diff --git a/test/jdk/sun/security/x509/URICertStore/CRLReadTimeout.java b/test/jdk/sun/security/x509/URICertStore/CRLReadTimeout.java index 5018c844556..14ad76f442e 100644 --- a/test/jdk/sun/security/x509/URICertStore/CRLReadTimeout.java +++ b/test/jdk/sun/security/x509/URICertStore/CRLReadTimeout.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2019, 2023, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2019, 2025, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -22,45 +22,101 @@ */ /* - * @test + * @test id=0 * @bug 8191808 8179502 * @summary check that CRL download is interrupted if it takes too long * @modules java.base/sun.security.x509 * java.base/sun.security.util * @library /test/lib - * @run main/othervm -Dcom.sun.security.crl.readtimeout=1 + * @run main/othervm -Djava.security.debug=certpath -Dcom.sun.security.crl.readtimeout=1 * CRLReadTimeout 5000 false - * @run main/othervm -Dcom.sun.security.crl.readtimeout=1s + */ + +/* + * @test id=1 + * @bug 8191808 8179502 + * @summary check that CRL download is interrupted if it takes too long + * @modules java.base/sun.security.x509 + * java.base/sun.security.util + * @library /test/lib + * @run main/othervm -Djava.security.debug=certpath -Dcom.sun.security.crl.readtimeout=1s * CRLReadTimeout 5000 false - * @run main/othervm -Dcom.sun.security.crl.readtimeout=4 + */ + +/* + * @test id=2 + * @bug 8191808 8179502 + * @summary check that CRL download is interrupted if it takes too long + * @modules java.base/sun.security.x509 + * java.base/sun.security.util + * @library /test/lib + * @run main/othervm -Djava.security.debug=certpath -Dcom.sun.security.crl.readtimeout=200 * CRLReadTimeout 1000 true - * @run main/othervm -Dcom.sun.security.crl.readtimeout=1500ms + */ + +/* + * @test id=3 + * @bug 8191808 8179502 + * @summary check that CRL download is interrupted if it takes too long + * @modules java.base/sun.security.x509 + * java.base/sun.security.util + * @library /test/lib + * @run main/othervm -Djava.security.debug=certpath -Dcom.sun.security.crl.readtimeout=1500ms * CRLReadTimeout 5000 false - * @run main/othervm -Dcom.sun.security.crl.readtimeout=4500ms - * CRLReadTimeout 1000 true */ -import java.io.*; +/* + * @test id=4 + * @bug 8191808 8179502 + * @summary check that CRL download is interrupted if it takes too long + * @modules java.base/sun.security.x509 + * java.base/sun.security.util + * @library /test/lib + * @run main/othervm -Djava.security.debug=certpath -Dcom.sun.security.crl.readtimeout=4500ms + * CRLReadTimeout 100 true + */ + +import java.io.File; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; import java.math.BigInteger; +import java.net.InetAddress; import java.net.InetSocketAddress; import java.net.SocketTimeoutException; import java.security.GeneralSecurityException; import java.security.KeyStore; import java.security.PrivateKey; -import java.security.cert.*; +import java.security.cert.CRLException; +import java.security.cert.CertPath; +import java.security.cert.CertPathValidator; +import java.security.cert.CertPathValidatorException; +import java.security.cert.CertificateFactory; +import java.security.cert.PKIXParameters; +import java.security.cert.PKIXRevocationChecker; +import java.security.cert.TrustAnchor; +import java.security.cert.X509CRL; +import java.security.cert.X509Certificate; import java.util.Date; import java.util.EnumSet; import java.util.List; import java.util.Set; import java.util.concurrent.TimeUnit; -import static java.security.cert.PKIXRevocationChecker.Option.*; +import static java.security.cert.PKIXRevocationChecker.Option.NO_FALLBACK; +import static java.security.cert.PKIXRevocationChecker.Option.PREFER_CRLS; +import static java.security.cert.PKIXRevocationChecker.Option.SOFT_FAIL; import com.sun.net.httpserver.HttpServer; import jdk.test.lib.SecurityTools; import jdk.test.lib.process.OutputAnalyzer; import sun.security.util.SignatureUtil; -import sun.security.x509.*; +import sun.security.x509.AuthorityKeyIdentifierExtension; +import sun.security.x509.CRLExtensions; +import sun.security.x509.CRLNumberExtension; +import sun.security.x509.KeyIdentifier; +import sun.security.x509.X500Name; +import sun.security.x509.X509CRLImpl; public class CRLReadTimeout { @@ -117,9 +173,10 @@ private static void testTimeout(int port, boolean expectedPass) // unwrap soft fail exceptions and check for SocketTimeoutException List softExc = prc.getSoftFailExceptions(); if (expectedPass) { - if (softExc.size() > 0) { + if (!softExc.isEmpty()) { throw new RuntimeException("Expected to pass, found " + - softExc.size() + " soft fail exceptions"); + softExc.size() + + " soft fail exceptions"); } } else { boolean foundSockTOExc = false; @@ -182,7 +239,7 @@ public CrlHttpServer(int timeout) throws IOException { } public void start() throws IOException { - server.bind(new InetSocketAddress(0), 0); + server.bind(new InetSocketAddress(InetAddress.getLoopbackAddress(), 0), 0); server.createContext("/crl", t -> { try (InputStream is = t.getRequestBody()) { is.readAllBytes();