pkcs11/KeyStore/Basic.java

0N/A/*
2362N/A * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved.
0N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
0N/A *
0N/A * This code is free software; you can redistribute it and/or modify it
0N/A * under the terms of the GNU General Public License version 2 only, as
0N/A * published by the Free Software Foundation.
0N/A *
0N/A * This code is distributed in the hope that it will be useful, but WITHOUT
0N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
0N/A * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
0N/A * version 2 for more details (a copy is included in the LICENSE file that
0N/A * accompanied this code).
0N/A *
0N/A * You should have received a copy of the GNU General Public License version
0N/A * 2 along with this work; if not, write to the Free Software Foundation,
0N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
0N/A *
2362N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
2362N/A * or visit www.oracle.com if you need additional information or have any
2362N/A * questions.
0N/A */
0N/A
0N/Aimport java.io.*;
0N/Aimport java.util.*;
0N/Aimport java.lang.reflect.*;
0N/A
0N/Aimport java.security.KeyStore;
0N/Aimport java.security.KeyStoreException;
0N/Aimport java.security.KeyFactory;
0N/Aimport java.security.KeyPairGenerator;
0N/Aimport java.security.KeyPair;
0N/Aimport java.security.SecureRandom;
0N/Aimport java.security.AuthProvider;
0N/Aimport java.security.PrivateKey;
0N/Aimport java.security.Provider;
0N/Aimport java.security.ProviderException;
0N/Aimport java.security.Signature;
0N/Aimport java.security.Security;
0N/A
0N/Aimport java.security.cert.*;
0N/Aimport java.security.spec.*;
0N/Aimport java.security.interfaces.*;
0N/A
0N/Aimport javax.crypto.SecretKey;
0N/A
0N/Aimport javax.security.auth.Subject;
0N/Aimport javax.security.auth.login.LoginException;
0N/A
0N/Aimport com.sun.security.auth.module.*;
0N/Aimport com.sun.security.auth.callback.*;
0N/A
0N/A
0N/Apublic class Basic extends PKCS11Test {
0N/A
0N/A    private static final char SEP = File.separatorChar;
0N/A
0N/A    private static String DIR = System.getProperty("DIR");
0N/A    private static char[] tokenPwd;
0N/A    private static final char[] ibuttonPwd =
0N/A                        new char[0];
0N/A    private static final char[] activcardPwd =
0N/A                        new char[] { '1', '1', '2', '2', '3', '3' };
0N/A    private static final char[] nssPwd =
0N/A                        new char[] { 't', 'e', 's', 't', '1', '2' };
0N/A    private static final char[] solarisPwd =
0N/A                        new char[] { 'p', 'i', 'n' };
0N/A    private static final char[] sca1000Pwd =
0N/A                        new char[] { 'p', 'a', 's', 's', 'w', 'o', 'r', 'd' };
0N/A    private static final char[] sPwd = { 'f', 'o', 'o' };
0N/A
0N/A    private static SecretKey sk1;
0N/A    private static SecretKey sk2;
0N/A    private static SecretKey sk3;
0N/A    private static SecretKey sk4;
0N/A
0N/A    private static RSAPrivateCrtKey pk1;
0N/A    private static PrivateKey pk2;
0N/A    private static PrivateKey pk3;
0N/A
0N/A    private static Certificate[] chain1;
0N/A    private static Certificate[] chain2;
0N/A    private static Certificate[] chain3;
0N/A    private static Certificate[] chain4;
0N/A
0N/A    private static X509Certificate randomCert;
0N/A
0N/A    private static KeyStore ks;
0N/A    private static final String KS_TYPE = "PKCS11";
0N/A    private static Provider provider;
0N/A
0N/A    private static class FooEntry implements KeyStore.Entry { }
0N/A
0N/A    private static class P11SecretKey implements SecretKey {
0N/A        String alg;
0N/A        int length;
0N/A        public P11SecretKey(String alg, int length) {
0N/A            this.alg = alg;
0N/A            this.length = length;
0N/A        }
0N/A        public String getAlgorithm() { return alg; }
0N/A        public String getFormat() { return "raw"; }
0N/A        public byte[] getEncoded() { return new byte[length/8]; }
0N/A    }
0N/A
0N/A    public static void main(String[] args) throws Exception {
0N/A        main(new Basic());
0N/A    }
0N/A
0N/A    public void main(Provider p) throws Exception {
0N/A
0N/A        this.provider = p;
0N/A
0N/A        // get private keys
0N/A        KeyFactory kf = KeyFactory.getInstance("RSA", "SunJSSE");
0N/A        KeyFactory dsaKf = KeyFactory.getInstance("DSA", "SUN");
0N/A
0N/A        ObjectInputStream ois1 = new ObjectInputStream
0N/A                        (new FileInputStream(new File(DIR, "pk1.key")));
0N/A        byte[] keyBytes = (byte[])ois1.readObject();
0N/A        ois1.close();
0N/A        PrivateKey tmpKey =
0N/A                kf.generatePrivate(new PKCS8EncodedKeySpec(keyBytes));
0N/A        pk1 = (RSAPrivateCrtKey)tmpKey;
0N/A
0N/A        ObjectInputStream ois2 = new ObjectInputStream
0N/A                        (new FileInputStream(new File(DIR, "pk2.key")));
0N/A        keyBytes = (byte[])ois2.readObject();
0N/A        ois2.close();
0N/A        pk2 = kf.generatePrivate(new PKCS8EncodedKeySpec(keyBytes));
0N/A
0N/A        ObjectInputStream ois3 = new ObjectInputStream
0N/A                        (new FileInputStream(new File(DIR, "pk3.key")));
0N/A        keyBytes = (byte[])ois3.readObject();
0N/A        pk3 = kf.generatePrivate(new PKCS8EncodedKeySpec(keyBytes));
0N/A        ois3.close();
0N/A
0N/A        // get cert chains for private keys
0N/A        CertificateFactory cf = CertificateFactory.getInstance("X.509", "SUN");
0N/A        Certificate caCert = (X509Certificate)cf.generateCertificate
0N/A                        (new FileInputStream(new File(DIR, "ca.cert")));
0N/A        Certificate ca2Cert = (X509Certificate)cf.generateCertificate
0N/A                        (new FileInputStream(new File(DIR, "ca2.cert")));
0N/A        Certificate pk1cert = (X509Certificate)cf.generateCertificate
0N/A                        (new FileInputStream(new File(DIR, "pk1.cert")));
0N/A        Certificate pk1cert2 = (X509Certificate)cf.generateCertificate
0N/A                        (new FileInputStream(new File(DIR, "pk1.cert2")));
0N/A        Certificate pk2cert = (X509Certificate)cf.generateCertificate
0N/A                        (new FileInputStream(new File(DIR, "pk2.cert")));
0N/A        Certificate pk3cert = (X509Certificate)cf.generateCertificate
0N/A                        (new FileInputStream(new File(DIR, "pk3.cert")));
0N/A        chain1 = new Certificate[] { pk1cert, caCert };
0N/A        chain2 = new Certificate[] { pk2cert, caCert };
0N/A        chain3 = new Certificate[] { pk3cert, caCert };
0N/A        chain4 = new Certificate[] { pk1cert2, ca2Cert };
0N/A
0N/A        // create secret keys
0N/A        sk1 = new P11SecretKey("DES", 64);
0N/A        sk2 = new P11SecretKey("DESede", 192);
0N/A        sk3 = new P11SecretKey("AES", 128);
0N/A        sk4 = new P11SecretKey("RC4", 128);
0N/A
0N/A        // read randomCert
0N/A        randomCert = (X509Certificate)cf.generateCertificate
0N/A                        (new FileInputStream(new File(DIR, "random.cert")));
0N/A
0N/A        doTest();
0N/A    }
0N/A
0N/A    private static void doTest() throws Exception {
0N/A
0N/A        String token = System.getProperty("TOKEN");
0N/A        String test = System.getProperty("TEST");
0N/A
0N/A        if (token == null || token.length() == 0) {
0N/A            throw new Exception("token arg required");
0N/A        }
0N/A        if (test == null || test.length() == 0) {
0N/A            throw new Exception("test arg required");
0N/A        }
0N/A
0N/A        if ("ibutton".equals(token)) {
0N/A            tokenPwd = ibuttonPwd;
0N/A        } else if ("activcard".equals(token)) {
0N/A            tokenPwd = activcardPwd;
0N/A        } else if ("nss".equals(token)) {
0N/A            tokenPwd = nssPwd;
0N/A        } else if ("sca1000".equals(token)) {
0N/A            tokenPwd = sca1000Pwd;
0N/A        } else if ("solaris".equals(token)) {
0N/A            tokenPwd = solarisPwd;
0N/A        }
0N/A
0N/A        if ("list".equals(test)) {
0N/A            Basic.list();
0N/A        } else if ("basic".equals(test)) {
0N/A
0N/A            int testnum = 1;
0N/A
0N/A            if ("ibutton".equals(token)) {
0N/A                // pkey and setAttribute
0N/A                testnum = Basic.pkey(testnum);
0N/A                testnum = Basic.setAttribute(testnum);
0N/A            } else if ("activcard".equals(token)) {
0N/A                // sign
0N/A                testnum = Basic.signAlias(testnum, null);
0N/A            } else if ("nss".equals(token)) {
0N/A                // setAttribute, pkey, sign
0N/A                testnum = Basic.setAttribute(testnum);
0N/A                testnum = Basic.pkey(testnum);
0N/A                testnum = Basic.sign(testnum);
0N/A                testnum = Basic.copy(testnum);
0N/A            } else if ("solaris".equals(token)) {
0N/A                testnum = Basic.setAttribute(testnum);
0N/A                testnum = Basic.pkey(testnum);
0N/A                testnum = Basic.sign(testnum);
0N/A                testnum = Basic.skey(testnum);
0N/A                testnum = Basic.copy(testnum);
0N/A            } else if ("sca1000".equals(token)) {
0N/A                // setAttribute, pkey, sign, skey, copy
0N/A                testnum = Basic.setAttribute(testnum);
0N/A                testnum = Basic.pkey(testnum);
0N/A                testnum = Basic.sign(testnum);
0N/A                testnum = Basic.skey(testnum);
0N/A                testnum = Basic.copy(testnum);
0N/A            }
0N/A
0N/A        } else if ("pkey".equals(test)) {
0N/A            Basic.pkey(1);
0N/A        } else if ("skey".equals(test)) {
0N/A            Basic.skey(1);
0N/A        } else if ("setAttribute".equals(test)) {
0N/A            Basic.setAttribute(1);
0N/A        } else if ("copy".equals(test)) {
0N/A            Basic.copy(1);
0N/A        } else if ("sign".equals(test)) {
0N/A            Basic.sign(1);
0N/A        } else if ("module".equals(test)) {
0N/A            Basic.module();
0N/A        } else if ("nss-extended".equals(test)) {
0N/A
0N/A            // this only works if NSS_TEST is set to true in P11KeyStore.java
0N/A
0N/A            int testnum = 1;
0N/A            testnum = Basic.setAttribute(testnum);
0N/A            testnum = Basic.pkey(testnum);
0N/A            testnum = Basic.sign(testnum);
0N/A            testnum = Basic.extended(testnum);
0N/A        } else {
0N/A            System.out.println("unrecognized command");
0N/A        }
0N/A    }
0N/A
0N/A    private static int sign(int testnum) throws Exception {
0N/A        if (ks == null) {
0N/A            ks = KeyStore.getInstance(KS_TYPE, provider);
0N/A            ks.load(null, tokenPwd);
0N/A        }
0N/A        if (!ks.containsAlias("pk1")) {
0N/A            ks.setKeyEntry("pk1", pk1, null, chain1);
0N/A        }
0N/A        System.out.println("test " + testnum++ + " passed");
0N/A
0N/A        return signAlias(testnum, "pk1");
0N/A    }
0N/A
0N/A    private static int signAlias(int testnum, String alias) throws Exception {
0N/A
0N/A        if (ks == null) {
0N/A            ks = KeyStore.getInstance(KS_TYPE, provider);
0N/A            ks.load(null, tokenPwd);
0N/A        }
0N/A
0N/A        if (alias == null) {
0N/A            Enumeration enu = ks.aliases();
0N/A            if (enu.hasMoreElements()) {
0N/A                alias = (String)enu.nextElement();
0N/A            }
0N/A        }
0N/A
0N/A        PrivateKey pkey = (PrivateKey)ks.getKey(alias, null);
0N/A        if ("RSA".equals(pkey.getAlgorithm())) {
0N/A            System.out.println("got [" + alias + "] signing key: " + pkey);
0N/A        } else {
0N/A            throw new SecurityException
0N/A                ("expected RSA, got " + pkey.getAlgorithm());
0N/A        }
0N/A
0N/A        Signature s = Signature.getInstance("MD5WithRSA", ks.getProvider());
0N/A        s.initSign(pkey);
0N/A        System.out.println("initialized signature object with key");
0N/A        s.update("hello".getBytes());
0N/A        System.out.println("signature object updated with [hello] bytes");
0N/A
0N/A        byte[] signed = s.sign();
0N/A        System.out.println("received signature " + signed.length +
0N/A                        " bytes in length");
0N/A
0N/A        Signature v = Signature.getInstance("MD5WithRSA", ks.getProvider());
0N/A        v.initVerify(ks.getCertificate(alias));
0N/A        v.update("hello".getBytes());
0N/A        v.verify(signed);
0N/A        System.out.println("signature verified");
0N/A        System.out.println("test " + testnum++ + " passed");
0N/A
0N/A        return testnum;
0N/A    }
0N/A
0N/A    private static int copy(int testnum) throws Exception {
0N/A
0N/A        if (ks == null) {
0N/A            ks = KeyStore.getInstance(KS_TYPE, provider);
0N/A            ks.load(null, tokenPwd);
0N/A        }
0N/A
0N/A        KeyFactory kf = KeyFactory.getInstance("RSA", provider);
0N/A        PrivateKey pkSession = (PrivateKey)kf.translateKey(pk3);
0N/A        System.out.println("pkSession = " + pkSession);
0N/A        ks.setKeyEntry("pkSession", pkSession, null, chain3);
0N/A
0N/A        KeyStore.PrivateKeyEntry pke =
0N/A                (KeyStore.PrivateKeyEntry)ks.getEntry("pkSession", null);
0N/A        System.out.println("pkSession = " + pke.getPrivateKey());
0N/A        Certificate[] chain = pke.getCertificateChain();
0N/A        if (chain.length != chain3.length) {
0N/A            throw new SecurityException("received chain not correct length");
0N/A        }
0N/A        for (int i = 0; i < chain.length; i++) {
0N/A            if (!chain[i].equals(chain3[i])) {
0N/A                throw new SecurityException("received chain not equal");
0N/A            }
0N/A        }
0N/A
0N/A        System.out.println("test " + testnum++ + " passed");
0N/A
0N/A        return testnum;
0N/A    }
0N/A
0N/A    private static void list() throws Exception {
0N/A        int testnum = 1;
0N/A
0N/A        ks = KeyStore.getInstance(KS_TYPE, provider);
0N/A
0N/A        // check instance
0N/A        if (ks.getProvider() instanceof java.security.AuthProvider) {
0N/A            System.out.println("keystore provider instance of AuthProvider");
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("did not get AuthProvider KeyStore");
0N/A        }
0N/A
0N/A        // load
0N/A        ks.load(null, tokenPwd);
0N/A        System.out.println("test " + testnum++ + " passed");
0N/A
0N/A        // aliases
0N/A        Enumeration enu = ks.aliases();
0N/A        int count = 0;
0N/A        while (enu.hasMoreElements()) {
0N/A            count++;
0N/A            System.out.println("alias " +
0N/A                                count +
0N/A                                " = " +
0N/A                                (String)enu.nextElement());
0N/A        }
0N/A    }
0N/A
0N/A    private static void module() throws Exception {
0N/A
0N/A        // perform Security.addProvider of P11 provider
0N/A        ProviderLoader.go(System.getProperty("CUSTOM_P11_CONFIG"));
0N/A
0N/A        String KS_PROVIDER = "SunPKCS11-" + System.getProperty("TOKEN");
0N/A
0N/A        KeyStoreLoginModule m = new KeyStoreLoginModule();
0N/A        Subject s = new Subject();
0N/A        Map options = new HashMap();
0N/A        options.put("keyStoreURL", "NONE");
0N/A        options.put("keyStoreType", KS_TYPE);
0N/A        options.put("keyStoreProvider", KS_PROVIDER);
0N/A        options.put("debug", "true");
0N/A        m.initialize(s, new TextCallbackHandler(), new HashMap(), options);
0N/A        m.login();
0N/A        m.commit();
0N/A        System.out.println("authenticated subject = " + s);
0N/A        m.logout();
0N/A        System.out.println("authenticated subject = " + s);
0N/A    }
0N/A
0N/A    /**
0N/A     * SCA1000 does not handle extended secret key tests
0N/A     * . Blowfish (CKR_TEMPLATE_INCOMPLETE)
0N/A     * . AES (CKR_TEMPLATE_INCOMPLETE)
0N/A     * . RC4 (CKR_ATTRIBUTE_TYPE_INVALID)
0N/A     * so do this instead
0N/A     */
0N/A    private static int skey(int testnum) throws Exception {
0N/A        if (ks == null) {
0N/A            ks = KeyStore.getInstance(KS_TYPE, provider);
0N/A            ks.load(null, tokenPwd);
0N/A        }
0N/A
0N/A        // delete all old aliases
0N/A        Enumeration enu = ks.aliases();
0N/A        int count = 0;
0N/A        while (enu.hasMoreElements()) {
0N/A            String next = (String)enu.nextElement();
0N/A            ks.deleteEntry(next);
0N/A            System.out.println("deleted entry for: " + next);
0N/A        }
0N/A
0N/A        // set good ske 1
0N/A        ks.setKeyEntry("sk1", sk1, null, null);
0N/A        System.out.println("test " + testnum++ + " passed");
0N/A
0N/A        // set good ske 2
0N/A        ks.setKeyEntry("sk2", sk2, null, null);
0N/A        System.out.println("test " + testnum++ + " passed");
0N/A
0N/A        // getEntry good ske 1
0N/A        KeyStore.SecretKeyEntry ske =
0N/A                (KeyStore.SecretKeyEntry)ks.getEntry("sk1", null);
0N/A        if ("DES".equals(ske.getSecretKey().getAlgorithm())) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException
0N/A                ("expected DES, got " + ske.getSecretKey().getAlgorithm());
0N/A        }
0N/A
0N/A        // getEntry good ske 2
0N/A        ske = (KeyStore.SecretKeyEntry)ks.getEntry("sk2", null);
0N/A        if ("DESede".equals(ske.getSecretKey().getAlgorithm())) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException
0N/A                ("expected DESede, got " + ske.getSecretKey().getAlgorithm());
0N/A        }
0N/A
0N/A        // getKey good ske 1
0N/A        SecretKey skey = (SecretKey)ks.getKey("sk1", null);
0N/A        if ("DES".equals(skey.getAlgorithm())) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException
0N/A                ("expected DES, got " + skey.getAlgorithm());
0N/A        }
0N/A
0N/A        // getKey good ske 2
0N/A        skey = (SecretKey)ks.getKey("sk2", null);
0N/A        if ("DESede".equals(skey.getAlgorithm())) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException
0N/A                ("expected DESede, got " + skey.getAlgorithm());
0N/A        }
0N/A
0N/A        // aliases
0N/A        enu = ks.aliases();
0N/A        count = 0;
0N/A        while (enu.hasMoreElements()) {
0N/A            count++;
0N/A            System.out.println("alias " +
0N/A                                count +
0N/A                                " = " +
0N/A                                (String)enu.nextElement());
0N/A        }
0N/A        if (count == 2) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected 2 aliases");
0N/A        }
0N/A
0N/A        // size
0N/A        if (ks.size() == 2) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected size 2");
0N/A        }
0N/A
0N/A        // isCertificateEntry sk1
0N/A        if (!ks.isCertificateEntry("sk1")) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected ske");
0N/A        }
0N/A
0N/A        // isKeyEntry sk1
0N/A        if (ks.isKeyEntry("sk1")) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected ske");
0N/A        }
0N/A
0N/A        // entryInstanceOf sk2
0N/A        if (ks.entryInstanceOf("sk2", KeyStore.SecretKeyEntry.class)) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected ske");
0N/A        }
0N/A
0N/A        return testnum;
0N/A    }
0N/A
0N/A    private static int setAttribute(int testnum) throws Exception {
0N/A
0N/A        if (ks == null) {
0N/A            ks = KeyStore.getInstance(KS_TYPE, provider);
0N/A            ks.load(null, tokenPwd);
0N/A        }
0N/A
0N/A        if (!ks.containsAlias("pk1")) {
0N/A            // set good pke 1
0N/A            ks.setKeyEntry("pk1", pk1, null, chain1);
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        }
0N/A
0N/A        // delete all old aliases except pk1
0N/A        Enumeration enu = ks.aliases();
0N/A        int count = 0;
0N/A        while (enu.hasMoreElements()) {
0N/A            String next = (String)enu.nextElement();
0N/A            if (!"pk1".equals(next)) {
0N/A                ks.deleteEntry(next);
0N/A                System.out.println("deleted entry for: " + next);
0N/A            }
0N/A        }
0N/A
0N/A        KeyStore.PrivateKeyEntry pke =
0N/A                (KeyStore.PrivateKeyEntry)ks.getEntry("pk1", null);
0N/A        System.out.println("pk1 = " + pke.getPrivateKey());
0N/A        Certificate[] chain = pke.getCertificateChain();
0N/A        if (chain.length != chain1.length) {
0N/A            throw new SecurityException("received chain not correct length");
0N/A        }
0N/A        for (int i = 0; i < chain.length; i++) {
0N/A            if (!chain[i].equals(chain1[i])) {
0N/A                throw new SecurityException("received chain not equal");
0N/A            }
0N/A        }
0N/A        System.out.println("test " + testnum++ + " passed");
0N/A
0N/A        /**
0N/A         * test change alias only
0N/A         */
0N/A
0N/A        // test C_SetAttribute
0N/A        PrivateKey pkey = pke.getPrivateKey();
0N/A        ks.setEntry("pk1SA",
0N/A                new KeyStore.PrivateKeyEntry(pkey, chain1),
0N/A                null);
0N/A        System.out.println("test " + testnum++ + " passed");
0N/A
0N/A        // aliases
0N/A        enu = ks.aliases();
0N/A        count = 0;
0N/A        String newAlias = null;
0N/A        while (enu.hasMoreElements()) {
0N/A            count++;
0N/A            newAlias = (String)enu.nextElement();
0N/A            System.out.println("alias " +
0N/A                                count +
0N/A                                " = " +
0N/A                                newAlias);
0N/A        }
0N/A        if (count == 1 && "pk1SA".equals(newAlias)) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected 1 alias");
0N/A        }
0N/A
0N/A        // size
0N/A        if (ks.size() == 1) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected size 1");
0N/A        }
0N/A
0N/A        pke = (KeyStore.PrivateKeyEntry)ks.getEntry("pk1", null);
0N/A        if (pke != null) {
0N/A            throw new SecurityException("expected not to find pk1");
0N/A        }
0N/A        System.out.println("test " + testnum++ + " passed");
0N/A
0N/A        pke = (KeyStore.PrivateKeyEntry)ks.getEntry("pk1SA", null);
0N/A        System.out.println("pk1SA = " + pke.getPrivateKey());
0N/A        chain = pke.getCertificateChain();
0N/A        if (chain.length != chain1.length) {
0N/A            throw new SecurityException("received chain not correct length");
0N/A        }
0N/A        for (int i = 0; i < chain.length; i++) {
0N/A            if (!chain[i].equals(chain1[i])) {
0N/A                throw new SecurityException("received chain not equal");
0N/A            }
0N/A        }
0N/A        System.out.println("test " + testnum++ + " passed");
0N/A
0N/A        /**
0N/A         * test change cert chain
0N/A         */
0N/A
0N/A        pkey = pke.getPrivateKey();
0N/A        ks.setEntry("pk1SA-2",
0N/A                new KeyStore.PrivateKeyEntry(pkey, chain4),
0N/A                null);
0N/A        System.out.println("test " + testnum++ + " passed");
0N/A
0N/A        // aliases
0N/A        enu = ks.aliases();
0N/A        count = 0;
0N/A        newAlias = null;
0N/A        while (enu.hasMoreElements()) {
0N/A            count++;
0N/A            newAlias = (String)enu.nextElement();
0N/A            System.out.println("alias " +
0N/A                                count +
0N/A                                " = " +
0N/A                                newAlias);
0N/A        }
0N/A        if (count == 1 && "pk1SA-2".equals(newAlias)) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected 1 alias");
0N/A        }
0N/A
0N/A        // size
0N/A        if (ks.size() == 1) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected size 1");
0N/A        }
0N/A
0N/A        pke = (KeyStore.PrivateKeyEntry)ks.getEntry("pk1SA", null);
0N/A        if (pke != null) {
0N/A            throw new SecurityException("expected not to find pk1SA");
0N/A        }
0N/A        System.out.println("test " + testnum++ + " passed");
0N/A
0N/A        pke = (KeyStore.PrivateKeyEntry)ks.getEntry("pk1SA-2", null);
0N/A        System.out.println("pk1SA-2 = " + pke.getPrivateKey());
0N/A        chain = pke.getCertificateChain();
0N/A        if (chain.length != chain4.length) {
0N/A            throw new SecurityException("received chain not correct length");
0N/A        }
0N/A        for (int i = 0; i < chain.length; i++) {
0N/A            if (!chain[i].equals(chain4[i])) {
0N/A                throw new SecurityException("received chain not equal");
0N/A            }
0N/A        }
0N/A        System.out.println("test " + testnum++ + " passed");
0N/A
0N/A        return testnum;
0N/A    }
0N/A
0N/A    private static int pkey(int testnum) throws Exception {
0N/A
0N/A        if (ks == null) {
0N/A            ks = KeyStore.getInstance(KS_TYPE, provider);
0N/A            ks.load(null, tokenPwd);
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        }
0N/A
0N/A        // check instance
0N/A        if (ks.getProvider() instanceof java.security.AuthProvider) {
0N/A            System.out.println("keystore provider instance of AuthProvider");
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("did not get AuthProvider KeyStore");
0N/A        }
0N/A
0N/A        // delete all old aliases
0N/A        Enumeration enu = ks.aliases();
0N/A        int count = 0;
0N/A        while (enu.hasMoreElements()) {
0N/A            String next = (String)enu.nextElement();
0N/A            ks.deleteEntry(next);
0N/A            System.out.println("deleted entry for: " + next);
0N/A        }
0N/A
0N/A        // set good pke 1
0N/A        ks.setKeyEntry("pk1", pk1, null, chain1);
0N/A        System.out.println("test " + testnum++ + " passed");
0N/A
0N/A        // set good pke 2
0N/A        ks.setEntry("pk2",
0N/A                new KeyStore.PrivateKeyEntry(pk2, chain2),
0N/A                null);
0N/A        System.out.println("test " + testnum++ + " passed");
0N/A
0N/A        // getEntry good pke 1
0N/A        KeyStore.PrivateKeyEntry pke =
0N/A                (KeyStore.PrivateKeyEntry)ks.getEntry("pk1", null);
0N/A        System.out.println("pk1 = " + pke.getPrivateKey());
0N/A        Certificate[] chain = pke.getCertificateChain();
0N/A        if (chain.length != chain1.length) {
0N/A            throw new SecurityException("received chain not correct length");
0N/A        }
0N/A        for (int i = 0; i < chain.length; i++) {
0N/A            if (!chain[i].equals(chain1[i])) {
0N/A                throw new SecurityException("received chain not equal");
0N/A            }
0N/A        }
0N/A
0N/A        // getKey good pke 1
0N/A        PrivateKey pkey = (PrivateKey)ks.getKey("pk1", null);
0N/A        System.out.println("pk1 = " + pkey);
0N/A        if ("RSA".equals(pkey.getAlgorithm())) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException
0N/A                ("expected RSA, got " + pkey.getAlgorithm());
0N/A        }
0N/A
0N/A        // getCertificate chain chain 1
0N/A        chain = ks.getCertificateChain("pk1");
0N/A        if (chain.length != chain1.length) {
0N/A            throw new SecurityException("received chain not correct length");
0N/A        }
0N/A        for (int i = 0; i < chain.length; i++) {
0N/A            if (!chain[i].equals(chain1[i])) {
0N/A                throw new SecurityException("received chain not equal");
0N/A            }
0N/A        }
0N/A        System.out.println("test " + testnum++ + " passed");
0N/A
0N/A        // getEntry good pke 2
0N/A        pke = (KeyStore.PrivateKeyEntry)ks.getEntry("pk2", null);
0N/A        if ("RSA".equals(pke.getPrivateKey().getAlgorithm())) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException
0N/A                ("expected RSA, got " + pke.getPrivateKey().getAlgorithm());
0N/A        }
0N/A        System.out.println("pk2 = " + pke.getPrivateKey());
0N/A        chain = pke.getCertificateChain();
0N/A        if (chain.length != chain2.length) {
0N/A            throw new SecurityException("received chain not correct length");
0N/A        }
0N/A        for (int i = 0; i < chain.length; i++) {
0N/A            if (!chain[i].equals(chain2[i])) {
0N/A                throw new SecurityException("received chain not equal");
0N/A            }
0N/A        }
0N/A
0N/A        // getKey good pke 2
0N/A        pkey = (PrivateKey)ks.getKey("pk2", null);
0N/A        if ("RSA".equals(pkey.getAlgorithm())) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException
0N/A                ("expected RSA, got " + pkey.getAlgorithm());
0N/A        }
0N/A
0N/A        // getCertificate chain chain 2
0N/A        chain = ks.getCertificateChain("pk2");
0N/A        if (chain.length != chain2.length) {
0N/A            throw new SecurityException("received chain not correct length");
0N/A        }
0N/A        for (int i = 0; i < chain.length; i++) {
0N/A            if (!chain[i].equals(chain2[i])) {
0N/A                throw new SecurityException("received chain not equal");
0N/A            }
0N/A        }
0N/A        System.out.println("test " + testnum++ + " passed");
0N/A
0N/A        // aliases
0N/A        enu = ks.aliases();
0N/A        count = 0;
0N/A        while (enu.hasMoreElements()) {
0N/A            count++;
0N/A            System.out.println("alias " +
0N/A                                count +
0N/A                                " = " +
0N/A                                (String)enu.nextElement());
0N/A        }
0N/A        if (count == 2) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected 2 aliases");
0N/A        }
0N/A
0N/A        // size
0N/A        if (ks.size() == 2) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected size 2");
0N/A        }
0N/A
0N/A        // getCertificate
0N/A        if (ks.getCertificate("pk1").equals(chain1[0])) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected certificate pk1 end entity");
0N/A        }
0N/A
0N/A        // containsAlias
0N/A        if (ks.containsAlias("pk1") && ks.containsAlias("pk2") &&
0N/A            !ks.containsAlias("foobar") &&
0N/A            !ks.containsAlias("pk1.2") && !ks.containsAlias("pk2.2")) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("unexpected aliases encountered");
0N/A        }
0N/A
0N/A        // isKeyEntry
0N/A        if (ks.isKeyEntry("pk1") && ks.isKeyEntry("pk2") &&
0N/A            !ks.isKeyEntry("foobar")) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("isKeyEntry failed");
0N/A        }
0N/A
0N/A        // isCertificateEntry
0N/A        if (!ks.isCertificateEntry("foobar") &&
0N/A            !ks.isCertificateEntry("pk1") && !ks.isCertificateEntry("pk2")) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("isCertificateEntry failed");
0N/A        }
0N/A
0N/A        // getCertificateAlias
0N/A        if (ks.getCertificateAlias(chain1[0]).equals("pk1") &&
0N/A            ks.getCertificateAlias(chain2[0]).equals("pk2") &&
0N/A            ks.getCertificateAlias(randomCert) == null) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("getCertificateAlias failed");
0N/A        }
0N/A
0N/A        if (ks.entryInstanceOf("pk1", KeyStore.PrivateKeyEntry.class) &&
0N/A            ks.entryInstanceOf("pk2", KeyStore.PrivateKeyEntry.class) &&
0N/A        !ks.entryInstanceOf("pk1", KeyStore.TrustedCertificateEntry.class) &&
0N/A        !ks.entryInstanceOf("pk2", KeyStore.TrustedCertificateEntry.class) &&
0N/A        !ks.entryInstanceOf("foobar", KeyStore.TrustedCertificateEntry.class) &&
0N/A          !ks.entryInstanceOf("foobar", KeyStore.PrivateKeyEntry.class)) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("entryInstanceOf failed");
0N/A        }
0N/A
0N/A        ks.deleteEntry("pk2");
0N/A        if (ks.containsAlias("pk1") && !ks.containsAlias("pk2")) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("deleteEntry failed");
0N/A        }
0N/A
0N/A        // getEntry good pke 1
0N/A        pke = (KeyStore.PrivateKeyEntry)ks.getEntry("pk1", null);
0N/A        System.out.println("pk1 = " + pke.getPrivateKey());
0N/A        chain = pke.getCertificateChain();
0N/A        if (chain.length != chain1.length) {
0N/A            throw new SecurityException("received chain not correct length");
0N/A        }
0N/A        for (int i = 0; i < chain.length; i++) {
0N/A            if (!chain[i].equals(chain1[i])) {
0N/A                throw new SecurityException("received chain not equal");
0N/A            }
0N/A        }
0N/A        System.out.println("test " + testnum++ + " passed");
0N/A
0N/A        // aliases
0N/A        enu = ks.aliases();
0N/A        count = 0;
0N/A        while (enu.hasMoreElements()) {
0N/A            count++;
0N/A            System.out.println("alias " +
0N/A                                count +
0N/A                                " = " +
0N/A                                (String)enu.nextElement());
0N/A        }
0N/A        if (count == 1) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected 1 alias");
0N/A        }
0N/A
0N/A        // size
0N/A        if (ks.size() == 1) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected size 1");
0N/A        }
0N/A
0N/A        return testnum;
0N/A    }
0N/A
0N/A    private static int extended(int testnum) throws Exception {
0N/A
0N/A        // setEntry unknown entry type
0N/A        try {
0N/A            ks.setEntry("foo", new FooEntry(), null);
0N/A            throw new SecurityException("setEntry should have failed");
0N/A        } catch (KeyStoreException kse) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        }
0N/A
0N/A        // getEntry random foo
0N/A        if (ks.getEntry("foo", null) != null) {
0N/A            throw new SecurityException("expected null entry");
0N/A        } else {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        }
0N/A
0N/A        // set good ske 1
0N/A        ks.setKeyEntry("sk1", sk1, null, null);
0N/A        System.out.println("test " + testnum++ + " passed");
0N/A
0N/A        // set good ske 2
0N/A        ks.setKeyEntry("sk2", sk2, null, null);
0N/A        System.out.println("test " + testnum++ + " passed");
0N/A
0N/A        // set good ske 3
0N/A        ks.setEntry("sk3",
0N/A                new KeyStore.SecretKeyEntry(sk3),
0N/A                null);
0N/A        System.out.println("test " + testnum++ + " passed");
0N/A
0N/A        // set good ske 4
0N/A        ks.setEntry("sk4",
0N/A                new KeyStore.SecretKeyEntry(sk4),
0N/A                null);
0N/A        System.out.println("test " + testnum++ + " passed");
0N/A
0N/A        // getEntry good ske 1
0N/A        KeyStore.SecretKeyEntry ske =
0N/A                (KeyStore.SecretKeyEntry)ks.getEntry("sk1", null);
0N/A        if ("DES".equals(ske.getSecretKey().getAlgorithm())) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException
0N/A                ("expected DES, got " + ske.getSecretKey().getAlgorithm());
0N/A        }
0N/A
0N/A        // getEntry good ske 2
0N/A        ske = (KeyStore.SecretKeyEntry)ks.getEntry("sk2", null);
0N/A        if ("DESede".equals(ske.getSecretKey().getAlgorithm())) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException
0N/A                ("expected DESede, got " + ske.getSecretKey().getAlgorithm());
0N/A        }
0N/A
0N/A        // getEntry good ske 3
0N/A        ske = (KeyStore.SecretKeyEntry)ks.getEntry("sk3", null);
0N/A        if ("AES".equals(ske.getSecretKey().getAlgorithm())) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException
0N/A                ("expected AES, got " + ske.getSecretKey().getAlgorithm());
0N/A        }
0N/A
0N/A        // getEntry good ske 4
0N/A        ske = (KeyStore.SecretKeyEntry)ks.getEntry("sk4", null);
0N/A        if ("ARCFOUR".equals(ske.getSecretKey().getAlgorithm())) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException
0N/A                ("expected ARCFOUR, got " + ske.getSecretKey().getAlgorithm());
0N/A        }
0N/A
0N/A        // getKey good ske 1
0N/A        SecretKey skey = (SecretKey)ks.getKey("sk1", null);
0N/A        if ("DES".equals(skey.getAlgorithm())) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException
0N/A                ("expected DES, got " + skey.getAlgorithm());
0N/A        }
0N/A
0N/A        // getKey good ske 2
0N/A        skey = (SecretKey)ks.getKey("sk2", null);
0N/A        if ("DESede".equals(skey.getAlgorithm())) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException
0N/A                ("expected DESede, got " + skey.getAlgorithm());
0N/A        }
0N/A
0N/A        // getKey good ske 3
0N/A        skey = (SecretKey)ks.getKey("sk3", null);
0N/A        if ("AES".equals(skey.getAlgorithm())) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException
0N/A                ("expected AES, got " + skey.getAlgorithm());
0N/A        }
0N/A
0N/A        // getKey good ske 4
0N/A        skey = (SecretKey)ks.getKey("sk4", null);
0N/A        if ("ARCFOUR".equals(skey.getAlgorithm())) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException
0N/A                ("expected ARCFOUR, got " + skey.getAlgorithm());
0N/A        }
0N/A
0N/A        // aliases
0N/A        Enumeration enu = ks.aliases();
0N/A        int count = 0;
0N/A        while (enu.hasMoreElements()) {
0N/A            count++;
0N/A            System.out.println("alias " +
0N/A                                count +
0N/A                                " = " +
0N/A                                (String)enu.nextElement());
0N/A        }
0N/A        if (count == 5) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected 5 aliases");
0N/A        }
0N/A
0N/A        // size
0N/A        if (ks.size() == 5) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected size 5");
0N/A        }
0N/A
0N/A        // set good pke 2
0N/A        ks.setEntry("pk2",
0N/A                new KeyStore.PrivateKeyEntry(pk2, chain2),
0N/A                null);
0N/A        System.out.println("test " + testnum++ + " passed");
0N/A
0N/A        // set good pke 3
0N/A        ks.setEntry("pk3",
0N/A                new KeyStore.PrivateKeyEntry(pk3, chain3),
0N/A                null);
0N/A        System.out.println("test " + testnum++ + " passed");
0N/A
0N/A        // getEntry good pke 1
0N/A        KeyStore.PrivateKeyEntry pke =
0N/A                (KeyStore.PrivateKeyEntry)ks.getEntry("pk1", null);
0N/A        System.out.println("pk1 = " + pke.getPrivateKey());
0N/A        Certificate[] chain = pke.getCertificateChain();
0N/A        if (chain.length != chain1.length) {
0N/A            throw new SecurityException("received chain not correct length");
0N/A        }
0N/A        for (int i = 0; i < chain.length; i++) {
0N/A            if (!chain[i].equals(chain1[i])) {
0N/A                throw new SecurityException("received chain not equal");
0N/A            }
0N/A        }
0N/A
0N/A        // getEntry good pke 2
0N/A        pke = (KeyStore.PrivateKeyEntry)ks.getEntry("pk2", null);
0N/A        System.out.println("pk2 = " + pke.getPrivateKey());
0N/A        chain = pke.getCertificateChain();
0N/A        if (chain.length != chain2.length) {
0N/A            throw new SecurityException("received chain not correct length");
0N/A        }
0N/A        for (int i = 0; i < chain.length; i++) {
0N/A            if (!chain[i].equals(chain2[i])) {
0N/A                throw new SecurityException("received chain not equal");
0N/A            }
0N/A        }
0N/A
0N/A        // getEntry good pke 3
0N/A        pke = (KeyStore.PrivateKeyEntry)ks.getEntry("pk3", null);
0N/A        System.out.println("pk3 = " + pke.getPrivateKey());
0N/A        chain = pke.getCertificateChain();
0N/A        if (chain.length != chain3.length) {
0N/A            throw new SecurityException("received chain not correct length");
0N/A        }
0N/A        for (int i = 0; i < chain.length; i++) {
0N/A            if (!chain[i].equals(chain3[i])) {
0N/A                throw new SecurityException("received chain not equal");
0N/A            }
0N/A        }
0N/A
0N/A        // getKey good pke 1
0N/A        PrivateKey pkey = (PrivateKey)ks.getKey("pk1", null);
0N/A        if ("RSA".equals(pkey.getAlgorithm())) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException
0N/A                ("expected RSA, got " + pkey.getAlgorithm());
0N/A        }
0N/A
0N/A        // getCertificate chain chain 1
0N/A        chain = ks.getCertificateChain("pk1");
0N/A        if (chain.length != chain1.length) {
0N/A            throw new SecurityException("received chain not correct length");
0N/A        }
0N/A        for (int i = 0; i < chain.length; i++) {
0N/A            if (!chain[i].equals(chain1[i])) {
0N/A                throw new SecurityException("received chain not equal");
0N/A            }
0N/A        }
0N/A
0N/A        // getKey good pke 2
0N/A        pkey = (PrivateKey)ks.getKey("pk2", null);
0N/A        if ("RSA".equals(pkey.getAlgorithm())) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException
0N/A                ("expected RSA, got " + pkey.getAlgorithm());
0N/A        }
0N/A
0N/A        // getCertificate chain chain 2
0N/A        chain = ks.getCertificateChain("pk2");
0N/A        if (chain.length != chain2.length) {
0N/A            throw new SecurityException("received chain not correct length");
0N/A        }
0N/A        for (int i = 0; i < chain.length; i++) {
0N/A            if (!chain[i].equals(chain2[i])) {
0N/A                throw new SecurityException("received chain not equal");
0N/A            }
0N/A        }
0N/A
0N/A        // getKey good pke 3
0N/A        pkey = (PrivateKey)ks.getKey("pk3", null);
0N/A        if ("RSA".equals(pkey.getAlgorithm())) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException
0N/A                ("expected RSA, got " + pkey.getAlgorithm());
0N/A        }
0N/A
0N/A        // getCertificate chain chain 3
0N/A        chain = ks.getCertificateChain("pk3");
0N/A        if (chain.length != chain3.length) {
0N/A            throw new SecurityException("received chain not correct length");
0N/A        }
0N/A        for (int i = 0; i < chain.length; i++) {
0N/A            if (!chain[i].equals(chain3[i])) {
0N/A                throw new SecurityException("received chain not equal");
0N/A            }
0N/A        }
0N/A
0N/A        // aliases
0N/A        enu = ks.aliases();
0N/A        count = 0;
0N/A        while (enu.hasMoreElements()) {
0N/A            count++;
0N/A            System.out.println("alias " +
0N/A                                count +
0N/A                                " = " +
0N/A                                (String)enu.nextElement());
0N/A        }
0N/A        if (count == 7) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected 7 aliases");
0N/A        }
0N/A
0N/A        // size
0N/A        if (ks.size() == 7) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected size 7");
0N/A        }
0N/A
0N/A        // getCertificate good chain 1
0N/A        if (ks.getCertificate("pk1").equals(chain1[0])) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("retrieved cert not equal");
0N/A        }
0N/A
0N/A        // getCertificate good chain 3
0N/A        if (ks.getCertificate("pk3").equals(chain3[0])) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("retrieved cert not equal");
0N/A        }
0N/A
0N/A        // getKey good ske 1
0N/A        skey = (SecretKey)ks.getKey("sk1", null);
0N/A        if ("DES".equals(skey.getAlgorithm())) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException
0N/A                ("expected DES, got " + skey.getAlgorithm());
0N/A        }
0N/A
0N/A        // getKey good ske 4
0N/A        skey = (SecretKey)ks.getKey("sk4", null);
0N/A        if ("ARCFOUR".equals(skey.getAlgorithm())) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException
0N/A                ("expected ARCFOUR, got " + skey.getAlgorithm());
0N/A        }
0N/A
0N/A        // getKey good pke 1
0N/A        pkey = (PrivateKey)ks.getKey("pk1", null);
0N/A        if ("RSA".equals(pkey.getAlgorithm())) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException
0N/A                ("expected RSA, got " + pkey.getAlgorithm());
0N/A        }
0N/A
0N/A        // getKey good pke 3
0N/A        pkey = (PrivateKey)ks.getKey("pk3", null);
0N/A        if ("RSA".equals(pkey.getAlgorithm())) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException
0N/A                ("expected RSA, got " + pkey.getAlgorithm());
0N/A        }
0N/A
0N/A        // contains alias
0N/A        if (!ks.containsAlias("pk1") ||
0N/A                !ks.containsAlias("pk2") ||
0N/A                !ks.containsAlias("pk3") ||
0N/A                !ks.containsAlias("sk1") ||
0N/A                !ks.containsAlias("sk2") ||
0N/A                !ks.containsAlias("sk3") ||
0N/A                !ks.containsAlias("sk4")) {
0N/A            throw new SecurityException("did not contain all aliases");
0N/A        }
0N/A        System.out.println("test " + testnum++ + " passed");
0N/A
0N/A        // getCertificateAlias pk1
0N/A        if (ks.getCertificateAlias(chain1[0]).equals("pk1")) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected cert pk1");
0N/A        }
0N/A
0N/A        // getCertificateAlias pk3
0N/A        if (ks.getCertificateAlias(chain3[0]).equals("pk3")) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected cert pk3");
0N/A        }
0N/A
0N/A        // isCertificateEntry pk1
0N/A        if (!ks.isCertificateEntry("pk1")) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected pke");
0N/A        }
0N/A
0N/A        // isCertificateEntry pk3
0N/A        if (!ks.isCertificateEntry("pk3")) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected pke");
0N/A        }
0N/A
0N/A        // isCertificateEntry sk1
0N/A        if (!ks.isCertificateEntry("sk1")) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected ske");
0N/A        }
0N/A
0N/A        // isCertificateEntry sk4
0N/A        if (!ks.isCertificateEntry("sk4")) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected ske");
0N/A        }
0N/A
0N/A        // isKeyEntry pk1
0N/A        if (ks.isKeyEntry("pk1")) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected pke");
0N/A        }
0N/A
0N/A        // isKeyEntry pk3
0N/A        if (ks.isKeyEntry("pk3")) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected pke");
0N/A        }
0N/A
0N/A        // isKeyEntry sk1
0N/A        if (ks.isKeyEntry("sk1")) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected ske");
0N/A        }
0N/A
0N/A        // isKeyEntry sk4
0N/A        if (ks.isKeyEntry("sk4")) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected ske");
0N/A        }
0N/A
0N/A        // isCertificateEntry random foo
0N/A        if (!ks.isCertificateEntry("foo")) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected foo");
0N/A        }
0N/A
0N/A        // isKeyEntry random foo
0N/A        if (!ks.isKeyEntry("foo")) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected foo");
0N/A        }
0N/A
0N/A        // entryInstanceOf pk1
0N/A        if (!ks.entryInstanceOf
0N/A                ("pk1", KeyStore.TrustedCertificateEntry.class)) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected tce");
0N/A        }
0N/A
0N/A        // entryInstanceOf pk3
0N/A        if (!ks.entryInstanceOf
0N/A                ("pk3", KeyStore.TrustedCertificateEntry.class)) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected tce");
0N/A        }
0N/A
0N/A        // entryInstanceOf sk1
0N/A        if (!ks.entryInstanceOf
0N/A                ("sk1", KeyStore.TrustedCertificateEntry.class)) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected tce");
0N/A        }
0N/A
0N/A        // entryInstanceOf sk4
0N/A        if (!ks.entryInstanceOf
0N/A                ("sk4", KeyStore.TrustedCertificateEntry.class)) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected tce");
0N/A        }
0N/A
0N/A        // entryInstanceOf pk1
0N/A        if (ks.entryInstanceOf("pk1", KeyStore.PrivateKeyEntry.class)) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected pke");
0N/A        }
0N/A
0N/A        // entryInstanceOf pk3
0N/A        if (ks.entryInstanceOf("pk3", KeyStore.PrivateKeyEntry.class)) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected pke");
0N/A        }
0N/A
0N/A        // entryInstanceOf sk1
0N/A        if (!ks.entryInstanceOf("sk1", KeyStore.PrivateKeyEntry.class)) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected pke");
0N/A        }
0N/A
0N/A        // entryInstanceOf sk4
0N/A        if (!ks.entryInstanceOf("sk4", KeyStore.PrivateKeyEntry.class)) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected pke");
0N/A        }
0N/A
0N/A        // entryInstanceOf sk1
0N/A        if (ks.entryInstanceOf("sk1", KeyStore.SecretKeyEntry.class)) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected ske");
0N/A        }
0N/A
0N/A        // entryInstanceOf sk4
0N/A        if (ks.entryInstanceOf("sk4", KeyStore.SecretKeyEntry.class)) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected ske");
0N/A        }
0N/A
0N/A        // entryInstanceOf pk1
0N/A        if (!ks.entryInstanceOf("pk1", KeyStore.SecretKeyEntry.class)) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected ske");
0N/A        }
0N/A
0N/A        // entryInstanceOf pk3
0N/A        if (!ks.entryInstanceOf("pk3", KeyStore.SecretKeyEntry.class)) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected ske");
0N/A        }
0N/A
0N/A        // getEntry random foobar
0N/A        if (ks.getEntry("foobar", null) != null) {
0N/A            throw new SecurityException("expected null entry");
0N/A        } else {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        }
0N/A
0N/A        // deleteEntry
0N/A        ks.deleteEntry("pk1");
0N/A        ks.deleteEntry("pk3");
0N/A        ks.deleteEntry("sk2");
0N/A        ks.deleteEntry("sk3");
0N/A        System.out.println("test " + testnum++ + " passed");
0N/A
0N/A        // aliases
0N/A        enu = ks.aliases();
0N/A        count = 0;
0N/A        while (enu.hasMoreElements()) {
0N/A            count++;
0N/A            System.out.println("alias " +
0N/A                                count +
0N/A                                " = " +
0N/A                                (String)enu.nextElement());
0N/A        }
0N/A        if (count == 3) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected 3 aliases");
0N/A        }
0N/A
0N/A        // size
0N/A        if (ks.size() == 3) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected size 6");
0N/A        }
0N/A
0N/A        // entryInstanceOf sk1
0N/A        if (!ks.entryInstanceOf("sk1", KeyStore.PrivateKeyEntry.class)) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected pke");
0N/A        }
0N/A
0N/A        // entryInstanceOf sk4
0N/A        if (!ks.entryInstanceOf("sk4", KeyStore.PrivateKeyEntry.class)) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected pke");
0N/A        }
0N/A
0N/A        // entryInstanceOf pk2
0N/A        if (ks.entryInstanceOf("pk2", KeyStore.PrivateKeyEntry.class)) {
0N/A            System.out.println("test " + testnum++ + " passed");
0N/A        } else {
0N/A            throw new SecurityException("expected pke");
0N/A        }
0N/A        System.out.println("test " + testnum++ + " passed");
0N/A
0N/A        return testnum;
0N/A    }
0N/A}