jdk-sandbox: jdk/test/java/security/KeyStore/ProbeKeystores.java@47080f9ae750 (annotated)

28243 47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	1	/*
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	2	* Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	4	*
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	7	* published by the Free Software Foundation.
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	8	*
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	9	* This code is distributed in the hope that it will be useful, but WITHOUT
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	10	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	11	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	12	* version 2 for more details (a copy is included in the LICENSE file that
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	13	* accompanied this code).
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	14	*
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	15	* You should have received a copy of the GNU General Public License version
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	16	* 2 along with this work; if not, write to the Free Software Foundation,
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	17	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	18	*
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	19	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	20	* or visit www.oracle.com if you need additional information or have any
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	21	* questions.
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	22	*/
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	23
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	24	/*
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	25	* @test
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	26	* @bug 8044445
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	27	* @summary test new methods from JEP-229: Create PKCS12 Keystores by Default
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	28	*/
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	29
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	30	import java.io.*;
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	31	import java.security.*;
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	32	import java.security.KeyStore.*;
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	33	import java.security.cert.*;
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	34	import javax.crypto.*;
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	35	import javax.security.auth.callback.*;
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	36
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	37	public class ProbeKeystores {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	38	private static final char[] PASSWORD = "changeit".toCharArray();
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	39	private static final char[] BAD_PASSWORD = "badpasword".toCharArray();
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	40	private static final String DIR = System.getProperty("test.src", ".");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	41	private static final String CERT_FILE = "trusted.pem";
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	42
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	43	public static final void main(String[] args) throws Exception {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	44	try {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	45	test();
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	46	} finally {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	47	cleanup();
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	48	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	49	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	50
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	51	private static final void test() throws Exception {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	52	cleanup();
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	53
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	54	// Testing empty keystores
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	55
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	56	init("empty.jks", "JKS");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	57	init("empty.jceks", "JCEKS");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	58	init("empty.p12", "PKCS12");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	59
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	60	load("empty.jks", "JKS");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	61	load("empty.jceks", "JCEKS");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	62	load("empty.p12", "PKCS12");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	63	load("empty.jks", "PKCS12"); // test compatibility mode
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	64	load("empty.p12", "JKS"); // test compatibility mode
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	65	load("empty.jks", "PKCS12", true); // test without compatibility mode
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	66	load("empty.jks", "JKS", false); // test without compatibility mode
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	67	load("empty.p12", "JKS", true); // test without compatibility mode
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	68	load("empty.p12", "PKCS12", false); // test without compatibility mode
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	69
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	70	probe("empty.jks", "JKS");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	71	probe("empty.jceks", "JCEKS");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	72	probe("empty.p12", "PKCS12");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	73
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	74	build("empty.jks", "JKS", true);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	75	build("empty.jks", "JKS", false);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	76	build("empty.jceks", "JCEKS", true);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	77	build("empty.jceks", "JCEKS", false);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	78	build("empty.p12", "PKCS12", true);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	79	build("empty.p12", "PKCS12", false);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	80
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	81	// Testing keystores containing an X.509 certificate
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	82
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	83	X509Certificate cert = loadCertificate(CERT_FILE);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	84	init("onecert.jks", "JKS", cert);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	85	init("onecert.jceks", "JCEKS", cert);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	86	init("onecert.p12", "PKCS12", cert);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	87
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	88	load("onecert.jks", "JKS");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	89	load("onecert.jceks", "JCEKS");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	90	load("onecert.p12", "PKCS12");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	91	load("onecert.jks", "PKCS12"); // test compatibility mode
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	92	load("onecert.p12", "JKS"); // test compatibility mode
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	93	load("onecert.jks", "PKCS12", true); // test without compatibility mode
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	94	load("onecert.jks", "JKS", false); // test without compatibility mode
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	95	load("onecert.p12", "JKS", true); // test without compatibility mode
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	96	load("onecert.p12", "PKCS12", false); // test without compatibility mode
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	97
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	98	probe("onecert.jks", "JKS");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	99	probe("onecert.jceks", "JCEKS");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	100	probe("onecert.p12", "PKCS12");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	101
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	102	build("onecert.jks", "JKS", true);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	103	build("onecert.jks", "JKS", false);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	104	build("onecert.jceks", "JCEKS", true);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	105	build("onecert.jceks", "JCEKS", false);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	106	build("onecert.p12", "PKCS12", true);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	107	build("onecert.p12", "PKCS12", false);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	108
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	109	// Testing keystores containing a secret key
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	110
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	111	SecretKey key = generateSecretKey("AES", 128);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	112	init("onekey.jceks", "JCEKS", key);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	113	init("onekey.p12", "PKCS12", key);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	114
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	115	load("onekey.jceks", "JCEKS");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	116	load("onekey.p12", "PKCS12");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	117	load("onekey.p12", "JKS"); // test compatibility mode
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	118	load("onekey.p12", "JKS", true); // test without compatibility mode
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	119	load("onekey.p12", "PKCS12", false); // test without compatibility mode
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	120
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	121	probe("onekey.jceks", "JCEKS");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	122	probe("onekey.p12", "PKCS12");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	123
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	124	build("onekey.jceks", "JCEKS", true);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	125	build("onekey.jceks", "JCEKS", false);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	126	build("onekey.p12", "PKCS12", true);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	127	build("onekey.p12", "PKCS12", false);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	128
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	129	System.out.println("OK.");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	130	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	131
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	132	private static void cleanup() {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	133	new File("empty.jks").delete();
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	134	new File("empty.jceks").delete();
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	135	new File("empty.p12").delete();
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	136	new File("onecert.jks").delete();
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	137	new File("onecert.jceks").delete();
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	138	new File("onecert.p12").delete();
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	139	new File("onekey.jceks").delete();
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	140	new File("onekey.p12").delete();
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	141	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	142
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	143	// Instantiate an empty keystore using the supplied keystore type
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	144	private static void init(String file, String type) throws Exception {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	145	KeyStore ks = KeyStore.getInstance(type);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	146	ks.load(null, null);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	147	try (OutputStream stream = new FileOutputStream(DIR + "/" + file)) {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	148	ks.store(stream, PASSWORD);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	149	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	150	System.out.println("Created a " + type + " keystore named '" + file + "'");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	151	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	152
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	153	// Instantiate a keystore using the supplied keystore type & create an entry
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	154	private static void init(String file, String type, X509Certificate cert)
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	155	throws Exception {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	156	KeyStore ks = KeyStore.getInstance(type);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	157	ks.load(null, null);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	158	ks.setEntry("mycert", new KeyStore.TrustedCertificateEntry(cert), null);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	159	try (OutputStream stream = new FileOutputStream(DIR + "/" + file)) {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	160	ks.store(stream, PASSWORD);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	161	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	162	System.out.println("Created a " + type + " keystore named '" + file + "'");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	163	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	164
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	165	// Instantiate a keystore using the supplied keystore type & create an entry
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	166	private static void init(String file, String type, SecretKey key)
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	167	throws Exception {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	168	KeyStore ks = KeyStore.getInstance(type);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	169	ks.load(null, null);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	170	ks.setEntry("mykey", new KeyStore.SecretKeyEntry(key),
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	171	new PasswordProtection(PASSWORD));
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	172	try (OutputStream stream = new FileOutputStream(DIR + "/" + file)) {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	173	ks.store(stream, PASSWORD);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	174	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	175	System.out.println("Created a " + type + " keystore named '" + file + "'");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	176	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	177
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	178	// Instantiate a keystore by probing the supplied file for the keystore type
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	179	private static void probe(String file, String type) throws Exception {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	180	// First try with the correct password
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	181	KeyStore ks = KeyStore.getInstance(new File(DIR, file), PASSWORD);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	182	if (!type.equalsIgnoreCase(ks.getType())) {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	183	throw new Exception("ERROR: expected a " + type + " keystore, " +
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	184	"got a " + ks.getType() + " keystore instead");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	185	} else {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	186	System.out.println("Probed a " + type + " keystore named '" + file + "'");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	187	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	188
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	189	// Next try with an incorrect password
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	190	try {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	191	ks = KeyStore.getInstance(new File(DIR, file), BAD_PASSWORD);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	192	throw new Exception("ERROR: expected an exception but got success");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	193	} catch (IOException e) {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	194	System.out.println("Failed to load a " + type + " keystore named '" + file + "' (as expected)");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	195	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	196	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	197
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	198	// Instantiate a keystore by probing the supplied file for the keystore type
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	199	private static void build(String file, String type, boolean usePassword)
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	200	throws Exception {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	201
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	202	Builder builder;
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	203	if (usePassword) {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	204	builder = Builder.newInstance(new File(DIR, file),
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	205	new PasswordProtection(PASSWORD));
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	206	} else {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	207	builder = Builder.newInstance(new File(DIR, file),
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	208	new CallbackHandlerProtection(new DummyHandler()));
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	209	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	210	KeyStore ks = builder.getKeyStore();
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	211	if (!type.equalsIgnoreCase(ks.getType())) {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	212	throw new Exception("ERROR: expected a " + type + " keystore, " +
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	213	"got a " + ks.getType() + " keystore instead");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	214	} else {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	215	System.out.println("Built a " + type + " keystore named '" + file + "'");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	216	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	217	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	218
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	219	// Load the keystore entries
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	220	private static void load(String file, String type) throws Exception {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	221	KeyStore ks = KeyStore.getInstance(type);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	222	try (InputStream stream = new FileInputStream(DIR + "/" + file)) {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	223	ks.load(stream, PASSWORD);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	224	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	225	if (!type.equalsIgnoreCase(ks.getType())) {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	226	throw new Exception("ERROR: expected a " + type + " keystore, " +
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	227	"got a " + ks.getType() + " keystore instead");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	228	} else {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	229	System.out.println("Loaded a " + type + " keystore named '" + file + "'");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	230	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	231	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	232
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	233	// Load the keystore entries (with compatibility mode disabled)
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	234	private static void load(String file, String type, boolean expectFailure)
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	235	throws Exception {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	236	Security.setProperty("keystore.type.compat", "false");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	237	try {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	238	load(file, type);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	239	if (expectFailure) {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	240	throw new Exception("ERROR: expected load to fail but it didn't");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	241	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	242	} catch (IOException e) {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	243	if (expectFailure) {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	244	System.out.println("Failed to load a " + type + " keystore named '" + file + "' (as expected)");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	245	} else {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	246	throw e;
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	247	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	248	} finally {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	249	Security.setProperty("keystore.type.compat", "true");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	250	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	251	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	252
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	253	// Read an X.509 certificate from the supplied file
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	254	private static X509Certificate loadCertificate(String certFile)
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	255	throws Exception {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	256	X509Certificate cert = null;
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	257	try (FileInputStream certStream =
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	258	new FileInputStream(DIR + "/" + certFile)) {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	259	CertificateFactory factory =
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	260	CertificateFactory.getInstance("X.509");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	261	return (X509Certificate) factory.generateCertificate(certStream);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	262	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	263	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	264
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	265	// Generate a secret key using the supplied algorithm name and key size
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	266	private static SecretKey generateSecretKey(String algorithm, int size)
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	267	throws NoSuchAlgorithmException {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	268	KeyGenerator generator = KeyGenerator.getInstance(algorithm);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	269	generator.init(size);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	270	return generator.generateKey();
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	271	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	272
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	273	private static class DummyHandler implements CallbackHandler {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	274	public void handle(Callback[] callbacks)
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	275	throws IOException, UnsupportedCallbackException {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	276	System.out.println("** Callbackhandler invoked");
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	277	for (int i = 0; i < callbacks.length; i++) {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	278	Callback cb = callbacks[i];
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	279	if (cb instanceof PasswordCallback) {
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	280	PasswordCallback pcb = (PasswordCallback)cb;
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	281	pcb.setPassword(PASSWORD);
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	282	break;
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	283	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	284	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	285	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	286	}
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: diff changeset	287	}

author	vinnie
	Tue, 23 Dec 2014 16:30:57 +0000
changeset 28243	47080f9ae750
child 30688	7f1db57197d4
permissions	-rw-r--r--