Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/mobile
 Path: blob/master/test/jdk/sun/security/tools/keytool/Serial64.java
41152 views
1
/*

2
 * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.

8
 *

9
 * This code is distributed in the hope that it will be useful, but WITHOUT

10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

12
 * version 2 for more details (a copy is included in the LICENSE file that

13
 * accompanied this code).

14
 *

15
 * You should have received a copy of the GNU General Public License version

16
 * 2 along with this work; if not, write to the Free Software Foundation,

17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

18
 *

19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

20
 * or visit www.oracle.com if you need additional information or have any

21
 * questions.

22
 */

23


24
/*

25
 * @test

26
 * @bug 8221257 8222275

27
 * @summary Improve serial number generation mechanism for keytool -gencert

28
 * @library /test/lib

29
 * @key randomness

30
 */

31


32
import jdk.test.lib.SecurityTools;

33


34
import java.io.File;

35
import java.io.FileInputStream;

36
import java.math.BigInteger;

37
import java.security.KeyStore;

38
import java.security.cert.CertificateFactory;

39
import java.security.cert.X509Certificate;

40


41
public class Serial64 {

42


43
    public static void main(String[] args) throws Exception {

44


45
        boolean see64 = false;

46


47
        see64 |= see64(genkeypair("ca"));

48
        see64 |= see64(genkeypair("user"));

49


50
        keytool("-certreq -alias user -file req");

51


52
        for (int i = 3; i <= 30; i++) {

53
            see64 |= see64(gencert());

54
            if (i >= 10 && see64) {

55
                // As long as we have generated >=10 (non-negative) SNs and

56
                // at least one is 64 bit it's good to go.

57
                return;

58
            }

59
        }

60


61
        // None is 64 bit. There is a chance of 2^-30 we reach here.

62
        // Or, maybe we do have a bug?

63
        throw new RuntimeException("No 64-bit serial number");

64
    }

65


66
    static boolean see64(BigInteger sn) {

67
        System.out.println(sn.toString(16));

68


69
        if (sn.signum() != 1) {

70
            throw new RuntimeException("Must be positive");

71
        }

72
        return sn.bitLength() == 64;

73
    }

74


75
    static void keytool(String s) throws Exception {

76
        SecurityTools.keytool("-storepass changeit -keypass changeit "

77
                + "-keystore ks -keyalg rsa " + s)

78
                .shouldHaveExitValue(0);

79
    }

80


81
    static BigInteger genkeypair(String a) throws Exception {

82
        keytool("-genkeypair -alias " + a + " -dname CN=" + a);

83
        return ((X509Certificate)KeyStore.getInstance(

84
                new File("ks"), "changeit".toCharArray())

85
                    .getCertificate(a)).getSerialNumber();

86
    }

87


88
    static BigInteger gencert() throws Exception {

89
        keytool("-gencert -alias ca -infile req -outfile cert");

90
        try (FileInputStream fis = new FileInputStream("cert")) {

91
            return ((X509Certificate)CertificateFactory.getInstance("X.509")

92
                    .generateCertificate(fis)).getSerialNumber();

93
        }

94
    }

95
}

96


97