1 /*
2  * Copyright (c) 2018, 2020, Oracle and/or its affiliates. All rights reserved.
3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4  *
5  * This code is free software; you can redistribute it and/or modify it
6  * under the terms of the GNU General Public License version 2 only, as
7  * published by the Free Software Foundation.
8  *
9  * This code is distributed in the hope that it will be useful, but WITHOUT
10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12  * version 2 for more details (a copy is included in the LICENSE file that
13  * accompanied this code).
14  *
15  * You should have received a copy of the GNU General Public License version
16  * 2 along with this work; if not, write to the Free Software Foundation,
17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18  *
19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20  * or visit www.oracle.com if you need additional information or have any
21  * questions.
22  */
23 
24 import java.io.File;
25 import java.io.FileInputStream;
26 import java.security.KeyStore;
27 import java.security.Security;
28 import java.util.Arrays;
29 import java.util.Collections;
30 import java.util.List;
31 import java.util.stream.Collectors;
32 
33 /**
34  * Common library for various security test helper functions.
35  */
36 public final class SecurityUtils {
37 
getCacerts()38     private static String getCacerts() {
39         String sep = File.separator;
40         return System.getProperty("java.home") + sep
41                 + "lib" + sep + "security" + sep + "cacerts";
42     }
43 
44     /**
45      * Returns the cacerts keystore with the configured CA certificates.
46      */
getCacertsKeyStore()47     public static KeyStore getCacertsKeyStore() throws Exception {
48         File file = new File(getCacerts());
49         if (!file.exists()) {
50             return null;
51         }
52 
53         KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
54         try (FileInputStream fis = new FileInputStream(file)) {
55             ks.load(fis, null);
56         }
57         return ks;
58     }
59 
60     /**
61      * Removes the specified protocols from the jdk.tls.disabledAlgorithms
62      * security property.
63      */
removeFromDisabledTlsAlgs(String... protocols)64     public static void removeFromDisabledTlsAlgs(String... protocols) {
65         List<String> protocolsList = Arrays.asList(protocols);
66         protocolsList = Collections.unmodifiableList(protocolsList);
67         removeFromDisabledAlgs("jdk.tls.disabledAlgorithms",
68                                protocolsList);
69     }
70 
removeFromDisabledAlgs(String prop, List<String> algs)71     private static void removeFromDisabledAlgs(String prop, List<String> algs) {
72         String value = Security.getProperty(prop);
73         value = Arrays.stream(value.split(","))
74                       .map(s -> s.trim())
75                       .filter(s -> !algs.contains(s))
76                       .collect(Collectors.joining(","));
77         Security.setProperty(prop, value);
78     }
79 
SecurityUtils()80     private SecurityUtils() {}
81 }
82