Skip to content

Commit

Permalink
8317373: Add Telia Root CA v2
Browse files Browse the repository at this point in the history 
Reviewed-by: phh
Backport-of: d3ebb4a155be8ed93e79b6b58c645e861ec30267
  • Loading branch information
@jerboaa
jerboaa committed Nov 7, 2023
1 parent 75daf18 commit 3592b70
Show file tree
Hide file tree
Showing 3 changed files with 58 additions and 3 deletions.
39 changes: 39 additions & 0 deletions make/data/cacerts/teliarootcav2
View file
@@ -0,0 +1,39 @@
Owner: CN=Telia Root CA v2, O=Telia Finland Oyj, C=FI
Issuer: CN=Telia Root CA v2, O=Telia Finland Oyj, C=FI
Serial number: 1675f27d6fe7ae3e4acbe095b059e
Valid from: Thu Nov 29 11:55:54 GMT 2018 until: Sun Nov 29 11:55:54 GMT 2043
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 4096-bit RSA key
Version: 3
-----BEGIN CERTIFICATE-----
MIIFdDCCA1ygAwIBAgIPAWdfJ9b+euPkrL4JWwWeMA0GCSqGSIb3DQEBCwUAMEQx
CzAJBgNVBAYTAkZJMRowGAYDVQQKDBFUZWxpYSBGaW5sYW5kIE95ajEZMBcGA1UE
AwwQVGVsaWEgUm9vdCBDQSB2MjAeFw0xODExMjkxMTU1NTRaFw00MzExMjkxMTU1
NTRaMEQxCzAJBgNVBAYTAkZJMRowGAYDVQQKDBFUZWxpYSBGaW5sYW5kIE95ajEZ
MBcGA1UEAwwQVGVsaWEgUm9vdCBDQSB2MjCCAiIwDQYJKoZIhvcNAQEBBQADggIP
ADCCAgoCggIBALLQPwe84nvQa5n44ndp586dpAO8gm2h/oFlH0wnrI4AuhZ76zBq
AMCzdGh+sq/H1WKzej9Qyow2RCRj0jbpDIX2Q3bVTKFgcmfiKDOlyzG4OiIjNLh9
vVYiQJ3q9HsDrWj8soFPmNB06o3lfc1jw6P23pLCWBnglrvFxKk9pXSW/q/5iaq9
lRdU2HhE8Qx3FZLgmEKnpNaqIJLNwaCzlrI6hEKNfdWV5Nbb6WLEWLN5xYzTNTOD
n3WhUidhOPFZPY5Q4L15POdslv5e2QJltI5c0BE0312/UqeBAMN/mUWZFdUXyApT
7GPzmX3MaRKGwhfwAZ6/hLzRUssbkmbOpFPlob/E2wnW5olWK8jjfN7j/4nlNW4o
6GwLI1GpJQXrSPjdscr6bAhR77cYbETKJuFzxokGgeWKrLDiKca5JLNrRBH0pUPC
TEPlcDaMtjNXepUugqD0XBCzYYP2AgWGLnwtbNwDRm41k9V6lS/eINhbfpSQBGq6
WT0EBXWdN6IOLj3rwaRSg/7Qa9RmjtzG6RJOHSpXqhC8fF6CfaamyfItufUXJ63R
DolUK5X6wK0dmBR4M0KGCqlztft0DbcbMBnEWg4cJ7faGND/isgFuvGqHKI3t+ZI
pEYslOqodmJHixBTB0hXbOKSTbauBcvcwUpej6w9GU7C7WB1K9vBykLVAgMBAAGj
YzBhMB8GA1UdIwQYMBaAFHKs5DN5qkWH9v2sHZ7Wxy+G2CQ5MB0GA1UdDgQWBBRy
rOQzeapFh/b9rB2e1scvhtgkOTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUw
AwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAoDtZpwmUPjaE0n4vOaWWl/oRrfxn83EJ
8rKJhGdEr7nv7ZbsnGTbMjBvZ5qsfl+yqwE2foH65IRe0qw24GtixX1LDoJt0nZi
0f6X+J8wfBj5tFJ3gh1229MdqfDBmgC9bXXYfef6xzijnHDoRnkDry5023X4blMM
A8iZGok1GTzTyVR8qPAs5m4HeW9q4ebqkYJpCh3DflminmtGFZhb069GHWLIzoBS
SRE/yQQSwxN8PzuKlts8oB4KtItUsiRnDe+Cy748fdHif64W1lZYudogsYMVoe+K
TTJvQS8TUoKU1xrBeKJR3Stwbbca+few4GeXVtt8YVMJAygCQMez2P2ccGrGKMOF
6eLtGpOg3kuYooQ+BXcBlj37tCAPnHICehIv1aO6UXivKitEZU61/Qrowc15h2Er
3oBXRb9n8ZuRXqWk7FlIEA04x7D6w0RtBPV4UBySllva9bguulvP5fBqnUsvWHMt
Ty3EHD70sz+rFQ47GUGKpMFXEmZxTPpT41frYpUJnlTd0cI8Vzy9OK2YZLe4A5pT
VmBds9hCG1xLEooc6+t9xnppxyd/pPiL8uSUZodL6ZQHCRJ5irLrdATczvREWeAW
ysUsWNc8e89ihmpQfTU2Zqf7N+cox9jQraVplI/owd8k+BsHMYeB2F326CjYSlKA
rBPuUBQemMc=
-----END CERTIFICATE-----
14 changes: 14 additions & 0 deletions test/jdk/security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java
View file
Expand Up @@ -352,6 +352,16 @@
* @run main/othervm -Djava.security.debug=certpath CAInterop certignarootca CRL
*/

/*
* @test id=teliarootcav2
* @bug 8317373
* @summary Interoperability tests with Telia Root CA V2
* @library /test/lib
* @build jtreg.SkippedException ValidatePathWithURL CAInterop
* @run main/othervm -Djava.security.debug=certpath,ocsp CAInterop teliarootcav2 OCSP
* @run main/othervm -Djava.security.debug=certpath CAInterop teliarootcav2 CRL
*/

/**
* Collection of certificate validation tests for interoperability with external CAs
*/
Expand Down Expand Up @@ -479,6 +489,10 @@ private CATestURLs getTestURLs(String alias) {
return new CATestURLs("https://valid.servicesca.dhimyotis.com",
"https://revoked.servicesca.dhimyotis.com");

case "teliarootcav2":
return new CATestURLs("https://juolukka.cover.telia.fi:10600",
"https://juolukka.cover.telia.fi:10601");

default: throw new RuntimeException("No test setup found for: " + alias);
}
}
Expand Down
8 changes: 5 additions & 3 deletions test/jdk/sun/security/lib/cacerts/VerifyCACerts.java
View file
Expand Up @@ -28,7 +28,7 @@
* 8209452 8209506 8210432 8195793 8216577 8222089 8222133 8222137 8222136
* 8223499 8225392 8232019 8234245 8233223 8225068 8225069 8243321 8243320
* 8243559 8225072 8258630 8259312 8256421 8225081 8225082 8225083 8245654
* 8305975 8304760 8307134 8295894 8314960
* 8305975 8304760 8307134 8295894 8314960 8317373
* @summary Check root CA entries in cacerts file
*/
import java.io.ByteArrayInputStream;
Expand All @@ -47,12 +47,12 @@ public class VerifyCACerts {
+ File.separator + "security" + File.separator + "cacerts";

// The numbers of certs now.
private static final int COUNT = 97;
private static final int COUNT = 98;

// SHA-256 of cacerts, can be generated with
// shasum -a 256 cacerts | sed -e 's/../&:/g' | tr '[:lower:]' '[:upper:]' | cut -c1-95
private static final String CHECKSUM
= "88:72:92:56:FF:E5:A3:E4:39:98:6D:18:0B:BA:CC:0B:66:CB:1D:6D:52:CE:D7:C8:AD:63:B7:F1:5F:02:24:52";
= "63:A7:1F:4F:8E:4B:A1:04:DE:BB:EC:2E:31:35:5B:5A:19:D4:B1:C0:59:62:B1:13:65:C3:AE:C7:DB:78:9A:1E";
// map of cert alias to SHA-256 fingerprint
@SuppressWarnings("serial")
private static final Map<String, String> FINGERPRINT_MAP = new HashMap<>() {
Expand Down Expand Up @@ -251,6 +251,8 @@ public class VerifyCACerts {
"34:9D:FA:40:58:C5:E2:63:12:3B:39:8A:E7:95:57:3C:4E:13:13:C8:3F:E6:8F:93:55:6C:D5:E8:03:1B:3C:7D");
put("certignarootca [jdk]",
"D4:8D:3D:23:EE:DB:50:A4:59:E5:51:97:60:1C:27:77:4B:9D:7B:18:C9:4D:5A:05:95:11:A1:02:50:B9:31:68");
put("teliarootcav2 [jdk]",
"24:2B:69:74:2F:CB:1E:5B:2A:BF:98:89:8B:94:57:21:87:54:4E:5B:4D:99:11:78:65:73:62:1F:6A:74:B8:2C");
}
};

Expand Down

1 comment on commit 3592b70

@openjdk-notifier
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Review

Issues

Please sign in to comment.