8180571: Refactor sun/security/pkcs11 shell tests to plain java tests and fix failures

Reviewed-by: xuelei

Author: fguallini

test/jdk/ProblemList.txt

@@ -662,7 +662,7 @@ javax/net/ssl/DTLS/CipherSuite.java                             8202059 macosx-x
 
 sun/security/provider/KeyStore/DKSTest.sh                       8180266 windows-all
 
-sun/security/pkcs11/KeyStore/SecretKeysBasic.sh                 8209398 generic-all
+sun/security/pkcs11/KeyStore/SecretKeysBasic.java                 8209398 generic-all
 
 security/infra/java/security/cert/CertPathValidator/certification/ActalisCA.java  8224768 generic-all
 security/infra/java/security/cert/CertPathValidator/certification/BuypassCA.java  8243543 generic-all

test/jdk/sun/security/pkcs11/Config/ReadConfInUTF16Env.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2017, 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2017, 2021, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,17 +21,36 @@
  * questions.
  */
 
+/* @test
+ * @bug 8187023
+ * @summary Pkcs11 config file should be assumed in ISO-8859-1
+ * @library /test/lib
+ * @run testng/othervm ReadConfInUTF16Env
+ */
+
+import jdk.test.lib.process.ProcessTools;
+import org.testng.annotations.Test;
+
 import java.security.Provider;
 import java.security.Security;
 
 public class ReadConfInUTF16Env {
-    public static void main(String argv[]) {
-        Provider p = Security.getProvider("SunPKCS11");
-        if (p == null) {
-            System.out.println("Skipping test - no PKCS11 provider available");
-            return;
-        }
 
-        System.out.println(p.getName());
+    @Test
+    public void testReadConfInUTF16Env() throws Exception {
+        String[] testCommand = new String[] { "-Dfile.encoding=UTF-16",
+                TestSunPKCS11Provider.class.getName()};
+        ProcessTools.executeTestJvm(testCommand).shouldHaveExitValue(0);
+    }
+
+    static class TestSunPKCS11Provider {
+        public static void main(String[] args) throws Exception {
+            Provider p = Security.getProvider("SunPKCS11");
+            if (p == null) {
+                System.out.println("Skipping test - no PKCS11 provider available");
+                return;
+            }
+            System.out.println(p.getName());
+        }
     }
 }

test/jdk/sun/security/pkcs11/Config/ReadConfInUTF16Env.sh

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,19 +21,30 @@
  * questions.
  */
 
+/* @test
+ * @bug 4938185
+ * @summary KeyStore support for NSS cert/key databases
+ * To run manually:
+ *    set environment variable:
+ *     <token>     [activcard|ibutton|nss|sca1000]
+ *     <command>   [list|basic]
+ *
+ * Note:
+ *    . 'list' lists the token aliases
+ *    . 'basic' does not run with activcard,
+ * @library /test/lib ..
+ * @run testng/othervm Basic
+ */
+
 import java.io.*;
+import java.nio.file.Path;
 import java.util.*;
 
 import java.security.KeyStore;
 import java.security.KeyStoreException;
 import java.security.KeyFactory;
-import java.security.KeyPairGenerator;
-import java.security.KeyPair;
-import java.security.SecureRandom;
-import java.security.AuthProvider;
 import java.security.PrivateKey;
 import java.security.Provider;
-import java.security.ProviderException;
 import java.security.Signature;
 import java.security.Security;
 
@@ -44,17 +55,18 @@
 import javax.crypto.SecretKey;
 
 import javax.security.auth.Subject;
-import javax.security.auth.login.LoginException;
 
 import com.sun.security.auth.module.*;
 import com.sun.security.auth.callback.*;
+import org.testng.annotations.BeforeClass;
+import org.testng.annotations.Test;
 
 
 public class Basic extends PKCS11Test {
 
-    private static final char SEP = File.separatorChar;
-
-    private static String DIR = System.getProperty("DIR");
+    private static final Path TEST_DATA_PATH = Path.of(BASE)
+            .resolve("BasicData");
+    private static final String DIR = TEST_DATA_PATH.toString();
     private static char[] tokenPwd;
     private static final char[] ibuttonPwd =
                         new char[0];
@@ -88,6 +100,22 @@ public class Basic extends PKCS11Test {
     private static final String KS_TYPE = "PKCS11";
     private static Provider provider;
 
+    @BeforeClass
+    public void setUp() throws Exception {
+        copyNssCertKeyToClassesDir();
+        setCommonSystemProps();
+        System.setProperty("CUSTOM_P11_CONFIG",
+                TEST_DATA_PATH.resolve("p11-nss.txt").toString());
+        System.setProperty("TOKEN", "nss");
+        System.setProperty("TEST", "basic");
+    }
+
+    @Test
+    public void testBasic() throws Exception {
+        String[] args = {"sm", "Basic.policy"};
+        main(new Basic(), args);
+    }
+
     private static class FooEntry implements KeyStore.Entry { }
 
     private static class P11SecretKey implements SecretKey {
@@ -102,10 +130,6 @@ public P11SecretKey(String alg, int length) {
         public byte[] getEncoded() { return new byte[length/8]; }
     }
 
-    public static void main(String[] args) throws Exception {
-        main(new Basic(), args);
-    }
-
     public void main(Provider p) throws Exception {
 
         this.provider = p;
@@ -136,17 +160,17 @@ public void main(Provider p) throws Exception {
 
         // get cert chains for private keys
         CertificateFactory cf = CertificateFactory.getInstance("X.509", "SUN");
-        Certificate caCert = (X509Certificate)cf.generateCertificate
+        Certificate caCert = cf.generateCertificate
                         (new FileInputStream(new File(DIR, "ca.cert")));
-        Certificate ca2Cert = (X509Certificate)cf.generateCertificate
+        Certificate ca2Cert = cf.generateCertificate
                         (new FileInputStream(new File(DIR, "ca2.cert")));
-        Certificate pk1cert = (X509Certificate)cf.generateCertificate
+        Certificate pk1cert = cf.generateCertificate
                         (new FileInputStream(new File(DIR, "pk1.cert")));
-        Certificate pk1cert2 = (X509Certificate)cf.generateCertificate
+        Certificate pk1cert2 = cf.generateCertificate
                         (new FileInputStream(new File(DIR, "pk1.cert2")));
-        Certificate pk2cert = (X509Certificate)cf.generateCertificate
+        Certificate pk2cert = cf.generateCertificate
                         (new FileInputStream(new File(DIR, "pk2.cert")));
-        Certificate pk3cert = (X509Certificate)cf.generateCertificate
+        Certificate pk3cert = cf.generateCertificate
                         (new FileInputStream(new File(DIR, "pk3.cert")));
         chain1 = new Certificate[] { pk1cert, caCert };
         chain2 = new Certificate[] { pk2cert, caCert };
@@ -373,12 +397,12 @@ private static void module() throws Exception {
 
         KeyStoreLoginModule m = new KeyStoreLoginModule();
         Subject s = new Subject();
-        Map options = new HashMap();
+        Map<String, String> options = new HashMap<>();
         options.put("keyStoreURL", "NONE");
         options.put("keyStoreType", KS_TYPE);
         options.put("keyStoreProvider", KS_PROVIDER);
         options.put("debug", "true");
-        m.initialize(s, new TextCallbackHandler(), new HashMap(), options);
+        m.initialize(s, new TextCallbackHandler(), new HashMap<>(), options);
         m.login();
         m.commit();
         System.out.println("authenticated subject = " + s);