From eadc9e8c86af356bf300e554bb59c3ffde14e7a8 Mon Sep 17 00:00:00 2001 From: vinnie Date: Mon, 6 Feb 2017 17:28:33 +0000 Subject: [PATCH] 8173956: KeyStore regression due to default keystore being changed to PKCS12 Reviewed-by: xuelei, andrew --- .../sun/security/pkcs12/PKCS12KeyStore.java | 2 +- test/sun/security/pkcs12/MixedcaseAlias.java | 68 +++++++++++++++++++ 2 files changed, 69 insertions(+), 1 deletion(-) create mode 100644 test/sun/security/pkcs12/MixedcaseAlias.java diff --git a/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java b/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java index 30c948918..07d8e98a0 100644 --- a/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java +++ b/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java @@ -982,7 +982,7 @@ public final class PKCS12KeyStore extends KeyStoreSpi { new CertEntry((X509Certificate) cert, null, alias, AnyUsage, attributes); certificateCount++; - entries.put(alias, certEntry); + entries.put(alias.toLowerCase(Locale.ENGLISH), certEntry); if (debug != null) { debug.println("Setting a trusted certificate at alias '" + alias + diff --git a/test/sun/security/pkcs12/MixedcaseAlias.java b/test/sun/security/pkcs12/MixedcaseAlias.java new file mode 100644 index 000000000..520da009b --- /dev/null +++ b/test/sun/security/pkcs12/MixedcaseAlias.java @@ -0,0 +1,68 @@ +/* + * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 8173956 + * @summary KeyStore regression due to default keystore being changed to PKCS12 + */ + +import java.io.*; +import java.security.KeyStore; +import java.security.cert.Certificate; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; + +/** + * Test that a PKCS12 keystore entry with mixed-case alias can be retrieved. + */ +public class MixedcaseAlias { + private static final String DIR = System.getProperty("test.src", "."); + private static final String CERT = DIR + "/trusted.pem"; + private static final String ALIAS = "Mixed-case Alias"; + + public static void main(String[] ignored) throws Exception { + KeyStore keystore = KeyStore.getInstance("PKCS12"); + keystore.load(null, null); + + keystore.setCertificateEntry(ALIAS, loadCertificate(CERT)); + KeyStore.Entry entry = keystore.getEntry(ALIAS, null); + + if (entry == null) { + throw new Exception( + "Error retrieving keystore entry using a mixed-case alias"); + } + + System.out.println("OK"); + } + + private static Certificate loadCertificate(String certFile) + throws Exception { + X509Certificate cert = null; + try (FileInputStream certStream = new FileInputStream(certFile)) { + CertificateFactory factory = + CertificateFactory.getInstance("X.509"); + return factory.generateCertificate(certStream); + } + } +} -- GitLab