static {
String algorithm = Security.getProperty("ssl.KeyManagerFactory.algorithm");
if (algorithm == null) {
algorithm = "SunX509";
}
SSLContext serverContext;
SSLContext clientContext;
try {
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(BogusKeyStore.asInputStream(), BogusKeyStore.getKeyStorePassword());
// Set up key manager factory to use our key store
KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm);
kmf.init(ks, BogusKeyStore.getCertificatePassword());
// Initialize the SSLContext to work with our key managers.
serverContext = SSLContext.getInstance(PROTOCOL);
serverContext.init(kmf.getKeyManagers(), null, null);
} catch (Exception e) {
throw new Error("Failed to initialize the server-side SSLContext", e);
}
try {
clientContext = SSLContext.getInstance(PROTOCOL);
clientContext.init(null, BogusTrustManagerFactory.getTrustManagers(), null);
} catch (Exception e) {
throw new Error("Failed to initialize the client-side SSLContext", e);
}
SERVER_CONTEXT = serverContext;
CLIENT_CONTEXT = clientContext;
}
static {
String algorithm = Security.getProperty("ssl.KeyManagerFactory.algorithm");
if (algorithm == null) {
algorithm = KeyManagerFactory.getDefaultAlgorithm();
}
KEY_MANAGER_FACTORY_ALGORITHM = algorithm;
}
/**
* Returns the default KeyStore type. This method looks up the type in
* <JAVA_HOME>/lib/security/java.security with the property "keystore.type" or if that fails
* then "gkr" .
*/
public static final String getDefaultType() {
// Security reads every property in java.security so it
// will return this property if it exists.
String tmp = Security.getProperty("keystore.type");
if (tmp == null) tmp = "gkr";
return tmp;
}
public static void main(String[] args) throws Exception {
List<String> pkgs = new ArrayList<>(Arrays.asList(packages));
String osName = System.getProperty("os.name");
if (osName.contains("OS X")) {
pkgs.add("apple."); // add apple package for OS X
} else if (osName.startsWith("Windows")) {
pkgs.add("com.sun.java.accessibility.");
}
List<String> jspkgs = getPackages(Security.getProperty("package.access"));
// Sort to ensure lists are comparable
Collections.sort(pkgs);
Collections.sort(jspkgs);
if (!pkgs.equals(jspkgs)) {
for (String p : pkgs)
if (!jspkgs.contains(p)) System.out.println("In golden set, but not in j.s file: " + p);
for (String p : jspkgs)
if (!pkgs.contains(p)) System.out.println("In j.s file, but not in golden set: " + p);
throw new RuntimeException(
"restricted packages are not " + "consistent with java.security file");
}
System.setSecurityManager(new SecurityManager());
SecurityManager sm = System.getSecurityManager();
for (String pkg : packages) {
String subpkg = pkg + "foo";
try {
sm.checkPackageAccess(pkg);
throw new RuntimeException("Able to access " + pkg + " package");
} catch (SecurityException se) {
}
try {
sm.checkPackageAccess(subpkg);
throw new RuntimeException("Able to access " + subpkg + " package");
} catch (SecurityException se) {
}
try {
sm.checkPackageDefinition(pkg);
throw new RuntimeException("Able to define class in " + pkg + " package");
} catch (SecurityException se) {
}
try {
sm.checkPackageDefinition(subpkg);
throw new RuntimeException("Able to define class in " + subpkg + " package");
} catch (SecurityException se) {
}
}
System.out.println("Test passed");
}
@NotNull
@Override
protected SSLContext compute() {
String algorithm = Security.getProperty("ssl.KeyManagerFactory.algorithm");
if (algorithm == null) {
algorithm = "SunX509";
}
try {
KeyStore ks = KeyStore.getInstance("JKS");
char[] password = "******".toCharArray();
//noinspection IOResourceOpenedButNotSafelyClosed
ks.load(getClass().getResourceAsStream("cert.jks"), password);
KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm);
kmf.init(ks, password);
SSLContext serverContext = SSLContext.getInstance("TLS");
serverContext.init(kmf.getKeyManagers(), null, null);
return serverContext;
} catch (Exception e) {
throw new RuntimeException(e);
}
}
public static void main(String[] args) {
System.out.println(java.security.Security.getProperty("policy.provider"));
System.out.println(java.security.Security.getProperty("policy.url.1"));
System.out.println(java.security.Security.getProperty("policy.url.2"));
}