jdk-sandbox: jdk/test/sun/security/tools/keytool/selfissued.sh@47080f9ae750 (annotated)

2437 098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	1	#
28243 47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: 24116 diff changeset	2	# Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved.
2437 098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	3	# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	4	#
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	5	# This code is free software; you can redistribute it and/or modify it
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	6	# under the terms of the GNU General Public License version 2 only, as
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	7	# published by the Free Software Foundation.
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	8	#
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	9	# This code is distributed in the hope that it will be useful, but WITHOUT
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	10	# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	11	# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	12	# version 2 for more details (a copy is included in the LICENSE file that
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	13	# accompanied this code).
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	14	#
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	15	# You should have received a copy of the GNU General Public License version
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	16	# 2 along with this work; if not, write to the Free Software Foundation,
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	17	# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	18	#
5506 202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5296 diff changeset	19	# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5296 diff changeset	20	# or visit www.oracle.com if you need additional information or have any
202f599c92aa 6943119: Rebrand source copyright notices ohair parents: 5296 diff changeset	21	# questions.
2437 098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	22	#
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	23
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	24	# @test
5296 8e6ab18c0fde 6937978: let keytool -gencert generate the chain weijun parents: 2437 diff changeset	25	# @bug 6825352 6937978
8e6ab18c0fde 6937978: let keytool -gencert generate the chain weijun parents: 2437 diff changeset	26	# @summary support self-issued certificate in keytool and let -gencert generate the chain
2437 098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	27	#
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	28	# @run shell selfissued.sh
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	29	#
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	30
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	31	if [ "${TESTJAVA}" = "" ] ; then
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	32	JAVAC_CMD=`which javac`
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	33	TESTJAVA=`dirname $JAVAC_CMD`/..
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	34	fi
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	35
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	36	# set platform-dependent variables
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	37	OS=`uname -s`
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	38	case "$OS" in
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	39	Windows_* )
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	40	FS="\\"
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	41	;;
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	42	* )
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	43	FS="/"
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	44	;;
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	45	esac
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	46
28243 47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: 24116 diff changeset	47	KS=selfsigned.ks
24116 9f9b4ba34aad 8040321: keytool and jarsigner tests doesn't pass though VM tools to tools weijun parents: 23010 diff changeset	48	KT="$TESTJAVA${FS}bin${FS}keytool ${TESTTOOLVMOPTS} -storepass changeit -keypass changeit -keystore $KS -keyalg rsa"
2437 098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	49
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	50	rm $KS
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	51
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	52	$KT -alias ca -dname CN=CA -genkeypair
28243 47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: 24116 diff changeset	53	$KT -alias ca1 -dname CN=CA1 -genkeypair
47080f9ae750 8044445: JEP 229: Create PKCS12 Keystores by Default vinnie parents: 24116 diff changeset	54	$KT -alias ca2 -dname CN=CA2 -genkeypair
2437 098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	55	$KT -alias e1 -dname CN=E1 -genkeypair
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	56
5296 8e6ab18c0fde 6937978: let keytool -gencert generate the chain weijun parents: 2437 diff changeset	57	# ca signs ca1, ca1 signs ca2, all self-issued
8e6ab18c0fde 6937978: let keytool -gencert generate the chain weijun parents: 2437 diff changeset	58	$KT -alias ca1 -certreq \| $KT -alias ca -gencert -ext san=dns:ca1 \
8e6ab18c0fde 6937978: let keytool -gencert generate the chain weijun parents: 2437 diff changeset	59	\| $KT -alias ca1 -importcert
8e6ab18c0fde 6937978: let keytool -gencert generate the chain weijun parents: 2437 diff changeset	60	$KT -alias ca2 -certreq \| $KT -alias ca1 -gencert -ext san=dns:ca2 \
8e6ab18c0fde 6937978: let keytool -gencert generate the chain weijun parents: 2437 diff changeset	61	\| $KT -alias ca2 -importcert
2437 098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	62
5296 8e6ab18c0fde 6937978: let keytool -gencert generate the chain weijun parents: 2437 diff changeset	63	# Import e1 signed by ca2, should add ca2 and ca1, at least 3 certs in the chain
8e6ab18c0fde 6937978: let keytool -gencert generate the chain weijun parents: 2437 diff changeset	64	$KT -alias e1 -certreq \| $KT -alias ca2 -gencert > e1.cert
8e6ab18c0fde 6937978: let keytool -gencert generate the chain weijun parents: 2437 diff changeset	65	$KT -alias ca1 -delete
8e6ab18c0fde 6937978: let keytool -gencert generate the chain weijun parents: 2437 diff changeset	66	$KT -alias ca2 -delete
8e6ab18c0fde 6937978: let keytool -gencert generate the chain weijun parents: 2437 diff changeset	67	cat e1.cert \| $KT -alias e1 -importcert
8e6ab18c0fde 6937978: let keytool -gencert generate the chain weijun parents: 2437 diff changeset	68	$KT -alias e1 -list -v \| grep '\[3\]' \|\| { echo Bad E1; exit 1; }
2437 098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	69
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	70	echo Good
098db6faaf66 6825352: support self-issued certificate in keytool weijun parents: diff changeset	71

author	vinnie
	Tue, 23 Dec 2014 16:30:57 +0000
changeset 28243	47080f9ae750
parent 24116	9f9b4ba34aad
permissions	-rw-r--r--