Path: blob/master/test/jdk/javax/crypto/CryptoPermissions/CryptoPolicyFallback.java
41152 views
/*1* Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation. Oracle designates this7* particular file as subject to the "Classpath" exception as provided8* by Oracle in the LICENSE file that accompanied this code.9*10* This code is distributed in the hope that it will be useful, but WITHOUT11* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or12* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License13* version 2 for more details (a copy is included in the LICENSE file that14* accompanied this code).15*16* You should have received a copy of the GNU General Public License version17* 2 along with this work; if not, write to the Free Software Foundation,18* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.19*20* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA21* or visit www.oracle.com if you need additional information or have any22* questions.23*/2425/**26* @test27* @bug 816933528* @summary Add a crypto policy fallback in case Security Property29* 'crypto.policy' does not exist.30* @run main/othervm CryptoPolicyFallback31*/32import java.io.*;33import java.nio.file.*;34import java.util.stream.*;35import javax.crypto.*;3637/*38* Take the current java.security file, strip out the 'crypto.policy' entry,39* write to a new file in the current directory, then use that file as the40* replacement java.security file. This test will fail if the crypto.policy41* entry doesn't match the compiled in value.42*/43public class CryptoPolicyFallback {4445private static final String FILENAME = "java.security";4647public static void main(String[] args) throws Exception {4849String javaHome = System.getProperty("java.home");5051Path path = Paths.get(javaHome, "conf", "security", FILENAME);5253/*54* Get the default value.55*/56String defaultPolicy;57try (Stream<String> lines = Files.lines(path)) {58/*59* If the input java.security file is malformed60* (missing crypto.policy, attribute/no value, etc), throw61* exception. split() might throw AIOOB which62* is ok behavior.63*/64defaultPolicy = lines.filter(x -> x.startsWith("crypto.policy="))65.findFirst().orElseThrow(66() -> new Exception("Missing crypto.policy"))67.split("=")[1].trim();68}6970/*71* We know there is at least one crypto.policy entry, strip72* all of them out of the java.security file.73*/74try (PrintWriter out = new PrintWriter(FILENAME);75Stream<String> lines = Files.lines(path)) {76lines.filter(x -> !x.trim().startsWith("crypto.policy="))77.forEach(out::println);78}7980/*81* "-Djava.security.properties==file" does a complete replacement82* of the system java.security file. i.e. value must be "=file"83*/84System.setProperty("java.security.properties", "=" + FILENAME);8586/*87* Find out expected value.88*/89int expected;90switch (defaultPolicy) {91case "limited":92expected = 128;93break;94case "unlimited":95expected = Integer.MAX_VALUE;96break;97default:98throw new Exception(99"Unexpected Default Policy Value: " + defaultPolicy);100}101102/*103* Do the actual check. If the JCE Framework can't initialize104* an Exception is normally thrown here.105*/106int maxKeyLen = Cipher.getMaxAllowedKeyLength("AES");107108System.out.println("Default Policy: " + defaultPolicy109+ "\nExpected max AES key length: " + expected110+ ", received : " + maxKeyLen);111112if (expected != maxKeyLen) {113throw new Exception("Wrong Key Length size!");114}115116System.out.println("PASSED!");117}118}119120121