Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/openjdk-multiarch-jdk8u
 Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/test/java/security/KeyStore/PKCS12/EntryProtectionTest.java
38828 views
1
/*

2
 * Copyright (c) 2012, 2016, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.  Oracle designates this

8
 * particular file as subject to the "Classpath" exception as provided

9
 * by Oracle in the LICENSE file that accompanied this code.

10
 *

11
 * This code is distributed in the hope that it will be useful, but WITHOUT

12
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

13
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

14
 * version 2 for more details (a copy is included in the LICENSE file that

15
 * accompanied this code).

16
 *

17
 * You should have received a copy of the GNU General Public License version

18
 * 2 along with this work; if not, write to the Free Software Foundation,

19
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

20
 *

21
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

22
 * or visit www.oracle.com if you need additional information or have any

23
 * questions.

24
 */

25
import java.io.File;

26
import static java.lang.System.err;

27
import java.security.*;

28
import java.security.cert.Certificate;

29
import java.util.ArrayList;

30
import java.util.List;

31
import java.util.Random;

32
import javax.crypto.spec.PBEParameterSpec;

33
import jdk.testlibrary.RandomFactory;

34
import static java.lang.System.out;

35
import java.util.Arrays;

36


37
/**

38
 * @test

39
 * @bug 8048830

40
 * @summary Test for feature 'support stronger entry protection'. An entry is

41
 * stored to keystore with different PasswordProtection objects which are

42
 * specified by different PBE algorithms (use -Dseed=X to set PRNG seed)

43
 * @library /lib/testlibrary ../

44
 */

45
public class EntryProtectionTest {

46
    private static final char[] PASSWORD = "passwd".toCharArray();

47
    private static final String ALIAS = "testkey";

48
    private static final byte[] SALT = new byte[8];

49
    private static final int ITERATION_COUNT = 1024;

50
    private static final List<KeyStore.PasswordProtection> PASSWORD_PROTECTION

51
            = new ArrayList<>();

52
    private static final String KEYSTORE_PATH = System.getProperty(

53
            "test.classes" + File.separator + "ks.pkcs12",

54
            "." + File.separator + "ks.pkcs12");

55


56
    private void runTest() throws Exception {

57
            KeyStore ksIn = Utils.loadKeyStore(KEYSTORE_PATH,

58
                    Utils.KeyStoreType.pkcs12, PASSWORD);

59
            KeyStore ksTest = KeyStore

60
                    .getInstance(Utils.KeyStoreType.pkcs12.name());

61
            ksTest.load(null);

62
            Certificate cert = ksIn.getCertificate(ALIAS);

63
            Key key = ksIn.getKey(ALIAS, PASSWORD);

64
            KeyStore.Entry keyStoreEntry = new KeyStore.PrivateKeyEntry(

65
                    (PrivateKey) key, new Certificate[]{cert});

66
            for (KeyStore.PasswordProtection passwordAlgorithm :

67
                    PASSWORD_PROTECTION) {

68
                out.println("Try to use: " +

69
                        passwordAlgorithm.getProtectionAlgorithm());

70
                ksTest.setEntry(ALIAS, keyStoreEntry, passwordAlgorithm);

71
                KeyStore.Entry entryRead = ksTest.getEntry(ALIAS,

72
                        new KeyStore.PasswordProtection(PASSWORD));

73
                if (!isPrivateKeyEntriesEqual((KeyStore.PrivateKeyEntry)

74
                        keyStoreEntry, (KeyStore.PrivateKeyEntry)entryRead)) {

75
                    err.println("Original entry in KeyStore: " + keyStoreEntry);

76
                    err.println("Enc/Dec entry : " + entryRead);

77
                    throw new RuntimeException(

78
                            String.format(

79
                                    "Decrypted & original enities do "

80
                                    + "not match. Algo: %s, Actual: %s, "

81
                                    + "Expected: %s",

82
                                    passwordAlgorithm.getProtectionAlgorithm(),

83
                                    entryRead, keyStoreEntry));

84
                }

85
                ksTest.deleteEntry(ALIAS);

86
            }

87
            out.println("Test Passed");

88
    }

89


90
    public static void main(String args[]) throws Exception {

91
        EntryProtectionTest entryProtectionTest = new EntryProtectionTest();

92
        entryProtectionTest.setUp();

93
        entryProtectionTest.runTest();

94
    }

95


96
    private void setUp() {

97
        out.println("Using KEYSTORE_PATH:"+KEYSTORE_PATH);

98
        Utils.createKeyStore(Utils.KeyStoreType.pkcs12, KEYSTORE_PATH, ALIAS);

99
        Random rand = RandomFactory.getRandom();

100
        rand.nextBytes(SALT);

101
        out.print("Salt: ");

102
        for (byte b : SALT) {

103
            out.format("%02X ", b);

104
        }

105
        out.println("");

106
        PASSWORD_PROTECTION

107
                .add(new KeyStore.PasswordProtection(PASSWORD,

108
                                "PBEWithMD5AndDES", new PBEParameterSpec(SALT,

109
                                        ITERATION_COUNT)));

110
        PASSWORD_PROTECTION.add(new KeyStore.PasswordProtection(PASSWORD,

111
                "PBEWithSHA1AndDESede", null));

112
        PASSWORD_PROTECTION.add(new KeyStore.PasswordProtection(PASSWORD,

113
                "PBEWithSHA1AndRC2_40", null));

114
        PASSWORD_PROTECTION.add(new KeyStore.PasswordProtection(PASSWORD,

115
                "PBEWithSHA1AndRC2_128", null));

116
        PASSWORD_PROTECTION.add(new KeyStore.PasswordProtection(PASSWORD,

117
                "PBEWithSHA1AndRC4_40", null));

118
        PASSWORD_PROTECTION.add(new KeyStore.PasswordProtection(PASSWORD,

119
                "PBEWithSHA1AndRC4_128", null));

120
    }

121


122
    /**

123
     * Checks whether given two KeyStore.PrivateKeyEntry parameters are equal

124
     * The KeyStore.PrivateKeyEntry fields like {privateKey, certificateChain[]}

125
     * are checked for equality and another field Set<attributes> is not checked

126
     * as default implementation adds few PKCS12 attributes during read

127
     * operation

128
     * @param  first

129
     *         parameter is of type KeyStore.PrivateKeyEntry

130
     * @param  second

131
     *         parameter is of type KeyStore.PrivateKeyEntry

132
     * @return boolean

133
     *         true when both the KeyStore.PrivateKeyEntry fields are equal

134
    */

135
    boolean isPrivateKeyEntriesEqual(KeyStore.PrivateKeyEntry first,

136
            KeyStore.PrivateKeyEntry second) {

137
        //compare privateKey

138
        if (!Arrays.equals(first.getPrivateKey().getEncoded(),

139
                second.getPrivateKey().getEncoded())) {

140
            err.println("Mismatch found in privateKey!");

141
            return false;

142
        }

143
        //compare certificateChain[]

144
        if (!Arrays.equals(first.getCertificateChain(),

145
                second.getCertificateChain())) {

146
            err.println("Mismatch found in certificate chain!");

147
            return false;

148
        }

149
        return true;

150
    }

151
}

152


153