Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

8180571: Refactor sun/security/pkcs11 shell tests to plain java tests and fix failures #4092

Closed
wants to merge 6 commits into from
Closed
Changes from 5 commits
Commits
File filter
Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
@@ -675,7 +675,7 @@ javax/net/ssl/DTLS/CipherSuite.java 8202059 macosx-x

sun/security/provider/KeyStore/DKSTest.sh 8180266 windows-all

sun/security/pkcs11/KeyStore/SecretKeysBasic.sh 8209398 generic-all
sun/security/pkcs11/KeyStore/SecretKeysBasic.java 8209398 generic-all

security/infra/java/security/cert/CertPathValidator/certification/ActalisCA.java 8224768 generic-all
security/infra/java/security/cert/CertPathValidator/certification/BuypassCA.java 8243543 generic-all
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2017, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2017, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -21,17 +21,36 @@
* questions.
*/

/* @test
* @bug 8187023
This conversation was marked as resolved by fguallini

This comment has been minimized.

@sisahoo

sisahoo May 27, 2021
Member

Should it have the enhancement bug id too.

This comment has been minimized.

@fguallini

fguallini May 27, 2021
Author Contributor

My understanding is that we should only include the id of product bugs, no test enhancements. That was a comment somebody added in a previous PR. The reason is that you can track changes in the test file with git history, whereas it is only possible to track the related product bug id by adding it manually to the class header

* @summary Pkcs11 config file should be assumed in ISO-8859-1
* @library /test/lib
* @run testng/othervm ReadConfInUTF16Env
*/

import jdk.test.lib.process.ProcessTools;
import org.testng.annotations.Test;

import java.security.Provider;
import java.security.Security;

public class ReadConfInUTF16Env {
public static void main(String argv[]) {
Provider p = Security.getProvider("SunPKCS11");
if (p == null) {
System.out.println("Skipping test - no PKCS11 provider available");
return;
}

System.out.println(p.getName());
@Test
public void testReadConfInUTF16Env() throws Exception {
String[] testCommand = new String[] { "-Dfile.encoding=UTF-16",
TestSunPKCS11Provider.class.getName()};
ProcessTools.executeTestJvm(testCommand).shouldHaveExitValue(0);
}

static class TestSunPKCS11Provider {
public static void main(String[] args) throws Exception {
Provider p = Security.getProvider("SunPKCS11");
if (p == null) {
System.out.println("Skipping test - no PKCS11 provider available");
return;
}
System.out.println(p.getName());
}
}
}

This file was deleted.

@@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -21,19 +21,30 @@
* questions.
*/

/* @test
* @bug 4938185
* @summary KeyStore support for NSS cert/key databases
* To run manually:
* set environment variable:
* <token> [activcard|ibutton|nss|sca1000]
* <command> [list|basic]
*
* Note:
* . 'list' lists the token aliases
* . 'basic' does not run with activcard,
* @library /test/lib ..
* @run testng/othervm Basic
*/

import java.io.*;
import java.nio.file.Path;
import java.util.*;

import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.KeyPair;
import java.security.SecureRandom;
import java.security.AuthProvider;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.ProviderException;
import java.security.Signature;
import java.security.Security;

@@ -44,17 +55,18 @@
import javax.crypto.SecretKey;

import javax.security.auth.Subject;
import javax.security.auth.login.LoginException;

import com.sun.security.auth.module.*;
import com.sun.security.auth.callback.*;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;


public class Basic extends PKCS11Test {

private static final char SEP = File.separatorChar;

private static String DIR = System.getProperty("DIR");
private static final Path TEST_DATA_PATH = Path.of(BASE)
.resolve("BasicData");
private static final String DIR = TEST_DATA_PATH.toString();
private static char[] tokenPwd;
private static final char[] ibuttonPwd =
new char[0];
@@ -88,6 +100,22 @@
private static final String KS_TYPE = "PKCS11";
private static Provider provider;

@BeforeClass
public void setUp() throws Exception {
copyNssCertKeyToClassesDir();
setCommonSystemProps();
System.setProperty("CUSTOM_P11_CONFIG",
TEST_DATA_PATH.resolve("p11-nss.txt").toString());
System.setProperty("TOKEN", "nss");
System.setProperty("TEST", "basic");
}

@Test
public void testBasic() throws Exception {
String[] args = {"sm", "Basic.policy"};
main(new Basic(), args);
}

private static class FooEntry implements KeyStore.Entry { }

private static class P11SecretKey implements SecretKey {
@@ -102,10 +130,6 @@ public P11SecretKey(String alg, int length) {
public byte[] getEncoded() { return new byte[length/8]; }
}

public static void main(String[] args) throws Exception {
main(new Basic(), args);
}

public void main(Provider p) throws Exception {

this.provider = p;
@@ -136,17 +160,17 @@ public void main(Provider p) throws Exception {

// get cert chains for private keys
CertificateFactory cf = CertificateFactory.getInstance("X.509", "SUN");
Certificate caCert = (X509Certificate)cf.generateCertificate
Certificate caCert = cf.generateCertificate
(new FileInputStream(new File(DIR, "ca.cert")));
Certificate ca2Cert = (X509Certificate)cf.generateCertificate
Certificate ca2Cert = cf.generateCertificate
(new FileInputStream(new File(DIR, "ca2.cert")));
Certificate pk1cert = (X509Certificate)cf.generateCertificate
Certificate pk1cert = cf.generateCertificate
(new FileInputStream(new File(DIR, "pk1.cert")));
Certificate pk1cert2 = (X509Certificate)cf.generateCertificate
Certificate pk1cert2 = cf.generateCertificate
(new FileInputStream(new File(DIR, "pk1.cert2")));
Certificate pk2cert = (X509Certificate)cf.generateCertificate
Certificate pk2cert = cf.generateCertificate
(new FileInputStream(new File(DIR, "pk2.cert")));
Certificate pk3cert = (X509Certificate)cf.generateCertificate
Certificate pk3cert = cf.generateCertificate
(new FileInputStream(new File(DIR, "pk3.cert")));
chain1 = new Certificate[] { pk1cert, caCert };
chain2 = new Certificate[] { pk2cert, caCert };
@@ -373,12 +397,12 @@ private static void module() throws Exception {

KeyStoreLoginModule m = new KeyStoreLoginModule();
Subject s = new Subject();
Map options = new HashMap();
Map<String, String> options = new HashMap<>();
options.put("keyStoreURL", "NONE");
options.put("keyStoreType", KS_TYPE);
options.put("keyStoreProvider", KS_PROVIDER);
options.put("debug", "true");
m.initialize(s, new TextCallbackHandler(), new HashMap(), options);
m.initialize(s, new TextCallbackHandler(), new HashMap<>(), options);
m.login();
m.commit();
System.out.println("authenticated subject = " + s);