151 lines
5.7 KiB
Java
151 lines
5.7 KiB
Java
/*
|
|
* Copyright (c) 2024, Oracle and/or its affiliates. All rights reserved.
|
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
|
*
|
|
* This code is free software; you can redistribute it and/or modify it
|
|
* under the terms of the GNU General Public License version 2 only, as
|
|
* published by the Free Software Foundation.
|
|
*
|
|
* This code is distributed in the hope that it will be useful, but WITHOUT
|
|
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
|
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
|
* version 2 for more details (a copy is included in the LICENSE file that
|
|
* accompanied this code).
|
|
*
|
|
* You should have received a copy of the GNU General Public License version
|
|
* 2 along with this work; if not, write to the Free Software Foundation,
|
|
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
*
|
|
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
|
|
* or visit www.oracle.com if you need additional information or have any
|
|
* questions.
|
|
*/
|
|
|
|
/*
|
|
* @test
|
|
* @bug 8327461
|
|
* @summary engineGetEntry in PKCS12KeyStore should be thread-safe
|
|
* @library /test/lib ../../../java/security/testlibrary
|
|
* @modules java.base/sun.security.x509
|
|
* java.base/sun.security.util
|
|
* @build CertificateBuilder
|
|
* @run main GetSetEntryTest
|
|
*/
|
|
|
|
import java.math.BigInteger;
|
|
import java.security.cert.X509Certificate;
|
|
import java.security.KeyPair;
|
|
import java.security.KeyPairGenerator;
|
|
import java.security.KeyStore;
|
|
import java.security.spec.ECGenParameterSpec;
|
|
import java.util.concurrent.atomic.AtomicBoolean;
|
|
import java.util.concurrent.TimeUnit;
|
|
import java.util.Date;
|
|
|
|
import sun.security.testlibrary.CertificateBuilder;
|
|
|
|
public class GetSetEntryTest {
|
|
|
|
public static final String TEST = "test";
|
|
|
|
public static void main(String[] args) throws Exception {
|
|
KeyStore ks = KeyStore.getInstance("PKCS12");
|
|
char[] password = "password".toCharArray();
|
|
KeyStore.PasswordProtection protParam = new KeyStore.PasswordProtection(password);
|
|
ks.load(null, null);
|
|
|
|
CertificateBuilder cbld = new CertificateBuilder();
|
|
KeyPairGenerator keyPairGen1 = KeyPairGenerator.getInstance("EC");
|
|
keyPairGen1.initialize(new ECGenParameterSpec("secp256r1"));
|
|
KeyPair ecKeyPair = keyPairGen1.genKeyPair();
|
|
|
|
long start = System.currentTimeMillis() - TimeUnit.DAYS.toMillis(60);
|
|
long end = start + TimeUnit.DAYS.toMillis(1085);
|
|
boolean[] kuBitSettings = {true, false, false, false, false, true,
|
|
true, false, false};
|
|
|
|
// Set up the EC Cert
|
|
cbld.setSubjectName("CN=EC Test Cert, O=SomeCompany").
|
|
setPublicKey(ecKeyPair.getPublic()).
|
|
setSerialNumber(new BigInteger("1")).
|
|
setValidity(new Date(start), new Date(end)).
|
|
addSubjectKeyIdExt(ecKeyPair.getPublic()).
|
|
addAuthorityKeyIdExt(ecKeyPair.getPublic()).
|
|
addBasicConstraintsExt(true, true, -1).
|
|
addKeyUsageExt(kuBitSettings);
|
|
|
|
X509Certificate ecCert = cbld.build(null, ecKeyPair.getPrivate(), "SHA256withECDSA");
|
|
|
|
KeyPairGenerator keyPairGen2 = KeyPairGenerator.getInstance("RSA");
|
|
keyPairGen2.initialize(4096);
|
|
KeyPair rsaKeyPair = keyPairGen2.genKeyPair();
|
|
|
|
cbld.reset();
|
|
// Set up the RSA Cert
|
|
cbld.setSubjectName("CN=RSA Test Cert, O=SomeCompany").
|
|
setPublicKey(rsaKeyPair.getPublic()).
|
|
setSerialNumber(new BigInteger("1")).
|
|
setValidity(new Date(start), new Date(end)).
|
|
addSubjectKeyIdExt(rsaKeyPair.getPublic()).
|
|
addAuthorityKeyIdExt(rsaKeyPair.getPublic()).
|
|
addBasicConstraintsExt(true, true, -1).
|
|
addKeyUsageExt(kuBitSettings);
|
|
|
|
X509Certificate rsaCert = cbld.build(null, rsaKeyPair.getPrivate(), "SHA256withRSA");
|
|
|
|
KeyStore.PrivateKeyEntry ecEntry = new KeyStore.PrivateKeyEntry(ecKeyPair.getPrivate(),
|
|
new X509Certificate[]{ecCert});
|
|
KeyStore.PrivateKeyEntry rsaEntry = new KeyStore.PrivateKeyEntry(rsaKeyPair.getPrivate(),
|
|
new X509Certificate[]{rsaCert});
|
|
|
|
test(ks, ecEntry, rsaEntry, protParam);
|
|
}
|
|
|
|
private static final int MAX_ITERATIONS = 100;
|
|
|
|
private static void test(KeyStore ks, KeyStore.PrivateKeyEntry ec,
|
|
KeyStore.PrivateKeyEntry rsa,
|
|
KeyStore.PasswordProtection protParam)
|
|
throws Exception {
|
|
ks.setEntry(TEST, ec, protParam);
|
|
|
|
AtomicBoolean syncIssue = new AtomicBoolean(false);
|
|
|
|
Thread thread = new Thread(() -> {
|
|
int iterations = 0;
|
|
while (!syncIssue.get() && iterations < MAX_ITERATIONS) {
|
|
try {
|
|
ks.setEntry(TEST, ec, protParam);
|
|
ks.setEntry(TEST, rsa, protParam);
|
|
} catch (Exception ex) {
|
|
syncIssue.set(true);
|
|
ex.printStackTrace();
|
|
System.out.println("Test failed");
|
|
System.exit(1);
|
|
}
|
|
iterations++;
|
|
}
|
|
});
|
|
thread.start();
|
|
|
|
int iterations = 0;
|
|
while (!syncIssue.get() && iterations < MAX_ITERATIONS) {
|
|
try {
|
|
ks.getEntry(TEST, protParam);
|
|
} catch (Exception ex) {
|
|
syncIssue.set(true);
|
|
ex.printStackTrace();
|
|
System.out.println("Test failed");
|
|
System.exit(1);
|
|
}
|
|
iterations++;
|
|
}
|
|
|
|
thread.join();
|
|
|
|
if (!syncIssue.get()) {
|
|
System.out.println("Test completed successfully");
|
|
}
|
|
}
|
|
}
|