[vogar] r295 committed - Disable JCA security checks on the RI...
3 views
Skip to first unread message
vo...@googlecode.com
Dec 10, 2013, 12:28:25 PM12/10/13
to voga...@googlegroups.com
Revision: 295
Author: kr...@google.com
Date: Tue Dec 10 17:28:01 2013 UTC
Log: Disable JCA security checks on the RI
This allows the running of tests that insert their own Provider class. This
was failing silently before, but replacing this one field with a Map that
returns true bypasses the checks.
This should probably log an error when it can't find the class via
reflection
on platforms where it expects to find it.
http://code.google.com/p/vogar/source/detail?r=295
Modified:
/trunk/src/vogar/target/TestEnvironment.java
=======================================
--- /trunk/src/vogar/target/TestEnvironment.java Fri Jun 14 20:43:01 2013
UTC
+++ /trunk/src/vogar/target/TestEnvironment.java Tue Dec 10 17:28:01 2013
UTC
@@ -17,10 +17,13 @@
package vogar.target;
import java.io.File;
+import java.lang.reflect.Field;
+import java.lang.reflect.Modifier;
import java.net.Authenticator;
import java.net.CookieHandler;
import java.net.ResponseCache;
import java.util.Locale;
+import java.util.HashMap;
import java.util.TimeZone;
import java.util.logging.ConsoleHandler;
import java.util.logging.LogManager;
@@ -59,6 +62,8 @@
defaultHostnameVerifier =
HttpsURLConnection.getDefaultHostnameVerifier();
defaultSSLSocketFactory =
HttpsURLConnection.getDefaultSSLSocketFactory();
+
+ disableSecurity();
}
public void reset() {
@@ -139,4 +144,36 @@
throw new RuntimeException(e);
}
}
+
+ /** A class that always returns TRUE. */
+ @SuppressWarnings("serial")
+ public static class LyingMap extends HashMap<Object, Boolean> {
+ @Override
+ public Boolean get(Object key) {
+ return Boolean.TRUE;
+ }
+ }
+
+ /**
+ * Does what is necessary to disable security checks for testing
security-related classes.
+ */
+ @SuppressWarnings("unchecked")
+ private static void disableSecurity() {
+ try {
+ Class<?> securityBrokerClass =
Class.forName("javax.crypto.JceSecurity");
+
+ Field modifiersField =
Field.class.getDeclaredField("modifiers");
+ modifiersField.setAccessible(true);
+
+ Field verifyMapField =
securityBrokerClass.getDeclaredField("verificationResults");
+ modifiersField.setInt(verifyMapField,
verifyMapField.getModifiers() & ~Modifier.FINAL);
+ verifyMapField.setAccessible(true);
+ verifyMapField.set(null, new LyingMap());
+
+ Field restrictedField =
securityBrokerClass.getDeclaredField("isRestricted");
+ restrictedField.setAccessible(true);
+ restrictedField.set(null, Boolean.FALSE);
+ } catch (Exception ignored) {
+ }
+ }
}
Author: kr...@google.com
Date: Tue Dec 10 17:28:01 2013 UTC
Log: Disable JCA security checks on the RI
This allows the running of tests that insert their own Provider class. This
was failing silently before, but replacing this one field with a Map that
returns true bypasses the checks.
This should probably log an error when it can't find the class via
reflection
on platforms where it expects to find it.
http://code.google.com/p/vogar/source/detail?r=295
Modified:
/trunk/src/vogar/target/TestEnvironment.java
=======================================
--- /trunk/src/vogar/target/TestEnvironment.java Fri Jun 14 20:43:01 2013
UTC
+++ /trunk/src/vogar/target/TestEnvironment.java Tue Dec 10 17:28:01 2013
UTC
@@ -17,10 +17,13 @@
package vogar.target;
import java.io.File;
+import java.lang.reflect.Field;
+import java.lang.reflect.Modifier;
import java.net.Authenticator;
import java.net.CookieHandler;
import java.net.ResponseCache;
import java.util.Locale;
+import java.util.HashMap;
import java.util.TimeZone;
import java.util.logging.ConsoleHandler;
import java.util.logging.LogManager;
@@ -59,6 +62,8 @@
defaultHostnameVerifier =
HttpsURLConnection.getDefaultHostnameVerifier();
defaultSSLSocketFactory =
HttpsURLConnection.getDefaultSSLSocketFactory();
+
+ disableSecurity();
}
public void reset() {
@@ -139,4 +144,36 @@
throw new RuntimeException(e);
}
}
+
+ /** A class that always returns TRUE. */
+ @SuppressWarnings("serial")
+ public static class LyingMap extends HashMap<Object, Boolean> {
+ @Override
+ public Boolean get(Object key) {
+ return Boolean.TRUE;
+ }
+ }
+
+ /**
+ * Does what is necessary to disable security checks for testing
security-related classes.
+ */
+ @SuppressWarnings("unchecked")
+ private static void disableSecurity() {
+ try {
+ Class<?> securityBrokerClass =
Class.forName("javax.crypto.JceSecurity");
+
+ Field modifiersField =
Field.class.getDeclaredField("modifiers");
+ modifiersField.setAccessible(true);
+
+ Field verifyMapField =
securityBrokerClass.getDeclaredField("verificationResults");
+ modifiersField.setInt(verifyMapField,
verifyMapField.getModifiers() & ~Modifier.FINAL);
+ verifyMapField.setAccessible(true);
+ verifyMapField.set(null, new LyingMap());
+
+ Field restrictedField =
securityBrokerClass.getDeclaredField("isRestricted");
+ restrictedField.setAccessible(true);
+ restrictedField.set(null, Boolean.FALSE);
+ } catch (Exception ignored) {
+ }
+ }
}
Reply all
Reply to author
Forward
0 new messages