7194449: String resources for Key Tool and Policy Tool should be in their respective packages

Reviewed-by: alanb, weijun, mullan

make/common/Release.gmk

@@ -348,15 +348,15 @@ TOOLS = \
 	sun/tools/serialver	\
 	sun/tools/tree		\
 	sun/tools/util		\
-	sun/security/tools/JarBASE64Encoder.class \
-	sun/security/tools/JarSigner.class \
-	sun/security/tools/JarSignerParameters.class \
-	sun/security/tools/JarSignerResources.class \
-	sun/security/tools/JarSignerResources_ja.class \
-	sun/security/tools/JarSignerResources_zh_CN.class \
-	sun/security/tools/SignatureFile\$$Block.class \
-	sun/security/tools/SignatureFile.class \
-	sun/security/tools/TimestampedSigner.class \
+	sun/security/tools/jarsigner/JarBASE64Encoder.class \
+	sun/security/tools/jarsigner/Main.class \
+	sun/security/tools/jarsigner/JarSignerParameters.class \
+	sun/security/tools/jarsigner/Resources.class \
+	sun/security/tools/jarsigner/Resources_ja.class \
+	sun/security/tools/jarsigner/Resources_zh_CN.class \
+	sun/security/tools/jarsigner/SignatureFile\$$Block.class \
+	sun/security/tools/jarsigner/SignatureFile.class \
+	sun/security/tools/jarsigner/TimestampedSigner.class \
 	sun/rmi/rmic		\
 	sun/applet		\
 	sun/jvmstat		\
@@ -572,15 +572,15 @@ $(NOT_RT_JAR_LIST): FRC
 	$(ECHO) "sun/tools/serialver/" >> $@
 	$(ECHO) "sun/tools/tree/" >> $@
 	$(ECHO) "sun/tools/util/" >> $@
-	$(ECHO) "sun/security/tools/JarBASE64Encoder.class" >> $@
-	$(ECHO) "sun/security/tools/JarSigner.class" >> $@
-	$(ECHO) "sun/security/tools/JarSignerParameters.class" >> $@
-	$(ECHO) "sun/security/tools/JarSignerResources.class" >> $@
-	$(ECHO) "sun/security/tools/JarSignerResources_ja.class" >> $@
-	$(ECHO) "sun/security/tools/JarSignerResources_zh_CN.class" >> $@
-	$(ECHO) "sun/security/tools/SignatureFile\$$Block.class" >> $@
-	$(ECHO) "sun/security/tools/SignatureFile.class" >> $@
-	$(ECHO) "sun/security/tools/TimestampedSigner.class" >> $@
+	$(ECHO) "sun/security/tools/jarsigner/JarBASE64Encoder.class" >> $@
+	$(ECHO) "sun/security/tools/jarsigner/Main.class" >> $@
+	$(ECHO) "sun/security/tools/jarsigner/JarSignerParameters.class" >> $@
+	$(ECHO) "sun/security/tools/jarsigner/Resources.class" >> $@
+	$(ECHO) "sun/security/tools/jarsigner/Resources_ja.class" >> $@
+	$(ECHO) "sun/security/tools/jarsigner/Resources_zh_CN.class" >> $@
+	$(ECHO) "sun/security/tools/jarsigner/SignatureFile\$$Block.class" >> $@
+	$(ECHO) "sun/security/tools/jarsigner/SignatureFile.class" >> $@
+	$(ECHO) "sun/security/tools/jarsigner/TimestampedSigner.class" >> $@
 	$(ECHO) "sun/security/provider/Sun.class" >> $@
 	$(ECHO) "sun/security/rsa/SunRsaSign.class" >> $@
 	$(ECHO) "sun/security/ssl/" >> $@

make/launchers/Makefile

@@ -58,7 +58,7 @@ $(make-appletviewer)
 $(call make-launcher, extcheck, com.sun.tools.extcheck.Main, , )
 $(call make-launcher, idlj, com.sun.tools.corba.se.idl.toJavaPortable.Compile, , )
 $(call make-launcher, jar, sun.tools.jar.Main, , )
-$(call make-launcher, jarsigner, sun.security.tools.JarSigner, , )
+$(call make-launcher, jarsigner, sun.security.tools.jarsigner.Main, , )
 $(call make-launcher, javac, com.sun.tools.javac.Main, , )
 $(call make-launcher, javadoc, com.sun.tools.javadoc.Main, , )
 $(call make-launcher, javah, com.sun.tools.javah.Main, , )

make/sun/security/tools/Makefile

 #
-# Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
@@ -37,7 +37,7 @@ AUTO_FILES_JAVA_DIRS = sun/security/tools
 # Resources
 #
 LOCALE_SET_DEFINITION = jdk
-RESOURCE_BUNDLES_JAVA = sun/security/tools/JarSignerResources.java
+RESOURCE_BUNDLES_JAVA = sun/security/tools/jarsigner/Resources.java
 
 #
 # Rules
@@ -45,7 +45,7 @@ RESOURCE_BUNDLES_JAVA = sun/security/tools/JarSignerResources.java
 include $(BUILDDIR)/common/Classes.gmk
 
 build:
-	$(call make-launcher, keytool, sun.security.tools.KeyTool, , )
+	$(call make-launcher, keytool, sun.security.tools.keytool.Main, , )
 ifndef BUILD_HEADLESS_ONLY
 	$(call make-launcher, policytool, sun.security.tools.policytool.PolicyTool, , )
 endif

makefiles/CompileLaunchers.gmk

@@ -232,7 +232,7 @@ $(eval $(call SetupLauncher,jar,\
     -DJAVA_ARGS='{ "-J-ms8m"$(COMMA) "sun.tools.jar.Main"$(COMMA) }'))
 
 $(eval $(call SetupLauncher,jarsigner,\
-    -DJAVA_ARGS='{ "-J-ms8m"$(COMMA) "sun.security.tools.JarSigner"$(COMMA) }'))
+    -DJAVA_ARGS='{ "-J-ms8m"$(COMMA) "sun.security.tools.jarsigner.Main"$(COMMA) }'))
 
 $(eval $(call SetupLauncher,javac,\
     -DEXPAND_CLASSPATH_WILDCARDS \
@@ -310,7 +310,7 @@ $(eval $(call SetupLauncher,jstatd,\
     -DJAVA_ARGS='{ "-J-ms8m"$(COMMA) "sun.tools.jstatd.Jstatd"$(COMMA) }'))
 
 $(eval $(call SetupLauncher,keytool,\
-    -DJAVA_ARGS='{ "-J-ms8m"$(COMMA) "sun.security.tools.KeyTool"$(COMMA) }'))
+    -DJAVA_ARGS='{ "-J-ms8m"$(COMMA) "sun.security.tools.keytool.Main"$(COMMA) }'))
 
 $(eval $(call SetupLauncher,native2ascii,\
     -DJAVA_ARGS='{ "-J-ms8m"$(COMMA) "sun.tools.native2ascii.Main"$(COMMA) }'))

makefiles/CreateJars.gmk

@@ -131,15 +131,15 @@ RT_JAR_EXCLUDES := \
 	sun/tools/serialver \
 	sun/tools/tree \
 	sun/tools/util \
-	sun/security/tools/JarBASE64Encoder.class \
-	sun/security/tools/JarSigner.class \
-	sun/security/tools/JarSignerParameters.class \
-	sun/security/tools/JarSignerResources.class \
-	sun/security/tools/JarSignerResources_ja.class \
-	sun/security/tools/JarSignerResources_zh_CN.class \
-	sun/security/tools/SignatureFile\$$$$Block.class \
-	sun/security/tools/SignatureFile.class \
-	sun/security/tools/TimestampedSigner.class \
+	sun/security/tools/jarsigner/JarBASE64Encoder.class \
+	sun/security/tools/jarsigner/Main.class \
+	sun/security/tools/jarsigner/JarSignerParameters.class \
+	sun/security/tools/jarsigner/Resources.class \
+	sun/security/tools/jarsigner/Resources_ja.class \
+	sun/security/tools/jarsigner/Resources_zh_CN.class \
+	sun/security/tools/jarsigner/SignatureFile\$$$$Block.class \
+	sun/security/tools/jarsigner/SignatureFile.class \
+	sun/security/tools/jarsigner/TimestampedSigner.class \
 	sun/security/provider/Sun.class \
 	sun/security/rsa/SunRsaSign.class \
 	sun/security/ssl \

src/share/classes/sun/security/tools/KeyStoreUtil.java

 /*
- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,6 +25,18 @@
 
 package sun.security.tools;
 
+import java.io.BufferedReader;
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStreamReader;
+
+import java.net.URL;
+
+import java.security.KeyStore;
+
+import java.text.Collator;
+
 import java.util.Locale;
 
 /**
@@ -34,18 +46,17 @@ import java.util.Locale;
  */
 public class KeyStoreUtil {
 
-    // Class and methods marked as public so that they can be
-    // accessed by JarSigner, which although lies in a package
-    // with the same name, but bundled in tools.jar and loaded
-    // by another class loader, hence in a different *runtime*
-    // package.
-    //
-    // See JVM Spec, 5.3 and 5.4.4
-
     private KeyStoreUtil() {
         // this class is not meant to be instantiated
     }
 
+    private static final String JKS = "jks";
+
+    private static final Collator collator = Collator.getInstance();
+    static {
+        // this is for case insensitive string comparisons
+        collator.setStrength(Collator.PRIMARY);
+    };
 
     /**
      * Returns true if KeyStore has a password. This is true except for
@@ -68,4 +79,76 @@ public class KeyStoreUtil {
             return storetype.toUpperCase(Locale.ENGLISH);
         }
     }
+
+    /**
+     * Returns the keystore with the configured CA certificates.
+     */
+    public static KeyStore getCacertsKeyStore()
+        throws Exception
+    {
+        String sep = File.separator;
+        File file = new File(System.getProperty("java.home") + sep
+                             + "lib" + sep + "security" + sep
+                             + "cacerts");
+        if (!file.exists()) {
+            return null;
+        }
+        KeyStore caks = null;
+        try (FileInputStream fis = new FileInputStream(file)) {
+            caks = KeyStore.getInstance(JKS);
+            caks.load(fis, null);
+        }
+        return caks;
+    }
+
+    public static char[] getPassWithModifier(String modifier, String arg,
+                                             java.util.ResourceBundle rb) {
+        if (modifier == null) {
+            return arg.toCharArray();
+        } else if (collator.compare(modifier, "env") == 0) {
+            String value = System.getenv(arg);
+            if (value == null) {
+                System.err.println(rb.getString(
+                        "Cannot.find.environment.variable.") + arg);
+                return null;
+            } else {
+                return value.toCharArray();
+            }
+        } else if (collator.compare(modifier, "file") == 0) {
+            try {
+                URL url = null;
+                try {
+                    url = new URL(arg);
+                } catch (java.net.MalformedURLException mue) {
+                    File f = new File(arg);
+                    if (f.exists()) {
+                        url = f.toURI().toURL();
+                    } else {
+                        System.err.println(rb.getString(
+                                "Cannot.find.file.") + arg);
+                        return null;
+                    }
+                }
+
+                try (BufferedReader br =
+                     new BufferedReader(new InputStreamReader(
+                         url.openStream()))) {
+                    String value = br.readLine();
+
+                    if (value == null) {
+                        return new char[0];
+                    }
+
+                    return value.toCharArray();
+                }
+            } catch (IOException ioe) {
+                System.err.println(ioe);
+                return null;
+            }
+        } else {
+            System.err.println(rb.getString("Unknown.password.type.") +
+                    modifier);
+            return null;
+        }
+    }
 }

src/share/classes/sun/security/tools/JarSigner.java → src/share/classes/sun/security/tools/jarsigner/Main.java

 /*
- * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,7 +23,7 @@
  * questions.
  */
 
-package sun.security.tools;
+package sun.security.tools.jarsigner;
 
 import java.io.*;
 import java.util.*;
@@ -53,6 +53,8 @@ import java.security.cert.CertificateNotYetValidException;
 import java.security.cert.PKIXParameters;
 import java.security.cert.TrustAnchor;
 import java.util.Map.Entry;
+import sun.security.tools.KeyStoreUtil;
+import sun.security.tools.PathList;
 import sun.security.x509.*;
 import sun.security.util.*;
 import sun.misc.BASE64Encoder;
@@ -74,12 +76,12 @@ import sun.misc.BASE64Encoder;
  * @author Jan Luehe
  */
 
-public class JarSigner {
+public class Main {
 
     // for i18n
     private static final java.util.ResourceBundle rb =
         java.util.ResourceBundle.getBundle
-        ("sun.security.tools.JarSignerResources");
+        ("sun.security.tools.jarsigner.Resources");
     private static final Collator collator = Collator.getInstance();
     static {
         // this is for case insensitive string comparisions
@@ -101,7 +103,7 @@ public class JarSigner {
     // Attention:
     // This is the entry that get launched by the security tool jarsigner.
     public static void main(String args[]) throws Exception {
-        JarSigner js = new JarSigner();
+        Main js = new Main();
         js.run(args);
     }
 
@@ -461,7 +463,7 @@ public class JarSigner {
     }
 
     static char[] getPass(String modifier, String arg) {
-        char[] output = KeyTool.getPassWithModifier(modifier, arg);
+        char[] output = KeyStoreUtil.getPassWithModifier(modifier, arg, rb);
         if (output != null) return output;
         usage();
         return null;    // Useless, usage() already exit
@@ -1579,7 +1581,7 @@ public class JarSigner {
             validator = CertPathValidator.getInstance("PKIX");
             Set<TrustAnchor> tas = new HashSet<>();
             try {
-                KeyStore caks = KeyTool.getCacertsKeyStore();
+                KeyStore caks = KeyStoreUtil.getCacertsKeyStore();
                 if (caks != null) {
                     Enumeration<String> aliases = caks.aliases();
                     while (aliases.hasMoreElements()) {

src/share/classes/sun/security/tools/JarSignerResources.java → src/share/classes/sun/security/tools/jarsigner/Resources.java

 /*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,14 +23,14 @@
  * questions.
  */
 
-package sun.security.tools;
+package sun.security.tools.jarsigner;
 
 /**
  * <p> This class represents the <code>ResourceBundle</code>
  * for JarSigner.
  *
  */
-public class JarSignerResources extends java.util.ListResourceBundle {
+public class Resources extends java.util.ListResourceBundle {
 
     private static final Object[][] contents = {
 
@@ -227,6 +227,10 @@ public class JarSignerResources extends java.util.ListResourceBundle {
                 "The signer's certificate chain is not validated."},
         {"This.jar.contains.entries.whose.certificate.chain.is.not.validated.",
                  "This jar contains entries whose certificate chain is not validated."},
+        {"Unknown.password.type.", "Unknown password type: "},
+        {"Cannot.find.environment.variable.",
+                "Cannot find environment variable: "},
+        {"Cannot.find.file.", "Cannot find file: "},
     };
 
     /**
@@ -236,6 +240,7 @@ public class JarSignerResources extends java.util.ListResourceBundle {
      *
      * @return the contents of this <code>ResourceBundle</code>.
      */
+    @Override
     public Object[][] getContents() {
         return contents;
     }

src/share/classes/sun/security/tools/JarSignerResources_ja.java → src/share/classes/sun/security/tools/jarsigner/Resources_ja.java

 /*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,14 +23,14 @@
  * questions.
  */
 
-package sun.security.tools;
+package sun.security.tools.jarsigner;
 
 /**
  * <p> This class represents the <code>ResourceBundle</code>
  * for JarSigner.
  *
  */
-public class JarSignerResources_ja extends java.util.ListResourceBundle {
+public class Resources_ja extends java.util.ListResourceBundle {
 
     private static final Object[][] contents = {
 
@@ -225,6 +225,10 @@ public class JarSignerResources_ja extends java.util.ListResourceBundle {
                 "\u7F72\u540D\u8005\u306E\u8A3C\u660E\u66F8\u30C1\u30A7\u30FC\u30F3\u304C\u307E\u3060\u691C\u8A3C\u3055\u308C\u3066\u3044\u307E\u305B\u3093\u3002"},
         {"This.jar.contains.entries.whose.certificate.chain.is.not.validated.",
                  "\u3053\u306Ejar\u306B\u306F\u3001\u8A3C\u660E\u66F8\u30C1\u30A7\u30FC\u30F3\u304C\u307E\u3060\u691C\u8A3C\u3055\u308C\u3066\u3044\u306A\u3044\u30A8\u30F3\u30C8\u30EA\u304C\u542B\u307E\u308C\u3066\u3044\u307E\u3059\u3002"},
+        {"Unknown.password.type.", "\u4E0D\u660E\u306A\u30D1\u30B9\u30EF\u30FC\u30C9\u30FB\u30BF\u30A4\u30D7: "},
+        {"Cannot.find.environment.variable.",
+                "\u74B0\u5883\u5909\u6570\u304C\u898B\u3064\u304B\u308A\u307E\u305B\u3093: "},
+        {"Cannot.find.file.", "\u30D5\u30A1\u30A4\u30EB\u304C\u898B\u3064\u304B\u308A\u307E\u305B\u3093: "},
     };
 
     /**
@@ -234,6 +238,7 @@ public class JarSignerResources_ja extends java.util.ListResourceBundle {
      *
      * @return the contents of this <code>ResourceBundle</code>.
      */
+    @Override
     public Object[][] getContents() {
         return contents;
     }

src/share/classes/sun/security/tools/JarSignerResources_zh_CN.java → src/share/classes/sun/security/tools/jarsigner/Resources_zh_CN.java

 /*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,14 +23,14 @@
  * questions.
  */
 
-package sun.security.tools;
+package sun.security.tools.jarsigner;
 
 /**
  * <p> This class represents the <code>ResourceBundle</code>
  * for JarSigner.
  *
  */
-public class JarSignerResources_zh_CN extends java.util.ListResourceBundle {
+public class Resources_zh_CN extends java.util.ListResourceBundle {
 
     private static final Object[][] contents = {
 
@@ -225,6 +225,11 @@ public class JarSignerResources_zh_CN extends java.util.ListResourceBundle {
                 "\u7B7E\u540D\u8005\u7684\u8BC1\u4E66\u94FE\u672A\u9A8C\u8BC1\u3002"},
         {"This.jar.contains.entries.whose.certificate.chain.is.not.validated.",
                  "\u6B64 jar \u5305\u542B\u8BC1\u4E66\u94FE\u672A\u9A8C\u8BC1\u7684\u6761\u76EE\u3002"},
+        {"Unknown.password.type.", "\u672A\u77E5\u53E3\u4EE4\u7C7B\u578B: "},
+        {"Cannot.find.environment.variable.",
+                "\u627E\u4E0D\u5230\u73AF\u5883\u53D8\u91CF: "},
+        {"Cannot.find.file.", "\u627E\u4E0D\u5230\u6587\u4EF6: "},
+        {"Command.option.flag.needs.an.argument.", "\u547D\u4EE4\u9009\u9879{0}\u9700\u8981\u4E00\u4E2A\u53C2\u6570\u3002"},
     };
 
     /**
@@ -234,6 +239,7 @@ public class JarSignerResources_zh_CN extends java.util.ListResourceBundle {
      *
      * @return the contents of this <code>ResourceBundle</code>.
      */
+    @Override
     public Object[][] getContents() {
         return contents;
     }

src/share/classes/sun/security/tools/TimestampedSigner.java → src/share/classes/sun/security/tools/jarsigner/TimestampedSigner.java

 /*
- * Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2007, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,7 +23,7 @@
  * questions.
  */
 
-package sun.security.tools;
+package sun.security.tools.jarsigner;
 
 import java.io.IOException;
 import java.net.URI;

src/share/classes/sun/security/tools/CertAndKeyGen.java → src/share/classes/sun/security/tools/keytool/CertAndKeyGen.java

 /*
- * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,7 +23,7 @@
  * questions.
  */
 
-package sun.security.tools;
+package sun.security.tools.keytool;
 
 import java.io.IOException;
 import java.security.cert.X509Certificate;

src/share/classes/sun/security/tools/KeyTool.java → src/share/classes/sun/security/tools/keytool/Main.java

 /*
- * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,7 +23,7 @@
  * questions.
  */
 
-package sun.security.tools;
+package sun.security.tools.keytool;
 
 import java.io.*;
 import java.security.CodeSigner;
@@ -75,12 +75,14 @@ import javax.crypto.SecretKey;
 
 import sun.misc.BASE64Decoder;
 import sun.security.pkcs.PKCS9Attribute;
+import sun.security.tools.KeyStoreUtil;
+import sun.security.tools.PathList;
 import sun.security.util.DerValue;
 import sun.security.x509.*;
 
 import static java.security.KeyStore.*;
-import static sun.security.tools.KeyTool.Command.*;
-import static sun.security.tools.KeyTool.Option.*;
+import static sun.security.tools.keytool.Main.Command.*;
+import static sun.security.tools.keytool.Main.Option.*;
 
 /**
  * This tool manages keystores.
@@ -94,7 +96,7 @@ import static sun.security.tools.KeyTool.Option.*;
  *
  * @since 1.2
  */
-public final class KeyTool {
+public final class Main {
 
     private boolean debug = false;
     private Command command = null;
@@ -304,7 +306,6 @@ public final class KeyTool {
 
     private static final Class[] PARAM_STRING = { String.class };
 
-    private static final String JKS = "jks";
     private static final String NONE = "NONE";
     private static final String P11KEYSTORE = "PKCS11";
     private static final String P12KEYSTORE = "PKCS12";
@@ -312,17 +313,18 @@ public final class KeyTool {
 
     // for i18n
     private static final java.util.ResourceBundle rb =
-        java.util.ResourceBundle.getBundle("sun.security.util.Resources");
+        java.util.ResourceBundle.getBundle(
+            "sun.security.tools.keytool.Resources");
     private static final Collator collator = Collator.getInstance();
     static {
         // this is for case insensitive string comparisons
         collator.setStrength(Collator.PRIMARY);
     };
 
-    private KeyTool() { }
+    private Main() { }
 
     public static void main(String[] args) throws Exception {
-        KeyTool kt = new KeyTool();
+        Main kt = new Main();
         kt.run(args, System.out);
     }
 
@@ -907,7 +909,7 @@ public final class KeyTool {
         }
 
         if (trustcacerts) {
-            caks = getCacertsKeyStore();
+            caks = KeyStoreUtil.getCacertsKeyStore();
         }
 
         // Perform the specified command
@@ -2076,7 +2078,7 @@ public final class KeyTool {
                 for (GeneralName name: names.names()) {
                     if (name.getType() == GeneralNameInterface.NAME_URI) {
                         URIName uriName = (URIName)name.getName();
-                        for (CRL crl: KeyTool.loadCRLs(uriName.getName())) {
+                        for (CRL crl: loadCRLs(uriName.getName())) {
                             if (crl instanceof X509CRL) {
                                 crls.add((X509CRL)crl);
                             }
@@ -3370,27 +3372,6 @@ public final class KeyTool {
         return reply;
     }
 
-    /**
-     * Returns the keystore with the configured CA certificates.
-     */
-    public static KeyStore getCacertsKeyStore()
-        throws Exception
-    {
-        String sep = File.separator;
-        File file = new File(System.getProperty("java.home") + sep
-                             + "lib" + sep + "security" + sep
-                             + "cacerts");
-        if (!file.exists()) {
-            return null;
-        }
-        KeyStore caks = null;
-        try (FileInputStream fis = new FileInputStream(file)) {
-            caks = KeyStore.getInstance(JKS);
-            caks.load(fis, null);
-        }
-        return caks;
-    }
-
     /**
      * Stores the (leaf) certificates of a keystore in a hashtable.
      * All certs belonging to the same CA are stored in a vector that
@@ -4056,59 +4037,11 @@ public final class KeyTool {
     }
 
     private char[] getPass(String modifier, String arg) {
-        char[] output = getPassWithModifier(modifier, arg);
+        char[] output = KeyStoreUtil.getPassWithModifier(modifier, arg, rb);
         if (output != null) return output;
         tinyHelp();
         return null;    // Useless, tinyHelp() already exits.
     }
-
-    // This method also used by JarSigner
-    public static char[] getPassWithModifier(String modifier, String arg) {
-        if (modifier == null) {
-            return arg.toCharArray();
-        } else if (collator.compare(modifier, "env") == 0) {
-            String value = System.getenv(arg);
-            if (value == null) {
-                System.err.println(rb.getString(
-                        "Cannot.find.environment.variable.") + arg);
-                return null;
-            } else {
-                return value.toCharArray();
-            }
-        } else if (collator.compare(modifier, "file") == 0) {
-            try {
-                URL url = null;
-                try {
-                    url = new URL(arg);
-                } catch (java.net.MalformedURLException mue) {
-                    File f = new File(arg);
-                    if (f.exists()) {
-                        url = f.toURI().toURL();
-                    } else {
-                        System.err.println(rb.getString(
-                                "Cannot.find.file.") + arg);
-                        return null;
-                    }
-                }
-                BufferedReader br = new BufferedReader(new InputStreamReader(
-                            url.openStream()));
-                String value = br.readLine();
-                br.close();
-                if (value == null) {
-                    return new char[0];
-                } else {
-                    return value.toCharArray();
-                }
-            } catch (IOException ioe) {
-                System.err.println(ioe);
-                return null;
-            }
-        } else {
-            System.err.println(rb.getString("Unknown.password.type.") +
-                    modifier);
-            return null;
-        }
-    }
 }
 
 // This class is exactly the same as com.sun.tools.javac.util.Pair,

src/share/classes/sun/security/tools/policytool/PolicyTool.java

 /*
- * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -60,7 +60,8 @@ public class PolicyTool {
 
     // for i18n
     static final java.util.ResourceBundle rb =
-        java.util.ResourceBundle.getBundle("sun.security.util.Resources");
+        java.util.ResourceBundle.getBundle(
+            "sun.security.tools.policytool.Resources");
     static final Collator collator = Collator.getInstance();
     static {
         // this is for case insensitive string comparisons

test/sun/security/pkcs12/PKCS12SameKeyId.java

@@ -25,6 +25,8 @@
  * @test
  * @bug 6958026
  * @summary Problem with PKCS12 keystore
+ * @compile -XDignore.symbol.file PKCS12SameKeyId.java
+ * @run main PKCS12SameKeyId
  */
 
 import java.io.File;
@@ -40,7 +42,6 @@ import javax.crypto.SecretKeyFactory;
 import javax.crypto.spec.PBEKeySpec;
 import javax.crypto.spec.PBEParameterSpec;
 import sun.security.pkcs.EncryptedPrivateKeyInfo;
-import sun.security.tools.KeyTool;
 import sun.security.util.ObjectIdentifier;
 import sun.security.x509.AlgorithmId;
 import sun.security.x509.X500Name;
@@ -61,7 +62,7 @@ public class PKCS12SameKeyId {
             String cmd = "-keystore " + JKSFILE
                     + " -storepass changeit -keypass changeit "
                     + "-genkeypair -alias p" + i + " -dname CN=" + i;
-            KeyTool.main(cmd.split(" "));
+            sun.security.tools.keytool.Main.main(cmd.split(" "));
         }
 
         // Prepare EncryptedPrivateKeyInfo parameters, copied from various

test/sun/security/tools/jarsigner/JarSigningNonAscii.java

@@ -62,7 +62,7 @@ public class JarSigningNonAscii {
                         "-signedJar", signedJar,
                         unsignedJar, "b"
                         };
-        JarSigner.main(jsArgs);
+        sun.security.tools.jarsigner.Main.main(jsArgs);
 
         //  verify the signed jar file
 

test/sun/security/tools/jarsigner/LargeJarEntry.java

@@ -35,7 +35,6 @@ import java.io.FileOutputStream;
 import java.util.jar.JarEntry;
 import java.util.jar.JarOutputStream;
 import java.util.zip.CRC32;
-import sun.security.tools.JarSigner;
 
 public class LargeJarEntry {
 
@@ -73,7 +72,7 @@ public class LargeJarEntry {
                 jarName, "b" };
         // now, try to sign it
         try {
-            JarSigner.main(jsArgs);
+            sun.security.tools.jarsigner.Main.main(jsArgs);
         } catch (OutOfMemoryError err) {
             throw new Exception("Test failed with OutOfMemoryError", err);
         } finally {