Wed, 29 Jul 2020 09:31:38 -0700
8243321: Add Entrust root CA - G4 to Oracle Root CA program
Reviewed-by: mullan
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 1.2 +++ b/make/data/cacerts/entrustrootcag4 Wed Jul 29 09:31:38 2020 -0700 1.3 @@ -0,0 +1,43 @@ 1.4 +Owner: CN=Entrust Root Certification Authority - G4, OU="(c) 2015 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US 1.5 +Issuer: CN=Entrust Root Certification Authority - G4, OU="(c) 2015 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US 1.6 +Serial number: d9b5437fafa9390f000000005565ad58 1.7 +Valid from: Wed May 27 11:11:16 GMT 2015 until: Sun Dec 27 11:41:16 GMT 2037 1.8 +Signature algorithm name: SHA256withRSA 1.9 +Subject Public Key Algorithm: 4096-bit RSA key 1.10 +Version: 3 1.11 +-----BEGIN CERTIFICATE----- 1.12 +MIIGSzCCBDOgAwIBAgIRANm1Q3+vqTkPAAAAAFVlrVgwDQYJKoZIhvcNAQELBQAw 1.13 +gb4xCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL 1.14 +Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg 1.15 +MjAxNSBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMjAw 1.16 +BgNVBAMTKUVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEc0 1.17 +MB4XDTE1MDUyNzExMTExNloXDTM3MTIyNzExNDExNlowgb4xCzAJBgNVBAYTAlVT 1.18 +MRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1 1.19 +c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxNSBFbnRydXN0LCBJ 1.20 +bmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMjAwBgNVBAMTKUVudHJ1c3Qg 1.21 +Um9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEc0MIICIjANBgkqhkiG9w0B 1.22 +AQEFAAOCAg8AMIICCgKCAgEAsewsQu7i0TD/pZJH4i3DumSXbcr3DbVZwbPLqGgZ 1.23 +2K+EbTBwXX7zLtJTmeH+H17ZSK9dE43b/2MzTdMAArzE+NEGCJR5WIoV3imz/f3E 1.24 +T+iq4qA7ec2/a0My3dl0ELn39GjUu9CH1apLiipvKgS1sqbHoHrmSKvS0VnM1n4j 1.25 +5pds8ELl3FFLFUHtSUrJ3hCX1nbB76W1NhSXNdh4IjVS70O92yfbYVaCNNzLiGAM 1.26 +C1rlLAHGVK/XqsEQe9IFWrhAnoanw5CGAlZSCXqc0ieCU0plUmr1POeo8pyvi73T 1.27 +DtTUXm6Hnmo9RR3RXRv06QqsYJn7ibT/mCzPfB3pAqoEmh643IhuJbNsZvc8kPNX 1.28 +wbMv9W3y+8qh+CmdRouzavbmZwe+LGcKKh9asj5XxNMhIWNlUpEbsZmOeX7m640A 1.29 +2Vqq6nPopIICR5b+W45UYaPrL0swsIsjdXJ8ITzI9vF01Bx7owVV7rtNOzK+mndm 1.30 +nqxpkCIHH2E6lr7lmk/MBTwoWdPBDFSoWWG9yHJM6Nyfh3+9nEg2XpWjDrk4JFX8 1.31 +dWbrAuMINClKxuMrLzOg2qOGpRKX/YAr2hRC45K9PvJdXmd0LhyIRyk0X+IyqJwl 1.32 +N4y6mACXi0mWHv0liqzc2thddG5msP9E36EYxr5ILzeUePiVSj9/E15dWf10hkNj 1.33 +c0kCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYD 1.34 +VR0OBBYEFJ84xFYjwznooHFs6FRM5Og6sb9nMA0GCSqGSIb3DQEBCwUAA4ICAQAS 1.35 +5UKme4sPDORGpbZgQIeMJX6tuGguW8ZAdjwD+MlZ9POrYs4QjbRaZIxowLByQzTS 1.36 +Gwv2LFPSypBLhmb8qoMi9IsabyZIrHZ3CL/FmFz0Jomee8O5ZDIBf9PD3Vht7LGr 1.37 +hFV0d4QEJ1JrhkzO3bll/9bGXp+aEJlLdWr+aumXIOTkdnrG0CSqkM0gkLpHZPt/ 1.38 +B7NTeLUKYvJzQ85BK4FqLoUWlFPUa19yIqtRLULVAJyZv967lDtX/Zr1hstWO1uI 1.39 +AeV8KEsD+UmDfLJ/fOPtjqF/YFOOVZ1QNBIPt5d7bIdKROf1beyAN/BYGW5KaHbw 1.40 +H5Lk6rWS02FREAutp9lfx1/cH6NcjKF+m7ee01ZvZl4HliDtC3T7Zk6LERXpgUl+ 1.41 +b7DUUH8i119lAg2m9IUe2K4GS0qn0jFmwvjO5QimpAKWRGhXxNUzzxkvFMSUHHuk 1.42 +2fCfDrGA4tGeEWSpiBE6doLlYsKA2KSD7ZPvfC+QsDJMlhVoSFLUmQjAJOgc47Ol 1.43 +IQ6SwJAfzyBfyjs4x7dtOvPmRLgOMWuIjnDrnBdSqEGULoe256YSxXXfW8AKbnuk 1.44 +5F6G+TaU33fD6Q3AOfF5u0aOq0NZJ7cguyPpVkAh7DE9ZapD8j3fcEThuk0mEDuY 1.45 +n/PIjhs4ViFqUZPTkcpG2om3PVODLAgfi49T3f+sHw== 1.46 +-----END CERTIFICATE-----
2.1 --- a/test/security/infra/java/security/cert/CertPathValidator/certification/EntrustCA.java Tue Mar 29 18:04:41 2016 +0900 2.2 +++ b/test/security/infra/java/security/cert/CertPathValidator/certification/EntrustCA.java Wed Jul 29 09:31:38 2020 -0700 2.3 @@ -1,5 +1,5 @@ 2.4 /* 2.5 - * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. 2.6 + * Copyright (c) 2018, 2020, Oracle and/or its affiliates. All rights reserved. 2.7 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 2.8 * 2.9 * This code is free software; you can redistribute it and/or modify it 2.10 @@ -23,22 +23,46 @@ 2.11 2.12 /* 2.13 * @test 2.14 - * @bug 8195774 2.15 - * @summary Interoperability tests with Entrust EC CA 2.16 + * @bug 8195774 8243321 2.17 + * @summary Interoperability tests with Entrust CAs 2.18 * @build ValidatePathWithParams 2.19 * @run main/othervm -Djava.security.debug=certpath EntrustCA OCSP 2.20 * @run main/othervm -Djava.security.debug=certpath EntrustCA CRL 2.21 */ 2.22 2.23 /* 2.24 - * Obtain test artifacts for Entrust EC CA from: 2.25 + * Obtain test artifacts for Entrust CA from: 2.26 * 2.27 - * Valid https://validec.entrust.net 2.28 + * EC CA: 2.29 + * Valid: https://validec.entrust.net 2.30 + * Revoked https://revokedec.entrust.net 2.31 * 2.32 - * Revoked https://revokedec.entrust.net 2.33 + * G4 CA: 2.34 + * Valid: https://validg4.entrust.net 2.35 + * Revoked: https://revokedg4.entrust.net 2.36 */ 2.37 public class EntrustCA { 2.38 2.39 + public static void main(String[] args) throws Exception { 2.40 + 2.41 + ValidatePathWithParams pathValidator = new ValidatePathWithParams(null); 2.42 + boolean ocspEnabled = false; 2.43 + 2.44 + if (args.length >= 1 && "CRL".equalsIgnoreCase(args[0])) { 2.45 + pathValidator.enableCRLCheck(); 2.46 + } else { 2.47 + // OCSP check by default 2.48 + pathValidator.enableOCSPCheck(); 2.49 + ocspEnabled = true; 2.50 + } 2.51 + 2.52 + new Entrust_ECCA().runTest(pathValidator, ocspEnabled); 2.53 + new Entrust_G4().runTest(pathValidator, ocspEnabled); 2.54 + } 2.55 +} 2.56 + 2.57 +class Entrust_ECCA { 2.58 + 2.59 // Owner: CN=Entrust Certification Authority - L1J, OU="(c) 2016 Entrust, Inc. - for authorized use only", 2.60 // OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US 2.61 // Issuer: CN=Entrust Root Certification Authority - EC1, OU="(c) 2012 Entrust, Inc. - for authorized use only", 2.62 @@ -145,17 +169,7 @@ 2.63 "4UbcGZc40eYu6wUbAxiUDD3gwSElNQ8Z6IhNLPCCdMM6KZORyaagAcXn4A==\n" + 2.64 "-----END CERTIFICATE-----"; 2.65 2.66 - public static void main(String[] args) throws Exception { 2.67 - 2.68 - ValidatePathWithParams pathValidator = new ValidatePathWithParams(null); 2.69 - 2.70 - if (args.length >= 1 && "CRL".equalsIgnoreCase(args[0])) { 2.71 - pathValidator.enableCRLCheck(); 2.72 - } else { 2.73 - // OCSP check by default 2.74 - pathValidator.enableOCSPCheck(); 2.75 - } 2.76 - 2.77 + public void runTest(ValidatePathWithParams pathValidator, boolean ocspEnabled) throws Exception { 2.78 // Validate valid 2.79 pathValidator.validate(new String[]{VALID, INT}, 2.80 ValidatePathWithParams.Status.GOOD, null, System.out); 2.81 @@ -165,5 +179,141 @@ 2.82 ValidatePathWithParams.Status.REVOKED, 2.83 "Wed May 24 10:39:28 PDT 2017", System.out); 2.84 } 2.85 +} 2.86 2.87 +class Entrust_G4 { 2.88 + 2.89 + // Owner: CN=Entrust Certification Authority - L1N, OU="(c) 2014 Entrust, Inc. - for authorized use only", 2.90 + // OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US 2.91 + // Issuer: CN=Entrust Root Certification Authority - G4, OU="(c) 2015 Entrust, Inc. - for authorized use only", 2.92 + // OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US 2.93 + private static final String INT = "-----BEGIN CERTIFICATE-----\n" + 2.94 + "MIIGMjCCBBqgAwIBAgIRAKvsd/8bQQwHAAAAAFVl2AUwDQYJKoZIhvcNAQELBQAw\n" + 2.95 + "gb4xCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL\n" + 2.96 + "Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg\n" + 2.97 + "MjAxNSBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMjAw\n" + 2.98 + "BgNVBAMTKUVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEc0\n" + 2.99 + "MB4XDTE3MTEyMjIwMDQyMFoXDTMwMTIyMjIwMzQyMFowgboxCzAJBgNVBAYTAlVT\n" + 2.100 + "MRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1\n" + 2.101 + "c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxNCBFbnRydXN0LCBJ\n" + 2.102 + "bmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLjAsBgNVBAMTJUVudHJ1c3Qg\n" + 2.103 + "Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMU4wggEiMA0GCSqGSIb3DQEBAQUA\n" + 2.104 + "A4IBDwAwggEKAoIBAQDcSG+caYQ4xcvf+dt8bgCEHorO0g5j0H1NOtQzRXgUoG8y\n" + 2.105 + "QuRbJX9swyKqQZbsc18YvTV8OKA/uSNE46Jvq47TFPojWWTVLbNDqpM07e4EFYKs\n" + 2.106 + "A9NFzAUngijnf3ivnXA6iNPAMXaEhXmhY/YFjk8NoM7Y1PFsA0oj5hamKQ06iO/j\n" + 2.107 + "gvBScLmnQ1ju9Qj9IGIg18UL5AJNw0frspLUQBYVrLGaqAy5Nl2BUJKaZ4vnSLvP\n" + 2.108 + "nk6YrB15mo1phHae10Ba4fx7R3z8IZ/hby4OXTy/KZpu107VEQPAwTuDK8ZXxB5y\n" + 2.109 + "0DSzi4vaw27aLrUsq4aFqUo03gEfC31vWW76TNkFAgMBAAGjggErMIIBJzAOBgNV\n" + 2.110 + "HQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEF\n" + 2.111 + "BQcDAQYIKwYBBQUHAwIwOwYDVR0gBDQwMjAwBgRVHSAAMCgwJgYIKwYBBQUHAgEW\n" + 2.112 + "Gmh0dHA6Ly93d3cuZW50cnVzdC5uZXQvcnBhMDMGCCsGAQUFBwEBBCcwJTAjBggr\n" + 2.113 + "BgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMAYDVR0fBCkwJzAloCOg\n" + 2.114 + "IYYfaHR0cDovL2NybC5lbnRydXN0Lm5ldC9nNGNhLmNybDAdBgNVHQ4EFgQU7kfR\n" + 2.115 + "hXHx/S23P7s+Y1h3F0lADpUwHwYDVR0jBBgwFoAUnzjEViPDOeigcWzoVEzk6Dqx\n" + 2.116 + "v2cwDQYJKoZIhvcNAQELBQADggIBACMeFFgsWmC7h6D1v8DJUkOpm/m5UhVhO0hb\n" + 2.117 + "pQMQKMhKkl744Y9SWG4WNmpQy743TTciEJPZFhc7ke2R6VmK8ZJUqro2awOw1RWZ\n" + 2.118 + "OtHla59Btf1NQd41vOVdU+qFhs8lFfXg9sK7YHTrfxHtMXLoGnkkamK3xJgn7sXa\n" + 2.119 + "/zUvUDBTpDCXcpO9SyHoKIQswmkIPpRyIdPF4biRdR3N+9MYmlfqN/Nk3OEZ73xZ\n" + 2.120 + "AUZP6Gu+f9cEiHTA8NdYHCPLJWyFnIHWK+QuTFEnKYnOYxCeroLBNOO64e8JWZ39\n" + 2.121 + "kZ22BBXhHzqOCCczS7JOJTRF+JgvWuxbFwRstj8qf3fE+JndWmq2FC4hTHtpuK5K\n" + 2.122 + "ENuiRm5gdkXfsXmB+qB6y5gaajiTIMscGIcZIKTe2YdKrLoicvEz8k+loM7favik\n" + 2.123 + "vzFioTNTDHYGx3mkfElBE7ycY8n+jZE3QBBv33k28MeQi7XNgEaMc4tYwoZIdE9A\n" + 2.124 + "xVccXTzEQzka82dOkRB1dU0XZId9XAWv+CtNc2TjF6Wgx2seA/c6H8S0IfgQBIV2\n" + 2.125 + "8iN2wZns2QFdawkdy3hMUqPnA++kuGhLW3GemsIY5dP/WxY8rd+OfLb/Ks9T1pCd\n" + 2.126 + "28t7PQRcQsgkYmouzrOW9ASBvYqLLdhl4y+fFXff8RkPIKMNoYP06WJvRKmky9R/\n" + 2.127 + "41/nXRas\n" + 2.128 + "-----END CERTIFICATE-----"; 2.129 + 2.130 + // Owner: CN=validg4.entrust.net, SERIALNUMBER=1913605, OID.2.5.4.15=Private Organization, 2.131 + // O=Entrust Datacard Limited, OID.1.3.6.1.4.1.311.60.2.1.2=Ontario, OID.1.3.6.1.4.1.311.60.2.1.3=CA, 2.132 + // L=Ottawa, ST=Ontario, C=CA 2.133 + // Issuer: CN=Entrust Certification Authority - L1N, OU="(c) 2014 Entrust, Inc. - for authorized use only", 2.134 + // OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US 2.135 + // Serial number: 83790beb78eeb966007ad3dbf11d570 2.136 + // Valid from: Fri May 29 13:29:00 PDT 2020 until: Sun Aug 28 13:34:23 PDT 2022 2.137 + private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + 2.138 + "MIIFpjCCBI6gAwIBAgIQCDeQvreO65ZgB609vxHVcDANBgkqhkiG9w0BAQsFADCB\n" + 2.139 + "ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT\n" + 2.140 + "H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy\n" + 2.141 + "MDE0IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG\n" + 2.142 + "A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxTjAeFw0y\n" + 2.143 + "MDA1MjkyMDI5MDBaFw0yMjA4MjgyMDM0MjNaMIHRMQswCQYDVQQGEwJDQTEQMA4G\n" + 2.144 + "A1UECBMHT250YXJpbzEPMA0GA1UEBxMGT3R0YXdhMRMwEQYLKwYBBAGCNzwCAQMT\n" + 2.145 + "AkNBMRgwFgYLKwYBBAGCNzwCAQITB09udGFyaW8xITAfBgNVBAoTGEVudHJ1c3Qg\n" + 2.146 + "RGF0YWNhcmQgTGltaXRlZDEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24x\n" + 2.147 + "EDAOBgNVBAUTBzE5MTM2MDUxHDAaBgNVBAMTE3ZhbGlkZzQuZW50cnVzdC5uZXQw\n" + 2.148 + "ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC508f77Kp/kfbqs9DHfa+V\n" + 2.149 + "977gsVzI78TzfN4tF3ujwnPgd9mzLArM71VJvceOJUto7ywRasxmFxOLHf7WN2Kg\n" + 2.150 + "U1yk/Kp9WUNfjmjIkI+JfCTkaz1RztpW85GNN9SL/W2yFIxv0ijAiGoQeC7J80Ni\n" + 2.151 + "+y31Q5+M0oPMzngBOtD8LpyVt+/lSwUvxwhlChu7LWpIFmBUriILkvh11vxaItZV\n" + 2.152 + "Jm4g8amE33/eXPFjZxB4ABQpBMC4QVg10UP+DpimZuJa6oQZfoNUjDF2yKlyrA+z\n" + 2.153 + "s3kK8SXzJhE5LQxBp158jAoCVZuER08cumw3wvXI5NGzkzDxpTGacDO0bDo2ULpN\n" + 2.154 + "AgMBAAGjggGNMIIBiTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH\n" + 2.155 + "AwIGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFOA38RC6Sv6hMUgY\n" + 2.156 + "eLACjvqO13vsMB8GA1UdIwQYMBaAFO5H0YVx8f0ttz+7PmNYdxdJQA6VMGgGCCsG\n" + 2.157 + "AQUFBwEBBFwwWjAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQw\n" + 2.158 + "MwYIKwYBBQUHMAKGJ2h0dHA6Ly9haWEuZW50cnVzdC5uZXQvbDFuLWNoYWluMjU2\n" + 2.159 + "LmNlcjAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmVudHJ1c3QubmV0L2xl\n" + 2.160 + "dmVsMW4uY3JsMB4GA1UdEQQXMBWCE3ZhbGlkZzQuZW50cnVzdC5uZXQwSwYDVR0g\n" + 2.161 + "BEQwQjA3BgpghkgBhvpsCgECMCkwJwYIKwYBBQUHAgEWG2h0dHBzOi8vd3d3LmVu\n" + 2.162 + "dHJ1c3QubmV0L3JwYTAHBgVngQwBATANBgkqhkiG9w0BAQsFAAOCAQEAOExxxxEk\n" + 2.163 + "iAZZ4RJSWwI/CBQYAlUmd2wb/SBk9eYNAu/UL0XiAbwbOjH2dV6JHwAdwn0eoPR1\n" + 2.164 + "KK/E1/OVoVibVBdxLMISPqdodRgHps6kGCOJxS8Zz8d3AEvx27EQ/Hg/EwIJZsUK\n" + 2.165 + "dyb48V6a3XzExqLiwGu9oI9Ozm3/mo11ixmhvSFXH+FZf93qvvCSO+XTGGrLv5ja\n" + 2.166 + "Tkazn/HgnwUBHd1TiO0jLhAdc+rZyd/SDjXMAXsa99zVfc2MY0Mb8+MohNHOwqYg\n" + 2.167 + "tuYuirvtt9P0oteauL+iEBCRcqsmJaHGeaEyJH2QMxC5W22KpW245eHisW7rMoGQ\n" + 2.168 + "9nbGmfe97p7bHQ==\n" + 2.169 + "-----END CERTIFICATE-----"; 2.170 + 2.171 + // Owner: CN=revokedg4.entrust.net, SERIALNUMBER=1913605, OID.2.5.4.15=Private Organization, 2.172 + // O=Entrust Datacard Limited, OID.1.3.6.1.4.1.311.60.2.1.2=Ontario, OID.1.3.6.1.4.1.311.60.2.1.3=CA, 2.173 + // L=Ottawa, ST=Ontario, C=CA 2.174 + // Issuer: CN=Entrust Certification Authority - L1N, OU="(c) 2014 Entrust, Inc. - for authorized use only", 2.175 + // OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US 2.176 + // Serial number: 24c5f46412b9dcc242a93017176979d6 2.177 + // Valid from: Fri May 29 13:36:00 PDT 2020 until: Sun Aug 28 13:40:43 PDT 2022 2.178 + private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + 2.179 + "MIIFqjCCBJKgAwIBAgIQJMX0ZBK53MJCqTAXF2l51jANBgkqhkiG9w0BAQsFADCB\n" + 2.180 + "ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT\n" + 2.181 + "H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy\n" + 2.182 + "MDE0IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG\n" + 2.183 + "A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxTjAeFw0y\n" + 2.184 + "MDA1MjkyMDM2MDBaFw0yMjA4MjgyMDQwNDNaMIHTMQswCQYDVQQGEwJDQTEQMA4G\n" + 2.185 + "A1UECBMHT250YXJpbzEPMA0GA1UEBxMGT3R0YXdhMRMwEQYLKwYBBAGCNzwCAQMT\n" + 2.186 + "AkNBMRgwFgYLKwYBBAGCNzwCAQITB09udGFyaW8xITAfBgNVBAoTGEVudHJ1c3Qg\n" + 2.187 + "RGF0YWNhcmQgTGltaXRlZDEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24x\n" + 2.188 + "EDAOBgNVBAUTBzE5MTM2MDUxHjAcBgNVBAMTFXJldm9rZWRnNC5lbnRydXN0Lm5l\n" + 2.189 + "dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN6Bvaj7EG752e15UQH9\n" + 2.190 + "4o8+660Gi3caUAAu45vZebO7EfRgrz0zyalpiexmQzocGn6Zog2yVqmMZjrMY11a\n" + 2.191 + "q96s0pzVKImnA/787G7J5lRncP+PM6/WGtUUGS2hHiifoW5Ya/kcI1uk6EDT0leb\n" + 2.192 + "HIedOiwcfDkq38g5ckuWNae24DAD8AM9XBJXMuNbuiqo03wMlDL3Jif8wNQfpmPD\n" + 2.193 + "b+KR6IwGJdYwLBMoMcPmZF0rykW3YTO2NTDGCwvT8zzvjIKp8caRkI6pfkKmc89U\n" + 2.194 + "Nvgbk/d9JEsgQLbYmRKVnhtnt756U7v3+0kZITxzfsBvQZ6zC7X4FAcTN1302RGn\n" + 2.195 + "NGsCAwEAAaOCAY8wggGLMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF\n" + 2.196 + "BQcDAgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQULjRc9DEsa0kD\n" + 2.197 + "uhKNo6cCqQ+mPjgwHwYDVR0jBBgwFoAU7kfRhXHx/S23P7s+Y1h3F0lADpUwaAYI\n" + 2.198 + "KwYBBQUHAQEEXDBaMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5lbnRydXN0Lm5l\n" + 2.199 + "dDAzBggrBgEFBQcwAoYnaHR0cDovL2FpYS5lbnRydXN0Lm5ldC9sMW4tY2hhaW4y\n" + 2.200 + "NTYuY2VyMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZW50cnVzdC5uZXQv\n" + 2.201 + "bGV2ZWwxbi5jcmwwIAYDVR0RBBkwF4IVcmV2b2tlZGc0LmVudHJ1c3QubmV0MEsG\n" + 2.202 + "A1UdIAREMEIwNwYKYIZIAYb6bAoBAjApMCcGCCsGAQUFBwIBFhtodHRwczovL3d3\n" + 2.203 + "dy5lbnRydXN0Lm5ldC9ycGEwBwYFZ4EMAQEwDQYJKoZIhvcNAQELBQADggEBAGab\n" + 2.204 + "wtgpooQW3YL2Cqk9RDJFbNct5BSbzgY9qN1TOe4L7gbjV0BJBCcsHOCjvbgEuzME\n" + 2.205 + "FC/kAmBu7eMnKVAqCCsWaI8XV7xB7P/BqHpvf9LI/GyHg4wCYdxgFGBXHOjlSy+8\n" + 2.206 + "YWRM5UnFUknqbj1B4u2/U+U3X66QXi+MWrmBdjpcMahpY5zP1Bh90OmIc8DY4arf\n" + 2.207 + "widObgJe2H/VFScudLf5JMpBso2v772GYTRr5Tqqq3ouS9WvDf0NBvoStt1oiUMP\n" + 2.208 + "oowesfNiaYa/rZzWRlhYNs089KUeLhjOZswtIY5LCyy+Wt3CHgXljGEQFgi7p59s\n" + 2.209 + "gk0aMRYM9Gri26VbD5A=\n" + 2.210 + "-----END CERTIFICATE-----"; 2.211 + 2.212 + public void runTest(ValidatePathWithParams pathValidator, boolean ocspEnabled) throws Exception { 2.213 + // Validate valid 2.214 + pathValidator.validate(new String[]{VALID, INT}, 2.215 + ValidatePathWithParams.Status.GOOD, null, System.out); 2.216 + 2.217 + // Validate Revoked 2.218 + pathValidator.validate(new String[]{REVOKED, INT}, 2.219 + ValidatePathWithParams.Status.REVOKED, 2.220 + "Fri May 29 13:42:13 PDT 2020", System.out); 2.221 + } 2.222 }
3.1 --- a/test/sun/security/lib/cacerts/VerifyCACerts.java Tue Mar 29 18:04:41 2016 +0900 3.2 +++ b/test/sun/security/lib/cacerts/VerifyCACerts.java Wed Jul 29 09:31:38 2020 -0700 3.3 @@ -26,7 +26,7 @@ 3.4 * @test 3.5 * @bug 8189131 8198240 8191844 8189949 8191031 8196141 8204923 8195774 8199779 3.6 * 8209452 8209506 8210432 8195793 8216577 8222089 8222133 8222137 8222136 3.7 - * 8223499 8225392 8232019 8234245 8233223 8225068 8225069 3.8 + * 8223499 8225392 8232019 8234245 8233223 8225068 8225069 8243321 3.9 * @summary Check root CA entries in cacerts file 3.10 */ 3.11 import java.io.ByteArrayInputStream; 3.12 @@ -52,12 +52,12 @@ 3.13 + File.separator + "security" + File.separator + "cacerts"; 3.14 3.15 // The numbers of certs now. 3.16 - private static final int COUNT = 91; 3.17 + private static final int COUNT = 92; 3.18 3.19 // SHA-256 of cacerts, can be generated with 3.20 // shasum -a 256 cacerts | sed -e 's/../&:/g' | tr '[:lower:]' '[:upper:]' | cut -c1-95 3.21 private static final String CHECKSUM 3.22 - = "60:EF:3A:F8:44:CF:79:6F:A3:55:AD:3A:80:61:A7:EE:69:2A:B4:E4:F4:01:C4:47:FF:F8:25:1E:AB:87:31:F2"; 3.23 + = "44:AE:94:16:D1:2A:5B:CB:C3:89:19:D5:7A:87:C9:4A:E1:D4:ED:24:81:25:0A:0F:70:75:08:2A:D5:90:93:8B"; 3.24 3.25 // map of cert alias to SHA-256 fingerprint 3.26 @SuppressWarnings("serial") 3.27 @@ -246,6 +246,8 @@ 3.28 "18:CE:6C:FE:7B:F1:4E:60:B2:E3:47:B8:DF:E8:68:CB:31:D0:2E:BB:3A:DA:27:15:69:F5:03:43:B4:6D:B3:A4"); 3.29 put("amazonrootca4 [jdk]", 3.30 "E3:5D:28:41:9E:D0:20:25:CF:A6:90:38:CD:62:39:62:45:8D:A5:C6:95:FB:DE:A3:C2:2B:0B:FB:25:89:70:92"); 3.31 + put("entrustrootcag4 [jdk]", 3.32 + "DB:35:17:D1:F6:73:2A:2D:5A:B9:7C:53:3E:C7:07:79:EE:32:70:A6:2F:B4:AC:42:38:37:24:60:E6:F0:1E:88"); 3.33 } 3.34 }; 3.35