提交 af0405f0 编写于 作者: W weijun

8029659: Keytool, print key algorithm of certificate or key entry

Reviewed-by: xuelei
上级 2d2ec5a7
......@@ -64,6 +64,8 @@ import java.security.cert.X509CRLEntry;
import java.security.cert.X509CRLSelector;
import javax.security.auth.x500.X500Principal;
import java.util.Base64;
import sun.security.util.KeyUtil;
import sun.security.util.ObjectIdentifier;
import sun.security.pkcs10.PKCS10;
import sun.security.pkcs10.PKCS10Attribute;
......@@ -1061,8 +1063,13 @@ public final class Main {
doChangeKeyPasswd(alias);
kssave = true;
} else if (command == LIST) {
if (storePass == null
&& !KeyStoreUtil.isWindowsKeyStore(storetype)) {
printWarning();
}
if (alias != null) {
doPrintEntry(alias, out, true);
doPrintEntry(alias, out);
} else {
doPrintEntries(out);
}
......@@ -1724,15 +1731,9 @@ public final class Main {
/**
* Prints a single keystore entry.
*/
private void doPrintEntry(String alias, PrintStream out,
boolean printWarning)
private void doPrintEntry(String alias, PrintStream out)
throws Exception
{
if (storePass == null && printWarning
&& !KeyStoreUtil.isWindowsKeyStore(storetype)) {
printWarning();
}
if (keyStore.containsAlias(alias) == false) {
MessageFormat form = new MessageFormat
(rb.getString("Alias.alias.does.not.exist"));
......@@ -2049,13 +2050,6 @@ public final class Main {
private void doPrintEntries(PrintStream out)
throws Exception
{
if (storePass == null
&& !KeyStoreUtil.isWindowsKeyStore(storetype)) {
printWarning();
} else {
out.println();
}
out.println(rb.getString("Keystore.type.") + keyStore.getType());
out.println(rb.getString("Keystore.provider.") +
keyStore.getProvider().getName());
......@@ -2074,7 +2068,7 @@ public final class Main {
for (Enumeration<String> e = keyStore.aliases();
e.hasMoreElements(); ) {
String alias = e.nextElement();
doPrintEntry(alias, out, false);
doPrintEntry(alias, out);
if (verbose || rfc) {
out.println(rb.getString("NEWLINE"));
out.println(rb.getString
......@@ -2881,6 +2875,7 @@ public final class Main {
MessageFormat form = new MessageFormat
(rb.getString(".PATTERN.printX509Cert"));
PublicKey pkey = cert.getPublicKey();
Object[] source = {cert.getSubjectDN().toString(),
cert.getIssuerDN().toString(),
cert.getSerialNumber().toString(16),
......@@ -2890,7 +2885,9 @@ public final class Main {
getCertFingerPrint("SHA1", cert),
getCertFingerPrint("SHA-256", cert),
cert.getSigAlgName(),
cert.getVersion()
pkey.getAlgorithm(),
KeyUtil.getKeySize(pkey),
cert.getVersion(),
};
out.println(form.format(source));
......
......@@ -346,7 +346,7 @@ public class Resources extends java.util.ListResourceBundle {
{".RETURN.if.same.as.for.otherAlias.",
"\t(RETURN if same as for <{0}>)"},
{".PATTERN.printX509Cert",
"Owner: {0}\nIssuer: {1}\nSerial number: {2}\nValid from: {3} until: {4}\nCertificate fingerprints:\n\t MD5: {5}\n\t SHA1: {6}\n\t SHA256: {7}\n\t Signature algorithm name: {8}\n\t Version: {9}"},
"Owner: {0}\nIssuer: {1}\nSerial number: {2}\nValid from: {3} until: {4}\nCertificate fingerprints:\n\t MD5: {5}\n\t SHA1: {6}\n\t SHA256: {7}\nSignature algorithm name: {8}\nSubject Public Key Algorithm: {9} ({10,number,#})\nVersion: {11}"},
{"What.is.your.first.and.last.name.",
"What is your first and last name?"},
{"What.is.the.name.of.your.organizational.unit.",
......
#
# Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 2 only, as
# published by the Free Software Foundation.
#
# This code is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# version 2 for more details (a copy is included in the LICENSE file that
# accompanied this code).
#
# You should have received a copy of the GNU General Public License version
# 2 along with this work; if not, write to the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
# or visit www.oracle.com if you need additional information or have any
# questions.
#
# @test
# @bug 8029659
# @summary Keytool, print key algorithm of certificate or key entry
#
if [ "${TESTJAVA}" = "" ] ; then
JAVAC_CMD=`which javac`
TESTJAVA=`dirname $JAVAC_CMD`/..
fi
KS=ks
KEYTOOL="$TESTJAVA/bin/keytool ${TESTTOOLVMOPTS} -keystore ks -storepass changeit -keypass changeit"
rm $KS 2> /dev/null
$KEYTOOL -genkeypair -alias ca -dname CN=CA -keyalg EC || exit 1
$KEYTOOL -genkeypair -alias user -dname CN=User -keyalg RSA -keysize 1024 || exit 2
$KEYTOOL -certreq -alias user |
$KEYTOOL -gencert -alias ca -rfc -sigalg SHA1withECDSA |
$KEYTOOL -printcert > user.dump || exit 3
cat user.dump | grep "Signature algorithm name:" | grep SHA1withECDSA || exit 4
cat user.dump | grep "Subject Public Key Algorithm:" | grep RSA | grep 1024 || exit 5
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册