|
1 /* |
|
2 * Copyright 2003-2005 Sun Microsystems, Inc. All Rights Reserved. |
|
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
4 * |
|
5 * This code is free software; you can redistribute it and/or modify it |
|
6 * under the terms of the GNU General Public License version 2 only, as |
|
7 * published by the Free Software Foundation. |
|
8 * |
|
9 * This code is distributed in the hope that it will be useful, but WITHOUT |
|
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
12 * version 2 for more details (a copy is included in the LICENSE file that |
|
13 * accompanied this code). |
|
14 * |
|
15 * You should have received a copy of the GNU General Public License version |
|
16 * 2 along with this work; if not, write to the Free Software Foundation, |
|
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
18 * |
|
19 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, |
|
20 * CA 95054 USA or visit www.sun.com if you need additional information or |
|
21 * have any questions. |
|
22 */ |
|
23 |
|
24 /** |
|
25 * @test |
|
26 * @bug 4938922 4961104 5071293 6236533 |
|
27 * @summary verify that the KeyStore.Builder API works |
|
28 * @author Andreas Sterbenz |
|
29 */ |
|
30 |
|
31 import java.io.*; |
|
32 import java.util.*; |
|
33 |
|
34 import java.security.*; |
|
35 import java.security.KeyStore.*; |
|
36 import java.security.cert.*; |
|
37 import java.security.cert.Certificate; |
|
38 |
|
39 import javax.security.auth.callback.*; |
|
40 |
|
41 public class KeyStoreBuilder { |
|
42 |
|
43 private final static String DIR = System.getProperty("test.src", "."); |
|
44 |
|
45 private static final char[] password = "passphrase".toCharArray(); |
|
46 |
|
47 private static final char[] wrongPassword = "wrong".toCharArray(); |
|
48 |
|
49 public static void main(String[] args) throws Exception { |
|
50 File KSFILE = new File(DIR, "keystore.jks"); |
|
51 KeyStore ks; |
|
52 String alias = "vajra"; |
|
53 Entry entry = null; |
|
54 |
|
55 Builder builder; |
|
56 builder = Builder.newInstance("JKS", null, KSFILE, new PasswordProtection(password)); |
|
57 ks = builder.getKeyStore(); |
|
58 System.out.println("-KeyStore: " + ks.size()); |
|
59 entry = ks.getEntry(alias, builder.getProtectionParameter(alias)); |
|
60 showEntry(entry); |
|
61 |
|
62 builder = Builder.newInstance("JKS", Security.getProvider("Sun"), KSFILE, |
|
63 new CallbackHandlerProtection(new DummyHandler())); |
|
64 ks = builder.getKeyStore(); |
|
65 System.out.println("-KeyStore: " + ks.size()); |
|
66 entry = ks.getEntry(alias, builder.getProtectionParameter(alias)); |
|
67 showEntry(entry); |
|
68 |
|
69 builder = Builder.newInstance("JKS", null, new PasswordProtection(password)); |
|
70 ks = builder.getKeyStore(); |
|
71 int k = ks.size(); |
|
72 System.out.println("-KeyStore: " + k); |
|
73 if (k != 0) { |
|
74 throw new Exception("Size not zero: " + k); |
|
75 } |
|
76 |
|
77 DummyHandler handler = new DummyHandler(); |
|
78 |
|
79 handler.useWrongPassword = 2; |
|
80 builder = Builder.newInstance("JKS", null, KSFILE, new CallbackHandlerProtection(handler)); |
|
81 ks = builder.getKeyStore(); |
|
82 System.out.println("-KeyStore: " + ks.size()); |
|
83 entry = ks.getEntry(alias, builder.getProtectionParameter(alias)); |
|
84 showEntry(entry); |
|
85 |
|
86 handler.useWrongPassword = 3; |
|
87 builder = Builder.newInstance("JKS", null, KSFILE, new CallbackHandlerProtection(handler)); |
|
88 try { |
|
89 ks = builder.getKeyStore(); |
|
90 throw new Exception("should not succeed"); |
|
91 } catch (KeyStoreException e) { |
|
92 System.out.println(e); |
|
93 } |
|
94 try { |
|
95 ks = builder.getKeyStore(); |
|
96 throw new Exception("should not succeed"); |
|
97 } catch (KeyStoreException e) { |
|
98 System.out.println(e); |
|
99 } |
|
100 |
|
101 Provider p = new MyProvider(); |
|
102 |
|
103 handler.useWrongPassword = 2; |
|
104 builder = Builder.newInstance("My", p, new CallbackHandlerProtection(handler)); |
|
105 ks = builder.getKeyStore(); |
|
106 k = ks.size(); |
|
107 System.out.println("-KeyStore: " + k); |
|
108 if (k != 0) { |
|
109 throw new Exception("Size not zero: " + k); |
|
110 } |
|
111 |
|
112 handler.useWrongPassword = 3; |
|
113 builder = Builder.newInstance("My", p, new CallbackHandlerProtection(handler)); |
|
114 try { |
|
115 ks = builder.getKeyStore(); |
|
116 throw new Exception("should not succeed"); |
|
117 } catch (KeyStoreException e) { |
|
118 System.out.println(e); |
|
119 } |
|
120 try { |
|
121 ks = builder.getKeyStore(); |
|
122 throw new Exception("should not succeed"); |
|
123 } catch (KeyStoreException e) { |
|
124 System.out.println(e); |
|
125 } |
|
126 |
|
127 System.out.println("-OK"); |
|
128 } |
|
129 |
|
130 private static void showEntry(Entry entry) { |
|
131 PrivateKeyEntry pke = (PrivateKeyEntry)entry; |
|
132 X509Certificate cert = (X509Certificate)pke.getCertificate(); |
|
133 System.out.println("subject: " + cert.getSubjectX500Principal()); |
|
134 } |
|
135 |
|
136 private static class DummyHandler implements CallbackHandler { |
|
137 |
|
138 int useWrongPassword; |
|
139 |
|
140 public void handle(Callback[] callbacks) |
|
141 throws IOException, UnsupportedCallbackException { |
|
142 System.out.println("** Callbackhandler invoked"); |
|
143 for (int i = 0; i < callbacks.length; i++) { |
|
144 Callback cb = callbacks[i]; |
|
145 if (cb instanceof PasswordCallback) { |
|
146 System.out.println("Found PasswordCallback"); |
|
147 PasswordCallback pcb = (PasswordCallback)cb; |
|
148 if (useWrongPassword == 0) { |
|
149 pcb.setPassword(password); |
|
150 } else { |
|
151 pcb.setPassword(wrongPassword); |
|
152 useWrongPassword--; |
|
153 } |
|
154 break; |
|
155 } |
|
156 } |
|
157 } |
|
158 } |
|
159 |
|
160 private static class BaseKeyStoreSpi extends KeyStoreSpi { |
|
161 public Key engineGetKey(String alias, char[] password) { |
|
162 return null; |
|
163 } |
|
164 public Certificate[] engineGetCertificateChain(String alias) { |
|
165 return null; |
|
166 } |
|
167 public Certificate engineGetCertificate(String alias) { |
|
168 return null; |
|
169 } |
|
170 public Date engineGetCreationDate(String alias) { |
|
171 return null; |
|
172 } |
|
173 public void engineSetKeyEntry(String alias, Key key, char[] password, Certificate[] certs) { |
|
174 // |
|
175 } |
|
176 public void engineSetKeyEntry(String alias, byte[] key, Certificate[] certs) { |
|
177 // |
|
178 } |
|
179 public void engineSetCertificateEntry(String alias, Certificate cert) { |
|
180 // |
|
181 } |
|
182 public void engineDeleteEntry(String alias) { |
|
183 // |
|
184 } |
|
185 public Enumeration<String> engineAliases() { |
|
186 return new Vector<String>().elements(); |
|
187 } |
|
188 public boolean engineContainsAlias(String alias) { |
|
189 return false; |
|
190 } |
|
191 public int engineSize() { |
|
192 return 0; |
|
193 } |
|
194 public boolean engineIsKeyEntry(String alias) { |
|
195 return false; |
|
196 } |
|
197 public boolean engineIsCertificateEntry(String alias) { |
|
198 return false; |
|
199 } |
|
200 public String engineGetCertificateAlias(Certificate cert) { |
|
201 return null; |
|
202 } |
|
203 public void engineStore(OutputStream stream, char[] password) { |
|
204 // |
|
205 } |
|
206 public void engineLoad(InputStream stream, char[] password) throws IOException { |
|
207 // |
|
208 } |
|
209 } |
|
210 |
|
211 public static class MyKeyStoreSpi extends BaseKeyStoreSpi { |
|
212 public void engineLoad(InputStream stream, char[] pw) throws IOException { |
|
213 if (Arrays.equals(password, pw) == false) { |
|
214 Throwable t = new UnrecoverableKeyException("Wrong password: " + new String(pw)); |
|
215 throw (IOException)new IOException("load() failed").initCause(t); |
|
216 } |
|
217 } |
|
218 } |
|
219 |
|
220 private static class MyProvider extends Provider { |
|
221 MyProvider() { |
|
222 super("My", 1.0d, null); |
|
223 put("KeyStore.My", "KeyStoreBuilder$MyKeyStoreSpi"); |
|
224 } |
|
225 } |
|
226 |
|
227 } |