Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/mobile
 Path: blob/master/test/jdk/sun/security/pkcs12/PKCS12SameKeyId.java
41152 views
1
/*

2
 * Copyright (c) 2010, 2020, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.

8
 *

9
 * This code is distributed in the hope that it will be useful, but WITHOUT

10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

12
 * version 2 for more details (a copy is included in the LICENSE file that

13
 * accompanied this code).

14
 *

15
 * You should have received a copy of the GNU General Public License version

16
 * 2 along with this work; if not, write to the Free Software Foundation,

17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

18
 *

19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

20
 * or visit www.oracle.com if you need additional information or have any

21
 * questions.

22
 */

23


24
/*

25
 * @test

26
 * @bug 6958026 8242151

27
 * @summary Problem with PKCS12 keystore

28
 * @modules java.base/sun.security.pkcs

29
 *          java.base/sun.security.tools.keytool

30
 *          java.base/sun.security.util

31
 *          java.base/sun.security.x509

32
 * @compile -XDignore.symbol.file PKCS12SameKeyId.java

33
 * @run main PKCS12SameKeyId

34
 */

35


36
import java.io.File;

37
import java.io.FileInputStream;

38
import java.io.FileOutputStream;

39
import java.security.AlgorithmParameters;

40
import java.security.KeyStore;

41
import java.security.cert.Certificate;

42
import java.security.cert.X509Certificate;

43
import javax.crypto.Cipher;

44
import javax.crypto.SecretKey;

45
import javax.crypto.SecretKeyFactory;

46
import javax.crypto.spec.PBEKeySpec;

47
import javax.crypto.spec.PBEParameterSpec;

48
import sun.security.pkcs.EncryptedPrivateKeyInfo;

49
import sun.security.util.ObjectIdentifier;

50
import sun.security.x509.AlgorithmId;

51
import sun.security.x509.X500Name;

52


53
public class PKCS12SameKeyId {

54


55
    private static final String JKSFILE = "PKCS12SameKeyId.jks";

56
    private static final String P12FILE = "PKCS12SameKeyId.p12";

57
    private static final char[] PASSWORD = "changeit".toCharArray();

58
    private static final int SIZE = 10;

59


60
    public static void main(String[] args) throws Exception {

61


62
        // Prepare a JKS keystore with many entries

63
        new File(JKSFILE).delete();

64
        for (int i=0; i<SIZE; i++) {

65
            System.err.print(".");

66
            String cmd = "-keystore " + JKSFILE

67
                    + " -storepass changeit -keypass changeit -keyalg rsa "

68
                    + "-genkeypair -alias p" + i + " -dname CN=" + i;

69
            sun.security.tools.keytool.Main.main(cmd.split(" "));

70
        }

71


72
        // Prepare EncryptedPrivateKeyInfo parameters, copied from various

73
        // places in PKCS12KeyStore.java

74
        AlgorithmParameters algParams =

75
                AlgorithmParameters.getInstance("PBEWithSHA1AndDESede");

76
        algParams.init(new PBEParameterSpec("12345678".getBytes(), 1024));

77
        AlgorithmId algid = new AlgorithmId(

78
                ObjectIdentifier.of("1.2.840.113549.1.12.1.3"), algParams);

79


80
        PBEKeySpec keySpec = new PBEKeySpec(PASSWORD);

81
        SecretKeyFactory skFac = SecretKeyFactory.getInstance("PBE");

82
        SecretKey skey = skFac.generateSecret(keySpec);

83


84
        Cipher cipher = Cipher.getInstance("PBEWithSHA1AndDESede");

85
        cipher.init(Cipher.ENCRYPT_MODE, skey, algParams);

86


87
        // Pre-calculated keys and certs and aliases

88
        byte[][] keys = new byte[SIZE][];

89
        Certificate[][] certChains = new Certificate[SIZE][];

90
        String[] aliases = new String[SIZE];

91


92
        // Reads from JKS keystore and pre-calculate

93
        KeyStore ks = KeyStore.getInstance("jks");

94
        try (FileInputStream fis = new FileInputStream(JKSFILE)) {

95
            ks.load(fis, PASSWORD);

96
        }

97
        for (int i=0; i<SIZE; i++) {

98
            aliases[i] = "p" + i;

99
            byte[] enckey = cipher.doFinal(

100
                    ks.getKey(aliases[i], PASSWORD).getEncoded());

101
            keys[i] = new EncryptedPrivateKeyInfo(algid, enckey).getEncoded();

102
            certChains[i] = ks.getCertificateChain(aliases[i]);

103
        }

104


105
        // Write into PKCS12 keystore. Use this overloaded version of

106
        // setKeyEntry() to be as fast as possible, so that they would

107
        // have same localKeyId.

108
        KeyStore p12 = KeyStore.getInstance("pkcs12");

109
        p12.load(null, PASSWORD);

110
        for (int i=0; i<SIZE; i++) {

111
            p12.setKeyEntry(aliases[i], keys[i], certChains[i]);

112
        }

113
        try (FileOutputStream fos = new FileOutputStream(P12FILE)) {

114
            p12.store(fos, PASSWORD);

115
        }

116


117
        // Check private keys still match certs

118
        p12 = KeyStore.getInstance("pkcs12");

119
        try (FileInputStream fis = new FileInputStream(P12FILE)) {

120
            p12.load(fis, PASSWORD);

121
        }

122
        for (int i=0; i<SIZE; i++) {

123
            String a = "p" + i;

124
            X509Certificate x = (X509Certificate)p12.getCertificate(a);

125
            X500Name name = (X500Name)x.getSubjectDN();

126
            if (!name.getCommonName().equals(""+i)) {

127
                throw new Exception(a + "'s cert is " + name);

128
            }

129
        }

130
    }

131
}

132


133