1 /*
2  * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4  *
5  * This code is free software; you can redistribute it and/or modify it
6  * under the terms of the GNU General Public License version 2 only, as
7  * published by the Free Software Foundation.
8  *
9  * This code is distributed in the hope that it will be useful, but WITHOUT
10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12  * version 2 for more details (a copy is included in the LICENSE file that
13  * accompanied this code).
14  *
15  * You should have received a copy of the GNU General Public License version
16  * 2 along with this work; if not, write to the Free Software Foundation,
17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18  *
19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20  * or visit www.oracle.com if you need additional information or have any
21  * questions.
22  */
23 
24 import java.security.Security;
25 import java.security.NoSuchAlgorithmException;
26 import javax.crypto.Cipher;
27 import javax.crypto.NoSuchPaddingException;
28 
29 /**
30  * @test
31  * @bug 8076359 8133151 8150512
32  * @summary Test for jdk.security.provider.preferred security property
33  * @run main/othervm  PreferredProviderNegativeTest preSet AES false
34  * @run main/othervm  PreferredProviderNegativeTest preSet AES:SunNegative true
35  * @run main/othervm  PreferredProviderNegativeTest afterSet AES:SunJGSS
36  * @run main/othervm  PreferredProviderNegativeTest afterSet AES:SunECNegative
37  * @run main/othervm  PreferredProviderNegativeTest invalidAlg AESInvalid:SunJCE
38  */
39 public class PreferredProviderNegativeTest {
40 
41     static final String SEC_PREF_PROP = "jdk.security.provider.preferred";
42 
43     /*
44      * Test security property could be set by valid and invalid provider
45      * before JCE was loaded
46      */
preJCESet(String value, boolean negativeProvider)47     public static void preJCESet(String value, boolean negativeProvider)
48             throws NoSuchAlgorithmException, NoSuchPaddingException {
49 
50         Security.setProperty(SEC_PREF_PROP, value);
51 
52         if (!Security.getProperty(SEC_PREF_PROP).equals(value)) {
53             throw new RuntimeException("Test Failed:The property wasn't set");
54         }
55 
56         String[] arrays = value.split(":");
57         Cipher cipher = Cipher.getInstance(arrays[0]);
58         if (negativeProvider) {
59             if (cipher.getProvider().getName().equals(arrays[1])) {
60                 throw new RuntimeException(
61                         "Test Failed:The provider shouldn't be set.");
62             }
63         } else {
64             if (!cipher.getProvider().getName().equals(arrays[1])) {
65                 throw new RuntimeException("Test Failed:The provider could be "
66                         + "set by valid provider.");
67             }
68         }
69         System.out.println("Test Pass.");
70     }
71 
72     /*
73      * Test that the setting of the security property after Cipher.getInstance()
74      * does not influence previously loaded instances
75      */
afterJCESet(String value, String expected)76     public static void afterJCESet(String value, String expected)
77             throws NoSuchAlgorithmException, NoSuchPaddingException {
78         String[] arrays = value.split(":");
79         Cipher cipher = Cipher.getInstance(arrays[0]);
80 
81         Security.setProperty(SEC_PREF_PROP, value);
82         if (!cipher.getProvider().getName().equals(expected)) {
83             throw new RuntimeException("Test Failed:The security property can't"
84                     + " be updated after JCE load.");
85         }
86         System.out.println("Test Pass");
87     }
88 
89     /* Test the security property with negative algorithm */
invalidAlg(String value)90     public static void invalidAlg(String value) throws NoSuchPaddingException {
91         String[] arrays = value.split(":");
92 
93         try {
94             Security.setProperty(SEC_PREF_PROP, value);
95             Cipher.getInstance(arrays[0]);
96         } catch (NoSuchAlgorithmException e) {
97             System.out.println(
98                     "Test Pass:Got NoSuchAlgorithmException as expired");
99             return;
100         }
101         throw new RuntimeException(
102                 "Test Failed:Expected NoSuchAlgorithmException was not thrown");
103     }
104 
main(String[] args)105     public static void main(String[] args)
106             throws NoSuchAlgorithmException, NoSuchPaddingException {
107 
108         String expected;
109         String value = args[1];
110         // If OS is solaris, expect OracleUcrypto, otherwise SunJCE
111         if (System.getProperty("os.name").toLowerCase().contains("sun")) {
112             expected = "OracleUcrypto";
113         } else {
114             expected = "SunJCE";
115         }
116 
117         if (args.length >= 2) {
118             switch (args[0]) {
119                 case "preSet":
120                     boolean negativeProvider = Boolean.valueOf(args[2]);
121                     if (!args[1].contains(":")) {
122                         value += ":" + expected;
123                     }
124                     PreferredProviderNegativeTest.preJCESet(
125                             value, negativeProvider);
126                     break;
127                 case "afterSet":
128                     PreferredProviderNegativeTest.afterJCESet(args[1],
129                             expected);
130                     break;
131                 case "invalidAlg":
132                     PreferredProviderNegativeTest.invalidAlg(args[1]);
133                     break;
134             }
135         } else {
136             throw new RuntimeException(
137                     "Test Failed:Please pass the correct args");
138         }
139     }
140 }
141