Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/mobile
 Path: blob/master/test/jdk/java/security/KeyStore/ProbeKeystores.java
41149 views
1
/*

2
 * Copyright (c) 2014, 2018, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.

8
 *

9
 * This code is distributed in the hope that it will be useful, but WITHOUT

10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

12
 * version 2 for more details (a copy is included in the LICENSE file that

13
 * accompanied this code).

14
 *

15
 * You should have received a copy of the GNU General Public License version

16
 * 2 along with this work; if not, write to the Free Software Foundation,

17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

18
 *

19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

20
 * or visit www.oracle.com if you need additional information or have any

21
 * questions.

22
 */

23


24
/*

25
 * @test

26
 * @bug 8044445 8194307 8207318

27
 * @summary test new methods from JEP-229: Create PKCS12 Keystores by Default

28
 */

29


30
import java.io.*;

31
import java.security.*;

32
import java.security.KeyStore.*;

33
import java.security.cert.*;

34
import javax.crypto.*;

35
import javax.security.auth.callback.*;

36


37
public class ProbeKeystores {

38
    private static final char[] PASSWORD = "changeit".toCharArray();

39
    private static final char[] BAD_PASSWORD = "badpasword".toCharArray();

40
    private static final LoadStoreParameter LOAD_STORE_PARAM =

41
        new MyLoadStoreParameter(new PasswordProtection(PASSWORD));

42
    private static final LoadStoreParameter BAD_LOAD_STORE_PARAM =

43
        new MyLoadStoreParameter(new PasswordProtection(BAD_PASSWORD));

44
    private static final String DIR = System.getProperty("test.src", ".");

45
    private static final String CERT_FILE = "trusted.pem";

46


47
    private static class MyLoadStoreParameter implements LoadStoreParameter {

48


49
        private ProtectionParameter protection;

50


51
        MyLoadStoreParameter(ProtectionParameter protection) {

52
            this.protection = protection;

53
        }

54


55
        public ProtectionParameter getProtectionParameter() {

56
            return protection;

57
        }

58
    }

59


60
    public static final void main(String[] args) throws Exception {

61


62
        // Testing empty keystores

63


64
        init("empty.jks", "JKS");

65
        init("empty.jceks", "JCEKS");

66
        init("empty.p12", "PKCS12");

67


68
        load("empty.jks", "JKS");

69
        load("empty.jceks", "JCEKS");

70
        load("empty.p12", "PKCS12");

71
        load("empty.jks", "PKCS12"); // test compatibility mode

72
        load("empty.p12", "JKS"); // test compatibility mode

73
        load("empty.jks", "PKCS12", true); // test without compatibility mode

74
        load("empty.jks", "JKS", false); // test without compatibility mode

75
        load("empty.p12", "JKS", true); // test without compatibility mode

76
        load("empty.p12", "PKCS12", false); // test without compatibility mode

77


78
        probe("empty.jks", "JKS");

79
        probe("empty.jceks", "JCEKS");

80
        probe("empty.p12", "PKCS12");

81


82
        build("empty.jks", "JKS", true);

83
        build("empty.jks", "JKS", false);

84
        build("empty.jceks", "JCEKS", true);

85
        build("empty.jceks", "JCEKS", false);

86
        build("empty.p12", "PKCS12", true);

87
        build("empty.p12", "PKCS12", false);

88


89
        // Testing keystores containing an X.509 certificate

90


91
        X509Certificate cert = loadCertificate(CERT_FILE);

92
        init("onecert.jks", "JKS", cert);

93
        init("onecert.jceks", "JCEKS", cert);

94
        init("onecert.p12", "PKCS12", cert);

95


96
        load("onecert.jks", "JKS");

97
        load("onecert.jceks", "JCEKS");

98
        load("onecert.p12", "PKCS12");

99
        load("onecert.jks", "PKCS12"); // test compatibility mode

100
        load("onecert.p12", "JKS"); // test compatibility mode

101
        load("onecert.jks", "PKCS12", true); // test without compatibility mode

102
        load("onecert.jks", "JKS", false); // test without compatibility mode

103
        load("onecert.p12", "JKS", true); // test without compatibility mode

104
        load("onecert.p12", "PKCS12", false); // test without compatibility mode

105


106
        probe("onecert.jks", "JKS");

107
        probe("onecert.jceks", "JCEKS");

108
        probe("onecert.p12", "PKCS12");

109


110
        build("onecert.jks", "JKS", true);

111
        build("onecert.jks", "JKS", false);

112
        build("onecert.jceks", "JCEKS", true);

113
        build("onecert.jceks", "JCEKS", false);

114
        build("onecert.p12", "PKCS12", true);

115
        build("onecert.p12", "PKCS12", false);

116


117
        // Testing keystores containing a secret key

118


119
        SecretKey key = generateSecretKey("AES", 128);

120
        init("onekey.jceks", "JCEKS", key);

121
        init("onekey.p12", "PKCS12", key);

122


123
        load("onekey.jceks", "JCEKS");

124
        load("onekey.p12", "PKCS12");

125
        load("onekey.p12", "JKS"); // test compatibility mode

126
        load("onekey.p12", "JKS", true); // test without compatibility mode

127
        load("onekey.p12", "PKCS12", false); // test without compatibility mode

128


129
        probe("onekey.jceks", "JCEKS");

130
        probe("onekey.p12", "PKCS12");

131


132
        build("onekey.jceks", "JCEKS", true);

133
        build("onekey.jceks", "JCEKS", false);

134
        build("onekey.p12", "PKCS12", true);

135
        build("onekey.p12", "PKCS12", false);

136


137
        System.out.println("OK.");

138
    }

139


140
    // Instantiate an empty keystore using the supplied keystore type

141
    private static void init(String file, String type) throws Exception {

142
        KeyStore ks = KeyStore.getInstance(type);

143
        ks.load(null, null);

144
        try (OutputStream stream = new FileOutputStream(file)) {

145
            ks.store(stream, PASSWORD);

146
        }

147
        System.out.println("Created a " + type + " keystore named '" + file + "'");

148
    }

149


150
    // Instantiate a keystore using the supplied keystore type & create an entry

151
    private static void init(String file, String type, X509Certificate cert)

152
        throws Exception {

153
        KeyStore ks = KeyStore.getInstance(type);

154
        ks.load(null, null);

155
        ks.setEntry("mycert", new KeyStore.TrustedCertificateEntry(cert), null);

156
        try (OutputStream stream = new FileOutputStream(file)) {

157
            ks.store(stream, PASSWORD);

158
        }

159
        System.out.println("Created a " + type + " keystore named '" + file + "'");

160
    }

161


162
    // Instantiate a keystore using the supplied keystore type & create an entry

163
    private static void init(String file, String type, SecretKey key)

164
        throws Exception {

165
        KeyStore ks = KeyStore.getInstance(type);

166
        ks.load(null, null);

167
        ks.setEntry("mykey", new KeyStore.SecretKeyEntry(key),

168
            new PasswordProtection(PASSWORD));

169
        try (OutputStream stream = new FileOutputStream(file)) {

170
            ks.store(stream, PASSWORD);

171
        }

172
        System.out.println("Created a " + type + " keystore named '" + file + "'");

173
    }

174


175
    // Instantiate a keystore by probing the supplied file for the keystore type

176
    private static void probe(String file, String type) throws Exception {

177
        // First try with the correct password

178
        KeyStore ks = KeyStore.getInstance(new File(file), PASSWORD);

179
        if (!type.equalsIgnoreCase(ks.getType())) {

180
            throw new Exception("ERROR: expected a " + type + " keystore, " +

181
                "got a " + ks.getType() + " keystore instead");

182
        } else {

183
            System.out.println("Probed a " + type + " keystore named '" + file

184
                    + "' with " + ks.size() + " entries");

185
        }

186


187
        // Next try with an incorrect password

188
        try {

189
            ks = KeyStore.getInstance(new File(file), BAD_PASSWORD);

190
            throw new Exception("ERROR: expected an exception but got success");

191
        } catch (IOException e) {

192
            System.out.println("Failed to load a " + type + " keystore named '" + file + "' (as expected)");

193
        }

194


195
        // Now try with the correct password within a LoadStoreParameter

196
        ks = KeyStore.getInstance(new File(file), LOAD_STORE_PARAM);

197
        if (!type.equalsIgnoreCase(ks.getType())) {

198
            throw new Exception("ERROR: expected a " + type + " keystore, " +

199
                "got a " + ks.getType() + " keystore instead");

200
        } else {

201
            System.out.println("Probed a " + type + " keystore named '" + file

202
                    + "' with " + ks.size() + " entries");

203
        }

204


205
        // Next try with an incorrect password within a LoadStoreParameter

206
        try {

207
            ks = KeyStore.getInstance(new File(file), BAD_LOAD_STORE_PARAM);

208
            throw new Exception("ERROR: expected an exception but got success");

209
        } catch (IOException e) {

210
            System.out.println("Failed to load a " + type + " keystore named '" + file + "' (as expected)");

211
        }

212
    }

213


214
    // Instantiate a keystore by probing the supplied file for the keystore type

215
    private static void build(String file, String type, boolean usePassword)

216
        throws Exception {

217


218
        Builder builder;

219
        if (usePassword) {

220
            builder = Builder.newInstance(new File(file),

221
                new PasswordProtection(PASSWORD));

222
        } else {

223
            builder = Builder.newInstance(new File(file),

224
                new CallbackHandlerProtection(new DummyHandler()));

225
        }

226
        KeyStore ks = builder.getKeyStore();

227
        if (!type.equalsIgnoreCase(ks.getType())) {

228
            throw new Exception("ERROR: expected a " + type + " keystore, " +

229
                "got a " + ks.getType() + " keystore instead");

230
        } else {

231
            System.out.println("Built a " + type + " keystore named '" + file + "'");

232
        }

233
    }

234


235
    // Load the keystore entries

236
    private static void load(String file, String type) throws Exception {

237
        KeyStore ks = KeyStore.getInstance(type);

238
        try (InputStream stream = new FileInputStream(file)) {

239
            ks.load(stream, PASSWORD);

240
        }

241
        if (!type.equalsIgnoreCase(ks.getType())) {

242
            throw new Exception("ERROR: expected a " + type + " keystore, " +

243
                "got a " + ks.getType() + " keystore instead");

244
        } else {

245
            System.out.println("Loaded a " + type + " keystore named '" + file + "'");

246
        }

247
    }

248


249
    // Load the keystore entries (with compatibility mode disabled)

250
    private static void load(String file, String type, boolean expectFailure)

251
        throws Exception {

252
        Security.setProperty("keystore.type.compat", "false");

253
        try {

254
            load(file, type);

255
            if (expectFailure) {

256
                throw new Exception("ERROR: expected load to fail but it didn't");

257
            }

258
        } catch (IOException e) {

259
            if (expectFailure) {

260
                System.out.println("Failed to load a " + type + " keystore named '" + file + "' (as expected)");

261
            } else {

262
                throw e;

263
            }

264
        } finally {

265
            Security.setProperty("keystore.type.compat", "true");

266
        }

267
    }

268


269
    // Read an X.509 certificate from the supplied file

270
    private static X509Certificate loadCertificate(String certFile)

271
        throws Exception {

272
        X509Certificate cert = null;

273
        try (FileInputStream certStream =

274
            new FileInputStream(DIR + "/" + certFile)) {

275
            CertificateFactory factory =

276
                CertificateFactory.getInstance("X.509");

277
            return (X509Certificate) factory.generateCertificate(certStream);

278
        }

279
    }

280


281
    // Generate a secret key using the supplied algorithm name and key size

282
    private static SecretKey generateSecretKey(String algorithm, int size)

283
        throws NoSuchAlgorithmException {

284
        KeyGenerator generator = KeyGenerator.getInstance(algorithm);

285
        generator.init(size);

286
        return generator.generateKey();

287
    }

288


289
    private static class DummyHandler implements CallbackHandler {

290
        public void handle(Callback[] callbacks)

291
            throws IOException, UnsupportedCallbackException {

292
            System.out.println("** Callbackhandler invoked");

293
            for (int i = 0; i < callbacks.length; i++) {

294
                Callback cb = callbacks[i];

295
                if (cb instanceof PasswordCallback) {

296
                    PasswordCallback pcb = (PasswordCallback)cb;

297
                    pcb.setPassword(PASSWORD);

298
                    break;

299
                }

300
            }

301
        }

302
    }

303
}

304


305