1 /*

     2  * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.

     3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

     4  *

     5  * This code is free software; you can redistribute it and/or modify it

     6  * under the terms of the GNU General Public License version 2 only, as

     7  * published by the Free Software Foundation.

     8  *

     9  * This code is distributed in the hope that it will be useful, but WITHOUT

    10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

    11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

    12  * version 2 for more details (a copy is included in the LICENSE file that

    13  * accompanied this code).

    14  *

    15  * You should have received a copy of the GNU General Public License version

    16  * 2 along with this work; if not, write to the Free Software Foundation,

    17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

    18  *

    19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

    20  * or visit www.oracle.com if you need additional information or have any

    21  * questions.

    22  */

    23 

    24 /*

    25  * @test

    26  * @bug 8005408

    27  * @summary KeyStore API enhancements

    28  */

    29 

    30 import java.io.*;

    31 import java.security.*;

    32 import java.security.cert.*;

    33 import java.util.*;

    34 import java.security.cert.Certificate;

    35 import javax.crypto.*;

    36 import javax.crypto.spec.*;

    37 

    38 // Store a trusted certificate in a keystore and retrieve it again.

    39 

    40 public class StoreTrustedCertTest {

    41     private final static String DIR = System.getProperty("test.src", ".");

    42     private static final char[] PASSWORD = "passphrase".toCharArray();

    43     private static final String KEYSTORE = "truststore.p12";

    44     private static final String CERT = DIR + "/trusted.pem";

    45     private static final String ALIAS = "my trustedcert";

    46     private static final String ALIAS2 = "my trustedcert with attributes";

    47 

    48     public static void main(String[] args) throws Exception {

    49 

    50         new File(KEYSTORE).delete();

    51 

    52         KeyStore keystore = KeyStore.getInstance("PKCS12");

    53         keystore.load(null, null);

    54 

    55         Certificate cert = loadCertificate(CERT);

    56         Set<KeyStore.Entry.Attribute> attributes = new HashSet<>();

    57         attributes.add(new PKCS12Attribute("1.3.5.7.9", "that's odd"));

    58         attributes.add(new PKCS12Attribute("2.4.6.8.10", "that's even"));

    59 

    60         // Set trusted certificate entry

    61         keystore.setEntry(ALIAS,

    62             new KeyStore.TrustedCertificateEntry(cert), null);

    63 

    64         // Set trusted certificate entry with attributes

    65         keystore.setEntry(ALIAS2,

    66             new KeyStore.TrustedCertificateEntry(cert, attributes), null);

    67 

    68         try (FileOutputStream outStream = new FileOutputStream(KEYSTORE)) {

    69             System.out.println("Storing keystore to: " + KEYSTORE);

    70             keystore.store(outStream, PASSWORD);

    71         }

    72 

    73         try (FileInputStream inStream = new FileInputStream(KEYSTORE)) {

    74             System.out.println("Loading keystore from: " + KEYSTORE);

    75             keystore.load(inStream, PASSWORD);

    76             System.out.println("Loaded keystore with " + keystore.size() +

    77                 " entries");

    78         }

    79 

    80         KeyStore.Entry entry = keystore.getEntry(ALIAS, null);

    81         if (entry instanceof KeyStore.TrustedCertificateEntry) {

    82             System.out.println("Retrieved trusted certificate entry: " + entry);

    83         } else {

    84             throw new Exception("Not a trusted certificate entry");

    85         }

    86         System.out.println();

    87 

    88         entry = keystore.getEntry(ALIAS2, null);

    89         if (entry instanceof KeyStore.TrustedCertificateEntry) {

    90             KeyStore.TrustedCertificateEntry trustedEntry =

    91                 (KeyStore.TrustedCertificateEntry) entry;

    92             Set<KeyStore.Entry.Attribute> entryAttributes =

    93                 trustedEntry.getAttributes();

    94 

    95             if (entryAttributes.containsAll(attributes)) {

    96                 System.out.println("Retrieved trusted certificate entry " +

    97                     "with attributes: " + entry);

    98             } else {

    99                 throw new Exception("Failed to retrieve entry attributes");

   100             }

   101         } else {

   102             throw new Exception("Not a trusted certificate entry");

   103         }

   104     }

   105 

   106     private static Certificate loadCertificate(String certFile)

   107         throws Exception {

   108         X509Certificate cert = null;

   109         try (FileInputStream certStream = new FileInputStream(certFile)) {

   110             CertificateFactory factory =

   111                 CertificateFactory.getInstance("X.509");

   112             return factory.generateCertificate(certStream);

   113         }

   114     }

   115 }