stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
jdk-24/jdk/test/java/security/KeyStore/PBETest.java
Vinnie Ryan 7dcd0b38a8 8006591: Protect keystore entries using stronger PBE algorithms 
Reviewed-by: mullan
2013-01-23 21:25:49 +00:00

103 lines
3.9 KiB
Java
Raw Blame History

/*
* Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* @test
* @bug 8006591
* @summary Protect keystore entries using stronger PBE algorithms
*/
import java.io.*;
import java.security.*;
import javax.crypto.spec.*;
// Retrieve a keystore entry, protected by the default encryption algorithm.
// Set the keystore entry, protected by a stronger encryption algorithm.
public class PBETest {
private final static String DIR = System.getProperty("test.src", ".");
private static final String PBE_ALGO = "PBEWithHmacSHA1AndAES_128";
private static final char[] PASSWORD = "passphrase".toCharArray();
private static final String KEYSTORE_TYPE = "JKS";
private static final String KEYSTORE = DIR + "/keystore.jks";
private static final String NEW_KEYSTORE_TYPE = "PKCS12";
private static final String NEW_KEYSTORE = PBE_ALGO + ".p12";
private static final String ALIAS = "vajra";
private static final byte[] IV = {
0x11,0x12,0x13,0x14,0x15,0x16,0x17,0x18,
0x19,0x1A,0x1B,0x1C,0x1D,0x1E,0x1F,0x20
};
private static final byte[] SALT = {
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08
};
private static final int ITERATION_COUNT = 1024;
public static void main(String[] args) throws Exception {
new File(NEW_KEYSTORE).delete();
try {
KeyStore keystore = load(KEYSTORE_TYPE, KEYSTORE, PASSWORD);
KeyStore.Entry entry =
keystore.getEntry(ALIAS,
new KeyStore.PasswordProtection(PASSWORD));
System.out.println("Retrieved entry named '" + ALIAS + "'");
// Set entry
KeyStore keystore2 = load(NEW_KEYSTORE_TYPE, null, null);
keystore2.setEntry(ALIAS, entry,
new KeyStore.PasswordProtection(PASSWORD, PBE_ALGO,
new PBEParameterSpec(SALT, ITERATION_COUNT,
new IvParameterSpec(IV))));
System.out.println("Encrypted entry using: " + PBE_ALGO);
System.out.println("Storing keystore to: " + NEW_KEYSTORE);
keystore2.store(new FileOutputStream(NEW_KEYSTORE), PASSWORD);
keystore2 = load(NEW_KEYSTORE_TYPE, NEW_KEYSTORE, PASSWORD);
entry = keystore2.getEntry(ALIAS,
new KeyStore.PasswordProtection(PASSWORD));
System.out.println("Retrieved entry named '" + ALIAS + "'");
} finally {
new File(NEW_KEYSTORE).delete();
System.out.println("Deleted keystore: " + NEW_KEYSTORE);
}
}
private static KeyStore load(String type, String path, char[] password)
throws Exception {
FileInputStream stream = null;
if (path != null) {
stream = new FileInputStream(path);
}
KeyStore keystore = KeyStore.getInstance(type);
System.out.println("Loading keystore from: " + path);
keystore.load(stream, password);
return keystore;
}
}
Reference in New Issue View Git Blame Copy Permalink