diff --git a/.github/actions/do-build/action.yml b/.github/actions/do-build/action.yml index 3deb7f4b8f8..79eddf8c70f 100644 --- a/.github/actions/do-build/action.yml +++ b/.github/actions/do-build/action.yml @@ -66,7 +66,7 @@ runs: shell: bash - name: 'Upload build logs' - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: failure-logs-${{ inputs.platform }}${{ inputs.debug-suffix }} path: failure-logs @@ -74,7 +74,7 @@ runs: # This is the best way I found to abort the job with an error message - name: 'Notify about build failures' - uses: actions/github-script@v6 + uses: actions/github-script@v7 with: script: core.setFailed('Build failed. See summary for details.') if: steps.check.outputs.failure == 'true' diff --git a/.github/actions/get-bootjdk/action.yml b/.github/actions/get-bootjdk/action.yml index 19c3a0128f4..25ee1d8dfa0 100644 --- a/.github/actions/get-bootjdk/action.yml +++ b/.github/actions/get-bootjdk/action.yml @@ -1,5 +1,5 @@ # -# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2022, 2023, Oracle and/or its affiliates. All rights reserved. # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. # # This code is free software; you can redistribute it and/or modify it @@ -65,7 +65,7 @@ runs: - name: 'Check cache for BootJDK' id: get-cached-bootjdk - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: bootjdk/jdk key: boot-jdk-${{ inputs.platform }}-${{ steps.sha256.outputs.value }} @@ -104,6 +104,6 @@ runs: - name: 'Export path to where BootJDK is installed' id: path-name run: | - # Export the path - echo 'path=bootjdk/jdk' >> $GITHUB_OUTPUT + # Export the absolute path + echo "path=`pwd`/bootjdk/jdk" >> $GITHUB_OUTPUT shell: bash diff --git a/.github/actions/get-bundles/action.yml b/.github/actions/get-bundles/action.yml index 956e1520cfb..0e52320a350 100644 --- a/.github/actions/get-bundles/action.yml +++ b/.github/actions/get-bundles/action.yml @@ -48,14 +48,14 @@ runs: steps: - name: 'Download bundles artifact' id: download-bundles - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4 with: name: bundles-${{ inputs.platform }}${{ inputs.debug-suffix }} path: bundles continue-on-error: true - name: 'Download bundles artifact (retry)' - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4 with: name: bundles-${{ inputs.platform }}${{ inputs.debug-suffix }} path: bundles diff --git a/.github/actions/get-jtreg/action.yml b/.github/actions/get-jtreg/action.yml index 7c49b1054ec..b0ef654dbed 100644 --- a/.github/actions/get-jtreg/action.yml +++ b/.github/actions/get-jtreg/action.yml @@ -1,5 +1,5 @@ # -# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved. # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. # # This code is free software; you can redistribute it and/or modify it @@ -41,13 +41,13 @@ runs: - name: 'Check cache for JTReg' id: get-cached-jtreg - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: jtreg/installed key: jtreg-${{ steps.version.outputs.value }} - name: 'Checkout the JTReg source' - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: repository: openjdk/jtreg ref: jtreg-${{ steps.version.outputs.value }} @@ -57,7 +57,7 @@ runs: - name: 'Build JTReg' run: | # Build JTReg and move files to the proper locations - bash make/build.sh --jdk "$JAVA_HOME_11_X64" + bash make/build.sh --jdk "$JAVA_HOME_17_X64" mkdir ../installed mv build/images/jtreg/* ../installed working-directory: jtreg/src diff --git a/.github/actions/get-msys2/action.yml b/.github/actions/get-msys2/action.yml index 3e6c3417a31..843b77ac064 100644 --- a/.github/actions/get-msys2/action.yml +++ b/.github/actions/get-msys2/action.yml @@ -30,15 +30,15 @@ runs: using: composite steps: - name: 'Install MSYS2' - uses: msys2/setup-msys2@v2 + uses: msys2/setup-msys2@v2.22.0 with: install: 'autoconf tar unzip zip make' path-type: minimal - location: msys2 + location: ${{ runner.tool_cache }}/msys2 # We can't run bash until this is completed, so stick with pwsh - name: 'Set MSYS2 path' run: | # Prepend msys2/msys64/usr/bin to the PATH - echo "$env:GITHUB_WORKSPACE/msys2/msys64/usr/bin" >> $env:GITHUB_PATH + echo "$env:RUNNER_TOOL_CACHE/msys2/msys64/usr/bin" >> $env:GITHUB_PATH shell: pwsh diff --git a/.github/actions/upload-bundles/action.yml b/.github/actions/upload-bundles/action.yml index 88f7f6e8107..b35ee3a42e9 100644 --- a/.github/actions/upload-bundles/action.yml +++ b/.github/actions/upload-bundles/action.yml @@ -69,7 +69,7 @@ runs: shell: bash - name: 'Upload bundles artifact' - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: bundles-${{ inputs.platform }}${{ inputs.debug-suffix }} path: bundles diff --git a/.github/scripts/gen-build-failure-report.sh b/.github/scripts/gen-build-failure-report.sh index fd3215fc7fe..2dda69a3f33 100644 --- a/.github/scripts/gen-build-failure-report.sh +++ b/.github/scripts/gen-build-failure-report.sh @@ -24,12 +24,19 @@ # questions. # +# Import common utils +. .github/scripts/report-utils.sh + GITHUB_STEP_SUMMARY="$1" BUILD_DIR="$(ls -d build/*)" # Send signal to the do-build action that we failed touch "$BUILD_DIR/build-failure" +# Collect hs_errs for build-time crashes, e.g. javac, jmod, jlink, CDS. +# These usually land in make/ +hs_err_files=$(ls make/hs_err*.log 2> /dev/null || true) + ( echo '### :boom: Build failure summary' echo '' @@ -46,6 +53,20 @@ touch "$BUILD_DIR/build-failure" echo '' echo '' + for hs_err in $hs_err_files; do + echo "
View HotSpot error log: "$hs_err"" + echo '' + echo '```' + echo "$hs_err:" + echo '' + cat "$hs_err" + echo '```' + echo '
' + echo '' + done + echo '' echo ':arrow_right: To see the entire test log, click the job in the list to the left. To download logs, see the `failure-logs` [artifact above](#artifacts).' ) >> $GITHUB_STEP_SUMMARY + +truncate_summary diff --git a/.github/scripts/gen-test-results.sh b/.github/scripts/gen-test-results.sh index 73edb8b3d11..16ee6581a6a 100644 --- a/.github/scripts/gen-test-results.sh +++ b/.github/scripts/gen-test-results.sh @@ -24,6 +24,9 @@ # questions. # +# Import common utils +. .github/scripts/report-utils.sh + GITHUB_STEP_SUMMARY="$1" test_suite_name=$(cat build/run-test-prebuilt/test-support/test-last-ids.txt) @@ -75,18 +78,6 @@ for test in $failures $errors; do done >> $GITHUB_STEP_SUMMARY -# With many failures, the summary can easily exceed 1024 kB, the limit set by Github -# Trim it down if so. -summary_size=$(wc -c < $GITHUB_STEP_SUMMARY) -if [[ $summary_size -gt 1000000 ]]; then - # Trim to below 1024 kB, and cut off after the last detail group - head -c 1000000 $GITHUB_STEP_SUMMARY | tac | sed -n -e '/<\/details>/,$ p' | tac > $GITHUB_STEP_SUMMARY.tmp - mv $GITHUB_STEP_SUMMARY.tmp $GITHUB_STEP_SUMMARY - ( - echo '' - echo ':x: **WARNING: Summary is too large and has been truncated.**' - echo '' - ) >> $GITHUB_STEP_SUMMARY -fi - echo ':arrow_right: To see the entire test log, click the job in the list to the left.' >> $GITHUB_STEP_SUMMARY + +truncate_summary diff --git a/.github/scripts/gen-test-summary.sh b/.github/scripts/gen-test-summary.sh index d016cb38649..a612bed5527 100644 --- a/.github/scripts/gen-test-summary.sh +++ b/.github/scripts/gen-test-summary.sh @@ -42,6 +42,7 @@ error_count=$(echo $errors | wc -w || true) if [[ "$failures" = "" && "$errors" = "" ]]; then # We know something went wrong, but not what + echo 'failure=true' >> $GITHUB_OUTPUT echo 'error-message=Unspecified test suite failure. Please see log for job for details.' >> $GITHUB_OUTPUT exit 0 fi diff --git a/.github/scripts/report-utils.sh b/.github/scripts/report-utils.sh new file mode 100644 index 00000000000..da5b6c04b3c --- /dev/null +++ b/.github/scripts/report-utils.sh @@ -0,0 +1,41 @@ +#!/bin/bash +# +# Copyright (c) 2024, Oracle and/or its affiliates. All rights reserved. +# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +# +# This code is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License version 2 only, as +# published by the Free Software Foundation. Oracle designates this +# particular file as subject to the "Classpath" exception as provided +# by Oracle in the LICENSE file that accompanied this code. +# +# This code is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +# version 2 for more details (a copy is included in the LICENSE file that +# accompanied this code). +# +# You should have received a copy of the GNU General Public License version +# 2 along with this work; if not, write to the Free Software Foundation, +# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +# or visit www.oracle.com if you need additional information or have any +# questions. +# + +function truncate_summary() { + # With large hs_errs, the summary can easily exceed 1024 kB, the limit set by Github + # Trim it down if so. + summary_size=$(wc -c < $GITHUB_STEP_SUMMARY) + if [[ $summary_size -gt 1000000 ]]; then + # Trim to below 1024 kB, and cut off after the last detail group + head -c 1000000 $GITHUB_STEP_SUMMARY | tac | sed -n -e '/<\/details>/,$ p' | tac > $GITHUB_STEP_SUMMARY.tmp + mv $GITHUB_STEP_SUMMARY.tmp $GITHUB_STEP_SUMMARY + ( + echo '' + echo ':x: **WARNING: Summary is too large and has been truncated.**' + echo '' + ) >> $GITHUB_STEP_SUMMARY + fi +} diff --git a/.github/workflows/build-cross-compile.yml b/.github/workflows/build-cross-compile.yml index 168c5924d86..385b097b9fc 100644 --- a/.github/workflows/build-cross-compile.yml +++ b/.github/workflows/build-cross-compile.yml @@ -29,22 +29,22 @@ on: workflow_call: inputs: gcc-major-version: + required: true + type: string + extra-conf-options: required: false type: string - default: '10' - apt-gcc-version: + configure-arguments: required: false type: string - default: '10.3.0-1ubuntu1~20.04' - apt-gcc-cross-suffix: + make-arguments: required: false type: string - default: 'cross1' jobs: build-cross-compile: name: build - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 strategy: fail-fast: false @@ -56,22 +56,30 @@ jobs: - ppc64le include: - target-cpu: aarch64 - debian-arch: arm64 gnu-arch: aarch64 + debian-arch: arm64 + debian-repository: https://httpredir.debian.org/debian/ + debian-version: bullseye - target-cpu: arm - debian-arch: armhf gnu-arch: arm + debian-arch: armhf + debian-repository: https://httpredir.debian.org/debian/ + debian-version: bullseye gnu-abi: eabihf - target-cpu: s390x - debian-arch: s390x gnu-arch: s390x + debian-arch: s390x + debian-repository: https://httpredir.debian.org/debian/ + debian-version: bullseye - target-cpu: ppc64le - debian-arch: ppc64el gnu-arch: powerpc64le + debian-arch: ppc64el + debian-repository: https://httpredir.debian.org/debian/ + debian-version: bullseye steps: - name: 'Checkout the JDK source' - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: 'Get the BootJDK' id: bootjdk @@ -79,13 +87,6 @@ jobs: with: platform: linux-x64 - # Use linux-x64 JDK bundle as build JDK - - name: 'Get build JDK' - id: buildjdk - uses: ./.github/actions/get-bundles - with: - platform: linux-x64 - # Upgrading apt to solve libc6 installation bugs, see JDK-8260460. - name: 'Install toolchain and dependencies' run: | @@ -93,16 +94,16 @@ jobs: sudo apt-get update sudo apt-get install --only-upgrade apt sudo apt-get install \ - gcc-${{ inputs.gcc-major-version }}=${{ inputs.apt-gcc-version }} \ - g++-${{ inputs.gcc-major-version }}=${{ inputs.apt-gcc-version }} \ - gcc-${{ inputs.gcc-major-version }}-${{ matrix.gnu-arch }}-linux-gnu${{ matrix.gnu-abi}}=${{ inputs.apt-gcc-version }}${{ inputs.apt-gcc-cross-suffix }} \ - g++-${{ inputs.gcc-major-version }}-${{ matrix.gnu-arch }}-linux-gnu${{ matrix.gnu-abi}}=${{ inputs.apt-gcc-version }}${{ inputs.apt-gcc-cross-suffix }} \ + gcc-${{ inputs.gcc-major-version }} \ + g++-${{ inputs.gcc-major-version }} \ + gcc-${{ inputs.gcc-major-version }}-${{ matrix.gnu-arch }}-linux-gnu${{ matrix.gnu-abi}} \ + g++-${{ inputs.gcc-major-version }}-${{ matrix.gnu-arch }}-linux-gnu${{ matrix.gnu-abi}} \ libxrandr-dev libxtst-dev libcups2-dev libasound2-dev sudo update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-${{ inputs.gcc-major-version }} 100 --slave /usr/bin/g++ g++ /usr/bin/g++-${{ inputs.gcc-major-version }} - name: 'Check cache for sysroot' id: get-cached-sysroot - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: sysroot key: sysroot-${{ matrix.debian-arch }}-${{ hashFiles('./.github/workflows/build-cross-compile.yml') }} @@ -113,14 +114,15 @@ jobs: - name: 'Create sysroot' run: > - sudo qemu-debootstrap + sudo debootstrap --arch=${{ matrix.debian-arch }} --verbose - --include=fakeroot,symlinks,build-essential,libx11-dev,libxext-dev,libxrender-dev,libxrandr-dev,libxtst-dev,libxt-dev,libcups2-dev,libfontconfig1-dev,libasound2-dev,libfreetype6-dev,libpng-dev + --include=fakeroot,symlinks,build-essential,libx11-dev,libxext-dev,libxrender-dev,libxrandr-dev,libxtst-dev,libxt-dev,libcups2-dev,libfontconfig1-dev,libasound2-dev,libfreetype-dev,libpng-dev --resolve-deps - buster + --variant=minbase + ${{ matrix.debian-version }} sysroot - https://httpredir.debian.org/debian/ + ${{ matrix.debian-repository }} if: steps.get-cached-sysroot.outputs.cache-hit != 'true' - name: 'Prepare sysroot' @@ -128,7 +130,10 @@ jobs: # Prepare sysroot and remove unused files to minimize cache sudo chroot sysroot symlinks -cr . sudo chown ${USER} -R sysroot - rm -rf sysroot/{dev,proc,run,sys} + rm -rf sysroot/{dev,proc,run,sys,var} + rm -rf sysroot/usr/{sbin,bin,share} + rm -rf sysroot/usr/lib/{apt,gcc,udev,systemd} + rm -rf sysroot/usr/libexec/gcc if: steps.get-cached-sysroot.outputs.cache-hit != 'true' - name: 'Configure' @@ -142,13 +147,16 @@ jobs: --disable-precompiled-headers --openjdk-target=${{ matrix.gnu-arch }}-linux-gnu${{ matrix.gnu-abi}} --with-sysroot=sysroot - --with-build-jdk=${{ steps.buildjdk.outputs.jdk-path }} - CC=${{ matrix.gnu-arch }}-linux-gnu${{ matrix.gnu-abi}}-gcc-10 - CXX=${{ matrix.gnu-arch }}-linux-gnu${{ matrix.gnu-abi}}-g++-10 + CC=${{ matrix.gnu-arch }}-linux-gnu${{ matrix.gnu-abi}}-gcc-${{ inputs.gcc-major-version }} + CXX=${{ matrix.gnu-arch }}-linux-gnu${{ matrix.gnu-abi}}-g++-${{ inputs.gcc-major-version }} + ${{ inputs.extra-conf-options }} ${{ inputs.configure-arguments }} || ( + echo "Dumping config.log:" && + cat config.log && + exit 1) - name: 'Build' id: build uses: ./.github/actions/do-build with: - make-target: 'hotspot' + make-target: 'hotspot ${{ inputs.make-arguments }}' platform: linux-${{ matrix.target-cpu }} diff --git a/.github/workflows/build-linux.yml b/.github/workflows/build-linux.yml index 7f981118e23..646ac5ed3a6 100644 --- a/.github/workflows/build-linux.yml +++ b/.github/workflows/build-linux.yml @@ -42,20 +42,30 @@ on: required: false type: string default: '[ "debug", "release" ]' - apt-gcc-version: + gcc-major-version: required: true type: string + gcc-package-suffix: + required: false + type: string + default: '' apt-architecture: required: false type: string apt-extra-packages: required: false type: string + configure-arguments: + required: false + type: string + make-arguments: + required: false + type: string jobs: build-linux: name: build - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 strategy: fail-fast: false @@ -68,7 +78,7 @@ jobs: steps: - name: 'Checkout the JDK source' - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: 'Get the BootJDK' id: bootjdk @@ -97,8 +107,8 @@ jobs: fi sudo apt-get update sudo apt-get install --only-upgrade apt - sudo apt-get install gcc-${{ inputs.apt-gcc-version }} g++-${{ inputs.apt-gcc-version }} libxrandr-dev${{ steps.arch.outputs.suffix }} libxtst-dev${{ steps.arch.outputs.suffix }} libcups2-dev${{ steps.arch.outputs.suffix }} libasound2-dev${{ steps.arch.outputs.suffix }} ${{ inputs.apt-extra-packages }} - sudo update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-10 100 --slave /usr/bin/g++ g++ /usr/bin/g++-10 + sudo apt-get install gcc-${{ inputs.gcc-major-version }}${{ inputs.gcc-package-suffix }} g++-${{ inputs.gcc-major-version }}${{ inputs.gcc-package-suffix }} libxrandr-dev${{ steps.arch.outputs.suffix }} libxtst-dev${{ steps.arch.outputs.suffix }} libcups2-dev${{ steps.arch.outputs.suffix }} libasound2-dev${{ steps.arch.outputs.suffix }} ${{ inputs.apt-extra-packages }} + sudo update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-${{ inputs.gcc-major-version }} 100 --slave /usr/bin/g++ g++ /usr/bin/g++-${{ inputs.gcc-major-version }} - name: 'Configure' run: > @@ -110,13 +120,16 @@ jobs: --with-jtreg=${{ steps.jtreg.outputs.path }} --enable-jtreg-failure-handler --with-zlib=system - ${{ inputs.extra-conf-options }} + ${{ inputs.extra-conf-options }} ${{ inputs.configure-arguments }} || ( + echo "Dumping config.log:" && + cat config.log && + exit 1) - name: 'Build' id: build uses: ./.github/actions/do-build with: - make-target: '${{ inputs.make-target }}' + make-target: '${{ inputs.make-target }} ${{ inputs.make-arguments }}' platform: ${{ inputs.platform }} debug-suffix: '${{ matrix.suffix }}' diff --git a/.github/workflows/build-macos.yml b/.github/workflows/build-macos.yml index b00f7e091dd..85f89eea8ac 100644 --- a/.github/workflows/build-macos.yml +++ b/.github/workflows/build-macos.yml @@ -45,11 +45,17 @@ on: xcode-toolset-version: required: true type: string + configure-arguments: + required: false + type: string + make-arguments: + required: false + type: string jobs: build-macos: name: build - runs-on: macos-11 + runs-on: macos-13 strategy: fail-fast: false @@ -62,7 +68,7 @@ jobs: steps: - name: 'Checkout the JDK source' - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: 'Get the BootJDK' id: bootjdk @@ -92,13 +98,17 @@ jobs: --with-jtreg=${{ steps.jtreg.outputs.path }} --enable-jtreg-failure-handler --with-zlib=system - ${{ inputs.extra-conf-options }} + --disable-warnings-as-errors + ${{ inputs.extra-conf-options }} ${{ inputs.configure-arguments }} || ( + echo "Dumping config.log:" && + cat config.log && + exit 1) - name: 'Build' id: build uses: ./.github/actions/do-build with: - make-target: '${{ inputs.make-target }}' + make-target: '${{ inputs.make-target }} ${{ inputs.make-arguments }}' platform: ${{ inputs.platform }} debug-suffix: '${{ matrix.suffix }}' diff --git a/.github/workflows/build-windows.yml b/.github/workflows/build-windows.yml index 090c1451a8e..b85feef030a 100644 --- a/.github/workflows/build-windows.yml +++ b/.github/workflows/build-windows.yml @@ -48,6 +48,12 @@ on: msvc-toolset-architecture: required: true type: string + configure-arguments: + required: false + type: string + make-arguments: + required: false + type: string env: # These are needed to make the MSYS2 bash work properly @@ -73,7 +79,7 @@ jobs: steps: - name: 'Checkout the JDK source' - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: 'Get MSYS2' uses: ./.github/actions/get-msys2 @@ -119,17 +125,21 @@ jobs: --with-jtreg=${{ steps.jtreg.outputs.path }} --enable-jtreg-failure-handler --with-msvc-toolset-version=${{ inputs.msvc-toolset-version }} - ${{ inputs.extra-conf-options }} + ${{ inputs.extra-conf-options }} ${{ inputs.configure-arguments }} || ( + echo "Dumping config.log:" && + cat config.log && + exit 1) env: # We need a minimal PATH on Windows # Set PATH to "", so just GITHUB_PATH is included PATH: '' + shell: env /usr/bin/bash --login -eo pipefail {0} - name: 'Build' id: build uses: ./.github/actions/do-build with: - make-target: '${{ inputs.make-target }}' + make-target: '${{ inputs.make-target }} ${{ inputs.make-arguments }}' platform: ${{ inputs.platform }} debug-suffix: '${{ matrix.suffix }}' diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 77c3310c909..d2cbe9d55eb 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -36,6 +36,12 @@ on: description: 'Platform(s) to execute on (comma separated, e.g. "linux-x64, macos, aarch64")' required: true default: 'linux-x64, linux-x86, linux-x64-variants, linux-cross-compile, macos-x64, macos-aarch64, windows-x64, windows-aarch64' + configure-arguments: + description: 'Additional configure arguments' + required: false + make-arguments: + description: 'Additional make arguments' + required: false concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -49,7 +55,7 @@ jobs: select: name: 'Select platforms' - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 outputs: linux-x64: ${{ steps.include.outputs.linux-x64 }} linux-x86: ${{ steps.include.outputs.linux-x86 }} @@ -121,9 +127,10 @@ jobs: uses: ./.github/workflows/build-linux.yml with: platform: linux-x64 - apt-gcc-version: '10=10.3.0-1ubuntu1~20.04' - # The linux-x64 jdk bundle is used as buildjdk for the cross-compile job - if: needs.select.outputs.linux-x64 == 'true' || needs.select.outputs.linux-cross-compile == 'true' + gcc-major-version: '10' + configure-arguments: ${{ github.event.inputs.configure-arguments }} + make-arguments: ${{ github.event.inputs.make-arguments }} + if: needs.select.outputs.linux-x64 == 'true' build-linux-x86: name: linux-x86 @@ -131,12 +138,15 @@ jobs: uses: ./.github/workflows/build-linux.yml with: platform: linux-x86 - apt-gcc-version: '10-multilib' + gcc-major-version: '10' + gcc-package-suffix: '-multilib' apt-architecture: 'i386' # Some multilib libraries do not have proper inter-dependencies, so we have to # install their dependencies manually. - apt-extra-packages: 'libfreetype6-dev:i386 libtiff-dev:i386 libcupsimage2-dev:i386' + apt-extra-packages: 'libfreetype-dev:i386 libtiff-dev:i386 libcupsimage2-dev:i386' extra-conf-options: '--with-target-bits=32' + configure-arguments: ${{ github.event.inputs.configure-arguments }} + make-arguments: ${{ github.event.inputs.make-arguments }} if: needs.select.outputs.linux-x86 == 'true' build-linux-x64-hs-nopch: @@ -147,8 +157,10 @@ jobs: platform: linux-x64 make-target: 'hotspot' debug-levels: '[ "debug" ]' - apt-gcc-version: '10=10.3.0-1ubuntu1~20.04' + gcc-major-version: '10' extra-conf-options: '--disable-precompiled-headers' + configure-arguments: ${{ github.event.inputs.configure-arguments }} + make-arguments: ${{ github.event.inputs.make-arguments }} if: needs.select.outputs.linux-x64-variants == 'true' build-linux-x64-hs-zero: @@ -159,8 +171,10 @@ jobs: platform: linux-x64 make-target: 'hotspot' debug-levels: '[ "debug" ]' - apt-gcc-version: '10=10.3.0-1ubuntu1~20.04' + gcc-major-version: '10' extra-conf-options: '--with-jvm-variants=zero --disable-precompiled-headers' + configure-arguments: ${{ github.event.inputs.configure-arguments }} + make-arguments: ${{ github.event.inputs.make-arguments }} if: needs.select.outputs.linux-x64-variants == 'true' build-linux-x64-hs-minimal: @@ -171,8 +185,10 @@ jobs: platform: linux-x64 make-target: 'hotspot' debug-levels: '[ "debug" ]' - apt-gcc-version: '10=10.3.0-1ubuntu1~20.04' + gcc-major-version: '10' extra-conf-options: '--with-jvm-variants=minimal --disable-precompiled-headers' + configure-arguments: ${{ github.event.inputs.configure-arguments }} + make-arguments: ${{ github.event.inputs.make-arguments }} if: needs.select.outputs.linux-x64-variants == 'true' build-linux-x64-hs-optimized: @@ -184,16 +200,21 @@ jobs: make-target: 'hotspot' # Technically this is not the "debug" level, but we can't inject a new matrix state for just this job debug-levels: '[ "debug" ]' - apt-gcc-version: '10=10.3.0-1ubuntu1~20.04' + gcc-major-version: '10' extra-conf-options: '--with-debug-level=optimized --disable-precompiled-headers' + configure-arguments: ${{ github.event.inputs.configure-arguments }} + make-arguments: ${{ github.event.inputs.make-arguments }} if: needs.select.outputs.linux-x64-variants == 'true' build-linux-cross-compile: name: linux-cross-compile needs: - select - - build-linux-x64 uses: ./.github/workflows/build-cross-compile.yml + with: + gcc-major-version: '10' + configure-arguments: ${{ github.event.inputs.configure-arguments }} + make-arguments: ${{ github.event.inputs.make-arguments }} if: needs.select.outputs.linux-cross-compile == 'true' build-macos-x64: @@ -202,7 +223,9 @@ jobs: uses: ./.github/workflows/build-macos.yml with: platform: macos-x64 - xcode-toolset-version: '11.7' + xcode-toolset-version: '14.3.1' + configure-arguments: ${{ github.event.inputs.configure-arguments }} + make-arguments: ${{ github.event.inputs.make-arguments }} if: needs.select.outputs.macos-x64 == 'true' build-macos-aarch64: @@ -211,8 +234,10 @@ jobs: uses: ./.github/workflows/build-macos.yml with: platform: macos-aarch64 - xcode-toolset-version: '12.4' + xcode-toolset-version: '14.3.1' extra-conf-options: '--openjdk-target=aarch64-apple-darwin' + configure-arguments: ${{ github.event.inputs.configure-arguments }} + make-arguments: ${{ github.event.inputs.make-arguments }} if: needs.select.outputs.macos-aarch64 == 'true' build-windows-x64: @@ -223,6 +248,8 @@ jobs: platform: windows-x64 msvc-toolset-version: '14.29' msvc-toolset-architecture: 'x86.x64' + configure-arguments: ${{ github.event.inputs.configure-arguments }} + make-arguments: ${{ github.event.inputs.make-arguments }} if: needs.select.outputs.windows-x64 == 'true' build-windows-aarch64: @@ -235,6 +262,8 @@ jobs: msvc-toolset-architecture: 'arm64' make-target: 'hotspot' extra-conf-options: '--openjdk-target=aarch64-unknown-cygwin' + configure-arguments: ${{ github.event.inputs.configure-arguments }} + make-arguments: ${{ github.event.inputs.make-arguments }} if: needs.select.outputs.windows-aarch64 == 'true' ### @@ -249,7 +278,7 @@ jobs: with: platform: linux-x64 bootjdk-platform: linux-x64 - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 test-linux-x64-fips: name: linux-x64-fips @@ -269,7 +298,7 @@ jobs: with: platform: linux-x86 bootjdk-platform: linux-x64 - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 test-macos-x64: name: macos-x64 @@ -279,7 +308,7 @@ jobs: with: platform: macos-x64 bootjdk-platform: macos-x64 - runs-on: macos-11 + runs-on: macos-13 test-windows-x64: name: windows-x64 @@ -294,7 +323,7 @@ jobs: # Remove bundles so they are not misconstrued as binary distributions from the JDK project remove-bundles: name: 'Remove bundle artifacts' - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 if: always() needs: - build-linux-x64 @@ -314,26 +343,23 @@ jobs: - test-windows-x64 steps: - # Hack to get hold of the api environment variables that are only defined for actions - - name: 'Get API configuration' - id: api - uses: actions/github-script@v6 - with: - script: 'return { url: process.env["ACTIONS_RUNTIME_URL"], token: process.env["ACTIONS_RUNTIME_TOKEN"] }' - - name: 'Remove bundle artifacts' run: | # Find and remove all bundle artifacts - ALL_ARTIFACT_URLS="$(curl -s \ - -H 'Accept: application/json;api-version=6.0-preview' \ - -H 'Authorization: Bearer ${{ fromJson(steps.api.outputs.result).token }}' \ - '${{ fromJson(steps.api.outputs.result).url }}_apis/pipelines/workflows/${{ github.run_id }}/artifacts?api-version=6.0-preview')" - BUNDLE_ARTIFACT_URLS="$(echo "$ALL_ARTIFACT_URLS" | jq -r -c '.value | map(select(.name|startswith("bundles-"))) | .[].url')" - for url in $BUNDLE_ARTIFACT_URLS; do - echo "Removing $url" - curl -s \ - -H 'Accept: application/json;api-version=6.0-preview' \ - -H 'Authorization: Bearer ${{ fromJson(steps.api.outputs.result).token }}' \ - -X DELETE "$url" \ + # See: https://docs.github.com/en/rest/actions/artifacts?apiVersion=2022-11-28 + ALL_ARTIFACT_IDS="$(curl -sL \ + -H 'Accept: application/vnd.github+json' \ + -H 'Authorization: Bearer ${{ github.token }}' \ + -H 'X-GitHub-Api-Version: 2022-11-28' \ + '${{ github.api_url }}/repos/${{ github.repository }}/actions/runs/${{ github.run_id }}/artifacts?per_page=100')" + BUNDLE_ARTIFACT_IDS="$(echo "$ALL_ARTIFACT_IDS" | jq -r -c '.artifacts | map(select(.name|startswith("bundles-"))) | .[].id')" + for id in $BUNDLE_ARTIFACT_IDS; do + echo "Removing $id" + curl -sL \ + -X DELETE \ + -H 'Accept: application/vnd.github+json' \ + -H 'Authorization: Bearer ${{ github.token }}' \ + -H 'X-GitHub-Api-Version: 2022-11-28' \ + "${{ github.api_url }}/repos/${{ github.repository }}/actions/artifacts/$id" \ || echo "Failed to remove bundle" done diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 7ac6708f9e0..c3560f2135c 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -1,5 +1,5 @@ # -# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2022, 2023, Oracle and/or its affiliates. All rights reserved. # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. # # This code is free software; you can redistribute it and/or modify it @@ -100,7 +100,7 @@ jobs: steps: - name: 'Checkout the JDK source' - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: 'Get MSYS2' uses: ./.github/actions/get-msys2 @@ -127,7 +127,7 @@ jobs: run: | # On macOS we need to install some dependencies for testing brew install make - sudo xcode-select --switch /Applications/Xcode_11.7.app/Contents/Developer + sudo xcode-select --switch /Applications/Xcode_14.3.1.app/Contents/Developer # This will make GNU make available as 'make' and not only as 'gmake' echo '/usr/local/opt/make/libexec/gnubin' >> $GITHUB_PATH if: runner.os == 'macOS' @@ -191,7 +191,7 @@ jobs: if: always() - name: 'Upload test results' - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: path: results name: ${{ steps.package.outputs.artifact-name }} @@ -199,7 +199,7 @@ jobs: # This is the best way I found to abort the job with an error message - name: 'Notify about test failures' - uses: actions/github-script@v6 + uses: actions/github-script@v7 with: script: core.setFailed('${{ steps.run-tests.outputs.error-message }}') if: steps.run-tests.outputs.failure == 'true' diff --git a/.gitignore b/.gitignore index 2c9d161c742..96ba42d8cef 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,7 @@ /build/ /dist/ /.idea/ +/.vscode/ nbproject/private/ /webrev /.src-rev diff --git a/.jcheck/conf b/.jcheck/conf index 5b8b093c86f..868e54bc32e 100644 --- a/.jcheck/conf +++ b/.jcheck/conf @@ -1,10 +1,11 @@ [general] project=jdk-updates jbs=JDK -version=11.0.21 +version=11.0.27 [checks] -error=author,committer,reviewers,merge,issues,executable,symlink,message,hg-tag,whitespace +error=author,committer,reviewers,merge,issues,executable,symlink,message,hg-tag,whitespace,problemlists +warning=issuestitle,binary [repository] tags=(?:jdk-(?:[1-9]([0-9]*)(?:\.(?:0|[1-9][0-9]*)){0,4})(?:\+(?:(?:[0-9]+))|(?:-ga)))|(?:jdk[4-9](?:u\d{1,3})?-(?:(?:b\d{2,3})|(?:ga)))|(?:hs\d\d(?:\.\d{1,2})?-b\d\d) @@ -29,3 +30,6 @@ role=committer [checks "issues"] pattern=^([124-8][0-9]{6}): (\S.*)$ + +[checks "problemlists"] +dirs=test/jdk|test/langtools|test/lib-test|test/hotspot/jtreg|test/jaxp diff --git a/README.md b/README.md index 399e7cc311f..9a3eb23b994 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,11 @@ -# Welcome to the JDK! +# Welcome to OpenJDK 11 Updates! + +The JDK 11 Updates project uses two GitHub repositories. +Updates are continuously developed in the repository [jdk11u-dev](https://github.com/openjdk/jdk11u-dev). This is the repository usually targeted by contributors. +The [jdk11u](https://github.com/openjdk/jdk11u) repository is used for rampdown of the update releases of jdk11u and only accepts critical changes that must make the next release during rampdown. (You probably do not want to target jdk11u). + +For more OpenJDK 11 updates specific information such as timelines and contribution guidelines see the [project wiki page](https://wiki.openjdk.org/display/JDKUpdates/JDK11u). + For build instructions please see the [online documentation](https://openjdk.java.net/groups/build/doc/building.html), diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 00000000000..f4c5e7e67cb --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,3 @@ +# JDK Vulnerabilities + +Please follow the process outlined in the [OpenJDK Vulnerability Policy](https://openjdk.org/groups/vulnerability/report) to disclose vulnerabilities in the JDK. diff --git a/doc/building.html b/doc/building.html index 842e7fa9947..13ee9b7b6fc 100644 --- a/doc/building.html +++ b/doc/building.html @@ -175,26 +175,26 @@

Operating System Requirements

- - + + - - + + - - + + - - + + - - + +
Operating systemVendor/version usedOperating systemVendor/version used
LinuxOracle Enterprise Linux 6.4 / 7.1 (using kernel 3.8.13)LinuxOracle Enterprise Linux 6.4 / 7.1 (using kernel 3.8.13)
SolarisSolaris 11.1 SRU 21.4.1 / 11.2 SRU 5.5SolarisSolaris 11.1 SRU 21.4.1 / 11.2 SRU 5.5
macOSMac OS X 10.9 (Mavericks) / 10.10 (Yosemite)macOSMac OS X 10.9 (Mavericks) / 10.10 (Yosemite)
WindowsWindows Server 2012 R2WindowsWindows Server 2012 R2
@@ -319,50 +319,50 @@

Oracle Solaris Studio

- - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + +
PackageVersionPackageVersion
developer/solarisstudio-124/backend12.4-1.0.6.0developer/solarisstudio-124/backend12.4-1.0.6.0
developer/solarisstudio-124/c++12.4-1.0.10.0developer/solarisstudio-124/c++12.4-1.0.10.0
developer/solarisstudio-124/cc12.4-1.0.4.0developer/solarisstudio-124/cc12.4-1.0.4.0
developer/solarisstudio-124/library/c++-libs12.4-1.0.10.0developer/solarisstudio-124/library/c++-libs12.4-1.0.10.0
developer/solarisstudio-124/library/math-libs12.4-1.0.0.1developer/solarisstudio-124/library/math-libs12.4-1.0.0.1
developer/solarisstudio-124/library/studio-gccrt12.4-1.0.0.1developer/solarisstudio-124/library/studio-gccrt12.4-1.0.0.1
developer/solarisstudio-124/studio-common12.4-1.0.0.1developer/solarisstudio-124/studio-common12.4-1.0.0.1
developer/solarisstudio-124/studio-ja12.4-1.0.0.1developer/solarisstudio-124/studio-ja12.4-1.0.0.1
developer/solarisstudio-124/studio-legal12.4-1.0.0.1developer/solarisstudio-124/studio-legal12.4-1.0.0.1
developer/solarisstudio-124/studio-zhCN12.4-1.0.0.1developer/solarisstudio-124/studio-zhCN12.4-1.0.0.1
@@ -746,103 +746,103 @@

Cross compiling with Debian sysroo - - - - + + + + - - - - + + + + - - - - + + + + - - - - + + + + - - - - + + + + - - - - + + + + - - - - + + + + - - - - + + + + - - - - + + + + - - - - + + + + - - - - + + + + - - - - + + + + - - - - + + + + - - - - + + + + diff --git a/doc/building.md b/doc/building.md index 60d4d73a638..648be30b4af 100644 --- a/doc/building.md +++ b/doc/building.md @@ -151,12 +151,12 @@ This table lists the OS versions used by Oracle when building the JDK. Such information is always subject to change, but this table is up to date at the time of writing. - Operating system Vendor/version used - ----------------- ------------------------------------------------------- - Linux Oracle Enterprise Linux 6.4 / 7.1 (using kernel 3.8.13) - Solaris Solaris 11.1 SRU 21.4.1 / 11.2 SRU 5.5 - macOS Mac OS X 10.9 (Mavericks) / 10.10 (Yosemite) - Windows Windows Server 2012 R2 +| Operating system | Vendor/version used | +| ----------------- | ------------------------------------------------------- | +| Linux | Oracle Enterprise Linux 6.4 / 7.1 (using kernel 3.8.13) | +| Solaris | Solaris 11.1 SRU 21.4.1 / 11.2 SRU 5.5 | +| macOS | Mac OS X 10.9 (Mavericks) / 10.10 (Yosemite) | +| Windows | Windows Server 2012 R2 | The double version numbers for Linux, Solaris and macOS is due to the hybrid model used at Oracle, where header files and external libraries from an older @@ -363,18 +363,18 @@ configure. The Solaris Studio installation should contain at least these packages: - Package Version - -------------------------------------------------- ------------- - developer/solarisstudio-124/backend 12.4-1.0.6.0 - developer/solarisstudio-124/c++ 12.4-1.0.10.0 - developer/solarisstudio-124/cc 12.4-1.0.4.0 - developer/solarisstudio-124/library/c++-libs 12.4-1.0.10.0 - developer/solarisstudio-124/library/math-libs 12.4-1.0.0.1 - developer/solarisstudio-124/library/studio-gccrt 12.4-1.0.0.1 - developer/solarisstudio-124/studio-common 12.4-1.0.0.1 - developer/solarisstudio-124/studio-ja 12.4-1.0.0.1 - developer/solarisstudio-124/studio-legal 12.4-1.0.0.1 - developer/solarisstudio-124/studio-zhCN 12.4-1.0.0.1 +| Package | Version | +| -------------------------------------------------- | ------------- | +| developer/solarisstudio-124/backend | 12.4-1.0.6.0 | +| developer/solarisstudio-124/c++ | 12.4-1.0.10.0 | +| developer/solarisstudio-124/cc | 12.4-1.0.4.0 | +| developer/solarisstudio-124/library/c++-libs | 12.4-1.0.10.0 | +| developer/solarisstudio-124/library/math-libs | 12.4-1.0.0.1 | +| developer/solarisstudio-124/library/studio-gccrt | 12.4-1.0.0.1 | +| developer/solarisstudio-124/studio-common | 12.4-1.0.0.1 | +| developer/solarisstudio-124/studio-ja | 12.4-1.0.0.1 | +| developer/solarisstudio-124/studio-legal | 12.4-1.0.0.1 | +| developer/solarisstudio-124/studio-zhCN | 12.4-1.0.0.1 | Compiling with Solaris Studio can sometimes be finicky. This is the exact version used by Oracle, which worked correctly at the time of writing: @@ -965,14 +965,14 @@ https://sourceware.org/autobook/autobook/autobook_17.html). If no targets are given, a native toolchain for the current platform will be created. Currently, at least the following targets are known to work: - Supported devkit targets - ------------------------ - x86_64-linux-gnu - aarch64-linux-gnu - arm-linux-gnueabihf - ppc64-linux-gnu - ppc64le-linux-gnu - s390x-linux-gnu +| Supported devkit targets | +| ------------------------ | +| x86_64-linux-gnu | +| aarch64-linux-gnu | +| arm-linux-gnueabihf | +| ppc64-linux-gnu | +| ppc64le-linux-gnu | +| s390x-linux-gnu | `BASE_OS` must be one of "OEL6" for Oracle Enterprise Linux 6 or "Fedora" (if not specified "OEL6" will be the default). If the base OS @@ -1199,21 +1199,21 @@ it might require a little nudge with: Architectures that are known to successfully cross-compile like this are: - Target Debian tree Debian arch `--openjdk-target=...` `--with-jvm-variants=...` - ------------ ------------ ------------- ------------------------ -------------- - x86 buster i386 i386-linux-gnu (all) - arm buster armhf arm-linux-gnueabihf (all) - aarch64 buster arm64 aarch64-linux-gnu (all) - ppc64le buster ppc64el powerpc64le-linux-gnu (all) - s390x buster s390x s390x-linux-gnu (all) - mipsle buster mipsel mipsel-linux-gnu zero - mips64le buster mips64el mips64el-linux-gnueabi64 zero - armel buster arm arm-linux-gnueabi zero - ppc sid powerpc powerpc-linux-gnu zero - ppc64be sid ppc64 powerpc64-linux-gnu (all) - m68k sid m68k m68k-linux-gnu zero - alpha sid alpha alpha-linux-gnu zero - sh4 sid sh4 sh4-linux-gnu zero +| Target | Debian tree | Debian arch | `--openjdk-target=...` | `--with-jvm-variants=...` | +| ------------ | ------------ | ------------- | ------------------------ | ------------------------- | +| x86 | buster | i386 | i386-linux-gnu | (all) | +| arm | buster | armhf | arm-linux-gnueabihf | (all) | +| aarch64 | buster | arm64 | aarch64-linux-gnu | (all) | +| ppc64le | buster | ppc64el | powerpc64le-linux-gnu | (all) | +| s390x | buster | s390x | s390x-linux-gnu | (all) | +| mipsle | buster | mipsel | mipsel-linux-gnu | zero | +| mips64le | buster | mips64el | mips64el-linux-gnueabi64 | zero | +| armel | buster | arm | arm-linux-gnueabi | zero | +| ppc | sid | powerpc | powerpc-linux-gnu | zero | +| ppc64be | sid | ppc64 | powerpc64-linux-gnu | (all) | +| m68k | sid | m68k | m68k-linux-gnu | zero | +| alpha | sid | alpha | alpha-linux-gnu | zero | +| sh4 | sid | sh4 | sh4-linux-gnu | zero | ### Building for ARM/aarch64 diff --git a/doc/testing.html b/doc/testing.html index 96f7408650a..c3e8ca956b0 100644 --- a/doc/testing.html +++ b/doc/testing.html @@ -5,7 +5,7 @@ Testing the JDK - " + + "
  1. wwwww
"; + + mainFrame = new JFrame("bug4476002"); + + htmlComponent = new JLabel(htmlText); + mainFrame.getContentPane().add(htmlComponent); + + mainFrame.pack(); + mainFrame.setLocationRelativeTo(null); + mainFrame.setVisible(true); + }); + robot.waitForIdle(); + robot.delay(1000); + SwingUtilities.invokeAndWait(() -> { + p = htmlComponent.getLocationOnScreen(); + d = htmlComponent.getSize(); + }); + int x0 = p.x; + int y = p.y + d.height/2; + + for (int x = x0; x < x0 + d.width; x++) { + if (robot.getPixelColor(x, y).equals(Color.black)) { + passed = false; + break; + } + } + if (!passed) { + throw new RuntimeException("Test failed."); + } + } finally { + SwingUtilities.invokeAndWait(() -> { + if (mainFrame != null) { + mainFrame.dispose(); + } + }); + } + } + +} diff --git a/test/jdk/javax/swing/text/html/StyleSheet/bug4803145.java b/test/jdk/javax/swing/text/html/StyleSheet/bug4803145.java new file mode 100644 index 00000000000..9a9b9fdec1a --- /dev/null +++ b/test/jdk/javax/swing/text/html/StyleSheet/bug4803145.java @@ -0,0 +1,95 @@ +/* + * Copyright (c) 2003, 2024, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 4803145 + * @summary Tests if bullets for HTML
TargetDebian treeDebian arch--openjdk-target=...TargetDebian treeDebian arch--openjdk-target=... --with-jvm-variants=...
x86busteri386i386-linux-gnux86busteri386i386-linux-gnu (all)
armbusterarmhfarm-linux-gnueabihfarmbusterarmhfarm-linux-gnueabihf (all)
aarch64busterarm64aarch64-linux-gnuaarch64busterarm64aarch64-linux-gnu (all)
ppc64lebusterppc64elpowerpc64le-linux-gnuppc64lebusterppc64elpowerpc64le-linux-gnu (all)
s390xbusters390xs390x-linux-gnus390xbusters390xs390x-linux-gnu (all)
mipslebustermipselmipsel-linux-gnumipslebustermipselmipsel-linux-gnu zero
mips64lebustermips64elmips64el-linux-gnueabi64mips64lebustermips64elmips64el-linux-gnueabi64 zero
armelbusterarmarm-linux-gnueabiarmelbusterarmarm-linux-gnueabi zero
ppcsidpowerpcpowerpc-linux-gnuppcsidpowerpcpowerpc-linux-gnu zero
ppc64besidppc64powerpc64-linux-gnuppc64besidppc64powerpc64-linux-gnu (all)
m68ksidm68km68k-linux-gnum68ksidm68km68k-linux-gnu zero
alphasidalphaalpha-linux-gnualphasidalphaalpha-linux-gnu zero
sh4sidsh4sh4-linux-gnush4sidsh4sh4-linux-gnu zero
" + + "" + + "" + + "
first cellsecond cell
row heading
"; + + JFrame f = new JFrame(); + jep = new JEditorPane(); + jep.setEditorKit(new HTMLEditorKit()); + jep.setEditable(false); + + jep.setText(text); + + f.getContentPane().add(jep); + f.setSize(500,500); + f.setLocationRelativeTo(null); + f.setVisible(true); + } + + + public static void main(String args[]) throws Exception { + robot = new Robot(); + robot.setAutoDelay(100); + bug4412522 test = new bug4412522(); + try { + SwingUtilities.invokeAndWait(() -> test.init()); + robot.waitForIdle(); + robot.delay(1000); + Shape r = jep.getBounds(); + View v = jep.getUI().getRootView(jep); + int tableWidth = 0; + int cellsWidth = 0; + + while (!(v instanceof javax.swing.text.html.ParagraphView)) { + + int n = v.getViewCount(); + Shape sh = v.getChildAllocation(n - 1, r); + String viewName = v.getClass().getName(); + if (viewName.endsWith("TableView")) { + tableWidth = r.getBounds().width; + } + + if (viewName.endsWith("CellView")) { + cellsWidth = r.getBounds().x + r.getBounds().width; + } + + v = v.getView(n - 1); + if (sh != null) { + r = sh; + } + } + + passed = ((tableWidth - cellsWidth) > 10); + if (!passed) { + throw new RuntimeException("Test failed."); + } + } finally { + SwingUtilities.invokeAndWait(() -> { + if (f != null) { + f.dispose(); + } + }); + } + } +} diff --git a/test/jdk/javax/swing/text/html/TableView/bug4690812.java b/test/jdk/javax/swing/text/html/TableView/bug4690812.java new file mode 100644 index 00000000000..263bba71f14 --- /dev/null +++ b/test/jdk/javax/swing/text/html/TableView/bug4690812.java @@ -0,0 +1,101 @@ +/* + * Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 4690812 + * @summary Tests if tables are correctly formatted in some cases + * @key headful + * @run main bug4690812 +*/ + +import javax.swing.JEditorPane; +import javax.swing.JFrame; +import javax.swing.SwingUtilities; +import javax.swing.text.View; +import javax.swing.text.html.HTMLEditorKit; + +import java.awt.Robot; +import java.awt.Shape; + +public class bug4690812 { + + private static boolean passed = false; + + private static JEditorPane jep; + private static JFrame f; + + public void init() { + + String text = + "" + + "" + + "" + + "" + + "
a
something
"; + + JFrame f = new JFrame(); + jep = new JEditorPane(); + jep.setEditorKit(new HTMLEditorKit()); + jep.setEditable(false); + + jep.setText(text); + + f.getContentPane().add(jep); + f.setSize(500,500); + f.setLocationRelativeTo(null); + f.setVisible(true); + } + + public static void main(String args[]) throws Exception { + Robot robot = new Robot(); + bug4690812 test = new bug4690812(); + try { + SwingUtilities.invokeAndWait(() -> test.init()); + robot.waitForIdle(); + robot.delay(1000); + Shape r = jep.getBounds(); + View v = jep.getUI().getRootView(jep); + int tableHeight = 0; + while (!(v instanceof javax.swing.text.html.ParagraphView)) { + int n = v.getViewCount(); + Shape sh = v.getChildAllocation(n - 1, r); + v = v.getView(n - 1); + if (sh != null) { + r = sh; + } + } + // left column in the second table row should have width == 1 + passed = (r.getBounds().width == 1) ? true : false; + if (!passed) { + throw new RuntimeException("Test failed."); + } + } finally { + SwingUtilities.invokeAndWait(() -> { + if (f != null) { + f.dispose(); + } + }); + } + } +} diff --git a/test/jdk/javax/swing/text/html/TableView/bug4813831.java b/test/jdk/javax/swing/text/html/TableView/bug4813831.java new file mode 100644 index 00000000000..4d7f286f8aa --- /dev/null +++ b/test/jdk/javax/swing/text/html/TableView/bug4813831.java @@ -0,0 +1,116 @@ +/* + * Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 4813831 + * @summary Verifies contents of table cells in HTML in JEditorPane wraps correctly + * @key headful + * @run main bug4813831 +*/ + +import javax.swing.JEditorPane; +import javax.swing.JFrame; +import javax.swing.SwingUtilities; +import javax.swing.text.View; +import javax.swing.text.ParagraphView; +import javax.swing.text.html.HTMLEditorKit; + +import java.awt.Robot; +import java.awt.Shape; + +public class bug4813831 { + + private static boolean passed = false; + private boolean finished = false; + + private static JEditorPane jep; + private static JFrame f; + + public void init() { + + String text = + "" + + "" + + "" + + "
XXXXXXXXXXXXXX
X
X
" + + ""; + + f = new JFrame(); + jep = new JEditorPane(); + jep.setEditorKit(new HTMLEditorKit()); + jep.setEditable(false); + + jep.setText(text); + + f.getContentPane().add(jep); + f.setSize(20,500); + f.setLocationRelativeTo(null); + f.setVisible(true); + } + + + public static void main(String args[]) throws Exception { + Robot robot = new Robot(); + robot.setAutoDelay(100); + bug4813831 test = new bug4813831(); + try { + SwingUtilities.invokeAndWait(() -> test.init()); + robot.waitForIdle(); + robot.delay(1000); + Shape r = jep.getBounds(); + View v = jep.getUI().getRootView(jep); + do { + int n = v.getViewCount(); + Shape sh = v.getChildAllocation(n - 1, r); + if (sh != null) { + r = sh; + } + v = v.getView(n - 1); + } while (!(v instanceof ParagraphView)); + + int n = v.getViewCount(); + // there should be 3 lines or more (if the first long line was wrapped) in a cell + passed = n >= 3; + + if (passed) { + Shape sh = v.getChildAllocation(n - 2, r); + int x1 = sh.getBounds().x; + sh = v.getChildAllocation(n - 1, r); + int x2 = sh.getBounds().x; + System.out.println("x1: " + x1 + " x2: " + x2); + // lines should be equally aligned + passed = (x1 == x2); + } + if (!passed) { + throw new RuntimeException("Test failed."); + } + } finally { + SwingUtilities.invokeAndWait(() -> { + if (f != null) { + f.dispose(); + } + }); + } + } +} diff --git a/test/jdk/javax/swing/text/html/bug4210307.java b/test/jdk/javax/swing/text/html/bug4210307.java new file mode 100644 index 00000000000..6af4e62f805 --- /dev/null +++ b/test/jdk/javax/swing/text/html/bug4210307.java @@ -0,0 +1,96 @@ +/* + * Copyright (c) 1999, 2023, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import javax.swing.JButton; +import javax.swing.JEditorPane; +import javax.swing.SwingUtilities; +import javax.swing.UIManager; +import javax.swing.text.Document; +import javax.swing.text.Element; +import javax.swing.text.html.FormView; + +/* + * @test + * @bug 4210307 4210308 + * @summary Tests that FormView button text is internationalized + */ + +public class bug4210307 { + private static final String RESET_PROPERTY = "TEST RESET"; + private static final String SUBMIT_PROPERTY = "TEST SUBMIT"; + + public static void main(String[] args) throws Exception { + SwingUtilities.invokeAndWait(() -> { + Object oldReset = UIManager.put("FormView.resetButtonText", + RESET_PROPERTY); + Object oldSubmit = UIManager.put("FormView.submitButtonText", + SUBMIT_PROPERTY); + + try { + JEditorPane ep = new JEditorPane("text/html", + ""); + Document doc = ep.getDocument(); + Element elem = findInputElement(doc.getDefaultRootElement()); + TestView view = new TestView(elem); + view.test(SUBMIT_PROPERTY); + + ep = new JEditorPane("text/html", + ""); + doc = ep.getDocument(); + elem = findInputElement(doc.getDefaultRootElement()); + view = new TestView(elem); + view.test(RESET_PROPERTY); + } finally { + UIManager.put("FormView.resetButtonText", oldReset); + UIManager.put("FormView.submitButtonText", oldSubmit); + } + }); + } + + private static Element findInputElement(Element root) { + for (int i = 0; i < root.getElementCount(); i++) { + Element elem = root.getElement(i); + if (elem.getName().equals("input")) { + return elem; + } else { + Element e = findInputElement(elem); + if (e != null) return e; + } + } + return null; + } + + static class TestView extends FormView { + public TestView(Element elem) { + super(elem); + } + + public void test(String caption) { + JButton comp = (JButton) createComponent(); + if (!comp.getText().equals(caption)) { + throw new RuntimeException("Failed: '" + comp.getText() + + "' instead of `" + caption + "'"); + } + } + } +} diff --git a/test/jdk/javax/swing/text/html/bug4839739.java b/test/jdk/javax/swing/text/html/bug4839739.java new file mode 100644 index 00000000000..1dc5fbef123 --- /dev/null +++ b/test/jdk/javax/swing/text/html/bug4839739.java @@ -0,0 +1,97 @@ +/* + * Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import javax.swing.JEditorPane; +import javax.swing.JFrame; +import javax.swing.SwingUtilities; +import javax.swing.text.html.HTMLEditorKit; +import java.awt.Component; +import java.awt.KeyboardFocusManager; +import java.awt.Point; +import java.awt.Robot; +import java.awt.event.InputEvent; +import java.awt.event.KeyEvent; + +/* + * @test + * @bug 4839739 + * @key headful + * @summary Tests if JEditorPane works correctly with HTML comments. + */ + +public class bug4839739 { + + private static JFrame jFrame; + private static JEditorPane jep; + private static volatile Point p; + + public static void main(String[] args) throws Exception { + try { + Robot robot = new Robot(); + robot.setAutoWaitForIdle(true); + robot.delay(50); + + SwingUtilities.invokeAndWait(bug4839739::createAndShowUI); + robot.waitForIdle(); + robot.delay(500); + + SwingUtilities.invokeAndWait(() -> p = jep.getLocationOnScreen()); + robot.delay(200); + + robot.mouseMove(p.x + 20, p.y + 20); + robot.mousePress(InputEvent.BUTTON1_DOWN_MASK); + robot.mouseRelease(InputEvent.BUTTON1_DOWN_MASK); + robot.keyPress(KeyEvent.VK_TAB); + robot.keyRelease(KeyEvent.VK_TAB); + robot.delay(300); + + Component comp = KeyboardFocusManager.getCurrentKeyboardFocusManager().getFocusOwner(); + if (!(comp instanceof JEditorPane)) { + throw new RuntimeException("Test failed." + + " JEditorPane doesn't work as expected with HTML comments"); + } + } finally { + SwingUtilities.invokeAndWait(() -> { + if (jFrame != null) { + jFrame.dispose(); + } + }); + } + } + + private static void createAndShowUI() { + String text = "" + + "some always visible text"; + + jFrame = new JFrame("JEditorPane With HTML"); + jep = new JEditorPane(); + jep.setEditorKit(new HTMLEditorKit()); + jep.setEditable(false); + + jep.setText(text); + jFrame.getContentPane().add(jep); + jFrame.setSize(200,200); + jFrame.setLocationRelativeTo(null); + jFrame.setVisible(true); + } +} diff --git a/test/jdk/javax/swing/text/rtf/RTFReadFontCharsetTest.java b/test/jdk/javax/swing/text/rtf/RTFReadFontCharsetTest.java new file mode 100644 index 00000000000..629b37285a3 --- /dev/null +++ b/test/jdk/javax/swing/text/rtf/RTFReadFontCharsetTest.java @@ -0,0 +1,131 @@ +/* + * Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 6928542 + * @summary Verify RTFEditorKit.read() with fcharset + */ + +import java.io.ByteArrayInputStream; +import java.io.InputStreamReader; +import java.io.PrintStream; +import javax.swing.text.Document; +import javax.swing.text.Element; +import javax.swing.text.rtf.RTFEditorKit; + +import static java.nio.charset.StandardCharsets.ISO_8859_1; + +public class RTFReadFontCharsetTest { + public static void main(String[] args) throws Exception { + String s = + "{\\rtf1\\fbidis\\ansi\\ansicpg932\\deff0\\nouicomp" + + "at\\deflang1033\\deflangfe1041{\\fonttbl{\\f0\\fni" + + "l\\fcharset0 Segoe UI;}{\\f1\\fnil\\fcharset128 Yu" + + " Gothic UI;}{\\f2\\fswiss\\fprq2\\fcharset129 Malg" + + "un Gothic;}{\\f3\\fnil\\fcharset134 Microsoft YaHe" + + "i;}{\\f4\\fnil\\fcharset136 Microsoft JhengHei;}{\\" + + "f5\\fnil\\fcharset161 Segoe UI;}{\\f6\\fnil\\fcha" + + "rset162 Segoe UI;}{\\f7\\fnil\\fcharset163 Segoe U" + + "I;}{\\f8\\fnil\\fcharset177 Segoe UI;}{\\f9\\fnil\\" + + "fcharset178 Segoe UI;}{\\f10\\fnil\\fcharset186 S" + + "egoe UI;}{\\f11\\fnil\\fcharset204 Segoe UI;}{\\f1" + + "2\\fnil\\fcharset222 Leelawadee UI;}{\\f13\\fnil\\" + + "fcharset0 Leelawadee UI;}{\\f14\\fnil\\fcharset238" + + " Segoe UI;}}\r\n{\\*\\generator Riched20 10.0.1904" + + "1}\\viewkind4\\uc1 \r\n\\pard\\ltrpar\\nowidctlpar" + + "\\sa200\\sl276\\slmult1\\f0\\fs22\\lang1041 Gr\\'f" + + "cezi - Switzerland 0\\line\\f1\\'82\\'b1\\'82\\'f" + + "1\\'82\\'c9\\'82\\'bf\\'82\\'cd - Japanese 128\\li" + + "ne\\f2\\lang17\\'be\\'c8\\'b3\\'e7\\'c7\\'cf\\'bc\\" + + "'bc\\'bf\\'e4\\lang1041 - Korean 129\\line\\kern" + + "ing2\\f3\\lang1033\\'c4\\'e3\\'ba\\'c3 - China 134" + + "\\line\\f4\\'bb\\'4f\\'c6\\'57 - Traditional Chine" + + "se - Taiwan 136\\line\\kerning0\\f5\\lang17\\'e3\\" + + "'e5\\'e9\\'e1 \\'f3\\'ef\\'f5 - Greek\\f0\\lang104" + + "1 161\\line\\f6\\lang17 A\\'f0a\\'e7 - \\f0 Turki" + + "sh (Tree) 162\\line\\f7\\'fe\\f0\\lang1041 \\lang" + + "1033 - \\lang17 Vietnam currency\\lang1041 163\\l" + + "ine\\f8\\rtlch\\lang17\\'f9\\'c8\\'d1\\'ec\\'e5\\'" + + "c9\\'ed\\f0\\ltrch - Hebrew 177\\line\\f9\\rtlch\\" + + "lang1025\\'e3\\'d1\\'cd\\'c8\\'c7\\f0\\ltrch\\lan" + + "g17 - Arabic 178\\line\\kerning2\\f10\\lang1033 A" + + "\\'e8i\\'fb - Lithuanian (Thank you) 186\\kerning0" + + "\\f0\\lang1041\\line\\kerning2\\f11\\lang1049\\'c7" + + "\\'e4\\'f0\\'e0\\'e2\\'f1\\'f2\\'e2\\'f3\\'e9\\'f2" + + "\\'e5\\f0\\lang1033 - Russian 204\\line\\kerning0" + + "\\f12\\lang1054\\'ca\\'c7\\'d1\\'ca\\'b4\\'d5 \\f1" + + "3\\lang1033 - Thailand 222\\line\\kerning2\\f14 cz" + + "e\\'9c\\'e6 - Polish 238\\par\r\n}\r\n\u0000"; + String expected = + "Gr\u00fcezi - Switzerland 0\n" + + "\u3053\u3093\u306b\u3061\u306f - Japanese 128\n" + + "\uc548\ub155\ud558\uc138\uc694 - Korean 129\n" + + "\u4f60\u597d - China 134\n" + + "\u81fa\u7063 - Traditional Chinese - Taiwan 136\n" + + "\u03b3\u03b5\u03b9\u03b1 \u03c3\u03bf\u03c5 - Greek 161\n" + + "A\u011fa\u00e7 - Turkish (Tree) 162\n" + + "\u20ab - Vietnam currency 163\n" + + "\u05e9\u05b8\u05c1\u05dc\u05d5\u05b9\u05dd - Hebrew 177\n" + + "\u0645\u0631\u062d\u0628\u0627 - Arabic 178\n" + + "A\u010di\u016b - Lithuanian (Thank you) 186\n" + + "\u0417\u0434\u0440\u0430\u0432\u0441\u0442" + + "\u0432\u0443\u0439\u0442\u0435 - Russian 204\n" + + "\u0e2a\u0e27\u0e31\u0e2a\u0e14\u0e35 - Thailand 222\n" + + "cze\u015b\u0107 - Polish 238\n" + + "\n"; + ByteArrayInputStream bais = new ByteArrayInputStream( + s.getBytes(ISO_8859_1)); + InputStreamReader isr = new InputStreamReader(bais, ISO_8859_1); + RTFEditorKit kit = new RTFEditorKit(); + Document doc = kit.createDefaultDocument(); + kit.read(isr, doc, 0); + Element elem = doc.getDefaultRootElement(); + int elemStart = elem.getStartOffset(); + int elemEnd = elem.getEndOffset(); + String text = doc.getText(elemStart, elemEnd - elemStart); + if (!expected.equals(text)) { + System.err.println("Read data"); + System.err.println("========="); + dump(text, System.err); + System.err.println("Expected data"); + System.err.println("============="); + dump(expected, System.err); + throw new RuntimeException("Test failed"); + } + } + + private static void dump(String s, PrintStream ps) { + for(char ch : s.toCharArray()) { + if (ch == '\\') + ps.print("\\\\"); + else if (ch >= 0x20 && ch <= 0x7e) + ps.print(ch); + else if (ch == '\n') + ps.println(); + else + ps.printf("\\u%04x", (int)ch); + } + } + +} diff --git a/test/jdk/javax/swing/text/rtf/bug4178276.java b/test/jdk/javax/swing/text/rtf/bug4178276.java new file mode 100644 index 00000000000..161f35e02cf --- /dev/null +++ b/test/jdk/javax/swing/text/rtf/bug4178276.java @@ -0,0 +1,55 @@ +/* + * Copyright (c) 1999, 2023, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 4178276 + * @key headful + * @summary RTFEditorkit.write(...) doesn't throw NPE when used in SecurityManager + * @run main/othervm bug4178276 + */ + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.nio.charset.StandardCharsets; +import javax.swing.text.Document; +import javax.swing.text.rtf.RTFEditorKit; + +public class bug4178276 { + + public static void main(String[] argv) throws Exception { + System.setSecurityManager(new SecurityManager()); + + String test="{\\rtf1\\ansi\\deff0\\deftab720{\\fonttbl{\\f0\\f swiss MS Sans Serif;}}{\\colortbl\\red0\\green0\\blue0;}\\qc\\plain\\f0 Test 1 \\par \\ql\\plain\\f0 Test 2 \\par \\qr\\plain\\f0 Test 3 \\par \\qj\\plain\\f0 Test 4}"; + RTFEditorKit c = new RTFEditorKit(); + Document doc = c.createDefaultDocument(); + try { + c.read(new ByteArrayInputStream(test.getBytes( + StandardCharsets.ISO_8859_1)), doc, 0); + ByteArrayOutputStream sw = new ByteArrayOutputStream(); + c.write(sw, doc, 0, 0); + } catch (Exception e) { + throw new RuntimeException("Unexpected NPE exception...", e); + } + } +} diff --git a/test/jdk/javax/swing/tree/DefaultTreeCellEditor/bug4480602.java b/test/jdk/javax/swing/tree/DefaultTreeCellEditor/bug4480602.java new file mode 100644 index 00000000000..d9073297a52 --- /dev/null +++ b/test/jdk/javax/swing/tree/DefaultTreeCellEditor/bug4480602.java @@ -0,0 +1,133 @@ +/* + * Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 4480602 + * @summary Verifies if DefaultTreeCellEditor.inHitRegion() incorrectly + * handles row bounds + * @key headful + * @run main bug4480602 +*/ + +import java.awt.ComponentOrientation; +import java.awt.Rectangle; +import java.awt.Robot; +import java.awt.event.MouseEvent; +import javax.swing.JFrame; +import javax.swing.JScrollPane; +import javax.swing.JTree; +import javax.swing.tree.DefaultMutableTreeNode; +import javax.swing.tree.DefaultTreeCellEditor; +import javax.swing.tree.DefaultTreeCellRenderer; +import javax.swing.SwingUtilities; + +import java.util.Date; + +public class bug4480602 { + + static JTree tree; + static JFrame fr; + static MyTreeCellEditor editor; + + static Robot robot; + boolean passed = false; + boolean do_test = false; + + public static void main(String[] args) throws Exception { + Robot robot = new Robot(); + robot.setAutoDelay(100); + try { + SwingUtilities.invokeAndWait(() -> { + fr = new JFrame("Test"); + + String s = "0\u05D01\u05D02\u05D03\u05D04\u05D05"; + DefaultMutableTreeNode root = new DefaultMutableTreeNode(s); + root.add(new DefaultMutableTreeNode(s)); + root.add(new DefaultMutableTreeNode(s)); + + tree = new JTree(root); + editor = new MyTreeCellEditor(tree, new DefaultTreeCellRenderer()); + tree.setCellEditor(editor); + tree.setComponentOrientation(ComponentOrientation.RIGHT_TO_LEFT); + tree.setEditable(true); + JScrollPane sp = new JScrollPane(tree); + fr.getContentPane().add(sp); + + fr.setSize(250,200); + fr.setLocationRelativeTo(null); + fr.setVisible(true); + }); + robot.waitForIdle(); + robot.delay(1000); + SwingUtilities.invokeAndWait(() -> { + Rectangle rect = tree.getRowBounds(1); + editor.testTreeCellEditor(rect); + }); + } finally { + SwingUtilities.invokeAndWait(() -> { + if (fr != null) { + fr.dispose(); + } + }); + } + } + + static class MyTreeCellEditor extends DefaultTreeCellEditor { + + public MyTreeCellEditor(JTree tree, DefaultTreeCellRenderer renderer) { + super(tree, renderer); + } + + public void testTreeCellEditor(Rectangle rect) { + int x = rect.x + 10; + int y = rect.y + rect.height / 2; + MouseEvent me = new MouseEvent(tree, + MouseEvent.MOUSE_PRESSED, + (new Date()).getTime(), + MouseEvent.BUTTON1_DOWN_MASK, + rect.x + 10, rect.y + 10, + 1, true); + isCellEditable(me); + + if (tree == null) { + throw new RuntimeException("isCellEditable() should set the tree"); + } + if (lastRow != 1) { + throw new RuntimeException("isCellEditable() should set the lastRow"); + } + if (offset == 0) { + throw new RuntimeException("isCellEditable() should determine offset"); + } + + if (!inHitRegion(x,y)) { + throw new RuntimeException("Hit region should contain point ("+x+", "+y+")"); + } + x = rect.x + rect.width - 10; + if (inHitRegion(x,y)) { + throw new RuntimeException("Hit region shouldn't contain point ("+x+", "+y+")"); + } + } + } + +} diff --git a/test/jdk/javax/swing/tree/DefaultTreeCellRenderer/bug4180224.java b/test/jdk/javax/swing/tree/DefaultTreeCellRenderer/bug4180224.java new file mode 100644 index 00000000000..f9d88f29acf --- /dev/null +++ b/test/jdk/javax/swing/tree/DefaultTreeCellRenderer/bug4180224.java @@ -0,0 +1,46 @@ +/* + * Copyright (c) 1999, 2023, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 4180224 + * @summary DefaultTreeCellRenderer.hasFocus protected (not private) now. + * @key headful + * @run main bug4180224 +*/ + +import javax.swing.tree.DefaultTreeCellRenderer; + +public class bug4180224 { + + static class MyDTCR extends DefaultTreeCellRenderer { + void test() { + hasFocus = false; + } + } + + public static void main(String[] argv) { + MyDTCR m = new MyDTCR(); + m.test(); + } +} diff --git a/test/jdk/javax/swing/tree/DefaultTreeSelectionModel/bug4485322.java b/test/jdk/javax/swing/tree/DefaultTreeSelectionModel/bug4485322.java new file mode 100644 index 00000000000..47ff2a1cb16 --- /dev/null +++ b/test/jdk/javax/swing/tree/DefaultTreeSelectionModel/bug4485322.java @@ -0,0 +1,88 @@ +/* + * Copyright (c) 2002, 2023, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* @test + @bug 4485322 + @summary DefaultTreeSelectionModel.insureRowContinuity is broken for CONTIGUOUS_TREE_SELECTION + @run main bug4485322 +*/ + +import javax.swing.SwingUtilities; +import javax.swing.tree.DefaultTreeSelectionModel; +import javax.swing.tree.TreeSelectionModel; +import javax.swing.tree.RowMapper; +import javax.swing.tree.TreePath; + +import java.util.Arrays; + +public class bug4485322 { + + Object obj1[] = {"9", "2", "5", "3", "1"}; + Object obj2[] = {"1", "2", "3"}; + + public void init() { + DummyDefaultTreeSelectionModel model = new DummyDefaultTreeSelectionModel(); + + TreePath sPaths[] = new TreePath[obj1.length]; + for (int i=0; i b.init()); + } +} diff --git a/test/jdk/javax/swing/tree/FixedHeightLayoutCache/bug4210354.java b/test/jdk/javax/swing/tree/FixedHeightLayoutCache/bug4210354.java new file mode 100644 index 00000000000..92fdd24957a --- /dev/null +++ b/test/jdk/javax/swing/tree/FixedHeightLayoutCache/bug4210354.java @@ -0,0 +1,84 @@ +/* + * Copyright (c) 1999, 2023, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 4210354 + * @summary Tests whether method FixedHeightLayoutCache.getBounds returns bad Rectangle + * @run main bug4210354 + */ + +import java.awt.Rectangle; + +import javax.swing.tree.AbstractLayoutCache; +import javax.swing.tree.DefaultMutableTreeNode; +import javax.swing.tree.DefaultTreeModel; +import javax.swing.tree.FixedHeightLayoutCache; +import javax.swing.tree.TreePath; + +public class bug4210354 { + static class DummyNodeDimensions extends AbstractLayoutCache.NodeDimensions { + private final Rectangle rectangle; + + public DummyNodeDimensions(Rectangle r) { + rectangle = r; + } + public Rectangle getNodeDimensions(Object value, int row, int depth, + boolean expanded, Rectangle bounds) { + return rectangle; + } + + /* create the TreeModel of depth 1 with specified num of children */ + public DefaultTreeModel getTreeModelILike(int childrenCount) { + DefaultMutableTreeNode root = new DefaultMutableTreeNode("root"); + for (int i = 0; i < childrenCount; i++) { + DefaultMutableTreeNode child = + new DefaultMutableTreeNode("root.child" + i); + root.insert(child, i); + } + return new DefaultTreeModel(root); + } + } + + public void init() { + int x = 1, y = 2, dx = 3, dy = 4, h = 3; + DummyNodeDimensions dim = new DummyNodeDimensions(new Rectangle(x, y, dx, dy)); + FixedHeightLayoutCache fhlc = new FixedHeightLayoutCache(); + fhlc.setModel(dim.getTreeModelILike(3)); + fhlc.setRootVisible(true); + fhlc.setNodeDimensions(dim); + fhlc.setRowHeight(h); + int row = 0; + TreePath path = fhlc.getPathForRow(row); + Rectangle r = fhlc.getBounds(path, new Rectangle()); + Rectangle r2 = new Rectangle(x, row * h, dx, h); + if (r.width != r2.width) { + throw new RuntimeException("FixedHeightLayoutCache.getBounds returns bad Rectangle"); + } + } + + public static void main(String[] args) throws Exception { + bug4210354 b = new bug4210354(); + b.init(); + } +} diff --git a/test/jdk/javax/swing/tree/FixedHeightLayoutCache/bug4745001.java b/test/jdk/javax/swing/tree/FixedHeightLayoutCache/bug4745001.java new file mode 100644 index 00000000000..d2beface3c2 --- /dev/null +++ b/test/jdk/javax/swing/tree/FixedHeightLayoutCache/bug4745001.java @@ -0,0 +1,174 @@ +/* + * Copyright (c) 2002, 2023, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 4745001 + * @summary JTree with setLargeModel(true) not display correctly + * when we expand/collapse nodes + * @key headful + * @run main bug4745001 +*/ + +import java.awt.Dimension; +import java.awt.FlowLayout; +import java.awt.Robot; + +import javax.swing.JFrame; +import javax.swing.JTree; +import javax.swing.tree.DefaultMutableTreeNode; +import javax.swing.tree.DefaultTreeModel; +import javax.swing.tree.TreePath; +import javax.swing.event.TreeExpansionEvent; +import javax.swing.event.TreeExpansionListener; +import javax.swing.SwingUtilities; + +public class bug4745001 { + + static JTree tree; + static JFrame fr; + boolean stateChanged; + + public static void main(String[] args) throws Exception { + Robot robot = new Robot(); + robot.setAutoDelay(100); + bug4745001 test = new bug4745001(); + try { + SwingUtilities.invokeAndWait(() -> test.init()); + robot.waitForIdle(); + robot.delay(1000); + test.start(); + robot.delay(1000); + test.destroy(); + } finally { + SwingUtilities.invokeAndWait(() -> { + if (fr != null) { + fr.dispose(); + } + }); + } + } + + public void init() { + fr = new JFrame("Test"); + fr.getContentPane().setLayout(new FlowLayout()); + + tree = new JTree(); + tree.setRowHeight(20); + tree.setLargeModel(true); + tree.setPreferredSize(new Dimension(100, 400)); + tree.setRootVisible(false); + tree.setShowsRootHandles(true); + + DefaultMutableTreeNode root = new DefaultMutableTreeNode(""); + DefaultMutableTreeNode a = new DefaultMutableTreeNode("a"); + DefaultMutableTreeNode b = new DefaultMutableTreeNode("b"); + DefaultMutableTreeNode c = new DefaultMutableTreeNode("c"); + root.add(a); + root.add(b); + root.add(c); + b.add(new DefaultMutableTreeNode("b1")); + c.add(new DefaultMutableTreeNode("c2")); + tree.setModel(new DefaultTreeModel(root)); + + fr.getContentPane().add(tree); + + tree.addTreeExpansionListener(new TreeExpansionListener() { + public void treeExpanded(TreeExpansionEvent e) { + TreePath path = e.getPath(); + if (path != null) { + DefaultMutableTreeNode node = + (DefaultMutableTreeNode)path.getLastPathComponent(); + node.removeAllChildren(); + String s = (String)node.getUserObject(); + node.add(new DefaultMutableTreeNode(s + "1")); + node.add(new DefaultMutableTreeNode(s + "2")); + node.add(new DefaultMutableTreeNode(s + "3")); + DefaultTreeModel model = (DefaultTreeModel)tree.getModel(); + model.nodeStructureChanged(node); + synchronized (bug4745001.this) { + stateChanged = true; + bug4745001.this.notifyAll(); + } + } + } + + public void treeCollapsed(TreeExpansionEvent e) { + synchronized (bug4745001.this) { + stateChanged = true; + bug4745001.this.notifyAll(); + } + } + }); + + fr.pack(); + fr.setVisible(true); + } + + void changeNodeStateForRow(final int row, final boolean expand) throws Exception { + try { + stateChanged = false; + SwingUtilities.invokeAndWait(new Runnable() { + public void run() { + try { + if (expand) { + tree.expandRow(row); + } else { + tree.collapseRow(row); + } + } catch (Exception ex) { + ex.printStackTrace(); + } + } + }); + synchronized (this) { + while (!stateChanged) { + bug4745001.this.wait(); + } + } + } catch (Throwable t) { + t.printStackTrace(); + } + } + + public void start() throws Exception { + // expand node "c" + changeNodeStateForRow(2, true); + // expand node "b" + changeNodeStateForRow(1, true); + // collapse node "c" + changeNodeStateForRow(1, false); + } + + String[] expected = new String[] {"a", "b", "c", "c1", "c2", "c3"}; + + public void destroy() { + for (int i = 0; i < expected.length; i++) { + Object obj = tree.getPathForRow(i).getLastPathComponent(); + if (!obj.toString().equals(expected[i])) { + throw new RuntimeException("Unexpected node at row "+i); + } + } + } + +} diff --git a/test/jdk/javax/swing/undo/UndoManager/bug4706533.java b/test/jdk/javax/swing/undo/UndoManager/bug4706533.java new file mode 100644 index 00000000000..5d8091a7a22 --- /dev/null +++ b/test/jdk/javax/swing/undo/UndoManager/bug4706533.java @@ -0,0 +1,58 @@ +/* + * Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 4706533 + * @summary UndoManager.setLimit(0) doesn't correctly trim the UndoManager size + * @run main bug4706533 + */ + +import javax.swing.undo.AbstractUndoableEdit; +import javax.swing.undo.CannotUndoException; +import javax.swing.undo.CannotRedoException; +import javax.swing.undo.UndoManager; + +public class bug4706533 { + + public static void main(String[] args) throws Exception { + UndoManager manager = new UndoManager(); + manager.setLimit(1); + AbstractUndoableEdit edit = new MyUndoableEdit(); + manager.addEdit(edit); + manager.setLimit(0); + try { + manager.undo(); + throw new RuntimeException("The limit should be zero"); + } catch (CannotUndoException e) { + //Expected to be thrown + } + } + + static class MyUndoableEdit extends AbstractUndoableEdit { + @Override + public void undo() throws CannotUndoException {} + @Override + public void redo() throws CannotRedoException {} + } +} diff --git a/test/jdk/javax/swing/undo/bug4992178.java b/test/jdk/javax/swing/undo/bug4992178.java new file mode 100644 index 00000000000..6edec5526e1 --- /dev/null +++ b/test/jdk/javax/swing/undo/bug4992178.java @@ -0,0 +1,67 @@ +/* + * Copyright (c) 2004, 2023, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 4992178 + * @summary REGRESSION: Allow unlimited number of edits in an UndoManager + * @run main bug4992178 + */ + +import javax.swing.undo.AbstractUndoableEdit; +import javax.swing.undo.CannotRedoException; +import javax.swing.undo.CannotUndoException; +import javax.swing.undo.UndoManager; + +public class bug4992178 { + + public static void main(String[] argv) throws Exception { + TestUndoManager manager = new TestUndoManager(); + manager.setLimit(1); + AbstractUndoableEdit edit = new MyUndoableEdit(); + manager.addEdit(edit); + + manager.setLimit(-1); + + manager.discardAllEdits(); + + if (manager.getVectorSize() != 0) { + throw new RuntimeException( + "UndoManager's vector size should be 0 after discarding all changes"); + } + } + + static class TestUndoManager extends UndoManager { + public int getVectorSize() { + return edits.size(); + } + } + + static class MyUndoableEdit extends AbstractUndoableEdit { + @Override + public void undo() throws CannotUndoException {} + @Override + public void redo() throws CannotRedoException {} + } + +} diff --git a/test/jdk/javax/xml/crypto/dsig/Basic.java b/test/jdk/javax/xml/crypto/dsig/Basic.java new file mode 100644 index 00000000000..7b9b8410e3f --- /dev/null +++ b/test/jdk/javax/xml/crypto/dsig/Basic.java @@ -0,0 +1,93 @@ +/* + * Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import jdk.test.lib.Asserts; +import jdk.test.lib.SecurityTools; +import jdk.test.lib.Utils; + +import java.io.File; +import java.nio.file.Files; +import java.nio.file.Path; +import java.security.KeyStore; +import java.security.PrivateKey; +import java.security.cert.X509Certificate; +import java.util.List; + +import static jdk.test.lib.security.XMLUtils.*; +/** + * @test + * @bug 8305972 + * @summary Basic tests using XMLUtils + * @library /test/lib + * @modules java.xml.crypto + */ +public class Basic { + + public static void main(String[] args) throws Exception { + var x = "cx"; + var p = Files.write(Path.of("x.xml"), List.of(x)); + var b = Path.of("").toUri().toString(); + var d = string2doc(x); + var pass = "changeit".toCharArray(); + for (String alg: List.of("DSA", "RSA", /*"RSASSA-PSS", 8241305 not in 11*/ "EC" /*, "EdDSA", "Ed25519", "Ed448" 8166597 not in 11*/)) { + SecurityTools.keytool(String.format( + "-keystore ks -keyalg %s -storepass changeit -genkeypair -alias %s -dname CN=%s", + alg, alg, alg)).shouldHaveExitValue(0); + var ks = KeyStore.getInstance(new File("ks"), pass); + var c = (X509Certificate) ks.getCertificate(alg); + var pr = (PrivateKey) ks.getKey(alg, pass); + var pu = c.getPublicKey(); + + var s0 = signer(pr); // No KeyInfo + var s1 = signer(pr, c); // KeyInfo is X509Data + var s2 = signer(ks, alg, pass); // KeyInfo is KeyName + var v1 = validator(); // knows nothing + var v2 = validator(ks); // knows KeyName + + Utils.runAndCheckException(() -> v1.validate(s0.sign(d)), IllegalArgumentException.class); // need PublicKey + s0.sign(string2doc(x)); + Asserts.assertTrue(v1.validate(s0.sign(d), pu)); // need PublicKey + Asserts.assertTrue(v1.validate(s1.sign(d))); // can read KeyInfo + Asserts.assertTrue(v2.validate(s2.sign(d))); // can read KeyInfo + Asserts.assertTrue(v2.secureValidation(false).validate(s2.sign(p.toUri()))); // can read KeyInfo + Asserts.assertTrue(v2.secureValidation(false).baseURI(b).validate( + s2.sign(p.toAbsolutePath().getParent().toUri(), p.getFileName().toUri()))); // can read KeyInfo + + Asserts.assertTrue(v1.validate(s0.sign("text"), pu)); // plain text + Asserts.assertTrue(v1.validate(s0.sign("binary".getBytes()), pu)); // raw data + Asserts.assertTrue(v1.validate(s0.signEnveloping(d, "x", "#x"), pu)); + Asserts.assertTrue(v1.validate(s0.signEnveloping(d, "x", "#xpointer(id('x'))"), pu)); + + // No KeyValue defined for RSASSA-PSS or EdDSA yet + if (!alg.startsWith("Ed") && !alg.equals("RSASSA-PSS")) { + var ss = signer(pr, pu); // KeyInfo is PublicKey + Asserts.assertTrue(v1.validate(ss.sign(d))); // can read KeyInfo + Asserts.assertTrue(v1.validate(ss.sign("text"))); // plain text + Asserts.assertTrue(v1.validate(ss.sign("binary".getBytes()))); // raw data + Asserts.assertTrue(v1.validate(ss.signEnveloping(d, "x", "#x"))); + Asserts.assertTrue(v1.validate(ss.signEnveloping(d, "x", "#xpointer(id('x'))"))); + } + } + } + +} diff --git a/test/jdk/javax/xml/crypto/dsig/GenerationTests.java b/test/jdk/javax/xml/crypto/dsig/GenerationTests.java index f1f5751ab14..971264b6d57 100644 --- a/test/jdk/javax/xml/crypto/dsig/GenerationTests.java +++ b/test/jdk/javax/xml/crypto/dsig/GenerationTests.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -24,12 +24,14 @@ /** * @test * @bug 4635230 6283345 6303830 6824440 6867348 7094155 8038184 8038349 8046949 - * 8046724 8079693 8177334 8205507 8210736 8217878 + * 8046724 8079693 8177334 8205507 8210736 8217878 8305972 * @summary Basic unit tests for generating XML Signatures with JSR 105 * @modules java.base/sun.security.util * java.base/sun.security.x509 * java.xml.crypto/org.jcp.xml.dsig.internal.dom * jdk.httpserver/com.sun.net.httpserver + * @library /test/lib + * @build jdk.test.lib.Asserts * @compile -XDignore.symbol.file KeySelectors.java SignatureValidator.java * X509KeySelector.java GenerationTests.java * @run main/othervm/timeout=300 -Dsun.net.httpserver.nodelay=true GenerationTests @@ -55,18 +57,8 @@ import java.security.cert.Certificate; import java.security.cert.CertificateFactory; import java.security.cert.X509CRL; -import java.security.spec.KeySpec; -import java.security.spec.DSAPrivateKeySpec; -import java.security.spec.DSAPublicKeySpec; -import java.security.spec.ECField; -import java.security.spec.ECFieldFp; -import java.security.spec.ECParameterSpec; -import java.security.spec.ECPoint; -import java.security.spec.ECPrivateKeySpec; -import java.security.spec.ECPublicKeySpec; -import java.security.spec.EllipticCurve; -import java.security.spec.RSAPrivateKeySpec; -import java.security.spec.RSAPublicKeySpec; +import java.security.cert.X509Certificate; +import java.security.spec.*; import java.util.*; import java.util.stream.Stream; import javax.crypto.KeyGenerator; @@ -92,6 +84,9 @@ import javax.xml.transform.stream.StreamResult; import org.w3c.dom.*; +import jdk.test.lib.Asserts; +import jdk.test.lib.Utils; + /** * Test that recreates merlin-xmldsig-twenty-three test vectors (and more) * but with different keys and X.509 data. @@ -106,12 +101,15 @@ public class GenerationTests { rsaSha1, rsaSha224, rsaSha256, rsaSha384, rsaSha512, ecdsaSha1, ecdsaSha224, ecdsaSha256, ecdsaSha384, ecdsaSha512, hmacSha1, hmacSha224, hmacSha256, hmacSha384, hmacSha512, - rsaSha1mgf1, rsaSha224mgf1, rsaSha256mgf1, rsaSha384mgf1, rsaSha512mgf1; + rsaSha1mgf1, rsaSha224mgf1, rsaSha256mgf1, rsaSha384mgf1, rsaSha512mgf1, + rsaSha3_224mgf1, rsaSha3_256mgf1, rsaSha3_384mgf1, rsaSha3_512mgf1, + ed25519, ed448; private static DigestMethod sha1, sha224, sha256, sha384, sha512, sha3_224, sha3_256, sha3_384, sha3_512; private static KeyInfo dsa1024, dsa2048, rsa, rsa1024, rsa2048, - p256ki, p384ki, p521ki; + p256ki, p384ki, p521ki, ed25519ki, ed448ki; private static KeySelector kvks = new KeySelectors.KeyValueKeySelector(); + private static KeySelector x5ks = new KeySelectors.RawX509KeySelector(); private static KeySelector sks; private static Key signingKey; private static PublicKey validatingKey; @@ -212,7 +210,9 @@ public class GenerationTests { SignatureMethod.RSA_SHA256, SignatureMethod.ECDSA_SHA256, SignatureMethod.HMAC_SHA256, - SignatureMethod.SHA256_RSA_MGF1); + SignatureMethod.SHA256_RSA_MGF1, + "http://www.w3.org/2007/05/xmldsig-more#sha3-256-rsa-MGF1", + "http://www.w3.org/2021/04/xmldsig-more#eddsa-ed25519"); private static final String[] allSignatureMethods = Stream.of(SignatureMethod.class.getDeclaredFields()) @@ -286,6 +286,7 @@ private static enum KeyInfoType { public static void main(String args[]) throws Exception { setup(); + test_context_iterator(); test_create_signature_enveloped_dsa(1024); test_create_signature_enveloped_dsa(2048); test_create_signature_enveloping_b64_dsa(); @@ -303,6 +304,10 @@ public static void main(String args[]) throws Exception { test_create_signature_enveloping_p256_sha512(); test_create_signature_enveloping_p384_sha1(); test_create_signature_enveloping_p521_sha1(); + /* "8166597: Crypto support for the EdDSA Signature Algorithm" missing in 11. + test_create_signature_enveloping_ed25519(); + test_create_signature_enveloping_ed448(); + */ test_create_signature_external_b64_dsa(); test_create_signature_external_dsa(); test_create_signature_keyname(); @@ -330,6 +335,11 @@ public static void main(String args[]) throws Exception { test_create_signature_enveloping_sha512_rsa_sha256_mgf1(); test_create_signature_enveloping_sha512_rsa_sha384_mgf1(); test_create_signature_enveloping_sha512_rsa_sha512_mgf1(); + // "8172680: Support SHA-3 based Hmac algorithms" not in 11. + //test_create_signature_enveloping_sha512_rsa_sha3_224_mgf1(); + //test_create_signature_enveloping_sha512_rsa_sha3_256_mgf1(); + //test_create_signature_enveloping_sha512_rsa_sha3_384_mgf1(); + //test_create_signature_enveloping_sha512_rsa_sha3_512_mgf1(); test_create_signature_reference_dependency(); test_create_signature_with_attr_in_no_namespace(); test_create_signature_with_empty_id(); @@ -342,45 +352,51 @@ public static void main(String args[]) throws Exception { try (Http server = Http.startServer()) { server.start(); - // tests for XML documents + System.out.println("\ntests for XML documents"); Arrays.stream(canonicalizationMethods).forEach(c -> Arrays.stream(allSignatureMethods).forEach(s -> Arrays.stream(allDigestMethods).forEach(d -> Arrays.stream(xml_transforms).forEach(t -> Arrays.stream(KeyInfoType.values()).forEach(k -> { if (isMajor(s, d)) { - test_create_detached_signature(c, s, d, t, k, - Content.Xml, server.getPort(), false, null); + if (!s.contains("#eddsa") || k != KeyInfoType.KeyValue) { + test_create_detached_signature(c, s, d, t, k, + Content.Xml, server.getPort(), false, null); + } } }))))); - // tests for text data with no transform + System.out.println("\ntests for text data with no transform"); Arrays.stream(canonicalizationMethods).forEach(c -> Arrays.stream(allSignatureMethods).forEach(s -> Arrays.stream(allDigestMethods).forEach(d -> Arrays.stream(KeyInfoType.values()).forEach(k -> { if (isMajor(s, d)) { - test_create_detached_signature(c, s, d, null, k, - Content.Text, server.getPort(), false, null); + if (!s.contains("#eddsa") || k != KeyInfoType.KeyValue) { + test_create_detached_signature(c, s, d, null, k, + Content.Text, server.getPort(), false, null); + } } })))); - // tests for base64 data + System.out.println("\ntests for base64 data"); Arrays.stream(canonicalizationMethods).forEach(c -> Arrays.stream(allSignatureMethods).forEach(s -> Arrays.stream(allDigestMethods).forEach(d -> Arrays.stream(non_xml_transforms).forEach(t -> Arrays.stream(KeyInfoType.values()).forEach(k -> { if (isMajor(s, d)) { - test_create_detached_signature(c, s, d, t, k, - Content.Base64, server.getPort(), - false, null); + if (!s.contains("#eddsa") || k != KeyInfoType.KeyValue) { + test_create_detached_signature(c, s, d, t, k, + Content.Base64, server.getPort(), + false, null); + } } }))))); // negative tests - // unknown CanonicalizationMethod + System.out.println("\nunknown CanonicalizationMethod"); test_create_detached_signature( CanonicalizationMethod.EXCLUSIVE + BOGUS, SignatureMethod.DSA_SHA1, @@ -392,7 +408,7 @@ public static void main(String args[]) throws Exception { true, NoSuchAlgorithmException.class); - // unknown SignatureMethod + System.out.println("\nunknown SignatureMethod"); test_create_detached_signature( CanonicalizationMethod.EXCLUSIVE, SignatureMethod.DSA_SHA1 + BOGUS, @@ -403,7 +419,7 @@ public static void main(String args[]) throws Exception { true, NoSuchAlgorithmException.class); - // unknown DigestMethod + System.out.println("\nunknown DigestMethod"); test_create_detached_signature( CanonicalizationMethod.EXCLUSIVE, SignatureMethod.DSA_SHA1, @@ -414,7 +430,7 @@ public static void main(String args[]) throws Exception { true, NoSuchAlgorithmException.class); - // unknown Transform + System.out.println("\nunknown Transform"); test_create_detached_signature( CanonicalizationMethod.EXCLUSIVE, SignatureMethod.DSA_SHA1, @@ -425,7 +441,7 @@ public static void main(String args[]) throws Exception { true, NoSuchAlgorithmException.class); - // no source document + System.out.println("\nno source document"); test_create_detached_signature( CanonicalizationMethod.EXCLUSIVE, SignatureMethod.DSA_SHA1, @@ -437,7 +453,7 @@ public static void main(String args[]) throws Exception { true, XMLSignatureException.class); - // wrong transform for text data + System.out.println("\nwrong transform for text data"); test_create_detached_signature( CanonicalizationMethod.EXCLUSIVE, SignatureMethod.DSA_SHA1, @@ -515,6 +531,11 @@ private static void setup() throws Exception { p521ki = kifac.newKeyInfo(Collections.singletonList (kifac.newKeyValue(getECPublicKey("P521")))); + ed25519ki = kifac.newKeyInfo(Collections.singletonList + (kifac.newX509Data(List.of(getEd25519Certificate())))); + ed448ki = kifac.newKeyInfo(Collections.singletonList + (kifac.newX509Data(List.of(getEd448Certificate())))); + rsaSha1 = fac.newSignatureMethod(SignatureMethod.RSA_SHA1, null); rsaSha224 = fac.newSignatureMethod(SignatureMethod.RSA_SHA224, null); rsaSha256 = fac.newSignatureMethod(SignatureMethod.RSA_SHA256, null); @@ -526,6 +547,10 @@ private static void setup() throws Exception { rsaSha256mgf1 = fac.newSignatureMethod(SignatureMethod.SHA256_RSA_MGF1, null); rsaSha384mgf1 = fac.newSignatureMethod(SignatureMethod.SHA384_RSA_MGF1, null); rsaSha512mgf1 = fac.newSignatureMethod(SignatureMethod.SHA512_RSA_MGF1, null); + rsaSha3_224mgf1 = fac.newSignatureMethod("http://www.w3.org/2007/05/xmldsig-more#sha3-224-rsa-MGF1", null); + rsaSha3_256mgf1 = fac.newSignatureMethod("http://www.w3.org/2007/05/xmldsig-more#sha3-256-rsa-MGF1", null); + rsaSha3_384mgf1 = fac.newSignatureMethod("http://www.w3.org/2007/05/xmldsig-more#sha3-384-rsa-MGF1", null); + rsaSha3_512mgf1 = fac.newSignatureMethod("http://www.w3.org/2007/05/xmldsig-more#sha3-512-rsa-MGF1", null); ecdsaSha1 = fac.newSignatureMethod(SignatureMethod.ECDSA_SHA1, null); ecdsaSha224 = fac.newSignatureMethod(SignatureMethod.ECDSA_SHA224, null); @@ -533,6 +558,9 @@ private static void setup() throws Exception { ecdsaSha384 = fac.newSignatureMethod(SignatureMethod.ECDSA_SHA384, null); ecdsaSha512 = fac.newSignatureMethod(SignatureMethod.ECDSA_SHA512, null); + ed25519 = fac.newSignatureMethod("http://www.w3.org/2021/04/xmldsig-more#eddsa-ed25519", null); + ed448 = fac.newSignatureMethod("http://www.w3.org/2021/04/xmldsig-more#eddsa-ed448", null); + hmacSha1 = fac.newSignatureMethod(SignatureMethod.HMAC_SHA1, null); hmacSha224 = fac.newSignatureMethod(SignatureMethod.HMAC_SHA224, null); hmacSha256 = fac.newSignatureMethod(SignatureMethod.HMAC_SHA256, null); @@ -604,21 +632,21 @@ static void test_create_signature_enveloped_dsa(int size) throws Exception { static void test_create_signature_enveloping_b64_dsa() throws Exception { System.out.println("* Generating signature-enveloping-b64-dsa.xml"); test_create_signature_enveloping - (sha1, dsaSha1, dsa1024, signingKey, kvks, true); + (sha1, dsaSha1, dsa1024, signingKey, kvks, true, true); System.out.println(); } static void test_create_signature_enveloping_dsa() throws Exception { System.out.println("* Generating signature-enveloping-dsa.xml"); test_create_signature_enveloping - (sha1, dsaSha1, dsa1024, signingKey, kvks, false); + (sha1, dsaSha1, dsa1024, signingKey, kvks, false, true); System.out.println(); } static void test_create_signature_enveloping_sha256_dsa() throws Exception { System.out.println("* Generating signature-enveloping-sha256-dsa.xml"); test_create_signature_enveloping - (sha256, dsaSha1, dsa1024, signingKey, kvks, false); + (sha256, dsaSha1, dsa1024, signingKey, kvks, false, true); System.out.println(); } @@ -627,7 +655,7 @@ static void test_create_signature_enveloping_hmac_sha1_40() System.out.println("* Generating signature-enveloping-hmac-sha1-40.xml"); try { test_create_signature_enveloping(sha1, hmacSha1, null, - getSecretKey("secret".getBytes("ASCII")), sks, false); + getSecretKey("secret".getBytes("ASCII")), sks, false, true); } catch (Exception e) { if (!(e instanceof XMLSignatureException)) { throw e; @@ -640,7 +668,7 @@ static void test_create_signature_enveloping_hmac_sha256() throws Exception { System.out.println("* Generating signature-enveloping-hmac-sha256.xml"); test_create_signature_enveloping(sha1, hmacSha256, null, - getSecretKey("secret".getBytes("ASCII")), sks, false); + getSecretKey("secret".getBytes("ASCII")), sks, false, true); System.out.println(); } @@ -648,7 +676,7 @@ static void test_create_signature_enveloping_hmac_sha224() throws Exception { System.out.println("* Generating signature-enveloping-hmac-sha224.xml"); test_create_signature_enveloping(sha1, hmacSha224, null, - getSecretKey("secret".getBytes("ASCII")), sks, false); + getSecretKey("secret".getBytes("ASCII")), sks, false, true); System.out.println(); } @@ -656,7 +684,7 @@ static void test_create_signature_enveloping_hmac_sha384() throws Exception { System.out.println("* Generating signature-enveloping-hmac-sha384.xml"); test_create_signature_enveloping(sha1, hmacSha384, null, - getSecretKey("secret".getBytes("ASCII")), sks, false); + getSecretKey("secret".getBytes("ASCII")), sks, false, true); System.out.println(); } @@ -664,14 +692,14 @@ static void test_create_signature_enveloping_hmac_sha512() throws Exception { System.out.println("* Generating signature-enveloping-hmac-sha512.xml"); test_create_signature_enveloping(sha1, hmacSha512, null, - getSecretKey("secret".getBytes("ASCII")), sks, false); + getSecretKey("secret".getBytes("ASCII")), sks, false, true); System.out.println(); } static void test_create_signature_enveloping_rsa() throws Exception { System.out.println("* Generating signature-enveloping-rsa.xml"); test_create_signature_enveloping(sha1, rsaSha1, rsa, - getPrivateKey("RSA", 512), kvks, false); + getPrivateKey("RSA", 512), kvks, false, false); System.out.println(); } @@ -679,7 +707,7 @@ static void test_create_signature_enveloping_sha384_rsa_sha256() throws Exception { System.out.println("* Generating signature-enveloping-sha384-rsa_sha256.xml"); test_create_signature_enveloping(sha384, rsaSha256, rsa, - getPrivateKey("RSA", 512), kvks, false); + getPrivateKey("RSA", 512), kvks, false, false); System.out.println(); } @@ -687,7 +715,7 @@ static void test_create_signature_enveloping_sha224_rsa_sha256() throws Exception { System.out.println("* Generating signature-enveloping-sha224-rsa_sha256.xml"); test_create_signature_enveloping(sha224, rsaSha256, rsa, - getPrivateKey("RSA", 512), kvks, false); + getPrivateKey("RSA", 512), kvks, false, false); System.out.println(); } @@ -695,7 +723,7 @@ static void test_create_signature_enveloping_sha3_224_rsa_sha256() throws Exception { System.out.println("* Generating signature-enveloping-sha3_224-rsa_sha256.xml"); test_create_signature_enveloping(sha3_224, rsaSha256, rsa, - getPrivateKey("RSA", 512), kvks, false); + getPrivateKey("RSA", 512), kvks, false, false); System.out.println(); } @@ -703,7 +731,7 @@ static void test_create_signature_enveloping_sha3_256_rsa_sha256() throws Exception { System.out.println("* Generating signature-enveloping-sha3_256-rsa_sha256.xml"); test_create_signature_enveloping(sha3_256, rsaSha256, rsa, - getPrivateKey("RSA", 512), kvks, false); + getPrivateKey("RSA", 512), kvks, false, false); System.out.println(); } @@ -711,7 +739,7 @@ static void test_create_signature_enveloping_sha3_384_rsa_sha256() throws Exception { System.out.println("* Generating signature-enveloping-sha3_384-rsa_sha256.xml"); test_create_signature_enveloping(sha3_384, rsaSha256, rsa, - getPrivateKey("RSA", 512), kvks, false); + getPrivateKey("RSA", 512), kvks, false, false); System.out.println(); } @@ -719,7 +747,7 @@ static void test_create_signature_enveloping_sha3_512_rsa_sha256() throws Exception { System.out.println("* Generating signature-enveloping-sha3_512-rsa_sha256.xml"); test_create_signature_enveloping(sha3_512, rsaSha256, rsa, - getPrivateKey("RSA", 512), kvks, false); + getPrivateKey("RSA", 512), kvks, false, false); System.out.println(); } @@ -727,7 +755,7 @@ static void test_create_signature_enveloping_sha512_rsa_sha384() throws Exception { System.out.println("* Generating signature-enveloping-sha512-rsa_sha384.xml"); test_create_signature_enveloping(sha512, rsaSha384, rsa1024, - getPrivateKey("RSA", 1024), kvks, false); + getPrivateKey("RSA", 1024), kvks, false, true); System.out.println(); } @@ -735,7 +763,7 @@ static void test_create_signature_enveloping_sha512_rsa_sha224() throws Exception { System.out.println("* Generating signature-enveloping-sha512-rsa_sha224.xml"); test_create_signature_enveloping(sha512, rsaSha224, rsa1024, - getPrivateKey("RSA", 1024), kvks, false); + getPrivateKey("RSA", 1024), kvks, false, true); System.out.println(); } @@ -743,7 +771,7 @@ static void test_create_signature_enveloping_sha512_rsa_sha512() throws Exception { System.out.println("* Generating signature-enveloping-sha512-rsa_sha512.xml"); test_create_signature_enveloping(sha512, rsaSha512, rsa1024, - getPrivateKey("RSA", 1024), kvks, false); + getPrivateKey("RSA", 1024), kvks, false, true); System.out.println(); } @@ -751,7 +779,7 @@ static void test_create_signature_enveloping_sha512_rsa_sha1_mgf1() throws Exception { System.out.println("* Generating signature-enveloping-sha512-rsa_sha1_mgf1.xml"); test_create_signature_enveloping(sha512, rsaSha1mgf1, rsa1024, - getPrivateKey("RSA", 1024), kvks, false); + getPrivateKey("RSA", 1024), kvks, false, true); System.out.println(); } @@ -759,7 +787,7 @@ static void test_create_signature_enveloping_sha512_rsa_sha224_mgf1() throws Exception { System.out.println("* Generating signature-enveloping-sha512-rsa_sha224_mgf1.xml"); test_create_signature_enveloping(sha512, rsaSha224mgf1, rsa1024, - getPrivateKey("RSA", 1024), kvks, false); + getPrivateKey("RSA", 1024), kvks, false, true); System.out.println(); } @@ -767,7 +795,7 @@ static void test_create_signature_enveloping_sha512_rsa_sha256_mgf1() throws Exception { System.out.println("* Generating signature-enveloping-sha512-rsa_sha256_mgf1.xml"); test_create_signature_enveloping(sha512, rsaSha256mgf1, rsa1024, - getPrivateKey("RSA", 1024), kvks, false); + getPrivateKey("RSA", 1024), kvks, false, true); System.out.println(); } @@ -775,7 +803,7 @@ static void test_create_signature_enveloping_sha512_rsa_sha384_mgf1() throws Exception { System.out.println("* Generating signature-enveloping-sha512-rsa_sha384_mgf1.xml"); test_create_signature_enveloping(sha512, rsaSha384mgf1, rsa1024, - getPrivateKey("RSA", 1024), kvks, false); + getPrivateKey("RSA", 1024), kvks, false, true); System.out.println(); } @@ -783,58 +811,106 @@ static void test_create_signature_enveloping_sha512_rsa_sha512_mgf1() throws Exception { System.out.println("* Generating signature-enveloping-sha512-rsa_sha512_mgf1.xml"); test_create_signature_enveloping(sha512, rsaSha512mgf1, rsa2048, - getPrivateKey("RSA", 2048), kvks, false); + getPrivateKey("RSA", 2048), kvks, false, true); + System.out.println(); + } + + static void test_create_signature_enveloping_sha512_rsa_sha3_224_mgf1() + throws Exception { + System.out.println("* Generating signature-enveloping-sha512-rsa_sha3_224_mgf1.xml"); + test_create_signature_enveloping(sha512, rsaSha3_224mgf1, rsa1024, + getPrivateKey("RSA", 1024), kvks, false, true); + System.out.println(); + } + + static void test_create_signature_enveloping_sha512_rsa_sha3_256_mgf1() + throws Exception { + System.out.println("* Generating signature-enveloping-sha512-rsa_sha3_256_mgf1.xml"); + test_create_signature_enveloping(sha512, rsaSha3_256mgf1, rsa1024, + getPrivateKey("RSA", 1024), kvks, false, true); + System.out.println(); + } + + static void test_create_signature_enveloping_sha512_rsa_sha3_384_mgf1() + throws Exception { + System.out.println("* Generating signature-enveloping-sha512-rsa_sha3_384_mgf1.xml"); + test_create_signature_enveloping(sha512, rsaSha3_384mgf1, rsa1024, + getPrivateKey("RSA", 1024), kvks, false, true); + System.out.println(); + } + + static void test_create_signature_enveloping_sha512_rsa_sha3_512_mgf1() + throws Exception { + System.out.println("* Generating signature-enveloping-sha512-rsa_sha3_512_mgf1.xml"); + test_create_signature_enveloping(sha512, rsaSha3_512mgf1, rsa2048, + getPrivateKey("RSA", 2048), kvks, false, true); System.out.println(); } static void test_create_signature_enveloping_p256_sha1() throws Exception { System.out.println("* Generating signature-enveloping-p256-sha1.xml"); test_create_signature_enveloping(sha1, ecdsaSha1, p256ki, - getECPrivateKey("P256"), kvks, false); + getECPrivateKey("P256"), kvks, false, true); System.out.println(); } static void test_create_signature_enveloping_p256_sha224() throws Exception { System.out.println("* Generating signature-enveloping-p256-sha224.xml"); test_create_signature_enveloping(sha1, ecdsaSha224, p256ki, - getECPrivateKey("P256"), kvks, false); + getECPrivateKey("P256"), kvks, false, true); System.out.println(); } static void test_create_signature_enveloping_p256_sha256() throws Exception { System.out.println("* Generating signature-enveloping-p256-sha256.xml"); test_create_signature_enveloping(sha1, ecdsaSha256, p256ki, - getECPrivateKey("P256"), kvks, false); + getECPrivateKey("P256"), kvks, false, true); System.out.println(); } static void test_create_signature_enveloping_p256_sha384() throws Exception { System.out.println("* Generating signature-enveloping-p256-sha384.xml"); test_create_signature_enveloping(sha1, ecdsaSha384, p256ki, - getECPrivateKey("P256"), kvks, false); + getECPrivateKey("P256"), kvks, false, true); System.out.println(); } static void test_create_signature_enveloping_p256_sha512() throws Exception { System.out.println("* Generating signature-enveloping-p256-sha512.xml"); test_create_signature_enveloping(sha1, ecdsaSha512, p256ki, - getECPrivateKey("P256"), kvks, false); + getECPrivateKey("P256"), kvks, false, true); System.out.println(); } static void test_create_signature_enveloping_p384_sha1() throws Exception { System.out.println("* Generating signature-enveloping-p384-sha1.xml"); test_create_signature_enveloping(sha1, ecdsaSha1, p384ki, - getECPrivateKey("P384"), kvks, false); + getECPrivateKey("P384"), kvks, false, true); System.out.println(); } static void test_create_signature_enveloping_p521_sha1() throws Exception { System.out.println("* Generating signature-enveloping-p521-sha1.xml"); test_create_signature_enveloping(sha1, ecdsaSha1, p521ki, - getECPrivateKey("P521"), kvks, false); + getECPrivateKey("P521"), kvks, false, true); + System.out.println(); + } + + /* "8166597: Crypto support for the EdDSA Signature Algorithm" missing in 11. + static void test_create_signature_enveloping_ed25519() throws Exception { + System.out.println("* Generating signature-enveloping-ed25519.xml"); + test_create_signature_enveloping(sha1, ed25519, ed25519ki, + getEd25519PrivateKey(), x5ks, false, true); + System.out.println(); + } + + static void test_create_signature_enveloping_ed448() throws Exception { + System.out.println("* Generating signature-enveloping-ed448.xml"); + test_create_signature_enveloping(sha1, ed448, ed448ki, + getEd448PrivateKey(), x5ks, false, true); System.out.println(); } + */ static void test_create_signature_external_b64_dsa() throws Exception { System.out.println("* Generating signature-external-b64-dsa.xml"); @@ -964,6 +1040,7 @@ static void test_create_signature_reference_dependency() throws Exception { DOMValidateContext dvc = new DOMValidateContext (kvks, doc.getDocumentElement()); + dvc.setProperty("org.jcp.xml.dsig.secureValidation", false); XMLSignature sig2 = fac.unmarshalXMLSignature(dvc); if (sig.equals(sig2) == false) { @@ -1011,6 +1088,7 @@ static void test_create_signature_with_attr_in_no_namespace() DOMValidateContext dvc = new DOMValidateContext (kvks, doc.getDocumentElement()); + dvc.setProperty("org.jcp.xml.dsig.secureValidation", false); dvc.setIdAttributeNS(nc, null, "Id"); XMLSignature sig2 = fac.unmarshalXMLSignature(dvc); @@ -1451,7 +1529,7 @@ private static void dumpDocument(Document doc, Writer w) throws Exception { private static void test_create_signature_enveloping (DigestMethod dm, SignatureMethod sm, KeyInfo ki, Key signingKey, - KeySelector ks, boolean b64) throws Exception { + KeySelector ks, boolean b64, boolean secVal) throws Exception { // create reference Reference ref; @@ -1486,6 +1564,7 @@ private static void dumpDocument(Document doc, Writer w) throws Exception { DOMValidateContext dvc = new DOMValidateContext (ks, doc.getDocumentElement()); + dvc.setProperty("org.jcp.xml.dsig.secureValidation", secVal); XMLSignature sig2 = fac.unmarshalXMLSignature(dvc); if (sig.equals(sig2) == false) { @@ -1744,6 +1823,7 @@ static boolean test_create_detached_signature0(String canonicalizationMethod, throws Exception { System.out.print("-S"); + System.out.flush(); DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); dbf.setNamespaceAware(true); @@ -1828,6 +1908,7 @@ static boolean test_create_detached_signature0(String canonicalizationMethod, } System.out.print("V"); + System.out.flush(); try (ByteArrayInputStream bis = new ByteArrayInputStream( signatureString.getBytes())) { doc = dbf.newDocumentBuilder().parse(bis); @@ -1851,18 +1932,62 @@ static boolean test_create_detached_signature0(String canonicalizationMethod, boolean success = signature.validate(vc); if (!success) { System.out.print("x"); + System.out.flush(); return false; } success = signature.getSignatureValue().validate(vc); if (!success) { System.out.print("X"); + System.out.flush(); return false; } return true; } + static boolean test_context_iterator() throws Exception { + System.out.println("Testing context iterator() method."); + + Reference ref = fac.newReference("#object", + fac.newDigestMethod(DigestMethod.SHA512, null)); + SignedInfo si = fac.newSignedInfo(withoutComments, rsaSha512, + Collections.singletonList(ref)); + + Document doc = db.newDocument(); + XMLObject obj = fac.newXMLObject(Collections.singletonList( + new DOMStructure(doc.createTextNode("test text"))), "object", + null, null); + + DOMSignContext dsc = new DOMSignContext(signingKey, doc); + Asserts.assertNotNull(dsc.iterator()); + Asserts.assertFalse(dsc.iterator().hasNext()); + + String namespaceURI = "https://example.com/ns"; + String idAttrValue = "id1"; + String elementQualifiedName = "test:data"; + + Element elm = doc.createElementNS(namespaceURI, elementQualifiedName); + elm.setAttributeNS(namespaceURI, "test:id", idAttrValue); + dsc.setIdAttributeNS(elm, namespaceURI, "id"); + + Iterator> iter = dsc.iterator(); + Asserts.assertTrue(dsc.iterator().hasNext()); + + Map.Entry element = iter.next(); + Asserts.assertEquals(element.getKey(), idAttrValue); + Asserts.assertEquals(element.getValue().getNodeName(), elementQualifiedName); + + try { + iter.remove(); + throw new RuntimeException( + "The expected UnsupportedOperationException was not thrown."); + } catch (UnsupportedOperationException exc) { + // this is expected + } + return true; + } + private static Key[] getCachedKeys(String signatureMethod) { return cachedKeys.computeIfAbsent(signatureMethod, sm -> { try { @@ -1882,13 +2007,15 @@ private static Key[] getCachedKeys(String signatureMethod) { || sm.contains("-rsa-MGF1")) { kpg = KeyPairGenerator.getInstance("RSA"); kpg.initialize( - sm.contains("#sha512-rsa-MGF1") ? 2048 : 1024); + sm.contains("512-rsa-MGF1") ? 2048 : 1024); } else if (sm.contains("#dsa-")) { kpg = KeyPairGenerator.getInstance("DSA"); kpg.initialize(1024); } else if (sm.contains("#ecdsa-")) { kpg = KeyPairGenerator.getInstance("EC"); kpg.initialize(256); + } else if (sm.contains("#eddsa-")) { + kpg = KeyPairGenerator.getInstance(sm.substring(sm.lastIndexOf('-') + 1)); } else { throw new RuntimeException("Unsupported signature algorithm"); } @@ -2017,6 +2144,20 @@ private static Key[] getCachedKeys(String signatureMethod) { 1 ); + private static final String ED25519_CERT = + "3081d730818aa003020102020822bc4997b1893265300506032b657030123110300e0603550403130745643235353139301e170d3233303431333033303732365a170d3433303430383033303" + + "732365a30123110300e0603550403130745643235353139302a300506032b657003210012ecd7383ac90c30035dc531285bdb897faafddfc6969271c2ebd9a82b6078e5300506032b65700341" + + "00a3cb7c03bbb3e9fa92eaf3f9a6f2608460d472c6a6ce3bebf0f57f45612e87ebdc6aa6d7527ae9e86c8e10bcccf98963f9b082c0bb44adb240c5fce9bb68b301"; + private static final String ED25519_KEY = + "b59e57e352fa03b3a643946ae60b7f1e276f9ab41f25accaa63b660ba36168b2"; + private static final String ED448_CERT = + "3082011f3081a0a003020102020900ceaefd75473d52b2300506032b65713010310e300c060355040313054564343438301e170d3233303431333033303735345a170d3433303430383033303" + + "735345a3010310e300c0603550403130545643434383043300506032b6571033a00d605be958f21faf6a1181fa96ebe8580cca3cae9b48dfad5145ee999d9df4ef77c355d33ae8b21e9a3541f" + + "b985ae366b9678db1a3fd1fd5c00300506032b65710373000b4dc8de20b261f5ca7cf41777725a2ec6cd107d6b75cd6ad02c00af8096ecf97c7445596aabd70381ce087d2b3b280ca4181566b" + + "9230fd6801e22e53f1514989bc5b06cfb5f7cac222ea9a37a0771a3f7cfcbfd1ba9546bbe333d37ee81c3a53d86247d377225114e1e81123f947a391800"; + private static final String ED448_KEY = + "50b72f081f7f2f3383c4b03975cf49a76ba8b17dec51eaea3cd267b6989b81786e8dd8af4df305eaad60bdd24345b8490548c371d62e926f80"; + private static ECParameterSpec initECParams( String sfield, String a, String b, String gx, String gy, String n, int h) { @@ -2090,6 +2231,16 @@ private static PublicKey getECPublicKey(String curve) throws Exception { return kf.generatePublic(kspec); } + private static X509Certificate getEd25519Certificate() throws Exception { + return (X509Certificate) CertificateFactory.getInstance("X.509") + .generateCertificate(new ByteArrayInputStream(Utils.toByteArray(ED25519_CERT))); + } + + private static X509Certificate getEd448Certificate() throws Exception { + return (X509Certificate) CertificateFactory.getInstance("X.509") + .generateCertificate(new ByteArrayInputStream(Utils.toByteArray(ED448_CERT))); + } + private static PrivateKey getPrivateKey(String algo, int keysize) throws Exception { KeyFactory kf = KeyFactory.getInstance(algo); @@ -2143,6 +2294,18 @@ private static PrivateKey getECPrivateKey(String curve) throws Exception { return kf.generatePrivate(kspec); } + /* "8166597: Crypto support for the EdDSA Signature Algorithm" missing in 11. + private static PrivateKey getEd25519PrivateKey() throws Exception { + return KeyFactory.getInstance("Ed25519").generatePrivate(new EdECPrivateKeySpec( + NamedParameterSpec.ED25519, Utils.toByteArray(ED25519_KEY))); + } + + private static PrivateKey getEd448PrivateKey() throws Exception { + return KeyFactory.getInstance("Ed448").generatePrivate(new EdECPrivateKeySpec( + NamedParameterSpec.ED448, Utils.toByteArray(ED448_KEY))); + } + */ + private static SecretKey getSecretKey(final byte[] secret) { return new SecretKey() { public String getFormat() { return "RAW"; } diff --git a/test/jdk/javax/xml/crypto/dsig/HereFunction.java b/test/jdk/javax/xml/crypto/dsig/HereFunction.java new file mode 100644 index 00000000000..9d0d4a7ef77 --- /dev/null +++ b/test/jdk/javax/xml/crypto/dsig/HereFunction.java @@ -0,0 +1,242 @@ +/* + * Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/** + * @test + * @bug 8305972 + * @summary Demonstrate here() support for validating XML Signatures + * @modules java.base/sun.security.util + * java.base/sun.security.x509 + * java.xml.crypto/org.jcp.xml.dsig.internal.dom + * @library /test/lib + * @compile -XDignore.symbol.file KeySelectors.java SignatureValidator.java + * X509KeySelector.java ValidationTests.java + * @run main/othervm HereFunction default true + * @run main/othervm HereFunction true true + * @run main/othervm HereFunction false false + */ +import java.io.File; +import java.io.FileInputStream; +import java.security.*; +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; +import javax.xml.crypto.Data; +import javax.xml.crypto.KeySelector; +import javax.xml.crypto.OctetStreamData; +import javax.xml.crypto.URIDereferencer; +import javax.xml.crypto.URIReference; +import javax.xml.crypto.URIReferenceException; +import javax.xml.crypto.XMLCryptoContext; +import javax.xml.crypto.dsig.*; +import javax.xml.crypto.dsig.dom.DOMSignContext; +import javax.xml.crypto.dsig.dom.DOMValidateContext; +import javax.xml.crypto.dsig.keyinfo.KeyInfo; +import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory; +import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec; +import javax.xml.crypto.dsig.spec.XPathFilterParameterSpec; +import javax.xml.parsers.DocumentBuilderFactory; + +import jdk.test.lib.Asserts; +import jdk.test.lib.Utils; +import jdk.test.lib.security.SecurityUtils; +import org.w3c.dom.Document; +import org.w3c.dom.Element; +import org.w3c.dom.NodeList; + +public class HereFunction { + + private final static String DIR = System.getProperty("test.src", "."); + private final static String DATA_DIR = + DIR + System.getProperty("file.separator") + "data"; + private final static String KEYSTORE_VERIFY = + DATA_DIR + System.getProperty("file.separator") + "certs" + + System.getProperty("file.separator") + "xmldsig.jks"; + private final static String KEYSTORE_SIGN = + DATA_DIR + System.getProperty("file.separator") + "certs" + + System.getProperty("file.separator") + "test.jks"; + private final static String STYLESHEET = + "http://www.w3.org/TR/xml-stylesheet"; + private final static String STYLESHEET_B64 = + "http://www.w3.org/Signature/2002/04/xml-stylesheet.b64"; + private final static char[] PASS = "changeit".toCharArray(); + + public static void main(String args[]) throws Throwable { + if (!args[0].equals("default")) { + Security.setProperty("jdk.xml.dsig.hereFunctionSupported", args[0]); + } + /* "8259709: Disable SHA-1 XML Signatures" not in 11. + // Re-enable sha1 algs + SecurityUtils.removeAlgsFromDSigPolicy("sha1"); + */ + + boolean expected = Boolean.parseBoolean(args[1]); + + sign(expected); + + // Validating an old signature signed by JDK < 21 + validate(expected); + } + + static void validate(boolean expected) throws Exception { + SignatureValidator validator = new SignatureValidator(new File(DATA_DIR)); + + KeyStore keystore = KeyStore.getInstance(new File(KEYSTORE_VERIFY), PASS); + KeySelector ks = new X509KeySelector(keystore, false); + + if (expected) { + Asserts.assertTrue(validator.validate( + "signature.xml", ks, new HttpURIDereferencer(), false)); + } else { + Utils.runAndCheckException(() -> validator.validate( + "signature.xml", ks, new HttpURIDereferencer(), false), + XMLSignatureException.class); + } + } + + static void sign(boolean expected) throws Exception { + XMLSignatureFactory fac = XMLSignatureFactory.getInstance(); + DigestMethod sha1 = fac.newDigestMethod(DigestMethod.SHA1, null); + CanonicalizationMethod withoutComments = fac.newCanonicalizationMethod + (CanonicalizationMethod.INCLUSIVE, (C14NMethodParameterSpec)null); + SignatureMethod dsaSha1 = fac.newSignatureMethod(SignatureMethod.DSA_SHA1, null); + KeyInfoFactory kifac = fac.getKeyInfoFactory(); + DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); + dbf.setNamespaceAware(true); + + String ENVELOPE = + DATA_DIR + System.getProperty("file.separator") + "envelope.xml"; + + var ks = KeyStore.getInstance(new File(KEYSTORE_SIGN), PASS); + var signingKey = ks.getKey("user", PASS); + var signingCert = ks.getCertificate("user"); + + // create references + List refs = new ArrayList<>(); + + // Reference 1 + refs.add(fac.newReference(STYLESHEET, sha1)); + + // Reference 2 + String expr = "\n" + + " ancestor-or-self::dsig:SignedInfo " + "\n" + + " and " + "\n" + + " count(ancestor-or-self::dsig:Reference | " + "\n" + + " here()/ancestor::dsig:Reference[1]) > " + "\n" + + " count(ancestor-or-self::dsig:Reference) " + "\n" + + " or " + "\n" + + " count(ancestor-or-self::node() | " + "\n" + + " id('notaries')) = " + "\n" + + " count(ancestor-or-self::node()) " + "\n"; + + XPathFilterParameterSpec xfp = new XPathFilterParameterSpec(expr, + Collections.singletonMap("dsig", XMLSignature.XMLNS)); + refs.add(fac.newReference("", sha1, Collections.singletonList + (fac.newTransform(Transform.XPATH, xfp)), + XMLObject.TYPE, null)); + + // create SignedInfo + SignedInfo si = fac.newSignedInfo(withoutComments, dsaSha1, refs); + + // create keyinfo + KeyInfo ki = kifac.newKeyInfo(List.of( + kifac.newX509Data(List.of(signingCert))), null); + + // create XMLSignature + XMLSignature sig = fac.newXMLSignature(si, ki, null, "signature", null); + + dbf.setValidating(false); + Document envDoc = dbf.newDocumentBuilder() + .parse(new FileInputStream(ENVELOPE)); + Element ys = (Element) + envDoc.getElementsByTagName("YoursSincerely").item(0); + + DOMSignContext dsc = new DOMSignContext(signingKey, ys); + dsc.setURIDereferencer(new HttpURIDereferencer()); + + if (expected) { + sig.sign(dsc); + } else { + Utils.runAndCheckException( + () -> sig.sign(dsc), XMLSignatureException.class); + return; // Signing fails, no need to validate + } + +// StringWriter sw = new StringWriter(); +// dumpDocument(envDoc, sw); + + NodeList nl = + envDoc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature"); + if (nl.getLength() == 0) { + throw new Exception("Couldn't find signature Element"); + } + Element sigElement = (Element) nl.item(0); + + DOMValidateContext dvc = new DOMValidateContext + (new X509KeySelector(ks), sigElement); + dvc.setURIDereferencer(new HttpURIDereferencer()); + File f = new File( + System.getProperty("dir.test.vector.baltimore") + + System.getProperty("file.separator") + + "merlin-xmldsig-twenty-three" + + System.getProperty("file.separator")); + dvc.setBaseURI(f.toURI().toString()); + + XMLSignature sig2 = fac.unmarshalXMLSignature(dvc); + + if (sig.equals(sig2) == false) { + throw new Exception + ("Unmarshalled signature is not equal to generated signature"); + } + if (sig2.validate(dvc) == false) { + throw new Exception("Validation of generated signature failed"); + } + } + + /** + * This URIDereferencer returns locally cached copies of http content to + * avoid test failures due to network glitches, etc. + */ + private static class HttpURIDereferencer implements URIDereferencer { + private final URIDereferencer defaultUd; + + HttpURIDereferencer() { + defaultUd = XMLSignatureFactory.getInstance().getURIDereferencer(); + } + + public Data dereference(final URIReference ref, XMLCryptoContext ctx) + throws URIReferenceException { + String uri = ref.getURI(); + if (uri.equals(STYLESHEET) || uri.equals(STYLESHEET_B64)) { + try { + FileInputStream fis = new FileInputStream(new File + (DATA_DIR, uri.substring(uri.lastIndexOf('/')))); + return new OctetStreamData(fis,ref.getURI(),ref.getType()); + } catch (Exception e) { throw new URIReferenceException(e); } + } + + // fallback on builtin deref + return defaultUd.dereference(ref, ctx); + } + } +} diff --git a/test/jdk/jdk/internal/platform/docker/MetricsMemoryTester.java b/test/jdk/jdk/internal/platform/docker/MetricsMemoryTester.java index 2773cb68989..c5761506a0b 100644 --- a/test/jdk/jdk/internal/platform/docker/MetricsMemoryTester.java +++ b/test/jdk/jdk/internal/platform/docker/MetricsMemoryTester.java @@ -72,12 +72,12 @@ private static void testMemoryFailCount() { } else { long count = Metrics.systemMetrics().getMemoryFailCount(); - // Allocate 512M of data - byte[][] bytes = new byte[64][]; + // Allocate 512M of data in 1M chunks per iteration + byte[][] bytes = new byte[64 * 8][]; boolean atLeastOneAllocationWorked = false; - for (int i = 0; i < 64; i++) { + for (int i = 0; i < 64 * 8; i++) { try { - bytes[i] = new byte[8 * 1024 * 1024]; + bytes[i] = new byte[1024 * 1024]; atLeastOneAllocationWorked = true; // Break out as soon as we see an increase in failcount // to avoid getting killed by the OOM killer. diff --git a/test/jdk/jdk/jfr/event/compiler/TestCompilerCompile.java b/test/jdk/jdk/jfr/event/compiler/TestCompilerCompile.java index 8b6b27261b9..f4b802b79ed 100644 --- a/test/jdk/jdk/jfr/event/compiler/TestCompilerCompile.java +++ b/test/jdk/jdk/jfr/event/compiler/TestCompilerCompile.java @@ -50,6 +50,7 @@ * sun.hotspot.WhiteBox$WhiteBoxPermission * @run main/othervm -Xbootclasspath/a:. * -XX:+UnlockDiagnosticVMOptions -XX:+WhiteBoxAPI + * -XX:CompileOnly=jdk.jfr.event.compiler.TestCompilerCompile::dummyMethod,jdk.jfr.event.compiler.TestCompilerCompile::doTest * jdk.jfr.event.compiler.TestCompilerCompile */ public class TestCompilerCompile { diff --git a/test/jdk/jdk/jfr/event/compiler/TestCompilerPhase.java b/test/jdk/jdk/jfr/event/compiler/TestCompilerPhase.java index e043736d1d7..7c1b762cf71 100644 --- a/test/jdk/jdk/jfr/event/compiler/TestCompilerPhase.java +++ b/test/jdk/jdk/jfr/event/compiler/TestCompilerPhase.java @@ -45,6 +45,7 @@ * @run main ClassFileInstaller sun.hotspot.WhiteBox * sun.hotspot.WhiteBox$WhiteBoxPermission * @run main/othervm -Xbootclasspath/a:. + * -XX:-NeverActAsServerClassMachine * -XX:+UnlockDiagnosticVMOptions -XX:+WhiteBoxAPI * -XX:CompileOnly=jdk.jfr.event.compiler.TestCompilerPhase::dummyMethod * -XX:+SegmentedCodeCache -Xbootclasspath/a:. diff --git a/test/jdk/jdk/jfr/event/gc/collection/TestGCCauseWithParallelOld.java b/test/jdk/jdk/jfr/event/gc/collection/TestGCCauseWithParallelOld.java index c2848d33ea7..cf038be52fc 100644 --- a/test/jdk/jdk/jfr/event/gc/collection/TestGCCauseWithParallelOld.java +++ b/test/jdk/jdk/jfr/event/gc/collection/TestGCCauseWithParallelOld.java @@ -41,7 +41,7 @@ public static void main(String[] args) throws Exception { String testID = "ParallelOld"; String[] vmFlags = {"-XX:+UseParallelGC", "-XX:+UseParallelOldGC"}; String[] gcNames = {GCHelper.gcParallelScavenge, GCHelper.gcParallelOld}; - String[] gcCauses = {"Allocation Failure", "Ergonomics", "System.gc()"}; + String[] gcCauses = {"Allocation Failure", "Ergonomics", "System.gc()", "GCLocker Initiated GC"}; GCGarbageCollectionUtil.test(testID, vmFlags, gcNames, gcCauses); } } diff --git a/test/jdk/jdk/jfr/event/gc/collection/TestGCCauseWithSerial.java b/test/jdk/jdk/jfr/event/gc/collection/TestGCCauseWithSerial.java index 50602515338..9261e43fc1e 100644 --- a/test/jdk/jdk/jfr/event/gc/collection/TestGCCauseWithSerial.java +++ b/test/jdk/jdk/jfr/event/gc/collection/TestGCCauseWithSerial.java @@ -41,7 +41,7 @@ public static void main(String[] args) throws Exception { String testID = "Serial"; String[] vmFlags = {"-XX:+UseSerialGC"}; String[] gcNames = {GCHelper.gcDefNew, GCHelper.gcSerialOld}; - String[] gcCauses = {"Allocation Failure", "System.gc()"}; + String[] gcCauses = {"Allocation Failure", "System.gc()", "GCLocker Initiated GC"}; GCGarbageCollectionUtil.test(testID, vmFlags, gcNames, gcCauses); } } diff --git a/test/jdk/jdk/jfr/event/gc/detailed/PromotionFailedEvent.java b/test/jdk/jdk/jfr/event/gc/detailed/PromotionFailedEvent.java index f075aedc699..6fc9b0ab8f0 100644 --- a/test/jdk/jdk/jfr/event/gc/detailed/PromotionFailedEvent.java +++ b/test/jdk/jdk/jfr/event/gc/detailed/PromotionFailedEvent.java @@ -51,12 +51,16 @@ public static void test(String testName, String[] vmFlags) throws Throwable { // This test can not always trigger the expected event. // Test is ok even if no events found. List events = RecordingFile.readAllEvents(Paths.get(jfr_file)); + int minObjectAlignment = 8; for (RecordedEvent event : events) { System.out.println("Event: " + event); long smallestSize = Events.assertField(event, "promotionFailed.smallestSize").atLeast(1L).getValue(); + Asserts.assertTrue((smallestSize % minObjectAlignment) == 0, "smallestSize " + smallestSize + " is not a valid size."); long firstSize = Events.assertField(event, "promotionFailed.firstSize").atLeast(smallestSize).getValue(); + Asserts.assertTrue((firstSize % minObjectAlignment) == 0, "firstSize " + firstSize + " is not a valid size."); long totalSize = Events.assertField(event, "promotionFailed.totalSize").atLeast(firstSize).getValue(); long objectCount = Events.assertField(event, "promotionFailed.objectCount").atLeast(1L).getValue(); + Asserts.assertTrue((totalSize % minObjectAlignment) == 0, "totalSize " + totalSize + " is not a valid size."); Asserts.assertLessThanOrEqual(smallestSize * objectCount, totalSize, "smallestSize * objectCount <= totalSize"); } } diff --git a/test/jdk/jdk/jfr/event/gc/detailed/TestEvacuationFailedEvent.java b/test/jdk/jdk/jfr/event/gc/detailed/TestEvacuationFailedEvent.java index ee71eb9e1fc..927f074e582 100644 --- a/test/jdk/jdk/jfr/event/gc/detailed/TestEvacuationFailedEvent.java +++ b/test/jdk/jdk/jfr/event/gc/detailed/TestEvacuationFailedEvent.java @@ -62,13 +62,17 @@ public static void main(String[] args) throws Exception { } List events = RecordingFile.readAllEvents(Paths.get(JFR_FILE)); + int minObjectAlignment = 8; Events.hasEvents(events); for (RecordedEvent event : events) { long objectCount = Events.assertField(event, "evacuationFailed.objectCount").atLeast(1L).getValue(); long smallestSize = Events.assertField(event, "evacuationFailed.smallestSize").atLeast(1L).getValue(); + Asserts.assertTrue((smallestSize % minObjectAlignment) == 0, "smallestSize " + smallestSize + " is not a valid size."); long firstSize = Events.assertField(event, "evacuationFailed.firstSize").atLeast(smallestSize).getValue(); + Asserts.assertTrue((firstSize % minObjectAlignment) == 0, "firstSize " + firstSize + " is not a valid size."); long totalSize = Events.assertField(event, "evacuationFailed.totalSize").atLeast(firstSize).getValue(); + Asserts.assertTrue((totalSize % minObjectAlignment) == 0, "totalSize " + totalSize + " is not a valid size."); Asserts.assertLessThanOrEqual(smallestSize * objectCount, totalSize, "smallestSize * objectCount <= totalSize"); } } diff --git a/test/jdk/jdk/jfr/event/gc/stacktrace/AllocationStackTrace.java b/test/jdk/jdk/jfr/event/gc/stacktrace/AllocationStackTrace.java index 1ed20f83aa0..0445c6edf46 100644 --- a/test/jdk/jdk/jfr/event/gc/stacktrace/AllocationStackTrace.java +++ b/test/jdk/jdk/jfr/event/gc/stacktrace/AllocationStackTrace.java @@ -81,7 +81,7 @@ public void allocate() { class OldGenMemoryAllocator extends MemoryAllocator { private List list = new ArrayList(); - private int counter = 6000; + private int counter = 5000; @Override public void allocate() { @@ -89,7 +89,7 @@ public void allocate() { list.add(new byte[10 * KB]); } else { list = new ArrayList(); - counter = 6000; + counter = 5000; } garbage = list; diff --git a/test/jdk/jdk/jfr/event/metadata/TestDefaultConfigurations.java b/test/jdk/jdk/jfr/event/metadata/TestDefaultConfigurations.java index 1dbcceb216b..d0e252a16a6 100644 --- a/test/jdk/jdk/jfr/event/metadata/TestDefaultConfigurations.java +++ b/test/jdk/jdk/jfr/event/metadata/TestDefaultConfigurations.java @@ -174,6 +174,7 @@ private static Document createDocument(String content) throws ParserConfiguratio insertSetting(doc, EventNames.JavaExceptionThrow, "threshold", "0 ns"); insertSetting(doc, EventNames.JavaErrorThrow, "threshold", "0 ns"); insertSetting(doc, EventNames.SecurityProperty, "threshold", "0 ns"); + insertSetting(doc, EventNames.SecurityProviderService, "threshold", "0 ns"); insertSetting(doc, EventNames.TLSHandshake, "threshold", "0 ns"); insertSetting(doc, EventNames.X509Certificate, "threshold", "0 ns"); insertSetting(doc, EventNames.X509Validation, "threshold", "0 ns"); diff --git a/test/jdk/jdk/jfr/event/oldobject/TestListenerLeak.java b/test/jdk/jdk/jfr/event/oldobject/TestListenerLeak.java index a275eda5171..2cb092e60b6 100644 --- a/test/jdk/jdk/jfr/event/oldobject/TestListenerLeak.java +++ b/test/jdk/jdk/jfr/event/oldobject/TestListenerLeak.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2018, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -74,15 +74,17 @@ public void onListen() { public static void main(String[] args) throws Exception { WhiteBox.setWriteAllObjectSamples(true); - - try (Recording r = new Recording()) { - r.enable(EventNames.OldObjectSample).withStackTrace().with("cutoff", "infinity"); - r.start(); - listenerLeak(); - r.stop(); - List events = Events.fromRecording(r); - if (OldObjects.countMatchingEvents(events, Stuff[].class, null, null, -1, "listenerLeak") == 0) { - throw new Exception("Could not find leak with " + Stuff[].class); + while (true) { + try (Recording r = new Recording()) { + r.enable(EventNames.OldObjectSample).withStackTrace().with("cutoff", "infinity"); + r.start(); + listenerLeak(); + r.stop(); + List events = Events.fromRecording(r); + if (OldObjects.countMatchingEvents(events, Stuff[].class, null, null, -1, "listenerLeak") != 0) { + return; // Success + } + System.out.println("Could not find leak with " + Stuff[].class + ". Retrying."); } } } diff --git a/test/jdk/jdk/jfr/event/oldobject/TestSanityDefault.java b/test/jdk/jdk/jfr/event/oldobject/TestSanityDefault.java index 10c26c69ff1..c2ddc21abc4 100644 --- a/test/jdk/jdk/jfr/event/oldobject/TestSanityDefault.java +++ b/test/jdk/jdk/jfr/event/oldobject/TestSanityDefault.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2018, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -40,7 +40,7 @@ * @requires vm.gc == "null" * @library /test/lib /test/jdk * @summary Purpose of this test is to run leak profiler without command line tweaks or WhiteBox hacks until we succeed - * @run main/othervm jdk.jfr.event.oldobject.TestSanityDefault + * @run main/othervm -Xmx1G jdk.jfr.event.oldobject.TestSanityDefault */ public class TestSanityDefault { diff --git a/test/jdk/jdk/jfr/event/runtime/TestActiveSettingEvent.java b/test/jdk/jdk/jfr/event/runtime/TestActiveSettingEvent.java index 8d3864c2164..ddd5ebdeb24 100644 --- a/test/jdk/jdk/jfr/event/runtime/TestActiveSettingEvent.java +++ b/test/jdk/jdk/jfr/event/runtime/TestActiveSettingEvent.java @@ -206,6 +206,7 @@ private static void testSettingConfiguration(String configurationName) throws Ex settingValues.put(EventNames.X509Certificate + "#threshold", "0 ns"); settingValues.put(EventNames.X509Validation + "#threshold", "0 ns"); settingValues.put(EventNames.Deserialization + "#threshold", "0 ns"); + settingValues.put(EventNames.SecurityProviderService + "#threshold", "0 ns"); try (Recording recording = new Recording(c)) { Map eventTypes = new HashMap<>(); diff --git a/test/jdk/jdk/jfr/event/security/TestSecurityProviderServiceEvent.java b/test/jdk/jdk/jfr/event/security/TestSecurityProviderServiceEvent.java new file mode 100644 index 00000000000..a886a7e3b20 --- /dev/null +++ b/test/jdk/jdk/jfr/event/security/TestSecurityProviderServiceEvent.java @@ -0,0 +1,157 @@ +/* + * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package jdk.jfr.event.security; + +import java.security.*; +import java.security.cert.CertPathBuilder; +import java.util.Collections; +import java.util.List; +import java.util.function.*; + +import jdk.jfr.Recording; +import jdk.jfr.consumer.RecordedEvent; +import jdk.test.lib.Asserts; +import jdk.test.lib.jfr.Events; +import jdk.test.lib.jfr.EventNames; + +import javax.crypto.Cipher; +import javax.crypto.NoSuchPaddingException; + +/* + * @test + * @bug 8254711 + * @summary Add JFR events for security crypto algorithms + * @key jfr + * @requires vm.hasJFR + * @library /test/lib + * @modules jdk.jfr/jdk.jfr.events + * @run main/othervm jdk.jfr.event.security.TestSecurityProviderServiceEvent + */ +public class TestSecurityProviderServiceEvent { + + public static void main(String[] args) throws Exception { + testAlg(cipherFunc, "AES", "SunJCE", + "SunEC", "Cipher", 1, Collections.emptyList()); + testAlg(signatureFunc, "SHA256withRSA", "SunRsaSign", + "SunEC", "Signature", 2, List.of("MessageDigest")); + testAlg(messageDigestFunc, "SHA-512", "SUN", + "SunEC", "MessageDigest", 1, Collections.emptyList()); + testAlg(keystoreFunc, "PKCS12", "SUN", + "SunEC", "KeyStore", 1, Collections.emptyList()); + testAlg(certPathBuilderFunc, "PKIX", "SUN", + "SunEC", "CertPathBuilder", 2, List.of("CertificateFactory")); + } + + private static void testAlg(BiFunction bif, String alg, + String workingProv, String brokenProv, String algType, + int expected, List other) throws Exception { + // bootstrap security Provider services + Provider p = bif.apply(alg, workingProv); + + try (Recording recording = new Recording()) { + recording.enable(EventNames.SecurityProviderService); + recording.start(); + p = bif.apply(alg, workingProv); + bif.apply(alg, brokenProv); + recording.stop(); + List events = Events.fromRecording(recording); + Asserts.assertEquals(events.size(), expected, "Incorrect number of events"); + assertEvent(events, algType, alg, p.getName(), other); + } + } + + private static BiFunction cipherFunc = (s1, p1 ) -> { + Cipher c; + try { + c = Cipher.getInstance(s1, p1); + return c.getProvider(); + } catch (NoSuchAlgorithmException | NoSuchPaddingException | NoSuchProviderException e) { + // expected + } + return null; + }; + + private static BiFunction signatureFunc = (s1, p1 ) -> { + Signature s; + try { + s = Signature.getInstance(s1, p1); + return s.getProvider(); + } catch (NoSuchAlgorithmException | NoSuchProviderException e) { + // expected + } + return null; + }; + + private static BiFunction messageDigestFunc = (s1, p1 ) -> { + MessageDigest md; + try { + md = MessageDigest.getInstance(s1, p1); + return md.getProvider(); + } catch (NoSuchAlgorithmException | NoSuchProviderException e) { + // expected + } + return null; + }; + + private static BiFunction keystoreFunc = (s1, p1 ) -> { + KeyStore ks; + try { + ks = KeyStore.getInstance(s1, p1); + return ks.getProvider(); + } catch (NoSuchProviderException | KeyStoreException e) { + // expected + } + return null; + }; + + private static BiFunction certPathBuilderFunc = (s1, p1 ) -> { + CertPathBuilder cps; + try { + cps = CertPathBuilder.getInstance(s1, p1); + return cps.getProvider(); + } catch (NoSuchProviderException | NoSuchAlgorithmException e) { + // expected + } + return null; + }; + + private static void assertEvent(List events, String type, + String alg, String workingProv, List other) { + boolean secondaryEventOK = other.isEmpty() ? true : false; + for (RecordedEvent e : events) { + if (other.contains(e.getValue("type"))) { + // secondary operation in service stack while constructing this request + secondaryEventOK = true; + continue; + } + Events.assertField(e, "provider").equal(workingProv); + Events.assertField(e, "type").equal(type); + Events.assertField(e, "algorithm").equal(alg); + } + if (!secondaryEventOK) { + throw new RuntimeException("Secondary events missing"); + } + + } +} diff --git a/test/jdk/jdk/jfr/jcmd/TestJcmdDumpPathToGCRoots.java b/test/jdk/jdk/jfr/jcmd/TestJcmdDumpPathToGCRoots.java index ea1eba1c621..322e1146871 100644 --- a/test/jdk/jdk/jfr/jcmd/TestJcmdDumpPathToGCRoots.java +++ b/test/jdk/jdk/jfr/jcmd/TestJcmdDumpPathToGCRoots.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2015, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -76,43 +76,50 @@ public static void main(String[] args) throws Exception { } private static void testDump(String pathToGcRoots, Map settings, boolean expectedChains) throws Exception { - try (Recording r = new Recording()) { - Map p = new HashMap<>(settings); - p.put(EventNames.OldObjectSample + "#" + Enabled.NAME, "true"); - r.setName("dodo"); - r.setSettings(p); - r.setToDisk(true); - r.start(); - clearLeak(); - System.out.println("Recording id: " + r.getId()); - System.out.println("Settings: " + settings.toString()); - System.out.println("Command: JFR.dump " + pathToGcRoots); - System.out.println("Chains expected: " + expectedChains); - buildLeak(); - System.gc(); - System.gc(); - File recording = new File("TestJcmdDumpPathToGCRoots" + r.getId() + ".jfr"); - recording.delete(); - JcmdHelper.jcmd("JFR.dump", "name=dodo", pathToGcRoots, "filename=" + recording.getAbsolutePath()); - r.setSettings(Collections.emptyMap()); - List events = RecordingFile.readAllEvents(recording.toPath()); - if (events.isEmpty()) { - throw new Exception("No events found in recoding"); - } - boolean chains = hasChains(events); - if (expectedChains && !chains) { - System.out.println(events); - throw new Exception("Expected chains but found none"); - } - if (!expectedChains && chains) { - System.out.println(events); - throw new Exception("Didn't expect chains but found some"); + while (true) { + try (Recording r = new Recording()) { + Map p = new HashMap<>(settings); + p.put(EventNames.OldObjectSample + "#" + Enabled.NAME, "true"); + r.setName("dodo"); + r.setSettings(p); + r.setToDisk(true); + r.start(); + clearLeak(); + System.out.println("Recording id: " + r.getId()); + System.out.println("Settings: " + settings.toString()); + System.out.println("Command: JFR.dump " + pathToGcRoots); + System.out.println("Chains expected: " + expectedChains); + buildLeak(); + System.gc(); + System.gc(); + File recording = new File("TestJcmdDumpPathToGCRoots" + r.getId() + ".jfr"); + recording.delete(); + JcmdHelper.jcmd("JFR.dump", "name=dodo", pathToGcRoots, "filename=" + recording.getAbsolutePath()); + r.setSettings(Collections.emptyMap()); + List events = RecordingFile.readAllEvents(recording.toPath()); + if (events.isEmpty()) { + System.out.println("No events found in recording. Retrying."); + continue; + } + boolean chains = hasChains(events); + if (expectedChains && !chains) { + System.out.println(events); + System.out.println("Expected chains but found none. Retrying."); + continue; + } + if (!expectedChains && chains) { + System.out.println(events); + System.out.println("Didn't expect chains but found some. Retrying."); + continue; + } + return; // Success } } } private static void clearLeak() { leak.clear(); + System.gc(); } private static boolean hasChains(List events) throws IOException { diff --git a/test/jdk/jdk/jfr/jvm/TestDumpOnCrash.java b/test/jdk/jdk/jfr/jvm/TestDumpOnCrash.java index b84e94f18f0..22e3cbe0732 100644 --- a/test/jdk/jdk/jfr/jvm/TestDumpOnCrash.java +++ b/test/jdk/jdk/jfr/jvm/TestDumpOnCrash.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, 2019, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -95,6 +95,7 @@ private static long runProcess(String crasher, String signal, boolean disk) thro "-Xmx64m", "-XX:-TransmitErrorReport", "-XX:-CreateCoredumpOnCrash", + "-XX:-TieredCompilation", // Avoid secondary crashes (see JDK-8293166) "--add-exports=java.base/jdk.internal.misc=ALL-UNNAMED", "-XX:StartFlightRecording=" + flightRecordingOptions, crasher, diff --git a/test/jdk/jdk/jfr/startupargs/TestOptionsWithLocale.java b/test/jdk/jdk/jfr/startupargs/TestOptionsWithLocale.java new file mode 100644 index 00000000000..1d1a79040f3 --- /dev/null +++ b/test/jdk/jdk/jfr/startupargs/TestOptionsWithLocale.java @@ -0,0 +1,40 @@ +package jdk.jfr.startupargs; + +import java.io.IOException; +import java.text.DateFormat; +import java.util.Calendar; +import java.util.GregorianCalendar; + +import jdk.test.lib.process.OutputAnalyzer; +import jdk.test.lib.process.ProcessTools; + +/** + * @test + * @summary Checks that locale is respected when using -XX:FlightRecorderOptions + * See JDK-8244508 + * @key jfr + * @requires vm.hasJFR + * @modules jdk.jfr + * @library /test/lib + * @run main jdk.jfr.startupargs.TestOptionsWithLocale + */ +public class TestOptionsWithLocale { + + public static class PrintDate { + public static void main(String... args) { + GregorianCalendar date = new GregorianCalendar(2020, Calendar.JANUARY, 1); + DateFormat formatter = DateFormat.getDateTimeInstance(); + System.out.println(formatter.format(date.getTime())); + } + } + + public static void main(String... args) throws IOException { + ProcessBuilder pb = ProcessTools.createTestJvm( + "-Duser.country=DE", + "-Duser.language=de", + "-XX:FlightRecorderOptions:stackdepth=128", + PrintDate.class.getName()); + OutputAnalyzer output = new OutputAnalyzer(pb.start()); + output.shouldContain("01.01.2020, 00:00:00"); + } +} diff --git a/test/jdk/jdk/modules/etc/JmodExcludedFiles.java b/test/jdk/jdk/modules/etc/JmodExcludedFiles.java new file mode 100644 index 00000000000..6c25baf2b9f --- /dev/null +++ b/test/jdk/jdk/modules/etc/JmodExcludedFiles.java @@ -0,0 +1,102 @@ +/* + * Copyright (c) 2024, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/** + * @test + * @bug 8159927 + * @modules java.base/jdk.internal.util + * @library /test/lib + * @run main JmodExcludedFiles + * @summary Test that JDK JMOD files do not include native debug symbols + */ + +import java.nio.file.DirectoryStream; +import java.nio.file.Files; +import java.nio.file.Path; +import java.nio.file.Paths; +import java.util.zip.ZipEntry; +import java.util.zip.ZipFile; +import jdk.test.lib.Platform; + +public class JmodExcludedFiles { + private static String javaHome = System.getProperty("java.home"); + + public static void main(String[] args) throws Exception { + Path jmods = Path.of(javaHome, "jmods"); + try (DirectoryStream stream = Files.newDirectoryStream(jmods, "*.jmod")) { + for (Path jmodFile : stream) { + try (ZipFile zip = new ZipFile(jmodFile.toFile())) { + JModSymbolFileMatcher jsfm = new JModSymbolFileMatcher(jmodFile.toString()); + if (zip.stream().map(ZipEntry::getName) + .anyMatch(jsfm::isNativeDebugSymbol)) { + throw new RuntimeException(jmodFile + " is expected not to include native debug symbols"); + } + } + } + } + } + + static class JModSymbolFileMatcher { + private String jmod; + + JModSymbolFileMatcher(String jmod) { + this.jmod = jmod; + } + + boolean isNativeDebugSymbol(String name) { + int index = name.indexOf("/"); + if (index < 0) { + throw new RuntimeException("unexpected entry name: " + name); + } + String section = name.substring(0, index); + if (section.equals("lib") || section.equals("bin")) { + if (Platform.isOSX()) { + String n = name.substring(index + 1); + int i = n.indexOf("/"); + if (i != -1) { + if (n.substring(0, i).endsWith(".dSYM")) { + System.err.println("Found symbols in " + jmod + ": " + name); + return true; + } + } + } + if (Platform.isWindows() && name.endsWith(".pdb")) { + // on Windows we check if we should have public symbols through --with-external-symbols-in-bundles=public (JDK-8237192) + String strippedpdb = javaHome + "/bin/" + name.substring(index + 1, name.length() - 4) + ".stripped.pdb"; + if (!Files.exists(Paths.get(strippedpdb))) { + System.err.println("Found symbols in " + jmod + ": " + name + + ". No stripped pdb file " + strippedpdb + " exists."); + return true; + } + } + if (name.endsWith(".diz") + || name.endsWith(".debuginfo") + || name.endsWith(".map")) { + System.err.println("Found symbols in " + jmod + ": " + name); + return true; + } + } + return false; + } + } +} diff --git a/test/jdk/jdk/net/Sockets/QuickAckTest.java b/test/jdk/jdk/net/Sockets/QuickAckTest.java index 612d1c05a0e..11a11721241 100644 --- a/test/jdk/jdk/net/Sockets/QuickAckTest.java +++ b/test/jdk/jdk/net/Sockets/QuickAckTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -30,6 +30,7 @@ */ import java.io.IOException; import java.net.DatagramSocket; +import java.net.InetAddress; import java.net.MulticastSocket; import java.net.ServerSocket; import java.net.Socket; @@ -38,12 +39,10 @@ public class QuickAckTest { - private static final String LOCAL_HOST = "127.0.0.1"; - public static void main(String args[]) throws IOException { try (ServerSocket ss = new ServerSocket(0); - Socket s = new Socket(LOCAL_HOST, ss.getLocalPort()); + Socket s = new Socket(InetAddress.getLoopbackAddress(), ss.getLocalPort()); DatagramSocket ds = new DatagramSocket(0); MulticastSocket mc = new MulticastSocket(0)) { diff --git a/test/jdk/jdk/net/Sockets/Test.java b/test/jdk/jdk/net/Sockets/Test.java index 639a7a1bcc3..bc1b92333cb 100644 --- a/test/jdk/jdk/net/Sockets/Test.java +++ b/test/jdk/jdk/net/Sockets/Test.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2014, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2014, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -79,14 +79,14 @@ public static void main(String[] args) throws Exception { DatagramSocket dg = new DatagramSocket(0)) { int tcp_port = ss.getLocalPort(); - final InetAddress loop = InetAddress.getByName("127.0.0.1"); + final InetAddress loop = InetAddress.getLoopbackAddress(); final InetSocketAddress loopad = new InetSocketAddress(loop, tcp_port); final int udp_port = dg.getLocalPort(); - final Socket s = new Socket("127.0.0.1", tcp_port); + final Socket s = new Socket(loop, tcp_port); final SocketChannel sc = SocketChannel.open(); - sc.connect(new InetSocketAddress("127.0.0.1", tcp_port)); + sc.connect(new InetSocketAddress(loop, tcp_port)); doTest("Sockets.setOption Socket", () -> { out.println(flowIn); diff --git a/test/jdk/jdk/security/jarsigner/JarWithOneNonDisabledDigestAlg.java b/test/jdk/jdk/security/jarsigner/JarWithOneNonDisabledDigestAlg.java index 899500672ad..f0c25dc85bb 100644 --- a/test/jdk/jdk/security/jarsigner/JarWithOneNonDisabledDigestAlg.java +++ b/test/jdk/jdk/security/jarsigner/JarWithOneNonDisabledDigestAlg.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2022, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -27,6 +27,7 @@ * @summary Check that jar entry with at least one non-disabled digest * algorithm in manifest is treated as signed * @modules java.base/sun.security.tools.keytool + * @modules java.base/sun.security.util * @library /test/lib * @build jdk.test.lib.util.JarUtils * jdk.test.lib.security.SecurityUtils @@ -34,61 +35,94 @@ */ import java.io.InputStream; -import java.io.FileInputStream; -import java.io.FileOutputStream; +import java.io.OutputStream; import java.nio.file.Files; import java.nio.file.Path; import java.security.CodeSigner; import java.security.KeyStore; +import java.security.cert.CertPathValidatorException; +import java.util.Collections; +import java.util.Date; import java.util.Enumeration; -import java.util.List; import java.util.Locale; +import java.util.Map; import java.util.jar.JarEntry; import java.util.jar.JarFile; import java.util.zip.ZipFile; import jdk.security.jarsigner.JarSigner; import jdk.test.lib.util.JarUtils; -import jdk.test.lib.security.SecurityUtils; +import sun.security.util.ConstraintsParameters; +import sun.security.util.DisabledAlgorithmConstraints; +import sun.security.util.JarConstraintsParameters; public class JarWithOneNonDisabledDigestAlg { private static final String PASS = "changeit"; - private static final String TESTFILE1 = "testfile1"; - private static final String TESTFILE2 = "testfile2"; + private static final Path TESTFILE1 = Path.of("testfile1"); + private static final Path TESTFILE2 = Path.of("testfile2"); + private static final Path UNSIGNED_JAR = Path.of("unsigned.jar"); + private static final Path SIGNED_JAR = Path.of("signed.jar"); + private static final Path SIGNED_TWICE_JAR = Path.of("signed2.jar"); + private static final Path MULTI_SIGNED_JAR = Path.of("multi-signed.jar"); + private static final Path CURRENT_DIR = Path.of("."); public static void main(String[] args) throws Exception { - SecurityUtils.removeFromDisabledAlgs("jdk.jar.disabledAlgorithms", - List.of("SHA1")); - Files.write(Path.of(TESTFILE1), TESTFILE1.getBytes()); - JarUtils.createJarFile(Path.of("unsigned.jar"), Path.of("."), - Path.of(TESTFILE1)); + // Sanity check: Assert that MD5 is disabled, SHA-256 enabled + checkDigestAlgorithmPermits(); - genkeypair("-alias SHA1 -sigalg SHA1withRSA"); - genkeypair("-alias SHA256 -sigalg SHA256withRSA"); + // Create an unsigned JAR with a single file + Files.write(TESTFILE1, TESTFILE1.toString().getBytes()); + JarUtils.createJarFile(UNSIGNED_JAR, CURRENT_DIR, TESTFILE1); - KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); - try (FileInputStream fis = new FileInputStream("keystore")) { - ks.load(fis, PASS.toCharArray()); - } + // Generate a keystore with two different signers + genkeypair("-alias SIGNER1"); + genkeypair("-alias SIGNER2"); + KeyStore ks = loadKeyStore(); // Sign JAR twice with same signer but different digest algorithms // so that each entry in manifest file contains two digest values. - signJarFile(ks, "SHA1", "MD5", "unsigned.jar", "signed.jar"); - signJarFile(ks, "SHA1", "SHA1", "signed.jar", "signed2.jar"); - checkThatJarIsSigned("signed2.jar", false); + // Note that MD5 is a disabled digest algorithm, while SHA-256 is not + signJarFile(ks, "SIGNER1", "MD5", UNSIGNED_JAR, SIGNED_JAR); + signJarFile(ks, "SIGNER1", "SHA256", SIGNED_JAR, SIGNED_TWICE_JAR); + checkThatJarIsSigned(SIGNED_TWICE_JAR, Map.of(TESTFILE1.toString(), 1)); // add another file to the JAR - Files.write(Path.of(TESTFILE2), "testFile2".getBytes()); - JarUtils.updateJarFile(Path.of("signed2.jar"), Path.of("."), - Path.of(TESTFILE2)); + Files.write(TESTFILE2, TESTFILE2.toString().getBytes()); + JarUtils.updateJarFile(SIGNED_TWICE_JAR, CURRENT_DIR, TESTFILE2); + + // Sign the updated JAR, now with a different signer and with an enabled digest alg + signJarFile(ks, "SIGNER2", "SHA256", SIGNED_TWICE_JAR, MULTI_SIGNED_JAR); - // Sign again with different signer (SHA256) and SHA-1 digestalg. - // TESTFILE1 should have two signers and TESTFILE2 should have one - // signer. - signJarFile(ks, "SHA256", "SHA1", "signed2.jar", "multi-signed.jar"); + // TESTFILE1 should have two signers and TESTFILE2 should have one signer. + checkThatJarIsSigned(MULTI_SIGNED_JAR, + Map.of(TESTFILE1.toString(), 2, + TESTFILE2.toString(), 1) + ); + } - checkThatJarIsSigned("multi-signed.jar", true); + private static void checkDigestAlgorithmPermits() throws Exception { + ConstraintsParameters cp = new JarConstraintsParameters(Collections.emptyList(), new Date()); + DisabledAlgorithmConstraints jarConstraints = DisabledAlgorithmConstraints.jarConstraints(); + try { + jarConstraints.permits("MD5", cp, false); + throw new Exception("This test assumes that MD5 is disabled"); + } catch (CertPathValidatorException e) { + // Ignore + } + try { + jarConstraints.permits("SHA256", cp, false); + } catch (CertPathValidatorException e) { + throw new Exception("This test assumes that SHA256 is enabled"); + } + } + + private static KeyStore loadKeyStore() throws Exception { + KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); + try (InputStream fis = Files.newInputStream(Path.of("keystore"))) { + ks.load(fis, PASS.toCharArray()); + } + return ks; } private static KeyStore.PrivateKeyEntry getEntry(KeyStore ks, String alias) @@ -101,12 +135,13 @@ private static KeyStore.PrivateKeyEntry getEntry(KeyStore ks, String alias) private static void genkeypair(String cmd) throws Exception { cmd = "-genkeypair -keystore keystore -storepass " + PASS + - " -keypass " + PASS + " -keyalg rsa -dname CN=Duke " + cmd; + " -keypass " + PASS + " -keyalg rsa -sigalg SHA256withRSA " + + "-dname CN=Duke " + cmd; sun.security.tools.keytool.Main.main(cmd.split(" ")); } private static void signJarFile(KeyStore ks, String alias, - String digestAlg, String inputFile, String outputFile) + String digestAlg, Path inputFile, Path outputFile) throws Exception { JarSigner signer = new JarSigner.Builder(getEntry(ks, alias)) @@ -114,38 +149,36 @@ private static void signJarFile(KeyStore ks, String alias, .signerName(alias) .build(); - try (ZipFile in = new ZipFile(inputFile); - FileOutputStream out = new FileOutputStream(outputFile)) { + try (ZipFile in = new ZipFile(inputFile.toFile()); + OutputStream out = Files.newOutputStream(outputFile)) { signer.sign(in, out); } } - private static void checkThatJarIsSigned(String jarFile, boolean multi) + private static void checkThatJarIsSigned(Path jarFile, Map expected) throws Exception { - try (JarFile jf = new JarFile(jarFile, true)) { + try (JarFile jf = new JarFile(jarFile.toFile(), true)) { Enumeration entries = jf.entries(); while (entries.hasMoreElements()) { JarEntry entry = entries.nextElement(); if (entry.isDirectory() || isSigningRelated(entry.getName())) { continue; } - InputStream is = jf.getInputStream(entry); - while (is.read() != -1); + try (InputStream is = jf.getInputStream(entry)) { + is.transferTo(OutputStream.nullOutputStream()); + } CodeSigner[] signers = entry.getCodeSigners(); - if (signers == null) { - throw new Exception("JarEntry " + entry.getName() + - " is not signed"); - } else if (multi) { - if (entry.getName().equals(TESTFILE1) && - signers.length != 2) { - throw new Exception("Unexpected number of signers " + - "for " + entry.getName() + ": " + signers.length); - } else if (entry.getName().equals(TESTFILE2) && - signers.length != 1) { - throw new Exception("Unexpected number of signers " + - "for " + entry.getName() + ": " + signers.length); - } + if (!expected.containsKey(entry.getName())) { + throw new Exception("Unexpected entry " + entry.getName()); + } + int expectedSigners = expected.get(entry.getName()); + int actualSigners = signers == null ? 0 : signers.length; + + if (expectedSigners != actualSigners) { + throw new Exception("Unexpected number of signers " + + "for " + entry.getName() + ": " + actualSigners + + ", expected " + expectedSigners); } } } diff --git a/test/jdk/jdk/security/logging/RecursiveEventHelper.java b/test/jdk/jdk/security/logging/RecursiveEventHelper.java new file mode 100644 index 00000000000..936d01f8115 --- /dev/null +++ b/test/jdk/jdk/security/logging/RecursiveEventHelper.java @@ -0,0 +1,66 @@ +/* + * Copyright (c) 2024, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.util.logging.*; + +import jdk.internal.event.EventHelper; + +/* + * @test + * @bug 8329013 + * @summary StackOverflowError when starting Apache Tomcat with signed jar + * @modules java.base/jdk.internal.event:+open + * @run main/othervm -Xmx32m -Djava.util.logging.manager=RecursiveEventHelper RecursiveEventHelper + */ +public class RecursiveEventHelper extends LogManager { + // an extra check to ensure the custom manager is in use + static volatile boolean customMethodCalled; + + public static void main(String[] args) throws Exception { + String classname = System.getProperty("java.util.logging.manager"); + if (!classname.equals("RecursiveEventHelper")) { + throw new RuntimeException("java.util.logging.manager not set"); + } + + // this call will trigger initialization of logging framework + // which will call into our custom LogManager and use the + // custom getProperty method below. EventHelper.isLoggingSecurity() + // is also on the code path of original report and triggers + // similar recursion. + System.getLogger("testLogger"); + if (!customMethodCalled) { + throw new RuntimeException("Method not called"); + } + } + + @Override + public String getProperty(String p) { + // this call mimics issue reported in initial bug report where + // opening of a signed jar during System logger initialization triggered + // a recursive call (via EventHelper.isLoggingSecurity) back into + // logger API + EventHelper.isLoggingSecurity(); + customMethodCalled = true; + return super.getProperty(p); + } +} diff --git a/test/jdk/lib/testlibrary/java/util/jar/JarBuilder.java b/test/jdk/lib/testlibrary/java/util/jar/JarBuilder.java index 7f7449a8344..ebe349ec780 100644 --- a/test/jdk/lib/testlibrary/java/util/jar/JarBuilder.java +++ b/test/jdk/lib/testlibrary/java/util/jar/JarBuilder.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2015, 2020, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it diff --git a/test/jdk/lib/testlibrary/jdk/testlibrary/SimpleSSLContext.java b/test/jdk/lib/testlibrary/jdk/testlibrary/SimpleSSLContext.java deleted file mode 100644 index 47143dc3b2b..00000000000 --- a/test/jdk/lib/testlibrary/jdk/testlibrary/SimpleSSLContext.java +++ /dev/null @@ -1,137 +0,0 @@ -/* - * Copyright (c) 2005, 2016, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -package jdk.testlibrary; - -import java.util.*; -import java.util.concurrent.*; -import java.io.*; -import java.net.*; -import java.security.*; -import java.security.cert.*; -import javax.net.ssl.*; - -/** - * Creates a simple usable SSLContext for SSLSocketFactory - * or a HttpsServer using either a given keystore or a default - * one in the test tree. - * - * Using this class with a security manager requires the following - * permissions to be granted: - * - * permission "java.util.PropertyPermission" "test.src.path", "read"; - * permission java.io.FilePermission - * "${test.src}/../../../lib/testlibrary/jdk/testlibrary/testkeys", "read"; - * The exact path above depends on the location of the test. - */ -public class SimpleSSLContext { - - SSLContext ssl; - - /** - * loads default keystore from SimpleSSLContext - * source directory - */ - public SimpleSSLContext() throws IOException { - try { - AccessController.doPrivileged(new PrivilegedExceptionAction() { - @Override - public Void run() throws Exception { - String paths = System.getProperty("test.src.path"); - StringTokenizer st = new StringTokenizer(paths, File.pathSeparator); - boolean securityExceptions = false; - while (st.hasMoreTokens()) { - String path = st.nextToken(); - try { - File f = new File(path, "jdk/testlibrary/testkeys"); - if (f.exists()) { - try (FileInputStream fis = new FileInputStream(f)) { - init(fis); - return null; - } - } - } catch (SecurityException e) { - // catch and ignore because permission only required - // for one entry on path (at most) - securityExceptions = true; - } - } - if (securityExceptions) { - System.err.println("SecurityExceptions thrown on loading testkeys"); - } - return null; - } - }); - } catch (PrivilegedActionException pae) { - Throwable t = pae.getCause() != null ? pae.getCause() : pae; - if (t instanceof IOException) - throw (IOException)t; - if (t instanceof RuntimeException) - throw (RuntimeException)t; - if (t instanceof Error) - throw (Error)t; - throw new RuntimeException(t); - } - } - - /** - * loads default keystore from given directory - */ - public SimpleSSLContext(String dir) throws IOException { - String file = dir+"/testkeys"; - try (FileInputStream fis = new FileInputStream(file)) { - init(fis); - } - } - - private void init(InputStream i) throws IOException { - try { - char[] passphrase = "passphrase".toCharArray(); - KeyStore ks = KeyStore.getInstance("JKS"); - ks.load(i, passphrase); - - KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); - kmf.init(ks, passphrase); - - TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509"); - tmf.init(ks); - - ssl = SSLContext.getInstance("TLS"); - ssl.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); - } catch (KeyManagementException e) { - throw new RuntimeException(e.getMessage()); - } catch (KeyStoreException e) { - throw new RuntimeException(e.getMessage()); - } catch (UnrecoverableKeyException e) { - throw new RuntimeException(e.getMessage()); - } catch (CertificateException e) { - throw new RuntimeException(e.getMessage()); - } catch (NoSuchAlgorithmException e) { - throw new RuntimeException(e.getMessage()); - } - } - - public SSLContext get() { - return ssl; - } -} diff --git a/test/jdk/sanity/client/SwingSet/src/ButtonDemoScreenshotTest.java b/test/jdk/sanity/client/SwingSet/src/ButtonDemoScreenshotTest.java index 4c9d52995f1..0bb0044f392 100644 --- a/test/jdk/sanity/client/SwingSet/src/ButtonDemoScreenshotTest.java +++ b/test/jdk/sanity/client/SwingSet/src/ButtonDemoScreenshotTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011, 2019, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2011, 2020, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -24,16 +24,15 @@ import com.sun.swingset3.demos.button.ButtonDemo; import org.jtregext.GuiTestListener; import org.netbeans.jemmy.ClassReference; -import org.netbeans.jemmy.ComponentChooser; -import org.netbeans.jemmy.image.StrictImageComparator; import org.netbeans.jemmy.operators.JButtonOperator; import org.netbeans.jemmy.operators.JFrameOperator; -import org.testng.annotations.BeforeClass; import org.testng.annotations.Listeners; import org.testng.annotations.Test; -import java.awt.Component; -import java.awt.Robot; +import java.awt.Dimension; +import java.awt.Point; +import java.awt.Rectangle; +import java.awt.Toolkit; import java.awt.image.BufferedImage; import javax.swing.UIManager; @@ -60,30 +59,37 @@ public class ButtonDemoScreenshotTest { private static final int[] BUTTONS = {0, 1, 2, 3, 4, 5}; // "open browser" buttons (6, 7) open a browser, so ignore - private static StrictImageComparator sComparator = null; - - @BeforeClass - public void init() { - sComparator = new StrictImageComparator(); - } @Test(dataProvider = "availableLookAndFeels", dataProviderClass = TestHelpers.class) public void test(String lookAndFeel) throws Exception { UIManager.setLookAndFeel(lookAndFeel); - Robot rob = new Robot(); + + //capture some of the background + Dimension screeSize = Toolkit.getDefaultToolkit().getScreenSize(); + Point screenCenter = new Point(screeSize.width / 2, screeSize.height / 2); + Rectangle center = new Rectangle( + screenCenter.x - 50, screenCenter.y - 50, + 100, 100); + BufferedImage background = getRobot().createScreenCapture(center); new ClassReference(ButtonDemo.class.getCanonicalName()).startApplication(); JFrameOperator mainFrame = new JFrameOperator(DEMO_TITLE); - waitImageIsStill(rob, mainFrame); + mainFrame.waitComponentShowing(true); + + //make sure the frame is already painted + waitChangedImage(() -> getRobot().createScreenCapture(center), + background, mainFrame.getTimeouts(), "background"); + //make sure the frame is painted completely + waitStillImage(mainFrame, "frame"); // Check all the buttons for (int i : BUTTONS) { - checkButton(mainFrame, i, rob); + checkButton(mainFrame, i); } } - private void checkButton(JFrameOperator jfo, int i, Robot rob) { + private void checkButton(JFrameOperator jfo, int i) throws InterruptedException { JButtonOperator button = new JButtonOperator(jfo, i); //additional instrumentation for JDK-8198920. To be removed after the bug is fixed @@ -93,11 +99,8 @@ private void checkButton(JFrameOperator jfo, int i, Robot rob) { button.moveMouse(button.getCenterX(), button.getCenterY()); - BufferedImage initialButtonImage = capture(rob, button); - assertNotBlack(initialButtonImage); - save(initialButtonImage, "button" + i + ".png"); - - BufferedImage[] pressedImage = new BufferedImage[1]; + BufferedImage notPressed, pressed = null; + notPressed = waitStillImage(button, "not-pressed-" + i); button.pressMouse(); //additional instrumentation for JDK-8198920. To be removed after the bug is fixed @@ -108,22 +111,15 @@ private void checkButton(JFrameOperator jfo, int i, Robot rob) { //additional instrumentation for JDK-8198920. To be removed after the bug is fixed button.getOutput().printTrace("JDK-8198920: Button press confirmed by " + System.currentTimeMillis()); //end of instrumentation for JDK-8198920 - button.waitState(new ComponentChooser() { - public boolean checkComponent(Component c) { - pressedImage[0] = capture(rob, button); - assertNotBlack(pressedImage[0]); - return !sComparator.compare(initialButtonImage, pressedImage[0]); - } - - public String getDescription() { - return "Button with new image"; - } - }); + waitChangedImage(() -> capture(button), notPressed, + button.getTimeouts(), "after-press-" + i); + pressed = waitStillImage(button, "pressed-" + i); } finally { - if (pressedImage[0] != null) { - save(pressedImage[0], "button" + i + "_pressed.png"); - } button.releaseMouse(); + if(pressed != null) { + waitChangedImage(() -> capture(button), pressed, + button.getTimeouts(), "released-" + i); + } //additional instrumentation for JDK-8198920. To be removed after the bug is fixed button.getOutput().printTrace("JDK-8198920: Button released at " + System.currentTimeMillis()); try { diff --git a/test/jdk/sanity/client/SwingSet/src/EditorPaneDemoTest.java b/test/jdk/sanity/client/SwingSet/src/EditorPaneDemoTest.java index 325c087f133..b769c6d8268 100644 --- a/test/jdk/sanity/client/SwingSet/src/EditorPaneDemoTest.java +++ b/test/jdk/sanity/client/SwingSet/src/EditorPaneDemoTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2018, 2020, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,8 +23,8 @@ import static com.sun.swingset3.demos.editorpane.EditorPaneDemo.DEMO_TITLE; import static com.sun.swingset3.demos.editorpane.EditorPaneDemo.SOURCE_FILES; -import static org.jemmy2ext.JemmyExt.EXACT_STRING_COMPARATOR; -import static org.jemmy2ext.JemmyExt.assertNotBlack; +import static org.jemmy2ext.JemmyExt.*; +import static org.testng.Assert.assertFalse; import java.awt.Color; import java.awt.Dimension; @@ -149,7 +149,8 @@ private void checkImage(JEditorPaneOperator editorPaneOperator, final int xGap = 100, yGap = 40, columns = 2, rows = 5; editorPaneOperator.waitState(comp -> { BufferedImage capturedImage = ImageTool.getImage(imageRect); - assertNotBlack(capturedImage); + save(capturedImage, "editor"); + assertFalse(isBlack(capturedImage), "image blackness"); int x = 0, y = 0, i = 0, j; for (; i < columns; i++) { x += xGap; @@ -158,8 +159,7 @@ private void checkImage(JEditorPaneOperator editorPaneOperator, y += yGap; if(capturedImage.getRGB(x, y) == Color.WHITE.getRGB()) { // saving image for failure case - JemmyExt.save(capturedImage, "capturedimage_" + pageName + "_" + - UIManager.getLookAndFeel().getClass().getSimpleName() + ".png"); + save(capturedImage, "capturedimage-" + pageName); return false; } } diff --git a/test/jdk/sanity/client/lib/Extensions/src/org/jemmy2ext/JemmyExt.java b/test/jdk/sanity/client/lib/Extensions/src/org/jemmy2ext/JemmyExt.java index 8063c60c986..a443ccc26ff 100644 --- a/test/jdk/sanity/client/lib/Extensions/src/org/jemmy2ext/JemmyExt.java +++ b/test/jdk/sanity/client/lib/Extensions/src/org/jemmy2ext/JemmyExt.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2015, 2020, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -22,12 +22,14 @@ */ package org.jemmy2ext; +import java.awt.AWTException; import java.awt.Component; import java.awt.EventQueue; import java.awt.Frame; import java.awt.Graphics; import java.awt.Rectangle; import java.awt.Robot; +import java.awt.Toolkit; import java.awt.Window; import java.awt.image.BufferedImage; import java.io.BufferedOutputStream; @@ -36,10 +38,14 @@ import java.io.FileOutputStream; import java.io.IOException; import java.lang.reflect.InvocationTargetException; +import java.text.DateFormat; +import java.text.SimpleDateFormat; import java.util.ArrayList; import java.util.Collections; +import java.util.Date; import java.util.List; import java.util.function.Function; +import java.util.function.Supplier; import java.util.logging.Level; import java.util.logging.Logger; import java.util.stream.IntStream; @@ -56,9 +62,11 @@ import org.netbeans.jemmy.DefaultCharBindingMap; import org.netbeans.jemmy.QueueTool; import org.netbeans.jemmy.TimeoutExpiredException; +import org.netbeans.jemmy.Timeouts; import org.netbeans.jemmy.Waitable; import org.netbeans.jemmy.Waiter; import org.netbeans.jemmy.drivers.scrolling.JSpinnerDriver; +import org.netbeans.jemmy.image.ImageComparator; import org.netbeans.jemmy.image.StrictImageComparator; import org.netbeans.jemmy.operators.ComponentOperator; import org.netbeans.jemmy.operators.ContainerOperator; @@ -80,6 +88,19 @@ */ public class JemmyExt { + private static Robot robot = null; + + public static Robot getRobot() { + try { + if(robot == null) { + robot = new Robot(); + } + return robot; + } catch (AWTException e) { + throw new RuntimeException(e); + } + } + /** * Statically referencing all the classes that are needed by tests so that * they're compiled by jtreg @@ -89,17 +110,13 @@ public class JemmyExt { DefaultCharBindingMap.class }; - public static void assertNotBlack(BufferedImage image) { - int w = image.getWidth(); - int h = image.getHeight(); - try { - assertFalse("All pixels are not black", IntStream.range(0, w).parallel().allMatch(x - -> IntStream.range(0, h).allMatch(y -> (image.getRGB(x, y) & 0xffffff) == 0) - )); - } catch (Throwable t) { - save(image, "allPixelsAreBlack.png"); - throw t; - } + /** + * Checks if the image is complitely black. + */ + public static boolean isBlack(BufferedImage image) { + return IntStream.range(0, image.getWidth()).parallel() + .allMatch(x-> IntStream.range(0, image.getHeight()) + .allMatch(y -> (image.getRGB(x, y) & 0xffffff) == 0)); } public static void waitArmed(JButtonOperator button) { @@ -152,50 +169,62 @@ public Boolean launch() throws Exception { }); } - public static void assertEquals(String string, StrictImageComparator comparator, BufferedImage expected, BufferedImage actual) { - try { - assertTrue(string, comparator.compare(expected, actual)); - } catch (Error err) { - save(expected, "expected.png"); - save(actual, "actual.png"); - throw err; - } + private static final DateFormat timestampFormat = new SimpleDateFormat("yyyyMMddHHmmss"); + private static String timeStamp() { + return timestampFormat.format(new Date()); } - public static void assertNotEquals(String string, StrictImageComparator comparator, BufferedImage notExpected, BufferedImage actual) { - try { - assertFalse(string, comparator.compare(notExpected, actual)); - } catch (Error err) { - save(notExpected, "notExpected.png"); - save(actual, "actual.png"); - throw err; - } + /** + * Constructs filename with a timestamp. + * @param name File name or a path without the extension + * @param extension File extension (without the dot). Could be null, + * in which case timestamp is simply added to the filename (no trailing dot). + * @return file name + */ + public static String timeStamp(String name, String extension) { + return name + "-" + timeStamp() + + ((extension != null) ? ("." + extension) : ""); + } + + /** + * Saves an image into a file. Filename will be constructed from the given fileID and + * a timestamp. + * @param image + * @param fileID + */ + public static void save(BufferedImage image, String fileID) { + doSave(image, timeStamp(fileID + "-" + lafShortName(), "png")); } - public static void save(BufferedImage image, String filename) { - String filepath = filename; + //Saves an image into a file with the provided filename + private static void doSave(BufferedImage image, String filename) { try { - filepath = new File(filename).getCanonicalPath(); + String filepath = new File(filename).getCanonicalPath(); System.out.println("Saving screenshot to " + filepath); BufferedOutputStream file = new BufferedOutputStream(new FileOutputStream(filepath)); new PNGEncoder(file, PNGEncoder.COLOR_MODE).encode(image); } catch (IOException ioe) { - throw new RuntimeException("Failed to save image to " + filepath, ioe); + throw new RuntimeException("Failed to save image to " + filename, ioe); } } - public static void waitImageIsStill(Robot rob, ComponentOperator operator) { - operator.waitState(new ComponentChooser() { - + /** + * Waits for the displayed image to be still. + * @param imageID an image ID with no extension. Timestamp and LAF information is added to the ID when saving. + * @return last still image + * @throws TimeoutExpiredException if the waiting is unsuccessful + */ + public static BufferedImage waitStillImage(ComponentOperator operator, String imageID) { + operator.getTimeouts().setTimeout("Waiter.TimeDelta", 1000); + String timestampName = timeStamp(imageID + "-" + lafShortName(), "png"); + class StillImageChooser implements ComponentChooser { private BufferedImage previousImage = null; - private int index = 0; private final StrictImageComparator sComparator = new StrictImageComparator(); @Override public boolean checkComponent(Component comp) { - BufferedImage currentImage = capture(rob, operator); - save(currentImage, "waitImageIsStill" + index + ".png"); - index++; + BufferedImage currentImage = capture(operator); + doSave(currentImage, timestampName); boolean compareResult = previousImage == null ? false : sComparator.compare(currentImage, previousImage); previousImage = currentImage; return compareResult; @@ -203,9 +232,47 @@ public boolean checkComponent(Component comp) { @Override public String getDescription() { - return "Image of " + operator + " is still"; + return "A still image of " + operator; } - }); + } + StillImageChooser chooser = new StillImageChooser(); + operator.waitState(chooser); + return chooser.previousImage; + } + + /** + * Waits for the displayed image to change. + * @param reference image to compare to + * @param imageID an image ID with no extension. Timestamp and LAF information is added to the ID when saving. + * @return last (changed) image + * @throws TimeoutExpiredException if the waiting is unsuccessful + */ + public static BufferedImage waitChangedImage(Supplier supplier, + BufferedImage reference, + Timeouts timeouts, + String imageID) throws InterruptedException { + ImageComparator comparator = new StrictImageComparator(); + String timestampName = timeStamp(imageID + "-" + lafShortName(), "png"); + class ImageWaitable implements Waitable { + BufferedImage image; + + @Override + public Object actionProduced(Object obj) { + image = supplier.get(); + doSave(image, timestampName); + return comparator.compare(reference, image) ? null : image; + } + + @Override + public String getDescription() { + return "Waiting screen image to change"; + } + } + ImageWaitable waitable = new ImageWaitable(); + Waiter waiter = new Waiter(waitable); + waiter.setTimeouts(timeouts); + waiter.waitAction(null); + return waitable.image; } private static class ThrowableHolder { @@ -252,10 +319,10 @@ public String getDescription() { } } - public static BufferedImage capture(Robot rob, ComponentOperator operator) { + public static BufferedImage capture(ComponentOperator operator) { Rectangle boundary = new Rectangle(operator.getLocationOnScreen(), operator.getSize()); - return rob.createScreenCapture(boundary); + return getRobot().createScreenCapture(boundary); } /** @@ -336,26 +403,26 @@ public void registerRoot(Throwable t) { } } + private static String lafShortName() { return UIManager.getLookAndFeel().getClass().getSimpleName(); } + /** * Trying to capture as much information as possible. Currently it includes * full dump and a screenshot of the whole screen. */ public static void captureAll() { - String lookAndFeelClassName = UIManager.getLookAndFeel().getClass().getSimpleName(); - PNGEncoder.captureScreen("failure_" + lookAndFeelClassName + ".png", PNGEncoder.COLOR_MODE); + save(getRobot().createScreenCapture(new Rectangle(Toolkit.getDefaultToolkit().getScreenSize())), "failure"); try { - Dumper.dumpAll("dumpAll_" + lookAndFeelClassName + ".xml"); + Dumper.dumpAll(timeStamp("dumpAll-" + lafShortName(), "xml")); } catch (FileNotFoundException ex) { Logger.getLogger(JemmyExt.class.getName()).log(Level.SEVERE, null, ex); } - captureWindows(lookAndFeelClassName); + captureWindows(); } /** * Captures each showing window image using Window.paint() method. - * @param lookAndFeelClassName */ - private static void captureWindows(String lookAndFeelClassName) { + private static void captureWindows() { try { EventQueue.invokeAndWait(() -> { Window[] windows = Window.getWindows(); @@ -370,10 +437,14 @@ private static void captureWindows(String lookAndFeelClassName) { g.dispose(); try { - ImageIO.write(img, "png", new File("window_" + lookAndFeelClassName - + "_" + index++ + ".png")); - } catch (IOException e) { - e.printStackTrace(); + save(img, "window-" + index++); + } catch (RuntimeException e) { + if (e.getCause() instanceof IOException) { + System.err.println("Failed to save screen images"); + e.printStackTrace(); + } else { + throw e; + } } } }); diff --git a/test/jdk/sanity/client/lib/SwingSet3/src/com/sun/swingset3/demos/button/ButtonDemo.java b/test/jdk/sanity/client/lib/SwingSet3/src/com/sun/swingset3/demos/button/ButtonDemo.java index 358ae49d64b..f9bcd0a5ef9 100644 --- a/test/jdk/sanity/client/lib/SwingSet3/src/com/sun/swingset3/demos/button/ButtonDemo.java +++ b/test/jdk/sanity/client/lib/SwingSet3/src/com/sun/swingset3/demos/button/ButtonDemo.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2007, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2007, 2020, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -218,6 +218,7 @@ public static void main(String args[]) throws InterruptedException, InvocationTa JFrame frame = new JFrame(DEMO_TITLE); frame.add(buttonDemo); frame.pack(); + frame.setLocationRelativeTo(null); frame.setVisible(true); }); } diff --git a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/ActalisCA.java b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/ActalisCA.java deleted file mode 100644 index cd1db71c418..00000000000 --- a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/ActalisCA.java +++ /dev/null @@ -1,217 +0,0 @@ -/* - * Copyright (c) 2017, 2023, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - - /* - * @test - * @bug 8189131 - * @summary Interoperability tests with Actalis CA - * @build ValidatePathWithParams - * @run main/othervm/timeout=180 -Djava.security.debug=certpath ActalisCA OCSP - * @run main/othervm/timeout=180 -Djava.security.debug=certpath ActalisCA CRL - */ - - /* - * Obtain test artifacts for Actalis CA from: - * - * Test website with *active* TLS Server certificate: - * https://ssltest-active.actalis.it/ - * - * Test website with *revoked* TLS Server certificate: - * https://ssltest-revoked.actalis.it/ - * - * Test website with *expired* TLS Server certificate: - * https://ssltest-expired.actalis.it/ - */ -public class ActalisCA { - - // Owner: CN=Actalis Organization Validated Server CA G3, O=Actalis S.p.A., - // L=Ponte San Pietro, ST=Bergamo, C=IT - // Issuer: CN=Actalis Authentication Root CA, O=Actalis S.p.A ./03358520967, - // L=Milan, C=IT - // Serial number: 5c3b3f37adfc28fe0fcfd3abf83f8551 - // Valid from: Mon Jul 06 00:20:55 PDT 2020 until: Sun Sep 22 04:22:02 PDT 2030 - private static final String INT = "-----BEGIN CERTIFICATE-----\n" + - "MIIHdTCCBV2gAwIBAgIQXDs/N638KP4Pz9Or+D+FUTANBgkqhkiG9w0BAQsFADBr\n" + - "MQswCQYDVQQGEwJJVDEOMAwGA1UEBwwFTWlsYW4xIzAhBgNVBAoMGkFjdGFsaXMg\n" + - "Uy5wLkEuLzAzMzU4NTIwOTY3MScwJQYDVQQDDB5BY3RhbGlzIEF1dGhlbnRpY2F0\n" + - "aW9uIFJvb3QgQ0EwHhcNMjAwNzA2MDcyMDU1WhcNMzAwOTIyMTEyMjAyWjCBiTEL\n" + - "MAkGA1UEBhMCSVQxEDAOBgNVBAgMB0JlcmdhbW8xGTAXBgNVBAcMEFBvbnRlIFNh\n" + - "biBQaWV0cm8xFzAVBgNVBAoMDkFjdGFsaXMgUy5wLkEuMTQwMgYDVQQDDCtBY3Rh\n" + - "bGlzIE9yZ2FuaXphdGlvbiBWYWxpZGF0ZWQgU2VydmVyIENBIEczMIICIjANBgkq\n" + - "hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAs73Ch+t2owm3ayTkyqy0OPuCTiybxTyS\n" + - "4cU4y0t2RGSwCNjLh/rcutO0yoriZxVtPrNMcIRQ544BQhHFt/ypW7e+t8wWKrHa\n" + - "r3BkKwSUbqNwpDWP1bXs7IJTVhHXWGAm7Ak1FhrrBmtXk8QtdzTzDDuxfFBK7sCL\n" + - "N0Jdqoqb1V1z3wsWqAvr4KlSCFW05Nh4baWm/kXOmb8U+XR6kUmuoVvia3iBhotR\n" + - "TzAHTO9SWWkgjTcir/nhBvyL2RoqkgYyP/k50bznaVOGFnFWzfl0XnrM/salfCBh\n" + - "O0/1vNaoU8elR6AtbdCFAupgQy95GuFIRVS8n/cF0QupfPjUl+kGSLzvGAc+6oNE\n" + - "alpAhKIS/+P0uODzRrS9Eq0WX1iSj6KHtQMNN4ZKsS4nsuvYCahnAc0QwQyoduAW\n" + - "iU/ynhU9WTIEe1VIoEDE79NPOI2/80RqbZqdpAKUaf0FvuqVXhEcjiJJu+d0w9YN\n" + - "b7gurd6xkaSXemW/fP4idBiNkd8aCVAdshGQYn6yh+na0Lu5IG88Z2kSIFcXDtwy\n" + - "zjcxkW86pwkO6GekEomVBNKcv0Cey2Smf8uhpZk15TSCeyFDrZBWH9OsDst/Tnhz\n" + - "pN156Huw3M3RRdEegt33fcyPykgt0HThxrEv9DwOzhs6lCQ5RNQJO7ZvZF1ZiqgT\n" + - "FOJ6vs1xMqECAwEAAaOCAfQwggHwMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgw\n" + - "FoAUUtiIOsifeGbtifN7OHCUyQICNtAwQQYIKwYBBQUHAQEENTAzMDEGCCsGAQUF\n" + - "BzABhiVodHRwOi8vb2NzcDA1LmFjdGFsaXMuaXQvVkEvQVVUSC1ST09UMEUGA1Ud\n" + - "IAQ+MDwwOgYEVR0gADAyMDAGCCsGAQUFBwIBFiRodHRwczovL3d3dy5hY3RhbGlz\n" + - "Lml0L2FyZWEtZG93bmxvYWQwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMB\n" + - "MIHjBgNVHR8EgdswgdgwgZaggZOggZCGgY1sZGFwOi8vbGRhcDA1LmFjdGFsaXMu\n" + - "aXQvY24lM2RBY3RhbGlzJTIwQXV0aGVudGljYXRpb24lMjBSb290JTIwQ0EsbyUz\n" + - "ZEFjdGFsaXMlMjBTLnAuQS4lMmYwMzM1ODUyMDk2NyxjJTNkSVQ/Y2VydGlmaWNh\n" + - "dGVSZXZvY2F0aW9uTGlzdDtiaW5hcnkwPaA7oDmGN2h0dHA6Ly9jcmwwNS5hY3Rh\n" + - "bGlzLml0L1JlcG9zaXRvcnkvQVVUSC1ST09UL2dldExhc3RDUkwwHQYDVR0OBBYE\n" + - "FJ+KsbXxsd6C9Cd8vojN3qlDgaNLMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0B\n" + - "AQsFAAOCAgEAJbygMnKJ5M6byr5Ectq05ODqwNMtky8TEF3O55g6RHhxblf6OegZ\n" + - "4ui4+ElHNOIXjycbeuUGuFA4LScCC9fnI1Rnn8TI2Q7OP5YWifEfnrdp99t/tJzQ\n" + - "hfdi7ZTdRRZZGV9x+grfR/RtjT2C3Lt9X4lcbuSxTea3PHAwwi0A3bYRR1L5ciPm\n" + - "eAnYtG9kpat8/RuC22oxiZZ5FdjU6wrRWkASRLiIwNcFIYfvpUbMWElaCUhqaB2y\n" + - "YvWF8o02pnaYb4bvTCg4cVabVnojUuuXH81LeQhhsSXLwcdwSdew0NL4zCiNCn2Q\n" + - "iDZpz2biCWDggibmWxsUUF6AbqMHnwsdS8vsKXiFQJHeAdNAhA+kwpqYAdhUiCdj\n" + - "RTUdtRNUucLvZEN1OAvVYyog9xYCfhtkqgXQROMANP+Z/+yaZahaP/Vgak/V00se\n" + - "Hdh7F+B6h5HVdwdh+17E2jl+aMTfyvBFcg2H/9Qjyl4TY8NW/6v0DPK52sVt8a35\n" + - "I+7xLGLPohAl4z6pEf2OxgjMNfXXCXS33smRgz1dLQFo8UpAb3rf84zkXaqEI6Qi\n" + - "2P+5pibVFQigRbn4RcE+K2a/nm2M/o+WZTSio+E+YXacnNk71VcO82biOof+jBKT\n" + - "iC3Xi7rAlypmme+QFBw9F1J89ig3smV/HaN8tO0lfTpvm7Zvzd5TkMs=\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=ssltest-active.actalis.it, O=Actalis S.p.A., L=Ponte San Pietro, - // ST=Bergamo, C=IT - // Issuer: CN=Actalis Organization Validated Server CA G3, O=Actalis S.p A., - // L=Ponte San Pietro, ST=Bergamo, C=IT - // Serial number: 4a49e2afcd448af3b7f5f14e1cd5954 - // Valid from: Tue Mar 08 08:00:57 PST 2022 until: Wed Mar 08 08:00:57 PST 2023 - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIH0jCCBbqgAwIBAgIQBKSeKvzUSK87f18U4c1ZVDANBgkqhkiG9w0BAQsFADCB\n" + - "iTELMAkGA1UEBhMCSVQxEDAOBgNVBAgMB0JlcmdhbW8xGTAXBgNVBAcMEFBvbnRl\n" + - "IFNhbiBQaWV0cm8xFzAVBgNVBAoMDkFjdGFsaXMgUy5wLkEuMTQwMgYDVQQDDCtB\n" + - "Y3RhbGlzIE9yZ2FuaXphdGlvbiBWYWxpZGF0ZWQgU2VydmVyIENBIEczMB4XDTIy\n" + - "MDMwODE2MDA1N1oXDTIzMDMwODE2MDA1N1owdzELMAkGA1UEBhMCSVQxEDAOBgNV\n" + - "BAgMB0JlcmdhbW8xGTAXBgNVBAcMEFBvbnRlIFNhbiBQaWV0cm8xFzAVBgNVBAoM\n" + - "DkFjdGFsaXMgUy5wLkEuMSIwIAYDVQQDDBlzc2x0ZXN0LWFjdGl2ZS5hY3RhbGlz\n" + - "Lml0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJnlOatNNth7gfqZ\n" + - "WN8HMfp9qlkDf/YW8ReNXyTtqFEy2xZrVVmAV2XIqL1lJDYJz86mdVsz3AqIMTzo\n" + - "GxPlmn/oEnF0YeRYQ1coKRdwP7hWSwqyMMhh+C7r5zMA9gQQVXV5wWR5U+bgvt23\n" + - "Y/55DOqk3Fp5Odt6Lyu6xA45MwHrj2Gr/nMKe8L7f8UYPWT98MJa1+TXB24yllOw\n" + - "rZE8gZByLBCVzDkVwRwTgu+HgY6zm5sJTvBT4tyJy4QD8u2xLWoZ5sXodrU0Z3Nf\n" + - "xU9keMFp6CIh1t+akqFgpW81b/HWkfUO0+L6PH4hgaSPtiwp2dVFsF9v5p4on9qA\n" + - "2j1d9QIDAQABo4IDRTCCA0EwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBSfirG1\n" + - "8bHegvQnfL6Izd6pQ4GjSzB+BggrBgEFBQcBAQRyMHAwOwYIKwYBBQUHMAKGL2h0\n" + - "dHA6Ly9jYWNlcnQuYWN0YWxpcy5pdC9jZXJ0cy9hY3RhbGlzLWF1dGhvdmczMDEG\n" + - "CCsGAQUFBzABhiVodHRwOi8vb2NzcDA5LmFjdGFsaXMuaXQvVkEvQVVUSE9WLUcz\n" + - "MCQGA1UdEQQdMBuCGXNzbHRlc3QtYWN0aXZlLmFjdGFsaXMuaXQwUQYDVR0gBEow\n" + - "SDA8BgYrgR8BFAEwMjAwBggrBgEFBQcCARYkaHR0cHM6Ly93d3cuYWN0YWxpcy5p\n" + - "dC9hcmVhLWRvd25sb2FkMAgGBmeBDAECAjAdBgNVHSUEFjAUBggrBgEFBQcDAgYI\n" + - "KwYBBQUHAwEwSAYDVR0fBEEwPzA9oDugOYY3aHR0cDovL2NybDA5LmFjdGFsaXMu\n" + - "aXQvUmVwb3NpdG9yeS9BVVRIT1YtRzMvZ2V0TGFzdENSTDAdBgNVHQ4EFgQUIbcm\n" + - "54DVM6gC8DYhvnZg8ILaLrAwDgYDVR0PAQH/BAQDAgWgMIIBfQYKKwYBBAHWeQIE\n" + - "AgSCAW0EggFpAWcAdQCt9776fP8QyIudPZwePhhqtGcpXc+xDCTKhYY069yCigAA\n" + - "AX9qTFEkAAAEAwBGMEQCIFB4RW+Fca/jj96sFg9JtZVe/CAQq74HAezTi2AD07qL\n" + - "AiBej8APns5uKmaHNYbU6lel6kdowIaUY/+iqX82e2KhrAB2AOg+0No+9QY1MudX\n" + - "KLyJa8kD08vREWvs62nhd31tBr1uAAABf2pMUVMAAAQDAEcwRQIgcopYpSUDiQ2C\n" + - "7j06vgbfsn3ux4REvpbrbWatifLtfVMCIQCi96i+4EhAUOw4dumA7hJwlG+qD/+5\n" + - "uSL3aKB9KR7apAB2AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAAB\n" + - "f2pMUYEAAAQDAEcwRQIgdCNjaV7nQcCiVefX28u1vtQMy+rqT4F4i9EVJ2xbqbQC\n" + - "IQCrpcYqt53tX/rSMoGnjFhDGnMhnYyc2AqzpokfhmdcVTANBgkqhkiG9w0BAQsF\n" + - "AAOCAgEAfXISBKP1dZQv1kkWZVDXiVY/fv+068DKq2e8hgBcsN6b9a2rlVfBU2iq\n" + - "W9KqFNET5GDWf1wjM71Itjau8b1A3+apcNdEGQk3eqIOymK5kVtVvAI2ahp4926x\n" + - "Kkt/sexmi1pJGA+eLfTixkCoaESh5P8U7HDW/vUFXm2AtLQih+oT5OVoYt5e9pXr\n" + - "hr8oadm/ZDJxiyDL1vcTIsl2TM4/Fpo2IWxYzUC+YshnuLiRwWI840maJmWFx/lJ\n" + - "Pzdik3P51Uef7VsCSBhTxER09/B4IrEUMDAhVgG5QNbcFSHvnmpV8JLrNuBKUROU\n" + - "xnDsWieKlb5YO6S6PjGOncOrd+k4RCIYRaekSnx52WBKkpqxMEv/rjY1Glx4Cota\n" + - "mpNiYDvZHGzrRQtY2eH17XhFatBxEEbJMA+0QPbFksHcKxAxJgMDncqag4TDq5fT\n" + - "I2NUxqiB51F5w0x+++lyLnUZ+z4BJFZ73VdtfoJ2fsuRhemOoZjHPi/V2exXpAfb\n" + - "pomha3KCrTcuFv1lj8mPx5L4ciNPxuDFgjeXEaTGjS8IvdNoJIrgdHdahMwkwS/y\n" + - "wei7FJ1Ey0maqRUpUlAY6sIQPQ/KDltTuKX/C94C5pYLI0JXCScr5xg6C+r2ckbA\n" + - "rjhpn3C/NptVyZgT8bL4XT5ITrAjwPciBj0yxYzUkrLZO1wKQSQ=\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=ssltest-revoked.actalis.it, O=Actalis S.p.A., L=Ponte San Pietro, ST=Bergamo, C=IT - // Issuer: CN=Actalis Organization Validated Server CA G3, O=Actalis S.p.A., - // L=Ponte San Pietro, ST=Bergamo, C=IT - // Serial number: 320955171b78d49507508910da2c5bc4 - // Valid from: Tue Sep 27 03:40:43 PDT 2022 until: Wed Sep 27 03:40:43 PDT 2023 - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIH1TCCBb2gAwIBAgIQMglVFxt41JUHUIkQ2ixbxDANBgkqhkiG9w0BAQsFADCB\n" + - "iTELMAkGA1UEBhMCSVQxEDAOBgNVBAgMB0JlcmdhbW8xGTAXBgNVBAcMEFBvbnRl\n" + - "IFNhbiBQaWV0cm8xFzAVBgNVBAoMDkFjdGFsaXMgUy5wLkEuMTQwMgYDVQQDDCtB\n" + - "Y3RhbGlzIE9yZ2FuaXphdGlvbiBWYWxpZGF0ZWQgU2VydmVyIENBIEczMB4XDTIy\n" + - "MDkyNzEwNDA0M1oXDTIzMDkyNzEwNDA0M1oweDELMAkGA1UEBhMCSVQxEDAOBgNV\n" + - "BAgMB0JlcmdhbW8xGTAXBgNVBAcMEFBvbnRlIFNhbiBQaWV0cm8xFzAVBgNVBAoM\n" + - "DkFjdGFsaXMgUy5wLkEuMSMwIQYDVQQDDBpzc2x0ZXN0LXJldm9rZWQuYWN0YWxp\n" + - "cy5pdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKdBnbeFtw/Ejp1U\n" + - "gr86BQ5rqgGXWWXb7fsOhPb5On9RXTojg6oaeIV4GxHsMZhEDKQdcZ6JWAo2dbtp\n" + - "/7ereFEDWG/YJahLHFZ/ihXG4AmfObYEhoGbKitW75fOs/aWC7Veck/sXsw7cjLW\n" + - "GY623ybcF9DBExg3S4uLRaSkv5hXUDu/CzphUgwiEd5YNBZjcryOiS8+Y5EQ+2q+\n" + - "g+tdRG9m5G5YxeHWgQz2HDDwLDsJhWkb8/RsUurU/I+avHPhYk13K5Ysf311gww8\n" + - "bAsplfdJ2gdn8Is+EAEH4GJHqMybC95YDh1w5dY7dk/lIoNX4hYUIQimirIr3OW8\n" + - "Svkj1G8CAwEAAaOCA0cwggNDMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUn4qx\n" + - "tfGx3oL0J3y+iM3eqUOBo0swfgYIKwYBBQUHAQEEcjBwMDsGCCsGAQUFBzAChi9o\n" + - "dHRwOi8vY2FjZXJ0LmFjdGFsaXMuaXQvY2VydHMvYWN0YWxpcy1hdXRob3ZnMzAx\n" + - "BggrBgEFBQcwAYYlaHR0cDovL29jc3AwOS5hY3RhbGlzLml0L1ZBL0FVVEhPVi1H\n" + - "MzAlBgNVHREEHjAcghpzc2x0ZXN0LXJldm9rZWQuYWN0YWxpcy5pdDBRBgNVHSAE\n" + - "SjBIMDwGBiuBHwEUATAyMDAGCCsGAQUFBwIBFiRodHRwczovL3d3dy5hY3RhbGlz\n" + - "Lml0L2FyZWEtZG93bmxvYWQwCAYGZ4EMAQICMB0GA1UdJQQWMBQGCCsGAQUFBwMC\n" + - "BggrBgEFBQcDATBIBgNVHR8EQTA/MD2gO6A5hjdodHRwOi8vY3JsMDkuYWN0YWxp\n" + - "cy5pdC9SZXBvc2l0b3J5L0FVVEhPVi1HMy9nZXRMYXN0Q1JMMB0GA1UdDgQWBBS6\n" + - "o8qJpg3ixoyA2QBayptaTfc+5DAOBgNVHQ8BAf8EBAMCBaAwggF+BgorBgEEAdZ5\n" + - "AgQCBIIBbgSCAWoBaAB2AK33vvp8/xDIi509nB4+GGq0Zyldz7EMJMqFhjTr3IKK\n" + - "AAABg36SGRYAAAQDAEcwRQIgDXxSCQGfcIYroxNiDJg08IX38Y9+r5CC6T4NeW14\n" + - "FzgCIQDdEhEYsGIWpwyrnTLr4RFB5CMEq+84dByNT07UYkiVwwB2AHoyjFTYty22\n" + - "IOo44FIe6YQWcDIThU070ivBOlejUutSAAABg36SGTUAAAQDAEcwRQIgL2ig9RrM\n" + - "FPWESGRYGJJJYRHdcayHev66jawrf98saN8CIQD/CInlI3Vo7SBzzN/4uykjYsFZ\n" + - "u9RypT6AYv6AHPlNdQB2AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kT\n" + - "AAABg36SGU0AAAQDAEcwRQIhAOCD/dOs4HjyC+GQaQRh4U+/mUwWyu+CnlHdebmD\n" + - "hAvFAiAvBE0rbxgm8TpZLG2TaMk3dqZj7Q6FFdLlqTsvwhKa3jANBgkqhkiG9w0B\n" + - "AQsFAAOCAgEAEnPALMVp1pySJgHhugLWAUgiD6stpDWCKfaBxPr+jf34A5wS+m5r\n" + - "2VhYyNQpOwIQB76K2RSJQrdpg7Dg2L6EiUnbbClSTrOkZ4XX5ggBIjldDEx4ZxhI\n" + - "zwSw4KB6+DDAVMwsCL0q0E7AAPOMaZ0RDLteusqQYIYm08TXfJPWD8LjQPt/8Uie\n" + - "LOqm1eLUuwJc+eHFWV+Xr8Uea6SFwqNEj7qPHb2MElctET/MhSIIUKI1ObmrFwyB\n" + - "ElKEPaUh9L0HXpnuD8IWc7tw2mdvnWJhuGG8G6JkasTGvtZ4gKIDBdTrJcuj7MCS\n" + - "amz3ZBCY47tP1ohgImjqwg4ITYjX6UQXgj/nBVDdu+nXkEhx16uPJkTYWaun9Nio\n" + - "8RjYIOxXmDD39QbGUElP0Epsr2wcVT9tIFYMGzUpIO51mCk3Aq1AmiQZwZZhqOIN\n" + - "RDx7lGESPj3IgdVfJi9Ing/OUNtS46Ug9DSuDcGqdY7KnTYEUdWGsUJNtnpjd4lS\n" + - "U6oIAeW1aKuOve6iNg1vsFAN57aJNh1ih3BOup58J9ve42bNlAYWN8wiNxM+Aeba\n" + - "ArUSTnH/QEYCyMRD0XqIREVR9VhNODgSZbL3XedYBAW9wImi1whp+u+8aReXd7lC\n" + - "Q3kD9KRyfZ9Kk05Glf3DsZMWvp1N2ZZWaU2Ms5U3ijUheCiBrqrs8a8=\n" + - "-----END CERTIFICATE-----"; - - public static void main(String[] args) throws Exception { - - ValidatePathWithParams pathValidator = new ValidatePathWithParams(null); - - if (args.length >= 1 && "CRL".equalsIgnoreCase(args[0])) { - pathValidator.enableCRLCheck(); - } else { - // OCSP check by default - pathValidator.enableOCSPCheck(); - } - - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, - "Tue Sep 27 03:52:40 PDT 2022", System.out); - } -} diff --git a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/AmazonCA.java b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/AmazonCA.java deleted file mode 100644 index 6cb50066b6d..00000000000 --- a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/AmazonCA.java +++ /dev/null @@ -1,552 +0,0 @@ -/* - * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -/* - * @test - * @bug 8233223 - * @summary Interoperability tests with Amazon's CA1, CA2, CA3, and CA4 - * @build ValidatePathWithParams - * @run main/othervm -Djava.security.debug=certpath AmazonCA OCSP - * @run main/othervm -Djava.security.debug=certpath AmazonCA CRL - */ - -/* - * Obtain TLS test artifacts for Amazon CAs from: - * - * Amazon Root CA 1 - * Valid - https://good.sca1a.amazontrust.com/ - * Revoked - https://revoked.sca1a.amazontrust.com/ - * Amazon Root CA 2 - * Valid - https://good.sca2a.amazontrust.com/ - * Revoked - https://revoked.sca2a.amazontrust.com/ - * Amazon Root CA 3 - * Valid - https://good.sca3a.amazontrust.com/ - * Revoked - https://revoked.sca3a.amazontrust.com/ - * Amazon Root CA 4 - * Valid - https://good.sca4a.amazontrust.com/ - * Revoked - https://revoked.sca4a.amazontrust.com/ - */ -public class AmazonCA { - - public static void main(String[] args) throws Exception { - - ValidatePathWithParams pathValidator = new ValidatePathWithParams(null); - boolean ocspEnabled = false; - - if (args.length >= 1 && "CRL".equalsIgnoreCase(args[0])) { - pathValidator.enableCRLCheck(); - } else { - // OCSP check by default - pathValidator.enableOCSPCheck(); - ocspEnabled = true; - } - - new AmazonCA_1().runTest(pathValidator, ocspEnabled); - new AmazonCA_2().runTest(pathValidator, ocspEnabled); - new AmazonCA_3().runTest(pathValidator, ocspEnabled); - new AmazonCA_4().runTest(pathValidator, ocspEnabled); - } -} - -class AmazonCA_1 { - - // Owner: CN=Amazon, OU=Server CA 1A, O=Amazon, C=US - // Issuer: CN=Amazon Root CA 1, O=Amazon, C=US - // Serial number: 67f9457508c648c09ca652e71791830e72592 - // Valid from: Wed Oct 21 17:00:00 PDT 2015 until: Sat Oct 18 17:00:00 PDT 2025 - private static final String INT = "-----BEGIN CERTIFICATE-----\n" + - "MIIERzCCAy+gAwIBAgITBn+UV1CMZIwJymUucXkYMOclkjANBgkqhkiG9w0BAQsF\n" + - "ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6\n" + - "b24gUm9vdCBDQSAxMB4XDTE1MTAyMjAwMDAwMFoXDTI1MTAxOTAwMDAwMFowRjEL\n" + - "MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEVMBMGA1UECxMMU2VydmVyIENB\n" + - "IDFBMQ8wDQYDVQQDEwZBbWF6b24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" + - "AoIBAQCeQM3XCsIZunv8bSJxOqkc/ed87uL76FDB7teBNThDRB+1J7aITuadbNfH\n" + - "5ZfZykrdZ1qQLKxP6DwHOmJr9u2b4IxjUX9qUMuq4B02ghD2g6yU3YivEosZ7fpo\n" + - "srD2TBN29JpgPGrOrpOE+ArZuIpBjdKFinemu6fTDD0NCeQlfyHXd1NOYyfYRLTa\n" + - "xlpDqr/2M41BgSkWQfSPHHyRWNQgWBiGsIQaS8TK0g8OWi1ov78+2K9DWT+AHgXW\n" + - "AanjZK91GfygPXJYSlAGxSiBAwH/KhAMifhaoFYAbH0Yuohmd85B45G2xVsop4TM\n" + - "Dsl007U7qnS7sdJ4jYGzEvva/a95AgMBAAGjggE5MIIBNTASBgNVHRMBAf8ECDAG\n" + - "AQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUYtRCXoZwdWqQvMa40k1g\n" + - "wjS6UTowHwYDVR0jBBgwFoAUhBjMhTTsvAyUlC4IWZzHshBOCggwewYIKwYBBQUH\n" + - "AQEEbzBtMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5yb290Y2ExLmFtYXpvbnRy\n" + - "dXN0LmNvbTA6BggrBgEFBQcwAoYuaHR0cDovL2NydC5yb290Y2ExLmFtYXpvbnRy\n" + - "dXN0LmNvbS9yb290Y2ExLmNlcjA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3Js\n" + - "LnJvb3RjYTEuYW1hem9udHJ1c3QuY29tL3Jvb3RjYTEuY3JsMBEGA1UdIAQKMAgw\n" + - "BgYEVR0gADANBgkqhkiG9w0BAQsFAAOCAQEAMHbSWHRFMzGNIE0qhN6gnRahTrTU\n" + - "CDPwe7l9/q0IA+QBlrpUHnlAreetYeH1jB8uF3qXXzy22gpBU7NqulTkqSPByT1J\n" + - "xOhpT2FpO5R3VAdMPdWfSEgtrED0jkmyUQrR1T+/A+nBLdJZeQcl+OqLgeY790JM\n" + - "JJTsJnnI6FBWeTGhcDI4Y+n3KS3QCVePeWI7jx1dhrHcXH+QDX8Ywe31hV7YENdr\n" + - "HDpUXrjK6eHN8gazy8G6pndXHFwHp4auiZbJbYAk/q1peOTRagD2JojcLkm+i3cD\n" + - "843t4By6YT/PVlePU2PCWejkrJQnKQAPOov7IA8kuO2RDWuzE/zF6Hotdg==\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=good.sca1a.amazontrust.com, O=Amazon Trust Services, L=Seattle, ST=Washington, C=US, \ - // SERIALNUMBER=5846743, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, \ - // OID.1.3.6.1.4.1.311.60.2.1.3=US - // Issuer: CN=Amazon, OU=Server CA 1A, O=Amazon, C=US - // Serial number: 703e4e4bbd78e2b6db5634f36c4ee944cb1a4 - // Valid from: Mon Jul 29 16:53:36 PDT 2019 until: Sat Aug 29 16:53:36 PDT 2020 - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIFEzCCA/ugAwIBAgITBwPk5LvXjitttWNPNsTulEyxpDANBgkqhkiG9w0BAQsF\n" + - "ADBGMQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2\n" + - "ZXIgQ0EgMUExDzANBgNVBAMTBkFtYXpvbjAeFw0xOTA3MjkyMzUzMzZaFw0yMDA4\n" + - "MjkyMzUzMzZaMIHaMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwC\n" + - "AQITCERlbGF3YXJlMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjEQMA4G\n" + - "A1UEBRMHNTg0Njc0MzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24x\n" + - "EDAOBgNVBAcTB1NlYXR0bGUxHjAcBgNVBAoTFUFtYXpvbiBUcnVzdCBTZXJ2aWNl\n" + - "czEjMCEGA1UEAxMaZ29vZC5zY2ExYS5hbWF6b250cnVzdC5jb20wggEiMA0GCSqG\n" + - "SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQyuJ83c2Zf9k29f6iLqd8nJSuHSk1v+SS\n" + - "0sYyG8tjscfCC1HcOdNj37vtiNN65sXh/e/kBKH9wvzhCLOJbBqVKRHOZuHdJEpH\n" + - "35R6C/PbcV/tp49g6mNmBe+lcmm/cwwCtYvkL0rgL/OKB0liFhhRIqy2TPg08op/\n" + - "RlY2DdbgBA2B3g7wdMo0hK3SO56/QUccUtLRm43km9Yd4E3U+CEUyDd0Bmc/YbPa\n" + - "htuXVsXJwiwlwooomujIIENhFw3htdcsu2apRj8EYUrKL8Mvvn+h16gDyobj0f01\n" + - "jWXlUgmH2lzUzca5eGuphfvmWN/ME/yqC2mMvWGnWySycqtT8VdJAgMBAAGjggFj\n" + - "MIIBXzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0OBBYEFFENOZBwFkjVdQX0iK32c77z\n" + - "SUl6MB8GA1UdIwQYMBaAFGLUQl6GcHVqkLzGuNJNYMI0ulE6MB0GA1UdJQQWMBQG\n" + - "CCsGAQUFBwMBBggrBgEFBQcDAjB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGG\n" + - "IWh0dHA6Ly9vY3NwLnNjYTFhLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYq\n" + - "aHR0cDovL2NydC5zY2ExYS5hbWF6b250cnVzdC5jb20vc2NhMWEuY2VyMCUGA1Ud\n" + - "EQQeMByCGmdvb2Quc2NhMWEuYW1hem9udHJ1c3QuY29tMFAGA1UdIARJMEcwDQYL\n" + - "YIZIAYb9bgEHGAMwNgYFZ4EMAQEwLTArBggrBgEFBQcCARYfaHR0cHM6Ly93d3cu\n" + - "YW1hem9udHJ1c3QuY29tL2NwczANBgkqhkiG9w0BAQsFAAOCAQEAmn7z6Ub1sL77\n" + - "wyUEaCq/Odqm+2RtYYMJ1MeW6nTXTfAgZ/iLx/6hStafd9AK9gHiTCggBpj6KgnF\n" + - "UsGMDeX879jP675fH6SEk710QPDhIrfAzwE0pF/eUNsd7pLwne32zHX0ouCoAt4d\n" + - "KwBCZkKNUkdj4U+bpOJzvtcTP9JlzziLp9IFRjjQh3xKgfblx57CmRJbqH3fT5JJ\n" + - "IAIDVTz3ZUcqhPTFAnNsO1oNBEyrO5X9rwCiSy7aRijY/11R75mIIvyA9zyd9ss1\n" + - "kvrrER0GWMTDvC84FZD2vhkXgPTFrB1Dn9f3QgO5APT9GCFY5hdpqqPEXOSdRzQo\n" + - "h9j4OQAqtA==\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=revoked.sca1a.amazontrust.com, O=Amazon Trust Services, L=Seattle, ST=Washington, C=US, \ - // SERIALNUMBER=5846743, OID.2.5.4.15=PrivateOrganization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, \ - // OID.1.3.6.1.4.1.311.60.2.1.3=US - // Issuer: CN=Amazon, OU=Server CA 1A, O=Amazon, C=US - // Serial number: 6f1d774ad5e7b6d251d217661782bbdb6f37d - // Valid from: Mon Jan 28 15:34:38 PST 2019 until: Thu Apr 28 16:34:38 PDT 2022 - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIE2zCCA8OgAwIBAgITBvHXdK1ee20lHSF2YXgrvbbzfTANBgkqhkiG9w0BAQsF\n" + - "ADBGMQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2\n" + - "ZXIgQ0EgMUExDzANBgNVBAMTBkFtYXpvbjAeFw0xOTAxMjgyMzM0MzhaFw0yMjA0\n" + - "MjgyMzM0MzhaMIHcMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwC\n" + - "AQITCERlbGF3YXJlMRwwGgYDVQQPExNQcml2YXRlT3JnYW5pemF0aW9uMRAwDgYD\n" + - "VQQFEwc1ODQ2NzQzMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQ\n" + - "MA4GA1UEBxMHU2VhdHRsZTEeMBwGA1UEChMVQW1hem9uIFRydXN0IFNlcnZpY2Vz\n" + - "MSYwJAYDVQQDEx1yZXZva2VkLnNjYTFhLmFtYXpvbnRydXN0LmNvbTCCASIwDQYJ\n" + - "KoZIhvcNAQEBBQADggEPADCCAQoCggEBANUoHop9sW+QlgVsdtacioraTAWHcSTd\n" + - "MNkOkOEMgJIFPyfdcDvW/H2NvpdYeIQqzaCgT2kcsONWTZTPJMirCPnzl1ohHOZU\n" + - "uTnOVkamGxvNmQCURLBXmlCMRTCI5RY3CuYntFFbSPAnbumsF+K/gKqcE6ME53Bw\n" + - "PAwn4qwavB0i5Ib7Jk8XYzxSYXC9l8QLxt6fshPJRlecpXzfmVFvMAm3IbaLcpuv\n" + - "AtD+8I2KwjNtBPRPNYeFsWxwsgUGAyHEGa61oTGUqqAXu5YmPfyK+YTOJdoofsh4\n" + - "Tf3K7AKxnPWuvY3RNTs1pzEVwJYZqSsNwbgyKJJ4+0Xe4iP7qB8SYf8CAwEAAaOC\n" + - "ASkwggElMA4GA1UdDwEB/wQEAwIFoDAdBgNVHQ4EFgQUGHreoz+LP/Wr+RKzuexO\n" + - "V8ICtmEwHwYDVR0jBBgwFoAUYtRCXoZwdWqQvMa40k1gwjS6UTowHQYDVR0lBBYw\n" + - "FAYIKwYBBQUHAwEGCCsGAQUFBwMCMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcw\n" + - "AYYhaHR0cDovL29jc3Auc2NhMWEuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAC\n" + - "hipodHRwOi8vY3J0LnNjYTFhLmFtYXpvbnRydXN0LmNvbS9zY2ExYS5jZXIwKAYD\n" + - "VR0RBCEwH4IdcmV2b2tlZC5zY2ExYS5hbWF6b250cnVzdC5jb20wEwYDVR0gBAww\n" + - "CjAIBgZngQwBAgEwDQYJKoZIhvcNAQELBQADggEBABSbe1UCLL7Qay6XK5wD8B5a\n" + - "wvR1XG3UrggpVIz/w5cutEm/yE71hzE0gag/3YPbNYEnaLbJH+9jz4YW9wd/cEPj\n" + - "xSK5PErAQjCd+aA4LKN1xqkSysgYknl0y47hJBXGnWf+hxvBBHeSoUzM0KIC21pC\n" + - "ZyXrmfaPCQAz13ruYIYdQaETqXGVORmKbf/a+Zn18/tfQt0LeeCYVoSopbXWQvcJ\n" + - "gUMtdIqYQmb8aVj0pdZXwKl4yZ2DtlS3Z9MpWNgQNlhRPmiYlu28y2yTtZ9SwD6m\n" + - "2f+cwc19aJrDT4Y280px+jRU7dIE6oZVJU+yBRVIZYpUFAB7extCMVxnTkCf8Dk=\n" + - "-----END CERTIFICATE-----"; - - public void runTest(ValidatePathWithParams pathValidator, boolean ocspEnabled) throws Exception { - // EE certificates don't have CRLDP extension - if (!ocspEnabled){ - pathValidator.validate(new String[]{INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - return; - } - - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, - "Mon Jan 28 15:35:56 PST 2019", System.out); - } -} - -class AmazonCA_2 { - - // Owner: CN=Amazon, OU=Server CA 2A, O=Amazon, C=US - // Issuer: CN=Amazon Root CA 2, O=Amazon, C=US - // Serial number: 67f945755f187a91f8163f3e624620177ff38 - // Valid from: Wed Oct 21 17:00:00 PDT 2015 until: Sat Oct 18 17:00:00 PDT 2025 - private static final String INT = "-----BEGIN CERTIFICATE-----\n" + - "MIIGRzCCBC+gAwIBAgITBn+UV1Xxh6kfgWPz5iRiAXf/ODANBgkqhkiG9w0BAQwF\n" + - "ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6\n" + - "b24gUm9vdCBDQSAyMB4XDTE1MTAyMjAwMDAwMFoXDTI1MTAxOTAwMDAwMFowRjEL\n" + - "MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEVMBMGA1UECxMMU2VydmVyIENB\n" + - "IDJBMQ8wDQYDVQQDEwZBbWF6b24wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK\n" + - "AoICAQC0P8hSLewmrZ41CCPBQytZs5NBFMq5ztbnMf+kZUp9S25LPfjNW3zgC/6E\n" + - "qCTWNVMMHhq7ez9IQJk48qbfBTLlZkuKnUWbA9vowrDfcxUN0mRE4B/TJbveXyTf\n" + - "vE91iDlqDrERecE9D8sdjzURrtHTp27lZdRkXFvfEVCq4hl3sHkzjodisaQthLp1\n" + - "gLsiA7vKt+8zcL4Aeq52UyYb8r4/jdZ3KaQp8O/T4VwDCRKm8ey3kttpJWaflci7\n" + - "eRzNjY7gE3NMANVXCeQwOBfH2GjINFCObmPsqiBuoAnsv2k5aQLNoU1OZk08ClXm\n" + - "mEZ2rI5qZUTX1HuefBJnpMkPugFCw8afaHnB13SkLE7wxX8SZRdDIe5WiwyDL1tR\n" + - "2+8lpz4JsMoFopHmD3GaHyjbN+hkOqHgLltwewOsiyM0u3CZphypN2KeD+1FLjnY\n" + - "TgdIAd1FRgK2ZXDDrEdjnsSEfShKf0l4mFPSBs9E3U6sLmubDRXKLLLpa/dF4eKu\n" + - "LEKS1bXYT28iM6D5gSCnzho5G4d18jQD/slmc5XmRo5Pig0RyBwDaLuxeIZuiJ0A\n" + - "J6YFhffbrLYF5dEQl0cU+t3VBK5u/o1WkWXsZawU038lWn/AXerodT/pAcrtWA4E\n" + - "NQEN09WEKMhZVPhqdwhF/Gusr04mQtKt7T2v6UMQvtVglv5E7wIDAQABo4IBOTCC\n" + - "ATUwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0OBBYE\n" + - "FNpDStD8AcBLv1gnjHbNCoHzlC70MB8GA1UdIwQYMBaAFLAM8Eww9AVYAkj9M+VS\n" + - "r0uE42ZSMHsGCCsGAQUFBwEBBG8wbTAvBggrBgEFBQcwAYYjaHR0cDovL29jc3Au\n" + - "cm9vdGNhMi5hbWF6b250cnVzdC5jb20wOgYIKwYBBQUHMAKGLmh0dHA6Ly9jcnQu\n" + - "cm9vdGNhMi5hbWF6b250cnVzdC5jb20vcm9vdGNhMi5jZXIwPwYDVR0fBDgwNjA0\n" + - "oDKgMIYuaHR0cDovL2NybC5yb290Y2EyLmFtYXpvbnRydXN0LmNvbS9yb290Y2Ey\n" + - "LmNybDARBgNVHSAECjAIMAYGBFUdIAAwDQYJKoZIhvcNAQEMBQADggIBAEO5W+iF\n" + - "yChjDyyrmiwFupVWQ0Xy2ReFNQiZq7XKVHvsLQe01moSLnxcBxioOPBKt1KkZO7w\n" + - "Gcbmke0+7AxLaG/F5NPnzRtK1/pRhXQ0XdU8pVh/1/h4GoqRlZ/eN0JDarUhZPkV\n" + - "kSr96LUYDTxcsAidF7zkzWfmtcJg/Aw8mi14xKVEa6aVyKu54c8kKkdlt0WaigOv\n" + - "Z/xYhxp24AfoFKaIraDNdsD8q2N7eDYeN4WGLzNSlil+iFjzflI9mq1hTuI/ZNjV\n" + - "rbvob6FUQ8Cc524gMjbpZCNuZ1gfXzwwhGp0AnQF6CJsWF9uwPpZEVFnnnfiWH3M\n" + - "oup41EvBhqaAqOlny0sm5pI82nRUCAE3DLkJ1+eAtdQaYblZQkQrRyTuPmJEm+5y\n" + - "QwdDVw6uHc5OsSj/tyhh8zJ2Xq3zgh3dMONGjJEysxGaCoIb+61PWwMy2dIarVwI\n" + - "r+c+AY+3PrhgBspNdWZ87JzNHii7ksdjUSVGTTy1vGXgPYrv0lp0IMnKaZP58xiw\n" + - "rDx7uTlQuPVWNOZvCaT3ZcoxTsNKNscIUe+WJjWx5hdzpv/oksDPY5ltZ0j3hlDS\n" + - "D+Itk95/cNJVRM/0HpxI1SX9MTZtOSJoEDdUtOpVaOuBAvEK4gvTzdt0r5L+fuI6\n" + - "o5LAuRo/LO1xVRH49KFRoaznzU3Ch9+kbPb3\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=good.sca2a.amazontrust.com, O=Amazon Trust Services, L=Seattle, ST=Washington, C=US, \ - // SERIALNUMBER=5846743, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, \ - // OID.1.3.6.1.4.1.311.60.2.1.3=US - // Issuer: CN=Amazon, OU=Server CA 2A, O=Amazon, C=US - // Serial number: 703e4e70616c90d611fd04a5ecc635665184e - // Valid from: Mon Jul 29 16:54:06 PDT 2019 until: Sat Aug 29 16:54:06 PDT 2020 - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIHEzCCBPugAwIBAgITBwPk5wYWyQ1hH9BKXsxjVmUYTjANBgkqhkiG9w0BAQwF\n" + - "ADBGMQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2\n" + - "ZXIgQ0EgMkExDzANBgNVBAMTBkFtYXpvbjAeFw0xOTA3MjkyMzU0MDZaFw0yMDA4\n" + - "MjkyMzU0MDZaMIHaMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwC\n" + - "AQITCERlbGF3YXJlMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjEQMA4G\n" + - "A1UEBRMHNTg0Njc0MzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24x\n" + - "EDAOBgNVBAcTB1NlYXR0bGUxHjAcBgNVBAoTFUFtYXpvbiBUcnVzdCBTZXJ2aWNl\n" + - "czEjMCEGA1UEAxMaZ29vZC5zY2EyYS5hbWF6b250cnVzdC5jb20wggIiMA0GCSqG\n" + - "SIb3DQEBAQUAA4ICDwAwggIKAoICAQC+XjOB3ZCFX+b9y9reP+e6EAQz4ytiMSqU\n" + - "O4s5MyYLkY6n4BIZHmgWeQ2IgW1VrH8ho+Iu3UsTiuhd3/L/q/w+T0OJfcrWngTs\n" + - "uVcIuvUr32ObPeeWbg/m/lkN7hqH1jY62iybYVrFXiLo1+0G92PUazcyNvyA20+G\n" + - "HsvGG5jlArWNgRLdc8KUXxvnDUxx5vu4jeHEZnqSwuulV1h9ve0UutkmoK0Sk7Rz\n" + - "HMxYK0LmUT5OvcNQSkUi5nLi+M1FxnYYgsELwSiKSSEDfEdgxooMAiVTgw51Q/DB\n" + - "lTOjAIDL3K3J0yGfIG3bwLvE1qz2Z5yWn8f3JibIah7LrC4PiZDDLHFM6V9l+YqU\n" + - "RqimJ5BltSyAx7bxQNZ1AW3Lxvvm894i4k6/Vdf1CDovRuTMPCDAQmKA/A/AQ7TN\n" + - "q3bBimX6UyuJu0I8RyvAYKzFhOOqe4vXrbndTbje/jnzTNQPeIIcuRa9cgXTOrbw\n" + - "86FTUKj6AZXihRWjKWsQpDwdgE0tQETZ3ynCXfbBKfFmn0MSjeX0CEEAZdYHR8EV\n" + - "F271Yt7UJjS/FP702aHTOWk7zFbIRfFQODvBhn0I8p/Stk2sDq4/YsbXVZOe3+ad\n" + - "YavoiODGSAH6ZcZzULumgK9eii0koAOPB/xqXnkcTS63gEHOKjLQl3hqdVZRCugv\n" + - "1CwUXLvoSwIDAQABo4IBYzCCAV8wDgYDVR0PAQH/BAQDAgWgMB0GA1UdDgQWBBTa\n" + - "j6dHgPdOxTGLcwaNDeaMnlSxNjAfBgNVHSMEGDAWgBTaQ0rQ/AHAS79YJ4x2zQqB\n" + - "85Qu9DAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYIKwYBBQUHAQEE\n" + - "aTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5zY2EyYS5hbWF6b250cnVzdC5j\n" + - "b20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQuc2NhMmEuYW1hem9udHJ1c3QuY29t\n" + - "L3NjYTJhLmNlcjAlBgNVHREEHjAcghpnb29kLnNjYTJhLmFtYXpvbnRydXN0LmNv\n" + - "bTBQBgNVHSAESTBHMA0GC2CGSAGG/W4BBxgDMDYGBWeBDAEBMC0wKwYIKwYBBQUH\n" + - "AgEWH2h0dHBzOi8vd3d3LmFtYXpvbnRydXN0LmNvbS9jcHMwDQYJKoZIhvcNAQEM\n" + - "BQADggIBAE6RwZAZvN0i9ygwzqoX9DhSPtvZ3xIO0G0Bhgjkb986+p8XJstU3gEM\n" + - "8P2i1J/YthXCnRGedm+Odxx+31G6xIYfP5S5g7HyRGkj/aXNXy4s3KjH8HJgOY9N\n" + - "ra3XfC05OKq5FpyZQDZ+hxCdLrH3Gs+UxREbu+LuIKUpI7nMVEjn9XynKyOdKN21\n" + - "Kq5VsuI0fDWCYvUN1M+lI/LgE5HbNJVQJs+dB7g1/kaOeaLia7Wk1ys+uRzB58rp\n" + - "FKAoLk++HWTfNDkbN8vKRfHhJ/xhI9ju3TWcci6EyFVAym1C62UkJNI0KHgQ+zc7\n" + - "nl1tv/ytj8N/eJoysyp23lJ5qrVetlQORfgXryGkWBMYBvYF8zbBb/f+UXHDKVWt\n" + - "9l1lL6HQGY/tTo253pj6/FgDD35bZdjLQeUVmbnz679S5oUmoH5ZtSdnpUTghU3p\n" + - "bae9adBFY9S1pm50Q3ckRVBAwNqNmI0KKUh14Ms8KSAUHg19NvGsBonqwOT2rdbv\n" + - "xZ47N6c2eCl/cjMvzre0v0NoUO+3og2GHeAoOwVos6480YDbMqp739tOFPxBcsII\n" + - "6SjpDVh+14dkSW6kEKeaCFLR+eChqutri1VQbQ49nmADQWw9Al8vBytSnPv0YN6W\n" + - "XfIE1Qj7YmHu/UuoeKVsqDqoP/no29+96dtfd4afJqlIoyZUqXpt\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=revoked.sca2a.amazontrust.com, O=Amazon Trust Services, L=Seattle, ST=Washington, C=US, \ - // SERIALNUMBER=5846743, OID.2.5.4.15=PrivateOrganization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, \ - // OID.1.3.6.1.4.1.311.60.2.1.3=US - //Issuer: CN=Amazon, OU=Server CA 2A, O=Amazon, C=US - //Serial number: 6f1d782c0aa2f4866b7b522c279b939b92369 - //Valid from: Mon Jan 28 15:37:45 PST 2019 until: Thu Apr 28 16:37:45 PDT 2022 - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIG2zCCBMOgAwIBAgITBvHXgsCqL0hmt7Uiwnm5ObkjaTANBgkqhkiG9w0BAQwF\n" + - "ADBGMQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2\n" + - "ZXIgQ0EgMkExDzANBgNVBAMTBkFtYXpvbjAeFw0xOTAxMjgyMzM3NDVaFw0yMjA0\n" + - "MjgyMzM3NDVaMIHcMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwC\n" + - "AQITCERlbGF3YXJlMRwwGgYDVQQPExNQcml2YXRlT3JnYW5pemF0aW9uMRAwDgYD\n" + - "VQQFEwc1ODQ2NzQzMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQ\n" + - "MA4GA1UEBxMHU2VhdHRsZTEeMBwGA1UEChMVQW1hem9uIFRydXN0IFNlcnZpY2Vz\n" + - "MSYwJAYDVQQDEx1yZXZva2VkLnNjYTJhLmFtYXpvbnRydXN0LmNvbTCCAiIwDQYJ\n" + - "KoZIhvcNAQEBBQADggIPADCCAgoCggIBAKFm418X8hN1YTgD2XpMb4sp78mw8k3j\n" + - "Dq/vnpX48evVUzNpHpy4qRz/ZHBR4HUJO4lhfnX+CO0uRqqqx4F0JZRQB3KevaU8\n" + - "QGWHdJGhEddnurDhrgOUa+ZroqUnMCsTJfbyGtC6aiEXeu/eMhEUFkuBxJH1JtwD\n" + - "dQXMXuMjG07SVjOkhTkbMDzA/YbUqkDeOIybifDuvA5LEsl+kReY0b6RYFo2Tt/M\n" + - "dPhJD8q3Wsu+XCiCnbpcwlEVGxiD2RVRXJJ9o3ALGOxqU69V+lYS0kkwNHT7oV9J\n" + - "rhgt7iOCq0aoTAxu2j4FCp0JHNhGoW9pXoMXnmS6kK80hzLNYDxvKEaVaKkiYHw5\n" + - "CV0Vwii05ICa14nrStH/jcRNLyU+gp+6OeerPV3jpKWshGKWewF+2UiWU2WHTSrd\n" + - "Wis0/qEfFK/kSraAxpd+KavEEavKeudoMAHIxMACOk9E/fF5zhd2y4G1q1BdoRlR\n" + - "KP4GIV2v6qH6Ru2mNSuge9il6kDXxFNucrYKLDbAqkqalohkvDavcPoG9gZT3etv\n" + - "4IcgJriIWRxbJwKPpwJM+6wa6RpwoeJMuEp3ZBP7KDaQ8YX4rlf4zXLAsOKCNA9K\n" + - "OS/qYQ/I4g0E1WhfgEKClaLPS2u7jeVR6s1t4txGo4vq5Dkt17KTCew/WsX3rckf\n" + - "a2p5zvFcfpCNAgMBAAGjggEpMIIBJTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0OBBYE\n" + - "FAF8N1wV8EoYFkMXH6tEnmR/7vI+MB8GA1UdIwQYMBaAFNpDStD8AcBLv1gnjHbN\n" + - "CoHzlC70MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BggrBgEFBQcB\n" + - "AQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnNjYTJhLmFtYXpvbnRydXN0\n" + - "LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5zY2EyYS5hbWF6b250cnVzdC5j\n" + - "b20vc2NhMmEuY2VyMCgGA1UdEQQhMB+CHXJldm9rZWQuc2NhMmEuYW1hem9udHJ1\n" + - "c3QuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMA0GCSqGSIb3DQEBDAUAA4ICAQBC\n" + - "VwR1NFk1IYIF4cjU7ML1aj8OIn+8mtakGQnuSJLK6ypSysINJBS48ZDdP6XZXvyD\n" + - "iTS0xEAPjAZHTqrABdNYmvJeL2RnN99DIwVzBpZp4NLTXbiSW7jb0Y5cEPDGJMOo\n" + - "SUAAM6fsiPRfz5vX4XVPznbcF2AwE/NVV+L3n9LVRt7qv2VqIEvLioR56Dq+5ofR\n" + - "4bw0BVlEYWF4Gsy7WDDTL1iLNBUwZTqBHwTv0fgDRiPqb/odmLQuRANwcJy8B8Zr\n" + - "s/yX4SeESaRdA82lAlQilksQitXS2qvQN06GEDOgUxYE6EabFdgklV5JypKqdOly\n" + - "vzpaDpF3z5W8Bj3D4fns1Kjrh1pPh5JRvg+616diKnQRt4X5q+EtmnXhDvIGMISI\n" + - "FuGwj57CNQ2x2MY2HHKWPrOccpQfEEvoSNR+ntYWrtSSttZq948O+zZBk1TXWuXV\n" + - "TVXllqTg8lp6d5cfKgvtHKgt98WkpPOcLVrNuVnMAIfDw6ar54dVKqrvkeEcF6mJ\n" + - "7oMKjJX/Vu9lYoGViBIfdeqcCPWSI8BpnCKaG7dTQO3Q1ObGmLdGBRlsRh+d+S5l\n" + - "Fq326ckbjx537e5/ai31lOR7OwVh9TDweKLqIACjs987C0EJSEfoOue25WRww2va\n" + - "iX9SrTPm4GxQ2OJgYwx0+HbezJXFN+dhaOFUavTSFw==\n" + - "-----END CERTIFICATE-----"; - - public void runTest(ValidatePathWithParams pathValidator, boolean ocspEnabled) throws Exception { - // EE certificates don't have CRLDP extension - if (!ocspEnabled){ - pathValidator.validate(new String[]{INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - return; - } - - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, - "Mon Jan 28 15:38:57 PST 2019", System.out); - } -} - -class AmazonCA_3 { - - // Owner: CN=Amazon, OU=Server CA 3A, O=Amazon, C=US - // Issuer: CN=Amazon Root CA 3, O=Amazon, C=US - // Serial number: 67f945758fe55b9ee3f75831d47f07d226c8a - // Valid from: Wed Oct 21 17:00:00 PDT 2015 until: Sat Oct 18 17:00:00 PDT 2025 - private static final String INT = "-----BEGIN CERTIFICATE-----\n" + - "MIICuzCCAmGgAwIBAgITBn+UV1j+VbnuP3WDHUfwfSJsijAKBggqhkjOPQQDAjA5\n" + - "MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g\n" + - "Um9vdCBDQSAzMB4XDTE1MTAyMjAwMDAwMFoXDTI1MTAxOTAwMDAwMFowRjELMAkG\n" + - "A1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEVMBMGA1UECxMMU2VydmVyIENBIDNB\n" + - "MQ8wDQYDVQQDEwZBbWF6b24wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATYcYsK\n" + - "mYdR0Gj8Xz45E/lfcTTnXhg2EtAIYBIHyXv/ZQyyyCas1aptX/I5T1coT6XK181g\n" + - "nB8hADuKfWlNoIYRo4IBOTCCATUwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8B\n" + - "Af8EBAMCAYYwHQYDVR0OBBYEFATc4JXl6LlrlKHvjFsxHhN+VZfaMB8GA1UdIwQY\n" + - "MBaAFKu229cGnjesMIYHkXDHnMQZsXjAMHsGCCsGAQUFBwEBBG8wbTAvBggrBgEF\n" + - "BQcwAYYjaHR0cDovL29jc3Aucm9vdGNhMy5hbWF6b250cnVzdC5jb20wOgYIKwYB\n" + - "BQUHMAKGLmh0dHA6Ly9jcnQucm9vdGNhMy5hbWF6b250cnVzdC5jb20vcm9vdGNh\n" + - "My5jZXIwPwYDVR0fBDgwNjA0oDKgMIYuaHR0cDovL2NybC5yb290Y2EzLmFtYXpv\n" + - "bnRydXN0LmNvbS9yb290Y2EzLmNybDARBgNVHSAECjAIMAYGBFUdIAAwCgYIKoZI\n" + - "zj0EAwIDSAAwRQIgOl/vux0qfxNm05W3eofa9lKwz6oKvdu6g6Sc0UlwgRcCIQCS\n" + - "WSQ6F6JHLoeOWLyFFF658eNKEKbkEGMHz34gLX/N3g==\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=good.sca3a.amazontrust.com, O=Amazon Trust Services, L=Seattle, ST=Washington, C=US, \ - // SERIALNUMBER=5846743, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, \ - // OID.1.3.6.1.4.1.311.60.2.1.3=US - // Issuer: CN=Amazon, OU=Server CA 3A, O=Amazon, C=US - // Serial number: 703e4e9bbc2605f37967a0e95f31f4789a677 - // Valid from: Mon Jul 29 16:54:43 PDT 2019 until: Sat Aug 29 16:54:43 PDT 2020 - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIDhzCCAy2gAwIBAgITBwPk6bvCYF83lnoOlfMfR4mmdzAKBggqhkjOPQQDAjBG\n" + - "MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg\n" + - "Q0EgM0ExDzANBgNVBAMTBkFtYXpvbjAeFw0xOTA3MjkyMzU0NDNaFw0yMDA4Mjky\n" + - "MzU0NDNaMIHaMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwCAQIT\n" + - "CERlbGF3YXJlMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjEQMA4GA1UE\n" + - "BRMHNTg0Njc0MzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAO\n" + - "BgNVBAcTB1NlYXR0bGUxHjAcBgNVBAoTFUFtYXpvbiBUcnVzdCBTZXJ2aWNlczEj\n" + - "MCEGA1UEAxMaZ29vZC5zY2EzYS5hbWF6b250cnVzdC5jb20wWTATBgcqhkjOPQIB\n" + - "BggqhkjOPQMBBwNCAARl4yxf8XcvWR0LZ+YuBC0CpkwtU2NiMdlIM7eX0lxhQp53\n" + - "NpLlCrPRNzOWrjCJDdn21D0u7PrtN94UHLHOg9X0o4IBYzCCAV8wDgYDVR0PAQH/\n" + - "BAQDAgeAMB0GA1UdDgQWBBT2cHmOJFLWfg1Op7xAdAnqYcwaPzAfBgNVHSMEGDAW\n" + - "gBQE3OCV5ei5a5Sh74xbMR4TflWX2jAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB\n" + - "BQUHAwIwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5z\n" + - "Y2EzYS5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQuc2Nh\n" + - "M2EuYW1hem9udHJ1c3QuY29tL3NjYTNhLmNlcjAlBgNVHREEHjAcghpnb29kLnNj\n" + - "YTNhLmFtYXpvbnRydXN0LmNvbTBQBgNVHSAESTBHMA0GC2CGSAGG/W4BBxgDMDYG\n" + - "BWeBDAEBMC0wKwYIKwYBBQUHAgEWH2h0dHBzOi8vd3d3LmFtYXpvbnRydXN0LmNv\n" + - "bS9jcHMwCgYIKoZIzj0EAwIDSAAwRQIgURdcqJVr4PWNIkmWcSKmzgZ1i94hQpGe\n" + - "mWbE9osk4m0CIQDhxIguihwvDa5RsBwdM0aRDgGKLNHigGqJoKqgH0d2qg==\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=revoked.sca3a.amazontrust.com, O=Amazon Trust Services, L=Seattle, ST=Washington, C=US, \ - // SERIALNUMBER=5846743, OID.2.5.4.15=PrivateOrganization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, \ - // OID.1.3.6.1.4.1.311.60.2.1.3=US - // Issuer: CN=Amazon, OU=Server CA 3A, O=Amazon, C=US - // Serial number: 6f1d78cf0ca64ce7f551a6f2a0715cc0e8b50 - // Valid from: Mon Jan 28 15:40:01 PST 2019 until: Thu Apr 28 16:40:01 PDT 2022 - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIDTzCCAvWgAwIBAgITBvHXjPDKZM5/VRpvKgcVzA6LUDAKBggqhkjOPQQDAjBG\n" + - "MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg\n" + - "Q0EgM0ExDzANBgNVBAMTBkFtYXpvbjAeFw0xOTAxMjgyMzQwMDFaFw0yMjA0Mjgy\n" + - "MzQwMDFaMIHcMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwCAQIT\n" + - "CERlbGF3YXJlMRwwGgYDVQQPExNQcml2YXRlT3JnYW5pemF0aW9uMRAwDgYDVQQF\n" + - "Ewc1ODQ2NzQzMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4G\n" + - "A1UEBxMHU2VhdHRsZTEeMBwGA1UEChMVQW1hem9uIFRydXN0IFNlcnZpY2VzMSYw\n" + - "JAYDVQQDEx1yZXZva2VkLnNjYTNhLmFtYXpvbnRydXN0LmNvbTBZMBMGByqGSM49\n" + - "AgEGCCqGSM49AwEHA0IABJNl90Jq0wddpFj+JbLtmvGR/1geL5t1tvV406jGpYn2\n" + - "C5lAFjwASFy7pAnazZbfSkIDUU2i2XU0+7Cs+j1S/EOjggEpMIIBJTAOBgNVHQ8B\n" + - "Af8EBAMCB4AwHQYDVR0OBBYEFPhX3dYays5Sps0xTgouLkZzYLg4MB8GA1UdIwQY\n" + - "MBaAFATc4JXl6LlrlKHvjFsxHhN+VZfaMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr\n" + - "BgEFBQcDAjB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3Nw\n" + - "LnNjYTNhLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5z\n" + - "Y2EzYS5hbWF6b250cnVzdC5jb20vc2NhM2EuY2VyMCgGA1UdEQQhMB+CHXJldm9r\n" + - "ZWQuc2NhM2EuYW1hem9udHJ1c3QuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMAoG\n" + - "CCqGSM49BAMCA0gAMEUCICLb16/50S4fOAFafi5lagdx7q6EDPPm596g19eQDMXk\n" + - "AiEAksCMLypRB4t30FABlsEjhVCBIxay0iIer2OcCIrhfEI=\n" + - "-----END CERTIFICATE-----"; - - public void runTest(ValidatePathWithParams pathValidator, boolean ocspEnabled) throws Exception { - // EE certificates don't have CRLDP extension - if (!ocspEnabled){ - pathValidator.validate(new String[]{INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - return; - } - - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, - "Mon Jan 28 15:40:35 PST 2019", System.out); - } -} - -class AmazonCA_4 { - - // Owner: CN=Amazon, OU=Server CA 4A, O=Amazon, C=US - // Issuer: CN=Amazon Root CA 4, O=Amazon, C=US - // Serial number: 67f94575a8862a9072e3239c37ceba1274e18 - // Valid from: Wed Oct 21 17:00:00 PDT 2015 until: Sat Oct 18 17:00:00 PDT 2025 - private static final String INT = "-----BEGIN CERTIFICATE-----\n" + - "MIIC+TCCAn6gAwIBAgITBn+UV1qIYqkHLjI5w3zroSdOGDAKBggqhkjOPQQDAzA5\n" + - "MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g\n" + - "Um9vdCBDQSA0MB4XDTE1MTAyMjAwMDAwMFoXDTI1MTAxOTAwMDAwMFowRjELMAkG\n" + - "A1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEVMBMGA1UECxMMU2VydmVyIENBIDRB\n" + - "MQ8wDQYDVQQDEwZBbWF6b24wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASRP0kIW0Ha\n" + - "7+ORvEVhIS5gIgkH66X5W9vBRTX14oG/1elIyI6LbFZ+E5KAufL0XoWJGI1WbPRm\n" + - "HW246FKSzF0wOEZZyxEROz6tuaVsnXRHRE76roS/Wr064uJpKH+Lv+SjggE5MIIB\n" + - "NTASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQU\n" + - "pSHN2+tTIZmqytlnQpQlsnv0wuMwHwYDVR0jBBgwFoAU0+zHOmVuzOHadppW+5zz\n" + - "hm1X5YEwewYIKwYBBQUHAQEEbzBtMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5y\n" + - "b290Y2E0LmFtYXpvbnRydXN0LmNvbTA6BggrBgEFBQcwAoYuaHR0cDovL2NydC5y\n" + - "b290Y2E0LmFtYXpvbnRydXN0LmNvbS9yb290Y2E0LmNlcjA/BgNVHR8EODA2MDSg\n" + - "MqAwhi5odHRwOi8vY3JsLnJvb3RjYTQuYW1hem9udHJ1c3QuY29tL3Jvb3RjYTQu\n" + - "Y3JsMBEGA1UdIAQKMAgwBgYEVR0gADAKBggqhkjOPQQDAwNpADBmAjEA59RAOBaj\n" + - "uh0rT/OOTWPEv6TBnb9XEadburBaXb8SSrR8il+NdkfS9WXRAzbwrG7LAjEA3ukD\n" + - "1HrQq+WXHBM5sIuViJI/Zh7MOjsc159Q+dn36PBqLRq03AXqE/lRjnv8C5nj\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=good.sca4a.amazontrust.com, O=Amazon Trust Services, L=Seattle, ST=Washington, C=US, \ - // SERIALNUMBER=5846743, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, \ - // OID.1.3.6.1.4.1.311.60.2.1.3=US - // Issuer: CN=Amazon, OU=Server CA 4A, O=Amazon, C=US - // Serial number: 703e4ec57c72d5669efbc98875c3f6bc3f934 - // Valid from: Mon Jul 29 16:55:17 PDT 2019 until: Sat Aug 29 16:55:17 PDT 2020 - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIDxTCCA0qgAwIBAgITBwPk7FfHLVZp77yYh1w/a8P5NDAKBggqhkjOPQQDAzBG\n" + - "MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg\n" + - "Q0EgNEExDzANBgNVBAMTBkFtYXpvbjAeFw0xOTA3MjkyMzU1MTdaFw0yMDA4Mjky\n" + - "MzU1MTdaMIHaMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwCAQIT\n" + - "CERlbGF3YXJlMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjEQMA4GA1UE\n" + - "BRMHNTg0Njc0MzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAO\n" + - "BgNVBAcTB1NlYXR0bGUxHjAcBgNVBAoTFUFtYXpvbiBUcnVzdCBTZXJ2aWNlczEj\n" + - "MCEGA1UEAxMaZ29vZC5zY2E0YS5hbWF6b250cnVzdC5jb20wdjAQBgcqhkjOPQIB\n" + - "BgUrgQQAIgNiAAS9fqMYfOBsdXMSsPjqOlTgIGOlOQWA7Wg6XwVvHTr0+UN+XTeC\n" + - "yZN+XjLbEDQ0CF5eryRZ535sDpwh3qNe0lYFO1n1+2iDtDI1jhhLNYNxBpVnR2BU\n" + - "2l9EuRmgRbQpDCajggFjMIIBXzAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0OBBYEFMd0\n" + - "itH5IcE6DpM1uTSBV/6DLmK7MB8GA1UdIwQYMBaAFKUhzdvrUyGZqsrZZ0KUJbJ7\n" + - "9MLjMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BggrBgEFBQcBAQRp\n" + - "MGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnNjYTRhLmFtYXpvbnRydXN0LmNv\n" + - "bTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5zY2E0YS5hbWF6b250cnVzdC5jb20v\n" + - "c2NhNGEuY2VyMCUGA1UdEQQeMByCGmdvb2Quc2NhNGEuYW1hem9udHJ1c3QuY29t\n" + - "MFAGA1UdIARJMEcwDQYLYIZIAYb9bgEHGAMwNgYFZ4EMAQEwLTArBggrBgEFBQcC\n" + - "ARYfaHR0cHM6Ly93d3cuYW1hem9udHJ1c3QuY29tL2NwczAKBggqhkjOPQQDAwNp\n" + - "ADBmAjEA2RBD1F+rnm394VkqA3ncysM3deoyfWqaoAO5923MNisswPnHfVqnfeXf\n" + - "ZwTAvVTBAjEAiiaPx9GRjEk8IBKvCSbTp9rPogVTN7zDDQGrwA83O0pRP7A0dxtT\n" + - "pn/0K5Sj8otp\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=revoked.sca4a.amazontrust.com, O=Amazon Trust Services, L=Seattle, ST=Washington, C=US, \ - // SERIALNUMBER=5846743, OID.2.5.4.15=PrivateOrganization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, \ - // OID.1.3.6.1.4.1.311.60.2.1.3=US - // Issuer: CN=Amazon, OU=Server CA 4A, O=Amazon, C=US - // Serial number: 6f1d79295c384a699d51c2d756bd46213b5b3 - // Valid from: Mon Jan 28 15:41:16 PST 2019 until: Thu Apr 28 16:41:16 PDT 2022 - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIDjTCCAxKgAwIBAgITBvHXkpXDhKaZ1RwtdWvUYhO1szAKBggqhkjOPQQDAzBG\n" + - "MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg\n" + - "Q0EgNEExDzANBgNVBAMTBkFtYXpvbjAeFw0xOTAxMjgyMzQxMTZaFw0yMjA0Mjgy\n" + - "MzQxMTZaMIHcMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwCAQIT\n" + - "CERlbGF3YXJlMRwwGgYDVQQPExNQcml2YXRlT3JnYW5pemF0aW9uMRAwDgYDVQQF\n" + - "Ewc1ODQ2NzQzMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4G\n" + - "A1UEBxMHU2VhdHRsZTEeMBwGA1UEChMVQW1hem9uIFRydXN0IFNlcnZpY2VzMSYw\n" + - "JAYDVQQDEx1yZXZva2VkLnNjYTRhLmFtYXpvbnRydXN0LmNvbTB2MBAGByqGSM49\n" + - "AgEGBSuBBAAiA2IABLuNpZTcNU3FElNP3Y/OeXIZcIMXkFTBi/n92fNwHfqUbEhH\n" + - "H+PovJ26eAGvb5a8bGc275MBFcVnWL0rCVgM+j9KAtBDCRJX3f7mo0D2VKcmtZKu\n" + - "jPxwGPy2kuqM505dGqOCASkwggElMA4GA1UdDwEB/wQEAwIHgDAdBgNVHQ4EFgQU\n" + - "zUFIhn+hphzCKA2qgAdLztSBzJgwHwYDVR0jBBgwFoAUpSHN2+tTIZmqytlnQpQl\n" + - "snv0wuMwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHUGCCsGAQUFBwEB\n" + - "BGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3Auc2NhNGEuYW1hem9udHJ1c3Qu\n" + - "Y29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnNjYTRhLmFtYXpvbnRydXN0LmNv\n" + - "bS9zY2E0YS5jZXIwKAYDVR0RBCEwH4IdcmV2b2tlZC5zY2E0YS5hbWF6b250cnVz\n" + - "dC5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEwCgYIKoZIzj0EAwMDaQAwZgIxALDA\n" + - "klY3iKwyzwpwVtLfLxzQEl45xvE2VjBJvfJJ60KhJt7Ud0gt0zxkogh29+mpEQIx\n" + - "ANTG1mk8OJB41DU7ru1Pwc6ju8STw1FdwDp/Eliqhvnm2i0k4/F1bBHLta2mlC2V\n" + - "hg==\n" + - "-----END CERTIFICATE-----"; - - public void runTest(ValidatePathWithParams pathValidator, boolean ocspEnabled) throws Exception { - // EE certificates don't have CRLDP extension - if (!ocspEnabled){ - pathValidator.validate(new String[]{INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - return; - } - - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, - "Mon Jan 28 15:41:53 PST 2019", System.out); - } -} diff --git a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/BuypassCA.java b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/BuypassCA.java deleted file mode 100644 index 9ad20271bec..00000000000 --- a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/BuypassCA.java +++ /dev/null @@ -1,330 +0,0 @@ -/* - * Copyright (c) 2017, 2021, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - - /* - * @test - * @bug 8189131 - * @summary Interoperability tests with Buypass Class 2 and Class 3 CA - * @build ValidatePathWithParams - * @run main/othervm/timeout=180 -Djava.security.debug=certpath BuypassCA OCSP - * @run main/othervm/timeout=180 -Djava.security.debug=certpath BuypassCA CRL - */ - - /* - * Obtain test artifacts for Buypass Class 2 and Class 3 CAs from: - * Buypass Class 3 CA 2 - * https://valid.qcevident.ca23.ssl.buypass.no/ - * https://revoked.qcevident.ca23.ssl.buypass.no/ - * https://expired.qcevident.ca23.ssl.buypass.no/ - * https://valid.evident.ca23.ssl.buypass.no/ - * https://revoked.evident.ca23.ssl.buypass.no/ - * https://expired.evident.ca23.ssl.buypass.no/ - * https://valid.businessplus.ca23.ssl.buypass.no - * https://revoked.businessplus.ca23.ssl.buypass.no - * https://expired.businessplus.ca23.ssl.buypass.no - - * Buypass Class 2 CA 2 - * https://valid.business.ca22.ssl.buypass.no - * https://revoked.business.ca22.ssl.buypass.no - * https://expired.business.ca22.ssl.buypass.no - * https://valid.domain.ca22.ssl.buypass.no - * https://revoked.domain.ca22.ssl.buypass.no - * https://expired.domain.ca22.ssl.buypass.no/ - */ -public class BuypassCA { - - public static void main(String[] args) throws Exception { - - ValidatePathWithParams pathValidator = new ValidatePathWithParams(null); - - if (args.length >= 1 && "CRL".equalsIgnoreCase(args[0])) { - pathValidator.enableCRLCheck(); - } else { - // OCSP check by default - pathValidator.enableOCSPCheck(); - } - - new BuypassClass2().runTest(pathValidator); - new BuypassClass3().runTest(pathValidator); - } -} - -class BuypassClass2 { - - // Owner: CN=Buypass Class 2 CA 2, O=Buypass AS-983163327, C=NO - // Issuer: CN=Buypass Class 2 Root CA, O=Buypass AS-983163327, C=NO - // Serial number: 1b781c6d5e34ce1f77 - // Valid from: Mon Mar 25 05:17:10 PDT 2019 until: Sat Oct 26 02:16:17 PDT 2030 - private static final String INT_CLASS_2 = "-----BEGIN CERTIFICATE-----\n" + - "MIIFKTCCAxGgAwIBAgIJG3gcbV40zh93MA0GCSqGSIb3DQEBCwUAME4xCzAJBgNV\n" + - "BAYTAk5PMR0wGwYDVQQKDBRCdXlwYXNzIEFTLTk4MzE2MzMyNzEgMB4GA1UEAwwX\n" + - "QnV5cGFzcyBDbGFzcyAyIFJvb3QgQ0EwHhcNMTkwMzI1MTIxNzEwWhcNMzAxMDI2\n" + - "MDkxNjE3WjBLMQswCQYDVQQGEwJOTzEdMBsGA1UECgwUQnV5cGFzcyBBUy05ODMx\n" + - "NjMzMjcxHTAbBgNVBAMMFEJ1eXBhc3MgQ2xhc3MgMiBDQSAyMIIBIjANBgkqhkiG\n" + - "9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKtnxpZLDQ+R0uzKzDMr83L8Dn+5ToSpD31z\n" + - "qiYMykj7I2geNQ7javKsBOzhgeVr7GP4yJ5bK/P0dhoKesYvQITihfwztbMP6DyH\n" + - "q1QJLQBqQnF0Lk8GhxSSNAZnlkCgX3aazoL32p9BeEfHuUE/8BlPywJY/RyE5/39\n" + - "w3EKmWylhUkeRCMo3dUZr4khJq8JwGp/feKFs9n5FouM5PGhpFpZO+WQXEeqxpnc\n" + - "CxbvWpInBoTnmX3+ofjm+fmY+sdAnyHkuOBBw3koGbFQygDaJP9VItOGByCX4iSV\n" + - "ty/2uzppowIkf7Mpu5v5HJGKObLMP1gGv5lNqjAe8mz0bn25kwIDAQABo4IBCzCC\n" + - "AQcwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBTJgHfgYpKC9Uac87r3TMPe\n" + - "uKOtOTAdBgNVHQ4EFgQUkq1libIAD8tRDcEj7JROj8EEP3cwDgYDVR0PAQH/BAQD\n" + - "AgEGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjARBgNVHSAECjAIMAYG\n" + - "BFUdIAAwPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL2NybC5idXlwYXNzLm5vL2Ny\n" + - "bC9CUENsYXNzMlJvb3RDQS5jcmwwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzAB\n" + - "hhdodHRwOi8vb2NzcC5idXlwYXNzLmNvbTANBgkqhkiG9w0BAQsFAAOCAgEApNka\n" + - "48a+qhJXXS9R24p34CWnirlyxPMhxFfQyvPFXnwBQGHvrm7H5KY3/9/etShFXdY/\n" + - "N05Aq6UnE8my8jR4iHMm2e9iEf4v+O2E2JGH/5/H8wup160GBAsp4zAmJIT8KEgh\n" + - "YAA1j+NaClVryZfEaaDfAdF6LbU3cW0ZgooILPMeeCEXso23KsdCD1Q+SMvD6nQJ\n" + - "86iTvzWPY2GFJyEmvG/N2f29nBaHxWwZBwCfWB4Hqsw9wdKfY5M9SE/AGSLZ7LRM\n" + - "BmkkF9nqkWxxISadx12nbxn0LsU2k8Xyt830DqhHGSoYHEC/iGxbU4Bub8NC0uw/\n" + - "QNBj5Gd5cXLFhRUWLLBTq4p6P6kLc7JudpM4FNQ+stWK/eDZylbDLN3iCBRnHH4p\n" + - "qg6HAlWuieiAKVsidBMxPUyDLJ/8Dt+aW8Z3vCNcYC2n7wqrLZz5e4FG+Wn9teFW\n" + - "Rt5pO6ZUZAkDS59ZVojbbjOdQzNw3QHtZl0IMHeNYXJlPIUlHi4hGL3maGZ9sBF+\n" + - "AMfMLDu56+J2DewIuTXPzCeJeSTam/ybNt5FxTznxCSCIDqwmZMy3AQEz9nGSbE8\n" + - "zfwB5VT2ijLB0PpPX4YbLf33Vodf0NAkBUv6N5It30XiTUPhdk+caBYPoljz/J9U\n" + - "15T5+EGHs8ccHQWyYQ6gqYk8o4JgP4rSJqO1sMI=\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=valid.domain.ca22.ssl.buypass.no - // Issuer: CN=Buypass Class 2 CA 2, O=Buypass AS-983163327, C=NO - // Serial number: 34e2bff8063debd18d79 - // Valid from: Mon Sep 23 04:12:34 PDT 2019 until: Mon Oct 11 14:59:00 PDT 2021 - private static final String VALID_CLASS_2 = "-----BEGIN CERTIFICATE-----\n" + - "MIIF8jCCBNqgAwIBAgIKNOK/+AY969GNeTANBgkqhkiG9w0BAQsFADBLMQswCQYD\n" + - "VQQGEwJOTzEdMBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxHTAbBgNVBAMM\n" + - "FEJ1eXBhc3MgQ2xhc3MgMiBDQSAyMB4XDTE5MDkyMzExMTIzNFoXDTIxMTAxMTIx\n" + - "NTkwMFowKzEpMCcGA1UEAwwgdmFsaWQuZG9tYWluLmNhMjIuc3NsLmJ1eXBhc3Mu\n" + - "bm8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeu/8j7y55R3OucDek\n" + - "gtdoVOEJQb2XaCR4OwiRzn74hLYhKGdFmFwSp+bPCT62NzjdK1urVeKrCQdC1Gkm\n" + - "e7iSOsHHO5aC8oxkgdv8mwEwwvH7xHCcpEVLDlE5Oc0d4cS4QIwFAhNIC77slixL\n" + - "fEdupc5e8FfQf3MlnhX+8gpgRzTx3iw8sb3gUwi3+7PRommHOhC7Ll+iI9LiLODJ\n" + - "qrkHnCbM2HJMK+SGTOQ/whiQwMCnkLaEG0WO1rYc4BGRGfFb8qmQWw/tDKkEey7X\n" + - "nLIFHSC33OiexQshAwRIAE7r1h9gMY1aAAB2Uxwi9/3l6fsd/VPmK7s7lYTBsrpK\n" + - "r4bTAgMBAAGjggL2MIIC8jAJBgNVHRMEAjAAMB8GA1UdIwQYMBaAFJKtZYmyAA/L\n" + - "UQ3BI+yUTo/BBD93MB0GA1UdDgQWBBSy+COaEmU2/BeF4g1OglFvAEYkIDAOBgNV\n" + - "HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB8GA1Ud\n" + - "IAQYMBYwCgYIYIRCARoBAgQwCAYGZ4EMAQIBMDoGA1UdHwQzMDEwL6AtoCuGKWh0\n" + - "dHA6Ly9jcmwuYnV5cGFzcy5uby9jcmwvQlBDbGFzczJDQTIuY3JsMCsGA1UdEQQk\n" + - "MCKCIHZhbGlkLmRvbWFpbi5jYTIyLnNzbC5idXlwYXNzLm5vMGoGCCsGAQUFBwEB\n" + - "BF4wXDAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuYnV5cGFzcy5jb20wNQYIKwYB\n" + - "BQUHMAKGKWh0dHA6Ly9jcnQuYnV5cGFzcy5uby9jcnQvQlBDbGFzczJDQTIuY2Vy\n" + - "MIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdwC72d+8H4pxtZOUI5eqkntHOFeV\n" + - "CqtS6BqQlmQ2jh7RhQAAAW1d0tivAAAEAwBIMEYCIQDFRAH98gYpvMMTVa3d5Wcq\n" + - "0tOwpZZyUHiOjUlR3SD14QIhAKZp0cdwFpm+hh0taFVSTmluGsHmXPMCIQq9hLAB\n" + - "VYgyAHYApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFtXdLbFwAA\n" + - "BAMARzBFAiBhr7KQc9yO3zb1iLlE0JW9whR0/bhrPDkk5BYnBKjzFAIhAMMTdHfk\n" + - "1ljso5jKzIUcBpSW0HnTcuKiB3VxGpL7GFVWAHUAb1N2rDHwMRnYmQCkURX/dxUc\n" + - "EdkCwQApBo2yCJo32RMAAAFtXdLYSAAABAMARjBEAiADoZr6Cp5AGM1eT2aUeRaQ\n" + - "kv0vRaegjRGIhKRCvRGyFAIgWLU/7zh28LI8vAyWr8mpDqlUXvF13i3zSD3whq4L\n" + - "Lu4wDQYJKoZIhvcNAQELBQADggEBAJH1RhTuMbhEOYlw+Efbx7PP7EEC/GQ1ijET\n" + - "vZS45jFQyTKhFUcdP2QPAtEVo1nS8PBs0txQJBf0xceWUjer9ruxiAS+JlW21AOi\n" + - "Uq9Kahpj5k63Z7tN8KTeOUE8wZGmHyvVcPP6mkC94RbjYIb4gd13eYxd2Vv1a7YX\n" + - "dNI+J3g7sX5ijssfJxzDd0hORj2584YY2WiKKvIGxwDnLkxk09i3IvjEKsAi4Cgn\n" + - "5798X5sSL1Q9C6gHEWt+cB5UtfILCfbLNRczS9zGku6gjh1c8dB7zc63mn7oCf1C\n" + - "gnQ2xqwbZb3Wau8CPwcMqJWgQZLQFPbZd+4Xo5SDDqYppV4oN2A=\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=revoked.domain.ca22.ssl.buypass.no - // Issuer: CN=Buypass Class 2 CA 2, O=Buypass AS-983163327, C=NO - // Serial number: 34e4b97261795f98c495 - // Valid from: Mon Sep 23 04:52:42 PDT 2019 until: Thu Sep 23 14:59:00 PDT 2021 - private static final String REVOKED_CLASS_2 = "-----BEGIN CERTIFICATE-----\n" + - "MIIF9zCCBN+gAwIBAgIKNOS5cmF5X5jElTANBgkqhkiG9w0BAQsFADBLMQswCQYD\n" + - "VQQGEwJOTzEdMBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxHTAbBgNVBAMM\n" + - "FEJ1eXBhc3MgQ2xhc3MgMiBDQSAyMB4XDTE5MDkyMzExNTI0MloXDTIxMDkyMzIx\n" + - "NTkwMFowLTErMCkGA1UEAwwicmV2b2tlZC5kb21haW4uY2EyMi5zc2wuYnV5cGFz\n" + - "cy5ubzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOiChajGbQktGjbl\n" + - "k/i5PtqfMN6cMyjJdOirxzXdUG8dT+QErC5zcElCwuyy5MH7DQJRbSYsPxQmr6z5\n" + - "OSheBxX0lPPLjJFfEafBZ+Fw1xmCVy3Xjt3GEl85iqv5y0/E/UlQPc0f7s6WxU0L\n" + - "cItkyN0rWAa+uQY018qDFn+gDYIKWPzTCf5nkXIgob/IgBM1Bj7vSZ/LI1iB+I+G\n" + - "dgLbSGBlJgK6lhCTc1tunZlSbKdPM2Th8Hbl6Uk7WormR/8SrGQA9AAd7BWa43V5\n" + - "HHvf/oArsx0afp3zXNiMw9RgHVHI5uUAzkNnL8NMUpI1sK7/ndTlm0nXsHpPKrPo\n" + - "e+NpKaMCAwEAAaOCAvkwggL1MAkGA1UdEwQCMAAwHwYDVR0jBBgwFoAUkq1libIA\n" + - "D8tRDcEj7JROj8EEP3cwHQYDVR0OBBYEFDoBaIahoDhRhA3WVyT/XukqZzmAMA4G\n" + - "A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHwYD\n" + - "VR0gBBgwFjAKBghghEIBGgECBDAIBgZngQwBAgEwOgYDVR0fBDMwMTAvoC2gK4Yp\n" + - "aHR0cDovL2NybC5idXlwYXNzLm5vL2NybC9CUENsYXNzMkNBMi5jcmwwLQYDVR0R\n" + - "BCYwJIIicmV2b2tlZC5kb21haW4uY2EyMi5zc2wuYnV5cGFzcy5ubzBqBggrBgEF\n" + - "BQcBAQReMFwwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmJ1eXBhc3MuY29tMDUG\n" + - "CCsGAQUFBzAChilodHRwOi8vY3J0LmJ1eXBhc3Mubm8vY3J0L0JQQ2xhc3MyQ0Ey\n" + - "LmNlcjCCAX8GCisGAQQB1nkCBAIEggFvBIIBawFpAHYAu9nfvB+KcbWTlCOXqpJ7\n" + - "RzhXlQqrUugakJZkNo4e0YUAAAFtXfeApgAABAMARzBFAiARoEDgK57YWEW2R21d\n" + - "jFMphF5c9PypIwbZFHiWxdyCyAIhALsjjtPGgcrT/7KebYFPuKDyQO6rc8YYvm0z\n" + - "Q+Xt7NhxAHYApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFtXfeD\n" + - "eQAABAMARzBFAiBCXKlCGkqa85QVqMR5dYDDz3F5aQgLXPubrQLX7cAZ0wIhALRr\n" + - "p8F6OfIdccSUhzEcNdtensQ/7zxgn81bUzn1ar9EAHcAb1N2rDHwMRnYmQCkURX/\n" + - "dxUcEdkCwQApBo2yCJo32RMAAAFtXfeBSQAABAMASDBGAiEAyrR31T85HGekHZdD\n" + - "r/m6flxqQaUIGcAJ5WcrBuIBuYkCIQD0rDdm+vM5/lNXIfjjrPLhATFEvrxpXJvu\n" + - "+sW4Ntm94jANBgkqhkiG9w0BAQsFAAOCAQEAjbMEFeNXFy3YQSr8O0+fY7qwaAzk\n" + - "vq65Ef/B2zvqO375+JI21grUikmFUnDiAaM8Y+8PJkOXDiuxR2/XCLsXpxCcPqQh\n" + - "V0MZlqXtjKZjBACILBX7aqGibojJTIlo0Dkd+LfPwswfXscTbb1CUXpUPn7CiUj5\n" + - "0WwfvjjQXny0NAB6WEkBMEBx6/Q75dvltoV9N1BZVer9hov6UTDuSad86faX2QF2\n" + - "aIEjrTJY3m2HqnIYf/lQxuDUDW0h7ddGGsIEBDM8z7M/rvT068ssRqJ8uecGjMaz\n" + - "JElX8VDgMux2kyjTAiAFD5QO+KTfySri9QXptik3wo66zDOmkVES1snvVQ==\n" + - "-----END CERTIFICATE-----"; - - public void runTest(ValidatePathWithParams pathValidator) throws Exception { - // Validate valid - pathValidator.validate(new String[]{VALID_CLASS_2, INT_CLASS_2}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED_CLASS_2, INT_CLASS_2}, - ValidatePathWithParams.Status.REVOKED, - "Mon Sep 23 04:53:18 PDT 2019", System.out); - } -} - -class BuypassClass3 { - - // Owner: CN=Buypass Class 3 CA 2, O=Buypass AS-983163327, C=NO - // Issuer: CN=Buypass Class 3 Root CA, O=Buypass AS-983163327, C=NO - // Serial number: 1be0dc6a3e7f220475 - // Valid from: Mon Mar 25 05:12:16 PDT 2019 until: Sat Oct 26 01:16:17 PDT 2030 - private static final String INT_CLASS_3 = "-----BEGIN CERTIFICATE-----\n" + - "MIIFKTCCAxGgAwIBAgIJG+Dcaj5/IgR1MA0GCSqGSIb3DQEBCwUAME4xCzAJBgNV\n" + - "BAYTAk5PMR0wGwYDVQQKDBRCdXlwYXNzIEFTLTk4MzE2MzMyNzEgMB4GA1UEAwwX\n" + - "QnV5cGFzcyBDbGFzcyAzIFJvb3QgQ0EwHhcNMTkwMzI1MTIxMjE2WhcNMzAxMDI2\n" + - "MDgxNjE3WjBLMQswCQYDVQQGEwJOTzEdMBsGA1UECgwUQnV5cGFzcyBBUy05ODMx\n" + - "NjMzMjcxHTAbBgNVBAMMFEJ1eXBhc3MgQ2xhc3MgMyBDQSAyMIIBIjANBgkqhkiG\n" + - "9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvU4V2hRFFe4K7BMEmm4IoMTwS7NyDQB4JEar\n" + - "dV1qBsKHIIQJDm9hbCakcLIWXVv6vYrJZ1AEF0b6awBwhhlqXlyNnOtNa9uR+IAP\n" + - "86d4yOGpgHSlNAhdtOOk9Qw6MUzzBo1lyoYmoL0f5n02SMrlMcArSg458o08eDUx\n" + - "4iZs4dXDR9Hjxac2s+mdAO35Js8VK/D50AIMDJvHVeCMw+rumZkNZuRqM7PjIK+u\n" + - "BmbqO8A95PeqQEWHvM5nchlV1+ZGNVqHHSJenlMnVKytGv+4KJp7U741H/9cMbd2\n" + - "X2PXsewWWFhGXoS8R9VXQ5xb3hF6324FQXvcA1mXRv6DAJedXQIDAQABo4IBCzCC\n" + - "AQcwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBRHuM3/5W/u+LLsL04O+SWw\n" + - "jjxrwzAdBgNVHQ4EFgQUIjAu0vv2S8rAuDvSBMTpcuaXmwwwDgYDVR0PAQH/BAQD\n" + - "AgEGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjARBgNVHSAECjAIMAYG\n" + - "BFUdIAAwPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL2NybC5idXlwYXNzLm5vL2Ny\n" + - "bC9CUENsYXNzM1Jvb3RDQS5jcmwwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzAB\n" + - "hhdodHRwOi8vb2NzcC5idXlwYXNzLmNvbTANBgkqhkiG9w0BAQsFAAOCAgEAo42Y\n" + - "fp96nUiZbZsqvYBID3Sqtx3jJfU8gNHFeXgkS0pxYHHYUwsVSVRjw+BGVEGUswpF\n" + - "MaYMCZD37ZL0JpvvXWrCDaMb/GqDJAQHLLTyVKPGGGIWCZH/FrhnNvcpt2XXA8lU\n" + - "Ujzp5nZPuqvenzQ/aXHI4sH5sN/QjyKVMSa/6RbWBeQmvIdgyM+0jIR5/r6UGiKM\n" + - "ar55trZgnlIbvQJ/w8QTmI/NwvA5CtRaOslQBxeKoAR0BuA/lRWnocXa/BM5uO6P\n" + - "ULL7ct/uI1bS+YThHXHmFybI6kDf+RhRzWY9165ZP96PBph6smQkxPDAz2b8v+mh\n" + - "LThH+5hkqnoetYfK2MdBYinceGPP3gZ+uBSDDI2o6vdVvdg7G96GP1OEtgTEqZa3\n" + - "glVafckpn/8F5CisypdQuZ5zyy/6SXZCKkPcikR87ysSKnjtteXbxMWVtwkeBALT\n" + - "K7DbJA+5aOCYRNj6CJGULQKiGlC01/ipORKewf5J3yus81lLHzBmgQMA5l9RL8rV\n" + - "6dI246mPpQ+8WDLsDrK3ydSDv5izgdVHzhL0tT2u4vwSq2WUqCgi4xLIA1N/fA2H\n" + - "xEW7zh0X/3YVz++g/6bd7iqRD9nRRZxACekRbza7AqU5xN1UjvVtCJQ9VC74K9KP\n" + - "pBoLWE2Bz5ksL9VUc4kS+WGORvZrSE1EpBq6cHc=\n" + - "-----END CERTIFICATE-----"; - - // Owner: SERIALNUMBER=983163327, CN=valid.businessplus.ca23.ssl.buypass.no, O=BUYPASS AS, - // L=OSLO, OID.2.5.4.17=0484, C=NO - // Issuer: CN=Buypass Class 3 CA 2, O=Buypass AS-983163327, C=NO - // Serial number: 267b7a9f0c3da9b94b39 - // Valid from: Mon Sep 23 04:17:42 PDT 2019 until: Mon Oct 11 14:59:00 PDT 2021 - private static final String VALID_CLASS_3 = "-----BEGIN CERTIFICATE-----\n" + - "MIIGUTCCBTmgAwIBAgIKJnt6nww9qblLOTANBgkqhkiG9w0BAQsFADBLMQswCQYD\n" + - "VQQGEwJOTzEdMBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxHTAbBgNVBAMM\n" + - "FEJ1eXBhc3MgQ2xhc3MgMyBDQSAyMB4XDTE5MDkyMzExMTc0MloXDTIxMTAxMTIx\n" + - "NTkwMFowgYUxCzAJBgNVBAYTAk5PMQ0wCwYDVQQRDAQwNDg0MQ0wCwYDVQQHDARP\n" + - "U0xPMRMwEQYDVQQKDApCVVlQQVNTIEFTMS8wLQYDVQQDDCZ2YWxpZC5idXNpbmVz\n" + - "c3BsdXMuY2EyMy5zc2wuYnV5cGFzcy5ubzESMBAGA1UEBRMJOTgzMTYzMzI3MIIB\n" + - "IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqj6dPVIQUULBV/S+u2/Rfko\n" + - "3BljX/KMEAclJHPu6AbJ2Dw5oLqCynOfTwLmGl3IRBQuDUAuoLdaptIhaXR2VTsF\n" + - "8SWdHNXkykC2eD0XkAUdTuKgRm/3U4f0T3XQsjwKOEQGECwGEWJekBL73retSRWe\n" + - "Ccc19NpSKZ5rmRnQSlKLfqUyihmw2xXmIWwEmBq0OOyG8ic3C11Zxh6yUOtlZJqB\n" + - "lWqbAAOK5SXTNV0qozwgkSvtAtJvUo2++rng35Oj8MvjKQjLi92NnSpjbj3rUivW\n" + - "++44X94IgoF9dITkSMnubXhaTLnciM08R8jmCFj877NRrVJRmcJhPfP1yHnR3wID\n" + - "AQABo4IC+jCCAvYwCQYDVR0TBAIwADAfBgNVHSMEGDAWgBQiMC7S+/ZLysC4O9IE\n" + - "xOly5pebDDAdBgNVHQ4EFgQUKJCKAxRR7K6pedVONDSn58EOzQcwDgYDVR0PAQH/\n" + - "BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAfBgNVHSAEGDAW\n" + - "MAoGCGCEQgEaAQMEMAgGBmeBDAECAjA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8v\n" + - "Y3JsLmJ1eXBhc3Mubm8vY3JsL0JQQ2xhc3MzQ0EyLmNybDAxBgNVHREEKjAogiZ2\n" + - "YWxpZC5idXNpbmVzc3BsdXMuY2EyMy5zc2wuYnV5cGFzcy5ubzBqBggrBgEFBQcB\n" + - "AQReMFwwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmJ1eXBhc3MuY29tMDUGCCsG\n" + - "AQUFBzAChilodHRwOi8vY3J0LmJ1eXBhc3Mubm8vY3J0L0JQQ2xhc3MzQ0EyLmNl\n" + - "cjCCAXwGCisGAQQB1nkCBAIEggFsBIIBaAFmAHYAu9nfvB+KcbWTlCOXqpJ7RzhX\n" + - "lQqrUugakJZkNo4e0YUAAAFtXdd3CgAABAMARzBFAiEA/pTOtw6i2DJS0R56KwVF\n" + - "Huy+LonG7bICWAe1vnCNud4CIE7/KRDu9Jys24rtmLz9yCNYJfZDvooK5PT9+rWR\n" + - "OC4+AHUApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFtXdd54gAA\n" + - "BAMARjBEAiB09qp4sGA+Kxg823hea3ZyTV7mU1ZQ9j9fqqX8KZ1mpwIgUICM2H0Y\n" + - "8z+V9m+6SutZ5WTD+Arg3K8O6/dvyKu0QmEAdQBvU3asMfAxGdiZAKRRFf93FRwR\n" + - "2QLBACkGjbIImjfZEwAAAW1d13cSAAAEAwBGMEQCIFLqxvNOKVFlTjHPXwk93VeW\n" + - "zCqFtcxJkunD/iiv0Kn9AiBoyvUrjYn4MPTht9zb0OyaSMWb00/HXP/4AVmUzHrz\n" + - "YzANBgkqhkiG9w0BAQsFAAOCAQEAsmQAOn1f1CbvnOpggS2efmy1pQXvvw+YeCYP\n" + - "bElO578h7scn8al4N7huQZ/z14BELe0chGWNA/ReW5nAu3SUOiv+E8/kv9i9Y8ul\n" + - "MJPL62nXW6Z/mkyystuBNtON420iWL/gS/vduxSZE/iBB4znctDpXS917/XWf31Y\n" + - "ZonemF3MSfi/s9V0Ic82ZY/+HZ4NLTDyKRd4kFF58OoH9RZNb6g8MbTp+gPadiUG\n" + - "UcfPGV3yGiugQa7WHTl7QJ9ishyafiZ4hpeKem6TMDEztgGyLIZ4MSxQvoeI2jJP\n" + - "KjHd5fW/HClbEcrN+w0a0MUNMaAOaZfMS7jS6sDpaVL8D0EX5A==\n" + - "-----END CERTIFICATE-----"; - - // Owner: SERIALNUMBER=983163327, CN=revoked.businessplus.ca23.ssl.buypass.no, O=BUYPASS AS, - // L=OSLO, OID.2.5.4.17=0484, C=NO - // Issuer: CN=Buypass Class 3 CA 2, O=Buypass AS-983163327, C=NO - // Serial number: 267cee3fab06c615fb27 - // Valid from: Mon Sep 23 04:56:56 PDT 2019 until: Thu Sep 23 14:59:00 PDT 2021 - private static final String REVOKED_CLASS_3 = "-----BEGIN CERTIFICATE-----\n" + - "MIIGWDCCBUCgAwIBAgIKJnzuP6sGxhX7JzANBgkqhkiG9w0BAQsFADBLMQswCQYD\n" + - "VQQGEwJOTzEdMBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxHTAbBgNVBAMM\n" + - "FEJ1eXBhc3MgQ2xhc3MgMyBDQSAyMB4XDTE5MDkyMzExNTY1NloXDTIxMDkyMzIx\n" + - "NTkwMFowgYcxCzAJBgNVBAYTAk5PMQ0wCwYDVQQRDAQwNDg0MQ0wCwYDVQQHDARP\n" + - "U0xPMRMwEQYDVQQKDApCVVlQQVNTIEFTMTEwLwYDVQQDDChyZXZva2VkLmJ1c2lu\n" + - "ZXNzcGx1cy5jYTIzLnNzbC5idXlwYXNzLm5vMRIwEAYDVQQFEwk5ODMxNjMzMjcw\n" + - "ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtpNExWd+hjl/ouL/B/pdc\n" + - "InUzEywQO3rzXs3psBdQ1lDhG/9Fcq78uqyri4edtJNDGb1XadktKeRC+NtUqMkE\n" + - "IFOXvaVjLxa61c8K5mh3CVDrAiPyxVcnm8vkuQPMsy1BTOl9TZq9heIukG/lcfzW\n" + - "6tU6mOD9yx1NzXSVN5cvDCbbDnEZiJSuazXI4O02as66SWI27WKsk21+SKCGAtGC\n" + - "kI0PW4FrXm43/jxX1CoImIfTLkDInMq7HHsQRsGQ3OjbJLfRz/2obyjHUU5ki6vd\n" + - "z16mA5ITLFIG36HxbPn337175R9RwOpWkN84xVlL3VQdznCVoiOjzBiOMpdm0Jwp\n" + - "AgMBAAGjggL/MIIC+zAJBgNVHRMEAjAAMB8GA1UdIwQYMBaAFCIwLtL79kvKwLg7\n" + - "0gTE6XLml5sMMB0GA1UdDgQWBBSGUQTUB4BilG/EMaHHDAYNPewf8zAOBgNVHQ8B\n" + - "Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB8GA1UdIAQY\n" + - "MBYwCgYIYIRCARoBAwQwCAYGZ4EMAQICMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6\n" + - "Ly9jcmwuYnV5cGFzcy5uby9jcmwvQlBDbGFzczNDQTIuY3JsMDMGA1UdEQQsMCqC\n" + - "KHJldm9rZWQuYnVzaW5lc3NwbHVzLmNhMjMuc3NsLmJ1eXBhc3Mubm8wagYIKwYB\n" + - "BQUHAQEEXjBcMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5idXlwYXNzLmNvbTA1\n" + - "BggrBgEFBQcwAoYpaHR0cDovL2NydC5idXlwYXNzLm5vL2NydC9CUENsYXNzM0NB\n" + - "Mi5jZXIwggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB2ALvZ37wfinG1k5Qjl6qS\n" + - "e0c4V5UKq1LoGpCWZDaOHtGFAAABbV37Y7oAAAQDAEcwRQIgYbaNSR3R5x9p9sYJ\n" + - "UzRDdd/lbELb05u9GqlLtl4M61YCIQCTBecXTbMs4zuG/wu722HZy/XgD6fiQySp\n" + - "FhHDO3CYagB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABbV37\n" + - "Y7wAAAQDAEcwRQIgD8j40M03oLMCg5WmFBN7VL6169F7rKatE12btLQRYtYCIQC0\n" + - "rDhQiZP7j14Y4JqEFQx6UHl3dvxLxZTDW34Z54IUWQB3AG9Tdqwx8DEZ2JkApFEV\n" + - "/3cVHBHZAsEAKQaNsgiaN9kTAAABbV37YOUAAAQDAEgwRgIhANTGHD1g2pbsTtoN\n" + - "CJ2m6nfxm9jB3huftKGDjeo7EyxHAiEA3EYNUc6hr+4Q9lMAphUgpW6oyaNCsIzl\n" + - "izbNhq8dBRYwDQYJKoZIhvcNAQELBQADggEBADUuO4MmYjPkmkik5tjUPiiDDXEQ\n" + - "A41jr72qmdleYdkhnaKAJa8Enn6j/ySRV0enA7yqJeNp1qgPQFvlOh3TqFB3Ae5b\n" + - "XAfL2B7vKbegpjKm8dVH5RurqVm9xZcXb1nbwfu2k3lqqsp/uwqvLBItJDvA8pfi\n" + - "2R46sEtj2gFpAlKFDwepuaklqhrvEoIjIaAL0RrGfKY0oRQw1YMbPNIebsVaWr04\n" + - "rt6tlxrq7PyW1w9Mt3445WA1NzSWc7pAjFLfY6u87QaPHI4ES31H9xxRDsxmr6Y3\n" + - "BJmiWd5uUxev0nVw0saqvlo4yAEBq4rI/DieKcQI4qEI8myzoS0R0azMfLM=\n" + - "-----END CERTIFICATE-----"; - - public void runTest(ValidatePathWithParams pathValidator) throws Exception { - // Validate valid - pathValidator.validate(new String[]{VALID_CLASS_3, INT_CLASS_3}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED_CLASS_3, INT_CLASS_3}, - ValidatePathWithParams.Status.REVOKED, - "Mon Sep 23 04:57:31 PDT 2019", System.out); - } -} diff --git a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java new file mode 100644 index 00000000000..33f777d6490 --- /dev/null +++ b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java @@ -0,0 +1,772 @@ +/* + * Copyright (c) 2023, 2024, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test id=actalisauthenticationrootca + * @bug 8189131 + * @summary Interoperability tests with Actalis CA + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp + * CAInterop actalisauthenticationrootca OCSP + * @run main/othervm/manual/timeout=180 -Djava.security.debug=certpath,ocsp + * CAInterop actalisauthenticationrootca CRL + */ + +/* + * @test id=amazonrootca1 + * @bug 8233223 + * @summary Interoperability tests with Amazon's CA1 + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop amazonrootca1 OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop amazonrootca1 CRL + */ + +/* + * @test id=amazonrootca2 + * @bug 8233223 + * @summary Interoperability tests with Amazon's CA2 + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop amazonrootca2 CRL + */ + +/* + * @test id=amazonrootca3 + * @bug 8233223 + * @summary Interoperability tests with Amazon's CA3 + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop amazonrootca3 OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop amazonrootca3 CRL + */ + +/* + * @test id=amazonrootca4 + * @bug 8233223 + * @summary Interoperability tests with Amazon's CA4 + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop amazonrootca4 OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop amazonrootca4 CRL + */ + +/* + * @test id=buypassclass2ca + * @bug 8189131 + * @summary Interoperability tests with Buypass Class 2 CA + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop buypassclass2ca OCSP + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop buypassclass2ca CRL + */ + +/* + * @test id=buypassclass3ca + * @bug 8189131 + * @summary Interoperability tests with Buypass Class 3 CA + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop buypassclass3ca OCSP + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop buypassclass3ca CRL + */ + +/* + * @test id=comodorsaca + * @bug 8189131 + * @summary Interoperability tests with Comodo RSA CA + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop comodorsaca OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop comodorsaca CRL + */ + +/* + * @test id=comodoeccca + * @bug 8189131 + * @summary Interoperability tests with Comodo ECC CA + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop comodoeccca OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop comodoeccca CRL + */ + +/* + * @test id=usertrustrsaca + * @bug 8189131 + * @summary Interoperability tests with Comodo userTrust RSA CA + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop usertrustrsaca OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop usertrustrsaca CRL + */ + +/* + * @test id=usertrusteccca + * @bug 8189131 + * @summary Interoperability tests with Comodo userTrust ECC CA + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop usertrusteccca OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop usertrusteccca CRL + */ + +/* + * @test id=letsencryptisrgx1 + * @bug 8189131 + * @summary Interoperability tests with Let's Encrypt ISRG Root X1 CA + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop letsencryptisrgx1 DEFAULT + */ + +/* + * @test id=letsencryptisrgx2 + * @bug 8317374 + * @summary Interoperability tests with Let's Encrypt ISRG Root X2 CA + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop letsencryptisrgx2 DEFAULT + */ + +/* + * @test id=globalsignrootcar6 + * @bug 8216577 + * @summary Interoperability tests with GlobalSign R6 CA + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop globalsignrootcar6 OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop globalsignrootcar6 CRL + */ + +/* + * @test id=entrustrootcaec1 + * @bug 8195774 + * @summary Interoperability tests with Entrust CAs + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop entrustrootcaec1 OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop entrustrootcaec1 CRL + */ + +/* + * @test id=entrustrootcag4 + * @bug 8243321 + * @summary Interoperability tests with Entrust CAs + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop entrustrootcag4 OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop entrustrootcag4 CRL + */ + +/* + * @test id=godaddyrootg2ca + * @bug 8196141 + * @summary Interoperability tests with GoDaddy CA + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop godaddyrootg2ca OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop godaddyrootg2ca CRL + */ + +/* + * @test id=starfieldrootg2ca + * @bug 8196141 + * @summary Interoperability tests with Starfield CA + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop starfieldrootg2ca OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop starfieldrootg2ca CRL + */ + +/* + * @test id=globalsigneccrootcar4 + * @bug 8307134 + * @summary Interoperability tests with Google's GlobalSign R4 and GTS Root certificates + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop globalsigneccrootcar4 DEFAULT + */ + +/* + * @test id=gtsrootcar1 + * @bug 8307134 + * @summary Interoperability tests with Google's GlobalSign R4 and GTS Root certificates + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop gtsrootcar1 DEFAULT + */ + +/* + * @test id=gtsrootcar2 + * @bug 8307134 + * @summary Interoperability tests with Google's GlobalSign R4 and GTS Root certificates + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop gtsrootcar2 DEFAULT + */ + +/* + * @test id=gtsrootecccar3 + * @bug 8307134 + * @summary Interoperability tests with Google's GlobalSign R4 and GTS Root certificates + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop gtsrootecccar3 DEFAULT + */ + +/* + * @test id=gtsrootecccar4 + * @bug 8307134 + * @summary Interoperability tests with Google's GlobalSign R4 and GTS Root certificates + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop gtsrootecccar4 DEFAULT + */ + +/* + * @test id=microsoftecc2017 + * @bug 8304760 + * @summary Interoperability tests with Microsoft TLS root CAs + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop microsoftecc2017 OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop microsoftecc2017 CRL + */ + +/* + * @test id=microsoftrsa2017 + * @bug 8304760 + * @summary Interoperability tests with Microsoft TLS root CAs + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop microsoftrsa2017 OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop microsoftrsa2017 CRL + */ + +/* + * @test id=quovadisrootca1g3 + * @bug 8189131 + * @summary Interoperability tests with QuoVadis Root CA1 G3 CA + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop quovadisrootca1g3 OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop quovadisrootca1g3 CRL + */ + +/* + * @test id=quovadisrootca2g3 + * @bug 8189131 + * @summary Interoperability tests with QuoVadis Root CA2 G3 CA + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop quovadisrootca2g3 OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop quovadisrootca2g3 CRL + */ + +/* + * @test id=quovadisrootca3g3 + * @bug 8189131 + * @summary Interoperability tests with QuoVadis Root CA3 G3 CA + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop quovadisrootca3g3 OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop quovadisrootca3g3 CRL + */ + +/* + * @test id=digicerttlseccrootg5 + * @bug 8318759 + * @summary Interoperability tests with DigiCert TLS ECC P384 Root G5 + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop digicerttlseccrootg5 OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop digicerttlseccrootg5 CRL + */ + +/* + * @test id=digicerttlsrsarootg5 + * @bug 8318759 + * @summary Interoperability tests with DigiCert TLS RSA4096 Root G5 + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop digicerttlsrsarootg5 OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop digicerttlsrsarootg5 CRL + */ + +/* + * @test id=sslrootrsaca + * @bug 8243320 + * @summary Interoperability tests with SSL.com's RSA CA + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop sslrootrsaca OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop sslrootrsaca CRL + */ + +/* + * @test id=sslrootevrsaca + * @bug 8243320 + * @summary Interoperability tests with SSL.com's EV RSA CA + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop sslrootevrsaca OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop sslrootevrsaca CRL + */ + +/* + * @test id=sslrooteccca + * @bug 8243320 + * @summary Interoperability tests with SSL.com's ECC CA + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop sslrooteccca OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop sslrooteccca CRL + */ + +/* + * @test id=teliasonerarootcav1 + * @bug 8210432 + * @summary Interoperability tests with TeliaSonera Root CA v1 + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop teliasonerarootcav1 OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop teliasonerarootcav1 CRL + */ + +/* + * @test id=twcaglobalrootca + * @bug 8305975 + * @summary Interoperability tests with TWCA Global Root CA from TAIWAN-CA + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop twcaglobalrootca OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop twcaglobalrootca CRL + */ + +/* + * @test id=certignarootca + * @bug 8314960 + * @summary Interoperability tests with Certigna Root CAs from Dhimyotis + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop certignarootca OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop certignarootca CRL + */ + +/* + * @test id=affirmtrustcommercialca + * @bug 8040012 + * @summary Interoperability tests with AffirmTrust Commercial CA + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop affirmtrustcommercialca OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop affirmtrustcommercialca CRL + */ + +/* + * @test id=affirmtrustnetworkingca + * @bug 8040012 + * @summary Interoperability tests with AffirmTrust Networking CA + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop affirmtrustnetworkingca OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop affirmtrustnetworkingca CRL + */ + +/* + * @test id=affirmtrustpremiumca + * @bug 8040012 + * @summary Interoperability tests with AffirmTrust Premium CA + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop affirmtrustpremiumca OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop affirmtrustpremiumca CRL + */ + +/* + * @test id=affirmtrustpremiumeccca + * @bug 8040012 + * @summary Interoperability tests with AffirmTrust Premium ECC CA + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop affirmtrustpremiumeccca OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop affirmtrustpremiumeccca CRL + */ + +/* + * @test id=teliarootcav2 + * @bug 8317373 + * @summary Interoperability tests with Telia Root CA V2 + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop teliarootcav2 OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop teliarootcav2 CRL + */ + +/* + * @test id=emsignrootcag1 + * @bug 8319187 + * @summary Interoperability tests with eMudhra Root CA G1 + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop emsignrootcag1 OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop emsignrootcag1 CRL + */ + +/* + * @test id=emsigneccrootcag3 + * @bug 8319187 + * @summary Interoperability tests with eMudhra ECC Root CA G3 + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop emsigneccrootcag3 OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop emsigneccrootcag3 CRL + */ + +/* + * @test id=certainlyrootr1 + * @bug 8321408 + * @summary Interoperability tests with Certainly Root R1 + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop certainlyrootr1 DEFAULT + */ + +/* + * @test id=certainlyroote1 + * @bug 8321408 + * @summary Interoperability tests with Certainly Root E1 + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop certainlyroote1 DEFAULT + */ + +/* + * @test id=globalsignr46 + * @bug 8316138 + * @summary Interoperability tests with GlobalSign Root R46 + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop globalsignr46 OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop globalsignr46 CRL + */ + +/* + * @test id=globalsigne46 + * @bug 8316138 + * @summary Interoperability tests with GlobalSign Root E46 + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop globalsigne46 OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop globalsigne46 CRL + */ + +/* + * @test id=ssltlsrootecc2022 + * @bug 8341057 + * @summary Interoperability tests with SSL TLS 2022 root CAs + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop ssltlsrootecc2022 DEFAULT + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp -Dcom.sun.security.ocsp.useget=false CAInterop ssltlsrootecc2022 DEFAULT + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop ssltlsrootecc2022 CRL + */ + +/* + * @test id=ssltlsrootrsa2022 + * @bug 8341057 + * @summary Interoperability tests with SSL TLS 2022 root CAs + * @library /test/lib + * @build jtreg.SkippedException ValidatePathWithURL CAInterop + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp CAInterop ssltlsrootrsa2022 DEFAULT + * @run main/othervm/manual -Djava.security.debug=certpath,ocsp -Dcom.sun.security.ocsp.useget=false CAInterop ssltlsrootrsa2022 DEFAULT + * @run main/othervm/manual -Djava.security.debug=certpath CAInterop ssltlsrootrsa2022 CRL + */ + +/** + * Collection of certificate validation tests for interoperability with external CAs. + * These tests are marked as manual as they depend on external infrastructure and may fail + * with external reasons, for instance - change in CA test portal. + */ +public class CAInterop { + + /** + * Returns the test configuration for CA + * + * @param alias from the cacerts file without [jdk] + * @return CATestURLs + */ + private CATestURLs getTestURLs(String alias) { + switch (alias) { + case "actalisauthenticationrootca": + return new CATestURLs("https://ssltest-active.actalis.it", + "https://ssltest-revoked.actalis.it"); + + case "amazonrootca1": + return new CATestURLs("https://valid.rootca1.demo.amazontrust.com", + "https://revoked.rootca1.demo.amazontrust.com"); + case "amazonrootca2": + return new CATestURLs("https://valid.rootca2.demo.amazontrust.com", + "https://revoked.rootca2.demo.amazontrust.com"); + case "amazonrootca3": + return new CATestURLs("https://valid.rootca3.demo.amazontrust.com", + "https://revoked.rootca3.demo.amazontrust.com"); + case "amazonrootca4": + return new CATestURLs("https://valid.rootca4.demo.amazontrust.com", + "https://revoked.rootca4.demo.amazontrust.com"); + + case "buypassclass2ca": + return new CATestURLs("https://valid.business.ca22.ssl.buypass.no", + "https://revoked.business.ca22.ssl.buypass.no"); + case "buypassclass3ca": + return new CATestURLs("https://valid.qcevident.ca23.ssl.buypass.no", + "https://revoked.qcevident.ca23.ssl.buypass.no"); + + case "comodorsaca": + return new CATestURLs("https://comodorsacertificationauthority-ev.comodoca.com", + "https://comodorsacertificationauthority-ev.comodoca.com:444"); + case "comodoeccca": + return new CATestURLs("https://comodoecccertificationauthority-ev.comodoca.com", + "https://comodoecccertificationauthority-ev.comodoca.com:444"); + case "usertrustrsaca": + return new CATestURLs("https://usertrustrsacertificationauthority-ev.comodoca.com", + "https://usertrustrsacertificationauthority-ev.comodoca.com:444"); + case "usertrusteccca": + return new CATestURLs("https://usertrustecccertificationauthority-ev.comodoca.com", + "https://usertrustecccertificationauthority-ev.comodoca.com:444"); + + case "letsencryptisrgx1": + return new CATestURLs("https://valid-isrgrootx1.letsencrypt.org", + "https://revoked-isrgrootx1.letsencrypt.org"); + case "letsencryptisrgx2": + return new CATestURLs("https://valid-isrgrootx2.letsencrypt.org", + "https://revoked-isrgrootx2.letsencrypt.org"); + + case "globalsignrootcar6": + return new CATestURLs("https://valid.r6.roots.globalsign.com", + "https://revoked.r6.roots.globalsign.com"); + + case "entrustrootcaec1": + return new CATestURLs("https://validec.entrust.net", + "https://revokedec.entrust.net"); + case "entrustrootcag4": + return new CATestURLs("https://validg4.entrust.net", + "https://revokedg4.entrust.net"); + + case "godaddyrootg2ca": + return new CATestURLs("https://valid.gdig2.catest.godaddy.com", + "https://revoked.gdig2.catest.godaddy.com"); + case "starfieldrootg2ca": + return new CATestURLs("https://valid.sfig2.catest.starfieldtech.com", + "https://revoked.sfig2.catest.starfieldtech.com"); + + case "globalsigneccrootcar4": + return new CATestURLs("https://good.gsr4.demo.pki.goog", + "https://revoked.gsr4.demo.pki.goog"); + case "gtsrootcar1": + return new CATestURLs("https://good.gtsr1.demo.pki.goog", + "https://revoked.gtsr1.demo.pki.goog"); + case "gtsrootcar2": + return new CATestURLs("https://good.gtsr2.demo.pki.goog", + "https://revoked.gtsr2.demo.pki.goog"); + case "gtsrootecccar3": + return new CATestURLs("https://good.gtsr3.demo.pki.goog", + "https://revoked.gtsr3.demo.pki.goog"); + case "gtsrootecccar4": + return new CATestURLs("https://good.gtsr4.demo.pki.goog", + "https://revoked.gtsr4.demo.pki.goog"); + + case "microsoftecc2017": + return new CATestURLs("https://acteccroot2017.pki.microsoft.com", + "https://rvkeccroot2017.pki.microsoft.com"); + case "microsoftrsa2017": + return new CATestURLs("https://actrsaroot2017.pki.microsoft.com", + "https://rvkrsaroot2017.pki.microsoft.com"); + + // Test URLs are listed at https://www.digicert.com/kb/digicert-root-certificates.htm + case "quovadisrootca1g3": + return new CATestURLs("https://quovadis-root-ca-1-g3.chain-demos.digicert.com", + "https://quovadis-root-ca-1-g3-revoked.chain-demos.digicert.com"); + case "quovadisrootca2g3": + return new CATestURLs("https://quovadis-root-ca-2-g3.chain-demos.digicert.com", + "https://quovadis-root-ca-2-g3-revoked.chain-demos.digicert.com"); + case "quovadisrootca3g3": + return new CATestURLs("https://quovadis-root-ca-3-g3.chain-demos.digicert.com", + "https://quovadis-root-ca-3-g3-revoked.chain-demos.digicert.com"); + case "digicerttlseccrootg5": + return new CATestURLs("https://digicert-tls-ecc-p384-root-g5.chain-demos.digicert.com", + "https://digicert-tls-ecc-p384-root-g5-revoked.chain-demos.digicert.com"); + case "digicerttlsrsarootg5": + return new CATestURLs("https://digicert-tls-rsa4096-root-g5.chain-demos.digicert.com", + "https://digicert-tls-rsa4096-root-g5-revoked.chain-demos.digicert.com"); + + case "sslrootrsaca": + return new CATestURLs("https://test-dv-rsa.ssl.com", + "https://revoked-rsa-dv.ssl.com"); + case "sslrootevrsaca": + return new CATestURLs("https://test-ev-rsa.ssl.com", + "https://revoked-rsa-ev.ssl.com"); + case "sslrooteccca": + return new CATestURLs("https://test-dv-ecc.ssl.com", + "https://revoked-ecc-dv.ssl.com"); + + case "teliasonerarootcav1": + return new CATestURLs("https://juolukka.cover.sonera.net:10443", + "https://juolukka.cover.sonera.net:10444"); + + case "twcaglobalrootca": + return new CATestURLs("https://evssldemo6.twca.com.tw", + "https://evssldemo7.twca.com.tw"); + + case "certignarootca": + return new CATestURLs("https://valid.servicesca.dhimyotis.com", + "https://revoked.servicesca.dhimyotis.com"); + + case "teliarootcav2": + return new CATestURLs("https://juolukka.cover.telia.fi:10600", + "https://juolukka.cover.telia.fi:10601"); + + // These are listed at https://www.affirmtrust.com/resources/ + case "affirmtrustcommercialca": + return new CATestURLs("https://validcommercial.affirmtrust.com", + "https://revokedcommercial.affirmtrust.com"); + case "affirmtrustnetworkingca": + return new CATestURLs("https://validnetworking.affirmtrust.com", + "https://revokednetworking.affirmtrust.com"); + case "affirmtrustpremiumca": + return new CATestURLs("https://validpremium.affirmtrust.com", + "https://revokedpremium.affirmtrust.com"); + case "affirmtrustpremiumeccca": + return new CATestURLs("https://validpremiumecc.affirmtrust.com", + "https://revokedpremiumecc.affirmtrust.com"); + + case "emsignrootcag1": + return new CATestURLs("https://testovg1.emsign.com/RootOVG1.html", + "https://testovg1r.emsign.com/RootOVG1MR.html"); + case "emsigneccrootcag3": + return new CATestURLs("https://testovg3.emsign.com/RootOVG3.html", + "https://testovg3r.emsign.com/RootOVG3MR.html"); + + case "certainlyrootr1": + return new CATestURLs("https://valid.root-r1.certainly.com", + "https://revoked.root-r1.certainly.com"); + case "certainlyroote1": + return new CATestURLs("https://valid.root-e1.certainly.com", + "https://revoked.root-e1.certainly.com"); + + case "globalsignr46": + return new CATestURLs("https://valid.r46.roots.globalsign.com", + "https://revoked.r46.roots.globalsign.com"); + case "globalsigne46": + return new CATestURLs("https://valid.e46.roots.globalsign.com", + "https://revoked.e46.roots.globalsign.com"); + + case "ssltlsrootecc2022": + return new CATestURLs("https://test-root-2022-ecc.ssl.com", + "https://revoked-root-2022-ecc.ssl.com"); + case "ssltlsrootrsa2022": + return new CATestURLs("https://test-root-2022-rsa.ssl.com", + "https://revoked-root-2022-rsa.ssl.com"); + + default: throw new RuntimeException("No test setup found for: " + alias); + } + } + + public static void main(String[] args) throws Exception { + if (args.length < 2) { + throw new RuntimeException("Run as: CAInterop "); + } + + String caAlias = args[0]; + + CAInterop caInterop = new CAInterop(args[1]); + CATestURLs caTestURLs = caInterop.getTestURLs(caAlias); + + caInterop.validate(caAlias + " [jdk]", + caTestURLs.getVALID_URL(), + caTestURLs.getREVOKED_URL()); + } + + static class CATestURLs { + final String VALID_URL; + final String REVOKED_URL; + + public CATestURLs(String validURL, + String revokedURL) { + VALID_URL = validURL; + REVOKED_URL = revokedURL; + } + + public String getVALID_URL() { + return VALID_URL; + } + + public String getREVOKED_URL() { + return REVOKED_URL; + } + } + + /** + * Constructor for interoperability test with third party CA. + * + * @param revocationMode revocation checking mode to use + */ + public CAInterop(String revocationMode) { + if ("CRL".equalsIgnoreCase(revocationMode)) { + ValidatePathWithURL.enableCRLOnly(); + } else if ("OCSP".equalsIgnoreCase(revocationMode)) { + ValidatePathWithURL.enableOCSPOnly(); + } else { + // OCSP and CRL check by default + ValidatePathWithURL.enableOCSPAndCRL(); + } + + ValidatePathWithURL.logRevocationSettings(); + } + + /** + * Validates provided URLs using HttpsURLConnection making sure they + * anchor to the root CA found in cacerts using provided alias. + * + * @param caAlias CA alis from cacerts file + * @param validCertURL valid test URL + * @param revokedCertURL revoked test URL + * @throws Exception thrown when certificate can't be validated as valid or revoked + */ + public void validate(String caAlias, + String validCertURL, + String revokedCertURL) throws Exception { + + ValidatePathWithURL validatePathWithURL = new ValidatePathWithURL(caAlias); + + if (validCertURL != null) { + validatePathWithURL.validateDomain(validCertURL, false); + } + + if (revokedCertURL != null) { + validatePathWithURL.validateDomain(revokedCertURL, true); + } + } +} diff --git a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/CertignaCA.java b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/CertignaCA.java index 5e058233370..eb09d56a14e 100644 --- a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/CertignaCA.java +++ b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/CertignaCA.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2023, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,30 +23,19 @@ /* * @test - * @bug 8245654 - * @summary Interoperability tests with Certigna Root CA from Dhimyotis + * @bug 8245654 8256895 + * @summary Interoperability tests with Certigna Root CAs from Dhimyotis * @build ValidatePathWithParams - * @run main/othervm -Djava.security.debug=certpath CertignaCA OCSP - * @run main/othervm -Djava.security.debug=certpath CertignaCA CRL - */ - -/* - * Obtain TLS test artifacts for Certigna Root CA from: - * - * Valid TLS Certificates: - * https://valid.servicesca.dhimyotis.com/ - * - * Revoked TLS Certificates: - * https://revoked.servicesca.dhimyotis.com/ + * @run main/othervm/manual -Djava.security.debug=certpath CertignaCA OCSP + * @run main/othervm/manual -Djava.security.debug=certpath CertignaCA CRL */ public class CertignaCA { - // Owner: CN=Certigna Services CA, OID.2.5.4.97=NTRFR-48146308100036, // OU=0002 48146308100036, O=DHIMYOTIS, C=FR // Issuer: CN=Certigna, O=Dhimyotis, C=FR // Serial number: 6f82fa28acd6f784bb5b120ba87367ad // Valid from: Wed Nov 25 03:33:52 PST 2015 until: Sat Nov 22 03:33:52 PST 2025 - private static final String INT = "-----BEGIN CERTIFICATE-----\n" + + private static final String INT_CERTIGNA = "-----BEGIN CERTIFICATE-----\n" + "MIIGFjCCBP6gAwIBAgIQb4L6KKzW94S7WxILqHNnrTANBgkqhkiG9w0BAQsFADA0\n" + "MQswCQYDVQQGEwJGUjESMBAGA1UECgwJRGhpbXlvdGlzMREwDwYDVQQDDAhDZXJ0\n" + "aWduYTAeFw0xNTExMjUxMTMzNTJaFw0yNTExMjIxMTMzNTJaMH0xCzAJBgNVBAYT\n" + @@ -82,132 +71,137 @@ public class CertignaCA { "DWLv73/xhTmdhWYQ/reo0GbgBoLiltKmIJQ=\n" + "-----END CERTIFICATE-----"; - // Owner: SERIALNUMBER=S230100953, CN=valid.servicesca.dhimyotis.com, - // OU=0002 48146308100036, O=DHIMYOTIS, L=VILLENEUVE D'ASCQ, C=FR - // Issuer: CN=Certigna Services CA, OID.2.5.4.97=NTRFR-48146308100036, - // OU=0002 48146308100036, O=DHIMYOTIS, C=FR - // Serial number: 2959798fe2e0e7b43810169ae938bc5f - // Valid from: Sun Mar 13 16:00:00 PDT 2022 until: Mon Mar 13 15:59:59 PDT 2023 + // Owner: SERIALNUMBER=S266241169, CN=valid.servicesca.dhimyotis.com, O=DHIMYOTIS, + // L=VILLENEUVE D'ASCQ, C=FR + // Issuer: CN=Certigna Services CA, OID.2.5.4.97=NTRFR-48146308100036, OU=0002 + // 48146308100036, O=DHIMYOTIS, C=FR + // Serial number: c641ef7b0340c21515d8c462e729dc0e + // Valid from: Thu Mar 09 15:00:00 PST 2023 until: Mon Mar 11 15:59:59 PDT 2024 private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIIkzCCBnugAwIBAgIQKVl5j+Lg57Q4EBaa6Ti8XzANBgkqhkiG9w0BAQsFADB9\n" + - "MQswCQYDVQQGEwJGUjESMBAGA1UECgwJREhJTVlPVElTMRwwGgYDVQQLDBMwMDAy\n" + - "IDQ4MTQ2MzA4MTAwMDM2MR0wGwYDVQRhDBROVFJGUi00ODE0NjMwODEwMDAzNjEd\n" + - "MBsGA1UEAwwUQ2VydGlnbmEgU2VydmljZXMgQ0EwHhcNMjIwMzEzMjMwMDAwWhcN\n" + - "MjMwMzEzMjI1OTU5WjCBmTELMAkGA1UEBhMCRlIxGjAYBgNVBAcMEVZJTExFTkVV\n" + - "VkUgRCdBU0NRMRIwEAYDVQQKDAlESElNWU9USVMxHDAaBgNVBAsMEzAwMDIgNDgx\n" + - "NDYzMDgxMDAwMzYxJzAlBgNVBAMMHnZhbGlkLnNlcnZpY2VzY2EuZGhpbXlvdGlz\n" + - "LmNvbTETMBEGA1UEBRMKUzIzMDEwMDk1MzCCASIwDQYJKoZIhvcNAQEBBQADggEP\n" + - "ADCCAQoCggEBALpeGHbzRGnv1C0PdJS0nT+Cx98Pw8ctaw51m9Vlk2j8AFGZRu8r\n" + - "lX3noQYX0AIfcbk6KqPAreIvJQV0UgM5jxt3mIQF7iU+55MG4mWmSJgKDDq4b3ck\n" + - "WdBy0KpSBqLmB9sHyTNk9NilNu7VwG03HGIltWA2uQFJGC8CkxwAFpMCQ9RVYw2Z\n" + - "NkL/SsiPgrRLiCJZjesk1oAcLnLp7hbelfUB2Z71VmuDDlom7CsLvdN8eIG+Lj+V\n" + - "wkGmH6AbVGvbFniFDLCNDSJWCQ9AHeO+i0CM/wd2gBRSgm993p2YMxu5mVZjz/rp\n" + - "ELaCYjulvNZKvPIFoNe8qsxlXRWeqWaHuPsCAwEAAaOCA/AwggPsMIHkBggrBgEF\n" + - "BQcBAQSB1zCB1DA4BggrBgEFBQcwAoYsaHR0cDovL2F1dG9yaXRlLmRoaW15b3Rp\n" + - "cy5jb20vc2VydmljZXNjYS5kZXIwNgYIKwYBBQUHMAKGKmh0dHA6Ly9hdXRvcml0\n" + - "ZS5jZXJ0aWduYS5mci9zZXJ2aWNlc2NhLmRlcjAwBggrBgEFBQcwAYYkaHR0cDov\n" + - "L3NlcnZpY2VzY2Eub2NzcC5kaGlteW90aXMuY29tMC4GCCsGAQUFBzABhiJodHRw\n" + - "Oi8vc2VydmljZXNjYS5vY3NwLmNlcnRpZ25hLmZyMB8GA1UdIwQYMBaAFKzsho9L\n" + - "Nxy4fxcbGdCu6E7jNFwSMAkGA1UdEwQCMAAwYQYDVR0gBFowWDAIBgZngQwBAgIw\n" + - "TAYLKoF6AYExAgUBAQEwPTA7BggrBgEFBQcCARYvaHR0cHM6Ly93d3cuY2VydGln\n" + - "bmEuY29tL2F1dG9yaXRlLWNlcnRpZmljYXRpb24wZQYDVR0fBF4wXDAroCmgJ4Yl\n" + - "aHR0cDovL2NybC5jZXJ0aWduYS5mci9zZXJ2aWNlc2NhLmNybDAtoCugKYYnaHR0\n" + - "cDovL2NybC5kaGlteW90aXMuY29tL3NlcnZpY2VzY2EuY3JsMBMGA1UdJQQMMAoG\n" + - "CCsGAQUFBwMBMA4GA1UdDwEB/wQEAwIFoDBIBgNVHREEQTA/gh12YWxpZC5zZXJ2\n" + - "aWNlc2NhLmNlcnRpZ25hLmNvbYIedmFsaWQuc2VydmljZXNjYS5kaGlteW90aXMu\n" + - "Y29tMB0GA1UdDgQWBBSGQwwMIdxiI7P+CFU/Z968XZaSGzCCAX0GCisGAQQB1nkC\n" + - "BAIEggFtBIIBaQFnAHUArfe++nz/EMiLnT2cHj4YarRnKV3PsQwkyoWGNOvcgooA\n" + - "AAF/h9eOGgAABAMARjBEAiBaneK2CTn9lH28CUnL2C2/WklUYkvygMiDrtCIUXfw\n" + - "gQIgJrGxwgGlsYzUdZyZY/oNWSLByO8/Jb5LXbNibdk5SnAAdwDoPtDaPvUGNTLn\n" + - "Vyi8iWvJA9PL0RFr7Otp4Xd9bQa9bgAAAX+H14/NAAAEAwBIMEYCIQCVtuV9p/Ug\n" + - "IhwVoMUjPp1KzGte/FmDaKPx432VjOpD+AIhANKWkDEuVnMzPH8sdJCL+eXoB0Q7\n" + - "0mpe5dHEiFJS8lTBAHUAs3N3B+GEUPhjhtYFqdwRCUp5LbFnDAuH3PADDnk2pZoA\n" + - "AAF/h9eTcQAABAMARjBEAiAjdYhnzPe9lJksk94ngl7PLDRi71tSRN7SslibEyv+\n" + - "XAIgLQ5NKQAaJnF8oA7WnHB8gyJ/8kqZi52d1WFgARDLR30wDQYJKoZIhvcNAQEL\n" + - "BQADggIBAJhLhW5Gh9yOPKsrMhABd7U5juc5ev97c6s7Az70Yr5/EtH6TlgC6a1N\n" + - "i0yzFOeXzAR8Svsq6HzqP9kMJkEFIrdWH8JZdEv871EjYetEzLLnO0m+dNEROJAh\n" + - "fcJ2w2LufPNaQ327tGY/DxDH9jdtgquReO01bPlJ0Yc5J3maz4XapeUm/kQ8dRzS\n" + - "0UBOxfUlEMpDatZzg7wugy7g9vOndW/VbtbN5Iioq2bjuykPJZfZUx4cCAmLUS7w\n" + - "bqPThQ54PnybiPXaF8cH1Gq0Rs/lGB1erzRXRXHgMy61mFY944r13oATnSdTy8Gm\n" + - "QoMsVp9w7WBRo8O4PR606Ke8Ufm9Kg2GJ1sHClf70FNFO/OSFlr3BLDG0vEMdgVW\n" + - "9QLu6UQXa9PhWMoo030k5fmUySzIUljXnstj3rgcD2HE1UrobTqyRHbbQ8JVWaF0\n" + - "PrPR4WDFI9dY0jixVQucKlX6FCqsyNrJF8GWDlZH+Cd8bk+MA9fKUuX/vmoOc2d+\n" + - "bvOCliME7YjAJkyclk6yiFIMnqyh+TD0d8WbjE94YC/293Xqb6WGkRhhsCX9RUrk\n" + - "I6QbS2uicCFGjRsPmjvMkDDxS00MShRl2K/KpsAx68Cv/Gcw3bv31obwNXTB2IBg\n" + - "gI0MfBHnjIp1nmNvCNmVIP52YrGQyC2JE7+GZUWTuwUVeDgBhiEZ\n" + + "MIIIdzCCBl+gAwIBAgIRAMZB73sDQMIVFdjEYucp3A4wDQYJKoZIhvcNAQELBQAw\n" + + "fTELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCURISU1ZT1RJUzEcMBoGA1UECwwTMDAw\n" + + "MiA0ODE0NjMwODEwMDAzNjEdMBsGA1UEYQwUTlRSRlItNDgxNDYzMDgxMDAwMzYx\n" + + "HTAbBgNVBAMMFENlcnRpZ25hIFNlcnZpY2VzIENBMB4XDTIzMDMwOTIzMDAwMFoX\n" + + "DTI0MDMxMTIyNTk1OVowezELMAkGA1UEBhMCRlIxGjAYBgNVBAcMEVZJTExFTkVV\n" + + "VkUgRCdBU0NRMRIwEAYDVQQKDAlESElNWU9USVMxJzAlBgNVBAMMHnZhbGlkLnNl\n" + + "cnZpY2VzY2EuZGhpbXlvdGlzLmNvbTETMBEGA1UEBRMKUzI2NjI0MTE2OTCCASIw\n" + + "DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJDrFpZWEeBJoMUuG37wEmJ7XVeX\n" + + "Jde1bgURpFbLwifRj2TVmMdtfg9hXHL7B7Mh/+I8/e7kJz8mlU9qUYKyH24oAitE\n" + + "myXYHAKTydqTseiM3mp92n4PM+DrgsdbT7bpmiirNM0/sqWFNyGUz7kP6Z5E3uuU\n" + + "HSlzX1LBBj8S0ORNZWvomQho11gjuZJRS72X4XTnSc0DESwnLp2irUfx7pflBNt0\n" + + "sLE8BhpNSSQd91naJVKtCtn0H7df+o4gGBt2ZceCLBwU0NwN8+KXz06KjP8298V4\n" + + "P3+eR2QxAw4QBIanRaG6Gd4AmpdIaT7TpiYHotjrJ/Pbx5C8/cmgxxlmtI0CAwEA\n" + + "AaOCA/IwggPuMIHkBggrBgEFBQcBAQSB1zCB1DA2BggrBgEFBQcwAoYqaHR0cDov\n" + + "L2F1dG9yaXRlLmNlcnRpZ25hLmZyL3NlcnZpY2VzY2EuZGVyMDgGCCsGAQUFBzAC\n" + + "hixodHRwOi8vYXV0b3JpdGUuZGhpbXlvdGlzLmNvbS9zZXJ2aWNlc2NhLmRlcjAu\n" + + "BggrBgEFBQcwAYYiaHR0cDovL3NlcnZpY2VzY2Eub2NzcC5jZXJ0aWduYS5mcjAw\n" + + "BggrBgEFBQcwAYYkaHR0cDovL3NlcnZpY2VzY2Eub2NzcC5kaGlteW90aXMuY29t\n" + + "MB8GA1UdIwQYMBaAFKzsho9LNxy4fxcbGdCu6E7jNFwSMAkGA1UdEwQCMAAwYQYD\n" + + "VR0gBFowWDAIBgZngQwBAgIwTAYLKoF6AYExAgUBAQEwPTA7BggrBgEFBQcCARYv\n" + + "aHR0cHM6Ly93d3cuY2VydGlnbmEuY29tL2F1dG9yaXRlLWNlcnRpZmljYXRpb24w\n" + + "ZQYDVR0fBF4wXDAtoCugKYYnaHR0cDovL2NybC5kaGlteW90aXMuY29tL3NlcnZp\n" + + "Y2VzY2EuY3JsMCugKaAnhiVodHRwOi8vY3JsLmNlcnRpZ25hLmZyL3NlcnZpY2Vz\n" + + "Y2EuY3JsMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA4GA1UdDwEB/wQEAwIFoDBIBgNV\n" + + "HREEQTA/gh12YWxpZC5zZXJ2aWNlc2NhLmNlcnRpZ25hLmNvbYIedmFsaWQuc2Vy\n" + + "dmljZXNjYS5kaGlteW90aXMuY29tMB0GA1UdDgQWBBSzyYZfPBt65RUDq98+e0AK\n" + + "U8pd/jCCAX8GCisGAQQB1nkCBAIEggFvBIIBawFpAHcA7s3QZNXbGs7FXLedtM0T\n" + + "ojKHRny87N7DUUhZRnEftZsAAAGGy1ZNXwAABAMASDBGAiEAyG838/RfBOpojEI/\n" + + "cx++f0tvuDbc/rVa0WNcd2f9HekCIQDVKV2wI3VkD3wNmO93m022H7kvKD1OBEhw\n" + + "Tn6+0ZLA6QB2AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABhstW\n" + + "TcYAAAQDAEcwRQIhAOuj/r5G1wHNgFOMg3jsr3uWmWzIIkTmwmp4hJqvsJzzAiBf\n" + + "nm/jZCUW8DFY+iC+O/+Hzsk/kVDkKIlBDd6rA3MzJgB2AFWB1MIWkDYBSuoLm1c8\n" + + "U/DA5Dh4cCUIFy+jqh0HE9MMAAABhstWTw4AAAQDAEcwRQIgRbCAqI1/nxc6P4de\n" + + "Fqg/zc1+ldMDWjeamWjhctciGsgCIQDHQ4OKj0AA7hQKFIe1SVp+00BxRefFGmq7\n" + + "ZJ+8q+pRqzANBgkqhkiG9w0BAQsFAAOCAgEAVkzCC9LIHU+iOi+GFeCtWxxa5Fsk\n" + + "5gXnDJmtbdoVe2TJvOhrb+VnNI7/Ak+csBv3vxNl3P3DXIbPryB98aelleX7pkfP\n" + + "PcKhFAlbwzbII2D3L0mjFLERtVwdnoEJXXKcHsb9hJResKipZ//daMPD8FthHvEE\n" + + "HmtOrR0lHLjhbi4ODq0e4xyygbxFXXl5CCjtBw0jBtZaMDQaC3eemK9LkOggLz3h\n" + + "qs/+VQ7RyKfcKCuGC5Wb4GJR+IDKH812hFsUWmXe26MPoyTrzLNq6tfQZHSuY5Hj\n" + + "K0ZwldEkUZ2Hd7PrRlhCiGdVCp/2kS2yefhUkvX7Z5K5wX6n+LylfzOTvWf6ZPwQ\n" + + "1jTI0Js8ig4eHF25GlqgOWrqbyF9j67kLs3f7/c5Kx3FlclJ7/vlL8zEcTmGU7rm\n" + + "ZFOhEMDT/UYkitqAOvrgT60oIm9YJ1XTAVTeDbW0FFAb2nFmeBOrw8N3jaCb+jpO\n" + + "ysBA/lDaGTiQhMlJK44vwgS+TjbeWHxvmAE5srKa7MWU8Mmku2vuX95lupJo4LmD\n" + + "zOsihH00hyhtHFUB1TGXuaf77kFsipE6iycyxpcrpJ1UAWiZrba6PAZ85TbYhEdY\n" + + "FDNm7F7CVPU67HV5gE2kDa3Jprd1SjwO095LsRptWhzxUByhee3JI0jljBTaKowy\n" + + "jPv8oekm7zqCLzY=\n" + "-----END CERTIFICATE-----"; - // Owner: SERIALNUMBER=S230120951, CN=revoked.servicesca.dhimyotis.com, - // OU=0002 48146308100036, O=DHIMYOTIS, L=VILLENEUVE D'ASCQ, C=FR - // Issuer: CN=Certigna Services CA, OID.2.5.4.97=NTRFR-48146308100036, - // OU=0002 48146308100036, O=DHIMYOTIS, C=FR - // Serial number: f88f2566b3dbf73763622db9b2bf9cc - // Valid from: Sun Mar 13 16:00:00 PDT 2022 until: Mon Mar 13 15:59:59 PDT 2023 + // Owner: SERIALNUMBER=S266251168, CN=revoked.servicesca.certigna.com, O=DHIMYOTIS, + // L=VILLENEUVE D'ASCQ, C=FR + // Issuer: CN=Certigna Services CA, OID.2.5.4.97=NTRFR-48146308100036, OU=0002 + // 48146308100036, O=DHIMYOTIS, C=FR + // Serial number: e863f752a23a735e3ccf958abf18565b + // Valid from: Thu Mar 09 15:00:00 PST 2023 until: Fri Mar 08 14:59:59 PST 2024 private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIImTCCBoGgAwIBAgIQD4jyVms9v3N2NiLbmyv5zDANBgkqhkiG9w0BAQsFADB9\n" + - "MQswCQYDVQQGEwJGUjESMBAGA1UECgwJREhJTVlPVElTMRwwGgYDVQQLDBMwMDAy\n" + - "IDQ4MTQ2MzA4MTAwMDM2MR0wGwYDVQRhDBROVFJGUi00ODE0NjMwODEwMDAzNjEd\n" + - "MBsGA1UEAwwUQ2VydGlnbmEgU2VydmljZXMgQ0EwHhcNMjIwMzEzMjMwMDAwWhcN\n" + - "MjMwMzEzMjI1OTU5WjCBmzELMAkGA1UEBhMCRlIxGjAYBgNVBAcMEVZJTExFTkVV\n" + - "VkUgRCdBU0NRMRIwEAYDVQQKDAlESElNWU9USVMxHDAaBgNVBAsMEzAwMDIgNDgx\n" + - "NDYzMDgxMDAwMzYxKTAnBgNVBAMMIHJldm9rZWQuc2VydmljZXNjYS5kaGlteW90\n" + - "aXMuY29tMRMwEQYDVQQFEwpTMjMwMTIwOTUxMIIBIjANBgkqhkiG9w0BAQEFAAOC\n" + - "AQ8AMIIBCgKCAQEAouvIzemKChCjYICW+TzRigLkqaTdMLnaPlGaXyCCoEUS6nkK\n" + - "QnrwTgebf1X9/mwSAuvTo3Ck7CVgE8AMqsPTluSjezCJuED/F3HYy2YsbIhnVK/i\n" + - "uSzKsDGVY3RlVNm2MA2viVTNBbOFhk4kefYqpDCmp3EGvIDOCb7Y5PTuKKQ79s97\n" + - "uDm+0WoBnOdwSuZMUg+hvINBgu2JQFwiWP0g/SxoK6Ci9SVokM3zR4KgECkMVArf\n" + - "cH0dN+5SYvByaGegQJy7TdKqDsf1lIHM19tUXcxOBNRgV3Rf7WMNIlERtLXjRfke\n" + - "IWXf8QtXRVIH/i/PoVTDo2qvQOMnZFY/Eb5dFQIDAQABo4ID9DCCA/AwgeQGCCsG\n" + - "AQUFBwEBBIHXMIHUMDgGCCsGAQUFBzAChixodHRwOi8vYXV0b3JpdGUuZGhpbXlv\n" + - "dGlzLmNvbS9zZXJ2aWNlc2NhLmRlcjA2BggrBgEFBQcwAoYqaHR0cDovL2F1dG9y\n" + - "aXRlLmNlcnRpZ25hLmZyL3NlcnZpY2VzY2EuZGVyMDAGCCsGAQUFBzABhiRodHRw\n" + - "Oi8vc2VydmljZXNjYS5vY3NwLmRoaW15b3Rpcy5jb20wLgYIKwYBBQUHMAGGImh0\n" + - "dHA6Ly9zZXJ2aWNlc2NhLm9jc3AuY2VydGlnbmEuZnIwHwYDVR0jBBgwFoAUrOyG\n" + - "j0s3HLh/FxsZ0K7oTuM0XBIwCQYDVR0TBAIwADBhBgNVHSAEWjBYMAgGBmeBDAEC\n" + - "AjBMBgsqgXoBgTECBQEBATA9MDsGCCsGAQUFBwIBFi9odHRwczovL3d3dy5jZXJ0\n" + - "aWduYS5jb20vYXV0b3JpdGUtY2VydGlmaWNhdGlvbjBlBgNVHR8EXjBcMCugKaAn\n" + - "hiVodHRwOi8vY3JsLmNlcnRpZ25hLmZyL3NlcnZpY2VzY2EuY3JsMC2gK6Aphido\n" + - "dHRwOi8vY3JsLmRoaW15b3Rpcy5jb20vc2VydmljZXNjYS5jcmwwEwYDVR0lBAww\n" + - "CgYIKwYBBQUHAwEwDgYDVR0PAQH/BAQDAgWgMEwGA1UdEQRFMEOCH3Jldm9rZWQu\n" + - "c2VydmljZXNjYS5jZXJ0aWduYS5jb22CIHJldm9rZWQuc2VydmljZXNjYS5kaGlt\n" + - "eW90aXMuY29tMB0GA1UdDgQWBBTGIed1eHBS8Z1H3PdMkItpjyjq2TCCAX0GCisG\n" + - "AQQB1nkCBAIEggFtBIIBaQFnAHcArfe++nz/EMiLnT2cHj4YarRnKV3PsQwkyoWG\n" + - "NOvcgooAAAF/h9g4MAAABAMASDBGAiEAp/1fQB730JrX9YGD3d1Uq7rTAL95tMKe\n" + - "G6kgUP1GEWoCIQCzi6feA3cImTH6tVZALNEmve/n8SVFAvD2AvX8ioCD9QB1AOg+\n" + - "0No+9QY1MudXKLyJa8kD08vREWvs62nhd31tBr1uAAABf4fYNHcAAAQDAEYwRAIg\n" + - "Dnd8oOV7/MuaiyR23qbdRVf1kBSsDxnLp1/vRdD0JTYCIAw7LuZalEVa/0KpuNHs\n" + - "NIdUJgV4Vioa2xkb9fdPIhtkAHUAs3N3B+GEUPhjhtYFqdwRCUp5LbFnDAuH3PAD\n" + - "Dnk2pZoAAAF/h9g7nwAABAMARjBEAiA80M1W3V3iKjm6Dwn+hKkmvGiuXZoM6o3f\n" + - "QJsZ2ZOx0QIgUiS3I83WzoCdD4qO9rlmDQhRD69CeVzCgLtkaTPz3JYwDQYJKoZI\n" + - "hvcNAQELBQADggIBADKub0gNyasTvURoYukQCllqDC+SvWA4TURBcmQMNjdVkreJ\n" + - "B3O91HZhTyhrCBJxybeIG89zuRI6rjTpHCQGFqtP7968NA3eUlxGGnAPpw6VbN47\n" + - "Ake+CRI9XnhxcKmTGm987DjtIBH42BedS59P1T56grZP5ysOog9Hz4eYo2ytbZqt\n" + - "P/DHggivymaaiIaBsqup8C7/XN3vVAa/yo1FeLJ48i1d0M9hjGBUFMajd8Y5+pE7\n" + - "p6Nb5mT1LXbetORYXMyG3MiJQPBAr1dLnRGnOZxc1Kxa1QwoAFQAFIXFpqfBwfHi\n" + - "NaSDdFS/wLbpe7UvtC8FWLq9sgITDEkPqDPCsbu8Vc7OxaMhBJ7HQGaAYMReGADG\n" + - "Elx9ffAc+dFR62zFnqMLouaEznZ7FVNmU3cYbrFVBvnGmoDRe0AKUoYv5DCiawUg\n" + - "qeQS69DgG7DOE5VIDaWX2Cevy81mz7O8EVQsyS15J/MUxzWfQpRaHUqkge6G9FSH\n" + - "hF/Nm48oWgpWop5aIF2O6bA/Bt1VvAWdypUPUr4gtpYIQoOQBzTFgBVWUeOTOImE\n" + - "avvpzSwGQfZkB7t5PcAQ+zYGxWq7fr30/qY3geePcXJCGWS6PXyj8lNn4CaJ2sMF\n" + - "GKxNJGD49/5uoxi3b3TzGUn/3eG2qP2RZoXZ6ZPLAo+moIy3XLwMoZm3Im8r\n" + + "MIIIezCCBmOgAwIBAgIRAOhj91KiOnNePM+Vir8YVlswDQYJKoZIhvcNAQELBQAw\n" + + "fTELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCURISU1ZT1RJUzEcMBoGA1UECwwTMDAw\n" + + "MiA0ODE0NjMwODEwMDAzNjEdMBsGA1UEYQwUTlRSRlItNDgxNDYzMDgxMDAwMzYx\n" + + "HTAbBgNVBAMMFENlcnRpZ25hIFNlcnZpY2VzIENBMB4XDTIzMDMwOTIzMDAwMFoX\n" + + "DTI0MDMwODIyNTk1OVowfDELMAkGA1UEBhMCRlIxGjAYBgNVBAcMEVZJTExFTkVV\n" + + "VkUgRCdBU0NRMRIwEAYDVQQKDAlESElNWU9USVMxKDAmBgNVBAMMH3Jldm9rZWQu\n" + + "c2VydmljZXNjYS5jZXJ0aWduYS5jb20xEzARBgNVBAUTClMyNjYyNTExNjgwggEi\n" + + "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCBqKNjMkHqJ9EQa3CjuZ6EYMz6\n" + + "mWODrEucRcJDihYMigaV1oRyquGlFQ82ootXaK5bU+EYSMmUwbRpdZ9G/oZUn2+K\n" + + "MKAFDI+MoZoFhQC+2w0AzJycCf/hShUVxcRREKRKdfzv+k5YHj3e8ic16tGlTFXT\n" + + "IF1x3y2Uru7mzZARsZJqnRqaqPPghT/QlBpcA04yLi3iSpgO++mRrJxTUoUHlDw/\n" + + "a1nhqnDgH2yKN7tSfwFTetnXat6/UVt0CJ/6dJF6oY8bGWO1YB03Xdq735eLdJE4\n" + + "t38pV/X8rf5Mc9ZQh8IGrjVW83M8mQmqaX5rbsOl0ZCA/q6RWxRFEF2SwK+dAgMB\n" + + "AAGjggP1MIID8TCB5AYIKwYBBQUHAQEEgdcwgdQwNgYIKwYBBQUHMAKGKmh0dHA6\n" + + "Ly9hdXRvcml0ZS5jZXJ0aWduYS5mci9zZXJ2aWNlc2NhLmRlcjA4BggrBgEFBQcw\n" + + "AoYsaHR0cDovL2F1dG9yaXRlLmRoaW15b3Rpcy5jb20vc2VydmljZXNjYS5kZXIw\n" + + "LgYIKwYBBQUHMAGGImh0dHA6Ly9zZXJ2aWNlc2NhLm9jc3AuY2VydGlnbmEuZnIw\n" + + "MAYIKwYBBQUHMAGGJGh0dHA6Ly9zZXJ2aWNlc2NhLm9jc3AuZGhpbXlvdGlzLmNv\n" + + "bTAfBgNVHSMEGDAWgBSs7IaPSzccuH8XGxnQruhO4zRcEjAJBgNVHRMEAjAAMGEG\n" + + "A1UdIARaMFgwCAYGZ4EMAQICMEwGCyqBegGBMQIFAQEBMD0wOwYIKwYBBQUHAgEW\n" + + "L2h0dHBzOi8vd3d3LmNlcnRpZ25hLmNvbS9hdXRvcml0ZS1jZXJ0aWZpY2F0aW9u\n" + + "MGUGA1UdHwReMFwwLaAroCmGJ2h0dHA6Ly9jcmwuZGhpbXlvdGlzLmNvbS9zZXJ2\n" + + "aWNlc2NhLmNybDAroCmgJ4YlaHR0cDovL2NybC5jZXJ0aWduYS5mci9zZXJ2aWNl\n" + + "c2NhLmNybDATBgNVHSUEDDAKBggrBgEFBQcDATAOBgNVHQ8BAf8EBAMCBaAwTAYD\n" + + "VR0RBEUwQ4IgcmV2b2tlZC5zZXJ2aWNlc2NhLmRoaW15b3Rpcy5jb22CH3Jldm9r\n" + + "ZWQuc2VydmljZXNjYS5jZXJ0aWduYS5jb20wHQYDVR0OBBYEFEQsKyX8x8zVxVC2\n" + + "HEK7+bOBLoMkMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdgDuzdBk1dsazsVc\n" + + "t520zROiModGfLzs3sNRSFlGcR+1mwAAAYbLTxPnAAAEAwBHMEUCIQD16IHX+8+4\n" + + "zWnxIME4rzCgQIA4m5OsEqP6ssgRG5iurwIgdBOGFGlF6+DGPSm5FKuk5ShAA8ZC\n" + + "AE+E27CKLkBTnfgAdgB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAA\n" + + "AYbLTxRMAAAEAwBHMEUCIDmW9elysDm3zAeIXsgJwmL33EoMTyVhA3ah2jkvMjzv\n" + + "AiEA6aIZXtwk2DnFt+GA6gLr4UgswUCuK4wxheDVwbpSw/4AdgA7U3d1Pi25gE6L\n" + + "MFsG/kA7Z9hPw/THvQANLXJv4frUFwAAAYbLTxXAAAAEAwBHMEUCIQDGuOg7koEE\n" + + "H9K4VkSHaDD9rAndys2BtswdspfRKUFR3QIgVZ7QUX3H56ECuI8wsAkSjBze4lBO\n" + + "RgfN2xh3l9xQOK0wDQYJKoZIhvcNAQELBQADggIBAFQTTtyQSoV4Zq3QYMnb0yEp\n" + + "u6Hwic/wpYN5L0km+zZoHWuf58vfj8Yg/sfKmftGSZHDdc3NfYSVBlT/0Hl4SDhi\n" + + "zHLLyapoX2GNhbg3esu0Y1fch8E16z2A/wAwrFvxI0XrjHpOyDp4CBDYqDADNPiL\n" + + "vlEkiwP6r7WHjUdWRb7W0t75uAkcajn46XKpFmaHHie5KBch+KDGsUionuH5ZW8Y\n" + + "klh2B34uLWcGZuIR7PeCO9+91mbn/bBNeabGC70qMStaB139lp9P2M+l2WpyREUK\n" + + "l7qHwTsrlMmNb8n44zGtY4wL9NSYWTdTfhcU0FAPdPcLlnjoQubJ1O0vPkzfVYns\n" + + "WQrslxoCBor6CL6AYMQz3jbzQ0soD3Reb11+uTngWGJZtx4DT09RFB3a+1rcYjiS\n" + + "ijCBB+Lqx0xfLQnfBv1A0wjNqUY+gyEe0SpXqB4edqy5uaqawRRKMuNSnb2BVz0/\n" + + "keo1Kif/GSak+JUBpJ8hkJWygtrWCETUNfoseQhqo3gism0EGxJ04tBp+DRvfbrz\n" + + "X4aBgALRro3jSIR1Ibp+e0fxePwShy715SF2H4SfjvplTAKq5bwztZtQUkPR6fJ7\n" + + "5xT0f762c1yytKP1rHFMvzl6k7QWvC6zb2FeG5UqXJw3wFxxWsCuAUu5SPFfXdno\n" + + "5lIHTTV5rpZBN+PzTZsz\n" + "-----END CERTIFICATE-----"; public static void main(String[] args) throws Exception { + // Added to test for JDK-8256895 + System.setProperty("jdk.security.certpath.ocspNonce", "true"); + + // OCSP check by default + boolean ocspEnabled = args.length < 1 || !"CRL".equalsIgnoreCase(args[0]); + ValidatePathWithParams pathValidator; String[] validChainToValidate; String[] revChainToValidate; - if (args.length >= 1 && "CRL".equalsIgnoreCase(args[0])) { + if (!ocspEnabled) { pathValidator = new ValidatePathWithParams(null); pathValidator.enableCRLCheck(); - validChainToValidate = new String[]{VALID, INT}; - revChainToValidate = new String[]{REVOKED, INT}; + validChainToValidate = new String[]{VALID, INT_CERTIGNA}; + revChainToValidate = new String[]{REVOKED, INT_CERTIGNA}; } else { - // OCSP check by default // int certificate doesn't specify OCSP responder - pathValidator = new ValidatePathWithParams(new String[]{INT}); + pathValidator = new ValidatePathWithParams(new String[]{INT_CERTIGNA}); pathValidator.enableOCSPCheck(); validChainToValidate = new String[]{VALID}; @@ -221,7 +215,6 @@ public static void main(String[] args) throws Exception { // Validate Revoked pathValidator.validate(revChainToValidate, ValidatePathWithParams.Status.REVOKED, - "Mon Mar 14 03:00:16 PDT 2022", System.out); + "Fri Mar 10 03:39:51 PST 2023", System.out); } } - diff --git a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/ComodoCA.java b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/ComodoCA.java deleted file mode 100644 index 73d7171b906..00000000000 --- a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/ComodoCA.java +++ /dev/null @@ -1,643 +0,0 @@ -/* - * Copyright (c) 2017, 2021, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - - /* - * @test - * @bug 8189131 8231887 - * @summary Interoperability tests with Comodo RSA, ECC, userTrust RSA, and - * userTrust ECC CAs - * @build ValidatePathWithParams - * @run main/othervm -Djava.security.debug=certpath ComodoCA OCSP - * @run main/othervm -Djava.security.debug=certpath ComodoCA CRL - */ - - /* - * Obtain TLS test artifacts for Comodo CAs from: - * - * Valid TLS Certificates: - * https://comodorsacertificationauthority-ev.comodoca.com - * https://comodoecccertificationauthority-ev.comodoca.com - * https://usertrustrsacertificationauthority-ev.comodoca.com - * https://usertrustecccertificationauthority-ev.comodoca.com - * - * Revoked TLS Certificates: - * https://comodorsacertificationauthority-ev.comodoca.com:444 - * https://comodoecccertificationauthority-ev.comodoca.com:444 - * https://usertrustrsacertificationauthority-ev.comodoca.com:444 - * https://usertrustecccertificationauthority-ev.comodoca.com:444 - */ -public class ComodoCA { - - public static void main(String[] args) throws Exception { - - ValidatePathWithParams pathValidator = new ValidatePathWithParams(null); - - if (args.length >= 1 && "CRL".equalsIgnoreCase(args[0])) { - pathValidator.enableCRLCheck(); - } else { - // OCSP check by default - pathValidator.enableOCSPCheck(); - } - - new ComodoRSA().runTest(pathValidator); - new ComodoECC().runTest(pathValidator); - new ComodoUserTrustRSA().runTest(pathValidator); - new ComodoUserTrustECC().runTest(pathValidator); - } -} - -class ComodoRSA { - - // Owner: CN=COMODO RSA Extended Validation Secure Server CA, - // O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB - // Issuer: CN=COMODO RSA Certification Authority, O=COMODO CA Limited, - // L=Salford, ST=Greater Manchester, C=GB - // Serial number: 6a74380d4ebfed435b5a3f7e16abdd8 - // Valid from: Sat Feb 11 16:00:00 PST 2012 until: Thu Feb 11 15:59:59 PST 2027 - private static final String INT = "-----BEGIN CERTIFICATE-----\n" - + "MIIGDjCCA/agAwIBAgIQBqdDgNTr/tQ1taP34Wq92DANBgkqhkiG9w0BAQwFADCB\n" - + "hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G\n" - + "A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV\n" - + "BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTIwMjEy\n" - + "MDAwMDAwWhcNMjcwMjExMjM1OTU5WjCBkjELMAkGA1UEBhMCR0IxGzAZBgNVBAgT\n" - + "EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR\n" - + "Q09NT0RPIENBIExpbWl0ZWQxODA2BgNVBAMTL0NPTU9ETyBSU0EgRXh0ZW5kZWQg\n" - + "VmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMIIBIjANBgkqhkiG9w0BAQEFAAOC\n" - + "AQ8AMIIBCgKCAQEAlVbeVLTf1QJJe9FbXKKyHo+cK2JMK40SKPMalaPGEP0p3uGf\n" - + "CzhAk9HvbpUQ/OGQF3cs7nU+e2PsYZJuTzurgElr3wDqAwB/L3XVKC/sVmePgIOj\n" - + "vdwDmZOLlJFWW6G4ajo/Br0OksxgnP214J9mMF/b5pTwlWqvyIqvgNnmiDkBfBzA\n" - + "xSr3e5Wg8narbZtyOTDr0VdVAZ1YEZ18bYSPSeidCfw8/QpKdhQhXBZzQCMZdMO6\n" - + "WAqmli7eNuWf0MLw4eDBYuPCGEUZUaoXHugjddTI0JYT/8ck0YwLJ66eetw6YWNg\n" - + "iJctXQUL5Tvrrs46R3N2qPos3cCHF+msMJn4HwIDAQABo4IBaTCCAWUwHwYDVR0j\n" - + "BBgwFoAUu69+Aj36pvE8hI6t7jiY7NkyMtQwHQYDVR0OBBYEFDna/8ooFIqodBMI\n" - + "ueQOqdL6fp1pMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMD4G\n" - + "A1UdIAQ3MDUwMwYEVR0gADArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5j\n" - + "b21vZG8uY29tL0NQUzBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmNvbW9k\n" - + "b2NhLmNvbS9DT01PRE9SU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggr\n" - + "BgEFBQcBAQRlMGMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9jcnQuY29tb2RvY2EuY29t\n" - + "L0NPTU9ET1JTQUFkZFRydXN0Q0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2Nz\n" - + "cC5jb21vZG9jYS5jb20wDQYJKoZIhvcNAQEMBQADggIBAERCnUFRK0iIXZebeV4R\n" - + "AUpSGXtBLMeJPNBy3IX6WK/VJeQT+FhlZ58N/1eLqYVeyqZLsKeyLeCMIs37/3mk\n" - + "jCuN/gI9JN6pXV/kD0fQ22YlPodHDK4ixVAihNftSlka9pOlk7DgG4HyVsTIEFPk\n" - + "1Hax0VtpS3ey4E/EhOfUoFDuPPpE/NBXueEoU/1Tzdy5H3pAvTA/2GzS8+cHnx8i\n" - + "teoiccsq8FZ8/qyo0QYPFBRSTP5kKwxpKrgNUG4+BAe/eiCL+O5lCeHHSQgyPQ0o\n" - + "fkkdt0rvAucNgBfIXOBhYsvss2B5JdoaZXOcOBCgJjqwyBZ9kzEi7nQLiMBciUEA\n" - + "KKlHMd99SUWa9eanRRrSjhMQ34Ovmw2tfn6dNVA0BM7pINae253UqNpktNEvWS5e\n" - + "ojZh1CSggjMziqHRbO9haKPl0latxf1eYusVqHQSTC8xjOnB3xBLAer2VBvNfzu9\n" - + "XJ/B288ByvK6YBIhMe2pZLiySVgXbVrXzYxtvp5/4gJYp9vDLVj2dAZqmvZh+fYA\n" - + "tmnYOosxWd2R5nwnI4fdAw+PKowegwFOAWEMUnNt/AiiuSpm5HZNMaBWm9lTjaK2\n" - + "jwLI5jqmBNFI+8NKAnb9L9K8E7bobTQk+p0pisehKxTxlgBzuRPpwLk6R1YCcYAn\n" - + "pLwltum95OmYdBbxN4SBB7SC\n" - + "-----END CERTIFICATE-----"; - - // Owner: CN=comodorsacertificationauthority-ev.comodoca.com, - // O=Sectigo Limited, STREET="3rd Floor, 26 Office Village", STREET=Exchange Quay, STREET=Trafford Road, - // L=Salford, ST=Manchester, OID.2.5.4.17=M5 3EQ, C=GB, OID.2.5.4.15=Private Organization, - // OID.1.3.6.1.4.1.311.60.2.1.3=GB, SERIALNUMBER=04058690 - // Issuer: CN=COMODO RSA Extended Validation Secure Server CA, O=COMODO CA Limited, L=Salford, - // ST=Greater Manchester, C=GB - // Serial number: 9eb246629030e0b527ca2f93e5ebf25a - // Valid from: Mon Mar 01 16:00:00 PST 2021 until: Sat Apr 02 16:59:59 PDT 2022 - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIHSzCCBjOgAwIBAgIRAJ6yRmKQMOC1J8ovk+Xr8lowDQYJKoZIhvcNAQELBQAw\n" + - "gZIxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO\n" + - "BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTgwNgYD\n" + - "VQQDEy9DT01PRE8gUlNBIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZl\n" + - "ciBDQTAeFw0yMTAzMDIwMDAwMDBaFw0yMjA0MDIyMzU5NTlaMIIBNzERMA8GA1UE\n" + - "BRMIMDQwNTg2OTAxEzARBgsrBgEEAYI3PAIBAxMCR0IxHTAbBgNVBA8TFFByaXZh\n" + - "dGUgT3JnYW5pemF0aW9uMQswCQYDVQQGEwJHQjEPMA0GA1UEERMGTTUgM0VRMRMw\n" + - "EQYDVQQIEwpNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRYwFAYDVQQJEw1U\n" + - "cmFmZm9yZCBSb2FkMRYwFAYDVQQJEw1FeGNoYW5nZSBRdWF5MSUwIwYDVQQJExwz\n" + - "cmQgRmxvb3IsIDI2IE9mZmljZSBWaWxsYWdlMRgwFgYDVQQKEw9TZWN0aWdvIExp\n" + - "bWl0ZWQxODA2BgNVBAMTL2NvbW9kb3JzYWNlcnRpZmljYXRpb25hdXRob3JpdHkt\n" + - "ZXYuY29tb2RvY2EuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA\n" + - "0P95lAFOOkEOy614rCX7OlOK0Xy0nPAcCFxAcLYBosX8YmXWuePHg596UyEqE3U5\n" + - "30pTqiccY53bDiYPgSJgr1OlfC7BPLN+QKaeSrFmNgrcoAk3TXejgv7zLXOwZVS6\n" + - "Wk38Z8xrFNvhd2Z5J6RM/3U+HDfF7OKMGrexr77Ws7lEFpPUgd4eEe+IL1Y2sbwI\n" + - "iD+PkzIL2LjctkeJFcsRHUvNP8wIhGyIbkARuJhdXkE13lKKIe0EnWrRkkf4DEvY\n" + - "RFpPjVUKmluhnBOGYkYaiTL0VaOnrPxToSfHR8Awkhk0TNbosAkUo8TKcRTTTiMU\n" + - "UIS6Y9SqoILiiDG6WmFjzQIDAQABo4IC8jCCAu4wHwYDVR0jBBgwFoAUOdr/yigU\n" + - "iqh0Ewi55A6p0vp+nWkwHQYDVR0OBBYEFD5LhmEivA6h4az0EFPi5erz1TH+MA4G\n" + - "A1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMB\n" + - "BggrBgEFBQcDAjBJBgNVHSAEQjBAMDUGDCsGAQQBsjEBAgEFATAlMCMGCCsGAQUF\n" + - "BwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAHBgVngQwBATBWBgNVHR8ETzBN\n" + - "MEugSaBHhkVodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9SU0FFeHRlbmRl\n" + - "ZFZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcmwwgYcGCCsGAQUFBwEBBHsweTBR\n" + - "BggrBgEFBQcwAoZFaHR0cDovL2NydC5jb21vZG9jYS5jb20vQ09NT0RPUlNBRXh0\n" + - "ZW5kZWRWYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCQGCCsGAQUFBzABhhho\n" + - "dHRwOi8vb2NzcC5jb21vZG9jYS5jb20wOgYDVR0RBDMwMYIvY29tb2RvcnNhY2Vy\n" + - "dGlmaWNhdGlvbmF1dGhvcml0eS1ldi5jb21vZG9jYS5jb20wggEEBgorBgEEAdZ5\n" + - "AgQCBIH1BIHyAPAAdgBGpVXrdfqRIDC1oolp9PN9ESxBdL79SbiFq/L8cP5tRwAA\n" + - "AXfyqEfyAAAEAwBHMEUCIQDJbHPgbqK21/Nugwl5mgMO81YQSHOm4VcQ8UvOJjnN\n" + - "JQIgWw9fortwJBtv2Mts6xJYr5D6itPpEYP8uegURneBwRsAdgBvU3asMfAxGdiZ\n" + - "AKRRFf93FRwR2QLBACkGjbIImjfZEwAAAXfyqEjyAAAEAwBHMEUCIDifAsuw37D4\n" + - "beHZ9Ed5/Pab0Eg6Cobrh4jv3bjfA6KIAiEAmiA/XD+AccfI85c+C2zH9wNIs+Zm\n" + - "/V/uo/sv0i9eCAYwDQYJKoZIhvcNAQELBQADggEBADRFnOFgb3mzCUpXxiU5/mM5\n" + - "ECRj3NzXKXjcYlSMhVcWA7Eqa5rhJuh11vbPoDQzQcGxntS/zhRwJFRF3hnyFa3m\n" + - "4t+7ZnUaJN+GOMTABh4kYiOSpE9id12URdJzWv2IHg4CU3OLnsBHGh7H9eWfbPvn\n" + - "OW4owV1ChpiEHh40i/NQkTn9JzjlZepI9+EsSdhn2tpis7tko6PX/plgw8bRgm7f\n" + - "ong2QaX/DE6z4VIdomW8TQhB9turhKxwjzPTbtYDQIgZfRP/H1S5jYutqbE5yL5B\n" + - "r+VOiSuB8234P4xWg1IBL2EFbxPdgOSMTWRJutUcj44kJKmwp5GUQtySSccw4gk=\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=comodorsacertificationauthority-ev.comodoca.com, OU=COMODO EV SGC SSL, - // O=Sectigo Limited, STREET="3rd Floor, 26 Office Village", STREET=Exchange Quay, STREET=Trafford Road, - // L=Salford, OID.2.5.4.17=M5 3EQ, C=GB, OID.2.5.4.15=Private Organization, - // OID.1.3.6.1.4.1.311.60.2.1.3=GB, SERIALNUMBER=04058690 - // Issuer: CN=COMODO RSA Extended Validation Secure Server CA, O=COMODO CA Limited, L=Salford, - // ST=Greater Manchester, C=GB - // Serial number: a0c7cabcc25ed9358ded02cc1d485545 - // Valid from: Sun Sep 29 17:00:00 PDT 2019 until: Tue Dec 28 15:59:59 PST 2021 - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIH0TCCBrmgAwIBAgIRAKDHyrzCXtk1je0CzB1IVUUwDQYJKoZIhvcNAQELBQAw\n" + - "gZIxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO\n" + - "BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTgwNgYD\n" + - "VQQDEy9DT01PRE8gUlNBIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZl\n" + - "ciBDQTAeFw0xOTA5MzAwMDAwMDBaFw0yMTEyMjgyMzU5NTlaMIIBPjERMA8GA1UE\n" + - "BRMIMDQwNTg2OTAxEzARBgsrBgEEAYI3PAIBAxMCR0IxHTAbBgNVBA8TFFByaXZh\n" + - "dGUgT3JnYW5pemF0aW9uMQswCQYDVQQGEwJHQjEPMA0GA1UEERMGTTUgM0VRMRAw\n" + - "DgYDVQQHEwdTYWxmb3JkMRYwFAYDVQQJEw1UcmFmZm9yZCBSb2FkMRYwFAYDVQQJ\n" + - "Ew1FeGNoYW5nZSBRdWF5MSUwIwYDVQQJExwzcmQgRmxvb3IsIDI2IE9mZmljZSBW\n" + - "aWxsYWdlMRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0ZWQxGjAYBgNVBAsTEUNPTU9E\n" + - "TyBFViBTR0MgU1NMMTgwNgYDVQQDEy9jb21vZG9yc2FjZXJ0aWZpY2F0aW9uYXV0\n" + - "aG9yaXR5LWV2LmNvbW9kb2NhLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC\n" + - "AQoCggEBAND/eZQBTjpBDsuteKwl+zpTitF8tJzwHAhcQHC2AaLF/GJl1rnjx4Of\n" + - "elMhKhN1Od9KU6onHGOd2w4mD4EiYK9TpXwuwTyzfkCmnkqxZjYK3KAJN013o4L+\n" + - "8y1zsGVUulpN/GfMaxTb4XdmeSekTP91Phw3xezijBq3sa++1rO5RBaT1IHeHhHv\n" + - "iC9WNrG8CIg/j5MyC9i43LZHiRXLER1LzT/MCIRsiG5AEbiYXV5BNd5SiiHtBJ1q\n" + - "0ZJH+AxL2ERaT41VCppboZwThmJGGoky9FWjp6z8U6Enx0fAMJIZNEzW6LAJFKPE\n" + - "ynEU004jFFCEumPUqqCC4ogxulphY80CAwEAAaOCA3EwggNtMB8GA1UdIwQYMBaA\n" + - "FDna/8ooFIqodBMIueQOqdL6fp1pMB0GA1UdDgQWBBQ+S4ZhIrwOoeGs9BBT4uXq\n" + - "89Ux/jAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggr\n" + - "BgEFBQcDAQYIKwYBBQUHAwIwTwYDVR0gBEgwRjA7BgwrBgEEAbIxAQIBBQEwKzAp\n" + - "BggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNvbS9DUFMwBwYFZ4EM\n" + - "AQEwVgYDVR0fBE8wTTBLoEmgR4ZFaHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09N\n" + - "T0RPUlNBRXh0ZW5kZWRWYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGHBggr\n" + - "BgEFBQcBAQR7MHkwUQYIKwYBBQUHMAKGRWh0dHA6Ly9jcnQuY29tb2RvY2EuY29t\n" + - "L0NPTU9ET1JTQUV4dGVuZGVkVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAk\n" + - "BggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMDoGA1UdEQQzMDGC\n" + - "L2NvbW9kb3JzYWNlcnRpZmljYXRpb25hdXRob3JpdHktZXYuY29tb2RvY2EuY29t\n" + - "MIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdQDuS723dc5guuFCaR+r4Z5mow9+\n" + - "X7By2IMAxHuJeqj9ywAAAW2DAXefAAAEAwBGMEQCIDqP1einOiPHnaG1fOZMDrEc\n" + - "RAxjq3vEl94fp4pkmke7AiBsJOvPE6irgcOO1/lnP7NRuln7iPJjU7T20PEK5/rm\n" + - "KwB2AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABbYMBd0kAAAQD\n" + - "AEcwRQIhALgUI5XxM1NHbJDdr19h2pe3LhzK4tpuB/OQ9BgCyrGXAiBdr6mNCB/G\n" + - "rbdVx0u7iezwC7mq7iaWugR3rrWlSA8fWQB2ALvZ37wfinG1k5Qjl6qSe0c4V5UK\n" + - "q1LoGpCWZDaOHtGFAAABbYMBd1oAAAQDAEcwRQIgXbG32dagMeLhuZb+LSpJO1vI\n" + - "BmxmRnNdiz5FbG9cCbwCIQCr1X9f+ebT5fhlDUNBURUorTtM8QQciBiueBqvHk7+\n" + - "1DANBgkqhkiG9w0BAQsFAAOCAQEAM/A/1dgoc5NP1n+w3SX9qWcN7QT7ExdrnZSl\n" + - "Ygn0PF2fx4gz7cvNKucbpQJNA4C9awGydyYK8/o5KDUXt3K7eb1OAZ/NZBjygsJs\n" + - "ikXvxlBh8oEoqBOfOtr24l0NGUWnP8Qeu/VPcIMER4V8qX+in0pCXkSd67nkp6Bs\n" + - "EcqhDPgmzdSC1gQHsZuBdotG14OfdH1cG1bRK6GadISLG1h8BFukVem42B149v8F\n" + - "MCIUQAYprAVv2WlTZKBx9XzuK6IK3+klHZ07Jfvjvt7PPG5HKSMWBMnMaTHKcyQI\n" + - "G3t91yw7BnNNInZlBSsFtqjbHhDcr7uruZdbi0rerSsi2qDr0w==\n" + - "-----END CERTIFICATE-----"; - - public void runTest(ValidatePathWithParams pathValidator) throws Exception { - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, - "Tue Mar 02 02:51:39 PST 2021", System.out); - } -} - -class ComodoECC { - - // Owner: CN=COMODO ECC Extended Validation Secure Server CA, - // O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB - // Issuer: CN=COMODO ECC Certification Authority, O=COMODO CA Limited, - // L=Salford, ST=Greater Manchester, C=GB - // Serial number: 61d4643b412b5d8d715499d8553aa03 - // Valid from: Sun Apr 14 17:00:00 PDT 2013 until: Fri Apr 14 16:59:59 PDT 2028 - private static final String INT = "-----BEGIN CERTIFICATE-----\n" - + "MIIDojCCAyigAwIBAgIQBh1GQ7QStdjXFUmdhVOqAzAKBggqhkjOPQQDAzCBhTEL\n" - + "MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE\n" - + "BxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMT\n" - + "IkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTMwNDE1MDAw\n" - + "MDAwWhcNMjgwNDE0MjM1OTU5WjCBkjELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdy\n" - + "ZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09N\n" - + "T0RPIENBIExpbWl0ZWQxODA2BgNVBAMTL0NPTU9ETyBFQ0MgRXh0ZW5kZWQgVmFs\n" - + "aWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD\n" - + "QgAEV3AaPyeTQy0aWXXkBJMR42DsJ5pnbliJe7ndaHzCDslVlY8ofpxeFiqluZrK\n" - + "KNcJeBU/Jl1YI9jLMyMZKsfSoaOCAWkwggFlMB8GA1UdIwQYMBaAFHVxpxlIGbyd\n" - + "nepBR9+UxEh3mdN5MB0GA1UdDgQWBBTTTsMZulhZ0Rxgt2FTRzund4/4ijAOBgNV\n" - + "HQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADA+BgNVHSAENzA1MDMGBFUd\n" - + "IAAwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNvbS9DUFMw\n" - + "TAYDVR0fBEUwQzBBoD+gPYY7aHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09NT0RP\n" - + "RUNDQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwcQYIKwYBBQUHAQEEZTBjMDsG\n" - + "CCsGAQUFBzAChi9odHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9FQ0NBZGRU\n" - + "cnVzdENBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29t\n" - + "MAoGCCqGSM49BAMDA2gAMGUCMQDmPWS98nREWdt4xB83r9MVvgG5INpKHi6V1dUY\n" - + "lCqvSvXXjK0QvZSrOB7cj9RavGgCMG2xJNG+SvlTWEYpmK7eXSgmRUgoBDeQ0yDK\n" - + "lnxmeeOBnnCaDIxAcA3aCj2Gtdt3sA==\n" - + "-----END CERTIFICATE-----"; - - // Owner: CN=comodoecccertificationauthority-ev.comodoca.com, O=Sectigo Limited, STREET="3rd Floor, - // 26 Office Village", STREET=Exchange Quay, STREET=Trafford Road, L=Salford, ST=Manchester, OID.2.5.4.17=M5 3EQ, - // C=GB, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=GB, SERIALNUMBER=04058690 - // Issuer: CN=COMODO ECC Extended Validation Secure Server CA, O=COMODO CA Limited, L=Salford, - // ST=Greater Manchester, C=GB - // Serial number: db437a31e5be29a62443e3caa1479001 - // Valid from: Mon Mar 01 16:00:00 PST 2021 until: Sat Apr 02 16:59:59 PDT 2022 - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIFvzCCBWWgAwIBAgIRANtDejHlvimmJEPjyqFHkAEwCgYIKoZIzj0EAwIwgZIx\n" + - "CzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNV\n" + - "BAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTgwNgYDVQQD\n" + - "Ey9DT01PRE8gRUNDIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBD\n" + - "QTAeFw0yMTAzMDIwMDAwMDBaFw0yMjA0MDIyMzU5NTlaMIIBNzERMA8GA1UEBRMI\n" + - "MDQwNTg2OTAxEzARBgsrBgEEAYI3PAIBAxMCR0IxHTAbBgNVBA8TFFByaXZhdGUg\n" + - "T3JnYW5pemF0aW9uMQswCQYDVQQGEwJHQjEPMA0GA1UEERMGTTUgM0VRMRMwEQYD\n" + - "VQQIEwpNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRYwFAYDVQQJEw1UcmFm\n" + - "Zm9yZCBSb2FkMRYwFAYDVQQJEw1FeGNoYW5nZSBRdWF5MSUwIwYDVQQJExwzcmQg\n" + - "Rmxvb3IsIDI2IE9mZmljZSBWaWxsYWdlMRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0\n" + - "ZWQxODA2BgNVBAMTL2NvbW9kb2VjY2NlcnRpZmljYXRpb25hdXRob3JpdHktZXYu\n" + - "Y29tb2RvY2EuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEt26qBS7TRu/y\n" + - "fR+RiqLAzW2C+UspFZlORc4EhLfNYMgFkoZKjEnwJzudH6a+uRPqPOhPgUd6PFfR\n" + - "QFOcLjmhgaOCAvIwggLuMB8GA1UdIwQYMBaAFNNOwxm6WFnRHGC3YVNHO6d3j/iK\n" + - "MB0GA1UdDgQWBBTpZ0tzKscFw6Z3vCEDFzGR5VSkVzAOBgNVHQ8BAf8EBAMCBYAw\n" + - "DAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSQYD\n" + - "VR0gBEIwQDA1BgwrBgEEAbIxAQIBBQEwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9z\n" + - "ZWN0aWdvLmNvbS9DUFMwBwYFZ4EMAQEwVgYDVR0fBE8wTTBLoEmgR4ZFaHR0cDov\n" + - "L2NybC5jb21vZG9jYS5jb20vQ09NT0RPRUNDRXh0ZW5kZWRWYWxpZGF0aW9uU2Vj\n" + - "dXJlU2VydmVyQ0EuY3JsMIGHBggrBgEFBQcBAQR7MHkwUQYIKwYBBQUHMAKGRWh0\n" + - "dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET0VDQ0V4dGVuZGVkVmFsaWRhdGlv\n" + - "blNlY3VyZVNlcnZlckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29t\n" + - "b2RvY2EuY29tMDoGA1UdEQQzMDGCL2NvbW9kb2VjY2NlcnRpZmljYXRpb25hdXRo\n" + - "b3JpdHktZXYuY29tb2RvY2EuY29tMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYA\n" + - "RqVV63X6kSAwtaKJafTzfREsQXS+/Um4havy/HD+bUcAAAF38qtH4AAABAMARzBF\n" + - "AiBsKoB1TTfoUYUNqF160/vlOENHyK1zzARcnfGKYURHTwIhANKYWg1CO7jyCPk+\n" + - "IrrLaR+461snNK4LJZXJm4o/9GeeAHYAb1N2rDHwMRnYmQCkURX/dxUcEdkCwQAp\n" + - "Bo2yCJo32RMAAAF38qtJIAAABAMARzBFAiEA1hgxkYZb5Tc9+vQsDnsfXVewClN2\n" + - "7gzwd4hZdqAsOSYCID9CWcBvkKrL44mfe9ky1Z6BnAWHUBMCxTjt8MO/IMZ8MAoG\n" + - "CCqGSM49BAMCA0gAMEUCIBa3sfOiVb0q4LcXU9umKjzVw3Ib8VdiPTtXSnyl0oLb\n" + - "AiEAnpRB53UtLAF7xw98ELmK/LEk1b5KSlqoO8sFHgwQ8vI=\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=comodoecccertificationauthority-ev.comodoca.com, OU=COMODO EV SSL, O=Sectigo Limited, - // STREET="3rd Floor, 26 Office Village", STREET=Exchange Quay, STREET=Trafford Road, L=Salford, OID.2.5.4.17=M5 3EQ, - // C=GB, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=GB, SERIALNUMBER=04058690 - // Issuer: CN=COMODO ECC Extended Validation Secure Server CA, O=COMODO CA Limited, L=Salford, - // ST=Greater Manchester, C=GB - // Serial number: 7972d9d8472a2d52ad1ee6edfb16cbe1 - // Valid from: Sun Sep 29 17:00:00 PDT 2019 until: Tue Dec 28 15:59:59 PST 2021 - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIGPzCCBeWgAwIBAgIQeXLZ2EcqLVKtHubt+xbL4TAKBggqhkjOPQQDAjCBkjEL\n" + - "MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE\n" + - "BxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxODA2BgNVBAMT\n" + - "L0NPTU9ETyBFQ0MgRXh0ZW5kZWQgVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENB\n" + - "MB4XDTE5MDkzMDAwMDAwMFoXDTIxMTIyODIzNTk1OVowggE6MREwDwYDVQQFEwgw\n" + - "NDA1ODY5MDETMBEGCysGAQQBgjc8AgEDEwJHQjEdMBsGA1UEDxMUUHJpdmF0ZSBP\n" + - "cmdhbml6YXRpb24xCzAJBgNVBAYTAkdCMQ8wDQYDVQQREwZNNSAzRVExEDAOBgNV\n" + - "BAcTB1NhbGZvcmQxFjAUBgNVBAkTDVRyYWZmb3JkIFJvYWQxFjAUBgNVBAkTDUV4\n" + - "Y2hhbmdlIFF1YXkxJTAjBgNVBAkTHDNyZCBGbG9vciwgMjYgT2ZmaWNlIFZpbGxh\n" + - "Z2UxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDEWMBQGA1UECxMNQ09NT0RPIEVW\n" + - "IFNTTDE4MDYGA1UEAxMvY29tb2RvZWNjY2VydGlmaWNhdGlvbmF1dGhvcml0eS1l\n" + - "di5jb21vZG9jYS5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAS3bqoFLtNG\n" + - "7/J9H5GKosDNbYL5SykVmU5FzgSEt81gyAWShkqMSfAnO50fpr65E+o86E+BR3o8\n" + - "V9FAU5wuOaGBo4IDcDCCA2wwHwYDVR0jBBgwFoAU007DGbpYWdEcYLdhU0c7p3eP\n" + - "+IowHQYDVR0OBBYEFOlnS3MqxwXDpne8IQMXMZHlVKRXMA4GA1UdDwEB/wQEAwIF\n" + - "gDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBP\n" + - "BgNVHSAESDBGMDsGDCsGAQQBsjEBAgEFATArMCkGCCsGAQUFBwIBFh1odHRwczov\n" + - "L3NlY3VyZS5jb21vZG8uY29tL0NQUzAHBgVngQwBATBWBgNVHR8ETzBNMEugSaBH\n" + - "hkVodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9FQ0NFeHRlbmRlZFZhbGlk\n" + - "YXRpb25TZWN1cmVTZXJ2ZXJDQS5jcmwwgYcGCCsGAQUFBwEBBHsweTBRBggrBgEF\n" + - "BQcwAoZFaHR0cDovL2NydC5jb21vZG9jYS5jb20vQ09NT0RPRUNDRXh0ZW5kZWRW\n" + - "YWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8v\n" + - "b2NzcC5jb21vZG9jYS5jb20wOgYDVR0RBDMwMYIvY29tb2RvZWNjY2VydGlmaWNh\n" + - "dGlvbmF1dGhvcml0eS1ldi5jb21vZG9jYS5jb20wggF8BgorBgEEAdZ5AgQCBIIB\n" + - "bASCAWgBZgB1AO5Lvbd1zmC64UJpH6vhnmajD35fsHLYgwDEe4l6qP3LAAABbYME\n" + - "EzgAAAQDAEYwRAIgbdo71lBleuJiq+D0ZLp51oVUyWD9EyrtgBSCNwIW4cMCIAqg\n" + - "0VFTWHEmAVjaV23fGj3Ybu3mpSiHr6viGlgA2lYaAHUAVYHUwhaQNgFK6gubVzxT\n" + - "8MDkOHhwJQgXL6OqHQcT0wwAAAFtgwQTKAAABAMARjBEAiBb/gW1RU7kgFBiNpHx\n" + - "LStujKIocyENUTXsMbsac+LktwIgXbEr8vOOCEdBdXQ2F/FKec8ft6gz57mHNmwl\n" + - "pp7phbQAdgC72d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAW2DBBM6\n" + - "AAAEAwBHMEUCIQDjKN3h86ofR94+JxLFoYuoA+DRtxEY8XGg+NQXlZfUrgIgEoO2\n" + - "ZzKbGfohdwj/WtDwJDRX5pjXF4M0nECiwtYXDIwwCgYIKoZIzj0EAwIDSAAwRQIg\n" + - "AkIRVQBwrElFjrnqk5XPvnlnwkIm1A70ayqOf1FexoQCIQC8tBTn//RCfrhcgTjd\n" + - "ER4wRjFfFoc6lC68OHGVg9CZZg==\n" + - "-----END CERTIFICATE-----"; - - public void runTest(ValidatePathWithParams pathValidator) throws Exception { - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, - "Tue Mar 02 02:53:40 PST 2021", System.out); - } -} - -class ComodoUserTrustRSA { - - // Owner: CN=Sectigo RSA Extended Validation Secure Server CA, O=Sectigo Limited, L=Salford, - // ST=Greater Manchester, C=GB - // Issuer: CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US - // Serial number: 284e39c14b386d889c7299e58cd05a57 - // Valid from: Thu Nov 01 17:00:00 PDT 2018 until: Tue Dec 31 15:59:59 PST 2030 - private static final String INT = "-----BEGIN CERTIFICATE-----\n" + - "MIIGNDCCBBygAwIBAgIQKE45wUs4bYiccpnljNBaVzANBgkqhkiG9w0BAQwFADCB\n" + - "iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl\n" + - "cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV\n" + - "BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgx\n" + - "MTAyMDAwMDAwWhcNMzAxMjMxMjM1OTU5WjCBkTELMAkGA1UEBhMCR0IxGzAZBgNV\n" + - "BAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UE\n" + - "ChMPU2VjdGlnbyBMaW1pdGVkMTkwNwYDVQQDEzBTZWN0aWdvIFJTQSBFeHRlbmRl\n" + - "ZCBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUA\n" + - "A4IBDwAwggEKAoIBAQCaoslYBiqFev0Yc4TXPa0s9oliMcn9VaENfTUK4GVT7niB\n" + - "QXxC6Mt8kTtvyr5lU92hDQDh2WDPQsZ7oibh75t2kowT3z1S+Sy1GsUDM4NbdOde\n" + - "orcmzFm/b4bwD4G/G+pB4EX1HSfjN9eT0Hje+AGvCrd2MmnxJ+Yymv9BH9OB65jK\n" + - "rUO9Na4iHr48XWBDFvzsPCJ11Uioof6dRBVp+Lauj88Z7k2X8d606HeXn43h6acp\n" + - "LLURWyqXM0CrzedVWBzuXKuBEaqD6w/1VpLJvSU+wl3ScvXSLFp82DSRJVJONXWl\n" + - "dp9gjJioPGRByeZw11k3galbbF5gFK9xSnbDx29LAgMBAAGjggGNMIIBiTAfBgNV\n" + - "HSMEGDAWgBRTeb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQULGn/gMmHkK40\n" + - "4bTnTJOFmUDpp7IwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAw\n" + - "HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDoGA1UdIAQzMDEwLwYEVR0g\n" + - "ADAnMCUGCCsGAQUFBwIBFhlodHRwczovL2Nwcy51c2VydHJ1c3QuY29tMFAGA1Ud\n" + - "HwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RS\n" + - "U0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYI\n" + - "KwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FB\n" + - "ZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0\n" + - "LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAQ4AzPxVypLyy3IjUUmVl7FaxrHsXQq2z\n" + - "Zt2gKnHQShuA+5xpRPNndjvhHk4D08PZXUe6Im7E5knqxtyl5aYdldb+HI/7f+zd\n" + - "W/1ub2N4Vq4ZYUjcZ1ECOFK7Z2zoNicDmU+Fe/TreXPuPsDicTG/tMcWEVM558OQ\n" + - "TJkB2LK3ZhGukWM/RTMRcRdXaXOX8Lh0ylzRO1O0ObXytvOFpkkkD92HGsfS06i7\n" + - "NLDPJEeZXqzHE5Tqj7VSAj+2luwfaXaPLD8lQEVci8xmsPGOn0mXE1ZzsChEPhVq\n" + - "FYQUsbiRJRhidKauhd+G2CkRTcR5fpsuz+iStB9s5Fks9lKoXnn0hv78VYjvR78C\n" + - "Cvj5FW/ounHjWTWMb3il9S5ngbFGcelB1l/MQkR63+1ybdi2OpjNWJCftxOWUpkC\n" + - "xaRdnOnSj7GQY0NLn8Gtq9FcSZydtkVgXpouSFZkXNS/MYwbcCCcRKBbrk8ss0SI\n" + - "Xg1gTURjh9VP1OHm0OktYcUw9e90wHIDn7h0qA+bWOsZquSRzT4s2crF3ZSA3tuV\n" + - "/UJ33mjdVO8wBD8aI5y10QreSPJvZHHNDyCmoyjXvNhR+u3arXUoHWxO+MZBeXbi\n" + - "iF7Nwn/IEmQvWBW8l6D26CXIavcY1kAJcfyzHkrPbLo+fAOa/KFl3lIU+0biEVNk\n" + - "Q9zXE6hC6X4=\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=usertrustrsacertificationauthority-ev.comodoca.com, O=Sectigo Limited, STREET="3rd Floor, - // 26 Office Village", STREET=Exchange Quay, STREET=Trafford Road, L=Salford, ST=Manchester, OID.2.5.4.17=M5 3EQ, - // C=GB, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=GB, SERIALNUMBER=04058690 - // Issuer: CN=Sectigo RSA Extended Validation Secure Server CA, O=Sectigo Limited, L=Salford, - // ST=Greater Manchester, C=GB - // Serial number: 4e484426dbfed0c222b2ed152465614a - // Valid from: Mon Mar 01 16:00:00 PST 2021 until: Sat Apr 02 16:59:59 PDT 2022 - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIHTzCCBjegAwIBAgIQTkhEJtv+0MIisu0VJGVhSjANBgkqhkiG9w0BAQsFADCB\n" + - "kTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G\n" + - "A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTkwNwYDVQQD\n" + - "EzBTZWN0aWdvIFJTQSBFeHRlbmRlZCBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg\n" + - "Q0EwHhcNMjEwMzAyMDAwMDAwWhcNMjIwNDAyMjM1OTU5WjCCAToxETAPBgNVBAUT\n" + - "CDA0MDU4NjkwMRMwEQYLKwYBBAGCNzwCAQMTAkdCMR0wGwYDVQQPExRQcml2YXRl\n" + - "IE9yZ2FuaXphdGlvbjELMAkGA1UEBhMCR0IxDzANBgNVBBETBk01IDNFUTETMBEG\n" + - "A1UECBMKTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEWMBQGA1UECRMNVHJh\n" + - "ZmZvcmQgUm9hZDEWMBQGA1UECRMNRXhjaGFuZ2UgUXVheTElMCMGA1UECRMcM3Jk\n" + - "IEZsb29yLCAyNiBPZmZpY2UgVmlsbGFnZTEYMBYGA1UEChMPU2VjdGlnbyBMaW1p\n" + - "dGVkMTswOQYDVQQDEzJ1c2VydHJ1c3Ryc2FjZXJ0aWZpY2F0aW9uYXV0aG9yaXR5\n" + - "LWV2LmNvbW9kb2NhLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n" + - "AJ4f68XomMKS2uudXi7xp0fkRK4Q1pE2bamXB8PTsuyS9rhC8hD2zPr9Gs+NHAR0\n" + - "tG0GSWW1plzbpDFDEsCG+M+7fDl5cc/br8RLn75agZeKngv89y6RQUURxHq6N8hi\n" + - "lcJKHtWj9j6u1HYvu4u3lWWXQNbYnMWVqP1AVPZsGyDmKn/+Mc2ehvPdYSm/jQLr\n" + - "hH8Rudr12ZfKHTE4Xx7g5ZH0u52TEAWjuNCiXkhAYa/uUyEu3e7VlsnvxeqBENPn\n" + - "RwYhfT8mdXV6DvGrnv/NJj/tBTGE5kRbCh4HumY6I3x/XC5UeZE6rT+U6oeRgUOM\n" + - "6d7siAQVOspSqfTzR5HsBlECAwEAAaOCAvUwggLxMB8GA1UdIwQYMBaAFCxp/4DJ\n" + - "h5CuNOG050yThZlA6aeyMB0GA1UdDgQWBBR8+3Lw59S2HtjPs+KZcEJ+67fd/DAO\n" + - "BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD\n" + - "AQYIKwYBBQUHAwIwSQYDVR0gBEIwQDA1BgwrBgEEAbIxAQIBBQEwJTAjBggrBgEF\n" + - "BQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwBwYFZ4EMAQEwVgYDVR0fBE8w\n" + - "TTBLoEmgR4ZFaHR0cDovL2NybC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBRXh0ZW5k\n" + - "ZWRWYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGGBggrBgEFBQcBAQR6MHgw\n" + - "UQYIKwYBBQUHMAKGRWh0dHA6Ly9jcnQuc2VjdGlnby5jb20vU2VjdGlnb1JTQUV4\n" + - "dGVuZGVkVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAjBggrBgEFBQcwAYYX\n" + - "aHR0cDovL29jc3Auc2VjdGlnby5jb20wPQYDVR0RBDYwNIIydXNlcnRydXN0cnNh\n" + - "Y2VydGlmaWNhdGlvbmF1dGhvcml0eS1ldi5jb21vZG9jYS5jb20wggEFBgorBgEE\n" + - "AdZ5AgQCBIH2BIHzAPEAdwBGpVXrdfqRIDC1oolp9PN9ESxBdL79SbiFq/L8cP5t\n" + - "RwAAAXfyrRCwAAAEAwBIMEYCIQCeOHfnABa6cl0EHTzyMj2t2qBqORBAC16hJIIl\n" + - "Y52W4QIhAKHDk1m9lW0kmcZJWEko3eA9QKJSDLNLpdUoBPzNNc76AHYAb1N2rDHw\n" + - "MRnYmQCkURX/dxUcEdkCwQApBo2yCJo32RMAAAF38q0R6wAABAMARzBFAiEAywsh\n" + - "8Ki6fFOExwR6de0qzTmf7bJMuQcY0Ry463/9R44CIDeAcX7Z9S1vlRB9gzVomNIN\n" + - "vkcnUazq7dowPnr5rYMOMA0GCSqGSIb3DQEBCwUAA4IBAQA3a+PBgH1SBVEDpgAN\n" + - "mWaqIQzJzMRfSgvopQ6nC8iD95SfYD/rvic7aOeBLh/5aEs/CknJsg6o0qB3wz1v\n" + - "T5JXd5JldRWw3nP80jkIaYgq97RUIkjcHhuw4hTyQP6wk7XVlPVLvBo9ePWxJjmn\n" + - "whxlSyxQ5A5NdrTqZOJmu9nFr2HXpX75kGwCkUKZI050FAZZydsK3LfMBTqe1Xwi\n" + - "PKyjXDWd40LjOEg31sA43ofO8n2pySP5LG5XAsvoAyPCy3zXhx5cdtmQFLIkntus\n" + - "DCfN+n51HPUo8r4PUhQtOiRUB3K871LTdwyv4/CRXS2fIhtO1pxYNKFOw0yrUf6j\n" + - "ECgk\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=usertrustrsacertificationauthority-ev.comodoca.com, OU=COMODO EV SGC SSL, O=Sectigo Limited, - // STREET="3rd Floor, 26 Office Village", STREET=Exchange Quay, STREET=Trafford Road, L=Salford, ST=Manchester, - // OID.2.5.4.17=M5 3EQ, C=GB, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=GB, SERIALNUMBER=04058690 - // Issuer: CN=Sectigo RSA Extended Validation Secure Server CA, O=Sectigo Limited, L=Salford, - // ST=Greater Manchester, C=GB - // Serial number: b07fd164b5790c9d5d1fddff5819cdb2 - // Valid from: Sun Sep 29 17:00:00 PDT 2019 until: Tue Dec 28 15:59:59 PST 2021 - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIH5TCCBs2gAwIBAgIRALB/0WS1eQydXR/d/1gZzbIwDQYJKoZIhvcNAQELBQAw\n" + - "gZExCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO\n" + - "BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE5MDcGA1UE\n" + - "AxMwU2VjdGlnbyBSU0EgRXh0ZW5kZWQgVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVy\n" + - "IENBMB4XDTE5MDkzMDAwMDAwMFoXDTIxMTIyODIzNTk1OVowggFWMREwDwYDVQQF\n" + - "EwgwNDA1ODY5MDETMBEGCysGAQQBgjc8AgEDEwJHQjEdMBsGA1UEDxMUUHJpdmF0\n" + - "ZSBPcmdhbml6YXRpb24xCzAJBgNVBAYTAkdCMQ8wDQYDVQQREwZNNSAzRVExEzAR\n" + - "BgNVBAgTCk1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxFjAUBgNVBAkTDVRy\n" + - "YWZmb3JkIFJvYWQxFjAUBgNVBAkTDUV4Y2hhbmdlIFF1YXkxJTAjBgNVBAkTHDNy\n" + - "ZCBGbG9vciwgMjYgT2ZmaWNlIFZpbGxhZ2UxGDAWBgNVBAoTD1NlY3RpZ28gTGlt\n" + - "aXRlZDEaMBgGA1UECxMRQ09NT0RPIEVWIFNHQyBTU0wxOzA5BgNVBAMTMnVzZXJ0\n" + - "cnVzdHJzYWNlcnRpZmljYXRpb25hdXRob3JpdHktZXYuY29tb2RvY2EuY29tMIIB\n" + - "IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnh/rxeiYwpLa651eLvGnR+RE\n" + - "rhDWkTZtqZcHw9Oy7JL2uELyEPbM+v0az40cBHS0bQZJZbWmXNukMUMSwIb4z7t8\n" + - "OXlxz9uvxEufvlqBl4qeC/z3LpFBRRHEero3yGKVwkoe1aP2Pq7Udi+7i7eVZZdA\n" + - "1ticxZWo/UBU9mwbIOYqf/4xzZ6G891hKb+NAuuEfxG52vXZl8odMThfHuDlkfS7\n" + - "nZMQBaO40KJeSEBhr+5TIS7d7tWWye/F6oEQ0+dHBiF9PyZ1dXoO8aue/80mP+0F\n" + - "MYTmRFsKHge6ZjojfH9cLlR5kTqtP5Tqh5GBQ4zp3uyIBBU6ylKp9PNHkewGUQID\n" + - "AQABo4IDbjCCA2owHwYDVR0jBBgwFoAULGn/gMmHkK404bTnTJOFmUDpp7IwHQYD\n" + - "VR0OBBYEFHz7cvDn1LYe2M+z4plwQn7rt938MA4GA1UdDwEB/wQEAwIFoDAMBgNV\n" + - "HRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBJBgNVHSAE\n" + - "QjBAMDUGDCsGAQQBsjEBAgEFATAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3Rp\n" + - "Z28uY29tL0NQUzAHBgVngQwBATBWBgNVHR8ETzBNMEugSaBHhkVodHRwOi8vY3Js\n" + - "LnNlY3RpZ28uY29tL1NlY3RpZ29SU0FFeHRlbmRlZFZhbGlkYXRpb25TZWN1cmVT\n" + - "ZXJ2ZXJDQS5jcmwwgYYGCCsGAQUFBwEBBHoweDBRBggrBgEFBQcwAoZFaHR0cDov\n" + - "L2NydC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBRXh0ZW5kZWRWYWxpZGF0aW9uU2Vj\n" + - "dXJlU2VydmVyQ0EuY3J0MCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5zZWN0aWdv\n" + - "LmNvbTA9BgNVHREENjA0gjJ1c2VydHJ1c3Ryc2FjZXJ0aWZpY2F0aW9uYXV0aG9y\n" + - "aXR5LWV2LmNvbW9kb2NhLmNvbTCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHYA\n" + - "7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiDAMR7iXqo/csAAAFtgzv54wAABAMARzBF\n" + - "AiB5PmhsK3zU3XdKvyxw/wWHMmLI7apHLa1yKdjkA8H+ggIhALdUx7Tl8aeWhK6z\n" + - "lh+PHvMAdCcAJK6w9qBJGQtSrYO5AHUAVYHUwhaQNgFK6gubVzxT8MDkOHhwJQgX\n" + - "L6OqHQcT0wwAAAFtgzv5zgAABAMARjBEAiBumSwAUamibqJXTN2cf/H3mjd0T35/\n" + - "UK9w2hu9gFobxgIgSXTLndHyqFUmcmquu3It0WC1yl6YMceGixbQL1e8BQcAdwC7\n" + - "2d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAW2DO/nXAAAEAwBIMEYC\n" + - "IQDHRs10oYoXE5yq6WsiksjdQsUWZNpbSsrmz0u+KlxTVQIhAJ4rvHItKSeJLkaN\n" + - "S3YpVZnkN8tOwuxPsYeyVx/BtaNpMA0GCSqGSIb3DQEBCwUAA4IBAQAPFIsUFymo\n" + - "VTp0vntHrZpBApBQzDeriQv7Bi7tmou/Ng47RtXW3DjGdrePGSfOdl7h62k8qprU\n" + - "JeLyloDqhvmT/CG/hdwrfZ3Sv3N2xpetGcnW5S3oEi3m+/M1ls9eD+x1vybqV9Kd\n" + - "lcjuV7SYDlbvAS9w7TcygudhdW0cI8XTCvesGKohBkAlqaQ/MWYpt4WvsxHjbWgn\n" + - "5ZlIYR6A1ZFEjADifViH/5AA79lgGhAskkIWPjvRFalEVKTKtjhRK76eCfZs4Frr\n" + - "CEOpon+BeNKk+x/K/r10dSoWe0SV2uGVxTD83zkP++eREwo1hTgn8bXn7ftlnA3j\n" + - "7ml+Usz6udaD\n" + - "-----END CERTIFICATE-----"; - - public void runTest(ValidatePathWithParams pathValidator) throws Exception { - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, - "Tue Mar 02 02:55:42 PST 2021", System.out); - } -} - -class ComodoUserTrustECC { - - // Owner: CN=Sectigo ECC Extended Validation Secure Server CA, O=Sectigo Limited, L=Salford, - // ST=Greater Manchester, C=GB - // Issuer: CN=USERTrust ECC Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US - // Serial number: 80f5606d3a162b143adc12fbe8c2066f - // Valid from: Thu Nov 01 17:00:00 PDT 2018 until: Tue Dec 31 15:59:59 PST 2030 - private static final String INT = "-----BEGIN CERTIFICATE-----\n" + - "MIIDyTCCA0+gAwIBAgIRAID1YG06FisUOtwS++jCBm8wCgYIKoZIzj0EAwMwgYgx\n" + - "CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz\n" + - "ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD\n" + - "EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4MTEw\n" + - "MjAwMDAwMFoXDTMwMTIzMTIzNTk1OVowgZExCzAJBgNVBAYTAkdCMRswGQYDVQQI\n" + - "ExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoT\n" + - "D1NlY3RpZ28gTGltaXRlZDE5MDcGA1UEAxMwU2VjdGlnbyBFQ0MgRXh0ZW5kZWQg\n" + - "VmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMFkwEwYHKoZIzj0CAQYIKoZIzj0D\n" + - "AQcDQgAEAyJ5Ca9JyXq8bO+krLVWysbtm7fdMSJ54uFD23t0x6JAC4IjxevfQJzW\n" + - "z4T6yY+FybTBqtOa++ijJFnkB5wKy6OCAY0wggGJMB8GA1UdIwQYMBaAFDrhCYbU\n" + - "zxnClnZ0SXbc4DXGY2OaMB0GA1UdDgQWBBTvwSqVDDLa+3Mw3IoT2BVL9xPo+DAO\n" + - "BgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggr\n" + - "BgEFBQcDAQYIKwYBBQUHAwIwOgYDVR0gBDMwMTAvBgRVHSAAMCcwJQYIKwYBBQUH\n" + - "AgEWGWh0dHBzOi8vY3BzLnVzZXJ0cnVzdC5jb20wUAYDVR0fBEkwRzBFoEOgQYY/\n" + - "aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0NlcnRpZmljYXRp\n" + - "b25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0\n" + - "cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0FkZFRydXN0Q0EuY3J0\n" + - "MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMAoGCCqGSM49\n" + - "BAMDA2gAMGUCMQCjHztBDL90GCRXHlGqm0H7kzP04hd0MxwakKjWzOmstXNFLONj\n" + - "RFa0JqI/iKUJMFcCMCbLgyzcFW7DihtY5XE0XCLCw+git0NjxiFB6FaOFIlyDdqT\n" + - "j+Th+DJ92JLvICVD/g==\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=usertrustecccertificationauthority-ev.comodoca.com, O=Sectigo Limited, - // STREET="3rd Floor, 26 Office Village", STREET=Exchange Quay, STREET=Trafford Road, L=Salford, - // ST=Manchester, OID.2.5.4.17=M5 3EQ, - // C=GB, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=GB, SERIALNUMBER=04058690 - // Issuer: CN=Sectigo ECC Extended Validation Secure Server CA, O=Sectigo Limited, L=Salford, - // ST=Greater Manchester, C=GB - // Serial number: 9aa5da67480446fd7bf408fd5fdaa1d8 - // Valid from: Mon Mar 01 16:00:00 PST 2021 until: Sat Apr 02 16:59:59 PDT 2022 - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIFwTCCBWigAwIBAgIRAJql2mdIBEb9e/QI/V/aodgwCgYIKoZIzj0EAwIwgZEx\n" + - "CzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNV\n" + - "BAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE5MDcGA1UEAxMw\n" + - "U2VjdGlnbyBFQ0MgRXh0ZW5kZWQgVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENB\n" + - "MB4XDTIxMDMwMjAwMDAwMFoXDTIyMDQwMjIzNTk1OVowggE6MREwDwYDVQQFEwgw\n" + - "NDA1ODY5MDETMBEGCysGAQQBgjc8AgEDEwJHQjEdMBsGA1UEDxMUUHJpdmF0ZSBP\n" + - "cmdhbml6YXRpb24xCzAJBgNVBAYTAkdCMQ8wDQYDVQQREwZNNSAzRVExEzARBgNV\n" + - "BAgTCk1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxFjAUBgNVBAkTDVRyYWZm\n" + - "b3JkIFJvYWQxFjAUBgNVBAkTDUV4Y2hhbmdlIFF1YXkxJTAjBgNVBAkTHDNyZCBG\n" + - "bG9vciwgMjYgT2ZmaWNlIFZpbGxhZ2UxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRl\n" + - "ZDE7MDkGA1UEAxMydXNlcnRydXN0ZWNjY2VydGlmaWNhdGlvbmF1dGhvcml0eS1l\n" + - "di5jb21vZG9jYS5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQtMl8R33Za\n" + - "WD6H8BW0+wybBf0+6+L5YYK/eyAVGm6vwjLaQZWlcdFBMKfaP1qTLi0VAabs4baS\n" + - "UkD8wR568pVpo4IC8zCCAu8wHwYDVR0jBBgwFoAU78EqlQwy2vtzMNyKE9gVS/cT\n" + - "6PgwHQYDVR0OBBYEFLOtYfOaIfDHZGubtKNELRR6A2srMA4GA1UdDwEB/wQEAwIH\n" + - "gDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBJ\n" + - "BgNVHSAEQjBAMDUGDCsGAQQBsjEBAgEFATAlMCMGCCsGAQUFBwIBFhdodHRwczov\n" + - "L3NlY3RpZ28uY29tL0NQUzAHBgVngQwBATBWBgNVHR8ETzBNMEugSaBHhkVodHRw\n" + - "Oi8vY3JsLnNlY3RpZ28uY29tL1NlY3RpZ29FQ0NFeHRlbmRlZFZhbGlkYXRpb25T\n" + - "ZWN1cmVTZXJ2ZXJDQS5jcmwwgYYGCCsGAQUFBwEBBHoweDBRBggrBgEFBQcwAoZF\n" + - "aHR0cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0aWdvRUNDRXh0ZW5kZWRWYWxpZGF0\n" + - "aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5z\n" + - "ZWN0aWdvLmNvbTA9BgNVHREENjA0gjJ1c2VydHJ1c3RlY2NjZXJ0aWZpY2F0aW9u\n" + - "YXV0aG9yaXR5LWV2LmNvbW9kb2NhLmNvbTCCAQMGCisGAQQB1nkCBAIEgfQEgfEA\n" + - "7wB2AEalVet1+pEgMLWiiWn0830RLEF0vv1JuIWr8vxw/m1HAAABd/Kung0AAAQD\n" + - "AEcwRQIhAI16l52NctGAphhc6eh2kK2vO5QYk5nyouL3P6U/gG/dAiBfJRJ+iqE/\n" + - "noco35RpNtlV4GABrwmw1I/1R+L79VzwEAB1AG9Tdqwx8DEZ2JkApFEV/3cVHBHZ\n" + - "AsEAKQaNsgiaN9kTAAABd/KunvwAAAQDAEYwRAIgS+r3C10ua38DPJKvUJvW5bvL\n" + - "SCQ949n3sBJvhV6aXq4CIH/oEGgvJmKtMEjVKUQg8TrZO6LwQ+0sYfL79Qvm8wL3\n" + - "MAoGCCqGSM49BAMCA0cAMEQCID4Q9cc8OQ9tmKnnKZyplPsPipI5apVGkBqFRUSt\n" + - "zzM3AiAw5tw3cv/oabDsYdU+lmp5kZ/S3Z97ANAAaHE0AfXe/Q==\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=usertrustecccertificationauthority-ev.comodoca.com, OU=COMODO EV SGC SSL, - // O=Sectigo Limited, STREET="3rd Floor, 26 Office Village", STREET=Exchange Quay, STREET=Trafford Road, - // L=Salford, OID.2.5.4.17=M5 3EQ, - // C=GB, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=GB, SERIALNUMBER=04058690 - // Issuer: CN=Sectigo ECC Extended Validation Secure Server CA, O=Sectigo Limited, L=Salford, - // ST=Greater Manchester, C=GB - // Serial number: 8b72489b7f505a55e2a22659c90ed2ab - // Valid from: Sun Sep 29 17:00:00 PDT 2019 until: Tue Dec 28 15:59:59 PST 2021 - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIGRTCCBeugAwIBAgIRAItySJt/UFpV4qImWckO0qswCgYIKoZIzj0EAwIwgZEx\n" + - "CzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNV\n" + - "BAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE5MDcGA1UEAxMw\n" + - "U2VjdGlnbyBFQ0MgRXh0ZW5kZWQgVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENB\n" + - "MB4XDTE5MDkzMDAwMDAwMFoXDTIxMTIyODIzNTk1OVowggFBMREwDwYDVQQFEwgw\n" + - "NDA1ODY5MDETMBEGCysGAQQBgjc8AgEDEwJHQjEdMBsGA1UEDxMUUHJpdmF0ZSBP\n" + - "cmdhbml6YXRpb24xCzAJBgNVBAYTAkdCMQ8wDQYDVQQREwZNNSAzRVExEDAOBgNV\n" + - "BAcTB1NhbGZvcmQxFjAUBgNVBAkTDVRyYWZmb3JkIFJvYWQxFjAUBgNVBAkTDUV4\n" + - "Y2hhbmdlIFF1YXkxJTAjBgNVBAkTHDNyZCBGbG9vciwgMjYgT2ZmaWNlIFZpbGxh\n" + - "Z2UxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDEaMBgGA1UECxMRQ09NT0RPIEVW\n" + - "IFNHQyBTU0wxOzA5BgNVBAMTMnVzZXJ0cnVzdGVjY2NlcnRpZmljYXRpb25hdXRo\n" + - "b3JpdHktZXYuY29tb2RvY2EuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE\n" + - "LTJfEd92Wlg+h/AVtPsMmwX9Puvi+WGCv3sgFRpur8Iy2kGVpXHRQTCn2j9aky4t\n" + - "FQGm7OG2klJA/MEeevKVaaOCA28wggNrMB8GA1UdIwQYMBaAFO/BKpUMMtr7czDc\n" + - "ihPYFUv3E+j4MB0GA1UdDgQWBBSzrWHzmiHwx2Rrm7SjRC0UegNrKzAOBgNVHQ8B\n" + - "Af8EBAMCB4AwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB\n" + - "BQUHAwIwSQYDVR0gBEIwQDA1BgwrBgEEAbIxAQIBBQEwJTAjBggrBgEFBQcCARYX\n" + - "aHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwBwYFZ4EMAQEwVgYDVR0fBE8wTTBLoEmg\n" + - "R4ZFaHR0cDovL2NybC5zZWN0aWdvLmNvbS9TZWN0aWdvRUNDRXh0ZW5kZWRWYWxp\n" + - "ZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGGBggrBgEFBQcBAQR6MHgwUQYIKwYB\n" + - "BQUHMAKGRWh0dHA6Ly9jcnQuc2VjdGlnby5jb20vU2VjdGlnb0VDQ0V4dGVuZGVk\n" + - "VmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAjBggrBgEFBQcwAYYXaHR0cDov\n" + - "L29jc3Auc2VjdGlnby5jb20wPQYDVR0RBDYwNIIydXNlcnRydXN0ZWNjY2VydGlm\n" + - "aWNhdGlvbmF1dGhvcml0eS1ldi5jb21vZG9jYS5jb20wggF/BgorBgEEAdZ5AgQC\n" + - "BIIBbwSCAWsBaQB2AO5Lvbd1zmC64UJpH6vhnmajD35fsHLYgwDEe4l6qP3LAAAB\n" + - "bYL/SJoAAAQDAEcwRQIhAL7EJt/Rgz6NBnx2v8Hevux3Gpcxy64kaeyLVgFeNqFk\n" + - "AiBRf+OWLOtZzEav/oERljrk8hgZB4CR1nj/Tn98cmRrwwB2AFWB1MIWkDYBSuoL\n" + - "m1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABbYL/SIgAAAQDAEcwRQIgVtZZaiBMC2lu\n" + - "atBzUHQmOq4qrUQP7nS83cd3VzPhToECIQDnlpOCdaxJwr8C0MtkvYpKSabwBPFL\n" + - "ASEkwmOpjuQErAB3ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAAB\n" + - "bYL/SJoAAAQDAEgwRgIhAI8OgzP/kzF1bOJRHU2S/ewij/6HpGPy7Mbm7Hyuv3IU\n" + - "AiEAxDmX2FmORlgeerQmQ+ar3D9/TwA9RQckVDu5IrgweREwCgYIKoZIzj0EAwID\n" + - "SAAwRQIhAPwQWGWd3oR7YJ7ngCDQ9TAbdPgND51SiR34WfEgaTQtAiAxD4umKm02\n" + - "59GEMj5NpyF2ZQEq5mEGcjJNojrn+PC4zg==\n" + - "-----END CERTIFICATE-----"; - - public void runTest(ValidatePathWithParams pathValidator) throws Exception { - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, - "Tue Mar 02 02:59:25 PST 2021", System.out); - } -} diff --git a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/DTrustCA.java b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/DTrustCA.java index 152e77907bb..13a2e8044da 100644 --- a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/DTrustCA.java +++ b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/DTrustCA.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -27,8 +27,8 @@ * @summary Interoperability tests with "D-Trust Root Class 3 CA 2 2009" and * "D-Trust Root Class 3 CA 2 EV 2009" CAs * @build ValidatePathWithParams - * @run main/othervm -Djava.security.debug=certpath DTrustCA OCSP - * @run main/othervm -Djava.security.debug=certpath DTrustCA CRL + * @run main/othervm/manual -Djava.security.debug=certpath DTrustCA OCSP + * @run main/othervm/manual -Djava.security.debug=certpath DTrustCA CRL */ public class DTrustCA { diff --git a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/DigicertCSRootG5.java b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/DigicertCSRootG5.java new file mode 100644 index 00000000000..4b45bb857ba --- /dev/null +++ b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/DigicertCSRootG5.java @@ -0,0 +1,303 @@ +/* + * Copyright (c) 2023, 2024, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 8318759 + * @summary Interoperability tests with Digicert CS Root G5 certificates + * @build ValidatePathWithParams + * @run main/othervm/manual -Djava.security.debug=ocsp,certpath DigicertCSRootG5 OCSP + * @run main/othervm/manual -Djava.security.debug=certpath DigicertCSRootG5 CRL + */ + +public class DigicertCSRootG5 { + + public static void main(String[] args) throws Exception { + + ValidatePathWithParams pathValidator = new ValidatePathWithParams(null); + + if (args.length >= 1 && "CRL".equalsIgnoreCase(args[0])) { + pathValidator.enableCRLCheck(); + } else { + // OCSP check by default + pathValidator.enableOCSPCheck(); + } + + new Digicert_CS_ECC().runTest(pathValidator); + new Digicert_CS_RSA().runTest(pathValidator); + } +} + +class Digicert_CS_ECC { + + // Owner: CN=DigiCert G5 CS ECC SHA384 2021 CA1, O="DigiCert, Inc.", C=US + // Issuer: CN=DigiCert CS ECC P384 Root G5, O="DigiCert, Inc.", C=US + // Serial number: d926818addd3c47758f0ace9379b2e7 + // Valid from: Wed Feb 10 16:00:00 PST 2021 until: Sun Feb 10 15:59:59 PST 2036 + private static final String INT = "-----BEGIN CERTIFICATE-----\n" + + "MIIDOTCCAsCgAwIBAgIQDZJoGK3dPEd1jwrOk3my5zAKBggqhkjOPQQDAzBNMQsw\n" + + "CQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xJTAjBgNVBAMTHERp\n" + + "Z2lDZXJ0IENTIEVDQyBQMzg0IFJvb3QgRzUwHhcNMjEwMjExMDAwMDAwWhcNMzYw\n" + + "MjEwMjM1OTU5WjBTMQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIElu\n" + + "Yy4xKzApBgNVBAMTIkRpZ2lDZXJ0IEc1IENTIEVDQyBTSEEzODQgMjAyMSBDQTEw\n" + + "djAQBgcqhkjOPQIBBgUrgQQAIgNiAAS/zvKH4sLLu/zze3/+vHyfRE5OcO77TNw3\n" + + "MCMAlad2Y/ja50KTooGSmXhfwMXpbBTob7hsoxpvIU92W6DhFn9lg4pcKf5UHLEi\n" + + "0iDdHQ9w0hpFJiMABwK60nk+OwsGTZSjggFdMIIBWTASBgNVHRMBAf8ECDAGAQH/\n" + + "AgEAMB0GA1UdDgQWBBTXHcf6xvqCdCBFcTQSL1XVmEGSXjAfBgNVHSMEGDAWgBTw\n" + + "jJhxOThlwjobphdmHcjtZd6SNjAOBgNVHQ8BAf8EBAMCAYYwEwYDVR0lBAwwCgYI\n" + + "KwYBBQUHAwMweQYIKwYBBQUHAQEEbTBrMCQGCCsGAQUFBzABhhhodHRwOi8vb2Nz\n" + + "cC5kaWdpY2VydC5jb20wQwYIKwYBBQUHMAKGN2h0dHA6Ly9jYWNlcnRzLmRpZ2lj\n" + + "ZXJ0LmNvbS9EaWdpQ2VydENTRUNDUDM4NFJvb3RHNS5jcnQwRQYDVR0fBD4wPDA6\n" + + "oDigNoY0aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0Q1NFQ0NQMzg0\n" + + "Um9vdEc1LmNybDAcBgNVHSAEFTATMAcGBWeBDAEDMAgGBmeBDAEEATAKBggqhkjO\n" + + "PQQDAwNnADBkAjByCWijRCnJogZf94U5HG/5S4QFMxEOBSAyxECbFxgrXMKXh5qa\n" + + "7oS2F+hT2DPzxTwCMCIthK0X/14bxZvrNNiNSWzer2TDUyRw6HNIfnkHgqaGFQVA\n" + + "KyS5I77prv53stK0XQ==\n" + + "-----END CERTIFICATE-----"; + + // Owner: CN="Win The Customer, LLC", O="Win The Customer, LLC", L=Saratoga + // Springs, ST=Utah, C=US, SERIALNUMBER=9637546-0160, OID.2.5.4.15=Private + // Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Utah, OID.1.3.6.1.4.1.311.60.2.1.3=US + // Issuer: CN=DigiCert G5 CS ECC SHA384 2021 CA1, O="DigiCert, Inc.", C=US + // Serial number: b13737c3caf58eecb4359f441522133 + // Valid from: Wed Jan 25 16:00:00 PST 2023 until: Tue Jan 28 15:59:59 PST 2025 + private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + + "MIIEEjCCA5mgAwIBAgIQCxNzfDyvWO7LQ1n0QVIhMzAKBggqhkjOPQQDAzBTMQsw\n" + + "CQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xKzApBgNVBAMTIkRp\n" + + "Z2lDZXJ0IEc1IENTIEVDQyBTSEEzODQgMjAyMSBDQTEwHhcNMjMwMTI2MDAwMDAw\n" + + "WhcNMjUwMTI4MjM1OTU5WjCB2TETMBEGCysGAQQBgjc8AgEDEwJVUzEVMBMGCysG\n" + + "AQQBgjc8AgECEwRVdGFoMR0wGwYDVQQPDBRQcml2YXRlIE9yZ2FuaXphdGlvbjEV\n" + + "MBMGA1UEBRMMOTYzNzU0Ni0wMTYwMQswCQYDVQQGEwJVUzENMAsGA1UECBMEVXRh\n" + + "aDEZMBcGA1UEBxMQU2FyYXRvZ2EgU3ByaW5nczEeMBwGA1UEChMVV2luIFRoZSBD\n" + + "dXN0b21lciwgTExDMR4wHAYDVQQDExVXaW4gVGhlIEN1c3RvbWVyLCBMTEMwWTAT\n" + + "BgcqhkjOPQIBBggqhkjOPQMBBwNCAASyShgaH44RcHazlEEMpwRKY4YebnygI9hG\n" + + "wTMQE/VFG40k3tR8lnyjgxTzZbC0aCVavdv1eglDGejQ+6iD8nzgo4IBxjCCAcIw\n" + + "HwYDVR0jBBgwFoAU1x3H+sb6gnQgRXE0Ei9V1ZhBkl4wHQYDVR0OBBYEFLGgEWb9\n" + + "GF89JoXyan/FD/auNIVVMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEF\n" + + "BQcDAzCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vY3JsMy5kaWdpY2VydC5j\n" + + "b20vRGlnaUNlcnRHNUNTRUNDU0hBMzg0MjAyMUNBMS5jcmwwP6A9oDuGOWh0dHA6\n" + + "Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEc1Q1NFQ0NTSEEzODQyMDIxQ0Ex\n" + + "LmNybDA9BgNVHSAENjA0MDIGBWeBDAEDMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93\n" + + "d3cuZGlnaWNlcnQuY29tL0NQUzB+BggrBgEFBQcBAQRyMHAwJAYIKwYBBQUHMAGG\n" + + "GGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBIBggrBgEFBQcwAoY8aHR0cDovL2Nh\n" + + "Y2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0RzVDU0VDQ1NIQTM4NDIwMjFDQTEu\n" + + "Y3J0MAwGA1UdEwEB/wQCMAAwCgYIKoZIzj0EAwMDZwAwZAIwLkWJc/eLxftorFCv\n" + + "ocOA1dfUFx7Al18d5Xsgpkx47kj2DWgQU+/bQEbbyPrKzYgCAjAP5ErLauJRC2to\n" + + "pPk/yXZYXsusmWVH7ozl9O5WR7+a3gVQ1zwVFWuqdjbq3zWWqJM=\n" + + "-----END CERTIFICATE-----"; + + // Owner: CN=Win the Customer LLC, O=Win the Customer LLC, L=Saratoga Springs, ST=Utah, C=US + // Issuer: CN=DigiCert G5 CS ECC SHA384 2021 CA1, O="DigiCert, Inc.", C=US + // Serial number: 201e51cb1ec8a56a1e8438c95adf024 + // Valid from: Sun Oct 22 17:00:00 PDT 2023 until: Tue Oct 22 16:59:59 PDT 2024 + private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + + "MIIFdjCCBP2gAwIBAgIQAgHlHLHsilah6EOMla3wJDAKBggqhkjOPQQDAzBTMQsw\n" + + "CQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xKzApBgNVBAMTIkRp\n" + + "Z2lDZXJ0IEc1IENTIEVDQyBTSEEzODQgMjAyMSBDQTEwHhcNMjMxMDIzMDAwMDAw\n" + + "WhcNMjQxMDIyMjM1OTU5WjB1MQswCQYDVQQGEwJVUzENMAsGA1UECBMEVXRhaDEZ\n" + + "MBcGA1UEBxMQU2FyYXRvZ2EgU3ByaW5nczEdMBsGA1UEChMUV2luIHRoZSBDdXN0\n" + + "b21lciBMTEMxHTAbBgNVBAMTFFdpbiB0aGUgQ3VzdG9tZXIgTExDMIICIjANBgkq\n" + + "hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0o+FWNSfYzJmz+XgA7SRAIQd1H1pYnzq\n" + + "dPyNJJsd1G/nqfeHk/ezEx8Wd7iMJjcPOvKSd14uniAC3ayi3XOKKeFqEw5g5m2/\n" + + "JTO3n8xy9DK5CN1ctpK5Zy+UppOXrtTdBZB74/qSaREOysIfRLnVR4fxNy39urtl\n" + + "TJf0lvzRU9V6BQ3zRjMOCQnY6sueAPoQpVgpCVXkr4obJCkI5arkIQHVpfrcScaJ\n" + + "IzLQ46xL8nxoXPcGhikRystJKdbzg/oCFt68x87uSviZMtkqTHQhzRCzpO5pdx/z\n" + + "g64XZP8fAzSrM/uJCETXxMmazK6ZVkgPu3X4GvjfTfulvcJdxZNMm877NOSICtbL\n" + + "dKoBpvIeKtuyxrvmoJUfNw4e+LLbAQOFznVy7UxkTzG1INPgd57zu3Sm3ALq/oJZ\n" + + "oKfheM4zo8UevYMKmoki+N+qMHcJplPF8C04/u8CNc1Jk8tKmjgof8ZsGbQCC2+l\n" + + "NKXzTUnPpza4mHBMU3Qdd4iV8oxd/9jQyE71h11ISakWSresbCyC6HSOVUh409A1\n" + + "Mhv9+aEbqBNhAHJIYrQSY1hb98CKLRS6cABKAzr+HdafiPCAN3cdLGgJ5TWTIiBj\n" + + "AcjyHseVU4jeLIQl7/4gZATjePzSy/bo62SZXWzCOFp6zzy8VGGavRmMobe193gn\n" + + "cz/17hmFvqECAwEAAaOCAcQwggHAMB8GA1UdIwQYMBaAFNcdx/rG+oJ0IEVxNBIv\n" + + "VdWYQZJeMB0GA1UdDgQWBBR5Hkdl3jgG88ixGc1wEwO6N9Rn2TA+BgNVHSAENzA1\n" + + "MDMGBmeBDAEEATApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNv\n" + + "bS9DUFMwDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMDMIGNBgNV\n" + + "HR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2Vy\n" + + "dEc1Q1NFQ0NTSEEzODQyMDIxQ0ExLmNybDA/oD2gO4Y5aHR0cDovL2NybDQuZGln\n" + + "aWNlcnQuY29tL0RpZ2lDZXJ0RzVDU0VDQ1NIQTM4NDIwMjFDQTEuY3JsMH4GCCsG\n" + + "AQUFBwEBBHIwcDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t\n" + + "MEgGCCsGAQUFBzAChjxodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl\n" + + "cnRHNUNTRUNDU0hBMzg0MjAyMUNBMS5jcnQwCQYDVR0TBAIwADAKBggqhkjOPQQD\n" + + "AwNnADBkAjA9aX3CSzCOZiHdC6JBF0nQwPLGNipPdHFMSbINmfpuHCC3Go4prf8M\n" + + "WCsWEQr2gQYCMErfcrU8zfxnQ9SxsmGJ8jkM3MDGvAr0CtzDwmWis32V60jAUFBQ\n" + + "lGm/Mdb5/EqKpw==\n" + + "-----END CERTIFICATE-----"; + + public void runTest(ValidatePathWithParams pathValidator) throws Exception { + // Validate valid + pathValidator.validate(new String[]{VALID, INT}, + ValidatePathWithParams.Status.GOOD, null, System.out); + + // Validate Revoked + pathValidator.validate(new String[]{REVOKED, INT}, + ValidatePathWithParams.Status.REVOKED, + "Mon Oct 23 14:48:38 PDT 2023", System.out); + } +} + +class Digicert_CS_RSA { + + // Owner: CN=DigiCert G5 CS RSA4096 SHA384 2021 CA1, O="DigiCert, Inc.", C=US + // Issuer: CN=DigiCert CS RSA4096 Root G5, O="DigiCert, Inc.", C=US + // Serial number: 10262e16224ca6dfef584f8c63048db + // Valid from: Wed Feb 10 16:00:00 PST 2021 until: Sun Feb 10 15:59:59 PST 2036 + private static final String INT = "-----BEGIN CERTIFICATE-----\n" + + "MIIGjDCCBHSgAwIBAgIQAQJi4WIkym3+9YT4xjBI2zANBgkqhkiG9w0BAQwFADBM\n" + + "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xJDAiBgNVBAMT\n" + + "G0RpZ2lDZXJ0IENTIFJTQTQwOTYgUm9vdCBHNTAeFw0yMTAyMTEwMDAwMDBaFw0z\n" + + "NjAyMTAyMzU5NTlaMFcxCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5EaWdpQ2VydCwg\n" + + "SW5jLjEvMC0GA1UEAxMmRGlnaUNlcnQgRzUgQ1MgUlNBNDA5NiBTSEEzODQgMjAy\n" + + "MSBDQTEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC1GOMV0tdTLLBk\n" + + "Ylmccgb6bFa9By5zkuLg9NfFMl4y9P9f21C7N+mMA4fWgfjEs+7/3ByGLaB+7/Pi\n" + + "TT3qXpvBz4uVWob9xv3lkAsIpwh/TMJulijy3GdpAQBMdvW/+HFrbRJGaJ3MM9d1\n" + + "pC3CRPmFWyXUpxqhb0FbMPA8OlsZNjg9fd/zCLevSJlL6ZdjfZ/4FiF26OfO60V6\n" + + "bOuTnd8JbDuwPfMWLP6qEinlFr7V9mjcZc4dfUWH70y7M6av7R1Tc68YQjrtPwIA\n" + + "5pdEcG/VeBVplpne1uxuc61ucVgTpjwOTV6E2KrCe+OCG8/m4voN7T4GC1RfPH3n\n" + + "PlCNV6MeiCVwExPhJFxZ+eTvhVJe0W7mriYpEo2kNR4pnSUhiS92vF4lI3ToAdnH\n" + + "LV+yx0VdsPVwEO344rsVNQvP/hrCHefKm3HsirlazTKpiI9OgZlkXohHanp8IgMx\n" + + "2HvBE/6HcCq/5PiRaeSzvFfRuotLS/LMCXaQEGV9JNSd1omKeNyaDqs89cNbf0g7\n" + + "Tn1AhAxb/TDIkIAV/1bU1UFeq48ufRCRpPO145JQXL7hfdUIth3AkvFRqLPbTsCH\n" + + "v/PcnKScv/QCtoYRnYv5LwdIvYblC+yqe7a9CVARsaVsGBw45wBevcMR5fcdriET\n" + + "ZjRNmQ5gMBjm/ZlHlzyBgShH6U22TQIDAQABo4IBXTCCAVkwEgYDVR0TAQH/BAgw\n" + + "BgEB/wIBADAdBgNVHQ4EFgQUiRgH/z5tMBfJNa27i3GG5Z9mksMwHwYDVR0jBBgw\n" + + "FoAUaAGTsdJKQEJplEYsHFqIqSW0R08wDgYDVR0PAQH/BAQDAgGGMBMGA1UdJQQM\n" + + "MAoGCCsGAQUFBwMDMHkGCCsGAQUFBwEBBG0wazAkBggrBgEFBQcwAYYYaHR0cDov\n" + + "L29jc3AuZGlnaWNlcnQuY29tMEMGCCsGAQUFBzAChjdodHRwOi8vY2FjZXJ0cy5k\n" + + "aWdpY2VydC5jb20vRGlnaUNlcnRDU1JTQTQwOTZSb290RzUuY3J0MEUGA1UdHwQ+\n" + + "MDwwOqA4oDaGNGh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydENTUlNB\n" + + "NDA5NlJvb3RHNS5jcmwwHAYDVR0gBBUwEzAHBgVngQwBAzAIBgZngQwBBAEwDQYJ\n" + + "KoZIhvcNAQEMBQADggIBALBxItkM8LmHhbsnkykSN6+HnLj9/hUx9UUcym1Hwoii\n" + + "Bl9VCCpibLDJurx1w19KL5S6j2ggOMn/1zBugWMVhn6j12RzD4HUkfLqNBXzQmRc\n" + + "xZoXxspSgqpk+jd5iMtVSDBzlaF7s1feDh9qKa7O/7OB5KAiIO2VYFx1ia9ne3tV\n" + + "lY98G+3TnEdjo7r9lBi4KDGmDJv56h7Sb4WeVFlJ/8b4u9IHblq3ykQ/LyKuCYDf\n" + + "v2bnqlT+HY4mgU9ZA0WoO/L7V7m0sBrBYhpdM0pmxlqn6mpvWIHA2tC4rsTY2TXn\n" + + "ZlXbyJaMd5mvjRjvK0DF/2yoKC+us/1li2blLZKS9k0Z36/m4D7z5nVXkmUvRvE2\n" + + "70BhJ0NnM5lHtytTR+OgiaPapeiDy6AA+VbdnV7hhINGEhP7tF3IZPPfmKZN7/bN\n" + + "Qr7wuKZx/jO5sTBtblBaOU2+xric+MlTt2k3ilDnO3EzkZOp1JMWnNjAZciRa8Gy\n" + + "bYAXrsxY4vQnxgA7dj1/3KDB+pCRT7CTMOJJQu27OOv0MuNkb1E+8chPx/eFwfrN\n" + + "rft1Eiqp3Te0w4njDkzukP6EMhebcTp3POm0YhMZl8s1fTI6DCcHFwcMVywXiWwv\n" + + "QG+Td+dHlFT0P8jq/ecaMj6s8j69q36MER+QMyrxGAl3MHyEA7BBut1WCh9dsOnY\n" + + "-----END CERTIFICATE-----"; + + // Owner: CN="Win The Customer, LLC", O="Win The Customer, LLC", L=Saratoga + // Springs, ST=Utah, C=US + // Issuer: CN=DigiCert G5 CS RSA4096 SHA384 2021 CA1, O="DigiCert, Inc.", C=US + // Serial number: bfec2fd49eeacb347ddbea5c1576083 + // Valid from: Fri Jun 23 17:00:00 PDT 2023 until: Wed Jun 26 16:59:59 PDT 2024 + private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + + "MIIGqzCCBJOgAwIBAgIQC/7C/UnurLNH3b6lwVdggzANBgkqhkiG9w0BAQsFADBX" + + "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xLzAtBgNVBAMT" + + "JkRpZ2lDZXJ0IEc1IENTIFJTQTQwOTYgU0hBMzg0IDIwMjEgQ0ExMB4XDTIzMDYy" + + "NDAwMDAwMFoXDTI0MDYyNjIzNTk1OVowdzELMAkGA1UEBhMCVVMxDTALBgNVBAgT" + + "BFV0YWgxGTAXBgNVBAcTEFNhcmF0b2dhIFNwcmluZ3MxHjAcBgNVBAoTFVdpbiBU" + + "aGUgQ3VzdG9tZXIsIExMQzEeMBwGA1UEAxMVV2luIFRoZSBDdXN0b21lciwgTExD" + + "MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAsElsbtoNNIL5fCadUzW+" + + "aDl2LF0c6BRckZSuH1f88tFD5LDjuT+rdIxsjDS/dqedRiilJe40z/3973OZNaxs" + + "wxYCSHhUV9XimSHH0zQ2MpbupdA7aLDYM4tcypam1Zm9q6njLArBUgGVaKYBUZqW" + + "obVh+6aFBzj36u7EmPgLCJsre5oheo8+gOwfu+xVExceoHG+V7XTKhD6vhclS49B" + + "UIHgvpn+/BlB8kjf5M2XzmpfWg9aGq75gnd1ix4fU1BnA0A33cZPrFsi5cMh6NZd" + + "tI4WIpb5P8X17G3yRqNMM/noBvBrtpQHVLpN2C2NLg0YX1FjIK7bcBKFOnIG36ou" + + "vs+QesMyVOXeKKnt1ERBSqwrMjUuqN7W6YnXjoIp7xWxEdIdae+1fDK702zhGaYv" + + "b6pYGoJ7HQI/x7S6kF462qvXsf++yA5kxr2qNTSNY4ZggzEwubvu0PYRYjMHwIUn" + + "SV3ZlRAKXK2AO7GydecWr2QVRra4+myCznsil/rKasWTAgMBAAGjggHRMIIBzTAf" + + "BgNVHSMEGDAWgBSJGAf/Pm0wF8k1rbuLcYbln2aSwzAdBgNVHQ4EFgQUfr+syABm" + + "R7FB/f155oky+e5fLR8wDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUF" + + "BwMDMIGVBgNVHR8EgY0wgYowQ6BBoD+GPWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNv" + + "bS9EaWdpQ2VydEc1Q1NSU0E0MDk2U0hBMzg0MjAyMUNBMS5jcmwwQ6BBoD+GPWh0" + + "dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEc1Q1NSU0E0MDk2U0hBMzg0" + + "MjAyMUNBMS5jcmwwPgYDVR0gBDcwNTAzBgZngQwBBAEwKTAnBggrBgEFBQcCARYb" + + "aHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGCBggrBgEFBQcBAQR2MHQwJAYI" + + "KwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBMBggrBgEFBQcwAoZA" + + "aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0RzVDU1JTQTQwOTZT" + + "SEEzODQyMDIxQ0ExLmNydDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4ICAQCj" + + "HCYM2aGyHFpdWRkbxa+so37uyPDJ27wpn4oNhaSKKletB8Xr6rMa5JBJ1NUa2S9Q" + + "3CYvdH9pGjjThUJPR0Lg8DrZNkPtqyjQLQ86tYfjteoKe5SXTxZ0epXikRTXySFa" + + "NM1KOEf5CJq7OywLLXVxm+F2VEX2+PzLAtHxViGeN7AsZMbWGlp3VkymVITcKkP3" + + "vnsoF6Teacb019xxBDCLuhNG91rlzhG0YrJ3qMlPyStmzxqy+2UIlPwFeLRkBkRG" + + "K7Kxi2xvYbgdFP93kRbwJbp8d3x/JG3LpwAZv+NV0TY3jBj7ymGoGuiSV0nU9XPt" + + "yDm1FYYZAH2ykwo8YPZqAcu+EHvyxi1dgOM3ABfoLJfOIYJv2gxPx+KIKzn1wzBS" + + "kk1HMf8xbYXs40vF2Lrb7AQIyLa2ZskJTyfb0dyEyOq+vvVgLA9ZdwidzD1RnVf6" + + "vOb7KbMSBCLK+HGqHrW+hhSDi2vHvSit7Cn+q80ZmzRqvJ/+mVl+ppnjDC7nSLIa" + + "qeG0fvUz6SabPX7yV92D5ARrJJ3xgAvgmgWfuKBV7WlEGCmj0QTWZ0/AFBLzNcq7" + + "+0rgP0GM98MZpKa8pHZaS1A3uP1TFzamfVGdv0FVHXSkN5Kvg0iPh4Qz9TRiCkyE" + + "boJeU1LYdyTrP/+q3zQqsGa9xdQ50EovjWymbvWzCQ==\n" + + "-----END CERTIFICATE-----"; + + // Owner: CN=Win the Customer LLC, O=Win the Customer LLC, L=Saratoga Springs, + // ST=Utah, C=US + // Issuer: CN=DigiCert G5 CS RSA4096 SHA384 2021 CA1, O="DigiCert, Inc.", C=US + // Serial number: f409d101094769abaf06f085f11ca4f + // Valid from: Sun Oct 22 17:00:00 PDT 2023 until: Tue Oct 22 16:59:59 PDT 2024 + private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + + "MIIHKTCCBRGgAwIBAgIQD0CdEBCUdpq68G8IXxHKTzANBgkqhkiG9w0BAQsFADBX\n" + + "MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xLzAtBgNVBAMT\n" + + "JkRpZ2lDZXJ0IEc1IENTIFJTQTQwOTYgU0hBMzg0IDIwMjEgQ0ExMB4XDTIzMTAy\n" + + "MzAwMDAwMFoXDTI0MTAyMjIzNTk1OVowdTELMAkGA1UEBhMCVVMxDTALBgNVBAgT\n" + + "BFV0YWgxGTAXBgNVBAcTEFNhcmF0b2dhIFNwcmluZ3MxHTAbBgNVBAoTFFdpbiB0\n" + + "aGUgQ3VzdG9tZXIgTExDMR0wGwYDVQQDExRXaW4gdGhlIEN1c3RvbWVyIExMQzCC\n" + + "AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANKPhVjUn2MyZs/l4AO0kQCE\n" + + "HdR9aWJ86nT8jSSbHdRv56n3h5P3sxMfFne4jCY3DzrykndeLp4gAt2sot1ziinh\n" + + "ahMOYOZtvyUzt5/McvQyuQjdXLaSuWcvlKaTl67U3QWQe+P6kmkRDsrCH0S51UeH\n" + + "8Tct/bq7ZUyX9Jb80VPVegUN80YzDgkJ2OrLngD6EKVYKQlV5K+KGyQpCOWq5CEB\n" + + "1aX63EnGiSMy0OOsS/J8aFz3BoYpEcrLSSnW84P6AhbevMfO7kr4mTLZKkx0Ic0Q\n" + + "s6TuaXcf84OuF2T/HwM0qzP7iQhE18TJmsyumVZID7t1+Br43037pb3CXcWTTJvO\n" + + "+zTkiArWy3SqAabyHirbssa75qCVHzcOHviy2wEDhc51cu1MZE8xtSDT4Hee87t0\n" + + "ptwC6v6CWaCn4XjOM6PFHr2DCpqJIvjfqjB3CaZTxfAtOP7vAjXNSZPLSpo4KH/G\n" + + "bBm0AgtvpTSl801Jz6c2uJhwTFN0HXeIlfKMXf/Y0MhO9YddSEmpFkq3rGwsguh0\n" + + "jlVIeNPQNTIb/fmhG6gTYQBySGK0EmNYW/fAii0UunAASgM6/h3Wn4jwgDd3HSxo\n" + + "CeU1kyIgYwHI8h7HlVOI3iyEJe/+IGQE43j80sv26OtkmV1swjhaes88vFRhmr0Z\n" + + "jKG3tfd4J3M/9e4Zhb6hAgMBAAGjggHRMIIBzTAfBgNVHSMEGDAWgBSJGAf/Pm0w\n" + + "F8k1rbuLcYbln2aSwzAdBgNVHQ4EFgQUeR5HZd44BvPIsRnNcBMDujfUZ9kwPgYD\n" + + "VR0gBDcwNTAzBgZngQwBBAEwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdp\n" + + "Y2VydC5jb20vQ1BTMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcD\n" + + "AzCBlQYDVR0fBIGNMIGKMEOgQaA/hj1odHRwOi8vY3JsMy5kaWdpY2VydC5jb20v\n" + + "RGlnaUNlcnRHNUNTUlNBNDA5NlNIQTM4NDIwMjFDQTEuY3JsMEOgQaA/hj1odHRw\n" + + "Oi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRHNUNTUlNBNDA5NlNIQTM4NDIw\n" + + "MjFDQTEuY3JsMIGCBggrBgEFBQcBAQR2MHQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9v\n" + + "Y3NwLmRpZ2ljZXJ0LmNvbTBMBggrBgEFBQcwAoZAaHR0cDovL2NhY2VydHMuZGln\n" + + "aWNlcnQuY29tL0RpZ2lDZXJ0RzVDU1JTQTQwOTZTSEEzODQyMDIxQ0ExLmNydDAJ\n" + + "BgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4ICAQAKCH6ri6f507/j2ifF7VQbavWE\n" + + "Wn4T63PzJveL6/kedV7avhrQ/B6uHrez1xy/RH/MlL/B+TF6YTg+ILqtKR/PyJrg\n" + + "N+1RON0Eg3AEWWDtGl3KBYFlklz8Szo+xmXf5GYiqueejbxscH1BA0PU/5CgGkr6\n" + + "1Kk4OXqKqmpuPeQCxca1ARDD749E/2IFsDGC8kBCWepV62l0/xcDKWD5Zn+y4Tkh\n" + + "5+YJJ21D746sNDOsDNJ4DuqEYrXWUH6BlT5EDYelGqRCOdyTYUdDg+QcSFWnH7wR\n" + + "O+eIA3BLSw0x1Vh6DJRKm5H644sPVppaI1jVZDe+zBwp2e/j8XH7KDlp/WaRUhcU\n" + + "bjGg2Ss5TMbBjR6B4nMwjvqaCIFoAD6aFRYc80px/KY6KTSyOFF0FBQNuhSsUZQy\n" + + "p74aRjUraSu/RiJMA8A6OYGo1b7W9o/UOg0MB4WQkfwl+Mxh+58QKjLjZr9VVapW\n" + + "4yv0G/G6rT/pHrRiyBcT7Kt4xNFsmMFAN4BXL9WI9mkGDa4iwDmWVjIjAaiilaaC\n" + + "MIXwwm3eg/QBgWBUrwXf3YC+1HXkaFDZc5apQ5uaNJPjQo9nQ6xqfpnACXTJ/Lwm\n" + + "JBu4YlXPby5Vh6mWWSyVdbICrCD7BtGP8aSBPFGPEuPEjK32uyeoGWVwwSubVFPX\n" + + "ARhLX5oSFZUySvHgYg==\n" + + "-----END CERTIFICATE-----"; + + public void runTest(ValidatePathWithParams pathValidator) throws Exception { + // Validate valid + pathValidator.validate(new String[]{VALID, INT}, + ValidatePathWithParams.Status.GOOD, null, System.out); + + // Validate Revoked + pathValidator.validate(new String[]{REVOKED, INT}, + ValidatePathWithParams.Status.REVOKED, + "Mon Oct 23 14:44:23 PDT 2023", System.out); + } +} diff --git a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/EmSignRootG2CA.java b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/EmSignRootG2CA.java new file mode 100644 index 00000000000..80f375c1ee6 --- /dev/null +++ b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/EmSignRootG2CA.java @@ -0,0 +1,179 @@ +/* + * Copyright (c) 2023, 2024, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 8319187 + * @summary Interoperability tests with eMudhra emSign Root CA G2 CS root + * @build ValidatePathWithParams + * @run main/othervm/manual -Djava.security.debug=certpath EmSignRootG2CA OCSP + * @run main/othervm/manual -Djava.security.debug=certpath EmSignRootG2CA CRL + */ + +public class EmSignRootG2CA { + + // Owner: CN=emSign CS CA - G2, O=eMudhra Technologies Limited, OU=emSign PKI, C=IN + // Issuer: CN=emSign Root CA - G2, O=eMudhra Technologies Limited, OU=emSign PKI, C=IN + // Serial number: c084e666596139a1fa9b + // Valid from: Sun Feb 18 10:30:00 PST 2018 until: Fri Feb 18 10:30:00 PST 2033 + private static final String INT = "-----BEGIN CERTIFICATE-----\n" + + "MIIGeDCCBGCgAwIBAgILAMCE5mZZYTmh+pswDQYJKoZIhvcNAQEMBQAwZzELMAkG\n" + + "A1UEBhMCSU4xEzARBgNVBAsTCmVtU2lnbiBQS0kxJTAjBgNVBAoTHGVNdWRocmEg\n" + + "VGVjaG5vbG9naWVzIExpbWl0ZWQxHDAaBgNVBAMTE2VtU2lnbiBSb290IENBIC0g\n" + + "RzIwHhcNMTgwMjE4MTgzMDAwWhcNMzMwMjE4MTgzMDAwWjBlMQswCQYDVQQGEwJJ\n" + + "TjETMBEGA1UECxMKZW1TaWduIFBLSTElMCMGA1UEChMcZU11ZGhyYSBUZWNobm9s\n" + + "b2dpZXMgTGltaXRlZDEaMBgGA1UEAxMRZW1TaWduIENTIENBIC0gRzIwggIiMA0G\n" + + "CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDYYkv6Q9an5RylOJ6rkTAHT0cAwfYg\n" + + "ZsFKk/Hz/4VwWYsmzf+Z7M8i3CK3mnUcqgw0AIzrVLUwxiKAaL0qca+SbXwOk/7p\n" + + "Y/zwwLdg0OhHVGeeU3OTvkbsBpiLS08i7ids9FGrte6m1kqk+QSOY2F5AESxA4+F\n" + + "AKXGtzIImQd15m67C88AzzFsvszAAxSvVTqs4hb8BcRnUCzlAp7gMJSwwrrgTiEv\n" + + "6Ap6cFVT+n1oj6370sd5KBiRelLoqZtQx4njoNJkJlM30ftPNMGnqPLCloQ6koP/\n" + + "dAdpmwWB+F0/5d5UVmVPC3R/F8w7aX3fdSC8+M2E/ZXPVIYkEquLT7K2yXhRl3hn\n" + + "xwG6qqGp6TjvKvhiyac8qieu9YNG1R+PVFqejOFMohV2g0Z5MfwaruhUCNwHHeZs\n" + + "Dv/MVYMiHcV+5qU+MMzcKngb3RCmq0jzCb+MESomEMiAieCC15W7YC/LpgDHO0jY\n" + + "vV4AdLquUHfsOnhT2KD7mEg2PnL7JOwoQSFtuJYmM/coh+Y6CIoV3x+aV1bO7FDF\n" + + "ap33u36lE639oQj0tTqW3n1WcyNxhD0lwGlYIAjG8XnhRjtl6/MVVrGuyPWpB4TH\n" + + "u8CgNT0roENuq13RnHbBz2rLnndenHiMbxCyElGJBpZfXiF1H25KHUzvyzxt++L+\n" + + "hSfprX9BSXLpGQIDAQABo4IBJTCCASEwHwYDVR0jBBgwFoAU7exNRWEYKOezIygR\n" + + "HE2lJw1e7PQwHQYDVR0OBBYEFBWGyrZ0lhdIWDSCLM3S4XWer0S3MA4GA1UdDwEB\n" + + "/wQEAwIBBjATBgNVHSUEDDAKBggrBgEFBQcDAzA9BgNVHSAENjA0MDIGBFUdIAAw\n" + + "KjAoBggrBgEFBQcCARYcaHR0cDovL3JlcG9zaXRvcnkuZW1zaWduLmNvbTASBgNV\n" + + "HRMBAf8ECDAGAQH/AgEAMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0\n" + + "cDovL29jc3AuZW1zaWduLmNvbTAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3Js\n" + + "LmVtc2lnbi5jb20/Um9vdENBRzIuY3JsMA0GCSqGSIb3DQEBDAUAA4ICAQCDkogs\n" + + "d5Tv1zwsQdk15btzYK/oI1tEwvN6IpIM9rSqIrje8XnXKjHHmbHX6emHIR31bxuK\n" + + "7mY77XjrJMWp+71udC/DgDy4tfZTXIzEekI0XQfcui1UPC08Ysl0taQKTANwsAOV\n" + + "VSi7boSGqLet0qSmeKVyQ5/blbwx1NhjyLTyi66rVYf7fYdPV55X5TKUJdKDgiRI\n" + + "BomNVRcrrnHZtS8+t9CXxSXR35VAu2ube44Tl+dQHIWz9XwLxtYFwIPSEdqPpoAu\n" + + "5XEVo7evwMHQoY/MQj6Ywbw6tYh6bHu6C/qrp4oSyYXbz2ZWlHkz1oEXvefi7a9Z\n" + + "6mKnnaY3UYHq5AI+k6ojazVFbSTenb/TO/Z247gdhG7Wssshd6pgyqcTEa+FZz+F\n" + + "5ZZdoiIl8UJsTCPPg0xP9Ab0WE3BjCCqTPt+Czbd3cgBxiBS7KTQs/DnQRFuPCjC\n" + + "khbDtHsCN4aUoLM9OOw94/ZcoU0G5cg9mSvONBxUv9W7SIpJreXXMPXixcBKULoJ\n" + + "focui3s0yzGqTA9tSzQ4nmA9aXBCAAxrABlY/hk10ImeBa1SPjocRb/vuCaGp74T\n" + + "n8oADP42XudDnp8wlOKWxFJulhNi960Rev+5vZOPF/LGfS78GI6yzBjR49VJGhOP\n" + + "EJK8NSNmK3FNblQfOyFM7VE0uOGHOUwpMGVM2A==\n" + + "-----END CERTIFICATE-----"; + + // Owner: CN=test, OU=test, O=test, L=test, ST=test, C=IN + // Issuer: CN=emSign CS CA - G2, O=eMudhra Technologies Limited, OU=emSign PKI, C=IN + // Serial number: 7c9ade672c0ad1b6 + // Valid from: Wed Aug 30 05:39:25 PDT 2023 until: Sat Aug 30 05:39:25 PDT 2025 + private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + + "MIIGNjCCBB6gAwIBAgIIfJreZywK0bYwDQYJKoZIhvcNAQEMBQAwZTELMAkGA1UE\n" + + "BhMCSU4xEzARBgNVBAsTCmVtU2lnbiBQS0kxJTAjBgNVBAoTHGVNdWRocmEgVGVj\n" + + "aG5vbG9naWVzIExpbWl0ZWQxGjAYBgNVBAMTEWVtU2lnbiBDUyBDQSAtIEcyMB4X\n" + + "DTIzMDgzMDEyMzkyNVoXDTI1MDgzMDEyMzkyNVowWDELMAkGA1UEBhMCSU4xDTAL\n" + + "BgNVBAgTBHRlc3QxDTALBgNVBAcTBHRlc3QxDTALBgNVBAoMBHRlc3QxDTALBgNV\n" + + "BAsTBHRlc3QxDTALBgNVBAMTBHRlc3QwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAw\n" + + "ggGKAoIBgQC04pOiSFbl7Bd4wFYXzzyukKh+EmwIq8xRGQDkuYH+C6Zao36VAV+k\n" + + "xGw7lmM3rf4YUcArgZYHfrxgPJNBbGrCi/YnEPYQTNwSrBAePUx1tt13LVBxHfNu\n" + + "cQQT+kqE7064WsYfmfr/uzJZemqVH7lG82DN23+8E/235AIh3lz/pn7T9ByLj7TV\n" + + "zWP40oT0UfQXQvWUpFevPONu/RksRP+NiKV3ji6/wYpvrfodzkrGxw2DPfOh4Iam\n" + + "j6bBH2rkTMToH853plsQGr2ji8OndePfvDdk+5c33Jz1knCNPZSlYQIIp8scyz4z\n" + + "jaUGdoC140FjEA1SMA2WzpRJoE7xjAidLv7jiV596/bTwrIM+IZhzBc8SKRmkdZ6\n" + + "lYjPYJHPqRosRtfxcQne3pY6F4s1aOUtuGJaQS/AJkkykZoOx27plWM5SjtmlrL+\n" + + "7g2/ihWT9CEagYuo44tqk9Tmp3P37+ADAmiXxP0zUxYIv77DSabdArrZ+AB5XUol\n" + + "V8sxE1V6h0UCAwEAAaOCAXUwggFxMB8GA1UdIwQYMBaAFBWGyrZ0lhdIWDSCLM3S\n" + + "4XWer0S3MB0GA1UdDgQWBBQ2k0TE2p46sYwI5M/a1XJ8M5Oc8DAOBgNVHQ8BAf8E\n" + + "BAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwMwNwYDVR0fBDAwLjAsoCqgKIYmaHR0\n" + + "cDovL2NybC5lbXNpZ24uY29tP2VtU2lnbkNTQ0FHMi5jcmwwTgYDVR0gBEcwRTA5\n" + + "BgsrBgEEAYOOIQEAATAqMCgGCCsGAQUFBwIBFhxodHRwOi8vcmVwb3NpdG9yeS5l\n" + + "bVNpZ24uY29tMAgGBmeBDAEEATBzBggrBgEFBQcBAQRnMGUwIgYIKwYBBQUHMAGG\n" + + "Fmh0dHA6Ly9vY3NwLmVtU2lnbi5jb20wPwYIKwYBBQUHMAKGM2h0dHA6Ly9yZXBv\n" + + "c2l0b3J5LmVtc2lnbi5jb20vY2VydHMvZW1TaWduQ1NDQUcyLmNydDAMBgNVHRMB\n" + + "Af8EAjAAMA0GCSqGSIb3DQEBDAUAA4ICAQBKLa7j8fNpcnWNv7NegrMKTRy7gycI\n" + + "qrMK848wISX6jl2wg6b275sWQHzQRxA6rbB76bF2HXLFcpITJPaz+vjetYOVQd4v\n" + + "l8iZN52OpN6Pwrheiz7JhdLiHisN+2NKMmF899bH7w1l2Sr/FQl5vqk41gwwWMen\n" + + "99Waf4Bp6p3lvBArK2BbabTs8+16xvmkHEK3d3l3Bu6qTEbQRgUI5XsVXmXXn8Pg\n" + + "IANliTEsbsN9CMWrJ56ciEujU7w2L+IBfvKhl10N1AQNHwpQzwfFyz2BUbACN75o\n" + + "feIUBarM3ssNzpnt7idgkCTwWVrdEL1NHyW967aEMWyVwaRrtkjFOW/0xuSr2rEI\n" + + "jBpPj5RPdP6ZEaqnmg5PIgSrJ8FBjx6JmvVgZH/XEl5MZ7PsvJFfIMun6RxXtGn7\n" + + "QP0+ipkRrI6USNFS84H53Q0WJhQWZUgd3cdm37wpFGvxOVEskIgJNW9SbOgiT9sB\n" + + "zTIy3ceOK2onmUkDM2Q2+Hbc7A4BmNIlW4fpYXvZlM7IXSl9U3Voks92Hi45azgz\n" + + "StWZv9+Ronmmp+b7JKCe7MZXIBHfj0JhAVNJiYTZ9BqkY2VRvuQPVUdKxske9fQ6\n" + + "ciFJ5a6RDOhce6pFloaQu39ci2XCY1N4mIR3vFzpmBNkttlEXviK07XNTv9cnQt6\n" + + "3CW5aMAsfTbmOw==\n" + + "-----END CERTIFICATE-----"; + + // Owner: CN=test, OU=test, O=test, L=test, ST=test, C=IN + // Issuer: CN=emSign CS CA - G2, O=eMudhra Technologies Limited, OU=emSign PKI, C=IN + // Serial number: cf02dedd03d2f509 + // Valid from: Thu Oct 05 22:38:51 PDT 2023 until: Sun Oct 05 22:38:51 PDT 2025 + private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + + "MIIGNzCCBB+gAwIBAgIJAM8C3t0D0vUJMA0GCSqGSIb3DQEBDAUAMGUxCzAJBgNV\n" + + "BAYTAklOMRMwEQYDVQQLEwplbVNpZ24gUEtJMSUwIwYDVQQKExxlTXVkaHJhIFRl\n" + + "Y2hub2xvZ2llcyBMaW1pdGVkMRowGAYDVQQDExFlbVNpZ24gQ1MgQ0EgLSBHMjAe\n" + + "Fw0yMzEwMDYwNTM4NTFaFw0yNTEwMDYwNTM4NTFaMFgxCzAJBgNVBAYTAklOMQ0w\n" + + "CwYDVQQIEwR0ZXN0MQ0wCwYDVQQHEwR0ZXN0MQ0wCwYDVQQKDAR0ZXN0MQ0wCwYD\n" + + "VQQLEwR0ZXN0MQ0wCwYDVQQDEwR0ZXN0MIIBojANBgkqhkiG9w0BAQEFAAOCAY8A\n" + + "MIIBigKCAYEAmUSghjvjUvVgYguH2PMLwW4TwtYsNDpAuGPqux53lI9v9S5u4oAv\n" + + "m1Sa3MW7CeEnhHNAIFu/AKvNXSfkvnJpTozWstZMjd93DcNacteBG0fBKTkIq+5k\n" + + "A8qIBiXWk8NORlbjV5bXnoW2pO7wbrALDK3FGf2JAQjuYWXE1mlVk0+SJewUSN+F\n" + + "XTl63V3tcaqjxhoViY8/dCWc7pNTPgQ/f+Rmnm1bpE0hxVPpQ29+60lyoNtKiOWj\n" + + "InKRKBV8jYkR/xI13bKWguaxZnswpf2MrophQTvO9ivPHADWhZlNYYjYYEMl4tbi\n" + + "rG2EquJ7g8Jdo+aL3BggLv5gFkpfoEcaveNuUWy7ggUl7MNhvgDdWdoi6VY7R8Fi\n" + + "F52+JqPByGpHkZKi0wPa3BaI7guGGyCn3TMe66kNTMS4ADxHktqQlpNSaYYl/84G\n" + + "lnr2WxQt/W+sXoorlKc/Kh0ubbm6eDzPE8kkIDV2uIxUEgSL7SJQ95yf5XgRihoH\n" + + "KoBA45iR5vCtAgMBAAGjggF1MIIBcTAfBgNVHSMEGDAWgBQVhsq2dJYXSFg0gizN\n" + + "0uF1nq9EtzAdBgNVHQ4EFgQUDs5dk74eElzdEKdxIlkzISoWSFkwDgYDVR0PAQH/\n" + + "BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMDMDcGA1UdHwQwMC4wLKAqoCiGJmh0\n" + + "dHA6Ly9jcmwuZW1zaWduLmNvbT9lbVNpZ25DU0NBRzIuY3JsME4GA1UdIARHMEUw\n" + + "OQYLKwYBBAGDjiEBAAEwKjAoBggrBgEFBQcCARYcaHR0cDovL3JlcG9zaXRvcnku\n" + + "ZW1TaWduLmNvbTAIBgZngQwBBAEwcwYIKwYBBQUHAQEEZzBlMCIGCCsGAQUFBzAB\n" + + "hhZodHRwOi8vb2NzcC5lbVNpZ24uY29tMD8GCCsGAQUFBzAChjNodHRwOi8vcmVw\n" + + "b3NpdG9yeS5lbXNpZ24uY29tL2NlcnRzL2VtU2lnbkNTQ0FHMi5jcnQwDAYDVR0T\n" + + "AQH/BAIwADANBgkqhkiG9w0BAQwFAAOCAgEAGa2XSoRkoIkHHHGXrdzTBCf/+KgK\n" + + "FlHhqlBOk5rwLDX1sfNlmsaz10I69phE90Ac8Coa/xCrBaFrTYqRvmkY9gU19jkn\n" + + "FdVcwQEHNku7Ro/Z/mbyi+aTBzHMTy0Vl4HqVnQInjV891n64SerUuAB7wNVOOho\n" + + "GoBfpf6lzDzzuEmetFokHYv1tWGQqPF/dHLARQraUlQpWjsnOx0QcZ5cM79REONE\n" + + "y6uzXT2vaatT3ns8Mtx8zooq+t8pnZlXJqlrwNTcnPad9gSsVu6vfsnWhLhz0VLG\n" + + "sYPXcWIssLbBQW3v5z0l1Isj7vy2UFfbn8AmZ0PanPo3v3C2sk19DK+Zlc9xBAXc\n" + + "KKwc4m8le6QkP/EB2wUA7ey5Cf29hjNDJpZznquEaWl9aKbBRdJDKsK88IBJjzK0\n" + + "Gbpw9fYJ3txuGA7Q27gyaZAeGAIrFvOtRY0XFbr20qSh2GBBYN57+lBPh4UKqgy8\n" + + "Z2Kk/2jK9k+nm41JYCmwVZHg3Va9RRfW8FkeE95gAUFPDWjeV+GvcimCbcB3DwaZ\n" + + "9fy1qfV4xsduhC3ei6f7Ask8LbAEWaEIXmgK10YbIfhzomCyCzlA+E+gwkq/bmkv\n" + + "B8hh27KWA6IRt7URI51MZlh0e8fULyXlOZcoJA/IPX9RdePa2RHFuPSypBHjoN7z\n" + + "6bCML1XZ2xnHIAg=\n" + + "-----END CERTIFICATE-----"; + + public static void main(String[] args) throws Exception { + + ValidatePathWithParams pathValidator = new ValidatePathWithParams(null); + + if (args.length >= 1 && "CRL".equalsIgnoreCase(args[0])) { + pathValidator.enableCRLCheck(); + } else { + // OCSP check by default + pathValidator.enableOCSPCheck(); + } + + // Validate valid + pathValidator.validate(new String[]{VALID, INT}, + ValidatePathWithParams.Status.GOOD, null, System.out); + + // Validate Revoked + pathValidator.validate(new String[]{REVOKED, INT}, + ValidatePathWithParams.Status.REVOKED, + "Thu Oct 05 22:51:36 PDT 2023", System.out); + } +} \ No newline at end of file diff --git a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/EntrustCA.java b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/EntrustCA.java deleted file mode 100644 index 40b01309ccb..00000000000 --- a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/EntrustCA.java +++ /dev/null @@ -1,319 +0,0 @@ -/* - * Copyright (c) 2018, 2020, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -/* - * @test - * @bug 8195774 8243321 - * @summary Interoperability tests with Entrust CAs - * @build ValidatePathWithParams - * @run main/othervm -Djava.security.debug=certpath EntrustCA OCSP - * @run main/othervm -Djava.security.debug=certpath EntrustCA CRL - */ - -/* - * Obtain test artifacts for Entrust CA from: - * - * EC CA: - * Valid: https://validec.entrust.net - * Revoked https://revokedec.entrust.net - * - * G4 CA: - * Valid: https://validg4.entrust.net - * Revoked: https://revokedg4.entrust.net - */ -public class EntrustCA { - - public static void main(String[] args) throws Exception { - - ValidatePathWithParams pathValidator = new ValidatePathWithParams(null); - boolean ocspEnabled = false; - - if (args.length >= 1 && "CRL".equalsIgnoreCase(args[0])) { - pathValidator.enableCRLCheck(); - } else { - // OCSP check by default - pathValidator.enableOCSPCheck(); - ocspEnabled = true; - } - - new Entrust_ECCA().runTest(pathValidator, ocspEnabled); - new Entrust_G4().runTest(pathValidator, ocspEnabled); - } -} - -class Entrust_ECCA { - - // Owner: CN=Entrust Certification Authority - L1J, OU="(c) 2016 Entrust, Inc. - for authorized use only", - // OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US - // Issuer: CN=Entrust Root Certification Authority - EC1, OU="(c) 2012 Entrust, Inc. - for authorized use only", - // OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US - private static final String INT = "-----BEGIN CERTIFICATE-----\n" + - "MIID5zCCA2ygAwIBAgIQCoPUgD5+n1EAAAAAUdTB9zAKBggqhkjOPQQDAzCBvzEL\n" + - "MAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1Nl\n" + - "ZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDEy\n" + - "IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEzMDEGA1UE\n" + - "AxMqRW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRUMxMB4X\n" + - "DTE2MDQwNTIwMTk1NFoXDTM3MTAwNTIwNDk1NFowgboxCzAJBgNVBAYTAlVTMRYw\n" + - "FAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1c3Qu\n" + - "bmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxNiBFbnRydXN0LCBJbmMu\n" + - "IC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLjAsBgNVBAMTJUVudHJ1c3QgQ2Vy\n" + - "dGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMUowdjAQBgcqhkjOPQIBBgUrgQQAIgNi\n" + - "AAT14eFXmpQX/dEf7NAxrMH13n0btz1KKvH2S1rROGPAKex2CY8yxznbffK/MbCk\n" + - "F7ByYXGs1+8kL5xmTysU/c+YmjOZx2mMSAk2DPw30fijJ3tRrwChZ+TBpgtB6+A5\n" + - "MsCjggEuMIIBKjAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADAz\n" + - "BggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1c3Qu\n" + - "bmV0MDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZW50cnVzdC5uZXQvZWMx\n" + - "cm9vdC5jcmwwOwYDVR0gBDQwMjAwBgRVHSAAMCgwJgYIKwYBBQUHAgEWGmh0dHA6\n" + - "Ly93d3cuZW50cnVzdC5uZXQvcnBhMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF\n" + - "BQcDAjAdBgNVHQ4EFgQUw/lFA77I+Qs8RTXz63Ls5+jrlJswHwYDVR0jBBgwFoAU\n" + - "t2PnGt2N6QimVYOk4GpQQWURQkkwCgYIKoZIzj0EAwMDaQAwZgIxAPnVAOqxKDd7\n" + - "v37EBmpPqWCCWBFPKW6HpRx3GUWc9caeQIw8rO2HXYgf92pb/TsJYAIxAJhI0MpR\n" + - "z5L42xF1R9UIPfQxCMwgsnWBqIqcfMrMO+2DxQy6GIP3cFFj9gRyxguKWw==\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=validec.entrust.net, SERIALNUMBER=D15576572, OID.2.5.4.15=Private Organization, O="Entrust, Inc.", - // OID.1.3.6.1.4.1.311.60.2.1.2=Maryland, OID.1.3.6.1.4.1.311.60.2.1.3=US, L=Kanata, ST=Ontario, C=CA - // Issuer: CN=Entrust Certification Authority - L1J, OU="(c) 2016 Entrust, Inc. - for authorized use only", - // OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIFrTCCBTKgAwIBAgIQYtgW4DLwh74AAAAAVqBXkTAKBggqhkjOPQQDAjCBujEL\n" + - "MAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1Nl\n" + - "ZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDE2\n" + - "IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwGA1UE\n" + - "AxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSjAeFw0xODA2\n" + - "MjUxMzE1NTdaFw0xOTA2MjUxMzQ1NTBaMIHJMQswCQYDVQQGEwJDQTEQMA4GA1UE\n" + - "CBMHT250YXJpbzEPMA0GA1UEBxMGS2FuYXRhMRMwEQYLKwYBBAGCNzwCAQMTAlVT\n" + - "MRkwFwYLKwYBBAGCNzwCAQITCE1hcnlsYW5kMRYwFAYDVQQKEw1FbnRydXN0LCBJ\n" + - "bmMuMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjESMBAGA1UEBRMJRDE1\n" + - "NTc2NTcyMRwwGgYDVQQDExN2YWxpZGVjLmVudHJ1c3QubmV0MFkwEwYHKoZIzj0C\n" + - "AQYIKoZIzj0DAQcDQgAEHQe7lUaAUgIwR9EiLJlhkbx+HfSr22M3JvQD6+fnYgqd\n" + - "55e6E1UE45fk92UpqPi1CEbXrdpmWKu1Z470B9cPGaOCAwcwggMDMB4GA1UdEQQX\n" + - "MBWCE3ZhbGlkZWMuZW50cnVzdC5uZXQwggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsB\n" + - "aQB1AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABZDcxpMkAAAQD\n" + - "AEYwRAIgIb0PwjCcNOchJg8Zywz/0Lwm2vEOJUSao6BqNUIsyaYCIElHHexB06LE\n" + - "yXWDXO7UqOtWT6uqkdJN8V4TzwT9B4o4AHcA3esdK3oNT6Ygi4GtgWhwfi6OnQHV\n" + - "XIiNPRHEzbbsvswAAAFkNzGkvgAABAMASDBGAiEAlxy/kxB9waIifYn+EV550pvA\n" + - "C3jUfS/bjsKbcsBH9cQCIQDSHTJORz6fZu8uLFhpV525pw7iHVh2dSn3gpcteObh\n" + - "DQB3ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABZDcxpTsAAAQD\n" + - "AEgwRgIhAPCBqVqSvAEIXMPloV0tfBEEdjRrAhiG407cPqYwt9AFAiEAuQf4R5os\n" + - "MLkD3XhxvrTDvnD+PUOf8PzPevsWkuxNqcQwDgYDVR0PAQH/BAQDAgeAMB0GA1Ud\n" + - "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBjBggrBgEFBQcBAQRXMFUwIwYIKwYB\n" + - "BQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1c3QubmV0MC4GCCsGAQUFBzAChiJodHRw\n" + - "Oi8vYWlhLmVudHJ1c3QubmV0L2wxai1lYzEuY2VyMDMGA1UdHwQsMCowKKAmoCSG\n" + - "Imh0dHA6Ly9jcmwuZW50cnVzdC5uZXQvbGV2ZWwxai5jcmwwSgYDVR0gBEMwQTA2\n" + - "BgpghkgBhvpsCgECMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly93d3cuZW50cnVzdC5u\n" + - "ZXQvcnBhMAcGBWeBDAEBMB8GA1UdIwQYMBaAFMP5RQO+yPkLPEU18+ty7Ofo65Sb\n" + - "MB0GA1UdDgQWBBT+J7OhS6gskCanmOGnx10DPSF8ATAJBgNVHRMEAjAAMAoGCCqG\n" + - "SM49BAMCA2kAMGYCMQCQLUQABT74TmdHzAtB97uNF5+Zy15wzkmlKeRSOXCIf2C5\n" + - "YKjsgdkR1OdzZXcpjNgCMQDfWcdPhodNXZC4l1lLPOPaTzPPw6uVqqoITQlc6r1t\n" + - "dRkkD6K9ii/X8EtwoFp7s80=\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=revokedec.entrust.net, SERIALNUMBER=115868500, OID.2.5.4.15=Private Organization, O="Entrust, Inc.", - // OID.1.3.6.1.4.1.311.60.2.1.2=Texas, OID.1.3.6.1.4.1.311.60.2.1.3=US, L=Kanata, ST=Ontario, C=CA - // Issuer: CN=Entrust Certification Authority - L1J, OU="(c) 2016 Entrust, Inc. - for authorized use only", - // OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIGJzCCBaygAwIBAgIRAM0WDfag1taIAAAAAFagJ5gwCgYIKoZIzj0EAwIwgbox\n" + - "CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9T\n" + - "ZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAx\n" + - "NiBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLjAsBgNV\n" + - "BAMTJUVudHJ1c3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMUowHhcNMTcw\n" + - "NTI0MTcwNzA4WhcNMTkwNTI0MTczNjU1WjCByDELMAkGA1UEBhMCQ0ExEDAOBgNV\n" + - "BAgTB09udGFyaW8xDzANBgNVBAcTBkthbmF0YTETMBEGCysGAQQBgjc8AgEDEwJV\n" + - "UzEWMBQGCysGAQQBgjc8AgECEwVUZXhhczEWMBQGA1UEChMNRW50cnVzdCwgSW5j\n" + - "LjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEjAQBgNVBAUTCTExNTg2\n" + - "ODUwMDEeMBwGA1UEAxMVcmV2b2tlZGVjLmVudHJ1c3QubmV0MFkwEwYHKoZIzj0C\n" + - "AQYIKoZIzj0DAQcDQgAEN5MP/59yrs9uwVM/Mrc8IuHonMChAZgN2twwvh8KTnR2\n" + - "3stfem/R+NtLccq+4ds1+8ktnXgP7u1x0as6IJOH1qOCA4EwggN9MCAGA1UdEQQZ\n" + - "MBeCFXJldm9rZWRlYy5lbnRydXN0Lm5ldDCCAfcGCisGAQQB1nkCBAIEggHnBIIB\n" + - "4wHhAHYA7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiDAMR7iXqo/csAAAFcO4iiogAA\n" + - "BAMARzBFAiAgHVpryyNVgnsUIihu+5DC2/vuP8Cy5iXq8NhCBXg8UgIhAKi5jImT\n" + - "f1FJksvHboc0EZh9TWhWljVZ6E5jB2CL+qzeAHcAVhQGmi/XwuzT9eG9RLI+x0Z2\n" + - "ubyZEVzA75SYVdaJ0N0AAAFcO4ij9QAABAMASDBGAiEA4B2p2726ISSkKC9WVlzj\n" + - "BVwYZ1Hr7mTjPrFqkoGpEHYCIQC5iuInkJXGBANLTH06BHIQkkr4KnFRl9QBOSw4\n" + - "b+kNqgB1AN3rHSt6DU+mIIuBrYFocH4ujp0B1VyIjT0RxM227L7MAAABXDuIpkcA\n" + - "AAQDAEYwRAIgQ9ssw19wIhHWW6IWgwnIyB7e30HacBNX6S1eQ3GUX04CICffGj3A\n" + - "WWmK9lixmk35YklMnSXNqHQezSYRiCYtXxejAHcApLkJkLQYWBSHuxOizGdwCjw1\n" + - "mAT5G9+443fNDsgN3BAAAAFcO4inUwAABAMASDBGAiEA+8T9tpPw/mU/STsNv0oz\n" + - "8Nla21fKlpEOyWqDKWPSUeYCIQCwI5tDyyaJtyFY9/OVqLG+BKPKjscUtTqGJYl4\n" + - "XbOo1jAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF\n" + - "BwMCMGMGCCsGAQUFBwEBBFcwVTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50\n" + - "cnVzdC5uZXQwLgYIKwYBBQUHMAKGImh0dHA6Ly9haWEuZW50cnVzdC5uZXQvbDFq\n" + - "LWVjMS5jZXIwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5l\n" + - "dC9sZXZlbDFqLmNybDBKBgNVHSAEQzBBMDYGCmCGSAGG+mwKAQIwKDAmBggrBgEF\n" + - "BQcCARYaaHR0cDovL3d3dy5lbnRydXN0Lm5ldC9ycGEwBwYFZ4EMAQEwHwYDVR0j\n" + - "BBgwFoAUw/lFA77I+Qs8RTXz63Ls5+jrlJswHQYDVR0OBBYEFIj28ytR8ulo1p2t\n" + - "ZnBQOLK0rlLUMAkGA1UdEwQCMAAwCgYIKoZIzj0EAwIDaQAwZgIxANzqGRI0en5P\n" + - "gSUDcdwoQSNKrBPBfGz2AQVLHAXsxvIlGhKZAQtM49zxA8AdFy/agwIxAMEjJH6A\n" + - "4UbcGZc40eYu6wUbAxiUDD3gwSElNQ8Z6IhNLPCCdMM6KZORyaagAcXn4A==\n" + - "-----END CERTIFICATE-----"; - - public void runTest(ValidatePathWithParams pathValidator, boolean ocspEnabled) throws Exception { - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, - "Wed May 24 10:39:28 PDT 2017", System.out); - } -} - -class Entrust_G4 { - - // Owner: CN=Entrust Certification Authority - L1N, OU="(c) 2014 Entrust, Inc. - for authorized use only", - // OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US - // Issuer: CN=Entrust Root Certification Authority - G4, OU="(c) 2015 Entrust, Inc. - for authorized use only", - // OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US - private static final String INT = "-----BEGIN CERTIFICATE-----\n" + - "MIIGMjCCBBqgAwIBAgIRAKvsd/8bQQwHAAAAAFVl2AUwDQYJKoZIhvcNAQELBQAw\n" + - "gb4xCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL\n" + - "Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg\n" + - "MjAxNSBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMjAw\n" + - "BgNVBAMTKUVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEc0\n" + - "MB4XDTE3MTEyMjIwMDQyMFoXDTMwMTIyMjIwMzQyMFowgboxCzAJBgNVBAYTAlVT\n" + - "MRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1\n" + - "c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxNCBFbnRydXN0LCBJ\n" + - "bmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLjAsBgNVBAMTJUVudHJ1c3Qg\n" + - "Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMU4wggEiMA0GCSqGSIb3DQEBAQUA\n" + - "A4IBDwAwggEKAoIBAQDcSG+caYQ4xcvf+dt8bgCEHorO0g5j0H1NOtQzRXgUoG8y\n" + - "QuRbJX9swyKqQZbsc18YvTV8OKA/uSNE46Jvq47TFPojWWTVLbNDqpM07e4EFYKs\n" + - "A9NFzAUngijnf3ivnXA6iNPAMXaEhXmhY/YFjk8NoM7Y1PFsA0oj5hamKQ06iO/j\n" + - "gvBScLmnQ1ju9Qj9IGIg18UL5AJNw0frspLUQBYVrLGaqAy5Nl2BUJKaZ4vnSLvP\n" + - "nk6YrB15mo1phHae10Ba4fx7R3z8IZ/hby4OXTy/KZpu107VEQPAwTuDK8ZXxB5y\n" + - "0DSzi4vaw27aLrUsq4aFqUo03gEfC31vWW76TNkFAgMBAAGjggErMIIBJzAOBgNV\n" + - "HQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEF\n" + - "BQcDAQYIKwYBBQUHAwIwOwYDVR0gBDQwMjAwBgRVHSAAMCgwJgYIKwYBBQUHAgEW\n" + - "Gmh0dHA6Ly93d3cuZW50cnVzdC5uZXQvcnBhMDMGCCsGAQUFBwEBBCcwJTAjBggr\n" + - "BgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMAYDVR0fBCkwJzAloCOg\n" + - "IYYfaHR0cDovL2NybC5lbnRydXN0Lm5ldC9nNGNhLmNybDAdBgNVHQ4EFgQU7kfR\n" + - "hXHx/S23P7s+Y1h3F0lADpUwHwYDVR0jBBgwFoAUnzjEViPDOeigcWzoVEzk6Dqx\n" + - "v2cwDQYJKoZIhvcNAQELBQADggIBACMeFFgsWmC7h6D1v8DJUkOpm/m5UhVhO0hb\n" + - "pQMQKMhKkl744Y9SWG4WNmpQy743TTciEJPZFhc7ke2R6VmK8ZJUqro2awOw1RWZ\n" + - "OtHla59Btf1NQd41vOVdU+qFhs8lFfXg9sK7YHTrfxHtMXLoGnkkamK3xJgn7sXa\n" + - "/zUvUDBTpDCXcpO9SyHoKIQswmkIPpRyIdPF4biRdR3N+9MYmlfqN/Nk3OEZ73xZ\n" + - "AUZP6Gu+f9cEiHTA8NdYHCPLJWyFnIHWK+QuTFEnKYnOYxCeroLBNOO64e8JWZ39\n" + - "kZ22BBXhHzqOCCczS7JOJTRF+JgvWuxbFwRstj8qf3fE+JndWmq2FC4hTHtpuK5K\n" + - "ENuiRm5gdkXfsXmB+qB6y5gaajiTIMscGIcZIKTe2YdKrLoicvEz8k+loM7favik\n" + - "vzFioTNTDHYGx3mkfElBE7ycY8n+jZE3QBBv33k28MeQi7XNgEaMc4tYwoZIdE9A\n" + - "xVccXTzEQzka82dOkRB1dU0XZId9XAWv+CtNc2TjF6Wgx2seA/c6H8S0IfgQBIV2\n" + - "8iN2wZns2QFdawkdy3hMUqPnA++kuGhLW3GemsIY5dP/WxY8rd+OfLb/Ks9T1pCd\n" + - "28t7PQRcQsgkYmouzrOW9ASBvYqLLdhl4y+fFXff8RkPIKMNoYP06WJvRKmky9R/\n" + - "41/nXRas\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=validg4.entrust.net, SERIALNUMBER=1913605, OID.2.5.4.15=Private Organization, - // O=Entrust Datacard Limited, OID.1.3.6.1.4.1.311.60.2.1.2=Ontario, OID.1.3.6.1.4.1.311.60.2.1.3=CA, - // L=Ottawa, ST=Ontario, C=CA - // Issuer: CN=Entrust Certification Authority - L1N, OU="(c) 2014 Entrust, Inc. - for authorized use only", - // OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US - // Serial number: 83790beb78eeb966007ad3dbf11d570 - // Valid from: Fri May 29 13:29:00 PDT 2020 until: Sun Aug 28 13:34:23 PDT 2022 - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIFpjCCBI6gAwIBAgIQCDeQvreO65ZgB609vxHVcDANBgkqhkiG9w0BAQsFADCB\n" + - "ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT\n" + - "H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy\n" + - "MDE0IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG\n" + - "A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxTjAeFw0y\n" + - "MDA1MjkyMDI5MDBaFw0yMjA4MjgyMDM0MjNaMIHRMQswCQYDVQQGEwJDQTEQMA4G\n" + - "A1UECBMHT250YXJpbzEPMA0GA1UEBxMGT3R0YXdhMRMwEQYLKwYBBAGCNzwCAQMT\n" + - "AkNBMRgwFgYLKwYBBAGCNzwCAQITB09udGFyaW8xITAfBgNVBAoTGEVudHJ1c3Qg\n" + - "RGF0YWNhcmQgTGltaXRlZDEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24x\n" + - "EDAOBgNVBAUTBzE5MTM2MDUxHDAaBgNVBAMTE3ZhbGlkZzQuZW50cnVzdC5uZXQw\n" + - "ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC508f77Kp/kfbqs9DHfa+V\n" + - "977gsVzI78TzfN4tF3ujwnPgd9mzLArM71VJvceOJUto7ywRasxmFxOLHf7WN2Kg\n" + - "U1yk/Kp9WUNfjmjIkI+JfCTkaz1RztpW85GNN9SL/W2yFIxv0ijAiGoQeC7J80Ni\n" + - "+y31Q5+M0oPMzngBOtD8LpyVt+/lSwUvxwhlChu7LWpIFmBUriILkvh11vxaItZV\n" + - "Jm4g8amE33/eXPFjZxB4ABQpBMC4QVg10UP+DpimZuJa6oQZfoNUjDF2yKlyrA+z\n" + - "s3kK8SXzJhE5LQxBp158jAoCVZuER08cumw3wvXI5NGzkzDxpTGacDO0bDo2ULpN\n" + - "AgMBAAGjggGNMIIBiTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH\n" + - "AwIGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFOA38RC6Sv6hMUgY\n" + - "eLACjvqO13vsMB8GA1UdIwQYMBaAFO5H0YVx8f0ttz+7PmNYdxdJQA6VMGgGCCsG\n" + - "AQUFBwEBBFwwWjAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQw\n" + - "MwYIKwYBBQUHMAKGJ2h0dHA6Ly9haWEuZW50cnVzdC5uZXQvbDFuLWNoYWluMjU2\n" + - "LmNlcjAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmVudHJ1c3QubmV0L2xl\n" + - "dmVsMW4uY3JsMB4GA1UdEQQXMBWCE3ZhbGlkZzQuZW50cnVzdC5uZXQwSwYDVR0g\n" + - "BEQwQjA3BgpghkgBhvpsCgECMCkwJwYIKwYBBQUHAgEWG2h0dHBzOi8vd3d3LmVu\n" + - "dHJ1c3QubmV0L3JwYTAHBgVngQwBATANBgkqhkiG9w0BAQsFAAOCAQEAOExxxxEk\n" + - "iAZZ4RJSWwI/CBQYAlUmd2wb/SBk9eYNAu/UL0XiAbwbOjH2dV6JHwAdwn0eoPR1\n" + - "KK/E1/OVoVibVBdxLMISPqdodRgHps6kGCOJxS8Zz8d3AEvx27EQ/Hg/EwIJZsUK\n" + - "dyb48V6a3XzExqLiwGu9oI9Ozm3/mo11ixmhvSFXH+FZf93qvvCSO+XTGGrLv5ja\n" + - "Tkazn/HgnwUBHd1TiO0jLhAdc+rZyd/SDjXMAXsa99zVfc2MY0Mb8+MohNHOwqYg\n" + - "tuYuirvtt9P0oteauL+iEBCRcqsmJaHGeaEyJH2QMxC5W22KpW245eHisW7rMoGQ\n" + - "9nbGmfe97p7bHQ==\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=revokedg4.entrust.net, SERIALNUMBER=1913605, OID.2.5.4.15=Private Organization, - // O=Entrust Datacard Limited, OID.1.3.6.1.4.1.311.60.2.1.2=Ontario, OID.1.3.6.1.4.1.311.60.2.1.3=CA, - // L=Ottawa, ST=Ontario, C=CA - // Issuer: CN=Entrust Certification Authority - L1N, OU="(c) 2014 Entrust, Inc. - for authorized use only", - // OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US - // Serial number: 24c5f46412b9dcc242a93017176979d6 - // Valid from: Fri May 29 13:36:00 PDT 2020 until: Sun Aug 28 13:40:43 PDT 2022 - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIFqjCCBJKgAwIBAgIQJMX0ZBK53MJCqTAXF2l51jANBgkqhkiG9w0BAQsFADCB\n" + - "ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT\n" + - "H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy\n" + - "MDE0IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG\n" + - "A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxTjAeFw0y\n" + - "MDA1MjkyMDM2MDBaFw0yMjA4MjgyMDQwNDNaMIHTMQswCQYDVQQGEwJDQTEQMA4G\n" + - "A1UECBMHT250YXJpbzEPMA0GA1UEBxMGT3R0YXdhMRMwEQYLKwYBBAGCNzwCAQMT\n" + - "AkNBMRgwFgYLKwYBBAGCNzwCAQITB09udGFyaW8xITAfBgNVBAoTGEVudHJ1c3Qg\n" + - "RGF0YWNhcmQgTGltaXRlZDEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24x\n" + - "EDAOBgNVBAUTBzE5MTM2MDUxHjAcBgNVBAMTFXJldm9rZWRnNC5lbnRydXN0Lm5l\n" + - "dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN6Bvaj7EG752e15UQH9\n" + - "4o8+660Gi3caUAAu45vZebO7EfRgrz0zyalpiexmQzocGn6Zog2yVqmMZjrMY11a\n" + - "q96s0pzVKImnA/787G7J5lRncP+PM6/WGtUUGS2hHiifoW5Ya/kcI1uk6EDT0leb\n" + - "HIedOiwcfDkq38g5ckuWNae24DAD8AM9XBJXMuNbuiqo03wMlDL3Jif8wNQfpmPD\n" + - "b+KR6IwGJdYwLBMoMcPmZF0rykW3YTO2NTDGCwvT8zzvjIKp8caRkI6pfkKmc89U\n" + - "Nvgbk/d9JEsgQLbYmRKVnhtnt756U7v3+0kZITxzfsBvQZ6zC7X4FAcTN1302RGn\n" + - "NGsCAwEAAaOCAY8wggGLMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF\n" + - "BQcDAgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQULjRc9DEsa0kD\n" + - "uhKNo6cCqQ+mPjgwHwYDVR0jBBgwFoAU7kfRhXHx/S23P7s+Y1h3F0lADpUwaAYI\n" + - "KwYBBQUHAQEEXDBaMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5lbnRydXN0Lm5l\n" + - "dDAzBggrBgEFBQcwAoYnaHR0cDovL2FpYS5lbnRydXN0Lm5ldC9sMW4tY2hhaW4y\n" + - "NTYuY2VyMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZW50cnVzdC5uZXQv\n" + - "bGV2ZWwxbi5jcmwwIAYDVR0RBBkwF4IVcmV2b2tlZGc0LmVudHJ1c3QubmV0MEsG\n" + - "A1UdIAREMEIwNwYKYIZIAYb6bAoBAjApMCcGCCsGAQUFBwIBFhtodHRwczovL3d3\n" + - "dy5lbnRydXN0Lm5ldC9ycGEwBwYFZ4EMAQEwDQYJKoZIhvcNAQELBQADggEBAGab\n" + - "wtgpooQW3YL2Cqk9RDJFbNct5BSbzgY9qN1TOe4L7gbjV0BJBCcsHOCjvbgEuzME\n" + - "FC/kAmBu7eMnKVAqCCsWaI8XV7xB7P/BqHpvf9LI/GyHg4wCYdxgFGBXHOjlSy+8\n" + - "YWRM5UnFUknqbj1B4u2/U+U3X66QXi+MWrmBdjpcMahpY5zP1Bh90OmIc8DY4arf\n" + - "widObgJe2H/VFScudLf5JMpBso2v772GYTRr5Tqqq3ouS9WvDf0NBvoStt1oiUMP\n" + - "oowesfNiaYa/rZzWRlhYNs089KUeLhjOZswtIY5LCyy+Wt3CHgXljGEQFgi7p59s\n" + - "gk0aMRYM9Gri26VbD5A=\n" + - "-----END CERTIFICATE-----"; - - public void runTest(ValidatePathWithParams pathValidator, boolean ocspEnabled) throws Exception { - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, - "Fri May 29 13:42:13 PDT 2020", System.out); - } -} diff --git a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/GlobalSignR6CA.java b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/GlobalSignR6CA.java deleted file mode 100644 index 244ef26c2ca..00000000000 --- a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/GlobalSignR6CA.java +++ /dev/null @@ -1,212 +0,0 @@ -/* - * Copyright (c) 2019, 2020, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - - /* - * @test - * @bug 8216577 8249176 - * @summary Interoperability tests with GlobalSign R6 CA - * @build ValidatePathWithParams - * @run main/othervm -Djava.security.debug=certpath GlobalSignR6CA OCSP - * @run main/othervm -Djava.security.debug=certpath GlobalSignR6CA CRL - */ - - /* - * - * Obtain TLS test artifacts for GlobalSign R6 CA from: - * - * Valid TLS Certificates: - * https://valid.r6.roots.globalsign.com/ - * - * Revoked TLS Certificates: - * https://revoked.r6.roots.globalsign.com/ - */ -public class GlobalSignR6CA { - - // Owner: CN=GlobalSign Atlas R6 EV TLS CA 2020, O=GlobalSign nv-sa, C=BE - // Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R6 - // Serial number: 7803182afbecd89eb19309bb4a25bdaa - // Valid from: Mon Jul 27 17:00:00 PDT 2020 until: Sat Jul 27 17:00:00 PDT 2030 - private static final String INT = "-----BEGIN CERTIFICATE-----\n" + - "MIIGwDCCBKigAwIBAgIQeAMYKvvs2J6xkwm7SiW9qjANBgkqhkiG9w0BAQwFADBM\n" + - "MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSNjETMBEGA1UEChMKR2xv\n" + - "YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDA3MjgwMDAwMDBaFw0z\n" + - "MDA3MjgwMDAwMDBaMFUxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWdu\n" + - "IG52LXNhMSswKQYDVQQDEyJHbG9iYWxTaWduIEF0bGFzIFI2IEVWIFRMUyBDQSAy\n" + - "MDIwMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtQ8IiN2Ukq/Clynv\n" + - "HhqugFQg5SXIyVO4ZRnxo0hNnaek78LRn4Bkaqcwv6Ls0Ftn4bK2zvBaS1zsfUTA\n" + - "vfup/s86zHCRvOqAL8zO/WiMV1G5ikHSlD6RtpIOHRX4y0oIGW59ADY0ANwDeDWL\n" + - "x/RgSltuQIqeGXwZnyZFwWtxVkSE4p5tn2Lb6USzwcD22taiXmeYsPMWfJfmWPRj\n" + - "ZuYBgxn6tvUVRO+ZzAUKEEaJK/LVLieAVEmfR6anEJ/gWczxz12Lwu6qF5ov0OQt\n" + - "AP0rfruyje/EJt6xHjpJ2OgDzCWYstXOpRPDHYS3klpaRbowAlpJdYMRAqY5CNiP\n" + - "RAx3wvsWCVI5UkzKVD6RuHHVpfzfdKAfsjHa/aSunHtTpE+NUf3Q/3qHXW5cyDnP\n" + - "Jt6VTVVVevjTquwH1xrUigukDbeopV1owsqIA5aw2io7RbBorwPBA0veinHN4vP9\n" + - "X8jbTiIiLjlfJOnHZe7pIhb3T9WCqhwwsBNPQpKizGHCj5kL2UJe7N5u4RywFOZE\n" + - "l5mbTX4zO6Vj3WM9ZVbZgXVNwEjS5mYq/rvC1yr9obNUJ8br6JAd2ZBnzhA5Zn4s\n" + - "bIP99TlUBZWczw+vPM7g1S4e4cyd+8CULVhVs87QlyvwWnRbH7fXZo8xLzhzMCjB\n" + - "8Y0cNdL1S6QKrrhC6Pf6tV/JU20CAwEAAaOCAZMwggGPMA4GA1UdDwEB/wQEAwIB\n" + - "hjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB\n" + - "/wIBADAdBgNVHQ4EFgQUhNwhC8eoXXKXhId+8tW2+nFWTvswHwYDVR0jBBgwFoAU\n" + - "rmwFo5MT4qLn4tcc1sfwf8hnU6AwewYIKwYBBQUHAQEEbzBtMC4GCCsGAQUFBzAB\n" + - "hiJodHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vcm9vdHI2MDsGCCsGAQUFBzAC\n" + - "hi9odHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9yb290LXI2LmNy\n" + - "dDA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL3Jv\n" + - "b3QtcjYuY3JsMFUGA1UdIAROMEwwQQYJKwYBBAGgMgEBMDQwMgYIKwYBBQUHAgEW\n" + - "Jmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAcGBWeBDAEB\n" + - "MA0GCSqGSIb3DQEBDAUAA4ICAQBD+97H2N1BgiliKQFrb+jcWjkmPP8cdF/eiBW1\n" + - "cEzOOhsuVqxbyIk8qdw3UueHSDjqWUjHYoo8TV3DLqUXmIy1Ks3MkESsFKeLpEbk\n" + - "VMZga0lbDnqqRc5a2yzrXmwVYDeWVeD20s5vPoKCnFzmcR+2v9TKD4bI6XWVl84q\n" + - "GzfFRVdY9f8KN+7891+47ZhptvxtNqJKVI2O+EAP/PvTpwes983LkFzsev4/+Qxs\n" + - "EszD7/pE+Byj3t9CMat2XoX0jfJjbEXgewFb/gCwHvqNKLNWrYfE9qN8b6qm4xQk\n" + - "qGQKTrFKsBJx4TU+h10qXDhpmOBswiJqoG16XCV32oSn0JUYvXVAvP6YjueOv/jr\n" + - "0ZMTWGh8wCz6v3XBaXR0rxDAz9GImpU+xPx2XjuHac7OnYbN+i8p7cJPUxABjHiA\n" + - "LWXIZtCn5ziCfvYC6+SCp8x9TPJzAIfJ4NKv/8SpvvzuchVkAQqlQaGFBEdkX84R\n" + - "I/WYYG+2BliFIpbQnfljYWCURbfsYz7+Zxb94+4yzva49p8T6lALoK3s2kqIVLKN\n" + - "s6qAnk/qX6JihkaR3W+iViHMC5tqQX/pd8QIXccF3PA2OdeNGU4iUNZqUbYB4VZd\n" + - "AaOaeaUl0LwAta6DB5w344eUIqDgaitSwQZBnxppmwL3tGzP1ero2e2RvBmphbxI\n" + - "atIdxA==\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=valid.r6.roots.globalsign.com, - // O=GMO GlobalSign LTD, STREET="Springfield House, Sandling Road", OID.2.5.4.17=ME14 2LP, L=Maidstone, ST=Kent, - // C=GB, SERIALNUMBER=04705639, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=GB - // Issuer: CN=GlobalSign Atlas R6 EV TLS CA 2020, O=GlobalSign nv-sa, C=BE - // Serial number: 1aff2829dd8bf07aa65a7b3c920ca4b - // Valid from: Thu Aug 27 00:20:06 PDT 2020 until: Tue Sep 28 00:20:06 PDT 2021 - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIHyjCCBbKgAwIBAgIQAa/ygp3YvweqZaezySDKSzANBgkqhkiG9w0BAQsFADBV\n" + - "MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTErMCkGA1UE\n" + - "AxMiR2xvYmFsU2lnbiBBdGxhcyBSNiBFViBUTFMgQ0EgMjAyMDAeFw0yMDA4Mjcw\n" + - "NzIwMDZaFw0yMTA5MjgwNzIwMDZaMIH6MRMwEQYLKwYBBAGCNzwCAQMTAkdCMR0w\n" + - "GwYDVQQPDBRQcml2YXRlIE9yZ2FuaXphdGlvbjERMA8GA1UEBRMIMDQ3MDU2Mzkx\n" + - "CzAJBgNVBAYTAkdCMQ0wCwYDVQQIDARLZW50MRIwEAYDVQQHDAlNYWlkc3RvbmUx\n" + - "ETAPBgNVBBEMCE1FMTQgMkxQMSkwJwYDVQQJDCBTcHJpbmdmaWVsZCBIb3VzZSwg\n" + - "U2FuZGxpbmcgUm9hZDEbMBkGA1UECgwSR01PIEdsb2JhbFNpZ24gTFREMSYwJAYD\n" + - "VQQDDB12YWxpZC5yNi5yb290cy5nbG9iYWxzaWduLmNvbTCCASIwDQYJKoZIhvcN\n" + - "AQEBBQADggEPADCCAQoCggEBAMOxbh7fZVLUB06xxNBePa9vpOuAS5km1w8ngsTu\n" + - "SvH1LZnPFd4nu40fi8bPbHd4J2oRWZ28f7LKVQgBupn9knrTQxfTV361WpmwqCcH\n" + - "MxornKyHx4t5uGrtTtX2fYoNQQk330dIKAfKpUrOiaDybB7irG2JEHdGD3Iv7ud8\n" + - "FXfXgXte26mUDX3XeCvE0pbuNKpTKApqOeojlVR6TCNB1n6KGYLMIz/1ow6XBZ64\n" + - "1zKG/9o0gSHelkUHGmGLzOAE5YpkhwzhpND9opycnfieHuy5BcoBIpeMqGNwOsGu\n" + - "p+nhFz+N8mPjSjZEf0qx+FLF2cBmNFknJJCdnV7OYfKZHE0CAwEAAaOCAu4wggLq\n" + - "MCgGA1UdEQQhMB+CHXZhbGlkLnI2LnJvb3RzLmdsb2JhbHNpZ24uY29tMA4GA1Ud\n" + - "DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0O\n" + - "BBYEFLZolpEC8/bF44e/gnh4StQ9+URwMFUGA1UdIAROMEwwBwYFZ4EMAQEwQQYJ\n" + - "KwYBBAGgMgEBMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24u\n" + - "Y29tL3JlcG9zaXRvcnkvMAwGA1UdEwEB/wQCMAAwgZoGCCsGAQUFBwEBBIGNMIGK\n" + - "MD4GCCsGAQUFBzABhjJodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9jYS9nc2F0\n" + - "bGFzcjZldnRsc2NhMjAyMDBIBggrBgEFBQcwAoY8aHR0cDovL3NlY3VyZS5nbG9i\n" + - "YWxzaWduLmNvbS9jYWNlcnQvZ3NhdGxhc3I2ZXZ0bHNjYTIwMjAuY3J0MB8GA1Ud\n" + - "IwQYMBaAFITcIQvHqF1yl4SHfvLVtvpxVk77MEYGA1UdHwQ/MD0wO6A5oDeGNWh0\n" + - "dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vY2EvZ3NhdGxhc3I2ZXZ0bHNjYTIwMjAu\n" + - "Y3JsMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHYAfT7y+I//iFVoJMLAyp5SiXkr\n" + - "xQ54CX8uapdomX4i8NcAAAF0Lsm7CwAABAMARzBFAiB0fLxAlPzkPxZOVj7c8OFc\n" + - "YwycekW0Mo+sRm/BQYoeOgIhAK2lNW7ebraH//ZlLQD7dyzWCO+kgmkQo+mqdm1x\n" + - "4P15AHUAb1N2rDHwMRnYmQCkURX/dxUcEdkCwQApBo2yCJo32RMAAAF0Lsm7JAAA\n" + - "BAMARjBEAiALOZvdNiA9q1Ysr7ejTGdivUqNJNm9KftmGXwHFGwf2QIgDodNLmbZ\n" + - "JFGt8l5ul0fHw2Gn8KqhRUW6CMRT58svhcswDQYJKoZIhvcNAQELBQADggIBAByb\n" + - "hoL/sArmkNjTFiEEBocMfb+brgRQdb08NKC1BDxGnfIFjUmOFzI2SVgtBmcoF8FI\n" + - "0WyXQv6ZxVE01DFZpeZpsJJYfBAjg9NR4/B7UjajvOJwQNpaciAGQ0ZzTu+SmHja\n" + - "jIiC2KqiA7Me2MoUne6hhxZ3dXEneIml8hnbTf2mjSBCVpQqyf2goslhGduPitI6\n" + - "guTtVD2PVaNCVkjlRn4Euspl2JjQWzGcEruqGyQN+Bu4yt1hsD4Jj6V9Hmzo8Vrd\n" + - "5LUxFPRGIgCUDiiwnENVsQB/D24y3IapPkojujrvsVsmQN42GIgOY5tLK/8cCziD\n" + - "vf0GzZnmL1D2ezi3TaBj+XBWFcAyF2Y9AnVRmC9CrVcp6EX0KhD4g9ZgbpJZpVlk\n" + - "G3xfOiZWTeqLnQhCMXcdcutWIwXAX5gueyF1t545vECCE4PeGZNAeWqdbrj7xaS8\n" + - "3rKQdgwF9r6p7F5HHwEVCckhovEYU4DNFzYb9n/YmC3hmskFB1keTYqydKUYEGZ5\n" + - "fvLvsjRj9xwOCqIs5j1vuKw2CaqmHxrfYaDMMSZPq/iYrOWrf72wZIvtnAHePt3X\n" + - "atQMqNbDMQrjul31ljDP9CIbbtuZSkSACyMxiC10l4uTTLQiTxtZPkwIazOjnbBe\n" + - "A4fruOEQ2k1gu5oFgqmo+xuclOKNjwd/RkK4FXnD\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=revoked.r6.roots.globalsign.com, - // O=GMO GlobalSign LTD, STREET="Springfield House, Sandling Road", OID.2.5.4.17=ME14 2LP, L=Maidstone, ST=Kent, - // C=GB, SERIALNUMBER=04705639, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=GB - // Issuer: CN=GlobalSign Atlas R6 EV TLS CA 2020, O=GlobalSign nv-sa, C=BE - // Serial number: 1df30d84796ac20c47da63b8e681e8f - // Valid from: Thu Aug 27 00:37:53 PDT 2020 until: Tue Sep 28 00:37:53 PDT 2021 - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIHzzCCBbegAwIBAgIQAd8w2EeWrCDEfaY7jmgejzANBgkqhkiG9w0BAQsFADBV\n" + - "MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTErMCkGA1UE\n" + - "AxMiR2xvYmFsU2lnbiBBdGxhcyBSNiBFViBUTFMgQ0EgMjAyMDAeFw0yMDA4Mjcw\n" + - "NzM3NTNaFw0yMTA5MjgwNzM3NTNaMIH8MRMwEQYLKwYBBAGCNzwCAQMTAkdCMR0w\n" + - "GwYDVQQPDBRQcml2YXRlIE9yZ2FuaXphdGlvbjERMA8GA1UEBRMIMDQ3MDU2Mzkx\n" + - "CzAJBgNVBAYTAkdCMQ0wCwYDVQQIDARLZW50MRIwEAYDVQQHDAlNYWlkc3RvbmUx\n" + - "ETAPBgNVBBEMCE1FMTQgMkxQMSkwJwYDVQQJDCBTcHJpbmdmaWVsZCBIb3VzZSwg\n" + - "U2FuZGxpbmcgUm9hZDEbMBkGA1UECgwSR01PIEdsb2JhbFNpZ24gTFREMSgwJgYD\n" + - "VQQDDB9yZXZva2VkLnI2LnJvb3RzLmdsb2JhbHNpZ24uY29tMIIBIjANBgkqhkiG\n" + - "9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaNcp7bzmm02Z0S92ZzJ/ul3uQWz3EnBORcI\n" + - "RuEzm0HY4t0n9DGnxpxOi/aWGX/Vj7qZC4m3G7uCE7dMy6CfXTwh4UZ+nPVijImo\n" + - "q/msJzmju/pk8HVeOEhk88yvwfzmzYLjoQagmHnDUSQULEmNWihejIh4B61qx4SI\n" + - "UoBPoBgqDfZW27HkJeqNAO6rljZTZwLenJesm2QMjebYaKxQBi3fLy0Lua2sxTik\n" + - "fbT3swEPN9xxvMomtNNM2tJwdExL2RpO8dObUe37ep6roG7gWh8NYDKMo6j9Rn9e\n" + - "f0S9jwkcRM2kZSHR09HSu8ULBgP+KYa8DDpOyt+HO+2G57MhbQIDAQABo4IC8TCC\n" + - "Au0wKgYDVR0RBCMwIYIfcmV2b2tlZC5yNi5yb290cy5nbG9iYWxzaWduLmNvbTAO\n" + - "BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0G\n" + - "A1UdDgQWBBTa1/37G4T022LEW3WwIVV99qtjsjBVBgNVHSAETjBMMAcGBWeBDAEB\n" + - "MEEGCSsGAQQBoDIBATA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxz\n" + - "aWduLmNvbS9yZXBvc2l0b3J5LzAMBgNVHRMBAf8EAjAAMIGaBggrBgEFBQcBAQSB\n" + - "jTCBijA+BggrBgEFBQcwAYYyaHR0cDovL29jc3AuZ2xvYmFsc2lnbi5jb20vY2Ev\n" + - "Z3NhdGxhc3I2ZXZ0bHNjYTIwMjAwSAYIKwYBBQUHMAKGPGh0dHA6Ly9zZWN1cmUu\n" + - "Z2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dzYXRsYXNyNmV2dGxzY2EyMDIwLmNydDAf\n" + - "BgNVHSMEGDAWgBSE3CELx6hdcpeEh37y1bb6cVZO+zBGBgNVHR8EPzA9MDugOaA3\n" + - "hjVodHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL2NhL2dzYXRsYXNyNmV2dGxzY2Ey\n" + - "MDIwLmNybDCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AG9Tdqwx8DEZ2JkApFEV\n" + - "/3cVHBHZAsEAKQaNsgiaN9kTAAABdC7aAfUAAAQDAEcwRQIgHIAHHw/Y/VKaaHhy\n" + - "rZ/cMinivfZ4lUq2ejV7FRPbT8ECIQD3RoE13/MBVMVBLCQ2ErKsB5+7F31dX/tv\n" + - "Z/muQi5UrQB2AH0+8viP/4hVaCTCwMqeUol5K8UOeAl/LmqXaJl+IvDXAAABdC7a\n" + - "AegAAAQDAEcwRQIhALl0LXt6pFqS0cHF/XkxSfDJJdhppR2eSlcMFpZY0q1PAiBJ\n" + - "YkKHqq/YD0gwtZAUEPSk54G1cLxFoUiounjya1XTRzANBgkqhkiG9w0BAQsFAAOC\n" + - "AgEAdeQotBhB7bn+CztQmF13rdBphHrGkkyHC3hL1bxkmHJcrLQ5ochqPvgdgAVq\n" + - "DXcV8zSyNwVxW6REi+uYzcsOPKo/llmgF7Psqn1t/EDcutWlykh8UwE5UaLJ2EWD\n" + - "HnIu06n47lWtAwlNMXJ/ce0oVjqsgY52Y1u54e8wFXt6lsSw02tzIC6eo1BFKxQ3\n" + - "lDKYVXgg0OvMG/C2rvH/EIq5r+st49rNGWfcWRoHsDUruChZOHwJ9PrXKBLB/QVd\n" + - "4uw2V/0ipOETDudly7yLodXP8quhet4bCEO9gweXppL/MikLrE5xt46HW1/6w+jF\n" + - "wKCHWlq4ViswlaQ8q0oY/97o2udnuDQaNdrLgW3VofMeBIMNPBgkLDicOH6bLwNf\n" + - "lV68qi1ZBxBuOdoOqQyZ9RU9d3EL50XEJ4MtUvjJRAT5EWdFaB8SGGZbD5fyza8c\n" + - "KmeO5tkZWYecLd8CKqwKcW7umPflEwOzw60Cxg6eyBYA8Jfagpbdb/kXsF6Ov8IW\n" + - "vxNdHCnXnR3oBWm2uHddESO2zGF1ZfOb0O3cHHG5nCgVkWW68VpgX/LaN90u6Dzw\n" + - "diJX7esZV5ZaniqD+flWldgAdcfeXlJ5b7I7GnFr61ycmZT/qupagUS1WDq/zfct\n" + - "QcB4QmnAzGe6kcqiDOSyIYWpiw09jha63KpJtJDWRemrlQI=\n" + - "-----END CERTIFICATE-----"; - - public static void main(String[] args) throws Exception { - - ValidatePathWithParams pathValidator = new ValidatePathWithParams(null); - - if (args.length >= 1 && "CRL".equalsIgnoreCase(args[0])) { - pathValidator.enableCRLCheck(); - } else { - // OCSP check by default - pathValidator.enableOCSPCheck(); - } - - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, - "Thu Aug 27 00:38:11 PDT 2020", System.out); - } -} - diff --git a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/GoDaddyCA.java b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/GoDaddyCA.java deleted file mode 100644 index e8971b987ca..00000000000 --- a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/GoDaddyCA.java +++ /dev/null @@ -1,346 +0,0 @@ -/* - * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - - -/* - * @test - * @bug 8196141 - * @summary Interoperability tests with GoDaddy/Starfield CA - * @build ValidatePathWithParams - * @run main/othervm -Djava.security.debug=certpath GoDaddyCA OCSP - * @run main/othervm -Djava.security.debug=certpath GoDaddyCA CRL - */ - -/* - * Obtain test artifacts for GoDaddy/Starfield CAs from: - * - * Go Daddy Root Certificate Authority - G2: - * valid: https://valid.gdig2.catest.godaddy.com/ - * expired: https://expired.gdig2.catest.godaddy.com/ - * revoked: https://revoked.gdig2.catest.godaddy.com/ - * - * Starfield Root Certificate Authority - G2: - * valid: https://valid.sfig2.catest.starfieldtech.com/ - * expired: https://expired.sfig2.catest.starfieldtech.com/ - * revoked: https://revoked.sfig2.catest.starfieldtech.com/ - */ -public class GoDaddyCA { - - public static void main(String[] args) throws Exception { - - ValidatePathWithParams pathValidator = new ValidatePathWithParams(null); - - if (args.length >= 1 && "CRL".equalsIgnoreCase(args[0])) { - // CRL check - pathValidator.enableCRLCheck(); - } else { - // OCSP check by default - pathValidator.enableOCSPCheck(); - } - - new GoDaddyGdig2().runTest(pathValidator); - new GoDaddySfig2().runTest(pathValidator); - } -} - -class GoDaddyGdig2 { - - // Owner: CN=Go Daddy Secure Certificate Authority - G2, - // OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", - // L=Scottsdale, ST=Arizona, C=US - // Issuer: CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", - // L=Scottsdale, ST=Arizona, C=US - private static final String INT = "-----BEGIN CERTIFICATE-----\n" - + "MIIE0DCCA7igAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMx\n" - + "EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoT\n" - + "EUdvRGFkZHkuY29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRp\n" - + "ZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTExMDUwMzA3MDAwMFoXDTMxMDUwMzA3\n" - + "MDAwMFowgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQH\n" - + "EwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjEtMCsGA1UE\n" - + "CxMkaHR0cDovL2NlcnRzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMTMwMQYDVQQD\n" - + "EypHbyBEYWRkeSBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwggEi\n" - + "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC54MsQ1K92vdSTYuswZLiBCGzD\n" - + "BNliF44v/z5lz4/OYuY8UhzaFkVLVat4a2ODYpDOD2lsmcgaFItMzEUz6ojcnqOv\n" - + "K/6AYZ15V8TPLvQ/MDxdR/yaFrzDN5ZBUY4RS1T4KL7QjL7wMDge87Am+GZHY23e\n" - + "cSZHjzhHU9FGHbTj3ADqRay9vHHZqm8A29vNMDp5T19MR/gd71vCxJ1gO7GyQ5HY\n" - + "pDNO6rPWJ0+tJYqlxvTV0KaudAVkV4i1RFXULSo6Pvi4vekyCgKUZMQWOlDxSq7n\n" - + "eTOvDCAHf+jfBDnCaQJsY1L6d8EbyHSHyLmTGFBUNUtpTrw700kuH9zB0lL7AgMB\n" - + "AAGjggEaMIIBFjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNV\n" - + "HQ4EFgQUQMK9J47MNIMwojPX+2yz8LQsgM4wHwYDVR0jBBgwFoAUOpqFBxBnKLbv\n" - + "9r0FQW4gwZTaD94wNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8v\n" - + "b2NzcC5nb2RhZGR5LmNvbS8wNQYDVR0fBC4wLDAqoCigJoYkaHR0cDovL2NybC5n\n" - + "b2RhZGR5LmNvbS9nZHJvb3QtZzIuY3JsMEYGA1UdIAQ/MD0wOwYEVR0gADAzMDEG\n" - + "CCsGAQUFBwIBFiVodHRwczovL2NlcnRzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkv\n" - + "MA0GCSqGSIb3DQEBCwUAA4IBAQAIfmyTEMg4uJapkEv/oV9PBO9sPpyIBslQj6Zz\n" - + "91cxG7685C/b+LrTW+C05+Z5Yg4MotdqY3MxtfWoSKQ7CC2iXZDXtHwlTxFWMMS2\n" - + "RJ17LJ3lXubvDGGqv+QqG+6EnriDfcFDzkSnE3ANkR/0yBOtg2DZ2HKocyQetawi\n" - + "DsoXiWJYRBuriSUBAA/NxBti21G00w9RKpv0vHP8ds42pM3Z2Czqrpv1KrKQ0U11\n" - + "GIo/ikGQI31bS/6kA1ibRrLDYGCD+H1QQc7CoZDDu+8CL9IVVO5EFdkKrqeKM+2x\n" - + "LXY2JtwE65/3YR8V3Idv7kaWKK2hJn0KCacuBKONvPi8BDAB\n" - + "-----END CERTIFICATE-----"; - - // 1.3.6.1.4.1.311.60.2.1.3=US/1.3.6.1.4.1.311.60.2.1.2=Delaware/businessCategory=Private - // Organization/serialNumber=5510922, C=US, ST=Arizona, L=Scottsdale, O=GoDaddy INC., CN=valid.gdig2.catest.godaddy.com - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIHbzCCBlegAwIBAgIIC3Go9uPeseowDQYJKoZIhvcNAQELBQAwgbQxCzAJBgNV\n" + - "BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRow\n" + - "GAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjEtMCsGA1UECxMkaHR0cDovL2NlcnRz\n" + - "LmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMTMwMQYDVQQDEypHbyBEYWRkeSBTZWN1\n" + - "cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwHhcNMTcwOTE1MjMyMzAyWhcN\n" + - "MTkwOTE1MjMyMzAyWjCB1TETMBEGCysGAQQBgjc8AgEDEwJVUzEZMBcGCysGAQQB\n" + - "gjc8AgECEwhEZWxhd2FyZTEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24x\n" + - "EDAOBgNVBAUTBzU1MTA5MjIxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25h\n" + - "MRMwEQYDVQQHEwpTY290dHNkYWxlMRUwEwYDVQQKEwxHb0RhZGR5IElOQy4xJzAl\n" + - "BgNVBAMTHnZhbGlkLmdkaWcyLmNhdGVzdC5nb2RhZGR5LmNvbTCCASIwDQYJKoZI\n" + - "hvcNAQEBBQADggEPADCCAQoCggEBAO3xTbLfdIHiG1MIsBCz0oIg5vBxlzZyK5Rw\n" + - "DM6A/TWUDelFWyYj6fZDXYyHby4nAK9ibfhiT2f+q+5lEslye5Mt9gC39pZbpHE2\n" + - "eyJgmtNgmPGq15pf/87JE697BRwp9CWJP3yNYeamFl/F2THZOqlXCiSRbIGZ5TsZ\n" + - "sVb1vjFPmh249Ujw1zSThY9hA669Cyp3xb4iTowjCqdNYqbn22Jbk0SEXPYzLMf0\n" + - "mlY8xZ/e/8NxzJgev3N1LR3bPEijLYDZeZJ6WKc75pqNvgo8A+dEeX9bxFkCnstY\n" + - "6Iq0HTJua0TTD6V585YXNm4Z5OxjBE5kPkkFfwW0bb5dRZp86HUCAwEAAaOCA2Aw\n" + - "ggNcMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC\n" + - "MA4GA1UdDwEB/wQEAwIFoDA1BgNVHR8ELjAsMCqgKKAmhiRodHRwOi8vY3JsLmdv\n" + - "ZGFkZHkuY29tL2dkaWcyczMtOS5jcmwwXAYDVR0gBFUwUzBIBgtghkgBhv1tAQcX\n" + - "AzA5MDcGCCsGAQUFBwIBFitodHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHkuY29t\n" + - "L3JlcG9zaXRvcnkvMAcGBWeBDAEBMHYGCCsGAQUFBwEBBGowaDAkBggrBgEFBQcw\n" + - "AYYYaHR0cDovL29jc3AuZ29kYWRkeS5jb20vMEAGCCsGAQUFBzAChjRodHRwOi8v\n" + - "Y2VydGlmaWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvZ2RpZzIuY3J0MB8G\n" + - "A1UdIwQYMBaAFEDCvSeOzDSDMKIz1/tss/C0LIDOME0GA1UdEQRGMESCHnZhbGlk\n" + - "LmdkaWcyLmNhdGVzdC5nb2RhZGR5LmNvbYIid3d3LnZhbGlkLmdkaWcyLmNhdGVz\n" + - "dC5nb2RhZGR5LmNvbTAdBgNVHQ4EFgQUKSs41O+5SnkjAEaNyHk6sxq5sn8wggF/\n" + - "BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB3AFYUBpov18Ls0/XhvUSyPsdGdrm8mRFc\n" + - "wO+UmFXWidDdAAABXofbjGMAAAQDAEgwRgIhAPZEqPZAlYpSTx+R/+7mOUa+BcBz\n" + - "U1JHZDpcy98am0glAiEA1u2FxjgAa4L5HVGYV2LSQZIltGRJ8mBT8V0JVsdm3dsA\n" + - "dgDuS723dc5guuFCaR+r4Z5mow9+X7By2IMAxHuJeqj9ywAAAV6H25ASAAAEAwBH\n" + - "MEUCIQCFowkRXyR8gkX8cL7RbPSwiKCHy/1I1WVzpinmrHlZFQIgE5nShGeK7cqT\n" + - "j2C9FfrPc/Axe3/pzAFxD/BNQD1RO5sAdgCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb\n" + - "37jjd80OyA3cEAAAAV6H25GdAAAEAwBHMEUCIBQrE+FqILUhI0wdp2X+lf/e3UG1\n" + - "gyxHmSVeN2+CkrXPAiEA1mIIVmLNURGyI8wnZ5KRnBPOKYM2MC54RJ8CFrEHIz4w\n" + - "DQYJKoZIhvcNAQELBQADggEBADInvf3eS6SgQ1qxPx4RT2hPeU5frlWJWcOWUdZB\n" + - "6mVNcmUQMkYnjkg8+PQ782HGP0DvAfcIRDhSfXdIqzEk8MPUq1XHEOfwRzLpTiCN\n" + - "FQDQIt1LXnzESCUurJS8r4mxgaVLAwHFytOTDrQn0Xfs93dm0tnRGAg7iBg+N33V\n" + - "zOR4aqojdDUWa1Rr4WFqZMkZIxzREQCYC8HXSYqLA1oPuoMMog8dId7XSalBmGJ4\n" + - "KQVsZ0/Hpi0y9k/Zw5obGcEYJWMbuU1iaEkvdtXOiXEQfJ1WS+Yy55J4GSjpIiop\n" + - "qDZD88xA9r7ttzM/khao7jfIpVWG2HuX0JlHWdh3y9aegiw=\n" + - "-----END CERTIFICATE-----"; - - // 1.3.6.1.4.1.311.60.2.1.3=US/1.3.6.1.4.1.311.60.2.1.2=Delaware/businessCategory=Private - // Organization/serialNumber=5510922, C=US, ST=Arizona, L=Scottsdale, O=GoDaddy INC., CN=revoked.gdig2.catest.godaddy.com - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIHdDCCBlygAwIBAgIIEBJV3vmogM8wDQYJKoZIhvcNAQELBQAwgbQxCzAJBgNV\n" + - "BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRow\n" + - "GAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjEtMCsGA1UECxMkaHR0cDovL2NlcnRz\n" + - "LmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMTMwMQYDVQQDEypHbyBEYWRkeSBTZWN1\n" + - "cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwHhcNMTcwOTE1MjMyMzAzWhcN\n" + - "MTkwOTE1MjMyMzAzWjCB1zETMBEGCysGAQQBgjc8AgEDEwJVUzEZMBcGCysGAQQB\n" + - "gjc8AgECEwhEZWxhd2FyZTEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24x\n" + - "EDAOBgNVBAUTBzU1MTA5MjIxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25h\n" + - "MRMwEQYDVQQHEwpTY290dHNkYWxlMRUwEwYDVQQKEwxHb0RhZGR5IElOQy4xKTAn\n" + - "BgNVBAMTIHJldm9rZWQuZ2RpZzIuY2F0ZXN0LmdvZGFkZHkuY29tMIIBIjANBgkq\n" + - "hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCuBsAR2XGf05mYOuag+0aS4lBuLO5/f\n" + - "kEO7KNo7BcdY7J78yXYRYW0jGnV29bjrQZJfu5yv5bU+OjTIDVbCWZAwtBXEKrJj\n" + - "riIOUXi3hXphtlyMMAaiXQoA84jwS634DsD0w6XUUP2Lem8jC3RudjvmkDQHoY3M\n" + - "uhhS7jLxKnYKnXbLwlqxpdwmEgbqIb5DN5snLAyinTkALLVWZ6RneIuSjhKWbuef\n" + - "cEKFScHm6SFsKraltV/T17SWi6zQd/AypKA8JeWXD9WZcsSR9z/41VMJbvTeuP+d\n" + - "ZBA4dqPsBTl4N4i54rNEyzMyxDwdvIGrJJ+FVRMKoYjuUi5wY9zO4QIDAQABo4ID\n" + - "YzCCA18wDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH\n" + - "AwIwDgYDVR0PAQH/BAQDAgWgMDUGA1UdHwQuMCwwKqAooCaGJGh0dHA6Ly9jcmwu\n" + - "Z29kYWRkeS5jb20vZ2RpZzJzMy05LmNybDBcBgNVHSAEVTBTMEgGC2CGSAGG/W0B\n" + - "BxcDMDkwNwYIKwYBBQUHAgEWK2h0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5j\n" + - "b20vcmVwb3NpdG9yeS8wBwYFZ4EMAQEwdgYIKwYBBQUHAQEEajBoMCQGCCsGAQUF\n" + - "BzABhhhodHRwOi8vb2NzcC5nb2RhZGR5LmNvbS8wQAYIKwYBBQUHMAKGNGh0dHA6\n" + - "Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS9nZGlnMi5jcnQw\n" + - "HwYDVR0jBBgwFoAUQMK9J47MNIMwojPX+2yz8LQsgM4wUQYDVR0RBEowSIIgcmV2\n" + - "b2tlZC5nZGlnMi5jYXRlc3QuZ29kYWRkeS5jb22CJHd3dy5yZXZva2VkLmdkaWcy\n" + - "LmNhdGVzdC5nb2RhZGR5LmNvbTAdBgNVHQ4EFgQUCJELlWq8+ntmR5JTjmZMG+HI\n" + - "e5EwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB1AFYUBpov18Ls0/XhvUSyPsdG\n" + - "drm8mRFcwO+UmFXWidDdAAABXofbk3cAAAQDAEYwRAIgHo8UllsN8FcaF16xx7kT\n" + - "vQU1wM7qUKnhN38/z8dU4QUCIFrzGJyajoVPQ2fzOTb9ygzA7T3wqsnT3ML5/KJ6\n" + - "+6+CAHYA7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiDAMR7iXqo/csAAAFeh9uXHQAA\n" + - "BAMARzBFAiEA5DENZZT7SBxNRvo9yFHNNeWqH2d4uqGUwc1rKILrMGsCIHZ3N4dZ\n" + - "zv/J+7fbLP1nrAmdUT92ow1bhtMPuq2PfXsAAHcApLkJkLQYWBSHuxOizGdwCjw1\n" + - "mAT5G9+443fNDsgN3BAAAAFeh9uYjAAABAMASDBGAiEAyY8ylnGHiH5L3yXE7BsH\n" + - "v75ja2RtuuYbMADAlDK/ZDoCIQDwuCq3x+egpB/GISxTnwkrDwhNhhIJNyk5F4j1\n" + - "/J8A0DANBgkqhkiG9w0BAQsFAAOCAQEAMGot6gBZ77HIDMb1n/HPrKdSHN0ngq7Z\n" + - "rhrkgbp+mH1Cs1lZA3qldMDxKXgNiodFqU/e4VewasQ9tJMmDXrTZIHualJGmIvq\n" + - "ISvV0ZUfSW/sJmo0ZDw8iBM993LDkA4wSc6SunhjOwu3LBfl9aKkeq6IhUEAG8X7\n" + - "54oO4iApt+APLMyeV9lZ/T7MGVbAjwdm+T1RMa/Ca99BahaRWN7hiM+zS3Ly+l6G\n" + - "7kqAkBFuJWbbZImADZ2RPldY6hBzTk6MT2hLCV40UD8JqwJo+qq7nGfJdTaFyZI6\n" + - "nJvrVATO7jL64YFP3xlVi8EQaCeKdZdn+BCCNA/ja0mWMj8EU9Islg==\n" + - "-----END CERTIFICATE-----"; - - public void runTest(ValidatePathWithParams pathValidator) throws Exception { - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, null, System.out); - } -} - -class GoDaddySfig2 { - - // Owner: CN=Starfield Secure Certificate Authority - G2, - // OU=http://certs.starfieldtech.com/repository/, O="Starfield Technologies, Inc.", - // L=Scottsdale, ST=Arizona, C=US - // Issuer: CN=Starfield Root Certificate Authority - G2, - // O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US - private static final String INT = "-----BEGIN CERTIFICATE-----\n" - + "MIIFADCCA+igAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMx\n" - + "EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT\n" - + "HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAMTKVN0YXJmaWVs\n" - + "ZCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTExMDUwMzA3MDAw\n" - + "MFoXDTMxMDUwMzA3MDAwMFowgcYxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6\n" - + "b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQgVGVj\n" - + "aG5vbG9naWVzLCBJbmMuMTMwMQYDVQQLEypodHRwOi8vY2VydHMuc3RhcmZpZWxk\n" - + "dGVjaC5jb20vcmVwb3NpdG9yeS8xNDAyBgNVBAMTK1N0YXJmaWVsZCBTZWN1cmUg\n" - + "Q2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB\n" - + "DwAwggEKAoIBAQDlkGZL7PlGcakgg77pbL9KyUhpgXVObST2yxcT+LBxWYR6ayuF\n" - + "pDS1FuXLzOlBcCykLtb6Mn3hqN6UEKwxwcDYav9ZJ6t21vwLdGu4p64/xFT0tDFE\n" - + "3ZNWjKRMXpuJyySDm+JXfbfYEh/JhW300YDxUJuHrtQLEAX7J7oobRfpDtZNuTlV\n" - + "Bv8KJAV+L8YdcmzUiymMV33a2etmGtNPp99/UsQwxaXJDgLFU793OGgGJMNmyDd+\n" - + "MB5FcSM1/5DYKp2N57CSTTx/KgqT3M0WRmX3YISLdkuRJ3MUkuDq7o8W6o0OPnYX\n" - + "v32JgIBEQ+ct4EMJddo26K3biTr1XRKOIwSDAgMBAAGjggEsMIIBKDAPBgNVHRMB\n" - + "Af8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUJUWBaFAmOD07LSy+\n" - + "zWrZtj2zZmMwHwYDVR0jBBgwFoAUfAwyH6fZMH/EfWijYqihzqsHWycwOgYIKwYB\n" - + "BQUHAQEELjAsMCoGCCsGAQUFBzABhh5odHRwOi8vb2NzcC5zdGFyZmllbGR0ZWNo\n" - + "LmNvbS8wOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5zdGFyZmllbGR0ZWNo\n" - + "LmNvbS9zZnJvb3QtZzIuY3JsMEwGA1UdIARFMEMwQQYEVR0gADA5MDcGCCsGAQUF\n" - + "BwIBFitodHRwczovL2NlcnRzLnN0YXJmaWVsZHRlY2guY29tL3JlcG9zaXRvcnkv\n" - + "MA0GCSqGSIb3DQEBCwUAA4IBAQBWZcr+8z8KqJOLGMfeQ2kTNCC+Tl94qGuc22pN\n" - + "QdvBE+zcMQAiXvcAngzgNGU0+bE6TkjIEoGIXFs+CFN69xpk37hQYcxTUUApS8L0\n" - + "rjpf5MqtJsxOYUPl/VemN3DOQyuwlMOS6eFfqhBJt2nk4NAfZKQrzR9voPiEJBjO\n" - + "eT2pkb9UGBOJmVQRDVXFJgt5T1ocbvlj2xSApAer+rKluYjdkf5lO6Sjeb6JTeHQ\n" - + "sPTIFwwKlhR8Cbds4cLYVdQYoKpBaXAko7nv6VrcPuuUSvC33l8Odvr7+2kDRUBQ\n" - + "7nIMpBKGgc0T0U7EPMpODdIm8QC3tKai4W56gf0wrHofx1l7\n" - + "-----END CERTIFICATE-----"; - - // 1.3.6.1.4.1.311.60.2.1.3=US/1.3.6.1.4.1.311.60.2.1.2=Arizona/businessCategory=Private - // Organization/serialNumber=R17247416, C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, LLC, - // CN=valid.sfig2.catest.starfieldtech.com - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIHuzCCBqOgAwIBAgIIaZoUcUIjkGwwDQYJKoZIhvcNAQELBQAwgcYxCzAJBgNV\n" + - "BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUw\n" + - "IwYDVQQKExxTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTMwMQYDVQQLEypo\n" + - "dHRwOi8vY2VydHMuc3RhcmZpZWxkdGVjaC5jb20vcmVwb3NpdG9yeS8xNDAyBgNV\n" + - "BAMTK1N0YXJmaWVsZCBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIw\n" + - "HhcNMTcwOTE3MDM0ODAxWhcNMTkwOTE3MDM0ODAxWjCB6zETMBEGCysGAQQBgjc8\n" + - "AgEDEwJVUzEYMBYGCysGAQQBgjc8AgECEwdBcml6b25hMR0wGwYDVQQPExRQcml2\n" + - "YXRlIE9yZ2FuaXphdGlvbjESMBAGA1UEBRMJUjE3MjQ3NDE2MQswCQYDVQQGEwJV\n" + - "UzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEkMCIGA1UE\n" + - "ChMbU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgTExDMS0wKwYDVQQDEyR2YWxpZC5z\n" + - "ZmlnMi5jYXRlc3Quc3RhcmZpZWxkdGVjaC5jb20wggEiMA0GCSqGSIb3DQEBAQUA\n" + - "A4IBDwAwggEKAoIBAQDVxhI45IQtNrJuun7HU8v2CKg/h/euysft2VrRsaGSMAln\n" + - "V6TtpWj2UGm7OmzE2NNzOhD9JJQSc1W6aHEsCTVJ148sgldFFmP39cboBFoLCFlJ\n" + - "DxsVGeyKu+KlDKq7Vp2+ty3TeFNOBXEVtEc8SsC8mVjsk2VWW7X/fCVFYEzzyPUI\n" + - "sJPWahNOW2wVxNWKeW5jwzeNMOFVQiT9+YpZVQnV06uK3rPd9tVYU5SfdfPVpScY\n" + - "/O/tyZyflTGuXZ+YXn1CYRsOq3VypVFfhXunV5prQ/vTnyjddVWce1wwoUT5DvFO\n" + - "/0vcWolHktiOAJkmAiGRfHvjhxW8mkjKqaMnstKRAgMBAAGjggOEMIIDgDAMBgNV\n" + - "HRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8B\n" + - "Af8EBAMCBaAwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5zdGFyZmllbGR0\n" + - "ZWNoLmNvbS9zZmlnMnMzLTEuY3JsMGIGA1UdIARbMFkwTgYLYIZIAYb9bgEHFwMw\n" + - "PzA9BggrBgEFBQcCARYxaHR0cDovL2NlcnRpZmljYXRlcy5zdGFyZmllbGR0ZWNo\n" + - "LmNvbS9yZXBvc2l0b3J5LzAHBgVngQwBATCBggYIKwYBBQUHAQEEdjB0MCoGCCsG\n" + - "AQUFBzABhh5odHRwOi8vb2NzcC5zdGFyZmllbGR0ZWNoLmNvbS8wRgYIKwYBBQUH\n" + - "MAKGOmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuc3RhcmZpZWxkdGVjaC5jb20vcmVwb3Np\n" + - "dG9yeS9zZmlnMi5jcnQwHwYDVR0jBBgwFoAUJUWBaFAmOD07LSy+zWrZtj2zZmMw\n" + - "WQYDVR0RBFIwUIIkdmFsaWQuc2ZpZzIuY2F0ZXN0LnN0YXJmaWVsZHRlY2guY29t\n" + - "gih3d3cudmFsaWQuc2ZpZzIuY2F0ZXN0LnN0YXJmaWVsZHRlY2guY29tMB0GA1Ud\n" + - "DgQWBBTxiYdHMn55sMWTFgp7xif7ludWTjCCAX4GCisGAQQB1nkCBAIEggFuBIIB\n" + - "agFoAHcAVhQGmi/XwuzT9eG9RLI+x0Z2ubyZEVzA75SYVdaJ0N0AAAFejfR7OAAA\n" + - "BAMASDBGAiEA/s7a5OGhtaCutT1l4KNE7dUbM3WGUExG/ZJ+Y6IH3nUCIQCvpVJf\n" + - "Y0XBInIUv391hNzSEhv6nvIBEjZtKdvGcP8/5QB2AO5Lvbd1zmC64UJpH6vhnmaj\n" + - "D35fsHLYgwDEe4l6qP3LAAABXo30fxEAAAQDAEcwRQIhANqG9yfi3ax0pTnwr4Ti\n" + - "wVfUrZclJDS06ePkTHppLkLTAiBTRKkVf1df4Irvmd7neT1wdS2fhDxmnVIYAN5J\n" + - "6tOGDQB1AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABXo30gFsA\n" + - "AAQDAEYwRAIgb8Xc54M+QD4wfSWLj5Ae/wrSEgRp7Kbf4Lf4vT4W0usCIGAShkJI\n" + - "CRxoudQDRxooNJhfXgsTB8QhwFC9PUPo3ZV+MA0GCSqGSIb3DQEBCwUAA4IBAQBt\n" + - "TqvwxqrkPYm/ssbN9cpVWlrQPw3DblsAEV6gnrrTJMd7HB042H3HLUiitddRjO40\n" + - "0EJM/tUOSGcWfqnJHWFDKoWzdrF5lHAzSRkMjdXgY9TTN5K5tUMEpfRjtink/zoY\n" + - "pNyc5ua4SXn94KfMZcOYGRvUM+0q6vLRBBMH541E3M6q6JbEBqZJFY8gBWwYqHH0\n" + - "xNGahm5++v4trFFCJzSfvfV1v+rnqy8tRivi7ZFLXWCcSyAqMH+T9Q36lKeFtaw4\n" + - "Sapf+dh2yrd2IBLW5eaAD13nCAjO/W0GuC7zw4+4mhW5+DTVJXrCkK5XddkVLhML\n" + - "k5pMoIv5EsFIm0Cs+DfF\n" + - "-----END CERTIFICATE-----"; - - // 1.3.6.1.4.1.311.60.2.1.3=US/1.3.6.1.4.1.311.60.2.1.2=Arizona/businessCategory=Private - // Organization/serialNumber=R17247416, C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, LLC, - // CN=revoked.sfig2.catest.starfieldtech.com - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIHwTCCBqmgAwIBAgIJAPc1qVz+WDxpMA0GCSqGSIb3DQEBCwUAMIHGMQswCQYD\n" + - "VQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEl\n" + - "MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEzMDEGA1UECxMq\n" + - "aHR0cDovL2NlcnRzLnN0YXJmaWVsZHRlY2guY29tL3JlcG9zaXRvcnkvMTQwMgYD\n" + - "VQQDEytTdGFyZmllbGQgU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcy\n" + - "MB4XDTE3MDkxOTEzMDkwMVoXDTE5MDkxOTEzMDkwMVowge0xEzARBgsrBgEEAYI3\n" + - "PAIBAxMCVVMxGDAWBgsrBgEEAYI3PAIBAhMHQXJpem9uYTEdMBsGA1UEDxMUUHJp\n" + - "dmF0ZSBPcmdhbml6YXRpb24xEjAQBgNVBAUTCVIxNzI0NzQxNjELMAkGA1UEBhMC\n" + - "VVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJDAiBgNV\n" + - "BAoTG1N0YXJmaWVsZCBUZWNobm9sb2dpZXMsIExMQzEvMC0GA1UEAxMmcmV2b2tl\n" + - "ZC5zZmlnMi5jYXRlc3Quc3RhcmZpZWxkdGVjaC5jb20wggEiMA0GCSqGSIb3DQEB\n" + - "AQUAA4IBDwAwggEKAoIBAQCWsAZC9goWW6yzg9HiLjCG4Gv2PCHlUIQGqyhc1y9a\n" + - "YZVXUI27/NhHjNNMTwP9TKmncrxnGaTZ9+ZCS1JlSgsNYQcLKKZW+SiEOzwpOfwV\n" + - "dOCSWrt/EDyJHktx3VIbfi+mD7dvzH3B/iGxMrmdCGIy3xiVAc7MkfsWzcLlPUP3\n" + - "oUpPBYyzWqZ2tVsBDigoirERFqZNfHZ7ZNMnn8FcmAt7udKjAAewNRlwzR7ZVp5s\n" + - "f5pbnRlRikF30msSHVJoPBICEYmzCxUI+zFlDBjf4vlJojwV0/Rfq85it2yhN/MV\n" + - "we2IBC+z9FAAogYo+JFw7Uxq8nsLCKX1tTPsqxGXWNonAgMBAAGjggOHMIIDgzAM\n" + - "BgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNV\n" + - "HQ8BAf8EBAMCBaAwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5zdGFyZmll\n" + - "bGR0ZWNoLmNvbS9zZmlnMnMzLTEuY3JsMGIGA1UdIARbMFkwTgYLYIZIAYb9bgEH\n" + - "FwMwPzA9BggrBgEFBQcCARYxaHR0cDovL2NlcnRpZmljYXRlcy5zdGFyZmllbGR0\n" + - "ZWNoLmNvbS9yZXBvc2l0b3J5LzAHBgVngQwBATCBggYIKwYBBQUHAQEEdjB0MCoG\n" + - "CCsGAQUFBzABhh5odHRwOi8vb2NzcC5zdGFyZmllbGR0ZWNoLmNvbS8wRgYIKwYB\n" + - "BQUHMAKGOmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuc3RhcmZpZWxkdGVjaC5jb20vcmVw\n" + - "b3NpdG9yeS9zZmlnMi5jcnQwHwYDVR0jBBgwFoAUJUWBaFAmOD07LSy+zWrZtj2z\n" + - "ZmMwXQYDVR0RBFYwVIImcmV2b2tlZC5zZmlnMi5jYXRlc3Quc3RhcmZpZWxkdGVj\n" + - "aC5jb22CKnd3dy5yZXZva2VkLnNmaWcyLmNhdGVzdC5zdGFyZmllbGR0ZWNoLmNv\n" + - "bTAdBgNVHQ4EFgQU9hCSl7QoQ8KdsGgwMDwlvSurKNcwggF9BgorBgEEAdZ5AgQC\n" + - "BIIBbQSCAWkBZwB1AFYUBpov18Ls0/XhvUSyPsdGdrm8mRFcwO+UmFXWidDdAAAB\n" + - "XppC0cEAAAQDAEYwRAIgIO8sIG88JlA73P2myZ7EshemxaR8qBgf3wlYZpg5aZEC\n" + - "IGtlcUL7Il1uOLN0LTAzNTQ7pfb7oFYbr0R4LWe2ZvBIAHYA7ku9t3XOYLrhQmkf\n" + - "q+GeZqMPfl+wctiDAMR7iXqo/csAAAFemkLVbwAABAMARzBFAiEAmWkzcotxZSwb\n" + - "xPS3MG13TVXGu2+MiXXjOIf42DR8zJQCIBL4cSOJh+LX5kpPub6KOiEOn7TVE1Zv\n" + - "IQUxuf+vyAD4AHYApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFe\n" + - "mkLXRQAABAMARzBFAiBX8foh/KrYr34O2c9cH6uyWW2XjBHNLsYX1mr+8VuNaAIh\n" + - "AObDQwpDYh/bNp6k547gDxnR73LeU3kvl1Y76GjgxLAhMA0GCSqGSIb3DQEBCwUA\n" + - "A4IBAQDJ5vlagzOH8/ORUMgT33muSDFXCe5el/sQzVg8dridw9qjnxOpkGibdCiT\n" + - "b9Il1bdi7UnG8MlA3XpDjGgp6J/mUTijD9WcFx4lp5JnPaIbShHWCyIlRVZJzrZc\n" + - "UYhR56xXOKDYKYOIvM6qTqegXyEynJrIVTArMk7jQf0oNQLLHzXE1fVS1zut0H5l\n" + - "GE+TBgjasMEa1o1e/H/heSytb2zFNsZr8oxojzGBmlKyfCoIIcCv3PxX2ur57zJE\n" + - "9ADWoYK/7gYVba0JmLV4nQltDPp06nOYT9imxBWTrFahgPx1jOQDLgIpitkjyCy4\n" + - "xpmxUk8L6yc3O3aSD9OU/fzk/t/d\n" + - "-----END CERTIFICATE-----"; - - public void runTest(ValidatePathWithParams pathValidator) throws Exception { - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, null, System.out); - } -} - diff --git a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/GoogleCA.java b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/GoogleCA.java deleted file mode 100644 index 95ac059de03..00000000000 --- a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/GoogleCA.java +++ /dev/null @@ -1,621 +0,0 @@ -/* - * Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -/* - * @test - * @bug 8307134 - * @summary Interoperability tests with Google's GlobalSign R4 and GTS Root certificates - * @build ValidatePathWithParams - * @run main/othervm -Djava.security.debug=certpath GoogleCA OCSP - * @run main/othervm -Djava.security.debug=certpath GoogleCA CRL - */ - -/* - * Obtain TLS test artifacts for Google CAs from: - * - * https://pki.goog/repository/ - */ -public class GoogleCA { - - public static void main(String[] args) throws Exception { - - ValidatePathWithParams pathValidator = new ValidatePathWithParams(null); - boolean ocspEnabled = false; - - if (args.length >= 1 && "CRL".equalsIgnoreCase(args[0])) { - pathValidator.enableCRLCheck(); - } else { - // OCSP check by default - pathValidator.enableOCSPCheck(); - ocspEnabled = true; - } - - new GoogleGSR4().runTest(pathValidator); - new GoogleGTSR1().runTest(pathValidator); - new GoogleGTSR2().runTest(pathValidator); - new GoogleGTSR3().runTest(pathValidator); - new GoogleGTSR4().runTest(pathValidator); - } -} - -class GoogleGSR4 { - - // Owner: CN=GTS CA 2D4, O=Google Trust Services LLC, C=US - // Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign ECC Root CA - R4 - // Serial number: 21668f1cd0a2a8f847d8aad34 - // Valid from: Tue Oct 04 17:00:42 PDT 2022 until: Wed Sep 29 17:00:42 PDT 2027 - private static final String INT = "-----BEGIN CERTIFICATE-----\n" + - "MIIDBDCCAqugAwIBAgINAhZo8c0KKo+EfYqtNDAKBggqhkjOPQQDAjBQMSQwIgYD\n" + - "VQQLExtHbG9iYWxTaWduIEVDQyBSb290IENBIC0gUjQxEzARBgNVBAoTCkdsb2Jh\n" + - "bFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMjIxMDA1MDAwMDQyWhcNMjcw\n" + - "OTMwMDAwMDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0\n" + - "IFNlcnZpY2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDJENDBZMBMGByqGSM49AgEG\n" + - "CCqGSM49AwEHA0IABPQdCdV61990MPueGTVpXAjRmp2JIxt0Yuy59RZYT/XKg1lN\n" + - "gpRc0eh/bHtpehigtqe+llKTiVEkMhSMURoQQsOjggFyMIIBbjAOBgNVHQ8BAf8E\n" + - "BAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQI\n" + - "MAYBAf8CAQAwHQYDVR0OBBYEFKiI2Yo5rGXVgks3qJVsZUPNRAHgMB8GA1UdIwQY\n" + - "MBaAFFSwe61FuOJAf/sKbvu+M8k8o4TVMGYGCCsGAQUFBwEBBFowWDAlBggrBgEF\n" + - "BQcwAYYZaHR0cDovL29jc3AucGtpLmdvb2cvZ3NyNDAvBggrBgEFBQcwAoYjaHR0\n" + - "cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3NyNC5kZXIwMgYDVR0fBCswKTAnoCWg\n" + - "I4YhaHR0cDovL2NybC5wa2kuZ29vZy9nc3I0L2dzcjQuY3JsME0GA1UdIARGMEQw\n" + - "CAYGZ4EMAQIBMDgGCisGAQQB1nkCBQMwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly9w\n" + - "a2kuZ29vZy9yZXBvc2l0b3J5LzAKBggqhkjOPQQDAgNHADBEAiBi+ikli1YBHQGs\n" + - "b5mnyBo5mydw04o386BPgaPpiBzgagIgbcpwQJCalLIekv8XRMoWFr3nV5XJfWRU\n" + - "5QPpOX0rXbg=\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=good.gsr4.demo.pki.goog - // Issuer: CN=GTS CA 2D4, O=Google Trust Services LLC, C=US - // Serial number: 4c435754ee6e013c10efaff908a58cbb - // Valid from: Mon Mar 27 12:41:45 PDT 2023 until: Sun Jun 25 12:41:44 PDT 2023 - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIEsTCCBFegAwIBAgIQTENXVO5uATwQ76/5CKWMuzAKBggqhkjOPQQDAjBGMQsw\n" + - "CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzET\n" + - "MBEGA1UEAxMKR1RTIENBIDJENDAeFw0yMzAzMjcxOTQxNDVaFw0yMzA2MjUxOTQx\n" + - "NDRaMCIxIDAeBgNVBAMTF2dvb2QuZ3NyNC5kZW1vLnBraS5nb29nMIIBIjANBgkq\n" + - "hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymtcnnxJ8pSF4YJUKTWKcHbRw28ShLzo\n" + - "KVTRPUsRrZZDqyDx296k3e0D04kBhcvEduxtEabCe89m06SH7L+bGVi25j35AXwn\n" + - "6aziLs/EV4BRy9ACfYipeT5PnQbaMmVe65q/RYKmWqD/z0SEh2uMFxRVl1CBmS/J\n" + - "owbNUlrEEDiYkE/nGfCmacpW0QZ7kxGjSR34mCSDugIYE/HME3ZVcZOVf2LT0lBA\n" + - "DhQtZI6cXy2lO8Ro/dUtcZKjo8iu0xW1pQeiJq9+CGp62MJFmpl+EfzP/B8aXQiF\n" + - "+m44LJJgAjiShAwVo9HbJUYv0dqCS9G22FL43xXqAdDlWZeuZyg7bQIDAQABo4IC\n" + - "fjCCAnowDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1Ud\n" + - "EwEB/wQCMAAwHQYDVR0OBBYEFKMuYkTnbWyrTBfBqbNNe91z3GPjMB8GA1UdIwQY\n" + - "MBaAFKiI2Yo5rGXVgks3qJVsZUPNRAHgMHgGCCsGAQUFBwEBBGwwajA1BggrBgEF\n" + - "BQcwAYYpaHR0cDovL29jc3AucGtpLmdvb2cvcy9ndHMyZDQvS2tnczU5VFFIelkw\n" + - "MQYIKwYBBQUHMAKGJWh0dHA6Ly9wa2kuZ29vZy9yZXBvL2NlcnRzL2d0czJkNC5k\n" + - "ZXIwIgYDVR0RBBswGYIXZ29vZC5nc3I0LmRlbW8ucGtpLmdvb2cwIQYDVR0gBBow\n" + - "GDAIBgZngQwBAgEwDAYKKwYBBAHWeQIFAzA8BgNVHR8ENTAzMDGgL6AthitodHRw\n" + - "Oi8vY3Jscy5wa2kuZ29vZy9ndHMyZDQvSUlXMzNMVUVwV3cuY3JsMIIBBAYKKwYB\n" + - "BAHWeQIEAgSB9QSB8gDwAHcA6D7Q2j71BjUy51covIlryQPTy9ERa+zraeF3fW0G\n" + - "vW4AAAGHJM62ygAABAMASDBGAiEAkeiqmfYYCVEmGA12/RJUZPdmxRP2ZXF0Xm30\n" + - "Oz+q2tgCIQCgSYqT/6RH+PCOauOVW4uaoshT+HfqurghVCzwGgBFvwB1ALc++yTf\n" + - "nE26dfI5xbpY9Gxd/ELPep81xJ4dCYEl7bSZAAABhyTOttoAAAQDAEYwRAIgBXao\n" + - "3Pry1nCHu3bngW3q3CHSLzmNHmO4cXMSdN2sAOkCIDE5DUyok3TRsOIHu1QTB0R2\n" + - "UxPeFm9KS73TBT8JEZykMAoGCCqGSM49BAMCA0gAMEUCIG1m91VOq3tghyLPA6YR\n" + - "/Pkq+gQylyM8wGJgnRMRE0lhAiEAxBgYXImtVqbfymq2MYwhV9KmG9gPIfqN6qWi\n" + - "lzblUM0=\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=revoked.gsr4.demo.pki.goog - // Issuer: CN=GTS CA 2D4, O=Google Trust Services LLC, C=US - // Serial number: 1f9bd55e26716b3710b2614cec6fff02 - // Valid from: Mon Mar 27 12:48:37 PDT 2023 until: Sun Jun 25 12:48:36 PDT 2023 - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIEtzCCBFygAwIBAgIQH5vVXiZxazcQsmFM7G//AjAKBggqhkjOPQQDAjBGMQsw\n" + - "CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzET\n" + - "MBEGA1UEAxMKR1RTIENBIDJENDAeFw0yMzAzMjcxOTQ4MzdaFw0yMzA2MjUxOTQ4\n" + - "MzZaMCUxIzAhBgNVBAMTGnJldm9rZWQuZ3NyNC5kZW1vLnBraS5nb29nMIIBIjAN\n" + - "BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVuoZ/bS9c2WSQ8W1FjPEsdGoANj\n" + - "PqKaPwdyUhnko9ayyGGi5hHLYqir2tiNjfO8i5e3ybe6CIaybY37SQebquV+rioH\n" + - "O9BS75GgtYXCaMK/8prya9RiaUjy7kecvpKtJNiaXrLJy8Vzq9g39n9hiXJYMGkc\n" + - "fCWYjWd5jU4pAsYTslmuIYoIZuwRRX34iET6Brs3ijykcmYtG5F90wqFlvRxRh0x\n" + - "vD0EeTOLGZSDQMYxlhfrqG449I10iTHusSxI2AXB6k7N2UXMJ44D7Z3RWkv1ItsY\n" + - "eKVXQyLAYd8YYTFNdGa75SoRr+ChFbLCgSUMg188T/SS013bH/XSHpCbQQIDAQAB\n" + - "o4ICgDCCAnwwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwG\n" + - "A1UdEwEB/wQCMAAwHQYDVR0OBBYEFLXeKzKKPx+Vs7YEKdmz9Vur9BZiMB8GA1Ud\n" + - "IwQYMBaAFKiI2Yo5rGXVgks3qJVsZUPNRAHgMHgGCCsGAQUFBwEBBGwwajA1Bggr\n" + - "BgEFBQcwAYYpaHR0cDovL29jc3AucGtpLmdvb2cvcy9ndHMyZDQvaG5fZHY1dHlS\n" + - "SVkwMQYIKwYBBQUHMAKGJWh0dHA6Ly9wa2kuZ29vZy9yZXBvL2NlcnRzL2d0czJk\n" + - "NC5kZXIwJQYDVR0RBB4wHIIacmV2b2tlZC5nc3I0LmRlbW8ucGtpLmdvb2cwIQYD\n" + - "VR0gBBowGDAIBgZngQwBAgEwDAYKKwYBBAHWeQIFAzA8BgNVHR8ENTAzMDGgL6At\n" + - "hitodHRwOi8vY3Jscy5wa2kuZ29vZy9ndHMyZDQvSUlXMzNMVUVwV3cuY3JsMIIB\n" + - "AwYKKwYBBAHWeQIEAgSB9ASB8QDvAHYAejKMVNi3LbYg6jjgUh7phBZwMhOFTTvS\n" + - "K8E6V6NS61IAAAGHJNUx1gAABAMARzBFAiEAj/RgXx1ScnsOf9R9N3eyPMJtH33C\n" + - "mOrRCOodG8QXmE0CIHwNJC5E53BVmfMzZwJH9f2BiUx31SGHWFvG283zVtX/AHUA\n" + - "6D7Q2j71BjUy51covIlryQPTy9ERa+zraeF3fW0GvW4AAAGHJNUxnAAABAMARjBE\n" + - "AiAI7pcrKatsz0G4QYPKmS74VQVEgnHqgKSoqv0ghTJXTgIgPyoYubz4MEHYirBu\n" + - "69BLC2jioXr8+wS7MK1IPqjdH44wCgYIKoZIzj0EAwIDSQAwRgIhAI4NdZ5JwTuW\n" + - "P+RH2bsAc5xrb804G9mOc3WMRVxTUKesAiEA/jHMJ2YdPv0WXKjKY7nUyFjUPdin\n" + - "BHRHfBeltynaFzU=\n" + - "-----END CERTIFICATE-----"; - - public void runTest(ValidatePathWithParams pathValidator) throws Exception { - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, - "Mon Mar 27 13:49:33 PDT 2023", System.out); - } -} - -class GoogleGTSR1 { - - // Owner: CN=GTS CA 1D4, O=Google Trust Services LLC, C=US - // Issuer: CN=GTS Root R1, O=Google Trust Services LLC, C=US - // Serial number: 2008eb2023336658b64cddb9b - // Valid from: Wed Aug 12 17:00:42 PDT 2020 until: Wed Sep 29 17:00:42 PDT 2027 - private static final String INT = "-----BEGIN CERTIFICATE-----\n" + - "MIIFjDCCA3SgAwIBAgINAgCOsgIzNmWLZM3bmzANBgkqhkiG9w0BAQsFADBHMQsw\n" + - "CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\n" + - "MBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\n" + - "MDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\n" + - "Y2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFENDCCASIwDQYJKoZIhvcNAQEBBQAD\n" + - "ggEPADCCAQoCggEBAKvAqqPCE27l0w9zC8dTPIE89bA+xTmDaG7y7VfQ4c+mOWhl\n" + - "UebUQpK0yv2r678RJExK0HWDjeq+nLIHN1Em5j6rARZixmyRSjhIR0KOQPGBMUld\n" + - "saztIIJ7O0g/82qj/vGDl//3t4tTqxiRhLQnTLXJdeB+2DhkdU6IIgx6wN7E5NcU\n" + - "H3Rcsejcqj8p5Sj19vBm6i1FhqLGymhMFroWVUGO3xtIH91dsgy4eFKcfKVLWK3o\n" + - "2190Q0Lm/SiKmLbRJ5Au4y1euFJm2JM9eB84Fkqa3ivrXWUeVtye0CQdKvsY2Fka\n" + - "zvxtxvusLJzLWYHk55zcRAacDA2SeEtBbQfD1qsCAwEAAaOCAXYwggFyMA4GA1Ud\n" + - "DwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\n" + - "AQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUJeIYDrJXkZQq5dRdhpCD3lOzuJIwHwYD\n" + - "VR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\n" + - "CCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\n" + - "AoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\n" + - "MCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsME0G\n" + - "A1UdIARGMEQwCAYGZ4EMAQIBMDgGCisGAQQB1nkCBQMwKjAoBggrBgEFBQcCARYc\n" + - "aHR0cHM6Ly9wa2kuZ29vZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAgEA\n" + - "IVToy24jwXUr0rAPc924vuSVbKQuYw3nLflLfLh5AYWEeVl/Du18QAWUMdcJ6o/q\n" + - "FZbhXkBH0PNcw97thaf2BeoDYY9Ck/b+UGluhx06zd4EBf7H9P84nnrwpR+4GBDZ\n" + - "K+Xh3I0tqJy2rgOqNDflr5IMQ8ZTWA3yltakzSBKZ6XpF0PpqyCRvp/NCGv2KX2T\n" + - "uPCJvscp1/m2pVTtyBjYPRQ+QuCQGAJKjtN7R5DFrfTqMWvYgVlpCJBkwlu7+7KY\n" + - "3cTIfzE7cmALskMKNLuDz+RzCcsYTsVaU7Vp3xL60OYhqFkuAOOxDZ6pHOj9+OJm\n" + - "YgPmOT4X3+7L51fXJyRH9KfLRP6nT31D5nmsGAOgZ26/8T9hsBW1uo9ju5fZLZXV\n" + - "VS5H0HyIBMEKyGMIPhFWrlt/hFS28N1zaKI0ZBGD3gYgDLbiDT9fGXstpk+Fmc4o\n" + - "lVlWPzXe81vdoEnFbr5M272HdgJWo+WhT9BYM0Ji+wdVmnRffXgloEoluTNcWzc4\n" + - "1dFpgJu8fF3LG0gl2ibSYiCi9a6hvU0TppjJyIWXhkJTcMJlPrWx1VytEUGrX2l0\n" + - "JDwRjW/656r0KVB02xHRKvm2ZKI03TglLIpmVCK3kBKkKNpBNkFt8rhafcCKOb9J\n" + - "x/9tpNFlQTl7B39rJlJWkR17QnZqVptFePFORoZmFzM=\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=good.gtsr1.demo.pki.goog - // Issuer: CN=GTS CA 1D4, O=Google Trust Services LLC, C=US - // Serial number: 19c08d5cde41fc84108f54c8d2a1aeca - // Valid from: Mon Mar 27 12:33:43 PDT 2023 until: Sun Jun 25 12:33:42 PDT 2023 - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIFcjCCBFqgAwIBAgIQGcCNXN5B/IQQj1TI0qGuyjANBgkqhkiG9w0BAQsFADBG\n" + - "MQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\n" + - "QzETMBEGA1UEAxMKR1RTIENBIDFENDAeFw0yMzAzMjcxOTMzNDNaFw0yMzA2MjUx\n" + - "OTMzNDJaMCMxITAfBgNVBAMTGGdvb2QuZ3RzcjEuZGVtby5wa2kuZ29vZzCCASIw\n" + - "DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMkOYhMM6kQMlep+l2/l5KTC1ow8\n" + - "nXHwXQzugR2Js302pM3p2UCfnfhlK0a9UUSVtAZa8ydVUyVRF9LzW1rOIK8UdlEj\n" + - "O6qAvPnPw8laY7rCPWRPibxu0OqL/5sYD+a4hQ7GhVsYDXXxnWQvLV5mppRlYF/8\n" + - "80ugGggRb+U3y6V84f1JnwSMvZFULe19BOeV5qWAHHFfgy0zePzcDMy8AqxaVBOb\n" + - "FVSsbdql2gnRyC4WZ9D5lc8vwS84KrJbce2+VtrpcKVALtyVA0Zzor2lr2wOVc4i\n" + - "OOwMNk9948eStAjOV8N4B1h9D/pd+cFSWfgXufr5ZClwijLr3zLvZxDGI6ECAwEA\n" + - "AaOCAn0wggJ5MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAM\n" + - "BgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSTKR+0ebWnH3uGz5qju5/LpkCjYzAfBgNV\n" + - "HSMEGDAWgBQl4hgOsleRlCrl1F2GkIPeU7O4kjB4BggrBgEFBQcBAQRsMGowNQYI\n" + - "KwYBBQUHMAGGKWh0dHA6Ly9vY3NwLnBraS5nb29nL3MvZ3RzMWQ0L3B6OThKdFZT\n" + - "RnRjMDEGCCsGAQUFBzAChiVodHRwOi8vcGtpLmdvb2cvcmVwby9jZXJ0cy9ndHMx\n" + - "ZDQuZGVyMCMGA1UdEQQcMBqCGGdvb2QuZ3RzcjEuZGVtby5wa2kuZ29vZzAhBgNV\n" + - "HSAEGjAYMAgGBmeBDAECATAMBgorBgEEAdZ5AgUDMDwGA1UdHwQ1MDMwMaAvoC2G\n" + - "K2h0dHA6Ly9jcmxzLnBraS5nb29nL2d0czFkNC92My1EUW1sYi1ZWS5jcmwwggEC\n" + - "BgorBgEEAdZ5AgQCBIHzBIHwAO4AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSe\n" + - "HQmBJe20mQAAAYckx1OMAAAEAwBGMEQCICQ4Do1cKFsqmm/swKZkdM/qGluDbctL\n" + - "tIgp0YnoZTlEAiByAeAEaVQiU27AnpUerimnjPnThQq26vqvnWdstb0mwgB1AK33\n" + - "vvp8/xDIi509nB4+GGq0Zyldz7EMJMqFhjTr3IKKAAABhyTHU7UAAAQDAEYwRAIg\n" + - "WAIAOov42kcgOj0rYO3qb4/HTsW3o69x4IKd8ycsaVkCICIQUaeKwNp4aW/civO9\n" + - "No/v5Ner5bmlwheqFAJcR/HCMA0GCSqGSIb3DQEBCwUAA4IBAQBEKKdwuzuAhdir\n" + - "3hbPQIosD6H9vatr8tExWCDmw+PHOoiWIUTBu5fVZPQ27EgehTIA6kNhQj2g7fkF\n" + - "Bd5zAl4k7WdsDZCeOHml6XXQZHvc+p4DYBKTTt3h81lsMLw8aWCOaiSmrQ0hZS/E\n" + - "iuaqvlOFpOTd0x+MN2qcU14hi8SKxBgpraqR/s7OCwUFltxcPq0GAybzDGc9lgB+\n" + - "Jt56QviN641s7hxThyGhFIHSePgWuwbT1grJKQiSW35yI4PJO90HoCpd2MLrC5Ic\n" + - "B89ykY8mQcx+naGPZQdwdpx9GvKwSZdn+cq3kZwD66iXnwhqmiEdq4eBZr8ygSya\n" + - "lnGV2OW+\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=revoked.gtsr1.demo.pki.goog - // Issuer: CN=GTS CA 1D4, O=Google Trust Services LLC, C=US - // Serial number: c414c34e6c2cc66c102b8d3502be3bb4 - // Valid from: Mon Mar 27 12:42:39 PDT 2023 until: Sun Jun 25 12:42:38 PDT 2023 - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIFfDCCBGSgAwIBAgIRAMQUw05sLMZsECuNNQK+O7QwDQYJKoZIhvcNAQELBQAw\n" + - "RjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM\n" + - "TEMxEzARBgNVBAMTCkdUUyBDQSAxRDQwHhcNMjMwMzI3MTk0MjM5WhcNMjMwNjI1\n" + - "MTk0MjM4WjAmMSQwIgYDVQQDExtyZXZva2VkLmd0c3IxLmRlbW8ucGtpLmdvb2cw\n" + - "ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCOeL80aphh8K8Cz41Sl2Cv\n" + - "cI3Elrrm/2sQH5Q0nxNuoZcxTGk3hD75Ntf6eqgclUQXJDEGbfoo3q7kYIQPXEIy\n" + - "+AuiMTd80ZRHuPBp8ci/wkh6N7B9mE/rjzJz77QgJluykoXRx9SiDyE4Yn9sRbBH\n" + - "jNm/KBv8wMV6hzJZYaALyDpGVNuAx9cHE91LaSvamPiccJn4wb9zDtyFduS3yYbz\n" + - "FREt960j420TeHjeWFkuXXVQMnPeRAWugclhJKzLz1U1gm5PWGxThMgVIy0v8v63\n" + - "3qFT09I4avi0AzBaRtINCaS39Mo2AoX1jZNjFDNLzRO1fSSJpzJmWyXJ2jRI7MwF\n" + - "AgMBAAGjggKDMIICfzAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUH\n" + - "AwEwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUCuJDEKGIdbWqxyVFZmIZoyQZ4T4w\n" + - "HwYDVR0jBBgwFoAUJeIYDrJXkZQq5dRdhpCD3lOzuJIweAYIKwYBBQUHAQEEbDBq\n" + - "MDUGCCsGAQUFBzABhilodHRwOi8vb2NzcC5wa2kuZ29vZy9zL2d0czFkNC9rb2Zm\n" + - "cmFBODZBdzAxBggrBgEFBQcwAoYlaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMv\n" + - "Z3RzMWQ0LmRlcjAmBgNVHREEHzAdghtyZXZva2VkLmd0c3IxLmRlbW8ucGtpLmdv\n" + - "b2cwIQYDVR0gBBowGDAIBgZngQwBAgEwDAYKKwYBBAHWeQIFAzA8BgNVHR8ENTAz\n" + - "MDGgL6AthitodHRwOi8vY3Jscy5wa2kuZ29vZy9ndHMxZDQvODJFckFFQVVsR1ku\n" + - "Y3JsMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHYArfe++nz/EMiLnT2cHj4YarRn\n" + - "KV3PsQwkyoWGNOvcgooAAAGHJM+cawAABAMARzBFAiB568monxGD3NiHsqNmsy+t\n" + - "IL4kCc71UNCCJthgnlL7HgIhAKSYf7P7CFO2wWdAt8LBMrsLoip9lytrinj0JR8R\n" + - "CYK9AHcAtz77JN+cTbp18jnFulj0bF38Qs96nzXEnh0JgSXttJkAAAGHJM+cZAAA\n" + - "BAMASDBGAiEAj8nBf1ihput8Gb8qCqVgvqAxPv9t4xLVhWg3tqv8gGMCIQDPiNbu\n" + - "vsyOi9nE6pDm86nggExXRa13wwCtr2wjAn5IpDANBgkqhkiG9w0BAQsFAAOCAQEA\n" + - "ezldM/NCUH58eXPZnbPaMMKrT5oNBxv+hypDy96+PyAqKtbC2bK+7sobGMZkfpG5\n" + - "8dW0mFmfazzjgbZUj54ZVHG4KaHeit8Nq1s07wh2Jo1c2JQdKxEXAOItax/IOfEd\n" + - "tqSg8AwSmhogQeiA7EXRspw4dYXL5uP/8jPPqByMI3PRmm3y7wyQLKNlNAfSgn7m\n" + - "wkrZxMRAENML4JND5UKxg7zo9e/Wvf4UPtEVVZaEj6ZxOe4JljvErCtayaw03t5p\n" + - "I18IAhXRpqm8JG1UGWjn49O8vkjB0bf/7iVXXI4rg6gGVia+HFuxKVGk5OQzo4Qd\n" + - "wBl6yOc8tpUH3phFPYbiMg==\n" + - "-----END CERTIFICATE-----"; - - public void runTest(ValidatePathWithParams pathValidator) throws Exception { - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, - "Mon Mar 27 13:43:25 PDT 2023", System.out); - } -} - -class GoogleGTSR2 { - - // Owner: CN=GTS CA 1D8, O=Google Trust Services LLC, C=US - // Issuer: CN=GTS Root R2, O=Google Trust Services LLC, C=US - // Serial number: 219c15ac025a1b0a5c1d9d501 - // Valid from: Tue Oct 04 17:00:42 PDT 2022 until: Wed Sep 29 17:00:42 PDT 2027 - private static final String INT = "-----BEGIN CERTIFICATE-----\n" + - "MIIFjDCCA3SgAwIBAgINAhnBWsAlobClwdnVATANBgkqhkiG9w0BAQsFADBHMQsw\n" + - "CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\n" + - "MBIGA1UEAxMLR1RTIFJvb3QgUjIwHhcNMjIxMDA1MDAwMDQyWhcNMjcwOTMwMDAw\n" + - "MDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\n" + - "Y2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFEODCCASIwDQYJKoZIhvcNAQEBBQAD\n" + - "ggEPADCCAQoCggEBAKgpBAgi9bhOp5nCIELI/W+1rMoxNH3isu2LuDI3pPEPYJ0o\n" + - "YDxXB1zKHvUqn1VWDlF+K4vLPzjTRv2MUw8fHH9IAd/Rx+mrUHUxffTPU5O41tPj\n" + - "OdzFRO+FOr5RqZfbtXWbEUNyv7wyyCYr9gaDvDeQgDnHTfHAafdoDracNLm2LS3r\n" + - "8iznvJltsboRm+fBwTH99nHciN/h/hHEWlRriUGZ+Cz+5YVB9Tm4gAOByyYYbAa4\n" + - "ES0PhzkIUHaq+56cTDVhK0DM5ZtnZJqV8amhBFssswPttAXT9pNCzoDLCtxeZ2Lw\n" + - "r7bcaGaDcuDmv4j8zAw3BOR73O0Xk1VcBYPBBUcCAwEAAaOCAXYwggFyMA4GA1Ud\n" + - "DwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\n" + - "AQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUkPhQ+ueQJcnkJ30S3UdY53QPtmowHwYD\n" + - "VR0jBBgwFoAUu//KjiOfT5nK2+JopqUVJxce2Q4waAYIKwYBBQUHAQEEXDBaMCYG\n" + - "CCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMjAwBggrBgEFBQcw\n" + - "AoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjIuZGVyMDQGA1UdHwQt\n" + - "MCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjIvZ3RzcjIuY3JsME0G\n" + - "A1UdIARGMEQwCAYGZ4EMAQIBMDgGCisGAQQB1nkCBQMwKjAoBggrBgEFBQcCARYc\n" + - "aHR0cHM6Ly9wa2kuZ29vZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAgEA\n" + - "q3rJUW9syti3qkV5WNXCpJj2WoCptfxOdIrojT4Q1CIGzruFu4GXB8pfkJu7iU8k\n" + - "Aklel6RCn7MG/aI12ndmvUsW86e6UJDWEMz1CsQPA92AOsktAVXiGVDx3RAiPfP2\n" + - "9W9yNwlImSVZhGNQISC0SueK7QOv+mHHWE/7G0G0/YqAxMbVZzyrPYHfPUh0SD1g\n" + - "k7qYjq9hGJB7w7cfepZ2iPdKzlj/4aFOe04gho1zHMLJYIs03nb6uWg0AwX55SSu\n" + - "KvehoYs1ItHdEV1J2XfATZpCn6jMTEB/JYERbXW0VWLUhdaZORtaayQoU5YXbgvg\n" + - "bsPgqdIsPaxs/Chrp6zIKvs503YYcvs0GQSUQ1MFAWc+Loc39669T7WnL8Uu2yCO\n" + - "RxjFp3+fhTVA5UYwL1vy4wPnNUoa4+CA6JypT6ODUWcXZa8pWOdyHpbg0IeL389D\n" + - "s67kirG8/eKQxFzckbhL5AD8BJS3wkF7O7A8Gd+2VvSWhmEQzzOBHcvT/lqrCSe0\n" + - "7R7CV/Pw4E9C2GBLGfw8opxGXrdfJRjU6nHf5c+tC4xIjH/i3PQjaIFLG3D60mav\n" + - "0nkS92iorZl2dCiHTKxaD/J4B6VV03lpEcUdVg4WeGAmTClsXUnMOjCnlVYMLg9v\n" + - "URq0LbylxbGBelBrCNyqBS5UO6+9F4/Yi4vzoIvvbJ0=\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=good.gtsr2.demo.pki.goog - // Issuer: CN=GTS CA 1D8, O=Google Trust Services LLC, C=US - // Serial number: 428fe99edb0df46e1008e4452f6cbfd2 - // Valid from: Mon Mar 27 12:52:12 PDT 2023 until: Sun Jun 25 12:52:11 PDT 2023 - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIFdDCCBFygAwIBAgIQQo/pntsN9G4QCORFL2y/0jANBgkqhkiG9w0BAQsFADBG\n" + - "MQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\n" + - "QzETMBEGA1UEAxMKR1RTIENBIDFEODAeFw0yMzAzMjcxOTUyMTJaFw0yMzA2MjUx\n" + - "OTUyMTFaMCMxITAfBgNVBAMTGGdvb2QuZ3RzcjIuZGVtby5wa2kuZ29vZzCCASIw\n" + - "DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMaC0h20vohsggOQ0XGL5ca3Gqyf\n" + - "2n44PhYBrhzPpbq9/Mk9BKYYFy9osH0HwTFkYRYnI5fDeK6s/7svufiEwH8LtXK7\n" + - "A3juxf3k65cJ8M5bbBwDDW7Prgp86ueUd6pzqv23rLPc9Kv6vvtNYzgaTd4COU38\n" + - "3zFnuudAh8gvEbIQD+Nqis+kc4kEO3JfZBlAF883YRQZRpm6c4bWxKm1Atco53/6\n" + - "fYOota/XUgdJ8zQWOH1f9iaKX3kiDn76djxT9v/8MrcK2gRkHJJDo72HtCPuhdt8\n" + - "UkVLX4C3KF6eSUrgZ1gxA92ikAWxI4tn5D70yEffH0A7by0/b/C6uPMvXCECAwEA\n" + - "AaOCAn8wggJ7MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAM\n" + - "BgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTegr5Cc+1LmL/c1H3sXVKufKZE8DAfBgNV\n" + - "HSMEGDAWgBSQ+FD655AlyeQnfRLdR1jndA+2ajB4BggrBgEFBQcBAQRsMGowNQYI\n" + - "KwYBBQUHMAGGKWh0dHA6Ly9vY3NwLnBraS5nb29nL3MvZ3RzMWQ4L0FoZFdDWF9D\n" + - "QUJFMDEGCCsGAQUFBzAChiVodHRwOi8vcGtpLmdvb2cvcmVwby9jZXJ0cy9ndHMx\n" + - "ZDguZGVyMCMGA1UdEQQcMBqCGGdvb2QuZ3RzcjIuZGVtby5wa2kuZ29vZzAhBgNV\n" + - "HSAEGjAYMAgGBmeBDAECATAMBgorBgEEAdZ5AgUDMDwGA1UdHwQ1MDMwMaAvoC2G\n" + - "K2h0dHA6Ly9jcmxzLnBraS5nb29nL2d0czFkOC8tME5ITHA5Y0w5US5jcmwwggEE\n" + - "BgorBgEEAdZ5AgQCBIH1BIHyAPAAdgB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9Ir\n" + - "wTpXo1LrUgAAAYck2PpFAAAEAwBHMEUCIAznUI2WdAkwXBvnx0a8Io6hnZReoXsd\n" + - "Y+o+xpXqZsbbAiEAw/i7jWA43QWEMZz265nflCNxAS1W+s7nsZaKL512/S8AdgDo\n" + - "PtDaPvUGNTLnVyi8iWvJA9PL0RFr7Otp4Xd9bQa9bgAAAYck2PoBAAAEAwBHMEUC\n" + - "IHWqRE57W1pJJJAXrxFNMrjEO3f0YejAfi47mdyS1zJYAiEA4ye+achvGTYIMRnl\n" + - "jwBlTsYQQYt7KAVt2VAGMRB4H8kwDQYJKoZIhvcNAQELBQADggEBAGf9hz7NJRow\n" + - "veCSrfeVav2tDkx8s9VU7VD+lApip1mdqOGsqkCkeaA5hsGfhqleQFwsOAjduBFA\n" + - "nSV6KgiqFsgHSuS9zuSp2aVe8xhxq6mpr4LngkeUDc32mB9tW9AMaiYp8UeYyFGq\n" + - "hvjUb7/H2wFlT6qO+Qp/+hmfulKqNnrSzpZLIl+x2EBn3L6CFe5xaKzNaANgbShI\n" + - "cQsyKdaUrSAzNJZWnHwaAyQ1msqqXXoVzKmjAGMgZrXZNxv8Lh9V1v+F9WHDIjeQ\n" + - "TtahntIgq38eGtZAnyjdrUtfQwBlQI3zaE0n7n6Fq8ocglJE5woRlL/eTmSKiZr9\n" + - "rrEY0sJ0fCw=\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=revoked.gtsr2.demo.pki.goog - // Issuer: CN=GTS CA 1D8, O=Google Trust Services LLC, C=US - // Serial number: df9af5c19e9dbdf6107cb03548ffbd06 - // Valid from: Mon Mar 27 12:45:09 PDT 2023 until: Sun Jun 25 12:45:08 PDT 2023 - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIFejCCBGKgAwIBAgIRAN+a9cGenb32EHywNUj/vQYwDQYJKoZIhvcNAQELBQAw\n" + - "RjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM\n" + - "TEMxEzARBgNVBAMTCkdUUyBDQSAxRDgwHhcNMjMwMzI3MTk0NTA5WhcNMjMwNjI1\n" + - "MTk0NTA4WjAmMSQwIgYDVQQDExtyZXZva2VkLmd0c3IyLmRlbW8ucGtpLmdvb2cw\n" + - "ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFJUSh0aOOjj6BXJqBFDOD\n" + - "GFjnr1VKDfWYdGWfB3QNhcbjz7qJRLeZDSYQZ3H2D5pkOQhl6xYLOZ1L0v+0TWW9\n" + - "5lCXQ476jdZXzPlOC29gYFX4VzS9w92ochg0dUhHdzKcWsqBjqChZdudGydYfwNS\n" + - "edZIhd4AcamVsXbCqAhS01Evo2hiBRlmMgryR9Ok2xRqbJiyvd8awhBIB4L0vMN+\n" + - "CgMpWMgaV1nn+LjEa3bHisyNVsRLdDZXY6Bgq3hUQ9jQWJdK/vGxHqunqC5ByrqG\n" + - "iN+4/+kK/PS8okkpAEAOXFoohogb6BQASMRgO/l50Mz8B24NGgWVLlWdaNysgU8f\n" + - "AgMBAAGjggKBMIICfTAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUH\n" + - "AwEwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUh/wMqf9pabUzGDoQvsyHVaT1rjAw\n" + - "HwYDVR0jBBgwFoAUkPhQ+ueQJcnkJ30S3UdY53QPtmoweAYIKwYBBQUHAQEEbDBq\n" + - "MDUGCCsGAQUFBzABhilodHRwOi8vb2NzcC5wa2kuZ29vZy9zL2d0czFkOC9CdWF6\n" + - "OFdQMnoybzAxBggrBgEFBQcwAoYlaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMv\n" + - "Z3RzMWQ4LmRlcjAmBgNVHREEHzAdghtyZXZva2VkLmd0c3IyLmRlbW8ucGtpLmdv\n" + - "b2cwIQYDVR0gBBowGDAIBgZngQwBAgEwDAYKKwYBBAHWeQIFAzA8BgNVHR8ENTAz\n" + - "MDGgL6AthitodHRwOi8vY3Jscy5wa2kuZ29vZy9ndHMxZDgvLTBOSExwOWNMOVEu\n" + - "Y3JsMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHYAejKMVNi3LbYg6jjgUh7phBZw\n" + - "MhOFTTvSK8E6V6NS61IAAAGHJNGpywAABAMARzBFAiEApXndD34BJ3oOCLvGoa5f\n" + - "Xu0P6t4yf1pdCQONuLTSrX4CIDMp1N5/VKjClXqE/t2xux3mvJH2ceVECID4B69v\n" + - "WfOhAHUA6D7Q2j71BjUy51covIlryQPTy9ERa+zraeF3fW0GvW4AAAGHJNGphwAA\n" + - "BAMARjBEAiBa5aSnTCc2ceQj/asKFYRRGbwzXTnaDbvNMMeB4ogEXAIgZykyJVPh\n" + - "4Sfkroi8tvV6dwxexp0dT2EXHAmr+/GzZU0wDQYJKoZIhvcNAQELBQADggEBAHVn\n" + - "uWbk/OaljXKeyhlDCgdvnzJGCFQXwGyIJzNDkCs8k3iA1iwJKArvpkczxnCBxCPE\n" + - "imW2MHWCayT9JXKuO4ppU0oTh6GYvRV6DV1OkuWXsna7+dGf3+tkm9k0wauI6J8X\n" + - "H1T8Dq3W0+S+8UNSftduYSR1wTcN15OxIzlZ/FrV3LLRDxH2RKSsXfXBLgP1befh\n" + - "m+8SPQTpZ5NdMl7my0gmVgNF5ZIbFiHYzJkF2vS4iXJCI6fTWyoA1u/7jQyHdLOy\n" + - "pY0s6gKWEwwtpYC1lWI6ek/wLfuNrJbiRRiRs8e3HHQymn8K3T1PM+7n8huDy95b\n" + - "f1EgLMjvEtx6xpIqrqg=\n" + - "-----END CERTIFICATE-----"; - - public void runTest(ValidatePathWithParams pathValidator) throws Exception { - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, - "Mon Mar 27 13:45:40 PDT 2023", System.out); - } -} - -class GoogleGTSR3 { - - // Owner: CN=GTS CA 2D3, O=Google Trust Services LLC, C=US - // Issuer: CN=GTS Root R3, O=Google Trust Services LLC, C=US - // Serial number: 21668d8d65bc4320e5b8e5e76 - // Valid from: Tue Oct 04 17:00:42 PDT 2022 until: Wed Sep 29 17:00:42 PDT 2027 - private static final String INT = "-----BEGIN CERTIFICATE-----\n" + - "MIIDIDCCAqagAwIBAgINAhZo2NZbxDIOW45edjAKBggqhkjOPQQDAzBHMQswCQYD\n" + - "VQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEUMBIG\n" + - "A1UEAxMLR1RTIFJvb3QgUjMwHhcNMjIxMDA1MDAwMDQyWhcNMjcwOTMwMDAwMDQy\n" + - "WjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2Vz\n" + - "IExMQzETMBEGA1UEAxMKR1RTIENBIDJEMzBZMBMGByqGSM49AgEGCCqGSM49AwEH\n" + - "A0IABGQQXn8LoR0OtyBn+KkEav3utA7WFBgWEb/8bXVlW6xJLTZJIC04lsNmNKWJ\n" + - "P/fwHYfrZcx1o4vvOUTO9OD/7pijggF2MIIBcjAOBgNVHQ8BAf8EBAMCAYYwHQYD\n" + - "VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAw\n" + - "HQYDVR0OBBYEFL+pU78badiFKTSaaUPL1nrUmf9tMB8GA1UdIwQYMBaAFMHxJrqg\n" + - "La6Fgc/T8SoSvbgKZ/28MGgGCCsGAQUFBwEBBFwwWjAmBggrBgEFBQcwAYYaaHR0\n" + - "cDovL29jc3AucGtpLmdvb2cvZ3RzcjMwMAYIKwYBBQUHMAKGJGh0dHA6Ly9wa2ku\n" + - "Z29vZy9yZXBvL2NlcnRzL2d0c3IzLmRlcjA0BgNVHR8ELTArMCmgJ6AlhiNodHRw\n" + - "Oi8vY3JsLnBraS5nb29nL2d0c3IzL2d0c3IzLmNybDBNBgNVHSAERjBEMAgGBmeB\n" + - "DAECATA4BgorBgEEAdZ5AgUDMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vcGtpLmdv\n" + - "b2cvcmVwb3NpdG9yeS8wCgYIKoZIzj0EAwMDaAAwZQIxAO3wG4U11INX3hl2UyCn\n" + - "0A/upBaO+BBzX1OiQx7UfmMXc65kqkdIcNzZc6G6EWnNVAIwBG0LuIKWXfYc+Wbk\n" + - "STfMvwatUvd6QjdIKsYF0e8Hiaav+hLI0DzOuJcDPFtfYIyY\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=good.gtsr3.demo.pki.goog - // Issuer: CN=GTS CA 2D3, O=Google Trust Services LLC, C=US - // Serial number: 7d08ad6716e51d1210bfc149e3d0af19 - // Valid from: Mon Mar 27 12:37:41 PDT 2023 until: Sun Jun 25 12:37:40 PDT 2023 - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIEszCCBFmgAwIBAgIQfQitZxblHRIQv8FJ49CvGTAKBggqhkjOPQQDAjBGMQsw\n" + - "CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzET\n" + - "MBEGA1UEAxMKR1RTIENBIDJEMzAeFw0yMzAzMjcxOTM3NDFaFw0yMzA2MjUxOTM3\n" + - "NDBaMCMxITAfBgNVBAMTGGdvb2QuZ3RzcjMuZGVtby5wa2kuZ29vZzCCASIwDQYJ\n" + - "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAL7R40feuILVPC65FhoVh3kZ8mJuEKpJ\n" + - "SiSB9gbKRkaKBr4kHOm7+sa0RkAm3Zgbomd2JGiJbYYcQ4lY8MMlXruFLLY+0AMf\n" + - "Pf5mQbn6i+oSyfaNwV0Hk1q1MhZL5WSKLywXS0NVw50JGQw/SiIRhmR22DdOtxuh\n" + - "VC7ZOebYTbHzTBSYTxvoyJZ0bGUQMWQ0rI2lzOp+2kqSTDMmRejXUNm14ZrsdXUb\n" + - "F8nOunZpT5ppESFvsK7TFrWJlAFHNVxJjPkNaRyfIaR7G+hORoV5tHGaNeTzmFkO\n" + - "3ySGcRlvL41IWqBN4LwLiS6QN+Je7nIBDojEPTBVhPCzP++1uLKEKusCAwEAAaOC\n" + - "An8wggJ7MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNV\n" + - "HRMBAf8EAjAAMB0GA1UdDgQWBBRRhq17jer1cVfi0eFV+LIwk+Lk8jAfBgNVHSME\n" + - "GDAWgBS/qVO/G2nYhSk0mmlDy9Z61Jn/bTB4BggrBgEFBQcBAQRsMGowNQYIKwYB\n" + - "BQUHMAGGKWh0dHA6Ly9vY3NwLnBraS5nb29nL3MvZ3RzMmQzL09KOENlY2cwdWNV\n" + - "MDEGCCsGAQUFBzAChiVodHRwOi8vcGtpLmdvb2cvcmVwby9jZXJ0cy9ndHMyZDMu\n" + - "ZGVyMCMGA1UdEQQcMBqCGGdvb2QuZ3RzcjMuZGVtby5wa2kuZ29vZzAhBgNVHSAE\n" + - "GjAYMAgGBmeBDAECATAMBgorBgEEAdZ5AgUDMDwGA1UdHwQ1MDMwMaAvoC2GK2h0\n" + - "dHA6Ly9jcmxzLnBraS5nb29nL2d0czJkMy9WREItNVdJSTVRSS5jcmwwggEEBgor\n" + - "BgEEAdZ5AgQCBIH1BIHyAPAAdgDoPtDaPvUGNTLnVyi8iWvJA9PL0RFr7Otp4Xd9\n" + - "bQa9bgAAAYckzOfmAAAEAwBHMEUCIF0wxIlFnHLMan20Gtbnia+mzuA1Re0dhoIS\n" + - "wOAO7aC4AiEA7cYfSflOAA0DLxHsHAXpVs2LuLYlq34bSxbyUa85UyYAdgCzc3cH\n" + - "4YRQ+GOG1gWp3BEJSnktsWcMC4fc8AMOeTalmgAAAYckzOf5AAAEAwBHMEUCICza\n" + - "2nef9GWr9tF/ZXxhMYP15JQsdWPWmpQkdS/xUBWyAiEAs9AaeMarT7EaBVoSatAT\n" + - "Poj6cOhdvF/uDOHigyQdVd8wCgYIKoZIzj0EAwIDSAAwRQIhALv6jaEFgAIe3NbX\n" + - "87YEjhMMymK7wl435DQD9syoOEx2AiBbcYXr6nLNWA1pPoRiA1WvHgTVJFWftpYt\n" + - "e8CkUXnIxA==\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=revoked.gtsr3.demo.pki.goog - // Issuer: CN=GTS CA 2D3, O=Google Trust Services LLC, C=US - // Serial number: 7ffa6a827df64c6010ebc47b5ca3eda7 - // Valid from: Mon Mar 27 12:45:58 PDT 2023 until: Sun Jun 25 12:45:57 PDT 2023 - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIEuTCCBF+gAwIBAgIQf/pqgn32TGAQ68R7XKPtpzAKBggqhkjOPQQDAjBGMQsw\n" + - "CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzET\n" + - "MBEGA1UEAxMKR1RTIENBIDJEMzAeFw0yMzAzMjcxOTQ1NThaFw0yMzA2MjUxOTQ1\n" + - "NTdaMCYxJDAiBgNVBAMTG3Jldm9rZWQuZ3RzcjMuZGVtby5wa2kuZ29vZzCCASIw\n" + - "DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKpn78KglifqiS3f5hPLH64og4aH\n" + - "7a1tDBza2ebTLYB74i1u65EIENCyzvz6OYvh8kKzhqZMPFbORd8OCESzebjv/Dc2\n" + - "BJJV498N3BfSZYWN+baVxKuOZ4HWXV5NyP85rEvbcaAWcmqvh++G88FOCTQvYd4D\n" + - "/RKgAMptDjM+4X6V2NIRXcmOZJWZ2iItao76FARvbKH0D2UJLG4ENdOznRonnItP\n" + - "74UEVfNCb/i7I+NMJYTuDA4/rr+AS6pttvsVM9pqWkIJqOloEVNcCyyr1buflfJO\n" + - "j4A8Nz9fTUffpfApQnPi394iUcdCVyCrcjB2ta2eMR/3AyhiSXOmxcGjUcECAwEA\n" + - "AaOCAoIwggJ+MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAM\n" + - "BgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSg57WFIkW4b1eTcWX+qZsN+JEewTAfBgNV\n" + - "HSMEGDAWgBS/qVO/G2nYhSk0mmlDy9Z61Jn/bTB4BggrBgEFBQcBAQRsMGowNQYI\n" + - "KwYBBQUHMAGGKWh0dHA6Ly9vY3NwLnBraS5nb29nL3MvZ3RzMmQzL1pEZWExWTdT\n" + - "SlBZMDEGCCsGAQUFBzAChiVodHRwOi8vcGtpLmdvb2cvcmVwby9jZXJ0cy9ndHMy\n" + - "ZDMuZGVyMCYGA1UdEQQfMB2CG3Jldm9rZWQuZ3RzcjMuZGVtby5wa2kuZ29vZzAh\n" + - "BgNVHSAEGjAYMAgGBmeBDAECATAMBgorBgEEAdZ5AgUDMDwGA1UdHwQ1MDMwMaAv\n" + - "oC2GK2h0dHA6Ly9jcmxzLnBraS5nb29nL2d0czJkMy9WREItNVdJSTVRSS5jcmww\n" + - "ggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdQDoPtDaPvUGNTLnVyi8iWvJA9PL0RFr\n" + - "7Otp4Xd9bQa9bgAAAYck00MJAAAEAwBGMEQCIALwbMReWy/zrvUwV1G5XOxN8koN\n" + - "VJ1pp7s1d7ClE9ebAiBYWwJeccnfHLIh9AJTdeuN+R/pDzEudVBSC2rIdo3HhgB3\n" + - "ALc++yTfnE26dfI5xbpY9Gxd/ELPep81xJ4dCYEl7bSZAAABhyTTQzMAAAQDAEgw\n" + - "RgIhAOEO0oyiRgMNDdWvRTobr7sex2SUFsjpKmwenYAULrRiAiEA6uKFK1sbnJ1J\n" + - "lW8Tw2G4jGpEFIc4C9duRbU6DIbGnckwCgYIKoZIzj0EAwIDSAAwRQIgN3byD4lu\n" + - "a8A0hzUR1OnPoXSyfus6HOhmBozH6coY9MICIQDsT5jj5GKVtxtlcki5iE08K70Z\n" + - "gt/tkcE1Fkk4RsZORA==\n" + - "-----END CERTIFICATE-----"; - - public void runTest(ValidatePathWithParams pathValidator) throws Exception { - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, - "Mon Mar 27 13:47:24 PDT 2023", System.out); - } -} - -class GoogleGTSR4 { - - // Owner: CN=GTS CA 2P2, O=Google Trust Services LLC, C=US - // Issuer: CN=GTS Root R4, O=Google Trust Services LLC, C=US - // Serial number: 2166825e1700440612491f540 - // Valid from: Tue Oct 04 17:00:42 PDT 2022 until: Wed Sep 29 17:00:42 PDT 2027 - private static final String INT = "-----BEGIN CERTIFICATE-----\n" + - "MIIDITCCAqagAwIBAgINAhZoJeFwBEBhJJH1QDAKBggqhkjOPQQDAzBHMQswCQYD\n" + - "VQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEUMBIG\n" + - "A1UEAxMLR1RTIFJvb3QgUjQwHhcNMjIxMDA1MDAwMDQyWhcNMjcwOTMwMDAwMDQy\n" + - "WjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2Vz\n" + - "IExMQzETMBEGA1UEAxMKR1RTIENBIDJQMjBZMBMGByqGSM49AgEGCCqGSM49AwEH\n" + - "A0IABKdQkzjAHqOUsb/TkH7cz5lRtD374tNZ8rYrCUb1mxypE+VmCb1Jgzq+93tR\n" + - "dE78GRzPI4+q6raha1TEyWgoniOjggF2MIIBcjAOBgNVHQ8BAf8EBAMCAYYwHQYD\n" + - "VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAw\n" + - "HQYDVR0OBBYEFIcjqVBIDgeJVApxMPYz0gpH9p2sMB8GA1UdIwQYMBaAFIBM1ut0\n" + - "/0k2o9XY/LU+xWrwlB2MMGgGCCsGAQUFBwEBBFwwWjAmBggrBgEFBQcwAYYaaHR0\n" + - "cDovL29jc3AucGtpLmdvb2cvZ3RzcjQwMAYIKwYBBQUHMAKGJGh0dHA6Ly9wa2ku\n" + - "Z29vZy9yZXBvL2NlcnRzL2d0c3I0LmRlcjA0BgNVHR8ELTArMCmgJ6AlhiNodHRw\n" + - "Oi8vY3JsLnBraS5nb29nL2d0c3I0L2d0c3I0LmNybDBNBgNVHSAERjBEMAgGBmeB\n" + - "DAECATA4BgorBgEEAdZ5AgUDMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vcGtpLmdv\n" + - "b2cvcmVwb3NpdG9yeS8wCgYIKoZIzj0EAwMDaQAwZgIxAMnbIiQb5fsdexUuVGoB\n" + - "MVwsDPGd7VC13Y0OBezt7FqFHDwqm8nnVdV/FkNyXNv9/AIxAN51NGqMcbexMOYK\n" + - "pLC0zXfjNwvqBsZhmzCCQIM6MVyBID0rjjxPu7laIaHqAu6T5Q==\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=good.gtsr4.demo.pki.goog - // Issuer: CN=GTS CA 2P2, O=Google Trust Services LLC, C=US - // Serial number: 743c4f78750e30f0d407a19254ba96a - // Valid from: Mon Mar 27 12:40:42 PDT 2023 until: Sun Jun 25 12:40:41 PDT 2023 - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIEsTCCBFegAwIBAgIQB0PE94dQ4w8NQHoZJUupajAKBggqhkjOPQQDAjBGMQsw\n" + - "CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzET\n" + - "MBEGA1UEAxMKR1RTIENBIDJQMjAeFw0yMzAzMjcxOTQwNDJaFw0yMzA2MjUxOTQw\n" + - "NDFaMCMxITAfBgNVBAMTGGdvb2QuZ3RzcjQuZGVtby5wa2kuZ29vZzCCASIwDQYJ\n" + - "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAOdkWBg3i5CxzH1dvlBoWHtIUyk78OAA\n" + - "bZdq7pKWB8i8C9Rf089uQ+7jQWOmqCNxU+OXdjumPfk/4MQvvtkmaqKi7HCN1bvQ\n" + - "0CrW7Zhi5jx11QuzEEZVdvXcchzmodp9GSl9t6zK/ItNiIYVisH9dqRWrZ/KZnO+\n" + - "y13dlr5UXAXVvNKx1L4TjhGlam7IEJdrAjkLJk4wXAFhv9HaPNJnjj0306xNm2h+\n" + - "VzldpMPlaXGN9JcGQdMVFpa9f0AI/r7SF7I2EDXaIKFToJ4jQurEGc3oxayiv9wB\n" + - "QapXqSTbPztb5SPGdX1yawDeigNHf10tDqFzCpfI/AwLxagpA2YyyXMCAwEAAaOC\n" + - "An0wggJ5MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNV\n" + - "HRMBAf8EAjAAMB0GA1UdDgQWBBTZs4UFHCFLlXnJswubCMxEhtgPmjAfBgNVHSME\n" + - "GDAWgBSHI6lQSA4HiVQKcTD2M9IKR/adrDB4BggrBgEFBQcBAQRsMGowNQYIKwYB\n" + - "BQUHMAGGKWh0dHA6Ly9vY3NwLnBraS5nb29nL3MvZ3RzMnAyL3dKWTY1eFNLQUNB\n" + - "MDEGCCsGAQUFBzAChiVodHRwOi8vcGtpLmdvb2cvcmVwby9jZXJ0cy9ndHMycDIu\n" + - "ZGVyMCMGA1UdEQQcMBqCGGdvb2QuZ3RzcjQuZGVtby5wa2kuZ29vZzAhBgNVHSAE\n" + - "GjAYMAgGBmeBDAECATAMBgorBgEEAdZ5AgUDMDwGA1UdHwQ1MDMwMaAvoC2GK2h0\n" + - "dHA6Ly9jcmxzLnBraS5nb29nL2d0czJwMi94NWswT2ZlZ0o4OC5jcmwwggECBgor\n" + - "BgEEAdZ5AgQCBIHzBIHwAO4AdQDoPtDaPvUGNTLnVyi8iWvJA9PL0RFr7Otp4Xd9\n" + - "bQa9bgAAAYckzdBSAAAEAwBGMEQCICpm7XEQds5Pzk59Qhhlx3PjipAEVzxVJB3H\n" + - "UmmGlHYKAiBG39UauHNNQDMYK2PEnILbFI0AvVWpCBUck4CHbs+9xAB1AHoyjFTY\n" + - "ty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABhyTN0JoAAAQDAEYwRAIgekoP\n" + - "yJFspEfqvzW/pzVtRn8oz1L/PBzw2NYRPFdDkRUCIG1uIaGUA7uqiILD6vvp/1VD\n" + - "XriEIH8/qz/3qWqxsZanMAoGCCqGSM49BAMCA0gAMEUCIQCnpyh5H9Hn+f8nOFZp\n" + - "wz7p+x5pmMVvPzah1g+EmoFO/wIgStidgVhudT/vpM2OH/oN30Na+EJJDqWxousN\n" + - "6t9L8FQ=\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=revoked.gtsr4.demo.pki.goog - // Issuer: CN=GTS CA 2P2, O=Google Trust Services LLC, C=US - // Serial number: 6b2d650d4bc3bd3f11a595bf05187915 - // Valid from: Mon Mar 27 12:47:43 PDT 2023 until: Sun Jun 25 12:47:42 PDT 2023 - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIEuDCCBF6gAwIBAgIQay1lDUvDvT8RpZW/BRh5FTAKBggqhkjOPQQDAjBGMQsw\n" + - "CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzET\n" + - "MBEGA1UEAxMKR1RTIENBIDJQMjAeFw0yMzAzMjcxOTQ3NDNaFw0yMzA2MjUxOTQ3\n" + - "NDJaMCYxJDAiBgNVBAMTG3Jldm9rZWQuZ3RzcjQuZGVtby5wa2kuZ29vZzCCASIw\n" + - "DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOEKoC1Zv/m2G8DrGkOgLq5TPSeC\n" + - "X3cClcI6s4JS5Cld2DKX7m4P8rXAxJyVHvlmkxZQoD6Y7JxsavlJ/Yw0qdqkNLTv\n" + - "kviEiLNYEn8Qu0SoRLNanzoFUINZkAZ4/0Lfvsrl9tTigLsCJ4jQauemGmGcmKUy\n" + - "qsKisfrMC0ZG9EP9WRjc9WF13Jqe55+gZ7LqaAAoPVR/7J6T1VAKteaYaXrORtVF\n" + - "uMeinE4c9YuxRCLa+3X1qqc3HAsvZEBOdb35fC0cN/ILktCQpq1Fj+QD4jfR6bVQ\n" + - "E8eA6Jy+5qHSg2VjAm6wNLd5QkfE7D8uC9sYs638r48ahcXhy3zwpzGhuH0CAwEA\n" + - "AaOCAoEwggJ9MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAM\n" + - "BgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQl5Uh4jTR3l8PkcLdBwtwQXkUzBjAfBgNV\n" + - "HSMEGDAWgBSHI6lQSA4HiVQKcTD2M9IKR/adrDB4BggrBgEFBQcBAQRsMGowNQYI\n" + - "KwYBBQUHMAGGKWh0dHA6Ly9vY3NwLnBraS5nb29nL3MvZ3RzMnAyL3h5WmtBTEE3\n" + - "aGY0MDEGCCsGAQUFBzAChiVodHRwOi8vcGtpLmdvb2cvcmVwby9jZXJ0cy9ndHMy\n" + - "cDIuZGVyMCYGA1UdEQQfMB2CG3Jldm9rZWQuZ3RzcjQuZGVtby5wa2kuZ29vZzAh\n" + - "BgNVHSAEGjAYMAgGBmeBDAECATAMBgorBgEEAdZ5AgUDMDwGA1UdHwQ1MDMwMaAv\n" + - "oC2GK2h0dHA6Ly9jcmxzLnBraS5nb29nL2d0czJwMi9sU1htaTNxZWRoYy5jcmww\n" + - "ggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdgCt9776fP8QyIudPZwePhhqtGcpXc+x\n" + - "DCTKhYY069yCigAAAYck1BYGAAAEAwBHMEUCIGM5ykDTU3mqgLIk+fPmVn6JGUXB\n" + - "W4xouGUA1iiNs7G0AiEAtuWnV/J5llcxB7ZTwkCb6cviyv4Z6O396ZGW8GsrqAQA\n" + - "dQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYck1BYIAAAEAwBG\n" + - "MEQCIHcK1H025GIv8klzQGSZAL9NnuH5EzeGra0jRRg5RM4UAiAQaJyJDBkJRL/C\n" + - "F9WCg9Lmp8bdsXkG5WPreI24ansAPTAKBggqhkjOPQQDAgNIADBFAiBehPLU7raP\n" + - "509khaP9yiKiL3mbygtfQo4MDpBnd2RI6wIhAOdlQythGgU+nOENodsB+wUOQXOb\n" + - "akcBOxrDWfyhxmpk\n" + - "-----END CERTIFICATE-----"; - - public void runTest(ValidatePathWithParams pathValidator) throws Exception { - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, - "Mon Mar 27 13:48:18 PDT 2023", System.out); - } -} diff --git a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/HaricaCA.java b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/HaricaCA.java index 247502e6e6c..744e9b6bf34 100644 --- a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/HaricaCA.java +++ b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/HaricaCA.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2021, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,8 +26,8 @@ * @bug 8256421 * @summary Interoperability tests with Harica CAs * @build ValidatePathWithParams - * @run main/othervm -Djava.security.debug=certpath HaricaCA OCSP - * @run main/othervm -Djava.security.debug=certpath HaricaCA CRL + * @run main/othervm/manual -Djava.security.debug=certpath HaricaCA OCSP + * @run main/othervm/manual -Djava.security.debug=certpath HaricaCA CRL */ /* diff --git a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/LetsEncryptCA.java b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/LetsEncryptCA.java deleted file mode 100644 index d97342ae8d2..00000000000 --- a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/LetsEncryptCA.java +++ /dev/null @@ -1,180 +0,0 @@ -/* - * Copyright (c) 2017, 2021, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - - /* - * @test - * @bug 8189131 - * @summary Interoperability tests with Let's Encrypt CA - * @build ValidatePathWithParams - * @run main/othervm -Djava.security.debug=certpath LetsEncryptCA OCSP - * @run main/othervm -Djava.security.debug=certpath LetsEncryptCA CRL - */ - - /* - * Obtain TLS test artifacts for Let's Encrypt CA from: - * - * Valid TLS Certificates: - * https://valid-isrgrootx1.letsencrypt.org/ - * - * Revoked TLS Certificates: - * https://revoked-isrgrootx1.letsencrypt.org/ - * - * Test artifacts don't have CRLs listed and intermediate cert doesn't have OCSP. - */ -public class LetsEncryptCA { - - // Owner: CN=R3, O=Let's Encrypt, C=US - // Issuer: CN=ISRG Root X1, O=Internet Security Research Group, C=US - // Serial number: 912b084acf0c18a753f6d62e25a75f5a - // Valid from: Thu Sep 03 17:00:00 PDT 2020 until: Mon Sep 15 09:00:00 PDT 2025 - private static final String INT = "-----BEGIN CERTIFICATE-----\n" + - "MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw\n" + - "TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh\n" + - "cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw\n" + - "WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg\n" + - "RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" + - "AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP\n" + - "R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx\n" + - "sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm\n" + - "NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg\n" + - "Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG\n" + - "/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC\n" + - "AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB\n" + - "Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA\n" + - "FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw\n" + - "AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw\n" + - "Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB\n" + - "gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W\n" + - "PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl\n" + - "ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz\n" + - "CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm\n" + - "lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4\n" + - "avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2\n" + - "yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O\n" + - "yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids\n" + - "hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+\n" + - "HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv\n" + - "MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX\n" + - "nLRbwHOoq7hHwg==\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=valid-isrgrootx1.letsencrypt.org - // Issuer: CN=R3, O=Let's Encrypt, C=US - // Serial number: 46326744d1c2f3feeca7148ed59353144a6 - // Valid from: Wed Jun 02 08:00:18 PDT 2021 until: Tue Aug 31 08:00:18 PDT 2021 - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIFSDCCBDCgAwIBAgISBGMmdE0cLz/uynFI7Vk1MUSmMA0GCSqGSIb3DQEBCwUA\n" + - "MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD\n" + - "EwJSMzAeFw0yMTA2MDIxNTAwMThaFw0yMTA4MzExNTAwMThaMCsxKTAnBgNVBAMT\n" + - "IHZhbGlkLWlzcmdyb290eDEubGV0c2VuY3J5cHQub3JnMIIBIjANBgkqhkiG9w0B\n" + - "AQEFAAOCAQ8AMIIBCgKCAQEAmdx7jlaUZ0MgEvqzYWXItAFxVAOmR3KF+79vU195\n" + - "O5X54Go1+GU+eyFAeTqr6W1gC/MIrSA9LO4neJUx5AWCYaLq7IE7/YnmXTT6BB0x\n" + - "WFN3V1OJg9bAqpcEclQp6fbQS6DjdQvUUaEvVIwPzaen6Hmtw6LuHOYOdLk4fUSm\n" + - "zadWiyNlMm0/ts+MLHY5iQd9ypGhJED7KBDQ4d4wvyMYo/MYKOUQ+dTXcIegh7p4\n" + - "0OVtbrkdCuGJL+cEw1IUtSNQD+MnvUIu1je7Yb6iZ6Qd3iopNLykHYZb8YemakGX\n" + - "SDdC54yi35NU+Y+l23vycbVmRd8vK1sizhjRSE+ufmEqXQIDAQABo4ICXTCCAlkw\n" + - "DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAM\n" + - "BgNVHRMBAf8EAjAAMB0GA1UdDgQWBBR300bKVFG2auzS0mO4+E57SN6QLzAfBgNV\n" + - "HSMEGDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYI\n" + - "KwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0\n" + - "cDovL3IzLmkubGVuY3Iub3JnLzArBgNVHREEJDAigiB2YWxpZC1pc3Jncm9vdHgx\n" + - "LmxldHNlbmNyeXB0Lm9yZzBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLf\n" + - "EwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCC\n" + - "AQYGCisGAQQB1nkCBAIEgfcEgfQA8gB3APZclC/RdzAiFFQYCDCUVo7jTRMZM7/f\n" + - "DC8gC8xO8WTjAAABec10PpUAAAQDAEgwRgIhAPDWvnP5mA0RhPa9oiTlE21Ppcez\n" + - "eF1+wU0MeoQcjq/7AiEAsox8kMGpWXq0ZVPweTpw1So/sNOZTsSPyBUdbLwjf+MA\n" + - "dwBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAXnNdD7rAAAEAwBI\n" + - "MEYCIQCYBSmmb5P+DZGANyYTPHlEbmqOBkEOblkEHq5Lf+wtkQIhAO2HhwOm3wns\n" + - "ZTsXjUCcfQA0lKBI2TKkg9tJKFs3uuKDMA0GCSqGSIb3DQEBCwUAA4IBAQBJJ47x\n" + - "ZhKN3QRBYVROpoYDSh0a/JW7zPGRCxK5fnDY9UT8m4gEh3yhDTkycX+vo8TReK6W\n" + - "fEYareTSTq71MYgtKDYEARm10DuL7Vdig9Tf5DpjXLHaba+wqPz24lwhiJgoKRRr\n" + - "8by3wXPFCGSuQyDo1ZUNrAJVYKO4hPMob1ZE8z9IYW63GvzBjEla/HxoVa9iTkv+\n" + - "31rsKzpSbMJpnQ7WcgkUPdpoDo4JElGCyf7VZHNicumipAiCmKu0Q6TRCPOXxlKE\n" + - "/BIyDey3rXVw3wzOlxmVF6t/V3vGtbgVvN/feUe/ytyv4vLfRR4udi2XxWt3x1la\n" + - "7R3zuWdRQhh21p1H\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=revoked-isrgrootx1.letsencrypt.org - // Issuer: CN=R3, O=Let's Encrypt, C=US - // Serial number: 4f1333011635d76d6356c5f1fb8a7273617 - // Valid from: Fri Jun 25 08:18:10 PDT 2021 until: Thu Sep 23 08:18:09 PDT 2021 - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIFSTCCBDGgAwIBAgISBPEzMBFjXXbWNWxfH7inJzYXMA0GCSqGSIb3DQEBCwUA\n" + - "MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD\n" + - "EwJSMzAeFw0yMTA2MjUxNTE4MTBaFw0yMTA5MjMxNTE4MDlaMC0xKzApBgNVBAMT\n" + - "InJldm9rZWQtaXNyZ3Jvb3R4MS5sZXRzZW5jcnlwdC5vcmcwggEiMA0GCSqGSIb3\n" + - "DQEBAQUAA4IBDwAwggEKAoIBAQCkCp4fq7FnN5lfAWX0vhCcyC5WO9TuU6ckuYYj\n" + - "8/wQ8GQ/FIl+vXCAmHIfIX14irQN8TISeVdMOP0C7sa73d3GSawX7qMaRhddXn7V\n" + - "EL+4CbHQ6qit5YkakwhHz9tKbYX16wPj+inn22kJVwi8iLbhYB9WWSvv7OyiNSHv\n" + - "nmlYUkMv8+9UhgPT4yCKF1OEI5ajUOuecjOKc+EzsT/JqPRErvBOIKn3PRn4h8UM\n" + - "0BJDrDtZMpkvD4/lyRs3g/BLsf3DQjlEgKit0hvc72yyhiDbKd41EmBoQC5rNF7o\n" + - "B0CnBXhDLHbC/YRunVrYGsF0h2J9hw4055BdaXbS2BJnPEFnAgMBAAGjggJcMIIC\n" + - "WDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC\n" + - "MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJBkf3Z/ICoCTUx3JCgrBeoMyedQMB8G\n" + - "A1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAh\n" + - "BggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZo\n" + - "dHRwOi8vcjMuaS5sZW5jci5vcmcvMC0GA1UdEQQmMCSCInJldm9rZWQtaXNyZ3Jv\n" + - "b3R4MS5sZXRzZW5jcnlwdC5vcmcwTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYB\n" + - "BAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5v\n" + - "cmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQCUILwejtWNbIhzH4KLIiwN0dpN\n" + - "XmxPlD1h204vWE2iwgAAAXpD9t6nAAAEAwBGMEQCIHwF9NcPqsovYp56lhqFkWYj\n" + - "QCATATrLzzxgUoLDYRwgAiBBecqe5Ub32I+q9oqH1nbK/s8QadcafIL3bkrRVbFB\n" + - "TAB2AH0+8viP/4hVaCTCwMqeUol5K8UOeAl/LmqXaJl+IvDXAAABekP23sYAAAQD\n" + - "AEcwRQIgGli/1mmKKnZ0uxDIX7ySqAyD2C7FTf+y3py2S0Xcv4YCIQCZve3cqKZ2\n" + - "lrEyyaMeLZA+PIxUMniHx3gDkro0sKLzOzANBgkqhkiG9w0BAQsFAAOCAQEAle42\n" + - "p58OTusm7DAOcdK4ld+pJu2bz9F940Wrnql08rciRjGIVpp5PhMNFm9AOaptKPNY\n" + - "h62V2GEOVaLxmvr9/8EDFcCCPAGV1DNYrG9aTKaiXk7IzO4UxKbzox4iUcuop/zB\n" + - "uofxT8uBLmT4XYZrQXXKj1KdfJGzgeoXqBv5PPCiP3hmBQixoJnSKImnUIXWh4O8\n" + - "kBtmgII5ug0q+jI3LvpJuv7xQsaNYFBcmFiQQ7YRt4W99GMdbYGjhzT8iBDEH7nG\n" + - "MsqWuwB5TN5vIuw2aWxcfaqKayq7UPA4rJePWdD/5RzKlQKLQx0BA3AL+3Nnj1fT\n" + - "NEKwCWWylIND6z/9Xw==\n" + - "-----END CERTIFICATE-----"; - - public static void main(String[] args) throws Exception { - - if (args.length >= 1 && "CRL".equalsIgnoreCase(args[0])) { - ValidatePathWithParams pathValidator = new ValidatePathWithParams(null); - pathValidator.enableCRLCheck(); - - // Validate int, EE certs don't have CRLs - pathValidator.validate(new String[]{INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - return; - } - - // OCSP check by default - // intermediate cert R3 doesn't specify OCSP responder - ValidatePathWithParams pathValidator = new ValidatePathWithParams(new String[]{INT}); - pathValidator.enableOCSPCheck(); - - // Validate valid - pathValidator.validate(new String[]{VALID}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED}, - ValidatePathWithParams.Status.REVOKED, - "Fri Jun 25 09:18:12 PDT 2021", System.out); - } -} diff --git a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/LuxTrustCA.java b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/LuxTrustCA.java index 63ba5e1bbab..258bf72f081 100644 --- a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/LuxTrustCA.java +++ b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/LuxTrustCA.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2019, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,8 +26,8 @@ * @bug 8232019 * @summary Interoperability tests with LuxTrust Global Root 2 CA * @build ValidatePathWithParams - * @run main/othervm -Djava.security.debug=certpath LuxTrustCA OCSP - * @run main/othervm -Djava.security.debug=certpath LuxTrustCA CRL + * @run main/othervm/manual -Djava.security.debug=certpath LuxTrustCA OCSP + * @run main/othervm/manual -Djava.security.debug=certpath LuxTrustCA CRL */ /* diff --git a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/MicrosoftTLS.java b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/MicrosoftTLS.java deleted file mode 100644 index e21aad61b83..00000000000 --- a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/MicrosoftTLS.java +++ /dev/null @@ -1,348 +0,0 @@ -/* - * Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -/* - * @test - * @bug 8304760 - * @summary Interoperability tests with Microsoft TLS root CAs - * @build ValidatePathWithParams - * @run main/othervm -Djava.security.debug=certpath MicrosoftTLS OCSP - * @run main/othervm -Djava.security.debug=certpath MicrosoftTLS CRL - */ - -/* - * Microsoft ECC Root Certificate Authority 2017: - * Valid: http://acteccroot2017.pki.microsoft.com/ - * Revoked: http://rvkeccroot2017.pki.microsoft.com/ - * Expired: http://expeccroot2017.pki.microsoft.com/ - * - * Microsoft RSA Root Certificate Authority 2017: - * Valid: http://actrsaroot2017.pki.microsoft.com/ - * Revoked: http://rvkrsaroot2017.pki.microsoft.com/ - * Expired: http://exprsaroot2017.pki.microsoft.com/ - */ -public class MicrosoftTLS { - - public static void main(String[] args) throws Exception { - - ValidatePathWithParams pathValidator = new ValidatePathWithParams(null); - - if (args.length >= 1 && "CRL".equalsIgnoreCase(args[0])) { - pathValidator.enableCRLCheck(); - } else { - // OCSP check by default - pathValidator.enableOCSPCheck(); - } - - new MicrosoftECCTLS().runTest(pathValidator); - new MicrosoftRSATLS().runTest(pathValidator); - } -} - -class MicrosoftECCTLS { - - // Owner: CN=Microsoft ECC TLS Issuing AOC CA 01, O=Microsoft Corporation, C=US - // Issuer: CN=Microsoft ECC Root Certificate Authority 2017, O=Microsoft - // Corporation, C=US - // Serial number: 33000000282bfd23e7d1add707000000000028 - // Valid from: Thu Jun 24 12:58:36 PDT 2021 until: Wed Jun 24 12:58:36 PDT 2026 - private static final String INT = "-----BEGIN CERTIFICATE-----\n" + - "MIIESTCCA8+gAwIBAgITMwAAACgr/SPn0a3XBwAAAAAAKDAKBggqhkjOPQQDAzBl\n" + - "MQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTYw\n" + - "NAYDVQQDEy1NaWNyb3NvZnQgRUNDIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5\n" + - "IDIwMTcwHhcNMjEwNjI0MTk1ODM2WhcNMjYwNjI0MTk1ODM2WjBbMQswCQYDVQQG\n" + - "EwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSwwKgYDVQQDEyNN\n" + - "aWNyb3NvZnQgRUNDIFRMUyBJc3N1aW5nIEFPQyBDQSAwMTB2MBAGByqGSM49AgEG\n" + - "BSuBBAAiA2IABMBXcHExvrYrhw7v30oPR4aBaMne5o0FtTtbMV7iqVhTJDQSWDEJ\n" + - "hr528nyS6jcLLu9pLXQMJYxVd7bz4wWXgVtZnnbQ7trAAIPWVh5B6f5eJf5OQ7w7\n" + - "AwJgz3snP5Hx16OCAkkwggJFMA4GA1UdDwEB/wQEAwIBhjAQBgkrBgEEAYI3FQEE\n" + - "AwIBADAdBgNVHQ4EFgQUMVu5zlEbfNGqA8Dr7TZdwp3TieEwHQYDVR0lBBYwFAYI\n" + - "KwYBBQUHAwEGCCsGAQUFBwMCMBkGCSsGAQQBgjcUAgQMHgoAUwB1AGIAQwBBMBIG\n" + - "A1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAUyMuZcnBSDPjmvrIEVykqz0IQ\n" + - "7TUwcAYDVR0fBGkwZzBloGOgYYZfaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3Br\n" + - "aW9wcy9jcmwvTWljcm9zb2Z0JTIwRUNDJTIwUm9vdCUyMENlcnRpZmljYXRlJTIw\n" + - "QXV0aG9yaXR5JTIwMjAxNy5jcmwwga4GCCsGAQUFBwEBBIGhMIGeMG0GCCsGAQUF\n" + - "BzAChmFodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NlcnRzL01pY3Jv\n" + - "c29mdCUyMEVDQyUyMFJvb3QlMjBDZXJ0aWZpY2F0ZSUyMEF1dGhvcml0eSUyMDIw\n" + - "MTcuY3J0MC0GCCsGAQUFBzABhiFodHRwOi8vb25lb2NzcC5taWNyb3NvZnQuY29t\n" + - "L29jc3AwcAYDVR0gBGkwZzAIBgZngQwBAgEwCAYGZ4EMAQICMFEGDCsGAQQBgjdM\n" + - "g30BATBBMD8GCCsGAQUFBwIBFjNodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtp\n" + - "b3BzL0RvY3MvUmVwb3NpdG9yeS5odG0wCgYIKoZIzj0EAwMDaAAwZQIxANmPydUj\n" + - "lgj/2K77UnMeMkSGIgXzOhcTsixzZL+NmTR1Bq2hSPeA6Y3mn3lMlwxZmAIwIio6\n" + - "KrgItH4YmLWKd8QClIrE9QjbDlR7oFqaU3J34bWbMlAEjRARdZhhQlNwdORe\n" + - "-----END CERTIFICATE-----"; - - // Owner: O=Microsoft Corporation, L=Redmond, ST=Washington, C=US - // Issuer: CN=Microsoft ECC TLS Issuing AOC CA 01, O=Microsoft Corporation, C=US - // Serial number: 3300000154e1c6007ee3d5c903000000000154 - // Valid from: Fri Oct 14 13:44:52 PDT 2022 until: Mon Oct 09 13:44:52 PDT 2023 - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIF3zCCBWSgAwIBAgITMwAAAVThxgB+49XJAwAAAAABVDAKBggqhkjOPQQDAzBb\n" + - "MQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSww\n" + - "KgYDVQQDEyNNaWNyb3NvZnQgRUNDIFRMUyBJc3N1aW5nIEFPQyBDQSAwMTAeFw0y\n" + - "MjEwMTQyMDQ0NTJaFw0yMzEwMDkyMDQ0NTJaMFQxCzAJBgNVBAYTAlVTMRMwEQYD\n" + - "VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy\n" + - "b3NvZnQgQ29ycG9yYXRpb24wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARk86yqvyiv\n" + - "jH2Frg2l6bmh1f0CqiKAEHdA2S2vTQhR4CtvFArkrPdqcKrhAAfQSgnC8KJQ08gl\n" + - "QvjK55202ib55YX3h+96IW6fQOkE18cvPwqkD3DVQuROouLaL1r70NWjggPvMIID\n" + - "6zCCAX8GCisGAQQB1nkCBAIEggFvBIIBawFpAHYA6D7Q2j71BjUy51covIlryQPT\n" + - "y9ERa+zraeF3fW0GvW4AAAGD2EdUigAABAMARzBFAiEA6rbt+9QhpuqX36PnuckO\n" + - "fR0Wu/8z3Yry9fdFKvJDCEUCIGBz901b4ZGEjCaSJdlZVr29v2td4crPa9I6S97i\n" + - "nShAAHYAs3N3B+GEUPhjhtYFqdwRCUp5LbFnDAuH3PADDnk2pZoAAAGD2EdU/wAA\n" + - "BAMARzBFAiBIvnSKGeCIWOlZowi7s7ZdwmyGhv2waJWSdewUSS6UOAIhALJhPQ19\n" + - "nmjjTwWB9sgCIF7RZbd2xwBd1hno06MQMSqTAHcAejKMVNi3LbYg6jjgUh7phBZw\n" + - "MhOFTTvSK8E6V6NS61IAAAGD2EdUxwAABAMASDBGAiEArrc6Fu74KTj/z4lGCK9A\n" + - "O6UkhLpKnXdxEHilY7ghcZICIQCUjkvK4wehX1qEonjQoBkBJxLCus6y8WbkoxCe\n" + - "jHu2HTAbBgkrBgEEAYI3FQoEDjAMMAoGCCsGAQUFBwMBMDwGCSsGAQQBgjcVBwQv\n" + - "MC0GJSsGAQQBgjcVCIe91xuB5+tGgoGdLo7QDIfw2h1dgbXdUIWf/XUCAWQCAR0w\n" + - "gaYGCCsGAQUFBwEBBIGZMIGWMGUGCCsGAQUFBzAChllodHRwOi8vd3d3Lm1pY3Jv\n" + - "c29mdC5jb20vcGtpb3BzL2NlcnRzL01pY3Jvc29mdCUyMEVDQyUyMFRMUyUyMElz\n" + - "c3VpbmclMjBBT0MlMjBDQSUyMDAxLmNydDAtBggrBgEFBQcwAYYhaHR0cDovL29u\n" + - "ZW9jc3AubWljcm9zb2Z0LmNvbS9vY3NwMB0GA1UdDgQWBBTVpTA+3jWCa1okX5Ri\n" + - "HnuY2/b+IzAOBgNVHQ8BAf8EBAMCB4AwKwYDVR0RBCQwIoIgYWN0ZWNjcm9vdDIw\n" + - "MTcucGtpLm1pY3Jvc29mdC5jb20waAYDVR0fBGEwXzBdoFugWYZXaHR0cDovL3d3\n" + - "dy5taWNyb3NvZnQuY29tL3BraW9wcy9jcmwvTWljcm9zb2Z0JTIwRUNDJTIwVExT\n" + - "JTIwSXNzdWluZyUyMEFPQyUyMENBJTIwMDEuY3JsMGYGA1UdIARfMF0wUQYMKwYB\n" + - "BAGCN0yDfQEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly93d3cubWljcm9zb2Z0LmNv\n" + - "bS9wa2lvcHMvRG9jcy9SZXBvc2l0b3J5Lmh0bTAIBgZngQwBAgIwHwYDVR0jBBgw\n" + - "FoAUMVu5zlEbfNGqA8Dr7TZdwp3TieEwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCgYI\n" + - "KoZIzj0EAwMDaQAwZgIxAOKV8s3SpXVd6zho8zQa4uGXkxPVocYo410FdTwu0lw7\n" + - "G/MQPhLmj4DNsQJ/nYzDcwIxAMw7iZExsY9Is66/EaAty4rA+yuliwCag88VnDRH\n" + - "9cjiongZgpddIYS8xf76B2pi/Q==\n" + - "-----END CERTIFICATE-----"; - - // Owner: O=Microsoft Corporation, L=Redmond, ST=Washington, C=US - // Issuer: CN=Microsoft ECC TLS Issuing AOC CA 01, O=Microsoft Corporation, C=US - // Serial number: 3300000155ea28117be8708034000000000155 - // Valid from: Fri Oct 14 13:50:39 PDT 2022 until: Mon Oct 09 13:50:39 PDT 2023 - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIF3TCCBWOgAwIBAgITMwAAAVXqKBF76HCANAAAAAABVTAKBggqhkjOPQQDAzBb\n" + - "MQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSww\n" + - "KgYDVQQDEyNNaWNyb3NvZnQgRUNDIFRMUyBJc3N1aW5nIEFPQyBDQSAwMTAeFw0y\n" + - "MjEwMTQyMDUwMzlaFw0yMzEwMDkyMDUwMzlaMFQxCzAJBgNVBAYTAlVTMRMwEQYD\n" + - "VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy\n" + - "b3NvZnQgQ29ycG9yYXRpb24wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARbimHzMojc\n" + - "ilBoJCu+adc99oS855DwGTmkKofXfEf6Ej6G9v6Zg1Y2a1wqs5Wd3IcqQONeqKK8\n" + - "EGxUL7DBpf1dBDsRpWSfenYIRtAzs/JznW0dfGPgnY0kGi4g52JegCOjggPuMIID\n" + - "6jCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHUArfe++nz/EMiLnT2cHj4YarRn\n" + - "KV3PsQwkyoWGNOvcgooAAAGD2EyY+gAABAMARjBEAiBnysZazdmXKeL4CnYkJxI2\n" + - "g5juWT5jQfBi5Nxfc3zc9gIgGSGTTGw+E0864BRuAJjhFRF+j5keQ7Rik+PhGnd1\n" + - "P1gAdgB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAYPYTJjXAAAE\n" + - "AwBHMEUCIQDmYqZ1fw/8X2lBl51TknJ8t8sRz4fEFkayqFrmNug1WQIgELQm99K3\n" + - "QH+Rr8rk9x6835NjXBBAyrrI2B8XLiELITUAdwCzc3cH4YRQ+GOG1gWp3BEJSnkt\n" + - "sWcMC4fc8AMOeTalmgAAAYPYTJkaAAAEAwBIMEYCIQD+jnAFon/1Bobh3R4wzym7\n" + - "yiDQ35ZUeRcfFes1IvgyvgIhAPILSf2w3HW7YmbthAVT4P13G+8xFIVlYihgVegU\n" + - "cJy8MBsGCSsGAQQBgjcVCgQOMAwwCgYIKwYBBQUHAwEwPAYJKwYBBAGCNxUHBC8w\n" + - "LQYlKwYBBAGCNxUIh73XG4Hn60aCgZ0ujtAMh/DaHV2Btd1QhZ/9dQIBZAIBHTCB\n" + - "pgYIKwYBBQUHAQEEgZkwgZYwZQYIKwYBBQUHMAKGWWh0dHA6Ly93d3cubWljcm9z\n" + - "b2Z0LmNvbS9wa2lvcHMvY2VydHMvTWljcm9zb2Z0JTIwRUNDJTIwVExTJTIwSXNz\n" + - "dWluZyUyMEFPQyUyMENBJTIwMDEuY3J0MC0GCCsGAQUFBzABhiFodHRwOi8vb25l\n" + - "b2NzcC5taWNyb3NvZnQuY29tL29jc3AwHQYDVR0OBBYEFN3cgtHESQ8o7thvaL42\n" + - "bD7mpfktMA4GA1UdDwEB/wQEAwIHgDArBgNVHREEJDAigiBydmtlY2Nyb290MjAx\n" + - "Ny5wa2kubWljcm9zb2Z0LmNvbTBoBgNVHR8EYTBfMF2gW6BZhldodHRwOi8vd3d3\n" + - "Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NybC9NaWNyb3NvZnQlMjBFQ0MlMjBUTFMl\n" + - "MjBJc3N1aW5nJTIwQU9DJTIwQ0ElMjAwMS5jcmwwZgYDVR0gBF8wXTBRBgwrBgEE\n" + - "AYI3TIN9AQEwQTA/BggrBgEFBQcCARYzaHR0cDovL3d3dy5taWNyb3NvZnQuY29t\n" + - "L3BraW9wcy9Eb2NzL1JlcG9zaXRvcnkuaHRtMAgGBmeBDAECAjAfBgNVHSMEGDAW\n" + - "gBQxW7nOURt80aoDwOvtNl3CndOJ4TATBgNVHSUEDDAKBggrBgEFBQcDATAKBggq\n" + - "hkjOPQQDAwNoADBlAjBBhbuh/iukcibeEh/Op3RfNf6jUSyza4lZvsJsRiEVwySa\n" + - "ofmg8OvBO2l2+9MjoCUCMQCoiyS1tDgtjW9gguKDgPXypURpL27KfnCzwx6ar2LN\n" + - "gCZ/soGnLsgPIscuNH/BK20=\n" + - "-----END CERTIFICATE-----"; - - public void runTest(ValidatePathWithParams pathValidator) throws Exception { - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, - "Fri Oct 14 15:46:18 PDT 2022", System.out); - } -} - -class MicrosoftRSATLS { - - // Owner: CN=Microsoft RSA TLS Issuing AOC CA 01, O=Microsoft Corporation, C=US - // Issuer: CN=Microsoft RSA Root Certificate Authority 2017, O=Microsoft - // Corporation, C=US - // Serial number: 330000002ffaf06f6697e2469c00000000002f - // Valid from: Thu Jun 24 13:57:35 PDT 2021 until: Wed Jun 24 13:57:35 PDT 2026 - private static final String INT = "-----BEGIN CERTIFICATE-----\n" + - "MIIHmDCCBYCgAwIBAgITMwAAAC/68G9ml+JGnAAAAAAALzANBgkqhkiG9w0BAQwF\n" + - "ADBlMQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9u\n" + - "MTYwNAYDVQQDEy1NaWNyb3NvZnQgUlNBIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9y\n" + - "aXR5IDIwMTcwHhcNMjEwNjI0MjA1NzM1WhcNMjYwNjI0MjA1NzM1WjBbMQswCQYD\n" + - "VQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSwwKgYDVQQD\n" + - "EyNNaWNyb3NvZnQgUlNBIFRMUyBJc3N1aW5nIEFPQyBDQSAwMTCCAiIwDQYJKoZI\n" + - "hvcNAQEBBQADggIPADCCAgoCggIBAKAYz8zB6I+LeiWYURf1QUaISydvRgxWfcc6\n" + - "UvEiwvryj2UsRfFuREo2ErLTvP9qQ9E0YBTyWEqI2TXn4jo2uZ2cpGODiQQWlixe\n" + - "aAFcYgSqLzidFXj401vzQsz4E0zylD/ZeY+xkQ6xrdg5312x2u2Ap7AWLzqolZHZ\n" + - "gR0aicn9gcO6M4qn6Uuge8mOve1N7U6j8ebhSiw0KlkzY9ha1Kvrez+NXQdeLC+V\n" + - "PDWPPPlBWeysTnIM6dusbV1v2/C7Ooz9TuGb8wiXRriPpI7+igSIPqBebF00rHGJ\n" + - "Dmx9eN3g78VF9JpTrrRkV8alpMYVZKAh9IzMp9NWVZsw5wgZaX2W05SaXkSHP3zR\n" + - "OBANhKzwkBkCcDMbmF1LFOk+wgkcEtFlKEnfgvOQVHTp02gTzyhSxstw0buon4Cy\n" + - "ZAm1L+6bJJ+puNL8HuLTJxq1mqiaY0T50olJeySSX5uJBo/l29Pz+0WjANnhRLVq\n" + - "e5xdxPV11QGHDxnvsXaMgC4y/5sLo5v4UEZT+4VDcKiRHReusJD+kUt92FSYqWTK\n" + - "xs6zwuxf25as/rJbZT99o9QVFLfHEs6DgHKNIqQuVxZxH0T3M6XqfmnRTo1FrD8i\n" + - "p/93Q4zQta5S9whe/sAxpizwyMw/9fhBDHGVHfgFV1C0EP9zxkyHEya0CGAMhbzp\n" + - "+0Y/ZYxrAgMBAAGjggJJMIICRTAOBgNVHQ8BAf8EBAMCAYYwEAYJKwYBBAGCNxUB\n" + - "BAMCAQAwHQYDVR0OBBYEFOtMMXw9PzK4g9fF23va5HjanBRXMB0GA1UdJQQWMBQG\n" + - "CCsGAQUFBwMBBggrBgEFBQcDAjAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAS\n" + - "BgNVHRMBAf8ECDAGAQH/AgEAMB8GA1UdIwQYMBaAFAnLWX+GsnCPGsM548DZ6b+7\n" + - "TbIjMHAGA1UdHwRpMGcwZaBjoGGGX2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9w\n" + - "a2lvcHMvY3JsL01pY3Jvc29mdCUyMFJTQSUyMFJvb3QlMjBDZXJ0aWZpY2F0ZSUy\n" + - "MEF1dGhvcml0eSUyMDIwMTcuY3JsMIGuBggrBgEFBQcBAQSBoTCBnjBtBggrBgEF\n" + - "BQcwAoZhaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jZXJ0cy9NaWNy\n" + - "b3NvZnQlMjBSU0ElMjBSb290JTIwQ2VydGlmaWNhdGUlMjBBdXRob3JpdHklMjAy\n" + - "MDE3LmNydDAtBggrBgEFBQcwAYYhaHR0cDovL29uZW9jc3AubWljcm9zb2Z0LmNv\n" + - "bS9vY3NwMHAGA1UdIARpMGcwCAYGZ4EMAQIBMAgGBmeBDAECAjBRBgwrBgEEAYI3\n" + - "TIN9AQEwQTA/BggrBgEFBQcCARYzaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3Br\n" + - "aW9wcy9Eb2NzL1JlcG9zaXRvcnkuaHRtMA0GCSqGSIb3DQEBDAUAA4ICAQAkucWk\n" + - "Mrgs2ahYrG7y4sY2yZno4f9TGyk7p+Srg4Yz/g7LmVeyOob9o579Omw9AiyeDK8Y\n" + - "/dXnTTof+sKJrlNTpIzyEBkzCiGGkWtp7x2yxLCm12L65wtmD/6OAV9Bm1kOhf3p\n" + - "7v+d3gtFt7cw46W35lr+fguy62s7uuytTV9hfhQ0pp2E2E9F6B7U71jR4bC+6zGq\n" + - "+34AmqTirjKHwXOhWDRDpEJIkaFAh+qdz/nqJktZj3n5GdC94jfWrMUJjClGjlc4\n" + - "+Ws3AxN46oFpx8oIXDG9wIPfFhUf0SdnCYJL8TD5+qBNp0H5q/V2R31Wi8rijHGQ\n" + - "4CxHqzP5VJbjgvRQgxAp39BrmLQ+JSvf9e5VqQqaH4NYgpB1WObq12B73BJHjBOv\n" + - "pRrULFjPqDW8sPRBzBTRXkXOPEdZbzQj6O/CWEFsg6ilO4thk3n3drb9FEJjVh9u\n" + - "GtRXV6Ea5bNaPvJppZNXb7M9mORk3mddx/K1FgOETQE3quh+mU4ojbSRUWMVmjcb\n" + - "6bKF5oQd+Q0do4yaEIfH1oVnIas/FIE/xu3Z4fvBs0qdiNLCeNT6uS26vqD2PEvV\n" + - "lFWb683Do3Ls59MMCxhy6Erb7kFQgu1oUWXGFhbMQkeLN4TXGi6X3loXYfING9om\n" + - "nWa/udxvPRwAZmcHU2l2W8cwVXiy6uucsh3kPQ==\n" + - "-----END CERTIFICATE-----"; - - // Owner: O=Microsoft Corporation, L=Redmond, ST=Washington, C=US - // Issuer: CN=Microsoft RSA TLS Issuing AOC CA 01, O=Microsoft Corporation, C=US - // Serial number: 330000014a3b44c12636e54b9f00000000014a - // Valid from: Fri Oct 14 13:55:34 PDT 2022 until: Mon Oct 09 13:55:34 PDT 2023 - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIILDCCBhSgAwIBAgITMwAAAUo7RMEmNuVLnwAAAAABSjANBgkqhkiG9w0BAQwF\n" + - "ADBbMQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9u\n" + - "MSwwKgYDVQQDEyNNaWNyb3NvZnQgUlNBIFRMUyBJc3N1aW5nIEFPQyBDQSAwMTAe\n" + - "Fw0yMjEwMTQyMDU1MzRaFw0yMzEwMDkyMDU1MzRaMFQxCzAJBgNVBAYTAlVTMRMw\n" + - "EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVN\n" + - "aWNyb3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" + - "AoIBAQDTo/3ysrrKP2eOLQ8JUFhQT09HJM1lUr0nH7RiP4VAKFrGFMIQSCsq17y7\n" + - "PuTHxW53Fvxb5s/EKZobzhlgv4rHQxvoMuGWRBgJN6KfspQAuFnUVG+3y70fHy/O\n" + - "PiVUJdfTupsys/fjzERqzx6FZoU1RzQ08na36SicSOQmj5svtHHxL8ZibDD48Xzp\n" + - "oIEBh2uUDhevkZedBmqlIdAhNgKXqf2lieLjWXZQLzUyXHikQJxNFOHFVjBqH3pu\n" + - "pYt2XD78bS/xeKRbGLw52+o3/u4eaPyiJoG0GaVSG2HRGcplu7Auk6ycD3htispr\n" + - "dviXfHa3tW1hO52PrQBOWvpsP3jdAgMBAAGjggPuMIID6jCCAX4GCisGAQQB1nkC\n" + - "BAIEggFuBIIBagFoAHUA6D7Q2j71BjUy51covIlryQPTy9ERa+zraeF3fW0GvW4A\n" + - "AAGD2FEl4wAABAMARjBEAiBStVFeTYxl3DxgsM2z7VsvWZ5n7V0SXjnNdgFfmjfL\n" + - "twIgQ6Xfm7oJQDMyBIuPVF0qxLr+EqZ71HDHz5n6g60orlcAdgB6MoxU2LcttiDq\n" + - "OOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAYPYUSX8AAAEAwBHMEUCIFbeyJxWClLT\n" + - "C1YjUizDHmL5TeKFluRsL0of3NXn7LXuAiEAoZLtiZOie9QLWA66IN3NO8F4VE72\n" + - "m4hZyo0tcJ2FrDkAdwCzc3cH4YRQ+GOG1gWp3BEJSnktsWcMC4fc8AMOeTalmgAA\n" + - "AYPYUSZUAAAEAwBIMEYCIQD7nnuRlDX0iUH+vfbl3aKgn6siy8fL5Dl6HczdPXgD\n" + - "2AIhAJE6xuIKnLOC/BqVG8DydYmhM17TTSK3T98pBtvU9SDcMBsGCSsGAQQBgjcV\n" + - "CgQOMAwwCgYIKwYBBQUHAwEwPAYJKwYBBAGCNxUHBC8wLQYlKwYBBAGCNxUIh73X\n" + - "G4Hn60aCgZ0ujtAMh/DaHV2Btd1QhZ/9dQIBZAIBHTCBpgYIKwYBBQUHAQEEgZkw\n" + - "gZYwZQYIKwYBBQUHMAKGWWh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMv\n" + - "Y2VydHMvTWljcm9zb2Z0JTIwUlNBJTIwVExTJTIwSXNzdWluZyUyMEFPQyUyMENB\n" + - "JTIwMDEuY3J0MC0GCCsGAQUFBzABhiFodHRwOi8vb25lb2NzcC5taWNyb3NvZnQu\n" + - "Y29tL29jc3AwHQYDVR0OBBYEFJ+DafMSR5RMWJrM6iGS024FVuBYMA4GA1UdDwEB\n" + - "/wQEAwIEsDArBgNVHREEJDAigiBhY3Ryc2Fyb290MjAxNy5wa2kubWljcm9zb2Z0\n" + - "LmNvbTBoBgNVHR8EYTBfMF2gW6BZhldodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20v\n" + - "cGtpb3BzL2NybC9NaWNyb3NvZnQlMjBSU0ElMjBUTFMlMjBJc3N1aW5nJTIwQU9D\n" + - "JTIwQ0ElMjAwMS5jcmwwZgYDVR0gBF8wXTBRBgwrBgEEAYI3TIN9AQEwQTA/Bggr\n" + - "BgEFBQcCARYzaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9Eb2NzL1Jl\n" + - "cG9zaXRvcnkuaHRtMAgGBmeBDAECAjAfBgNVHSMEGDAWgBTrTDF8PT8yuIPXxdt7\n" + - "2uR42pwUVzATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0BAQwFAAOCAgEA\n" + - "j80IEKdsV/mWM5LwiS12qjOFzukGhpaFgM4XVQV9QJ/oEwworf7KEFfp4YlrSbtw\n" + - "Wwrh06LESleEfCqY+pbYHUx6ox4LvI5EYu23+YINSdhkTaITFZ1DDrYEHX08r26I\n" + - "rdaTkUOLzP9CRuSw1tbcf0gsj/Dqr8ec3usktccOE6QFbCA9yCsKOr6WdPc4h3PV\n" + - "WKHnpf4n46fZ+N+d7+eAOUZSjqsw/5i6/yiQ0Vx6rBMSKmEzkZx72Xkh9IowCeZJ\n" + - "w/gstrzKepSljWUuNi2iXJB2OuIqydFodLXFc9eeH8MXShDqwFF77nf3R3jMAhvI\n" + - "6fHnEz7+UqhMuyiAU5TfSjC1WyeqHhDZawWPumFyXEh0XX1eUphfoN3bApbZJhEE\n" + - "tyhcz44mGawrjSpxlJGgE5TmKJ+CC73TcBC5Ehelo+Is1gzbbVQCu6gMZQyYS8qf\n" + - "kg+JqJAOfx+YFn4bPAio8uF6XpcvMkcd9dyEYi2Q9zMhnQoOjLWj0pPSQaCBmmbI\n" + - "ougVo16GCOdcOG9+c6dBjbHseaQY0a95ZirtNLbutIvmvMIysvAHMC3NkunnD0cQ\n" + - "BxF47+meDc80QJGCaNlJ8E1SlUbEtRfVNsbcw1skO3hAsYAIA8M//BW7XcKRDvLn\n" + - "nPrC+5fWtDzmXgUE/Sve3rCr/AfBiBrLERcJHxYy41U=\n" + - "-----END CERTIFICATE-----"; - - // Owner: O=Microsoft Corporation, L=Redmond, ST=Washington, C=US - // Issuer: CN=Microsoft RSA TLS Issuing AOC CA 01, O=Microsoft Corporation, C=US - // Serial number: 330000014b4c2b0b9955688feb00000000014b - // Valid from: Fri Oct 14 13:56:58 PDT 2022 until: Mon Oct 09 13:56:58 PDT 2023 - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIIKjCCBhKgAwIBAgITMwAAAUtMKwuZVWiP6wAAAAABSzANBgkqhkiG9w0BAQwF\n" + - "ADBbMQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9u\n" + - "MSwwKgYDVQQDEyNNaWNyb3NvZnQgUlNBIFRMUyBJc3N1aW5nIEFPQyBDQSAwMTAe\n" + - "Fw0yMjEwMTQyMDU2NThaFw0yMzEwMDkyMDU2NThaMFQxCzAJBgNVBAYTAlVTMRMw\n" + - "EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVN\n" + - "aWNyb3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" + - "AoIBAQD2UxPzrv61IqG8jCFPWM3KeQpBeBlxh3mzvWVFmo340r0J1C3uLaUTPYLo\n" + - "P+Xndq2GqYLlm/5FEY7ynU1as57SH0tHbKCIYYJezn/ZJHUYcOY80uGKpP3bdbRq\n" + - "W51Xo7/gzTrXFJ2Nrn05d9mKBq+Oxs71+Nj7QuzjHYAF0n8OWNwZCBOBdAX3EDVQ\n" + - "4HBMSkIzriodM0FD2zkT8RIvZ7WbpLxvZXqWbynAeLirTRYE2lY9UalxrP+wCef9\n" + - "DARxcpEgF30nwRnALfOhnuOhdrtdLYhArfQMyDcvJnDyzCWEZCaPNtBhdsziJjf9\n" + - "A8R4/qdnlQE4/24O9MXQja5dwyyRAgMBAAGjggPsMIID6DCCAXwGCisGAQQB1nkC\n" + - "BAIEggFsBIIBaAFmAHYA6D7Q2j71BjUy51covIlryQPTy9ERa+zraeF3fW0GvW4A\n" + - "AAGD2FJirgAABAMARzBFAiBct8qI4aiBtisWWMKAtwCueQWAnFtxcrGBiZjwctiB\n" + - "pwIhAPasvYgCS4Rbhb6p2//TCeq0P2H3jUftmi0afwhJYXLaAHUAs3N3B+GEUPhj\n" + - "htYFqdwRCUp5LbFnDAuH3PADDnk2pZoAAAGD2FJjIwAABAMARjBEAiBjbry24wGs\n" + - "tpzJFzxWAk7h3IHMKiY1KxIieJMBe7k1dQIgPvDrVgOiUeWlYJmDSdRafTVZHfQg\n" + - "bODj86WqyB5ndt4AdQB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpXo1LrUgAA\n" + - "AYPYUmLUAAAEAwBGMEQCIHlmAPOJT2CSJPnupJqbiUOE8nukIuNxaayaEROQQC16\n" + - "AiBufiWDUp9FNjGdZVhjX3t/Bh3iSNrMJD22k5BcNzUbIjAbBgkrBgEEAYI3FQoE\n" + - "DjAMMAoGCCsGAQUFBwMBMDwGCSsGAQQBgjcVBwQvMC0GJSsGAQQBgjcVCIe91xuB\n" + - "5+tGgoGdLo7QDIfw2h1dgbXdUIWf/XUCAWQCAR0wgaYGCCsGAQUFBwEBBIGZMIGW\n" + - "MGUGCCsGAQUFBzAChllodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2Nl\n" + - "cnRzL01pY3Jvc29mdCUyMFJTQSUyMFRMUyUyMElzc3VpbmclMjBBT0MlMjBDQSUy\n" + - "MDAxLmNydDAtBggrBgEFBQcwAYYhaHR0cDovL29uZW9jc3AubWljcm9zb2Z0LmNv\n" + - "bS9vY3NwMB0GA1UdDgQWBBQVaBKJl3UpdKhMrW9owCC3eUdMWzAOBgNVHQ8BAf8E\n" + - "BAMCBLAwKwYDVR0RBCQwIoIgcnZrcnNhcm9vdDIwMTcucGtpLm1pY3Jvc29mdC5j\n" + - "b20waAYDVR0fBGEwXzBdoFugWYZXaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3Br\n" + - "aW9wcy9jcmwvTWljcm9zb2Z0JTIwUlNBJTIwVExTJTIwSXNzdWluZyUyMEFPQyUy\n" + - "MENBJTIwMDEuY3JsMGYGA1UdIARfMF0wUQYMKwYBBAGCN0yDfQEBMEEwPwYIKwYB\n" + - "BQUHAgEWM2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvRG9jcy9SZXBv\n" + - "c2l0b3J5Lmh0bTAIBgZngQwBAgIwHwYDVR0jBBgwFoAU60wxfD0/MriD18Xbe9rk\n" + - "eNqcFFcwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQEMBQADggIBAFHb\n" + - "lQDG/Jk+kOLRWlZiya00OkZiXrueh4NgfwybZAx3O344+FzP4TsneUys16GO7Pti\n" + - "UTKkxF42INw/3TAC4iOMg4RS4dm+Fn1G7xM59lwqnZLn48a6jORKwZIG0H/2Fevr\n" + - "bGn3ZcTw+NP02OA7X1/ewRfljDZfHNmzdVTSVlqzhliv2cRuZyk7lf1LoIXBTz3Y\n" + - "6ofOjgsP05XEZmMxMwM40FVeslTfuu301plj5KuHpQfbSny0VES3DQnZi+gHX+Zn\n" + - "XuIYQL9stePqQr1GJBqAHM4sRgUCnW5t8efIYDMpYhQynXbniowLGbXOa0OP1IFG\n" + - "oGmhPRonR1aJ2eFBfe0pnc4WO5qdiXQp/XWWYmUJaD7SdGDQF7wH9BUJdldIk6uI\n" + - "SGTh4YD2VAXAGH4e9wHI5t9Lyah/VeBoLU1j3SsJfL6XfcWCwFG2sdqFFQHcONBl\n" + - "ApIjebH4RlOGiRRRJ5/Wz9Wk850mEvF16UlB1MUpLiKU63/nJvuR1TvOisAUl+5L\n" + - "oAfBFVkX4IGJU+9tc4VXYvTpd24xLHk/o6Fnl23D6zWlsZKldNxYPhiriXN9Duvb\n" + - "6xmaQX4gua6jmTFUhKDyyVJpW1A4GjuenPYsCmabzydiAeMIQirCCLSTqXrSw1YL\n" + - "2+608l1nqYy1JOrSq/zFp3c5buSFbjj7jVJB5LEh\n" + - "-----END CERTIFICATE-----"; - - public void runTest(ValidatePathWithParams pathValidator) throws Exception { - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, - "Fri Oct 14 15:46:18 PDT 2022", System.out); - } -} diff --git a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/QuoVadisCA.java b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/QuoVadisCA.java deleted file mode 100644 index e171bafe1ad..00000000000 --- a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/QuoVadisCA.java +++ /dev/null @@ -1,495 +0,0 @@ -/* - * Copyright (c) 2017, 2022, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -/* - * @test - * @bug 8189131 8207059 - * @key intermittent - * @summary Interoperability tests with QuoVadis Root CA1, CA2, and CA3 G3 CAs - * @build ValidatePathWithParams - * @run main/othervm -Djava.security.debug=certpath QuoVadisCA OCSP - * @run main/othervm -Djava.security.debug=certpath QuoVadisCA CRL - */ - -/* - * Obtain TLS test artifacts for QuoVadis CAs from: - * - * https://www.quovadisglobal.com/download-roots-crl/ - * - */ -public class QuoVadisCA { - - public static void main(String[] args) throws Exception { - - ValidatePathWithParams pathValidator = new ValidatePathWithParams(null); - - if (args.length >= 1 && "CRL".equalsIgnoreCase(args[0])) { - pathValidator.enableCRLCheck(); - } else { - // OCSP check by default - pathValidator.enableOCSPCheck(); - } - - new RootCA1G3().runTest(pathValidator); - new RootCA2G3().runTest(pathValidator); - new RootCA3G3().runTest(pathValidator); - } -} - -class RootCA1G3 { - - // Owner: CN=DigiCert QuoVadis TLS ICA QV Root CA 1 G3, O="DigiCert, Inc", C=US - // Issuer: CN=QuoVadis Root CA 1 G3, O=QuoVadis Limited, C=BM - // Serial number: 2837d5c3c2b57294becf99afe8bbdcd1bb0b20f1 - // Valid from: Wed Jan 06 12:50:51 PST 2021 until: Sat Jan 04 12:50:51 PST 2031 - private static final String INT = "-----BEGIN CERTIFICATE-----\n" + - "MIIFgDCCA2igAwIBAgIUKDfVw8K1cpS+z5mv6Lvc0bsLIPEwDQYJKoZIhvcNAQEL\n" + - "BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc\n" + - "BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMSBHMzAeFw0yMTAxMDYyMDUwNTFaFw0z\n" + - "MTAxMDQyMDUwNTFaMFkxCzAJBgNVBAYTAlVTMRYwFAYDVQQKDA1EaWdpQ2VydCwg\n" + - "SW5jMTIwMAYDVQQDDClEaWdpQ2VydCBRdW9WYWRpcyBUTFMgSUNBIFFWIFJvb3Qg\n" + - "Q0EgMSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALMrbkb9kz/4\n" + - "y00r7tfK+uDRomMNd5iCDVMWOvSx1VygKoBn3aavw7gq9Vfb2fIMIWkWG0GMxWbG\n" + - "cx3wDHLWemd7yl9MxRUTGXkvH6/dNEavAQhUTL9TSf/N2e8f7q2dRDNYT7lXi/vR\n" + - "fTBiYlY7BLNha8C3sPHsKduaJN32cjdjVFH51rFDRdhUXlo2hhOjgB6bqoqs75A3\n" + - "Y3w88AdbMkapT63oGsCDO6N/uX2Mo9GSWREvlxHiXSMFf5qFw41vn5QIa5ADL1MP\n" + - "CzlLmJSHXE138H1+cG5IutD7tIieKjo/t+66PGMo8xicj3yUd8rHEmBqClG4Ty3d\n" + - "fF+bETFjLIUCAwEAAaOCAU8wggFLMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0j\n" + - "BBgwFoAUo5fW816iEOGrRZ88F2Q87gFwnMwwdAYIKwYBBQUHAQEEaDBmMDgGCCsG\n" + - "AQUFBzAChixodHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9iYWwuY29tL3F2cmNhMWcz\n" + - "LmNydDAqBggrBgEFBQcwAYYeaHR0cDovL29jc3AucXVvdmFkaXNnbG9iYWwuY29t\n" + - "MBMGA1UdIAQMMAowCAYGZ4EMAQICMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEF\n" + - "BQcDATA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnF1b3ZhZGlzZ2xvYmFs\n" + - "LmNvbS9xdnJjYTFnMy5jcmwwHQYDVR0OBBYEFJkRfemwrS1iWnDTPI2HIK3a2i5B\n" + - "MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAb6tTptzzi4ssb+jA\n" + - "n2O2vAjAo7ydlfN9v+QH0ZuGHlUc9bm8dpNpBo9yt6fWHIprGLJjVOF7HwVDQcJD\n" + - "DhX4638Q7ETDrbTVQ4/edX6Yesq6C1G8Pza1LwStXD/jCQHFvWbPud86V0ikS4rS\n" + - "qlmu3fzUrGZ2/Q+n5jrnRqM5IS8TXYcnzLD3azH1+aZjkwQt9HP4IuvAe/Bg9aWE\n" + - "XeDmksbg0SqQInrWn+BVYtD+hCZNz8K0GnKKpx3Q9VxzRv+BMbO5e9iqK1Hcj5Wv\n" + - "ZXvU45j2r5y9WML4fc8CvphzbF6ezr1e51i+yabNmfld33gRX48V5oNk16wX32ed\n" + - "kQ83sKNomQm1dXURWK8aSDcZFAvJQ8vKTLIE9wiQmtjfSGoJzQhKLaN+egrp4L9y\n" + - "fjpFIeK4zgAH39P4s4kaPWTdfXe2n6P5o7Xolp4R22SVkI76d8d+5Iv7Rtqd+mqI\n" + - "y1hkwyTBbOBLtyF7yMtJQewkkZ0MWxkPvWg193RbYVRx8w1EycnxMgNwy2sJw7MR\n" + - "XM6Mihkw910BkvlbsFUXw4uSvRkkRWSBWVrkM5hvZGtbIJkqrdnj55RSk4DLOOT/\n" + - "LUyji/KpgD7YCi7emFA4tH6OpkNrjUJ3gdRnD4GwQj/87tYeoQWZ6uCl0MHDUCmw\n" + - "73bpxSkjPrYbmKo9mGEAMhW1ZxY=\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=quovadis-root-ca-1-g3.chain-demos.digicert.com, O="DigiCert, Inc.", - // L=Lehi, ST=Utah, C=US - // Issuer: CN=DigiCert QuoVadis TLS ICA QV Root CA 1 G3, O="DigiCert, Inc", C=US - // Serial number: a94cc08600f5fe5d3f0659bfcfec6f0 - // Valid from: Fri Mar 04 16:00:00 PST 2022 until: Wed Apr 05 16:59:59 PDT 2023 - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIG/DCCBeSgAwIBAgIQCpTMCGAPX+XT8GWb/P7G8DANBgkqhkiG9w0BAQsFADBZ\n" + - "MQswCQYDVQQGEwJVUzEWMBQGA1UECgwNRGlnaUNlcnQsIEluYzEyMDAGA1UEAwwp\n" + - "RGlnaUNlcnQgUXVvVmFkaXMgVExTIElDQSBRViBSb290IENBIDEgRzMwHhcNMjIw\n" + - "MzA1MDAwMDAwWhcNMjMwNDA1MjM1OTU5WjB9MQswCQYDVQQGEwJVUzENMAsGA1UE\n" + - "CBMEVXRhaDENMAsGA1UEBxMETGVoaTEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4x\n" + - "NzA1BgNVBAMTLnF1b3ZhZGlzLXJvb3QtY2EtMS1nMy5jaGFpbi1kZW1vcy5kaWdp\n" + - "Y2VydC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3HrwaCagg\n" + - "6bxmgEC+neLN/ShfNYuOMQ2Slk5q/zDUhQRpNQnh3nUwoRSWRvwGxDFsRj++LECF\n" + - "TMdfzIu+0rlFzGqd3B5mlRsJrcycy/+ILwGNtIooUSU7pvJAVgLZ5N1SSVZoY+i3\n" + - "bqLiMmv2/JfouT1SQB3U0tGmS+QKyBtVyKPVeuAhnLdyw90UiB7Gu9qXQpCawac8\n" + - "pXPQLFzyEP7VJO0wDXanXvi6YPuIhh4m+j2YVCd9d2zI3y3kOrkuaUY5UCBvMG/b\n" + - "Pc7/5pBsqf+E+7RHF24JAR2aqXzARWt2MzRiwpE/DJDfu097IUtR5aEdCRIKw/b4\n" + - "GcHEbVaE3c8RAgMBAAGjggOaMIIDljAfBgNVHSMEGDAWgBSZEX3psK0tYlpw0zyN\n" + - "hyCt2touQTAdBgNVHQ4EFgQUsG1/1d7ATEocqm82IRByZD/1qQIwOQYDVR0RBDIw\n" + - "MIIucXVvdmFkaXMtcm9vdC1jYS0xLWczLmNoYWluLWRlbW9zLmRpZ2ljZXJ0LmNv\n" + - "bTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC\n" + - "MIGXBgNVHR8EgY8wgYwwRKBCoECGPmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9E\n" + - "aWdpQ2VydFF1b1ZhZGlzVExTSUNBUVZSb290Q0ExRzMuY3JsMESgQqBAhj5odHRw\n" + - "Oi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRRdW9WYWRpc1RMU0lDQVFWUm9v\n" + - "dENBMUczLmNybDA+BgNVHSAENzA1MDMGBmeBDAECAjApMCcGCCsGAQUFBwIBFhto\n" + - "dHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwgYMGCCsGAQUFBwEBBHcwdTAkBggr\n" + - "BgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tME0GCCsGAQUFBzAChkFo\n" + - "dHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRRdW9WYWRpc1RMU0lD\n" + - "QVFWUm9vdENBMUczLmNydDAJBgNVHRMEAjAAMIIBfQYKKwYBBAHWeQIEAgSCAW0E\n" + - "ggFpAWcAdgCt9776fP8QyIudPZwePhhqtGcpXc+xDCTKhYY069yCigAAAX9cPNEg\n" + - "AAAEAwBHMEUCIEcb3zz7lhKT26HkZpFPF9e7AsHY4HR3pO5LJ5+b2iDGAiEAjEHh\n" + - "4H3Vl+j95X65uBdkODnqjlxRc6OrqCRor71nKTYAdQA1zxkbv7FsV78PrUxtQsu7\n" + - "ticgJlHqP+Eq76gDwzvWTAAAAX9cPNEMAAAEAwBGMEQCIBbRZ9t9oUODHhZfa7n3\n" + - "0lGGmEpnZP9dZw375SuVX6OjAiBbfpZesx7GgSNygEF+zkBAXx+AFJF5GoGiOjFX\n" + - "0ykjDAB2ALNzdwfhhFD4Y4bWBancEQlKeS2xZwwLh9zwAw55NqWaAAABf1w80SoA\n" + - "AAQDAEcwRQIgfSXjtjuKjFiVYwdlitFNgTTSc7uP9hyazlrCKO9GsaYCIQCKimXl\n" + - "j4LjJ4BlG9H1J+V747tuf7ONnAzkCPsa2ymOuzANBgkqhkiG9w0BAQsFAAOCAQEA\n" + - "b9havJS9egan+4dgMhI6gDt6rjdWRniyi7kXv7/vWJXOxR1xl2d/WYDLsfp3BbqW\n" + - "YuKQwB5tTH1hEoNhQIyGnuE1Y1ZgtX24rSVfTCkU/3dnTZaIhaZgFHyftAum7xSI\n" + - "Qzu7pwih+PXrGNXupsnZ+VUE7a7zHyRDajixhSp7dZS4zLoDTxeyKX0MDmo4e8Mi\n" + - "HNYVASYcrdld90jVJaeI/V3EkJAX7/Eyo9JqzivEwGM0e0JhCLekcVSzhjGoAlbQ\n" + - "tIzCIaeVUlWKKiNXSKr1WD4oCD3ky4Y5VekTGzyUf/0LYzV+Y7p8epc5vTWKwYx/\n" + - "vQwJ4RsgFit+c84mSg4qug==\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=quovadis-root-ca-1-g3-revoked.chain-demos.digicert.com, - // O="DigiCert, Inc.", L=Lehi, ST=Utah, C=US - // Issuer: CN=DigiCert QuoVadis TLS ICA QV Root CA 1 G3, O="DigiCert, Inc", C=US - // Serial number: e7eff4cdd14ebed1daa7bb7e07300ed - // Valid from: Fri Mar 04 16:00:00 PST 2022 until: Wed Apr 05 16:59:59 PDT 2023 - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIHDjCCBfagAwIBAgIQDn7/TN0U6+0dqnu34HMA7TANBgkqhkiG9w0BAQsFADBZ\n" + - "MQswCQYDVQQGEwJVUzEWMBQGA1UECgwNRGlnaUNlcnQsIEluYzEyMDAGA1UEAwwp\n" + - "RGlnaUNlcnQgUXVvVmFkaXMgVExTIElDQSBRViBSb290IENBIDEgRzMwHhcNMjIw\n" + - "MzA1MDAwMDAwWhcNMjMwNDA1MjM1OTU5WjCBhTELMAkGA1UEBhMCVVMxDTALBgNV\n" + - "BAgTBFV0YWgxDTALBgNVBAcTBExlaGkxFzAVBgNVBAoTDkRpZ2lDZXJ0LCBJbmMu\n" + - "MT8wPQYDVQQDEzZxdW92YWRpcy1yb290LWNhLTEtZzMtcmV2b2tlZC5jaGFpbi1k\n" + - "ZW1vcy5kaWdpY2VydC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB\n" + - "AQDCQQ2S25TEDDGHa/zvFUex4mD7pUAS7g80g8mQVII2v9Cg6F2tIEbay/IDhV3D\n" + - "NtxJcaqiMpT9oMA5jhMSOqcoq8QFzdqugtIvxQ3obrIZysxjjluB2b1T5UhlnND1\n" + - "ShXlSWRhwkCN8qfO+VJ8wrpVH45mj+DsiSLWrY8Vw4q+gcJgoUV0Vj87m1H93JTf\n" + - "pF68NjljUOOTTXZSzsvTRpDsnOizbVeyZoRawRP8D4UbxA8P28Q5W7a/uZSnUkfo\n" + - "1U1QFDd/ii/PCt6TVGYCNUehb8eSrEyjAtIZ/ricIVkKxcqzQ3Tuq7HefH/KiAqD\n" + - "GWr0NfO1JhX5ILmDZcosdsW1AgMBAAGjggOjMIIDnzAfBgNVHSMEGDAWgBSZEX3p\n" + - "sK0tYlpw0zyNhyCt2touQTAdBgNVHQ4EFgQUK6amWfyhRxRpr+fT1tpYV14n2wgw\n" + - "QQYDVR0RBDowOII2cXVvdmFkaXMtcm9vdC1jYS0xLWczLXJldm9rZWQuY2hhaW4t\n" + - "ZGVtb3MuZGlnaWNlcnQuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr\n" + - "BgEFBQcDAQYIKwYBBQUHAwIwgZcGA1UdHwSBjzCBjDBEoEKgQIY+aHR0cDovL2Ny\n" + - "bDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0UXVvVmFkaXNUTFNJQ0FRVlJvb3RDQTFH\n" + - "My5jcmwwRKBCoECGPmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFF1\n" + - "b1ZhZGlzVExTSUNBUVZSb290Q0ExRzMuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQIC\n" + - "MCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzCBgwYI\n" + - "KwYBBQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5j\n" + - "b20wTQYIKwYBBQUHMAKGQWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdp\n" + - "Q2VydFF1b1ZhZGlzVExTSUNBUVZSb290Q0ExRzMuY3J0MAkGA1UdEwQCMAAwggF+\n" + - "BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB3AOg+0No+9QY1MudXKLyJa8kD08vREWvs\n" + - "62nhd31tBr1uAAABf1xeMeAAAAQDAEgwRgIhALuEk3mDbnEEkboc95mrKMgibE0K\n" + - "0QAWMu1gI/teH06xAiEA7dbuLv66ScQkOq0zbfnUM8ih1Bw+Wb29jQRyTEXCaxEA\n" + - "dgA1zxkbv7FsV78PrUxtQsu7ticgJlHqP+Eq76gDwzvWTAAAAX9cXjIwAAAEAwBH\n" + - "MEUCIBvEfG23Yewp6oXQJExXQ+Am7z4i0X5NqSz8ohAXT3NiAiEAhDjy2H2Z5CV5\n" + - "gZ8TACTVgNyvEIH0cS4DjH6/ILknLDEAdQCzc3cH4YRQ+GOG1gWp3BEJSnktsWcM\n" + - "C4fc8AMOeTalmgAAAX9cXjJBAAAEAwBGMEQCIGuxWoTPcFYQlVF9q/F1JbaZj/VT\n" + - "O6Oa8ionxCC/8aqrAiAUCUoDcwphZ25ZFC+xGiP0kUiWgUwuQH7lBpTgoZp/BjAN\n" + - "BgkqhkiG9w0BAQsFAAOCAQEAFrVjcQxq81PXEgHCf48+FOle8kUpJGxpH1n1Sp0p\n" + - "V95wrXj47oT1Vt9WqXPrNDfDkxwAvvXrCMXjHEg2YN0FCEanVec8GciuRRRtXrOE\n" + - "QOXAqGv5j+KG7bEvMNUFS90fesxfxVAQkr1zIT70nMAOKV1NOyQ/q8bZ+jehcRZB\n" + - "wUKrCWAzvOw4DPytrDcQmflvQN+Bw92T3uDuoYT/oBcobpVfKpfuW/+ZxxXTIp4L\n" + - "sixlx82SZNTo6e3LOqsgZnR6TFyRJ63sK65M+W0d55bHvleUAHRCOiGhhgqE/cby\n" + - "z50hDzJMLnjskMSpkxMoeSeutAS2e7oIvA//7C37LrQccQ==\n" + - "-----END CERTIFICATE-----"; - - public void runTest(ValidatePathWithParams pathValidator) - throws Exception { - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, - "Tue Mar 08 11:22:28 PST 2022", System.out); - } -} - -class RootCA2G3 { - - // Owner: CN=DigiCert QV EV TLS ICA G1, O="DigiCert, Inc.", C=US - // Issuer: CN=QuoVadis Root CA 2 G3, O=QuoVadis Limited, C=BM - // Serial number: 65e9bcd53e791df22dffeb5ecc2bc7a5588d0883 - // Valid from: Mon Mar 16 12:39:42 PDT 2020 until: Thu Mar 14 12:39:42 PDT 2030 - private static final String INT = "-----BEGIN CERTIFICATE-----\n" + - "MIIFbzCCA1egAwIBAgIUZem81T55HfIt/+tezCvHpViNCIMwDQYJKoZIhvcNAQEL\n" + - "BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc\n" + - "BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMiBHMzAeFw0yMDAzMTYxOTM5NDJaFw0z\n" + - "MDAzMTQxOTM5NDJaMEoxCzAJBgNVBAYTAlVTMRcwFQYDVQQKDA5EaWdpQ2VydCwg\n" + - "SW5jLjEiMCAGA1UEAwwZRGlnaUNlcnQgUVYgRVYgVExTIElDQSBHMTCCASIwDQYJ\n" + - "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMhwn6I+pGrJsnisnzP7EU5cFN9UT5XF\n" + - "auA13F3jHeUUZmBOcMSOJEhx/e7oeVScTnmKpe7t7uey7lIIC9DWFmP8klbtLBgL\n" + - "0jY4MPlCkVyxUIhZ73EHCPqDCX9bo+rMB6C758/tKZOPcoWRixQypPwoC4cXNOOk\n" + - "ntqFPRxFSZoBdTDNlAmkAQJCRsXGCEC5pZ0JqzGcAA0/Pw1fB8lSPAti3trubYmd\n" + - "aaPFAKzGK7vsexxpuSUKO0opNkFWbLdHZ8jkr86R80oo1vhURJXWNeMS74ws5nbt\n" + - "Ll9sJTDW33MQPS0/JO3xYI7bQcW3K1sPSERa4BahqgOJvEXMk1eWRcUCAwEAAaOC\n" + - "AU0wggFJMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAU7edvdlq/YOxJ\n" + - "W8ald7tyFnGbxD0wOgYIKwYBBQUHAQEELjAsMCoGCCsGAQUFBzABhh5odHRwOi8v\n" + - "b2NzcC5xdW92YWRpc2dsb2JhbC5jb20wSwYDVR0gBEQwQjAHBgVngQwBATA3Bglg\n" + - "hkgBhv1sAgEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29t\n" + - "L0NQUzAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwOwYDVR0fBDQwMjAw\n" + - "oC6gLIYqaHR0cDovL2NybC5xdW92YWRpc2dsb2JhbC5jb20vcXZyY2EyZzMuY3Js\n" + - "MB0GA1UdDgQWBBQTL6fobnFR9uIMmEeDnn+deHk08zAOBgNVHQ8BAf8EBAMCAYYw\n" + - "DQYJKoZIhvcNAQELBQADggIBAEoOxze3kgnR39LX8M63EjiNxx0LThZHROqYqev6\n" + - "5ox/c5NNitk8/ODA8osdPpvnUBAlmE0+gqBvnTBRPVrJFd9bOr5BK8z6Os9/U0ed\n" + - "c3UINkWLS05B7ChC9s6Zw1Vd/WlW08TQJ80GpvAIbEKcg8EO/DXPniHxC4cMtv1T\n" + - "jtNeh98XiVgQXHL1FY+u/l413J8C4utKi4ZOQeCJDqvlSDzRsOi+tHsXrCJxnMWN\n" + - "2QBgMGgdPW37zwf0EffoH0Gee3pTgg7I5SzmvBq0t5xRDfv4N0OdM/sN1mc5f3o7\n" + - "0YCd9WXhyDCV5W2O8QIbrd42CK5k1rlM6gXwOyDmYY5CVAl1QeXEeRfDk/zNjU/1\n" + - "+LnH/Dv88VcZhODYq+VGbyM8bpNr0v95PY3yaH4kzpWGqWAN5i9LosfcaqRPmyL4\n" + - "PcKTQwcA9AVTjITExFua/QtGrXLPvMVxR248G9IQpJMxP3JEGkjlKCenmc29r2u1\n" + - "KE4TeCs2xxjR1PusTfX91bBW3YAoAPDTRQKZjolegLUY44j3uKSzAdhMEbZQhovH\n" + - "Lraqx1WjTayTuq1Vuakcia5shmgFVSNcE+NVgLEIe32oTOm/G6Kd1lcm9C4Ph1Cg\n" + - "nfDuqohZrk76kJTk8poAY5aFCQHhVzbpSw3zooMGjjvWnkG+/DC6SZM8rKoOdKiB\n" + - "cy+N\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=quovadis-root-ca-2-g3.chain-demos.digicert.com, O="DigiCert, - // Inc.", L=Lehi, ST=Utah, C=US, SERIALNUMBER=5299537-0142, OID.1.3.6.1.4 - // 1.311.60.2.1.2=Utah, OID.1.3.6.1.4.1.311.60.2.1.3=US, - // OID.2.5.4 .15=Private Organization - // Issuer: CN=DigiCert QV EV TLS ICA G1, O="DigiCert, Inc.", C=US - // Serial number: 9c5e9d5f169d3a59e64db208d3e849d - // Valid from: Wed Feb 02 16:00:00 PST 2022 until: Mon Mar 06 15:59:59 PST 2023 - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIHNDCCBhygAwIBAgIQCcXp1fFp06WeZNsgjT6EnTANBgkqhkiG9w0BAQsFADBK\n" + - "MQswCQYDVQQGEwJVUzEXMBUGA1UECgwORGlnaUNlcnQsIEluYy4xIjAgBgNVBAMM\n" + - "GURpZ2lDZXJ0IFFWIEVWIFRMUyBJQ0EgRzEwHhcNMjIwMjAzMDAwMDAwWhcNMjMw\n" + - "MzA2MjM1OTU5WjCB3zEdMBsGA1UEDwwUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzAR\n" + - "BgsrBgEEAYI3PAIBAxMCVVMxFTATBgsrBgEEAYI3PAIBAhMEVXRhaDEVMBMGA1UE\n" + - "BRMMNTI5OTUzNy0wMTQyMQswCQYDVQQGEwJVUzENMAsGA1UECBMEVXRhaDENMAsG\n" + - "A1UEBxMETGVoaTEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNzA1BgNVBAMTLnF1\n" + - "b3ZhZGlzLXJvb3QtY2EtMi1nMy5jaGFpbi1kZW1vcy5kaWdpY2VydC5jb20wggEi\n" + - "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfknHK7boXh9ysZ0FLDQKEyT2x\n" + - "Swtyecb5kkVgJU75XpXccV724mntCu5hpZ7Yt4tOmDZvbpYcqWbhIJgxGFNLyPdB\n" + - "Fn8jgZ4N0WoD7u295HI9izEmbM0XrO2rvHUc6ZhFFyx0jhvJPf/k9QbQB4TwKZri\n" + - "Iuf1E1Ek70DkTWAg6OrPHMe2ER3aSz2S2rNkMSopURvZuabzPovsGaz+XEZNfE4N\n" + - "UfkBLa0DUjFCamOMZKIfkzxpH/NhQcigGnZgxiyUb6KRhu9ydpWeOvOHwPWwR/fV\n" + - "7WT+X1DUHojoXeCk2RtIRMihDWPd+lqiUppM8IlEW/gxWbK1wP41qioiK9j5AgMB\n" + - "AAGjggN+MIIDejAfBgNVHSMEGDAWgBQTL6fobnFR9uIMmEeDnn+deHk08zAdBgNV\n" + - "HQ4EFgQUtAEN4g3bzwES6MoOINihiZQrt+owOQYDVR0RBDIwMIIucXVvdmFkaXMt\n" + - "cm9vdC1jYS0yLWczLmNoYWluLWRlbW9zLmRpZ2ljZXJ0LmNvbTAOBgNVHQ8BAf8E\n" + - "BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHsGA1UdHwR0MHIw\n" + - "N6A1oDOGMWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFFWRVZUTFNJ\n" + - "Q0FHMS5jcmwwN6A1oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2Vy\n" + - "dFFWRVZUTFNJQ0FHMS5jcmwwSgYDVR0gBEMwQTALBglghkgBhv1sAgEwMgYFZ4EM\n" + - "AQEwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMHYG\n" + - "CCsGAQUFBwEBBGowaDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQu\n" + - "Y29tMEAGCCsGAQUFBzAChjRodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGln\n" + - "aUNlcnRRVkVWVExTSUNBRzEuY3J0MAwGA1UdEwEB/wQCMAAwggF9BgorBgEEAdZ5\n" + - "AgQCBIIBbQSCAWkBZwB2AOg+0No+9QY1MudXKLyJa8kD08vREWvs62nhd31tBr1u\n" + - "AAABfsHcGW0AAAQDAEcwRQIgSMSWvB5/8sf6CAZYojDI+t3bmcVHtIJT3T+Z3TcZ\n" + - "MFMCIQD5Qyb6jwHOAscsPeID156bUZIw+PeB652u+Q8gTU8C5gB1ADXPGRu/sWxX\n" + - "vw+tTG1Cy7u2JyAmUeo/4SrvqAPDO9ZMAAABfsHcGUcAAAQDAEYwRAIgL68Riq9a\n" + - "l17hobjQopbfzvcQi4KT1+DlqO2dAeCuF80CIAy19t3bAxcJRmbXWo9J2dGc7WuE\n" + - "r+bLfnQoerq9KB1bAHYAs3N3B+GEUPhjhtYFqdwRCUp5LbFnDAuH3PADDnk2pZoA\n" + - "AAF+wdwZZAAABAMARzBFAiEA4vYazXAaD1BfJ8MqEmrfxeTIDQ6LZkmqfh8xEnVz\n" + - "8VYCIF/RgfyBhOeH40wfgwpFTa+Y+t7EWg0PtjC4IaIFTKYKMA0GCSqGSIb3DQEB\n" + - "CwUAA4IBAQC5KLlms/+5XcCIEFBpQSwT7VoRcqnrVWlhya+9ClA98LYuDUeHcHt6\n" + - "lHvfjEEmy2s2GoKHK/JxXzftBau5LbDWlvQ6EF+22fnaVDsKIwNgYwbhJb+6zr8t\n" + - "LOFS6Y51YSlRrDUvy94S3PE7N8D3wyKq18IhXOI1WUeR0bKHLlXtl+ZjKMIMkd/l\n" + - "YtLnnskRCQa0P/HLwQYLUpgiNGVZJQbjrWsVzcw12mR/gza1KjR02STJRGZad7L0\n" + - "Oz48CRhm94iaEjFcVKT3vcDUrtCKpkmhBACcdA3NNqDq10i/SLspOeDLSESkkJKF\n" + - "w8w3YCqXjZn5JyV3sVHYNezNKtLdCxn4\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=quovadis-root-ca-2-g3-revoked.chain-demos.digicert.com, - // O="DigiCert, Inc.", L=Lehi, ST=Utah, C=US, SERIALNUMBER=5299537-0142, - // OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Utah, - // OID.1.3.6.1.4.1.311.60.2.1.3=US - // Issuer: CN=DigiCert QV EV TLS ICA G1, O="DigiCert, Inc.", C=US - // Serial number: 3f84605850df3ac98fcc15adec269f8 - // Valid from: Sun Apr 17 17:00:00 PDT 2022 until: Fri May 19 16:59:59 PDT 2023 - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIHQDCCBiigAwIBAgIQA/hGBYUN86yY/MFa3sJp+DANBgkqhkiG9w0BAQsFADBK\n" + - "MQswCQYDVQQGEwJVUzEXMBUGA1UECgwORGlnaUNlcnQsIEluYy4xIjAgBgNVBAMM\n" + - "GURpZ2lDZXJ0IFFWIEVWIFRMUyBJQ0EgRzEwHhcNMjIwNDE4MDAwMDAwWhcNMjMw\n" + - "NTE5MjM1OTU5WjCB5zETMBEGCysGAQQBgjc8AgEDEwJVUzEVMBMGCysGAQQBgjc8\n" + - "AgECEwRVdGFoMR0wGwYDVQQPDBRQcml2YXRlIE9yZ2FuaXphdGlvbjEVMBMGA1UE\n" + - "BRMMNTI5OTUzNy0wMTQyMQswCQYDVQQGEwJVUzENMAsGA1UECBMEVXRhaDENMAsG\n" + - "A1UEBxMETGVoaTEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xPzA9BgNVBAMTNnF1\n" + - "b3ZhZGlzLXJvb3QtY2EtMi1nMy1yZXZva2VkLmNoYWluLWRlbW9zLmRpZ2ljZXJ0\n" + - "LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANfUkoe8l/AFhMH5\n" + - "NtRR2Ztx4xVINz1celdjQE7xgjyHoQY6EMhuI+tvTpwJr9wJEFl7YBiIUFUgJZo6\n" + - "lCLZtXI5t6rN0PhI+F03vGj5ukOkBBcsNVuKPJjud78sHL7u4w7RL3agrQIG7sff\n" + - "bQK4qieUDPxiE8TO8mIzUKnIvYeNA8aJe4zxWf6Mn64WvnudsxYFgMDL4L0ryYKy\n" + - "Ls53Co0OweOl4qnNSne8eIGfb6UaUBQvWbnVfRSHzf+skrF1qstWlFhUsqR07HtF\n" + - "6BqVrAsRA8tmXisyXrMp9jTcIsG7LXVLOqxN07mAvpateExZs3WWRhfQl4Z+HpHD\n" + - "80WbTI0CAwEAAaOCA4IwggN+MB8GA1UdIwQYMBaAFBMvp+hucVH24gyYR4Oef514\n" + - "eTTzMB0GA1UdDgQWBBSTXYbD9dwCDxIH/aN5vIr02uLz5DBBBgNVHREEOjA4gjZx\n" + - "dW92YWRpcy1yb290LWNhLTItZzMtcmV2b2tlZC5jaGFpbi1kZW1vcy5kaWdpY2Vy\n" + - "dC5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF\n" + - "BQcDAjB7BgNVHR8EdDByMDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20v\n" + - "RGlnaUNlcnRRVkVWVExTSUNBRzEuY3JsMDegNaAzhjFodHRwOi8vY3JsNC5kaWdp\n" + - "Y2VydC5jb20vRGlnaUNlcnRRVkVWVExTSUNBRzEuY3JsMEoGA1UdIARDMEEwCwYJ\n" + - "YIZIAYb9bAIBMDIGBWeBDAEBMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGln\n" + - "aWNlcnQuY29tL0NQUzB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGGGGh0dHA6\n" + - "Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBABggrBgEFBQcwAoY0aHR0cDovL2NhY2VydHMu\n" + - "ZGlnaWNlcnQuY29tL0RpZ2lDZXJ0UVZFVlRMU0lDQUcxLmNydDAJBgNVHRMEAjAA\n" + - "MIIBfAYKKwYBBAHWeQIEAgSCAWwEggFoAWYAdQDoPtDaPvUGNTLnVyi8iWvJA9PL\n" + - "0RFr7Otp4Xd9bQa9bgAAAYA+bejFAAAEAwBGMEQCIFDhmaB4BXmOw2SKONPFBU8t\n" + - "qXb7DXeG6JHGcONDqITjAiAqozEj7/1ULu6t/uzfwOSgC7xEmUsLGzQVnaOF9m3s\n" + - "swB1ADXPGRu/sWxXvw+tTG1Cy7u2JyAmUeo/4SrvqAPDO9ZMAAABgD5t6QkAAAQD\n" + - "AEYwRAIgfVEs7Ph+wOpoCGl4woa3aUWH1COGx1SwvHZ8lH21xfsCIBI1IpR6goya\n" + - "iz47tT/Uz+26RnkHiAApYsdMOPyevkzhAHYAs3N3B+GEUPhjhtYFqdwRCUp5LbFn\n" + - "DAuH3PADDnk2pZoAAAGAPm3pPgAABAMARzBFAiAKBon1PVoqJAF49jMQd2c222TK\n" + - "sWkL5sLFqLVZj2vOugIhAODd/OUy236+9alC2U5nxl1oej9fOF4por2OZMFQfpFF\n" + - "MA0GCSqGSIb3DQEBCwUAA4IBAQAyrJzyOiRAETfoYddTmRmbnFNuHx4YAkkdxn2d\n" + - "BXdy4jPn0kTtDo4592KnbTdieSCWghmEmcEY1sQXdX6iqKwzmp408jfUDohl5evV\n" + - "oZrum3P3zgLRz1qswFM5a2HteWzCWWi/n6d6nKXj6PGGVAMQfk1s6PaWhYBuiaag\n" + - "myYss/LTPzaLGUfFzlt/HfomiD+BNuBOVa+pPrmTWhex+e02z95n6RPYCiazuZNZ\n" + - "xiarN83pRNu/fIjVXw2jENg7+kaC1wwLqET0x6/EJa6YI3Xa7Aumb8Pp2r2UZ5Tr\n" + - "7BUhmiRLkvw/9SI8ceXNSwuTTGK2fKHm2/CWqI0cS3zWk3dC\n" + - "-----END CERTIFICATE-----"; - - public void runTest(ValidatePathWithParams pathValidator) - throws Exception { - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, - "Mon Apr 18 14:07:46 PDT 2022", System.out); - } -} - -class RootCA3G3 { - - // Owner: CN=DigiCert QuoVadis TLS ICA QV Root CA 3 G3, O="DigiCert, Inc", C=US - // Issuer: CN=QuoVadis Root CA 3 G3, O=QuoVadis Limited, C=BM - // Serial number: 427dd33a8ff51d8152e813c7dec93ba76312a7d8 - // Valid from: Wed Jan 06 12:55:40 PST 2021 until: Sat Jan 04 12:55:40 PST 2031 - private static final String INT = "-----BEGIN CERTIFICATE-----\n" + - "MIIFgDCCA2igAwIBAgIUQn3TOo/1HYFS6BPH3sk7p2MSp9gwDQYJKoZIhvcNAQEL\n" + - "BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc\n" + - "BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMyBHMzAeFw0yMTAxMDYyMDU1NDBaFw0z\n" + - "MTAxMDQyMDU1NDBaMFkxCzAJBgNVBAYTAlVTMRYwFAYDVQQKDA1EaWdpQ2VydCwg\n" + - "SW5jMTIwMAYDVQQDDClEaWdpQ2VydCBRdW9WYWRpcyBUTFMgSUNBIFFWIFJvb3Qg\n" + - "Q0EgMyBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALxNTdqnFD+A\n" + - "MhketYfVfVUWQKPkVEuyYj7Y2uwXBMRP4RStO4CoQih+hX/h94vRlObOIsqcNnyC\n" + - "ElwBnLbmusaWYLYnDEWoROL8uN0pkWk0asfhhEsXTkAJ6FLHUD85WBkED4gIVWPi\n" + - "Sp4AOwiA+/zpbwgVAgdjJTO3jjMsp4F1lBrdViYSwoPRACH1ZMjJG572oXTpZkQX\n" + - "uWmEKLUOnik1i5cbqGLnwXiDvTAhxit7aBlj/C5IDvONWVQL34ZTYppvo8S3Hhy9\n" + - "xX0S4HCpTpeBe3mas7VOrjsXNlEoFvejrxcQ+fB/gUf6fLUPxUhcPtm8keBPQuxc\n" + - "qP12/+KG0WECAwEAAaOCAU8wggFLMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0j\n" + - "BBgwFoAUxhfQvKjqAkPyGwaZXSuQILnXnOQwdAYIKwYBBQUHAQEEaDBmMDgGCCsG\n" + - "AQUFBzAChixodHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9iYWwuY29tL3F2cmNhM2cz\n" + - "LmNydDAqBggrBgEFBQcwAYYeaHR0cDovL29jc3AucXVvdmFkaXNnbG9iYWwuY29t\n" + - "MBMGA1UdIAQMMAowCAYGZ4EMAQICMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEF\n" + - "BQcDATA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnF1b3ZhZGlzZ2xvYmFs\n" + - "LmNvbS9xdnJjYTNnMy5jcmwwHQYDVR0OBBYEFDNm+y+RBcyzYlLvzTz1fhzOpxeW\n" + - "MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAY0ZuDgyM4I4MO9ll\n" + - "D8qFUPQ8xtcGOuJgSRhDS2onIJ0M8yOGOYJCobIEGIgqyx94kI/n/1Xw+Wvsnhwb\n" + - "OYOtVedx6VGDu6IuSKTVgPPhzwKP5ZA7wtmgKR8+W4E3DM1VerA9Po9ycDK9qCdl\n" + - "K4tuF37grKEzlQKovG+kn0z+Zi0D/E1kN1Q8YmX35HHRenJWKEnAL9QROh0X9jFi\n" + - "SlsHPrxWC3adOdAW+B+kVG0cM2nurd0Ic2YkiLKOOaSd5hbCQY/fCZwohtest+ZU\n" + - "Ajyd+FVzSNvEFrwPzZwKfcdemvD4kew8lx5sG6BUL4GkFWnotxSr+F9Huwgj4pC+\n" + - "cxE2841a/9r/gliuwDM/8jkt16epFAdw0fXemyM8FdHJDnB++3d8SyjOOQ8j+VHW\n" + - "31NWx27sORa5CgRchlldXWDzIIEwbc82a1OAfGUmNAsdEHjMl1HMcZHbjCmdSdsw\n" + - "fmyldZrj2YmvOI5ZlE9z4vzi35KyqlxWCtu9O/SJq/rBvYS0TPmm8HbhJQbeMe6p\n" + - "vJGrxcb1muSBANn9T9wvukjiNNw32ciSDCjZ0h4N+CGxbzoZtgIAQ29IunYdnJix\n" + - "ZiP+ED6xvwgVRBkDSgWD2W/hex/+z4fNmGQJDcri51/tZCqHHv2Y7XReuf4Fk+nP\n" + - "l8Sd/Kpqwde/sJkoqwDcBSJygh0=\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=quovadis-root-ca-3-g3.chain-demos.digicert.com, O="DigiCert, Inc.", - // L=Lehi, ST=Utah, C=US - // Issuer: CN=DigiCert QuoVadis TLS ICA QV Root CA 3 G3, O="DigiCert, Inc", C=US - // Serial number: f27ee3fad1d754ae78d7866da0a4f6f - // Valid from: Fri Mar 04 16:00:00 PST 2022 until: Wed Apr 05 16:59:59 PDT 2023 - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIG/jCCBeagAwIBAgIQDyfuP60ddUrnjXhm2gpPbzANBgkqhkiG9w0BAQsFADBZ\n" + - "MQswCQYDVQQGEwJVUzEWMBQGA1UECgwNRGlnaUNlcnQsIEluYzEyMDAGA1UEAwwp\n" + - "RGlnaUNlcnQgUXVvVmFkaXMgVExTIElDQSBRViBSb290IENBIDMgRzMwHhcNMjIw\n" + - "MzA1MDAwMDAwWhcNMjMwNDA1MjM1OTU5WjB9MQswCQYDVQQGEwJVUzENMAsGA1UE\n" + - "CBMEVXRhaDENMAsGA1UEBxMETGVoaTEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4x\n" + - "NzA1BgNVBAMTLnF1b3ZhZGlzLXJvb3QtY2EtMy1nMy5jaGFpbi1kZW1vcy5kaWdp\n" + - "Y2VydC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOZpBBS8yo\n" + - "ioVgFUQDCVcnkHTL4/PfaPKGK1owE0+mKz1AXmYX1rzFfp6gFqjbZeclhWCKoINE\n" + - "OrZ2+1mGp75+nCP89NgoGzPgjYLVsM97gN2Y36/jXu8TwsZdYfBw9gxL+YApvq2r\n" + - "NbPfxXaYfWdq8bz0RzqXRgS8BqKi1q8tKyahx5EJ3fCpozY9NPvCnipwbWXL9evF\n" + - "Oak3c5Ip2YME4mHh8PujrznCVBte7KGLDn2KwbOUbh5SKKBL32vzTPOERWEDMbAu\n" + - "3XqQh/cc4LTp32Lf/XkfnUOSbzNh+Te8ZjeDzI+SYNg9bleKpPxLSkBZyurs4mCD\n" + - "92L8BXPlMaGjAgMBAAGjggOcMIIDmDAfBgNVHSMEGDAWgBQzZvsvkQXMs2JS7808\n" + - "9X4czqcXljAdBgNVHQ4EFgQUnf71SuL2Z73DAgGKgO7UVFDBIkgwOQYDVR0RBDIw\n" + - "MIIucXVvdmFkaXMtcm9vdC1jYS0zLWczLmNoYWluLWRlbW9zLmRpZ2ljZXJ0LmNv\n" + - "bTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC\n" + - "MIGXBgNVHR8EgY8wgYwwRKBCoECGPmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9E\n" + - "aWdpQ2VydFF1b1ZhZGlzVExTSUNBUVZSb290Q0EzRzMuY3JsMESgQqBAhj5odHRw\n" + - "Oi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRRdW9WYWRpc1RMU0lDQVFWUm9v\n" + - "dENBM0czLmNybDA+BgNVHSAENzA1MDMGBmeBDAECAjApMCcGCCsGAQUFBwIBFhto\n" + - "dHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwgYMGCCsGAQUFBwEBBHcwdTAkBggr\n" + - "BgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tME0GCCsGAQUFBzAChkFo\n" + - "dHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRRdW9WYWRpc1RMU0lD\n" + - "QVFWUm9vdENBM0czLmNydDAJBgNVHRMEAjAAMIIBfwYKKwYBBAHWeQIEAgSCAW8E\n" + - "ggFrAWkAdwDoPtDaPvUGNTLnVyi8iWvJA9PL0RFr7Otp4Xd9bQa9bgAAAX9cGyUR\n" + - "AAAEAwBIMEYCIQDjpwE/uiXodkY8Cx3ecooM7gxZp+Qi3aQSIi3SWam6YwIhAPqz\n" + - "8AdaOw+FTZApiEiO2PXww8Y98YtivwXay8v/ZFxrAHYANc8ZG7+xbFe/D61MbULL\n" + - "u7YnICZR6j/hKu+oA8M71kwAAAF/XBsk5gAABAMARzBFAiEA4v9FfzFKPr8hPM1O\n" + - "jPSlboD96ufdyFBy9KmD8pFcI6ECIBY6pcURmWtsE/G2jQgC+qvueJqSycNP2qTM\n" + - "iJ3pO/U1AHYAs3N3B+GEUPhjhtYFqdwRCUp5LbFnDAuH3PADDnk2pZoAAAF/XBsl\n" + - "BwAABAMARzBFAiEAsHzOaXv9OIo4RvaKUEscoLpnM98C+4hc6v4Z26d41aICIC2o\n" + - "aTrc5JsqgDhJXp7UArQPziUqDso967W2mrLa0nLdMA0GCSqGSIb3DQEBCwUAA4IB\n" + - "AQC2CaUwlIb+uKsELGw5U2KV0q8uMp/nBIyFaW/HNOJUf8j1keaf31WWBAFfUQVY\n" + - "pzFRUnRmNTtGxCvzyY1YhoQSwswGghz8ZCSQPWCST/Tl8kKuVFas8wSUXaEV23t4\n" + - "G0pfIlXL2oIuJwREjzv54SK7xsQ4whco0nw8DvLt+/5us4t96u8r1EuBKkF45ngz\n" + - "t77MTqpa0nvWUT7q9POT7xwQNui7P0j5t7prVX/fBKm5EfK1Jdi1Toj9+VxTIWYk\n" + - "splUCXw7zxaA3nlrncAmnHxZEY8sQjpGY1OGY0udd+m5bldJNbRTA1Q+VoPVMiU6\n" + - "osdBQGUbbWrqm1fnoFW1VvUt\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=quovadis-root-ca-3-g3-revoked.chain-demos.digicert.com, - // O="DigiCert, Inc.", L=Lehi, ST=Utah, C=US - // Issuer: CN=DigiCert QuoVadis TLS ICA QV Root CA 3 G3, O="DigiCert, Inc", C=US - // Serial number: aafa7cafda91796626f5fc8bcb38702 - // Valid from: Fri Mar 04 16:00:00 PST 2022 until: Wed Apr 05 16:59:59 PDT 2023 - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIHDTCCBfWgAwIBAgIQCq+nyv2pF5Zib1/IvLOHAjANBgkqhkiG9w0BAQsFADBZ\n" + - "MQswCQYDVQQGEwJVUzEWMBQGA1UECgwNRGlnaUNlcnQsIEluYzEyMDAGA1UEAwwp\n" + - "RGlnaUNlcnQgUXVvVmFkaXMgVExTIElDQSBRViBSb290IENBIDMgRzMwHhcNMjIw\n" + - "MzA1MDAwMDAwWhcNMjMwNDA1MjM1OTU5WjCBhTELMAkGA1UEBhMCVVMxDTALBgNV\n" + - "BAgTBFV0YWgxDTALBgNVBAcTBExlaGkxFzAVBgNVBAoTDkRpZ2lDZXJ0LCBJbmMu\n" + - "MT8wPQYDVQQDEzZxdW92YWRpcy1yb290LWNhLTMtZzMtcmV2b2tlZC5jaGFpbi1k\n" + - "ZW1vcy5kaWdpY2VydC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB\n" + - "AQDofDJ1xHHWMhbWwU7e4cY3u2NjvE4ur/A0Y13UK53zoH8qDunV6ORAXQ+zSpev\n" + - "kPlnIbdjYOK1v5RJn2ZRgCafj8Bc/9GnfQ1uE7P9dRkC9ZQwvb6Eh6f4RT7gaOPX\n" + - "UXSXwtr96xdXDvtlJqWx13YQPnSGXUNNT1NH8bs2Myr9j+I5bUcUGsKsGheZoib3\n" + - "6IFINss+ouOhZ+HP6ganS5cQVsUGk5u6BT6oH9VgwfVMjpDqmRkwc6UJmiij/Nz4\n" + - "NOLOx2tivUjhk0eTPUaErUqYipGBSuwww6Linc/0IAIxGJ2k0J3Qz9PthJzG0P47\n" + - "J5U5ej6FimnRS6Rrk5Ywk2HNAgMBAAGjggOiMIIDnjAfBgNVHSMEGDAWgBQzZvsv\n" + - "kQXMs2JS78089X4czqcXljAdBgNVHQ4EFgQU9qXify+xtHlQIniZABL1pv7gcb4w\n" + - "QQYDVR0RBDowOII2cXVvdmFkaXMtcm9vdC1jYS0zLWczLXJldm9rZWQuY2hhaW4t\n" + - "ZGVtb3MuZGlnaWNlcnQuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr\n" + - "BgEFBQcDAQYIKwYBBQUHAwIwgZcGA1UdHwSBjzCBjDBEoEKgQIY+aHR0cDovL2Ny\n" + - "bDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0UXVvVmFkaXNUTFNJQ0FRVlJvb3RDQTNH\n" + - "My5jcmwwRKBCoECGPmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFF1\n" + - "b1ZhZGlzVExTSUNBUVZSb290Q0EzRzMuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQIC\n" + - "MCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzCBgwYI\n" + - "KwYBBQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5j\n" + - "b20wTQYIKwYBBQUHMAKGQWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdp\n" + - "Q2VydFF1b1ZhZGlzVExTSUNBUVZSb290Q0EzRzMuY3J0MAkGA1UdEwQCMAAwggF9\n" + - "BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB1AOg+0No+9QY1MudXKLyJa8kD08vREWvs\n" + - "62nhd31tBr1uAAABf1wc0LIAAAQDAEYwRAIgdmF6UFe2jgbM3FjYRMmcNaXfpleT\n" + - "E8hmYfmAVy5lSoUCIDPCV27IP9wpdGoxnnCMBwuekg6E4SB0lj49+o9OHHjDAHUA\n" + - "Nc8ZG7+xbFe/D61MbULLu7YnICZR6j/hKu+oA8M71kwAAAF/XBzQ0QAABAMARjBE\n" + - "AiBO6vYHFci7OWvqDHRlgTn+Q6zNG/LysZEOlrO4W8ZZ2gIgDY5+qjlar3esPN0b\n" + - "JUR5vfITl7UiZoqINJSm1gZ4Nm4AdwCzc3cH4YRQ+GOG1gWp3BEJSnktsWcMC4fc\n" + - "8AMOeTalmgAAAX9cHNDdAAAEAwBIMEYCIQCB52OPhdnYybsWzmkdSGSbgQVmS0V7\n" + - "ZumbThJSJwpuiwIhAP+JRx+Eu3MYRp5iyLb+xlWqghMnDnF9aCfm1VuW4aDuMA0G\n" + - "CSqGSIb3DQEBCwUAA4IBAQBO/4LljBpMGYYxBang12UIQ+FIjxAfKqqIklSa+du2\n" + - "ea0VHqaRrdfh/aTxzb0WaU++bgQN+MeHmQdvwYSgAyU/lY7mIvDTNxFOO6IG2vfR\n" + - "+JAUnS9iVUQ1rXHU72cxUsne5aRyLQ0W/2Zayx85O6/C9gIUJgJVRuk0dTPZ6tnq\n" + - "FoW1S4GwqEpzTuJU8rP5IvMYoYo8jItpjzS0W90gtDvev/XBRs1ig28Ky7ZS5AtQ\n" + - "S2Q6Ikg9YzegE9YNj2wqdZnEneoce0G1InysM/geY1BZ57G9RAUZkzWVTJRLJgbg\n" + - "2nWSqpQJ765gg9JdsRo+zqj1kUBbUYoTSlaAJG6ucrlB\n" + - "-----END CERTIFICATE-----"; - - public void runTest(ValidatePathWithParams pathValidator) - throws Exception { - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, - "Tue Mar 08 11:23:06 PST 2022", System.out); - } -} diff --git a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/SSLCA.java b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/SSLCA.java deleted file mode 100644 index 1d31833398b..00000000000 --- a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/SSLCA.java +++ /dev/null @@ -1,489 +0,0 @@ -/* - * Copyright (c) 2020, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -/* - * @test - * @bug 8243320 - * @summary Interoperability tests with SSL.com's RSA, EV RSA, and ECC CA - * @build ValidatePathWithParams - * @run main/othervm -Djava.security.debug=certpath SSLCA OCSP - * @run main/othervm -Djava.security.debug=certpath SSLCA CRL - */ - -/* - * Obtain TLS test artifacts for SSL.com CAs from: - * - * SSL.com RSA CA - * Valid - https://test-dv-rsa.ssl.com - * Revoked - https://revoked-rsa-dv.ssl.com/ - * SSL.com EV RSA CA - * Valid - https://test-ev-rsa.ssl.com - * Revoked - https://revoked-rsa-ev.ssl.com/ - * SSL.com ECC CA - * Valid - https://test-dv-ecc.ssl.com - * Revoked - https://revoked-ecc-dv.ssl.com/ - */ -public class SSLCA { - - public static void main(String[] args) throws Exception { - - ValidatePathWithParams pathValidator = new ValidatePathWithParams(null); - boolean ocspEnabled = false; - - if (args.length >= 1 && "CRL".equalsIgnoreCase(args[0])) { - pathValidator.enableCRLCheck(); - } else { - // OCSP check by default - pathValidator.enableOCSPCheck(); - ocspEnabled = true; - } - - new SSLCA_RSA().runTest(pathValidator, ocspEnabled); - new SSLCA_EV_RSA().runTest(pathValidator, ocspEnabled); - new SSLCA_ECC().runTest(pathValidator, ocspEnabled); - } -} - -class SSLCA_RSA { - - // Owner: CN=SSL.com RSA SSL subCA, O=SSL Corporation, L=Houston, ST=Texas, C=US - // Issuer: CN=SSL.com Root Certification Authority RSA, O=SSL Corporation, L=Houston, ST=Texas, C=US - // Serial number: 997ed109d1f07fc - // Valid from: Fri Feb 12 10:48:52 PST 2016 until: Wed Feb 12 10:48:52 PST 2031 - private static final String INT = "-----BEGIN CERTIFICATE-----\n" + - "MIIGbzCCBFegAwIBAgIICZftEJ0fB/wwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UE\n" + - "BhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQK\n" + - "DA9TU0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZp\n" + - "Y2F0aW9uIEF1dGhvcml0eSBSU0EwHhcNMTYwMjEyMTg0ODUyWhcNMzEwMjEyMTg0\n" + - "ODUyWjBpMQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv\n" + - "dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjEeMBwGA1UEAwwVU1NMLmNv\n" + - "bSBSU0EgU1NMIHN1YkNBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA\n" + - "hPYpOunhcxiF6xNzl6Tsm/Q89rnu2jVTXTBOZPaBkSD1Ic4lm7qkYwlZ/UgV5nn1\n" + - "5ohhceYDC2AlR9RvGbP+26qrNcuE0XOdHJOB4SoY4d6OqLAQ6ZB0LdERK1Saa5lp\n" + - "QlqHE8936dpr3hGWyqMb2LsdUuhQIzwNkLU/n9HO35irKCbKgS3FeejqkdqK5l6B\n" + - "b11693o4bz9UZCUdBcQ/Xz06tA5cfnHvYkmmjxhj1lLTKwkQhWuIDrpbwWLO0QVO\n" + - "c29s9ieomRKm8sYMyiBG4QqRQ/+bXwp48cF0qAByGWD6b8/gG4Xq1IBgO5p+aWFS\n" + - "0mszkk5rsh4b3XbTHohP3oWQIOV20WWdtVWXiQuBB8RocAl0Ga//b+epiGgME5JX\n" + - "LWXD1aDg/xHy8MUsaMlh6jDfVIFepkPnkwXDpR/n36hpgKa9dErMkgbYeEaPanLH\n" + - "Yd0kv4xQ36PlMMs9WhoDErGcEG9KxAXN4Axr5wl6PTDn/lXcUFvQoIq/5CSP+Kt5\n" + - "jq9tK/gRrAc4AWqRugDvQPYUm00Rqzj5Oxm5NVQYDzbyoA66CD68LETuVrfa9GuW\n" + - "9MAZRO6CDzonAezIdNHsslDb1H8VN/k0zMxjI+0ub4IAmc3I5GfZtvYcpjtMj8L4\n" + - "2TDS34/COov/Pf2HZ/XXGlzjZ7WPmLl4fdB6hhjs2BsCAwEAAaOCAQYwggECMDAG\n" + - "CCsGAQUFBwEBBCQwIjAgBggrBgEFBQcwAYYUaHR0cDovL29jc3BzLnNzbC5jb20w\n" + - "HQYDVR0OBBYEFCYUfuDc16b34tQEJ99h8cLs5zLKMA8GA1UdEwEB/wQFMAMBAf8w\n" + - "HwYDVR0jBBgwFoAU3QQJB6L1en1SUxKSle44gCUNplkwEQYDVR0gBAowCDAGBgRV\n" + - "HSAAMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmxzLnNzbC5jb20vc3NsLmNv\n" + - "bS1yc2EtUm9vdENBLmNybDAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYB\n" + - "BQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUAA4ICAQAi6e/iSV5DEqDO6XjQ\n" + - "SIIzXgc255yv6Oc2sqZnvRyVBHtHvo62jMoHY3Xunc/EofbeS4aHdYBvgkn6CNTj\n" + - "VkCU+psWwcT3Pg83uP4k4Thu7bXvrClfS+XBlbJiCF/PSJxLrKnxRn+XIGiYl62H\n" + - "glBhq9K8/fZrI2Qh1mZJmWE0FlxEDCb4i8SBNi8lmDogaFi8/yl32Z9ahmhxcLit\n" + - "DU/XyKA0yOqvIrOGKH95v+/l8fQkzE1VEFvj+iyv4TXd7mRZDOsfqfIDZhrpou02\n" + - "kXH/hcXlrR++t8kjj9wt8HHQ+FkryWI6bU3KPRJR6N8EH2EHi23Rp8/kyMs+gwaz\n" + - "zMqnkNPbMME723rXk6/85sjOUaZCmhmRIx9rgqIWQesU962J0FruGOOasLT7WbZi\n" + - "FsmSblmpjUAo49sIRi7X493qegyCEAa412ynybhQ7LVsTLEPxVbdmGVih3jVTif/\n" + - "Nztr2Isaaz4LpMEo4mGCiGxec5mKr1w8AE9n6D91CvxR5/zL1VU1JCVC7sAtkdki\n" + - "vnN1/6jEKFJvlUr5/FX04JXeomIjXTI8ciruZ6HIkbtJup1n9Zxvmr9JQcFTsP2c\n" + - "bRbjaT7JD6MBidAWRCJWClR/5etTZwWwWrRCrzvIHC7WO6rCzwu69a+l7ofCKlWs\n" + - "y702dmPTKEdEfwhgLx0LxJr/Aw==\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=test-dv-rsa.ssl.com - // Issuer: CN=SSL.com RSA SSL subCA, O=SSL Corporation, L=Houston, ST=Texas, C=US - // Serial number: 4ceada4ade82a6ccd0b2ae32c0dbfd62 - // Valid from: Fri Jun 28 07:06:50 PDT 2019 until: Sun Jun 27 07:06:50 PDT 2021 - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIHTjCCBTagAwIBAgIQTOraSt6CpszQsq4ywNv9YjANBgkqhkiG9w0BAQsFADBp\n" + - "MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24x\n" + - "GDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjEeMBwGA1UEAwwVU1NMLmNvbSBSU0Eg\n" + - "U1NMIHN1YkNBMB4XDTE5MDYyODE0MDY1MFoXDTIxMDYyNzE0MDY1MFowHjEcMBoG\n" + - "A1UEAwwTdGVzdC1kdi1yc2Euc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP\n" + - "ADCCAQoCggEBAKlOrYr8fnHN8REfJDwgsBhJvnsU4beQIYYaOAzR8pmo8eq1U/K0\n" + - "uwRrgJ5K61V78zBO5qmZNiivBobViftObWrq2H6QhQsYdMYXld3SEnEotIIriRHY\n" + - "2PcqlgnFYXkqI0ZKs4kNs+j3GS0IwncJJwKtypmtLTCLK5J/kG7qB2MNfXZTIzKI\n" + - "iZza4RUM1j67Hv3fPJzNEJ9urfjaI4xcRh5airlzBWOBU9pW87P7BgQN7cNzJQji\n" + - "4DSvb1pSXv8sBbZk5fmG+81PyUxcfqj7Dbih0J1Aoq0YysHugsrK/kLz+CvqL9B2\n" + - "a1JMZfob9jzcA7XPjpggLc3az2Wvv3XKqokCAwEAAaOCAzswggM3MB8GA1UdIwQY\n" + - "MBaAFCYUfuDc16b34tQEJ99h8cLs5zLKMHwGCCsGAQUFBwEBBHAwbjBKBggrBgEF\n" + - "BQcwAoY+aHR0cDovL3d3dy5zc2wuY29tL3JlcG9zaXRvcnkvU1NMY29tLVN1YkNB\n" + - "LVNTTC1SU0EtNDA5Ni1SMS5jcnQwIAYIKwYBBQUHMAGGFGh0dHA6Ly9vY3Nwcy5z\n" + - "c2wuY29tMDcGA1UdEQQwMC6CE3Rlc3QtZHYtcnNhLnNzbC5jb22CF3d3dy50ZXN0\n" + - "LWR2LXJzYS5zc2wuY29tMFEGA1UdIARKMEgwCAYGZ4EMAQIBMDwGDCsGAQQBgqkw\n" + - "AQMBATAsMCoGCCsGAQUFBwIBFh5odHRwczovL3d3dy5zc2wuY29tL3JlcG9zaXRv\n" + - "cnkwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMDoGA1UdHwQzMDEwL6At\n" + - "oCuGKWh0dHA6Ly9jcmxzLnNzbC5jb20vU1NMY29tUlNBU1NMc3ViQ0EuY3JsMB0G\n" + - "A1UdDgQWBBQD/cmwQI853u0mOlmCjNRsAZOlEDAOBgNVHQ8BAf8EBAMCBaAwggF+\n" + - "BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2AO5Lvbd1zmC64UJpH6vhnmajD35fsHLY\n" + - "gwDEe4l6qP3LAAABa55yL0QAAAQDAEcwRQIgWo8UQY3EYwyzkGLBLS0Zxu7oMmB7\n" + - "dnpzsEcoexWzZrQCIQCR6FkAe5ns84x2phRkn6nV7a0anjnxjpJUNeCfc3/pxAB2\n" + - "AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABa55yLzsAAAQDAEcw\n" + - "RQIhAKhGKQIpSd59tJm/Yac7Xo05u93CWbnDwoDgSMS+HBs5AiAfOSOc3BzY/2MF\n" + - "AM4GWrkK5Ehs9JMafo/+VBM0OrwVKQB2AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1\n" + - "YMG06v9eoIMPAAABa55yL4IAAAQDAEcwRQIhANcF26iGoUuzZL6rGKduPtyyYusf\n" + - "03lBKSyvxabB9WuvAiBNbxR210L+JP89s/ONw53lYVr+1m/c3u9/9Wpu7c3n5jAN\n" + - "BgkqhkiG9w0BAQsFAAOCAgEACX2CbVM8MCIJ+2Wsap1v6VU2kpCS/FBIsLSTWNEf\n" + - "dREv1nh93qQ2CPIxj5kP/0EOUfq7tmQCJHMODVgz3iHrdxRB1E58nXHlZ6vUdrCo\n" + - "pD9d6Cp+AwvrOdv6MndVJgel9tVOAqAUblwdLzPNQHEcXoKnFEVv2SVQCmAYLlkP\n" + - "xX2RS73gseiit4QnVZOWi/wDhqMm7/iq8n7rL/f7+ly2+7e3LVjxd24HZkgxNgbn\n" + - "JDjYvIla+EvyrY8514Ru3Pf1UICY03VpYjE8R7SxrqcvOLtwvOVew6TuCUl6RNpl\n" + - "xeC9Oa1dgf+QRXN7LvmBXUP2nOCnwJE1ENvThPLw9BXLatVJgkA/v/mYWE5VjzIL\n" + - "hboPH2fNWemUv5QMzxUkqhgHgrhr8wnhI6xYIYciGDbmmfnItHex7bxktT7axoCD\n" + - "3dTQQe01YfK/LlkHtnBmJf/t0F33m8KXcQ51fic/TR2U5Tampxp2kdFdTyvRRqMl\n" + - "igqo3EhiPmB9bKsnXDA2AnvdjZT9uFwbUu5lNxjiMQcSZikjQAjJPgjCZ9BQOGbL\n" + - "eqgZcw2CxWMxFSTLL3TIBlNL/0GpRlTvr3IGyvHEr7EESXKD+Ar8XW+4VlMc1s8F\n" + - "cdtnus71s7wm+JUSXcM0WJUkRUvWqHlPi3Ucfe7k6x6BG9Mb42ECjorefPXvFu7v\n" + - "OT4=\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=revoked-rsa-dv.ssl.com - // Issuer: CN=SSL.com RSA SSL subCA, O=SSL Corporation, L=Houston, ST=Texas, C=US - // Serial number: 3f527e677d00558272ac90d1620b67f4 - // Valid from: Fri Jun 28 07:13:48 PDT 2019 until: Sun Jun 27 07:13:48 PDT 2021 - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIHVzCCBT+gAwIBAgIQP1J+Z30AVYJyrJDRYgtn9DANBgkqhkiG9w0BAQsFADBp\n" + - "MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24x\n" + - "GDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjEeMBwGA1UEAwwVU1NMLmNvbSBSU0Eg\n" + - "U1NMIHN1YkNBMB4XDTE5MDYyODE0MTM0OFoXDTIxMDYyNzE0MTM0OFowITEfMB0G\n" + - "A1UEAwwWcmV2b2tlZC1yc2EtZHYuc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD\n" + - "ggEPADCCAQoCggEBAMKtMVeo+fMoeu1nLrcwxNAdfUysNKEhNZbMUOu9pzCChEvJ\n" + - "QHUicdrIZYl9m59uKUMh3Dj2nJLZ3a0pP4iWKcOEfCVMtA83/GDJl/BVj3XFbsMl\n" + - "+HSIu7R0vQM4enOztLabnOzvE4pQOFUp8u5SKO+hmB0zQ1iWkevYjJOf5DBZ7Zsa\n" + - "uF4qy9JqSF07gj/7FNqmqnfy6Z8yc8WAMjoUJrVrvmHQZeX/bCWxczFhYmAtYlwO\n" + - "7a914VP79b3Jq60HbLbYBdILnuU1Uu5L/JbG+hm/fH2meY30aWUaKcGY04ej6xuM\n" + - "hWsLhOrmcl3P7/E5UUojaR1Zvdtsn7jkQ8Y3iOsCAwEAAaOCA0EwggM9MB8GA1Ud\n" + - "IwQYMBaAFCYUfuDc16b34tQEJ99h8cLs5zLKMHwGCCsGAQUFBwEBBHAwbjBKBggr\n" + - "BgEFBQcwAoY+aHR0cDovL3d3dy5zc2wuY29tL3JlcG9zaXRvcnkvU1NMY29tLVN1\n" + - "YkNBLVNTTC1SU0EtNDA5Ni1SMS5jcnQwIAYIKwYBBQUHMAGGFGh0dHA6Ly9vY3Nw\n" + - "cy5zc2wuY29tMD0GA1UdEQQ2MDSCFnJldm9rZWQtcnNhLWR2LnNzbC5jb22CGnd3\n" + - "dy5yZXZva2VkLXJzYS1kdi5zc2wuY29tMFEGA1UdIARKMEgwCAYGZ4EMAQIBMDwG\n" + - "DCsGAQQBgqkwAQMBATAsMCoGCCsGAQUFBwIBFh5odHRwczovL3d3dy5zc2wuY29t\n" + - "L3JlcG9zaXRvcnkwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMDoGA1Ud\n" + - "HwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmxzLnNzbC5jb20vU1NMY29tUlNBU1NMc3Vi\n" + - "Q0EuY3JsMB0GA1UdDgQWBBSTrHG0Sh+8BEp+oP+avIGAtSdyajAOBgNVHQ8BAf8E\n" + - "BAMCBaAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2AESUZS6w7s6vxEAH2Kj+\n" + - "KMDa5oK+2MsxtT/TM5a1toGoAAABa554kQsAAAQDAEcwRQIhAIfU+5HWDnqZdlMN\n" + - "Z+CEkBE8wBFUWzG0ixSQ5S1Tryt4AiAQevLU7OF3N90zIt2QpwVAIGve5lBElhMH\n" + - "fRqXTkeZZwB2AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABa554\n" + - "jJQAAAQDAEcwRQIhAPd8mNiDFHA74Bl16nwOPehQZmiFltzCYDsd0uHv5qCfAiB+\n" + - "S43G7Yhq62Ofma6wXsag+UEl/tttzfbfASGz1WPBOQB2AKS5CZC0GFgUh7sTosxn\n" + - "cAo8NZgE+RvfuON3zQ7IDdwQAAABa554kDoAAAQDAEcwRQIgUs8O4gQ34Sp0K4Dn\n" + - "Wh7FRFJWwZ6cGYvqmKT+UyCeVisCIQDl0AYXsn4ILMafvmJwnXlcduZ3z6P0jwGK\n" + - "Cjh26ETDFzANBgkqhkiG9w0BAQsFAAOCAgEAAtTlh2YMwe6E0+EWKU3H79NmgLjK\n" + - "xoR3VtT56ILRt0qJuJ+z1iqq/IxZBe7wnUUWU46SWmBfDEQcGI7Hdomr67QBZNZz\n" + - "+wvnatMzrCPM7jPsb05Motz99NSk6yzQzR2c030sy1d78mRKJ/4wpidNDHpjuYL9\n" + - "cBp2gKf2/RxU74+BhugCjLqB1gojGO0CT1/g5a1QMtqRMM0EPrJrrtcEM0zG48yI\n" + - "P3b57Nl2ZbshRvY9bVi3of2SaPFQgu99/zAlerPUThz4O2CskOgKt77y6KOgCbBp\n" + - "7fQF6vh/aOm0Xba2Z0CtB+uVN2g4+LwyuovOy+JyjGKv7GxRKEQmGZsRLDVpxOs5\n" + - "W47K+iuOEhTRWRkStfuk2LcCLwTrgxHv2/Wo+80ME/7wxGKs1IzlkcFtFLhaeN4p\n" + - "QsmADpcyBfeWmvTdKgaVBOE2F/nenIiKpo+0jcoMAW6JgMD+otn8gofBq+Za1N4X\n" + - "xckvLWbMDAj4lELBHXu7gLHHLJCL9GGPD5HKjH/RyLtKKaRgT/AV6jl/woKTAzGF\n" + - "SPqgNQsu+sCdUbO0nDONkXDxhfan8XNrd32KMPGucJySiyjpHkurobMuGbs/LQzd\n" + - "JLTSTIIIPpEHBk7PHRGPSFewIhi0aDhupgZLU9UGrLRw/xV/KlGqTcGFWBvvOC+I\n" + - "CSZFRr0hWBv/dfw=\n" + - "-----END CERTIFICATE-----"; - - public void runTest(ValidatePathWithParams pathValidator, boolean ocspEnabled) throws Exception { - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, - "Fri Jun 28 07:25:02 PDT 2019", System.out); - } -} - -class SSLCA_EV_RSA { - - // Owner: CN=SSL.com EV SSL Intermediate CA RSA R3, O=SSL Corp, L=Houston, ST=Texas, C=US - // Issuer: CN=SSL.com EV Root Certification Authority RSA R2, O=SSL Corporation, L=Houston, ST=Texas, C=US - // Serial number: 56b629cd34bc78f6 - // Valid from: Wed May 31 11:14:37 PDT 2017 until: Fri May 30 11:14:37 PDT 2042 - private static final String INT = "-----BEGIN CERTIFICATE-----\n" + - "MIIG4DCCBMigAwIBAgIQA6P00GAwUqM3zjgKiDAxjDANBgkqhkiG9w0BAQsFADCB\n" + - "gjELMAkGA1UEBhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9u\n" + - "MRgwFgYDVQQKDA9TU0wgQ29ycG9yYXRpb24xNzA1BgNVBAMMLlNTTC5jb20gRVYg\n" + - "Um9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSBSU0EgUjIwHhcNMTkwMzI2MTc0\n" + - "NjUzWhcNMzQwMzIyMTc0NjUzWjByMQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4\n" + - "YXMxEDAOBgNVBAcMB0hvdXN0b24xETAPBgNVBAoMCFNTTCBDb3JwMS4wLAYDVQQD\n" + - "DCVTU0wuY29tIEVWIFNTTCBJbnRlcm1lZGlhdGUgQ0EgUlNBIFIzMIICIjANBgkq\n" + - "hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAkby+CNUTyO0wakMc6VeJxQLGcTtfwJG6\n" + - "W9MYhMBWW22YUMtfCL7at/ey89eCc0cNy9uekJqitJe78Ion5qHBLfSpahYWttzr\n" + - "LflXkdlPz6xsZuw7F/tp6oYrcUpRIX92ci0EhORtb5xoX7rwzrBnG2Jv7fPn8JGj\n" + - "wmvYPS0meVkuKGtdR/s3dkl0tDraq2xti8cN7W9VawzLDL9yNyEw2GWAp3M5Uqex\n" + - "Yjh9HY5w/4bgk7K0KSw+2njaXCEa2MugM6txHDKjocVFBe7G8JPMKkCcbbrgZo/q\n" + - "ygTnIY8q7B1XQG2wrdsu4LTo9ijIYmoZHBAKN/XCdPecQYF9cHrv6NjVUcMrNmHT\n" + - "B43NrIvrXmm3lZJU4PZNUhb7YrDtpN+rV6zSaKAu/EArGDzYv8iHKT2E+wjhwqOC\n" + - "WnXv1qSa//xvN6RSoDMpj7q7iTxfdrQqRFsr70hyPrUmnoJLrBBg1+IqFTkaNtuk\n" + - "misP4Bd0zeqkEuxYCmhKcCTM2iS9RMCIot5HI5qeAcVs63WzM+ax0zbHK1F9AIOG\n" + - "gwrVRrdwXRSXO4TlvamsL6klJMnjSCs7E1l8xeE403nZPp4RGr5ZQFrhfdG9nL7w\n" + - "66osGX+dGHGZkFjASS3Bw0RCiz4oCJxFGE+FAD7pJaV8GP6XTkaZp9n1ooYzCC48\n" + - "vq0OtfRS62MCAwEAAaOCAV8wggFbMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0j\n" + - "BBgwFoAU+WC71OPVNPa49QaAJadz20ZpqJ4wfAYIKwYBBQUHAQEEcDBuMEoGCCsG\n" + - "AQUFBzAChj5odHRwOi8vd3d3LnNzbC5jb20vcmVwb3NpdG9yeS9TU0xjb20tUm9v\n" + - "dENBLUVWLVJTQS00MDk2LVIyLmNydDAgBggrBgEFBQcwAYYUaHR0cDovL29jc3Bz\n" + - "LnNzbC5jb20wEQYDVR0gBAowCDAGBgRVHSAAMB0GA1UdJQQWMBQGCCsGAQUFBwMC\n" + - "BggrBgEFBQcDATBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY3Jscy5zc2wuY29t\n" + - "L1NTTGNvbS1Sb290Q0EtRVYtUlNBLTQwOTYtUjIuY3JsMB0GA1UdDgQWBBS/wVqH\n" + - "/yj6QT39t0/kHa+gYVgpvTAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQAD\n" + - "ggIBAAoTAGRea1Lg+Rlvnhj6lHbvhn9mjUlXZuI1b4d4jDDk5X29gNKhW7Rg97Qt\n" + - "oBoJaLb9gZkJ2MkUbCE1x2jIghjLmmFvaIq+nAZEMtWWEi0ycqQm8rVUHioZ2Mfn\n" + - "2SoFtQeY+5MFLO9l8IeDaNZ+LV3su8YTsh/453vExhiNhPVEqLyGlkkW0B2gNW8z\n" + - "bsRy6L5QW0cZ4gZrY86MvHB0Gl299mTJ4jcgic+Oalbz9SZJ+EiW/aUDSpZ2zawi\n" + - "ackPWmAbk0y0gouOymrwOJZTuq+AJEJ6M+WSVdknwE7YwDpVMszHXS38BS1A5N1i\n" + - "rzW3BcARHbtCb00vEy2mzW5JPM2LjkzfgJ0lBiyDCE3ZeBeUtKmcdFUFrHwHl3gV\n" + - "aRipD+xMa1hGOTh33eMzwWoRxvk6o7y73Sy6XBfycN+8LhXUZT0X8STmWtBtLSMp\n" + - "blWMjuuFyUVQvIj05N7hORY/LhdQhEx8kVwS5RkLVSpRnohdk+nI69yIA7EwZKlw\n" + - "kKEsDqlVOeDYWVWQANDC55kJ7nOyJbqtGJqImwWXdQcf37fi80cf+mKOYs5vNmkx\n" + - "D9bwFWsKnP71x0liSlv8z79vRAo8FJwTgXRNO1c0ACf0rXEJy3GRAXRWiTvuGahR\n" + - "JVM3Jnn0G6o3+vTfwa7CKR/9Jc4t25iRU3xmSgiusg4u8i5x\n" + - "-----END CERTIFICATE-----"; - - // Owner: OID.1.3.6.1.4.1.311.60.2.1.3=US, OID.1.3.6.1.4.1.311.60.2.1.2=Nevada, STREET=3100 Richmond Ave, - // OID.2.5.4.15=Private Organization, OID.2.5.4.17=77098, CN=test-ev-rsa.ssl.com, SERIALNUMBER=NV20081614243, - // O=SSL Corp, L=Houston, ST=Texas, C=US - // Issuer: CN=SSL.com EV SSL Intermediate CA RSA R3, O=SSL Corp, L=Houston, ST=Texas, C=US - // Serial number: 558089b221d7cd9c7a4bc4a7fd7e2969 - // Valid from: Mon Jul 01 13:28:01 PDT 2019 until: Wed Jun 30 13:28:01 PDT 2021 - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIISTCCBjGgAwIBAgIQVYCJsiHXzZx6S8Sn/X4paTANBgkqhkiG9w0BAQsFADBy\n" + - "MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24x\n" + - "ETAPBgNVBAoMCFNTTCBDb3JwMS4wLAYDVQQDDCVTU0wuY29tIEVWIFNTTCBJbnRl\n" + - "cm1lZGlhdGUgQ0EgUlNBIFIzMB4XDTE5MDcwMTIwMjgwMVoXDTIxMDYzMDIwMjgw\n" + - "MVowgfExCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91\n" + - "c3RvbjERMA8GA1UECgwIU1NMIENvcnAxFjAUBgNVBAUTDU5WMjAwODE2MTQyNDMx\n" + - "HDAaBgNVBAMME3Rlc3QtZXYtcnNhLnNzbC5jb20xDjAMBgNVBBEMBTc3MDk4MR0w\n" + - "GwYDVQQPDBRQcml2YXRlIE9yZ2FuaXphdGlvbjEaMBgGA1UECQwRMzEwMCBSaWNo\n" + - "bW9uZCBBdmUxFzAVBgsrBgEEAYI3PAIBAgwGTmV2YWRhMRMwEQYLKwYBBAGCNzwC\n" + - "AQMTAlVTMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmMOHfREGN48\n" + - "nlgxYiF0EJsytoM98UAslRRlGHJyZw3SLcPx9u/I82h0KKjLtnY3/o62mCoEZYlc\n" + - "1UKKEIi3NgByU8yJ0yynm3I0LJHEZqOKoahtzwP787/OtqsSsWeblrTnfxVO7G1J\n" + - "bPYrPtNuQ9ZnmByyhA+hlTIY48kJh5WtmBeftBSynuKCgpVnkv2y2LKZJc4t6JQX\n" + - "XO6Geev8LPUd2uPVjatZv0se2YKdixFQQKwWcLJV5LZqjZDhZtPomCN0sp+wle4p\n" + - "rRTZPSWRB98mI1X+UBTFGFKS9cxzO2NwmVcbgN2WYR+FpWbatoS/RThGC7mKQB7i\n" + - "5BEQHNZMawIDAQABo4IDWTCCA1UwHwYDVR0jBBgwFoAUv8Fah/8o+kE9/bdP5B2v\n" + - "oGFYKb0wfwYIKwYBBQUHAQEEczBxME0GCCsGAQUFBzAChkFodHRwOi8vd3d3LnNz\n" + - "bC5jb20vcmVwb3NpdG9yeS9TU0xjb20tU3ViQ0EtRVYtU1NMLVJTQS00MDk2LVIz\n" + - "LmNydDAgBggrBgEFBQcwAYYUaHR0cDovL29jc3BzLnNzbC5jb20wNwYDVR0RBDAw\n" + - "LoITdGVzdC1ldi1yc2Euc3NsLmNvbYIXd3d3LnRlc3QtZXYtcnNhLnNzbC5jb20w\n" + - "XwYDVR0gBFgwVjAHBgVngQwBATANBgsqhGgBhvZ3AgUBATA8BgwrBgEEAYKpMAED\n" + - "AQQwLDAqBggrBgEFBQcCARYeaHR0cHM6Ly93d3cuc3NsLmNvbS9yZXBvc2l0b3J5\n" + - "MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBIBgNVHR8EQTA/MD2gO6A5\n" + - "hjdodHRwOi8vY3Jscy5zc2wuY29tL1NTTGNvbS1TdWJDQS1FVi1TU0wtUlNBLTQw\n" + - "OTYtUjMuY3JsMB0GA1UdDgQWBBTIDVTF3DDhdwudatuodPyHe1jcOzAOBgNVHQ8B\n" + - "Af8EBAMCBaAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB1AG9Tdqwx8DEZ2JkA\n" + - "pFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABa69CQcUAAAQDAEYwRAIgEYzpfp8v+gG3\n" + - "S9cgZIuFCKPeoSM85gag8/iBJhNIb9oCIDcq+2Pi8+E3LAVmZfgcMhg30t821LNn\n" + - "PWATU5+gAmmzAHUAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFr\n" + - "r0JCCQAABAMARjBEAiAzeyNw/2osk+xktY8VpFTsROj7jRODS2G3G2MDV6ZmMwIg\n" + - "bwuFbNxSEqUfKhveZJVVLYzZtzXcjkhflaazupumZrkAdwC72d+8H4pxtZOUI5eq\n" + - "kntHOFeVCqtS6BqQlmQ2jh7RhQAAAWuvQkGUAAAEAwBIMEYCIQCEfoPIKoy0Rv/d\n" + - "DXOVm0FzKDH2zWHN/oQZ/7gwd21hvAIhAL2gDESf+tcjCkbjdj9NpDa/fVWO9VZD\n" + - "uPPnAZ6jf2G3MA0GCSqGSIb3DQEBCwUAA4ICAQAcYH/+o9N0E3H9h0GfohGElfRw\n" + - "XPUnQI3/CZwuG0ShCbpVspvUkuR/P0Hjr9XgDVy39R9SOaEDK3/coG8/Ry56Lrm0\n" + - "17v+yeEzAVK51eQeinHoCYc9TIwmyrwt36JE/zIwnDB623Y4ccxYN5LZxjVx668/\n" + - "xj3JffaY5185qPjAqkjLUzj9TeeAJk/ws1YXbQJvO4CZV2QXrishC+dEoqvfOe/u\n" + - "sMHcMJy+cFrPhe4cC7s9fHeYTpF36yvfWrgjGwDki/9zgRhOvDuM72dIMkrcHkZi\n" + - "OvZMgyoXz/Nw3D514K9BSt6xRB2qGzI8fx0EOGzEEjX1Zdie2uVDy9aC8k8TjQAM\n" + - "v/YT7Bggpv300hWvBGw0QT8l7Nk1PZFBagAhqRCKRsR1pUZ8CyZzwNkNyUSYV4Or\n" + - "n0vYwVEgpMeSMu/ObWwWPM7QKSNcSSIV5lxmsZX+wS76OpDMHm27P94RTEePF4sG\n" + - "QmvY6hgHSlREJUL0vyGGY2Rbm3cL3zaM4qTquN18v61uUVKakELYIcRZwVTyBj5M\n" + - "KxOkjGXnLYpDOLFHD4WB1q7J+SorG43V+nbmTEN5fshGUjjWoz5ykfErnyJa1+Py\n" + - "FXWoPFb425DelhuDe94btROuJELRfzhqDXoKrhDgSQGV2qM3sk6uIPOaoH4N31ko\n" + - "C41bezSdJ5r4mif8iA==\n" + - "-----END CERTIFICATE-----"; - - // Owner: OID.1.3.6.1.4.1.311.60.2.1.3=US, OID.1.3.6.1.4.1.311.60.2.1.2=Nevada, STREET=3100 Richmond Ave, - // OID.2.5.4.15=Private Organization, OID.2.5.4.17=77098, CN=revoked-rsa-ev.ssl.com, SERIALNUMBER=NV20081614243, - // O=SSL Corp, L=Houston, ST=Texas, C=US - // Issuer: CN=SSL.com EV SSL Intermediate CA RSA R3, O=SSL Corp, L=Houston, ST=Texas, C=US - // Serial number: 1ea7f53492bded2d425135bdf525889f - // Valid from: Mon Jul 01 13:29:02 PDT 2019 until: Wed Jun 30 13:29:02 PDT 2021 - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIIUzCCBjugAwIBAgIQHqf1NJK97S1CUTW99SWInzANBgkqhkiG9w0BAQsFADBy\n" + - "MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24x\n" + - "ETAPBgNVBAoMCFNTTCBDb3JwMS4wLAYDVQQDDCVTU0wuY29tIEVWIFNTTCBJbnRl\n" + - "cm1lZGlhdGUgQ0EgUlNBIFIzMB4XDTE5MDcwMTIwMjkwMloXDTIxMDYzMDIwMjkw\n" + - "MlowgfQxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91\n" + - "c3RvbjERMA8GA1UECgwIU1NMIENvcnAxFjAUBgNVBAUTDU5WMjAwODE2MTQyNDMx\n" + - "HzAdBgNVBAMMFnJldm9rZWQtcnNhLWV2LnNzbC5jb20xDjAMBgNVBBEMBTc3MDk4\n" + - "MR0wGwYDVQQPDBRQcml2YXRlIE9yZ2FuaXphdGlvbjEaMBgGA1UECQwRMzEwMCBS\n" + - "aWNobW9uZCBBdmUxFzAVBgsrBgEEAYI3PAIBAgwGTmV2YWRhMRMwEQYLKwYBBAGC\n" + - "NzwCAQMTAlVTMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqZwW2n7\n" + - "Ot8ujRGyCkzf/FqkiIi6+mq7QXlBMsZVNmLcWzatoS9K8WOviU+lmYpdV3rkrX1v\n" + - "e/FZBwtBR/x1FRN3CPoGcO0Yu6CZjknHtyyNQ36mwUy7UW+rQKYjDfU4aXme4bP8\n" + - "Dk2rUYQtM/xpYHKDk9x7Vg4zAmk+L0LQmSU0103DRuANnxOszEK196UbLE4W+2+i\n" + - "Xat40jHW3KU2PxVfCajgB1mdrDt2b5j/qDAL+Wo2DzCtE62UPJvI6UyEqJ24jinS\n" + - "A4l4NgkMPDMWNU5QIkV/EhQvZMUKCvNUv+Gsq8pcOeDXxKpBIe/KoQSMH18mym1U\n" + - "vIaTjAzDDsWjqwIDAQABo4IDYDCCA1wwHwYDVR0jBBgwFoAUv8Fah/8o+kE9/bdP\n" + - "5B2voGFYKb0wfwYIKwYBBQUHAQEEczBxME0GCCsGAQUFBzAChkFodHRwOi8vd3d3\n" + - "LnNzbC5jb20vcmVwb3NpdG9yeS9TU0xjb20tU3ViQ0EtRVYtU1NMLVJTQS00MDk2\n" + - "LVIzLmNydDAgBggrBgEFBQcwAYYUaHR0cDovL29jc3BzLnNzbC5jb20wPQYDVR0R\n" + - "BDYwNIIWcmV2b2tlZC1yc2EtZXYuc3NsLmNvbYIad3d3LnJldm9rZWQtcnNhLWV2\n" + - "LnNzbC5jb20wXwYDVR0gBFgwVjAHBgVngQwBATANBgsqhGgBhvZ3AgUBATA8Bgwr\n" + - "BgEEAYKpMAEDAQQwLDAqBggrBgEFBQcCARYeaHR0cHM6Ly93d3cuc3NsLmNvbS9y\n" + - "ZXBvc2l0b3J5MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBIBgNVHR8E\n" + - "QTA/MD2gO6A5hjdodHRwOi8vY3Jscy5zc2wuY29tL1NTTGNvbS1TdWJDQS1FVi1T\n" + - "U0wtUlNBLTQwOTYtUjMuY3JsMB0GA1UdDgQWBBQnclOL04VraXmRZEkhwgMbajmy\n" + - "YTAOBgNVHQ8BAf8EBAMCBaAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB3AG9T\n" + - "dqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABa69DLjEAAAQDAEgwRgIh\n" + - "AMd3B9Gt/hpTCZ+2xsOTTKBaDjh+EsMcKuwZkEpO6UN0AiEA8yiZ9ZIrCOUxsdQp\n" + - "FJi+MtsNQxvgu8igdv+l34jHZA0AdgCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDB\n" + - "tOr/XqCDDwAAAWuvQy52AAAEAwBHMEUCIQCFPALMZd6xk4NgYuTXoJGo/FRX0Wub\n" + - "VWSgTZQwld5fTQIgDDp8vajs+7R7XyKOv41xP26NQ3zR4EegwOGeb0paiIIAdQC7\n" + - "2d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAWuvQy4MAAAEAwBGMEQC\n" + - "IGFiEQ8fMrjm1bV/mbT35bvJWf4mUbb92/NkHkQvHcaQAiBcS4CclZmzQLj4w6CV\n" + - "JsLf1P6+OhCDtvxWZdndGwJRczANBgkqhkiG9w0BAQsFAAOCAgEAFwE/RMAk871D\n" + - "acLlB0Jb29+WBmCgIu1pA+bh5/lMxn5KoPxkbHPFVHlfenDgZHUNU6DKH4HdCUG7\n" + - "GSAyajLiYRkcrDtBfp5MtNUAqnOJbh2NWiJ3FgSdAjfeSXPhhGfQ3U+0YCWarBfO\n" + - "xZ49eyhTzhHMoW+caJV3jC442Ebzh2X243MwcxqIkjgzWs6duiHnpHfT9gZBl3ou\n" + - "eu85LVFwzxNdrrAx1yG9PA05wCsYYlzwx7fC8ycfbvs+2ORIztiEScyr9VCg5sho\n" + - "YGuBFuP38sWRwiV5K7+EqpGjY+4R3BLWol7lzWsqWJC1J4zkd6Df5reSGBt0wlbx\n" + - "7MdUTXzHMtP8NDIYpdMBrPbkzOKIDzO6bDMsBWWFz7rWCmxUI6sSf0yknPtmBgCd\n" + - "rJAq25V/DqSRGrkaY4Dx1CPGtwYN34fCDLxKeN69rG5mkR2w7HRR5eMXek6oi3Pr\n" + - "hQrKt5NgrYjO6HJ6ABI5xoDM9doXy9BYbz5RX43RTU399aIqyXZh0d3W0rr7wggt\n" + - "+PFRU1OJqhpPQgKsB5zFT3G2HgVBD0hawHS+0Hu+CHpngiDziH+eyvTk3tdhIq2x\n" + - "oDZXs7SSZK6hf/im+7OFSkROy6CwhAn3nxRI9lpag1tTgF4kVSctBv+301ev0twX\n" + - "0w6RymKcvEbcuSDHkzOYWxc1cqwOxjA=\n" + - "-----END CERTIFICATE-----"; - - public void runTest(ValidatePathWithParams pathValidator, boolean ocspEnabled) throws Exception { - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, - "Mon Jul 01 20:53:13 PDT 2019", System.out); - } -} - -class SSLCA_ECC { - - // Owner: CN=SSL.com SSL Intermediate CA ECC R2, O=SSL Corp, L=Houston, ST=Texas, C=US - // Issuer: CN=SSL.com Root Certification Authority ECC, O=SSL Corporation, L=Houston, ST=Texas, C=US - // Serial number: 75e6dfcbc1685ba8 - // Valid from: Fri Feb 12 10:14:03 PST 2016 until: Tue Feb 12 10:14:03 PST 2041 - private static final String INT = "-----BEGIN CERTIFICATE-----\n" + - "MIIDejCCAv+gAwIBAgIQHNcSEt4VENkSgtozEEoQLzAKBggqhkjOPQQDAzB8MQsw\n" + - "CQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24xGDAW\n" + - "BgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBSb290IENl\n" + - "cnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzAeFw0xOTAzMDcxOTQyNDJaFw0zNDAz\n" + - "MDMxOTQyNDJaMG8xCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UE\n" + - "BwwHSG91c3RvbjERMA8GA1UECgwIU1NMIENvcnAxKzApBgNVBAMMIlNTTC5jb20g\n" + - "U1NMIEludGVybWVkaWF0ZSBDQSBFQ0MgUjIwdjAQBgcqhkjOPQIBBgUrgQQAIgNi\n" + - "AASEOWn30uEYKDLFu4sCjFQ1VupFaeMtQjqVWyWSA7+KFljnsVaFQ2hgs4cQk1f/\n" + - "RQ2INSwdVCYU0i5qsbom20rigUhDh9dM/r6bEZ75eFE899kSCI14xqThYVLPdLEl\n" + - "+dyjggFRMIIBTTASBgNVHRMBAf8ECDAGAQH/AgEAMB8GA1UdIwQYMBaAFILRhXMw\n" + - "5zUE044CkvvlpNHEIejNMHgGCCsGAQUFBwEBBGwwajBGBggrBgEFBQcwAoY6aHR0\n" + - "cDovL3d3dy5zc2wuY29tL3JlcG9zaXRvcnkvU1NMY29tLVJvb3RDQS1FQ0MtMzg0\n" + - "LVIxLmNydDAgBggrBgEFBQcwAYYUaHR0cDovL29jc3BzLnNzbC5jb20wEQYDVR0g\n" + - "BAowCDAGBgRVHSAAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATA7BgNV\n" + - "HR8ENDAyMDCgLqAshipodHRwOi8vY3Jscy5zc2wuY29tL3NzbC5jb20tZWNjLVJv\n" + - "b3RDQS5jcmwwHQYDVR0OBBYEFA10Zgpen+Is7NXCXSUEf3Uyuv99MA4GA1UdDwEB\n" + - "/wQEAwIBhjAKBggqhkjOPQQDAwNpADBmAjEAxYt6Ylk/N8Fch/3fgKYKwI5A011Q\n" + - "MKW0h3F9JW/NX/F7oYtWrxljheH8n2BrkDybAjEAlCxkLE0vQTYcFzrR24oogyw6\n" + - "VkgTm92+jiqJTO5SSA9QUa092S5cTKiHkH2cOM6m\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=test-dv-ecc.ssl.com - // Issuer: CN=SSL.com SSL Intermediate CA ECC R2, O=SSL Corp, L=Houston, ST=Texas, C=US - // Serial number: 1bfbd8e4bea894f3d1887c50e7d366d7 - // Valid from: Fri Jun 28 06:58:27 PDT 2019 until: Sun Jun 27 06:58:27 PDT 2021 - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIE9TCCBHqgAwIBAgIQG/vY5L6olPPRiHxQ59Nm1zAKBggqhkjOPQQDAzBvMQsw\n" + - "CQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24xETAP\n" + - "BgNVBAoMCFNTTCBDb3JwMSswKQYDVQQDDCJTU0wuY29tIFNTTCBJbnRlcm1lZGlh\n" + - "dGUgQ0EgRUNDIFIyMB4XDTE5MDYyODEzNTgyN1oXDTIxMDYyNzEzNTgyN1owHjEc\n" + - "MBoGA1UEAwwTdGVzdC1kdi1lY2Muc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49\n" + - "AwEHA0IABJ5u0b8BID+8+TKxn+os0rdwvWB7mUJ4lcCthTADMhnr1VUWBbmBEelB\n" + - "666WbvbVXooPMUbhE5JvhXCTDyI7RRmjggNHMIIDQzAfBgNVHSMEGDAWgBQNdGYK\n" + - "Xp/iLOzVwl0lBH91Mrr/fTB7BggrBgEFBQcBAQRvMG0wSQYIKwYBBQUHMAKGPWh0\n" + - "dHA6Ly93d3cuc3NsLmNvbS9yZXBvc2l0b3J5L1NTTGNvbS1TdWJDQS1TU0wtRUND\n" + - "LTM4NC1SMi5jcnQwIAYIKwYBBQUHMAGGFGh0dHA6Ly9vY3Nwcy5zc2wuY29tMDcG\n" + - "A1UdEQQwMC6CE3Rlc3QtZHYtZWNjLnNzbC5jb22CF3d3dy50ZXN0LWR2LWVjYy5z\n" + - "c2wuY29tMFEGA1UdIARKMEgwCAYGZ4EMAQIBMDwGDCsGAQQBgqkwAQMBATAsMCoG\n" + - "CCsGAQUFBwIBFh5odHRwczovL3d3dy5zc2wuY29tL3JlcG9zaXRvcnkwHQYDVR0l\n" + - "BBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA6\n" + - "Ly9jcmxzLnNzbC5jb20vU1NMY29tLVN1YkNBLVNTTC1FQ0MtMzg0LVIyLmNybDAd\n" + - "BgNVHQ4EFgQUGCTbprTbVmmNOgJjUgiHonbu8b8wDgYDVR0PAQH/BAQDAgeAMIIB\n" + - "gQYKKwYBBAHWeQIEAgSCAXEEggFtAWsAdwCHdb/nWXz4jEOZX73zbv9WjUdWNv9K\n" + - "tWDBtOr/XqCDDwAAAWueaoEnAAAEAwBIMEYCIQCdy3N9w0pem1XShE/rkVSpHxQb\n" + - "8QdUu3E6R+oncxOGXgIhAJoWg2gJYc9DWDl5ImnrqsmVS6OPgSQRvDsjRIN9gH7a\n" + - "AHcAu9nfvB+KcbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFrnmqArQAABAMA\n" + - "SDBGAiEAs2yfi9e1h6dTQbe4WPd7+5qf7kvP7Vr2k0nAtBS1IgECIQCQYL9he9J4\n" + - "Bh5cpQezTVPgLAOGcf5xIcCrBs1QJe66/AB3AFWB1MIWkDYBSuoLm1c8U/DA5Dh4\n" + - "cCUIFy+jqh0HE9MMAAABa55qgaEAAAQDAEgwRgIhAI/27txsvzpbBXkMICi/UOzE\n" + - "t8uZidbF9KSwmGRPT/6gAiEAhm/VeWHDeWK8gFMU+f0/x4jK7UbzySGBvPzbPpNd\n" + - "EDwwCgYIKoZIzj0EAwMDaQAwZgIxAJKn8Hr68Z/2rA+VHfZo8eeIFaZ3nvSvQO92\n" + - "1Byl6cPAm8DsdCnYT16uNSL8Zb5IQAIxAOFLsqPDCSAYkpgutAnVgwI+c549SIRU\n" + - "k8ol+wUx6zgMmt8VHYagyj6IO0GRDjm/eA==\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=revoked-ecc-dv.ssl.com - // Issuer: CN=SSL.com SSL Intermediate CA ECC R2, O=SSL Corp, L=Houston, ST=Texas, C=US - // Serial number: 423c2b57dfa379d0c45ffceb6284ed99 - // Valid from: Fri Jun 28 07:09:30 PDT 2019 until: Sun Jun 27 07:09:30 PDT 2021 - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIE+TCCBH+gAwIBAgIQQjwrV9+jedDEX/zrYoTtmTAKBggqhkjOPQQDAzBvMQsw\n" + - "CQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24xETAP\n" + - "BgNVBAoMCFNTTCBDb3JwMSswKQYDVQQDDCJTU0wuY29tIFNTTCBJbnRlcm1lZGlh\n" + - "dGUgQ0EgRUNDIFIyMB4XDTE5MDYyODE0MDkzMFoXDTIxMDYyNzE0MDkzMFowITEf\n" + - "MB0GA1UEAwwWcmV2b2tlZC1lY2MtZHYuc3NsLmNvbTBZMBMGByqGSM49AgEGCCqG\n" + - "SM49AwEHA0IABH4nWtnAwPIdcQOSNI72IJJ/I1ZL2XQUAfa3ox5taFQQAalng6N9\n" + - "Od9t9de1vIMDzUvs5sMWw4YrqAlywFKMraajggNJMIIDRTAfBgNVHSMEGDAWgBQN\n" + - "dGYKXp/iLOzVwl0lBH91Mrr/fTB7BggrBgEFBQcBAQRvMG0wSQYIKwYBBQUHMAKG\n" + - "PWh0dHA6Ly93d3cuc3NsLmNvbS9yZXBvc2l0b3J5L1NTTGNvbS1TdWJDQS1TU0wt\n" + - "RUNDLTM4NC1SMi5jcnQwIAYIKwYBBQUHMAGGFGh0dHA6Ly9vY3Nwcy5zc2wuY29t\n" + - "MD0GA1UdEQQ2MDSCFnJldm9rZWQtZWNjLWR2LnNzbC5jb22CGnd3dy5yZXZva2Vk\n" + - "LWVjYy1kdi5zc2wuY29tMFEGA1UdIARKMEgwCAYGZ4EMAQIBMDwGDCsGAQQBgqkw\n" + - "AQMBATAsMCoGCCsGAQUFBwIBFh5odHRwczovL3d3dy5zc2wuY29tL3JlcG9zaXRv\n" + - "cnkwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMEQGA1UdHwQ9MDswOaA3\n" + - "oDWGM2h0dHA6Ly9jcmxzLnNzbC5jb20vU1NMY29tLVN1YkNBLVNTTC1FQ0MtMzg0\n" + - "LVIyLmNybDAdBgNVHQ4EFgQUY7q+xN9nV1nPQ/dJ5rUC8OKgaoMwDgYDVR0PAQH/\n" + - "BAQDAgeAMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdQBElGUusO7Or8RAB9io\n" + - "/ijA2uaCvtjLMbU/0zOWtbaBqAAAAWuedJ/tAAAEAwBGMEQCIGPBF546Tn/lzB22\n" + - "ICpFLOWOIyIOPwL9S4ikS8Vt1aFTAiBe8mp/WCJnV7WxMIVWEUSLVOYn7erwyu6D\n" + - "hWNIST4W8wB2AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABa550\n" + - "oQEAAAQDAEcwRQIhAJ3nwLI7kLP2SKicFKuJoqRYKE/FR2Ff65WL+iWxm/6nAiAJ\n" + - "cd9EKnBETwM9qQfKoSSs2oTQL4QjSKJZi/sPfKQaagB2ALvZ37wfinG1k5Qjl6qS\n" + - "e0c4V5UKq1LoGpCWZDaOHtGFAAABa550oH4AAAQDAEcwRQIhAIo6k5BMSFN3FnD4\n" + - "UFbyJJG/Bujh+OFTYzVM8vuIBoU0AiAhBe+air4wHvd68ykK6xOPv9Qshje9F6LC\n" + - "gxTqbMOEkDAKBggqhkjOPQQDAwNoADBlAjEAyayBtbcCQB0fE+cCc7OHLuNvb9tl\n" + - "uiHWy/Ika6IA72WJLLmED971ik08OMa2mGt4AjAklxdElQ5Z/nSeJ2CNEwD7pcYz\n" + - "468kkrMoGU2lk3QmwcXZscPIoh4Pwew6QteY4J0=\n" + - "-----END CERTIFICATE-----"; - - public void runTest(ValidatePathWithParams pathValidator, boolean ocspEnabled) throws Exception { - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, - "Fri Jun 28 07:59:20 PDT 2019", System.out); - } -} diff --git a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/TWCAGlobalCA.java b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/TWCAGlobalCA.java deleted file mode 100644 index 48c4d77a6ba..00000000000 --- a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/TWCAGlobalCA.java +++ /dev/null @@ -1,206 +0,0 @@ -/* - * Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -/* - * @test - * @bug 8305975 - * @summary Interoperability tests with TWCA Global Root CA from TAIWAN-CA - * @build ValidatePathWithParams - * @run main/othervm -Djava.security.debug=certpath TWCAGlobalCA OCSP - * @run main/othervm -Djava.security.debug=certpath TWCAGlobalCA CRL - */ - -/* - * Obtain TLS test artifacts for TWCA Global Root CA from: - * - * Valid TLS Certificates: - * https://evssldemo6.twca.com.tw - * - * Revoked TLS Certificates: - * https://evssldemo7.twca.com.tw - */ -public class TWCAGlobalCA { - - // Owner: CN=TWCA Global EVSSL Certification Authority, OU=Global EVSSL Sub-CA, O=TAIWAN-CA, C=TW - // Issuer: CN=TWCA Global Root CA, OU=Root CA, O=TAIWAN-CA, C=TW - // Serial number: 40013304f70000000000000cc042cd6d - // Valid from: Thu Aug 23 02:53:30 PDT 2012 until: Fri Aug 23 08:59:59 PDT 2030 - private static final String INT = "-----BEGIN CERTIFICATE-----\n" + - "MIIFdzCCA1+gAwIBAgIQQAEzBPcAAAAAAAAMwELNbTANBgkqhkiG9w0BAQsFADBR\n" + - "MQswCQYDVQQGEwJUVzESMBAGA1UEChMJVEFJV0FOLUNBMRAwDgYDVQQLEwdSb290\n" + - "IENBMRwwGgYDVQQDExNUV0NBIEdsb2JhbCBSb290IENBMB4XDTEyMDgyMzA5NTMz\n" + - "MFoXDTMwMDgyMzE1NTk1OVowczELMAkGA1UEBhMCVFcxEjAQBgNVBAoTCVRBSVdB\n" + - "Ti1DQTEcMBoGA1UECxMTR2xvYmFsIEVWU1NMIFN1Yi1DQTEyMDAGA1UEAxMpVFdD\n" + - "QSBHbG9iYWwgRVZTU0wgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEiMA0GCSqG\n" + - "SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7MIaeq4wMnTjA5C2LsR6HJUj6rZbs8Nmq\n" + - "sSqFoqu6LwjrMbzkAg274EL6913MQ6eOy6VUDRzqAfgBEYcwFofe/w8nC7Q6Nrzz\n" + - "xTkl9lovXLJIm0CI44Qk2IhiCkoYaPlIoqexqnm3Fc2QRdRNeLk2pU/s86DpGrwT\n" + - "BqRRRkziBlhcgo7K5Z9ihf+c82DT31iIUIi2nr0ES1eaRR7zpKrzJPZ8foNxRPwT\n" + - "2D0tJWQJ4hNzbFGSKsSzshdwQ/p4JP9AEjK2eeXXbEePt0/JarwBjO2Lwign38/g\n" + - "0ZiP3uE47bItxZhgXlnR5L/0bhJitE6U1xgVFbbrQnG2B2kZxVKxAgMBAAGjggEn\n" + - "MIIBIzAfBgNVHSMEGDAWgBRI283ejulJclqI6LHYPQezuWtmUDAdBgNVHQ4EFgQU\n" + - "br2hK87kwtUodFy92YxvBHIqBt4wDgYDVR0PAQH/BAQDAgEGMDgGA1UdIAQxMC8w\n" + - "LQYEVR0gADAlMCMGCCsGAQUFBwIBFhdodHRwOi8vd3d3LnR3Y2EuY29tLnR3LzBJ\n" + - "BgNVHR8EQjBAMD6gPKA6hjhodHRwOi8vUm9vdENBLnR3Y2EuY29tLnR3L1RXQ0FS\n" + - "Q0EvZ2xvYmFsX3Jldm9rZV80MDk2LmNybDASBgNVHRMBAf8ECDAGAQH/AgEAMDgG\n" + - "CCsGAQUFBwEBBCwwKjAoBggrBgEFBQcwAYYcaHR0cDovL1Jvb3RPY3NwLnR3Y2Eu\n" + - "Y29tLnR3LzANBgkqhkiG9w0BAQsFAAOCAgEAaOmLaZ2+WN2EtB6feuSV5KnL88ck\n" + - "I9jsUTB4YtKsv0ViORkeBMCQur5OoAgRE9VYdRVlWHN0zJAX232fdoZmnajl8gtj\n" + - "u0AOOyDDJ7Vlh38rDMRlX/u+MS2DFcsq5Vd3EMwJsWWFR9D3Dcey+Tu9uEmEdqeB\n" + - "+Erd4YjCeV9PyOW3SzPQ47RdW6XYmHArPh65/LcmSxTn/lxQy/NEBGGWqhm6s6n1\n" + - "49mPq4MtQcMLo/NBI+8jv7BVjnThbbEh2edHHxMNiAd5kLZFDCyJuFkoezjWL4AH\n" + - "ratXdoHtqvqtPoy97LyGrLrJeh+0hkO9u8QOt2gF7BEhNfid7o5dnsPRk+8l77Hn\n" + - "T1dvBs++M0r0QG4AWMSMj9uUn6rhl4FGTvAsyB1fA8p/xCLoIEetIpKRP3BD+ve2\n" + - "eYjWPorR/0W77iMTeoQEeuxDIxi2J/U9QLKKvzzqBy1TYrqqPe5YxqHLNAcfHZvo\n" + - "BTPPbtP0WAiXrJiELTYcqFXETvQcGw0XjoUZNvJE8RD7vssSNT17RKU8iBRX7CbL\n" + - "AB3T8gYykPMJTUqQSmdgEdVRBcqRMMdU+XRAEoU/Mz5oHAkm3ZNTDNwsEp2Dg1/b\n" + - "qzfPMhg4/3/YyWzGrzNeCSWZkjYImAzLCvN0D5rbdVHEmFIrEJt+igocGozroq5x\n" + - "DT5KhixlrqexzWE=\n" + - "-----END CERTIFICATE-----"; - - // Owner: OID.2.5.4.17=100, STREET="10F.,NO.85,Yanping S. Rd.,Taipei City 100,Taiwan (R.O.C)", - // SERIALNUMBER=70759028, OID.1.3.6.1.4.1.311.60.2.1.3=TW, OID.1.3.6.1.4.1.311.60.2.1.2=Taiwan, - // OID.1.3.6.1.4.1.311.60.2.1.1=Taipei, OID.2.5.4.15=Private Organization, - // CN=evssldemo6.twca.com.tw, O=TAIWAN-CA INC., L=Taipei, ST=Taiwan, C=TW - // Issuer: CN=TWCA Global EVSSL Certification Authority, OU=Global EVSSL Sub-CA, - // O=TAIWAN-CA, C=TW - // Serial number: 47e70000001258ff71d89af7f0353fef - // Valid from: Thu Mar 02 00:49:56 PST 2023 until: Sun Mar 31 08:59:59 PDT 2024 - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIH7zCCBtegAwIBAgIQR+cAAAASWP9x2Jr38DU/7zANBgkqhkiG9w0BAQsFADBz\n" + - "MQswCQYDVQQGEwJUVzESMBAGA1UEChMJVEFJV0FOLUNBMRwwGgYDVQQLExNHbG9i\n" + - "YWwgRVZTU0wgU3ViLUNBMTIwMAYDVQQDEylUV0NBIEdsb2JhbCBFVlNTTCBDZXJ0\n" + - "aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0yMzAzMDIwODQ5NTZaFw0yNDAzMzExNTU5\n" + - "NTlaMIIBMzELMAkGA1UEBhMCVFcxDzANBgNVBAgTBlRhaXdhbjEPMA0GA1UEBxMG\n" + - "VGFpcGVpMRcwFQYDVQQKEw5UQUlXQU4tQ0EgSU5DLjEfMB0GA1UEAxMWZXZzc2xk\n" + - "ZW1vNi50d2NhLmNvbS50dzEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24x\n" + - "FzAVBgsrBgEEAYI3PAIBARMGVGFpcGVpMRcwFQYLKwYBBAGCNzwCAQITBlRhaXdh\n" + - "bjETMBEGCysGAQQBgjc8AgEDEwJUVzERMA8GA1UEBRMINzA3NTkwMjgxQTA/BgNV\n" + - "BAkTODEwRi4sTk8uODUsWWFucGluZyBTLiBSZC4sVGFpcGVpIENpdHkgMTAwLFRh\n" + - "aXdhbiAoUi5PLkMpMQwwCgYDVQQREwMxMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB\n" + - "DwAwggEKAoIBAQDEgj/jtcAtGPkiBilLajzHIqfiAxpwwnKhdHwyOnqfcqur1p2R\n" + - "Cxl0Q8jYGmY8ZUq7716XnIGN3bn3Wu10BvmHi07h8f54/G/K7xBKjkasAh44zW1P\n" + - "hgdaxH0huRvoQOoSRCitew8YpMN4B++uOQ8yu2pWDGDdQHW4VaWt/e+QtZbQtp/b\n" + - "7vUWgcuhxDStj97B8Dcb5PY+sbLy6dfDiXnTaSpuWhjKmEcpknagGyn4uCFBSppZ\n" + - "/PYcTsg+Nk8Ae/SDMpc7XWBCjmxMG2GI0IVW4un9UOuElYgWVjMWnBAiGMDkVMEQ\n" + - "jLRxEYOh+NJ3izMyD/ufLrA/YwJMI1LgFcOJAgMBAAGjggO7MIIDtzAfBgNVHSME\n" + - "GDAWgBRuvaErzuTC1Sh0XL3ZjG8EcioG3jAdBgNVHQ4EFgQUg4msPcTFvDjwluRf\n" + - "inEn9qMC7OYwUwYDVR0fBEwwSjBIoEagRIZCaHR0cDovL3NzbHNlcnZlci50d2Nh\n" + - "LmNvbS50dy9zc2xzZXJ2ZXIvR2xvYmFsRVZTU0xfUmV2b2tlXzIwMTIuY3JsMCEG\n" + - "A1UdEQQaMBiCFmV2c3NsZGVtbzYudHdjYS5jb20udHcwfwYIKwYBBQUHAQEEczBx\n" + - "MEQGCCsGAQUFBzAChjhodHRwOi8vc3Nsc2VydmVyLnR3Y2EuY29tLnR3L2NhY2Vy\n" + - "dC9HbG9iYWxFdnNzbF8yMDEyLnA3YjApBggrBgEFBQcwAYYdaHR0cDovL2V2c3Ns\n" + - "b2NzcC50d2NhLmNvbS50dy8wSAYDVR0gBEEwPzA0BgwrBgEEAYK/JQEBFgMwJDAi\n" + - "BggrBgEFBQcCARYWaHR0cDovL3d3dy50d2NhLmNvbS50dzAHBgVngQwBATAJBgNV\n" + - "HRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB\n" + - "BQUHAwIwggH2BgorBgEEAdZ5AgQCBIIB5gSCAeIB4AB2AEiw42vapkc0D+VqAvqd\n" + - "MOscUgHLVt0sgdm7v6s52IRzAAABhqGDiCYAAAQDAEcwRQIgd7uqvHdSTSXqNPWs\n" + - "OQeCeT2vuKY3vj8jRcoJ9IIohqgCIQCtQfZ0lfZ1Y1GmwCTDc5NM++5mgp+ZpNWu\n" + - "F9OKsWoCPQB2AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABhqGD\n" + - "iJYAAAQDAEcwRQIgIHKa+XeYyDURUq9AVYEntGS5oJitKyWZjSOlpD+udZgCIQC/\n" + - "oVPtjJpcXP4OScYFsNWMPKUtZOO5mY5y7V65S84DrQB2ADtTd3U+LbmAToswWwb+\n" + - "QDtn2E/D9Me9AA0tcm/h+tQXAAABhqGDh8YAAAQDAEcwRQIgYT7aPr9YCtF5TCTp\n" + - "NICK9c5eiL6Ku/y9wM6ARgG2k1UCIQDomqlwGur+AMI4YIc1SNqyNVCyxgP1DxXP\n" + - "FYkX6BX17gB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABhqGD\n" + - "iKkAAAQDAEcwRQIhAKTMliyTn48vvP9hN8jucD6rGZwRCqQI6suE6ADpN7bNAiB3\n" + - "zFZFdH8eJRn3RXjD/mzbmF201sNLitp9SOYAazubljANBgkqhkiG9w0BAQsFAAOC\n" + - "AQEAOOtzqtRFvxlJro61O0dEkDottToFh88vib3N3AofS5uW0nDpoS0L27XR8IDd\n" + - "2NfN+2XKAQXdz2BqHnjW1nAMXUx4TAMi4jG8XpOkvpSDXbjghD5EB10FyAzCuGmv\n" + - "mKxkVOU1DzL0kSLLQjLaJ57WUYsoE97f5O6rY9jlJpid32o1WgM1oZsBjPhO8Kiy\n" + - "KJ5zZHppolGPtuFYMUcatiqv//pH/5piwtlYSkbwMj5nYidSrSBciBzO53HFk1pE\n" + - "TABXFcoK3gmhWM04lysmJMwAzRUbNQVizpGDICbRjCOVnwCbutnSnka8pDHkq4Zy\n" + - "BrUeZe2xJe8jWvukwqvNzIIvwg==\n" + - "-----END CERTIFICATE-----"; - - // Owner: OID.2.5.4.17=100, STREET="10F.,NO.85,Yanping S. Rd.,Taipei City 100,Taiwan (R.O.C)", - // SERIALNUMBER=70759028, OID.1.3.6.1.4.1.311.60.2.1.3=TW, OID.1.3.6.1.4.1.311.60.2.1.2=Taiwan, - // OID.1.3.6.1.4.1.311.60.2.1.1=Taipei, OID.2.5.4.15=Private Organization, - // CN=evssldemo7.twca.com.tw, O=TAIWAN-CA INC., L=Taipei, ST=Taiwan, C=TW - // Issuer: CN=TWCA Global EVSSL Certification Authority, OU=Global EVSSL Sub-CA, - // O=TAIWAN-CA, C=TW - // Serial number: 47e70000001258f036a5b513091ccb2e - // Valid from: Tue Feb 07 02:03:08 PST 2023 until: Thu Mar 07 07:59:59 PST 2024 - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIHdjCCBl6gAwIBAgIQR+cAAAASWPA2pbUTCRzLLjANBgkqhkiG9w0BAQsFADBz\n" + - "MQswCQYDVQQGEwJUVzESMBAGA1UEChMJVEFJV0FOLUNBMRwwGgYDVQQLExNHbG9i\n" + - "YWwgRVZTU0wgU3ViLUNBMTIwMAYDVQQDEylUV0NBIEdsb2JhbCBFVlNTTCBDZXJ0\n" + - "aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0yMzAyMDcxMDAzMDhaFw0yNDAzMDcxNTU5\n" + - "NTlaMIIBMzELMAkGA1UEBhMCVFcxDzANBgNVBAgTBlRhaXdhbjEPMA0GA1UEBxMG\n" + - "VGFpcGVpMRcwFQYDVQQKEw5UQUlXQU4tQ0EgSU5DLjEfMB0GA1UEAxMWZXZzc2xk\n" + - "ZW1vNy50d2NhLmNvbS50dzEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24x\n" + - "FzAVBgsrBgEEAYI3PAIBARMGVGFpcGVpMRcwFQYLKwYBBAGCNzwCAQITBlRhaXdh\n" + - "bjETMBEGCysGAQQBgjc8AgEDEwJUVzERMA8GA1UEBRMINzA3NTkwMjgxQTA/BgNV\n" + - "BAkTODEwRi4sTk8uODUsWWFucGluZyBTLiBSZC4sVGFpcGVpIENpdHkgMTAwLFRh\n" + - "aXdhbiAoUi5PLkMpMQwwCgYDVQQREwMxMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB\n" + - "DwAwggEKAoIBAQDSX3co7XUdwxv8OEj7Mipq0Ot+1w+VYTFlPvdnryrv9st7ERLb\n" + - "+xJPJo7swgqbHeHKWlwYu4lkzJq6s3nAOkuYIP/O3uVmGDiilLSAVkukz9MooyjB\n" + - "466eArXY1VT9vpXVNmSLunAp5RU8H+2WWOUMmtJx/oYojqEbtWqnltlErvEjb2TM\n" + - "vR16d/vXI6QtMc+IV3nZ0SVdetH2E7ZvpP5mZqVSHNnOnVjqdd69hAJ4SJgG9lCM\n" + - "87ysm6UaJxQbEGxc6YkwrUNVet1tx2hBWltTyRw3oOBCBUwrPUTx7/pFh7yhci6p\n" + - "AhHp1j0OzAmZHOFTM+qO1L1vlmguO8zW0zWtAgMBAAGjggNCMIIDPjAfBgNVHSME\n" + - "GDAWgBRuvaErzuTC1Sh0XL3ZjG8EcioG3jAdBgNVHQ4EFgQUvvbgZHRNPdmGlxQS\n" + - "fcTzM2A14EkwUwYDVR0fBEwwSjBIoEagRIZCaHR0cDovL3NzbHNlcnZlci50d2Nh\n" + - "LmNvbS50dy9zc2xzZXJ2ZXIvR2xvYmFsRVZTU0xfUmV2b2tlXzIwMTIuY3JsMCEG\n" + - "A1UdEQQaMBiCFmV2c3NsZGVtbzcudHdjYS5jb20udHcwfwYIKwYBBQUHAQEEczBx\n" + - "MEQGCCsGAQUFBzAChjhodHRwOi8vc3Nsc2VydmVyLnR3Y2EuY29tLnR3L2NhY2Vy\n" + - "dC9HbG9iYWxFdnNzbF8yMDEyLnA3YjApBggrBgEFBQcwAYYdaHR0cDovL2V2c3Ns\n" + - "b2NzcC50d2NhLmNvbS50dy8wSAYDVR0gBEEwPzA0BgwrBgEEAYK/JQEBFgMwJDAi\n" + - "BggrBgEFBQcCARYWaHR0cDovL3d3dy50d2NhLmNvbS50dzAHBgVngQwBATAJBgNV\n" + - "HRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB\n" + - "BQUHAwIwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AFWB1MIWkDYBSuoLm1c8\n" + - "U/DA5Dh4cCUIFy+jqh0HE9MMAAABhitUR1YAAAQDAEcwRQIhANv7DhQm67R1Ilmg\n" + - "k5StrFQ1dqyELzZTAT3on84g0G/vAiAttP+EWWmztK2luQ7SxvQsmExDh/qGiZHq\n" + - "NAd2a8dUIgB1AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABhitU\n" + - "RycAAAQDAEYwRAIgcU5n4DJaGWvTr3wZug59ItynMgCZ5z0ZVrZr2KwV70wCIHEv\n" + - "DAwNBLGsdj5IX/4E5hnzJvS7WroSLnRB6OW931JbAHYAdv+IPwq2+5VRwmHM9Ye6\n" + - "NLSkzbsp3GhCCp/mZ0xaOnQAAAGGK1RKDwAABAMARzBFAiBvlIvOnE8PhYJQueMh\n" + - "AOCwgREvnAsk3Edt59lcuqPrrQIhAOSRb3UmBYkHQ6k5pUJva0Mgk0GmnLR0de0s\n" + - "VxW3TTASMA0GCSqGSIb3DQEBCwUAA4IBAQAQB7oaouXBI6VpLzL+kzOZXSTbSClv\n" + - "LS33DTEBI3A8LTXHbFq6c4/ZdqieUzy42Kd0i9e3hI1hwQYPgEwxpROOcldX72r0\n" + - "EUTh0L+XrxN3YEgod6aCsjIiJlWYy6J2ZXVURnk/iWYAwYLa0JmmBGuWFjEnq4lO\n" + - "xL1C3M2mYAEC+Beb7Xyq1rcu97p4P8igJYM+VfwXNwYYRCXUr9f4ESD7t5vXlYoE\n" + - "c4m5KiBQD9XtZS77QRon9JCQklxTvMkxuLwWvSdzicEUzWeFp+kN/fcXL2SVsb17\n" + - "xDPMMsMMh7L/f+uMWDYZ+wH17LYQxOLi7VXT3fv8nl2X2iD3d4CCh0Tu\n" + - "-----END CERTIFICATE-----"; - - public static void main(String[] args) throws Exception { - - ValidatePathWithParams pathValidator = new ValidatePathWithParams(null); - - if (args.length >= 1 && "CRL".equalsIgnoreCase(args[0])) { - pathValidator.enableCRLCheck(); - } else { - // OCSP check by default - pathValidator.enableOCSPCheck(); - } - - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, - "Thu Mar 23 17:30:19 PDT 2023", System.out); - } -} diff --git a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/TeliaSoneraCA.java b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/TeliaSoneraCA.java deleted file mode 100644 index 3dc0c94abc2..00000000000 --- a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/TeliaSoneraCA.java +++ /dev/null @@ -1,195 +0,0 @@ -/* - * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -/* - * @test - * @bug 8210432 - * @summary Interoperability tests with TeliaSonera Root CA v1 - * @build ValidatePathWithParams - * @run main/othervm -Djava.security.debug=certpath TeliaSoneraCA OCSP - * @run main/othervm -Djava.security.debug=certpath TeliaSoneraCA CRL - */ - -/* - * Obtain TLS test artifacts for TeliaSonera Root CA v1 from: - * - * Valid TLS Certificates: - * https://juolukka.cover.sonera.net:10443/ - * - * Revoked TLS Certificates: - * https://juolukka.cover.sonera.net:10444/ - */ -public class TeliaSoneraCA { - - // Owner: CN=TeliaSonera Server CA v2, O=TeliaSonera, C=FI - // Issuer: CN=TeliaSonera Root CA v1, O=TeliaSonera - private static final String INT = "-----BEGIN CERTIFICATE-----\n" - + "MIIHHjCCBQagAwIBAgIQTEYq9tv794BPhMF8/qlytjANBgkqhkiG9w0BAQsFADA3\n" - + "MRQwEgYDVQQKDAtUZWxpYVNvbmVyYTEfMB0GA1UEAwwWVGVsaWFTb25lcmEgUm9v\n" - + "dCBDQSB2MTAeFw0xNDEwMTYwODA5NTdaFw0zMjEwMTYwNTA0MDBaMEYxCzAJBgNV\n" - + "BAYTAkZJMRQwEgYDVQQKDAtUZWxpYVNvbmVyYTEhMB8GA1UEAwwYVGVsaWFTb25l\n" - + "cmEgU2VydmVyIENBIHYyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA\n" - + "rwQN5rfRLbVAiYWLJF9SI4YLm8oqrtf8OjGybgoLyiMIo8nhY/atuGRFWCQNOnUK\n" - + "caZn29C360PlC5yYrsrSHuouROisqHSJcgA7HvV+37Rcry7daeDj6rfyx4yI5dmj\n" - + "LwHkK0j1NzhX1JxFDgPeLNuebgzv/j8OfRhYK/BttpystC4Zgm3gZheKDjYsDS5D\n" - + "gjffuOysP3vewrcuw0EIZFx+HawuwNBLq4tMf4VSitYDHJSLIM2TeXZGGY5slTbT\n" - + "yLnrU5mIzG9WKqxyy7qHuFw1JtlAXkCLmUEVaF9M+dRPiGIjlDrpBgbDD9mT2CSk\n" - + "V/XG1696/voY5xB8KNIC1cOSmSO7kdJyR5tWiDIJiwMXrTwG+kZiqlbcKDsZeJ9p\n" - + "5bZxXO0pEpde3wgEYRvFr5Cx4vcz4h5pom9coJOCW9tqXU43KcueTrt4Ks9f92q1\n" - + "ehjyEnCh0BCdrjUOXsUtFosm9qxJnDwVlThYhS9EHuCTNBgj1Yxj6A+8fwwJP9DN\n" - + "CbWQx5afT+h+9FNDNRC/nEcesP1Yh9s15Se270pQW0CejUNziYG7Dft7T+PVH/fU\n" - + "zaWU8g0tJjtuQgiCWVqw4WkUmYY2S0R89zAotcpz2mvNO8ma2iJbubHi3c0ULfHH\n" - + "nkWKsdpzZmK4N0Wi6/V5yWdmL5RFkFecL8r7+9OtCB0CAwEAAaOCAhUwggIRMIGK\n" - + "BggrBgEFBQcBAQR+MHwwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnRydXN0LnRl\n" - + "bGlhc29uZXJhLmNvbTBLBggrBgEFBQcwAoY/aHR0cDovL3JlcG9zaXRvcnkudHJ1\n" - + "c3QudGVsaWFzb25lcmEuY29tL3RlbGlhc29uZXJhcm9vdGNhdjEuY2VyMBIGA1Ud\n" - + "EwEB/wQIMAYBAf8CAQAwVQYDVR0gBE4wTDBKBgwrBgEEAYIPAgMBAQIwOjA4Bggr\n" - + "BgEFBQcCARYsaHR0cHM6Ly9yZXBvc2l0b3J5LnRydXN0LnRlbGlhc29uZXJhLmNv\n" - + "bS9DUFMwDgYDVR0PAQH/BAQDAgEGMIHGBgNVHR8Egb4wgbswQKA+oDyGOmh0dHA6\n" - + "Ly9jcmwtMy50cnVzdC50ZWxpYXNvbmVyYS5jb20vdGVsaWFzb25lcmFyb290Y2F2\n" - + "MS5jcmwwd6B1oHOGcWxkYXA6Ly9jcmwtMS50cnVzdC50ZWxpYXNvbmVyYS5jb20v\n" - + "Y249VGVsaWFTb25lcmElMjBSb290JTIwQ0ElMjB2MSxvPVRlbGlhU29uZXJhP2Nl\n" - + "cnRpZmljYXRlcmV2b2NhdGlvbmxpc3Q7YmluYXJ5MB0GA1UdDgQWBBQvSTwpT9cH\n" - + "JfnGjNVk9WY9EoMilTAfBgNVHSMEGDAWgBTwj1k4ALP1j5qWDNXr+nuqF+gTEjAN\n" - + "BgkqhkiG9w0BAQsFAAOCAgEAg9EVFW6ioZ2ctrX8KqvW9XPYZR01yNgqlO7pwBWf\n" - + "HzuBCbUdyVzumfQnU24Sce92oMtEfyuxIOmhvoXU7LpnYlH3Q29UGP5dL0D3edGz\n" - + "HeU6Tf8bkcOEHtnTrkd+y+rfFSDWYl9r1y993NAcrBHhroQCE53mlrO7TjXa3zDq\n" - + "6LGR8T8VgvGw0IBz6mzAks0wMYB0b4uREPmWXi+m+RqG3lnpl+eBzz6YVLkxIYMq\n" - + "QIXJIBsu4/ybmadsfdql6E8Lo3dKVD4UG10mtd+iPbJiBiW/a9VbEe3NVKIv4H2y\n" - + "HqYcxDXAeUI66E3K2cjCmKoQaa0Ywt02ikZFd0v1OWNPS7YWbEJWkVR1PcPMESK9\n" - + "6HKI4xhG2tJesmXjQ8q8aSx2u79Zts3ewjKqTmurf6FXW3u9TpSCUe6Drr/3X7Ve\n" - + "nBy4M0sLwCecD/L9gjTa+EItQTYzCkpxiMO49tQdX/BpwgWju4Kg3qkaBNTzvSlk\n" - + "gdnRJqCUkVuzwK4yBqUoyRz3prlhvvRGdZJKf6IXRDhncpey5pm0PQYQ4cArx7Go\n" - + "AaAKz0ZTHOKjnM2KIdUhBJQybL7oPklSfkeMWoUoYED6R4YMTt/JXX4ixEb5DgDJ\n" - + "0F+bNcF7qGrJTkTx0Ccy4BuuY05hJckd72E7WdmjN7DDeosghgWZNV/6D7N5tfxo\n" - + "nlU=\n" - + "-----END CERTIFICATE-----"; - - // Owner: CN=juolukka.cover.sonera.net, OU=security, O=Telia Finland Oyj, L=helsinki, C=FI - // Issuer: CN=TeliaSonera Server CA v2, O=TeliaSonera, C=FI - private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + - "MIIHiDCCBXCgAwIBAgIPAWOq14hk136UDQY3WSjLMA0GCSqGSIb3DQEBCwUAMEYx\n" + - "CzAJBgNVBAYTAkZJMRQwEgYDVQQKDAtUZWxpYVNvbmVyYTEhMB8GA1UEAwwYVGVs\n" + - "aWFTb25lcmEgU2VydmVyIENBIHYyMB4XDTE4MDUyOTA3NDA0MVoXDTE5MDUyOTA3\n" + - "NDA0MVowczELMAkGA1UEBhMCRkkxETAPBgNVBAcMCGhlbHNpbmtpMRowGAYDVQQK\n" + - "DBFUZWxpYSBGaW5sYW5kIE95ajERMA8GA1UECwwIc2VjdXJpdHkxIjAgBgNVBAMM\n" + - "GWp1b2x1a2thLmNvdmVyLnNvbmVyYS5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IB\n" + - "DwAwggEKAoIBAQDLks9F8ZUqV9G4jn3fY234OX09Dmqqtuk0qAmjWpF0JAn2o64t\n" + - "whVxFLx9e2IwUPTQgyo6FwRsiT19m99BhgxYnJOxVRwURxSL3mqlV9gX4oFMmT4O\n" + - "EOYEjaJXi8ne1pJX80y2hVQ48XqgODnKdKZVwa5YoeWZQJiaq+C5JkMDN8qzpiyQ\n" + - "X3EfJspLkKy2E+UVxWmfnyf0v70ES9TQ8qgxwvsf7LRZ8Jixq7TTO5VbqWsdBvJC\n" + - "9Zm2aBOYJ7ptSZQ5YDfeUJG2c9S/zFmngoPnTrvAZwUeU3YTrbdZQy899ZOatWac\n" + - "6lHUYU2EagEmbj/jtIvJ6wMbzhleIXRQFWibAgMBAAGjggNEMIIDQDAfBgNVHSME\n" + - "GDAWgBQvSTwpT9cHJfnGjNVk9WY9EoMilTAdBgNVHQ4EFgQUbMozh4osL4gFJvb5\n" + - "baELpQSKEhIwDgYDVR0PAQH/BAQDAgSwME4GA1UdIARHMEUwQwYGZ4EMAQICMDkw\n" + - "NwYIKwYBBQUHAgEWK2h0dHA6Ly9yZXBvc2l0b3J5LnRydXN0LnRlbGlhc29uZXJh\n" + - "LmNvbS9DUFMwJAYDVR0RBB0wG4IZanVvbHVra2EuY292ZXIuc29uZXJhLm5ldDBN\n" + - "BgNVHR8ERjBEMEKgQKA+hjxodHRwOi8vY3JsLTMudHJ1c3QudGVsaWFzb25lcmEu\n" + - "Y29tL3RlbGlhc29uZXJhc2VydmVyY2F2Mi5jcmwwHQYDVR0lBBYwFAYIKwYBBQUH\n" + - "AwIGCCsGAQUFBwMBMIGGBggrBgEFBQcBAQR6MHgwJwYIKwYBBQUHMAGGG2h0dHA6\n" + - "Ly9vY3NwLnRydXN0LnRlbGlhLmNvbTBNBggrBgEFBQcwAoZBaHR0cDovL3JlcG9z\n" + - "aXRvcnkudHJ1c3QudGVsaWFzb25lcmEuY29tL3RlbGlhc29uZXJhc2VydmVyY2F2\n" + - "Mi5jZXIwggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB2AG9Tdqwx8DEZ2JkApFEV\n" + - "/3cVHBHZAsEAKQaNsgiaN9kTAAABY6rXpS0AAAQDAEcwRQIgfMLEFYxQcncL3am/\n" + - "W2x7DMZ1+Vh1tDLw/0qIQB40VBQCIQC1eyF8Q6CcQs+gIgzpy7OiZSosSlykyOgW\n" + - "qHkj/0UPygB3AO5Lvbd1zmC64UJpH6vhnmajD35fsHLYgwDEe4l6qP3LAAABY6rX\n" + - "pLEAAAQDAEgwRgIhAJxveFVsFrfttSJIxHsMPAvvevptaV2CxsGwubAi8wDDAiEA\n" + - "jNbbYfUiYtmQ5v4yc6T+GcixztNIlMzQ7OTK+u9zqSoAdgBVgdTCFpA2AUrqC5tX\n" + - "PFPwwOQ4eHAlCBcvo6odBxPTDAAAAWOq16YXAAAEAwBHMEUCIQCCkCL2zn/AoMVI\n" + - "BdsoJelUBLsAnQ+GlIafiyZYcCwhBAIgdsFM05eNmL5hfn3+WtfgmipwcK1qp7kO\n" + - "ONzO69aqrnEwDQYJKoZIhvcNAQELBQADggIBAIl5UWSwCXF85+2lU6t89K7I4TvZ\n" + - "Ggof0NLngea9qxBq00opfnl9i2LPRnsjh9s3iA29i2daTEuJn3qt3Ygcm27Jd7WM\n" + - "5StcxQ483GAaL5s5m2QqkZB8eLfez3tIyCMGCAyixBDNRNPVI4xZr6sSOenWtipo\n" + - "gMt+/gvRIMdMT79IXPFz4W9RWCwnfJNOlfH2OkS3KZYaPSaEvs6sfMW1DDZosrBy\n" + - "6F+DITPLllOVSE4+PTxvXLKVy+srFwF1VocQXKkWMHQ7AfWNnOGzb7B1qg7gsw0n\n" + - "axqinyCjkhMpHpcVtmD9Pi15HLFDIy9yI2S+FHJQfhUSmM/LdCWzQpnee6/Wo+uw\n" + - "p0Jg2v6v9GGaqfpuiVJPFN9dOv3OjMU7DL5lgMRWFRo2T8+wBHXDyBhT0W0y5kRJ\n" + - "eWA7t6CnkziHuaOihZAHUH3nn5exjqUFVS0ThbF6hxN7HAlq/xIbTKlZjkLlc14W\n" + - "fB8vkxJyy/tgBZ4dCj9Y1Y32d4eFT5JZJgqgkN59SmX56BswNXncGrk/vWZFFx+g\n" + - "9dgb8QSe8KseD1iSLc7SsqVDv8NPYdaI3eZ90W8Wv0/CDls321O6UbAmURzQwFGB\n" + - "w8WnteoVBi6Wf6M1TxIfJsXBYeIN0BB6AYc8cmZIOtx2C8aH4JJT45MyFnBv3ac5\n" + - "Ahs9pGn/+K+5yb2e\n" + - "-----END CERTIFICATE-----"; - - // Owner: CN=juolukka.cover.sonera.net, OU=Security, O=TeliaSonera Finland, L=Helsinki, C=FI - // Issuer: CN=TeliaSonera Server CA v2, O=TeliaSonera, C=FI - private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + - "MIIGEDCCA/igAwIBAgIRAKWJTjs6v04ZTyb2wJxfnJswDQYJKoZIhvcNAQELBQAw\n" + - "RjELMAkGA1UEBhMCRkkxFDASBgNVBAoMC1RlbGlhU29uZXJhMSEwHwYDVQQDDBhU\n" + - "ZWxpYVNvbmVyYSBTZXJ2ZXIgQ0EgdjIwHhcNMTYxMjIzMDcwMTQ2WhcNMTkxMjIz\n" + - "MDcwMTQ2WjB1MQswCQYDVQQGEwJGSTERMA8GA1UEBwwISGVsc2lua2kxHDAaBgNV\n" + - "BAoME1RlbGlhU29uZXJhIEZpbmxhbmQxETAPBgNVBAsMCFNlY3VyaXR5MSIwIAYD\n" + - "VQQDDBlqdW9sdWtrYS5jb3Zlci5zb25lcmEubmV0MIIBIjANBgkqhkiG9w0BAQEF\n" + - "AAOCAQ8AMIIBCgKCAQEAt2u92TgTFdm1OEfmWFPe+ESBi+2ox4y1EDoin8RydMyO\n" + - "DI6+0HHnKfDZa1YViI5b6MLJKWIAyUszAg5hc0S3upElfSsBvUW6zuQTxMi2vTYE\n" + - "4tcqwIEyCUaiv4wC+DuO5CyGR32yR6HB/W5Ny200dPs2SO03ESEJ+LH4Tw5AI8JJ\n" + - "UZHW+lA+yUHnlc3q47svpbspjt0C/THyukd1hbXTBB0mPXqPux+ClvtZBWUJb7ti\n" + - "1cPfcCNd79KRObzcgxqcOIaUFz4LjjKezhzVSL7tJOANOHZ09qDeOAkk/X9POx4h\n" + - "a5XyWfH1zaQ0QlZ2mKBeHebCIJkgTZZVipagRVOgcwIDAQABo4IByDCCAcQwgY0G\n" + - "CCsGAQUFBwEBBIGAMH4wLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnRydXN0LnRl\n" + - "bGlhc29uZXJhLmNvbTBNBggrBgEFBQcwAoZBaHR0cDovL3JlcG9zaXRvcnkudHJ1\n" + - "c3QudGVsaWFzb25lcmEuY29tL3RlbGlhc29uZXJhc2VydmVyY2F2Mi5jZXIwHwYD\n" + - "VR0jBBgwFoAUL0k8KU/XByX5xozVZPVmPRKDIpUwTgYDVR0gBEcwRTBDBgZngQwB\n" + - "AgIwOTA3BggrBgEFBQcCARYraHR0cDovL3JlcG9zaXRvcnkudHJ1c3QudGVsaWFz\n" + - "b25lcmEuY29tL0NQUzBNBgNVHR8ERjBEMEKgQKA+hjxodHRwOi8vY3JsLTMudHJ1\n" + - "c3QudGVsaWFzb25lcmEuY29tL3RlbGlhc29uZXJhc2VydmVyY2F2Mi5jcmwwHQYD\n" + - "VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIEsDAkBgNV\n" + - "HREEHTAbghlqdW9sdWtrYS5jb3Zlci5zb25lcmEubmV0MB0GA1UdDgQWBBSa+vJH\n" + - "I6Lt9Aqw5ondhoZu4/IJezANBgkqhkiG9w0BAQsFAAOCAgEASRK1l1MZb/IRlyi+\n" + - "XjfZcxJdFuNzW2kpZstW6Ni2XiD3p7aROBfDFtu7GajzZHb6p76auDb4NwJgeE/3\n" + - "6gnXoIK00HwpF2RAhxDpkF8r3q0jSqGhSv/xz9Nx7JBzgqfSw3Ha4ohioIed3uc+\n" + - "nMDyvVenio4GYgtxIIubSybCxMv/lBA/S4daIVCYK3VOoBbM2F36ecAKvRU5vIWM\n" + - "urXsfANL3u4qgJpaM0DclzFsOkVsRPffzToko/Nr6pGXYjt47IzTRlwLMnLehoZW\n" + - "ZZMGMVVOlR7XGf81UjWB6OsKeoQ4FWgcb/rIJcZusm+LqvnsCHuC3gtuC2nGA7lr\n" + - "fseUlG7QZN9/QfUIyvL69wAzeVj1cUcd7GHcAH9DyZJfI8orv4PyUvitDdgISkFu\n" + - "GZ562O7cGmCv00/6I4t0z9wZal8a5lRDoKXAYy+u/adrO1JjLwi11y/DTw9LQ7sJ\n" + - "gVP/v2GsI0ajF9A6z33UHN9uxXZVmQNvOiMkcJiGLovFgu5zxoAg2W3pHjbBbeL8\n" + - "v5MPqgsKafgzaSRtXBBvaISHi9hhRR8v/qSwO3NyLm8uAhQD4x+OPHrmQ/s16j45\n" + - "Ib53UHj1k6byXGUqDgzFBsmEPV6Shf2C4/HcRHpAX8wQx3xVwDtRzDpNUR6vnNfi\n" + - "PwzRU1xsQKd8llmgl4l+fYV0tBA=\n" + - "-----END CERTIFICATE-----"; - - public static void main(String[] args) throws Exception { - - ValidatePathWithParams pathValidator = new ValidatePathWithParams(null); - - if (args.length >= 1 && "CRL".equalsIgnoreCase(args[0])) { - pathValidator.enableCRLCheck(); - } else { - // OCSP check by default - pathValidator.enableOCSPCheck(); - } - - // Validate valid - pathValidator.validate(new String[]{VALID, INT}, - ValidatePathWithParams.Status.GOOD, null, System.out); - - // Validate Revoked - pathValidator.validate(new String[]{REVOKED, INT}, - ValidatePathWithParams.Status.REVOKED, - "Thu Dec 22 23:14:55 PST 2016", System.out); - - // reset validation date back to current date - pathValidator.resetValidationDate(); - } -} diff --git a/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/ValidatePathWithURL.java b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/ValidatePathWithURL.java new file mode 100644 index 00000000000..80aaa710de8 --- /dev/null +++ b/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/ValidatePathWithURL.java @@ -0,0 +1,231 @@ +/* + * Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import jtreg.SkippedException; + +import javax.net.ssl.*; +import javax.security.auth.x500.X500Principal; +import java.io.FileInputStream; +import java.io.IOException; +import java.net.URL; +import java.security.*; +import java.security.cert.*; +import java.security.cert.Certificate; + +public class ValidatePathWithURL { + + private final X509Certificate rootCertificate; + private final X500Principal rootPrincipal; + + /** + * Enables the certificate revocation checking and loads the certificate from + * cacerts file for give caAlias + * + * @param caAlias CA alias for CA certificate in cacerts file + * @throws Exception when fails to get CA certificate from cacerts file + */ + public ValidatePathWithURL(String caAlias) throws Exception { + System.setProperty("com.sun.net.ssl.checkRevocation", "true"); + Security.setProperty("ssl.TrustManagerFactory.algorithm", "SunPKIX"); + + // some test sites don't have correct hostname specified in test certificate + HttpsURLConnection.setDefaultHostnameVerifier(new CustomHostnameVerifier()); + + String FS = System.getProperty("file.separator"); + String CACERTS_STORE = + System.getProperty("test.jdk") + FS + "lib" + FS + "security" + FS + "cacerts"; + + KeyStore cacerts = KeyStore.getInstance("PKCS12"); + try (FileInputStream fis = new FileInputStream(CACERTS_STORE)) { + cacerts.load(fis, null); + } + + rootCertificate = (X509Certificate) cacerts.getCertificate(caAlias); + rootPrincipal = rootCertificate.getSubjectX500Principal(); + } + + /** + * Enable revocation checking using OCSP and disables CRL check + */ + public static void enableOCSPOnly() { + System.setProperty("com.sun.security.enableCRLDP", "false"); + Security.setProperty("ocsp.enable", "true"); + } + + /** + * Enable revocation checking using CRL + */ + public static void enableCRLOnly() { + System.setProperty("com.sun.security.enableCRLDP", "true"); + Security.setProperty("ocsp.enable", "false"); + } + + /** + * Enable revocation checking using OCSP or CRL + */ + public static void enableOCSPAndCRL() { + System.setProperty("com.sun.security.enableCRLDP", "true"); + Security.setProperty("ocsp.enable", "true"); + } + + /** + * Logs revocation settings + */ + public static void logRevocationSettings() { + System.out.println("====================================================="); + System.out.println("CONFIGURATION"); + System.out.println("====================================================="); + System.out.println("http.proxyHost :" + System.getProperty("http.proxyHost")); + System.out.println("http.proxyPort :" + System.getProperty("http.proxyPort")); + System.out.println("https.proxyHost :" + System.getProperty("https.proxyHost")); + System.out.println("https.proxyPort :" + System.getProperty("https.proxyPort")); + System.out.println("https.socksProxyHost :" + + System.getProperty("https.socksProxyHost")); + System.out.println("https.socksProxyPort :" + + System.getProperty("https.socksProxyPort")); + System.out.println("jdk.certpath.disabledAlgorithms :" + + Security.getProperty("jdk.certpath.disabledAlgorithms")); + System.out.println("com.sun.security.enableCRLDP :" + + System.getProperty("com.sun.security.enableCRLDP")); + System.out.println("ocsp.enable :" + Security.getProperty("ocsp.enable")); + System.out.println("====================================================="); + } + + /** + * Validates end entity certificate used in provided test URL using + * HttpsURLConnection. Validation is skipped on network error or if + * the certificate is expired. + * + * @param testURL URL to validate + * @param revokedCert if true then validate is REVOKED certificate + * @throws Exception on failure to validate certificate + */ + public void validateDomain(final String testURL, + final boolean revokedCert) + throws Exception { + System.out.println(); + System.out.println("===== Validate " + testURL + "====="); + if (!validateDomainCertChain(testURL, revokedCert)) { + throw new RuntimeException("Failed to validate " + testURL); + } + System.out.println("======> SUCCESS"); + } + + private boolean validateDomainCertChain(final String testURL, + final boolean revokedCert) + throws Exception { + HttpsURLConnection httpsURLConnection = null; + try { + URL url = new URL(testURL); + httpsURLConnection = (HttpsURLConnection) url.openConnection(); + httpsURLConnection.setInstanceFollowRedirects(false); + httpsURLConnection.connect(); + + // certain that test certificate anchors to trusted CA for VALID certificate + // if the connection is successful + Certificate[] chain = httpsURLConnection.getServerCertificates(); + httpsURLConnection.disconnect(); + validateAnchor(chain); + } catch (SSLHandshakeException e) { + System.out.println("SSLHandshakeException: " + e.getMessage()); + Throwable cause = e.getCause(); + + while (cause != null) { + if (cause instanceof CertPathValidatorException) { + CertPathValidatorException cpve =(CertPathValidatorException)cause; + if (cpve.getReason() == CertPathValidatorException.BasicReason.REVOKED + || cpve.getCause() instanceof CertificateRevokedException) { + System.out.println("Certificate is revoked"); + + // We can validate anchor for revoked certificates as well + Certificate[] chain = cpve.getCertPath().getCertificates().toArray(new Certificate[0]); + validateAnchor(chain); + + if (revokedCert) { + return true; + } + } else if (cpve.getReason() == CertPathValidatorException.BasicReason.EXPIRED + || cpve.getCause() instanceof CertificateExpiredException) { + System.out.println("Certificate is expired"); + throw new SkippedException("Certificate is expired, skip the test"); + } + break; + } + cause = cause.getCause(); + } + + throw new RuntimeException("Unhandled exception", e); + } catch (SSLException e) { + // thrown if root CA is not included in cacerts + throw new RuntimeException(e); + } catch (IOException e) { + throw new SkippedException("Network setup issue, skip this test", e); + } finally { + if (httpsURLConnection != null) { + httpsURLConnection.disconnect(); + } + } + + return !revokedCert; + } + + private void validateAnchor(Certificate[] chain) throws Exception { + X509Certificate interCert = null; + + // fail if there is no intermediate CA or self-signed + if (chain.length < 2) { + throw new RuntimeException("Cert chain too short " + chain.length); + } else { + System.out.println("Finding intermediate certificate issued by CA"); + for (Certificate cert : chain) { + if (cert instanceof X509Certificate) { + X509Certificate certificate = (X509Certificate)cert; + System.out.println("Checking: " + certificate.getSubjectX500Principal()); + System.out.println("Issuer: " + certificate.getIssuerX500Principal()); + if (certificate.getIssuerX500Principal().equals(rootPrincipal)) { + interCert = certificate; + break; + } + } + } + } + + if (interCert == null) { + throw new RuntimeException("Intermediate Root CA not found in the chain"); + } + + // validate intermediate CA signed by root CA under test + System.out.println("Found intermediate root CA: " + interCert.getSubjectX500Principal()); + System.out.println("intermediate CA Issuer: " + interCert.getIssuerX500Principal()); + interCert.verify(rootCertificate.getPublicKey()); + System.out.println("Verified: Intermediate CA signed by test root CA"); + } + + private static class CustomHostnameVerifier implements HostnameVerifier { + @Override + public boolean verify(String hostname, SSLSession session) { + // Allow any hostname + return true; + } + } +} diff --git a/test/jdk/sun/awt/PaletteTester.java b/test/jdk/sun/awt/PaletteTester.java new file mode 100644 index 00000000000..7fb0d6b26ad --- /dev/null +++ b/test/jdk/sun/awt/PaletteTester.java @@ -0,0 +1,204 @@ +/* + * Copyright (c) 2001, 2023, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 4366799 + * @key headful + * @requires (os.family == "windows") + * @library /java/awt/regtesthelpers + * @build PassFailJFrame + * @summary verifies that Windows applications react to palette + * changes in 8-bit mode correctly. + * @run main/manual PaletteTester +*/ + +import java.awt.Color; +import java.awt.Dimension; +import java.awt.EventQueue; +import java.awt.Graphics; +import java.awt.Image; +import java.awt.Frame; +import java.awt.event.WindowAdapter; +import java.awt.event.WindowEvent; +import java.awt.image.VolatileImage; +import javax.swing.ImageIcon; +import javax.swing.JPanel; +import java.io.File; + +public class PaletteTester { + + static VImageColors demo; + + private static final String INSTRUCTIONS = """ + This test should be run on any Windows platform in 8-bit + (256 color) display mode only. To check for errors, run a browser + application (Firefox or Internet Explorer) at the same time + and switch between this test and the browser (by clicking on the + title bars). + + The three panels in this test should look roughly the same (there + may be some dithering differences if you switch display modes + during the test, but the overall look should be the same. If + completely different colors are being used (either for the orange + background fill, the text, the image, or the rectangles), then the + test has failed. + """; + + private static void init() { + + int width = 300, height = 300; + + demo = new VImageColors(); + Frame f = new Frame("PaletteTester"); + f.addWindowListener(new WindowAdapter() { + public void windowClosing(WindowEvent e) {} + public void windowDeiconified(WindowEvent e) { demo.start(); } + public void windowIconified(WindowEvent e) { demo.stop(); } + }); + f.add(demo); + f.setSize(new Dimension(width, height)); + f.setLocationRelativeTo(null); + + PassFailJFrame.addTestWindow(f); + PassFailJFrame.positionTestWindow(f, PassFailJFrame.Position.HORIZONTAL); + f.setVisible(true); + + demo.start(); + + }//End init() + + public static void main( String args[] ) throws Exception { + + PassFailJFrame passFailJFrame = new PassFailJFrame.Builder() + .title("PaletteTester Instructions") + .instructions(INSTRUCTIONS) + .testTimeOut(5) + .rows(15) + .columns(40) + .screenCapture() + .build(); + + EventQueue.invokeAndWait(PaletteTester::init); + + + try { + passFailJFrame.awaitAndCheck(); + } finally { + demo.stop(); + } + }//main +} + +//************ Begin classes defined for the test **************** + +class VImageColors extends JPanel implements Runnable { + + VolatileImage vImage; + Image bImage; + private static int width = 300, height = 300; + private Thread thread; + Color fillColor = new Color(240, 188, 136); + Color textColor = new Color(40, 18, 97); + Color rectColor = new Color(0, 150, 0); + File f = new File(System.getProperty("test.src", "."), "duke.gif"); + Image duke = new ImageIcon(f.toString()).getImage(); + + public void initOffscreen() { + vImage = this.createVolatileImage(getWidth()/3, getHeight()); + bImage = this.createImage(getWidth()/3, getHeight()); + } + + public void paint(Graphics g) { + int width = getWidth(); + int height = getHeight(); + + if (vImage == null) { + initOffscreen(); + } + + // Render the left panel via VolatileImage + do { + if ( + vImage.validate(getGraphicsConfiguration()) == + VolatileImage.IMAGE_INCOMPATIBLE) + { + vImage = createVolatileImage(width/3, height); + } + Graphics vg = vImage.createGraphics(); + vg.setColor(fillColor); + vg.fillRect(0, 0, width/3, height); + vg.drawImage(duke, 0, 0, null); + vg.setColor(textColor); + vg.drawString("Vol Image", 5, height-1); + vg.setColor(rectColor); + vg.drawRect(0, 0, width/3-1, height-1); + vg.dispose(); + g.drawImage(vImage, 0, 0, width/3, height, null); + } while (vImage.contentsLost()); + + // Render the middle panel via BufferedImage + Graphics bg = bImage.getGraphics(); + bg.setColor(fillColor); + bg.fillRect(0, 0, width/3, height); + bg.drawImage(duke, 0, 0, null); + bg.setColor(textColor); + bg.drawString("Buff Image", 5, height-1); + bg.setColor(rectColor); + bg.drawRect(0, 0, width/3-1, height-1); + bg.dispose(); + g.drawImage(bImage, width/3, 0, width/3, height, null); + + // Render the right panel directly to the screen + g.setColor(fillColor); + g.fillRect(2*(width/3), 0, width/3, height); + g.drawImage(duke, 2*(width/3), 0, null); + g.setColor(textColor); + g.drawString("Screen", 2*(width/3) + 5, height-1); + g.setColor(rectColor); + g.drawRect(2*(width/3), 0, width/3-1, height-1); + + } + + public void start() { + thread = new Thread(this); + thread.setPriority(Thread.MIN_PRIORITY); + thread.start(); + } + + public synchronized void stop() { + thread = null; + } + + public void run() { + Thread me = Thread.currentThread(); + while (thread == me) { + try { + thread.sleep(100); + } catch (InterruptedException e) { break; } + } + thread = null; + } +} + +//************** End classes defined for the test ******************* diff --git a/test/jdk/sun/awt/duke.gif b/test/jdk/sun/awt/duke.gif new file mode 100644 index 00000000000..ed32e0ff79b Binary files /dev/null and b/test/jdk/sun/awt/duke.gif differ diff --git a/test/jdk/sun/awt/font/DoubleAntialiasTest.java b/test/jdk/sun/awt/font/DoubleAntialiasTest.java new file mode 100644 index 00000000000..e9057922895 --- /dev/null +++ b/test/jdk/sun/awt/font/DoubleAntialiasTest.java @@ -0,0 +1,104 @@ +/* + * Copyright (c) 2000, 2023, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.awt.EventQueue; +import java.awt.Frame; +import java.awt.Graphics; +import java.awt.Graphics2D; +import java.awt.Panel; +import java.awt.Robot; + +import static java.awt.RenderingHints.KEY_ANTIALIASING; +import static java.awt.RenderingHints.KEY_TEXT_ANTIALIASING; +import static java.awt.RenderingHints.VALUE_ANTIALIAS_ON; +import static java.awt.RenderingHints.VALUE_TEXT_ANTIALIAS_ON; + +/* + * @test + * @bug 4357180 + * @key headful + * @summary When both KEY_ANTIALIASING and KEY_TEXT_ANTIALIASING hints + * were turned on, java aborts with EXCEPTION_ACCESS_VIOLATION + * at attempt to draw characters in Hebrew or Arabic. + * This could happen immediately or after several draws, + * depending on th locale and platform. This test draws + * large number of characters that are among this range repeatedly. + */ + +public class DoubleAntialiasTest extends Panel { + private static Frame frame; + + public static void main(String[] args) throws Exception { + try { + Robot robot = new Robot(); + EventQueue.invokeAndWait(() -> { + frame = new Frame(); + frame.setTitle("DoubleAntialiasTest"); + frame.add(new DoubleAntialiasTest()); + frame.pack(); + frame.setSize(500, 500); + frame.setVisible(true); + }); + + robot.waitForIdle(); + robot.delay(2000); + } catch (Exception e) { + throw new RuntimeException("Following exception occurred" + + " when testing Antialiasing Rendering hints: ", e); + } finally { + EventQueue.invokeAndWait(() -> { + if (frame != null) { + frame.dispose(); + } + }); + } + } + + @Override + public void paint(Graphics g) { + Graphics2D g2 = (Graphics2D) g; + int y = 50; + for (int i = 0; i < 2; i++) { + int k = 5; + for (int j = 0x500; j < 0x700; j++) { + g2.setRenderingHint(KEY_TEXT_ANTIALIASING, + VALUE_TEXT_ANTIALIAS_ON); + g2.setRenderingHint(KEY_ANTIALIASING, + VALUE_ANTIALIAS_ON); + g2.drawString(String.valueOf((char) j), (5 + k), y); + k = k + 15; + } + k = 5; + y += 50; + for (int j = 0x700; j > 0x500; j--) { + g2.setRenderingHint(KEY_TEXT_ANTIALIASING, + VALUE_TEXT_ANTIALIAS_ON); + g2.setRenderingHint(KEY_ANTIALIASING, + VALUE_ANTIALIAS_ON); + g2.drawString(String.valueOf((char) j), (5 + k), y); + k = k + 15; + } + y += 50; + } + } +} diff --git a/test/jdk/sun/java2d/cmm/ColorConvertOp/ColConvCCMTest.java b/test/jdk/sun/java2d/cmm/ColorConvertOp/ColConvCCMTest.java index 22e055fbe8e..97ed058ff5a 100644 --- a/test/jdk/sun/java2d/cmm/ColorConvertOp/ColConvCCMTest.java +++ b/test/jdk/sun/java2d/cmm/ColorConvertOp/ColConvCCMTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2007, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,7 +23,7 @@ /** * @test - * @bug 6476665 7033534 6830714 8052162 8196572 + * @bug 6476665 7033534 6830714 8052162 8196572 8326661 * @summary Verifies color conversion of Component Color Model based images * @run main ColConvCCMTest */ @@ -59,8 +59,8 @@ public class ColConvCCMTest extends ColConvTest { 2.5, // sRGB (isOpenProfile() ? 45.0 : 10.1), // LINEAR_RGB 10.5, // GRAY - (isOpenProfile() ? 215.0 : 45.5), // PYCC - (isOpenProfile() ? 56.0 : 47.5) // CIEXYZ + (isOpenProfile() ? 215.0 : 64.5), // PYCC + (isOpenProfile() ? 56.0 : 55.5) // CIEXYZ }; final static String [] gldImgNames = { diff --git a/test/jdk/sun/java2d/marlin/ClipShapeTest.java b/test/jdk/sun/java2d/marlin/ClipShapeTest.java index 061fd1cfbb0..dbc958391e0 100644 --- a/test/jdk/sun/java2d/marlin/ClipShapeTest.java +++ b/test/jdk/sun/java2d/marlin/ClipShapeTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -52,24 +52,71 @@ import javax.imageio.ImageWriter; import javax.imageio.stream.ImageOutputStream; -/** - * @test +/* + * @test id=PolySingle * @bug 8191814 - * @summary Verifies that Marlin rendering generates the same - * images with and without clipping optimization with all possible - * stroke (cap/join) and/or dashes or fill modes (EO rules) - * for paths made of either 9 lines, 4 quads, 2 cubics (random) - * Note: Use the argument -slow to run more intensive tests (too much time) - * + * @summary Runs the test with "-poly" option, single-precision * @run main/othervm/timeout=300 -Dsun.java2d.renderer=sun.java2d.marlin.MarlinRenderingEngine ClipShapeTest -poly + */ + +/* + * @test id=PolyDoDashSingle + * @bug 8191814 + * @summary Runs the test with "-poly -doDash" options, single-precision * @run main/othervm/timeout=300 -Dsun.java2d.renderer=sun.java2d.marlin.MarlinRenderingEngine ClipShapeTest -poly -doDash + */ + +/* + * @test id=CubicSingle + * @bug 8191814 + * @summary Runs the test with "-cubic" option, single-precision * @run main/othervm/timeout=300 -Dsun.java2d.renderer=sun.java2d.marlin.MarlinRenderingEngine ClipShapeTest -cubic + */ + +/* + * @test id=CubicDoDashSingle + * @bug 8191814 + * @summary Runs the test with "-cubic -doDash" options, single-precision * @run main/othervm/timeout=300 -Dsun.java2d.renderer=sun.java2d.marlin.MarlinRenderingEngine ClipShapeTest -cubic -doDash + */ + +/* + * @test id=Poly + * @bug 8191814 + * @summary Runs the test with "-poly" option, double-precision * @run main/othervm/timeout=300 -Dsun.java2d.renderer=sun.java2d.marlin.DMarlinRenderingEngine ClipShapeTest -poly + */ + +/* + * @test id=PolyDoDash + * @bug 8191814 + * @summary Runs the test with "-poly -doDash" options, double-precision * @run main/othervm/timeout=300 -Dsun.java2d.renderer=sun.java2d.marlin.DMarlinRenderingEngine ClipShapeTest -poly -doDash + */ + +/* + * @test id=Cubic + * @bug 8191814 + * @summary Runs the test with "-cubic" option, double-precision * @run main/othervm/timeout=300 -Dsun.java2d.renderer=sun.java2d.marlin.DMarlinRenderingEngine ClipShapeTest -cubic + */ + +/* + * @test id=CubicDoDash + * @bug 8191814 + * @summary Runs the test with "-cubic -doDash" options, double-precision * @run main/othervm/timeout=300 -Dsun.java2d.renderer=sun.java2d.marlin.DMarlinRenderingEngine ClipShapeTest -cubic -doDash -*/ + */ + +/** + * Verifies that Marlin rendering generates the same images with and without + * clipping optimization with all possible stroke (cap/join) and/or dashes or + * fill modes (EO rules) for paths made of either 9 lines, 4 quads, 2 cubics + * (random). + *

+ * Note: Use the argument {@code -slow} to run more intensive tests (too much + * time). + */ public final class ClipShapeTest { // test options: diff --git a/test/jdk/sun/java2d/marlin/DefaultRenderingEngine.java b/test/jdk/sun/java2d/marlin/DefaultRenderingEngine.java new file mode 100644 index 00000000000..8ba6945d903 --- /dev/null +++ b/test/jdk/sun/java2d/marlin/DefaultRenderingEngine.java @@ -0,0 +1,42 @@ +/* + * Copyright (c) 2020, 2024, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import sun.java2d.pipe.RenderingEngine; + +/** + * @test + * @bug 8241307 + * @summary Verifies that the Marlin renderer is the default RenderingEngine + * @modules java.desktop/sun.java2d.pipe + */ +public final class DefaultRenderingEngine { + + public static void main(String[] argv) { + + final RenderingEngine engine = RenderingEngine.getInstance(); + + if (!engine.getClass().getSimpleName().contains("Marlin")) { + throw new RuntimeException("Marlin must be the default RenderingEngine"); + } + } +} diff --git a/test/jdk/sun/java2d/marlin/ScaleTest.java b/test/jdk/sun/java2d/marlin/ScaleTest.java index bfd56422ba4..c9778a6477a 100644 --- a/test/jdk/sun/java2d/marlin/ScaleTest.java +++ b/test/jdk/sun/java2d/marlin/ScaleTest.java @@ -21,13 +21,17 @@ * questions. */ +/* @test + * @summary Circle is rendered in C shape + * @bug 6829659 8311666 + */ + import java.awt.*; import java.awt.geom.Ellipse2D; import java.awt.image.BufferedImage; import java.io.File; import javax.imageio.ImageIO; - public class ScaleTest { public static void main(String[] args) throws Exception { BufferedImage image = new BufferedImage(200, 200, BufferedImage.TYPE_INT_RGB); diff --git a/test/jdk/sun/java2d/marlin/StrokeShapeTest.java b/test/jdk/sun/java2d/marlin/StrokeShapeTest.java index 41413bff3e4..bc23f29e15d 100644 --- a/test/jdk/sun/java2d/marlin/StrokeShapeTest.java +++ b/test/jdk/sun/java2d/marlin/StrokeShapeTest.java @@ -20,6 +20,12 @@ * or visit www.oracle.com if you need additional information or have any * questions. */ + +/* @test + * @summary StrokeShapeTest: createStrokedShape() behaves differently + * @bug 6829678 8311666 + */ + import java.awt.*; import java.awt.geom.Ellipse2D; import java.awt.geom.GeneralPath; diff --git a/test/jdk/sun/java2d/marlin/ThinLineTest.java b/test/jdk/sun/java2d/marlin/ThinLineTest.java index a1a033c0bd4..7450f4e421d 100644 --- a/test/jdk/sun/java2d/marlin/ThinLineTest.java +++ b/test/jdk/sun/java2d/marlin/ThinLineTest.java @@ -20,6 +20,12 @@ * or visit www.oracle.com if you need additional information or have any * questions. */ + +/* @test + * @summary ThinLineTest: A line < 1 pixel disappears. + * @bug 6829673 8311666 + */ + import java.awt.*; import java.awt.geom.Ellipse2D; import java.awt.image.BufferedImage; diff --git a/test/jdk/sun/jvmstat/monitor/MonitoredVm/MonitorVmStartTerminate.java b/test/jdk/sun/jvmstat/monitor/MonitoredVm/MonitorVmStartTerminate.java index 3a1c425dfee..568e28bdb18 100644 --- a/test/jdk/sun/jvmstat/monitor/MonitoredVm/MonitorVmStartTerminate.java +++ b/test/jdk/sun/jvmstat/monitor/MonitoredVm/MonitorVmStartTerminate.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -98,6 +98,7 @@ public static void main(String... args) throws Exception { System.out.println("Waiting for all processes to get started notification"); listener.started.acquire(PROCESS_COUNT); + System.out.println("Terminating all processes"); for (JavaProcess javaProcess : javaProcesses) { javaProcess.terminate(); } @@ -138,7 +139,7 @@ public void disconnected(HostEvent arg0) { } private void releaseStarted(Set ids) { - System.out.println("realeaseStarted(" + ids + ")"); + System.out.println("releaseStarted(" + ids + ")"); for (Integer id : ids) { releaseStarted(id); } @@ -149,11 +150,12 @@ private void releaseStarted(Integer id) { if (hasMainArgs(id, jp.getMainArgsIdentifier())) { // store id for terminated identification jp.setId(id); - System.out.println("RELEASED (id=" + jp.getId() + ", args=" + jp.getMainArgsIdentifier() + ")"); + System.out.println("RELEASED started (id=" + jp.getId() + ", args=" + jp.getMainArgsIdentifier() + ")"); started.release(); return; } } + System.out.println("releaseStarted: not a test pid: " + id); } private void releaseTerminated(Set ids) { @@ -166,23 +168,44 @@ private void releaseTerminated(Set ids) { private void releaseTerminated(Integer id) { for (JavaProcess jp : processes) { if (id.equals(jp.getId())) { - System.out.println("RELEASED (id=" + jp.getId() + ", args=" + jp.getMainArgsIdentifier() + ")"); + System.out.println("RELEASED terminated (id=" + jp.getId() + ", args=" + jp.getMainArgsIdentifier() + ")"); terminated.release(); return; } } } + private static final int ARGS_ATTEMPTS = 3; + private boolean hasMainArgs(Integer id, String args) { + VmIdentifier vmid = null; try { - VmIdentifier vmid = new VmIdentifier("//" + id.intValue()); - MonitoredVm target = host.getMonitoredVm(vmid); - String monitoredArgs = MonitoredVmUtil.mainArgs(target); - if (monitoredArgs != null && monitoredArgs.contains(args)) { - return true; + vmid = new VmIdentifier("//" + id.intValue()); + } catch (URISyntaxException e) { + System.out.println("hasMainArgs(" + id + "): " + e); + return false; + } + // Retry a failing attempt to check arguments for a match, + // as not recognizing a test process will cause timeout and failure. + for (int i = 0; i < ARGS_ATTEMPTS; i++) { + try { + MonitoredVm target = host.getMonitoredVm(vmid); + String monitoredArgs = MonitoredVmUtil.mainArgs(target); + System.out.println("hasMainArgs(" + id + "): has main args: '" + monitoredArgs + "'"); + if (monitoredArgs == null || monitoredArgs.equals("Unknown")) { + System.out.println("hasMainArgs(" + id + "): retry" ); + takeNap(); + continue; + } else if (monitoredArgs.contains(args)) { + return true; + } else { + return false; + } + } catch (MonitorException e) { + // Process probably not running or not ours, e.g. + // sun.jvmstat.monitor.MonitorException: Could not attach to PID + System.out.println("hasMainArgs(" + id + "): " + e); } - } catch (URISyntaxException | MonitorException e) { - // ok. process probably not running } return false; } @@ -247,14 +270,6 @@ private static void waitForRemoval(Path path) { } } - private static void takeNap() { - try { - Thread.sleep(100); - } catch (InterruptedException e) { - // ignore - } - } - private final String mainArgsIdentifier; private final ShutdownHook shutdownHook; private volatile Integer id; @@ -308,10 +323,9 @@ public void terminate() { private void executeJava() throws Throwable { String className = JavaProcess.class.getName(); - String classPath = System.getProperty("test.classes"); - ProcessBuilder pb = ProcessTools.createJavaProcessBuilder( + ProcessBuilder pb = ProcessTools.createTestJvm( "-Dtest.timeout.factor=" + System.getProperty("test.timeout.factor", "1.0"), - "-cp", classPath, className, mainArgsIdentifier); + className, mainArgsIdentifier); OutputAnalyzer ob = ProcessTools.executeProcess(pb); System.out.println("Java Process " + getMainArgsIdentifier() + " stderr:" + ob.getStderr()); @@ -323,4 +337,12 @@ public String getMainArgsIdentifier() { return mainArgsIdentifier; } } + + public static void takeNap() { + try { + Thread.sleep(1000); + } catch (InterruptedException e) { + // ignore + } + } } diff --git a/test/jdk/sun/management/jmxremote/bootstrap/CustomLauncherTest.java b/test/jdk/sun/management/jmxremote/bootstrap/CustomLauncherTest.java index 880edd756b0..5108549b96f 100644 --- a/test/jdk/sun/management/jmxremote/bootstrap/CustomLauncherTest.java +++ b/test/jdk/sun/management/jmxremote/bootstrap/CustomLauncherTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2013, 2020, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -21,22 +21,16 @@ * questions. */ -import java.io.File; -import java.io.IOException; -import java.nio.file.FileSystem; -import java.nio.file.FileSystems; +import jdk.test.lib.Utils; +import jdk.test.lib.Platform; +import jdk.test.lib.process.ProcessTools; + import java.nio.file.Files; -import java.nio.file.LinkOption; import java.nio.file.Path; -import java.nio.file.StandardCopyOption; -import java.nio.file.attribute.PosixFilePermission; -import java.util.HashSet; -import java.util.Set; +import java.nio.file.Paths; import java.util.concurrent.TimeUnit; import java.util.concurrent.atomic.AtomicReference; -import jdk.test.lib.process.ProcessTools; - /** * @test * @bug 6434402 8004926 @@ -47,80 +41,35 @@ * jdk.attach * jdk.management.agent/jdk.internal.agent * + * @requires (os.family == "linux" | os.family == "solaris") * @build TestManager TestApplication CustomLauncherTest - * @run main/othervm CustomLauncherTest + * @run main/othervm/native CustomLauncherTest */ public class CustomLauncherTest { - private static final String TEST_CLASSPATH = System.getProperty("test.class.path"); - private static final String TEST_JDK = System.getProperty("test.jdk"); - private static final String WORK_DIR = System.getProperty("user.dir"); - private static final String TEST_SRC = System.getProperty("test.src"); - private static final String OSNAME = System.getProperty("os.name"); - private static final String ARCH; - static { - // magic with os.arch - String osarch = System.getProperty("os.arch"); - switch (osarch) { - case "i386": - case "i486": - case "i586": - case "i686": - case "i786": - case "i886": - case "i986": { - ARCH = "i586"; - break; - } - case "x86_64": - case "amd64": { - ARCH = "amd64"; - break; - } - case "sparc": - ARCH = "sparcv9"; - break; - default: { - ARCH = osarch; - } - } - } + public static final String TEST_NATIVE_PATH = System.getProperty("test.nativepath"); public static void main(String[] args) throws Exception { - if (TEST_CLASSPATH == null || TEST_CLASSPATH.isEmpty()) { + if (".".equals(Utils.TEST_CLASS_PATH)) { System.out.println("Test is designed to be run from jtreg only"); return; } - if (getPlatform() == null) { - System.out.println("Test not designed to run on this operating " + - "system (" + OSNAME + "), skipping..."); - return; - } - - final FileSystem FS = FileSystems.getDefault(); - - Path libjvmPath = findLibjvm(FS); - if (libjvmPath == null) { - throw new Error("Unable to locate 'libjvm.so' in " + TEST_JDK); - } - + Path libjvm = Platform.jvmLibDir().resolve("libjvm.so"); Process serverPrc = null, clientPrc = null; try { - String[] launcher = getLauncher(); - - if (launcher == null) return; // launcher not available for the tested platform; skip + String launcher = getLauncher(); System.out.println("Starting custom launcher:"); System.out.println("========================="); - System.out.println(" launcher : " + launcher[0]); - System.out.println(" libjvm : " + libjvmPath.toString()); - System.out.println(" classpath : " + TEST_CLASSPATH); + System.out.println(" launcher : " + launcher); + System.out.println(" libjvm : " + libjvm); + System.out.println(" classpath : " + Utils.TEST_CLASS_PATH); ProcessBuilder server = new ProcessBuilder( - launcher[1], - libjvmPath.toString(), - TEST_CLASSPATH, + launcher, + libjvm.toString(), + Utils.TEST_CLASS_PATH, "TestApplication" ); @@ -148,7 +97,7 @@ public static void main(String[] args) throws Exception { ProcessBuilder client = ProcessTools.createJavaProcessBuilder( "-cp", - TEST_CLASSPATH, + Utils.TEST_CLASS_PATH, "--add-exports", "jdk.management.agent/jdk.internal.agent=ALL-UNNAMED", "TestManager", String.valueOf(serverPrc.pid()), @@ -182,87 +131,8 @@ public static void main(String[] args) throws Exception { } } - private static Path findLibjvm(FileSystem FS) { - Path libjvmPath = findLibjvm(FS.getPath(TEST_JDK, "lib")); - return libjvmPath; - } - - private static Path findLibjvm(Path libPath) { - // libjvm.so -> server/libjvm.so -> client/libjvm.so - Path libjvmPath = libPath.resolve("libjvm.so"); - if (isFileOk(libjvmPath)) { - return libjvmPath; - } - libjvmPath = libPath.resolve("server/libjvm.so"); - if (isFileOk(libjvmPath)) { - return libjvmPath; - } - libjvmPath = libPath.resolve("client/libjvm.so"); - if (isFileOk(libPath)) { - return libjvmPath; - } - - return null; - } - - private static boolean isFileOk(Path path) { - return Files.isRegularFile(path) && Files.isReadable(path); - } - - private static String getPlatform() { - String platform = null; - switch (OSNAME.toLowerCase()) { - case "linux": { - platform = "linux"; - break; - } - case "sunos": { - platform = "solaris"; - break; - } - default: { - platform = null; - } - } - - return platform; - } - - private static String[] getLauncher() throws IOException { - String platform = getPlatform(); - if (platform == null) { - return null; - } - - String launcher = TEST_SRC + File.separator + platform + "-" + ARCH + - File.separator + "launcher"; - - final FileSystem FS = FileSystems.getDefault(); - Path launcherPath = FS.getPath(launcher); - - final boolean hasLauncher = Files.isRegularFile(launcherPath, LinkOption.NOFOLLOW_LINKS)&& - Files.isReadable(launcherPath); - if (!hasLauncher) { - System.out.println("Launcher [" + launcher + "] does not exist. Skipping the test."); - return null; - } - - // It is impossible to store an executable file in the source control - // We need to copy the launcher to the working directory - // and set the executable flag - Path localLauncherPath = FS.getPath(WORK_DIR, "launcher"); - Files.copy(launcherPath, localLauncherPath, - StandardCopyOption.REPLACE_EXISTING); - if (!Files.isExecutable(localLauncherPath)) { - Set perms = new HashSet<>( - Files.getPosixFilePermissions( - localLauncherPath, - LinkOption.NOFOLLOW_LINKS - ) - ); - perms.add(PosixFilePermission.OWNER_EXECUTE); - Files.setPosixFilePermissions(localLauncherPath, perms); - } - return new String[] {launcher, localLauncherPath.toAbsolutePath().toString()}; + private static String getLauncher() { + Path launcherPath = Paths.get(TEST_NATIVE_PATH, "launcher"); + return launcherPath.toAbsolutePath().toString(); } } diff --git a/test/jdk/sun/management/jmxremote/bootstrap/JMXAgentInterfaceBinding.java b/test/jdk/sun/management/jmxremote/bootstrap/JMXAgentInterfaceBinding.java index 4647f280fef..93200bd6341 100644 --- a/test/jdk/sun/management/jmxremote/bootstrap/JMXAgentInterfaceBinding.java +++ b/test/jdk/sun/management/jmxremote/bootstrap/JMXAgentInterfaceBinding.java @@ -28,10 +28,13 @@ import java.net.Socket; import java.net.SocketAddress; import java.net.UnknownHostException; +import java.nio.charset.StandardCharsets; import java.util.HashMap; import java.util.Map; import java.util.concurrent.CountDownLatch; import java.util.concurrent.TimeUnit; +import java.util.regex.Matcher; +import java.util.regex.Pattern; import javax.management.remote.JMXConnector; import javax.management.remote.JMXConnectorFactory; @@ -135,9 +138,9 @@ private static class JMXConnectorThread extends Thread { private final int rmiPort; private final boolean useSSL; private final CountDownLatch latch; - private boolean failed; - private boolean jmxConnectWorked; - private boolean rmiConnectWorked; + private volatile boolean failed; + private volatile boolean jmxConnectWorked; + private volatile boolean rmiConnectWorked; private JMXConnectorThread(String addr, int jmxPort, @@ -156,6 +159,7 @@ public void run() { try { connect(); } catch (IOException e) { + e.printStackTrace(); failed = true; } } @@ -223,14 +227,16 @@ public boolean rmiConnectionWorked() { private static class MainThread extends Thread { - private static final int WAIT_FOR_JMX_AGENT_TIMEOUT_MS = 500; + private static final String EXP_TERM_MSG_REG = "Exit: ([0-9]+)"; + private static final Pattern EXIT_PATTERN = Pattern.compile(EXP_TERM_MSG_REG); + private static final String COOP_EXIT = "MainThread: Cooperative Exit"; + private static final int WAIT_FOR_JMX_AGENT_TIMEOUT_MS = 20_000; private final String addr; private final int jmxPort; private final int rmiPort; private final boolean useSSL; - private boolean terminated = false; private boolean jmxAgentStarted = false; - private Exception excptn; + private volatile Exception excptn; private MainThread(InetAddress bindAddress, int jmxPort, int rmiPort, boolean useSSL) { this.addr = wrapAddress(bindAddress.getHostAddress()); @@ -243,14 +249,16 @@ private MainThread(InetAddress bindAddress, int jmxPort, int rmiPort, boolean us public void run() { try { waitUntilReadyForConnections(); - // Do nothing, but wait for termination. - try { - while (!terminated) { - Thread.sleep(100); - } - } catch (InterruptedException e) { // ignore + + // Wait for termination message + String actualTerm = new String(System.in.readAllBytes(), StandardCharsets.UTF_8).trim(); + System.err.println("DEBUG: MainThread: actualTerm: '" + actualTerm + "'"); + Matcher matcher = EXIT_PATTERN.matcher(actualTerm); + if (matcher.matches()) { + int expExitCode = Integer.parseInt(matcher.group(1)); + System.out.println(COOP_EXIT); + System.exit(expExitCode); // The main test expects this exit value } - System.out.println("MainThread: Thread stopped."); } catch (Exception e) { this.excptn = e; } diff --git a/test/jdk/sun/management/jmxremote/bootstrap/JMXInterfaceBindingTest.java b/test/jdk/sun/management/jmxremote/bootstrap/JMXInterfaceBindingTest.java index 6899c014b9f..3d6f25052ec 100644 --- a/test/jdk/sun/management/jmxremote/bootstrap/JMXInterfaceBindingTest.java +++ b/test/jdk/sun/management/jmxremote/bootstrap/JMXInterfaceBindingTest.java @@ -24,6 +24,7 @@ import java.io.File; import java.net.InetAddress; import java.net.NetworkInterface; +import java.net.UnknownHostException; import java.net.SocketException; import java.util.ArrayList; import java.util.List; @@ -33,33 +34,32 @@ import jdk.test.lib.process.ProcessTools; /** - * NOTE: - * This test requires at least a setup similar to the following in - * /etc/hosts file (or the windows equivalent). I.e. it expects it to - * be multi-homed and not both being the loop-back interface. - * For example: - * ----->8-------- /etc/hosts ----------->8--- - * 127.0.0.1 localhost - * 192.168.0.1 localhost - * ----->8-------- /etc/hosts ----------->8--- - * * @test * @bug 6425769 * @summary Test JMX agent host address binding. Same ports but different - * interfaces to bind to (using plain sockets and SSL sockets). + * interfaces to bind to (selecting plain or SSL sockets at random + * @key intermittent * * @library /test/lib * @modules java.management.rmi * * @build JMXAgentInterfaceBinding - * @run main/timeout=5 JMXInterfaceBindingTest + * @run main/timeout=60 JMXInterfaceBindingTest */ public class JMXInterfaceBindingTest { public static final int COMMUNICATION_ERROR_EXIT_VAL = 1; - public static final int STOP_PROCESS_EXIT_VAL = 143; - public static final int JMX_PORT = 9111; - public static final int RMI_PORT = 9112; + public static final int STOP_PROCESS_EXIT_VAL = 10; + public static final int JMX_PORT_RANGE_LOWER = 9100; + public static final int JMX_PORT_RANGE_UPPER = 9200; + public static final int JMX_PORT = getRandomPortInRange(JMX_PORT_RANGE_LOWER, + JMX_PORT_RANGE_UPPER); + public static final int JMX_PORT_RANGE_LOWER_SSL = 9201; // 9200 might be RMI Port + public static final int JMX_PORT_RANGE_UPPER_SSL = 9300; + public static final int JMX_PORT_SSL = getRandomPortInRange(JMX_PORT_RANGE_LOWER_SSL, + JMX_PORT_RANGE_UPPER_SSL); + public static final int RMI_PORT = JMX_PORT + 1; + public static final int RMI_PORT_SSL = JMX_PORT_SSL + 1; public static final String READY_MSG = "MainThread: Ready for connections"; public static final String TEST_CLASS = JMXAgentInterfaceBinding.class.getSimpleName(); public static final String KEYSTORE_LOC = System.getProperty("test.src", ".") + @@ -89,8 +89,8 @@ private void runTests(List addrs, boolean useSSL) { System.out.println(); String msg = String.format("DEBUG: Launching java tester for triplet (HOSTNAME,JMX_PORT,RMI_PORT) == (%s,%d,%d)", address, - JMX_PORT, - RMI_PORT); + useSSL ? JMX_PORT_SSL : JMX_PORT, + useSSL ? RMI_PORT_SSL : RMI_PORT); System.out.println(msg); ProcessThread jvm = runJMXBindingTest(address, useSSL); jvms.add(jvm); @@ -100,9 +100,9 @@ private void runTests(List addrs, boolean useSSL) { int failedProcesses = 0; for (ProcessThread pt: jvms) { try { - pt.stopProcess(); + pt.sendMessage("Exit: " + STOP_PROCESS_EXIT_VAL); pt.join(); - } catch (InterruptedException e) { + } catch (Throwable e) { System.err.println("Failed to stop process: " + pt.getName()); throw new RuntimeException("Test failed", e); } @@ -131,10 +131,12 @@ private ProcessThread runJMXBindingTest(String address, boolean useSSL) { args.add("-classpath"); args.add(TEST_CLASSPATH); args.add("-Dcom.sun.management.jmxremote.host=" + address); - args.add("-Dcom.sun.management.jmxremote.port=" + JMX_PORT); - args.add("-Dcom.sun.management.jmxremote.rmi.port=" + RMI_PORT); + args.add("-Dcom.sun.management.jmxremote.port=" + (useSSL ? JMX_PORT_SSL : JMX_PORT)); + args.add("-Dcom.sun.management.jmxremote.rmi.port=" + (useSSL ? RMI_PORT_SSL : RMI_PORT)); args.add("-Dcom.sun.management.jmxremote.authenticate=false"); args.add("-Dcom.sun.management.jmxremote.ssl=" + Boolean.toString(useSSL)); + // This is needed for testing on loopback + args.add("-Djava.rmi.server.hostname=" + address); if (useSSL) { args.add("-Dcom.sun.management.jmxremote.registry.ssl=true"); args.add("-Djavax.net.ssl.keyStore=" + KEYSTORE_LOC); @@ -144,8 +146,8 @@ private ProcessThread runJMXBindingTest(String address, boolean useSSL) { } args.add(TEST_CLASS); args.add(address); - args.add(Integer.toString(JMX_PORT)); - args.add(Integer.toString(RMI_PORT)); + args.add(Integer.toString(useSSL ? JMX_PORT_SSL : JMX_PORT)); + args.add(Integer.toString(useSSL ? RMI_PORT_SSL : RMI_PORT)); args.add(Boolean.toString(useSSL)); try { ProcessBuilder builder = ProcessTools.createJavaProcessBuilder(args.toArray(new String[] {})); @@ -175,35 +177,42 @@ private static boolean isJMXAgentResponseAvailable(String line) { } } + private static int getRandomPortInRange(int lower, int upper) { + if (upper <= lower) { + throw new IllegalArgumentException("upper <= lower"); + } + int range = upper - lower; + int randPort = lower + (int)(Math.random() * range); + return randPort; + } + public static void main(String[] args) { - List addrs = getAddressesForLocalHost(); - if (addrs.size() < 2) { - System.out.println("Ignoring manual test since no more than one IPs are configured for 'localhost'"); + List addrs = getNonLoopbackAddressesForLocalHost(); + if (addrs.isEmpty()) { + System.out.println("Ignoring test since no non-loopback IPs are available to bind to " + + "in addition to the loopback interface."); return; } JMXInterfaceBindingTest test = new JMXInterfaceBindingTest(); + // Add loopback interface too as we'd like to verify whether it's + // possible to bind to multiple addresses on the same host. This + // wasn't possible prior JDK-6425769. It used to bind to *all* local + // interfaces. We add loopback here, since that eases test setup. + addrs.add(InetAddress.getLoopbackAddress()); test.run(addrs); System.out.println("All tests PASSED."); } - private static List getAddressesForLocalHost() { - + private static List getNonLoopbackAddressesForLocalHost() { + List addrs = new ArrayList<>(); try { - return NetworkInterface.networkInterfaces() - .flatMap(NetworkInterface::inetAddresses) - .filter(JMXInterfaceBindingTest::isNonloopbackLocalhost) - .collect(Collectors.toList()); - } catch (SocketException e) { + InetAddress localHost = InetAddress.getLocalHost(); + if (!localHost.isLoopbackAddress()) { + addrs.add(localHost); + } + return addrs; + } catch (UnknownHostException e) { throw new RuntimeException("Test failed", e); } } - - // we need 'real' localhost addresses only (eg. not loopback ones) - // so we can bind the remote JMX connector to them - private static boolean isNonloopbackLocalhost(InetAddress i) { - if (!i.isLoopbackAddress()) { - return i.getHostName().toLowerCase().equals("localhost"); - } - return false; - } } diff --git a/test/jdk/sun/management/jmxremote/bootstrap/Makefile b/test/jdk/sun/management/jmxremote/bootstrap/Makefile deleted file mode 100644 index 9e1fc922db6..00000000000 --- a/test/jdk/sun/management/jmxremote/bootstrap/Makefile +++ /dev/null @@ -1,80 +0,0 @@ -# Copyright (c) 2006, 2007, Oracle and/or its affiliates. All rights reserved. -# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. -# -# This code is free software; you can redistribute it and/or modify it -# under the terms of the GNU General Public License version 2 only, as -# published by the Free Software Foundation. -# -# This code is distributed in the hope that it will be useful, but WITHOUT -# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or -# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License -# version 2 for more details (a copy is included in the LICENSE file that -# accompanied this code). -# -# You should have received a copy of the GNU General Public License version -# 2 along with this work; if not, write to the Free Software Foundation, -# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# -# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA -# or visit www.oracle.com if you need additional information or have any -# questions. - -# -# This Makefile is used to generate versions of the launcher program for -# use by the CustomLauncherTest. The binaries are checked into SCCS -# so this Makefile is not used as part of test run. It is provided to -# make rebuilding the launcher binaries a relatively painless activity. -# - -# -# Edit the following to reflect the current build environment. -# -# Architecture being built (initially one of: solaris-sparc, solaris-i586, -# linux-i586. -# -PLATFORM=solaris -ARCH=sparc -OUTPUT_DIR =$(PLATFORM)-$(ARCH) - -# -# Path to C compiler -# -# As of 6/1/06: -# Solaris CC=/java/devtools/$(ARCH)/SUNWspro/SS11/bin/cc -# Linux CC=/usr/bin/gcc -# -CC=/java/devtools/$(ARCH)/SUNWspro/SS11/bin/cc - -# -# Include directory in JRE or JDK install -# -JINCLUDE=/java/re/jdk/1.6.0/latest/binaries/$(OUTPUT_DIR)/include - -# -# PLATFORM dependent flags -# -# On pre-Solaris 10, -lthread is required. -# -ifeq ($(PLATFORM), solaris) - PLATFORM_LIBS= -lthread -else - PLATFORM_LIBS= -endif - -# -# Targets -# -all: install - -$(PLATFORM): - mkdir $(OUTPUT_DIR) $(OUTPUT_DIR)/SCCS - -install: $(PLATFORM) - $(CC) -I$(JINCLUDE) -I$(JINCLUDE)/$(PLATFORM) \ - -o $(OUTPUT_DIR)/launcher launcher.c $(PLATFORM_LIBS) -ldl - -clean: - - -clobber: clean - rm $(OUTPUT_DIR)/launcher diff --git a/test/jdk/sun/management/jmxremote/bootstrap/RmiRegistrySslTest.java b/test/jdk/sun/management/jmxremote/bootstrap/RmiRegistrySslTest.java index 2756d008e77..93b9181a918 100644 --- a/test/jdk/sun/management/jmxremote/bootstrap/RmiRegistrySslTest.java +++ b/test/jdk/sun/management/jmxremote/bootstrap/RmiRegistrySslTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2013, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -195,7 +195,7 @@ private int doTest(String... args) throws Exception { System.out.println("test output:"); System.out.println(output.getOutput()); - if (!output.getOutput().contains("Exception thrown by the agent : " + + if (!output.getOutput().contains("Exception thrown by the agent: " + "java.rmi.server.ExportException: Port already in use")) { return output.getExitValue(); } diff --git a/test/jdk/sun/management/jmxremote/bootstrap/exelauncher.c b/test/jdk/sun/management/jmxremote/bootstrap/exelauncher.c new file mode 100644 index 00000000000..46f30d9e157 --- /dev/null +++ b/test/jdk/sun/management/jmxremote/bootstrap/exelauncher.c @@ -0,0 +1,112 @@ +/* + * Copyright (c) 2006, 2020, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * A miniature launcher for use by CustomLauncherTest.java test. It sets + * up the absolute minimal execution environment. + */ +#include +#include +#include + +#include "jni.h" + +typedef jint (*create_vm_func)(JavaVM **, void**, void*); + +void *JNU_FindCreateJavaVM(char *vmlibpath) { + void *libVM = dlopen(vmlibpath, RTLD_LAZY); + if (libVM == NULL) { + return NULL; + } + return dlsym(libVM, "JNI_CreateJavaVM"); +} + +#define CP_PROP "-Djava.class.path=" + +int main(int argc, char**argv) { + JNIEnv *env; + JavaVM *jvm; + jint res; + jclass cls; + jmethodID mid; + jstring jstr; + jclass stringClass; + jobjectArray args; + create_vm_func create_vm; + JavaVMInitArgs vm_args; + char* cp_prop; + JavaVMOption options[1]; + + if (argc < 4) { + fprintf(stderr, "Usage: %s jvm-path classpath class\n", argv[0]); + return -1; + } + cp_prop = (char*)malloc(strlen(CP_PROP)+strlen(argv[2]) +1); + sprintf(cp_prop, "%s%s", CP_PROP, argv[2]); + + options[0].optionString = cp_prop; + vm_args.version = 0x00010002; + vm_args.options = options; + vm_args.nOptions = 1; + vm_args.ignoreUnrecognized = JNI_TRUE; + + create_vm = (create_vm_func)JNU_FindCreateJavaVM(argv[1]); + if (create_vm == NULL) { + fprintf(stderr, "can't get address of JNI_CreateJavaVM\n"); + return -1; + } + + res = (*create_vm)(&jvm, (void**)&env, &vm_args); + if (res < 0) { + fprintf(stderr, "Can't create Java VM\n"); + return -1; + } + cls = (*env)->FindClass(env, argv[3]); + if (cls == NULL) { + goto destroy; + } + + mid = (*env)->GetStaticMethodID(env, cls, "main", + "([Ljava/lang/String;)V"); + if (mid == NULL) { + goto destroy; + } + jstr = (*env)->NewStringUTF(env, " from C!"); + if (jstr == NULL) { + goto destroy; + } + stringClass = (*env)->FindClass(env, "java/lang/String"); + args = (*env)->NewObjectArray(env, 1, stringClass, jstr); + if (args == NULL) { + goto destroy; + } + (*env)->CallStaticVoidMethod(env, cls, mid, args); + + destroy: + if ((*env)->ExceptionOccurred(env)) { + (*env)->ExceptionDescribe(env); + } + (*jvm)->DestroyJavaVM(jvm); + + return 0; + } diff --git a/test/jdk/sun/management/jmxremote/bootstrap/launcher.c b/test/jdk/sun/management/jmxremote/bootstrap/launcher.c deleted file mode 100644 index e11fea33584..00000000000 --- a/test/jdk/sun/management/jmxremote/bootstrap/launcher.c +++ /dev/null @@ -1,112 +0,0 @@ -/* - * Copyright (c) 2006, 2007, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -/* - * A minature launcher for use by CustomLauncherTest.sh. It sets - * up the absolute minimal execution environment. - */ -#include -#include -#include - -#include "jni.h" - -typedef jint (*create_vm_func)(JavaVM **, void**, void*); - -void *JNU_FindCreateJavaVM(char *vmlibpath) { - void *libVM = dlopen(vmlibpath, RTLD_LAZY); - if (libVM == NULL) { - return NULL; - } - return dlsym(libVM, "JNI_CreateJavaVM"); -} - -#define CP_PROP "-Djava.class.path=" - -int main(int argc, char**argv) { - JNIEnv *env; - JavaVM *jvm; - jint res; - jclass cls; - jmethodID mid; - jstring jstr; - jclass stringClass; - jobjectArray args; - create_vm_func create_vm; - JavaVMInitArgs vm_args; - char* cp_prop; - JavaVMOption options[1]; - - if (argc < 4) { - fprintf(stderr, "Usage: %s jvm-path classpath class\n", argv[0]); - return -1; - } - cp_prop = (char*)malloc(strlen(CP_PROP)+strlen(argv[2]) +1); - sprintf(cp_prop, "%s%s", CP_PROP, argv[2]); - - options[0].optionString = cp_prop; - vm_args.version = 0x00010002; - vm_args.options = options; - vm_args.nOptions = 1; - vm_args.ignoreUnrecognized = JNI_TRUE; - - create_vm = (create_vm_func)JNU_FindCreateJavaVM(argv[1]); - if (create_vm == NULL) { - fprintf(stderr, "can't get address of JNI_CreateJavaVM\n"); - return -1; - } - - res = (*create_vm)(&jvm, (void**)&env, &vm_args); - if (res < 0) { - fprintf(stderr, "Can't create Java VM\n"); - return -1; - } - cls = (*env)->FindClass(env, argv[3]); - if (cls == NULL) { - goto destroy; - } - - mid = (*env)->GetStaticMethodID(env, cls, "main", - "([Ljava/lang/String;)V"); - if (mid == NULL) { - goto destroy; - } - jstr = (*env)->NewStringUTF(env, " from C!"); - if (jstr == NULL) { - goto destroy; - } - stringClass = (*env)->FindClass(env, "java/lang/String"); - args = (*env)->NewObjectArray(env, 1, stringClass, jstr); - if (args == NULL) { - goto destroy; - } - (*env)->CallStaticVoidMethod(env, cls, mid, args); - - destroy: - if ((*env)->ExceptionOccurred(env)) { - (*env)->ExceptionDescribe(env); - } - (*jvm)->DestroyJavaVM(jvm); - - return 0; - } diff --git a/test/jdk/sun/management/jmxremote/bootstrap/linux-amd64/launcher b/test/jdk/sun/management/jmxremote/bootstrap/linux-amd64/launcher deleted file mode 100644 index 6df223c91c7..00000000000 Binary files a/test/jdk/sun/management/jmxremote/bootstrap/linux-amd64/launcher and /dev/null differ diff --git a/test/jdk/sun/management/jmxremote/bootstrap/linux-i586/launcher b/test/jdk/sun/management/jmxremote/bootstrap/linux-i586/launcher deleted file mode 100644 index 072d8048f82..00000000000 Binary files a/test/jdk/sun/management/jmxremote/bootstrap/linux-i586/launcher and /dev/null differ diff --git a/test/jdk/sun/management/jmxremote/bootstrap/solaris-amd64/launcher b/test/jdk/sun/management/jmxremote/bootstrap/solaris-amd64/launcher deleted file mode 100644 index ac766def9e6..00000000000 Binary files a/test/jdk/sun/management/jmxremote/bootstrap/solaris-amd64/launcher and /dev/null differ diff --git a/test/jdk/sun/management/jmxremote/bootstrap/solaris-sparcv9/launcher b/test/jdk/sun/management/jmxremote/bootstrap/solaris-sparcv9/launcher deleted file mode 100644 index 8ac4061b520..00000000000 Binary files a/test/jdk/sun/management/jmxremote/bootstrap/solaris-sparcv9/launcher and /dev/null differ diff --git a/test/jdk/sun/misc/URLClassPath/LargeClasspathWithPkgPrefix.java b/test/jdk/sun/misc/URLClassPath/LargeClasspathWithPkgPrefix.java new file mode 100644 index 00000000000..1937f0b1f5d --- /dev/null +++ b/test/jdk/sun/misc/URLClassPath/LargeClasspathWithPkgPrefix.java @@ -0,0 +1,138 @@ +/* + * Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.io.File; +import java.nio.file.Files; +import java.nio.file.Path; + +import jdk.test.lib.JDKToolFinder; +import jdk.test.lib.compiler.CompilerUtils; +import jdk.test.lib.process.OutputAnalyzer; +import jdk.test.lib.process.ProcessTools; + +/* + * @test + * @bug 8308184 + * @summary Verify that an application can be launched when the classpath contains large number of + * jars and the java.protocol.handler.pkgs system property is set + * @library /lib/testlibrary/java/util/jar /test/lib/ + * @build JarBuilder jdk.test.lib.compiler.CompilerUtils + * jdk.test.lib.process.ProcessTools + * @run driver LargeClasspathWithPkgPrefix + */ +public class LargeClasspathWithPkgPrefix { + + private static final Path CWD = Path.of("."); + + private static final String JAVA_MAIN_CONTENT = + "public class Foo {\n" + + " public static void main(String[] args) throws Exception {\n" + + " if (args.length != 0) {\n" + + " System.out.println(\"unexpected args: \" + java.util.Arrays.toString(args));\n" + + " System.exit(1);\n" + + " }\n" + + " System.out.println(\"Running application on Java version: \"\n" + + " + System.getProperty(\"java.version\"));\n" + + " System.out.println(\"Application launched with java.protocol.handler.pkgs=\"\n" + + " + System.getProperty(\"java.protocol.handler.pkgs\"));\n" + + " System.out.println(\"Application launched with classpath: \"\n" + + " + System.getProperty(\"java.class.path\"));\n" + + " System.out.println(\"Hello World\");\n" + + " }\n" + + "}\n"; + + public static void main(final String[] args) throws Exception { + // dir to which the application main's .class file will be compiled to + Path classesDir = Files.createTempDirectory(CWD, "8308184-classes").toAbsolutePath(); + // dir contains many jars + Path libDir = Files.createTempDirectory(CWD, "8308184-libs").toAbsolutePath(); + Files.createDirectories(libDir); + + // trivial jar file + Path jarPath = Path.of(libDir.toString(), "8308184-dummy.jar"); + createJar(jarPath); + + // create multiple such jar files in the lib dir + int numCopies = 750; + long start = System.currentTimeMillis(); + for (int i = 1; i <= numCopies; i++) { + Path dest = Path.of(libDir.toString(), "8308184-dummy-" + i + ".jar"); + Files.copy(jarPath, dest); + } + long end = System.currentTimeMillis(); + System.out.println("Created " + numCopies + " jars under " + libDir + + ", took " + (end - start) + " milli seconds"); + + // create the application's main java file + Path fooJavaSrcFile = Path.of(classesDir.toString(), "Foo.java"); + Files.writeString(fooJavaSrcFile, JAVA_MAIN_CONTENT); + + // compile this java file + compile(fooJavaSrcFile, classesDir); + + // Create the classpath string. It is important that the classes directory which contains + // application's main class, is at the end of the classpath (or too far into the classpath). + // The initial entries in the classpath should be jar files. + // constructed classpath is of the form -cp lib/*:classes/ + // (the * in lib/* is parsed/interpreted by the java launcher and includes all jars in that + // directory) + String classpath = File.pathSeparator + libDir.toString() + "/*" + + File.pathSeparator + classesDir.toString(); + // launch the application + launchApplication(classpath); + // test passed successfully, we don't need the lib directory which has too many jars, + // anymore. we let the dir stay only if the test fails, for debug purpose + libDir.toFile().deleteOnExit(); + } + + // creates a trivial jar file + private static void createJar(Path p) throws Exception { + JarBuilder jb = new JarBuilder(p.toString()); + jb.addEntry("foobar.txt", "foobar".getBytes()); + jb.build(); + System.out.println("Created jar at " + p); + } + + // compile to + private static void compile(Path javaFile, Path destDir) throws Exception { + boolean compiled = CompilerUtils.compile(javaFile, destDir); + if (!compiled) { + // compilation failure log/reason would already be available on System.out/err + throw new AssertionError("Compilation failed for " + javaFile); + } + } + + // java -Djava.protocol.handler.pkgs=foo.bar.some.nonexistent.pkg -cp Foo + private static void launchApplication(String classPath) throws Exception { + String java = JDKToolFinder.getJDKTool("java"); + ProcessBuilder pb = new ProcessBuilder(java, + "-Djava.protocol.handler.pkgs=foo.bar.some.nonexistent.pkg", + "-cp", classPath, + "Foo"); + pb.directory(CWD.toFile()); + System.out.println("Launching java application: " + pb.command()); + OutputAnalyzer analyzer = ProcessTools.executeProcess(pb); + analyzer.shouldHaveExitValue(0); + analyzer.shouldContain("Hello World"); + } +} diff --git a/test/jdk/sun/net/InetAddress/nameservice/simple/DefaultCaching.java b/test/jdk/sun/net/InetAddress/nameservice/simple/DefaultCaching.java index df3aef6e232..747b1c69776 100644 --- a/test/jdk/sun/net/InetAddress/nameservice/simple/DefaultCaching.java +++ b/test/jdk/sun/net/InetAddress/nameservice/simple/DefaultCaching.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2006, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -33,98 +33,126 @@ import java.io.FileWriter; import java.io.PrintWriter; import java.io.BufferedWriter; +import java.nio.file.Files; +import java.nio.file.Path; +import static java.nio.file.StandardCopyOption.REPLACE_EXISTING; public class DefaultCaching { public static void main(String args[]) throws Exception { - String hostsFileName = System.getProperty("test.src", ".") + "/DefaultCachingHosts"; + String hostsFileNameSrc = System.getProperty("test.src", ".") + "/DefaultCachingHosts"; + String hostsFileName = System.getProperty("user.dir", ".") + "/DefaultCachingHosts"; + if (!hostsFileNameSrc.equals(hostsFileName)) { + Files.copy(Path.of(hostsFileNameSrc), Path.of(hostsFileName), REPLACE_EXISTING); + System.out.println("Host file created: " + hostsFileName); + } System.setProperty("jdk.net.hosts.file", hostsFileName); // initial mapping // name service needs to resolve this. addMappingToHostsFile("theclub", "129.156.220.219", hostsFileName, false); - test ("theclub", "129.156.220.219", true); // lk: 1 - test ("luster", "1.16.20.2", false); // lk: 2 + test("theclub", "129.156.220.219", true); // lk: 1 + test("luster", "1.16.20.2", false); // lk: 2 // name service now needs to know about luster addMappingToHostsFile("luster", "10.5.18.21", hostsFileName, true); - test ("luster", "1.16.20.2", false); // lk: 2 - sleep (10+1); + test("luster", "1.16.20.2", false); // lk: 2 + sleep(10+1); test("luster", "10.5.18.21", true, 3); // lk: 3 - sleep (5); + sleep(5); // new mapping for theclub and rewrite existing foo and luster mappings addMappingToHostsFile("theclub", "129.156.220.1", hostsFileName, false); addMappingToHostsFile("foo", "10.5.18.22", hostsFileName, true); addMappingToHostsFile("luster", "10.5.18.21", hostsFileName, true); - test ("theclub", "129.156.220.219", true, 3); - test ("luster", "10.5.18.21", true, 3); - test ("bar", "10.5.18.22", false, 4); - test ("foo", "10.5.18.22", true, 5); + test("theclub", "129.156.220.219", true, 3); + test("luster", "10.5.18.21", true, 3); + test("bar", "10.5.18.22", false, 4); + test("foo", "10.5.18.22", true, 5); // now delay to see if theclub has expired - sleep (5); + sleep(5); - test ("foo", "10.5.18.22", true, 5); - test ("theclub", "129.156.220.1", true, 6); + test("foo", "10.5.18.22", true, 5); + test("theclub", "129.156.220.1", true, 6); - sleep (11); + sleep(11); // now see if luster has expired - test ("luster", "10.5.18.21", true, 7); - test ("theclub", "129.156.220.1", true, 7); + test("luster", "10.5.18.21", true, 7); + test("theclub", "129.156.220.1", true, 7); // now delay to see if 3rd has expired - sleep (10+6); + sleep(10+6); - test ("theclub", "129.156.220.1", true, 8); - test ("luster", "10.5.18.21", true, 8); - test ("foo", "10.5.18.22", true, 9); + test("theclub", "129.156.220.1", true, 8); + test("luster", "10.5.18.21", true, 8); + test("foo", "10.5.18.22", true, 9); } /* throws RuntimeException if it fails */ - static void test (String host, String address, - boolean shouldSucceed, int count) { - test (host, address, shouldSucceed); + static void test(String host, String address, + boolean shouldSucceed, int count) { + test(host, address, shouldSucceed); } - static void sleep (int seconds) { + static void sleep(int seconds) { try { - Thread.sleep (seconds * 1000); - } catch (InterruptedException e) {} + sleepms(seconds * 1000); + } catch (InterruptedException e) { + e.printStackTrace(); + } + } + + static long sleepms(long millis) throws InterruptedException { + long start = System.nanoTime(); + long ms = millis; + while (ms > 0) { + assert ms < Long.MAX_VALUE/1000_000L; + Thread.sleep(ms); + long elapsedms = (System.nanoTime() - start)/1000_000L; + ms = millis - elapsedms; + } + return millis - ms; } - static void test (String host, String address, boolean shouldSucceed) { + static void test(String host, String address, boolean shouldSucceed) { InetAddress addr = null; try { - addr = InetAddress.getByName (host); + addr = InetAddress.getByName(host); if (!shouldSucceed) { - throw new RuntimeException (host+":"+address+": should fail"); - + throw new RuntimeException(host+":"+address+": should fail (got " + + addr + ")"); } if (!address.equals(addr.getHostAddress())) { - throw new RuntimeException(host+":"+address+": compare failed"); + throw new RuntimeException(host+"/"+address+": compare failed (found " + + addr + ")"); } + System.out.println("test: " + host + "/" + address + + " succeeded - got " + addr); } catch (UnknownHostException e) { if (shouldSucceed) { throw new RuntimeException(host+":"+address+": should succeed"); + } else { + System.out.println("test: " + host + "/" + address + + " succeeded - got expected " + e); } } } - private static void addMappingToHostsFile (String host, - String addr, - String hostsFileName, - boolean append) + private static void addMappingToHostsFile(String host, + String addr, + String hostsFileName, + boolean append) throws Exception { String mapping = addr + " " + host; try (PrintWriter hfPWriter = new PrintWriter(new BufferedWriter( new FileWriter(hostsFileName, append)))) { hfPWriter.println(mapping); -} + } } } diff --git a/test/jdk/sun/net/ftp/TestFtpClientNameListWithNull.java b/test/jdk/sun/net/ftp/TestFtpClientNameListWithNull.java index 7a142f628cb..e89439cd578 100644 --- a/test/jdk/sun/net/ftp/TestFtpClientNameListWithNull.java +++ b/test/jdk/sun/net/ftp/TestFtpClientNameListWithNull.java @@ -37,6 +37,7 @@ import java.io.IOException; import java.io.InputStreamReader; import java.io.PrintWriter; +import java.net.InetAddress; import java.net.InetSocketAddress; import java.net.ServerSocket; import java.net.Socket; @@ -52,7 +53,8 @@ public static void main(String[] args) throws Exception { FtpClient client = FtpClient.create()) { (new Thread(server)).start(); int port = server.getPort(); - client.connect(new InetSocketAddress("localhost", port)); + InetAddress loopback = InetAddress.getLoopbackAddress(); + client.connect(new InetSocketAddress(loopback, port)); client.nameList(null); } finally { if (commandHasArgs) { @@ -66,7 +68,9 @@ private static class FtpServer implements AutoCloseable, Runnable { private final ServerSocket serverSocket; FtpServer() throws IOException { - serverSocket = new ServerSocket(0); + InetAddress loopback = InetAddress.getLoopbackAddress(); + serverSocket = new ServerSocket(); + serverSocket.bind(new InetSocketAddress(loopback, 0)); } public void handleClient(Socket client) throws IOException { diff --git a/test/jdk/sun/net/www/AuthHeaderTest.java b/test/jdk/sun/net/www/AuthHeaderTest.java index 5ce874ef015..53852aab8f1 100644 --- a/test/jdk/sun/net/www/AuthHeaderTest.java +++ b/test/jdk/sun/net/www/AuthHeaderTest.java @@ -85,7 +85,7 @@ static void read (InputStream is) throws IOException { static void client (String u) throws Exception { URL url = new URL (u); System.out.println ("client opening connection to: " + u); - URLConnection urlc = url.openConnection (); + URLConnection urlc = url.openConnection (Proxy.NO_PROXY); InputStream is = urlc.getInputStream (); read (is); is.close(); diff --git a/test/jdk/sun/net/www/B8185898.java b/test/jdk/sun/net/www/B8185898.java index a50c6f93c7e..c78df56f723 100644 --- a/test/jdk/sun/net/www/B8185898.java +++ b/test/jdk/sun/net/www/B8185898.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2019, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,7 +23,7 @@ /** * @test - * @bug 8185898 + * @bug 8185898 8163921 8339470 * @modules java.base/sun.net.www * @library /test/lib * @run main/othervm B8185898 @@ -143,32 +143,32 @@ static void testMessageHeaderMethods() throws IOException { // {{inputString1, expectedToString1, expectedPrint1}, {...}} String[][] strings = { {"HTTP/1.1 200 OK\r\n" - + "Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2\r\n" + + "Accept: text/html, image/gif, image/jpeg, */*; q=0.2\r\n" + "Connection: keep-alive\r\n" + "Host: 127.0.0.1:12345\r\n" + "User-agent: Java/12\r\n\r\nfoooo", "pairs: {null: HTTP/1.1 200 OK}" - + "{Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2}" + + "{Accept: text/html, image/gif, image/jpeg, */*; q=0.2}" + "{Connection: keep-alive}" + "{Host: 127.0.0.1:12345}" + "{User-agent: Java/12}", - "Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2\r\n" + "Accept: text/html, image/gif, image/jpeg, */*; q=0.2\r\n" + "Connection: keep-alive\r\n" + "Host: 127.0.0.1:12345\r\n" + "User-agent: Java/12\r\n\r\n"}, {"HTTP/1.1 200 OK\r\n" - + "Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2\r\n" + + "Accept: text/html, image/gif, image/jpeg, */*; q=0.2\r\n" + "Connection: keep-alive\r\n" + "Host: 127.0.0.1:12345\r\n" + "User-agent: Java/12\r\n" + "X-Header:\r\n\r\n", "pairs: {null: HTTP/1.1 200 OK}" - + "{Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2}" + + "{Accept: text/html, image/gif, image/jpeg, */*; q=0.2}" + "{Connection: keep-alive}" + "{Host: 127.0.0.1:12345}" + "{User-agent: Java/12}" + "{X-Header: }", - "Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2\r\n" + "Accept: text/html, image/gif, image/jpeg, */*; q=0.2\r\n" + "Connection: keep-alive\r\n" + "Host: 127.0.0.1:12345\r\n" + "User-agent: Java/12\r\n" diff --git a/test/jdk/sun/net/www/http/HttpClient/CookieHttpClientTest.java b/test/jdk/sun/net/www/http/HttpClient/CookieHttpClientTest.java index e2c14229302..f54dcb678a1 100644 --- a/test/jdk/sun/net/www/http/HttpClient/CookieHttpClientTest.java +++ b/test/jdk/sun/net/www/http/HttpClient/CookieHttpClientTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2012, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -24,6 +24,7 @@ /* * @test * @bug 7129083 + * @library /test/lib * @summary Cookiemanager does not store cookies if url is read * before setting cookiemanager */ @@ -31,12 +32,16 @@ import java.net.CookieHandler; import java.net.CookieManager; import java.net.CookiePolicy; +import java.net.InetAddress; +import java.net.InetSocketAddress; import java.net.ServerSocket; import java.net.Socket; import java.net.URL; import java.io.InputStream; import java.io.IOException; +import jdk.test.lib.net.URIBuilder; + public class CookieHttpClientTest implements Runnable { final ServerSocket ss; static final int TIMEOUT = 10 * 1000; @@ -85,10 +90,15 @@ static void readOneRequest(InputStream is) throws IOException { CookieHttpClientTest() throws Exception { /* start the server */ - ss = new ServerSocket(0); + ss = new ServerSocket(); + ss.bind(new InetSocketAddress(InetAddress.getLoopbackAddress(), 0)); (new Thread(this)).start(); - URL url = new URL("http://localhost:" + ss.getLocalPort() +"/"); + URL url = URIBuilder.newBuilder() + .scheme("http") + .loopback() + .port(ss.getLocalPort()) + .path("/").toURL(); // Run without a CookieHandler first InputStream in = url.openConnection().getInputStream(); diff --git a/test/jdk/sun/net/www/http/HttpClient/KeepAliveTest.java b/test/jdk/sun/net/www/http/HttpClient/KeepAliveTest.java index 15983f3196a..0fdfb591a8c 100644 --- a/test/jdk/sun/net/www/http/HttpClient/KeepAliveTest.java +++ b/test/jdk/sun/net/www/http/HttpClient/KeepAliveTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2022, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -24,177 +24,29 @@ /* * @test * @library /test/lib - * @bug 8291226 8291638 - * @modules java.base/sun.net:+open - * java.base/sun.net.www.http:+open - * java.base/sun.net.www:+open + * @bug 8291226 8291638 8330523 + * @modules java.base/sun.net.www.http:+open * java.base/sun.net.www.protocol.http:+open - * @run main/othervm KeepAliveTest 0 - * @run main/othervm KeepAliveTest 1 - * @run main/othervm KeepAliveTest 2 - * @run main/othervm KeepAliveTest 3 - * @run main/othervm KeepAliveTest 4 - * @run main/othervm KeepAliveTest 5 - * @run main/othervm KeepAliveTest 6 - * @run main/othervm KeepAliveTest 7 - * @run main/othervm KeepAliveTest 8 - * @run main/othervm KeepAliveTest 9 - * @run main/othervm KeepAliveTest 10 - * @run main/othervm KeepAliveTest 11 - * @run main/othervm KeepAliveTest 12 - * @run main/othervm KeepAliveTest 13 - * @run main/othervm KeepAliveTest 14 - * @run main/othervm KeepAliveTest 15 - * @run main/othervm KeepAliveTest 16 - * @run main/othervm KeepAliveTest 17 - * @run main/othervm KeepAliveTest 18 - * @run main/othervm KeepAliveTest 19 - * @run main/othervm KeepAliveTest 20 - * @run main/othervm KeepAliveTest 21 - * @run main/othervm KeepAliveTest 22 - * @run main/othervm KeepAliveTest 23 - * @run main/othervm KeepAliveTest 24 - * @run main/othervm KeepAliveTest 25 - * @run main/othervm KeepAliveTest 26 - * @run main/othervm KeepAliveTest 27 - * @run main/othervm KeepAliveTest 28 - * @run main/othervm KeepAliveTest 29 - * @run main/othervm KeepAliveTest 30 - * @run main/othervm KeepAliveTest 31 - * @run main/othervm KeepAliveTest 32 - * @run main/othervm KeepAliveTest 33 - * @run main/othervm KeepAliveTest 34 - * @run main/othervm KeepAliveTest 35 - * @run main/othervm KeepAliveTest 36 - * @run main/othervm KeepAliveTest 37 - * @run main/othervm KeepAliveTest 38 - * @run main/othervm KeepAliveTest 39 - * @run main/othervm KeepAliveTest 40 - * @run main/othervm KeepAliveTest 41 - * @run main/othervm KeepAliveTest 42 - * @run main/othervm KeepAliveTest 43 - * @run main/othervm KeepAliveTest 44 - * @run main/othervm KeepAliveTest 45 - * @run main/othervm KeepAliveTest 46 - * @run main/othervm KeepAliveTest 47 - * @run main/othervm KeepAliveTest 48 - * @run main/othervm KeepAliveTest 49 - * @run main/othervm KeepAliveTest 50 - * @run main/othervm KeepAliveTest 51 - * @run main/othervm KeepAliveTest 52 - * @run main/othervm KeepAliveTest 53 - * @run main/othervm KeepAliveTest 54 - * @run main/othervm KeepAliveTest 55 - * @run main/othervm KeepAliveTest 56 - * @run main/othervm KeepAliveTest 57 - * @run main/othervm KeepAliveTest 58 - * @run main/othervm KeepAliveTest 59 - * @run main/othervm KeepAliveTest 60 - * @run main/othervm KeepAliveTest 61 - * @run main/othervm KeepAliveTest 62 - * @run main/othervm KeepAliveTest 63 - * @run main/othervm KeepAliveTest 64 - * @run main/othervm KeepAliveTest 65 - * @run main/othervm KeepAliveTest 66 - * @run main/othervm KeepAliveTest 67 - * @run main/othervm KeepAliveTest 68 - * @run main/othervm KeepAliveTest 69 - * @run main/othervm KeepAliveTest 70 - * @run main/othervm KeepAliveTest 71 - * @run main/othervm KeepAliveTest 72 - * @run main/othervm KeepAliveTest 73 - * @run main/othervm KeepAliveTest 74 - * @run main/othervm KeepAliveTest 75 - * @run main/othervm KeepAliveTest 76 - * @run main/othervm KeepAliveTest 77 - * @run main/othervm KeepAliveTest 78 - * @run main/othervm KeepAliveTest 79 - * @run main/othervm KeepAliveTest 80 - * @run main/othervm KeepAliveTest 81 - * @run main/othervm KeepAliveTest 82 - * @run main/othervm KeepAliveTest 83 - * @run main/othervm KeepAliveTest 84 - * @run main/othervm KeepAliveTest 85 - * @run main/othervm KeepAliveTest 86 - * @run main/othervm KeepAliveTest 87 - * @run main/othervm KeepAliveTest 88 - * @run main/othervm KeepAliveTest 89 - * @run main/othervm KeepAliveTest 90 - * @run main/othervm KeepAliveTest 91 - * @run main/othervm KeepAliveTest 92 - * @run main/othervm KeepAliveTest 93 - * @run main/othervm KeepAliveTest 94 - * @run main/othervm KeepAliveTest 95 - * @run main/othervm KeepAliveTest 96 - * @run main/othervm KeepAliveTest 97 - * @run main/othervm KeepAliveTest 98 - * @run main/othervm KeepAliveTest 99 - * @run main/othervm KeepAliveTest 100 - * @run main/othervm KeepAliveTest 101 - * @run main/othervm KeepAliveTest 102 - * @run main/othervm KeepAliveTest 103 - * @run main/othervm KeepAliveTest 104 - * @run main/othervm KeepAliveTest 105 - * @run main/othervm KeepAliveTest 106 - * @run main/othervm KeepAliveTest 107 - * @run main/othervm KeepAliveTest 108 - * @run main/othervm KeepAliveTest 109 - * @run main/othervm KeepAliveTest 110 - * @run main/othervm KeepAliveTest 111 - * @run main/othervm KeepAliveTest 112 - * @run main/othervm KeepAliveTest 113 - * @run main/othervm KeepAliveTest 114 - * @run main/othervm KeepAliveTest 115 - * @run main/othervm KeepAliveTest 116 - * @run main/othervm KeepAliveTest 117 - * @run main/othervm KeepAliveTest 118 - * @run main/othervm KeepAliveTest 119 - * @run main/othervm KeepAliveTest 120 - * @run main/othervm KeepAliveTest 121 - * @run main/othervm KeepAliveTest 122 - * @run main/othervm KeepAliveTest 123 - * @run main/othervm KeepAliveTest 124 - * @run main/othervm KeepAliveTest 125 - * @run main/othervm KeepAliveTest 126 - * @run main/othervm KeepAliveTest 127 - * @run main/othervm KeepAliveTest 128 - * @run main/othervm KeepAliveTest 129 - * @run main/othervm KeepAliveTest 130 - * @run main/othervm KeepAliveTest 131 - * @run main/othervm KeepAliveTest 132 - * @run main/othervm KeepAliveTest 133 - * @run main/othervm KeepAliveTest 134 - * @run main/othervm KeepAliveTest 135 - * @run main/othervm KeepAliveTest 136 - * @run main/othervm KeepAliveTest 137 - * @run main/othervm KeepAliveTest 138 - * @run main/othervm KeepAliveTest 139 - * @run main/othervm KeepAliveTest 140 - * @run main/othervm KeepAliveTest 141 - * @run main/othervm KeepAliveTest 142 - * @run main/othervm KeepAliveTest 143 - * @run main/othervm KeepAliveTest 144 - * @run main/othervm KeepAliveTest 145 - * @run main/othervm KeepAliveTest 146 - * @run main/othervm KeepAliveTest 147 - * @run main/othervm KeepAliveTest 148 - * @run main/othervm KeepAliveTest 149 - * @run main/othervm KeepAliveTest 150 - * @run main/othervm KeepAliveTest 151 - * @run main/othervm KeepAliveTest 152 - * @run main/othervm KeepAliveTest 153 - * @run main/othervm KeepAliveTest 154 - * @run main/othervm KeepAliveTest 155 - * @run main/othervm KeepAliveTest 156 - * @run main/othervm KeepAliveTest 157 - * @run main/othervm KeepAliveTest 158 - * @run main/othervm KeepAliveTest 159 + * @run main/othervm KeepAliveTest + * @run main/othervm -Dhttp.keepAlive.time.server=100 KeepAliveTest + * @run main/othervm -Dhttp.keepAlive.time.proxy=200 KeepAliveTest + * @run main/othervm -Dhttp.keepAlive.time.server=100 -Dhttp.keepAlive.time.proxy=200 KeepAliveTest + * @run main/othervm -Dhttp.keepAlive.time.server=-100 KeepAliveTest + * @run main/othervm -Dhttp.keepAlive.time.proxy=-200 KeepAliveTest + * @run main/othervm -Dhttp.keepAlive.time.server=-100 -Dhttp.keepAlive.time.proxy=-200 KeepAliveTest + * @run main/othervm -Dhttp.keepAlive.time.server=0 KeepAliveTest + * @run main/othervm -Dhttp.keepAlive.time.proxy=0 KeepAliveTest + * @run main/othervm -Dhttp.keepAlive.time.server=0 -Dhttp.keepAlive.time.proxy=0 KeepAliveTest + * @run main/othervm -Dhttp.keepAlive.time.server=0 -Dhttp.keepAlive.time.proxy=-200 KeepAliveTest + * @run main/othervm -Dhttp.keepAlive.time.server=-100 -Dhttp.keepAlive.time.proxy=0 KeepAliveTest + * @run main/othervm -Dhttp.keepAlive.time.server=100 -Dhttp.keepAlive.time.proxy=0 KeepAliveTest + * @run main/othervm -Dhttp.keepAlive.time.server=0 -Dhttp.keepAlive.time.proxy=200 KeepAliveTest + * @run main/othervm -Dhttp.keepAlive.time.server=100 -Dhttp.keepAlive.time.proxy=-200 KeepAliveTest + * @run main/othervm -Dhttp.keepAlive.time.server=-100 -Dhttp.keepAlive.time.proxy=200 KeepAliveTest */ - -import java.nio.charset.StandardCharsets; -import java.io.InputStream; import java.io.BufferedReader; import java.io.IOException; +import java.io.InputStream; import java.io.InputStreamReader; import java.io.OutputStreamWriter; import java.lang.reflect.Constructor; @@ -206,841 +58,59 @@ import java.net.ServerSocket; import java.net.Socket; import java.net.URL; +import java.nio.charset.StandardCharsets; import java.util.List; import java.util.Map.Entry; -import java.util.concurrent.CountDownLatch; +import java.util.concurrent.Phaser; import java.util.logging.ConsoleHandler; import java.util.logging.Level; import java.util.logging.Logger; + +import jdk.test.lib.net.URIBuilder; + import sun.net.www.http.HttpClient; import sun.net.www.http.KeepAliveCache; import sun.net.www.protocol.http.HttpURLConnection; -import jdk.test.lib.net.URIBuilder; public class KeepAliveTest { - private static final Logger logger = Logger.getLogger("sun.net.www.protocol.http.HttpURLConnection"); - private static final String NOT_CACHED = "NotCached"; - private static final String CLIENT_SEPARATOR = ";"; - private static final String NEW_LINE = "\r\n"; - private volatile int SERVER_PORT = 0; + /* - * isProxySet is shared variable between server thread and client thread(main) and it should be set and reset to false for each and - * every scenario. - * isProxySet variable should be set by server thread before proceeding to client thread(main). + * This test covers a matrix of 10 server scenarios and 16 client scenarios. */ - private volatile boolean isProxySet = false; + private static final Logger logger = Logger.getLogger("sun.net.www.protocol.http.HttpURLConnection"); + + private static final String NEW_LINE = "\r\n"; + private static final String CONNECTION_KEEP_ALIVE_ONLY = "Connection: keep-alive"; private static final String PROXY_CONNECTION_KEEP_ALIVE_ONLY = "Proxy-Connection: keep-alive"; private static final String KEEP_ALIVE_TIMEOUT_NEG = "Keep-alive: timeout=-20"; private static final String KEEP_ALIVE_TIMEOUT_ZERO = "Keep-alive: timeout=0"; private static final String KEEP_ALIVE_TIMEOUT = "Keep-alive: timeout=20"; private static final String KEEP_ALIVE_PROXY_TIMEOUT = "Keep-alive: timeout=120"; - private static final String CLIENT_HTTP_KEEP_ALIVE_TIME_SERVER_NEGATIVE = "http.keepAlive.time.server=-100"; - private static final String CLIENT_HTTP_KEEP_ALIVE_TIME_PROXY_NEGATIVE = "http.keepAlive.time.proxy=-200"; - private static final String CLIENT_HTTP_KEEP_ALIVE_TIME_SERVER_ZERO = "http.keepAlive.time.server=0"; - private static final String CLIENT_HTTP_KEEP_ALIVE_TIME_PROXY_ZERO = "http.keepAlive.time.proxy=0"; - private static final String CLIENT_HTTP_KEEP_ALIVE_TIME_SERVER_POSITIVE = "http.keepAlive.time.server=100"; - private static final String CLIENT_HTTP_KEEP_ALIVE_TIME_PROXY_POSITIVE = "http.keepAlive.time.proxy=200"; - private static final String CONNECTION_KEEP_ALIVE_WITH_TIMEOUT = CONNECTION_KEEP_ALIVE_ONLY + NEW_LINE - + KEEP_ALIVE_TIMEOUT; - /* - * Following Constants represents Client Side Properties and is used as reference in below table as - * CLIENT_INPUT_CONSTANT_NAMES - */ - private static final String SERVER_100_NEGATIVE = CLIENT_HTTP_KEEP_ALIVE_TIME_SERVER_NEGATIVE; - private static final String PROXY_200_NEGATIVE = CLIENT_HTTP_KEEP_ALIVE_TIME_PROXY_NEGATIVE; - private static final String SERVER_ZERO = CLIENT_HTTP_KEEP_ALIVE_TIME_SERVER_ZERO; - private static final String PROXY_ZERO = CLIENT_HTTP_KEEP_ALIVE_TIME_PROXY_ZERO; - private static final String SERVER_100 = CLIENT_HTTP_KEEP_ALIVE_TIME_SERVER_POSITIVE; - private static final String PROXY_200 = CLIENT_HTTP_KEEP_ALIVE_TIME_PROXY_POSITIVE; - - /* - * CONSTANTS A,B,C,D,E,NI,F,G,H,I represents ServerScenarios and is used as reference in below table - * as SERVER_RESPONSE_CONSTANT_NAME - */ - private static final String A = CONNECTION_KEEP_ALIVE_ONLY; - private static final String B = CONNECTION_KEEP_ALIVE_WITH_TIMEOUT; - private static final String C = PROXY_CONNECTION_KEEP_ALIVE_ONLY; - private static final String D = PROXY_CONNECTION_KEEP_ALIVE_ONLY + NEW_LINE + CONNECTION_KEEP_ALIVE_ONLY; - private static final String E = C + NEW_LINE + KEEP_ALIVE_PROXY_TIMEOUT; - private static final String NI = "NO_INPUT"; - private static final String F = A + NEW_LINE + KEEP_ALIVE_TIMEOUT_NEG; - private static final String G = A + NEW_LINE + KEEP_ALIVE_TIMEOUT_ZERO; - private static final String H = C + NEW_LINE + KEEP_ALIVE_TIMEOUT_NEG; - private static final String I = C + NEW_LINE + KEEP_ALIVE_TIMEOUT_ZERO; - - /* - * There are 160 scenarios run by this program. - * For every scenario there is mapping between serverScenarios[int],clientScenarios[int] and expectedOutput[int] - * - * serverScenarios[0] clientScenarios[0] expectedOutput[0] - * serverScenarios[1] clientScenarios[1] expectedOutput[1] - * serverScenarios[2] clientScenarios[2] expectedOutput[2] - * - * ... - * - * serverScenarios[159] cientScenarios[159] expectedOutput[159] - * - * whereas serverScenarios[int] is retrieved using getServerScenario(int) - * whereas clientScenarios[int] is retrieved using clientScenario[getClientScenarioNumber[int]] - * and - * expectedOutput[int] is retrieved using expectedOuput[int] directly. - * - */ - - /* Here is the complete table of server_response, client system properties input and expected cached timeout at client side */ - /* ScNo | SERVER RESPONSE (SERVER_RESPONSE_CONSTANT_NAME)| CLIENT SYSTEM PROPERTIES INPUT (CLIENT_INPUT_CONSTANT_NAMES) | EXPECTED CACHED TIMEOUT AT CLIENT SIDE - ***************************************************************************************************************************************** - * 0 | Connection: keep-alive (A) | No Input Provided (NI) | Default Timeout set to 5 - *--------------------------------------------------------------------------------------------------------------------------- - * 1 | Connection: keep-alive (A) | -Dhttp.keepAlive.time.server=100 (SERVER_100)| Client Timeout set to 100 - *-------------------------------------------------------------------------------------------------------------------------- - * 2 | Connection: keep-alive (A) | -Dhttp.keepAlive.time.proxy=200 (PROXY_200) | Default Timeout set to 5 - *--------------------------------------------------------------------------------------------------------------------------- - * 3 | Connection: keep-alive (A) | -Dhttp.keepAlive.time.server=100 && | - * | | -Dhttp.keepAlive.time.proxy=200 | Timeout set to 100 - * | | (SERVER_100 && PROXY_200) | - *--------------------------------------------------------------------------------------------------------------------------- - * 4 | Connection: keep-alive (A) | -Dhttp.keepAlive.time.server=-100 | Default Timeout set to 5 - * | | (SERVER_100_NEGATIVE) | - *--------------------------------------------------------------------------------------------------------------------------- - * 5 | Connection: keep-alive (A) | -Dhttp.keepAlive.time.proxy=-200 | Default Timeout set to 5 - * | | (PROXY_200_NEGATIVE) | - *--------------------------------------------------------------------------------------------------------------------------- - * 6 | Connection: keep-alive (A) | -Dhttp.keepAlive.time.server=-100 && | - * | | -Dhttp.keepAlive.time.proxy=-200 | Default Timeout set to 5 - * | | (SERVER_100_NEGATIVE && PROXY_200_NEGATIVE) | - *--------------------------------------------------------------------------------------------------------------------------- - * 7 | Connection: keep-alive (A) | -Dhttp.keepAlive.time.server=0 | Connection Closed Immediately - * | | (SERVER_ZERO) | - *--------------------------------------------------------------------------------------------------------------------------- - * 8 | Connection: keep-alive (A) | -Dhttp.keepAlive.time.proxy=0 | Default Timeout set to 5 - * | | (PROXY_ZERO) | - *--------------------------------------------------------------------------------------------------------------------------- - * 9 | Connection: keep-alive (A) | -Dhttp.keepAlive.time.server=0 && | - * | | -Dhttp.keepAlive.time.proxy=0 | Connection Closed Immediately - * | | (SERVER_ZERO && PROXY_ZERO) | - *--------------------------------------------------------------------------------------------------------------------------- - * 10 | Connection: keep-alive (A) | -Dhttp.keepAlive.time.server=0 && | - * | | -Dhttp.keepAlive.time.proxy=-200 | Connection Closed Immediately - * | | (SERVER_ZERO && PROXY_200_NEGATIVE) | - *--------------------------------------------------------------------------------------------------------------------------- - * 11 | Connection: keep-alive (A) | -Dhttp.keepAlive.time.server=-100 && | - * | | -Dhttp.keepAlive.time.proxy=0 | Default Timeout set to 5 - * | | (SERVER_100_NEGATIVE && PROXY_ZERO) | - *--------------------------------------------------------------------------------------------------------------------------- - * 12 | Connection: keep-alive (A) | -Dhttp.keepAlive.time.server=100 && | - * | | -Dhttp.keepAlive.time.proxy=0 | Timeout set to 100 - * | | (SERVER_100 && PROXY_ZERO) | - *--------------------------------------------------------------------------------------------------------------------------- - * 13 | Connection: keep-alive (A) | -Dhttp.keepAlive.time.server=0 && | - * | | -Dhttp.keepAlive.time.proxy=200 | Connection Closed Immediately - * | | (SERVER_ZERO && PROXY_200) | - *--------------------------------------------------------------------------------------------------------------------------- - * 14 | Connection: keep-alive (A) | -Dhttp.keepAlive.time.server=100 && | - * | | -Dhttp.keepAlive.time.proxy=-200 | Timeout set to 100 - * | | (SERVER_100 && PROXY_200_NEGATIVE) | - *--------------------------------------------------------------------------------------------------------------------------- - * 15 | Connection: keep-alive (A) | -Dhttp.keepAlive.time.server=-100 && | - * | | -Dhttp.keepAlive.time.proxy=200 | Default Timeout set to 5 - * | | (SERVER_100_NEGATIVE && PROXY_200) | - *--------------------------------------------------------------------------------------------------------------------------- - * 16 |Connection: keep-alive\r\nKeep-alive: timeout=20 (B) | No Input Provided (NI) | Timeout set to 20 - *------------------------------------------------------------------------------------------------------------------------ - * 17 |Connection: keep-alive\r\nKeep-alive: timeout=20 (B) | -Dhttp.keepAlive.time.server=100 | Timeout set to 20 - * | | (SERVER_100) | - *--------------------------------------------------------------------------------------------------------------------------- - * 18 |Connection: keep-alive\r\nKeep-alive: timeout=20 (B) | -Dhttp.keepAlive.time.proxy=200 | Timeout set to 20 - * | | (PROXY_200) | - *--------------------------------------------------------------------------------------------------------------------------- - * 19 |Connection: keep-alive\r\nKeep-alive: timeout=20 (B) | -Dhttp.keepAlive.time.server=100 && | - * | | -Dhttp.keepAlive.time.proxy=200 | Timeout set to 20 - * | | (SERVER_100 && PROXY_200) | - *--------------------------------------------------------------------------------------------------------------------------- - * 20 |Connection: keep-alive\r\nKeep-alive: timeout=20 (B) | -Dhttp.keepAlive.time.server=-100 | Timeout set to 20 - * | | (SERVER_100_NEGATIVE) | - *--------------------------------------------------------------------------------------------------------------------------- - * 21 |Connection: keep-alive\r\nKeep-alive: timeout=20 (B) | -Dhttp.keepAlive.time.proxy=-200 | Timeout set to 20 - * | | (PROXY_200_NEGATIVE) | - *--------------------------------------------------------------------------------------------------------------------------- - * 22 |Connection: keep-alive\r\nKeep-alive: timeout=20 (B) | -Dhttp.keepAlive.time.server=-100 && | - * | | -Dhttp.keepAlive.time.proxy=-200 | Timeout set to 20 - * | | (SERVER_100_NEGATIVE && PROXY_200_NEGATIVE)| - *--------------------------------------------------------------------------------------------------------------------------- - * 23 |Connection: keep-alive\r\nKeep-alive: timeout=20 (B) | -Dhttp.keepAlive.time.server=0 | Timeout set to 20 - * | | (SERVER_ZERO) | - *--------------------------------------------------------------------------------------------------------------------------- - * 24 |Connection: keep-alive\r\nKeep-alive: timeout=20 (B) | -Dhttp.keepAlive.time.proxy=0 | Timeout set to 20 - * | | (PROXY_ZERO) | - *--------------------------------------------------------------------------------------------------------------------------- - * 25 |Connection: keep-alive\r\nKeep-alive: timeout=20 (B) | -Dhttp.keepAlive.time.server=0 && | - * | | -Dhttp.keepAlive.time.proxy=0 | Timeout set to 20 - * | | (SERVER_ZERO && PROXY_ZERO) | - *--------------------------------------------------------------------------------------------------------------------------- - * 26 |Connection: keep-alive\r\nKeep-alive: timeout=20 (B) | -Dhttp.keepAlive.time.server=0 && | - * | | -Dhttp.keepAlive.time.proxy=-200 | Timeout set to 20 - * | | (SERVER_ZERO && PROXY_200_NEGATIVE) | - *--------------------------------------------------------------------------------------------------------------------------- - * 27 |Connection: keep-alive\r\nKeep-alive: timeout=20 (B) | -Dhttp.keepAlive.time.server=-100 &&| - * | | -Dhttp.keepAlive.time.proxy=0 | Timeout set to 20 - * | | (SERVER_100_NEGATIVE && PROXY_ZERO) | - *--------------------------------------------------------------------------------------------------------------------------- - * 28 |Connection: keep-alive\r\nKeep-alive: timeout=20 (B) | -Dhttp.keepAlive.time.server=100 && | - * | | -Dhttp.keepAlive.time.proxy=0 | Timeout set to 20 - * | | (SERVER_100 && PROXY_ZERO) | - *--------------------------------------------------------------------------------------------------------------------------- - * 29 |Connection: keep-alive\r\nKeep-alive: timeout=20 (B) | -Dhttp.keepAlive.time.server=0 && | - * | | -Dhttp.keepAlive.time.proxy=200 | Timeout set to 20 - * | | (SERVER_ZERO && PROXY_200) | - *--------------------------------------------------------------------------------------------------------------------------- - * 30 |Connection: keep-alive\r\nKeep-alive: timeout=20 (B) | -Dhttp.keepAlive.time.server=100 && | - * | | -Dhttp.keepAlive.time.proxy=-200 | Timeout set to 20 - * | | (SERVER_100 && PROXY_200_NEGATIVE) | - *--------------------------------------------------------------------------------------------------------------------------- - * 31 |Connection: keep-alive\r\nKeep-alive: timeout=20 (B) |-Dhttp.keepAlive.time.server=-100 && | - * | |-Dhttp.keepAlive.time.proxy=200 | Timeout set to 20 - * | | (SERVER_100_NEGATIVE && PROXY_200) | - *--------------------------------------------------------------------------------------------------------------------------- - * 32 |Proxy-Connection: keep-alive (C) | No Input Provided (NI) | Default timeout set to 60 - *--------------------------------------------------------------------------------------------------------------------------- - * 33 |Proxy-Connection: keep-alive (C) | -Dhttp.keepAlive.time.server=100 | Default timeout set to 60 - * | | (SERVER_100) | - *--------------------------------------------------------------------------------------------------------------------------- - * 34 |Proxy-Connection: keep-alive (C) | -Dhttp.keepAlive.time.proxy=200 | Timeout set to 200 - * | | (PROXY_200) | - *-------------------------------------------------------------------------------------------------------------------------- - * 35 |Proxy-Connection: keep-alive (C) | -Dhttp.keepAlive.time.server=100 && | - * | | -Dhttp.keepAlive.time.proxy=200 | Timeout set to 200 - * | | (SERVER_100 && PROXY_200) | - *-------------------------------------------------------------------------------------------------------------------------- - * 36 |Proxy-Connection: keep-alive (C) | -Dhttp.keepAlive.time.server=-100 | Default timeout set to 60 - * | | (SERVER_100_NEGATIVE) | - *--------------------------------------------------------------------------------------------------------------------------- - * 37 |Proxy-Connection: keep-alive (C) | -Dhttp.keepAlive.time.proxy=-200 | Default timeout set to 60 - * | | (PROXY_200_NEGATIVE) | - *--------------------------------------------------------------------------------------------------------------------------- - * 38 |Proxy-Connection: keep-alive (C) |-Dhttp.keepAlive.time.server=-100 && | - * | |-Dhttp.keepAlive.time.proxy=-200 | Default timeout set to 60 - * | |(SERVER_100_NEGATIVE && PROXY_200_NEGATIVE)| - *--------------------------------------------------------------------------------------------------------------------------- - * 39 |Proxy-Connection: keep-alive (C) | -Dhttp.keepAlive.time.server=0 | Default timeout set to 60 - * | | (SERVER_ZERO) | - *--------------------------------------------------------------------------------------------------------------------------- - * 40 |Proxy-Connection: keep-alive (C) | -Dhttp.keepAlive.time.proxy=0 | close connection immediately - * | | (PROXY_ZERO) | - *--------------------------------------------------------------------------------------------------------------------------- - * 41 |Proxy-Connection: keep-alive (C) | -Dhttp.keepAlive.time.server=0 && | - * | | -Dhttp.keepAlive.time.proxy=0 | close connection immediately - * | | (SERVER_ZERO && PROXY_ZERO) | - *-------------------------------------------------------------------------------------------------------------------------------- - * 42 |Proxy-Connection: keep-alive (C) | -Dhttp.keepAlive.time.server=0 && | - * | | -Dhttp.keepAlive.time.proxy=-200 | Default timeout set to 60 - * | | (SERVER_ZERO && PROXY_200_NEGATIVE) | - *--------------------------------------------------------------------------------------------------------------------------------- - * 43 |Proxy-Connection: keep-alive (C) | -Dhttp.keepAlive.time.server=-100 &&| - * | | -Dhttp.keepAlive.time.proxy=0 | close connection immediately - * | | (SERVER_100_NEGATIVE && PROXY_ZERO) | - *--------------------------------------------------------------------------------------------------------------------------------- - * 44 |Proxy-Connection: keep-alive (C) | -Dhttp.keepAlive.time.server=100 && | - * | | -Dhttp.keepAlive.time.proxy=0 | close connection immediately - * | | (SERVER_100 && PROXY_ZERO) | - *--------------------------------------------------------------------------------------------------------------------------- - * 45 |Proxy-Connection: keep-alive (C) | -Dhttp.keepAlive.time.server=0 && | - * | | -Dhttp.keepAlive.time.proxy=200 | Timeout set to 200 - * | | (SERVER_ZERO && PROXY_200) | - *--------------------------------------------------------------------------------------------------------------------------- - * 46 |Proxy-Connection: keep-alive (C) |-Dhttp.keepAlive.time.server=100 && | - * | |-Dhttp.keepAlive.time.proxy=-200 | Default timeout set to 60 - * | | (SERVER_100 && PROXY_200_NEGATIVE) | - *--------------------------------------------------------------------------------------------------------------------------- - * 47 |Proxy-Connection: keep-alive (C) |-Dhttp.keepAlive.time.server=-100 && | - * | |-Dhttp.keepAlive.time.proxy=200 | Timeout set to 200 - * | | (SERVER_100_NEGATIVE && PROXY_ZERO) | - *--------------------------------------------------------------------------------------------------------------------------- - * 48 |Connection:keep-alive\r\nProxy-connection:keep-alive (D) | No Input Provided (NI) | Default timeout set to 60 - *----------------------------------------------------------------------------------------------------------------------------- - * 49 |Connection:keep-alive\r\nProxy-connection:keep-alive (D) | -Dhttp.keepAlive.time.server=100 | Default timeout set to 60 - * | | (SERVER_100) | - *--------------------------------------------------------------------------------------------------------------------------- - * 50 |Connection:keep-alive\r\nProxy-connection:keep-alive (D) | -Dhttp.keepAlive.time.proxy=200 | Timeout set to 200 - * | | (PROXY_200) | - *------------------------------------------------------------------------------------------------------------------------------ - * 51 |Connection:keep-alive\r\nProxy-connection:keep-alive (D) | -Dhttp.keepAlive.time.server=100 && | - * | | -Dhttp.keepAlive.time.proxy=200 | Timeout set to 200 - * | | (SERVER_100 && PROXY_200) | - *------------------------------------------------------------------------------------------------------------------------------ - * 52 |Connection:keep-alive\r\nProxy-connection:keep-alive (D) | -Dhttp.keepAlive.time.server=-100 | Default timeout set to 60 - * | | (SERVER_100_NEGATIVE) | - *------------------------------------------------------------------------------------------------------------------------------ - * 53 |Connection:keep-alive\r\nProxy-connection:keep-alive (D) | -Dhttp.keepAlive.time.proxy=-200 | Default timeout set to 60 - * | | (PROXY_200_NEGATIVE) | - *------------------------------------------------------------------------------------------------------------------------------ - * 54 |Connection:keep-alive\r\nProxy-connection:keep-alive (D) | -Dhttp.keepAlive.time.server=-100&& | - * | | -Dhttp.keepAlive.time.proxy=-200 | Default timeout set to 60 - * | | (SERVER_100_NEGATIVE && PROXY_200_NEGATIVE | - *------------------------------------------------------------------------------------------------------------------------------- - * 55 |Connection:keep-alive\r\nProxy-connection:keep-alive (D) | -Dhttp.keepAlive.time.server=0 | Default timeout set to 60 - * | | (SERVER_ZERO) | - *-------------------------------------------------------------------------------------------------------------------------------- - * 56 |Connection:keep-alive\r\nProxy-connection:keep-alive (D) | -Dhttp.keepAlive.time.proxy=0 | close connection immediately - * | | (PROXY_ZERO) | - *-------------------------------------------------------------------------------------------------------------------------------- - * 57 |Connection:keep-alive\r\nProxy-connection:keep-alive (D) | -Dhttp.keepAlive.time.server=0 && | - * | | -Dhttp.keepAlive.time.proxy=0 | close connection immediately - * | | (SERVER_ZERO && PROXY_ZERO) | - *-------------------------------------------------------------------------------------------------------------------------------- - * 58 |Connection:keep-alive\r\nProxy-connection:keep-alive (D) | -Dhttp.keepAlive.time.server=0 && | - * | | -Dhttp.keepAlive.time.proxy=-200 | Default timeout set to 60 - * | | (SERVER_ZERO && PROXY_200_NEGATIVE) | - *-------------------------------------------------------------------------------------------------------------------------------- - * 59 |Connection:keep-alive\r\nProxy-connection:keep-alive (D) | -Dhttp.keepAlive.time.server=-100 &&| - * | | -Dhttp.keepAlive.time.proxy=0 | close connection immediately - * | | (SERVER_100_NEGATIVE && PROXY_ZERO) | - *-------------------------------------------------------------------------------------------------------------------------------- - * 60 |Connection:keep-alive\r\nProxy-connection:keep-alive (D) | -Dhttp.keepAlive.time.server=100 && | - * | | -Dhttp.keepAlive.time.proxy=0 | close connection immediately - * | | (SERVER_100 && PROXY_ZERO) | - *-------------------------------------------------------------------------------------------------------------------------------- - * 61 |Connection:keep-alive\r\nProxy-connection:keep-alive (D) | -Dhttp.keepAlive.time.server=0 && | - * | | -Dhttp.keepAlive.time.proxy=200 | Timeout set to 200 - * | | (SERVER_ZERO && PROXY_200) | - *------------------------------------------------------------------------------------------------------------------------------ - * 62 |Connection:keep-alive\r\nProxy-connection:keep-alive (D) | -Dhttp.keepAlive.time.server=100 && | - * | | -Dhttp.keepAlive.time.proxy=-200 | default timeout set to 60 - * | | (SERVER_100 && PROXY_200_NEGATIVE) | - *------------------------------------------------------------------------------------------------------------------------------ - * 63 |Connection:keep-alive\r\nProxy-connection:keep-alive (D) | -Dhttp.keepAlive.time.server=-100 &&| - * | | -Dhttp.keepAlive.time.proxy=200 | Timeout set to 200 - * | | (SERVER_100_NEGATIVE && PROXY_200) | - *------------------------------------------------------------------------------------------------------------------------------- - * 64 |Proxy-connection:keep-alive\r\nKeep-alive:timeout=120 (E)| No Input Provided (NI) | Timeout set to 120 - *------------------------------------------------------------------------------------------------------------------------------- - * 65 |Proxy-connection:keep-alive\r\nKeep-alive:timeout=120 (E)| -Dhttp.keepAlive.time.server=100 | Timeout set to 120 - * | | (SERVER_100) | - *------------------------------------------------------------------------------------------------------------------------------- - * 66 |Proxy-connection:keep-alive\r\nKeep-alive:timeout=120 (E)| -Dhttp.keepAlive.time.proxy=200 | Timeout set to 120 - * | | (PROXY_200) | - *------------------------------------------------------------------------------------------------------------------------------- - * 67 |Proxy-connection:keep-alive\r\nKeep-alive:timeout=120 (E)| -Dhttp.keepAlive.time.server=100 && | - * | | -Dhttp.keepAlive.time.proxy=200 | Timeout set to 120 - * | | (SERVER_100 && PROXY_200) | - *------------------------------------------------------------------------------------------------------------------------------- - * 68 |Proxy-connection:keep-alive\r\nKeep-alive:timeout=120 (E)| -Dhttp.keepAlive.time.server=-100 | Timeout set to 120 - * | | (SERVER_100_NEGATIVE) | - *------------------------------------------------------------------------------------------------------------------------------- - * 69 |Proxy-connection:keep-alive\r\nKeep-alive:timeout=120 (E)| -Dhttp.keepAlive.time.proxy=-200 | Timeout set to 120 - * | | (PROXY_200_NEGATIVE) | - *------------------------------------------------------------------------------------------------------------------------------- - * 70 |Proxy-connection:keep-alive\r\nKeep-alive:timeout=120 (E)| -Dhttp.keepAlive.time.server=-100 && | - * | | -Dhttp.keepAlive.time.proxy=-200 | Timeout set to 120 - * | | (SERVER_100_NEGATIVE && PROXY_200_NEGATIVE)| - *------------------------------------------------------------------------------------------------------------------------------- - * 71 |Proxy-connection:keep-alive\r\nKeep-alive:timeout=120 (E)| -Dhttp.keepAlive.time.server=0 | Timeout set to 120 - * | | (SERVER_ZERO) | - *------------------------------------------------------------------------------------------------------------------------------- - * 72 |Proxy-connection:keep-alive\r\nKeep-alive:timeout=120 (E)| -Dhttp.keepAlive.time.proxy=0 | Timeout set to 120 - * | | (PROXY_ZERO) | - *------------------------------------------------------------------------------------------------------------------------------- - * 73 |Proxy-connection:keep-alive\r\nKeep-alive:timeout=120 (E)| -Dhttp.keepAlive.time.server=0 && | - * | | -Dhttp.keepAlive.time.proxy=0 | Timeout set to 120 - * | | (SERVER_ZERO && PROXY_ZERO) | - *------------------------------------------------------------------------------------------------------------------------------- - * 74 |Proxy-connection:keep-alive\r\nKeep-alive:timeout=120 (E)| -Dhttp.keepAlive.time.server=0 && | - * | | -Dhttp.keepAlive.time.proxy=-200 | Timeout set to 120 - * | | (SERVER_ZERO && PROXY_200_NEGATIVE) | - *------------------------------------------------------------------------------------------------------------------------------- - * 75 |Proxy-connection:keep-alive\r\nKeep-alive:timeout=120 (E)| -Dhttp.keepAlive.time.server=-100 &&| - * | | -Dhttp.keepAlive.time.proxy=0 | Timeout set to 120 - * | | (SERVER_100_NEGATIVE && PROXY_ZERO) | - *------------------------------------------------------------------------------------------------------------------------------- - * 76 |Proxy-connection:keep-alive\r\nKeep-alive:timeout=120 (E)| -Dhttp.keepAlive.time.server=100 && | - * | | -Dhttp.keepAlive.time.proxy=0 | Timeout set to 120 - * | | (SERVER_100 && PROXY_ZERO) | - *------------------------------------------------------------------------------------------------------------------------------- - * 77 |Proxy-connection:keep-alive\r\nKeep-alive:timeout=120 (E)| -Dhttp.keepAlive.time.server=0 && | - * | | -Dhttp.keepAlive.time.proxy=200 | Timeout set to 120 - * | | (SERVER_ZERO && PROXY_200) | - *------------------------------------------------------------------------------------------------------------------------------- - * 78 |Proxy-connection:keep-alive\r\nKeep-alive:timeout=120 (E)| -Dhttp.keepAlive.time.server=100 && | - * | | -Dhttp.keepAlive.time.proxy=-200 | Timeout set to 120 - * | | (SERVER_100_NEGATIVE && PROXY_200_NEGATIVE) | - *------------------------------------------------------------------------------------------------------------------------------- - * 79 |Proxy-connection:keep-alive\r\nKeep-alive:timeout=120 (E)| -Dhttp.keepAlive.time.server=-100 &&| - * | | -Dhttp.keepAlive.time.proxy=200 | Timeout set to 120 - * | | (SERVER_100_NEGATIVE && PROXY_200) | - *----------------------------------------------------------------------------------------------------------------------------- - * 80 |No Input (NI) | No Input Provided (NI) | default timeout set to 5 - *----------------------------------------------------------------------------------------------------------------------------- - * 81 |No Input (NI) | -Dhttp.keepAlive.time.server=100 | Timeout set to 100 - * | | (SERVER_100) | - *----------------------------------------------------------------------------------------------------------------------------- - * 82 |No Input (NI) | -Dhttp.keepAlive.time.proxy=200 | default timeout set to 5 - * | | (PROXY_200) | - *----------------------------------------------------------------------------------------------------------------------------- - * 83 |No Input (NI) | -Dhttp.keepAlive.time.server=100 && | - * | | -Dhttp.keepAlive.time.proxy=200 | client timeot set to 100 - * | | (SERVER_100 && PROXY_200) | - *------------------------------------------------------------------------------------------------------------------------------ - * 84 |No Input (NI) | -Dhttp.keepAlive.time.server=-100 | default timeout set to 5 - * | | (SERVER_100_NEGATIVE) | - *------------------------------------------------------------------------------------------------------------------------------ - * 85 |No Input (NI) | -Dhttp.keepAlive.time.proxy=-200 | default timeout set to 5 - * | | (PROXY_200_NEGATIVE) | - *---------------------------------------------------------------------------------------------------------------------------- - * 86 |No Input (NI) | -Dhttp.keepAlive.time.server=-100 && | - * | | -Dhttp.keepAlive.time.proxy=-200 | default timeout set to 5 - * | | (SERVER_100_NEGATIVE && PROXY_200_NEGATIVE)| - *------------------------------------------------------------------------------------------------------------------------------ - * 87 |No Input (NI) | -Dhttp.keepAlive.time.server=0 | close connection immediately - * | | (SERVER_ZERO) | - *--------------------------------------------------------------------------------------------------------------------------------- - * 88 |No Input (NI) | -Dhttp.keepAlive.time.proxy=0 | default timeout set to 5 - * | | (PROXY_ZERO) | - *--------------------------------------------------------------------------------------------------------------------------------- - * 89 |No Input (NI) | -Dhttp.keepAlive.time.server=0 && | - * | | -Dhttp.keepAlive.time.proxy=0 | close connection immediately - * | | (SERVER_ZERO && PROXY_ZERO) | - *--------------------------------------------------------------------------------------------------------------------------------- - * 90 |No Input (NI) | -Dhttp.keepAlive.time.server=0 && | - * | | -Dhttp.keepAlive.time.proxy=-200 | close connection immediately - * | | (SERVER_ZERO && PROXY_200_NEGATIVE) | - *-------------------------------------------------------------------------------------------------------------------------------- - * 91 |No Input (NI) | -Dhttp.keepAlive.time.server=-100 &&| - * | | -Dhttp.keepAlive.time.proxy=0 | default timeout set to 5 - * | | (SERVER_100_NEGATIVE && PROXY_ZERO) | - *-------------------------------------------------------------------------------------------------------------------------------- - * 92 |No Input (NI) | -Dhttp.keepAlive.time.server=100 && | - * | | -Dhttp.keepAlive.time.proxy=0 | Timeout set to 100 - * | | (SERVER_100 && PROXY_ZERO) | - *-------------------------------------------------------------------------------------------------------------------------------- - * 93 |No Input (NI) | -Dhttp.keepAlive.time.server=0 && | - * | | -Dhttp.keepAlive.time.proxy=200 | close connection immediately - * | | (SERVER_ZERO && PROXY_200) | - *-------------------------------------------------------------------------------------------------------------------------------- - * 94 |No Input (NI) |-Dhttp.keepAlive.time.server=100 && | - * | |-Dhttp.keepAlive.time.proxy=-200 | Timeout set to 100 - * | | (SERVER_100 && PROXY_200_NEGATIVE) | - *-------------------------------------------------------------------------------------------------------------------------------- - * 95 |No Input (NI) |-Dhttp.keepAlive.time.server=-100 && | - * | |-Dhttp.keepAlive.time.proxy=200 | default timeout set to 5 - * | | (SERVER_100_NEGATIVE && PROXY_200) | - *-------------------------------------------------------------------------------------------------------------------------------- - * 96 |Connection: keep-alive\r\nKeep-alive: timeout=-20 (F) | No Input Provided (NI) | default timeout set to 5 - *-------------------------------------------------------------------------------------------------------------------------------- - * 97 |Connection: keep-alive\r\nKeep-alive: timeout=-20 (F) |-Dhttp.keepAlive.time.server=100 | Timeout set to 100 - * | | (SERVER_100) | - *-------------------------------------------------------------------------------------------------------------------------------- - * 98 |Connection: keep-alive\r\nKeep-alive: timeout=-20 (F) |-Dhttp.keepAlive.time.proxy=200 | default timeout set to 5 - * | | (PROXY_200) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 99 |Connection: keep-alive\r\nKeep-alive: timeout=-20 (F) |-Dhttp.keepAlive.time.server=100 && | - * | |-Dhttp.keepAlive.time.proxy=200 | Timeout set to 100 - * | |(SERVER_100 && PROXY_200) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 100 |Connection: keep-alive\r\nKeep-alive: timeout=-20 (F) |-Dhttp.keepAlive.time.server=-100 | default timeout set to 5 - * | |(SERVER_100_NEGATIVE) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 101 |Connection: keep-alive\r\nKeep-alive: timeout=-20 (F) |-Dhttp.keepAlive.time.proxy=-200 | default timeout set to 5 - * | |(PROXY_200_NEGATIVE) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 102 |Connection: keep-alive\r\nKeep-alive: timeout=-20 (F) |-Dhttp.keepAlive.time.server=-100 && | - * | |-Dhttp.keepAlive.time.proxy=-200 | default timeout set to 5 - * | | (SERVER_100_NEGATIVE && PROXY_200_NEGATIVE)| - *------------------------------------------------------------------------------------------------------------------------------------- - * 103 |Connection: keep-alive\r\nKeep-alive: timeout=-20 (F) |-Dhttp.keepAlive.time.server=0 | close connection immediately - * | | (SERVER_ZERO) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 104 |Connection: keep-alive\r\nKeep-alive: timeout=-20 (F) |-Dhttp.keepAlive.time.proxy=0 | default timeout set to 5 - * | | (PROXY_ZERO) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 105 |Connection: keep-alive\r\nKeep-alive: timeout=-20 (F) |-Dhttp.keepAlive.time.server=0 && | - * | | -Dhttp.keepAlive.time.proxy=0 | close connection immediately - * | | (SERVER_ZERO && PROXY_ZERO) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 106 |Connection: keep-alive\r\nKeep-alive: timeout=-20 (F) |-Dhttp.keepAlive.time.server=0 && | - * | |-Dhttp.keepAlive.time.proxy=-200 | close connection immediately - * | | (SERVER_ZERO && PROXY_ZERO_NEGATIVE)| - *------------------------------------------------------------------------------------------------------------------------------------- - * 107 |Connection: keep-alive\r\nKeep-alive: timeout=-20 (F) |-Dhttp.keepAlive.time.server=-100 && | - * | |-Dhttp.keepAlive.time.proxy=0 | default timeout set to 5 - * | | (SERVER_100_NEGATIVE && PROXY_ZERO) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 108 |Connection: keep-alive\r\nKeep-alive: timeout=-20 (F) |-Dhttp.keepAlive.time.server=100 && | - * | |-Dhttp.keepAlive.time.proxy=0 | Timeout set to 100 - * | | (SERVER_100 && PROXY_ZERO) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 109 |Connection: keep-alive\r\nKeep-alive: timeout=-20 (F) |-Dhttp.keepAlive.time.server=0 && | - * | |-Dhttp.keepAlive.time.proxy=200 | close connection immediately - * | | (SERVER_ZERO && PROXY_200) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 110 |Connection: keep-alive\r\nKeep-alive: timeout=-20 (F) |-Dhttp.keepAlive.time.server=100 && | - * | |-Dhttp.keepAlive.time.proxy=-200 | Timeout set to 100 - * | |(SERVER_100 && PROXY_200_NEGATIVE) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 111 |Connection: keep-alive\r\nKeep-alive: timeout=-20 (F) |-Dhttp.keepAlive.time.server=-100 && | - * | |-Dhttp.keepAlive.time.proxy=200 | default timeout set to 5 - * | | (SERVER_100_NEGATIVE && PROXY_200) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 112 |Connection: keep-alive\r\nKeep-alive: timeout=0 (G) | No Input Provided (NI) | close connection immediately - *------------------------------------------------------------------------------------------------------------------------------------- - * 113 |Connection: keep-alive\r\nKeep-alive: timeout=0 (G) | -Dhttp.keepAlive.time.server=100 | close connection immediately - * | | (SERVER_100) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 114 |Connection: keep-alive\r\nKeep-alive: timeout=0 (G) | -Dhttp.keepAlive.time.proxy=200 | close connection immediately - * | | (PROXY_200) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 115 |Connection: keep-alive\r\nKeep-alive: timeout=0 (G) | -Dhttp.keepAlive.time.server=100 && | - * | | -Dhttp.keepAlive.time.proxy=200 | close connection immediately - * | | (SERVER_100 && PROXY_200) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 116 |Connection: keep-alive\r\nKeep-alive: timeout=0 (G) | -Dhttp.keepAlive.time.server=-100 | close connection immediately - * | | (SERVER_100_NEGATIVE) | - *------------------------------------------------------------------------------------------------------------------------------------ - * 117 |Connection: keep-alive\r\nKeep-alive: timeout=0 (G) | -Dhttp.keepAlive.time.proxy=-200 | close connection immediately - * | | (PROXY_200_NEGATIVE) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 118 |Connection: keep-alive\r\nKeep-alive: timeout=0 (G) |-Dhttp.keepAlive.time.server=-100 && | - * | |-Dhttp.keepAlive.time.proxy=-200 | close connection immediately - * | | (SERVER_100_NEGATIVE && PROXY_200_NEGATIVE) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 119 |Connection: keep-alive\r\nKeep-alive: timeout=0 (G) | -Dhttp.keepAlive.time.server=0 | close connection immediately - * | | (SERVER_ZERO) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 120 |Connection: keep-alive\r\nKeep-alive: timeout=0 (G) | -Dhttp.keepAlive.time.proxy=0 | close connection immediately - * | | (PROXY_ZERO) | - *------------------------------------------------------------------------------------------------------------------------------------ - * 121 |Connection: keep-alive\r\nKeep-alive: timeout=0 (G) | -Dhttp.keepAlive.time.server=0 && | - * | | -Dhttp.keepAlive.time.proxy=0 | close connection immediately - * | | (SERVER_ZERO && PROXY_ZERO) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 122 |Connection: keep-alive\r\nKeep-alive: timeout=0 (G) | -Dhttp.keepAlive.time.server=0 && | - * | | -Dhttp.keepAlive.time.proxy=-200 | close connection immediately - * | | (SERVER_ZERO && PROXY_200_NEGATIVE) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 123 |Connection: keep-alive\r\nKeep-alive: timeout=0 (G) | -Dhttp.keepAlive.time.server=-100 &&| - * | | -Dhttp.keepAlive.time.proxy=0 | close connection immediately - * | | (SERVER_100_NEGATIVE && PROXY_ZERO) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 124 |Connection: keep-alive\r\nKeep-alive: timeout=0 (G) | -Dhttp.keepAlive.time.server=100 && | - * | | -Dhttp.keepAlive.time.proxy=0 | close connection immediately - * | | (SERVER_100 && PROXY_ZERO) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 125 |Connection: keep-alive\r\nKeep-alive: timeout=0 (G) | -Dhttp.keepAlive.time.server=0 && | - * | | -Dhttp.keepAlive.time.proxy=200 | close connection immediately - * | | (SERVER_ZERO && PROXY_200) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 126 |Connection: keep-alive\r\nKeep-alive: timeout=0 (G) | -Dhttp.keepAlive.time.server=100 && | - * | | -Dhttp.keepAlive.time.proxy=-200 | close connection immediately - * | | (SERVER_100 && PROXY_200_NEGATIVE) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 127 |Connection: keep-alive\r\nKeep-alive: timeout=0 (G) | -Dhttp.keepAlive.time.server=-100 &&| - * | | -Dhttp.keepAlive.time.proxy=200 | close connection immediately - * | | (SERVER_100_NEGATIVE && PROXY_200) | - *-------------------------------------------------------------------------------------------------------------------------------------- - * 128 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=-20 (H)| No Input Provided (NI) | default timeout set to 60 - --------------------------------------------------------------------------------------------------------------------------------------- - * 129 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=-20 (H)| -Dhttp.keepAlive.time.server=100 | default timeout set to 60 - * | | (SERVER_100) | - *-------------------------------------------------------------------------------------------------------------------------------------- - * 130 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=-20 (H)| -Dhttp.keepAlive.time.proxy=200 | Timeout set to 200 - * | | (PROXY_200) | - *-------------------------------------------------------------------------------------------------------------------------------------- - * 131 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=-20 (H)| -Dhttp.keepAlive.time.server=100 && | - * | | -Dhttp.keepAlive.time.proxy=200 | Timeout set to 200 - * | | (SERVER_100 && PROXY_200) | - *-------------------------------------------------------------------------------------------------------------------------------------- - * 132 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=-20 (H)| -Dhttp.keepAlive.time.server=-100 | default timeout set to 60 - * | | (SERVER_100_NEGATIVE) | - *-------------------------------------------------------------------------------------------------------------------------------------- - * 133 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=-20 (H)| -Dhttp.keepAlive.time.proxy=-200 | default timeout set to 60 - * | | (PROXY_200_NEGATIVE) | - *-------------------------------------------------------------------------------------------------------------------------------------- - * 134 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=-20 (H)|-Dhttp.keepAlive.time.server=-100 && | - * | |-Dhttp.keepAlive.time.proxy=-200 | default timeout set to 60 - * | | (SERVER_100_NEGATIVE && PROXY_200_NEGATIVE)| - *--------------------------------------------------------------------------------------------------------------------------------- - * 135 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=-20 (H)| -Dhttp.keepAlive.time.server=0 | default timeout set to 60 - * | | (SERVER_ZERO) | - *-------------------------------------------------------------------------------------------------------------------------------------- - * 136 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=-20 (H)| -Dhttp.keepAlive.time.proxy=0 | close connection immediately - * | | (PROXY_ZERO) | - *---------------------------------------------------------------------------------------------------------------------------------- - * 137 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=-20 (H)| -Dhttp.keepAlive.time.server=0 && | - * | | -Dhttp.keepAlive.time.proxy=0 | close connection immediately - * | | (SERVER_ZERO && PROXY_ZERO) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 138 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=-20 (H)| -Dhttp.keepAlive.time.server=0 && | - * | | -Dhttp.keepAlive.time.proxy=-200 | default timeout set to 60 - * | | (SERVER_ZERO && PROXY_200_NEGATIVE) | - *--------------------------------------------------------------------------------------------------------------------------------------- - * 139 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=-20 (H)| -Dhttp.keepAlive.time.server=-100 && | - * | | -Dhttp.keepAlive.time.proxy=0 | close connection immediately - * | | (SERVER_100_NEGATIVE && PROXY_ZERO) | - *-------------------------------------------------------------------------------------------------------------------------------------- - * 140 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=-20 (H)| -Dhttp.keepAlive.time.server=100 && | - * | | -Dhttp.keepAlive.time.proxy=0 | close connection immediately - * | | (SERVER_100 && PROXY_ZERO) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 141 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=-20 (H)| -Dhttp.keepAlive.time.server=0 && | - * | | -Dhttp.keepAlive.time.proxy=200 | Timeout set to 20 - * | | (SERVER_ZERO && PROXY_200) | - *-------------------------------------------------------------------------------------------------------------------------------------- - * 142 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=-20 (H)|-Dhttp.keepAlive.time.server=100 && | - * | |-Dhttp.keepAlive.time.proxy=-200 | default timeout set to 60 - * | | (SERVER_100 && PROXY_200_NEGATIVE) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 143 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=-20 (H)|-Dhttp.keepAlive.time.server=-100 && | - * | |-Dhttp.keepAlive.time.proxy=200 | Timeout set to 200 - * | | (SERVER_100_NEGATIVE && PROXY_200) | - *-------------------------------------------------------------------------------------------------------------------------------------- - * 144 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=0 (I) | No Input Provided (NI) | close connection immediately - *-------------------------------------------------------------------------------------------------------------------------------------- - * 145 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=0 (I) | -Dhttp.keepAlive.time.server=100 | close connection immediately - * | | (SERVER_100) | - *-------------------------------------------------------------------------------------------------------------------------------------- - * 146 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=0 (I) | -Dhttp.keepAlive.time.proxy=200 | close connection immediately - * | | (PROXY_200) | - *-------------------------------------------------------------------------------------------------------------------------------------- - * 147 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=0 (I) | -Dhttp.keepAlive.time.server=100 && | - * | | -Dhttp.keepAlive.time.proxy=200 | close connection immediately - * | | (SERVER_100 && PROXY_200) | - *-------------------------------------------------------------------------------------------------------------------------------------- - * 148 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=0 (I) | -Dhttp.keepAlive.time.server=-100 | close connection immediately - * | | (SERVER_100_NEGATIVE) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 149 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=0 (I) | -Dhttp.keepAlive.time.proxy=-200 | close connection immediately - * | | (PROXY_200_NEGATIVE) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 150 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=0 (I) | -Dhttp.keepAlive.time.server=-100 && | - * | | -Dhttp.keepAlive.time.proxy=-200 | close connection immediately - * | | (SERVER_100_NEGATIVE && PROXY_200_NEGATIVE) | - *------------------------------------------------------------------------------------------------------------------------------------ - * 151 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=0 (I) | -Dhttp.keepAlive.time.server=0 | close connection immediately - * | | (SERVER_ZERO) | - *----------------------------------------------------------------------------------------------------------------------------------- - * 152 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=0 (I) | -Dhttp.keepAlive.time.proxy=0 | close connection immediately - * | | (PROXY_ZERO) | - *--------------------------------------------------------------------------------------------------------------------------------- - * 153 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=0 (I) | -Dhttp.keepAlive.time.server=0 && | - * | | -Dhttp.keepAlive.time.proxy=0 | close connection immediately - * | | (SERVER_ZERO && PROXY_ZERO) | - *------------------------------------------------------------------------------------------------------------------------------------ - * 154 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=0 (I) | -Dhttp.keepAlive.time.server=0 && | - * | | -Dhttp.keepAlive.time.proxy=-200 | close connection immediately - * | | (SERVER_ZERO && PROXY_200_NEGATIVE) | - *-------------------------------------------------------------------------------------------------------------------------------------- - * 155 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=0 (I) | -Dhttp.keepAlive.time.server=-100 && | - * | | -Dhttp.keepAlive.time.proxy=0 | close connection immediately - * | | (SERVER_100_NEGATIVE && PROXY_ZERO) | - *------------------------------------------------------------------------------------------------------------------------------------- - * 156 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=0 (I) | -Dhttp.keepAlive.time.server=100 && | - * | | -Dhttp.keepAlive.time.proxy=0 | close connection immediately - * | | (SERVER_100 && PROXY_ZERO) | - *-------------------------------------------------------------------------------------------------------------------------------------- - * 157 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=0 (I) | -Dhttp.keepAlive.time.server=0 && | - * | | -Dhttp.keepAlive.time.proxy=200 | close connection immediately - * | | (SERVER_ZERO && PROXY_200) | - *-------------------------------------------------------------------------------------------------------------------------------------- - * 158 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=0 (I) | -Dhttp.keepAlive.time.server=100 && | - * | | -Dhttp.keepAlive.time.proxy=-200 | close connection immediately - * | | (SERVER_100 && PROXY_200_NEGATIVE) | - *-------------------------------------------------------------------------------------------------------------------------------------- - * 159 |Proxy-Connection:keep-alive\r\nKeep-alive:timeout=0 (I) | -Dhttp.keepAlive.time.server=-100 && | - * | | -Dhttp.keepAlive.time.proxy=200 | close connection immediately - * | | (SERVER_100_NEGATIVE && PROXY_200) | - *-------------------------------------------------------------------------------------------------------------------------------------- - */ - - /* private static final String[] serverScenarios = { - A, A, A, A, A, A, A, A, A, A, A, A, A, A, A, A, - B, B, B, B, B, B, B, B, B, B,B, B, B, B, B, B, - C, C, C, C, C, C, C, C, C, C, C, C, C, C, C, C, - D, D, D, D, D, D, D, D, D, D, D, D, D, D, D, D, - E, E, E, E, E, E, E, E, E, E, E, E, E, E, E, E, - NI, NI, NI, NI, NI, NI, NI, NI, NI, NI, NI, NI, NI, NI, NI, NI, - F, F, F, F, F, F, F, F, F, F, F, F, F, F, F, F, - G, G, G, G, G, G, G, G, G, G, G, G, G, G, G, G, - H, H, H, H, H, H, H, H, H, H, H, H, H, H, H, H, - I, I, I, I, I, I, I, I, I, I, I, I, I, I, I, I - }; */ - /* - * following are client scenarios which are repeated. - */ - private static final String[] a = { - NI, SERVER_100, PROXY_200, SERVER_100 + CLIENT_SEPARATOR + PROXY_200, SERVER_100_NEGATIVE, - PROXY_200_NEGATIVE, SERVER_100_NEGATIVE + CLIENT_SEPARATOR + PROXY_200_NEGATIVE, - SERVER_ZERO, PROXY_ZERO, SERVER_ZERO + CLIENT_SEPARATOR + PROXY_ZERO, - SERVER_ZERO + CLIENT_SEPARATOR + PROXY_200_NEGATIVE, SERVER_100_NEGATIVE + CLIENT_SEPARATOR + PROXY_ZERO, - SERVER_100 + CLIENT_SEPARATOR + PROXY_ZERO, SERVER_ZERO + CLIENT_SEPARATOR + PROXY_200, - SERVER_100 + CLIENT_SEPARATOR + PROXY_200_NEGATIVE, SERVER_100_NEGATIVE + CLIENT_SEPARATOR + PROXY_200 - }; - - /* private String[] clientScenarios = { - a[0] , a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11], a[12], a[13], a[14], a[15], - a[0] , a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11], a[12], a[13], a[14], a[15], - a[0] , a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11], a[12], a[13], a[14], a[15], - a[0] , a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11], a[12], a[13], a[14], a[15], - a[0] , a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11], a[12], a[13], a[14], a[15], - a[0] , a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11], a[12], a[13], a[14], a[15], - a[0] , a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11], a[12], a[13], a[14], a[15], - a[0] , a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11], a[12], a[13], a[14], a[15], - a[0] , a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11], a[12], a[13], a[14], a[15], - a[0] , a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11], a[12], a[13], a[14], a[15], - }; */ + private static final String CONNECTION_KEEP_ALIVE_WITH_TIMEOUT = CONNECTION_KEEP_ALIVE_ONLY + NEW_LINE + KEEP_ALIVE_TIMEOUT; - private static final String[] clientScenarios = { - a[0] , a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11], a[12], a[13], a[14], a[15] + private static final String[] serverHeaders = { + null, + CONNECTION_KEEP_ALIVE_ONLY + NEW_LINE, + CONNECTION_KEEP_ALIVE_WITH_TIMEOUT + NEW_LINE, + PROXY_CONNECTION_KEEP_ALIVE_ONLY + NEW_LINE, + PROXY_CONNECTION_KEEP_ALIVE_ONLY + NEW_LINE + CONNECTION_KEEP_ALIVE_ONLY + NEW_LINE, + PROXY_CONNECTION_KEEP_ALIVE_ONLY + NEW_LINE + KEEP_ALIVE_PROXY_TIMEOUT + NEW_LINE, + CONNECTION_KEEP_ALIVE_ONLY + NEW_LINE + KEEP_ALIVE_TIMEOUT_NEG + NEW_LINE, + CONNECTION_KEEP_ALIVE_ONLY + NEW_LINE + KEEP_ALIVE_TIMEOUT_ZERO + NEW_LINE, + PROXY_CONNECTION_KEEP_ALIVE_ONLY + NEW_LINE + KEEP_ALIVE_TIMEOUT_NEG + NEW_LINE, + PROXY_CONNECTION_KEEP_ALIVE_ONLY + NEW_LINE + KEEP_ALIVE_TIMEOUT_ZERO + NEW_LINE }; - private static final int[] expectedValues = { - 5, 100, 5, 100, 5, 5, 5, 0, 5, 0, 0, 5, 100, 0, 100, 5, - 20, 20 , 20, 20, 20, 20, 20, 20, 20, 20 , 20, 20, 20, 20, 20, 20, - 60, 60, 200, 200, 60, 60, 60, 60, 0, 0, 60, 0, 0, 200, 60, 200, - 60, 60, 200, 200, 60, 60, 60, 60, 0, 0, 60, 0, 0, 200, 60, 200, - 120, 120, 120, 120,120,120,120,120,120, 120, 120, 120, 120, 120, 120, 120, - 5, 100, 5, 100, 5, 5, 5, 0, 5, 0, 0, 5, 100, 0, 100, 5, - 5, 100, 5, 100, 5, 5, 5, 0, 5, 0, 0, 5, 100, 0, 100, 5, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 60, 60, 200, 200, 60, 60, 60, 60, 0, 0, 60, 0, 0, 200, 60, 200, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - }; + private static KeepAliveCache keepAliveCache; - private final CountDownLatch countDownLatch = new CountDownLatch(1); + private static Constructor keepAliveKeyClassconstructor; - private final CountDownLatch serverCountDownLatch = new CountDownLatch(1); + // variables set by server thread + private volatile int serverPort; + private volatile boolean isProxySet; - /* - * setting of client properties -Dhttp.keepAlive.time.server and -Dhttp.keepAlive.time.proxy is handled through this method. - * There are 16 client scenarios in total starting with scenarioNumber 0(zero) and ending with 15. - * Server Scenarios are grouped into batch of 16 scenarios. - * There are 10 batches in total and each batch contains 16 scenarios so 10 * 16 = 160 scenarios in total. - * 16 Client Scenarios are used repeatedly for every server scenario batch. - * for serverscenario[0],serverscenario[16],serverscenario[32] ... serverscenario[144] is mapped to clientscenario[0] - * for serverscenario[1],serverscenario[17],serverscenario[33] ... serverscenario[145] is mapped to clientscenario[1] - * for serverscenario[2],serverscenario[18],serverscenario[34] ... serverscenario[146] is mapped to clientscenario[2] - * ... - * for serverscenario[15],serverscenario[31],serverscenario[47] ... serverscenario[159] is mapped to clientscenario[15] - */ - private int getClientScenarioNumber(int scenarioNumber) { - return scenarioNumber % 16 ; - } - - /* - * Returns SERVER_RESPONSE as String based on integer inputParameter scenarioNumber. - * Server Scenarios are grouped into batch of 16 scenarios starting with scenarioNumber 0 (zero) - * so there are 10 batches in total and each batch contains 16 scenarios so 10 * 16 = 160 scenarios in total. - * For each batch of 16 scenarios, there will be common SERVER_RESPONSE for all 16 scenarios in batch. - * for scenario numbers from 0 to 15 server response is: Connection:keep-alive - * for scenario numbers from 16 to 31 server response is: SERVER_RESPONSE=Connection: keep-alive\r\nKeep-alive: timeout=20 - * for scenario numbers from 32 to 47 server response is: SERVER_RESPONSE=Proxy-Connection: keep-alive - * for scenario numbers from 48 to 63 server response is: SERVER_RESPONSE=Connection:keep-alive\r\nProxy-connection:keep-alive - * for scenario numbers from 64 to 79 server response is: SERVER_RESPONSE=Proxy-connection:keep-alive\r\nKeep-alive:timeout=120 - * for scenario numbers from 80 to 95 server response is: SERVER_RESPONSE=No Input - * for scenario numbers from 96 to 111 server response is: SERVER_RESPONSE=Connection: keep-alive\r\nKeep-alive: timeout=-20 - * for scenario numbers from 112 to 127 server resonse is: Connection: keep-alive\r\nKeep-alive: timeout=0 - * for scenario numbers from 128 to 143 server response is: Proxy-connection:keep-alive\r\nKeep-alive:timeout=-20 - * for scenario numbers from 144 to 159 server response is: Proxy-connection:keep-alive\r\nKeep-alive:timeout=0 - */ - private String getServerScenario(int scenarioNumber) { - /* - * ServerResponse for scenarios from 0 to 15 - * SERVER_RESPONSE:Connection:keep-alive - */ - if(scenarioNumber >= 0 && scenarioNumber <= 15) { - return A; - } - /* - * ServerResponse for scenarios from 16 to 31 - * SERVER_RESPONSE=Connection: keep-alive\r\nKeep-alive: timeout=20 - */ - else if (scenarioNumber >= 16 && scenarioNumber <= 31){ - return B; - } - /* - * ServerResponse for scenarios from 32 to 47 - * SERVER_RESPONSE=Proxy-Connection: keep-alive - */ - else if (scenarioNumber >= 32 && scenarioNumber <= 47){ - return C; - } - /* - * ServerResponse for scenarios from 48 to 63 - * SERVER_RESPONSE=Connection:keep-alive\r\nProxy-connection:keep-alive - */ - else if (scenarioNumber >= 48 && scenarioNumber <= 63){ - return D; - /* - * ServerResponse for scenarios from 64 to 79 - * SERVER_RESPONSE=Proxy-connection:keep-alive\r\nKeep-alive:timeout=120 - */ - } else if (scenarioNumber >= 64 && scenarioNumber <= 79){ - return E; - } - /* - * ServerResponse for scenarios from 80 to 95 - * SERVER_RESPONSE=No Input - */ - else if (scenarioNumber >= 80 && scenarioNumber <= 95){ - return NI; - } - /* - * ServerResponse for scenarios from 96 to 111 - * SERVER_RESPONSE=Connection: keep-alive\r\nKeep-alive: timeout=-20 - */ - else if (scenarioNumber >= 96 && scenarioNumber <= 111){ - return F; - } - /* - * ServerResponse for scenarios from 112 to 127 - * SERVER_RESPONSE=Connection: keep-alive\r\nKeep-alive: timeout=0 - */ - else if (scenarioNumber >= 112 && scenarioNumber <= 127){ - return G; - } - /* - * ServerResponse for scenarios from 128 to 143 - * SERVER_RESPONSE=Proxy-connection:keep-alive\r\nKeep-alive:timeout=-20 - */ - else if (scenarioNumber >= 128 && scenarioNumber <= 143){ - return H; - } - /* - * ServerResponse for scenarios from 144 to 159 - * SERVER_RESPONSE=Proxy-connection:keep-alive\r\nKeep-alive:timeout=0 - */ - else if (scenarioNumber >= 144 && scenarioNumber <= 159){ - return I; - } - /*Invalid Case*/ - return null; - } - - private void startScenario(int scenarioNumber) throws Exception { - System.out.println("serverScenarios[" + scenarioNumber + "]=" + getServerScenario(scenarioNumber)); - System.out.println("clientScenarios[" + scenarioNumber + "]=" + clientScenarios[getClientScenarioNumber(scenarioNumber)]); - if(expectedValues[scenarioNumber] == 0) { - System.out.println("ExpectedOutput=" + NOT_CACHED); - } else { - System.out.println("ExpectedOutput=" + expectedValues[scenarioNumber]); - } - System.out.println(); - startServer(scenarioNumber); - runClient(scenarioNumber); - } - - private void startServer(int scenarioNumber) { - Thread server = new Thread(new Runnable() { - @Override - public void run() { - try { - executeServer(scenarioNumber); - } catch (IOException e) { - e.printStackTrace(); - } - } - }, "SERVER"); - server.start(); - } + private static final Phaser serverGate = new Phaser(2); private void readAll(Socket s) throws IOException { byte[] buf = new byte[128]; @@ -1058,215 +128,209 @@ private void readAll(Socket s) throws IOException { } } - private void executeServer(int scenarioNumber) throws IOException { - String serverScenarioContent = null; - if (!getServerScenario(scenarioNumber).equalsIgnoreCase(NI)) { - serverScenarioContent = getServerScenario(scenarioNumber) + NEW_LINE; - /* - * isProxySet should be set before Server is moved to Listen State. - */ - if (serverScenarioContent.contains("Proxy")) { - isProxySet = true; - } else { - isProxySet = false; - } + private void executeServer(int scenarioNumber) { + String scenarioHeaders = serverHeaders[scenarioNumber]; + if (scenarioHeaders != null) { + // isProxySet should be set before Server is moved to Listen State. + isProxySet = scenarioHeaders.contains("Proxy"); } - ServerSocket serverSocket = null; - Socket socket = null; - OutputStreamWriter out = null; - InetAddress loopback = InetAddress.getLoopbackAddress(); - try { - serverSocket = new ServerSocket(); - serverSocket.bind(new InetSocketAddress(loopback, 0)); - SERVER_PORT = serverSocket.getLocalPort(); - //serverReady = true; - this.serverCountDownLatch.countDown(); - System.out - .println("SERVER_PORT= " + SERVER_PORT +" isProxySet=" + isProxySet); - /* - * Server will be waiting for clients to connect. - */ - socket = serverSocket.accept(); - readAll(socket); - out = new OutputStreamWriter(socket.getOutputStream()); - String BODY = "SERVER REPLY: Hello world"; - String CLEN = "Content-Length: " + BODY.length() + NEW_LINE; - /* send the header */ - out.write("HTTP/1.1 200 OK\r\n"); - out.write("Content-Type: text/plain; charset=iso-8859-1\r\n"); - /* - * append each scenario content from array. - */ - if(serverScenarioContent != null) { - out.write(serverScenarioContent); - } - out.write(CLEN); - out.write(NEW_LINE); - out.write(BODY); - out.flush(); - } catch (IOException e) { - e.printStackTrace(); - } finally { - if (out != null) { - out.flush(); - out.close(); - } - if (socket != null) { - socket.close(); - } - if (serverSocket != null) { - serverSocket.close(); + try (ServerSocket serverSocket = new ServerSocket()) { + serverSocket.bind(new InetSocketAddress(InetAddress.getLoopbackAddress(), 0)); + serverPort = serverSocket.getLocalPort(); + serverGate.arrive(); + + // Server will be waiting for clients to connect. + try (Socket socket = serverSocket.accept()) { + readAll(socket); + try (OutputStreamWriter out = new OutputStreamWriter(socket.getOutputStream())) { + String BODY = "SERVER REPLY: Hello world"; + String CLEN = "Content-Length: " + BODY.length() + NEW_LINE; + + // send common headers + out.write("HTTP/1.1 200 OK\r\n"); + out.write("Content-Type: text/plain; charset=iso-8859-1\r\n"); + + // set scenario headers + if (scenarioHeaders != null) { + out.write(scenarioHeaders); + } + + // send content + out.write(CLEN); + out.write(NEW_LINE); + out.write(BODY); + } } + } catch (IOException ioe) { + throw new RuntimeException("IOException in server thread", ioe); } } - private void runClient(int scenarioNumber) throws Exception { - try { - connectToServerURL(scenarioNumber); - } finally { - System.out.println("client count down latch:" + scenarioNumber); - this.countDownLatch.countDown(); - System.out.println(); - System.out.println(); - } - } + private void fetchInfo(int expectedValue, HttpURLConnection httpUrlConnection) throws Exception { + Object expectedKeepAliveKey = keepAliveKeyClassconstructor.newInstance(httpUrlConnection.getURL(), null); + Object clientVectorObjectInMap = keepAliveCache.get(expectedKeepAliveKey); + System.out.println("ClientVector for KeepAliveKey:" + clientVectorObjectInMap); + HttpClient httpClientCached = keepAliveCache.get(httpUrlConnection.getURL(), null); + System.out.println("HttpClient in Cache:" + httpClientCached); - private void connectToServerURL(int scenarioNumber) throws Exception { - // System.setProperty("java.net.useSystemProxies", "false"); - // System.setProperty("http.nonProxyHosts", ""); - // System.setProperty("http.proxyHost", "localhost"); - // System.setProperty("http.proxyPort", String.valueOf(SERVER_PORT)); - System.out.println("Following are Existing System Properties if set any"); - System.out.println("http.keepAlive.time.server:" + System.getProperty("http.keepAlive.time.server")); - System.out.println("http.keepAlive.time.proxy:" + System.getProperty("http.keepAlive.time.proxy")); - System.setProperty("java.net.useSystemProxies", "false"); - System.out.println("http.proxyPort:"+System.getProperty("http.proxyPort")); - System.out.println("http.proxyHost:"+System.getProperty("http.proxyHost")); - System.clearProperty("http.keepAlive.time.server"); - System.clearProperty("http.keepAlive.time.proxy"); - // fetch clientScenearios for each scenarioNumber from array and set it to - // System property. - if (!clientScenarios[getClientScenarioNumber(scenarioNumber)].equalsIgnoreCase(NI)) { - System.out.println("Client Input Parsing"); - for (String clientScenarioString : clientScenarios[getClientScenarioNumber(scenarioNumber)].split(CLIENT_SEPARATOR)) { - System.out.println(clientScenarioString); - String key = clientScenarioString.split("=")[0]; - String value = clientScenarioString.split("=")[1]; - System.setProperty(key, value); + if (httpClientCached != null) { + System.out.println("KeepingAlive:" + httpClientCached.isKeepingAlive()); + System.out.println("UsingProxy:" + httpClientCached.getUsingProxy()); + System.out.println("ProxiedHost:" + httpClientCached.getProxyHostUsed()); + System.out.println("ProxiedPort:" + httpClientCached.getProxyPortUsed()); + Class clientVectorClass = Class.forName("sun.net.www.http.ClientVector"); + Field napField = clientVectorClass.getDeclaredField("nap"); + napField.setAccessible(true); + int napValue = (int) napField.get(clientVectorObjectInMap); + int actualValue = napValue / 1000; + if (expectedValue == actualValue) { + System.out.printf("Cache time:%d\n", actualValue); + } else { + throw new RuntimeException("Sleep time of " + actualValue + " not expected (" + expectedValue + ")"); + } + } else { + if (expectedValue == 0) { + System.out.println("Connection not cached."); + } else { + throw new RuntimeException("Connection was not cached although expected with sleep time of:" + expectedValue); } } + } + + private void connectToServerURL(int expectedValue) throws Exception { // wait until ServerSocket moves to listening state. - this.serverCountDownLatch.await(); - System.out.println("client started"); - URL url = URIBuilder.newBuilder().scheme("http").loopback().port(SERVER_PORT).toURL(); - System.out.println("connecting from client to SERVER URL:" + url); + serverGate.arriveAndAwaitAdvance(); + URL url = URIBuilder.newBuilder().scheme("http").loopback().port(serverPort).toURL(); + System.out.println("connecting to server URL: " + url + ", isProxySet: " + isProxySet); HttpURLConnection httpUrlConnection = null; - /* - * isProxySet is set to true when Expected Server Response contains Proxy-Connection header. - */ + + // isProxySet is set to true when Expected Server Response contains Proxy-Connection header. if (isProxySet) { - httpUrlConnection = (sun.net.www.protocol.http.HttpURLConnection) url - .openConnection(new Proxy(Type.HTTP, new InetSocketAddress("localhost", SERVER_PORT))); + httpUrlConnection = (HttpURLConnection) url + .openConnection(new Proxy(Type.HTTP, new InetSocketAddress("localhost", serverPort))); } else { - httpUrlConnection = (sun.net.www.protocol.http.HttpURLConnection) url.openConnection(); + httpUrlConnection = (HttpURLConnection) url.openConnection(); } - InputStreamReader inputStreamReader = new InputStreamReader(httpUrlConnection.getInputStream()); - BufferedReader bufferedReader = null; - try { - bufferedReader = new BufferedReader(inputStreamReader); + + try (InputStreamReader inputStreamReader = new InputStreamReader(httpUrlConnection.getInputStream()); + BufferedReader bufferedReader = new BufferedReader(inputStreamReader)) { while (true) { - String eachLine = bufferedReader.readLine(); - if (eachLine == null) { + String line = bufferedReader.readLine(); + if (line == null) { break; } - System.out.println(eachLine); - } - } finally { - if (bufferedReader != null) { - bufferedReader.close(); + System.out.println(line); } } - // System.out.println("ResponseCode:" + httpUrlConnection.getResponseCode()); - // System.out.println("ResponseMessage:" + httpUrlConnection.getResponseMessage()); - // System.out.println("Content:" + httpUrlConnection.getContent()); - // Thread.sleep(2000); for (Entry> header : httpUrlConnection.getHeaderFields().entrySet()) { System.out.println(header.getKey() + "=" + header.getValue()); } - fetchInfo(scenarioNumber, httpUrlConnection); + fetchInfo(expectedValue, httpUrlConnection); } - private void fetchInfo(int scenarioNumber, sun.net.www.protocol.http.HttpURLConnection httpUrlConnection) - throws Exception { - Field field = Class.forName("sun.net.www.protocol.http.HttpURLConnection").getDeclaredField("http"); - field.setAccessible(true); - HttpClient httpClient = (HttpClient) field.get(httpUrlConnection); - // System.out.println("httpclient=" + httpClient); - Field keepAliveField = Class.forName("sun.net.www.http.HttpClient").getDeclaredField("kac"); - keepAliveField.setAccessible(true); - KeepAliveCache keepAliveCache = (KeepAliveCache) keepAliveField.get(httpClient); - System.out.println("keepAliveCache" + keepAliveCache); - System.out.println("SERVER URL:" + httpUrlConnection.getURL()); - /* - * create KeepAliveKey(URL,Object) object and compare created KeepAliveKey and - * existing using equals() method: KeepAliveKey.equals() - */ - Class keepAliveKeyClass = Class.forName("sun.net.www.http.KeepAliveKey"); - // System.out.println("keepAliveKeyClass=" + keepAliveKeyClass); - Constructor keepAliveKeyClassconstructor = keepAliveKeyClass.getDeclaredConstructors()[0]; - keepAliveKeyClassconstructor.setAccessible(true); - Object expectedKeepAliveKey = keepAliveKeyClassconstructor.newInstance(httpUrlConnection.getURL(), null); - System.out.println("ExpectedKeepAliveKey=" + expectedKeepAliveKey); - Object clientVectorObjectInMap = keepAliveCache.get(expectedKeepAliveKey); - System.out.println("ClientVector=" + clientVectorObjectInMap); - HttpClient httpClientCached = keepAliveCache.get(httpUrlConnection.getURL(), null); - System.out.println("HttpClient in Cache:" + httpClientCached); - if(httpClientCached != null) { - System.out.println("KeepingAlive:" + httpClientCached.isKeepingAlive()); - System.out.println("UsingProxy:" + httpClientCached.getUsingProxy()); - System.out.println("ProxiedHost:" + httpClientCached.getProxyHostUsed()); - System.out.println("ProxiedPort:" + httpClientCached.getProxyPortUsed()); - System.out.println("ProxyPortUsingSystemProperty:" + System.getProperty("http.proxyPort")); - System.out.println("ProxyHostUsingSystemProperty:" + System.getProperty("http.proxyHost")); - System.out.println("http.keepAlive.time.server=" + System.getProperty("http.keepAlive.time.server")); - System.out.println("http.keepAlive.time.proxy=" + System.getProperty("http.keepAlive.time.proxy")); - Class clientVectorClass = Class.forName("sun.net.www.http.ClientVector"); - // System.out.println("clientVectorClass=" + clientVectorClass); - Field napField = clientVectorClass.getDeclaredField("nap"); - napField.setAccessible(true); - int napValue = (int) napField.get(clientVectorObjectInMap); - int actualValue = napValue / 1000; - // System.out.println("nap=" + napValue / 1000); - System.out.printf("ExpectedOutput:%d ActualOutput:%d ", expectedValues[scenarioNumber], actualValue); - System.out.println(); - if (expectedValues[scenarioNumber] != actualValue) { - throw new RuntimeException( - "ExpectedOutput:" + expectedValues[scenarioNumber] + " ActualOutput: " + actualValue); + private int getExpectedCachingValue(int serverScenario) { + if (serverScenario == 2) { + // Connection: keep-alive && Keep-alive: timeout=20 + // + // server side keep-alive timeout is what counts here + return 20; + } else if (serverScenario == 3 || serverScenario == 4 || serverScenario == 8) { + // Proxy-Connection: keep-alive + // Connection:keep-alive && Proxy-connection:keep-alive + // Proxy-Connection:keep-alive && Keep-alive:timeout=-20 + // + // Proxy-connection:keep-alive is set, timeout could be invalid -> value of http.keepAlive.time.proxy or default of 60 + int httpKeepAliveTimeProxy; + try { + httpKeepAliveTimeProxy = Integer.valueOf(System.getProperty("http.keepAlive.time.proxy")); + } catch (NumberFormatException e) { + httpKeepAliveTimeProxy = -1; } + return httpKeepAliveTimeProxy < 0 ? 60 : httpKeepAliveTimeProxy; + } else if (serverScenario == 5) { + // Proxy-connection:keep-alive && Keep-alive:timeout=120 + // + // server side keep-alive timeout is what counts here + return 120; + } else if (serverScenario == 7 || serverScenario == 9) { + // Connection: keep-alive && Keep-alive: timeout=0 + // Proxy-Connection:keep-alive && Keep-alive:timeout=0 + // + // no caching + return 0; } else { - //executed when value is not cached. - String expected = expectedValues[scenarioNumber] == 0 ? NOT_CACHED - : String.valueOf(expectedValues[scenarioNumber]); - System.out.println("ExpectedOutput:" + expected + " ActualOutput:" + NOT_CACHED); - if (!expected.equalsIgnoreCase(NOT_CACHED)) { - throw new RuntimeException("ExpectedOutput:" + expected + " ActualOutput:" + NOT_CACHED); + // No server parameters + // Connection: keep-alive + // Connection: keep-alive && Keep-alive: timeout=-20 + // + // Nothing or Connection:keep-alive is set, timeout could be invalid -> value of http.keepAlive.time.server or default of 5 + int httpKeepAliveTimeServer; + try { + httpKeepAliveTimeServer = Integer.valueOf(System.getProperty("http.keepAlive.time.server")); + } catch (NumberFormatException e) { + httpKeepAliveTimeServer = -1; } - } + return httpKeepAliveTimeServer < 0 ? 5 : httpKeepAliveTimeServer; + } } - public static void main(String[] args) throws Exception { - if (args.length != 1) { - throw new IllegalArgumentException("Usage:java KeepAliveTest.java "); + private void runScenario(int scenarioNumber) throws Exception { + int expectedValue = getExpectedCachingValue(scenarioNumber); + System.out.println("Expecting Cache Time of " + expectedValue + " for server headers:"); + if (serverHeaders[scenarioNumber] == null) { + System.out.println(); + } else { + System.out.print(serverHeaders[scenarioNumber]); } + Thread server = new Thread(() -> executeServer(scenarioNumber)); + server.start(); + connectToServerURL(expectedValue); + server.join(); + System.out.println(); + } + + private static void initialize() throws Exception { + System.clearProperty("http.proxyPort"); + System.clearProperty("http.proxyHost"); + System.setProperty("java.net.useSystemProxies", "false"); + + Field keepAliveField = sun.net.www.http.HttpClient.class.getDeclaredField("kac"); + keepAliveField.setAccessible(true); + keepAliveCache = (KeepAliveCache) keepAliveField.get(null); + System.out.println("KeepAliveCache: " + keepAliveCache); + keepAliveKeyClassconstructor = Class.forName("sun.net.www.http.KeepAliveKey").getDeclaredConstructors()[0]; + keepAliveKeyClassconstructor.setAccessible(true); + logger.setLevel(Level.FINEST); ConsoleHandler h = new ConsoleHandler(); h.setLevel(Level.FINEST); logger.addHandler(h); - KeepAliveTest keepAliveTest = new KeepAliveTest(); - if (args.length != 0) { - keepAliveTest.startScenario(Integer.valueOf(args[0])); + + System.out.println("Client properties: http.keepAlive.time.server=" + System.getProperty("http.keepAlive.time.server") + + ", http.keepAlive.time.proxy=" + System.getProperty("http.keepAlive.time.proxy")); + } + + public static void main(String[] args) throws Exception { + if (args.length > 1) { + throw new IllegalArgumentException("Usage:java KeepAliveTest.java "); + } else if (args.length == 1) { + // an individual test scenario + try { + int scenarioNumber = Integer.valueOf(args[0]); + if (scenarioNumber < 0 || scenarioNumber > 9) { + throw new IllegalArgumentException("Scenario " + scenarioNumber + " does not exist"); + } + initialize(); + new KeepAliveTest().runScenario(scenarioNumber); + } catch (NumberFormatException e) { + throw new IllegalArgumentException("Scenario must be a number, got " + args[0]); + } + } else { + // all server scenarios + initialize(); + for (int i = 0; i < 10; i++) { + new KeepAliveTest().runScenario(i); + } } - // make main thread wait until server and client is completed. - keepAliveTest.countDownLatch.await(); } } diff --git a/test/jdk/sun/net/www/http/HttpClient/ProxyFromCache.java b/test/jdk/sun/net/www/http/HttpClient/ProxyFromCache.java index 920e5b0e254..f1d571498e7 100644 --- a/test/jdk/sun/net/www/http/HttpClient/ProxyFromCache.java +++ b/test/jdk/sun/net/www/http/HttpClient/ProxyFromCache.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2006, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,13 +25,23 @@ * @test * @bug 6498566 * @summary URL.openConnection(Proxy.NO_PROXY) may connect through a proxy. - * @modules java.base/sun.net.www + * @library /test/lib * @run main/othervm ProxyFromCache */ -import java.net.*; -import java.io.*; -import sun.net.www.MessageHeader; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.net.HttpURLConnection; +import java.net.InetAddress; +import java.net.InetSocketAddress; +import java.net.Proxy; +import java.net.ServerSocket; +import java.net.Socket; +import java.net.URL; + +import jdk.test.lib.net.HttpHeaderParser; +import jdk.test.lib.net.URIBuilder; /* Creates a simple proxy and http server that just return 200 OK. * Open a URL pointing to the http server and specify that the @@ -124,15 +134,12 @@ public void run() { connectionCount++; InputStream is = sock.getInputStream(); OutputStream os = sock.getOutputStream(); - - MessageHeader headers = new MessageHeader (is); + HttpHeaderParser httpHeaderParser = new HttpHeaderParser(is); os.write(replyOK.getBytes("UTF-8")); - - headers = new MessageHeader (is); + httpHeaderParser = new HttpHeaderParser(is); // If we get here then we received a second request. connectionCount++; os.write(replyOK.getBytes("UTF-8")); - sock.close(); } catch (Exception e) { //e.printStackTrace(); diff --git a/test/jdk/sun/net/www/http/HttpClient/ProxyTest.java b/test/jdk/sun/net/www/http/HttpClient/ProxyTest.java index 5bbd5781467..71b8660e4ec 100644 --- a/test/jdk/sun/net/www/http/HttpClient/ProxyTest.java +++ b/test/jdk/sun/net/www/http/HttpClient/ProxyTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -126,7 +126,9 @@ public void run() { } public HttpProxyServer() throws IOException { - server = new ServerSocket(0); + InetAddress loopback = InetAddress.getLoopbackAddress(); + server = new ServerSocket(); + server.bind(new InetSocketAddress(loopback, 0)); } public int getPort() { @@ -183,7 +185,8 @@ public ProxyTest() throws Exception { server.start(); int port = server.getPort(); - Proxy ftpProxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress("localhost", port)); + InetAddress loopback = InetAddress.getLoopbackAddress(); + Proxy ftpProxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress(loopback, port)); URL url = new URL(testURL); InputStream ins = (url.openConnection(ftpProxy)).getInputStream(); in = new BufferedReader(new InputStreamReader(ins)); diff --git a/test/jdk/sun/net/www/http/HttpClient/RequestURI.java b/test/jdk/sun/net/www/http/HttpClient/RequestURI.java index 667a0778abf..a5b55989b12 100644 --- a/test/jdk/sun/net/www/http/HttpClient/RequestURI.java +++ b/test/jdk/sun/net/www/http/HttpClient/RequestURI.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2006, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,13 +25,14 @@ * @test * @bug 6469663 * @summary HTTP Request-URI contains fragment when connecting through proxy - * @modules java.base/sun.net.www + * @library /test/lib * @run main/othervm RequestURI */ import java.net.*; import java.io.*; -import sun.net.www.MessageHeader; + +import jdk.test.lib.net.HttpHeaderParser; // Create a Server listening on port 5001 to act as the proxy. Requests // never need to be forwared from it. We are only interested in the @@ -91,8 +92,8 @@ public void run() { InputStream is = sock.getInputStream(); OutputStream os = sock.getOutputStream(); - MessageHeader headers = new MessageHeader (is); - String requestLine = headers.getValue(0); + HttpHeaderParser headers = new HttpHeaderParser (is); + String requestLine = headers.getRequestDetails(); int first = requestLine.indexOf(' '); int second = requestLine.lastIndexOf(' '); diff --git a/test/jdk/sun/net/www/http/HttpClient/RetryPost.java b/test/jdk/sun/net/www/http/HttpClient/RetryPost.java index 6b80175135c..276e775255c 100644 --- a/test/jdk/sun/net/www/http/HttpClient/RetryPost.java +++ b/test/jdk/sun/net/www/http/HttpClient/RetryPost.java @@ -84,13 +84,17 @@ void doClient() throws Exception { throw new RuntimeException("Failed: POST request being retried"); } catch (SocketException se) { + System.out.println("Got expected exception: " + se); // this is what we expect to happen and is OK. - if (shouldRetry && httpHandler.getCallCount() != 2) + if (shouldRetry && httpHandler.getCallCount() != 2) { + se.printStackTrace(System.out); throw new RuntimeException("Failed: Handler should have been called twice. " + "It was called "+ httpHandler.getCallCount() + " times"); - else if (!shouldRetry && httpHandler.getCallCount() != 1) + } else if (!shouldRetry && httpHandler.getCallCount() != 1) { + se.printStackTrace(System.out); throw new RuntimeException("Failed: Handler should have only been called once" + "It was called "+ httpHandler.getCallCount() + " times"); + } } finally { httpServer.stop(1); executorService.shutdown(); diff --git a/test/jdk/sun/net/www/http/HttpURLConnection/NTLMAuthWithSM.java b/test/jdk/sun/net/www/http/HttpURLConnection/NTLMAuthWithSM.java index 6423de7e409..856ff506620 100644 --- a/test/jdk/sun/net/www/http/HttpURLConnection/NTLMAuthWithSM.java +++ b/test/jdk/sun/net/www/http/HttpURLConnection/NTLMAuthWithSM.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2015, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -29,6 +29,7 @@ import java.io.IOException; import java.io.InputStream; import java.net.Authenticator; +import java.net.InetAddress; import java.net.InetSocketAddress; import java.net.PasswordAuthentication; import java.net.URL; @@ -62,8 +63,8 @@ public static void main(String[] args) throws Exception { // set authenticator Authenticator.setDefault(new AuthenticatorImpl()); - String url = String.format("http://localhost:%d/test/", - server.getPort()); + String url = String.format("http://%s/test/", + server.getAuthority()); // load a document which is protected with NTML authentication System.out.println("load() called: " + url); @@ -107,8 +108,9 @@ private LocalHttpServer(HttpServer server) { } static LocalHttpServer startServer() throws IOException { + InetAddress loopback = InetAddress.getLoopbackAddress(); HttpServer httpServer = HttpServer.create( - new InetSocketAddress(0), 0); + new InetSocketAddress(loopback, 0), 0); LocalHttpServer localHttpServer = new LocalHttpServer(httpServer); localHttpServer.start(); @@ -126,6 +128,14 @@ void stop() { System.out.println("HttpServer: stopped"); } + String getAuthority() { + InetAddress address = server.getAddress().getAddress(); + String hostaddr = address.isAnyLocalAddress() + ? "localhost" : address.getHostAddress(); + if (hostaddr.indexOf(':') > -1) hostaddr = "[" + hostaddr + "]"; + return hostaddr + ":" + getPort(); + } + int getPort() { return server.getAddress().getPort(); } diff --git a/test/jdk/sun/net/www/http/HttpURLConnection/PostOnDelete.java b/test/jdk/sun/net/www/http/HttpURLConnection/PostOnDelete.java index e785c426156..b1c13f8d92b 100644 --- a/test/jdk/sun/net/www/http/HttpURLConnection/PostOnDelete.java +++ b/test/jdk/sun/net/www/http/HttpURLConnection/PostOnDelete.java @@ -83,9 +83,10 @@ public void startServer() { } public String getAuthority() { - String address = server.getAddress().getHostString(); - address = (address.indexOf(':') >= 0) ? ("[" + address + "]") : address; - return address + ":" + getPort(); + InetAddress address = server.getAddress().getAddress(); + String hostaddr = address.isAnyLocalAddress() ? "localhost" : address.getHostAddress(); + hostaddr = (hostaddr.indexOf(':') >= 0) ? ("[" + hostaddr + "]") : hostaddr; + return hostaddr + ":" + getPort(); } public int getPort() { diff --git a/test/jdk/sun/net/www/http/KeepAliveCache/B5045306.java b/test/jdk/sun/net/www/http/KeepAliveCache/B5045306.java index 88526fb1652..5a278202bd7 100644 --- a/test/jdk/sun/net/www/http/KeepAliveCache/B5045306.java +++ b/test/jdk/sun/net/www/http/KeepAliveCache/B5045306.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -62,7 +62,7 @@ public static void main(String[] args) throws Exception { public static void startHttpServer() { try { httpTrans = new SimpleHttpTransaction(); - server = new TestHttpServer(httpTrans, 1, 10, 0); + server = new TestHttpServer(httpTrans, 1, 10, InetAddress.getLocalHost(), 0); } catch (IOException e) { e.printStackTrace(); } @@ -71,13 +71,14 @@ public static void startHttpServer() { public static void clientHttpCalls() { try { System.out.println("http server listen on: " + server.getLocalPort()); - String baseURLStr = "http://" + InetAddress.getLocalHost().getHostAddress() + ":" + - server.getLocalPort() + "/"; + String hostAddr = InetAddress.getLocalHost().getHostAddress(); + if (hostAddr.indexOf(':') > -1) hostAddr = "[" + hostAddr + "]"; + String baseURLStr = "http://" + hostAddr + ":" + server.getLocalPort() + "/"; URL bigDataURL = new URL (baseURLStr + "firstCall"); URL smallDataURL = new URL (baseURLStr + "secondCall"); - HttpURLConnection uc = (HttpURLConnection)bigDataURL.openConnection(); + HttpURLConnection uc = (HttpURLConnection)bigDataURL.openConnection(Proxy.NO_PROXY); //Only read 1 byte of response data and close the stream InputStream is = uc.getInputStream(); @@ -88,7 +89,7 @@ public static void clientHttpCalls() { // Allow the KeepAliveStreamCleaner thread to read the data left behind and cache the connection. try { Thread.sleep(2000); } catch (Exception e) {} - uc = (HttpURLConnection)smallDataURL.openConnection(); + uc = (HttpURLConnection)smallDataURL.openConnection(Proxy.NO_PROXY); uc.getResponseCode(); if (SimpleHttpTransaction.failed) @@ -96,7 +97,7 @@ public static void clientHttpCalls() { // Part 2 URL part2Url = new URL (baseURLStr + "part2"); - uc = (HttpURLConnection)part2Url.openConnection(); + uc = (HttpURLConnection)part2Url.openConnection(Proxy.NO_PROXY); is = uc.getInputStream(); is.close(); diff --git a/test/jdk/sun/net/www/http/KeepAliveCache/KeepAliveTimerThread.java b/test/jdk/sun/net/www/http/KeepAliveCache/KeepAliveTimerThread.java index 9a6b3dc905f..d29d705cc01 100644 --- a/test/jdk/sun/net/www/http/KeepAliveCache/KeepAliveTimerThread.java +++ b/test/jdk/sun/net/www/http/KeepAliveCache/KeepAliveTimerThread.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,6 +26,8 @@ * @library /test/lib * @bug 4701299 * @summary Keep-Alive-Timer thread management in KeepAliveCache causes memory leak + * @run main KeepAliveTimerThread + * @run main/othervm -Djava.net.preferIPv6Addresses=true KeepAliveTimerThread */ import java.net.*; @@ -103,8 +105,10 @@ public void run() { public static void main(String args[]) throws Exception { - ServerSocket ss = new ServerSocket(0); - Server s = new Server (ss); + InetAddress loopback = InetAddress.getLoopbackAddress(); + ServerSocket ss = new ServerSocket(); + ss.bind(new InetSocketAddress(loopback, 0)); + Server s = new Server(ss); s.start(); URL url = URIBuilder.newBuilder() diff --git a/test/jdk/sun/net/www/http/KeepAliveStream/InfiniteLoop.java b/test/jdk/sun/net/www/http/KeepAliveStream/InfiniteLoop.java index b3f0ced39dc..106d4ffffa4 100644 --- a/test/jdk/sun/net/www/http/KeepAliveStream/InfiniteLoop.java +++ b/test/jdk/sun/net/www/http/KeepAliveStream/InfiniteLoop.java @@ -26,6 +26,9 @@ * @bug 8004863 * @modules jdk.httpserver * @summary Checks for proper close code in KeepAliveStream + * @library /test/lib + * @run main InfiniteLoop + * @run main/othervm -Djava.net.preferIPv6Addresses=true InfiniteLoop */ import com.sun.net.httpserver.HttpExchange; @@ -35,10 +38,14 @@ import java.io.IOException; import java.io.OutputStream; import java.net.HttpURLConnection; +import java.net.InetAddress; import java.net.InetSocketAddress; +import java.net.Proxy; import java.net.URL; import java.util.concurrent.Phaser; +import jdk.test.lib.net.URIBuilder; + // Racey test, will not always fail, but if it does then we have a problem. public class InfiniteLoop { @@ -49,11 +56,16 @@ public static void main(String[] args) throws Exception { server.start(); try { InetSocketAddress address = server.getAddress(); - URL url = new URL("http://localhost:" + address.getPort() - + "/test/InfiniteLoop"); + URL url = URIBuilder.newBuilder() + .scheme("http") + .host(server.getAddress().getAddress()) + .port(server.getAddress().getPort()) + .path("/test/InfiniteLoop") + .toURL(); final Phaser phaser = new Phaser(2); for (int i=0; i<10; i++) { - HttpURLConnection uc = (HttpURLConnection)url.openConnection(); + HttpURLConnection uc = (HttpURLConnection) + url.openConnection(Proxy.NO_PROXY); final InputStream is = uc.getInputStream(); final Thread thread = new Thread() { public void run() { diff --git a/test/jdk/sun/net/www/http/KeepAliveStream/KeepAliveStreamClose.java b/test/jdk/sun/net/www/http/KeepAliveStream/KeepAliveStreamClose.java index d2f5490e9e8..29d6789df37 100644 --- a/test/jdk/sun/net/www/http/KeepAliveStream/KeepAliveStreamClose.java +++ b/test/jdk/sun/net/www/http/KeepAliveStream/KeepAliveStreamClose.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2005, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,11 +25,13 @@ * @test * @bug 4392195 * @summary Infinite loop in sun.net.www.http.KeepAliveStream [due to skip()] + * @library /test/lib * @run main/othervm/timeout=30 KeepAliveStreamClose */ import java.net.*; import java.io.*; +import jdk.test.lib.net.URIBuilder; public class KeepAliveStreamClose { static class XServer extends Thread { @@ -78,11 +80,16 @@ public void run() { public static void main (String[] args) { try { - ServerSocket serversocket = new ServerSocket (0); + InetAddress loopback = InetAddress.getLoopbackAddress(); + ServerSocket serversocket = new ServerSocket (0, 50, loopback); int port = serversocket.getLocalPort (); XServer server = new XServer (serversocket); server.start (); - URL url = new URL ("http://localhost:"+port); + URL url = URIBuilder.newBuilder() + .scheme("http") + .loopback() + .port(port) + .toURL(); URLConnection urlc = url.openConnection (); InputStream is = urlc.getInputStream (); int i=0, c; diff --git a/test/jdk/sun/net/www/protocol/http/AsyncDisconnect.java b/test/jdk/sun/net/www/protocol/http/AsyncDisconnect.java index 250557e9c55..75df6d28617 100644 --- a/test/jdk/sun/net/www/protocol/http/AsyncDisconnect.java +++ b/test/jdk/sun/net/www/protocol/http/AsyncDisconnect.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2006, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -24,18 +24,21 @@ /* * @test * @bug 6358532 + * @library /test/lib * @modules jdk.httpserver * @run main/othervm AsyncDisconnect + * @run main/othervm -Djava.net.preferIPv6Addresses=true AsyncDisconnect * @summary HttpURLConnection.disconnect doesn't really do the job */ import java.net.*; -import java.util.*; import java.io.*; import com.sun.net.httpserver.*; import java.util.concurrent.Executors; import java.util.concurrent.ExecutorService; +import jdk.test.lib.net.URIBuilder; + public class AsyncDisconnect implements Runnable { com.sun.net.httpserver.HttpServer httpServer; @@ -43,27 +46,30 @@ public class AsyncDisconnect implements Runnable ExecutorService executorService; HttpURLConnection uc; - public static void main(String[] args) { + public static void main(String[] args) throws Exception { new AsyncDisconnect(); } - public AsyncDisconnect() { - try { - startHttpServer(); - doClient(); - } catch (IOException ioe) { - System.err.println(ioe); - } + public AsyncDisconnect() throws Exception { + startHttpServer(); + doClient(); } - void doClient() { + void doClient() throws Exception { + Thread t = new Thread(this); + try { InetSocketAddress address = httpServer.getAddress(); - URL url = new URL("http://" + address.getHostName() + ":" + address.getPort() + "/test/"); - uc = (HttpURLConnection)url.openConnection(); + URL url = URIBuilder.newBuilder() + .scheme("http") + .host(address.getAddress()) + .port(address.getPort()) + .path("/test/") + .toURL(); + uc = (HttpURLConnection) url.openConnection(Proxy.NO_PROXY); // create a thread that will disconnect the connection - (new Thread(this)).start(); + t.start(); uc.getInputStream(); @@ -73,11 +79,11 @@ void doClient() { } catch (SocketException se) { // this is what we expect to happen and is OK. //System.out.println(se); - } catch (IOException e) { - e.printStackTrace(); } finally { httpServer.stop(1); + t.join(); executorService.shutdown(); + } } @@ -93,7 +99,9 @@ public void run() { * Http Server */ public void startHttpServer() throws IOException { - httpServer = com.sun.net.httpserver.HttpServer.create(new InetSocketAddress(0), 0); + InetAddress loopback = InetAddress.getLoopbackAddress(); + InetSocketAddress address = new InetSocketAddress(loopback, 0); + httpServer = com.sun.net.httpserver.HttpServer.create(address, 0); httpHandler = new MyHandler(); HttpContext ctx = httpServer.createContext("/test/", httpHandler); diff --git a/test/jdk/sun/net/www/protocol/http/B6369510.java b/test/jdk/sun/net/www/protocol/http/B6369510.java index 2068b04b5b2..d03a138c17b 100644 --- a/test/jdk/sun/net/www/protocol/http/B6369510.java +++ b/test/jdk/sun/net/www/protocol/http/B6369510.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2006, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -59,11 +59,12 @@ public B6369510() void doClient() { try { InetSocketAddress address = httpServer.getAddress(); - String urlString = "http://" + InetAddress.getLocalHost().getHostName() + ":" + address.getPort() + "/test/"; + String urlString = "http://" + InetAddress.getLocalHost().getHostName() + + ":" + address.getPort() + "/test/"; System.out.println("URL == " + urlString); // GET Request - URL url = new URL("http://" + InetAddress.getLocalHost().getHostName() + ":" + address.getPort() + "/test/"); + URL url = new URL(urlString); HttpURLConnection uc = (HttpURLConnection)url.openConnection(Proxy.NO_PROXY); int resp = uc.getResponseCode(); if (resp != 200) @@ -95,7 +96,8 @@ void doClient() { * Http Server */ public void startHttpServer() throws IOException { - httpServer = com.sun.net.httpserver.HttpServer.create(new InetSocketAddress(0), 0); + InetAddress localhost = InetAddress.getLocalHost(); + httpServer = HttpServer.create(new InetSocketAddress(localhost, 0), 0); // create HttpServer context HttpContext ctx = httpServer.createContext("/test/", new MyHandler()); diff --git a/test/jdk/sun/net/www/protocol/http/B6641309.java b/test/jdk/sun/net/www/protocol/http/B6641309.java index 25952c65cd7..58de97404a1 100644 --- a/test/jdk/sun/net/www/protocol/http/B6641309.java +++ b/test/jdk/sun/net/www/protocol/http/B6641309.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2008, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2008, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,10 @@ * @test * @bug 6641309 * @modules jdk.httpserver - * @summary Wrong Cookie separator used in HttpURLConnection + * @library /test/lib + * @run main/othervm B6641309 + * @run main/othervm -Djava.net.preferIPv6Addresses=true B6641309 + * @summary Wrong Cookie separator used in HttpURLConnection B6641309 */ import java.net.*; @@ -35,65 +38,65 @@ import java.util.concurrent.Executors; import java.util.concurrent.ExecutorService; +import jdk.test.lib.net.URIBuilder; + public class B6641309 { com.sun.net.httpserver.HttpServer httpServer; ExecutorService executorService; - public static void main(String[] args) - { + public static void main(String[] args) throws Exception { new B6641309(); } - public B6641309() - { - try { - startHttpServer(); - doClient(); - } catch (IOException ioe) { - System.err.println(ioe); - } + public B6641309() throws Exception { + startHttpServer(); + doClient(); } - void doClient() { + void doClient() throws Exception { CookieHandler.setDefault(new CookieManager(null, CookiePolicy.ACCEPT_ALL)); - try { - InetSocketAddress address = httpServer.getAddress(); - - // GET Request - URL url = new URL("http://localhost:" + address.getPort() + "/test/"); - CookieHandler ch = CookieHandler.getDefault(); - Map> header = new HashMap>(); - List values = new LinkedList(); - values.add("Test1Cookie=TEST1; path=/test/"); - values.add("Test2Cookie=TEST2; path=/test/"); - header.put("Set-Cookie", values); - - // preload the CookieHandler with a cookie for our URL - // so that it will be sent during the first request - ch.put(url.toURI(), header); - HttpURLConnection uc = (HttpURLConnection)url.openConnection(); - int resp = uc.getResponseCode(); - if (resp != 200) - throw new RuntimeException("Failed: Response code from GET is not 200"); - - System.out.println("Response code from GET = 200 OK"); - - } catch (IOException e) { - e.printStackTrace(); - } catch (URISyntaxException e) { - e.printStackTrace(); - } finally { - httpServer.stop(1); - executorService.shutdown(); + ProxySelector.setDefault(ProxySelector.of(null)); + + InetSocketAddress address = httpServer.getAddress(); + + // GET Request + URL url = URIBuilder.newBuilder() + .scheme("http") + .host(address.getAddress()) + .port(address.getPort()) + .path("/test/") + .toURL(); + + CookieHandler ch = CookieHandler.getDefault(); + Map> header = new HashMap>(); + List values = new LinkedList(); + values.add("Test1Cookie=TEST1; path=/test/"); + values.add("Test2Cookie=TEST2; path=/test/"); + header.put("Set-Cookie", values); + + // preload the CookieHandler with a cookie for our URL + // so that it will be sent during the first request + ch.put(url.toURI(), header); + HttpURLConnection uc = (HttpURLConnection)url.openConnection(); + int resp = uc.getResponseCode(); + if (resp != 200) { + throw new RuntimeException("Failed: Response code from GET is not 200: " + + resp); } + System.out.println("Response code from GET = 200 OK"); + + httpServer.stop(1); + executorService.shutdown(); } /** * Http Server */ public void startHttpServer() throws IOException { - httpServer = com.sun.net.httpserver.HttpServer.create(new InetSocketAddress(0), 0); + InetAddress loopback = InetAddress.getLoopbackAddress(); + InetSocketAddress address = new InetSocketAddress(loopback, 0); + httpServer = com.sun.net.httpserver.HttpServer.create(address, 0); // create HttpServer context HttpContext ctx = httpServer.createContext("/test/", new MyHandler()); diff --git a/test/jdk/sun/net/www/protocol/http/B6660405.java b/test/jdk/sun/net/www/protocol/http/B6660405.java index 50b5838e2c5..b8bee2e3c5d 100644 --- a/test/jdk/sun/net/www/protocol/http/B6660405.java +++ b/test/jdk/sun/net/www/protocol/http/B6660405.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2008, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2008, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,10 @@ * @test * @bug 6660405 * @modules jdk.httpserver - * @summary HttpURLConnection returns the wrong InputStream + * @library /test/lib + * @run main/othervm B6660405 + * @run main/othervm -Djava.net.preferIPv6Addresses=true B6660405 + * @summary HttpURLConnection returns the wrong InputStream B6660405 */ import java.net.*; @@ -34,6 +37,8 @@ import com.sun.net.httpserver.*; import java.util.concurrent.Executors; import java.util.concurrent.ExecutorService; +import jdk.test.lib.net.URIBuilder; + public class B6660405 { @@ -72,7 +77,8 @@ public MyResponseCache() { } @Override - public CacheResponse get(URI uri, String rqstMethod, Map> rqstHeaders) throws IOException + public CacheResponse get(URI uri, String rqstMethod, Map> rqstHeaders) + throws IOException { if (uri.getPath().equals("/redirect/index.html")) { return new MyCacheResponse(); @@ -88,53 +94,61 @@ public CacheRequest put(URI uri, URLConnection conn) throws IOException } - public static void main(String[] args) + public static void main(String[] args) throws Exception { new B6660405(); } - public B6660405() - { - try { - startHttpServer(); - doClient(); - } catch (IOException ioe) { - System.err.println(ioe); - } + public B6660405() throws Exception { + startHttpServer(); + doClient(); } - void doClient() { + void doClient() throws Exception { ResponseCache.setDefault(new MyResponseCache()); - try { - InetSocketAddress address = httpServer.getAddress(); - - // GET Request - URL url = new URL("http://localhost:" + address.getPort() + "/test/index.html"); - HttpURLConnection uc = (HttpURLConnection)url.openConnection(); - int code = uc.getResponseCode(); - System.err.println("response code = " + code); - int l = uc.getContentLength(); - System.err.println("content-length = " + l); - InputStream in = uc.getInputStream(); - int i = 0; - // Read till end of stream - do { - i = in.read(); - } while (i != -1); - in.close(); - } catch (IOException e) { - throw new RuntimeException("Got the wrong InputStream after checking headers"); - } finally { - httpServer.stop(1); - executorService.shutdown(); + InetSocketAddress address = httpServer.getAddress(); + + // GET Request + URL url = URIBuilder.newBuilder() + .scheme("http") + .host(address.getAddress()) + .port(address.getPort()) + .path("/test/index.html") + .toURL(); + + HttpURLConnection uc = (HttpURLConnection)url.openConnection(Proxy.NO_PROXY); + int code = uc.getResponseCode(); + System.err.println("response code = " + code); + int l = uc.getContentLength(); + System.err.println("content-length = " + l); + if (l != 1024) { + throw new AssertionError("Bad content length: " + l); } + + InputStream in = uc.getInputStream(); + int i = 0; + // Read till end of stream + do { + l--; + i = in.read(); + } while (i != -1); + in.close(); + if (l != -1) { + throw new AssertionError("Only " + (1024 - (l + 1)) + + " bytes read from stream."); + } + + httpServer.stop(1); + executorService.shutdown(); } /** * Http Server */ public void startHttpServer() throws IOException { - httpServer = com.sun.net.httpserver.HttpServer.create(new InetSocketAddress(0), 0); + InetAddress loopback = InetAddress.getLoopbackAddress(); + InetSocketAddress address = new InetSocketAddress(loopback,0); + httpServer = com.sun.net.httpserver.HttpServer.create(address, 0); // create HttpServer context HttpContext ctx = httpServer.createContext("/test/", new MyHandler()); diff --git a/test/jdk/sun/net/www/protocol/http/B6890349.java b/test/jdk/sun/net/www/protocol/http/B6890349.java index 51f1ccca08c..086856b4b65 100644 --- a/test/jdk/sun/net/www/protocol/http/B6890349.java +++ b/test/jdk/sun/net/www/protocol/http/B6890349.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,7 +23,9 @@ /** * @test * @bug 6890349 + * @library /test/lib * @run main/othervm B6890349 + * @run main/othervm -Djava.net.preferIPv6Addresses=true B6890349 * @summary Light weight HTTP server */ @@ -34,7 +36,11 @@ public class B6890349 extends Thread { public static final void main(String[] args) throws Exception { try { - ServerSocket server = new ServerSocket (0); + ServerSocket server = new ServerSocket(); + InetAddress loopback = InetAddress.getLoopbackAddress(); + InetSocketAddress address = new InetSocketAddress(loopback, 0); + server.bind(address); + int port = server.getLocalPort(); System.out.println ("listening on " + port); B6890349 t = new B6890349 (server); @@ -44,11 +50,11 @@ public static final void main(String[] args) throws Exception { port, "/foo\nbar"); System.out.println("URL: " + u); - HttpURLConnection urlc = (HttpURLConnection)u.openConnection (); + HttpURLConnection urlc = (HttpURLConnection)u.openConnection(Proxy.NO_PROXY); InputStream is = urlc.getInputStream(); throw new RuntimeException ("Test failed"); } catch (IOException e) { - System.out.println ("OK"); + System.out.println ("Caught expected exception: " + e); } } diff --git a/test/jdk/sun/net/www/protocol/http/B8012625.java b/test/jdk/sun/net/www/protocol/http/B8012625.java index c99ab1c1aab..e92ffd57908 100644 --- a/test/jdk/sun/net/www/protocol/http/B8012625.java +++ b/test/jdk/sun/net/www/protocol/http/B8012625.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2013, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -82,7 +82,8 @@ public void run() throws Exception { ExecutorService ex; public B8012625 () throws Exception { - server = HttpServer.create(new InetSocketAddress(0), 10); + InetAddress loopback = InetAddress.getLoopbackAddress(); + server = HttpServer.create(new InetSocketAddress(loopback, 0), 10); HttpContext ctx = server.createContext("/", this); ex = Executors.newFixedThreadPool(5); server.setExecutor(ex); diff --git a/test/jdk/sun/net/www/protocol/http/BasicLongCredentials.java b/test/jdk/sun/net/www/protocol/http/BasicLongCredentials.java index 02e54b1529d..28ab3456851 100644 --- a/test/jdk/sun/net/www/protocol/http/BasicLongCredentials.java +++ b/test/jdk/sun/net/www/protocol/http/BasicLongCredentials.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2010, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,6 +26,9 @@ * @bug 6947917 * @modules jdk.httpserver * @summary Error in basic authentication when user name and password are long + * @library /test/lib + * @run main BasicLongCredentials + * @run main/othervm -Djava.net.preferIPv6Addresses=true BasicLongCredentials */ import com.sun.net.httpserver.BasicAuthenticator; @@ -37,11 +40,15 @@ import java.io.InputStream; import java.io.IOException; import java.net.Authenticator; +import java.net.InetAddress; import java.net.InetSocketAddress; import java.net.PasswordAuthentication; +import java.net.Proxy; import java.net.HttpURLConnection; import java.net.URL; +import jdk.test.lib.net.URIBuilder; + public class BasicLongCredentials { static final String USERNAME = "ThisIsMyReallyReallyReallyReallyReallyReally" + @@ -51,7 +58,8 @@ public class BasicLongCredentials { static final String REALM = "foobar@test.realm"; public static void main (String[] args) throws Exception { - HttpServer server = HttpServer.create(new InetSocketAddress(0), 0); + InetAddress loopback = InetAddress.getLoopbackAddress(); + HttpServer server = HttpServer.create(new InetSocketAddress(loopback, 0), 0); try { Handler handler = new Handler(); HttpContext ctx = server.createContext("/test", handler); @@ -66,8 +74,13 @@ public boolean checkCredentials (String username, String pw) { Authenticator.setDefault(new MyAuthenticator()); - URL url = new URL("http://localhost:"+server.getAddress().getPort()+"/test/"); - HttpURLConnection urlc = (HttpURLConnection)url.openConnection(); + URL url = URIBuilder.newBuilder() + .scheme("http") + .host(server.getAddress().getAddress()) + .port(server.getAddress().getPort()) + .path("/test/") + .toURL(); + HttpURLConnection urlc = (HttpURLConnection)url.openConnection(Proxy.NO_PROXY); InputStream is = urlc.getInputStream(); int c = 0; while (is.read()!= -1) { c ++; } diff --git a/test/jdk/sun/net/www/protocol/http/CloseOptionHeader.java b/test/jdk/sun/net/www/protocol/http/CloseOptionHeader.java index bc1ec86fee4..28bb8af30cd 100644 --- a/test/jdk/sun/net/www/protocol/http/CloseOptionHeader.java +++ b/test/jdk/sun/net/www/protocol/http/CloseOptionHeader.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, 2019, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -24,16 +24,23 @@ /** * @test * @bug 6189206 - * @modules java.base/sun.net.www * @library /test/lib * @run main/othervm -Dhttp.keepAlive=false CloseOptionHeader * @summary HTTP client should set "Connection: close" header in request when keepalive is disabled */ -import java.net.*; -import java.util.*; -import java.io.*; -import sun.net.www.MessageHeader; +import java.io.BufferedOutputStream; +import java.io.InputStream; +import java.io.PrintStream; +import java.net.HttpURLConnection; +import java.net.InetAddress; +import java.net.InetSocketAddress; +import java.net.ServerSocket; +import java.net.Socket; +import java.net.URL; +import java.util.List; + +import jdk.test.lib.net.HttpHeaderParser; import jdk.test.lib.net.URIBuilder; public class CloseOptionHeader implements Runnable { @@ -49,10 +56,15 @@ public void run() { /* check the request to find close connection option header */ InputStream is = s.getInputStream (); - MessageHeader mh = new MessageHeader(is); - String connHeader = mh.findValue("Connection"); - if (connHeader != null && connHeader.equalsIgnoreCase("close")) { - hasCloseHeader = true; + HttpHeaderParser mh = new HttpHeaderParser(is); + List connHeader = mh.getHeaderValue("Connection"); + if (connHeader != null) { + for(String value : connHeader) { + if (value.equalsIgnoreCase("close")) { + hasCloseHeader = true; + break; + } + } } PrintStream out = new PrintStream( diff --git a/test/jdk/sun/net/www/protocol/http/Finalizer.java b/test/jdk/sun/net/www/protocol/http/Finalizer.java index 6d6b33bc95b..2808bab9395 100644 --- a/test/jdk/sun/net/www/protocol/http/Finalizer.java +++ b/test/jdk/sun/net/www/protocol/http/Finalizer.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2001, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -80,8 +80,11 @@ public void run() { public class Finalizer { public static void main (String args[]) { + ServerSocket serversocket = null; try { - ServerSocket serversocket = new ServerSocket (0); + InetAddress loopback = InetAddress.getLoopbackAddress(); + serversocket = new ServerSocket(); + serversocket.bind(new InetSocketAddress(loopback, 0)); int port = serversocket.getLocalPort (); XServer server = new XServer (serversocket); server.start (); @@ -107,6 +110,10 @@ public static void main (String args[]) { } catch (IOException e) { throw new RuntimeException("finalize method failure."+e); } catch (InterruptedException ie) { + } finally { + if (serversocket != null) { + try {serversocket.close();} catch (IOException io) {} + } } } diff --git a/test/jdk/sun/net/www/protocol/http/HttpHeaderParserTest.java b/test/jdk/sun/net/www/protocol/http/HttpHeaderParserTest.java new file mode 100644 index 00000000000..245cd49d518 --- /dev/null +++ b/test/jdk/sun/net/www/protocol/http/HttpHeaderParserTest.java @@ -0,0 +1,498 @@ + + +/* + * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* @test + * @bug 8061729 + * @library /test/lib + * @summary Sanity check that HttpHeaderParser works same as MessageHeader + * @modules java.base/sun.net.www java.base/sun.net.www.protocol.http:open + * @run testng/othervm HttpHeaderParserTest + */ + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collections; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.concurrent.atomic.AtomicBoolean; +import java.util.concurrent.atomic.AtomicInteger; + +import static java.lang.String.format; +import static java.nio.charset.StandardCharsets.ISO_8859_1; +import static java.nio.charset.StandardCharsets.US_ASCII; +import jdk.test.lib.net.HttpHeaderParser; +import static org.testng.Assert.assertEquals; +import static org.testng.Assert.assertTrue; +import org.testng.annotations.DataProvider; +import org.testng.annotations.Test; +import sun.net.www.MessageHeader; + +public class HttpHeaderParserTest { + @DataProvider(name = "responses") + public Object[][] responses() { + List responses = new ArrayList<>(); + + String[] basic = + { "HTTP/1.1 200 OK\r\n\r\n", + + "HTTP/1.1 200 OK\r\n" + + "Date: Mon, 15 Jan 2001 12:18:21 GMT\r\n" + + "Server: Apache/1.3.14 (Unix)\r\n" + + "Connection: close\r\n" + + "Content-Type: text/html; charset=iso-8859-1\r\n" + + "Content-Length: 10\r\n\r\n" + + "123456789", + + "HTTP/1.1 200 OK\r\n" + + "Content-Length: 9\r\n" + + "Content-Type: text/html; charset=UTF-8\r\n\r\n" + + "XXXXX", + + "HTTP/1.1 200 OK\r\n" + + "X-Header: U\u00ffU\r\n" + // value with U+00FF - Extended Latin-1 + "Content-Length: 9\r\n" + + "Content-Type: text/html; charset=UTF-8\r\n\r\n" + + "XXXXX", + + "HTTP/1.1 200 OK\r\n" + + "Content-Length: 9\r\n" + + "Content-Type: text/html; charset=UTF-8\r\n\r\n" + // more than one SP after ':' + "XXXXX", + + "HTTP/1.1 200 OK\r\n" + + "Content-Length:\t10\r\n" + + "Content-Type:\ttext/html; charset=UTF-8\r\n\r\n" + // HT separator + "XXXXX", + + "HTTP/1.1 200 OK\r\n" + + "Content-Length:\t\t10\r\n" + + "Content-Type:\t\ttext/html; charset=UTF-8\r\n\r\n" + // more than one HT after ':' + "XXXXX", + + "HTTP/1.1 407 Proxy Authorization Required\r\n" + + "Proxy-Authenticate: Basic realm=\"a fake realm\"\r\n\r\n", + + "HTTP/1.1 401 Unauthorized\r\n" + + "WWW-Authenticate: Digest realm=\"wally land\" domain=/ " + + "nonce=\"2B7F3A2B\" qop=\"auth\"\r\n\r\n", + + "HTTP/1.1 200 OK\r\n" + + "X-Foo:\r\n\r\n", // no value + + "HTTP/1.1 200 OK\r\n" + + "X-Foo:\r\n\r\n" + // no value, with response body + "Some Response Body", + + "HTTP/1.1 200 OK\r\n" + + "X-Foo:\r\n" + // no value, followed by another header + "Content-Length: 10\r\n\r\n" + + "Some Response Body", + + "HTTP/1.1 200 OK\r\n" + + "X-Foo:\r\n" + // no value, followed by another header, with response body + "Content-Length: 10\r\n\r\n", + + "HTTP/1.1 200 OK\r\n" + + "X-Foo: chegar\r\n" + + "X-Foo: dfuchs\r\n" + // same header appears multiple times + "Content-Length: 0\r\n" + + "X-Foo: michaelm\r\n" + + "X-Foo: prappo\r\n\r\n", + + "HTTP/1.1 200 OK\r\n" + + "X-Foo:\r\n" + // no value, same header appears multiple times + "X-Foo: dfuchs\r\n" + + "Content-Length: 0\r\n" + + "X-Foo: michaelm\r\n" + + "X-Foo: prappo\r\n\r\n", + + "HTTP/1.1 200 OK\r\n" + + "Accept-Ranges: bytes\r\n" + + "Cache-control: max-age=0, no-cache=\"set-cookie\"\r\n" + + "Content-Length: 132868\r\n" + + "Content-Type: text/html; charset=UTF-8\r\n" + + "Date: Sun, 05 Nov 2017 22:24:03 GMT\r\n" + + "Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.1e-fips Communique/4.2.2\r\n" + + "Set-Cookie: AWSELB=AF7927F5100F4202119876ED2436B5005EE;PATH=/;MAX-AGE=900\r\n" + + "Vary: Host,Accept-Encoding,User-Agent\r\n" + + "X-Mod-Pagespeed: 1.12.34.2-0\r\n" + + "Connection: keep-alive\r\n\r\n" + }; + Arrays.stream(basic).forEach(responses::add); + // add some tests where some of the CRLF are replaced + // by a single LF + Arrays.stream(basic) + .map(HttpHeaderParserTest::mixedCRLF) + .forEach(responses::add); + + String[] foldingTemplate = + { "HTTP/1.1 200 OK\r\n" + + "Content-Length: 9\r\n" + + "Content-Type: text/html;$NEWLINE" + // folding field-value with '\n'|'\r' + " charset=UTF-8\r\n" + // one preceding SP + "Connection: close\r\n\r\n" + + "XXYYZZAABBCCDDEE", + + "HTTP/1.1 200 OK\r\n" + + "Content-Length: 19\r\n" + + "Content-Type: text/html;$NEWLINE" + // folding field-value with '\n'|'\r + " charset=UTF-8\r\n" + // more than one preceding SP + "Connection: keep-alive\r\n\r\n" + + "XXYYZZAABBCCDDEEFFGG", + + "HTTP/1.1 200 OK\r\n" + + "Content-Length: 999\r\n" + + "Content-Type: text/html;$NEWLINE" + // folding field-value with '\n'|'\r + "\tcharset=UTF-8\r\n" + // one preceding HT + "Connection: close\r\n\r\n" + + "XXYYZZAABBCCDDEE", + + "HTTP/1.1 200 OK\r\n" + + "Content-Length: 54\r\n" + + "Content-Type: text/html;$NEWLINE" + // folding field-value with '\n'|'\r + "\t\t\tcharset=UTF-8\r\n" + // more than one preceding HT + "Connection: keep-alive\r\n\r\n" + + "XXYYZZAABBCCDDEEFFGG", + + "HTTP/1.1 200 OK\r\n" + + "Content-Length: -1\r\n" + + "Content-Type: text/html;$NEWLINE" + // folding field-value with '\n'|'\r + "\t \t \tcharset=UTF-8\r\n" + // mix of preceding HT and SP + "Connection: keep-alive\r\n\r\n" + + "XXYYZZAABBCCDDEEFFGGHH", + + "HTTP/1.1 200 OK\r\n" + + "Content-Length: 65\r\n" + + "Content-Type: text/html;$NEWLINE" + // folding field-value with '\n'|'\r + " \t \t charset=UTF-8\r\n" + // mix of preceding SP and HT + "Connection: keep-alive\r\n\r\n" + + "XXYYZZAABBCCDDEEFFGGHHII", + + "HTTP/1.1 401 Unauthorized\r\n" + + "WWW-Authenticate: Digest realm=\"wally land\"," + +"$NEWLINE domain=/," + +"$NEWLINE nonce=\"2B7F3A2B\"," + +"$NEWLINE\tqop=\"auth\"\r\n\r\n", + + }; + for (String newLineChar : new String[] { "\n", "\r", "\r\n" }) { + for (String template : foldingTemplate) + responses.add(template.replace("$NEWLINE", newLineChar)); + } + // add some tests where some of the CRLF are replaced + // by a single LF + for (String newLineChar : new String[] { "\n", "\r", "\r\n" }) { + for (String template : foldingTemplate) + responses.add(mixedCRLF(template).replace("$NEWLINE", newLineChar)); + } + + String[] bad = // much of this is to retain parity with legacy MessageHeaders + { "HTTP/1.1 200 OK\r\n" + + "Connection:\r\n\r\n", // empty value, no body + + "HTTP/1.1 200 OK\r\n" + + "Connection:\r\n\r\n" + // empty value, with body + "XXXXX", + + "HTTP/1.1 200 OK\r\n" + + ": no header\r\n\r\n", // no/empty header-name, no body, no following header + + "HTTP/1.1 200 OK\r\n" + + ": no; header\r\n" + // no/empty header-name, no body, following header + "Content-Length: 65\r\n\r\n", + + "HTTP/1.1 200 OK\r\n" + + ": no header\r\n" + // no/empty header-name + "Content-Length: 65\r\n\r\n" + + "XXXXX", + + "HTTP/1.1 200 OK\r\n" + + "X-foo: bar\r\n" + + " : no header\r\n" + // fold, not a blank header-name + "Content-Length: 65\r\n\r\n" + + "XXXXX", + + "HTTP/1.1 200 OK\r\n" + + "X-foo: bar\r\n" + + " \t : no header\r\n" + // fold, not a blank header-name + "Content-Length: 65\r\n\r\n" + + "XXXXX", + + "HTTP/1.1 200 OK\r\n" + + ": no header\r\n\r\n" + // no/empty header-name, followed by header + "XXXXX", + + "HTTP/1.1 200 OK\r\n" + + "Conte\r" + + "nt-Length: 9\r\n" + // fold/bad header name ??? without preceding space + "Content-Type: text/html; charset=UTF-8\r\n\r\n" + + "XXXXXYYZZ", + + "HTTP/1.0 404 Not Found\r\n" + + "header-without-colon\r\n\r\n", + + "HTTP/1.0 404 Not Found\r\n" + + "header-without-colon\r\n\r\n" + + "SOMEBODY", + + }; + Arrays.stream(bad).forEach(responses::add); + + return responses.stream().map(p -> new Object[] { p }).toArray(Object[][]::new); + } + + static final AtomicInteger index = new AtomicInteger(); + static final AtomicInteger limit = new AtomicInteger(1); + static final AtomicBoolean useCRLF = new AtomicBoolean(); + // A small method to replace part of the CRLF present in a string + // with simple LF. The method uses a deterministic algorithm based + // on current values of static index/limit/useCRLF counters. + // These counters are used to produce a stream of substitutes that + // looks like this: + // LF CRLF LF LF CRLF CRLF LF LF LF CRLF CRLF CRLF (then repeat from start) + static final String mixedCRLF(String headers) { + int next; + int start = 0; + int last = headers.lastIndexOf("\r\n"); + String prev = ""; + StringBuilder res = new StringBuilder(); + while ((next = headers.indexOf("\r\n", start)) > 0) { + res.append(headers.substring(start, next)); + if ("\n".equals(prev) && next == last) { + // for some reason the legacy MessageHeader parser will + // not consume the final LF if the headers are terminated + // by instead of . It consume + // but leaves the last in the stream. + // Here we just make sure to avoid using + // as that would cause the legacy parser to consume + // 1 byte less than the Http1HeadersParser - which + // does consume the last , as it should. + // if this is the last CRLF and the previous one + // was replaced by LF then use LF. + res.append(prev); + } else { + prev = useCRLF.get() ? "\r\n" : "\n"; + res.append(prev); + } + // skip CRLF + start = next + 2; + + // The idea is to substitute some of the CRLF with LF. + // Rather than doing this randomly, always use the following + // sequence: + // LF CRLF LF LF CRLF CRLF LF LF LF CRLF CRLF CRLF + index.incrementAndGet(); + if (index.get() == limit.get()) { + index.set(0); + if (useCRLF.get()) limit.incrementAndGet(); + if (limit.get() > 3) limit.set(1); + useCRLF.set(!useCRLF.get()); + } + } + res.append(headers.substring(start)); + return res.toString(); + } + + + @Test(dataProvider = "responses") + public void verifyHeaders(String respString) throws Exception { + System.out.println("\ntesting:\n\t" + respString + .replace("\r\n", "") + .replace("\r", "") + .replace("\n","") + .replace("LF>", "LF>\n\t")); + byte[] bytes = respString.getBytes(ISO_8859_1); + ByteArrayInputStream bais = new ByteArrayInputStream(bytes); + MessageHeader m = new MessageHeader(bais); + Map> messageHeaderMap = m.getHeaders(); + int availableBytes = bais.available(); + + HttpHeaderParser decoder = new HttpHeaderParser(); + ByteArrayInputStream headerStream = new ByteArrayInputStream(bytes); + int initialBytes = headerStream.available(); + decoder.parse(headerStream); + System.out.printf("HttpHeaderParser parsed %d bytes out of %d%n", initialBytes - headerStream.available(), bytes.length); + Map> decoderMap1 = decoder.getHeaderMap(); + + + // assert status-line + String statusLine1 = messageHeaderMap.get(null).get(0); + String statusLine2 = decoder.getRequestDetails(); + if (statusLine1.startsWith("HTTP")) {// skip the case where MH's messes up the status-line + assertEquals(statusLine2, statusLine1, "Status-line not equal"); + } else { + assertTrue(statusLine2.startsWith("HTTP/1."), "Status-line not HTTP/1."); + } + + // remove the null'th entry with is the status-line + Map> map = new HashMap<>(); + for (Map.Entry> e : messageHeaderMap.entrySet()) { + if (e.getKey() != null) { + map.put(e.getKey(), e.getValue()); + } + } + messageHeaderMap = map; + + assertHeadersEqual(messageHeaderMap, decoderMap1, + "messageHeaderMap not equal to decoderMap1"); + + assertEquals(availableBytes, headerStream.available(), + String.format("stream available (%d) not equal to remaining (%d)", + availableBytes, headerStream.available())); + } + + @DataProvider(name = "errors") + public Object[][] errors() { + List responses = new ArrayList<>(); + + // These responses are parsed, somewhat, by MessageHeaders but give + // nonsensible results. They, correctly, fail with the Http1HeaderParser. + String[] bad = + {// "HTTP/1.1 402 Payment Required\r\n" + + // "Content-Length: 65\r\n\r", // missing trailing LF //TODO: incomplete + + "HTTP/1.1 402 Payment Required\r\n" + + "Content-Length: 65\r\n\rT\r\n\r\nGGGGGG", + + "HTTP/1.1 200OK\r\n\rT", + + "HTTP/1.1 200OK\rT", + + "HTTP/1.0 FOO\r\n", + + "HTTP/1.1 BAR\r\n", + + "HTTP/1.1 +99\r\n", + + "HTTP/1.1 -22\r\n", + + "HTTP/1.1 -20 \r\n", + + "HTTP/1.1 200 OK\r\n" + + "X-fo\u00ffo: foo\r\n" + // invalid char in name + "Content-Length: 5\r\n" + + "Content-Type: text/html; charset=UTF-8\r\n\r\n" + + "XXXXX", + + "HTTP/1.1 200 OK\r\n" + + "HTTP/1.1 200 OK\r\n" + + "X-foo : bar\r\n" + // trim space after name + "Content-Length: 5\r\n" + + "Content-Type: text/html; charset=UTF-8\r\n\r\n" + + "XXXXX", + + "HTTP/1.1 200 OK\r\n" + + " X-foo: bar\r\n" + // trim space before name + "Content-Length: 5\r\n" + + "Content-Type: text/html; charset=UTF-8\r\n\r\n" + + "XXXXX", + + "HTTP/1.1 200 OK\r\n" + + "X foo: bar\r\n" + // invalid space in name + "Content-Length: 5\r\n" + + "Content-Type: text/html; charset=UTF-8\r\n\r\n" + + "XXXXX", + + "HTTP/1.1 200 OK\r\n" + + "Content-Length: 5\r\n" + + "Content Type: text/html; charset=UTF-8\r\n\r\n" + // invalid space in name + "XXXXX", + + "HTTP/1.1 200 OK\r\n" + + "Conte\r" + + " nt-Length: 9\r\n" + // fold results in space in header name + "Content-Type: text/html; charset=UTF-8\r\n\r\n" + + "XXXXX", + + "HTTP/1.1 200 OK\r\n" + + " : no header\r\n" + // all blank header-name (not fold) + "Content-Length: 65\r\n\r\n" + + "XXXXX", + + "HTTP/1.1 200 OK\r\n" + + " \t : no header\r\n" + // all blank header-name (not fold) + "Content-Length: 65\r\n\r\n" + + "XXXXX", + + }; + Arrays.stream(bad).forEach(responses::add); + + return responses.stream().map(p -> new Object[] { p }).toArray(Object[][]::new); + } + + @Test(dataProvider = "errors", expectedExceptions = IOException.class) + public void errors(String respString) throws IOException { + byte[] bytes = respString.getBytes(US_ASCII); + HttpHeaderParser decoder = new HttpHeaderParser(); + ByteArrayInputStream bais = new ByteArrayInputStream(bytes); + decoder.parse(bais); + } + + void assertHeadersEqual(Map> expected, + Map> actual, + String msg) { + + if (expected.equals(actual)) + return; + + assertEquals(expected.size(), actual.size(), + format("%s. Expected size %d, actual size %s. %nexpected= %s,%n actual=%s.", + msg, expected.size(), actual.size(), mapToString(expected), mapToString(actual))); + + for (Map.Entry> e : expected.entrySet()) { + String key = e.getKey(); + List values = e.getValue(); + + boolean found = false; + for (Map.Entry> other: actual.entrySet()) { + if (key.equalsIgnoreCase(other.getKey())) { + found = true; + List otherValues = other.getValue(); + assertEquals(values.size(), otherValues.size(), + format("%s. Expected list size %d, actual size %s", + msg, values.size(), otherValues.size())); + if (!(values.containsAll(otherValues) && otherValues.containsAll(values))) + assertTrue(false, format("Lists are unequal [%s] [%s]", values, otherValues)); + break; + } + } + assertTrue(found, format("header name, %s, not found in %s", key, actual)); + } + } + + static String mapToString(Map> map) { + StringBuilder sb = new StringBuilder(); + List sortedKeys = new ArrayList(map.keySet()); + Collections.sort(sortedKeys); + for (String key : sortedKeys) { + List values = map.get(key); + sb.append("\n\t" + key + " | " + values); + } + return sb.toString(); + } +} diff --git a/test/jdk/sun/net/www/protocol/http/HttpInputStream.java b/test/jdk/sun/net/www/protocol/http/HttpInputStream.java index d9478caebed..6c3f68c2bde 100644 --- a/test/jdk/sun/net/www/protocol/http/HttpInputStream.java +++ b/test/jdk/sun/net/www/protocol/http/HttpInputStream.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,6 +23,7 @@ /* @test * @bug 4937598 + * @library /test/lib * @summary http://www.clipstream.com video does not play; read() problem */ @@ -30,10 +31,14 @@ import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; +import java.net.InetAddress; +import java.net.InetSocketAddress; import java.net.ServerSocket; import java.net.Socket; import java.net.URL; +import jdk.test.lib.net.URIBuilder; + public class HttpInputStream { private static final int CONTENT_LENGTH = 20; @@ -45,7 +50,9 @@ static class Server implements AutoCloseable, Runnable { static final int TIMEOUT = 10 * 1000; Server() throws IOException { - serverSocket = new ServerSocket(0); + serverSocket = new ServerSocket(); + serverSocket.bind(new InetSocketAddress( + InetAddress.getLoopbackAddress(), 0)); } void readOneRequest(InputStream is) throws IOException { @@ -106,7 +113,12 @@ private static int read(InputStream is) throws IOException { public static void main(String args[]) throws IOException { try (Server server = new Server()) { (new Thread(server)).start(); - URL url = new URL("http://localhost:" + server.getPort() + "/anything"); + URL url = URIBuilder.newBuilder() + .scheme("http") + .loopback() + .port(server.getPort()) + .path("/anything") + .toURLUnchecked(); try (InputStream is = url.openConnection().getInputStream()) { if (read(is) != CONTENT_LENGTH) { throw new RuntimeException("HttpInputStream.read() failed with 0xff"); diff --git a/test/jdk/sun/net/www/protocol/http/HttpStreams.java b/test/jdk/sun/net/www/protocol/http/HttpStreams.java index 9b94b53e09b..0b33e4327cb 100644 --- a/test/jdk/sun/net/www/protocol/http/HttpStreams.java +++ b/test/jdk/sun/net/www/protocol/http/HttpStreams.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2013, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -24,6 +24,7 @@ /** * @test * @bug 8011719 + * @library /test/lib * @modules jdk.httpserver * @summary Basic checks to verify behavior of returned input streams */ @@ -36,6 +37,8 @@ import java.nio.charset.StandardCharsets; import java.util.*; +import jdk.test.lib.net.URIBuilder; + public class HttpStreams { void client(String u) throws Exception { @@ -56,24 +59,33 @@ void client(String u) throws Exception { expectThrow(() -> { is.read(ba, 0, 2); }, "read on closed stream should throw: " + u); } + String constructUrlString(int port, String path) throws Exception { + return URIBuilder.newBuilder() + .scheme("http") + .port(port) + .loopback() + .path(path) + .toURL().toString(); + } + void test() throws Exception { HttpServer server = null; try { server = startHttpServer(); - String baseUrl = "http://localhost:" + server.getAddress().getPort() + "/"; - client(baseUrl + "chunked/"); - client(baseUrl + "fixed/"); - client(baseUrl + "error/"); - client(baseUrl + "chunkedError/"); + int serverPort = server.getAddress().getPort(); + client(constructUrlString(serverPort, "/chunked/")); + client(constructUrlString(serverPort, "/fixed/")); + client(constructUrlString(serverPort, "/error/")); + client(constructUrlString(serverPort, "/chunkedError/")); // Test with a response cache ResponseCache ch = ResponseCache.getDefault(); ResponseCache.setDefault(new TrivialCacheHandler()); try { - client(baseUrl + "chunked/"); - client(baseUrl + "fixed/"); - client(baseUrl + "error/"); - client(baseUrl + "chunkedError/"); + client(constructUrlString(serverPort, "/chunked/")); + client(constructUrlString(serverPort, "/fixed/")); + client(constructUrlString(serverPort, "/error/")); + client(constructUrlString(serverPort, "/chunkedError/")); } finally { ResponseCache.setDefault(ch); } @@ -93,7 +105,8 @@ public static void main(String[] args) throws Exception { // HTTP Server HttpServer startHttpServer() throws IOException { - HttpServer httpServer = HttpServer.create(new InetSocketAddress(0), 0); + HttpServer httpServer = HttpServer.create(); + httpServer.bind(new InetSocketAddress(InetAddress.getLoopbackAddress(), 0), 0); httpServer.createContext("/chunked/", new ChunkedHandler()); httpServer.createContext("/fixed/", new FixedHandler()); httpServer.createContext("/error/", new ErrorHandler()); diff --git a/test/jdk/sun/net/www/protocol/http/Modified.java b/test/jdk/sun/net/www/protocol/http/Modified.java index 6a34f7ca7cb..7f2313db538 100644 --- a/test/jdk/sun/net/www/protocol/http/Modified.java +++ b/test/jdk/sun/net/www/protocol/http/Modified.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2001, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -24,12 +24,16 @@ /* * @test * @bug 4092605 + * @library /test/lib + * @run main/othervm Modified + * @run main/othervm -Djava.net.preferIPv6Addresses=true Modified * @summary Test HttpURLConnection setIfModifiedSince * */ import java.net.*; import java.io.*; +import jdk.test.lib.net.URIBuilder; public class Modified implements Runnable { @@ -78,13 +82,22 @@ public void run() { Modified() throws Exception { - ss = new ServerSocket(0); + InetAddress loopback = InetAddress.getLoopbackAddress(); + InetSocketAddress address = new InetSocketAddress(loopback, 0); + ss = new ServerSocket(); + ss.bind(address); + int port = ss.getLocalPort(); + Thread thr = new Thread(this); thr.start(); - URL testURL = new URL("http://localhost:" + ss.getLocalPort() + - "/index.html"); - URLConnection URLConn = testURL.openConnection(); + URL testURL = URIBuilder.newBuilder() + .scheme("http") + .host(loopback) + .port(port) + .path("/index.html") + .toURL(); + URLConnection URLConn = testURL.openConnection(Proxy.NO_PROXY); HttpURLConnection httpConn; if (URLConn instanceof HttpURLConnection) { diff --git a/test/jdk/sun/net/www/protocol/http/NTLMTest.java b/test/jdk/sun/net/www/protocol/http/NTLMTest.java index d9db4fdacfb..37282f15b03 100644 --- a/test/jdk/sun/net/www/protocol/http/NTLMTest.java +++ b/test/jdk/sun/net/www/protocol/http/NTLMTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2007, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -24,43 +24,50 @@ /* * @test * @bug 6520665 6357133 - * @modules java.base/sun.net.www + * @library /test/lib * @run main/othervm NTLMTest * @summary 6520665 & 6357133: NTLM authentication issues. */ import java.net.*; import java.io.*; -import sun.net.www.MessageHeader; + +import jdk.test.lib.net.HttpHeaderParser; +import jdk.test.lib.net.URIBuilder; public class NTLMTest { - public static void main(String[] args) { + public static void main(String[] args) throws Exception { Authenticator.setDefault(new NullAuthenticator()); try { - // Test with direct connection. - ServerSocket serverSS = new ServerSocket(0); - startServer(serverSS, false); - runClient(Proxy.NO_PROXY, serverSS.getLocalPort()); + InetAddress loopback = InetAddress.getLoopbackAddress(); + // Test with direct connection. + try (NTLMServer server = startServer(new ServerSocket(0, 0, loopback), false)) { + runClient(Proxy.NO_PROXY, server.getLocalPort()); + } // Test with proxy. - serverSS = new ServerSocket(0); - startServer(serverSS, true /*proxy*/); - SocketAddress proxyAddr = new InetSocketAddress("localhost", serverSS.getLocalPort()); - runClient(new Proxy(java.net.Proxy.Type.HTTP, proxyAddr), 8888); - + try (NTLMServer server = + startServer(new ServerSocket(0, 0, loopback), true /*proxy*/)) { + SocketAddress proxyAddr = new InetSocketAddress(loopback, server.getLocalPort()); + runClient(new Proxy(java.net.Proxy.Type.HTTP, proxyAddr), 8888); + } } catch (IOException e) { - e.printStackTrace(); + throw e; } } static void runClient(Proxy proxy, int serverPort) { try { - String urlStr = "http://localhost:" + serverPort + "/"; - URL url = new URL(urlStr); + URL url = URIBuilder.newBuilder() + .scheme("http") + .loopback() + .port(serverPort) + .path("/") + .toURLUnchecked(); HttpURLConnection uc = (HttpURLConnection) url.openConnection(proxy); - uc.getInputStream(); + uc.getInputStream().readAllBytes(); } catch (ProtocolException e) { /* java.net.ProtocolException: Server redirected too many times (20) */ @@ -70,6 +77,7 @@ static void runClient(Proxy proxy, int serverPort) { * returned HTTP response code: 401 for URL: ..." */ //ioe.printStackTrace(); + System.out.println("Got expected " + ioe); } catch (NullPointerException npe) { throw new RuntimeException("Failed: NPE thrown ", npe); } @@ -93,34 +101,56 @@ static void runClient(Proxy proxy, int serverPort) { "Content-Length: 0\r\n" + "Proxy-Authenticate: NTLM TlRMTVNTUAACAAAAAAAAACgAAAABggAAU3J2Tm9uY2UAAAAAAAAAAA==\r\n\r\n"}; - static void startServer(ServerSocket serverSS, boolean proxy) { - final ServerSocket ss = serverSS; - final boolean isProxy = proxy; - - Thread thread = new Thread(new Runnable() { - public void run() { - boolean doing2ndStageNTLM = false; - while (true) { - try { - Socket s = ss.accept(); - if (!doing2ndStageNTLM) { - handleConnection(s, isProxy ? proxyResp : serverResp, 0, 1); - doing2ndStageNTLM = true; - } else { - handleConnection(s, isProxy ? proxyResp : serverResp, 1, 2); - doing2ndStageNTLM = false; - } - connectionCount++; - //System.out.println("connectionCount = " + connectionCount); - - } catch (IOException ioe) { - ioe.printStackTrace(); + static class NTLMServer extends Thread implements AutoCloseable { + final ServerSocket ss; + final boolean isProxy; + volatile boolean closed; + + NTLMServer(ServerSocket serverSS, boolean proxy) { + super(); + setDaemon(true); + ss = serverSS; + isProxy = proxy; + } + + public int getLocalPort() { return ss.getLocalPort(); } + + @Override + public void run() { + boolean doing2ndStageNTLM = false; + while (!closed) { + try { + Socket s = ss.accept(); + if (!doing2ndStageNTLM) { + handleConnection(s, isProxy ? proxyResp : serverResp, 0, 1); + doing2ndStageNTLM = true; + } else { + handleConnection(s, isProxy ? proxyResp : serverResp, 1, 2); + doing2ndStageNTLM = false; } + connectionCount++; + //System.out.println("connectionCount = " + connectionCount); + } catch (IOException ioe) { + if (!closed) ioe.printStackTrace(); } - } }); - thread.setDaemon(true); - thread.start(); + } + } + + @Override + public void close() { + if (closed) return; + synchronized(this) { + if (closed) return; + closed = true; + } + try { ss.close(); } catch (IOException x) { }; + } + } + public static NTLMServer startServer(ServerSocket serverSS, boolean proxy) { + NTLMServer server = new NTLMServer(serverSS, proxy); + server.start(); + return server; } static int connectionCount = 0; @@ -130,7 +160,7 @@ static void handleConnection(Socket s, String[] resp, int start, int end) { OutputStream os = s.getOutputStream(); for (int i=start; i server // client <--- 401 ---- server try (Socket s = ss.accept()) { - new MessageHeader().parseHeader(s.getInputStream()); + new HttpHeaderParser().parse(s.getInputStream()); s.getOutputStream().write(reply.getBytes("US-ASCII")); } @@ -171,10 +171,10 @@ static void test(String... schemes) throws IOException { // client <--- 200 ---- server String auth; try (Socket s = ss.accept()) { - MessageHeader mh = new MessageHeader(); - mh.parseHeader(s.getInputStream()); + HttpHeaderParser mh = new HttpHeaderParser(); + mh.parse(s.getInputStream()); s.getOutputStream().write(OKAY.getBytes("US-ASCII")); - auth = mh.findValue("Authorization"); + auth = mh.getHeaderValue("Authorization").get(0); } // check Authorization header @@ -208,7 +208,7 @@ static void testNTLM() throws Exception { // client ---- GET ---> server // client <--- 401 ---- client try (Socket s = ss.accept()) { - new MessageHeader().parseHeader(s.getInputStream()); + new HttpHeaderParser().parse(s.getInputStream()); s.getOutputStream().write(reply.getBytes("US-ASCII")); } diff --git a/test/jdk/sun/net/www/protocol/http/RedirectOnPost.java b/test/jdk/sun/net/www/protocol/http/RedirectOnPost.java index 9b464c46669..1f88c851f63 100644 --- a/test/jdk/sun/net/www/protocol/http/RedirectOnPost.java +++ b/test/jdk/sun/net/www/protocol/http/RedirectOnPost.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2013, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -24,9 +24,8 @@ /** * @test * @library /test/lib - * @library /lib/testlibrary/ * @modules jdk.httpserver - * @build jdk.testlibrary.SimpleSSLContext + * @build jdk.test.lib.net.SimpleSSLContext * @compile RedirectOnPost.java * @run main/othervm RedirectOnPost * @bug 8029127 @@ -39,7 +38,7 @@ import com.sun.net.httpserver.*; import java.util.concurrent.*; import javax.net.ssl.*; -import jdk.testlibrary.SimpleSSLContext; +import jdk.test.lib.net.SimpleSSLContext; import jdk.test.lib.net.URIBuilder; public class RedirectOnPost { @@ -166,7 +165,8 @@ public void handle(HttpExchange msg) { private static HttpServer getHttpServer(ExecutorService execs) throws Exception { - InetSocketAddress inetAddress = new InetSocketAddress(0); + InetSocketAddress inetAddress = new InetSocketAddress( + InetAddress.getLoopbackAddress(), 0); HttpServer testServer = HttpServer.create(inetAddress, 15); int port = testServer.getAddress().getPort(); testServer.setExecutor(execs); @@ -181,7 +181,8 @@ private static HttpsServer getHttpsServer( ) throws Exception { - InetSocketAddress inetAddress = new InetSocketAddress(0); + InetSocketAddress inetAddress = new InetSocketAddress( + InetAddress.getLoopbackAddress(), 0); HttpsServer testServer = HttpsServer.create(inetAddress, 15); int port = testServer.getAddress().getPort(); testServer.setExecutor(execs); diff --git a/test/jdk/sun/net/www/protocol/http/ResponseCacheStream.java b/test/jdk/sun/net/www/protocol/http/ResponseCacheStream.java index 491299384da..89a7f8afc4a 100644 --- a/test/jdk/sun/net/www/protocol/http/ResponseCacheStream.java +++ b/test/jdk/sun/net/www/protocol/http/ResponseCacheStream.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -99,8 +99,9 @@ public byte[] getBuffer() { public static void main(String[] args) throws Exception { MyResponseCache cache = new MyResponseCache(); try { + InetAddress loopback = InetAddress.getLoopbackAddress(); ResponseCache.setDefault(cache); - server = new TestHttpServer (new ResponseCacheStream()); + server = new TestHttpServer (new ResponseCacheStream(), loopback, 0); System.out.println ("Server: listening on port: " + server.getLocalPort()); URL url = URIBuilder.newBuilder() .scheme("http") diff --git a/test/jdk/sun/net/www/protocol/http/RetryUponTimeout.java b/test/jdk/sun/net/www/protocol/http/RetryUponTimeout.java index bfda1663259..b2214780c2e 100644 --- a/test/jdk/sun/net/www/protocol/http/RetryUponTimeout.java +++ b/test/jdk/sun/net/www/protocol/http/RetryUponTimeout.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,13 +26,13 @@ * @bug 4772077 * @library /test/lib * @summary using defaultReadTimeout appear to retry request upon timeout - * @modules java.base/sun.net.www */ import java.net.*; import java.io.*; + +import jdk.test.lib.net.HttpHeaderParser; import jdk.test.lib.net.URIBuilder; -import sun.net.www.*; public class RetryUponTimeout implements Runnable { // run server @@ -42,7 +42,7 @@ public void run(){ for (int i = 0; i < 2; i++) { socket = server.accept(); InputStream is = socket.getInputStream (); - MessageHeader header = new MessageHeader (is); + HttpHeaderParser header = new HttpHeaderParser (is); count++; } } catch (Exception ex) { diff --git a/test/jdk/sun/net/www/protocol/http/SetChunkedStreamingMode.java b/test/jdk/sun/net/www/protocol/http/SetChunkedStreamingMode.java index 5639f4a3eb1..bda2e404108 100644 --- a/test/jdk/sun/net/www/protocol/http/SetChunkedStreamingMode.java +++ b/test/jdk/sun/net/www/protocol/http/SetChunkedStreamingMode.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -67,7 +67,8 @@ static void read (InputStream is) throws IOException { public static void main (String[] args) throws Exception { try { - server = new TestHttpServer (new SetChunkedStreamingMode(), 1, 10, 0); + server = new TestHttpServer(new SetChunkedStreamingMode(), 1, 10, + InetAddress.getLoopbackAddress(), 0); System.out.println ("Server: listening on port: " + server.getLocalPort()); URL url = URIBuilder.newBuilder() .scheme("http") diff --git a/test/jdk/sun/net/www/protocol/http/SetIfModifiedSince.java b/test/jdk/sun/net/www/protocol/http/SetIfModifiedSince.java index df6045cd302..1ccc1b81b5c 100644 --- a/test/jdk/sun/net/www/protocol/http/SetIfModifiedSince.java +++ b/test/jdk/sun/net/www/protocol/http/SetIfModifiedSince.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2000, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -22,13 +22,15 @@ */ /* @test - @bug 4213164 8172253 - @summary setIfModifiedSince mehtod in HttpURLConnection sometimes fails - */ + * @bug 4213164 8172253 + * @library /test/lib + * @summary setIfModifiedSince method in HttpURLConnection sometimes fails + */ import java.util.*; import java.io.*; import java.net.*; -import java.text.*; + +import jdk.test.lib.net.URIBuilder; public class SetIfModifiedSince implements Runnable { @@ -75,7 +77,8 @@ public void run() { public SetIfModifiedSince() throws Exception { - serverSock = new ServerSocket(0); + serverSock = new ServerSocket(); + serverSock.bind(new InetSocketAddress(InetAddress.getLoopbackAddress(), 0)); int port = serverSock.getLocalPort(); Thread thr = new Thread(this); @@ -86,8 +89,12 @@ public SetIfModifiedSince() throws Exception { HttpURLConnection con; //url = new URL(args[0]); - url = new URL("http://localhost:" + String.valueOf(port) + - "/anything"); + url = URIBuilder.newBuilder() + .scheme("http") + .loopback() + .port(port) + .path("/anything") + .toURL(); con = (HttpURLConnection)url.openConnection(Proxy.NO_PROXY); con.setIfModifiedSince(date.getTime()); diff --git a/test/jdk/sun/net/www/protocol/http/TunnelThroughProxy.java b/test/jdk/sun/net/www/protocol/http/TunnelThroughProxy.java index ba729f84fe5..c291e2b469d 100644 --- a/test/jdk/sun/net/www/protocol/http/TunnelThroughProxy.java +++ b/test/jdk/sun/net/www/protocol/http/TunnelThroughProxy.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it diff --git a/test/jdk/sun/net/www/protocol/http/UserAgent.java b/test/jdk/sun/net/www/protocol/http/UserAgent.java index 7db84882488..40ff5d3106f 100644 --- a/test/jdk/sun/net/www/protocol/http/UserAgent.java +++ b/test/jdk/sun/net/www/protocol/http/UserAgent.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2001, 2019, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2001, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,6 @@ * @test * @bug 4512200 * @library /test/lib - * @modules java.base/sun.net.www * @run main/othervm -Dhttp.agent=foo UserAgent * @run main/othervm -Dhttp.agent=foo -Djava.net.preferIPv6Addresses=true UserAgent * @summary HTTP header "User-Agent" format incorrect @@ -34,8 +33,9 @@ import java.io.*; import java.util.*; import java.net.*; + +import jdk.test.lib.net.HttpHeaderParser; import jdk.test.lib.net.URIBuilder; -import sun.net.www.MessageHeader; class Server extends Thread { Server (ServerSocket server) { @@ -46,8 +46,8 @@ public void run () { String version = System.getProperty ("java.version"); String expected = "foo Java/"+version; Socket s = server.accept (); - MessageHeader header = new MessageHeader (s.getInputStream()); - String v = header.findValue ("User-Agent"); + HttpHeaderParser header = new HttpHeaderParser (s.getInputStream()); + String v = header.getHeaderValue ("User-Agent").get(0); if (!expected.equals (v)) { error ("Got unexpected User-Agent: " + v); } else { diff --git a/test/jdk/sun/net/www/protocol/https/HttpsClient/ProxyAuthTest.java b/test/jdk/sun/net/www/protocol/https/HttpsClient/ProxyAuthTest.java index 6e3df007628..bbd9536d208 100644 --- a/test/jdk/sun/net/www/protocol/https/HttpsClient/ProxyAuthTest.java +++ b/test/jdk/sun/net/www/protocol/https/HttpsClient/ProxyAuthTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2001, 2017, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2001, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -59,6 +59,7 @@ import java.io.IOException; import java.io.InputStreamReader; import java.net.Authenticator; +import java.net.InetAddress; import java.net.InetSocketAddress; import java.net.PasswordAuthentication; import java.net.Proxy; @@ -80,6 +81,10 @@ public class ProxyAuthTest extends SSLSocketTemplate { private static boolean expectSuccess; + ProxyAuthTest() { + serverAddress = InetAddress.getLoopbackAddress(); + } + /* * Run the test case. */ @@ -143,18 +148,25 @@ protected void runClientApplication(int serverPort) throws Exception { */ HttpsURLConnection.setDefaultHostnameVerifier(new NameVerifier()); - InetSocketAddress paddr = - new InetSocketAddress("localhost", ps.getPort()); + InetSocketAddress paddr = InetSocketAddress + .createUnresolved(ps.getInetAddress().getHostAddress(), + ps.getPort()); Proxy proxy = new Proxy(Proxy.Type.HTTP, paddr); + InetAddress serverAddress = this.serverAddress; + String host = serverAddress == null + ? "localhost" + : serverAddress.getHostAddress(); + if (host.indexOf(':') > -1) host = "[" + host + "]"; URL url = new URL( - "https://" + "localhost:" + serverPort + "/index.html"); + "https://" + host + ":" + serverPort + "/index.html"); + System.out.println("URL: " + url); BufferedReader in = null; HttpsURLConnection uc = (HttpsURLConnection) url.openConnection(proxy); try { in = new BufferedReader(new InputStreamReader(uc.getInputStream())); String inputLine; - System.out.print("Client recieved from the server: "); + System.out.print("Client received from the server: "); while ((inputLine = in.readLine()) != null) { System.out.println(inputLine); } @@ -226,7 +238,8 @@ public boolean verify(String hostname, SSLSession session) { } private static ProxyTunnelServer setupProxy() throws IOException { - ProxyTunnelServer pserver = new ProxyTunnelServer(); + InetAddress loopback = InetAddress.getLoopbackAddress(); + ProxyTunnelServer pserver = new ProxyTunnelServer(loopback); /* * register a system wide authenticator and setup the proxy for diff --git a/test/jdk/sun/net/www/protocol/https/HttpsClient/ProxyTunnelServer.java b/test/jdk/sun/net/www/protocol/https/HttpsClient/ProxyTunnelServer.java index 90315e8cc84..65dc796a5db 100644 --- a/test/jdk/sun/net/www/protocol/https/HttpsClient/ProxyTunnelServer.java +++ b/test/jdk/sun/net/www/protocol/https/HttpsClient/ProxyTunnelServer.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2001, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2001, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -61,9 +61,14 @@ public class ProxyTunnelServer extends Thread { static boolean needAuth = false; public ProxyTunnelServer() throws IOException { + this(null); // use wildcard + } + + public ProxyTunnelServer(InetAddress proxyAddress) throws IOException { if (ss == null) { - ss = (ServerSocket) ServerSocketFactory.getDefault(). - createServerSocket(0); + ss = (ServerSocket) ServerSocketFactory.getDefault(). + createServerSocket(); + ss.bind(new InetSocketAddress(proxyAddress, 0)); } setDaemon(true); } @@ -274,9 +279,9 @@ private void retrieveConnectInfo(String connectStr) throws Exception { serverName = connectInfo.substring(0, endi); serverPort = Integer.parseInt(connectInfo.substring(endi+1)); } catch (Exception e) { - throw new IOException("Proxy recieved a request: " - + connectStr); - } + throw new IOException("Proxy received a request: " + + connectStr, e); + } serverInetAddr = InetAddress.getByName(serverName); } @@ -284,6 +289,10 @@ public int getPort() { return ss.getLocalPort(); } + public InetAddress getInetAddress() { + return ss.getInetAddress(); + } + /* * do "basic" authentication, authInfo is of the form: * Basic diff --git a/test/jdk/sun/net/www/protocol/https/HttpsClient/ServerIdentityTest.java b/test/jdk/sun/net/www/protocol/https/HttpsClient/ServerIdentityTest.java index 4672fb6ad67..15224e22e6e 100644 --- a/test/jdk/sun/net/www/protocol/https/HttpsClient/ServerIdentityTest.java +++ b/test/jdk/sun/net/www/protocol/https/HttpsClient/ServerIdentityTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2001, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2001, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -42,7 +42,10 @@ import java.io.BufferedWriter; import java.io.OutputStreamWriter; import java.net.HttpURLConnection; +import java.net.InetAddress; +import java.net.Proxy; import java.net.URL; +import java.net.UnknownHostException; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLContext; @@ -64,6 +67,10 @@ public static void main(String[] args) throws Exception { (new ServerIdentityTest()).run(); } + ServerIdentityTest() throws UnknownHostException { + serverAddress = InetAddress.getByName(hostname); + } + @Override protected boolean isCustomizedClientConnection() { return true; @@ -88,7 +95,7 @@ protected void runClientApplication(int serverPort) throws Exception { HttpURLConnection urlc = null; InputStream is = null; try { - urlc = (HttpURLConnection)url.openConnection(); + urlc = (HttpURLConnection)url.openConnection(Proxy.NO_PROXY); is = urlc.getInputStream(); } finally { if (is != null) { diff --git a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/B6226610.java b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/B6226610.java index c04ad1d1560..9fca12c9958 100644 --- a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/B6226610.java +++ b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/B6226610.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,7 @@ * @test * @bug 6226610 6973030 * @summary HTTP tunnel connections send user headers to proxy - * @modules java.base/sun.net.www + * @library /test/lib * @run main/othervm B6226610 */ @@ -37,7 +37,9 @@ import java.io.*; import java.net.*; -import sun.net.www.MessageHeader; + +import jdk.test.lib.net.HttpHeaderParser; + public class B6226610 { static HeaderCheckerProxyTunnelServer proxy; @@ -47,12 +49,14 @@ public static void main(String[] args) throws Exception proxy = new HeaderCheckerProxyTunnelServer(); proxy.start(); - String hostname = InetAddress.getLocalHost().getHostName(); + InetAddress localHost = InetAddress.getLocalHost(); + String hostname = localHost.getHostName(); + String hostAddress = localHost.getHostAddress(); try { URL u = new URL("https://" + hostname + "/"); System.out.println("Connecting to " + u); - InetSocketAddress proxyAddr = new InetSocketAddress(hostname, proxy.getLocalPort()); + InetSocketAddress proxyAddr = InetSocketAddress.createUnresolved(hostAddress, proxy.getLocalPort()); java.net.URLConnection c = u.openConnection(new Proxy(Proxy.Type.HTTP, proxyAddr)); /* I want this header to go to the destination server only, protected @@ -96,7 +100,8 @@ class HeaderCheckerProxyTunnelServer extends Thread public HeaderCheckerProxyTunnelServer() throws IOException { if (ss == null) { - ss = new ServerSocket(0); + ss = new ServerSocket(); + ss.bind(new InetSocketAddress(InetAddress.getLocalHost(), 0)); } } @@ -135,24 +140,24 @@ public int getLocalPort() { private void processRequests() throws IOException { InputStream in = clientSocket.getInputStream(); - MessageHeader mheader = new MessageHeader(in); - String statusLine = mheader.getValue(0); + HttpHeaderParser mheader = new HttpHeaderParser(in); + String statusLine = mheader.getRequestDetails(); if (statusLine.startsWith("CONNECT")) { // retrieve the host and port info from the status-line retrieveConnectInfo(statusLine); - if (mheader.findValue("X-TestHeader") != null) { - System.out.println("Proxy should not receive user defined headers for tunneled requests"); - failed = true; + if (mheader.getHeaderValue("X-TestHeader") != null) { + System.out.println("Proxy should not receive user defined headers for tunneled requests"); + failed = true; } // 6973030 String value; - if ((value = mheader.findValue("Proxy-Connection")) == null || + if ((value = mheader.getHeaderValue("Proxy-Connection").get(0)) == null || !value.equals("keep-alive")) { - System.out.println("Proxy-Connection:keep-alive not being sent"); - failed = true; + System.out.println("Proxy-Connection:keep-alive not being sent"); + failed = true; } //This will allow the main thread to terminate without trying to perform the SSL handshake. @@ -206,8 +211,8 @@ private void retrieveConnectInfo(String connectStr) throws IOException { serverPort = Integer.parseInt(connectInfo.substring(endi+1)); } catch (Exception e) { throw new IOException("Proxy recieved a request: " - + connectStr); - } + + connectStr, e); + } serverInetAddr = InetAddress.getByName(serverName); } } diff --git a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/CookieHandlerTest.java b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/CookieHandlerTest.java index 565138c143d..4d17e87c6d7 100644 --- a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/CookieHandlerTest.java +++ b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/CookieHandlerTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -24,6 +24,7 @@ /* @test * @bug 4696506 4942650 * @summary Unit test for java.net.CookieHandler + * @library /test/lib * @run main/othervm CookieHandlerTest * * SunJSSE does not support dynamic system properties, no way to re-use @@ -35,6 +36,7 @@ import java.util.*; import java.io.*; import javax.net.ssl.*; +import jdk.test.lib.net.URIBuilder; public class CookieHandlerTest { static Map cookies; @@ -78,10 +80,12 @@ public class CookieHandlerTest { * to avoid infinite hangs. */ void doServerSide() throws Exception { + InetAddress loopback = InetAddress.getLoopbackAddress(); SSLServerSocketFactory sslssf = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault(); SSLServerSocket sslServerSocket = - (SSLServerSocket) sslssf.createServerSocket(serverPort); + (SSLServerSocket) sslssf.createServerSocket(); + sslServerSocket.bind(new InetSocketAddress(loopback, serverPort)); serverPort = sslServerSocket.getLocalPort(); /* @@ -151,8 +155,11 @@ void doClientSide() throws Exception { } HttpsURLConnection http = null; /* establish http connection to server */ - String uri = "https://localhost:" + +serverPort ; - URL url = new URL(uri); + URL url = URIBuilder.newBuilder() + .scheme("https") + .loopback() + .port(serverPort) + .toURL(); HttpsURLConnection.setDefaultHostnameVerifier(new NameVerifier()); http = (HttpsURLConnection)url.openConnection(); diff --git a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/DNSIdentities.java b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/DNSIdentities.java index e0c46743d4d..0d479d60fd2 100644 --- a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/DNSIdentities.java +++ b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/DNSIdentities.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2010, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -651,8 +651,13 @@ void doServerSide() throws Exception { serverModulus, serverPrivateExponent, passphrase); SSLServerSocketFactory sslssf = context.getServerSocketFactory(); + // doClientSide() connects to "localhost" + InetAddress localHost = InetAddress.getByName("localhost"); + InetSocketAddress address = new InetSocketAddress(localHost, serverPort); + sslServerSocket = - (SSLServerSocket) sslssf.createServerSocket(serverPort); + (SSLServerSocket) sslssf.createServerSocket(); + sslServerSocket.bind(address); serverPort = sslServerSocket.getLocalPort(); /* @@ -717,7 +722,7 @@ void doClientSide() throws Exception { System.out.println("url is "+url.toString()); try { - http = (HttpsURLConnection)url.openConnection(); + http = (HttpsURLConnection)url.openConnection(Proxy.NO_PROXY); int respCode = http.getResponseCode(); System.out.println("respCode = "+respCode); diff --git a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/HttpsPost.java b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/HttpsPost.java index 7964234dbfd..a819139f5a5 100644 --- a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/HttpsPost.java +++ b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/HttpsPost.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2001, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2001, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,7 +26,9 @@ * @bug 4423074 * @summary Need to rebase all the duplicated classes from Merlin. * This test will check out http POST + * @library /test/lib * @run main/othervm HttpsPost + * @run main/othervm -Djava.net.preferIPv6Addresses=true HttpsPost * * SunJSSE does not support dynamic system properties, no way to re-use * system properties in samevm/agentvm mode. @@ -35,6 +37,7 @@ import java.io.*; import java.net.*; import javax.net.ssl.*; +import jdk.test.lib.net.URIBuilder; public class HttpsPost { @@ -95,12 +98,16 @@ public class HttpsPost { * to avoid infinite hangs. */ void doServerSide() throws Exception { + InetAddress loopback = InetAddress.getLoopbackAddress(); SSLServerSocketFactory sslssf = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault(); SSLServerSocket sslServerSocket = - (SSLServerSocket) sslssf.createServerSocket(serverPort); + (SSLServerSocket) sslssf.createServerSocket(serverPort, 0, loopback); serverPort = sslServerSocket.getLocalPort(); + System.out.println("Starting server at: " + + sslServerSocket.getInetAddress() + + ":" + serverPort); /* * Signal Client, we're ready for his connect. */ @@ -155,10 +162,15 @@ void doClientSide() throws Exception { } // Send HTTP POST request to server - URL url = new URL("https://localhost:"+serverPort); + URL url = URIBuilder.newBuilder() + .scheme("https") + .loopback() + .port(serverPort) + .toURL(); + System.out.println("Client connecting to: " + url); HttpsURLConnection.setDefaultHostnameVerifier(new NameVerifier()); - HttpsURLConnection http = (HttpsURLConnection)url.openConnection(); + HttpsURLConnection http = (HttpsURLConnection)url.openConnection(Proxy.NO_PROXY); http.setDoOutput(true); http.setRequestMethod("POST"); diff --git a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/HttpsProxyStackOverflow.java b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/HttpsProxyStackOverflow.java index d214bd513f7..7e4a3fe130a 100644 --- a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/HttpsProxyStackOverflow.java +++ b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/HttpsProxyStackOverflow.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2011, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -34,6 +34,7 @@ import java.io.InputStream; import java.net.Authenticator; import java.net.Proxy; +import java.net.InetAddress; import java.net.InetSocketAddress; import java.net.PasswordAuthentication; import java.net.ServerSocket; @@ -51,9 +52,11 @@ public static void main(String[] args) throws IOException { static void doClient(BadAuthProxyServer server) throws IOException { // url doesn't matter since we will never make the connection URL url = new URL("https://anythingwilldo/"); + InetAddress loopback = InetAddress.getLoopbackAddress(); + String loopbackAddress = loopback.getHostAddress(); HttpsURLConnection conn = (HttpsURLConnection) url.openConnection( new Proxy(Proxy.Type.HTTP, - new InetSocketAddress("localhost", server.getPort()))); + InetSocketAddress.createUnresolved(loopbackAddress, server.getPort()))); try (InputStream is = conn.getInputStream()) { } catch(IOException unused) { // no real server, IOException is expected. @@ -70,8 +73,11 @@ protected PasswordAuthentication getPasswordAuthentication() { return new PasswordAuthentication("xyz", "xyz".toCharArray()); } }); - - BadAuthProxyServer server = new BadAuthProxyServer(new ServerSocket(0)); + InetAddress loopback = InetAddress.getLoopbackAddress(); + InetSocketAddress address = new InetSocketAddress(loopback, 0); + ServerSocket ss = new ServerSocket(); + ss.bind(address); + BadAuthProxyServer server = new BadAuthProxyServer(ss); Thread serverThread = new Thread(server); serverThread.start(); return server; @@ -113,4 +119,3 @@ void done() { } } } - diff --git a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/IPAddressDNSIdentities.java b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/IPAddressDNSIdentities.java index 30b8506d37e..dda6dc6078a 100644 --- a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/IPAddressDNSIdentities.java +++ b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/IPAddressDNSIdentities.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2010, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -650,8 +650,13 @@ void doServerSide() throws Exception { serverModulus, serverPrivateExponent, passphrase); SSLServerSocketFactory sslssf = context.getServerSocketFactory(); + // doClientSide() connects to the loopback address + InetAddress loopback = InetAddress.getLoopbackAddress(); + InetSocketAddress address = new InetSocketAddress(loopback, serverPort); + sslServerSocket = - (SSLServerSocket) sslssf.createServerSocket(serverPort); + (SSLServerSocket) sslssf.createServerSocket(); + sslServerSocket.bind(address); serverPort = sslServerSocket.getLocalPort(); /* @@ -721,7 +726,7 @@ void doClientSide() throws Exception { System.out.println("url is "+url.toString()); try { - http = (HttpsURLConnection)url.openConnection(); + http = (HttpsURLConnection)url.openConnection(Proxy.NO_PROXY); int respCode = http.getResponseCode(); System.out.println("respCode = " + respCode); diff --git a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/IPAddressIPIdentities.java b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/IPAddressIPIdentities.java index 3662d02332c..bd6c62c603c 100644 --- a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/IPAddressIPIdentities.java +++ b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/IPAddressIPIdentities.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2010, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -654,8 +654,13 @@ void doServerSide() throws Exception { serverModulus, serverPrivateExponent, passphrase); SSLServerSocketFactory sslssf = context.getServerSocketFactory(); + // doClientSide() connects to the loopback address + InetAddress loopback = InetAddress.getLoopbackAddress(); + InetSocketAddress address = new InetSocketAddress(loopback, serverPort); + sslServerSocket = - (SSLServerSocket) sslssf.createServerSocket(serverPort); + (SSLServerSocket) sslssf.createServerSocket(); + sslServerSocket.bind(address); serverPort = sslServerSocket.getLocalPort(); /* @@ -725,7 +730,7 @@ void doClientSide() throws Exception { System.out.println("url is "+url.toString()); try { - http = (HttpsURLConnection)url.openConnection(); + http = (HttpsURLConnection)url.openConnection(Proxy.NO_PROXY); int respCode = http.getResponseCode(); System.out.println("respCode = "+respCode); diff --git a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/IPIdentities.java b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/IPIdentities.java index 8cc09a76252..91f0020f7d1 100644 --- a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/IPIdentities.java +++ b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/IPIdentities.java @@ -29,6 +29,7 @@ /* @test * @summary X509 certificate hostname checking is broken in JDK1.6.0_10 * @bug 6766775 + * @library /test/lib * @run main/othervm IPIdentities * @author Xuelei Fan */ @@ -45,6 +46,7 @@ import java.security.spec.*; import java.security.interfaces.*; import java.math.BigInteger; +import jdk.test.lib.net.URIBuilder; /* * Certificates and key used in the test. @@ -652,8 +654,13 @@ void doServerSide() throws Exception { serverModulus, serverPrivateExponent, passphrase); SSLServerSocketFactory sslssf = context.getServerSocketFactory(); + // doClientSide() connects to the loopback address + InetAddress loopback = InetAddress.getLoopbackAddress(); + InetSocketAddress address = new InetSocketAddress(loopback, serverPort); + sslServerSocket = - (SSLServerSocket) sslssf.createServerSocket(serverPort); + (SSLServerSocket) sslssf.createServerSocket(); + sslServerSocket.bind(address); serverPort = sslServerSocket.getLocalPort(); /* @@ -713,11 +720,16 @@ void doClientSide() throws Exception { HttpsURLConnection http = null; /* establish http connection to server */ - URL url = new URL("https://localhost:" + serverPort+"/"); + URL url = URIBuilder.newBuilder() + .scheme("https") + .loopback() + .port(serverPort) + .path("/") + .toURL(); System.out.println("url is "+url.toString()); try { - http = (HttpsURLConnection)url.openConnection(); + http = (HttpsURLConnection)url.openConnection(Proxy.NO_PROXY); int respCode = http.getResponseCode(); System.out.println("respCode = "+respCode); diff --git a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/Identities.java b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/Identities.java index 28f61c79f1c..3764b3de688 100644 --- a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/Identities.java +++ b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/Identities.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2010, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -651,8 +651,13 @@ void doServerSide() throws Exception { serverModulus, serverPrivateExponent, passphrase); SSLServerSocketFactory sslssf = context.getServerSocketFactory(); + // doClientSide() connects to "localhost" + InetAddress localHost = InetAddress.getByName("localhost"); + InetSocketAddress address = new InetSocketAddress(localHost, serverPort); + sslServerSocket = - (SSLServerSocket) sslssf.createServerSocket(serverPort); + (SSLServerSocket) sslssf.createServerSocket(); + sslServerSocket.bind(address); serverPort = sslServerSocket.getLocalPort(); /* @@ -717,7 +722,7 @@ void doClientSide() throws Exception { System.out.println("url is "+url.toString()); try { - http = (HttpsURLConnection)url.openConnection(); + http = (HttpsURLConnection)url.openConnection(Proxy.NO_PROXY); int respCode = http.getResponseCode(); System.out.println("respCode = "+respCode); diff --git a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/ImpactOnSNI.java b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/ImpactOnSNI.java index d90d9478e2a..16e6d09798e 100644 --- a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/ImpactOnSNI.java +++ b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/ImpactOnSNI.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2016, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -95,6 +95,16 @@ public class ImpactOnSNI { * smart about it.... */ + private SSLServerSocket createServerSocket(SSLServerSocketFactory sslssf) + throws Exception { + SSLServerSocket sslServerSocket = + (SSLServerSocket)sslssf.createServerSocket(); + InetAddress localHost = InetAddress.getLocalHost(); + InetSocketAddress address = new InetSocketAddress(localHost, serverPort); + sslServerSocket.bind(address); + return sslServerSocket; + } + /* * Define the server side of the test. * @@ -104,8 +114,7 @@ public class ImpactOnSNI { private void doServerSide() throws Exception { SSLServerSocketFactory sslssf = (SSLServerSocketFactory)SSLServerSocketFactory.getDefault(); - try (SSLServerSocket sslServerSocket = - (SSLServerSocket)sslssf.createServerSocket(serverPort)) { + try (SSLServerSocket sslServerSocket = createServerSocket(sslssf)) { serverPort = sslServerSocket.getLocalPort(); diff --git a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/PostThruProxy.java b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/PostThruProxy.java index eeb1150464e..4efc7df483f 100644 --- a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/PostThruProxy.java +++ b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/PostThruProxy.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2001, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2001, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -27,8 +27,7 @@ import javax.net.*; import javax.net.ssl.*; -import jdk.test.lib.process.OutputAnalyzer; -import jdk.test.lib.process.ProcessTools; +import jdk.test.lib.net.URIBuilder; /* * @test @@ -39,12 +38,6 @@ * that serves http POST method requests in secure channel, and a client * that makes https POST request through a proxy. * @library /test/lib - * @build jdk.test.lib.Utils - * jdk.test.lib.Asserts - * jdk.test.lib.JDKToolFinder - * jdk.test.lib.JDKToolLauncher - * jdk.test.lib.Platform - * jdk.test.lib.process.* * @compile OriginServer.java ProxyTunnelServer.java * @run main/othervm PostThruProxy */ @@ -62,6 +55,9 @@ public class PostThruProxy { static String passwd = "passphrase"; private static int serverPort = 0; + private static ProxyTunnelServer pserver; + private static TestServer server; + static final String RESPONSE_MSG = "Https POST thru proxy is successful"; /* * The TestServer implements a OriginServer that @@ -79,8 +75,7 @@ public TestServer(ServerSocket ss) throws Exception { * @return bytes for the data in the response */ public byte[] getBytes() { - return "Https POST thru proxy is successful". - getBytes(); + return RESPONSE_MSG.getBytes(); } } @@ -88,6 +83,7 @@ public byte[] getBytes() { * Main method to create the server and client */ public static void main(String args[]) throws Exception { + String keyFilename = TEST_SRC + "/" + pathToStores + "/" + keyStoreFile; String trustFilename = TEST_SRC + "/" + pathToStores + "/" + trustStoreFile; @@ -97,16 +93,18 @@ public static void main(String args[]) throws Exception { System.setProperty("javax.net.ssl.trustStore", trustFilename); System.setProperty("javax.net.ssl.trustStorePassword", passwd); + InetAddress loopback = InetAddress.getLoopbackAddress(); boolean useSSL = true; /* * setup the server */ try { ServerSocketFactory ssf = getServerSocketFactory(useSSL); - ServerSocket ss = ssf.createServerSocket(serverPort); + ServerSocket ss = ssf.createServerSocket(serverPort, 0, loopback); ss.setSoTimeout(TIMEOUT); // 30 seconds serverPort = ss.getLocalPort(); - new TestServer(ss); + server = new TestServer(ss); + System.out.println("Server started at: " + ss); } catch (Exception e) { System.out.println("Server side failed:" + e.getMessage()); @@ -120,6 +118,12 @@ public static void main(String args[]) throws Exception { e.getMessage()); throw e; } + long connectCount = pserver.getConnectCount(); + if (connectCount == 0) { + throw new AssertionError("Proxy was not used!"); + } else { + System.out.println("Proxy CONNECT count: " + connectCount); + } } private static ServerSocketFactory getServerSocketFactory @@ -162,9 +166,15 @@ static void doClientSide() throws Exception { */ HttpsURLConnection.setDefaultHostnameVerifier( new NameVerifier()); - URL url = new URL("https://" + getHostname() +":" + serverPort); + URL url = URIBuilder.newBuilder() + .scheme("https") + .loopback() + .port(serverPort) + .toURL(); Proxy p = new Proxy(Proxy.Type.HTTP, pAddr); + System.out.println("Client connecting to: " + url); + System.out.println("Through proxy: " + pAddr); HttpsURLConnection https = (HttpsURLConnection)url.openConnection(p); https.setConnectTimeout(TIMEOUT); https.setReadTimeout(TIMEOUT); @@ -185,9 +195,15 @@ static void doClientSide() throws Exception { new InputStreamReader( https.getInputStream())); String inputLine; - while ((inputLine = in.readLine()) != null) + boolean msgFound = false; + while ((inputLine = in.readLine()) != null) { System.out.println("Client received: " + inputLine); + if (inputLine.contains(RESPONSE_MSG)) msgFound = true; + } in.close(); + if (!msgFound) { + throw new RuntimeException("POST message not found."); + } } catch (SSLException e) { if (ps != null) ps.close(); @@ -208,20 +224,13 @@ public boolean verify(String hostname, SSLSession session) { } static SocketAddress setupProxy() throws IOException { - ProxyTunnelServer pserver = new ProxyTunnelServer(); + InetAddress loopback = InetAddress.getLoopbackAddress(); + pserver = new ProxyTunnelServer(loopback); // disable proxy authentication pserver.needUserAuth(false); pserver.start(); - return new InetSocketAddress("localhost", pserver.getPort()); + return new InetSocketAddress(loopback, pserver.getPort()); } - private static String getHostname() { - try { - OutputAnalyzer oa = ProcessTools.executeCommand("hostname"); - return oa.getOutput().trim(); - } catch (Throwable e) { - throw new RuntimeException("Get hostname failed.", e); - } - } } diff --git a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/PostThruProxyWithAuth.java b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/PostThruProxyWithAuth.java index 0c6c06facaf..c1e5b3d4413 100644 --- a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/PostThruProxyWithAuth.java +++ b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/PostThruProxyWithAuth.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2001, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2001, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -29,6 +29,7 @@ import jdk.test.lib.process.OutputAnalyzer; import jdk.test.lib.process.ProcessTools; +import jdk.test.lib.net.URIBuilder; /* * @test @@ -47,6 +48,8 @@ * jdk.test.lib.process.* * @compile OriginServer.java ProxyTunnelServer.java * @run main/othervm -Djdk.http.auth.tunneling.disabledSchemes= PostThruProxyWithAuth + * @run main/othervm -Djava.net.preferIPv6Addresses=true + -Djdk.http.auth.tunneling.disabledSchemes= PostThruProxyWithAuth */ public class PostThruProxyWithAuth { @@ -62,6 +65,11 @@ public class PostThruProxyWithAuth { static String passwd = "passphrase"; volatile private static int serverPort = 0; + private static ProxyTunnelServer pserver; + private static TestServer server; + + static final String RESPONSE_MSG = + "Https POST thru proxy is successful with proxy authentication"; /* * The TestServer implements a OriginServer that @@ -79,9 +87,7 @@ public TestServer(ServerSocket ss) throws Exception { * @return bytes for the data in the response */ public byte[] getBytes() { - return - "Https POST thru proxy is successful with proxy authentication". - getBytes(); + return RESPONSE_MSG.getBytes(); } } @@ -103,11 +109,13 @@ public static void main(String args[]) throws Exception { * setup the server */ try { + InetAddress localhost = InetAddress.getLocalHost(); ServerSocketFactory ssf = getServerSocketFactory(useSSL); - ServerSocket ss = ssf.createServerSocket(serverPort); + ServerSocket ss = ssf.createServerSocket(serverPort, 0, localhost); ss.setSoTimeout(TIMEOUT); // 30 seconds serverPort = ss.getLocalPort(); - new TestServer(ss); + server = new TestServer(ss); + System.out.println("Server started at: " + ss); } catch (Exception e) { System.out.println("Server side failed:" + e.getMessage()); @@ -120,7 +128,13 @@ public static void main(String args[]) throws Exception { System.out.println("Client side failed: " + e.getMessage()); throw e; - } + } + long connectCount = pserver.getConnectCount(); + if (connectCount == 0) { + throw new AssertionError("Proxy was not used!"); + } else { + System.out.println("Proxy CONNECT count: " + connectCount); + } } private static ServerSocketFactory getServerSocketFactory @@ -160,9 +174,16 @@ static void doClientSide() throws Exception { */ HttpsURLConnection.setDefaultHostnameVerifier( new NameVerifier()); - URL url = new URL("https://" + getHostname() + ":" + serverPort); + + URL url = URIBuilder.newBuilder() + .scheme("https") + .host(getHostname()) + .port(serverPort) + .toURL(); Proxy p = new Proxy(Proxy.Type.HTTP, pAddr); + System.out.println("Client connecting to: " + url); + System.out.println("Through proxy: " + pAddr); HttpsURLConnection https = (HttpsURLConnection)url.openConnection(p); https.setConnectTimeout(TIMEOUT); https.setReadTimeout(TIMEOUT); @@ -182,9 +203,15 @@ static void doClientSide() throws Exception { new InputStreamReader( https.getInputStream())); String inputLine; - while ((inputLine = in.readLine()) != null) - System.out.println("Client received: " + inputLine); + boolean msgFound = false; + while ((inputLine = in.readLine()) != null) { + System.out.println("Client received: " + inputLine); + if (inputLine.contains(RESPONSE_MSG)) msgFound = true; + } in.close(); + if (!msgFound) { + throw new RuntimeException("POST message not found."); + } } catch (SSLException e) { if (ps != null) ps.close(); @@ -202,7 +229,9 @@ public boolean verify(String hostname, SSLSession session) { } static SocketAddress setupProxy() throws IOException { - ProxyTunnelServer pserver = new ProxyTunnelServer(); + + InetAddress localhost = InetAddress.getLocalHost(); + pserver = new ProxyTunnelServer(localhost); /* * register a system wide authenticator and setup the proxy for @@ -216,7 +245,7 @@ static SocketAddress setupProxy() throws IOException { pserver.start(); - return new InetSocketAddress("localhost", pserver.getPort()); + return new InetSocketAddress(localhost, pserver.getPort()); } public static class TestAuthenticator extends Authenticator { diff --git a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/ProxyTunnelServer.java b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/ProxyTunnelServer.java index 02a7af75317..dc6dcfeff67 100644 --- a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/ProxyTunnelServer.java +++ b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/ProxyTunnelServer.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2001, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2001, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -63,11 +63,23 @@ public class ProxyTunnelServer extends Thread { */ static boolean needAuth = false; + volatile long connectCount; + public ProxyTunnelServer() throws IOException { if (ss == null) { ss = (ServerSocket) ServerSocketFactory.getDefault() .createServerSocket(0); ss.setSoTimeout(TIMEOUT); + System.out.println("Proxy server created: " + ss); + } + } + + public ProxyTunnelServer(InetAddress address) throws IOException { + if (ss == null) { + ss = (ServerSocket) ServerSocketFactory.getDefault() + .createServerSocket(0, 0, address); + ss.setSoTimeout(TIMEOUT); + System.out.println("Proxy server created: " + ss); } } @@ -86,7 +98,9 @@ public void setUserAuth(String uname, String passwd) { public void run() { try { + System.out.println("Proxy server listening at: " + ss); clientSocket = ss.accept(); + System.out.println("Proxy server accepted connection: " + clientSocket); processRequests(); } catch (SocketTimeoutException e) { System.out.println( @@ -101,7 +115,9 @@ public void run() { System.out.println("ProxyServer close error: " + excep); excep.printStackTrace(); } - } + } finally { + System.out.println("Proxy server: request served"); + } } /* @@ -118,6 +134,7 @@ private void processRequests() throws Exception { String statusLine = mheader.getValue(0); if (statusLine.startsWith("CONNECT")) { + synchronized(this) { connectCount++; } // retrieve the host and port info from the status-line retrieveConnectInfo(statusLine); if (needAuth) { @@ -154,6 +171,10 @@ private void processRequests() throws Exception { } } + public long getConnectCount() { + return connectCount; + } + private void respondForConnect(boolean needAuth) throws Exception { OutputStream out = clientSocket.getOutputStream(); @@ -273,13 +294,19 @@ private void retrieveConnectInfo(String connectStr) throws Exception { endi = connectStr.lastIndexOf(' '); connectInfo = connectStr.substring(starti+1, endi).trim(); // retrieve server name and port - endi = connectInfo.indexOf(':'); - serverName = connectInfo.substring(0, endi); + if (connectInfo.charAt(0) == '[') { + endi = connectInfo.indexOf(']'); + serverName = connectInfo.substring(1, endi++); + assert connectInfo.charAt(endi) == ':' : "Expected [IPv6]:port"; + } else { + endi = connectInfo.indexOf(':'); + serverName = connectInfo.substring(0, endi); + } serverPort = Integer.parseInt(connectInfo.substring(endi+1)); } catch (Exception e) { throw new IOException("Proxy recieved a request: " + connectStr, e); - } + } serverInetAddr = InetAddress.getByName(serverName); } diff --git a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/RetryHttps.java b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/RetryHttps.java index ae5da4078e0..5c5cceb106b 100644 --- a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/RetryHttps.java +++ b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/RetryHttps.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -24,7 +24,9 @@ /* @test * @bug 4799427 * @summary Https can not retry request + * @library /test/lib * @run main/othervm RetryHttps + * @run main/othervm -Djava.net.preferIPv6Addresses=true RetryHttps * * SunJSSE does not support dynamic system properties, no way to re-use * system properties in samevm/agentvm mode. @@ -35,6 +37,7 @@ import java.util.*; import java.io.*; import javax.net.ssl.*; +import jdk.test.lib.net.URIBuilder; public class RetryHttps { static Map cookies; @@ -80,12 +83,17 @@ public class RetryHttps { * to avoid infinite hangs. */ void doServerSide() throws Exception { + InetAddress loopback = InetAddress.getLoopbackAddress(); SSLServerSocketFactory sslssf = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault(); sslServerSocket = - (SSLServerSocket) sslssf.createServerSocket(serverPort); + (SSLServerSocket) sslssf.createServerSocket(serverPort, 0, loopback); serverPort = sslServerSocket.getLocalPort(); + System.out.println("Starting server at: " + + sslServerSocket.getInetAddress() + + ":" + serverPort); + /* * Signal Client, we're ready for his connect. */ @@ -145,11 +153,16 @@ void doClientSide() throws Exception { try { HttpsURLConnection http = null; /* establish http connection to server */ - URL url = new URL("https://localhost:" + serverPort+"/file1"); + URL url = URIBuilder.newBuilder() + .scheme("https") + .loopback() + .port(serverPort) + .path("/file1") + .toURL(); System.out.println("url is "+url.toString()); HttpsURLConnection.setDefaultHostnameVerifier( new NameVerifier()); - http = (HttpsURLConnection)url.openConnection(); + http = (HttpsURLConnection)url.openConnection(Proxy.NO_PROXY); int respCode = http.getResponseCode(); int cl = http.getContentLength(); InputStream is = http.getInputStream (); @@ -157,8 +170,13 @@ void doClientSide() throws Exception { while (is.read() != -1 && count++ < cl); System.out.println("respCode1 = "+respCode); Thread.sleep(2000); - url = new URL("https://localhost:" + serverPort+"/file2"); - http = (HttpsURLConnection)url.openConnection(); + url = URIBuilder.newBuilder() + .scheme("https") + .loopback() + .port(serverPort) + .path("/file2") + .toURL(); + http = (HttpsURLConnection)url.openConnection(Proxy.NO_PROXY); respCode = http.getResponseCode(); System.out.println("respCode2 = "+respCode); } catch (IOException ioex) { diff --git a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/TunnelProxy.java b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/TunnelProxy.java index a5d5441ee90..2326c57d9cf 100644 --- a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/TunnelProxy.java +++ b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/TunnelProxy.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -45,7 +45,8 @@ import java.util.Iterator; import java.util.Set; -import sun.net.www.MessageHeader; +import jdk.test.lib.net.HttpHeaderParser; + public class TunnelProxy { @@ -95,9 +96,30 @@ public TunnelProxy (int threads, int cperthread) */ public TunnelProxy (int threads, int cperthread, int port) + throws IOException { + this(threads, cperthread, null, 0); + } + + /** + * Create a TunnelProxy instance with the specified number + * of threads and maximum number of connections per thread and running on + * the specified port. The specified number of threads are created to + * handle incoming requests, and each thread is allowed + * to handle a number of simultaneous TCP connections. + * @param cb the callback object which is invoked to handle + * each incoming request + * @param threads the number of threads to create to handle + * requests in parallel + * @param cperthread the number of simultaneous TCP connections + * to handle per thread + * @param address the address to bind to. null means all addresses. + * @param port the port number to bind the server to. Zero + * means choose any free port. + */ + public TunnelProxy (int threads, int cperthread, InetAddress address, int port) throws IOException { schan = ServerSocketChannel.open (); - InetSocketAddress addr = new InetSocketAddress (port); + InetSocketAddress addr = new InetSocketAddress (address, port); schan.socket().bind (addr); this.threads = threads; this.cperthread = cperthread; @@ -241,9 +263,9 @@ private boolean read (SocketChannel chan, SelectionKey key) { boolean res; try { InputStream is = new BufferedInputStream (new NioInputStream (chan)); - String requestline = readLine (is); - MessageHeader mhead = new MessageHeader (is); - String[] req = requestline.split (" "); + HttpHeaderParser mHead = new HttpHeaderParser (is); + String requestLine = mHead.getRequestDetails(); + String[] req = requestLine.split (" "); if (req.length < 2) { /* invalid request line */ return false; diff --git a/test/jdk/sun/net/www/protocol/https/NewImpl/JavaxHostnameVerifier.java b/test/jdk/sun/net/www/protocol/https/NewImpl/JavaxHostnameVerifier.java index a02d7622c8b..7bea6383787 100644 --- a/test/jdk/sun/net/www/protocol/https/NewImpl/JavaxHostnameVerifier.java +++ b/test/jdk/sun/net/www/protocol/https/NewImpl/JavaxHostnameVerifier.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2001, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2001, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -135,8 +135,14 @@ void doServerSide() throws Exception { SSLServerSocketFactory sslssf = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault(); + + // doClientSide() connects to "localhost" + InetAddress localHost = InetAddress.getByName("localhost"); + InetSocketAddress address = new InetSocketAddress(localHost, serverPort); + SSLServerSocket sslServerSocket = - (SSLServerSocket) sslssf.createServerSocket(serverPort); + (SSLServerSocket) sslssf.createServerSocket(); + sslServerSocket.bind(address); serverPort = sslServerSocket.getLocalPort(); String ciphers[]= { "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA" }; @@ -205,7 +211,7 @@ void doClientSide() throws Exception { URL url = new URL("https://" + "localhost:" + serverPort + "/etc/hosts"); - URLConnection urlc = url.openConnection(); + URLConnection urlc = url.openConnection(Proxy.NO_PROXY); if (!(urlc instanceof javax.net.ssl.HttpsURLConnection)) { throw new Exception( diff --git a/test/jdk/sun/net/www/protocol/jar/B4957695.java b/test/jdk/sun/net/www/protocol/jar/B4957695.java index 6f9089d4971..bed00811ebd 100644 --- a/test/jdk/sun/net/www/protocol/jar/B4957695.java +++ b/test/jdk/sun/net/www/protocol/jar/B4957695.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -96,7 +96,10 @@ static void read (InputStream is) throws IOException { public static void main (String[] args) throws Exception { String tmpdir = System.getProperty("java.io.tmpdir"); String[] list1 = listTmpFiles(tmpdir); - ServerSocket serverSocket = new ServerSocket(0); + InetAddress localHost = InetAddress.getByName("localhost"); + InetSocketAddress address = new InetSocketAddress(localHost, 0); + ServerSocket serverSocket = new ServerSocket(); + serverSocket.bind(address); server = new Server(serverSocket); server.start(); int port = serverSocket.getLocalPort(); @@ -108,7 +111,9 @@ public static void main (String[] args) throws Exception { read (is); is.close(); } catch (IOException e) { - System.out.println ("Received IOException as expected"); + System.out.println ("Received IOException as expected: " + e); + } finally { + try {serverSocket.close();} catch (IOException x) {} } String[] list2 = listTmpFiles(tmpdir); if (!sameList (list1, list2)) { diff --git a/test/jdk/sun/nio/ch/TestMaxCachedBufferSize.java b/test/jdk/sun/nio/ch/TestMaxCachedBufferSize.java index 4f2d2907673..ef73a15256a 100644 --- a/test/jdk/sun/nio/ch/TestMaxCachedBufferSize.java +++ b/test/jdk/sun/nio/ch/TestMaxCachedBufferSize.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2016, 2021, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -22,39 +22,39 @@ */ import java.io.IOException; - import java.lang.management.BufferPoolMXBean; import java.lang.management.ManagementFactory; - import java.nio.ByteBuffer; - import java.nio.channels.FileChannel; - import java.nio.file.Path; import java.nio.file.Paths; +import java.util.List; +import java.util.SplittableRandom; +import java.util.concurrent.CountDownLatch; import static java.nio.file.StandardOpenOption.CREATE; import static java.nio.file.StandardOpenOption.TRUNCATE_EXISTING; import static java.nio.file.StandardOpenOption.WRITE; -import java.util.List; -import java.util.Random; -import java.util.concurrent.CountDownLatch; +import jdk.test.lib.RandomFactory; /* * @test * @requires sun.arch.data.model == "64" * @modules java.management + * @library /test/lib * @build TestMaxCachedBufferSize - * @run main/othervm TestMaxCachedBufferSize - * @run main/othervm -Djdk.nio.maxCachedBufferSize=0 TestMaxCachedBufferSize - * @run main/othervm -Djdk.nio.maxCachedBufferSize=2000 TestMaxCachedBufferSize - * @run main/othervm -Djdk.nio.maxCachedBufferSize=100000 TestMaxCachedBufferSize - * @run main/othervm -Djdk.nio.maxCachedBufferSize=10000000 TestMaxCachedBufferSize - * @summary Test the implementation of the jdk.nio.maxCachedBufferSize property. + * @run main/othervm/timeout=150 TestMaxCachedBufferSize + * @run main/othervm/timeout=150 -Djdk.nio.maxCachedBufferSize=0 TestMaxCachedBufferSize + * @run main/othervm/timeout=150 -Djdk.nio.maxCachedBufferSize=2000 TestMaxCachedBufferSize + * @run main/othervm/timeout=150 -Djdk.nio.maxCachedBufferSize=100000 TestMaxCachedBufferSize + * @run main/othervm/timeout=150 -Djdk.nio.maxCachedBufferSize=10000000 TestMaxCachedBufferSize + * @summary Test the implementation of the jdk.nio.maxCachedBufferSize property + * (use -Dseed=X to set PRNG seed) + * @key randomness */ public class TestMaxCachedBufferSize { - private static final int DEFAULT_ITERS = 10 * 1000; + private static final int DEFAULT_ITERS = 5 * 1000; private static final int DEFAULT_THREAD_NUM = 4; private static final int SMALL_BUFFER_MIN_SIZE = 4 * 1024; @@ -70,7 +70,9 @@ public class TestMaxCachedBufferSize { private static final int LARGE_BUFFER_FREQUENCY = 100; private static final String FILE_NAME_PREFIX = "nio-out-file-"; - private static final int VERBOSE_PERIOD = 5 * 1000; + private static final int VERBOSE_PERIOD = DEFAULT_ITERS / 10; + + private static final SplittableRandom SRAND = RandomFactory.getSplittableRandom(); private static int iters = DEFAULT_ITERS; private static int threadNum = DEFAULT_THREAD_NUM; @@ -86,6 +88,8 @@ private static BufferPoolMXBean getDirectPool() { throw new Error("could not find direct pool"); } private static final BufferPoolMXBean directPool = getDirectPool(); + private static long initialCount; + private static long initialCapacity; // Each worker will do write operations on a file channel using // buffers of various sizes. The buffer size is randomly chosen to @@ -95,7 +99,7 @@ private static BufferPoolMXBean getDirectPool() { private static class Worker implements Runnable { private final int id; private final CountDownLatch finishLatch, exitLatch; - private final Random random = new Random(); + private SplittableRandom random = SRAND.split(); private long smallBufferCount = 0; private long largeBufferCount = 0; @@ -177,8 +181,9 @@ public Worker(int id, CountDownLatch finishLatch, CountDownLatch exitLatch) { } public static void checkDirectBuffers(long expectedCount, long expectedMax) { - final long directCount = directPool.getCount(); - final long directTotalCapacity = directPool.getTotalCapacity(); + final long directCount = directPool.getCount() - initialCount; + final long directTotalCapacity = + directPool.getTotalCapacity() - initialCapacity; System.out.printf("Direct %d / %dK\n", directCount, directTotalCapacity / 1024); @@ -190,12 +195,15 @@ public static void checkDirectBuffers(long expectedCount, long expectedMax) { if (directTotalCapacity > expectedMax) { throw new Error(String.format( - "inconsistent direct buffer total capacity, expectex max = %d, found = %d", + "inconsistent direct buffer total capacity, expected max = %d, found = %d", expectedMax, directTotalCapacity)); } } public static void main(String[] args) { + initialCount = directPool.getCount(); + initialCapacity = directPool.getTotalCapacity(); + final String maxBufferSizeStr = System.getProperty("jdk.nio.maxCachedBufferSize"); final long maxBufferSize = (maxBufferSizeStr != null) ? Long.valueOf(maxBufferSizeStr) : Long.MAX_VALUE; diff --git a/test/jdk/sun/security/krb5/auto/HttpsCB.java b/test/jdk/sun/security/krb5/auto/HttpsCB.java index a763c60e1fc..6c8a01efb6e 100644 --- a/test/jdk/sun/security/krb5/auto/HttpsCB.java +++ b/test/jdk/sun/security/krb5/auto/HttpsCB.java @@ -24,8 +24,8 @@ /* * @test * @bug 8279842 8282293 - * @library /test/lib /lib/testlibrary - * @build jdk.testlibrary.SimpleSSLContext + * @library /test/lib + * @build jdk.test.lib.net.SimpleSSLContext * @modules java.base/sun.security.util * java.security.jgss/sun.security.jgss * java.security.jgss/sun.security.jgss.krb5 @@ -94,7 +94,7 @@ import javax.security.auth.Subject; import jdk.test.lib.Asserts; -import jdk.testlibrary.SimpleSSLContext; +import jdk.test.lib.net.SimpleSSLContext; import org.ietf.jgss.GSSContext; import org.ietf.jgss.GSSCredential; import org.ietf.jgss.GSSManager; diff --git a/test/jdk/sun/security/krb5/auto/MSOID2.java b/test/jdk/sun/security/krb5/auto/MSOID2.java index 3a3b3cf6c26..0b7545ffbe2 100644 --- a/test/jdk/sun/security/krb5/auto/MSOID2.java +++ b/test/jdk/sun/security/krb5/auto/MSOID2.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2015, 2020, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -32,7 +32,7 @@ */ import sun.security.jgss.GSSUtil; -import sun.security.util.HexDumpEncoder; +import jdk.test.lib.hexdump.HexPrinter; // The basic krb5 test skeleton you can copy from public class MSOID2 { @@ -72,7 +72,7 @@ public static void main(String[] args) throws Exception { nt[pos] = (byte)newLen; } t = nt; - new HexDumpEncoder().encodeBuffer(t, System.out); + HexPrinter.simple().format(t); } if (t != null || !s.x().isEstablished()) t = s.take(t); if (c.x().isEstablished() && s.x().isEstablished()) break; diff --git a/test/jdk/sun/security/krb5/etype/KerberosAesSha2.java b/test/jdk/sun/security/krb5/etype/KerberosAesSha2.java index 79c8053bf0a..c738e063e02 100644 --- a/test/jdk/sun/security/krb5/etype/KerberosAesSha2.java +++ b/test/jdk/sun/security/krb5/etype/KerberosAesSha2.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2017, 2020, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,6 +23,7 @@ /* * @test * @bug 8014628 + * @library /test/lib * @modules java.base/sun.security.util * java.security.jgss/sun.security.krb5.internal.crypto.dk:+open * @summary https://tools.ietf.org/html/rfc8009 Test Vectors @@ -33,7 +34,7 @@ import java.util.Arrays; import sun.security.krb5.internal.crypto.dk.AesSha2DkCrypto; -import sun.security.util.HexDumpEncoder; +import jdk.test.lib.hexdump.HexPrinter; public class KerberosAesSha2 { @@ -204,6 +205,6 @@ private static void check(byte[] b1, byte[] b2) throws Exception { } private static void dump(byte[] data) throws Exception { - new HexDumpEncoder().encodeBuffer(data, System.err); + HexPrinter.simple().dest(System.err).format(data); } } diff --git a/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java b/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java index df578274faa..a0e02b32319 100644 --- a/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java +++ b/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017, 2023, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -19,16 +19,16 @@ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA * or visit www.oracle.com if you need additional information or have any * questions. - * */ -/** +/* * @test * @bug 8189131 8198240 8191844 8189949 8191031 8196141 8204923 8195774 8199779 * 8209452 8209506 8210432 8195793 8216577 8222089 8222133 8222137 8222136 * 8223499 8225392 8232019 8234245 8233223 8225068 8225069 8243321 8243320 * 8243559 8225072 8258630 8259312 8256421 8225081 8225082 8225083 8245654 - * 8305975 8304760 8307134 8295894 + * 8305975 8304760 8307134 8295894 8314960 8317373 8317374 8318759 8319187 + * 8321408 8316138 8341057 * @summary Check root CA entries in cacerts file */ import java.io.ByteArrayInputStream; @@ -47,12 +47,13 @@ public class VerifyCACerts { + File.separator + "security" + File.separator + "cacerts"; // The numbers of certs now. - private static final int COUNT = 96; + private static final int COUNT = 112; // SHA-256 of cacerts, can be generated with // shasum -a 256 cacerts | sed -e 's/../&:/g' | tr '[:lower:]' '[:upper:]' | cut -c1-95 private static final String CHECKSUM - = "9B:AF:A2:BD:88:C9:74:05:7F:DD:F3:97:85:21:18:4A:52:F0:07:CC:46:FD:2B:90:BA:FB:57:09:18:3B:66:0F"; + = "8F:E0:6F:7F:21:59:33:A6:43:F3:48:FD:A3:4A:8E:28:35:AA:DD:6E:A5:43:56:F1:28:34:48:DF:5C:D2:7C:72"; + // map of cert alias to SHA-256 fingerprint @SuppressWarnings("serial") private static final Map FINGERPRINT_MAP = new HashMap<>() { @@ -143,6 +144,8 @@ public class VerifyCACerts { "5D:56:49:9B:E4:D2:E0:8B:CF:CA:D0:8A:3E:38:72:3D:50:50:3B:DE:70:69:48:E4:2F:55:60:30:19:E5:28:AE"); put("letsencryptisrgx1 [jdk]", "96:BC:EC:06:26:49:76:F3:74:60:77:9A:CF:28:C5:A7:CF:E8:A3:C0:AA:E1:1A:8F:FC:EE:05:C0:BD:DF:08:C6"); + put("letsencryptisrgx2 [jdk]", + "69:72:9B:8E:15:A8:6E:FC:17:7A:57:AF:B7:17:1D:FC:64:AD:D2:8C:2F:CA:8C:F1:50:7E:34:45:3C:CB:14:70"); put("luxtrustglobalrootca [jdk]", "A1:B2:DB:EB:64:E7:06:C6:16:9E:3C:41:18:B2:3B:AA:09:01:8A:84:27:66:6D:8B:F0:E2:88:91:EC:05:19:50"); put("quovadisrootca [jdk]", @@ -157,6 +160,14 @@ public class VerifyCACerts { "18:F1:FC:7F:20:5D:F8:AD:DD:EB:7F:E0:07:DD:57:E3:AF:37:5A:9C:4D:8D:73:54:6B:F4:F1:FE:D1:E1:8D:35"); put("quovadisrootca3g3 [jdk]", "88:EF:81:DE:20:2E:B0:18:45:2E:43:F8:64:72:5C:EA:5F:BD:1F:C2:D9:D2:05:73:07:09:C5:D8:B8:69:0F:46"); + put("digicertcseccrootg5 [jdk]", + "26:C5:6A:D2:20:8D:1E:9B:15:2F:66:85:3B:F4:79:7C:BE:B7:55:2C:1F:3F:47:72:51:E8:CB:1A:E7:E7:97:BF"); + put("digicertcsrsarootg5 [jdk]", + "73:53:B6:D6:C2:D6:DA:42:47:77:3F:3F:07:D0:75:DE:CB:51:34:21:2B:EA:D0:92:8E:F1:F4:61:15:26:09:41"); + put("digicerttlseccrootg5 [jdk]", + "01:8E:13:F0:77:25:32:CF:80:9B:D1:B1:72:81:86:72:83:FC:48:C6:E1:3B:E9:C6:98:12:85:4A:49:0C:1B:05"); + put("digicerttlsrsarootg5 [jdk]", + "37:1A:00:DC:05:33:B3:72:1A:7E:EB:40:E8:41:9E:70:79:9D:2B:0A:0F:2C:1D:80:69:31:65:F7:CE:C4:AD:75"); put("secomscrootca2 [jdk]", "51:3B:2C:EC:B8:10:D4:CD:E5:DD:85:39:1A:DF:C6:C2:DD:60:D8:7B:B7:36:D2:B5:21:48:4A:A4:7A:0E:BE:F6"); put("swisssigngoldg2ca [jdk]", @@ -249,6 +260,28 @@ public class VerifyCACerts { "34:D8:A7:3E:E2:08:D9:BC:DB:0D:95:65:20:93:4B:4E:40:E6:94:82:59:6E:8B:6F:73:C8:42:6B:01:0A:6F:48"); put("gtsrootecccar4 [jdk]", "34:9D:FA:40:58:C5:E2:63:12:3B:39:8A:E7:95:57:3C:4E:13:13:C8:3F:E6:8F:93:55:6C:D5:E8:03:1B:3C:7D"); + put("certignarootca [jdk]", + "D4:8D:3D:23:EE:DB:50:A4:59:E5:51:97:60:1C:27:77:4B:9D:7B:18:C9:4D:5A:05:95:11:A1:02:50:B9:31:68"); + put("teliarootcav2 [jdk]", + "24:2B:69:74:2F:CB:1E:5B:2A:BF:98:89:8B:94:57:21:87:54:4E:5B:4D:99:11:78:65:73:62:1F:6A:74:B8:2C"); + put("emsignrootcag1 [jdk]", + "40:F6:AF:03:46:A9:9A:A1:CD:1D:55:5A:4E:9C:CE:62:C7:F9:63:46:03:EE:40:66:15:83:3D:C8:C8:D0:03:67"); + put("emsigneccrootcag3 [jdk]", + "86:A1:EC:BA:08:9C:4A:8D:3B:BE:27:34:C6:12:BA:34:1D:81:3E:04:3C:F9:E8:A8:62:CD:5C:57:A3:6B:BE:6B"); + put("emsignrootcag2 [jdk]", + "1A:A0:C2:70:9E:83:1B:D6:E3:B5:12:9A:00:BA:41:F7:EE:EF:02:08:72:F1:E6:50:4B:F0:F6:C3:F2:4F:3A:F3"); + put("certainlyrootr1 [jdk]", + "77:B8:2C:D8:64:4C:43:05:F7:AC:C5:CB:15:6B:45:67:50:04:03:3D:51:C6:0C:62:02:A8:E0:C3:34:67:D3:A0"); + put("certainlyroote1 [jdk]", + "B4:58:5F:22:E4:AC:75:6A:4E:86:12:A1:36:1C:5D:9D:03:1A:93:FD:84:FE:BB:77:8F:A3:06:8B:0F:C4:2D:C2"); + put("globalsignr46 [jdk]", + "4F:A3:12:6D:8D:3A:11:D1:C4:85:5A:4F:80:7C:BA:D6:CF:91:9D:3A:5A:88:B0:3B:EA:2C:63:72:D9:3C:40:C9"); + put("globalsigne46 [jdk]", + "CB:B9:C4:4D:84:B8:04:3E:10:50:EA:31:A6:9F:51:49:55:D7:BF:D2:E2:C6:B4:93:01:01:9A:D6:1D:9F:50:58"); + put("ssltlsrootecc2022 [jdk]", + "C3:2F:FD:9F:46:F9:36:D1:6C:36:73:99:09:59:43:4B:9A:D6:0A:AF:BB:9E:7C:F3:36:54:F1:44:CC:1B:A1:43"); + put("ssltlsrootrsa2022 [jdk]", + "8F:AF:7D:2E:2C:B4:70:9B:B8:E0:B3:36:66:BF:75:A5:DD:45:B5:DE:48:0F:8E:A8:D4:BF:E6:BE:BC:17:F2:ED"); } }; diff --git a/test/jdk/sun/security/mscapi/KeytoolChangeAlias.java b/test/jdk/sun/security/mscapi/KeytoolChangeAlias.java index 4cf36977264..087e93dabec 100644 --- a/test/jdk/sun/security/mscapi/KeytoolChangeAlias.java +++ b/test/jdk/sun/security/mscapi/KeytoolChangeAlias.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2018, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,6 +25,7 @@ import jdk.test.lib.security.CertUtils; import java.security.KeyStore; +import java.security.SecureRandom; /* * @test @@ -35,15 +36,17 @@ */ public class KeytoolChangeAlias { public static void main(String[] args) throws Exception { - + SecureRandom random = new SecureRandom(); + String alias = Integer.toString(random.nextInt(8192 - 1000) + 1000); + String newAlias = alias + "1"; KeyStore ks = KeyStore.getInstance("Windows-MY"); ks.load(null, null); try { - ks.setCertificateEntry("246810", CertUtils.getCertFromFile("246810.cer")); + ks.setCertificateEntry(alias, CertUtils.getCertFromFile("246810.cer")); - if (ks.containsAlias("13579")) { - ks.deleteEntry("13579"); + if (ks.containsAlias(newAlias)) { + ks.deleteEntry(newAlias); } int before = ks.size(); @@ -52,8 +55,8 @@ public static void main(String[] args) throws Exception { SecurityTools.keytool("-changealias", "-storetype", "Windows-My", - "-alias", "246810", - "-destalias", "13579").shouldHaveExitValue(0); + "-alias", alias, + "-destalias", newAlias).shouldHaveExitValue(0); ks.load(null, null); @@ -63,13 +66,23 @@ public static void main(String[] args) throws Exception { + ". After: " + ks.size()); } - if (!ks.containsAlias("13579")) { + if (!ks.containsAlias(newAlias)) { throw new Exception("error: cannot find the new alias name" + " in the Windows-MY store"); } } finally { - ks.deleteEntry("13579"); - ks.deleteEntry("246810"); + try { + ks.deleteEntry(newAlias); + } catch (Exception e) { + System.err.println("Couldn't delete alias " + newAlias); + e.printStackTrace(System.err); + } + try { + ks.deleteEntry(alias); + } catch (Exception e) { + System.err.println("Couldn't delete alias " + alias); + e.printStackTrace(System.err); + } ks.store(null, null); } } diff --git a/test/jdk/sun/security/mscapi/PublicKeyInterop.java b/test/jdk/sun/security/mscapi/PublicKeyInterop.java index 85da7e041b1..f3b646bc372 100644 --- a/test/jdk/sun/security/mscapi/PublicKeyInterop.java +++ b/test/jdk/sun/security/mscapi/PublicKeyInterop.java @@ -35,7 +35,7 @@ import javax.crypto.*; import jdk.test.lib.SecurityTools; -import sun.security.util.HexDumpEncoder; +import jdk.test.lib.hexdump.HexPrinter; /* * Confirm interoperability of RSA public keys between SunMSCAPI and SunJCE @@ -84,29 +84,29 @@ static void run() throws Exception { System.out.println(); byte[] plain = new byte[] {0x01, 0x02, 0x03, 0x04, 0x05}; - HexDumpEncoder hde = new HexDumpEncoder(); - System.out.println("Plaintext:\n" + hde.encode(plain) + "\n"); + HexPrinter hp = HexPrinter.simple(); + System.out.println("Plaintext:\n" + hp.toString(plain) + "\n"); Cipher rsa = Cipher.getInstance("RSA/ECB/PKCS1Padding"); rsa.init(Cipher.ENCRYPT_MODE, myPuKey); byte[] encrypted = rsa.doFinal(plain); System.out.println("Encrypted plaintext using RSA Cipher from " + rsa.getProvider().getName() + " JCE provider\n"); - System.out.println(hde.encode(encrypted) + "\n"); + System.out.println(hp.toString(encrypted) + "\n"); Cipher rsa2 = Cipher.getInstance("RSA/ECB/PKCS1Padding", "SunMSCAPI"); rsa2.init(Cipher.ENCRYPT_MODE, myPuKey); byte[] encrypted2 = rsa2.doFinal(plain); System.out.println("Encrypted plaintext using RSA Cipher from " + rsa2.getProvider().getName() + " JCE provider\n"); - System.out.println(hde.encode(encrypted2) + "\n"); + System.out.println(hp.toString(encrypted2) + "\n"); Cipher rsa3 = Cipher.getInstance("RSA/ECB/PKCS1Padding", "SunMSCAPI"); rsa3.init(Cipher.DECRYPT_MODE, myPrKey); byte[] decrypted = rsa3.doFinal(encrypted); System.out.println("Decrypted first ciphertext using RSA Cipher from " + rsa3.getProvider().getName() + " JCE provider\n"); - System.out.println(hde.encode(decrypted) + "\n"); + System.out.println(hp.toString(decrypted) + "\n"); if (! Arrays.equals(plain, decrypted)) { throw new Exception("First decrypted ciphertext does not match " + "original plaintext"); @@ -115,7 +115,7 @@ static void run() throws Exception { decrypted = rsa3.doFinal(encrypted2); System.out.println("Decrypted second ciphertext using RSA Cipher from " + rsa3.getProvider().getName() + " JCE provider\n"); - System.out.println(hde.encode(decrypted) + "\n"); + System.out.println(hp.toString(decrypted) + "\n"); if (! Arrays.equals(plain, decrypted)) { throw new Exception("Second decrypted ciphertext does not match " + "original plaintext"); diff --git a/test/jdk/sun/security/pkcs/pkcs7/SignerOrder.java b/test/jdk/sun/security/pkcs/pkcs7/SignerOrder.java index ef247d5906a..875ca5935e4 100644 --- a/test/jdk/sun/security/pkcs/pkcs7/SignerOrder.java +++ b/test/jdk/sun/security/pkcs/pkcs7/SignerOrder.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2015, 2020, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,6 +25,7 @@ * @test * @bug 8048357 * @summary test PKCS7 data signing, encoding and verification + * @library /test/lib * @modules java.base/sun.security.pkcs * java.base/sun.security.util * java.base/sun.security.x509 @@ -40,7 +41,6 @@ import java.security.SignatureException; import java.security.cert.X509Certificate; import java.util.Date; -import sun.security.util.HexDumpEncoder; import sun.security.pkcs.ContentInfo; import sun.security.pkcs.PKCS7; import sun.security.pkcs.SignerInfo; @@ -55,11 +55,10 @@ import sun.security.x509.X509CertImpl; import sun.security.x509.X509CertInfo; import sun.security.x509.X509Key; +import jdk.test.lib.hexdump.HexPrinter; public class SignerOrder { - static final HexDumpEncoder hexDump = new HexDumpEncoder(); - //signer infos static final byte[] data1 = "12345".getBytes(); static final byte[] data2 = "abcde".getBytes(); @@ -120,7 +119,7 @@ static void printSignerInfos(SignerInfo signerInfo) throws IOException { signerInfo.derEncode(strm); System.out.println("SignerInfo, length: " + strm.toByteArray().length); - System.out.println(hexDump.encode(strm.toByteArray())); + HexPrinter.simple().format(strm.toByteArray()); System.out.println("\n"); strm.reset(); } @@ -131,7 +130,7 @@ static void printSignerInfos(SignerInfo[] signerInfos) throws IOException { signerInfos[i].derEncode(strm); System.out.println("SignerInfo[" + i + "], length: " + strm.toByteArray().length); - System.out.println(hexDump.encode(strm.toByteArray())); + HexPrinter.simple().format(strm.toByteArray()); System.out.println("\n"); strm.reset(); } diff --git a/test/jdk/sun/security/pkcs/pkcs8/PKCS8Test.java b/test/jdk/sun/security/pkcs/pkcs8/PKCS8Test.java index 1bd9f0e54e1..f0555ce59db 100644 --- a/test/jdk/sun/security/pkcs/pkcs8/PKCS8Test.java +++ b/test/jdk/sun/security/pkcs/pkcs8/PKCS8Test.java @@ -25,6 +25,7 @@ * @test * @bug 8048357 * @summary PKCS8 Standards Conformance Tests + * @library /test/lib * @requires (os.family != "solaris") * @modules java.base/sun.security.pkcs * java.base/sun.security.util @@ -42,18 +43,16 @@ import java.math.BigInteger; import java.security.InvalidKeyException; import java.util.Arrays; -import sun.security.util.HexDumpEncoder; import sun.security.pkcs.PKCS8Key; import sun.security.provider.DSAPrivateKey; import sun.security.util.DerOutputStream; import sun.security.util.DerValue; import sun.security.x509.AlgorithmId; +import jdk.test.lib.hexdump.HexPrinter; import static java.lang.System.out; public class PKCS8Test { - static final HexDumpEncoder hexDump = new HexDumpEncoder(); - static final DerOutputStream derOutput = new DerOutputStream(); static final String FORMAT = "PKCS#8"; @@ -281,6 +280,6 @@ public static void main(String[] args) static void dumpByteArray(String nm, byte[] bytes) throws IOException { out.println(nm + " length: " + bytes.length); - hexDump.encodeBuffer(bytes, out); + HexPrinter.simple().dest(out).format(bytes); } } diff --git a/test/jdk/sun/security/pkcs/pkcs9/UnknownAttribute.java b/test/jdk/sun/security/pkcs/pkcs9/UnknownAttribute.java index dbac0ca772f..333550d2ace 100644 --- a/test/jdk/sun/security/pkcs/pkcs9/UnknownAttribute.java +++ b/test/jdk/sun/security/pkcs/pkcs9/UnknownAttribute.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2013, 2020, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,6 +25,7 @@ * @test * @bug 8011867 8242151 * @summary Accept unknown PKCS #9 attributes + * @library /test/lib * @modules java.base/sun.security.pkcs * java.base/sun.security.util */ @@ -32,10 +33,10 @@ import java.io.*; import java.util.Arrays; -import sun.security.util.HexDumpEncoder; import sun.security.pkcs.PKCS9Attribute; import sun.security.util.DerValue; import sun.security.util.ObjectIdentifier; +import jdk.test.lib.hexdump.HexPrinter; public class UnknownAttribute { @@ -58,7 +59,7 @@ public static void main(String[] args) throws Exception { } ByteArrayOutputStream bout = new ByteArrayOutputStream(); p2.derEncode(bout); - new HexDumpEncoder().encodeBuffer(bout.toByteArray(), System.err); + HexPrinter.simple().dest(System.err).format(bout.toByteArray()); if (!Arrays.equals(data, bout.toByteArray())) { throw new Exception(); } diff --git a/test/jdk/sun/security/pkcs11/KeyStore/Basic.java b/test/jdk/sun/security/pkcs11/KeyStore/Basic.java index 56755e07103..f63419b97b1 100644 --- a/test/jdk/sun/security/pkcs11/KeyStore/Basic.java +++ b/test/jdk/sun/security/pkcs11/KeyStore/Basic.java @@ -58,6 +58,8 @@ import com.sun.security.auth.module.*; import com.sun.security.auth.callback.*; +import jtreg.SkippedException; +import org.testng.SkipException; import org.testng.annotations.BeforeClass; import org.testng.annotations.Test; @@ -113,7 +115,11 @@ public void setUp() throws Exception { @Test public void testBasic() throws Exception { String[] args = {"sm", "Basic.policy"}; - main(new Basic(), args); + try { + main(new Basic(), args); + } catch (SkippedException se) { + throw new SkipException("One or more tests are skipped"); + } } private static class FooEntry implements KeyStore.Entry { } diff --git a/test/jdk/sun/security/pkcs11/KeyStore/ClientAuth.java b/test/jdk/sun/security/pkcs11/KeyStore/ClientAuth.java index 5c609b26fd3..1af1258d173 100644 --- a/test/jdk/sun/security/pkcs11/KeyStore/ClientAuth.java +++ b/test/jdk/sun/security/pkcs11/KeyStore/ClientAuth.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -29,6 +29,8 @@ * @run testng/othervm ClientAuth */ +import jtreg.SkippedException; +import org.testng.SkipException; import org.testng.annotations.BeforeClass; import org.testng.annotations.Test; @@ -119,7 +121,11 @@ public void testClientAuthTLSv12AndCipherSuite() throws Exception { private void runTest(String[] args) throws Exception { System.out.println("Running with args: " + Arrays.toString(args)); parseArguments(args); - main(new ClientAuth()); + try { + main(new ClientAuth()); + } catch (SkippedException se) { + throw new SkipException("One or more tests are skipped"); + } } /* @@ -383,6 +389,10 @@ void startClient (boolean newThread) { * Our client thread just died. */ System.err.println("Client died..."); + // if the exception is thrown before connecting to the + // server, the test will time out and the exception will + // be lost/hidden. + e.printStackTrace(System.err); clientException = e; } }); diff --git a/test/jdk/sun/security/pkcs11/KeyStore/SecretKeysBasic.java b/test/jdk/sun/security/pkcs11/KeyStore/SecretKeysBasic.java index 741a38995ae..4d876604c01 100644 --- a/test/jdk/sun/security/pkcs11/KeyStore/SecretKeysBasic.java +++ b/test/jdk/sun/security/pkcs11/KeyStore/SecretKeysBasic.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2008, 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2008, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,6 +26,8 @@ * @library /test/lib .. * @run testng/othervm SecretKeysBasic */ +import jtreg.SkippedException; +import org.testng.SkipException; import org.testng.annotations.BeforeClass; import org.testng.annotations.Test; @@ -62,7 +64,11 @@ public void setUp() throws Exception { @Test public void testBasic() throws Exception { - main(new SecretKeysBasic()); + try { + main(new SecretKeysBasic()); + } catch (SkippedException se) { + throw new SkipException("One or more tests are skipped"); + } } public void main(Provider p) throws Exception { diff --git a/test/jdk/sun/security/pkcs11/PKCS11Test.java b/test/jdk/sun/security/pkcs11/PKCS11Test.java index b14daf6c6d7..1c0c8d6dcad 100644 --- a/test/jdk/sun/security/pkcs11/PKCS11Test.java +++ b/test/jdk/sun/security/pkcs11/PKCS11Test.java @@ -48,7 +48,6 @@ import java.security.spec.ECParameterSpec; import java.util.ArrayList; import java.util.Arrays; -import java.util.HashMap; import java.util.Iterator; import java.util.List; import java.util.Map; @@ -57,31 +56,51 @@ import java.util.ServiceConfigurationError; import java.util.ServiceLoader; import java.util.Set; +import java.util.regex.Matcher; +import java.util.regex.Pattern; +import java.util.stream.Collectors; +import jdk.test.lib.Platform; import jdk.test.lib.artifacts.Artifact; import jdk.test.lib.artifacts.ArtifactResolver; import jdk.test.lib.artifacts.ArtifactResolverException; +import jtreg.SkippedException; public abstract class PKCS11Test { - private boolean enableSM = false; - static final Properties props = System.getProperties(); - static final String PKCS11 = "PKCS11"; - // directory of the test source static final String BASE = System.getProperty("test.src", "."); - static final String TEST_CLASSES = System.getProperty("test.classes", "."); - static final char SEP = File.separatorChar; - private static final String DEFAULT_POLICY = - BASE + SEP + ".." + SEP + "policy"; + // Version of the NSS artifact. This coincides with the version of + // the NSS version + private static final String NSS_BUNDLE_VERSION = "3.91"; + private static final String NSSLIB = "jpg.tests.jdk.nsslib"; // directory corresponding to BASE in the /closed hierarchy static final String CLOSED_BASE; + private static final String DEFAULT_POLICY = BASE + SEP + ".." + SEP + "policy"; + private static final String PKCS11_REL_PATH = "sun/security/pkcs11"; + private static final char[] HEX_DIGITS = "0123456789abcdef".toCharArray(); + + static double nss_version = -1; + static ECCState nss_ecc_status = ECCState.Basic; + + // The NSS library we need to search for in getNSSLibDir() + // Default is "libsoftokn3.so", listed as "softokn3" + // The other is "libnss3.so", listed as "nss3". + static String nss_library = "softokn3"; + + // NSS versions of each library. It is simpler to keep nss_version + // for quick checking for generic testing than many if-else statements. + static double softoken3_version = -1; + static double nss3_version = -1; + static Provider pkcs11 = newPKCS11Provider(); + private static String PKCS11_BASE; + private static Map osMap; static { // hack @@ -96,21 +115,15 @@ public abstract class PKCS11Test { System.setProperty("closed.base", CLOSED_BASE); } - // NSS version info - public static enum ECCState { None, Basic, Extended }; - static double nss_version = -1; - static ECCState nss_ecc_status = ECCState.Extended; - - // The NSS library we need to search for in getNSSLibDir() - // Default is "libsoftokn3.so", listed as "softokn3" - // The other is "libnss3.so", listed as "nss3". - static String nss_library = "softokn3"; + static { + try { + PKCS11_BASE = getBase(); + } catch (Exception e) { + // ignore + } + } - // NSS versions of each library. It is simplier to keep nss_version - // for quick checking for generic testing than many if-else statements. - static double softoken3_version = -1; - static double nss3_version = -1; - static Provider pkcs11 = newPKCS11Provider(); + private boolean enableSM = false; // Utility methods // Used to backport HexFormat from 17. @@ -147,7 +160,7 @@ protected static String toHexString(byte[] block) { } public static Provider newPKCS11Provider() { - ServiceLoader sl = ServiceLoader.load(java.security.Provider.class); + ServiceLoader sl = ServiceLoader.load(java.security.Provider.class); Iterator iter = sl.iterator(); Provider p = null; boolean found = false; @@ -165,8 +178,8 @@ public static Provider newPKCS11Provider() { // Nothing found through ServiceLoader; fall back to reflection if (!found) { try { - Class clazz = Class.forName("sun.security.pkcs11.SunPKCS11"); - p = (Provider) clazz.newInstance(); + Class clazz = Class.forName("sun.security.pkcs11.SunPKCS11"); + p = (Provider) clazz.getDeclaredConstructor().newInstance(); } catch (Exception ex) { ex.printStackTrace(); } @@ -200,38 +213,6 @@ static Provider getSunPKCS11(String config, Provider p) throws Exception { return p.configure(config); } - public abstract void main(Provider p) throws Exception; - - protected boolean skipTest(Provider p) { - return false; - } - - private void premain(Provider p) throws Exception { - if (skipTest(p)) { - return; - } - - // set a security manager and policy before a test case runs, - // and disable them after the test case finished - try { - if (enableSM) { - System.setSecurityManager(new SecurityManager()); - } - long start = System.currentTimeMillis(); - System.out.printf( - "Running test with provider %s (security manager %s) ...%n", - p.getName(), enableSM ? "enabled" : "disabled"); - main(p); - long stop = System.currentTimeMillis(); - System.out.println("Completed test with provider " + p.getName() + - " (" + (stop - start) + " ms)."); - } finally { - if (enableSM) { - System.setSecurityManager(null); - } - } - } - public static void main(PKCS11Test test) throws Exception { main(test, null); } @@ -256,9 +237,39 @@ public static void main(PKCS11Test test, String[] args) throws Exception { Provider[] oldProviders = Security.getProviders(); try { System.out.println("Beginning test run " + test.getClass().getName() + "..."); - testDefault(test); - testNSS(test); - testDeimos(test); + boolean skippedDefault = false; + boolean skippedNSS = false; + boolean skippedDeimos = false; + + // Use separate try-catch for each test to allow all test run + try { + testDefault(test); + } catch (SkippedException se) { + System.out.println("testDefault: Skipped"); + skippedDefault = true; + se.printStackTrace(System.out); + } + + try { + testNSS(test); + } catch (SkippedException se) { + System.out.println("testNSS: Skipped"); + skippedNSS = true; + se.printStackTrace(System.out); + } + + try { + testDeimos(test); + } catch (SkippedException se) { + System.out.println("testDeimos: Skipped"); + skippedDeimos = true; + se.printStackTrace(System.out); + } + + if (skippedDefault && skippedNSS && skippedDeimos) { + throw new SkippedException("All tests are skipped, check logs"); + } + } finally { // NOTE: Do not place a 'return' in any finally block // as it will suppress exceptions and hide test failures. @@ -268,7 +279,7 @@ public static void main(PKCS11Test test, String[] args) throws Exception { // useful for ./Provider/Login.sh, where a SecurityManager exists. if (oldProviders.length == newProviders.length) { found = false; - for (int i = 0; i testDeimos: Starting test run"); + if ("true".equals(System.getProperty("NO_DEIMOS"))) { + System.out.println("Skip Deimos software as test configured with NO_DEIMOS"); return; } + + if (!new File("/opt/SUNWconn/lib/libpkcs11.so").isFile()) { + throw new SkippedException("testDeimos: \"/opt/SUNWconn/lib/libpkcs11.so\" " + + "file required for Deimos not found"); + } + String base = getBase(); String p11config = base + SEP + "nss" + SEP + "p11-deimos.txt"; Provider p = getSunPKCS11(p11config); test.premain(p); + System.out.println("testDeimos: Completed"); } + // Run test for default configured PKCS11 providers (if any) public static void testDefault(PKCS11Test test) throws Exception { - // run test for default configured PKCS11 providers (if any) + System.out.println("===> testDefault: Starting test run"); + boolean foundPKCS11 = false; if ("true".equals(System.getProperty("NO_DEFAULT"))) { + System.out.println("Skip default provider as test configured with NO_DEFAULT"); return; } Provider[] providers = Security.getProviders(); - for (int i = 0; i < providers.length; i++) { - Provider p = providers[i]; + for (Provider p : providers) { if (p.getName().startsWith("SunPKCS11-")) { + foundPKCS11 = true; test.premain(p); } } - } - private static String PKCS11_BASE; - static { - try { - PKCS11_BASE = getBase(); - } catch (Exception e) { - // ignore + if (!foundPKCS11) { + throw new SkippedException("testDefault: Skip default test as SunPKCS11 " + + "provider is not configured"); } - } - private final static String PKCS11_REL_PATH = "sun/security/pkcs11"; + System.out.println("testDefault: Completed"); + } public static String getBase() throws Exception { if (PKCS11_BASE != null) { @@ -336,7 +354,7 @@ public static String getBase() throws Exception { } cwd = cwd.getParentFile(); if (cwd == null) { - throw new Exception("Test root directory not found"); + throw new RuntimeException("Test root directory not found"); } } PKCS11_BASE = new File(cwd, PKCS11_REL_PATH.replace('/', SEP)).getAbsolutePath(); @@ -365,30 +383,19 @@ private static Path getNSSLibPath() throws Exception { static Path getNSSLibPath(String library) throws Exception { String osid = getOsId(); - String[] nssLibDirs = getNssLibPaths(osid); - if (nssLibDirs == null) { - System.out.println("Warning: unsupported OS: " + osid - + ", please initialize NSS librarys location firstly, skipping test"); - return null; - } - if (nssLibDirs.length == 0) { - System.out.println("Warning: NSS not supported on this platform, skipping test"); - return null; + String nssLibDir = fetchNssLib(osid); + if (nssLibDir == null) { + throw new SkippedException("Warning: unsupported OS: " + osid + + ", please initialize NSS library location, skipping test"); } - Path nssLibPath = null; - for (String dir : nssLibDirs) { - Path libPath = Paths.get(dir).resolve(System.mapLibraryName(library)); - if (Files.exists(libPath)) { - nssLibPath = libPath; - break; - } + String libraryName = System.mapLibraryName(library); + Path libPath = Paths.get(nssLibDir).resolve(libraryName); + if (!Files.exists(libPath)) { + throw new SkippedException("NSS library \"" + libraryName + "\" was not found in " + nssLibDir); } - if (nssLibPath == null) { - System.out.println("Warning: can't find NSS librarys on this machine, skipping test"); - return null; - } - return nssLibPath; + + return libPath; } private static String getOsId() { @@ -398,9 +405,8 @@ private static String getOsId() { } else if (osName.equals("Mac OS X")) { osName = "MacOSX"; } - String osid = osName + "-" + props.getProperty("os.arch") + "-" + return osName + "-" + props.getProperty("os.arch") + "-" + props.getProperty("sun.arch.data.model"); - return osid; } static boolean isBadNSSVersion(Provider p) { @@ -413,7 +419,7 @@ static boolean isBadNSSVersion(Provider p) { return false; } - protected static void safeReload(String lib) throws Exception { + protected static void safeReload(String lib) { try { System.load(lib); } catch (UnsatisfiedLinkError e) { @@ -423,11 +429,9 @@ protected static void safeReload(String lib) throws Exception { } } - static boolean loadNSPR(String libdir) throws Exception { + static boolean loadNSPR(String libdir) { // load NSS softoken dependencies in advance to avoid resolver issues - String dir = libdir.endsWith(File.separator) - ? libdir - : libdir + File.separator; + String dir = libdir.endsWith(File.separator) ? libdir : libdir + File.separator; safeReload(dir + System.mapLibraryName("nspr4")); safeReload(dir + System.mapLibraryName("plc4")); safeReload(dir + System.mapLibraryName("plds4")); @@ -438,7 +442,7 @@ static boolean loadNSPR(String libdir) throws Exception { // Check the provider being used is NSS public static boolean isNSS(Provider p) { - return p.getName().toUpperCase().equals("SUNPKCS11-NSS"); + return p.getName().equalsIgnoreCase("SUNPKCS11-NSS"); } static double getNSSVersion() { @@ -534,25 +538,25 @@ static double getNSSInfo(String library) { // the index after whitespace after nssHeader int afterheader = s.indexOf("NSS", i) + 4; - String version = String.valueOf(s.charAt(afterheader)); + StringBuilder version = new StringBuilder(String.valueOf(s.charAt(afterheader))); for (char c = s.charAt(++afterheader); - c == '.' || (c >= '0' && c <= '9'); - c = s.charAt(++afterheader)) { - version += c; + c == '.' || (c >= '0' && c <= '9'); + c = s.charAt(++afterheader)) { + version.append(c); } // If a "dot dot" release, strip the extra dots for double parsing - String[] dot = version.split("\\."); + String[] dot = version.toString().split("\\."); if (dot.length > 2) { - version = dot[0]+"."+dot[1]; + version = new StringBuilder(dot[0] + "." + dot[1]); for (int j = 2; dot.length > j; j++) { - version += dot[j]; + version.append(dot[j]); } } // Convert to double for easier version value checking try { - nss_version = Double.parseDouble(version); + nss_version = Double.parseDouble(version.toString()); } catch (NumberFormatException e) { System.out.println("===== Content start ====="); System.out.println(s); @@ -562,7 +566,7 @@ static double getNSSInfo(String library) { e.printStackTrace(); } - System.out.print("lib" + library + " version = "+version+". "); + System.out.print("library: " + library + ", version: " + version + ". "); // Check for ECC if (s.indexOf("Basic") > 0) { @@ -591,13 +595,15 @@ public static void useNSS() { // Run NSS testing on a Provider p configured with test nss config public static void testNSS(PKCS11Test test) throws Exception { + System.out.println("===> testNSS: Starting test run"); String nssConfig = getNssConfig(); if (nssConfig == null) { - // issue loading libraries - return; + throw new SkippedException("testNSS: Problem loading NSS libraries"); } + Provider p = getSunPKCS11(nssConfig); test.premain(p); + System.out.println("testNSS: Completed"); } public static String getNssConfig() throws Exception { @@ -606,7 +612,7 @@ public static String getNssConfig() throws Exception { return null; } - if (loadNSPR(libdir) == false) { + if (!loadNSPR(libdir)) { return null; } @@ -644,12 +650,12 @@ static List getKnownCurves(Provider p) throws Exception { if (kcProp == null) { throw new RuntimeException( - "\"AlgorithmParameters.EC SupportedCurves property\" not found"); + "\"AlgorithmParameters.EC SupportedCurves property\" not found"); } System.out.println("Finding supported curves using list from SunEC\n"); index = 0; - for (;;) { + for (; ; ) { // Each set of curve names is enclosed with brackets. begin = kcProp.indexOf('[', index); end = kcProp.indexOf(']', index); @@ -666,12 +672,12 @@ static List getKnownCurves(Provider p) throws Exception { end = kcProp.indexOf(',', begin); if (end == -1) { // Only one name in the set. - end = index -1; + end = index - 1; } curve = kcProp.substring(begin, end); getSupportedECParameterSpec(curve, p) - .ifPresent(spec -> results.add(spec)); + .ifPresent(spec -> results.add(spec)); } if (results.size() == 0) { @@ -682,9 +688,9 @@ static List getKnownCurves(Provider p) throws Exception { } static Optional getSupportedECParameterSpec(String curve, - Provider p) throws Exception { + Provider p) throws Exception { ECParameterSpec e = getECParameterSpec(p, curve); - System.out.print("\t "+ curve + ": "); + System.out.print("\t " + curve + ": "); try { KeyPairGenerator kpg = KeyPairGenerator.getInstance("EC", p); kpg.initialize(e); @@ -706,97 +712,13 @@ private static ECParameterSpec getECParameterSpec(Provider p, String name) throws Exception { AlgorithmParameters parameters = - AlgorithmParameters.getInstance("EC", p); + AlgorithmParameters.getInstance("EC", p); parameters.init(new ECGenParameterSpec(name)); return parameters.getParameterSpec(ECParameterSpec.class); } - // Check support for a curve with a provided Vector of EC support - boolean checkSupport(List supportedEC, - ECParameterSpec curve) { - for (ECParameterSpec ec: supportedEC) { - if (ec.equals(curve)) { - return true; - } - } - return false; - } - - private static Map osMap; - - // Location of the NSS libraries on each supported platform - private static Map getOsMap() { - if (osMap != null) { - return osMap; - } - - osMap = new HashMap<>(); - osMap.put("SunOS-sparc-32", new String[] { "/usr/lib/mps/" }); - osMap.put("SunOS-sparcv9-64", new String[] { "/usr/lib/mps/64/" }); - osMap.put("SunOS-x86-32", new String[] { "/usr/lib/mps/" }); - osMap.put("SunOS-amd64-64", new String[] { "/usr/lib/mps/64/" }); - osMap.put("Linux-i386-32", new String[] { - "/usr/lib/i386-linux-gnu/", - "/usr/lib32/", - "/usr/lib/" }); - osMap.put("Linux-amd64-64", new String[] { - "/usr/lib/x86_64-linux-gnu/", - "/usr/lib/x86_64-linux-gnu/nss/", - "/usr/lib64/" }); - osMap.put("Linux-ppc64-64", new String[] { "/usr/lib64/" }); - osMap.put("Linux-ppc64le-64", new String[] { "/usr/lib64/" }); - osMap.put("Linux-s390x-64", new String[] { "/usr/lib64/" }); - osMap.put("Windows-x86-32", new String[] {}); - osMap.put("Windows-amd64-64", new String[] {}); - osMap.put("MacOSX-x86_64-64", new String[] {}); - osMap.put("Linux-arm-32", new String[] { - "/usr/lib/arm-linux-gnueabi/nss/", - "/usr/lib/arm-linux-gnueabihf/nss/" }); - // Exclude linux-aarch64 at the moment until the following bug is fixed: - // 8296631: NSS tests failing on OL9 linux-aarch64 hosts -// osMap.put("Linux-aarch64-64", new String[] { -// "/usr/lib/aarch64-linux-gnu/", -// "/usr/lib/aarch64-linux-gnu/nss/", -// "/usr/lib64/" }); - return osMap; - } - - private static String[] getNssLibPaths(String osId) { - String[] preferablePaths = getPreferableNssLibPaths(osId); - if (preferablePaths.length != 0) { - return preferablePaths; - } else { - return getOsMap().get(osId); - } - } - - private static String[] getPreferableNssLibPaths(String osId) { - List nssLibPaths = new ArrayList<>(); - - String customNssLibPaths = System.getProperty("test.nss.lib.paths"); - if (customNssLibPaths == null) { - // If custom local NSS lib path is not provided, - // try to download NSS libs from artifactory - String path = fetchNssLib(osId); - if (path != null) { - nssLibPaths.add(path); - } - } else { - String[] paths = customNssLibPaths.split(","); - for (String path : paths) { - if (!path.endsWith(File.separator)) { - nssLibPaths.add(path + File.separator); - } else { - nssLibPaths.add(path); - } - } - } - - return nssLibPaths.toArray(new String[nssLibPaths.size()]); - } - private final static char[] hexDigits = "0123456789abcdef".toCharArray(); private static final String distro = distro(); @@ -817,8 +739,8 @@ public static String toString(byte[] b) { if (i != 0) { sb.append(':'); } - sb.append(hexDigits[k >>> 4]); - sb.append(hexDigits[k & 0xf]); + sb.append(HEX_DIGITS[k >>> 4]); + sb.append(HEX_DIGITS[k & 0xf]); } return sb.toString(); } @@ -864,20 +786,11 @@ private static int nextNibble(StringReader r) throws IOException { } } - T[] concat(T[] a, T[] b) { - if ((b == null) || (b.length == 0)) { - return a; - } - T[] r = Arrays.copyOf(a, a.length + b.length); - System.arraycopy(b, 0, r, a.length, b.length); - return r; - } - /** * Returns supported algorithms of specified type. */ static List getSupportedAlgorithms(String type, String alg, - Provider p) { + Provider p) { // prepare a list of supported algorithms List algorithms = new ArrayList<>(); Set services = p.getServices(); @@ -915,7 +828,7 @@ private static String distro() { static byte[] generateData(int length) { byte data[] = new byte[length]; - for (int i=0; i clazz) { String path = null; try { path = ArtifactResolver.resolve(clazz).entrySet().stream() - .findAny().get().getValue() + File.separator + "nsslib" - + File.separator; + .findAny().get().getValue() + File.separator + "nss" + + File.separator + "lib" + File.separator; } catch (ArtifactResolverException e) { Throwable cause = e.getCause(); if (cause == null) { @@ -960,6 +883,58 @@ private static String fetchNssLib(Class clazz) { return path; } + public abstract void main(Provider p) throws Exception; + + protected boolean skipTest(Provider p) { + return false; + } + + private void premain(Provider p) throws Exception { + if (skipTest(p)) { + return; + } + + // set a security manager and policy before a test case runs, + // and disable them after the test case finished + try { + if (enableSM) { + System.setSecurityManager(new SecurityManager()); + } + long start = System.currentTimeMillis(); + System.out.printf( + "Running test with provider %s (security manager %s) ...%n", + p.getName(), enableSM ? "enabled" : "disabled"); + main(p); + long stop = System.currentTimeMillis(); + System.out.println("Completed test with provider " + p.getName() + + " (" + (stop - start) + " ms)."); + } finally { + if (enableSM) { + System.setSecurityManager(null); + } + } + } + + // Check support for a curve with a provided Vector of EC support + boolean checkSupport(List supportedEC, + ECParameterSpec curve) { + for (ECParameterSpec ec : supportedEC) { + if (ec.equals(curve)) { + return true; + } + } + return false; + } + + T[] concat(T[] a, T[] b) { + if ((b == null) || (b.length == 0)) { + return a; + } + T[] r = Arrays.copyOf(a, a.length + b.length); + System.arraycopy(b, 0, r, a.length, b.length); + return r; + } + protected void setCommonSystemProps() { System.setProperty("java.security.debug", "true"); System.setProperty("NO_DEIMOS", "true"); @@ -985,31 +960,46 @@ protected void copyNssCertKeyToClassesDir(Path dbPath) throws IOException { StandardCopyOption.REPLACE_EXISTING); } + // NSS version info + public static enum ECCState {None, Basic, Extended} + @Artifact( - organization = "jpg.tests.jdk.nsslib", + organization = NSSLIB, name = "nsslib-windows_x64", - revision = "3.46-VS2017", + revision = NSS_BUNDLE_VERSION, extension = "zip") - private static class WINDOWS_X64 { } + private static class WINDOWS_X64 { + } @Artifact( - organization = "jpg.tests.jdk.nsslib", - name = "nsslib-windows_x86", - revision = "3.46-VS2017", + organization = NSSLIB, + name = "nsslib-macosx_x64", + revision = NSS_BUNDLE_VERSION, extension = "zip") - private static class WINDOWS_X86 { } + private static class MACOSX_X64 { + } @Artifact( - organization = "jpg.tests.jdk.nsslib", - name = "nsslib-macosx_x64", - revision = "3.46", + organization = NSSLIB, + name = "nsslib-macosx_aarch64", + revision = NSS_BUNDLE_VERSION, extension = "zip") - private static class MACOSX_X64 { } + private static class MACOSX_AARCH64 { + } @Artifact( - organization = "jpg.tests.jdk.nsslib", + organization = NSSLIB, name = "nsslib-linux_x64", - revision = "3.46", + revision = NSS_BUNDLE_VERSION, + extension = "zip") + private static class LINUX_X64 { + } + + @Artifact( + organization = NSSLIB, + name = "nsslib-linux_aarch64", + revision = NSS_BUNDLE_VERSION, extension = "zip") - private static class LINUX_X64 { } + private static class LINUX_AARCH64{ + } } diff --git a/test/jdk/sun/security/pkcs11/Provider/ConfigQuotedString.java b/test/jdk/sun/security/pkcs11/Provider/ConfigQuotedString.java index 24340647d1c..a6c2a9728e0 100644 --- a/test/jdk/sun/security/pkcs11/Provider/ConfigQuotedString.java +++ b/test/jdk/sun/security/pkcs11/Provider/ConfigQuotedString.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -28,6 +28,8 @@ * @run testng/othervm ConfigQuotedString */ +import jtreg.SkippedException; +import org.testng.SkipException; import org.testng.annotations.BeforeClass; import org.testng.annotations.Test; @@ -44,7 +46,11 @@ public void setUp() throws Exception { @Test public void testQuotedString() throws Exception { - main(new ConfigQuotedString()); + try { + main(new ConfigQuotedString()); + } catch (SkippedException se) { + throw new SkipException("One or more tests are skipped"); + } } public void main(Provider p) throws Exception { diff --git a/test/jdk/sun/security/pkcs11/Provider/Login.java b/test/jdk/sun/security/pkcs11/Provider/Login.java index 6d7063f2082..8bb39fe4906 100644 --- a/test/jdk/sun/security/pkcs11/Provider/Login.java +++ b/test/jdk/sun/security/pkcs11/Provider/Login.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -28,6 +28,8 @@ * @run testng/othervm Login */ +import jtreg.SkippedException; +import org.testng.SkipException; import org.testng.annotations.BeforeClass; import org.testng.annotations.Test; @@ -55,7 +57,11 @@ public void setUp() throws Exception { @Test public void testLogin() throws Exception { String[] args = new String[]{ "sm", "Login.policy"}; - main(new Login(), args); + try { + main(new Login(), args); + } catch (SkippedException se) { + throw new SkipException("One or more tests are skipped"); + } } public void main(Provider p) throws Exception { diff --git a/test/jdk/sun/security/pkcs11/Provider/MultipleLogins.java b/test/jdk/sun/security/pkcs11/Provider/MultipleLogins.java index 353a5b99a64..855abe50e7b 100644 --- a/test/jdk/sun/security/pkcs11/Provider/MultipleLogins.java +++ b/test/jdk/sun/security/pkcs11/Provider/MultipleLogins.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2021, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -21,6 +21,7 @@ * questions. */ + import sun.security.pkcs11.SunPKCS11; import javax.security.auth.Subject; @@ -32,12 +33,10 @@ import java.io.IOException; import java.lang.ref.WeakReference; import java.security.*; -import java.util.Iterator; import java.util.PropertyPermission; -import java.util.ServiceConfigurationError; -import java.util.ServiceLoader; import jdk.test.lib.util.ForceGC; +import jtreg.SkippedException; public class MultipleLogins { private static final String KS_TYPE = "PKCS11"; @@ -47,7 +46,13 @@ public class MultipleLogins { static final Policy DEFAULT_POLICY = Policy.getPolicy(); public static void main(String[] args) throws Exception { - String nssConfig = PKCS11Test.getNssConfig(); + String nssConfig = null; + try { + nssConfig = PKCS11Test.getNssConfig(); + } catch (SkippedException exc) { + System.out.println("Skipping test: " + exc.getMessage()); + } + if (nssConfig == null) { // No test framework support yet. Ignore System.out.println("No NSS config found. Skipping."); diff --git a/test/jdk/sun/security/pkcs11/Provider/MultipleLogins.sh b/test/jdk/sun/security/pkcs11/Provider/MultipleLogins.sh index 1e40fcfe981..c768834da7f 100644 --- a/test/jdk/sun/security/pkcs11/Provider/MultipleLogins.sh +++ b/test/jdk/sun/security/pkcs11/Provider/MultipleLogins.sh @@ -1,5 +1,5 @@ # -# Copyright (c) 2021, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2021, 2023, Oracle and/or its affiliates. All rights reserved. # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. # # This code is free software; you can redistribute it and/or modify it @@ -26,6 +26,7 @@ # @summary # @library /test/lib/ # @build jdk.test.lib.util.ForceGC +# jdk.test.lib.Platform # @run shell MultipleLogins.sh # set a few environment variables so that the shell-script can run stand-alone @@ -111,6 +112,7 @@ ${COMPILEJAVA}${FS}bin${FS}javac ${TESTJAVACOPTS} ${TESTTOOLVMOPTS} \ --add-modules jdk.crypto.cryptoki \ --add-exports jdk.crypto.cryptoki/sun.security.pkcs11=ALL-UNNAMED \ ${TESTSRC}${FS}..${FS}..${FS}..${FS}..${FS}..${FS}lib${FS}jdk${FS}test${FS}lib${FS}artifacts${FS}*.java \ + ${TESTSRC}${FS}..${FS}..${FS}..${FS}..${FS}..${FS}lib${FS}jtreg${FS}*.java \ ${TESTSRC}${FS}MultipleLogins.java \ ${TESTSRC}${FS}..${FS}PKCS11Test.java diff --git a/test/jdk/sun/security/pkcs11/README b/test/jdk/sun/security/pkcs11/README index 31efd034501..9b4c39dd41c 100644 --- a/test/jdk/sun/security/pkcs11/README +++ b/test/jdk/sun/security/pkcs11/README @@ -4,14 +4,15 @@ perform as a result of bugs or features in NSS or other pkcs11 libraries. - How to get NSS libraries? The libraries come from the following sources. -1. Specified by system property test.nss.lib.paths -System property test.nss.lib.paths can specify a set of absolute paths to -the local NSS library directories. The paths are separated by comma. +1. Specified by system property jdk.test.lib.artifacts. +The system property, jdk.test.lib.artifacts., can specify an absolute path +to the local NSS library directory. The component should be replaced with +the name element of the appropriate @Artifact class. +(See `test/jdk/sun/security/pkcs11/PKCS11Test.java`) 2. Pre-built NSS libraries from artifactory server -If the value of system property test.nss.lib.paths is not set, the tests will try -to download pre-built NSS libraries from artifactory server. Currently, the -tests only looks for libraries for Windows and MacOSX platforms on artifactory. +If the value of system property jdk.test.lib.artifacts. is not set, the +tests will try to download pre-built NSS libraries from artifactory server. Please note that JIB jar MUST be present in classpath when downloading the libraries. diff --git a/test/jdk/sun/security/pkcs11/SecmodTest.java b/test/jdk/sun/security/pkcs11/SecmodTest.java index 6ff6dd29acd..c5a01b0a739 100644 --- a/test/jdk/sun/security/pkcs11/SecmodTest.java +++ b/test/jdk/sun/security/pkcs11/SecmodTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -24,6 +24,8 @@ // common infrastructure for Secmod tests +import jtreg.SkippedException; + import java.io.*; import java.security.Provider; @@ -43,13 +45,11 @@ static void useSqlite(boolean b) { static boolean initSecmod() throws Exception { useNSS(); LIBPATH = getNSSLibDir(); - if (LIBPATH == null) { - return false; - } // load all the libraries except libnss3 into memory - if (loadNSPR(LIBPATH) == false) { - return false; + if ((LIBPATH == null) || (!loadNSPR(LIBPATH))) { + throw new SkippedException("Failed to load NSS libraries"); } + safeReload(LIBPATH + System.mapLibraryName("softokn3")); safeReload(LIBPATH + System.mapLibraryName("nssckbi")); diff --git a/test/jdk/sun/security/pkcs11/SecureRandom/Basic.java b/test/jdk/sun/security/pkcs11/SecureRandom/Basic.java index 381efb68942..3518b628f13 100644 --- a/test/jdk/sun/security/pkcs11/SecureRandom/Basic.java +++ b/test/jdk/sun/security/pkcs11/SecureRandom/Basic.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it diff --git a/test/jdk/sun/security/provider/KeyStore/DKSTest.java b/test/jdk/sun/security/provider/KeyStore/DKSTest.java index dc63e82ecbd..f1cc3ffcc2e 100644 --- a/test/jdk/sun/security/provider/KeyStore/DKSTest.java +++ b/test/jdk/sun/security/provider/KeyStore/DKSTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2013, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -22,25 +22,33 @@ */ /* - * see ./DKSTest.sh + * @test + * @bug 8007755 + * @library /test/lib + * @summary Support the logical grouping of keystores */ import java.io.*; import java.net.*; +import java.nio.file.Paths; import java.security.*; import java.security.KeyStore; import java.security.cert.*; import java.security.cert.Certificate; import java.util.*; +import jdk.test.lib.process.ProcessTools; +import jdk.test.lib.process.OutputAnalyzer; // Load and store entries in domain keystores public class DKSTest { private static final String TEST_SRC = System.getProperty("test.src"); - private static final String USER_DIR = System.getProperty("user.dir"); - private static final String CERT = TEST_SRC + "/../../pkcs12/trusted.pem"; - private static final String CONFIG = "file://" + TEST_SRC + "/domains.cfg"; + private static final String USER_DIR = System.getProperty("user.dir", "."); + private static final String CERT = Paths.get( + TEST_SRC, "..", "..", "pkcs12", "trusted.pem").toAbsolutePath().toString(); + private static final String CONFIG = Paths.get( + TEST_SRC, "domains.cfg").toUri().toString(); private static final Map PASSWORDS = new HashMap() {{ put("keystore", @@ -74,6 +82,18 @@ public class DKSTest { }}; public static void main(String[] args) throws Exception { + if (args.length == 0) { + // Environment variable and system properties referred in domains.cfg used by this Test. + ProcessBuilder pb = ProcessTools.createJavaProcessBuilder(List.of( + "-Dtest.src=" + TEST_SRC , "-Duser.dir=" + USER_DIR, "DKSTest", "run")); + pb.environment().putAll(System.getenv()); + pb.environment().put("KEYSTORE_PWD", "test12"); + pb.environment().put("TRUSTSTORE_PWD", "changeit"); + OutputAnalyzer output = ProcessTools.executeProcess(pb); + output.shouldHaveExitValue(0); + output.outputTo(System.out); + return; + } /* * domain keystore: keystores with wrong passwords */ diff --git a/test/jdk/sun/security/provider/KeyStore/DKSTest.sh b/test/jdk/sun/security/provider/KeyStore/DKSTest.sh deleted file mode 100644 index 99c7617dfa5..00000000000 --- a/test/jdk/sun/security/provider/KeyStore/DKSTest.sh +++ /dev/null @@ -1,76 +0,0 @@ -#! /bin/sh - -# -# Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. -# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. -# -# This code is free software; you can redistribute it and/or modify it -# under the terms of the GNU General Public License version 2 only, as -# published by the Free Software Foundation. -# -# This code is distributed in the hope that it will be useful, but WITHOUT -# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or -# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License -# version 2 for more details (a copy is included in the LICENSE file that -# accompanied this code). -# -# You should have received a copy of the GNU General Public License version -# 2 along with this work; if not, write to the Free Software Foundation, -# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# -# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA -# or visit www.oracle.com if you need additional information or have any -# questions. -# - -# @test -# @bug 8007755 -# @summary Support the logical grouping of keystores - -# set a few environment variables so that the shell-script can run stand-alone -# in the source directory -if [ "${TESTSRC}" = "" ] ; then - TESTSRC="." -fi - -if [ "${TESTCLASSES}" = "" ] ; then - TESTCLASSES="." -fi - -if [ "${TESTJAVA}" = "" ] ; then - echo "TESTJAVA not set. Test cannot execute." - echo "FAILED!!!" - exit 1 -fi - -if [ "${COMPILEJAVA}" = "" ]; then - COMPILEJAVA="${TESTJAVA}" -fi - -# set platform-dependent variables -OS=`uname -s` -case "$OS" in - SunOS | Linux | Darwin | AIX) - PS=":" - FS="/" - ;; - CYGWIN* ) - PS=";" - FS="/" - ;; - Windows* ) - PS=";" - FS="\\" - ;; - * ) - echo "Unrecognized system!" - exit 1; - ;; -esac - -${COMPILEJAVA}${FS}bin${FS}javac -d . ${TESTSRC}${FS}DKSTest.java - -KEYSTORE_PWD=test12 TRUSTSTORE_PWD=changeit \ - ${TESTJAVA}${FS}bin${FS}java ${TESTVMOPTS} -Dtest.src=${TESTSRC} DKSTest - -exit $status diff --git a/test/jdk/sun/security/provider/SecureRandom/AbstractDrbg/SpecTest.java b/test/jdk/sun/security/provider/SecureRandom/AbstractDrbg/SpecTest.java index 9ff9a1b9d51..c01aaf8b00e 100644 --- a/test/jdk/sun/security/provider/SecureRandom/AbstractDrbg/SpecTest.java +++ b/test/jdk/sun/security/provider/SecureRandom/AbstractDrbg/SpecTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2016, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,7 @@ * @bug 8051408 8157308 8130181 * @modules java.base/sun.security.provider * @build java.base/sun.security.provider.S - * @run main SpecTest + * @run main/othervm -Djava.security.egd=file:/dev/urandom SpecTest * @summary check the AbstractDrbg API etc */ diff --git a/test/jdk/sun/security/rsa/RSAPaddingCheck.java b/test/jdk/sun/security/rsa/RSAPaddingCheck.java new file mode 100644 index 00000000000..bce35dc082e --- /dev/null +++ b/test/jdk/sun/security/rsa/RSAPaddingCheck.java @@ -0,0 +1,63 @@ +/* + * Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ +/* + * @test + * @bug 8302017 + * @summary Ensure that RSAPadding class works as expected after refactoring + * @modules java.base/sun.security.rsa + */ +import java.util.Arrays; +import sun.security.rsa.RSAPadding; + +public class RSAPaddingCheck { + + private static int[] PADDING_TYPES = { + RSAPadding.PAD_BLOCKTYPE_1, + RSAPadding.PAD_BLOCKTYPE_2, + RSAPadding.PAD_NONE, + RSAPadding.PAD_OAEP_MGF1, + }; + + public static void main(String[] args) throws Exception { + int size = 2048 >> 3; + byte[] testData = "This is some random to-be-padded Data".getBytes(); + for (int type : PADDING_TYPES) { + byte[] data = (type == RSAPadding.PAD_NONE? + Arrays.copyOf(testData, size) : testData); + System.out.println("Testing PaddingType: " + type); + RSAPadding padding = RSAPadding.getInstance(type, size); + byte[] paddedData = padding.pad(data); + if (paddedData == null) { + throw new RuntimeException("Unexpected padding op failure!"); + } + + byte[] data2 = padding.unpad(paddedData); + if (data2 == null) { + throw new RuntimeException("Unexpected unpadding op failure!"); + } + if (!Arrays.equals(data, data2)) { + throw new RuntimeException("diff check failure!"); + } + } + } +} \ No newline at end of file diff --git a/test/jdk/sun/security/rsa/WithoutNULL.java b/test/jdk/sun/security/rsa/WithoutNULL.java new file mode 100644 index 00000000000..4a403c93941 --- /dev/null +++ b/test/jdk/sun/security/rsa/WithoutNULL.java @@ -0,0 +1,57 @@ +/* + * Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/** + * @test + * @bug 8320597 + * @summary Verify RSA signature with omitted digest params (should be encoded as NULL) + * for backward compatibility + */ +import java.security.KeyFactory; +import java.security.Signature; +import java.security.spec.X509EncodedKeySpec; +import java.util.Base64; + +public class WithoutNULL { + public static void main(String[] args) throws Exception { + + // A 1024-bit RSA public key + byte[] key = Base64.getMimeDecoder().decode( + "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrfTrEm4KvdFSpGAM7InrFEzALTKdphT9fK6Gu" + + "eVjHtKsuCSEaULCdjhJvPpFK40ONr1JEC1Ywp1UYrfBBdKunnbDZqNZL1cFv+IzF4Yj6JO6pOeHi" + + "1Zpur1GaQRRlYTvzmyWY/AATQDh8JfKObNnDVwXeezFODUG8h5+XL1ZXZQIDAQAB"); + + // A SHA1withRSA signature on an empty input where the digestAlgorithm + // inside DigestInfo does not have a parameters field. + byte[] sig = Base64.getMimeDecoder().decode( + "D1FpiT44WEXlDfYK880bdorLO+e9qJVXZWiBgqs9dfK7lYQwyEt9dL23mbUAKm5TVEj2ZxtHkEvk" + + "b8oaWkxk069jDTM1RhllPJZkAjeQRbw4gkg4N6wKZz9B/jdSRMNJg/b9QdRYZOHOBxsEHMbUREPV" + + "DoCOLaxB8eIXX0EWkiE="); + + Signature s = Signature.getInstance("SHA1withRSA", "SunRsaSign"); + s.initVerify(KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(key))); + if (!s.verify(sig)) { + throw new RuntimeException("Does not verify"); + } + } +} diff --git a/test/jdk/sun/security/ssl/ALPN/AlpnGreaseTest.java b/test/jdk/sun/security/ssl/ALPN/AlpnGreaseTest.java index d3c656043a2..66efefeee4a 100644 --- a/test/jdk/sun/security/ssl/ALPN/AlpnGreaseTest.java +++ b/test/jdk/sun/security/ssl/ALPN/AlpnGreaseTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2020, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -83,7 +83,7 @@ public class AlpnGreaseTest implements SSLContextTemplate { new String(greaseBytes, StandardCharsets.ISO_8859_1); private static void findGreaseInClientHello(byte[] bytes) throws Exception { - for (int i = 0; i < bytes.length - greaseBytes.length; i++) { + for (int i = 0; i < bytes.length - greaseBytes.length + 1; i++) { if (Arrays.equals(bytes, i, i + greaseBytes.length, greaseBytes, 0, greaseBytes.length)) { System.out.println("Found greaseBytes in ClientHello at: " + i); diff --git a/test/jdk/sun/security/ssl/SSLContextImpl/SSLContextDefault.java b/test/jdk/sun/security/ssl/SSLContextImpl/SSLContextDefault.java index b0327d69a66..7a790e72a1e 100644 --- a/test/jdk/sun/security/ssl/SSLContextImpl/SSLContextDefault.java +++ b/test/jdk/sun/security/ssl/SSLContextImpl/SSLContextDefault.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2020, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -28,8 +28,9 @@ /* * @test - * @bug 8202343 - * @summary Check that SSLv3, TLSv1 and TLSv1.1 are disabled by default + * @bug 8202343 8256660 + * @summary Check that SSLv3, TLSv1, TLSv1.1, and DTLSv1.0 are disabled + * by default * @run main/othervm SSLContextDefault */ @@ -38,26 +39,43 @@ public class SSLContextDefault { - private final static String[] protocols = { + private static final String[] tlsProtocols = { "", "SSL", "TLS", "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3" }; - private final static List disabledProtocols = List.of( + private static final String[] dtlsProtocols = { + "DTLS", "DTLSv1.0", "DTLSv1.2" + }; + + private static final List disabledTlsProtocols = List.of( "SSLv3", "TLSv1", "TLSv1.1" ); + private static final List disabledDtlsProtocols = List.of( + "DTLSv1.0" + ); + public static void main(String[] args) throws Exception { - for (String protocol : protocols) { - System.out.println("//"); - System.out.println("// " + "Testing for SSLContext of " + - (protocol.isEmpty() ? "" : protocol)); - System.out.println("//"); - checkForProtocols(protocol); - System.out.println(); + for (String tlsProtocol : tlsProtocols) { + testProtocol(tlsProtocol, disabledTlsProtocols); + } + for (String dtlsProtocol : dtlsProtocols) { + testProtocol(dtlsProtocol, disabledDtlsProtocols); } } - public static void checkForProtocols(String protocol) throws Exception { + private static void testProtocol(String protocol, + List disabledProtocols) throws Exception { + System.out.println("//"); + System.out.println("// " + "Testing for SSLContext of " + + (protocol.isEmpty() ? "" : protocol)); + System.out.println("//"); + checkForProtocols(protocol, disabledProtocols); + System.out.println(); + } + + private static void checkForProtocols(String protocol, + List disabledProtocols) throws Exception { SSLContext context; if (protocol.isEmpty()) { context = SSLContext.getDefault(); @@ -68,32 +86,35 @@ public static void checkForProtocols(String protocol) throws Exception { // check for the presence of supported protocols of SSLContext SSLParameters parameters = context.getSupportedSSLParameters(); - checkProtocols(parameters.getProtocols(), + checkProtocols(parameters.getProtocols(), disabledProtocols, "Supported protocols in SSLContext", false); - // check for the presence of default protocols of SSLContext parameters = context.getDefaultSSLParameters(); - checkProtocols(parameters.getProtocols(), + checkProtocols(parameters.getProtocols(), disabledProtocols, "Enabled protocols in SSLContext", true); // check for the presence of supported protocols of SSLEngine SSLEngine engine = context.createSSLEngine(); - checkProtocols(engine.getSupportedProtocols(), + checkProtocols(engine.getSupportedProtocols(), disabledProtocols, "Supported protocols in SSLEngine", false); // Check for the presence of default protocols of SSLEngine - checkProtocols(engine.getEnabledProtocols(), + checkProtocols(engine.getEnabledProtocols(), disabledProtocols, "Enabled protocols in SSLEngine", true); + if (protocol.startsWith("DTLS")) { + return; + } + SSLSocketFactory factory = context.getSocketFactory(); try (SSLSocket socket = (SSLSocket)factory.createSocket()) { // check for the presence of supported protocols of SSLSocket - checkProtocols(socket.getSupportedProtocols(), + checkProtocols(socket.getSupportedProtocols(), disabledProtocols, "Supported cipher suites in SSLSocket", false); // Check for the presence of default protocols of SSLSocket - checkProtocols(socket.getEnabledProtocols(), + checkProtocols(socket.getEnabledProtocols(), disabledProtocols, "Enabled protocols in SSLSocket", true); } @@ -102,16 +123,19 @@ public static void checkForProtocols(String protocol) throws Exception { (SSLServerSocket)serverFactory.createServerSocket()) { // check for the presence of supported protocols of SSLServerSocket checkProtocols(serverSocket.getSupportedProtocols(), - "Supported cipher suites in SSLServerSocket", false); + disabledProtocols, "Supported cipher suites in SSLServerSocket", + false); // Check for the presence of default protocols of SSLServerSocket checkProtocols(serverSocket.getEnabledProtocols(), - "Enabled protocols in SSLServerSocket", true); + disabledProtocols, "Enabled protocols in SSLServerSocket", + true); } } private static void checkProtocols(String[] protocols, - String title, boolean disabled) throws Exception { + List disabledProtocols, String title, boolean disabled) + throws Exception { showProtocols(protocols, title); if (disabled) { diff --git a/test/jdk/sun/security/ssl/SSLSocketImpl/SSLSocketKeyLimit.java b/test/jdk/sun/security/ssl/SSLSocketImpl/SSLSocketKeyLimit.java index f87effe9dce..8b19d39af7e 100644 --- a/test/jdk/sun/security/ssl/SSLSocketImpl/SSLSocketKeyLimit.java +++ b/test/jdk/sun/security/ssl/SSLSocketImpl/SSLSocketKeyLimit.java @@ -69,7 +69,7 @@ import jdk.test.lib.process.OutputAnalyzer; import jdk.test.lib.process.ProcessTools; import jdk.test.lib.Utils; -import sun.security.util.HexDumpEncoder; +import jdk.test.lib.hexdump.HexPrinter; public class SSLSocketKeyLimit { SSLSocket socket; @@ -227,7 +227,7 @@ void read(SSLSocket s) throws Exception { continue; } System.out.println("\nData invalid: " + - new HexDumpEncoder().encode(buf)); + HexPrinter.minimal().toString(buf)); break; } diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/Symantec/Distrust.java b/test/jdk/sun/security/ssl/X509TrustManagerImpl/Symantec/Distrust.java deleted file mode 100644 index ba008c68cdc..00000000000 --- a/test/jdk/sun/security/ssl/X509TrustManagerImpl/Symantec/Distrust.java +++ /dev/null @@ -1,292 +0,0 @@ -/* - * Copyright (c) 2018, 2022, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -import java.io.*; -import java.math.BigInteger; -import java.security.*; -import java.security.cert.*; -import java.time.*; -import java.util.*; -import javax.net.ssl.*; -import sun.security.validator.Validator; -import sun.security.validator.ValidatorException; - -import jdk.test.lib.security.SecurityUtils; - -/** - * @test - * @bug 8207258 8216280 - * @summary Check that TLS Server certificates chaining back to distrusted - * Symantec roots are invalid - * @library /test/lib - * @modules java.base/sun.security.validator - * @run main/othervm Distrust after policyOn invalid - * @run main/othervm Distrust after policyOff valid - * @run main/othervm Distrust before policyOn valid - * @run main/othervm Distrust before policyOff valid - */ - -public class Distrust { - - private static final String TEST_SRC = System.getProperty("test.src", "."); - private static CertificateFactory cf; - - // Each of the roots have a test certificate chain stored in a file - // named "-chain.pem". - private static String[] rootsToTest = new String[] { - "geotrustprimarycag2", "geotrustprimarycag3", - "geotrustuniversalca", "thawteprimaryrootca", "thawteprimaryrootcag2", - "thawteprimaryrootcag3", "verisignclass3g3ca", "verisignclass3g4ca", - "verisignclass3g5ca", "verisignuniversalrootca" }; - - // Each of the subCAs with a delayed distrust date have a test certificate - // chain stored in a file named "-chain.pem". - private static String[] subCAsToTest = new String[]{"appleistca8g1"}; - - // A date that is after the restrictions take affect - private static final Date APRIL_17_2019 = - Date.from(LocalDate.of(2019, 4, 17) - .atStartOfDay(ZoneOffset.UTC) - .toInstant()); - - // A date that is a second before the restrictions take affect - private static final Date BEFORE_APRIL_17_2019 = - Date.from(LocalDate.of(2019, 4, 17) - .atStartOfDay(ZoneOffset.UTC) - .minusSeconds(1) - .toInstant()); - - // A date that is after the subCA restrictions take affect - private static final Date JANUARY_1_2020 = - Date.from(LocalDate.of(2020, 1, 1) - .atStartOfDay(ZoneOffset.UTC) - .toInstant()); - - // A date that is a second before the subCA restrictions take affect - private static final Date BEFORE_JANUARY_1_2020 = - Date.from(LocalDate.of(2020, 1, 1) - .atStartOfDay(ZoneOffset.UTC) - .minusSeconds(1) - .toInstant()); - - public static void main(String[] args) throws Exception { - - cf = CertificateFactory.getInstance("X.509"); - - boolean before = args[0].equals("before"); - boolean policyOn = args[1].equals("policyOn"); - boolean isValid = args[2].equals("valid"); - - if (!policyOn) { - // disable policy (default is on) - Security.setProperty("jdk.security.caDistrustPolicies", ""); - } - - Date notBefore = before ? BEFORE_APRIL_17_2019 : APRIL_17_2019; - - X509TrustManager pkixTM = getTMF("PKIX", null); - X509TrustManager sunX509TM = getTMF("SunX509", null); - for (String test : rootsToTest) { - System.err.println("Testing " + test); - X509Certificate[] chain = loadCertificateChain(test); - - testTM(sunX509TM, chain, notBefore, isValid); - testTM(pkixTM, chain, notBefore, isValid); - } - - // test chain if params are passed to TrustManager - System.err.println("Testing verisignuniversalrootca with params"); - testTM(getTMF("PKIX", getParams()), - loadCertificateChain("verisignuniversalrootca"), - notBefore, isValid); - - // test code-signing chain (should be valid as restrictions don't apply) - System.err.println("Testing verisignclass3g5ca code-signing chain"); - Validator v = Validator.getInstance(Validator.TYPE_PKIX, - Validator.VAR_CODE_SIGNING, - getParams()); - // set validation date so this will still pass when cert expires - v.setValidationDate(new Date(1544197375493l)); - v.validate(loadCertificateChain("verisignclass3g5ca-codesigning")); - - // test chains issued through subCAs - notBefore = before ? BEFORE_JANUARY_1_2020 : JANUARY_1_2020; - for (String test : subCAsToTest) { - System.err.println("Testing " + test); - X509Certificate[] chain = loadCertificateChain(test); - - testTM(sunX509TM, chain, notBefore, isValid); - testTM(pkixTM, chain, notBefore, isValid); - } - } - - private static X509TrustManager getTMF(String type, - PKIXBuilderParameters params) throws Exception { - TrustManagerFactory tmf = TrustManagerFactory.getInstance(type); - if (params == null) { - tmf.init((KeyStore)null); - } else { - tmf.init(new CertPathTrustManagerParameters(params)); - } - TrustManager[] tms = tmf.getTrustManagers(); - for (TrustManager tm : tms) { - X509TrustManager xtm = (X509TrustManager)tm; - return xtm; - } - throw new Exception("No TrustManager for " + type); - } - - private static PKIXBuilderParameters getParams() throws Exception { - PKIXBuilderParameters pbp = - new PKIXBuilderParameters(SecurityUtils.getCacertsKeyStore(), - new X509CertSelector()); - pbp.setRevocationEnabled(false); - return pbp; - } - - private static void testTM(X509TrustManager xtm, X509Certificate[] chain, - Date notBefore, boolean valid) throws Exception { - // Check if TLS Server certificate (the first element of the chain) - // is issued after the specified notBefore date (should be rejected - // unless distrust property is false). To do this, we need to - // fake the notBefore date since none of the test certs are issued - // after then. - chain[0] = new DistrustedTLSServerCert(chain[0], notBefore); - - try { - xtm.checkServerTrusted(chain, "ECDHE_RSA"); - if (!valid) { - throw new Exception("chain should be invalid"); - } - } catch (CertificateException ce) { - // expired TLS certificates should not be treated as failure - if (expired(ce)) { - System.err.println("Test is N/A, chain is expired"); - return; - } - if (valid) { - throw new Exception("Unexpected exception, chain " + - "should be valid", ce); - } - if (ce instanceof ValidatorException) { - ValidatorException ve = (ValidatorException)ce; - if (ve.getErrorType() != ValidatorException.T_UNTRUSTED_CERT) { - ce.printStackTrace(System.err); - throw new Exception("Unexpected exception: " + ce); - } - } else { - throw new Exception("Unexpected exception: " + ce); - } - } - } - - // check if a cause of exception is an expired cert - private static boolean expired(CertificateException ce) { - if (ce instanceof CertificateExpiredException) { - return true; - } - Throwable t = ce.getCause(); - while (t != null) { - if (t instanceof CertificateExpiredException) { - return true; - } - t = t.getCause(); - } - return false; - } - - private static X509Certificate[] loadCertificateChain(String name) - throws Exception { - try (InputStream in = new FileInputStream(TEST_SRC + File.separator + - name + "-chain.pem")) { - Collection certs = - (Collection)cf.generateCertificates(in); - return certs.toArray(new X509Certificate[0]); - } - } - - private static class DistrustedTLSServerCert extends X509Certificate { - private final X509Certificate cert; - private final Date notBefore; - DistrustedTLSServerCert(X509Certificate cert, Date notBefore) { - this.cert = cert; - this.notBefore = notBefore; - } - public Set getCriticalExtensionOIDs() { - return cert.getCriticalExtensionOIDs(); - } - public byte[] getExtensionValue(String oid) { - return cert.getExtensionValue(oid); - } - public Set getNonCriticalExtensionOIDs() { - return cert.getNonCriticalExtensionOIDs(); - } - public boolean hasUnsupportedCriticalExtension() { - return cert.hasUnsupportedCriticalExtension(); - } - public void checkValidity() throws CertificateExpiredException, - CertificateNotYetValidException { - // always pass - } - public void checkValidity(Date date) throws CertificateExpiredException, - CertificateNotYetValidException { - // always pass - } - public int getVersion() { return cert.getVersion(); } - public BigInteger getSerialNumber() { return cert.getSerialNumber(); } - public Principal getIssuerDN() { return cert.getIssuerDN(); } - public Principal getSubjectDN() { return cert.getSubjectDN(); } - public Date getNotBefore() { return notBefore; } - public Date getNotAfter() { return cert.getNotAfter(); } - public byte[] getTBSCertificate() throws CertificateEncodingException { - return cert.getTBSCertificate(); - } - public byte[] getSignature() { return cert.getSignature(); } - public String getSigAlgName() { return cert.getSigAlgName(); } - public String getSigAlgOID() { return cert.getSigAlgOID(); } - public byte[] getSigAlgParams() { return cert.getSigAlgParams(); } - public boolean[] getIssuerUniqueID() { - return cert.getIssuerUniqueID(); - } - public boolean[] getSubjectUniqueID() { - return cert.getSubjectUniqueID(); - } - public boolean[] getKeyUsage() { return cert.getKeyUsage(); } - public int getBasicConstraints() { return cert.getBasicConstraints(); } - public byte[] getEncoded() throws CertificateEncodingException { - return cert.getEncoded(); - } - public void verify(PublicKey key) throws CertificateException, - InvalidKeyException, NoSuchAlgorithmException, - NoSuchProviderException, SignatureException { - cert.verify(key); - } - public void verify(PublicKey key, String sigProvider) throws - CertificateException, InvalidKeyException, NoSuchAlgorithmException, - NoSuchProviderException, SignatureException { - cert.verify(key, sigProvider); - } - public PublicKey getPublicKey() { return cert.getPublicKey(); } - public String toString() { return cert.toString(); } - } -} diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/Camerfirma.java b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/Camerfirma.java new file mode 100644 index 00000000000..50a723441a5 --- /dev/null +++ b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/Camerfirma.java @@ -0,0 +1,75 @@ +/* + * Copyright (c) 2025, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.io.File; +import java.security.Security; +import java.time.*; +import java.util.*; +import javax.net.ssl.*; + +/** + * @test + * @bug 8346587 + * @summary Check that TLS Server certificates chaining back to distrusted + * Camerfirma roots are invalid + * @library /test/lib + * @modules java.base/sun.security.validator + * @run main/othervm Camerfirma after policyOn invalid + * @run main/othervm Camerfirma after policyOff valid + * @run main/othervm Camerfirma before policyOn valid + * @run main/othervm Camerfirma before policyOff valid + */ + +public class Camerfirma { + + private static final String certPath = "chains" + File.separator + "camerfirma"; + + // Each of the roots have a test certificate chain stored in a file + // named "-chain.pem". + private static String[] rootsToTest = new String[] { + "camerfirmachamberscommerceca", "camerfirmachambersca", + "camerfirmachambersignca"}; + + // Date after the restrictions take effect + private static final ZonedDateTime DISTRUST_DATE = + LocalDate.of(2025, 04, 16).atStartOfDay(ZoneOffset.UTC); + + public static void main(String[] args) throws Exception { + + // All of the test certificates are signed with SHA-1 so we need + // to remove the constraint that disallows SHA-1 certificates. + String prop = Security.getProperty("jdk.certpath.disabledAlgorithms"); + String newProp = prop.replace(", SHA1 jdkCA & usage TLSServer", ""); + Security.setProperty("jdk.certpath.disabledAlgorithms", newProp); + + Distrust distrust = new Distrust(args); + + X509TrustManager[] tms = new X509TrustManager[]{ + distrust.getTMF("PKIX", null), + distrust.getTMF("SunX509", null) + }; + + Date notBefore = distrust.getNotBefore(DISTRUST_DATE); + distrust.testCertificateChain(certPath, notBefore, tms, rootsToTest); + } +} diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/Distrust.java b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/Distrust.java new file mode 100644 index 00000000000..3430a1b8276 --- /dev/null +++ b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/Distrust.java @@ -0,0 +1,234 @@ +/* + * Copyright (c) 2024, 2025, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.io.*; +import java.math.BigInteger; +import java.security.*; +import java.security.cert.*; +import java.time.ZonedDateTime; +import java.util.*; +import javax.net.ssl.*; +import sun.security.validator.Validator; +import sun.security.validator.ValidatorException; + +import jdk.test.lib.security.SecurityUtils; + +/** + * Helper class that provides methods to facilitate testing of distrusted roots. + */ +public final class Distrust { + + private static final String TEST_SRC = System.getProperty("test.src", "."); + private static CertificateFactory cf; + + private final boolean before; + private final boolean policyOn; + private final boolean isValid; + + public Distrust(String[] args) { + before = args[0].equals("before"); + policyOn = args[1].equals("policyOn"); + isValid = args[2].equals("valid"); + + if (!policyOn) { + // disable policy (default is on) + Security.setProperty("jdk.security.caDistrustPolicies", ""); + } + } + + public Date getNotBefore(ZonedDateTime distrustDate) { + ZonedDateTime notBefore = before ? distrustDate.minusSeconds(1) : distrustDate; + return Date.from(notBefore.toInstant()); + } + + public void testCodeSigningChain(String certPath, String name, Date validationDate) + throws Exception { + System.err.println("Testing " + name + " code-signing chain"); + Validator v = Validator.getInstance(Validator.TYPE_PKIX, + Validator.VAR_CODE_SIGNING, + getParams()); + // set validation date so this will still pass when cert expires + v.setValidationDate(validationDate); + v.validate(loadCertificateChain(certPath, name)); + } + + public void testCertificateChain(String certPath, Date notBefore, X509TrustManager[] tms, + String... tests) throws Exception { + for (String test : tests) { + System.err.println("Testing " + test); + X509Certificate[] chain = loadCertificateChain(certPath, test); + + for (X509TrustManager tm : tms) { + testTM(tm, chain, notBefore, isValid); + } + } + } + + public X509TrustManager getTMF(String type, PKIXBuilderParameters params) throws Exception { + TrustManagerFactory tmf = TrustManagerFactory.getInstance(type); + if (params == null) { + tmf.init((KeyStore) null); + } else { + tmf.init(new CertPathTrustManagerParameters(params)); + } + TrustManager[] tms = tmf.getTrustManagers(); + for (TrustManager tm : tms) { + return (X509TrustManager) tm; + } + throw new RuntimeException("No TrustManager for " + type); + } + + public PKIXBuilderParameters getParams() throws Exception { + PKIXBuilderParameters pbp = + new PKIXBuilderParameters(SecurityUtils.getCacertsKeyStore(), + new X509CertSelector()); + pbp.setRevocationEnabled(false); + return pbp; + } + + public void testTM(X509TrustManager xtm, X509Certificate[] chain, + Date notBefore, boolean valid) { + // Check if TLS Server certificate (the first element of the chain) + // is issued after the specified notBefore date (should be rejected + // unless distrust property is false). To do this, we need to + // fake the notBefore date since none of the test certs are issued + // after then. + chain[0] = new DistrustedTLSServerCert(chain[0], notBefore); + + // Wrap the intermediate and root CA certs in NonExpiringTLSServerCert + // so it will never throw a CertificateExpiredException + for (int i = 1; i < chain.length; i++) { + chain[i] = new NonExpiringTLSServerCert(chain[i]); + } + + try { + xtm.checkServerTrusted(chain, "ECDHE_RSA"); + if (!valid) { + throw new RuntimeException("chain should be invalid"); + } + } catch (CertificateException ce) { + if (valid) { + throw new RuntimeException("Unexpected exception, chain " + + "should be valid", ce); + } + if (ce instanceof ValidatorException) { + ValidatorException ve = (ValidatorException) ce; + if (ve.getErrorType() != ValidatorException.T_UNTRUSTED_CERT) { + ce.printStackTrace(System.err); + throw new RuntimeException("Unexpected exception: " + ce); + } + } else { + throw new RuntimeException(ce); + } + } + } + + private X509Certificate[] loadCertificateChain(String certPath, String name) + throws Exception { + if (cf == null) { + cf = CertificateFactory.getInstance("X.509"); + } + try (InputStream in = new FileInputStream(TEST_SRC + File.separator + certPath + + File.separator + name + "-chain.pem")) { + Collection certs = + (Collection) cf.generateCertificates(in); + return certs.toArray(new X509Certificate[0]); + } + } + + private static class NonExpiringTLSServerCert extends X509Certificate { + private final X509Certificate cert; + NonExpiringTLSServerCert(X509Certificate cert) { + this.cert = cert; + } + public Set getCriticalExtensionOIDs() { + return cert.getCriticalExtensionOIDs(); + } + public byte[] getExtensionValue(String oid) { + return cert.getExtensionValue(oid); + } + public Set getNonCriticalExtensionOIDs() { + return cert.getNonCriticalExtensionOIDs(); + } + public boolean hasUnsupportedCriticalExtension() { + return cert.hasUnsupportedCriticalExtension(); + } + public void checkValidity() { + // always pass + } + public void checkValidity(Date date) { + // always pass + } + public int getVersion() { return cert.getVersion(); } + public BigInteger getSerialNumber() { return cert.getSerialNumber(); } + public Principal getIssuerDN() { return cert.getIssuerDN(); } + public Principal getSubjectDN() { return cert.getSubjectDN(); } + public Date getNotBefore() { return cert.getNotBefore(); } + public Date getNotAfter() { return cert.getNotAfter(); } + public byte[] getTBSCertificate() throws CertificateEncodingException { + return cert.getTBSCertificate(); + } + public byte[] getSignature() { return cert.getSignature(); } + public String getSigAlgName() { return cert.getSigAlgName(); } + public String getSigAlgOID() { return cert.getSigAlgOID(); } + public byte[] getSigAlgParams() { return cert.getSigAlgParams(); } + public boolean[] getIssuerUniqueID() { + return cert.getIssuerUniqueID(); + } + public boolean[] getSubjectUniqueID() { + return cert.getSubjectUniqueID(); + } + public boolean[] getKeyUsage() { + // Turn on the Digital Signature bit. Some certs that we want + // to use as test certs don't have this bit turned on. + boolean[] withDigitalSignature = cert.getKeyUsage(); + withDigitalSignature[0] = true; + return withDigitalSignature; + } + public int getBasicConstraints() { return cert.getBasicConstraints(); } + public byte[] getEncoded() throws CertificateEncodingException { + return cert.getEncoded(); + } + public void verify(PublicKey key) throws CertificateException, + InvalidKeyException, NoSuchAlgorithmException, + NoSuchProviderException, SignatureException { + cert.verify(key); + } + public void verify(PublicKey key, String sigProvider) throws + CertificateException, InvalidKeyException, NoSuchAlgorithmException, + NoSuchProviderException, SignatureException { + cert.verify(key, sigProvider); + } + public PublicKey getPublicKey() { return cert.getPublicKey(); } + public String toString() { return cert.toString(); } + } + + private static class DistrustedTLSServerCert extends NonExpiringTLSServerCert { + private final Date notBefore; + DistrustedTLSServerCert(X509Certificate cert, Date notBefore) { + super(cert); + this.notBefore = notBefore; + } + public Date getNotBefore() { return notBefore; } + } +} diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/Entrust.java b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/Entrust.java new file mode 100644 index 00000000000..809674e8f20 --- /dev/null +++ b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/Entrust.java @@ -0,0 +1,68 @@ +/* + * Copyright (c) 2024, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.io.File; +import java.time.*; +import java.util.*; +import javax.net.ssl.*; + +/** + * @test + * @bug 8337664 8341059 + * @summary Check that TLS Server certificates chaining back to distrusted + * Entrust roots are invalid + * @library /test/lib + * @modules java.base/sun.security.validator + * @run main/othervm Entrust after policyOn invalid + * @run main/othervm Entrust after policyOff valid + * @run main/othervm Entrust before policyOn valid + * @run main/othervm Entrust before policyOff valid + */ + +public class Entrust { + + private static final String certPath = "chains" + File.separator + "entrust"; + + // Each of the roots have a test certificate chain stored in a file + // named "-chain.pem". + private static String[] rootsToTest = new String[]{ + "entrustevca", "entrustrootcaec1", "entrustrootcag2", "entrustrootcag4", + "entrust2048ca", "affirmtrustcommercialca", "affirmtrustnetworkingca", + "affirmtrustpremiumca", "affirmtrustpremiumeccca"}; + + // Date when the restrictions take effect + private static final ZonedDateTime DISTRUST_DATE = + LocalDate.of(2024, 11, 12).atStartOfDay(ZoneOffset.UTC); + + public static void main(String[] args) throws Exception { + Distrust distrust = new Distrust(args); + + X509TrustManager[] tms = new X509TrustManager[]{ + distrust.getTMF("PKIX", null), + distrust.getTMF("SunX509", null) + }; + + Date notBefore = distrust.getNotBefore(DISTRUST_DATE); + distrust.testCertificateChain(certPath, notBefore, tms, rootsToTest); + } +} diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/Symantec.java b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/Symantec.java new file mode 100644 index 00000000000..4e099a8de8d --- /dev/null +++ b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/Symantec.java @@ -0,0 +1,95 @@ +/* + * Copyright (c) 2018, 2024, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import javax.net.ssl.X509TrustManager; +import java.io.File; +import java.time.*; +import java.util.*; + + +/** + * @test + * @bug 8207258 8216280 + * @summary Check that TLS Server certificates chaining back to distrusted + * Symantec roots are invalid + * @library /test/lib + * @modules java.base/sun.security.validator + * @run main/othervm Symantec after policyOn invalid + * @run main/othervm Symantec after policyOff valid + * @run main/othervm Symantec before policyOn valid + * @run main/othervm Symantec before policyOff valid + */ + +public class Symantec { + + private static final String certPath = "chains" + File.separator + "symantec"; + + // Each of the roots have a test certificate chain stored in a file + // named "-chain.pem". + private static final String[] rootsToTest = new String[]{ + "geotrustprimarycag2", "geotrustprimarycag3", "geotrustuniversalca", + "thawteprimaryrootca", "thawteprimaryrootcag2", "thawteprimaryrootcag3", + "verisignclass3g3ca", "verisignclass3g4ca", "verisignclass3g5ca", + "verisignuniversalrootca" + }; + + // Each of the subCAs with a delayed distrust date have a test certificate + // chain stored in a file named "-chain.pem". + private static String[] subCAsToTest = new String[]{"appleistca8g1"}; + + // Date when the restrictions take effect + private static final ZonedDateTime ROOTS_DISTRUST_DATE = + LocalDate.of(2019, 4, 17).atStartOfDay(ZoneOffset.UTC); + + // Date when the subCA restrictions take effect + private static final ZonedDateTime SUBCA_DISTRUST_DATE = + LocalDate.of(2020, 1, 1).atStartOfDay(ZoneOffset.UTC); + + public static void main(String[] args) throws Exception { + Distrust distrust = new Distrust(args); + X509TrustManager[] tms = new X509TrustManager[]{ + distrust.getTMF("PKIX", null), + distrust.getTMF("SunX509", null) + }; + + // test chains issued through roots + Date notBefore = distrust.getNotBefore(ROOTS_DISTRUST_DATE); + distrust.testCertificateChain(certPath, notBefore, tms, rootsToTest); + + // test chain if params are passed to TrustManager + System.err.println("Testing verisignuniversalrootca with params"); + X509TrustManager[] tmsParams = new X509TrustManager[]{ + distrust.getTMF("PKIX", distrust.getParams()) + }; + distrust.testCertificateChain(certPath, notBefore, tmsParams, + "verisignuniversalrootca"); + + // test code-signing chain (should be valid as restrictions don't apply) + Date validationDate = new Date(1544197375493L); + distrust.testCodeSigningChain(certPath, "verisignclass3g5ca-codesigning", validationDate); + + // test chains issued through subCAs + notBefore = distrust.getNotBefore(SUBCA_DISTRUST_DATE); + distrust.testCertificateChain(certPath, notBefore, tms, subCAsToTest); + } +} diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/camerfirma/camerfirmachambersca-chain.pem b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/camerfirma/camerfirmachambersca-chain.pem new file mode 100644 index 00000000000..f23c6dafedd --- /dev/null +++ b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/camerfirma/camerfirmachambersca-chain.pem @@ -0,0 +1,64 @@ +Owner: CN=Camerfirma Corporate Server II - 2015, + L=Madrid (see current address at https://www.camerfirma.com/address), + SERIALNUMBER=A82743287, + O=AC Camerfirma S.A., OU=AC CAMERFIRMA, C=ES +Issuer: CN=Chambers of Commerce Root - 2008, + O=AC Camerfirma S.A., SERIALNUMBER=A82743287, + L=Madrid (see current address at www.camerfirma.com/address), C=EU +Serial number: 621ff31c489ba136 +Valid from: Thu Jan 15 01:21:16 PST 2015 until: Tue Dec 15 01:21:16 PST 2037 +Certificate fingerprints: + SHA1: FE:72:7A:78:EA:0C:03:35:CD:DA:9C:2E:D7:5F:D4:D4:6F:35:C2:EF + SHA256: 66:EA:E2:70:9B:54:CD:D1:69:31:77:B1:33:2F:F0:36:CD:D0:F7:23:DB:30:39:ED:31:15:55:A6:CB:F5:FF:3E +Signature algorithm name: SHA256withRSA +Subject Public Key Algorithm: 4096-bit RSA key +Version: 3 + +-----BEGIN CERTIFICATE----- +MIIIkzCCBnugAwIBAgIIYh/zHEiboTYwDQYJKoZIhvcNAQELBQAwga4xCzAJBgNV +BAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQg +d3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRIwEAYDVQQFEwlBODI3NDMyODcx +GzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjEpMCcGA1UEAxMgQ2hhbWJlcnMg +b2YgQ29tbWVyY2UgUm9vdCAtIDIwMDgwHhcNMTUwMTE1MDkyMTE2WhcNMzcxMjE1 +MDkyMTE2WjCB0zELMAkGA1UEBhMCRVMxFjAUBgNVBAsMDUFDIENBTUVSRklSTUEx +GzAZBgNVBAoMEkFDIENhbWVyZmlybWEgUy5BLjESMBAGA1UEBRMJQTgyNzQzMjg3 +MUswSQYDVQQHDEJNYWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQgaHR0cHM6 +Ly93d3cuY2FtZXJmaXJtYS5jb20vYWRkcmVzcykxLjAsBgNVBAMMJUNhbWVyZmly +bWEgQ29ycG9yYXRlIFNlcnZlciBJSSAtIDIwMTUwggIiMA0GCSqGSIb3DQEBAQUA +A4ICDwAwggIKAoICAQC3ndKNpFufVq9v+15dRoT9oVkgwEfDdsPw0Ly0R+eM5MOk +35zEil/+hqEMbQmcvosAh6I8iAskkXasqh+SMbMIjvXbDyNILeGzsoP0uz3btHM7 +oN3yHXDhhd1NGNocP54Wehe9+RE3WP0yEEo+D2YmMwUHuv4KiXtveiPksv+Xkkz5 +auqppPMaYlD6y49AEsGY2zOEUI8PO4+tOxUKhvsiMuW817vH3VdmMwOjRe0SdYAi +YLQIiyqJGNdEo3u+fw8UXxaJSRXhmF+jUn5DvdzWWNAxxwAKy95EPlpLQsx/7t2W +2ntoELPHGJk4V+/yA0d2olLEqBADkRtP2HiC0wly+zp7OGmjtfjbqLrVjmo/mLP3 +zpmYbpUtubrHiY0rlW6wo5FZLcTUvcAxFjxLWVIELPjnTebOuHvoJTb97rhA1Oqq +woq5FWJHFI9idzXzFLO0LX/4ugI9LZWxmvWW0O4CePtnhp0aNE/GgAw6lMx7bjZe +DXxxQnUDEE/mAqOHRUCnvRUSKVbuBBE0oz5fz3nUwcWVVgrm/jkgqTX4EqnZe+yB +mKV6hFEYV+1oVh7kzNN4Hg7nzGuByS7cCuBEwULFhfUja1Bu9EqgndJ3CV0XCWIA +XVhJnPNPi6y4W11jLJ7XSGSz3sCh21g0Gpgi2pXHGDB65Jc/QJHZ5ZaHCrzFnwID +AQABo4ICjDCCAogwEgYDVR0TAQH/BAgwBgEB/wIBAjAdBgNVHQ4EFgQUY+nw8FYA +aGWwIWwOXNcZCJ0INGUwgeMGA1UdIwSB2zCB2IAU+SSsD7K1+HnA+mCIG8TZTQKe +FxmhgbSkgbEwga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNlZSBj +dXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRIw +EAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjEp +MCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAtIDIwMDiCCQCj2kJ+ +pLGu2jB6BggrBgEFBQcBAQRuMGwwQgYIKwYBBQUHMAKGNmh0dHA6Ly93d3cuY2Ft +ZXJmaXJtYS5jb20vY2VydHMvcm9vdF9jaGFtYmVycy0yMDA4LmNydDAmBggrBgEF +BQcwAYYaaHR0cDovL29jc3AuY2FtZXJmaXJtYS5jb20wDgYDVR0PAQH/BAQDAgEG +MCcGA1UdJQQgMB4GCCsGAQUFBwMEBggrBgEFBQcDAgYIKwYBBQUHAwEwPgYDVR0g +BDcwNTAzBgRVHSAAMCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vcG9saWN5LmNhbWVy +ZmlybWEuY29tMHgGA1UdHwRxMG8wNaAzoDGGL2h0dHA6Ly9jcmwuY2FtZXJmaXJt +YS5jb20vY2hhbWJlcnNyb290LTIwMDguY3JsMDagNKAyhjBodHRwOi8vY3JsMS5j +YW1lcmZpcm1hLmNvbS9jaGFtYmVyc3Jvb3QtMjAwOC5jcmwwDQYJKoZIhvcNAQEL +BQADggIBAKhqaZwalwf89f4wPqfcE/lrsHdx8+q9RG46ouBXhTJMqXjwstXOZSL4 +3Dqs3GaVuMPIM9OG7CK0I93mAt+FWtr49ACFTyPBxPg/knrZ4RHyEto+/6w0WZ9H +owNw0aUg3ZAkhIvMRPVou8PrVukqj2lGKIh3hRdrbHwYwwmKKNlWBoC9gWk3mTYU +zfNt/KTzQCCl5+s6YDa+XInMLWaGd/pE/e++a22vY24cv7kN3NAFMjAMELPwh9ic +zLoPX8B52r+GgwpKY0c0hZdVTii6psLQ+BenyMlh+6lHRBOlTCSRtNi16o7H8fRq +CY2wyQi7N+EmdY1DhvECCi1nLbOnIx1bSAW0cVwPVrjQ/vsAxPNc3SGe/Xnanm3a +zAgFspzeuAhxxG0VKOvtPBnPQNsQ0cK664+IrWRsfa6aYhEfKvfsn5o4HpBWDobf +zrtNbqjjOuiM6JkT+DxXo5UK7t2q75KCJiimTtAuPcZ5wErZISLvZ34BodIHL2xK +b3Vww7K2FE1QaNsuQkGbUk++B9/+vV3H57vzskObdFWeWKSCpxIil4vZwIIH17zn +WU+O2WIY1F0aO9zp3E7qwfmYT4MJ38NF9R7FSlxRlgVc1uUHu/iyUU4N1O6F3VdX +P2Y+tgLFZLYV4kApfXk5l9h94dgKyfVcIpvS6yVpLfONPnlCNOxy +-----END CERTIFICATE----- diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/camerfirma/camerfirmachamberscommerceca-chain.pem b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/camerfirma/camerfirmachamberscommerceca-chain.pem new file mode 100644 index 00000000000..b27d46c17c8 --- /dev/null +++ b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/camerfirma/camerfirmachamberscommerceca-chain.pem @@ -0,0 +1,48 @@ +Owner: CN=AC Camerfirma Certificados Camerales, + O=AC Camerfirma SA, SERIALNUMBER=A82743287, + L=Madrid (see current address at www.camerfirma.com/address), + EMAILADDRESS=ac_camerfirma_cc@camerfirma.com, C=ES +Issuer: CN=Chambers of Commerce Root, OU=http://www.chambersign.org, + O=AC Camerfirma SA CIF A82743287, C=EU +Serial number: 5 +Valid from: Mon Feb 09 07:42:47 PST 2004 until: Thu Feb 09 07:42:47 PST 2034 +Certificate fingerprints: + SHA1: 9F:36:B4:BE:9D:AF:1C:91:01:B2:D7:61:58:FB:95:CB:53:82:01:10 + SHA256: C7:D8:43:81:E1:1F:7C:57:46:77:1A:F5:B0:50:DC:51:FC:6F:DA:D6:F6:F3:5B:B5:3A:3D:E9:13:82:2E:A0:9E +Signature algorithm name: SHA1withRSA (weak) +Subject Public Key Algorithm: 2048-bit RSA key +Version: 3 + +-----BEGIN CERTIFICATE----- +MIIFwDCCBKigAwIBAgIBBTANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEn +MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL +ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEiMCAGA1UEAxMZQ2hhbWJlcnMg +b2YgQ29tbWVyY2UgUm9vdDAeFw0wNDAyMDkxNTQyNDdaFw0zNDAyMDkxNTQyNDda +MIHgMQswCQYDVQQGEwJFUzEuMCwGCSqGSIb3DQEJARYfYWNfY2FtZXJmaXJtYV9j +Y0BjYW1lcmZpcm1hLmNvbTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBh +ZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJ +QTgyNzQzMjg3MRkwFwYDVQQKExBBQyBDYW1lcmZpcm1hIFNBMS0wKwYDVQQDEyRB +QyBDYW1lcmZpcm1hIENlcnRpZmljYWRvcyBDYW1lcmFsZXMwggEgMA0GCSqGSIb3 +DQEBAQUAA4IBDQAwggEIAoIBAQCjxnvvj01f36lgGhihRYVf1fAPEXsTJKrY4aLQ +cEUSh5szZE7VTtGiyMTMc2uCmnaXafjYHK8Lgmy6T9xxGEZ5OS4x6rgtuPyy13AP +tu3X3Y2kPVLu7ZMw5HoQC64wBj6YcnxTnBwmVW05DjzRXp6OyBIEKEaAB9vv2qEl +fh/Y234FG6Wd/ut1s0ScRZAo+6CSMNQxaY+ryXKD11uWkzWXJa9UZOasG7z4uPqc +Gr4/Hz2/CTLDTgp0xkMJYuzOztpUvOACrxlkS2utKUwVlAikJnboNwf/en94RbHN +zkKc5t0SAbzCf57ueawbzxSdPa+SAC25FNur64FKkfdq5PPjAgEDo4IB5TCCAeEw +EgYDVR0TAQH/BAgwBgEB/wIBCzA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vY3Js +LmNoYW1iZXJzaWduLm9yZy9jaGFtYmVyc3Jvb3QuY3JsMB0GA1UdDgQWBBS2H06d +HGiRLjdyYOFGj1qlKjExuTCBqwYDVR0jBIGjMIGggBTjlPWxTenboSlbV4tNdgZ2 +4dGiiqGBhKSBgTB/MQswCQYDVQQGEwJFVTEnMCUGA1UEChMeQUMgQ2FtZXJmaXJt +YSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1iZXJz +aWduLm9yZzEiMCAGA1UEAxMZQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdIIBADAO +BgNVHQ8BAf8EBAMCAYYwKgYDVR0RBCMwIYEfYWNfY2FtZXJmaXJtYV9jY0BjYW1l +cmZpcm1hLmNvbTAnBgNVHRIEIDAegRxjaGFtYmVyc3Jvb3RAY2hhbWJlcnNpZ24u +b3JnMFsGA1UdIARUMFIwUAYLKwYBBAGBhy4KCQEwQTA/BggrBgEFBQcCARYzaHR0 +cDovL2Nwcy5jYW1lcmZpcm1hLmNvbS9jcHMvYWNfY2FtZXJmaXJtYV9jYy5odG1s +MA0GCSqGSIb3DQEBBQUAA4IBAQBl8KoPBYL//EBonqQWS0N+hLfxImP1eQ6nac+v +R5QfF/0w+VCTkShfKwHaa6V/W1dPlVwXSECuvXHkX6DYrtxFGGFB6qxuP1rkIpRs +sTkAlpvOx3REiFjIkhsijKd/ijvqxjbMbuYU+EFACK/jQIRoj+LEEZ+haiqbALZB +Iqq/26HTqX0itDosBj6M94YWcIpbTDefQNWCGsSnZcw2+k+az/wAOZT6xAxlnEim +HpDDlgRsmaLrHpDPDoIRYOih0gbJTnn4mKex9Wgr0sZ+XFl03j+bvcXL1tiuQnwb +9dMRDe/OdXABT35W4ZzLbpost65ZW3Tx+oi/bLbmu6pbKCgs +-----END CERTIFICATE----- diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/camerfirma/camerfirmachambersignca-chain.pem b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/camerfirma/camerfirmachambersignca-chain.pem new file mode 100644 index 00000000000..2ab3091439c --- /dev/null +++ b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/camerfirma/camerfirmachambersignca-chain.pem @@ -0,0 +1,62 @@ +Owner: CN=AC Camerfirma - 2009, + L=Madrid (see current address at https://www.camerfirma.com/address), + SERIALNUMBER=A82743287, O=AC Camerfirma S.A., C=ES +Issuer: CN=Global Chambersign Root - 2008, + O=AC Camerfirma S.A., SERIALNUMBER=A82743287, + L=Madrid (see current address at www.camerfirma.com/address), C=EU +Serial number: 2 +Valid from: Mon Mar 16 10:16:25 PDT 2009 until: Sun Mar 11 10:16:25 PDT 2029 +Certificate fingerprints: + SHA1: BA:BA:69:CF:D5:CC:C9:4D:05:6B:5B:E7:80:5F:E2:03:CB:EB:5C:57 + SHA256: B6:8D:5D:9B:4E:A6:35:95:7C:0C:32:15:C2:0D:35:B2:21:7B:69:E3:49:C7:A3:04:C4:F9:7F:20:C4:08:1F:88 +Signature algorithm name: SHA1withRSA (weak) +Subject Public Key Algorithm: 4096-bit RSA key +Version: 3 + +-----BEGIN CERTIFICATE----- +MIIIPzCCBiegAwIBAgIBAjANBgkqhkiG9w0BAQUFADCBrDELMAkGA1UEBhMCRVUx +QzBBBgNVBAcTOk1hZHJpZCAoc2VlIGN1cnJlbnQgYWRkcmVzcyBhdCB3d3cuY2Ft +ZXJmaXJtYS5jb20vYWRkcmVzcykxEjAQBgNVBAUTCUE4Mjc0MzI4NzEbMBkGA1UE +ChMSQUMgQ2FtZXJmaXJtYSBTLkEuMScwJQYDVQQDEx5HbG9iYWwgQ2hhbWJlcnNp +Z24gUm9vdCAtIDIwMDgwHhcNMDkwMzE2MTcxNjI1WhcNMjkwMzExMTcxNjI1WjCB +qjELMAkGA1UEBhMCRVMxGzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjESMBAG +A1UEBRMJQTgyNzQzMjg3MUswSQYDVQQHE0JNYWRyaWQgKHNlZSBjdXJyZW50IGFk +ZHJlc3MgYXQgaHR0cHM6Ly93d3cuY2FtZXJmaXJtYS5jb20vYWRkcmVzcykxHTAb +BgNVBAMTFEFDIENhbWVyZmlybWEgLSAyMDA5MIICIjANBgkqhkiG9w0BAQEFAAOC +Ag8AMIICCgKCAgEAmbHxFEYTJmMdPcYiPlWUGZu2+tQo4voohYi3dwCwoVuGdHSp +kyoqs1B3YGx4u5KT4n0A7+Bb8YQ/QzbNy7UQ4JXAK+rT8JpNeKIvfN4lHnQJaChE +4fdn0KpvHWymaNq2k+EbQClquZB6OsTLvsivwSuSnyLcUw5rbajj53wq77fwB12y +phMjwz2AnD1BvHZd3vLOaH1jRQP3zzNmyjT/Oj6+jdux7SBKlJWgQEaKflwcvYyc +DPFPhGM4KPwEGX61PCrS+l8Lw0Kdy6K4lE+GrfgJrXM5m1Ey1R0c9McYQQPAtYcm +cOnHHgkJdEAFVDa76T9C+lcMP6DNckbJIyc/ENrmM2v4rq/JnsJKEEx0VLyLizQx +cGU3gp4ckg0ImQ9hV3H/DLWEqfrPuD++zaV81gpstnc9+pLg0Jibvwg3qvIr7nS5 +acc//qqxH0iJGYoStHW5J5HoM9HcBvhACq5rjzjrNLPYSJqbPJwBHKcql/uUjQ6S +SVWe3/CeJp6/vGuY1aRXAk9c/8oO0ZDrLKE8LsUgZesTLnWGd1LQcyQf6UMG1nb9 +5C3eZRkCVpKma6Hl/SUQNukerlbLOU9InFGNPdeEVq1Jo62XeEi8KMbTPdXou6Yl +rpe99dFnOUjVOdY7gfBGSgIVJjORqf/V70jwsxcYz7j6PKl0XulJs06vpSECAwEA +AaOCAmowggJmMBIGA1UdEwEB/wQIMAYBAf8CAQIwHQYDVR0OBBYEFMgAD/zGUvyf +2ztkLjK5bi5x82V5MIHhBgNVHSMEgdkwgdaAFLkJypwe29NsOmuu7VTxW5MGNS5e +oYGypIGvMIGsMQswCQYDVQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3Vy +cmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAG +A1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAl +BgNVBAMTHkdsb2JhbCBDaGFtYmVyc2lnbiBSb290IC0gMjAwOIIJAMnN0+nVfSPO +MH0GCCsGAQUFBwEBBHEwbzBFBggrBgEFBQcwAoY5aHR0cDovL3d3dy5jYW1lcmZp +cm1hLmNvbS9jZXJ0cy9yb290X2NoYW1iZXJzaWduLTIwMDguY3J0MCYGCCsGAQUF +BzABhhpodHRwOi8vb2NzcC5jYW1lcmZpcm1hLmNvbTAOBgNVHQ8BAf8EBAMCAQYw +PgYDVR0gBDcwNTAzBgRVHSAAMCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vcG9saWN5 +LmNhbWVyZmlybWEuY29tMH4GA1UdHwR3MHUwOKA2oDSGMmh0dHA6Ly9jcmwuY2Ft +ZXJmaXJtYS5jb20vY2hhbWJlcnNpZ25yb290LTIwMDguY3JsMDmgN6A1hjNodHRw +Oi8vY3JsMS5jYW1lcmZpcm1hLmNvbS9jaGFtYmVyc2lnbnJvb3QtMjAwOC5jcmww +DQYJKoZIhvcNAQEFBQADggIBABNYG4jBwoI7e8pCuUyDc6rwpE9H6AgrUdL7O1xK +TgTjDGBrMOBK+ZPS4Si8J3yZngvSrL694a1HmiiblJ+CmCdNGli2nBBM+OPK3tQB +4TW6hgkIe3vSNg/9o9y6+MAJcm8Kn0nPCBkSRME87NwvpehtekuF1G2ng1KDVwAn +F+eCXfNanEwY++vWbJAuPE69Z/0+rCgNyH1PzihiNu6vrUlSlLWKaG34O1DEttX+ +SsWTpEbpH9w5y9Vmw6WQ/B5nfhPM551HaMbiGgSxT9jHmf8APYQ3iT8EktcdTAdw +m1miiyxfKG+WjPT7P/x8Np1spJZw+sNIDTLdZ0T1XQ6obVkBTFUDSULKW8949HDu +VSwdl9Hu9lkDzzh9tyVYwwjEWVFZOiD/4TPVLfphf4ZEiyHt5YpNd9kZJIGGDxdc +CdtzPm2dQODFpv72LnPQHbuBQPJ71zkoAmyeM/1Qj0DlrFsPcYnbRasck1VmYgDc +Xc0+is0wcgCd7Gpx1zpEeVqwMD96am2xZPzd6nsbXvo+6TzsKLRMJo6nOERwrzuI +F+/eq3WXxYMt2UenJsHqwSgPJRMdl3SFz0+SZN0viHeLuwb7qaHN74qC6GP8yHGp +2xe6Z11mJDPLDSrQQ2dOceSJ1LurJgLP7amYmFlWwVnmM7LnfShhMWMV+MDrICnL +2ksL +-----END CERTIFICATE----- diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/entrust/affirmtrustcommercialca-chain.pem b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/entrust/affirmtrustcommercialca-chain.pem new file mode 100644 index 00000000000..76aa6d14338 --- /dev/null +++ b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/entrust/affirmtrustcommercialca-chain.pem @@ -0,0 +1,77 @@ +Root Certificate: + Version: 3 (0x2) + Serial Number: 8608355977964138876 (0x7777062726a9b17c) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, O=AffirmTrust, CN=AffirmTrust Commercial + Validity + Not Before: Jan 29 14:06:06 2010 GMT + Not After : Dec 31 14:06:06 2030 GMT + +-----BEGIN CERTIFICATE----- +MIIHHjCCBgagAwIBAgIQAWZjFOyCvT00u/gtkCvS2TANBgkqhkiG9w0BAQsFADCB +gzELMAkGA1UEBhMCQ0ExFDASBgNVBAoTC0FmZmlybVRydXN0MSswKQYDVQQLEyJT +ZWUgd3d3LmFmZmlybXRydXN0LmNvbS9yZXBvc2l0b3J5MTEwLwYDVQQDEyhBZmZp +cm1UcnVzdCBFeHRlbmRlZCBWYWxpZGF0aW9uIENBIC0gRVYxMB4XDTI0MDYyODIx +MzgwNVoXDTI1MDcyODIxMzgwNFowgdgxCzAJBgNVBAYTAkNBMRAwDgYDVQQIEwdP +bnRhcmlvMQ8wDQYDVQQHEwZPdHRhd2ExEzARBgsrBgEEAYI3PAIBAxMCQ0ExGDAW +BgsrBgEEAYI3PAIBAhMHT250YXJpbzEcMBoGA1UEChMTQWZmaXJtdHJ1c3QgTGlt +aXRlZDEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEDAOBgNVBAUTBzI1 +NDA1NDcxKDAmBgNVBAMTH3ZhbGlkY29tbWVyY2lhbC5hZmZpcm10cnVzdC5jb20w +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeIT2XO0hJ5wDSbIiIcMvs +P3NpQc7O7v5DqldpME6+Qn2sF5b9hc6j72hgTXREa77uUcP5u1JcMWCSWwYQHMpJ +kFzmIzijhS60wW1epb5QyTgM3ZYh1WKvttFCbHUcrTtd+LoPFYsjw9ZK//K9tPp+ +ddn06/ivWvUO5y5vn0wrCaB9tuLdDn4RCQzK2XoZdDuqhPlBBogJX0vM6lsXjgLy +EbvE+/sKYps/In6VtRvCoYavg3OqaIMeaA7gTiYTb1ZGFOAiltnq7fcp6SZUohK3 +QNihv1DadVc+n8LnEUKKDkgG2YgWEFczaE3qwG3ef6L3MzLGrkgVY+qGHyyv2IE7 +AgMBAAGjggM1MIIDMTAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT4ARNL47hAsOpa +96VMgKEY3sLIAjAfBgNVHSMEGDAWgBTb72U3C+VHyzXRkB8DwbyIx6fqgDBsBggr +BgEFBQcBAQRgMF4wJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3NwLmFmZmlybXRydXN0 +LmNvbTAzBggrBgEFBQcwAoYnaHR0cDovL2FpYS5hZmZpcm10cnVzdC5jb20vYWZ0 +ZXYxY2EuY3J0MDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuYWZmaXJtdHJ1 +c3QuY29tL2NybC9hZnRldjFjYS5jcmwwKgYDVR0RBCMwIYIfdmFsaWRjb21tZXJj +aWFsLmFmZmlybXRydXN0LmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI +KwYBBQUHAwEGCCsGAQUFBwMCMFYGA1UdIARPME0wBwYFZ4EMAQEwQgYKKwYBBAGC +jwkCATA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5hZmZpcm10cnVzdC5jb20v +cmVwb3NpdG9yeTCCAYAGCisGAQQB1nkCBAIEggFwBIIBbAFqAHcAEvFONL1TckyE +BhnDjz96E/jntWKHiJxtMAWE6+WGJjoAAAGQYMi3wQAABAMASDBGAiEAjvdsU4G2 +o4BZSOOjaH6gOp7zhKtXQByQUvfHfsi2ePcCIQDnnIO2qlHBm+sskUDlXfR0lCUW +yFPVr9nFZ0L9YPpozgB2AA3h8jAr0w3BQGISCepVLvxHdHyx1+kw7w5CHrR+Tqo0 +AAABkGDIt9MAAAQDAEcwRQIhANh1zS3Qeo9yKF+j3G52JhmDRYBS+1TM0wykoXCY +llpxAiAG+LAlKSbwwgrboUSTDDXWNeoRYZ7fKbU72kKfHrpZvwB3ABoE/0nQVB1A +r/agw7/x2MRnL07s7iNAaJhrF0Au3Il9AAABkGDIt9sAAAQDAEgwRgIhAN8OoC4I +zw8bFJy8ACgK40c9ZfsIfFhePTc9CyrL5uDsAiEA4Jn/IqBB9L5DeTgqw9hBaYag +FmY/2gWDip36ga0WUsAwDQYJKoZIhvcNAQELBQADggEBABywPLJP097Emz6LNeFU +/HvfhaUKv2pgIHf/Kvjs5x78RK9G605THPEHr/TeUjNZ4PBd48WBNVWzyd/8FuOt +r+FsYkRJb9CnrOhZHuCwlcdWXvuY8PiuBmT+xB16BWR5yhYbbiGe4hea0Pf6CfHh +jJoGJw4dQKfgneZOV7IcaWnNTKYawlcZOgxvEwFvj+iZM31WphEPKRAV+N+Tp+ZR +nxlEdjmdbOjqBydlYIEzuFIgxgtnPdK5wqCOWb+z2cARUAO/AkiWrOLTPDc7ydQK +GcfDrSqffHOlwaee08C6STFaJWIcpqxZdXE6Jc+8/85bfPEAG1UepgfnBTqW9RGT +Q3s= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEqDCCA5CgAwIBAgIQFylVHtaOf7Ht9XMA811/1TANBgkqhkiG9w0BAQsFADBE +MQswCQYDVQQGEwJVUzEUMBIGA1UECgwLQWZmaXJtVHJ1c3QxHzAdBgNVBAMMFkFm +ZmlybVRydXN0IENvbW1lcmNpYWwwHhcNMTkwMzIxMjAyNzU0WhcNMzAxMjAyMDQw +MDAwWjCBgzELMAkGA1UEBhMCQ0ExFDASBgNVBAoTC0FmZmlybVRydXN0MSswKQYD +VQQLEyJTZWUgd3d3LmFmZmlybXRydXN0LmNvbS9yZXBvc2l0b3J5MTEwLwYDVQQD +EyhBZmZpcm1UcnVzdCBFeHRlbmRlZCBWYWxpZGF0aW9uIENBIC0gRVYxMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPBMIa9VuXJGAw0MHvieGciPFA11 +b9T49YJ7T+zVpoMMQO+ueUKVHb2l26oeCiwIhXMQ5LquOVcx+rofouzcKXY3wKDZ +zHIOnAkU+23Ucn/3dRH7aHJULsBufZq+NvwgYSgJJEDKfqvIV/c5HiRyZ2H+nAI5 +10Q2xC0UxgSBsufccQ+Fwkg6BAGDlTXrvi8wi75UaGue6jv/qcKLybeVUrgqKE64 +d9oa9PG5/g89QwSdsIQEdVSFzFvFpOG9YhJbJ177Zg6DGCxU0lWwFrVpyH/2vnXl +jhMQScn8UxzCJdDg3EDqjgaV0JH2yoLug+QVYgURPu5BEb5ut9vAdP7cLwIDAQAB +o4IBVDCCAVAwNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzABhhtodHRwOi8vb2Nz +cC5hZmZpcm10cnVzdC5jb20wHQYDVR0OBBYEFNvvZTcL5UfLNdGQHwPBvIjHp+qA +MBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAUnZPGU4teyq8/nx4P5ZmV +vCT2lI8wRwYDVR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8v +d3d3LmFmZmlybXRydXN0LmNvbS9yZXBvc2l0b3J5MEkGA1UdHwRCMEAwPqA8oDqG +OGh0dHA6Ly9jcmwuYWZmaXJtdHJ1c3QuY29tL2NybC9BZmZpcm1UcnVzdENvbW1l +cmNpYWwuY3JsMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYI +KwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAATH11fMrINGmQGQqQW0ATteVnUG +LrmRSN2OlmRm+dkUwKXhcQQEfYYlEggPqgvxSUpw13fXSOqVHqAcj3BIqF957kh+ +m3DmC0RX9KaEKD165pf77P5nZcRmZpBl9cctvzIxN19uzcminchusYwLyeWhBtTZ +xpER9LbrfMNaQ7GnrgalMx54QvdjOhw/GJs9/SqEzYmPshL+DzgZX/oAzY63rQIh +rBblf6/2talZqci96oFzNst8rGfPy/xQ7lgkki1hwIYbORMfloBhP+vAZJo0mxdM +ipu3Z0ToK+KU2iqnBxXVr2/kod+CpkHnjUHa1wnQuSaefng3XwZ/vqtSL9c= +-----END CERTIFICATE----- diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/entrust/affirmtrustnetworkingca-chain.pem b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/entrust/affirmtrustnetworkingca-chain.pem new file mode 100644 index 00000000000..7384d31152e --- /dev/null +++ b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/entrust/affirmtrustnetworkingca-chain.pem @@ -0,0 +1,76 @@ +Root Certificate: + Version: 3 (0x2) + Serial Number: 8957382827206547757 (0x7c4f04391cd4992d) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=US, O=AffirmTrust, CN=AffirmTrust Networking + Validity + Not Before: Jan 29 14:08:24 2010 GMT + Not After : Dec 31 14:08:24 2030 GMT + +-----BEGIN CERTIFICATE----- +MIIHGjCCBgKgAwIBAgIQX2vGPaCJ1tS0ncp2OlBMFjANBgkqhkiG9w0BAQsFADCB +gzELMAkGA1UEBhMCQ0ExFDASBgNVBAoTC0FmZmlybVRydXN0MSswKQYDVQQLEyJT +ZWUgd3d3LmFmZmlybXRydXN0LmNvbS9yZXBvc2l0b3J5MTEwLwYDVQQDEyhBZmZp +cm1UcnVzdCBFeHRlbmRlZCBWYWxpZGF0aW9uIENBIC0gRVYzMB4XDTI0MDYyODIx +NDU0OVoXDTI1MDcyODIxNDU0OFowgdgxCzAJBgNVBAYTAkNBMRAwDgYDVQQIEwdP +bnRhcmlvMQ8wDQYDVQQHEwZPdHRhd2ExEzARBgsrBgEEAYI3PAIBAxMCQ0ExGDAW +BgsrBgEEAYI3PAIBAhMHT250YXJpbzEcMBoGA1UEChMTQWZmaXJtdHJ1c3QgTGlt +aXRlZDEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEDAOBgNVBAUTBzI1 +NDA1NDcxKDAmBgNVBAMTH3ZhbGlkbmV0d29ya2luZy5hZmZpcm10cnVzdC5jb20w +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkGknE8kFr+CaIybQrDPRw +z9OKXq77p4CnrkF1/g9w/HiIs6Ps8YqTjsiTKM3wYLbvPA+TbO9DpCSyCP2bVyLf +AjUE617KZSpfy9RqzvGjn/1qH/cBKohhEliMfDj4ZHfY4x+1WYTZPVK/g0Ny5RAP +wz9lJHR2SsVGLvpqXzWaVoxifJ8HZWD7n5z/75WeYko+Hubx3WvzJZcN2Xjn+q6a +7wkDaXPayrvn5uWGPlOLQHqJ5z7wts21jASMTfJAToFyzH6dGwvqxkP3bVJGJ8AF +vtMfqVjcOcjWgmmOEHMPAAqs5QKrYuSLccH6hFTwFEUCdMwVqfloznt2sNUSBoKj +AgMBAAGjggMxMIIDLTAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTrE0z4fRyx9P9M +0FfA6VgGkJiYVDAfBgNVHSMEGDAWgBR5HrHJF8cerLHHFNfD6H+8uVCbFTBsBggr +BgEFBQcBAQRgMF4wJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3NwLmFmZmlybXRydXN0 +LmNvbTAzBggrBgEFBQcwAoYnaHR0cDovL2FpYS5hZmZpcm10cnVzdC5jb20vYWZ0 +ZXYzY2EuY3J0MDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuYWZmaXJtdHJ1 +c3QuY29tL2NybC9hZnRldjNjYS5jcmwwKgYDVR0RBCMwIYIfdmFsaWRuZXR3b3Jr +aW5nLmFmZmlybXRydXN0LmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI +KwYBBQUHAwEGCCsGAQUFBwMCMFYGA1UdIARPME0wBwYFZ4EMAQEwQgYKKwYBBAGC +jwkCAjA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5hZmZpcm10cnVzdC5jb20v +cmVwb3NpdG9yeTCCAXwGCisGAQQB1nkCBAIEggFsBIIBaAFmAHYADeHyMCvTDcFA +YhIJ6lUu/Ed0fLHX6TDvDkIetH5OqjQAAAGQYM/MjQAABAMARzBFAiBjnehs1mvh +5Xm3uXZ7Bq8gijwiXThwnLSYROQxnWrnbAIhALbgJG+PRZQfzTBbgM/zAwNsBjhe +F5iENnaajJCxzOhaAHUAEvFONL1TckyEBhnDjz96E/jntWKHiJxtMAWE6+WGJjoA +AAGQYM/MgQAABAMARjBEAiAsWOm1IIjaxQP9uaPI9tQmkiJPUOTrBTsTDO+jkgiG ++QIgVNhND82rsFGjrtAAHzzgCVzLDUM3zaHxnP/z3BNuO4QAdQAaBP9J0FQdQK/2 +oMO/8djEZy9O7O4jQGiYaxdALtyJfQAAAZBgz8zLAAAEAwBGMEQCIBIGxtjk7Lw8 +i+oggK7VrPMNTB632t321cwhEm517BbZAiBws3+uytwh59N6qGJUuSFQnOZNPOPj +eQnH2fSdT1J2sDANBgkqhkiG9w0BAQsFAAOCAQEAcSzitESRKlbcUvxvUB7FjK0I +CaBU1Nyu0xDFCoG2pmp7GASJz34wtPYfsiX5+j4hDh/noMcgk7WlD8pzgWYw15Rk ++5kTv2v4U85y/JFjzMOHbz64KjQdGebqhjvC/E/EXxK+AZf4H574/w7rbyJ30vFL +gNvPF9AxS1MuYIO55jXrHMByKnFoQZgPsmAY/x+n+OzMxWOdR18PupypCB5TyJZ8 +pQzwoxmX7qeZHiXyJ8jQUwe1qoQc2SbwfQxfwSPUPSJuQo90N+5nyQMe7vvPBM0Y +/CXaFpfPqh71D4C0Ey+0hYxSt99gYs4P9twUByjIlP0wTyhaoEpt3zw9DdZypQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEqDCCA5CgAwIBAgIQNCSh7Pjwo1/nRrcBHEPoRDANBgkqhkiG9w0BAQsFADBE +MQswCQYDVQQGEwJVUzEUMBIGA1UECgwLQWZmaXJtVHJ1c3QxHzAdBgNVBAMMFkFm +ZmlybVRydXN0IE5ldHdvcmtpbmcwHhcNMTkwMzIxMjAzODU5WhcNMzAxMjAyMDQw +MDAwWjCBgzELMAkGA1UEBhMCQ0ExFDASBgNVBAoTC0FmZmlybVRydXN0MSswKQYD +VQQLEyJTZWUgd3d3LmFmZmlybXRydXN0LmNvbS9yZXBvc2l0b3J5MTEwLwYDVQQD +EyhBZmZpcm1UcnVzdCBFeHRlbmRlZCBWYWxpZGF0aW9uIENBIC0gRVYzMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHDl/3xr1qiHoe0Rzb3AGLw56e9J +l2a3X59+PAfI5wGBHuK9Dl7XsyoH65X6QIC/rXyVpuNgKbbwIGHB+rCSplyHzGyC +WeM3LXa2q1US7VteeFDS959nxJVRFfwATR9xAK6YTUWQ/yWdw0dZSm0lQNmEMBwS +qi0ufWokiWXZUzWHOu7A6driCohu9sFDwe1INJUPH6uIlovmzGvG3UYbUSymJcjs +Ka0fXXX9zukco8exlOIKWRJSNLxKtSSPDVASrGLQ1xi3qkiLTKci3+jKMNDFf1vw +foZN99HhUcWKXfr2KlWfANdjTMlsTKCfuhfWl1OBVNHGRrACAQCXI/ji0wIDAQAB +o4IBVDCCAVAwNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzABhhtodHRwOi8vb2Nz +cC5hZmZpcm10cnVzdC5jb20wHQYDVR0OBBYEFHkesckXxx6ssccU18Pof7y5UJsV +MBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAUBx/S55zawm6iQLSwelAQ +UHTEyL0wRwYDVR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8v +d3d3LmFmZmlybXRydXN0LmNvbS9yZXBvc2l0b3J5MEkGA1UdHwRCMEAwPqA8oDqG +OGh0dHA6Ly9jcmwuYWZmaXJtdHJ1c3QuY29tL2NybC9BZmZpcm1UcnVzdE5ldHdv +cmtpbmcuY3JsMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYI +KwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAAhmE4I56hNpnWXQ2Si8a/TgQUZr +X5Jlv1LDvl3rkDyfEIHNZ8dth17SakJYJBWHExph/iIYjCJ9YmeyhghV5rPqT+wF +4yyE2ngenIusfnWT2bTpT9u2VZbCNeACE5XnN2UHSA0J9idPjfLuthViWEvSZZUh +DJ53bX+exO366nDY4AI7owIyhz8hdsWyhZ/0ST+eD+kbgd8osd+GdxzRmyKcfl84 +D1K1uff01T9w2dyUaZglQsFljkaO6xmeXZJsPnhwCp/HlMHWzhAneUQ7I9FZSOW+ +WiYbt4RitmBpysadBReikWM4knECzJQ/fMT9vC0k9BLlqUYRwCH9vr0UnZo= +-----END CERTIFICATE----- diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/entrust/affirmtrustpremiumca-chain.pem b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/entrust/affirmtrustpremiumca-chain.pem new file mode 100644 index 00000000000..6f108bc1229 --- /dev/null +++ b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/entrust/affirmtrustpremiumca-chain.pem @@ -0,0 +1,88 @@ +Root Certificate: + Version: 3 (0x2) + Serial Number: 7893706540734352110 (0x6d8c1446b1a60aee) + Signature Algorithm: sha384WithRSAEncryption + Issuer: C=US, O=AffirmTrust, CN=AffirmTrust Premium + Validity + Not Before: Jan 29 14:10:36 2010 GMT + Not After : Dec 31 14:10:36 2040 GMT + +-----BEGIN CERTIFICATE----- +MIIIFjCCBv6gAwIBAgIQQVOTWr7tEAJXmRDkCSxkajANBgkqhkiG9w0BAQsFADCB +gzELMAkGA1UEBhMCQ0ExFDASBgNVBAoTC0FmZmlybVRydXN0MSswKQYDVQQLEyJT +ZWUgd3d3LmFmZmlybXRydXN0LmNvbS9yZXBvc2l0b3J5MTEwLwYDVQQDEyhBZmZp +cm1UcnVzdCBFeHRlbmRlZCBWYWxpZGF0aW9uIENBIC0gRVYyMB4XDTI0MDYyODIx +NDgyN1oXDTI1MDcyODIxNDgyNlowgdUxCzAJBgNVBAYTAkNBMRAwDgYDVQQIEwdP +bnRhcmlvMQ8wDQYDVQQHEwZPdHRhd2ExEzARBgsrBgEEAYI3PAIBAxMCQ0ExGDAW +BgsrBgEEAYI3PAIBAhMHT250YXJpbzEcMBoGA1UEChMTQWZmaXJtdHJ1c3QgTGlt +aXRlZDEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEDAOBgNVBAUTBzI1 +NDA1NDcxJTAjBgNVBAMTHHZhbGlkcHJlbWl1bS5hZmZpcm10cnVzdC5jb20wggIi +MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDVRMzwbDq47ivHOKqJdiEJNL2+ +g9Snj/BRctqcQTrIV99RP0pmAh5fHg7vnhVsHqc9sRLVcQWTJk9NuRJ2VnDKWsBa +Xrp5UWaNjS0vaFA4jzCi1gWzTTZgPTQn3VRG3JP1F5CZb405/mtWDaw/CfWkcUqQ +VSilqFlJRsjcPCzQh7ZaXAo+FmzJxNSwjxdP6JSYMeTDRCUpSb3T8PypVI1CEmLZ +jsxrg5oIZn25591g/pzgLE56N0stNY4d3q4YD1t5x46RsqYAJYSkk8rcTN+kHzsY +VSqaRDyPkGbmuCeJUvW24wJ30yQtXQWA+U0dMYLe7LyglJ7dkOzvWNbqrIcvM8My +hxH/wwVH7e4dL/1E58yr1BHENUk7Mp9rzIXj496eLkF5G1lMkNnuVRQqCAOW0rPY +V0rI8yrCMTK52s4mNjQo2J7JOYdTUvAWZ92MKvEjjhQlMH8eK72Km/+mkxpsgGmr +3c6u+Gom7oI5VaLZ+3p2uWaOsutk1tkzWjhzY4L27hwmIdWujfrWMRx8uxcfoJxX +gQ40d1QiSN51BtCPE5UnpLU/YUxMdzWmtUoGUfYIGVqDVToBnunIFMdmFjC0IrNl +hquDQi/OGMpzuOvxX1FoXb+rRwOhhdrcR0BQqUVRTV0U5LlcsDeNMqmqPE9mzGtJ +W69Fsh7crntng/L72wIDAQABo4IDMDCCAywwDAYDVR0TAQH/BAIwADAdBgNVHQ4E +FgQU3PWyi/4usZghgahc/Tj+Q60QLOcwHwYDVR0jBBgwFoAUc3yaOGg8UXxBCP6h +HyoetGHbzTwwbAYIKwYBBQUHAQEEYDBeMCcGCCsGAQUFBzABhhtodHRwOi8vb2Nz +cC5hZmZpcm10cnVzdC5jb20wMwYIKwYBBQUHMAKGJ2h0dHA6Ly9haWEuYWZmaXJt +dHJ1c3QuY29tL2FmdGV2MmNhLmNydDA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8v +Y3JsLmFmZmlybXRydXN0LmNvbS9jcmwvYWZ0ZXYyY2EuY3JsMCcGA1UdEQQgMB6C +HHZhbGlkcHJlbWl1bS5hZmZpcm10cnVzdC5jb20wDgYDVR0PAQH/BAQDAgWgMB0G +A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBWBgNVHSAETzBNMAcGBWeBDAEB +MEIGCisGAQQBgo8JAgMwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuYWZmaXJt +dHJ1c3QuY29tL3JlcG9zaXRvcnkwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2 +ABoE/0nQVB1Ar/agw7/x2MRnL07s7iNAaJhrF0Au3Il9AAABkGDSN7EAAAQDAEcw +RQIgVDWwhv7yG6RNnkMZnVq1YYA7ypn/GSH0ibUKnESHRpYCIQCY8gyCX7VFONUI +QuR8daz7ra2FCUI9TwylrR3eFfIgGgB3AN3cyjSV1+EWBeeVMvrHn/g9HFDf2wA6 +FBJ2Ciysu8gqAAABkGDSN5cAAAQDAEgwRgIhAM1edsSyFUKU0Dj1WxTGwziE6fCW +g2ByfL8kDrP260YXAiEA6YQOpJf04N13Nn263BxAl+laH9Ar0eo03fArlv743TQA +dQAN4fIwK9MNwUBiEgnqVS78R3R8sdfpMO8OQh60fk6qNAAAAZBg0je+AAAEAwBG +MEQCIExqK4katETAQo+H0+ImuNJCSeFEI9C+9wrjhl6ZnWb9AiBwkC1vpLYOIm/1 +YCLCQIOmTdg2wf8LITlrQNJA8vbBljANBgkqhkiG9w0BAQsFAAOCAQEASOmPu7ot +yl6MoMns19uI6H2KSUjMFh3/fKMcY/ettmEYalgrytexFMrLnD2UniBlD+nJEshp +5/z7o0YDiRoiLhMAs7VqIdX3erNu/ghNh7P2bDnoMWShSoAKxez1XOGL3rRE0NAi +DsWCaNRHH9rnC97275sbGnua7ZYg+8BiF62vpJlqjrxDHjGiej8qAWSjztbB43Af +bwRscpXTxNkMvOBuRFMH+rSxB8CrOV68W+yxmzPuPxVjM7oJH8Qk5BC53NRqFsVz +JhbNfot0+/drj7JT3jlacUVQcD/BzDuC3+qczQlLjLdHgQM2/e4fXsD6C5S6B11d +BDx6ipGpaASofA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFojCCA4qgAwIBAgIQU3HI6weE/VEI5dTz4yPsRjANBgkqhkiG9w0BAQsFADBB +MQswCQYDVQQGEwJVUzEUMBIGA1UECgwLQWZmaXJtVHJ1c3QxHDAaBgNVBAMME0Fm +ZmlybVRydXN0IFByZW1pdW0wHhcNMTkwMzIxMjA0NjM1WhcNMzAxMjAyMDQwMDAw +WjCBgzELMAkGA1UEBhMCQ0ExFDASBgNVBAoTC0FmZmlybVRydXN0MSswKQYDVQQL +EyJTZWUgd3d3LmFmZmlybXRydXN0LmNvbS9yZXBvc2l0b3J5MTEwLwYDVQQDEyhB +ZmZpcm1UcnVzdCBFeHRlbmRlZCBWYWxpZGF0aW9uIENBIC0gRVYyMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDDZHfxkB1nAGFKdw0VCgV+B/eBtW1o+ +bXzwRcpeFh5saDI+tv1RAMrYFq+AJkXCCJopgMF2Wqfv5myE3JMgxEHuuKUpJz7H +FprrFckVOGCtJKH8Iy9AWPjBwt8lKmxGJF7EZst+QoVt4hMe0qhL0WEKbATFPe41 +DcM7UsyQv6Bvpn424uePy3/1ATIsVL3YmvAbUNR0aqVxYAJzTefvyIet/761bKGc +NyqdOVWFFeTDtr8iL1TBXToAgl0GJ39bFQZsP19VcCpfk9Zj3YHTPRPq5wZOZuUN +F7jiBUEi6DaVOi3Wy4vdySHtWPeBHRYif1I6fcUfdCNORMc4ee6KewIDAQABo4IB +UTCCAU0wNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC5h +ZmZpcm10cnVzdC5jb20wHQYDVR0OBBYEFHN8mjhoPFF8QQj+oR8qHrRh2808MBIG +A1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAUncBnpgwi2Sb1RaumZVIRJ9hF +rGMwRwYDVR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3 +LmFmZmlybXRydXN0LmNvbS9yZXBvc2l0b3J5MEYGA1UdHwQ/MD0wO6A5oDeGNWh0 +dHA6Ly9jcmwuYWZmaXJtdHJ1c3QuY29tL2NybC9BZmZpcm1UcnVzdFByZW1pdW0u +Y3JsMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH +AwIwDQYJKoZIhvcNAQELBQADggIBABi64UEwl3l0yIiuSACyVQQIBI60BUmhseac +4BzCAsJrR5tE/2U9QAa2y6JpR1nqm76DJvw1QQgvFcNe+fkwpvoViCaSTbZkGGwD +mQe2xRSYJcDSMQUc/GgzLcX2c1CrexQXE1vwV/q33af1en5s1GzLl915aNS/k1ch +G7EMruJ/D4cuH9j4j2i+b+llmVBzavBwelN5rc693o+Ot9id/1sTWNugwAu3uXGb +VlhETMnjXGIciegOLdWYhWBln0izYlt9IwlDEpjMVaZ0HZlj2JBGaSe4PfEFpJPO +beuPcQpLQGw2XpW2ZMG5JcRYaoKWjixXAGktRA3H9nvVW92jvzx/RX484w2ZM5Rt +E+I1ikAuQLAyWG7clht387e2RuC3NZTtefSyjE3L9gQDOPC+Z9ycwr0WJHRsxFvh +FJQi3JnxgFZf5mc5n2mh3qAgALTNOUHuDiHrerjTOWbpF/1/NJmo/c/YZ63vZIhc +EaER4HuhbBqlpf6z3WOIQdZm1ChwXYHrEcLDgfwm9cXoaVK2HZapkMwQbPffPlT1 +E+AxRFB4YmT1y2WzdaHfhFA9nH6ByUdL5+FfrDoIIUO2e8OLOAcrJsf5+unhAhc0 +v7N48JWdmpstjkXCaCIaidrZLJxS+pikNgHB1dXF/TxokLTiPB9jcYKdGaYs3XHb +YKLdwubu +-----END CERTIFICATE----- diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/entrust/affirmtrustpremiumeccca-chain.pem b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/entrust/affirmtrustpremiumeccca-chain.pem new file mode 100644 index 00000000000..37b1b787084 --- /dev/null +++ b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/entrust/affirmtrustpremiumeccca-chain.pem @@ -0,0 +1,63 @@ +Root Certificate: + Version: 3 (0x2) + Serial Number: 8401224907861490260 (0x7497258ac73f7a54) + Signature Algorithm: ecdsa-with-SHA384 + Issuer: C=US, O=AffirmTrust, CN=AffirmTrust Premium ECC + Validity + Not Before: Jan 29 14:20:24 2010 GMT + Not After : Dec 31 14:20:24 2040 GMT + +-----BEGIN CERTIFICATE----- +MIIF0zCCBVmgAwIBAgIQFVwk9nYUM5SYOnBd+IoGtzAKBggqhkjOPQQDAzCBhTEL +MAkGA1UEBhMCQ0ExFDASBgNVBAoTC0FmZmlybVRydXN0MSswKQYDVQQLEyJTZWUg +d3d3LmFmZmlybXRydXN0LmNvbS9yZXBvc2l0b3J5MTMwMQYDVQQDEypBZmZpcm1U +cnVzdCBFeHRlbmRlZCBWYWxpZGF0aW9uIENBIC0gRVZFQzEwHhcNMjQwNjI4MjE0 +OTUwWhcNMjUwNzI4MjE0OTQ4WjCB2DELMAkGA1UEBhMCQ0ExEDAOBgNVBAgTB09u +dGFyaW8xDzANBgNVBAcTBk90dGF3YTETMBEGCysGAQQBgjc8AgEDEwJDQTEYMBYG +CysGAQQBgjc8AgECEwdPbnRhcmlvMRwwGgYDVQQKExNBZmZpcm10cnVzdCBMaW1p +dGVkMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjEQMA4GA1UEBRMHMjU0 +MDU0NzEoMCYGA1UEAxMfdmFsaWRwcmVtaXVtZWNjLmFmZmlybXRydXN0LmNvbTB2 +MBAGByqGSM49AgEGBSuBBAAiA2IABEkLBzBYSJPRENKDaA1iBPQz+jZUV+OoM9nJ +sr9sMfmHaqr3nlWxAMM99b9/usVfYyUxqyi+YL2Z3ZSxjX2dpyhwMtPpIQkL1pMW +Iv55XBIcYRyl2NjcADS9B06G+nnix6OCAzcwggMzMAwGA1UdEwEB/wQCMAAwHQYD +VR0OBBYEFP+37ywf2YJJ/4CEVy1GY4ioGm1yMB8GA1UdIwQYMBaAFMaQjAKD113j +vjucLtVlfSoQYO7lMG4GCCsGAQUFBwEBBGIwYDAnBggrBgEFBQcwAYYbaHR0cDov +L29jc3AuYWZmaXJtdHJ1c3QuY29tMDUGCCsGAQUFBzAChilodHRwOi8vYWlhLmFm +ZmlybXRydXN0LmNvbS9hZnRldmVjMWNhLmNydDA+BgNVHR8ENzA1MDOgMaAvhi1o +dHRwOi8vY3JsLmFmZmlybXRydXN0LmNvbS9jcmwvYWZ0ZXZlYzFjYS5jcmwwKgYD +VR0RBCMwIYIfdmFsaWRwcmVtaXVtZWNjLmFmZmlybXRydXN0LmNvbTAOBgNVHQ8B +Af8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFYGA1UdIARP +ME0wBwYFZ4EMAQEwQgYKKwYBBAGCjwkCBDA0MDIGCCsGAQUFBwIBFiZodHRwczov +L3d3dy5hZmZpcm10cnVzdC5jb20vcmVwb3NpdG9yeTCCAX4GCisGAQQB1nkCBAIE +ggFuBIIBagFoAHUA5tIxY0B3jMEQQQbXcbnOwdJA9paEhvu6hzId/R43jlAAAAGQ +YNN5tQAABAMARjBEAiAnainEoBGI9czVh+c9QLPL30S3Rtov8zrnhlXfeKLzZQIg +UGkntBMux0MqHt9Aj60qMsS/C4ZWF7AihVVaUKcrEVgAdgAN4fIwK9MNwUBiEgnq +VS78R3R8sdfpMO8OQh60fk6qNAAAAZBg03m1AAAEAwBHMEUCIGI9kBByoozH4cfS +ECW/O2N/ElkdATkt7EwQ52kcc4ICAiEA9QTh8JlJTb/ytYC1ECX0vQbrYVexg+fu +dw7dfToF9nAAdwAS8U40vVNyTIQGGcOPP3oT+Oe1YoeInG0wBYTr5YYmOgAAAZBg +03ndAAAEAwBIMEYCIQCox5nSCcVB2AfNYXco77zsJnYP7KAU2I4VA2GNL7I4wQIh +AP6WEzyfBoGpYYqFmNnJUavyhKBmeNiR7eNtaFwpSc+UMAoGCCqGSM49BAMDA2gA +MGUCMAGSNMXAAKDRk0ZOtydN95Rkja97+70TatCIIxEAsJD8Hu7lfj2LHCYFQjVY +oaWTrQIxAKUudx7E/JnjsthuL6sNqKVHfD3iLUJyQNK9wE0SVt1xAm7Cu1JXZORE +M64KMKoQFQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDXDCCAuKgAwIBAgIQAgKlhME0Bk3J8y0gfqNymDAKBggqhkjOPQQDAzBFMQsw +CQYDVQQGEwJVUzEUMBIGA1UECgwLQWZmaXJtVHJ1c3QxIDAeBgNVBAMMF0FmZmly +bVRydXN0IFByZW1pdW0gRUNDMB4XDTE5MDMyMTIwNTUwN1oXDTMwMTIwMjA0MDAw +MFowgYUxCzAJBgNVBAYTAkNBMRQwEgYDVQQKEwtBZmZpcm1UcnVzdDErMCkGA1UE +CxMiU2VlIHd3dy5hZmZpcm10cnVzdC5jb20vcmVwb3NpdG9yeTEzMDEGA1UEAxMq +QWZmaXJtVHJ1c3QgRXh0ZW5kZWQgVmFsaWRhdGlvbiBDQSAtIEVWRUMxMHYwEAYH +KoZIzj0CAQYFK4EEACIDYgAEu9f5NkumdaVlmaNaxpDB+rBk/S6lhqcUU1zTLcRz +4G0dr4290hezjrvZJxGJ/X15aexpdD2V9cwaPD/yuEJcaaz+rg/qDoqQF3+AFqVc +41jw1E0S59+57XVKLtXI7Xh6o4IBVDCCAVAwNwYIKwYBBQUHAQEEKzApMCcGCCsG +AQUFBzABhhtodHRwOi8vb2NzcC5hZmZpcm10cnVzdC5jb20wHQYDVR0OBBYEFMaQ +jAKD113jvjucLtVlfSoQYO7lMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgw +FoAUmq8pesARNTUmUTAAw2r+QNWu1jwwRwYDVR0gBEAwPjA8BgRVHSAAMDQwMgYI +KwYBBQUHAgEWJmh0dHBzOi8vd3d3LmFmZmlybXRydXN0LmNvbS9yZXBvc2l0b3J5 +MEkGA1UdHwRCMEAwPqA8oDqGOGh0dHA6Ly9jcmwuYWZmaXJtdHJ1c3QuY29tL2Ny +bC9BZmZpcm1UcnVzdFByZW1pdW1FQ0MuY3JsMA4GA1UdDwEB/wQEAwIBhjAdBgNV +HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwCgYIKoZIzj0EAwMDaAAwZQIwHJ5g +a6sHvQ51DGr0bWq34awuwlWbybC2grHoNp5uYapcXr/qTJusb/6n+dczqFdaAjEA +7VQY06fE9ifMnTgT9824jc3+H6kfhMk4PoIj9ouWdYfc1DyTBS/low9Hb8liQyFr +-----END CERTIFICATE----- diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/entrust/entrust2048ca-chain.pem b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/entrust/entrust2048ca-chain.pem new file mode 100644 index 00000000000..253072d00ed --- /dev/null +++ b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/entrust/entrust2048ca-chain.pem @@ -0,0 +1,76 @@ +Root Certificate: + Version: 3 (0x2) + Serial Number: 946069240 (0x3863def8) + Signature Algorithm: sha1WithRSAEncryption + Issuer: O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048) + Validity + Not Before: Dec 24 17:50:51 1999 GMT + Not After : Jul 24 14:15:12 2029 GMT + +-----BEGIN CERTIFICATE----- +MIIGiDCCBXCgAwIBAgIQS5P8oVcgTBT74PnIwDQivjANBgkqhkiG9w0BAQsFADCB +ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT +H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy +MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG +A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0y +MzEwMDIxOTE4MTBaFw0yNDExMDIxOTE4MDlaMGkxCzAJBgNVBAYTAkNBMRAwDgYD +VQQIEwdPbnRhcmlvMQ8wDQYDVQQHEwZPdHRhd2ExGDAWBgNVBAoTD0VudHJ1c3Qg +TGltaXRlZDEdMBsGA1UEAxMUMjA0OHRlc3QuZW50cnVzdC5uZXQwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgkrsKoDEHyJjll/fu7mjvtbookb50rzTI +i+jQzvtL8AJOcCfxJL1cVriufc/zRYdSQeRJxkbUb+SqIJkec+27onPpY3xOjJAK +bWdmac1Iv9JPXYMpKJXnOGrooeXEtCcKSKphx4VhHnLA67BGfSNfHLm4JwghX4jY +VpZ8P89gmh8l1eLRP+b3y7OzEkFliwmErALSD8i/bkzE+GxYMnpg/HI2Iw1lakxE +wZOg0ydgl7jHWZUDdnxhAvLS/hfzPVhi9ZwgoXQJiUXUp0JJo6QgVOIC5IztpdZa +3HW1VK7a0eTLhmdFRx39ARn/GbbIyoIqUzLOhAa2cbsGIJjtXjhrAgMBAAGjggLY +MIIC1DAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRHn0CebGnHRqTZTeTYCbPHhiVB +MzAfBgNVHSMEGDAWgBSConB03bxTP8971PfNf6dgxgpMvzBoBggrBgEFBQcBAQRc +MFowIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1c3QubmV0MDMGCCsGAQUF +BzAChidodHRwOi8vYWlhLmVudHJ1c3QubmV0L2wxay1jaGFpbjI1Ni5jZXIwMwYD +VR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9sZXZlbDFrLmNy +bDAfBgNVHREEGDAWghQyMDQ4dGVzdC5lbnRydXN0Lm5ldDAOBgNVHQ8BAf8EBAMC +BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBMGA1UdIAQMMAowCAYG +Z4EMAQICMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdwA/F0tP1yJHWJQdZRyE +vg0S7ZA3fx+FauvBvyiF7PhkbgAAAYrx05lbAAAEAwBIMEYCIQDbMXKdzSr90jM+ +TekjpqVTEBDDvub7+AEx/kQYzf9gugIhAKPCjJmIh1NZrKkwK8MsOEL4jkN6FJ/h +4kiiJoze3fB/AHYAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGK +8dOZVAAABAMARzBFAiAW11p7sV2byjrpk6AMQrMGwV2CuT3AKNuQVyxva7XQPAIh +AP1P7DfYsZ1aR12Tkg2x2BYjFrlsJCl36n5I/565xQk4AHUA2ra/az+1tiKfm8K7 +XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGK8dOZnwAABAMARjBEAiA43NURCcnHNpkH +XggwpVY9QYNIEAjpHEcPmyXJuQ9y8QIgPqx0MnlKXLuJVReuI5Hzc3iFtcYo070d +UYWH2AuVaFwwDQYJKoZIhvcNAQELBQADggEBAIZoSHApNF6DNYvGKHZJX411QkA0 +5zkq3dcm95BFomaqroEp1QeUeQ8e6xofUs84CURzopE9P81JBHX2Qzb/VeBzZOKy +dekaoz4NGW5ZvpMh7HXXaUpHKU/xZ5uUHVSatBU+cnidPhgn1czntqOwjzsgEZNW +/wbPEjqvIrZvAW4DPak/MSwlENys4ty5gX4453S5gwd18b+NFBq44O/FofR8bvWU +3lJ3VcVeONDzTcXPv+Yd1SlyO1/eXdWlFqloYFjkpcQ4wSLbOEeiWWITkZ0xCAxQ +j8uWuDOSyFQLpaPJvEuG1dlho7RZdor0flUIxYfqg2Nr4Svq1ezskwrdQm0= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFKjCCBBKgAwIBAgIQLgRRzl0kJMcrXWV2cWUG2DANBgkqhkiG9w0BAQsFADCB +tDEUMBIGA1UEChMLRW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5l +dC9DUFNfMjA0OCBpbmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNV +BAsTHChjKSAxOTk5IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1 +c3QubmV0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw0yMjExMjUy +MTE5NDNaFw0yOTA3MjMwMDAwMDBaMIG6MQswCQYDVQQGEwJVUzEWMBQGA1UEChMN +RW50cnVzdCwgSW5jLjEoMCYGA1UECxMfU2VlIHd3dy5lbnRydXN0Lm5ldC9sZWdh +bC10ZXJtczE5MDcGA1UECxMwKGMpIDIwMTIgRW50cnVzdCwgSW5jLiAtIGZvciBh +dXRob3JpemVkIHVzZSBvbmx5MS4wLAYDVQQDEyVFbnRydXN0IENlcnRpZmljYXRp +b24gQXV0aG9yaXR5IC0gTDFLMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC +AQEA2j+W0E25L0Tn2zlem1DuXKVh2kFnUwmqAJqOV38pa9vH4SEkqjrQjUcj0u1y +FvCRIdJdt7hLqIOPt5EyaM/OJZMssn2XyP7BtBe6CZ4DkJN7fEmDImiKm95HwzGY +ei59QAvS7z7Tsoyqj0ip/wDoKVgG97aTWpRzJiatWA7lQrjV6nN5ZGhTJbiEz5R6 +rgZFDKNrTdDGvuoYpDbwkrK6HIiPOlJ/915tgxyd8B/lw9bdpXiSPbBtLOrJz5RB +GXFEaLpHPATpXbo+8DX3Fbae8i4VHj9HyMg4p3NFXU2wO7GOFyk36t0FASK7lDYq +jVs1/lMZLwhGwSqzGmIdTivZGwIDAQABo4IBLjCCASowEgYDVR0TAQH/BAgwBgEB +/wIBADAdBgNVHQ4EFgQUgqJwdN28Uz/Pe9T3zX+nYMYKTL8wHwYDVR0jBBgwFoAU +VeSB0RGAvtiJuQijMfmhJAkWuXAwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzAB +hhdodHRwOi8vb2NzcC5lbnRydXN0Lm5ldDAyBgNVHR8EKzApMCegJaAjhiFodHRw +Oi8vY3JsLmVudHJ1c3QubmV0LzIwNDhjYS5jcmwwDgYDVR0PAQH/BAQDAgEGMB0G +A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA8BgNVHSAENTAzMDEGBFUdIAAw +KTAnBggrBgEFBQcCARYbaHR0cHM6Ly93d3cuZW50cnVzdC5uZXQvcnBhMA0GCSqG +SIb3DQEBCwUAA4IBAQAuAlHLO8CoKt2a4I23UDkKc7kQI3nUkWqq2RxRh8a/4TEF +C9WSF03EHVBW9JZZcrZ3ZdTDRsNF8vSqmCABz1FLu6vw3D3bEXELonAYlkmeFFV7 +1hiW9AdyMJD92XsXiU0Yr9J76Tk4iknMTTHiZXdZOcPMOXlMwPy++HS5tTIyqO0d +zl1PS8tlCcZrKaNNKbmiIWPhmBUSog9IQt2VKpoAIP8tlvRt5tHf5qW5m7vp7qmG +HF2ou54+qQIXO6jIP8CQ4xWvj0aiLklTNMkvXesaVq0xzNgRkx9ZzhREfbuM6eWc +GQHwG7m+JmfL+u1dCAZhh4Uyn5oLU9gogFM6v4jX +-----END CERTIFICATE----- diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/entrust/entrustevca-chain.pem b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/entrust/entrustevca-chain.pem new file mode 100644 index 00000000000..e9c06b19c69 --- /dev/null +++ b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/entrust/entrustevca-chain.pem @@ -0,0 +1,79 @@ +Root Certificate: + Version: 3 (0x2) + Serial Number: 1164660820 (0x456b5054) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority + Validity + Not Before: Nov 27 20:23:42 2006 GMT + Not After : Nov 27 20:53:42 2026 GMT + +-----BEGIN CERTIFICATE----- +MIIHEjCCBfqgAwIBAgIQFhH4VGskTR+tQK3JbN63kTANBgkqhkiG9w0BAQsFADCB +sTELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsT +MHd3dy5lbnRydXN0Lm5ldC9ycGEgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5j +ZTEfMB0GA1UECxMWKGMpIDIwMDkgRW50cnVzdCwgSW5jLjEuMCwGA1UEAxMlRW50 +cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxRTAeFw0yNDA2MjgyMTQw +NDVaFw0yNTA3MjgyMTQwNDRaMIHIMQswCQYDVQQGEwJDQTEQMA4GA1UECBMHT250 +YXJpbzEPMA0GA1UEBxMGT3R0YXdhMRMwEQYLKwYBBAGCNzwCAQMTAkNBMRgwFgYL +KwYBBAGCNzwCAQITB09udGFyaW8xGDAWBgNVBAoTD0VudHJ1c3QgTGltaXRlZDEd +MBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEDAOBgNVBAUTBzE5MTM2MDUx +HDAaBgNVBAMTE3ZhbGlkZXYuZW50cnVzdC5uZXQwggEiMA0GCSqGSIb3DQEBAQUA +A4IBDwAwggEKAoIBAQDL2vkrBEZ5qeVdac1C01bcNnoeCU3AVU3Fh1Ifldic9/Gw +xqNVOFYQNzTk8M62FnPUvas4MnXmeBkPhhym+dnjsM22EeS2p6gTlvOGtJFVr+Ix +vq1UAKtqK0gYGriW6SexroSYiG1O0aeqEnKSLlEBHYhmacj2jlbx0ToxMfdBMRRq +4UjnIrh/CBochxt7aKv525tChnZGMT06QKAjx71w2cou0C05v83KJ75EI4EAmTfE +z9sKJeST5pH5MI3WKcP6ZmXynKYSIpIGb4Z8B9Ftp8HdzdR9EafOSlRlbIkEn3lm +nq4UCph48/PsUcJoViBCoY6zDLcPGt3gGQVIjq3vAgMBAAGjggMLMIIDBzAMBgNV +HRMBAf8EAjAAMB0GA1UdDgQWBBRF6MZkqXf3sICXuvbrBH1R9I8bAjAfBgNVHSME +GDAWgBRbQYqyxEPBvb/IVEFVneCWrf+5oTBlBggrBgEFBQcBAQRZMFcwIwYIKwYB +BQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1c3QubmV0MDAGCCsGAQUFBzAChiRodHRw +Oi8vYWlhLmVudHJ1c3QubmV0L2wxZS1jaGFpbi5jZXIwMwYDVR0fBCwwKjAooCag +JIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9sZXZlbDFlLmNybDAeBgNVHREEFzAV +ghN2YWxpZGV2LmVudHJ1c3QubmV0MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU +BggrBgEFBQcDAQYIKwYBBQUHAwIwSwYDVR0gBEQwQjAHBgVngQwBATA3BgpghkgB +hvpsCgECMCkwJwYIKwYBBQUHAgEWG2h0dHBzOi8vd3d3LmVudHJ1c3QubmV0L3Jw +YTCCAX0GCisGAQQB1nkCBAIEggFtBIIBaQFnAHUAEvFONL1TckyEBhnDjz96E/jn +tWKHiJxtMAWE6+WGJjoAAAGQYMsp8gAABAMARjBEAiAL794Fw7wyzricvRl+2AON +FbGf2hwDB3wh8RkGLBRQ7AIgTCarii0atho7ZeUO3h66Ug7s7WxnF9onDZrtoMrH +U9MAdQAN4fIwK9MNwUBiEgnqVS78R3R8sdfpMO8OQh60fk6qNAAAAZBgyyoMAAAE +AwBGMEQCIFaXc4M9C9mNukrV68Sc2E5lw9srQ80nMBCGseY99nFxAiAppQmR9FKC +TE/ROlgZRfimx61W4k+SaQ52eek4JNWXXwB3ABoE/0nQVB1Ar/agw7/x2MRnL07s +7iNAaJhrF0Au3Il9AAABkGDLKi0AAAQDAEgwRgIhAPFUevU47H5uJqYL5y1ClFS7 +mEve7E8350JKnR1VykGLAiEArn7VAJcmRNNCDAegsHCCLlpasz9PLHFd9XHQAwvL +IFwwDQYJKoZIhvcNAQELBQADggEBAHfMCQP5Y+7IYzqOh5D/81WqHagmWOqkJYsN +33uux44fhVGqiG1O5ImTQsxJpt/HmDuK1qLEjG31Y9q89U91KAqLQauCQ5iMXrBg +TlwK8kzO1XYC5KkpO5ZWanqfjOahM9mkEKHPV9srwj6xTbInCq9DabRwuWyohj3b +EKrmB016TOT0hJ94jCb8PWl15oQJdsGlEfrG7amtDSRuoDHVA3nXJIJqx5LVnErB +glfsAmP8TPkWYY8kuNE2Rjr2M6P5LRLEvtRELCQF3lPuY0+xxGksGVM207YqhYKv +GzMmA8c7tF3ZclbE0rUA2T8FuBuweAV8tnWq2TaeAHWIJ4nY17s= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFHjCCBAagAwIBAgIRAIZmsCrBy1RAAAAAAFHTWJwwDQYJKoZIhvcNAQELBQAw +gbAxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMTkwNwYDVQQL +EzB3d3cuZW50cnVzdC5uZXQvQ1BTIGlzIGluY29ycG9yYXRlZCBieSByZWZlcmVu +Y2UxHzAdBgNVBAsTFihjKSAyMDA2IEVudHJ1c3QsIEluYy4xLTArBgNVBAMTJEVu +dHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xOTA2MTkxNjUy +MDhaFw0yNjExMTkxNzIyMDhaMIGxMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNRW50 +cnVzdCwgSW5jLjE5MDcGA1UECxMwd3d3LmVudHJ1c3QubmV0L3JwYSBpcyBpbmNv +cnBvcmF0ZWQgYnkgcmVmZXJlbmNlMR8wHQYDVQQLExYoYykgMjAwOSBFbnRydXN0 +LCBJbmMuMS4wLAYDVQQDEyVFbnRydXN0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5 +IC0gTDFFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlsEVHfdDiRm +3Cqh24DMXcdf/VIWWNpflAapuLa5YwxHIILsx5VOi7h3Umo9tYep1uHMdOWmyMDU +Vk+NLtYIPgxMQz7wQZNeRu8559llKgx2UCe9Ww0zMwfg96KpnOERM61m/NIseqqj +cxa+k4V1D9c3jPojt2T440xu7bMFveI223zedkTagnJ2tm7/lKHQhvcQzUpai7B1 +jGZSgE5ITEmDpkDXd4ETTV5yfkhGIqoP4j5llDjhcnH+SnEJujV/VYk9gdW4KAEQ +dzZaEIXSvWCEK0lhlAzeTEBqKsR5YIQkgjJpSphL4lYQugNFUSDTz9qOVBtFtnq6 +l5pa2MbRXwIDAQABo4IBLjCCASowDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQG +CCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEAMDMGCCsGAQUF +BwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMwYD +VR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9yb290Y2ExLmNy +bDA7BgNVHSAENDAyMDAGBFUdIAAwKDAmBggrBgEFBQcCARYaaHR0cDovL3d3dy5l +bnRydXN0Lm5ldC9ycGEwHQYDVR0OBBYEFFtBirLEQ8G9v8hUQVWd4Jat/7mhMB8G +A1UdIwQYMBaAFGiQ5GekplOAx4ZmpPH3S0P7hL1tMA0GCSqGSIb3DQEBCwUAA4IB +AQAPUNBX97sqIXZl/zLu53iv7a0HK7prvD0cVaZM0yRfVptvARgjIZZzTtv32v6X +wSr4fDeRmpLaTWtipBGSqh3fNkTSVT8GGBq6+h1lrPEYv6jnStDf7VLQxVliKt2w +h34JjgRUx9rdia30tk/EpPavkxxPks8vjoLN3f4dbkIY/sfljyZbseqVLx9kl/we +OvqL6jZgaQOapFQLZJze7VwLiPVuUnW8ddK3JIE1a5YCZs0irIW5+96ttznIgPK2 +aUOmHQp/zasi7SFl49HrKGKWtZuyDB9U56e01H6PDTpSSSTPyLsSVg3JALHBPDzS +bBraAU3wuAyc3BQ4OIOmwwnT +-----END CERTIFICATE----- diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/entrust/entrustrootcaec1-chain.pem b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/entrust/entrustrootcaec1-chain.pem new file mode 100644 index 00000000000..8ea22c05b80 --- /dev/null +++ b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/entrust/entrustrootcaec1-chain.pem @@ -0,0 +1,66 @@ +Root Certificate: + Version: 3 (0x2) + Serial Number: + a6:8b:79:29:00:00:00:00:50:d0:91:f9 + Signature Algorithm: ecdsa-with-SHA384 + Issuer: C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2012 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - EC1 + Validity + Not Before: Dec 18 15:25:36 2012 GMT + Not After : Dec 18 15:55:36 2037 GMT + +-----BEGIN CERTIFICATE----- +MIIFzDCCBVOgAwIBAgIQcbNJ8XJLeT3fV8DU3QNYSDAKBggqhkjOPQQDAzCBujEL +MAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1Nl +ZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDE2 +IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwGA1UE +AxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSjAeFw0yNDA2 +MjgyMTM5MzVaFw0yNTA3MjgyMTM5MzRaMIHLMQswCQYDVQQGEwJDQTEQMA4GA1UE +CBMHT250YXJpbzEPMA0GA1UEBxMGT3R0YXdhMRMwEQYLKwYBBAGCNzwCAQMTAkNB +MRgwFgYLKwYBBAGCNzwCAQITB09udGFyaW8xGDAWBgNVBAoTD0VudHJ1c3QgTGlt +aXRlZDEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgNVBAUTCjEw +MDA0OTI4NzkxHDAaBgNVBAMTE3ZhbGlkZWMuZW50cnVzdC5uZXQwdjAQBgcqhkjO +PQIBBgUrgQQAIgNiAAS90ZyZ86Gl5Fh1qJ/70UwyQWATu3igiQLeVVvZ4G79SBEG +Xc4TcAn0LzBhfJonAzWFkAS860ARjvFHgUj0otyT+Q2/zC9c8CjOsL3bYp3SNUbC +FWBhIV0vhGGY8NafeXCjggMJMIIDBTAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTP +DXJE/iZfi5wUSAo4GN4thBCCHDAfBgNVHSMEGDAWgBTD+UUDvsj5CzxFNfPrcuzn +6OuUmzBjBggrBgEFBQcBAQRXMFUwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVu +dHJ1c3QubmV0MC4GCCsGAQUFBzAChiJodHRwOi8vYWlhLmVudHJ1c3QubmV0L2wx +ai1lYzEuY2VyMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZW50cnVzdC5u +ZXQvbGV2ZWwxai5jcmwwHgYDVR0RBBcwFYITdmFsaWRlYy5lbnRydXN0Lm5ldDAO +BgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEsG +A1UdIAREMEIwBwYFZ4EMAQEwNwYKYIZIAYb6bAoBAjApMCcGCCsGAQUFBwIBFhto +dHRwczovL3d3dy5lbnRydXN0Lm5ldC9ycGEwggF9BgorBgEEAdZ5AgQCBIIBbQSC +AWkBZwB1AA3h8jAr0w3BQGISCepVLvxHdHyx1+kw7w5CHrR+Tqo0AAABkGDKGokA +AAQDAEYwRAIgZwtzml8YzKjqeP86zX+88q8sHOt//2Qmahr2tk97ozUCIFCOM2nF +s1GJVBjKQZEH8QqkivVp+Cai9pC/57TiOmCOAHUAzPsPaoVxCWX+lZtTzumyfCLp +hVwNl422qX5UwP5MDbAAAAGQYMoamAAABAMARjBEAiEA37X8EgQAUzLxn/Ny1Yx3 +uszQF5D85m8vZ0otf8nHzuwCH168zpAxzKS71Fz6CgmDS0QZOfBSYFBD+Pdcm6e1 +ilkAdwAS8U40vVNyTIQGGcOPP3oT+Oe1YoeInG0wBYTr5YYmOgAAAZBgyhq6AAAE +AwBIMEYCIQCljVuYzRe6oQTZPdx0tGhIQSOwM1JbxoMJu2cW+gEGLAIhAMSSJoni +0KT3KavwtsSWuuHsWjt8atv6TpJtLmVxCIdlMAoGCCqGSM49BAMDA2cAMGQCMBPY +1dn1Js8F9b08aVCZ3vqDGFTKuzTXaxArf/y/WhLtcHdZPLaYVifQcAKzp1WCFQIw +MvpE6RDccmnZi5TX88p16s8ev/qkegpbf7Xuw1JQEfy2NRwrXc+NwA422EjXBTti +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIID5zCCA2ygAwIBAgIQCoPUgD5+n1EAAAAAUdTB9zAKBggqhkjOPQQDAzCBvzEL +MAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1Nl +ZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDEy +IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEzMDEGA1UE +AxMqRW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRUMxMB4X +DTE2MDQwNTIwMTk1NFoXDTM3MTAwNTIwNDk1NFowgboxCzAJBgNVBAYTAlVTMRYw +FAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1c3Qu +bmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxNiBFbnRydXN0LCBJbmMu +IC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLjAsBgNVBAMTJUVudHJ1c3QgQ2Vy +dGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMUowdjAQBgcqhkjOPQIBBgUrgQQAIgNi +AAT14eFXmpQX/dEf7NAxrMH13n0btz1KKvH2S1rROGPAKex2CY8yxznbffK/MbCk +F7ByYXGs1+8kL5xmTysU/c+YmjOZx2mMSAk2DPw30fijJ3tRrwChZ+TBpgtB6+A5 +MsCjggEuMIIBKjAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADAz +BggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1c3Qu +bmV0MDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZW50cnVzdC5uZXQvZWMx +cm9vdC5jcmwwOwYDVR0gBDQwMjAwBgRVHSAAMCgwJgYIKwYBBQUHAgEWGmh0dHA6 +Ly93d3cuZW50cnVzdC5uZXQvcnBhMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF +BQcDAjAdBgNVHQ4EFgQUw/lFA77I+Qs8RTXz63Ls5+jrlJswHwYDVR0jBBgwFoAU +t2PnGt2N6QimVYOk4GpQQWURQkkwCgYIKoZIzj0EAwMDaQAwZgIxAPnVAOqxKDd7 +v37EBmpPqWCCWBFPKW6HpRx3GUWc9caeQIw8rO2HXYgf92pb/TsJYAIxAJhI0MpR +z5L42xF1R9UIPfQxCMwgsnWBqIqcfMrMO+2DxQy6GIP3cFFj9gRyxguKWw== +-----END CERTIFICATE----- diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/entrust/entrustrootcag2-chain.pem b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/entrust/entrustrootcag2-chain.pem new file mode 100644 index 00000000000..5fcbf9ffc2c --- /dev/null +++ b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/entrust/entrustrootcag2-chain.pem @@ -0,0 +1,80 @@ +Root Certificate: + Version: 3 (0x2) + Serial Number: 1246989352 (0x4a538c28) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2 + Validity + Not Before: Jul 7 17:25:54 2009 GMT + Not After : Dec 7 17:55:54 2030 GMT + +-----BEGIN CERTIFICATE----- +MIIHOzCCBiOgAwIBAgIQWFfRPoYcAxEc+S0tOlD+ljANBgkqhkiG9w0BAQsFADCB +ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT +H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy +MDE0IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG +A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxTTAeFw0y +NDA2MjgyMTQyMTRaFw0yNTA3MjgyMTQyMTNaMIHLMQswCQYDVQQGEwJDQTEQMA4G +A1UECBMHT250YXJpbzEPMA0GA1UEBxMGT3R0YXdhMRMwEQYLKwYBBAGCNzwCAQMT +AkNBMRgwFgYLKwYBBAGCNzwCAQITB09udGFyaW8xGDAWBgNVBAoTD0VudHJ1c3Qg +TGltaXRlZDEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgNVBAUT +CjEwMDA0OTI4NzkxHDAaBgNVBAMTE3ZhbGlkZzIuZW50cnVzdC5uZXQwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZ66eWZS5ytmbHJeHcA9WfnpbGFC04 +Tov7L0NWiStVRPEFrXrGSn6RPriGci6RwrCz5yn47EWjk2AjSD4e5lySDKHwTg+0 +S9pl3lcSd8tQOTbTwVM0EfOxdUlO4IY0jCOSM8rnZUc1JvEIIrXWXWF9AWoDb4BQ +erTefRm/YykFC558PEzn84vU9KoEmDwIP4upWKVutuzBpHWhZW3q9wagg62KifHN +1yaagv4PUGgdkrVkyA1ZO3D7b2RpQjBreOTk+tsTnWtbAkFGtRBOA/2QrEvyqMU7 +eCnpFZMIaj2tKeSLqhIWxzOnrAGUJNp5wLYmVnnhPhHEv1g79pNsZLR3AgMBAAGj +ggMoMIIDJDAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRt85gfkWUjfTKgrLytMp8o +VvOe3zAfBgNVHSMEGDAWgBTD99C1KjCtrw2RIXA5VN28iXDHOjBoBggrBgEFBQcB +AQRcMFowIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1c3QubmV0MDMGCCsG +AQUFBzAChidodHRwOi8vYWlhLmVudHJ1c3QubmV0L2wxbS1jaGFpbjI1Ni5jZXIw +MwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9sZXZlbDFt +LmNybDA3BgNVHREEMDAughN2YWxpZGcyLmVudHJ1c3QubmV0ghd3d3cudmFsaWRn +Mi5lbnRydXN0Lm5ldDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH +AwEGCCsGAQUFBwMCMEsGA1UdIAREMEIwBwYFZ4EMAQEwNwYKYIZIAYb6bAoBAjAp +MCcGCCsGAQUFBwIBFhtodHRwczovL3d3dy5lbnRydXN0Lm5ldC9ycGEwggF+Bgor +BgEEAdZ5AgQCBIIBbgSCAWoBaAB3ABLxTjS9U3JMhAYZw48/ehP457Vih4icbTAF +hOvlhiY6AAABkGDMhQQAAAQDAEgwRgIhAMzddgbnWlodtosz6EMh2Y89n0JR4eMO +v+W6tUp2gVwYAiEA6UKa2eFlX0KdzuZCvTlPgi8DeK3ZI2wffyV2bYMXtsIAdgAN +4fIwK9MNwUBiEgnqVS78R3R8sdfpMO8OQh60fk6qNAAAAZBgzIURAAAEAwBHMEUC +IQDmVH2NlaV2/Y3OaPMXhH+BT63zA+Bh/5aCfPiYrJ7K2AIgRADPHzpwS7bfvVZI +k8QxUBSCDXFmZQOrpamBaEko6YIAdQDM+w9qhXEJZf6Vm1PO6bJ8IumFXA2Xjbap +flTA/kwNsAAAAZBgzIUGAAAEAwBGMEQCIA1CHfNw7cCcJSb3s7ik9Wflf3irqE9G +QKxZ+Y9BOIx0AiA6CMvw7OHjG519E1tZgr/HFRXzxKchBp80dfsaEKxY9zANBgkq +hkiG9w0BAQsFAAOCAQEAqvn1CTObiV5zKVY6NWjGK49Wqsr9t1ok/h/yfKRmr36O +UZkMTPANj0uhwM4gtieTze9hnNzEkx1ec6G40JyABRiSX+0dtq3n8wiW3d8G1Qj5 +/s8yZ13/ATrdjjr1mlGOvh0sgWTTPaQpl8ijXTy40GYpZIUXXBK09Rm6W0siq+7m +OHNpJR4APWOBBU4QwiWrHHsFq4KvwxiTjNWWizCOnZwVi3awNBoDD/Iwszn+trOA +8U/1SsHGuPBWKajcGorwi2zQ99JxAwJJ8XNBCekynjbPZYx52KkqfR07Fd2Occbl +3lh3wXrepzzU1a6vdyiQpagX8btyIqQpAzytypzaLQ== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIFLTCCBBWgAwIBAgIMYaHn0gAAAABR02amMA0GCSqGSIb3DQEBCwUAMIG+MQsw +CQYDVQQGEwJVUzEWMBQGA1UEChMNRW50cnVzdCwgSW5jLjEoMCYGA1UECxMfU2Vl +IHd3dy5lbnRydXN0Lm5ldC9sZWdhbC10ZXJtczE5MDcGA1UECxMwKGMpIDIwMDkg +RW50cnVzdCwgSW5jLiAtIGZvciBhdXRob3JpemVkIHVzZSBvbmx5MTIwMAYDVQQD +EylFbnRydXN0IFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMjAeFw0x +NDEyMTUxNTI1MDNaFw0zMDEwMTUxNTU1MDNaMIG6MQswCQYDVQQGEwJVUzEWMBQG +A1UEChMNRW50cnVzdCwgSW5jLjEoMCYGA1UECxMfU2VlIHd3dy5lbnRydXN0Lm5l +dC9sZWdhbC10ZXJtczE5MDcGA1UECxMwKGMpIDIwMTQgRW50cnVzdCwgSW5jLiAt +IGZvciBhdXRob3JpemVkIHVzZSBvbmx5MS4wLAYDVQQDEyVFbnRydXN0IENlcnRp +ZmljYXRpb24gQXV0aG9yaXR5IC0gTDFNMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEA0IHBOSPCsdHs91fdVSQ2kSAiSPf8ylIKsKs/M7WwhAf23056sPuY +Ij0BrFb7cW2y7rmgD1J3q5iTvjOK64dex6qwymmPQwhqPyK/MzlG1ZTy4kwFItln +gJHxBEoOm3yiydJs/TwJhL39axSagR3nioPvYRZ1R5gTOw2QFpi/iuInMlOZmcP7 +lhw192LtjL1JcdJDQ6Gh4yEqI3CodT2ybEYGYW8YZ+QpfrI8wcVfCR5uRE7sIZlY +FUj0VUgqtzS0BeN8SYwAWN46lsw53GEzVc4qLj/RmWLoquY0djGqr3kplnjLgRSv +adr7BLlZg0SqCU+01CwBnZuUMWstoc/B5QIDAQABo4IBKzCCAScwDgYDVR0PAQH/ +BAQDAgEGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATASBgNVHRMBAf8E +CDAGAQH/AgEAMDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29j +c3AuZW50cnVzdC5uZXQwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL2NybC5lbnRy +dXN0Lm5ldC9nMmNhLmNybDA7BgNVHSAENDAyMDAGBFUdIAAwKDAmBggrBgEFBQcC +ARYaaHR0cDovL3d3dy5lbnRydXN0Lm5ldC9ycGEwHQYDVR0OBBYEFMP30LUqMK2v +DZEhcDlU3byJcMc6MB8GA1UdIwQYMBaAFGpyJnrQHu995ztpUdRsjZ+QEmarMA0G +CSqGSIb3DQEBCwUAA4IBAQC0h8eEIhopwKR47PVPG7SEl2937tTPWa+oQ5YvHVje +pvMVWy7ZQ5xMQrkXFxGttLFBx2YMIoYFp7Qi+8VoaIqIMthx1hGOjlJ+Qgld2dnA +DizvRGsf2yS89byxqsGK5Wbb0CTz34mmi/5e0FC6m3UAyQhKS3Q/WFOv9rihbISY +Jnz8/DVRZZgeO2x28JkPxLkJ1YXYJKd/KsLak0tkuHB8VCnTglTVz6WUwzOeTTRn +4Dh2ZgCN0C/GqwmqcvrOLzWJ/MDtBgO334wlV/H77yiI2YIowAQPlIFpI+CRKMVe +1QzX1CA778n4wI+nQc1XRG5sZ2L+hN/nYNjvv9QiHg3n +-----END CERTIFICATE----- diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/entrust/entrustrootcag4-chain.pem b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/entrust/entrustrootcag4-chain.pem new file mode 100644 index 00000000000..e649abf28b3 --- /dev/null +++ b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/entrust/entrustrootcag4-chain.pem @@ -0,0 +1,92 @@ +Root Certificate: + Version: 3 (0x2) + Serial Number: + d9:b5:43:7f:af:a9:39:0f:00:00:00:00:55:65:ad:58 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2015 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G4 + Validity + Not Before: May 27 11:11:16 2015 GMT + Not After : Dec 27 11:41:16 2037 GMT + +-----BEGIN CERTIFICATE----- +MIIIIzCCBwugAwIBAgIQDD4I8FgD7+DVcBLMBwa39jANBgkqhkiG9w0BAQsFADCB +ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT +H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy +MDE0IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG +A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxTjAeFw0y +NDA2MjgyMTQzNTRaFw0yNTA3MjgyMTQzNTNaMIHLMQswCQYDVQQGEwJDQTEQMA4G +A1UECBMHT250YXJpbzEPMA0GA1UEBxMGT3R0YXdhMRMwEQYLKwYBBAGCNzwCAQMT +AkNBMRgwFgYLKwYBBAGCNzwCAQITB09udGFyaW8xGDAWBgNVBAoTD0VudHJ1c3Qg +TGltaXRlZDEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgNVBAUT +CjEwMDA0OTI4NzkxHDAaBgNVBAMTE3ZhbGlkZzQuZW50cnVzdC5uZXQwggIiMA0G +CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCfUHGdeme0jraIiUzPYtuX1G9rlCU1 +eKDqDbsgp7VIS7rI/VgbsS7oKnE6KHP+qGrXRhYdvFLFDa+REY6fVOWkLuTXhVLb +5C7ym2pi0OUMKvrGtDLUxlHiEAmkmjPDl6TLMTDrLgWOLFMRzyeTcxnZtMrxUnAf +yzSPlqm1bkN/oRp2EOiXvuSbci8UA0QswV6g8EUbRB0qyv6OophoaQYo/+KRwTJT +k6S8YDsEJnlDb8tjEhfIUjp2Md5ThBxf5Ib29aXebZ5HFh2x5VPrzOwDUPk0fVNM +pWFfiX79RW6w5Vei5qtretLohbw6b5aJmaJ1LweAEkIlhy5eUuuG6v8Efm8JSAle +eKMtflTigmayaWMVCd2GeB6LajcflAw7BUU2brRMJwMpaeXXhL/mVpjbev/5TtVD ++H9IlW3PMyQnUJc0YuUVmdi1eOM5qoQaQE4BDPHz2G41eDgT8J9Gb1FX5mT+9l2I +iJD47pwcBIw5tHCn2nuz1+8CDuYpfH2+t2LPFHVI15h1scGotZvzUJ5TzPdQqZI7 +K2LTL49Zs2HsObrGr07Vj28WyzkjIfTrVSV/29hgz1zVjUa0uyTeOzrc3VIg7NTv +RoMTTYuUeUoMSmFQ8z9CSGh7cxFlrhGjFO+66++JFNwakAEp7kS5c2qTLaapY9dM +8UMIr5951z994QIDAQABo4IDEDCCAwwwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU +/EjjpmMa/SepMqPlglXS5AbGcScwHwYDVR0jBBgwFoAU7kfRhXHx/S23P7s+Y1h3 +F0lADpUwaAYIKwYBBQUHAQEEXDBaMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5l +bnRydXN0Lm5ldDAzBggrBgEFBQcwAoYnaHR0cDovL2FpYS5lbnRydXN0Lm5ldC9s +MW4tY2hhaW4yNTYuY2VyMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZW50 +cnVzdC5uZXQvbGV2ZWwxbi5jcmwwHgYDVR0RBBcwFYITdmFsaWRnNC5lbnRydXN0 +Lm5ldDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUF +BwMBMEsGA1UdIAREMEIwBwYFZ4EMAQEwNwYKYIZIAYb6bAoBAjApMCcGCCsGAQUF +BwIBFhtodHRwczovL3d3dy5lbnRydXN0Lm5ldC9ycGEwggF/BgorBgEEAdZ5AgQC +BIIBbwSCAWsBaQB2ABLxTjS9U3JMhAYZw48/ehP457Vih4icbTAFhOvlhiY6AAAB +kGDOC9YAAAQDAEcwRQIgWhFWhf2sBQ3ufMH0yubwLDt+3f/b5rScs09o1YEjg6MC +IQDpkgEMWBAM+NV2aCnC8QH+RH6xBqhPPt6JZTm3W+vHkwB3ABoE/0nQVB1Ar/ag +w7/x2MRnL07s7iNAaJhrF0Au3Il9AAABkGDODBQAAAQDAEgwRgIhAOgp+oas+jBr +9wOBo0QDdVQGmP8KJupfRf/MDKO+kSRjAiEA9JnEHTbFHre2TS9habVJA/3jM/t5 +CKtixwQqdpLXQUAAdgAN4fIwK9MNwUBiEgnqVS78R3R8sdfpMO8OQh60fk6qNAAA +AZBgzgwVAAAEAwBHMEUCIBOYI8rl87VepcPQlaGh6AbKhKw1UlbxIf7etR/d2M47 +AiEAkFXOVvzkP6kX/z1yRneYn0mlPbDvAFLsSDghl/gkdtYwDQYJKoZIhvcNAQEL +BQADggEBAJovgoheNHFBUpnodfOiKtpRo8AE6dLuOX1H2uRHiDg0Gza0/w95KkEE +BqjKmJIbJrs2TQJnkM0LjaubHn1TP4XC40qieMXB4ylJzC5FWDZBqMHZmLTvVY01 +irBMyub0On8d1BlEquD2r3KHQFnyUvi/uxzbNJOVbNJYglKhTI+UfcXk7zpHmNG+ ++SbBkpJkuqQ9ujG1K25FRa/01j1p4ZlDrJ3KCT7fDEf10TN0u5VX6moVT9cRVR2U +gX16BV8m/hoJVTD0fBCKIKjtklS//b+Jr49uxWFulrDwlRKyDWmBXLnqsZvpCobi +deDsWiUkcvd+DjNgpDTEHCTrXXjd8tU= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIGMjCCBBqgAwIBAgIRAKvsd/8bQQwHAAAAAFVl2AUwDQYJKoZIhvcNAQELBQAw +gb4xCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL +Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg +MjAxNSBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMjAw +BgNVBAMTKUVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEc0 +MB4XDTE3MTEyMjIwMDQyMFoXDTMwMTIyMjIwMzQyMFowgboxCzAJBgNVBAYTAlVT +MRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1 +c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxNCBFbnRydXN0LCBJ +bmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLjAsBgNVBAMTJUVudHJ1c3Qg +Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMU4wggEiMA0GCSqGSIb3DQEBAQUA +A4IBDwAwggEKAoIBAQDcSG+caYQ4xcvf+dt8bgCEHorO0g5j0H1NOtQzRXgUoG8y +QuRbJX9swyKqQZbsc18YvTV8OKA/uSNE46Jvq47TFPojWWTVLbNDqpM07e4EFYKs +A9NFzAUngijnf3ivnXA6iNPAMXaEhXmhY/YFjk8NoM7Y1PFsA0oj5hamKQ06iO/j +gvBScLmnQ1ju9Qj9IGIg18UL5AJNw0frspLUQBYVrLGaqAy5Nl2BUJKaZ4vnSLvP +nk6YrB15mo1phHae10Ba4fx7R3z8IZ/hby4OXTy/KZpu107VEQPAwTuDK8ZXxB5y +0DSzi4vaw27aLrUsq4aFqUo03gEfC31vWW76TNkFAgMBAAGjggErMIIBJzAOBgNV +HQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEF +BQcDAQYIKwYBBQUHAwIwOwYDVR0gBDQwMjAwBgRVHSAAMCgwJgYIKwYBBQUHAgEW +Gmh0dHA6Ly93d3cuZW50cnVzdC5uZXQvcnBhMDMGCCsGAQUFBwEBBCcwJTAjBggr +BgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMAYDVR0fBCkwJzAloCOg +IYYfaHR0cDovL2NybC5lbnRydXN0Lm5ldC9nNGNhLmNybDAdBgNVHQ4EFgQU7kfR +hXHx/S23P7s+Y1h3F0lADpUwHwYDVR0jBBgwFoAUnzjEViPDOeigcWzoVEzk6Dqx +v2cwDQYJKoZIhvcNAQELBQADggIBACMeFFgsWmC7h6D1v8DJUkOpm/m5UhVhO0hb +pQMQKMhKkl744Y9SWG4WNmpQy743TTciEJPZFhc7ke2R6VmK8ZJUqro2awOw1RWZ +OtHla59Btf1NQd41vOVdU+qFhs8lFfXg9sK7YHTrfxHtMXLoGnkkamK3xJgn7sXa +/zUvUDBTpDCXcpO9SyHoKIQswmkIPpRyIdPF4biRdR3N+9MYmlfqN/Nk3OEZ73xZ +AUZP6Gu+f9cEiHTA8NdYHCPLJWyFnIHWK+QuTFEnKYnOYxCeroLBNOO64e8JWZ39 +kZ22BBXhHzqOCCczS7JOJTRF+JgvWuxbFwRstj8qf3fE+JndWmq2FC4hTHtpuK5K +ENuiRm5gdkXfsXmB+qB6y5gaajiTIMscGIcZIKTe2YdKrLoicvEz8k+loM7favik +vzFioTNTDHYGx3mkfElBE7ycY8n+jZE3QBBv33k28MeQi7XNgEaMc4tYwoZIdE9A +xVccXTzEQzka82dOkRB1dU0XZId9XAWv+CtNc2TjF6Wgx2seA/c6H8S0IfgQBIV2 +8iN2wZns2QFdawkdy3hMUqPnA++kuGhLW3GemsIY5dP/WxY8rd+OfLb/Ks9T1pCd +28t7PQRcQsgkYmouzrOW9ASBvYqLLdhl4y+fFXff8RkPIKMNoYP06WJvRKmky9R/ +41/nXRas +-----END CERTIFICATE----- diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/Symantec/appleistca8g1-chain.pem b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/symantec/appleistca8g1-chain.pem similarity index 100% rename from test/jdk/sun/security/ssl/X509TrustManagerImpl/Symantec/appleistca8g1-chain.pem rename to test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/symantec/appleistca8g1-chain.pem diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/Symantec/geotrustprimarycag2-chain.pem b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/symantec/geotrustprimarycag2-chain.pem similarity index 100% rename from test/jdk/sun/security/ssl/X509TrustManagerImpl/Symantec/geotrustprimarycag2-chain.pem rename to test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/symantec/geotrustprimarycag2-chain.pem diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/Symantec/geotrustprimarycag3-chain.pem b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/symantec/geotrustprimarycag3-chain.pem similarity index 100% rename from test/jdk/sun/security/ssl/X509TrustManagerImpl/Symantec/geotrustprimarycag3-chain.pem rename to test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/symantec/geotrustprimarycag3-chain.pem diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/Symantec/geotrustuniversalca-chain.pem b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/symantec/geotrustuniversalca-chain.pem similarity index 100% rename from test/jdk/sun/security/ssl/X509TrustManagerImpl/Symantec/geotrustuniversalca-chain.pem rename to test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/symantec/geotrustuniversalca-chain.pem diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/Symantec/thawteprimaryrootca-chain.pem b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/symantec/thawteprimaryrootca-chain.pem similarity index 100% rename from test/jdk/sun/security/ssl/X509TrustManagerImpl/Symantec/thawteprimaryrootca-chain.pem rename to test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/symantec/thawteprimaryrootca-chain.pem diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/Symantec/thawteprimaryrootcag2-chain.pem b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/symantec/thawteprimaryrootcag2-chain.pem similarity index 100% rename from test/jdk/sun/security/ssl/X509TrustManagerImpl/Symantec/thawteprimaryrootcag2-chain.pem rename to test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/symantec/thawteprimaryrootcag2-chain.pem diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/Symantec/thawteprimaryrootcag3-chain.pem b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/symantec/thawteprimaryrootcag3-chain.pem similarity index 100% rename from test/jdk/sun/security/ssl/X509TrustManagerImpl/Symantec/thawteprimaryrootcag3-chain.pem rename to test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/symantec/thawteprimaryrootcag3-chain.pem diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/Symantec/verisignclass3g3ca-chain.pem b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/symantec/verisignclass3g3ca-chain.pem similarity index 100% rename from test/jdk/sun/security/ssl/X509TrustManagerImpl/Symantec/verisignclass3g3ca-chain.pem rename to test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/symantec/verisignclass3g3ca-chain.pem diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/Symantec/verisignclass3g4ca-chain.pem b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/symantec/verisignclass3g4ca-chain.pem similarity index 100% rename from test/jdk/sun/security/ssl/X509TrustManagerImpl/Symantec/verisignclass3g4ca-chain.pem rename to test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/symantec/verisignclass3g4ca-chain.pem diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/Symantec/verisignclass3g5ca-chain.pem b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/symantec/verisignclass3g5ca-chain.pem similarity index 100% rename from test/jdk/sun/security/ssl/X509TrustManagerImpl/Symantec/verisignclass3g5ca-chain.pem rename to test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/symantec/verisignclass3g5ca-chain.pem diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/Symantec/verisignclass3g5ca-codesigning-chain.pem b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/symantec/verisignclass3g5ca-codesigning-chain.pem similarity index 100% rename from test/jdk/sun/security/ssl/X509TrustManagerImpl/Symantec/verisignclass3g5ca-codesigning-chain.pem rename to test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/symantec/verisignclass3g5ca-codesigning-chain.pem diff --git a/test/jdk/sun/security/ssl/X509TrustManagerImpl/Symantec/verisignuniversalrootca-chain.pem b/test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/symantec/verisignuniversalrootca-chain.pem similarity index 100% rename from test/jdk/sun/security/ssl/X509TrustManagerImpl/Symantec/verisignuniversalrootca-chain.pem rename to test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/symantec/verisignuniversalrootca-chain.pem diff --git a/test/jdk/sun/security/tools/jarsigner/warnings/BadKeyUsageTest.java b/test/jdk/sun/security/tools/jarsigner/warnings/BadKeyUsageTest.java deleted file mode 100644 index a0dbbd7ff53..00000000000 --- a/test/jdk/sun/security/tools/jarsigner/warnings/BadKeyUsageTest.java +++ /dev/null @@ -1,103 +0,0 @@ -/* - * Copyright (c) 2013, 2019, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -import jdk.test.lib.process.OutputAnalyzer; -import jdk.test.lib.util.JarUtils; - -/** - * @test - * @bug 8024302 8026037 - * @summary Test for badKeyUsage warning - * @library /test/lib ../ - * @ignore until 8026393 is fixed - * @build jdk.test.lib.util.JarUtils - * @run main BadKeyUsageTest - */ -public class BadKeyUsageTest extends Test { - - /** - * The test signs and verifies a jar that contains entries - * whose signer certificate's KeyUsage extension - * doesn't allow code signing (badKeyUsage). - * Warning message is expected. - */ - public static void main(String[] args) throws Throwable { - BadKeyUsageTest test = new BadKeyUsageTest(); - test.start(); - } - - private void start() throws Throwable { - // create a jar file that contains one class file - Utils.createFiles(FIRST_FILE); - JarUtils.createJar(UNSIGNED_JARFILE, FIRST_FILE); - - // create a certificate whose signer certificate's KeyUsage extension - // doesn't allow code signing - createAlias(CA_KEY_ALIAS, "-ext", "bc:c"); - createAlias(KEY_ALIAS); - - issueCert( - KEY_ALIAS, - "-ext", "KeyUsage=keyAgreement", - "-validity", Integer.toString(VALIDITY)); - - // sign jar - OutputAnalyzer analyzer = jarsigner( - "-verbose", - "-keystore", KEYSTORE, - "-storepass", PASSWORD, - "-keypass", PASSWORD, - "-signedjar", SIGNED_JARFILE, - UNSIGNED_JARFILE, - KEY_ALIAS); - - checkSigning(analyzer, BAD_KEY_USAGE_SIGNING_WARNING); - - // verify signed jar - analyzer = jarsigner( - "-verify", - "-verbose", - "-keystore", KEYSTORE, - "-storepass", PASSWORD, - "-keypass", PASSWORD, - SIGNED_JARFILE); - - checkVerifying(analyzer, 0, BAD_KEY_USAGE_VERIFYING_WARNING); - - // verify signed jar in strict mode - analyzer = jarsigner( - "-verify", - "-verbose", - "-strict", - "-keystore", KEYSTORE, - "-storepass", PASSWORD, - "-keypass", PASSWORD, - SIGNED_JARFILE); - - checkVerifying(analyzer, BAD_KEY_USAGE_EXIT_CODE, - BAD_KEY_USAGE_VERIFYING_WARNING); - - System.out.println("Test passed"); - } - -} diff --git a/test/jdk/sun/security/tools/keytool/ExportPrivateKeyNoPwd.java b/test/jdk/sun/security/tools/keytool/ExportPrivateKeyNoPwd.java deleted file mode 100644 index 799bf455b23..00000000000 --- a/test/jdk/sun/security/tools/keytool/ExportPrivateKeyNoPwd.java +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -import java.security.*; - -/* - * Export a private key from the named keychain entry without supplying a - * password. See JDK-8062264. - * - * NOTE: Keychain access controls must already have been lowered to permit - * the target entry to be accessed. - */ -public class ExportPrivateKeyNoPwd { - - public static final void main(String[] args) throws Exception { - - if (args.length != 1) { - throw new Exception( - "ExportPrivateKeyNoPwd: must supply name of a keystore entry"); - } - String alias = args[0]; - - KeyStore ks = KeyStore.getInstance("KeychainStore"); - System.out.println("ExportPrivateKeyNoPwd: loading keychains..."); - ks.load(null, null); - - System.out.println("ExportPrivateKeyNoPwd: exporting key..."); - Key key = ks.getKey(alias, null); - if (key instanceof PrivateKey) { - System.out.println("ExportPrivateKeyNoPwd: exported " + - key.getAlgorithm() + " private key from '" + alias + "'"); - } else { - throw new Exception("Error exporting private key from keychain"); - } - } -} - diff --git a/test/jdk/sun/security/tools/keytool/ListKeyChainStore.java b/test/jdk/sun/security/tools/keytool/ListKeyChainStore.java new file mode 100644 index 00000000000..39626b8dfc5 --- /dev/null +++ b/test/jdk/sun/security/tools/keytool/ListKeyChainStore.java @@ -0,0 +1,202 @@ +/* + * Copyright (c) 2012, 2023, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 7133495 8062264 8046777 8153005 + * @summary KeyChain KeyStore implementation retrieves only one private key entry + * @requires (os.family == "mac") + * @library /test/lib + * @run main/othervm/manual ListKeyChainStore + */ + +import jdk.test.lib.SecurityTools; +import jdk.test.lib.process.ProcessTools; + +import java.io.*; +import java.nio.file.Files; +import java.nio.file.Paths; +import java.security.Key; +import java.security.KeyStore; +import java.security.PrivateKey; + +public class ListKeyChainStore { + private static final String PWD = "xxxxxx"; + private static final String DEFAULT_KEYTOOL = "-list -storetype KeychainStore " + + "-keystore NONE -storepass " + PWD; + private static final String USER_DIR = System.getProperty("user.dir", "."); + private static final String FS = System.getProperty("file.separator"); + private static final String PKCS12_KEYSTORE = USER_DIR + FS + "7133495.p12"; + private static final String KEYCHAIN_FILE = USER_DIR + FS + "7133495.keychain"; + private static final String TEMPORARY_FILE = USER_DIR + FS + "7133495.tmp"; + private static final String USER_KEYCHAIN_LIST = USER_DIR + FS + "user.keychain.list"; + private static final String PRIVATE_KEY_ENTRY = "PrivateKeyEntry"; + + public static void main(String[] args) throws Throwable { + LOG_MSG("WARNING: This test doesn't work on macOS virtualized environment. " + + "`security list-keychains -s` doesn't update the search order."); + + deleteTestTempFilesIfExists(); + + // Get the old security keychain list to restore later + try (PrintStream printStream = new PrintStream(USER_KEYCHAIN_LIST)) { + ProcessTools.executeCommand("sh", "-c", "security list-keychains") + .shouldHaveExitValue(0).outputTo(printStream); + } + + try { + try (PrintStream printStream = new PrintStream(TEMPORARY_FILE)) { + SecurityTools.keytool(DEFAULT_KEYTOOL).shouldHaveExitValue(0) + .outputTo(printStream); + } + int oldPrivateKeyCount = countOccurrences(TEMPORARY_FILE, PRIVATE_KEY_ENTRY); + LOG_MSG("Found " + oldPrivateKeyCount + " private key entries in the " + + "Keychain keystore"); + + // Create the PKCS12 keystore containing 3 public/private key pairs + LOG_MSG("Creating PKCS12 keystore: " + PKCS12_KEYSTORE); + for (int i = 0; i < 3; i++) { + // Use legacy encryption and MAC algorithms, refer macOS open radar FB8988319 + // macOS security framework doesn't work with the latest algorithms + SecurityTools.keytool(String.format("-J-Dkeystore.pkcs12.legacy -genkeypair" + + " -storetype PKCS12 -keystore %s -storepass %s -keyalg rsa -dname " + + "CN=CN%d,OU=OU%d,O=O%d,ST=ST%d,C=US -alias 7133495-%d", + PKCS12_KEYSTORE, PWD, i, i, i, i, i)).shouldHaveExitValue(0); + } + + // Create the keychain + LOG_MSG("Creating keychain: " + KEYCHAIN_FILE); + ProcessTools.executeCommand("sh", "-c", String.format("security create-keychain" + + " -p %s %s", PWD, KEYCHAIN_FILE)).shouldHaveExitValue(0); + + // Unlock the keychain + LOG_MSG("Unlock keychain: " + KEYCHAIN_FILE); + ProcessTools.executeCommand("sh", "-c", String.format("security unlock-keychain" + + " -p %s %s", PWD, KEYCHAIN_FILE)).shouldHaveExitValue(0); + + // Import the key pairs from the PKCS12 keystore into the keychain + // The '-A' option is used to lower the keychain's access controls + LOG_MSG("Importing the key pairs from " + PKCS12_KEYSTORE + + " to " + KEYCHAIN_FILE); + ProcessTools.executeCommand("sh", "-c", String.format("security import %s -k %s" + + " -f pkcs12 -P %s -A", PKCS12_KEYSTORE, KEYCHAIN_FILE, PWD)).shouldHaveExitValue(0); + + // Generate a 2048-bit RSA keypair and import into the keychain + // Its private key is configured with non-default key usage settings + ProcessTools.executeCommand("sh", "-c", String.format("certtool ca k=%s " + + "< " + msg); + } +} diff --git a/test/jdk/sun/security/tools/keytool/ListKeychainStore.sh b/test/jdk/sun/security/tools/keytool/ListKeychainStore.sh deleted file mode 100644 index 6ab1be90065..00000000000 --- a/test/jdk/sun/security/tools/keytool/ListKeychainStore.sh +++ /dev/null @@ -1,188 +0,0 @@ -# -# Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved. -# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. -# -# This code is free software; you can redistribute it and/or modify it -# under the terms of the GNU General Public License version 2 only, as -# published by the Free Software Foundation. -# -# This code is distributed in the hope that it will be useful, but WITHOUT -# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or -# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License -# version 2 for more details (a copy is included in the LICENSE file that -# accompanied this code). -# -# You should have received a copy of the GNU General Public License version -# 2 along with this work; if not, write to the Free Software Foundation, -# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -# -# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA -# or visit www.oracle.com if you need additional information or have any -# questions. -# - -# @test -# @bug 7133495 8041740 8062264 8046777 -# @summary [macosx] KeyChain KeyStore implementation retrieves only one private key entry - -if [ "${TESTJAVA}" = "" ] ; then - JAVAC_CMD=`which javac` - TESTJAVA=`dirname $JAVAC_CMD`/.. -fi - -if [ "${TESTSRC}" = "" ] ; then - TESTSRC="." -fi -if [ "${TESTCLASSES}" = "" ] ; then - TESTCLASSES=`pwd` -fi - -# Only run on MacOS -OS=`uname -s` -case "$OS" in - Darwin ) - ;; - * ) - echo "Will not run test on: ${OS}" - exit 0; - ;; -esac - -PWD="xxxxxx" -KEYTOOL="${TESTJAVA}/bin/keytool ${TESTTOOLVMOPTS} -storetype KeychainStore -keystore NONE -storepass $PWD" -TEMPORARY_P12="$TESTCLASSES/7133495.p12" -TEMPORARY_KC="$TESTCLASSES/7133495.keychain" -TEMPORARY_LIST="$TESTCLASSES/7133495.tmp" -CLEANUP_P12="rm -f $TEMPORARY_P12" -CLEANUP_KC="security delete-keychain $TEMPORARY_KC" -CLEANUP_LIST="rm -f $TEMPORARY_LIST" - -# Count the number of private key entries in the Keychain keystores - -COUNT=`$KEYTOOL -list | grep PrivateKeyEntry | wc -l` -echo "Found $COUNT private key entries in the Keychain keystores" - -# Create a temporary PKCS12 keystore containing 3 public/private keypairs - -RESULT=`$CLEANUP_P12` - -for i in X Y Z -do - ${TESTJAVA}/bin/keytool ${TESTTOOLVMOPTS} -genkeypair \ - -storetype PKCS12 \ - -keystore $TEMPORARY_P12 \ - -storepass $PWD \ - -keyalg rsa \ - -dname "CN=$i,OU=$i,O=$i,ST=$i,C=US" \ - -alias 7133495-$i - - if [ $? -ne 0 ]; then - echo "Error: cannot create keypair $i in the temporary PKCS12 keystore" - RESULT=`$CLEANUP_P12` - exit 1 - fi -done -echo "Created a temporary PKCS12 keystore: $TEMPORARY_P12" - -# Create a temporary keychain - -security create-keychain -p $PWD $TEMPORARY_KC -if [ $? -ne 0 ]; then - echo "Error: cannot create the temporary keychain" - RESULT=`$CLEANUP_P12` - exit 2 -fi -echo "Created a temporary keychain: $TEMPORARY_KC" - -# Unlock the temporary keychain - -security unlock-keychain -p $PWD $TEMPORARY_KC -if [ $? -ne 0 ]; then - echo "Error: cannot unlock the temporary keychain" - RESULT=`$CLEANUP_P12` - RESULT=`$CLEANUP_KC` - exit 3 -fi -echo "Unlocked the temporary keychain" - -# Import the keypairs from the PKCS12 keystore into the keychain -# (The '-A' option is used to lower the temporary keychain's access controls) - -security import $TEMPORARY_P12 -k $TEMPORARY_KC -f pkcs12 -P $PWD -A -if [ $? -ne 0 ]; then - echo "Error: cannot import keypairs from PKCS12 keystore into the keychain" - RESULT=`$CLEANUP_P12` - RESULT=`$CLEANUP_KC` - exit 4 -fi -echo "Imported keypairs from PKCS12 keystore into the keychain" - -# Generate a 2048-bit RSA keypair and import into the temporary keychain -# (its private key is configured with non-default key usage settings) - -certtool c k=$TEMPORARY_KC < $TEMPORARY_LIST -security list-keychains >> $TEMPORARY_LIST -security list-keychains -s `xargs < ${TEMPORARY_LIST}` -`$CLEANUP_LIST` -echo "Temporary keychain search order:" -security list-keychains - -# Recount the number of private key entries in the Keychain keystores -# (3 private keys imported from PKCS12, 1 private key generated by 'certtool') - -RECOUNT=`$KEYTOOL -list | grep PrivateKeyEntry | wc -l` -echo "Found $RECOUNT private key entries in the Keychain keystore" -if [ $RECOUNT -lt `expr $COUNT + 4` ]; then - echo "Error: expected >$COUNT private key entries in the Keychain keystores" - RESULT=`$CLEANUP_P12` - RESULT=`$CLEANUP_KC` - exit 5 -fi - -# Export a private key from the keychain (without supplying a password) -# Access controls have already been lowered (see 'security import ... -A' above) - -${TESTJAVA}/bin/javac ${TESTJAVACOPTS} ${TESTTOOLVMOPTS} -d . ${TESTSRC}/ExportPrivateKeyNoPwd.java || exit 6 -${TESTJAVA}/bin/java ${TESTVMOPTS} ExportPrivateKeyNoPwd x -if [ $? -ne 0 ]; then - echo "Error exporting private key from the temporary keychain" - RESULT=`$CLEANUP_P12` - RESULT=`$CLEANUP_KC` - exit 6 -fi -echo "Exported a private key from the temporary keychain" - -RESULT=`$CLEANUP_P12` -if [ $? -ne 0 ]; then - echo "Error: cannot remove the temporary PKCS12 keystore" - exit 7 -fi -echo "Removed the temporary PKCS12 keystore" - -RESULT=`$CLEANUP_KC` -if [ $? -ne 0 ]; then - echo "Error: cannot remove the temporary keychain" - exit 8 -fi -echo "Removed the temporary keychain" - -exit 0 diff --git a/test/jdk/sun/security/tools/keytool/NssTest.java b/test/jdk/sun/security/tools/keytool/NssTest.java index bc66fdaae44..80ef41d446d 100644 --- a/test/jdk/sun/security/tools/keytool/NssTest.java +++ b/test/jdk/sun/security/tools/keytool/NssTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2018, 2023 Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -56,8 +56,9 @@ private static void copyFiles() throws IOException { Path dbPath = srcPath.getParent().getParent() .resolve("pkcs11").resolve("nss").resolve("db"); - Files.copy(dbPath.resolve("cert8.db"), Paths.get("cert8.db")); - Files.copy(dbPath.resolve("key3.db"), Paths.get("key3.db")); - Files.copy(dbPath.resolve("secmod.db"), Paths.get("secmod.db")); + Path destDir = Path.of( "tmpdb"); + Files.createDirectory(destDir); + Files.copy(dbPath.resolve("cert9.db"), destDir.resolve("cert9.db")); + Files.copy(dbPath.resolve("key4.db"), destDir.resolve("key4.db")); } } diff --git a/test/jdk/sun/security/tools/keytool/PKCS12Passwd.java b/test/jdk/sun/security/tools/keytool/PKCS12Passwd.java index db387c3eb12..9c91276b3b4 100644 --- a/test/jdk/sun/security/tools/keytool/PKCS12Passwd.java +++ b/test/jdk/sun/security/tools/keytool/PKCS12Passwd.java @@ -108,7 +108,7 @@ public static void main(String[] args) throws Exception { check("p12", "newpass", "newpass"); - // Conversely, a JKS keystore can be laoded as a PKCS12, and it follows + // Conversely, a JKS keystore can be loaded as a PKCS12, and it follows // PKCS12 rules that both passwords are changed at the same time and // some commands are rejected. diff --git a/test/jdk/sun/security/tools/keytool/p11-nss.txt b/test/jdk/sun/security/tools/keytool/p11-nss.txt index dd200a326c0..9c8ac0a43ab 100644 --- a/test/jdk/sun/security/tools/keytool/p11-nss.txt +++ b/test/jdk/sun/security/tools/keytool/p11-nss.txt @@ -6,7 +6,7 @@ slot = 2 library = ${nss.lib} -nssArgs = "configdir='.' certPrefix='' keyPrefix='' secmod='secmod.db'" +nssArgs = "configdir='sql:./tmpdb' certPrefix='' keyPrefix='' secmod='secmod.db'" #forceLogin = true diff --git a/test/jdk/sun/security/util/RegisteredDomain/ParseNames.java b/test/jdk/sun/security/util/RegisteredDomain/ParseNames.java index 69ca9577c68..74045b533c2 100644 --- a/test/jdk/sun/security/util/RegisteredDomain/ParseNames.java +++ b/test/jdk/sun/security/util/RegisteredDomain/ParseNames.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2019, 2022, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2019, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,7 +23,7 @@ /* * @test - * @bug 8228969 8244087 8255266 + * @bug 8228969 8244087 8255266 8302182 * @modules java.base/sun.security.util * @summary unit test for RegisteredDomain */ diff --git a/test/jdk/sun/security/util/RegisteredDomain/tests.dat b/test/jdk/sun/security/util/RegisteredDomain/tests.dat index e4cf659c634..280e66ff93b 100644 --- a/test/jdk/sun/security/util/RegisteredDomain/tests.dat +++ b/test/jdk/sun/security/util/RegisteredDomain/tests.dat @@ -84,6 +84,10 @@ foo.fj fj foo.fj www.foo.ie ie foo.ie www.foo.gov.ie gov.ie foo.gov.ie +# in +5g.in 5g.in null +www.5g.in 5g.in www.5g.in + # it has a large number of entries www.gr.it gr.it www.gr.it www.blahblahblah.it it blahblahblah.it @@ -148,9 +152,17 @@ s.k12.oh.us k12.oh.us s.k12.oh.us s.pvt.k12.ma.us pvt.k12.ma.us s.pvt.k12.ma.us w.s.pvt.k12.ma.us pvt.k12.ma.us s.pvt.k12.ma.us +# vn +site.com.vn com.vn site.com.vn +site.ai.vn ai.vn site.ai.vn + # السعودية السعودية السعودية null foo.السعودية السعودية foo.السعودية w.foo.السعودية السعودية foo.السعودية +# Microsoft +1.azurestaticapps.net 1.azurestaticapps.net null +app.1.azurestaticapps.net 1.azurestaticapps.net app.1.azurestaticapps.net + ## END diff --git a/test/jdk/sun/security/x509/URICertStore/SocksProxy.java b/test/jdk/sun/security/x509/URICertStore/SocksProxy.java index a44cf603124..67a372b97b3 100644 --- a/test/jdk/sun/security/x509/URICertStore/SocksProxy.java +++ b/test/jdk/sun/security/x509/URICertStore/SocksProxy.java @@ -22,6 +22,7 @@ */ import java.io.IOException; +import java.net.InetAddress; import java.net.ServerSocket; import java.net.Socket; import java.util.Objects; @@ -30,7 +31,7 @@ import javax.net.ServerSocketFactory; /* - * A simple socks4 proxy for traveling socket. + * A simple socks proxy for traveling socket. */ class SocksProxy implements Runnable, AutoCloseable { @@ -49,10 +50,11 @@ static SocksProxy startProxy(Consumer socketConsumer) ServerSocket server = ServerSocketFactory.getDefault().createServerSocket(0); - System.setProperty("socksProxyHost", "127.0.0.1"); + System.setProperty("socksProxyHost", + InetAddress.getLoopbackAddress().getHostAddress()); System.setProperty("socksProxyPort", String.valueOf(server.getLocalPort())); - System.setProperty("socksProxyVersion", "4"); + System.setProperty("socksProxyVersion", "5"); SocksProxy proxy = new SocksProxy(server, socketConsumer); Thread proxyThread = new Thread(proxy, "Proxy"); diff --git a/test/jdk/sun/security/x509/X500Name/NullX500Name.java b/test/jdk/sun/security/x509/X500Name/NullX500Name.java index fe0b1d3874c..37e12d8a892 100644 --- a/test/jdk/sun/security/x509/X500Name/NullX500Name.java +++ b/test/jdk/sun/security/x509/X500Name/NullX500Name.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2020, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -24,6 +24,7 @@ /* @test * @bug 4118818 * @summary allow null X.500 Names + * @library /test/lib * @modules java.base/sun.security.util * java.base/sun.security.x509 */ @@ -31,7 +32,7 @@ import java.util.Arrays; import sun.security.util.DerOutputStream; import sun.security.x509.*; -import sun.security.util.HexDumpEncoder; +import jdk.test.lib.hexdump.HexPrinter; public class NullX500Name { @@ -63,16 +64,16 @@ public static void main(String[] argv) throws Exception { subject.encode(dos); byte[] out = dos.toByteArray(); byte[] enc = subject.getEncoded(); - HexDumpEncoder e = new HexDumpEncoder(); + HexPrinter e = HexPrinter.simple(); if (Arrays.equals(out, enc)) - System.out.println("Sucess: out:" + e.encodeBuffer(out)); + System.out.println("Success: out:" + e.toString(out)); else { - System.out.println("Failed: encode:" + e.encodeBuffer(out)); - System.out.println("getEncoded:" + e.encodeBuffer(enc)); + System.out.println("Failed: encode:" + e.toString(out)); + System.out.println("getEncoded:" + e.toString(enc)); } X500Name x = new X500Name(enc); if (x.equals(subject)) - System.out.println("Sucess: X500Name(byte[]):" + x.toString()); + System.out.println("Success: X500Name(byte[]):" + x.toString()); else System.out.println("Failed: X500Name(byte[]):" + x.toString()); } diff --git a/test/jdk/sun/security/x509/X509CRLImpl/UnexpectedNPE.java b/test/jdk/sun/security/x509/X509CRLImpl/UnexpectedNPE.java index 8c14c48ee28..fb85353ee3f 100644 --- a/test/jdk/sun/security/x509/X509CRLImpl/UnexpectedNPE.java +++ b/test/jdk/sun/security/x509/X509CRLImpl/UnexpectedNPE.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,56 +23,43 @@ /* * @test - * @bug 5052433 - * @summary NullPointerException for generateCRL and generateCRLs methods. + * @bug 5052433 8315042 + * @summary Verify that generateCRL and generateCRLs methods do not throw + * NullPointerException. They should throw CRLException instead. + * @library /test/lib */ import java.security.NoSuchProviderException; import java.security.cert.*; import java.io.ByteArrayInputStream; +import java.util.Base64; -public class UnexpectedNPE { - CertificateFactory cf = null ; +import jdk.test.lib.Utils; - public UnexpectedNPE() {} +public class UnexpectedNPE { + static CertificateFactory cf = null; - public static void main( String[] av ) { + public static void main(String[] av ) throws CertificateException, + NoSuchProviderException { byte[] encoded_1 = { 0x00, 0x00, 0x00, 0x00 }; byte[] encoded_2 = { 0x30, 0x01, 0x00, 0x00 }; byte[] encoded_3 = { 0x30, 0x01, 0x00 }; + byte[] encoded_4 = Base64.getDecoder().decode( + "MAsGCSqGSMP7TQEHAjI1Bgn///////8wCwUyAQ=="); - UnexpectedNPE unpe = new UnexpectedNPE() ; - - if(!unpe.run(encoded_1)) { - throw new SecurityException("CRLException has not been thrown"); - } + cf = CertificateFactory.getInstance("X.509", "SUN"); - if(!unpe.run(encoded_2)) { - throw new SecurityException("CRLException has not been thrown"); - } - - if(!unpe.run(encoded_2)) { - throw new SecurityException("CRLException has not been thrown"); - } + run(encoded_1); + run(encoded_2); + run(encoded_3); + run(encoded_4); } - private boolean run(byte[] buf) { - if (cf == null) { - try { - cf = CertificateFactory.getInstance("X.509", "SUN"); - } catch (CertificateException e) { - throw new SecurityException("Cannot get CertificateFactory"); - } catch (NoSuchProviderException npe) { - throw new SecurityException("Cannot get CertificateFactory"); - } - } - try { - cf.generateCRL(new ByteArrayInputStream(buf)); - } catch (CRLException ce) { - System.out.println("NPE checking passed"); - return true; - } - - System.out.println("CRLException has not been thrown"); - return false; + private static void run(byte[] buf) { + Utils.runAndCheckException( + () -> cf.generateCRL(new ByteArrayInputStream(buf)), + CRLException.class); + Utils.runAndCheckException( + () -> cf.generateCRLs(new ByteArrayInputStream(buf)), + CRLException.class); } } diff --git a/test/jdk/sun/tools/jcmd/TestJcmdSanity.java b/test/jdk/sun/tools/jcmd/TestJcmdSanity.java index a04c837a682..43c7cccfb91 100644 --- a/test/jdk/sun/tools/jcmd/TestJcmdSanity.java +++ b/test/jdk/sun/tools/jcmd/TestJcmdSanity.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2011, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -32,6 +32,7 @@ import jdk.test.lib.process.OutputAnalyzer; import jdk.test.lib.process.ProcessTools; +import jdk.test.lib.Platform; import jdk.test.lib.Utils; /* @@ -59,6 +60,7 @@ public static void main(String[] args) throws Exception { testJcmdPid_f(); testJcmdPidPerfCounterPrint(); testJcmdPidBigScript(); + testJcmdPidVMinfo(); } /** @@ -166,4 +168,21 @@ private static void verifyOutputAgainstFile(OutputAnalyzer output) throws IOExce "The ouput should contain all content of " + path.toAbsolutePath()); } + /** + * Sanity check for VM.info + */ + private static void testJcmdPidVMinfo() throws Exception { + OutputAnalyzer output = JcmdBase.jcmd(VM_ARGS, new String[] {"VM.info"}); + output.shouldHaveExitValue(0); + output.shouldContain(Long.toString(ProcessTools.getProcessId()) + ":"); + + // Should find the signal handler summary (except on Windows): + if (!Platform.isWindows()) { + output.shouldContain("Signal Handlers:"); + // Should not find any of the possible signal handler modification warnings: + output.shouldNotContain(" handler modified!"); // e.g. Warning: SIGILL handler modified! + output.shouldNotContain("*** Handler was modified!"); + output.shouldNotContain("*** Expected: "); // e.g. *** Expected: javaSignalHandler in ... + } + } } diff --git a/test/jdk/sun/util/calendar/zi/GenDoc.java b/test/jdk/sun/util/calendar/zi/GenDoc.java index 370d27b5835..e9e6ebc0cd8 100644 --- a/test/jdk/sun/util/calendar/zi/GenDoc.java +++ b/test/jdk/sun/util/calendar/zi/GenDoc.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2001, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2001, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -154,10 +154,10 @@ int processZoneinfo(Timezone tz) { outD.mkdirs(); /* If mapfile is available, add a link to the appropriate map */ - if ((mapList == null) && (Main.getMapFile() != null)) { + if (mapList == null && Main.getMapFile() != null) { + mapList = new HashMap(); FileReader fr = new FileReader(Main.getMapFile()); BufferedReader in = new BufferedReader(fr); - mapList = new HashMap(); String line; while ((line = in.readLine()) != null) { // skip blank and comment lines @@ -180,7 +180,7 @@ int processZoneinfo(Timezone tz) { out.write(header1 + new Date() + header3 + zonename + header4); out.write(body1 + "" + zonename + ""); - LatitudeAndLongitude location = mapList.get(zonename); + LatitudeAndLongitude location = (mapList != null ? mapList.get(zonename) : null); if (location != null) { int deg, min, sec; diff --git a/test/jdk/sun/util/calendar/zi/Month.java b/test/jdk/sun/util/calendar/zi/Month.java index cb60b8d4411..bab909f7637 100644 --- a/test/jdk/sun/util/calendar/zi/Month.java +++ b/test/jdk/sun/util/calendar/zi/Month.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -21,11 +21,6 @@ * questions. */ -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - /** * Month enum handles month related manipulation. * @@ -47,15 +42,6 @@ enum Month { private final String abbr; - private static final Map abbreviations - = new HashMap(12); - - static { - for (Month m : Month.values()) { - abbreviations.put(m.abbr, m); - } - } - private Month(String abbr) { this.abbr = abbr; } @@ -70,11 +56,22 @@ int value() { * @return the Month value */ static Month parse(String name) { - Month m = abbreviations.get(name); - if (m != null) { - return m; - } - return null; + int len = name.length(); + + if (name.regionMatches(true, 0, "January", 0, len)) return Month.JANUARY; + if (name.regionMatches(true, 0, "February", 0, len)) return Month.FEBRUARY; + if (name.regionMatches(true, 0, "March", 0, len)) return Month.MARCH; + if (name.regionMatches(true, 0, "April", 0, len)) return Month.APRIL; + if (name.regionMatches(true, 0, "May", 0, len)) return Month.MAY; + if (name.regionMatches(true, 0, "June", 0, len)) return Month.JUNE; + if (name.regionMatches(true, 0, "July", 0, len)) return Month.JULY; + if (name.regionMatches(true, 0, "August", 0, len)) return Month.AUGUST; + if (name.regionMatches(true, 0, "September", 0, len)) return Month.SEPTEMBER; + if (name.regionMatches(true, 0, "October", 0, len)) return Month.OCTOBER; + if (name.regionMatches(true, 0, "November", 0, len)) return Month.NOVEMBER; + if (name.regionMatches(true, 0, "December", 0, len)) return Month.DECEMBER; + + throw new IllegalArgumentException("Unknown month: " + name); } /** diff --git a/test/jdk/sun/util/calendar/zi/RuleDay.java b/test/jdk/sun/util/calendar/zi/RuleDay.java index bc730944b4c..9cd81c1e524 100644 --- a/test/jdk/sun/util/calendar/zi/RuleDay.java +++ b/test/jdk/sun/util/calendar/zi/RuleDay.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -21,11 +21,6 @@ * questions. */ -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - /** * RuleDay class represents the value of the "ON" field. The day of * week values start from 1 following the {@link java.util.Calendar} @@ -34,13 +29,6 @@ * @since 1.4 */ class RuleDay { - private static final Map abbreviations = new HashMap(7); - static { - for (DayOfWeek day : DayOfWeek.values()) { - abbreviations.put(day.getAbbr(), day); - } - } - private String dayName = null; private DayOfWeek dow; private boolean lastOne = false; @@ -166,13 +154,23 @@ String getDayOfWeekForSimpleTimeZone() { return sign + toString(d); } - private static DayOfWeek getDOW(String abbr) { - return abbreviations.get(abbr); + private static DayOfWeek getDOW(String name) { + int len = name.length(); + + if (name.regionMatches(true, 0, "Monday", 0, len)) return DayOfWeek.MONDAY; + if (name.regionMatches(true, 0, "Tuesday", 0, len)) return DayOfWeek.TUESDAY; + if (name.regionMatches(true, 0, "Wednesday", 0, len)) return DayOfWeek.WEDNESDAY; + if (name.regionMatches(true, 0, "Thursday", 0, len)) return DayOfWeek.THURSDAY; + if (name.regionMatches(true, 0, "Friday", 0, len)) return DayOfWeek.FRIDAY; + if (name.regionMatches(true, 0, "Saturday", 0, len)) return DayOfWeek.SATURDAY; + if (name.regionMatches(true, 0, "Sunday", 0, len)) return DayOfWeek.SUNDAY; + + throw new IllegalArgumentException("Unknown day-of-week: " + name); } /** * Converts the specified day of week value to the day-of-week - * name defined in {@link java.util.Calenda}. + * name defined in {@link java.util.Calendar}. * @param dow 1-based day of week value * @return the Calendar day of week name with "Calendar." prefix. * @throws IllegalArgumentException if the specified dow value is out of range. diff --git a/test/jdk/sun/util/calendar/zi/RuleRec.java b/test/jdk/sun/util/calendar/zi/RuleRec.java index 6d9d4905d6a..e6e18773d16 100644 --- a/test/jdk/sun/util/calendar/zi/RuleRec.java +++ b/test/jdk/sun/util/calendar/zi/RuleRec.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -168,12 +168,13 @@ static RuleRec parse(StringTokenizer tokens) { rec.toYear = Integer.parseInt(token); } catch (NumberFormatException e) { // it's not integer - if ("min".equals(token) || "minimum".equals(token)) { + int len = token.length(); + if (token.regionMatches(true, 0, "minimum", 0, len)) { rec.fromYear = Zoneinfo.getMinYear(); - } else if ("max".equals(token) || "maximum".equals(token)) { + } else if (token.regionMatches(true, 0, "maximum", 0, len)) { rec.toYear = Integer.MAX_VALUE; rec.isLastRule = true; - } else if ("only".equals(token)) { + } else if (token.regionMatches(true, 0, "only", 0, len)) { rec.toYear = rec.fromYear; } else { Main.panic("invalid year value: "+token); diff --git a/test/jdk/sun/util/calendar/zi/TestZoneInfo310.java b/test/jdk/sun/util/calendar/zi/TestZoneInfo310.java index a7d14f1aa21..aaced7bbf58 100644 --- a/test/jdk/sun/util/calendar/zi/TestZoneInfo310.java +++ b/test/jdk/sun/util/calendar/zi/TestZoneInfo310.java @@ -50,7 +50,9 @@ public static void main(String[] args) throws Throwable { "..", "..", "make", "data", "tzdata"); String tzfiles = "africa antarctica asia australasia europe northamerica southamerica backward etcetera gmt"; Path jdk_tzdir = Paths.get(System.getProperty("test.src"), "tzdata_jdk"); - String jdk_tzfiles = "jdk11_backward"; + // tz2024b_overridden_zones file is created to preserve the behaviour of + // "EST", "MST", and "HST" when timezone 2024b changes are applied + String jdk_tzfiles = "jdk11_backward tz2024b_overridden_zones"; String zidir = TESTDIR + File.separator + "zi"; File fZidir = new File(zidir); if (!fZidir.exists()) { diff --git a/test/jdk/sun/util/calendar/zi/Zoneinfo.java b/test/jdk/sun/util/calendar/zi/Zoneinfo.java index 6b21bfb5c05..a68aa7826b0 100644 --- a/test/jdk/sun/util/calendar/zi/Zoneinfo.java +++ b/test/jdk/sun/util/calendar/zi/Zoneinfo.java @@ -240,8 +240,9 @@ static Zoneinfo parse(String fname) { continue; } String token = tokens.nextToken(); + int len = token.length(); - if (continued || "Zone".equals(token)) { + if (continued || token.regionMatches(true, 0, "Zone", 0, len)){ if (zone == null) { if (!tokens.hasMoreTokens()) { panic("syntax error: zone no more token"); @@ -268,7 +269,7 @@ static Zoneinfo parse(String fname) { } zone = null; } - } else if ("Rule".equals(token)) { + } else if (token.regionMatches(true, 0, "Rule", 0, len)) { if (!tokens.hasMoreTokens()) { panic("syntax error: rule no more token"); } @@ -281,7 +282,7 @@ static Zoneinfo parse(String fname) { RuleRec rrec = RuleRec.parse(tokens); rrec.setLine(line); rule.add(rrec); - } else if ("Link".equals(token)) { + } else if (token.regionMatches(true, 0, "Link", 0, len)) { // Link try { String name1 = tokens.nextToken(); diff --git a/test/jdk/sun/util/calendar/zi/tzdata_jdk/tz2024b_overridden_zones b/test/jdk/sun/util/calendar/zi/tzdata_jdk/tz2024b_overridden_zones new file mode 100644 index 00000000000..ab468100d1d --- /dev/null +++ b/test/jdk/sun/util/calendar/zi/tzdata_jdk/tz2024b_overridden_zones @@ -0,0 +1,36 @@ +# +# Copyright (c) 2024, Oracle and/or its affiliates. All rights reserved. +# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +# +# This code is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License version 2 only, as +# published by the Free Software Foundation. +# +# This code is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +# version 2 for more details (a copy is included in the LICENSE file that +# accompanied this code). +# +# You should have received a copy of the GNU General Public License version +# 2 along with this work; if not, write to the Free Software Foundation, +# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +# or visit www.oracle.com if you need additional information or have any +# questions. + +# TZdata2024b changes announced on 5th September 2024 includes changes to +# "EST", "MST", and "HST", i.e., changing those time zones from distinct +# time zones to links to other time zones. Previously +# they were defined as fixed offset zones, +# e.g., "EST" is "-05:00" without any DST transitions. +# With 2024b, "EST" is now a link to "America/Panama." +# This change has Java 8+ specification implications in java.time.ZoneId.SHORT_IDS field +# Solution for jdk24+ to modify the mappings in ZoneId class which requires modification of the spec. +# Update releases will not make the ZoneId changes due to current specification. + +# Zone NAME GMTOFF RULES/SAVE FORMAT [UNTIL] +Zone EST -5:00 - EST +Zone MST -7:00 - MST +Zone HST -10:00 - HST \ No newline at end of file diff --git a/test/jdk/sun/util/logging/PlatformLoggerTest.java b/test/jdk/sun/util/logging/PlatformLoggerTest.java index 4fbf0c95c2d..f09e0952186 100644 --- a/test/jdk/sun/util/logging/PlatformLoggerTest.java +++ b/test/jdk/sun/util/logging/PlatformLoggerTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -34,6 +34,7 @@ * @run main/othervm PlatformLoggerTest */ +import java.lang.ref.Reference; import java.lang.reflect.Field; import java.lang.reflect.Modifier; import java.util.logging.*; @@ -122,7 +123,7 @@ private static void checkLevel(PlatformLogger logger, PlatformLogger.Level level } private static void checkLogger(String name, Level level) { - Logger logger = LogManager.getLogManager().getLogger(name); + final Logger logger = LogManager.getLogManager().getLogger(name); if (logger == null) { throw new RuntimeException("Logger " + name + " does not exist"); @@ -132,6 +133,7 @@ private static void checkLogger(String name, Level level) { throw new RuntimeException("Invalid level for logger " + logger.getName() + " " + logger.getLevel()); } + Reference.reachabilityFence(logger); } private static void testLogMethods(PlatformLogger logger) { @@ -170,10 +172,11 @@ private static void checkPlatformLoggerLevels(PlatformLogger... loggers) { } } - Logger javaLogger = Logger.getLogger("foo.bar.baz"); + final Logger javaLogger = Logger.getLogger("foo.bar.baz"); for (Level level : levels) { checkJavaLoggerLevel(javaLogger, level); } + Reference.reachabilityFence(javaLogger); } private static void checkLoggerLevel(PlatformLogger logger, Level level) { @@ -185,12 +188,13 @@ private static void checkLoggerLevel(PlatformLogger logger, Level level) { } // check the level set in java.util.logging.Logger - Logger javaLogger = LogManager.getLogManager().getLogger(logger.getName()); + final Logger javaLogger = LogManager.getLogManager().getLogger(logger.getName()); Level javaLevel = javaLogger.getLevel(); if (javaLogger.getLevel() != level) { throw new RuntimeException("Retrieved backing java.util.logging.Logger level " + javaLevel + " is not the expected " + level); } + Reference.reachabilityFence(javaLogger); } private static void checkJavaLoggerLevel(Logger logger, Level level) { @@ -200,7 +204,7 @@ private static void checkJavaLoggerLevel(Logger logger, Level level) { System.out.println("Testing Java Level with: " + level.getName()); // create a brand new java logger - Logger javaLogger = sun.util.logging.internal.LoggingProviderImpl.getLogManagerAccess() + final Logger javaLogger = sun.util.logging.internal.LoggingProviderImpl.getLogManagerAccess() .demandLoggerFor(LogManager.getLogManager(), logger.getName()+"."+level.getName(), Thread.class.getModule()); @@ -237,6 +241,7 @@ private static void checkJavaLoggerLevel(Logger logger, Level level) { + plogger.level() + " is not the expected " + expected); } + Reference.reachabilityFence(javaLogger); } private static void checkPlatformLoggerLevelMapping(Level level) { diff --git a/test/jdk/tools/jar/ExtractFilesTest.java b/test/jdk/tools/jar/ExtractFilesTest.java new file mode 100644 index 00000000000..b829b770fc8 --- /dev/null +++ b/test/jdk/tools/jar/ExtractFilesTest.java @@ -0,0 +1,265 @@ +/* + * Copyright (c) 2024, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 8335912 + * @summary test extract jar files overwrite existing files behavior + * @library /test/lib + * @modules jdk.jartool + * @build jdk.test.lib.Platform + * jdk.test.lib.util.FileUtils + * @run junit/othervm ExtractFilesTest + */ + +import org.junit.jupiter.api.AfterAll; +import org.junit.jupiter.api.Assertions; +import org.junit.jupiter.api.BeforeAll; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.TestInstance; +import org.junit.jupiter.api.TestInstance.Lifecycle; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.PrintStream; +import java.io.UncheckedIOException; +import java.nio.file.Files; +import java.nio.file.Path; +import java.util.Arrays; +import java.util.spi.ToolProvider; +import java.util.stream.Stream; + +import jdk.test.lib.util.FileUtils; + + @TestInstance(Lifecycle.PER_CLASS) + public class ExtractFilesTest { + private static final ToolProvider JAR_TOOL = ToolProvider.findFirst("jar") + .orElseThrow(() -> + new RuntimeException("jar tool not found") + ); + + private final String nl = System.lineSeparator(); + private final ByteArrayOutputStream baos = new ByteArrayOutputStream(); + private final PrintStream out = new PrintStream(baos); + + @BeforeAll + public void setupJar() throws IOException { + mkdir("test1 test2"); + echo("testfile1", "test1/testfile1"); + echo("testfile2", "test2/testfile2"); + jar("cf test.jar -C test1 . -C test2 ."); + rm("test1 test2"); + } + + @AfterAll + public void cleanup() { + rm("test.jar"); + } + + /** + * Regular clean extract with expected output. + */ + @Test + public void testExtract() throws IOException { + jar("xvf test.jar"); + println(); + String output = " created: META-INF/" + nl + + " inflated: META-INF/MANIFEST.MF" + nl + + " inflated: testfile1" + nl + + " inflated: testfile2" + nl; + rm("META-INF testfile1 testfile2"); + Assertions.assertArrayEquals(baos.toByteArray(), output.getBytes()); + } + + /** + * Extract should overwrite existing file as default behavior. + */ + @Test + public void testOverwrite() throws IOException { + touch("testfile1"); + jar("xvf test.jar"); + println(); + String output = " created: META-INF/" + nl + + " inflated: META-INF/MANIFEST.MF" + nl + + " inflated: testfile1" + nl + + " inflated: testfile2" + nl; + Assertions.assertEquals("testfile1", cat("testfile1")); + rm("META-INF testfile1 testfile2"); + Assertions.assertArrayEquals(baos.toByteArray(), output.getBytes()); + } + + /** + * Extract with legacy style option `k` should preserve existing files. + */ + @Test + public void testKeptOldFile() throws IOException { + touch("testfile1"); + jar("xkvf test.jar"); + println(); + String output = " created: META-INF/" + nl + + " inflated: META-INF/MANIFEST.MF" + nl + + " skipped: testfile1 exists" + nl + + " inflated: testfile2" + nl; + Assertions.assertEquals("", cat("testfile1")); + Assertions.assertEquals("testfile2", cat("testfile2")); + rm("META-INF testfile1 testfile2"); + Assertions.assertArrayEquals(baos.toByteArray(), output.getBytes()); + } + + /** + * Extract with gnu style -k should preserve existing files. + */ + @Test + public void testGnuOptionsKeptOldFile() throws IOException { + touch("testfile1 testfile2"); + jar("-x -k -v -f test.jar"); + println(); + String output = " created: META-INF/" + nl + + " inflated: META-INF/MANIFEST.MF" + nl + + " skipped: testfile1 exists" + nl + + " skipped: testfile2 exists" + nl; + Assertions.assertEquals("", cat("testfile1")); + Assertions.assertEquals("", cat("testfile2")); + rm("META-INF testfile1 testfile2"); + Assertions.assertArrayEquals(baos.toByteArray(), output.getBytes()); + } + + /** + * Extract with gnu style long option --keep-old-files should preserve existing files. + */ + @Test + public void testGnuLongOptionsKeptOldFile() throws IOException { + touch("testfile2"); + jar("-x --keep-old-files -v -f test.jar"); + println(); + String output = " created: META-INF/" + nl + + " inflated: META-INF/MANIFEST.MF" + nl + + " inflated: testfile1" + nl + + " skipped: testfile2 exists" + nl; + Assertions.assertEquals("testfile1", cat("testfile1")); + Assertions.assertEquals("", cat("testfile2")); + rm("META-INF testfile1 testfile2"); + Assertions.assertArrayEquals(baos.toByteArray(), output.getBytes()); + } + + /** + * Test jar will issue warning when use keep option in non-extraction mode. + */ + @Test + public void testWarningOnInvalidKeepOption() throws IOException { + var err = jar("tkf test.jar"); + println(); + + String output = "META-INF/" + nl + + "META-INF/MANIFEST.MF" + nl + + "testfile1" + nl + + "testfile2" + nl; + + Assertions.assertArrayEquals(baos.toByteArray(), output.getBytes()); + Assertions.assertEquals("Warning: The --keep-old-files/-k/k option is not valid with current usage, will be ignored." + nl, err); + } + + private Stream mkpath(String... args) { + return Arrays.stream(args).map(d -> Path.of(".", d.split("/"))); + } + + private void mkdir(String cmdline) { + System.out.println("mkdir -p " + cmdline); + mkpath(cmdline.split(" +")).forEach(p -> { + try { + Files.createDirectories(p); + } catch (IOException x) { + throw new UncheckedIOException(x); + } + }); + } + + private void touch(String cmdline) { + System.out.println("touch " + cmdline); + mkpath(cmdline.split(" +")).forEach(p -> { + try { + Files.createFile(p); + } catch (IOException x) { + throw new UncheckedIOException(x); + } + }); + } + + private void echo(String text, String path) { + System.out.println("echo '" + text + "' > " + path); + try { + var p = Path.of(".", path.split("/")); + Files.writeString(p, text); + } catch (IOException x) { + throw new UncheckedIOException(x); + } + } + + private String cat(String path) { + System.out.println("cat " + path); + try { + return Files.readString(Path.of(path)); + } catch (IOException x) { + throw new UncheckedIOException(x); + } + } + + private void rm(String cmdline) { + System.out.println("rm -rf " + cmdline); + mkpath(cmdline.split(" +")).forEach(p -> { + try { + if (Files.isDirectory(p)) { + FileUtils.deleteFileTreeWithRetry(p); + } else { + FileUtils.deleteFileIfExistsWithRetry(p); + } + } catch (IOException x) { + throw new UncheckedIOException(x); + } + }); + } + + private String jar(String cmdline) throws IOException { + System.out.println("jar " + cmdline); + baos.reset(); + + // the run method catches IOExceptions, we need to expose them + ByteArrayOutputStream baes = new ByteArrayOutputStream(); + PrintStream err = new PrintStream(baes); + PrintStream saveErr = System.err; + System.setErr(err); + try { + int rc = JAR_TOOL.run(out, err, cmdline.split(" +")); + if (rc != 0) { + throw new IOException(baes.toString()); + } + } finally { + System.setErr(saveErr); + } + return baes.toString(); + } + + private void println() throws IOException { + System.out.println(new String(baos.toByteArray())); + } +} diff --git a/test/jdk/tools/jar/InputFilesTest.java b/test/jdk/tools/jar/InputFilesTest.java index 3dc08293a76..4974ac50831 100644 --- a/test/jdk/tools/jar/InputFilesTest.java +++ b/test/jdk/tools/jar/InputFilesTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, 2017, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,7 +23,7 @@ /* * @test - * @bug 8165944 + * @bug 8165944 8318971 * @summary test several jar tool input file scenarios with variations on -C * options with/without a --release option. Some input files are * duplicates that sometimes cause exceptions and other times do not, @@ -153,6 +153,84 @@ public void test6() throws IOException { jar("cf test.jar --release 9 -C test1 a -C test2 a"); } + /** + * Containing non-existent file in the file list + * The final jar should not be created and correct error message should be caught. + * IOException is triggered as expected. + */ + @Test + public void testNonExistentFileInput() throws IOException { + touch("existingTestFile.txt"); + onCompletion = () -> rm("existingTestFile.txt"); + try { + jar("cf test.jar existingTestFile.txt nonExistentTestFile.txt"); + Assert.fail("jar tool unexpectedly completed successfully"); + } catch (IOException e) { + Assert.assertEquals(e.getMessage().trim(), "nonExistentTestFile.txt : no such file or directory"); + Assert.assertTrue(Files.notExists(Path.of("test.jar")), "Jar file should not be created."); + } + } + + /** + * With @File as a part of jar command line, where the File is containing one or more + * non-existent files or directories + * The final jar should not be created and correct error message should be caught. + * IOException is triggered as expected. + */ + @Test + public void testNonExistentFileInputClassList() throws IOException { + touch("existingTestFile.txt"); + touch("classes.list"); + Files.writeString(Path.of("classes.list"), + "existingTestFile.txt\n" + + "nonExistentTestFile.txt\n" + + "nonExistentDirectory\n" + ); + onCompletion = () -> rm("existingTestFile.txt classes.list"); + try { + jar("cf test.jar @classes.list"); + Assert.fail("jar tool unexpectedly completed successfully"); + } catch (IOException e) { + String msg = e.getMessage().trim(); + Assert.assertTrue(msg.contains("nonExistentTestFile.txt : no such file or directory")); + Assert.assertTrue(msg.trim().contains("nonExistentDirectory : no such file or directory")); + Assert.assertTrue(Files.notExists(Path.of("test.jar")), "Jar file should not be created."); + } + + } + + /** + * Create a jar file; then with @File as a part of jar command line, where the File is containing one or more + * non-existent files or directories + * The final jar should not be created and correct error message should be caught. + * IOException is triggered as expected. + */ + @Test + public void testUpdateNonExistentFileInputClassList() throws IOException { + touch("existingTestFileUpdate.txt"); + touch("existingTestFileUpdate2.txt"); + touch("classesUpdate.list"); + Files.writeString(Path.of("classesUpdate.list"), + "existingTestFileUpdate2.txt\n" + + "nonExistentTestFileUpdate.txt\n" + + "nonExistentDirectoryUpdate\n" + ); + onCompletion = () -> rm("existingTestFileUpdate.txt existingTestFileUpdate2.txt " + + "classesUpdate.list testUpdate.jar"); + try { + jar("cf testUpdate.jar existingTestFileUpdate.txt"); + Assert.assertTrue(Files.exists(Path.of("testUpdate.jar"))); + jar("uf testUpdate.jar @classesUpdate.list"); + Assert.fail("jar tool unexpectedly completed successfully"); + } catch (IOException e) { + String msg = e.getMessage().trim(); + Assert.assertFalse(msg.contains("existingTestFileUpdate.txt : no such file or directory")); + Assert.assertTrue(msg.contains("nonExistentTestFileUpdate.txt : no such file or directory")); + Assert.assertTrue(msg.trim().contains("nonExistentDirectoryUpdate : no such file or directory")); + } + + } + private Stream mkpath(String... args) { return Arrays.stream(args).map(d -> Paths.get(".", d.split("/"))); } diff --git a/test/jdk/tools/jar/MultipleManifestTest.java b/test/jdk/tools/jar/MultipleManifestTest.java new file mode 100644 index 00000000000..951ce4bb890 --- /dev/null +++ b/test/jdk/tools/jar/MultipleManifestTest.java @@ -0,0 +1,224 @@ +/* + * Copyright (c) 2024, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 8335912 + * @summary test extract jar with multpile manifest files + * @library /test/lib + * @modules jdk.jartool + * @build jdk.test.lib.Platform + * jdk.test.lib.util.FileUtils + * @run junit/othervm MultipleManifestTest + */ + +import java.io.ByteArrayOutputStream; + +import org.junit.jupiter.api.AfterAll; +import org.junit.jupiter.api.AfterEach; +import org.junit.jupiter.api.Assertions; +import org.junit.jupiter.api.BeforeAll; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.TestInstance; +import org.junit.jupiter.api.TestInstance.Lifecycle; + +import java.io.IOException; +import java.io.PrintStream; +import java.io.UncheckedIOException; +import java.nio.charset.StandardCharsets; +import java.nio.file.Files; +import java.nio.file.Path; +import java.util.Arrays; +import java.util.jar.Attributes; +import java.util.jar.JarFile; +import java.util.jar.Manifest; +import java.util.spi.ToolProvider; +import java.util.stream.Stream; +import java.util.zip.ZipEntry; +import java.util.zip.ZipOutputStream; + +import jdk.test.lib.util.FileUtils; + +@TestInstance(Lifecycle.PER_CLASS) +class MultipleManifestTest { + private static final ToolProvider JAR_TOOL = ToolProvider.findFirst("jar") + .orElseThrow(() -> + new RuntimeException("jar tool not found") + ); + + private final String nl = System.lineSeparator(); + private final ByteArrayOutputStream baos = new ByteArrayOutputStream(); + private final PrintStream jarOut = new PrintStream(baos); + + static final Path zip = Path.of("MultipleManifestTest.jar"); + static final String jdkVendor = System.getProperty("java.vendor"); + static final String jdkVersion = System.getProperty("java.version"); + static final String MANIFEST1 = "Manifest-Version: 1.0" + + System.lineSeparator() + + "Created-By: " + jdkVersion + " (" + jdkVendor + ")"; + static final String MANIFEST2 = "Manifest-Version: 2.0" + + System.lineSeparator() + + "Created-By: " + jdkVersion + " (" + jdkVendor + ")"; + static final String MANIFEST3 = "Manifest-Version: 3.0" + + System.lineSeparator() + + "Created-By: " + jdkVersion + " (" + jdkVendor + ")"; + private static final String META_INF = "META-INF/"; + + /** + * Delete the ZIP file produced by this test + * + * @throws IOException if an unexpected IOException occurs + */ + @AfterAll + public void cleanup() throws IOException { + Files.deleteIfExists(zip); + } + + /** + * Create a JAR with the Manifest as the 1st, 2nd and 4th entry + * + * @throws IOException if an error occurs + */ + @BeforeAll + public void writeManifestAsFirstSecondAndFourthEntry() throws IOException { + int locPosA, locPosB, cenPos; + System.out.printf("%n%n*****Creating Jar with the Manifest as the 1st, 2nd and 4th entry*****%n%n"); + var out = new ByteArrayOutputStream(1024); + try (var zos = new ZipOutputStream(out)) { + zos.putNextEntry(new ZipEntry(JarFile.MANIFEST_NAME)); + zos.write(MANIFEST1.getBytes(StandardCharsets.UTF_8)); + zos.closeEntry(); + locPosA = out.size(); + zos.putNextEntry(new ZipEntry(META_INF + "AANIFEST.MF")); + zos.write(MANIFEST2.getBytes(StandardCharsets.UTF_8)); + zos.putNextEntry(new ZipEntry("entry1.txt")); + zos.write("entry1".getBytes(StandardCharsets.UTF_8)); + zos.closeEntry(); + locPosB = out.size(); + zos.putNextEntry(new ZipEntry(META_INF + "BANIFEST.MF")); + zos.write(MANIFEST3.getBytes(StandardCharsets.UTF_8)); + zos.putNextEntry(new ZipEntry("entry2.txt")); + zos.write("hello entry2".getBytes(StandardCharsets.UTF_8)); + zos.flush(); + cenPos = out.size(); + } + var template = out.toByteArray(); + // ISO_8859_1 to keep the 8-bit value + var s = new String(template, StandardCharsets.ISO_8859_1); + // change META-INF/AANIFEST.MF to META-INF/MANIFEST.MF + var loc = s.indexOf("AANIFEST.MF", locPosA); + var cen = s.indexOf("AANIFEST.MF", cenPos); + template[loc] = template[cen] = (byte) 'M'; + // change META-INF/BANIFEST.MF to META-INF/MANIFEST.MF + loc = s.indexOf("BANIFEST.MF", locPosB); + cen = s.indexOf("BANIFEST.MF", cenPos); + template[loc] = template[cen] = (byte) 'M'; + Files.write(zip, template); + } + + @AfterEach + public void removeExtractedFiles() { + rm("META-INF entry1.txt entry2.txt"); + } + + /** + * Extract by default should have the last manifest. + */ + @Test + public void testOverwrite() throws IOException { + jar("xvf " + zip.toString()); + println(); + Assertions.assertEquals("3.0", getManifestVersion()); + String output = " inflated: META-INF/MANIFEST.MF" + nl + + " inflated: META-INF/MANIFEST.MF" + nl + + " inflated: entry1.txt" + nl + + " inflated: META-INF/MANIFEST.MF" + nl + + " inflated: entry2.txt" + nl; + Assertions.assertArrayEquals(baos.toByteArray(), output.getBytes()); + } + + /** + * Extract with k option should have first manifest. + */ + @Test + public void testKeptOldFile() throws IOException { + jar("xkvf " + zip.toString()); + println(); + Assertions.assertEquals("1.0", getManifestVersion()); + String output = " inflated: META-INF/MANIFEST.MF" + nl + + " skipped: META-INF/MANIFEST.MF exists" + nl + + " inflated: entry1.txt" + nl + + " skipped: META-INF/MANIFEST.MF exists" + nl + + " inflated: entry2.txt" + nl; + Assertions.assertArrayEquals(baos.toByteArray(), output.getBytes()); + } + + private String getManifestVersion() throws IOException { + try (var is = Files.newInputStream(Path.of(JarFile.MANIFEST_NAME))) { + var manifest = new Manifest(is); + return manifest.getMainAttributes().getValue(Attributes.Name.MANIFEST_VERSION); + } + } + + private void jar(String cmdline) throws IOException { + System.out.println("jar " + cmdline); + baos.reset(); + + // the run method catches IOExceptions, we need to expose them + ByteArrayOutputStream baes = new ByteArrayOutputStream(); + PrintStream err = new PrintStream(baes); + PrintStream saveErr = System.err; + System.setErr(err); + try { + int rc = JAR_TOOL.run(jarOut, err, cmdline.split(" +")); + if (rc != 0) { + throw new IOException(baes.toString()); + } + } finally { + System.setErr(saveErr); + } + } + + private void println() throws IOException { + System.out.println(new String(baos.toByteArray())); + } + + private Stream mkpath(String... args) { + return Arrays.stream(args).map(d -> Path.of(".", d.split("/"))); + } + + private void rm(String cmdline) { + System.out.println("rm -rf " + cmdline); + mkpath(cmdline.split(" +")).forEach(p -> { + try { + if (Files.isDirectory(p)) { + FileUtils.deleteFileTreeWithRetry(p); + } else { + FileUtils.deleteFileIfExistsWithRetry(p); + } + } catch (IOException x) { + throw new UncheckedIOException(x); + } + }); + } +} \ No newline at end of file diff --git a/test/jdk/tools/jar/modularJar/Basic.java b/test/jdk/tools/jar/modularJar/Basic.java index ffc58eec9d5..cf16358aeb6 100644 --- a/test/jdk/tools/jar/modularJar/Basic.java +++ b/test/jdk/tools/jar/modularJar/Basic.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2015, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -24,7 +24,9 @@ import java.io.*; import java.lang.module.ModuleDescriptor; import java.lang.reflect.Method; -import java.nio.file.*; +import java.nio.file.Files; +import java.nio.file.Path; +import java.nio.file.Paths; import java.util.*; import java.util.function.Consumer; import java.util.jar.JarEntry; @@ -32,6 +34,7 @@ import java.util.jar.JarInputStream; import java.util.jar.Manifest; import java.util.regex.Pattern; +import java.util.spi.ToolProvider; import java.util.stream.Collectors; import java.util.stream.Stream; @@ -59,6 +62,16 @@ */ public class Basic { + + private static final ToolProvider JAR_TOOL = ToolProvider.findFirst("jar") + .orElseThrow(() + -> new RuntimeException("jar tool not found") + ); + private static final ToolProvider JAVAC_TOOL = ToolProvider.findFirst("javac") + .orElseThrow(() + -> new RuntimeException("javac tool not found") + ); + static final Path TEST_SRC = Paths.get(System.getProperty("test.src", ".")); static final Path TEST_CLASSES = Paths.get(System.getProperty("test.classes", ".")); static final Path MODULE_CLASSES = TEST_CLASSES.resolve("build"); @@ -933,13 +946,14 @@ static Result jarWithStdin(File stdinSource, String... args) { } Stream.of(args).forEach(commands::add); ProcessBuilder p = new ProcessBuilder(commands); - if (stdinSource != null) + if (stdinSource != null) { p.redirectInput(stdinSource); + } return run(p); } static Result jar(String... args) { - return jarWithStdin(null, args); + return run(JAR_TOOL, args); } static Path compileModule(String mn) throws IOException { @@ -1027,10 +1041,8 @@ static void javac(Path dest, Path... sourceFiles) throws IOException { static void javac(Path dest, Path modulePath, Path... sourceFiles) throws IOException { - String javac = getJDKTool("javac"); List commands = new ArrayList<>(); - commands.add(javac); if (!TOOL_VM_OPTIONS.isEmpty()) { commands.addAll(Arrays.asList(TOOL_VM_OPTIONS.split("\\s+", -1))); } @@ -1048,7 +1060,13 @@ static void javac(Path dest, Path modulePath, Path... sourceFiles) } Stream.of(sourceFiles).map(Object::toString).forEach(x -> commands.add(x)); - quickFail(run(new ProcessBuilder(commands))); + StringWriter sw = new StringWriter(); + try (PrintWriter pw = new PrintWriter(sw)) { + int rc = JAVAC_TOOL.run(pw, pw, commands.toArray(new String[0])); + if(rc != 0) { + throw new RuntimeException(sw.toString()); + } + } } static Result java(Path modulePath, String entryPoint, String... args) { @@ -1094,9 +1112,13 @@ static boolean jarContains(JarInputStream jis, String entryName) return false; } - static void quickFail(Result r) { - if (r.ec != 0) - throw new RuntimeException(r.output); + static Result run(ToolProvider tp, String[] commands) { + int rc = 0; + StringWriter sw = new StringWriter(); + try (PrintWriter pw = new PrintWriter(sw)) { + rc = tp.run(pw, pw, commands); + } + return new Result(rc, sw.toString()); } static Result run(ProcessBuilder pb) { diff --git a/test/jdk/lib/testlibrary/ModuleTargetHelper.java b/test/jdk/tools/jlink/plugins/SystemModuleDescriptors/ModuleTargetHelper.java similarity index 100% rename from test/jdk/lib/testlibrary/ModuleTargetHelper.java rename to test/jdk/tools/jlink/plugins/SystemModuleDescriptors/ModuleTargetHelper.java diff --git a/test/jdk/tools/jlink/plugins/SystemModuleDescriptors/SystemModulesTest.java b/test/jdk/tools/jlink/plugins/SystemModuleDescriptors/SystemModulesTest.java index 6f83ebc89a5..0b969497303 100644 --- a/test/jdk/tools/jlink/plugins/SystemModuleDescriptors/SystemModulesTest.java +++ b/test/jdk/tools/jlink/plugins/SystemModuleDescriptors/SystemModulesTest.java @@ -42,7 +42,6 @@ /** * @test * @bug 8142968 8173381 - * @library /lib/testlibrary * @modules java.base/jdk.internal.misc * @modules java.base/jdk.internal.module * @modules java.base/jdk.internal.org.objectweb.asm diff --git a/test/jdk/tools/jlink/plugins/SystemModuleDescriptors/UserModuleTest.java b/test/jdk/tools/jlink/plugins/SystemModuleDescriptors/UserModuleTest.java index a4c25e0aff6..e3617d925a8 100644 --- a/test/jdk/tools/jlink/plugins/SystemModuleDescriptors/UserModuleTest.java +++ b/test/jdk/tools/jlink/plugins/SystemModuleDescriptors/UserModuleTest.java @@ -44,7 +44,7 @@ /** * @test * @bug 8142968 8173381 8174740 - * @library /lib/testlibrary /test/lib + * @library /test/lib * @modules jdk.compiler jdk.jlink * @modules java.base/jdk.internal.module * @modules java.base/jdk.internal.org.objectweb.asm diff --git a/test/jdk/tools/launcher/RunpathTest.java b/test/jdk/tools/launcher/RunpathTest.java index 8f761e13bff..2246587f092 100644 --- a/test/jdk/tools/launcher/RunpathTest.java +++ b/test/jdk/tools/launcher/RunpathTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2012, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -24,7 +24,8 @@ /* * @test * @bug 7190813 8022719 - * @summary Check for extended RPATHs on *nixes + * @summary Check for extended RPATHs on Linux + * @requires os.family == "linux" * @compile -XDignore.symbol.file RunpathTest.java * @run main RunpathTest * @author ksrini @@ -57,25 +58,23 @@ void elfCheck(String javacmd, String expectedRpath) { final TestResult tr = doExec(elfreaderCmd, "-d", javacmd); if (!tr.matches(expectedRpath)) { System.out.println(tr); - throw new RuntimeException("FAILED: RPATH/RUNPATH strings " + + throw new RuntimeException("FAILED: RPATH strings " + expectedRpath + " not found in " + javaCmd); } - System.out.println(javacmd + " contains expected RPATHS/RUNPATH"); + System.out.println(javacmd + " contains expected RPATHS"); } void testRpath() { - String expectedRpath = ".*R(UN)?PATH.*\\$ORIGIN/../lib.*"; + String expectedRpath = ".*RPATH.*\\$ORIGIN/../lib.*"; elfCheck(javaCmd, expectedRpath); } public static void main(String... args) throws Exception { - if (isSolaris || isLinux) { - RunpathTest rp = new RunpathTest(); - if (rp.elfreaderCmd == null) { - System.err.println("Warning: test passes vacuously"); - return; - } - rp.testRpath(); + RunpathTest rp = new RunpathTest(); + if (rp.elfreaderCmd == null) { + System.err.println("Warning: test passes vacuously"); + return; } + rp.testRpath(); } } diff --git a/test/jdk/tools/launcher/Settings.java b/test/jdk/tools/launcher/Settings.java index 76e62ffbe57..e65cceaf1fe 100644 --- a/test/jdk/tools/launcher/Settings.java +++ b/test/jdk/tools/launcher/Settings.java @@ -25,7 +25,7 @@ /* * @test - * @bug 6994753 7123582 8305950 + * @bug 6994753 7123582 8305950 8310201 * @summary tests -XshowSettings options * @modules jdk.compiler * jdk.zipfs @@ -67,6 +67,9 @@ static void checkNotContains(TestResult tr, String str) { private static final String VM_SETTINGS = "VM settings:"; private static final String PROP_SETTINGS = "Property settings:"; private static final String LOCALE_SETTINGS = "Locale settings:"; + private static final String LOCALE_SUMMARY_SETTINGS = + "Locale settings summary:"; + private static final String AVAILABLE_LOCALES = "available locales"; private static final String SYSTEM_SETTINGS = "Operating System Metrics:"; private static final String STACKSIZE_SETTINGS = "Stack Size:"; private static final String TZDATA_SETTINGS = "tzdata version"; @@ -74,7 +77,9 @@ static void checkNotContains(TestResult tr, String str) { static void containsAllOptions(TestResult tr) { checkContains(tr, VM_SETTINGS); checkContains(tr, PROP_SETTINGS); - checkContains(tr, LOCALE_SETTINGS); + checkNotContains(tr, LOCALE_SETTINGS); + checkNotContains(tr, AVAILABLE_LOCALES); + checkContains(tr, LOCALE_SUMMARY_SETTINGS); checkContains(tr, TZDATA_SETTINGS); if (System.getProperty("os.name").contains("Linux")) { checkContains(tr, SYSTEM_SETTINGS); @@ -141,6 +146,8 @@ static void runTestOptionLocale() throws IOException { checkNotContains(tr, VM_SETTINGS); checkNotContains(tr, PROP_SETTINGS); checkContains(tr, LOCALE_SETTINGS); + checkContains(tr, AVAILABLE_LOCALES); + checkNotContains(tr, LOCALE_SUMMARY_SETTINGS); checkContains(tr, TZDATA_SETTINGS); } diff --git a/test/jdk/tools/pack200/UnpackMalformed.java b/test/jdk/tools/pack200/UnpackMalformed.java new file mode 100644 index 00000000000..70a84acdf2e --- /dev/null +++ b/test/jdk/tools/pack200/UnpackMalformed.java @@ -0,0 +1,55 @@ +/* + * Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + * + */ + +/* + * @test + * @bug 8315135 + * @run main/othervm/timeout=300 -Dcom.sun.java.util.jar.pack.disable.native=false -Xmx8m UnpackMalformed + */ + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.util.jar.JarOutputStream; +import java.util.jar.Pack200; + +@SuppressWarnings("removal") +public class UnpackMalformed { + public static void main(String[] args) { + try { + ByteArrayInputStream in = new ByteArrayInputStream("foobar".getBytes()); + for (int i=0; i < 1_000; i++) { + try { + JarOutputStream out = new JarOutputStream(new ByteArrayOutputStream()); + Pack200.Unpacker unpacker = Pack200.newUnpacker(); + unpacker.unpack(in, out); + } catch (IOException e) { + } + } + } catch (OutOfMemoryError e) { + System.out.println(e); + throw e; + } + } +} diff --git a/test/jtreg-ext/requires/VMProps.java b/test/jtreg-ext/requires/VMProps.java index 3adee21a9d9..6dfbcfd337c 100644 --- a/test/jtreg-ext/requires/VMProps.java +++ b/test/jtreg-ext/requires/VMProps.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -27,10 +27,13 @@ import java.io.FileInputStream; import java.io.IOException; import java.io.InputStream; +import java.io.File; +import java.nio.charset.Charset; import java.nio.file.Files; import java.nio.file.Path; import java.nio.file.Paths; import java.nio.file.StandardOpenOption; +import java.time.Instant; import java.util.ArrayList; import java.util.Collections; import java.util.HashMap; @@ -43,6 +46,8 @@ import java.util.function.Supplier; import java.util.regex.Matcher; import java.util.regex.Pattern; +import java.util.stream.Collectors; +import java.util.stream.Stream; import sun.hotspot.code.Compiler; import sun.hotspot.cpuinfo.CPUInfo; @@ -77,6 +82,10 @@ public void put(String key, Supplier s) { } map.put(key, value); } + + public void putAll(Map map) { + map.entrySet().forEach(e -> put(e.getKey(), () -> e.getValue())); + } } /** @@ -87,6 +96,7 @@ public void put(String key, Supplier s) { */ @Override public Map call() { + log("Entering call()"); SafeMap map = new SafeMap(); map.put("vm.flavor", this::vmFlavor); map.put("vm.compMode", this::vmCompMode); @@ -119,10 +129,12 @@ public Map call() { map.put("vm.musl", this::isMusl); map.put("release.implementor", this::implementor); map.put("vm.flagless", this::isFlagless); + map.putAll(xOptFlags()); // -Xmx4g -> @requires vm.opt.x.Xmx == "4g" ) vmGC(map); // vm.gc.X = true/false vmOptFinalFlags(map); dump(map.map); + log("Leaving call()"); return map.map; } @@ -452,6 +464,8 @@ protected String isCompiler2Enabled() { * @return true if docker is supported in a given environment */ protected String dockerSupport() { + log("Entering dockerSupport()"); + boolean isSupported = true; if (Platform.isLinux()) { // currently docker testing is only supported for Linux, @@ -470,6 +484,8 @@ protected String dockerSupport() { } } + log("dockerSupport(): platform check: isSupported = " + isSupported); + if (isSupported) { try { isSupported = checkDockerSupport(); @@ -478,15 +494,59 @@ protected String dockerSupport() { } } + log("dockerSupport(): returning isSupported = " + isSupported); return "" + isSupported; } + // Configures process builder to redirect process stdout and stderr to a file. + // Returns file names for stdout and stderr. + private Map redirectOutputToLogFile(String msg, ProcessBuilder pb, String fileNameBase) { + Map result = new HashMap<>(); + String timeStamp = Instant.now().toString().replace(":", "-").replace(".", "-"); + + String stdoutFileName = String.format("./%s-stdout--%s.log", fileNameBase, timeStamp); + pb.redirectOutput(new File(stdoutFileName)); + log(msg + ": child process stdout redirected to " + stdoutFileName); + result.put("stdout", stdoutFileName); + + String stderrFileName = String.format("./%s-stderr--%s.log", fileNameBase, timeStamp); + pb.redirectError(new File(stderrFileName)); + log(msg + ": child process stderr redirected to " + stderrFileName); + result.put("stderr", stderrFileName); + + return result; + } + + private void printLogfileContent(Map logFileNames) { + logFileNames.entrySet().stream() + .forEach(entry -> + { + log("------------- " + entry.getKey()); + try { + Files.lines(Path.of(entry.getValue())) + .forEach(line -> log(line)); + } catch (IOException ie) { + log("Exception while reading file: " + ie); + } + log("-------------"); + }); + } + private boolean checkDockerSupport() throws IOException, InterruptedException { + log("checkDockerSupport(): entering"); ProcessBuilder pb = new ProcessBuilder(Container.ENGINE_COMMAND, "ps"); + Map logFileNames = redirectOutputToLogFile("checkDockerSupport(): ps", + pb, "container-ps"); Process p = pb.start(); p.waitFor(10, TimeUnit.SECONDS); + int exitValue = p.exitValue(); - return (p.exitValue() == 0); + log(String.format("checkDockerSupport(): exitValue = %s, pid = %s", exitValue, p.pid())); + if (exitValue != 0) { + printLogfileContent(logFileNames); + } + + return (exitValue == 0); } /** @@ -518,19 +578,18 @@ private String implementor() { * Checks if we are in almost out-of-box configuration, i.e. the flags * which JVM is started with don't affect its behavior "significantly". * {@code TEST_VM_FLAGLESS} enviroment variable can be used to force this - * method to return true and allow any flags. + * method to return true or false and allow or reject any flags. * * @return true if there are no JVM flags */ private String isFlagless() { boolean result = true; - if (System.getenv("TEST_VM_FLAGLESS") != null) { - return "" + result; + String flagless = System.getenv("TEST_VM_FLAGLESS"); + if (flagless != null) { + return "" + "true".equalsIgnoreCase(flagless); } - List allFlags = new ArrayList(); - Collections.addAll(allFlags, System.getProperty("test.vm.opts", "").trim().split("\\s+")); - Collections.addAll(allFlags, System.getProperty("test.java.opts", "").trim().split("\\s+")); + List allFlags = allFlags().collect(Collectors.toList()); // check -XX flags var ignoredXXFlags = Set.of( @@ -573,6 +632,35 @@ private String isFlagless() { return "" + result; } + private Stream allFlags() { + return Stream.of((System.getProperty("test.vm.opts", "") + " " + System.getProperty("test.java.opts", "")).trim().split("\\s+")); + } + + /** + * Parses extra options, options that start with -X excluding the + * bare -X option (as it is not considered an extra option). + * Ignores extra options not starting with -X + * + * This could be improved to handle extra options not starting + * with -X as well as "standard" options. + */ + private Map xOptFlags() { + return allFlags() + .filter(s -> s.startsWith("-X") && !s.startsWith("-XX:") && !s.equals("-X")) + .map(s -> s.replaceFirst("-", "")) + .map(flag -> { + String[] split = flag.split("[:0123456789]", 2); + return split.length == 2 ? new String[] {split[0], flag.substring(split[0].length(), flag.length() - split[1].length()), split[1]} + : split; + }) + .collect(Collectors.toMap(a -> "vm.opt.x." + a[0], + a -> (a.length == 1) + ? "true" // -Xnoclassgc + : (a[1].equals(":") + ? a[2] // ["-XshowSettings", ":", "system"] + : a[1] + a[2]))); // ["-Xmx", "4", "g"] + } + /** * Dumps the map to the file if the file name is given as the property. * This functionality could be helpful to know context in the real @@ -596,6 +684,40 @@ protected static void dump(Map map) { } } + /** + * Log diagnostic message. + * + * @param msg + */ + protected static void log(String msg) { + // Always log to a file. + logToFile(msg); + + // Also log to stderr; guarded by property to avoid excessive verbosity. + // By jtreg design stderr produced here will be visible + // in the output of a parent process. Note: stdout should not be used + // for logging as jtreg parses that output directly and only echoes it + // in the event of a failure. + if (Boolean.getBoolean("jtreg.log.vmprops")) { + System.err.println("VMProps: " + msg); + } + } + + /** + * Log diagnostic message to a file. + * + * @param msg + */ + protected static void logToFile(String msg) { + String fileName = "./vmprops.log"; + try { + Files.writeString(Paths.get(fileName), msg + "\n", Charset.forName("ISO-8859-1"), + StandardOpenOption.APPEND, StandardOpenOption.CREATE); + } catch (IOException e) { + throw new RuntimeException("Failed to log into '" + fileName + "'", e); + } + } + /** * This method is for the testing purpose only. * diff --git a/test/langtools/ProblemList.txt b/test/langtools/ProblemList.txt index 847d4f69391..9ad2b728dcd 100644 --- a/test/langtools/ProblemList.txt +++ b/test/langtools/ProblemList.txt @@ -60,7 +60,6 @@ tools/javac/importscope/T8193717.java # javap tools/javap/output/RepeatingTypeAnnotations.java 8057687 generic-all emit correct byte code an attributes for type annotations -tools/javap/T6587786.java 8195589 generic-all T6587786.java failed after JDK-8189997 ########################################################################### # diff --git a/test/langtools/TEST.ROOT b/test/langtools/TEST.ROOT index 3348f3711bc..b5503c4f71e 100644 --- a/test/langtools/TEST.ROOT +++ b/test/langtools/TEST.ROOT @@ -15,10 +15,14 @@ keys=intermittent randomness groups=TEST.groups # Minimum jtreg version -requiredVersion=6+1 +requiredVersion=7.3.1+1 # Use new module options useNewOptions=true # Use --patch-module instead of -Xmodule: useNewPatchModule=true + +# Path to libraries in the topmost test directory. This is needed so @library +# does not need ../../ notation to reach them +external.lib.roots = ../../ diff --git a/test/langtools/TEST.groups b/test/langtools/TEST.groups index b24fb24f2c6..65f3ad77765 100644 --- a/test/langtools/TEST.groups +++ b/test/langtools/TEST.groups @@ -20,6 +20,14 @@ # questions. # +# All tests + +all = \ + :langtools_all + +langtools_all = \ + / + # Tiered testing definitions # (Nearly) all langtools tests are tier 1. diff --git a/test/langtools/jdk/internal/shellsupport/doc/JavadocHelperTest.java b/test/langtools/jdk/internal/shellsupport/doc/JavadocHelperTest.java index 48106face35..d8539b8c656 100644 --- a/test/langtools/jdk/internal/shellsupport/doc/JavadocHelperTest.java +++ b/test/langtools/jdk/internal/shellsupport/doc/JavadocHelperTest.java @@ -30,7 +30,7 @@ * jdk.compiler/com.sun.tools.javac.main * jdk.compiler/jdk.internal.shellsupport.doc * @build toolbox.ToolBox toolbox.JarTask toolbox.JavacTask - * @run testng/timeout=900/othervm JavadocHelperTest + * @run testng/timeout=900/othervm -Xmx1024m JavadocHelperTest */ import java.io.IOException; diff --git a/test/langtools/jdk/javadoc/doclet/testHrefInDocComment/TestHrefInDocComment.java b/test/langtools/jdk/javadoc/doclet/testHrefInDocComment/TestHrefInDocComment.java index 9b6d8287878..c0794d2addd 100644 --- a/test/langtools/jdk/javadoc/doclet/testHrefInDocComment/TestHrefInDocComment.java +++ b/test/langtools/jdk/javadoc/doclet/testHrefInDocComment/TestHrefInDocComment.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2021, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,7 +23,7 @@ /* * @test - * @bug 4638015 + * @bug 4638015 8248001 * @summary Determine if Hrefs are processed properly when they * appear in doc comments. * @author jamieh diff --git a/test/langtools/jdk/javadoc/doclet/testHrefInDocComment/pkg/J1.java b/test/langtools/jdk/javadoc/doclet/testHrefInDocComment/pkg/J1.java new file mode 100644 index 00000000000..9be939f37b1 --- /dev/null +++ b/test/langtools/jdk/javadoc/doclet/testHrefInDocComment/pkg/J1.java @@ -0,0 +1,75 @@ +/* + * Copyright (c) 2016, 2021, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package pkg; + +/** + *This class has various functions, + * see FTP Site, + * file service for further information + *various functions + *

    + *
  • function1
    • + *
  • function2
    • + *
  • function3
    • + *
+ *special methods + *
    + *
  • method1
    • + *
  • method2
    • + *
  • method3
    • + *
+ */ +public class J1 { + /** + *fields. + */ + protected Object field1; + + /** + *Creates an instance which has various functions. + */ + public J1(){ + } + + /** + *This is aspecial method. + *@param p1 arg1 + */ + public void method1(int p1){ + } + + /** + *See FTP Site for more information. + *@param p1 arg1 + */ + public void method2(int p1){ + } + + /** + *See file service for more information. + *@param p1 arg1 + */ + public void method3(int p1){ + } +} diff --git a/test/langtools/jdk/javadoc/doclet/testHtmlDocument/TestHtmlDocument.java b/test/langtools/jdk/javadoc/doclet/testHtmlDocument/TestHtmlDocument.java index 27bdcfa4ce7..cab7900ddf4 100644 --- a/test/langtools/jdk/javadoc/doclet/testHtmlDocument/TestHtmlDocument.java +++ b/test/langtools/jdk/javadoc/doclet/testHtmlDocument/TestHtmlDocument.java @@ -75,31 +75,31 @@ public static String generateHtmlTree() { HtmlTree title = new HtmlTree(HtmlTag.TITLE); // String content within the document StringContent titleContent = new StringContent("Markup test"); - title.addContent(titleContent); - head.addContent(title); + title.add(titleContent); + head.add(title); // Test META tag HtmlTree meta = new HtmlTree(HtmlTag.META); - meta.addAttr(HtmlAttr.NAME, "keywords"); - meta.addAttr(HtmlAttr.CONTENT, "testContent"); - head.addContent(meta); + meta.put(HtmlAttr.NAME, "keywords"); + meta.put(HtmlAttr.CONTENT, "testContent"); + head.add(meta); // Test invalid META tag HtmlTree invmeta = new HtmlTree(HtmlTag.META); - head.addContent(invmeta); + head.add(invmeta); // Test LINK tag HtmlTree link = new HtmlTree(HtmlTag.LINK); - link.addAttr(HtmlAttr.REL, "testRel"); - link.addAttr(HtmlAttr.HREF, "testLink.html"); - head.addContent(link); + link.put(HtmlAttr.REL, "testRel"); + link.put(HtmlAttr.HREF, "testLink.html"); + head.add(link); // Test invalid LINK tag HtmlTree invlink = new HtmlTree(HtmlTag.LINK); - head.addContent(invlink); - html.addContent(head); + head.add(invlink); + html.add(head); // Comment within the document Comment bodyMarker = new Comment("======== START OF BODY ========"); - html.addContent(bodyMarker); + html.add(bodyMarker); HtmlTree body = new HtmlTree(HtmlTag.BODY); Comment pMarker = new Comment("======== START OF PARAGRAPH ========"); - body.addContent(pMarker); + body.add(pMarker); HtmlTree p = new HtmlTree(HtmlTag.P); StringContent bodyContent = new StringContent( "This document is generated from sample source code and HTML " + @@ -107,41 +107,41 @@ public static String generateHtmlTree() { "subclasses, subinterfaces, nested classes, nested interfaces," + "inheriting from other packages, constructors, fields," + "methods, and so forth. "); - p.addContent(bodyContent); + p.add(bodyContent); StringContent anchorContent = new StringContent("Click Here"); - p.addContent(HtmlTree.A("testLink.html", anchorContent)); + p.add(HtmlTree.A("testLink.html", anchorContent)); StringContent pContent = new StringContent(" to out a link."); - p.addContent(pContent); - body.addContent(p); + p.add(pContent); + body.add(p); HtmlTree p1 = new HtmlTree(HtmlTag.P); // Test another version of A tag. HtmlTree anchor = new HtmlTree(HtmlTag.A); - anchor.addAttr(HtmlAttr.HREF, "testLink.html"); - anchor.addAttr(HtmlAttr.ID, "Another version of a tag"); - p1.addContent(anchor); - body.addContent(p1); + anchor.put(HtmlAttr.HREF, "testLink.html"); + anchor.put(HtmlAttr.ID, "Another version of a tag"); + p1.add(anchor); + body.add(p1); // Test for empty tags. HtmlTree dl = new HtmlTree(HtmlTag.DL); - html.addContent(dl); + html.add(dl); // Test for empty nested tags. HtmlTree dlTree = new HtmlTree(HtmlTag.DL); - dlTree.addContent(new HtmlTree(HtmlTag.DT)); - dlTree.addContent(new HtmlTree (HtmlTag.DD)); - html.addContent(dlTree); + dlTree.add(new HtmlTree(HtmlTag.DT)); + dlTree.add(new HtmlTree (HtmlTag.DD)); + html.add(dlTree); HtmlTree dlDisplay = new HtmlTree(HtmlTag.DL); - dlDisplay.addContent(new HtmlTree(HtmlTag.DT)); + dlDisplay.add(new HtmlTree(HtmlTag.DT)); HtmlTree dd = new HtmlTree (HtmlTag.DD); StringContent ddContent = new StringContent("Test DD"); - dd.addContent(ddContent); - dlDisplay.addContent(dd); - body.addContent(dlDisplay); + dd.add(ddContent); + dlDisplay.add(dd); + body.add(dlDisplay); StringContent emptyString = new StringContent(""); - body.addContent(emptyString); + body.add(emptyString); Comment emptyComment = new Comment(""); - body.addContent(emptyComment); + body.add(emptyComment); HtmlTree hr = new HtmlTree(HtmlTag.HR); - body.addContent(hr); - html.addContent(body); + body.add(hr); + html.add(body); HtmlDocument htmlDoc = new HtmlDocument(htmlDocType, html); return htmlDoc.toString(); } diff --git a/test/langtools/jdk/javadoc/doclet/testIOException/TestIOException.java b/test/langtools/jdk/javadoc/doclet/testIOException/TestIOException.java index 9db41724ae5..b0bfc3c4a81 100644 --- a/test/langtools/jdk/javadoc/doclet/testIOException/TestIOException.java +++ b/test/langtools/jdk/javadoc/doclet/testIOException/TestIOException.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2016, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,9 +23,9 @@ /* * @test - * @bug 8164130 + * @bug 8164130 8334332 * @summary test IOException handling - * @library ../lib + * @library ../lib /test/lib * @modules jdk.javadoc/jdk.javadoc.internal.tool * @build JavadocTester * @run main TestIOException @@ -33,7 +33,18 @@ import java.io.File; import java.io.FileWriter; +import java.nio.file.Path; +import java.nio.file.Files; +import java.util.Map; +import jtreg.SkippedException; + +/** + * Tests IO Exception handling. + * + * Update: Windows does not permit setting folder to be readonly. + * https://support.microsoft.com/en-us/help/326549/you-cannot-view-or-change-the-read-only-or-the-system-attributes-of-fo + */ public class TestIOException extends JavadocTester { public static void main(String... args) throws Exception { @@ -45,13 +56,13 @@ public static void main(String... args) throws Exception { void testReadOnlyDirectory() { File outDir = new File("out1"); if (!outDir.mkdir()) { - throw new Error("Cannot create directory"); + throw skip(outDir, "Cannot create directory"); } if (!outDir.setReadOnly()) { - throw new Error("could not set directory read-only"); + throw skip(outDir, "could not set directory read-only"); } if (outDir.canWrite()) { - throw new Error("directory is writable"); + throw skip(outDir, "directory is writable"); } try { @@ -69,15 +80,15 @@ void testReadOnlyDirectory() { void testReadOnlyFile() throws Exception { File outDir = new File("out2"); if (!outDir.mkdir()) { - throw new Error("Cannot create directory"); + throw skip(outDir, "Cannot create directory"); } File index = new File(outDir, "index.html"); try (FileWriter fw = new FileWriter(index)) { } if (!index.setReadOnly()) { - throw new Error("could not set index read-only"); + throw skip(index, "could not set index read-only"); } if (index.canWrite()) { - throw new Error("index is writable"); + throw skip(index, "index is writable"); } try { @@ -109,13 +120,13 @@ void testReadOnlySubdirectory() throws Exception { File outDir = new File("out3"); File pkgOutDir = new File(outDir, "p"); if (!pkgOutDir.mkdirs()) { - throw new Error("Cannot create directory"); + throw skip(pkgOutDir, "Cannot create directory"); } if (!pkgOutDir.setReadOnly()) { - throw new Error("could not set directory read-only"); + throw skip(pkgOutDir, "could not set directory read-only"); } if (pkgOutDir.canWrite()) { - throw new Error("directory is writable"); + throw skip(pkgOutDir, "directory is writable"); } // run javadoc and check results @@ -153,13 +164,13 @@ void testReadOnlyDocFilesDir() throws Exception { File pkgOutDir = new File(outDir, "p"); File docFilesOutDir = new File(pkgOutDir, "doc-files"); if (!docFilesOutDir.mkdirs()) { - throw new Error("Cannot create directory"); + throw skip(docFilesOutDir, "Cannot create directory"); } if (!docFilesOutDir.setReadOnly()) { - throw new Error("could not set directory read-only"); + throw skip(docFilesOutDir, "could not set directory read-only"); } if (docFilesOutDir.canWrite()) { - throw new Error("directory is writable"); + throw skip(docFilesOutDir, "directory is writable"); } try { @@ -175,5 +186,30 @@ void testReadOnlyDocFilesDir() throws Exception { docFilesOutDir.setWritable(true); } } + + private Error skip(File f, String message) { + out.print(System.getProperty("user.name")); + out.println(f + ": " + message); + showAllAttributes(f.toPath()); + throw new SkippedException(f + ": " + message); + } + + private void showAllAttributes(Path p) { + showAttributes(p, "*"); + showAttributes(p, "posix:*"); + showAttributes(p, "dos:*"); + } + + private void showAttributes(Path p, String attributes) { + out.println("Attributes: " + attributes); + try { + Map map = Files.readAttributes(p, attributes); + map.forEach((n, v) -> out.format(" %-10s: %s%n", n, v)); + } catch (UnsupportedOperationException e) { + out.println("Attributes not available " + attributes); + } catch (Throwable t) { + out.println("Error accessing attributes " + attributes + ": " + t); + } + } } diff --git a/test/langtools/jdk/javadoc/doclet/testSearch/TestSearch.java b/test/langtools/jdk/javadoc/doclet/testSearch/TestSearch.java index aa607d29598..bc875394442 100644 --- a/test/langtools/jdk/javadoc/doclet/testSearch/TestSearch.java +++ b/test/langtools/jdk/javadoc/doclet/testSearch/TestSearch.java @@ -400,7 +400,7 @@ void checkSearchOutput(String fileName, boolean expectedOutput, boolean moduleDi "\n", - "\n", + "\n", "", "var pathtoroot = \"./\";\n" + "var useModuleDirectories = " + moduleDirectoriesVar + ";\n" @@ -593,7 +593,7 @@ void checkJqueryAndImageFiles(boolean expectedOutput) { checkFiles(expectedOutput, "search.js", "jquery-ui.overrides.css", - "jquery/jquery-3.6.1.min.js", + "jquery/jquery-3.7.1.min.js", "jquery/jquery-ui.min.js", "jquery/jquery-ui.min.css", "jquery/external/jquery/jquery.js", diff --git a/test/langtools/jdk/javadoc/doclet/testSerialVersionUID/TestSerialVersionUID.java b/test/langtools/jdk/javadoc/doclet/testSerialVersionUID/TestSerialVersionUID.java index 6e06fce1d82..1d22b44ebdd 100644 --- a/test/langtools/jdk/javadoc/doclet/testSerialVersionUID/TestSerialVersionUID.java +++ b/test/langtools/jdk/javadoc/doclet/testSerialVersionUID/TestSerialVersionUID.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -42,7 +42,8 @@ public static void main(String... args) throws Exception { @Test void test() { - javadoc("-d", "out", + javadoc("-encoding", "UTF-8", + "-d", "out", testSrc("C.java")); checkExit(Exit.OK); diff --git a/test/langtools/jdk/javadoc/doclet/testSerializedFormWithSee/TestSerializedFormWithSee.java b/test/langtools/jdk/javadoc/doclet/testSerializedFormWithSee/TestSerializedFormWithSee.java new file mode 100644 index 00000000000..909b4d9edb8 --- /dev/null +++ b/test/langtools/jdk/javadoc/doclet/testSerializedFormWithSee/TestSerializedFormWithSee.java @@ -0,0 +1,136 @@ +/* + * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 8207214 + * @summary Test serialized forms, with at-see to other members + * @library /tools/lib ../lib + * @modules jdk.javadoc/jdk.javadoc.internal.tool + * @build JavadocTester toolbox.ToolBox + * @run main TestSerializedFormWithSee + */ + +import java.io.IOException; +import java.nio.file.Path; +import java.nio.file.Paths; + +import toolbox.ToolBox; + +/** + * Test the links generated in source files with combinations + * of modules, Serializable, and @see for public and private methods. + * + * In the various test cases, in addition to the explicit call + * to {@code checkExit}, the primary check is the implicit call + * to {@code checkLinks}, to verify that there are no broken + * links in the generated files. + */ +public class TestSerializedFormWithSee extends JavadocTester { + + public static void main(String... args) throws Exception { + TestSerializedFormWithSee tester = new TestSerializedFormWithSee(); + tester.runTests(m -> new Object[] { Paths.get(m.getName()) }); + } + + private final ToolBox tb; + + TestSerializedFormWithSee() { + tb = new ToolBox(); + } + + @Test + public void test_noModule_notSerializable(Path base) throws IOException { + Path srcDir = generateSource(base, false, false); + + Path outDir = base.resolve("out"); + javadoc("-d", outDir.toString(), + "-sourcepath", srcDir.toString(), + "p"); + checkExit(Exit.OK); + } + + @Test + public void test_noModule_serializable(Path base) throws IOException { + Path srcDir = generateSource(base, false, true); + + Path outDir = base.resolve("out"); + javadoc("-d", outDir.toString(), + "-sourcepath", srcDir.toString(), + "p"); + checkExit(Exit.OK); + } + + @Test + public void test_module_notSerializable(Path base) throws IOException { + Path srcDir = generateSource(base, true, false); + + Path outDir = base.resolve("out"); + javadoc("-d", outDir.toString(), + "-sourcepath", srcDir.toString(), + "m/p"); + checkExit(Exit.OK); + } + + @Test + public void test_module_serializable(Path base) throws IOException { + Path srcDir = generateSource(base, true, true); + + Path outDir = base.resolve("out"); + javadoc("-d", outDir.toString(), + "-sourcepath", srcDir.toString(), + "m/p"); + checkExit(Exit.OK); + } + + Path generateSource(Path base, boolean module, boolean serializable) throws IOException { + Path dir = base.resolve("src"); + if (module) { + tb.writeJavaFiles(dir, "module m { }"); + } + StringBuilder sb = new StringBuilder(); + sb.append("package p;\n"); + sb.append("public class C " + (serializable ? "implements java.io.Serializable " : "") + "{\n"); + for (String access : new String[] { "public", "private" }) { + sb.append(" /**\n"); + sb.append(" * This is a " + access + " " + (serializable ? "serializable " : "") + "field.\n"); + sb.append(" * More description.\n"); + sb.append(" * " + (serializable ? "@serial This is the serial description." : "") + "\n"); + sb.append(" * @see #publicMethod()\n"); + sb.append(" * @see #privateMethod()\n"); + sb.append(" */\n"); + sb.append(" " + access + " int " + access + "Field;\n"); + } + for (String access : new String[] { "public", "private" }) { + sb.append(" /**\n"); + sb.append(" * This is a " + access + " method.\n"); + sb.append(" * More description.\n"); + sb.append(" * @return zero.\n"); + sb.append(" */\n"); + sb.append(" " + access + " int " + access + "Method() { return 0; }\n"); + } + sb.append(" }\n"); + tb.writeJavaFiles(dir, sb.toString()); + return dir; + } +} diff --git a/test/langtools/jdk/javadoc/doclet/testTagMisuse/TestTagMisuse.java b/test/langtools/jdk/javadoc/doclet/testTagMisuse/TestTagMisuse.java index 473231e7de2..ca8a53f0980 100644 --- a/test/langtools/jdk/javadoc/doclet/testTagMisuse/TestTagMisuse.java +++ b/test/langtools/jdk/javadoc/doclet/testTagMisuse/TestTagMisuse.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2001, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2001, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -45,7 +45,8 @@ public static void main(String... args) throws Exception { @Test void test() { - javadoc("-Xdoclint:none", + javadoc("-encoding", "UTF-8", + "-Xdoclint:none", "-d", "out", testSrc("TestTagMisuse.java")); checkExit(Exit.OK); diff --git a/test/langtools/jdk/javadoc/doclet/testThrowsHead/TestThrowsHead.java b/test/langtools/jdk/javadoc/doclet/testThrowsHead/TestThrowsHead.java index e73e6bdaa37..f3917c1c954 100644 --- a/test/langtools/jdk/javadoc/doclet/testThrowsHead/TestThrowsHead.java +++ b/test/langtools/jdk/javadoc/doclet/testThrowsHead/TestThrowsHead.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -43,7 +43,8 @@ public static void main(String... args) throws Exception { @Test void test() { - javadoc("-d", "out", + javadoc("-encoding", "UTF-8", + "-d", "out", testSrc("C.java")); checkExit(Exit.OK); diff --git a/test/langtools/jdk/javadoc/doclet/testUnnamedPackage/TestUnnamedPackage.java b/test/langtools/jdk/javadoc/doclet/testUnnamedPackage/TestUnnamedPackage.java index b12b7f2d7f8..35dc6ce9da2 100644 --- a/test/langtools/jdk/javadoc/doclet/testUnnamedPackage/TestUnnamedPackage.java +++ b/test/langtools/jdk/javadoc/doclet/testUnnamedPackage/TestUnnamedPackage.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -42,7 +42,8 @@ public static void main(String... args) throws Exception { @Test void test() { - javadoc("-d", "out", + javadoc("-encoding", "UTF-8", + "-d", "out", "-sourcepath", testSrc, testSrc("C.java")); checkExit(Exit.OK); diff --git a/test/langtools/jdk/javadoc/tool/api/basic/APITest.java b/test/langtools/jdk/javadoc/tool/api/basic/APITest.java index 23b48e23dac..f6712582178 100644 --- a/test/langtools/jdk/javadoc/tool/api/basic/APITest.java +++ b/test/langtools/jdk/javadoc/tool/api/basic/APITest.java @@ -200,7 +200,7 @@ protected void error(String msg) { "help-doc.html", "index-all.html", "index.html", - "jquery/jquery-3.6.1.min.js", + "jquery/jquery-3.7.1.min.js", "jquery/jquery-ui.min.js", "jquery/jquery-ui.min.css", "jquery/external/jquery/jquery.js", diff --git a/test/langtools/jdk/javadoc/tool/nonConstExprs/Test.java b/test/langtools/jdk/javadoc/tool/nonConstExprs/Test.java index 889945b236d..f03c928849a 100644 --- a/test/langtools/jdk/javadoc/tool/nonConstExprs/Test.java +++ b/test/langtools/jdk/javadoc/tool/nonConstExprs/Test.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2013, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -34,6 +34,7 @@ public class Test { public static void main(String... args) throws Exception { File testSrc = new File(System.getProperty("test.src")); String[] jdoc_args = { + "-encoding", "UTF-8", "-d", "out", new File(testSrc, Test.class.getSimpleName() + ".java").getPath() }; diff --git a/test/langtools/jdk/jshell/AnalyzeSnippetTest.java b/test/langtools/jdk/jshell/AnalyzeSnippetTest.java index b566a023caf..3e2e1a839e2 100644 --- a/test/langtools/jdk/jshell/AnalyzeSnippetTest.java +++ b/test/langtools/jdk/jshell/AnalyzeSnippetTest.java @@ -64,6 +64,7 @@ public void setUp() { state = JShell.builder() .out(new PrintStream(new ByteArrayOutputStream())) .err(new PrintStream(new ByteArrayOutputStream())) + .executionEngine(Presets.TEST_DEFAULT_EXECUTION) .build(); sca = state.sourceCodeAnalysis(); } diff --git a/test/langtools/jdk/jshell/CustomInputToolBuilder.java b/test/langtools/jdk/jshell/CustomInputToolBuilder.java index a80f58daabe..523981b3d91 100644 --- a/test/langtools/jdk/jshell/CustomInputToolBuilder.java +++ b/test/langtools/jdk/jshell/CustomInputToolBuilder.java @@ -35,6 +35,7 @@ import java.io.InputStream; import java.io.PrintStream; import java.util.Arrays; +import java.util.HashMap; import java.util.List; import jdk.jshell.tool.JavaShellToolBuilder; import org.testng.annotations.Test; @@ -88,7 +89,9 @@ private void doTest(boolean interactiveTerminal, String code, String... expected .out(printOut, printOut, printOut) .interactiveTerminal(interactiveTerminal) .promptCapture(true) - .start("--no-startup"); + .persistence(new HashMap<>()) + .start("--no-startup", + "--execution", Presets.TEST_DEFAULT_EXECUTION); String actual = new String(out.toByteArray()); List actualLines = Arrays.asList(actual.split("\\R")); diff --git a/test/langtools/jdk/jshell/ExecutionControlTestBase.java b/test/langtools/jdk/jshell/ExecutionControlTestBase.java index 201150797f5..9b2a4f34ebe 100644 --- a/test/langtools/jdk/jshell/ExecutionControlTestBase.java +++ b/test/langtools/jdk/jshell/ExecutionControlTestBase.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,28 +25,14 @@ import org.testng.annotations.Test; import jdk.jshell.VarSnippet; -import java.net.InetAddress; import static jdk.jshell.Snippet.Status.VALID; import static jdk.jshell.Snippet.SubKind.*; public class ExecutionControlTestBase extends KullaTesting { - String standardListenSpec() { - String loopback = InetAddress.getLoopbackAddress().getHostAddress(); - return "jdi:hostname(" + loopback + ")"; - } - - String standardLaunchSpec() { - return "jdi:launch(true)"; - } - - String standardJdiSpec() { - return "jdi"; - } - - String standardSpecs() { - return "5(" + standardListenSpec() + "), 6(" + standardLaunchSpec() + "), 7(" + standardJdiSpec() + ")"; + String alwaysPassingSpec() { + return "5(local)"; } @Test diff --git a/test/langtools/jdk/jshell/FailOverDirectExecutionControlTest.java b/test/langtools/jdk/jshell/FailOverDirectExecutionControlTest.java index da838798f8e..a094ed4a86f 100644 --- a/test/langtools/jdk/jshell/FailOverDirectExecutionControlTest.java +++ b/test/langtools/jdk/jshell/FailOverDirectExecutionControlTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -129,9 +129,7 @@ public void setUp() { Map pm = provider.defaultParameters(); pm.put("0", "alwaysFailing"); pm.put("1", "alwaysFailing"); - pm.put("2", standardListenSpec()); - pm.put("3", standardLaunchSpec()); - pm.put("4", standardJdiSpec()); + pm.put("2", "local"); setUp(builder -> builder.executionEngine(provider, pm)); } @@ -159,9 +157,7 @@ public void variables() { assertTrue(log.contains("This operation intentionally broken"), log); log = logged.get(Level.FINEST).get(0); assertTrue( - log.contains("Success failover -- 2 = " + standardListenSpec()) - || log.contains("Success failover -- 3 = " + standardLaunchSpec()) - || log.contains("Success failover -- 4 = " + standardJdiSpec()), + log.contains("Success failover -- 2 = local"), log); } } diff --git a/test/langtools/jdk/jshell/FailOverExecutionControlDyingLaunchTest.java b/test/langtools/jdk/jshell/FailOverExecutionControlDyingLaunchTest.java index f3218fab7c7..31011960880 100644 --- a/test/langtools/jdk/jshell/FailOverExecutionControlDyingLaunchTest.java +++ b/test/langtools/jdk/jshell/FailOverExecutionControlDyingLaunchTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -43,6 +43,6 @@ public class FailOverExecutionControlDyingLaunchTest extends ExecutionControlTes public void setUp() { setUp(builder -> builder.executionEngine( "failover:0(jdi:remoteAgent(DyingRemoteAgent),launch(true)), " - + standardSpecs())); + + alwaysPassingSpec())); } } diff --git a/test/langtools/jdk/jshell/FailOverExecutionControlHangingLaunchTest.java b/test/langtools/jdk/jshell/FailOverExecutionControlHangingLaunchTest.java index 778d004915c..9958b7a3284 100644 --- a/test/langtools/jdk/jshell/FailOverExecutionControlHangingLaunchTest.java +++ b/test/langtools/jdk/jshell/FailOverExecutionControlHangingLaunchTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -42,6 +42,6 @@ public class FailOverExecutionControlHangingLaunchTest extends ExecutionControlT public void setUp() { setUp(builder -> builder.executionEngine( "failover:0(jdi:remoteAgent(HangingRemoteAgent),launch(true)), " - + standardSpecs())); + + alwaysPassingSpec())); } } diff --git a/test/langtools/jdk/jshell/FailOverExecutionControlHangingListenTest.java b/test/langtools/jdk/jshell/FailOverExecutionControlHangingListenTest.java index f22dd821f40..4f29bfe9c7a 100644 --- a/test/langtools/jdk/jshell/FailOverExecutionControlHangingListenTest.java +++ b/test/langtools/jdk/jshell/FailOverExecutionControlHangingListenTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -45,6 +45,6 @@ public void setUp() { String loopback = InetAddress.getLoopbackAddress().getHostAddress(); setUp(builder -> builder.executionEngine( "failover:0(jdi:remoteAgent(HangingRemoteAgent),hostname(" + loopback + "))," - + standardSpecs())); + + alwaysPassingSpec())); } } diff --git a/test/langtools/jdk/jshell/FailOverExecutionControlTest.java b/test/langtools/jdk/jshell/FailOverExecutionControlTest.java index 0843351815f..80dc56d72c4 100644 --- a/test/langtools/jdk/jshell/FailOverExecutionControlTest.java +++ b/test/langtools/jdk/jshell/FailOverExecutionControlTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -41,7 +41,7 @@ public class FailOverExecutionControlTest extends ExecutionControlTestBase { @Override public void setUp() { setUp(builder -> builder.executionEngine("failover:0(expectedFailureNonExistent1), 1(expectedFailureNonExistent2), " - + standardSpecs())); + + alwaysPassingSpec())); } } diff --git a/test/langtools/jdk/jshell/HangingRemoteAgent.java b/test/langtools/jdk/jshell/HangingRemoteAgent.java index e64f1c25ea3..515f98731a3 100644 --- a/test/langtools/jdk/jshell/HangingRemoteAgent.java +++ b/test/langtools/jdk/jshell/HangingRemoteAgent.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2016, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -30,12 +30,15 @@ import jdk.jshell.spi.ExecutionControlProvider; /** - * Hang for three minutes (long enough to cause a timeout). + * HangingRemoteAgent main() runs in its loop for 2X the timeout + * we give the launcher to fail to attach. */ class HangingRemoteAgent extends RemoteExecutionControl { - private static final long DELAY = 4000L; - private static final int TIMEOUT = 2000; + private static float timeoutFactor = Float.parseFloat(System.getProperty("test.timeout.factor", "1.0")); + + private static final int TIMEOUT = (int)(2000 * timeoutFactor); + private static final long DELAY = TIMEOUT * 2L; private static final boolean INFRA_VERIFY = false; public static void main(String[] args) throws Exception { diff --git a/test/langtools/jdk/jshell/IdGeneratorTest.java b/test/langtools/jdk/jshell/IdGeneratorTest.java index 23727aef643..e8a38dfe7f0 100644 --- a/test/langtools/jdk/jshell/IdGeneratorTest.java +++ b/test/langtools/jdk/jshell/IdGeneratorTest.java @@ -53,7 +53,8 @@ public JShell.Builder getBuilder() { return JShell.builder() .in(inStream) .out(new PrintStream(outStream)) - .err(new PrintStream(errStream)); + .err(new PrintStream(errStream)) + .executionEngine(Presets.TEST_DEFAULT_EXECUTION); } public void testTempNameGenerator() { diff --git a/test/langtools/jdk/jshell/JdiHangingLaunchExecutionControlTest.java b/test/langtools/jdk/jshell/JdiHangingLaunchExecutionControlTest.java index 44354c57433..577228d4820 100644 --- a/test/langtools/jdk/jshell/JdiHangingLaunchExecutionControlTest.java +++ b/test/langtools/jdk/jshell/JdiHangingLaunchExecutionControlTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2016, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,7 +23,7 @@ /* * @test - * @bug 8169519 + * @bug 8169519 8207166 * @summary Tests for JDI connector timeout failure * @modules jdk.jshell/jdk.jshell jdk.jshell/jdk.jshell.spi jdk.jshell/jdk.jshell.execution * @build HangingRemoteAgent diff --git a/test/langtools/jdk/jshell/KullaTesting.java b/test/langtools/jdk/jshell/KullaTesting.java index 369b2ed1f44..d74f3484f4b 100644 --- a/test/langtools/jdk/jshell/KullaTesting.java +++ b/test/langtools/jdk/jshell/KullaTesting.java @@ -100,7 +100,9 @@ public class KullaTesting { private Set allSnippets = new LinkedHashSet<>(); static { - JShell js = JShell.create(); + JShell js = JShell.builder() + .executionEngine(Presets.TEST_DEFAULT_EXECUTION) + .build(); MAIN_SNIPPET = js.eval("MAIN_SNIPPET").get(0).snippet(); js.close(); assertTrue(MAIN_SNIPPET != null, "Bad MAIN_SNIPPET set-up -- must not be null"); @@ -192,7 +194,8 @@ public int read(byte[] b, int off, int len) throws IOException { JShell.Builder builder = JShell.builder() .in(in) .out(new PrintStream(outStream)) - .err(new PrintStream(errStream)); + .err(new PrintStream(errStream)) + .executionEngine(Presets.TEST_DEFAULT_EXECUTION); bc.accept(builder); state = builder.build(); allSnippets = new LinkedHashSet<>(); diff --git a/test/langtools/jdk/jshell/Presets.java b/test/langtools/jdk/jshell/Presets.java new file mode 100644 index 00000000000..b9a93c967dc --- /dev/null +++ b/test/langtools/jdk/jshell/Presets.java @@ -0,0 +1,59 @@ +/* + * Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.net.InetAddress; +import java.util.*; + +public class Presets { + public static final String TEST_DEFAULT_EXECUTION; + public static final String TEST_STANDARD_EXECUTION; + + static { + String loopback = InetAddress.getLoopbackAddress().getHostAddress(); + + TEST_DEFAULT_EXECUTION = "failover:0(jdi:hostname(" + loopback + "))," + + "1(jdi:launch(true)), 2(jdi), 3(local)"; + TEST_STANDARD_EXECUTION = "failover:0(jdi:hostname(" + loopback + "))," + + "1(jdi:launch(true)), 2(jdi)"; + } + + public static String[] addExecutionIfMissing(String[] args) { + if (Arrays.stream(args).noneMatch(Presets::remoteRelatedOption)) { + List augmentedArgs = new ArrayList<>(); + + augmentedArgs.add("--execution"); + augmentedArgs.add(Presets.TEST_DEFAULT_EXECUTION); + augmentedArgs.addAll(List.of(args)); + + return augmentedArgs.toArray(s -> new String[s]); + } + + return args; + } + + private static boolean remoteRelatedOption(String option) { + return "--execution".equals(option) || + "--add-modules".equals(option) || + option.startsWith("-R"); + } +} diff --git a/test/langtools/jdk/jshell/ReplToolTesting.java b/test/langtools/jdk/jshell/ReplToolTesting.java index 5ef4dc2990c..85b7beff97c 100644 --- a/test/langtools/jdk/jshell/ReplToolTesting.java +++ b/test/langtools/jdk/jshell/ReplToolTesting.java @@ -292,7 +292,7 @@ protected JavaShellToolBuilder builder(Locale locale) { private void testRaw(Locale locale, String[] args, ReplTest... tests) { testRawInit(tests); - testRawRun(locale, args); + testRawRun(locale, Presets.addExecutionIfMissing(args)); testRawCheck(locale); } diff --git a/test/langtools/jdk/jshell/StartOptionTest.java b/test/langtools/jdk/jshell/StartOptionTest.java index df445d49750..aa8d9be03a9 100644 --- a/test/langtools/jdk/jshell/StartOptionTest.java +++ b/test/langtools/jdk/jshell/StartOptionTest.java @@ -81,7 +81,7 @@ private JavaShellToolBuilder builder() { protected int runShell(String... args) { try { return builder() - .start(args); + .start(Presets.addExecutionIfMissing(args)); } catch (Exception ex) { fail("Repl tool died with exception", ex); } diff --git a/test/langtools/jdk/jshell/ToolReloadTest.java b/test/langtools/jdk/jshell/ToolReloadTest.java index 13d583e51f5..4709584cd12 100644 --- a/test/langtools/jdk/jshell/ToolReloadTest.java +++ b/test/langtools/jdk/jshell/ToolReloadTest.java @@ -201,7 +201,7 @@ public void testReloadCrashRestore() { } public void testEnvBadModule() { - test( + test(new String[] {"--execution", Presets.TEST_STANDARD_EXECUTION}, (a) -> assertVariable(a, "int", "x", "5", "5"), (a) -> assertMethod(a, "int m(int z) { return z * z; }", "(int)int", "m"), diff --git a/test/langtools/jdk/jshell/UITesting.java b/test/langtools/jdk/jshell/UITesting.java index 848c0d52797..477e540e716 100644 --- a/test/langtools/jdk/jshell/UITesting.java +++ b/test/langtools/jdk/jshell/UITesting.java @@ -93,7 +93,8 @@ protected void doRunTest(Test test) throws Exception { .promptCapture(true) .persistence(new HashMap<>()) .locale(Locale.US) - .run("--no-startup"); + .run("--no-startup", + "--execution", Presets.TEST_DEFAULT_EXECUTION); } catch (Exception ex) { throw new IllegalStateException(ex); } diff --git a/test/langtools/tools/javac/6257443/T6257443.java b/test/langtools/tools/javac/6257443/T6257443.java index 91d3120908f..1275762e286 100644 --- a/test/langtools/tools/javac/6257443/T6257443.java +++ b/test/langtools/tools/javac/6257443/T6257443.java @@ -29,7 +29,7 @@ * @compile package-info.java * @run main/othervm T6257443 -yes foo/package-info.class * - * @clean foo.package-info + * @clean foo.* * * @compile -printsource package-info.java * @run main/othervm T6257443 -no foo/package-info.class diff --git a/test/langtools/tools/javac/8074306/TestSyntheticNullChecks.java b/test/langtools/tools/javac/8074306/TestSyntheticNullChecks.java index 9ba6ebf529e..ddc0a4da416 100644 --- a/test/langtools/tools/javac/8074306/TestSyntheticNullChecks.java +++ b/test/langtools/tools/javac/8074306/TestSyntheticNullChecks.java @@ -27,10 +27,10 @@ * @summary NULLCHK is emitted as Object.getClass * @compile -source 6 -target 6 TestSyntheticNullChecks.java * @run main TestSyntheticNullChecks 6 - * @clean TestSyntheticNullChecks* + * @clean * * @compile -source 7 -target 7 TestSyntheticNullChecks.java * @run main TestSyntheticNullChecks 7 - * @clean TestSyntheticNullChecks* + * @clean * * @compile TestSyntheticNullChecks.java * @run main TestSyntheticNullChecks 9 */ diff --git a/test/langtools/tools/javac/StringConcat/StringAppendEvaluatesInOrder.java b/test/langtools/tools/javac/StringConcat/StringAppendEvaluatesInOrder.java new file mode 100644 index 00000000000..b2bd47acde0 --- /dev/null +++ b/test/langtools/tools/javac/StringConcat/StringAppendEvaluatesInOrder.java @@ -0,0 +1,66 @@ +/* + * Copyright (c) 2021, Google LLC. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 8273914 + * @summary Indy string concat changes order of operations + * + * @clean * + * @compile -XDstringConcat=indy StringAppendEvaluatesInOrder.java + * @run main StringAppendEvaluatesInOrder + * + * @clean * + * @compile -XDstringConcat=indyWithConstants StringAppendEvaluatesInOrder.java + * @run main StringAppendEvaluatesInOrder + * + * @clean * + * @compile -XDstringConcat=inline StringAppendEvaluatesInOrder.java + * @run main StringAppendEvaluatesInOrder + */ + +public class StringAppendEvaluatesInOrder { + static String test() { + StringBuilder builder = new StringBuilder("foo"); + int i = 15; + return "Test: " + i + " " + (++i) + builder + builder.append("bar"); + } + + static String compoundAssignment() { + StringBuilder builder2 = new StringBuilder("foo"); + Object oo = builder2; + oo += "" + builder2.append("bar"); + return oo.toString(); + } + + public static void main(String[] args) throws Exception { + assertEquals(test(), "Test: 15 16foofoobar"); + assertEquals(compoundAssignment(), "foofoobar"); + } + + private static void assertEquals(String actual, String expected) { + if (!actual.equals(expected)) { + throw new AssertionError("expected: " + expected + ", actual: " + actual); + } + } +} diff --git a/test/langtools/tools/javac/StringConcat/TestIndyStringConcat.java b/test/langtools/tools/javac/StringConcat/TestIndyStringConcat.java index 4c8917bbbf9..9910bd6d2dd 100644 --- a/test/langtools/tools/javac/StringConcat/TestIndyStringConcat.java +++ b/test/langtools/tools/javac/StringConcat/TestIndyStringConcat.java @@ -34,27 +34,27 @@ * @summary Test that StringConcat is working for JDK >= 9 * @modules jdk.jdeps/com.sun.tools.classfile * - * @clean TestIndyStringConcat* + * @clean * * @compile -source 6 -target 6 TestIndyStringConcat.java * @run main TestIndyStringConcat false * - * @clean TestIndyStringConcat* + * @clean * * @compile -source 7 -target 7 TestIndyStringConcat.java * @run main TestIndyStringConcat false * - * @clean TestIndyStringConcat* + * @clean * * @compile -source 8 -target 8 TestIndyStringConcat.java * @run main TestIndyStringConcat false * - * @clean TestIndyStringConcat* + * @clean * * @compile -XDstringConcat=inline -source 9 -target 9 TestIndyStringConcat.java * @run main TestIndyStringConcat false * - * @clean TestIndyStringConcat* + * @clean * * @compile -XDstringConcat=indy -source 9 -target 9 TestIndyStringConcat.java * @run main TestIndyStringConcat true * - * @clean TestIndyStringConcat* + * @clean * * @compile -XDstringConcat=indyWithConstants -source 9 -target 9 TestIndyStringConcat.java * @run main TestIndyStringConcat true */ diff --git a/test/langtools/tools/javac/StringConcat/WellKnownTypeSignatures.java b/test/langtools/tools/javac/StringConcat/WellKnownTypeSignatures.java new file mode 100644 index 00000000000..07cdeef4956 --- /dev/null +++ b/test/langtools/tools/javac/StringConcat/WellKnownTypeSignatures.java @@ -0,0 +1,119 @@ +/* + * Copyright (c) 2021, Google LLC. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import com.sun.tools.classfile.*; +import com.sun.tools.classfile.ConstantPool.*; + +import java.io.File; +import java.util.ArrayList; +import java.util.List; + +/* + * @test + * @bug 8273914 + * @summary Indy string concat changes order of operations + * @modules jdk.jdeps/com.sun.tools.classfile + * + * @clean * + * @compile -XDstringConcat=indy WellKnownTypeSignatures.java + * @run main WellKnownTypeSignatures + * + * @clean * + * @compile -XDstringConcat=indyWithConstants WellKnownTypeSignatures.java + * @run main WellKnownTypeSignatures + */ + +public class WellKnownTypeSignatures { + static List actualTypes; + + static int idx = 0; + + static boolean z = true; + static char c = (char) 42; + static short s = (short) 42; + static byte b = (byte) 42; + static int i = 42; + static long l = 42L; + static float f = 42.0f; + static double d = 42.0; + + public static void main(String[] argv) throws Exception { + readIndyTypes(); + + test("" + WellKnownTypeSignatures.class, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); + test("" + Boolean.valueOf(z), idx++, "(Ljava/lang/Boolean;)Ljava/lang/String;"); + test("" + Character.valueOf(c), idx++, "(Ljava/lang/Character;)Ljava/lang/String;"); + test("" + Byte.valueOf(b), idx++, "(Ljava/lang/Byte;)Ljava/lang/String;"); + test("" + Short.valueOf(s), idx++, "(Ljava/lang/Short;)Ljava/lang/String;"); + test("" + Integer.valueOf(i), idx++, "(Ljava/lang/Integer;)Ljava/lang/String;"); + test("" + Long.valueOf(l), idx++, "(Ljava/lang/Long;)Ljava/lang/String;"); + test("" + Double.valueOf(d), idx++, "(Ljava/lang/Double;)Ljava/lang/String;"); + test("" + Float.valueOf(f), idx++, "(Ljava/lang/Float;)Ljava/lang/String;"); + test("" + z, idx++, "(Z)Ljava/lang/String;"); + test("" + c, idx++, "(C)Ljava/lang/String;"); + test("" + b, idx++, "(B)Ljava/lang/String;"); + test("" + s, idx++, "(S)Ljava/lang/String;"); + test("" + i, idx++, "(I)Ljava/lang/String;"); + test("" + l, idx++, "(J)Ljava/lang/String;"); + test("" + d, idx++, "(D)Ljava/lang/String;"); + test("" + f, idx++, "(F)Ljava/lang/String;"); + } + + public static void test(String actual, int index, String expectedType) { + String actualType = actualTypes.get(index); + if (!actualType.equals(expectedType)) { + throw new IllegalStateException( + index + + " Unexpected type: expected = " + + expectedType + + ", actual = " + + actualType); + } + } + + public static void readIndyTypes() throws Exception { + actualTypes = new ArrayList(); + + ClassFile classFile = + ClassFile.read( + new File( + System.getProperty("test.classes", "."), + WellKnownTypeSignatures.class.getName() + ".class")); + ConstantPool constantPool = classFile.constant_pool; + + for (Method method : classFile.methods) { + if (method.getName(constantPool).equals("main")) { + Code_attribute code = (Code_attribute) method.attributes.get(Attribute.Code); + for (Instruction i : code.getInstructions()) { + if (i.getOpcode() == Opcode.INVOKEDYNAMIC) { + CONSTANT_InvokeDynamic_info indyInfo = + (CONSTANT_InvokeDynamic_info) + constantPool.get(i.getUnsignedShort(1)); + CONSTANT_NameAndType_info natInfo = indyInfo.getNameAndTypeInfo(); + actualTypes.add(natInfo.getType()); + } + } + } + } + } +} diff --git a/test/langtools/tools/javac/StringConcat/WellKnownTypes.java b/test/langtools/tools/javac/StringConcat/WellKnownTypes.java new file mode 100644 index 00000000000..39150cfc4da --- /dev/null +++ b/test/langtools/tools/javac/StringConcat/WellKnownTypes.java @@ -0,0 +1,81 @@ +/* + * Copyright (c) 2021, Google LLC. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import com.sun.tools.classfile.*; +import com.sun.tools.classfile.ConstantPool.*; + +/* + * @test + * @bug 8273914 + * @summary Indy string concat changes order of operations + * @modules jdk.jdeps/com.sun.tools.classfile + * + * @compile -XDstringConcat=indy WellKnownTypes.java + * @run main WellKnownTypes + * + * @compile -XDstringConcat=indyWithConstants WellKnownTypes.java + * @run main WellKnownTypes + * + * @compile -XDstringConcat=inline WellKnownTypes.java + * @run main WellKnownTypes + */ + +public class WellKnownTypes { + static int idx = 0; + + static boolean z = true; + static char c = (char) 42; + static byte b = (byte) 43; + static short s = (short) 44; + static int i = 45; + static long l = 46L; + static float f = 47.0f; + static double d = 48.0; + + public static void main(String[] argv) throws Exception { + test("" + WellKnownTypes.class, idx++, "class WellKnownTypes"); + test("" + Boolean.valueOf(z), idx++, "true"); + test("" + Character.valueOf(c), idx++, "*"); + test("" + Byte.valueOf(b), idx++, "43"); + test("" + Short.valueOf(s), idx++, "44"); + test("" + Integer.valueOf(i), idx++, "45"); + test("" + Long.valueOf(l), idx++, "46"); + test("" + Float.valueOf(f), idx++, "47.0"); + test("" + Double.valueOf(d), idx++, "48.0"); + test("" + z, idx++, "true"); + test("" + c, idx++, "*"); + test("" + b, idx++, "43"); + test("" + s, idx++, "44"); + test("" + i, idx++, "45"); + test("" + l, idx++, "46"); + test("" + f, idx++, "47.0"); + test("" + d, idx++, "48.0"); + } + + public static void test(String actual, int index, String expected) { + if (!actual.equals(expected)) { + throw new IllegalStateException( + index + " Unexpected: expected = " + expected + ", actual = " + actual); + } + } +} diff --git a/test/langtools/tools/javac/StringConcat/access/Test.java b/test/langtools/tools/javac/StringConcat/access/Test.java index 72237e8b4ef..578bbddb118 100644 --- a/test/langtools/tools/javac/StringConcat/access/Test.java +++ b/test/langtools/tools/javac/StringConcat/access/Test.java @@ -56,109 +56,109 @@ public static void main(String[] argv) throws Exception { // ---------------------------------------------------------------------------- // public Private_PublicClass c1 = new Private_PublicClass(); - test("" + holder.c1, idx++, "(Lp1/PublicClass;)Ljava/lang/String;"); + test("" + holder.c1, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public Private_PublicInterface c2 = new Private_PublicInterface(); - test("" + holder.c2, idx++, "(Ljava/lang/Object;)Ljava/lang/String;"); + test("" + holder.c2, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public Private_PrivateInterface1 c3 = new Private_PrivateInterface1(); - test("" + holder.c3, idx++, "(Ljava/lang/Object;)Ljava/lang/String;"); + test("" + holder.c3, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public Private_PrivateInterface2 c4 = new Private_PrivateInterface2(); - test("" + holder.c4, idx++, "(Ljava/lang/Object;)Ljava/lang/String;"); + test("" + holder.c4, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public Public_PublicClass c5 = new Public_PublicClass(); - test("" + holder.c5, idx++, "(Lp1/Public_PublicClass;)Ljava/lang/String;"); + test("" + holder.c5, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public Public_PublicInterface c6 = new Public_PublicInterface(); - test("" + holder.c6, idx++, "(Lp1/Public_PublicInterface;)Ljava/lang/String;"); + test("" + holder.c6, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public Public_PrivateInterface1 c7 = new Public_PrivateInterface1(); - test("" + holder.c7, idx++, "(Lp1/Public_PrivateInterface1;)Ljava/lang/String;"); + test("" + holder.c7, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public Public_PrivateInterface2 c8 = new Public_PrivateInterface2(); - test("" + holder.c8, idx++, "(Lp1/Public_PrivateInterface2;)Ljava/lang/String;"); + test("" + holder.c8, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // ---------------------------------------------------------------------------- // public Private_PublicClass[] ac1 = new Private_PublicClass[0]; - test("" + holder.ac1, idx++, "([Lp1/PublicClass;)Ljava/lang/String;"); + test("" + holder.ac1, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public Private_PublicInterface[] ac2 = new Private_PublicInterface[0]; - test("" + holder.ac2, idx++, "([Ljava/lang/Object;)Ljava/lang/String;"); + test("" + holder.ac2, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public Private_PrivateInterface1[] ac3 = new Private_PrivateInterface1[0]; - test("" + holder.ac3, idx++, "([Ljava/lang/Object;)Ljava/lang/String;"); + test("" + holder.ac3, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public Private_PrivateInterface2[] ac4 = new Private_PrivateInterface2[0]; - test("" + holder.ac4, idx++, "([Ljava/lang/Object;)Ljava/lang/String;"); + test("" + holder.ac4, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public Public_PublicClass[] ac5 = new Public_PublicClass[0]; - test("" + holder.ac5, idx++, "([Lp1/Public_PublicClass;)Ljava/lang/String;"); + test("" + holder.ac5, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public Public_PublicInterface[] ac6 = new Public_PublicInterface[0]; - test("" + holder.ac6, idx++, "([Lp1/Public_PublicInterface;)Ljava/lang/String;"); + test("" + holder.ac6, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public Public_PrivateInterface1[] ac7 = new Public_PrivateInterface1[0]; - test("" + holder.ac7, idx++, "([Lp1/Public_PrivateInterface1;)Ljava/lang/String;"); + test("" + holder.ac7, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public Public_PrivateInterface2[] ac8 = new Public_PrivateInterface2[0]; - test("" + holder.ac8, idx++, "([Lp1/Public_PrivateInterface2;)Ljava/lang/String;"); + test("" + holder.ac8, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // ---------------------------------------------------------------------------- // public Private_PublicClass[][] aac1 = new Private_PublicClass[0][]; - test("" + holder.aac1, idx++, "([[Lp1/PublicClass;)Ljava/lang/String;"); + test("" + holder.aac1, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public Private_PublicInterface[][] aac2 = new Private_PublicInterface[0][]; - test("" + holder.aac2, idx++, "([[Ljava/lang/Object;)Ljava/lang/String;"); + test("" + holder.aac2, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public Private_PrivateInterface1[][] aac3 = new Private_PrivateInterface1[0][]; - test("" + holder.aac3, idx++, "([[Ljava/lang/Object;)Ljava/lang/String;"); + test("" + holder.aac3, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public Private_PrivateInterface2[][] aac4 = new Private_PrivateInterface2[0][]; - test("" + holder.aac4, idx++, "([[Ljava/lang/Object;)Ljava/lang/String;"); + test("" + holder.aac4, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public Public_PublicClass[][] aac5 = new Public_PublicClass[0][]; - test("" + holder.aac5, idx++, "([[Lp1/Public_PublicClass;)Ljava/lang/String;"); + test("" + holder.aac5, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public Public_PublicInterface[][] aac6 = new Public_PublicInterface[0][]; - test("" + holder.aac6, idx++, "([[Lp1/Public_PublicInterface;)Ljava/lang/String;"); + test("" + holder.aac6, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public Public_PrivateInterface1[][] aac7 = new Public_PrivateInterface1[0][]; - test("" + holder.aac7, idx++, "([[Lp1/Public_PrivateInterface1;)Ljava/lang/String;"); + test("" + holder.aac7, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public Public_PrivateInterface2[][] aac8 = new Public_PrivateInterface2[0][]; - test("" + holder.aac8, idx++, "([[Lp1/Public_PrivateInterface2;)Ljava/lang/String;"); + test("" + holder.aac8, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // ---------------------------------------------------------------------------- // public PublicInterface i1 = new Private_PublicInterface(); - test("" + holder.i1, idx++, "(Lp1/PublicInterface;)Ljava/lang/String;"); + test("" + holder.i1, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public PrivateInterface1 i2 = new Private_PrivateInterface1(); - test("" + holder.i2, idx++, "(Ljava/lang/Object;)Ljava/lang/String;"); + test("" + holder.i2, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public PrivateInterface2 i3 = new Private_PrivateInterface2(); - test("" + holder.i3, idx++, "(Ljava/lang/Object;)Ljava/lang/String;"); + test("" + holder.i3, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public PublicInterface[] ai1 = new Private_PublicInterface[0]; - test("" + holder.ai1, idx++, "([Lp1/PublicInterface;)Ljava/lang/String;"); + test("" + holder.ai1, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public PrivateInterface1[] ai2 = new Private_PrivateInterface1[0]; - test("" + holder.ai2, idx++, "([Ljava/lang/Object;)Ljava/lang/String;"); + test("" + holder.ai2, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public PrivateInterface2[] ai3 = new Private_PrivateInterface2[0]; - test("" + holder.ai3, idx++, "([Ljava/lang/Object;)Ljava/lang/String;"); + test("" + holder.ai3, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public PublicInterface[][] aai1 = new Private_PublicInterface[0][]; - test("" + holder.aai1, idx++, "([[Lp1/PublicInterface;)Ljava/lang/String;"); + test("" + holder.aai1, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public PrivateInterface1[][] aai2 = new Private_PrivateInterface1[0][]; - test("" + holder.aai2, idx++, "([[Ljava/lang/Object;)Ljava/lang/String;"); + test("" + holder.aai2, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); // public PrivateInterface2[][] aai3 = new Private_PrivateInterface2[0][]; - test("" + holder.aai3, idx++, "([[Ljava/lang/Object;)Ljava/lang/String;"); + test("" + holder.aai3, idx++, "(Ljava/lang/String;)Ljava/lang/String;"); } diff --git a/test/langtools/tools/javac/api/T6395981.java b/test/langtools/tools/javac/api/T6395981.java deleted file mode 100644 index 0ab7762ff72..00000000000 --- a/test/langtools/tools/javac/api/T6395981.java +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright (c) 2006, 2017, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -/* - * @test - * @bug 6395981 6458819 7025784 8028543 8028544 8193291 - * @summary JavaCompilerTool and Tool must specify version of JLS and JVMS - * @author Peter von der Ah\u00e9 - * @modules java.compiler - * jdk.compiler - * @run main/fail T6395981 - * @run main/fail T6395981 RELEASE_3 RELEASE_5 RELEASE_6 - * @run main/fail T6395981 RELEASE_0 RELEASE_1 RELEASE_2 RELEASE_3 RELEASE_4 RELEASE_5 RELEASE_6 - * @run main T6395981 RELEASE_3 RELEASE_4 RELEASE_5 RELEASE_6 RELEASE_7 RELEASE_8 RELEASE_9 RELEASE_10 RELEASE_11 - */ - -import java.util.EnumSet; -import java.util.Set; -import javax.lang.model.SourceVersion; -import javax.tools.Tool; -import javax.tools.ToolProvider; -import static javax.lang.model.SourceVersion.*; - -public class T6395981 { - public static void main(String... args) { - Tool compiler = ToolProvider.getSystemJavaCompiler(); - Set expected = EnumSet.noneOf(SourceVersion.class); - for (String arg : args) - expected.add(SourceVersion.valueOf(arg)); - Set found = compiler.getSourceVersions(); - Set notExpected = EnumSet.copyOf(found); - for (SourceVersion version : expected) { - if (!found.contains(version)) - throw new AssertionError("Expected source version not found: " + version); - else - notExpected.remove(version); - } - if (!notExpected.isEmpty()) - throw new AssertionError("Unexpected source versions: " + notExpected); - } -} diff --git a/test/langtools/tools/javac/api/TestGetSourceVersions.java b/test/langtools/tools/javac/api/TestGetSourceVersions.java new file mode 100644 index 00000000000..ca005701e5a --- /dev/null +++ b/test/langtools/tools/javac/api/TestGetSourceVersions.java @@ -0,0 +1,63 @@ +/* + * Copyright (c) 2006, 2017, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 6395981 6458819 7025784 8028543 8028544 8193291 + * @summary JavaCompilerTool and Tool must specify version of JLS and JVMS + * @author Peter von der Ah\u00e9 + * @modules java.compiler + * jdk.compiler + * @run main/fail TestGetSourceVersions + * @run main/fail TestGetSourceVersions RELEASE_3 RELEASE_5 RELEASE_6 + * @run main/fail TestGetSourceVersions RELEASE_0 RELEASE_1 RELEASE_2 RELEASE_3 RELEASE_4 + * RELEASE_5 RELEASE_6 + * @run main TestGetSourceVersions RELEASE_3 RELEASE_4 RELEASE_5 RELEASE_6 RELEASE_7 + * RELEASE_8 RELEASE_9 RELEASE_10 RELEASE_11 + */ + +import java.util.EnumSet; +import java.util.Set; +import javax.lang.model.SourceVersion; +import javax.tools.Tool; +import javax.tools.ToolProvider; +import static javax.lang.model.SourceVersion.*; + +public class TestGetSourceVersions { + public static void main(String... args) { + Tool compiler = ToolProvider.getSystemJavaCompiler(); + Set expected = EnumSet.noneOf(SourceVersion.class); + for (String arg : args) + expected.add(SourceVersion.valueOf(arg)); + Set found = compiler.getSourceVersions(); + Set notExpected = EnumSet.copyOf(found); + for (SourceVersion version : expected) { + if (!found.contains(version)) + throw new AssertionError("Expected source version not found: " + version); + else + notExpected.remove(version); + } + if (!notExpected.isEmpty()) + throw new AssertionError("Unexpected source versions: " + notExpected); + } +} diff --git a/test/langtools/tools/javac/inference_context_min/DontMinimizeInfContextTest.java b/test/langtools/tools/javac/inference_context_min/DontMinimizeInfContextTest.java new file mode 100644 index 00000000000..40784555112 --- /dev/null +++ b/test/langtools/tools/javac/inference_context_min/DontMinimizeInfContextTest.java @@ -0,0 +1,49 @@ +/* + * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 8232933 + * @summary Javac inferred type does not conform to equality constraint + * @compile DontMinimizeInfContextTest.java + */ + +import java.util.LinkedList; +import java.util.List; +import java.util.Map; +import java.util.stream.Collectors; + +class DontMinimizeInfContextTest { + void m() { + List> a = new LinkedList<>(); + Map>> b = a.stream().collect( + Collectors.groupingBy(A::getval, Collectors.toList()) + ); + } + + class A { + String getval() { + return "s"; + } + } +} diff --git a/test/langtools/tools/javac/jvm/ClassRefDupInConstantPoolTest.java b/test/langtools/tools/javac/jvm/ClassRefDupInConstantPoolTest.java index 6af90a6590e..a84c87245af 100644 --- a/test/langtools/tools/javac/jvm/ClassRefDupInConstantPoolTest.java +++ b/test/langtools/tools/javac/jvm/ClassRefDupInConstantPoolTest.java @@ -26,7 +26,7 @@ * @bug 8015927 * @summary Class reference duplicates in constant pool * @modules jdk.jdeps/com.sun.tools.classfile - * @clean ClassRefDupInConstantPoolTest$Duplicates.class + * @clean ClassRefDupInConstantPoolTest$Duplicates * @run main ClassRefDupInConstantPoolTest */ diff --git a/test/langtools/tools/javac/lib/DPrinter.java b/test/langtools/tools/javac/lib/DPrinter.java index e9f156b127e..dcad55fd7ba 100644 --- a/test/langtools/tools/javac/lib/DPrinter.java +++ b/test/langtools/tools/javac/lib/DPrinter.java @@ -600,6 +600,7 @@ protected void indent(int n) { protected Object getField(Object o, Class clazz, String name) { try { Field f = clazz.getDeclaredField(name); + @SuppressWarnings("deprecation") boolean prev = f.isAccessible(); f.setAccessible(true); try { @@ -617,6 +618,7 @@ protected Object getField(Object o, Class clazz, String name) { protected Object callMethod(Object o, Class clazz, String name) { try { Method m = clazz.getDeclaredMethod(name); + @SuppressWarnings("deprecation") boolean prev = m.isAccessible(); m.setAccessible(true); try { diff --git a/test/langtools/tools/javac/processing/environment/round/TestContext.java b/test/langtools/tools/javac/processing/environment/round/TestContext.java index f572d2d9c73..4d0b1674ecc 100644 --- a/test/langtools/tools/javac/processing/environment/round/TestContext.java +++ b/test/langtools/tools/javac/processing/environment/round/TestContext.java @@ -31,7 +31,7 @@ * jdk.compiler/com.sun.tools.javac.processing * jdk.compiler/com.sun.tools.javac.util * @build JavacTestingAbstractProcessor TestContext - * @compile/process -processor TestContext -XprintRounds TestContext + * @compile/process -processor TestContext -XprintRounds -proc:full TestContext */ import java.io.*; diff --git a/test/langtools/tools/javac/processing/options/TestProcOption.java b/test/langtools/tools/javac/processing/options/TestProcOption.java new file mode 100644 index 00000000000..882077a00c3 --- /dev/null +++ b/test/langtools/tools/javac/processing/options/TestProcOption.java @@ -0,0 +1,41 @@ +/* + * Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 8308245 + * @summary Test trivial handling of -proc:full option + * @compile -proc:full TestProcOption.java + * @run main TestProcOption + */ + +/* + * The test verifies that compilation takes place when -proc:full is used. + */ +public class TestProcOption { + private TestProcOption(){}; + + public static void main(String... args) { + ; // do nothing + } +} diff --git a/test/langtools/tools/javac/warnings/suppress/PackageInfo.java b/test/langtools/tools/javac/warnings/suppress/PackageInfo.java index 3979a0faa53..aff36692dcf 100644 --- a/test/langtools/tools/javac/warnings/suppress/PackageInfo.java +++ b/test/langtools/tools/javac/warnings/suppress/PackageInfo.java @@ -25,6 +25,6 @@ * @test * @bug 8021112 * @summary Verify that deprecated warnings are printed correctly for package-info.java - * @clean pack.package-info pack.DeprecatedClass + * @clean pack.* * @compile/ref=PackageInfo.out -source 8 -XDrawDiagnostics -Xlint:deprecation,-options pack/package-info.java pack/DeprecatedClass.java */ diff --git a/test/langtools/tools/javadoc/api/basic/APITest.java b/test/langtools/tools/javadoc/api/basic/APITest.java index 23b48e23dac..f6712582178 100644 --- a/test/langtools/tools/javadoc/api/basic/APITest.java +++ b/test/langtools/tools/javadoc/api/basic/APITest.java @@ -200,7 +200,7 @@ protected void error(String msg) { "help-doc.html", "index-all.html", "index.html", - "jquery/jquery-3.6.1.min.js", + "jquery/jquery-3.7.1.min.js", "jquery/jquery-ui.min.js", "jquery/jquery-ui.min.css", "jquery/external/jquery/jquery.js", diff --git a/test/langtools/tools/javap/T6587786.java b/test/langtools/tools/javap/T6587786.java index 950ff20a463..4cb1acf5b1f 100644 --- a/test/langtools/tools/javap/T6587786.java +++ b/test/langtools/tools/javap/T6587786.java @@ -36,18 +36,21 @@ public static void main(String[] args) throws Exception { } public void run() throws IOException { - javap("com.sun.javadoc.Doc", "com.sun.crypto.provider.ai"); - javap("com.sun.crypto.provider.ai", "com.sun.javadoc.ClassDoc"); + javap("jdk.javadoc.doclet.Doclet", "java.util.List"); + javap("java.util.List", "jdk.javadoc.doclet.StandardDoclet"); } void javap(String... args) { StringWriter sw = new StringWriter(); PrintWriter out = new PrintWriter(sw); //sun.tools.javap.Main.entry(args); - int rc = com.sun.tools.javap.Main.run(args, out); - if (rc != 0) - throw new Error("javap failed. rc=" + rc); - out.close(); - System.out.println(sw.toString()); + try { + int rc = com.sun.tools.javap.Main.run(args, out); + if (rc != 0) + throw new Error("javap failed. rc=" + rc); + } finally { + out.close(); + System.out.println(sw.toString()); + } } } diff --git a/test/lib-test/TEST.ROOT b/test/lib-test/TEST.ROOT new file mode 100644 index 00000000000..51dfcb33c4f --- /dev/null +++ b/test/lib-test/TEST.ROOT @@ -0,0 +1,9 @@ +# This file identifies the root of the test-suite hierarchy. +# It also contains test-suite configuration information. + +# Minimum jtreg version +requiredVersion=7.3.1+1 + +# Path to libraries in the topmost test directory. This is needed so @library +# does not need ../../ notation to reach them +external.lib.roots = ../../ diff --git a/test/lib-test/jdk/test/lib/apps/LingeredAppTest.java b/test/lib-test/jdk/test/lib/apps/LingeredAppTest.java index 54a3706fa7c..5f03fa4c4a8 100644 --- a/test/lib-test/jdk/test/lib/apps/LingeredAppTest.java +++ b/test/lib-test/jdk/test/lib/apps/LingeredAppTest.java @@ -24,9 +24,9 @@ /* * @test * @summary Unit test for LingeredApp - * @compile LingeredAppTest.java - * @compile LingeredApp.java - * @run main LingeredAppTest + * @library /test/lib + * @build jdk.test.lib.apps.LingeredAppTest jdk.test.lib.apps.LingeredApp + * @run main jdk.test.lib.apps.LingeredAppTest */ package jdk.test.lib.apps; diff --git a/test/lib-test/jdk/test/lib/hexdump/HexPrinterTest.java b/test/lib-test/jdk/test/lib/hexdump/HexPrinterTest.java new file mode 100644 index 00000000000..ccaf666c256 --- /dev/null +++ b/test/lib-test/jdk/test/lib/hexdump/HexPrinterTest.java @@ -0,0 +1,419 @@ +/* + * Copyright (c) 2019, 2020, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package jdk.test.lib.hexdump; + +import jdk.test.lib.hexdump.HexPrinter; + +import org.testng.Assert; +import org.testng.annotations.DataProvider; +import org.testng.annotations.Test; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.DataInputStream; +import java.io.DataOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.nio.ByteBuffer; + + +/* + * @test + * @summary Check HexPrinter formatting + * @library /test/lib + * @compile HexPrinterTest.java + * @run testng jdk.test.lib.hexdump.HexPrinterTest + */ +public class HexPrinterTest { + + @Test + static void testMinimalToStringByteArray() { + int len = 16; + byte[] bytes = genData(len); + StringBuilder expected = new StringBuilder(bytes.length * 2); + for (int i = 0; i < len; i++) + expected.append(String.format("%02x", bytes[i])); + String actual = HexPrinter.minimal().toString(bytes); + System.out.println(actual); + Assert.assertEquals(actual, expected.toString(), "Minimal format incorrect"); + } + + @DataProvider(name = "ColumnParams") + Object[][] columnParams() { + return new Object[][]{ + {"%4d: ", "%d ", 10, " ; ", 50, HexPrinter.Formatters.PRINTABLE, "\n"}, + {"%03o: ", "%d ", 16, " ; ", 50, HexPrinter.Formatters.ofPrimitive(byte.class, ""), "\n"}, + {"%5d: ", "%02x:", 16, " ; ", 50, HexPrinter.Formatters.ofPrimitive(byte.class, ""), "\n"}, + {"%5d: ", "%3d", 16, " ; ", 50, HexPrinter.Formatters.ofPrimitive(byte.class, ""), "\n"}, + {"%05o: ", "%3o", 8, " ; ", 50, HexPrinter.Formatters.ofPrimitive(byte.class, ""), "\n"}, + {"%6x: ", "%02x", 8, " | ", 50, HexPrinter.Formatters.ofPrimitive(byte.class, "%d "), "\n"}, + {"%2x: ", "%02x", 8, " | ", 50, HexPrinter.Formatters.PRINTABLE, "\n"}, + {"%5d: ", "%02x", 16, " | ", 50, HexPrinter.Formatters.ofPrimitive(short.class, "%d "), "\n"}, + }; + } + + @DataProvider(name = "BuiltinParams") + Object[][] builtinParams() { + return new Object[][]{ + {"minimal", "", "%02x", 16, "", 64, HexPrinter.Formatters.NONE, ""}, + {"canonical", "%08x ", "%02x ", 16, "|", 31, HexPrinter.Formatters.ASCII, "|\n"}, + {"simple", "%5d: ", "%02x ", 16, " // ", 64, HexPrinter.Formatters.PRINTABLE, "\n"}, + {"source", " ", "(byte)%3d, ", 8, " // ", 64, HexPrinter.Formatters.PRINTABLE, + "\n"}, + }; + } + + @Test(dataProvider = "BuiltinParams") + public void testBuiltins(String name, String offsetFormat, String binFormat, int colWidth, + String annoDelim, int annoWidth, + HexPrinter.Formatter mapper, String lineSep) { + HexPrinter f; + switch (name) { + case "minimal": + f = HexPrinter.minimal(); + break; + case "simple": + f = HexPrinter.simple(); + break; + case "canonical": + f = HexPrinter.canonical(); + break; + case "source": + f = HexPrinter.source(); + break; + default: + throw new IllegalStateException("Unexpected value: " + name); + }; + + testParams(f, offsetFormat, binFormat, colWidth, annoDelim, annoWidth, mapper, lineSep); + + String actual = f.toString(); + HexPrinter f2 = HexPrinter.simple() + .withOffsetFormat(offsetFormat) + .withBytesFormat(binFormat, colWidth) + .formatter(mapper, annoDelim, annoWidth) + .withLineSeparator(lineSep); + String expected = f2.toString(); + Assert.assertEquals(actual, expected, "toString of " + name + " does not match"); + } + + @Test(dataProvider = "ColumnParams") + public void testToStringTwoLines(String offsetFormat, String binFormat, int colWidth, + String annoDelim, int annoWidth, + HexPrinter.Formatter mapper, String lineSep) { + HexPrinter f = HexPrinter.simple() + .withOffsetFormat(offsetFormat) + .withBytesFormat(binFormat, colWidth) + .formatter(mapper, annoDelim, annoWidth) + .withLineSeparator(lineSep); + testParams(f, offsetFormat, binFormat, colWidth, annoDelim, annoWidth, mapper, lineSep); + } + + public static void testParams(HexPrinter printer, String offsetFormat, String binFormat, int colWidth, + String annoDelim, int annoWidth, + HexPrinter.Formatter mapper, String lineSep) { + byte[] bytes = genData(colWidth * 2); + System.out.println("Params: " + printer.toString()); + String out = printer.toString(bytes); + System.out.println(out); + + // Compare the actual output with the expected output of each formatting element + int padToWidth = colWidth * String.format(binFormat, 0xff).length(); + int ndx = 0; + int valuesStart = 0; + int l; + for (int i = 0; i < bytes.length; i++) { + if (i % colWidth == 0) { + String offset = String.format(offsetFormat, i); + l = offset.length(); + Assert.assertEquals(out.substring(ndx, ndx + l), offset, + "offset format mismatch: " + ndx); + ndx += l; + valuesStart = ndx; + } + String value = String.format(binFormat, (0xff & bytes[i])); + l = value.length(); + Assert.assertEquals(out.substring(ndx, ndx + l), value, + "value format mismatch: " + ndx + ", i: " + i); + ndx += l; + if (((i + 1) % colWidth) == 0) { + // Rest of line is for padding, delimiter, formatter + String padding = " ".repeat(padToWidth - (ndx - valuesStart)); + Assert.assertEquals(out.substring(ndx, ndx + padding.length()), padding, "padding"); + ndx += padding.length(); + Assert.assertEquals(out.substring(ndx, ndx + annoDelim.length()), annoDelim, + "delimiter mismatch"); + ndx += annoDelim.length(); + + // Formatter output is tested separately + ndx = out.indexOf(lineSep, ndx) + lineSep.length(); + } + } + } + + @DataProvider(name = "PrimitiveFormatters") + Object[][] formatterParams() { + return new Object[][]{ + {byte.class, ""}, + {byte.class, "%02x: "}, + {short.class, "%d "}, + {int.class, "%08x, "}, + {long.class, "%16x "}, + {float.class, "%3.4f "}, + {double.class, "%6.3g "}, + {boolean.class, "%b "}, + }; + } + + @Test(dataProvider = "PrimitiveFormatters") + public void testFormatter(Class primClass, String fmtString) { + HexPrinter.Formatter formatter = HexPrinter.Formatters.ofPrimitive(primClass, fmtString); + // Create a byte array with data for two lines + int colWidth = 8; + byte[] bytes = genData(colWidth); + StringBuilder sb = new StringBuilder(); + DataInputStream in = new DataInputStream(new ByteArrayInputStream(bytes)); + DataInputStream in2 = new DataInputStream(new ByteArrayInputStream(bytes)); + try { + while (true) { + formatter.annotate(in, sb); + Object n = readPrimitive(primClass, in2); + String expected = String.format(fmtString, n); + Assert.assertEquals(sb.toString(), expected, "mismatch"); + sb.setLength(0); + } + } catch (IOException ioe) { + // EOF is done + } + try { + Assert.assertEquals(in.available(), 0, "not all input consumed"); + Assert.assertEquals(in2.available(), 0, "not all 2nd stream input consumed"); + } catch (IOException ioe) { + // + } + } + + @Test(dataProvider = "PrimitiveFormatters") + static void testHexPrinterPrimFormatter(Class primClass, String fmtString) { + // Create a byte array with data for two lines + int colWidth = 8; + byte[] bytes = genData(colWidth); + + HexPrinter p = HexPrinter.simple() + .formatter(primClass, fmtString); + String actual = p.toString(bytes); + System.out.println(actual); + // The formatter should produce the same output as using the formatter method + // with an explicit formatter for the primitive + String expected = HexPrinter.simple() + .formatter(HexPrinter.Formatters.ofPrimitive(primClass, fmtString)) + .toString(bytes); + Assert.assertEquals(actual, expected, "mismatch"); + } + + private static Object readPrimitive(Class primClass, DataInputStream in) throws IOException { + if (int.class.equals(primClass)) { + return in.readInt(); + } else if (byte.class.equals(primClass)) { + return (int) in.readByte(); + } else if (short.class.equals(primClass)) { + return in.readShort(); + } else if (char.class.equals(primClass)) { + return in.readChar(); + } else if (long.class.equals(primClass)) { + return in.readLong(); + } else if (float.class.equals(primClass)) { + return in.readFloat(); + } else if (double.class.equals(primClass)) { + return in.readDouble(); + } else if (boolean.class.equals(primClass)) { + return in.readBoolean(); + } else { + throw new RuntimeException("unknown primitive class: " + primClass); + } + } + + @DataProvider(name = "sources") + Object[][] sources() { + return new Object[][]{ + {genBytes(21), 0, -1}, + {genBytes(21), 5, 12}, + }; + } + + public static byte[] genData(int len) { + // Create a byte array with data for two lines + byte[] bytes = new byte[len]; + for (int i = 0; i < len / 2; i++) { + bytes[i] = (byte) (i + 'A'); + bytes[i + len / 2] = (byte) (i + 'A' + 128); + } + return bytes; + } + + public static byte[] genFloat(int len) { + byte[] bytes = null; + try (ByteArrayOutputStream baos = new ByteArrayOutputStream(); + DataOutputStream out = new DataOutputStream(baos)) { + for (int i = 0; i < len; i++) { + out.writeFloat(i); + } + bytes = baos.toByteArray(); + } catch (IOException unused) { + } + return bytes; + } + + public static byte[] genDouble(int len) { + byte[] bytes = null; + try (ByteArrayOutputStream baos = new ByteArrayOutputStream(); + DataOutputStream out = new DataOutputStream(baos)) { + for (int i = 0; i < len; i++) { + out.writeDouble(i); + } + bytes = baos.toByteArray(); + } catch (IOException unused) { + } + return bytes; + } + + public static byte[] genBytes(int len) { + byte[] bytes = new byte[len]; + for (int i = 0; i < len; i++) + bytes[i] = (byte) ('A' + i); + return bytes; + } + + public ByteBuffer genByteBuffer(int len) { + return ByteBuffer.wrap(genBytes(len)); + } + + public InputStream genInputStream(int len) { + return new ByteArrayInputStream(genBytes(len)); + } + + @Test + public void testNilPrinterBigBuffer() { + byte[] bytes = new byte[1024]; + HexPrinter p = HexPrinter.minimal(); + String r = p.toString(bytes); + Assert.assertEquals(r.length(), bytes.length * 2, "encoded byte wrong size"); + Assert.assertEquals(r.replace("00", "").length(), 0, "contents not all zeros"); + } + + @Test(dataProvider = "sources") + public void testToStringByteBuffer(byte[] bytes, int offset, int length) { + if (length < 0) + length = bytes.length - offset; + ByteBuffer bb = ByteBuffer.wrap(bytes, 0, bytes.length); + System.out.printf("Source: %s, off: %d, len: %d%n", + bytes.getClass().getName(), offset, length); + String actual; + if (offset == 0 && length < 0) { + bb.position(offset); + bb.limit(length); + actual = HexPrinter.simple().toString(bb); + } else + actual = HexPrinter.simple().toString(bb, offset, length); + System.out.println(actual); + String expected = HexPrinter.simple().toString(bytes, offset, length); + Assert.assertEquals(actual, expected, "mismatch in format()"); + } + + @Test(dataProvider = "sources") + public void testFormatBytes(byte[] bytes, int offset, int length) { + int len = length >= 0 ? length : bytes.length; + System.out.printf("Source: %s, off: %d, len: %d%n", + "bytes", offset, len); + StringBuilder sb = new StringBuilder(); + if (offset == 0 && length < 0) + HexPrinter.simple().dest(sb).format(bytes); + else + HexPrinter.simple().dest(sb).format(bytes, offset, len); + String actual = sb.toString(); + System.out.println(actual); + String expected = HexPrinter.simple().toString(bytes, offset, len); + Assert.assertEquals(actual, expected, "mismatch in format()"); + } + + @Test(dataProvider = "sources") + public void testFormatByteBuffer(byte[] bytes, int offset, int length) { + if (length < 0) + length = bytes.length - offset; + ByteBuffer bb = ByteBuffer.wrap(bytes, 0, bytes.length); + System.out.printf("Source: %s, off: %d, len: %d%n", + bytes.getClass().getName(), offset, length); + StringBuilder sb = new StringBuilder(); + if (offset == 0 && length < 0) { + bb.position(offset); + bb.limit(length); + HexPrinter.simple().dest(sb).format(bb); + } else + HexPrinter.simple().dest(sb).format(bb, offset, length); + String actual = sb.toString(); + System.out.println(actual); + String expected = HexPrinter.simple().toString(bytes, offset, length); + Assert.assertEquals(actual, expected, "mismatch in format()"); + } + + @Test(dataProvider = "sources") + public void testFormatInputStream(byte[] bytes, int offset, int length) { + // Offset is ignored + InputStream is = new ByteArrayInputStream(bytes, 0, length); + StringBuilder sb = new StringBuilder(); + System.out.printf("Source: %s, off: %d, len: %d%n", + bytes.getClass().getName(), offset, length); + HexPrinter.simple().dest(sb).format(is); + String actual = sb.toString(); + System.out.println(actual); + String expected = HexPrinter.simple().toString(bytes, 0, length); + Assert.assertEquals(actual, expected, "mismatch in format()"); + } + + @Test(expectedExceptions = NullPointerException.class) + public void testNullByteArray() { + HexPrinter.simple().dest(System.out).format((byte[]) null); + } + + @Test(expectedExceptions = NullPointerException.class) + public void testNullByteArrayOff() { + HexPrinter.simple().dest(System.out).format((byte[]) null, 0, 1); + } + + @Test(expectedExceptions = NullPointerException.class) + public void testNullByteBuffer() { + HexPrinter.simple().dest(System.out).format((ByteBuffer) null); + } + + @Test(expectedExceptions = NullPointerException.class) + public void testNullByteBufferOff() { + HexPrinter.simple().dest(System.out).format((ByteBuffer) null, 0, 1); + } + + @Test(expectedExceptions = NullPointerException.class) + public void testNullInputStream() { + HexPrinter.simple().dest(System.out).format((InputStream) null); + } + +} diff --git a/test/lib/jdk/test/lib/Platform.java b/test/lib/jdk/test/lib/Platform.java index f4ee0546c70..6269373c2b6 100644 --- a/test/lib/jdk/test/lib/Platform.java +++ b/test/lib/jdk/test/lib/Platform.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013, 2020, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2013, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,14 +23,17 @@ package jdk.test.lib; +import java.io.BufferedReader; import java.io.FileNotFoundException; import java.io.IOException; +import java.io.InputStreamReader; import java.nio.file.Files; import java.nio.file.Path; import java.nio.file.Paths; import java.security.AccessController; import java.security.PrivilegedAction; import java.util.concurrent.TimeUnit; +import java.util.regex.Matcher; import java.util.regex.Pattern; public class Platform { @@ -82,7 +85,7 @@ public static boolean isEmulatedClient() { } public static boolean isTieredSupported() { - return compiler.contains("Tiered Compilers"); + return (compiler != null) && compiler.contains("Tiered Compilers"); } public static boolean isInt() { @@ -253,57 +256,81 @@ public static boolean hasSA() { return true; } - /** - * Return true if the test JDK is signed, otherwise false. Only valid on OSX. - */ - public static boolean isSignedOSX() throws IOException { - // We only care about signed binaries for 10.14 and later (actually 10.14.5, but - // for simplicity we'll also include earlier 10.14 versions). - if (getOsVersionMajor() == 10 && getOsVersionMinor() < 14) { - return false; // assume not signed - } - - // Find the path to the java binary. + private static Process launchCodesignOnJavaBinary() throws IOException { String jdkPath = System.getProperty("java.home"); Path javaPath = Paths.get(jdkPath + "/bin/java"); String javaFileName = javaPath.toAbsolutePath().toString(); if (!javaPath.toFile().exists()) { throw new FileNotFoundException("Could not find file " + javaFileName); } - - // Run codesign on the java binary. - ProcessBuilder pb = new ProcessBuilder("codesign", "-d", "-v", javaFileName); - pb.redirectError(ProcessBuilder.Redirect.DISCARD); - pb.redirectOutput(ProcessBuilder.Redirect.DISCARD); + ProcessBuilder pb = new ProcessBuilder("codesign", "--display", "--verbose", javaFileName); + pb.redirectErrorStream(true); // redirect stderr to stdout Process codesignProcess = pb.start(); + return codesignProcess; + } + + public static boolean hasOSXPlistEntries() throws IOException { + Process codesignProcess = launchCodesignOnJavaBinary(); + BufferedReader is = new BufferedReader(new InputStreamReader(codesignProcess.getInputStream())); + String line; + while ((line = is.readLine()) != null) { + System.out.println("STDOUT: " + line); + if (line.indexOf("Info.plist=not bound") != -1) { + return false; + } + if (line.indexOf("Info.plist entries=") != -1) { + return true; + } + } + System.out.println("No matching Info.plist entry was found"); + return false; + } + + /** + * Return true if the test JDK is hardened, otherwise false. Only valid on OSX. + */ + public static boolean isHardenedOSX() throws IOException { + // We only care about hardened binaries for 10.14 and later (actually 10.14.5, but + // for simplicity we'll also include earlier 10.14 versions). + if (getOsVersionMajor() == 10 && getOsVersionMinor() < 14) { + return false; // assume not hardened + } + Process codesignProcess = launchCodesignOnJavaBinary(); + BufferedReader is = new BufferedReader(new InputStreamReader(codesignProcess.getInputStream())); + String line; + boolean isHardened = false; + boolean hardenedStatusConfirmed = false; // set true when we confirm whether or not hardened + while ((line = is.readLine()) != null) { + System.out.println("STDOUT: " + line); + if (line.indexOf("flags=0x10000(runtime)") != -1 ) { + hardenedStatusConfirmed = true; + isHardened = true; + System.out.println("Target JDK is hardened. Some tests may be skipped."); + } else if (line.indexOf("flags=0x20002(adhoc,linker-signed)") != -1 ) { + hardenedStatusConfirmed = true; + isHardened = false; + System.out.println("Target JDK is adhoc signed, but not hardened."); + } else if (line.indexOf("code object is not signed at all") != -1) { + hardenedStatusConfirmed = true; + isHardened = false; + System.out.println("Target JDK is not signed, therefore not hardened."); + } + } + if (!hardenedStatusConfirmed) { + System.out.println("Could not confirm if TargetJDK is hardened. Assuming not hardened."); + isHardened = false; + } + try { if (codesignProcess.waitFor(10, TimeUnit.SECONDS) == false) { - System.err.println("Timed out waiting for the codesign process to complete. Assuming not signed."); + System.err.println("Timed out waiting for the codesign process to complete. Assuming not hardened."); codesignProcess.destroyForcibly(); - return false; // assume not signed + return false; // assume not hardened } } catch (InterruptedException e) { throw new RuntimeException(e); } - - // Check codesign result to see if java binary is signed. Here are the - // exit code meanings: - // 0: signed - // 1: not signed - // 2: invalid arguments - // 3: only has meaning with the -R argument. - // So we should always get 0 or 1 as an exit value. - if (codesignProcess.exitValue() == 0) { - System.out.println("Target JDK is signed. Some tests may be skipped."); - return true; // signed - } else if (codesignProcess.exitValue() == 1) { - System.out.println("Target JDK is not signed."); - return false; // not signed - } else { - System.err.println("Executing codesign failed. Assuming unsigned: " + - codesignProcess.exitValue()); - return false; // not signed - } + return isHardened; } private static boolean isArch(String archnameRE) { @@ -312,6 +339,20 @@ private static boolean isArch(String archnameRE) { .matches(); } + public static boolean isOracleLinux7() { + if (System.getProperty("os.name").toLowerCase().contains("linux") && + System.getProperty("os.version").toLowerCase().contains("el")) { + Pattern p = Pattern.compile("el(\\d+)"); + Matcher m = p.matcher(System.getProperty("os.version")); + if (m.find()) { + try { + return Integer.parseInt(m.group(1)) <= 7; + } catch (NumberFormatException nfe) {} + } + } + return false; + } + /** * Returns file extension of shared library, e.g. "so" on linux, "dll" on windows. * @return file extension diff --git a/test/lib/jdk/test/lib/SA/SATestUtils.java b/test/lib/jdk/test/lib/SA/SATestUtils.java index 36480c690b9..d578c2ee57c 100644 --- a/test/lib/jdk/test/lib/SA/SATestUtils.java +++ b/test/lib/jdk/test/lib/SA/SATestUtils.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2019, 2020, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2019, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -30,12 +30,12 @@ import java.security.PrivilegedExceptionAction; import java.util.ArrayList; import java.util.Arrays; -import java.util.List; import java.util.concurrent.TimeUnit; import jdk.test.lib.JDKToolLauncher; import jdk.test.lib.Platform; import jtreg.SkippedException; +import java.util.List; public class SATestUtils { /** @@ -63,8 +63,8 @@ public static void skipIfCannotAttach() { throw new SkippedException("SA Attach not expected to work. Ptrace attach not supported."); } } else if (Platform.isOSX()) { - if (Platform.isSignedOSX()) { - throw new SkippedException("SA Attach not expected to work. JDK is signed."); + if (Platform.isHardenedOSX()) { + throw new SkippedException("SA Attach not expected to work. JDK is hardened."); } if (!Platform.isRoot() && !canAddPrivileges()) { throw new SkippedException("SA Attach not expected to work. Insufficient privileges (not root and can't use sudo)."); diff --git a/test/lib/jdk/test/lib/SecurityTools.java b/test/lib/jdk/test/lib/SecurityTools.java index 0e4865c5b9e..4f97ebd7c63 100644 --- a/test/lib/jdk/test/lib/SecurityTools.java +++ b/test/lib/jdk/test/lib/SecurityTools.java @@ -223,6 +223,18 @@ public static OutputAnalyzer klist(String args) throws Exception { return execute(getProcessBuilder("klist", makeList(args))); } + /** + * Runs kinit. + * + * @param args arguments to kinit in a single string. The string is + * converted to be List with makeList. + * @return an {@link OutputAnalyzer} object + * @throws Exception if there is an error + */ + public static OutputAnalyzer kinit(String args) throws Exception { + return execute(getProcessBuilder("kinit", makeList(args))); + } + /** * Runs jar. * diff --git a/test/lib/jdk/test/lib/apps/LingeredApp.java b/test/lib/jdk/test/lib/apps/LingeredApp.java index e454a96bbdd..147870b1fce 100644 --- a/test/lib/jdk/test/lib/apps/LingeredApp.java +++ b/test/lib/jdk/test/lib/apps/LingeredApp.java @@ -44,6 +44,7 @@ import jdk.test.lib.Utils; import jdk.test.lib.process.OutputBuffer; import jdk.test.lib.process.StreamPumper; +import jdk.test.lib.util.CoreUtils; /** * This is a framework to launch an app that could be synchronized with caller @@ -85,6 +86,8 @@ public class LingeredApp { protected static final int appWaitTime = 100; protected final String lockFileName; + protected boolean forceCrash = false; // set true to force a crash and core file + /** * Create LingeredApp object on caller side. Lock file have be a valid filename * at writable location @@ -100,6 +103,12 @@ public LingeredApp() { this.lockFileName = lockName; } + public void setForceCrash(boolean forceCrash) { + this.forceCrash = forceCrash; + } + + native private static int crash(); + /** * * @return name of lock file @@ -273,7 +282,11 @@ public void waitAppReady(long timeout) throws IOException { // Make sure process didn't already exit if (!appProcess.isAlive()) { - throw new IOException("App exited unexpectedly with " + appProcess.exitValue()); + if (forceCrash) { + return; // This is expected. Just return. + } else { + throw new IOException("App exited unexpectedly with " + appProcess.exitValue()); + } } try { @@ -321,6 +334,11 @@ public List runAppPrepare(List vmArguments) { // Lets user manage LingeredApp options cmd.addAll(vmArguments); } + if (forceCrash) { + cmd.add("-XX:+CreateCoredumpOnCrash"); + // We need to find libLingeredApp.so for the crash() native method + cmd.add("-Djava.library.path=" + System.getProperty("java.library.path")); + } // Make sure we set correct classpath to run the app cmd.add("-cp"); @@ -356,10 +374,17 @@ public void runApp(List vmArguments) cmd.add(this.getAppName()); cmd.add(lockFileName); + if (forceCrash) { + cmd.add("forceCrash"); // Let the subprocess know to force a crash + } printCommandLine(cmd); ProcessBuilder pb = new ProcessBuilder(cmd); + if (forceCrash) { + // If we are going to force a core dump, apply "ulimit -c unlimited" if we can. + pb = CoreUtils.addCoreUlimitCommand(pb); + } // ProcessBuilder.start can throw IOException appProcess = pb.start(); @@ -493,19 +518,37 @@ public static boolean isLastModifiedWorking() { } /** - * This part is the application it self + * This part is the application itself. First arg is optional "forceCrash". + * Following arg is the lock file name. */ public static void main(String args[]) { + boolean forceCrash = false; - if (args.length != 1) { + if (args.length == 0) { System.err.println("Lock file name is not specified"); System.exit(7); + } else if (args.length > 2) { + System.err.println("Too many arguments specified: " + args.length); + System.exit(7); + } + + if (args.length == 2) { + if (args[1].equals("forceCrash")) { + forceCrash = true; + } else { + System.err.println("Invalid 1st argment: " + args[1]); + System.exit(7); + } } String theLockFileName = args[0]; Path path = Paths.get(theLockFileName); try { + if (forceCrash) { + System.loadLibrary("LingeredApp"); // location of native crash() method + crash(); + } while (Files.exists(path)) { // Touch the lock to indicate our readiness setLastModified(theLockFileName, epoch()); diff --git a/test/lib/jdk/test/lib/apps/libLingeredApp.c b/test/lib/jdk/test/lib/apps/libLingeredApp.c new file mode 100644 index 00000000000..d02c3e7b8bb --- /dev/null +++ b/test/lib/jdk/test/lib/apps/libLingeredApp.c @@ -0,0 +1,42 @@ +/* + * Copyright (c) 2020, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +#include + +// Borrowed from hotspot vmError.cpp. +// Returns an address which is guaranteed to generate a SIGSEGV on read, +// which is not NULL and contains bits in every word +void* get_segfault_address() { + return (void*) +#ifdef _LP64 + 0xABC0000000000ABCULL; +#else + 0x00000ABC; +#endif +} + +JNIEXPORT jint JNICALL +Java_jdk_test_lib_apps_LingeredApp_crash(JNIEnv *env, jclass clss) +{ + return *(jint *)get_segfault_address(); +} diff --git a/test/lib/jdk/test/lib/cds/CDSTestUtils.java b/test/lib/jdk/test/lib/cds/CDSTestUtils.java index 6a75f7f229a..da9be3bf537 100644 --- a/test/lib/jdk/test/lib/cds/CDSTestUtils.java +++ b/test/lib/jdk/test/lib/cds/CDSTestUtils.java @@ -220,11 +220,19 @@ public Result assertAbnormalExit(String... matches) throws Exception { } } - // Specify this property to copy sdandard output of the child test process to - // the parent/main stdout of the test. - // By default such output is logged into a file, and is copied into the main stdout. - public static final boolean CopyChildStdoutToMainStdout = - Boolean.valueOf(System.getProperty("test.cds.copy.child.stdout", "true")); + // A number to be included in the filename of the stdout and the stderr output file. + static int logCounter = 0; + + private static int getNextLogCounter() { + return logCounter++; + } + + // By default, stdout of child processes are logged in files such as + // -0000-exec.stdout. If you want to also include the stdout + // inside jtr files, you can override this in the jtreg command line like + // "jtreg -Dtest.cds.copy.child.stdout=true ...." + public static final boolean copyChildStdoutToMainStdout = + Boolean.getBoolean("test.cds.copy.child.stdout"); // This property is passed to child test processes public static final String TestTimeoutFactor = System.getProperty("test.timeout.factor", "1.0"); @@ -558,15 +566,23 @@ public static File getSourceFile(String name) { // ============================= Logging public static OutputAnalyzer executeAndLog(ProcessBuilder pb, String logName) throws Exception { + return executeAndLog(pb.start(), logName); + } + + public static OutputAnalyzer executeAndLog(Process process, String logName) throws Exception { long started = System.currentTimeMillis(); - OutputAnalyzer output = new OutputAnalyzer(pb.start()); + OutputAnalyzer output = new OutputAnalyzer(process); + String outputFileNamePrefix = + testName + "-" + String.format("%04d", getNextLogCounter()) + "-" + logName; - writeFile(getOutputFile(logName + ".stdout"), output.getStdout()); - writeFile(getOutputFile(logName + ".stderr"), output.getStderr()); + writeFile(getOutputFile(outputFileNamePrefix + ".stdout"), output.getStdout()); + writeFile(getOutputFile(outputFileNamePrefix + ".stderr"), output.getStderr()); System.out.println("[ELAPSED: " + (System.currentTimeMillis() - started) + " ms]"); + System.out.println("[logging stdout to " + outputFileNamePrefix + ".stdout]"); + System.out.println("[logging stderr to " + outputFileNamePrefix + ".stderr]"); System.out.println("[STDERR]\n" + output.getStderr()); - if (CopyChildStdoutToMainStdout) + if (copyChildStdoutToMainStdout) System.out.println("[STDOUT]\n" + output.getStdout()); return output; diff --git a/test/lib/jdk/test/lib/cli/CommandLineOptionTest.java b/test/lib/jdk/test/lib/cli/CommandLineOptionTest.java index 71369150b1c..105733b6cdc 100644 --- a/test/lib/jdk/test/lib/cli/CommandLineOptionTest.java +++ b/test/lib/jdk/test/lib/cli/CommandLineOptionTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2014, 2017, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2014, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -502,6 +502,8 @@ private static String getVMTypeOption() { return "-minimal"; } else if (Platform.isGraal()) { return "-graal"; + } else if (Platform.isZero()) { + return "-zero"; } throw new RuntimeException("Unknown VM mode."); } diff --git a/test/lib/jdk/test/lib/compiler/InMemoryJavaCompiler.java b/test/lib/jdk/test/lib/compiler/InMemoryJavaCompiler.java index 9444e4cc97b..6016e48bf4e 100644 --- a/test/lib/jdk/test/lib/compiler/InMemoryJavaCompiler.java +++ b/test/lib/jdk/test/lib/compiler/InMemoryJavaCompiler.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013, 2017, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2013, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -32,10 +32,11 @@ import java.util.Arrays; import java.util.List; -import javax.tools.ForwardingJavaFileManager; import javax.tools.FileObject; +import javax.tools.ForwardingJavaFileManager; import javax.tools.JavaCompiler; import javax.tools.JavaCompiler.CompilationTask; +import javax.tools.JavaFileManager; import javax.tools.JavaFileObject; import javax.tools.JavaFileObject.Kind; import javax.tools.SimpleJavaFileObject; @@ -106,7 +107,7 @@ public String getClassName() { } } - private static class FileManagerWrapper extends ForwardingJavaFileManager { + private static class FileManagerWrapper extends ForwardingJavaFileManager { private static final Location PATCH_LOCATION = new Location() { @Override public String getName() { @@ -167,25 +168,12 @@ public boolean hasLocation(Location location) { * @param className The name of the class * @param sourceCode The source code for the class with name {@code className} * @param options additional command line options - * @throws RuntimeException if the compilation did not succeed + * @throws RuntimeException if the compilation did not succeed or if closing + * the {@code JavaFileManager} used for the compilation did not succeed * @return The resulting byte code from the compilation */ public static byte[] compile(String className, CharSequence sourceCode, String... options) { MemoryJavaFileObject file = new MemoryJavaFileObject(className, sourceCode); - CompilationTask task = getCompilationTask(file, options); - - if(!task.call()) { - throw new RuntimeException("Could not compile " + className + " with source code " + sourceCode); - } - - return file.getByteCode(); - } - - private static JavaCompiler getCompiler() { - return ToolProvider.getSystemJavaCompiler(); - } - - private static CompilationTask getCompilationTask(MemoryJavaFileObject file, String... options) { List opts = new ArrayList<>(); String moduleOverride = null; for (String opt : options) { @@ -195,6 +183,19 @@ private static CompilationTask getCompilationTask(MemoryJavaFileObject file, Str opts.add(opt); } } - return getCompiler().getTask(null, new FileManagerWrapper(file, moduleOverride), null, opts, null, Arrays.asList(file)); + try (JavaFileManager fileManager = new FileManagerWrapper(file, moduleOverride)) { + CompilationTask task = getCompiler().getTask(null, fileManager, null, opts, null, Arrays.asList(file)); + if (!task.call()) { + throw new RuntimeException("Could not compile " + className + " with source code " + sourceCode); + } + + return file.getByteCode(); + } catch (IOException ioe) { + throw new RuntimeException(ioe); + } + } + + private static JavaCompiler getCompiler() { + return ToolProvider.getSystemJavaCompiler(); } } diff --git a/test/lib/jdk/test/lib/containers/docker/DockerRunOptions.java b/test/lib/jdk/test/lib/containers/docker/DockerRunOptions.java index 508c17fc399..fc3b793c47a 100644 --- a/test/lib/jdk/test/lib/containers/docker/DockerRunOptions.java +++ b/test/lib/jdk/test/lib/containers/docker/DockerRunOptions.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -60,6 +60,9 @@ public DockerRunOptions(String imageNameAndTag, String javaCmd, this.command = javaCmd; this.classToRun = classToRun; this.addJavaOpts(javaOpts); + // always print hserr to stderr in the docker tests to avoid + // trouble accessing it after a crash in the container + this.addJavaOpts("-XX:+ErrorFileToStderr"); } public DockerRunOptions addDockerOpts(String... opts) { diff --git a/test/lib/jdk/test/lib/containers/docker/DockerTestUtils.java b/test/lib/jdk/test/lib/containers/docker/DockerTestUtils.java index 5d642aa11c4..057348fb82b 100644 --- a/test/lib/jdk/test/lib/containers/docker/DockerTestUtils.java +++ b/test/lib/jdk/test/lib/containers/docker/DockerTestUtils.java @@ -196,7 +196,7 @@ private static void buildImage(String imageName, Path buildDir) throws Exception /** * Build the docker command to run java inside a container * - * @param DockerRunOptions optins for running docker + * @param DockerRunOptions options for running docker * * @return command * @throws Exception @@ -230,7 +230,7 @@ public static List buildJavaCommand(DockerRunOptions opts) throws Except /** * Run Java inside the docker image with specified parameters and options. * - * @param DockerRunOptions optins for running docker + * @param DockerRunOptions options for running docker * * @return output of the run command * @throws Exception @@ -243,7 +243,7 @@ public static OutputAnalyzer dockerRunJava(DockerRunOptions opts) throws Excepti /** * Remove docker image * - * @param DockerRunOptions optins for running docker + * @param DockerRunOptions options for running docker * @throws Exception */ public static void removeDockerImage(String imageNameAndTag) throws Exception { diff --git a/test/lib/jdk/test/lib/containers/docker/DockerfileConfig.java b/test/lib/jdk/test/lib/containers/docker/DockerfileConfig.java index 0e833cd9115..acac0bde33d 100644 --- a/test/lib/jdk/test/lib/containers/docker/DockerfileConfig.java +++ b/test/lib/jdk/test/lib/containers/docker/DockerfileConfig.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2019, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -63,6 +63,11 @@ static String getBaseImageVersion() { return version; } + // Ubuntu 22.04 ppc started to crash in libz inflateReset on Power8 based host + // those recent Ubuntu versions only work on Power9+ + if (Platform.isPPC()) { + return "20.04"; + } return "latest"; } } diff --git a/test/lib/jdk/test/lib/hexdump/HexPrinter.java b/test/lib/jdk/test/lib/hexdump/HexPrinter.java new file mode 100644 index 00000000000..ad4575d14e9 --- /dev/null +++ b/test/lib/jdk/test/lib/hexdump/HexPrinter.java @@ -0,0 +1,1181 @@ +/* + * Copyright (c) 2019, 2020, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package jdk.test.lib.hexdump; + +import java.io.BufferedInputStream; +import java.io.ByteArrayInputStream; +import java.io.CharArrayWriter; +import java.io.DataInputStream; +import java.io.EOFException; +import java.io.IOException; +import java.io.InputStream; +import java.io.PrintStream; +import java.io.UncheckedIOException; +import java.io.Writer; +import java.nio.ByteBuffer; +import java.util.Objects; + +/** + * Decode a sequence of bytes to a readable format. + *

+ * The predefined formats are: + *

+ *
{@link #minimal() Minimal format}: {@code "Now is the time for Java.\n"}
+ * 
    {@code
+ *     4e6f77206973207468652074696d6520666f72204a6176612e0a}
+ *
+ * + *
{@link #simple() Simple format}: {@code "Now is the time for Java.\n"}
+ * 
{@code
+ *     0: 4e 6f 77 20 69 73 20 74 68 65 20 74 69 6d 65 20  // Now is the time for Java.\n
+ *    16: 66 6f 72 20 4a 61 76 61 2e 0a}
+ *
+ * + *
{@link #canonical() Canonical format}: {@code "Now is the time for Java.\n"}
+ * 
{@code
+ *     00000000  4e 6f 77 20 69 73 20 74 68 65 20 74 69 6d 65 20 |Now is the time |
+ *     00000010  66 6f 72 20 4a 61 76 61 2e 0a                   |for Java.|}
+ *
+ *
{@link #source() Byte array initialization source}: {@code "Now is the time for Java.\n"}
+ * 
{@code
+ *     (byte) 78, (byte)111, (byte)119, (byte) 32, (byte)105, (byte)115, (byte) 32, (byte)116,  // Now is t
+ *     (byte)104, (byte)101, (byte) 32, (byte)116, (byte)105, (byte)109, (byte)101, (byte) 32,  // he time
+ *     (byte)102, (byte)111, (byte)114, (byte) 32, (byte) 74, (byte) 97, (byte)118, (byte) 97,  // for Java
+ *     (byte) 46, (byte) 10,                                                                    // .\n}
+ *
+ *
+ *

+ * The static factories {@link #minimal minimal}, {@link #simple simple}, + * {@link #canonical canonical}, and {@link #source() Java source} + * return predefined {@code HexPrinter}s for the formats above. + * HexPrinter holds the formatting parameters that control the width and formatting + * of each of the offset, byte values, and formatted output. + * New HexPrinters with different parameters are created using an existing HexPrinter + * as a template with the methods {@link #formatter(Formatter)}, + * {@link #withBytesFormat(String, int)}, {@link #withOffsetFormat(String)}, + * and {@link #withLineSeparator(String)}. + *

+ * The source of the bytes includes byte arrays, InputStreams, and ByteBuffers. + * For example, {@link #toString(InputStream)} reads the input and returns a String. + * Each of the {@code toString(...)} methods immediately reads and + * formats all of the bytes from the source and returns a String. + *

+ * Each of the {@code format(...)} methods immediately reads and + * formats all of the bytes from the source and appends it to the destination. + * For example, {@link #format(InputStream)} reads the input and + * appends the output to {@link System#out System.out} unless the + * {@link #dest(Appendable) destination} is changed to an {@link Appendable} + * such as {@link PrintStream}, {@link StringBuilder}, or {@link Writer}. + *

+ * {@linkplain Formatter Formatter} functions read and interpret the bytes to show the + * structure and content of a protocol or data stream. + * Built-in formatters include {@link HexPrinter#formatter(Class, String) primitives}, + * {@link Formatters#PRINTABLE printable ascii}, + * and {@link Formatters#utf8Parser(DataInputStream, Appendable) UTF-8 strings}. + * The {@link #formatter(Formatter, String, int) formatter} method sets the + * formatting function, the delimiter, and the width. + * Custom formatter functions can be implemented as a lambda, a method, an inner class, or a concrete class. + *

+ * The format of each line is customizable. + * The {@link #withOffsetFormat(String) withOffsetFormat} method controls + * the format of the byte offset. + * The {@link #withBytesFormat(String, int) withBytesFormat} method controls + * the printing of each byte value including the separator, + * and the maximum number of byte values per line. + * The offset and byte values are formatted using the familiar + * {@link String#format String formats} with spacing + * and delimiters included in the format string. + * The {@link #withLineSeparator(String) withLineSeparator} method sets + * the line separator. + *

+ * Examples: + *

    + *
  • Encoding bytes to a minimal string. + * 
    {@code
+ * byte[] bytes = new byte[] { ' ', 0x41, 0x42, '\n'};
+ * String s = HexPrinter.minimal().toString(bytes);
+ * Result: "2041420a"
+ * }
    + *
  • Simple formatting of a byte array. + * 
    {@code
+ * byte[] bytes = new byte[] { ' ', 0x41, 0x42, '\n'};
+ * String s = HexPrinter.simple().toString(bytes);
+ * Result:    0: 20 41 42 0a                                      //  AB\n
+ * }
    + *
  • Simple formatting of a ByteBuffer. + * 
    {@code
+ * ByteBuffer bb = ByteBuffer.wrap(bytes);
+ * String s = HexPrinter.simple().toString(bb);
+ * Result:    0: 20 41 42 0a                                      //  AB\n
+ * }
    + *
  • Simple formatting of ranges of a byte array to System.err. + * 
    {@code
+ * byte[] bytes = new byte[] { ' ', 0x41, 0x42, 0x43, 0x44, '\n'};
+ * HexPrinter hex = HexPrinter.simple()
+ *                            .dest(System.err);
+ *                            .format(bytes, 1, 2)
+ *                            .format(bytes, 3, 2);
+ * Result:
+ * 1: 41 42                                            // AB
+ * 3: 43 44                                            // CD
+ * }
    + *
+ *

+ * This is a value-based + * class; use of identity-sensitive operations (including reference equality + * ({@code ==}), identity hash code, or synchronization) on instances + * may have unpredictable results and should be avoided. + * The {@code equals} method should be used for comparisons. + * + *

+ * This class is immutable and thread-safe. + */ +public final class HexPrinter { + + /** + * Mnemonics for control characters. + */ + static final String[] CONTROL_MNEMONICS = { + "nul", "soh", "stx", "etx", "eot", "enq", "ack", "bel", + "b", "t", "n", "vt", "f", "r", "so", "si", + "dle", "dc1", "dc2", "dc3", "dc4", "nak", "syn", "etb", + "can", "em", "sub", "esc", "fs", "gs", "rs", "us" + }; + private static final String initOffsetFormat = "%5d: "; + private static final int initBytesCount = 16; // 16 byte values + private static final String initBytesFormat = "%02x "; + private static final int initAnnoWidth = initBytesCount * 4; + private static final String initAnnoDelim = " // "; + + final Appendable dest; // Final output target + final String offsetFormat; // Byte offset Formatter String + final String bytesFormat; // Hex bytes Formatter string + final int bytesCount; // Maximum number of byte values per line + final String annoDelim; // Annotation delimiter + final int annoWidth; // Annotation field width (characters) + final String lineSeparator; // End of line separator + final Formatter annoFormatter; // formatter function + + /** + * Construct a new HexPrinter with all new values. + * + * @param printer the formatter + * @param offsetFormat the offset format + * @param bytesFormat the bytes format + * @param bytesCount the count of bytes per line + * @param annoDelim the delimiter before the annotation + * @param annoWidth the width of the annotation + * @param lineSeparator the line separator + * @param dest the destination + */ + private HexPrinter(Formatter printer, String offsetFormat, String bytesFormat, int bytesCount, + String annoDelim, int annoWidth, + String lineSeparator, Appendable dest) { + this.annoFormatter = Objects.requireNonNull(printer, "formatter"); + this.bytesCount = bytesCount; + this.bytesFormat = Objects.requireNonNull(bytesFormat, bytesFormat); + this.offsetFormat = Objects.requireNonNull(offsetFormat, "offsetFormat"); + this.annoDelim = Objects.requireNonNull(annoDelim, "annoDelim"); + this.annoWidth = annoWidth; + this.lineSeparator = Objects.requireNonNull(lineSeparator, "lineSeparator"); + this.dest = Objects.requireNonNull(dest, "dest"); + } + + /** + * Returns a new HexPrinter setting the parameters to produce a minimal string. + * The parameters are set to: + *

    + *
  • byte offset format: none {@code ""}, + *
  • each byte value is formatted as 2 hex digits: {@code "%02x"}, + *
  • maximum number of byte values per line: unbounded, + *
  • delimiter for the annotation: none {@code ""}, + *
  • formatter: {@link Formatters#NONE does not output a formatted byte}, and + *
  • destination: {@link System#out System.out}. + *
+ * Example, + * 
+     * {@code     byte[] bytes = new byte[] { ' ', 0x41, 0x42, '\n'};
+     *     String s = HexPrinter.minimal()
+     *             .toString(bytes);
+     *     Result: "2041420a"
+     * }
+ * + * @return a new HexPrinter + */ + public static HexPrinter minimal() { + return new HexPrinter(Formatters.NONE, "", + "%02x", initBytesCount, + "", initAnnoWidth, "", + System.out); + } + + /** + * Returns a new HexPrinter setting the parameters to produce canonical output. + * The parameters are set to: + *
    + *
  • byte offset format: {@code "%08x "}, + *
  • each byte value is formatted as 2 hex digits and a space: {@code "%02x "}, + *
  • maximum number of byte values per line: {@value initBytesCount}, + *
  • delimiter for the annotation: {@code "|"}, + *
  • formatter: {@link Formatters#ASCII ASCII bytes}, and + *
  • line separator: "|" + {@link System#lineSeparator()}, + *
  • destination: {@link System#out System.out}. + *
+ * Example, + * 
+     * {@code     byte[] bytes = new byte[] { ' ', 0x41, 0x42, '\n'};
+     *     String s = HexPrinter.canonical()
+     *             .toString(bytes);
+     *
+     *     Result: "00000000  20 41 42 0a                                     | AB|"
+     * }
+ * + * @return a new HexPrinter + */ + public static HexPrinter canonical() { + return new HexPrinter(Formatters.ASCII, "%08x ", + "%02x ", initBytesCount, + "|", 31, "|" + System.lineSeparator(), + System.out); + } + + /** + * Returns a new HexPrinter setting simple formatting parameters to output + * to a multi-line string. + * The parameters are set to: + *
    + *
  • byte offset format: signed decimal width 5 and a space, {@code "%5d: "}, + *
  • each byte value is formatted as 2 hex digits and a space: {@code "%02x "}, + *
  • maximum number of byte values per line: {@value initBytesCount}, + *
  • delimiter for the annotation: {@code " // "}, + *
  • width for the annotation: {@value initAnnoWidth}, + *
  • line separator: {@link System#lineSeparator()}, + *
  • formatter: {@link Formatters#PRINTABLE printable ASCII} + * showing printable characters, mnemonics for control chars, and + * otherwise the decimal byte values, + *
  • destination default: {@link System#out System.out}. + *
+ * Example, + * 
+     * {@code    byte[] bytes = new byte[] { ' ', 0x41, 0x42, '\n'};
+     *    String s = HexPrinter.simple()
+     *            .toString(bytes);
+     *
+     *    Result: "    0: 20 41 42 0a                                      //  AB\n"
+     * }
+ * + * @return a new HexPrinter + */ + public static HexPrinter simple() { + return new HexPrinter(Formatters.PRINTABLE, initOffsetFormat, + initBytesFormat, initBytesCount, + initAnnoDelim, initAnnoWidth, System.lineSeparator(), + System.out); + } + + /** + * Returns a new HexPrinter setting formatting parameters to output + * to a multi-line string as a byte array initialization for Java source. + * The parameters are set to: + *
    + *
  • byte offset format: 4 space indent: {@code " "}, + *
  • each byte value is formatted as: {@code "(byte)%3d, "}, + *
  • maximum number of byte values per line: {@code 8}, + *
  • delimiter for the annotation: {@code " // "}, + *
  • width for the annotation: {@value initAnnoWidth}, + *
  • line separator: {@link System#lineSeparator()}, + *
  • formatter: {@link Formatters#PRINTABLE printable ASCII} + * showing printable characters, mnemonics for control chars, and + * otherwise the decimal byte values, + *
  • destination default: {@link System#out System.out}. + *
+ * + * @return a new HexPrinter + */ + public static HexPrinter source() { + return new HexPrinter(Formatters.PRINTABLE, " ", + "(byte)%3d, ", 8, + " // ", initAnnoWidth, System.lineSeparator(), + System.out); + } + + /** + * Returns a new HexPrinter setting the destination to the Appendable. + * {@code Appendable} classes include: {@link PrintStream}, {@link Writer}, + * {@link StringBuilder}, and {@link StringBuffer}. + * + * @param dest the Appendable destination for the output, non-null + * @return a new HexPrinter + * @throws UncheckedIOException if an I/O error occurs + */ + public HexPrinter dest(Appendable dest) { + Objects.requireNonNull(dest, "dest"); + return new HexPrinter(annoFormatter, offsetFormat, + bytesFormat, bytesCount, annoDelim, + annoWidth, lineSeparator, dest); + } + + /** + * The formatter function is called repeatedly to read all of the bytes + * and append the output. + * All output is appended and flushed to the destination. + *

+ * The result is equivalent to calling + * {@code format(new ByteArrayInputStream(source))}. + * + * @param source a non-null array of bytes. + * @return this HexPrinter + * @throws java.io.UncheckedIOException if an I/O error occurs + */ + public HexPrinter format(byte[] source) { + Objects.requireNonNull(source, "byte array must be non-null"); + return format(new ByteArrayInputStream(source)); + } + + /** + * The formatter function is called repeatedly to read the bytes from offset + * for length and append the output. + * All output is appended and flushed to the destination. + * Only {@code length} bytes starting at the {@code offset} are formatted. + *

+ * The result is equivalent to calling + * {@code format(new ByteArrayInputStream(source, offset, len))}. + * + * @param source a non-null array of bytes. + * @param offset the offset into the array to start + * @param length the length of bytes in the array to format + * @return this HexPrinter + * @throws java.io.UncheckedIOException if an I/O error occurs + */ + public HexPrinter format(byte[] source, int offset, int length) { + Objects.requireNonNull(source, "byte array must be non-null"); + return format(new ByteArrayInputStream(source, offset, length), offset); + } + + /** + * The formatter function is called repeatedly to read all of the bytes + * and append the output. + * All output is appended and flushed to the destination. + *

+ * The {@code format} method invokes the {@code formatter} to read bytes from the + * source and append the formatted sequence of byte values to the destination. + * As the bytes are read they are printed using the {@link #withBytesFormat} + * to fill the bytes values of the output destination. + * The output of the {@code formatter} fills the annotation field. + * A new line is started when either the byte values or annotation + * is filled to its respective width. The offset of the first byte on the line + * is inserted at the beginning of each line using {@link #withOffsetFormat(String)}. + *

+ * This method may block indefinitely reading from the input stream, + * or writing to the output stream. The behavior for the case where + * the input and/or output stream is asynchronously closed, + * or the thread interrupted during the transfer, is highly input + * and output stream specific, and therefore not specified. + *

+ * If an I/O error occurs reading from the input stream or + * writing to the output stream, then it may do so after some bytes + * have been read or written. Consequently the input stream + * may not be at end of stream and one, or both, streams may be + * in an inconsistent state. It is strongly recommended that both streams + * be promptly closed if an I/O error occurs. + * + * @param source an InputStream to read from, the stream not closed and + * is at end-of-file. + * @return this HexPrinter + * @throws java.io.UncheckedIOException if an I/O error occurs + */ + public HexPrinter format(InputStream source) { + return format(source, 0); + } + + /** + * Format an InputStream and supply the initial offset. + * + * @param source an InputStream + * @param offset an offset + * @return this HexPrinter + */ + private HexPrinter format(InputStream source, int offset) { + Objects.requireNonNull(source, "InputStream must be non-null"); + try (AnnotationWriter writer = + new AnnotationWriter(this, source, offset, dest)) { + writer.flush(); + return this; + } + } + + /** + * The formatter function is called repeatedly to read the bytes + * from the offset for the length and append the output. + * All annotation output is appended and flushed to the output destination. + * The ByteBuffer position and limit are unused and not modified. + * + * @param source a ByteBuffer + * @param offset the offset in the ByteBuffer + * @param length the length in the ByteBuffer + * @return this HexPrinter + * @throws java.io.UncheckedIOException if an I/O error occurs + */ + public HexPrinter format(ByteBuffer source, int offset, int length) { + Objects.requireNonNull(source, "ByteBuffer must be non-null"); + ByteArrayInputStream bais; + if (source.hasArray() && !source.isReadOnly()) { + bais = new ByteArrayInputStream(source.array(), offset, length); + } else { + int size = source.limit() - source.position(); + byte[] bytes = new byte[size]; + source.get(bytes, offset, length); + bais = new ByteArrayInputStream(bytes); + } + return format(bais, offset); + } + + /** + * The formatter function is called repeatedly to read all of the bytes + * in the source and append the output. + * The source bytes are from the {@code ByteBuffer.position()} + * to the {@code ByteBuffer.limit()}. + * The position is not modified. + * All output is appended and flushed to the destination. + * + * @param source a ByteBuffer + * @return this HexPrinter + * @throws java.io.UncheckedIOException if an I/O error occurs + */ + public HexPrinter format(ByteBuffer source) { + return format(source, source.position(), source.limit()); + } + + /** + * The formatter function is called repeatedly to read all of the bytes + * and return a String. + * + * @param source a non-null array of bytes. + * @return the output as a non-null {@code String} + * @throws java.io.UncheckedIOException if an I/O error occurs + */ + public String toString(byte[] source) { + Objects.requireNonNull(source, "byte array must be non-null"); + return toString(new ByteArrayInputStream(source)); + } + + /** + * The formatter function is called repeatedly to read the bytes from offset + * for length and return a String. + * Only {@code length} bytes starting at the {@code offset} are formatted. + * + * @param source a non-null array of bytes. + * @param offset the offset into the array to start + * @param length the length of bytes in the array to format + * @return the output as a non-null {@code String} + * @throws java.io.UncheckedIOException if an I/O error occurs + */ + public String toString(byte[] source, int offset, int length) { + Objects.requireNonNull(source, "byte array must be non-null"); + StringBuilder sb = new StringBuilder(); + try (AnnotationWriter writer = + new AnnotationWriter(this, new ByteArrayInputStream(source, offset, length), + offset, sb)) { + writer.flush(); + return sb.toString(); + } + } + + /** + * The formatter function is called repeatedly to read all of the bytes + * and return a String. + *

+ * The {@code toString} method invokes the formatter to read bytes from the + * source and append the formatted sequence of byte values. + * As the bytes are read they are printed using the {@link #withBytesFormat} + * to fill the second field of the line. + * The output of the {@code formatter} fills the annotation field. + * A new line is started when either the byte values or annotation + * is filled to its respective width. The offset of the first byte on the line + * is inserted at the beginning of each line using {@link #withOffsetFormat(String)}. + *

+ * This method may block indefinitely reading from the input stream, + * or writing to the output stream. The behavior for the case where + * the input and/or output stream is asynchronously closed, + * or the thread interrupted during the transfer, is highly input + * and output stream specific, and therefore not specified. + *

+ * If an I/O error occurs reading from the input stream or + * writing to the output stream, then it may do so after some bytes + * have been read or written. Consequently the input stream + * may not be at end of stream and one, or both, streams may be + * in an inconsistent state. It is strongly recommended that both streams + * be promptly closed if an I/O error occurs. + * + * @param source an InputStream to read from, the stream not closed and + * is at end-of-file upon return. + * @return the output as a non-null {@code String} + * @throws java.io.UncheckedIOException if an I/O error occurs + */ + public String toString(InputStream source) { + Objects.requireNonNull(source, "InputStream must be non-null"); + StringBuilder sb = new StringBuilder(); + try (AnnotationWriter writer = + new AnnotationWriter(this, source, 0, sb)) { + writer.flush(); + return sb.toString(); + } + } + + /** + * The formatter function is called repeatedly to read the bytes + * from the offset for the length and return a String. + * The ByteBuffer position and limit are unused and not modified. + * + * @param source a ByteBuffer + * @param offset the offset in the ByteBuffer + * @param length the length in the ByteBuffer + * @return the output as a non-null {@code String} + * @throws java.io.UncheckedIOException if an I/O error occurs + */ + public String toString(ByteBuffer source, int offset, int length) { + Objects.requireNonNull(source, "ByteBuffer must be non-null"); + StringBuilder sb = new StringBuilder(); + ByteArrayInputStream bais; + if (source.hasArray() && !source.isReadOnly()) { + bais = new ByteArrayInputStream(source.array(), offset, length); + } else { + byte[] bytes = new byte[length]; + source.get(bytes, offset, length); + bais = new ByteArrayInputStream(bytes); + } + try (AnnotationWriter writer = + new AnnotationWriter(this, bais, offset, sb)) { + writer.flush(); + return sb.toString(); + } + } + + /** + * The formatter function is called repeatedly to read all of the bytes + * in the source and return a String. + * The source bytes are from the {@code ByteBuffer.position()} + * to the {@code ByteBuffer.limit()}. + * The position is not modified. + * + * @param source a ByteBuffer + * @return the output as a non-null {@code String} + * @throws java.io.UncheckedIOException if an I/O error occurs + */ + public String toString(ByteBuffer source) { + return toString(source, source.position(), source.limit()); + } + + /** + * Returns a new HexPrinter setting the format for the byte offset. + * The format string is specified by {@link String#format String format} + * including any delimiters. For example, {@code "%3x: "}. + * If the format is an empty string, there is no offset in the output. + * + * @param offsetFormat a new format string for the byte offset. + * @return a new HexPrinter + */ + public HexPrinter withOffsetFormat(String offsetFormat) { + Objects.requireNonNull(offsetFormat, "offsetFormat"); + return new HexPrinter(annoFormatter, offsetFormat, bytesFormat, bytesCount, + annoDelim, annoWidth, lineSeparator, dest); + } + + /** + * Returns a new HexPrinter setting the format for each byte value and + * the maximum number of byte values per line. + * The format string is specified by {@link String#format String format}, + * including any delimiters or padding. For example, {@code "%02x "}. + * If the byteFormat is an empty String, there are no byte values in the output. + * + * @param byteFormat a format string for each byte + * @param bytesCount the maximum number of byte values per line + * @return a new HexPrinter + */ + public HexPrinter withBytesFormat(String byteFormat, int bytesCount) { + Objects.requireNonNull(bytesFormat, "bytesFormat"); + return new HexPrinter(annoFormatter, offsetFormat, byteFormat, bytesCount, + annoDelim, annoWidth, lineSeparator, dest); + } + + /** + * Returns a new HexPrinter setting the line separator. + * The line separator can be set to an empty string or to + * a string to be added at the end of each line. It should include the line + * separator {@link System#lineSeparator()} if a line break is to be output. + * + * @param separator the line separator + * @return a new HexPrinter + */ + public HexPrinter withLineSeparator(String separator) { + return new HexPrinter(annoFormatter, offsetFormat, bytesFormat, bytesCount, + annoDelim, annoWidth, separator, dest); + } + + /** + * Returns a new HexPrinter setting the formatter. + * The widths, delimiters and other parameters are unchanged. + * + * @param formatter a non-null Formatter + * @return a new HexPrinter + */ + public HexPrinter formatter(Formatter formatter) { + Objects.requireNonNull(formatter, "Formatter must be non-null"); + return new HexPrinter(formatter, offsetFormat, bytesFormat, bytesCount, + annoDelim, annoWidth, lineSeparator, dest); + } + + /** + * Returns a new HexPrinter setting the formatter, delimiter, and width of the annotation. + * Note: The annotations may exceed the width. + * + * @param formatter a non-null Formatter + * @param delim a string delimiter for the annotation + * @param width the width of the annotation, non-negative + * @return a new HexPrinter + */ + public HexPrinter formatter(Formatter formatter, String delim, int width) { + Objects.requireNonNull(formatter, "formatter"); + Objects.requireNonNull(delim, "delim"); + return new HexPrinter(formatter, offsetFormat, bytesFormat, bytesCount, + delim, width, lineSeparator, dest); + } + + /** + * Returns a new HexPrinter setting the formatter to format a primitive type + * using the format string. + * The format string should include any pre or post spacing and delimiters. + *

+ * This is a convenience function equivalent to finding a formatter using + * {@link HexPrinter.Formatters#ofPrimitive}. + *

+ * + * @param primClass a primitive class, for example, {@code int.class} + * @param fmtString a {@link java.util.Formatter format string}. + * @return a new HexPrinter + * @throws IllegalArgumentException if the class is not a primitive class + */ + public HexPrinter formatter(Class primClass, String fmtString) { + Formatter formatter = getFormatter(primClass, fmtString); + return new HexPrinter(formatter, offsetFormat, bytesFormat, bytesCount, + annoDelim, annoWidth, lineSeparator, dest); + } + + /** + * Returns a formatter for the primitive type using the format string. + * The formatter reads a value of the primitive type from the stream + * and formats it using the format string. + * The format string includes any pre or post spacing and delimiters. + * + * @param primClass a primitive class, for example, {@code int.class} + * @param fmtString a {@link java.util.Formatter format string} + * @return a Formatter for the primitive type using the format string + */ + static Formatter getFormatter(Class primClass, String fmtString) { + return new PrimitiveFormatter(primClass, fmtString); + } + + /** + * Returns a string describing this HexPrinter. + * The string indicates the type of the destination and + * the formatting options. + * + * @return a String describing this HexPrinter + */ + public String toString() { + return "formatter: " + annoFormatter + + ", dest: " + dest.getClass().getName() + + ", offset: \"" + offsetFormat + + "\", bytes: " + bytesCount + + " x \"" + bytesFormat + "\"" + + ", delim: \"" + annoDelim + "\"" + + ", width: " + annoWidth + + ", nl: \"" + expand(lineSeparator) + "\""; + } + + private String expand(String sep) { + return sep.replace("\n", "\\n") + .replace("\r", "\\r"); + } + + private static class PrimitiveFormatter implements Formatter { + + private final Class primClass; + private final String fmtString; + + PrimitiveFormatter(Class primClass, String fmtString) { + Objects.requireNonNull(primClass, "primClass"); + Objects.requireNonNull(fmtString, "fmtString"); + if (!primClass.isPrimitive()) + throw new IllegalArgumentException("Not a primitive type: " + primClass.getName()); + this.primClass = primClass; + this.fmtString = fmtString; + } + + public void annotate(DataInputStream in, Appendable out) throws IOException { + if (primClass == byte.class) { + int v = in.readByte(); + out.append(String.format(fmtString, v)); + } else if (primClass == boolean.class) { + boolean v = in.readByte() != 0; + out.append(String.format(fmtString, v)); + } else if (primClass == short.class | primClass == char.class) { + int v = in.readShort(); + out.append(String.format(fmtString, v)); + } else if (primClass == float.class) { + float v = in.readFloat(); + out.append(String.format(fmtString, v)); + } else if (primClass == int.class) { + int v = in.readInt(); + out.append(String.format(fmtString, v)); + } else if (primClass == double.class) { + double v = in.readDouble(); + out.append(String.format(fmtString, v)); + } else if (primClass == long.class) { + long v = in.readLong(); + out.append(String.format(fmtString, v)); + } else { + throw new AssertionError("missing case on primitive class"); + } + } + + public String toString() { + return "(" + primClass.getName() + ", \"" + fmtString + "\")"; + } + } + + /** + * Formatter function reads bytes from a stream and + * appends a readable annotation to the output destination. + *

+ * Each invocation of the {@link #annotate annotate} method reads and annotates + * a single instance of its protocol or data type. + *

+ * Built-in formatting functions are provided in the {@link Formatters} class. + *

+ * As described by the {@link HexPrinter#toString(InputStream)} method, + * the {@link #annotate annotate} method is called to read bytes and produce + * the descriptive annotation. + *

+ * For example, a custom lambda formatter to read a float value (4 bytes) and + * print as a floating number could be written as a static method. + * 

{@code
+     *     // Format 4 bytes read from the input as a float 3.4.
+     *     static void annotate(DataInputStream in, Appendable out) throws IOException {
+     *         float f = in.readFloat();
+     *         out.append(String.format("%3.4f, ", f));
+     *     }
+     *
+     *     byte[] bytes = new byte[] {00 00 00 00 3f 80 00 00 40 00 00 00 40 40 00 00};
+     *     HexPrinter pp = HexPrinter.simple()
+     *         .withBytesFormat("%02x ", 8)
+     *         .formatter(Example::annotate)
+     *         .format(bytes);
+     *
+     * Result:
+     *     0: 00 00 00 00 3f 80 00 00  // 0.0000, 1.0000,
+     *     8: 40 00 00 00 40 40 00 00  // 2.0000, 3.0000,
+     * }
+ * + *

+ * The details of the buffering and calling of the formatter {@code annotate} + * methods is roughly as follows. + * The bytes read by the {@code annotate} method are logically buffered + * for each line of output. + * The {@code annotate} method writes its description of the bytes read + * to the output, this output is also buffered. + * When the number of bytes read exceeds the + * {@link #withBytesFormat(String, int) byte values count per line}, + * the buffered output exceeds the + * {@link #formatter(Formatter, String, int) width of the annotation field}, + * or a new line {@code "\n"} character is found in the output then + * a line of output is assembled and written to the destination Appendable. + * The formatter's {@code annotate} method is called repeatedly + * until the input is completely consumed or an exception is thrown. + * Any remaining buffered bytes or description are flushed to the destination Appendable. + */ + @FunctionalInterface + public interface Formatter { + + /** + * Read bytes from the input stream and append a descriptive annotation + * to the output destination. + * + * @param in a DataInputStream + * @param out an Appendable for the output + * @throws IOException if an I/O error occurs + */ + void annotate(DataInputStream in, Appendable out) throws IOException; + } + + /** + * Built-in formatters for printable byte, ASCII, UTF-8 and primitive types. + * Formatters for primitive types and different formatting options + * can be found by calling {@link #ofPrimitive(Class, String)}. + */ + public enum Formatters implements Formatter { + /** + * Read a byte and if it is ASCII write it, + * otherwise, write its mnemonic or its decimal value. + */ + PRINTABLE, + /** + * Read a byte, if it is ASCII write it, otherwise write a ".". + */ + ASCII, + /** + * Read a modified UTF-8 string and write it. + */ + UTF8, + /** + * Read a byte and write nothing. + */ + NONE; + + public void annotate(DataInputStream in, Appendable out) throws IOException { + switch (this) { + case PRINTABLE: bytePrintable(in, out); break; + case ASCII: byteASCII(in, out); break; + case UTF8: utf8Parser(in, out); break; + case NONE: byteNoneParser(in, out); break; + } + } + + /** + * Read a byte and write it as ASCII if it is printable, + * print its mnemonic if it is a control character, + * and print its decimal value otherwise. + * A space separator character is appended for control and decimal values. + * + * @param in a DataInputStream + * @param out an Appendable to write to + * @throws IOException if an I/O error occurs + */ + static void bytePrintable(DataInputStream in, Appendable out) throws IOException { + int v = in.readUnsignedByte(); + if (v < 32) { + out.append("\\").append(CONTROL_MNEMONICS[v]); + } else if (v < 126 && Character.isDefined(v)) { + out.append((char) v); + } else { + out.append("\\").append(Integer.toString(v, 10)); + } + } + + /** + * Read a byte and write it as ASCII if it is printable, otherwise print ".". + * + * @param in a DataInputStream + * @param out an Appendable to write to + * @throws IOException if an I/O error occurs + */ + static void byteASCII(DataInputStream in, Appendable out) throws IOException { + int v = in.readUnsignedByte(); + if (Character.isDefined(v)) { + out.append((char) v); + } else { + out.append('.'); + } + } + + /** + * Read a modified UTF-8 string and write it to the output destination. + * + * @param in a DataInputStream + * @param out an Appendable to write the output to + * @throws IOException if an I/O error occurs + */ + static void utf8Parser(DataInputStream in, Appendable out) throws IOException { + out.append(in.readUTF()).append(" "); + } + + /** + * Read a a byte and write nothing. + * + * @param in a DataInputStream + * @param out an Appendable to write the output to + * @throws IOException if an I/O error occurs + */ + static void byteNoneParser(DataInputStream in, Appendable out) throws IOException { + in.readByte(); + } + + /** + * Returns a {@code Formatter} for a primitive using the format string. + * The format string includes any pre or post spacing or delimiters. + * A value of the primitive is read using the type specific methods + * of {@link DataInputStream}, formatted using the format string, and + * written to the output. + * + * @param primClass a primitive class, for example, {@code int.class} + * @param fmtString a {@link java.util.Formatter format string}. + * @return a Formatter + */ + public static Formatter ofPrimitive(Class primClass, String fmtString) { + Objects.requireNonNull(primClass, "primClass"); + Objects.requireNonNull(fmtString, "fmtString"); + return new PrimitiveFormatter(primClass, fmtString); + } + } + + /** + * Internal implementation of the annotation output and processor of annotated output. + * Created for each new input source and discarded after each use. + * An OffsetInputStream is created to buffer and count the input bytes. + * + */ + private static final class AnnotationWriter extends CharArrayWriter { + private final transient OffsetInputStream source; + private final transient DataInputStream in; + private final transient int baseOffset; + private final transient HexPrinter params; + private final transient int bytesColWidth; + private final transient int annoWidth; + private final transient Appendable dest; + + /** + * Construct a new AnnotationWriter to process the source into the destination. + * Initializes the DataInputStream and marking of the input to keep track + * of bytes as they are read by the formatter. + * @param params formatting parameters + * @param source source InputStream + * @param baseOffset initial offset + * @param dest destination Appendable + */ + AnnotationWriter(HexPrinter params, InputStream source, int baseOffset, Appendable dest) { + this.params = params; + this.baseOffset = baseOffset; + Objects.requireNonNull(source, "Source is null"); + this.source = new OffsetInputStream(source); + this.source.mark(1024); + this.in = new DataInputStream(this.source); + this.bytesColWidth = params.bytesCount * String.format(params.bytesFormat, 255).length(); + this.annoWidth = params.annoWidth; + this.dest = dest; + } + + @Override + public void write(int c) { + super.write(c); + checkFlush(); + } + + @Override + public void write(char[] c, int off, int len) { + super.write(c, off, len); + for (int i = 0; i < len; i++) { + if (c[off+i] == '\n') { + process(); + return; + } + } + checkFlush(); + } + + @Override + public void write(String str, int off, int len) { + super.write(str, off, len); + if (str.indexOf('\n') >=0 ) + process(); + else + checkFlush(); + } + + private void checkFlush() { + if (size() > annoWidth) + process(); + } + + /** + * The annotation printing function is called repeatedly to read all of the bytes + * in the source stream and annotate the stream. + * The annotated output is appended to the output dest or buffered. + *

+ * The HexPrinter is not closed and can be used as a template + * to create a new formatter with a new Source or different formatting + * options. + *

+ */ + @Override + public void flush() { + try { + while (true) { + if (source.markedByteCount() >= params.bytesCount) + process(); + params.annoFormatter.annotate(in, this); + if (source.markedByteCount() > 256) { + // Normally annotations would cause processing more often + // Guard against overrunning the mark/reset buffer. + process(); + } + } + } catch (IOException ioe) { + process(); + if (!(ioe instanceof EOFException)) { + throw new UncheckedIOException(ioe); + } + } catch (UncheckedIOException uio) { + process(); // clear out the buffers + throw uio; + } + } + + /** + * Merge the buffered stream of annotations with the formatted bytes + * and append them to the dest. + *

+ * The annotation mapping function has read some bytes and buffered + * some output that corresponds to those bytes. + * The un-formatted bytes are in the OffsetInputStream after the mark. + * The stream is reset and the bytes are read again. + * Each line of the produced one line at a time to the dest. + * The byte offset is formatted according to the offsetFormat. + * The bytes after the mark are read and formatted using the bytesFormat + * and written to the dest up to the bytesWidth. + * The annotation stream is appended to the dest, but only up to the + * first newline (if any). The alignment between the annotated stream + * and the formatted bytes is approximate. + * New line characters in the annotation cause a new line to be started + * without regard to the number of formatted bytes. The column of formatted + * bytes may be incomplete. + */ + private void process() { + String info = toString(); + reset(); + int count = source.markedByteCount(); + try { + source.reset(); + long binColOffset = source.byteOffset(); + while (count > 0 || info.length() > 0) { + dest.append(String.format(params.offsetFormat, binColOffset + baseOffset)); + int colWidth = 0; + int byteCount = Math.min(params.bytesCount, count); + for (int i = 0; i < byteCount; i++) { + int b = source.read(); + if (b == -1) + throw new IllegalStateException("BUG"); + String s = String.format(params.bytesFormat, b); + colWidth += s.length(); + dest.append(s); + } + binColOffset += byteCount; + count -= byteCount; + + // Pad out the bytes column to its width + dest.append(" ".repeat(Math.max(0, bytesColWidth - colWidth))); + dest.append(params.annoDelim); + + // finish a line and prepare for next line + // Add a line from annotation buffer + if (info.length() > 0) { + int nl = info.indexOf('\n'); + if (nl < 0) { + dest.append(info); + info = ""; + } else { + dest.append(info, 0, nl); + info = info.substring(nl + 1); + } + } + dest.append(params.lineSeparator); + } + } catch (IOException ioe) { + try { + dest.append("\nIOException during annotations: ") + .append(ioe.getMessage()) + .append("\n"); + } catch (IOException ignore) { + // ignore + } + } + // reset the mark for the next line + source.mark(1024); + } + } + + /** + * Buffered InputStream that keeps track of byte offset. + */ + private static final class OffsetInputStream extends BufferedInputStream { + private long byteOffset; + private long markByteOffset; + + OffsetInputStream(InputStream in) { + super(in); + byteOffset = 0; + markByteOffset = 0; + } + + long byteOffset() { + return byteOffset; + } + + @Override + public void reset() throws IOException { + super.reset(); + byteOffset = markByteOffset; + } + + @Override + public synchronized void mark(int readlimit) { + super.mark(readlimit); + markByteOffset = byteOffset; + } + + int markedByteCount() { + if (markpos < 0) + return 0; + return pos - markpos; + } + + @Override + public int read() throws IOException { + int b = super.read(); + if (b >= 0) + byteOffset++; + return b; + } + + @Override + public long skip(long n) throws IOException { + long size = super.skip(n); + byteOffset += size; + return size; + } + + @Override + public int read(byte[] b) throws IOException { + int size = super.read(b); + byteOffset += Math.max(size, 0); + return size; + } + + @Override + public int read(byte[] b, int off, int len) throws IOException { + int size = super.read(b, off, len); + byteOffset += Math.max(size, 0); + return size; + } + } +} diff --git a/test/lib/jdk/test/lib/jfr/EventNames.java b/test/lib/jdk/test/lib/jfr/EventNames.java index ffdc88d26b3..df834c7fd31 100644 --- a/test/lib/jdk/test/lib/jfr/EventNames.java +++ b/test/lib/jdk/test/lib/jfr/EventNames.java @@ -175,6 +175,7 @@ public class EventNames { public final static String X509Certificate = PREFIX + "X509Certificate"; public final static String X509Validation = PREFIX + "X509Validation"; public final static String SecurityProperty = PREFIX + "SecurityPropertyModification"; + public final static String SecurityProviderService = PREFIX + "SecurityProviderService"; public final static String Deserialization = PREFIX + "Deserialization"; // Flight Recorder diff --git a/test/lib/jdk/test/lib/jvmti/jvmti_common.h b/test/lib/jdk/test/lib/jvmti/jvmti_common.h new file mode 100644 index 00000000000..0a1160fdbf6 --- /dev/null +++ b/test/lib/jdk/test/lib/jvmti/jvmti_common.h @@ -0,0 +1,910 @@ +/* + * Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +#ifndef JVMTI_COMMON_H +#define JVMTI_COMMON_H + +#include +#include +#include +#include +#include + +#ifdef _WIN32 +#include +#else +#include +#endif + +#include "jvmti.h" + +/** + * Additional Java basic types + */ + +#ifdef _WIN32 + typedef unsigned __int64 julong; +#else + typedef unsigned long long julong; +#endif + +#define LOG(...) \ + { \ + printf(__VA_ARGS__); \ + fflush(stdout); \ + } + +#define COMPLAIN LOG + + +const char* TranslateState(jint flags); +const char* TranslateError(jvmtiError err); + +static jvmtiExtensionFunction GetVirtualThread_func = NULL; +static jvmtiExtensionFunction GetCarrierThread_func = NULL; + +/** + * Convert the digits of the given value argument to a null-terminated + * character string and store the result (up to 32 bytes) in string. + * If value is negative, the first character of the stored string is + * the minus sign (-). The function returns a pointer to the begining + * of the result string. + */ +char* jlong_to_string(jlong value, char *string) { + char buffer[32]; + char *pbuf, *pstr; + + pstr = string; + if (value == 0) { + *pstr++ = '0'; + } else { + if (value < 0) { + *pstr++ = '-'; + value = -value; + } + pbuf = buffer; + while (value != 0) { + *pbuf++ = '0' + (char)(value % 10); + value = value / 10; + } + while (pbuf != buffer) { + *pstr++ = *--pbuf; + } + } + *pstr = '\0'; + + return string; +} + +/** + * Convert the digits of the given value argument to a null-terminated + * character string and store the result (up to 32 bytes) in string. + * The function returns a pointer to the begining of the result string. + */ +char* julong_to_string(julong value, char *string) { + char buffer[32]; + char *pbuf, *pstr; + + pstr = string; + if (value == 0) { + *pstr++ = '0'; + } else { + pbuf = buffer; + while (value != 0) { + *pbuf++ = '0' + (char)(value % 10); + value = value / 10; + } + while (pbuf != buffer) { + *pstr++ = *--pbuf; + } + } + *pstr = '\0'; + + return string; +} + +static void +fatal(JNIEnv* jni, const char* msg) { + jni->FatalError(msg); +} + + +static void +check_jvmti_status(JNIEnv* jni, jvmtiError err, const char* msg) { + if (err != JVMTI_ERROR_NONE) { + LOG("check_jvmti_status: JVMTI function returned error: %s (%d)\n", TranslateError(err), err); + jni->FatalError(msg); + } +} + +/* JVMTI helper wrappers. Check errors and fail or return null if jvmti operation failed. */ + +// Monitors often created in Agent_Initialize(..) where JNIEnv* jni doesn't exist. +jrawMonitorID +create_raw_monitor(jvmtiEnv *jvmti, const char* name) { + jrawMonitorID lock; + jvmtiError err = jvmti->CreateRawMonitor(name, &lock); + if (err != JVMTI_ERROR_NONE) { + return NULL; + } + return lock; +} + +void +destroy_raw_monitor(jvmtiEnv *jvmti, JNIEnv *jni, jrawMonitorID lock) { + check_jvmti_status(jni, jvmti->DestroyRawMonitor(lock), "DestroyRawMonitor failed."); +} + +class RawMonitorLocker { + private: + jvmtiEnv* _jvmti; + JNIEnv* _jni; + jrawMonitorID _monitor; + + public: + RawMonitorLocker(jvmtiEnv *jvmti,JNIEnv* jni, jrawMonitorID monitor):_jvmti(jvmti), _jni(jni), _monitor(monitor) { + check_jvmti_status(_jni, _jvmti->RawMonitorEnter(_monitor), "Fatal Error in RawMonitorEnter."); + } + + ~RawMonitorLocker() { + check_jvmti_status(_jni, _jvmti->RawMonitorExit(_monitor), "Fatal Error in RawMonitorEnter."); + } + + void wait(jlong millis) { + check_jvmti_status(_jni, _jvmti->RawMonitorWait(_monitor, millis), "Fatal Error in RawMonitorWait."); + } + + void wait() { + wait(0); + } + + void notify() { + check_jvmti_status(_jni, _jvmti->RawMonitorNotify(_monitor), "Fatal Error in RawMonitorNotify."); + } + + void notify_all() { + check_jvmti_status(_jni, _jvmti->RawMonitorNotifyAll(_monitor), "Fatal Error in RawMonitorNotifyAll."); + } + +}; + +static void +deallocate(jvmtiEnv *jvmti, JNIEnv* jni, void* ptr) { + jvmtiError err = jvmti->Deallocate((unsigned char*)ptr); + check_jvmti_status(jni, err, "deallocate: error in JVMTI Deallocate call"); +} + +static char* +get_method_class_name(jvmtiEnv *jvmti, JNIEnv* jni, jmethodID method) { + jclass klass = NULL; + char* cname = NULL; + char* result = NULL; + jvmtiError err; + + err = jvmti->GetMethodDeclaringClass(method, &klass); + check_jvmti_status(jni, err, "get_method_class_name: error in JVMTI GetMethodDeclaringClass"); + + err = jvmti->GetClassSignature(klass, &cname, NULL); + check_jvmti_status(jni, err, "get_method_class_name: error in JVMTI GetClassSignature"); + + size_t len = strlen(cname) - 2; // get rid of leading 'L' and trailing ';' + + err = jvmti->Allocate((jlong)(len + 1), (unsigned char**)&result); + check_jvmti_status(jni, err, "get_method_class_name: error in JVMTI Allocate"); + + strncpy(result, cname + 1, len); // skip leading 'L' + result[len] = '\0'; + deallocate(jvmti, jni, (void*)cname); + return result; +} + + +static void +print_method(jvmtiEnv *jvmti, JNIEnv* jni, jmethodID method, jint depth) { + char* cname = NULL; + char* mname = NULL; + char* msign = NULL; + jvmtiError err; + + cname = get_method_class_name(jvmti, jni, method); + + err = jvmti->GetMethodName(method, &mname, &msign, NULL); + check_jvmti_status(jni, err, "print_method: error in JVMTI GetMethodName"); + + LOG("%2d: %s: %s%s\n", depth, cname, mname, msign); + fflush(0); + deallocate(jvmti, jni, (void*)cname); + deallocate(jvmti, jni, (void*)mname); + deallocate(jvmti, jni, (void*)msign); +} + +void +print_thread_info(jvmtiEnv *jvmti, JNIEnv* jni, jthread thread_obj) { + jvmtiThreadInfo thread_info; + jint thread_state; + check_jvmti_status(jni, jvmti->GetThreadInfo(thread_obj, &thread_info), "Error in GetThreadInfo"); + check_jvmti_status(jni, jvmti->GetThreadState(thread_obj, &thread_state), "Error in GetThreadInfo"); + const char* state = TranslateState(thread_state); + LOG("Thread: %p, name: %s, state(%x): %s, attr: %s\n", thread_obj, thread_info.name, thread_state, TranslateState(thread_state), + (thread_info.is_daemon ? "daemon": "")); +} + +static void +print_stack_trace_frames(jvmtiEnv *jvmti, JNIEnv *jni, jint count, jvmtiFrameInfo *frames) { + LOG("JVMTI Stack Trace: frame count: %d\n", count); + for (int depth = 0; depth < count; depth++) { + print_method(jvmti, jni, frames[depth].method, depth); + } + LOG("\n"); +} + +static jint +get_frame_count(jvmtiEnv *jvmti, JNIEnv* jni, jthread thread) { + jint frame_count; + jvmtiError err = jvmti->GetFrameCount(thread, &frame_count); + check_jvmti_status(jni, err, "get_frame_count: error in JVMTI GetFrameCount call"); + return frame_count; +} + +static jvmtiThreadInfo +get_thread_info(jvmtiEnv *jvmti, JNIEnv* jni, jthread thread) { + jvmtiThreadInfo thr_info; + jvmtiError err = jvmti->GetThreadInfo(thread, &thr_info); + check_jvmti_status(jni, err, "get_thread_info: error in JVMTI GetThreadInfo call"); + return thr_info; +} + +static jint +get_thread_state(jvmtiEnv *jvmti, JNIEnv* jni, jthread thread) { + jint thread_state; + jvmtiError err = jvmti->GetThreadState(thread, &thread_state); + check_jvmti_status(jni, err, "get_thread_state: error in JVMTI GetThreadState call"); + return thread_state; +} + +static char* +get_thread_name(jvmtiEnv *jvmti, JNIEnv* jni, jthread thread) { + jvmtiThreadInfo thr_info; + jvmtiError err; + + memset(&thr_info, 0, sizeof(thr_info)); + err = jvmti->GetThreadInfo(thread, &thr_info); + if (err == JVMTI_ERROR_WRONG_PHASE || err == JVMTI_ERROR_THREAD_NOT_ALIVE) { + return NULL; // VM or target thread completed its work + } + check_jvmti_status(jni, err, "get_thread_name: error in JVMTI GetThreadInfo call"); + + static const char* UNNAMED_STR = ""; + static size_t UNNAMED_LEN = strlen(UNNAMED_STR); + char* tname = thr_info.name; + if (tname == NULL) { + err = jvmti->Allocate((jlong)(UNNAMED_LEN + 1), (unsigned char**)&tname); + check_jvmti_status(jni, err, "get_method_class_name: error in JVMTI Allocate"); + strncpy(tname, UNNAMED_STR, UNNAMED_LEN); + tname[UNNAMED_LEN] = '\0'; + } + return tname; +} + +static char* +get_method_name(jvmtiEnv *jvmti, JNIEnv* jni, jmethodID method) { + char* mname = NULL; + jvmtiError err; + + err = jvmti->GetMethodName(method, &mname, NULL, NULL); + check_jvmti_status(jni, err, "get_method_name: error in JVMTI GetMethodName call"); + + return mname; +} + +static jclass +find_class(jvmtiEnv *jvmti, JNIEnv *jni, jobject loader, const char* cname) { + jclass *classes = NULL; + jint count = 0; + jvmtiError err; + + err = jvmti->GetClassLoaderClasses(loader, &count, &classes); + check_jvmti_status(jni, err, "find_class: error in JVMTI GetClassLoaderClasses"); + + // Find the jmethodID of the specified method + while (--count >= 0) { + char* name = NULL; + jclass klass = classes[count]; + + err = jvmti->GetClassSignature(klass, &name, NULL); + check_jvmti_status(jni, err, "find_class: error in JVMTI GetClassSignature call"); + + bool found = (strcmp(name, cname) == 0); + deallocate(jvmti, jni, (void*)name); + if (found) { + return klass; + } + } + return NULL; +} + +static jmethodID +find_method(jvmtiEnv *jvmti, JNIEnv *jni, jclass klass, const char* mname) { + jmethodID *methods = NULL; + jmethodID method = NULL; + jint count = 0; + jvmtiError err; + + err = jvmti->GetClassMethods(klass, &count, &methods); + check_jvmti_status(jni, err, "find_method: error in JVMTI GetClassMethods"); + + // Find the jmethodID of the specified method + while (--count >= 0) { + char* name = NULL; + + jmethodID meth = methods[count]; + + err = jvmti->GetMethodName(meth, &name, NULL, NULL); + check_jvmti_status(jni, err, "find_method: error in JVMTI GetMethodName call"); + + bool found = (strcmp(name, mname) == 0); + deallocate(jvmti, jni, (void*)name); + if (found) { + method = meth; + break; + } + } + deallocate(jvmti, jni, (void*)methods); + return method; +} + +#define MAX_FRAME_COUNT_PRINT_STACK_TRACE 200 + +static void +print_current_stack_trace(jvmtiEnv *jvmti, JNIEnv* jni) { + jvmtiFrameInfo frames[MAX_FRAME_COUNT_PRINT_STACK_TRACE]; + jint count = 0; + + jvmtiError err = jvmti->GetStackTrace(NULL, 0, MAX_FRAME_COUNT_PRINT_STACK_TRACE, frames, &count); + check_jvmti_status(jni, err, "print_stack_trace: error in JVMTI GetStackTrace"); + + LOG("JVMTI Stack Trace for current thread: frame count: %d\n", count); + for (int depth = 0; depth < count; depth++) { + print_method(jvmti, jni, frames[depth].method, depth); + } + LOG("\n"); +} + +static void +print_stack_trace(jvmtiEnv *jvmti, JNIEnv* jni, jthread thread) { + jvmtiFrameInfo frames[MAX_FRAME_COUNT_PRINT_STACK_TRACE]; + char* tname = get_thread_name(jvmti, jni, thread); + jint count = 0; + + jvmtiError err = jvmti->GetStackTrace(thread, 0, MAX_FRAME_COUNT_PRINT_STACK_TRACE, frames, &count); + check_jvmti_status(jni, err, "print_stack_trace: error in JVMTI GetStackTrace"); + + LOG("JVMTI Stack Trace for thread %s: frame count: %d\n", tname, count); + for (int depth = 0; depth < count; depth++) { + print_method(jvmti, jni, frames[depth].method, depth); + } + deallocate(jvmti, jni, (void*)tname); + LOG("\n"); +} + + +static void suspend_thread(jvmtiEnv *jvmti, JNIEnv* jni, jthread thread) { + check_jvmti_status(jni, jvmti->SuspendThread(thread), "error in JVMTI SuspendThread"); +} + +static void resume_thread(jvmtiEnv *jvmti, JNIEnv* jni, jthread thread) { + check_jvmti_status(jni, jvmti->ResumeThread(thread), "error in JVMTI ResumeThread"); +} + +static jthread get_current_thread(jvmtiEnv *jvmti, JNIEnv* jni) { + jthread thread; + check_jvmti_status(jni, jvmti->GetCurrentThread(&thread), "error in JVMTI GetCurrentThread"); + return thread; +} + + + +/* Commonly used helper functions */ +const char* +TranslateState(jint flags) { + static char str[15 * 20]; + + if (flags == 0) { + return ""; + } + str[0] = '\0'; + + if (flags & JVMTI_THREAD_STATE_ALIVE) { + strcat(str, " ALIVE"); + } + if (flags & JVMTI_THREAD_STATE_TERMINATED) { + strcat(str, " TERMINATED"); + } + if (flags & JVMTI_THREAD_STATE_RUNNABLE) { + strcat(str, " RUNNABLE"); + } + if (flags & JVMTI_THREAD_STATE_WAITING) { + strcat(str, " WAITING"); + } + if (flags & JVMTI_THREAD_STATE_WAITING_INDEFINITELY) { + strcat(str, " WAITING_INDEFINITELY"); + } + if (flags & JVMTI_THREAD_STATE_WAITING_WITH_TIMEOUT) { + strcat(str, " WAITING_WITH_TIMEOUT"); + } + if (flags & JVMTI_THREAD_STATE_SLEEPING) { + strcat(str, " SLEEPING"); + } + if (flags & JVMTI_THREAD_STATE_IN_OBJECT_WAIT) { + strcat(str, " IN_OBJECT_WAIT"); + } + if (flags & JVMTI_THREAD_STATE_PARKED) { + strcat(str, " PARKED"); + } + if (flags & JVMTI_THREAD_STATE_BLOCKED_ON_MONITOR_ENTER) { + strcat(str, " BLOCKED_ON_MONITOR_ENTER"); + } + if (flags & JVMTI_THREAD_STATE_SUSPENDED) { + strcat(str, " SUSPENDED"); + } + if (flags & JVMTI_THREAD_STATE_INTERRUPTED) { + strcat(str, " INTERRUPTED"); + } + if (flags & JVMTI_THREAD_STATE_IN_NATIVE) { + strcat(str, " IN_NATIVE"); + } + return str; +} + +const char* +TranslateEvent(jvmtiEvent event_type) { + switch (event_type) { + case JVMTI_EVENT_VM_INIT: + return ("JVMTI_EVENT_VM_INIT"); + case JVMTI_EVENT_VM_DEATH: + return ("JVMTI_EVENT_VM_DEATH"); + case JVMTI_EVENT_THREAD_START: + return ("JVMTI_EVENT_THREAD_START"); + case JVMTI_EVENT_THREAD_END: + return ("JVMTI_EVENT_THREAD_END"); + case JVMTI_EVENT_CLASS_FILE_LOAD_HOOK: + return ("JVMTI_EVENT_CLASS_FILE_LOAD_HOOK"); + case JVMTI_EVENT_CLASS_LOAD: + return ("JVMTI_EVENT_CLASS_LOAD"); + case JVMTI_EVENT_CLASS_PREPARE: + return ("JVMTI_EVENT_CLASS_PREPARE"); + case JVMTI_EVENT_VM_START: + return ("JVMTI_EVENT_VM_START"); + case JVMTI_EVENT_EXCEPTION: + return ("JVMTI_EVENT_EXCEPTION"); + case JVMTI_EVENT_EXCEPTION_CATCH: + return ("JVMTI_EVENT_EXCEPTION_CATCH"); + case JVMTI_EVENT_SINGLE_STEP: + return ("JVMTI_EVENT_SINGLE_STEP"); + case JVMTI_EVENT_FRAME_POP: + return ("JVMTI_EVENT_FRAME_POP"); + case JVMTI_EVENT_BREAKPOINT: + return ("JVMTI_EVENT_BREAKPOINT"); + case JVMTI_EVENT_FIELD_ACCESS: + return ("JVMTI_EVENT_FIELD_ACCESS"); + case JVMTI_EVENT_FIELD_MODIFICATION: + return ("JVMTI_EVENT_FIELD_MODIFICATION"); + case JVMTI_EVENT_METHOD_ENTRY: + return ("JVMTI_EVENT_METHOD_ENTRY"); + case JVMTI_EVENT_METHOD_EXIT: + return ("JVMTI_EVENT_METHOD_EXIT"); + case JVMTI_EVENT_NATIVE_METHOD_BIND: + return ("JVMTI_EVENT_NATIVE_METHOD_BIND"); + case JVMTI_EVENT_COMPILED_METHOD_LOAD: + return ("JVMTI_EVENT_COMPILED_METHOD_LOAD"); + case JVMTI_EVENT_COMPILED_METHOD_UNLOAD: + return ("JVMTI_EVENT_COMPILED_METHOD_UNLOAD"); + case JVMTI_EVENT_DYNAMIC_CODE_GENERATED: + return ("JVMTI_EVENT_DYNAMIC_CODE_GENERATED"); + case JVMTI_EVENT_DATA_DUMP_REQUEST: + return ("JVMTI_EVENT_DATA_DUMP_REQUEST"); + case JVMTI_EVENT_MONITOR_WAIT: + return ("JVMTI_EVENT_MONITOR_WAIT"); + case JVMTI_EVENT_MONITOR_WAITED: + return ("JVMTI_EVENT_MONITOR_WAITED"); + case JVMTI_EVENT_MONITOR_CONTENDED_ENTER: + return ("JVMTI_EVENT_MONITOR_CONTENDED_ENTER"); + case JVMTI_EVENT_MONITOR_CONTENDED_ENTERED: + return ("JVMTI_EVENT_MONITOR_CONTENDED_ENTERED"); + case JVMTI_EVENT_GARBAGE_COLLECTION_START: + return ("JVMTI_EVENT_GARBAGE_COLLECTION_START"); + case JVMTI_EVENT_GARBAGE_COLLECTION_FINISH: + return ("JVMTI_EVENT_GARBAGE_COLLECTION_FINISH"); + case JVMTI_EVENT_OBJECT_FREE: + return ("JVMTI_EVENT_OBJECT_FREE"); + case JVMTI_EVENT_VM_OBJECT_ALLOC: + return ("JVMTI_EVENT_VM_OBJECT_ALLOC"); + default: + return (""); + } +} + +const char* +TranslateError(jvmtiError err) { + switch (err) { + case JVMTI_ERROR_NONE: + return ("JVMTI_ERROR_NONE"); + case JVMTI_ERROR_INVALID_THREAD: + return ("JVMTI_ERROR_INVALID_THREAD"); + case JVMTI_ERROR_INVALID_THREAD_GROUP: + return ("JVMTI_ERROR_INVALID_THREAD_GROUP"); + case JVMTI_ERROR_INVALID_PRIORITY: + return ("JVMTI_ERROR_INVALID_PRIORITY"); + case JVMTI_ERROR_THREAD_NOT_SUSPENDED: + return ("JVMTI_ERROR_THREAD_NOT_SUSPENDED"); + case JVMTI_ERROR_THREAD_SUSPENDED: + return ("JVMTI_ERROR_THREAD_SUSPENDED"); + case JVMTI_ERROR_THREAD_NOT_ALIVE: + return ("JVMTI_ERROR_THREAD_NOT_ALIVE"); + case JVMTI_ERROR_INVALID_OBJECT: + return ("JVMTI_ERROR_INVALID_OBJECT"); + case JVMTI_ERROR_INVALID_CLASS: + return ("JVMTI_ERROR_INVALID_CLASS"); + case JVMTI_ERROR_CLASS_NOT_PREPARED: + return ("JVMTI_ERROR_CLASS_NOT_PREPARED"); + case JVMTI_ERROR_INVALID_METHODID: + return ("JVMTI_ERROR_INVALID_METHODID"); + case JVMTI_ERROR_INVALID_LOCATION: + return ("JVMTI_ERROR_INVALID_LOCATION"); + case JVMTI_ERROR_INVALID_FIELDID: + return ("JVMTI_ERROR_INVALID_FIELDID"); + case JVMTI_ERROR_NO_MORE_FRAMES: + return ("JVMTI_ERROR_NO_MORE_FRAMES"); + case JVMTI_ERROR_OPAQUE_FRAME: + return ("JVMTI_ERROR_OPAQUE_FRAME"); + case JVMTI_ERROR_TYPE_MISMATCH: + return ("JVMTI_ERROR_TYPE_MISMATCH"); + case JVMTI_ERROR_INVALID_SLOT: + return ("JVMTI_ERROR_INVALID_SLOT"); + case JVMTI_ERROR_DUPLICATE: + return ("JVMTI_ERROR_DUPLICATE"); + case JVMTI_ERROR_NOT_FOUND: + return ("JVMTI_ERROR_NOT_FOUND"); + case JVMTI_ERROR_INVALID_MONITOR: + return ("JVMTI_ERROR_INVALID_MONITOR"); + case JVMTI_ERROR_NOT_MONITOR_OWNER: + return ("JVMTI_ERROR_NOT_MONITOR_OWNER"); + case JVMTI_ERROR_INTERRUPT: + return ("JVMTI_ERROR_INTERRUPT"); + case JVMTI_ERROR_INVALID_CLASS_FORMAT: + return ("JVMTI_ERROR_INVALID_CLASS_FORMAT"); + case JVMTI_ERROR_CIRCULAR_CLASS_DEFINITION: + return ("JVMTI_ERROR_CIRCULAR_CLASS_DEFINITION"); + case JVMTI_ERROR_FAILS_VERIFICATION: + return ("JVMTI_ERROR_FAILS_VERIFICATION"); + case JVMTI_ERROR_UNSUPPORTED_REDEFINITION_METHOD_ADDED: + return ("JVMTI_ERROR_UNSUPPORTED_REDEFINITION_METHOD_ADDED"); + case JVMTI_ERROR_UNSUPPORTED_REDEFINITION_SCHEMA_CHANGED: + return ("JVMTI_ERROR_UNSUPPORTED_REDEFINITION_SCHEMA_CHANGED"); + case JVMTI_ERROR_INVALID_TYPESTATE: + return ("JVMTI_ERROR_INVALID_TYPESTATE"); + case JVMTI_ERROR_UNSUPPORTED_REDEFINITION_HIERARCHY_CHANGED: + return ("JVMTI_ERROR_UNSUPPORTED_REDEFINITION_HIERARCHY_CHANGED"); + case JVMTI_ERROR_UNSUPPORTED_REDEFINITION_METHOD_DELETED: + return ("JVMTI_ERROR_UNSUPPORTED_REDEFINITION_METHOD_DELETED"); + case JVMTI_ERROR_UNSUPPORTED_VERSION: + return ("JVMTI_ERROR_UNSUPPORTED_VERSION"); + case JVMTI_ERROR_NAMES_DONT_MATCH: + return ("JVMTI_ERROR_NAMES_DONT_MATCH"); + case JVMTI_ERROR_UNSUPPORTED_REDEFINITION_CLASS_MODIFIERS_CHANGED: + return ("JVMTI_ERROR_UNSUPPORTED_REDEFINITION_CLASS_MODIFIERS_CHANGED"); + case JVMTI_ERROR_UNSUPPORTED_REDEFINITION_METHOD_MODIFIERS_CHANGED: + return ("JVMTI_ERROR_UNSUPPORTED_REDEFINITION_METHOD_MODIFIERS_CHANGED"); + case JVMTI_ERROR_UNMODIFIABLE_CLASS: + return ("JVMTI_ERROR_UNMODIFIABLE_CLASS"); + case JVMTI_ERROR_NOT_AVAILABLE: + return ("JVMTI_ERROR_NOT_AVAILABLE"); + case JVMTI_ERROR_MUST_POSSESS_CAPABILITY: + return ("JVMTI_ERROR_MUST_POSSESS_CAPABILITY"); + case JVMTI_ERROR_NULL_POINTER: + return ("JVMTI_ERROR_NULL_POINTER"); + case JVMTI_ERROR_ABSENT_INFORMATION: + return ("JVMTI_ERROR_ABSENT_INFORMATION"); + case JVMTI_ERROR_INVALID_EVENT_TYPE: + return ("JVMTI_ERROR_INVALID_EVENT_TYPE"); + case JVMTI_ERROR_ILLEGAL_ARGUMENT: + return ("JVMTI_ERROR_ILLEGAL_ARGUMENT"); + case JVMTI_ERROR_NATIVE_METHOD: + return ("JVMTI_ERROR_NATIVE_METHOD"); + case JVMTI_ERROR_OUT_OF_MEMORY: + return ("JVMTI_ERROR_OUT_OF_MEMORY"); + case JVMTI_ERROR_ACCESS_DENIED: + return ("JVMTI_ERROR_ACCESS_DENIED"); + case JVMTI_ERROR_WRONG_PHASE: + return ("JVMTI_ERROR_WRONG_PHASE"); + case JVMTI_ERROR_INTERNAL: + return ("JVMTI_ERROR_INTERNAL"); + case JVMTI_ERROR_UNATTACHED_THREAD: + return ("JVMTI_ERROR_UNATTACHED_THREAD"); + case JVMTI_ERROR_INVALID_ENVIRONMENT: + return ("JVMTI_ERROR_INVALID_ENVIRONMENT"); + default: + return (""); + } +} + +const char* +TranslatePhase(jvmtiPhase phase) { + switch (phase) { + case JVMTI_PHASE_ONLOAD: + return ("JVMTI_PHASE_ONLOAD"); + case JVMTI_PHASE_PRIMORDIAL: + return ("JVMTI_PHASE_PRIMORDIAL"); + case JVMTI_PHASE_START: + return ("JVMTI_PHASE_START"); + case JVMTI_PHASE_LIVE: + return ("JVMTI_PHASE_LIVE"); + case JVMTI_PHASE_DEAD: + return ("JVMTI_PHASE_DEAD"); + default: + return (""); + } +} + +const char* +TranslateRootKind(jvmtiHeapRootKind root) { + switch (root) { + case JVMTI_HEAP_ROOT_JNI_GLOBAL: + return ("JVMTI_HEAP_ROOT_JNI_GLOBAL"); + case JVMTI_HEAP_ROOT_JNI_LOCAL: + return ("JVMTI_HEAP_ROOT_JNI_LOCAL"); + case JVMTI_HEAP_ROOT_SYSTEM_CLASS: + return ("JVMTI_HEAP_ROOT_SYSTEM_CLASS"); + case JVMTI_HEAP_ROOT_MONITOR: + return ("JVMTI_HEAP_ROOT_MONITOR"); + case JVMTI_HEAP_ROOT_STACK_LOCAL: + return ("JVMTI_HEAP_ROOT_STACK_LOCAL"); + case JVMTI_HEAP_ROOT_THREAD: + return ("JVMTI_HEAP_ROOT_THREAD"); + case JVMTI_HEAP_ROOT_OTHER: + return ("JVMTI_HEAP_ROOT_OTHER"); + default: + return (""); + } +} + +const char* +TranslateObjectRefKind(jvmtiObjectReferenceKind ref) { + switch (ref) { + case JVMTI_REFERENCE_CLASS: + return ("JVMTI_REFERENCE_CLASS"); + case JVMTI_REFERENCE_FIELD: + return ("JVMTI_REFERENCE_FIELD"); + case JVMTI_REFERENCE_ARRAY_ELEMENT: + return ("JVMTI_REFERENCE_ARRAY_ELEMENT"); + case JVMTI_REFERENCE_CLASS_LOADER: + return ("JVMTI_REFERENCE_CLASS_LOADER"); + case JVMTI_REFERENCE_SIGNERS: + return ("JVMTI_REFERENCE_SIGNERS"); + case JVMTI_REFERENCE_PROTECTION_DOMAIN: + return ("JVMTI_REFERENCE_PROTECTION_DOMAIN"); + case JVMTI_REFERENCE_INTERFACE: + return ("JVMTI_REFERENCE_INTERFACE"); + case JVMTI_REFERENCE_STATIC_FIELD: + return ("JVMTI_REFERENCE_STATIC_FIELD"); + case JVMTI_REFERENCE_CONSTANT_POOL: + return ("JVMTI_REFERENCE_CONSTANT_POOL"); + default: + return (""); + } +} + +int +isThreadExpected(jvmtiEnv *jvmti, jthread thread) { + static const char *vm_jfr_buffer_thread_name = "VM JFR Buffer Thread"; + static const char *jfr_request_timer_thread_name = "JFR request timer"; + static const char *graal_management_bean_registration_thread_name = + "HotSpotGraalManagement Bean Registration"; + static const char *graal_compiler_thread_name_prefix = "JVMCI CompilerThread"; + static const size_t graal_prefix_length = strlen(graal_compiler_thread_name_prefix); + + static const char *unparker_thread_name_prefix = "VirtualThread-unparker"; + static const size_t unparker_prefix_length = strlen(unparker_thread_name_prefix); + + + jvmtiThreadInfo threadinfo; + jvmtiError err = jvmti->GetThreadInfo(thread, &threadinfo); + if (err != JVMTI_ERROR_NONE) { + return 0; + } + if (strcmp(threadinfo.name, vm_jfr_buffer_thread_name) == 0) { + return 0; + } + if (strcmp(threadinfo.name, jfr_request_timer_thread_name) == 0) { + return 0; + } + if (strcmp(threadinfo.name, graal_management_bean_registration_thread_name) == 0) + return 0; + + if ((strlen(threadinfo.name) > graal_prefix_length) && + strncmp(threadinfo.name, graal_compiler_thread_name_prefix, graal_prefix_length) == 0) { + return 0; + } + if (strncmp(threadinfo.name, unparker_thread_name_prefix, unparker_prefix_length) == 0) { + return 0; + } + return 1; +} + +jthread find_thread_by_name(jvmtiEnv* jvmti, JNIEnv* jni, const char name[]) { + jthread* threads = NULL; + jint count = 0; + jthread found_thread = NULL; + + if (name == NULL) { + return NULL; + } + + check_jvmti_status(jni, jvmti->GetAllThreads(&count, &threads), ""); + + for (int i = 0; i < count; i++) { + jvmtiThreadInfo info = get_thread_info(jvmti, jni, threads[i]); + if (info.name != NULL && strcmp(name, info.name) == 0) { + found_thread = threads[i]; + break; + } + } + + check_jvmti_status(jni, jvmti->Deallocate((unsigned char*)threads), ""); + + found_thread = (jthread) jni->NewGlobalRef(found_thread); + return found_thread; +} + +/* + * JVMTI Extension Mechanism + */ +static const jvmtiEvent + EXT_EVENT_VIRTUAL_THREAD_MOUNT = (jvmtiEvent)((int)JVMTI_MIN_EVENT_TYPE_VAL - 2), + EXT_EVENT_VIRTUAL_THREAD_UNMOUNT = (jvmtiEvent)((int)JVMTI_MIN_EVENT_TYPE_VAL - 3); + +static jvmtiExtensionFunction +find_ext_function(jvmtiEnv* jvmti, JNIEnv* jni, const char* fname) { + jint extCount = 0; + jvmtiExtensionFunctionInfo* extList = NULL; + + jvmtiError err = jvmti->GetExtensionFunctions(&extCount, &extList); + check_jvmti_status(jni, err, "jvmti_common find_ext_function: Error in JVMTI GetExtensionFunctions"); + + for (int i = 0; i < extCount; i++) { + if (strstr(extList[i].id, (char*)fname) != NULL) { + return extList[i].func; + } + } + return NULL; +} + +static jvmtiError +GetVirtualThread(jvmtiEnv* jvmti, JNIEnv* jni, jthread cthread, jthread* vthread_ptr) { + if (GetVirtualThread_func == NULL) { // lazily initialize function pointer + GetVirtualThread_func = find_ext_function(jvmti, jni, "GetVirtualThread"); + } + jvmtiError err = (*GetVirtualThread_func)(jvmti, cthread, vthread_ptr); + + return err; +} + +static jvmtiError +GetCarrierThread(jvmtiEnv* jvmti, JNIEnv* jni, jthread vthread, jthread* cthread_ptr) { + if (GetCarrierThread_func == NULL) { // lazily initialize function pointer + GetCarrierThread_func = find_ext_function(jvmti, jni, "GetCarrierThread"); + } + jvmtiError err = (*GetCarrierThread_func)(jvmti, vthread, cthread_ptr); + + return err; +} + +static jthread +get_virtual_thread(jvmtiEnv* jvmti, JNIEnv* jni, jthread cthread) { + jthread vthread = NULL; + jvmtiError err = GetVirtualThread(jvmti, jni, cthread, &vthread); + check_jvmti_status(jni, err, "jvmti_common get_virtual_thread: Error in JVMTI extension GetVirtualThread"); + return vthread; +} + +static jthread +get_carrier_thread(jvmtiEnv* jvmti, JNIEnv* jni, jthread vthread) { + jthread cthread = NULL; + jvmtiError err = GetCarrierThread(jvmti, jni, vthread, &cthread); + check_jvmti_status(jni, err, "jvmti_common get_carrier_thread: Error in JVMTI extension GetCarrierThread"); + + return cthread; +} + +static jvmtiExtensionEventInfo* +find_ext_event(jvmtiEnv* jvmti, const char* ename) { + jint extCount = 0; + jvmtiExtensionEventInfo* extList = NULL; + + jvmtiError err = jvmti->GetExtensionEvents(&extCount, &extList); + if (err != JVMTI_ERROR_NONE) { + LOG("jvmti_common find_ext_event: Error in JVMTI GetExtensionFunctions: %s(%d)\n",TranslateError(err), err); + return NULL; + } + for (int i = 0; i < extCount; i++) { + if (strstr(extList[i].id, (char*)ename) != NULL) { + return &extList[i]; + } + } + return NULL; +} + +static jvmtiError +set_ext_event_callback(jvmtiEnv* jvmti, const char* ename, jvmtiExtensionEvent callback) { + jvmtiExtensionEventInfo* info = find_ext_event(jvmti, ename); + + if (info == NULL) { + LOG("jvmti_common set_ext_event_callback: Extension event was not found: %s\n", ename); + return JVMTI_ERROR_NOT_AVAILABLE; + } + jvmtiError err = jvmti->SetExtensionEventCallback(info->extension_event_index, callback); + return err; +} + +/** Enable or disable given events. */ + +static jvmtiError +set_event_notification_mode(jvmtiEnv* jvmti, jvmtiEventMode mode, jvmtiEvent event_type, jthread event_thread) { + jvmtiError err = jvmti->SetEventNotificationMode(mode, event_type, event_thread); + return err; +} + +static void +set_event_notification_mode(jvmtiEnv* jvmti, JNIEnv* jni, jvmtiEventMode mode, jvmtiEvent event_type, jthread event_thread) { + jvmtiError err = jvmti->SetEventNotificationMode(mode, event_type, event_thread); + check_jvmti_status(jni, err, "jvmti_common set_event_notification_mode: Error in JVMTI SetEventNotificationMode"); +} + +int +enable_events_notifications(jvmtiEnv* jvmti, JNIEnv* jni, jvmtiEventMode enable, int size, jvmtiEvent list[], jthread thread) { + for (int i = 0; i < size; i++) { + check_jvmti_status(jni, jvmti->SetEventNotificationMode(enable, list[i], thread), ""); + } + return JNI_TRUE; +} + +void +sleep_ms(int millis) { +#ifdef _WIN32 + Sleep(millis); +#else + usleep(1000 * millis); +#endif +} + +void +sleep_sec(jlong timeout) { + int seconds = (int)((timeout + 999) / 1000); +#ifdef _WIN32 + Sleep(1000L * seconds); +#else + sleep(seconds); +#endif +} + +#endif diff --git a/test/lib/jdk/test/lib/net/HttpHeaderParser.java b/test/lib/jdk/test/lib/net/HttpHeaderParser.java new file mode 100644 index 00000000000..9a55d28f4a9 --- /dev/null +++ b/test/lib/jdk/test/lib/net/HttpHeaderParser.java @@ -0,0 +1,390 @@ +/* + * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package jdk.test.lib.net; + +import java.io.IOException; +import java.io.InputStream; +import java.net.ProtocolException; +import java.util.ArrayList; +import java.util.LinkedHashMap; +import java.util.List; +import java.util.Locale; +import java.util.Map; + +import static java.util.Objects.requireNonNull; + +public class HttpHeaderParser { + private static final char CR = '\r'; + private static final char LF = '\n'; + private static final char HT = '\t'; + private static final char SP = ' '; + // ABNF primitives defined in RFC 7230 + private static boolean[] tchar = new boolean[256]; + private static boolean[] fieldvchar = new boolean[256]; + + static { + char[] allowedTokenChars = + ("!#$%&'*+-.^_`|~0123456789" + + "abcdefghijklmnopqrstuvwxyz" + + "ABCDEFGHIJKLMNOPQRSTUVWXYZ").toCharArray(); + for (char c : allowedTokenChars) { + tchar[c] = true; + } + for (char c = 0x21; c <= 0xFF; c++) { + fieldvchar[c] = true; + } + fieldvchar[0x7F] = false; // a little hole (DEL) in the range + } + + private StringBuilder sb = new StringBuilder(); + + private Map > headerMap = new LinkedHashMap<>(); + private List keyList = new ArrayList<>(); + private String requestOrStatusLine; + private int responseCode; + private boolean eof; + + + + enum State { INITIAL, + STATUS_OR_REQUEST_LINE, + STATUS_OR_REQUEST_LINE_FOUND_CR, + STATUS_OR_REQUEST_LINE_FOUND_LF, + STATUS_OR_REQUEST_LINE_END, + STATUS_OR_REQUEST_LINE_END_CR, + STATUS_OR_REQUEST_LINE_END_LF, + HEADER, + HEADER_FOUND_CR, + HEADER_FOUND_LF, + HEADER_FOUND_CR_LF, + HEADER_FOUND_CR_LF_CR, + FINISHED } + + private HttpHeaderParser.State state = HttpHeaderParser.State.INITIAL; + + public HttpHeaderParser() { + } + + + public HttpHeaderParser(InputStream is) throws IOException, ProtocolException { + parse(is); + } + + public Map> getHeaderMap() { + return headerMap; + } + + public List getHeaderValue(String key) { + if(headerMap.containsKey(key.toLowerCase(Locale.ROOT))) { + return headerMap.get(key.toLowerCase(Locale.ROOT)); + } + return null; + } + public List getValue(int id) { + String key = keyList.get(id); + return headerMap.get(key); + } + + public String getRequestDetails() { + return requestOrStatusLine; + } + + /** + * Parses HTTP/1.X status-line or request-line and headers from the given input stream. + * @param input Containing the input stream of bytes representing request or response header data + * @return true if the end of the headers block has been reached + */ + public boolean parse(InputStream input) throws IOException { + requireNonNull(input, "null input"); + while (canContinueParsing()) { + switch (state) { + case INITIAL : state = HttpHeaderParser.State.STATUS_OR_REQUEST_LINE; break; + case STATUS_OR_REQUEST_LINE : readResumeStatusLine(input); break; + case STATUS_OR_REQUEST_LINE_FOUND_CR: case STATUS_OR_REQUEST_LINE_FOUND_LF : readStatusLineFeed(input); break; + case STATUS_OR_REQUEST_LINE_END : maybeStartHeaders(input); break; + case STATUS_OR_REQUEST_LINE_END_CR: case STATUS_OR_REQUEST_LINE_END_LF : maybeEndHeaders(input); break; + case HEADER : readResumeHeader(input); break; + case HEADER_FOUND_CR: case HEADER_FOUND_LF : resumeOrLF(input); break; + case HEADER_FOUND_CR_LF : resumeOrSecondCR(input); break; + case HEADER_FOUND_CR_LF_CR : resumeOrEndHeaders(input); break; + default : throw new InternalError("Unexpected state: " + state); + } + } + return state == HttpHeaderParser.State.FINISHED; + } + + private boolean canContinueParsing() { + // some states don't require any input to transition + // to the next state. + switch (state) { + case FINISHED : return false; + case STATUS_OR_REQUEST_LINE_FOUND_LF: STATUS_OR_REQUEST_LINE_END_LF: HEADER_FOUND_LF : return true; + default : return !eof; + } + } + + /** + * Returns a character (char) corresponding to the next byte in the + * input, interpreted as an ISO-8859-1 encoded character. + *

+ * The ISO-8859-1 encoding is a 8-bit character coding that + * corresponds to the first 256 Unicode characters - from U+0000 to + * U+00FF. UTF-16 is backward compatible with ISO-8859-1 - which + * means each byte in the input should be interpreted as an unsigned + * value from [0, 255] representing the character code. + * + * @param input a {@code InputStream} containing input stream of Bytes. + * @return the next byte in the input, interpreted as an ISO-8859-1 + * encoded char + * @throws IOException + * if an I/O error occurs. + */ + private char get(InputStream input) throws IOException { + int c = input.read(); + if(c < 0) + eof = true; + return (char)(c & 0xFF); + } + + private void readResumeStatusLine(InputStream input) throws IOException { + char c; + while ((c = get(input)) != CR && !eof) { + if (c == LF) break; + sb.append(c); + } + if (c == CR) { + state = HttpHeaderParser.State.STATUS_OR_REQUEST_LINE_FOUND_CR; + } else if (c == LF) { + state = HttpHeaderParser.State.STATUS_OR_REQUEST_LINE_FOUND_LF; + } + } + + private void readStatusLineFeed(InputStream input) throws IOException { + char c = state == HttpHeaderParser.State.STATUS_OR_REQUEST_LINE_FOUND_LF ? LF : get(input); + if (c != LF) { + throw protocolException("Bad trailing char, \"%s\", when parsing status line, \"%s\"", + c, sb.toString()); + } + requestOrStatusLine = sb.toString(); + sb = new StringBuilder(); + if (!requestOrStatusLine.startsWith("HTTP/1.")) { + if(!requestOrStatusLine.startsWith("GET") && !requestOrStatusLine.startsWith("POST") && + !requestOrStatusLine.startsWith("PUT") && !requestOrStatusLine.startsWith("DELETE") && + !requestOrStatusLine.startsWith("OPTIONS") && !requestOrStatusLine.startsWith("HEAD") && + !requestOrStatusLine.startsWith("PATCH") && !requestOrStatusLine.startsWith("CONNECT")) { + throw protocolException("Invalid request Or Status line: \"%s\"", requestOrStatusLine); + } else { //This is request + System.out.println("Request is :"+requestOrStatusLine); + } + } else { //This is response + if (requestOrStatusLine.length() < 12) { + throw protocolException("Invalid status line: \"%s\"", requestOrStatusLine); + } + try { + responseCode = Integer.parseInt(requestOrStatusLine.substring(9, 12)); + } catch (NumberFormatException nfe) { + throw protocolException("Invalid status line: \"%s\"", requestOrStatusLine); + } + // response code expected to be a 3-digit integer (RFC-2616, section 6.1.1) + if (responseCode < 100) { + throw protocolException("Invalid status line: \"%s\"", requestOrStatusLine); + } + } + state = HttpHeaderParser.State.STATUS_OR_REQUEST_LINE_END; + } + + private void maybeStartHeaders(InputStream input) throws IOException { + assert state == HttpHeaderParser.State.STATUS_OR_REQUEST_LINE_END; + assert sb.length() == 0; + char c = get(input); + if(!eof) { + if (c == CR) { + state = HttpHeaderParser.State.STATUS_OR_REQUEST_LINE_END_CR; + } else if (c == LF) { + state = HttpHeaderParser.State.STATUS_OR_REQUEST_LINE_END_LF; + } else { + sb.append(c); + state = HttpHeaderParser.State.HEADER; + } + } + } + + private void maybeEndHeaders(InputStream input) throws IOException { + assert state == HttpHeaderParser.State.STATUS_OR_REQUEST_LINE_END_CR || state == HttpHeaderParser.State.STATUS_OR_REQUEST_LINE_END_LF; + assert sb.length() == 0; + char c = state == HttpHeaderParser.State.STATUS_OR_REQUEST_LINE_END_LF ? LF : get(input); + if (c == LF) { + state = HttpHeaderParser.State.FINISHED; // no headers + } else { + throw protocolException("Unexpected \"%s\", after status line CR", c); + } + } + + private void readResumeHeader(InputStream input) throws IOException { + assert state == HttpHeaderParser.State.HEADER; + assert !eof; + char c = get(input); + while (!eof) { + if (c == CR) { + state = HttpHeaderParser.State.HEADER_FOUND_CR; + break; + } else if (c == LF) { + state = HttpHeaderParser.State.HEADER_FOUND_LF; + break; + } + if (c == HT) + c = SP; + sb.append(c); + c = get(input); + } + } + + private void addHeaderFromString(String headerString) throws ProtocolException { + assert sb.length() == 0; + int idx = headerString.indexOf(':'); + if (idx == -1) + return; + String name = headerString.substring(0, idx); + + // compatibility with HttpURLConnection; + if (name.isEmpty()) return; + + if (!isValidName(name)) { + throw protocolException("Invalid header name \"%s\"", name); + } + String value = headerString.substring(idx + 1).trim(); + if (!isValidValue(value)) { + throw protocolException("Invalid header value \"%s: %s\"", name, value); + } + + keyList.add(name); + headerMap.computeIfAbsent(name.toLowerCase(Locale.US), + k -> new ArrayList<>()).add(value); + } + + private void resumeOrLF(InputStream input) throws IOException { + assert state == HttpHeaderParser.State.HEADER_FOUND_CR || state == HttpHeaderParser.State.HEADER_FOUND_LF; + char c = state == HttpHeaderParser.State.HEADER_FOUND_LF ? LF : get(input); + if (!eof) { + if (c == LF) { + state = HttpHeaderParser.State.HEADER_FOUND_CR_LF; + } else if (c == SP || c == HT) { + sb.append(SP); // parity with MessageHeaders + state = HttpHeaderParser.State.HEADER; + } else { + sb = new StringBuilder(); + sb.append(c); + state = HttpHeaderParser.State.HEADER; + } + } + } + + private void resumeOrSecondCR(InputStream input) throws IOException { + assert state == HttpHeaderParser.State.HEADER_FOUND_CR_LF; + char c = get(input); + if (!eof) { + if (c == CR || c == LF) { + if (sb.length() > 0) { + // no continuation line - flush + // previous header value. + String headerString = sb.toString(); + sb = new StringBuilder(); + addHeaderFromString(headerString); + } + if (c == CR) { + state = HttpHeaderParser.State.HEADER_FOUND_CR_LF_CR; + } else { + state = HttpHeaderParser.State.FINISHED; + } + } else if (c == SP || c == HT) { + assert sb.length() != 0; + sb.append(SP); // continuation line + state = HttpHeaderParser.State.HEADER; + } else { + if (sb.length() > 0) { + // no continuation line - flush + // previous header value. + String headerString = sb.toString(); + sb = new StringBuilder(); + addHeaderFromString(headerString); + } + sb.append(c); + state = HttpHeaderParser.State.HEADER; + } + } + } + + private void resumeOrEndHeaders(InputStream input) throws IOException { + assert state == HttpHeaderParser.State.HEADER_FOUND_CR_LF_CR; + char c = get(input); + if (!eof) { + if (c == LF) { + state = HttpHeaderParser.State.FINISHED; + } else { + throw protocolException("Unexpected \"%s\", after CR LF CR", c); + } + } + } + + private ProtocolException protocolException(String format, Object ... args) { + return new ProtocolException(String.format(format, args)); + } + + /* + * Validates a RFC 7230 field-name. + */ + public boolean isValidName(String token) { + for (int i = 0; i < token.length(); i++) { + char c = token.charAt(i); + if (c > 255 || !tchar[c]) { + return false; + } + } + return !token.isEmpty(); + } + + /* + * Validates a RFC 7230 field-value. + * + * "Obsolete line folding" rule + * + * obs-fold = CRLF 1*( SP / HTAB ) + * + * is not permitted! + */ + public boolean isValidValue(String token) { + for (int i = 0; i < token.length(); i++) { + char c = token.charAt(i); + if (c > 255) { + return false; + } + if (c == ' ' || c == '\t') { + continue; + } else if (!fieldvchar[c]) { + return false; // forbidden byte + } + } + return true; + } +} diff --git a/test/lib/jdk/test/lib/net/SimpleSSLContext.java b/test/lib/jdk/test/lib/net/SimpleSSLContext.java new file mode 100644 index 00000000000..0bfbb5fdc34 --- /dev/null +++ b/test/lib/jdk/test/lib/net/SimpleSSLContext.java @@ -0,0 +1,128 @@ +/* + * Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package jdk.test.lib.net; + +import java.util.*; +import java.io.*; +import java.security.*; +import java.security.cert.*; +import javax.net.ssl.*; + +/** + * Creates a simple usable SSLContext for SSLSocketFactory + * or a HttpsServer using either a given keystore or a default + * one in the test tree. + * + * Using this class with a security manager requires the following + * permissions to be granted: + * + * permission "java.util.PropertyPermission" "test.src.path", "read"; + * permission java.io.FilePermission "/path/to/test/lib/jdk/test/lib/testkeys", "read"; + * The exact path above depends on the location of the test. + */ +public class SimpleSSLContext { + + SSLContext ssl; + + /** + * loads default keystore from SimpleSSLContext + * source directory + */ + public SimpleSSLContext() throws IOException { + try { + AccessController.doPrivileged(new PrivilegedExceptionAction() { + @Override + public Void run() throws Exception { + String paths = System.getProperty("test.src.path"); + StringTokenizer st = new StringTokenizer(paths, File.pathSeparator); + boolean securityExceptions = false; + while (st.hasMoreTokens()) { + String path = st.nextToken(); + try { + File f = new File(path, "jdk/test/lib/net/testkeys"); + if (f.exists()) { + try (FileInputStream fis = new FileInputStream(f)) { + init(fis); + return null; + } + } + } catch (SecurityException e) { + // catch and ignore because permission only required + // for one entry on path (at most) + securityExceptions = true; + } + } + if (securityExceptions) { + System.err.println("SecurityExceptions thrown on loading testkeys"); + } + return null; + } + }); + } catch (PrivilegedActionException pae) { + Throwable t = pae.getCause() != null ? pae.getCause() : pae; + if (t instanceof IOException) + throw (IOException)t; + if (t instanceof RuntimeException) + throw (RuntimeException)t; + if (t instanceof Error) + throw (Error)t; + throw new RuntimeException(t); + } + } + + /** + * loads default keystore from given directory + */ + public SimpleSSLContext(String dir) throws IOException { + String file = dir + "/testkeys"; + try (FileInputStream fis = new FileInputStream(file)) { + init(fis); + } + } + + private void init(InputStream i) throws IOException { + try { + char[] passphrase = "passphrase".toCharArray(); + KeyStore ks = KeyStore.getInstance("PKCS12"); + ks.load(i, passphrase); + + KeyManagerFactory kmf = KeyManagerFactory.getInstance("PKIX"); + kmf.init(ks, passphrase); + + TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX"); + tmf.init(ks); + + ssl = SSLContext.getInstance("TLS"); + ssl.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); + } catch (KeyManagementException | KeyStoreException | + UnrecoverableKeyException | CertificateException | + NoSuchAlgorithmException e) { + throw new RuntimeException(e.getMessage()); + } + } + + public SSLContext get() { + return ssl; + } +} diff --git a/test/jdk/lib/testlibrary/jdk/testlibrary/testkeys b/test/lib/jdk/test/lib/net/testkeys similarity index 100% rename from test/jdk/lib/testlibrary/jdk/testlibrary/testkeys rename to test/lib/jdk/test/lib/net/testkeys diff --git a/test/lib/jdk/test/lib/process/OutputAnalyzer.java b/test/lib/jdk/test/lib/process/OutputAnalyzer.java index 34e1fafe83f..1e2cd22bcbe 100644 --- a/test/lib/jdk/test/lib/process/OutputAnalyzer.java +++ b/test/lib/jdk/test/lib/process/OutputAnalyzer.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2013, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -607,15 +607,15 @@ public OutputAnalyzer stdoutShouldMatchByLine(String pattern) { /** * @see #shouldMatchByLine(String, String, String) */ - public OutputAnalyzer shouldMatchByLineFrom(String from, String pattern) { - return shouldMatchByLine(from, null, pattern); + public OutputAnalyzer shouldMatchByLineFrom(String fromPattern, String pattern) { + return shouldMatchByLine(fromPattern, null, pattern); } /** * @see #shouldMatchByLine(String, String, String) */ - public OutputAnalyzer shouldMatchByLineTo(String to, String pattern) { - return shouldMatchByLine(null, to, pattern); + public OutputAnalyzer shouldMatchByLineTo(String toPattern, String pattern) { + return shouldMatchByLine(null, toPattern, pattern); } /** @@ -623,17 +623,17 @@ public OutputAnalyzer shouldMatchByLineTo(String to, String pattern) { * {@code pattern} line by line. The whole output could be matched or * just a subset of it. * - * @param from - * The line (excluded) from where output will be matched. - * Set {@code from} to null for matching from the first line. - * @param to - * The line (excluded) until where output will be matched. - * Set {@code to} to null for matching until the last line. + * @param fromPattern + * The pattern of line (excluded) from where output will be matched. + * Set {@code fromPattern} to null for matching from the first line. + * @param toPattern + * The pattern of line (excluded) until where output will be matched. + * Set {@code toPattern} to null for matching until the last line. * @param pattern * Matching pattern */ - public OutputAnalyzer shouldMatchByLine(String from, String to, String pattern) { - return shouldMatchByLine(getOutput(), from, to, pattern); + public OutputAnalyzer shouldMatchByLine(String fromPattern, String toPattern, String pattern) { + return shouldMatchByLine(getOutput(), fromPattern, toPattern, pattern); } /** @@ -641,34 +641,34 @@ public OutputAnalyzer shouldMatchByLine(String from, String to, String pattern) * {@code pattern} line by line. The whole stdout could be matched or * just a subset of it. * - * @param from - * The line (excluded) from where stdout will be matched. - * Set {@code from} to null for matching from the first line. - * @param to - * The line (excluded) until where stdout will be matched. - * Set {@code to} to null for matching until the last line. + * @param fromPattern + * The pattern of line (excluded) from where stdout will be matched. + * Set {@code fromPattern} to null for matching from the first line. + * @param toPattern + * The pattern of line (excluded) until where stdout will be matched. + * Set {@code toPattern} to null for matching until the last line. * @param pattern * Matching pattern */ - public OutputAnalyzer stdoutShouldMatchByLine(String from, String to, String pattern) { - return shouldMatchByLine(getStdout(), from, to, pattern); + public OutputAnalyzer stdoutShouldMatchByLine(String fromPattern, String toPattern, String pattern) { + return shouldMatchByLine(getStdout(), fromPattern, toPattern, pattern); } - private OutputAnalyzer shouldMatchByLine(String buffer, String from, String to, String pattern) { + private OutputAnalyzer shouldMatchByLine(String buffer, String fromPattern, String toPattern, String pattern) { List lines = asLines(buffer); int fromIndex = 0; - if (from != null) { - fromIndex = indexOf(lines, from, 0) + 1; // + 1 -> apply 'pattern' to lines after 'from' match + if (fromPattern != null) { + fromIndex = indexOf(lines, fromPattern, 0) + 1; // + 1 -> apply 'pattern' to lines after 'from' match Asserts.assertGreaterThan(fromIndex, 0, - "The line/pattern '" + from + "' from where the output should match can not be found"); + "The line matched with pattern '" + fromPattern + "' from where the output should match can not be found"); } int toIndex = lines.size(); - if (to != null) { - toIndex = indexOf(lines, to, fromIndex); + if (toPattern != null) { + toIndex = indexOf(lines, toPattern, fromIndex); Asserts.assertGreaterThan(toIndex, fromIndex, - "The line/pattern '" + to + "' until where the output should match can not be found"); + "The line matched with pattern '" + toPattern + "' until where the output should match can not be found"); } List subList = lines.subList(fromIndex, toIndex); diff --git a/test/lib/jdk/test/lib/process/ProcessTools.java b/test/lib/jdk/test/lib/process/ProcessTools.java index 331f3d9b7cb..8a8e8043646 100644 --- a/test/lib/jdk/test/lib/process/ProcessTools.java +++ b/test/lib/jdk/test/lib/process/ProcessTools.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013, 2020, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2013, 2021, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -113,12 +113,12 @@ public static Process startProcess(String name, * The default redirects of STDOUT and STDERR are started *

* It is possible to wait for the process to get to a warmed-up state - * via {@linkplain Predicate} condition on the STDOUT + * via {@linkplain Predicate} condition on the STDOUT/STDERR *

* * @param name The process name * @param processBuilder The process builder - * @param linePredicate The {@linkplain Predicate} to use on the STDOUT + * @param linePredicate The {@linkplain Predicate} to use on the STDOUT and STDERR. * Used to determine the moment the target app is * properly warmed-up. * It can be null - in that case the warmup is skipped. @@ -143,14 +143,14 @@ public static Process startProcess(String name, * The default redirects of STDOUT and STDERR are started *

* It is possible to wait for the process to get to a warmed-up state - * via {@linkplain Predicate} condition on the STDOUT and monitor the + * via {@linkplain Predicate} condition on the STDOUT/STDERR and monitor the * in-streams via the provided {@linkplain Consumer} *

* * @param name The process name * @param processBuilder The process builder * @param lineConsumer The {@linkplain Consumer} the lines will be forwarded to - * @param linePredicate The {@linkplain Predicate} to use on the STDOUT + * @param linePredicate The {@linkplain Predicate} to use on the STDOUT and STDERR. * Used to determine the moment the target app is * properly warmed-up. * It can be null - in that case the warmup is skipped. @@ -190,10 +190,14 @@ protected void processLine(String line) { CountDownLatch latch = new CountDownLatch(1); if (linePredicate != null) { StreamPumper.LinePump pump = new StreamPumper.LinePump() { + // synchronization between stdout and stderr pumps + private final Object sync = new Object(); @Override protected void processLine(String line) { - if (latch.getCount() > 0 && linePredicate.test(line)) { - latch.countDown(); + synchronized (sync) { + if (latch.getCount() > 0 && linePredicate.test(line)) { + latch.countDown(); + } } } }; @@ -238,13 +242,13 @@ protected void processLine(String line) { * The default redirects of STDOUT and STDERR are started *

* It is possible to wait for the process to get to a warmed-up state - * via {@linkplain Predicate} condition on the STDOUT. The warm-up will - * wait indefinitely. + * via {@linkplain Predicate} condition on the STDOUT/STDERR. + * The warm-up will wait indefinitely. *

* * @param name The process name * @param processBuilder The process builder - * @param linePredicate The {@linkplain Predicate} to use on the STDOUT + * @param linePredicate The {@linkplain Predicate} to use on the STDOUT and STDERR. * Used to determine the moment the target app is * properly warmed-up. * It can be null - in that case the warmup is skipped. diff --git a/test/lib/jdk/test/lib/security/XMLUtils.java b/test/lib/jdk/test/lib/security/XMLUtils.java index af2c14d3143..a1c3eaaceda 100644 --- a/test/lib/jdk/test/lib/security/XMLUtils.java +++ b/test/lib/jdk/test/lib/security/XMLUtils.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2021, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,7 +23,6 @@ package jdk.test.lib.security; -import jdk.test.lib.Asserts; import org.w3c.dom.Document; import org.w3c.dom.Element; import org.w3c.dom.Node; @@ -49,15 +48,15 @@ import javax.xml.xpath.XPath; import javax.xml.xpath.XPathConstants; import javax.xml.xpath.XPathFactory; -import java.io.File; import java.io.StringReader; import java.io.StringWriter; import java.net.URI; -import java.nio.file.Files; -import java.nio.file.Path; import java.security.*; import java.security.cert.X509Certificate; +// "8166597: Crypto support for the EdDSA Signature Algorithm" missing in 11. +//import java.security.interfaces.EdECPrivateKey; import java.security.interfaces.RSAKey; +import java.security.spec.NamedParameterSpec; import java.security.spec.PSSParameterSpec; import java.util.*; @@ -68,37 +67,6 @@ public class XMLUtils { private static final XMLSignatureFactory FAC = XMLSignatureFactory.getInstance("DOM"); - //////////// MAIN as TEST //////////// - public static void main(String[] args) throws Exception { - var x = "cx"; - var p = Files.write(Path.of("x.xml"), List.of(x)); - var b = Path.of("").toUri().toString(); - var d = string2doc(x); - // keytool -keystore ks -keyalg ec -storepass changeit -genkeypair -alias a -dname CN=a - var pass = "changeit".toCharArray(); - var ks = KeyStore.getInstance(new File("ks"), pass); - var c = (X509Certificate) ks.getCertificate("a"); - var pr = (PrivateKey) ks.getKey("a", pass); - var pu = c.getPublicKey(); - var s0 = signer(pr); // No KeyInfo - var s1 = signer(pr, pu); // KeyInfo is PublicKey - var s2 = signer(pr, c); // KeyInfo is X509Data - var s3 = signer(ks, "a", pass); // KeyInfo is KeyName - var v1 = validator(); // knows nothing - var v2 = validator(ks); // knows KeyName - Asserts.assertTrue(v1.validate(s0.sign(d), pu)); // need PublicKey - Asserts.assertTrue(v1.validate(s1.sign(d))); // can read KeyInfo - Asserts.assertTrue(v1.validate(s2.sign(d))); // can read KeyInfo - Asserts.assertTrue(v2.validate(s3.sign(d))); // can read KeyInfo - Asserts.assertTrue(v2.secureValidation(false).validate(s3.sign(p.toUri()))); // can read KeyInfo - Asserts.assertTrue(v2.secureValidation(false).baseURI(b).validate( - s3.sign(p.toAbsolutePath().getParent().toUri(), p.getFileName().toUri()))); // can read KeyInfo - Asserts.assertTrue(v1.validate(s1.sign("text"))); // plain text - Asserts.assertTrue(v1.validate(s1.sign("binary".getBytes()))); // raw data - Asserts.assertTrue(v1.validate(s1.signEnveloping(d, "x", "#x"))); - Asserts.assertTrue(v1.validate(s1.signEnveloping(d, "x", "#xpointer(id('x'))"))); - } - //////////// CONVERT //////////// // Converts a Document object to string @@ -222,44 +190,20 @@ public static Signer signer(PrivateKey privateKey) public static class Signer { - PrivateKey privateKey; // signer key, never null + final PrivateKey privateKey; // signer key, never null + X509Certificate cert; // certificate, optional PublicKey publicKey; // public key, optional String keyName; // alias, optional - SignatureMethod sm; // default determined by privateKey - DigestMethod dm; // default SHA-256 - CanonicalizationMethod cm; // default EXCLUSIVE - Transform tr; // default ENVELOPED - - public Signer(PrivateKey privateKey) throws Exception { - this.privateKey = privateKey; - dm(DigestMethod.SHA256); - tr(Transform.ENVELOPED); - cm(CanonicalizationMethod.EXCLUSIVE); - String alg = privateKey.getAlgorithm(); - if (alg.equals("RSASSA-PSS")) { - PSSParameterSpec pspec - = (PSSParameterSpec) ((RSAKey) privateKey).getParams(); - /* - if (pspec != null) { - sm(SignatureMethod.RSA_PSS, new RSAPSSParameterSpec(pspec)); - } else { - sm(SignatureMethod.RSA_PSS); - } - */ - throw new Exception("Code not expected to be used in tests for 11. Backport 8241306."); - } else { - if (alg.equals("RSA")) { - sm(SignatureMethod.RSA_SHA256); - } else if (alg.equals("DSA")) { - sm(SignatureMethod.DSA_SHA256); - } else if (alg.equals("EC")) { - sm(SignatureMethod.ECDSA_SHA256); - } else { - throw new InvalidKeyException(); - } - } + String sm = null; // default determined by privateKey + SignatureMethodParameterSpec smSpec = null; + String dm = DigestMethod.SHA256; + String cm = CanonicalizationMethod.EXCLUSIVE; + String tr = Transform.ENVELOPED; + + public Signer(PrivateKey privateKey) { + this.privateKey = Objects.requireNonNull(privateKey); } // Change KeyInfo source @@ -281,47 +225,29 @@ public Signer keyName(String n) { // Change various methods - public Signer tr(String transform) throws Exception { - TransformParameterSpec params = null; - switch (transform) { - case Transform.XPATH: - params = new XPathFilterParameterSpec("//."); - break; - case Transform.XPATH2: - params = new XPathFilter2ParameterSpec( - Collections.singletonList(new XPathType("//.", - XPathType.Filter.INTERSECT))); - break; - } - tr = FAC.newTransform(transform, params); - return this; - } - - public Signer sm(String method) throws Exception { - sm = FAC.newSignatureMethod(method, null); + public Signer tr(String transform) { + tr = Objects.requireNonNull(transform); return this; } - public Signer dm(String method) throws Exception { - dm = FAC.newDigestMethod(method, null); + public Signer dm(String method) { + dm = Objects.requireNonNull(method); return this; } - public Signer cm(String method) throws Exception { - cm = FAC.newCanonicalizationMethod(method, (C14NMethodParameterSpec) null); + public Signer cm(String method) { + cm = Objects.requireNonNull(method); return this; } - public Signer sm(String method, SignatureMethodParameterSpec spec) - throws Exception { - sm = FAC.newSignatureMethod(method, spec); + public Signer sm(String method, SignatureMethodParameterSpec spec) { + sm = method; + smSpec = spec; return this; } - public Signer dm(String method, DigestMethodParameterSpec spec) - throws Exception { - dm = FAC.newDigestMethod(method, spec); - return this; + public Signer sm(String method) throws Exception { + return sm(method, null); } // Signs different sources @@ -361,7 +287,7 @@ public Document signEnveloping(Document document, String id, String ref) throws Document newDocument = DocumentBuilderFactory.newInstance() .newDocumentBuilder().newDocument(); FAC.newXMLSignature( - buildSignedInfo(FAC.newReference(ref, dm)), + buildSignedInfo(FAC.newReference(ref, FAC.newDigestMethod(dm, null))), buildKeyInfo(), List.of(FAC.newXMLObject(List.of(new DOMStructure(document.getDocumentElement())), id, null, null)), @@ -376,7 +302,7 @@ public Document sign(byte[] data) throws Exception { Document newDocument = DocumentBuilderFactory.newInstance() .newDocumentBuilder().newDocument(); FAC.newXMLSignature( - buildSignedInfo(FAC.newReference("#object", dm, List.of + buildSignedInfo(FAC.newReference("#object", FAC.newDigestMethod(dm, null), List.of (FAC.newTransform(Transform.BASE64, (TransformParameterSpec) null)), null, null)), buildKeyInfo(), @@ -394,9 +320,11 @@ public Document sign(String str) throws Exception { Document newDocument = DocumentBuilderFactory.newInstance() .newDocumentBuilder().newDocument(); FAC.newXMLSignature( - buildSignedInfo(FAC.newReference("#object", dm)), + buildSignedInfo( + FAC.newReference("#object", FAC.newDigestMethod(dm, null))), buildKeyInfo(), - List.of(FAC.newXMLObject(List.of(new DOMStructure(newDocument.createTextNode(str))), + List.of(FAC.newXMLObject( + List.of(new DOMStructure(newDocument.createTextNode(str))), "object", null, null)), null, null) @@ -405,22 +333,75 @@ public Document sign(String str) throws Exception { } // Builds a SignedInfo for a string reference - private SignedInfo buildSignedInfo(String ref) { - return FAC.newSignedInfo( - cm, - sm, - List.of(FAC.newReference( + private SignedInfo buildSignedInfo(String ref) throws Exception { + TransformParameterSpec pSpec; + if (tr.equals(Transform.XPATH)) { + pSpec = new XPathFilterParameterSpec("//."); + } else if (tr.equals(Transform.XPATH2)) { + pSpec = new XPathFilter2ParameterSpec( + Collections.singletonList(new XPathType("//.", + XPathType.Filter.INTERSECT))); + } else { + pSpec = null; + } + return buildSignedInfo(FAC.newReference( ref, - dm, - List.of(tr), - null, null))); + FAC.newDigestMethod(dm, null), + List.of(FAC.newTransform(tr, pSpec)), + null, null)); } // Builds a SignedInfo for a Reference - private SignedInfo buildSignedInfo(Reference ref) { + private SignedInfo buildSignedInfo(Reference ref) throws Exception { + SignatureMethod signatureMethod; + if (sm == null) { + String alg = privateKey.getAlgorithm().toUpperCase(Locale.ROOT); + if (alg.equals("RSASSA-PSS")) { + PSSParameterSpec pspec + = (PSSParameterSpec) ((RSAKey) privateKey).getParams(); + /* + if (pspec != null) { + signatureMethod = FAC.newSignatureMethod( + SignatureMethod.RSA_PSS, new RSAPSSParameterSpec(pspec)); + } else { + signatureMethod = FAC.newSignatureMethod(SignatureMethod.RSA_PSS, null); + } + */ + throw new Exception("Code not expected to be used in tests for 11. Backport 8241306."); + } else { + if (alg.equals("RSA")) { + signatureMethod = FAC.newSignatureMethod(SignatureMethod.RSA_SHA256, null); + } else if (alg.equals("DSA")) { + signatureMethod = FAC.newSignatureMethod(SignatureMethod.DSA_SHA256, null); + } else if (alg.equals("EC")) { + signatureMethod = FAC.newSignatureMethod(SignatureMethod.ECDSA_SHA256, null); + } else if (alg.equals("ED25519")) { + signatureMethod = FAC.newSignatureMethod("http://www.w3.org/2021/04/xmldsig-more#eddsa-ed25519", null); + } else if (alg.equals("ED448")) { + signatureMethod = FAC.newSignatureMethod("http://www.w3.org/2021/04/xmldsig-more#eddsa-ed448", null); + } else if (alg.equals("EDDSA")) { + /* + if (privateKey instanceof EdECPrivateKey) { + EdECPrivateKey edsk = (EdECPrivateKey)privateKey; + FAC.newSignatureMethod(edsk.getParams().getName() + .equals(NamedParameterSpec.ED25519.getName()) + ? "http://www.w3.org/2021/04/xmldsig-more#eddsa-ed25519" + : "http://www.w3.org/2021/04/xmldsig-more#eddsa-ed448", null); + } else { + throw new InvalidKeyException(); + } + */ + throw new Exception("Code not expected to be used in tests for 11. Backport 8166597."); + } else { + throw new InvalidKeyException(); + } + } + } else { + signatureMethod = FAC.newSignatureMethod(sm, smSpec); + } return FAC.newSignedInfo( - cm, - sm, + FAC.newCanonicalizationMethod(cm, (C14NMethodParameterSpec) null), + signatureMethod, List.of(ref)); } @@ -526,7 +507,9 @@ public KeySelectorResult select(KeyInfo keyInfo, AlgorithmMethod method, XMLCryptoContext context) throws KeySelectorException { - Objects.requireNonNull(keyInfo, "Null KeyInfo object!"); + if (keyInfo == null) { + throw new IllegalArgumentException("Null KeyInfo object!"); + } for (XMLStructure xmlStructure : keyInfo.getContent()) { PublicKey pk; diff --git a/test/lib/jdk/test/lib/util/CoreUtils.java b/test/lib/jdk/test/lib/util/CoreUtils.java new file mode 100644 index 00000000000..432115746af --- /dev/null +++ b/test/lib/jdk/test/lib/util/CoreUtils.java @@ -0,0 +1,243 @@ +/* + * Copyright (c) 2020, 2023, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package jdk.test.lib.util; + +import jdk.test.lib.Asserts; +import jdk.test.lib.Platform; +import jdk.test.lib.process.OutputAnalyzer; +import jdk.test.lib.process.ProcessTools; + +import jtreg.SkippedException; + +import java.io.File; +import java.io.IOException; +import java.nio.file.Files; +import java.nio.file.Path; +import java.nio.file.Paths; +import java.util.Arrays; +import java.util.regex.Matcher; +import java.util.regex.Pattern; +import java.util.Scanner; +import java.util.zip.GZIPInputStream; + +public class CoreUtils { + + private static final String RUN_SHELL_NO_LIMIT = "ulimit -c unlimited && "; + + /** + * Returns a {@code ulimit} command that will allow for an unlimited core file size + * if the platform supports it. + * + * @return {@code String} for the ulimit command if supported by the platform, + * otherwise {@code null}. + */ + private static String getCoreUlimitCommand() { + String result = null; + try { + OutputAnalyzer output = ProcessTools.executeProcess("sh", "-c", RUN_SHELL_NO_LIMIT + "ulimit -c"); + if (output.getExitValue() != 0) { + result = null; + } else if (!output.getStdout().contains("unlimited")) { + result = null; + } else { + result = RUN_SHELL_NO_LIMIT; // success + } + } catch (Throwable t) { + System.out.println("Exception in getCoreUlimitCommand(): " + t.toString()); + result = null; + } + System.out.println("Run test with ulimit -c: " + + (result == null ? "default" : "unlimited")); + return result; + } + + /** + * Return a {@code ProcessBuilder} that has been prefixed with + * a {@code ulimit} command to allow for an unlimited core file size. + * + * @param pb {@code ProcessBuilder} to prefix with the ulimit command + * @return New {@code ProcessBuilder} with prefixed {@code ulimit} command if + * supported. Otherwise the passed in {@code ProcessBuilder} is returned. + */ + public static ProcessBuilder addCoreUlimitCommand(ProcessBuilder pb) { + String cmd = ProcessTools.getCommandLine(pb); + String ulimitCmd = getCoreUlimitCommand(); + if (ulimitCmd == null) { + return pb; + } else { + if (Platform.isWindows()) { + // In order to launch on Windows using "sh -c", we need to first + // convert the path to use forward slashes and do some extra quoting. + cmd = cmd.replace('\\', '/').replace(";", "\\;").replace("|", "\\|"); + } + return new ProcessBuilder("sh", "-c", ulimitCmd + cmd); + } + } + + /** + * Find the path to the core file mentioned in the output and return its path. + * + * @param crashOutputString {@code String} to search in for the core file path + * @return Location of core file if found in the output, otherwise {@code null}. + */ + public static String getCoreFileLocation(String crashOutputString) throws IOException { + unzipCores(new File(".")); + + // Find the core file + String coreFileLocation = parseCoreFileLocationFromOutput(crashOutputString); + if (coreFileLocation != null) { + Asserts.assertGT(new File(coreFileLocation).length(), 0L, "Unexpected core size"); + System.out.println("Found core file: " + coreFileLocation); + return coreFileLocation; // success! + } else { + System.out.println("Core file not found. Trying to find a reason why..."); + } + + // See if we can figure out the likely reason the core file was not found. + // Throw SkippedException if appropriate. + if (Platform.isOSX()) { + File coresDir = new File("/cores"); + if (!coresDir.isDirectory()) { + throw new RuntimeException(coresDir + " is not a directory"); + } + // The /cores directory is usually not writable on macOS 10.15 + if (!coresDir.canWrite()) { + throw new SkippedException("Directory \"" + coresDir + "\" is not writable"); + } + if (Platform.isHardenedOSX()) { + if (Platform.getOsVersionMajor() > 10 || + (Platform.getOsVersionMajor() == 10 && Platform.getOsVersionMinor() >= 15)) + { + // We can't generate cores files with hardened binaries on OSX 10.15 and later. + throw new SkippedException("Cannot produce core file with hardened binary on OSX 10.15 and later"); + } + } else { + // codesign has to add entitlements using the plist. If this is not present we might not generate a core file. + if (!Platform.hasOSXPlistEntries()) { + throw new SkippedException("Cannot produce core file with binary having no plist entitlement entries"); + } + } + } else if (Platform.isLinux()) { + // Check if a crash report tool is installed. + File corePatternFile = new File(CORE_PATTERN_FILE_NAME); + try (Scanner scanner = new Scanner(corePatternFile)) { + while (scanner.hasNextLine()) { + String line = scanner.nextLine(); + line = line.trim(); + System.out.println(line); + if (line.startsWith("|")) { + System.out.println( + "\nThis system uses a crash report tool ($cat /proc/sys/kernel/core_pattern).\n" + + "Core files might not be generated. Please reset /proc/sys/kernel/core_pattern\n" + + "to enable core generation. Skipping this test."); + throw new SkippedException("This system uses a crash report tool"); + } + } + } + } + throw new RuntimeException("Couldn't find core file location in: '" + crashOutputString + "'"); + } + + private static final String CORE_PATTERN_FILE_NAME = "/proc/sys/kernel/core_pattern"; + private static final String LOCATION_STRING = "location: "; + + private static String parseCoreFileLocationFromOutput(String crashOutputString) { + System.out.println("crashOutputString = [" + crashOutputString + "]"); + if(crashOutputString == null || crashOutputString.equals("")) { + return null; + } + // Find the line of output that contains LOCATION_STRING + Asserts.assertTrue(crashOutputString.contains(LOCATION_STRING), + "Output doesn't contain the location of core file."); + String stringWithLocation = Arrays.stream(crashOutputString.split("\\r?\\n")) + .filter(str -> str.contains(LOCATION_STRING)) + .findFirst() + .get(); + stringWithLocation = stringWithLocation.substring(stringWithLocation + .indexOf(LOCATION_STRING) + LOCATION_STRING.length()); + System.out.println("getCoreFileLocation found stringWithLocation = " + stringWithLocation); + + // Find the core file name in the output. + String coreWithPid; + if (stringWithLocation.contains("or ") && !Platform.isWindows()) { + Matcher m = Pattern.compile("or.* ([^ ]+[^\\)])\\)?").matcher(stringWithLocation); + if (!m.find()) { + throw new RuntimeException("Couldn't find path to core inside location string"); + } + coreWithPid = m.group(1); + } else { + coreWithPid = stringWithLocation.trim(); + } + if (new File(coreWithPid).exists()) { + return coreWithPid; + } + + // Look for file named "core" in the cwd. + String justCore = Paths.get("core").toString(); + if (new File(justCore).exists()) { + return justCore; + } + + // Look for the core file name found in the output, but do so in the cwd. + Path coreWithPidPath = Paths.get(coreWithPid); + String justFile = coreWithPidPath.getFileName().toString(); + if (new File(justFile).exists()) { + return justFile; + } + + // Look for file named "core" in the path to the core file found in the output. + Path parent = coreWithPidPath.getParent(); + if (parent != null) { + String coreWithoutPid = parent.resolve("core").toString(); + if (new File(coreWithoutPid).exists()) { + return coreWithoutPid; + } + } + return null; + } + + private static void unzipCores(File dir) { + File[] gzCores = dir.listFiles((directory, name) -> name.matches("core(\\.\\d+)?\\.gz")); + for (File gzCore : gzCores) { + String coreFileName = gzCore.getName().replace(".gz", ""); + System.out.println("Unzipping core into " + coreFileName); + try (GZIPInputStream gzis = new GZIPInputStream(Files.newInputStream(gzCore.toPath()))) { + Files.copy(gzis, Paths.get(coreFileName)); + } catch (IOException e) { + throw new SkippedException("Not able to unzip file: " + gzCore.getAbsolutePath(), e); + } + } + } + + public static String getAlwaysPretouchArg(boolean withCore) { + // macosx-aarch64 has an issue where sometimes the java heap will not be dumped to the + // core file. Using -XX:+AlwaysPreTouch fixes the problem. + if (withCore && Platform.isOSX() && Platform.isAArch64()) { + return "-XX:+AlwaysPreTouch"; + } else { + return "-XX:-AlwaysPreTouch"; + } + } + +} diff --git a/test/lib/jdk/test/lib/util/FileUtils.java b/test/lib/jdk/test/lib/util/FileUtils.java index 016e76b6bae..4972dfaa748 100644 --- a/test/lib/jdk/test/lib/util/FileUtils.java +++ b/test/lib/jdk/test/lib/util/FileUtils.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2017, 2020, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -43,6 +43,7 @@ import java.util.HashSet; import java.util.List; import java.util.Optional; +import java.util.Set; import java.util.concurrent.atomic.AtomicBoolean; import java.util.concurrent.atomic.AtomicReference; import java.util.concurrent.TimeUnit; @@ -97,7 +98,7 @@ public static void deleteFileWithRetry(Path path) throws IOException { */ public static void deleteFileIfExistsWithRetry(Path path) throws IOException { try { - if (Files.exists(path)) { + if (!Files.notExists(path)) { deleteFileWithRetry0(path); } } catch (InterruptedException x) { @@ -243,87 +244,84 @@ public static boolean areFileSystemsAccessible() throws IOException { } /** - * Checks whether all file systems are accessible. This is performed - * by checking free disk space on all mounted file systems via a - * separate, spawned process. File systems are considered to be - * accessible if this process completes successfully before a given - * fixed duration has elapsed. + * Checks whether all file systems are accessible and there are no + * duplicate mount points. This is performed by checking free disk + * space on all mounted file systems via a separate, spawned process. + * File systems are considered to be accessible if this process completes + * successfully before a given fixed duration has elapsed. * * @implNote On Unix this executes the {@code df} command in a separate * process and on Windows always returns {@code true}. * - * @return whether file systems appear to be accessible - * - * @throws RuntimeException if there are duplicate mount points or some - * other execution problem occurs + * @return whether file systems appear to be accessible and duplicate-free */ - public static boolean areAllMountPointsAccessible() { + public static boolean areMountPointsAccessibleAndUnique() { + if (IS_WINDOWS) return true; + final AtomicBoolean areMountPointsOK = new AtomicBoolean(true); - if (!IS_WINDOWS) { - Thread thr = new Thread(() -> { - try { - Process proc = new ProcessBuilder("df").start(); - BufferedReader reader = new BufferedReader - (new InputStreamReader(proc.getInputStream())); - // Skip the first line as it is the "df" output header. - if (reader.readLine() != null ) { - String prevMountPoint = null, mountPoint = null; - while ((mountPoint = reader.readLine()) != null) { - if (prevMountPoint != null && - mountPoint.equals(prevMountPoint)) { - throw new RuntimeException - ("System configuration error: " + - "duplicate mount point " + mountPoint + - " detected"); - } - prevMountPoint = mountPoint; + Thread thr = new Thread(() -> { + try { + Process proc = new ProcessBuilder("df").start(); + BufferedReader reader = new BufferedReader + (new InputStreamReader(proc.getInputStream())); + // Skip the first line as it is the "df" output header. + if (reader.readLine() != null ) { + Set mountPoints = new HashSet(); + String mountPoint = null; + while ((mountPoint = reader.readLine()) != null) { + if (!mountPoints.add(mountPoint)) { + System.err.printf + ("Config error: duplicate mount point %s%n", + mountPoint); + areMountPointsOK.set(false); + break; } } + } - try { - proc.waitFor(90, TimeUnit.SECONDS); - } catch (InterruptedException ignored) { - } - try { - int exitValue = proc.exitValue(); - if (exitValue != 0) { - System.err.printf("df process exited with %d != 0%n", - exitValue); - areMountPointsOK.set(false); - } - } catch (IllegalThreadStateException ignored) { - System.err.println("df command apparently hung"); + try { + proc.waitFor(90, TimeUnit.SECONDS); + } catch (InterruptedException ignored) { + } + try { + int exitValue = proc.exitValue(); + if (exitValue != 0) { + System.err.printf("df process exited with %d != 0%n", + exitValue); areMountPointsOK.set(false); } - } catch (IOException ioe) { - throw new RuntimeException(ioe); - }; - }); + } catch (IllegalThreadStateException ignored) { + System.err.println("df command apparently hung"); + areMountPointsOK.set(false); + } + } catch (IOException ioe) { + throw new RuntimeException(ioe); + }; + }); - final AtomicReference throwableReference = - new AtomicReference(); - thr.setUncaughtExceptionHandler( - new Thread.UncaughtExceptionHandler() { - public void uncaughtException(Thread t, Throwable e) { - throwableReference.set(e); - } - }); + final AtomicReference throwableReference = + new AtomicReference(); + thr.setUncaughtExceptionHandler( + new Thread.UncaughtExceptionHandler() { + public void uncaughtException(Thread t, Throwable e) { + throwableReference.set(e); + } + }); - thr.start(); - try { - thr.join(120*1000L); - } catch (InterruptedException ie) { - throw new RuntimeException(ie); - } + thr.start(); + try { + thr.join(120*1000L); + } catch (InterruptedException ie) { + throw new RuntimeException(ie); + } - Throwable uncaughtException = (Throwable)throwableReference.get(); - if (uncaughtException != null) { - throw new RuntimeException(uncaughtException); - } + Throwable uncaughtException = (Throwable)throwableReference.get(); + if (uncaughtException != null) { + throw new RuntimeException(uncaughtException); + } - if (thr.isAlive()) { - throw new RuntimeException("df thread did not join in time"); - } + if (thr.isAlive()) { + throw new RuntimeException("df thread did not join in time"); } return areMountPointsOK.get(); diff --git a/test/lib/jdk/test/lib/util/JarUtils.java b/test/lib/jdk/test/lib/util/JarUtils.java index cf4d1d515fa..b1cc74f5294 100644 --- a/test/lib/jdk/test/lib/util/JarUtils.java +++ b/test/lib/jdk/test/lib/util/JarUtils.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2015, 2020, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -157,7 +157,7 @@ public static void updateJarFile(Path jarfile, Path dir, Path... files) while (jentries.hasMoreElements()) { JarEntry jentry = jentries.nextElement(); if (!names.contains(jentry.getName())) { - jos.putNextEntry(jentry); + jos.putNextEntry(copyEntry(jentry)); jf.getInputStream(jentry).transferTo(jos); } } @@ -289,7 +289,7 @@ public static void updateJar(String src, String dest, changes.remove(name); } else { System.out.println(String.format("- Copy %s", name)); - jos.putNextEntry(entry); + jos.putNextEntry(copyEntry(entry)); srcJarFile.getInputStream(entry).transferTo(jos); } } @@ -359,4 +359,17 @@ private static List findAllRegularFiles(Path dir, Path[] files) throws IOE } return entries; } + + private static JarEntry copyEntry(JarEntry e1) { + JarEntry e2 = new JarEntry(e1.getName()); + e2.setMethod(e1.getMethod()); + e2.setTime(e1.getTime()); + e2.setComment(e1.getComment()); + e2.setExtra(e1.getExtra()); + if (e1.getMethod() == JarEntry.STORED) { + e2.setSize(e1.getSize()); + e2.setCrc(e1.getCrc()); + } + return e2; + } } diff --git a/test/jdk/lib/testlibrary/ModuleUtils.java b/test/lib/jdk/test/lib/util/ModuleUtils.java similarity index 96% rename from test/jdk/lib/testlibrary/ModuleUtils.java rename to test/lib/jdk/test/lib/util/ModuleUtils.java index b3c9d5e49c8..d97fd953b99 100644 --- a/test/jdk/lib/testlibrary/ModuleUtils.java +++ b/test/lib/jdk/test/lib/util/ModuleUtils.java @@ -21,6 +21,8 @@ * questions. */ +package jdk.test.lib.util; + import java.lang.module.ModuleDescriptor; import java.lang.module.ModuleFinder; import java.lang.module.ModuleReader; @@ -47,7 +49,7 @@ private ModuleUtils() { } * Returns a ModuleFinder that finds modules with the given module * descriptors. */ - static ModuleFinder finderOf(ModuleDescriptor... descriptors) { + public static ModuleFinder finderOf(ModuleDescriptor... descriptors) { // Create a ModuleReference for each module Map namesToReference = new HashMap<>(); diff --git a/test/lib/sun/hotspot/WhiteBox.java b/test/lib/sun/hotspot/WhiteBox.java index 802614f0ef1..feae1ed8e2f 100644 --- a/test/lib/sun/hotspot/WhiteBox.java +++ b/test/lib/sun/hotspot/WhiteBox.java @@ -386,6 +386,8 @@ public void clearInlineCaches(boolean preserve_static_stubs) { public native boolean metaspaceShouldConcurrentCollect(); public native long metaspaceReserveAlignment(); + public native void cleanMetaspaces(); + // Don't use these methods directly // Use sun.hotspot.gc.GC class instead. public native boolean isGCSupported(int name);