8180570: Refactor sun/security/mscapi shell tests to plain java tests
Reviewed-by: asmotrak
--- a/test/jdk/sun/security/mscapi/KeyStoreCompatibilityMode.java Sun Apr 08 11:32:46 2018 +0800
+++ b/test/jdk/sun/security/mscapi/KeyStoreCompatibilityMode.java Sun Apr 08 17:01:20 2018 +0800
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2005, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -22,8 +22,15 @@
*/
/**
- * @see KeyStoreCompatibilityMode.sh
- */
+ * @test
+ * @bug 6324294 6931562 8180570
+ * @requires os.family == "windows"
+ * @run main KeyStoreCompatibilityMode
+ * @run main/othervm -Dsun.security.mscapi.keyStoreCompatibilityMode=true KeyStoreCompatibilityMode
+ * @run main/othervm -Dsun.security.mscapi.keyStoreCompatibilityMode=false KeyStoreCompatibilityMode -disable
+ * @summary Confirm that a null stream or password is not permitted when
+ * compatibility mode is enabled (and vice versa).
+*/
import java.io.*;
import java.security.Provider;
--- a/test/jdk/sun/security/mscapi/KeyStoreCompatibilityMode.sh Sun Apr 08 11:32:46 2018 +0800
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,66 +0,0 @@
-#!/bin/sh
-
-#
-# Copyright (c) 2005, 2015, Oracle and/or its affiliates. All rights reserved.
-# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
-#
-# This code is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License version 2 only, as
-# published by the Free Software Foundation.
-#
-# This code is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-# version 2 for more details (a copy is included in the LICENSE file that
-# accompanied this code).
-#
-# You should have received a copy of the GNU General Public License version
-# 2 along with this work; if not, write to the Free Software Foundation,
-# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
-#
-# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
-# or visit www.oracle.com if you need additional information or have any
-# questions.
-#
-
-# @test
-# @bug 6324294 6931562
-# @requires os.family == "windows"
-# @run shell KeyStoreCompatibilityMode.sh
-# @summary Confirm that a null stream or password is not permitted when
-# compatibility mode is enabled (and vice versa).
-
-OS=`uname -s`
-case "$OS" in
- Windows* | CYGWIN* )
-
- # 'uname -m' does not give us enough information -
- # should rely on $PROCESSOR_IDENTIFIER (as is done in Defs-windows.gmk),
- # but JTREG does not pass this env variable when executing a shell script.
- #
- # execute test program - rely on it to exit if platform unsupported
-
- ${TESTJAVA}/bin/javac -d . ${TESTSRC}\\KeyStoreCompatibilityMode.java
-
- # mode implicitly enabled
- ${TESTJAVA}/bin/java ${TESTVMOPTS} KeyStoreCompatibilityMode
-
- # mode explicitly enabled
- ${TESTJAVA}/bin/java ${TESTVMOPTS} \
- -Dsun.security.mscapi.keyStoreCompatibilityMode="true" \
- KeyStoreCompatibilityMode
-
- # mode explicitly disabled
- ${TESTJAVA}/bin/java ${TESTVMOPTS} \
- -Dsun.security.mscapi.keyStoreCompatibilityMode="false" \
- KeyStoreCompatibilityMode -disable
-
- exit
- ;;
-
- * )
- echo "This test is not intended for '$OS' - passing test"
- exit 0
- ;;
-esac
-
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/test/jdk/sun/security/mscapi/KeytoolChangeAlias.java Sun Apr 08 17:01:20 2018 +0800
@@ -0,0 +1,76 @@
+/*
+ * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import jdk.test.lib.SecurityTools;
+
+import java.security.KeyStore;
+
+/*
+ * @test
+ * @bug 6415696 6931562 8180570
+ * @requires os.family == "windows"
+ * @library /test/lib
+ * @library /test/jdk/java/security/testlibrary
+ * @summary Test "keytool -changealias" using the Microsoft CryptoAPI provider.
+ */
+public class KeytoolChangeAlias {
+ public static void main(String[] args) throws Exception {
+
+ KeyStore ks = KeyStore.getInstance("Windows-MY");
+ ks.load(null, null);
+
+ try {
+ ks.setCertificateEntry("246810", CertUtils.getCertFromFile("246810.cer"));
+
+ if (ks.containsAlias("13579")) {
+ ks.deleteEntry("13579");
+ }
+
+ int before = ks.size();
+
+ ks.store(null, null); // no-op, but let's do it before a keytool command
+
+ SecurityTools.keytool("-changealias",
+ "-storetype", "Windows-My",
+ "-alias", "246810",
+ "-destalias", "13579").shouldHaveExitValue(0);
+
+ ks.load(null, null);
+
+ if (ks.size() != before) {
+ throw new Exception("error: unexpected number of entries in the "
+ + "Windows-MY store. Before: " + before
+ + ". After: " + ks.size());
+ }
+
+ if (!ks.containsAlias("13579")) {
+ throw new Exception("error: cannot find the new alias name"
+ + " in the Windows-MY store");
+ }
+ } finally {
+ ks.deleteEntry("13579");
+ ks.deleteEntry("246810");
+ ks.store(null, null);
+ }
+ }
+}
--- a/test/jdk/sun/security/mscapi/KeytoolChangeAlias.sh Sun Apr 08 11:32:46 2018 +0800
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,135 +0,0 @@
-#!/bin/sh
-
-#
-# Copyright (c) 2006, 2015, Oracle and/or its affiliates. All rights reserved.
-# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
-#
-# This code is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License version 2 only, as
-# published by the Free Software Foundation.
-#
-# This code is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-# version 2 for more details (a copy is included in the LICENSE file that
-# accompanied this code).
-#
-# You should have received a copy of the GNU General Public License version
-# 2 along with this work; if not, write to the Free Software Foundation,
-# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
-#
-# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
-# or visit www.oracle.com if you need additional information or have any
-# questions.
-#
-
-
-# @test
-# @bug 6415696 6931562
-# @requires os.family == "windows"
-# @run shell KeytoolChangeAlias.sh
-# @summary Test "keytool -changealias" using the Microsoft CryptoAPI provider.
-
-# set a few environment variables so that the shell-script can run stand-alone
-# in the source directory
-if [ "${TESTSRC}" = "" ] ; then
- TESTSRC="."
-fi
-
-if [ "${TESTCLASSES}" = "" ] ; then
- TESTCLASSES="."
-fi
-
-if [ "${TESTJAVA}" = "" ] ; then
- echo "TESTJAVA not set. Test cannot execute."
- echo "FAILED!!!"
- exit 1
-fi
-
-OS=`uname -s`
-case "$OS" in
- Windows* | CYGWIN* )
-
- # 'uname -m' does not give us enough information -
- # should rely on $PROCESSOR_IDENTIFIER (as is done in Defs-windows.gmk),
- # but JTREG does not pass this env variable when executing a shell script.
- #
- # execute test program - rely on it to exit if platform unsupported
-
- echo "Creating the alias '246810' in the Windows-My store..."
- ${TESTJAVA}/bin/keytool ${TESTTOOLVMOPTS} \
- -import \
- -storetype Windows-My \
- -file ${TESTSRC}/246810.cer \
- -alias 246810 \
- -noprompt
-
- if [ $? -ne 0 ] ; then
- exit $?
- fi
-
- echo "Removing the alias '13579', if it is already present..."
- ${TESTJAVA}/bin/keytool ${TESTTOOLVMOPTS} \
- -list \
- -storetype Windows-My \
- -alias 13579 > /dev/null 2>&1
-
- if [ $? ] ; then
- ${TESTJAVA}/bin/keytool ${TESTTOOLVMOPTS} \
- -delete \
- -storetype Windows-My \
- -alias 13579 \
- -noprompt
- fi
-
- echo "Counting the entries in the store..."
- count=`${TESTJAVA}/bin/keytool ${TESTTOOLVMOPTS} -list -storetype Windows-My | wc -l`
- before=$count
-
- echo "Changing the alias name from '246810' to '13579'..."
-
- ${TESTJAVA}/bin/keytool ${TESTTOOLVMOPTS} \
- -changealias \
- -storetype Windows-My \
- -alias 246810 \
- -destalias 13579
-
- if [ $? -ne 0 ] ; then
- exit $?
- fi
-
- echo "Re-counting the entries in the store..."
- count=`${TESTJAVA}/bin/keytool ${TESTTOOLVMOPTS} -list -storetype Windows-My | wc -l`
- after=$count
-
- if [ ! $before = $after ]; then
- echo "error: unexpected number of entries in the Windows-MY store"
- exit 101
- fi
-
- echo "Confirming that the new alias is present..."
- ${TESTJAVA}/bin/keytool ${TESTTOOLVMOPTS} \
- -list \
- -storetype Windows-My \
- -alias 13579 > /dev/null 2>&1
-
- if [ $? -ne 0 ] ; then
- echo "error: cannot find the new alias name in the Windows-MY store"
- exit 102
- fi
-
- echo "Removing the new alias '13579'..."
- ${TESTJAVA}/bin/keytool ${TESTTOOLVMOPTS} \
- -delete \
- -storetype Windows-My \
- -alias 13579 > /dev/null 2>&1
-
- echo done.
- exit 0
- ;;
-
- * )
- echo "This test is not intended for '$OS' - passing test"
- exit 0
- ;;
-esac
--- a/test/jdk/sun/security/mscapi/PublicKeyInterop.java Sun Apr 08 11:32:46 2018 +0800
+++ b/test/jdk/sun/security/mscapi/PublicKeyInterop.java Sun Apr 08 17:01:20 2018 +0800
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2011, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -22,13 +22,19 @@
*/
/**
- * @see PublicKeyInterop.sh
+ * @test
+ * @bug 6888925 8180570
+ * @summary SunMSCAPI's Cipher can't use RSA public keys obtained from other sources.
+ * @requires os.family == "windows"
+ * @library /test/lib
+ * @modules java.base/sun.security.util
*/
import java.security.*;
import java.util.*;
import javax.crypto.*;
+import jdk.test.lib.SecurityTools;
import sun.security.util.HexDumpEncoder;
/*
@@ -38,12 +44,31 @@
public class PublicKeyInterop {
public static void main(String[] arg) throws Exception {
+
+ SecurityTools.keytool("-genkeypair",
+ "-storetype", "Windows-My",
+ "-keyalg", "RSA",
+ "-alias", "6888925",
+ "-dname", "cn=6888925,c=US",
+ "-noprompt").shouldHaveExitValue(0);
+
+ try {
+ run();
+ } finally {
+ KeyStore ks = KeyStore.getInstance("Windows-MY");
+ ks.load(null, null);
+ ks.deleteEntry("6888925");
+ ks.store(null, null);
+ }
+ }
+
+ static void run() throws Exception {
+
KeyStore ks = KeyStore.getInstance("Windows-MY");
ks.load(null, null);
System.out.println("Loaded keystore: Windows-MY");
- PublicKey myPuKey =
- (PublicKey) ks.getCertificate("6888925").getPublicKey();
+ PublicKey myPuKey = ks.getCertificate("6888925").getPublicKey();
System.out.println("Public key is a " + myPuKey.getClass().getName());
PrivateKey myPrKey = (PrivateKey) ks.getKey("6888925", null);
System.out.println("Private key is a " + myPrKey.getClass().getName());
--- a/test/jdk/sun/security/mscapi/PublicKeyInterop.sh Sun Apr 08 11:32:46 2018 +0800
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,87 +0,0 @@
-#!/bin/sh
-
-#
-# Copyright (c) 2011, 2015, Oracle and/or its affiliates. All rights reserved.
-# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
-#
-# This code is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License version 2 only, as
-# published by the Free Software Foundation.
-#
-# This code is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-# version 2 for more details (a copy is included in the LICENSE file that
-# accompanied this code).
-#
-# You should have received a copy of the GNU General Public License version
-# 2 along with this work; if not, write to the Free Software Foundation,
-# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
-#
-# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
-# or visit www.oracle.com if you need additional information or have any
-# questions.
-#
-
-# @test
-# @bug 6888925
-# @requires os.family == "windows"
-# @run shell PublicKeyInterop.sh
-# @summary SunMSCAPI's Cipher can't use RSA public keys obtained from other
-# sources.
-#
-
-# set a few environment variables so that the shell-script can run stand-alone
-# in the source directory
-if [ "${TESTSRC}" = "" ] ; then
- TESTSRC="."
-fi
-
-if [ "${TESTCLASSES}" = "" ] ; then
- TESTCLASSES="."
-fi
-
-if [ "${TESTJAVA}" = "" ] ; then
- echo "TESTJAVA not set. Test cannot execute."
- echo "FAILED!!!"
- exit 1
-fi
-
-OS=`uname -s`
-case "$OS" in
- Windows* | CYGWIN* )
-
- echo "Creating a temporary RSA keypair in the Windows-My store..."
- ${TESTJAVA}/bin/keytool ${TESTTOOLVMOPTS} \
- -genkeypair \
- -storetype Windows-My \
- -keyalg RSA \
- -alias 6888925 \
- -dname "cn=6888925,c=US" \
- -noprompt
-
- echo
- echo "Running the test..."
- ${TESTJAVA}/bin/javac --add-exports java.base/sun.security.util=ALL-UNNAMED \
- ${TESTTOOLVMOPTS} ${TESTJAVACOPTS} -d . ${TESTSRC}\\PublicKeyInterop.java
- ${TESTJAVA}/bin/java --add-exports java.base/sun.security.util=ALL-UNNAMED \
- ${TESTVMOPTS} PublicKeyInterop
-
- rc=$?
-
- echo
- echo "Removing the temporary RSA keypair from the Windows-My store..."
- ${TESTJAVA}/bin/keytool ${TESTTOOLVMOPTS} \
- -delete \
- -storetype Windows-My \
- -alias 6888925
-
- echo done.
- exit $rc
- ;;
-
- * )
- echo "This test is not intended for '$OS' - passing test"
- exit 0
- ;;
-esac
--- a/test/jdk/sun/security/mscapi/RSAEncryptDecrypt.java Sun Apr 08 11:32:46 2018 +0800
+++ b/test/jdk/sun/security/mscapi/RSAEncryptDecrypt.java Sun Apr 08 17:01:20 2018 +0800
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2006, 2007, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2006, 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -23,7 +23,12 @@
/**
- * @see RSAEncryptDecrypt.sh
+ * @test
+ * @bug 6457422 6931562 8180570
+ * @summary Confirm that plaintext can be encrypted and then decrypted using the
+ * RSA cipher in the SunMSCAPI crypto provider. NOTE: The RSA cipher is
+ * absent from the SunMSCAPI provider in OpenJDK builds.
+ * @requires os.family == "windows"
*/
import javax.crypto.Cipher;
--- a/test/jdk/sun/security/mscapi/RSAEncryptDecrypt.sh Sun Apr 08 11:32:46 2018 +0800
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,83 +0,0 @@
-#!/bin/sh
-
-#
-# Copyright (c) 2006, 2015, Oracle and/or its affiliates. All rights reserved.
-# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
-#
-# This code is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License version 2 only, as
-# published by the Free Software Foundation.
-#
-# This code is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-# version 2 for more details (a copy is included in the LICENSE file that
-# accompanied this code).
-#
-# You should have received a copy of the GNU General Public License version
-# 2 along with this work; if not, write to the Free Software Foundation,
-# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
-#
-# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
-# or visit www.oracle.com if you need additional information or have any
-# questions.
-#
-
-# @test
-# @bug 6457422 6931562
-# @requires os.family == "windows"
-# @run shell RSAEncryptDecrypt.sh
-# @summary Confirm that plaintext can be encrypted and then decrypted using the
-# RSA cipher in the SunMSCAPI crypto provider. NOTE: The RSA cipher is
-# absent from the SunMSCAPI provider in OpenJDK builds.
-
-# set a few environment variables so that the shell-script can run stand-alone
-# in the source directory
-if [ "${TESTSRC}" = "" ] ; then
- TESTSRC="."
-fi
-
-if [ "${TESTCLASSES}" = "" ] ; then
- TESTCLASSES="."
-fi
-
-if [ "${TESTJAVA}" = "" ] ; then
- echo "TESTJAVA not set. Test cannot execute."
- echo "FAILED!!!"
- exit 1
-fi
-
-
-OS=`uname -s`
-case "$OS" in
- Windows* | CYGWIN* )
-
- #
- # Workaround for 6449799
- #
- if [ "${SystemDrive}" = "" ]; then
- SystemRoot="`dosname "${SystemRoot}"`"
- export SystemRoot
- SystemDrive="`echo ${SystemRoot} | cut -d'/' -f1`"
- export SystemDrive
- fi
-
- # 'uname -m' does not give us enough information -
- # should rely on $PROCESSOR_IDENTIFIER (as is done in
- # Defs-windows.gmk), but JTREG does not pass this env variable
- # when executing a shell script.
- #
- # execute test program - rely on it to exit if platform
- # unsupported
-
- ${TESTJAVA}/bin/javac -d . ${TESTSRC}\\RSAEncryptDecrypt.java
- ${TESTJAVA}/bin/java ${TESTVMOPTS} RSAEncryptDecrypt
- exit
- ;;
-
- * )
- echo "This test is not intended for '$OS' - passing test"
- exit 0
- ;;
-esac
-
--- a/test/jdk/sun/security/mscapi/ShortRSAKey1024.sh Sun Apr 08 11:32:46 2018 +0800
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,116 +0,0 @@
-#!/bin/sh
-
-#
-# Copyright (c) 2012, 2018, Oracle and/or its affiliates. All rights reserved.
-# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
-#
-# This code is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License version 2 only, as
-# published by the Free Software Foundation.
-#
-# This code is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-# version 2 for more details (a copy is included in the LICENSE file that
-# accompanied this code).
-#
-# You should have received a copy of the GNU General Public License version
-# 2 along with this work; if not, write to the Free Software Foundation,
-# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
-#
-# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
-# or visit www.oracle.com if you need additional information or have any
-# questions.
-#
-
-
-# @test
-# @bug 7106773
-# @summary 512 bits RSA key cannot work with SHA384 and SHA512
-# @requires os.family == "windows"
-# @run shell ShortRSAKey1024.sh 1024
-# @run shell ShortRSAKey1024.sh 768
-# @run shell ShortRSAKey1024.sh 512
-
-# set a few environment variables so that the shell-script can run stand-alone
-# in the source directory
-if [ "${TESTSRC}" = "" ] ; then
- TESTSRC="."
-fi
-
-if [ "${TESTCLASSES}" = "" ] ; then
- TESTCLASSES="."
-fi
-
-if [ "${TESTJAVA}" = "" ] ; then
- echo "TESTJAVA not set. Test cannot execute."
- echo "FAILED!!!"
- exit 1
-fi
-
-OS=`uname -s`
-case "$OS" in
- AIX | CYGWIN* | Darwin | Linux | SunOS )
- FS="/"
- ;;
- Windows_* )
- FS="\\"
- ;;
-esac
-
-BITS=$1
-
-case "$OS" in
- Windows* | CYGWIN* )
-
- echo "Removing the keypair if it already exists (for unknown reason)..."
- ${TESTJAVA}${FS}bin${FS}keytool ${TESTTOOLVMOPTS} \
- -delete \
- -storetype Windows-My \
- -debug \
- -alias 7106773.$BITS
-
- echo "Creating a temporary RSA keypair in the Windows-My store..."
- ${TESTJAVA}${FS}bin${FS}keytool ${TESTTOOLVMOPTS} \
- -genkeypair \
- -storetype Windows-My \
- -keyalg RSA \
- -alias 7106773.$BITS \
- -keysize $BITS \
- -dname "cn=localhost,c=US" \
- -debug \
- -noprompt
-
- if [ "$?" -ne "0" ]; then
- echo "Unable to generate key pair in Windows-My keystore"
- exit 1
- fi
-
- echo
- echo "Running the test..."
- ${TESTJAVA}${FS}bin${FS}javac --add-exports java.base/sun.security.util=ALL-UNNAMED \
- ${TESTTOOLVMOPTS} ${TESTJAVACOPTS} -d . \
- ${TESTSRC}${FS}ShortRSAKeyWithinTLS.java
- ${TESTJAVA}${FS}bin${FS}java --add-exports java.base/sun.security.util=ALL-UNNAMED \
- ${TESTVMOPTS} ShortRSAKeyWithinTLS 7106773.$BITS $BITS \
- TLSv1.2 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
-
- rc=$?
-
- echo
- echo "Removing the temporary RSA keypair from the Windows-My store..."
- ${TESTJAVA}${FS}bin${FS}keytool ${TESTTOOLVMOPTS} \
- -delete \
- -storetype Windows-My \
- -debug \
- -alias 7106773.$BITS
-
- echo "Done".
- exit $rc
- ;;
-
- * )
- echo "This test is not intended for '$OS' - passing test"
- exit 0
- ;;
-esac
--- a/test/jdk/sun/security/mscapi/ShortRSAKeyWithinTLS.java Sun Apr 08 11:32:46 2018 +0800
+++ b/test/jdk/sun/security/mscapi/ShortRSAKeyWithinTLS.java Sun Apr 08 17:01:20 2018 +0800
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2012, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -21,15 +21,30 @@
* questions.
*/
+/*
+ * @test
+ * @bug 7106773 8180570
+ * @summary 512 bits RSA key cannot work with SHA384 and SHA512
+ * @requires os.family == "windows"
+ * @modules java.base/sun.security.util
+ * java.base/sun.security.tools.keytool
+ * java.base/sun.security.x509
+ * @run main ShortRSAKeyWithinTLS 1024
+ * @run main ShortRSAKeyWithinTLS 768
+ * @run main ShortRSAKeyWithinTLS 512
+ */
import java.io.*;
import java.net.*;
+import java.security.cert.Certificate;
import java.util.*;
import java.security.*;
import java.security.cert.*;
import javax.net.*;
import javax.net.ssl.*;
+import sun.security.tools.keytool.CertAndKeyGen;
import sun.security.util.KeyUtil;
+import sun.security.x509.X500Name;
public class ShortRSAKeyWithinTLS {
@@ -217,28 +232,37 @@
private static String clientProtocol = null;
private static String clientCiperSuite = null;
- private static void parseArguments(String[] args) {
- keyAlias = args[0];
- keySize = Integer.parseInt(args[1]);
-
- if (args.length > 2) {
- clientProtocol = args[2];
- }
-
- if (args.length > 3) {
- clientCiperSuite = args[3];
- }
- }
-
public static void main(String[] args) throws Exception {
if (debug) {
System.setProperty("javax.net.debug", "all");
}
- // Get the customized arguments.
- parseArguments(args);
+ keyAlias = "7106773." + args[0];
+ keySize = Integer.parseInt(args[0]);
+
+ KeyStore ks = KeyStore.getInstance("Windows-MY");
+ ks.load(null, null);
+ if (ks.containsAlias(keyAlias)) {
+ ks.deleteEntry(keyAlias);
+ }
+
+ CertAndKeyGen gen = new CertAndKeyGen("RSA", "SHA256withRSA");
+ gen.generate(keySize);
- new ShortRSAKeyWithinTLS();
+ ks.setKeyEntry(keyAlias, gen.getPrivateKey(), null,
+ new Certificate[] {
+ gen.getSelfCertificate(new X500Name("cn=localhost,c=US"), 100)
+ });
+
+ clientProtocol = "TLSv1.2";
+ clientCiperSuite = "TLS_DHE_RSA_WITH_AES_128_CBC_SHA";
+
+ try {
+ new ShortRSAKeyWithinTLS();
+ } finally {
+ ks.deleteEntry(keyAlias);
+ ks.store(null, null);
+ }
}
Thread clientThread = null;
--- a/test/jdk/sun/security/mscapi/SignUsingSHA2withRSA.java Sun Apr 08 11:32:46 2018 +0800
+++ b/test/jdk/sun/security/mscapi/SignUsingSHA2withRSA.java Sun Apr 08 17:01:20 2018 +0800
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2011, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -22,10 +22,19 @@
*/
/**
- * @see SignUsingSHA2withRSA.sh
+ * @test
+ * @bug 6753664 8180570
+ * @summary Support SHA256 (and higher) in SunMSCAPI
+ * @requires os.family == "windows"
+ * @modules java.base/sun.security.tools.keytool
+ * java.base/sun.security.x509
*/
+import sun.security.tools.keytool.CertAndKeyGen;
+import sun.security.x509.X500Name;
+
import java.security.*;
+import java.security.cert.Certificate;
import java.util.*;
public class SignUsingSHA2withRSA {
@@ -37,6 +46,29 @@
private static List<byte[]> generatedSignatures = new ArrayList<>();
public static void main(String[] args) throws Exception {
+ KeyStore ks = KeyStore.getInstance("Windows-MY");
+ ks.load(null, null);
+ if (ks.containsAlias("6753664")) {
+ ks.deleteEntry("6753664");
+ }
+
+ CertAndKeyGen gen = new CertAndKeyGen("RSA", "SHA256withRSA");
+ gen.generate(2048);
+
+ ks.setKeyEntry("6753664", gen.getPrivateKey(), null,
+ new Certificate[] {
+ gen.getSelfCertificate(new X500Name("cn=localhost,c=US"), 100)
+ });
+
+ try {
+ run();
+ } finally {
+ ks.deleteEntry("6753664");
+ ks.store(null, null);
+ }
+ }
+
+ static void run() throws Exception {
Provider[] providers = Security.getProviders("Signature.SHA256withRSA");
if (providers == null) {
--- a/test/jdk/sun/security/mscapi/SignUsingSHA2withRSA.sh Sun Apr 08 11:32:46 2018 +0800
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,84 +0,0 @@
-#!/bin/sh
-
-#
-# Copyright (c) 2011, 2016, Oracle and/or its affiliates. All rights reserved.
-# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
-#
-# This code is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License version 2 only, as
-# published by the Free Software Foundation.
-#
-# This code is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-# version 2 for more details (a copy is included in the LICENSE file that
-# accompanied this code).
-#
-# You should have received a copy of the GNU General Public License version
-# 2 along with this work; if not, write to the Free Software Foundation,
-# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
-#
-# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
-# or visit www.oracle.com if you need additional information or have any
-# questions.
-#
-
-
-# @test
-# @bug 6753664
-# @requires os.family == "windows"
-# @run shell SignUsingSHA2withRSA.sh
-# @summary Support SHA256 (and higher) in SunMSCAPI
-
-# set a few environment variables so that the shell-script can run stand-alone
-# in the source directory
-if [ "${TESTSRC}" = "" ] ; then
- TESTSRC="."
-fi
-
-if [ "${TESTCLASSES}" = "" ] ; then
- TESTCLASSES="."
-fi
-
-if [ "${TESTJAVA}" = "" ] ; then
- echo "TESTJAVA not set. Test cannot execute."
- echo "FAILED!!!"
- exit 1
-fi
-
-OS=`uname -s`
-case "$OS" in
- Windows* | CYGWIN* )
-
- echo "Creating a temporary RSA keypair in the Windows-My store..."
- ${TESTJAVA}/bin/keytool \
- -genkeypair \
- -storetype Windows-My \
- -keyalg RSA \
- -alias 6753664 \
- -dname "cn=6753664,c=US" \
- -noprompt
-
- echo
- echo "Running the test..."
- ${TESTJAVA}/bin/javac -d . ${TESTSRC}\\SignUsingSHA2withRSA.java
- ${TESTJAVA}/bin/java ${TESTVMOPTS} SignUsingSHA2withRSA
-
- rc=$?
-
- echo
- echo "Removing the temporary RSA keypair from the Windows-My store..."
- ${TESTJAVA}/bin/keytool \
- -delete \
- -storetype Windows-My \
- -alias 6753664
-
- echo done.
- exit $rc
- ;;
-
- * )
- echo "This test is not intended for '$OS' - passing test"
- exit 0
- ;;
-esac
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/test/jdk/sun/security/mscapi/nonUniqueAliases/NonUniqueAliases.java Sun Apr 08 17:01:20 2018 +0800
@@ -0,0 +1,93 @@
+/*
+ * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @ignore Uses certutil.exe that isn't guaranteed to be installed
+ * @bug 6483657 8154113
+ * @requires os.family == "windows"
+ * @library /test/lib
+ * @summary Test "keytool -list" displays correctly same named certificates
+ */
+
+import jdk.test.lib.process.ProcessTools;
+
+import java.security.KeyStore;
+import java.util.Collections;
+
+public class NonUniqueAliases {
+ public static void main(String[] args) throws Throwable {
+
+ try {
+ String testSrc = System.getProperty("test.src", ".");
+
+ // removing the alias NonUniqueName if it already exists
+ ProcessTools.executeCommand("certutil", "-user", "-delstore", "MY",
+ "NonUniqueName");
+
+ // Importing 1st certificate into MY keystore using certutil tool
+ ProcessTools.executeCommand("certutil", "-user", "-addstore", "MY",
+ testSrc + "/nonUniq1.pem");
+
+ // Importing 2nd certificate into MY keystore using certutil tool
+ ProcessTools.executeCommand("certutil", "-user", "-addstore", "MY",
+ testSrc + "/nonUniq2.pem");
+
+ // Now we have 2
+ checkCount(1, 1);
+
+ ProcessTools.executeCommand("certutil", "-user", "-delstore", "MY",
+ "NonUniqueName");
+
+ // Now we have 2
+ checkCount(0, 0);
+ } finally {
+ ProcessTools.executeCommand("certutil", "-user", "-delstore", "MY",
+ "NonUniqueName");
+ }
+ }
+
+ static void checkCount(int c0, int c1) throws Exception {
+
+ KeyStore ks = KeyStore.getInstance("Windows-MY");
+ ks.load(null, null);
+
+ int count0 = 0, count1 = 0;
+ for (String alias : Collections.list(ks.aliases())) {
+ if (alias.equals("NonUniqueName")) {
+ count0++;
+ }
+ if (alias.equals("NonUniqueName (1)")) {
+ count1++;
+ }
+ }
+ if (count0 != c0) {
+ throw new Exception("error: unexpected number of entries ("
+ + count0 + ") in the Windows-MY store");
+ }
+ if (count1 != c1) {
+ throw new Exception("error: unexpected number of entries ("
+ + count1 + ") in the Windows-MY store");
+ }
+ }
+}
--- a/test/jdk/sun/security/mscapi/nonUniqueAliases/NonUniqueAliases.sh Sun Apr 08 11:32:46 2018 +0800
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,100 +0,0 @@
-#!/bin/sh
-
-#
-# Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
-# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
-#
-# This code is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License version 2 only, as
-# published by the Free Software Foundation.
-#
-# This code is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-# version 2 for more details (a copy is included in the LICENSE file that
-# accompanied this code).
-#
-# You should have received a copy of the GNU General Public License version
-# 2 along with this work; if not, write to the Free Software Foundation,
-# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
-#
-# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
-# or visit www.oracle.com if you need additional information or have any
-# questions.
-#
-
-
-# @test
-# @ignore Uses certutil.exe that isn't guaranteed to be installed
-# @bug 6483657
-# @requires os.family == "windows"
-# @run shell NonUniqueAliases.sh
-# @summary Test "keytool -list" displays correcly same named certificates
-
-# set a few environment variables so that the shell-script can run stand-alone
-# in the source directory
-if [ "${TESTSRC}" = "" ] ; then
- TESTSRC="."
-fi
-
-if [ "${TESTCLASSES}" = "" ] ; then
- TESTCLASSES="."
-fi
-
-if [ "${TESTJAVA}" = "" ] ; then
- echo "TESTJAVA not set. Test cannot execute."
- echo "FAILED!!!"
- exit 1
-fi
-
-OS=`uname -s`
-case "$OS" in
- Windows* | CYGWIN* )
-
- # 'uname -m' does not give us enough information -
- # should rely on $PROCESSOR_IDENTIFIER (as is done in Defs-windows.gmk),
- # but JTREG does not pass this env variable when executing a shell script.
- #
- # execute test program - rely on it to exit if platform unsupported
-
- echo "removing the alias NonUniqueName if it already exists"
- certutil -user -delstore MY NonUniqueName
-
- echo "Importing 1st certificate into MY keystore using certutil tool"
- certutil -user -addstore MY ${TESTSRC}/nonUniq1.pem
-
- echo "Importing 2nd certificate into MY keystore using certutil tool"
- certutil -user -addstore MY ${TESTSRC}/nonUniq2.pem
-
- echo "Listing certificates with keytool"
- ${TESTJAVA}/bin/keytool ${TESTTOOLVMOPTS} -list -storetype Windows-My
-
- echo "Counting expected entries"
- count0=`${TESTJAVA}/bin/keytool ${TESTTOOLVMOPTS} -list -storetype Windows-My | grep 'NonUniqueName,' | wc -l`
-
- if [ ! $count0 = 1 ]; then
- echo "error: unexpected number of entries ($count0) in the Windows-MY store"
- certutil -user -delstore MY NonUniqueName
- exit 115
- fi
-
- echo "Counting expected entries"
- count1=`${TESTJAVA}/bin/keytool ${TESTTOOLVMOPTS} -list -storetype Windows-My | grep 'NonUniqueName (1),' | wc -l`
-
- if [ ! $count1 = 1 ]; then
- echo "error: unexpected number of entries ($count1) in the Windows-MY store"
- certutil -user -delstore MY NonUniqueName
- exit 116
- fi
-
- echo "Cleaning up"
- certutil -user -delstore MY NonUniqueName
-
- exit 0
- ;;
-
- * )
- echo "This test is not intended for '$OS' - passing test"
- exit 0
- ;;
-esac
--- a/test/lib/jdk/test/lib/SecurityTools.java Sun Apr 08 11:32:46 2018 +0800
+++ b/test/lib/jdk/test/lib/SecurityTools.java Sun Apr 08 17:01:20 2018 +0800
@@ -43,8 +43,10 @@
private static ProcessBuilder getProcessBuilder(String tool, List<String> args) {
JDKToolLauncher launcher = JDKToolLauncher.createUsingTestJDK(tool)
.addVMArg("-Duser.language=en")
- .addVMArg("-Duser.country=US")
- .addVMArg("-Djava.security.egd=file:/dev/./urandom");
+ .addVMArg("-Duser.country=US");
+ if (!Platform.isWindows()) {
+ launcher.addVMArg("-Djava.security.egd=file:/dev/./urandom");
+ }
for (String arg : args) {
if (arg.startsWith("-J")) {
launcher.addVMArg(arg.substring(2));