1 /* |
1 /* |
2 * Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved. |
2 * Copyright (c) 2006, 2016, Oracle and/or its affiliates. All rights reserved. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 * |
4 * |
5 * This code is free software; you can redistribute it and/or modify it |
5 * This code is free software; you can redistribute it and/or modify it |
6 * under the terms of the GNU General Public License version 2 only, as |
6 * under the terms of the GNU General Public License version 2 only, as |
7 * published by the Free Software Foundation. |
7 * published by the Free Software Foundation. |
27 * @summary Verify that we can parse ECPrivateKeys from PKCS#12 and use them |
27 * @summary Verify that we can parse ECPrivateKeys from PKCS#12 and use them |
28 * @author Andreas Sterbenz |
28 * @author Andreas Sterbenz |
29 * @library .. |
29 * @library .. |
30 * @library ../../../../java/security/testlibrary |
30 * @library ../../../../java/security/testlibrary |
31 * @key randomness |
31 * @key randomness |
|
32 * @run main/othervm ReadPKCS12 |
|
33 * @run main/othervm ReadPKCS12 sm policy |
32 */ |
34 */ |
33 |
35 |
34 import java.io.*; |
36 import java.io.BufferedReader; |
35 import java.util.*; |
37 import java.io.File; |
36 |
38 import java.io.FileInputStream; |
37 import java.security.*; |
39 import java.io.FileOutputStream; |
38 import java.security.interfaces.*; |
40 import java.io.FileReader; |
39 import java.security.cert.*; |
41 import java.io.InputStream; |
|
42 import java.io.OutputStream; |
|
43 import java.security.KeyStore; |
|
44 import java.security.PrivateKey; |
|
45 import java.security.Provider; |
|
46 import java.security.PublicKey; |
|
47 import java.security.Signature; |
40 import java.security.cert.Certificate; |
48 import java.security.cert.Certificate; |
41 |
49 import java.security.cert.CertificateException; |
42 import javax.security.auth.x500.X500Principal; |
50 import java.security.cert.CertificateFactory; |
|
51 import java.security.cert.X509Certificate; |
|
52 import java.util.Collections; |
|
53 import java.util.HashMap; |
|
54 import java.util.List; |
|
55 import java.util.Map; |
|
56 import java.util.Random; |
43 |
57 |
44 public class ReadPKCS12 extends PKCS11Test { |
58 public class ReadPKCS12 extends PKCS11Test { |
45 |
59 |
46 private final static boolean COPY = false; |
60 private final static boolean COPY = false; |
47 |
61 |
48 public static void main(String[] args) throws Exception { |
62 public static void main(String[] args) throws Exception { |
49 main(new ReadPKCS12()); |
63 main(new ReadPKCS12(), args); |
50 } |
64 } |
51 |
65 |
|
66 @Override |
52 public void main(Provider p) throws Exception { |
67 public void main(Provider p) throws Exception { |
53 if (p.getService("Signature", "SHA1withECDSA") == null) { |
68 if (p.getService("Signature", "SHA1withECDSA") == null) { |
54 System.out.println("Provider does not support ECDSA, skipping..."); |
69 System.out.println("Provider does not support ECDSA, skipping..."); |
55 return; |
70 return; |
56 } |
71 } |
69 } |
84 } |
70 |
85 |
71 KeyStore ks2; |
86 KeyStore ks2; |
72 if (COPY) { |
87 if (COPY) { |
73 ks2 = KeyStore.getInstance("JKS"); |
88 ks2 = KeyStore.getInstance("JKS"); |
74 InputStream in = new FileInputStream("keystore.old"); |
89 try (InputStream in = new FileInputStream("keystore.old")) { |
75 ks2.load(in, "passphrase".toCharArray()); |
90 ks2.load(in, "passphrase".toCharArray()); |
76 in.close(); |
91 } |
77 } |
92 } |
78 |
93 |
79 File dir = new File(BASE, "pkcs12"); |
94 File dir = new File(BASE, "pkcs12"); |
80 File closedDir = new File(CLOSED_BASE, "pkcs12"); |
95 File closedDir = new File(CLOSED_BASE, "pkcs12"); |
81 |
96 |
82 Map<String,char[]> passwords = new HashMap<String,char[]>(); |
97 Map<String,char[]> passwords = new HashMap<>(); |
83 BufferedReader reader = new BufferedReader(new FileReader((new File(BASE, "p12passwords.txt")))); |
98 try (BufferedReader reader = new BufferedReader( |
84 while (true) { |
99 new FileReader(new File(BASE, "p12passwords.txt")))) { |
85 String line = reader.readLine(); |
100 while (true) { |
86 if (line == null) { |
101 String line = reader.readLine(); |
87 break; |
102 if (line == null) { |
|
103 break; |
|
104 } |
|
105 line = line.trim(); |
|
106 if ((line.length() == 0) || line.startsWith("#")) { |
|
107 continue; |
|
108 } |
|
109 String[] s = line.split(" "); |
|
110 passwords.put(s[0], s[1].toCharArray()); |
88 } |
111 } |
89 line = line.trim(); |
|
90 if ((line.length() == 0) || line.startsWith("#")) { |
|
91 continue; |
|
92 } |
|
93 String[] s = line.split(" "); |
|
94 passwords.put(s[0], s[1].toCharArray()); |
|
95 } |
112 } |
96 reader.close(); |
|
97 |
113 |
98 for (File file : concat(dir.listFiles(), closedDir.listFiles())) { |
114 for (File file : concat(dir.listFiles(), closedDir.listFiles())) { |
99 String name = file.getName(); |
115 String name = file.getName(); |
100 if (file.isFile() == false) { |
116 if (file.isFile() == false) { |
101 continue; |
117 continue; |
106 char[] password = passwords.get(name); |
122 char[] password = passwords.get(name); |
107 if (password == null) { |
123 if (password == null) { |
108 password = passwords.get("*"); |
124 password = passwords.get("*"); |
109 } |
125 } |
110 |
126 |
111 InputStream in = new FileInputStream(file); |
127 KeyStore ks; |
112 KeyStore ks = KeyStore.getInstance("PKCS12"); |
128 try (InputStream in = new FileInputStream(file)) { |
113 ks.load(in, password); |
129 ks = KeyStore.getInstance("PKCS12"); |
114 in.close(); |
130 ks.load(in, password); |
|
131 } |
115 List<String> aliases = Collections.list(ks.aliases()); |
132 List<String> aliases = Collections.list(ks.aliases()); |
116 System.out.println("Aliases: " + aliases); |
133 System.out.println("Aliases: " + aliases); |
117 |
134 |
118 for (String alias : aliases) { |
135 for (String alias : aliases) { |
119 PrivateKey privateKey = (PrivateKey)ks.getKey(alias, password); |
136 PrivateKey privateKey = (PrivateKey)ks.getKey(alias, password); |