1 /*
2 * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24 import java.io.File;
25 import java.io.FileInputStream;
26 import java.security.KeyStore;
27
28 /**
29 * Common library for various security test helper functions.
30 */
31 public final class SecurityUtils {
32
33 private static String getCacerts() {
34 String sep = File.separator;
35 return System.getProperty("java.home") + sep
36 + "lib" + sep + "security" + sep + "cacerts";
37 }
38
39 /**
40 * Returns the cacerts keystore with the configured CA certificates.
41 */
42 public static KeyStore getCacertsKeyStore() throws Exception {
43 File file = new File(getCacerts());
44 if (!file.exists()) {
45 return null;
46 }
47
48 KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
49 try (FileInputStream fis = new FileInputStream(file)) {
50 ks.load(fis, null);
51 }
52 return ks;
53 }
54
55 private SecurityUtils() {}
56 }
|
1 /*
2 * Copyright (c) 2018, 2020, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24 import java.io.File;
25 import java.io.FileInputStream;
26 import java.security.KeyStore;
27 import java.security.Security;
28 import java.util.Arrays;
29 import java.util.Collections;
30 import java.util.List;
31 import java.util.stream.Collectors;
32
33 /**
34 * Common library for various security test helper functions.
35 */
36 public final class SecurityUtils {
37
38 private static String getCacerts() {
39 String sep = File.separator;
40 return System.getProperty("java.home") + sep
41 + "lib" + sep + "security" + sep + "cacerts";
42 }
43
44 /**
45 * Returns the cacerts keystore with the configured CA certificates.
46 */
47 public static KeyStore getCacertsKeyStore() throws Exception {
48 File file = new File(getCacerts());
49 if (!file.exists()) {
50 return null;
51 }
52
53 KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
54 try (FileInputStream fis = new FileInputStream(file)) {
55 ks.load(fis, null);
56 }
57 return ks;
58 }
59
60 /**
61 * Removes the specified protocols from the jdk.tls.disabledAlgorithms
62 * security property.
63 */
64 public static void removeFromDisabledTlsAlgs(String... protocols) {
65 List<String> protocolsList = Arrays.asList(protocols);
66 protocolsList = Collections.unmodifiableList(protocolsList);
67 removeFromDisabledAlgs("jdk.tls.disabledAlgorithms",
68 protocolsList);
69 }
70
71 private static void removeFromDisabledAlgs(String prop, List<String> algs) {
72 String value = Security.getProperty(prop);
73 value = Arrays.stream(value.split(","))
74 .map(s -> s.trim())
75 .filter(s -> !algs.contains(s))
76 .collect(Collectors.joining(","));
77 Security.setProperty(prop, value);
78 }
79
80 private SecurityUtils() {}
81 }
|