--- /dev/null	Thu May 21 16:13:08 2015
+++ new/test/java/security/KeyStore/TestKeystoreCompat.java	Thu May 21 16:13:07 2015
@@ -0,0 +1,234 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8062552
+ * @run main/othervm TestKeystoreCompat
+ * @summary test compatibility mode for JKS and PKCS12 keystores
+ */
+
+import java.io.*;
+import java.security.*;
+import java.security.KeyStore.*;
+import java.security.cert.*;
+import javax.crypto.*;
+import javax.security.auth.callback.*;
+
+public class TestKeystoreCompat {
+    private static final char[] PASSWORD = "changeit".toCharArray();
+    private static final String DIR = System.getProperty("test.src", ".");
+    private static final String CERT_FILE = "trusted.pem";
+
+    public static final void main(String[] args) throws Exception {
+
+        // Testing empty keystores
+
+        init("empty.jks", "JKS");
+        init("empty.jceks", "JCEKS");
+        init("empty.p12", "PKCS12");
+
+        load("empty.jks", "JKS");
+        load("empty.jceks", "JCEKS");
+        load("empty.p12", "PKCS12");
+        load("empty.p12", "JKS"); // test compatibility mode
+        load("empty.jks", "PKCS12", true); // test without compatibility mode
+        load("empty.jks", "JKS", false); // test without compatibility mode
+        load("empty.p12", "JKS", true); // test without compatibility mode
+        load("empty.p12", "PKCS12", false); // test without compatibility mode
+
+        build("empty.jks", "JKS", true);
+        build("empty.jks", "JKS", false);
+        build("empty.jceks", "JCEKS", true);
+        build("empty.jceks", "JCEKS", false);
+        build("empty.p12", "PKCS12", true);
+        build("empty.p12", "PKCS12", false);
+
+        // Testing keystores containing an X.509 certificate
+
+        X509Certificate cert = loadCertificate(CERT_FILE);
+        init("onecert.jks", "JKS", cert);
+        init("onecert.jceks", "JCEKS", cert);
+        init("onecert.p12", "PKCS12", cert);
+
+        load("onecert.jks", "JKS");
+        load("onecert.jceks", "JCEKS");
+        load("onecert.p12", "PKCS12");
+        load("onecert.p12", "JKS"); // test compatibility mode
+        load("onecert.jks", "PKCS12", true); // test without compatibility mode
+        load("onecert.jks", "JKS", false); // test without compatibility mode
+        load("onecert.p12", "JKS", true); // test without compatibility mode
+        load("onecert.p12", "PKCS12", false); // test without compatibility mode
+
+        build("onecert.jks", "JKS", true);
+        build("onecert.jks", "JKS", false);
+        build("onecert.jceks", "JCEKS", true);
+        build("onecert.jceks", "JCEKS", false);
+        build("onecert.p12", "PKCS12", true);
+        build("onecert.p12", "PKCS12", false);
+
+        // Testing keystores containing a secret key
+
+        SecretKey key = generateSecretKey("AES", 128);
+        init("onekey.jceks", "JCEKS", key);
+        init("onekey.p12", "PKCS12", key);
+
+        load("onekey.jceks", "JCEKS");
+        load("onekey.p12", "PKCS12");
+        load("onekey.p12", "JKS"); // test compatibility mode
+        load("onekey.p12", "JKS", true); // test without compatibility mode
+        load("onekey.p12", "PKCS12", false); // test without compatibility mode
+
+        build("onekey.jceks", "JCEKS", true);
+        build("onekey.jceks", "JCEKS", false);
+        build("onekey.p12", "PKCS12", true);
+        build("onekey.p12", "PKCS12", false);
+
+        System.out.println("OK.");
+    }
+
+    // Instantiate an empty keystore using the supplied keystore type
+    private static void init(String file, String type) throws Exception {
+        KeyStore ks = KeyStore.getInstance(type);
+        ks.load(null, null);
+        try (OutputStream stream = new FileOutputStream(file)) {
+            ks.store(stream, PASSWORD);
+        }
+        System.out.println("Created a " + type + " keystore named '" + file + "'");
+    }
+
+    // Instantiate a keystore using the supplied keystore type & create an entry
+    private static void init(String file, String type, X509Certificate cert)
+        throws Exception {
+        KeyStore ks = KeyStore.getInstance(type);
+        ks.load(null, null);
+        ks.setEntry("mycert", new KeyStore.TrustedCertificateEntry(cert), null);
+        try (OutputStream stream = new FileOutputStream(file)) {
+            ks.store(stream, PASSWORD);
+        }
+        System.out.println("Created a " + type + " keystore named '" + file + "'");
+    }
+
+    // Instantiate a keystore using the supplied keystore type & create an entry
+    private static void init(String file, String type, SecretKey key)
+        throws Exception {
+        KeyStore ks = KeyStore.getInstance(type);
+        ks.load(null, null);
+        ks.setEntry("mykey", new KeyStore.SecretKeyEntry(key),
+            new PasswordProtection(PASSWORD));
+        try (OutputStream stream = new FileOutputStream(file)) {
+            ks.store(stream, PASSWORD);
+        }
+        System.out.println("Created a " + type + " keystore named '" + file + "'");
+    }
+
+    // Instantiate a keystore by probing the supplied file for the keystore type
+    private static void build(String file, String type, boolean usePassword)
+        throws Exception {
+
+        Builder builder;
+        if (usePassword) {
+            builder = Builder.newInstance(type, null, new File(file),
+                new PasswordProtection(PASSWORD));
+        } else {
+            builder = Builder.newInstance(type, null, new File(file),
+                new CallbackHandlerProtection(new DummyHandler()));
+        }
+        KeyStore ks = builder.getKeyStore();
+        if (!type.equalsIgnoreCase(ks.getType())) {
+            throw new Exception("ERROR: expected a " + type + " keystore, " +
+                "got a " + ks.getType() + " keystore instead");
+        } else {
+            System.out.println("Built a " + type + " keystore named '" + file + "'");
+        }
+    }
+
+    // Load the keystore entries
+    private static void load(String file, String type) throws Exception {
+        KeyStore ks = KeyStore.getInstance(type);
+        try (InputStream stream = new FileInputStream(file)) {
+            ks.load(stream, PASSWORD);
+        }
+        if (!type.equalsIgnoreCase(ks.getType())) {
+            throw new Exception("ERROR: expected a " + type + " keystore, " +
+                "got a " + ks.getType() + " keystore instead");
+        } else {
+            System.out.println("Loaded a " + type + " keystore named '" + file + "'");
+        }
+    }
+
+    // Load the keystore entries (with compatibility mode disabled)
+    private static void load(String file, String type, boolean expectFailure)
+        throws Exception {
+        Security.setProperty("keystore.type.compat", "false");
+        try {
+            load(file, type);
+            if (expectFailure) {
+                throw new Exception("ERROR: expected load to fail but it didn't");
+            }
+        } catch (IOException e) {
+            if (expectFailure) {
+                System.out.println("Failed to load a " + type + " keystore named '" + file + "' (as expected)");
+            } else {
+                throw e;
+            }
+        } finally {
+            Security.setProperty("keystore.type.compat", "true");
+        }
+    }
+
+    // Read an X.509 certificate from the supplied file
+    private static X509Certificate loadCertificate(String certFile)
+        throws Exception {
+        X509Certificate cert = null;
+        try (FileInputStream certStream =
+            new FileInputStream(DIR + "/" + certFile)) {
+            CertificateFactory factory =
+                CertificateFactory.getInstance("X.509");
+            return (X509Certificate) factory.generateCertificate(certStream);
+        }
+    }
+
+    // Generate a secret key using the supplied algorithm name and key size
+    private static SecretKey generateSecretKey(String algorithm, int size)
+        throws NoSuchAlgorithmException {
+        KeyGenerator generator = KeyGenerator.getInstance(algorithm);
+        generator.init(size);
+        return generator.generateKey();
+    }
+
+    private static class DummyHandler implements CallbackHandler {
+        public void handle(Callback[] callbacks)
+            throws IOException, UnsupportedCallbackException {
+            System.out.println("** Callbackhandler invoked");
+            for (int i = 0; i < callbacks.length; i++) {
+                Callback cb = callbacks[i];
+                if (cb instanceof PasswordCallback) {
+                    PasswordCallback pcb = (PasswordCallback)cb;
+                    pcb.setPassword(PASSWORD);
+                    break;
+                }
+            }
+        }
+    }
+}