164 private List<String> v3ext = new ArrayList<>(); |
163 private List<String> v3ext = new ArrayList<>(); |
165 |
164 |
166 enum Command { |
165 enum Command { |
167 CERTREQ("Generates.a.certificate.request", |
166 CERTREQ("Generates.a.certificate.request", |
168 ALIAS, SIGALG, FILEOUT, KEYPASS, KEYSTORE, DNAME, |
167 ALIAS, SIGALG, FILEOUT, KEYPASS, KEYSTORE, DNAME, |
169 STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS, |
168 STOREPASS, STORETYPE, PROVIDERNAME, ADDPROVIDER, |
170 PROVIDERARG, PROVIDERPATH, V, PROTECTED), |
169 PROVIDERCLASS, PROVIDERPATH, V, PROTECTED), |
171 CHANGEALIAS("Changes.an.entry.s.alias", |
170 CHANGEALIAS("Changes.an.entry.s.alias", |
172 ALIAS, DESTALIAS, KEYPASS, KEYSTORE, STOREPASS, |
171 ALIAS, DESTALIAS, KEYPASS, KEYSTORE, STOREPASS, |
173 STORETYPE, PROVIDERNAME, PROVIDERCLASS, PROVIDERARG, |
172 STORETYPE, PROVIDERNAME, ADDPROVIDER, PROVIDERCLASS, |
174 PROVIDERPATH, V, PROTECTED), |
173 PROVIDERPATH, V, PROTECTED), |
175 DELETE("Deletes.an.entry", |
174 DELETE("Deletes.an.entry", |
176 ALIAS, KEYSTORE, STOREPASS, STORETYPE, |
175 ALIAS, KEYSTORE, STOREPASS, STORETYPE, |
177 PROVIDERNAME, PROVIDERCLASS, PROVIDERARG, |
176 PROVIDERNAME, ADDPROVIDER, PROVIDERCLASS, |
178 PROVIDERPATH, V, PROTECTED), |
177 PROVIDERPATH, V, PROTECTED), |
179 EXPORTCERT("Exports.certificate", |
178 EXPORTCERT("Exports.certificate", |
180 RFC, ALIAS, FILEOUT, KEYSTORE, STOREPASS, |
179 RFC, ALIAS, FILEOUT, KEYSTORE, STOREPASS, |
181 STORETYPE, PROVIDERNAME, PROVIDERCLASS, PROVIDERARG, |
180 STORETYPE, PROVIDERNAME, ADDPROVIDER, PROVIDERCLASS, |
182 PROVIDERPATH, V, PROTECTED), |
181 PROVIDERPATH, V, PROTECTED), |
183 GENKEYPAIR("Generates.a.key.pair", |
182 GENKEYPAIR("Generates.a.key.pair", |
184 ALIAS, KEYALG, KEYSIZE, SIGALG, DESTALIAS, DNAME, |
183 ALIAS, KEYALG, KEYSIZE, SIGALG, DESTALIAS, DNAME, |
185 STARTDATE, EXT, VALIDITY, KEYPASS, KEYSTORE, |
184 STARTDATE, EXT, VALIDITY, KEYPASS, KEYSTORE, |
186 STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS, |
185 STOREPASS, STORETYPE, PROVIDERNAME, ADDPROVIDER, |
187 PROVIDERARG, PROVIDERPATH, V, PROTECTED), |
186 PROVIDERCLASS, PROVIDERPATH, V, PROTECTED), |
188 GENSECKEY("Generates.a.secret.key", |
187 GENSECKEY("Generates.a.secret.key", |
189 ALIAS, KEYPASS, KEYALG, KEYSIZE, KEYSTORE, |
188 ALIAS, KEYPASS, KEYALG, KEYSIZE, KEYSTORE, |
190 STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS, |
189 STOREPASS, STORETYPE, PROVIDERNAME, ADDPROVIDER, |
191 PROVIDERARG, PROVIDERPATH, V, PROTECTED), |
190 PROVIDERCLASS, PROVIDERPATH, V, PROTECTED), |
192 GENCERT("Generates.certificate.from.a.certificate.request", |
191 GENCERT("Generates.certificate.from.a.certificate.request", |
193 RFC, INFILE, OUTFILE, ALIAS, SIGALG, DNAME, |
192 RFC, INFILE, OUTFILE, ALIAS, SIGALG, DNAME, |
194 STARTDATE, EXT, VALIDITY, KEYPASS, KEYSTORE, |
193 STARTDATE, EXT, VALIDITY, KEYPASS, KEYSTORE, |
195 STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS, |
194 STOREPASS, STORETYPE, PROVIDERNAME, ADDPROVIDER, |
196 PROVIDERARG, PROVIDERPATH, V, PROTECTED), |
195 PROVIDERCLASS, PROVIDERPATH, V, PROTECTED), |
197 IMPORTCERT("Imports.a.certificate.or.a.certificate.chain", |
196 IMPORTCERT("Imports.a.certificate.or.a.certificate.chain", |
198 NOPROMPT, TRUSTCACERTS, PROTECTED, ALIAS, FILEIN, |
197 NOPROMPT, TRUSTCACERTS, PROTECTED, ALIAS, FILEIN, |
199 KEYPASS, KEYSTORE, STOREPASS, STORETYPE, |
198 KEYPASS, KEYSTORE, STOREPASS, STORETYPE, |
200 PROVIDERNAME, PROVIDERCLASS, PROVIDERARG, |
199 PROVIDERNAME, ADDPROVIDER, PROVIDERCLASS, |
201 PROVIDERPATH, V), |
200 PROVIDERPATH, V), |
202 IMPORTPASS("Imports.a.password", |
201 IMPORTPASS("Imports.a.password", |
203 ALIAS, KEYPASS, KEYALG, KEYSIZE, KEYSTORE, |
202 ALIAS, KEYPASS, KEYALG, KEYSIZE, KEYSTORE, |
204 STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS, |
203 STOREPASS, STORETYPE, PROVIDERNAME, ADDPROVIDER, |
205 PROVIDERARG, PROVIDERPATH, V, PROTECTED), |
204 PROVIDERCLASS, PROVIDERPATH, V, PROTECTED), |
206 IMPORTKEYSTORE("Imports.one.or.all.entries.from.another.keystore", |
205 IMPORTKEYSTORE("Imports.one.or.all.entries.from.another.keystore", |
207 SRCKEYSTORE, DESTKEYSTORE, SRCSTORETYPE, |
206 SRCKEYSTORE, DESTKEYSTORE, SRCSTORETYPE, |
208 DESTSTORETYPE, SRCSTOREPASS, DESTSTOREPASS, |
207 DESTSTORETYPE, SRCSTOREPASS, DESTSTOREPASS, |
209 SRCPROTECTED, DESTPROTECTED, SRCPROVIDERNAME, DESTPROVIDERNAME, |
208 SRCPROTECTED, DESTPROTECTED, SRCPROVIDERNAME, DESTPROVIDERNAME, |
210 SRCALIAS, DESTALIAS, SRCKEYPASS, DESTKEYPASS, |
209 SRCALIAS, DESTALIAS, SRCKEYPASS, DESTKEYPASS, |
211 NOPROMPT, PROVIDERCLASS, PROVIDERARG, PROVIDERPATH, |
210 NOPROMPT, ADDPROVIDER, PROVIDERCLASS, PROVIDERPATH, |
212 V), |
211 V), |
213 KEYPASSWD("Changes.the.key.password.of.an.entry", |
212 KEYPASSWD("Changes.the.key.password.of.an.entry", |
214 ALIAS, KEYPASS, NEW, KEYSTORE, STOREPASS, |
213 ALIAS, KEYPASS, NEW, KEYSTORE, STOREPASS, |
215 STORETYPE, PROVIDERNAME, PROVIDERCLASS, PROVIDERARG, |
214 STORETYPE, PROVIDERNAME, ADDPROVIDER, PROVIDERCLASS, |
216 PROVIDERPATH, V), |
215 PROVIDERPATH, V), |
217 LIST("Lists.entries.in.a.keystore", |
216 LIST("Lists.entries.in.a.keystore", |
218 RFC, ALIAS, KEYSTORE, STOREPASS, STORETYPE, |
217 RFC, ALIAS, KEYSTORE, STOREPASS, STORETYPE, |
219 PROVIDERNAME, PROVIDERCLASS, PROVIDERARG, |
218 PROVIDERNAME, ADDPROVIDER, PROVIDERCLASS, |
220 PROVIDERPATH, V, PROTECTED), |
219 PROVIDERPATH, V, PROTECTED), |
221 PRINTCERT("Prints.the.content.of.a.certificate", |
220 PRINTCERT("Prints.the.content.of.a.certificate", |
222 RFC, FILEIN, SSLSERVER, JARFILE, V), |
221 RFC, FILEIN, SSLSERVER, JARFILE, V), |
223 PRINTCERTREQ("Prints.the.content.of.a.certificate.request", |
222 PRINTCERTREQ("Prints.the.content.of.a.certificate.request", |
224 FILEIN, V), |
223 FILEIN, V), |
225 PRINTCRL("Prints.the.content.of.a.CRL.file", |
224 PRINTCRL("Prints.the.content.of.a.CRL.file", |
226 FILEIN, V), |
225 FILEIN, V), |
227 STOREPASSWD("Changes.the.store.password.of.a.keystore", |
226 STOREPASSWD("Changes.the.store.password.of.a.keystore", |
228 NEW, KEYSTORE, STOREPASS, STORETYPE, PROVIDERNAME, |
227 NEW, KEYSTORE, STOREPASS, STORETYPE, PROVIDERNAME, |
229 PROVIDERCLASS, PROVIDERARG, PROVIDERPATH, V), |
228 ADDPROVIDER, PROVIDERCLASS, PROVIDERPATH, V), |
230 |
229 |
231 // Undocumented start here, KEYCLONE is used a marker in -help; |
230 // Undocumented start here, KEYCLONE is used a marker in -help; |
232 |
231 |
233 KEYCLONE("Clones.a.key.entry", |
232 KEYCLONE("Clones.a.key.entry", |
234 ALIAS, DESTALIAS, KEYPASS, NEW, STORETYPE, |
233 ALIAS, DESTALIAS, KEYPASS, NEW, STORETYPE, |
235 KEYSTORE, STOREPASS, PROVIDERNAME, PROVIDERCLASS, |
234 KEYSTORE, STOREPASS, PROVIDERNAME, ADDPROVIDER, |
236 PROVIDERARG, PROVIDERPATH, V), |
235 PROVIDERCLASS, PROVIDERPATH, V), |
237 SELFCERT("Generates.a.self.signed.certificate", |
236 SELFCERT("Generates.a.self.signed.certificate", |
238 ALIAS, SIGALG, DNAME, STARTDATE, VALIDITY, KEYPASS, |
237 ALIAS, SIGALG, DNAME, STARTDATE, VALIDITY, KEYPASS, |
239 STORETYPE, KEYSTORE, STOREPASS, PROVIDERNAME, |
238 STORETYPE, KEYSTORE, STOREPASS, PROVIDERNAME, |
240 PROVIDERCLASS, PROVIDERARG, PROVIDERPATH, V), |
239 ADDPROVIDER, PROVIDERCLASS, PROVIDERPATH, V), |
241 GENCRL("Generates.CRL", |
240 GENCRL("Generates.CRL", |
242 RFC, FILEOUT, ID, |
241 RFC, FILEOUT, ID, |
243 ALIAS, SIGALG, EXT, KEYPASS, KEYSTORE, |
242 ALIAS, SIGALG, EXT, KEYPASS, KEYSTORE, |
244 STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS, |
243 STOREPASS, STORETYPE, PROVIDERNAME, ADDPROVIDER, |
245 PROVIDERARG, PROVIDERPATH, V, PROTECTED), |
244 PROVIDERCLASS, PROVIDERPATH, V, PROTECTED), |
246 IDENTITYDB("Imports.entries.from.a.JDK.1.1.x.style.identity.database", |
245 IDENTITYDB("Imports.entries.from.a.JDK.1.1.x.style.identity.database", |
247 FILEIN, STORETYPE, KEYSTORE, STOREPASS, PROVIDERNAME, |
246 FILEIN, STORETYPE, KEYSTORE, STOREPASS, PROVIDERNAME, |
248 PROVIDERCLASS, PROVIDERARG, PROVIDERPATH, V); |
247 ADDPROVIDER, PROVIDERCLASS, PROVIDERPATH, V); |
249 |
248 |
250 final String description; |
249 final String description; |
251 final Option[] options; |
250 final Option[] options; |
252 final String name; |
251 final String name; |
253 |
252 |
287 Command.IMPORTPASS.setAltName("-importpassword"); |
286 Command.IMPORTPASS.setAltName("-importpassword"); |
288 } |
287 } |
289 |
288 |
290 enum Option { |
289 enum Option { |
291 ALIAS("alias", "<alias>", "alias.name.of.the.entry.to.process"), |
290 ALIAS("alias", "<alias>", "alias.name.of.the.entry.to.process"), |
292 DESTALIAS("destalias", "<destalias>", "destination.alias"), |
291 DESTALIAS("destalias", "<alias>", "destination.alias"), |
293 DESTKEYPASS("destkeypass", "<arg>", "destination.key.password"), |
292 DESTKEYPASS("destkeypass", "<arg>", "destination.key.password"), |
294 DESTKEYSTORE("destkeystore", "<destkeystore>", "destination.keystore.name"), |
293 DESTKEYSTORE("destkeystore", "<keystore>", "destination.keystore.name"), |
295 DESTPROTECTED("destprotected", null, "destination.keystore.password.protected"), |
294 DESTPROTECTED("destprotected", null, "destination.keystore.password.protected"), |
296 DESTPROVIDERNAME("destprovidername", "<destprovidername>", "destination.keystore.provider.name"), |
295 DESTPROVIDERNAME("destprovidername", "<name>", "destination.keystore.provider.name"), |
297 DESTSTOREPASS("deststorepass", "<arg>", "destination.keystore.password"), |
296 DESTSTOREPASS("deststorepass", "<arg>", "destination.keystore.password"), |
298 DESTSTORETYPE("deststoretype", "<deststoretype>", "destination.keystore.type"), |
297 DESTSTORETYPE("deststoretype", "<type>", "destination.keystore.type"), |
299 DNAME("dname", "<dname>", "distinguished.name"), |
298 DNAME("dname", "<name>", "distinguished.name"), |
300 EXT("ext", "<value>", "X.509.extension"), |
299 EXT("ext", "<value>", "X.509.extension"), |
301 FILEOUT("file", "<filename>", "output.file.name"), |
300 FILEOUT("file", "<file>", "output.file.name"), |
302 FILEIN("file", "<filename>", "input.file.name"), |
301 FILEIN("file", "<file>", "input.file.name"), |
303 ID("id", "<id:reason>", "Serial.ID.of.cert.to.revoke"), |
302 ID("id", "<id:reason>", "Serial.ID.of.cert.to.revoke"), |
304 INFILE("infile", "<filename>", "input.file.name"), |
303 INFILE("infile", "<file>", "input.file.name"), |
305 KEYALG("keyalg", "<keyalg>", "key.algorithm.name"), |
304 KEYALG("keyalg", "<alg>", "key.algorithm.name"), |
306 KEYPASS("keypass", "<arg>", "key.password"), |
305 KEYPASS("keypass", "<arg>", "key.password"), |
307 KEYSIZE("keysize", "<keysize>", "key.bit.size"), |
306 KEYSIZE("keysize", "<size>", "key.bit.size"), |
308 KEYSTORE("keystore", "<keystore>", "keystore.name"), |
307 KEYSTORE("keystore", "<keystore>", "keystore.name"), |
309 NEW("new", "<arg>", "new.password"), |
308 NEW("new", "<arg>", "new.password"), |
310 NOPROMPT("noprompt", null, "do.not.prompt"), |
309 NOPROMPT("noprompt", null, "do.not.prompt"), |
311 OUTFILE("outfile", "<filename>", "output.file.name"), |
310 OUTFILE("outfile", "<file>", "output.file.name"), |
312 PROTECTED("protected", null, "password.through.protected.mechanism"), |
311 PROTECTED("protected", null, "password.through.protected.mechanism"), |
313 PROVIDERARG("providerarg", "<arg>", "provider.argument"), |
312 PROVIDERCLASS("providerclass", "<class>\n[-providerarg <arg>]", "provider.class.option"), |
314 PROVIDERCLASS("providerclass", "<providerclass>", "provider.class.name"), |
313 ADDPROVIDER("addprovider", "<name>\n[-providerarg <arg>]", "addprovider.option"), |
315 PROVIDERNAME("providername", "<providername>", "provider.name"), |
314 PROVIDERNAME("providername", "<name>", "provider.name"), |
316 PROVIDERPATH("providerpath", "<pathlist>", "provider.classpath"), |
315 PROVIDERPATH("providerpath", "<list>", "provider.classpath"), |
317 RFC("rfc", null, "output.in.RFC.style"), |
316 RFC("rfc", null, "output.in.RFC.style"), |
318 SIGALG("sigalg", "<sigalg>", "signature.algorithm.name"), |
317 SIGALG("sigalg", "<alg>", "signature.algorithm.name"), |
319 SRCALIAS("srcalias", "<srcalias>", "source.alias"), |
318 SRCALIAS("srcalias", "<alias>", "source.alias"), |
320 SRCKEYPASS("srckeypass", "<arg>", "source.key.password"), |
319 SRCKEYPASS("srckeypass", "<arg>", "source.key.password"), |
321 SRCKEYSTORE("srckeystore", "<srckeystore>", "source.keystore.name"), |
320 SRCKEYSTORE("srckeystore", "<keystore>", "source.keystore.name"), |
322 SRCPROTECTED("srcprotected", null, "source.keystore.password.protected"), |
321 SRCPROTECTED("srcprotected", null, "source.keystore.password.protected"), |
323 SRCPROVIDERNAME("srcprovidername", "<srcprovidername>", "source.keystore.provider.name"), |
322 SRCPROVIDERNAME("srcprovidername", "<name>", "source.keystore.provider.name"), |
324 SRCSTOREPASS("srcstorepass", "<arg>", "source.keystore.password"), |
323 SRCSTOREPASS("srcstorepass", "<arg>", "source.keystore.password"), |
325 SRCSTORETYPE("srcstoretype", "<srcstoretype>", "source.keystore.type"), |
324 SRCSTORETYPE("srcstoretype", "<type>", "source.keystore.type"), |
326 SSLSERVER("sslserver", "<server[:port]>", "SSL.server.host.and.port"), |
325 SSLSERVER("sslserver", "<server[:port]>", "SSL.server.host.and.port"), |
327 JARFILE("jarfile", "<filename>", "signed.jar.file"), |
326 JARFILE("jarfile", "<file>", "signed.jar.file"), |
328 STARTDATE("startdate", "<startdate>", "certificate.validity.start.date.time"), |
327 STARTDATE("startdate", "<date>", "certificate.validity.start.date.time"), |
329 STOREPASS("storepass", "<arg>", "keystore.password"), |
328 STOREPASS("storepass", "<arg>", "keystore.password"), |
330 STORETYPE("storetype", "<storetype>", "keystore.type"), |
329 STORETYPE("storetype", "<type>", "keystore.type"), |
331 TRUSTCACERTS("trustcacerts", null, "trust.certificates.from.cacerts"), |
330 TRUSTCACERTS("trustcacerts", null, "trust.certificates.from.cacerts"), |
332 V("v", null, "verbose.output"), |
331 V("v", null, "verbose.output"), |
333 VALIDITY("validity", "<valDays>", "validity.number.of.days"); |
332 VALIDITY("validity", "<days>", "validity.number.of.days"); |
334 |
333 |
335 final String name, arg, description; |
334 final String name, arg, description; |
336 Option(String name, String arg, String description) { |
335 Option(String name, String arg, String description) { |
337 this.name = name; |
336 this.name = name; |
338 this.arg = arg; |
337 this.arg = arg; |