提交 61681b39 编写于 作者: W weijun

8027026: Change keytool -genkeypair to use -keyalg RSA

Reviewed-by: alanb, chegar, mullan
上级 75b69326
...@@ -273,14 +273,8 @@ sun/security/pkcs11/sslecc/ClientJSSEServerJSSE.java solaris-all ...@@ -273,14 +273,8 @@ sun/security/pkcs11/sslecc/ClientJSSEServerJSSE.java solaris-all
sun/security/pkcs11/Secmod/AddPrivateKey.java linux-all sun/security/pkcs11/Secmod/AddPrivateKey.java linux-all
sun/security/pkcs11/Secmod/TrustAnchors.java linux-all sun/security/pkcs11/Secmod/TrustAnchors.java linux-all
# 7041639, Solaris DSA keypair generation bug (Note: jdk_util also affected) # 7041639, Solaris DSA keypair generation bug
java/security/KeyPairGenerator/SolarisShortDSA.java solaris-all java/security/KeyPairGenerator/SolarisShortDSA.java solaris-all
sun/security/tools/jarsigner/onlymanifest.sh solaris-all
sun/security/tools/jarsigner/ts.sh solaris-all
sun/security/tools/keytool/emptysubject.sh solaris-all
sun/security/tools/keytool/importreadall.sh solaris-all
sun/security/tools/keytool/readjar.sh solaris-all
sun/security/tools/keytool/selfissued.sh solaris-all
sun/security/tools/keytool/standard.sh solaris-all sun/security/tools/keytool/standard.sh solaris-all
# 8000439: NPG: REGRESSION : sun/security/krb5/auto/MaxRetries.java fails with timeout # 8000439: NPG: REGRESSION : sun/security/krb5/auto/MaxRetries.java fails with timeout
...@@ -351,7 +345,4 @@ java/util/concurrent/ThreadPoolExecutor/CoreThreadTimeOut.java generic-all ...@@ -351,7 +345,4 @@ java/util/concurrent/ThreadPoolExecutor/CoreThreadTimeOut.java generic-all
# Filed 6772009 # Filed 6772009
java/util/concurrent/locks/ReentrantLock/CancelledLockLoops.java generic-all java/util/concurrent/locks/ReentrantLock/CancelledLockLoops.java generic-all
# 7041639, Solaris DSA keypair generation bug
java/util/TimeZone/TimeZoneDatePermissionCheck.sh solaris-all
############################################################################ ############################################################################
...@@ -40,6 +40,7 @@ rm -f ${TESTCLASSES}/timezonedatetest.store ...@@ -40,6 +40,7 @@ rm -f ${TESTCLASSES}/timezonedatetest.store
${COMPILEJAVA}/bin/keytool ${TESTTOOLVMOPTS} -genkeypair -alias testcert \ ${COMPILEJAVA}/bin/keytool ${TESTTOOLVMOPTS} -genkeypair -alias testcert \
-keystore ${TESTCLASSES}/timezonedatetest.store \ -keystore ${TESTCLASSES}/timezonedatetest.store \
-storepass testpass -validity 360 \ -storepass testpass -validity 360 \
-keyalg rsa \
-dname "cn=Mark Wildebeest, ou=FreeSoft, o=Red Hat, c=NL" \ -dname "cn=Mark Wildebeest, ou=FreeSoft, o=Red Hat, c=NL" \
-keypass testpass -keypass testpass
......
...@@ -49,7 +49,7 @@ public class ExtraFileInMetaInf { ...@@ -49,7 +49,7 @@ public class ExtraFileInMetaInf {
new File("ks").delete(); new File("ks").delete();
sun.security.tools.keytool.Main.main( sun.security.tools.keytool.Main.main(
("-keystore ks -storepass changeit -keypass changeit " + ("-keystore ks -storepass changeit -keypass changeit " +
"-alias a -dname CN=A -genkeypair").split(" ")); "-keyalg rsa -alias a -dname CN=A -genkeypair").split(" "));
sun.security.tools.jarsigner.Main.main( sun.security.tools.jarsigner.Main.main(
"-keystore ks -storepass changeit x.jar a".split(" ")); "-keystore ks -storepass changeit x.jar a".split(" "));
......
...@@ -60,7 +60,7 @@ public class PKCS12SameKeyId { ...@@ -60,7 +60,7 @@ public class PKCS12SameKeyId {
for (int i=0; i<SIZE; i++) { for (int i=0; i<SIZE; i++) {
System.err.print("."); System.err.print(".");
String cmd = "-keystore " + JKSFILE String cmd = "-keystore " + JKSFILE
+ " -storepass changeit -keypass changeit " + " -storepass changeit -keypass changeit -keyalg rsa "
+ "-genkeypair -alias p" + i + " -dname CN=" + i; + "-genkeypair -alias p" + i + " -dname CN=" + i;
sun.security.tools.keytool.Main.main(cmd.split(" ")); sun.security.tools.keytool.Main.main(cmd.split(" "));
} }
......
...@@ -185,7 +185,7 @@ public class TimestampCheck { ...@@ -185,7 +185,7 @@ public class TimestampCheck {
DerOutputStream tstInfo2 = new DerOutputStream(); DerOutputStream tstInfo2 = new DerOutputStream();
tstInfo2.putOctetString(tstInfo.toByteArray()); tstInfo2.putOctetString(tstInfo.toByteArray());
Signature sig = Signature.getInstance("SHA1withDSA"); Signature sig = Signature.getInstance("SHA1withRSA");
sig.initSign((PrivateKey)(ks.getKey( sig.initSign((PrivateKey)(ks.getKey(
alias, "changeit".toCharArray()))); alias, "changeit".toCharArray())));
sig.update(tstInfo.toByteArray()); sig.update(tstInfo.toByteArray());
......
...@@ -45,7 +45,7 @@ case "$OS" in ...@@ -45,7 +45,7 @@ case "$OS" in
;; ;;
esac esac
KT="$TESTJAVA${FS}bin${FS}keytool -storepass changeit -keypass changeit" KT="$TESTJAVA${FS}bin${FS}keytool -storepass changeit -keypass changeit -keyalg rsa"
JAR=$TESTJAVA${FS}bin${FS}jar JAR=$TESTJAVA${FS}bin${FS}jar
JARSIGNER="$TESTJAVA${FS}bin${FS}jarsigner" JARSIGNER="$TESTJAVA${FS}bin${FS}jarsigner"
......
...@@ -47,7 +47,7 @@ KS=collator.jks ...@@ -47,7 +47,7 @@ KS=collator.jks
JFILE=collator.jar JFILE=collator.jar
KT="$TESTJAVA${FS}bin${FS}keytool -storepass changeit -keypass changeit \ KT="$TESTJAVA${FS}bin${FS}keytool -storepass changeit -keypass changeit \
-keystore $KS" -keyalg rsa -keystore $KS"
JAR=$TESTJAVA${FS}bin${FS}jar JAR=$TESTJAVA${FS}bin${FS}jar
JARSIGNER="$TESTJAVA${FS}bin${FS}jarsigner -keystore $KS -storepass changeit" JARSIGNER="$TESTJAVA${FS}bin${FS}jarsigner -keystore $KS -storepass changeit"
......
...@@ -45,7 +45,7 @@ esac ...@@ -45,7 +45,7 @@ esac
KS=crl.jks KS=crl.jks
KT="$TESTJAVA${FS}bin${FS}keytool -storepass changeit -keypass changeit -keystore $KS" KT="$TESTJAVA${FS}bin${FS}keytool -storepass changeit -keypass changeit -keystore $KS -keyalg rsa"
rm $KS 2> /dev/null rm $KS 2> /dev/null
......
...@@ -47,7 +47,7 @@ KS=jvindex.jks ...@@ -47,7 +47,7 @@ KS=jvindex.jks
JFILE=jvindex.jar JFILE=jvindex.jar
KT="$TESTJAVA${FS}bin${FS}keytool -storepass changeit -keypass changeit \ KT="$TESTJAVA${FS}bin${FS}keytool -storepass changeit -keypass changeit \
-keystore $KS" -keystore $KS -keyalg rsa"
JAR=$TESTJAVA${FS}bin${FS}jar JAR=$TESTJAVA${FS}bin${FS}jar
JARSIGNER="$TESTJAVA${FS}bin${FS}jarsigner -keystore $KS -storepass changeit" JARSIGNER="$TESTJAVA${FS}bin${FS}jarsigner -keystore $KS -storepass changeit"
......
...@@ -51,7 +51,7 @@ esac ...@@ -51,7 +51,7 @@ esac
KSFILE=ns7.jks KSFILE=ns7.jks
KT="${TESTJAVA}${FS}bin${FS}keytool -keystore ns7.jks -storepass changeit -keypass changeit" KT="${TESTJAVA}${FS}bin${FS}keytool -keystore ns7.jks -storepass changeit -keypass changeit -keyalg rsa"
JAR="${TESTJAVA}${FS}bin${FS}jar" JAR="${TESTJAVA}${FS}bin${FS}jar"
JS="${TESTJAVA}${FS}bin${FS}jarsigner -keystore ns7.jks -storepass changeit" JS="${TESTJAVA}${FS}bin${FS}jarsigner -keystore ns7.jks -storepass changeit"
......
...@@ -46,7 +46,7 @@ KS=onlymanifest.jks ...@@ -46,7 +46,7 @@ KS=onlymanifest.jks
JFILE=onlymanifest.jar JFILE=onlymanifest.jar
KT="$TESTJAVA${FS}bin${FS}keytool -storepass changeit -keypass changeit \ KT="$TESTJAVA${FS}bin${FS}keytool -storepass changeit -keypass changeit \
-keystore $KS" -keystore $KS -keyalg rsa"
JAR=$TESTJAVA${FS}bin${FS}jar JAR=$TESTJAVA${FS}bin${FS}jar
JARSIGNER=$TESTJAVA${FS}bin${FS}jarsigner JARSIGNER=$TESTJAVA${FS}bin${FS}jarsigner
......
...@@ -45,7 +45,7 @@ esac ...@@ -45,7 +45,7 @@ esac
KS=pt.jks KS=pt.jks
JFILE=pt.jar JFILE=pt.jar
KT="$TESTJAVA${FS}bin${FS}keytool -keystore $KS -validity 300" KT="$TESTJAVA${FS}bin${FS}keytool -keystore $KS -validity 300 -keyalg rsa"
JAR=$TESTJAVA${FS}bin${FS}jar JAR=$TESTJAVA${FS}bin${FS}jar
JARSIGNER=$TESTJAVA${FS}bin${FS}jarsigner JARSIGNER=$TESTJAVA${FS}bin${FS}jarsigner
......
...@@ -47,7 +47,7 @@ esac ...@@ -47,7 +47,7 @@ esac
KS=samename.jks KS=samename.jks
JFILE=em.jar JFILE=em.jar
KT="$TESTJAVA${FS}bin${FS}keytool -storepass changeit -keypass changeit -keystore $KS" KT="$TESTJAVA${FS}bin${FS}keytool -storepass changeit -keypass changeit -keystore $KS -keyalg rsa"
JAR=$TESTJAVA${FS}bin${FS}jar JAR=$TESTJAVA${FS}bin${FS}jar
JARSIGNER=$TESTJAVA${FS}bin${FS}jarsigner JARSIGNER=$TESTJAVA${FS}bin${FS}jarsigner
......
...@@ -53,7 +53,7 @@ fi ...@@ -53,7 +53,7 @@ fi
JAR="${TESTJAVA}${FS}bin${FS}jar" JAR="${TESTJAVA}${FS}bin${FS}jar"
JAVA="${TESTJAVA}${FS}bin${FS}java" JAVA="${TESTJAVA}${FS}bin${FS}java"
JAVAC="${TESTJAVA}${FS}bin${FS}javac" JAVAC="${TESTJAVA}${FS}bin${FS}javac"
KT="${TESTJAVA}${FS}bin${FS}keytool -keystore tsks -storepass changeit -keypass changeit" KT="${TESTJAVA}${FS}bin${FS}keytool -keystore tsks -storepass changeit -keypass changeit -keyalg rsa"
rm tsks rm tsks
echo Nothing > A echo Nothing > A
......
...@@ -59,7 +59,7 @@ public class CloseFile { ...@@ -59,7 +59,7 @@ public class CloseFile {
} }
static void run(String s) throws Exception { static void run(String s) throws Exception {
sun.security.tools.keytool.Main.main((s+" -debug").split(" ")); sun.security.tools.keytool.Main.main((s+" -debug -keyalg rsa").split(" "));
} }
static void remove(String filename, boolean check) { static void remove(String filename, boolean check) {
new File(filename).delete(); new File(filename).delete();
......
...@@ -71,6 +71,7 @@ do ...@@ -71,6 +71,7 @@ do
-storetype PKCS12 \ -storetype PKCS12 \
-keystore $TEMPORARY_P12 \ -keystore $TEMPORARY_P12 \
-storepass $PWD \ -storepass $PWD \
-keyalg rsa \
-dname "CN=$i,OU=$i,O=$i,ST=$i,C=US" \ -dname "CN=$i,OU=$i,O=$i,ST=$i,C=US" \
-alias 7133495-$i -alias 7133495-$i
......
...@@ -49,7 +49,7 @@ public class StartDateTest { ...@@ -49,7 +49,7 @@ public class StartDateTest {
new File("jks").delete(); new File("jks").delete();
run("-keystore jks -storetype jks -storepass changeit -keypass changeit -alias me " + run("-keystore jks -storetype jks -storepass changeit -keypass changeit -alias me " +
"-genkeypair -dname CN=Haha -startdate +1y"); "-keyalg rsa -genkeypair -dname CN=Haha -startdate +1y");
cal.setTime(getIssueDate()); cal.setTime(getIssueDate());
System.out.println(cal); System.out.println(cal);
if (cal.get(Calendar.YEAR) != year + 1) { if (cal.get(Calendar.YEAR) != year + 1) {
......
...@@ -43,7 +43,7 @@ public class UnknownAndUnparseable { ...@@ -43,7 +43,7 @@ public class UnknownAndUnparseable {
// Create a cert with an unknown extension: 1.2.3.4, and an invalid // Create a cert with an unknown extension: 1.2.3.4, and an invalid
// KeyUsage extension // KeyUsage extension
String genkey = s String genkey = s
+ "-genkeypair -alias a -dname CN=A -ext 1.2.3.4=1234 " + "-genkeypair -alias a -dname CN=A -ext 1.2.3.4=1234 -keyalg rsa "
+ "-ext " + PKIXExtensions.KeyUsage_Id.toString() + "=5678"; + "-ext " + PKIXExtensions.KeyUsage_Id.toString() + "=5678";
sun.security.tools.keytool.Main.main(genkey.split(" ")); sun.security.tools.keytool.Main.main(genkey.split(" "));
......
...@@ -45,7 +45,7 @@ case "$OS" in ...@@ -45,7 +45,7 @@ case "$OS" in
esac esac
KS=emptysubject.jks KS=emptysubject.jks
KT="$TESTJAVA${FS}bin${FS}keytool -storepass changeit -keypass changeit -keystore $KS" KT="$TESTJAVA${FS}bin${FS}keytool -storepass changeit -keypass changeit -keystore $KS -keyalg rsa"
rm $KS rm $KS
......
...@@ -49,7 +49,7 @@ case "$OS" in ...@@ -49,7 +49,7 @@ case "$OS" in
;; ;;
esac esac
KEYTOOL="${TESTJAVA}${FS}bin${FS}keytool -keystore importreadall.jks -storepass changeit -keypass changeit" KEYTOOL="${TESTJAVA}${FS}bin${FS}keytool -keystore importreadall.jks -storepass changeit -keypass changeit -keyalg rsa"
# In case the test is run twice in the same directory # In case the test is run twice in the same directory
......
...@@ -50,7 +50,7 @@ KT=$TESTJAVA${FS}bin${FS}keytool ...@@ -50,7 +50,7 @@ KT=$TESTJAVA${FS}bin${FS}keytool
rm jks 2> /dev/null rm jks 2> /dev/null
$KT -genkeypair -keystore jks -storetype jks -alias me -dname CN=Me \ $KT -genkeypair -keystore jks -storetype jks -alias me -dname CN=Me \
-storepass pass1111 -keypass pass1111 || exit 11 -keyalg rsa -storepass pass1111 -keypass pass1111 || exit 11
# Cannot only change storepass # Cannot only change storepass
rm p12 2> /dev/null rm p12 2> /dev/null
...@@ -85,7 +85,7 @@ $KT -certreq -storetype pkcs12 -keystore p12 -alias me \ ...@@ -85,7 +85,7 @@ $KT -certreq -storetype pkcs12 -keystore p12 -alias me \
rm jks 2> /dev/null rm jks 2> /dev/null
$KT -genkeypair -keystore jks -storetype jks -alias me -dname CN=Me \ $KT -genkeypair -keystore jks -storetype jks -alias me -dname CN=Me \
-storepass pass1111 -keypass pass2222 || exit 21 -keyalg rsa -storepass pass1111 -keypass pass2222 || exit 21
# Can use old keypass as new storepass so new storepass and keypass are same # Can use old keypass as new storepass so new storepass and keypass are same
rm p12 2> /dev/null rm p12 2> /dev/null
......
...@@ -46,7 +46,7 @@ esac ...@@ -46,7 +46,7 @@ esac
KS=readjar.jks KS=readjar.jks
rm $KS rm $KS
$TESTJAVA${FS}bin${FS}keytool ${TESTTOOLVMOPTS} -storepass changeit -keypass changeit -keystore $KS \ $TESTJAVA${FS}bin${FS}keytool ${TESTTOOLVMOPTS} -storepass changeit -keypass changeit -keystore $KS \
-alias x -dname CN=X -genkeypair -keyalg rsa -alias x -dname CN=X -genkeypair
$COMPILEJAVA${FS}bin${FS}jar ${TESTTOOLVMOPTS} cvf readjar.jar $KS $COMPILEJAVA${FS}bin${FS}jar ${TESTTOOLVMOPTS} cvf readjar.jar $KS
$COMPILEJAVA${FS}bin${FS}jarsigner ${TESTTOOLVMOPTS} -storepass changeit -keystore $KS readjar.jar x $COMPILEJAVA${FS}bin${FS}jarsigner ${TESTTOOLVMOPTS} -storepass changeit -keystore $KS readjar.jar x
......
...@@ -45,7 +45,7 @@ case "$OS" in ...@@ -45,7 +45,7 @@ case "$OS" in
esac esac
KS=selfsigned.jks KS=selfsigned.jks
KT="$TESTJAVA${FS}bin${FS}keytool -storepass changeit -keypass changeit -keystore $KS" KT="$TESTJAVA${FS}bin${FS}keytool -storepass changeit -keypass changeit -keystore $KS -keyalg rsa"
rm $KS rm $KS
......
...@@ -43,7 +43,7 @@ esac ...@@ -43,7 +43,7 @@ esac
rm trystore.jks 2> /dev/null rm trystore.jks 2> /dev/null
KEYTOOL="${TESTJAVA}${FS}bin${FS}keytool -storetype jks -keystore trystore.jks" KEYTOOL="${TESTJAVA}${FS}bin${FS}keytool -storetype jks -keystore trystore.jks -keyalg rsa"
$KEYTOOL -genkeypair -alias a -dname CN=A -storepass changeit -keypass changeit $KEYTOOL -genkeypair -alias a -dname CN=A -storepass changeit -keypass changeit
$KEYTOOL -genkeypair -alias b -dname CN=B -storepass changeit -keypass changeit $KEYTOOL -genkeypair -alias b -dname CN=B -storepass changeit -keypass changeit
......
...@@ -48,7 +48,7 @@ case "$OS" in ...@@ -48,7 +48,7 @@ case "$OS" in
esac esac
KT="$TESTJAVA${FS}bin${FS}keytool -storepass changeit \ KT="$TESTJAVA${FS}bin${FS}keytool -storepass changeit \
-keypass changeit -keystore certreplace.jks" -keypass changeit -keystore certreplace.jks -keyalg rsa"
JAVAC=$COMPILEJAVA${FS}bin${FS}javac JAVAC=$COMPILEJAVA${FS}bin${FS}javac
JAVA=$TESTJAVA${FS}bin${FS}java JAVA=$TESTJAVA${FS}bin${FS}java
......
...@@ -48,7 +48,7 @@ case "$OS" in ...@@ -48,7 +48,7 @@ case "$OS" in
esac esac
KT="$TESTJAVA${FS}bin${FS}keytool -storepass changeit \ KT="$TESTJAVA${FS}bin${FS}keytool -storepass changeit \
-keypass changeit -keystore samedn.jks" -keypass changeit -keystore samedn.jks -keyalg rsa"
JAVAC=$COMPILEJAVA${FS}bin${FS}javac JAVAC=$COMPILEJAVA${FS}bin${FS}javac
JAVA=$TESTJAVA${FS}bin${FS}java JAVA=$TESTJAVA${FS}bin${FS}java
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册