHandshakeCompletedListener(listener); + socket.startHandshake(); + + OutputStream stream = socket.getOutputStream(); + + for (int i = 0; i < 256; i++) { + stream.write(i); + } + + stream.flush(); + stream.close(); + socket.close(); + + } catch (Exception ex) { + exception = ex; + } + } + + public Exception getException() { + return exception; + } + + public X509Certificate[] getChain() { + return trustManager.getChain(); + } + } + + /** + * Loads a keystore from a base64-encoded String. Returns the KeyManager[] + * for the result. + */ + private KeyManager[] getKeyManagers(String keys) throws Exception { + byte[] bytes = new Base64().decode(keys.getBytes()); + InputStream inputStream = new ByteArrayInputStream(bytes); + + KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); + keyStore.load(inputStream, PASSWORD.toCharArray()); + inputStream.close(); + + String algorithm = KeyManagerFactory.getDefaultAlgorithm(); + KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(algorithm); + keyManagerFactory.init(keyStore, PASSWORD.toCharArray()); + + return keyManagerFactory.getKeyManagers(); + } + + + /** + * Implements basically a dummy TrustManager. It stores the certificate + * chain it sees, so it can later be queried. + */ + static class TestTrustManager implements X509TrustManager { + + private X509Certificate[] chain; + + private String authType; + + public void checkClientTrusted(X509Certificate[] chain, String authType) { + this.chain = chain; + this.authType = authType; + } + + public void checkServerTrusted(X509Certificate[] chain, String authType) { + this.chain = chain; + this.authType = authType; + } + + public java.security.cert.X509Certificate[] getAcceptedIssuers() { + return new java.security.cert.X509Certificate[0]; + } + + public X509Certificate[] getChain() { + return chain; + } + + public String getAuthType() { + return authType; + } + + public void checkClientTrusted( + java.security.cert.X509Certificate[] chain, String authType) + throws CertificateException { + + } + + public void checkServerTrusted( + java.security.cert.X509Certificate[] chain, String authType) + throws CertificateException { + + } + + } + + class MyHandshakeListener implements HandshakeCompletedListener { + + public boolean completeDone; + + MyHandshakeListener() { + completeDone = false; + } + + public void handshakeCompleted(HandshakeCompletedEvent event) { + if (event != null) completeDone = true; + } + } } + |