1
/*
2
 * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
 *
5
 * This code is free software; you can redistribute it and/or modify it
6
 * under the terms of the GNU General Public License version 2 only, as
7
 * published by the Free Software Foundation.
8
 *
9
 * This code is distributed in the hope that it will be useful, but WITHOUT
10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12
 * version 2 for more details (a copy is included in the LICENSE file that
13
 * accompanied this code).
14
 *
15
 * You should have received a copy of the GNU General Public License version
16
 * 2 along with this work; if not, write to the Free Software Foundation,
17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18
 *
19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20
 * or visit www.oracle.com if you need additional information or have any
21
 * questions.
22
 */
23

24
import static java.lang.System.out;
25
import java.io.ByteArrayInputStream;
26
import java.io.File;
27
import java.io.FileInputStream;
28
import java.nio.file.Files;
29
import java.nio.file.Paths;
30
import java.security.Key;
31
import java.security.KeyStore;
32
import java.security.cert.Certificate;
33
import java.security.cert.X509Certificate;
34
import java.util.Base64;
35
import java.util.Enumeration;
36

37
/*
38
 * @test
39
 * @bug 8048617
40
 * @author  Bill Situ
41
 * @summary Read different types p12 key store to Check the read related APIs.
42
 *  including following test cases:
43
 * ReadP12_IE_Chain: Read p12 key store (contains private key and associated
44
 *  certificate chain) from IE.
45
 * ReadP12_IE_Self: Read p12 key store (contains only private key and
46
 *  self-signed certificate) from IE.
47
 * ReadP12_JDK_Chain: Read p12 key store (contains private key and associated
48
 *  certificate chain) from JDK
49
 * ReadP12_JDK_Self: Read p12 key store (contains only private key and
50
 *  self-signed certificate) from JDK.
51
 * ReadP12_Mozilla_Self: Read p12 key store (contains only private key and
52
 *  self-signed certificate) from Mozilla.
53
 * ReadP12_Mozilla_Chain: Read p12 key store (contains private key and
54
 *  associated certificate chain) from Mozilla.
55
 * ReadP12_Mozilla_TwoEntries: Read p12 key store (contains 2 entries) from
56
 *  Mozilla.
57
 * ReadP12_Netscape_Chain: Read p12 key store (contains private key and
58
 *  associated certificate chain) from Netscape.
59
 * ReadP12_Netscape_Self: Read p12 key store (contains only private key and
60
 *  self-signed certificate) from Netscape.
61
 * ReadP12_Netscape_TwoEntries: Read p12 key store (contains 2 entries) from
62
 *  Netscape.
63
 * ReadP12_OpenSSL: Read p12 key store from OpenSSL.
64
 */
65

66
public class ReadP12Test {
67

68
    private final static String IN_KEYSTORE_TYPE = "pkcs12";
69
    private final static String IN_STORE_PASS = "pass";
70

71
    public static void main(String args[]) throws Exception {
72

73
        ReadP12Test jstest = new ReadP12Test();
74
        String testCase = "";
75
        try {
76
            testCase = "ReadP12_IE_Chain";
77
            jstest.readTest("ie_chain.pfx.data");
78

79
            testCase = "ReadP12_IE_Self";
80
            jstest.readTest("ie_self.pfx.data");
81

82
            testCase = "ReadP12_JDK_Chain";
83
            jstest.readTest("jdk_chain.p12.data");
84

85
            testCase = "ReadP12_JDK_Self";
86
            jstest.readTest("jdk_self.p12.data");
87

88
            testCase = "ReadP12_Mozilla_Chain";
89
            jstest.readTest("mozilla_chain.p12.data");
90

91
            testCase = "ReadP12_Mozilla_Self";
92
            jstest.readTest("mozilla_self.p12.data");
93

94
            testCase = "ReadP12_Mozilla_TwoEntries";
95
            jstest.readTest("mozilla_twoentries.p12.data");
96

97
            testCase = "ReadP12_Netscape_Chain";
98
            jstest.readTest("netscape_chain.p12.data");
99

100
            testCase = "ReadP12_Netscape_Self";
101
            jstest.readTest("netscape_self.p12.data");
102

103
            testCase = "ReadP12_Netscape_TwoEntries";
104
            jstest.readTest("netscape_twoentries.p12.data");
105

106
            testCase = "ReadP12_openssl";
107
            jstest.readTest("openssl.p12.data");
108

109
        } catch (Exception e) {
110
            System.err.println(testCase + ": failed with execption: "
111
                    + e.getMessage());
112
            throw e;
113

114
        }
115
        out.println(testCase + ": Pass!!");
116
    }
117

118
    private void readTest(String inKeyStore) throws Exception {
119

120
        KeyStore inputKeyStore;
121

122
        // Initialize KeyStore
123
        String dir = System.getProperty("test.src", ".");
124
        String keystorePath = dir + File.separator + "certs" + File.separator
125
                + "readP12";
126
        inputKeyStore = KeyStore.getInstance(IN_KEYSTORE_TYPE);
127
        // KeyStore have encoded by Base64.getMimeEncoder().encode(),need decode
128
        // first.
129
        byte[] input = Files.readAllBytes(Paths.get(keystorePath, inKeyStore));
130
        ByteArrayInputStream arrayIn = new ByteArrayInputStream(Base64
131
                .getMimeDecoder().decode(input));
132
        inputKeyStore.load(arrayIn, IN_STORE_PASS.toCharArray());
133
        out.println("Initialize KeyStore : " + inKeyStore + " success");
134

135
        out.println("getProvider : " + inputKeyStore.getProvider());
136
        out.println("getType : " + inputKeyStore.getType());
137
        out.println("getDefaultType : " + KeyStore.getDefaultType());
138

139
        int idx = 0;
140
        Enumeration<String> e = inputKeyStore.aliases();
141
        String alias;
142
        while (e.hasMoreElements()) {
143
            alias = e.nextElement();
144
            out.println("Alias " + idx + " : " + alias);
145
            if (inputKeyStore.containsAlias(alias) == false) {
146
                throw new RuntimeException("Alias not found");
147
            }
148

149
            out.println("getCreationDate : "
150
                    + inputKeyStore.getCreationDate(alias));
151

152
            X509Certificate cert = (X509Certificate) inputKeyStore
153
                    .getCertificate(alias);
154
            out.println("getCertificate : " + cert.getSubjectDN());
155
            String retAlias = inputKeyStore.getCertificateAlias(cert);
156
            if (!retAlias.equals(alias)) {
157
                throw new RuntimeException("Alias mismatch");
158
            }
159
            out.println("getCertificateAlias : " + retAlias);
160

161
            Certificate[] certs = inputKeyStore.getCertificateChain(alias);
162
            for (int i = 0; i < certs.length; i++) {
163
                out.println("getCertificateChain " + i + " : "
164
                        + ((X509Certificate) certs[i]).getSubjectDN());
165
            }
166

167
            boolean isCertEntry = inputKeyStore.isCertificateEntry(alias);
168
            // test KeyStore only contain key pair entries.
169
            if (isCertEntry == true) {
170
                throw new RuntimeException(
171
                        "inputKeystore should not be certEntry because test keystore only contain key pair entries.");
172
            }
173

174
            boolean isKeyEntry = inputKeyStore.isKeyEntry(alias);
175
            if (isKeyEntry) {
176
                Key key = inputKeyStore.getKey(alias,
177
                        IN_STORE_PASS.toCharArray());
178
                out.println("Key : " + key.toString());
179
            } else {
180
                throw new RuntimeException("Entry type unknown\n");
181
            }
182
            idx++;
183
        }
184

185
        int size = inputKeyStore.size();
186
        if (idx != size) {
187
            throw new RuntimeException("Size not match");
188
        }
189

190
    }
191
}
192

193