1
/*
2
 * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
 *
5
 * This code is free software; you can redistribute it and/or modify it
6
 * under the terms of the GNU General Public License version 2 only, as
7
 * published by the Free Software Foundation.
8
 *
9
 * This code is distributed in the hope that it will be useful, but WITHOUT
10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12
 * version 2 for more details (a copy is included in the LICENSE file that
13
 * accompanied this code).
14
 *
15
 * You should have received a copy of the GNU General Public License version
16
 * 2 along with this work; if not, write to the Free Software Foundation,
17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18
 *
19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20
 * or visit www.oracle.com if you need additional information or have any
21
 * questions.
22
 */
23

24
import java.io.InputStream;
25
import java.security.KeyStore;
26
import java.security.Provider;
27
import java.security.Security;
28
import java.security.cert.CRL;
29
import java.security.cert.CRLException;
30
import java.security.cert.Certificate;
31
import java.security.cert.CertificateException;
32
import java.security.cert.CertificateFactorySpi;
33
import java.util.Collection;
34
import java.util.Enumeration;
35

36
/*
37
 * @test
38
 * @bug 8139436
39
 * @summary This test validates an iteration over the Windows-ROOT certificate store
40
 *          and retrieving all certificates.
41
 *          Bug 8139436 reports an issue when 3rd party JCE providers would throw exceptions
42
 *          upon creating Certificate objects.
43
 *          This would for instance happen when using IAIK 3.15 and Elliptic Curve certificates
44
 *          are contained in the Windows-ROOT certificate store.
45
 *          The test uses a simple dummy provider which just throws Exceptions in its CertificateFactory.
46
 *          To test an external provider, you can use property sun.security.mscapi.testprovider and
47
 *          set it to the provider class name which has to be constructible by a constructor without
48
 *          arguments. The provider jar has to be added to the classpath.
49
 *          E.g. run jtreg with -javaoption:-Dsun.security.mscapi.testprovider=iaik.security.provider.IAIK and
50
 *          -cpa:<path to iaik_jce.jar>
51
 *
52
 * @requires os.family == "windows"
53
 * @author Christoph Langer
54
 * @run main IterateWindowsRootStore
55
 */
56
public class IterateWindowsRootStore {
57
    public static class TestFactory extends CertificateFactorySpi {
58
        @Override
59
        public Certificate engineGenerateCertificate(InputStream inStream) throws CertificateException {
60
            throw new CertificateException("unimplemented");
61
        }
62

63
        @Override
64
        public Collection<? extends Certificate> engineGenerateCertificates(InputStream inStream) throws CertificateException {
65
            throw new CertificateException("unimplemented");
66
        }
67

68
        @Override
69
        public CRL engineGenerateCRL(InputStream inStream) throws CRLException {
70
            throw new CRLException("unimplemented");
71
        }
72

73
        @Override
74
        public Collection<? extends CRL> engineGenerateCRLs(InputStream inStream) throws CRLException {
75
            throw new CRLException("unimplemented");
76
        }
77
    }
78

79
    public static class TestProvider extends Provider {
80
        private static final long serialVersionUID = 1L;
81

82
        public TestProvider() {
83
            super("TestProvider", 0.1, "Test provider for IterateWindowsRootStore");
84

85
            /*
86
             * Certificates
87
             */
88
            this.put("CertificateFactory.X.509", "IterateWindowsRootStore$TestFactory");
89
            this.put("Alg.Alias.CertificateFactory.X509", "X.509");
90
        }
91
    }
92

93
    public static void main(String[] args) throws Exception {
94
        // Try to register a JCE provider from property sun.security.mscapi.testprovider in the first slot
95
        // otherwise register a dummy provider which would provoke the issue of bug 8139436
96
        boolean providerPrepended = false;
97
        String testprovider = System.getProperty("sun.security.mscapi.testprovider");
98
        if (testprovider != null && !testprovider.isEmpty()) {
99
            try {
100
                System.out.println("Trying to prepend external JCE provider " + testprovider);
101
                Class<?> providerclass = Class.forName(testprovider);
102
                Object provider = providerclass.newInstance();
103
                Security.insertProviderAt((Provider)provider, 1);
104
            } catch (Exception e) {
105
                System.out.println("Could not load JCE provider " + testprovider +". Exception is:");
106
                e.printStackTrace(System.out);
107
            }
108
            providerPrepended = true;
109
            System.out.println("Sucessfully prepended JCE provider " + testprovider);
110
        }
111
        if (!providerPrepended) {
112
            System.out.println("Trying to prepend dummy JCE provider");
113
            Security.insertProviderAt(new TestProvider(), 1);
114
            System.out.println("Sucessfully prepended dummy JCE provider");
115
        }
116

117
        // load Windows-ROOT KeyStore
118
        KeyStore keyStore = KeyStore.getInstance("Windows-ROOT", "SunMSCAPI");
119
        keyStore.load(null, null);
120

121
        // iterate KeyStore
122
        Enumeration<String> aliases = keyStore.aliases();
123
        while (aliases.hasMoreElements()) {
124
            String alias = aliases.nextElement();
125
            System.out.print("Reading certificate for alias: " + alias + "...");
126
            keyStore.getCertificate(alias);
127
            System.out.println(" done.");
128
        }
129
    }
130
}
131

132