| Quellcodebibliothek Statistik Leitseite products/Sources/formale Sprachen/Java/Openjdk/test/jdk/java/security/KeyStore/ (Sun/Oracle ©) Datei vom 13.11.2022 mit Größe 12 kB |
|
Quelle ProbeKeystores.java Sprache: JAVA |
|||||||||
|
/*
* Copyright (c) 2014, 2018, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License version 2 only, as * published by the Free Software Foundation. * * This code is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * version 2 for more details (a copy is included in the LICENSE file that * accompanied this code). * * You should have received a copy of the GNU General Public License version * 2 along with this work; if not, write to the Free Software Foundation, * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. * * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA * or visit www.oracle.com if you need additional information or have any * questions. */ /* * @test * @bug 8044445 8194307 8207318 * @summary test new methods from JEP-229: Create PKCS12 Keystores by Default */ import java.io.*; import java.security.*; import java.security.KeyStore.*; import java.security.cert.*; import javax.crypto.*; import javax.security.auth.callback.*; public class ProbeKeystores { private static final char[] PASSWORD = "changeit".toCharArray(); private static final char[] BAD_PASSWORD = "badpasword".toCharArray(); private static final LoadStoreParameter LOAD_STORE_PARAM = new MyLoadStoreParameter(new PasswordProtection(PASSWORD)); private static final LoadStoreParameter BAD_LOAD_STORE_PARAM = new MyLoadStoreParameter(new PasswordProtection(BAD_PASSWORD)); private static final String DIR = System.getProperty("test.src", "."); private static final String CERT_FILE = "trusted.pem"; private static class MyLoadStoreParameter implements LoadStoreParameter { private ProtectionParameter protection; MyLoadStoreParameter(ProtectionParameter protection) { this.protection = protection; } public ProtectionParameter getProtectionParameter() { return protection; } } public static final void main(String[] args) throws Exception { // Testing empty keystores init("empty.jks", "JKS"); init("empty.jceks", "JCEKS"); init("empty.p12", "PKCS12"); load("empty.jks", "JKS"); load("empty.jceks", "JCEKS"); load("empty.p12", "PKCS12"); load("empty.jks", "PKCS12"); // test compatibility mode load("empty.p12", "JKS"); // test compatibility mode load("empty.jks", "PKCS12", true); // test without compatibility mode load("empty.jks", "JKS", false); // test without compatibility mode load("empty.p12", "JKS", true); // test without compatibility mode load("empty.p12", "PKCS12", false); // test without compatibility mode probe("empty.jks", "JKS"); probe("empty.jceks", "JCEKS"); probe("empty.p12", "PKCS12"); build("empty.jks", "JKS", true); build("empty.jks", "JKS", false); build("empty.jceks", "JCEKS", true); build("empty.jceks", "JCEKS", false); build("empty.p12", "PKCS12", true); build("empty.p12", "PKCS12", false); // Testing keystores containing an X.509 certificate X509Certificate cert = loadCertificate(CERT_FILE); init("onecert.jks", "JKS", cert); init("onecert.jceks", "JCEKS", cert); init("onecert.p12", "PKCS12", cert); load("onecert.jks", "JKS"); load("onecert.jceks", "JCEKS"); load("onecert.p12", "PKCS12"); load("onecert.jks", "PKCS12"); // test compatibility mode load("onecert.p12", "JKS"); // test compatibility mode load("onecert.jks", "PKCS12", true); // test without compatibility mode load("onecert.jks", "JKS", false); // test without compatibility mode load("onecert.p12", "JKS", true); // test without compatibility mode load("onecert.p12", "PKCS12", false); // test without compatibility mode probe("onecert.jks", "JKS"); probe("onecert.jceks", "JCEKS"); probe("onecert.p12", "PKCS12"); build("onecert.jks", "JKS", true); build("onecert.jks", "JKS", false); build("onecert.jceks", "JCEKS", true); build("onecert.jceks", "JCEKS", false); build("onecert.p12", "PKCS12", true); build("onecert.p12", "PKCS12", false); // Testing keystores containing a secret key SecretKey key = generateSecretKey("AES", 128); init("onekey.jceks", "JCEKS", key); init("onekey.p12", "PKCS12", key); load("onekey.jceks", "JCEKS"); load("onekey.p12", "PKCS12"); load("onekey.p12", "JKS"); // test compatibility mode load("onekey.p12", "JKS", true); // test without compatibility mode load("onekey.p12", "PKCS12", false); // test without compatibility mode probe("onekey.jceks", "JCEKS"); probe("onekey.p12", "PKCS12"); build("onekey.jceks", "JCEKS", true); build("onekey.jceks", "JCEKS", false); build("onekey.p12", "PKCS12", true); build("onekey.p12", "PKCS12", false); System.out.println("OK."); } // Instantiate an empty keystore using the supplied keystore type private static void init(String file, String type) throws Exception { KeyStore ks = KeyStore.getInstance(type); ks.load(null, null); try (OutputStream stream = new FileOutputStream(file)) { ks.store(stream, PASSWORD); } System.out.println("Created a " + type + " keystore named '" + file + "'"); } // Instantiate a keystore using the supplied keystore type & create an entry private static void init(String file, String type, X509Certificate cert) throws Exception { KeyStore ks = KeyStore.getInstance(type); ks.load(null, null); ks.setEntry("mycert", new KeyStore.TrustedCertificateEntry(cert), null); try (OutputStream stream = new FileOutputStream(file)) { ks.store(stream, PASSWORD); } System.out.println("Created a " + type + " keystore named '" + file + "'"); } // Instantiate a keystore using the supplied keystore type & create an entry private static void init(String file, String type, SecretKey key) throws Exception { KeyStore ks = KeyStore.getInstance(type); ks.load(null, null); ks.setEntry("mykey", new KeyStore.SecretKeyEntry(key), new PasswordProtection(PASSWORD)); try (OutputStream stream = new FileOutputStream(file)) { ks.store(stream, PASSWORD); } System.out.println("Created a " + type + " keystore named '" + file + "'"); } // Instantiate a keystore by probing the supplied file for the keystore type private static void probe(String file, String type) throws Exception { // First try with the correct password KeyStore ks = KeyStore.getInstance(new File(file), PASSWORD); if (!type.equalsIgnoreCase(ks.getType())) { throw new Exception("ERROR: expected a " + type + " keystore, " + "got a " + ks.getType() + " keystore instead"); } else { System.out.println("Probed a " + type + " keystore named '" + file + "' with " + ks.size() + " entries"); } // Next try with an incorrect password try { ks = KeyStore.getInstance(new File(file), BAD_PASSWORD); throw new Exception("ERROR: expected an exception but got success"); } catch (IOException e) { System.out.println("Failed to load a " + type + " keystore named '" + file + "' (as expe } // Now try with the correct password within a LoadStoreParameter ks = KeyStore.getInstance(new File(file), LOAD_STORE_PARAM); if (!type.equalsIgnoreCase(ks.getType())) { throw new Exception("ERROR: expected a " + type + " keystore, " + "got a " + ks.getType() + " keystore instead"); } else { System.out.println("Probed a " + type + " keystore named '" + file + "' with " + ks.size() + " entries"); } // Next try with an incorrect password within a LoadStoreParameter try { ks = KeyStore.getInstance(new File(file), BAD_LOAD_STORE_PARAM); throw new Exception("ERROR: expected an exception but got success"); } catch (IOException e) { System.out.println("Failed to load a " + type + " keystore named '" + file + "' (as expe } } // Instantiate a keystore by probing the supplied file for the keystore type private static void build(String file, String type, boolean usePassword) throws Exception { Builder builder; if (usePassword) { builder = Builder.newInstance(new File(file), new PasswordProtection(PASSWORD)); } else { builder = Builder.newInstance(new File(file), new CallbackHandlerProtection(new DummyHandler())); } KeyStore ks = builder.getKeyStore(); if (!type.equalsIgnoreCase(ks.getType())) { throw new Exception("ERROR: expected a " + type + " keystore, " + "got a " + ks.getType() + " keystore instead"); } else { System.out.println("Built a " + type + " keystore named '" + file + "'"); } } // Load the keystore entries private static void load(String file, String type) throws Exception { KeyStore ks = KeyStore.getInstance(type); try (InputStream stream = new FileInputStream(file)) { ks.load(stream, PASSWORD); } if (!type.equalsIgnoreCase(ks.getType())) { throw new Exception("ERROR: expected a " + type + " keystore, " + "got a " + ks.getType() + " keystore instead"); } else { System.out.println("Loaded a " + type + " keystore named '" + file + "'"); } } // Load the keystore entries (with compatibility mode disabled) private static void load(String file, String type, boolean expectFailure) throws Exception { Security.setProperty("keystore.type.compat", "false"); try { load(file, type); if (expectFailure) { throw new Exception("ERROR: expected load to fail but it didn't"); } } catch (IOException e) { if (expectFailure) { System.out.println("Failed to load a " + type + " keystore named '" + file + "' (as expe } else { throw e; } } finally { Security.setProperty("keystore.type.compat", "true"); } } // Read an X.509 certificate from the supplied file private static X509Certificate loadCertificate(String certFile) throws Exception { X509Certificate cert = null; try (FileInputStream certStream = new FileInputStream(DIR + "/" + certFile)) { CertificateFactory factory = CertificateFactory.getInstance("X.509"); return (X509Certificate) factory.generateCertificate(certStream); } } // Generate a secret key using the supplied algorithm name and key size private static SecretKey generateSecretKey(String algorithm, int size) throws NoSuchAlgorithmException { KeyGenerator generator = KeyGenerator.getInstance(algorithm); generator.init(size); return generator.generateKey(); } private static class DummyHandler implements CallbackHandler { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { System.out.println("** Callbackhandler invoked"); for (int i = 0; i < callbacks.length; i++) { Callback cb = callbacks[i]; if (cb instanceof PasswordCallback) { PasswordCallback pcb = (PasswordCallback)cb; pcb.setPassword(PASSWORD); break; } } } } } ¤ Dauer der Verarbeitung: 0.1 Sekunden (vorverarbeitet) ¤*© Formatika GbR, Deutschland |
|
2026-03-28