Xue-Lei Andrew Fan 87c6761704 8196584: TLS 1.3 Implementation
Co-authored-by: Adam Petcher <adam.petcher@oracle.com>
Co-authored-by: Amanda Jiang <amanda.jiang@oracle.com>
Co-authored-by: Anthony Scarpino <anthony.scarpino@oracle.com>
Co-authored-by: Bradford Wetmore <bradford.wetmore@oracle.com>
Co-authored-by: Jamil Nimeh <jamil.j.nimeh@oracle.com>
Co-authored-by: John Jiang <sha.jiang@oracle.com>
Co-authored-by: Rajan Halade <rajan.halade@oracle.com>
Co-authored-by: Sibabrata Sahoo <sibabrata.sahoo@oracle.com>
Co-authored-by: Valerie Peng <valerie.peng@oracle.com>
Co-authored-by: Weijun Wang <weijun.wang@oracle.com>
Reviewed-by: ascarpino, coffeys, dfuchs, jjiang, jnimeh, mullan, rhalade, ssahoo, valeriep, weijun, wetmore, xuelei
2018-06-25 13:41:39 -07:00

117 lines
4.2 KiB
Plaintext

Keystores used for the JSSE regression test suite.
keystore
truststore
==========
These are the primary two keystores and contain entries for testing most
of the JSSE regression test files. There are three entries, one RSA-based,
one DSA-based and one EC-based. If they expire, simply recreate them
using keytool and most of the test cases should work.
The password on both files is:
passphrase
There are no individual key entry passwords at this time.
keystore entries
================
Alias name: dummy
-----------------
Creation date: May 16, 2016
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US
Issuer: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US
Serial number: 57399b87
Valid from: Mon May 16 10:06:38 UTC 2016 until: Sat May 16 10:06:38 UTC 2026
Signature algorithm name: SHA256withRSA
Version: 1
This can be generated using hacked (update the keytool source code so that
it can be used for version 1 X.509 certificate) keytool command:
% keytool -genkeypair -alias dummy -keyalg RSA -keysize 2048 \
-sigalg SHA256withRSA \
-dname "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US" \
-validity 3652 -keypass passphrase -keystore keystore -storepass passphrase
Alias name: dummyecdsa
----------------------
Creation date: May 16, 2016
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US
Issuer: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US
Serial number: 57399c1d
Valid from: Mon May 16 10:09:01 UTC 2016 until: Sat May 16 10:09:01 UTC 2026
Signature algorithm name: SHA256withECDSA
Version: 1
This can be generated using hacked (update the keytool source code so that
it can be used for version 1 X.509 certificate) keytool command:
% keytool -genkeypair -alias dummy -keyalg EC -keysize 256 \
-sigalg SHA256withECDSA \
-dname "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US" \
-validity 3652 -keypass passphrase -keystore keystore -storepass passphrase
Alias name: dummydsa
--------------------
Creation date: Mar 29, 2018
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US
Issuer: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US
Serial number: 324d85f0
Valid from: Thu Mar 29 16:06:34 PDT 2018 until: Tue Mar 28 16:06:34 PDT 2028
Signature algorithm name: SHA256withDSA
Version: 3
This can be generated using hacked (update the keytool source code so that
it can be used for version 1 X.509 certificate) keytool command:
% keytool -genkeypair -alias dummydsa -keyalg DSA -keysize 1024 \
-sigalg SHA256withDSA \
-dname "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US" \
-validity 3652 -keypass passphrase -keystore keystore -storepass passphrase
Alias name: dummyecrsa
--------------------
Creation date: Apr 13, 2018
Entry type: PrivateKeyEntry
Certificate chain length: 2
Certificate[1]:
Owner: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US
Issuer: CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US
Serial number: 6f2d1faa
Valid from: Fri Apr 13 16:20:55 CST 2018 until: Wed Apr 12 16:20:55 CST 2028
Version: 3
This can be generated by using keytool command:
% keytool -genkeypair -alias dummyecrsa -keyalg EC -keysize 256 \
-keypass passphrase -storepass passphrase -keystore keystore \
-dname "CN=dummy.example.com, OU=Dummy, O=Dummy, L=Cupertino, ST=CA, C=US"
% keytool -certreq -alias dummyecrsa -storepass passphrase -keystore keystore \
-file ecrsa.csr
% keytool -gencert -alias dummy -storepass passphrase -keystore keystore \
-validity 3652 -infile ecrsa.csr -outfile ecrsa.cer
% keytool -importcert -alias dummyecrsa -storepass passphrase -keystore keystore \
-file ecrsa.cer
truststore entries
==================
This key store contains only trusted certificate entries. The same
certificates, except dummyecrsa, are used in both keystore and truststore.
unknown_keystore
================
A keystore you can use when you don't want things to be verified.
Use this with keystore/truststore, and you'll never get a match.