stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

8180571: Refactor sun/security/pkcs11 shell tests to plain java tests and fix failures

Browse Source 
Reviewed-by: xuelei
This commit is contained in:
Fernando Guallini 2021-06-01 19:09:42 +00:00 committed by Xue-Lei Andrew Fan
parent 40e4171f56
commit ccfcd92667
18 changed files with 256 additions and 881 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
test/jdk/ProblemList.txt
View File

@ -662,7 +662,7 @@ javax/net/ssl/DTLS/CipherSuite.java 8202059 macosx-x
sun/security/provider/KeyStore/DKSTest.sh 8180266 windows-all
sun/security/pkcs11/KeyStore/SecretKeysBasic.sh 8209398 generic-all
sun/security/pkcs11/KeyStore/SecretKeysBasic.java 8209398 generic-all
security/infra/java/security/cert/CertPathValidator/certification/ActalisCA.java 8224768 generic-all
security/infra/java/security/cert/CertPathValidator/certification/BuypassCA.java 8243543 generic-all

35
test/jdk/sun/security/pkcs11/Config/ReadConfInUTF16Env.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2017, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2017, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -21,17 +21,36 @@
* questions.
*/
/* @test
* @bug 8187023
* @summary Pkcs11 config file should be assumed in ISO-8859-1
* @library /test/lib
* @run testng/othervm ReadConfInUTF16Env
*/
import jdk.test.lib.process.ProcessTools;
import org.testng.annotations.Test;
import java.security.Provider;
import java.security.Security;
public class ReadConfInUTF16Env {
public static void main(String argv[]) {
Provider p = Security.getProvider("SunPKCS11");
if (p == null) {
System.out.println("Skipping test - no PKCS11 provider available");
return;
}
System.out.println(p.getName());
@Test
public void testReadConfInUTF16Env() throws Exception {
String[] testCommand = new String[] { "-Dfile.encoding=UTF-16",
TestSunPKCS11Provider.class.getName()};
ProcessTools.executeTestJvm(testCommand).shouldHaveExitValue(0);
}
static class TestSunPKCS11Provider {
public static void main(String[] args) throws Exception {
Provider p = Security.getProvider("SunPKCS11");
if (p == null) {
System.out.println("Skipping test - no PKCS11 provider available");
return;
}
System.out.println(p.getName());
}
}
}

39
test/jdk/sun/security/pkcs11/Config/ReadConfInUTF16Env.sh
View File

@ -1,39 +0,0 @@
#
# Copyright (c) 2017, 2020, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 2 only, as
# published by the Free Software Foundation.
#
# This code is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# version 2 for more details (a copy is included in the LICENSE file that
# accompanied this code).
#
# You should have received a copy of the GNU General Public License version
# 2 along with this work; if not, write to the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
# or visit www.oracle.com if you need additional information or have any
# questions.
#
# @test
# @bug 8187023
# @summary Pkcs11 config file should be assumed in ISO-8859-1
# @library /test/lib
# @build ReadConfInUTF16Env
# @run shell ReadConfInUTF16Env.sh
# jtreg does not like -Dfile.encoding=UTF-16 inside a @run main line,
# testlibrary.ProcessTools.createJavaProcessBuilder() also had troubles
# executing a subprocess with -Dfile.encoding=UTF-16 option added,
# therefore a shell test is written.
$TESTJAVA/bin/java $TESTVMOPTS -cp $TESTCLASSES \
-Dfile.encoding=UTF-16 \
ReadConfInUTF16Env

68
test/jdk/sun/security/pkcs11/KeyStore/Basic.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -21,19 +21,30 @@
* questions.
*/
/* @test
* @bug 4938185
* @summary KeyStore support for NSS cert/key databases
* To run manually:
* set environment variable:
* <token> [activcard|ibutton|nss|sca1000]
* <command> [list|basic]
*
* Note:
* . 'list' lists the token aliases
* . 'basic' does not run with activcard,
* @library /test/lib ..
* @run testng/othervm Basic
*/
import java.io.*;
import java.nio.file.Path;
import java.util.*;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.KeyPair;
import java.security.SecureRandom;
import java.security.AuthProvider;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.ProviderException;
import java.security.Signature;
import java.security.Security;
@ -44,17 +55,18 @@ import java.security.interfaces.*;
import javax.crypto.SecretKey;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginException;
import com.sun.security.auth.module.*;
import com.sun.security.auth.callback.*;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
public class Basic extends PKCS11Test {
private static final char SEP = File.separatorChar;
private static String DIR = System.getProperty("DIR");
private static final Path TEST_DATA_PATH = Path.of(BASE)
.resolve("BasicData");
private static final String DIR = TEST_DATA_PATH.toString();
private static char[] tokenPwd;
private static final char[] ibuttonPwd =
new char[0];
@ -88,6 +100,22 @@ public class Basic extends PKCS11Test {
private static final String KS_TYPE = "PKCS11";
private static Provider provider;
@BeforeClass
public void setUp() throws Exception {
copyNssCertKeyToClassesDir();
setCommonSystemProps();
System.setProperty("CUSTOM_P11_CONFIG",
TEST_DATA_PATH.resolve("p11-nss.txt").toString());
System.setProperty("TOKEN", "nss");
System.setProperty("TEST", "basic");
}
@Test
public void testBasic() throws Exception {
String[] args = {"sm", "Basic.policy"};
main(new Basic(), args);
}
private static class FooEntry implements KeyStore.Entry { }
private static class P11SecretKey implements SecretKey {
@ -102,10 +130,6 @@ public class Basic extends PKCS11Test {
public byte[] getEncoded() { return new byte[length/8]; }
}
public static void main(String[] args) throws Exception {
main(new Basic(), args);
}
public void main(Provider p) throws Exception {
this.provider = p;
@ -136,17 +160,17 @@ public class Basic extends PKCS11Test {
// get cert chains for private keys
CertificateFactory cf = CertificateFactory.getInstance("X.509", "SUN");
Certificate caCert = (X509Certificate)cf.generateCertificate
Certificate caCert = cf.generateCertificate
(new FileInputStream(new File(DIR, "ca.cert")));
Certificate ca2Cert = (X509Certificate)cf.generateCertificate
Certificate ca2Cert = cf.generateCertificate
(new FileInputStream(new File(DIR, "ca2.cert")));
Certificate pk1cert = (X509Certificate)cf.generateCertificate
Certificate pk1cert = cf.generateCertificate
(new FileInputStream(new File(DIR, "pk1.cert")));
Certificate pk1cert2 = (X509Certificate)cf.generateCertificate
Certificate pk1cert2 = cf.generateCertificate
(new FileInputStream(new File(DIR, "pk1.cert2")));
Certificate pk2cert = (X509Certificate)cf.generateCertificate
Certificate pk2cert = cf.generateCertificate
(new FileInputStream(new File(DIR, "pk2.cert")));
Certificate pk3cert = (X509Certificate)cf.generateCertificate
Certificate pk3cert = cf.generateCertificate
(new FileInputStream(new File(DIR, "pk3.cert")));
chain1 = new Certificate[] { pk1cert, caCert };
chain2 = new Certificate[] { pk2cert, caCert };
@ -373,12 +397,12 @@ public class Basic extends PKCS11Test {
KeyStoreLoginModule m = new KeyStoreLoginModule();
Subject s = new Subject();
Map options = new HashMap();
Map<String, String> options = new HashMap<>();
options.put("keyStoreURL", "NONE");
options.put("keyStoreType", KS_TYPE);
options.put("keyStoreProvider", KS_PROVIDER);
options.put("debug", "true");
m.initialize(s, new TextCallbackHandler(), new HashMap(), options);
m.initialize(s, new TextCallbackHandler(), new HashMap<>(), options);
m.login();
m.commit();
System.out.println("authenticated subject = " + s);

171
test/jdk/sun/security/pkcs11/KeyStore/Basic.sh
View File

@ -1,171 +0,0 @@
#
# Copyright (c) 2003, 2020, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 2 only, as
# published by the Free Software Foundation.
#
# This code is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# version 2 for more details (a copy is included in the LICENSE file that
# accompanied this code).
#
# You should have received a copy of the GNU General Public License version
# 2 along with this work; if not, write to the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
# or visit www.oracle.com if you need additional information or have any
# questions.
#
# @test
# @bug 4938185
# @library /test/lib
# @summary KeyStore support for NSS cert/key databases
#
# @run shell Basic.sh
# To run by hand:
# %sh Basic.sh <recompile> [yes|no]
# <token> [activcard|ibutton|nss|sca1000]
# <command> [list|basic]
#
# %sh Basic.sh no ibutton list
#
# Note:
# . 'list' lists the token aliases
# . 'basic' does not run with activcard,
# and tests different things depending on what is supported by each token
# set a few environment variables so that the shell-script can run stand-alone
# in the source directory
# if running by hand on windows, change TESTSRC and TESTCLASSES to "."
if [ "${TESTSRC}" = "" ] ; then
TESTSRC=`pwd`
fi
if [ "${TESTCLASSES}" = "" ] ; then
TESTCLASSES=`pwd`
fi
# if running by hand on windows, change this to appropriate value
if [ "${TESTJAVA}" = "" ] ; then
TESTJAVA="/net/radiant/export1/charlie/mustang/build/solaris-sparc"
fi
if [ "${COMPILEJAVA}" = "" ]; then
COMPILEJAVA="${TESTJAVA}"
fi
echo TESTSRC=${TESTSRC}
echo TESTCLASSES=${TESTCLASSES}
echo TESTJAVA=${TESTJAVA}
echo COMPILEJAVA=${COMPILEJAVA}
echo CPAPPEND=${CPAPPEND}
echo ""
# get command from input args -
# default to 'nss basic'
RECOMPILE="yes"
if [ $# = '3' ] ; then
RECOMPILE=$1
TOKEN=$2
TEST=$3
elif [ $# = '2' ] ; then
TOKEN=$1
TEST=$2
else
TOKEN="nss"
TEST="basic"
fi
DEBUG=sunpkcs11,pkcs11keystore
echo RECOMPILE=${RECOMPILE}
echo TOKEN=${TOKEN}
echo TEST=${TEST}
echo DEBUG=${DEBUG}
echo ""
OS=`uname -s`
case "$OS" in
Linux )
ARCH=`uname -m`
case "$ARCH" in
i[3-6]86 )
FS="/"
PS=":"
CP="${FS}bin${FS}cp"
CHMOD="${FS}bin${FS}chmod"
;;
* )
# ia64 )
# x86_64 )
echo "Unsupported System: Linux ${ARCH}"
exit 0;
;;
esac
;;
Windows* )
FS="\\"
PS=";"
CP="cp"
CHMOD="chmod"
# 'uname -m' does not give us enough information -
# should rely on $PROCESSOR_IDENTIFIER (as is done in Defs-windows.gmk),
# but JTREG does not pass this env variable when executing a shell script.
#
# execute test program - rely on it to exit if platform unsupported
;;
* )
echo "Unsupported System: ${OS}"
exit 0;
;;
esac
# first make cert/key DBs writable if token is NSS
if [ "${TOKEN}" = "nss" ] ; then
${CP} ${TESTSRC}${FS}..${FS}nss${FS}db${FS}cert8.db ${TESTCLASSES}
${CHMOD} +w ${TESTCLASSES}${FS}cert8.db
${CP} ${TESTSRC}${FS}..${FS}nss${FS}db${FS}key3.db ${TESTCLASSES}
${CHMOD} +w ${TESTCLASSES}${FS}key3.db
fi
# compile test
if [ "${RECOMPILE}" = "yes" ] ; then
${COMPILEJAVA}${FS}bin${FS}javac ${TESTJAVACOPTS} ${TESTTOOLVMOPTS} \
-classpath ${TESTSRC}${FS}..${PS}${TESTSRC}${FS}loader.jar \
-d ${TESTCLASSES} \
${TESTSRC}${FS}..${FS}..${FS}..${FS}..${FS}..${FS}lib${FS}jdk${FS}test${FS}lib${FS}artifacts${FS}*.java \
${TESTSRC}${FS}Basic.java \
${TESTSRC}${FS}..${FS}PKCS11Test.java
fi
# run test
${TESTJAVA}${FS}bin${FS}java ${TESTVMOPTS} \
-classpath ${TESTCLASSES}${PS}${TESTSRC}${FS}loader.jar${PS}${CPAPPEND} \
-DDIR=${TESTSRC}${FS}BasicData \
-DCUSTOM_DB_DIR=${TESTCLASSES} \
-DCUSTOM_P11_CONFIG=${TESTSRC}${FS}BasicData${FS}p11-${TOKEN}.txt \
-DNO_DEFAULT=true \
-DNO_DEIMOS=true \
-DTOKEN=${TOKEN} \
-DTEST=${TEST} \
-Dtest.src=${TESTSRC} \
-Dtest.classes=${TESTCLASSES} \
-Djava.security.debug=${DEBUG} \
Basic sm Basic.policy
# save error status
status=$?
# return
exit $status

138
test/jdk/sun/security/pkcs11/KeyStore/ClientAuth.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2015, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -21,10 +21,24 @@
* questions.
*/
/* @test
* @bug 4938185 7106773
* @summary KeyStore support for NSS cert/key databases
* 512 bits RSA key cannot work with SHA384 and SHA512
* @library /test/lib ..
* @run testng/othervm ClientAuth
*/
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
import java.io.*;
import java.net.*;
import java.util.*;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.nio.file.Path;
import java.security.*;
import java.util.Arrays;
import java.util.concurrent.CountDownLatch;
import javax.net.*;
import javax.net.ssl.*;
@ -43,7 +57,10 @@ public class ClientAuth extends PKCS11Test {
private static final String TS = "truststore";
private static String p11config;
private static String DIR = System.getProperty("DIR");
private static final Path TEST_DATA_PATH = Path.of(BASE)
.resolve("ClientAuthData");
private static final String DIR = TEST_DATA_PATH.toString();
/*
* Should we run the client or server in a separate thread?
@ -55,7 +72,7 @@ public class ClientAuth extends PKCS11Test {
/*
* Is the server ready to serve?
*/
volatile static boolean serverReady = false;
private final CountDownLatch serverReadyLatch = new CountDownLatch(1);
/*
* Turn on SSL debugging?
@ -71,6 +88,40 @@ public class ClientAuth extends PKCS11Test {
* smart about it....
*/
@BeforeClass
public void setUp() throws Exception {
copyNssCertKeyToClassesDir(TEST_DATA_PATH);
setCommonSystemProps();
System.setProperty("CUSTOM_P11_CONFIG",
TEST_DATA_PATH.resolve("p11-nss.txt").toString());
Security.setProperty("jdk.tls.disabledAlgorithms", "");
Security.setProperty("jdk.certpath.disabledAlgorithms", "");
}
@Test
public void testClientAuthTLSv1() throws Exception {
String[] args = { "TLSv1" };
runTest(args);
}
@Test
public void testClientAuthTLSv11() throws Exception {
String[] args = { "TLSv1.1" };
runTest(args);
}
@Test
public void testClientAuthTLSv12AndCipherSuite() throws Exception {
String[] args = { "TLSv1.2", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA" };
runTest(args);
}
private void runTest(String[] args) throws Exception {
System.out.println("Running with args: " + Arrays.toString(args));
parseArguments(args);
main(new ClientAuth());
}
/*
* Define the server side of the test.
*
@ -100,8 +151,10 @@ public class ClientAuth extends PKCS11Test {
//ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
ctx.init(kmf.getKeyManagers(), null, null);
ServerSocketFactory ssf = ctx.getServerSocketFactory();
SSLServerSocket sslServerSocket = (SSLServerSocket)
ssf.createServerSocket(serverPort);
InetSocketAddress socketAddress =
new InetSocketAddress(InetAddress.getLoopbackAddress(), serverPort);
SSLServerSocket sslServerSocket = (SSLServerSocket) ssf.createServerSocket();
sslServerSocket.bind(socketAddress);
sslServerSocket.setNeedClientAuth(true);
serverPort = sslServerSocket.getLocalPort();
System.out.println("serverPort = " + serverPort);
@ -109,7 +162,7 @@ public class ClientAuth extends PKCS11Test {
/*
* Signal Client, we're ready for his connect.
*/
serverReady = true;
serverReadyLatch.countDown();
SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();
InputStream sslIS = sslSocket.getInputStream();
@ -133,9 +186,7 @@ public class ClientAuth extends PKCS11Test {
/*
* Wait for server to get started.
*/
while (!serverReady) {
Thread.sleep(50);
}
serverReadyLatch.await();
SSLContext ctx = SSLContext.getInstance("TLS");
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
@ -196,15 +247,6 @@ public class ClientAuth extends PKCS11Test {
}
}
public static void main(String[] args) throws Exception {
Security.setProperty("jdk.tls.disabledAlgorithms", "");
Security.setProperty("jdk.certpath.disabledAlgorithms", "");
// Get the customized arguments.
parseArguments(args);
main(new ClientAuth());
}
public void main(Provider p) throws Exception {
// SSL RSA client auth currently needs an RSA cipher
// (cf. NONEwithRSA hack), which is currently not available in
@ -303,24 +345,22 @@ public class ClientAuth extends PKCS11Test {
}
}
void startServer(boolean newThread) throws Exception {
void startServer (boolean newThread) {
if (newThread) {
serverThread = new Thread() {
public void run() {
try {
doServerSide();
} catch (Exception e) {
/*
* Our server thread just died.
*
* Release the client, if not active already...
*/
System.err.println("Server died...");
serverReady = true;
serverException = e;
}
serverThread = new Thread(() -> {
try {
doServerSide();
} catch (Exception e) {
/*
* Our server thread just died.
*
* Release the client, if not active already...
*/
System.err.println("Server died...");
serverReadyLatch.countDown();
serverException = e;
}
};
});
serverThread.start();
} else {
try {
@ -328,26 +368,24 @@ public class ClientAuth extends PKCS11Test {
} catch (Exception e) {
serverException = e;
} finally {
serverReady = true;
serverReadyLatch.countDown();
}
}
}
void startClient(boolean newThread) throws Exception {
void startClient (boolean newThread) {
if (newThread) {
clientThread = new Thread() {
public void run() {
try {
doClientSide();
} catch (Exception e) {
/*
* Our client thread just died.
*/
System.err.println("Client died...");
clientException = e;
}
clientThread = new Thread(() -> {
try {
doClientSide();
} catch (Exception e) {
/*
* Our client thread just died.
*/
System.err.println("Client died...");
clientException = e;
}
};
});
clientThread.start();
} else {
try {

166
test/jdk/sun/security/pkcs11/KeyStore/ClientAuth.sh
View File

@ -1,166 +0,0 @@
#
# Copyright (c) 2003, 2020, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 2 only, as
# published by the Free Software Foundation.
#
# This code is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# version 2 for more details (a copy is included in the LICENSE file that
# accompanied this code).
#
# You should have received a copy of the GNU General Public License version
# 2 along with this work; if not, write to the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
# or visit www.oracle.com if you need additional information or have any
# questions.
#
# @test
# @bug 4938185 7106773
# @summary KeyStore support for NSS cert/key databases
# 512 bits RSA key cannot work with SHA384 and SHA512
# @library /test/lib
# @run shell ClientAuth.sh
# set a few environment variables so that the shell-script can run stand-alone
# in the source directory
if [ "${TESTSRC}" = "" ] ; then
TESTSRC=`pwd`
fi
if [ "${TESTCLASSES}" = "" ] ; then
TESTCLASSES=`pwd`
fi
if [ "${TESTJAVA}" = "" ] ; then
TESTJAVA="/net/radiant/export1/charlie/mustang/build/solaris-sparc"
fi
if [ "${COMPILEJAVA}" = "" ]; then
COMPILEJAVA="${TESTJAVA}"
fi
echo TESTSRC=${TESTSRC}
echo TESTCLASSES=${TESTCLASSES}
echo TESTJAVA=${TESTJAVA}
echo COMPILEJAVA=${COMPILEJAVA}
echo CPAPPEND=${CPAPPEND}
echo ""
OS=`uname -s`
case "$OS" in
Linux )
ARCH=`uname -m`
case "$ARCH" in
i[3-6]86 )
FS="/"
PS=":"
CP="${FS}bin${FS}cp"
CHMOD="${FS}bin${FS}chmod"
;;
* )
# ia64 )
# x86_64 )
echo "Unsupported System: Linux ${ARCH}"
exit 0;
;;
esac
;;
Windows* )
FS="\\"
PS=";"
CP="cp"
CHMOD="chmod"
# 'uname -m' does not give us enough information -
# should rely on $PROCESSOR_IDENTIFIER (as is done in Defs-windows.gmk),
# but JTREG does not pass this env variable when executing a shell script.
#
# execute test program - rely on it to exit if platform unsupported
;;
* )
echo "Unsupported System: ${OS}"
exit 0;
;;
esac
# first make cert/key DBs writable
${CP} ${TESTSRC}${FS}ClientAuthData${FS}cert8.db ${TESTCLASSES}
${CHMOD} +w ${TESTCLASSES}${FS}cert8.db
${CP} ${TESTSRC}${FS}ClientAuthData${FS}key3.db ${TESTCLASSES}
${CHMOD} +w ${TESTCLASSES}${FS}key3.db
# compile test
${COMPILEJAVA}${FS}bin${FS}javac ${TESTJAVACOPTS} ${TESTTOOLVMOPTS} \
-classpath ${TESTSRC} \
-d ${TESTCLASSES} \
${TESTSRC}${FS}..${FS}..${FS}..${FS}..${FS}..${FS}lib${FS}jdk${FS}test${FS}lib${FS}artifacts${FS}*.java \
${TESTSRC}${FS}ClientAuth.java \
${TESTSRC}${FS}..${FS}PKCS11Test.java
# run test
echo "Run ClientAuth TLSv1 ..."
${TESTJAVA}${FS}bin${FS}java ${TESTVMOPTS} \
-classpath ${TESTCLASSES}${PS}${CPAPPEND} \
-DDIR=${TESTSRC}${FS}ClientAuthData${FS} \
-DCUSTOM_DB_DIR=${TESTCLASSES} \
-DCUSTOM_P11_CONFIG=${TESTSRC}${FS}ClientAuthData${FS}p11-nss.txt \
-DNO_DEFAULT=true \
-DNO_DEIMOS=true \
-Dtest.src=${TESTSRC} \
-Dtest.classes=${TESTCLASSES} \
ClientAuth TLSv1
# save error status
status=$?
# return if failed
if [ "${status}" != "0" ] ; then
exit $status
fi
# run test
echo "Run ClientAuth TLSv1.1 ..."
${TESTJAVA}${FS}bin${FS}java ${TESTVMOPTS} \
-classpath ${TESTCLASSES}${PS}${CPAPPEND} \
-DDIR=${TESTSRC}${FS}ClientAuthData${FS} \
-DCUSTOM_DB_DIR=${TESTCLASSES} \
-DCUSTOM_P11_CONFIG=${TESTSRC}${FS}ClientAuthData${FS}p11-nss.txt \
-DNO_DEFAULT=true \
-DNO_DEIMOS=true \
-Dtest.src=${TESTSRC} \
-Dtest.classes=${TESTCLASSES} \
ClientAuth TLSv1.1
# save error status
status=$?
# return if failed
if [ "${status}" != "0" ] ; then
exit $status
fi
# run test with specified TLS protocol and cipher suite
echo "Run ClientAuth TLSv1.2 TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
${TESTJAVA}${FS}bin${FS}java ${TESTVMOPTS} \
-classpath ${TESTCLASSES}${PS}${CPAPPEND} \
-DDIR=${TESTSRC}${FS}ClientAuthData${FS} \
-DCUSTOM_DB_DIR=${TESTCLASSES} \
-DCUSTOM_P11_CONFIG=${TESTSRC}${FS}ClientAuthData${FS}p11-nss.txt \
-DNO_DEFAULT=true \
-DNO_DEIMOS=true \
-Dtest.src=${TESTSRC} \
-Dtest.classes=${TESTCLASSES} \
ClientAuth TLSv1.2 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
# save error status
status=$?
# return
exit $status

BIN
test/jdk/sun/security/pkcs11/KeyStore/ClientAuthData/cert8.db
View File

Binary file not shown.

BIN
test/jdk/sun/security/pkcs11/KeyStore/ClientAuthData/key3.db
View File

Binary file not shown.

BIN
test/jdk/sun/security/pkcs11/KeyStore/ClientAuthData/secmod.db
View File

Binary file not shown.

BIN
test/jdk/sun/security/pkcs11/KeyStore/ClientAuthData/truststore
View File

Binary file not shown.

23
test/jdk/sun/security/pkcs11/KeyStore/SecretKeysBasic.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2008, 2014, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2008, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -20,8 +20,17 @@
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/* @test
* @bug 6599979
* @summary Ensure that re-assigning the alias works
* @library /test/lib ..
* @run testng/othervm SecretKeysBasic
*/
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
import java.io.*;
import java.nio.file.Path;
import java.util.*;
import java.security.*;
import javax.crypto.*;
@ -42,7 +51,17 @@ public class SecretKeysBasic extends PKCS11Test {
private static final String KS_TYPE = "PKCS11";
private static Provider provider;
public static void main(String[] args) throws Exception {
@BeforeClass
public void setUp() throws Exception {
copyNssCertKeyToClassesDir();
setCommonSystemProps();
System.setProperty("TOKEN", "nss");
System.setProperty("CUSTOM_P11_CONFIG", Path.of(BASE)
.resolve("BasicData").resolve("p11-nss.txt").toString());
}
@Test
public void testBasic() throws Exception {
main(new SecretKeysBasic());
}

156
test/jdk/sun/security/pkcs11/KeyStore/SecretKeysBasic.sh
View File

@ -1,156 +0,0 @@
#
# Copyright (c) 2008, 2020, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 2 only, as
# published by the Free Software Foundation.
#
# This code is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# version 2 for more details (a copy is included in the LICENSE file that
# accompanied this code).
#
# You should have received a copy of the GNU General Public License version
# 2 along with this work; if not, write to the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
# or visit www.oracle.com if you need additional information or have any
# questions.
#
# @test
# @bug 6599979
# @summary Ensure that re-assigning the alias works
#
# @library /test/lib ..
# @build SecretKeysBasic
# @run shell SecretKeysBasic.sh
#
# To run by hand:
# %sh SecretKeysBasic.sh
#
# Note:
# . test only runs on solaris at the moment
# set a few environment variables so that the shell-script can run stand-alone
# in the source directory
# if running by hand on windows, change TESTSRC and TESTCLASSES to "."
if [ "${TESTSRC}" = "" ] ; then
TESTSRC=`pwd`
fi
if [ "${TESTCLASSES}" = "" ] ; then
TESTCLASSES=`pwd`
fi
if [ "${TESTJAVA}" = "" ] ; then
JAVAC_CMD=`which javac`
TESTJAVA=`dirname $JAVAC_CMD`/..
fi
echo TESTSRC=${TESTSRC}
echo TESTCLASSES=${TESTCLASSES}
echo TESTJAVA=${TESTJAVA}
echo CPAPPEND=${CPAPPEND}
echo ""
#DEBUG=sunpkcs11,pkcs11keystore
echo DEBUG=${DEBUG}
echo ""
OS=`uname -s`
case "$OS" in
Windows_* )
FS="\\"
PS=";"
TOKENS="nss"
;;
CYGWIN* )
FS="/"
PS=";"
TOKENS="nss"
;;
* )
FS="/"
PS=":"
TOKENS="nss"
;;
esac
CP="cp -f"
RM="rm -rf"
MKDIR="mkdir -p"
CHMOD="chmod"
STATUS=0
for token in ${TOKENS}
do
if [ ${token} = "nss" ]
then
# make cert/key DBs writable if token is NSS
${CP} ${TESTSRC}${FS}..${FS}nss${FS}db${FS}cert8.db ${TESTCLASSES}
${CHMOD} +w ${TESTCLASSES}${FS}cert8.db
${CP} ${TESTSRC}${FS}..${FS}nss${FS}db${FS}key3.db ${TESTCLASSES}
${CHMOD} +w ${TESTCLASSES}${FS}key3.db
USED_FILE_LIST="${TESTCLASSES}${FS}cert8.db ${TESTCLASSES}${FS}key3.db"
elif [ ${token} = "solaris" ]
then
# copy keystore into write-able location
if [ -d ${TESTCLASSES}${FS}pkcs11_softtoken ]
then
echo "Removing old pkcs11_keystore, creating new pkcs11_keystore"
echo ${RM} ${TESTCLASSES}${FS}pkcs11_softtoken
${RM} ${TESTCLASSES}${FS}pkcs11_softtoken
fi
echo ${MKDIR} ${TESTCLASSES}${FS}pkcs11_softtoken${FS}private
${MKDIR} ${TESTCLASSES}${FS}pkcs11_softtoken${FS}private
echo ${MKDIR} ${TESTCLASSES}${FS}pkcs11_softtoken${FS}public
${MKDIR} ${TESTCLASSES}${FS}pkcs11_softtoken${FS}public
echo ${CP} ${TESTSRC}${FS}BasicData${FS}pkcs11_softtoken${FS}objstore_info \
${TESTCLASSES}${FS}pkcs11_softtoken
${CP} ${TESTSRC}${FS}BasicData${FS}pkcs11_softtoken${FS}objstore_info \
${TESTCLASSES}${FS}pkcs11_softtoken
echo ${CHMOD} +w ${TESTCLASSES}${FS}pkcs11_softtoken${FS}objstore_info
${CHMOD} 600 ${TESTCLASSES}${FS}pkcs11_softtoken${FS}objstore_info
USED_FILE_LIST="${TESTCLASSES}${FS}pkcs11_softtoken"
fi
# run test
cd ${TESTSRC}
${TESTJAVA}${FS}bin${FS}java ${TESTVMOPTS} \
-DDIR=${TESTSRC}${FS}BasicData${FS} \
-classpath \
${TESTCLASSES}${PS}${TESTCLASSES}${FS}..${PS}${TESTSRC}${FS}loader.jar${PS}${CPAPPEND} \
-DCUSTOM_DB_DIR=${TESTCLASSES} \
-DCUSTOM_P11_CONFIG=${TESTSRC}${FS}BasicData${FS}p11-${token}.txt \
-DNO_DEFAULT=true \
-DNO_DEIMOS=true \
-DTOKEN=${token} \
-Djava.security.debug=${DEBUG} \
SecretKeysBasic
# -DCUSTOM_P11_CONFIG=${TESTSRC}${FS}BasicData${FS}p11-${token}.txt \
# save error status
if [ $? != 0 ]
then
echo "Test against " ${token} " Failed!"
STATUS=1
fi
# clean up
${RM} ${USED_FILE_LIST}
done
# return
exit ${STATUS}

28
test/jdk/sun/security/pkcs11/PKCS11Test.java
View File

@ -35,6 +35,7 @@ import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.StandardCopyOption;
import java.security.AlgorithmParameters;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPairGenerator;
@ -72,6 +73,8 @@ public abstract class PKCS11Test {
// directory of the test source
static final String BASE = System.getProperty("test.src", ".");
static final String TEST_CLASSES = System.getProperty("test.classes", ".");
static final char SEP = File.separatorChar;
private static final String DEFAULT_POLICY =
@ -861,6 +864,31 @@ public abstract class PKCS11Test {
return path;
}
protected void setCommonSystemProps() {
System.setProperty("java.security.debug", "true");
System.setProperty("NO_DEIMOS", "true");
System.setProperty("NO_DEFAULT", "true");
System.setProperty("CUSTOM_DB_DIR", TEST_CLASSES);
}
protected void copyNssCertKeyToClassesDir() throws IOException {
Path dbPath = Path.of(BASE).getParent().resolve("nss").resolve("db");
copyNssCertKeyToClassesDir(dbPath);
}
protected void copyNssCertKeyToClassesDir(Path dbPath) throws IOException {
Path destinationPath = Path.of(TEST_CLASSES);
String keyDbFile = "key3.db";
String certDbFile = "cert8.db";
Files.copy(dbPath.resolve(certDbFile),
destinationPath.resolve(certDbFile),
StandardCopyOption.REPLACE_EXISTING);
Files.copy(dbPath.resolve(keyDbFile),
destinationPath.resolve(keyDbFile),
StandardCopyOption.REPLACE_EXISTING);
}
@Artifact(
organization = "jpg.tests.jdk.nsslib",
name = "nsslib-windows_x64",

25
test/jdk/sun/security/pkcs11/Provider/ConfigQuotedString.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2004, 2015, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2004, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -21,14 +21,29 @@
* questions.
*/
import java.io.*;
import java.util.*;
/* @test
* @bug 5070773
* @summary SunPKCS11 provider does not support spaces config's provider name
* @library /test/lib ..
* @run testng/othervm ConfigQuotedString
*/
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
import java.nio.file.Path;
import java.security.*;
import javax.security.auth.callback.*;
public class ConfigQuotedString extends PKCS11Test {
public static void main(String[] args) throws Exception {
@BeforeClass
public void setUp() throws Exception {
Path configPath = Path.of(BASE).resolve("ConfigQuotedString-nss.txt");
System.setProperty("CUSTOM_P11_CONFIG", configPath.toString());
}
@Test
public void testQuotedString() throws Exception {
main(new ConfigQuotedString());
}

120
test/jdk/sun/security/pkcs11/Provider/ConfigQuotedString.sh
View File

@ -1,120 +0,0 @@
#
# Copyright (c) 2004, 2020, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 2 only, as
# published by the Free Software Foundation.
#
# This code is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# version 2 for more details (a copy is included in the LICENSE file that
# accompanied this code).
#
# You should have received a copy of the GNU General Public License version
# 2 along with this work; if not, write to the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
# or visit www.oracle.com if you need additional information or have any
# questions.
#
# @test
# @bug 5070773
# @summary SunPKCS11 provider does not support spaces config's provider name
# @run shell ConfigQuotedString.sh
# set a few environment variables so that the shell-script can run stand-alone
# in the source directory
# if running by hand on windows, change TESTSRC and TESTCLASSES to "."
if [ "${TESTSRC}" = "" ] ; then
TESTSRC=`pwd`
fi
if [ "${TESTCLASSES}" = "" ] ; then
TESTCLASSES=`pwd`
fi
# if running by hand on windows, change this to appropriate value
if [ "${TESTJAVA}" = "" ] ; then
TESTJAVA="/net/radiant/export1/charlie/mustang/build/solaris-sparc"
fi
if [ "${COMPILEJAVA}" = "" ]; then
COMPILEJAVA="${TESTJAVA}"
fi
echo TESTSRC=${TESTSRC}
echo TESTCLASSES=${TESTCLASSES}
echo TESTJAVA=${TESTJAVA}
echo COMPILEJAVA=${COMPILEJAVA}
echo CPAPPEND=${CPAPPEND}
echo ""
# let java test exit if platform unsupported
OS=`uname -s`
case "$OS" in
Linux )
FS="/"
PS=":"
CP="${FS}bin${FS}cp"
CHMOD="${FS}bin${FS}chmod"
;;
Darwin )
FS="/"
PS=":"
CP="${FS}bin${FS}cp"
CHMOD="${FS}bin${FS}chmod"
;;
AIX )
FS="/"
PS=":"
CP="${FS}bin${FS}cp"
CHMOD="${FS}bin${FS}chmod"
;;
Windows* )
FS="\\"
PS=";"
CP="cp"
CHMOD="chmod"
;;
CYGWIN* )
FS="/"
PS=";"
CP="cp"
CHMOD="chmod"
#
# javac does not like /cygdrive produced by `pwd`
#
TESTSRC=`cygpath -d ${TESTSRC}`
;;
* )
echo "Unrecognized system!"
exit 1;
;;
esac
# compile test
${COMPILEJAVA}${FS}bin${FS}javac ${TESTJAVACOPTS} ${TESTTOOLVMOPTS} \
-classpath ${TESTSRC}${FS}.. \
-d ${TESTCLASSES} \
${TESTSRC}${FS}..${FS}..${FS}..${FS}..${FS}..${FS}lib${FS}jdk${FS}test${FS}lib${FS}artifacts${FS}*.java \
${TESTSRC}${FS}ConfigQuotedString.java \
${TESTSRC}${FS}..${FS}PKCS11Test.java
# run test
${TESTJAVA}${FS}bin${FS}java ${TESTVMOPTS} \
-classpath ${TESTCLASSES}${PS}${CPAPPEND} \
-DCUSTOM_P11_CONFIG=${TESTSRC}${FS}ConfigQuotedString-nss.txt \
-Dtest.src=${TESTSRC} \
-Dtest.classes=${TESTCLASSES} \
ConfigQuotedString
# save error status
status=$?
# return
exit $status

32
test/jdk/sun/security/pkcs11/Provider/Login.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -21,8 +21,18 @@
* questions.
*/
/* @test
* @bug 4850423
* @summary login facilities for hardware tokens
* @library /test/lib ..
* @run testng/othervm -Djava.security.manager=allow Login
*/
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
import java.io.*;
import java.util.*;
import java.nio.file.Path;
import java.security.*;
import javax.security.auth.callback.*;
@ -34,7 +44,17 @@ public class Login extends PKCS11Test {
private static final String KS_TYPE = "PKCS11";
private static char[] password;
public static void main(String[] args) throws Exception {
@BeforeClass
public void setUp() throws Exception {
copyNssCertKeyToClassesDir();
setCommonSystemProps();
System.setProperty("CUSTOM_P11_CONFIG",
Path.of(BASE).resolve("Login-nss.txt").toString());
}
@Test
public void testLogin() throws Exception {
String[] args = new String[]{ "sm", "Login.policy"};
main(new Login(), args);
}
@ -45,14 +65,13 @@ public class Login extends PKCS11Test {
KeyStore ks = KeyStore.getInstance(KS_TYPE, p);
// check instance
if (ks.getProvider() instanceof java.security.AuthProvider) {
if (ks.getProvider() instanceof AuthProvider ap) {
System.out.println("keystore provider instance of AuthProvider");
System.out.println("test " + testnum++ + " passed");
} else {
throw new SecurityException("did not get AuthProvider KeyStore");
}
AuthProvider ap = (AuthProvider)ks.getProvider();
try {
// test app-provided callback
@ -107,10 +126,9 @@ public class Login extends PKCS11Test {
public static class PasswordCallbackHandler implements CallbackHandler {
public void handle(Callback[] callbacks)
throws IOException, UnsupportedCallbackException {
if (!(callbacks[0] instanceof PasswordCallback)) {
if (!(callbacks[0] instanceof PasswordCallback pc)) {
throw new UnsupportedCallbackException(callbacks[0]);
}
PasswordCallback pc = (PasswordCallback)callbacks[0];
pc.setPassword(Login.password);
}
}

134
test/jdk/sun/security/pkcs11/Provider/Login.sh
View File

@ -1,134 +0,0 @@
#
# Copyright (c) 2004, 2020, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 2 only, as
# published by the Free Software Foundation.
#
# This code is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# version 2 for more details (a copy is included in the LICENSE file that
# accompanied this code).
#
# You should have received a copy of the GNU General Public License version
# 2 along with this work; if not, write to the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
# or visit www.oracle.com if you need additional information or have any
# questions.
#
# @test
# @bug 4850423
# @summary login facilities for hardware tokens
#
# @run shell Login.sh
# set a few environment variables so that the shell-script can run stand-alone
# in the source directory
# if running by hand on windows, change TESTSRC and TESTCLASSES to "."
if [ "${TESTSRC}" = "" ] ; then
TESTSRC=`pwd`
fi
if [ "${TESTCLASSES}" = "" ] ; then
TESTCLASSES=`pwd`
fi
# if running by hand on windows, change this to appropriate value
if [ "${TESTJAVA}" = "" ] ; then
TESTJAVA="/net/radiant/export1/charlie/mustang/build/solaris-sparc"
fi
if [ "${COMPILEJAVA}" = "" ]; then
COMPILEJAVA="${TESTJAVA}"
fi
echo TESTSRC=${TESTSRC}
echo TESTCLASSES=${TESTCLASSES}
echo TESTJAVA=${TESTJAVA}
echo COMPILEJAVA=${COMPILEJAVA}
echo CPAPPEND=${CPAPPEND}
echo ""
# let java test exit if platform unsupported
OS=`uname -s`
case "$OS" in
Linux )
FS="/"
PS=":"
CP="${FS}bin${FS}cp"
CHMOD="${FS}bin${FS}chmod"
;;
Darwin )
FS="/"
PS=":"
CP="${FS}bin${FS}cp"
CHMOD="${FS}bin${FS}chmod"
;;
AIX )
FS="/"
PS=":"
CP="${FS}bin${FS}cp"
CHMOD="${FS}bin${FS}chmod"
;;
Windows* )
FS="\\"
PS=";"
CP="cp"
CHMOD="chmod"
;;
CYGWIN* )
FS="/"
PS=";"
CP="cp"
CHMOD="chmod"
#
# javac does not like /cygdrive produced by `pwd`
#
TESTSRC=`cygpath -d ${TESTSRC}`
;;
* )
echo "Unrecognized system!"
exit 1;
;;
esac
# first make cert/key DBs writable
${CP} ${TESTSRC}${FS}..${FS}nss${FS}db${FS}cert8.db ${TESTCLASSES}
${CHMOD} +w ${TESTCLASSES}${FS}cert8.db
${CP} ${TESTSRC}${FS}..${FS}nss${FS}db${FS}key3.db ${TESTCLASSES}
${CHMOD} +w ${TESTCLASSES}${FS}key3.db
# compile test
${COMPILEJAVA}${FS}bin${FS}javac ${TESTJAVACOPTS} ${TESTTOOLVMOPTS} \
-classpath ${TESTSRC}${FS}.. \
-d ${TESTCLASSES} \
${TESTSRC}${FS}..${FS}..${FS}..${FS}..${FS}..${FS}lib${FS}jdk${FS}test${FS}lib${FS}artifacts${FS}*.java \
${TESTSRC}${FS}Login.java \
${TESTSRC}${FS}..${FS}PKCS11Test.java
# run test
${TESTJAVA}${FS}bin${FS}java ${TESTVMOPTS} \
-classpath ${TESTCLASSES}${PS}${CPAPPEND} \
-DCUSTOM_DB_DIR=${TESTCLASSES} \
-DCUSTOM_P11_CONFIG=${TESTSRC}${FS}Login-nss.txt \
-DNO_DEFAULT=true \
-DNO_DEIMOS=true \
-Dtest.src=${TESTSRC} \
-Dtest.classes=${TESTCLASSES} \
-Djava.security.debug=${DEBUG} \
-Djava.security.manager=allow \
Login sm Login.policy
# save error status
status=$?
# return
exit $status