1 # |
|
2 # Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. |
|
3 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
4 # |
|
5 # This code is free software; you can redistribute it and/or modify it |
|
6 # under the terms of the GNU General Public License version 2 only, as |
|
7 # published by the Free Software Foundation. |
|
8 # |
|
9 # This code is distributed in the hope that it will be useful, but WITHOUT |
|
10 # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
11 # FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
12 # version 2 for more details (a copy is included in the LICENSE file that |
|
13 # accompanied this code). |
|
14 # |
|
15 # You should have received a copy of the GNU General Public License version |
|
16 # 2 along with this work; if not, write to the Free Software Foundation, |
|
17 # Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
18 # |
|
19 # Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
20 # or visit www.oracle.com if you need additional information or have any |
|
21 # questions. |
|
22 # |
|
23 |
|
24 # @test |
|
25 # @bug 8010125 |
|
26 # @summary keytool -importkeystore could create a pkcs12 keystore with |
|
27 # different storepass and keypass |
|
28 # |
|
29 |
|
30 if [ "${TESTJAVA}" = "" ] ; then |
|
31 JAVAC_CMD=`which javac` |
|
32 TESTJAVA=`dirname $JAVAC_CMD`/.. |
|
33 fi |
|
34 |
|
35 # set platform-dependent variables |
|
36 OS=`uname -s` |
|
37 case "$OS" in |
|
38 Windows_* ) |
|
39 FS="\\" |
|
40 ;; |
|
41 * ) |
|
42 FS="/" |
|
43 ;; |
|
44 esac |
|
45 |
|
46 LANG=C |
|
47 KT="$TESTJAVA${FS}bin${FS}keytool ${TESTTOOLVMOPTS}" |
|
48 |
|
49 # Part 1: JKS keystore with same storepass and keypass |
|
50 |
|
51 rm jks 2> /dev/null |
|
52 $KT -genkeypair -keystore jks -storetype jks -alias me -dname CN=Me \ |
|
53 -keyalg rsa -storepass pass1111 -keypass pass1111 || exit 11 |
|
54 |
|
55 # Cannot only change storepass |
|
56 rm p12 2> /dev/null |
|
57 $KT -importkeystore -noprompt \ |
|
58 -srcstoretype jks -srckeystore jks -destkeystore p12 -deststoretype pkcs12 \ |
|
59 -srcstorepass pass1111 \ |
|
60 -deststorepass pass2222 \ |
|
61 && exit 12 |
|
62 |
|
63 # You can keep storepass unchanged |
|
64 rm p12 2> /dev/null |
|
65 $KT -importkeystore -noprompt \ |
|
66 -srcstoretype jks -srckeystore jks -destkeystore p12 -deststoretype pkcs12 \ |
|
67 -srcstorepass pass1111 \ |
|
68 -deststorepass pass1111 \ |
|
69 || exit 13 |
|
70 $KT -certreq -storetype pkcs12 -keystore p12 -alias me \ |
|
71 -storepass pass1111 -keypass pass1111 || exit 14 |
|
72 |
|
73 # Or change storepass and keypass both |
|
74 rm p12 2> /dev/null |
|
75 $KT -importkeystore -noprompt \ |
|
76 -srcstoretype jks -srckeystore jks -destkeystore p12 -deststoretype pkcs12 \ |
|
77 -srcstorepass pass1111 \ |
|
78 -deststorepass pass2222 -destkeypass pass2222 \ |
|
79 || exit 15 |
|
80 $KT -certreq -storetype pkcs12 -keystore p12 -alias me \ |
|
81 -storepass pass2222 -keypass pass2222 || exit 16 |
|
82 |
|
83 # Part 2: JKS keystore with different storepass and keypass |
|
84 # Must import by alias (-srckeypass is not available when importing all) |
|
85 |
|
86 rm jks 2> /dev/null |
|
87 $KT -genkeypair -keystore jks -storetype jks -alias me -dname CN=Me \ |
|
88 -keyalg rsa -storepass pass1111 -keypass pass2222 || exit 21 |
|
89 |
|
90 # Can use old keypass as new storepass so new storepass and keypass are same |
|
91 rm p12 2> /dev/null |
|
92 $KT -importkeystore -noprompt -srcalias me \ |
|
93 -srcstoretype jks -srckeystore jks -destkeystore p12 -deststoretype pkcs12 \ |
|
94 -srcstorepass pass1111 -srckeypass pass2222 \ |
|
95 -deststorepass pass2222 \ |
|
96 || exit 22 |
|
97 $KT -certreq -storetype pkcs12 -keystore p12 -alias me \ |
|
98 -storepass pass2222 -keypass pass2222 || exit 23 |
|
99 |
|
100 # Or specify both storepass and keypass to brand new ones |
|
101 rm p12 2> /dev/null |
|
102 $KT -importkeystore -noprompt -srcalias me \ |
|
103 -srcstoretype jks -srckeystore jks -destkeystore p12 -deststoretype pkcs12 \ |
|
104 -srcstorepass pass1111 -srckeypass pass2222 \ |
|
105 -deststorepass pass3333 -destkeypass pass3333 \ |
|
106 || exit 24 |
|
107 $KT -certreq -storetype pkcs12 -keystore p12 -alias me \ |
|
108 -storepass pass3333 -keypass pass3333 || exit 25 |
|
109 |
|
110 # Anyway you cannot make new storepass and keypass different |
|
111 rm p12 2> /dev/null |
|
112 $KT -importkeystore -noprompt -srcalias me \ |
|
113 -srcstoretype jks -srckeystore jks -destkeystore p12 -deststoretype pkcs12 \ |
|
114 -srcstorepass pass1111 -srckeypass pass2222 \ |
|
115 -deststorepass pass1111 \ |
|
116 && exit 26 |
|
117 |
|
118 exit 0 |
|