1 /*
2  * Copyright (c) 2011, 2014, Oracle and/or its affiliates. All rights reserved.
3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4  *
5  * This code is free software; you can redistribute it and/or modify it
6  * under the terms of the GNU General Public License version 2 only, as
7  * published by the Free Software Foundation.
8  *
9  * This code is distributed in the hope that it will be useful, but WITHOUT
10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12  * version 2 for more details (a copy is included in the LICENSE file that
13  * accompanied this code).
14  *
15  * You should have received a copy of the GNU General Public License version
16  * 2 along with this work; if not, write to the Free Software Foundation,
17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18  *
19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20  * or visit www.oracle.com if you need additional information or have any
21  * questions.
22  */
23 
24 /*
25  * @test
26  * @bug 7099399
27  * @summary cannot deal with CRL file larger than 16MB
28  * @modules java.base/sun.security.x509
29  * @run main/othervm -Xshare:off -Xmx1024m BigCRL
30  */
31 
32 import java.io.FileInputStream;
33 import java.math.BigInteger;
34 import java.security.KeyStore;
35 import java.security.cert.Certificate;
36 import java.security.PrivateKey;
37 import java.security.cert.X509CRLEntry;
38 import java.util.Arrays;
39 import java.util.Date;
40 import sun.security.x509.*;
41 import java.security.cert.CertificateFactory;
42 import java.io.ByteArrayInputStream;
43 
44 public class BigCRL {
45 
main(String[] args)46     public static void main(String[] args) throws Exception {
47         int n = 500000;
48         String ks = System.getProperty("test.src", ".")
49                 + "/../../../../javax/net/ssl/etc/keystore";
50         String pass = "passphrase";
51         String alias = "dummy";
52 
53         KeyStore keyStore = KeyStore.getInstance("JKS");
54         keyStore.load(new FileInputStream(ks), pass.toCharArray());
55         Certificate signerCert = keyStore.getCertificate(alias);
56         byte[] encoded = signerCert.getEncoded();
57         X509CertImpl signerCertImpl = new X509CertImpl(encoded);
58         X509CertInfo signerCertInfo = (X509CertInfo)signerCertImpl.get(
59                 X509CertImpl.NAME + "." + X509CertImpl.INFO);
60         X500Name owner = (X500Name)signerCertInfo.get(X509CertInfo.SUBJECT + "."
61                 + X509CertInfo.DN_NAME);
62 
63         Date date = new Date();
64         PrivateKey privateKey = (PrivateKey)
65                 keyStore.getKey(alias, pass.toCharArray());
66         String sigAlgName = signerCertImpl.getSigAlgOID();
67 
68         X509CRLEntry[] badCerts = new X509CRLEntry[n];
69         CRLExtensions ext = new CRLExtensions();
70         ext.set("Reason", new CRLReasonCodeExtension(1));
71         for (int i = 0; i < n; i++) {
72             badCerts[i] = new X509CRLEntryImpl(
73                     BigInteger.valueOf(i), date, ext);
74         }
75         X509CRLImpl crl = new X509CRLImpl(owner, date, date, badCerts);
76         crl.sign(privateKey, sigAlgName);
77         byte[] data = crl.getEncodedInternal();
78 
79         // Make sure the CRL is big enough
80         if ((data[1]&0xff) != 0x84) {
81             throw new Exception("The file should be big enough?");
82         }
83 
84         CertificateFactory cf = CertificateFactory.getInstance("X.509");
85         cf.generateCRL(new ByteArrayInputStream(data));
86     }
87 }
88 
89