1 /* 2 * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 import java.security.MessageDigest; 25 import java.security.KeyFactory; 26 import java.security.NoSuchAlgorithmException; 27 import java.security.Security; 28 import java.security.Signature; 29 import java.security.Provider; 30 import java.util.Arrays; 31 import java.util.List; 32 import javax.crypto.Cipher; 33 import javax.crypto.Mac; 34 import javax.crypto.NoSuchPaddingException; 35 36 /** 37 * @test 38 * @bug 8076359 8133151 8145344 8150512 8155847 39 * @summary Test the value for new jdk.security.provider.preferred 40 * security property 41 * @run main/othervm PreferredProviderTest 42 */ 43 public class PreferredProviderTest { 44 45 public void RunTest(String type, String os) 46 throws NoSuchAlgorithmException, NoSuchPaddingException { 47 48 String actualProvider = null; 49 boolean solaris = os.contains("sun"); 50 String preferredProp 51 = "AES/GCM/NoPadding:SunJCE, MessageDigest.SHA-256:SUN"; 52 System.out.printf("%nExecuting test for the platform '%s'%n", os); 53 if (!solaris) { 54 //For other platform it will try to set the preferred algorithm and 55 //Provider and verify the usage of it. 56 Security.setProperty( 57 "jdk.security.provider.preferred", preferredProp); 58 verifyPreferredProviderProperty(os, type, preferredProp); 59 60 verifyDigestProvider(os, type, Arrays.asList( 61 new DataTuple("SHA-256", "SUN"))); 62 } else { 63 //Solaris has different providers that support the same algorithm 64 //which makes for better testing. 65 switch (type) { 66 case "sparcv9": 67 preferredProp = "AES:SunJCE, SHA1:SUN, Group.SHA2:SUN, " + 68 "HmacSHA1:SunJCE, Group.HmacSHA2:SunJCE"; 69 Security.setProperty( 70 "jdk.security.provider.preferred", preferredProp); 71 verifyPreferredProviderProperty(os, type, preferredProp); 72 73 verifyDigestProvider(os, type, Arrays.asList( 74 new DataTuple("SHA1", "SUN"), 75 new DataTuple("SHA-1", "SUN"), 76 new DataTuple("SHA-224", "SUN"), 77 new DataTuple("SHA-256", "SUN"), 78 new DataTuple("SHA-384", "SUN"), 79 new DataTuple("SHA-512", "SUN"), 80 new DataTuple("SHA-512/224", "SUN"), 81 new DataTuple("SHA-512/256", "SUN"))); 82 83 verifyMacProvider(os, type, Arrays.asList( 84 new DataTuple("HmacSHA1", "SunJCE"), 85 new DataTuple("HmacSHA224", "SunJCE"), 86 new DataTuple("HmacSHA256", "SunJCE"), 87 new DataTuple("HmacSHA384", "SunJCE"), 88 new DataTuple("HmacSHA512", "SunJCE"))); 89 break; 90 case "amd64": 91 preferredProp = "AES:SunJCE, SHA1:SUN, Group.SHA2:SUN, " + 92 "HmacSHA1:SunJCE, Group.HmacSHA2:SunJCE, " + 93 "RSA:SunRsaSign, SHA1withRSA:SunRsaSign, " + 94 "Group.SHA2RSA:SunRsaSign"; 95 Security.setProperty( 96 "jdk.security.provider.preferred", preferredProp); 97 verifyPreferredProviderProperty(os, type, preferredProp); 98 99 verifyKeyFactoryProvider(os, type, Arrays.asList( 100 new DataTuple("RSA", "SunRsaSign"))); 101 102 verifyDigestProvider(os, type, Arrays.asList( 103 new DataTuple("SHA1", "SUN"), 104 new DataTuple("SHA-1", "SUN"), 105 new DataTuple("SHA-224", "SUN"), 106 new DataTuple("SHA-256", "SUN"), 107 new DataTuple("SHA-384", "SUN"), 108 new DataTuple("SHA-512", "SUN"), 109 new DataTuple("SHA-512/224", "SUN"), 110 new DataTuple("SHA-512/256", "SUN"))); 111 112 verifyMacProvider(os, type, Arrays.asList( 113 new DataTuple("HmacSHA1", "SunJCE"), 114 new DataTuple("HmacSHA224", "SunJCE"), 115 new DataTuple("HmacSHA256", "SunJCE"), 116 new DataTuple("HmacSHA384", "SunJCE"), 117 new DataTuple("HmacSHA512", "SunJCE"))); 118 119 verifySignatureProvider(os, type, Arrays.asList( 120 new DataTuple("SHA1withRSA", "SunRsaSign"), 121 new DataTuple("SHA224withRSA", "SunRsaSign"), 122 new DataTuple("SHA256withRSA", "SunRsaSign"), 123 new DataTuple("SHA384withRSA", "SunRsaSign"), 124 new DataTuple("SHA512withRSA", "SunRsaSign"))); 125 break; 126 } 127 verifyDigestProvider(os, type, Arrays.asList( 128 new DataTuple("MD5", "OracleUcrypto"))); 129 } 130 131 Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); 132 actualProvider = cipher.getProvider().getName(); 133 if (!actualProvider.equals("SunJCE")) { 134 throw new RuntimeException(String.format("Test Failed:Got wrong " 135 + "provider from %s-%s platform, Expected Provider: SunJCE," 136 + " Returned Provider: %s", os, type, actualProvider)); 137 } 138 } 139 140 private static void verifyPreferredProviderProperty(String os, String arch, 141 String preferred) { 142 String preferredProvider 143 = Security.getProperty("jdk.security.provider.preferred"); 144 if (!preferredProvider.equals(preferred)) { 145 System.out.println("Expected: " + preferred + "\nResult: " + 146 preferredProvider); 147 throw new RuntimeException(String.format( 148 "Test Failed: wrong jdk.security.provider.preferred value " 149 + "on %s-%s", os, arch)); 150 } 151 System.out.println( 152 "Preferred provider security property verification complete."); 153 } 154 155 private static void verifyDigestProvider(String os, String arch, 156 List<DataTuple> algoProviders) throws NoSuchAlgorithmException { 157 for (DataTuple dataTuple : algoProviders) { 158 System.out.printf( 159 "Verifying MessageDigest for '%s'%n", dataTuple.algorithm); 160 MessageDigest md = MessageDigest.getInstance(dataTuple.algorithm); 161 matchProvider(md.getProvider(), dataTuple.provider, 162 dataTuple.algorithm, os, arch); 163 } 164 System.out.println( 165 "Preferred MessageDigest algorithm verification successful."); 166 } 167 168 private static void verifyMacProvider(String os, String arch, 169 List<DataTuple> algoProviders) throws NoSuchAlgorithmException { 170 for (DataTuple dataTuple : algoProviders) { 171 System.out.printf( 172 "Verifying Mac for '%s'%n", dataTuple.algorithm); 173 Mac mac = Mac.getInstance(dataTuple.algorithm); 174 matchProvider(mac.getProvider(), dataTuple.provider, 175 dataTuple.algorithm, os, arch); 176 } 177 System.out.println( 178 "Preferred Mac algorithm verification successful."); 179 } 180 181 private static void verifyKeyFactoryProvider(String os, String arch, 182 List<DataTuple> algoProviders) throws NoSuchAlgorithmException { 183 for (DataTuple dataTuple : algoProviders) { 184 System.out.printf( 185 "Verifying KeyFactory for '%s'%n", dataTuple.algorithm); 186 KeyFactory kf = KeyFactory.getInstance(dataTuple.algorithm); 187 matchProvider(kf.getProvider(), dataTuple.provider, 188 dataTuple.algorithm, os, arch); 189 } 190 System.out.println( 191 "Preferred KeyFactory algorithm verification successful."); 192 } 193 194 private static void verifySignatureProvider(String os, String arch, 195 List<DataTuple> algoProviders) throws NoSuchAlgorithmException { 196 for (DataTuple dataTuple : algoProviders) { 197 System.out.printf( 198 "Verifying Signature for '%s'%n", dataTuple.algorithm); 199 Signature si = Signature.getInstance(dataTuple.algorithm); 200 matchProvider(si.getProvider(), dataTuple.provider, 201 dataTuple.algorithm, os, arch); 202 } 203 System.out.println( 204 "Preferred Signature algorithm verification successful."); 205 } 206 207 private static void matchProvider(Provider provider, String expected, 208 String algo, String os, String arch) { 209 if (!provider.getName().equals(expected)) { 210 throw new RuntimeException(String.format( 211 "Test Failed:Got wrong provider from %s-%s platform, " 212 + "for algorithm %s. Expected Provider: %s," 213 + " Returned Provider: %s", os, arch, algo, 214 expected, provider.getName())); 215 } 216 } 217 218 private static class DataTuple { 219 220 private final String provider; 221 private final String algorithm; 222 223 private DataTuple(String algorithm, String provider) { 224 this.algorithm = algorithm; 225 this.provider = provider; 226 } 227 } 228 229 public static void main(String[] args) 230 throws NoSuchAlgorithmException, NoSuchPaddingException { 231 String os = System.getProperty("os.name").toLowerCase(); 232 String arch = System.getProperty("os.arch").toLowerCase(); 233 PreferredProviderTest pp = new PreferredProviderTest(); 234 pp.RunTest(arch, os); 235 } 236 }