< prev index next >

src/java.base/share/classes/sun/security/tools/keytool/CertAndKeyGen.java

Print this page
rev 51972 : 8215694: keytool cannot generate RSASSA-PSS certificates
Reviewed-by: xuelei
rev 51973 : 8215694 resolve

@@ -1,7 +1,7 @@
 /*
- * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License version 2 only, as
  * published by the Free Software Foundation.  Oracle designates this

@@ -28,10 +28,11 @@
 import java.io.IOException;
 import java.security.cert.X509Certificate;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateEncodingException;
 import java.security.*;
+import java.security.spec.AlgorithmParameterSpec;
 import java.util.Date;
 
 import sun.security.pkcs10.PKCS10;
 import sun.security.x509.*;
 

@@ -120,10 +121,25 @@
         prng = generator;
     }
 
     // want "public void generate (X509Certificate)" ... inherit DSA/D-H param
 
+    public void generate(int keyBits) {
+        if (keyBits != -1) {
+            try {
+                if (prng == null) {
+                    prng = new SecureRandom();
+                }
+                keyGen.initialize(keyBits, prng);
+
+            } catch (Exception e) {
+                throw new IllegalArgumentException(e.getMessage());
+            }
+        }
+        generateInternal();
+    }
+
     /**
      * Generates a random public/private key pair, with a given key
      * size.  Different algorithms provide different degrees of security
      * for the same key size, because of the "work factor" involved in
      * brute force attacks.  As computers become faster, it becomes

@@ -137,25 +153,12 @@
      *
      * @param keyBits the number of bits in the keys.
      * @exception InvalidKeyException if the environment does not
      *  provide X.509 public keys for this signature algorithm.
      */
-    public void generate (int keyBits)
-    throws InvalidKeyException
-    {
-        KeyPair pair;
-
-        try {
-            if (prng == null) {
-                prng = new SecureRandom();
-            }
-            keyGen.initialize(keyBits, prng);
-            pair = keyGen.generateKeyPair();
-
-        } catch (Exception e) {
-            throw new IllegalArgumentException(e.getMessage());
-        }
+    public void generateInternal() {
+        KeyPair pair = keyGen.generateKeyPair();
 
         publicKey = pair.getPublic();
         privateKey = pair.getPrivate();
 
         // publicKey's format must be X.509 otherwise
< prev index next >