author | vtewari |
Wed, 25 Apr 2018 12:29:48 +0530 | |
changeset 49882 | a02abc7e5536 |
parent 47216 | 71c04702a3d5 |
child 51944 | 28085dba5d9a |
permissions | -rw-r--r-- |
2 | 1 |
/* |
49882
a02abc7e5536
8144806: sun/security/tools/keytool/standard.sh fails intermittently at deleting x.jks
vtewari
parents:
47216
diff
changeset
|
2 |
* Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved. |
2 | 3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 |
* |
|
5 |
* This code is free software; you can redistribute it and/or modify it |
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
|
7 |
* published by the Free Software Foundation. |
|
8 |
* |
|
9 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
10 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
11 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
12 |
* version 2 for more details (a copy is included in the LICENSE file that |
|
13 |
* accompanied this code). |
|
14 |
* |
|
15 |
* You should have received a copy of the GNU General Public License version |
|
16 |
* 2 along with this work; if not, write to the Free Software Foundation, |
|
17 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
18 |
* |
|
5506 | 19 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
20 |
* or visit www.oracle.com if you need additional information or have any |
|
21 |
* questions. |
|
2 | 22 |
*/ |
23 |
||
24 |
/* |
|
25 |
* |
|
26 |
* |
|
27 |
* @summary Testing keytool |
|
28 |
* @author weijun.wang |
|
29 |
* |
|
30 |
* Run through autotest.sh and manualtest.sh |
|
31 |
* |
|
32 |
* Testing non-PKCS11 keystores: |
|
33 |
* echo | java -Dfile KeyToolTest |
|
34 |
* |
|
35 |
* Testing NSS PKCS11 keystores: |
|
36 |
* # testing NSS |
|
37 |
* # make sure the NSS db files are in current directory and writable |
|
38 |
* echo | java -Dnss -Dnss.lib=/path/to/libsoftokn3.so KeyToolTest |
|
39 |
* |
|
40 |
* Testing Solaris Cryptography Framework PKCS11 keystores: |
|
41 |
* # make sure you've already run pktool and set test12 as pin |
|
42 |
* echo | java -Dsolaris KeyToolTest |
|
43 |
* |
|
44 |
* ATTENTION: |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
45 |
* Exception in thread "main" java.security.ProviderException: |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
46 |
* sun.security.pkcs11.wrapper.PKCS11Exception: CKR_KEY_SIZE_RANGE |
2 | 47 |
* at sun.security.pkcs11.P11Signature.engineSign(P11Signature.java:420) |
48 |
* ... |
|
49 |
* Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_KEY_SIZE_RANGE |
|
50 |
* at sun.security.pkcs11.wrapper.PKCS11.C_SignFinal(Native Method) |
|
51 |
* at sun.security.pkcs11.P11Signature.engineSign(P11Signature.java:391) |
|
52 |
* ... |
|
53 |
* been observed. Possibly a Solaris bug |
|
54 |
* |
|
55 |
* ATTENTION: |
|
56 |
* NSS PKCS11 config file are changed, DSA not supported now. |
|
57 |
*/ |
|
58 |
||
29596
70399c7a7f5a
8074935: jdk8 keytool doesn't validate pem files for RFC 1421 correctness, as jdk7 did
weijun
parents:
29225
diff
changeset
|
59 |
import java.nio.file.Files; |
70399c7a7f5a
8074935: jdk8 keytool doesn't validate pem files for RFC 1421 correctness, as jdk7 did
weijun
parents:
29225
diff
changeset
|
60 |
import java.nio.file.Paths; |
2 | 61 |
import java.security.KeyStore; |
62 |
import sun.security.x509.*; |
|
63 |
import java.io.*; |
|
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
64 |
import java.security.KeyPairGenerator; |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
65 |
import java.security.NoSuchAlgorithmException; |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
66 |
import java.util.*; |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
67 |
import java.security.cert.X509Certificate; |
49882
a02abc7e5536
8144806: sun/security/tools/keytool/standard.sh fails intermittently at deleting x.jks
vtewari
parents:
47216
diff
changeset
|
68 |
import jdk.test.lib.util.FileUtils; |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
69 |
import sun.security.util.ObjectIdentifier; |
2 | 70 |
|
71 |
public class KeyToolTest { |
|
72 |
||
73 |
// The stdout and stderr outputs after a keytool run |
|
74 |
String out; |
|
75 |
String err; |
|
76 |
||
77 |
// the output of println() in KeyTool.run |
|
78 |
String ex; |
|
79 |
||
80 |
String lastInput = "", lastCommand = ""; |
|
81 |
private static final boolean debug = |
|
82 |
System.getProperty("debug") != null; |
|
83 |
||
84 |
static final String NSS_P11_ARG = |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
85 |
"-keystore NONE -storetype PKCS11 -providerName SunPKCS11-nss " + |
39633
9dc7586be5f0
8130302: jarsigner and keytool -providerClass needs be re-examined for modules
weijun
parents:
29596
diff
changeset
|
86 |
"-addprovider SunPKCS11 " + |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
87 |
"-providerArg p11-nss.txt "; |
39633
9dc7586be5f0
8130302: jarsigner and keytool -providerClass needs be re-examined for modules
weijun
parents:
29596
diff
changeset
|
88 |
// Use -providerClass here, to confirm it still works for SunPKCS11. |
2 | 89 |
static final String NSS_SRC_P11_ARG = |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
90 |
"-srckeystore NONE -srcstoretype PKCS11 " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
91 |
"-srcproviderName SunPKCS11-nss " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
92 |
"-providerClass sun.security.pkcs11.SunPKCS11 " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
93 |
"-providerArg p11-nss.txt "; |
2 | 94 |
static final String NZZ_P11_ARG = |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
95 |
"-keystore NONE -storetype PKCS11 -providerName SunPKCS11-nzz " + |
39633
9dc7586be5f0
8130302: jarsigner and keytool -providerClass needs be re-examined for modules
weijun
parents:
29596
diff
changeset
|
96 |
"-addprovider SunPKCS11 " + |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
97 |
"-providerArg p11-nzz.txt "; |
2 | 98 |
static final String NZZ_SRC_P11_ARG = |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
99 |
"-srckeystore NONE -srcstoretype PKCS11 " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
100 |
"-srcproviderName SunPKCS11-nzz " + |
39633
9dc7586be5f0
8130302: jarsigner and keytool -providerClass needs be re-examined for modules
weijun
parents:
29596
diff
changeset
|
101 |
"-addprovider SunPKCS11 " + |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
102 |
"-providerArg p11-nzz.txt "; |
2 | 103 |
static final String SUN_P11_ARG = "-keystore NONE -storetype PKCS11 "; |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
104 |
static final String SUN_SRC_P11_ARG = |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
105 |
"-srckeystore NONE -srcstoretype PKCS11 "; |
2 | 106 |
|
107 |
String p11Arg, srcP11Arg; |
|
108 |
||
109 |
/** Creates a new instance of KeyToolTest */ |
|
110 |
KeyToolTest() { |
|
111 |
// so that there is "Warning" and not translated into other language |
|
112 |
Locale.setDefault(Locale.US); |
|
113 |
} |
|
114 |
||
115 |
/** |
|
116 |
* Helper, removes a file |
|
117 |
*/ |
|
118 |
void remove(String filename) { |
|
119 |
if (debug) { |
|
120 |
System.err.println("Removing " + filename); |
|
121 |
} |
|
49882
a02abc7e5536
8144806: sun/security/tools/keytool/standard.sh fails intermittently at deleting x.jks
vtewari
parents:
47216
diff
changeset
|
122 |
try{ |
a02abc7e5536
8144806: sun/security/tools/keytool/standard.sh fails intermittently at deleting x.jks
vtewari
parents:
47216
diff
changeset
|
123 |
FileUtils.deleteFileIfExistsWithRetry(Paths.get(filename)); |
a02abc7e5536
8144806: sun/security/tools/keytool/standard.sh fails intermittently at deleting x.jks
vtewari
parents:
47216
diff
changeset
|
124 |
}catch(IOException e) { |
a02abc7e5536
8144806: sun/security/tools/keytool/standard.sh fails intermittently at deleting x.jks
vtewari
parents:
47216
diff
changeset
|
125 |
throw new RuntimeException("Error deleting " + filename, e); |
2 | 126 |
} |
127 |
} |
|
128 |
||
129 |
/** |
|
130 |
* Run a set of keytool command with given terminal input. |
|
131 |
* @param input the terminal inputs, the characters typed by human |
|
132 |
* if <code>cmd</code> is running on a terminal |
|
133 |
* @param cmd the argument of a keytool command line |
|
134 |
* @throws if keytool goes wrong in some place |
|
135 |
*/ |
|
136 |
void test(String input, String cmd) throws Exception { |
|
137 |
lastInput = input; |
|
138 |
lastCommand = cmd; |
|
139 |
||
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
140 |
// "X" is appended so that we can precisely test how input is consumed |
2 | 141 |
HumanInputStream in = new HumanInputStream(input+"X"); |
142 |
test(in, cmd); |
|
143 |
// make sure the input string is no more no less |
|
144 |
if(in.read() != 'X' || in.read() != -1) |
|
145 |
throw new Exception("Input not consumed exactly"); |
|
146 |
} |
|
147 |
||
148 |
void test(InputStream in, String cmd) throws Exception { |
|
149 |
||
150 |
// save the original 3 streams |
|
151 |
if (debug) { |
|
152 |
System.err.println(cmd); |
|
153 |
} else { |
|
154 |
System.err.print("."); |
|
155 |
} |
|
156 |
PrintStream p1 = System.out; |
|
157 |
PrintStream p2 = System.err; |
|
158 |
InputStream i1 = System.in; |
|
159 |
||
160 |
ByteArrayOutputStream b1 = new ByteArrayOutputStream(); |
|
161 |
ByteArrayOutputStream b2 = new ByteArrayOutputStream(); |
|
162 |
||
163 |
try { |
|
164 |
System.setIn(in); |
|
165 |
System.setOut(new PrintStream(b1)); |
|
166 |
System.setErr(new PrintStream(b2)); |
|
167 |
||
14182
3041082abb40
7194449: String resources for Key Tool and Policy Tool should be in their respective packages
sflores
parents:
12871
diff
changeset
|
168 |
// since System.in is overrided, the |
3041082abb40
7194449: String resources for Key Tool and Policy Tool should be in their respective packages
sflores
parents:
12871
diff
changeset
|
169 |
// sun.security.tools.keytool.Main.main() method will |
2 | 170 |
// never block at user input |
171 |
||
14182
3041082abb40
7194449: String resources for Key Tool and Policy Tool should be in their respective packages
sflores
parents:
12871
diff
changeset
|
172 |
// use -debug so that main() will throw an Exception |
2 | 173 |
// instead of calling System.exit() |
14182
3041082abb40
7194449: String resources for Key Tool and Policy Tool should be in their respective packages
sflores
parents:
12871
diff
changeset
|
174 |
sun.security.tools.keytool.Main.main(("-debug "+cmd).split("\\s+")); |
2 | 175 |
} finally { |
176 |
out = b1.toString(); |
|
177 |
err = b2.toString(); |
|
178 |
ex = out; // now it goes to System.out |
|
179 |
System.setIn(i1); |
|
180 |
System.setOut(p1); |
|
181 |
System.setErr(p2); |
|
182 |
} |
|
183 |
} |
|
184 |
||
185 |
/** |
|
186 |
* Call this method if you expect test(input, cmd) should go OK |
|
187 |
*/ |
|
188 |
void testOK(String input, String cmd) throws Exception { |
|
189 |
try { |
|
27344
890be6336eab
8057810: New defaults for DSA keys in jarsigner and keytool
weijun
parents:
14182
diff
changeset
|
190 |
// Workaround for "8057810: Make SHA256withDSA the default |
890be6336eab
8057810: New defaults for DSA keys in jarsigner and keytool
weijun
parents:
14182
diff
changeset
|
191 |
// jarsigner and keytool algorithm for DSA keys". Unfortunately |
890be6336eab
8057810: New defaults for DSA keys in jarsigner and keytool
weijun
parents:
14182
diff
changeset
|
192 |
// SunPKCS11-NSS does not support SHA256withDSA yet. |
890be6336eab
8057810: New defaults for DSA keys in jarsigner and keytool
weijun
parents:
14182
diff
changeset
|
193 |
if (cmd.contains("p11-nss.txt") && cmd.contains("-genkey") |
890be6336eab
8057810: New defaults for DSA keys in jarsigner and keytool
weijun
parents:
14182
diff
changeset
|
194 |
&& !cmd.contains("-keyalg")) { |
890be6336eab
8057810: New defaults for DSA keys in jarsigner and keytool
weijun
parents:
14182
diff
changeset
|
195 |
cmd += " -sigalg SHA1withDSA -keysize 1024"; |
890be6336eab
8057810: New defaults for DSA keys in jarsigner and keytool
weijun
parents:
14182
diff
changeset
|
196 |
} |
2 | 197 |
test(input, cmd); |
198 |
} catch(Exception e) { |
|
199 |
afterFail(input, cmd, "OK"); |
|
200 |
throw e; |
|
201 |
} |
|
202 |
} |
|
203 |
||
204 |
/** |
|
205 |
* Call this method if you expect test(input, cmd) should fail and throw |
|
206 |
* an exception |
|
207 |
*/ |
|
208 |
void testFail(String input, String cmd) throws Exception { |
|
209 |
boolean ok; |
|
210 |
try { |
|
211 |
test(input, cmd); |
|
212 |
ok = true; |
|
213 |
} catch(Exception e) { |
|
214 |
if (e instanceof MissingResourceException) { |
|
215 |
ok = true; |
|
216 |
} else { |
|
217 |
ok = false; |
|
218 |
} |
|
219 |
} |
|
220 |
if(ok) { |
|
221 |
afterFail(input, cmd, "FAIL"); |
|
222 |
throw new RuntimeException(); |
|
223 |
} |
|
224 |
} |
|
225 |
||
226 |
/** |
|
227 |
* Call this method if you expect test(input, cmd) should go OK |
|
228 |
*/ |
|
229 |
void testOK(InputStream is, String cmd) throws Exception { |
|
230 |
try { |
|
231 |
test(is, cmd); |
|
232 |
} catch(Exception e) { |
|
233 |
afterFail("", cmd, "OK"); |
|
234 |
throw e; |
|
235 |
} |
|
236 |
} |
|
237 |
||
238 |
/** |
|
239 |
* Call this method if you expect test(input, cmd) should fail and throw |
|
240 |
* an exception |
|
241 |
*/ |
|
242 |
void testFail(InputStream is, String cmd) throws Exception { |
|
243 |
boolean ok; |
|
244 |
try { |
|
245 |
test(is, cmd); |
|
246 |
ok = true; |
|
247 |
} catch(Exception e) { |
|
248 |
ok = false; |
|
249 |
} |
|
250 |
if(ok) { |
|
251 |
afterFail("", cmd, "FAIL"); |
|
252 |
throw new RuntimeException(); |
|
253 |
} |
|
254 |
} |
|
255 |
||
256 |
/** |
|
257 |
* Call this method if you just want to run the command and does |
|
258 |
* not care if it succeeds or fails. |
|
259 |
*/ |
|
260 |
void testAnyway(String input, String cmd) { |
|
261 |
try { |
|
262 |
test(input, cmd); |
|
263 |
} catch(Exception e) { |
|
264 |
; |
|
265 |
} |
|
266 |
} |
|
267 |
||
268 |
/** |
|
269 |
* Helper method, print some output after a test does not do as expected |
|
270 |
*/ |
|
271 |
void afterFail(String input, String cmd, String should) { |
|
27344
890be6336eab
8057810: New defaults for DSA keys in jarsigner and keytool
weijun
parents:
14182
diff
changeset
|
272 |
if (cmd.contains("p11-nss.txt")) { |
890be6336eab
8057810: New defaults for DSA keys in jarsigner and keytool
weijun
parents:
14182
diff
changeset
|
273 |
cmd = "-J-Dnss.lib=" + System.getProperty("nss.lib") + " " + cmd; |
890be6336eab
8057810: New defaults for DSA keys in jarsigner and keytool
weijun
parents:
14182
diff
changeset
|
274 |
} |
2 | 275 |
System.err.println("\nTest fails for the command ---\n" + |
276 |
"keytool " + cmd + "\nOr its debug version ---\n" + |
|
277 |
"keytool -debug " + cmd); |
|
278 |
||
279 |
System.err.println("The command result should be " + should + |
|
280 |
", but it's not. Try run the command manually and type" + |
|
281 |
" these input into it: "); |
|
282 |
char[] inputChars = input.toCharArray(); |
|
283 |
||
284 |
for (int i=0; i<inputChars.length; i++) { |
|
285 |
char ch = inputChars[i]; |
|
286 |
if (ch == '\n') System.err.print("ENTER "); |
|
287 |
else if (ch == ' ') System.err.print("SPACE "); |
|
288 |
else System.err.print(ch + " "); |
|
289 |
} |
|
290 |
System.err.println(""); |
|
291 |
||
292 |
System.err.println("ERR is:\n"+err); |
|
293 |
System.err.println("OUT is:\n"+out); |
|
294 |
} |
|
295 |
||
296 |
void assertTrue(boolean bool, String msg) { |
|
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
297 |
if (debug) { |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
298 |
System.err.println("If not " + bool + ", " + msg); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
299 |
} else { |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
300 |
System.err.print("v"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
301 |
} |
2 | 302 |
if(!bool) { |
303 |
afterFail(lastInput, lastCommand, "TRUE"); |
|
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
304 |
System.err.println(msg); |
2 | 305 |
throw new RuntimeException(msg); |
306 |
} |
|
307 |
} |
|
308 |
||
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
309 |
void assertTrue(boolean bool) { |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
310 |
assertTrue(bool, "well..."); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
311 |
} |
2 | 312 |
/** |
313 |
* Helper method, load a keystore |
|
314 |
* @param file file for keystore, null or "NONE" for PKCS11 |
|
315 |
* @pass password for the keystore |
|
316 |
* @type keystore type |
|
317 |
* @returns the KeyStore object |
|
318 |
* @exception Exception if anything goes wrong |
|
319 |
*/ |
|
320 |
KeyStore loadStore(String file, String pass, String type) throws Exception { |
|
321 |
KeyStore ks = KeyStore.getInstance(type); |
|
322 |
FileInputStream is = null; |
|
323 |
if (file != null && !file.equals("NONE")) { |
|
324 |
is = new FileInputStream(file); |
|
325 |
} |
|
326 |
ks.load(is, pass.toCharArray()); |
|
327 |
is.close(); |
|
328 |
return ks; |
|
329 |
} |
|
330 |
||
331 |
/** |
|
332 |
* The test suite. |
|
333 |
* Maybe it's better to put this outside the KeyToolTest class |
|
334 |
*/ |
|
335 |
void testAll() throws Exception { |
|
336 |
KeyStore ks; |
|
337 |
||
338 |
remove("x.jks"); |
|
339 |
remove("x.jceks"); |
|
340 |
remove("x.p12"); |
|
341 |
remove("x2.jceks"); |
|
342 |
remove("x2.jks"); |
|
343 |
remove("x.jks.p1.cert"); |
|
344 |
||
345 |
// name changes: genkeypair, importcert, exportcert |
|
346 |
remove("x.jks"); |
|
347 |
remove("x.jks.p1.cert"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
348 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
349 |
"-keypass changeit -genkeypair -alias p1 -dname CN=olala"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
350 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
351 |
"-exportcert -alias p1 -file x.jks.p1.cert"); |
2 | 352 |
ks = loadStore("x.jks", "changeit", "JKS"); |
353 |
assertTrue(ks.getKey("p1", "changeit".toCharArray()) != null, |
|
354 |
"key not DSA"); |
|
355 |
assertTrue(new File("x.jks.p1.cert").exists(), "p1 export err"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
356 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
357 |
"-delete -alias p1"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
358 |
// importcert, prompt for Yes/No |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
359 |
testOK("y\n", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
360 |
"-importcert -alias c1 -file x.jks.p1.cert"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
361 |
// importcert, -noprompt |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
362 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
363 |
"-importcert -alias c2 -file x.jks.p1.cert -noprompt"); |
2 | 364 |
ks = loadStore("x.jks", "changeit", "JKS"); |
365 |
assertTrue(ks.getCertificate("c1") != null, "import c1 err"); |
|
366 |
||
367 |
// v3 |
|
368 |
byte[] encoded = ks.getCertificate("c1").getEncoded(); |
|
369 |
X509CertImpl certImpl = new X509CertImpl(encoded); |
|
370 |
assertTrue(certImpl.getVersion() == 3, "Version is not 3"); |
|
371 |
||
372 |
// changealias and keyclone |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
373 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
374 |
"-keypass changeit -genkeypair -alias p1 -dname CN=olala"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
375 |
testOK("changeit\n", "-keystore x.jks -storetype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
376 |
"-changealias -alias p1 -destalias p11"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
377 |
testOK("changeit\n", "-keystore x.jks -storetype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
378 |
"-changealias -alias c1 -destalias c11"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
379 |
// press ENTER when prompt for p111's keypass |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
380 |
testOK("changeit\n\n", "-keystore x.jks -storetype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
381 |
"-keyclone -alias p11 -destalias p111"); |
2 | 382 |
ks = loadStore("x.jks", "changeit", "JKS"); |
383 |
assertTrue(!ks.containsAlias("p1"), "there is no p1"); |
|
384 |
assertTrue(!ks.containsAlias("c1"), "there is no c1"); |
|
385 |
assertTrue(ks.containsAlias("p11"), "there is p11"); |
|
386 |
assertTrue(ks.containsAlias("c11"), "there is c11"); |
|
387 |
assertTrue(ks.containsAlias("p111"), "there is p111"); |
|
388 |
||
389 |
// genSecKey |
|
390 |
remove("x.jceks"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
391 |
// DES, no need keysize |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
392 |
testOK("changeit\nchangeit\n\n", "-keystore x.jceks -storetype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
393 |
"-genseckey -alias s1"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
394 |
// DES, keysize cannot be 128 |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
395 |
testFail("changeit\n\n", "-keystore x.jceks -storetype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
396 |
"-genseckey -alias s11 -keysize 128"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
397 |
// DESede. no need keysize |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
398 |
testOK("changeit\n\n", "-keystore x.jceks -storetype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
399 |
"-genseckey -keyalg DESede -alias s2"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
400 |
// AES, need keysize |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
401 |
testFail("changeit\n\n", "-keystore x.jceks -storetype AES " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
402 |
"-genseckey -keyalg Rijndael -alias s3"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
403 |
testOK("changeit\n\n", "-keystore x.jceks -storetype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
404 |
"-genseckey -keyalg AES -alias s3 -keysize 128"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
405 |
// about keypass |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
406 |
// can accept storepass |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
407 |
testOK("\n", "-keystore x.jceks -storetype JCEKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
408 |
"-genseckey -alias s4"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
409 |
// or a new one |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
410 |
testOK("keypass\nkeypass\n", "-keystore x.jceks -storetype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
411 |
"-storepass changeit -genseckey -alias s5"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
412 |
// keypass must be valid (prompt 3 times) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
413 |
testOK("bad\n\bad\nkeypass\nkeypass\n", "-keystore x.jceks " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
414 |
"-storetype JCEKS -storepass changeit -genseckey -alias s6"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
415 |
// keypass must be valid (prompt 3 times) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
416 |
testFail("bad\n\bad\nbad\n", "-keystore x.jceks -storetype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
417 |
"-storepass changeit -genseckey -alias s7"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
418 |
// keypass must be valid (prompt 3 times) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
419 |
testFail("bad\n\bad\nbad\nkeypass\n", "-keystore x.jceks " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
420 |
"-storetype JCEKS -storepass changeit -genseckey -alias s7"); |
2 | 421 |
ks = loadStore("x.jceks", "changeit", "JCEKS"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
422 |
assertTrue(ks.getKey("s1", "changeit".toCharArray()) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
423 |
.getAlgorithm().equalsIgnoreCase("DES"), "s1 is DES"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
424 |
assertTrue(ks.getKey("s1", "changeit".toCharArray()) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
425 |
.getEncoded().length == 8, "DES is 56"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
426 |
assertTrue(ks.getKey("s2", "changeit".toCharArray()) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
427 |
.getEncoded().length == 24, "DESede is 168"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
428 |
assertTrue(ks.getKey("s2", "changeit".toCharArray()) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
429 |
.getAlgorithm().equalsIgnoreCase("DESede"), "s2 is DESede"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
430 |
assertTrue(ks.getKey("s3", "changeit".toCharArray()) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
431 |
.getAlgorithm().equalsIgnoreCase("AES"), "s3 is AES"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
432 |
assertTrue(ks.getKey("s4", "changeit".toCharArray()) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
433 |
.getAlgorithm().equalsIgnoreCase("DES"), "s4 is DES"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
434 |
assertTrue(ks.getKey("s5", "keypass".toCharArray()) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
435 |
.getAlgorithm().equalsIgnoreCase("DES"), "s5 is DES"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
436 |
assertTrue(ks.getKey("s6", "keypass".toCharArray()) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
437 |
.getAlgorithm().equalsIgnoreCase("DES"), "s6 is DES"); |
2 | 438 |
assertTrue(!ks.containsAlias("s7"), "s7 not created"); |
439 |
||
440 |
// maybe we needn't test this, one day JKS will support SecretKey |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
441 |
//testFail("changeit\nchangeit\n", "-keystore x.jks -storetype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
442 |
// "-genseckey -keyalg AES -alias s3 -keysize 128"); |
2 | 443 |
|
444 |
// importKeyStore |
|
445 |
remove("x.jks"); |
|
446 |
remove("x.jceks"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
447 |
// create 2 entries... |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
448 |
testOK("changeit\nchangeit\n\n", "-keystore x.jceks -storetype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
449 |
"-genkeypair -alias p1 -dname CN=Olala"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
450 |
testOK("", "-keystore x.jceks -storetype JCEKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
451 |
"-importcert -alias c1 -file x.jks.p1.cert -noprompt"); |
2 | 452 |
ks = loadStore("x.jceks", "changeit", "JCEKS"); |
453 |
assertTrue(ks.size() == 2, "2 entries in JCEKS"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
454 |
// import, shouldn't mention destalias/srckeypass/destkeypass |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
455 |
// if srcalias is no given |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
456 |
testFail("changeit\nchangeit\n", "-importkeystore " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
457 |
"-srckeystore x.jceks -srcstoretype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
458 |
"-destkeystore x.jks -deststoretype JKS -destalias pp"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
459 |
testFail("changeit\nchangeit\n", "-importkeystore " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
460 |
"-srckeystore x.jceks -srcstoretype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
461 |
"-destkeystore x.jks -deststoretype JKS -srckeypass changeit"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
462 |
testFail("changeit\nchangeit\n", "-importkeystore " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
463 |
"-srckeystore x.jceks -srcstoretype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
464 |
"-destkeystore x.jks -deststoretype JKS -destkeypass changeit"); |
2 | 465 |
// normal import |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
466 |
testOK("changeit\nchangeit\nchangeit\n", "-importkeystore " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
467 |
"-srckeystore x.jceks -srcstoretype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
468 |
"-destkeystore x.jks -deststoretype JKS"); |
2 | 469 |
ks = loadStore("x.jks", "changeit", "JKS"); |
470 |
assertTrue(ks.size() == 2, "2 entries in JKS"); |
|
471 |
// import again, type yes to overwrite old entries |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
472 |
testOK("changeit\nchangeit\ny\ny\n", "-importkeystore " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
473 |
"-srckeystore x.jceks -srcstoretype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
474 |
"-destkeystore x.jks -deststoretype JKS"); |
2 | 475 |
ks = loadStore("x.jks", "changeit", "JKS"); |
476 |
// import again, specify -nopromt |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
477 |
testOK("changeit\nchangeit\n", "-importkeystore " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
478 |
"-srckeystore x.jceks -srcstoretype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
479 |
"-destkeystore x.jks -deststoretype JKS -noprompt"); |
2 | 480 |
assertTrue(err.indexOf("Warning") != -1, "noprompt will warn"); |
481 |
ks = loadStore("x.jks", "changeit", "JKS"); |
|
482 |
assertTrue(ks.size() == 2, "2 entries in JKS"); |
|
483 |
// import again, type into new aliases when prompted |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
484 |
testOK("changeit\nchangeit\n\ns1\n\ns2\n", "-importkeystore " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
485 |
"-srckeystore x.jceks -srcstoretype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
486 |
"-destkeystore x.jks -deststoretype JKS"); |
2 | 487 |
ks = loadStore("x.jks", "changeit", "JKS"); |
488 |
assertTrue(ks.size() == 4, "4 entries in JKS"); |
|
489 |
||
490 |
// importkeystore single |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
491 |
// normal |
2 | 492 |
remove("x.jks"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
493 |
testOK("changeit\nchangeit\nchangeit\n", "-importkeystore " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
494 |
"-srckeystore x.jceks -srcstoretype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
495 |
"-destkeystore x.jks -deststoretype JKS -srcalias p1"); |
2 | 496 |
ks = loadStore("x.jks", "changeit", "JKS"); |
497 |
assertTrue(ks.size() == 1, "1 entries in JKS"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
498 |
// overwrite |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
499 |
testOK("changeit\nchangeit\ny\n", "-importkeystore " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
500 |
"-srckeystore x.jceks -srcstoretype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
501 |
"-destkeystore x.jks -deststoretype JKS -srcalias p1"); |
2 | 502 |
ks = loadStore("x.jks", "changeit", "JKS"); |
503 |
assertTrue(ks.size() == 1, "1 entries in JKS"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
504 |
// noprompt |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
505 |
testOK("changeit\nchangeit\n", "-importkeystore " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
506 |
"-srckeystore x.jceks -srcstoretype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
507 |
"-destkeystore x.jks -deststoretype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
508 |
"-srcalias p1 -noprompt"); |
2 | 509 |
ks = loadStore("x.jks", "changeit", "JKS"); |
510 |
assertTrue(ks.size() == 1, "1 entries in JKS"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
511 |
// rename |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
512 |
testOK("changeit\nchangeit\n", "-importkeystore " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
513 |
"-srckeystore x.jceks -srcstoretype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
514 |
"-destkeystore x.jks -deststoretype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
515 |
"-srcalias p1 -destalias p2"); |
2 | 516 |
ks = loadStore("x.jks", "changeit", "JKS"); |
517 |
assertTrue(ks.size() == 2, "2 entries in JKS"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
518 |
// another rename |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
519 |
testOK("changeit\nchangeit\n\nnewalias\n", "-importkeystore " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
520 |
"-srckeystore x.jceks -srcstoretype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
521 |
"-destkeystore x.jks -deststoretype JKS -srcalias p1"); |
2 | 522 |
ks = loadStore("x.jks", "changeit", "JKS"); |
523 |
assertTrue(ks.size() == 3, "3 entries in JKS"); |
|
524 |
||
525 |
// importkeystore single, different keypass |
|
526 |
remove("x.jks"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
527 |
// generate entry with different keypass |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
528 |
testOK("changeit\nkeypass\nkeypass\n", "-keystore x.jceks " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
529 |
"-storetype JCEKS -genkeypair -alias p2 -dname CN=Olala"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
530 |
// prompt |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
531 |
testOK("changeit\nchangeit\nchangeit\nkeypass\n", "-importkeystore " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
532 |
"-srckeystore x.jceks -srcstoretype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
533 |
"-destkeystore x.jks -deststoretype JKS -srcalias p2"); |
2 | 534 |
ks = loadStore("x.jks", "changeit", "JKS"); |
535 |
assertTrue(ks.size() == 1, "1 entries in JKS"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
536 |
// diff destkeypass |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
537 |
testOK("changeit\nchangeit\nkeypass\n", "-importkeystore " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
538 |
"-srckeystore x.jceks -srcstoretype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
539 |
"-destkeystore x.jks -deststoretype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
540 |
"-srcalias p2 -destalias p3 -destkeypass keypass2"); |
2 | 541 |
ks = loadStore("x.jks", "changeit", "JKS"); |
542 |
assertTrue(ks.size() == 2, "2 entries in JKS"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
543 |
assertTrue(ks.getKey("p2", "keypass".toCharArray()) != null, |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
544 |
"p2 has old password"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
545 |
assertTrue(ks.getKey("p3", "keypass2".toCharArray()) != null, |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
546 |
"p3 has new password"); |
2 | 547 |
|
548 |
// importkeystore single, cert |
|
549 |
remove("x.jks"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
550 |
// normal |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
551 |
testOK("changeit\nchangeit\nchangeit\n", "-importkeystore " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
552 |
"-srckeystore x.jceks -srcstoretype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
553 |
"-destkeystore x.jks -deststoretype JKS -srcalias c1"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
554 |
// in fact srcstorepass can be ignored |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
555 |
testOK("changeit\n\n", "-importkeystore " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
556 |
"-srckeystore x.jceks -srcstoretype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
557 |
"-destkeystore x.jks -deststoretype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
558 |
"-srcalias c1 -destalias c2"); |
2 | 559 |
assertTrue(err.indexOf("WARNING") != -1, "But will warn"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
560 |
// 2nd import, press y to overwrite ... |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
561 |
testOK("changeit\n\ny\n", "-importkeystore " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
562 |
"-srckeystore x.jceks -srcstoretype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
563 |
"-destkeystore x.jks -deststoretype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
564 |
"-srcalias c1 -destalias c2"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
565 |
// ... or rename |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
566 |
testOK("changeit\n\n\nc3\n", "-importkeystore " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
567 |
"-srckeystore x.jceks -srcstoretype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
568 |
"-destkeystore x.jks -deststoretype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
569 |
"-srcalias c1 -destalias c2"); |
2 | 570 |
ks = loadStore("x.jks", "changeit", "JKS"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
571 |
// c1, c2, c3 |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
572 |
assertTrue(ks.size() == 3, "3 entries in JKS"); |
2 | 573 |
|
574 |
// importkeystore, secretkey |
|
575 |
remove("x.jks"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
576 |
// create SecretKeyEntry |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
577 |
testOK("changeit\n\n", "-keystore x.jceks -storetype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
578 |
"-genseckey -alias s1"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
579 |
// create SecretKeyEntry |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
580 |
testOK("changeit\n\n", "-keystore x.jceks -storetype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
581 |
"-genseckey -alias s2"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
582 |
// remove the keypass!=storepass one |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
583 |
testOK("changeit\n", "-keystore x.jceks -storetype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
584 |
"-delete -alias p2"); |
2 | 585 |
ks = loadStore("x.jceks", "changeit", "JCEKS"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
586 |
// p1, c1, s1, s2 |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
587 |
assertTrue(ks.size() == 4, "4 entries in JCEKS"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
588 |
// normal |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
589 |
testOK("changeit\nchangeit\nchangeit\n", "-importkeystore " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
590 |
"-srckeystore x.jceks -srcstoretype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
591 |
"-destkeystore x.jks -deststoretype JKS -srcalias s1"); |
2 | 592 |
assertTrue(err.indexOf("not imported") != -1, "Not imported"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
593 |
assertTrue(err.indexOf("Cannot store non-PrivateKeys") != -1, |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
594 |
"Not imported"); |
2 | 595 |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
596 |
// Importing a JCEKS keystore to a JKS one. Will warn |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
597 |
// for the 2 SecretKey entries |
12871
b583b4c82a82
7174351: test/sun/security/tools/keytool/standard.sh failed after new Hashtable
weijun
parents:
10138
diff
changeset
|
598 |
|
2 | 599 |
remove("x.jks"); |
12871
b583b4c82a82
7174351: test/sun/security/tools/keytool/standard.sh failed after new Hashtable
weijun
parents:
10138
diff
changeset
|
600 |
// Two "no" answers to bypass warnings |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
601 |
// normal |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
602 |
testOK("\n\n", "-srcstorepass changeit -deststorepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
603 |
"-importkeystore -srckeystore x.jceks -srcstoretype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
604 |
"-destkeystore x.jks -deststoretype JKS"); |
2 | 605 |
assertTrue(err.indexOf("s1 not") != -1, "s1 not"); |
606 |
assertTrue(err.indexOf("s2 not") != -1, "s2 not"); |
|
607 |
assertTrue(err.indexOf("c1 success") != -1, "c1 success"); |
|
608 |
assertTrue(err.indexOf("p1 success") != -1, "p1 success"); |
|
12871
b583b4c82a82
7174351: test/sun/security/tools/keytool/standard.sh failed after new Hashtable
weijun
parents:
10138
diff
changeset
|
609 |
remove("x.jks"); |
b583b4c82a82
7174351: test/sun/security/tools/keytool/standard.sh failed after new Hashtable
weijun
parents:
10138
diff
changeset
|
610 |
// One "yes" to stop |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
611 |
// normal |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
612 |
testOK("yes\n", "-srcstorepass changeit -deststorepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
613 |
"-importkeystore -srckeystore x.jceks -srcstoretype JCEKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
614 |
"-destkeystore x.jks -deststoretype JKS"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
615 |
// maybe c1 or p1 has been imported before s1 or s2 is touched, |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
616 |
// anyway we know yesNo is only asked once. |
2 | 617 |
|
618 |
// pkcs12 |
|
619 |
remove("x.jks"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
620 |
// JKS prompt for keypass |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
621 |
testFail("changeit\nchangeit\n", "-keystore x.jks -storetype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
622 |
"-genkeypair -alias p1 -dname CN=olala"); |
2 | 623 |
remove("x.jks"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
624 |
// just type ENTER means keypass=storepass |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
625 |
testOK("changeit\nchangeit\n\n", "-keystore x.jks -storetype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
626 |
"-genkeypair -alias p1 -dname CN=olala"); |
2 | 627 |
remove("x.p12"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
628 |
// PKCS12 only need storepass |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
629 |
testOK("", "-keystore x.p12 -storetype PKCS12 -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
630 |
"-genkeypair -alias p0 -dname CN=olala"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
631 |
testOK("changeit\n", "-keystore x.p12 -storetype PKCS12 " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
632 |
"-genkeypair -alias p1 -dname CN=olala"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
633 |
// when specify keypass, make sure keypass==storepass... |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
634 |
testOK("changeit\n", "-keystore x.p12 -keypass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
635 |
"-storetype PKCS12 -genkeypair -alias p3 -dname CN=olala"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
636 |
assertTrue(err.indexOf("Warning") == -1, |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
637 |
"PKCS12 silent when keypass == storepass"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
638 |
// otherwise, print a warning |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
639 |
testOK("changeit\n", "-keystore x.p12 -keypass another" + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
640 |
" -storetype PKCS12 -genkeypair -alias p2 -dname CN=olala"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
641 |
assertTrue(err.indexOf("Warning") != -1, |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
642 |
"PKCS12 warning when keypass != storepass"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
643 |
// no -keypasswd for PKCS12 |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
644 |
testFail("", "-keystore x.p12 -storepass changeit -storetype PKCS12" + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
645 |
" -keypasswd -new changeit -alias p3"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
646 |
testOK("", "-keystore x.p12 -storepass changeit -storetype PKCS12 " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
647 |
"-changealias -alias p3 -destalias p33"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
648 |
testOK("", "-keystore x.p12 -storepass changeit -storetype PKCS12 " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
649 |
"-keyclone -alias p33 -destalias p3"); |
2 | 650 |
|
651 |
// pkcs12 |
|
652 |
remove("x.p12"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
653 |
// PKCS12 only need storepass |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
654 |
testOK("", "-keystore x.p12 -storetype PKCS12 -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
655 |
"-genkeypair -alias p0 -dname CN=olala"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
656 |
testOK("", "-storepass changeit -keystore x.p12 -storetype PKCS12 " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
657 |
"-genkeypair -alias p1 -dname CN=olala"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
658 |
// when specify keypass, make sure keypass==storepass... |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
659 |
testOK("", "-storepass changeit -keystore x.p12 -keypass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
660 |
"-storetype PKCS12 -genkeypair -alias p3 -dname CN=olala"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
661 |
assertTrue(err.indexOf("Warning") == -1, |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
662 |
"PKCS12 silent when keypass == storepass"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
663 |
// otherwise, print a warning |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
664 |
testOK("", "-storepass changeit -keystore x.p12 -keypass another " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
665 |
"-storetype PKCS12 -genkeypair -alias p2 -dname CN=olala"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
666 |
assertTrue(err.indexOf("Warning") != -1, |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
667 |
"PKCS12 warning when keypass != storepass"); |
2 | 668 |
|
669 |
remove("x.jks"); |
|
670 |
remove("x.jceks"); |
|
671 |
remove("x.p12"); |
|
672 |
remove("x2.jceks"); |
|
673 |
remove("x2.jks"); |
|
674 |
remove("x.jks.p1.cert"); |
|
675 |
} |
|
676 |
||
677 |
void testPKCS11() throws Exception { |
|
678 |
KeyStore ks; |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
679 |
// pkcs11, the password maybe different and maybe PKCS11 not supported |
2 | 680 |
|
681 |
// in case last test is not executed successfully |
|
682 |
testAnyway("", p11Arg + "-storepass test12 -delete -alias p1"); |
|
683 |
testAnyway("", p11Arg + "-storepass test12 -delete -alias p2"); |
|
684 |
testAnyway("", p11Arg + "-storepass test12 -delete -alias p3"); |
|
685 |
testAnyway("", p11Arg + "-storepass test12 -delete -alias nss"); |
|
686 |
||
687 |
testOK("", p11Arg + "-storepass test12 -list"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
688 |
assertTrue(out.indexOf("Your keystore contains 0 entries") != -1, |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
689 |
"*** MAKE SURE YOU HAVE NO ENTRIES IN YOUR PKCS11 KEYSTORE " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
690 |
"BEFORE THIS TEST ***"); |
2 | 691 |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
692 |
testOK("", p11Arg + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
693 |
"-storepass test12 -genkeypair -alias p1 -dname CN=olala"); |
2 | 694 |
testOK("test12\n", p11Arg + "-genkeypair -alias p2 -dname CN=olala2"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
695 |
// cannot provide keypass for PKCS11 |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
696 |
testFail("test12\n", p11Arg + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
697 |
"-keypass test12 -genkeypair -alias p3 -dname CN=olala3"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
698 |
// cannot provide keypass for PKCS11 |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
699 |
testFail("test12\n", p11Arg + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
700 |
"-keypass nonsense -genkeypair -alias p3 -dname CN=olala3"); |
2 | 701 |
|
702 |
testOK("", p11Arg + "-storepass test12 -list"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
703 |
assertTrue(out.indexOf("Your keystore contains 2 entries") != -1, |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
704 |
"2 entries in p11"); |
2 | 705 |
|
706 |
testOK("test12\n", p11Arg + "-alias p1 -changealias -destalias p3"); |
|
707 |
testOK("", p11Arg + "-storepass test12 -list -alias p3"); |
|
708 |
testFail("", p11Arg + "-storepass test12 -list -alias p1"); |
|
709 |
||
710 |
testOK("test12\n", p11Arg + "-alias p3 -keyclone -destalias p1"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
711 |
// in PKCS11, keyclone will delete old |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
712 |
testFail("", p11Arg + "-storepass test12 -list -alias p3"); |
2 | 713 |
testOK("", p11Arg + "-storepass test12 -list -alias p1"); |
714 |
||
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
715 |
// cannot change password for PKCS11 |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
716 |
testFail("test12\n", p11Arg + "-alias p1 -keypasswd -new another"); |
2 | 717 |
|
718 |
testOK("", p11Arg + "-storepass test12 -list"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
719 |
assertTrue(out.indexOf("Your keystore contains 2 entries") != -1, |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
720 |
"2 entries in p11"); |
2 | 721 |
|
722 |
testOK("", p11Arg + "-storepass test12 -delete -alias p1"); |
|
723 |
testOK("", p11Arg + "-storepass test12 -delete -alias p2"); |
|
724 |
||
725 |
testOK("", p11Arg + "-storepass test12 -list"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
726 |
assertTrue(out.indexOf("Your keystore contains 0 entries") != -1, |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
727 |
"*** MAKE SURE YOU HAVE NO ENTRIES IN YOUR PKCS11 KEYSTORE" + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
728 |
" BEFORE THIS TEST ***"); |
2 | 729 |
} |
730 |
||
731 |
void testPKCS11ImportKeyStore() throws Exception { |
|
732 |
||
733 |
KeyStore ks; |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
734 |
testOK("", p11Arg + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
735 |
"-storepass test12 -genkeypair -alias p1 -dname CN=olala"); |
2 | 736 |
testOK("test12\n", p11Arg + "-genkeypair -alias p2 -dname CN=olala2"); |
737 |
// test importkeystore for pkcs11 |
|
738 |
||
739 |
remove("x.jks"); |
|
740 |
// pkcs11 -> jks |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
741 |
testOK("changeit\nchangeit\ntest12\n", srcP11Arg + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
742 |
("-importkeystore -destkeystore x.jks -deststoretype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
743 |
"-srcalias p1")); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
744 |
assertTrue(err.indexOf("not imported") != -1, |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
745 |
"cannot import key without destkeypass"); |
2 | 746 |
ks = loadStore("x.jks", "changeit", "JKS"); |
747 |
assertTrue(!ks.containsAlias("p1"), "p1 is not imported"); |
|
748 |
||
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
749 |
testOK("changeit\ntest12\n", srcP11Arg + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
750 |
("-importkeystore -destkeystore x.jks -deststoretype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
751 |
"-srcalias p1 -destkeypass changeit")); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
752 |
testOK("changeit\ntest12\n", srcP11Arg + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
753 |
("-importkeystore -destkeystore x.jks -deststoretype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
754 |
"-srcalias p2 -destkeypass changeit")); |
2 | 755 |
ks = loadStore("x.jks", "changeit", "JKS"); |
756 |
assertTrue(ks.containsAlias("p1"), "p1 is imported"); |
|
757 |
assertTrue(ks.containsAlias("p2"), "p2 is imported"); |
|
758 |
// jks -> pkcs11 |
|
759 |
testOK("", p11Arg + "-storepass test12 -delete -alias p1"); |
|
760 |
testOK("", p11Arg + "-storepass test12 -delete -alias p2"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
761 |
testOK("test12\nchangeit\n", p11Arg + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
762 |
"-importkeystore -srckeystore x.jks -srcstoretype JKS"); |
2 | 763 |
testOK("", p11Arg + "-storepass test12 -list -alias p1"); |
764 |
testOK("", p11Arg + "-storepass test12 -list -alias p2"); |
|
765 |
testOK("", p11Arg + "-storepass test12 -list"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
766 |
assertTrue(out.indexOf("Your keystore contains 2 entries") != -1, |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
767 |
"2 entries in p11"); |
2 | 768 |
// clean up |
769 |
testOK("", p11Arg + "-storepass test12 -delete -alias p1"); |
|
770 |
testOK("", p11Arg + "-storepass test12 -delete -alias p2"); |
|
771 |
testOK("", p11Arg + "-storepass test12 -list"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
772 |
assertTrue(out.indexOf("Your keystore contains 0 entries") != -1, |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
773 |
"empty p11"); |
2 | 774 |
|
775 |
remove("x.jks"); |
|
776 |
} |
|
777 |
||
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
778 |
// Selected sqeTest |
2 | 779 |
void sqeTest() throws Exception { |
780 |
FileOutputStream fos = new FileOutputStream("badkeystore"); |
|
781 |
for (int i=0; i<100; i++) { |
|
782 |
fos.write(i); |
|
783 |
} |
|
784 |
fos.close(); |
|
785 |
||
786 |
sqeCsrTest(); |
|
787 |
sqePrintcertTest(); |
|
788 |
sqeDeleteTest(); |
|
789 |
sqeExportTest(); |
|
790 |
sqeGenkeyTest(); |
|
791 |
sqeImportTest(); |
|
792 |
sqeKeyclonetest(); |
|
793 |
sqeKeypasswdTest(); |
|
794 |
sqeListTest(); |
|
795 |
sqeSelfCertTest(); |
|
796 |
sqeStorepassTest(); |
|
797 |
||
798 |
remove("badkeystore"); |
|
799 |
} |
|
800 |
||
801 |
// Import: cacert, prompt, trusted, non-trusted, bad chain, not match |
|
802 |
void sqeImportTest() throws Exception { |
|
803 |
KeyStore ks; |
|
804 |
remove("x.jks"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
805 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
806 |
"-keypass changeit -genkeypair -dname CN=olala"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
807 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
808 |
"-exportcert -file x.jks.p1.cert"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
809 |
/* deleted */ testOK("", "-keystore x.jks -storetype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
810 |
"-storepass changeit -delete -alias mykey"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
811 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
812 |
"-importcert -file x.jks.p1.cert -noprompt"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
813 |
/* deleted */ testOK("", "-keystore x.jks -storetype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
814 |
"-storepass changeit -delete -alias mykey"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
815 |
testOK("yes\n", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
816 |
"-importcert -file x.jks.p1.cert"); |
2 | 817 |
ks = loadStore("x.jks", "changeit", "JKS"); |
818 |
assertTrue(ks.containsAlias("mykey"), "imported"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
819 |
/* deleted */ testOK("", "-keystore x.jks -storetype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
820 |
"-storepass changeit -delete -alias mykey"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
821 |
testOK("\n", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
822 |
"-importcert -file x.jks.p1.cert"); |
2 | 823 |
ks = loadStore("x.jks", "changeit", "JKS"); |
824 |
assertTrue(!ks.containsAlias("mykey"), "imported"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
825 |
testOK("no\n", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
826 |
"-importcert -file x.jks.p1.cert"); |
2 | 827 |
ks = loadStore("x.jks", "changeit", "JKS"); |
828 |
assertTrue(!ks.containsAlias("mykey"), "imported"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
829 |
testFail("no\n", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
830 |
"-importcert -file nonexist"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
831 |
testFail("no\n", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
832 |
"-importcert -file x.jks"); |
2 | 833 |
remove("x.jks"); |
834 |
} |
|
835 |
// keyclone: exist. nonexist err, cert err, dest exist, misc |
|
836 |
void sqeKeyclonetest() throws Exception { |
|
837 |
remove("x.jks"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
838 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
839 |
"-keypass changeit -genkeypair -dname CN=olala"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
840 |
// new pass |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
841 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
842 |
"-keypass changeit -new newpass -keyclone -dest p0"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
843 |
// new pass |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
844 |
testOK("\n", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
845 |
"-keypass changeit -keyclone -dest p1"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
846 |
testOK("\n", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
847 |
"-keyclone -dest p2"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
848 |
testFail("\n", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
849 |
"-keyclone -dest p2"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
850 |
testFail("\n", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
851 |
"-keyclone -dest p3 -alias noexist"); |
2 | 852 |
// no cert |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
853 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
854 |
"-exportcert -file x.jks.p1.cert"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
855 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
856 |
"-delete -alias mykey"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
857 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
858 |
"-importcert -file x.jks.p1.cert -noprompt"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
859 |
// new pass |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
860 |
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
861 |
"-keypass changeit -new newpass -keyclone -dest p0"); |
2 | 862 |
remove("x.jks"); |
863 |
} |
|
864 |
// keypasswd: exist, short, nonexist err, cert err, misc |
|
865 |
void sqeKeypasswdTest() throws Exception { |
|
866 |
remove("x.jks"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
867 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
868 |
"-keypass changeit -genkeypair -dname CN=olala"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
869 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
870 |
"-keypass changeit -keypasswd -new newpass"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
871 |
/*change back*/ testOK("", "-keystore x.jks -storetype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
872 |
"-storepass changeit -keypass newpass -keypasswd -new changeit"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
873 |
testOK("newpass\nnewpass\n", "-keystore x.jks -storetype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
874 |
"-storepass changeit -keypass changeit -keypasswd"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
875 |
/*change back*/ testOK("", "-keystore x.jks -storetype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
876 |
"-storepass changeit -keypass newpass -keypasswd -new changeit"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
877 |
testOK("new\nnew\nnewpass\nnewpass\n", "-keystore x.jks " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
878 |
"-storetype JKS -storepass changeit -keypass changeit -keypasswd"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
879 |
/*change back*/ testOK("", "-keystore x.jks -storetype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
880 |
"-storepass changeit -keypass newpass -keypasswd -new changeit"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
881 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
882 |
"-keypasswd -new newpass"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
883 |
/*change back*/ testOK("", "-keystore x.jks -storetype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
884 |
"-storepass changeit -keypass newpass -keypasswd -new changeit"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
885 |
testOK("changeit\n", "-keystore x.jks -storetype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
886 |
"-keypasswd -new newpass"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
887 |
/*change back*/ testOK("", "-keystore x.jks -storetype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
888 |
"-storepass changeit -keypass newpass -keypasswd -new changeit"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
889 |
testFail("", "-keystore x.jks -storetype JKS -storepass badpass " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
890 |
"-keypass changeit -keypasswd -new newpass"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
891 |
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
892 |
"-keypass bad -keypasswd -new newpass"); |
2 | 893 |
// no cert |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
894 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
895 |
"-exportcert -file x.jks.p1.cert"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
896 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
897 |
"-delete -alias mykey"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
898 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
899 |
"-importcert -file x.jks.p1.cert -noprompt"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
900 |
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
901 |
"-keypass changeit -keypasswd -new newpass"); |
2 | 902 |
// diff pass |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
903 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
904 |
"-delete -alias mykey"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
905 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
906 |
"-keypass keypass -genkeypair -dname CN=olala"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
907 |
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
908 |
"-keypasswd -new newpass"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
909 |
testOK("keypass\n", "-keystore x.jks -storetype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
910 |
"-storepass changeit -keypasswd -new newpass"); |
2 | 911 |
// i hate those misc test |
912 |
remove("x.jks"); |
|
913 |
} |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
914 |
// list: -f -alias, exist, nonexist err; |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
915 |
// otherwise, check all shows, -rfc shows more, and misc |
2 | 916 |
void sqeListTest() throws Exception { |
917 |
remove("x.jks"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
918 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
919 |
"-keypass changeit -genkeypair -dname CN=olala"); |
28243
47080f9ae750
8044445: JEP 229: Create PKCS12 Keystores by Default
vinnie
parents:
27344
diff
changeset
|
920 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit -list"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
921 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
922 |
"-list -alias mykey"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
923 |
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
924 |
"-list -alias notexist"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
925 |
testFail("", "-keystore x.jks -storetype JKS -storepass badpass " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
926 |
"-list -alias mykey"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
927 |
// keypass ignore |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
928 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
929 |
"-keypass badpass -list -alias mykey"); |
28243
47080f9ae750
8044445: JEP 229: Create PKCS12 Keystores by Default
vinnie
parents:
27344
diff
changeset
|
930 |
testOK("\n", "-keystore x.jks -storetype JKS -list"); |
2 | 931 |
assertTrue(err.indexOf("WARNING") != -1, "no storepass"); |
28243
47080f9ae750
8044445: JEP 229: Create PKCS12 Keystores by Default
vinnie
parents:
27344
diff
changeset
|
932 |
testOK("changeit\n", "-keystore x.jks -storetype JKS -list"); |
2 | 933 |
assertTrue(err.indexOf("WARNING") == -1, "has storepass"); |
28243
47080f9ae750
8044445: JEP 229: Create PKCS12 Keystores by Default
vinnie
parents:
27344
diff
changeset
|
934 |
testFail("badpass\n", "-keystore x.jks -storetype JKS -list"); |
2 | 935 |
// misc |
936 |
testFail("", "-keystore aa\\bb//cc -storepass changeit -list"); |
|
937 |
testFail("", "-keystore nonexisting -storepass changeit -list"); |
|
938 |
testFail("", "-keystore badkeystore -storepass changeit -list"); |
|
939 |
remove("x.jks"); |
|
940 |
} |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
941 |
// selfcert: exist, non-exist err, cert err, sig, dname, wrong keypass, misc |
2 | 942 |
void sqeSelfCertTest() throws Exception { |
943 |
remove("x.jks"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
944 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
945 |
"-keypass changeit -genkeypair -dname CN=olala"); |
28243
47080f9ae750
8044445: JEP 229: Create PKCS12 Keystores by Default
vinnie
parents:
27344
diff
changeset
|
946 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit -selfcert"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
947 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
948 |
"-keypass changeit -selfcert"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
949 |
// not exist |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
950 |
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
951 |
"-keypass changeit -selfcert -alias nonexisting"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
952 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
953 |
"-keypass changeit -selfcert -dname CN=NewName"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
954 |
// sig not compatible |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
955 |
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
956 |
"-keypass changeit -selfcert -sigalg MD5withRSA"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
957 |
// bad pass |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
958 |
testFail("", "-keystore x.jks -storetype JKS -storepass wrong " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
959 |
"-keypass changeit -selfcert"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
960 |
// bad pass |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
961 |
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
962 |
"-keypass wrong -selfcert"); |
2 | 963 |
//misc |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
964 |
testFail("", "-keystore nonexist -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
965 |
"-keypass changeit -selfcert"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
966 |
testFail("", "-keystore aa//dd\\gg -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
967 |
"-keypass changeit -selfcert"); |
2 | 968 |
// diff pass |
969 |
remove("x.jks"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
970 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
971 |
"-keypass keypass -genkeypair -dname CN=olala"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
972 |
testFail("", "-keystore x.jks -storetype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
973 |
"-storepass changeit -selfcert"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
974 |
testOK("keypass\n", "-keystore x.jks -storetype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
975 |
"-storepass changeit -selfcert"); |
2 | 976 |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
977 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
978 |
"-exportcert -file x.jks.p1.cert"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
979 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
980 |
"-delete -alias mykey"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
981 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
982 |
"-importcert -file x.jks.p1.cert -noprompt"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
983 |
// certentry cannot do selfcert |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
984 |
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
985 |
"-selfcert"); |
2 | 986 |
remove("x.jks"); |
987 |
} |
|
988 |
// storepass: bad old, short new, misc |
|
989 |
void sqeStorepassTest() throws Exception { |
|
990 |
remove("x.jks"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
991 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
992 |
"-keypass changeit -genkeypair -dname CN=olala"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
993 |
// all in arg |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
994 |
testOK("", "-storepasswd -keystore x.jks -storetype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
995 |
"-storepass changeit -new newstore"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
996 |
/* Change back */ testOK("", "-storepasswd -keystore x.jks" + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
997 |
" -storetype JKS -storepass newstore -new changeit"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
998 |
// all not in arg, new twice |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
999 |
testOK("changeit\nnewstore\nnewstore\n", "-storepasswd " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1000 |
"-keystore x.jks -storetype JKS"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1001 |
/* Change back */ testOK("", "-storepasswd -keystore x.jks " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1002 |
"-storetype JKS -storepass newstore -new changeit"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1003 |
// new in arg |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1004 |
testOK("changeit\n", "-storepasswd -keystore x.jks " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1005 |
"-storetype JKS -new newstore"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1006 |
/* Change back */ testOK("", "-storepasswd -keystore x.jks " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1007 |
"-storetype JKS -storepass newstore -new changeit"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1008 |
// old in arg |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1009 |
testOK("newstore\nnewstore\n", "-storepasswd -keystore x.jks " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1010 |
"-storetype JKS -storepass changeit"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1011 |
/* Change back */ testOK("", "-storepasswd -keystore x.jks " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1012 |
"-storetype JKS -storepass newstore -new changeit"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1013 |
// old in arg |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1014 |
testOK("new\nnew\nnewstore\nnewstore\n", "-storepasswd " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1015 |
"-keystore x.jks -storetype JKS -storepass changeit"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1016 |
/* Change back */ testOK("", "-storepasswd -keystore x.jks " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1017 |
"-storetype JKS -storepass newstore -new changeit"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1018 |
// bad old |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1019 |
testFail("", "-storepasswd -keystore x.jks -storetype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1020 |
"-storepass badold -new newstore"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1021 |
// short new |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1022 |
testFail("", "-storepasswd -keystore x.jks -storetype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1023 |
"-storepass changeit -new new"); |
2 | 1024 |
// misc |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1025 |
// non exist |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1026 |
testFail("", "-storepasswd -keystore nonexist " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1027 |
"-storepass changeit -new newstore"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1028 |
// bad file |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1029 |
testFail("", "-storepasswd -keystore badkeystore " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1030 |
"-storepass changeit -new newstore"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1031 |
// bad file |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1032 |
testFail("", "-storepasswd -keystore aa\\bb//cc//dd " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1033 |
"-storepass changeit -new newstore"); |
2 | 1034 |
remove("x.jks"); |
1035 |
} |
|
1036 |
||
1037 |
void sqeGenkeyTest() throws Exception { |
|
1038 |
||
1039 |
remove("x.jks"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1040 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1041 |
"-keypass changeit -genkeypair -dname CN=olala"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1042 |
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1043 |
"-keypass changeit -genkeypair -dname CN=olala"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1044 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1045 |
"-keypass changeit -genkeypair -dname CN=olala -alias newentry"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1046 |
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1047 |
"-keypass changeit -genkeypair -dname CN=olala -alias newentry"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1048 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1049 |
"-keypass changeit -genkeypair -dname CN=olala -keyalg DSA " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1050 |
"-alias n1"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1051 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1052 |
"-keypass changeit -genkeypair -dname CN=olala -keyalg RSA " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1053 |
"-alias n2"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1054 |
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1055 |
"-keypass changeit -genkeypair -dname CN=olala " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1056 |
"-keyalg NoSuchAlg -alias n3"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1057 |
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1058 |
"-keypass changeit -genkeypair -dname CN=olala -keysize 56 " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1059 |
"-alias n4"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1060 |
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1061 |
"-keypass changeit -genkeypair -dname CN=olala -keysize 999 " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1062 |
"-alias n5"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1063 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1064 |
"-keypass changeit -genkeypair -dname CN=olala -keysize 512 " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1065 |
"-alias n6"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1066 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1067 |
"-keypass changeit -genkeypair -dname CN=olala -keysize 1024 " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1068 |
"-alias n7"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1069 |
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1070 |
"-keypass changeit -genkeypair -dname CN=olala " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1071 |
"-sigalg NoSuchAlg -alias n8"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1072 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1073 |
"-keypass changeit -genkeypair -dname CN=olala -keyalg RSA " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1074 |
"-sigalg MD2withRSA -alias n9"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1075 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1076 |
"-keypass changeit -genkeypair -dname CN=olala -keyalg RSA " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1077 |
"-sigalg MD5withRSA -alias n10"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1078 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1079 |
"-keypass changeit -genkeypair -dname CN=olala -keyalg RSA " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1080 |
"-sigalg SHA1withRSA -alias n11"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1081 |
testFail("", "-keystore aa\\bb//cc\\dd -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1082 |
"-keypass changeit -genkeypair -dname CN=olala -keyalg RSA " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1083 |
"-sigalg NoSuchAlg -alias n12"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1084 |
testFail("", "-keystore badkeystore -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1085 |
"-keypass changeit -genkeypair -dname CN=olala " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1086 |
"-alias n14"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1087 |
testFail("", "-keystore x.jks -storetype JKS -storepass badpass " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1088 |
"-keypass changeit -genkeypair -dname CN=olala -alias n16"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1089 |
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1090 |
"-keypass changeit -genkeypair -dname CNN=olala -alias n17"); |
2 | 1091 |
remove("x.jks"); |
1092 |
} |
|
1093 |
||
1094 |
void sqeExportTest() throws Exception { |
|
1095 |
remove("x.jks"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1096 |
// nonexist |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1097 |
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1098 |
"-export -file mykey.cert -alias mykey"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1099 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1100 |
"-keypass changeit -genkeypair -dname CN=olala"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1101 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1102 |
"-export -file mykey.cert -alias mykey"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1103 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1104 |
"-delete -alias mykey"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1105 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1106 |
"-import -file mykey.cert -noprompt -alias c1"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1107 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1108 |
"-export -file mykey.cert2 -alias c1"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1109 |
testFail("", "-keystore aa\\bb//cc\\dd -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1110 |
"-export -file mykey.cert2 -alias c1"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1111 |
testFail("", "-keystore nonexistkeystore -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1112 |
"-export -file mykey.cert2 -alias c1"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1113 |
testFail("", "-keystore badkeystore -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1114 |
"-export -file mykey.cert2 -alias c1"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1115 |
testFail("", "-keystore x.jks -storetype JKS -storepass badpass " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1116 |
"-export -file mykey.cert2 -alias c1"); |
2 | 1117 |
remove("mykey.cert"); |
1118 |
remove("mykey.cert2"); |
|
1119 |
remove("x.jks"); |
|
1120 |
} |
|
1121 |
||
1122 |
void sqeDeleteTest() throws Exception { |
|
1123 |
remove("x.jks"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1124 |
// nonexist |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1125 |
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1126 |
"-delete -alias mykey"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1127 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1128 |
"-keypass changeit -genkeypair -dname CN=olala"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1129 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1130 |
"-delete -alias mykey"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1131 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1132 |
"-keypass changeit -genkeypair -dname CN=olala"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1133 |
// keystore name illegal |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1134 |
testFail("", "-keystore aa\\bb//cc\\dd -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1135 |
"-delete -alias mykey"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1136 |
// keystore not exist |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1137 |
testFail("", "-keystore nonexistkeystore -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1138 |
"-delete -alias mykey"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1139 |
// keystore invalid |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1140 |
testFail("", "-keystore badkeystore -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1141 |
"-delete -alias mykey"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1142 |
// wrong pass |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1143 |
testFail("", "-keystore x.jks -storetype JKS -storepass xxxxxxxx " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1144 |
"-delete -alias mykey"); |
2 | 1145 |
remove("x.jks"); |
1146 |
} |
|
1147 |
||
1148 |
void sqeCsrTest() throws Exception { |
|
1149 |
remove("x.jks"); |
|
1150 |
remove("x.jks.p1.cert"); |
|
1151 |
remove("csr1"); |
|
1152 |
// PrivateKeyEntry can do certreq |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1153 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1154 |
"-keypass changeit -genkeypair -dname CN=olala -keysize 1024"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1155 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1156 |
"-certreq -file csr1 -alias mykey"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1157 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1158 |
"-certreq -file csr1"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1159 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1160 |
"-certreq -file csr1 -sigalg SHA1withDSA"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1161 |
// unmatched sigalg |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1162 |
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1163 |
"-certreq -file csr1 -sigalg MD5withRSA"); |
2 | 1164 |
// misc test |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1165 |
// bad storepass |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1166 |
testFail("", "-keystore x.jks -storetype JKS -storepass badstorepass " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1167 |
"-certreq -file csr1"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1168 |
// storepass from terminal |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1169 |
testOK("changeit\n", "-keystore x.jks -storetype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1170 |
"-certreq -file csr1"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1171 |
// must provide storepass |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1172 |
testFail("\n", "-keystore x.jks -storetype JKS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1173 |
"-certreq -file csr1"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1174 |
// bad keypass |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1175 |
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1176 |
"-keypass badkeypass -certreq -file csr1"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1177 |
// bad filepath |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1178 |
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1179 |
"-certreq -file aa\\bb//cc\\dd"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1180 |
// non-existing keystore |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1181 |
testFail("", "-keystore noexistks -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1182 |
"-certreq -file csr1"); |
2 | 1183 |
// Try the RSA private key |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1184 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1185 |
"-delete -alias mykey"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1186 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1187 |
"-keypass changeit -genkeypair -dname CN=olala -keyalg RSA"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1188 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1189 |
"-certreq -file csr1 -alias mykey"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1190 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1191 |
"-certreq -file csr1"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1192 |
// unmatched sigalg |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1193 |
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1194 |
"-certreq -file csr1 -sigalg SHA1withDSA"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1195 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1196 |
"-certreq -file csr1 -sigalg MD5withRSA"); |
2 | 1197 |
// TrustedCertificateEntry cannot do certreq |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1198 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1199 |
"-exportcert -file x.jks.p1.cert"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1200 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1201 |
"-delete -alias mykey"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1202 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1203 |
"-importcert -file x.jks.p1.cert -noprompt"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1204 |
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1205 |
"-certreq -file csr1 -alias mykey"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1206 |
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1207 |
"-certreq -file csr1"); |
2 | 1208 |
remove("x.jks"); |
1209 |
remove("x.jks.p1.cert"); |
|
1210 |
remove("csr1"); |
|
1211 |
} |
|
1212 |
||
1213 |
void sqePrintcertTest() throws Exception { |
|
1214 |
remove("x.jks"); |
|
1215 |
remove("mykey.cert"); |
|
41960
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
41107
diff
changeset
|
1216 |
remove("myweakkey.cert"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1217 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1218 |
"-keypass changeit -genkeypair -dname CN=olala"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1219 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1220 |
"-export -file mykey.cert -alias mykey"); |
41960
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
41107
diff
changeset
|
1221 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
41107
diff
changeset
|
1222 |
"-keypass changeit -genkeypair -dname CN=weak -keyalg rsa " + |
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
41107
diff
changeset
|
1223 |
"-keysize 512 -sigalg MD5withRSA -alias myweakkey"); |
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
41107
diff
changeset
|
1224 |
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " + |
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
41107
diff
changeset
|
1225 |
"-export -file myweakkey.cert -alias myweakkey"); |
2 | 1226 |
testFail("", "-printcert -file badkeystore"); |
1227 |
testFail("", "-printcert -file a/b/c/d"); |
|
1228 |
testOK("", "-printcert -file mykey.cert"); |
|
41960
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
41107
diff
changeset
|
1229 |
testOK("", "-printcert -file myweakkey.cert"); |
2 | 1230 |
FileInputStream fin = new FileInputStream("mykey.cert"); |
1231 |
testOK(fin, "-printcert"); |
|
1232 |
fin.close(); |
|
1233 |
remove("x.jks"); |
|
1234 |
remove("mykey.cert"); |
|
41960
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
41107
diff
changeset
|
1235 |
remove("myweakkey.cert"); |
2 | 1236 |
} |
1237 |
||
29596
70399c7a7f5a
8074935: jdk8 keytool doesn't validate pem files for RFC 1421 correctness, as jdk7 did
weijun
parents:
29225
diff
changeset
|
1238 |
// 8074935: jdk8 keytool doesn't validate pem files for RFC 1421 correctness |
70399c7a7f5a
8074935: jdk8 keytool doesn't validate pem files for RFC 1421 correctness, as jdk7 did
weijun
parents:
29225
diff
changeset
|
1239 |
static void checkPem(String file) throws Exception { |
70399c7a7f5a
8074935: jdk8 keytool doesn't validate pem files for RFC 1421 correctness, as jdk7 did
weijun
parents:
29225
diff
changeset
|
1240 |
boolean maybeLast = false; |
70399c7a7f5a
8074935: jdk8 keytool doesn't validate pem files for RFC 1421 correctness, as jdk7 did
weijun
parents:
29225
diff
changeset
|
1241 |
for (String s: Files.readAllLines(Paths.get(file))) { |
70399c7a7f5a
8074935: jdk8 keytool doesn't validate pem files for RFC 1421 correctness, as jdk7 did
weijun
parents:
29225
diff
changeset
|
1242 |
if (s.isEmpty()) continue; |
70399c7a7f5a
8074935: jdk8 keytool doesn't validate pem files for RFC 1421 correctness, as jdk7 did
weijun
parents:
29225
diff
changeset
|
1243 |
if (s.startsWith("---")) continue; |
70399c7a7f5a
8074935: jdk8 keytool doesn't validate pem files for RFC 1421 correctness, as jdk7 did
weijun
parents:
29225
diff
changeset
|
1244 |
if (maybeLast) { |
70399c7a7f5a
8074935: jdk8 keytool doesn't validate pem files for RFC 1421 correctness, as jdk7 did
weijun
parents:
29225
diff
changeset
|
1245 |
throw new Exception("Last line already seen"); |
70399c7a7f5a
8074935: jdk8 keytool doesn't validate pem files for RFC 1421 correctness, as jdk7 did
weijun
parents:
29225
diff
changeset
|
1246 |
} |
70399c7a7f5a
8074935: jdk8 keytool doesn't validate pem files for RFC 1421 correctness, as jdk7 did
weijun
parents:
29225
diff
changeset
|
1247 |
if (s.length() > 64) { |
70399c7a7f5a
8074935: jdk8 keytool doesn't validate pem files for RFC 1421 correctness, as jdk7 did
weijun
parents:
29225
diff
changeset
|
1248 |
throw new Exception(s); |
70399c7a7f5a
8074935: jdk8 keytool doesn't validate pem files for RFC 1421 correctness, as jdk7 did
weijun
parents:
29225
diff
changeset
|
1249 |
} |
70399c7a7f5a
8074935: jdk8 keytool doesn't validate pem files for RFC 1421 correctness, as jdk7 did
weijun
parents:
29225
diff
changeset
|
1250 |
if (s.length() < 64) { |
70399c7a7f5a
8074935: jdk8 keytool doesn't validate pem files for RFC 1421 correctness, as jdk7 did
weijun
parents:
29225
diff
changeset
|
1251 |
maybeLast = true; |
70399c7a7f5a
8074935: jdk8 keytool doesn't validate pem files for RFC 1421 correctness, as jdk7 did
weijun
parents:
29225
diff
changeset
|
1252 |
} |
70399c7a7f5a
8074935: jdk8 keytool doesn't validate pem files for RFC 1421 correctness, as jdk7 did
weijun
parents:
29225
diff
changeset
|
1253 |
} |
70399c7a7f5a
8074935: jdk8 keytool doesn't validate pem files for RFC 1421 correctness, as jdk7 did
weijun
parents:
29225
diff
changeset
|
1254 |
} |
70399c7a7f5a
8074935: jdk8 keytool doesn't validate pem files for RFC 1421 correctness, as jdk7 did
weijun
parents:
29225
diff
changeset
|
1255 |
|
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1256 |
void v3extTest(String keyAlg) throws Exception { |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1257 |
KeyStore ks; |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1258 |
remove("x.jks"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1259 |
String simple = "-keystore x.jks -storetype JKS -storepass changeit " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1260 |
"-keypass changeit -noprompt -keyalg " + keyAlg + " "; |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1261 |
String pre = simple + "-genkeypair -dname CN=Olala -alias "; |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1262 |
|
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1263 |
// Version and SKID |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1264 |
testOK("", pre + "o1"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1265 |
|
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1266 |
ks = loadStore("x.jks", "changeit", "JKS"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1267 |
assertTrue(((X509Certificate)ks.getCertificate("o1")).getVersion() == 3); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1268 |
assertTrue(((X509CertImpl)ks.getCertificate("o1")) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1269 |
.getSubjectKeyIdentifierExtension() != null); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1270 |
|
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1271 |
// BC |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1272 |
testOK("", pre + "b1 -ext BC:critical"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1273 |
testOK("", pre + "b2 -ext BC"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1274 |
testOK("", pre + "b3 -ext bc"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1275 |
testOK("", pre + "b4 -ext BasicConstraints"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1276 |
testOK("", pre + "b5 -ext basicconstraints"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1277 |
testOK("", pre + "b6 -ext BC=ca:true,pathlen:12"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1278 |
testOK("", pre + "b7 -ext BC=ca:false"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1279 |
testOK("", pre + "b8 -ext BC:critical=ca:false"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1280 |
testOK("", pre + "b9 -ext BC=12"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1281 |
|
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1282 |
ks = loadStore("x.jks", "changeit", "JKS"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1283 |
assertTrue(((X509CertImpl)ks.getCertificate("b1")) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1284 |
.getBasicConstraintsExtension().isCritical()); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1285 |
assertTrue(!((X509CertImpl)ks.getCertificate("b2")) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1286 |
.getBasicConstraintsExtension().isCritical()); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1287 |
assertTrue(((X509CertImpl)ks.getCertificate("b8")) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1288 |
.getBasicConstraintsExtension().isCritical()); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1289 |
assertTrue(((X509Certificate)ks.getCertificate("b1")) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1290 |
.getBasicConstraints() == Integer.MAX_VALUE); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1291 |
assertTrue(((X509Certificate)ks.getCertificate("b2")) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1292 |
.getBasicConstraints() == Integer.MAX_VALUE); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1293 |
assertTrue(((X509Certificate)ks.getCertificate("b3")) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1294 |
.getBasicConstraints() == Integer.MAX_VALUE); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1295 |
assertTrue(((X509Certificate)ks.getCertificate("b4")) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1296 |
.getBasicConstraints() == Integer.MAX_VALUE); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1297 |
assertTrue(((X509Certificate)ks.getCertificate("b5")) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1298 |
.getBasicConstraints() == Integer.MAX_VALUE); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1299 |
assertTrue(((X509Certificate)ks.getCertificate("b6")) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1300 |
.getBasicConstraints() == 12); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1301 |
assertTrue(((X509Certificate)ks.getCertificate("b7")) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1302 |
.getBasicConstraints() == -1); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1303 |
assertTrue(((X509Certificate)ks.getCertificate("b9")) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1304 |
.getBasicConstraints() == 12); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1305 |
|
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1306 |
// KU |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1307 |
testOK("", pre + "ku1 -ext KeyUsage:critical=digitalsignature"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1308 |
testOK("", pre + "ku2 -ext KU=digitalSignature"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1309 |
testOK("", pre + "ku3 -ext KU=ds"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1310 |
testOK("", pre + "ku4 -ext KU=dig"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1311 |
// ambigous value |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1312 |
testFail("", pre + "ku5 -ext KU=d"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1313 |
// cRLSign cannot be cs |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1314 |
testFail("", pre + "ku6 -ext KU=cs"); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1315 |
testOK("", pre + "ku11 -ext KU=nr"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1316 |
// ke also means keyAgreement |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1317 |
testFail("", pre + "ku12 -ext KU=ke"); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1318 |
testOK("", pre + "ku12 -ext KU=keyE"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1319 |
// de also means decipherOnly |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1320 |
testFail("", pre + "ku13 -ext KU=de"); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1321 |
testOK("", pre + "ku13 -ext KU=dataE"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1322 |
testOK("", pre + "ku14 -ext KU=ka"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1323 |
testOK("", pre + "ku15 -ext KU=kcs"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1324 |
testOK("", pre + "ku16 -ext KU=crls"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1325 |
testOK("", pre + "ku17 -ext KU=eo"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1326 |
testOK("", pre + "ku18 -ext KU=do"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1327 |
testOK("", pre + "ku19 -ext KU=cc"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1328 |
|
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1329 |
testOK("", pre + "ku017 -ext KU=ds,cc,eo"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1330 |
testOK("", pre + "ku135 -ext KU=nr,dataEncipherment,keyCertSign"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1331 |
testOK("", pre + "ku246 -ext KU=keyEnc,cRL,keyA"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1332 |
testOK("", pre + "ku1234 -ext KU=ka,da,keyE,nonR"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1333 |
|
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1334 |
ks = loadStore("x.jks", "changeit", "JKS"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1335 |
class CheckKU { |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1336 |
void check(KeyStore ks, String alias, int... pos) throws Exception { |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1337 |
System.err.print("x"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1338 |
boolean[] bs = ((X509Certificate)ks.getCertificate(alias)) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1339 |
.getKeyUsage(); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1340 |
bs = Arrays.copyOf(bs, 9); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1341 |
for (int i=0; i<bs.length; i++) { |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1342 |
boolean found = false; |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1343 |
for (int p: pos) { |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1344 |
if (p == i) found = true; |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1345 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1346 |
if (!found ^ bs[i]) { |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1347 |
// OK |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1348 |
} else { |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1349 |
throw new RuntimeException("KU not match at " + i + |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1350 |
": " + found + " vs " + bs[i]); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1351 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1352 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1353 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1354 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1355 |
CheckKU c = new CheckKU(); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1356 |
assertTrue(((X509CertImpl)ks.getCertificate("ku1")) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1357 |
.getExtension(PKIXExtensions.KeyUsage_Id).isCritical()); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1358 |
assertTrue(!((X509CertImpl)ks.getCertificate("ku2")) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1359 |
.getExtension(PKIXExtensions.KeyUsage_Id).isCritical()); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1360 |
c.check(ks, "ku1", 0); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1361 |
c.check(ks, "ku2", 0); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1362 |
c.check(ks, "ku3", 0); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1363 |
c.check(ks, "ku4", 0); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1364 |
c.check(ks, "ku11", 1); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1365 |
c.check(ks, "ku12", 2); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1366 |
c.check(ks, "ku13", 3); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1367 |
c.check(ks, "ku14", 4); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1368 |
c.check(ks, "ku15", 5); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1369 |
c.check(ks, "ku16", 6); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1370 |
c.check(ks, "ku17", 7); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1371 |
c.check(ks, "ku18", 8); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1372 |
c.check(ks, "ku19", 1); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1373 |
c.check(ks, "ku11", 1); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1374 |
c.check(ks, "ku11", 1); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1375 |
c.check(ks, "ku11", 1); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1376 |
c.check(ks, "ku017", 0, 1, 7); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1377 |
c.check(ks, "ku135", 1, 3, 5); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1378 |
c.check(ks, "ku246", 6, 2, 4); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1379 |
c.check(ks, "ku1234", 1, 2, 3, 4); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1380 |
|
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1381 |
// EKU |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1382 |
testOK("", pre + "eku1 -ext EKU:critical=sa"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1383 |
testOK("", pre + "eku2 -ext ExtendedKeyUsage=ca"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1384 |
testOK("", pre + "eku3 -ext EKU=cs"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1385 |
testOK("", pre + "eku4 -ext EKU=ep"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1386 |
testOK("", pre + "eku8 -ext EKU=ts"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1387 |
testFail("", pre + "eku9 -ext EKU=os"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1388 |
testOK("", pre + "eku9 -ext EKU=ocsps"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1389 |
testOK("", pre + "eku10 -ext EKU=any"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1390 |
testOK("", pre + "eku11 -ext EKU=1.2.3.4,1.3.5.7,ep"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1391 |
testFail("", pre + "eku12 -ext EKU=c"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1392 |
testFail("", pre + "eku12 -ext EKU=nothing"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1393 |
|
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1394 |
ks = loadStore("x.jks", "changeit", "JKS"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1395 |
class CheckEKU { |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1396 |
void check(KeyStore ks, String alias, String... pos) throws Exception { |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1397 |
System.err.print("x"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1398 |
List<String> bs = ((X509Certificate)ks.getCertificate(alias)) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1399 |
.getExtendedKeyUsage(); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1400 |
int found = 0; |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1401 |
for (String p: pos) { |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1402 |
if (bs.contains(p)) { |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1403 |
found++; |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1404 |
} else { |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1405 |
throw new RuntimeException("EKU: not included " + p); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1406 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1407 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1408 |
if (found != bs.size()) { |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1409 |
throw new RuntimeException("EKU: more items than expected"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1410 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1411 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1412 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1413 |
CheckEKU cx = new CheckEKU(); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1414 |
assertTrue(((X509CertImpl)ks.getCertificate("eku1")) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1415 |
.getExtension(PKIXExtensions.ExtendedKeyUsage_Id).isCritical()); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1416 |
assertTrue(!((X509CertImpl)ks.getCertificate("eku2")) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1417 |
.getExtension(PKIXExtensions.ExtendedKeyUsage_Id).isCritical()); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1418 |
cx.check(ks, "eku1", "1.3.6.1.5.5.7.3.1"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1419 |
cx.check(ks, "eku2", "1.3.6.1.5.5.7.3.2"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1420 |
cx.check(ks, "eku3", "1.3.6.1.5.5.7.3.3"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1421 |
cx.check(ks, "eku4", "1.3.6.1.5.5.7.3.4"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1422 |
cx.check(ks, "eku8", "1.3.6.1.5.5.7.3.8"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1423 |
cx.check(ks, "eku9", "1.3.6.1.5.5.7.3.9"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1424 |
cx.check(ks, "eku10", "2.5.29.37.0"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1425 |
cx.check(ks, "eku11", "1.3.6.1.5.5.7.3.4", "1.2.3.4", "1.3.5.7"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1426 |
|
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1427 |
// SAN |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1428 |
testOK("", pre+"san1 -ext san:critical=email:me@me.org"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1429 |
testOK("", pre+"san2 -ext san=uri:http://me.org"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1430 |
testOK("", pre+"san3 -ext san=dns:me.org"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1431 |
testOK("", pre+"san4 -ext san=ip:192.168.0.1"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1432 |
testOK("", pre+"san5 -ext san=oid:1.2.3.4"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1433 |
testOK("", pre+"san235 -ext san=uri:http://me.org,dns:me.org,oid:1.2.3.4"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1434 |
|
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1435 |
ks = loadStore("x.jks", "changeit", "JKS"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1436 |
class CheckSAN { |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1437 |
// Please sort items with name type |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1438 |
void check(KeyStore ks, String alias, int type, Object... items) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1439 |
throws Exception { |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1440 |
int pos = 0; |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1441 |
System.err.print("x"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1442 |
Object[] names = null; |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1443 |
if (type == 0) names = ((X509Certificate)ks.getCertificate(alias)) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1444 |
.getSubjectAlternativeNames().toArray(); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1445 |
else names = ((X509Certificate)ks.getCertificate(alias)) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1446 |
.getIssuerAlternativeNames().toArray(); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1447 |
Arrays.sort(names, new Comparator() { |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1448 |
public int compare(Object o1, Object o2) { |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1449 |
int i1 = (Integer)((List)o1).get(0); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1450 |
int i2 = (Integer)((List)o2).get(0); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1451 |
return i1 - i2; |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1452 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1453 |
}); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1454 |
for (Object o: names) { |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1455 |
List l = (List)o; |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1456 |
for (Object o2: l) { |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1457 |
if (!items[pos++].equals(o2)) { |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1458 |
throw new RuntimeException("Not equals at " + pos |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1459 |
+ ": " + items[pos-1] + " vs " + o2); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1460 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1461 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1462 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1463 |
if (pos != items.length) { |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1464 |
throw new RuntimeException("Extra items, pos is " + pos); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1465 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1466 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1467 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1468 |
CheckSAN csan = new CheckSAN(); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1469 |
assertTrue(((X509CertImpl)ks.getCertificate("san1")) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1470 |
.getSubjectAlternativeNameExtension().isCritical()); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1471 |
assertTrue(!((X509CertImpl)ks.getCertificate("san2")) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1472 |
.getSubjectAlternativeNameExtension().isCritical()); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1473 |
csan.check(ks, "san1", 0, 1, "me@me.org"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1474 |
csan.check(ks, "san2", 0, 6, "http://me.org"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1475 |
csan.check(ks, "san3", 0, 2, "me.org"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1476 |
csan.check(ks, "san4", 0, 7, "192.168.0.1"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1477 |
csan.check(ks, "san5", 0, 8, "1.2.3.4"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1478 |
csan.check(ks, "san235", 0, 2, "me.org", 6, "http://me.org", 8, "1.2.3.4"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1479 |
|
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1480 |
// IAN |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1481 |
testOK("", pre+"ian1 -ext ian:critical=email:me@me.org"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1482 |
testOK("", pre+"ian2 -ext ian=uri:http://me.org"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1483 |
testOK("", pre+"ian3 -ext ian=dns:me.org"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1484 |
testOK("", pre+"ian4 -ext ian=ip:192.168.0.1"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1485 |
testOK("", pre+"ian5 -ext ian=oid:1.2.3.4"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1486 |
testOK("", pre+"ian235 -ext ian=uri:http://me.org,dns:me.org,oid:1.2.3.4"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1487 |
|
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1488 |
ks = loadStore("x.jks", "changeit", "JKS"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1489 |
assertTrue(((X509CertImpl)ks.getCertificate("ian1")) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1490 |
.getIssuerAlternativeNameExtension().isCritical()); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1491 |
assertTrue(!((X509CertImpl)ks.getCertificate("ian2")) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1492 |
.getIssuerAlternativeNameExtension().isCritical()); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1493 |
csan.check(ks, "ian1", 1, 1, "me@me.org"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1494 |
csan.check(ks, "ian2", 1, 6, "http://me.org"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1495 |
csan.check(ks, "ian3", 1, 2, "me.org"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1496 |
csan.check(ks, "ian4", 1, 7, "192.168.0.1"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1497 |
csan.check(ks, "ian5", 1, 8, "1.2.3.4"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1498 |
csan.check(ks, "ian235", 1, 2, "me.org", 6, "http://me.org", 8, "1.2.3.4"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1499 |
|
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1500 |
// SIA |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1501 |
testOK("", pre+"sia1 -ext sia=care:uri:ldap://ca.com/cn=CA"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1502 |
testOK("", pre+"sia2 -ext sia=ts:email:ts@ca.com"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1503 |
testFail("SIA never critical", pre + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1504 |
"sia3 -ext sia:critical=ts:email:ts@ca.com"); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1505 |
|
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1506 |
ks = loadStore("x.jks", "changeit", "JKS"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1507 |
class CheckSia { |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1508 |
void check(KeyStore ks, String alias, int type, Object... items) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1509 |
throws Exception { |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1510 |
int pos = 0; |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1511 |
System.err.print("x"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1512 |
AccessDescription[] ads = null; |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1513 |
if (type == 0) { |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1514 |
SubjectInfoAccessExtension siae = (SubjectInfoAccessExtension) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1515 |
((X509CertImpl)ks.getCertificate(alias)) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1516 |
.getExtension(PKIXExtensions.SubjectInfoAccess_Id); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1517 |
ads = siae.getAccessDescriptions() |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1518 |
.toArray(new AccessDescription[0]); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1519 |
} else { |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1520 |
AuthorityInfoAccessExtension aiae = |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1521 |
(AuthorityInfoAccessExtension) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1522 |
((X509CertImpl)ks.getCertificate(alias)) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1523 |
.getExtension(PKIXExtensions.AuthInfoAccess_Id); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1524 |
ads = aiae.getAccessDescriptions() |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1525 |
.toArray(new AccessDescription[0]); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1526 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1527 |
Arrays.sort(ads, new Comparator<AccessDescription>() { |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1528 |
@Override |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1529 |
public int compare(AccessDescription o1, |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1530 |
AccessDescription o2) { |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1531 |
return o1.getAccessMethod().toString() |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1532 |
.compareTo(o2.getAccessMethod().toString()); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1533 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1534 |
}); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1535 |
for (AccessDescription ad: ads) { |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1536 |
if (!ad.getAccessMethod().equals(items[pos++]) || |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1537 |
!new Integer(ad.getAccessLocation().getType()) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1538 |
.equals(items[pos++])) { |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1539 |
throw new RuntimeException("Not same type at " + pos); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1540 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1541 |
String name = null; |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1542 |
switch (ad.getAccessLocation().getType()) { |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1543 |
case 1: |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1544 |
name = ((RFC822Name)ad.getAccessLocation() |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1545 |
.getName()).getName(); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1546 |
break; |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1547 |
case 6: |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1548 |
name = ((URIName)ad.getAccessLocation() |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1549 |
.getName()).getURI().toString(); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1550 |
break; |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1551 |
default: |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1552 |
throw new RuntimeException("Not implemented: " + ad); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1553 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1554 |
if (!name.equals(items[pos++])) { |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1555 |
throw new Exception("Name not same for " + ad + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1556 |
" at pos " + pos); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1557 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1558 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1559 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1560 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1561 |
CheckSia csia = new CheckSia(); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1562 |
assertTrue(!((X509CertImpl)ks.getCertificate("sia1")) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1563 |
.getExtension(PKIXExtensions.SubjectInfoAccess_Id).isCritical()); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1564 |
csia.check(ks, "sia1", 0, |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1565 |
AccessDescription.Ad_CAREPOSITORY_Id, 6, "ldap://ca.com/cn=CA"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1566 |
csia.check(ks, "sia2", |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1567 |
0, AccessDescription.Ad_TIMESTAMPING_Id, 1, "ts@ca.com"); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1568 |
|
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1569 |
// AIA |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1570 |
testOK("", pre+"aia1 -ext aia=cai:uri:ldap://ca.com/cn=CA"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1571 |
testOK("", pre+"aia2 -ext aia=ocsp:email:ocsp@ca.com"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1572 |
testFail("AIA never critical", pre + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1573 |
"aia3 -ext aia:critical=ts:email:ts@ca.com"); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1574 |
|
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1575 |
ks = loadStore("x.jks", "changeit", "JKS"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1576 |
assertTrue(!((X509CertImpl)ks.getCertificate("aia1")) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1577 |
.getExtension(PKIXExtensions.AuthInfoAccess_Id).isCritical()); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1578 |
csia.check(ks, "aia1", 1, |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1579 |
AccessDescription.Ad_CAISSUERS_Id, 6, "ldap://ca.com/cn=CA"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1580 |
csia.check(ks, "aia2", 1, |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1581 |
AccessDescription.Ad_OCSP_Id, 1, "ocsp@ca.com"); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1582 |
|
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1583 |
// OID |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1584 |
testOK("", pre+"oid1 -ext 1.2.3:critical=0102"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1585 |
testOK("", pre+"oid2 -ext 1.2.3"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1586 |
testOK("", pre+"oid12 -ext 1.2.3 -ext 1.2.4=01:02:03"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1587 |
|
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1588 |
ks = loadStore("x.jks", "changeit", "JKS"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1589 |
class CheckOid { |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1590 |
void check(KeyStore ks, String alias, String oid, byte[] value) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1591 |
throws Exception { |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1592 |
int pos = 0; |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1593 |
System.err.print("x"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1594 |
Extension ex = ((X509CertImpl)ks.getCertificate(alias)) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1595 |
.getExtension(new ObjectIdentifier(oid)); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1596 |
if (!Arrays.equals(value, ex.getValue())) { |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1597 |
throw new RuntimeException("Not same content in " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1598 |
alias + " for " + oid); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1599 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1600 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1601 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1602 |
CheckOid coid = new CheckOid(); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1603 |
assertTrue(((X509CertImpl)ks.getCertificate("oid1")) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1604 |
.getExtension(new ObjectIdentifier("1.2.3")).isCritical()); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1605 |
assertTrue(!((X509CertImpl)ks.getCertificate("oid2")) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1606 |
.getExtension(new ObjectIdentifier("1.2.3")).isCritical()); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1607 |
coid.check(ks, "oid1", "1.2.3", new byte[]{1,2}); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1608 |
coid.check(ks, "oid2", "1.2.3", new byte[]{}); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1609 |
coid.check(ks, "oid12", "1.2.3", new byte[]{}); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1610 |
coid.check(ks, "oid12", "1.2.4", new byte[]{1,2,3}); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1611 |
|
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1612 |
// honored |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1613 |
testOK("", pre+"ca"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1614 |
testOK("", pre+"a"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1615 |
// request: BC,KU,1.2.3,1.2.4,1.2.5 |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1616 |
testOK("", simple+"-alias a -certreq " + |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1617 |
"-ext BC=1 -ext KU=crl " + |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1618 |
"-ext 1.2.3=01 -ext 1.2.4:critical=0102 -ext 1.2.5=010203 " + |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1619 |
"-rfc -file test.req"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1620 |
// printcertreq |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1621 |
testOK("", "-printcertreq -file test.req"); |
29596
70399c7a7f5a
8074935: jdk8 keytool doesn't validate pem files for RFC 1421 correctness, as jdk7 did
weijun
parents:
29225
diff
changeset
|
1622 |
checkPem("test.req"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1623 |
// issue: deny KU, change criticality of 1.2.3 and 1.2.4, |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1624 |
// change content of BC, add 2.3.4 |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1625 |
testOK("", simple+"-gencert -alias ca -infile test.req -ext " + |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1626 |
"honored=all,-KU,1.2.3:critical,1.2.4:non-critical " + |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1627 |
"-ext BC=2 -ext 2.3.4=01020304 " + |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1628 |
"-debug -rfc -outfile test.cert"); |
29596
70399c7a7f5a
8074935: jdk8 keytool doesn't validate pem files for RFC 1421 correctness, as jdk7 did
weijun
parents:
29225
diff
changeset
|
1629 |
checkPem("test.cert"); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1630 |
testOK("", simple+"-importcert -file test.cert -alias a"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1631 |
ks = loadStore("x.jks", "changeit", "JKS"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1632 |
X509CertImpl a = (X509CertImpl)ks.getCertificate("a"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1633 |
assertTrue(a.getAuthorityKeyIdentifierExtension() != null); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1634 |
assertTrue(a.getSubjectKeyIdentifierExtension() != null); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1635 |
assertTrue(a.getKeyUsage() == null); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1636 |
assertTrue(a.getExtension(new ObjectIdentifier("1.2.3")).isCritical()); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1637 |
assertTrue(!a.getExtension(new ObjectIdentifier("1.2.4")).isCritical()); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1638 |
assertTrue(!a.getExtension(new ObjectIdentifier("1.2.5")).isCritical()); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1639 |
assertTrue(a.getExtensionValue("1.2.3").length == 3); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1640 |
assertTrue(a.getExtensionValue("1.2.4").length == 4); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1641 |
assertTrue(a.getExtensionValue("1.2.5").length == 5); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1642 |
assertTrue(a.getBasicConstraints() == 2); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1643 |
assertTrue(!a.getExtension(new ObjectIdentifier("2.3.4")).isCritical()); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1644 |
assertTrue(a.getExtensionValue("2.3.4").length == 6); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1645 |
|
29110
ea89fdd8a5d5
8073181: keytool -ext honored not working correctly
weijun
parents:
28243
diff
changeset
|
1646 |
// 8073181: keytool -ext honored not working correctly |
ea89fdd8a5d5
8073181: keytool -ext honored not working correctly
weijun
parents:
28243
diff
changeset
|
1647 |
testOK("", simple+"-gencert -alias ca -infile test.req -ext " + |
29225
fb5b4b9d12f5
8074018: Named extension not recognized in keytool -ext honored after 8073182
weijun
parents:
29120
diff
changeset
|
1648 |
"honored=1.2.3,KU,1.2.4:critical " + |
29110
ea89fdd8a5d5
8073181: keytool -ext honored not working correctly
weijun
parents:
28243
diff
changeset
|
1649 |
"-debug -rfc -outfile test2.cert"); |
ea89fdd8a5d5
8073181: keytool -ext honored not working correctly
weijun
parents:
28243
diff
changeset
|
1650 |
testOK("", simple+"-importcert -file test2.cert -alias b"); |
ea89fdd8a5d5
8073181: keytool -ext honored not working correctly
weijun
parents:
28243
diff
changeset
|
1651 |
ks = loadStore("x.jks", "changeit", "JKS"); |
ea89fdd8a5d5
8073181: keytool -ext honored not working correctly
weijun
parents:
28243
diff
changeset
|
1652 |
X509CertImpl b = (X509CertImpl)ks.getCertificate("b"); |
ea89fdd8a5d5
8073181: keytool -ext honored not working correctly
weijun
parents:
28243
diff
changeset
|
1653 |
assertTrue(!b.getExtension(new ObjectIdentifier("1.2.3")).isCritical()); |
ea89fdd8a5d5
8073181: keytool -ext honored not working correctly
weijun
parents:
28243
diff
changeset
|
1654 |
assertTrue(b.getExtension(new ObjectIdentifier("1.2.4")).isCritical()); |
ea89fdd8a5d5
8073181: keytool -ext honored not working correctly
weijun
parents:
28243
diff
changeset
|
1655 |
|
29111
e9103f166a4a
8073182: keytool may generate duplicate extensions
weijun
parents:
29110
diff
changeset
|
1656 |
// 8073182: keytool may generate duplicate extensions |
e9103f166a4a
8073182: keytool may generate duplicate extensions
weijun
parents:
29110
diff
changeset
|
1657 |
testOK("", pre+"dup -ext bc=2 -ext 2.5.29.19=30030101FF -ext bc=3"); |
e9103f166a4a
8073182: keytool may generate duplicate extensions
weijun
parents:
29110
diff
changeset
|
1658 |
ks = loadStore("x.jks", "changeit", "JKS"); |
e9103f166a4a
8073182: keytool may generate duplicate extensions
weijun
parents:
29110
diff
changeset
|
1659 |
X509CertImpl dup = (X509CertImpl)ks.getCertificate("dup"); |
e9103f166a4a
8073182: keytool may generate duplicate extensions
weijun
parents:
29110
diff
changeset
|
1660 |
assertTrue(dup.getBasicConstraints() == 3); |
e9103f166a4a
8073182: keytool may generate duplicate extensions
weijun
parents:
29110
diff
changeset
|
1661 |
|
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1662 |
remove("x.jks"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1663 |
remove("test.req"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1664 |
remove("test.cert"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1665 |
} |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1666 |
|
2 | 1667 |
void i18nTest() throws Exception { |
1668 |
// 1. keytool -help |
|
1669 |
remove("x.jks"); |
|
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1670 |
testOK("", "-help"); |
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1671 |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1672 |
// 2. keytool -genkey -v -keysize 512 Enter "a" for the keystore |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1673 |
// password. Check error (password too short). Enter "password" for |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1674 |
// the keystore password. Hit 'return' for "first and last name", |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1675 |
// "organizational unit", "City", "State", and "Country Code". |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1676 |
// Type "yes" when they ask you if everything is correct. |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1677 |
// Type 'return' for new key password. |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1678 |
testOK("a\npassword\npassword\nMe\nHere\nNow\nPlace\nPlace\nUS\nyes\n\n", |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1679 |
"-genkey -v -keysize 512 -keystore x.jks -storetype JKS"); |
2 | 1680 |
// 3. keytool -list -v -storepass password |
28243
47080f9ae750
8044445: JEP 229: Create PKCS12 Keystores by Default
vinnie
parents:
27344
diff
changeset
|
1681 |
testOK("", "-list -v -storepass password -keystore x.jks -storetype JKS"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1682 |
// 4. keytool -list -v Type "a" for the keystore password. |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1683 |
// Check error (wrong keystore password). |
28243
47080f9ae750
8044445: JEP 229: Create PKCS12 Keystores by Default
vinnie
parents:
27344
diff
changeset
|
1684 |
testFail("a\n", "-list -v -keystore x.jks -storetype JKS"); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1685 |
assertTrue(ex.indexOf("password was incorrect") != -1); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1686 |
// 5. keytool -genkey -v -keysize 512 Enter "password" as the password. |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1687 |
// Check error (alias 'mykey' already exists). |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1688 |
testFail("password\n", "-genkey -v -keysize 512" + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1689 |
" -keystore x.jks -storetype JKS"); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1690 |
assertTrue(ex.indexOf("alias <mykey> already exists") != -1); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1691 |
// 6. keytool -genkey -v -keysize 512 -alias mykey2 -storepass password |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1692 |
// Hit 'return' for "first and last name", "organizational unit", "City", |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1693 |
// "State", and "Country Code". Type "yes" when they ask you if |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1694 |
// everything is correct. Type 'return' for new key password. |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1695 |
testOK("\n\n\n\n\n\nyes\n\n", "-genkey -v -keysize 512 -alias mykey2" + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1696 |
" -storepass password -keystore x.jks -storetype JKS"); |
2 | 1697 |
// 7. keytool -list -v Type 'password' for the store password. |
28243
47080f9ae750
8044445: JEP 229: Create PKCS12 Keystores by Default
vinnie
parents:
27344
diff
changeset
|
1698 |
testOK("password\n", "-list -v -keystore x.jks -storetype JKS"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1699 |
// 8. keytool -keypasswd -v -alias mykey2 -storepass password |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1700 |
// Type "a" for the new key password. Type "aaaaaa" for the new key |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1701 |
// password. Type "bbbbbb" when re-entering the new key password. |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1702 |
// Type "a" for the new key password. Check Error (too many failures). |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1703 |
testFail("a\naaaaaa\nbbbbbb\na\n", "-keypasswd -v -alias mykey2" + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1704 |
" -storepass password -keystore x.jks -storetype JKS"); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1705 |
assertTrue(ex.indexOf("Too many failures - try later") != -1); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1706 |
// 9. keytool -keypasswd -v -alias mykey2 -storepass password |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1707 |
// Type "aaaaaa" for the new key password. Type "aaaaaa" |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1708 |
// when re-entering the new key password. |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1709 |
testOK("aaaaaa\naaaaaa\n", "-keypasswd -v -alias mykey2 " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1710 |
"-storepass password -keystore x.jks -storetype JKS"); |
2 | 1711 |
// 10. keytool -selfcert -v -alias mykey -storepass password |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1712 |
testOK("", "-selfcert -v -alias mykey -storepass password " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1713 |
"-keystore x.jks -storetype JKS"); |
2 | 1714 |
// 11. keytool -list -v -storepass password |
28243
47080f9ae750
8044445: JEP 229: Create PKCS12 Keystores by Default
vinnie
parents:
27344
diff
changeset
|
1715 |
testOK("", "-list -v -storepass password -keystore x.jks -storetype JKS"); |
2 | 1716 |
// 12. keytool -export -v -alias mykey -file cert -storepass password |
1717 |
remove("cert"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1718 |
testOK("", "-export -v -alias mykey -file cert -storepass password " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1719 |
"-keystore x.jks -storetype JKS"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1720 |
// 13. keytool -import -v -file cert -storepass password |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1721 |
// Check error (Certificate reply and cert are the same) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1722 |
testFail("", "-import -v -file cert -storepass password" + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1723 |
" -keystore x.jks -storetype JKS"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1724 |
assertTrue(ex.indexOf("Certificate reply and certificate" + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1725 |
" in keystore are identical") != -1); |
2 | 1726 |
// 14. keytool -printcert -file cert |
28243
47080f9ae750
8044445: JEP 229: Create PKCS12 Keystores by Default
vinnie
parents:
27344
diff
changeset
|
1727 |
testOK("", "-printcert -file cert -keystore x.jks -storetype JKS"); |
2 | 1728 |
remove("cert"); |
39633
9dc7586be5f0
8130302: jarsigner and keytool -providerClass needs be re-examined for modules
weijun
parents:
29596
diff
changeset
|
1729 |
// 15. keytool -list -storepass password -addprovider SUN |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1730 |
testOK("", "-list -storepass password" + |
39633
9dc7586be5f0
8130302: jarsigner and keytool -providerClass needs be re-examined for modules
weijun
parents:
29596
diff
changeset
|
1731 |
" -addprovider SUN" + |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1732 |
" -keystore x.jks -storetype JKS"); |
2 | 1733 |
|
1734 |
//Error tests |
|
1735 |
||
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1736 |
// 1. keytool -storepasswd -storepass password -new abc |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1737 |
// Check error (password too short) |
2 | 1738 |
testFail("", "-storepasswd -storepass password -new abc"); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1739 |
assertTrue(ex.indexOf("New password must be at least 6 characters") != -1); |
2 | 1740 |
// Changed, no NONE needed now |
1741 |
// 2. keytool -list -storetype PKCS11 Check error (-keystore must be NONE) |
|
1742 |
//testFail("", "-list -storetype PKCS11"); |
|
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1743 |
//assertTrue(err.indexOf("keystore must be NONE") != -1); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1744 |
// 3. keytool -storepasswd -storetype PKCS11 -keystore NONE |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1745 |
// Check error (unsupported operation) |
2 | 1746 |
testFail("", "-storepasswd -storetype PKCS11 -keystore NONE"); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1747 |
assertTrue(ex.indexOf("UnsupportedOperationException") != -1); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1748 |
// 4. keytool -keypasswd -storetype PKCS11 -keystore NONE |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1749 |
// Check error (unsupported operation) |
2 | 1750 |
testFail("", "-keypasswd -storetype PKCS11 -keystore NONE"); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1751 |
assertTrue(ex.indexOf("UnsupportedOperationException") != -1); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1752 |
// 5. keytool -list -protected -storepass password |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1753 |
// Check error (password can not be specified with -protected) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1754 |
testFail("", "-list -protected -storepass password " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1755 |
"-keystore x.jks -storetype JKS"); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1756 |
assertTrue(ex.indexOf("if -protected is specified, then") != -1); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1757 |
// 6. keytool -keypasswd -protected -keypass password |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1758 |
// Check error (password can not be specified with -protected) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1759 |
testFail("", "-keypasswd -protected -keypass password " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1760 |
"-keystore x.jks -storetype JKS"); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1761 |
assertTrue(ex.indexOf("if -protected is specified, then") != -1); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1762 |
// 7. keytool -keypasswd -protected -new password |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1763 |
// Check error (password can not be specified with -protected) |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1764 |
testFail("", "-keypasswd -protected -new password " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1765 |
"-keystore x.jks -storetype JKS"); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1766 |
assertTrue(ex.indexOf("if -protected is specified, then") != -1); |
2 | 1767 |
remove("x.jks"); |
1768 |
} |
|
1769 |
||
1770 |
void i18nPKCS11Test() throws Exception { |
|
1771 |
//PKCS#11 tests |
|
1772 |
||
1773 |
// 1. sccs edit cert8.db key3.db |
|
41107
567f832618d7
8165161: Solaris: /usr/ccs /opt/sfw and /opt/csw are dead, references should be expunged
alanbur
parents:
39633
diff
changeset
|
1774 |
//Runtime.getRuntime().exec("/usr/bin/sccs edit cert8.db key3.db"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1775 |
testOK("", p11Arg + ("-storepass test12 -genkey -alias genkey" + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1776 |
" -dname cn=genkey -keysize 512 -keyalg rsa")); |
2 | 1777 |
testOK("", p11Arg + "-storepass test12 -list"); |
1778 |
testOK("", p11Arg + "-storepass test12 -list -alias genkey"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1779 |
testOK("", p11Arg + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1780 |
"-storepass test12 -certreq -alias genkey -file genkey.certreq"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1781 |
testOK("", p11Arg + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1782 |
"-storepass test12 -export -alias genkey -file genkey.cert"); |
2 | 1783 |
testOK("", "-printcert -file genkey.cert"); |
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1784 |
testOK("", p11Arg + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1785 |
"-storepass test12 -selfcert -alias genkey -dname cn=selfCert"); |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1786 |
testOK("", p11Arg + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1787 |
"-storepass test12 -list -alias genkey -v"); |
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1788 |
assertTrue(out.indexOf("Owner: CN=selfCert") != -1); |
2 | 1789 |
//(check that cert subject DN is [cn=selfCert]) |
1790 |
testOK("", p11Arg + "-storepass test12 -delete -alias genkey"); |
|
1791 |
testOK("", p11Arg + "-storepass test12 -list"); |
|
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1792 |
assertTrue(out.indexOf("Your keystore contains 0 entries") != -1); |
2 | 1793 |
//(check for empty database listing) |
41107
567f832618d7
8165161: Solaris: /usr/ccs /opt/sfw and /opt/csw are dead, references should be expunged
alanbur
parents:
39633
diff
changeset
|
1794 |
//Runtime.getRuntime().exec("/usr/bin/sccs unedit cert8.db key3.db"); |
2 | 1795 |
remove("genkey.cert"); |
1796 |
remove("genkey.certreq"); |
|
1797 |
// 12. sccs unedit cert8.db key3.db |
|
1798 |
} |
|
1799 |
||
1800 |
// tesing new option -srcProviderName |
|
1801 |
void sszzTest() throws Exception { |
|
1802 |
testAnyway("", NSS_P11_ARG+"-delete -alias nss -storepass test12"); |
|
1803 |
testAnyway("", NZZ_P11_ARG+"-delete -alias nss -storepass test12"); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1804 |
testOK("", NSS_P11_ARG+"-genkeypair -dname CN=NSS " + |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1805 |
"-alias nss -storepass test12"); |
2 | 1806 |
testOK("", NSS_SRC_P11_ARG + NZZ_P11_ARG + |
1807 |
"-importkeystore -srcstorepass test12 -deststorepass test12"); |
|
1808 |
testAnyway("", NSS_P11_ARG+"-delete -alias nss -storepass test12"); |
|
1809 |
testAnyway("", NZZ_P11_ARG+"-delete -alias nss -storepass test12"); |
|
1810 |
} |
|
1811 |
||
1812 |
public static void main(String[] args) throws Exception { |
|
10138 | 1813 |
Locale reservedLocale = Locale.getDefault(); |
1814 |
try { |
|
1815 |
// first test if HumanInputStream really acts like a human being |
|
1816 |
HumanInputStream.test(); |
|
1817 |
KeyToolTest t = new KeyToolTest(); |
|
2 | 1818 |
|
10138 | 1819 |
if (System.getProperty("file") != null) { |
1820 |
t.sqeTest(); |
|
1821 |
t.testAll(); |
|
1822 |
t.i18nTest(); |
|
1823 |
t.v3extTest("RSA"); |
|
1824 |
t.v3extTest("DSA"); |
|
1825 |
boolean testEC = true; |
|
1826 |
try { |
|
1827 |
KeyPairGenerator.getInstance("EC"); |
|
1828 |
} catch (NoSuchAlgorithmException nae) { |
|
1829 |
testEC = false; |
|
1830 |
} |
|
1831 |
if (testEC) t.v3extTest("EC"); |
|
2067
6f9db5f305cd
6780416: New keytool commands/options: -gencert, -printcertreq, -ext
weijun
parents:
2
diff
changeset
|
1832 |
} |
2 | 1833 |
|
10138 | 1834 |
if (System.getProperty("nss") != null) { |
1835 |
t.srcP11Arg = NSS_SRC_P11_ARG; |
|
1836 |
t.p11Arg = NSS_P11_ARG; |
|
2 | 1837 |
|
10138 | 1838 |
t.testPKCS11(); |
1839 |
||
1840 |
// FAIL: |
|
1841 |
// 1. we still don't have srcprovidername yet |
|
1842 |
// 2. cannot store privatekey into NSS keystore |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1843 |
// java.security.KeyStoreException: sun.security.pkcs11 |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1844 |
// .wrapper.PKCS11Exception: CKR_TEMPLATE_INCOMPLETE. |
10138 | 1845 |
//t.testPKCS11ImportKeyStore(); |
1846 |
||
1847 |
t.i18nPKCS11Test(); |
|
29120
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1848 |
//FAIL: currently PKCS11-NSS does not support |
db85cf043b4f
8073853: KeyToolTest.java has too many too long lines
weijun
parents:
29111
diff
changeset
|
1849 |
// 2 NSS KeyStores to be loaded at the same time |
10138 | 1850 |
//t.sszzTest(); |
1851 |
} |
|
2 | 1852 |
|
10138 | 1853 |
if (System.getProperty("solaris") != null) { |
1854 |
// For Solaris Cryptography Framework |
|
1855 |
t.srcP11Arg = SUN_SRC_P11_ARG; |
|
1856 |
t.p11Arg = SUN_P11_ARG; |
|
1857 |
t.testPKCS11(); |
|
1858 |
t.testPKCS11ImportKeyStore(); |
|
1859 |
t.i18nPKCS11Test(); |
|
1860 |
} |
|
2 | 1861 |
|
10138 | 1862 |
System.out.println("Test pass!!!"); |
1863 |
} finally { |
|
1864 |
// restore the reserved locale |
|
1865 |
Locale.setDefault(reservedLocale); |
|
2 | 1866 |
} |
1867 |
} |
|
1868 |
} |
|
1869 |
||
1870 |
class TestException extends Exception { |
|
1871 |
public TestException(String e) { |
|
1872 |
super(e); |
|
1873 |
} |
|
1874 |
} |
|
1875 |
||
1876 |
/** |
|
1877 |
* HumanInputStream tries to act like a human sitting in front of a computer |
|
1878 |
* terminal typing on the keyboard while the keytool program is running. |
|
1879 |
* |
|
1880 |
* keytool has called InputStream.read() and BufferedReader.readLine() in |
|
1881 |
* various places. a call to B.readLine() will try to buffer as much input as |
|
1882 |
* possible. Thus, a trivial InputStream will find it impossible to feed |
|
1883 |
* anything to I.read() after a B.readLine() call. |
|
1884 |
* |
|
1885 |
* This is why i create HumanInputStream, which will only send a single line |
|
1886 |
* to B.readLine(), no more, no less, and the next I.read() can have a chance |
|
1887 |
* to read the exact character right after "\n". |
|
1888 |
* |
|
1889 |
* I don't know why HumanInputStream works. |
|
1890 |
*/ |
|
1891 |
class HumanInputStream extends InputStream { |
|
1892 |
byte[] src; |
|
1893 |
int pos; |
|
1894 |
int length; |
|
1895 |
boolean inLine; |
|
1896 |
int stopIt; |
|
1897 |
||
1898 |
public HumanInputStream(String input) { |
|
1899 |
src = input.getBytes(); |
|
1900 |
pos = 0; |
|
1901 |
length = src.length; |
|
1902 |
stopIt = 0; |
|
1903 |
inLine = false; |
|
1904 |
} |
|
1905 |
||
1906 |
// the trick: when called through read(byte[], int, int), |
|
1907 |
// return -1 twice after "\n" |
|
1908 |
||
1909 |
@Override public int read() throws IOException { |
|
1910 |
int re; |
|
1911 |
if(pos < length) { |
|
1912 |
re = src[pos]; |
|
1913 |
if(inLine) { |
|
1914 |
if(stopIt > 0) { |
|
1915 |
stopIt--; |
|
1916 |
re = -1; |
|
1917 |
} else { |
|
1918 |
if(re == '\n') { |
|
1919 |
stopIt = 2; |
|
1920 |
} |
|
1921 |
pos++; |
|
1922 |
} |
|
1923 |
} else { |
|
1924 |
pos++; |
|
1925 |
} |
|
1926 |
} else { |
|
1927 |
re = -1;//throw new IOException("NO MORE TO READ"); |
|
1928 |
} |
|
1929 |
//if (re < 32) System.err.printf("[%02d]", re); |
|
1930 |
//else System.err.printf("[%c]", (char)re); |
|
1931 |
return re; |
|
1932 |
} |
|
1933 |
@Override public int read(byte[] buffer, int offset, int len) { |
|
1934 |
inLine = true; |
|
1935 |
try { |
|
1936 |
int re = super.read(buffer, offset, len); |
|
1937 |
return re; |
|
1938 |
} catch(Exception e) { |
|
1939 |
throw new RuntimeException("HumanInputStream error"); |
|
1940 |
} finally { |
|
1941 |
inLine = false; |
|
1942 |
} |
|
1943 |
} |
|
1944 |
@Override public int available() { |
|
1945 |
if(pos < length) return 1; |
|
1946 |
return 0; |
|
1947 |
} |
|
1948 |
||
1949 |
// test part |
|
1950 |
static void assertTrue(boolean bool) { |
|
1951 |
if(!bool) |
|
1952 |
throw new RuntimeException(); |
|
1953 |
} |
|
1954 |
||
1955 |
public static void test() throws Exception { |
|
1956 |
||
1957 |
class Tester { |
|
1958 |
HumanInputStream is; |
|
1959 |
BufferedReader reader; |
|
1960 |
Tester(String s) { |
|
1961 |
is = new HumanInputStream(s); |
|
1962 |
reader = new BufferedReader(new InputStreamReader(is)); |
|
1963 |
} |
|
1964 |
||
1965 |
// three kinds of test method |
|
1966 |
// 1. read byte by byte from InputStream |
|
1967 |
void testStreamReadOnce(int expection) throws Exception { |
|
1968 |
assertTrue(is.read() == expection); |
|
1969 |
} |
|
1970 |
void testStreamReadMany(String expection) throws Exception { |
|
1971 |
char[] keys = expection.toCharArray(); |
|
1972 |
for(int i=0; i<keys.length; i++) { |
|
1973 |
assertTrue(is.read() == keys[i]); |
|
1974 |
} |
|
1975 |
} |
|
1976 |
// 2. read a line with a newly created Reader |
|
1977 |
void testReaderReadline(String expection) throws Exception { |
|
1978 |
String s = new BufferedReader(new InputStreamReader(is)).readLine(); |
|
1979 |
if(s == null) assertTrue(expection == null); |
|
1980 |
else assertTrue(s.equals(expection)); |
|
1981 |
} |
|
1982 |
// 3. read a line with the old Reader |
|
1983 |
void testReaderReadline2(String expection) throws Exception { |
|
1984 |
String s = reader.readLine(); |
|
1985 |
if(s == null) assertTrue(expection == null); |
|
1986 |
else assertTrue(s.equals(expection)); |
|
1987 |
} |
|
1988 |
} |
|
1989 |
||
1990 |
Tester test; |
|
1991 |
||
1992 |
test = new Tester("111\n222\n\n444\n\n"); |
|
1993 |
test.testReaderReadline("111"); |
|
1994 |
test.testReaderReadline("222"); |
|
1995 |
test.testReaderReadline(""); |
|
1996 |
test.testReaderReadline("444"); |
|
1997 |
test.testReaderReadline(""); |
|
1998 |
test.testReaderReadline(null); |
|
1999 |
||
2000 |
test = new Tester("111\n222\n\n444\n\n"); |
|
2001 |
test.testReaderReadline2("111"); |
|
2002 |
test.testReaderReadline2("222"); |
|
2003 |
test.testReaderReadline2(""); |
|
2004 |
test.testReaderReadline2("444"); |
|
2005 |
test.testReaderReadline2(""); |
|
2006 |
test.testReaderReadline2(null); |
|
2007 |
||
2008 |
test = new Tester("111\n222\n\n444\n\n"); |
|
2009 |
test.testReaderReadline2("111"); |
|
2010 |
test.testReaderReadline("222"); |
|
2011 |
test.testReaderReadline2(""); |
|
2012 |
test.testReaderReadline2("444"); |
|
2013 |
test.testReaderReadline(""); |
|
2014 |
test.testReaderReadline2(null); |
|
2015 |
||
2016 |
test = new Tester("1\n2"); |
|
2017 |
test.testStreamReadMany("1\n2"); |
|
2018 |
test.testStreamReadOnce(-1); |
|
2019 |
||
2020 |
test = new Tester("12\n234"); |
|
2021 |
test.testStreamReadOnce('1'); |
|
2022 |
test.testReaderReadline("2"); |
|
2023 |
test.testStreamReadOnce('2'); |
|
2024 |
test.testReaderReadline2("34"); |
|
2025 |
test.testReaderReadline2(null); |
|
2026 |
||
2027 |
test = new Tester("changeit\n"); |
|
2028 |
test.testStreamReadMany("changeit\n"); |
|
2029 |
test.testReaderReadline(null); |
|
2030 |
||
2031 |
test = new Tester("changeit\nName\nCountry\nYes\n"); |
|
2032 |
test.testStreamReadMany("changeit\n"); |
|
2033 |
test.testReaderReadline("Name"); |
|
2034 |
test.testReaderReadline("Country"); |
|
2035 |
test.testReaderReadline("Yes"); |
|
2036 |
test.testReaderReadline(null); |
|
2037 |
||
2038 |
test = new Tester("Me\nHere\n"); |
|
2039 |
test.testReaderReadline2("Me"); |
|
2040 |
test.testReaderReadline2("Here"); |
|
2041 |
} |
|
2042 |
} |