| author | weijun |
| Fri, 15 Nov 2019 09:06:58 +0800 | |
| changeset 59104 | 046e4024e55a |
| parent 54521 | 8de62c4af8c7 |
| permissions | -rw-r--r-- |
| 2 | 1 |
<html> |
2 |
<body> |
|
3 |
||
|
54521
8de62c4af8c7
8180573: Refactor sun/security/tools shell tests to plain java tests
weijun
parents:
47216
diff
changeset
|
4 |
This is a multi-stage test. For each instruction, make sure the output |
| 2 | 5 |
from keytool is correct (you can read everything in english fine). |
6 |
||
7 |
<ol> |
|
8 |
<li> rm ~/.keystore |
|
9 |
If you are on a Windows platform, delete the .keystore file in |
|
10 |
your home directory. |
|
11 |
<li> keytool -help |
|
| 59104 | 12 |
<li> keytool -genkey -keyalg DSA -v -keysize 512 |
| 2 | 13 |
Enter "a" for the keystore password. Check error (password too short). |
14 |
Enter "password" for the keystore password. |
|
15 |
Re-enter "password" to confirm. |
|
16 |
Hit 'return' for "first and last name", "organizational unit", |
|
17 |
"organization", "City", "State", and "Country Code". |
|
18 |
Type "yes" when they ask you if everything is correct. |
|
19 |
Type 'return' for new key password. |
|
20 |
<li> keytool -list -v -storepass password |
|
21 |
<li> keytool -list -v |
|
22 |
Type "a" for the keystore password. |
|
23 |
Check error (wrong keystore password). |
|
| 59104 | 24 |
<li> keytool -genkey -keyalg DSA -v -keysize 512 |
| 2 | 25 |
Enter "password" as the password. |
26 |
Check error (alias 'mykey' already exists). |
|
| 59104 | 27 |
<li> keytool -genkey -keyalg DSA -v -keysize 512 -alias mykey2 -storepass password |
| 2 | 28 |
Hit 'return' for "first and last name", "organizational unit", |
29 |
"organization", "City", "State", and "Country Code". |
|
30 |
Type "yes" when they ask you if everything is correct. |
|
31 |
Type 'return' for new key password. |
|
32 |
<li> keytool -list -v |
|
33 |
Type 'password' for the store password. |
|
34 |
<li> keytool -keypasswd -v -alias mykey2 -storepass password |
|
35 |
Type "a" for the new key password. |
|
36 |
Type "aaaaaa" for the new key password. |
|
37 |
Type "bbbbbb" when re-entering the new key password. |
|
38 |
Type "a" for the new key password. |
|
39 |
Check Error (too many failures). |
|
40 |
<li> keytool -keypasswd -v -alias mykey2 -storepass password |
|
41 |
Type "aaaaaa" for the new key password. |
|
42 |
Type "aaaaaa" when re-entering the new key password. |
|
43 |
<li> keytool -selfcert -v -alias mykey -storepass password |
|
44 |
<li> keytool -list -v -storepass password |
|
45 |
<li> keytool -export -v -alias mykey -file /tmp/cert -storepass password |
|
46 |
<li> keytool -import -v -file /tmp/cert -storepass password |
|
47 |
Check error (Certificate reply and cert are the same) |
|
48 |
<li> keytool -printcert -file /tmp/cert |
|
|
39633
9dc7586be5f0
8130302: jarsigner and keytool -providerClass needs be re-examined for modules
weijun
parents:
2
diff
changeset
|
49 |
<li> keytool -list -storepass password -addprovider SUN |
| 2 | 50 |
</ol> |
51 |
||
52 |
Error tests |
|
53 |
||
54 |
<ol> |
|
55 |
<li> keytool -storepasswd -storepass password -new abc |
|
56 |
Check error (password too short) |
|
57 |
<!--li> keytool -list -storetype PKCS11 |
|
58 |
Check error (-keystore must be NONE)--> |
|
59 |
<li> keytool -storepasswd -storetype PKCS11 -keystore NONE |
|
60 |
Check error (unsupported operation) |
|
61 |
<li> keytool -keypasswd -storetype PKCS11 -keystore NONE |
|
62 |
Check error (unsupported operation) |
|
63 |
<li> keytool -list -protected -storepass password |
|
64 |
Check error (password can not be specified with -protected) |
|
65 |
<li> keytool -keypasswd -protected -keypass password |
|
66 |
Check error (password can not be specified with -protected) |
|
67 |
<li> keytool -keypasswd -protected -new password |
|
68 |
Check error (password can not be specified with -protected) |
|
69 |
</ol> |
|
70 |
||
71 |
MSCAPI tests (Only run on Windows) |
|
72 |
||
73 |
<ol> |
|
74 |
<li>keytool -storetype Windows-MY -list |
|
75 |
should list entries (may be 0) without asking for password |
|
76 |
should not show ****** WARNING WARNING WARNING ****** lines |
|
77 |
<li>keytool -storetype Windows-MY -list -keystore NONE |
|
78 |
should list entries without asking for password |
|
79 |
<li>keytool -storetype Windows-MY -list -keystore other |
|
80 |
Error: storetype must be NONE |
|
81 |
<li>keytool -storetype Windows-MY -list -storepass changeit |
|
82 |
Error: storepass cannot be specfied |
|
83 |
<li>keytool -storetype Windows-MY -list -storepasswd |
|
84 |
Error: storepasswd not supported |
|
85 |
</ol> |
|
86 |
||
87 |
PKCS#11 tests |
|
88 |
||
89 |
<ol> |
|
90 |
<li> sccs edit cert8.db key3.db |
|
91 |
||
|
39633
9dc7586be5f0
8130302: jarsigner and keytool -providerClass needs be re-examined for modules
weijun
parents:
2
diff
changeset
|
92 |
<li> keytool -keystore NONE -storepass test12 -storetype PKCS11 -providerName SunPKCS11-nss -addprovider SunPKCS11 -providerArg p11-nss.txt -genkey -alias genkey -dname cn=genkey -keysize 512 -keyalg rsa |
|
9dc7586be5f0
8130302: jarsigner and keytool -providerClass needs be re-examined for modules
weijun
parents:
2
diff
changeset
|
93 |
<li> keytool -keystore NONE -storepass test12 -storetype PKCS11 -providerName SunPKCS11-nss -addprovider SunPKCS11 -providerArg p11-nss.txt -list |
|
9dc7586be5f0
8130302: jarsigner and keytool -providerClass needs be re-examined for modules
weijun
parents:
2
diff
changeset
|
94 |
<li> keytool -keystore NONE -storepass test12 -storetype PKCS11 -providerName SunPKCS11-nss -addprovider SunPKCS11 -providerArg p11-nss.txt -list -alias genkey |
|
9dc7586be5f0
8130302: jarsigner and keytool -providerClass needs be re-examined for modules
weijun
parents:
2
diff
changeset
|
95 |
<li> keytool -keystore NONE -storepass test12 -storetype PKCS11 -providerName SunPKCS11-nss -addprovider SunPKCS11 -providerArg p11-nss.txt -certreq -alias genkey -file genkey.certreq |
|
9dc7586be5f0
8130302: jarsigner and keytool -providerClass needs be re-examined for modules
weijun
parents:
2
diff
changeset
|
96 |
<li> keytool -keystore NONE -storepass test12 -storetype PKCS11 -providerName SunPKCS11-nss -addprovider SunPKCS11 -providerArg p11-nss.txt -export -alias genkey -file genkey.cert |
| 2 | 97 |
<li> keytool -printcert -file genkey.cert |
|
39633
9dc7586be5f0
8130302: jarsigner and keytool -providerClass needs be re-examined for modules
weijun
parents:
2
diff
changeset
|
98 |
<li> keytool -keystore NONE -storepass test12 -storetype PKCS11 -providerName SunPKCS11-nss -addprovider SunPKCS11 -providerArg p11-nss.txt -selfcert -alias genkey -dname cn=selfCert |
| 2 | 99 |
|
|
39633
9dc7586be5f0
8130302: jarsigner and keytool -providerClass needs be re-examined for modules
weijun
parents:
2
diff
changeset
|
100 |
<li> keytool -keystore NONE -storepass test12 -storetype PKCS11 -providerName SunPKCS11-nss -addprovider SunPKCS11 -providerArg p11-nss.txt -list -alias genkey -v |
| 2 | 101 |
(check that cert subject DN is [cn=selfCert]) |
102 |
||
|
39633
9dc7586be5f0
8130302: jarsigner and keytool -providerClass needs be re-examined for modules
weijun
parents:
2
diff
changeset
|
103 |
<li> keytool -keystore NONE -storepass test12 -storetype PKCS11 -providerName SunPKCS11-nss -addprovider SunPKCS11 -providerArg p11-nss.txt -delete -alias genkey |
|
9dc7586be5f0
8130302: jarsigner and keytool -providerClass needs be re-examined for modules
weijun
parents:
2
diff
changeset
|
104 |
<li> keytool -keystore NONE -storepass test12 -storetype PKCS11 -providerName SunPKCS11-nss -addprovider SunPKCS11 -providerArg p11-nss.txt -list |
| 2 | 105 |
(check for empty database listing) |
106 |
||
107 |
<li> sccs unedit cert8.db key3.db |
|
108 |
||
109 |
</ol> |
|
110 |
||
111 |
If all the output (english) is correct, then the test passed. |
|
112 |
Otherwise, the test failed. |
|
113 |
||
114 |
</body> |
|
115 |
</html> |