2023-05-19 17:46:41 +00:00

94 lines
4.2 KiB
Java

/*
* Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import jdk.test.lib.Asserts;
import jdk.test.lib.SecurityTools;
import jdk.test.lib.Utils;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Path;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.List;
import static jdk.test.lib.security.XMLUtils.*;
/**
* @test
* @bug 8305972
* @summary Basic tests using XMLUtils
* @library /test/lib
* @modules java.xml.crypto
*/
public class Basic {
public static void main(String[] args) throws Exception {
var x = "<a><b>c</b>x</a>";
var p = Files.write(Path.of("x.xml"), List.of(x));
var b = Path.of("").toUri().toString();
var d = string2doc(x);
var pass = "changeit".toCharArray();
for (String alg: List.of("DSA", "RSA", "RSASSA-PSS", "EC", "EdDSA", "Ed25519", "Ed448")) {
SecurityTools.keytool(String.format(
"-keystore ks -keyalg %s -storepass changeit -genkeypair -alias %s -dname CN=%s",
alg, alg, alg)).shouldHaveExitValue(0);
var ks = KeyStore.getInstance(new File("ks"), pass);
var c = (X509Certificate) ks.getCertificate(alg);
var pr = (PrivateKey) ks.getKey(alg, pass);
var pu = c.getPublicKey();
var s0 = signer(pr); // No KeyInfo
var s1 = signer(pr, c); // KeyInfo is X509Data
var s2 = signer(ks, alg, pass); // KeyInfo is KeyName
var v1 = validator(); // knows nothing
var v2 = validator(ks); // knows KeyName
Utils.runAndCheckException(() -> v1.validate(s0.sign(d)), IllegalArgumentException.class); // need PublicKey
s0.sign(string2doc(x));
Asserts.assertTrue(v1.validate(s0.sign(d), pu)); // need PublicKey
Asserts.assertTrue(v1.validate(s1.sign(d))); // can read KeyInfo
Asserts.assertTrue(v2.validate(s2.sign(d))); // can read KeyInfo
Asserts.assertTrue(v2.secureValidation(false).validate(s2.sign(p.toUri()))); // can read KeyInfo
Asserts.assertTrue(v2.secureValidation(false).baseURI(b).validate(
s2.sign(p.toAbsolutePath().getParent().toUri(), p.getFileName().toUri()))); // can read KeyInfo
Asserts.assertTrue(v1.validate(s0.sign("text"), pu)); // plain text
Asserts.assertTrue(v1.validate(s0.sign("binary".getBytes()), pu)); // raw data
Asserts.assertTrue(v1.validate(s0.signEnveloping(d, "x", "#x"), pu));
Asserts.assertTrue(v1.validate(s0.signEnveloping(d, "x", "#xpointer(id('x'))"), pu));
// No KeyValue defined for RSASSA-PSS or EdDSA yet
if (!alg.startsWith("Ed") && !alg.equals("RSASSA-PSS")) {
var ss = signer(pr, pu); // KeyInfo is PublicKey
Asserts.assertTrue(v1.validate(ss.sign(d))); // can read KeyInfo
Asserts.assertTrue(v1.validate(ss.sign("text"))); // plain text
Asserts.assertTrue(v1.validate(ss.sign("binary".getBytes()))); // raw data
Asserts.assertTrue(v1.validate(ss.signEnveloping(d, "x", "#x")));
Asserts.assertTrue(v1.validate(ss.signEnveloping(d, "x", "#xpointer(id('x'))")));
}
}
}
}