jdk/test/sun/security/pkcs11/KeyStore/SecretKeysBasic.java
author serb
Tue, 12 Nov 2013 20:24:25 +0400
changeset 21596 0e3a39f29dbc
parent 19067 5271291b7121
child 24863 bf6df3caafe4
permissions -rw-r--r--
8027696: Incorrect copyright header in the tests Reviewed-by: alanb, malenkov, mullan
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
291
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
     1
/*
21596
0e3a39f29dbc 8027696: Incorrect copyright header in the tests
serb
parents: 19067
diff changeset
     2
 * Copyright (c) 2008, 2013, Oracle and/or its affiliates. All rights reserved.
291
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
     3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
     4
 *
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
     5
 * This code is free software; you can redistribute it and/or modify it
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
     6
 * under the terms of the GNU General Public License version 2 only, as
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
     7
 * published by the Free Software Foundation.
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
     8
 *
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
     9
 * This code is distributed in the hope that it will be useful, but WITHOUT
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    12
 * version 2 for more details (a copy is included in the LICENSE file that
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    13
 * accompanied this code).
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    14
 *
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    15
 * You should have received a copy of the GNU General Public License version
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    16
 * 2 along with this work; if not, write to the Free Software Foundation,
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    18
 *
5506
202f599c92aa 6943119: Rebrand source copyright notices
ohair
parents: 291
diff changeset
    19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
202f599c92aa 6943119: Rebrand source copyright notices
ohair
parents: 291
diff changeset
    20
 * or visit www.oracle.com if you need additional information or have any
202f599c92aa 6943119: Rebrand source copyright notices
ohair
parents: 291
diff changeset
    21
 * questions.
291
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    22
 */
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    23
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    24
import java.io.*;
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    25
import java.util.*;
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    26
import java.security.*;
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    27
import javax.crypto.*;
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    28
import javax.crypto.spec.*;
19067
5271291b7121 8020424: The NSS version should be detected before running crypto tests
ascarpino
parents: 5506
diff changeset
    29
import javax.xml.bind.DatatypeConverter;
291
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    30
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    31
public class SecretKeysBasic extends PKCS11Test {
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    32
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    33
    private static final char SEP = File.separatorChar;
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    34
    private static char[] tokenPwd;
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    35
    private static final char[] nssPwd =
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    36
            new char[]{'t', 'e', 's', 't', '1', '2'};
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    37
    private static final char[] solarisPwd =
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    38
            new char[]{'p', 'i', 'n'};
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    39
    private static SecretKey sk1;
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    40
    private static SecretKey sk2;
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    41
    private static SecretKey softkey;
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    42
    private static KeyStore ks;
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    43
    private static final String KS_TYPE = "PKCS11";
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    44
    private static Provider provider;
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    45
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    46
    public static void main(String[] args) throws Exception {
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    47
        main(new SecretKeysBasic());
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    48
    }
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    49
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    50
    public void main(Provider p) throws Exception {
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    51
        this.provider = p;
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    52
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    53
        // create secret key
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    54
        byte[] keyVal = new byte[16];
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    55
        (new SecureRandom()).nextBytes(keyVal);
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    56
        // NSS will throw CKR_HOST_MEMORY if calling C_DecryptInit w/
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    57
        // (keyVal[0] == 0)
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    58
        if (keyVal[0] == 0) {
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    59
            keyVal[0] = 1;
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    60
        }
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    61
        softkey = new SecretKeySpec(keyVal, "AES");
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    62
        dumpKey("softkey", softkey);
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    63
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    64
        KeyGenerator kg = KeyGenerator.getInstance("DESede", provider);
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    65
        sk1 = kg.generateKey();
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    66
        dumpKey("skey1", sk1);
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    67
        sk2 = kg.generateKey();
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    68
        dumpKey("skey2", sk2);
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    69
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    70
        String token = System.getProperty("TOKEN");
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    71
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    72
        if (token == null || token.length() == 0) {
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    73
            System.out.println("Error: missing TOKEN system property");
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    74
            throw new Exception("token arg required");
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    75
        }
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    76
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    77
        if ("nss".equals(token)) {
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    78
            tokenPwd = nssPwd;
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    79
        } else if ("solaris".equals(token)) {
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    80
            tokenPwd = solarisPwd;
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    81
        }
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    82
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    83
        int testnum = 1;
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    84
        doTest();
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    85
    }
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    86
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    87
    private static boolean checkSecretKeyEntry(String alias,
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    88
            SecretKey expected,
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    89
            boolean saveBeforeCheck)
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
    90
            throws Exception {
19067
5271291b7121 8020424: The NSS version should be detected before running crypto tests
ascarpino
parents: 5506
diff changeset
    91
5271291b7121 8020424: The NSS version should be detected before running crypto tests
ascarpino
parents: 5506
diff changeset
    92
        // A bug in NSS 3.12 (Mozilla bug 471665) causes AES key lengths
5271291b7121 8020424: The NSS version should be detected before running crypto tests
ascarpino
parents: 5506
diff changeset
    93
        // to be read incorrectly.  Checking for improper 16 byte length
5271291b7121 8020424: The NSS version should be detected before running crypto tests
ascarpino
parents: 5506
diff changeset
    94
        // in key string.
5271291b7121 8020424: The NSS version should be detected before running crypto tests
ascarpino
parents: 5506
diff changeset
    95
        if (isNSS(provider) && expected.getAlgorithm().equals("AES") &&
5271291b7121 8020424: The NSS version should be detected before running crypto tests
ascarpino
parents: 5506
diff changeset
    96
                (getNSSVersion() >= 3.12 && getNSSVersion() <= 3.122)) {
5271291b7121 8020424: The NSS version should be detected before running crypto tests
ascarpino
parents: 5506
diff changeset
    97
            System.out.println("NSS 3.12 bug returns incorrect AES key "+
5271291b7121 8020424: The NSS version should be detected before running crypto tests
ascarpino
parents: 5506
diff changeset
    98
                    "length breaking key storage. Aborting...");
5271291b7121 8020424: The NSS version should be detected before running crypto tests
ascarpino
parents: 5506
diff changeset
    99
            return true;
5271291b7121 8020424: The NSS version should be detected before running crypto tests
ascarpino
parents: 5506
diff changeset
   100
        }
5271291b7121 8020424: The NSS version should be detected before running crypto tests
ascarpino
parents: 5506
diff changeset
   101
291
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   102
        if (saveBeforeCheck) {
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   103
            ks.setKeyEntry(alias, expected, null, null);
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   104
        }
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   105
        SecretKey result = (SecretKey) (ks.getKey(alias, null));
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   106
        String keyEncFormat = result.getFormat();
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   107
        if (keyEncFormat == null) {
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   108
            // sensitive or un-extractable keys - verify by encrypt/decrypt
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   109
            byte[] data = new byte[64];
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   110
            Cipher c =
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   111
                    Cipher.getInstance(result.getAlgorithm() + "/CBC/NoPadding",
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   112
                    provider);
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   113
            c.init(Cipher.ENCRYPT_MODE, expected);
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   114
            byte[] encOut = c.doFinal(data);
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   115
            c.init(Cipher.DECRYPT_MODE, result, c.getParameters());
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   116
            byte[] decOut = c.doFinal(encOut);
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   117
            if (!Arrays.equals(data, decOut)) {
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   118
                return false;
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   119
            }
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   120
        } else if (keyEncFormat.toUpperCase().equals("RAW")) {
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   121
            if (!Arrays.equals(result.getEncoded(), expected.getEncoded())) {
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   122
                dumpKey("\texpected:", expected);
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   123
                dumpKey("\treturns:", result);
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   124
                return false;
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   125
            }
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   126
        }
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   127
        return true;
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   128
    }
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   129
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   130
    private static void dumpKey(String info, SecretKey key) {
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   131
        System.out.println(info + "> " + key);
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   132
        System.out.println("\tALGO=" + key.getAlgorithm());
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   133
        if (key.getFormat() != null) {
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   134
            System.out.println("\t[" + key.getFormat() + "] VALUE=" +
19067
5271291b7121 8020424: The NSS version should be detected before running crypto tests
ascarpino
parents: 5506
diff changeset
   135
                    DatatypeConverter.printHexBinary(key.getEncoded()));
291
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   136
        } else {
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   137
            System.out.println("\tVALUE=n/a");
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   138
        }
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   139
    }
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   140
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   141
    private static void doTest() throws Exception {
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   142
        if (ks == null) {
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   143
            ks = KeyStore.getInstance(KS_TYPE, provider);
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   144
            ks.load(null, tokenPwd);
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   145
        }
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   146
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   147
        System.out.println("Number of entries: " + ks.size());
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   148
        if (ks.size() != 0) {
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   149
            System.out.println("Deleting entries under aliases: ");
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   150
            for (Enumeration<String> aliases = ks.aliases();
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   151
                    aliases.hasMoreElements();) {
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   152
                String alias = aliases.nextElement();
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   153
                System.out.println("\t" + alias);
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   154
                ks.deleteEntry(alias);
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   155
            }
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   156
        }
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   157
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   158
        String alias = "testSKey";
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   159
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   160
        boolean testResult = checkSecretKeyEntry(alias, softkey, true);
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   161
        if (!testResult) {
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   162
            System.out.println("FAILURE: setKey() w/ softSecretKey failed");
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   163
        }
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   164
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   165
        if (!checkSecretKeyEntry(alias, sk1, true)) {
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   166
            testResult = false;
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   167
            System.out.println("FAILURE: setKey() w/ skey1 failed");
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   168
        }
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   169
        if (!checkSecretKeyEntry(alias, sk2, true)) {
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   170
            testResult = false;
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   171
            System.out.println("FAILURE: setKey() w/ skey2 failed");
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   172
        }
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   173
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   174
        ks.store(null);
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   175
        System.out.println("Reloading keystore...");
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   176
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   177
        ks.load(null, "whatever".toCharArray());
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   178
        if (ks.size() != 1) {
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   179
            System.out.println("FAILURE: reload#1 ks.size() != 1");
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   180
        }
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   181
        if (!checkSecretKeyEntry(alias, sk2, false)) {
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   182
            testResult = false;
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   183
            System.out.println("FAILURE: reload#1 ks entry check failed");
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   184
        }
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   185
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   186
        ks.deleteEntry(alias);
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   187
        ks.store(null);
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   188
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   189
        System.out.println("Reloading keystore...");
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   190
        ks.load(null, "whatever".toCharArray());
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   191
        if (ks.size() != 0) {
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   192
            testResult = false;
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   193
            System.out.println("FAILURE: reload#2 ks.size() != 0");
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   194
        }
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   195
        if (!testResult) {
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   196
            throw new Exception("One or more test failed!");
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   197
        }
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   198
    }
be2e0a87d658 6599979: KeyStore.setEntry/setKeyEntry() do not override existing entry for secret key objects
valeriep
parents:
diff changeset
   199
}