Java Code Examples for java.security.Security#setProperty()

The following examples show how to use java.security.Security#setProperty() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: MD2InTrustAnchor.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    // MD5 is used in this test case, don't disable MD5 algorithm.
    Security.setProperty("jdk.certpath.disabledAlgorithms",
            "MD2, RSA keySize < 1024");
    Security.setProperty("jdk.tls.disabledAlgorithms",
            "SSLv3, RC4, DH keySize < 768");

    if (debug)
        System.setProperty("javax.net.debug", "all");

    /*
     * Get the customized arguments.
     */
    parseArguments(args);

    /*
     * Start the tests.
     */
    new MD2InTrustAnchor();
}
 
Example 2
Source File: ShortRSAKeyGCM.java    From jdk8u60 with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    // reset the security property to make sure that the algorithms
    // and keys used in this test are not disabled.
    Security.setProperty("jdk.certpath.disabledAlgorithms", "MD2");

    if (debug) {
        System.setProperty("javax.net.debug", "all");
    }

    /*
     * Get the customized arguments.
     */
    parseArguments(args);

    /*
     * Start the tests.
     */
    new ShortRSAKeyGCM();
}
 
Example 3
Source File: RmiBootstrapTest.java    From jdk8u_jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Calls run(args[]).
 * exit(1) if the test fails.
 **/
public static void main(String args[]) throws Exception {
    Security.setProperty("jdk.tls.disabledAlgorithms", "");

    setupBasePort();
    RmiBootstrapTest manager = new RmiBootstrapTest();
    try {
        manager.run(args);
    } catch (RuntimeException r) {
        System.out.println("Test Failed: "+ r.getMessage());
        System.exit(1);
    } catch (Throwable t) {
        System.out.println("Test Failed: "+ t);
        t.printStackTrace();
        System.exit(2);
    }
    System.out.println("**** Test  RmiBootstrap Passed ****");
}
 
Example 4
Source File: StatusLoopDependency.java    From openjdk-8 with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    CertPathBuilder builder = CertPathBuilder.getInstance("PKIX");

    X509CertSelector selector = generateSelector(args[0]);

    Set<TrustAnchor> anchors = generateTrustAnchors();
    CertStore certs = generateCertificateStore();


    PKIXBuilderParameters params =
            new PKIXBuilderParameters(anchors, selector);
    params.addCertStore(certs);
    params.setRevocationEnabled(true);
    params.setDate(new Date(109, 7, 1));   // 2009-07-01
    Security.setProperty("ocsp.enable", "false");
    System.setProperty("com.sun.security.enableCRLDP", "true");

    PKIXCertPathBuilderResult result =
            (PKIXCertPathBuilderResult)builder.build(params);

    if (!match(args[0], result.getCertPath().getCertificates().get(0))) {
        throw new Exception("unexpected certificate");
    }
}
 
Example 5
Source File: StatusLoopDependency.java    From hottub with GNU General Public License v2.0 5 votes vote down vote up
public static void main(String[] args) throws Exception {
    // MD5 is used in this test case, don't disable MD5 algorithm.
    Security.setProperty(
            "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");

    CertPathBuilder builder = CertPathBuilder.getInstance("PKIX");

    X509CertSelector selector = generateSelector(args[0]);

    Set<TrustAnchor> anchors = generateTrustAnchors();
    CertStore certs = generateCertificateStore();


    PKIXBuilderParameters params =
            new PKIXBuilderParameters(anchors, selector);
    params.addCertStore(certs);
    params.setRevocationEnabled(true);
    params.setDate(new Date(109, 7, 1));   // 2009-07-01
    Security.setProperty("ocsp.enable", "false");
    System.setProperty("com.sun.security.enableCRLDP", "true");

    PKIXCertPathBuilderResult result =
            (PKIXCertPathBuilderResult)builder.build(params);

    if (!match(args[0], result.getCertPath().getCertificates().get(0))) {
        throw new Exception("unexpected certificate");
    }
}
 
Example 6
Source File: HttpsProtocols.java    From TencentKona-8 with GNU General Public License v2.0 5 votes vote down vote up
public static void main(String[] args) throws Exception {
    // reset the security property to make sure that the algorithms
    // and keys used in this test are not disabled.
    Security.setProperty("jdk.tls.disabledAlgorithms", "");

    String keyFilename =
        System.getProperty("test.src", "./") + "/" + pathToStores +
            "/" + keyStoreFile;
    String trustFilename =
        System.getProperty("test.src", "./") + "/" + pathToStores +
            "/" + trustStoreFile;

    System.setProperty("javax.net.ssl.keyStore", keyFilename);
    System.setProperty("javax.net.ssl.keyStorePassword", passwd);
    System.setProperty("javax.net.ssl.trustStore", trustFilename);
    System.setProperty("javax.net.ssl.trustStorePassword", passwd);

    String prop = System.getProperty("https.protocols");
    System.out.println("protocols = " + prop);

    if ((prop == null) || (!prop.equals("SSLv3"))) {
        throw new Exception("https.protocols not set properly");
    }

    if (debug)
        System.setProperty("javax.net.debug", "all");

    /*
     * Start the tests.
     */
    new HttpsProtocols();
}
 
Example 7
Source File: SunX509ExtendedTM.java    From hottub with GNU General Public License v2.0 5 votes vote down vote up
public static void main(String args[]) throws Exception {
    // MD5 is used in this test case, don't disable MD5 algorithm.
    Security.setProperty("jdk.certpath.disabledAlgorithms",
            "MD2, RSA keySize < 1024");
    Security.setProperty("jdk.tls.disabledAlgorithms",
            "SSLv3, RC4, DH keySize < 768");

    if (debug)
        System.setProperty("javax.net.debug", "all");

    /*
     * Start the tests.
     */
    new SunX509ExtendedTM();
}
 
Example 8
Source File: CriticalSubjectAltName.java    From dragonwell8_jdk with GNU General Public License v2.0 5 votes vote down vote up
public static void main(String[] args) throws Exception {
    // MD5 is used in this test case, don't disable MD5 algorithm.
    Security.setProperty("jdk.certpath.disabledAlgorithms",
            "MD2, RSA keySize < 1024");
    Security.setProperty("jdk.tls.disabledAlgorithms",
            "SSLv3, RC4, DH keySize < 768");

    String keyFilename =
        System.getProperty("test.src", "./") + "/" + pathToStores +
            "/" + keyStoreFile;
    String trustFilename =
        System.getProperty("test.src", "./") + "/" + pathToStores +
            "/" + trustStoreFile;

    System.setProperty("javax.net.ssl.keyStore", keyFilename);
    System.setProperty("javax.net.ssl.keyStorePassword", passwd);
    System.setProperty("javax.net.ssl.trustStore", trustFilename);
    System.setProperty("javax.net.ssl.trustStorePassword", passwd);

    if (debug)
        System.setProperty("javax.net.debug", "all");

    /*
     * Start the tests.
     */
    new CriticalSubjectAltName();
}
 
Example 9
Source File: CircularCRLOneLevel.java    From TencentKona-8 with GNU General Public License v2.0 5 votes vote down vote up
public static void main(String args[]) throws Exception {
    // MD5 is used in this test case, don't disable MD5 algorithm.
    Security.setProperty(
            "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");

    CertPath path = generateCertificatePath();
    Set<TrustAnchor> anchors = generateTrustAnchors();
    CertStore crls = generateCertificateStore();

    PKIXParameters params = new PKIXParameters(anchors);

    // add the CRL store
    params.addCertStore(crls);

    // Activate certificate revocation checking
    params.setRevocationEnabled(true);

    // set the validation time
    params.setDate(new Date(109, 5, 1));   // 2009-05-01

    // disable OCSP checker
    Security.setProperty("ocsp.enable", "false");

    // enable CRL checker
    System.setProperty("com.sun.security.enableCRLDP", "true");

    CertPathValidator validator = CertPathValidator.getInstance("PKIX");

    try {
        validator.validate(path, params);
    } catch (CertPathValidatorException cpve) {
        if (cpve.getReason() != BasicReason.REVOKED) {
            throw new Exception(
                "unexpect exception, should be a REVOKED CPVE", cpve);
        }
    }
}
 
Example 10
Source File: UseCipherSuitesOrder.java    From openjdk-jdk8u with GNU General Public License v2.0 5 votes vote down vote up
public static void main(String[] args) throws Exception {
    // reset the security property to make sure that the algorithms
    // and keys used in this test are not disabled.
    Security.setProperty("jdk.tls.disabledAlgorithms", "");

    // parse the arguments
    parseArguments(args);

    String keyFilename =
        System.getProperty("test.src", ".") + "/" + pathToStores +
            "/" + keyStoreFile;
    String trustFilename =
        System.getProperty("test.src", ".") + "/" + pathToStores +
            "/" + trustStoreFile;

    System.setProperty("javax.net.ssl.keyStore", keyFilename);
    System.setProperty("javax.net.ssl.keyStorePassword", passwd);
    System.setProperty("javax.net.ssl.trustStore", trustFilename);
    System.setProperty("javax.net.ssl.trustStorePassword", passwd);

    if (debug)
        System.setProperty("javax.net.debug", "all");

    /*
     * Start the tests.
     */
    new UseCipherSuitesOrder();
}
 
Example 11
Source File: BadKdc2.java    From openjdk-8-source with GNU General Public License v2.0 5 votes vote down vote up
public static void main(String[] args)
        throws Exception {
    Security.setProperty("krb5.kdc.bad.policy", "tryLess:2,1000");
    BadKdc.go(
            "121212222222(32){1,2}11112121(32){1,2}", // 1 2
            "11112121(32){1,2}11112121(32){1,2}", // 1 2
            // refresh
            "121212222222(32){1,2}11112121(32){1,2}", // 1 2
            // k3 off k2 on
            "1111(21){1,2}1111(22){1,2}", // 1
            // k1 on
            "(11){1,2}(12){1,2}"  // empty
    );
}
 
Example 12
Source File: ClientJSSEServerJSSE.java    From openjdk-jdk8u with GNU General Public License v2.0 5 votes vote down vote up
public static void main(String[] args) throws Exception {
    // reset security properties to make sure that the algorithms
    // and keys used in this test are not disabled.
    Security.setProperty("jdk.tls.disabledAlgorithms", "");
    Security.setProperty("jdk.certpath.disabledAlgorithms", "");

    CipherTest.main(new JSSEFactory(), args);
}
 
Example 13
Source File: UnboundSSLPrincipalProperty.java    From dragonwell8_jdk with GNU General Public License v2.0 5 votes vote down vote up
public static void main(String[] args) throws IOException,
        NoSuchAlgorithmException,LoginException, PrivilegedActionException,
        InterruptedException {
    Security.setProperty("jdk.tls.disabledAlgorithms", "");
    UnboundSSLPrincipalProperty test = new UnboundSSLPrincipalProperty();
    test.start(args[0], args[1]);
}
 
Example 14
Source File: EmptyCertificateAuthorities.java    From openjdk-jdk9 with GNU General Public License v2.0 5 votes vote down vote up
public static void main(String[] args) throws Exception {
    // MD5 is used in this test case, don't disable MD5 algorithm.
    Security.setProperty("jdk.certpath.disabledAlgorithms",
            "MD2, RSA keySize < 1024");
    Security.setProperty("jdk.tls.disabledAlgorithms",
            "SSLv3, RC4, DH keySize < 768");

    String keyFilename =
        System.getProperty("test.src", ".") + "/" + pathToStores +
            "/" + keyStoreFile;
    String trustFilename =
        System.getProperty("test.src", ".") + "/" + pathToStores +
            "/" + trustStoreFile;

    System.setProperty("javax.net.ssl.keyStore", keyFilename);
    System.setProperty("javax.net.ssl.keyStorePassword", passwd);
    System.setProperty("javax.net.ssl.trustStore", trustFilename);
    System.setProperty("javax.net.ssl.trustStorePassword", passwd);

    if (debug)
        System.setProperty("javax.net.debug", "all");

    /*
     * Start the tests.
     */
    new EmptyCertificateAuthorities();
}
 
Example 15
Source File: SSLSocketWithStapling.java    From openjdk-jdk9 with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Do a basic connection using PKIXParameters with revocation checking
 * enabled and client-side OCSP disabled.  It will only pass if all
 * stapled responses are present, valid and have a GOOD status.
 */
static void testPKIXParametersRevEnabled() throws Exception {
    ClientParameters cliParams = new ClientParameters();
    ServerParameters servParams = new ServerParameters();
    serverReady = false;

    System.out.println("=====================================");
    System.out.println("Stapling enabled, PKIXParameters with");
    System.out.println("Revocation checking enabled ");
    System.out.println("=====================================");

    cliParams.pkixParams = new PKIXBuilderParameters(trustStore,
            new X509CertSelector());
    cliParams.pkixParams.setRevocationEnabled(true);
    Security.setProperty("ocsp.enable", "false");

    SSLSocketWithStapling sslTest = new SSLSocketWithStapling(cliParams,
            servParams);
    TestResult tr = sslTest.getResult();
    if (tr.clientExc != null) {
        throw tr.clientExc;
    } else if (tr.serverExc != null) {
        throw tr.serverExc;
    }

    System.out.println("                PASS");
    System.out.println("=====================================\n");
}
 
Example 16
Source File: CircularCRLTwoLevel.java    From jdk8u-jdk with GNU General Public License v2.0 5 votes vote down vote up
public static void main(String args[]) throws Exception {
    // MD5 is used in this test case, don't disable MD5 algorithm.
    Security.setProperty(
            "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");

    CertPath path = generateCertificatePath();
    Set<TrustAnchor> anchors = generateTrustAnchors();
    CertStore crls = generateCertificateStore();

    PKIXParameters params = new PKIXParameters(anchors);

    // add the CRL store
    params.addCertStore(crls);

    // Activate certificate revocation checking
    params.setRevocationEnabled(true);

    // set the validation time
    params.setDate(new Date(109, 5, 1));   // 2009-05-01

    // disable OCSP checker
    Security.setProperty("ocsp.enable", "false");

    // enable CRL checker
    System.setProperty("com.sun.security.enableCRLDP", "true");

    CertPathValidator validator = CertPathValidator.getInstance("PKIX");

    try {
        validator.validate(path, params);
    } catch (CertPathValidatorException cpve) {
        if (cpve.getReason() != BasicReason.REVOKED) {
            throw new Exception(
                "unexpect exception, should be a REVOKED CPVE", cpve);
        }
    }
}
 
Example 17
Source File: CrateHttpsTransportIntegrationTest.java    From crate with Apache License 2.0 4 votes vote down vote up
@AfterClass
public static void afterIntegrationTest() {
    System.clearProperty("javax.net.ssl.trustStore");
    System.clearProperty("javax.net.ssl.trustStorePassword");
    Security.setProperty("keystore.type", defaultKeyStoreType);
}
 
Example 18
Source File: MaxRetries.java    From hottub with GNU General Public License v2.0 4 votes vote down vote up
public static void main(String[] args)
        throws Exception {

    System.setProperty("sun.security.krb5.debug", "true");
    new OneKDC(null).writeJAASConf();

    // An idle UDP socket to revent PortUnreachableException
    DatagramSocket ds = new DatagramSocket(33333);

    System.setProperty("java.security.krb5.conf", "alternative-krb5.conf");

    // For tryLast
    Security.setProperty("krb5.kdc.bad.policy", "trylast");
    rewriteMaxRetries(4);
    test1(4000, 6);         // 1 1 1 1 2 2
    test1(4000, 2);         // 2 2

    rewriteMaxRetries(1);
    test1(1000, 3);         // 1 2 2
    test1(1000, 2);         // 2 2

    rewriteMaxRetries(-1);
    test1(5000, 4);         // 1 1 2 2
    test1(5000, 2);         // 2 2

    // For tryLess
    Security.setProperty("krb5.kdc.bad.policy", "tryless:1," + BadKdc.toReal(5000));
    rewriteMaxRetries(4);
    test1(4000, 7);         // 1 1 1 1 2 1 2
    test1(4000, 4);         // 1 2 1 2

    rewriteMaxRetries(1);
    test1(1000, 4);         // 1 2 1 2
    test1(1000, 4);         // 1 2 1 2

    rewriteMaxRetries(-1);
    test1(5000, 5);         // 1 1 2 1 2
    test1(5000, 4);         // 1 2 1 2

    rewriteUdpPrefLimit(-1, -1);    // default, no limit
    test2("UDP");

    rewriteUdpPrefLimit(10, -1);    // global rules
    test2("TCP");

    rewriteUdpPrefLimit(10, 10000); // realm rules
    test2("UDP");

    rewriteUdpPrefLimit(10000, 10); // realm rules
    test2("TCP");

    ds.close();
}
 
Example 19
Source File: SslContextProviderTest.java    From crate with Apache License 2.0 4 votes vote down vote up
@BeforeClass
public static void beforeTests() throws IOException {
    trustStoreFile = getAbsoluteFilePathFromClassPath("truststore.jks");
    keyStoreFile = getAbsoluteFilePathFromClassPath("keystore.jks");
    Security.setProperty("keystore.type", "jks");
}
 
Example 20
Source File: PKIXExtendedTM.java    From jdk8u-jdk with GNU General Public License v2.0 4 votes vote down vote up
public static void main(String args[]) throws Exception {
    if (args.length != 1) {
        throw new Exception("Incorrect number of arguments");
    }
    Test test = tests[Integer.parseInt(args[0])];
    Security.setProperty("jdk.tls.disabledAlgorithms", test.tlsDisAlgs);
    Security.setProperty("jdk.certpath.disabledAlgorithms",
                         test.certPathDisAlgs);

    if (debug) {
        System.setProperty("javax.net.debug", "all");
    }

    /*
     * Start the tests.
     */
    try {
        new PKIXExtendedTM();
        if (test.fail) {
            throw new Exception("Expected MD5 certificate to be blocked");
        }
    } catch (Exception e) {
        if (test.fail) {
            // find expected cause
            boolean correctReason = false;
            Throwable cause = e.getCause();
            while (cause != null) {
                if (cause instanceof CertPathValidatorException) {
                    CertPathValidatorException cpve =
                        (CertPathValidatorException)cause;
                    if (cpve.getReason() == CertPathValidatorException.BasicReason.ALGORITHM_CONSTRAINED) {
                        correctReason = true;
                        break;
                    }
                }
                cause = cause.getCause();
            }
            if (!correctReason) {
                throw new Exception("Unexpected exception", e);
            }
        } else {
            throw e;
        }
    }
}