1 /*
2  * Copyright (c) 2012, 2016, Oracle and/or its affiliates. All rights reserved.
3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4  *
5  * This code is free software; you can redistribute it and/or modify it
6  * under the terms of the GNU General Public License version 2 only, as
7  * published by the Free Software Foundation.
8  *
9  * This code is distributed in the hope that it will be useful, but WITHOUT
10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12  * version 2 for more details (a copy is included in the LICENSE file that
13  * accompanied this code).
14  *
15  * You should have received a copy of the GNU General Public License version
16  * 2 along with this work; if not, write to the Free Software Foundation,
17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18  *
19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20  * or visit www.oracle.com if you need additional information or have any
21  * questions.
22  */
23 
24 import java.io.File;
25 import java.io.IOException;
26 import java.nio.file.Files;
27 import java.nio.file.StandardOpenOption;
28 import java.util.Base64;
29 import jdk.testlibrary.OutputAnalyzer;
30 import static java.lang.System.out;
31 import java.nio.file.Paths;
32 import java.util.List;
33 
34 /**
35  * @test
36  * @bug 8048830
37  * @summary Test for PKCS12 keystore list , export commands. Refer README for
38  * keystore files information
39  * @library /lib/testlibrary ../
40  * @run main KeytoolReaderP12Test
41  */
42 public class KeytoolReaderP12Test {
43     private static final String WORKING_DIRECTORY = System.getProperty(
44             "test.classes", "."+ File.separator);
45     private static final String KS_PASSWD = "storepass";
46     private static final String CERT_CHAIN_PASSWD = "password";
47     private static final String SOURCE_DIRECTORY =
48             System.getProperty("test.src", "." + File.separator);
49 
main(String[] args)50     public static void main(String[] args) throws Exception {
51         List<String> expectedValues = null;
52         out.println("Self signed test");
53         expectedValues = Files.readAllLines(Paths.get(SOURCE_DIRECTORY,
54                 "api_private_key.p12_expected.data"));
55         readTest("api_private_key.p12.data", KS_PASSWD, expectedValues);
56         out.println("Self signed test Passed");
57 
58         out.println("private key with selfsigned cert, key pair not match");
59         expectedValues = Files.readAllLines(Paths.get(SOURCE_DIRECTORY,
60                 "api_private_key_not_match.p12_expected.data"));
61         readTest("api_private_key_not_match.p12.data", KS_PASSWD,
62                 expectedValues);
63         out.println("private key with selfsigned cert, key pair "
64                 + "not match passed");
65 
66         out.println("cert chain test");
67         expectedValues = Files.readAllLines(Paths.get(SOURCE_DIRECTORY,
68                 "api_cert_chain.p12_expected.data"));
69         readTest("api_cert_chain.p12.data", CERT_CHAIN_PASSWD, expectedValues);
70         out.println("cert chain test passed");
71 
72         out.println("IE self test");
73         expectedValues = Files.readAllLines(Paths.get(SOURCE_DIRECTORY,
74                 "ie_self.pfx.pem"));
75         exportTest("ie_self.pfx.data", "pkcs12testenduser1",
76                 KS_PASSWD, expectedValues);
77         out.println("IE self test passed");
78 
79         out.println("IE chain test");
80         expectedValues = Files.readAllLines(Paths.get(SOURCE_DIRECTORY,
81                 "ie_chain.pfx.pem"));
82         exportTest("ie_chain.pfx.data", "servercert",
83                 CERT_CHAIN_PASSWD, expectedValues);
84         out.println("IE chain test passed");
85 
86         out.println("Netscape self");
87         expectedValues = Files.readAllLines(Paths.get(SOURCE_DIRECTORY,
88                 "netscape_self.p12.pem"));
89         exportTest("netscape_self.p12.data", "pkcs12testenduser1",
90                 KS_PASSWD, expectedValues);
91         out.println("Netscape self passed");
92 
93         out.println("Mozilla self test");
94         expectedValues = Files.readAllLines(Paths.get(SOURCE_DIRECTORY,
95                 "mozilla_self.p12.pem"));
96         exportTest("mozilla_self.p12.data", "pkcs12testenduser1",
97                 KS_PASSWD, expectedValues);
98         out.println("Mozilla self test passed");
99 
100         out.println("Openssl test");
101         expectedValues = Files.readAllLines(Paths.get(SOURCE_DIRECTORY,
102                 "openssl.p12.pem"));
103         exportTest("openssl.p12.data", "servercert", CERT_CHAIN_PASSWD, expectedValues);
104         out.println("openssl test passed");
105 
106         out.println("with different keystore and entrykey password");
107         expectedValues = Files.readAllLines(Paths.get(SOURCE_DIRECTORY,
108                 "api_two_pass.p12_expected.data"));
109         readTest("api_two_pass.p12.data", KS_PASSWD,
110                 expectedValues);
111         out.println("two pass test passed");
112     }
113 
readTest(String name, String password, List<String> expectedValues)114     private static void readTest(String name, String password,
115             List<String> expectedValues)
116             throws IOException {
117         convertToPFX(name);
118         final String[] command = new String[]{"-debug", "-list", "-v",
119             "-keystore", WORKING_DIRECTORY + File.separator + name,
120             "-storetype", "pkcs12", "-storepass", password};
121         runAndValidate(command, expectedValues);
122     }
123 
exportTest(String name, String alias, String password, List<String> expectedValues)124     private static void exportTest(String name, String alias,
125             String password, List<String> expectedValues)
126             throws IOException {
127         convertToPFX(name);
128         final String[] command = new String[]{"-debug", "-export", "-alias",
129             alias, "-keystore", WORKING_DIRECTORY + File.separator + name,
130             "-storepass", password, "-storetype", "pkcs12", "-rfc"};
131         runAndValidate(command, expectedValues);
132     }
133 
runAndValidate(String[] command, List<String> expectedValues)134     private static void runAndValidate(String[] command,
135             List<String> expectedValues) throws IOException {
136         OutputAnalyzer output = Utils.executeKeytoolCommand(command);
137         if (expectedValues != null) {
138             expectedValues.stream().forEach(line -> {
139                 output.shouldContain(line);
140             });
141         }
142     }
143 
144     /**
145      * Decodes the base64 encoded keystore and writes into new file
146      * @param name base64 encoded keystore name
147      */
convertToPFX(String name)148     private static void convertToPFX(String name) throws IOException{
149         File base64File = new File(SOURCE_DIRECTORY, name);
150         File pkcs12File = new File(WORKING_DIRECTORY, name);
151         byte[] input = Files.readAllBytes(base64File.toPath());
152         Files.write(pkcs12File.toPath(), Base64.getMimeDecoder().
153                 decode(input), StandardOpenOption.CREATE);
154     }
155 }
156