mozilla
/
pjs
зеркало из https://github.com/mozilla/pjs.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Adding 7 java files, 2 shell scripts and modified all.pl for 

bug id : 283383.

Java files added are JSS and JSSE server and clients. The purpose
of which is to intercommunicate between JSS and JSSE to validate
supported ciphers between the two.  startJss*.sh are scripts for
starting JSS and JSSE servers. These tests are added to all.pl
to run as a part of overall JSS test suite.

Currently these tests do not report errors when a cipher that is
suppose to work between JSS and JSSE fails.  I will file another
feature enhancement request to address this.
This commit is contained in:
sandeep.konchady%sun.com 2005-03-30 22:19:56 +00:00
Родитель 067247402b
Коммит 4992c48c14
10 изменённых файлов: 2159 добавлений и 13 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

138
security/jss/org/mozilla/jss/tests/ClassServer.java Executable file
Просмотреть файл

@ -0,0 +1,138 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 2002
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
package org.mozilla.jss.tests;
import java.io.*;
import java.net.*;
import java.util.Vector;
import javax.net.*;
/*
* ClassServer.java -- JSSE_SSLServer implements this
* class.
*/
public abstract class ClassServer implements Runnable {
private ServerSocket server = null;
private Vector supportedCiphers = new Vector();
/**
* Constructs a ClassServer based on <b>ss</b>
*/
protected ClassServer(ServerSocket ss) {
server = ss;
newListener();
}
/**
* The "listen" thread that accepts a connection to the
* server, parses the header to obtain the file name
* and sends back the bytes for the file (or error
* if the file is not found or the response was malformed).
*/
public void run() {
Socket socket = null;
boolean socketListenStatus = true;
// accept a connection
while ( socketListenStatus ) {
try {
socket = server.accept();
} catch (Exception ex) {
System.exit(1);
}
newListener();
//try to read some bytes, to allow the handshake to go through
try {
InputStream is = socket.getInputStream();
BufferedReader bir = new BufferedReader(
new InputStreamReader(is));
String socketData = bir.readLine();
if ( socketData.equals("null") )
socketListenStatus = false;
else if ( socketData != null )
supportedCiphers.add(socketData);
socket.close();
} catch(EOFException e) {
} catch(IOException ex) {
} catch(NullPointerException npe) {
socketListenStatus = false;
}
}
try {
server.close();
} catch (Exception ex) {
System.exit(1);
}
System.out.println("Server exiting");
System.out.println("-------------------------------------------" +
"-------------");
System.out.println("Summary of JSS client to JSSE server " +
"communication test :");
System.out.println("-------------------------------------------" +
"-------------");
for ( int i=0; i<supportedCiphers.size(); i++ ) {
for ( int j=0; j<Constants.jssCipherSuites.length; j++ ) {
if ( new Integer(
(String)supportedCiphers.elementAt(i)).intValue() ==
Constants.jssCipherSuites[j] ) {
System.out.println("["+i+"]\t" +
Constants.jssCipherNames[j]);
System.out.flush();
}
}
}
System.out.println("-------------------------------------------" +
"-------------");
System.out.flush();
if( !socketListenStatus ) {
System.exit(0);
}
}
/**
* Create a new thread to listen.
*/
private void newListener() {
(new Thread(this)).start();
}
}

238
security/jss/org/mozilla/jss/tests/Constants.java Executable file
Просмотреть файл

@ -0,0 +1,238 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 2002
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
package org.mozilla.jss.tests;
import org.mozilla.jss.ssl.*;
/**
* Holds immutable values for JSS Tests.
*
* @author Sandeep.Konchady@Sun.COM
* @version
*/
public class Constants {
/** There is no need to create instances of this class */
private Constants() {
}
/** Debug level for all tests */
public static int debug_level = 0;
/** Cipher supported by JSS */
public static int jssCipherSuites[] = {
SSLSocket.SSL3_RSA_WITH_NULL_MD5,
SSLSocket.SSL3_RSA_WITH_NULL_SHA,
SSLSocket.SSL3_RSA_EXPORT_WITH_RC4_40_MD5,
SSLSocket.SSL3_RSA_WITH_RC4_128_MD5,
SSLSocket.SSL3_RSA_WITH_RC4_128_SHA,
SSLSocket.SSL3_RSA_EXPORT_WITH_RC2_CBC_40_MD5,
SSLSocket.SSL3_RSA_WITH_IDEA_CBC_SHA,
SSLSocket.SSL3_RSA_EXPORT_WITH_DES40_CBC_SHA,
SSLSocket.SSL3_RSA_WITH_DES_CBC_SHA,
SSLSocket.SSL3_RSA_WITH_3DES_EDE_CBC_SHA,
// DH and DHE Ciphers are client only.
SSLSocket.SSL3_DH_DSS_EXPORT_WITH_DES40_CBC_SHA,
SSLSocket.SSL3_DH_DSS_WITH_DES_CBC_SHA,
SSLSocket.SSL3_DH_DSS_WITH_3DES_EDE_CBC_SHA,
SSLSocket.SSL3_DH_RSA_EXPORT_WITH_DES40_CBC_SHA,
SSLSocket.SSL3_DH_RSA_WITH_DES_CBC_SHA,
SSLSocket.SSL3_DH_RSA_WITH_3DES_EDE_CBC_SHA,
SSLSocket.SSL3_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,
SSLSocket.SSL3_DHE_DSS_WITH_DES_CBC_SHA,
SSLSocket.SSL3_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
SSLSocket.SSL3_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,
SSLSocket.SSL3_DHE_RSA_WITH_DES_CBC_SHA,
SSLSocket.SSL3_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
SSLSocket.SSL3_DH_ANON_EXPORT_WITH_RC4_40_MD5,
SSLSocket.SSL3_DH_ANON_WITH_RC4_128_MD5,
SSLSocket.SSL3_DH_ANON_EXPORT_WITH_DES40_CBC_SHA,
SSLSocket.SSL3_DH_ANON_WITH_DES_CBC_SHA,
SSLSocket.SSL3_DH_ANON_WITH_3DES_EDE_CBC_SHA,
// Don't bother with FORTEZZA Ciphers.
SSLSocket.SSL3_FORTEZZA_DMS_WITH_NULL_SHA,
SSLSocket.SSL3_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA,
SSLSocket.SSL3_FORTEZZA_DMS_WITH_RC4_128_SHA,
SSLSocket.SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA,
SSLSocket.SSL_RSA_FIPS_WITH_DES_CBC_SHA,
// These are TLS Ciphers.
SSLSocket.TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA,
SSLSocket.TLS_RSA_EXPORT1024_WITH_RC4_56_SHA,
// DH and DHE Ciphers are client only.
SSLSocket.TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
SSLSocket.TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
SSLSocket.TLS_DHE_DSS_WITH_RC4_128_SHA,
SSLSocket.TLS_RSA_WITH_AES_128_CBC_SHA,
SSLSocket.TLS_DH_DSS_WITH_AES_128_CBC_SHA,
SSLSocket.TLS_DH_RSA_WITH_AES_128_CBC_SHA,
SSLSocket.TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
SSLSocket.TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
SSLSocket.TLS_DH_ANON_WITH_AES_128_CBC_SHA,
SSLSocket.TLS_RSA_WITH_AES_256_CBC_SHA,
SSLSocket.TLS_DH_DSS_WITH_AES_256_CBC_SHA,
SSLSocket.TLS_DH_RSA_WITH_AES_256_CBC_SHA,
SSLSocket.TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
SSLSocket.TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
SSLSocket.TLS_DH_ANON_WITH_AES_256_CBC_SHA,
0
};
/** String representation of JSS supported ciphers */
public static String jssCipherNames[] = {
"SSLSocket.SSL3_RSA_WITH_NULL_MD5",
"SSLSocket.SSL3_RSA_WITH_NULL_SHA",
"SSLSocket.SSL3_RSA_EXPORT_WITH_RC4_40_MD5",
"SSLSocket.SSL3_RSA_WITH_RC4_128_MD5",
"SSLSocket.SSL3_RSA_WITH_RC4_128_SHA",
"SSLSocket.SSL3_RSA_EXPORT_WITH_RC2_CBC_40_MD5",
"SSLSocket.SSL3_RSA_WITH_IDEA_CBC_SHA",
"SSLSocket.SSL3_RSA_EXPORT_WITH_DES40_CBC_SHA",
"SSLSocket.SSL3_RSA_WITH_DES_CBC_SHA",
"SSLSocket.SSL3_RSA_WITH_3DES_EDE_CBC_SHA",
"SSLSocket.SSL3_DH_DSS_EXPORT_WITH_DES40_CBC_SHA",
"SSLSocket.SSL3_DH_DSS_WITH_DES_CBC_SHA",
"SSLSocket.SSL3_DH_DSS_WITH_3DES_EDE_CBC_SHA",
"SSLSocket.SSL3_DH_RSA_EXPORT_WITH_DES40_CBC_SHA",
"SSLSocket.SSL3_DH_RSA_WITH_DES_CBC_SHA",
"SSLSocket.SSL3_DH_RSA_WITH_3DES_EDE_CBC_SHA",
"SSLSocket.SSL3_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA",
"SSLSocket.SSL3_DHE_DSS_WITH_DES_CBC_SHA",
"SSLSocket.SSL3_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
"SSLSocket.SSL3_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
"SSLSocket.SSL3_DHE_RSA_WITH_DES_CBC_SHA",
"SSLSocket.SSL3_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
"SSLSocket.SSL3_DH_ANON_EXPORT_WITH_RC4_40_MD5",
"SSLSocket.SSL3_DH_ANON_WITH_RC4_128_MD5",
"SSLSocket.SSL3_DH_ANON_EXPORT_WITH_DES40_CBC_SHA",
"SSLSocket.SSL3_DH_ANON_WITH_DES_CBC_SHA",
"SSLSocket.SSL3_DH_ANON_WITH_3DES_EDE_CBC_SHA",
"SSLSocket.SSL3_FORTEZZA_DMS_WITH_NULL_SHA",
"SSLSocket.SSL3_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA",
"SSLSocket.SSL3_FORTEZZA_DMS_WITH_RC4_128_SHA",
"SSLSocket.SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA",
"SSLSocket.SSL_RSA_FIPS_WITH_DES_CBC_SHA",
"SSLSocket.TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA",
"SSLSocket.TLS_RSA_EXPORT1024_WITH_RC4_56_SHA",
"SSLSocket.TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA",
"SSLSocket.TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA",
"SSLSocket.TLS_DHE_DSS_WITH_RC4_128_SHA",
"SSLSocket.TLS_RSA_WITH_AES_128_CBC_SHA",
"SSLSocket.TLS_DH_DSS_WITH_AES_128_CBC_SHA",
"SSLSocket.TLS_DH_RSA_WITH_AES_128_CBC_SHA",
"SSLSocket.TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
"SSLSocket.TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
"SSLSocket.TLS_DH_ANON_WITH_AES_128_CBC_SHA",
"SSLSocket.TLS_RSA_WITH_AES_256_CBC_SHA",
"SSLSocket.TLS_DH_DSS_WITH_AES_256_CBC_SHA",
"SSLSocket.TLS_DH_RSA_WITH_AES_256_CBC_SHA",
"SSLSocket.TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
"SSLSocket.TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
"SSLSocket.TLS_DH_ANON_WITH_AES_256_CBC_SHA"
};
/** Cipher supported by JSSE (JDK 1.5.x) */
public static String [] sslciphersarray_jdk150 = {
// These ciphers must always pass
"SSL_RSA_WITH_RC4_128_MD5",
"SSL_RSA_WITH_RC4_128_SHA",
"TLS_RSA_WITH_AES_128_CBC_SHA",
"SSL_RSA_WITH_DES_CBC_SHA",
"SSL_RSA_WITH_3DES_EDE_CBC_SHA",
"SSL_RSA_EXPORT_WITH_RC4_40_MD5",
"SSL_RSA_WITH_NULL_MD5",
// These ciphers are not supported by JSSE
"SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
"SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
"SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
"SSL_DHE_RSA_WITH_DES_CBC_SHA",
"SSL_DHE_DSS_WITH_DES_CBC_SHA",
"SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
"SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA",
"SSL_DH_anon_WITH_RC4_128_MD5",
"TLS_DH_anon_WITH_AES_128_CBC_SHA",
"SSL_DH_anon_WITH_3DES_EDE_CBC_SHA",
"SSL_DH_anon_WITH_DES_CBC_SHA",
"SSL_DH_anon_EXPORT_WITH_RC4_40_MD5",
"SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA",
"TLS_KRB5_WITH_RC4_128_SHA",
"TLS_KRB5_WITH_RC4_128_MD5",
"TLS_KRB5_WITH_3DES_EDE_CBC_SHA",
"TLS_KRB5_WITH_3DES_EDE_CBC_MD5",
"TLS_KRB5_WITH_DES_CBC_SHA",
"TLS_KRB5_WITH_DES_CBC_MD5",
"TLS_KRB5_EXPORT_WITH_RC4_40_SHA",
"TLS_KRB5_EXPORT_WITH_RC4_40_MD5",
"TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA",
"TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5",
// This is needed here for successful transmission
// of null to terminate the server program.
"SSL_RSA_WITH_NULL_SHA"
};
/** Cipher supported by JSSE (JDK 1.4.x) */
public static String [] sslciphersarray_jdk142 = {
// These ciphers must always pass
"SSL_RSA_WITH_RC4_128_MD5",
"SSL_RSA_WITH_RC4_128_SHA",
"TLS_RSA_WITH_AES_128_CBC_SHA",
"SSL_RSA_WITH_DES_CBC_SHA",
"SSL_RSA_WITH_3DES_EDE_CBC_SHA",
"SSL_RSA_EXPORT_WITH_RC4_40_MD5",
"SSL_RSA_WITH_NULL_MD5",
// These ciphers are not supported by JSSE
"SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
"SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
"SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
"SSL_DHE_RSA_WITH_DES_CBC_SHA",
"SSL_DHE_DSS_WITH_DES_CBC_SHA",
"SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
"SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA",
"SSL_DH_anon_WITH_RC4_128_MD5",
"TLS_DH_anon_WITH_AES_128_CBC_SHA",
"SSL_DH_anon_WITH_3DES_EDE_CBC_SHA",
"SSL_DH_anon_WITH_DES_CBC_SHA",
"SSL_DH_anon_EXPORT_WITH_RC4_40_MD5",
"SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA",
// This is needed here for successful transmission
// of null to terminate the server program.
"SSL_RSA_WITH_NULL_SHA"
};
}

184
security/jss/org/mozilla/jss/tests/GenerateTestCert.java Executable file
Просмотреть файл

@ -0,0 +1,184 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 2002
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
package org.mozilla.jss.tests;
import org.mozilla.jss.CryptoManager;
import org.mozilla.jss.ssl.*;
import org.mozilla.jss.crypto.*;
import org.mozilla.jss.crypto.KeyPairGenerator;
import org.mozilla.jss.asn1.*;
import org.mozilla.jss.pkix.primitive.*;
import org.mozilla.jss.pkix.cert.*;
import org.mozilla.jss.pkix.cert.Certificate;
import org.mozilla.jss.util.PasswordCallback;
import java.util.Calendar;
import java.util.Date;
import java.security.*;
import java.security.PrivateKey;
import java.net.InetAddress;
import java.io.InputStream;
import java.io.EOFException;
public class GenerateTestCert {
private final SignatureAlgorithm sigAlg =
SignatureAlgorithm.RSASignatureWithSHA1Digest;
private X509Certificate nssServerCert, nssClientCert;
private String serverCertNick, clientCertNick;
/**
* Main method for testing and generating cert pairs.
*/
public static void main(String[] args) throws Exception {
(new GenerateTestCert()).doIt(args);
}
/**
* Based on the input parameters, generate a cert
* pair.
*/
private void doIt(String[] args) throws Exception {
CryptoManager.initialize(args[0]);
CryptoManager cm = CryptoManager.getInstance();
CryptoToken tok = cm.getInternalKeyStorageToken();
PasswordCallback cb = new FilePasswordCallback(args[1]);
tok.login(cb);
SecureRandom rng= SecureRandom.getInstance("pkcs11prng",
"Mozilla-JSS");
int rand = 24022402;
// generate CA cert
KeyPairGenerator kpg = tok.getKeyPairGenerator(KeyPairAlgorithm.RSA);
kpg.initialize(512);
KeyPair caPair = kpg.genKeyPair();
SEQUENCE extensions = new SEQUENCE();
extensions.addElement(makeBasicConstraintsExtension());
Certificate caCert = makeCert("CACert", "CACert", 1,
caPair.getPrivate(), caPair.getPublic(), rand, extensions);
X509Certificate nssCaCert = cm.importUserCACertPackage(
ASN1Util.encode(caCert), "JSSCATestCert");
InternalCertificate intern = (InternalCertificate)nssCaCert;
intern.setSSLTrust(
InternalCertificate.TRUSTED_CA |
InternalCertificate.TRUSTED_CLIENT_CA |
InternalCertificate.VALID_CA);
// generate server cert
kpg.initialize(512);
KeyPair serverPair = kpg.genKeyPair();
Certificate serverCert = makeCert("CACert", "localhost", 2,
caPair.getPrivate(), serverPair.getPublic(), rand, null);
serverCertNick = "JSSCATestServerCert";
nssServerCert = cm.importCertPackage(
ASN1Util.encode(serverCert), serverCertNick);
// generate client auth cert
kpg.initialize(512);
KeyPair clientPair = kpg.genKeyPair();
Certificate clientCert = makeCert("CACert", "ClientCert", 3,
caPair.getPrivate(), clientPair.getPublic(), rand, null);
clientCertNick = "JSSCATestClientCert";
nssClientCert = cm.importCertPackage(
ASN1Util.encode(clientCert), clientCertNick);
System.out.println("Exiting main()");
System.exit(0);
}
/**
* Make basic extension.
*/
private Extension makeBasicConstraintsExtension() throws Exception {
SEQUENCE bc = new SEQUENCE();
bc.addElement( new BOOLEAN(true) ); // cA
OBJECT_IDENTIFIER bcOID = new OBJECT_IDENTIFIER(
new long[] {2, 5, 29, 19}); // from RFC 2459
OCTET_STRING enc = new OCTET_STRING(ASN1Util.encode(bc));
return new Extension(bcOID, true, enc);
}
/**
* Method that generates a certificate for given credential
*/
private Certificate makeCert(String issuerName,
String subjectName,
int serialNumber,
PrivateKey privKey,
PublicKey pubKey,
int rand,
SEQUENCE extensions) throws Exception {
AlgorithmIdentifier sigAlgID = new AlgorithmIdentifier( sigAlg.toOID());
Name issuer = new Name();
issuer.addCommonName(issuerName);
issuer.addCountryName("US");
issuer.addOrganizationName("Mozilla"+rand);
issuer.addOrganizationalUnitName("JSS Testing");
Name subject = new Name();
subject.addCommonName(subjectName);
subject.addCountryName("US");
subject.addOrganizationName("Mozilla"+rand);
subject.addOrganizationalUnitName("JSS Testing");
Calendar cal = Calendar.getInstance();
Date notBefore = cal.getTime();
cal.add(Calendar.YEAR, 1);
Date notAfter = cal.getTime();
SubjectPublicKeyInfo.Template spkiTemp =
new SubjectPublicKeyInfo.Template();
SubjectPublicKeyInfo spki =
(SubjectPublicKeyInfo) ASN1Util.decode(spkiTemp,
pubKey.getEncoded());
CertificateInfo info = new CertificateInfo(
CertificateInfo.v3, new INTEGER(serialNumber), sigAlgID,
issuer, notBefore, notAfter, subject, spki);
if( extensions != null ) {
info.setExtensions(extensions);
}
return new Certificate(info, privKey, sigAlg);
}
}

617
security/jss/org/mozilla/jss/tests/JSSE_SSLClient.java Executable file
Просмотреть файл

@ -0,0 +1,617 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 2002
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
package org.mozilla.jss.tests;
import java.net.*;
import java.io.*;
import javax.net.ssl.*;
import java.security.cert.*;
import javax.security.cert.X509Certificate;
import java.security.KeyStore;
/*
* This program connects to any SSL Server to exercise
* all ciphers supported by JSSE. The result is listing
* of common ciphers between the server and JSSE.
*/
public class JSSE_SSLClient {
// Local members
private String sslRevision = "SSLv3";
private String host = null;
private int port = -1;
private String cipherName = null;
private String path = null;
private String tunnelHost = null;
private int tunnelPort = 0;
private int debug_level = 0;
private boolean handshakeCompleted = false;
private String EOF = "test";
/**
* Set the protocol type and revision
* @param String sslRevision
*/
public void setSslRevision(String fSslRevision) {
this.sslRevision = fSslRevision;
}
/**
* Set the host name to connect to.
* @param String hostname
*/
public void setHost(String fHost) {
this.host = fHost;
}
/**
* Set the port number to connect to.
* @param int portnumber
*/
public void setPort(int fPort) {
this.port = fPort;
}
/**
* Set the cipher suite name to use.
* @param String cipherSuiteName
*/
public void setCipherSuite(String fCipherSuite) {
this.cipherName = fCipherSuite;
}
/**
* Set tunnel host name
* @param String tunnelHostName
*/
public void setTunnelHost(String fTunnelHost) {
this.tunnelHost = fTunnelHost;
}
/**
* Set tunnel port number
* @param int tunnelPortNumber
*/
public void setTunnelPort(int fTunnelPort) {
this.tunnelPort = fTunnelPort;
}
/**
* Return true if handshake is completed
* else return false;
* @return boolean handshake status
*/
public boolean isHandshakeCompleted() {
return this.handshakeCompleted;
}
/**
* Set handshakeCompleted flag to indicate
* that the socket handshake is coplete.
*/
public void setHandshakeCompleted() {
this.handshakeCompleted = true;
}
/**
* Clear handshakeCompleted flag to indicate
* that the system is now ready for another
* socket connection.
*/
public void clearHandshakeCompleted() {
this.handshakeCompleted = false;
}
/**
* Set EOF for closinng server socket
* @param null for closing server socket
*/
public void setEOF(String fEof) {
this.EOF = fEof;
}
/**
* Return true or false based on
* tunnel parameters being set.
* @return boolean true/false
*/
public boolean isTunnel() {
if ( this.tunnelHost != null &&
this.tunnelPort != 0)
return true;
else
return false;
}
/**
* Default constructor.
*/
public JSSE_SSLClient() {
//Do nothing.
}
/**
* Writer thread class that takes a
* PrintWriter as input and sleeps
* for 5 sec after sending some test
* data.
*/
private class writeThread extends Thread {
private PrintWriter w;
public writeThread(PrintWriter out) {
w = out;
}
public void run() {
try {
while (true) {
w.println("Client saying hi ");
w.flush();
sleep(5);
}
} catch (Exception exception) {
System.out.println("WriteThread interrupted: " +
exception.getMessage());
System.exit(1);
}
}
}
/**
* Reader thread class that takes a
* BufferedReader as input and sleeps
* for 5 sec after readinng test data.
* This is to test the behaviour when
* the inputStream is shutdown externally.
*/
private class readThread extends Thread {
private BufferedReader bir;
public readThread(BufferedReader in) {
bir = in;
}
public void run() {
try {
while (true) {
System.out.println("Client reading=======================");
String socketData = bir.readLine();
System.out.println("Client Read==" + socketData);
sleep(5);
}
} catch (EOFException e) {
System.out.println("ReadThread got EOF");
e.printStackTrace();
System.exit(1);
} catch (IOException ex) {
System.out.println("ReadThread IO exception caught : " +
ex.getMessage());
ex.printStackTrace();
System.exit(1);
} catch (NullPointerException npe) {
System.out.println("ReadThread Null pointer exception caught");
npe.printStackTrace();
System.exit(1);
} catch (InterruptedException exception) {
System.out.println("ReadThread interrupted");
exception.printStackTrace();
System.exit(1);
} catch (Exception exception) {
System.out.println("ReadThread interrupted: " +
exception.getMessage());
exception.printStackTrace();
System.exit(1);
}
}
}
/**
* validate connection to the initialized host:port
* using the preset cipherSuiteName.
*/
public String validateConnection() {
try {
/*
* Let's setup the SSLContext first, as there's a lot of
* computations to be done. If the socket were created
* before the SSLContext, the server/proxy might timeout
* waiting for the client to actually send something.
*/
SSLSocketFactory factory = null;
SSLSocket socket = null;
SSLContext ctx = null;
KeyManagerFactory kmf = null;
TrustManagerFactory tmf = null;
KeyStore ks = null;
KeyStore ksTrust = null;
/*
* Set up a key manager for client authentication
* if asked by the server. Use the implementation's
* default TrustStore and secureRandom routines.
*/
char[] passphrase = "netscape".toCharArray();
char[] trustpassphrase = "changeit".toCharArray();
// Initialize the system
System.setProperty("java.protocol.handler.pkgs",
"com.sun.net.ssl.internal.www.protocol");
java.security.Security.addProvider(
new com.sun.net.ssl.internal.ssl.Provider());
// Load the keystore that contains the certificate
kmf = KeyManagerFactory.getInstance("SunX509");
ks = KeyStore.getInstance("PKCS12");
ks.load(new FileInputStream("keystore.pfx"), passphrase);
kmf.init(ks, passphrase);
// trust manager that trusts all cetificates
TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
public boolean checkClientTrusted(
java.security.cert.X509Certificate[] chain){
return true;
}
public boolean isServerTrusted(
java.security.cert.X509Certificate[] chain){
return true;
}
public boolean isClientTrusted(
java.security.cert.X509Certificate[] chain){
return true;
}
public java.security.cert.X509Certificate[]
getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(
java.security.cert.X509Certificate[] chain,
String authType) {}
public void checkServerTrusted(
java.security.cert.X509Certificate[] chain,
String authType) {}
}
};
ctx = SSLContext.getInstance(sslRevision);
ctx.init(kmf.getKeyManagers(), trustAllCerts, null);
factory = ctx.getSocketFactory();
Socket tunnel = null;
if ( isTunnel() ) {
/*
* Set up a socket to do tunneling through the proxy.
* Start it off as a regular socket, then layer SSL
* over the top of it.
*/
tunnel = new Socket(tunnelHost, tunnelPort);
doTunnelHandshake(tunnel, host, port);
/*
* Ok, let's overlay the tunnel socket with SSL.
*/
socket =
(SSLSocket)factory.createSocket(tunnel, host, port, true);
} else {
socket = (SSLSocket)factory.createSocket(host, port);
}
/*
* register a callback for handshaking completion event
*/
try {
socket.addHandshakeCompletedListener(
new HandshakeCompletedListener() {
public void handshakeCompleted(
HandshakeCompletedEvent event) {
if ( Constants.debug_level >= 3 ) {
System.out.println(
"SessionId "+ event.getSession() +
" Test Status : PASS");
System.out.flush();
}
setHandshakeCompleted();
}
}
);
} catch (Exception handshakeEx) {
return null;
}
/*
* send http request
*
* See SSLSocketClient.java for more information about why
* there is a forced handshake here when using PrintWriters.
*/
String [] Ciphers = {cipherName};
socket.setEnabledCipherSuites(Ciphers);
socket.setSoTimeout(0);
socket.startHandshake();
PrintWriter out = new PrintWriter(
new BufferedWriter(
new OutputStreamWriter(
socket.getOutputStream())));
//writeThread wthread = new writeThread(out);
//wthread.start();
//out.println("GET " + path + " HTTP/1.0");
out.println(EOF);
out.flush();
/*
* Make sure there were no surprises
*/
if (out.checkError())
System.out.println("SSLSocketClient: " +
"java.io.PrintWriter error");
/* read response */
BufferedReader in = new BufferedReader(
new InputStreamReader(
socket.getInputStream()));
//readThread rthread = new readThread(in);
//rthread.start();
String inputLine;
while ((inputLine = in.readLine()) != null)
System.out.println(inputLine);
//System.out.println("Shutdown the input stream ...");
//socket.shutdownInput();
in.close();
out.close();
socket.close();
} catch (Exception e) {
setHandshakeCompleted();
return e.getMessage();
}
return "success";
}
/**
* Tell our tunnel where we want to CONNECT, and look for the
* right reply. Throw IOException if anything goes wrong.
* @param Socket tunneling socket
* @param String hostname
* @param int portnumber
*/
private void doTunnelHandshake(Socket tunnel, String host, int port)
throws IOException {
OutputStream out = tunnel.getOutputStream();
String msg = "CONNECT " + host + ":" + port + " HTTP/1.0\n"
+ "User-Agent: "
+ sun.net.www.protocol.http.HttpURLConnection.userAgent
+ "\r\n\r\n";
byte b[];
try {
/*
* We really do want ASCII7 -- the http protocol doesn't change
* with locale.
*/
b = msg.getBytes("ASCII7");
} catch (UnsupportedEncodingException ignored) {
/*
* If ASCII7 isn't there, something serious is wrong, but
* Paranoia Is Good (tm)
*/
b = msg.getBytes();
}
out.write(b);
out.flush();
/*
* We need to store the reply so we can create a detailed
* error message to the user.
*/
byte reply[] = new byte[200];
int replyLen = 0;
int newlinesSeen = 0;
boolean headerDone = false; /* Done on first newline */
InputStream in = tunnel.getInputStream();
boolean error = false;
while (newlinesSeen < 2) {
int i = in.read();
if (i < 0) {
throw new IOException("Unexpected EOF from proxy");
}
if (i == '\n') {
headerDone = true;
++newlinesSeen;
} else if (i != '\r') {
newlinesSeen = 0;
if (!headerDone && replyLen < reply.length) {
reply[replyLen++] = (byte) i;
}
}
}
/*
* Converting the byte array to a string is slightly wasteful
* in the case where the connection was successful, but it's
* insignificant compared to the network overhead.
*/
String replyStr;
try {
replyStr = new String(reply, 0, replyLen, "ASCII7");
} catch (UnsupportedEncodingException ignored) {
replyStr = new String(reply, 0, replyLen);
}
/* We asked for HTTP/1.0, so we should get that back */
if (!replyStr.startsWith("HTTP/1.0 200")) {
throw new IOException("Unable to tunnel through "
+ tunnelHost + ":" + tunnelPort
+ ". Proxy returns \"" + replyStr + "\"");
}
/* tunneling Handshake was successful! */
}
/**
* Main method for local unit testing.
*/
public static void main(String [] args) {
String testCipher = null;
String testHost = "localhost";
int testPort = 29750;
try {
if ( args.length >= 1 ) {
testCipher = (String)args[0];
testHost = (String)args[1];
testPort = new Integer(args[2]).intValue();
}
} catch (Exception e) { }
String javaVersion = System.getProperty("java.version");
String lastCipher = null;
System.out.println("\nUsing java version " + javaVersion + "\n");
JSSE_SSLClient sslSock =
new JSSE_SSLClient();
sslSock.setHost(testHost);
sslSock.setPort(testPort);
if ( javaVersion.indexOf("1.4") == -1 ) {
// Validate Ciphers supported for TLS
System.out.println("Testing TLS Cipher list ...");
sslSock = new JSSE_SSLClient();
sslSock.setSslRevision("TLS");
sslSock.setHost(testHost);
sslSock.setPort(testPort);
if ( testCipher != null ) {
sslSock.setCipherSuite(testCipher);
sslSock.setEOF(testCipher);
String errStr = sslSock.validateConnection();
while (!sslSock.isHandshakeCompleted()) {
//Do nothing
}
sslSock.clearHandshakeCompleted();
} else {
for(int i=0; i<Constants.sslciphersarray_jdk150.length; i++){
sslSock.setCipherSuite(Constants.sslciphersarray_jdk150[i]);
sslSock.setEOF(Constants.sslciphersarray_jdk150[i]);
String errStr = sslSock.validateConnection();
while (!sslSock.isHandshakeCompleted()) {
//Do nothing
}
sslSock.clearHandshakeCompleted();
}
}
System.out.println("Testing TLS Cipher list complete\n");
}
// Validate Ciphers supported for SSLv3
System.out.println("Testing SSLv3 Cipher list ...");
sslSock = new JSSE_SSLClient();
sslSock.setSslRevision("SSLv3");
sslSock.setHost(testHost);
sslSock.setPort(testPort);
if ( javaVersion.indexOf("1.4") != -1 ) {
if ( testCipher != null ) {
sslSock.setCipherSuite(testCipher);
sslSock.setEOF(testCipher);
String errStr = sslSock.validateConnection();
while (!sslSock.isHandshakeCompleted()) {
//Do nothing
}
sslSock.clearHandshakeCompleted();
} else {
for(int i=0; i<Constants.sslciphersarray_jdk142.length; i++){
lastCipher = Constants.sslciphersarray_jdk142[i];
sslSock.setCipherSuite(lastCipher);
sslSock.setEOF(Constants.sslciphersarray_jdk142[i]);
String errStr = sslSock.validateConnection();
while (!sslSock.isHandshakeCompleted()) {
//Do nothing
}
sslSock.clearHandshakeCompleted();
}
}
sslSock.setEOF("null");
String errStr = sslSock.validateConnection();
while (!sslSock.isHandshakeCompleted()) {
//Do nothing
}
sslSock.clearHandshakeCompleted();
} else {
if ( testCipher != null ) {
sslSock.setCipherSuite(testCipher);
sslSock.setEOF(testCipher);
String errStr = sslSock.validateConnection();
while (!sslSock.isHandshakeCompleted()) {
//Do nothing
}
sslSock.clearHandshakeCompleted();
} else {
for(int i=0; i<Constants.sslciphersarray_jdk150.length; i++){
lastCipher = Constants.sslciphersarray_jdk150[i];
sslSock.setCipherSuite(Constants.sslciphersarray_jdk150[i]);
sslSock.setEOF(Constants.sslciphersarray_jdk150[i]);
String errStr = sslSock.validateConnection();
while (!sslSock.isHandshakeCompleted()) {
//Do nothing
}
sslSock.clearHandshakeCompleted();
}
}
sslSock.setEOF("null");
String errStr = sslSock.validateConnection();
while (!sslSock.isHandshakeCompleted()) {
//Do nothing
}
sslSock.clearHandshakeCompleted();
}
System.out.println("Testing SSLv3 Cipher list complete\n");
}
}

189
security/jss/org/mozilla/jss/tests/JSSE_SSLServer.java Executable file
Просмотреть файл

@ -0,0 +1,189 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 2002
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
package org.mozilla.jss.tests;
import java.io.*;
import java.net.*;
import java.security.KeyStore;
import javax.net.*;
import javax.net.ssl.*;
import javax.security.cert.X509Certificate;
public class JSSE_SSLServer extends ClassServer {
private static int DefaultServerPort = 29753;
/**
* Constructs a JSSE_SSLServer.
* @param path the path where the server locates files
*/
public JSSE_SSLServer(ServerSocket ss)
throws IOException {
super(ss);
}
/**
* Main method to create the class server. This takes
* one command line arguments, the port on which the
* server accepts requests. To start up the server:
* <br><br>
* <code> java JSSE_SSLServer <port>
* </code><br><br>
*
* <code> new JSSE_SSLServer(port);
* </code>
*/
public static void main(String args[]) {
if ( args.length <= 1 ) {
System.out.println(
"USAGE: java JSSE_SSLServer port [TLS | SSLv3 [true]]");
System.out.println("");
System.out.println(
"If the second argument is TLS, it will start as a\n" +
"TLS server, otherwise, it will be started in SSLv3 mode." +
"\nIf the third argument is true,it will require\n" +
"client authentication as well.");
System.exit(0);
}
int port = DefaultServerPort;
String type = "SSLv3";
if (args.length >= 2) {
port = Integer.parseInt(args[0]);
type = args[1];
}
try {
SSLServerSocketFactory ssf =
JSSE_SSLServer.getServerSocketFactory(type);
SSLServerSocket ss = (SSLServerSocket)ssf.createServerSocket(port);
// Based on J2SE version, enable appropriate ciphers
if ( (System.getProperty("java.version")).indexOf("1.4") != -1 ) {
System.out.println("*** Using J2SE 1.4.x ***");
ss.setEnabledCipherSuites(Constants.sslciphersarray_jdk142);
} else {
System.out.println("*** Using J2SE 1.5.x ***");
ss.setEnabledCipherSuites(Constants.sslciphersarray_jdk150);
}
if (args.length >= 3 && args[2].equals("true")) {
((SSLServerSocket)ss).setNeedClientAuth(true);
}
new JSSE_SSLServer(ss);
} catch (IOException e) {
System.out.println("Unable to start ClassServer: " +
e.getMessage());
e.printStackTrace();
System.exit(1);
}
}
static SSLServerSocketFactory getServerSocketFactory(String type) {
// set up key manager to do server authentication
SSLContext ctx = null;
KeyManagerFactory kmf = null;
KeyStore ks = null;
char[] passphrase = "netscape".toCharArray();
SSLServerSocketFactory ssf = null;
// trust manager that trusts all cetificates
TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
public boolean checkClientTrusted(
java.security.cert.X509Certificate[] chain){
return true;
}
public boolean isServerTrusted(
java.security.cert.X509Certificate[] chain){
return true;
}
public boolean isClientTrusted(
java.security.cert.X509Certificate[] chain){
return true;
}
public java.security.cert.X509Certificate[]
getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(
java.security.cert.X509Certificate[] chain,
String authType) {}
public void checkServerTrusted(
java.security.cert.X509Certificate[] chain,
String authType) {}
}
};
if (type.equals("TLS")) {
try {
ctx = SSLContext.getInstance("TLS");
kmf = KeyManagerFactory.getInstance("SunX509");
ks = KeyStore.getInstance("PKCS12");
ks.load(new FileInputStream("keystore.pfx"), passphrase);
kmf.init(ks, passphrase);
ctx.init(kmf.getKeyManagers(), trustAllCerts, null);
ssf = ctx.getServerSocketFactory();
return ssf;
} catch (Exception e) {
e.printStackTrace();
System.exit(1);
}
} else if (type.equals("SSLv3")) {
try {
ctx = SSLContext.getInstance("SSLv3");
kmf = KeyManagerFactory.getInstance("SunX509");
ks = KeyStore.getInstance("PKCS12");
ks.load(new FileInputStream("keystore.pfx"), passphrase);
kmf.init(ks, passphrase);
ctx.init(kmf.getKeyManagers(), trustAllCerts, null);
ssf = ctx.getServerSocketFactory();
return ssf;
} catch (Exception e) {
e.printStackTrace();
System.exit(1);
}
}
return null;
}
}

398
security/jss/org/mozilla/jss/tests/JSS_SSLClient.java Executable file
Просмотреть файл

@ -0,0 +1,398 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 2002
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
package org.mozilla.jss.tests;
import org.mozilla.jss.ssl.*;
import org.mozilla.jss.CryptoManager;
import org.mozilla.jss.crypto.*;
import org.mozilla.jss.asn1.*;
import org.mozilla.jss.pkix.primitive.*;
import org.mozilla.jss.pkix.cert.*;
import org.mozilla.jss.pkix.cert.Certificate;
import org.mozilla.jss.util.PasswordCallback;
import java.util.Calendar;
import java.util.Date;
import java.security.*;
import java.security.PrivateKey;
import java.net.*;
import java.io.*;
public class JSS_SSLClient {
private String clientCertNick = null;
private String serverHost = null;
private boolean TestCertCallBack = false;
private boolean success = true;
private int fCipher = -1;
private int port = 29753;
private String EOF = "test";
private boolean handshakeCompleted = false;
private CryptoManager cm = null;
private CryptoToken tok = null;
private PasswordCallback cb = null;
private String fPasswordFile = "passwords";
private String fCertDbPath = ".";
private static String usage = "USAGE: java JSS_SSLClient " +
"<serverhost> <clientcertnick>";
/**
* Default Constructor, do not use.
*/
public JSS_SSLClient() {
try {
CryptoManager.initialize(fCertDbPath);
cm = CryptoManager.getInstance();
tok = cm.getInternalKeyStorageToken();
cb = new FilePasswordCallback(fPasswordFile);
tok.login(cb);
} catch (Exception e) {
}
}
/**
* Initialize the desired cipher to be set
* on the socket.
* @param int Cipher
*/
public void setCipher(int aCipher) {
fCipher = aCipher;
}
/**
* Initialize the hostname to run the server
* @param String ServerName
*/
public void setHostName(String aHostName) {
serverHost = aHostName;
}
/**
* Initialize the port to run the server
* @param int port
*/
public void setPort(int aPort) {
port = aPort;
}
/**
* Initialize the passwords file name
* @param String passwords
*/
public void setPasswordFile(String aPasswordFile) {
fPasswordFile = aPasswordFile;
}
/**
* Initialize the cert db path name
* @param String CertDbPath
*/
public void setCertDbPath(String aCertDbPath) {
fCertDbPath = aCertDbPath;
}
/**
* Enable/disable Test Cert Callback.
* @param boolean
*/
public void setTestCertCallback(boolean aTestCertCallback) {
TestCertCallBack = aTestCertCallback;
}
/**
* Set client certificate
* @param String Certificate Nick Name
*/
public void setClientCertNick(String aClientCertNick) {
clientCertNick = aClientCertNick;
}
/**
* Return true if handshake is completed
* else return false;
* @return boolean handshake status
*/
public boolean isHandshakeCompleted() {
return this.handshakeCompleted;
}
/**
* Set handshakeCompleted flag to indicate
* that the socket handshake is coplete.
*/
public void setHandshakeCompleted() {
this.handshakeCompleted = true;
}
/**
* Clear handshakeCompleted flag to indicate
* that the system is now ready for another
* socket connection.
*/
public void clearHandshakeCompleted() {
this.handshakeCompleted = false;
}
/**
* Set EOF for closinng server socket
* @param null for closing server socket
*/
public void setEOF(String fEof) {
this.EOF = fEof;
}
/**
* Initialize and create a socket connection to
* SSLServer using the set parameters.
*/
public void doIt() throws Exception {
// connect to the server
if ( Constants.debug_level >= 3 )
System.out.println("client about to connect...");
String hostAddr =
InetAddress.getByName(serverHost).getHostAddress();
if ( Constants.debug_level >= 3 )
System.out.println("the host " + serverHost +
" and the address " + hostAddr);
SSLCertificateApprovalCallback approvalCallback =
new TestCertApprovalCallback();
SSLClientCertificateSelectionCallback certSelectionCallback =
new TestClientCertificateSelectionCallback();
SSLSocket sock = null;
if (TestCertCallBack) {
if ( Constants.debug_level >= 3 )
System.out.println("calling approvalCallBack");
sock = new SSLSocket(InetAddress.getByName(hostAddr),
port,
null,
0,
new TestCertApprovalCallback(),
null);
} else {
if ( Constants.debug_level >= 3 )
System.out.println("NOT calling approvalCallBack");
sock = new SSLSocket(InetAddress.getByName(hostAddr),
port);
}
if ( Constants.debug_level >= 3 )
System.out.println("clientCertNick=" + clientCertNick);
sock.setClientCertNickname(clientCertNick);
if ( fCipher != -1 ) {
sock.setCipherPreference(fCipher, true);
}
if ( Constants.debug_level >= 3 ) {
System.out.println("Client specified cert by nickname");
System.out.println("client connected");
}
sock.addHandshakeCompletedListener(
new HandshakeListener("client",this));
// force the handshake
sock.forceHandshake();
if ( Constants.debug_level >= 3 )
System.out.println("client forced handshake");
PrintWriter out = new PrintWriter(
new BufferedWriter(
new OutputStreamWriter(sock.getOutputStream())));
out.println(EOF);
out.flush();
/*
* Make sure there were no surprises
*/
if (out.checkError())
System.out.println("SSLSocketClient: java.io.PrintWriter error");
sock.close();
}
/**
* SSL Handshake Listeren implementation.
*/
public class HandshakeListener
implements SSLHandshakeCompletedListener {
private String who;
private JSS_SSLClient boss;
public HandshakeListener(String who, JSS_SSLClient boss) {
this.who = who;
this.boss = boss;
}
public void handshakeCompleted(SSLHandshakeCompletedEvent event) {
try {
String mesg = who + " got a completed handshake ";
SSLSecurityStatus status = event.getStatus();
if( status.isSecurityOn() ) {
mesg += "(security is ON)";
} else {
mesg += "(security is OFF)";
}
if ( Constants.debug_level >= 3 )
System.out.println(mesg);
} catch(Exception e) {
e.printStackTrace();
boss.setFailure();
}
setHandshakeCompleted();
}
}
/**
* Set status return value to false.
*/
public synchronized void setFailure() {
success = false;
}
/**
* Set status return value to success.
*/
public synchronized boolean getSuccess() {
return success;
}
/**
* Main method. Used for unit testing.
*/
public static void main(String[] args) {
String certnick = "JSSCATestCert";
String testCipher = null;
String testhost = "localhost";
int testport = 29753;
String certDbPath = null;
String passwdFile = null;
String usage = "USAGE:\n" +
"java org.mozilla.jss.tests.JSS_SSLClient" +
" <test cipher> <server host> <server port>\n" +
" <cert db path> <password file>";
try {
if ( args.length >= 1 ) {
testCipher = (String)args[0];
if ( testCipher.toLowerCase().equals("-h"))
System.out.println(usage);
}
if ( args.length >= 3 ) {
testhost = (String)args[1];
testport = new Integer(args[2]).intValue();
}
if ( args.length >= 5 ) {
certDbPath = (String)args[3];
passwdFile = (String)args[4];
}
Thread.sleep(5000);
} catch (Exception e) {
}
JSS_SSLClient jssTest = new JSS_SSLClient();
try {
if ( !testhost.equals("localhost") )
jssTest.setHostName(testhost);
if ( testport != 29753 )
jssTest.setPort(testport);
jssTest.setTestCertCallback(true);
jssTest.setClientCertNick(certnick);
if ( certDbPath != null )
jssTest.setCertDbPath(certDbPath);
if ( passwdFile != null )
jssTest.setPasswordFile(passwdFile);
if ( testCipher != null ) {
try {
jssTest.setCipher(new Integer(testCipher).intValue());
jssTest.setEOF(testCipher);
jssTest.doIt();
while (!jssTest.isHandshakeCompleted()) {
//Do nothing
}
jssTest.clearHandshakeCompleted();
} catch (Exception ex) {
}
// Set EOF to null to trigger server socket close
jssTest.setCipher(new Integer(testCipher).intValue());
jssTest.setEOF("null");
jssTest.doIt();
while (!jssTest.isHandshakeCompleted()) {
//Do nothing
}
jssTest.clearHandshakeCompleted();
} else {
for ( int i=0; i<Constants.jssCipherSuites.length; i++ ) {
try {
jssTest.setCipher(Constants.jssCipherSuites[i]);
jssTest.setEOF(new Integer(
Constants.jssCipherSuites[i]).toString());
jssTest.doIt();
while (!jssTest.isHandshakeCompleted()) {
//Do nothing
}
jssTest.clearHandshakeCompleted();
} catch (Exception ex) {
}
}
// Set EOF to null to trigger server socket close
jssTest.setCipher(1);
jssTest.setEOF("null");
jssTest.doIt();
while (!jssTest.isHandshakeCompleted()) {
//Do nothing
}
jssTest.clearHandshakeCompleted();
}
} catch (Exception ex) {
System.out.println(ex.getMessage());
ex.printStackTrace();
}
}
}

233
security/jss/org/mozilla/jss/tests/JSS_SSLServer.java Executable file
Просмотреть файл

@ -0,0 +1,233 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is Netscape Security Services for Java.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 2002
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
package org.mozilla.jss.tests;
import org.mozilla.jss.ssl.*;
import org.mozilla.jss.CryptoManager;
import org.mozilla.jss.ssl.*;
import org.mozilla.jss.crypto.*;
import org.mozilla.jss.asn1.*;
import org.mozilla.jss.pkix.primitive.*;
import org.mozilla.jss.pkix.cert.*;
import org.mozilla.jss.pkix.cert.Certificate;
import org.mozilla.jss.util.PasswordCallback;
import org.mozilla.jss.tests.*;
import java.util.Calendar;
import java.util.Date;
import java.util.Vector;
import java.security.*;
import java.security.PrivateKey;
import java.net.InetAddress;
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.io.InputStream;
import java.io.EOFException;
import java.io.IOException;
public class JSS_SSLServer {
private static Vector jssSupportedCiphers= new Vector();
public static void main(String[] args) throws Exception {
(new JSS_SSLServer()).doIt(args);
}
private String serverCertNick = null;
private String serverHost = null;
private boolean TestInetAddress = false;
private boolean success = true;
public static int port = 29750;
public static String usage = "USAGE: java JSS_SSLServer . " +
"passwords server_name " +
"servercertnick [ true | false ]";
public void doIt(String[] args) throws Exception {
if ( args.length < 1 ) {
System.out.println(usage);
System.exit(0);
}
CryptoManager.initialize(args[0]);
CryptoManager cm = CryptoManager.getInstance();
CryptoToken tok = cm.getInternalKeyStorageToken();
PasswordCallback cb = new FilePasswordCallback(args[1]); // passwords
tok.login(cb);
serverHost = args[2]; // localhost
serverCertNick = args[3]; // servercertnick
if (args[4].equalsIgnoreCase("true") == true) {
TestInetAddress = true;
}
// We have to configure the server session ID cache before
// creating any server sockets.
SSLServerSocket.configServerSessionIDCache(10, 100, 100, null);
/* enable all the SSL2 cipher suites */
for (int i = SSLSocket.SSL2_RC4_128_WITH_MD5;
i <= SSLSocket.SSL2_DES_192_EDE3_CBC_WITH_MD5; ++i) {
if (i != SSLSocket.SSL2_IDEA_128_CBC_WITH_MD5) {
SSLSocket.setCipherPreferenceDefault( i, true);
}
}
/* enable all the SSL3 and TLS cipher suites */
for (int i = 0; Constants.jssCipherSuites[i] != 0; ++i) {
try {
SSLSocket.setCipherPreferenceDefault(
Constants.jssCipherSuites[i], true);
} catch (Exception ex) {
}
}
// open the server socket and bind to the port
if ( Constants.debug_level >= 3 )
System.out.println("Server about .... to create socket");
SSLServerSocket serverSock = null;
if (TestInetAddress) {
if ( Constants.debug_level >= 3 )
System.out.println("the HostName " + serverHost +
" the Inet Address " +
InetAddress.getByName(serverHost));
serverSock = new SSLServerSocket(port, 5,
InetAddress.getByName(serverHost), null , true);
} else {
if ( Constants.debug_level >= 3 )
System.out.println("Inet set to Null");
serverSock = new SSLServerSocket(port, 5, null , null , true);
}
if ( Constants.debug_level >= 3 )
System.out.println("Server created socket");
serverSock.requireClientAuth(true, true);
serverSock.setServerCertNickname(serverCertNick);
if ( Constants.debug_level >= 3 )
System.out.println("Server specified cert by nickname");
boolean socketListenStatus = true;
while ( socketListenStatus ) {
// accept the connection
SSLSocket sock = (SSLSocket) serverSock.accept();
sock.addHandshakeCompletedListener(
new HandshakeListener("server", this));
// try to read some bytes, to allow the handshake to go through
InputStream is = sock.getInputStream();
try {
BufferedReader bir = new BufferedReader(
new InputStreamReader(is));
String socketData = bir.readLine();
if ( socketData.equals("null") )
socketListenStatus = false;
else if ( socketData != null )
jssSupportedCiphers.add(socketData);
} catch(EOFException e) {
} catch(IOException ex) {
} catch(NullPointerException npe) {
socketListenStatus = false;
}
sock.close();
}
serverSock.close();
System.out.println("Server exiting");
System.out.println("-----------------------------------------" +
"----------------");
System.out.println("Summary of JSSE client to JSS server " +
"communication test :");
System.out.println("-----------------------------------------" +
"----------------");
for ( int i=0; i<jssSupportedCiphers.size(); i++ ) {
System.out.println("["+i+"]\t"+jssSupportedCiphers.elementAt(i));
}
System.out.println("-----------------------------------------" +
"----------------");
System.out.println("Please note that in JDK 5.0 the same set of ");
System.out.println("ciphers are exercised for SSLv3 and TLS.");
System.out.println("-----------------------------------------" +
"----------------");
System.out.flush();
if( getSuccess() ) {
System.exit(0);
} else {
System.exit(1);
}
}
public static class HandshakeListener
implements SSLHandshakeCompletedListener {
private String who;
private JSS_SSLServer boss;
public HandshakeListener(String who, JSS_SSLServer boss) {
this.who = who;
this.boss = boss;
}
public void handshakeCompleted(SSLHandshakeCompletedEvent event) {
try {
String mesg = who + " got a completed handshake ";
SSLSecurityStatus status = event.getStatus();
if( status.isSecurityOn() ) {
mesg += "(security is ON)";
} else {
mesg += "(security is OFF)";
}
if ( Constants.debug_level >= 3 )
System.out.println(mesg);
} catch(Exception e) {
e.printStackTrace();
boss.setFailure();
}
}
}
public synchronized void setFailure() {
success = false;
}
public synchronized boolean getSuccess() {
return success;
}
}

87
security/jss/org/mozilla/jss/tests/all.pl
Просмотреть файл

@ -49,6 +49,12 @@ sub usage {
}
my $nss_lib_dir;
my $dist_dir;
my $pathsep = ":";
my $scriptext = "sh";
my $exe_suffix = "";
my $jss_rel_dir = "";
my $jss_classpath = "";
sub setup_vars {
my $argv = shift;
@ -56,10 +62,9 @@ sub setup_vars {
my $osname = `uname -s`;
my $truncate_lib_path = 1;
my $pathsep = ":";
my $exe_suffix = "";
if( $osname =~ /HP/ ) {
$ld_lib_path = "SHLIB_PATH";
$scriptext = "sh";
} elsif( $osname =~ /win/i ) {
$ld_lib_path = "PATH";
$truncate_lib_path = 0;
@ -67,9 +72,11 @@ sub setup_vars {
$exe_suffix = ".exe";
} else {
$ld_lib_path = "LD_LIBRARY_PATH";
$scriptext = "sh";
}
my $dbg_suffix = "_dbg";
my $jar_dbg_suffix = "_dbg";
my $dbg_suffix = "_DBG";
$ENV{BUILD_OPT} and $dbg_suffix = "";
$ENV{CLASSPATH} = "";
@ -77,24 +84,27 @@ sub setup_vars {
if( $$argv[0] eq "dist" ) {
shift @$argv;
my $dist_dir = shift @$argv or usage("did not provide dist_dir");
$dist_dir = shift @$argv or usage("did not provide dist_dir");
$ENV{CLASSPATH} .= "$dist_dir/../xpclass$dbg_suffix.jar";
$ENV{CLASSPATH} .= "$dist_dir/../xpclass$jar_dbg_suffix.jar";
( -f $ENV{CLASSPATH} ) or die "$ENV{CLASSPATH} does not exist";
$ENV{$ld_lib_path} = $ENV{$ld_lib_path} . $pathsep . "$dist_dir/lib";
$nss_lib_dir = "$dist_dir/lib"
$nss_lib_dir = "$dist_dir/lib";
$jss_rel_dir = "$dist_dir/../classes$dbg_suffix/org";
$jss_classpath = "$dist_dir/../xpclass$jar_dbg_suffix.jar";
} elsif( $$argv[0] eq "release" ) {
shift @$argv;
my $jss_rel_dir = shift @$argv or usage();
my $nss_rel_dir = shift @$argv or usage();
$jss_rel_dir = shift @$argv or usage();
my $nss_rel_dir = shift @$argv or usage();
my $nspr_rel_dir = shift @$argv or usage();
$ENV{CLASSPATH} .= "$jss_rel_dir/../xpclass$dbg_suffix.jar";
$ENV{CLASSPATH} .= "$jss_rel_dir/../xpclass$jar_dbg_suffix.jar";
$ENV{$ld_lib_path} =
"$jss_rel_dir/lib$pathsep$nss_rel_dir/lib$pathsep$nspr_rel_dir/lib"
. $pathsep . $ENV{$ld_lib_path};
$nss_lib_dir = "$nss_rel_dir/lib";
$jss_classpath = "$jss_rel_dir/../xpclass$jar_dbg_suffix.jar";
} else {
usage();
}
@ -153,6 +163,7 @@ if( ! -d $testdir ) {
$result and die "Failed to copy builtins library";
}
my $result;
print STDERR "============= Setup DB\n";
$result = system("$java org.mozilla.jss.tests.SetupDBs testdir $pwfile");
$result >>=8;
@ -195,6 +206,13 @@ $result = system("$java org.mozilla.jss.tests.SigTest $testdir " .
"\"$signingToken\" $pwfile"); $result >>=8;
$result and die "SigTest returned $result";
# test JCA Sig Test
#
print STDERR "============= test Mozilla-JSS SigatureSPI JCASitTest\n";
$result = system("$java org.mozilla.jss.tests.JCASigTest $testdir $pwfile");
$result >>=8;
$result and die "TestJCASigTest returned $result";
# test Secret Decoder Ring
#
print STDERR "============= test Secret Decoder Ring\n";
@ -202,9 +220,52 @@ $result = system("$java org.mozilla.jss.tests.TestSDR $testdir $pwfile");
$result >>=8;
$result and die "TestSDR returned $result";
# test JCA Sig Test
#
print STDERR "============= test Mozilla-JSS SigatureSPI JCASitTest\n";
$result = system("$java org.mozilla.jss.tests.JCASigTest $testdir $pwfile");
# Generate a known cert pair that can be used for testing
#
print STDERR "============= Generate known cert pair for testing\n";
$result=system("$java org.mozilla.jss.tests.GenerateTestCert $testdir $pwfile");
$result >>=8;
$result and die "TestJCASigTest returned $result";
$result and die "Generate known cert pair for testing returned $result";
#
# Create keystore.pfx from generated cert db
# for "JSSCATestCert"
print STDERR "============= convert PKCS11 cert to PKCS12 format\n";
$result = system("$nss_lib_dir/../bin/pk12util$exe_suffix -o keystore.pfx -n JSSCATestCert -d ./$testdir -K netscape -W netscape");
$result >>=8;
$result and die "Convert PKCS11 to PKCS12 returned $result";
#
# Start both JSS and JSSE servers
#
print STDERR "============= Start JSSE server tests\n";
$result=system("./startJsseServ.$scriptext $jss_classpath $testdir");
$result >>=8;
$result and die "JSSE servers returned $result";
#
# Test JSS client communication
#
print STDERR "============= Start JSS client tests\n";
$result = system("cp $testdir/*.db .");
$result = system("$java org.mozilla.jss.tests.JSS_SSLClient");
$result >>=8;
$result and die "JSS client returned $result";
#
# Start both JSS and JSSE servers
#
print STDERR "============= Start JSS server tests\n";
$result=system("./startJssServ.$scriptext $jss_classpath $testdir");
$result >>=8;
$result and die "JSS servers returned $result";
#
# Test JSSE client communication
#
print STDERR "============= Start JSSE client tests\n";
$result = system("$java org.mozilla.jss.tests.JSSE_SSLClient");
$result >>=8;
$result and die "JSSE client returned $result";

44
security/jss/org/mozilla/jss/tests/startJssServ.sh Executable file
Просмотреть файл

@ -0,0 +1,44 @@
#!/bin/sh
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
########################################################################
#
# "Starting JSS JAA_SSLServer..."
#
${JAVA_HOME}/bin/java -classpath $1 org.mozilla.jss.tests.JSS_SSLServer $2 passwords localhost JSSCATestCert true &

44
security/jss/org/mozilla/jss/tests/startJsseServ.sh Executable file
Просмотреть файл

@ -0,0 +1,44 @@
#!/bin/sh
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
########################################################################
#
# "Starting JSSE JSSE_SSLServer Test..."
#
${JAVA_HOME}/bin/java -classpath $1 org.mozilla.jss.tests.JSSE_SSLServer 29753 SSLv3 false &