|
|
9d5b7b |
/* TestSecurityProperties -- Ensure system security properties can be used to
|
|
|
9d5b7b |
enable the crypto policies.
|
|
|
9d5b7b |
Copyright (C) 2022 Red Hat, Inc.
|
|
|
9d5b7b |
|
|
|
9d5b7b |
This program is free software: you can redistribute it and/or modify
|
|
|
9d5b7b |
it under the terms of the GNU Affero General Public License as
|
|
|
9d5b7b |
published by the Free Software Foundation, either version 3 of the
|
|
|
9d5b7b |
License, or (at your option) any later version.
|
|
|
9d5b7b |
|
|
|
9d5b7b |
This program is distributed in the hope that it will be useful,
|
|
|
9d5b7b |
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
9d5b7b |
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
9d5b7b |
GNU Affero General Public License for more details.
|
|
|
9d5b7b |
|
|
|
9d5b7b |
You should have received a copy of the GNU Affero General Public License
|
|
|
9d5b7b |
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
9d5b7b |
*/
|
|
|
97e098 |
import java.io.File;
|
|
|
97e098 |
import java.io.FileInputStream;
|
|
|
97e098 |
import java.security.Security;
|
|
|
97e098 |
import java.util.Properties;
|
|
|
97e098 |
|
|
|
97e098 |
public class TestSecurityProperties {
|
|
|
97e098 |
// JDK 11
|
|
|
97e098 |
private static final String JDK_PROPS_FILE_JDK_11 = System.getProperty("java.home") + "/conf/security/java.security";
|
|
|
97e098 |
// JDK 8
|
|
|
97e098 |
private static final String JDK_PROPS_FILE_JDK_8 = System.getProperty("java.home") + "/lib/security/java.security";
|
|
|
97e098 |
|
|
|
b9c0b6 |
private static final String POLICY_FILE = "/etc/crypto-policies/back-ends/java.config";
|
|
|
b9c0b6 |
|
|
|
b9c0b6 |
private static final String MSG_PREFIX = "DEBUG: ";
|
|
|
b9c0b6 |
|
|
|
97e098 |
public static void main(String[] args) {
|
|
|
b9c0b6 |
if (args.length == 0) {
|
|
|
b9c0b6 |
System.err.println("TestSecurityProperties <true|false>");
|
|
|
b9c0b6 |
System.err.println("Invoke with 'true' if system security properties should be enabled.");
|
|
|
b9c0b6 |
System.err.println("Invoke with 'false' if system security properties should be disabled.");
|
|
|
b9c0b6 |
System.exit(1);
|
|
|
b9c0b6 |
}
|
|
|
b9c0b6 |
boolean enabled = Boolean.valueOf(args[0]);
|
|
|
b9c0b6 |
System.out.println(MSG_PREFIX + "System security properties enabled: " + enabled);
|
|
|
97e098 |
Properties jdkProps = new Properties();
|
|
|
97e098 |
loadProperties(jdkProps);
|
|
|
b9c0b6 |
if (enabled) {
|
|
|
b9c0b6 |
loadPolicy(jdkProps);
|
|
|
b9c0b6 |
}
|
|
|
97e098 |
for (Object key: jdkProps.keySet()) {
|
|
|
97e098 |
String sKey = (String)key;
|
|
|
97e098 |
String securityVal = Security.getProperty(sKey);
|
|
|
97e098 |
String jdkSecVal = jdkProps.getProperty(sKey);
|
|
|
97e098 |
if (!securityVal.equals(jdkSecVal)) {
|
|
|
b9c0b6 |
String msg = "Expected value '" + jdkSecVal + "' for key '" +
|
|
|
97e098 |
sKey + "'" + " but got value '" + securityVal + "'";
|
|
|
97e098 |
throw new RuntimeException("Test failed! " + msg);
|
|
|
97e098 |
} else {
|
|
|
b9c0b6 |
System.out.println(MSG_PREFIX + sKey + " = " + jdkSecVal + " as expected.");
|
|
|
97e098 |
}
|
|
|
97e098 |
}
|
|
|
97e098 |
System.out.println("TestSecurityProperties PASSED!");
|
|
|
97e098 |
}
|
|
|
b9c0b6 |
|
|
|
97e098 |
private static void loadProperties(Properties props) {
|
|
|
97e098 |
String javaVersion = System.getProperty("java.version");
|
|
|
b9c0b6 |
System.out.println(MSG_PREFIX + "Java version is " + javaVersion);
|
|
|
97e098 |
String propsFile = JDK_PROPS_FILE_JDK_11;
|
|
|
97e098 |
if (javaVersion.startsWith("1.8.0")) {
|
|
|
97e098 |
propsFile = JDK_PROPS_FILE_JDK_8;
|
|
|
97e098 |
}
|
|
|
b9c0b6 |
try (FileInputStream fin = new FileInputStream(propsFile)) {
|
|
|
b9c0b6 |
props.load(fin);
|
|
|
b9c0b6 |
} catch (Exception e) {
|
|
|
b9c0b6 |
throw new RuntimeException("Test failed!", e);
|
|
|
b9c0b6 |
}
|
|
|
b9c0b6 |
}
|
|
|
b9c0b6 |
|
|
|
b9c0b6 |
private static void loadPolicy(Properties props) {
|
|
|
b9c0b6 |
try (FileInputStream fin = new FileInputStream(POLICY_FILE)) {
|
|
|
97e098 |
props.load(fin);
|
|
|
97e098 |
} catch (Exception e) {
|
|
|
97e098 |
throw new RuntimeException("Test failed!", e);
|
|
|
97e098 |
}
|
|
|
97e098 |
}
|
|
|
b9c0b6 |
|
|
|
97e098 |
}
|