src/java.base/share/classes/sun/security/tools/keytool/CertAndKeyGen.java

rev 51972 : 8215694: keytool cannot generate RSASSA-PSS certificates
Reviewed-by: xuelei
rev 51973 : 8215694 resolve

*** 1,7 ****
  /*
!  * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved.
   * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   *
   * This code is free software; you can redistribute it and/or modify it
   * under the terms of the GNU General Public License version 2 only, as
   * published by the Free Software Foundation.  Oracle designates this
--- 1,7 ----
  /*
!  * Copyright (c) 1996, 2019, Oracle and/or its affiliates. All rights reserved.
   * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   *
   * This code is free software; you can redistribute it and/or modify it
   * under the terms of the GNU General Public License version 2 only, as
   * published by the Free Software Foundation.  Oracle designates this
*** 28,37 ****
--- 28,38 ----
  import java.io.IOException;
  import java.security.cert.X509Certificate;
  import java.security.cert.CertificateException;
  import java.security.cert.CertificateEncodingException;
  import java.security.*;
+ import java.security.spec.AlgorithmParameterSpec;
  import java.util.Date;
  
  import sun.security.pkcs10.PKCS10;
  import sun.security.x509.*;
  
*** 120,129 ****
--- 121,145 ----
          prng = generator;
      }
  
      // want "public void generate (X509Certificate)" ... inherit DSA/D-H param
  
+     public void generate(int keyBits) {
+         if (keyBits != -1) {
+             try {
+                 if (prng == null) {
+                     prng = new SecureRandom();
+                 }
+                 keyGen.initialize(keyBits, prng);
+ 
+             } catch (Exception e) {
+                 throw new IllegalArgumentException(e.getMessage());
+             }
+         }
+         generateInternal();
+     }
+ 
      /**
       * Generates a random public/private key pair, with a given key
       * size.  Different algorithms provide different degrees of security
       * for the same key size, because of the "work factor" involved in
       * brute force attacks.  As computers become faster, it becomes
*** 137,161 ****
       *
       * @param keyBits the number of bits in the keys.
       * @exception InvalidKeyException if the environment does not
       *  provide X.509 public keys for this signature algorithm.
       */
!     public void generate (int keyBits)
!     throws InvalidKeyException
!     {
!         KeyPair pair;
! 
!         try {
!             if (prng == null) {
!                 prng = new SecureRandom();
!             }
!             keyGen.initialize(keyBits, prng);
!             pair = keyGen.generateKeyPair();
! 
!         } catch (Exception e) {
!             throw new IllegalArgumentException(e.getMessage());
!         }
  
          publicKey = pair.getPublic();
          privateKey = pair.getPrivate();
  
          // publicKey's format must be X.509 otherwise
--- 153,164 ----
       *
       * @param keyBits the number of bits in the keys.
       * @exception InvalidKeyException if the environment does not
       *  provide X.509 public keys for this signature algorithm.
       */
!     public void generateInternal() {
!         KeyPair pair = keyGen.generateKeyPair();
  
          publicKey = pair.getPublic();
          privateKey = pair.getPrivate();
  
          // publicKey's format must be X.509 otherwise