Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/test/sun/security/tools/keytool/PSS.java
38853 views
/*1* Copyright (c) 2019, 2020, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation.7*8* This code is distributed in the hope that it will be useful, but WITHOUT9* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or10* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License11* version 2 for more details (a copy is included in the LICENSE file that12* accompanied this code).13*14* You should have received a copy of the GNU General Public License version15* 2 along with this work; if not, write to the Free Software Foundation,16* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.17*18* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA19* or visit www.oracle.com if you need additional information or have any20* questions.21*/2223/*24* @test25* @bug 821569426* @summary keytool cannot generate RSASSA-PSS certificates27* @library /lib/testlibrary28* @run main/timeout=600 PSS29*/3031import jdk.testlibrary.Asserts;32import jdk.testlibrary.security.DerUtils;33import sun.security.util.ObjectIdentifier;34import sun.security.x509.AlgorithmId;3536import java.io.File;37import java.io.FileInputStream;38import java.security.KeyStore;39import java.security.cert.X509Certificate;4041public class PSS {4243public static void main(String[] args) throws Exception {4445// make sure no old file exists46new File("ks").delete();4748genkeypair("p", "-keyalg RSASSA-PSS -sigalg RSASSA-PSS");49genkeypair("a", "-keyalg RSA -sigalg RSASSA-PSS -keysize 2048");50genkeypair("b", "-keyalg RSA -sigalg RSASSA-PSS -keysize 4096");51genkeypair("c", "-keyalg RSA -sigalg RSASSA-PSS -keysize 8192");5253//@since jdk954//KeyStore ks = KeyStore.getInstance(55// new File("ks"), "changeit".toCharArray());5657KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());58// get user password and file input stream59char[] password = "changeit".toCharArray();60try (FileInputStream fis = new FileInputStream("ks")) {61ks.load(fis, password);62}6364check((X509Certificate)ks.getCertificate("p"), "RSASSA-PSS",65AlgorithmId.SHA256_oid);6667check((X509Certificate)ks.getCertificate("a"), "RSA",68AlgorithmId.SHA256_oid);6970check((X509Certificate)ks.getCertificate("b"), "RSA",71AlgorithmId.SHA384_oid);7273check((X509Certificate)ks.getCertificate("c"), "RSA",74AlgorithmId.SHA512_oid);7576// More commands77kt("-certreq -alias p -sigalg RSASSA-PSS -file p.req");7879kt("-gencert -alias a -sigalg RSASSA-PSS -infile p.req -outfile p.cert");80kt("-importcert -alias p -file p.cert");8182kt("-selfcert -alias p -sigalg RSASSA-PSS");83}8485static void genkeypair(String alias, String options)86throws Exception {87kt("-genkeypair -alias " + alias88+ " -dname CN=" + alias + " " + options);89}9091static void kt(String cmd) throws Exception {92String listStr = "-storepass changeit -keypass changeit "93+ "-keystore ks " + cmd;94sun.security.tools.keytool.Main.main(listStr.split(" "));95}9697static void check(X509Certificate cert, String expectedKeyAlg,98ObjectIdentifier expectedMdAlg) throws Exception {99Asserts.assertEQ(cert.getPublicKey().getAlgorithm(), expectedKeyAlg);100Asserts.assertEQ(cert.getSigAlgName(), "RSASSA-PSS");101DerUtils.checkAlg(cert.getSigAlgParams(), "000", expectedMdAlg);102}103}104105106