1 /*
2 * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
155 // never block at user input
156
157 // use -debug so that main() will throw an Exception
158 // instead of calling System.exit()
159 sun.security.tools.keytool.Main.main(("-debug "+cmd).split("\\s+"));
160 } finally {
161 out = b1.toString();
162 err = b2.toString();
163 ex = out; // now it goes to System.out
164 System.setIn(i1);
165 System.setOut(p1);
166 System.setErr(p2);
167 }
168 }
169
170 /**
171 * Call this method if you expect test(input, cmd) should go OK
172 */
173 void testOK(String input, String cmd) throws Exception {
174 try {
175 test(input, cmd);
176 } catch(Exception e) {
177 afterFail(input, cmd, "OK");
178 throw e;
179 }
180 }
181
182 /**
183 * Call this method if you expect test(input, cmd) should fail and throw
184 * an exception
185 */
186 void testFail(String input, String cmd) throws Exception {
187 boolean ok;
188 try {
189 test(input, cmd);
190 ok = true;
191 } catch(Exception e) {
192 if (e instanceof MissingResourceException) {
193 ok = true;
194 } else {
230 throw new RuntimeException();
231 }
232 }
233
234 /**
235 * Call this method if you just want to run the command and does
236 * not care if it succeeds or fails.
237 */
238 void testAnyway(String input, String cmd) {
239 try {
240 test(input, cmd);
241 } catch(Exception e) {
242 ;
243 }
244 }
245
246 /**
247 * Helper method, print some output after a test does not do as expected
248 */
249 void afterFail(String input, String cmd, String should) {
250 System.err.println("\nTest fails for the command ---\n" +
251 "keytool " + cmd + "\nOr its debug version ---\n" +
252 "keytool -debug " + cmd);
253
254 System.err.println("The command result should be " + should +
255 ", but it's not. Try run the command manually and type" +
256 " these input into it: ");
257 char[] inputChars = input.toCharArray();
258
259 for (int i=0; i<inputChars.length; i++) {
260 char ch = inputChars[i];
261 if (ch == '\n') System.err.print("ENTER ");
262 else if (ch == ' ') System.err.print("SPACE ");
263 else System.err.print(ch + " ");
264 }
265 System.err.println("");
266
267 System.err.println("ERR is:\n"+err);
268 System.err.println("OUT is:\n"+out);
269 }
784 }
785
786 void sqeDeleteTest() throws Exception {
787 remove("x.jks");
788 testFail("", "-keystore x.jks -storepass changeit -delete -alias mykey"); // nonexist
789 testOK("", "-keystore x.jks -storepass changeit -keypass changeit -genkeypair -dname CN=olala");
790 testOK("", "-keystore x.jks -storepass changeit -delete -alias mykey");
791 testOK("", "-keystore x.jks -storepass changeit -keypass changeit -genkeypair -dname CN=olala");
792 testFail("", "-keystore aa\\bb//cc\\dd -storepass changeit -delete -alias mykey"); // keystore name illegal
793 testFail("", "-keystore nonexistkeystore -storepass changeit -delete -alias mykey"); // keystore not exist
794 testFail("", "-keystore badkeystore -storepass changeit -delete -alias mykey"); // keystore invalid
795 testFail("", "-keystore x.jks -storepass xxxxxxxx -delete -alias mykey"); // wrong pass
796 remove("x.jks");
797 }
798
799 void sqeCsrTest() throws Exception {
800 remove("x.jks");
801 remove("x.jks.p1.cert");
802 remove("csr1");
803 // PrivateKeyEntry can do certreq
804 testOK("", "-keystore x.jks -storepass changeit -keypass changeit -genkeypair -dname CN=olala");
805 testOK("", "-keystore x.jks -storepass changeit -certreq -file csr1 -alias mykey");
806 testOK("", "-keystore x.jks -storepass changeit -certreq -file csr1");
807 testOK("", "-keystore x.jks -storepass changeit -certreq -file csr1 -sigalg SHA1withDSA");
808 testFail("", "-keystore x.jks -storepass changeit -certreq -file csr1 -sigalg MD5withRSA"); // unmatched sigalg
809 // misc test
810 testFail("", "-keystore x.jks -storepass badstorepass -certreq -file csr1"); // bad storepass
811 testOK("changeit\n", "-keystore x.jks -certreq -file csr1"); // storepass from terminal
812 testFail("\n", "-keystore x.jks -certreq -file csr1"); // must provide storepass
813 testFail("", "-keystore x.jks -storepass changeit -keypass badkeypass -certreq -file csr1"); // bad keypass
814 testFail("", "-keystore x.jks -storepass changeit -certreq -file aa\\bb//cc\\dd"); // bad filepath
815 testFail("", "-keystore noexistks -storepass changeit -certreq -file csr1"); // non-existing keystore
816 // Try the RSA private key
817 testOK("", "-keystore x.jks -storepass changeit -delete -alias mykey");
818 testOK("", "-keystore x.jks -storepass changeit -keypass changeit -genkeypair -dname CN=olala -keyalg RSA");
819 testOK("", "-keystore x.jks -storepass changeit -certreq -file csr1 -alias mykey");
820 testOK("", "-keystore x.jks -storepass changeit -certreq -file csr1");
821 testFail("", "-keystore x.jks -storepass changeit -certreq -file csr1 -sigalg SHA1withDSA"); // unmatched sigalg
822 testOK("", "-keystore x.jks -storepass changeit -certreq -file csr1 -sigalg MD5withRSA");
823 // TrustedCertificateEntry cannot do certreq
824 testOK("", "-keystore x.jks -storepass changeit -exportcert -file x.jks.p1.cert");
|
1 /*
2 * Copyright (c) 2005, 2017, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
155 // never block at user input
156
157 // use -debug so that main() will throw an Exception
158 // instead of calling System.exit()
159 sun.security.tools.keytool.Main.main(("-debug "+cmd).split("\\s+"));
160 } finally {
161 out = b1.toString();
162 err = b2.toString();
163 ex = out; // now it goes to System.out
164 System.setIn(i1);
165 System.setOut(p1);
166 System.setErr(p2);
167 }
168 }
169
170 /**
171 * Call this method if you expect test(input, cmd) should go OK
172 */
173 void testOK(String input, String cmd) throws Exception {
174 try {
175 // Workaround for "8057810: Make SHA256withDSA the default
176 // jarsigner and keytool algorithm for DSA keys". Unfortunately
177 // SunPKCS11-NSS does not support SHA256withDSA yet.
178 if (cmd.contains("p11-nss.txt") && cmd.contains("-genkey")
179 && !cmd.contains("-keyalg")) {
180 cmd += " -sigalg SHA1withDSA -keysize 1024";
181 }
182 test(input, cmd);
183 } catch(Exception e) {
184 afterFail(input, cmd, "OK");
185 throw e;
186 }
187 }
188
189 /**
190 * Call this method if you expect test(input, cmd) should fail and throw
191 * an exception
192 */
193 void testFail(String input, String cmd) throws Exception {
194 boolean ok;
195 try {
196 test(input, cmd);
197 ok = true;
198 } catch(Exception e) {
199 if (e instanceof MissingResourceException) {
200 ok = true;
201 } else {
237 throw new RuntimeException();
238 }
239 }
240
241 /**
242 * Call this method if you just want to run the command and does
243 * not care if it succeeds or fails.
244 */
245 void testAnyway(String input, String cmd) {
246 try {
247 test(input, cmd);
248 } catch(Exception e) {
249 ;
250 }
251 }
252
253 /**
254 * Helper method, print some output after a test does not do as expected
255 */
256 void afterFail(String input, String cmd, String should) {
257 if (cmd.contains("p11-nss.txt")) {
258 cmd = "-J-Dnss.lib=" + System.getProperty("nss.lib") + " " + cmd;
259 }
260 System.err.println("\nTest fails for the command ---\n" +
261 "keytool " + cmd + "\nOr its debug version ---\n" +
262 "keytool -debug " + cmd);
263
264 System.err.println("The command result should be " + should +
265 ", but it's not. Try run the command manually and type" +
266 " these input into it: ");
267 char[] inputChars = input.toCharArray();
268
269 for (int i=0; i<inputChars.length; i++) {
270 char ch = inputChars[i];
271 if (ch == '\n') System.err.print("ENTER ");
272 else if (ch == ' ') System.err.print("SPACE ");
273 else System.err.print(ch + " ");
274 }
275 System.err.println("");
276
277 System.err.println("ERR is:\n"+err);
278 System.err.println("OUT is:\n"+out);
279 }
794 }
795
796 void sqeDeleteTest() throws Exception {
797 remove("x.jks");
798 testFail("", "-keystore x.jks -storepass changeit -delete -alias mykey"); // nonexist
799 testOK("", "-keystore x.jks -storepass changeit -keypass changeit -genkeypair -dname CN=olala");
800 testOK("", "-keystore x.jks -storepass changeit -delete -alias mykey");
801 testOK("", "-keystore x.jks -storepass changeit -keypass changeit -genkeypair -dname CN=olala");
802 testFail("", "-keystore aa\\bb//cc\\dd -storepass changeit -delete -alias mykey"); // keystore name illegal
803 testFail("", "-keystore nonexistkeystore -storepass changeit -delete -alias mykey"); // keystore not exist
804 testFail("", "-keystore badkeystore -storepass changeit -delete -alias mykey"); // keystore invalid
805 testFail("", "-keystore x.jks -storepass xxxxxxxx -delete -alias mykey"); // wrong pass
806 remove("x.jks");
807 }
808
809 void sqeCsrTest() throws Exception {
810 remove("x.jks");
811 remove("x.jks.p1.cert");
812 remove("csr1");
813 // PrivateKeyEntry can do certreq
814 testOK("", "-keystore x.jks -storepass changeit -keypass changeit -genkeypair -dname CN=olala -keysize 1024");
815 testOK("", "-keystore x.jks -storepass changeit -certreq -file csr1 -alias mykey");
816 testOK("", "-keystore x.jks -storepass changeit -certreq -file csr1");
817 testOK("", "-keystore x.jks -storepass changeit -certreq -file csr1 -sigalg SHA1withDSA");
818 testFail("", "-keystore x.jks -storepass changeit -certreq -file csr1 -sigalg MD5withRSA"); // unmatched sigalg
819 // misc test
820 testFail("", "-keystore x.jks -storepass badstorepass -certreq -file csr1"); // bad storepass
821 testOK("changeit\n", "-keystore x.jks -certreq -file csr1"); // storepass from terminal
822 testFail("\n", "-keystore x.jks -certreq -file csr1"); // must provide storepass
823 testFail("", "-keystore x.jks -storepass changeit -keypass badkeypass -certreq -file csr1"); // bad keypass
824 testFail("", "-keystore x.jks -storepass changeit -certreq -file aa\\bb//cc\\dd"); // bad filepath
825 testFail("", "-keystore noexistks -storepass changeit -certreq -file csr1"); // non-existing keystore
826 // Try the RSA private key
827 testOK("", "-keystore x.jks -storepass changeit -delete -alias mykey");
828 testOK("", "-keystore x.jks -storepass changeit -keypass changeit -genkeypair -dname CN=olala -keyalg RSA");
829 testOK("", "-keystore x.jks -storepass changeit -certreq -file csr1 -alias mykey");
830 testOK("", "-keystore x.jks -storepass changeit -certreq -file csr1");
831 testFail("", "-keystore x.jks -storepass changeit -certreq -file csr1 -sigalg SHA1withDSA"); // unmatched sigalg
832 testOK("", "-keystore x.jks -storepass changeit -certreq -file csr1 -sigalg MD5withRSA");
833 // TrustedCertificateEntry cannot do certreq
834 testOK("", "-keystore x.jks -storepass changeit -exportcert -file x.jks.p1.cert");
|