jdk-sandbox: jdk/test/javax/xml/crypto/dsig/SecureValidationPolicy.java@6aa4e0cafe2e (annotated)

40551 05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	1	/*
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	2	* Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	4	*
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	7	* published by the Free Software Foundation.
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	8	*
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	9	* This code is distributed in the hope that it will be useful, but WITHOUT
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	10	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	11	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	12	* version 2 for more details (a copy is included in the LICENSE file that
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	13	* accompanied this code).
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	14	*
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	15	* You should have received a copy of the GNU General Public License version
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	16	* 2 along with this work; if not, write to the Free Software Foundation,
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	17	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	18	*
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	19	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	20	* or visit www.oracle.com if you need additional information or have any
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	21	* questions.
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	22	*/
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	23
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	24	/**
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	25	* @test
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	26	* @bug 8151893
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	27	* @summary Tests for the jdk.xml.dsig.secureValidationPolicy security property
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	28	* @modules java.xml.crypto/org.jcp.xml.dsig.internal.dom
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	29	*/
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	30
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	31	import java.security.Security;
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	32	import java.util.List;
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	33	import org.jcp.xml.dsig.internal.dom.Policy;
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	34
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	35	public class SecureValidationPolicy {
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	36
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	37	public static void main(String[] args) throws Exception {
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	38
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	39	List<String> restrictedSchemes = List.of("file:/tmp/foo",
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	40	"http://java.com", "https://java.com");
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	41	List<String> restrictedAlgs = List.of(
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	42	"http://www.w3.org/TR/1999/REC-xslt-19991116",
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	43	"http://www.w3.org/2001/04/xmldsig-more#rsa-md5",
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	44	"http://www.w3.org/2001/04/xmldsig-more#hmac-md5",
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	45	"http://www.w3.org/2001/04/xmldsig-more#md5");
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	46
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	47	// Test expected defaults
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	48	System.out.println("Testing defaults");
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	49	if (!Policy.restrictNumTransforms(6)) {
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	50	throw new Exception("maxTransforms not enforced");
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	51	}
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	52	if (!Policy.restrictNumReferences(31)) {
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	53	throw new Exception("maxReferences not enforced");
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	54	}
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	55	for (String scheme : restrictedSchemes) {
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	56	if (!Policy.restrictReferenceUriScheme(scheme)) {
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	57	throw new Exception(scheme + " scheme not restricted");
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	58	}
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	59	}
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	60	for (String alg : restrictedAlgs) {
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	61	if (!Policy.restrictAlg(alg)) {
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	62	throw new Exception(alg + " alg not restricted");
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	63	}
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	64	}
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	65	if (!Policy.restrictDuplicateIds()) {
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	66	throw new Exception("noDuplicateIds not enforced");
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	67	}
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	68	if (!Policy.restrictRetrievalMethodLoops()) {
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	69	throw new Exception("noRetrievalMethodLoops not enforced");
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	70	}
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	71	}
05eba5515cbb 8151893: Add security property to configure XML Signature secure validation mode mullan parents: diff changeset	72	}

author	lana
	Thu, 11 May 2017 18:11:13 +0000
changeset 45111	6aa4e0cafe2e
parent 40551	05eba5515cbb
permissions	-rw-r--r--