public void testCreateSharedPLNKeyStores() throws Exception {
List<String> hosts = ListUtil.list("host1", "host2.foo.bar", "host3");
List<String> hosts2 = ListUtil.list("host3", "host4");
File dir = getTempDir();
File pub = new File(dir, "pub.ks");
KeyStoreUtil.createSharedPLNKeyStores(
dir, hosts, pub, "pubpass", MiscTestUtil.getSecureRandom());
assertPubKs(pub, "pubpass", hosts);
for (String host : hosts) {
assertPrivateKs(
new File(dir, host + ".jceks"), StringUtil.fromFile(new File(dir, host + ".pass")), host);
}
KeyStore pubks1 = loadKeyStore("jceks", new File(dir, "pub.ks"), "pubpass");
Certificate host1cert1 = pubks1.getCertificate("host1.crt");
Certificate host3cert1 = pubks1.getCertificate("host3.crt");
String host1priv1 = StringUtil.fromFile(new File(dir, "host1.jceks"));
String host3priv1 = StringUtil.fromFile(new File(dir, "host3.jceks"));
// Now add host4 and generate a new key for host3
KeyStoreUtil.createSharedPLNKeyStores(
dir, hosts2, pub, "pubpass", MiscTestUtil.getSecureRandom());
List<String> both = ListUtils.sum(hosts, hosts2);
assertPubKs(pub, "pubpass", both);
for (String host : both) {
assertPrivateKs(
new File(dir, host + ".jceks"), StringUtil.fromFile(new File(dir, host + ".pass")), host);
}
KeyStore pubks2 = loadKeyStore("jceks", new File(dir, "pub.ks"), "pubpass");
// host1 should have the same cert, host3 not
Certificate host1cert2 = pubks2.getCertificate("host1.crt");
Certificate host3cert2 = pubks2.getCertificate("host3.crt");
assertEquals(host1cert1, host1cert2);
assertNotEquals(host3cert1, host3cert2);
// host1's private key file should be the same, host3's not
String host1priv2 = StringUtil.fromFile(new File(dir, "host1.jceks"));
String host3priv2 = StringUtil.fromFile(new File(dir, "host3.jceks"));
assertEquals(host1priv1, host1priv2);
assertNotEquals(host3priv1, host3priv2);
}
// Return the serialized representation of the object
String ser(LockssSerializable o) throws Exception {
File tf = getTempFile("ser", ".xml");
new XStreamSerializer().serialize(tf, o);
return StringUtil.fromFile(tf);
}