1 #
2 # Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
3 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 #
5 # This code is free software; you can redistribute it and/or modify it
6 # under the terms of the GNU General Public License version 2 only, as
7 # published by the Free Software Foundation.
8 #
9 # This code is distributed in the hope that it will be useful, but WITHOUT
10 # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 # FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 # version 2 for more details (a copy is included in the LICENSE file that
13 # accompanied this code).
14 #
15 # You should have received a copy of the GNU General Public License version
16 # 2 along with this work; if not, write to the Free Software Foundation,
17 # Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 #
19 # Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 # or visit www.oracle.com if you need additional information or have any
21 # questions.
22 #
23
24 # @test
25 # @bug 8023197
26 # @summary Pre-configured command line options for keytool and jarsigner
27 #
28
29 if [ "${TESTJAVA}" = "" ] ; then
30 JAVAC_CMD=`which javac`
31 TESTJAVA=`dirname $JAVAC_CMD`/..
32 fi
33
34 KS=ks
35 KEYTOOL="$TESTJAVA/bin/keytool ${TESTTOOLVMOPTS}"
36 JAR="$TESTJAVA/bin/jar ${TESTTOOLVMOPTS}"
37 JARSIGNER="$TESTJAVA/bin/jarsigner ${TESTTOOLVMOPTS}"
38
39 rm $KS 2> /dev/null
40
41 export PASS=changeit
42
43 # keytool
44
45 cat <<EOF > kt.conf
46 # A Pre-configured options file
47 keytool.all = -storepass:env PASS -keypass:env PASS -keystore \${user.dir}/$KS -debug
48 keytool.genkey = -keyalg ec -ext bc
49 keytool.delete = -keystore nothing
50 EOF
51
52 # kt.conf is read
53 $KEYTOOL -conf kt.conf -genkeypair -dname CN=A -alias a || exit 1
54 $KEYTOOL -conf kt.conf -list -alias a -v > a_certinfo || exit 2
55 grep "Signature algorithm name" a_certinfo | grep ECDSA || exit 3
56 grep "BasicConstraints" a_certinfo || exit 4
57
58 # kt.conf is read, and dup multi-valued options processed as expected
59 $KEYTOOL -conf kt.conf -genkeypair -dname CN=B -alias b -ext ku=ds \
60 || exit 11
61 $KEYTOOL -conf kt.conf -list -alias b -v > b_certinfo || exit 12
62 grep "BasicConstraints" b_certinfo || exit 14
63 grep "DigitalSignature" b_certinfo || exit 15
64
65 # Single-valued option in command section override all
66 $KEYTOOL -conf kt.conf -delete -alias a && exit 16
67
68 # Single-valued option on command line overrides again
69 $KEYTOOL -conf kt.conf -delete -alias b -keystore $KS || exit 17
70
71 # jarsigner
72
73 cat <<EOF > js.conf
74 jarsigner.all = -keystore \${user.dir}/$KS -storepass:env PASS -debug -strict
75 jarsigner.sign = -digestalg SHA1
76 jarsigner.verify = -verbose:summary
77
78 EOF
79
80 $JAR cvf a.jar ks js.conf kt.conf
81
82 $JARSIGNER -conf js.conf a.jar a || exit 21
83 $JARSIGNER -conf js.conf -verify a.jar > jarsigner.out || exit 22
84 grep "and 2 more" jarsigner.out || exit 23
85 $JAR xvf a.jar META-INF/MANIFEST.MF
86 grep "SHA1-Digest" META-INF/MANIFEST.MF || exit 24
87
88 # Error cases
89
90 # File does not exist
91 $KEYTOOL -conf no-such-file -help -list && exit 31
92
93 # Cannot have both standard name (-genkeypair) and legacy name (-genkey)
94 cat <<EOF > bad.conf
95 keytool.all = -storepass:env PASS -keypass:env PASS -keystore ks
96 keytool.genkeypair = -keyalg rsa
97 keytool.genkey = -keyalg ec
98 EOF
99
100 $KEYTOOL -conf bad.conf -genkeypair -alias me -dname "cn=me" && exit 32
101
102 # Unknown options are rejected by tool
103 cat <<EOF > bad.conf
104 keytool.all=-unknown
105 EOF
106
107 $KEYTOOL -conf bad.conf -help -list && exit 33
108
109 # System property must be present
110 cat <<EOF > bad.conf
111 keytool.all = -keystore \${no.such.prop}
112 EOF
113
114 $KEYTOOL -conf bad.conf -help -list && exit 34
115
116 echo Done
117 exit 0