Mercurial Mercurial > jdk-sandbox / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
test/jdk/lib/security/cacerts/VerifyCACerts.java
changeset 51400 937fd6b81aaf
parent 51114 990db216e719
child 51455 893c44b263fb
equal deleted inserted replaced
51399:3b1ec9d9da43 51400:937fd6b81aaf 
    22  *
 
    22  *
 
    23  */
 
    23  */
 
    24 
    24 
    25 /**
 
    25 /**
 
    26  * @test
 
    26  * @test
 
    27  * @bug 8189131 8198240 8191844 8189949 8191031 8196141 8204923 8195774 8199779
 
    27  * @bug 8189131 8198240 8191844 8189949 8191031 8196141 8204923 8195774 8199779 8209452
 
    28  * @summary Check root CA entries in cacerts file
 
    28  * @summary Check root CA entries in cacerts file
 
    29  */
 
    29  */
 
    30 import java.io.File;
 
    30 import java.io.File;
 
    31 import java.io.FileInputStream;
 
    31 import java.io.FileInputStream;
 
    32 import java.security.KeyStore;
 
    32 import java.security.KeyStore;
 
   229                     "17:9F:BC:14:8A:3D:D0:0F:D2:4E:A1:34:58:CC:43:BF:A7:F5:9C:81:82:D7:83:A5:13:F6:EB:EC:10:0C:89:24");
 
   229                     "17:9F:BC:14:8A:3D:D0:0F:D2:4E:A1:34:58:CC:43:BF:A7:F5:9C:81:82:D7:83:A5:13:F6:EB:EC:10:0C:89:24");
 
   230         }
 
   230         }
 
   231     };
 
   231     };
 
   232 
   232 
   233     // Exception list to 90 days expiry policy
 
   233     // Exception list to 90 days expiry policy
 
       
   234     // No error will be reported if certificate in this list expires
 
   234     private static final HashSet<String> EXPIRY_EXC_ENTRIES
 
   235     private static final HashSet<String> EXPIRY_EXC_ENTRIES
 
   235             = new HashSet<String>(Arrays.asList(
 
   236             = new HashSet<String>(Arrays.asList(
 
   236                     "gtecybertrustglobalca [jdk]"
 
   237                     "gtecybertrustglobalca [jdk]"
 
   237             ));
 
   238             ));
 
   238 
   239 
   291 
   292 
   292             // Make sure cert is not expired or not yet valid
 
   293             // Make sure cert is not expired or not yet valid
 
   293             try {
 
   294             try {
 
   294                 cert.checkValidity();
 
   295                 cert.checkValidity();
 
   295             } catch (CertificateExpiredException cee) {
 
   296             } catch (CertificateExpiredException cee) {
 
   296                 atLeastOneFailed = true;
 
   297                 if (!EXPIRY_EXC_ENTRIES.contains(alias)) {
 
   297                 System.err.println("ERROR: cert is expired");
 
   298                     atLeastOneFailed = true;
 
       
   299                     System.err.println("ERROR: cert is expired");
 
       
   300                 }
 
   298             } catch (CertificateNotYetValidException cne) {
 
   301             } catch (CertificateNotYetValidException cne) {
 
   299                 atLeastOneFailed = true;
 
   302                 atLeastOneFailed = true;
 
   300                 System.err.println("ERROR: cert is not yet valid");
 
   303                 System.err.println("ERROR: cert is not yet valid");
 
   301             }
 
   304             }
 
   302 
   305
jdk-sandbox