8308398: Move SunEC crypto provider into java.base
Reviewed-by: valeriep, alanb
This commit is contained in:
parent
69a46c25cc
commit
e737968792
@ -1,5 +1,5 @@
|
|||||||
#
|
#
|
||||||
# Copyright (c) 2014, 2020, Oracle and/or its affiliates. All rights reserved.
|
# Copyright (c) 2014, 2023, Oracle and/or its affiliates. All rights reserved.
|
||||||
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
#
|
#
|
||||||
# This code is free software; you can redistribute it and/or modify it
|
# This code is free software; you can redistribute it and/or modify it
|
||||||
@ -41,7 +41,6 @@ $(eval $(call SetupZipArchive,BUILD_SEC_BIN_ZIP, \
|
|||||||
modules/java.base/sun/security/internal/interfaces \
|
modules/java.base/sun/security/internal/interfaces \
|
||||||
modules/java.base/sun/security/internal/spec \
|
modules/java.base/sun/security/internal/spec \
|
||||||
modules/java.base/com/sun/crypto/provider \
|
modules/java.base/com/sun/crypto/provider \
|
||||||
modules/jdk.crypto.ec/sun/security/ec \
|
|
||||||
modules/jdk.crypto.mscapi/sun/security/mscapi \
|
modules/jdk.crypto.mscapi/sun/security/mscapi \
|
||||||
modules/jdk.crypto.cryptoki/sun/security/pkcs11 \
|
modules/jdk.crypto.cryptoki/sun/security/pkcs11 \
|
||||||
modules/jdk.crypto.cryptoki/sun/security/pkcs11/wrapper \
|
modules/jdk.crypto.cryptoki/sun/security/pkcs11/wrapper \
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
#
|
#
|
||||||
# Copyright (c) 2014, 2022, Oracle and/or its affiliates. All rights reserved.
|
# Copyright (c) 2014, 2023, Oracle and/or its affiliates. All rights reserved.
|
||||||
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
#
|
#
|
||||||
# This code is free software; you can redistribute it and/or modify it
|
# This code is free software; you can redistribute it and/or modify it
|
||||||
@ -36,7 +36,6 @@ DOCS_MODULES= \
|
|||||||
jdk.charsets \
|
jdk.charsets \
|
||||||
jdk.compiler \
|
jdk.compiler \
|
||||||
jdk.crypto.cryptoki \
|
jdk.crypto.cryptoki \
|
||||||
jdk.crypto.ec \
|
|
||||||
jdk.dynalink \
|
jdk.dynalink \
|
||||||
jdk.editpad \
|
jdk.editpad \
|
||||||
jdk.hotspot.agent \
|
jdk.hotspot.agent \
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
#
|
#
|
||||||
# Copyright (c) 2014, 2022, Oracle and/or its affiliates. All rights reserved.
|
# Copyright (c) 2014, 2023, Oracle and/or its affiliates. All rights reserved.
|
||||||
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
#
|
#
|
||||||
# This code is free software; you can redistribute it and/or modify it
|
# This code is free software; you can redistribute it and/or modify it
|
||||||
@ -77,7 +77,6 @@ PLATFORM_MODULES= \
|
|||||||
jdk.accessibility \
|
jdk.accessibility \
|
||||||
jdk.charsets \
|
jdk.charsets \
|
||||||
jdk.crypto.cryptoki \
|
jdk.crypto.cryptoki \
|
||||||
jdk.crypto.ec \
|
|
||||||
jdk.dynalink \
|
jdk.dynalink \
|
||||||
jdk.httpserver \
|
jdk.httpserver \
|
||||||
jdk.jsobject \
|
jdk.jsobject \
|
||||||
|
@ -322,25 +322,21 @@ module java.base {
|
|||||||
java.sql.rowset;
|
java.sql.rowset;
|
||||||
exports sun.security.action to
|
exports sun.security.action to
|
||||||
java.desktop,
|
java.desktop,
|
||||||
java.security.jgss,
|
java.security.jgss;
|
||||||
jdk.crypto.ec;
|
|
||||||
exports sun.security.internal.interfaces to
|
exports sun.security.internal.interfaces to
|
||||||
jdk.crypto.cryptoki;
|
jdk.crypto.cryptoki;
|
||||||
exports sun.security.internal.spec to
|
exports sun.security.internal.spec to
|
||||||
jdk.crypto.cryptoki;
|
jdk.crypto.cryptoki;
|
||||||
exports sun.security.jca to
|
exports sun.security.jca to
|
||||||
java.smartcardio,
|
java.smartcardio,
|
||||||
jdk.crypto.ec,
|
|
||||||
jdk.crypto.cryptoki,
|
jdk.crypto.cryptoki,
|
||||||
jdk.naming.dns;
|
jdk.naming.dns;
|
||||||
exports sun.security.pkcs to
|
exports sun.security.pkcs to
|
||||||
jdk.crypto.ec,
|
|
||||||
jdk.jartool;
|
jdk.jartool;
|
||||||
exports sun.security.provider to
|
exports sun.security.provider to
|
||||||
java.rmi,
|
java.rmi,
|
||||||
java.security.jgss,
|
java.security.jgss,
|
||||||
jdk.crypto.cryptoki,
|
jdk.crypto.cryptoki,
|
||||||
jdk.crypto.ec,
|
|
||||||
jdk.security.auth;
|
jdk.security.auth;
|
||||||
exports sun.security.provider.certpath to
|
exports sun.security.provider.certpath to
|
||||||
java.naming,
|
java.naming,
|
||||||
@ -359,17 +355,11 @@ module java.base {
|
|||||||
java.security.sasl,
|
java.security.sasl,
|
||||||
java.smartcardio,
|
java.smartcardio,
|
||||||
java.xml.crypto,
|
java.xml.crypto,
|
||||||
jdk.crypto.ec,
|
|
||||||
jdk.crypto.cryptoki,
|
jdk.crypto.cryptoki,
|
||||||
jdk.jartool,
|
jdk.jartool,
|
||||||
jdk.security.auth,
|
jdk.security.auth,
|
||||||
jdk.security.jgss;
|
jdk.security.jgss;
|
||||||
exports sun.security.util.math to
|
|
||||||
jdk.crypto.ec;
|
|
||||||
exports sun.security.util.math.intpoly to
|
|
||||||
jdk.crypto.ec;
|
|
||||||
exports sun.security.x509 to
|
exports sun.security.x509 to
|
||||||
jdk.crypto.ec,
|
|
||||||
jdk.crypto.cryptoki,
|
jdk.crypto.cryptoki,
|
||||||
jdk.jartool;
|
jdk.jartool;
|
||||||
exports sun.security.validator to
|
exports sun.security.validator to
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -176,40 +176,42 @@ final class ProviderConfig {
|
|||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Create providers which are in java.base directly
|
p = switch (provName) {
|
||||||
if (provName.equals("SUN") || provName.equals("sun.security.provider.Sun")) {
|
case "SUN", "sun.security.provider.Sun" ->
|
||||||
p = new sun.security.provider.Sun();
|
new sun.security.provider.Sun();
|
||||||
} else if (provName.equals("SunRsaSign") || provName.equals("sun.security.rsa.SunRsaSign")) {
|
case "SunRsaSign", "sun.security.rsa.SunRsaSign" ->
|
||||||
p = new sun.security.rsa.SunRsaSign();
|
new sun.security.rsa.SunRsaSign();
|
||||||
} else if (provName.equals("SunJCE") || provName.equals("com.sun.crypto.provider.SunJCE")) {
|
case "SunJCE", "com.sun.crypto.provider.SunJCE" ->
|
||||||
p = new com.sun.crypto.provider.SunJCE();
|
new com.sun.crypto.provider.SunJCE();
|
||||||
} else if (provName.equals("SunJSSE")) {
|
case "SunJSSE" -> new sun.security.ssl.SunJSSE();
|
||||||
p = new sun.security.ssl.SunJSSE();
|
case "SunEC" -> new sun.security.ec.SunEC();
|
||||||
} else if (provName.equals("Apple") || provName.equals("apple.security.AppleProvider")) {
|
case "Apple", "apple.security.AppleProvider" -> {
|
||||||
// need to use reflection since this class only exists on MacOsx
|
// Reflection is needed for compile time as the class
|
||||||
|
// is not available for non-macosx systems
|
||||||
@SuppressWarnings("removal")
|
@SuppressWarnings("removal")
|
||||||
var tmp = AccessController.doPrivileged(new PrivilegedAction<Provider>() {
|
var tmp = AccessController.doPrivileged(
|
||||||
|
new PrivilegedAction<Provider>() {
|
||||||
public Provider run() {
|
public Provider run() {
|
||||||
try {
|
try {
|
||||||
Class<?> c = Class.forName("apple.security.AppleProvider");
|
Class<?> c = Class.forName(
|
||||||
|
"apple.security.AppleProvider");
|
||||||
if (Provider.class.isAssignableFrom(c)) {
|
if (Provider.class.isAssignableFrom(c)) {
|
||||||
@SuppressWarnings("deprecation")
|
@SuppressWarnings("deprecation")
|
||||||
Object tmp = c.newInstance();
|
Object tmp = c.newInstance();
|
||||||
return (Provider) tmp;
|
return (Provider) tmp;
|
||||||
} else {
|
|
||||||
return null;
|
|
||||||
}
|
}
|
||||||
} catch (Exception ex) {
|
} catch (Exception ex) {
|
||||||
if (debug != null) {
|
if (debug != null) {
|
||||||
debug.println("Error loading provider Apple");
|
debug.println("Error loading provider Apple");
|
||||||
ex.printStackTrace();
|
ex.printStackTrace();
|
||||||
}
|
}
|
||||||
|
}
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
}
|
|
||||||
});
|
});
|
||||||
p = tmp;
|
yield tmp;
|
||||||
} else {
|
}
|
||||||
|
default -> {
|
||||||
if (isLoading) {
|
if (isLoading) {
|
||||||
// because this method is synchronized, this can only
|
// because this method is synchronized, this can only
|
||||||
// happen if there is recursion.
|
// happen if there is recursion.
|
||||||
@ -217,16 +219,17 @@ final class ProviderConfig {
|
|||||||
debug.println("Recursion loading provider: " + this);
|
debug.println("Recursion loading provider: " + this);
|
||||||
new Exception("Call trace").printStackTrace();
|
new Exception("Call trace").printStackTrace();
|
||||||
}
|
}
|
||||||
return null;
|
yield null;
|
||||||
}
|
}
|
||||||
try {
|
try {
|
||||||
isLoading = true;
|
isLoading = true;
|
||||||
tries++;
|
tries++;
|
||||||
p = doLoadProvider();
|
yield doLoadProvider();
|
||||||
} finally {
|
} finally {
|
||||||
isLoading = false;
|
isLoading = false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
};
|
||||||
provider = p;
|
provider = p;
|
||||||
}
|
}
|
||||||
return p;
|
return p;
|
||||||
|
@ -544,8 +544,8 @@ public class AlgorithmId implements Serializable, DerEncoder {
|
|||||||
if (pn != null && mn != null) {
|
if (pn != null && mn != null) {
|
||||||
return ((mn.equals("java.base") &&
|
return ((mn.equals("java.base") &&
|
||||||
(pn.equals("SUN") || pn.equals("SunRsaSign") ||
|
(pn.equals("SUN") || pn.equals("SunRsaSign") ||
|
||||||
pn.equals("SunJCE") || pn.equals("SunJSSE"))) ||
|
pn.equals("SunJCE") || pn.equals("SunJSSE") ||
|
||||||
(mn.equals("jdk.crypto.ec") && pn.equals("SunEC")) ||
|
pn.equals("SunEC"))) ||
|
||||||
(mn.equals("jdk.crypto.mscapi") && pn.equals("SunMSCAPI")) ||
|
(mn.equals("jdk.crypto.mscapi") && pn.equals("SunMSCAPI")) ||
|
||||||
(mn.equals("jdk.crypto.cryptoki") &&
|
(mn.equals("jdk.crypto.cryptoki") &&
|
||||||
pn.startsWith("SunPKCS11")));
|
pn.startsWith("SunPKCS11")));
|
||||||
|
@ -127,15 +127,6 @@ grant codeBase "jrt:/jdk.charsets" {
|
|||||||
permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.cs";
|
permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.cs";
|
||||||
};
|
};
|
||||||
|
|
||||||
grant codeBase "jrt:/jdk.crypto.ec" {
|
|
||||||
permission java.lang.RuntimePermission
|
|
||||||
"accessClassInPackage.sun.security.*";
|
|
||||||
permission java.lang.RuntimePermission "loadLibrary.sunec";
|
|
||||||
permission java.security.SecurityPermission "putProviderProperty.SunEC";
|
|
||||||
permission java.security.SecurityPermission "clearProviderProperties.SunEC";
|
|
||||||
permission java.security.SecurityPermission "removeProviderProperty.SunEC";
|
|
||||||
};
|
|
||||||
|
|
||||||
grant codeBase "jrt:/jdk.crypto.cryptoki" {
|
grant codeBase "jrt:/jdk.crypto.cryptoki" {
|
||||||
permission java.lang.RuntimePermission
|
permission java.lang.RuntimePermission
|
||||||
"accessClassInPackage.com.sun.crypto.provider";
|
"accessClassInPackage.com.sun.crypto.provider";
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2014, 2017, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2014, 2023, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -32,8 +32,5 @@
|
|||||||
* @since 9
|
* @since 9
|
||||||
*/
|
*/
|
||||||
module jdk.crypto.cryptoki {
|
module jdk.crypto.cryptoki {
|
||||||
// Depends on SunEC provider for EC related functionality
|
|
||||||
requires jdk.crypto.ec;
|
|
||||||
|
|
||||||
provides java.security.Provider with sun.security.pkcs11.SunPKCS11;
|
provides java.security.Provider with sun.security.pkcs11.SunPKCS11;
|
||||||
}
|
}
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2014, 2017, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2014, 2023, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -31,6 +31,6 @@
|
|||||||
* @moduleGraph
|
* @moduleGraph
|
||||||
* @since 9
|
* @since 9
|
||||||
*/
|
*/
|
||||||
|
@Deprecated(since="22", forRemoval = true)
|
||||||
module jdk.crypto.ec {
|
module jdk.crypto.ec {
|
||||||
provides java.security.Provider with sun.security.ec.SunEC;
|
|
||||||
}
|
}
|
||||||
|
@ -60,8 +60,7 @@ public class CheckSecurityProvider {
|
|||||||
// NOTE: the ordering must match what's defined inside java.security
|
// NOTE: the ordering must match what's defined inside java.security
|
||||||
expected.add("sun.security.provider.Sun");
|
expected.add("sun.security.provider.Sun");
|
||||||
expected.add("sun.security.rsa.SunRsaSign");
|
expected.add("sun.security.rsa.SunRsaSign");
|
||||||
layer.findModule("jdk.crypto.ec")
|
expected.add("sun.security.ec.SunEC");
|
||||||
.ifPresent(m -> expected.add("sun.security.ec.SunEC"));
|
|
||||||
expected.add("sun.security.ssl.SunJSSE");
|
expected.add("sun.security.ssl.SunJSSE");
|
||||||
expected.add("com.sun.crypto.provider.SunJCE");
|
expected.add("com.sun.crypto.provider.SunJCE");
|
||||||
layer.findModule("jdk.security.jgss")
|
layer.findModule("jdk.security.jgss")
|
||||||
|
@ -6,4 +6,4 @@ modules = \
|
|||||||
java.security.jgss/sun.security.krb5.internal.ccache \
|
java.security.jgss/sun.security.krb5.internal.ccache \
|
||||||
java.security.jgss/sun.security.krb5.internal:+open \
|
java.security.jgss/sun.security.krb5.internal:+open \
|
||||||
java.base/sun.security.util \
|
java.base/sun.security.util \
|
||||||
jdk.crypto.ec/sun.security.ec
|
java.base/sun.security.ec
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2016, 2019, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -25,7 +25,7 @@
|
|||||||
* @test
|
* @test
|
||||||
* @bug 8049429 8234723
|
* @bug 8049429 8234723
|
||||||
* @modules java.management
|
* @modules java.management
|
||||||
* jdk.crypto.ec/sun.security.ec
|
* java.base/sun.security.ec
|
||||||
* @summary Test that all cipher suites work in all versions and all client
|
* @summary Test that all cipher suites work in all versions and all client
|
||||||
* authentication types. The way this is setup the server is stateless
|
* authentication types. The way this is setup the server is stateless
|
||||||
* and all checking is done on the client side.
|
* and all checking is done on the client side.
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2016, 2019, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -25,7 +25,7 @@
|
|||||||
* @test
|
* @test
|
||||||
* @bug 8049429 8172273 8234723
|
* @bug 8049429 8172273 8234723
|
||||||
* @modules java.management
|
* @modules java.management
|
||||||
* jdk.crypto.ec/sun.security.ec
|
* java.base/sun.security.ec
|
||||||
* @summary Test that all cipher suites work in all versions and all client
|
* @summary Test that all cipher suites work in all versions and all client
|
||||||
* authentication types. The way this is setup the server is stateless
|
* authentication types. The way this is setup the server is stateless
|
||||||
* and all checking is done on the client side.
|
* and all checking is done on the client side.
|
||||||
@ -75,4 +75,9 @@
|
|||||||
* -DCLIENT_PROTOCOL=TLSv1.3
|
* -DCLIENT_PROTOCOL=TLSv1.3
|
||||||
* -DCIPHER=TLS_AES_256_GCM_SHA384
|
* -DCIPHER=TLS_AES_256_GCM_SHA384
|
||||||
* TestJSSE
|
* TestJSSE
|
||||||
|
* @run main/othervm --limit-modules java.base
|
||||||
|
* -DSERVER_PROTOCOL=SSLv3,TLSv1,TLSv1.1,TLSv1.2,TLSv1.3
|
||||||
|
* -DCLIENT_PROTOCOL=TLSv1.3
|
||||||
|
* -DCIPHER=TLS_AES_256_GCM_SHA384
|
||||||
|
* TestJSSE
|
||||||
*/
|
*/
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -25,7 +25,7 @@
|
|||||||
* @test
|
* @test
|
||||||
* @bug 8049429
|
* @bug 8049429
|
||||||
* @modules java.management
|
* @modules java.management
|
||||||
* jdk.crypto.ec/sun.security.ec
|
* java.base/sun.security.ec
|
||||||
* @summary Test that all cipher suites work in all versions and all client
|
* @summary Test that all cipher suites work in all versions and all client
|
||||||
* authentication types. The way this is setup the server is stateless
|
* authentication types. The way this is setup the server is stateless
|
||||||
* and all checking is done on the client side.
|
* and all checking is done on the client side.
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2016, 2019, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -25,7 +25,7 @@
|
|||||||
* @test
|
* @test
|
||||||
* @bug 8049429 8234723
|
* @bug 8049429 8234723
|
||||||
* @modules java.management
|
* @modules java.management
|
||||||
* jdk.crypto.ec/sun.security.ec
|
* java.base/sun.security.ec
|
||||||
* @summary Test that all cipher suites work in all versions and all client
|
* @summary Test that all cipher suites work in all versions and all client
|
||||||
* authentication types. The way this is setup the server is stateless
|
* authentication types. The way this is setup the server is stateless
|
||||||
* and all checking is done on the client side.
|
* and all checking is done on the client side.
|
||||||
@ -60,4 +60,9 @@
|
|||||||
* -DCLIENT_PROTOCOL=TLSv1.3
|
* -DCLIENT_PROTOCOL=TLSv1.3
|
||||||
* -DCIPHER=TLS_AES_256_GCM_SHA384
|
* -DCIPHER=TLS_AES_256_GCM_SHA384
|
||||||
* TestJSSE javax.net.ssl.SSLHandshakeException
|
* TestJSSE javax.net.ssl.SSLHandshakeException
|
||||||
|
* @run main/othervm --limit-modules java.base
|
||||||
|
* -DSERVER_PROTOCOL=TLSv1.2
|
||||||
|
* -DCLIENT_PROTOCOL=TLSv1.3
|
||||||
|
* -DCIPHER=TLS_AES_256_GCM_SHA384
|
||||||
|
* TestJSSE javax.net.ssl.SSLHandshakeException
|
||||||
*/
|
*/
|
||||||
|
46
test/jdk/sun/security/ec/ecModuleCheck.java
Normal file
46
test/jdk/sun/security/ec/ecModuleCheck.java
Normal file
@ -0,0 +1,46 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved.
|
||||||
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
|
*
|
||||||
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
|
* under the terms of the GNU General Public License version 2 only, as
|
||||||
|
* published by the Free Software Foundation.
|
||||||
|
*
|
||||||
|
* This code is distributed in the hope that it will be useful, but WITHOUT
|
||||||
|
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
||||||
|
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||||
|
* version 2 for more details (a copy is included in the LICENSE file that
|
||||||
|
* accompanied this code).
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License version
|
||||||
|
* 2 along with this work; if not, write to the Free Software Foundation,
|
||||||
|
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||||
|
*
|
||||||
|
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
|
||||||
|
* or visit www.oracle.com if you need additional information or have any
|
||||||
|
* questions.
|
||||||
|
*/
|
||||||
|
|
||||||
|
import java.lang.module.ModuleFinder;
|
||||||
|
import static jdk.test.lib.Asserts.*;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* @test
|
||||||
|
* @bug 8308398
|
||||||
|
* @library /test/lib
|
||||||
|
* @summary Verify jdk.crypto.ec empty module
|
||||||
|
* @run main ecModuleCheck
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* This test verifies jdk.crypto.ec is in the image, but not resolvable.
|
||||||
|
*/
|
||||||
|
public class ecModuleCheck {
|
||||||
|
public static void main(String[] args) throws Exception {
|
||||||
|
// True if module is found in the image.
|
||||||
|
assertTrue(ModuleFinder.ofSystem().find("jdk.crypto.ec").isPresent(),
|
||||||
|
"jdk.crypto.ec was not found in image.");
|
||||||
|
// Since the module empty, isPresent() should be false.
|
||||||
|
assertFalse(ModuleLayer.boot().findModule("jdk.crypto.ec").
|
||||||
|
isPresent(), "jdk.crypto.ec shouldn't be resolvable.");
|
||||||
|
}
|
||||||
|
}
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2020, 2021, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2020, 2023, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -30,7 +30,7 @@
|
|||||||
* java.base/sun.security.util
|
* java.base/sun.security.util
|
||||||
* java.base/sun.security.util.math
|
* java.base/sun.security.util.math
|
||||||
* java.base/sun.security.util.math.intpoly
|
* java.base/sun.security.util.math.intpoly
|
||||||
* jdk.crypto.ec/sun.security.ec.ed
|
* java.base/sun.security.ec.ed
|
||||||
* @run main TestEdOps
|
* @run main TestEdOps
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2018, 2021, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2018, 2023, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -25,7 +25,7 @@
|
|||||||
* @test
|
* @test
|
||||||
* @bug 8171277
|
* @bug 8171277
|
||||||
* @summary Test XEC curve operations
|
* @summary Test XEC curve operations
|
||||||
* @modules jdk.crypto.ec/sun.security.ec
|
* @modules java.base/sun.security.ec
|
||||||
* @library /test/lib
|
* @library /test/lib
|
||||||
* @build jdk.test.lib.Convert
|
* @build jdk.test.lib.Convert
|
||||||
* @run main TestXECOps
|
* @run main TestXECOps
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2018, 2021, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2018, 2023, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -27,7 +27,7 @@
|
|||||||
* @summary XEC curve operations iterative test vectors
|
* @summary XEC curve operations iterative test vectors
|
||||||
* @library /test/lib
|
* @library /test/lib
|
||||||
* @build jdk.test.lib.Convert
|
* @build jdk.test.lib.Convert
|
||||||
* @modules jdk.crypto.ec/sun.security.ec
|
* @modules java.base/sun.security.ec
|
||||||
* @run main XECIterative 0 10000
|
* @run main XECIterative 0 10000
|
||||||
* @run main XECIterative 10000 20000
|
* @run main XECIterative 10000 20000
|
||||||
* @run main XECIterative 20000 30000
|
* @run main XECIterative 20000 30000
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2006, 2020, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2006, 2023, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -29,7 +29,7 @@
|
|||||||
* @library /test/lib ..
|
* @library /test/lib ..
|
||||||
* @library ../../../../java/security/testlibrary
|
* @library ../../../../java/security/testlibrary
|
||||||
* @key randomness
|
* @key randomness
|
||||||
* @modules jdk.crypto.cryptoki jdk.crypto.ec/sun.security.ec
|
* @modules jdk.crypto.cryptoki java.base/sun.security.ec
|
||||||
* @run main/othervm ReadPKCS12
|
* @run main/othervm ReadPKCS12
|
||||||
* @run main/othervm -Djava.security.manager=allow ReadPKCS12 sm policy
|
* @run main/othervm -Djava.security.manager=allow ReadPKCS12 sm policy
|
||||||
*/
|
*/
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -64,14 +64,14 @@ public class DefaultPolicy {
|
|||||||
}
|
}
|
||||||
|
|
||||||
private static void checkPolicy(Policy p) throws Exception {
|
private static void checkPolicy(Policy p) throws Exception {
|
||||||
// check if jdk.crypto.ec module has been de-privileged
|
// check if jdk.crypto.cryptoki module has been de-privileged
|
||||||
CodeSource cs =
|
CodeSource cs =
|
||||||
new CodeSource(new URL("jrt:/jdk.crypto.ec"), (CodeSigner[])null);
|
new CodeSource(new URL("jrt:/jdk.crypto.cryptoki"), (CodeSigner[])null);
|
||||||
ProtectionDomain pd = new ProtectionDomain(cs, null, null, null);
|
ProtectionDomain pd = new ProtectionDomain(cs, null, null, null);
|
||||||
if (p.implies(pd, new AllPermission())) {
|
if (p.implies(pd, new AllPermission())) {
|
||||||
throw new Exception("module should not be granted AllPermission");
|
throw new Exception("module should not be granted AllPermission");
|
||||||
}
|
}
|
||||||
if (!p.implies(pd, new RuntimePermission("loadLibrary.sunec"))) {
|
if (!p.implies(pd, new RuntimePermission("loadLibrary.j2pkcs11"))) {
|
||||||
throw new Exception("module should be granted RuntimePermission");
|
throw new Exception("module should be granted RuntimePermission");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2019, 2022, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2019, 2023, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -28,9 +28,11 @@
|
|||||||
* @library /test/lib
|
* @library /test/lib
|
||||||
* @build java.base/sun.security.rsa.RSAKeyPairGenerator
|
* @build java.base/sun.security.rsa.RSAKeyPairGenerator
|
||||||
* java.base/sun.security.provider.DSAKeyPairGenerator
|
* java.base/sun.security.provider.DSAKeyPairGenerator
|
||||||
* jdk.crypto.ec/sun.security.ec.ECKeyPairGenerator
|
* java.base/sun.security.ec.ECKeyPairGenerator
|
||||||
* @run main DefaultSignatureAlgorithm
|
* @run main DefaultSignatureAlgorithm
|
||||||
* @modules jdk.crypto.ec
|
*
|
||||||
|
* This test uses RSA, DSA, and EC inside this test directory, not the providers
|
||||||
|
* from the jdk
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import jdk.test.lib.Asserts;
|
import jdk.test.lib.Asserts;
|
||||||
@ -82,10 +84,7 @@ public class DefaultSignatureAlgorithm {
|
|||||||
throws Exception {
|
throws Exception {
|
||||||
String patchArg = "-J--patch-module=java.base="
|
String patchArg = "-J--patch-module=java.base="
|
||||||
+ System.getProperty("test.classes")
|
+ System.getProperty("test.classes")
|
||||||
+ File.separator + "patches" + File.separator + "java.base"
|
+ File.separator + "patches" + File.separator + "java.base";
|
||||||
+ " -J--patch-module=jdk.crypto.ec="
|
|
||||||
+ System.getProperty("test.classes")
|
|
||||||
+ File.separator + "patches" + File.separator + "jdk.crypto.ec";
|
|
||||||
return kt(patchArg + " -genkeypair -alias " + alias
|
return kt(patchArg + " -genkeypair -alias " + alias
|
||||||
+ " -dname CN=" + alias + " " + options);
|
+ " -dname CN=" + alias + " " + options);
|
||||||
}
|
}
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2020, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2020, 2023, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -63,7 +63,7 @@ public final class JLinkOptionsTest {
|
|||||||
"--bind-services",
|
"--bind-services",
|
||||||
},
|
},
|
||||||
// with bind-services should have some services
|
// with bind-services should have some services
|
||||||
new String[]{"java.smartcardio", "jdk.crypto.ec"},
|
new String[]{"java.smartcardio", "jdk.crypto.cryptoki"},
|
||||||
null,
|
null,
|
||||||
},
|
},
|
||||||
// bind-services
|
// bind-services
|
||||||
@ -80,7 +80,7 @@ public final class JLinkOptionsTest {
|
|||||||
"--jlink-options", "--bind-services",
|
"--jlink-options", "--bind-services",
|
||||||
},
|
},
|
||||||
// with bind-services should have some services
|
// with bind-services should have some services
|
||||||
new String[]{"java.smartcardio", "jdk.crypto.ec"},
|
new String[]{"java.smartcardio", "jdk.crypto.cryptoki"},
|
||||||
null,
|
null,
|
||||||
},
|
},
|
||||||
|
|
||||||
@ -105,7 +105,7 @@ public final class JLinkOptionsTest {
|
|||||||
// with bind-services should have some services
|
// with bind-services should have some services
|
||||||
new String[]{"java.smartcardio"},
|
new String[]{"java.smartcardio"},
|
||||||
// but not limited
|
// but not limited
|
||||||
new String[]{"jdk.crypto.ec"},
|
new String[]{"jdk.crypto.cryptoki"},
|
||||||
},
|
},
|
||||||
|
|
||||||
});
|
});
|
||||||
|
Loading…
Reference in New Issue
Block a user