author | xuelei |
Mon, 25 Jun 2018 13:41:39 -0700 | |
changeset 50768 | 68fa3d4026ea |
parent 47216 | 71c04702a3d5 |
permissions | -rw-r--r-- |
904
eadc9fa4b700
6480981: keytool should be able to import certificates from remote SSL servers
weijun
parents:
diff
changeset
|
1 |
/* |
43096
22875dc4eec5
8171423: Relocate /test/lib/security/SecurityTools.java
amjiang
parents:
41960
diff
changeset
|
2 |
* Copyright (c) 2008, 2017, Oracle and/or its affiliates. All rights reserved. |
904
eadc9fa4b700
6480981: keytool should be able to import certificates from remote SSL servers
weijun
parents:
diff
changeset
|
3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
eadc9fa4b700
6480981: keytool should be able to import certificates from remote SSL servers
weijun
parents:
diff
changeset
|
4 |
* |
eadc9fa4b700
6480981: keytool should be able to import certificates from remote SSL servers
weijun
parents:
diff
changeset
|
5 |
* This code is free software; you can redistribute it and/or modify it |
eadc9fa4b700
6480981: keytool should be able to import certificates from remote SSL servers
weijun
parents:
diff
changeset
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
eadc9fa4b700
6480981: keytool should be able to import certificates from remote SSL servers
weijun
parents:
diff
changeset
|
7 |
* published by the Free Software Foundation. |
eadc9fa4b700
6480981: keytool should be able to import certificates from remote SSL servers
weijun
parents:
diff
changeset
|
8 |
* |
eadc9fa4b700
6480981: keytool should be able to import certificates from remote SSL servers
weijun
parents:
diff
changeset
|
9 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
eadc9fa4b700
6480981: keytool should be able to import certificates from remote SSL servers
weijun
parents:
diff
changeset
|
10 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
eadc9fa4b700
6480981: keytool should be able to import certificates from remote SSL servers
weijun
parents:
diff
changeset
|
11 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
eadc9fa4b700
6480981: keytool should be able to import certificates from remote SSL servers
weijun
parents:
diff
changeset
|
12 |
* version 2 for more details (a copy is included in the LICENSE file that |
eadc9fa4b700
6480981: keytool should be able to import certificates from remote SSL servers
weijun
parents:
diff
changeset
|
13 |
* accompanied this code). |
eadc9fa4b700
6480981: keytool should be able to import certificates from remote SSL servers
weijun
parents:
diff
changeset
|
14 |
* |
eadc9fa4b700
6480981: keytool should be able to import certificates from remote SSL servers
weijun
parents:
diff
changeset
|
15 |
* You should have received a copy of the GNU General Public License version |
eadc9fa4b700
6480981: keytool should be able to import certificates from remote SSL servers
weijun
parents:
diff
changeset
|
16 |
* 2 along with this work; if not, write to the Free Software Foundation, |
eadc9fa4b700
6480981: keytool should be able to import certificates from remote SSL servers
weijun
parents:
diff
changeset
|
17 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
eadc9fa4b700
6480981: keytool should be able to import certificates from remote SSL servers
weijun
parents:
diff
changeset
|
18 |
* |
5506 | 19 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
20 |
* or visit www.oracle.com if you need additional information or have any |
|
21 |
* questions. |
|
904
eadc9fa4b700
6480981: keytool should be able to import certificates from remote SSL servers
weijun
parents:
diff
changeset
|
22 |
*/ |
eadc9fa4b700
6480981: keytool should be able to import certificates from remote SSL servers
weijun
parents:
diff
changeset
|
23 |
|
39461
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
24 |
/* |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
25 |
* @test |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
26 |
* @bug 6480981 8160624 |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
27 |
* @summary keytool should be able to import certificates from remote SSL server |
43096
22875dc4eec5
8171423: Relocate /test/lib/security/SecurityTools.java
amjiang
parents:
41960
diff
changeset
|
28 |
* @library /test/lib |
45467
99c87a16a8e4
8181761: add explicit @build actions for jdk.test.lib classes in all :tier2 tests
iignatyev
parents:
43096
diff
changeset
|
29 |
* @build jdk.test.lib.SecurityTools |
99c87a16a8e4
8181761: add explicit @build actions for jdk.test.lib classes in all :tier2 tests
iignatyev
parents:
43096
diff
changeset
|
30 |
* jdk.test.lib.Utils |
99c87a16a8e4
8181761: add explicit @build actions for jdk.test.lib classes in all :tier2 tests
iignatyev
parents:
43096
diff
changeset
|
31 |
* jdk.test.lib.Asserts |
99c87a16a8e4
8181761: add explicit @build actions for jdk.test.lib classes in all :tier2 tests
iignatyev
parents:
43096
diff
changeset
|
32 |
* jdk.test.lib.JDKToolFinder |
99c87a16a8e4
8181761: add explicit @build actions for jdk.test.lib classes in all :tier2 tests
iignatyev
parents:
43096
diff
changeset
|
33 |
* jdk.test.lib.JDKToolLauncher |
99c87a16a8e4
8181761: add explicit @build actions for jdk.test.lib classes in all :tier2 tests
iignatyev
parents:
43096
diff
changeset
|
34 |
* jdk.test.lib.Platform |
99c87a16a8e4
8181761: add explicit @build actions for jdk.test.lib classes in all :tier2 tests
iignatyev
parents:
43096
diff
changeset
|
35 |
* jdk.test.lib.process.* |
39461
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
36 |
* @run main/othervm PrintSSL |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
37 |
*/ |
904
eadc9fa4b700
6480981: keytool should be able to import certificates from remote SSL servers
weijun
parents:
diff
changeset
|
38 |
|
eadc9fa4b700
6480981: keytool should be able to import certificates from remote SSL servers
weijun
parents:
diff
changeset
|
39 |
import java.net.ServerSocket; |
41960
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
39461
diff
changeset
|
40 |
import java.nio.file.Files; |
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
39461
diff
changeset
|
41 |
import java.nio.file.Paths; |
39461
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
42 |
import java.util.concurrent.CountDownLatch; |
904
eadc9fa4b700
6480981: keytool should be able to import certificates from remote SSL servers
weijun
parents:
diff
changeset
|
43 |
import javax.net.ssl.SSLServerSocketFactory; |
eadc9fa4b700
6480981: keytool should be able to import certificates from remote SSL servers
weijun
parents:
diff
changeset
|
44 |
import javax.net.ssl.SSLSocket; |
43096
22875dc4eec5
8171423: Relocate /test/lib/security/SecurityTools.java
amjiang
parents:
41960
diff
changeset
|
45 |
import jdk.test.lib.SecurityTools; |
22875dc4eec5
8171423: Relocate /test/lib/security/SecurityTools.java
amjiang
parents:
41960
diff
changeset
|
46 |
import jdk.test.lib.process.OutputAnalyzer; |
904
eadc9fa4b700
6480981: keytool should be able to import certificates from remote SSL servers
weijun
parents:
diff
changeset
|
47 |
|
eadc9fa4b700
6480981: keytool should be able to import certificates from remote SSL servers
weijun
parents:
diff
changeset
|
48 |
public class PrintSSL { |
39461
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
49 |
|
41960
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
39461
diff
changeset
|
50 |
public static void main(String[] args) throws Throwable { |
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
39461
diff
changeset
|
51 |
Files.deleteIfExists(Paths.get("keystore")); |
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
39461
diff
changeset
|
52 |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
39461
diff
changeset
|
53 |
// make sure that "-printcert" works with weak algorithms |
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
39461
diff
changeset
|
54 |
OutputAnalyzer out = SecurityTools.keytool("-genkeypair " |
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
39461
diff
changeset
|
55 |
+ "-keystore keystore -storepass passphrase " |
50768 | 56 |
+ "-keypass passphrase -keyalg rsa -keysize 1024 " |
41960
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
39461
diff
changeset
|
57 |
+ "-sigalg MD5withRSA -alias rsa_alias -dname CN=Server"); |
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
39461
diff
changeset
|
58 |
System.out.println(out.getOutput()); |
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
39461
diff
changeset
|
59 |
out.shouldHaveExitValue(0); |
39461
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
60 |
|
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
61 |
int port = new Server().start(); |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
62 |
if(port == -1) { |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
63 |
throw new RuntimeException("Unable start ssl server."); |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
64 |
} |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
65 |
String vmOpt = System.getProperty("TESTTOOLVMOPTS"); |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
66 |
String cmd = String.format( |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
67 |
"-debug %s -printcert -sslserver localhost:%s", |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
68 |
((vmOpt == null) ? "" : vmOpt ), port); |
41960
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
39461
diff
changeset
|
69 |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
39461
diff
changeset
|
70 |
out = SecurityTools.keytool(cmd); |
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
39461
diff
changeset
|
71 |
System.out.println(out.getOutput()); |
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
39461
diff
changeset
|
72 |
out.shouldHaveExitValue(0); |
39461
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
73 |
} |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
74 |
|
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
75 |
private static class Server implements Runnable { |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
76 |
|
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
77 |
private volatile int serverPort = -1; |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
78 |
private final CountDownLatch untilServerReady = new CountDownLatch(1); |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
79 |
|
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
80 |
public int start() throws InterruptedException { |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
81 |
|
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
82 |
Thread server = new Thread(this); |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
83 |
server.setDaemon(true); |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
84 |
server.start(); |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
85 |
untilServerReady.await(); |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
86 |
return this.getServerPort(); |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
87 |
} |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
88 |
|
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
89 |
@Override |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
90 |
public void run() { |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
91 |
|
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
92 |
System.setProperty("javax.net.ssl.keyStorePassword", "passphrase"); |
41960
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
39461
diff
changeset
|
93 |
System.setProperty("javax.net.ssl.keyStore", "keystore"); |
39461
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
94 |
SSLServerSocketFactory sslssf = |
50768 | 95 |
(SSLServerSocketFactory) SSLServerSocketFactory.getDefault(); |
39461
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
96 |
try (ServerSocket server = sslssf.createServerSocket(0)) { |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
97 |
this.serverPort = server.getLocalPort(); |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
98 |
System.out.printf("%nServer started on: %s%n", getServerPort()); |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
99 |
untilServerReady.countDown(); |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
100 |
((SSLSocket)server.accept()).startHandshake(); |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
101 |
} catch (Throwable e) { |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
102 |
e.printStackTrace(System.out); |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
103 |
untilServerReady.countDown(); |
904
eadc9fa4b700
6480981: keytool should be able to import certificates from remote SSL servers
weijun
parents:
diff
changeset
|
104 |
} |
39461
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
105 |
|
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
106 |
} |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
107 |
|
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
108 |
public int getServerPort() { |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
109 |
return this.serverPort; |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
110 |
} |
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
111 |
|
904
eadc9fa4b700
6480981: keytool should be able to import certificates from remote SSL servers
weijun
parents:
diff
changeset
|
112 |
} |
50768 | 113 |
} |
39461
62d04767cf47
8160624: sun/security/tools/keytool/printssl.sh failed with "Socket closed"
ssahoo
parents:
23237
diff
changeset
|
114 |