StartDateTest.java revision 4479:cb83fe13af98
1/* 2 * Copyright (c) 2007, 2008, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24/* 25 * @test 26 * @bug 6468285 27 * @summary keytool ability to backdate self-signed certificates to compensate for clock skew 28 */ 29 30import java.io.File; 31import java.io.FileInputStream; 32import java.lang.reflect.Method; 33import java.security.KeyStore; 34import java.security.cert.X509Certificate; 35import java.util.Calendar; 36import java.util.Date; 37import java.util.GregorianCalendar; 38import sun.security.tools.KeyTool; 39 40public class StartDateTest { 41 public static void main(String[] args) throws Exception { 42 43 // Part 1: Test function 44 Calendar cal = new GregorianCalendar(); 45 int year = cal.get(Calendar.YEAR); 46 int month = cal.get(Calendar.MONTH); 47 48 new File("jks").delete(); 49 50 run("-keystore jks -storetype jks -storepass changeit -keypass changeit -alias me " + 51 "-genkeypair -dname CN=Haha -startdate +1y"); 52 cal.setTime(getIssueDate()); 53 System.out.println(cal); 54 if (cal.get(Calendar.YEAR) != year + 1) { 55 throw new Exception("Function check #1 fails"); 56 } 57 58 run("-keystore jks -storetype jks -storepass changeit -keypass changeit -alias me " + 59 "-selfcert -startdate +1m"); 60 cal.setTime(getIssueDate()); 61 System.out.println(cal); 62 if (cal.get(Calendar.MONTH) != (month + 1) % 12) { 63 throw new Exception("Function check #2 fails"); 64 } 65 66 new File("jks").delete(); 67 68 // Part 2: Test format 69 Method m = KeyTool.class.getDeclaredMethod("getStartDate", String.class); 70 m.setAccessible(true); 71 for (String s: new String[] { 72 null, //NOW! 73 "+1m+1d", 74 "+1y-1m+1d", 75 "+3H", 76 "+1M", 77 "-5M", 78 "+011d", 79 "+22S", 80 "+500S", 81 "2001/01/01", 82 "15:15:15", 83 "2001/01/01 11:11:11", 84 }) { 85 try { 86 System.out.println(s + " " + m.invoke(null, s)); 87 } catch (Exception e) { 88 e.printStackTrace(); 89 throw new Exception("Failed at " + s); 90 } 91 } 92 for (String s: new String[] { 93 "", // empty 94 "+3", 95 "+3m+", 96 "+3m+3", 97 "1m", // no sign 98 "+0x011d", // hex number 99 "+1m1d", // no sign for the 2nd sub value 100 "m", 101 "+1h", // h is not H 102 "-1m1d", 103 "-m", 104 "x", 105 "+1m +1d", 106 "2007/07", 107 "01:01", 108 "+01:01:01", // what's this? 109 "1:01:01", 110 "12pm", 111 "2007/07/07 12:12:12", // extra blank between 112 "2001/01/01-11:11:11", 113 "2007-07-07", // non-standard date delim 114 "2007/7/7", // no padding 115 "07/07/07", // year's length not 4 116 "1:1:1", 117 }) { 118 boolean failed = false; 119 try { 120 System.out.println(m.invoke(null, s)); 121 } catch (Exception e) { 122 System.out.println(s + " " + e.getCause()); 123 failed = true; 124 } 125 if (!failed) throw new Exception("Failed at " + s); 126 } 127 } 128 129 static void run(String s) throws Exception { 130 KeyTool.main((s+" -debug").split(" ")); 131 } 132 133 static Date getIssueDate() throws Exception { 134 KeyStore ks = KeyStore.getInstance("jks"); 135 try (FileInputStream fis = new FileInputStream("jks")) { 136 ks.load(fis, "changeit".toCharArray()); 137 } 138 X509Certificate cert = (X509Certificate)ks.getCertificate("me"); 139 return cert.getNotBefore(); 140 } 141} 142