mozilla
/
pjs
зеркало из https://github.com/mozilla/pjs.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bugzilla bug: 317479. Added IBMJCE for tests to work with IBM JDK. 

sr=glen.beasley r=alexei.volkov
This commit is contained in:
sandeep.konchady%sun.com 2006-02-16 19:54:08 +00:00
Родитель 8b943635cc
Коммит dbf6d0080b
4 изменённых файлов: 230 добавлений и 85 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

22
security/jss/org/mozilla/jss/tests/HMACTest.java
Просмотреть файл

@ -61,17 +61,25 @@ public class HMACTest {
macJSS.update(clearText.getBytes());
byte[] resultJSS = macJSS.doFinal(clearText.getBytes());
//Get the SunJCE HMAC
Mac macSunJCE = Mac.getInstance(alg, "SunJCE");
macSunJCE.init(sk);
macSunJCE.update(clearText.getBytes());
byte[] resultSunJCE = macSunJCE.doFinal(clearText.getBytes());
//Get the SunJCE or IBMJCE HMAC
Mac macJCE = null;
String javaVendorName = System.getProperty("java.vendor");
if ( javaVendorName.equals("IBM Corporation") ) {
macJCE = Mac.getInstance(alg, "IBMJCE");
} else if ( javaVendorName.equals("Sun Microsystems Inc.") ) {
macJCE = Mac.getInstance(alg, "SunJCE");
}
macJCE.init(sk);
macJCE.update(clearText.getBytes());
byte[] resultSunJCE = macJCE.doFinal(clearText.getBytes());
//Check to see if HMACs are equal
if ( java.util.Arrays.equals(resultJSS, resultSunJCE) ) {
System.out.println("Sun and Mozilla give same " + alg);
System.out.println(javaVendorName.substring(0,3) +
" and Mozilla give same " + alg);
} else {
throw new Exception("ERROR: Sun and Mozilla give different "+ alg );
throw new Exception("ERROR: " + javaVendorName.substring(0,3) +
" and Mozilla give different "+ alg );
}
}

151
security/jss/org/mozilla/jss/tests/JSSE_SSLClient.java
Просмотреть файл

@ -43,10 +43,14 @@ import java.security.cert.*;
import javax.security.cert.X509Certificate;
import java.security.KeyStore;
/*
/**
* This program connects to any SSL Server to exercise
* all ciphers supported by JSSE. The result is listing
* of common ciphers between the server and JSSE.
* all ciphers supported by JSSE for a given JDK/JRE
* version. The result is listing of common ciphers
* between the server and this JSSE client.
*
* @author Sandeep Konchady
* @version 1.0
*/
public class JSSE_SSLClient {
@ -273,14 +277,15 @@ public class JSSE_SSLClient {
* before the SSLContext, the server/proxy might timeout
* waiting for the client to actually send something.
*/
SSLSocketFactory factory = null;
SSLSocket socket = null;
SSLSocketFactory factory = null;
SSLSocket socket = null;
SSLContext ctx = null;
KeyManagerFactory kmf = null;
TrustManagerFactory tmf = null;
KeyStore ks = null;
KeyStore ksTrust = null;
SSLContext ctx = null;
KeyManagerFactory kmf = null;
TrustManagerFactory tmf = null;
KeyStore ks = null;
KeyStore ksTrust = null;
String provider = "SunJCE";
/*
* Set up a key manager for client authentication
@ -289,21 +294,50 @@ public class JSSE_SSLClient {
*/
char[] passphrase = "netscape".toCharArray();
char[] trustpassphrase = "changeit".toCharArray();
String javaVendor = System.getProperty("java.vendor");
if (Constants.debug_level > 3)
System.out.println("DBEUG: JSSE_SSLClient.java java.vendor=" +
javaVendor);
// Initialize the system
System.setProperty("java.protocol.handler.pkgs",
if (javaVendor.equals("IBM Corporation")) {
System.setProperty("java.protocol.handler.pkgs",
"com.ibm.net.ssl.www.protocol.Handler");
java.security.Security.addProvider ((java.security.Provider)
Class.forName("com.ibm.jsse2.IBMJSSEProvider2").newInstance());
provider = "IBMJCE";
} else {
System.setProperty("java.protocol.handler.pkgs",
"com.sun.net.ssl.internal.www.protocol");
java.security.Security.addProvider(
new com.sun.net.ssl.internal.ssl.Provider());
java.security.Security.addProvider ((java.security.Provider)
Class.forName("com.sun.crypto.provider.SunJCE").newInstance());
}
// Load the keystore that contains the certificate
kmf = KeyManagerFactory.getInstance("SunX509");
ks = KeyStore.getInstance("PKCS12");
String certificate = new String("SunX509");
ks = KeyStore.getInstance("PKCS12");
if (javaVendor.equals("IBM Corporation")) {
certificate = new String("IbmX509");
ks = KeyStore.getInstance("PKCS12", provider);
}
try {
kmf = KeyManagerFactory.getInstance(certificate);
ks.load(new FileInputStream(getKeystoreLoc()), passphrase);
} catch (Exception keyEx) {
System.out.println(keyEx.getMessage());
System.exit(1);
if (Constants.debug_level > 3) {
if(System.getProperty("java.vendor").equals("IBM Corporation")) {
System.out.println("Using IBM JDK: Cannot load keystore due "+
"to strong security encryption settings\nwith limited " +
"Jurisdiction policy files :\n" +
"http://www-1.ibm.com/support/docview.wss?uid=swg21169931");
return "success";
} else {
System.out.println(keyEx.getMessage());
keyEx.printStackTrace();
}
}
return "failure";
}
kmf.init(ks, passphrase);
@ -358,9 +392,9 @@ public class JSSE_SSLClient {
socket = (SSLSocket)factory.createSocket(host, port);
}
/*
* register a callback for handshaking completion event
*/
/*
* register a callback for handshaking completion event
*/
try {
socket.addHandshakeCompletedListener(
new HandshakeCompletedListener() {
@ -377,15 +411,15 @@ public class JSSE_SSLClient {
}
);
} catch (Exception handshakeEx) {
return null;
return handshakeEx.getMessage();
}
/*
* send http request
*
* See SSLSocketClient.java for more information about why
* there is a forced handshake here when using PrintWriters.
*/
/*
* send http request
*
* See SSLSocketClient.java for more information about why
* there is a forced handshake here when using PrintWriters.
*/
String [] Ciphers = {cipherName};
socket.setEnabledCipherSuites(Ciphers);
// Set socket timeout to 10 sec
@ -403,9 +437,9 @@ public class JSSE_SSLClient {
out.println(EOF);
out.flush();
/*
* Make sure there were no surprises
*/
/*
* Make sure there were no surprises
*/
if (out.checkError())
System.out.println("SSLSocketClient: " +
"java.io.PrintWriter error");
@ -420,15 +454,14 @@ public class JSSE_SSLClient {
String inputLine;
while ((inputLine = in.readLine()) != null)
System.out.println(inputLine);
while ((inputLine = in.readLine()) != null);
//System.out.println("Shutdown the input stream ...");
//socket.shutdownInput();
in.close();
out.close();
socket.close();
} catch (Exception e) {
if ( Constants.debug_level > 3 )
e.printStackTrace();
setHandshakeCompleted();
return e.getMessage();
}
@ -553,11 +586,13 @@ public class JSSE_SSLClient {
// This try is for catching non supported cipher exception
try {
for(int i=0;i<Constants.sslciphersarray_jdk150.length;i++){
sslSock.setCipherSuite(
if (i<7 | i==33) {
sslSock.setCipherSuite(
Constants.sslciphersarray_jdk150[i]);
sslSock.setEOF(Constants.sslciphersarray_jdk150[i]);
String errStr = sslSock.validateConnection();
Thread.currentThread().sleep(1000);
sslSock.setEOF(Constants.sslciphersarray_jdk150[i]);
String errStr = sslSock.validateConnection();
Thread.currentThread().sleep(1000);
}
}
} catch (Exception ex) {
System.out.println("JSSE_SSLCLient: Did not find " +
@ -601,11 +636,13 @@ public class JSSE_SSLClient {
// This try is for catching non supported cipher exception
try {
for(int i=0;i<Constants.sslciphersarray_jdk142.length;i++){
lastCipher = Constants.sslciphersarray_jdk142[i];
sslSock.setCipherSuite(lastCipher);
sslSock.setEOF(Constants.sslciphersarray_jdk142[i]);
String errStr = sslSock.validateConnection();
Thread.currentThread().sleep(1000);
if (i<7 | i==22) {
lastCipher = Constants.sslciphersarray_jdk142[i];
sslSock.setCipherSuite(lastCipher);
sslSock.setEOF(Constants.sslciphersarray_jdk142[i]);
String errStr = sslSock.validateConnection();
Thread.currentThread().sleep(1000);
}
}
} catch (Exception ex) {
System.out.println("JSSE_SSLCLient: Did not find " +
@ -629,11 +666,13 @@ public class JSSE_SSLClient {
// This try is for catching non supported cipher exception
try {
for(int i=0;i<Constants.sslciphersarray_jdk150.length;i++){
lastCipher = Constants.sslciphersarray_jdk150[i];
sslSock.setCipherSuite(
if (i<7 | i==34) {
lastCipher = Constants.sslciphersarray_jdk150[i];
sslSock.setCipherSuite(
Constants.sslciphersarray_jdk150[i]);
sslSock.setEOF(Constants.sslciphersarray_jdk150[i]);
String errStr = sslSock.validateConnection();
sslSock.setEOF(Constants.sslciphersarray_jdk150[i]);
String errStr = sslSock.validateConnection();
}
}
} catch (Exception ex) {
System.out.println("JSSE_SSLCLient: Did not find " +
@ -688,14 +727,24 @@ public class JSSE_SSLClient {
// Call TLS client cipher test
try {
Thread.currentThread().sleep(1000);
} catch (Exception e) { }
sslSock.testTlsClient(testCipher, testHost, testPort, keystoreLocation);
sslSock.testTlsClient(testCipher,testHost,testPort,keystoreLocation);
} catch (Exception e) {
System.out.println("Exception caught testing TLS ciphers\n" +
e.getMessage());
e.printStackTrace();
System.exit(1);
}
// Call SSLv3 client cipher test
try {
Thread.currentThread().sleep(1000);
} catch (Exception e) { }
sslSock.testSslClient(testCipher, testHost, testPort, keystoreLocation);
sslSock.testSslClient(testCipher,testHost,testPort,keystoreLocation);
} catch (Exception e) {
System.out.println("Exception caught testing SSLv3 ciphers\n" +
e.getMessage());
e.printStackTrace();
System.exit(1);
}
System.exit(0);
}
}

63
security/jss/org/mozilla/jss/tests/JSSE_SSLServer.java
Просмотреть файл

@ -43,6 +43,13 @@ import javax.net.*;
import javax.net.ssl.*;
import javax.security.cert.X509Certificate;
/**
* JSSE SSLServer class that implements ClassServer.
*
* @author Sandeep.Konchady@Sun.COM
* @version 1.0
*/
public class JSSE_SSLServer extends ClassServer {
private static int DefaultServerPort = 29753;
@ -124,20 +131,31 @@ public class JSSE_SSLServer extends ClassServer {
try {
SSLServerSocketFactory ssf =
JSSE_SSLServer.getServerSocketFactory(type);
SSLServerSocket ss = (SSLServerSocket)ssf.createServerSocket(port);
// Set server socket timeout to 90 sec
ss.setSoTimeout(90 * 1000);
if ( ssf != null ) {
SSLServerSocket ss =
(SSLServerSocket)ssf.createServerSocket(port);
// Set server socket timeout to 90 sec
ss.setSoTimeout(90 * 1000);
// Based on J2SE version, enable appropriate ciphers
if ( (System.getProperty("java.version")).indexOf("1.4") != -1 ) {
System.out.println("*** Using J2SE 1.4.x ***");
ss.setEnabledCipherSuites(Constants.sslciphersarray_jdk142);
// Based on J2SE version, enable appropriate ciphers
if ( (System.getProperty("java.version")).indexOf("1.4") != -1 ) {
System.out.println("*** Using J2SE 1.4.x ***");
ss.setEnabledCipherSuites(Constants.sslciphersarray_jdk142);
} else {
System.out.println("*** Using J2SE 1.5.x ***");
ss.setEnabledCipherSuites(Constants.sslciphersarray_jdk150);
}
((SSLServerSocket)ss).setNeedClientAuth(bClientAuth);
new JSSE_SSLServer(ss);
} else {
System.out.println("*** Using J2SE 1.5.x ***");
ss.setEnabledCipherSuites(Constants.sslciphersarray_jdk150);
if (System.getProperty("java.vendor").equals("IBM Corporation")) {
System.out.println("Using IBM JDK: Cannot load keystore due "+
"to strong security encryption settings\nwith limited " +
"Jurisdiction policy files :\n " +
"http://www-1.ibm.com/support/docview.wss?uid=swg21169931");
System.exit(0);
}
}
((SSLServerSocket)ss).setNeedClientAuth(bClientAuth);
new JSSE_SSLServer(ss);
} catch (IOException e) {
System.out.println("Unable to start ClassServer: " +
e.getMessage());
@ -148,7 +166,7 @@ public class JSSE_SSLServer extends ClassServer {
// Put the main thread to sleep. In case we do not get any
// response within 5 sec, then we shutdown the server.
try {
Thread.currentThread().sleep(5000);
Thread.currentThread().sleep(90 * 1000);
} catch (InterruptedException e) {
System.out.println("Thread Interrupted, exiting normally ...\n");
System.exit(0);
@ -191,11 +209,16 @@ public class JSSE_SSLServer extends ClassServer {
String authType) {}
}
};
String certificate = new String("SunX509");
String javaVendor = System.getProperty("java.vendor");
if (javaVendor.equals("IBM Corporation"))
certificate = new String("IbmX509");
if (type.equals("TLS")) {
try {
ctx = SSLContext.getInstance("TLS");
kmf = KeyManagerFactory.getInstance("SunX509");
kmf = KeyManagerFactory.getInstance(certificate);
ks = KeyStore.getInstance("PKCS12");
ks.load(new FileInputStream(getKeystoreLoc()), passphrase);
@ -205,26 +228,26 @@ public class JSSE_SSLServer extends ClassServer {
ssf = ctx.getServerSocketFactory();
return ssf;
} catch (Exception e) {
e.printStackTrace();
System.exit(1);
if (Constants.debug_level > 3)
e.printStackTrace();
}
} else if (type.equals("SSLv3")) {
try {
ctx = SSLContext.getInstance("SSLv3");
kmf = KeyManagerFactory.getInstance("SunX509");
kmf = KeyManagerFactory.getInstance(certificate);
ks = KeyStore.getInstance("PKCS12");
ks.load(new FileInputStream("./" + getKeystoreLoc()), passphrase);
ks.load(new FileInputStream(getKeystoreLoc()), passphrase);
kmf.init(ks, passphrase);
ctx.init(kmf.getKeyManagers(), trustAllCerts, null);
ssf = ctx.getServerSocketFactory();
return ssf;
} catch (Exception e) {
e.printStackTrace();
System.exit(1);
if (Constants.debug_level > 3)
e.printStackTrace();
}
}
return null;
return ssf;
}
}

79
security/jss/org/mozilla/jss/tests/KeyFactoryTest.java
Просмотреть файл

@ -67,6 +67,11 @@ class RSATestValues extends TestValues {
super("RSA", "SHA1withRSA", RSAPrivateCrtKeySpec.class,
RSAPublicKeySpec.class, "SunRsaSign");
}
public RSATestValues(String provider) {
super("RSA", "SHA1withRSA", RSAPrivateCrtKeySpec.class,
RSAPublicKeySpec.class, provider);
}
}
class DSATestValues extends TestValues {
@ -74,6 +79,11 @@ class DSATestValues extends TestValues {
super("DSA", "SHA1withDSA", DSAPrivateKeySpec.class,
DSAPublicKeySpec.class, "SUN");
}
public DSATestValues(String provider) {
super("DSA", "SHA1withDSA", DSAPrivateKeySpec.class,
DSAPublicKeySpec.class, provider);
}
}
public class KeyFactoryTest {
@ -111,22 +121,77 @@ public class KeyFactoryTest {
}
public void doTest() throws Throwable {
RSATestValues rsa = new RSATestValues();
DSATestValues dsa = new DSATestValues();
String javaVendor = System.getProperty("java.vendor");
RSATestValues rsa = null;
DSATestValues dsa = null;
boolean exception = false;
if ( javaVendor.equals("IBM Corporation") ) {
rsa = new RSATestValues("IBMJCE");
dsa = new DSATestValues("IBMJCE");
} else {
rsa = new RSATestValues();
dsa = new DSATestValues();
}
// Generate RSA private key from spec
genPrivKeyFromSpec(rsa);
try {
genPrivKeyFromSpec(rsa);
} catch (java.security.spec.InvalidKeySpecException ex) {
if (Constants.debug_level > 3)
System.out.println("InvalidKeySpecException caught " +
"genPrivKeyFromSpec(rsa): " + ex.getMessage());
if ( javaVendor.equals("IBM Corporation") ) {
System.out.println("Could not generated a RSA private key from " +
"a\njava.security.spec.RSAPrivateKeySpec. Not supported " +
"IBMJCE");
} else {
exception = true;
}
} catch (Exception ex) {
if (Constants.debug_level > 3)
System.out.println("Exception caught genPrivKeyFromSpec(rsa): " +
ex.getMessage());
}
// Generate DSA private key from spec
genPrivKeyFromSpec(dsa);
try {
genPrivKeyFromSpec(dsa);
} catch (java.security.spec.InvalidKeySpecException ex) {
if (Constants.debug_level > 3)
System.out.println("InvalidKeySpecException caught " +
"genPrivKeyFromSpec(dsa): " + ex.getMessage());
exception = true;
} catch (Exception ex) {
if (Constants.debug_level > 3)
System.out.println("Exception caught genPrivKeyFromSpec(dsa): " +
ex.getMessage());
}
// translate RSA key
genPubKeyFromSpec(rsa);
try {
genPubKeyFromSpec(rsa);
} catch (Exception ex) {
if (Constants.debug_level > 3)
System.out.println("Exception caught genPubKeyFromSpec(rsa): " +
ex.getMessage());
exception = true;
}
// translate key
genPubKeyFromSpec(dsa);
try {
genPubKeyFromSpec(dsa);
} catch (Exception ex) {
if (Constants.debug_level > 3)
System.out.println("Exception caught genPubKeyFromSpec(dsa): " +
ex.getMessage());
exception = true;
}
System.exit(0);
if (exception)
System.exit(1);
else
System.exit(0);
}
public void genPrivKeyFromSpec(TestValues vals) throws Throwable {