1 /*
2 * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24 /*
25 * The certificates and corresponding private keys used by the test.
26 * All of certificates uses relative weak key size and hash algorithm, then
27 * all JDK releases can load them. Accordingly, a custom java.security file is
28 * provided to make sure such weak key sizes and algorithms are not blocked by
29 * any JDK build.
30 */
31 public enum Cert {
32
33 // This certificate is generated by the below command:
34 // openssl req -x509 -newkey rsa:1024 -days 7300 \
35 // -subj "/CN=RSA_SHA1_1024" -sha1 \
36 // -keyout key.pem -out cert.pem
37 RSA_SHA1_1024(
38 SignatureAlgorithm.RSA,
39 "-----BEGIN CERTIFICATE-----\n" +
40 "MIIB/jCCAWegAwIBAgIJANPuKkD7/jxkMA0GCSqGSIb3DQEBBQUAMBgxFjAUBgNV\n" +
41 "BAMMDVJTQV9TSEExXzEwMjQwHhcNMTcwOTA3MDIwNTM0WhcNMzcwOTAyMDIwNTM0\n" +
42 "WjAYMRYwFAYDVQQDDA1SU0FfU0hBMV8xMDI0MIGfMA0GCSqGSIb3DQEBAQUAA4GN\n" +
43 "ADCBiQKBgQC3v7UeIxD5bdv4mqwcpah7sNxpI3IxUFzI2ao1g1jVzDPZt9Zawa3K\n" +
44 "H+m9al1Fg2X1dyNeRlbiXavcIZOQwZqNj08zJEwAdICP8iOnXQ2HUv5cpzArOPTu\n" +
45 "GY3flhf39xgiWsSdfb+cP0QsWNagNU8EtebbHndv8W+2K5JEdlpwQQIDAQABo1Aw\n" +
46 "TjAdBgNVHQ4EFgQU32KqdiGyzg39chNt/OwQzGOlUyAwHwYDVR0jBBgwFoAU32Kq\n" +
47 "diGyzg39chNt/OwQzGOlUyAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOB\n" +
48 "gQAWx8y45IIWWhy44cuQs0qcSDQihIvhXB3pvlpCNdfsSrVoaaH8lrOVjTC718ip\n" +
49 "fE1sF8I9niLHUg8WrAzdQRDsKyUhDUhEEJ7w1ffxwf8bcI9+NgWwEix0Dazzkub8\n" +
50 "2IRXuZ3dGwzoI54XtxvKMFH86nJEj4M/XQGrc9bnlhcn4g==\n" +
51 "-----END CERTIFICATE-----",
52 "30820278020100300d06092a864886f70d0101010500048202623082025e0201" +
53 "0002818100b7bfb51e2310f96ddbf89aac1ca5a87bb0dc69237231505cc8d9aa" +
54 "358358d5cc33d9b7d65ac1adca1fe9bd6a5d458365f577235e4656e25dabdc21" +
55 "9390c19a8d8f4f33244c0074808ff223a75d0d8752fe5ca7302b38f4ee198ddf" +
56 "9617f7f718225ac49d7dbf9c3f442c58d6a0354f04b5e6db1e776ff16fb62b92" +
57 "44765a7041020301000102818100b2c5afdf5c5a9d72c73b7eb0c9465b3fcc79" +
58 "0549d946255bc0861555ef2eb503f1c67757f400cfa7019996123020fb906d5b" +
59 "b66b789ffba90b16270cbd1fbfcf285a821dcdc78fd8f17f399eb231ce9724db" +
60 "af60f9dd20f3e57bb4c0f9fdc9069589b82d442dd868d48c031eb782e27f9e70" +
61 "8469f9b3d5b1b23cee5bf1b41781024100dec184ea77c2126c6bc0c01ba727b4" +
62 "642587d63811240932334dc80c7976e0f715f156e52b352a25e5c52542af2b5f" +
63 "68a29a9b68858f313c4375cc78ec03d859024100d32be8375f52cbe904002321" +
64 "6977aee83fa88bf536d4052d2ed578727d7b7e5aeef91fc52b34c1b6638c00f0" +
65 "4c6985fdaaa2d6e72adbcc7d10ed8bafff69da29024100ae8210acd6f13519b7" +
66 "38a3c7862636ce1610daa3c5d9e3526e9acad3eafc54b57d7d3a44029b7dcf7e" +
67 "b7f9beca1842806892929949b8aa2bb9f5b9202a55c0d1024100887dc0c2c9a2" +
68 "429a823374818c2207b3a631d304d443867505e884c9bbc1ae9228146e2c8b18" +
69 "b67ca52b411010d3c3ff89e366f454076dcd08bc01a5e8790ac102402321988a" +
70 "2003e19c878791d402a7c0acdd1b6dd27203ed88f86a0e3a390ee57c0cd277f3" +
71 "ea5df6440dbc8bdb4c8b3c28fc77e6991bc4ed3f4dc0619a5b953e8e"),
72
73 // This certificate is generated by the below command:
74 // openssl req -x509 -newkey rsa:1024 -days 7300 \
75 // -subj "/CN=www.example.com" -sha1 \
76 // -keyout key.pem -out cert.pem
77 RSA_EXAMPLE_SHA1_1024(
78 SignatureAlgorithm.RSA,
79 "-----BEGIN CERTIFICATE-----\n" +
80 "MIICAjCCAWugAwIBAgIJAK6TC9eDtZg4MA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV\n" +
81 "BAMMD3d3dy5leGFtcGxlLmNvbTAeFw0xNzExMDIwNTA5NDRaFw0zNzEwMjgwNTA5\n" +
82 "NDRaMBoxGDAWBgNVBAMMD3d3dy5leGFtcGxlLmNvbTCBnzANBgkqhkiG9w0BAQEF\n" +
83 "AAOBjQAwgYkCgYEAtt5kxFTzJuoxJR2UgeXUxCw7TfL3FeK3lCrU3vruBe3XKKvF\n" +
84 "oyCxf/B5ucm22gzMfOvJBWRg6KrNTrXGI1LtlmAYNDM5J0lK2N/neKOm3Qxe0d1W\n" +
85 "AZ1lwgrMNirsWu+r4UPNMq5UohL5nqVU9WwVa12t0GF3er3k32tMTBqSclcCAwEA\n" +
86 "AaNQME4wHQYDVR0OBBYEFNc8tKGfZdFyaY0ZslwGLt1kpRYAMB8GA1UdIwQYMBaA\n" +
87 "FNc8tKGfZdFyaY0ZslwGLt1kpRYAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF\n" +
88 "BQADgYEAc71ZO83YEw9WvhxDEng9tMYUhJnNZJss6+gfWjZ487aiEGnS+VgKsHWz\n" +
89 "DBLBrYe9Ag5L9f1HtPNheUbnhhBbQ607jOG/wfmpi4VoU3myB5uxOfeAZdXDOB5x\n" +
90 "bv3t7KcEhgmPjB/e123jrBK8qnAYmDlQVlkZScctB3I1OuA2Po4=\n" +
91 "-----END CERTIFICATE-----",
92 "30820277020100300d06092a864886f70d0101010500048202613082025d0201" +
93 "0002818100b6de64c454f326ea31251d9481e5d4c42c3b4df2f715e2b7942ad4" +
94 "defaee05edd728abc5a320b17ff079b9c9b6da0ccc7cebc9056460e8aacd4eb5" +
95 "c62352ed96601834333927494ad8dfe778a3a6dd0c5ed1dd56019d65c20acc36" +
96 "2aec5aefabe143cd32ae54a212f99ea554f56c156b5dadd061777abde4df6b4c" +
97 "4c1a927257020301000102818048af52bc1acbdededd13d4930fa28b9441c47c" +
98 "b222f5c6fc92df07676db3a815a61c9b51de0a03a347b10a609bd6459a0dd926" +
99 "38877261686a5c6bb1ca9e8ea2373870af7685e7d6cebd66faba65af2ef04bd9" +
100 "1244ae56900fcd6ce11207d8c4040176e4ba9fef3d563741a1027b229134cfe1" +
101 "c0a90d9c8eba9ce6349835e769024100e82494b6f777c784ffc29298d033e11d" +
102 "af46f0d464c4dbd950d46bcd697d0f0b49a77699f0111d408e8748f2b461ab8f" +
103 "210071c9c20d8ecee3ae229cb9c3954b024100c9a976f0011fcdc0ca7fb2f679" +
104 "974fa85d420c604ca7ff64fe4667a44f73088eef290d22195474039760e99325" +
105 "3ca45ee444588b150467d14451d3c45dab0ba5024019df39d3ca70c703c39d63" +
106 "c9342b1403c2ed1d1a0ec101df8e6a9e391e7099a4a068d187068261c8381a4b" +
107 "bf00eb81bb49ea4ac439a4592e25a1daa9acea67510241008c4640007497bdd4" +
108 "94473da26b33d06a29ecae9531dd4e2edf1cf42cfc42e53a1fac2b8183a3164c" +
109 "053999600c6fe15a4c682a3b1cb482ceb33a4416fc9ce52d024100e4f08cd10a" +
110 "5c8face0b20db86443d0a42e34dfdde236dae4f042a06dd3aff7ca159f8aa3b7" +
111 "854df41d510148096155204f2bf46c4a96e271747a4126a66ade6c"),
112
113 // This certificate is generated by the below commands:
114 // openssl dsaparam -genkey 1024 -out key.pem
115 // openssl req -x509 -new -key key.pem -days 7300 \
116 // -subj "/CN=DSA_SHA1_1024" -sha1 -out cert.pem
117 DSA_SHA1_1024(
118 SignatureAlgorithm.DSA,
119 "-----BEGIN CERTIFICATE-----\n" +
120 "MIICuzCCAnugAwIBAgIJAMAMLRrhQWQFMAkGByqGSM44BAMwGDEWMBQGA1UEAwwN\n" +
121 "RFNBX1NIQTFfMTAyNDAeFw0xNzExMDIwNjA4MDRaFw0zNzEwMjgwNjA4MDRaMBgx\n" +
122 "FjAUBgNVBAMMDURTQV9TSEExXzEwMjQwggG2MIIBKwYHKoZIzjgEATCCAR4CgYEA\n" +
123 "8CspE1sE84pJ4YxzVHFEDNJvBaIxsbax03pDwNHr/ogP9PVwF9z1jT6hpC5WluHG\n" +
124 "g5n5gqpF2XpBhX2fKm1qqZWRxNvHKo0+zzAhUqMrvRJqcjlL4ijXndHldt67/VKS\n" +
125 "0eTKi9m64c+yJx80YYphCO5b93d2sTM29z8QZOlrbD8CFQCmttKnPAOk4uz8Z8cV\n" +
126 "uPGeGOMB9wKBgCItgPpAjW0srIwCaDysDNpydX6hB+1NTy1gFYl24n8edLGbR0mZ\n" +
127 "isteBd6LjMtgicRmtKZzKxW7igxoVvR3WHpTucFjms5NRNjPaj5wt3DxoXn4hyWk\n" +
128 "LzMvDeBvi+jKJiO0jnQ3+1NDOlAQy6ukeH59/gxZ3UmcNxDlAQ/IYHcpA4GEAAKB\n" +
129 "gEgvi72gL+zax7Y2hg4PL1PqZx2jFp0XlTIugiTrcsGytrAnn+/s2+3xVyVyvVMn\n" +
130 "0z5yL5eP9cdGA7qV1+7n6KJ8jNAhLCBSiC6x5ekd88aTlqnmt5lstk4w0Q0zSa58\n" +
131 "Hp6dCFg2Irk6Z9ERKaXJJBBS6reaFeATVROhN/LEEzzvo1AwTjAdBgNVHQ4EFgQU\n" +
132 "jb+HHABclGNR4lpf19nHFZpfwPQwHwYDVR0jBBgwFoAUjb+HHABclGNR4lpf19nH\n" +
133 "FZpfwPQwDAYDVR0TBAUwAwEB/zAJBgcqhkjOOAQDAy8AMCwCFDB3F/m6jsZdHaoy\n" +
134 "1xTp2U8uHBO+AhQYzeJuJd8/qRSDVLs8mesE8TQg2g==\n" +
135 "-----END CERTIFICATE-----",
136 "3082014a0201003082012b06072a8648ce3804013082011e02818100f02b2913" +
137 "5b04f38a49e18c735471440cd26f05a231b1b6b1d37a43c0d1ebfe880ff4f570" +
138 "17dcf58d3ea1a42e5696e1c68399f982aa45d97a41857d9f2a6d6aa99591c4db" +
139 "c72a8d3ecf302152a32bbd126a72394be228d79dd1e576debbfd5292d1e4ca8b" +
140 "d9bae1cfb2271f34618a6108ee5bf77776b13336f73f1064e96b6c3f021500a6" +
141 "b6d2a73c03a4e2ecfc67c715b8f19e18e301f7028180222d80fa408d6d2cac8c" +
142 "02683cac0cda72757ea107ed4d4f2d60158976e27f1e74b19b4749998acb5e05" +
143 "de8b8ccb6089c466b4a6732b15bb8a0c6856f477587a53b9c1639ace4d44d8cf" +
144 "6a3e70b770f1a179f88725a42f332f0de06f8be8ca2623b48e7437fb53433a50" +
145 "10cbaba4787e7dfe0c59dd499c3710e5010fc8607729041602146ef9db36045f" +
146 "bcd8c7fd82ba29c5c5057ed11c7f"),
147
148 // This certificate is generated by the below commands:
149 // openssl dsaparam -genkey 1024 -out key.pem
150 // openssl req -x509 -new -key key.pem -days 7300 \
151 // -subj "/CN=www.example.com" -sha1 -out cert.pem
152 DSA_EXAMPLE_SHA1_1024(
153 SignatureAlgorithm.DSA,
154 "-----BEGIN CERTIFICATE-----\n" +
155 "MIICwDCCAoCgAwIBAgIJAI5mKbdK5ZqyMAkGByqGSM44BAMwGjEYMBYGA1UEAwwP\n" +
156 "d3d3LmV4YW1wbGUuY29tMB4XDTE3MTEwMjA1NDczOVoXDTM3MTAyODA1NDczOVow\n" +
157 "GjEYMBYGA1UEAwwPd3d3LmV4YW1wbGUuY29tMIIBtzCCASwGByqGSM44BAEwggEf\n" +
158 "AoGBANVGWRSlxVZQKlVrTDcU/6Mr8QFlR3kGKmkvdbTHH1EhcP7YlZ7CJ30VBDbN\n" +
159 "LS2HvN3HHNooJ7hHBheL5Yz8EZIUa95TzPukZ1TmCo9fufR5i9HWj9Z8jLhyqx3l\n" +
160 "iUZOYN9H0MSn4ftK6dr5oTz2ZGYDblXDCq6R8qZfuw1URFqrAhUArx0nmGEI/1S/\n" +
161 "qyxnV4I6ItOntxMCgYEAxZKIZ/7aOGfzaQG2wRFdD/viHBZkkcxCsgmPUroQVUIw\n" +
162 "dqmUnfYk8cb02LCevhhSwcjfocQsA3y1jufIUdWaHuIB9W3EsFJQNd/Byh9j/pRD\n" +
163 "7zH/8lnBzJh2S7y10Vg840STVo5+ekZb4E+W7KK5gUaEQ6kAtUIIB0xjNz7RWs4D\n" +
164 "gYQAAoGAPVQKWqJSlMrbU4XEsx50Ur8P84CwMnS7WcQNLnih1ScaK2BijgVj5Fny\n" +
165 "9JZxITwj7XD7FWriq3kTjbydi3iAvrgVWij79x5Z7fTRCuoBVmtnAFkVGalwbGr2\n" +
166 "ghz70y6hep2Evb1pRCrHjRkMaJFE5Y2CA7VbpKoat+j47/LkXJ2jUDBOMB0GA1Ud\n" +
167 "DgQWBBSVjWy3SpaDfnFo+37mZJqX2aybzTAfBgNVHSMEGDAWgBSVjWy3SpaDfnFo\n" +
168 "+37mZJqX2aybzTAMBgNVHRMEBTADAQH/MAkGByqGSM44BAMDLwAwLAIUd5NOlcfX\n" +
169 "5rakT9H8UzlFcFQLr0MCFGrEYvlFUf/HJOH4FwXS2jEholBB\n" +
170 "-----END CERTIFICATE-----",
171 "3082014c0201003082012c06072a8648ce3804013082011f02818100d5465914" +
172 "a5c556502a556b4c3714ffa32bf101654779062a692f75b4c71f512170fed895" +
173 "9ec2277d150436cd2d2d87bcddc71cda2827b84706178be58cfc1192146bde53" +
174 "ccfba46754e60a8f5fb9f4798bd1d68fd67c8cb872ab1de589464e60df47d0c4" +
175 "a7e1fb4ae9daf9a13cf66466036e55c30aae91f2a65fbb0d54445aab021500af" +
176 "1d27986108ff54bfab2c6757823a22d3a7b71302818100c5928867feda3867f3" +
177 "6901b6c1115d0ffbe21c166491cc42b2098f52ba1055423076a9949df624f1c6" +
178 "f4d8b09ebe1852c1c8dfa1c42c037cb58ee7c851d59a1ee201f56dc4b0525035" +
179 "dfc1ca1f63fe9443ef31fff259c1cc98764bbcb5d1583ce34493568e7e7a465b" +
180 "e04f96eca2b981468443a900b54208074c63373ed15ace0417021500abf47692" +
181 "88c6ac41e2802e7eb7addba367339318"),
182
183 // This certificate is generated by the below commands:
184 // openssl ecparam -name prime256v1 -genkey -out key.pem
185 // openssl req -new -key key.pem -x509 -nodes -days 7300 \
186 // -subj "/CN=ECDSA_SHA1_prime256v1" -sha1 -out cert.pem
187 ECDSA_SHA1_PRIME256V1(
188 SignatureAlgorithm.ECDSA,
189 "-----BEGIN CERTIFICATE-----\n" +
190 "MIIBhDCCASygAwIBAgIJAKW4wuujp9JbMAkGByqGSM49BAEwIDEeMBwGA1UEAwwV\n" +
191 "RUNEU0FfU0hBMV9wcmltZTI1NnYxMB4XDTE3MDkwNzAyMTA0MVoXDTM3MDkwMjAy\n" +
192 "MTA0MVowIDEeMBwGA1UEAwwVRUNEU0FfU0hBMV9wcmltZTI1NnYxMFkwEwYHKoZI\n" +
193 "zj0CAQYIKoZIzj0DAQcDQgAEdbE+AMwsFBf73YXRVwsvsx2dMt1xgDxj/4pN+BfY\n" +
194 "LWnO94beeZcrCJ1/N8CHmDOce7KRDR6/9kpi20wFAVXZ3KNQME4wHQYDVR0OBBYE\n" +
195 "FA/hB2ODDNdz1JF08u2uhknhlsVoMB8GA1UdIwQYMBaAFA/hB2ODDNdz1JF08u2u\n" +
196 "hknhlsVoMAwGA1UdEwQFMAMBAf8wCQYHKoZIzj0EAQNHADBEAiBNxv2L2FW+6+w/\n" +
197 "QtDe+YSUNRj3F8QrpLkfGk7rVaOiHQIgVF2pWJ5ytg0pbCuO8Bh+UZ7zfZUD03s8\n" +
198 "ZuIYW7RtMe0=\n" +
199 "-----END CERTIFICATE-----",
200 "308187020100301306072a8648ce3d020106082a8648ce3d030107046d306b02" +
201 "010104204d901d5efd0e3def78d5307788a4c760115effce4b9e2c31ae5860b6" +
202 "c11915aca1440342000475b13e00cc2c1417fbdd85d1570b2fb31d9d32dd7180" +
203 "3c63ff8a4df817d82d69cef786de79972b089d7f37c08798339c7bb2910d1ebf" +
204 "f64a62db4c050155d9dc"),
205
206 // This certificate is generated by the below commands:
207 // openssl ecparam -name prime256v1 -genkey -out key.pem
208 // openssl req -new -key key.pem -x509 -nodes -days 7300 \
209 // -subj "/CN=www.example.com" -sha1 -out cert.pem
210 ECDSA_EXAMPLE_SHA1_PRIME256V1(
211 SignatureAlgorithm.ECDSA,
212 "-----BEGIN CERTIFICATE-----\n" +
213 "MIIBeDCCASCgAwIBAgIJAMxOXBpiJ5mDMAkGByqGSM49BAEwGjEYMBYGA1UEAwwP\n" +
214 "d3d3LmV4YW1wbGUuY29tMB4XDTE3MTEwMjA1MTg0MVoXDTM3MTAyODA1MTg0MVow\n" +
215 "GjEYMBYGA1UEAwwPd3d3LmV4YW1wbGUuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0D\n" +
216 "AQcDQgAER9IyuwyrJ7X9DmIqGC3YNTlWBt4Fo/Y3RnlcxhTVxb/ZAYVNhqe4MbSM\n" +
217 "2nsVnYMjjXXDav1plNKvmgGDf9s/saNQME4wHQYDVR0OBBYEFHNUTaIIEA89uNKH\n" +
218 "OOUgJ981Qj5HMB8GA1UdIwQYMBaAFHNUTaIIEA89uNKHOOUgJ981Qj5HMAwGA1Ud\n" +
219 "EwQFMAMBAf8wCQYHKoZIzj0EAQNHADBEAiBCW59S1nE15j8euO6/q9bM6J9Ci5xJ\n" +
220 "WWAVznGGxnS/HgIgFaFKC31uxTXoBN7QN0yW/umQgJ0nsjwj7Pnxc0wNyw8=\n" +
221 "-----END CERTIFICATE-----",
222 "308187020100301306072a8648ce3d020106082a8648ce3d030107046d306b02" +
223 "010104209aa3784cd0c1fe0553e59b3c7b8f08c8fdaffd94f34e2c1683243a79" +
224 "7b64b673a1440342000447d232bb0cab27b5fd0e622a182dd835395606de05a3" +
225 "f63746795cc614d5c5bfd901854d86a7b831b48cda7b159d83238d75c36afd69" +
226 "94d2af9a01837fdb3fb1");
227
228 public final SignatureAlgorithm signatureAlgorithm;
229 public final String certMaterials;
230 public final String privKeyMaterials;
231
232 private Cert(
233 SignatureAlgorithm signatureAlgorithm,
234 String certMaterials,
235 String privKeyMaterials) {
236 this.signatureAlgorithm = signatureAlgorithm;
237 this.certMaterials = certMaterials;
238 this.privKeyMaterials = privKeyMaterials;
239 }
240
241 // Two certificates (mainCert and exampleCert) are selected to respect the
242 // specified cipher suite. SNI-associated cases specify exampleCert as desired.
243 public static Cert[] getCerts(String cipherSuite) {
244 Cert mainCert = Cert.DSA_SHA1_1024;
245 Cert exampleCert = Cert.DSA_EXAMPLE_SHA1_1024;
246 if (cipherSuite.contains("_ECDHE_RSA_")) {
247 mainCert = Cert.RSA_SHA1_1024;
248 exampleCert = Cert.RSA_EXAMPLE_SHA1_1024;
249 } else if (cipherSuite.contains("_EC")) {
250 mainCert = Cert.ECDSA_SHA1_PRIME256V1;
251 exampleCert = Cert.ECDSA_EXAMPLE_SHA1_PRIME256V1;
252 } else if (cipherSuite.contains("_RSA")) {
253 mainCert = Cert.RSA_SHA1_1024;
254 exampleCert = Cert.RSA_EXAMPLE_SHA1_1024;
255 }
256 System.out.printf("mainCert=%s, exampleCert=%s%n",
257 mainCert, exampleCert);
258 return new Cert[] { mainCert, exampleCert };
259 }
260 }
261
262 enum SignatureAlgorithm {
263
264 RSA, DSA, ECDSA;
265 }