1/*
2 * Copyright (c) 2007, 2013, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24/*
25 * @test
26 * @bug 6468285
27 * @summary keytool ability to backdate self-signed certificates to compensate for clock skew
28 * @modules java.base/sun.security.tools.keytool:+open
29 * @run main StartDateTest
30 */
31
32import java.io.File;
33import java.io.FileInputStream;
34import java.lang.reflect.Method;
35import java.security.KeyStore;
36import java.security.cert.X509Certificate;
37import java.util.Calendar;
38import java.util.Date;
39import java.util.GregorianCalendar;
40
41public class StartDateTest {
42    public static void main(String[] args) throws Exception {
43
44        // Part 1: Test function
45        Calendar cal = new GregorianCalendar();
46        int year = cal.get(Calendar.YEAR);
47        int month = cal.get(Calendar.MONTH);
48
49        new File("jks").delete();
50
51        run("one", "+1y");
52        cal.setTime(getIssueDate("one"));
53        System.out.println(cal);
54        if (cal.get(Calendar.YEAR) != year + 1) {
55            throw new Exception("Function check #1 fails");
56        }
57
58        run("two", "+1m");
59        cal.setTime(getIssueDate("two"));
60        System.out.println(cal);
61        if (cal.get(Calendar.MONTH) != (month + 1) % 12) {
62            throw new Exception("Function check #2 fails");
63        }
64
65        run("three", "2009/10/11 12:34:56");
66        cal.setTime(getIssueDate("three"));
67        System.out.println(cal);
68        if (cal.get(Calendar.YEAR) != 2009 ||
69                cal.get(Calendar.MONTH) != Calendar.OCTOBER ||
70                cal.get(Calendar.DAY_OF_MONTH) != 11 ||
71                cal.get(Calendar.HOUR_OF_DAY) != 12 ||
72                cal.get(Calendar.MINUTE) != 34 ||
73                cal.get(Calendar.SECOND) != 56) {
74            throw new Exception("Function check #3 fails");
75        }
76
77        // Part 2: Test format
78        Method m = sun.security.tools.keytool.Main.class.getDeclaredMethod(
79                   "getStartDate", String.class);
80        m.setAccessible(true);
81        for (String s: new String[] {
82                null,       //NOW!
83                "+1m+1d",
84                "+1y-1m+1d",
85                "+3H",
86                "+1M",
87                "-5M",
88                "+011d",
89                "+22S",
90                "+500S",
91                "2001/01/01",
92                "15:15:15",
93                "2001/01/01 11:11:11",
94                }) {
95            try {
96                System.out.println(s + " " + m.invoke(null, s));
97            } catch (Exception e) {
98                e.printStackTrace();
99                throw new Exception("Failed at " + s);
100            }
101        }
102        for (String s: new String[] {
103                "",         // empty
104                "+3",
105                "+3m+",
106                "+3m+3",
107                "1m",       // no sign
108                "+0x011d",  // hex number
109                "+1m1d",    // no sign for the 2nd sub value
110                "m",
111                "+1h",      // h is not H
112                "-1m1d",
113                "-m",
114                "x",
115                "+1m +1d",
116                "2007/07",
117                "01:01",
118                "+01:01:01",                // what's this?
119                "1:01:01",
120                "12pm",
121                "2007/07/07  12:12:12",     // extra blank between
122                "2001/01/01-11:11:11",
123                "2007-07-07",               // non-standard date delim
124                "2007/7/7",                 // no padding
125                "07/07/07",                 // year's length not 4
126                "1:1:1",
127                }) {
128            boolean failed = false;
129            try {
130                System.out.println(m.invoke(null, s));
131            } catch (Exception e) {
132                System.out.println(s + " " + e.getCause());
133                failed = true;
134            }
135            if (!failed) throw new Exception("Failed at " + s);
136        }
137    }
138
139    // The keytool command line template, alias and startdate TBD
140    static String[] cmd = ("-alias tbd -startdate tbd -keystore jks " +
141            "-storetype jks -storepass changeit -keypass changeit " +
142            "-keyalg rsa -genkeypair -dname CN=Haha -debug").split(" ");
143
144    static void run(String alias, String startDate) throws Exception {
145        cmd[1] = alias;
146        cmd[3] = startDate;
147        sun.security.tools.keytool.Main.main(cmd);
148    }
149
150    static Date getIssueDate(String alias) throws Exception {
151        KeyStore ks = KeyStore.getInstance("jks");
152        try (FileInputStream fis = new FileInputStream("jks")) {
153            ks.load(fis, "changeit".toCharArray());
154        }
155        X509Certificate cert = (X509Certificate)ks.getCertificate(alias);
156        return cert.getNotBefore();
157    }
158}
159