J. Duke | 319a3b9 | 2007-12-01 00:00:00 +0000 | [diff] [blame^] | 1 | /* |
| 2 | * Copyright 2003-2005 Sun Microsystems, Inc. All Rights Reserved. |
| 3 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
| 4 | * |
| 5 | * This code is free software; you can redistribute it and/or modify it |
| 6 | * under the terms of the GNU General Public License version 2 only, as |
| 7 | * published by the Free Software Foundation. |
| 8 | * |
| 9 | * This code is distributed in the hope that it will be useful, but WITHOUT |
| 10 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| 11 | * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
| 12 | * version 2 for more details (a copy is included in the LICENSE file that |
| 13 | * accompanied this code). |
| 14 | * |
| 15 | * You should have received a copy of the GNU General Public License version |
| 16 | * 2 along with this work; if not, write to the Free Software Foundation, |
| 17 | * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
| 18 | * |
| 19 | * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, |
| 20 | * CA 95054 USA or visit www.sun.com if you need additional information or |
| 21 | * have any questions. |
| 22 | */ |
| 23 | |
| 24 | /** |
| 25 | * @test |
| 26 | * @bug 4938922 4961104 5071293 6236533 |
| 27 | * @summary verify that the KeyStore.Builder API works |
| 28 | * @author Andreas Sterbenz |
| 29 | */ |
| 30 | |
| 31 | import java.io.*; |
| 32 | import java.util.*; |
| 33 | |
| 34 | import java.security.*; |
| 35 | import java.security.KeyStore.*; |
| 36 | import java.security.cert.*; |
| 37 | import java.security.cert.Certificate; |
| 38 | |
| 39 | import javax.security.auth.callback.*; |
| 40 | |
| 41 | public class KeyStoreBuilder { |
| 42 | |
| 43 | private final static String DIR = System.getProperty("test.src", "."); |
| 44 | |
| 45 | private static final char[] password = "passphrase".toCharArray(); |
| 46 | |
| 47 | private static final char[] wrongPassword = "wrong".toCharArray(); |
| 48 | |
| 49 | public static void main(String[] args) throws Exception { |
| 50 | File KSFILE = new File(DIR, "keystore.jks"); |
| 51 | KeyStore ks; |
| 52 | String alias = "vajra"; |
| 53 | Entry entry = null; |
| 54 | |
| 55 | Builder builder; |
| 56 | builder = Builder.newInstance("JKS", null, KSFILE, new PasswordProtection(password)); |
| 57 | ks = builder.getKeyStore(); |
| 58 | System.out.println("-KeyStore: " + ks.size()); |
| 59 | entry = ks.getEntry(alias, builder.getProtectionParameter(alias)); |
| 60 | showEntry(entry); |
| 61 | |
| 62 | builder = Builder.newInstance("JKS", Security.getProvider("Sun"), KSFILE, |
| 63 | new CallbackHandlerProtection(new DummyHandler())); |
| 64 | ks = builder.getKeyStore(); |
| 65 | System.out.println("-KeyStore: " + ks.size()); |
| 66 | entry = ks.getEntry(alias, builder.getProtectionParameter(alias)); |
| 67 | showEntry(entry); |
| 68 | |
| 69 | builder = Builder.newInstance("JKS", null, new PasswordProtection(password)); |
| 70 | ks = builder.getKeyStore(); |
| 71 | int k = ks.size(); |
| 72 | System.out.println("-KeyStore: " + k); |
| 73 | if (k != 0) { |
| 74 | throw new Exception("Size not zero: " + k); |
| 75 | } |
| 76 | |
| 77 | DummyHandler handler = new DummyHandler(); |
| 78 | |
| 79 | handler.useWrongPassword = 2; |
| 80 | builder = Builder.newInstance("JKS", null, KSFILE, new CallbackHandlerProtection(handler)); |
| 81 | ks = builder.getKeyStore(); |
| 82 | System.out.println("-KeyStore: " + ks.size()); |
| 83 | entry = ks.getEntry(alias, builder.getProtectionParameter(alias)); |
| 84 | showEntry(entry); |
| 85 | |
| 86 | handler.useWrongPassword = 3; |
| 87 | builder = Builder.newInstance("JKS", null, KSFILE, new CallbackHandlerProtection(handler)); |
| 88 | try { |
| 89 | ks = builder.getKeyStore(); |
| 90 | throw new Exception("should not succeed"); |
| 91 | } catch (KeyStoreException e) { |
| 92 | System.out.println(e); |
| 93 | } |
| 94 | try { |
| 95 | ks = builder.getKeyStore(); |
| 96 | throw new Exception("should not succeed"); |
| 97 | } catch (KeyStoreException e) { |
| 98 | System.out.println(e); |
| 99 | } |
| 100 | |
| 101 | Provider p = new MyProvider(); |
| 102 | |
| 103 | handler.useWrongPassword = 2; |
| 104 | builder = Builder.newInstance("My", p, new CallbackHandlerProtection(handler)); |
| 105 | ks = builder.getKeyStore(); |
| 106 | k = ks.size(); |
| 107 | System.out.println("-KeyStore: " + k); |
| 108 | if (k != 0) { |
| 109 | throw new Exception("Size not zero: " + k); |
| 110 | } |
| 111 | |
| 112 | handler.useWrongPassword = 3; |
| 113 | builder = Builder.newInstance("My", p, new CallbackHandlerProtection(handler)); |
| 114 | try { |
| 115 | ks = builder.getKeyStore(); |
| 116 | throw new Exception("should not succeed"); |
| 117 | } catch (KeyStoreException e) { |
| 118 | System.out.println(e); |
| 119 | } |
| 120 | try { |
| 121 | ks = builder.getKeyStore(); |
| 122 | throw new Exception("should not succeed"); |
| 123 | } catch (KeyStoreException e) { |
| 124 | System.out.println(e); |
| 125 | } |
| 126 | |
| 127 | System.out.println("-OK"); |
| 128 | } |
| 129 | |
| 130 | private static void showEntry(Entry entry) { |
| 131 | PrivateKeyEntry pke = (PrivateKeyEntry)entry; |
| 132 | X509Certificate cert = (X509Certificate)pke.getCertificate(); |
| 133 | System.out.println("subject: " + cert.getSubjectX500Principal()); |
| 134 | } |
| 135 | |
| 136 | private static class DummyHandler implements CallbackHandler { |
| 137 | |
| 138 | int useWrongPassword; |
| 139 | |
| 140 | public void handle(Callback[] callbacks) |
| 141 | throws IOException, UnsupportedCallbackException { |
| 142 | System.out.println("** Callbackhandler invoked"); |
| 143 | for (int i = 0; i < callbacks.length; i++) { |
| 144 | Callback cb = callbacks[i]; |
| 145 | if (cb instanceof PasswordCallback) { |
| 146 | System.out.println("Found PasswordCallback"); |
| 147 | PasswordCallback pcb = (PasswordCallback)cb; |
| 148 | if (useWrongPassword == 0) { |
| 149 | pcb.setPassword(password); |
| 150 | } else { |
| 151 | pcb.setPassword(wrongPassword); |
| 152 | useWrongPassword--; |
| 153 | } |
| 154 | break; |
| 155 | } |
| 156 | } |
| 157 | } |
| 158 | } |
| 159 | |
| 160 | private static class BaseKeyStoreSpi extends KeyStoreSpi { |
| 161 | public Key engineGetKey(String alias, char[] password) { |
| 162 | return null; |
| 163 | } |
| 164 | public Certificate[] engineGetCertificateChain(String alias) { |
| 165 | return null; |
| 166 | } |
| 167 | public Certificate engineGetCertificate(String alias) { |
| 168 | return null; |
| 169 | } |
| 170 | public Date engineGetCreationDate(String alias) { |
| 171 | return null; |
| 172 | } |
| 173 | public void engineSetKeyEntry(String alias, Key key, char[] password, Certificate[] certs) { |
| 174 | // |
| 175 | } |
| 176 | public void engineSetKeyEntry(String alias, byte[] key, Certificate[] certs) { |
| 177 | // |
| 178 | } |
| 179 | public void engineSetCertificateEntry(String alias, Certificate cert) { |
| 180 | // |
| 181 | } |
| 182 | public void engineDeleteEntry(String alias) { |
| 183 | // |
| 184 | } |
| 185 | public Enumeration<String> engineAliases() { |
| 186 | return new Vector<String>().elements(); |
| 187 | } |
| 188 | public boolean engineContainsAlias(String alias) { |
| 189 | return false; |
| 190 | } |
| 191 | public int engineSize() { |
| 192 | return 0; |
| 193 | } |
| 194 | public boolean engineIsKeyEntry(String alias) { |
| 195 | return false; |
| 196 | } |
| 197 | public boolean engineIsCertificateEntry(String alias) { |
| 198 | return false; |
| 199 | } |
| 200 | public String engineGetCertificateAlias(Certificate cert) { |
| 201 | return null; |
| 202 | } |
| 203 | public void engineStore(OutputStream stream, char[] password) { |
| 204 | // |
| 205 | } |
| 206 | public void engineLoad(InputStream stream, char[] password) throws IOException { |
| 207 | // |
| 208 | } |
| 209 | } |
| 210 | |
| 211 | public static class MyKeyStoreSpi extends BaseKeyStoreSpi { |
| 212 | public void engineLoad(InputStream stream, char[] pw) throws IOException { |
| 213 | if (Arrays.equals(password, pw) == false) { |
| 214 | Throwable t = new UnrecoverableKeyException("Wrong password: " + new String(pw)); |
| 215 | throw (IOException)new IOException("load() failed").initCause(t); |
| 216 | } |
| 217 | } |
| 218 | } |
| 219 | |
| 220 | private static class MyProvider extends Provider { |
| 221 | MyProvider() { |
| 222 | super("My", 1.0d, null); |
| 223 | put("KeyStore.My", "KeyStoreBuilder$MyKeyStoreSpi"); |
| 224 | } |
| 225 | } |
| 226 | |
| 227 | } |