16 # 2 along with this work; if not, write to the Free Software Foundation,
  17 # Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18 #
  19 # Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20 # or visit www.oracle.com if you need additional information or have any
  21 # questions.
  22 #
  23 
  24 # @test
  25 # @bug 6958869
  26 # @summary regression: PKIXValidator fails when multiple trust anchors
  27 # have same dn
  28 #
  29 
  30 if [ "${TESTSRC}" = "" ] ; then
  31   TESTSRC="."
  32 fi
  33 if [ "${TESTJAVA}" = "" ] ; then
  34   JAVAC_CMD=`which javac`
  35   TESTJAVA=`dirname $JAVAC_CMD`/..

  36 fi
  37 
  38 # set platform-dependent variables
  39 OS=`uname -s`
  40 case "$OS" in
  41   Windows_* )
  42     FS="\\"
  43     ;;
  44   * )
  45     FS="/"
  46     ;;
  47 esac
  48 
  49 KT="$TESTJAVA${FS}bin${FS}keytool -storepass changeit \
  50     -keypass changeit -keystore samedn.jks"
  51 JAVAC=$TESTJAVA${FS}bin${FS}javac
  52 JAVA=$TESTJAVA${FS}bin${FS}java
  53 
  54 rm -rf samedn.jks 2> /dev/null
  55 
  56 # 1. Generate 3 aliases in a keystore: ca1, ca2, user. The CAs' startdate
  57 # is set to one year ago so that they are expired now
  58 
  59 $KT -genkeypair -alias ca1 -dname CN=CA -keyalg rsa -sigalg md5withrsa -ext bc -startdate -1y
  60 $KT -genkeypair -alias ca2 -dname CN=CA -keyalg rsa -sigalg sha1withrsa -ext bc -startdate -1y
  61 $KT -genkeypair -alias user -dname CN=User -keyalg rsa
  62 
  63 # 2. Signing: ca -> user
  64 
  65 $KT -certreq -alias user | $KT -gencert -rfc -alias ca1 > samedn1.certs
  66 $KT -certreq -alias user | $KT -gencert -rfc -alias ca2 > samedn2.certs
  67 
  68 # 3. Append the ca file
  69 
  70 $KT -export -rfc -alias ca1 >> samedn1.certs
  71 $KT -export -rfc -alias ca2 >> samedn2.certs
  72 
  73 # 4. Remove user for cacerts
  74 
  75 $KT -delete -alias user
  76 
  77 # 5. Build and run test. Make sure the CA certs are ignored for validity check.
  78 # Check both, one of them might be dropped out of map in old codes.
  79 
  80 $JAVAC -d . ${TESTSRC}${FS}CertReplace.java
  81 $JAVA ${TESTVMOPTS} CertReplace samedn.jks samedn1.certs || exit 1
  82 $JAVA ${TESTVMOPTS} CertReplace samedn.jks samedn2.certs || exit 2

  16 # 2 along with this work; if not, write to the Free Software Foundation,
  17 # Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18 #
  19 # Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20 # or visit www.oracle.com if you need additional information or have any
  21 # questions.
  22 #
  23 
  24 # @test
  25 # @bug 6958869
  26 # @summary regression: PKIXValidator fails when multiple trust anchors
  27 # have same dn
  28 #
  29 
  30 if [ "${TESTSRC}" = "" ] ; then
  31   TESTSRC="."
  32 fi
  33 if [ "${TESTJAVA}" = "" ] ; then
  34   JAVAC_CMD=`which javac`
  35   TESTJAVA=`dirname $JAVAC_CMD`/..
  36   COMPILEJAVA="${TESTJAVA}"
  37 fi
  38 
  39 # set platform-dependent variables
  40 OS=`uname -s`
  41 case "$OS" in
  42   Windows_* )
  43     FS="\\"
  44     ;;
  45   * )
  46     FS="/"
  47     ;;
  48 esac
  49 
  50 KT="$TESTJAVA${FS}bin${FS}keytool -storepass changeit \
  51     -keypass changeit -keystore samedn.jks"
  52 JAVAC=$COMPILEJAVA${FS}bin${FS}javac
  53 JAVA=$TESTJAVA${FS}bin${FS}java
  54 
  55 rm -rf samedn.jks 2> /dev/null
  56 
  57 # 1. Generate 3 aliases in a keystore: ca1, ca2, user. The CAs' startdate
  58 # is set to one year ago so that they are expired now
  59 
  60 $KT -genkeypair -alias ca1 -dname CN=CA -keyalg rsa -sigalg md5withrsa -ext bc -startdate -1y
  61 $KT -genkeypair -alias ca2 -dname CN=CA -keyalg rsa -sigalg sha1withrsa -ext bc -startdate -1y
  62 $KT -genkeypair -alias user -dname CN=User -keyalg rsa
  63 
  64 # 2. Signing: ca -> user
  65 
  66 $KT -certreq -alias user | $KT -gencert -rfc -alias ca1 > samedn1.certs
  67 $KT -certreq -alias user | $KT -gencert -rfc -alias ca2 > samedn2.certs
  68 
  69 # 3. Append the ca file
  70 
  71 $KT -export -rfc -alias ca1 >> samedn1.certs
  72 $KT -export -rfc -alias ca2 >> samedn2.certs
  73 
  74 # 4. Remove user for cacerts
  75 
  76 $KT -delete -alias user
  77 
  78 # 5. Build and run test. Make sure the CA certs are ignored for validity check.
  79 # Check both, one of them might be dropped out of map in old codes.
  80 
  81 $JAVAC ${TESTJAVACOPTS} ${TESTTOOLVMOPTS} -d . ${TESTSRC}${FS}CertReplace.java
  82 $JAVA ${TESTVMOPTS} CertReplace samedn.jks samedn1.certs || exit 1
  83 $JAVA ${TESTVMOPTS} CertReplace samedn.jks samedn2.certs || exit 2