1/* 2 * Copyright (c) 2007, 2013, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24/* 25 * @test 26 * @bug 6468285 27 * @summary keytool ability to backdate self-signed certificates to compensate for clock skew 28 * @modules java.base/sun.security.tools.keytool:+open 29 * @run main StartDateTest 30 */ 31 32import java.io.File; 33import java.io.FileInputStream; 34import java.lang.reflect.Method; 35import java.security.KeyStore; 36import java.security.cert.X509Certificate; 37import java.util.Calendar; 38import java.util.Date; 39import java.util.GregorianCalendar; 40 41public class StartDateTest { 42 public static void main(String[] args) throws Exception { 43 44 // Part 1: Test function 45 Calendar cal = new GregorianCalendar(); 46 int year = cal.get(Calendar.YEAR); 47 int month = cal.get(Calendar.MONTH); 48 49 new File("jks").delete(); 50 51 run("one", "+1y"); 52 cal.setTime(getIssueDate("one")); 53 System.out.println(cal); 54 if (cal.get(Calendar.YEAR) != year + 1) { 55 throw new Exception("Function check #1 fails"); 56 } 57 58 run("two", "+1m"); 59 cal.setTime(getIssueDate("two")); 60 System.out.println(cal); 61 if (cal.get(Calendar.MONTH) != (month + 1) % 12) { 62 throw new Exception("Function check #2 fails"); 63 } 64 65 run("three", "2009/10/11 12:34:56"); 66 cal.setTime(getIssueDate("three")); 67 System.out.println(cal); 68 if (cal.get(Calendar.YEAR) != 2009 || 69 cal.get(Calendar.MONTH) != Calendar.OCTOBER || 70 cal.get(Calendar.DAY_OF_MONTH) != 11 || 71 cal.get(Calendar.HOUR_OF_DAY) != 12 || 72 cal.get(Calendar.MINUTE) != 34 || 73 cal.get(Calendar.SECOND) != 56) { 74 throw new Exception("Function check #3 fails"); 75 } 76 77 // Part 2: Test format 78 Method m = sun.security.tools.keytool.Main.class.getDeclaredMethod( 79 "getStartDate", String.class); 80 m.setAccessible(true); 81 for (String s: new String[] { 82 null, //NOW! 83 "+1m+1d", 84 "+1y-1m+1d", 85 "+3H", 86 "+1M", 87 "-5M", 88 "+011d", 89 "+22S", 90 "+500S", 91 "2001/01/01", 92 "15:15:15", 93 "2001/01/01 11:11:11", 94 }) { 95 try { 96 System.out.println(s + " " + m.invoke(null, s)); 97 } catch (Exception e) { 98 e.printStackTrace(); 99 throw new Exception("Failed at " + s); 100 } 101 } 102 for (String s: new String[] { 103 "", // empty 104 "+3", 105 "+3m+", 106 "+3m+3", 107 "1m", // no sign 108 "+0x011d", // hex number 109 "+1m1d", // no sign for the 2nd sub value 110 "m", 111 "+1h", // h is not H 112 "-1m1d", 113 "-m", 114 "x", 115 "+1m +1d", 116 "2007/07", 117 "01:01", 118 "+01:01:01", // what's this? 119 "1:01:01", 120 "12pm", 121 "2007/07/07 12:12:12", // extra blank between 122 "2001/01/01-11:11:11", 123 "2007-07-07", // non-standard date delim 124 "2007/7/7", // no padding 125 "07/07/07", // year's length not 4 126 "1:1:1", 127 }) { 128 boolean failed = false; 129 try { 130 System.out.println(m.invoke(null, s)); 131 } catch (Exception e) { 132 System.out.println(s + " " + e.getCause()); 133 failed = true; 134 } 135 if (!failed) throw new Exception("Failed at " + s); 136 } 137 } 138 139 // The keytool command line template, alias and startdate TBD 140 static String[] cmd = ("-alias tbd -startdate tbd -keystore jks " + 141 "-storetype jks -storepass changeit -keypass changeit " + 142 "-keyalg rsa -genkeypair -dname CN=Haha -debug").split(" "); 143 144 static void run(String alias, String startDate) throws Exception { 145 cmd[1] = alias; 146 cmd[3] = startDate; 147 sun.security.tools.keytool.Main.main(cmd); 148 } 149 150 static Date getIssueDate(String alias) throws Exception { 151 KeyStore ks = KeyStore.getInstance("jks"); 152 try (FileInputStream fis = new FileInputStream("jks")) { 153 ks.load(fis, "changeit".toCharArray()); 154 } 155 X509Certificate cert = (X509Certificate)ks.getCertificate(alias); 156 return cert.getNotBefore(); 157 } 158} 159