1 /* 2 * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 /* 25 * @test 26 * @bug 8005408 27 * @summary KeyStore API enhancements 28 */ 29 30 import java.io.*; 31 import java.security.*; 32 import java.util.*; 33 import javax.crypto.*; 34 import javax.crypto.spec.*; 35 36 // Store a secret key in a keystore and retrieve it again. 37 38 public class StoreSecretKeyTest { 39 private final static String DIR = System.getProperty("test.src", "."); 40 private static final char[] PASSWORD = "passphrase".toCharArray(); 41 private static final String KEYSTORE = "keystore.p12"; 42 private static final String ALIAS = "my secret key"; 43 44 public static void main(String[] args) throws Exception { 45 46 // Skip test if AES is unavailable 47 try { 48 SecretKeyFactory.getInstance("AES"); 49 } catch (NoSuchAlgorithmException nsae) { 50 System.out.println("AES is unavailable. Skipping test..."); 51 return; 52 } 53 54 new File(KEYSTORE).delete(); 55 56 KeyStore keystore = KeyStore.getInstance("PKCS12"); 57 keystore.load(null, null); 58 59 // Set entry 60 keystore.setEntry(ALIAS, 61 new KeyStore.SecretKeyEntry(generateSecretKey("AES", 128)), 62 new KeyStore.PasswordProtection(PASSWORD)); 63 64 try (FileOutputStream outStream = new FileOutputStream(KEYSTORE)) { 65 System.out.println("Storing keystore to: " + KEYSTORE); 66 keystore.store(outStream, PASSWORD); 67 } 68 69 try (FileInputStream inStream = new FileInputStream(KEYSTORE)) { 70 System.out.println("Loading keystore from: " + KEYSTORE); 71 keystore.load(inStream, PASSWORD); 72 System.out.println("Loaded keystore with " + keystore.size() + 73 " entries"); 74 } 75 76 KeyStore.Entry entry = keystore.getEntry(ALIAS, 77 new KeyStore.PasswordProtection(PASSWORD)); 78 System.out.println("Retrieved entry: " + entry); 79 80 if (entry instanceof KeyStore.SecretKeyEntry) { 81 System.out.println("Retrieved secret key entry: " + entry); 82 } else { 83 throw new Exception("Not a secret key entry"); 84 } 85 } 86 87 private static SecretKey generateSecretKey(String algorithm, int size) 88 throws NoSuchAlgorithmException { 89 90 // Failover to DES if the requested secret key factory is unavailable 91 SecretKeyFactory keyFactory; 92 try { 93 keyFactory = SecretKeyFactory.getInstance(algorithm); 94 } catch (NoSuchAlgorithmException nsae) { 95 keyFactory = SecretKeyFactory.getInstance("DES"); 96 algorithm = "DES"; 97 size = 56; 98 } 99 100 KeyGenerator generator = KeyGenerator.getInstance(algorithm); 101 generator.init(size); 102 return generator.generateKey(); 103 } 104 } | 1 /* 2 * Copyright (c) 2013, 2015 Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 /* 25 * @test 26 * @bug 8005408 8079129 27 * @summary KeyStore API enhancements 28 */ 29 30 import java.io.*; 31 import java.security.*; 32 import java.security.cert.*; 33 import java.security.cert.Certificate; 34 import java.util.*; 35 import javax.crypto.*; 36 import javax.crypto.spec.*; 37 38 // Store a secret key in a keystore and retrieve it again. 39 40 public class StoreSecretKeyTest { 41 private final static String DIR = System.getProperty("test.src", "."); 42 private static final char[] PASSWORD = "passphrase".toCharArray(); 43 private static final String KEYSTORE = "keystore.p12"; 44 private static final String CERT = DIR + "/trusted.pem"; 45 private static final String ALIAS = "my trusted cert"; 46 private static final String ALIAS2 = "my secret key"; 47 48 public static void main(String[] args) throws Exception { 49 50 // Skip test if AES is unavailable 51 try { 52 SecretKeyFactory.getInstance("AES"); 53 } catch (NoSuchAlgorithmException nsae) { 54 System.out.println("AES is unavailable. Skipping test..."); 55 return; 56 } 57 58 new File(KEYSTORE).delete(); 59 60 KeyStore keystore = KeyStore.getInstance("PKCS12"); 61 keystore.load(null, null); 62 63 // Set trusted certificate entry 64 Certificate cert = loadCertificate(CERT); 65 keystore.setEntry(ALIAS, 66 new KeyStore.TrustedCertificateEntry(cert), null); 67 68 // Set secret key entry 69 keystore.setEntry(ALIAS2, 70 new KeyStore.SecretKeyEntry(generateSecretKey("AES", 128)), 71 new KeyStore.PasswordProtection(PASSWORD)); 72 73 try (FileOutputStream outStream = new FileOutputStream(KEYSTORE)) { 74 System.out.println("Storing keystore to: " + KEYSTORE); 75 keystore.store(outStream, PASSWORD); 76 } 77 78 try (FileInputStream inStream = new FileInputStream(KEYSTORE)) { 79 System.out.println("Loading keystore from: " + KEYSTORE); 80 keystore.load(inStream, PASSWORD); 81 System.out.println("Loaded keystore with " + keystore.size() + 82 " entries"); 83 } 84 85 KeyStore.Entry entry = keystore.getEntry(ALIAS2, 86 new KeyStore.PasswordProtection(PASSWORD)); 87 System.out.println("Retrieved entry: " + entry); 88 89 if (entry instanceof KeyStore.SecretKeyEntry) { 90 System.out.println("Retrieved secret key entry: " + entry); 91 } else { 92 throw new Exception("Not a secret key entry"); 93 } 94 } 95 96 private static SecretKey generateSecretKey(String algorithm, int size) 97 throws NoSuchAlgorithmException { 98 99 // Failover to DES if the requested secret key factory is unavailable 100 SecretKeyFactory keyFactory; 101 try { 102 keyFactory = SecretKeyFactory.getInstance(algorithm); 103 } catch (NoSuchAlgorithmException nsae) { 104 keyFactory = SecretKeyFactory.getInstance("DES"); 105 algorithm = "DES"; 106 size = 56; 107 } 108 109 KeyGenerator generator = KeyGenerator.getInstance(algorithm); 110 generator.init(size); 111 return generator.generateKey(); 112 } 113 114 private static Certificate loadCertificate(String certFile) 115 throws Exception { 116 X509Certificate cert = null; 117 try (FileInputStream certStream = new FileInputStream(certFile)) { 118 CertificateFactory factory = 119 CertificateFactory.getInstance("X.509"); 120 return factory.generateCertificate(certStream); 121 } 122 } 123 } |