1 /* |
1 /* |
2 * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved. |
2 * Copyright (c) 2015, 2018, Oracle and/or its affiliates. All rights reserved. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 * |
4 * |
5 * This code is free software; you can redistribute it and/or modify it |
5 * This code is free software; you can redistribute it and/or modify it |
6 * under the terms of the GNU General Public License version 2 only, as |
6 * under the terms of the GNU General Public License version 2 only, as |
7 * published by the Free Software Foundation. |
7 * published by the Free Software Foundation. |
21 * questions. |
21 * questions. |
22 */ |
22 */ |
23 |
23 |
24 /* |
24 /* |
25 * @test |
25 * @test |
26 * @bug 8074935 |
26 * @bug 8074935 8208602 |
27 * @summary jdk8 keytool doesn't validate pem files for RFC 1421 correctness, as jdk7 did |
27 * @summary X.509 cert PEM format read |
28 * @modules java.base/sun.security.provider |
28 * @modules java.base/sun.security.provider |
29 */ |
29 */ |
30 |
30 |
31 import java.io.ByteArrayOutputStream; |
31 import java.io.ByteArrayOutputStream; |
32 import java.io.FileInputStream; |
32 import java.io.FileInputStream; |
33 import java.io.FileOutputStream; |
|
34 import java.io.PrintStream; |
33 import java.io.PrintStream; |
35 import java.security.KeyStore; |
34 import java.security.KeyStore; |
36 import java.security.cert.CertificateException; |
35 import java.security.cert.CertificateException; |
37 import java.util.Arrays; |
36 import java.util.Arrays; |
38 import java.util.Base64; |
37 import java.util.Base64; |
47 String ks = System.getProperty("test.src", ".") |
46 String ks = System.getProperty("test.src", ".") |
48 + "/../../../../javax/net/ssl/etc/keystore"; |
47 + "/../../../../javax/net/ssl/etc/keystore"; |
49 String pass = "passphrase"; |
48 String pass = "passphrase"; |
50 String alias = "dummy"; |
49 String alias = "dummy"; |
51 |
50 |
|
51 CertificateFactory cf = CertificateFactory.getInstance("X.509"); |
52 KeyStore keyStore = KeyStore.getInstance("JKS"); |
52 KeyStore keyStore = KeyStore.getInstance("JKS"); |
53 keyStore.load(new FileInputStream(ks), pass.toCharArray()); |
53 keyStore.load(new FileInputStream(ks), pass.toCharArray()); |
54 byte[] cert = keyStore.getCertificate(alias).getEncoded(); |
54 byte[] cert = keyStore.getCertificate(alias).getEncoded(); |
55 |
55 |
|
56 // 8074935 |
56 ByteArrayOutputStream bout = new ByteArrayOutputStream(); |
57 ByteArrayOutputStream bout = new ByteArrayOutputStream(); |
57 PrintStream pout = new PrintStream(bout); |
58 PrintStream pout = new PrintStream(bout); |
58 byte[] CRLF = new byte[] {'\r', '\n'}; |
59 byte[] CRLF = new byte[] {'\r', '\n'}; |
59 pout.println(X509Factory.BEGIN_CERT); |
60 pout.println(X509Factory.BEGIN_CERT); |
60 for (int i=0; i<cert.length; i += 48) { |
61 for (int i=0; i<cert.length; i += 48) { |
62 pout.println("!" + Base64.getEncoder() |
63 pout.println("!" + Base64.getEncoder() |
63 .encodeToString(Arrays.copyOfRange(cert, i, i + blockLen))); |
64 .encodeToString(Arrays.copyOfRange(cert, i, i + blockLen))); |
64 } |
65 } |
65 pout.println(X509Factory.END_CERT); |
66 pout.println(X509Factory.END_CERT); |
66 |
67 |
67 CertificateFactory cf = CertificateFactory.getInstance("X.509"); |
|
68 |
|
69 try { |
68 try { |
70 cf.generateCertificate(new ByteArrayInputStream(bout.toByteArray())); |
69 cf.generateCertificate(new ByteArrayInputStream(bout.toByteArray())); |
71 throw new Exception("Should fail"); |
70 throw new Exception("Should fail"); |
72 } catch (CertificateException e) { |
71 } catch (CertificateException e) { |
73 // Good |
72 // Good |
74 } |
73 } |
|
74 |
|
75 // 8208602 |
|
76 bout.reset(); |
|
77 pout.println(X509Factory.BEGIN_CERT + " "); |
|
78 pout.println(Base64.getMimeEncoder().encodeToString(cert)); |
|
79 pout.println(X509Factory.END_CERT + " "); |
|
80 |
|
81 cf.generateCertificate(new ByteArrayInputStream(bout.toByteArray())); |
75 } |
82 } |
76 } |
83 } |
77 |
84 |