diff --git a/.hgtags b/.hgtags index d2a237f2d2768073b5b653392aab9a2fc7dc552b..b67694cb53d94ed2b29da42b4ef41d268aa9270f 100644 --- a/.hgtags +++ b/.hgtags @@ -474,6 +474,7 @@ ed9e7ba6a419a80cbcdc60f4634388af054bdc76 jdk8u65-b10 d26fd80f684d44fd9b16e84e585dda3757d4a19c jdk8u65-b14 64c3b5808a701b6328c18028d1c98bc41679f718 jdk8u65-b15 372d63c0daaff36677d40f5f05b051f5e4e9e4ea jdk8u65-b16 +14a4b0a9a0b7a3d06432b484f226c71920460808 jdk8u65-b17 e9f82302d5fdef8a0976640e09363895e9dcde3c jdk8u66-b00 64d7bd4e98150447916f210e3bfd6875a4c2728a jdk8u66-b01 d8210091911b14930192abd3138ee37c281fb632 jdk8u66-b02 diff --git a/make/CompileJavaClasses.gmk b/make/CompileJavaClasses.gmk index 505b82180f741b312fe738d65b67de296b8806ba..a829dbef43dce0293bb1c18bef4938d4498a0128 100644 --- a/make/CompileJavaClasses.gmk +++ b/make/CompileJavaClasses.gmk @@ -238,11 +238,6 @@ ifeq (, $(filter $(OPENJDK_TARGET_OS), solaris macosx aix)) EXFILES += sun/nio/fs/PollingWatchService.java endif -# TODO: Fix when converting NIO -# Exclude *-linux-arm.java and *-linux-ppc.java from closed. -EXFILES += -linux-arm.java \ - -linux-ppc.java - ifeq ($(OPENJDK_TARGET_OS), windows) EXFILES += sun/nio/ch/AbstractPollSelectorImpl.java \ sun/nio/ch/PollSelectorProvider.java \ diff --git a/make/gensrc/GensrcMisc.gmk b/make/gensrc/GensrcMisc.gmk index de686d44b59e8df454abc9a16df1d13952981c55..9db5c9d6f77e1b9bbd640e6033359e5ef759d799 100644 --- a/make/gensrc/GensrcMisc.gmk +++ b/make/gensrc/GensrcMisc.gmk @@ -64,9 +64,9 @@ GENSRC_MISC += $(JDK_OUTPUTDIR)/gensrc/sun/tools/jconsole/Version.java GENSRC_MISC += $(JDK_OUTPUTDIR)/gensrc/sun/nio/ch/SocketOptionRegistry.java -GENSRC_SOR_SRC := $(JDK_TOPDIR)/src/share/native/sun/nio/ch +GENSRC_SOR_SRC := $(JDK_TOPDIR)/make/src/native/genconstants/ch GENSRC_SOR_SRC_FILE := genSocketOptionRegistry.c -GENSRC_SOR_BIN := $(JDK_OUTPUTDIR)/gensrc/genSocketOptionRegistry +GENSRC_SOR_BIN := $(JDK_OUTPUTDIR)/btnative/genSocketOptionRegistry SOR_COPYRIGHT_YEARS = $(shell $(CAT) $(GENSRC_SOR_SRC)/$(GENSRC_SOR_SRC_FILE) | \ $(NAWK) '/^.*Copyright.*Oracle/ { printf "%s %s",$$4,$$5 }') @@ -81,11 +81,9 @@ $(eval $(call SetupNativeCompilation,BUILD_GENSRC_SOR_EXE, \ OUTPUT_DIR := $(GENSRC_SOR_BIN), \ PROGRAM := genSocketOptionRegistry)) -ifneq ($(wildcard $(JDK_TOPDIR)/src/closed/solaris/classes/sun/nio/ch/SocketOptionRegistry-$(OPENJDK_TARGET_OS)-$(OPENJDK_TARGET_CPU_ARCH).java), ) - HAS_SOCKET_OPTION_REGISTRY := true -endif +SOR_PREGEN_FILE := $(JDK_TOPDIR)/src/closed/solaris/classes/sun/nio/ch/SocketOptionRegistry-$(OPENJDK_TARGET_OS)-$(OPENJDK_TARGET_CPU_ARCH).java.template -ifneq ($(HAS_SOCKET_OPTION_REGISTRY), true) +ifeq ($(wildcard $(SOR_PREGEN_FILE)), ) $(JDK_OUTPUTDIR)/gensrc/sun/nio/ch/SocketOptionRegistry.java: $(BUILD_GENSRC_SOR_EXE) $(MKDIR) -p $(@D) $(RM) $@ $@.tmp @@ -93,7 +91,7 @@ ifneq ($(HAS_SOCKET_OPTION_REGISTRY), true) $(BUILD_GENSRC_SOR_EXE) >> $@.tmp $(MV) $@.tmp $@ else - $(JDK_OUTPUTDIR)/gensrc/sun/nio/ch/SocketOptionRegistry.java: $(JDK_TOPDIR)/src/closed/solaris/classes/sun/nio/ch/SocketOptionRegistry-$(OPENJDK_TARGET_OS)-$(OPENJDK_TARGET_CPU_ARCH).java + $(JDK_OUTPUTDIR)/gensrc/sun/nio/ch/SocketOptionRegistry.java: $(SOR_PREGEN_FILE) $(call install-file) endif @@ -103,9 +101,9 @@ ifneq ($(OPENJDK_TARGET_OS), windows) GENSRC_MISC += $(JDK_OUTPUTDIR)/gensrc/sun/nio/fs/UnixConstants.java - GENSRC_UC_SRC := $(JDK_TOPDIR)/src/$(OPENJDK_TARGET_OS_API_DIR)/native/sun/nio/fs + GENSRC_UC_SRC := $(JDK_TOPDIR)/make/src/native/genconstants/fs GENSRC_UC_SRC_FILE := genUnixConstants.c - GENSRC_UC_BIN := $(JDK_OUTPUTDIR)/gensrc/genUnixConstants + GENSRC_UC_BIN := $(JDK_OUTPUTDIR)/btnative/genUnixConstants UC_COPYRIGHT_YEARS = $(shell $(CAT) $(GENSRC_UC_SRC)/$(GENSRC_UC_SRC_FILE) | \ $(NAWK) '/^.*Copyright.*Oracle/ { printf "%s %s",$$4,$$5 }') @@ -121,11 +119,9 @@ ifneq ($(OPENJDK_TARGET_OS), windows) OUTPUT_DIR := $(GENSRC_UC_BIN), \ PROGRAM := genUnixConstants)) - ifneq ($(wildcard $(JDK_TOPDIR)/src/closed/solaris/classes/sun/nio/fs/UnixConstants-$(OPENJDK_TARGET_OS)-$(OPENJDK_TARGET_CPU_ARCH).java), ) - HAS_UNIX_CONSTANTS := true - endif + UC_PREGEN_FILE := $(JDK_TOPDIR)/src/closed/solaris/classes/sun/nio/fs/UnixConstants-$(OPENJDK_TARGET_OS)-$(OPENJDK_TARGET_CPU_ARCH).java.template - ifneq ($(HAS_UNIX_CONSTANTS), true) + ifeq ($(wildcard $(UC_PREGEN_FILE)), ) $(JDK_OUTPUTDIR)/gensrc/sun/nio/fs/UnixConstants.java: $(BUILD_GENSRC_UC_EXE) $(MKDIR) -p $(@D) $(RM) $@ $@.tmp @@ -133,7 +129,7 @@ ifneq ($(OPENJDK_TARGET_OS), windows) $(BUILD_GENSRC_UC_EXE) >> $@.tmp $(MV) $@.tmp $@ else - $(JDK_OUTPUTDIR)/gensrc/sun/nio/fs/UnixConstants.java: $(JDK_TOPDIR)/src/closed/solaris/classes/sun/nio/fs/UnixConstants-$(OPENJDK_TARGET_OS)-$(OPENJDK_TARGET_CPU_ARCH).java + $(JDK_OUTPUTDIR)/gensrc/sun/nio/fs/UnixConstants.java: $(UC_PREGEN_FILE) $(call install-file) endif @@ -145,9 +141,9 @@ ifeq ($(OPENJDK_TARGET_OS), solaris) GENSRC_MISC += $(JDK_OUTPUTDIR)/gensrc/sun/nio/fs/SolarisConstants.java - GENSRC_SOL_SRC := $(JDK_TOPDIR)/src/$(OPENJDK_TARGET_OS_API_DIR)/native/sun/nio/fs + GENSRC_SOL_SRC := $(JDK_TOPDIR)/make/src/native/genconstants/fs GENSRC_SOL_SRC_FILE := genSolarisConstants.c - GENSRC_SOL_BIN := $(JDK_OUTPUTDIR)/gensrc/genSolarisConstants + GENSRC_SOL_BIN := $(JDK_OUTPUTDIR)/btnative/genSolarisConstants SOL_COPYRIGHT_YEARS = $(shell $(CAT) $(GENSRC_SOL_SRC)/$(GENSRC_SOL_SRC_FILE) | \ $(NAWK) '/^.*Copyright.*Oracle/ { printf "%s %s",$$4,$$5 }') diff --git a/src/share/native/sun/nio/ch/genSocketOptionRegistry.c b/make/src/native/genconstants/ch/genSocketOptionRegistry.c similarity index 100% rename from src/share/native/sun/nio/ch/genSocketOptionRegistry.c rename to make/src/native/genconstants/ch/genSocketOptionRegistry.c diff --git a/src/solaris/native/sun/nio/fs/genSolarisConstants.c b/make/src/native/genconstants/fs/genSolarisConstants.c similarity index 100% rename from src/solaris/native/sun/nio/fs/genSolarisConstants.c rename to make/src/native/genconstants/fs/genSolarisConstants.c diff --git a/src/solaris/native/sun/nio/fs/genUnixConstants.c b/make/src/native/genconstants/fs/genUnixConstants.c similarity index 100% rename from src/solaris/native/sun/nio/fs/genUnixConstants.c rename to make/src/native/genconstants/fs/genUnixConstants.c diff --git a/src/share/lib/security/java.security-aix b/src/share/lib/security/java.security-aix index 71574b93127edc4bd194ffd6a03c97699a732932..74519c4f736e915c65a2c54de8d7f02cdad6d078 100644 --- a/src/share/lib/security/java.security-aix +++ b/src/share/lib/security/java.security-aix @@ -481,7 +481,7 @@ krb5.kdc.bad.policy = tryLast # jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048 # # -jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024 +jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024 # Algorithm restrictions for Secure Socket Layer/Transport Layer Security # (SSL/TLS) processing diff --git a/src/share/lib/security/java.security-linux b/src/share/lib/security/java.security-linux index 71574b93127edc4bd194ffd6a03c97699a732932..74519c4f736e915c65a2c54de8d7f02cdad6d078 100644 --- a/src/share/lib/security/java.security-linux +++ b/src/share/lib/security/java.security-linux @@ -481,7 +481,7 @@ krb5.kdc.bad.policy = tryLast # jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048 # # -jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024 +jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024 # Algorithm restrictions for Secure Socket Layer/Transport Layer Security # (SSL/TLS) processing diff --git a/src/share/lib/security/java.security-macosx b/src/share/lib/security/java.security-macosx index 83849177762e214aa8428d9831ca1c87d4b8f5e1..6eadb862a3da0b0e4bdd6bd35a59d28255b75ad3 100644 --- a/src/share/lib/security/java.security-macosx +++ b/src/share/lib/security/java.security-macosx @@ -484,7 +484,7 @@ krb5.kdc.bad.policy = tryLast # jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048 # # -jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024 +jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024 # Algorithm restrictions for Secure Socket Layer/Transport Layer Security # (SSL/TLS) processing diff --git a/src/share/lib/security/java.security-solaris b/src/share/lib/security/java.security-solaris index bf9b6ca831b5977b0b0560e747645d9178fef8a1..404bfdda72eb6cea99d04fb51d15e0560370e2e1 100644 --- a/src/share/lib/security/java.security-solaris +++ b/src/share/lib/security/java.security-solaris @@ -483,7 +483,7 @@ krb5.kdc.bad.policy = tryLast # jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048 # # -jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024 +jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024 # Algorithm restrictions for Secure Socket Layer/Transport Layer Security # (SSL/TLS) processing diff --git a/src/share/lib/security/java.security-windows b/src/share/lib/security/java.security-windows index a14472c069b10c0c1216686320c5d077ec7745e2..b4f0e91d867f75b6cddbb33b822036689cd065ea 100644 --- a/src/share/lib/security/java.security-windows +++ b/src/share/lib/security/java.security-windows @@ -484,7 +484,7 @@ krb5.kdc.bad.policy = tryLast # jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048 # # -jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024 +jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024 # Algorithm restrictions for Secure Socket Layer/Transport Layer Security # (SSL/TLS) processing diff --git a/test/java/security/cert/CertPathBuilder/selfIssued/DisableRevocation.java b/test/java/security/cert/CertPathBuilder/selfIssued/DisableRevocation.java index 9ce3ef46ac10e802b8e5d20f36fde0c366130eec..8dbe8acc33ec9a16745dce02dc2542ab33781ce4 100644 --- a/test/java/security/cert/CertPathBuilder/selfIssued/DisableRevocation.java +++ b/test/java/security/cert/CertPathBuilder/selfIssued/DisableRevocation.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -21,12 +21,6 @@ * questions. */ -// -// Security properties, once set, cannot revert to unset. To avoid -// conflicts with tests running in the same VM isolate this test by -// running it in otherVM mode. -// - /** * @test * @bug 6852744 @@ -240,10 +234,6 @@ public final class DisableRevocation { public static void main(String[] args) throws Exception { - // MD5 is used in this test case, don't disable MD5 algorithm. - Security.setProperty( - "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024"); - CertPathBuilder builder = CertPathBuilder.getInstance("PKIX"); X509CertSelector selector = generateSelector(args[0]); diff --git a/test/java/security/cert/CertPathBuilder/selfIssued/KeyUsageMatters.java b/test/java/security/cert/CertPathBuilder/selfIssued/KeyUsageMatters.java index 75bf2ec5a02d61dbffeffe9b7e26d6811f904e26..53b3aceda529a54db2c9d53eac6e9dbf34394e62 100644 --- a/test/java/security/cert/CertPathBuilder/selfIssued/KeyUsageMatters.java +++ b/test/java/security/cert/CertPathBuilder/selfIssued/KeyUsageMatters.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -21,12 +21,6 @@ * questions. */ -// -// Security properties, once set, cannot revert to unset. To avoid -// conflicts with tests running in the same VM isolate this test by -// running it in otherVM mode. -// - /** * @test * @bug 6852744 @@ -283,10 +277,6 @@ public final class KeyUsageMatters { public static void main(String[] args) throws Exception { - // MD5 is used in this test case, don't disable MD5 algorithm. - Security.setProperty( - "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024"); - CertPathBuilder builder = CertPathBuilder.getInstance("PKIX"); X509CertSelector selector = generateSelector(args[0]); diff --git a/test/java/security/cert/CertPathBuilder/selfIssued/StatusLoopDependency.java b/test/java/security/cert/CertPathBuilder/selfIssued/StatusLoopDependency.java index 6d0b24bef32378ad9c9f666d2d4ee9f8defe68bc..873237cf3b86ec4bf33b485c91c5305872cef7d3 100644 --- a/test/java/security/cert/CertPathBuilder/selfIssued/StatusLoopDependency.java +++ b/test/java/security/cert/CertPathBuilder/selfIssued/StatusLoopDependency.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -21,12 +21,6 @@ * questions. */ -// -// Security properties, once set, cannot revert to unset. To avoid -// conflicts with tests running in the same VM isolate this test by -// running it in otherVM mode. -// - /** * @test * @bug 6852744 @@ -289,10 +283,6 @@ public final class StatusLoopDependency { public static void main(String[] args) throws Exception { - // MD5 is used in this test case, don't disable MD5 algorithm. - Security.setProperty( - "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024"); - CertPathBuilder builder = CertPathBuilder.getInstance("PKIX"); X509CertSelector selector = generateSelector(args[0]); diff --git a/test/java/security/cert/CertPathValidator/OCSP/AIACheck.java b/test/java/security/cert/CertPathValidator/OCSP/AIACheck.java index 8c6e0458b339070475aa46adb5bc9a5b68867780..9f8d697740a564c12eec103c232c83fbc7aa82a2 100644 --- a/test/java/security/cert/CertPathValidator/OCSP/AIACheck.java +++ b/test/java/security/cert/CertPathValidator/OCSP/AIACheck.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -21,19 +21,12 @@ * questions. */ -// -// Security properties, once set, cannot revert to unset. To avoid -// conflicts with tests running in the same VM isolate this test by -// running it in otherVM mode. -// - /** * @test * @bug 5072953 * @summary Verify that the URL for an OCSP responder can be extracted from a * certificate's AuthorityInfoAccess extension when OCSP certifiate * validation has been enabled. - * @run main/othervm AIACheck */ import java.io.*; @@ -58,10 +51,6 @@ public class AIACheck { } public static void main(String args[]) throws Exception { - // MD5 is used in this test case, don't disable MD5 algorithm. - Security.setProperty( - "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024"); - X509Certificate aiaCert = loadCertificate("AIACert.pem"); X509Certificate rootCert = loadCertificate("RootCert.pem"); diff --git a/test/java/security/cert/CertPathValidator/OCSP/FailoverToCRL.java b/test/java/security/cert/CertPathValidator/OCSP/FailoverToCRL.java index d1e4e8c6a2972805865a8db9cb8023af81df243e..cd5f0e072df45461b2ad732f1af239baafd8a2d8 100644 --- a/test/java/security/cert/CertPathValidator/OCSP/FailoverToCRL.java +++ b/test/java/security/cert/CertPathValidator/OCSP/FailoverToCRL.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -21,24 +21,16 @@ * questions. */ -// -// Security properties, once set, cannot revert to unset. To avoid -// conflicts with tests running in the same VM isolate this test by -// running it in otherVM mode. -// - /** * @test * @bug 6383095 * @summary CRL revoked certificate failures masked by OCSP failures - * @run main/othervm FailoverToCRL - * @author Xuelei Fan - */ - -/* + * * Note that the certificate validity is from Mar 16 14:55:35 2009 GMT to * Dec 1 14:55:35 2028 GMT, please update it with newer certificate if * expires. + * + * @author Xuelei Fan */ /* @@ -237,10 +229,6 @@ public class FailoverToCRL { } public static void main(String args[]) throws Exception { - // MD5 is used in this test case, don't disable MD5 algorithm. - Security.setProperty( - "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024"); - CertPath path = generateCertificatePath(); Set anchors = generateTrustAnchors(); CertStore crls = generateCertificateStore(); diff --git a/test/java/security/cert/CertPathValidator/indirectCRL/CircularCRLOneLevel.java b/test/java/security/cert/CertPathValidator/indirectCRL/CircularCRLOneLevel.java index 9a21ae2de0d2e40a21aaa93f6f74fed111d7e4cc..c850b82ed63e4e71982adde792096b4a1ff28737 100644 --- a/test/java/security/cert/CertPathValidator/indirectCRL/CircularCRLOneLevel.java +++ b/test/java/security/cert/CertPathValidator/indirectCRL/CircularCRLOneLevel.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -21,18 +21,11 @@ * questions. */ -// -// Security properties, once set, cannot revert to unset. To avoid -// conflicts with tests running in the same VM isolate this test by -// running it in otherVM mode. -// - /** * @test * * @bug 6720721 * @summary CRL check with circular depency support needed - * @run main/othervm CircularCRLOneLevel * @author Xuelei Fan */ @@ -165,10 +158,6 @@ public class CircularCRLOneLevel { } public static void main(String args[]) throws Exception { - // MD5 is used in this test case, don't disable MD5 algorithm. - Security.setProperty( - "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024"); - CertPath path = generateCertificatePath(); Set anchors = generateTrustAnchors(); CertStore crls = generateCertificateStore(); diff --git a/test/java/security/cert/CertPathValidator/indirectCRL/CircularCRLOneLevelRevoked.java b/test/java/security/cert/CertPathValidator/indirectCRL/CircularCRLOneLevelRevoked.java index 944483683baf201da986317c34bed0226f275a8e..ebbb3b09e4d6f29febfd4845d0dad185b0726a37 100644 --- a/test/java/security/cert/CertPathValidator/indirectCRL/CircularCRLOneLevelRevoked.java +++ b/test/java/security/cert/CertPathValidator/indirectCRL/CircularCRLOneLevelRevoked.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -21,18 +21,11 @@ * questions. */ -// -// Security properties, once set, cannot revert to unset. To avoid -// conflicts with tests running in the same VM isolate this test by -// running it in otherVM mode. -// - /** * @test * * @bug 6720721 * @summary CRL check with circular depency support needed - * @run main/othervm CircularCRLOneLevelRevoked * @author Xuelei Fan */ @@ -166,10 +159,6 @@ public class CircularCRLOneLevelRevoked { } public static void main(String args[]) throws Exception { - // MD5 is used in this test case, don't disable MD5 algorithm. - Security.setProperty( - "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024"); - CertPath path = generateCertificatePath(); Set anchors = generateTrustAnchors(); CertStore crls = generateCertificateStore(); diff --git a/test/java/security/cert/CertPathValidator/indirectCRL/CircularCRLTwoLevel.java b/test/java/security/cert/CertPathValidator/indirectCRL/CircularCRLTwoLevel.java index d67db44e396df88f8436c83356cc6a15661c35eb..d8ca3356ab6ef039b108383ec0a52f2cf66a4490 100644 --- a/test/java/security/cert/CertPathValidator/indirectCRL/CircularCRLTwoLevel.java +++ b/test/java/security/cert/CertPathValidator/indirectCRL/CircularCRLTwoLevel.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -21,18 +21,11 @@ * questions. */ -// -// Security properties, once set, cannot revert to unset. To avoid -// conflicts with tests running in the same VM isolate this test by -// running it in otherVM mode. -// - /** * @test * * @bug 6720721 * @summary CRL check with circular depency support needed - * @run main/othervm CircularCRLTwoLevel * @author Xuelei Fan */ @@ -217,10 +210,6 @@ public class CircularCRLTwoLevel { } public static void main(String args[]) throws Exception { - // MD5 is used in this test case, don't disable MD5 algorithm. - Security.setProperty( - "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024"); - CertPath path = generateCertificatePath(); Set anchors = generateTrustAnchors(); CertStore crls = generateCertificateStore(); diff --git a/test/java/security/cert/CertPathValidator/indirectCRL/CircularCRLTwoLevelRevoked.java b/test/java/security/cert/CertPathValidator/indirectCRL/CircularCRLTwoLevelRevoked.java index e67934b8a19bb71ba5aeb4141e82ea717fae3e7b..4405ded75eaf3096c8e524b944ecebc833167a59 100644 --- a/test/java/security/cert/CertPathValidator/indirectCRL/CircularCRLTwoLevelRevoked.java +++ b/test/java/security/cert/CertPathValidator/indirectCRL/CircularCRLTwoLevelRevoked.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -21,18 +21,11 @@ * questions. */ -// -// Security properties, once set, cannot revert to unset. To avoid -// conflicts with tests running in the same VM isolate this test by -// running it in otherVM mode. -// - /** * @test * * @bug 6720721 * @summary CRL check with circular depency support needed - * @run main/othervm CircularCRLTwoLevelRevoked * @author Xuelei Fan */ @@ -218,10 +211,6 @@ public class CircularCRLTwoLevelRevoked { } public static void main(String args[]) throws Exception { - // MD5 is used in this test case, don't disable MD5 algorithm. - Security.setProperty( - "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024"); - CertPath path = generateCertificatePath(); Set anchors = generateTrustAnchors(); CertStore crls = generateCertificateStore(); diff --git a/test/sun/security/provider/certpath/DisabledAlgorithms/CPBuilderWithMD5.java b/test/sun/security/provider/certpath/DisabledAlgorithms/CPBuilderWithMD5.java deleted file mode 100644 index 0483e7e126cf83c27700a8d903cc8fb8ec81fafb..0000000000000000000000000000000000000000 --- a/test/sun/security/provider/certpath/DisabledAlgorithms/CPBuilderWithMD5.java +++ /dev/null @@ -1,449 +0,0 @@ -/* - * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -// This test case relies on static security property, no way to re-use -// security property in samevm/agentvm mode. - -/** - * @test - * - * @bug 8030829 - * @summary Add MD5 to jdk.certpath.disabledAlgorithms security property - * - * @run main/othervm CPBuilderWithMD5 trustAnchor_SHA1withRSA_1024 0 true - * @run main/othervm CPBuilderWithMD5 trustAnchor_SHA1withRSA_512 0 true - * @run main/othervm CPBuilderWithMD5 intermediate_SHA1withRSA_1024_1024 1 true - * @run main/othervm CPBuilderWithMD5 intermediate_SHA1withRSA_1024_512 1 false - * @run main/othervm CPBuilderWithMD5 intermediate_SHA1withRSA_512_1024 1 false - * @run main/othervm CPBuilderWithMD5 intermediate_SHA1withRSA_512_512 1 false - * @run main/othervm CPBuilderWithMD5 intermediate_MD5withRSA_1024_1024 1 false - * @run main/othervm CPBuilderWithMD5 intermediate_MD5withRSA_1024_512 1 false - * @run main/othervm CPBuilderWithMD5 endentiry_SHA1withRSA_1024_1024 2 true - * @run main/othervm CPBuilderWithMD5 endentiry_SHA1withRSA_1024_512 2 false - * @run main/othervm CPBuilderWithMD5 endentiry_SHA1withRSA_512_1024 2 false - * @run main/othervm CPBuilderWithMD5 endentiry_SHA1withRSA_512_512 2 false - * @run main/othervm CPBuilderWithMD5 endentiry_MD5withRSA_1024_1024 2 false - * @run main/othervm CPBuilderWithMD5 endentiry_MD5withRSA_1024_512 2 false - * - * @author Xuelei Fan - */ - -/* - * The generate.sh was designed to generate MD2 signed certificates. The - * certificates used in this test are generated by an updated generate.sh that - * replacing MD2 with MD5 algorithm. - */ -import java.io.*; -import java.net.SocketException; -import java.util.*; -import java.security.Security; -import java.security.cert.*; -import sun.security.util.DerInputStream; - -public class CPBuilderWithMD5 { - - // SHA1withRSA 1024 - static String trustAnchor_SHA1withRSA_1024 = - "-----BEGIN CERTIFICATE-----\n" + - "MIICPjCCAaegAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" + - "MA4GA1UEChMHRXhhbXBsZTAeFw0xMzEyMjgxMTA4NTFaFw0zNDEyMDgxMTA4NTFa\n" + - "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB\n" + - "AQUAA4GNADCBiQKBgQDn3JSHACqi/bcohVy7eFqDs3L5ehnXmF9Jrg4rMRUeNrxA\n" + - "61F8bJ9JXx4j8WyqmT0TtokgXuqGxbsXRQVVw4AdXLF2PwCs/y+Y+AwU59uDHA3J\n" + - "AMk4VvjV9MB2Ea6YzuLnbbj/TNrfxB6LZ7KBvh0fYGt2T40yMvOvilU/f6e3zQID\n" + - "AQABo4GJMIGGMB0GA1UdDgQWBBSIxINDFVm8GpUz3v+BbWNmDEKP7TBHBgNVHSME\n" + - "QDA+gBSIxINDFVm8GpUz3v+BbWNmDEKP7aEjpCEwHzELMAkGA1UEBhMCVVMxEDAO\n" + - "BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAgQw\n" + - "DQYJKoZIhvcNAQEFBQADgYEAt0mYDXTpInrGvEOylIL2gx65A/bpdz9iDQsSs5sZ\n" + - "r3m0v9zJnzR8lRqN4GbaD1vrFdkUrIoObcvXjXitnf5QqDzmc9BbIYj83Ft8QSUj\n" + - "jCMy04EGT/7ATss4SiFEu6sJpmOBjsgH6wYuobR27wl/01XOu2CXUo3OOjgAoPBs\n" + - "QoQ=\n" + - "-----END CERTIFICATE-----"; - - // SHA1withRSA 512 - static String trustAnchor_SHA1withRSA_512 = - "-----BEGIN CERTIFICATE-----\n" + - "MIIBuTCCAWOgAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" + - "MA4GA1UEChMHRXhhbXBsZTAeFw0xMzEyMjgxMTA4NTFaFw0zNDEyMDgxMTA4NTFa\n" + - "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMFwwDQYJKoZIhvcNAQEB\n" + - "BQADSwAwSAJBANLqQkOpH7rBTo/a2ccYjJxvNib/Lxm6UXO1uAd/0AUzPWzJsOpB\n" + - "u2zyD26UYc0GNyXCkWMZ44FrtSQ8VI146j8CAwEAAaOBiTCBhjAdBgNVHQ4EFgQU\n" + - "5PVLxBY//smN31jHb/MAmCEz5NIwRwYDVR0jBEAwPoAU5PVLxBY//smN31jHb/MA\n" + - "mCEz5NKhI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlggEAMA8G\n" + - "A1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0GCSqGSIb3DQEBBQUAA0EAzF9E\n" + - "dXYPLqziCRY45IHCUtxaLjLQmwsjEu91TV4xyuuozGEumcqH7m6Hg6Ohnd1FGfsN\n" + - "X+vt1tdaDIu9+OzGjQ==\n" + - "-----END CERTIFICATE-----"; - - // SHA1withRSA 1024 signed with RSA 1024 - static String intermediate_SHA1withRSA_1024_1024 = - "-----BEGIN CERTIFICATE-----\n" + - "MIICUDCCAbmgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" + - "MA4GA1UEChMHRXhhbXBsZTAeFw0xMzEyMjgxMTA5MDlaFw0zMzA5MTQxMTA5MDla\n" + - "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" + - "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/m9wdJT0HR+exquh2Q2Yq\n" + - "XvL9HtEsCabCikd0Vjuoi3sZJ/5SBbbHTvh7z7enW0NEpLHQee0ry5FW8mLxDtrR\n" + - "38NjE9W7zutucBG5WztwGuvcts13aEw+vH+EwhokJW9PXz9Do+y4PTJo3vdsk7Zs\n" + - "bGVY9+YjvlgEaozWXZ1JhQIDAQABo4GJMIGGMB0GA1UdDgQWBBQIsaDZL94kLug/\n" + - "A1N4EkNOA4z47DBHBgNVHSMEQDA+gBSIxINDFVm8GpUz3v+BbWNmDEKP7aEjpCEw\n" + - "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" + - "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADgYEA0673aIUF2k20jkpR\n" + - "4USN9UkbfX57Uazhl4n765EeAiteWnTzKztISeH1GTrCw7bSl1r07aaflsnbKOHC\n" + - "RrL2RxbxNwQARvuuCxr664vXnsGrt86xA5F2iNF22uDM/5HA5sIfBmEk5xXSLrgH\n" + - "I7jOaYqAA1b8C+4DU2Z5ZgO4LOA=\n" + - "-----END CERTIFICATE-----"; - - // SHA1withRSA 1024 signed with RSA 512 - static String intermediate_SHA1withRSA_1024_512 = - "-----BEGIN CERTIFICATE-----\n" + - "MIICDzCCAbmgAwIBAgIBBDANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" + - "MA4GA1UEChMHRXhhbXBsZTAeFw0xMzEyMjgxMTA5MDlaFw0zMzA5MTQxMTA5MDla\n" + - "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" + - "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/m9wdJT0HR+exquh2Q2Yq\n" + - "XvL9HtEsCabCikd0Vjuoi3sZJ/5SBbbHTvh7z7enW0NEpLHQee0ry5FW8mLxDtrR\n" + - "38NjE9W7zutucBG5WztwGuvcts13aEw+vH+EwhokJW9PXz9Do+y4PTJo3vdsk7Zs\n" + - "bGVY9+YjvlgEaozWXZ1JhQIDAQABo4GJMIGGMB0GA1UdDgQWBBQIsaDZL94kLug/\n" + - "A1N4EkNOA4z47DBHBgNVHSMEQDA+gBTk9UvEFj/+yY3fWMdv8wCYITPk0qEjpCEw\n" + - "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" + - "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADQQAihshnF7RWZ13tUGsH\n" + - "iM4i8HmBjw2+pwW/cs0E8BcycYEy3beWMcL1Np2yfOa/7K5ZvGPhe/piwzTel+Kt\n" + - "5VLm\n" + - "-----END CERTIFICATE-----"; - - // SHA1withRSA 512 signed with RSA 1024 - static String intermediate_SHA1withRSA_512_1024 = - "-----BEGIN CERTIFICATE-----\n" + - "MIICDDCCAXWgAwIBAgIBBTANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" + - "MA4GA1UEChMHRXhhbXBsZTAeFw0xMzEyMjgxMTA5MDlaFw0zMzA5MTQxMTA5MDla\n" + - "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" + - "cy0xMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAK4h/iW3wt+ugR5ObWiFSl394UU/\n" + - "lWNm+N6UAgsBRhSzZz/Iof7xZTQI+usNXzOrTnU3+uZsMgokpjkrko1osxUCAwEA\n" + - "AaOBiTCBhjAdBgNVHQ4EFgQU88OD48Osuh7lJiLnhfMhrySqW8QwRwYDVR0jBEAw\n" + - "PoAUiMSDQxVZvBqVM97/gW1jZgxCj+2hI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD\n" + - "VQQKEwdFeGFtcGxlggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0G\n" + - "CSqGSIb3DQEBBQUAA4GBAAHN8XUTT6asa1MvpfqAvKTH6tNrMOmzoFsUamPxSrUB\n" + - "tnBv/fa/E9+1QvQwl3g6luVXBkQf2/nVD0195IdkEuD/C6psuGKerXmiaRMv5Wcs\n" + - "B+8bTzhNxMzHKPZDJ8Tf/RD3XpPvtxw0T+I5xud68FH/WDhJtu7TiXPAhs7srtHt\n" + - "-----END CERTIFICATE-----"; - - // SHA1withRSA 512 signed with RSA 512 - static String intermediate_SHA1withRSA_512_512 = - "-----BEGIN CERTIFICATE-----\n" + - "MIIByzCCAXWgAwIBAgIBBjANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" + - "MA4GA1UEChMHRXhhbXBsZTAeFw0xMzEyMjgxMTA5MDlaFw0zMzA5MTQxMTA5MDla\n" + - "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" + - "cy0xMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAK4h/iW3wt+ugR5ObWiFSl394UU/\n" + - "lWNm+N6UAgsBRhSzZz/Iof7xZTQI+usNXzOrTnU3+uZsMgokpjkrko1osxUCAwEA\n" + - "AaOBiTCBhjAdBgNVHQ4EFgQU88OD48Osuh7lJiLnhfMhrySqW8QwRwYDVR0jBEAw\n" + - "PoAU5PVLxBY//smN31jHb/MAmCEz5NKhI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD\n" + - "VQQKEwdFeGFtcGxlggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0G\n" + - "CSqGSIb3DQEBBQUAA0EASLN+1/pfo+9ty5EaYkoPu4QeYGr+5wmXyDceiaED/Lok\n" + - "RdV0ZH0qwD4kiarlJssNOgMCk+2EzgvXcIhEMDa5hA==\n" + - "-----END CERTIFICATE-----"; - - // MD5withRSA 1024 signed with RSA 1024 - static String intermediate_MD5withRSA_1024_1024 = - "-----BEGIN CERTIFICATE-----\n" + - "MIICUDCCAbmgAwIBAgIBBzANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n" + - "MA4GA1UEChMHRXhhbXBsZTAeFw0xMzEyMjgxMTA5MDlaFw0zMzA5MTQxMTA5MDla\n" + - "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" + - "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/m9wdJT0HR+exquh2Q2Yq\n" + - "XvL9HtEsCabCikd0Vjuoi3sZJ/5SBbbHTvh7z7enW0NEpLHQee0ry5FW8mLxDtrR\n" + - "38NjE9W7zutucBG5WztwGuvcts13aEw+vH+EwhokJW9PXz9Do+y4PTJo3vdsk7Zs\n" + - "bGVY9+YjvlgEaozWXZ1JhQIDAQABo4GJMIGGMB0GA1UdDgQWBBQIsaDZL94kLug/\n" + - "A1N4EkNOA4z47DBHBgNVHSMEQDA+gBSIxINDFVm8GpUz3v+BbWNmDEKP7aEjpCEw\n" + - "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" + - "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEEBQADgYEAerx2je3FBVn2eoPs\n" + - "nTzLKILezqCTCO7mXWiyBidRhh4RGdM8JggMN5SRmuwRurxfYFgPfqmAenWtEFqO\n" + - "xZrTXQUvIrrEgpzqkfppFnkCh4kDsX4roD5Nho3J4MTBQkqE0r676Yq6Rp6cywCq\n" + - "CHQQztRGY7n/ZYRNJ3uzvuoT1tk=\n" + - "-----END CERTIFICATE-----"; - - // MD5withRSA 1024 signed with RSA 512 - static String intermediate_MD5withRSA_1024_512 = - "-----BEGIN CERTIFICATE-----\n" + - "MIICDzCCAbmgAwIBAgIBCDANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n" + - "MA4GA1UEChMHRXhhbXBsZTAeFw0xMzEyMjgxMTA5MTBaFw0zMzA5MTQxMTA5MTBa\n" + - "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" + - "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/m9wdJT0HR+exquh2Q2Yq\n" + - "XvL9HtEsCabCikd0Vjuoi3sZJ/5SBbbHTvh7z7enW0NEpLHQee0ry5FW8mLxDtrR\n" + - "38NjE9W7zutucBG5WztwGuvcts13aEw+vH+EwhokJW9PXz9Do+y4PTJo3vdsk7Zs\n" + - "bGVY9+YjvlgEaozWXZ1JhQIDAQABo4GJMIGGMB0GA1UdDgQWBBQIsaDZL94kLug/\n" + - "A1N4EkNOA4z47DBHBgNVHSMEQDA+gBTk9UvEFj/+yY3fWMdv8wCYITPk0qEjpCEw\n" + - "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" + - "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEEBQADQQA3XGQPNin8cDIsJ4vx\n" + - "tTxUO6XVJoWOdTsjwzlMrPmLvjJNZeXLtQe3pQu0vjgyUpQ59VYLW3qKN/LF3UH0\n" + - "Ep7V\n" + - "-----END CERTIFICATE-----"; - - // SHA1withRSA 1024 signed with RSA 1024 - static String endentiry_SHA1withRSA_1024_1024 = - "-----BEGIN CERTIFICATE-----\n" + - "MIICNzCCAaCgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" + - "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0xMzEyMjgxMTA5\n" + - "MTJaFw0zMzA5MTQxMTA5MTJaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" + - "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" + - "9w0BAQEFAAOBjQAwgYkCgYEAvktJqK4/SvQrTyGgV8tM6zP/K5xQP1pFRipRKS8i\n" + - "2yaXdlW4jQBZWVXdfEsm8YwGwtXFKIlleALmgJcLldPwNm0qaKixL4mRJVMm4bXM\n" + - "UXCfmr+Im1SpA4Yum4VFCfIJ1kkeQkXqc57sCSfS+rFnC+1kSNa9wj+Mc4+5FR4k\n" + - "zqUCAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBRDzLh/sWyTsdq1KKnG\n" + - "8e7JW1tPUDAfBgNVHSMEGDAWgBQIsaDZL94kLug/A1N4EkNOA4z47DANBgkqhkiG\n" + - "9w0BAQUFAAOBgQB2RkWHOaL4WTOGoeTS4J4o9FW+4UXihbocdI/64rMExERjDkE/\n" + - "Jh31TEmatnP1gPrF1AfmqQPubqVSbRtCHrZF+Ilk6L6YeyRNzKvsLiMUtgrLYLas\n" + - "Vop0DFZxR02xHgaJdoJkcWBjNadb9zG7eZtt8OOOJ4lRwg02aLTy+WDqPA==\n" + - "-----END CERTIFICATE-----"; - - // SHA1withRSA 1024 signed with RSA 512 - static String endentiry_SHA1withRSA_1024_512 = - "-----BEGIN CERTIFICATE-----\n" + - "MIIB9jCCAaCgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" + - "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0xMzEyMjgxMTA5\n" + - "MTJaFw0zMzA5MTQxMTA5MTJaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" + - "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" + - "9w0BAQEFAAOBjQAwgYkCgYEAvktJqK4/SvQrTyGgV8tM6zP/K5xQP1pFRipRKS8i\n" + - "2yaXdlW4jQBZWVXdfEsm8YwGwtXFKIlleALmgJcLldPwNm0qaKixL4mRJVMm4bXM\n" + - "UXCfmr+Im1SpA4Yum4VFCfIJ1kkeQkXqc57sCSfS+rFnC+1kSNa9wj+Mc4+5FR4k\n" + - "zqUCAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBRDzLh/sWyTsdq1KKnG\n" + - "8e7JW1tPUDAfBgNVHSMEGDAWgBTzw4Pjw6y6HuUmIueF8yGvJKpbxDANBgkqhkiG\n" + - "9w0BAQUFAANBAIapvjECUm4YD4O99G0v2SM17cKQzjZtSWkScS7FSk4sxS+dP3hM\n" + - "Qb2UpoRl6CGynhOVVy2G/VJN8BEqOfywj8k=\n" + - "-----END CERTIFICATE-----"; - - // SHA1withRSA 512 signed with RSA 1024 - static String endentiry_SHA1withRSA_512_1024 = - "-----BEGIN CERTIFICATE-----\n" + - "MIIB8zCCAVygAwIBAgIBBDANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" + - "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0xMzEyMjgxMTA5\n" + - "MTJaFw0zMzA5MTQxMTA5MTJaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" + - "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTBcMA0GCSqGSIb3\n" + - "DQEBAQUAA0sAMEgCQQCngiNTE+qngHcfj2jUpdc82gCw+TFRjR7oMSdp7b/3NwpD\n" + - "E+11z9WspoXTDzvbKcGUH9svFl691NyY0ZUmf+4RAgMBAAGjTzBNMAsGA1UdDwQE\n" + - "AwID6DAdBgNVHQ4EFgQUK+oVsFTQbz08evgQZ5Sd82c2y4UwHwYDVR0jBBgwFoAU\n" + - "CLGg2S/eJC7oPwNTeBJDTgOM+OwwDQYJKoZIhvcNAQEFBQADgYEAMd/8XnjRz5jK\n" + - "nbss9DDQQC2mUuCbV/tGdke7eQ1DtBVZLBU6wDgisGr52sUXmyZIPmSVKpQqwCG5\n" + - "8cY5uQhaNwPtPmMMKXzX32zN9NhVkiDNceL+zHs3vdjD1i/QiUTST+NKfLYVb6dF\n" + - "YMG65lxe3gMVxMweiHSZSukmk1k3gUA=\n" + - "-----END CERTIFICATE-----"; - - // SHA1withRSA 512 signed with RSA 512 - static String endentiry_SHA1withRSA_512_512 = - "-----BEGIN CERTIFICATE-----\n" + - "MIIBsjCCAVygAwIBAgIBBTANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" + - "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0xMzEyMjgxMTA5\n" + - "MTJaFw0zMzA5MTQxMTA5MTJaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" + - "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTBcMA0GCSqGSIb3\n" + - "DQEBAQUAA0sAMEgCQQCngiNTE+qngHcfj2jUpdc82gCw+TFRjR7oMSdp7b/3NwpD\n" + - "E+11z9WspoXTDzvbKcGUH9svFl691NyY0ZUmf+4RAgMBAAGjTzBNMAsGA1UdDwQE\n" + - "AwID6DAdBgNVHQ4EFgQUK+oVsFTQbz08evgQZ5Sd82c2y4UwHwYDVR0jBBgwFoAU\n" + - "88OD48Osuh7lJiLnhfMhrySqW8QwDQYJKoZIhvcNAQEFBQADQQB4xFWtC6ijDBIe\n" + - "/Gkf3B9+ycmP52pTPNiPwMS6u1a5vTRXMn5xRDexWfxJKJVZ2s9UR1jheZvWgPC8\n" + - "VUWO8bbG\n" + - "-----END CERTIFICATE-----"; - - // MD5withRSA 1024 signed with RSA 1024 - static String endentiry_MD5withRSA_1024_1024 = - "-----BEGIN CERTIFICATE-----\n" + - "MIICNzCCAaCgAwIBAgIBBjANBgkqhkiG9w0BAQQFADAxMQswCQYDVQQGEwJVUzEQ\n" + - "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0xMzEyMjgxMTA5\n" + - "MTJaFw0zMzA5MTQxMTA5MTJaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" + - "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" + - "9w0BAQEFAAOBjQAwgYkCgYEAvktJqK4/SvQrTyGgV8tM6zP/K5xQP1pFRipRKS8i\n" + - "2yaXdlW4jQBZWVXdfEsm8YwGwtXFKIlleALmgJcLldPwNm0qaKixL4mRJVMm4bXM\n" + - "UXCfmr+Im1SpA4Yum4VFCfIJ1kkeQkXqc57sCSfS+rFnC+1kSNa9wj+Mc4+5FR4k\n" + - "zqUCAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBRDzLh/sWyTsdq1KKnG\n" + - "8e7JW1tPUDAfBgNVHSMEGDAWgBQIsaDZL94kLug/A1N4EkNOA4z47DANBgkqhkiG\n" + - "9w0BAQQFAAOBgQBCVn9/JQxsRTaKIKSrgB+KtEreat+33k3SXuJICuRxcmvjOXIx\n" + - "wSdq+mRCA+DpIPSNtgnDAUyipnyxRxpdmRRUHuRYpkALq4a5QtTJK0Y/CEMfsd2J\n" + - "Yd2zKcfynDLW6LVeNdtjlY7fTemJnbA/WImNhwyW55V9vbnk3J04EZN8jw==\n" + - "-----END CERTIFICATE-----"; - - // MD5withRSA 1024 signed with RSA 512 - static String endentiry_MD5withRSA_1024_512 = - "-----BEGIN CERTIFICATE-----\n" + - "MIIB9jCCAaCgAwIBAgIBBzANBgkqhkiG9w0BAQQFADAxMQswCQYDVQQGEwJVUzEQ\n" + - "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0xMzEyMjgxMTA5\n" + - "MTNaFw0zMzA5MTQxMTA5MTNaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" + - "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" + - "9w0BAQEFAAOBjQAwgYkCgYEAvktJqK4/SvQrTyGgV8tM6zP/K5xQP1pFRipRKS8i\n" + - "2yaXdlW4jQBZWVXdfEsm8YwGwtXFKIlleALmgJcLldPwNm0qaKixL4mRJVMm4bXM\n" + - "UXCfmr+Im1SpA4Yum4VFCfIJ1kkeQkXqc57sCSfS+rFnC+1kSNa9wj+Mc4+5FR4k\n" + - "zqUCAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBRDzLh/sWyTsdq1KKnG\n" + - "8e7JW1tPUDAfBgNVHSMEGDAWgBTzw4Pjw6y6HuUmIueF8yGvJKpbxDANBgkqhkiG\n" + - "9w0BAQQFAANBAAbZwmkqb6sfiiIxuLnj6PjhJsXGfvPomkkbLu5CapAMhen/p6ZG\n" + - "6vh69TbIsBR9UHu7qDyTl5Xax7bmYeW+sDQ=\n" + - "-----END CERTIFICATE-----"; - - static HashMap certmap = new HashMap(); - static { - certmap.put("trustAnchor_SHA1withRSA_1024", - trustAnchor_SHA1withRSA_1024); - certmap.put("trustAnchor_SHA1withRSA_512", - trustAnchor_SHA1withRSA_512); - certmap.put("intermediate_SHA1withRSA_1024_1024", - intermediate_SHA1withRSA_1024_1024); - certmap.put("intermediate_SHA1withRSA_1024_512", - intermediate_SHA1withRSA_1024_512); - certmap.put("intermediate_SHA1withRSA_512_1024", - intermediate_SHA1withRSA_512_1024); - certmap.put("intermediate_SHA1withRSA_512_512", - intermediate_SHA1withRSA_512_512); - certmap.put("intermediate_MD5withRSA_1024_1024", - intermediate_MD5withRSA_1024_1024); - certmap.put("intermediate_MD5withRSA_1024_512", - intermediate_MD5withRSA_1024_512); - certmap.put("endentiry_SHA1withRSA_1024_1024", - endentiry_SHA1withRSA_1024_1024); - certmap.put("endentiry_SHA1withRSA_1024_512", - endentiry_SHA1withRSA_1024_512); - certmap.put("endentiry_SHA1withRSA_512_1024", - endentiry_SHA1withRSA_512_1024); - certmap.put("endentiry_SHA1withRSA_512_512", - endentiry_SHA1withRSA_512_512); - certmap.put("endentiry_MD5withRSA_1024_1024", - endentiry_MD5withRSA_1024_1024); - certmap.put("endentiry_MD5withRSA_1024_512", - endentiry_MD5withRSA_1024_512); - } - - private static Set generateTrustAnchors() - throws CertificateException { - // generate certificate from cert string - CertificateFactory cf = CertificateFactory.getInstance("X.509"); - HashSet anchors = new HashSet(); - - ByteArrayInputStream is = - new ByteArrayInputStream(trustAnchor_SHA1withRSA_1024.getBytes()); - Certificate cert = cf.generateCertificate(is); - TrustAnchor anchor = new TrustAnchor((X509Certificate)cert, null); - anchors.add(anchor); - - is = new ByteArrayInputStream(trustAnchor_SHA1withRSA_512.getBytes()); - cert = cf.generateCertificate(is); - anchor = new TrustAnchor((X509Certificate)cert, null); - anchors.add(anchor); - - return anchors; - } - - private static CertStore generateCertificateStore() throws Exception { - Collection entries = new HashSet(); - - // generate certificate from certificate string - CertificateFactory cf = CertificateFactory.getInstance("X.509"); - - for (String key : certmap.keySet()) { - String certStr = certmap.get(key); - ByteArrayInputStream is = - new ByteArrayInputStream(certStr.getBytes());; - Certificate cert = cf.generateCertificate(is); - entries.add(cert); - } - - return CertStore.getInstance("Collection", - new CollectionCertStoreParameters(entries)); - } - - private static X509CertSelector generateSelector(String name) - throws Exception { - X509CertSelector selector = new X509CertSelector(); - - String certStr = certmap.get(name); - if (certStr == null) { - return null; - } - - // generate certificate from certificate string - CertificateFactory cf = CertificateFactory.getInstance("X.509"); - ByteArrayInputStream is = new ByteArrayInputStream(certStr.getBytes()); - X509Certificate target = (X509Certificate)cf.generateCertificate(is); - - selector.setCertificate(target); - - return selector; - } - - private static boolean match(String name, Certificate cert) - throws Exception { - X509CertSelector selector = new X509CertSelector(); - - String certStr = certmap.get(name); - if (certStr == null) { - return false; - } - - // generate certificate from certificate string - CertificateFactory cf = CertificateFactory.getInstance("X.509"); - ByteArrayInputStream is = new ByteArrayInputStream(certStr.getBytes()); - X509Certificate target = (X509Certificate)cf.generateCertificate(is); - - return target.equals(cert); - } - - public static void main(String args[]) throws Exception { - CertPathBuilder builder = CertPathBuilder.getInstance("PKIX"); - - X509CertSelector selector = generateSelector(args[0]); - if (selector == null) { - // no target certificate, ignore it - return; - } - - Set anchors = generateTrustAnchors(); - CertStore certs = generateCertificateStore(); - - PKIXBuilderParameters params = - new PKIXBuilderParameters(anchors, selector); - params.addCertStore(certs); - params.setRevocationEnabled(false); - params.setDate(new Date(114, 9, 1)); // 2014-09-01 - - boolean success = Boolean.valueOf(args[2]); - try { - PKIXCertPathBuilderResult result = - (PKIXCertPathBuilderResult)builder.build(params); - if (!success) { - throw new Exception("expected algorithm disabled exception"); - } - - int length = Integer.parseInt(args[1]); - List path = - result.getCertPath().getCertificates(); - if (length != path.size()) { - throw new Exception("unexpected certification path length"); - } - - if (!path.isEmpty()) { // the target is not a trust anchor - if (!match(args[0], path.get(0))) { - throw new Exception("unexpected certificate"); - } - } - } catch (CertPathBuilderException cpbe) { - if (success) { - throw new Exception("unexpected exception", cpbe); - } else { - System.out.println("Get the expected exception " + cpbe); - } - } - } - -} diff --git a/test/sun/security/provider/certpath/ReverseBuilder/ReverseBuild.java b/test/sun/security/provider/certpath/ReverseBuilder/ReverseBuild.java index abb18ebd4393b08d8a6cf5df1825e05604adeca8..21736eac623885b18ce8207be3d5396f153a7ced 100644 --- a/test/sun/security/provider/certpath/ReverseBuilder/ReverseBuild.java +++ b/test/sun/security/provider/certpath/ReverseBuilder/ReverseBuild.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -21,23 +21,15 @@ * questions. */ -// -// Security properties, once set, cannot revert to unset. To avoid -// conflicts with tests running in the same VM isolate this test by -// running it in otherVM mode. -// - /* * @test * @bug 7167988 * @summary PKIX CertPathBuilder in reverse mode doesn't work if more than * one trust anchor is specified - * @run main/othervm ReverseBuild */ import java.io.*; import java.util.*; import java.security.cert.*; -import java.security.Security; import sun.security.provider.certpath.SunCertPathBuilderParameters; @@ -287,9 +279,6 @@ public class ReverseBuild { public static void main(String args[]) throws Exception { - // MD5 is used in this test case, don't disable MD5 algorithm. - Security.setProperty( - "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024"); // generate certificate from cert string CertificateFactory cf = CertificateFactory.getInstance("X.509"); diff --git a/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLContextImpl/MD2InTrustAnchor.java b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLContextImpl/MD2InTrustAnchor.java index 9b695a2fc7b69e18447814e3d25df8e31434771c..464cf973dfc4ebb61e5aeaf5e5976c9868981966 100644 --- a/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLContextImpl/MD2InTrustAnchor.java +++ b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLContextImpl/MD2InTrustAnchor.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2011, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,15 +23,13 @@ * questions. */ -// -// SunJSSE does not support dynamic system properties, no way to re-use -// system properties in samevm/agentvm mode. -// - /* * @test * @bug 7113275 * @summary compatibility issue with MD2 trust anchor and old X509TrustManager + * + * SunJSSE does not support dynamic system properties, no way to re-use + * system properties in samevm/agentvm mode. * @run main/othervm MD2InTrustAnchor PKIX TLSv1.1 * @run main/othervm MD2InTrustAnchor SunX509 TLSv1.1 * @run main/othervm MD2InTrustAnchor PKIX TLSv1.2 @@ -42,7 +40,6 @@ import java.net.*; import java.util.*; import java.io.*; import javax.net.ssl.*; -import java.security.Security; import java.security.KeyStore; import java.security.KeyFactory; import java.security.cert.Certificate; @@ -286,10 +283,6 @@ public class MD2InTrustAnchor { volatile Exception clientException = null; public static void main(String[] args) throws Exception { - // MD5 is used in this test case, don't disable MD5 algorithm. - Security.setProperty( - "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024"); - if (debug) System.setProperty("javax.net.debug", "all"); diff --git a/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLContextImpl/TrustTrustedCert.java b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLContextImpl/TrustTrustedCert.java index 01fc5dc5d86aa217b1ba53584c272edd7d536196..19ab67153fda8f46e39cf0923aec8af579a60f81 100644 --- a/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLContextImpl/TrustTrustedCert.java +++ b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLContextImpl/TrustTrustedCert.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2011, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,15 +23,13 @@ * questions. */ -// -// SunJSSE does not support dynamic system properties, no way to re-use -// system properties in samevm/agentvm mode. -// - /* * @test * @bug 7113275 * @summary compatibility issue with MD2 trust anchor and old X509TrustManager + * + * SunJSSE does not support dynamic system properties, no way to re-use + * system properties in samevm/agentvm mode. * @run main/othervm TrustTrustedCert PKIX TLSv1.1 * @run main/othervm TrustTrustedCert SunX509 TLSv1.1 * @run main/othervm TrustTrustedCert PKIX TLSv1.2 @@ -338,10 +336,6 @@ public class TrustTrustedCert { volatile Exception clientException = null; public static void main(String[] args) throws Exception { - // MD5 is used in this test case, don't disable MD5 algorithm. - Security.setProperty( - "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024"); - if (debug) System.setProperty("javax.net.debug", "all"); diff --git a/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509KeyManager/PreferredKey.java b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509KeyManager/PreferredKey.java index 47e1e775856be4c76c045a63da07f1612a21e859..4ac150b42087cc25c58b6de6a8d90f5ca376d2a2 100644 --- a/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509KeyManager/PreferredKey.java +++ b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509KeyManager/PreferredKey.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -21,18 +21,11 @@ * questions. */ -// -// Security properties, once set, cannot revert to unset. To avoid -// conflicts with tests running in the same VM isolate this test by -// running it in otherVM mode. -// - /* * @test * @bug 6302644 * @summary X509KeyManager implementation for NewSunX509 doesn't return most * preferable key - * @run main/othervm PreferredKey */ import java.io.*; import java.net.*; @@ -56,10 +49,6 @@ public class PreferredKey { public static void main(String[] args) throws Exception { - // MD5 is used in this test case, don't disable MD5 algorithm. - Security.setProperty( - "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024"); - KeyStore ks; KeyManagerFactory kmf; X509KeyManager km; diff --git a/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/BasicConstraints.java b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/BasicConstraints.java index 4f64cd1b7580396435532463987930d8564ec66c..c333e6867a9e86654902c7fe2ec15f5dc6a3879e 100644 --- a/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/BasicConstraints.java +++ b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/BasicConstraints.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -21,16 +21,14 @@ * questions. */ -// -// SunJSSE does not support dynamic system properties, no way to re-use -// system properties in samevm/agentvm mode. -// - /* * @test * @bug 7166570 * @summary JSSE certificate validation has started to fail for * certificate chains + * + * SunJSSE does not support dynamic system properties, no way to re-use + * system properties in samevm/agentvm mode. * @run main/othervm BasicConstraints PKIX * @run main/othervm BasicConstraints SunX509 */ @@ -39,7 +37,6 @@ import java.net.*; import java.util.*; import java.io.*; import javax.net.ssl.*; -import java.security.Security; import java.security.KeyStore; import java.security.KeyFactory; import java.security.cert.*; @@ -457,10 +454,6 @@ public class BasicConstraints { volatile Exception clientException = null; public static void main(String args[]) throws Exception { - // MD5 is used in this test case, don't disable MD5 algorithm. - Security.setProperty( - "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024"); - if (debug) System.setProperty("javax.net.debug", "all"); diff --git a/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/PKIXExtendedTM.java b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/PKIXExtendedTM.java index 3b2587f6913b0080c7d688f6cda8feb0cbe443f7..aaf5fb2447d31016e6d7ca653161accf42689833 100644 --- a/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/PKIXExtendedTM.java +++ b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/PKIXExtendedTM.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -21,23 +21,21 @@ * questions. */ -// -// SunJSSE does not support dynamic system properties, no way to re-use -// system properties in samevm/agentvm mode. -// /* * @test * @bug 6916074 * @summary Add support for TLS 1.2 * @run main/othervm PKIXExtendedTM + * + * SunJSSE does not support dynamic system properties, no way to re-use + * system properties in samevm/agentvm mode. */ import java.net.*; import java.util.*; import java.io.*; import javax.net.ssl.*; -import java.security.Security; import java.security.KeyStore; import java.security.KeyFactory; import java.security.cert.Certificate; @@ -793,10 +791,6 @@ public class PKIXExtendedTM { volatile Exception clientException = null; public static void main(String args[]) throws Exception { - // MD5 is used in this test case, don't disable MD5 algorithm. - Security.setProperty( - "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024"); - if (debug) System.setProperty("javax.net.debug", "all"); diff --git a/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/SelfIssuedCert.java b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/SelfIssuedCert.java index a17541212b69f3dba67ab6e0fa586172b7625374..0d3abc6e636fcb3a301ececaf54fb2dce88e3337 100644 --- a/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/SelfIssuedCert.java +++ b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/SelfIssuedCert.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -21,17 +21,15 @@ * questions. */ -// -// SunJSSE does not support dynamic system properties, no way to re-use -// system properties in samevm/agentvm mode. -// - /* * @test * @bug 6822460 * @summary support self-issued certificate * @run main/othervm SelfIssuedCert PKIX * @run main/othervm SelfIssuedCert SunX509 + * + * SunJSSE does not support dynamic system properties, no way to re-use + * system properties in samevm/agentvm mode. * @author Xuelei Fan */ @@ -39,7 +37,6 @@ import java.net.*; import java.util.*; import java.io.*; import javax.net.ssl.*; -import java.security.Security; import java.security.KeyStore; import java.security.KeyFactory; import java.security.cert.Certificate; @@ -305,10 +302,6 @@ public class SelfIssuedCert { volatile Exception clientException = null; public static void main(String args[]) throws Exception { - // MD5 is used in this test case, don't disable MD5 algorithm. - Security.setProperty( - "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024"); - if (debug) System.setProperty("javax.net.debug", "all"); diff --git a/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/SunX509ExtendedTM.java b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/SunX509ExtendedTM.java index 54b2de892197fc5f7481b63fa0fd193dad51c030..561718fe59e59d2b281da01b562c27744acfde56 100644 --- a/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/SunX509ExtendedTM.java +++ b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/SunX509ExtendedTM.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -21,23 +21,20 @@ * questions. */ -// -// SunJSSE does not support dynamic system properties, no way to re-use -// system properties in samevm/agentvm mode. -// - /* * @test * @bug 6916074 * @summary Add support for TLS 1.2 * @run main/othervm SunX509ExtendedTM + * + * SunJSSE does not support dynamic system properties, no way to re-use + * system properties in samevm/agentvm mode. */ import java.net.*; import java.util.*; import java.io.*; import javax.net.ssl.*; -import java.security.Security; import java.security.KeyStore; import java.security.KeyFactory; import java.security.cert.Certificate; @@ -795,10 +792,6 @@ public class SunX509ExtendedTM { volatile Exception clientException = null; public static void main(String args[]) throws Exception { - // MD5 is used in this test case, don't disable MD5 algorithm. - Security.setProperty( - "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024"); - if (debug) System.setProperty("javax.net.debug", "all"); diff --git a/test/sun/security/ssl/com/sun/net/ssl/internal/www/protocol/https/HttpsURLConnection/CriticalSubjectAltName.java b/test/sun/security/ssl/com/sun/net/ssl/internal/www/protocol/https/HttpsURLConnection/CriticalSubjectAltName.java index f9abcd670b29e5f044355acc07c18943acb3b853..e01115224c51f901648f06fb53f179c04fe93c8a 100644 --- a/test/sun/security/ssl/com/sun/net/ssl/internal/www/protocol/https/HttpsURLConnection/CriticalSubjectAltName.java +++ b/test/sun/security/ssl/com/sun/net/ssl/internal/www/protocol/https/HttpsURLConnection/CriticalSubjectAltName.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2001, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2001, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -21,21 +21,18 @@ * questions. */ -// -// SunJSSE does not support dynamic system properties, no way to re-use -// system properties in samevm/agentvm mode. -// - /* * @test * @bug 6668231 * @summary Presence of a critical subjectAltName causes JSSE's SunX509 to * fail trusted checks * @run main/othervm CriticalSubjectAltName + * + * SunJSSE does not support dynamic system properties, no way to re-use + * system properties in samevm/agentvm mode. + * * @author Xuelei Fan - */ - -/* + * * This test depends on binary keystore, crisubn.jks and trusted.jks. Because * JAVA keytool cannot generate X509 certificate with SubjectAltName extension, * the certificates are generated with openssl toolkits and then imported into @@ -50,7 +47,6 @@ import java.io.*; import java.net.*; import javax.net.ssl.*; -import java.security.Security; import java.security.cert.Certificate; public class CriticalSubjectAltName implements HostnameVerifier { @@ -158,10 +154,6 @@ public class CriticalSubjectAltName implements HostnameVerifier { volatile Exception clientException = null; public static void main(String[] args) throws Exception { - // MD5 is used in this test case, don't disable MD5 algorithm. - Security.setProperty( - "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024"); - String keyFilename = System.getProperty("test.src", "./") + "/" + pathToStores + "/" + keyStoreFile; diff --git a/test/sun/security/ssl/javax/net/ssl/ServerName/SSLSocketSNISensitive.java b/test/sun/security/ssl/javax/net/ssl/ServerName/SSLSocketSNISensitive.java index ac4f8a11ab1b952ec01aa0f466ecad7411497d7e..42d0ce3534390b685d05ac06e321678eca11f2a5 100644 --- a/test/sun/security/ssl/javax/net/ssl/ServerName/SSLSocketSNISensitive.java +++ b/test/sun/security/ssl/javax/net/ssl/ServerName/SSLSocketSNISensitive.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -44,7 +44,6 @@ import java.net.*; import java.util.*; import java.io.*; import javax.net.ssl.*; -import java.security.Security; import java.security.KeyStore; import java.security.KeyFactory; import java.security.cert.Certificate; @@ -432,10 +431,6 @@ public class SSLSocketSNISensitive { volatile Exception clientException = null; public static void main(String[] args) throws Exception { - // MD5 is used in this test case, don't disable MD5 algorithm. - Security.setProperty( - "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024"); - if (debug) System.setProperty("javax.net.debug", "all"); diff --git a/test/sun/security/ssl/javax/net/ssl/TLSv11/EmptyCertificateAuthorities.java b/test/sun/security/ssl/javax/net/ssl/TLSv11/EmptyCertificateAuthorities.java index 3b11d2a59a7f4b76906cd7024c892c605f315317..07503cb7c0353221c3098db69e7516d9beda8eac 100644 --- a/test/sun/security/ssl/javax/net/ssl/TLSv11/EmptyCertificateAuthorities.java +++ b/test/sun/security/ssl/javax/net/ssl/TLSv11/EmptyCertificateAuthorities.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,16 +23,15 @@ * questions. */ -// -// SunJSSE does not support dynamic system properties, no way to re-use -// system properties in samevm/agentvm mode. -// - /* * @test * @bug 4873188 * @summary Support TLS 1.1 * @run main/othervm EmptyCertificateAuthorities + * + * SunJSSE does not support dynamic system properties, no way to re-use + * system properties in samevm/agentvm mode. + * * @author Xuelei Fan */ @@ -229,10 +228,6 @@ public class EmptyCertificateAuthorities { volatile Exception clientException = null; public static void main(String[] args) throws Exception { - // MD5 is used in this test case, don't disable MD5 algorithm. - Security.setProperty( - "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024"); - String keyFilename = System.getProperty("test.src", ".") + "/" + pathToStores + "/" + keyStoreFile; diff --git a/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/DNSIdentities.java b/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/DNSIdentities.java index b5295f31cf59c1009c2d11b818a2619cf36c5ff4..4e740fa4d841c8264d4bf45c72510ab993ec58ee 100644 --- a/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/DNSIdentities.java +++ b/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/DNSIdentities.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -21,15 +21,13 @@ * questions. */ -// -// SunJSSE does not support dynamic system properties, no way to re-use -// system properties in samevm/agentvm mode. -// - /* @test * @bug 6766775 * @summary X509 certificate hostname checking is broken in JDK1.6.0_10 * @run main/othervm DNSIdentities + * + * SunJSSE does not support dynamic system properties, no way to re-use + * system properties in samevm/agentvm mode. * @author Xuelei Fan */ @@ -37,7 +35,6 @@ import java.net.*; import java.util.*; import java.io.*; import javax.net.ssl.*; -import java.security.Security; import java.security.KeyStore; import java.security.KeyFactory; import java.security.cert.Certificate; @@ -746,10 +743,6 @@ public class DNSIdentities { volatile Exception clientException = null; public static void main(String args[]) throws Exception { - // MD5 is used in this test case, don't disable MD5 algorithm. - Security.setProperty( - "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024"); - if (debug) System.setProperty("javax.net.debug", "all"); diff --git a/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/IPAddressIPIdentities.java b/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/IPAddressIPIdentities.java index bbf6892c43b6e33c26a6357a0c65de7e3284eab2..2fc92a254c9cdfb1d86c7e5eff2cfa10097881aa 100644 --- a/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/IPAddressIPIdentities.java +++ b/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/IPAddressIPIdentities.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -21,15 +21,13 @@ * questions. */ -// -// SunJSSE does not support dynamic system properties, no way to re-use -// system properties in samevm/agentvm mode. -// - /* @test * @summary X509 certificate hostname checking is broken in JDK1.6.0_10 * @bug 6766775 * @run main/othervm IPAddressIPIdentities + * + * SunJSSE does not support dynamic system properties, no way to re-use + * system properties in samevm/agentvm mode. * @author Xuelei Fan */ @@ -37,7 +35,6 @@ import java.net.*; import java.util.*; import java.io.*; import javax.net.ssl.*; -import java.security.Security; import java.security.KeyStore; import java.security.KeyFactory; import java.security.cert.Certificate; @@ -747,10 +744,6 @@ public class IPAddressIPIdentities { volatile Exception clientException = null; public static void main(String args[]) throws Exception { - // MD5 is used in this test case, don't disable MD5 algorithm. - Security.setProperty( - "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024"); - if (debug) System.setProperty("javax.net.debug", "all"); diff --git a/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/IPIdentities.java b/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/IPIdentities.java index c0d897b5faca2913887636289eed5c58ea521136..1d93e9c6ed6ceab6546314ed6f8da6efaca41cdd 100644 --- a/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/IPIdentities.java +++ b/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/IPIdentities.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -21,15 +21,13 @@ * questions. */ -// -// SunJSSE does not support dynamic system properties, no way to re-use -// system properties in samevm/agentvm mode. -// - /* @test * @summary X509 certificate hostname checking is broken in JDK1.6.0_10 * @bug 6766775 * @run main/othervm IPIdentities + * + * SunJSSE does not support dynamic system properties, no way to re-use + * system properties in samevm/agentvm mode. * @author Xuelei Fan */ @@ -37,7 +35,6 @@ import java.net.*; import java.util.*; import java.io.*; import javax.net.ssl.*; -import java.security.Security; import java.security.KeyStore; import java.security.KeyFactory; import java.security.cert.Certificate; @@ -746,10 +743,6 @@ public class IPIdentities { volatile Exception clientException = null; public static void main(String args[]) throws Exception { - // MD5 is used in this test case, don't disable MD5 algorithm. - Security.setProperty( - "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024"); - if (debug) System.setProperty("javax.net.debug", "all"); diff --git a/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/Identities.java b/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/Identities.java index 55dfb1c04dcca30d208e1006410232bf437fa080..e7396d5f339e2621eaf490365830e7852499dfd3 100644 --- a/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/Identities.java +++ b/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/Identities.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -21,15 +21,13 @@ * questions. */ -// -// SunJSSE does not support dynamic system properties, no way to re-use -// system properties in samevm/agentvm mode. -// - /* @test * @bug 6766775 * @summary X509 certificate hostname checking is broken in JDK1.6.0_10 * @run main/othervm Identities + * + * SunJSSE does not support dynamic system properties, no way to re-use + * system properties in samevm/agentvm mode. * @author Xuelei Fan */ @@ -37,7 +35,6 @@ import java.net.*; import java.util.*; import java.io.*; import javax.net.ssl.*; -import java.security.Security; import java.security.KeyStore; import java.security.KeyFactory; import java.security.cert.Certificate; @@ -746,10 +743,6 @@ public class Identities { volatile Exception clientException = null; public static void main(String args[]) throws Exception { - // MD5 is used in this test case, don't disable MD5 algorithm. - Security.setProperty( - "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024"); - if (debug) System.setProperty("javax.net.debug", "all");