jdk-sandbox: comparison test/jdk/sun/security/tools/keytool/KeyToolTest.java

equal deleted inserted replaced

-:4a09d4df104c
+:046e4024e55a
 try {
 // Workaround for "8057810: Make SHA256withDSA the default
 // jarsigner and keytool algorithm for DSA keys". Unfortunately
 // SunPKCS11-NSS does not support SHA256withDSA yet.
 if (cmd.contains("p11-nss.txt") && cmd.contains("-genkey")
-&& !cmd.contains("-keyalg")) {
+&& cmd.contains("DSA")) {
 cmd += " -sigalg SHA1withDSA -keysize 1024";
 }
 test(input, cmd);
 } catch(Exception e) {
 afterFail(input, cmd, "OK");
 // name changes: genkeypair, importcert, exportcert
 remove("x.jks");
 remove("x.jks.p1.cert");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
-"-keypass changeit -genkeypair -alias p1 -dname CN=olala");
+"-keypass changeit -genkeypair -keyalg DSA -alias p1 -dname CN=olala");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
 "-exportcert -alias p1 -file x.jks.p1.cert");
 ks = loadStore("x.jks", "changeit", "JKS");
 assertTrue(ks.getKey("p1", "changeit".toCharArray()) != null,
 "key not DSA");
 X509CertImpl certImpl = new X509CertImpl(encoded);
 assertTrue(certImpl.getVersion() == 3, "Version is not 3");
 // changealias and keyclone
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
-"-keypass changeit -genkeypair -alias p1 -dname CN=olala");
+"-keypass changeit -genkeypair -keyalg DSA -alias p1 -dname CN=olala");
 testOK("changeit\n", "-keystore x.jks -storetype JKS " +
 "-changealias -alias p1 -destalias p11");
 testOK("changeit\n", "-keystore x.jks -storetype JKS " +
 "-changealias -alias c1 -destalias c11");
 // press ENTER when prompt for p111's keypass
 // genSecKey
 remove("x.jceks");
 // DES, no need keysize
 testOK("changeit\nchangeit\n\n", "-keystore x.jceks -storetype JCEKS " +
-"-genseckey -alias s1");
+"-genseckey -keyalg DES -alias s1");
 // DES, keysize cannot be 128
 testFail("changeit\n\n", "-keystore x.jceks -storetype JCEKS " +
-"-genseckey -alias s11 -keysize 128");
+"-genseckey -keyalg DES -alias s11 -keysize 128");
 // DESede. no need keysize
 testOK("changeit\n\n", "-keystore x.jceks -storetype JCEKS " +
 "-genseckey -keyalg DESede -alias s2");
 // AES, need keysize
 testFail("changeit\n\n", "-keystore x.jceks -storetype AES " +
 testOK("changeit\n\n", "-keystore x.jceks -storetype JCEKS " +
 "-genseckey -keyalg AES -alias s3 -keysize 128");
 // about keypass
 // can accept storepass
 testOK("\n", "-keystore x.jceks -storetype JCEKS -storepass changeit " +
-"-genseckey -alias s4");
+"-genseckey -keyalg DES -alias s4");
 // or a new one
 testOK("keypass\nkeypass\n", "-keystore x.jceks -storetype JCEKS " +
-"-storepass changeit -genseckey -alias s5");
+"-storepass changeit -genseckey -keyalg DES -alias s5");
 // keypass must be valid (prompt 3 times)
 testOK("bad\n\bad\nkeypass\nkeypass\n", "-keystore x.jceks " +
-"-storetype JCEKS -storepass changeit -genseckey -alias s6");
+"-storetype JCEKS -storepass changeit -genseckey " +
+"-keyalg DES -alias s6");
 // keypass must be valid (prompt 3 times)
 testFail("bad\n\bad\nbad\n", "-keystore x.jceks -storetype JCEKS " +
-"-storepass changeit -genseckey -alias s7");
+"-storepass changeit -genseckey -keyalg DES -alias s7");
 // keypass must be valid (prompt 3 times)
 testFail("bad\n\bad\nbad\nkeypass\n", "-keystore x.jceks " +
-"-storetype JCEKS -storepass changeit -genseckey -alias s7");
+"-storetype JCEKS -storepass changeit -genseckey -keyalg DES -alias s7");
 ks = loadStore("x.jceks", "changeit", "JCEKS");
 assertTrue(ks.getKey("s1", "changeit".toCharArray())
 .getAlgorithm().equalsIgnoreCase("DES"), "s1 is DES");
 assertTrue(ks.getKey("s1", "changeit".toCharArray())
 .getEncoded().length == 8,  "DES is 56");
 // importKeyStore
 remove("x.jks");
 remove("x.jceks");
 // create 2 entries...
 testOK("changeit\nchangeit\n\n", "-keystore x.jceks -storetype JCEKS " +
-"-genkeypair -alias p1 -dname CN=Olala");
+"-genkeypair -keyalg DSA -alias p1 -dname CN=Olala");
 testOK("", "-keystore x.jceks -storetype JCEKS -storepass changeit " +
 "-importcert -alias c1 -file x.jks.p1.cert -noprompt");
 ks = loadStore("x.jceks", "changeit", "JCEKS");
 assertTrue(ks.size() == 2, "2 entries in JCEKS");
 // import, shouldn't mention destalias/srckeypass/destkeypass
 // importkeystore single, different keypass
 remove("x.jks");
 // generate entry with different keypass
 testOK("changeit\nkeypass\nkeypass\n", "-keystore x.jceks " +
-"-storetype JCEKS -genkeypair -alias p2 -dname CN=Olala");
+"-storetype JCEKS -genkeypair -keyalg DSA -alias p2 -dname CN=Olala");
 // prompt
 testOK("changeit\nchangeit\nchangeit\nkeypass\n", "-importkeystore " +
 "-srckeystore x.jceks -srcstoretype JCEKS " +
 "-destkeystore x.jks -deststoretype JKS -srcalias p2");
 ks = loadStore("x.jks", "changeit", "JKS");
 // importkeystore, secretkey
 remove("x.jks");
 // create SecretKeyEntry
 testOK("changeit\n\n", "-keystore x.jceks -storetype JCEKS " +
-"-genseckey -alias s1");
+"-genseckey -keyalg DES -alias s1");
 // create SecretKeyEntry
 testOK("changeit\n\n", "-keystore x.jceks -storetype JCEKS " +
-"-genseckey -alias s2");
+"-genseckey -keyalg DES -alias s2");
 // remove the keypass!=storepass one
 testOK("changeit\n", "-keystore x.jceks -storetype JCEKS " +
 "-delete -alias p2");
 ks = loadStore("x.jceks", "changeit", "JCEKS");
 // p1, c1, s1, s2
 testFail("changeit\nchangeit\n", "-keystore x.jks -storetype JKS " +
 "-genkeypair -alias p1 -dname CN=olala");
 remove("x.jks");
 // just type ENTER means keypass=storepass
 testOK("changeit\nchangeit\n\n", "-keystore x.jks -storetype JKS " +
-"-genkeypair -alias p1 -dname CN=olala");
+"-genkeypair -keyalg DSA -alias p1 -dname CN=olala");
 remove("x.p12");
 // PKCS12 only need storepass
 testOK("", "-keystore x.p12 -storetype PKCS12 -storepass changeit " +
-"-genkeypair -alias p0 -dname CN=olala");
+"-genkeypair -keyalg DSA -alias p0 -dname CN=olala");
 testOK("changeit\n", "-keystore x.p12 -storetype PKCS12 " +
-"-genkeypair -alias p1 -dname CN=olala");
+"-genkeypair -keyalg DSA -alias p1 -dname CN=olala");
 // when specify keypass, make sure keypass==storepass...
 testOK("changeit\n", "-keystore x.p12 -keypass changeit " +
 "-storetype PKCS12 -genkeypair -keyalg DSA -alias p3 -dname CN=olala");
 assertTrue(err.indexOf("Warning") == -1,
 "PKCS12 silent when keypass == storepass");
 // pkcs12
 remove("x.p12");
 // PKCS12 only need storepass
 testOK("", "-keystore x.p12 -storetype PKCS12 -storepass changeit " +
-"-genkeypair -alias p0 -dname CN=olala");
+"-genkeypair -keyalg DSA -alias p0 -dname CN=olala");
 testOK("", "-storepass changeit -keystore x.p12 -storetype PKCS12 " +
-"-genkeypair -alias p1 -dname CN=olala");
+"-genkeypair -keyalg DSA -alias p1 -dname CN=olala");
 // when specify keypass, make sure keypass==storepass...
 testOK("", "-storepass changeit -keystore x.p12 -keypass changeit " +
 "-storetype PKCS12 -genkeypair -keyalg DSA -alias p3 -dname CN=olala");
 assertTrue(err.indexOf("Warning") == -1,
 "PKCS12 silent when keypass == storepass");
 assertTrue(out.indexOf("Your keystore contains 0 entries") != -1,
 "*** MAKE SURE YOU HAVE NO ENTRIES IN YOUR PKCS11 KEYSTORE " +
 "BEFORE THIS TEST ***");
 testOK("", p11Arg +
-"-storepass test12 -genkeypair -alias p1 -dname CN=olala");
+"-storepass test12 -genkeypair -keyalg DSA -alias p1 -dname CN=olala");
-testOK("test12\n", p11Arg + "-genkeypair -alias p2 -dname CN=olala2");
+testOK("test12\n", p11Arg + "-genkeypair -keyalg DSA -alias p2 -dname CN=olala2");
 // cannot provide keypass for PKCS11
 testFail("test12\n", p11Arg +
-"-keypass test12 -genkeypair -alias p3 -dname CN=olala3");
+"-keypass test12 -genkeypair -keyalg DSA -alias p3 -dname CN=olala3");
 // cannot provide keypass for PKCS11
 testFail("test12\n", p11Arg +
-"-keypass nonsense -genkeypair -alias p3 -dname CN=olala3");
+"-keypass nonsense -genkeypair -keyalg DSA -alias p3 -dname CN=olala3");
 testOK("", p11Arg + "-storepass test12 -list");
 assertTrue(out.indexOf("Your keystore contains 2 entries") != -1,
 "2 entries in p11");
 void testPKCS11ImportKeyStore() throws Exception {
 KeyStore ks;
 testOK("", p11Arg +
-"-storepass test12 -genkeypair -alias p1 -dname CN=olala");
+"-storepass test12 -genkeypair -keyalg DSA -alias p1 -dname CN=olala");
-testOK("test12\n", p11Arg + "-genkeypair -alias p2 -dname CN=olala2");
+testOK("test12\n", p11Arg + "-genkeypair -keyalg DSA -alias p2 -dname CN=olala2");
 // test importkeystore for pkcs11
 remove("x.jks");
 // pkcs11 -> jks
 testOK("changeit\nchangeit\ntest12\n", srcP11Arg +
 // Import: cacert, prompt, trusted, non-trusted, bad chain, not match
 void sqeImportTest() throws Exception {
 KeyStore ks;
 remove("x.jks");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
-"-keypass changeit -genkeypair -dname CN=olala");
+"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
 "-exportcert -file x.jks.p1.cert");
 /* deleted */ testOK("", "-keystore x.jks -storetype JKS " +
 "-storepass changeit -delete -alias mykey");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
 }
 // keyclone: exist. nonexist err, cert err, dest exist, misc
 void sqeKeyclonetest() throws Exception {
 remove("x.jks");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
-"-keypass changeit -genkeypair -dname CN=olala");
+"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala");
 // new pass
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
 "-keypass changeit -new newpass -keyclone -dest p0");
 // new pass
 testOK("\n", "-keystore x.jks -storetype JKS -storepass changeit " +
 }
 // keypasswd: exist, short, nonexist err, cert err, misc
 void sqeKeypasswdTest() throws Exception {
 remove("x.jks");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
-"-keypass changeit -genkeypair -dname CN=olala");
+"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
 "-keypass changeit -keypasswd -new newpass");
 /*change back*/ testOK("", "-keystore x.jks -storetype JKS " +
 "-storepass changeit -keypass newpass -keypasswd -new changeit");
 testOK("newpass\nnewpass\n", "-keystore x.jks -storetype JKS " +
 "-keypass changeit -keypasswd -new newpass");
 // diff pass
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
 "-delete -alias mykey");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
-"-keypass keypass -genkeypair -dname CN=olala");
+"-keypass keypass -genkeypair -keyalg DSA -dname CN=olala");
 testFail("", "-keystore x.jks -storetype JKS -storepass changeit " +
 "-keypasswd -new newpass");
 testOK("keypass\n", "-keystore x.jks -storetype JKS " +
 "-storepass changeit -keypasswd -new newpass");
 // i hate those misc test
 // list: -f -alias, exist, nonexist err;
 // otherwise, check all shows, -rfc shows more, and misc
 void sqeListTest() throws Exception {
 remove("x.jks");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
-"-keypass changeit -genkeypair -dname CN=olala");
+"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit -list");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
 "-list -alias mykey");
 testFail("", "-keystore x.jks -storetype JKS -storepass changeit " +
 "-list -alias notexist");
 }
 // selfcert: exist, non-exist err, cert err, sig, dname, wrong keypass, misc
 void sqeSelfCertTest() throws Exception {
 remove("x.jks");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
-"-keypass changeit -genkeypair -dname CN=olala");
+"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit -selfcert");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
 "-keypass changeit -selfcert");
 // not exist
 testFail("", "-keystore x.jks -storetype JKS -storepass changeit " +
 testFail("", "-keystore aa//dd\\gg -storepass changeit " +
 "-keypass changeit -selfcert");
 // diff pass
 remove("x.jks");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
-"-keypass keypass -genkeypair -dname CN=olala");
+"-keypass keypass -genkeypair -keyalg DSA -dname CN=olala");
 testFail("", "-keystore x.jks -storetype JKS " +
 "-storepass changeit -selfcert");
 testOK("keypass\n", "-keystore x.jks -storetype JKS " +
 "-storepass changeit -selfcert");
 }
 // storepass: bad old, short new, misc
 void sqeStorepassTest() throws Exception {
 remove("x.jks");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
-"-keypass changeit -genkeypair -dname CN=olala");
+"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala");
 // all in arg
 testOK("", "-storepasswd -keystore x.jks -storetype JKS " +
 "-storepass changeit -new newstore");
 /* Change back */ testOK("", "-storepasswd -keystore x.jks" +
 " -storetype JKS -storepass newstore -new changeit");
 void sqeGenkeyTest() throws Exception {
 remove("x.jks");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
-"-keypass changeit -genkeypair -dname CN=olala");
+"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala");
 testFail("", "-keystore x.jks -storetype JKS -storepass changeit " +
-"-keypass changeit -genkeypair -dname CN=olala");
+"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
-"-keypass changeit -genkeypair -dname CN=olala -alias newentry");
+"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala -alias newentry");
 testFail("", "-keystore x.jks -storetype JKS -storepass changeit " +
-"-keypass changeit -genkeypair -dname CN=olala -alias newentry");
+"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala -alias newentry");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
 "-keypass changeit -genkeypair -dname CN=olala -keyalg DSA " +
 "-alias n1");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
 "-keypass changeit -genkeypair -dname CN=olala -keyalg RSA " +
 "-alias n2");
 testFail("", "-keystore x.jks -storetype JKS -storepass changeit " +
 "-keypass changeit -genkeypair -dname CN=olala " +
 "-keyalg NoSuchAlg -alias n3");
 testFail("", "-keystore x.jks -storetype JKS -storepass changeit " +
-"-keypass changeit -genkeypair -dname CN=olala -keysize 56 " +
+"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala -keysize 56 " +
 "-alias n4");
 testFail("", "-keystore x.jks -storetype JKS -storepass changeit " +
-"-keypass changeit -genkeypair -dname CN=olala -keysize 999 " +
+"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala -keysize 999 " +
 "-alias n5");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
-"-keypass changeit -genkeypair -dname CN=olala -keysize 512 " +
+"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala -keysize 512 " +
 "-alias n6");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
-"-keypass changeit -genkeypair -dname CN=olala -keysize 1024 " +
+"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala -keysize 1024 " +
 "-alias n7");
 testFail("", "-keystore x.jks -storetype JKS -storepass changeit " +
-"-keypass changeit -genkeypair -dname CN=olala " +
+"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala " +
 "-sigalg NoSuchAlg -alias n8");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
 "-keypass changeit -genkeypair -dname CN=olala -keyalg RSA " +
 "-sigalg MD2withRSA -alias n9");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
 "-sigalg SHA1withRSA -alias n11");
 testFail("", "-keystore aa\\bb//cc\\dd -storepass changeit " +
 "-keypass changeit -genkeypair -dname CN=olala -keyalg RSA " +
 "-sigalg NoSuchAlg -alias n12");
 testFail("", "-keystore badkeystore -storepass changeit " +
-"-keypass changeit -genkeypair -dname CN=olala " +
+"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala " +
 "-alias n14");
 testFail("", "-keystore x.jks -storetype JKS -storepass badpass " +
-"-keypass changeit -genkeypair -dname CN=olala -alias n16");
+"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala -alias n16");
 testFail("", "-keystore x.jks -storetype JKS -storepass changeit " +
-"-keypass changeit -genkeypair -dname CNN=olala -alias n17");
+"-keypass changeit -genkeypair -keyalg DSA -dname CNN=olala -alias n17");
 remove("x.jks");
 }
 void sqeExportTest() throws Exception {
 remove("x.jks");
 // nonexist
 testFail("", "-keystore x.jks -storetype JKS -storepass changeit " +
 "-export -file mykey.cert -alias mykey");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
-"-keypass changeit -genkeypair -dname CN=olala");
+"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
 "-export -file mykey.cert -alias mykey");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
 "-delete -alias mykey");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
 remove("x.jks");
 // nonexist
 testFail("", "-keystore x.jks -storetype JKS -storepass changeit " +
 "-delete -alias mykey");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
-"-keypass changeit -genkeypair -dname CN=olala");
+"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
 "-delete -alias mykey");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
-"-keypass changeit -genkeypair -dname CN=olala");
+"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala");
 // keystore name illegal
 testFail("", "-keystore aa\\bb//cc\\dd -storepass changeit " +
 "-delete -alias mykey");
 // keystore not exist
 testFail("", "-keystore nonexistkeystore -storepass changeit " +
 remove("x.jks");
 remove("x.jks.p1.cert");
 remove("csr1");
 // PrivateKeyEntry can do certreq
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
-"-keypass changeit -genkeypair -dname CN=olala -keysize 1024");
+"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala -keysize 1024");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
 "-certreq -file csr1 -alias mykey");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
 "-certreq -file csr1");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
 void sqePrintcertTest() throws Exception {
 remove("x.jks");
 remove("mykey.cert");
 remove("myweakkey.cert");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
-"-keypass changeit -genkeypair -dname CN=olala");
+"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
 "-export -file mykey.cert -alias mykey");
 testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
 "-keypass changeit -genkeypair -dname CN=weak -keyalg rsa " +
 "-keysize 512 -sigalg MD5withRSA -alias myweakkey");
 void v3extTest(String keyAlg) throws Exception {
 KeyStore ks;
 remove("x.jks");
 String simple = "-keystore x.jks -storetype JKS -storepass changeit " +
 "-keypass changeit -noprompt -keyalg " + keyAlg + " ";
-String pre = simple + "-genkeypair -dname CN=Olala -alias ";
+String pre = simple + "-genkeypair -keyalg DSA -dname CN=Olala -alias ";
 // Version and SKID
 testOK("", pre + "o1");
 ks = loadStore("x.jks", "changeit", "JKS");
 void i18nTest() throws Exception {
 //   1.  keytool -help
 remove("x.jks");
 testOK("", "-help");
-//   2. keytool -genkey -v -keysize 512 Enter "a" for the keystore
+//   2. keytool -genkey -keyalg DSA -v -keysize 512 Enter "a" for the keystore
 // password. Check error (password too short). Enter "password" for
 // the keystore password. Hit 'return' for "first and last name",
 // "organizational unit", "City", "State", and "Country Code".
 // Type "yes" when they ask you if everything is correct.
 // Type 'return' for new key password.
 testOK("a\npassword\npassword\nMe\nHere\nNow\nPlace\nPlace\nUS\nyes\n\n",
-"-genkey -v -keysize 512 -keystore x.jks -storetype JKS");
+"-genkey -keyalg DSA -v -keysize 512 -keystore x.jks -storetype JKS");
 //   3. keytool -list -v -storepass password
 testOK("", "-list -v -storepass password -keystore x.jks -storetype JKS");
 //   4. keytool -list -v Type "a" for the keystore password.
 // Check error (wrong keystore password).
 testFail("a\n", "-list -v -keystore x.jks -storetype JKS");
 assertTrue(ex.indexOf("password was incorrect") != -1);
-//   5. keytool -genkey -v -keysize 512 Enter "password" as the password.
+//   5. keytool - -keyalg DSA -v -keysize 512 Enter "password" as the password.
 // Check error (alias 'mykey' already exists).
-testFail("password\n", "-genkey -v -keysize 512" +
+testFail("password\n", "-genkey -keyalg DSA -v -keysize 512" +
 " -keystore x.jks -storetype JKS");
 assertTrue(ex.indexOf("alias <mykey> already exists") != -1);
-//   6. keytool -genkey -v -keysize 512 -alias mykey2 -storepass password
+//   6. keytool -genkey -keyalg DSA -v -keysize 512 -alias mykey2 -storepass password
 // Hit 'return' for "first and last name", "organizational unit", "City",
 // "State", and "Country Code". Type "yes" when they ask you if
 // everything is correct. Type 'return' for new key password.
-testOK("\n\n\n\n\n\nyes\n\n", "-genkey -v -keysize 512 -alias mykey2" +
+testOK("\n\n\n\n\n\nyes\n\n", "-genkey -keyalg DSA -v -keysize 512 -alias mykey2" +
 " -storepass password -keystore x.jks -storetype JKS");
 //   7. keytool -list -v Type 'password' for the store password.
 testOK("password\n", "-list -v -keystore x.jks -storetype JKS");
 //   8. keytool -keypasswd -v -alias mykey2 -storepass password
 // Type "a" for the new key password. Type "aaaaaa" for the new key
 // tesing new option -srcProviderName
 void sszzTest() throws Exception {
 testAnyway("", NSS_P11_ARG+"-delete -alias nss -storepass test12");
 testAnyway("", NZZ_P11_ARG+"-delete -alias nss -storepass test12");
-testOK("", NSS_P11_ARG+"-genkeypair -dname CN=NSS " +
+testOK("", NSS_P11_ARG+"-genkeypair -keyalg DSA -dname CN=NSS " +
 "-alias nss -storepass test12");
 testOK("", NSS_SRC_P11_ARG + NZZ_P11_ARG +
 "-importkeystore -srcstorepass test12 -deststorepass test12");
 testAnyway("", NSS_P11_ARG+"-delete -alias nss -storepass test12");
 testAnyway("", NZZ_P11_ARG+"-delete -alias nss -storepass test12");

changeset 59104	046e4024e55a
parent 58902	197238c30630