/*
* Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import java.security.MessageDigest;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.security.Signature;
import java.security.Provider;
import java.util.Arrays;
import java.util.List;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
/**
* @test
* @bug 8076359 8133151 8145344 8150512 8155847
* @summary Test the value for new jdk.security.provider.preferred
* security property
* @run main/othervm PreferredProviderTest
*/
public class PreferredProviderTest {
public void RunTest(String type, String os)
throws NoSuchAlgorithmException, NoSuchPaddingException {
String actualProvider = null;
boolean solaris = os.contains("sun");
String preferredProp
= "AES/GCM/NoPadding:SunJCE, MessageDigest.SHA-256:SUN";
System.out.printf("%nExecuting test for the platform '%s'%n", os);
if (!solaris) {
//For other platform it will try to set the preferred algorithm and
//Provider and verify the usage of it.
Security.setProperty(
"jdk.security.provider.preferred", preferredProp);
verifyPreferredProviderProperty(os, type, preferredProp);
verifyDigestProvider(os, type, Arrays.asList(
new DataTuple("SHA-256", "SUN")));
} else {
//Solaris has different providers that support the same algorithm
//which makes for better testing.
switch (type) {
case "sparcv9":
preferredProp = "AES:SunJCE, SHA1:SUN, Group.SHA2:SUN, " +
"HmacSHA1:SunJCE, Group.HmacSHA2:SunJCE";
Security.setProperty(
"jdk.security.provider.preferred", preferredProp);
verifyPreferredProviderProperty(os, type, preferredProp);
verifyDigestProvider(os, type, Arrays.asList(
new DataTuple("SHA1", "SUN"),
new DataTuple("SHA-1", "SUN"),
new DataTuple("SHA-224", "SUN"),
new DataTuple("SHA-256", "SUN"),
new DataTuple("SHA-384", "SUN"),
new DataTuple("SHA-512", "SUN"),
new DataTuple("SHA-512/224", "SUN"),
new DataTuple("SHA-512/256", "SUN")));
verifyMacProvider(os, type, Arrays.asList(
new DataTuple("HmacSHA1", "SunJCE"),
new DataTuple("HmacSHA224", "SunJCE"),
new DataTuple("HmacSHA256", "SunJCE"),
new DataTuple("HmacSHA384", "SunJCE"),
new DataTuple("HmacSHA512", "SunJCE")));
break;
case "amd64":
preferredProp = "AES:SunJCE, SHA1:SUN, Group.SHA2:SUN, " +
"HmacSHA1:SunJCE, Group.HmacSHA2:SunJCE, " +
"RSA:SunRsaSign, SHA1withRSA:SunRsaSign, " +
"Group.SHA2RSA:SunRsaSign";
Security.setProperty(
"jdk.security.provider.preferred", preferredProp);
verifyPreferredProviderProperty(os, type, preferredProp);
verifyKeyFactoryProvider(os, type, Arrays.asList(
new DataTuple("RSA", "SunRsaSign")));
verifyDigestProvider(os, type, Arrays.asList(
new DataTuple("SHA1", "SUN"),
new DataTuple("SHA-1", "SUN"),
new DataTuple("SHA-224", "SUN"),
new DataTuple("SHA-256", "SUN"),
new DataTuple("SHA-384", "SUN"),
new DataTuple("SHA-512", "SUN"),
new DataTuple("SHA-512/224", "SUN"),
new DataTuple("SHA-512/256", "SUN")));
verifyMacProvider(os, type, Arrays.asList(
new DataTuple("HmacSHA1", "SunJCE"),
new DataTuple("HmacSHA224", "SunJCE"),
new DataTuple("HmacSHA256", "SunJCE"),
new DataTuple("HmacSHA384", "SunJCE"),
new DataTuple("HmacSHA512", "SunJCE")));
verifySignatureProvider(os, type, Arrays.asList(
new DataTuple("SHA1withRSA", "SunRsaSign"),
new DataTuple("SHA224withRSA", "SunRsaSign"),
new DataTuple("SHA256withRSA", "SunRsaSign"),
new DataTuple("SHA384withRSA", "SunRsaSign"),
new DataTuple("SHA512withRSA", "SunRsaSign")));
break;
}
verifyDigestProvider(os, type, Arrays.asList(
new DataTuple("MD5", "OracleUcrypto")));
}
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
actualProvider = cipher.getProvider().getName();
if (!actualProvider.equals("SunJCE")) {
throw new RuntimeException(String.format("Test Failed:Got wrong "
+ "provider from %s-%s platform, Expected Provider: SunJCE,"
+ " Returned Provider: %s", os, type, actualProvider));
}
}
private static void verifyPreferredProviderProperty(String os, String arch,
String preferred) {
String preferredProvider
= Security.getProperty("jdk.security.provider.preferred");
if (!preferredProvider.equals(preferred)) {
System.out.println("Expected: " + preferred + "\nResult: " +
preferredProvider);
throw new RuntimeException(String.format(
"Test Failed: wrong jdk.security.provider.preferred value "
+ "on %s-%s", os, arch));
}
System.out.println(
"Preferred provider security property verification complete.");
}
private static void verifyDigestProvider(String os, String arch,
List<DataTuple> algoProviders) throws NoSuchAlgorithmException {
for (DataTuple dataTuple : algoProviders) {
System.out.printf(
"Verifying MessageDigest for '%s'%n", dataTuple.algorithm);
MessageDigest md = MessageDigest.getInstance(dataTuple.algorithm);
matchProvider(md.getProvider(), dataTuple.provider,
dataTuple.algorithm, os, arch);
}
System.out.println(
"Preferred MessageDigest algorithm verification successful.");
}
private static void verifyMacProvider(String os, String arch,
List<DataTuple> algoProviders) throws NoSuchAlgorithmException {
for (DataTuple dataTuple : algoProviders) {
System.out.printf(
"Verifying Mac for '%s'%n", dataTuple.algorithm);
Mac mac = Mac.getInstance(dataTuple.algorithm);
matchProvider(mac.getProvider(), dataTuple.provider,
dataTuple.algorithm, os, arch);
}
System.out.println(
"Preferred Mac algorithm verification successful.");
}
private static void verifyKeyFactoryProvider(String os, String arch,
List<DataTuple> algoProviders) throws NoSuchAlgorithmException {
for (DataTuple dataTuple : algoProviders) {
System.out.printf(
"Verifying KeyFactory for '%s'%n", dataTuple.algorithm);
KeyFactory kf = KeyFactory.getInstance(dataTuple.algorithm);
matchProvider(kf.getProvider(), dataTuple.provider,
dataTuple.algorithm, os, arch);
}
System.out.println(
"Preferred KeyFactory algorithm verification successful.");
}
private static void verifySignatureProvider(String os, String arch,
List<DataTuple> algoProviders) throws NoSuchAlgorithmException {
for (DataTuple dataTuple : algoProviders) {
System.out.printf(
"Verifying Signature for '%s'%n", dataTuple.algorithm);
Signature si = Signature.getInstance(dataTuple.algorithm);
matchProvider(si.getProvider(), dataTuple.provider,
dataTuple.algorithm, os, arch);
}
System.out.println(
"Preferred Signature algorithm verification successful.");
}
private static void matchProvider(Provider provider, String expected,
String algo, String os, String arch) {
if (!provider.getName().equals(expected)) {
throw new RuntimeException(String.format(
"Test Failed:Got wrong provider from %s-%s platform, "
+ "for algorithm %s. Expected Provider: %s,"
+ " Returned Provider: %s", os, arch, algo,
expected, provider.getName()));
}
}
private static class DataTuple {
private final String provider;
private final String algorithm;
private DataTuple(String algorithm, String provider) {
this.algorithm = algorithm;
this.provider = provider;
}
}
public static void main(String[] args)
throws NoSuchAlgorithmException, NoSuchPaddingException {
String os = System.getProperty("os.name").toLowerCase();
String arch = System.getProperty("os.arch").toLowerCase();
PreferredProviderTest pp = new PreferredProviderTest();
pp.RunTest(arch, os);
}
}