82 lines
3.1 KiB
Java
82 lines
3.1 KiB
Java
/*
|
|
* Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
|
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
|
*
|
|
* This code is free software; you can redistribute it and/or modify it
|
|
* under the terms of the GNU General Public License version 2 only, as
|
|
* published by the Free Software Foundation.
|
|
*
|
|
* This code is distributed in the hope that it will be useful, but WITHOUT
|
|
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
|
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
|
* version 2 for more details (a copy is included in the LICENSE file that
|
|
* accompanied this code).
|
|
*
|
|
* You should have received a copy of the GNU General Public License version
|
|
* 2 along with this work; if not, write to the Free Software Foundation,
|
|
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
*
|
|
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
|
|
* or visit www.oracle.com if you need additional information or have any
|
|
* questions.
|
|
*/
|
|
|
|
/*
|
|
* @test
|
|
* @bug 8172244
|
|
* @summary Verify that no exception is thrown with empty cert chain
|
|
* in MSCAPI.
|
|
* @requires os.family == "windows"
|
|
* @modules java.base/sun.security.tools.keytool java.base/sun.security.x509
|
|
* @run main/othervm --add-opens java.base/java.security=ALL-UNNAMED
|
|
* KeyStoreEmptyCertChain
|
|
*/
|
|
|
|
import java.security.KeyStore;
|
|
import java.security.cert.Certificate;
|
|
import sun.security.x509.X500Name;
|
|
import sun.security.tools.keytool.CertAndKeyGen;
|
|
import java.security.KeyPairGenerator;
|
|
import java.security.KeyPair;
|
|
import java.security.PrivateKey;
|
|
import java.security.KeyStoreSpi;
|
|
import java.lang.reflect.*;
|
|
|
|
public class KeyStoreEmptyCertChain {
|
|
|
|
public static void main(String[] args) {
|
|
|
|
try {
|
|
|
|
KeyStore keyStore = KeyStore.getInstance("Windows-MY", "SunMSCAPI");
|
|
keyStore.load(null, null);
|
|
|
|
// Generate a certificate to use for testing
|
|
CertAndKeyGen gen = new CertAndKeyGen("RSA", "SHA256withRSA");
|
|
gen.generate(2048);
|
|
Certificate cert =
|
|
gen.getSelfCertificate(new X500Name("CN=test"), 3600);
|
|
String alias = "JDK-8172244";
|
|
char[] password = "password".toCharArray();
|
|
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
|
|
|
|
// generate a private key for the certificate
|
|
kpg.initialize(2048);
|
|
KeyPair keyPair = kpg.generateKeyPair();
|
|
PrivateKey privKey = keyPair.getPrivate();
|
|
// need to bypass checks to store the private key without the cert
|
|
Field spiField = KeyStore.class.getDeclaredField("keyStoreSpi");
|
|
spiField.setAccessible(true);
|
|
KeyStoreSpi spi = (KeyStoreSpi) spiField.get(keyStore);
|
|
spi.engineSetKeyEntry(alias, privKey, password, new Certificate[0]);
|
|
keyStore.store(null, null);
|
|
|
|
keyStore.getCertificateAlias(cert);
|
|
keyStore.deleteEntry(alias);
|
|
// test passes if no exception is thrown
|
|
} catch (Exception ex) {
|
|
throw new RuntimeException(ex);
|
|
}
|
|
}
|
|
}
|