jdk Cdiff test/java/security/cert/pkix/policyChanges/TestPolicy.java

test/java/security/cert/pkix/policyChanges/TestPolicy.java

rev 1394 : 7109274: Restrict the use of certificates with RSA keys less than 1024 bits
Summary: This restriction is applied via the Java Security property, "jdk.certpath.disabledAlgorithms". This will impact providers that adhere to this security property.
Reviewed-by: mullan


*** 19,38 ****
   * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
   * or visit www.oracle.com if you need additional information or have any
   * questions.
   */
  
  /**
   * @test
   * @bug 4684793
!  * @summary verify that the RFC3280 policy processing changes are implemented correctly
   * @author Andreas Sterbenz
   */
  
  import java.io.*;
  import java.util.*;
  
  import java.security.cert.*;
  
  public class TestPolicy {
  
      private final static String BASE = System.getProperty("test.src");
--- 19,44 ----
   * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
   * or visit www.oracle.com if you need additional information or have any
   * questions.
   */
  
+ // This test case relies on updated static security property, no way to re-use
+ // security property in samevm/agentvm mode.
+ 
  /**
   * @test
   * @bug 4684793
!  * @summary verify that the RFC3280 policy processing changes are
!  *          implemented correctly
!  * @run main/othervm TestPolicy
   * @author Andreas Sterbenz
   */
  
  import java.io.*;
  import java.util.*;
  
+ import java.security.Security;
  import java.security.cert.*;
  
  public class TestPolicy {
  
      private final static String BASE = System.getProperty("test.src");
*** 70,79 ****
--- 76,89 ----
          new TestCase("2.5.29.32.0[2.5.29.32.0[1.2.1, 1.2.2]]", "1.2.1", "1.2.2", null),
          new TestCase("2.5.29.32.0[1.2.0[1.2.0], 2.5.29.32.0[1.2.1, 1.2.2]]", "1.2.0", "1.2.1", "1.2.2"),
      };
  
      public static void main(String[] args) throws Exception {
+         // reset the security property to make sure that the algorithms
+         // and keys used in this test are not disabled.
+         Security.setProperty("jdk.certpath.disabledAlgorithms", "MD2");
+ 
          factory = CertificateFactory.getInstance("X.509");
  
          X509Certificate anchor = loadCertificate("anchor.cer");
          X509Certificate ca = loadCertificate("ca.cer");
          X509Certificate ee = loadCertificate("ee.cer");

< prev index next >