author | wetmore |
Fri, 11 May 2018 15:53:12 -0700 | |
branch | JDK-8145252-TLS13-branch |
changeset 56542 | 56aaa6cb3693 |
parent 47216 | 71c04702a3d5 |
permissions | -rw-r--r-- |
14929
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
1 |
/* |
21658
3a2a0734cb71
8023147: Test DisabledShortRSAKeys.java intermittent failed
xuelei
parents:
16020
diff
changeset
|
2 |
* Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved. |
14929
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
4 |
* |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
5 |
* This code is free software; you can redistribute it and/or modify it |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
7 |
* published by the Free Software Foundation. Oracle designates this |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
8 |
* particular file as subject to the "Classpath" exception as provided |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
9 |
* by Oracle in the LICENSE file that accompanied this code. |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
10 |
* |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
11 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
12 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
13 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
14 |
* version 2 for more details (a copy is included in the LICENSE file that |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
15 |
* accompanied this code). |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
16 |
* |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
17 |
* You should have received a copy of the GNU General Public License version |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
18 |
* 2 along with this work; if not, write to the Free Software Foundation, |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
19 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
20 |
* |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
21 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
22 |
* or visit www.oracle.com if you need additional information or have any |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
23 |
* questions. |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
24 |
*/ |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
25 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
26 |
// SunJSSE does not support dynamic system properties, no way to re-use |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
27 |
// system properties in samevm/agentvm mode. |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
28 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
29 |
/* |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
30 |
* @test |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
31 |
* @bug 7109274 |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
32 |
* @summary Consider disabling support for X.509 certificates with RSA keys |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
33 |
* less than 1024 bits |
42990
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
34 |
* @library /javax/net/ssl/templates |
14929
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
35 |
* @run main/othervm DisabledShortRSAKeys PKIX TLSv1.2 |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
36 |
* @run main/othervm DisabledShortRSAKeys SunX509 TLSv1.2 |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
37 |
* @run main/othervm DisabledShortRSAKeys PKIX TLSv1.1 |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
38 |
* @run main/othervm DisabledShortRSAKeys SunX509 TLSv1.1 |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
39 |
* @run main/othervm DisabledShortRSAKeys PKIX TLSv1 |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
40 |
* @run main/othervm DisabledShortRSAKeys SunX509 TLSv1 |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
41 |
* @run main/othervm DisabledShortRSAKeys PKIX SSLv3 |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
42 |
* @run main/othervm DisabledShortRSAKeys SunX509 SSLv3 |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
43 |
*/ |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
44 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
45 |
import java.net.*; |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
46 |
import java.util.*; |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
47 |
import java.io.*; |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
48 |
import javax.net.ssl.*; |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
49 |
import java.security.Security; |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
50 |
import java.security.KeyStore; |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
51 |
import java.security.KeyFactory; |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
52 |
import java.security.cert.Certificate; |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
53 |
import java.security.cert.CertificateFactory; |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
54 |
import java.security.spec.*; |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
55 |
import java.security.interfaces.*; |
16020
b57c48f16179
8006182: cleanup to use java.util.Base64 in java security component, providers, and regression tests
msheppar
parents:
14929
diff
changeset
|
56 |
import java.util.Base64; |
14929
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
57 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
58 |
|
42990
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
59 |
public class DisabledShortRSAKeys extends SSLSocketTemplate { |
14929
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
60 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
61 |
/* |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
62 |
* Where do we find the keystores? |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
63 |
*/ |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
64 |
// Certificates and key used in the test. |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
65 |
static String trustedCertStr = |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
66 |
"-----BEGIN CERTIFICATE-----\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
67 |
"MIICkjCCAfugAwIBAgIBADANBgkqhkiG9w0BAQQFADA7MQswCQYDVQQGEwJVUzEN\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
68 |
"MAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UwHhcN\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
69 |
"MTEwODE5MDE1MjE5WhcNMzIwNzI5MDE1MjE5WjA7MQswCQYDVQQGEwJVUzENMAsG\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
70 |
"A1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UwgZ8wDQYJ\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
71 |
"KoZIhvcNAQEBBQADgY0AMIGJAoGBAM8orG08DtF98TMSscjGsidd1ZoN4jiDpi8U\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
72 |
"ICz+9dMm1qM1d7O2T+KH3/mxyox7Rc2ZVSCaUD0a3CkhPMnlAx8V4u0H+E9sqso6\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
73 |
"iDW3JpOyzMExvZiRgRG/3nvp55RMIUV4vEHOZ1QbhuqG4ebN0Vz2DkRft7+flthf\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
74 |
"vDld6f5JAgMBAAGjgaUwgaIwHQYDVR0OBBYEFLl81dnfp0wDrv0OJ1sxlWzH83Xh\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
75 |
"MGMGA1UdIwRcMFqAFLl81dnfp0wDrv0OJ1sxlWzH83XhoT+kPTA7MQswCQYDVQQG\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
76 |
"EwJVUzENMAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
77 |
"Y2WCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEE\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
78 |
"BQADgYEALlgaH1gWtoBZ84EW8Hu6YtGLQ/L9zIFmHonUPZwn3Pr//icR9Sqhc3/l\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
79 |
"pVTxOINuFHLRz4BBtEylzRIOPzK3tg8XwuLb1zd0db90x3KBCiAL6E6cklGEPwLe\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
80 |
"XYMHDn9eDsaq861Tzn6ZwzMgw04zotPMoZN0mVd/3Qca8UJFucE=\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
81 |
"-----END CERTIFICATE-----"; |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
82 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
83 |
static String targetCertStr = |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
84 |
"-----BEGIN CERTIFICATE-----\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
85 |
"MIICNDCCAZ2gAwIBAgIBDDANBgkqhkiG9w0BAQQFADA7MQswCQYDVQQGEwJVUzEN\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
86 |
"MAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UwHhcN\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
87 |
"MTExMTA3MTM1NTUyWhcNMzEwNzI1MTM1NTUyWjBPMQswCQYDVQQGEwJVUzENMAsG\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
88 |
"A1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UxEjAQBgNV\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
89 |
"BAMTCWxvY2FsaG9zdDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQC3Pb49OSPfOD2G\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
90 |
"HSXFCFx1GJEZfqG9ZUf7xuIi/ra5dLjPGAaoY5QF2QOa8VnOriQCXDfyXHxsuRnE\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
91 |
"OomxL7EVAgMBAAGjeDB2MAsGA1UdDwQEAwID6DAdBgNVHQ4EFgQUXNCJK3/dtCIc\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
92 |
"xb+zlA/JINlvs/MwHwYDVR0jBBgwFoAUuXzV2d+nTAOu/Q4nWzGVbMfzdeEwJwYD\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
93 |
"VR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDAzANBgkqhkiG9w0B\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
94 |
"AQQFAAOBgQB2qIDUxA2caMPpGtUACZAPRUtrGssCINIfItETXJZCx/cRuZ5sP4D9\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
95 |
"N1acoNDn0hCULe3lhXAeTC9NZ97680yJzregQMV5wATjo1FGsKY30Ma+sc/nfzQW\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
96 |
"+h/7RhYtoG0OTsiaDCvyhI6swkNJzSzrAccPY4+ZgU8HiDLzZTmM3Q==\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
97 |
"-----END CERTIFICATE-----"; |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
98 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
99 |
// Private key in the format of PKCS#8, key size is 512 bits. |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
100 |
static String targetPrivateKey = |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
101 |
"MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAtz2+PTkj3zg9hh0l\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
102 |
"xQhcdRiRGX6hvWVH+8biIv62uXS4zxgGqGOUBdkDmvFZzq4kAlw38lx8bLkZxDqJ\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
103 |
"sS+xFQIDAQABAkByx/5Oo2hQ/w2q4L8z+NTRlJ3vdl8iIDtC/4XPnfYfnGptnpG6\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
104 |
"ZThQRvbMZiai0xHQPQMszvAHjZVme1eDl3EBAiEA3aKJHynPVCEJhpfCLWuMwX5J\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
105 |
"1LntwJO7NTOyU5m8rPECIQDTpzn5X44r2rzWBDna/Sx7HW9IWCxNgUD2Eyi2nA7W\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
106 |
"ZQIgJerEorw4aCAuzQPxiGu57PB6GRamAihEAtoRTBQlH0ECIQDN08FgTtnesgCU\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
107 |
"DFYLLcw1CiHvc7fZw4neBDHCrC8NtQIgA8TOUkGnpCZlQ0KaI8KfKWI+vxFcgFnH\n" + |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
108 |
"3fnqsTgaUs4="; |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
109 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
110 |
static char passphrase[] = "passphrase".toCharArray(); |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
111 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
112 |
/* |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
113 |
* Turn on SSL debugging? |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
114 |
*/ |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
115 |
static boolean debug = false; |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
116 |
|
42990
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
117 |
@Override |
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
118 |
protected SSLContext createClientSSLContext() throws Exception { |
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
119 |
return generateSSLContext(trustedCertStr, null, null); |
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
120 |
} |
14929
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
121 |
|
42990
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
122 |
@Override |
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
123 |
protected SSLContext createServerSSLContext() throws Exception { |
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
124 |
return generateSSLContext(null, targetCertStr, targetPrivateKey); |
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
125 |
} |
14929
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
126 |
|
42990
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
127 |
@Override |
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
128 |
protected void runServerApplication(SSLSocket socket) throws Exception { |
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
129 |
try { |
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
130 |
try (InputStream sslIS = socket.getInputStream()) { |
21658
3a2a0734cb71
8023147: Test DisabledShortRSAKeys.java intermittent failed
xuelei
parents:
16020
diff
changeset
|
131 |
sslIS.read(); |
3a2a0734cb71
8023147: Test DisabledShortRSAKeys.java intermittent failed
xuelei
parents:
16020
diff
changeset
|
132 |
} |
42990
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
133 |
throw new Exception("RSA keys shorter than 1024 bits should be disabled"); |
14929
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
134 |
} catch (SSLHandshakeException sslhe) { |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
135 |
// the expected exception, ignore |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
136 |
} |
42990
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
137 |
|
14929
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
138 |
} |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
139 |
|
42990
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
140 |
@Override |
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
141 |
protected void runClientApplication(SSLSocket socket) throws Exception { |
14929
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
142 |
|
42990
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
143 |
try { |
14929
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
144 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
145 |
// only enable the target protocol |
42990
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
146 |
socket.setEnabledProtocols(new String[] { enabledProtocol }); |
14929
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
147 |
// enable a block cipher |
42990
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
148 |
socket.setEnabledCipherSuites( |
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
149 |
new String[] { "TLS_DHE_RSA_WITH_AES_128_CBC_SHA" }); |
14929
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
150 |
|
42990
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
151 |
try (OutputStream sslOS = socket.getOutputStream()) { |
21658
3a2a0734cb71
8023147: Test DisabledShortRSAKeys.java intermittent failed
xuelei
parents:
16020
diff
changeset
|
152 |
sslOS.write('B'); |
3a2a0734cb71
8023147: Test DisabledShortRSAKeys.java intermittent failed
xuelei
parents:
16020
diff
changeset
|
153 |
sslOS.flush(); |
3a2a0734cb71
8023147: Test DisabledShortRSAKeys.java intermittent failed
xuelei
parents:
16020
diff
changeset
|
154 |
} |
14929
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
155 |
throw new Exception( |
42990
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
156 |
"RSA keys shorter than 1024 bits should be disabled"); |
14929
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
157 |
} catch (SSLHandshakeException sslhe) { |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
158 |
// the expected exception, ignore |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
159 |
} |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
160 |
} |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
161 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
162 |
/* |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
163 |
* ============================================================= |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
164 |
* The remainder is just support stuff |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
165 |
*/ |
42990
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
166 |
private static String tmAlgorithm; // trust manager |
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
167 |
private static String enabledProtocol; // the target protocol |
14929
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
168 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
169 |
private static void parseArguments(String[] args) { |
42990
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
170 |
tmAlgorithm = args[0]; |
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
171 |
enabledProtocol = args[1]; |
14929
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
172 |
} |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
173 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
174 |
private static SSLContext generateSSLContext(String trustedCertStr, |
42990
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
175 |
String keyCertStr, String keySpecStr) throws Exception { |
14929
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
176 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
177 |
// generate certificate from cert string |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
178 |
CertificateFactory cf = CertificateFactory.getInstance("X.509"); |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
179 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
180 |
// create a key store |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
181 |
KeyStore ks = KeyStore.getInstance("JKS"); |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
182 |
ks.load(null, null); |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
183 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
184 |
// import the trused cert |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
185 |
Certificate trusedCert = null; |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
186 |
ByteArrayInputStream is = null; |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
187 |
if (trustedCertStr != null) { |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
188 |
is = new ByteArrayInputStream(trustedCertStr.getBytes()); |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
189 |
trusedCert = cf.generateCertificate(is); |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
190 |
is.close(); |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
191 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
192 |
ks.setCertificateEntry("RSA Export Signer", trusedCert); |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
193 |
} |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
194 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
195 |
if (keyCertStr != null) { |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
196 |
// generate the private key. |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
197 |
PKCS8EncodedKeySpec priKeySpec = new PKCS8EncodedKeySpec( |
42990
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
198 |
Base64.getMimeDecoder().decode(keySpecStr)); |
14929
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
199 |
KeyFactory kf = KeyFactory.getInstance("RSA"); |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
200 |
RSAPrivateKey priKey = |
42990
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
201 |
(RSAPrivateKey)kf.generatePrivate(priKeySpec); |
14929
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
202 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
203 |
// generate certificate chain |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
204 |
is = new ByteArrayInputStream(keyCertStr.getBytes()); |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
205 |
Certificate keyCert = cf.generateCertificate(is); |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
206 |
is.close(); |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
207 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
208 |
Certificate[] chain = null; |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
209 |
if (trusedCert != null) { |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
210 |
chain = new Certificate[2]; |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
211 |
chain[0] = keyCert; |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
212 |
chain[1] = trusedCert; |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
213 |
} else { |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
214 |
chain = new Certificate[1]; |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
215 |
chain[0] = keyCert; |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
216 |
} |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
217 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
218 |
// import the key entry. |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
219 |
ks.setKeyEntry("Whatever", priKey, passphrase, chain); |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
220 |
} |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
221 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
222 |
// create SSL context |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
223 |
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmAlgorithm); |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
224 |
tmf.init(ks); |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
225 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
226 |
SSLContext ctx = SSLContext.getInstance("TLS"); |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
227 |
if (keyCertStr != null && !keyCertStr.isEmpty()) { |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
228 |
KeyManagerFactory kmf = KeyManagerFactory.getInstance("NewSunX509"); |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
229 |
kmf.init(ks, passphrase); |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
230 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
231 |
ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
232 |
ks = null; |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
233 |
} else { |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
234 |
ctx.init(null, tmf.getTrustManagers(), null); |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
235 |
} |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
236 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
237 |
return ctx; |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
238 |
} |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
239 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
240 |
public static void main(String[] args) throws Exception { |
56542 | 241 |
Security.setProperty("jdk.certpath.disabledAlgorithms", |
242 |
"RSA keySize < 1024"); |
|
243 |
Security.setProperty("jdk.tls.disabledAlgorithms", |
|
244 |
"RSA keySize < 1024"); |
|
245 |
||
246 |
if (debug) { |
|
14929
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
247 |
System.setProperty("javax.net.debug", "all"); |
56542 | 248 |
} |
14929
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
249 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
250 |
/* |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
251 |
* Get the customized arguments. |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
252 |
*/ |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
253 |
parseArguments(args); |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
254 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
255 |
/* |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
256 |
* Start the tests. |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
257 |
*/ |
42990
9edd5241610a
8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out
tidu
parents:
23052
diff
changeset
|
258 |
new DisabledShortRSAKeys().run(); |
14929
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
259 |
} |
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
260 |
|
59377f4b9919
7109274: Restrict the use of certificates with RSA keys less than 1024 bits
xuelei
parents:
diff
changeset
|
261 |
} |