Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / libcore / 319a3b994703aac84df7bcde272adfcb3cdbbbf0 / . / jdk / test / sun / security / provider / PolicyFile / TokenStore.java
blob: eb798ccb4f38b0feb75bd8e8692d435b8b76d8d2 [file] [log] [blame]
J. Duke319a3b92007-12-01 00:00:00 +0000[diff] [blame^]1/*
2 * Copyright 2003 Sun Microsystems, Inc. All Rights Reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
20 * CA 95054 USA or visit www.sun.com if you need additional information or
21 * have any questions.
22 */
23
24/*
25 * @test
26 * @bug 4919147
27 * @summary Support for token-based KeyStores
28 *
29 * TokenStore.keystore password is "TokenStore"
30 */
31
32import java.io.*;
33import java.util.*;
34import java.net.*;
35import java.security.AllPermission;
36import java.security.CodeSource;
37import java.security.ProtectionDomain;
38import java.security.Permission;
39import java.security.KeyStore;
40import java.security.cert.*;
41import sun.security.provider.*;
42
43public class TokenStore {
44
45 private static String DIR =
46 System.getProperty("test.classes", ".") + File.separatorChar;
47 private static final char[] storePassword = new char[]
48 { 'T', 'o', 'k', 'e', 'n', 'S', 't', 'o', 'r', 'e' };
49
50
51 // policy files that will get written
52 private static String NO_STORE_FILE = DIR + "TokenStore.NoStore";
53 private static String URL_FILE = DIR + "TokenStore.Url";
54 private static String URL_T_FILE = DIR + "TokenStore.UrlT";
55 private static String URL_T_P_FILE = DIR + "TokenStore.UrlTP";
56 private static String URL_PWD_FILE = DIR + "TokenStore.UrlPwd";
57 private static String URL_T_P_PWD_FILE = DIR + "TokenStore.UrlTPPwd";
58 private static String BADPASS_FILE = DIR + "TokenStore.BadPass";
59
60 private static String RELPASS_FILE =
61 System.getProperty("test.src", ".") + File.separatorChar +
62 "TokenStore.RelPassPolicy";
63
64 // protection domains
65 private static ProtectionDomain NO_STORE_DOMAIN;
66 private static ProtectionDomain URL_DOMAIN;
67 private static ProtectionDomain URL_T_DOMAIN;
68 private static ProtectionDomain URL_T_P_DOMAIN;
69
70 // policy contents written to files
71 private static final String POLICY_NO_STORE =
72 "grant { permission java.security.AllPermission; };";
73
74 private static final String POLICY_URL =
75 "keystore \"file:${test.src}${/}TokenStore.keystore\";" +
76 "grant signedby \"POLICY_URL\" {" +
77 " permission java.security.AllPermission;" +
78 "};" ;
79
80 private static final String POLICY_URL_T =
81 "keystore \"file:${test.src}${/}TokenStore.keystore\", \"JKS\";"+
82 "grant signedby \"POLICY_URL_T\" {" +
83 " permission java.security.AllPermission;" +
84 "};" ;
85
86 private static final String POLICY_URL_T_P =
87 "keystore \"file:${test.src}${/}TokenStore.keystore\"," +
88 " \"JKS\", \"SUN\";" +
89 "grant signedby \"POLICY_URL_T_P\" {" +
90 " permission java.security.AllPermission;" +
91 "};" ;
92
93 private static final String POLICY_URL_PWD =
94 "keystore \"file:${test.src}${/}TokenStore.keystore\";" +
95 "keystorePasswordURL \"file:${test.src}${/}TokenStore.pwd\";" +
96 "grant signedby \"POLICY_URL\" {" +
97 " permission java.security.AllPermission;" +
98 "};" ;
99
100 private static final String POLICY_URL_T_P_PWD =
101 "keystore \"file:${test.src}${/}TokenStore.keystore\"," +
102 " \"JKS\", \"SUN\";" +
103 "keystorePasswordURL \"file:${test.src}${/}TokenStore.pwd\";" +
104 "grant signedby \"POLICY_URL_T_P\" {" +
105 " permission java.security.AllPermission;" +
106 "};" ;
107
108 private static final String POLICY_BADPASS =
109 "keystore \"file:${test.src}${/}TokenStore.keystore\"," +
110 " \"JKS\", \"SUN\";" +
111 "keystorePasswordURL \"file:${test.src}${/}TokenStore.java\";" +
112 "grant signedby \"POLICY_URL_T_P\" {" +
113 " permission java.security.AllPermission;" +
114 "};" ;
115
116 private static void init() throws Exception {
117
118 // first write policy files
119
120 PolicyParser pp = new PolicyParser();
121 pp.read(new StringReader(POLICY_NO_STORE));
122 pp.write(new FileWriter(NO_STORE_FILE, false));
123
124 pp = new PolicyParser();
125 pp.read(new StringReader(POLICY_URL));
126 pp.write(new FileWriter(URL_FILE, false));
127
128 pp = new PolicyParser();
129 pp.read(new StringReader(POLICY_URL_T));
130 pp.write(new FileWriter(URL_T_FILE, false));
131
132 pp = new PolicyParser();
133 pp.read(new StringReader(POLICY_URL_T_P));
134 pp.write(new FileWriter(URL_T_P_FILE, false));
135
136 pp = new PolicyParser();
137 pp.read(new StringReader(POLICY_URL_PWD));
138 pp.write(new FileWriter(URL_PWD_FILE, false));
139
140 pp = new PolicyParser();
141 pp.read(new StringReader(POLICY_URL_T_P_PWD));
142 pp.write(new FileWriter(URL_T_P_PWD_FILE, false));
143
144 pp = new PolicyParser();
145 pp.read(new StringReader(POLICY_BADPASS));
146 pp.write(new FileWriter(BADPASS_FILE, false));
147
148 // next load keystore data to build PD's
149
150 KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
151 ks.load(new FileInputStream
152 (System.getProperty("test.src", ".") +
153 File.separatorChar +
154 "TokenStore.keystore"),
155 storePassword);
156
157 NO_STORE_DOMAIN = new ProtectionDomain
158 (new CodeSource(new URL("file:/foo"),
159 (java.security.cert.Certificate[]) null),
160 null, // perms
161 null, // class loader
162 null); // principals
163
164 Certificate[] chain = (Certificate[])
165 ks.getCertificateChain("POLICY_URL");
166 URL_DOMAIN = new ProtectionDomain
167 (new CodeSource(new URL("file:/foo"), chain),
168 null, // perms
169 null, // class loader
170 null); // principals
171
172 chain = (Certificate[])
173 ks.getCertificateChain("POLICY_URL_T");
174 URL_T_DOMAIN = new ProtectionDomain
175 (new CodeSource(new URL("file:/foo"), chain),
176 null, // perms
177 null, // class loader
178 null); // principals
179
180 chain = (Certificate[])
181 ks.getCertificateChain("POLICY_URL_T_P");
182 URL_T_P_DOMAIN = new ProtectionDomain
183 (new CodeSource(new URL("file:/foo"), chain),
184 null, // perms
185 null, // class loader
186 null); // principals
187 }
188
189 public static void main(String[] args) throws Exception {
190
191 init();
192
193 // test no key store in policy
194
195 System.setProperty("java.security.policy", "=" + NO_STORE_FILE);
196 PolicyFile p = new PolicyFile();
197 checkPerm(p, NO_STORE_DOMAIN);
198
199 // test policy keystore + URL
200
201 System.setProperty("java.security.policy", "=" + URL_FILE);
202 p = new PolicyFile();
203 checkPerm(p, URL_DOMAIN);
204
205 // test policy keystore + URL + type
206
207 System.setProperty("java.security.policy", "=" + URL_T_FILE);
208 p = new PolicyFile();
209 checkPerm(p, URL_T_DOMAIN);
210
211 // test policy keystore + URL + type + provider
212
213 System.setProperty("java.security.policy", "=" + URL_T_P_FILE);
214 p = new PolicyFile();
215 checkPerm(p, URL_T_P_DOMAIN);
216
217 // test policy keystore + URL + password
218
219 System.setProperty("java.security.policy", "=" + URL_FILE);
220 p = new PolicyFile();
221 checkPerm(p, URL_DOMAIN);
222
223 // test policy keystore + URL + type + provider + password
224
225 System.setProperty("java.security.policy", "=" + URL_T_P_FILE);
226 p = new PolicyFile();
227 checkPerm(p, URL_T_P_DOMAIN);
228
229 // test policy keystore + URL + type + provider + BAD password
230
231 System.setProperty("java.security.policy", "=" + BADPASS_FILE);
232 p = new PolicyFile();
233 try {
234 checkPerm(p, URL_T_P_DOMAIN);
235 throw new RuntimeException("expected SecurityException");
236 } catch (SecurityException se) {
237 // good
238 //se.printStackTrace();
239 }
240
241 // test policy keystore + URL + type + provider + RELATIVE password
242
243 System.setProperty("java.security.policy", "=" + RELPASS_FILE);
244 p = new PolicyFile();
245 checkPerm(p, URL_T_P_DOMAIN);
246 }
247
248 private static void checkPerm(PolicyFile p, ProtectionDomain pd)
249 throws Exception {
250 boolean foundIt = false;
251 Enumeration perms = p.getPermissions(pd).elements();
252 while (perms.hasMoreElements()) {
253 Permission perm = (Permission)perms.nextElement();
254 if (!(perm instanceof AllPermission)) {
255 throw new SecurityException("expected AllPermission");
256 } else {
257 foundIt = true;
258 }
259 }
260 if (!foundIt) {
261 throw new SecurityException("expected AllPermission");
262 }
263 }
264}