comments

myankelev · myankelev · commit b62fc9aad01c · 2025-10-20T21:16:21.000+01:00
diff --git a/src/java.base/share/classes/sun/security/ssl/X509KeyManagerImpl.java b/src/java.base/share/classes/sun/security/ssl/X509KeyManagerImpl.java
@@ -224,11 +224,11 @@ private PrivateKeyEntry getEntry(String alias) {
         int firstDot = alias.indexOf('.');
         int secondDot = alias.indexOf('.', firstDot + 1);
 
-        if (firstDot < 1 ||
-            secondDot - firstDot < 2 ||
-            alias.length() - secondDot < 2) {
+        if ((firstDot < 1)
+                || (secondDot - firstDot < 2)
+                || (alias.length() - secondDot < 2)) {
 
-            if (SSLLogger.isOn && SSLLogger.isOn("keymanager")) {
+            if (SSLLogger.isOn && SSLLogger.isOn("ssl,keymanager")) {
                 SSLLogger.warning("Invalid alias format: " + alias);
             }
             return null;
@@ -255,7 +255,7 @@ private PrivateKeyEntry getEntry(String alias) {
                  NoSuchAlgorithmException |
                  IndexOutOfBoundsException e) {
             // ignore and only log exception
-            if (SSLLogger.isOn && SSLLogger.isOn("keymanager")) {
+            if (SSLLogger.isOn && SSLLogger.isOn("ssl,keymanager")) {
                 SSLLogger.warning("Exception thrown while getting an alias " +
                                   alias + ": " + e);
             }
diff --git a/test/jdk/sun/security/ssl/X509KeyManager/NullCases.java b/test/jdk/sun/security/ssl/X509KeyManager/NullCases.java
@@ -37,8 +37,7 @@
  * @library /test/lib /test/jdk/java/net/httpclient/lib
  * @modules java.base/sun.security.x509
  *
- * @run junit NullCases
- * @run junit/othervm -Djavax.net.debug=ssl:keymanager -Darg=debug NullCases
+ * @run junit/othervm -Djavax.net.debug=ssl:keymanager NullCases
  */
 
 import jdk.test.lib.Asserts;
@@ -61,29 +60,25 @@
 import static jdk.httpclient.test.lib.common.DynamicKeyStoreUtil.generateCert;
 import static jdk.httpclient.test.lib.common.DynamicKeyStoreUtil.generateKeyStore;
 import static jdk.httpclient.test.lib.common.DynamicKeyStoreUtil.generateRSAKeyPair;
-import static org.junit.jupiter.api.Assumptions.assumeFalse;
 
 
 public class NullCases {
-    private static final String KEY_MGR_EXCEPTION_MESSAGE = "Exception thrown while getting an alias";
+    private static final String KEY_MGR_EXCEPTION_MESSAGE =
+            "Exception thrown while getting an alias";
 
-    private static boolean isDebugLogging;
     private static KeyManagerFactory kmf;
     private static X509KeyManager km;
     private final PrintStream initialErrStream = System.err;
 
     @BeforeAll
     public static void beforeAll() throws Exception {
-        final String arg = System.getProperty("arg");
-        isDebugLogging = arg != null && arg.equals("debug");
-
         kmf = KeyManagerFactory.getInstance("NewSunX509");
 
         // creating a new keystore
         final SecureRandom secureRandom = new SecureRandom();
         final KeyPair keyPair = generateRSAKeyPair(secureRandom);
-        final X509Certificate originServerCert = generateCert(keyPair, secureRandom,
-                "subject");
+        final X509Certificate originServerCert =
+                generateCert(keyPair, secureRandom, "subject");
         final KeyStore ks = generateKeyStore(keyPair.getPrivate(),
                 new Certificate[]{originServerCert});
 
@@ -100,15 +95,13 @@ private X509KeyManager generateNullKm() throws Exception {
     @Test
     public void JDK6302126Test() throws Exception {
         // check for bug 6302126
-        assumeFalse(isDebugLogging);
 
         generateNullKm();
     }
 
     @Test
     public void JDK6302304Test() throws Exception {
         // check for bug 6302304
-        assumeFalse(isDebugLogging);
 
         final X509KeyManager km = generateNullKm();
 
@@ -123,24 +116,29 @@ public void JDK6302304Test() throws Exception {
     @Test
     public void JDK6302321Test() {
         // check for bug 6302321
-        assumeFalse(isDebugLogging);
 
-        final X509Certificate[] certs = km.getCertificateChain("doesnotexist");
+        final X509Certificate[] certs =
+                km.getCertificateChain("doesnotexist");
         final PrivateKey priv = km.getPrivateKey("doesnotexist");
-        Asserts.assertNull(certs, "Should return null if the alias can't be found");
-        Asserts.assertNull(priv, "Should return null if the alias can't be found");
+        Asserts.assertNull(certs,
+                "Should return null if the alias can't be found");
+        Asserts.assertNull(priv,
+                "Should return null if the alias can't be found");
     }
 
     @Test
     public void JDK6302271Test() {
         // check for 6302271
-        assumeFalse(isDebugLogging);
 
-        final String[] clis = km.getClientAliases("doesnotexist", null);
-        Asserts.assertFalse((clis != null && clis.length == 0), "Should return null instead of empty array");
+        final String[] clis =
+                km.getClientAliases("doesnotexist", null);
+        Asserts.assertFalse((clis != null && clis.length == 0),
+                "Should return null instead of empty array");
 
-        final String[] srvs = km.getServerAliases("doesnotexist", null);
-        Asserts.assertFalse((srvs != null && srvs.length == 0), "Should return null instead of empty array");
+        final String[] srvs =
+                km.getServerAliases("doesnotexist", null);
+        Asserts.assertFalse((srvs != null && srvs.length == 0),
+                "Should return null instead of empty array");
     }
 
     /**
@@ -157,13 +155,13 @@ private ByteArrayOutputStream replaceSystemError() {
 
     @Test
     public void incompleteChainAndKeyTest() {
-        assumeFalse(isDebugLogging);
-
         final X509Certificate[] certs = km.getCertificateChain("1.1");
         final PrivateKey priv = km.getPrivateKey("1.1");
 
-        Asserts.assertNull(certs, "Should return null if the alias can't be found");
-        Asserts.assertNull(priv, "Should return null if the alias can't be found");
+        Asserts.assertNull(certs,
+                "Should return null if the alias can't be found");
+        Asserts.assertNull(priv,
+                "Should return null if the alias can't be found");
     }
 
     @Test
@@ -174,60 +172,72 @@ public void nonexistentBuilderTest() {
         final X509Certificate[] certs = km.getCertificateChain("RSA.1.1");
         final PrivateKey priv = km.getPrivateKey("RSA.1.1");
 
-        Asserts.assertNull(certs, "Should return null if the alias can't be found");
-        Asserts.assertNull(priv, "Should return null if the alias can't be found");
+        Asserts.assertNull(certs,
+                "Should return null if the alias can't be found");
+        Asserts.assertNull(priv,
+                "Should return null if the alias can't be found");
 
         System.setErr(initialErrStream);
         System.err.println(" => nonexistentBuilderTest: \n" + outputStream);
 
-        Asserts.assertFalse(isDebugLogging && !outputStream.toString().contains(KEY_MGR_EXCEPTION_MESSAGE),
+        Asserts.assertFalse(
+                !outputStream.toString().contains(KEY_MGR_EXCEPTION_MESSAGE),
                 "No log triggered");
     }
 
     @Test
     public void nonexistentKSTest() {
-        assumeFalse(isDebugLogging);
 
         final X509Certificate[] certs = km.getCertificateChain("RSA.0.1");
         final PrivateKey priv = km.getPrivateKey("RSA.0.1");
 
-        Asserts.assertNull(certs, "Should return null if the alias can't be found");
-        Asserts.assertNull(priv, "Should return null if the alias can't be found");
+        Asserts.assertNull(certs,
+                "Should return null if the alias can't be found");
+        Asserts.assertNull(priv,
+                "Should return null if the alias can't be found");
     }
 
     @Test
     public void wrongNumberFormatTest() {
         // recording logs to the output stream
         final ByteArrayOutputStream outputStream = replaceSystemError();
-        final X509Certificate[] certs = km.getCertificateChain("RSA.not.exist");
+        final X509Certificate[] certs =
+                km.getCertificateChain("RSA.not.exist");
         final PrivateKey priv = km.getPrivateKey("RSA.not.exist");
 
-        Asserts.assertNull(certs, "Should return null if the alias can't be found");
-        Asserts.assertNull(priv, "Should return null if the alias can't be found");
+        Asserts.assertNull(certs,
+                "Should return null if the alias can't be found");
+        Asserts.assertNull(priv,
+                "Should return null if the alias can't be found");
 
         System.setErr(initialErrStream);
         System.err.println(" => wrongNumberFormatTest: \n" + outputStream);
 
-        Asserts.assertFalse(isDebugLogging && !outputStream.toString().contains(KEY_MGR_EXCEPTION_MESSAGE),
+        Asserts.assertFalse(
+                !outputStream.toString().contains(KEY_MGR_EXCEPTION_MESSAGE),
                 "No log triggered");
 
     }
 
     @ParameterizedTest
-    @ValueSource(strings = {"..1", ".9.123456789"})
+    @ValueSource(strings = {"1..",".1.", "..1", ".9.123456789"})
     public void invalidAliasTest(final String alias) {
         // recording logs to the output stream
         final ByteArrayOutputStream outputStream = replaceSystemError();
         final X509Certificate[] certs = km.getCertificateChain(alias);
         final PrivateKey priv = km.getPrivateKey(alias);
 
-        Asserts.assertNull(certs, "Should return null if the alias can't be found");
-        Asserts.assertNull(priv, "Should return null if the alias can't be found");
+        Asserts.assertNull(certs,
+                "Should return null if the alias can't be found");
+        Asserts.assertNull(priv,
+                "Should return null if the alias can't be found");
 
         System.setErr(initialErrStream);
-        System.err.println(" => wrongNumberFormatTest alias<" + alias + ">: \n" + outputStream);
+        System.err.println(" => wrongNumberFormatTest alias<" + alias + ">: \n"
+                           + outputStream);
 
-        Asserts.assertFalse(isDebugLogging && !outputStream.toString().contains("Invalid alias format:"),
+        Asserts.assertFalse(!outputStream.toString()
+                            .contains("Invalid alias format:"),
                 "No log triggered");
 
     }
diff --git a/test/jdk/sun/security/ssl/X509KeyManager/X509KeyManagerNegativeTests.java b/test/jdk/sun/security/ssl/X509KeyManager/X509KeyManagerNegativeTests.java
@@ -35,6 +35,7 @@
 import java.security.Key;
 import java.security.KeyStore;
 import java.security.KeyStoreSpi;
+import java.security.Provider;
 import java.security.Security;
 import java.security.cert.Certificate;
 import java.util.ConcurrentModificationException;
@@ -56,15 +57,19 @@ public static void beforeAll() throws Exception {
 
         // initialising exception throwing ks
         // cleaned up after the tests are complete
-        final KeyManagerFactory exceptionThrowingKMF = KeyManagerFactory.getInstance("NewSunX509");
+        final KeyManagerFactory exceptionThrowingKMF =
+                KeyManagerFactory.getInstance("NewSunX509");
 
         // adding dummy provider
         Security.addProvider(new MyCustomKSProvider());
-        final KeyStore exceptionThrowingKS = KeyStore.getInstance("MyExceptionKS");
+        final KeyStore exceptionThrowingKS =
+                KeyStore.getInstance("MyExceptionKS");
         exceptionThrowingKS.load(null, null);
 
-        exceptionThrowingKMF.init((KeyStore) exceptionThrowingKS, null);
-        exceptionThrowingKM = (X509KeyManager) exceptionThrowingKMF.getKeyManagers()[0];
+        exceptionThrowingKMF
+                .init((KeyStore) exceptionThrowingKS, null);
+        exceptionThrowingKM =
+                (X509KeyManager) exceptionThrowingKMF.getKeyManagers()[0];
     }
 
     @AfterAll
@@ -82,17 +87,20 @@ public void ksExceptionTest() {
                 () -> exceptionThrowingKM.getPrivateKey("RSA.0.0"));
     }
 
-    public static class MyCustomKSProvider extends java.security.Provider {
+    public static class MyCustomKSProvider extends Provider {
         public MyCustomKSProvider() {
-            super("MyCustomKSProvider", 1.0, "My Custom KS Provider");
+            super("MyCustomKSProvider",
+                    "1.0",
+                    "My Custom KS Provider");
             put("KeyStore.MyExceptionKS", MyExceptionKS.class.getName());
         }
     }
 
     public static class MyExceptionKS extends KeyStoreSpi {
 
         @Override
-        public KeyStore.Entry engineGetEntry(String alias, KeyStore.ProtectionParameter param) {
+        public KeyStore.Entry engineGetEntry(String alias,
+                                             KeyStore.ProtectionParameter param) {
             throw new ConcurrentModificationException("getEntry exception");
         }
 
@@ -155,15 +163,21 @@ public void engineLoad(InputStream stream, char[] password) {
         }
 
         @Override
-        public void engineSetKeyEntry(String alias, Key key, char[] password, Certificate[] chain) {
+        public void engineSetKeyEntry(String alias,
+                                      Key key,
+                                      char[] password,
+                                      Certificate[] chain) {
         }
 
         @Override
-        public void engineSetKeyEntry(String alias, byte[] key, Certificate[] chain) {
+        public void engineSetKeyEntry(String alias,
+                                      byte[] key,
+                                      Certificate[] chain) {
         }
 
         @Override
-        public void engineSetCertificateEntry(String alias, Certificate cert) {
+        public void engineSetCertificateEntry(String alias,
+                                              Certificate cert) {
         }
 
         @Override
