Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/test/javax/crypto/CryptoPermission/CryptoPolicyFallback.java
38840 views
/*1* Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation. Oracle designates this7* particular file as subject to the "Classpath" exception as provided8* by Oracle in the LICENSE file that accompanied this code.9*10* This code is distributed in the hope that it will be useful, but WITHOUT11* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or12* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License13* version 2 for more details (a copy is included in the LICENSE file that14* accompanied this code).15*16* You should have received a copy of the GNU General Public License version17* 2 along with this work; if not, write to the Free Software Foundation,18* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.19*20* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA21* or visit www.oracle.com if you need additional information or have any22* questions.23*/2425/**26* @test27* @bug 816933528* @summary Add a crypto policy fallback in case Security Property29* 'crypto.policy' does not exist.30* @run main/othervm CryptoPolicyFallback31*/32import java.io.*;33import java.nio.file.*;34import java.util.stream.*;35import javax.crypto.*;3637/*38* Take the current java.security file, strip out the 'crypto.policy' entry,39* write to a new file in the current directory, then use that file as the40* replacement java.security file. This test will fail if the crypto.policy41* entry doesn't match the compiled in value.42*/43public class CryptoPolicyFallback {4445private static final String FILENAME = "java.security";4647public static void main(String[] args) throws Exception {4849String javaHome = System.getProperty("java.home");5051Path path = Paths.get(javaHome, "lib", "security", FILENAME);5253/*54* Get the default value.55*/56String defaultPolicy;57try (Stream<String> lines = Files.lines(path)) {58/*59* If the input java.security file is malformed60* (missing crypto.policy, attribute/no value, etc), throw61* exception. split() might throw AIOOB which62* is ok behavior.63*/64String s = lines.filter(x -> x.startsWith("crypto.policy="))65.findFirst().orElse("");66if (!s.isEmpty()) {67defaultPolicy = s.split("=")[1].trim();68} else {69defaultPolicy = s;70}71}7273/*74* We know there is at least one crypto.policy entry, strip75* all of them out of the java.security file.76*/77try (PrintWriter out = new PrintWriter(FILENAME);78Stream<String> lines = Files.lines(path)) {79lines.filter(x -> !x.trim().startsWith("crypto.policy="))80.forEach(out::println);81}8283/*84* "-Djava.security.properties==file" does a complete replacement85* of the system java.security file. i.e. value must be "=file"86*/87System.setProperty("java.security.properties", "=" + FILENAME);8889/*90* Find out expected value.91*/92int expected;93switch (defaultPolicy) {94case "limited":95expected = 128;96break;97case "":98case "unlimited":99expected = Integer.MAX_VALUE;100break;101default:102throw new Exception(103"Unexpected Default Policy Value: " + defaultPolicy);104}105106/*107* Do the actual check. If the JCE Framework can't initialize108* an Exception is normally thrown here.109*/110int maxKeyLen = Cipher.getMaxAllowedKeyLength("AES");111112System.out.println("Default Policy: " + defaultPolicy113+ "\nExpected max AES key length: " + expected114+ ", received : " + maxKeyLen);115116if (expected != maxKeyLen) {117throw new Exception("Wrong Key Length size!");118}119120System.out.println("PASSED!");121}122}123124125