Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/test/sun/security/pkcs11/Secmod/GetPrivateKey.java
38855 views
/*1* Copyright (c) 2005, 2016, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation.7*8* This code is distributed in the hope that it will be useful, but WITHOUT9* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or10* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License11* version 2 for more details (a copy is included in the LICENSE file that12* accompanied this code).13*14* You should have received a copy of the GNU General Public License version15* 2 along with this work; if not, write to the Free Software Foundation,16* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.17*18* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA19* or visit www.oracle.com if you need additional information or have any20* questions.21*/2223/**24* @test25* @bug 6273877 6322208 627552326* @summary make sure we can access the NSS softtoken KeyStore and use a private key27* @author Andreas Sterbenz28* @library ..29* @run main/othervm GetPrivateKey30* @run main/othervm GetPrivateKey sm policy31* @key randomness32*/3334import java.io.File;35import java.security.KeyStore;36import java.security.PrivateKey;37import java.security.Provider;38import java.security.Security;39import java.security.Signature;40import java.security.cert.X509Certificate;41import java.util.Collection;42import java.util.Collections;43import java.util.TreeSet;4445public class GetPrivateKey extends SecmodTest {4647public static void main(String[] args) throws Exception {48if (initSecmod() == false) {49return;50}5152String configName = BASE + SEP + "nss.cfg";53Provider p = getSunPKCS11(configName);5455System.out.println(p);56Security.addProvider(p);5758if (args.length > 1 && "sm".equals(args[0])) {59System.setProperty("java.security.policy",60BASE + File.separator + args[1]);61System.setSecurityManager(new SecurityManager());62}6364KeyStore ks = KeyStore.getInstance(PKCS11, p);65ks.load(null, password);66Collection<String> aliases = new TreeSet<>(67Collections.list(ks.aliases()));68System.out.println("entries: " + aliases.size());69System.out.println(aliases);7071PrivateKey privateKey = (PrivateKey)ks.getKey(keyAlias, password);72System.out.println(privateKey);7374byte[] data = generateData(1024);7576System.out.println("Signing...");77Signature signature = Signature.getInstance("MD5withRSA");78signature.initSign(privateKey);79signature.update(data);80byte[] sig = signature.sign();8182X509Certificate[] chain =83(X509Certificate[]) ks.getCertificateChain(keyAlias);84signature.initVerify(chain[0].getPublicKey());85signature.update(data);86boolean ok = signature.verify(sig);87if (ok == false) {88throw new Exception("Signature verification error");89}9091System.out.println("OK");9293}9495}969798