changeset 1013:74fe20f0e49b

6820606: keytool can generate serialno more randomly Reviewed-by: xuelei
author weijun
date Mon, 23 Mar 2009 17:05:48 +0800
parents cc8ffb0fc1a4
children b9cc5da6c516
files src/share/classes/sun/security/tools/KeyTool.java src/share/classes/sun/security/x509/CertAndKeyGen.java
diffstat 2 files changed, 6 insertions(+), 6 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/sun/security/tools/KeyTool.java	Sat Mar 21 13:52:13 2009 -0700
+++ b/src/share/classes/sun/security/tools/KeyTool.java	Mon Mar 23 17:05:48 2009 +0800
@@ -1072,8 +1072,8 @@
 
         X509CertInfo info = new X509CertInfo();
         info.set(X509CertInfo.VALIDITY, interval);
-        info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber
-                 ((int)(firstDate.getTime()/1000)));
+        info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(
+                    new java.util.Random().nextInt() & 0x7fffffff));
         info.set(X509CertInfo.VERSION,
                      new CertificateVersion(CertificateVersion.V3));
         info.set(X509CertInfo.ALGORITHM_ID,
@@ -2121,8 +2121,8 @@
         certInfo.set(X509CertInfo.VALIDITY, interval);
 
         // Make new serial number
-        certInfo.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber
-                     ((int)(firstDate.getTime()/1000)));
+        certInfo.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(
+                    new java.util.Random().nextInt() & 0x7fffffff));
 
         // Set owner and issuer fields
         X500Name owner;
--- a/src/share/classes/sun/security/x509/CertAndKeyGen.java	Sat Mar 21 13:52:13 2009 -0700
+++ b/src/share/classes/sun/security/x509/CertAndKeyGen.java	Mon Mar 23 17:05:48 2009 +0800
@@ -265,8 +265,8 @@
             // Add all mandatory attributes
             info.set(X509CertInfo.VERSION,
                      new CertificateVersion(CertificateVersion.V3));
-            info.set(X509CertInfo.SERIAL_NUMBER,
-                 new CertificateSerialNumber((int)(firstDate.getTime()/1000)));
+            info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(
+                    new java.util.Random().nextInt() & 0x7fffffff));
             AlgorithmId algID = issuer.getAlgorithmId();
             info.set(X509CertInfo.ALGORITHM_ID,
                      new CertificateAlgorithmId(algID));