8341927: Replace hardcoded security providers with new test.provider.name system property

8343848: Fix typo of property name in TestOAEPPadding after 8341927

Reviewed-by: lucy
Backport-of: 9a9ac1d0059438d33fe69ef51265dc7cff6ad2bd

Author: GoeLin

doc/testing.html

@@ -72,6 +72,9 @@ <h1 class="title">Testing the JDK</h1>
 <li><a href="#non-us-locale" id="toc-non-us-locale">Non-US
 locale</a></li>
 <li><a href="#pkcs11-tests" id="toc-pkcs11-tests">PKCS11 Tests</a></li>
+<li><a href="#testing-with-alternative-security-providers"
+id="toc-testing-with-alternative-security-providers">Testing with
+alternative security providers</a></li>
 <li><a href="#client-ui-tests" id="toc-client-ui-tests">Client UI
 Tests</a></li>
 </ul></li>
@@ -589,6 +592,18 @@ <h3 id="pkcs11-tests">PKCS11 Tests</h3>
     JTREG=&quot;JAVA_OPTIONS=-Djdk.test.lib.artifacts.nsslib-linux_aarch64=/path/to/NSS-libs&quot;</code></pre>
 <p>For more notes about the PKCS11 tests, please refer to
 test/jdk/sun/security/pkcs11/README.</p>
+<h3 id="testing-with-alternative-security-providers">Testing with
+alternative security providers</h3>
+<p>Some security tests use a hardcoded provider for
+<code>KeyFactory</code>, <code>Cipher</code>,
+<code>KeyPairGenerator</code>, <code>KeyGenerator</code>,
+<code>AlgorithmParameterGenerator</code>, <code>KeyAgreement</code>,
+<code>Mac</code>, <code>MessageDigest</code>, <code>SecureRandom</code>,
+<code>Signature</code>, <code>AlgorithmParameters</code>,
+<code>Configuration</code>, <code>Policy</code>, or
+<code>SecretKeyFactory</code> objects. Specify the
+<code>-Dtest.provider.name=NAME</code> property to use a different
+provider for the service(s).</p>
 <h3 id="client-ui-tests">Client UI Tests</h3>
 <h4 id="system-key-shortcuts">System key shortcuts</h4>
 <p>Some Client UI tests use key sequences which may be reserved by the

doc/testing.md

@@ -615,6 +615,15 @@ $ make test TEST="jtreg:sun/security/pkcs11/Secmod/AddTrustedCert.java" \
 For more notes about the PKCS11 tests, please refer to
 test/jdk/sun/security/pkcs11/README.
 
+### Testing with alternative security providers
+
+Some security tests use a hardcoded provider for `KeyFactory`, `Cipher`,
+`KeyPairGenerator`, `KeyGenerator`, `AlgorithmParameterGenerator`,
+`KeyAgreement`, `Mac`, `MessageDigest`, `SecureRandom`, `Signature`,
+`AlgorithmParameters`, `Configuration`, `Policy`, or `SecretKeyFactory` objects.
+Specify the `-Dtest.provider.name=NAME` property to use a different provider for
+the service(s).
+
 ### Client UI Tests
 
 #### System key shortcuts

test/jdk/com/sun/crypto/provider/CICO/CICODESFuncTest.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -66,7 +66,8 @@ public class CICODESFuncTest {
     private static final int IV_LENGTH = 8;
 
     public static void main(String[] args) throws Exception {
-        Provider provider = Security.getProvider("SunJCE");
+        Provider provider = Security.getProvider(
+                                    System.getProperty("test.provider.name", "SunJCE"));
         if (provider == null) {
             throw new RuntimeException("SunJCE provider does not exist.");
         }

test/jdk/com/sun/crypto/provider/CICO/CICOSkipTest.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -204,9 +204,10 @@ private void initCiphers(String algo, SecretKey key,
             AlgorithmParameterSpec aps) throws NoSuchAlgorithmException,
             NoSuchPaddingException, InvalidKeyException,
             InvalidAlgorithmParameterException {
-        Provider provider = Security.getProvider("SunJCE");
+        String providerName = System.getProperty("test.provider.name", "SunJCE");
+        Provider provider = Security.getProvider(providerName);
         if (provider == null) {
-            throw new RuntimeException("SunJCE provider does not exist.");
+            throw new RuntimeException(providerName + " provider does not exist.");
         }
         Cipher ci1 = Cipher.getInstance(algo, provider);
         ci1.init(Cipher.ENCRYPT_MODE, key, aps);

test/jdk/com/sun/crypto/provider/CICO/PBEFunc/AESPBEWrapper.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -69,9 +69,10 @@ public AESPBEWrapper(PBEAlgorithm algo, String passwd)
      */
     @Override
     protected Cipher initCipher(int mode) throws GeneralSecurityException {
-        Provider provider = Security.getProvider("SunJCE");
+        String providerName = System.getProperty("test.provider.name", "SunJCE");
+        Provider provider = Security.getProvider(providerName);
         if (provider == null) {
-            throw new RuntimeException("SunJCE provider does not exist.");
+            throw new RuntimeException(providerName + ": provider does not exist.");
         }
         // get Cipher instance
         Cipher ci = Cipher.getInstance(transformation, provider);

test/jdk/com/sun/crypto/provider/CICO/PBEFunc/DefaultPBEWrapper.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -58,9 +58,10 @@ public DefaultPBEWrapper(PBEAlgorithm algo, String passwd) {
      */
     @Override
     protected Cipher initCipher(int mode) throws  GeneralSecurityException {
-        Provider provider = Security.getProvider("SunJCE");
+        String providerName = System.getProperty("test.provider.name", "SunJCE");
+        Provider provider = Security.getProvider(providerName);
         if (provider == null) {
-            throw new RuntimeException("SunJCE provider does not exist.");
+            throw new RuntimeException(providerName + ": provider does not exist.");
         }
         SecretKey key = SecretKeyFactory.getInstance(baseAlgo)
                 .generateSecret(new PBEKeySpec(password.toCharArray()));

test/jdk/com/sun/crypto/provider/CICO/PBEFunc/PBKDF2Wrapper.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -89,9 +89,10 @@ public PBKDF2Wrapper(PBEAlgorithm algo, String passwd)
      */
     @Override
     protected Cipher initCipher(int mode) throws GeneralSecurityException {
-        Provider provider = Security.getProvider("SunJCE");
+        String providerName = System.getProperty("test.provider.name", "SunJCE");
+        Provider provider = Security.getProvider(providerName);
         if (provider == null) {
-            throw new RuntimeException("SunJCE provider does not exist.");
+            throw new RuntimeException(providerName + ": provider does not exist.");
         }
         // Generate secret key
         PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray(),

test/jdk/com/sun/crypto/provider/Cipher/AEAD/Encrypt.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -122,7 +122,8 @@ public Encrypt(Provider provider, String algorithm, String mode,
     }
 
     public static void main(String[] args) throws Exception {
-        Provider p = Security.getProvider("SunJCE");
+        Provider p = Security.getProvider(
+                System.getProperty("test.provider.name", "SunJCE"));
         for (String alg : ALGORITHMS) {
             for (int keyStrength : KEY_STRENGTHS) {
                 if (keyStrength > Cipher.getMaxAllowedKeyLength(alg)) {

test/jdk/com/sun/crypto/provider/Cipher/AEAD/GCMLargeDataKAT.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2019, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -102,7 +102,8 @@ public class GCMLargeDataKAT {
 
     byte[] encrypt(int inLen) {
         try {
-            cipher = Cipher.getInstance("AES/GCM/NoPadding", "SunJCE");
+            cipher = Cipher.getInstance("AES/GCM/NoPadding",
+                    System.getProperty("test.provider.name", "SunJCE"));
             cipher.init(Cipher.ENCRYPT_MODE, key, spec);
             return cipher.doFinal(plaintext, 0, inLen);
         } catch (Exception e) {
@@ -125,7 +126,8 @@ boolean decrypt(byte[] data) {
             return false;
         }
         try {
-            cipher = Cipher.getInstance("AES/GCM/NoPadding", "SunJCE");
+            cipher = Cipher.getInstance("AES/GCM/NoPadding",
+                    System.getProperty("test.provider.name", "SunJCE"));
             cipher.init(Cipher.DECRYPT_MODE, key, spec);
             result = cipher.doFinal(data);
         } catch (Exception e) {

test/jdk/com/sun/crypto/provider/Cipher/AEAD/GCMParameterSpecTest.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -87,7 +87,8 @@ public GCMParameterSpecTest(int keyLength, int tagLength, int IVlength,
         AAD = Helper.generateBytes(AADLength);
 
         // init a secret key
-        KeyGenerator kg = KeyGenerator.getInstance("AES", "SunJCE");
+        KeyGenerator kg = KeyGenerator.getInstance("AES",
+                System.getProperty("test.provider.name", "SunJCE"));
         kg.init(keyLength);
         key = kg.generateKey();
     }
@@ -211,7 +212,8 @@ private byte[] recoverCipherText(byte[] cipherText, GCMParameterSpec spec)
 
     private Cipher createCipher(int mode, GCMParameterSpec spec)
             throws Exception {
-        Cipher cipher = Cipher.getInstance(TRANSFORMATION, "SunJCE");
+        Cipher cipher = Cipher.getInstance(TRANSFORMATION,
+                System.getProperty("test.provider.name", "SunJCE"));
         cipher.init(mode, key, spec);
         return cipher;
     }