Skip to content

Commit

Permalink
Update the closed test case for Restricted Security Mode
Browse files Browse the repository at this point in the history
  • Loading branch information
taoliult committed Sep 30, 2024
1 parent 4a31179 commit 4bcd637
Show file tree
Hide file tree
Showing 4 changed files with 2,135 additions and 0 deletions.
3 changes: 3 additions & 0 deletions closed/test/jdk/TEST.ROOT
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
# Path to libraries in the topmost test directory. This is needed so @library
# does not need ../../../ notation to reach them
external.lib.roots = ../../../
138 changes: 138 additions & 0 deletions closed/test/jdk/openj9/internal/security/TestProviders.java
Original file line number Diff line number Diff line change
@@ -0,0 +1,138 @@
/*
* ===========================================================================
* (c) Copyright IBM Corp. 2024, 2024 All Rights Reserved
* ===========================================================================
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* IBM designates this particular file as subject to the "Classpath" exception
* as provided by IBM in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, see <http://www.gnu.org/licenses/>.
*
* ===========================================================================
*/

/*
* @test
* @summary Test Provider Order
* @library /test/lib
* @run junit TestProviders
*/

import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.Arguments;
import org.junit.jupiter.params.provider.MethodSource;

import java.security.Provider;
import java.security.Security;

import java.util.stream.Stream;

import jdk.test.lib.process.OutputAnalyzer;
import jdk.test.lib.process.ProcessTools;

public class TestProviders {

private static Stream<Arguments> patternMatches_expectedExitValue0() {
return Stream.of(
// Test OpenJCEPlusFIPS strict profile provider list
Arguments.of("OpenJCEPlusFIPS.FIPS140-3",
System.getProperty("test.src") + "/provider-java.security",
"(?s)(?=.*OpenJCEPlusFIPS)(?=.*\\bSUN\\b)(?=.*SunJSSE)"),
// Test OpenJCEPlusFIPS default profile provider list
Arguments.of("OpenJCEPlusFIPS",
System.getProperty("test.src") + "/provider-java.security",
"(?s)(?=.*OpenJCEPlusFIPS)(?=.*\\bSUN\\b)(?=.*SunRsaSign)" +
"(?=.*SunEC)(?=.*SunJSSE)(?=.*SunJCE)(?=.*SunJGSS)(?=.*SunSASL)" +
"(?=.*XMLDSig)(?=.*SunPCSC)(?=.*JdkLDAP)(?=.*JdkSASL)"),
// Test OpenJCEPlusFIPS weakly enforced profile provider list
Arguments.of("OpenJCEPlusFIPS.FIPS140-3-Weakly-Enforced",
System.getProperty("test.src") + "/provider-java.security",
"(?s)(?=.*OpenJCEPlusFIPS)(?=.*\\bSUN\\b)(?=.*SunRsaSign)" +
"(?=.*SunEC)(?=.*SunJSSE)(?=.*SunJCE)(?=.*SunJGSS)(?=.*SunSASL)" +
"(?=.*XMLDSig)(?=.*SunPCSC)(?=.*JdkLDAP)(?=.*JdkSASL)"),
// Test update provider list with value
Arguments.of("Test-Profile.Updated_1",
System.getProperty("test.src") + "/provider-java.security",
"(?s)(?=.*OpenJCEPlusFIPS)(?=.*\\bSUN\\b)(?=.*SunSASL)"),
// Test update provider list with null
Arguments.of("Test-Profile.Updated_2",
System.getProperty("test.src") + "/provider-java.security",
"(?s)(?=.*OpenJCEPlusFIPS)(?=.*\\bSUN\\b)(?=.*SunJSSE)")
);
}

private static Stream<Arguments> patternMatches_expectedExitValue1() {
return Stream.of(
// Test update provider list with empty
Arguments.of("Test-Profile.Updated_3",
System.getProperty("test.src") + "/provider-java.security",
"Cannot add a provider in position \\d+ after removing the ones in previous positions"),
// Test base profile, provider order numbers are not consecutive
Arguments.of("Test-Profile.Base",
System.getProperty("test.src") + "/provider-java.security",
"The order numbers of providers in profile RestrictedSecurity.Test-Profile.Base " +
"\\(or a base profile\\) are not consecutive"),
// Test extended profile, provider order numbers are not consecutive
Arguments.of("Test-Profile.Extended_1",
System.getProperty("test.src") + "/provider-java.security",
"The order numbers of providers in profile RestrictedSecurity.Test-Profile.Extended_1 " +
"\\(or a base profile\\) are not consecutive."),
/// Test extended profile from another extended profile, provider order numbers are not consecutive
Arguments.of("Test-Profile.Extended_2",
System.getProperty("test.src") + "/provider-java.security",
"The order numbers of providers in profile RestrictedSecurity.Test-Profile.Extended_2 " +
"\\(or a base profile\\) are not consecutive.")
);
}

@ParameterizedTest
@MethodSource("patternMatches_expectedExitValue0")
public void shouldContain_expectedExitValue0(String customprofile, String securityPropertyFile, String expected) throws Exception {
OutputAnalyzer outputAnalyzer = ProcessTools.executeTestJava(
"-Dsemeru.fips=true",
"-Dsemeru.customprofile=" + customprofile,
"-Djava.security.properties=" + securityPropertyFile,
//"-Djava.security.debug=semerufips",
"TestProviders"
);
outputAnalyzer.reportDiagnosticSummary();
outputAnalyzer.shouldHaveExitValue(0).shouldMatch(expected);
}

@ParameterizedTest
@MethodSource("patternMatches_expectedExitValue1")
public void shouldContain_expectedExitValue1(String customprofile, String securityPropertyFile, String expected) throws Exception {
OutputAnalyzer outputAnalyzer = ProcessTools.executeTestJava(
"-Dsemeru.fips=true",
"-Dsemeru.customprofile=" + customprofile,
"-Djava.security.properties=" + securityPropertyFile,
//"-Djava.security.debug=semerufips",
"TestProviders"
);
outputAnalyzer.reportDiagnosticSummary();
outputAnalyzer.shouldHaveExitValue(1).shouldMatch(expected);
}

public static void main(String[] args) throws Exception {
try {
Provider p[] = Security.getProviders();
for (int i = 0; i < p.length; i++) {
System.out.println("Provider Name: " + p[i].getName());
System.out.println("Provider Version: " + p[i].getVersion());
}
} catch (Exception e) {
System.out.println(e);
}
}
}
Loading

0 comments on commit 4bcd637

Please sign in to comment.