4489N/A/*
4489N/A * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
4489N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4489N/A *
4489N/A * This code is free software; you can redistribute it and/or modify it
4489N/A * under the terms of the GNU General Public License version 2 only, as
4489N/A * published by the Free Software Foundation.
4489N/A *
4489N/A * This code is distributed in the hope that it will be useful, but WITHOUT
4489N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
4489N/A * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
4489N/A * version 2 for more details (a copy is included in the LICENSE file that
4489N/A * accompanied this code).
4489N/A *
4489N/A * You should have received a copy of the GNU General Public License version
4489N/A * 2 along with this work; if not, write to the Free Software Foundation,
4489N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
4489N/A *
4489N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
4489N/A * or visit www.oracle.com if you need additional information or have any
4489N/A * questions.
4489N/A */
4489N/A
4489N/A/*
4489N/A * @test
4489N/A * @bug 7099399
4489N/A * @summary cannot deal with CRL file larger than 16MB
4489N/A * @run main/othervm -Xmx1024m BigCRL
4489N/A */
4489N/A
4489N/Aimport java.io.FileInputStream;
4489N/Aimport java.math.BigInteger;
4489N/Aimport java.security.KeyStore;
4489N/Aimport java.security.cert.Certificate;
4489N/Aimport java.security.PrivateKey;
4489N/Aimport java.security.cert.X509CRLEntry;
4489N/Aimport java.util.Arrays;
4489N/Aimport java.util.Date;
4489N/Aimport sun.security.x509.*;
4489N/Aimport java.security.cert.CertificateFactory;
4489N/Aimport java.io.ByteArrayInputStream;
4489N/A
4489N/Apublic class BigCRL {
4489N/A
4489N/A public static void main(String[] args) throws Exception {
4489N/A int n = 500000;
4489N/A String ks = System.getProperty("test.src", ".")
4489N/A + "/../../ssl/etc/keystore";
4489N/A String pass = "passphrase";
4489N/A String alias = "dummy";
4489N/A
4489N/A KeyStore keyStore = KeyStore.getInstance("JKS");
4489N/A keyStore.load(new FileInputStream(ks), pass.toCharArray());
4489N/A Certificate signerCert = keyStore.getCertificate(alias);
4489N/A byte[] encoded = signerCert.getEncoded();
4489N/A X509CertImpl signerCertImpl = new X509CertImpl(encoded);
4489N/A X509CertInfo signerCertInfo = (X509CertInfo)signerCertImpl.get(
4489N/A X509CertImpl.NAME + "." + X509CertImpl.INFO);
4489N/A X500Name owner = (X500Name)signerCertInfo.get(X509CertInfo.SUBJECT + "."
4489N/A + CertificateSubjectName.DN_NAME);
4489N/A
4489N/A Date date = new Date();
4489N/A PrivateKey privateKey = (PrivateKey)
4489N/A keyStore.getKey(alias, pass.toCharArray());
4489N/A String sigAlgName = signerCertImpl.getSigAlgOID();
4489N/A
4489N/A X509CRLEntry[] badCerts = new X509CRLEntry[n];
4489N/A CRLExtensions ext = new CRLExtensions();
4489N/A ext.set("Reason", new CRLReasonCodeExtension(1));
4489N/A for (int i = 0; i < n; i++) {
4489N/A badCerts[i] = new X509CRLEntryImpl(
4489N/A BigInteger.valueOf(i), date, ext);
4489N/A }
4489N/A X509CRLImpl crl = new X509CRLImpl(owner, date, date, badCerts);
4489N/A crl.sign(privateKey, sigAlgName);
4489N/A byte[] data = crl.getEncodedInternal();
4489N/A
4489N/A // Make sure the CRL is big enough
4489N/A if ((data[1]&0xff) != 0x84) {
4489N/A throw new Exception("The file should be big enough?");
4489N/A }
4489N/A
4489N/A CertificateFactory cf = CertificateFactory.getInstance("X.509");
4489N/A cf.generateCRL(new ByteArrayInputStream(data));
4489N/A }
4489N/A}
4489N/A