jdk-sandbox: comparison test/jdk/lib/security/CheckBlacklistedCerts.java

equal deleted inserted replaced

-:755b367c2134
+:40aa2d50d116
 * questions.
 */
 /*
 * @test
-* @bug 8011402
+* @bug 8011402 8211969
 * @summary Move blacklisting certificate logic from hard code to data
 * @modules java.base/sun.security.util
 */
 import sun.security.util.UntrustedCertificates;
 // All certs in the pem files
 Set<Certificate> blacklisted = new HashSet<>();
 // Assumes the full src is available
-File[] blacklists = {
+File blacklist = new File(System.getProperty("test.src"),
-new File(System.getProperty("test.src"),
+"../../../../make/data/blacklistedcertsconverter/blacklisted.certs.pem");
-"../../../make/data/blacklistedcertsconverter/blacklisted.certs.pem"),
-new File(System.getProperty("test.src"),
-"../../../make/closed/data/blacklistedcertsconverter/blacklisted.certs.pem")
-};
-// Is this an OPENJDK build?
-String prop = System.getProperty("java.runtime.name");
-if (prop != null && prop.startsWith("OpenJDK")) {
-System.out.println("This is a OpenJDK build.");
-blacklists = Arrays.copyOf(blacklists, 1);
-}
 CertificateFactory cf = CertificateFactory.getInstance("X.509");
-for (File blacklist: blacklists) {
+try (FileInputStream fis = new FileInputStream(blacklist)) {
-System.out.print("Check for " + blacklist + ": ");
+Collection<? extends Certificate> certs
-if (!blacklist.exists()) {
+= cf.generateCertificates(fis);
-System.out.println("does not exist");
+System.out.println(certs.size());
-} else {
+for (Certificate c: certs) {
-try (FileInputStream fis = new FileInputStream(blacklist)) {
+blacklisted.add(c);
-Collection<? extends Certificate> certs
+X509Certificate cert = ((X509Certificate)c);
-= cf.generateCertificates(fis);
+if (!UntrustedCertificates.isUntrusted(cert)) {
-System.out.println(certs.size());
+System.out.println(cert.getSubjectDN() + " is trusted");
-for (Certificate c: certs) {
+failed = true;
-blacklisted.add(c);
-X509Certificate cert = ((X509Certificate)c);
-if (!UntrustedCertificates.isUntrusted(cert)) {
-System.out.println(cert.getSubjectDN() + " is trusted");
-failed = true;
-}
-}
 }
 }
 }
 // Check the blacklisted.certs file itself

changeset 52075	40aa2d50d116
parent 51994	7577686cc9bd