1 /* 2 * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 /* 25 * @test 26 * @bug 8138766 27 * @summary New default -sigalg for keytool 28 * @modules java.base/sun.security.tools.keytool 29 * @modules jdk.crypto.ec 30 * @run main/othervm DefaultSignatureAlgorithm RSA 1024 SHA256withRSA 31 * @run main/othervm DefaultSignatureAlgorithm RSA 3072 SHA256withRSA 32 * @run main/othervm DefaultSignatureAlgorithm RSA 3073 SHA384withRSA 33 * @run main/othervm DefaultSignatureAlgorithm DSA 1024 SHA256withDSA 34 * @run main/othervm/timeout=700 DefaultSignatureAlgorithm DSA 3072 35 * SHA256withDSA 36 * @run main/othervm DefaultSignatureAlgorithm EC 192 SHA256withECDSA 37 * @run main/othervm DefaultSignatureAlgorithm EC 384 SHA384withECDSA 38 * @run main/othervm DefaultSignatureAlgorithm EC 571 SHA512withECDSA 39 * @run main/othervm DefaultSignatureAlgorithm EC 571 SHA256withECDSA 40 * SHA256withECDSA 41 */ 42 43 import sun.security.tools.keytool.Main; 44 45 import java.io.File; 46 import java.security.KeyStore; 47 import java.security.cert.X509Certificate; 48 49 public class DefaultSignatureAlgorithm { 50 51 public static void main(String[] args) throws Exception { 52 if(args == null || args.length < 3) { 53 throw new RuntimeException("Invalid arguments provided."); 54 } 55 String sigAlg = (args.length == 4) ? args[3] : null; 56 run(args[0], Integer.valueOf(args[1]), args[2], sigAlg); 57 } 58 59 private static void run(String keyAlg, int keySize, 60 String expectedSigAlg, String sigAlg) throws Exception { 61 String alias = keyAlg + keySize + System.currentTimeMillis(); 62 String cmd = "-keystore ks -storepass changeit" + 63 " -keypass changeit -alias " + alias + 64 " -keyalg " + keyAlg + " -keysize " + keySize + 65 " -genkeypair -dname CN=" + alias + " -debug"; 66 if (sigAlg != null) { 67 cmd += " -sigalg " + sigAlg; 68 } 69 Main.main(cmd.split(" ")); 70 71 KeyStore ks = KeyStore.getInstance( 72 new File("ks"), "changeit".toCharArray()); 73 X509Certificate cert = (X509Certificate)ks.getCertificate(alias); 74 String actualSigAlg = cert.getSigAlgName(); 75 if (!actualSigAlg.equals(expectedSigAlg)) { 76 throw new Exception("Failure at " + alias + ": expected " 77 + expectedSigAlg + ", actually " + actualSigAlg); 78 } 79 } 80 }