42 boolean failed = false;
43
44 // Root CAs should always be trusted
45 File file = new File(home, "lib/security/cacerts");
46 KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
47 try (FileInputStream fis = new FileInputStream(file)) {
48 ks.load(fis, null);
49 }
50 System.out.println("Check for cacerts: " + ks.size());
51 for (String alias: Collections.list(ks.aliases())) {
52 X509Certificate cert = (X509Certificate)ks.getCertificate(alias);
53 if (UntrustedCertificates.isUntrusted(cert)) {
54 System.out.print(alias + " is untrusted");
55 failed = true;
56 }
57 }
58
59 // All certs in the pem files
60 Set<Certificate> blacklisted = new HashSet<>();
61
62 // Hopefully src comes with test, but it might be missing if doing
63 // a -testonly JPRT job.
64 File[] blacklists = {
65 new File(System.getProperty("test.src"),
66 "../../../make/data/blacklistedcertsconverter/blacklisted.certs.pem"),
67 new File(System.getProperty("test.src"),
68 "../../../make/closed/data/blacklistedcertsconverter/blacklisted.certs.pem")
69 };
70
71 // Is this an OPENJDK build?
72 String prop = System.getProperty("java.runtime.name");
73 if (prop != null && prop.startsWith("OpenJDK")) {
74 System.out.println("This is a OpenJDK build.");
75 blacklists = Arrays.copyOf(blacklists, 1);
76 }
77
78 CertificateFactory cf = CertificateFactory.getInstance("X.509");
79 for (File blacklist: blacklists) {
80 System.out.print("Check for " + blacklist + ": ");
81 if (!blacklist.exists()) {
82 System.out.println("does not exist");
83 } else {
|
42 boolean failed = false;
43
44 // Root CAs should always be trusted
45 File file = new File(home, "lib/security/cacerts");
46 KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
47 try (FileInputStream fis = new FileInputStream(file)) {
48 ks.load(fis, null);
49 }
50 System.out.println("Check for cacerts: " + ks.size());
51 for (String alias: Collections.list(ks.aliases())) {
52 X509Certificate cert = (X509Certificate)ks.getCertificate(alias);
53 if (UntrustedCertificates.isUntrusted(cert)) {
54 System.out.print(alias + " is untrusted");
55 failed = true;
56 }
57 }
58
59 // All certs in the pem files
60 Set<Certificate> blacklisted = new HashSet<>();
61
62 // Assumes the full src is available
63 File[] blacklists = {
64 new File(System.getProperty("test.src"),
65 "../../../make/data/blacklistedcertsconverter/blacklisted.certs.pem"),
66 new File(System.getProperty("test.src"),
67 "../../../make/closed/data/blacklistedcertsconverter/blacklisted.certs.pem")
68 };
69
70 // Is this an OPENJDK build?
71 String prop = System.getProperty("java.runtime.name");
72 if (prop != null && prop.startsWith("OpenJDK")) {
73 System.out.println("This is a OpenJDK build.");
74 blacklists = Arrays.copyOf(blacklists, 1);
75 }
76
77 CertificateFactory cf = CertificateFactory.getInstance("X.509");
78 for (File blacklist: blacklists) {
79 System.out.print("Check for " + blacklist + ": ");
80 if (!blacklist.exists()) {
81 System.out.println("does not exist");
82 } else {
|