1 # 2 # Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. 3 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 # 5 # This code is free software; you can redistribute it and/or modify it 6 # under the terms of the GNU General Public License version 2 only, as 7 # published by the Free Software Foundation. 8 # 9 # This code is distributed in the hope that it will be useful, but WITHOUT 10 # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 # FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 # version 2 for more details (a copy is included in the LICENSE file that 13 # accompanied this code). 14 # 15 # You should have received a copy of the GNU General Public License version 16 # 2 along with this work; if not, write to the Free Software Foundation, 17 # Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 # 19 # Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 # or visit www.oracle.com if you need additional information or have any 21 # questions. 22 # 23 24 # @test 25 # @bug 8023197 26 # @summary Pre-configured command line options for keytool and jarsigner 27 # 28 29 if [ "${TESTJAVA}" = "" ] ; then 30 JAVAC_CMD=`which javac` 31 TESTJAVA=`dirname $JAVAC_CMD`/.. 32 fi 33 34 KS=ks 35 KEYTOOL="$TESTJAVA/bin/keytool ${TESTTOOLVMOPTS}" 36 JAR="$TESTJAVA/bin/jar ${TESTTOOLVMOPTS}" 37 JARSIGNER="$TESTJAVA/bin/jarsigner ${TESTTOOLVMOPTS}" 38 39 rm $KS 2> /dev/null 40 41 export PASS=changeit 42 43 # keytool 44 45 cat <<EOF > kt.conf 46 # A Pre-configured options file 47 keytool.all = -storepass:env PASS -keypass:env PASS -keystore \${user.dir}/$KS -debug 48 keytool.genkey = -keyalg ec -ext bc 49 keytool.delete = -keystore nothing 50 EOF 51 52 # kt.conf is read 53 $KEYTOOL -conf kt.conf -genkeypair -dname CN=A -alias a || exit 1 54 $KEYTOOL -conf kt.conf -list -alias a -v > a_certinfo || exit 2 55 grep "Signature algorithm name" a_certinfo | grep ECDSA || exit 3 56 grep "BasicConstraints" a_certinfo || exit 4 57 58 # kt.conf is read, and dup multi-valued options processed as expected 59 $KEYTOOL -conf kt.conf -genkeypair -dname CN=B -alias b -ext ku=ds \ 60 || exit 11 61 $KEYTOOL -conf kt.conf -list -alias b -v > b_certinfo || exit 12 62 grep "BasicConstraints" b_certinfo || exit 14 63 grep "DigitalSignature" b_certinfo || exit 15 64 65 # Single-valued option in command section override all 66 $KEYTOOL -conf kt.conf -delete -alias a && exit 16 67 68 # Single-valued option on command line overrides again 69 $KEYTOOL -conf kt.conf -delete -alias b -keystore $KS || exit 17 70 71 # jarsigner 72 73 cat <<EOF > js.conf 74 jarsigner.all = -keystore \${user.dir}/$KS -storepass:env PASS -debug -strict 75 jarsigner.sign = -digestalg SHA1 76 jarsigner.verify = -verbose:summary 77 78 EOF 79 80 $JAR cvf a.jar ks js.conf kt.conf 81 82 $JARSIGNER -conf js.conf a.jar a || exit 21 83 $JARSIGNER -conf js.conf -verify a.jar > jarsigner.out || exit 22 84 grep "and 2 more" jarsigner.out || exit 23 85 $JAR xvf a.jar META-INF/MANIFEST.MF 86 grep "SHA1-Digest" META-INF/MANIFEST.MF || exit 24 87 88 # Error cases 89 90 # File does not exist 91 $KEYTOOL -conf no-such-file -help -list && exit 31 92 93 # Cannot have both standard name (-genkeypair) and legacy name (-genkey) 94 cat <<EOF > bad.conf 95 keytool.all = -storepass:env PASS -keypass:env PASS -keystore ks 96 keytool.genkeypair = -keyalg rsa 97 keytool.genkey = -keyalg ec 98 EOF 99 100 $KEYTOOL -conf bad.conf -genkeypair -alias me -dname "cn=me" && exit 32 101 102 # Unknown options are rejected by tool 103 cat <<EOF > bad.conf 104 keytool.all=-unknown 105 EOF 106 107 $KEYTOOL -conf bad.conf -help -list && exit 33 108 109 # System property must be present 110 cat <<EOF > bad.conf 111 keytool.all = -keystore \${no.such.prop} 112 EOF 113 114 $KEYTOOL -conf bad.conf -help -list && exit 34 115 116 echo Done 117 exit 0