< prev index next >
test/sun/security/tools/keytool/KeyToolTest.java
Print this page
rev 12521 : 8057810: New defaults for DSA keys in jarsigner and keytool
Reviewed-by: coffeys, valeriep
Contributed-by: prasadarao.koppula@oracle.com
*** 1,7 ****
/*
! * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
--- 1,7 ----
/*
! * Copyright (c) 2005, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*** 170,179 ****
--- 170,186 ----
/**
* Call this method if you expect test(input, cmd) should go OK
*/
void testOK(String input, String cmd) throws Exception {
try {
+ // Workaround for "8057810: Make SHA256withDSA the default
+ // jarsigner and keytool algorithm for DSA keys". Unfortunately
+ // SunPKCS11-NSS does not support SHA256withDSA yet.
+ if (cmd.contains("p11-nss.txt") && cmd.contains("-genkey")
+ && !cmd.contains("-keyalg")) {
+ cmd += " -sigalg SHA1withDSA -keysize 1024";
+ }
test(input, cmd);
} catch(Exception e) {
afterFail(input, cmd, "OK");
throw e;
}
*** 245,254 ****
--- 252,264 ----
/**
* Helper method, print some output after a test does not do as expected
*/
void afterFail(String input, String cmd, String should) {
+ if (cmd.contains("p11-nss.txt")) {
+ cmd = "-J-Dnss.lib=" + System.getProperty("nss.lib") + " " + cmd;
+ }
System.err.println("\nTest fails for the command ---\n" +
"keytool " + cmd + "\nOr its debug version ---\n" +
"keytool -debug " + cmd);
System.err.println("The command result should be " + should +
*** 799,809 ****
void sqeCsrTest() throws Exception {
remove("x.jks");
remove("x.jks.p1.cert");
remove("csr1");
// PrivateKeyEntry can do certreq
! testOK("", "-keystore x.jks -storepass changeit -keypass changeit -genkeypair -dname CN=olala");
testOK("", "-keystore x.jks -storepass changeit -certreq -file csr1 -alias mykey");
testOK("", "-keystore x.jks -storepass changeit -certreq -file csr1");
testOK("", "-keystore x.jks -storepass changeit -certreq -file csr1 -sigalg SHA1withDSA");
testFail("", "-keystore x.jks -storepass changeit -certreq -file csr1 -sigalg MD5withRSA"); // unmatched sigalg
// misc test
--- 809,819 ----
void sqeCsrTest() throws Exception {
remove("x.jks");
remove("x.jks.p1.cert");
remove("csr1");
// PrivateKeyEntry can do certreq
! testOK("", "-keystore x.jks -storepass changeit -keypass changeit -genkeypair -dname CN=olala -keysize 1024");
testOK("", "-keystore x.jks -storepass changeit -certreq -file csr1 -alias mykey");
testOK("", "-keystore x.jks -storepass changeit -certreq -file csr1");
testOK("", "-keystore x.jks -storepass changeit -certreq -file csr1 -sigalg SHA1withDSA");
testFail("", "-keystore x.jks -storepass changeit -certreq -file csr1 -sigalg MD5withRSA"); // unmatched sigalg
// misc test
< prev index next >